diff options
author | Linus Torvalds <torvalds@ppc970.osdl.org> | 2005-04-16 18:20:36 -0400 |
---|---|---|
committer | Linus Torvalds <torvalds@ppc970.osdl.org> | 2005-04-16 18:20:36 -0400 |
commit | 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (patch) | |
tree | 0bba044c4ce775e45a88a51686b5d9f90697ea9d /net/bluetooth |
Linux-2.6.12-rc2
Initial git repository build. I'm not bothering with the full history,
even though we have it. We can create a separate "historical" git
archive of that later if we want to, and in the meantime it's about
3.2GB when imported into git - space that would just make the early
git days unnecessarily complicated, when we don't have a lot of good
infrastructure for it.
Let it rip!
Diffstat (limited to 'net/bluetooth')
34 files changed, 16066 insertions, 0 deletions
diff --git a/net/bluetooth/Kconfig b/net/bluetooth/Kconfig new file mode 100644 index 00000000000..6929490d095 --- /dev/null +++ b/net/bluetooth/Kconfig | |||
@@ -0,0 +1,63 @@ | |||
1 | # | ||
2 | # Bluetooth subsystem configuration | ||
3 | # | ||
4 | |||
5 | menuconfig BT | ||
6 | depends on NET | ||
7 | tristate "Bluetooth subsystem support" | ||
8 | help | ||
9 | Bluetooth is low-cost, low-power, short-range wireless technology. | ||
10 | It was designed as a replacement for cables and other short-range | ||
11 | technologies like IrDA. Bluetooth operates in personal area range | ||
12 | that typically extends up to 10 meters. More information about | ||
13 | Bluetooth can be found at <http://www.bluetooth.com/>. | ||
14 | |||
15 | Linux Bluetooth subsystem consist of several layers: | ||
16 | Bluetooth Core (HCI device and connection manager, scheduler) | ||
17 | HCI Device drivers (Interface to the hardware) | ||
18 | SCO Module (SCO audio links) | ||
19 | L2CAP Module (Logical Link Control and Adaptation Protocol) | ||
20 | RFCOMM Module (RFCOMM Protocol) | ||
21 | BNEP Module (Bluetooth Network Encapsulation Protocol) | ||
22 | CMTP Module (CAPI Message Transport Protocol) | ||
23 | HIDP Module (Human Interface Device Protocol) | ||
24 | |||
25 | Say Y here to compile Bluetooth support into the kernel or say M to | ||
26 | compile it as module (bluetooth). | ||
27 | |||
28 | To use Linux Bluetooth subsystem, you will need several user-space | ||
29 | utilities like hciconfig and hcid. These utilities and updates to | ||
30 | Bluetooth kernel modules are provided in the BlueZ packages. | ||
31 | For more information, see <http://www.bluez.org/>. | ||
32 | |||
33 | config BT_L2CAP | ||
34 | tristate "L2CAP protocol support" | ||
35 | depends on BT | ||
36 | help | ||
37 | L2CAP (Logical Link Control and Adaptation Protocol) provides | ||
38 | connection oriented and connection-less data transport. L2CAP | ||
39 | support is required for most Bluetooth applications. | ||
40 | |||
41 | Say Y here to compile L2CAP support into the kernel or say M to | ||
42 | compile it as module (l2cap). | ||
43 | |||
44 | config BT_SCO | ||
45 | tristate "SCO links support" | ||
46 | depends on BT | ||
47 | help | ||
48 | SCO link provides voice transport over Bluetooth. SCO support is | ||
49 | required for voice applications like Headset and Audio. | ||
50 | |||
51 | Say Y here to compile SCO support into the kernel or say M to | ||
52 | compile it as module (sco). | ||
53 | |||
54 | source "net/bluetooth/rfcomm/Kconfig" | ||
55 | |||
56 | source "net/bluetooth/bnep/Kconfig" | ||
57 | |||
58 | source "net/bluetooth/cmtp/Kconfig" | ||
59 | |||
60 | source "net/bluetooth/hidp/Kconfig" | ||
61 | |||
62 | source "drivers/bluetooth/Kconfig" | ||
63 | |||
diff --git a/net/bluetooth/Makefile b/net/bluetooth/Makefile new file mode 100644 index 00000000000..d1e433f7d67 --- /dev/null +++ b/net/bluetooth/Makefile | |||
@@ -0,0 +1,13 @@ | |||
1 | # | ||
2 | # Makefile for the Linux Bluetooth subsystem. | ||
3 | # | ||
4 | |||
5 | obj-$(CONFIG_BT) += bluetooth.o | ||
6 | obj-$(CONFIG_BT_L2CAP) += l2cap.o | ||
7 | obj-$(CONFIG_BT_SCO) += sco.o | ||
8 | obj-$(CONFIG_BT_RFCOMM) += rfcomm/ | ||
9 | obj-$(CONFIG_BT_BNEP) += bnep/ | ||
10 | obj-$(CONFIG_BT_CMTP) += cmtp/ | ||
11 | obj-$(CONFIG_BT_HIDP) += hidp/ | ||
12 | |||
13 | bluetooth-objs := af_bluetooth.o hci_core.o hci_conn.o hci_event.o hci_sock.o hci_sysfs.o lib.o | ||
diff --git a/net/bluetooth/af_bluetooth.c b/net/bluetooth/af_bluetooth.c new file mode 100644 index 00000000000..1650c6bf699 --- /dev/null +++ b/net/bluetooth/af_bluetooth.c | |||
@@ -0,0 +1,355 @@ | |||
1 | /* | ||
2 | BlueZ - Bluetooth protocol stack for Linux | ||
3 | Copyright (C) 2000-2001 Qualcomm Incorporated | ||
4 | |||
5 | Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com> | ||
6 | |||
7 | This program is free software; you can redistribute it and/or modify | ||
8 | it under the terms of the GNU General Public License version 2 as | ||
9 | published by the Free Software Foundation; | ||
10 | |||
11 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS | ||
12 | OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | ||
13 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. | ||
14 | IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY | ||
15 | CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES | ||
16 | WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | ||
17 | ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | ||
18 | OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | ||
19 | |||
20 | ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, | ||
21 | COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS | ||
22 | SOFTWARE IS DISCLAIMED. | ||
23 | */ | ||
24 | |||
25 | /* Bluetooth address family and sockets. */ | ||
26 | |||
27 | #include <linux/config.h> | ||
28 | #include <linux/module.h> | ||
29 | |||
30 | #include <linux/types.h> | ||
31 | #include <linux/list.h> | ||
32 | #include <linux/errno.h> | ||
33 | #include <linux/kernel.h> | ||
34 | #include <linux/major.h> | ||
35 | #include <linux/sched.h> | ||
36 | #include <linux/slab.h> | ||
37 | #include <linux/skbuff.h> | ||
38 | #include <linux/init.h> | ||
39 | #include <linux/poll.h> | ||
40 | #include <linux/proc_fs.h> | ||
41 | #include <net/sock.h> | ||
42 | |||
43 | #if defined(CONFIG_KMOD) | ||
44 | #include <linux/kmod.h> | ||
45 | #endif | ||
46 | |||
47 | #include <net/bluetooth/bluetooth.h> | ||
48 | |||
49 | #ifndef CONFIG_BT_SOCK_DEBUG | ||
50 | #undef BT_DBG | ||
51 | #define BT_DBG(D...) | ||
52 | #endif | ||
53 | |||
54 | #define VERSION "2.7" | ||
55 | |||
56 | struct proc_dir_entry *proc_bt; | ||
57 | EXPORT_SYMBOL(proc_bt); | ||
58 | |||
59 | /* Bluetooth sockets */ | ||
60 | #define BT_MAX_PROTO 8 | ||
61 | static struct net_proto_family *bt_proto[BT_MAX_PROTO]; | ||
62 | |||
63 | int bt_sock_register(int proto, struct net_proto_family *ops) | ||
64 | { | ||
65 | if (proto < 0 || proto >= BT_MAX_PROTO) | ||
66 | return -EINVAL; | ||
67 | |||
68 | if (bt_proto[proto]) | ||
69 | return -EEXIST; | ||
70 | |||
71 | bt_proto[proto] = ops; | ||
72 | return 0; | ||
73 | } | ||
74 | EXPORT_SYMBOL(bt_sock_register); | ||
75 | |||
76 | int bt_sock_unregister(int proto) | ||
77 | { | ||
78 | if (proto < 0 || proto >= BT_MAX_PROTO) | ||
79 | return -EINVAL; | ||
80 | |||
81 | if (!bt_proto[proto]) | ||
82 | return -ENOENT; | ||
83 | |||
84 | bt_proto[proto] = NULL; | ||
85 | return 0; | ||
86 | } | ||
87 | EXPORT_SYMBOL(bt_sock_unregister); | ||
88 | |||
89 | static int bt_sock_create(struct socket *sock, int proto) | ||
90 | { | ||
91 | int err = 0; | ||
92 | |||
93 | if (proto < 0 || proto >= BT_MAX_PROTO) | ||
94 | return -EINVAL; | ||
95 | |||
96 | #if defined(CONFIG_KMOD) | ||
97 | if (!bt_proto[proto]) { | ||
98 | request_module("bt-proto-%d", proto); | ||
99 | } | ||
100 | #endif | ||
101 | err = -EPROTONOSUPPORT; | ||
102 | if (bt_proto[proto] && try_module_get(bt_proto[proto]->owner)) { | ||
103 | err = bt_proto[proto]->create(sock, proto); | ||
104 | module_put(bt_proto[proto]->owner); | ||
105 | } | ||
106 | return err; | ||
107 | } | ||
108 | |||
109 | void bt_sock_link(struct bt_sock_list *l, struct sock *sk) | ||
110 | { | ||
111 | write_lock_bh(&l->lock); | ||
112 | sk_add_node(sk, &l->head); | ||
113 | write_unlock_bh(&l->lock); | ||
114 | } | ||
115 | EXPORT_SYMBOL(bt_sock_link); | ||
116 | |||
117 | void bt_sock_unlink(struct bt_sock_list *l, struct sock *sk) | ||
118 | { | ||
119 | write_lock_bh(&l->lock); | ||
120 | sk_del_node_init(sk); | ||
121 | write_unlock_bh(&l->lock); | ||
122 | } | ||
123 | EXPORT_SYMBOL(bt_sock_unlink); | ||
124 | |||
125 | void bt_accept_enqueue(struct sock *parent, struct sock *sk) | ||
126 | { | ||
127 | BT_DBG("parent %p, sk %p", parent, sk); | ||
128 | |||
129 | sock_hold(sk); | ||
130 | list_add_tail(&bt_sk(sk)->accept_q, &bt_sk(parent)->accept_q); | ||
131 | bt_sk(sk)->parent = parent; | ||
132 | parent->sk_ack_backlog++; | ||
133 | } | ||
134 | EXPORT_SYMBOL(bt_accept_enqueue); | ||
135 | |||
136 | void bt_accept_unlink(struct sock *sk) | ||
137 | { | ||
138 | BT_DBG("sk %p state %d", sk, sk->sk_state); | ||
139 | |||
140 | list_del_init(&bt_sk(sk)->accept_q); | ||
141 | bt_sk(sk)->parent->sk_ack_backlog--; | ||
142 | bt_sk(sk)->parent = NULL; | ||
143 | sock_put(sk); | ||
144 | } | ||
145 | EXPORT_SYMBOL(bt_accept_unlink); | ||
146 | |||
147 | struct sock *bt_accept_dequeue(struct sock *parent, struct socket *newsock) | ||
148 | { | ||
149 | struct list_head *p, *n; | ||
150 | struct sock *sk; | ||
151 | |||
152 | BT_DBG("parent %p", parent); | ||
153 | |||
154 | list_for_each_safe(p, n, &bt_sk(parent)->accept_q) { | ||
155 | sk = (struct sock *) list_entry(p, struct bt_sock, accept_q); | ||
156 | |||
157 | lock_sock(sk); | ||
158 | |||
159 | /* FIXME: Is this check still needed */ | ||
160 | if (sk->sk_state == BT_CLOSED) { | ||
161 | release_sock(sk); | ||
162 | bt_accept_unlink(sk); | ||
163 | continue; | ||
164 | } | ||
165 | |||
166 | if (sk->sk_state == BT_CONNECTED || !newsock) { | ||
167 | bt_accept_unlink(sk); | ||
168 | if (newsock) | ||
169 | sock_graft(sk, newsock); | ||
170 | release_sock(sk); | ||
171 | return sk; | ||
172 | } | ||
173 | |||
174 | release_sock(sk); | ||
175 | } | ||
176 | return NULL; | ||
177 | } | ||
178 | EXPORT_SYMBOL(bt_accept_dequeue); | ||
179 | |||
180 | int bt_sock_recvmsg(struct kiocb *iocb, struct socket *sock, | ||
181 | struct msghdr *msg, size_t len, int flags) | ||
182 | { | ||
183 | int noblock = flags & MSG_DONTWAIT; | ||
184 | struct sock *sk = sock->sk; | ||
185 | struct sk_buff *skb; | ||
186 | size_t copied; | ||
187 | int err; | ||
188 | |||
189 | BT_DBG("sock %p sk %p len %d", sock, sk, len); | ||
190 | |||
191 | if (flags & (MSG_OOB)) | ||
192 | return -EOPNOTSUPP; | ||
193 | |||
194 | if (!(skb = skb_recv_datagram(sk, flags, noblock, &err))) { | ||
195 | if (sk->sk_shutdown & RCV_SHUTDOWN) | ||
196 | return 0; | ||
197 | return err; | ||
198 | } | ||
199 | |||
200 | msg->msg_namelen = 0; | ||
201 | |||
202 | copied = skb->len; | ||
203 | if (len < copied) { | ||
204 | msg->msg_flags |= MSG_TRUNC; | ||
205 | copied = len; | ||
206 | } | ||
207 | |||
208 | skb->h.raw = skb->data; | ||
209 | err = skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied); | ||
210 | |||
211 | skb_free_datagram(sk, skb); | ||
212 | |||
213 | return err ? : copied; | ||
214 | } | ||
215 | EXPORT_SYMBOL(bt_sock_recvmsg); | ||
216 | |||
217 | static inline unsigned int bt_accept_poll(struct sock *parent) | ||
218 | { | ||
219 | struct list_head *p, *n; | ||
220 | struct sock *sk; | ||
221 | |||
222 | list_for_each_safe(p, n, &bt_sk(parent)->accept_q) { | ||
223 | sk = (struct sock *) list_entry(p, struct bt_sock, accept_q); | ||
224 | if (sk->sk_state == BT_CONNECTED) | ||
225 | return POLLIN | POLLRDNORM; | ||
226 | } | ||
227 | |||
228 | return 0; | ||
229 | } | ||
230 | |||
231 | unsigned int bt_sock_poll(struct file * file, struct socket *sock, poll_table *wait) | ||
232 | { | ||
233 | struct sock *sk = sock->sk; | ||
234 | unsigned int mask = 0; | ||
235 | |||
236 | BT_DBG("sock %p, sk %p", sock, sk); | ||
237 | |||
238 | poll_wait(file, sk->sk_sleep, wait); | ||
239 | |||
240 | if (sk->sk_state == BT_LISTEN) | ||
241 | return bt_accept_poll(sk); | ||
242 | |||
243 | if (sk->sk_err || !skb_queue_empty(&sk->sk_error_queue)) | ||
244 | mask |= POLLERR; | ||
245 | |||
246 | if (sk->sk_shutdown == SHUTDOWN_MASK) | ||
247 | mask |= POLLHUP; | ||
248 | |||
249 | if (!skb_queue_empty(&sk->sk_receive_queue) || | ||
250 | (sk->sk_shutdown & RCV_SHUTDOWN)) | ||
251 | mask |= POLLIN | POLLRDNORM; | ||
252 | |||
253 | if (sk->sk_state == BT_CLOSED) | ||
254 | mask |= POLLHUP; | ||
255 | |||
256 | if (sk->sk_state == BT_CONNECT || | ||
257 | sk->sk_state == BT_CONNECT2 || | ||
258 | sk->sk_state == BT_CONFIG) | ||
259 | return mask; | ||
260 | |||
261 | if (sock_writeable(sk)) | ||
262 | mask |= POLLOUT | POLLWRNORM | POLLWRBAND; | ||
263 | else | ||
264 | set_bit(SOCK_ASYNC_NOSPACE, &sk->sk_socket->flags); | ||
265 | |||
266 | return mask; | ||
267 | } | ||
268 | EXPORT_SYMBOL(bt_sock_poll); | ||
269 | |||
270 | int bt_sock_wait_state(struct sock *sk, int state, unsigned long timeo) | ||
271 | { | ||
272 | DECLARE_WAITQUEUE(wait, current); | ||
273 | int err = 0; | ||
274 | |||
275 | BT_DBG("sk %p", sk); | ||
276 | |||
277 | add_wait_queue(sk->sk_sleep, &wait); | ||
278 | while (sk->sk_state != state) { | ||
279 | set_current_state(TASK_INTERRUPTIBLE); | ||
280 | |||
281 | if (!timeo) { | ||
282 | err = -EAGAIN; | ||
283 | break; | ||
284 | } | ||
285 | |||
286 | if (signal_pending(current)) { | ||
287 | err = sock_intr_errno(timeo); | ||
288 | break; | ||
289 | } | ||
290 | |||
291 | release_sock(sk); | ||
292 | timeo = schedule_timeout(timeo); | ||
293 | lock_sock(sk); | ||
294 | |||
295 | if (sk->sk_err) { | ||
296 | err = sock_error(sk); | ||
297 | break; | ||
298 | } | ||
299 | } | ||
300 | set_current_state(TASK_RUNNING); | ||
301 | remove_wait_queue(sk->sk_sleep, &wait); | ||
302 | return err; | ||
303 | } | ||
304 | EXPORT_SYMBOL(bt_sock_wait_state); | ||
305 | |||
306 | static struct net_proto_family bt_sock_family_ops = { | ||
307 | .owner = THIS_MODULE, | ||
308 | .family = PF_BLUETOOTH, | ||
309 | .create = bt_sock_create, | ||
310 | }; | ||
311 | |||
312 | extern int hci_sock_init(void); | ||
313 | extern int hci_sock_cleanup(void); | ||
314 | |||
315 | extern int bt_sysfs_init(void); | ||
316 | extern int bt_sysfs_cleanup(void); | ||
317 | |||
318 | static int __init bt_init(void) | ||
319 | { | ||
320 | BT_INFO("Core ver %s", VERSION); | ||
321 | |||
322 | proc_bt = proc_mkdir("bluetooth", NULL); | ||
323 | if (proc_bt) | ||
324 | proc_bt->owner = THIS_MODULE; | ||
325 | |||
326 | sock_register(&bt_sock_family_ops); | ||
327 | |||
328 | BT_INFO("HCI device and connection manager initialized"); | ||
329 | |||
330 | bt_sysfs_init(); | ||
331 | |||
332 | hci_sock_init(); | ||
333 | |||
334 | return 0; | ||
335 | } | ||
336 | |||
337 | static void __exit bt_exit(void) | ||
338 | { | ||
339 | hci_sock_cleanup(); | ||
340 | |||
341 | bt_sysfs_cleanup(); | ||
342 | |||
343 | sock_unregister(PF_BLUETOOTH); | ||
344 | |||
345 | remove_proc_entry("bluetooth", NULL); | ||
346 | } | ||
347 | |||
348 | subsys_initcall(bt_init); | ||
349 | module_exit(bt_exit); | ||
350 | |||
351 | MODULE_AUTHOR("Maxim Krasnyansky <maxk@qualcomm.com>, Marcel Holtmann <marcel@holtmann.org>"); | ||
352 | MODULE_DESCRIPTION("Bluetooth Core ver " VERSION); | ||
353 | MODULE_VERSION(VERSION); | ||
354 | MODULE_LICENSE("GPL"); | ||
355 | MODULE_ALIAS_NETPROTO(PF_BLUETOOTH); | ||
diff --git a/net/bluetooth/bnep/Kconfig b/net/bluetooth/bnep/Kconfig new file mode 100644 index 00000000000..35158b036d5 --- /dev/null +++ b/net/bluetooth/bnep/Kconfig | |||
@@ -0,0 +1,24 @@ | |||
1 | config BT_BNEP | ||
2 | tristate "BNEP protocol support" | ||
3 | depends on BT && BT_L2CAP | ||
4 | select CRC32 | ||
5 | help | ||
6 | BNEP (Bluetooth Network Encapsulation Protocol) is Ethernet | ||
7 | emulation layer on top of Bluetooth. BNEP is required for | ||
8 | Bluetooth PAN (Personal Area Network). | ||
9 | |||
10 | Say Y here to compile BNEP support into the kernel or say M to | ||
11 | compile it as module (bnep). | ||
12 | |||
13 | config BT_BNEP_MC_FILTER | ||
14 | bool "Multicast filter support" | ||
15 | depends on BT_BNEP | ||
16 | help | ||
17 | This option enables the multicast filter support for BNEP. | ||
18 | |||
19 | config BT_BNEP_PROTO_FILTER | ||
20 | bool "Protocol filter support" | ||
21 | depends on BT_BNEP | ||
22 | help | ||
23 | This option enables the protocol filter support for BNEP. | ||
24 | |||
diff --git a/net/bluetooth/bnep/Makefile b/net/bluetooth/bnep/Makefile new file mode 100644 index 00000000000..c7821e76ca5 --- /dev/null +++ b/net/bluetooth/bnep/Makefile | |||
@@ -0,0 +1,7 @@ | |||
1 | # | ||
2 | # Makefile for the Linux Bluetooth BNEP layer. | ||
3 | # | ||
4 | |||
5 | obj-$(CONFIG_BT_BNEP) += bnep.o | ||
6 | |||
7 | bnep-objs := core.o sock.o netdev.o | ||
diff --git a/net/bluetooth/bnep/bnep.h b/net/bluetooth/bnep/bnep.h new file mode 100644 index 00000000000..bbb1ed7097a --- /dev/null +++ b/net/bluetooth/bnep/bnep.h | |||
@@ -0,0 +1,184 @@ | |||
1 | /* | ||
2 | BNEP protocol definition for Linux Bluetooth stack (BlueZ). | ||
3 | Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com> | ||
4 | |||
5 | This program is free software; you can redistribute it and/or modify | ||
6 | it under the terms of the GNU General Public License, version 2, as | ||
7 | published by the Free Software Foundation. | ||
8 | |||
9 | This program is distributed in the hope that it will be useful, | ||
10 | but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
11 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
12 | GNU General Public License for more details. | ||
13 | |||
14 | You should have received a copy of the GNU General Public License | ||
15 | along with this program; if not, write to the Free Software | ||
16 | Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA | ||
17 | */ | ||
18 | |||
19 | /* | ||
20 | * $Id: bnep.h,v 1.5 2002/08/04 21:23:58 maxk Exp $ | ||
21 | */ | ||
22 | |||
23 | #ifndef _BNEP_H | ||
24 | #define _BNEP_H | ||
25 | |||
26 | #include <linux/types.h> | ||
27 | #include <linux/crc32.h> | ||
28 | #include <net/bluetooth/bluetooth.h> | ||
29 | |||
30 | // Limits | ||
31 | #define BNEP_MAX_PROTO_FILTERS 5 | ||
32 | #define BNEP_MAX_MULTICAST_FILTERS 20 | ||
33 | |||
34 | // UUIDs | ||
35 | #define BNEP_BASE_UUID 0x0000000000001000800000805F9B34FB | ||
36 | #define BNEP_UUID16 0x02 | ||
37 | #define BNEP_UUID32 0x04 | ||
38 | #define BNEP_UUID128 0x16 | ||
39 | |||
40 | #define BNEP_SVC_PANU 0x1115 | ||
41 | #define BNEP_SVC_NAP 0x1116 | ||
42 | #define BNEP_SVC_GN 0x1117 | ||
43 | |||
44 | // Packet types | ||
45 | #define BNEP_GENERAL 0x00 | ||
46 | #define BNEP_CONTROL 0x01 | ||
47 | #define BNEP_COMPRESSED 0x02 | ||
48 | #define BNEP_COMPRESSED_SRC_ONLY 0x03 | ||
49 | #define BNEP_COMPRESSED_DST_ONLY 0x04 | ||
50 | |||
51 | // Control types | ||
52 | #define BNEP_CMD_NOT_UNDERSTOOD 0x00 | ||
53 | #define BNEP_SETUP_CONN_REQ 0x01 | ||
54 | #define BNEP_SETUP_CONN_RSP 0x02 | ||
55 | #define BNEP_FILTER_NET_TYPE_SET 0x03 | ||
56 | #define BNEP_FILTER_NET_TYPE_RSP 0x04 | ||
57 | #define BNEP_FILTER_MULTI_ADDR_SET 0x05 | ||
58 | #define BNEP_FILTER_MULTI_ADDR_RSP 0x06 | ||
59 | |||
60 | // Extension types | ||
61 | #define BNEP_EXT_CONTROL 0x00 | ||
62 | |||
63 | // Response messages | ||
64 | #define BNEP_SUCCESS 0x00 | ||
65 | |||
66 | #define BNEP_CONN_INVALID_DST 0x01 | ||
67 | #define BNEP_CONN_INVALID_SRC 0x02 | ||
68 | #define BNEP_CONN_INVALID_SVC 0x03 | ||
69 | #define BNEP_CONN_NOT_ALLOWED 0x04 | ||
70 | |||
71 | #define BNEP_FILTER_UNSUPPORTED_REQ 0x01 | ||
72 | #define BNEP_FILTER_INVALID_RANGE 0x02 | ||
73 | #define BNEP_FILTER_INVALID_MCADDR 0x02 | ||
74 | #define BNEP_FILTER_LIMIT_REACHED 0x03 | ||
75 | #define BNEP_FILTER_DENIED_SECURITY 0x04 | ||
76 | |||
77 | // L2CAP settings | ||
78 | #define BNEP_MTU 1691 | ||
79 | #define BNEP_PSM 0x0f | ||
80 | #define BNEP_FLUSH_TO 0xffff | ||
81 | #define BNEP_CONNECT_TO 15 | ||
82 | #define BNEP_FILTER_TO 15 | ||
83 | |||
84 | // Headers | ||
85 | #define BNEP_TYPE_MASK 0x7f | ||
86 | #define BNEP_EXT_HEADER 0x80 | ||
87 | |||
88 | struct bnep_setup_conn_req { | ||
89 | __u8 type; | ||
90 | __u8 ctrl; | ||
91 | __u8 uuid_size; | ||
92 | __u8 service[0]; | ||
93 | } __attribute__((packed)); | ||
94 | |||
95 | struct bnep_set_filter_req { | ||
96 | __u8 type; | ||
97 | __u8 ctrl; | ||
98 | __u16 len; | ||
99 | __u8 list[0]; | ||
100 | } __attribute__((packed)); | ||
101 | |||
102 | struct bnep_control_rsp { | ||
103 | __u8 type; | ||
104 | __u8 ctrl; | ||
105 | __u16 resp; | ||
106 | } __attribute__((packed)); | ||
107 | |||
108 | struct bnep_ext_hdr { | ||
109 | __u8 type; | ||
110 | __u8 len; | ||
111 | __u8 data[0]; | ||
112 | } __attribute__((packed)); | ||
113 | |||
114 | /* BNEP ioctl defines */ | ||
115 | #define BNEPCONNADD _IOW('B', 200, int) | ||
116 | #define BNEPCONNDEL _IOW('B', 201, int) | ||
117 | #define BNEPGETCONNLIST _IOR('B', 210, int) | ||
118 | #define BNEPGETCONNINFO _IOR('B', 211, int) | ||
119 | |||
120 | struct bnep_connadd_req { | ||
121 | int sock; // Connected socket | ||
122 | __u32 flags; | ||
123 | __u16 role; | ||
124 | char device[16]; // Name of the Ethernet device | ||
125 | }; | ||
126 | |||
127 | struct bnep_conndel_req { | ||
128 | __u32 flags; | ||
129 | __u8 dst[ETH_ALEN]; | ||
130 | }; | ||
131 | |||
132 | struct bnep_conninfo { | ||
133 | __u32 flags; | ||
134 | __u16 role; | ||
135 | __u16 state; | ||
136 | __u8 dst[ETH_ALEN]; | ||
137 | char device[16]; | ||
138 | }; | ||
139 | |||
140 | struct bnep_connlist_req { | ||
141 | __u32 cnum; | ||
142 | struct bnep_conninfo __user *ci; | ||
143 | }; | ||
144 | |||
145 | struct bnep_proto_filter { | ||
146 | __u16 start; | ||
147 | __u16 end; | ||
148 | }; | ||
149 | |||
150 | int bnep_add_connection(struct bnep_connadd_req *req, struct socket *sock); | ||
151 | int bnep_del_connection(struct bnep_conndel_req *req); | ||
152 | int bnep_get_connlist(struct bnep_connlist_req *req); | ||
153 | int bnep_get_conninfo(struct bnep_conninfo *ci); | ||
154 | |||
155 | // BNEP sessions | ||
156 | struct bnep_session { | ||
157 | struct list_head list; | ||
158 | |||
159 | unsigned int role; | ||
160 | unsigned long state; | ||
161 | unsigned long flags; | ||
162 | atomic_t killed; | ||
163 | |||
164 | struct ethhdr eh; | ||
165 | struct msghdr msg; | ||
166 | |||
167 | struct bnep_proto_filter proto_filter[BNEP_MAX_PROTO_FILTERS]; | ||
168 | u64 mc_filter; | ||
169 | |||
170 | struct socket *sock; | ||
171 | struct net_device *dev; | ||
172 | struct net_device_stats stats; | ||
173 | }; | ||
174 | |||
175 | void bnep_net_setup(struct net_device *dev); | ||
176 | int bnep_sock_init(void); | ||
177 | int bnep_sock_cleanup(void); | ||
178 | |||
179 | static inline int bnep_mc_hash(__u8 *addr) | ||
180 | { | ||
181 | return (crc32_be(~0, addr, ETH_ALEN) >> 26); | ||
182 | } | ||
183 | |||
184 | #endif | ||
diff --git a/net/bluetooth/bnep/core.c b/net/bluetooth/bnep/core.c new file mode 100644 index 00000000000..682bf20af52 --- /dev/null +++ b/net/bluetooth/bnep/core.c | |||
@@ -0,0 +1,713 @@ | |||
1 | /* | ||
2 | BNEP implementation for Linux Bluetooth stack (BlueZ). | ||
3 | Copyright (C) 2001-2002 Inventel Systemes | ||
4 | Written 2001-2002 by | ||
5 | Clément Moreau <clement.moreau@inventel.fr> | ||
6 | David Libault <david.libault@inventel.fr> | ||
7 | |||
8 | Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com> | ||
9 | |||
10 | This program is free software; you can redistribute it and/or modify | ||
11 | it under the terms of the GNU General Public License version 2 as | ||
12 | published by the Free Software Foundation; | ||
13 | |||
14 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS | ||
15 | OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | ||
16 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. | ||
17 | IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY | ||
18 | CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES | ||
19 | WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | ||
20 | ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | ||
21 | OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | ||
22 | |||
23 | ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, | ||
24 | COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS | ||
25 | SOFTWARE IS DISCLAIMED. | ||
26 | */ | ||
27 | |||
28 | /* | ||
29 | * $Id: core.c,v 1.20 2002/08/04 21:23:58 maxk Exp $ | ||
30 | */ | ||
31 | |||
32 | #include <linux/config.h> | ||
33 | #include <linux/module.h> | ||
34 | |||
35 | #include <linux/kernel.h> | ||
36 | #include <linux/sched.h> | ||
37 | #include <linux/signal.h> | ||
38 | #include <linux/init.h> | ||
39 | #include <linux/wait.h> | ||
40 | #include <linux/errno.h> | ||
41 | #include <linux/smp_lock.h> | ||
42 | #include <linux/net.h> | ||
43 | #include <net/sock.h> | ||
44 | |||
45 | #include <linux/socket.h> | ||
46 | #include <linux/file.h> | ||
47 | |||
48 | #include <linux/netdevice.h> | ||
49 | #include <linux/etherdevice.h> | ||
50 | #include <linux/skbuff.h> | ||
51 | |||
52 | #include <asm/unaligned.h> | ||
53 | |||
54 | #include <net/bluetooth/bluetooth.h> | ||
55 | #include <net/bluetooth/l2cap.h> | ||
56 | |||
57 | #include "bnep.h" | ||
58 | |||
59 | #ifndef CONFIG_BT_BNEP_DEBUG | ||
60 | #undef BT_DBG | ||
61 | #define BT_DBG(D...) | ||
62 | #endif | ||
63 | |||
64 | #define VERSION "1.2" | ||
65 | |||
66 | static LIST_HEAD(bnep_session_list); | ||
67 | static DECLARE_RWSEM(bnep_session_sem); | ||
68 | |||
69 | static struct bnep_session *__bnep_get_session(u8 *dst) | ||
70 | { | ||
71 | struct bnep_session *s; | ||
72 | struct list_head *p; | ||
73 | |||
74 | BT_DBG(""); | ||
75 | |||
76 | list_for_each(p, &bnep_session_list) { | ||
77 | s = list_entry(p, struct bnep_session, list); | ||
78 | if (!memcmp(dst, s->eh.h_source, ETH_ALEN)) | ||
79 | return s; | ||
80 | } | ||
81 | return NULL; | ||
82 | } | ||
83 | |||
84 | static void __bnep_link_session(struct bnep_session *s) | ||
85 | { | ||
86 | /* It's safe to call __module_get() here because sessions are added | ||
87 | by the socket layer which has to hold the refference to this module. | ||
88 | */ | ||
89 | __module_get(THIS_MODULE); | ||
90 | list_add(&s->list, &bnep_session_list); | ||
91 | } | ||
92 | |||
93 | static void __bnep_unlink_session(struct bnep_session *s) | ||
94 | { | ||
95 | list_del(&s->list); | ||
96 | module_put(THIS_MODULE); | ||
97 | } | ||
98 | |||
99 | static int bnep_send(struct bnep_session *s, void *data, size_t len) | ||
100 | { | ||
101 | struct socket *sock = s->sock; | ||
102 | struct kvec iv = { data, len }; | ||
103 | |||
104 | return kernel_sendmsg(sock, &s->msg, &iv, 1, len); | ||
105 | } | ||
106 | |||
107 | static int bnep_send_rsp(struct bnep_session *s, u8 ctrl, u16 resp) | ||
108 | { | ||
109 | struct bnep_control_rsp rsp; | ||
110 | rsp.type = BNEP_CONTROL; | ||
111 | rsp.ctrl = ctrl; | ||
112 | rsp.resp = htons(resp); | ||
113 | return bnep_send(s, &rsp, sizeof(rsp)); | ||
114 | } | ||
115 | |||
116 | #ifdef CONFIG_BT_BNEP_PROTO_FILTER | ||
117 | static inline void bnep_set_default_proto_filter(struct bnep_session *s) | ||
118 | { | ||
119 | /* (IPv4, ARP) */ | ||
120 | s->proto_filter[0].start = htons(0x0800); | ||
121 | s->proto_filter[0].end = htons(0x0806); | ||
122 | /* (RARP, AppleTalk) */ | ||
123 | s->proto_filter[1].start = htons(0x8035); | ||
124 | s->proto_filter[1].end = htons(0x80F3); | ||
125 | /* (IPX, IPv6) */ | ||
126 | s->proto_filter[2].start = htons(0x8137); | ||
127 | s->proto_filter[2].end = htons(0x86DD); | ||
128 | } | ||
129 | #endif | ||
130 | |||
131 | static int bnep_ctrl_set_netfilter(struct bnep_session *s, u16 *data, int len) | ||
132 | { | ||
133 | int n; | ||
134 | |||
135 | if (len < 2) | ||
136 | return -EILSEQ; | ||
137 | |||
138 | n = ntohs(get_unaligned(data)); | ||
139 | data++; len -= 2; | ||
140 | |||
141 | if (len < n) | ||
142 | return -EILSEQ; | ||
143 | |||
144 | BT_DBG("filter len %d", n); | ||
145 | |||
146 | #ifdef CONFIG_BT_BNEP_PROTO_FILTER | ||
147 | n /= 4; | ||
148 | if (n <= BNEP_MAX_PROTO_FILTERS) { | ||
149 | struct bnep_proto_filter *f = s->proto_filter; | ||
150 | int i; | ||
151 | |||
152 | for (i = 0; i < n; i++) { | ||
153 | f[i].start = get_unaligned(data++); | ||
154 | f[i].end = get_unaligned(data++); | ||
155 | |||
156 | BT_DBG("proto filter start %d end %d", | ||
157 | f[i].start, f[i].end); | ||
158 | } | ||
159 | |||
160 | if (i < BNEP_MAX_PROTO_FILTERS) | ||
161 | memset(f + i, 0, sizeof(*f)); | ||
162 | |||
163 | if (n == 0) | ||
164 | bnep_set_default_proto_filter(s); | ||
165 | |||
166 | bnep_send_rsp(s, BNEP_FILTER_NET_TYPE_RSP, BNEP_SUCCESS); | ||
167 | } else { | ||
168 | bnep_send_rsp(s, BNEP_FILTER_NET_TYPE_RSP, BNEP_FILTER_LIMIT_REACHED); | ||
169 | } | ||
170 | #else | ||
171 | bnep_send_rsp(s, BNEP_FILTER_NET_TYPE_RSP, BNEP_FILTER_UNSUPPORTED_REQ); | ||
172 | #endif | ||
173 | return 0; | ||
174 | } | ||
175 | |||
176 | static int bnep_ctrl_set_mcfilter(struct bnep_session *s, u8 *data, int len) | ||
177 | { | ||
178 | int n; | ||
179 | |||
180 | if (len < 2) | ||
181 | return -EILSEQ; | ||
182 | |||
183 | n = ntohs(get_unaligned((u16 *) data)); | ||
184 | data += 2; len -= 2; | ||
185 | |||
186 | if (len < n) | ||
187 | return -EILSEQ; | ||
188 | |||
189 | BT_DBG("filter len %d", n); | ||
190 | |||
191 | #ifdef CONFIG_BT_BNEP_MC_FILTER | ||
192 | n /= (ETH_ALEN * 2); | ||
193 | |||
194 | if (n > 0) { | ||
195 | s->mc_filter = 0; | ||
196 | |||
197 | /* Always send broadcast */ | ||
198 | set_bit(bnep_mc_hash(s->dev->broadcast), (ulong *) &s->mc_filter); | ||
199 | |||
200 | /* Add address ranges to the multicast hash */ | ||
201 | for (; n > 0; n--) { | ||
202 | u8 a1[6], *a2; | ||
203 | |||
204 | memcpy(a1, data, ETH_ALEN); data += ETH_ALEN; | ||
205 | a2 = data; data += ETH_ALEN; | ||
206 | |||
207 | BT_DBG("mc filter %s -> %s", | ||
208 | batostr((void *) a1), batostr((void *) a2)); | ||
209 | |||
210 | #define INCA(a) { int i = 5; while (i >=0 && ++a[i--] == 0); } | ||
211 | |||
212 | /* Iterate from a1 to a2 */ | ||
213 | set_bit(bnep_mc_hash(a1), (ulong *) &s->mc_filter); | ||
214 | while (memcmp(a1, a2, 6) < 0 && s->mc_filter != ~0LL) { | ||
215 | INCA(a1); | ||
216 | set_bit(bnep_mc_hash(a1), (ulong *) &s->mc_filter); | ||
217 | } | ||
218 | } | ||
219 | } | ||
220 | |||
221 | BT_DBG("mc filter hash 0x%llx", s->mc_filter); | ||
222 | |||
223 | bnep_send_rsp(s, BNEP_FILTER_MULTI_ADDR_RSP, BNEP_SUCCESS); | ||
224 | #else | ||
225 | bnep_send_rsp(s, BNEP_FILTER_MULTI_ADDR_RSP, BNEP_FILTER_UNSUPPORTED_REQ); | ||
226 | #endif | ||
227 | return 0; | ||
228 | } | ||
229 | |||
230 | static int bnep_rx_control(struct bnep_session *s, void *data, int len) | ||
231 | { | ||
232 | u8 cmd = *(u8 *)data; | ||
233 | int err = 0; | ||
234 | |||
235 | data++; len--; | ||
236 | |||
237 | switch (cmd) { | ||
238 | case BNEP_CMD_NOT_UNDERSTOOD: | ||
239 | case BNEP_SETUP_CONN_REQ: | ||
240 | case BNEP_SETUP_CONN_RSP: | ||
241 | case BNEP_FILTER_NET_TYPE_RSP: | ||
242 | case BNEP_FILTER_MULTI_ADDR_RSP: | ||
243 | /* Ignore these for now */ | ||
244 | break; | ||
245 | |||
246 | case BNEP_FILTER_NET_TYPE_SET: | ||
247 | err = bnep_ctrl_set_netfilter(s, data, len); | ||
248 | break; | ||
249 | |||
250 | case BNEP_FILTER_MULTI_ADDR_SET: | ||
251 | err = bnep_ctrl_set_mcfilter(s, data, len); | ||
252 | break; | ||
253 | |||
254 | default: { | ||
255 | u8 pkt[3]; | ||
256 | pkt[0] = BNEP_CONTROL; | ||
257 | pkt[1] = BNEP_CMD_NOT_UNDERSTOOD; | ||
258 | pkt[2] = cmd; | ||
259 | bnep_send(s, pkt, sizeof(pkt)); | ||
260 | } | ||
261 | break; | ||
262 | } | ||
263 | |||
264 | return err; | ||
265 | } | ||
266 | |||
267 | static int bnep_rx_extension(struct bnep_session *s, struct sk_buff *skb) | ||
268 | { | ||
269 | struct bnep_ext_hdr *h; | ||
270 | int err = 0; | ||
271 | |||
272 | do { | ||
273 | h = (void *) skb->data; | ||
274 | if (!skb_pull(skb, sizeof(*h))) { | ||
275 | err = -EILSEQ; | ||
276 | break; | ||
277 | } | ||
278 | |||
279 | BT_DBG("type 0x%x len %d", h->type, h->len); | ||
280 | |||
281 | switch (h->type & BNEP_TYPE_MASK) { | ||
282 | case BNEP_EXT_CONTROL: | ||
283 | bnep_rx_control(s, skb->data, skb->len); | ||
284 | break; | ||
285 | |||
286 | default: | ||
287 | /* Unknown extension, skip it. */ | ||
288 | break; | ||
289 | } | ||
290 | |||
291 | if (!skb_pull(skb, h->len)) { | ||
292 | err = -EILSEQ; | ||
293 | break; | ||
294 | } | ||
295 | } while (!err && (h->type & BNEP_EXT_HEADER)); | ||
296 | |||
297 | return err; | ||
298 | } | ||
299 | |||
300 | static u8 __bnep_rx_hlen[] = { | ||
301 | ETH_HLEN, /* BNEP_GENERAL */ | ||
302 | 0, /* BNEP_CONTROL */ | ||
303 | 2, /* BNEP_COMPRESSED */ | ||
304 | ETH_ALEN + 2, /* BNEP_COMPRESSED_SRC_ONLY */ | ||
305 | ETH_ALEN + 2 /* BNEP_COMPRESSED_DST_ONLY */ | ||
306 | }; | ||
307 | #define BNEP_RX_TYPES (sizeof(__bnep_rx_hlen) - 1) | ||
308 | |||
309 | static inline int bnep_rx_frame(struct bnep_session *s, struct sk_buff *skb) | ||
310 | { | ||
311 | struct net_device *dev = s->dev; | ||
312 | struct sk_buff *nskb; | ||
313 | u8 type; | ||
314 | |||
315 | dev->last_rx = jiffies; | ||
316 | s->stats.rx_bytes += skb->len; | ||
317 | |||
318 | type = *(u8 *) skb->data; skb_pull(skb, 1); | ||
319 | |||
320 | if ((type & BNEP_TYPE_MASK) > BNEP_RX_TYPES) | ||
321 | goto badframe; | ||
322 | |||
323 | if ((type & BNEP_TYPE_MASK) == BNEP_CONTROL) { | ||
324 | bnep_rx_control(s, skb->data, skb->len); | ||
325 | kfree_skb(skb); | ||
326 | return 0; | ||
327 | } | ||
328 | |||
329 | skb->mac.raw = skb->data; | ||
330 | |||
331 | /* Verify and pull out header */ | ||
332 | if (!skb_pull(skb, __bnep_rx_hlen[type & BNEP_TYPE_MASK])) | ||
333 | goto badframe; | ||
334 | |||
335 | s->eh.h_proto = get_unaligned((u16 *) (skb->data - 2)); | ||
336 | |||
337 | if (type & BNEP_EXT_HEADER) { | ||
338 | if (bnep_rx_extension(s, skb) < 0) | ||
339 | goto badframe; | ||
340 | } | ||
341 | |||
342 | /* Strip 802.1p header */ | ||
343 | if (ntohs(s->eh.h_proto) == 0x8100) { | ||
344 | if (!skb_pull(skb, 4)) | ||
345 | goto badframe; | ||
346 | s->eh.h_proto = get_unaligned((u16 *) (skb->data - 2)); | ||
347 | } | ||
348 | |||
349 | /* We have to alloc new skb and copy data here :(. Because original skb | ||
350 | * may not be modified and because of the alignment requirements. */ | ||
351 | nskb = alloc_skb(2 + ETH_HLEN + skb->len, GFP_KERNEL); | ||
352 | if (!nskb) { | ||
353 | s->stats.rx_dropped++; | ||
354 | kfree_skb(skb); | ||
355 | return -ENOMEM; | ||
356 | } | ||
357 | skb_reserve(nskb, 2); | ||
358 | |||
359 | /* Decompress header and construct ether frame */ | ||
360 | switch (type & BNEP_TYPE_MASK) { | ||
361 | case BNEP_COMPRESSED: | ||
362 | memcpy(__skb_put(nskb, ETH_HLEN), &s->eh, ETH_HLEN); | ||
363 | break; | ||
364 | |||
365 | case BNEP_COMPRESSED_SRC_ONLY: | ||
366 | memcpy(__skb_put(nskb, ETH_ALEN), s->eh.h_dest, ETH_ALEN); | ||
367 | memcpy(__skb_put(nskb, ETH_ALEN), skb->mac.raw, ETH_ALEN); | ||
368 | put_unaligned(s->eh.h_proto, (u16 *) __skb_put(nskb, 2)); | ||
369 | break; | ||
370 | |||
371 | case BNEP_COMPRESSED_DST_ONLY: | ||
372 | memcpy(__skb_put(nskb, ETH_ALEN), skb->mac.raw, ETH_ALEN); | ||
373 | memcpy(__skb_put(nskb, ETH_ALEN + 2), s->eh.h_source, ETH_ALEN + 2); | ||
374 | break; | ||
375 | |||
376 | case BNEP_GENERAL: | ||
377 | memcpy(__skb_put(nskb, ETH_ALEN * 2), skb->mac.raw, ETH_ALEN * 2); | ||
378 | put_unaligned(s->eh.h_proto, (u16 *) __skb_put(nskb, 2)); | ||
379 | break; | ||
380 | } | ||
381 | |||
382 | memcpy(__skb_put(nskb, skb->len), skb->data, skb->len); | ||
383 | kfree_skb(skb); | ||
384 | |||
385 | s->stats.rx_packets++; | ||
386 | nskb->dev = dev; | ||
387 | nskb->ip_summed = CHECKSUM_NONE; | ||
388 | nskb->protocol = eth_type_trans(nskb, dev); | ||
389 | netif_rx_ni(nskb); | ||
390 | return 0; | ||
391 | |||
392 | badframe: | ||
393 | s->stats.rx_errors++; | ||
394 | kfree_skb(skb); | ||
395 | return 0; | ||
396 | } | ||
397 | |||
398 | static u8 __bnep_tx_types[] = { | ||
399 | BNEP_GENERAL, | ||
400 | BNEP_COMPRESSED_SRC_ONLY, | ||
401 | BNEP_COMPRESSED_DST_ONLY, | ||
402 | BNEP_COMPRESSED | ||
403 | }; | ||
404 | |||
405 | static inline int bnep_tx_frame(struct bnep_session *s, struct sk_buff *skb) | ||
406 | { | ||
407 | struct ethhdr *eh = (void *) skb->data; | ||
408 | struct socket *sock = s->sock; | ||
409 | struct kvec iv[3]; | ||
410 | int len = 0, il = 0; | ||
411 | u8 type = 0; | ||
412 | |||
413 | BT_DBG("skb %p dev %p type %d", skb, skb->dev, skb->pkt_type); | ||
414 | |||
415 | if (!skb->dev) { | ||
416 | /* Control frame sent by us */ | ||
417 | goto send; | ||
418 | } | ||
419 | |||
420 | iv[il++] = (struct kvec) { &type, 1 }; | ||
421 | len++; | ||
422 | |||
423 | if (!memcmp(eh->h_dest, s->eh.h_source, ETH_ALEN)) | ||
424 | type |= 0x01; | ||
425 | |||
426 | if (!memcmp(eh->h_source, s->eh.h_dest, ETH_ALEN)) | ||
427 | type |= 0x02; | ||
428 | |||
429 | if (type) | ||
430 | skb_pull(skb, ETH_ALEN * 2); | ||
431 | |||
432 | type = __bnep_tx_types[type]; | ||
433 | switch (type) { | ||
434 | case BNEP_COMPRESSED_SRC_ONLY: | ||
435 | iv[il++] = (struct kvec) { eh->h_source, ETH_ALEN }; | ||
436 | len += ETH_ALEN; | ||
437 | break; | ||
438 | |||
439 | case BNEP_COMPRESSED_DST_ONLY: | ||
440 | iv[il++] = (struct kvec) { eh->h_dest, ETH_ALEN }; | ||
441 | len += ETH_ALEN; | ||
442 | break; | ||
443 | } | ||
444 | |||
445 | send: | ||
446 | iv[il++] = (struct kvec) { skb->data, skb->len }; | ||
447 | len += skb->len; | ||
448 | |||
449 | /* FIXME: linearize skb */ | ||
450 | { | ||
451 | len = kernel_sendmsg(sock, &s->msg, iv, il, len); | ||
452 | } | ||
453 | kfree_skb(skb); | ||
454 | |||
455 | if (len > 0) { | ||
456 | s->stats.tx_bytes += len; | ||
457 | s->stats.tx_packets++; | ||
458 | return 0; | ||
459 | } | ||
460 | |||
461 | return len; | ||
462 | } | ||
463 | |||
464 | static int bnep_session(void *arg) | ||
465 | { | ||
466 | struct bnep_session *s = arg; | ||
467 | struct net_device *dev = s->dev; | ||
468 | struct sock *sk = s->sock->sk; | ||
469 | struct sk_buff *skb; | ||
470 | wait_queue_t wait; | ||
471 | |||
472 | BT_DBG(""); | ||
473 | |||
474 | daemonize("kbnepd %s", dev->name); | ||
475 | set_user_nice(current, -15); | ||
476 | current->flags |= PF_NOFREEZE; | ||
477 | |||
478 | init_waitqueue_entry(&wait, current); | ||
479 | add_wait_queue(sk->sk_sleep, &wait); | ||
480 | while (!atomic_read(&s->killed)) { | ||
481 | set_current_state(TASK_INTERRUPTIBLE); | ||
482 | |||
483 | // RX | ||
484 | while ((skb = skb_dequeue(&sk->sk_receive_queue))) { | ||
485 | skb_orphan(skb); | ||
486 | bnep_rx_frame(s, skb); | ||
487 | } | ||
488 | |||
489 | if (sk->sk_state != BT_CONNECTED) | ||
490 | break; | ||
491 | |||
492 | // TX | ||
493 | while ((skb = skb_dequeue(&sk->sk_write_queue))) | ||
494 | if (bnep_tx_frame(s, skb)) | ||
495 | break; | ||
496 | netif_wake_queue(dev); | ||
497 | |||
498 | schedule(); | ||
499 | } | ||
500 | set_current_state(TASK_RUNNING); | ||
501 | remove_wait_queue(sk->sk_sleep, &wait); | ||
502 | |||
503 | /* Cleanup session */ | ||
504 | down_write(&bnep_session_sem); | ||
505 | |||
506 | /* Delete network device */ | ||
507 | unregister_netdev(dev); | ||
508 | |||
509 | /* Release the socket */ | ||
510 | fput(s->sock->file); | ||
511 | |||
512 | __bnep_unlink_session(s); | ||
513 | |||
514 | up_write(&bnep_session_sem); | ||
515 | free_netdev(dev); | ||
516 | return 0; | ||
517 | } | ||
518 | |||
519 | int bnep_add_connection(struct bnep_connadd_req *req, struct socket *sock) | ||
520 | { | ||
521 | struct net_device *dev; | ||
522 | struct bnep_session *s, *ss; | ||
523 | u8 dst[ETH_ALEN], src[ETH_ALEN]; | ||
524 | int err; | ||
525 | |||
526 | BT_DBG(""); | ||
527 | |||
528 | baswap((void *) dst, &bt_sk(sock->sk)->dst); | ||
529 | baswap((void *) src, &bt_sk(sock->sk)->src); | ||
530 | |||
531 | /* session struct allocated as private part of net_device */ | ||
532 | dev = alloc_netdev(sizeof(struct bnep_session), | ||
533 | (*req->device) ? req->device : "bnep%d", | ||
534 | bnep_net_setup); | ||
535 | if (!dev) | ||
536 | return ENOMEM; | ||
537 | |||
538 | |||
539 | down_write(&bnep_session_sem); | ||
540 | |||
541 | ss = __bnep_get_session(dst); | ||
542 | if (ss && ss->state == BT_CONNECTED) { | ||
543 | err = -EEXIST; | ||
544 | goto failed; | ||
545 | } | ||
546 | |||
547 | s = dev->priv; | ||
548 | |||
549 | /* This is rx header therefore addresses are swapped. | ||
550 | * ie eh.h_dest is our local address. */ | ||
551 | memcpy(s->eh.h_dest, &src, ETH_ALEN); | ||
552 | memcpy(s->eh.h_source, &dst, ETH_ALEN); | ||
553 | memcpy(dev->dev_addr, s->eh.h_dest, ETH_ALEN); | ||
554 | |||
555 | s->dev = dev; | ||
556 | s->sock = sock; | ||
557 | s->role = req->role; | ||
558 | s->state = BT_CONNECTED; | ||
559 | |||
560 | s->msg.msg_flags = MSG_NOSIGNAL; | ||
561 | |||
562 | #ifdef CONFIG_BT_BNEP_MC_FILTER | ||
563 | /* Set default mc filter */ | ||
564 | set_bit(bnep_mc_hash(dev->broadcast), (ulong *) &s->mc_filter); | ||
565 | #endif | ||
566 | |||
567 | #ifdef CONFIG_BT_BNEP_PROTO_FILTER | ||
568 | /* Set default protocol filter */ | ||
569 | bnep_set_default_proto_filter(s); | ||
570 | #endif | ||
571 | |||
572 | err = register_netdev(dev); | ||
573 | if (err) { | ||
574 | goto failed; | ||
575 | } | ||
576 | |||
577 | __bnep_link_session(s); | ||
578 | |||
579 | err = kernel_thread(bnep_session, s, CLONE_KERNEL); | ||
580 | if (err < 0) { | ||
581 | /* Session thread start failed, gotta cleanup. */ | ||
582 | unregister_netdev(dev); | ||
583 | __bnep_unlink_session(s); | ||
584 | goto failed; | ||
585 | } | ||
586 | |||
587 | up_write(&bnep_session_sem); | ||
588 | strcpy(req->device, dev->name); | ||
589 | return 0; | ||
590 | |||
591 | failed: | ||
592 | up_write(&bnep_session_sem); | ||
593 | free_netdev(dev); | ||
594 | return err; | ||
595 | } | ||
596 | |||
597 | int bnep_del_connection(struct bnep_conndel_req *req) | ||
598 | { | ||
599 | struct bnep_session *s; | ||
600 | int err = 0; | ||
601 | |||
602 | BT_DBG(""); | ||
603 | |||
604 | down_read(&bnep_session_sem); | ||
605 | |||
606 | s = __bnep_get_session(req->dst); | ||
607 | if (s) { | ||
608 | /* Wakeup user-space which is polling for socket errors. | ||
609 | * This is temporary hack untill we have shutdown in L2CAP */ | ||
610 | s->sock->sk->sk_err = EUNATCH; | ||
611 | |||
612 | /* Kill session thread */ | ||
613 | atomic_inc(&s->killed); | ||
614 | wake_up_interruptible(s->sock->sk->sk_sleep); | ||
615 | } else | ||
616 | err = -ENOENT; | ||
617 | |||
618 | up_read(&bnep_session_sem); | ||
619 | return err; | ||
620 | } | ||
621 | |||
622 | static void __bnep_copy_ci(struct bnep_conninfo *ci, struct bnep_session *s) | ||
623 | { | ||
624 | memcpy(ci->dst, s->eh.h_source, ETH_ALEN); | ||
625 | strcpy(ci->device, s->dev->name); | ||
626 | ci->flags = s->flags; | ||
627 | ci->state = s->state; | ||
628 | ci->role = s->role; | ||
629 | } | ||
630 | |||
631 | int bnep_get_connlist(struct bnep_connlist_req *req) | ||
632 | { | ||
633 | struct list_head *p; | ||
634 | int err = 0, n = 0; | ||
635 | |||
636 | down_read(&bnep_session_sem); | ||
637 | |||
638 | list_for_each(p, &bnep_session_list) { | ||
639 | struct bnep_session *s; | ||
640 | struct bnep_conninfo ci; | ||
641 | |||
642 | s = list_entry(p, struct bnep_session, list); | ||
643 | |||
644 | __bnep_copy_ci(&ci, s); | ||
645 | |||
646 | if (copy_to_user(req->ci, &ci, sizeof(ci))) { | ||
647 | err = -EFAULT; | ||
648 | break; | ||
649 | } | ||
650 | |||
651 | if (++n >= req->cnum) | ||
652 | break; | ||
653 | |||
654 | req->ci++; | ||
655 | } | ||
656 | req->cnum = n; | ||
657 | |||
658 | up_read(&bnep_session_sem); | ||
659 | return err; | ||
660 | } | ||
661 | |||
662 | int bnep_get_conninfo(struct bnep_conninfo *ci) | ||
663 | { | ||
664 | struct bnep_session *s; | ||
665 | int err = 0; | ||
666 | |||
667 | down_read(&bnep_session_sem); | ||
668 | |||
669 | s = __bnep_get_session(ci->dst); | ||
670 | if (s) | ||
671 | __bnep_copy_ci(ci, s); | ||
672 | else | ||
673 | err = -ENOENT; | ||
674 | |||
675 | up_read(&bnep_session_sem); | ||
676 | return err; | ||
677 | } | ||
678 | |||
679 | static int __init bnep_init(void) | ||
680 | { | ||
681 | char flt[50] = ""; | ||
682 | |||
683 | l2cap_load(); | ||
684 | |||
685 | #ifdef CONFIG_BT_BNEP_PROTO_FILTER | ||
686 | strcat(flt, "protocol "); | ||
687 | #endif | ||
688 | |||
689 | #ifdef CONFIG_BT_BNEP_MC_FILTER | ||
690 | strcat(flt, "multicast"); | ||
691 | #endif | ||
692 | |||
693 | BT_INFO("BNEP (Ethernet Emulation) ver %s", VERSION); | ||
694 | if (flt[0]) | ||
695 | BT_INFO("BNEP filters: %s", flt); | ||
696 | |||
697 | bnep_sock_init(); | ||
698 | return 0; | ||
699 | } | ||
700 | |||
701 | static void __exit bnep_exit(void) | ||
702 | { | ||
703 | bnep_sock_cleanup(); | ||
704 | } | ||
705 | |||
706 | module_init(bnep_init); | ||
707 | module_exit(bnep_exit); | ||
708 | |||
709 | MODULE_AUTHOR("David Libault <david.libault@inventel.fr>, Maxim Krasnyansky <maxk@qualcomm.com>"); | ||
710 | MODULE_DESCRIPTION("Bluetooth BNEP ver " VERSION); | ||
711 | MODULE_VERSION(VERSION); | ||
712 | MODULE_LICENSE("GPL"); | ||
713 | MODULE_ALIAS("bt-proto-4"); | ||
diff --git a/net/bluetooth/bnep/netdev.c b/net/bluetooth/bnep/netdev.c new file mode 100644 index 00000000000..921204f95f4 --- /dev/null +++ b/net/bluetooth/bnep/netdev.c | |||
@@ -0,0 +1,247 @@ | |||
1 | /* | ||
2 | BNEP implementation for Linux Bluetooth stack (BlueZ). | ||
3 | Copyright (C) 2001-2002 Inventel Systemes | ||
4 | Written 2001-2002 by | ||
5 | Clément Moreau <clement.moreau@inventel.fr> | ||
6 | David Libault <david.libault@inventel.fr> | ||
7 | |||
8 | Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com> | ||
9 | |||
10 | This program is free software; you can redistribute it and/or modify | ||
11 | it under the terms of the GNU General Public License version 2 as | ||
12 | published by the Free Software Foundation; | ||
13 | |||
14 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS | ||
15 | OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | ||
16 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. | ||
17 | IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY | ||
18 | CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES | ||
19 | WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | ||
20 | ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | ||
21 | OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | ||
22 | |||
23 | ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, | ||
24 | COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS | ||
25 | SOFTWARE IS DISCLAIMED. | ||
26 | */ | ||
27 | |||
28 | /* | ||
29 | * $Id: netdev.c,v 1.8 2002/08/04 21:23:58 maxk Exp $ | ||
30 | */ | ||
31 | |||
32 | #include <linux/config.h> | ||
33 | #include <linux/module.h> | ||
34 | |||
35 | #include <linux/socket.h> | ||
36 | #include <linux/netdevice.h> | ||
37 | #include <linux/etherdevice.h> | ||
38 | #include <linux/skbuff.h> | ||
39 | #include <linux/wait.h> | ||
40 | |||
41 | #include <asm/unaligned.h> | ||
42 | |||
43 | #include <net/bluetooth/bluetooth.h> | ||
44 | #include <net/bluetooth/hci_core.h> | ||
45 | #include <net/bluetooth/l2cap.h> | ||
46 | |||
47 | #include "bnep.h" | ||
48 | |||
49 | #ifndef CONFIG_BT_BNEP_DEBUG | ||
50 | #undef BT_DBG | ||
51 | #define BT_DBG( A... ) | ||
52 | #endif | ||
53 | |||
54 | #define BNEP_TX_QUEUE_LEN 20 | ||
55 | |||
56 | static int bnep_net_open(struct net_device *dev) | ||
57 | { | ||
58 | netif_start_queue(dev); | ||
59 | return 0; | ||
60 | } | ||
61 | |||
62 | static int bnep_net_close(struct net_device *dev) | ||
63 | { | ||
64 | netif_stop_queue(dev); | ||
65 | return 0; | ||
66 | } | ||
67 | |||
68 | static struct net_device_stats *bnep_net_get_stats(struct net_device *dev) | ||
69 | { | ||
70 | struct bnep_session *s = dev->priv; | ||
71 | return &s->stats; | ||
72 | } | ||
73 | |||
74 | static void bnep_net_set_mc_list(struct net_device *dev) | ||
75 | { | ||
76 | #ifdef CONFIG_BT_BNEP_MC_FILTER | ||
77 | struct bnep_session *s = dev->priv; | ||
78 | struct sock *sk = s->sock->sk; | ||
79 | struct bnep_set_filter_req *r; | ||
80 | struct sk_buff *skb; | ||
81 | int size; | ||
82 | |||
83 | BT_DBG("%s mc_count %d", dev->name, dev->mc_count); | ||
84 | |||
85 | size = sizeof(*r) + (BNEP_MAX_MULTICAST_FILTERS + 1) * ETH_ALEN * 2; | ||
86 | skb = alloc_skb(size, GFP_ATOMIC); | ||
87 | if (!skb) { | ||
88 | BT_ERR("%s Multicast list allocation failed", dev->name); | ||
89 | return; | ||
90 | } | ||
91 | |||
92 | r = (void *) skb->data; | ||
93 | __skb_put(skb, sizeof(*r)); | ||
94 | |||
95 | r->type = BNEP_CONTROL; | ||
96 | r->ctrl = BNEP_FILTER_MULTI_ADDR_SET; | ||
97 | |||
98 | if (dev->flags & (IFF_PROMISC | IFF_ALLMULTI)) { | ||
99 | u8 start[ETH_ALEN] = { 0x01 }; | ||
100 | |||
101 | /* Request all addresses */ | ||
102 | memcpy(__skb_put(skb, ETH_ALEN), start, ETH_ALEN); | ||
103 | memcpy(__skb_put(skb, ETH_ALEN), dev->broadcast, ETH_ALEN); | ||
104 | r->len = htons(ETH_ALEN * 2); | ||
105 | } else { | ||
106 | struct dev_mc_list *dmi = dev->mc_list; | ||
107 | int i, len = skb->len; | ||
108 | |||
109 | if (dev->flags & IFF_BROADCAST) { | ||
110 | memcpy(__skb_put(skb, ETH_ALEN), dev->broadcast, ETH_ALEN); | ||
111 | memcpy(__skb_put(skb, ETH_ALEN), dev->broadcast, ETH_ALEN); | ||
112 | } | ||
113 | |||
114 | /* FIXME: We should group addresses here. */ | ||
115 | |||
116 | for (i = 0; i < dev->mc_count && i < BNEP_MAX_MULTICAST_FILTERS; i++) { | ||
117 | memcpy(__skb_put(skb, ETH_ALEN), dmi->dmi_addr, ETH_ALEN); | ||
118 | memcpy(__skb_put(skb, ETH_ALEN), dmi->dmi_addr, ETH_ALEN); | ||
119 | dmi = dmi->next; | ||
120 | } | ||
121 | r->len = htons(skb->len - len); | ||
122 | } | ||
123 | |||
124 | skb_queue_tail(&sk->sk_write_queue, skb); | ||
125 | wake_up_interruptible(sk->sk_sleep); | ||
126 | #endif | ||
127 | } | ||
128 | |||
129 | static int bnep_net_set_mac_addr(struct net_device *dev, void *arg) | ||
130 | { | ||
131 | BT_DBG("%s", dev->name); | ||
132 | return 0; | ||
133 | } | ||
134 | |||
135 | static void bnep_net_timeout(struct net_device *dev) | ||
136 | { | ||
137 | BT_DBG("net_timeout"); | ||
138 | netif_wake_queue(dev); | ||
139 | } | ||
140 | |||
141 | static int bnep_net_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd) | ||
142 | { | ||
143 | return -EINVAL; | ||
144 | } | ||
145 | |||
146 | #ifdef CONFIG_BT_BNEP_MC_FILTER | ||
147 | static inline int bnep_net_mc_filter(struct sk_buff *skb, struct bnep_session *s) | ||
148 | { | ||
149 | struct ethhdr *eh = (void *) skb->data; | ||
150 | |||
151 | if ((eh->h_dest[0] & 1) && !test_bit(bnep_mc_hash(eh->h_dest), (ulong *) &s->mc_filter)) | ||
152 | return 1; | ||
153 | return 0; | ||
154 | } | ||
155 | #endif | ||
156 | |||
157 | #ifdef CONFIG_BT_BNEP_PROTO_FILTER | ||
158 | /* Determine ether protocol. Based on eth_type_trans. */ | ||
159 | static inline u16 bnep_net_eth_proto(struct sk_buff *skb) | ||
160 | { | ||
161 | struct ethhdr *eh = (void *) skb->data; | ||
162 | |||
163 | if (ntohs(eh->h_proto) >= 1536) | ||
164 | return eh->h_proto; | ||
165 | |||
166 | if (get_unaligned((u16 *) skb->data) == 0xFFFF) | ||
167 | return htons(ETH_P_802_3); | ||
168 | |||
169 | return htons(ETH_P_802_2); | ||
170 | } | ||
171 | |||
172 | static inline int bnep_net_proto_filter(struct sk_buff *skb, struct bnep_session *s) | ||
173 | { | ||
174 | u16 proto = bnep_net_eth_proto(skb); | ||
175 | struct bnep_proto_filter *f = s->proto_filter; | ||
176 | int i; | ||
177 | |||
178 | for (i = 0; i < BNEP_MAX_PROTO_FILTERS && f[i].end; i++) { | ||
179 | if (proto >= f[i].start && proto <= f[i].end) | ||
180 | return 0; | ||
181 | } | ||
182 | |||
183 | BT_DBG("BNEP: filtered skb %p, proto 0x%.4x", skb, proto); | ||
184 | return 1; | ||
185 | } | ||
186 | #endif | ||
187 | |||
188 | static int bnep_net_xmit(struct sk_buff *skb, struct net_device *dev) | ||
189 | { | ||
190 | struct bnep_session *s = dev->priv; | ||
191 | struct sock *sk = s->sock->sk; | ||
192 | |||
193 | BT_DBG("skb %p, dev %p", skb, dev); | ||
194 | |||
195 | #ifdef CONFIG_BT_BNEP_MC_FILTER | ||
196 | if (bnep_net_mc_filter(skb, s)) { | ||
197 | kfree_skb(skb); | ||
198 | return 0; | ||
199 | } | ||
200 | #endif | ||
201 | |||
202 | #ifdef CONFIG_BT_BNEP_PROTO_FILTER | ||
203 | if (bnep_net_proto_filter(skb, s)) { | ||
204 | kfree_skb(skb); | ||
205 | return 0; | ||
206 | } | ||
207 | #endif | ||
208 | |||
209 | /* | ||
210 | * We cannot send L2CAP packets from here as we are potentially in a bh. | ||
211 | * So we have to queue them and wake up session thread which is sleeping | ||
212 | * on the sk->sk_sleep. | ||
213 | */ | ||
214 | dev->trans_start = jiffies; | ||
215 | skb_queue_tail(&sk->sk_write_queue, skb); | ||
216 | wake_up_interruptible(sk->sk_sleep); | ||
217 | |||
218 | if (skb_queue_len(&sk->sk_write_queue) >= BNEP_TX_QUEUE_LEN) { | ||
219 | BT_DBG("tx queue is full"); | ||
220 | |||
221 | /* Stop queuing. | ||
222 | * Session thread will do netif_wake_queue() */ | ||
223 | netif_stop_queue(dev); | ||
224 | } | ||
225 | |||
226 | return 0; | ||
227 | } | ||
228 | |||
229 | void bnep_net_setup(struct net_device *dev) | ||
230 | { | ||
231 | |||
232 | memset(dev->broadcast, 0xff, ETH_ALEN); | ||
233 | dev->addr_len = ETH_ALEN; | ||
234 | |||
235 | ether_setup(dev); | ||
236 | |||
237 | dev->open = bnep_net_open; | ||
238 | dev->stop = bnep_net_close; | ||
239 | dev->hard_start_xmit = bnep_net_xmit; | ||
240 | dev->get_stats = bnep_net_get_stats; | ||
241 | dev->do_ioctl = bnep_net_ioctl; | ||
242 | dev->set_mac_address = bnep_net_set_mac_addr; | ||
243 | dev->set_multicast_list = bnep_net_set_mc_list; | ||
244 | |||
245 | dev->watchdog_timeo = HZ * 2; | ||
246 | dev->tx_timeout = bnep_net_timeout; | ||
247 | } | ||
diff --git a/net/bluetooth/bnep/sock.c b/net/bluetooth/bnep/sock.c new file mode 100644 index 00000000000..9a8d99a39b6 --- /dev/null +++ b/net/bluetooth/bnep/sock.c | |||
@@ -0,0 +1,237 @@ | |||
1 | /* | ||
2 | BNEP implementation for Linux Bluetooth stack (BlueZ). | ||
3 | Copyright (C) 2001-2002 Inventel Systemes | ||
4 | Written 2001-2002 by | ||
5 | David Libault <david.libault@inventel.fr> | ||
6 | |||
7 | Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com> | ||
8 | |||
9 | This program is free software; you can redistribute it and/or modify | ||
10 | it under the terms of the GNU General Public License version 2 as | ||
11 | published by the Free Software Foundation; | ||
12 | |||
13 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS | ||
14 | OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | ||
15 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. | ||
16 | IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY | ||
17 | CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES | ||
18 | WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | ||
19 | ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | ||
20 | OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | ||
21 | |||
22 | ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, | ||
23 | COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS | ||
24 | SOFTWARE IS DISCLAIMED. | ||
25 | */ | ||
26 | |||
27 | /* | ||
28 | * $Id: sock.c,v 1.4 2002/08/04 21:23:58 maxk Exp $ | ||
29 | */ | ||
30 | |||
31 | #include <linux/config.h> | ||
32 | #include <linux/module.h> | ||
33 | |||
34 | #include <linux/types.h> | ||
35 | #include <linux/errno.h> | ||
36 | #include <linux/kernel.h> | ||
37 | #include <linux/major.h> | ||
38 | #include <linux/sched.h> | ||
39 | #include <linux/slab.h> | ||
40 | #include <linux/poll.h> | ||
41 | #include <linux/fcntl.h> | ||
42 | #include <linux/skbuff.h> | ||
43 | #include <linux/socket.h> | ||
44 | #include <linux/ioctl.h> | ||
45 | #include <linux/file.h> | ||
46 | #include <linux/init.h> | ||
47 | #include <net/sock.h> | ||
48 | |||
49 | #include <asm/system.h> | ||
50 | #include <asm/uaccess.h> | ||
51 | |||
52 | #include "bnep.h" | ||
53 | |||
54 | #ifndef CONFIG_BT_BNEP_DEBUG | ||
55 | #undef BT_DBG | ||
56 | #define BT_DBG( A... ) | ||
57 | #endif | ||
58 | |||
59 | static int bnep_sock_release(struct socket *sock) | ||
60 | { | ||
61 | struct sock *sk = sock->sk; | ||
62 | |||
63 | BT_DBG("sock %p sk %p", sock, sk); | ||
64 | |||
65 | if (!sk) | ||
66 | return 0; | ||
67 | |||
68 | sock_orphan(sk); | ||
69 | sock_put(sk); | ||
70 | return 0; | ||
71 | } | ||
72 | |||
73 | static int bnep_sock_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg) | ||
74 | { | ||
75 | struct bnep_connlist_req cl; | ||
76 | struct bnep_connadd_req ca; | ||
77 | struct bnep_conndel_req cd; | ||
78 | struct bnep_conninfo ci; | ||
79 | struct socket *nsock; | ||
80 | void __user *argp = (void __user *)arg; | ||
81 | int err; | ||
82 | |||
83 | BT_DBG("cmd %x arg %lx", cmd, arg); | ||
84 | |||
85 | switch (cmd) { | ||
86 | case BNEPCONNADD: | ||
87 | if (!capable(CAP_NET_ADMIN)) | ||
88 | return -EACCES; | ||
89 | |||
90 | if (copy_from_user(&ca, argp, sizeof(ca))) | ||
91 | return -EFAULT; | ||
92 | |||
93 | nsock = sockfd_lookup(ca.sock, &err); | ||
94 | if (!nsock) | ||
95 | return err; | ||
96 | |||
97 | if (nsock->sk->sk_state != BT_CONNECTED) { | ||
98 | fput(nsock->file); | ||
99 | return -EBADFD; | ||
100 | } | ||
101 | |||
102 | err = bnep_add_connection(&ca, nsock); | ||
103 | if (!err) { | ||
104 | if (copy_to_user(argp, &ca, sizeof(ca))) | ||
105 | err = -EFAULT; | ||
106 | } else | ||
107 | fput(nsock->file); | ||
108 | |||
109 | return err; | ||
110 | |||
111 | case BNEPCONNDEL: | ||
112 | if (!capable(CAP_NET_ADMIN)) | ||
113 | return -EACCES; | ||
114 | |||
115 | if (copy_from_user(&cd, argp, sizeof(cd))) | ||
116 | return -EFAULT; | ||
117 | |||
118 | return bnep_del_connection(&cd); | ||
119 | |||
120 | case BNEPGETCONNLIST: | ||
121 | if (copy_from_user(&cl, argp, sizeof(cl))) | ||
122 | return -EFAULT; | ||
123 | |||
124 | if (cl.cnum <= 0) | ||
125 | return -EINVAL; | ||
126 | |||
127 | err = bnep_get_connlist(&cl); | ||
128 | if (!err && copy_to_user(argp, &cl, sizeof(cl))) | ||
129 | return -EFAULT; | ||
130 | |||
131 | return err; | ||
132 | |||
133 | case BNEPGETCONNINFO: | ||
134 | if (copy_from_user(&ci, argp, sizeof(ci))) | ||
135 | return -EFAULT; | ||
136 | |||
137 | err = bnep_get_conninfo(&ci); | ||
138 | if (!err && copy_to_user(argp, &ci, sizeof(ci))) | ||
139 | return -EFAULT; | ||
140 | |||
141 | return err; | ||
142 | |||
143 | default: | ||
144 | return -EINVAL; | ||
145 | } | ||
146 | |||
147 | return 0; | ||
148 | } | ||
149 | |||
150 | static struct proto_ops bnep_sock_ops = { | ||
151 | .family = PF_BLUETOOTH, | ||
152 | .owner = THIS_MODULE, | ||
153 | .release = bnep_sock_release, | ||
154 | .ioctl = bnep_sock_ioctl, | ||
155 | .bind = sock_no_bind, | ||
156 | .getname = sock_no_getname, | ||
157 | .sendmsg = sock_no_sendmsg, | ||
158 | .recvmsg = sock_no_recvmsg, | ||
159 | .poll = sock_no_poll, | ||
160 | .listen = sock_no_listen, | ||
161 | .shutdown = sock_no_shutdown, | ||
162 | .setsockopt = sock_no_setsockopt, | ||
163 | .getsockopt = sock_no_getsockopt, | ||
164 | .connect = sock_no_connect, | ||
165 | .socketpair = sock_no_socketpair, | ||
166 | .accept = sock_no_accept, | ||
167 | .mmap = sock_no_mmap | ||
168 | }; | ||
169 | |||
170 | static struct proto bnep_proto = { | ||
171 | .name = "BNEP", | ||
172 | .owner = THIS_MODULE, | ||
173 | .obj_size = sizeof(struct bt_sock) | ||
174 | }; | ||
175 | |||
176 | static int bnep_sock_create(struct socket *sock, int protocol) | ||
177 | { | ||
178 | struct sock *sk; | ||
179 | |||
180 | BT_DBG("sock %p", sock); | ||
181 | |||
182 | if (sock->type != SOCK_RAW) | ||
183 | return -ESOCKTNOSUPPORT; | ||
184 | |||
185 | sk = sk_alloc(PF_BLUETOOTH, GFP_KERNEL, &bnep_proto, 1); | ||
186 | if (!sk) | ||
187 | return -ENOMEM; | ||
188 | |||
189 | sock_init_data(sock, sk); | ||
190 | |||
191 | sock->ops = &bnep_sock_ops; | ||
192 | |||
193 | sock->state = SS_UNCONNECTED; | ||
194 | |||
195 | sock_reset_flag(sk, SOCK_ZAPPED); | ||
196 | |||
197 | sk->sk_protocol = protocol; | ||
198 | sk->sk_state = BT_OPEN; | ||
199 | |||
200 | return 0; | ||
201 | } | ||
202 | |||
203 | static struct net_proto_family bnep_sock_family_ops = { | ||
204 | .family = PF_BLUETOOTH, | ||
205 | .owner = THIS_MODULE, | ||
206 | .create = bnep_sock_create | ||
207 | }; | ||
208 | |||
209 | int __init bnep_sock_init(void) | ||
210 | { | ||
211 | int err; | ||
212 | |||
213 | err = proto_register(&bnep_proto, 0); | ||
214 | if (err < 0) | ||
215 | return err; | ||
216 | |||
217 | err = bt_sock_register(BTPROTO_BNEP, &bnep_sock_family_ops); | ||
218 | if (err < 0) | ||
219 | goto error; | ||
220 | |||
221 | return 0; | ||
222 | |||
223 | error: | ||
224 | BT_ERR("Can't register BNEP socket"); | ||
225 | proto_unregister(&bnep_proto); | ||
226 | return err; | ||
227 | } | ||
228 | |||
229 | int __exit bnep_sock_cleanup(void) | ||
230 | { | ||
231 | if (bt_sock_unregister(BTPROTO_BNEP) < 0) | ||
232 | BT_ERR("Can't unregister BNEP socket"); | ||
233 | |||
234 | proto_unregister(&bnep_proto); | ||
235 | |||
236 | return 0; | ||
237 | } | ||
diff --git a/net/bluetooth/cmtp/Kconfig b/net/bluetooth/cmtp/Kconfig new file mode 100644 index 00000000000..d6b0382f6f3 --- /dev/null +++ b/net/bluetooth/cmtp/Kconfig | |||
@@ -0,0 +1,11 @@ | |||
1 | config BT_CMTP | ||
2 | tristate "CMTP protocol support" | ||
3 | depends on BT && BT_L2CAP && ISDN_CAPI | ||
4 | help | ||
5 | CMTP (CAPI Message Transport Protocol) is a transport layer | ||
6 | for CAPI messages. CMTP is required for the Bluetooth Common | ||
7 | ISDN Access Profile. | ||
8 | |||
9 | Say Y here to compile CMTP support into the kernel or say M to | ||
10 | compile it as module (cmtp). | ||
11 | |||
diff --git a/net/bluetooth/cmtp/Makefile b/net/bluetooth/cmtp/Makefile new file mode 100644 index 00000000000..890a9a5a686 --- /dev/null +++ b/net/bluetooth/cmtp/Makefile | |||
@@ -0,0 +1,7 @@ | |||
1 | # | ||
2 | # Makefile for the Linux Bluetooth CMTP layer | ||
3 | # | ||
4 | |||
5 | obj-$(CONFIG_BT_CMTP) += cmtp.o | ||
6 | |||
7 | cmtp-objs := core.o sock.o capi.o | ||
diff --git a/net/bluetooth/cmtp/capi.c b/net/bluetooth/cmtp/capi.c new file mode 100644 index 00000000000..1e5c030b72a --- /dev/null +++ b/net/bluetooth/cmtp/capi.c | |||
@@ -0,0 +1,600 @@ | |||
1 | /* | ||
2 | CMTP implementation for Linux Bluetooth stack (BlueZ). | ||
3 | Copyright (C) 2002-2003 Marcel Holtmann <marcel@holtmann.org> | ||
4 | |||
5 | This program is free software; you can redistribute it and/or modify | ||
6 | it under the terms of the GNU General Public License version 2 as | ||
7 | published by the Free Software Foundation; | ||
8 | |||
9 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS | ||
10 | OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | ||
11 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. | ||
12 | IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY | ||
13 | CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES | ||
14 | WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | ||
15 | ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | ||
16 | OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | ||
17 | |||
18 | ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, | ||
19 | COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS | ||
20 | SOFTWARE IS DISCLAIMED. | ||
21 | */ | ||
22 | |||
23 | #include <linux/config.h> | ||
24 | #include <linux/module.h> | ||
25 | |||
26 | #include <linux/types.h> | ||
27 | #include <linux/errno.h> | ||
28 | #include <linux/kernel.h> | ||
29 | #include <linux/major.h> | ||
30 | #include <linux/sched.h> | ||
31 | #include <linux/slab.h> | ||
32 | #include <linux/poll.h> | ||
33 | #include <linux/fcntl.h> | ||
34 | #include <linux/skbuff.h> | ||
35 | #include <linux/socket.h> | ||
36 | #include <linux/ioctl.h> | ||
37 | #include <linux/file.h> | ||
38 | #include <linux/wait.h> | ||
39 | #include <net/sock.h> | ||
40 | |||
41 | #include <linux/isdn/capilli.h> | ||
42 | #include <linux/isdn/capicmd.h> | ||
43 | #include <linux/isdn/capiutil.h> | ||
44 | |||
45 | #include "cmtp.h" | ||
46 | |||
47 | #ifndef CONFIG_BT_CMTP_DEBUG | ||
48 | #undef BT_DBG | ||
49 | #define BT_DBG(D...) | ||
50 | #endif | ||
51 | |||
52 | #define CAPI_INTEROPERABILITY 0x20 | ||
53 | |||
54 | #define CAPI_INTEROPERABILITY_REQ CAPICMD(CAPI_INTEROPERABILITY, CAPI_REQ) | ||
55 | #define CAPI_INTEROPERABILITY_CONF CAPICMD(CAPI_INTEROPERABILITY, CAPI_CONF) | ||
56 | #define CAPI_INTEROPERABILITY_IND CAPICMD(CAPI_INTEROPERABILITY, CAPI_IND) | ||
57 | #define CAPI_INTEROPERABILITY_RESP CAPICMD(CAPI_INTEROPERABILITY, CAPI_RESP) | ||
58 | |||
59 | #define CAPI_INTEROPERABILITY_REQ_LEN (CAPI_MSG_BASELEN + 2) | ||
60 | #define CAPI_INTEROPERABILITY_CONF_LEN (CAPI_MSG_BASELEN + 4) | ||
61 | #define CAPI_INTEROPERABILITY_IND_LEN (CAPI_MSG_BASELEN + 2) | ||
62 | #define CAPI_INTEROPERABILITY_RESP_LEN (CAPI_MSG_BASELEN + 2) | ||
63 | |||
64 | #define CAPI_FUNCTION_REGISTER 0 | ||
65 | #define CAPI_FUNCTION_RELEASE 1 | ||
66 | #define CAPI_FUNCTION_GET_PROFILE 2 | ||
67 | #define CAPI_FUNCTION_GET_MANUFACTURER 3 | ||
68 | #define CAPI_FUNCTION_GET_VERSION 4 | ||
69 | #define CAPI_FUNCTION_GET_SERIAL_NUMBER 5 | ||
70 | #define CAPI_FUNCTION_MANUFACTURER 6 | ||
71 | #define CAPI_FUNCTION_LOOPBACK 7 | ||
72 | |||
73 | |||
74 | #define CMTP_MSGNUM 1 | ||
75 | #define CMTP_APPLID 2 | ||
76 | #define CMTP_MAPPING 3 | ||
77 | |||
78 | static struct cmtp_application *cmtp_application_add(struct cmtp_session *session, __u16 appl) | ||
79 | { | ||
80 | struct cmtp_application *app = kmalloc(sizeof(*app), GFP_KERNEL); | ||
81 | |||
82 | BT_DBG("session %p application %p appl %d", session, app, appl); | ||
83 | |||
84 | if (!app) | ||
85 | return NULL; | ||
86 | |||
87 | memset(app, 0, sizeof(*app)); | ||
88 | |||
89 | app->state = BT_OPEN; | ||
90 | app->appl = appl; | ||
91 | |||
92 | list_add_tail(&app->list, &session->applications); | ||
93 | |||
94 | return app; | ||
95 | } | ||
96 | |||
97 | static void cmtp_application_del(struct cmtp_session *session, struct cmtp_application *app) | ||
98 | { | ||
99 | BT_DBG("session %p application %p", session, app); | ||
100 | |||
101 | if (app) { | ||
102 | list_del(&app->list); | ||
103 | kfree(app); | ||
104 | } | ||
105 | } | ||
106 | |||
107 | static struct cmtp_application *cmtp_application_get(struct cmtp_session *session, int pattern, __u16 value) | ||
108 | { | ||
109 | struct cmtp_application *app; | ||
110 | struct list_head *p, *n; | ||
111 | |||
112 | list_for_each_safe(p, n, &session->applications) { | ||
113 | app = list_entry(p, struct cmtp_application, list); | ||
114 | switch (pattern) { | ||
115 | case CMTP_MSGNUM: | ||
116 | if (app->msgnum == value) | ||
117 | return app; | ||
118 | break; | ||
119 | case CMTP_APPLID: | ||
120 | if (app->appl == value) | ||
121 | return app; | ||
122 | break; | ||
123 | case CMTP_MAPPING: | ||
124 | if (app->mapping == value) | ||
125 | return app; | ||
126 | break; | ||
127 | } | ||
128 | } | ||
129 | |||
130 | return NULL; | ||
131 | } | ||
132 | |||
133 | static int cmtp_msgnum_get(struct cmtp_session *session) | ||
134 | { | ||
135 | session->msgnum++; | ||
136 | |||
137 | if ((session->msgnum & 0xff) > 200) | ||
138 | session->msgnum = CMTP_INITIAL_MSGNUM + 1; | ||
139 | |||
140 | return session->msgnum; | ||
141 | } | ||
142 | |||
143 | static void cmtp_send_capimsg(struct cmtp_session *session, struct sk_buff *skb) | ||
144 | { | ||
145 | struct cmtp_scb *scb = (void *) skb->cb; | ||
146 | |||
147 | BT_DBG("session %p skb %p len %d", session, skb, skb->len); | ||
148 | |||
149 | scb->id = -1; | ||
150 | scb->data = (CAPIMSG_COMMAND(skb->data) == CAPI_DATA_B3); | ||
151 | |||
152 | skb_queue_tail(&session->transmit, skb); | ||
153 | |||
154 | cmtp_schedule(session); | ||
155 | } | ||
156 | |||
157 | static void cmtp_send_interopmsg(struct cmtp_session *session, | ||
158 | __u8 subcmd, __u16 appl, __u16 msgnum, | ||
159 | __u16 function, unsigned char *buf, int len) | ||
160 | { | ||
161 | struct sk_buff *skb; | ||
162 | unsigned char *s; | ||
163 | |||
164 | BT_DBG("session %p subcmd 0x%02x appl %d msgnum %d", session, subcmd, appl, msgnum); | ||
165 | |||
166 | if (!(skb = alloc_skb(CAPI_MSG_BASELEN + 6 + len, GFP_ATOMIC))) { | ||
167 | BT_ERR("Can't allocate memory for interoperability packet"); | ||
168 | return; | ||
169 | } | ||
170 | |||
171 | s = skb_put(skb, CAPI_MSG_BASELEN + 6 + len); | ||
172 | |||
173 | capimsg_setu16(s, 0, CAPI_MSG_BASELEN + 6 + len); | ||
174 | capimsg_setu16(s, 2, appl); | ||
175 | capimsg_setu8 (s, 4, CAPI_INTEROPERABILITY); | ||
176 | capimsg_setu8 (s, 5, subcmd); | ||
177 | capimsg_setu16(s, 6, msgnum); | ||
178 | |||
179 | /* Interoperability selector (Bluetooth Device Management) */ | ||
180 | capimsg_setu16(s, 8, 0x0001); | ||
181 | |||
182 | capimsg_setu8 (s, 10, 3 + len); | ||
183 | capimsg_setu16(s, 11, function); | ||
184 | capimsg_setu8 (s, 13, len); | ||
185 | |||
186 | if (len > 0) | ||
187 | memcpy(s + 14, buf, len); | ||
188 | |||
189 | cmtp_send_capimsg(session, skb); | ||
190 | } | ||
191 | |||
192 | static void cmtp_recv_interopmsg(struct cmtp_session *session, struct sk_buff *skb) | ||
193 | { | ||
194 | struct capi_ctr *ctrl = &session->ctrl; | ||
195 | struct cmtp_application *application; | ||
196 | __u16 appl, msgnum, func, info; | ||
197 | __u32 controller; | ||
198 | |||
199 | BT_DBG("session %p skb %p len %d", session, skb, skb->len); | ||
200 | |||
201 | switch (CAPIMSG_SUBCOMMAND(skb->data)) { | ||
202 | case CAPI_CONF: | ||
203 | func = CAPIMSG_U16(skb->data, CAPI_MSG_BASELEN + 5); | ||
204 | info = CAPIMSG_U16(skb->data, CAPI_MSG_BASELEN + 8); | ||
205 | |||
206 | switch (func) { | ||
207 | case CAPI_FUNCTION_REGISTER: | ||
208 | msgnum = CAPIMSG_MSGID(skb->data); | ||
209 | |||
210 | application = cmtp_application_get(session, CMTP_MSGNUM, msgnum); | ||
211 | if (application) { | ||
212 | application->state = BT_CONNECTED; | ||
213 | application->msgnum = 0; | ||
214 | application->mapping = CAPIMSG_APPID(skb->data); | ||
215 | wake_up_interruptible(&session->wait); | ||
216 | } | ||
217 | |||
218 | break; | ||
219 | |||
220 | case CAPI_FUNCTION_RELEASE: | ||
221 | appl = CAPIMSG_APPID(skb->data); | ||
222 | |||
223 | application = cmtp_application_get(session, CMTP_MAPPING, appl); | ||
224 | if (application) { | ||
225 | application->state = BT_CLOSED; | ||
226 | application->msgnum = 0; | ||
227 | wake_up_interruptible(&session->wait); | ||
228 | } | ||
229 | |||
230 | break; | ||
231 | |||
232 | case CAPI_FUNCTION_GET_PROFILE: | ||
233 | controller = CAPIMSG_U16(skb->data, CAPI_MSG_BASELEN + 11); | ||
234 | msgnum = CAPIMSG_MSGID(skb->data); | ||
235 | |||
236 | if (!info && (msgnum == CMTP_INITIAL_MSGNUM)) { | ||
237 | session->ncontroller = controller; | ||
238 | wake_up_interruptible(&session->wait); | ||
239 | break; | ||
240 | } | ||
241 | |||
242 | if (!info && ctrl) { | ||
243 | memcpy(&ctrl->profile, | ||
244 | skb->data + CAPI_MSG_BASELEN + 11, | ||
245 | sizeof(capi_profile)); | ||
246 | session->state = BT_CONNECTED; | ||
247 | capi_ctr_ready(ctrl); | ||
248 | } | ||
249 | |||
250 | break; | ||
251 | |||
252 | case CAPI_FUNCTION_GET_MANUFACTURER: | ||
253 | controller = CAPIMSG_U32(skb->data, CAPI_MSG_BASELEN + 10); | ||
254 | |||
255 | if (!info && ctrl) { | ||
256 | strncpy(ctrl->manu, | ||
257 | skb->data + CAPI_MSG_BASELEN + 15, | ||
258 | skb->data[CAPI_MSG_BASELEN + 14]); | ||
259 | } | ||
260 | |||
261 | break; | ||
262 | |||
263 | case CAPI_FUNCTION_GET_VERSION: | ||
264 | controller = CAPIMSG_U32(skb->data, CAPI_MSG_BASELEN + 12); | ||
265 | |||
266 | if (!info && ctrl) { | ||
267 | ctrl->version.majorversion = CAPIMSG_U32(skb->data, CAPI_MSG_BASELEN + 16); | ||
268 | ctrl->version.minorversion = CAPIMSG_U32(skb->data, CAPI_MSG_BASELEN + 20); | ||
269 | ctrl->version.majormanuversion = CAPIMSG_U32(skb->data, CAPI_MSG_BASELEN + 24); | ||
270 | ctrl->version.minormanuversion = CAPIMSG_U32(skb->data, CAPI_MSG_BASELEN + 28); | ||
271 | } | ||
272 | |||
273 | break; | ||
274 | |||
275 | case CAPI_FUNCTION_GET_SERIAL_NUMBER: | ||
276 | controller = CAPIMSG_U32(skb->data, CAPI_MSG_BASELEN + 12); | ||
277 | |||
278 | if (!info && ctrl) { | ||
279 | memset(ctrl->serial, 0, CAPI_SERIAL_LEN); | ||
280 | strncpy(ctrl->serial, | ||
281 | skb->data + CAPI_MSG_BASELEN + 17, | ||
282 | skb->data[CAPI_MSG_BASELEN + 16]); | ||
283 | } | ||
284 | |||
285 | break; | ||
286 | } | ||
287 | |||
288 | break; | ||
289 | |||
290 | case CAPI_IND: | ||
291 | func = CAPIMSG_U16(skb->data, CAPI_MSG_BASELEN + 3); | ||
292 | |||
293 | if (func == CAPI_FUNCTION_LOOPBACK) { | ||
294 | appl = CAPIMSG_APPID(skb->data); | ||
295 | msgnum = CAPIMSG_MSGID(skb->data); | ||
296 | cmtp_send_interopmsg(session, CAPI_RESP, appl, msgnum, func, | ||
297 | skb->data + CAPI_MSG_BASELEN + 6, | ||
298 | skb->data[CAPI_MSG_BASELEN + 5]); | ||
299 | } | ||
300 | |||
301 | break; | ||
302 | } | ||
303 | |||
304 | kfree_skb(skb); | ||
305 | } | ||
306 | |||
307 | void cmtp_recv_capimsg(struct cmtp_session *session, struct sk_buff *skb) | ||
308 | { | ||
309 | struct capi_ctr *ctrl = &session->ctrl; | ||
310 | struct cmtp_application *application; | ||
311 | __u16 cmd, appl; | ||
312 | __u32 contr; | ||
313 | |||
314 | BT_DBG("session %p skb %p len %d", session, skb, skb->len); | ||
315 | |||
316 | if (CAPIMSG_COMMAND(skb->data) == CAPI_INTEROPERABILITY) { | ||
317 | cmtp_recv_interopmsg(session, skb); | ||
318 | return; | ||
319 | } | ||
320 | |||
321 | if (session->flags & (1 << CMTP_LOOPBACK)) { | ||
322 | kfree_skb(skb); | ||
323 | return; | ||
324 | } | ||
325 | |||
326 | cmd = CAPICMD(CAPIMSG_COMMAND(skb->data), CAPIMSG_SUBCOMMAND(skb->data)); | ||
327 | appl = CAPIMSG_APPID(skb->data); | ||
328 | contr = CAPIMSG_CONTROL(skb->data); | ||
329 | |||
330 | application = cmtp_application_get(session, CMTP_MAPPING, appl); | ||
331 | if (application) { | ||
332 | appl = application->appl; | ||
333 | CAPIMSG_SETAPPID(skb->data, appl); | ||
334 | } else { | ||
335 | BT_ERR("Can't find application with id %d", appl); | ||
336 | kfree_skb(skb); | ||
337 | return; | ||
338 | } | ||
339 | |||
340 | if ((contr & 0x7f) == 0x01) { | ||
341 | contr = (contr & 0xffffff80) | session->num; | ||
342 | CAPIMSG_SETCONTROL(skb->data, contr); | ||
343 | } | ||
344 | |||
345 | if (!ctrl) { | ||
346 | BT_ERR("Can't find controller %d for message", session->num); | ||
347 | kfree_skb(skb); | ||
348 | return; | ||
349 | } | ||
350 | |||
351 | capi_ctr_handle_message(ctrl, appl, skb); | ||
352 | } | ||
353 | |||
354 | static int cmtp_load_firmware(struct capi_ctr *ctrl, capiloaddata *data) | ||
355 | { | ||
356 | BT_DBG("ctrl %p data %p", ctrl, data); | ||
357 | |||
358 | return 0; | ||
359 | } | ||
360 | |||
361 | static void cmtp_reset_ctr(struct capi_ctr *ctrl) | ||
362 | { | ||
363 | struct cmtp_session *session = ctrl->driverdata; | ||
364 | |||
365 | BT_DBG("ctrl %p", ctrl); | ||
366 | |||
367 | capi_ctr_reseted(ctrl); | ||
368 | |||
369 | atomic_inc(&session->terminate); | ||
370 | cmtp_schedule(session); | ||
371 | } | ||
372 | |||
373 | static void cmtp_register_appl(struct capi_ctr *ctrl, __u16 appl, capi_register_params *rp) | ||
374 | { | ||
375 | DECLARE_WAITQUEUE(wait, current); | ||
376 | struct cmtp_session *session = ctrl->driverdata; | ||
377 | struct cmtp_application *application; | ||
378 | unsigned long timeo = CMTP_INTEROP_TIMEOUT; | ||
379 | unsigned char buf[8]; | ||
380 | int err = 0, nconn, want = rp->level3cnt; | ||
381 | |||
382 | BT_DBG("ctrl %p appl %d level3cnt %d datablkcnt %d datablklen %d", | ||
383 | ctrl, appl, rp->level3cnt, rp->datablkcnt, rp->datablklen); | ||
384 | |||
385 | application = cmtp_application_add(session, appl); | ||
386 | if (!application) { | ||
387 | BT_ERR("Can't allocate memory for new application"); | ||
388 | return; | ||
389 | } | ||
390 | |||
391 | if (want < 0) | ||
392 | nconn = ctrl->profile.nbchannel * -want; | ||
393 | else | ||
394 | nconn = want; | ||
395 | |||
396 | if (nconn == 0) | ||
397 | nconn = ctrl->profile.nbchannel; | ||
398 | |||
399 | capimsg_setu16(buf, 0, nconn); | ||
400 | capimsg_setu16(buf, 2, rp->datablkcnt); | ||
401 | capimsg_setu16(buf, 4, rp->datablklen); | ||
402 | |||
403 | application->state = BT_CONFIG; | ||
404 | application->msgnum = cmtp_msgnum_get(session); | ||
405 | |||
406 | cmtp_send_interopmsg(session, CAPI_REQ, 0x0000, application->msgnum, | ||
407 | CAPI_FUNCTION_REGISTER, buf, 6); | ||
408 | |||
409 | add_wait_queue(&session->wait, &wait); | ||
410 | while (1) { | ||
411 | set_current_state(TASK_INTERRUPTIBLE); | ||
412 | |||
413 | if (!timeo) { | ||
414 | err = -EAGAIN; | ||
415 | break; | ||
416 | } | ||
417 | |||
418 | if (application->state == BT_CLOSED) { | ||
419 | err = -application->err; | ||
420 | break; | ||
421 | } | ||
422 | |||
423 | if (application->state == BT_CONNECTED) | ||
424 | break; | ||
425 | |||
426 | if (signal_pending(current)) { | ||
427 | err = -EINTR; | ||
428 | break; | ||
429 | } | ||
430 | |||
431 | timeo = schedule_timeout(timeo); | ||
432 | } | ||
433 | set_current_state(TASK_RUNNING); | ||
434 | remove_wait_queue(&session->wait, &wait); | ||
435 | |||
436 | if (err) { | ||
437 | cmtp_application_del(session, application); | ||
438 | return; | ||
439 | } | ||
440 | } | ||
441 | |||
442 | static void cmtp_release_appl(struct capi_ctr *ctrl, __u16 appl) | ||
443 | { | ||
444 | struct cmtp_session *session = ctrl->driverdata; | ||
445 | struct cmtp_application *application; | ||
446 | |||
447 | BT_DBG("ctrl %p appl %d", ctrl, appl); | ||
448 | |||
449 | application = cmtp_application_get(session, CMTP_APPLID, appl); | ||
450 | if (!application) { | ||
451 | BT_ERR("Can't find application"); | ||
452 | return; | ||
453 | } | ||
454 | |||
455 | application->msgnum = cmtp_msgnum_get(session); | ||
456 | |||
457 | cmtp_send_interopmsg(session, CAPI_REQ, application->mapping, application->msgnum, | ||
458 | CAPI_FUNCTION_RELEASE, NULL, 0); | ||
459 | |||
460 | wait_event_interruptible_timeout(session->wait, | ||
461 | (application->state == BT_CLOSED), CMTP_INTEROP_TIMEOUT); | ||
462 | |||
463 | cmtp_application_del(session, application); | ||
464 | } | ||
465 | |||
466 | static u16 cmtp_send_message(struct capi_ctr *ctrl, struct sk_buff *skb) | ||
467 | { | ||
468 | struct cmtp_session *session = ctrl->driverdata; | ||
469 | struct cmtp_application *application; | ||
470 | __u16 appl; | ||
471 | __u32 contr; | ||
472 | |||
473 | BT_DBG("ctrl %p skb %p", ctrl, skb); | ||
474 | |||
475 | appl = CAPIMSG_APPID(skb->data); | ||
476 | contr = CAPIMSG_CONTROL(skb->data); | ||
477 | |||
478 | application = cmtp_application_get(session, CMTP_APPLID, appl); | ||
479 | if ((!application) || (application->state != BT_CONNECTED)) { | ||
480 | BT_ERR("Can't find application with id %d", appl); | ||
481 | return CAPI_ILLAPPNR; | ||
482 | } | ||
483 | |||
484 | CAPIMSG_SETAPPID(skb->data, application->mapping); | ||
485 | |||
486 | if ((contr & 0x7f) == session->num) { | ||
487 | contr = (contr & 0xffffff80) | 0x01; | ||
488 | CAPIMSG_SETCONTROL(skb->data, contr); | ||
489 | } | ||
490 | |||
491 | cmtp_send_capimsg(session, skb); | ||
492 | |||
493 | return CAPI_NOERROR; | ||
494 | } | ||
495 | |||
496 | static char *cmtp_procinfo(struct capi_ctr *ctrl) | ||
497 | { | ||
498 | return "CAPI Message Transport Protocol"; | ||
499 | } | ||
500 | |||
501 | static int cmtp_ctr_read_proc(char *page, char **start, off_t off, int count, int *eof, struct capi_ctr *ctrl) | ||
502 | { | ||
503 | struct cmtp_session *session = ctrl->driverdata; | ||
504 | struct cmtp_application *app; | ||
505 | struct list_head *p, *n; | ||
506 | int len = 0; | ||
507 | |||
508 | len += sprintf(page + len, "%s\n\n", cmtp_procinfo(ctrl)); | ||
509 | len += sprintf(page + len, "addr %s\n", session->name); | ||
510 | len += sprintf(page + len, "ctrl %d\n", session->num); | ||
511 | |||
512 | list_for_each_safe(p, n, &session->applications) { | ||
513 | app = list_entry(p, struct cmtp_application, list); | ||
514 | len += sprintf(page + len, "appl %d -> %d\n", app->appl, app->mapping); | ||
515 | } | ||
516 | |||
517 | if (off + count >= len) | ||
518 | *eof = 1; | ||
519 | |||
520 | if (len < off) | ||
521 | return 0; | ||
522 | |||
523 | *start = page + off; | ||
524 | |||
525 | return ((count < len - off) ? count : len - off); | ||
526 | } | ||
527 | |||
528 | |||
529 | int cmtp_attach_device(struct cmtp_session *session) | ||
530 | { | ||
531 | unsigned char buf[4]; | ||
532 | long ret; | ||
533 | |||
534 | BT_DBG("session %p", session); | ||
535 | |||
536 | capimsg_setu32(buf, 0, 0); | ||
537 | |||
538 | cmtp_send_interopmsg(session, CAPI_REQ, 0xffff, CMTP_INITIAL_MSGNUM, | ||
539 | CAPI_FUNCTION_GET_PROFILE, buf, 4); | ||
540 | |||
541 | ret = wait_event_interruptible_timeout(session->wait, | ||
542 | session->ncontroller, CMTP_INTEROP_TIMEOUT); | ||
543 | |||
544 | BT_INFO("Found %d CAPI controller(s) on device %s", session->ncontroller, session->name); | ||
545 | |||
546 | if (!ret) | ||
547 | return -ETIMEDOUT; | ||
548 | |||
549 | if (!session->ncontroller) | ||
550 | return -ENODEV; | ||
551 | |||
552 | if (session->ncontroller > 1) | ||
553 | BT_INFO("Setting up only CAPI controller 1"); | ||
554 | |||
555 | session->ctrl.owner = THIS_MODULE; | ||
556 | session->ctrl.driverdata = session; | ||
557 | strcpy(session->ctrl.name, session->name); | ||
558 | |||
559 | session->ctrl.driver_name = "cmtp"; | ||
560 | session->ctrl.load_firmware = cmtp_load_firmware; | ||
561 | session->ctrl.reset_ctr = cmtp_reset_ctr; | ||
562 | session->ctrl.register_appl = cmtp_register_appl; | ||
563 | session->ctrl.release_appl = cmtp_release_appl; | ||
564 | session->ctrl.send_message = cmtp_send_message; | ||
565 | |||
566 | session->ctrl.procinfo = cmtp_procinfo; | ||
567 | session->ctrl.ctr_read_proc = cmtp_ctr_read_proc; | ||
568 | |||
569 | if (attach_capi_ctr(&session->ctrl) < 0) { | ||
570 | BT_ERR("Can't attach new controller"); | ||
571 | return -EBUSY; | ||
572 | } | ||
573 | |||
574 | session->num = session->ctrl.cnr; | ||
575 | |||
576 | BT_DBG("session %p num %d", session, session->num); | ||
577 | |||
578 | capimsg_setu32(buf, 0, 1); | ||
579 | |||
580 | cmtp_send_interopmsg(session, CAPI_REQ, 0xffff, cmtp_msgnum_get(session), | ||
581 | CAPI_FUNCTION_GET_MANUFACTURER, buf, 4); | ||
582 | |||
583 | cmtp_send_interopmsg(session, CAPI_REQ, 0xffff, cmtp_msgnum_get(session), | ||
584 | CAPI_FUNCTION_GET_VERSION, buf, 4); | ||
585 | |||
586 | cmtp_send_interopmsg(session, CAPI_REQ, 0xffff, cmtp_msgnum_get(session), | ||
587 | CAPI_FUNCTION_GET_SERIAL_NUMBER, buf, 4); | ||
588 | |||
589 | cmtp_send_interopmsg(session, CAPI_REQ, 0xffff, cmtp_msgnum_get(session), | ||
590 | CAPI_FUNCTION_GET_PROFILE, buf, 4); | ||
591 | |||
592 | return 0; | ||
593 | } | ||
594 | |||
595 | void cmtp_detach_device(struct cmtp_session *session) | ||
596 | { | ||
597 | BT_DBG("session %p", session); | ||
598 | |||
599 | detach_capi_ctr(&session->ctrl); | ||
600 | } | ||
diff --git a/net/bluetooth/cmtp/cmtp.h b/net/bluetooth/cmtp/cmtp.h new file mode 100644 index 00000000000..40e3dfec0cc --- /dev/null +++ b/net/bluetooth/cmtp/cmtp.h | |||
@@ -0,0 +1,135 @@ | |||
1 | /* | ||
2 | CMTP implementation for Linux Bluetooth stack (BlueZ). | ||
3 | Copyright (C) 2002-2003 Marcel Holtmann <marcel@holtmann.org> | ||
4 | |||
5 | This program is free software; you can redistribute it and/or modify | ||
6 | it under the terms of the GNU General Public License version 2 as | ||
7 | published by the Free Software Foundation; | ||
8 | |||
9 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS | ||
10 | OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | ||
11 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. | ||
12 | IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY | ||
13 | CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES | ||
14 | WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | ||
15 | ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | ||
16 | OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | ||
17 | |||
18 | ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, | ||
19 | COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS | ||
20 | SOFTWARE IS DISCLAIMED. | ||
21 | */ | ||
22 | |||
23 | #ifndef __CMTP_H | ||
24 | #define __CMTP_H | ||
25 | |||
26 | #include <linux/types.h> | ||
27 | #include <net/bluetooth/bluetooth.h> | ||
28 | |||
29 | #define BTNAMSIZ 18 | ||
30 | |||
31 | /* CMTP ioctl defines */ | ||
32 | #define CMTPCONNADD _IOW('C', 200, int) | ||
33 | #define CMTPCONNDEL _IOW('C', 201, int) | ||
34 | #define CMTPGETCONNLIST _IOR('C', 210, int) | ||
35 | #define CMTPGETCONNINFO _IOR('C', 211, int) | ||
36 | |||
37 | #define CMTP_LOOPBACK 0 | ||
38 | |||
39 | struct cmtp_connadd_req { | ||
40 | int sock; // Connected socket | ||
41 | __u32 flags; | ||
42 | }; | ||
43 | |||
44 | struct cmtp_conndel_req { | ||
45 | bdaddr_t bdaddr; | ||
46 | __u32 flags; | ||
47 | }; | ||
48 | |||
49 | struct cmtp_conninfo { | ||
50 | bdaddr_t bdaddr; | ||
51 | __u32 flags; | ||
52 | __u16 state; | ||
53 | int num; | ||
54 | }; | ||
55 | |||
56 | struct cmtp_connlist_req { | ||
57 | __u32 cnum; | ||
58 | struct cmtp_conninfo __user *ci; | ||
59 | }; | ||
60 | |||
61 | int cmtp_add_connection(struct cmtp_connadd_req *req, struct socket *sock); | ||
62 | int cmtp_del_connection(struct cmtp_conndel_req *req); | ||
63 | int cmtp_get_connlist(struct cmtp_connlist_req *req); | ||
64 | int cmtp_get_conninfo(struct cmtp_conninfo *ci); | ||
65 | |||
66 | /* CMTP session defines */ | ||
67 | #define CMTP_INTEROP_TIMEOUT (HZ * 5) | ||
68 | #define CMTP_INITIAL_MSGNUM 0xff00 | ||
69 | |||
70 | struct cmtp_session { | ||
71 | struct list_head list; | ||
72 | |||
73 | struct socket *sock; | ||
74 | |||
75 | bdaddr_t bdaddr; | ||
76 | |||
77 | unsigned long state; | ||
78 | unsigned long flags; | ||
79 | |||
80 | uint mtu; | ||
81 | |||
82 | char name[BTNAMSIZ]; | ||
83 | |||
84 | atomic_t terminate; | ||
85 | |||
86 | wait_queue_head_t wait; | ||
87 | |||
88 | int ncontroller; | ||
89 | int num; | ||
90 | struct capi_ctr ctrl; | ||
91 | |||
92 | struct list_head applications; | ||
93 | |||
94 | unsigned long blockids; | ||
95 | int msgnum; | ||
96 | |||
97 | struct sk_buff_head transmit; | ||
98 | |||
99 | struct sk_buff *reassembly[16]; | ||
100 | }; | ||
101 | |||
102 | struct cmtp_application { | ||
103 | struct list_head list; | ||
104 | |||
105 | unsigned long state; | ||
106 | int err; | ||
107 | |||
108 | __u16 appl; | ||
109 | __u16 mapping; | ||
110 | |||
111 | __u16 msgnum; | ||
112 | }; | ||
113 | |||
114 | struct cmtp_scb { | ||
115 | int id; | ||
116 | int data; | ||
117 | }; | ||
118 | |||
119 | int cmtp_attach_device(struct cmtp_session *session); | ||
120 | void cmtp_detach_device(struct cmtp_session *session); | ||
121 | |||
122 | void cmtp_recv_capimsg(struct cmtp_session *session, struct sk_buff *skb); | ||
123 | |||
124 | static inline void cmtp_schedule(struct cmtp_session *session) | ||
125 | { | ||
126 | struct sock *sk = session->sock->sk; | ||
127 | |||
128 | wake_up_interruptible(sk->sk_sleep); | ||
129 | } | ||
130 | |||
131 | /* CMTP init defines */ | ||
132 | int cmtp_init_sockets(void); | ||
133 | void cmtp_cleanup_sockets(void); | ||
134 | |||
135 | #endif /* __CMTP_H */ | ||
diff --git a/net/bluetooth/cmtp/core.c b/net/bluetooth/cmtp/core.c new file mode 100644 index 00000000000..20ce04f2be8 --- /dev/null +++ b/net/bluetooth/cmtp/core.c | |||
@@ -0,0 +1,504 @@ | |||
1 | /* | ||
2 | CMTP implementation for Linux Bluetooth stack (BlueZ). | ||
3 | Copyright (C) 2002-2003 Marcel Holtmann <marcel@holtmann.org> | ||
4 | |||
5 | This program is free software; you can redistribute it and/or modify | ||
6 | it under the terms of the GNU General Public License version 2 as | ||
7 | published by the Free Software Foundation; | ||
8 | |||
9 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS | ||
10 | OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | ||
11 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. | ||
12 | IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY | ||
13 | CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES | ||
14 | WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | ||
15 | ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | ||
16 | OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | ||
17 | |||
18 | ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, | ||
19 | COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS | ||
20 | SOFTWARE IS DISCLAIMED. | ||
21 | */ | ||
22 | |||
23 | #include <linux/config.h> | ||
24 | #include <linux/module.h> | ||
25 | |||
26 | #include <linux/types.h> | ||
27 | #include <linux/errno.h> | ||
28 | #include <linux/kernel.h> | ||
29 | #include <linux/major.h> | ||
30 | #include <linux/sched.h> | ||
31 | #include <linux/slab.h> | ||
32 | #include <linux/poll.h> | ||
33 | #include <linux/fcntl.h> | ||
34 | #include <linux/skbuff.h> | ||
35 | #include <linux/socket.h> | ||
36 | #include <linux/ioctl.h> | ||
37 | #include <linux/file.h> | ||
38 | #include <linux/init.h> | ||
39 | #include <net/sock.h> | ||
40 | |||
41 | #include <linux/isdn/capilli.h> | ||
42 | |||
43 | #include <net/bluetooth/bluetooth.h> | ||
44 | #include <net/bluetooth/l2cap.h> | ||
45 | |||
46 | #include "cmtp.h" | ||
47 | |||
48 | #ifndef CONFIG_BT_CMTP_DEBUG | ||
49 | #undef BT_DBG | ||
50 | #define BT_DBG(D...) | ||
51 | #endif | ||
52 | |||
53 | #define VERSION "1.0" | ||
54 | |||
55 | static DECLARE_RWSEM(cmtp_session_sem); | ||
56 | static LIST_HEAD(cmtp_session_list); | ||
57 | |||
58 | static struct cmtp_session *__cmtp_get_session(bdaddr_t *bdaddr) | ||
59 | { | ||
60 | struct cmtp_session *session; | ||
61 | struct list_head *p; | ||
62 | |||
63 | BT_DBG(""); | ||
64 | |||
65 | list_for_each(p, &cmtp_session_list) { | ||
66 | session = list_entry(p, struct cmtp_session, list); | ||
67 | if (!bacmp(bdaddr, &session->bdaddr)) | ||
68 | return session; | ||
69 | } | ||
70 | return NULL; | ||
71 | } | ||
72 | |||
73 | static void __cmtp_link_session(struct cmtp_session *session) | ||
74 | { | ||
75 | __module_get(THIS_MODULE); | ||
76 | list_add(&session->list, &cmtp_session_list); | ||
77 | } | ||
78 | |||
79 | static void __cmtp_unlink_session(struct cmtp_session *session) | ||
80 | { | ||
81 | list_del(&session->list); | ||
82 | module_put(THIS_MODULE); | ||
83 | } | ||
84 | |||
85 | static void __cmtp_copy_session(struct cmtp_session *session, struct cmtp_conninfo *ci) | ||
86 | { | ||
87 | bacpy(&ci->bdaddr, &session->bdaddr); | ||
88 | |||
89 | ci->flags = session->flags; | ||
90 | ci->state = session->state; | ||
91 | |||
92 | ci->num = session->num; | ||
93 | } | ||
94 | |||
95 | |||
96 | static inline int cmtp_alloc_block_id(struct cmtp_session *session) | ||
97 | { | ||
98 | int i, id = -1; | ||
99 | |||
100 | for (i = 0; i < 16; i++) | ||
101 | if (!test_and_set_bit(i, &session->blockids)) { | ||
102 | id = i; | ||
103 | break; | ||
104 | } | ||
105 | |||
106 | return id; | ||
107 | } | ||
108 | |||
109 | static inline void cmtp_free_block_id(struct cmtp_session *session, int id) | ||
110 | { | ||
111 | clear_bit(id, &session->blockids); | ||
112 | } | ||
113 | |||
114 | static inline void cmtp_add_msgpart(struct cmtp_session *session, int id, const unsigned char *buf, int count) | ||
115 | { | ||
116 | struct sk_buff *skb = session->reassembly[id], *nskb; | ||
117 | int size; | ||
118 | |||
119 | BT_DBG("session %p buf %p count %d", session, buf, count); | ||
120 | |||
121 | size = (skb) ? skb->len + count : count; | ||
122 | |||
123 | if (!(nskb = alloc_skb(size, GFP_ATOMIC))) { | ||
124 | BT_ERR("Can't allocate memory for CAPI message"); | ||
125 | return; | ||
126 | } | ||
127 | |||
128 | if (skb && (skb->len > 0)) | ||
129 | memcpy(skb_put(nskb, skb->len), skb->data, skb->len); | ||
130 | |||
131 | memcpy(skb_put(nskb, count), buf, count); | ||
132 | |||
133 | session->reassembly[id] = nskb; | ||
134 | |||
135 | if (skb) | ||
136 | kfree_skb(skb); | ||
137 | } | ||
138 | |||
139 | static inline int cmtp_recv_frame(struct cmtp_session *session, struct sk_buff *skb) | ||
140 | { | ||
141 | __u8 hdr, hdrlen, id; | ||
142 | __u16 len; | ||
143 | |||
144 | BT_DBG("session %p skb %p len %d", session, skb, skb->len); | ||
145 | |||
146 | while (skb->len > 0) { | ||
147 | hdr = skb->data[0]; | ||
148 | |||
149 | switch (hdr & 0xc0) { | ||
150 | case 0x40: | ||
151 | hdrlen = 2; | ||
152 | len = skb->data[1]; | ||
153 | break; | ||
154 | case 0x80: | ||
155 | hdrlen = 3; | ||
156 | len = skb->data[1] | (skb->data[2] << 8); | ||
157 | break; | ||
158 | default: | ||
159 | hdrlen = 1; | ||
160 | len = 0; | ||
161 | break; | ||
162 | } | ||
163 | |||
164 | id = (hdr & 0x3c) >> 2; | ||
165 | |||
166 | BT_DBG("hdr 0x%02x hdrlen %d len %d id %d", hdr, hdrlen, len, id); | ||
167 | |||
168 | if (hdrlen + len > skb->len) { | ||
169 | BT_ERR("Wrong size or header information in CMTP frame"); | ||
170 | break; | ||
171 | } | ||
172 | |||
173 | if (len == 0) { | ||
174 | skb_pull(skb, hdrlen); | ||
175 | continue; | ||
176 | } | ||
177 | |||
178 | switch (hdr & 0x03) { | ||
179 | case 0x00: | ||
180 | cmtp_add_msgpart(session, id, skb->data + hdrlen, len); | ||
181 | cmtp_recv_capimsg(session, session->reassembly[id]); | ||
182 | session->reassembly[id] = NULL; | ||
183 | break; | ||
184 | case 0x01: | ||
185 | cmtp_add_msgpart(session, id, skb->data + hdrlen, len); | ||
186 | break; | ||
187 | default: | ||
188 | if (session->reassembly[id] != NULL) | ||
189 | kfree_skb(session->reassembly[id]); | ||
190 | session->reassembly[id] = NULL; | ||
191 | break; | ||
192 | } | ||
193 | |||
194 | skb_pull(skb, hdrlen + len); | ||
195 | } | ||
196 | |||
197 | kfree_skb(skb); | ||
198 | return 0; | ||
199 | } | ||
200 | |||
201 | static int cmtp_send_frame(struct cmtp_session *session, unsigned char *data, int len) | ||
202 | { | ||
203 | struct socket *sock = session->sock; | ||
204 | struct kvec iv = { data, len }; | ||
205 | struct msghdr msg; | ||
206 | |||
207 | BT_DBG("session %p data %p len %d", session, data, len); | ||
208 | |||
209 | if (!len) | ||
210 | return 0; | ||
211 | |||
212 | memset(&msg, 0, sizeof(msg)); | ||
213 | |||
214 | return kernel_sendmsg(sock, &msg, &iv, 1, len); | ||
215 | } | ||
216 | |||
217 | static int cmtp_process_transmit(struct cmtp_session *session) | ||
218 | { | ||
219 | struct sk_buff *skb, *nskb; | ||
220 | unsigned char *hdr; | ||
221 | unsigned int size, tail; | ||
222 | |||
223 | BT_DBG("session %p", session); | ||
224 | |||
225 | if (!(nskb = alloc_skb(session->mtu, GFP_ATOMIC))) { | ||
226 | BT_ERR("Can't allocate memory for new frame"); | ||
227 | return -ENOMEM; | ||
228 | } | ||
229 | |||
230 | while ((skb = skb_dequeue(&session->transmit))) { | ||
231 | struct cmtp_scb *scb = (void *) skb->cb; | ||
232 | |||
233 | if ((tail = (session->mtu - nskb->len)) < 5) { | ||
234 | cmtp_send_frame(session, nskb->data, nskb->len); | ||
235 | skb_trim(nskb, 0); | ||
236 | tail = session->mtu; | ||
237 | } | ||
238 | |||
239 | size = min_t(uint, ((tail < 258) ? (tail - 2) : (tail - 3)), skb->len); | ||
240 | |||
241 | if ((scb->id < 0) && ((scb->id = cmtp_alloc_block_id(session)) < 0)) { | ||
242 | skb_queue_head(&session->transmit, skb); | ||
243 | break; | ||
244 | } | ||
245 | |||
246 | if (size < 256) { | ||
247 | hdr = skb_put(nskb, 2); | ||
248 | hdr[0] = 0x40 | ||
249 | | ((scb->id << 2) & 0x3c) | ||
250 | | ((skb->len == size) ? 0x00 : 0x01); | ||
251 | hdr[1] = size; | ||
252 | } else { | ||
253 | hdr = skb_put(nskb, 3); | ||
254 | hdr[0] = 0x80 | ||
255 | | ((scb->id << 2) & 0x3c) | ||
256 | | ((skb->len == size) ? 0x00 : 0x01); | ||
257 | hdr[1] = size & 0xff; | ||
258 | hdr[2] = size >> 8; | ||
259 | } | ||
260 | |||
261 | memcpy(skb_put(nskb, size), skb->data, size); | ||
262 | skb_pull(skb, size); | ||
263 | |||
264 | if (skb->len > 0) { | ||
265 | skb_queue_head(&session->transmit, skb); | ||
266 | } else { | ||
267 | cmtp_free_block_id(session, scb->id); | ||
268 | if (scb->data) { | ||
269 | cmtp_send_frame(session, nskb->data, nskb->len); | ||
270 | skb_trim(nskb, 0); | ||
271 | } | ||
272 | kfree_skb(skb); | ||
273 | } | ||
274 | } | ||
275 | |||
276 | cmtp_send_frame(session, nskb->data, nskb->len); | ||
277 | |||
278 | kfree_skb(nskb); | ||
279 | |||
280 | return skb_queue_len(&session->transmit); | ||
281 | } | ||
282 | |||
283 | static int cmtp_session(void *arg) | ||
284 | { | ||
285 | struct cmtp_session *session = arg; | ||
286 | struct sock *sk = session->sock->sk; | ||
287 | struct sk_buff *skb; | ||
288 | wait_queue_t wait; | ||
289 | |||
290 | BT_DBG("session %p", session); | ||
291 | |||
292 | daemonize("kcmtpd_ctr_%d", session->num); | ||
293 | set_user_nice(current, -15); | ||
294 | current->flags |= PF_NOFREEZE; | ||
295 | |||
296 | init_waitqueue_entry(&wait, current); | ||
297 | add_wait_queue(sk->sk_sleep, &wait); | ||
298 | while (!atomic_read(&session->terminate)) { | ||
299 | set_current_state(TASK_INTERRUPTIBLE); | ||
300 | |||
301 | if (sk->sk_state != BT_CONNECTED) | ||
302 | break; | ||
303 | |||
304 | while ((skb = skb_dequeue(&sk->sk_receive_queue))) { | ||
305 | skb_orphan(skb); | ||
306 | cmtp_recv_frame(session, skb); | ||
307 | } | ||
308 | |||
309 | cmtp_process_transmit(session); | ||
310 | |||
311 | schedule(); | ||
312 | } | ||
313 | set_current_state(TASK_RUNNING); | ||
314 | remove_wait_queue(sk->sk_sleep, &wait); | ||
315 | |||
316 | down_write(&cmtp_session_sem); | ||
317 | |||
318 | if (!(session->flags & (1 << CMTP_LOOPBACK))) | ||
319 | cmtp_detach_device(session); | ||
320 | |||
321 | fput(session->sock->file); | ||
322 | |||
323 | __cmtp_unlink_session(session); | ||
324 | |||
325 | up_write(&cmtp_session_sem); | ||
326 | |||
327 | kfree(session); | ||
328 | return 0; | ||
329 | } | ||
330 | |||
331 | int cmtp_add_connection(struct cmtp_connadd_req *req, struct socket *sock) | ||
332 | { | ||
333 | struct cmtp_session *session, *s; | ||
334 | bdaddr_t src, dst; | ||
335 | int i, err; | ||
336 | |||
337 | BT_DBG(""); | ||
338 | |||
339 | baswap(&src, &bt_sk(sock->sk)->src); | ||
340 | baswap(&dst, &bt_sk(sock->sk)->dst); | ||
341 | |||
342 | session = kmalloc(sizeof(struct cmtp_session), GFP_KERNEL); | ||
343 | if (!session) | ||
344 | return -ENOMEM; | ||
345 | memset(session, 0, sizeof(struct cmtp_session)); | ||
346 | |||
347 | down_write(&cmtp_session_sem); | ||
348 | |||
349 | s = __cmtp_get_session(&bt_sk(sock->sk)->dst); | ||
350 | if (s && s->state == BT_CONNECTED) { | ||
351 | err = -EEXIST; | ||
352 | goto failed; | ||
353 | } | ||
354 | |||
355 | bacpy(&session->bdaddr, &bt_sk(sock->sk)->dst); | ||
356 | |||
357 | session->mtu = min_t(uint, l2cap_pi(sock->sk)->omtu, l2cap_pi(sock->sk)->imtu); | ||
358 | |||
359 | BT_DBG("mtu %d", session->mtu); | ||
360 | |||
361 | sprintf(session->name, "%s", batostr(&dst)); | ||
362 | |||
363 | session->sock = sock; | ||
364 | session->state = BT_CONFIG; | ||
365 | |||
366 | init_waitqueue_head(&session->wait); | ||
367 | |||
368 | session->msgnum = CMTP_INITIAL_MSGNUM; | ||
369 | |||
370 | INIT_LIST_HEAD(&session->applications); | ||
371 | |||
372 | skb_queue_head_init(&session->transmit); | ||
373 | |||
374 | for (i = 0; i < 16; i++) | ||
375 | session->reassembly[i] = NULL; | ||
376 | |||
377 | session->flags = req->flags; | ||
378 | |||
379 | __cmtp_link_session(session); | ||
380 | |||
381 | err = kernel_thread(cmtp_session, session, CLONE_KERNEL); | ||
382 | if (err < 0) | ||
383 | goto unlink; | ||
384 | |||
385 | if (!(session->flags & (1 << CMTP_LOOPBACK))) { | ||
386 | err = cmtp_attach_device(session); | ||
387 | if (err < 0) | ||
388 | goto detach; | ||
389 | } | ||
390 | |||
391 | up_write(&cmtp_session_sem); | ||
392 | return 0; | ||
393 | |||
394 | detach: | ||
395 | cmtp_detach_device(session); | ||
396 | |||
397 | unlink: | ||
398 | __cmtp_unlink_session(session); | ||
399 | |||
400 | failed: | ||
401 | up_write(&cmtp_session_sem); | ||
402 | kfree(session); | ||
403 | return err; | ||
404 | } | ||
405 | |||
406 | int cmtp_del_connection(struct cmtp_conndel_req *req) | ||
407 | { | ||
408 | struct cmtp_session *session; | ||
409 | int err = 0; | ||
410 | |||
411 | BT_DBG(""); | ||
412 | |||
413 | down_read(&cmtp_session_sem); | ||
414 | |||
415 | session = __cmtp_get_session(&req->bdaddr); | ||
416 | if (session) { | ||
417 | /* Flush the transmit queue */ | ||
418 | skb_queue_purge(&session->transmit); | ||
419 | |||
420 | /* Kill session thread */ | ||
421 | atomic_inc(&session->terminate); | ||
422 | cmtp_schedule(session); | ||
423 | } else | ||
424 | err = -ENOENT; | ||
425 | |||
426 | up_read(&cmtp_session_sem); | ||
427 | return err; | ||
428 | } | ||
429 | |||
430 | int cmtp_get_connlist(struct cmtp_connlist_req *req) | ||
431 | { | ||
432 | struct list_head *p; | ||
433 | int err = 0, n = 0; | ||
434 | |||
435 | BT_DBG(""); | ||
436 | |||
437 | down_read(&cmtp_session_sem); | ||
438 | |||
439 | list_for_each(p, &cmtp_session_list) { | ||
440 | struct cmtp_session *session; | ||
441 | struct cmtp_conninfo ci; | ||
442 | |||
443 | session = list_entry(p, struct cmtp_session, list); | ||
444 | |||
445 | __cmtp_copy_session(session, &ci); | ||
446 | |||
447 | if (copy_to_user(req->ci, &ci, sizeof(ci))) { | ||
448 | err = -EFAULT; | ||
449 | break; | ||
450 | } | ||
451 | |||
452 | if (++n >= req->cnum) | ||
453 | break; | ||
454 | |||
455 | req->ci++; | ||
456 | } | ||
457 | req->cnum = n; | ||
458 | |||
459 | up_read(&cmtp_session_sem); | ||
460 | return err; | ||
461 | } | ||
462 | |||
463 | int cmtp_get_conninfo(struct cmtp_conninfo *ci) | ||
464 | { | ||
465 | struct cmtp_session *session; | ||
466 | int err = 0; | ||
467 | |||
468 | down_read(&cmtp_session_sem); | ||
469 | |||
470 | session = __cmtp_get_session(&ci->bdaddr); | ||
471 | if (session) | ||
472 | __cmtp_copy_session(session, ci); | ||
473 | else | ||
474 | err = -ENOENT; | ||
475 | |||
476 | up_read(&cmtp_session_sem); | ||
477 | return err; | ||
478 | } | ||
479 | |||
480 | |||
481 | static int __init cmtp_init(void) | ||
482 | { | ||
483 | l2cap_load(); | ||
484 | |||
485 | BT_INFO("CMTP (CAPI Emulation) ver %s", VERSION); | ||
486 | |||
487 | cmtp_init_sockets(); | ||
488 | |||
489 | return 0; | ||
490 | } | ||
491 | |||
492 | static void __exit cmtp_exit(void) | ||
493 | { | ||
494 | cmtp_cleanup_sockets(); | ||
495 | } | ||
496 | |||
497 | module_init(cmtp_init); | ||
498 | module_exit(cmtp_exit); | ||
499 | |||
500 | MODULE_AUTHOR("Marcel Holtmann <marcel@holtmann.org>"); | ||
501 | MODULE_DESCRIPTION("Bluetooth CMTP ver " VERSION); | ||
502 | MODULE_VERSION(VERSION); | ||
503 | MODULE_LICENSE("GPL"); | ||
504 | MODULE_ALIAS("bt-proto-5"); | ||
diff --git a/net/bluetooth/cmtp/sock.c b/net/bluetooth/cmtp/sock.c new file mode 100644 index 00000000000..4c7f9e20dad --- /dev/null +++ b/net/bluetooth/cmtp/sock.c | |||
@@ -0,0 +1,226 @@ | |||
1 | /* | ||
2 | CMTP implementation for Linux Bluetooth stack (BlueZ). | ||
3 | Copyright (C) 2002-2003 Marcel Holtmann <marcel@holtmann.org> | ||
4 | |||
5 | This program is free software; you can redistribute it and/or modify | ||
6 | it under the terms of the GNU General Public License version 2 as | ||
7 | published by the Free Software Foundation; | ||
8 | |||
9 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS | ||
10 | OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | ||
11 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. | ||
12 | IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY | ||
13 | CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES | ||
14 | WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | ||
15 | ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | ||
16 | OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | ||
17 | |||
18 | ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, | ||
19 | COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS | ||
20 | SOFTWARE IS DISCLAIMED. | ||
21 | */ | ||
22 | |||
23 | #include <linux/config.h> | ||
24 | #include <linux/module.h> | ||
25 | |||
26 | #include <linux/types.h> | ||
27 | #include <linux/errno.h> | ||
28 | #include <linux/kernel.h> | ||
29 | #include <linux/major.h> | ||
30 | #include <linux/sched.h> | ||
31 | #include <linux/slab.h> | ||
32 | #include <linux/poll.h> | ||
33 | #include <linux/fcntl.h> | ||
34 | #include <linux/skbuff.h> | ||
35 | #include <linux/socket.h> | ||
36 | #include <linux/ioctl.h> | ||
37 | #include <linux/file.h> | ||
38 | #include <net/sock.h> | ||
39 | |||
40 | #include <linux/isdn/capilli.h> | ||
41 | |||
42 | #include <asm/system.h> | ||
43 | #include <asm/uaccess.h> | ||
44 | |||
45 | #include "cmtp.h" | ||
46 | |||
47 | #ifndef CONFIG_BT_CMTP_DEBUG | ||
48 | #undef BT_DBG | ||
49 | #define BT_DBG(D...) | ||
50 | #endif | ||
51 | |||
52 | static int cmtp_sock_release(struct socket *sock) | ||
53 | { | ||
54 | struct sock *sk = sock->sk; | ||
55 | |||
56 | BT_DBG("sock %p sk %p", sock, sk); | ||
57 | |||
58 | if (!sk) | ||
59 | return 0; | ||
60 | |||
61 | sock_orphan(sk); | ||
62 | sock_put(sk); | ||
63 | |||
64 | return 0; | ||
65 | } | ||
66 | |||
67 | static int cmtp_sock_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg) | ||
68 | { | ||
69 | struct cmtp_connadd_req ca; | ||
70 | struct cmtp_conndel_req cd; | ||
71 | struct cmtp_connlist_req cl; | ||
72 | struct cmtp_conninfo ci; | ||
73 | struct socket *nsock; | ||
74 | void __user *argp = (void __user *)arg; | ||
75 | int err; | ||
76 | |||
77 | BT_DBG("cmd %x arg %lx", cmd, arg); | ||
78 | |||
79 | switch (cmd) { | ||
80 | case CMTPCONNADD: | ||
81 | if (!capable(CAP_NET_ADMIN)) | ||
82 | return -EACCES; | ||
83 | |||
84 | if (copy_from_user(&ca, argp, sizeof(ca))) | ||
85 | return -EFAULT; | ||
86 | |||
87 | nsock = sockfd_lookup(ca.sock, &err); | ||
88 | if (!nsock) | ||
89 | return err; | ||
90 | |||
91 | if (nsock->sk->sk_state != BT_CONNECTED) { | ||
92 | fput(nsock->file); | ||
93 | return -EBADFD; | ||
94 | } | ||
95 | |||
96 | err = cmtp_add_connection(&ca, nsock); | ||
97 | if (!err) { | ||
98 | if (copy_to_user(argp, &ca, sizeof(ca))) | ||
99 | err = -EFAULT; | ||
100 | } else | ||
101 | fput(nsock->file); | ||
102 | |||
103 | return err; | ||
104 | |||
105 | case CMTPCONNDEL: | ||
106 | if (!capable(CAP_NET_ADMIN)) | ||
107 | return -EACCES; | ||
108 | |||
109 | if (copy_from_user(&cd, argp, sizeof(cd))) | ||
110 | return -EFAULT; | ||
111 | |||
112 | return cmtp_del_connection(&cd); | ||
113 | |||
114 | case CMTPGETCONNLIST: | ||
115 | if (copy_from_user(&cl, argp, sizeof(cl))) | ||
116 | return -EFAULT; | ||
117 | |||
118 | if (cl.cnum <= 0) | ||
119 | return -EINVAL; | ||
120 | |||
121 | err = cmtp_get_connlist(&cl); | ||
122 | if (!err && copy_to_user(argp, &cl, sizeof(cl))) | ||
123 | return -EFAULT; | ||
124 | |||
125 | return err; | ||
126 | |||
127 | case CMTPGETCONNINFO: | ||
128 | if (copy_from_user(&ci, argp, sizeof(ci))) | ||
129 | return -EFAULT; | ||
130 | |||
131 | err = cmtp_get_conninfo(&ci); | ||
132 | if (!err && copy_to_user(argp, &ci, sizeof(ci))) | ||
133 | return -EFAULT; | ||
134 | |||
135 | return err; | ||
136 | } | ||
137 | |||
138 | return -EINVAL; | ||
139 | } | ||
140 | |||
141 | static struct proto_ops cmtp_sock_ops = { | ||
142 | .family = PF_BLUETOOTH, | ||
143 | .owner = THIS_MODULE, | ||
144 | .release = cmtp_sock_release, | ||
145 | .ioctl = cmtp_sock_ioctl, | ||
146 | .bind = sock_no_bind, | ||
147 | .getname = sock_no_getname, | ||
148 | .sendmsg = sock_no_sendmsg, | ||
149 | .recvmsg = sock_no_recvmsg, | ||
150 | .poll = sock_no_poll, | ||
151 | .listen = sock_no_listen, | ||
152 | .shutdown = sock_no_shutdown, | ||
153 | .setsockopt = sock_no_setsockopt, | ||
154 | .getsockopt = sock_no_getsockopt, | ||
155 | .connect = sock_no_connect, | ||
156 | .socketpair = sock_no_socketpair, | ||
157 | .accept = sock_no_accept, | ||
158 | .mmap = sock_no_mmap | ||
159 | }; | ||
160 | |||
161 | static struct proto cmtp_proto = { | ||
162 | .name = "CMTP", | ||
163 | .owner = THIS_MODULE, | ||
164 | .obj_size = sizeof(struct bt_sock) | ||
165 | }; | ||
166 | |||
167 | static int cmtp_sock_create(struct socket *sock, int protocol) | ||
168 | { | ||
169 | struct sock *sk; | ||
170 | |||
171 | BT_DBG("sock %p", sock); | ||
172 | |||
173 | if (sock->type != SOCK_RAW) | ||
174 | return -ESOCKTNOSUPPORT; | ||
175 | |||
176 | sk = sk_alloc(PF_BLUETOOTH, GFP_KERNEL, &cmtp_proto, 1); | ||
177 | if (!sk) | ||
178 | return -ENOMEM; | ||
179 | |||
180 | sock_init_data(sock, sk); | ||
181 | |||
182 | sock->ops = &cmtp_sock_ops; | ||
183 | |||
184 | sock->state = SS_UNCONNECTED; | ||
185 | |||
186 | sock_reset_flag(sk, SOCK_ZAPPED); | ||
187 | |||
188 | sk->sk_protocol = protocol; | ||
189 | sk->sk_state = BT_OPEN; | ||
190 | |||
191 | return 0; | ||
192 | } | ||
193 | |||
194 | static struct net_proto_family cmtp_sock_family_ops = { | ||
195 | .family = PF_BLUETOOTH, | ||
196 | .owner = THIS_MODULE, | ||
197 | .create = cmtp_sock_create | ||
198 | }; | ||
199 | |||
200 | int cmtp_init_sockets(void) | ||
201 | { | ||
202 | int err; | ||
203 | |||
204 | err = proto_register(&cmtp_proto, 0); | ||
205 | if (err < 0) | ||
206 | return err; | ||
207 | |||
208 | err = bt_sock_register(BTPROTO_CMTP, &cmtp_sock_family_ops); | ||
209 | if (err < 0) | ||
210 | goto error; | ||
211 | |||
212 | return 0; | ||
213 | |||
214 | error: | ||
215 | BT_ERR("Can't register CMTP socket"); | ||
216 | proto_unregister(&cmtp_proto); | ||
217 | return err; | ||
218 | } | ||
219 | |||
220 | void cmtp_cleanup_sockets(void) | ||
221 | { | ||
222 | if (bt_sock_unregister(BTPROTO_CMTP) < 0) | ||
223 | BT_ERR("Can't unregister CMTP socket"); | ||
224 | |||
225 | proto_unregister(&cmtp_proto); | ||
226 | } | ||
diff --git a/net/bluetooth/hci_conn.c b/net/bluetooth/hci_conn.c new file mode 100644 index 00000000000..71762d7e997 --- /dev/null +++ b/net/bluetooth/hci_conn.c | |||
@@ -0,0 +1,471 @@ | |||
1 | /* | ||
2 | BlueZ - Bluetooth protocol stack for Linux | ||
3 | Copyright (C) 2000-2001 Qualcomm Incorporated | ||
4 | |||
5 | Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com> | ||
6 | |||
7 | This program is free software; you can redistribute it and/or modify | ||
8 | it under the terms of the GNU General Public License version 2 as | ||
9 | published by the Free Software Foundation; | ||
10 | |||
11 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS | ||
12 | OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | ||
13 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. | ||
14 | IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY | ||
15 | CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES | ||
16 | WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | ||
17 | ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | ||
18 | OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | ||
19 | |||
20 | ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, | ||
21 | COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS | ||
22 | SOFTWARE IS DISCLAIMED. | ||
23 | */ | ||
24 | |||
25 | /* Bluetooth HCI connection handling. */ | ||
26 | |||
27 | #include <linux/config.h> | ||
28 | #include <linux/module.h> | ||
29 | |||
30 | #include <linux/types.h> | ||
31 | #include <linux/errno.h> | ||
32 | #include <linux/kernel.h> | ||
33 | #include <linux/major.h> | ||
34 | #include <linux/sched.h> | ||
35 | #include <linux/slab.h> | ||
36 | #include <linux/poll.h> | ||
37 | #include <linux/fcntl.h> | ||
38 | #include <linux/init.h> | ||
39 | #include <linux/skbuff.h> | ||
40 | #include <linux/interrupt.h> | ||
41 | #include <linux/notifier.h> | ||
42 | #include <net/sock.h> | ||
43 | |||
44 | #include <asm/system.h> | ||
45 | #include <asm/uaccess.h> | ||
46 | #include <asm/unaligned.h> | ||
47 | |||
48 | #include <net/bluetooth/bluetooth.h> | ||
49 | #include <net/bluetooth/hci_core.h> | ||
50 | |||
51 | #ifndef CONFIG_BT_HCI_CORE_DEBUG | ||
52 | #undef BT_DBG | ||
53 | #define BT_DBG(D...) | ||
54 | #endif | ||
55 | |||
56 | static void hci_acl_connect(struct hci_conn *conn) | ||
57 | { | ||
58 | struct hci_dev *hdev = conn->hdev; | ||
59 | struct inquiry_entry *ie; | ||
60 | struct hci_cp_create_conn cp; | ||
61 | |||
62 | BT_DBG("%p", conn); | ||
63 | |||
64 | conn->state = BT_CONNECT; | ||
65 | conn->out = 1; | ||
66 | conn->link_mode = HCI_LM_MASTER; | ||
67 | |||
68 | memset(&cp, 0, sizeof(cp)); | ||
69 | bacpy(&cp.bdaddr, &conn->dst); | ||
70 | cp.pscan_rep_mode = 0x02; | ||
71 | |||
72 | if ((ie = hci_inquiry_cache_lookup(hdev, &conn->dst)) && | ||
73 | inquiry_entry_age(ie) <= INQUIRY_ENTRY_AGE_MAX) { | ||
74 | cp.pscan_rep_mode = ie->data.pscan_rep_mode; | ||
75 | cp.pscan_mode = ie->data.pscan_mode; | ||
76 | cp.clock_offset = ie->data.clock_offset | __cpu_to_le16(0x8000); | ||
77 | memcpy(conn->dev_class, ie->data.dev_class, 3); | ||
78 | } | ||
79 | |||
80 | cp.pkt_type = __cpu_to_le16(hdev->pkt_type & ACL_PTYPE_MASK); | ||
81 | if (lmp_rswitch_capable(hdev) && !(hdev->link_mode & HCI_LM_MASTER)) | ||
82 | cp.role_switch = 0x01; | ||
83 | else | ||
84 | cp.role_switch = 0x00; | ||
85 | |||
86 | hci_send_cmd(hdev, OGF_LINK_CTL, OCF_CREATE_CONN, sizeof(cp), &cp); | ||
87 | } | ||
88 | |||
89 | void hci_acl_disconn(struct hci_conn *conn, __u8 reason) | ||
90 | { | ||
91 | struct hci_cp_disconnect cp; | ||
92 | |||
93 | BT_DBG("%p", conn); | ||
94 | |||
95 | conn->state = BT_DISCONN; | ||
96 | |||
97 | cp.handle = __cpu_to_le16(conn->handle); | ||
98 | cp.reason = reason; | ||
99 | hci_send_cmd(conn->hdev, OGF_LINK_CTL, OCF_DISCONNECT, sizeof(cp), &cp); | ||
100 | } | ||
101 | |||
102 | void hci_add_sco(struct hci_conn *conn, __u16 handle) | ||
103 | { | ||
104 | struct hci_dev *hdev = conn->hdev; | ||
105 | struct hci_cp_add_sco cp; | ||
106 | |||
107 | BT_DBG("%p", conn); | ||
108 | |||
109 | conn->state = BT_CONNECT; | ||
110 | conn->out = 1; | ||
111 | |||
112 | cp.pkt_type = __cpu_to_le16(hdev->pkt_type & SCO_PTYPE_MASK); | ||
113 | cp.handle = __cpu_to_le16(handle); | ||
114 | |||
115 | hci_send_cmd(hdev, OGF_LINK_CTL, OCF_ADD_SCO, sizeof(cp), &cp); | ||
116 | } | ||
117 | |||
118 | static void hci_conn_timeout(unsigned long arg) | ||
119 | { | ||
120 | struct hci_conn *conn = (void *)arg; | ||
121 | struct hci_dev *hdev = conn->hdev; | ||
122 | |||
123 | BT_DBG("conn %p state %d", conn, conn->state); | ||
124 | |||
125 | if (atomic_read(&conn->refcnt)) | ||
126 | return; | ||
127 | |||
128 | hci_dev_lock(hdev); | ||
129 | if (conn->state == BT_CONNECTED) | ||
130 | hci_acl_disconn(conn, 0x13); | ||
131 | else | ||
132 | conn->state = BT_CLOSED; | ||
133 | hci_dev_unlock(hdev); | ||
134 | return; | ||
135 | } | ||
136 | |||
137 | static void hci_conn_init_timer(struct hci_conn *conn) | ||
138 | { | ||
139 | init_timer(&conn->timer); | ||
140 | conn->timer.function = hci_conn_timeout; | ||
141 | conn->timer.data = (unsigned long)conn; | ||
142 | } | ||
143 | |||
144 | struct hci_conn *hci_conn_add(struct hci_dev *hdev, int type, bdaddr_t *dst) | ||
145 | { | ||
146 | struct hci_conn *conn; | ||
147 | |||
148 | BT_DBG("%s dst %s", hdev->name, batostr(dst)); | ||
149 | |||
150 | if (!(conn = kmalloc(sizeof(struct hci_conn), GFP_ATOMIC))) | ||
151 | return NULL; | ||
152 | memset(conn, 0, sizeof(struct hci_conn)); | ||
153 | |||
154 | bacpy(&conn->dst, dst); | ||
155 | conn->type = type; | ||
156 | conn->hdev = hdev; | ||
157 | conn->state = BT_OPEN; | ||
158 | |||
159 | skb_queue_head_init(&conn->data_q); | ||
160 | hci_conn_init_timer(conn); | ||
161 | |||
162 | atomic_set(&conn->refcnt, 0); | ||
163 | |||
164 | hci_dev_hold(hdev); | ||
165 | |||
166 | tasklet_disable(&hdev->tx_task); | ||
167 | |||
168 | hci_conn_hash_add(hdev, conn); | ||
169 | if (hdev->notify) | ||
170 | hdev->notify(hdev, HCI_NOTIFY_CONN_ADD); | ||
171 | |||
172 | tasklet_enable(&hdev->tx_task); | ||
173 | |||
174 | return conn; | ||
175 | } | ||
176 | |||
177 | int hci_conn_del(struct hci_conn *conn) | ||
178 | { | ||
179 | struct hci_dev *hdev = conn->hdev; | ||
180 | |||
181 | BT_DBG("%s conn %p handle %d", hdev->name, conn, conn->handle); | ||
182 | |||
183 | hci_conn_del_timer(conn); | ||
184 | |||
185 | if (conn->type == SCO_LINK) { | ||
186 | struct hci_conn *acl = conn->link; | ||
187 | if (acl) { | ||
188 | acl->link = NULL; | ||
189 | hci_conn_put(acl); | ||
190 | } | ||
191 | } else { | ||
192 | struct hci_conn *sco = conn->link; | ||
193 | if (sco) | ||
194 | sco->link = NULL; | ||
195 | |||
196 | /* Unacked frames */ | ||
197 | hdev->acl_cnt += conn->sent; | ||
198 | } | ||
199 | |||
200 | tasklet_disable(&hdev->tx_task); | ||
201 | |||
202 | hci_conn_hash_del(hdev, conn); | ||
203 | if (hdev->notify) | ||
204 | hdev->notify(hdev, HCI_NOTIFY_CONN_DEL); | ||
205 | |||
206 | tasklet_enable(&hdev->tx_task); | ||
207 | |||
208 | skb_queue_purge(&conn->data_q); | ||
209 | |||
210 | hci_dev_put(hdev); | ||
211 | |||
212 | kfree(conn); | ||
213 | return 0; | ||
214 | } | ||
215 | |||
216 | struct hci_dev *hci_get_route(bdaddr_t *dst, bdaddr_t *src) | ||
217 | { | ||
218 | int use_src = bacmp(src, BDADDR_ANY); | ||
219 | struct hci_dev *hdev = NULL; | ||
220 | struct list_head *p; | ||
221 | |||
222 | BT_DBG("%s -> %s", batostr(src), batostr(dst)); | ||
223 | |||
224 | read_lock_bh(&hci_dev_list_lock); | ||
225 | |||
226 | list_for_each(p, &hci_dev_list) { | ||
227 | struct hci_dev *d = list_entry(p, struct hci_dev, list); | ||
228 | |||
229 | if (!test_bit(HCI_UP, &d->flags) || test_bit(HCI_RAW, &d->flags)) | ||
230 | continue; | ||
231 | |||
232 | /* Simple routing: | ||
233 | * No source address - find interface with bdaddr != dst | ||
234 | * Source address - find interface with bdaddr == src | ||
235 | */ | ||
236 | |||
237 | if (use_src) { | ||
238 | if (!bacmp(&d->bdaddr, src)) { | ||
239 | hdev = d; break; | ||
240 | } | ||
241 | } else { | ||
242 | if (bacmp(&d->bdaddr, dst)) { | ||
243 | hdev = d; break; | ||
244 | } | ||
245 | } | ||
246 | } | ||
247 | |||
248 | if (hdev) | ||
249 | hdev = hci_dev_hold(hdev); | ||
250 | |||
251 | read_unlock_bh(&hci_dev_list_lock); | ||
252 | return hdev; | ||
253 | } | ||
254 | EXPORT_SYMBOL(hci_get_route); | ||
255 | |||
256 | /* Create SCO or ACL connection. | ||
257 | * Device _must_ be locked */ | ||
258 | struct hci_conn * hci_connect(struct hci_dev *hdev, int type, bdaddr_t *dst) | ||
259 | { | ||
260 | struct hci_conn *acl; | ||
261 | |||
262 | BT_DBG("%s dst %s", hdev->name, batostr(dst)); | ||
263 | |||
264 | if (!(acl = hci_conn_hash_lookup_ba(hdev, ACL_LINK, dst))) { | ||
265 | if (!(acl = hci_conn_add(hdev, ACL_LINK, dst))) | ||
266 | return NULL; | ||
267 | } | ||
268 | |||
269 | hci_conn_hold(acl); | ||
270 | |||
271 | if (acl->state == BT_OPEN || acl->state == BT_CLOSED) | ||
272 | hci_acl_connect(acl); | ||
273 | |||
274 | if (type == SCO_LINK) { | ||
275 | struct hci_conn *sco; | ||
276 | |||
277 | if (!(sco = hci_conn_hash_lookup_ba(hdev, SCO_LINK, dst))) { | ||
278 | if (!(sco = hci_conn_add(hdev, SCO_LINK, dst))) { | ||
279 | hci_conn_put(acl); | ||
280 | return NULL; | ||
281 | } | ||
282 | } | ||
283 | acl->link = sco; | ||
284 | sco->link = acl; | ||
285 | |||
286 | hci_conn_hold(sco); | ||
287 | |||
288 | if (acl->state == BT_CONNECTED && | ||
289 | (sco->state == BT_OPEN || sco->state == BT_CLOSED)) | ||
290 | hci_add_sco(sco, acl->handle); | ||
291 | |||
292 | return sco; | ||
293 | } else { | ||
294 | return acl; | ||
295 | } | ||
296 | } | ||
297 | EXPORT_SYMBOL(hci_connect); | ||
298 | |||
299 | /* Authenticate remote device */ | ||
300 | int hci_conn_auth(struct hci_conn *conn) | ||
301 | { | ||
302 | BT_DBG("conn %p", conn); | ||
303 | |||
304 | if (conn->link_mode & HCI_LM_AUTH) | ||
305 | return 1; | ||
306 | |||
307 | if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->pend)) { | ||
308 | struct hci_cp_auth_requested cp; | ||
309 | cp.handle = __cpu_to_le16(conn->handle); | ||
310 | hci_send_cmd(conn->hdev, OGF_LINK_CTL, OCF_AUTH_REQUESTED, sizeof(cp), &cp); | ||
311 | } | ||
312 | return 0; | ||
313 | } | ||
314 | EXPORT_SYMBOL(hci_conn_auth); | ||
315 | |||
316 | /* Enable encryption */ | ||
317 | int hci_conn_encrypt(struct hci_conn *conn) | ||
318 | { | ||
319 | BT_DBG("conn %p", conn); | ||
320 | |||
321 | if (conn->link_mode & HCI_LM_ENCRYPT) | ||
322 | return 1; | ||
323 | |||
324 | if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend)) | ||
325 | return 0; | ||
326 | |||
327 | if (hci_conn_auth(conn)) { | ||
328 | struct hci_cp_set_conn_encrypt cp; | ||
329 | cp.handle = __cpu_to_le16(conn->handle); | ||
330 | cp.encrypt = 1; | ||
331 | hci_send_cmd(conn->hdev, OGF_LINK_CTL, OCF_SET_CONN_ENCRYPT, sizeof(cp), &cp); | ||
332 | } | ||
333 | return 0; | ||
334 | } | ||
335 | EXPORT_SYMBOL(hci_conn_encrypt); | ||
336 | |||
337 | /* Change link key */ | ||
338 | int hci_conn_change_link_key(struct hci_conn *conn) | ||
339 | { | ||
340 | BT_DBG("conn %p", conn); | ||
341 | |||
342 | if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->pend)) { | ||
343 | struct hci_cp_change_conn_link_key cp; | ||
344 | cp.handle = __cpu_to_le16(conn->handle); | ||
345 | hci_send_cmd(conn->hdev, OGF_LINK_CTL, OCF_CHANGE_CONN_LINK_KEY, sizeof(cp), &cp); | ||
346 | } | ||
347 | return 0; | ||
348 | } | ||
349 | EXPORT_SYMBOL(hci_conn_change_link_key); | ||
350 | |||
351 | /* Switch role */ | ||
352 | int hci_conn_switch_role(struct hci_conn *conn, uint8_t role) | ||
353 | { | ||
354 | BT_DBG("conn %p", conn); | ||
355 | |||
356 | if (!role && conn->link_mode & HCI_LM_MASTER) | ||
357 | return 1; | ||
358 | |||
359 | if (!test_and_set_bit(HCI_CONN_RSWITCH_PEND, &conn->pend)) { | ||
360 | struct hci_cp_switch_role cp; | ||
361 | bacpy(&cp.bdaddr, &conn->dst); | ||
362 | cp.role = role; | ||
363 | hci_send_cmd(conn->hdev, OGF_LINK_POLICY, OCF_SWITCH_ROLE, sizeof(cp), &cp); | ||
364 | } | ||
365 | return 0; | ||
366 | } | ||
367 | EXPORT_SYMBOL(hci_conn_switch_role); | ||
368 | |||
369 | /* Drop all connection on the device */ | ||
370 | void hci_conn_hash_flush(struct hci_dev *hdev) | ||
371 | { | ||
372 | struct hci_conn_hash *h = &hdev->conn_hash; | ||
373 | struct list_head *p; | ||
374 | |||
375 | BT_DBG("hdev %s", hdev->name); | ||
376 | |||
377 | p = h->list.next; | ||
378 | while (p != &h->list) { | ||
379 | struct hci_conn *c; | ||
380 | |||
381 | c = list_entry(p, struct hci_conn, list); | ||
382 | p = p->next; | ||
383 | |||
384 | c->state = BT_CLOSED; | ||
385 | |||
386 | hci_proto_disconn_ind(c, 0x16); | ||
387 | hci_conn_del(c); | ||
388 | } | ||
389 | } | ||
390 | |||
391 | int hci_get_conn_list(void __user *arg) | ||
392 | { | ||
393 | struct hci_conn_list_req req, *cl; | ||
394 | struct hci_conn_info *ci; | ||
395 | struct hci_dev *hdev; | ||
396 | struct list_head *p; | ||
397 | int n = 0, size, err; | ||
398 | |||
399 | if (copy_from_user(&req, arg, sizeof(req))) | ||
400 | return -EFAULT; | ||
401 | |||
402 | if (!req.conn_num || req.conn_num > (PAGE_SIZE * 2) / sizeof(*ci)) | ||
403 | return -EINVAL; | ||
404 | |||
405 | size = sizeof(req) + req.conn_num * sizeof(*ci); | ||
406 | |||
407 | if (!(cl = (void *) kmalloc(size, GFP_KERNEL))) | ||
408 | return -ENOMEM; | ||
409 | |||
410 | if (!(hdev = hci_dev_get(req.dev_id))) { | ||
411 | kfree(cl); | ||
412 | return -ENODEV; | ||
413 | } | ||
414 | |||
415 | ci = cl->conn_info; | ||
416 | |||
417 | hci_dev_lock_bh(hdev); | ||
418 | list_for_each(p, &hdev->conn_hash.list) { | ||
419 | register struct hci_conn *c; | ||
420 | c = list_entry(p, struct hci_conn, list); | ||
421 | |||
422 | bacpy(&(ci + n)->bdaddr, &c->dst); | ||
423 | (ci + n)->handle = c->handle; | ||
424 | (ci + n)->type = c->type; | ||
425 | (ci + n)->out = c->out; | ||
426 | (ci + n)->state = c->state; | ||
427 | (ci + n)->link_mode = c->link_mode; | ||
428 | if (++n >= req.conn_num) | ||
429 | break; | ||
430 | } | ||
431 | hci_dev_unlock_bh(hdev); | ||
432 | |||
433 | cl->dev_id = hdev->id; | ||
434 | cl->conn_num = n; | ||
435 | size = sizeof(req) + n * sizeof(*ci); | ||
436 | |||
437 | hci_dev_put(hdev); | ||
438 | |||
439 | err = copy_to_user(arg, cl, size); | ||
440 | kfree(cl); | ||
441 | |||
442 | return err ? -EFAULT : 0; | ||
443 | } | ||
444 | |||
445 | int hci_get_conn_info(struct hci_dev *hdev, void __user *arg) | ||
446 | { | ||
447 | struct hci_conn_info_req req; | ||
448 | struct hci_conn_info ci; | ||
449 | struct hci_conn *conn; | ||
450 | char __user *ptr = arg + sizeof(req); | ||
451 | |||
452 | if (copy_from_user(&req, arg, sizeof(req))) | ||
453 | return -EFAULT; | ||
454 | |||
455 | hci_dev_lock_bh(hdev); | ||
456 | conn = hci_conn_hash_lookup_ba(hdev, req.type, &req.bdaddr); | ||
457 | if (conn) { | ||
458 | bacpy(&ci.bdaddr, &conn->dst); | ||
459 | ci.handle = conn->handle; | ||
460 | ci.type = conn->type; | ||
461 | ci.out = conn->out; | ||
462 | ci.state = conn->state; | ||
463 | ci.link_mode = conn->link_mode; | ||
464 | } | ||
465 | hci_dev_unlock_bh(hdev); | ||
466 | |||
467 | if (!conn) | ||
468 | return -ENOENT; | ||
469 | |||
470 | return copy_to_user(ptr, &ci, sizeof(ci)) ? -EFAULT : 0; | ||
471 | } | ||
diff --git a/net/bluetooth/hci_core.c b/net/bluetooth/hci_core.c new file mode 100644 index 00000000000..860dba7bdd8 --- /dev/null +++ b/net/bluetooth/hci_core.c | |||
@@ -0,0 +1,1434 @@ | |||
1 | /* | ||
2 | BlueZ - Bluetooth protocol stack for Linux | ||
3 | Copyright (C) 2000-2001 Qualcomm Incorporated | ||
4 | |||
5 | Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com> | ||
6 | |||
7 | This program is free software; you can redistribute it and/or modify | ||
8 | it under the terms of the GNU General Public License version 2 as | ||
9 | published by the Free Software Foundation; | ||
10 | |||
11 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS | ||
12 | OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | ||
13 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. | ||
14 | IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY | ||
15 | CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES | ||
16 | WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | ||
17 | ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | ||
18 | OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | ||
19 | |||
20 | ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, | ||
21 | COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS | ||
22 | SOFTWARE IS DISCLAIMED. | ||
23 | */ | ||
24 | |||
25 | /* Bluetooth HCI core. */ | ||
26 | |||
27 | #include <linux/config.h> | ||
28 | #include <linux/module.h> | ||
29 | #include <linux/kmod.h> | ||
30 | |||
31 | #include <linux/types.h> | ||
32 | #include <linux/errno.h> | ||
33 | #include <linux/kernel.h> | ||
34 | #include <linux/major.h> | ||
35 | #include <linux/sched.h> | ||
36 | #include <linux/slab.h> | ||
37 | #include <linux/poll.h> | ||
38 | #include <linux/fcntl.h> | ||
39 | #include <linux/init.h> | ||
40 | #include <linux/skbuff.h> | ||
41 | #include <linux/interrupt.h> | ||
42 | #include <linux/notifier.h> | ||
43 | #include <net/sock.h> | ||
44 | |||
45 | #include <asm/system.h> | ||
46 | #include <asm/uaccess.h> | ||
47 | #include <asm/unaligned.h> | ||
48 | |||
49 | #include <net/bluetooth/bluetooth.h> | ||
50 | #include <net/bluetooth/hci_core.h> | ||
51 | |||
52 | #ifndef CONFIG_BT_HCI_CORE_DEBUG | ||
53 | #undef BT_DBG | ||
54 | #define BT_DBG(D...) | ||
55 | #endif | ||
56 | |||
57 | static void hci_cmd_task(unsigned long arg); | ||
58 | static void hci_rx_task(unsigned long arg); | ||
59 | static void hci_tx_task(unsigned long arg); | ||
60 | static void hci_notify(struct hci_dev *hdev, int event); | ||
61 | |||
62 | static DEFINE_RWLOCK(hci_task_lock); | ||
63 | |||
64 | /* HCI device list */ | ||
65 | LIST_HEAD(hci_dev_list); | ||
66 | DEFINE_RWLOCK(hci_dev_list_lock); | ||
67 | |||
68 | /* HCI callback list */ | ||
69 | LIST_HEAD(hci_cb_list); | ||
70 | DEFINE_RWLOCK(hci_cb_list_lock); | ||
71 | |||
72 | /* HCI protocols */ | ||
73 | #define HCI_MAX_PROTO 2 | ||
74 | struct hci_proto *hci_proto[HCI_MAX_PROTO]; | ||
75 | |||
76 | /* HCI notifiers list */ | ||
77 | static struct notifier_block *hci_notifier; | ||
78 | |||
79 | /* ---- HCI notifications ---- */ | ||
80 | |||
81 | int hci_register_notifier(struct notifier_block *nb) | ||
82 | { | ||
83 | return notifier_chain_register(&hci_notifier, nb); | ||
84 | } | ||
85 | |||
86 | int hci_unregister_notifier(struct notifier_block *nb) | ||
87 | { | ||
88 | return notifier_chain_unregister(&hci_notifier, nb); | ||
89 | } | ||
90 | |||
91 | void hci_notify(struct hci_dev *hdev, int event) | ||
92 | { | ||
93 | notifier_call_chain(&hci_notifier, event, hdev); | ||
94 | } | ||
95 | |||
96 | /* ---- HCI requests ---- */ | ||
97 | |||
98 | void hci_req_complete(struct hci_dev *hdev, int result) | ||
99 | { | ||
100 | BT_DBG("%s result 0x%2.2x", hdev->name, result); | ||
101 | |||
102 | if (hdev->req_status == HCI_REQ_PEND) { | ||
103 | hdev->req_result = result; | ||
104 | hdev->req_status = HCI_REQ_DONE; | ||
105 | wake_up_interruptible(&hdev->req_wait_q); | ||
106 | } | ||
107 | } | ||
108 | |||
109 | static void hci_req_cancel(struct hci_dev *hdev, int err) | ||
110 | { | ||
111 | BT_DBG("%s err 0x%2.2x", hdev->name, err); | ||
112 | |||
113 | if (hdev->req_status == HCI_REQ_PEND) { | ||
114 | hdev->req_result = err; | ||
115 | hdev->req_status = HCI_REQ_CANCELED; | ||
116 | wake_up_interruptible(&hdev->req_wait_q); | ||
117 | } | ||
118 | } | ||
119 | |||
120 | /* Execute request and wait for completion. */ | ||
121 | static int __hci_request(struct hci_dev *hdev, void (*req)(struct hci_dev *hdev, unsigned long opt), | ||
122 | unsigned long opt, __u32 timeout) | ||
123 | { | ||
124 | DECLARE_WAITQUEUE(wait, current); | ||
125 | int err = 0; | ||
126 | |||
127 | BT_DBG("%s start", hdev->name); | ||
128 | |||
129 | hdev->req_status = HCI_REQ_PEND; | ||
130 | |||
131 | add_wait_queue(&hdev->req_wait_q, &wait); | ||
132 | set_current_state(TASK_INTERRUPTIBLE); | ||
133 | |||
134 | req(hdev, opt); | ||
135 | schedule_timeout(timeout); | ||
136 | |||
137 | remove_wait_queue(&hdev->req_wait_q, &wait); | ||
138 | |||
139 | if (signal_pending(current)) | ||
140 | return -EINTR; | ||
141 | |||
142 | switch (hdev->req_status) { | ||
143 | case HCI_REQ_DONE: | ||
144 | err = -bt_err(hdev->req_result); | ||
145 | break; | ||
146 | |||
147 | case HCI_REQ_CANCELED: | ||
148 | err = -hdev->req_result; | ||
149 | break; | ||
150 | |||
151 | default: | ||
152 | err = -ETIMEDOUT; | ||
153 | break; | ||
154 | }; | ||
155 | |||
156 | hdev->req_status = hdev->req_result = 0; | ||
157 | |||
158 | BT_DBG("%s end: err %d", hdev->name, err); | ||
159 | |||
160 | return err; | ||
161 | } | ||
162 | |||
163 | static inline int hci_request(struct hci_dev *hdev, void (*req)(struct hci_dev *hdev, unsigned long opt), | ||
164 | unsigned long opt, __u32 timeout) | ||
165 | { | ||
166 | int ret; | ||
167 | |||
168 | /* Serialize all requests */ | ||
169 | hci_req_lock(hdev); | ||
170 | ret = __hci_request(hdev, req, opt, timeout); | ||
171 | hci_req_unlock(hdev); | ||
172 | |||
173 | return ret; | ||
174 | } | ||
175 | |||
176 | static void hci_reset_req(struct hci_dev *hdev, unsigned long opt) | ||
177 | { | ||
178 | BT_DBG("%s %ld", hdev->name, opt); | ||
179 | |||
180 | /* Reset device */ | ||
181 | hci_send_cmd(hdev, OGF_HOST_CTL, OCF_RESET, 0, NULL); | ||
182 | } | ||
183 | |||
184 | static void hci_init_req(struct hci_dev *hdev, unsigned long opt) | ||
185 | { | ||
186 | struct sk_buff *skb; | ||
187 | __u16 param; | ||
188 | |||
189 | BT_DBG("%s %ld", hdev->name, opt); | ||
190 | |||
191 | /* Driver initialization */ | ||
192 | |||
193 | /* Special commands */ | ||
194 | while ((skb = skb_dequeue(&hdev->driver_init))) { | ||
195 | skb->pkt_type = HCI_COMMAND_PKT; | ||
196 | skb->dev = (void *) hdev; | ||
197 | skb_queue_tail(&hdev->cmd_q, skb); | ||
198 | hci_sched_cmd(hdev); | ||
199 | } | ||
200 | skb_queue_purge(&hdev->driver_init); | ||
201 | |||
202 | /* Mandatory initialization */ | ||
203 | |||
204 | /* Reset */ | ||
205 | if (test_bit(HCI_QUIRK_RESET_ON_INIT, &hdev->quirks)) | ||
206 | hci_send_cmd(hdev, OGF_HOST_CTL, OCF_RESET, 0, NULL); | ||
207 | |||
208 | /* Read Local Supported Features */ | ||
209 | hci_send_cmd(hdev, OGF_INFO_PARAM, OCF_READ_LOCAL_FEATURES, 0, NULL); | ||
210 | |||
211 | /* Read Buffer Size (ACL mtu, max pkt, etc.) */ | ||
212 | hci_send_cmd(hdev, OGF_INFO_PARAM, OCF_READ_BUFFER_SIZE, 0, NULL); | ||
213 | |||
214 | #if 0 | ||
215 | /* Host buffer size */ | ||
216 | { | ||
217 | struct hci_cp_host_buffer_size cp; | ||
218 | cp.acl_mtu = __cpu_to_le16(HCI_MAX_ACL_SIZE); | ||
219 | cp.sco_mtu = HCI_MAX_SCO_SIZE; | ||
220 | cp.acl_max_pkt = __cpu_to_le16(0xffff); | ||
221 | cp.sco_max_pkt = __cpu_to_le16(0xffff); | ||
222 | hci_send_cmd(hdev, OGF_HOST_CTL, OCF_HOST_BUFFER_SIZE, sizeof(cp), &cp); | ||
223 | } | ||
224 | #endif | ||
225 | |||
226 | /* Read BD Address */ | ||
227 | hci_send_cmd(hdev, OGF_INFO_PARAM, OCF_READ_BD_ADDR, 0, NULL); | ||
228 | |||
229 | /* Read Voice Setting */ | ||
230 | hci_send_cmd(hdev, OGF_HOST_CTL, OCF_READ_VOICE_SETTING, 0, NULL); | ||
231 | |||
232 | /* Optional initialization */ | ||
233 | |||
234 | /* Clear Event Filters */ | ||
235 | { | ||
236 | struct hci_cp_set_event_flt cp; | ||
237 | cp.flt_type = HCI_FLT_CLEAR_ALL; | ||
238 | hci_send_cmd(hdev, OGF_HOST_CTL, OCF_SET_EVENT_FLT, sizeof(cp), &cp); | ||
239 | } | ||
240 | |||
241 | /* Page timeout ~20 secs */ | ||
242 | param = __cpu_to_le16(0x8000); | ||
243 | hci_send_cmd(hdev, OGF_HOST_CTL, OCF_WRITE_PG_TIMEOUT, 2, ¶m); | ||
244 | |||
245 | /* Connection accept timeout ~20 secs */ | ||
246 | param = __cpu_to_le16(0x7d00); | ||
247 | hci_send_cmd(hdev, OGF_HOST_CTL, OCF_WRITE_CA_TIMEOUT, 2, ¶m); | ||
248 | } | ||
249 | |||
250 | static void hci_scan_req(struct hci_dev *hdev, unsigned long opt) | ||
251 | { | ||
252 | __u8 scan = opt; | ||
253 | |||
254 | BT_DBG("%s %x", hdev->name, scan); | ||
255 | |||
256 | /* Inquiry and Page scans */ | ||
257 | hci_send_cmd(hdev, OGF_HOST_CTL, OCF_WRITE_SCAN_ENABLE, 1, &scan); | ||
258 | } | ||
259 | |||
260 | static void hci_auth_req(struct hci_dev *hdev, unsigned long opt) | ||
261 | { | ||
262 | __u8 auth = opt; | ||
263 | |||
264 | BT_DBG("%s %x", hdev->name, auth); | ||
265 | |||
266 | /* Authentication */ | ||
267 | hci_send_cmd(hdev, OGF_HOST_CTL, OCF_WRITE_AUTH_ENABLE, 1, &auth); | ||
268 | } | ||
269 | |||
270 | static void hci_encrypt_req(struct hci_dev *hdev, unsigned long opt) | ||
271 | { | ||
272 | __u8 encrypt = opt; | ||
273 | |||
274 | BT_DBG("%s %x", hdev->name, encrypt); | ||
275 | |||
276 | /* Authentication */ | ||
277 | hci_send_cmd(hdev, OGF_HOST_CTL, OCF_WRITE_ENCRYPT_MODE, 1, &encrypt); | ||
278 | } | ||
279 | |||
280 | /* Get HCI device by index. | ||
281 | * Device is held on return. */ | ||
282 | struct hci_dev *hci_dev_get(int index) | ||
283 | { | ||
284 | struct hci_dev *hdev = NULL; | ||
285 | struct list_head *p; | ||
286 | |||
287 | BT_DBG("%d", index); | ||
288 | |||
289 | if (index < 0) | ||
290 | return NULL; | ||
291 | |||
292 | read_lock(&hci_dev_list_lock); | ||
293 | list_for_each(p, &hci_dev_list) { | ||
294 | struct hci_dev *d = list_entry(p, struct hci_dev, list); | ||
295 | if (d->id == index) { | ||
296 | hdev = hci_dev_hold(d); | ||
297 | break; | ||
298 | } | ||
299 | } | ||
300 | read_unlock(&hci_dev_list_lock); | ||
301 | return hdev; | ||
302 | } | ||
303 | EXPORT_SYMBOL(hci_dev_get); | ||
304 | |||
305 | /* ---- Inquiry support ---- */ | ||
306 | static void inquiry_cache_flush(struct hci_dev *hdev) | ||
307 | { | ||
308 | struct inquiry_cache *cache = &hdev->inq_cache; | ||
309 | struct inquiry_entry *next = cache->list, *e; | ||
310 | |||
311 | BT_DBG("cache %p", cache); | ||
312 | |||
313 | cache->list = NULL; | ||
314 | while ((e = next)) { | ||
315 | next = e->next; | ||
316 | kfree(e); | ||
317 | } | ||
318 | } | ||
319 | |||
320 | struct inquiry_entry *hci_inquiry_cache_lookup(struct hci_dev *hdev, bdaddr_t *bdaddr) | ||
321 | { | ||
322 | struct inquiry_cache *cache = &hdev->inq_cache; | ||
323 | struct inquiry_entry *e; | ||
324 | |||
325 | BT_DBG("cache %p, %s", cache, batostr(bdaddr)); | ||
326 | |||
327 | for (e = cache->list; e; e = e->next) | ||
328 | if (!bacmp(&e->data.bdaddr, bdaddr)) | ||
329 | break; | ||
330 | return e; | ||
331 | } | ||
332 | |||
333 | void hci_inquiry_cache_update(struct hci_dev *hdev, struct inquiry_data *data) | ||
334 | { | ||
335 | struct inquiry_cache *cache = &hdev->inq_cache; | ||
336 | struct inquiry_entry *e; | ||
337 | |||
338 | BT_DBG("cache %p, %s", cache, batostr(&data->bdaddr)); | ||
339 | |||
340 | if (!(e = hci_inquiry_cache_lookup(hdev, &data->bdaddr))) { | ||
341 | /* Entry not in the cache. Add new one. */ | ||
342 | if (!(e = kmalloc(sizeof(struct inquiry_entry), GFP_ATOMIC))) | ||
343 | return; | ||
344 | memset(e, 0, sizeof(struct inquiry_entry)); | ||
345 | e->next = cache->list; | ||
346 | cache->list = e; | ||
347 | } | ||
348 | |||
349 | memcpy(&e->data, data, sizeof(*data)); | ||
350 | e->timestamp = jiffies; | ||
351 | cache->timestamp = jiffies; | ||
352 | } | ||
353 | |||
354 | static int inquiry_cache_dump(struct hci_dev *hdev, int num, __u8 *buf) | ||
355 | { | ||
356 | struct inquiry_cache *cache = &hdev->inq_cache; | ||
357 | struct inquiry_info *info = (struct inquiry_info *) buf; | ||
358 | struct inquiry_entry *e; | ||
359 | int copied = 0; | ||
360 | |||
361 | for (e = cache->list; e && copied < num; e = e->next, copied++) { | ||
362 | struct inquiry_data *data = &e->data; | ||
363 | bacpy(&info->bdaddr, &data->bdaddr); | ||
364 | info->pscan_rep_mode = data->pscan_rep_mode; | ||
365 | info->pscan_period_mode = data->pscan_period_mode; | ||
366 | info->pscan_mode = data->pscan_mode; | ||
367 | memcpy(info->dev_class, data->dev_class, 3); | ||
368 | info->clock_offset = data->clock_offset; | ||
369 | info++; | ||
370 | } | ||
371 | |||
372 | BT_DBG("cache %p, copied %d", cache, copied); | ||
373 | return copied; | ||
374 | } | ||
375 | |||
376 | static void hci_inq_req(struct hci_dev *hdev, unsigned long opt) | ||
377 | { | ||
378 | struct hci_inquiry_req *ir = (struct hci_inquiry_req *) opt; | ||
379 | struct hci_cp_inquiry cp; | ||
380 | |||
381 | BT_DBG("%s", hdev->name); | ||
382 | |||
383 | if (test_bit(HCI_INQUIRY, &hdev->flags)) | ||
384 | return; | ||
385 | |||
386 | /* Start Inquiry */ | ||
387 | memcpy(&cp.lap, &ir->lap, 3); | ||
388 | cp.length = ir->length; | ||
389 | cp.num_rsp = ir->num_rsp; | ||
390 | hci_send_cmd(hdev, OGF_LINK_CTL, OCF_INQUIRY, sizeof(cp), &cp); | ||
391 | } | ||
392 | |||
393 | int hci_inquiry(void __user *arg) | ||
394 | { | ||
395 | __u8 __user *ptr = arg; | ||
396 | struct hci_inquiry_req ir; | ||
397 | struct hci_dev *hdev; | ||
398 | int err = 0, do_inquiry = 0, max_rsp; | ||
399 | long timeo; | ||
400 | __u8 *buf; | ||
401 | |||
402 | if (copy_from_user(&ir, ptr, sizeof(ir))) | ||
403 | return -EFAULT; | ||
404 | |||
405 | if (!(hdev = hci_dev_get(ir.dev_id))) | ||
406 | return -ENODEV; | ||
407 | |||
408 | hci_dev_lock_bh(hdev); | ||
409 | if (inquiry_cache_age(hdev) > INQUIRY_CACHE_AGE_MAX || | ||
410 | inquiry_cache_empty(hdev) || | ||
411 | ir.flags & IREQ_CACHE_FLUSH) { | ||
412 | inquiry_cache_flush(hdev); | ||
413 | do_inquiry = 1; | ||
414 | } | ||
415 | hci_dev_unlock_bh(hdev); | ||
416 | |||
417 | timeo = ir.length * 2 * HZ; | ||
418 | if (do_inquiry && (err = hci_request(hdev, hci_inq_req, (unsigned long)&ir, timeo)) < 0) | ||
419 | goto done; | ||
420 | |||
421 | /* for unlimited number of responses we will use buffer with 255 entries */ | ||
422 | max_rsp = (ir.num_rsp == 0) ? 255 : ir.num_rsp; | ||
423 | |||
424 | /* cache_dump can't sleep. Therefore we allocate temp buffer and then | ||
425 | * copy it to the user space. | ||
426 | */ | ||
427 | if (!(buf = kmalloc(sizeof(struct inquiry_info) * max_rsp, GFP_KERNEL))) { | ||
428 | err = -ENOMEM; | ||
429 | goto done; | ||
430 | } | ||
431 | |||
432 | hci_dev_lock_bh(hdev); | ||
433 | ir.num_rsp = inquiry_cache_dump(hdev, max_rsp, buf); | ||
434 | hci_dev_unlock_bh(hdev); | ||
435 | |||
436 | BT_DBG("num_rsp %d", ir.num_rsp); | ||
437 | |||
438 | if (!copy_to_user(ptr, &ir, sizeof(ir))) { | ||
439 | ptr += sizeof(ir); | ||
440 | if (copy_to_user(ptr, buf, sizeof(struct inquiry_info) * | ||
441 | ir.num_rsp)) | ||
442 | err = -EFAULT; | ||
443 | } else | ||
444 | err = -EFAULT; | ||
445 | |||
446 | kfree(buf); | ||
447 | |||
448 | done: | ||
449 | hci_dev_put(hdev); | ||
450 | return err; | ||
451 | } | ||
452 | |||
453 | /* ---- HCI ioctl helpers ---- */ | ||
454 | |||
455 | int hci_dev_open(__u16 dev) | ||
456 | { | ||
457 | struct hci_dev *hdev; | ||
458 | int ret = 0; | ||
459 | |||
460 | if (!(hdev = hci_dev_get(dev))) | ||
461 | return -ENODEV; | ||
462 | |||
463 | BT_DBG("%s %p", hdev->name, hdev); | ||
464 | |||
465 | hci_req_lock(hdev); | ||
466 | |||
467 | if (test_bit(HCI_UP, &hdev->flags)) { | ||
468 | ret = -EALREADY; | ||
469 | goto done; | ||
470 | } | ||
471 | |||
472 | if (test_bit(HCI_QUIRK_RAW_DEVICE, &hdev->quirks)) | ||
473 | set_bit(HCI_RAW, &hdev->flags); | ||
474 | |||
475 | if (hdev->open(hdev)) { | ||
476 | ret = -EIO; | ||
477 | goto done; | ||
478 | } | ||
479 | |||
480 | if (!test_bit(HCI_RAW, &hdev->flags)) { | ||
481 | atomic_set(&hdev->cmd_cnt, 1); | ||
482 | set_bit(HCI_INIT, &hdev->flags); | ||
483 | |||
484 | //__hci_request(hdev, hci_reset_req, 0, HZ); | ||
485 | ret = __hci_request(hdev, hci_init_req, 0, HCI_INIT_TIMEOUT); | ||
486 | |||
487 | clear_bit(HCI_INIT, &hdev->flags); | ||
488 | } | ||
489 | |||
490 | if (!ret) { | ||
491 | hci_dev_hold(hdev); | ||
492 | set_bit(HCI_UP, &hdev->flags); | ||
493 | hci_notify(hdev, HCI_DEV_UP); | ||
494 | } else { | ||
495 | /* Init failed, cleanup */ | ||
496 | tasklet_kill(&hdev->rx_task); | ||
497 | tasklet_kill(&hdev->tx_task); | ||
498 | tasklet_kill(&hdev->cmd_task); | ||
499 | |||
500 | skb_queue_purge(&hdev->cmd_q); | ||
501 | skb_queue_purge(&hdev->rx_q); | ||
502 | |||
503 | if (hdev->flush) | ||
504 | hdev->flush(hdev); | ||
505 | |||
506 | if (hdev->sent_cmd) { | ||
507 | kfree_skb(hdev->sent_cmd); | ||
508 | hdev->sent_cmd = NULL; | ||
509 | } | ||
510 | |||
511 | hdev->close(hdev); | ||
512 | hdev->flags = 0; | ||
513 | } | ||
514 | |||
515 | done: | ||
516 | hci_req_unlock(hdev); | ||
517 | hci_dev_put(hdev); | ||
518 | return ret; | ||
519 | } | ||
520 | |||
521 | static int hci_dev_do_close(struct hci_dev *hdev) | ||
522 | { | ||
523 | BT_DBG("%s %p", hdev->name, hdev); | ||
524 | |||
525 | hci_req_cancel(hdev, ENODEV); | ||
526 | hci_req_lock(hdev); | ||
527 | |||
528 | if (!test_and_clear_bit(HCI_UP, &hdev->flags)) { | ||
529 | hci_req_unlock(hdev); | ||
530 | return 0; | ||
531 | } | ||
532 | |||
533 | /* Kill RX and TX tasks */ | ||
534 | tasklet_kill(&hdev->rx_task); | ||
535 | tasklet_kill(&hdev->tx_task); | ||
536 | |||
537 | hci_dev_lock_bh(hdev); | ||
538 | inquiry_cache_flush(hdev); | ||
539 | hci_conn_hash_flush(hdev); | ||
540 | hci_dev_unlock_bh(hdev); | ||
541 | |||
542 | hci_notify(hdev, HCI_DEV_DOWN); | ||
543 | |||
544 | if (hdev->flush) | ||
545 | hdev->flush(hdev); | ||
546 | |||
547 | /* Reset device */ | ||
548 | skb_queue_purge(&hdev->cmd_q); | ||
549 | atomic_set(&hdev->cmd_cnt, 1); | ||
550 | if (!test_bit(HCI_RAW, &hdev->flags)) { | ||
551 | set_bit(HCI_INIT, &hdev->flags); | ||
552 | __hci_request(hdev, hci_reset_req, 0, HZ/4); | ||
553 | clear_bit(HCI_INIT, &hdev->flags); | ||
554 | } | ||
555 | |||
556 | /* Kill cmd task */ | ||
557 | tasklet_kill(&hdev->cmd_task); | ||
558 | |||
559 | /* Drop queues */ | ||
560 | skb_queue_purge(&hdev->rx_q); | ||
561 | skb_queue_purge(&hdev->cmd_q); | ||
562 | skb_queue_purge(&hdev->raw_q); | ||
563 | |||
564 | /* Drop last sent command */ | ||
565 | if (hdev->sent_cmd) { | ||
566 | kfree_skb(hdev->sent_cmd); | ||
567 | hdev->sent_cmd = NULL; | ||
568 | } | ||
569 | |||
570 | /* After this point our queues are empty | ||
571 | * and no tasks are scheduled. */ | ||
572 | hdev->close(hdev); | ||
573 | |||
574 | /* Clear flags */ | ||
575 | hdev->flags = 0; | ||
576 | |||
577 | hci_req_unlock(hdev); | ||
578 | |||
579 | hci_dev_put(hdev); | ||
580 | return 0; | ||
581 | } | ||
582 | |||
583 | int hci_dev_close(__u16 dev) | ||
584 | { | ||
585 | struct hci_dev *hdev; | ||
586 | int err; | ||
587 | |||
588 | if (!(hdev = hci_dev_get(dev))) | ||
589 | return -ENODEV; | ||
590 | err = hci_dev_do_close(hdev); | ||
591 | hci_dev_put(hdev); | ||
592 | return err; | ||
593 | } | ||
594 | |||
595 | int hci_dev_reset(__u16 dev) | ||
596 | { | ||
597 | struct hci_dev *hdev; | ||
598 | int ret = 0; | ||
599 | |||
600 | if (!(hdev = hci_dev_get(dev))) | ||
601 | return -ENODEV; | ||
602 | |||
603 | hci_req_lock(hdev); | ||
604 | tasklet_disable(&hdev->tx_task); | ||
605 | |||
606 | if (!test_bit(HCI_UP, &hdev->flags)) | ||
607 | goto done; | ||
608 | |||
609 | /* Drop queues */ | ||
610 | skb_queue_purge(&hdev->rx_q); | ||
611 | skb_queue_purge(&hdev->cmd_q); | ||
612 | |||
613 | hci_dev_lock_bh(hdev); | ||
614 | inquiry_cache_flush(hdev); | ||
615 | hci_conn_hash_flush(hdev); | ||
616 | hci_dev_unlock_bh(hdev); | ||
617 | |||
618 | if (hdev->flush) | ||
619 | hdev->flush(hdev); | ||
620 | |||
621 | atomic_set(&hdev->cmd_cnt, 1); | ||
622 | hdev->acl_cnt = 0; hdev->sco_cnt = 0; | ||
623 | |||
624 | if (!test_bit(HCI_RAW, &hdev->flags)) | ||
625 | ret = __hci_request(hdev, hci_reset_req, 0, HCI_INIT_TIMEOUT); | ||
626 | |||
627 | done: | ||
628 | tasklet_enable(&hdev->tx_task); | ||
629 | hci_req_unlock(hdev); | ||
630 | hci_dev_put(hdev); | ||
631 | return ret; | ||
632 | } | ||
633 | |||
634 | int hci_dev_reset_stat(__u16 dev) | ||
635 | { | ||
636 | struct hci_dev *hdev; | ||
637 | int ret = 0; | ||
638 | |||
639 | if (!(hdev = hci_dev_get(dev))) | ||
640 | return -ENODEV; | ||
641 | |||
642 | memset(&hdev->stat, 0, sizeof(struct hci_dev_stats)); | ||
643 | |||
644 | hci_dev_put(hdev); | ||
645 | |||
646 | return ret; | ||
647 | } | ||
648 | |||
649 | int hci_dev_cmd(unsigned int cmd, void __user *arg) | ||
650 | { | ||
651 | struct hci_dev *hdev; | ||
652 | struct hci_dev_req dr; | ||
653 | int err = 0; | ||
654 | |||
655 | if (copy_from_user(&dr, arg, sizeof(dr))) | ||
656 | return -EFAULT; | ||
657 | |||
658 | if (!(hdev = hci_dev_get(dr.dev_id))) | ||
659 | return -ENODEV; | ||
660 | |||
661 | switch (cmd) { | ||
662 | case HCISETAUTH: | ||
663 | err = hci_request(hdev, hci_auth_req, dr.dev_opt, HCI_INIT_TIMEOUT); | ||
664 | break; | ||
665 | |||
666 | case HCISETENCRYPT: | ||
667 | if (!lmp_encrypt_capable(hdev)) { | ||
668 | err = -EOPNOTSUPP; | ||
669 | break; | ||
670 | } | ||
671 | |||
672 | if (!test_bit(HCI_AUTH, &hdev->flags)) { | ||
673 | /* Auth must be enabled first */ | ||
674 | err = hci_request(hdev, hci_auth_req, | ||
675 | dr.dev_opt, HCI_INIT_TIMEOUT); | ||
676 | if (err) | ||
677 | break; | ||
678 | } | ||
679 | |||
680 | err = hci_request(hdev, hci_encrypt_req, | ||
681 | dr.dev_opt, HCI_INIT_TIMEOUT); | ||
682 | break; | ||
683 | |||
684 | case HCISETSCAN: | ||
685 | err = hci_request(hdev, hci_scan_req, dr.dev_opt, HCI_INIT_TIMEOUT); | ||
686 | break; | ||
687 | |||
688 | case HCISETPTYPE: | ||
689 | hdev->pkt_type = (__u16) dr.dev_opt; | ||
690 | break; | ||
691 | |||
692 | case HCISETLINKPOL: | ||
693 | hdev->link_policy = (__u16) dr.dev_opt; | ||
694 | break; | ||
695 | |||
696 | case HCISETLINKMODE: | ||
697 | hdev->link_mode = ((__u16) dr.dev_opt) & (HCI_LM_MASTER | HCI_LM_ACCEPT); | ||
698 | break; | ||
699 | |||
700 | case HCISETACLMTU: | ||
701 | hdev->acl_mtu = *((__u16 *)&dr.dev_opt + 1); | ||
702 | hdev->acl_pkts = *((__u16 *)&dr.dev_opt + 0); | ||
703 | break; | ||
704 | |||
705 | case HCISETSCOMTU: | ||
706 | hdev->sco_mtu = *((__u16 *)&dr.dev_opt + 1); | ||
707 | hdev->sco_pkts = *((__u16 *)&dr.dev_opt + 0); | ||
708 | break; | ||
709 | |||
710 | default: | ||
711 | err = -EINVAL; | ||
712 | break; | ||
713 | } | ||
714 | hci_dev_put(hdev); | ||
715 | return err; | ||
716 | } | ||
717 | |||
718 | int hci_get_dev_list(void __user *arg) | ||
719 | { | ||
720 | struct hci_dev_list_req *dl; | ||
721 | struct hci_dev_req *dr; | ||
722 | struct list_head *p; | ||
723 | int n = 0, size, err; | ||
724 | __u16 dev_num; | ||
725 | |||
726 | if (get_user(dev_num, (__u16 __user *) arg)) | ||
727 | return -EFAULT; | ||
728 | |||
729 | if (!dev_num || dev_num > (PAGE_SIZE * 2) / sizeof(*dr)) | ||
730 | return -EINVAL; | ||
731 | |||
732 | size = sizeof(*dl) + dev_num * sizeof(*dr); | ||
733 | |||
734 | if (!(dl = kmalloc(size, GFP_KERNEL))) | ||
735 | return -ENOMEM; | ||
736 | |||
737 | dr = dl->dev_req; | ||
738 | |||
739 | read_lock_bh(&hci_dev_list_lock); | ||
740 | list_for_each(p, &hci_dev_list) { | ||
741 | struct hci_dev *hdev; | ||
742 | hdev = list_entry(p, struct hci_dev, list); | ||
743 | (dr + n)->dev_id = hdev->id; | ||
744 | (dr + n)->dev_opt = hdev->flags; | ||
745 | if (++n >= dev_num) | ||
746 | break; | ||
747 | } | ||
748 | read_unlock_bh(&hci_dev_list_lock); | ||
749 | |||
750 | dl->dev_num = n; | ||
751 | size = sizeof(*dl) + n * sizeof(*dr); | ||
752 | |||
753 | err = copy_to_user(arg, dl, size); | ||
754 | kfree(dl); | ||
755 | |||
756 | return err ? -EFAULT : 0; | ||
757 | } | ||
758 | |||
759 | int hci_get_dev_info(void __user *arg) | ||
760 | { | ||
761 | struct hci_dev *hdev; | ||
762 | struct hci_dev_info di; | ||
763 | int err = 0; | ||
764 | |||
765 | if (copy_from_user(&di, arg, sizeof(di))) | ||
766 | return -EFAULT; | ||
767 | |||
768 | if (!(hdev = hci_dev_get(di.dev_id))) | ||
769 | return -ENODEV; | ||
770 | |||
771 | strcpy(di.name, hdev->name); | ||
772 | di.bdaddr = hdev->bdaddr; | ||
773 | di.type = hdev->type; | ||
774 | di.flags = hdev->flags; | ||
775 | di.pkt_type = hdev->pkt_type; | ||
776 | di.acl_mtu = hdev->acl_mtu; | ||
777 | di.acl_pkts = hdev->acl_pkts; | ||
778 | di.sco_mtu = hdev->sco_mtu; | ||
779 | di.sco_pkts = hdev->sco_pkts; | ||
780 | di.link_policy = hdev->link_policy; | ||
781 | di.link_mode = hdev->link_mode; | ||
782 | |||
783 | memcpy(&di.stat, &hdev->stat, sizeof(di.stat)); | ||
784 | memcpy(&di.features, &hdev->features, sizeof(di.features)); | ||
785 | |||
786 | if (copy_to_user(arg, &di, sizeof(di))) | ||
787 | err = -EFAULT; | ||
788 | |||
789 | hci_dev_put(hdev); | ||
790 | |||
791 | return err; | ||
792 | } | ||
793 | |||
794 | /* ---- Interface to HCI drivers ---- */ | ||
795 | |||
796 | /* Alloc HCI device */ | ||
797 | struct hci_dev *hci_alloc_dev(void) | ||
798 | { | ||
799 | struct hci_dev *hdev; | ||
800 | |||
801 | hdev = kmalloc(sizeof(struct hci_dev), GFP_KERNEL); | ||
802 | if (!hdev) | ||
803 | return NULL; | ||
804 | |||
805 | memset(hdev, 0, sizeof(struct hci_dev)); | ||
806 | |||
807 | skb_queue_head_init(&hdev->driver_init); | ||
808 | |||
809 | return hdev; | ||
810 | } | ||
811 | EXPORT_SYMBOL(hci_alloc_dev); | ||
812 | |||
813 | /* Free HCI device */ | ||
814 | void hci_free_dev(struct hci_dev *hdev) | ||
815 | { | ||
816 | skb_queue_purge(&hdev->driver_init); | ||
817 | |||
818 | /* will free via class release */ | ||
819 | class_device_put(&hdev->class_dev); | ||
820 | } | ||
821 | EXPORT_SYMBOL(hci_free_dev); | ||
822 | |||
823 | /* Register HCI device */ | ||
824 | int hci_register_dev(struct hci_dev *hdev) | ||
825 | { | ||
826 | struct list_head *head = &hci_dev_list, *p; | ||
827 | int id = 0; | ||
828 | |||
829 | BT_DBG("%p name %s type %d owner %p", hdev, hdev->name, hdev->type, hdev->owner); | ||
830 | |||
831 | if (!hdev->open || !hdev->close || !hdev->destruct) | ||
832 | return -EINVAL; | ||
833 | |||
834 | write_lock_bh(&hci_dev_list_lock); | ||
835 | |||
836 | /* Find first available device id */ | ||
837 | list_for_each(p, &hci_dev_list) { | ||
838 | if (list_entry(p, struct hci_dev, list)->id != id) | ||
839 | break; | ||
840 | head = p; id++; | ||
841 | } | ||
842 | |||
843 | sprintf(hdev->name, "hci%d", id); | ||
844 | hdev->id = id; | ||
845 | list_add(&hdev->list, head); | ||
846 | |||
847 | atomic_set(&hdev->refcnt, 1); | ||
848 | spin_lock_init(&hdev->lock); | ||
849 | |||
850 | hdev->flags = 0; | ||
851 | hdev->pkt_type = (HCI_DM1 | HCI_DH1 | HCI_HV1); | ||
852 | hdev->link_mode = (HCI_LM_ACCEPT); | ||
853 | |||
854 | tasklet_init(&hdev->cmd_task, hci_cmd_task,(unsigned long) hdev); | ||
855 | tasklet_init(&hdev->rx_task, hci_rx_task, (unsigned long) hdev); | ||
856 | tasklet_init(&hdev->tx_task, hci_tx_task, (unsigned long) hdev); | ||
857 | |||
858 | skb_queue_head_init(&hdev->rx_q); | ||
859 | skb_queue_head_init(&hdev->cmd_q); | ||
860 | skb_queue_head_init(&hdev->raw_q); | ||
861 | |||
862 | init_waitqueue_head(&hdev->req_wait_q); | ||
863 | init_MUTEX(&hdev->req_lock); | ||
864 | |||
865 | inquiry_cache_init(hdev); | ||
866 | |||
867 | hci_conn_hash_init(hdev); | ||
868 | |||
869 | memset(&hdev->stat, 0, sizeof(struct hci_dev_stats)); | ||
870 | |||
871 | atomic_set(&hdev->promisc, 0); | ||
872 | |||
873 | write_unlock_bh(&hci_dev_list_lock); | ||
874 | |||
875 | hci_register_sysfs(hdev); | ||
876 | |||
877 | hci_notify(hdev, HCI_DEV_REG); | ||
878 | |||
879 | return id; | ||
880 | } | ||
881 | EXPORT_SYMBOL(hci_register_dev); | ||
882 | |||
883 | /* Unregister HCI device */ | ||
884 | int hci_unregister_dev(struct hci_dev *hdev) | ||
885 | { | ||
886 | BT_DBG("%p name %s type %d", hdev, hdev->name, hdev->type); | ||
887 | |||
888 | hci_unregister_sysfs(hdev); | ||
889 | |||
890 | write_lock_bh(&hci_dev_list_lock); | ||
891 | list_del(&hdev->list); | ||
892 | write_unlock_bh(&hci_dev_list_lock); | ||
893 | |||
894 | hci_dev_do_close(hdev); | ||
895 | |||
896 | hci_notify(hdev, HCI_DEV_UNREG); | ||
897 | |||
898 | __hci_dev_put(hdev); | ||
899 | return 0; | ||
900 | } | ||
901 | EXPORT_SYMBOL(hci_unregister_dev); | ||
902 | |||
903 | /* Suspend HCI device */ | ||
904 | int hci_suspend_dev(struct hci_dev *hdev) | ||
905 | { | ||
906 | hci_notify(hdev, HCI_DEV_SUSPEND); | ||
907 | return 0; | ||
908 | } | ||
909 | EXPORT_SYMBOL(hci_suspend_dev); | ||
910 | |||
911 | /* Resume HCI device */ | ||
912 | int hci_resume_dev(struct hci_dev *hdev) | ||
913 | { | ||
914 | hci_notify(hdev, HCI_DEV_RESUME); | ||
915 | return 0; | ||
916 | } | ||
917 | EXPORT_SYMBOL(hci_resume_dev); | ||
918 | |||
919 | /* ---- Interface to upper protocols ---- */ | ||
920 | |||
921 | /* Register/Unregister protocols. | ||
922 | * hci_task_lock is used to ensure that no tasks are running. */ | ||
923 | int hci_register_proto(struct hci_proto *hp) | ||
924 | { | ||
925 | int err = 0; | ||
926 | |||
927 | BT_DBG("%p name %s id %d", hp, hp->name, hp->id); | ||
928 | |||
929 | if (hp->id >= HCI_MAX_PROTO) | ||
930 | return -EINVAL; | ||
931 | |||
932 | write_lock_bh(&hci_task_lock); | ||
933 | |||
934 | if (!hci_proto[hp->id]) | ||
935 | hci_proto[hp->id] = hp; | ||
936 | else | ||
937 | err = -EEXIST; | ||
938 | |||
939 | write_unlock_bh(&hci_task_lock); | ||
940 | |||
941 | return err; | ||
942 | } | ||
943 | EXPORT_SYMBOL(hci_register_proto); | ||
944 | |||
945 | int hci_unregister_proto(struct hci_proto *hp) | ||
946 | { | ||
947 | int err = 0; | ||
948 | |||
949 | BT_DBG("%p name %s id %d", hp, hp->name, hp->id); | ||
950 | |||
951 | if (hp->id >= HCI_MAX_PROTO) | ||
952 | return -EINVAL; | ||
953 | |||
954 | write_lock_bh(&hci_task_lock); | ||
955 | |||
956 | if (hci_proto[hp->id]) | ||
957 | hci_proto[hp->id] = NULL; | ||
958 | else | ||
959 | err = -ENOENT; | ||
960 | |||
961 | write_unlock_bh(&hci_task_lock); | ||
962 | |||
963 | return err; | ||
964 | } | ||
965 | EXPORT_SYMBOL(hci_unregister_proto); | ||
966 | |||
967 | int hci_register_cb(struct hci_cb *cb) | ||
968 | { | ||
969 | BT_DBG("%p name %s", cb, cb->name); | ||
970 | |||
971 | write_lock_bh(&hci_cb_list_lock); | ||
972 | list_add(&cb->list, &hci_cb_list); | ||
973 | write_unlock_bh(&hci_cb_list_lock); | ||
974 | |||
975 | return 0; | ||
976 | } | ||
977 | EXPORT_SYMBOL(hci_register_cb); | ||
978 | |||
979 | int hci_unregister_cb(struct hci_cb *cb) | ||
980 | { | ||
981 | BT_DBG("%p name %s", cb, cb->name); | ||
982 | |||
983 | write_lock_bh(&hci_cb_list_lock); | ||
984 | list_del(&cb->list); | ||
985 | write_unlock_bh(&hci_cb_list_lock); | ||
986 | |||
987 | return 0; | ||
988 | } | ||
989 | EXPORT_SYMBOL(hci_unregister_cb); | ||
990 | |||
991 | static int hci_send_frame(struct sk_buff *skb) | ||
992 | { | ||
993 | struct hci_dev *hdev = (struct hci_dev *) skb->dev; | ||
994 | |||
995 | if (!hdev) { | ||
996 | kfree_skb(skb); | ||
997 | return -ENODEV; | ||
998 | } | ||
999 | |||
1000 | BT_DBG("%s type %d len %d", hdev->name, skb->pkt_type, skb->len); | ||
1001 | |||
1002 | if (atomic_read(&hdev->promisc)) { | ||
1003 | /* Time stamp */ | ||
1004 | do_gettimeofday(&skb->stamp); | ||
1005 | |||
1006 | hci_send_to_sock(hdev, skb); | ||
1007 | } | ||
1008 | |||
1009 | /* Get rid of skb owner, prior to sending to the driver. */ | ||
1010 | skb_orphan(skb); | ||
1011 | |||
1012 | return hdev->send(skb); | ||
1013 | } | ||
1014 | |||
1015 | /* Send HCI command */ | ||
1016 | int hci_send_cmd(struct hci_dev *hdev, __u16 ogf, __u16 ocf, __u32 plen, void *param) | ||
1017 | { | ||
1018 | int len = HCI_COMMAND_HDR_SIZE + plen; | ||
1019 | struct hci_command_hdr *hdr; | ||
1020 | struct sk_buff *skb; | ||
1021 | |||
1022 | BT_DBG("%s ogf 0x%x ocf 0x%x plen %d", hdev->name, ogf, ocf, plen); | ||
1023 | |||
1024 | skb = bt_skb_alloc(len, GFP_ATOMIC); | ||
1025 | if (!skb) { | ||
1026 | BT_ERR("%s Can't allocate memory for HCI command", hdev->name); | ||
1027 | return -ENOMEM; | ||
1028 | } | ||
1029 | |||
1030 | hdr = (struct hci_command_hdr *) skb_put(skb, HCI_COMMAND_HDR_SIZE); | ||
1031 | hdr->opcode = __cpu_to_le16(hci_opcode_pack(ogf, ocf)); | ||
1032 | hdr->plen = plen; | ||
1033 | |||
1034 | if (plen) | ||
1035 | memcpy(skb_put(skb, plen), param, plen); | ||
1036 | |||
1037 | BT_DBG("skb len %d", skb->len); | ||
1038 | |||
1039 | skb->pkt_type = HCI_COMMAND_PKT; | ||
1040 | skb->dev = (void *) hdev; | ||
1041 | skb_queue_tail(&hdev->cmd_q, skb); | ||
1042 | hci_sched_cmd(hdev); | ||
1043 | |||
1044 | return 0; | ||
1045 | } | ||
1046 | EXPORT_SYMBOL(hci_send_cmd); | ||
1047 | |||
1048 | /* Get data from the previously sent command */ | ||
1049 | void *hci_sent_cmd_data(struct hci_dev *hdev, __u16 ogf, __u16 ocf) | ||
1050 | { | ||
1051 | struct hci_command_hdr *hdr; | ||
1052 | |||
1053 | if (!hdev->sent_cmd) | ||
1054 | return NULL; | ||
1055 | |||
1056 | hdr = (void *) hdev->sent_cmd->data; | ||
1057 | |||
1058 | if (hdr->opcode != __cpu_to_le16(hci_opcode_pack(ogf, ocf))) | ||
1059 | return NULL; | ||
1060 | |||
1061 | BT_DBG("%s ogf 0x%x ocf 0x%x", hdev->name, ogf, ocf); | ||
1062 | |||
1063 | return hdev->sent_cmd->data + HCI_COMMAND_HDR_SIZE; | ||
1064 | } | ||
1065 | |||
1066 | /* Send ACL data */ | ||
1067 | static void hci_add_acl_hdr(struct sk_buff *skb, __u16 handle, __u16 flags) | ||
1068 | { | ||
1069 | struct hci_acl_hdr *hdr; | ||
1070 | int len = skb->len; | ||
1071 | |||
1072 | hdr = (struct hci_acl_hdr *) skb_push(skb, HCI_ACL_HDR_SIZE); | ||
1073 | hdr->handle = __cpu_to_le16(hci_handle_pack(handle, flags)); | ||
1074 | hdr->dlen = __cpu_to_le16(len); | ||
1075 | |||
1076 | skb->h.raw = (void *) hdr; | ||
1077 | } | ||
1078 | |||
1079 | int hci_send_acl(struct hci_conn *conn, struct sk_buff *skb, __u16 flags) | ||
1080 | { | ||
1081 | struct hci_dev *hdev = conn->hdev; | ||
1082 | struct sk_buff *list; | ||
1083 | |||
1084 | BT_DBG("%s conn %p flags 0x%x", hdev->name, conn, flags); | ||
1085 | |||
1086 | skb->dev = (void *) hdev; | ||
1087 | skb->pkt_type = HCI_ACLDATA_PKT; | ||
1088 | hci_add_acl_hdr(skb, conn->handle, flags | ACL_START); | ||
1089 | |||
1090 | if (!(list = skb_shinfo(skb)->frag_list)) { | ||
1091 | /* Non fragmented */ | ||
1092 | BT_DBG("%s nonfrag skb %p len %d", hdev->name, skb, skb->len); | ||
1093 | |||
1094 | skb_queue_tail(&conn->data_q, skb); | ||
1095 | } else { | ||
1096 | /* Fragmented */ | ||
1097 | BT_DBG("%s frag %p len %d", hdev->name, skb, skb->len); | ||
1098 | |||
1099 | skb_shinfo(skb)->frag_list = NULL; | ||
1100 | |||
1101 | /* Queue all fragments atomically */ | ||
1102 | spin_lock_bh(&conn->data_q.lock); | ||
1103 | |||
1104 | __skb_queue_tail(&conn->data_q, skb); | ||
1105 | do { | ||
1106 | skb = list; list = list->next; | ||
1107 | |||
1108 | skb->dev = (void *) hdev; | ||
1109 | skb->pkt_type = HCI_ACLDATA_PKT; | ||
1110 | hci_add_acl_hdr(skb, conn->handle, flags | ACL_CONT); | ||
1111 | |||
1112 | BT_DBG("%s frag %p len %d", hdev->name, skb, skb->len); | ||
1113 | |||
1114 | __skb_queue_tail(&conn->data_q, skb); | ||
1115 | } while (list); | ||
1116 | |||
1117 | spin_unlock_bh(&conn->data_q.lock); | ||
1118 | } | ||
1119 | |||
1120 | hci_sched_tx(hdev); | ||
1121 | return 0; | ||
1122 | } | ||
1123 | EXPORT_SYMBOL(hci_send_acl); | ||
1124 | |||
1125 | /* Send SCO data */ | ||
1126 | int hci_send_sco(struct hci_conn *conn, struct sk_buff *skb) | ||
1127 | { | ||
1128 | struct hci_dev *hdev = conn->hdev; | ||
1129 | struct hci_sco_hdr hdr; | ||
1130 | |||
1131 | BT_DBG("%s len %d", hdev->name, skb->len); | ||
1132 | |||
1133 | if (skb->len > hdev->sco_mtu) { | ||
1134 | kfree_skb(skb); | ||
1135 | return -EINVAL; | ||
1136 | } | ||
1137 | |||
1138 | hdr.handle = __cpu_to_le16(conn->handle); | ||
1139 | hdr.dlen = skb->len; | ||
1140 | |||
1141 | skb->h.raw = skb_push(skb, HCI_SCO_HDR_SIZE); | ||
1142 | memcpy(skb->h.raw, &hdr, HCI_SCO_HDR_SIZE); | ||
1143 | |||
1144 | skb->dev = (void *) hdev; | ||
1145 | skb->pkt_type = HCI_SCODATA_PKT; | ||
1146 | skb_queue_tail(&conn->data_q, skb); | ||
1147 | hci_sched_tx(hdev); | ||
1148 | return 0; | ||
1149 | } | ||
1150 | EXPORT_SYMBOL(hci_send_sco); | ||
1151 | |||
1152 | /* ---- HCI TX task (outgoing data) ---- */ | ||
1153 | |||
1154 | /* HCI Connection scheduler */ | ||
1155 | static inline struct hci_conn *hci_low_sent(struct hci_dev *hdev, __u8 type, int *quote) | ||
1156 | { | ||
1157 | struct hci_conn_hash *h = &hdev->conn_hash; | ||
1158 | struct hci_conn *conn = NULL; | ||
1159 | int num = 0, min = ~0; | ||
1160 | struct list_head *p; | ||
1161 | |||
1162 | /* We don't have to lock device here. Connections are always | ||
1163 | * added and removed with TX task disabled. */ | ||
1164 | list_for_each(p, &h->list) { | ||
1165 | struct hci_conn *c; | ||
1166 | c = list_entry(p, struct hci_conn, list); | ||
1167 | |||
1168 | if (c->type != type || c->state != BT_CONNECTED | ||
1169 | || skb_queue_empty(&c->data_q)) | ||
1170 | continue; | ||
1171 | num++; | ||
1172 | |||
1173 | if (c->sent < min) { | ||
1174 | min = c->sent; | ||
1175 | conn = c; | ||
1176 | } | ||
1177 | } | ||
1178 | |||
1179 | if (conn) { | ||
1180 | int cnt = (type == ACL_LINK ? hdev->acl_cnt : hdev->sco_cnt); | ||
1181 | int q = cnt / num; | ||
1182 | *quote = q ? q : 1; | ||
1183 | } else | ||
1184 | *quote = 0; | ||
1185 | |||
1186 | BT_DBG("conn %p quote %d", conn, *quote); | ||
1187 | return conn; | ||
1188 | } | ||
1189 | |||
1190 | static inline void hci_acl_tx_to(struct hci_dev *hdev) | ||
1191 | { | ||
1192 | struct hci_conn_hash *h = &hdev->conn_hash; | ||
1193 | struct list_head *p; | ||
1194 | struct hci_conn *c; | ||
1195 | |||
1196 | BT_ERR("%s ACL tx timeout", hdev->name); | ||
1197 | |||
1198 | /* Kill stalled connections */ | ||
1199 | list_for_each(p, &h->list) { | ||
1200 | c = list_entry(p, struct hci_conn, list); | ||
1201 | if (c->type == ACL_LINK && c->sent) { | ||
1202 | BT_ERR("%s killing stalled ACL connection %s", | ||
1203 | hdev->name, batostr(&c->dst)); | ||
1204 | hci_acl_disconn(c, 0x13); | ||
1205 | } | ||
1206 | } | ||
1207 | } | ||
1208 | |||
1209 | static inline void hci_sched_acl(struct hci_dev *hdev) | ||
1210 | { | ||
1211 | struct hci_conn *conn; | ||
1212 | struct sk_buff *skb; | ||
1213 | int quote; | ||
1214 | |||
1215 | BT_DBG("%s", hdev->name); | ||
1216 | |||
1217 | if (!test_bit(HCI_RAW, &hdev->flags)) { | ||
1218 | /* ACL tx timeout must be longer than maximum | ||
1219 | * link supervision timeout (40.9 seconds) */ | ||
1220 | if (!hdev->acl_cnt && (jiffies - hdev->acl_last_tx) > (HZ * 45)) | ||
1221 | hci_acl_tx_to(hdev); | ||
1222 | } | ||
1223 | |||
1224 | while (hdev->acl_cnt && (conn = hci_low_sent(hdev, ACL_LINK, "e))) { | ||
1225 | while (quote-- && (skb = skb_dequeue(&conn->data_q))) { | ||
1226 | BT_DBG("skb %p len %d", skb, skb->len); | ||
1227 | hci_send_frame(skb); | ||
1228 | hdev->acl_last_tx = jiffies; | ||
1229 | |||
1230 | hdev->acl_cnt--; | ||
1231 | conn->sent++; | ||
1232 | } | ||
1233 | } | ||
1234 | } | ||
1235 | |||
1236 | /* Schedule SCO */ | ||
1237 | static inline void hci_sched_sco(struct hci_dev *hdev) | ||
1238 | { | ||
1239 | struct hci_conn *conn; | ||
1240 | struct sk_buff *skb; | ||
1241 | int quote; | ||
1242 | |||
1243 | BT_DBG("%s", hdev->name); | ||
1244 | |||
1245 | while (hdev->sco_cnt && (conn = hci_low_sent(hdev, SCO_LINK, "e))) { | ||
1246 | while (quote-- && (skb = skb_dequeue(&conn->data_q))) { | ||
1247 | BT_DBG("skb %p len %d", skb, skb->len); | ||
1248 | hci_send_frame(skb); | ||
1249 | |||
1250 | conn->sent++; | ||
1251 | if (conn->sent == ~0) | ||
1252 | conn->sent = 0; | ||
1253 | } | ||
1254 | } | ||
1255 | } | ||
1256 | |||
1257 | static void hci_tx_task(unsigned long arg) | ||
1258 | { | ||
1259 | struct hci_dev *hdev = (struct hci_dev *) arg; | ||
1260 | struct sk_buff *skb; | ||
1261 | |||
1262 | read_lock(&hci_task_lock); | ||
1263 | |||
1264 | BT_DBG("%s acl %d sco %d", hdev->name, hdev->acl_cnt, hdev->sco_cnt); | ||
1265 | |||
1266 | /* Schedule queues and send stuff to HCI driver */ | ||
1267 | |||
1268 | hci_sched_acl(hdev); | ||
1269 | |||
1270 | hci_sched_sco(hdev); | ||
1271 | |||
1272 | /* Send next queued raw (unknown type) packet */ | ||
1273 | while ((skb = skb_dequeue(&hdev->raw_q))) | ||
1274 | hci_send_frame(skb); | ||
1275 | |||
1276 | read_unlock(&hci_task_lock); | ||
1277 | } | ||
1278 | |||
1279 | /* ----- HCI RX task (incoming data proccessing) ----- */ | ||
1280 | |||
1281 | /* ACL data packet */ | ||
1282 | static inline void hci_acldata_packet(struct hci_dev *hdev, struct sk_buff *skb) | ||
1283 | { | ||
1284 | struct hci_acl_hdr *hdr = (void *) skb->data; | ||
1285 | struct hci_conn *conn; | ||
1286 | __u16 handle, flags; | ||
1287 | |||
1288 | skb_pull(skb, HCI_ACL_HDR_SIZE); | ||
1289 | |||
1290 | handle = __le16_to_cpu(hdr->handle); | ||
1291 | flags = hci_flags(handle); | ||
1292 | handle = hci_handle(handle); | ||
1293 | |||
1294 | BT_DBG("%s len %d handle 0x%x flags 0x%x", hdev->name, skb->len, handle, flags); | ||
1295 | |||
1296 | hdev->stat.acl_rx++; | ||
1297 | |||
1298 | hci_dev_lock(hdev); | ||
1299 | conn = hci_conn_hash_lookup_handle(hdev, handle); | ||
1300 | hci_dev_unlock(hdev); | ||
1301 | |||
1302 | if (conn) { | ||
1303 | register struct hci_proto *hp; | ||
1304 | |||
1305 | /* Send to upper protocol */ | ||
1306 | if ((hp = hci_proto[HCI_PROTO_L2CAP]) && hp->recv_acldata) { | ||
1307 | hp->recv_acldata(conn, skb, flags); | ||
1308 | return; | ||
1309 | } | ||
1310 | } else { | ||
1311 | BT_ERR("%s ACL packet for unknown connection handle %d", | ||
1312 | hdev->name, handle); | ||
1313 | } | ||
1314 | |||
1315 | kfree_skb(skb); | ||
1316 | } | ||
1317 | |||
1318 | /* SCO data packet */ | ||
1319 | static inline void hci_scodata_packet(struct hci_dev *hdev, struct sk_buff *skb) | ||
1320 | { | ||
1321 | struct hci_sco_hdr *hdr = (void *) skb->data; | ||
1322 | struct hci_conn *conn; | ||
1323 | __u16 handle; | ||
1324 | |||
1325 | skb_pull(skb, HCI_SCO_HDR_SIZE); | ||
1326 | |||
1327 | handle = __le16_to_cpu(hdr->handle); | ||
1328 | |||
1329 | BT_DBG("%s len %d handle 0x%x", hdev->name, skb->len, handle); | ||
1330 | |||
1331 | hdev->stat.sco_rx++; | ||
1332 | |||
1333 | hci_dev_lock(hdev); | ||
1334 | conn = hci_conn_hash_lookup_handle(hdev, handle); | ||
1335 | hci_dev_unlock(hdev); | ||
1336 | |||
1337 | if (conn) { | ||
1338 | register struct hci_proto *hp; | ||
1339 | |||
1340 | /* Send to upper protocol */ | ||
1341 | if ((hp = hci_proto[HCI_PROTO_SCO]) && hp->recv_scodata) { | ||
1342 | hp->recv_scodata(conn, skb); | ||
1343 | return; | ||
1344 | } | ||
1345 | } else { | ||
1346 | BT_ERR("%s SCO packet for unknown connection handle %d", | ||
1347 | hdev->name, handle); | ||
1348 | } | ||
1349 | |||
1350 | kfree_skb(skb); | ||
1351 | } | ||
1352 | |||
1353 | void hci_rx_task(unsigned long arg) | ||
1354 | { | ||
1355 | struct hci_dev *hdev = (struct hci_dev *) arg; | ||
1356 | struct sk_buff *skb; | ||
1357 | |||
1358 | BT_DBG("%s", hdev->name); | ||
1359 | |||
1360 | read_lock(&hci_task_lock); | ||
1361 | |||
1362 | while ((skb = skb_dequeue(&hdev->rx_q))) { | ||
1363 | if (atomic_read(&hdev->promisc)) { | ||
1364 | /* Send copy to the sockets */ | ||
1365 | hci_send_to_sock(hdev, skb); | ||
1366 | } | ||
1367 | |||
1368 | if (test_bit(HCI_RAW, &hdev->flags)) { | ||
1369 | kfree_skb(skb); | ||
1370 | continue; | ||
1371 | } | ||
1372 | |||
1373 | if (test_bit(HCI_INIT, &hdev->flags)) { | ||
1374 | /* Don't process data packets in this states. */ | ||
1375 | switch (skb->pkt_type) { | ||
1376 | case HCI_ACLDATA_PKT: | ||
1377 | case HCI_SCODATA_PKT: | ||
1378 | kfree_skb(skb); | ||
1379 | continue; | ||
1380 | }; | ||
1381 | } | ||
1382 | |||
1383 | /* Process frame */ | ||
1384 | switch (skb->pkt_type) { | ||
1385 | case HCI_EVENT_PKT: | ||
1386 | hci_event_packet(hdev, skb); | ||
1387 | break; | ||
1388 | |||
1389 | case HCI_ACLDATA_PKT: | ||
1390 | BT_DBG("%s ACL data packet", hdev->name); | ||
1391 | hci_acldata_packet(hdev, skb); | ||
1392 | break; | ||
1393 | |||
1394 | case HCI_SCODATA_PKT: | ||
1395 | BT_DBG("%s SCO data packet", hdev->name); | ||
1396 | hci_scodata_packet(hdev, skb); | ||
1397 | break; | ||
1398 | |||
1399 | default: | ||
1400 | kfree_skb(skb); | ||
1401 | break; | ||
1402 | } | ||
1403 | } | ||
1404 | |||
1405 | read_unlock(&hci_task_lock); | ||
1406 | } | ||
1407 | |||
1408 | static void hci_cmd_task(unsigned long arg) | ||
1409 | { | ||
1410 | struct hci_dev *hdev = (struct hci_dev *) arg; | ||
1411 | struct sk_buff *skb; | ||
1412 | |||
1413 | BT_DBG("%s cmd %d", hdev->name, atomic_read(&hdev->cmd_cnt)); | ||
1414 | |||
1415 | if (!atomic_read(&hdev->cmd_cnt) && (jiffies - hdev->cmd_last_tx) > HZ) { | ||
1416 | BT_ERR("%s command tx timeout", hdev->name); | ||
1417 | atomic_set(&hdev->cmd_cnt, 1); | ||
1418 | } | ||
1419 | |||
1420 | /* Send queued commands */ | ||
1421 | if (atomic_read(&hdev->cmd_cnt) && (skb = skb_dequeue(&hdev->cmd_q))) { | ||
1422 | if (hdev->sent_cmd) | ||
1423 | kfree_skb(hdev->sent_cmd); | ||
1424 | |||
1425 | if ((hdev->sent_cmd = skb_clone(skb, GFP_ATOMIC))) { | ||
1426 | atomic_dec(&hdev->cmd_cnt); | ||
1427 | hci_send_frame(skb); | ||
1428 | hdev->cmd_last_tx = jiffies; | ||
1429 | } else { | ||
1430 | skb_queue_head(&hdev->cmd_q, skb); | ||
1431 | hci_sched_cmd(hdev); | ||
1432 | } | ||
1433 | } | ||
1434 | } | ||
diff --git a/net/bluetooth/hci_event.c b/net/bluetooth/hci_event.c new file mode 100644 index 00000000000..8ccba8ee997 --- /dev/null +++ b/net/bluetooth/hci_event.c | |||
@@ -0,0 +1,1044 @@ | |||
1 | /* | ||
2 | BlueZ - Bluetooth protocol stack for Linux | ||
3 | Copyright (C) 2000-2001 Qualcomm Incorporated | ||
4 | |||
5 | Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com> | ||
6 | |||
7 | This program is free software; you can redistribute it and/or modify | ||
8 | it under the terms of the GNU General Public License version 2 as | ||
9 | published by the Free Software Foundation; | ||
10 | |||
11 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS | ||
12 | OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | ||
13 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. | ||
14 | IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY | ||
15 | CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES | ||
16 | WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | ||
17 | ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | ||
18 | OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | ||
19 | |||
20 | ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, | ||
21 | COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS | ||
22 | SOFTWARE IS DISCLAIMED. | ||
23 | */ | ||
24 | |||
25 | /* Bluetooth HCI event handling. */ | ||
26 | |||
27 | #include <linux/config.h> | ||
28 | #include <linux/module.h> | ||
29 | |||
30 | #include <linux/types.h> | ||
31 | #include <linux/errno.h> | ||
32 | #include <linux/kernel.h> | ||
33 | #include <linux/major.h> | ||
34 | #include <linux/sched.h> | ||
35 | #include <linux/slab.h> | ||
36 | #include <linux/poll.h> | ||
37 | #include <linux/fcntl.h> | ||
38 | #include <linux/init.h> | ||
39 | #include <linux/skbuff.h> | ||
40 | #include <linux/interrupt.h> | ||
41 | #include <linux/notifier.h> | ||
42 | #include <net/sock.h> | ||
43 | |||
44 | #include <asm/system.h> | ||
45 | #include <asm/uaccess.h> | ||
46 | #include <asm/unaligned.h> | ||
47 | |||
48 | #include <net/bluetooth/bluetooth.h> | ||
49 | #include <net/bluetooth/hci_core.h> | ||
50 | |||
51 | #ifndef CONFIG_BT_HCI_CORE_DEBUG | ||
52 | #undef BT_DBG | ||
53 | #define BT_DBG(D...) | ||
54 | #endif | ||
55 | |||
56 | /* Handle HCI Event packets */ | ||
57 | |||
58 | /* Command Complete OGF LINK_CTL */ | ||
59 | static void hci_cc_link_ctl(struct hci_dev *hdev, __u16 ocf, struct sk_buff *skb) | ||
60 | { | ||
61 | __u8 status; | ||
62 | |||
63 | BT_DBG("%s ocf 0x%x", hdev->name, ocf); | ||
64 | |||
65 | switch (ocf) { | ||
66 | case OCF_INQUIRY_CANCEL: | ||
67 | status = *((__u8 *) skb->data); | ||
68 | |||
69 | if (status) { | ||
70 | BT_DBG("%s Inquiry cancel error: status 0x%x", hdev->name, status); | ||
71 | } else { | ||
72 | clear_bit(HCI_INQUIRY, &hdev->flags); | ||
73 | hci_req_complete(hdev, status); | ||
74 | } | ||
75 | break; | ||
76 | |||
77 | default: | ||
78 | BT_DBG("%s Command complete: ogf LINK_CTL ocf %x", hdev->name, ocf); | ||
79 | break; | ||
80 | } | ||
81 | } | ||
82 | |||
83 | /* Command Complete OGF LINK_POLICY */ | ||
84 | static void hci_cc_link_policy(struct hci_dev *hdev, __u16 ocf, struct sk_buff *skb) | ||
85 | { | ||
86 | struct hci_conn *conn; | ||
87 | struct hci_rp_role_discovery *rd; | ||
88 | |||
89 | BT_DBG("%s ocf 0x%x", hdev->name, ocf); | ||
90 | |||
91 | switch (ocf) { | ||
92 | case OCF_ROLE_DISCOVERY: | ||
93 | rd = (void *) skb->data; | ||
94 | |||
95 | if (rd->status) | ||
96 | break; | ||
97 | |||
98 | hci_dev_lock(hdev); | ||
99 | |||
100 | conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rd->handle)); | ||
101 | if (conn) { | ||
102 | if (rd->role) | ||
103 | conn->link_mode &= ~HCI_LM_MASTER; | ||
104 | else | ||
105 | conn->link_mode |= HCI_LM_MASTER; | ||
106 | } | ||
107 | |||
108 | hci_dev_unlock(hdev); | ||
109 | break; | ||
110 | |||
111 | default: | ||
112 | BT_DBG("%s: Command complete: ogf LINK_POLICY ocf %x", | ||
113 | hdev->name, ocf); | ||
114 | break; | ||
115 | } | ||
116 | } | ||
117 | |||
118 | /* Command Complete OGF HOST_CTL */ | ||
119 | static void hci_cc_host_ctl(struct hci_dev *hdev, __u16 ocf, struct sk_buff *skb) | ||
120 | { | ||
121 | __u8 status, param; | ||
122 | __u16 setting; | ||
123 | struct hci_rp_read_voice_setting *vs; | ||
124 | void *sent; | ||
125 | |||
126 | BT_DBG("%s ocf 0x%x", hdev->name, ocf); | ||
127 | |||
128 | switch (ocf) { | ||
129 | case OCF_RESET: | ||
130 | status = *((__u8 *) skb->data); | ||
131 | hci_req_complete(hdev, status); | ||
132 | break; | ||
133 | |||
134 | case OCF_SET_EVENT_FLT: | ||
135 | status = *((__u8 *) skb->data); | ||
136 | if (status) { | ||
137 | BT_DBG("%s SET_EVENT_FLT failed %d", hdev->name, status); | ||
138 | } else { | ||
139 | BT_DBG("%s SET_EVENT_FLT succeseful", hdev->name); | ||
140 | } | ||
141 | break; | ||
142 | |||
143 | case OCF_WRITE_AUTH_ENABLE: | ||
144 | sent = hci_sent_cmd_data(hdev, OGF_HOST_CTL, OCF_WRITE_AUTH_ENABLE); | ||
145 | if (!sent) | ||
146 | break; | ||
147 | |||
148 | status = *((__u8 *) skb->data); | ||
149 | param = *((__u8 *) sent); | ||
150 | |||
151 | if (!status) { | ||
152 | if (param == AUTH_ENABLED) | ||
153 | set_bit(HCI_AUTH, &hdev->flags); | ||
154 | else | ||
155 | clear_bit(HCI_AUTH, &hdev->flags); | ||
156 | } | ||
157 | hci_req_complete(hdev, status); | ||
158 | break; | ||
159 | |||
160 | case OCF_WRITE_ENCRYPT_MODE: | ||
161 | sent = hci_sent_cmd_data(hdev, OGF_HOST_CTL, OCF_WRITE_ENCRYPT_MODE); | ||
162 | if (!sent) | ||
163 | break; | ||
164 | |||
165 | status = *((__u8 *) skb->data); | ||
166 | param = *((__u8 *) sent); | ||
167 | |||
168 | if (!status) { | ||
169 | if (param) | ||
170 | set_bit(HCI_ENCRYPT, &hdev->flags); | ||
171 | else | ||
172 | clear_bit(HCI_ENCRYPT, &hdev->flags); | ||
173 | } | ||
174 | hci_req_complete(hdev, status); | ||
175 | break; | ||
176 | |||
177 | case OCF_WRITE_CA_TIMEOUT: | ||
178 | status = *((__u8 *) skb->data); | ||
179 | if (status) { | ||
180 | BT_DBG("%s OCF_WRITE_CA_TIMEOUT failed %d", hdev->name, status); | ||
181 | } else { | ||
182 | BT_DBG("%s OCF_WRITE_CA_TIMEOUT succeseful", hdev->name); | ||
183 | } | ||
184 | break; | ||
185 | |||
186 | case OCF_WRITE_PG_TIMEOUT: | ||
187 | status = *((__u8 *) skb->data); | ||
188 | if (status) { | ||
189 | BT_DBG("%s OCF_WRITE_PG_TIMEOUT failed %d", hdev->name, status); | ||
190 | } else { | ||
191 | BT_DBG("%s: OCF_WRITE_PG_TIMEOUT succeseful", hdev->name); | ||
192 | } | ||
193 | break; | ||
194 | |||
195 | case OCF_WRITE_SCAN_ENABLE: | ||
196 | sent = hci_sent_cmd_data(hdev, OGF_HOST_CTL, OCF_WRITE_SCAN_ENABLE); | ||
197 | if (!sent) | ||
198 | break; | ||
199 | |||
200 | status = *((__u8 *) skb->data); | ||
201 | param = *((__u8 *) sent); | ||
202 | |||
203 | BT_DBG("param 0x%x", param); | ||
204 | |||
205 | if (!status) { | ||
206 | clear_bit(HCI_PSCAN, &hdev->flags); | ||
207 | clear_bit(HCI_ISCAN, &hdev->flags); | ||
208 | if (param & SCAN_INQUIRY) | ||
209 | set_bit(HCI_ISCAN, &hdev->flags); | ||
210 | |||
211 | if (param & SCAN_PAGE) | ||
212 | set_bit(HCI_PSCAN, &hdev->flags); | ||
213 | } | ||
214 | hci_req_complete(hdev, status); | ||
215 | break; | ||
216 | |||
217 | case OCF_READ_VOICE_SETTING: | ||
218 | vs = (struct hci_rp_read_voice_setting *) skb->data; | ||
219 | |||
220 | if (vs->status) { | ||
221 | BT_DBG("%s READ_VOICE_SETTING failed %d", hdev->name, vs->status); | ||
222 | break; | ||
223 | } | ||
224 | |||
225 | setting = __le16_to_cpu(vs->voice_setting); | ||
226 | |||
227 | if (hdev->voice_setting != setting ) { | ||
228 | hdev->voice_setting = setting; | ||
229 | |||
230 | BT_DBG("%s: voice setting 0x%04x", hdev->name, setting); | ||
231 | |||
232 | if (hdev->notify) { | ||
233 | tasklet_disable(&hdev->tx_task); | ||
234 | hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING); | ||
235 | tasklet_enable(&hdev->tx_task); | ||
236 | } | ||
237 | } | ||
238 | break; | ||
239 | |||
240 | case OCF_WRITE_VOICE_SETTING: | ||
241 | sent = hci_sent_cmd_data(hdev, OGF_HOST_CTL, OCF_WRITE_VOICE_SETTING); | ||
242 | if (!sent) | ||
243 | break; | ||
244 | |||
245 | status = *((__u8 *) skb->data); | ||
246 | setting = __le16_to_cpu(get_unaligned((__u16 *) sent)); | ||
247 | |||
248 | if (!status && hdev->voice_setting != setting) { | ||
249 | hdev->voice_setting = setting; | ||
250 | |||
251 | BT_DBG("%s: voice setting 0x%04x", hdev->name, setting); | ||
252 | |||
253 | if (hdev->notify) { | ||
254 | tasklet_disable(&hdev->tx_task); | ||
255 | hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING); | ||
256 | tasklet_enable(&hdev->tx_task); | ||
257 | } | ||
258 | } | ||
259 | hci_req_complete(hdev, status); | ||
260 | break; | ||
261 | |||
262 | case OCF_HOST_BUFFER_SIZE: | ||
263 | status = *((__u8 *) skb->data); | ||
264 | if (status) { | ||
265 | BT_DBG("%s OCF_BUFFER_SIZE failed %d", hdev->name, status); | ||
266 | hci_req_complete(hdev, status); | ||
267 | } | ||
268 | break; | ||
269 | |||
270 | default: | ||
271 | BT_DBG("%s Command complete: ogf HOST_CTL ocf %x", hdev->name, ocf); | ||
272 | break; | ||
273 | } | ||
274 | } | ||
275 | |||
276 | /* Command Complete OGF INFO_PARAM */ | ||
277 | static void hci_cc_info_param(struct hci_dev *hdev, __u16 ocf, struct sk_buff *skb) | ||
278 | { | ||
279 | struct hci_rp_read_loc_features *lf; | ||
280 | struct hci_rp_read_buffer_size *bs; | ||
281 | struct hci_rp_read_bd_addr *ba; | ||
282 | |||
283 | BT_DBG("%s ocf 0x%x", hdev->name, ocf); | ||
284 | |||
285 | switch (ocf) { | ||
286 | case OCF_READ_LOCAL_FEATURES: | ||
287 | lf = (struct hci_rp_read_loc_features *) skb->data; | ||
288 | |||
289 | if (lf->status) { | ||
290 | BT_DBG("%s READ_LOCAL_FEATURES failed %d", hdev->name, lf->status); | ||
291 | break; | ||
292 | } | ||
293 | |||
294 | memcpy(hdev->features, lf->features, sizeof(hdev->features)); | ||
295 | |||
296 | /* Adjust default settings according to features | ||
297 | * supported by device. */ | ||
298 | if (hdev->features[0] & LMP_3SLOT) | ||
299 | hdev->pkt_type |= (HCI_DM3 | HCI_DH3); | ||
300 | |||
301 | if (hdev->features[0] & LMP_5SLOT) | ||
302 | hdev->pkt_type |= (HCI_DM5 | HCI_DH5); | ||
303 | |||
304 | if (hdev->features[1] & LMP_HV2) | ||
305 | hdev->pkt_type |= (HCI_HV2); | ||
306 | |||
307 | if (hdev->features[1] & LMP_HV3) | ||
308 | hdev->pkt_type |= (HCI_HV3); | ||
309 | |||
310 | BT_DBG("%s: features 0x%x 0x%x 0x%x", hdev->name, lf->features[0], lf->features[1], lf->features[2]); | ||
311 | |||
312 | break; | ||
313 | |||
314 | case OCF_READ_BUFFER_SIZE: | ||
315 | bs = (struct hci_rp_read_buffer_size *) skb->data; | ||
316 | |||
317 | if (bs->status) { | ||
318 | BT_DBG("%s READ_BUFFER_SIZE failed %d", hdev->name, bs->status); | ||
319 | hci_req_complete(hdev, bs->status); | ||
320 | break; | ||
321 | } | ||
322 | |||
323 | hdev->acl_mtu = __le16_to_cpu(bs->acl_mtu); | ||
324 | hdev->sco_mtu = bs->sco_mtu ? bs->sco_mtu : 64; | ||
325 | hdev->acl_pkts = hdev->acl_cnt = __le16_to_cpu(bs->acl_max_pkt); | ||
326 | hdev->sco_pkts = hdev->sco_cnt = __le16_to_cpu(bs->sco_max_pkt); | ||
327 | |||
328 | BT_DBG("%s mtu: acl %d, sco %d max_pkt: acl %d, sco %d", hdev->name, | ||
329 | hdev->acl_mtu, hdev->sco_mtu, hdev->acl_pkts, hdev->sco_pkts); | ||
330 | break; | ||
331 | |||
332 | case OCF_READ_BD_ADDR: | ||
333 | ba = (struct hci_rp_read_bd_addr *) skb->data; | ||
334 | |||
335 | if (!ba->status) { | ||
336 | bacpy(&hdev->bdaddr, &ba->bdaddr); | ||
337 | } else { | ||
338 | BT_DBG("%s: READ_BD_ADDR failed %d", hdev->name, ba->status); | ||
339 | } | ||
340 | |||
341 | hci_req_complete(hdev, ba->status); | ||
342 | break; | ||
343 | |||
344 | default: | ||
345 | BT_DBG("%s Command complete: ogf INFO_PARAM ocf %x", hdev->name, ocf); | ||
346 | break; | ||
347 | } | ||
348 | } | ||
349 | |||
350 | /* Command Status OGF LINK_CTL */ | ||
351 | static inline void hci_cs_create_conn(struct hci_dev *hdev, __u8 status) | ||
352 | { | ||
353 | struct hci_conn *conn; | ||
354 | struct hci_cp_create_conn *cp = hci_sent_cmd_data(hdev, OGF_LINK_CTL, OCF_CREATE_CONN); | ||
355 | |||
356 | if (!cp) | ||
357 | return; | ||
358 | |||
359 | hci_dev_lock(hdev); | ||
360 | |||
361 | conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr); | ||
362 | |||
363 | BT_DBG("%s status 0x%x bdaddr %s conn %p", hdev->name, | ||
364 | status, batostr(&cp->bdaddr), conn); | ||
365 | |||
366 | if (status) { | ||
367 | if (conn && conn->state == BT_CONNECT) { | ||
368 | conn->state = BT_CLOSED; | ||
369 | hci_proto_connect_cfm(conn, status); | ||
370 | hci_conn_del(conn); | ||
371 | } | ||
372 | } else { | ||
373 | if (!conn) { | ||
374 | conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr); | ||
375 | if (conn) { | ||
376 | conn->out = 1; | ||
377 | conn->link_mode |= HCI_LM_MASTER; | ||
378 | } else | ||
379 | BT_ERR("No memmory for new connection"); | ||
380 | } | ||
381 | } | ||
382 | |||
383 | hci_dev_unlock(hdev); | ||
384 | } | ||
385 | |||
386 | static void hci_cs_link_ctl(struct hci_dev *hdev, __u16 ocf, __u8 status) | ||
387 | { | ||
388 | BT_DBG("%s ocf 0x%x", hdev->name, ocf); | ||
389 | |||
390 | switch (ocf) { | ||
391 | case OCF_CREATE_CONN: | ||
392 | hci_cs_create_conn(hdev, status); | ||
393 | break; | ||
394 | |||
395 | case OCF_ADD_SCO: | ||
396 | if (status) { | ||
397 | struct hci_conn *acl, *sco; | ||
398 | struct hci_cp_add_sco *cp = hci_sent_cmd_data(hdev, OGF_LINK_CTL, OCF_ADD_SCO); | ||
399 | __u16 handle; | ||
400 | |||
401 | if (!cp) | ||
402 | break; | ||
403 | |||
404 | handle = __le16_to_cpu(cp->handle); | ||
405 | |||
406 | BT_DBG("%s Add SCO error: handle %d status 0x%x", hdev->name, handle, status); | ||
407 | |||
408 | hci_dev_lock(hdev); | ||
409 | |||
410 | acl = hci_conn_hash_lookup_handle(hdev, handle); | ||
411 | if (acl && (sco = acl->link)) { | ||
412 | sco->state = BT_CLOSED; | ||
413 | |||
414 | hci_proto_connect_cfm(sco, status); | ||
415 | hci_conn_del(sco); | ||
416 | } | ||
417 | |||
418 | hci_dev_unlock(hdev); | ||
419 | } | ||
420 | break; | ||
421 | |||
422 | case OCF_INQUIRY: | ||
423 | if (status) { | ||
424 | BT_DBG("%s Inquiry error: status 0x%x", hdev->name, status); | ||
425 | hci_req_complete(hdev, status); | ||
426 | } else { | ||
427 | set_bit(HCI_INQUIRY, &hdev->flags); | ||
428 | } | ||
429 | break; | ||
430 | |||
431 | default: | ||
432 | BT_DBG("%s Command status: ogf LINK_CTL ocf %x status %d", | ||
433 | hdev->name, ocf, status); | ||
434 | break; | ||
435 | } | ||
436 | } | ||
437 | |||
438 | /* Command Status OGF LINK_POLICY */ | ||
439 | static void hci_cs_link_policy(struct hci_dev *hdev, __u16 ocf, __u8 status) | ||
440 | { | ||
441 | BT_DBG("%s ocf 0x%x", hdev->name, ocf); | ||
442 | |||
443 | switch (ocf) { | ||
444 | default: | ||
445 | BT_DBG("%s Command status: ogf HOST_POLICY ocf %x", hdev->name, ocf); | ||
446 | break; | ||
447 | } | ||
448 | } | ||
449 | |||
450 | /* Command Status OGF HOST_CTL */ | ||
451 | static void hci_cs_host_ctl(struct hci_dev *hdev, __u16 ocf, __u8 status) | ||
452 | { | ||
453 | BT_DBG("%s ocf 0x%x", hdev->name, ocf); | ||
454 | |||
455 | switch (ocf) { | ||
456 | default: | ||
457 | BT_DBG("%s Command status: ogf HOST_CTL ocf %x", hdev->name, ocf); | ||
458 | break; | ||
459 | } | ||
460 | } | ||
461 | |||
462 | /* Command Status OGF INFO_PARAM */ | ||
463 | static void hci_cs_info_param(struct hci_dev *hdev, __u16 ocf, __u8 status) | ||
464 | { | ||
465 | BT_DBG("%s: hci_cs_info_param: ocf 0x%x", hdev->name, ocf); | ||
466 | |||
467 | switch (ocf) { | ||
468 | default: | ||
469 | BT_DBG("%s Command status: ogf INFO_PARAM ocf %x", hdev->name, ocf); | ||
470 | break; | ||
471 | } | ||
472 | } | ||
473 | |||
474 | /* Inquiry Complete */ | ||
475 | static inline void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb) | ||
476 | { | ||
477 | __u8 status = *((__u8 *) skb->data); | ||
478 | |||
479 | BT_DBG("%s status %d", hdev->name, status); | ||
480 | |||
481 | clear_bit(HCI_INQUIRY, &hdev->flags); | ||
482 | hci_req_complete(hdev, status); | ||
483 | } | ||
484 | |||
485 | /* Inquiry Result */ | ||
486 | static inline void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb) | ||
487 | { | ||
488 | struct inquiry_info *info = (struct inquiry_info *) (skb->data + 1); | ||
489 | int num_rsp = *((__u8 *) skb->data); | ||
490 | |||
491 | BT_DBG("%s num_rsp %d", hdev->name, num_rsp); | ||
492 | |||
493 | hci_dev_lock(hdev); | ||
494 | for (; num_rsp; num_rsp--) { | ||
495 | struct inquiry_data data; | ||
496 | bacpy(&data.bdaddr, &info->bdaddr); | ||
497 | data.pscan_rep_mode = info->pscan_rep_mode; | ||
498 | data.pscan_period_mode = info->pscan_period_mode; | ||
499 | data.pscan_mode = info->pscan_mode; | ||
500 | memcpy(data.dev_class, info->dev_class, 3); | ||
501 | data.clock_offset = info->clock_offset; | ||
502 | data.rssi = 0x00; | ||
503 | info++; | ||
504 | hci_inquiry_cache_update(hdev, &data); | ||
505 | } | ||
506 | hci_dev_unlock(hdev); | ||
507 | } | ||
508 | |||
509 | /* Inquiry Result With RSSI */ | ||
510 | static inline void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev, struct sk_buff *skb) | ||
511 | { | ||
512 | struct inquiry_info_with_rssi *info = (struct inquiry_info_with_rssi *) (skb->data + 1); | ||
513 | int num_rsp = *((__u8 *) skb->data); | ||
514 | |||
515 | BT_DBG("%s num_rsp %d", hdev->name, num_rsp); | ||
516 | |||
517 | hci_dev_lock(hdev); | ||
518 | for (; num_rsp; num_rsp--) { | ||
519 | struct inquiry_data data; | ||
520 | bacpy(&data.bdaddr, &info->bdaddr); | ||
521 | data.pscan_rep_mode = info->pscan_rep_mode; | ||
522 | data.pscan_period_mode = info->pscan_period_mode; | ||
523 | data.pscan_mode = 0x00; | ||
524 | memcpy(data.dev_class, info->dev_class, 3); | ||
525 | data.clock_offset = info->clock_offset; | ||
526 | data.rssi = info->rssi; | ||
527 | info++; | ||
528 | hci_inquiry_cache_update(hdev, &data); | ||
529 | } | ||
530 | hci_dev_unlock(hdev); | ||
531 | } | ||
532 | |||
533 | /* Connect Request */ | ||
534 | static inline void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb) | ||
535 | { | ||
536 | struct hci_ev_conn_request *ev = (struct hci_ev_conn_request *) skb->data; | ||
537 | int mask = hdev->link_mode; | ||
538 | |||
539 | BT_DBG("%s Connection request: %s type 0x%x", hdev->name, | ||
540 | batostr(&ev->bdaddr), ev->link_type); | ||
541 | |||
542 | mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type); | ||
543 | |||
544 | if (mask & HCI_LM_ACCEPT) { | ||
545 | /* Connection accepted */ | ||
546 | struct hci_conn *conn; | ||
547 | struct hci_cp_accept_conn_req cp; | ||
548 | |||
549 | hci_dev_lock(hdev); | ||
550 | conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr); | ||
551 | if (!conn) { | ||
552 | if (!(conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr))) { | ||
553 | BT_ERR("No memmory for new connection"); | ||
554 | hci_dev_unlock(hdev); | ||
555 | return; | ||
556 | } | ||
557 | } | ||
558 | memcpy(conn->dev_class, ev->dev_class, 3); | ||
559 | conn->state = BT_CONNECT; | ||
560 | hci_dev_unlock(hdev); | ||
561 | |||
562 | bacpy(&cp.bdaddr, &ev->bdaddr); | ||
563 | |||
564 | if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER)) | ||
565 | cp.role = 0x00; /* Become master */ | ||
566 | else | ||
567 | cp.role = 0x01; /* Remain slave */ | ||
568 | |||
569 | hci_send_cmd(hdev, OGF_LINK_CTL, OCF_ACCEPT_CONN_REQ, sizeof(cp), &cp); | ||
570 | } else { | ||
571 | /* Connection rejected */ | ||
572 | struct hci_cp_reject_conn_req cp; | ||
573 | |||
574 | bacpy(&cp.bdaddr, &ev->bdaddr); | ||
575 | cp.reason = 0x0f; | ||
576 | hci_send_cmd(hdev, OGF_LINK_CTL, OCF_REJECT_CONN_REQ, sizeof(cp), &cp); | ||
577 | } | ||
578 | } | ||
579 | |||
580 | /* Connect Complete */ | ||
581 | static inline void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb) | ||
582 | { | ||
583 | struct hci_ev_conn_complete *ev = (struct hci_ev_conn_complete *) skb->data; | ||
584 | struct hci_conn *conn = NULL; | ||
585 | |||
586 | BT_DBG("%s", hdev->name); | ||
587 | |||
588 | hci_dev_lock(hdev); | ||
589 | |||
590 | conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr); | ||
591 | if (!conn) { | ||
592 | hci_dev_unlock(hdev); | ||
593 | return; | ||
594 | } | ||
595 | |||
596 | if (!ev->status) { | ||
597 | conn->handle = __le16_to_cpu(ev->handle); | ||
598 | conn->state = BT_CONNECTED; | ||
599 | |||
600 | if (test_bit(HCI_AUTH, &hdev->flags)) | ||
601 | conn->link_mode |= HCI_LM_AUTH; | ||
602 | |||
603 | if (test_bit(HCI_ENCRYPT, &hdev->flags)) | ||
604 | conn->link_mode |= HCI_LM_ENCRYPT; | ||
605 | |||
606 | /* Set link policy */ | ||
607 | if (conn->type == ACL_LINK && hdev->link_policy) { | ||
608 | struct hci_cp_write_link_policy cp; | ||
609 | cp.handle = ev->handle; | ||
610 | cp.policy = __cpu_to_le16(hdev->link_policy); | ||
611 | hci_send_cmd(hdev, OGF_LINK_POLICY, OCF_WRITE_LINK_POLICY, sizeof(cp), &cp); | ||
612 | } | ||
613 | |||
614 | /* Set packet type for incoming connection */ | ||
615 | if (!conn->out) { | ||
616 | struct hci_cp_change_conn_ptype cp; | ||
617 | cp.handle = ev->handle; | ||
618 | cp.pkt_type = (conn->type == ACL_LINK) ? | ||
619 | __cpu_to_le16(hdev->pkt_type & ACL_PTYPE_MASK): | ||
620 | __cpu_to_le16(hdev->pkt_type & SCO_PTYPE_MASK); | ||
621 | |||
622 | hci_send_cmd(hdev, OGF_LINK_CTL, OCF_CHANGE_CONN_PTYPE, sizeof(cp), &cp); | ||
623 | } | ||
624 | } else | ||
625 | conn->state = BT_CLOSED; | ||
626 | |||
627 | if (conn->type == ACL_LINK) { | ||
628 | struct hci_conn *sco = conn->link; | ||
629 | if (sco) { | ||
630 | if (!ev->status) | ||
631 | hci_add_sco(sco, conn->handle); | ||
632 | else { | ||
633 | hci_proto_connect_cfm(sco, ev->status); | ||
634 | hci_conn_del(sco); | ||
635 | } | ||
636 | } | ||
637 | } | ||
638 | |||
639 | hci_proto_connect_cfm(conn, ev->status); | ||
640 | if (ev->status) | ||
641 | hci_conn_del(conn); | ||
642 | |||
643 | hci_dev_unlock(hdev); | ||
644 | } | ||
645 | |||
646 | /* Disconnect Complete */ | ||
647 | static inline void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb) | ||
648 | { | ||
649 | struct hci_ev_disconn_complete *ev = (struct hci_ev_disconn_complete *) skb->data; | ||
650 | struct hci_conn *conn = NULL; | ||
651 | __u16 handle = __le16_to_cpu(ev->handle); | ||
652 | |||
653 | BT_DBG("%s status %d", hdev->name, ev->status); | ||
654 | |||
655 | if (ev->status) | ||
656 | return; | ||
657 | |||
658 | hci_dev_lock(hdev); | ||
659 | |||
660 | conn = hci_conn_hash_lookup_handle(hdev, handle); | ||
661 | if (conn) { | ||
662 | conn->state = BT_CLOSED; | ||
663 | hci_proto_disconn_ind(conn, ev->reason); | ||
664 | hci_conn_del(conn); | ||
665 | } | ||
666 | |||
667 | hci_dev_unlock(hdev); | ||
668 | } | ||
669 | |||
670 | /* Number of completed packets */ | ||
671 | static inline void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb) | ||
672 | { | ||
673 | struct hci_ev_num_comp_pkts *ev = (struct hci_ev_num_comp_pkts *) skb->data; | ||
674 | __u16 *ptr; | ||
675 | int i; | ||
676 | |||
677 | skb_pull(skb, sizeof(*ev)); | ||
678 | |||
679 | BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl); | ||
680 | |||
681 | if (skb->len < ev->num_hndl * 4) { | ||
682 | BT_DBG("%s bad parameters", hdev->name); | ||
683 | return; | ||
684 | } | ||
685 | |||
686 | tasklet_disable(&hdev->tx_task); | ||
687 | |||
688 | for (i = 0, ptr = (__u16 *) skb->data; i < ev->num_hndl; i++) { | ||
689 | struct hci_conn *conn; | ||
690 | __u16 handle, count; | ||
691 | |||
692 | handle = __le16_to_cpu(get_unaligned(ptr++)); | ||
693 | count = __le16_to_cpu(get_unaligned(ptr++)); | ||
694 | |||
695 | conn = hci_conn_hash_lookup_handle(hdev, handle); | ||
696 | if (conn) { | ||
697 | conn->sent -= count; | ||
698 | |||
699 | if (conn->type == SCO_LINK) { | ||
700 | if ((hdev->sco_cnt += count) > hdev->sco_pkts) | ||
701 | hdev->sco_cnt = hdev->sco_pkts; | ||
702 | } else { | ||
703 | if ((hdev->acl_cnt += count) > hdev->acl_pkts) | ||
704 | hdev->acl_cnt = hdev->acl_pkts; | ||
705 | } | ||
706 | } | ||
707 | } | ||
708 | hci_sched_tx(hdev); | ||
709 | |||
710 | tasklet_enable(&hdev->tx_task); | ||
711 | } | ||
712 | |||
713 | /* Role Change */ | ||
714 | static inline void hci_role_change_evt(struct hci_dev *hdev, struct sk_buff *skb) | ||
715 | { | ||
716 | struct hci_ev_role_change *ev = (struct hci_ev_role_change *) skb->data; | ||
717 | struct hci_conn *conn = NULL; | ||
718 | |||
719 | BT_DBG("%s status %d", hdev->name, ev->status); | ||
720 | |||
721 | hci_dev_lock(hdev); | ||
722 | |||
723 | conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); | ||
724 | if (conn) { | ||
725 | if (!ev->status) { | ||
726 | if (ev->role) | ||
727 | conn->link_mode &= ~HCI_LM_MASTER; | ||
728 | else | ||
729 | conn->link_mode |= HCI_LM_MASTER; | ||
730 | } | ||
731 | |||
732 | clear_bit(HCI_CONN_RSWITCH_PEND, &conn->pend); | ||
733 | |||
734 | hci_role_switch_cfm(conn, ev->status, ev->role); | ||
735 | } | ||
736 | |||
737 | hci_dev_unlock(hdev); | ||
738 | } | ||
739 | |||
740 | /* Authentication Complete */ | ||
741 | static inline void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb) | ||
742 | { | ||
743 | struct hci_ev_auth_complete *ev = (struct hci_ev_auth_complete *) skb->data; | ||
744 | struct hci_conn *conn = NULL; | ||
745 | __u16 handle = __le16_to_cpu(ev->handle); | ||
746 | |||
747 | BT_DBG("%s status %d", hdev->name, ev->status); | ||
748 | |||
749 | hci_dev_lock(hdev); | ||
750 | |||
751 | conn = hci_conn_hash_lookup_handle(hdev, handle); | ||
752 | if (conn) { | ||
753 | if (!ev->status) | ||
754 | conn->link_mode |= HCI_LM_AUTH; | ||
755 | |||
756 | clear_bit(HCI_CONN_AUTH_PEND, &conn->pend); | ||
757 | |||
758 | hci_auth_cfm(conn, ev->status); | ||
759 | |||
760 | if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend)) { | ||
761 | if (!ev->status) { | ||
762 | struct hci_cp_set_conn_encrypt cp; | ||
763 | cp.handle = __cpu_to_le16(conn->handle); | ||
764 | cp.encrypt = 1; | ||
765 | hci_send_cmd(conn->hdev, OGF_LINK_CTL, | ||
766 | OCF_SET_CONN_ENCRYPT, | ||
767 | sizeof(cp), &cp); | ||
768 | } else { | ||
769 | clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend); | ||
770 | hci_encrypt_cfm(conn, ev->status, 0x00); | ||
771 | } | ||
772 | } | ||
773 | } | ||
774 | |||
775 | hci_dev_unlock(hdev); | ||
776 | } | ||
777 | |||
778 | /* Encryption Change */ | ||
779 | static inline void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb) | ||
780 | { | ||
781 | struct hci_ev_encrypt_change *ev = (struct hci_ev_encrypt_change *) skb->data; | ||
782 | struct hci_conn *conn = NULL; | ||
783 | __u16 handle = __le16_to_cpu(ev->handle); | ||
784 | |||
785 | BT_DBG("%s status %d", hdev->name, ev->status); | ||
786 | |||
787 | hci_dev_lock(hdev); | ||
788 | |||
789 | conn = hci_conn_hash_lookup_handle(hdev, handle); | ||
790 | if (conn) { | ||
791 | if (!ev->status) { | ||
792 | if (ev->encrypt) | ||
793 | conn->link_mode |= HCI_LM_ENCRYPT; | ||
794 | else | ||
795 | conn->link_mode &= ~HCI_LM_ENCRYPT; | ||
796 | } | ||
797 | |||
798 | clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend); | ||
799 | |||
800 | hci_encrypt_cfm(conn, ev->status, ev->encrypt); | ||
801 | } | ||
802 | |||
803 | hci_dev_unlock(hdev); | ||
804 | } | ||
805 | |||
806 | /* Change Connection Link Key Complete */ | ||
807 | static inline void hci_change_conn_link_key_complete_evt(struct hci_dev *hdev, struct sk_buff *skb) | ||
808 | { | ||
809 | struct hci_ev_change_conn_link_key_complete *ev = (struct hci_ev_change_conn_link_key_complete *) skb->data; | ||
810 | struct hci_conn *conn = NULL; | ||
811 | __u16 handle = __le16_to_cpu(ev->handle); | ||
812 | |||
813 | BT_DBG("%s status %d", hdev->name, ev->status); | ||
814 | |||
815 | hci_dev_lock(hdev); | ||
816 | |||
817 | conn = hci_conn_hash_lookup_handle(hdev, handle); | ||
818 | if (conn) { | ||
819 | if (!ev->status) | ||
820 | conn->link_mode |= HCI_LM_SECURE; | ||
821 | |||
822 | clear_bit(HCI_CONN_AUTH_PEND, &conn->pend); | ||
823 | |||
824 | hci_key_change_cfm(conn, ev->status); | ||
825 | } | ||
826 | |||
827 | hci_dev_unlock(hdev); | ||
828 | } | ||
829 | |||
830 | /* Pin Code Request*/ | ||
831 | static inline void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb) | ||
832 | { | ||
833 | } | ||
834 | |||
835 | /* Link Key Request */ | ||
836 | static inline void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb) | ||
837 | { | ||
838 | } | ||
839 | |||
840 | /* Link Key Notification */ | ||
841 | static inline void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb) | ||
842 | { | ||
843 | } | ||
844 | |||
845 | /* Clock Offset */ | ||
846 | static inline void hci_clock_offset_evt(struct hci_dev *hdev, struct sk_buff *skb) | ||
847 | { | ||
848 | struct hci_ev_clock_offset *ev = (struct hci_ev_clock_offset *) skb->data; | ||
849 | struct hci_conn *conn = NULL; | ||
850 | __u16 handle = __le16_to_cpu(ev->handle); | ||
851 | |||
852 | BT_DBG("%s status %d", hdev->name, ev->status); | ||
853 | |||
854 | hci_dev_lock(hdev); | ||
855 | |||
856 | conn = hci_conn_hash_lookup_handle(hdev, handle); | ||
857 | if (conn && !ev->status) { | ||
858 | struct inquiry_entry *ie; | ||
859 | |||
860 | if ((ie = hci_inquiry_cache_lookup(hdev, &conn->dst))) { | ||
861 | ie->data.clock_offset = ev->clock_offset; | ||
862 | ie->timestamp = jiffies; | ||
863 | } | ||
864 | } | ||
865 | |||
866 | hci_dev_unlock(hdev); | ||
867 | } | ||
868 | |||
869 | void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb) | ||
870 | { | ||
871 | struct hci_event_hdr *hdr = (struct hci_event_hdr *) skb->data; | ||
872 | struct hci_ev_cmd_complete *ec; | ||
873 | struct hci_ev_cmd_status *cs; | ||
874 | u16 opcode, ocf, ogf; | ||
875 | |||
876 | skb_pull(skb, HCI_EVENT_HDR_SIZE); | ||
877 | |||
878 | BT_DBG("%s evt 0x%x", hdev->name, hdr->evt); | ||
879 | |||
880 | switch (hdr->evt) { | ||
881 | case HCI_EV_NUM_COMP_PKTS: | ||
882 | hci_num_comp_pkts_evt(hdev, skb); | ||
883 | break; | ||
884 | |||
885 | case HCI_EV_INQUIRY_COMPLETE: | ||
886 | hci_inquiry_complete_evt(hdev, skb); | ||
887 | break; | ||
888 | |||
889 | case HCI_EV_INQUIRY_RESULT: | ||
890 | hci_inquiry_result_evt(hdev, skb); | ||
891 | break; | ||
892 | |||
893 | case HCI_EV_INQUIRY_RESULT_WITH_RSSI: | ||
894 | hci_inquiry_result_with_rssi_evt(hdev, skb); | ||
895 | break; | ||
896 | |||
897 | case HCI_EV_CONN_REQUEST: | ||
898 | hci_conn_request_evt(hdev, skb); | ||
899 | break; | ||
900 | |||
901 | case HCI_EV_CONN_COMPLETE: | ||
902 | hci_conn_complete_evt(hdev, skb); | ||
903 | break; | ||
904 | |||
905 | case HCI_EV_DISCONN_COMPLETE: | ||
906 | hci_disconn_complete_evt(hdev, skb); | ||
907 | break; | ||
908 | |||
909 | case HCI_EV_ROLE_CHANGE: | ||
910 | hci_role_change_evt(hdev, skb); | ||
911 | break; | ||
912 | |||
913 | case HCI_EV_AUTH_COMPLETE: | ||
914 | hci_auth_complete_evt(hdev, skb); | ||
915 | break; | ||
916 | |||
917 | case HCI_EV_ENCRYPT_CHANGE: | ||
918 | hci_encrypt_change_evt(hdev, skb); | ||
919 | break; | ||
920 | |||
921 | case HCI_EV_CHANGE_CONN_LINK_KEY_COMPLETE: | ||
922 | hci_change_conn_link_key_complete_evt(hdev, skb); | ||
923 | break; | ||
924 | |||
925 | case HCI_EV_PIN_CODE_REQ: | ||
926 | hci_pin_code_request_evt(hdev, skb); | ||
927 | break; | ||
928 | |||
929 | case HCI_EV_LINK_KEY_REQ: | ||
930 | hci_link_key_request_evt(hdev, skb); | ||
931 | break; | ||
932 | |||
933 | case HCI_EV_LINK_KEY_NOTIFY: | ||
934 | hci_link_key_notify_evt(hdev, skb); | ||
935 | break; | ||
936 | |||
937 | case HCI_EV_CLOCK_OFFSET: | ||
938 | hci_clock_offset_evt(hdev, skb); | ||
939 | break; | ||
940 | |||
941 | case HCI_EV_CMD_STATUS: | ||
942 | cs = (struct hci_ev_cmd_status *) skb->data; | ||
943 | skb_pull(skb, sizeof(cs)); | ||
944 | |||
945 | opcode = __le16_to_cpu(cs->opcode); | ||
946 | ogf = hci_opcode_ogf(opcode); | ||
947 | ocf = hci_opcode_ocf(opcode); | ||
948 | |||
949 | switch (ogf) { | ||
950 | case OGF_INFO_PARAM: | ||
951 | hci_cs_info_param(hdev, ocf, cs->status); | ||
952 | break; | ||
953 | |||
954 | case OGF_HOST_CTL: | ||
955 | hci_cs_host_ctl(hdev, ocf, cs->status); | ||
956 | break; | ||
957 | |||
958 | case OGF_LINK_CTL: | ||
959 | hci_cs_link_ctl(hdev, ocf, cs->status); | ||
960 | break; | ||
961 | |||
962 | case OGF_LINK_POLICY: | ||
963 | hci_cs_link_policy(hdev, ocf, cs->status); | ||
964 | break; | ||
965 | |||
966 | default: | ||
967 | BT_DBG("%s Command Status OGF %x", hdev->name, ogf); | ||
968 | break; | ||
969 | } | ||
970 | |||
971 | if (cs->ncmd) { | ||
972 | atomic_set(&hdev->cmd_cnt, 1); | ||
973 | if (!skb_queue_empty(&hdev->cmd_q)) | ||
974 | hci_sched_cmd(hdev); | ||
975 | } | ||
976 | break; | ||
977 | |||
978 | case HCI_EV_CMD_COMPLETE: | ||
979 | ec = (struct hci_ev_cmd_complete *) skb->data; | ||
980 | skb_pull(skb, sizeof(*ec)); | ||
981 | |||
982 | opcode = __le16_to_cpu(ec->opcode); | ||
983 | ogf = hci_opcode_ogf(opcode); | ||
984 | ocf = hci_opcode_ocf(opcode); | ||
985 | |||
986 | switch (ogf) { | ||
987 | case OGF_INFO_PARAM: | ||
988 | hci_cc_info_param(hdev, ocf, skb); | ||
989 | break; | ||
990 | |||
991 | case OGF_HOST_CTL: | ||
992 | hci_cc_host_ctl(hdev, ocf, skb); | ||
993 | break; | ||
994 | |||
995 | case OGF_LINK_CTL: | ||
996 | hci_cc_link_ctl(hdev, ocf, skb); | ||
997 | break; | ||
998 | |||
999 | case OGF_LINK_POLICY: | ||
1000 | hci_cc_link_policy(hdev, ocf, skb); | ||
1001 | break; | ||
1002 | |||
1003 | default: | ||
1004 | BT_DBG("%s Command Completed OGF %x", hdev->name, ogf); | ||
1005 | break; | ||
1006 | } | ||
1007 | |||
1008 | if (ec->ncmd) { | ||
1009 | atomic_set(&hdev->cmd_cnt, 1); | ||
1010 | if (!skb_queue_empty(&hdev->cmd_q)) | ||
1011 | hci_sched_cmd(hdev); | ||
1012 | } | ||
1013 | break; | ||
1014 | } | ||
1015 | |||
1016 | kfree_skb(skb); | ||
1017 | hdev->stat.evt_rx++; | ||
1018 | } | ||
1019 | |||
1020 | /* Generate internal stack event */ | ||
1021 | void hci_si_event(struct hci_dev *hdev, int type, int dlen, void *data) | ||
1022 | { | ||
1023 | struct hci_event_hdr *hdr; | ||
1024 | struct hci_ev_stack_internal *ev; | ||
1025 | struct sk_buff *skb; | ||
1026 | |||
1027 | skb = bt_skb_alloc(HCI_EVENT_HDR_SIZE + sizeof(*ev) + dlen, GFP_ATOMIC); | ||
1028 | if (!skb) | ||
1029 | return; | ||
1030 | |||
1031 | hdr = (void *) skb_put(skb, HCI_EVENT_HDR_SIZE); | ||
1032 | hdr->evt = HCI_EV_STACK_INTERNAL; | ||
1033 | hdr->plen = sizeof(*ev) + dlen; | ||
1034 | |||
1035 | ev = (void *) skb_put(skb, sizeof(*ev) + dlen); | ||
1036 | ev->type = type; | ||
1037 | memcpy(ev->data, data, dlen); | ||
1038 | |||
1039 | skb->pkt_type = HCI_EVENT_PKT; | ||
1040 | skb->dev = (void *) hdev; | ||
1041 | hci_send_to_sock(hdev, skb); | ||
1042 | kfree_skb(skb); | ||
1043 | } | ||
1044 | EXPORT_SYMBOL(hci_si_event); | ||
diff --git a/net/bluetooth/hci_sock.c b/net/bluetooth/hci_sock.c new file mode 100644 index 00000000000..c9792ba7512 --- /dev/null +++ b/net/bluetooth/hci_sock.c | |||
@@ -0,0 +1,707 @@ | |||
1 | /* | ||
2 | BlueZ - Bluetooth protocol stack for Linux | ||
3 | Copyright (C) 2000-2001 Qualcomm Incorporated | ||
4 | |||
5 | Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com> | ||
6 | |||
7 | This program is free software; you can redistribute it and/or modify | ||
8 | it under the terms of the GNU General Public License version 2 as | ||
9 | published by the Free Software Foundation; | ||
10 | |||
11 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS | ||
12 | OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | ||
13 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. | ||
14 | IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY | ||
15 | CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES | ||
16 | WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | ||
17 | ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | ||
18 | OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | ||
19 | |||
20 | ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, | ||
21 | COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS | ||
22 | SOFTWARE IS DISCLAIMED. | ||
23 | */ | ||
24 | |||
25 | /* Bluetooth HCI sockets. */ | ||
26 | |||
27 | #include <linux/config.h> | ||
28 | #include <linux/module.h> | ||
29 | |||
30 | #include <linux/types.h> | ||
31 | #include <linux/errno.h> | ||
32 | #include <linux/kernel.h> | ||
33 | #include <linux/major.h> | ||
34 | #include <linux/sched.h> | ||
35 | #include <linux/slab.h> | ||
36 | #include <linux/poll.h> | ||
37 | #include <linux/fcntl.h> | ||
38 | #include <linux/init.h> | ||
39 | #include <linux/skbuff.h> | ||
40 | #include <linux/workqueue.h> | ||
41 | #include <linux/interrupt.h> | ||
42 | #include <linux/socket.h> | ||
43 | #include <linux/ioctl.h> | ||
44 | #include <net/sock.h> | ||
45 | |||
46 | #include <asm/system.h> | ||
47 | #include <asm/uaccess.h> | ||
48 | #include <asm/unaligned.h> | ||
49 | |||
50 | #include <net/bluetooth/bluetooth.h> | ||
51 | #include <net/bluetooth/hci_core.h> | ||
52 | |||
53 | #ifndef CONFIG_BT_HCI_SOCK_DEBUG | ||
54 | #undef BT_DBG | ||
55 | #define BT_DBG(D...) | ||
56 | #endif | ||
57 | |||
58 | /* ----- HCI socket interface ----- */ | ||
59 | |||
60 | static inline int hci_test_bit(int nr, void *addr) | ||
61 | { | ||
62 | return *((__u32 *) addr + (nr >> 5)) & ((__u32) 1 << (nr & 31)); | ||
63 | } | ||
64 | |||
65 | /* Security filter */ | ||
66 | static struct hci_sec_filter hci_sec_filter = { | ||
67 | /* Packet types */ | ||
68 | 0x10, | ||
69 | /* Events */ | ||
70 | { 0x1000d9fe, 0x0000300c }, | ||
71 | /* Commands */ | ||
72 | { | ||
73 | { 0x0 }, | ||
74 | /* OGF_LINK_CTL */ | ||
75 | { 0xbe000006, 0x00000001, 0x0000, 0x00 }, | ||
76 | /* OGF_LINK_POLICY */ | ||
77 | { 0x00005200, 0x00000000, 0x0000, 0x00 }, | ||
78 | /* OGF_HOST_CTL */ | ||
79 | { 0xaab00200, 0x2b402aaa, 0x0154, 0x00 }, | ||
80 | /* OGF_INFO_PARAM */ | ||
81 | { 0x000002be, 0x00000000, 0x0000, 0x00 }, | ||
82 | /* OGF_STATUS_PARAM */ | ||
83 | { 0x000000ea, 0x00000000, 0x0000, 0x00 } | ||
84 | } | ||
85 | }; | ||
86 | |||
87 | static struct bt_sock_list hci_sk_list = { | ||
88 | .lock = RW_LOCK_UNLOCKED | ||
89 | }; | ||
90 | |||
91 | /* Send frame to RAW socket */ | ||
92 | void hci_send_to_sock(struct hci_dev *hdev, struct sk_buff *skb) | ||
93 | { | ||
94 | struct sock *sk; | ||
95 | struct hlist_node *node; | ||
96 | |||
97 | BT_DBG("hdev %p len %d", hdev, skb->len); | ||
98 | |||
99 | read_lock(&hci_sk_list.lock); | ||
100 | sk_for_each(sk, node, &hci_sk_list.head) { | ||
101 | struct hci_filter *flt; | ||
102 | struct sk_buff *nskb; | ||
103 | |||
104 | if (sk->sk_state != BT_BOUND || hci_pi(sk)->hdev != hdev) | ||
105 | continue; | ||
106 | |||
107 | /* Don't send frame to the socket it came from */ | ||
108 | if (skb->sk == sk) | ||
109 | continue; | ||
110 | |||
111 | /* Apply filter */ | ||
112 | flt = &hci_pi(sk)->filter; | ||
113 | |||
114 | if (!test_bit((skb->pkt_type == HCI_VENDOR_PKT) ? | ||
115 | 0 : (skb->pkt_type & HCI_FLT_TYPE_BITS), &flt->type_mask)) | ||
116 | continue; | ||
117 | |||
118 | if (skb->pkt_type == HCI_EVENT_PKT) { | ||
119 | register int evt = (*(__u8 *)skb->data & HCI_FLT_EVENT_BITS); | ||
120 | |||
121 | if (!hci_test_bit(evt, &flt->event_mask)) | ||
122 | continue; | ||
123 | |||
124 | if (flt->opcode && ((evt == HCI_EV_CMD_COMPLETE && | ||
125 | flt->opcode != *(__u16 *)(skb->data + 3)) || | ||
126 | (evt == HCI_EV_CMD_STATUS && | ||
127 | flt->opcode != *(__u16 *)(skb->data + 4)))) | ||
128 | continue; | ||
129 | } | ||
130 | |||
131 | if (!(nskb = skb_clone(skb, GFP_ATOMIC))) | ||
132 | continue; | ||
133 | |||
134 | /* Put type byte before the data */ | ||
135 | memcpy(skb_push(nskb, 1), &nskb->pkt_type, 1); | ||
136 | |||
137 | if (sock_queue_rcv_skb(sk, nskb)) | ||
138 | kfree_skb(nskb); | ||
139 | } | ||
140 | read_unlock(&hci_sk_list.lock); | ||
141 | } | ||
142 | |||
143 | static int hci_sock_release(struct socket *sock) | ||
144 | { | ||
145 | struct sock *sk = sock->sk; | ||
146 | struct hci_dev *hdev = hci_pi(sk)->hdev; | ||
147 | |||
148 | BT_DBG("sock %p sk %p", sock, sk); | ||
149 | |||
150 | if (!sk) | ||
151 | return 0; | ||
152 | |||
153 | bt_sock_unlink(&hci_sk_list, sk); | ||
154 | |||
155 | if (hdev) { | ||
156 | atomic_dec(&hdev->promisc); | ||
157 | hci_dev_put(hdev); | ||
158 | } | ||
159 | |||
160 | sock_orphan(sk); | ||
161 | |||
162 | skb_queue_purge(&sk->sk_receive_queue); | ||
163 | skb_queue_purge(&sk->sk_write_queue); | ||
164 | |||
165 | sock_put(sk); | ||
166 | return 0; | ||
167 | } | ||
168 | |||
169 | /* Ioctls that require bound socket */ | ||
170 | static inline int hci_sock_bound_ioctl(struct sock *sk, unsigned int cmd, unsigned long arg) | ||
171 | { | ||
172 | struct hci_dev *hdev = hci_pi(sk)->hdev; | ||
173 | |||
174 | if (!hdev) | ||
175 | return -EBADFD; | ||
176 | |||
177 | switch (cmd) { | ||
178 | case HCISETRAW: | ||
179 | if (!capable(CAP_NET_ADMIN)) | ||
180 | return -EACCES; | ||
181 | |||
182 | if (test_bit(HCI_QUIRK_RAW_DEVICE, &hdev->quirks)) | ||
183 | return -EPERM; | ||
184 | |||
185 | if (arg) | ||
186 | set_bit(HCI_RAW, &hdev->flags); | ||
187 | else | ||
188 | clear_bit(HCI_RAW, &hdev->flags); | ||
189 | |||
190 | return 0; | ||
191 | |||
192 | case HCISETSECMGR: | ||
193 | if (!capable(CAP_NET_ADMIN)) | ||
194 | return -EACCES; | ||
195 | |||
196 | if (arg) | ||
197 | set_bit(HCI_SECMGR, &hdev->flags); | ||
198 | else | ||
199 | clear_bit(HCI_SECMGR, &hdev->flags); | ||
200 | |||
201 | return 0; | ||
202 | |||
203 | case HCIGETCONNINFO: | ||
204 | return hci_get_conn_info(hdev, (void __user *)arg); | ||
205 | |||
206 | default: | ||
207 | if (hdev->ioctl) | ||
208 | return hdev->ioctl(hdev, cmd, arg); | ||
209 | return -EINVAL; | ||
210 | } | ||
211 | } | ||
212 | |||
213 | static int hci_sock_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg) | ||
214 | { | ||
215 | struct sock *sk = sock->sk; | ||
216 | void __user *argp = (void __user *)arg; | ||
217 | int err; | ||
218 | |||
219 | BT_DBG("cmd %x arg %lx", cmd, arg); | ||
220 | |||
221 | switch (cmd) { | ||
222 | case HCIGETDEVLIST: | ||
223 | return hci_get_dev_list(argp); | ||
224 | |||
225 | case HCIGETDEVINFO: | ||
226 | return hci_get_dev_info(argp); | ||
227 | |||
228 | case HCIGETCONNLIST: | ||
229 | return hci_get_conn_list(argp); | ||
230 | |||
231 | case HCIDEVUP: | ||
232 | if (!capable(CAP_NET_ADMIN)) | ||
233 | return -EACCES; | ||
234 | return hci_dev_open(arg); | ||
235 | |||
236 | case HCIDEVDOWN: | ||
237 | if (!capable(CAP_NET_ADMIN)) | ||
238 | return -EACCES; | ||
239 | return hci_dev_close(arg); | ||
240 | |||
241 | case HCIDEVRESET: | ||
242 | if (!capable(CAP_NET_ADMIN)) | ||
243 | return -EACCES; | ||
244 | return hci_dev_reset(arg); | ||
245 | |||
246 | case HCIDEVRESTAT: | ||
247 | if (!capable(CAP_NET_ADMIN)) | ||
248 | return -EACCES; | ||
249 | return hci_dev_reset_stat(arg); | ||
250 | |||
251 | case HCISETSCAN: | ||
252 | case HCISETAUTH: | ||
253 | case HCISETENCRYPT: | ||
254 | case HCISETPTYPE: | ||
255 | case HCISETLINKPOL: | ||
256 | case HCISETLINKMODE: | ||
257 | case HCISETACLMTU: | ||
258 | case HCISETSCOMTU: | ||
259 | if (!capable(CAP_NET_ADMIN)) | ||
260 | return -EACCES; | ||
261 | return hci_dev_cmd(cmd, argp); | ||
262 | |||
263 | case HCIINQUIRY: | ||
264 | return hci_inquiry(argp); | ||
265 | |||
266 | default: | ||
267 | lock_sock(sk); | ||
268 | err = hci_sock_bound_ioctl(sk, cmd, arg); | ||
269 | release_sock(sk); | ||
270 | return err; | ||
271 | } | ||
272 | } | ||
273 | |||
274 | static int hci_sock_bind(struct socket *sock, struct sockaddr *addr, int addr_len) | ||
275 | { | ||
276 | struct sockaddr_hci *haddr = (struct sockaddr_hci *) addr; | ||
277 | struct sock *sk = sock->sk; | ||
278 | struct hci_dev *hdev = NULL; | ||
279 | int err = 0; | ||
280 | |||
281 | BT_DBG("sock %p sk %p", sock, sk); | ||
282 | |||
283 | if (!haddr || haddr->hci_family != AF_BLUETOOTH) | ||
284 | return -EINVAL; | ||
285 | |||
286 | lock_sock(sk); | ||
287 | |||
288 | if (hci_pi(sk)->hdev) { | ||
289 | err = -EALREADY; | ||
290 | goto done; | ||
291 | } | ||
292 | |||
293 | if (haddr->hci_dev != HCI_DEV_NONE) { | ||
294 | if (!(hdev = hci_dev_get(haddr->hci_dev))) { | ||
295 | err = -ENODEV; | ||
296 | goto done; | ||
297 | } | ||
298 | |||
299 | atomic_inc(&hdev->promisc); | ||
300 | } | ||
301 | |||
302 | hci_pi(sk)->hdev = hdev; | ||
303 | sk->sk_state = BT_BOUND; | ||
304 | |||
305 | done: | ||
306 | release_sock(sk); | ||
307 | return err; | ||
308 | } | ||
309 | |||
310 | static int hci_sock_getname(struct socket *sock, struct sockaddr *addr, int *addr_len, int peer) | ||
311 | { | ||
312 | struct sockaddr_hci *haddr = (struct sockaddr_hci *) addr; | ||
313 | struct sock *sk = sock->sk; | ||
314 | |||
315 | BT_DBG("sock %p sk %p", sock, sk); | ||
316 | |||
317 | lock_sock(sk); | ||
318 | |||
319 | *addr_len = sizeof(*haddr); | ||
320 | haddr->hci_family = AF_BLUETOOTH; | ||
321 | haddr->hci_dev = hci_pi(sk)->hdev->id; | ||
322 | |||
323 | release_sock(sk); | ||
324 | return 0; | ||
325 | } | ||
326 | |||
327 | static inline void hci_sock_cmsg(struct sock *sk, struct msghdr *msg, struct sk_buff *skb) | ||
328 | { | ||
329 | __u32 mask = hci_pi(sk)->cmsg_mask; | ||
330 | |||
331 | if (mask & HCI_CMSG_DIR) | ||
332 | put_cmsg(msg, SOL_HCI, HCI_CMSG_DIR, sizeof(int), &bt_cb(skb)->incoming); | ||
333 | |||
334 | if (mask & HCI_CMSG_TSTAMP) | ||
335 | put_cmsg(msg, SOL_HCI, HCI_CMSG_TSTAMP, sizeof(skb->stamp), &skb->stamp); | ||
336 | } | ||
337 | |||
338 | static int hci_sock_recvmsg(struct kiocb *iocb, struct socket *sock, | ||
339 | struct msghdr *msg, size_t len, int flags) | ||
340 | { | ||
341 | int noblock = flags & MSG_DONTWAIT; | ||
342 | struct sock *sk = sock->sk; | ||
343 | struct sk_buff *skb; | ||
344 | int copied, err; | ||
345 | |||
346 | BT_DBG("sock %p, sk %p", sock, sk); | ||
347 | |||
348 | if (flags & (MSG_OOB)) | ||
349 | return -EOPNOTSUPP; | ||
350 | |||
351 | if (sk->sk_state == BT_CLOSED) | ||
352 | return 0; | ||
353 | |||
354 | if (!(skb = skb_recv_datagram(sk, flags, noblock, &err))) | ||
355 | return err; | ||
356 | |||
357 | msg->msg_namelen = 0; | ||
358 | |||
359 | copied = skb->len; | ||
360 | if (len < copied) { | ||
361 | msg->msg_flags |= MSG_TRUNC; | ||
362 | copied = len; | ||
363 | } | ||
364 | |||
365 | skb->h.raw = skb->data; | ||
366 | err = skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied); | ||
367 | |||
368 | hci_sock_cmsg(sk, msg, skb); | ||
369 | |||
370 | skb_free_datagram(sk, skb); | ||
371 | |||
372 | return err ? : copied; | ||
373 | } | ||
374 | |||
375 | static int hci_sock_sendmsg(struct kiocb *iocb, struct socket *sock, | ||
376 | struct msghdr *msg, size_t len) | ||
377 | { | ||
378 | struct sock *sk = sock->sk; | ||
379 | struct hci_dev *hdev; | ||
380 | struct sk_buff *skb; | ||
381 | int err; | ||
382 | |||
383 | BT_DBG("sock %p sk %p", sock, sk); | ||
384 | |||
385 | if (msg->msg_flags & MSG_OOB) | ||
386 | return -EOPNOTSUPP; | ||
387 | |||
388 | if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_NOSIGNAL|MSG_ERRQUEUE)) | ||
389 | return -EINVAL; | ||
390 | |||
391 | if (len < 4 || len > HCI_MAX_FRAME_SIZE) | ||
392 | return -EINVAL; | ||
393 | |||
394 | lock_sock(sk); | ||
395 | |||
396 | if (!(hdev = hci_pi(sk)->hdev)) { | ||
397 | err = -EBADFD; | ||
398 | goto done; | ||
399 | } | ||
400 | |||
401 | if (!(skb = bt_skb_send_alloc(sk, len, msg->msg_flags & MSG_DONTWAIT, &err))) | ||
402 | goto done; | ||
403 | |||
404 | if (memcpy_fromiovec(skb_put(skb, len), msg->msg_iov, len)) { | ||
405 | err = -EFAULT; | ||
406 | goto drop; | ||
407 | } | ||
408 | |||
409 | skb->pkt_type = *((unsigned char *) skb->data); | ||
410 | skb_pull(skb, 1); | ||
411 | skb->dev = (void *) hdev; | ||
412 | |||
413 | if (skb->pkt_type == HCI_COMMAND_PKT) { | ||
414 | u16 opcode = __le16_to_cpu(get_unaligned((u16 *)skb->data)); | ||
415 | u16 ogf = hci_opcode_ogf(opcode); | ||
416 | u16 ocf = hci_opcode_ocf(opcode); | ||
417 | |||
418 | if (((ogf > HCI_SFLT_MAX_OGF) || | ||
419 | !hci_test_bit(ocf & HCI_FLT_OCF_BITS, &hci_sec_filter.ocf_mask[ogf])) && | ||
420 | !capable(CAP_NET_RAW)) { | ||
421 | err = -EPERM; | ||
422 | goto drop; | ||
423 | } | ||
424 | |||
425 | if (test_bit(HCI_RAW, &hdev->flags) || (ogf == OGF_VENDOR_CMD)) { | ||
426 | skb_queue_tail(&hdev->raw_q, skb); | ||
427 | hci_sched_tx(hdev); | ||
428 | } else { | ||
429 | skb_queue_tail(&hdev->cmd_q, skb); | ||
430 | hci_sched_cmd(hdev); | ||
431 | } | ||
432 | } else { | ||
433 | if (!capable(CAP_NET_RAW)) { | ||
434 | err = -EPERM; | ||
435 | goto drop; | ||
436 | } | ||
437 | |||
438 | skb_queue_tail(&hdev->raw_q, skb); | ||
439 | hci_sched_tx(hdev); | ||
440 | } | ||
441 | |||
442 | err = len; | ||
443 | |||
444 | done: | ||
445 | release_sock(sk); | ||
446 | return err; | ||
447 | |||
448 | drop: | ||
449 | kfree_skb(skb); | ||
450 | goto done; | ||
451 | } | ||
452 | |||
453 | static int hci_sock_setsockopt(struct socket *sock, int level, int optname, char __user *optval, int len) | ||
454 | { | ||
455 | struct hci_ufilter uf = { .opcode = 0 }; | ||
456 | struct sock *sk = sock->sk; | ||
457 | int err = 0, opt = 0; | ||
458 | |||
459 | BT_DBG("sk %p, opt %d", sk, optname); | ||
460 | |||
461 | lock_sock(sk); | ||
462 | |||
463 | switch (optname) { | ||
464 | case HCI_DATA_DIR: | ||
465 | if (get_user(opt, (int __user *)optval)) { | ||
466 | err = -EFAULT; | ||
467 | break; | ||
468 | } | ||
469 | |||
470 | if (opt) | ||
471 | hci_pi(sk)->cmsg_mask |= HCI_CMSG_DIR; | ||
472 | else | ||
473 | hci_pi(sk)->cmsg_mask &= ~HCI_CMSG_DIR; | ||
474 | break; | ||
475 | |||
476 | case HCI_TIME_STAMP: | ||
477 | if (get_user(opt, (int __user *)optval)) { | ||
478 | err = -EFAULT; | ||
479 | break; | ||
480 | } | ||
481 | |||
482 | if (opt) | ||
483 | hci_pi(sk)->cmsg_mask |= HCI_CMSG_TSTAMP; | ||
484 | else | ||
485 | hci_pi(sk)->cmsg_mask &= ~HCI_CMSG_TSTAMP; | ||
486 | break; | ||
487 | |||
488 | case HCI_FILTER: | ||
489 | len = min_t(unsigned int, len, sizeof(uf)); | ||
490 | if (copy_from_user(&uf, optval, len)) { | ||
491 | err = -EFAULT; | ||
492 | break; | ||
493 | } | ||
494 | |||
495 | if (!capable(CAP_NET_RAW)) { | ||
496 | uf.type_mask &= hci_sec_filter.type_mask; | ||
497 | uf.event_mask[0] &= *((u32 *) hci_sec_filter.event_mask + 0); | ||
498 | uf.event_mask[1] &= *((u32 *) hci_sec_filter.event_mask + 1); | ||
499 | } | ||
500 | |||
501 | { | ||
502 | struct hci_filter *f = &hci_pi(sk)->filter; | ||
503 | |||
504 | f->type_mask = uf.type_mask; | ||
505 | f->opcode = uf.opcode; | ||
506 | *((u32 *) f->event_mask + 0) = uf.event_mask[0]; | ||
507 | *((u32 *) f->event_mask + 1) = uf.event_mask[1]; | ||
508 | } | ||
509 | break; | ||
510 | |||
511 | default: | ||
512 | err = -ENOPROTOOPT; | ||
513 | break; | ||
514 | } | ||
515 | |||
516 | release_sock(sk); | ||
517 | return err; | ||
518 | } | ||
519 | |||
520 | static int hci_sock_getsockopt(struct socket *sock, int level, int optname, char __user *optval, int __user *optlen) | ||
521 | { | ||
522 | struct hci_ufilter uf; | ||
523 | struct sock *sk = sock->sk; | ||
524 | int len, opt; | ||
525 | |||
526 | if (get_user(len, optlen)) | ||
527 | return -EFAULT; | ||
528 | |||
529 | switch (optname) { | ||
530 | case HCI_DATA_DIR: | ||
531 | if (hci_pi(sk)->cmsg_mask & HCI_CMSG_DIR) | ||
532 | opt = 1; | ||
533 | else | ||
534 | opt = 0; | ||
535 | |||
536 | if (put_user(opt, optval)) | ||
537 | return -EFAULT; | ||
538 | break; | ||
539 | |||
540 | case HCI_TIME_STAMP: | ||
541 | if (hci_pi(sk)->cmsg_mask & HCI_CMSG_TSTAMP) | ||
542 | opt = 1; | ||
543 | else | ||
544 | opt = 0; | ||
545 | |||
546 | if (put_user(opt, optval)) | ||
547 | return -EFAULT; | ||
548 | break; | ||
549 | |||
550 | case HCI_FILTER: | ||
551 | { | ||
552 | struct hci_filter *f = &hci_pi(sk)->filter; | ||
553 | |||
554 | uf.type_mask = f->type_mask; | ||
555 | uf.opcode = f->opcode; | ||
556 | uf.event_mask[0] = *((u32 *) f->event_mask + 0); | ||
557 | uf.event_mask[1] = *((u32 *) f->event_mask + 1); | ||
558 | } | ||
559 | |||
560 | len = min_t(unsigned int, len, sizeof(uf)); | ||
561 | if (copy_to_user(optval, &uf, len)) | ||
562 | return -EFAULT; | ||
563 | break; | ||
564 | |||
565 | default: | ||
566 | return -ENOPROTOOPT; | ||
567 | break; | ||
568 | } | ||
569 | |||
570 | return 0; | ||
571 | } | ||
572 | |||
573 | static struct proto_ops hci_sock_ops = { | ||
574 | .family = PF_BLUETOOTH, | ||
575 | .owner = THIS_MODULE, | ||
576 | .release = hci_sock_release, | ||
577 | .bind = hci_sock_bind, | ||
578 | .getname = hci_sock_getname, | ||
579 | .sendmsg = hci_sock_sendmsg, | ||
580 | .recvmsg = hci_sock_recvmsg, | ||
581 | .ioctl = hci_sock_ioctl, | ||
582 | .poll = datagram_poll, | ||
583 | .listen = sock_no_listen, | ||
584 | .shutdown = sock_no_shutdown, | ||
585 | .setsockopt = hci_sock_setsockopt, | ||
586 | .getsockopt = hci_sock_getsockopt, | ||
587 | .connect = sock_no_connect, | ||
588 | .socketpair = sock_no_socketpair, | ||
589 | .accept = sock_no_accept, | ||
590 | .mmap = sock_no_mmap | ||
591 | }; | ||
592 | |||
593 | static struct proto hci_sk_proto = { | ||
594 | .name = "HCI", | ||
595 | .owner = THIS_MODULE, | ||
596 | .obj_size = sizeof(struct hci_pinfo) | ||
597 | }; | ||
598 | |||
599 | static int hci_sock_create(struct socket *sock, int protocol) | ||
600 | { | ||
601 | struct sock *sk; | ||
602 | |||
603 | BT_DBG("sock %p", sock); | ||
604 | |||
605 | if (sock->type != SOCK_RAW) | ||
606 | return -ESOCKTNOSUPPORT; | ||
607 | |||
608 | sock->ops = &hci_sock_ops; | ||
609 | |||
610 | sk = sk_alloc(PF_BLUETOOTH, GFP_KERNEL, &hci_sk_proto, 1); | ||
611 | if (!sk) | ||
612 | return -ENOMEM; | ||
613 | |||
614 | sock_init_data(sock, sk); | ||
615 | |||
616 | sock_reset_flag(sk, SOCK_ZAPPED); | ||
617 | |||
618 | sk->sk_protocol = protocol; | ||
619 | |||
620 | sock->state = SS_UNCONNECTED; | ||
621 | sk->sk_state = BT_OPEN; | ||
622 | |||
623 | bt_sock_link(&hci_sk_list, sk); | ||
624 | return 0; | ||
625 | } | ||
626 | |||
627 | static int hci_sock_dev_event(struct notifier_block *this, unsigned long event, void *ptr) | ||
628 | { | ||
629 | struct hci_dev *hdev = (struct hci_dev *) ptr; | ||
630 | struct hci_ev_si_device ev; | ||
631 | |||
632 | BT_DBG("hdev %s event %ld", hdev->name, event); | ||
633 | |||
634 | /* Send event to sockets */ | ||
635 | ev.event = event; | ||
636 | ev.dev_id = hdev->id; | ||
637 | hci_si_event(NULL, HCI_EV_SI_DEVICE, sizeof(ev), &ev); | ||
638 | |||
639 | if (event == HCI_DEV_UNREG) { | ||
640 | struct sock *sk; | ||
641 | struct hlist_node *node; | ||
642 | |||
643 | /* Detach sockets from device */ | ||
644 | read_lock(&hci_sk_list.lock); | ||
645 | sk_for_each(sk, node, &hci_sk_list.head) { | ||
646 | bh_lock_sock(sk); | ||
647 | if (hci_pi(sk)->hdev == hdev) { | ||
648 | hci_pi(sk)->hdev = NULL; | ||
649 | sk->sk_err = EPIPE; | ||
650 | sk->sk_state = BT_OPEN; | ||
651 | sk->sk_state_change(sk); | ||
652 | |||
653 | hci_dev_put(hdev); | ||
654 | } | ||
655 | bh_unlock_sock(sk); | ||
656 | } | ||
657 | read_unlock(&hci_sk_list.lock); | ||
658 | } | ||
659 | |||
660 | return NOTIFY_DONE; | ||
661 | } | ||
662 | |||
663 | static struct net_proto_family hci_sock_family_ops = { | ||
664 | .family = PF_BLUETOOTH, | ||
665 | .owner = THIS_MODULE, | ||
666 | .create = hci_sock_create, | ||
667 | }; | ||
668 | |||
669 | static struct notifier_block hci_sock_nblock = { | ||
670 | .notifier_call = hci_sock_dev_event | ||
671 | }; | ||
672 | |||
673 | int __init hci_sock_init(void) | ||
674 | { | ||
675 | int err; | ||
676 | |||
677 | err = proto_register(&hci_sk_proto, 0); | ||
678 | if (err < 0) | ||
679 | return err; | ||
680 | |||
681 | err = bt_sock_register(BTPROTO_HCI, &hci_sock_family_ops); | ||
682 | if (err < 0) | ||
683 | goto error; | ||
684 | |||
685 | hci_register_notifier(&hci_sock_nblock); | ||
686 | |||
687 | BT_INFO("HCI socket layer initialized"); | ||
688 | |||
689 | return 0; | ||
690 | |||
691 | error: | ||
692 | BT_ERR("HCI socket registration failed"); | ||
693 | proto_unregister(&hci_sk_proto); | ||
694 | return err; | ||
695 | } | ||
696 | |||
697 | int __exit hci_sock_cleanup(void) | ||
698 | { | ||
699 | if (bt_sock_unregister(BTPROTO_HCI) < 0) | ||
700 | BT_ERR("HCI socket unregistration failed"); | ||
701 | |||
702 | hci_unregister_notifier(&hci_sock_nblock); | ||
703 | |||
704 | proto_unregister(&hci_sk_proto); | ||
705 | |||
706 | return 0; | ||
707 | } | ||
diff --git a/net/bluetooth/hci_sysfs.c b/net/bluetooth/hci_sysfs.c new file mode 100644 index 00000000000..7856bc26acc --- /dev/null +++ b/net/bluetooth/hci_sysfs.c | |||
@@ -0,0 +1,153 @@ | |||
1 | /* Bluetooth HCI driver model support. */ | ||
2 | |||
3 | #include <linux/config.h> | ||
4 | #include <linux/kernel.h> | ||
5 | #include <linux/init.h> | ||
6 | |||
7 | #include <net/bluetooth/bluetooth.h> | ||
8 | #include <net/bluetooth/hci_core.h> | ||
9 | |||
10 | #ifndef CONFIG_BT_HCI_CORE_DEBUG | ||
11 | #undef BT_DBG | ||
12 | #define BT_DBG(D...) | ||
13 | #endif | ||
14 | |||
15 | static ssize_t show_name(struct class_device *cdev, char *buf) | ||
16 | { | ||
17 | struct hci_dev *hdev = class_get_devdata(cdev); | ||
18 | return sprintf(buf, "%s\n", hdev->name); | ||
19 | } | ||
20 | |||
21 | static ssize_t show_type(struct class_device *cdev, char *buf) | ||
22 | { | ||
23 | struct hci_dev *hdev = class_get_devdata(cdev); | ||
24 | return sprintf(buf, "%d\n", hdev->type); | ||
25 | } | ||
26 | |||
27 | static ssize_t show_address(struct class_device *cdev, char *buf) | ||
28 | { | ||
29 | struct hci_dev *hdev = class_get_devdata(cdev); | ||
30 | bdaddr_t bdaddr; | ||
31 | baswap(&bdaddr, &hdev->bdaddr); | ||
32 | return sprintf(buf, "%s\n", batostr(&bdaddr)); | ||
33 | } | ||
34 | |||
35 | static ssize_t show_flags(struct class_device *cdev, char *buf) | ||
36 | { | ||
37 | struct hci_dev *hdev = class_get_devdata(cdev); | ||
38 | return sprintf(buf, "0x%lx\n", hdev->flags); | ||
39 | } | ||
40 | |||
41 | static ssize_t show_inquiry_cache(struct class_device *cdev, char *buf) | ||
42 | { | ||
43 | struct hci_dev *hdev = class_get_devdata(cdev); | ||
44 | struct inquiry_cache *cache = &hdev->inq_cache; | ||
45 | struct inquiry_entry *e; | ||
46 | int n = 0; | ||
47 | |||
48 | hci_dev_lock_bh(hdev); | ||
49 | |||
50 | for (e = cache->list; e; e = e->next) { | ||
51 | struct inquiry_data *data = &e->data; | ||
52 | bdaddr_t bdaddr; | ||
53 | baswap(&bdaddr, &data->bdaddr); | ||
54 | n += sprintf(buf + n, "%s %d %d %d 0x%.2x%.2x%.2x 0x%.4x %d %u\n", | ||
55 | batostr(&bdaddr), | ||
56 | data->pscan_rep_mode, data->pscan_period_mode, data->pscan_mode, | ||
57 | data->dev_class[2], data->dev_class[1], data->dev_class[0], | ||
58 | __le16_to_cpu(data->clock_offset), data->rssi, e->timestamp); | ||
59 | } | ||
60 | |||
61 | hci_dev_unlock_bh(hdev); | ||
62 | return n; | ||
63 | } | ||
64 | |||
65 | static CLASS_DEVICE_ATTR(name, S_IRUGO, show_name, NULL); | ||
66 | static CLASS_DEVICE_ATTR(type, S_IRUGO, show_type, NULL); | ||
67 | static CLASS_DEVICE_ATTR(address, S_IRUGO, show_address, NULL); | ||
68 | static CLASS_DEVICE_ATTR(flags, S_IRUGO, show_flags, NULL); | ||
69 | static CLASS_DEVICE_ATTR(inquiry_cache, S_IRUGO, show_inquiry_cache, NULL); | ||
70 | |||
71 | static struct class_device_attribute *bt_attrs[] = { | ||
72 | &class_device_attr_name, | ||
73 | &class_device_attr_type, | ||
74 | &class_device_attr_address, | ||
75 | &class_device_attr_flags, | ||
76 | &class_device_attr_inquiry_cache, | ||
77 | NULL | ||
78 | }; | ||
79 | |||
80 | #ifdef CONFIG_HOTPLUG | ||
81 | static int bt_hotplug(struct class_device *cdev, char **envp, int num_envp, char *buf, int size) | ||
82 | { | ||
83 | struct hci_dev *hdev = class_get_devdata(cdev); | ||
84 | int n, i = 0; | ||
85 | |||
86 | envp[i++] = buf; | ||
87 | n = snprintf(buf, size, "INTERFACE=%s", hdev->name) + 1; | ||
88 | buf += n; | ||
89 | size -= n; | ||
90 | |||
91 | if ((size <= 0) || (i >= num_envp)) | ||
92 | return -ENOMEM; | ||
93 | |||
94 | envp[i] = NULL; | ||
95 | return 0; | ||
96 | } | ||
97 | #endif | ||
98 | |||
99 | static void bt_release(struct class_device *cdev) | ||
100 | { | ||
101 | struct hci_dev *hdev = class_get_devdata(cdev); | ||
102 | |||
103 | kfree(hdev); | ||
104 | } | ||
105 | |||
106 | static struct class bt_class = { | ||
107 | .name = "bluetooth", | ||
108 | .release = bt_release, | ||
109 | #ifdef CONFIG_HOTPLUG | ||
110 | .hotplug = bt_hotplug, | ||
111 | #endif | ||
112 | }; | ||
113 | |||
114 | int hci_register_sysfs(struct hci_dev *hdev) | ||
115 | { | ||
116 | struct class_device *cdev = &hdev->class_dev; | ||
117 | unsigned int i; | ||
118 | int err; | ||
119 | |||
120 | BT_DBG("%p name %s type %d", hdev, hdev->name, hdev->type); | ||
121 | |||
122 | cdev->class = &bt_class; | ||
123 | class_set_devdata(cdev, hdev); | ||
124 | |||
125 | strlcpy(cdev->class_id, hdev->name, BUS_ID_SIZE); | ||
126 | err = class_device_register(cdev); | ||
127 | if (err < 0) | ||
128 | return err; | ||
129 | |||
130 | for (i = 0; bt_attrs[i]; i++) | ||
131 | class_device_create_file(cdev, bt_attrs[i]); | ||
132 | |||
133 | return 0; | ||
134 | } | ||
135 | |||
136 | void hci_unregister_sysfs(struct hci_dev *hdev) | ||
137 | { | ||
138 | struct class_device * cdev = &hdev->class_dev; | ||
139 | |||
140 | BT_DBG("%p name %s type %d", hdev, hdev->name, hdev->type); | ||
141 | |||
142 | class_device_del(cdev); | ||
143 | } | ||
144 | |||
145 | int __init bt_sysfs_init(void) | ||
146 | { | ||
147 | return class_register(&bt_class); | ||
148 | } | ||
149 | |||
150 | void __exit bt_sysfs_cleanup(void) | ||
151 | { | ||
152 | class_unregister(&bt_class); | ||
153 | } | ||
diff --git a/net/bluetooth/hidp/Kconfig b/net/bluetooth/hidp/Kconfig new file mode 100644 index 00000000000..4e958f7d941 --- /dev/null +++ b/net/bluetooth/hidp/Kconfig | |||
@@ -0,0 +1,12 @@ | |||
1 | config BT_HIDP | ||
2 | tristate "HIDP protocol support" | ||
3 | depends on BT && BT_L2CAP | ||
4 | select INPUT | ||
5 | help | ||
6 | HIDP (Human Interface Device Protocol) is a transport layer | ||
7 | for HID reports. HIDP is required for the Bluetooth Human | ||
8 | Interface Device Profile. | ||
9 | |||
10 | Say Y here to compile HIDP support into the kernel or say M to | ||
11 | compile it as module (hidp). | ||
12 | |||
diff --git a/net/bluetooth/hidp/Makefile b/net/bluetooth/hidp/Makefile new file mode 100644 index 00000000000..a9ee115696a --- /dev/null +++ b/net/bluetooth/hidp/Makefile | |||
@@ -0,0 +1,7 @@ | |||
1 | # | ||
2 | # Makefile for the Linux Bluetooth HIDP layer | ||
3 | # | ||
4 | |||
5 | obj-$(CONFIG_BT_HIDP) += hidp.o | ||
6 | |||
7 | hidp-objs := core.o sock.o | ||
diff --git a/net/bluetooth/hidp/core.c b/net/bluetooth/hidp/core.c new file mode 100644 index 00000000000..2cf98ceabcc --- /dev/null +++ b/net/bluetooth/hidp/core.c | |||
@@ -0,0 +1,772 @@ | |||
1 | /* | ||
2 | HIDP implementation for Linux Bluetooth stack (BlueZ). | ||
3 | Copyright (C) 2003-2004 Marcel Holtmann <marcel@holtmann.org> | ||
4 | |||
5 | This program is free software; you can redistribute it and/or modify | ||
6 | it under the terms of the GNU General Public License version 2 as | ||
7 | published by the Free Software Foundation; | ||
8 | |||
9 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS | ||
10 | OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | ||
11 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. | ||
12 | IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY | ||
13 | CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES | ||
14 | WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | ||
15 | ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | ||
16 | OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | ||
17 | |||
18 | ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, | ||
19 | COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS | ||
20 | SOFTWARE IS DISCLAIMED. | ||
21 | */ | ||
22 | |||
23 | #include <linux/config.h> | ||
24 | #include <linux/module.h> | ||
25 | |||
26 | #include <linux/types.h> | ||
27 | #include <linux/errno.h> | ||
28 | #include <linux/kernel.h> | ||
29 | #include <linux/major.h> | ||
30 | #include <linux/sched.h> | ||
31 | #include <linux/slab.h> | ||
32 | #include <linux/poll.h> | ||
33 | #include <linux/fcntl.h> | ||
34 | #include <linux/skbuff.h> | ||
35 | #include <linux/socket.h> | ||
36 | #include <linux/ioctl.h> | ||
37 | #include <linux/file.h> | ||
38 | #include <linux/init.h> | ||
39 | #include <linux/wait.h> | ||
40 | #include <net/sock.h> | ||
41 | |||
42 | #include <linux/input.h> | ||
43 | |||
44 | #include <net/bluetooth/bluetooth.h> | ||
45 | #include <net/bluetooth/l2cap.h> | ||
46 | |||
47 | #include "hidp.h" | ||
48 | |||
49 | #ifndef CONFIG_BT_HIDP_DEBUG | ||
50 | #undef BT_DBG | ||
51 | #define BT_DBG(D...) | ||
52 | #endif | ||
53 | |||
54 | #define VERSION "1.1" | ||
55 | |||
56 | static DECLARE_RWSEM(hidp_session_sem); | ||
57 | static LIST_HEAD(hidp_session_list); | ||
58 | |||
59 | static unsigned char hidp_keycode[256] = { | ||
60 | 0, 0, 0, 0, 30, 48, 46, 32, 18, 33, 34, 35, 23, 36, 37, 38, | ||
61 | 50, 49, 24, 25, 16, 19, 31, 20, 22, 47, 17, 45, 21, 44, 2, 3, | ||
62 | 4, 5, 6, 7, 8, 9, 10, 11, 28, 1, 14, 15, 57, 12, 13, 26, | ||
63 | 27, 43, 43, 39, 40, 41, 51, 52, 53, 58, 59, 60, 61, 62, 63, 64, | ||
64 | 65, 66, 67, 68, 87, 88, 99, 70,119,110,102,104,111,107,109,106, | ||
65 | 105,108,103, 69, 98, 55, 74, 78, 96, 79, 80, 81, 75, 76, 77, 71, | ||
66 | 72, 73, 82, 83, 86,127,116,117,183,184,185,186,187,188,189,190, | ||
67 | 191,192,193,194,134,138,130,132,128,129,131,137,133,135,136,113, | ||
68 | 115,114, 0, 0, 0,121, 0, 89, 93,124, 92, 94, 95, 0, 0, 0, | ||
69 | 122,123, 90, 91, 85, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | ||
70 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | ||
71 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | ||
72 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | ||
73 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | ||
74 | 29, 42, 56,125, 97, 54,100,126,164,166,165,163,161,115,114,113, | ||
75 | 150,158,159,128,136,177,178,176,142,152,173,140 | ||
76 | }; | ||
77 | |||
78 | static unsigned char hidp_mkeyspat[] = { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }; | ||
79 | |||
80 | static struct hidp_session *__hidp_get_session(bdaddr_t *bdaddr) | ||
81 | { | ||
82 | struct hidp_session *session; | ||
83 | struct list_head *p; | ||
84 | |||
85 | BT_DBG(""); | ||
86 | |||
87 | list_for_each(p, &hidp_session_list) { | ||
88 | session = list_entry(p, struct hidp_session, list); | ||
89 | if (!bacmp(bdaddr, &session->bdaddr)) | ||
90 | return session; | ||
91 | } | ||
92 | return NULL; | ||
93 | } | ||
94 | |||
95 | static void __hidp_link_session(struct hidp_session *session) | ||
96 | { | ||
97 | __module_get(THIS_MODULE); | ||
98 | list_add(&session->list, &hidp_session_list); | ||
99 | } | ||
100 | |||
101 | static void __hidp_unlink_session(struct hidp_session *session) | ||
102 | { | ||
103 | list_del(&session->list); | ||
104 | module_put(THIS_MODULE); | ||
105 | } | ||
106 | |||
107 | static void __hidp_copy_session(struct hidp_session *session, struct hidp_conninfo *ci) | ||
108 | { | ||
109 | bacpy(&ci->bdaddr, &session->bdaddr); | ||
110 | |||
111 | ci->flags = session->flags; | ||
112 | ci->state = session->state; | ||
113 | |||
114 | ci->vendor = 0x0000; | ||
115 | ci->product = 0x0000; | ||
116 | ci->version = 0x0000; | ||
117 | memset(ci->name, 0, 128); | ||
118 | |||
119 | if (session->input) { | ||
120 | ci->vendor = session->input->id.vendor; | ||
121 | ci->product = session->input->id.product; | ||
122 | ci->version = session->input->id.version; | ||
123 | if (session->input->name) | ||
124 | strncpy(ci->name, session->input->name, 128); | ||
125 | else | ||
126 | strncpy(ci->name, "HID Boot Device", 128); | ||
127 | } | ||
128 | } | ||
129 | |||
130 | static int hidp_input_event(struct input_dev *dev, unsigned int type, unsigned int code, int value) | ||
131 | { | ||
132 | struct hidp_session *session = dev->private; | ||
133 | struct sk_buff *skb; | ||
134 | unsigned char newleds; | ||
135 | |||
136 | BT_DBG("input %p type %d code %d value %d", dev, type, code, value); | ||
137 | |||
138 | if (type != EV_LED) | ||
139 | return -1; | ||
140 | |||
141 | newleds = (!!test_bit(LED_KANA, dev->led) << 3) | | ||
142 | (!!test_bit(LED_COMPOSE, dev->led) << 3) | | ||
143 | (!!test_bit(LED_SCROLLL, dev->led) << 2) | | ||
144 | (!!test_bit(LED_CAPSL, dev->led) << 1) | | ||
145 | (!!test_bit(LED_NUML, dev->led)); | ||
146 | |||
147 | if (session->leds == newleds) | ||
148 | return 0; | ||
149 | |||
150 | session->leds = newleds; | ||
151 | |||
152 | if (!(skb = alloc_skb(3, GFP_ATOMIC))) { | ||
153 | BT_ERR("Can't allocate memory for new frame"); | ||
154 | return -ENOMEM; | ||
155 | } | ||
156 | |||
157 | *skb_put(skb, 1) = HIDP_TRANS_DATA | HIDP_DATA_RTYPE_OUPUT; | ||
158 | *skb_put(skb, 1) = 0x01; | ||
159 | *skb_put(skb, 1) = newleds; | ||
160 | |||
161 | skb_queue_tail(&session->intr_transmit, skb); | ||
162 | |||
163 | hidp_schedule(session); | ||
164 | |||
165 | return 0; | ||
166 | } | ||
167 | |||
168 | static void hidp_input_report(struct hidp_session *session, struct sk_buff *skb) | ||
169 | { | ||
170 | struct input_dev *dev = session->input; | ||
171 | unsigned char *keys = session->keys; | ||
172 | unsigned char *udata = skb->data + 1; | ||
173 | signed char *sdata = skb->data + 1; | ||
174 | int i, size = skb->len - 1; | ||
175 | |||
176 | switch (skb->data[0]) { | ||
177 | case 0x01: /* Keyboard report */ | ||
178 | for (i = 0; i < 8; i++) | ||
179 | input_report_key(dev, hidp_keycode[i + 224], (udata[0] >> i) & 1); | ||
180 | |||
181 | /* If all the key codes have been set to 0x01, it means | ||
182 | * too many keys were pressed at the same time. */ | ||
183 | if (!memcmp(udata + 2, hidp_mkeyspat, 6)) | ||
184 | break; | ||
185 | |||
186 | for (i = 2; i < 8; i++) { | ||
187 | if (keys[i] > 3 && memscan(udata + 2, keys[i], 6) == udata + 8) { | ||
188 | if (hidp_keycode[keys[i]]) | ||
189 | input_report_key(dev, hidp_keycode[keys[i]], 0); | ||
190 | else | ||
191 | BT_ERR("Unknown key (scancode %#x) released.", keys[i]); | ||
192 | } | ||
193 | |||
194 | if (udata[i] > 3 && memscan(keys + 2, udata[i], 6) == keys + 8) { | ||
195 | if (hidp_keycode[udata[i]]) | ||
196 | input_report_key(dev, hidp_keycode[udata[i]], 1); | ||
197 | else | ||
198 | BT_ERR("Unknown key (scancode %#x) pressed.", udata[i]); | ||
199 | } | ||
200 | } | ||
201 | |||
202 | memcpy(keys, udata, 8); | ||
203 | break; | ||
204 | |||
205 | case 0x02: /* Mouse report */ | ||
206 | input_report_key(dev, BTN_LEFT, sdata[0] & 0x01); | ||
207 | input_report_key(dev, BTN_RIGHT, sdata[0] & 0x02); | ||
208 | input_report_key(dev, BTN_MIDDLE, sdata[0] & 0x04); | ||
209 | input_report_key(dev, BTN_SIDE, sdata[0] & 0x08); | ||
210 | input_report_key(dev, BTN_EXTRA, sdata[0] & 0x10); | ||
211 | |||
212 | input_report_rel(dev, REL_X, sdata[1]); | ||
213 | input_report_rel(dev, REL_Y, sdata[2]); | ||
214 | |||
215 | if (size > 3) | ||
216 | input_report_rel(dev, REL_WHEEL, sdata[3]); | ||
217 | break; | ||
218 | } | ||
219 | |||
220 | input_sync(dev); | ||
221 | } | ||
222 | |||
223 | static void hidp_idle_timeout(unsigned long arg) | ||
224 | { | ||
225 | struct hidp_session *session = (struct hidp_session *) arg; | ||
226 | |||
227 | atomic_inc(&session->terminate); | ||
228 | hidp_schedule(session); | ||
229 | } | ||
230 | |||
231 | static inline void hidp_set_timer(struct hidp_session *session) | ||
232 | { | ||
233 | if (session->idle_to > 0) | ||
234 | mod_timer(&session->timer, jiffies + HZ * session->idle_to); | ||
235 | } | ||
236 | |||
237 | static inline void hidp_del_timer(struct hidp_session *session) | ||
238 | { | ||
239 | if (session->idle_to > 0) | ||
240 | del_timer(&session->timer); | ||
241 | } | ||
242 | |||
243 | static int __hidp_send_ctrl_message(struct hidp_session *session, | ||
244 | unsigned char hdr, unsigned char *data, int size) | ||
245 | { | ||
246 | struct sk_buff *skb; | ||
247 | |||
248 | BT_DBG("session %p data %p size %d", session, data, size); | ||
249 | |||
250 | if (!(skb = alloc_skb(size + 1, GFP_ATOMIC))) { | ||
251 | BT_ERR("Can't allocate memory for new frame"); | ||
252 | return -ENOMEM; | ||
253 | } | ||
254 | |||
255 | *skb_put(skb, 1) = hdr; | ||
256 | if (data && size > 0) | ||
257 | memcpy(skb_put(skb, size), data, size); | ||
258 | |||
259 | skb_queue_tail(&session->ctrl_transmit, skb); | ||
260 | |||
261 | return 0; | ||
262 | } | ||
263 | |||
264 | static int inline hidp_send_ctrl_message(struct hidp_session *session, | ||
265 | unsigned char hdr, unsigned char *data, int size) | ||
266 | { | ||
267 | int err; | ||
268 | |||
269 | err = __hidp_send_ctrl_message(session, hdr, data, size); | ||
270 | |||
271 | hidp_schedule(session); | ||
272 | |||
273 | return err; | ||
274 | } | ||
275 | |||
276 | static inline void hidp_process_handshake(struct hidp_session *session, unsigned char param) | ||
277 | { | ||
278 | BT_DBG("session %p param 0x%02x", session, param); | ||
279 | |||
280 | switch (param) { | ||
281 | case HIDP_HSHK_SUCCESSFUL: | ||
282 | /* FIXME: Call into SET_ GET_ handlers here */ | ||
283 | break; | ||
284 | |||
285 | case HIDP_HSHK_NOT_READY: | ||
286 | case HIDP_HSHK_ERR_INVALID_REPORT_ID: | ||
287 | case HIDP_HSHK_ERR_UNSUPPORTED_REQUEST: | ||
288 | case HIDP_HSHK_ERR_INVALID_PARAMETER: | ||
289 | /* FIXME: Call into SET_ GET_ handlers here */ | ||
290 | break; | ||
291 | |||
292 | case HIDP_HSHK_ERR_UNKNOWN: | ||
293 | break; | ||
294 | |||
295 | case HIDP_HSHK_ERR_FATAL: | ||
296 | /* Device requests a reboot, as this is the only way this error | ||
297 | * can be recovered. */ | ||
298 | __hidp_send_ctrl_message(session, | ||
299 | HIDP_TRANS_HID_CONTROL | HIDP_CTRL_SOFT_RESET, NULL, 0); | ||
300 | break; | ||
301 | |||
302 | default: | ||
303 | __hidp_send_ctrl_message(session, | ||
304 | HIDP_TRANS_HANDSHAKE | HIDP_HSHK_ERR_INVALID_PARAMETER, NULL, 0); | ||
305 | break; | ||
306 | } | ||
307 | } | ||
308 | |||
309 | static inline void hidp_process_hid_control(struct hidp_session *session, unsigned char param) | ||
310 | { | ||
311 | BT_DBG("session %p param 0x%02x", session, param); | ||
312 | |||
313 | switch (param) { | ||
314 | case HIDP_CTRL_NOP: | ||
315 | break; | ||
316 | |||
317 | case HIDP_CTRL_VIRTUAL_CABLE_UNPLUG: | ||
318 | /* Flush the transmit queues */ | ||
319 | skb_queue_purge(&session->ctrl_transmit); | ||
320 | skb_queue_purge(&session->intr_transmit); | ||
321 | |||
322 | /* Kill session thread */ | ||
323 | atomic_inc(&session->terminate); | ||
324 | break; | ||
325 | |||
326 | case HIDP_CTRL_HARD_RESET: | ||
327 | case HIDP_CTRL_SOFT_RESET: | ||
328 | case HIDP_CTRL_SUSPEND: | ||
329 | case HIDP_CTRL_EXIT_SUSPEND: | ||
330 | /* FIXME: We have to parse these and return no error */ | ||
331 | break; | ||
332 | |||
333 | default: | ||
334 | __hidp_send_ctrl_message(session, | ||
335 | HIDP_TRANS_HANDSHAKE | HIDP_HSHK_ERR_INVALID_PARAMETER, NULL, 0); | ||
336 | break; | ||
337 | } | ||
338 | } | ||
339 | |||
340 | static inline void hidp_process_data(struct hidp_session *session, struct sk_buff *skb, unsigned char param) | ||
341 | { | ||
342 | BT_DBG("session %p skb %p len %d param 0x%02x", session, skb, skb->len, param); | ||
343 | |||
344 | switch (param) { | ||
345 | case HIDP_DATA_RTYPE_INPUT: | ||
346 | hidp_set_timer(session); | ||
347 | |||
348 | if (session->input) | ||
349 | hidp_input_report(session, skb); | ||
350 | break; | ||
351 | |||
352 | case HIDP_DATA_RTYPE_OTHER: | ||
353 | case HIDP_DATA_RTYPE_OUPUT: | ||
354 | case HIDP_DATA_RTYPE_FEATURE: | ||
355 | break; | ||
356 | |||
357 | default: | ||
358 | __hidp_send_ctrl_message(session, | ||
359 | HIDP_TRANS_HANDSHAKE | HIDP_HSHK_ERR_INVALID_PARAMETER, NULL, 0); | ||
360 | } | ||
361 | } | ||
362 | |||
363 | static inline void hidp_recv_ctrl_frame(struct hidp_session *session, struct sk_buff *skb) | ||
364 | { | ||
365 | unsigned char hdr, type, param; | ||
366 | |||
367 | BT_DBG("session %p skb %p len %d", session, skb, skb->len); | ||
368 | |||
369 | hdr = skb->data[0]; | ||
370 | skb_pull(skb, 1); | ||
371 | |||
372 | type = hdr & HIDP_HEADER_TRANS_MASK; | ||
373 | param = hdr & HIDP_HEADER_PARAM_MASK; | ||
374 | |||
375 | switch (type) { | ||
376 | case HIDP_TRANS_HANDSHAKE: | ||
377 | hidp_process_handshake(session, param); | ||
378 | break; | ||
379 | |||
380 | case HIDP_TRANS_HID_CONTROL: | ||
381 | hidp_process_hid_control(session, param); | ||
382 | break; | ||
383 | |||
384 | case HIDP_TRANS_DATA: | ||
385 | hidp_process_data(session, skb, param); | ||
386 | break; | ||
387 | |||
388 | default: | ||
389 | __hidp_send_ctrl_message(session, | ||
390 | HIDP_TRANS_HANDSHAKE | HIDP_HSHK_ERR_UNSUPPORTED_REQUEST, NULL, 0); | ||
391 | break; | ||
392 | } | ||
393 | |||
394 | kfree_skb(skb); | ||
395 | } | ||
396 | |||
397 | static inline void hidp_recv_intr_frame(struct hidp_session *session, struct sk_buff *skb) | ||
398 | { | ||
399 | unsigned char hdr; | ||
400 | |||
401 | BT_DBG("session %p skb %p len %d", session, skb, skb->len); | ||
402 | |||
403 | hdr = skb->data[0]; | ||
404 | skb_pull(skb, 1); | ||
405 | |||
406 | if (hdr == (HIDP_TRANS_DATA | HIDP_DATA_RTYPE_INPUT)) { | ||
407 | hidp_set_timer(session); | ||
408 | if (session->input) | ||
409 | hidp_input_report(session, skb); | ||
410 | } else { | ||
411 | BT_DBG("Unsupported protocol header 0x%02x", hdr); | ||
412 | } | ||
413 | |||
414 | kfree_skb(skb); | ||
415 | } | ||
416 | |||
417 | static int hidp_send_frame(struct socket *sock, unsigned char *data, int len) | ||
418 | { | ||
419 | struct kvec iv = { data, len }; | ||
420 | struct msghdr msg; | ||
421 | |||
422 | BT_DBG("sock %p data %p len %d", sock, data, len); | ||
423 | |||
424 | if (!len) | ||
425 | return 0; | ||
426 | |||
427 | memset(&msg, 0, sizeof(msg)); | ||
428 | |||
429 | return kernel_sendmsg(sock, &msg, &iv, 1, len); | ||
430 | } | ||
431 | |||
432 | static int hidp_process_transmit(struct hidp_session *session) | ||
433 | { | ||
434 | struct sk_buff *skb; | ||
435 | |||
436 | BT_DBG("session %p", session); | ||
437 | |||
438 | while ((skb = skb_dequeue(&session->ctrl_transmit))) { | ||
439 | if (hidp_send_frame(session->ctrl_sock, skb->data, skb->len) < 0) { | ||
440 | skb_queue_head(&session->ctrl_transmit, skb); | ||
441 | break; | ||
442 | } | ||
443 | |||
444 | hidp_set_timer(session); | ||
445 | kfree_skb(skb); | ||
446 | } | ||
447 | |||
448 | while ((skb = skb_dequeue(&session->intr_transmit))) { | ||
449 | if (hidp_send_frame(session->intr_sock, skb->data, skb->len) < 0) { | ||
450 | skb_queue_head(&session->intr_transmit, skb); | ||
451 | break; | ||
452 | } | ||
453 | |||
454 | hidp_set_timer(session); | ||
455 | kfree_skb(skb); | ||
456 | } | ||
457 | |||
458 | return skb_queue_len(&session->ctrl_transmit) + | ||
459 | skb_queue_len(&session->intr_transmit); | ||
460 | } | ||
461 | |||
462 | static int hidp_session(void *arg) | ||
463 | { | ||
464 | struct hidp_session *session = arg; | ||
465 | struct sock *ctrl_sk = session->ctrl_sock->sk; | ||
466 | struct sock *intr_sk = session->intr_sock->sk; | ||
467 | struct sk_buff *skb; | ||
468 | int vendor = 0x0000, product = 0x0000; | ||
469 | wait_queue_t ctrl_wait, intr_wait; | ||
470 | |||
471 | BT_DBG("session %p", session); | ||
472 | |||
473 | if (session->input) { | ||
474 | vendor = session->input->id.vendor; | ||
475 | product = session->input->id.product; | ||
476 | } | ||
477 | |||
478 | daemonize("khidpd_%04x%04x", vendor, product); | ||
479 | set_user_nice(current, -15); | ||
480 | current->flags |= PF_NOFREEZE; | ||
481 | |||
482 | init_waitqueue_entry(&ctrl_wait, current); | ||
483 | init_waitqueue_entry(&intr_wait, current); | ||
484 | add_wait_queue(ctrl_sk->sk_sleep, &ctrl_wait); | ||
485 | add_wait_queue(intr_sk->sk_sleep, &intr_wait); | ||
486 | while (!atomic_read(&session->terminate)) { | ||
487 | set_current_state(TASK_INTERRUPTIBLE); | ||
488 | |||
489 | if (ctrl_sk->sk_state != BT_CONNECTED || intr_sk->sk_state != BT_CONNECTED) | ||
490 | break; | ||
491 | |||
492 | while ((skb = skb_dequeue(&ctrl_sk->sk_receive_queue))) { | ||
493 | skb_orphan(skb); | ||
494 | hidp_recv_ctrl_frame(session, skb); | ||
495 | } | ||
496 | |||
497 | while ((skb = skb_dequeue(&intr_sk->sk_receive_queue))) { | ||
498 | skb_orphan(skb); | ||
499 | hidp_recv_intr_frame(session, skb); | ||
500 | } | ||
501 | |||
502 | hidp_process_transmit(session); | ||
503 | |||
504 | schedule(); | ||
505 | } | ||
506 | set_current_state(TASK_RUNNING); | ||
507 | remove_wait_queue(intr_sk->sk_sleep, &intr_wait); | ||
508 | remove_wait_queue(ctrl_sk->sk_sleep, &ctrl_wait); | ||
509 | |||
510 | down_write(&hidp_session_sem); | ||
511 | |||
512 | hidp_del_timer(session); | ||
513 | |||
514 | if (intr_sk->sk_state != BT_CONNECTED) | ||
515 | wait_event_timeout(*(ctrl_sk->sk_sleep), (ctrl_sk->sk_state == BT_CLOSED), HZ); | ||
516 | |||
517 | fput(session->ctrl_sock->file); | ||
518 | |||
519 | wait_event_timeout(*(intr_sk->sk_sleep), (intr_sk->sk_state == BT_CLOSED), HZ); | ||
520 | |||
521 | fput(session->intr_sock->file); | ||
522 | |||
523 | __hidp_unlink_session(session); | ||
524 | |||
525 | if (session->input) { | ||
526 | input_unregister_device(session->input); | ||
527 | kfree(session->input); | ||
528 | } | ||
529 | |||
530 | up_write(&hidp_session_sem); | ||
531 | |||
532 | kfree(session); | ||
533 | return 0; | ||
534 | } | ||
535 | |||
536 | static inline void hidp_setup_input(struct hidp_session *session, struct hidp_connadd_req *req) | ||
537 | { | ||
538 | struct input_dev *input = session->input; | ||
539 | int i; | ||
540 | |||
541 | input->private = session; | ||
542 | |||
543 | input->id.bustype = BUS_BLUETOOTH; | ||
544 | input->id.vendor = req->vendor; | ||
545 | input->id.product = req->product; | ||
546 | input->id.version = req->version; | ||
547 | |||
548 | if (req->subclass & 0x40) { | ||
549 | set_bit(EV_KEY, input->evbit); | ||
550 | set_bit(EV_LED, input->evbit); | ||
551 | set_bit(EV_REP, input->evbit); | ||
552 | |||
553 | set_bit(LED_NUML, input->ledbit); | ||
554 | set_bit(LED_CAPSL, input->ledbit); | ||
555 | set_bit(LED_SCROLLL, input->ledbit); | ||
556 | set_bit(LED_COMPOSE, input->ledbit); | ||
557 | set_bit(LED_KANA, input->ledbit); | ||
558 | |||
559 | for (i = 0; i < sizeof(hidp_keycode); i++) | ||
560 | set_bit(hidp_keycode[i], input->keybit); | ||
561 | clear_bit(0, input->keybit); | ||
562 | } | ||
563 | |||
564 | if (req->subclass & 0x80) { | ||
565 | input->evbit[0] = BIT(EV_KEY) | BIT(EV_REL); | ||
566 | input->keybit[LONG(BTN_MOUSE)] = BIT(BTN_LEFT) | BIT(BTN_RIGHT) | BIT(BTN_MIDDLE); | ||
567 | input->relbit[0] = BIT(REL_X) | BIT(REL_Y); | ||
568 | input->keybit[LONG(BTN_MOUSE)] |= BIT(BTN_SIDE) | BIT(BTN_EXTRA); | ||
569 | input->relbit[0] |= BIT(REL_WHEEL); | ||
570 | } | ||
571 | |||
572 | input->event = hidp_input_event; | ||
573 | |||
574 | input_register_device(input); | ||
575 | } | ||
576 | |||
577 | int hidp_add_connection(struct hidp_connadd_req *req, struct socket *ctrl_sock, struct socket *intr_sock) | ||
578 | { | ||
579 | struct hidp_session *session, *s; | ||
580 | int err; | ||
581 | |||
582 | BT_DBG(""); | ||
583 | |||
584 | if (bacmp(&bt_sk(ctrl_sock->sk)->src, &bt_sk(intr_sock->sk)->src) || | ||
585 | bacmp(&bt_sk(ctrl_sock->sk)->dst, &bt_sk(intr_sock->sk)->dst)) | ||
586 | return -ENOTUNIQ; | ||
587 | |||
588 | session = kmalloc(sizeof(struct hidp_session), GFP_KERNEL); | ||
589 | if (!session) | ||
590 | return -ENOMEM; | ||
591 | memset(session, 0, sizeof(struct hidp_session)); | ||
592 | |||
593 | session->input = kmalloc(sizeof(struct input_dev), GFP_KERNEL); | ||
594 | if (!session->input) { | ||
595 | kfree(session); | ||
596 | return -ENOMEM; | ||
597 | } | ||
598 | memset(session->input, 0, sizeof(struct input_dev)); | ||
599 | |||
600 | down_write(&hidp_session_sem); | ||
601 | |||
602 | s = __hidp_get_session(&bt_sk(ctrl_sock->sk)->dst); | ||
603 | if (s && s->state == BT_CONNECTED) { | ||
604 | err = -EEXIST; | ||
605 | goto failed; | ||
606 | } | ||
607 | |||
608 | bacpy(&session->bdaddr, &bt_sk(ctrl_sock->sk)->dst); | ||
609 | |||
610 | session->ctrl_mtu = min_t(uint, l2cap_pi(ctrl_sock->sk)->omtu, l2cap_pi(ctrl_sock->sk)->imtu); | ||
611 | session->intr_mtu = min_t(uint, l2cap_pi(intr_sock->sk)->omtu, l2cap_pi(intr_sock->sk)->imtu); | ||
612 | |||
613 | BT_DBG("ctrl mtu %d intr mtu %d", session->ctrl_mtu, session->intr_mtu); | ||
614 | |||
615 | session->ctrl_sock = ctrl_sock; | ||
616 | session->intr_sock = intr_sock; | ||
617 | session->state = BT_CONNECTED; | ||
618 | |||
619 | init_timer(&session->timer); | ||
620 | |||
621 | session->timer.function = hidp_idle_timeout; | ||
622 | session->timer.data = (unsigned long) session; | ||
623 | |||
624 | skb_queue_head_init(&session->ctrl_transmit); | ||
625 | skb_queue_head_init(&session->intr_transmit); | ||
626 | |||
627 | session->flags = req->flags & (1 << HIDP_BLUETOOTH_VENDOR_ID); | ||
628 | session->idle_to = req->idle_to; | ||
629 | |||
630 | if (session->input) | ||
631 | hidp_setup_input(session, req); | ||
632 | |||
633 | __hidp_link_session(session); | ||
634 | |||
635 | hidp_set_timer(session); | ||
636 | |||
637 | err = kernel_thread(hidp_session, session, CLONE_KERNEL); | ||
638 | if (err < 0) | ||
639 | goto unlink; | ||
640 | |||
641 | if (session->input) { | ||
642 | hidp_send_ctrl_message(session, | ||
643 | HIDP_TRANS_SET_PROTOCOL | HIDP_PROTO_BOOT, NULL, 0); | ||
644 | session->flags |= (1 << HIDP_BOOT_PROTOCOL_MODE); | ||
645 | |||
646 | session->leds = 0xff; | ||
647 | hidp_input_event(session->input, EV_LED, 0, 0); | ||
648 | } | ||
649 | |||
650 | up_write(&hidp_session_sem); | ||
651 | return 0; | ||
652 | |||
653 | unlink: | ||
654 | hidp_del_timer(session); | ||
655 | |||
656 | __hidp_unlink_session(session); | ||
657 | |||
658 | if (session->input) | ||
659 | input_unregister_device(session->input); | ||
660 | |||
661 | failed: | ||
662 | up_write(&hidp_session_sem); | ||
663 | |||
664 | if (session->input) | ||
665 | kfree(session->input); | ||
666 | |||
667 | kfree(session); | ||
668 | return err; | ||
669 | } | ||
670 | |||
671 | int hidp_del_connection(struct hidp_conndel_req *req) | ||
672 | { | ||
673 | struct hidp_session *session; | ||
674 | int err = 0; | ||
675 | |||
676 | BT_DBG(""); | ||
677 | |||
678 | down_read(&hidp_session_sem); | ||
679 | |||
680 | session = __hidp_get_session(&req->bdaddr); | ||
681 | if (session) { | ||
682 | if (req->flags & (1 << HIDP_VIRTUAL_CABLE_UNPLUG)) { | ||
683 | hidp_send_ctrl_message(session, | ||
684 | HIDP_TRANS_HID_CONTROL | HIDP_CTRL_VIRTUAL_CABLE_UNPLUG, NULL, 0); | ||
685 | } else { | ||
686 | /* Flush the transmit queues */ | ||
687 | skb_queue_purge(&session->ctrl_transmit); | ||
688 | skb_queue_purge(&session->intr_transmit); | ||
689 | |||
690 | /* Kill session thread */ | ||
691 | atomic_inc(&session->terminate); | ||
692 | hidp_schedule(session); | ||
693 | } | ||
694 | } else | ||
695 | err = -ENOENT; | ||
696 | |||
697 | up_read(&hidp_session_sem); | ||
698 | return err; | ||
699 | } | ||
700 | |||
701 | int hidp_get_connlist(struct hidp_connlist_req *req) | ||
702 | { | ||
703 | struct list_head *p; | ||
704 | int err = 0, n = 0; | ||
705 | |||
706 | BT_DBG(""); | ||
707 | |||
708 | down_read(&hidp_session_sem); | ||
709 | |||
710 | list_for_each(p, &hidp_session_list) { | ||
711 | struct hidp_session *session; | ||
712 | struct hidp_conninfo ci; | ||
713 | |||
714 | session = list_entry(p, struct hidp_session, list); | ||
715 | |||
716 | __hidp_copy_session(session, &ci); | ||
717 | |||
718 | if (copy_to_user(req->ci, &ci, sizeof(ci))) { | ||
719 | err = -EFAULT; | ||
720 | break; | ||
721 | } | ||
722 | |||
723 | if (++n >= req->cnum) | ||
724 | break; | ||
725 | |||
726 | req->ci++; | ||
727 | } | ||
728 | req->cnum = n; | ||
729 | |||
730 | up_read(&hidp_session_sem); | ||
731 | return err; | ||
732 | } | ||
733 | |||
734 | int hidp_get_conninfo(struct hidp_conninfo *ci) | ||
735 | { | ||
736 | struct hidp_session *session; | ||
737 | int err = 0; | ||
738 | |||
739 | down_read(&hidp_session_sem); | ||
740 | |||
741 | session = __hidp_get_session(&ci->bdaddr); | ||
742 | if (session) | ||
743 | __hidp_copy_session(session, ci); | ||
744 | else | ||
745 | err = -ENOENT; | ||
746 | |||
747 | up_read(&hidp_session_sem); | ||
748 | return err; | ||
749 | } | ||
750 | |||
751 | static int __init hidp_init(void) | ||
752 | { | ||
753 | l2cap_load(); | ||
754 | |||
755 | BT_INFO("HIDP (Human Interface Emulation) ver %s", VERSION); | ||
756 | |||
757 | return hidp_init_sockets(); | ||
758 | } | ||
759 | |||
760 | static void __exit hidp_exit(void) | ||
761 | { | ||
762 | hidp_cleanup_sockets(); | ||
763 | } | ||
764 | |||
765 | module_init(hidp_init); | ||
766 | module_exit(hidp_exit); | ||
767 | |||
768 | MODULE_AUTHOR("Marcel Holtmann <marcel@holtmann.org>"); | ||
769 | MODULE_DESCRIPTION("Bluetooth HIDP ver " VERSION); | ||
770 | MODULE_VERSION(VERSION); | ||
771 | MODULE_LICENSE("GPL"); | ||
772 | MODULE_ALIAS("bt-proto-6"); | ||
diff --git a/net/bluetooth/hidp/hidp.h b/net/bluetooth/hidp/hidp.h new file mode 100644 index 00000000000..c2775f587d2 --- /dev/null +++ b/net/bluetooth/hidp/hidp.h | |||
@@ -0,0 +1,167 @@ | |||
1 | /* | ||
2 | HIDP implementation for Linux Bluetooth stack (BlueZ). | ||
3 | Copyright (C) 2003-2004 Marcel Holtmann <marcel@holtmann.org> | ||
4 | |||
5 | This program is free software; you can redistribute it and/or modify | ||
6 | it under the terms of the GNU General Public License version 2 as | ||
7 | published by the Free Software Foundation; | ||
8 | |||
9 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS | ||
10 | OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | ||
11 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. | ||
12 | IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY | ||
13 | CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES | ||
14 | WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | ||
15 | ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | ||
16 | OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | ||
17 | |||
18 | ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, | ||
19 | COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS | ||
20 | SOFTWARE IS DISCLAIMED. | ||
21 | */ | ||
22 | |||
23 | #ifndef __HIDP_H | ||
24 | #define __HIDP_H | ||
25 | |||
26 | #include <linux/types.h> | ||
27 | #include <net/bluetooth/bluetooth.h> | ||
28 | |||
29 | /* HIDP header masks */ | ||
30 | #define HIDP_HEADER_TRANS_MASK 0xf0 | ||
31 | #define HIDP_HEADER_PARAM_MASK 0x0f | ||
32 | |||
33 | /* HIDP transaction types */ | ||
34 | #define HIDP_TRANS_HANDSHAKE 0x00 | ||
35 | #define HIDP_TRANS_HID_CONTROL 0x10 | ||
36 | #define HIDP_TRANS_GET_REPORT 0x40 | ||
37 | #define HIDP_TRANS_SET_REPORT 0x50 | ||
38 | #define HIDP_TRANS_GET_PROTOCOL 0x60 | ||
39 | #define HIDP_TRANS_SET_PROTOCOL 0x70 | ||
40 | #define HIDP_TRANS_GET_IDLE 0x80 | ||
41 | #define HIDP_TRANS_SET_IDLE 0x90 | ||
42 | #define HIDP_TRANS_DATA 0xa0 | ||
43 | #define HIDP_TRANS_DATC 0xb0 | ||
44 | |||
45 | /* HIDP handshake results */ | ||
46 | #define HIDP_HSHK_SUCCESSFUL 0x00 | ||
47 | #define HIDP_HSHK_NOT_READY 0x01 | ||
48 | #define HIDP_HSHK_ERR_INVALID_REPORT_ID 0x02 | ||
49 | #define HIDP_HSHK_ERR_UNSUPPORTED_REQUEST 0x03 | ||
50 | #define HIDP_HSHK_ERR_INVALID_PARAMETER 0x04 | ||
51 | #define HIDP_HSHK_ERR_UNKNOWN 0x0e | ||
52 | #define HIDP_HSHK_ERR_FATAL 0x0f | ||
53 | |||
54 | /* HIDP control operation parameters */ | ||
55 | #define HIDP_CTRL_NOP 0x00 | ||
56 | #define HIDP_CTRL_HARD_RESET 0x01 | ||
57 | #define HIDP_CTRL_SOFT_RESET 0x02 | ||
58 | #define HIDP_CTRL_SUSPEND 0x03 | ||
59 | #define HIDP_CTRL_EXIT_SUSPEND 0x04 | ||
60 | #define HIDP_CTRL_VIRTUAL_CABLE_UNPLUG 0x05 | ||
61 | |||
62 | /* HIDP data transaction headers */ | ||
63 | #define HIDP_DATA_RTYPE_MASK 0x03 | ||
64 | #define HIDP_DATA_RSRVD_MASK 0x0c | ||
65 | #define HIDP_DATA_RTYPE_OTHER 0x00 | ||
66 | #define HIDP_DATA_RTYPE_INPUT 0x01 | ||
67 | #define HIDP_DATA_RTYPE_OUPUT 0x02 | ||
68 | #define HIDP_DATA_RTYPE_FEATURE 0x03 | ||
69 | |||
70 | /* HIDP protocol header parameters */ | ||
71 | #define HIDP_PROTO_BOOT 0x00 | ||
72 | #define HIDP_PROTO_REPORT 0x01 | ||
73 | |||
74 | /* HIDP ioctl defines */ | ||
75 | #define HIDPCONNADD _IOW('H', 200, int) | ||
76 | #define HIDPCONNDEL _IOW('H', 201, int) | ||
77 | #define HIDPGETCONNLIST _IOR('H', 210, int) | ||
78 | #define HIDPGETCONNINFO _IOR('H', 211, int) | ||
79 | |||
80 | #define HIDP_VIRTUAL_CABLE_UNPLUG 0 | ||
81 | #define HIDP_BOOT_PROTOCOL_MODE 1 | ||
82 | #define HIDP_BLUETOOTH_VENDOR_ID 9 | ||
83 | |||
84 | struct hidp_connadd_req { | ||
85 | int ctrl_sock; // Connected control socket | ||
86 | int intr_sock; // Connteted interrupt socket | ||
87 | __u16 parser; | ||
88 | __u16 rd_size; | ||
89 | __u8 *rd_data; | ||
90 | __u8 country; | ||
91 | __u8 subclass; | ||
92 | __u16 vendor; | ||
93 | __u16 product; | ||
94 | __u16 version; | ||
95 | __u32 flags; | ||
96 | __u32 idle_to; | ||
97 | char name[128]; | ||
98 | }; | ||
99 | |||
100 | struct hidp_conndel_req { | ||
101 | bdaddr_t bdaddr; | ||
102 | __u32 flags; | ||
103 | }; | ||
104 | |||
105 | struct hidp_conninfo { | ||
106 | bdaddr_t bdaddr; | ||
107 | __u32 flags; | ||
108 | __u16 state; | ||
109 | __u16 vendor; | ||
110 | __u16 product; | ||
111 | __u16 version; | ||
112 | char name[128]; | ||
113 | }; | ||
114 | |||
115 | struct hidp_connlist_req { | ||
116 | __u32 cnum; | ||
117 | struct hidp_conninfo __user *ci; | ||
118 | }; | ||
119 | |||
120 | int hidp_add_connection(struct hidp_connadd_req *req, struct socket *ctrl_sock, struct socket *intr_sock); | ||
121 | int hidp_del_connection(struct hidp_conndel_req *req); | ||
122 | int hidp_get_connlist(struct hidp_connlist_req *req); | ||
123 | int hidp_get_conninfo(struct hidp_conninfo *ci); | ||
124 | |||
125 | /* HIDP session defines */ | ||
126 | struct hidp_session { | ||
127 | struct list_head list; | ||
128 | |||
129 | struct socket *ctrl_sock; | ||
130 | struct socket *intr_sock; | ||
131 | |||
132 | bdaddr_t bdaddr; | ||
133 | |||
134 | unsigned long state; | ||
135 | unsigned long flags; | ||
136 | unsigned long idle_to; | ||
137 | |||
138 | uint ctrl_mtu; | ||
139 | uint intr_mtu; | ||
140 | |||
141 | atomic_t terminate; | ||
142 | |||
143 | unsigned char keys[8]; | ||
144 | unsigned char leds; | ||
145 | |||
146 | struct input_dev *input; | ||
147 | |||
148 | struct timer_list timer; | ||
149 | |||
150 | struct sk_buff_head ctrl_transmit; | ||
151 | struct sk_buff_head intr_transmit; | ||
152 | }; | ||
153 | |||
154 | static inline void hidp_schedule(struct hidp_session *session) | ||
155 | { | ||
156 | struct sock *ctrl_sk = session->ctrl_sock->sk; | ||
157 | struct sock *intr_sk = session->intr_sock->sk; | ||
158 | |||
159 | wake_up_interruptible(ctrl_sk->sk_sleep); | ||
160 | wake_up_interruptible(intr_sk->sk_sleep); | ||
161 | } | ||
162 | |||
163 | /* HIDP init defines */ | ||
164 | extern int __init hidp_init_sockets(void); | ||
165 | extern void __exit hidp_cleanup_sockets(void); | ||
166 | |||
167 | #endif /* __HIDP_H */ | ||
diff --git a/net/bluetooth/hidp/sock.c b/net/bluetooth/hidp/sock.c new file mode 100644 index 00000000000..fabb36d4666 --- /dev/null +++ b/net/bluetooth/hidp/sock.c | |||
@@ -0,0 +1,232 @@ | |||
1 | /* | ||
2 | HIDP implementation for Linux Bluetooth stack (BlueZ). | ||
3 | Copyright (C) 2003-2004 Marcel Holtmann <marcel@holtmann.org> | ||
4 | |||
5 | This program is free software; you can redistribute it and/or modify | ||
6 | it under the terms of the GNU General Public License version 2 as | ||
7 | published by the Free Software Foundation; | ||
8 | |||
9 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS | ||
10 | OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | ||
11 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. | ||
12 | IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY | ||
13 | CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES | ||
14 | WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | ||
15 | ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | ||
16 | OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | ||
17 | |||
18 | ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, | ||
19 | COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS | ||
20 | SOFTWARE IS DISCLAIMED. | ||
21 | */ | ||
22 | |||
23 | #include <linux/config.h> | ||
24 | #include <linux/module.h> | ||
25 | |||
26 | #include <linux/types.h> | ||
27 | #include <linux/errno.h> | ||
28 | #include <linux/kernel.h> | ||
29 | #include <linux/major.h> | ||
30 | #include <linux/sched.h> | ||
31 | #include <linux/slab.h> | ||
32 | #include <linux/poll.h> | ||
33 | #include <linux/fcntl.h> | ||
34 | #include <linux/skbuff.h> | ||
35 | #include <linux/socket.h> | ||
36 | #include <linux/ioctl.h> | ||
37 | #include <linux/file.h> | ||
38 | #include <linux/init.h> | ||
39 | #include <net/sock.h> | ||
40 | |||
41 | #include "hidp.h" | ||
42 | |||
43 | #ifndef CONFIG_BT_HIDP_DEBUG | ||
44 | #undef BT_DBG | ||
45 | #define BT_DBG(D...) | ||
46 | #endif | ||
47 | |||
48 | static int hidp_sock_release(struct socket *sock) | ||
49 | { | ||
50 | struct sock *sk = sock->sk; | ||
51 | |||
52 | BT_DBG("sock %p sk %p", sock, sk); | ||
53 | |||
54 | if (!sk) | ||
55 | return 0; | ||
56 | |||
57 | sock_orphan(sk); | ||
58 | sock_put(sk); | ||
59 | |||
60 | return 0; | ||
61 | } | ||
62 | |||
63 | static int hidp_sock_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg) | ||
64 | { | ||
65 | void __user *argp = (void __user *) arg; | ||
66 | struct hidp_connadd_req ca; | ||
67 | struct hidp_conndel_req cd; | ||
68 | struct hidp_connlist_req cl; | ||
69 | struct hidp_conninfo ci; | ||
70 | struct socket *csock; | ||
71 | struct socket *isock; | ||
72 | int err; | ||
73 | |||
74 | BT_DBG("cmd %x arg %lx", cmd, arg); | ||
75 | |||
76 | switch (cmd) { | ||
77 | case HIDPCONNADD: | ||
78 | if (!capable(CAP_NET_ADMIN)) | ||
79 | return -EACCES; | ||
80 | |||
81 | if (copy_from_user(&ca, argp, sizeof(ca))) | ||
82 | return -EFAULT; | ||
83 | |||
84 | csock = sockfd_lookup(ca.ctrl_sock, &err); | ||
85 | if (!csock) | ||
86 | return err; | ||
87 | |||
88 | isock = sockfd_lookup(ca.intr_sock, &err); | ||
89 | if (!isock) { | ||
90 | fput(csock->file); | ||
91 | return err; | ||
92 | } | ||
93 | |||
94 | if (csock->sk->sk_state != BT_CONNECTED || isock->sk->sk_state != BT_CONNECTED) { | ||
95 | fput(csock->file); | ||
96 | fput(isock->file); | ||
97 | return -EBADFD; | ||
98 | } | ||
99 | |||
100 | err = hidp_add_connection(&ca, csock, isock); | ||
101 | if (!err) { | ||
102 | if (copy_to_user(argp, &ca, sizeof(ca))) | ||
103 | err = -EFAULT; | ||
104 | } else { | ||
105 | fput(csock->file); | ||
106 | fput(isock->file); | ||
107 | } | ||
108 | |||
109 | return err; | ||
110 | |||
111 | case HIDPCONNDEL: | ||
112 | if (!capable(CAP_NET_ADMIN)) | ||
113 | return -EACCES; | ||
114 | |||
115 | if (copy_from_user(&cd, argp, sizeof(cd))) | ||
116 | return -EFAULT; | ||
117 | |||
118 | return hidp_del_connection(&cd); | ||
119 | |||
120 | case HIDPGETCONNLIST: | ||
121 | if (copy_from_user(&cl, argp, sizeof(cl))) | ||
122 | return -EFAULT; | ||
123 | |||
124 | if (cl.cnum <= 0) | ||
125 | return -EINVAL; | ||
126 | |||
127 | err = hidp_get_connlist(&cl); | ||
128 | if (!err && copy_to_user(argp, &cl, sizeof(cl))) | ||
129 | return -EFAULT; | ||
130 | |||
131 | return err; | ||
132 | |||
133 | case HIDPGETCONNINFO: | ||
134 | if (copy_from_user(&ci, argp, sizeof(ci))) | ||
135 | return -EFAULT; | ||
136 | |||
137 | err = hidp_get_conninfo(&ci); | ||
138 | if (!err && copy_to_user(argp, &ci, sizeof(ci))) | ||
139 | return -EFAULT; | ||
140 | |||
141 | return err; | ||
142 | } | ||
143 | |||
144 | return -EINVAL; | ||
145 | } | ||
146 | |||
147 | static struct proto_ops hidp_sock_ops = { | ||
148 | .family = PF_BLUETOOTH, | ||
149 | .owner = THIS_MODULE, | ||
150 | .release = hidp_sock_release, | ||
151 | .ioctl = hidp_sock_ioctl, | ||
152 | .bind = sock_no_bind, | ||
153 | .getname = sock_no_getname, | ||
154 | .sendmsg = sock_no_sendmsg, | ||
155 | .recvmsg = sock_no_recvmsg, | ||
156 | .poll = sock_no_poll, | ||
157 | .listen = sock_no_listen, | ||
158 | .shutdown = sock_no_shutdown, | ||
159 | .setsockopt = sock_no_setsockopt, | ||
160 | .getsockopt = sock_no_getsockopt, | ||
161 | .connect = sock_no_connect, | ||
162 | .socketpair = sock_no_socketpair, | ||
163 | .accept = sock_no_accept, | ||
164 | .mmap = sock_no_mmap | ||
165 | }; | ||
166 | |||
167 | static struct proto hidp_proto = { | ||
168 | .name = "HIDP", | ||
169 | .owner = THIS_MODULE, | ||
170 | .obj_size = sizeof(struct bt_sock) | ||
171 | }; | ||
172 | |||
173 | static int hidp_sock_create(struct socket *sock, int protocol) | ||
174 | { | ||
175 | struct sock *sk; | ||
176 | |||
177 | BT_DBG("sock %p", sock); | ||
178 | |||
179 | if (sock->type != SOCK_RAW) | ||
180 | return -ESOCKTNOSUPPORT; | ||
181 | |||
182 | sk = sk_alloc(PF_BLUETOOTH, GFP_KERNEL, &hidp_proto, 1); | ||
183 | if (!sk) | ||
184 | return -ENOMEM; | ||
185 | |||
186 | sock_init_data(sock, sk); | ||
187 | |||
188 | sock->ops = &hidp_sock_ops; | ||
189 | |||
190 | sock->state = SS_UNCONNECTED; | ||
191 | |||
192 | sock_reset_flag(sk, SOCK_ZAPPED); | ||
193 | |||
194 | sk->sk_protocol = protocol; | ||
195 | sk->sk_state = BT_OPEN; | ||
196 | |||
197 | return 0; | ||
198 | } | ||
199 | |||
200 | static struct net_proto_family hidp_sock_family_ops = { | ||
201 | .family = PF_BLUETOOTH, | ||
202 | .owner = THIS_MODULE, | ||
203 | .create = hidp_sock_create | ||
204 | }; | ||
205 | |||
206 | int __init hidp_init_sockets(void) | ||
207 | { | ||
208 | int err; | ||
209 | |||
210 | err = proto_register(&hidp_proto, 0); | ||
211 | if (err < 0) | ||
212 | return err; | ||
213 | |||
214 | err = bt_sock_register(BTPROTO_HIDP, &hidp_sock_family_ops); | ||
215 | if (err < 0) | ||
216 | goto error; | ||
217 | |||
218 | return 0; | ||
219 | |||
220 | error: | ||
221 | BT_ERR("Can't register HIDP socket"); | ||
222 | proto_unregister(&hidp_proto); | ||
223 | return err; | ||
224 | } | ||
225 | |||
226 | void __exit hidp_cleanup_sockets(void) | ||
227 | { | ||
228 | if (bt_sock_unregister(BTPROTO_HIDP) < 0) | ||
229 | BT_ERR("Can't unregister HIDP socket"); | ||
230 | |||
231 | proto_unregister(&hidp_proto); | ||
232 | } | ||
diff --git a/net/bluetooth/l2cap.c b/net/bluetooth/l2cap.c new file mode 100644 index 00000000000..c12babcf0b3 --- /dev/null +++ b/net/bluetooth/l2cap.c | |||
@@ -0,0 +1,2329 @@ | |||
1 | /* | ||
2 | BlueZ - Bluetooth protocol stack for Linux | ||
3 | Copyright (C) 2000-2001 Qualcomm Incorporated | ||
4 | |||
5 | Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com> | ||
6 | |||
7 | This program is free software; you can redistribute it and/or modify | ||
8 | it under the terms of the GNU General Public License version 2 as | ||
9 | published by the Free Software Foundation; | ||
10 | |||
11 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS | ||
12 | OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | ||
13 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. | ||
14 | IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY | ||
15 | CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES | ||
16 | WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | ||
17 | ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | ||
18 | OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | ||
19 | |||
20 | ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, | ||
21 | COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS | ||
22 | SOFTWARE IS DISCLAIMED. | ||
23 | */ | ||
24 | |||
25 | /* Bluetooth L2CAP core and sockets. */ | ||
26 | |||
27 | #include <linux/config.h> | ||
28 | #include <linux/module.h> | ||
29 | |||
30 | #include <linux/types.h> | ||
31 | #include <linux/errno.h> | ||
32 | #include <linux/kernel.h> | ||
33 | #include <linux/major.h> | ||
34 | #include <linux/sched.h> | ||
35 | #include <linux/slab.h> | ||
36 | #include <linux/poll.h> | ||
37 | #include <linux/fcntl.h> | ||
38 | #include <linux/init.h> | ||
39 | #include <linux/interrupt.h> | ||
40 | #include <linux/socket.h> | ||
41 | #include <linux/skbuff.h> | ||
42 | #include <linux/proc_fs.h> | ||
43 | #include <linux/seq_file.h> | ||
44 | #include <linux/list.h> | ||
45 | #include <net/sock.h> | ||
46 | |||
47 | #include <asm/system.h> | ||
48 | #include <asm/uaccess.h> | ||
49 | #include <asm/unaligned.h> | ||
50 | |||
51 | #include <net/bluetooth/bluetooth.h> | ||
52 | #include <net/bluetooth/hci_core.h> | ||
53 | #include <net/bluetooth/l2cap.h> | ||
54 | |||
55 | #ifndef CONFIG_BT_L2CAP_DEBUG | ||
56 | #undef BT_DBG | ||
57 | #define BT_DBG(D...) | ||
58 | #endif | ||
59 | |||
60 | #define VERSION "2.7" | ||
61 | |||
62 | static struct proto_ops l2cap_sock_ops; | ||
63 | |||
64 | static struct bt_sock_list l2cap_sk_list = { | ||
65 | .lock = RW_LOCK_UNLOCKED | ||
66 | }; | ||
67 | |||
68 | static int l2cap_conn_del(struct hci_conn *conn, int err); | ||
69 | |||
70 | static void __l2cap_chan_add(struct l2cap_conn *conn, struct sock *sk, struct sock *parent); | ||
71 | static void l2cap_chan_del(struct sock *sk, int err); | ||
72 | |||
73 | static void __l2cap_sock_close(struct sock *sk, int reason); | ||
74 | static void l2cap_sock_close(struct sock *sk); | ||
75 | static void l2cap_sock_kill(struct sock *sk); | ||
76 | |||
77 | static struct sk_buff *l2cap_build_cmd(struct l2cap_conn *conn, | ||
78 | u8 code, u8 ident, u16 dlen, void *data); | ||
79 | |||
80 | /* ---- L2CAP timers ---- */ | ||
81 | static void l2cap_sock_timeout(unsigned long arg) | ||
82 | { | ||
83 | struct sock *sk = (struct sock *) arg; | ||
84 | |||
85 | BT_DBG("sock %p state %d", sk, sk->sk_state); | ||
86 | |||
87 | bh_lock_sock(sk); | ||
88 | __l2cap_sock_close(sk, ETIMEDOUT); | ||
89 | bh_unlock_sock(sk); | ||
90 | |||
91 | l2cap_sock_kill(sk); | ||
92 | sock_put(sk); | ||
93 | } | ||
94 | |||
95 | static void l2cap_sock_set_timer(struct sock *sk, long timeout) | ||
96 | { | ||
97 | BT_DBG("sk %p state %d timeout %ld", sk, sk->sk_state, timeout); | ||
98 | sk_reset_timer(sk, &sk->sk_timer, jiffies + timeout); | ||
99 | } | ||
100 | |||
101 | static void l2cap_sock_clear_timer(struct sock *sk) | ||
102 | { | ||
103 | BT_DBG("sock %p state %d", sk, sk->sk_state); | ||
104 | sk_stop_timer(sk, &sk->sk_timer); | ||
105 | } | ||
106 | |||
107 | static void l2cap_sock_init_timer(struct sock *sk) | ||
108 | { | ||
109 | init_timer(&sk->sk_timer); | ||
110 | sk->sk_timer.function = l2cap_sock_timeout; | ||
111 | sk->sk_timer.data = (unsigned long)sk; | ||
112 | } | ||
113 | |||
114 | /* ---- L2CAP connections ---- */ | ||
115 | static struct l2cap_conn *l2cap_conn_add(struct hci_conn *hcon, u8 status) | ||
116 | { | ||
117 | struct l2cap_conn *conn; | ||
118 | |||
119 | if ((conn = hcon->l2cap_data)) | ||
120 | return conn; | ||
121 | |||
122 | if (status) | ||
123 | return conn; | ||
124 | |||
125 | if (!(conn = kmalloc(sizeof(struct l2cap_conn), GFP_ATOMIC))) | ||
126 | return NULL; | ||
127 | memset(conn, 0, sizeof(struct l2cap_conn)); | ||
128 | |||
129 | hcon->l2cap_data = conn; | ||
130 | conn->hcon = hcon; | ||
131 | |||
132 | conn->mtu = hcon->hdev->acl_mtu; | ||
133 | conn->src = &hcon->hdev->bdaddr; | ||
134 | conn->dst = &hcon->dst; | ||
135 | |||
136 | spin_lock_init(&conn->lock); | ||
137 | rwlock_init(&conn->chan_list.lock); | ||
138 | |||
139 | BT_DBG("hcon %p conn %p", hcon, conn); | ||
140 | return conn; | ||
141 | } | ||
142 | |||
143 | static int l2cap_conn_del(struct hci_conn *hcon, int err) | ||
144 | { | ||
145 | struct l2cap_conn *conn; | ||
146 | struct sock *sk; | ||
147 | |||
148 | if (!(conn = hcon->l2cap_data)) | ||
149 | return 0; | ||
150 | |||
151 | BT_DBG("hcon %p conn %p, err %d", hcon, conn, err); | ||
152 | |||
153 | if (conn->rx_skb) | ||
154 | kfree_skb(conn->rx_skb); | ||
155 | |||
156 | /* Kill channels */ | ||
157 | while ((sk = conn->chan_list.head)) { | ||
158 | bh_lock_sock(sk); | ||
159 | l2cap_chan_del(sk, err); | ||
160 | bh_unlock_sock(sk); | ||
161 | l2cap_sock_kill(sk); | ||
162 | } | ||
163 | |||
164 | hcon->l2cap_data = NULL; | ||
165 | kfree(conn); | ||
166 | return 0; | ||
167 | } | ||
168 | |||
169 | static inline void l2cap_chan_add(struct l2cap_conn *conn, struct sock *sk, struct sock *parent) | ||
170 | { | ||
171 | struct l2cap_chan_list *l = &conn->chan_list; | ||
172 | write_lock(&l->lock); | ||
173 | __l2cap_chan_add(conn, sk, parent); | ||
174 | write_unlock(&l->lock); | ||
175 | } | ||
176 | |||
177 | static inline u8 l2cap_get_ident(struct l2cap_conn *conn) | ||
178 | { | ||
179 | u8 id; | ||
180 | |||
181 | /* Get next available identificator. | ||
182 | * 1 - 128 are used by kernel. | ||
183 | * 129 - 199 are reserved. | ||
184 | * 200 - 254 are used by utilities like l2ping, etc. | ||
185 | */ | ||
186 | |||
187 | spin_lock(&conn->lock); | ||
188 | |||
189 | if (++conn->tx_ident > 128) | ||
190 | conn->tx_ident = 1; | ||
191 | |||
192 | id = conn->tx_ident; | ||
193 | |||
194 | spin_unlock(&conn->lock); | ||
195 | |||
196 | return id; | ||
197 | } | ||
198 | |||
199 | static inline int l2cap_send_cmd(struct l2cap_conn *conn, u8 ident, u8 code, u16 len, void *data) | ||
200 | { | ||
201 | struct sk_buff *skb = l2cap_build_cmd(conn, code, ident, len, data); | ||
202 | |||
203 | BT_DBG("code 0x%2.2x", code); | ||
204 | |||
205 | if (!skb) | ||
206 | return -ENOMEM; | ||
207 | |||
208 | return hci_send_acl(conn->hcon, skb, 0); | ||
209 | } | ||
210 | |||
211 | /* ---- Socket interface ---- */ | ||
212 | static struct sock *__l2cap_get_sock_by_addr(u16 psm, bdaddr_t *src) | ||
213 | { | ||
214 | struct sock *sk; | ||
215 | struct hlist_node *node; | ||
216 | sk_for_each(sk, node, &l2cap_sk_list.head) | ||
217 | if (l2cap_pi(sk)->sport == psm && !bacmp(&bt_sk(sk)->src, src)) | ||
218 | goto found; | ||
219 | sk = NULL; | ||
220 | found: | ||
221 | return sk; | ||
222 | } | ||
223 | |||
224 | /* Find socket with psm and source bdaddr. | ||
225 | * Returns closest match. | ||
226 | */ | ||
227 | static struct sock *__l2cap_get_sock_by_psm(int state, u16 psm, bdaddr_t *src) | ||
228 | { | ||
229 | struct sock *sk = NULL, *sk1 = NULL; | ||
230 | struct hlist_node *node; | ||
231 | |||
232 | sk_for_each(sk, node, &l2cap_sk_list.head) { | ||
233 | if (state && sk->sk_state != state) | ||
234 | continue; | ||
235 | |||
236 | if (l2cap_pi(sk)->psm == psm) { | ||
237 | /* Exact match. */ | ||
238 | if (!bacmp(&bt_sk(sk)->src, src)) | ||
239 | break; | ||
240 | |||
241 | /* Closest match */ | ||
242 | if (!bacmp(&bt_sk(sk)->src, BDADDR_ANY)) | ||
243 | sk1 = sk; | ||
244 | } | ||
245 | } | ||
246 | return node ? sk : sk1; | ||
247 | } | ||
248 | |||
249 | /* Find socket with given address (psm, src). | ||
250 | * Returns locked socket */ | ||
251 | static inline struct sock *l2cap_get_sock_by_psm(int state, u16 psm, bdaddr_t *src) | ||
252 | { | ||
253 | struct sock *s; | ||
254 | read_lock(&l2cap_sk_list.lock); | ||
255 | s = __l2cap_get_sock_by_psm(state, psm, src); | ||
256 | if (s) bh_lock_sock(s); | ||
257 | read_unlock(&l2cap_sk_list.lock); | ||
258 | return s; | ||
259 | } | ||
260 | |||
261 | static void l2cap_sock_destruct(struct sock *sk) | ||
262 | { | ||
263 | BT_DBG("sk %p", sk); | ||
264 | |||
265 | skb_queue_purge(&sk->sk_receive_queue); | ||
266 | skb_queue_purge(&sk->sk_write_queue); | ||
267 | } | ||
268 | |||
269 | static void l2cap_sock_cleanup_listen(struct sock *parent) | ||
270 | { | ||
271 | struct sock *sk; | ||
272 | |||
273 | BT_DBG("parent %p", parent); | ||
274 | |||
275 | /* Close not yet accepted channels */ | ||
276 | while ((sk = bt_accept_dequeue(parent, NULL))) | ||
277 | l2cap_sock_close(sk); | ||
278 | |||
279 | parent->sk_state = BT_CLOSED; | ||
280 | sock_set_flag(parent, SOCK_ZAPPED); | ||
281 | } | ||
282 | |||
283 | /* Kill socket (only if zapped and orphan) | ||
284 | * Must be called on unlocked socket. | ||
285 | */ | ||
286 | static void l2cap_sock_kill(struct sock *sk) | ||
287 | { | ||
288 | if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket) | ||
289 | return; | ||
290 | |||
291 | BT_DBG("sk %p state %d", sk, sk->sk_state); | ||
292 | |||
293 | /* Kill poor orphan */ | ||
294 | bt_sock_unlink(&l2cap_sk_list, sk); | ||
295 | sock_set_flag(sk, SOCK_DEAD); | ||
296 | sock_put(sk); | ||
297 | } | ||
298 | |||
299 | static void __l2cap_sock_close(struct sock *sk, int reason) | ||
300 | { | ||
301 | BT_DBG("sk %p state %d socket %p", sk, sk->sk_state, sk->sk_socket); | ||
302 | |||
303 | switch (sk->sk_state) { | ||
304 | case BT_LISTEN: | ||
305 | l2cap_sock_cleanup_listen(sk); | ||
306 | break; | ||
307 | |||
308 | case BT_CONNECTED: | ||
309 | case BT_CONFIG: | ||
310 | case BT_CONNECT2: | ||
311 | if (sk->sk_type == SOCK_SEQPACKET) { | ||
312 | struct l2cap_conn *conn = l2cap_pi(sk)->conn; | ||
313 | struct l2cap_disconn_req req; | ||
314 | |||
315 | sk->sk_state = BT_DISCONN; | ||
316 | l2cap_sock_set_timer(sk, sk->sk_sndtimeo); | ||
317 | |||
318 | req.dcid = __cpu_to_le16(l2cap_pi(sk)->dcid); | ||
319 | req.scid = __cpu_to_le16(l2cap_pi(sk)->scid); | ||
320 | l2cap_send_cmd(conn, l2cap_get_ident(conn), | ||
321 | L2CAP_DISCONN_REQ, sizeof(req), &req); | ||
322 | } else { | ||
323 | l2cap_chan_del(sk, reason); | ||
324 | } | ||
325 | break; | ||
326 | |||
327 | case BT_CONNECT: | ||
328 | case BT_DISCONN: | ||
329 | l2cap_chan_del(sk, reason); | ||
330 | break; | ||
331 | |||
332 | default: | ||
333 | sock_set_flag(sk, SOCK_ZAPPED); | ||
334 | break; | ||
335 | } | ||
336 | } | ||
337 | |||
338 | /* Must be called on unlocked socket. */ | ||
339 | static void l2cap_sock_close(struct sock *sk) | ||
340 | { | ||
341 | l2cap_sock_clear_timer(sk); | ||
342 | lock_sock(sk); | ||
343 | __l2cap_sock_close(sk, ECONNRESET); | ||
344 | release_sock(sk); | ||
345 | l2cap_sock_kill(sk); | ||
346 | } | ||
347 | |||
348 | static void l2cap_sock_init(struct sock *sk, struct sock *parent) | ||
349 | { | ||
350 | struct l2cap_pinfo *pi = l2cap_pi(sk); | ||
351 | |||
352 | BT_DBG("sk %p", sk); | ||
353 | |||
354 | if (parent) { | ||
355 | sk->sk_type = parent->sk_type; | ||
356 | pi->imtu = l2cap_pi(parent)->imtu; | ||
357 | pi->omtu = l2cap_pi(parent)->omtu; | ||
358 | pi->link_mode = l2cap_pi(parent)->link_mode; | ||
359 | } else { | ||
360 | pi->imtu = L2CAP_DEFAULT_MTU; | ||
361 | pi->omtu = 0; | ||
362 | pi->link_mode = 0; | ||
363 | } | ||
364 | |||
365 | /* Default config options */ | ||
366 | pi->conf_mtu = L2CAP_DEFAULT_MTU; | ||
367 | pi->flush_to = L2CAP_DEFAULT_FLUSH_TO; | ||
368 | } | ||
369 | |||
370 | static struct proto l2cap_proto = { | ||
371 | .name = "L2CAP", | ||
372 | .owner = THIS_MODULE, | ||
373 | .obj_size = sizeof(struct l2cap_pinfo) | ||
374 | }; | ||
375 | |||
376 | static struct sock *l2cap_sock_alloc(struct socket *sock, int proto, int prio) | ||
377 | { | ||
378 | struct sock *sk; | ||
379 | |||
380 | sk = sk_alloc(PF_BLUETOOTH, prio, &l2cap_proto, 1); | ||
381 | if (!sk) | ||
382 | return NULL; | ||
383 | |||
384 | sock_init_data(sock, sk); | ||
385 | INIT_LIST_HEAD(&bt_sk(sk)->accept_q); | ||
386 | |||
387 | sk->sk_destruct = l2cap_sock_destruct; | ||
388 | sk->sk_sndtimeo = L2CAP_CONN_TIMEOUT; | ||
389 | |||
390 | sock_reset_flag(sk, SOCK_ZAPPED); | ||
391 | |||
392 | sk->sk_protocol = proto; | ||
393 | sk->sk_state = BT_OPEN; | ||
394 | |||
395 | l2cap_sock_init_timer(sk); | ||
396 | |||
397 | bt_sock_link(&l2cap_sk_list, sk); | ||
398 | return sk; | ||
399 | } | ||
400 | |||
401 | static int l2cap_sock_create(struct socket *sock, int protocol) | ||
402 | { | ||
403 | struct sock *sk; | ||
404 | |||
405 | BT_DBG("sock %p", sock); | ||
406 | |||
407 | sock->state = SS_UNCONNECTED; | ||
408 | |||
409 | if (sock->type != SOCK_SEQPACKET && | ||
410 | sock->type != SOCK_DGRAM && sock->type != SOCK_RAW) | ||
411 | return -ESOCKTNOSUPPORT; | ||
412 | |||
413 | if (sock->type == SOCK_RAW && !capable(CAP_NET_RAW)) | ||
414 | return -EPERM; | ||
415 | |||
416 | sock->ops = &l2cap_sock_ops; | ||
417 | |||
418 | sk = l2cap_sock_alloc(sock, protocol, GFP_KERNEL); | ||
419 | if (!sk) | ||
420 | return -ENOMEM; | ||
421 | |||
422 | l2cap_sock_init(sk, NULL); | ||
423 | return 0; | ||
424 | } | ||
425 | |||
426 | static int l2cap_sock_bind(struct socket *sock, struct sockaddr *addr, int addr_len) | ||
427 | { | ||
428 | struct sockaddr_l2 *la = (struct sockaddr_l2 *) addr; | ||
429 | struct sock *sk = sock->sk; | ||
430 | int err = 0; | ||
431 | |||
432 | BT_DBG("sk %p, %s %d", sk, batostr(&la->l2_bdaddr), la->l2_psm); | ||
433 | |||
434 | if (!addr || addr->sa_family != AF_BLUETOOTH) | ||
435 | return -EINVAL; | ||
436 | |||
437 | lock_sock(sk); | ||
438 | |||
439 | if (sk->sk_state != BT_OPEN) { | ||
440 | err = -EBADFD; | ||
441 | goto done; | ||
442 | } | ||
443 | |||
444 | write_lock_bh(&l2cap_sk_list.lock); | ||
445 | |||
446 | if (la->l2_psm && __l2cap_get_sock_by_addr(la->l2_psm, &la->l2_bdaddr)) { | ||
447 | err = -EADDRINUSE; | ||
448 | } else { | ||
449 | /* Save source address */ | ||
450 | bacpy(&bt_sk(sk)->src, &la->l2_bdaddr); | ||
451 | l2cap_pi(sk)->psm = la->l2_psm; | ||
452 | l2cap_pi(sk)->sport = la->l2_psm; | ||
453 | sk->sk_state = BT_BOUND; | ||
454 | } | ||
455 | |||
456 | write_unlock_bh(&l2cap_sk_list.lock); | ||
457 | |||
458 | done: | ||
459 | release_sock(sk); | ||
460 | return err; | ||
461 | } | ||
462 | |||
463 | static int l2cap_do_connect(struct sock *sk) | ||
464 | { | ||
465 | bdaddr_t *src = &bt_sk(sk)->src; | ||
466 | bdaddr_t *dst = &bt_sk(sk)->dst; | ||
467 | struct l2cap_conn *conn; | ||
468 | struct hci_conn *hcon; | ||
469 | struct hci_dev *hdev; | ||
470 | int err = 0; | ||
471 | |||
472 | BT_DBG("%s -> %s psm 0x%2.2x", batostr(src), batostr(dst), l2cap_pi(sk)->psm); | ||
473 | |||
474 | if (!(hdev = hci_get_route(dst, src))) | ||
475 | return -EHOSTUNREACH; | ||
476 | |||
477 | hci_dev_lock_bh(hdev); | ||
478 | |||
479 | err = -ENOMEM; | ||
480 | |||
481 | hcon = hci_connect(hdev, ACL_LINK, dst); | ||
482 | if (!hcon) | ||
483 | goto done; | ||
484 | |||
485 | conn = l2cap_conn_add(hcon, 0); | ||
486 | if (!conn) { | ||
487 | hci_conn_put(hcon); | ||
488 | goto done; | ||
489 | } | ||
490 | |||
491 | err = 0; | ||
492 | |||
493 | /* Update source addr of the socket */ | ||
494 | bacpy(src, conn->src); | ||
495 | |||
496 | l2cap_chan_add(conn, sk, NULL); | ||
497 | |||
498 | sk->sk_state = BT_CONNECT; | ||
499 | l2cap_sock_set_timer(sk, sk->sk_sndtimeo); | ||
500 | |||
501 | if (hcon->state == BT_CONNECTED) { | ||
502 | if (sk->sk_type == SOCK_SEQPACKET) { | ||
503 | struct l2cap_conn_req req; | ||
504 | l2cap_pi(sk)->ident = l2cap_get_ident(conn); | ||
505 | req.scid = __cpu_to_le16(l2cap_pi(sk)->scid); | ||
506 | req.psm = l2cap_pi(sk)->psm; | ||
507 | l2cap_send_cmd(conn, l2cap_pi(sk)->ident, | ||
508 | L2CAP_CONN_REQ, sizeof(req), &req); | ||
509 | } else { | ||
510 | l2cap_sock_clear_timer(sk); | ||
511 | sk->sk_state = BT_CONNECTED; | ||
512 | } | ||
513 | } | ||
514 | |||
515 | done: | ||
516 | hci_dev_unlock_bh(hdev); | ||
517 | hci_dev_put(hdev); | ||
518 | return err; | ||
519 | } | ||
520 | |||
521 | static int l2cap_sock_connect(struct socket *sock, struct sockaddr *addr, int alen, int flags) | ||
522 | { | ||
523 | struct sockaddr_l2 *la = (struct sockaddr_l2 *) addr; | ||
524 | struct sock *sk = sock->sk; | ||
525 | int err = 0; | ||
526 | |||
527 | lock_sock(sk); | ||
528 | |||
529 | BT_DBG("sk %p", sk); | ||
530 | |||
531 | if (addr->sa_family != AF_BLUETOOTH || alen < sizeof(struct sockaddr_l2)) { | ||
532 | err = -EINVAL; | ||
533 | goto done; | ||
534 | } | ||
535 | |||
536 | if (sk->sk_type == SOCK_SEQPACKET && !la->l2_psm) { | ||
537 | err = -EINVAL; | ||
538 | goto done; | ||
539 | } | ||
540 | |||
541 | switch(sk->sk_state) { | ||
542 | case BT_CONNECT: | ||
543 | case BT_CONNECT2: | ||
544 | case BT_CONFIG: | ||
545 | /* Already connecting */ | ||
546 | goto wait; | ||
547 | |||
548 | case BT_CONNECTED: | ||
549 | /* Already connected */ | ||
550 | goto done; | ||
551 | |||
552 | case BT_OPEN: | ||
553 | case BT_BOUND: | ||
554 | /* Can connect */ | ||
555 | break; | ||
556 | |||
557 | default: | ||
558 | err = -EBADFD; | ||
559 | goto done; | ||
560 | } | ||
561 | |||
562 | /* Set destination address and psm */ | ||
563 | bacpy(&bt_sk(sk)->dst, &la->l2_bdaddr); | ||
564 | l2cap_pi(sk)->psm = la->l2_psm; | ||
565 | |||
566 | if ((err = l2cap_do_connect(sk))) | ||
567 | goto done; | ||
568 | |||
569 | wait: | ||
570 | err = bt_sock_wait_state(sk, BT_CONNECTED, | ||
571 | sock_sndtimeo(sk, flags & O_NONBLOCK)); | ||
572 | done: | ||
573 | release_sock(sk); | ||
574 | return err; | ||
575 | } | ||
576 | |||
577 | static int l2cap_sock_listen(struct socket *sock, int backlog) | ||
578 | { | ||
579 | struct sock *sk = sock->sk; | ||
580 | int err = 0; | ||
581 | |||
582 | BT_DBG("sk %p backlog %d", sk, backlog); | ||
583 | |||
584 | lock_sock(sk); | ||
585 | |||
586 | if (sk->sk_state != BT_BOUND || sock->type != SOCK_SEQPACKET) { | ||
587 | err = -EBADFD; | ||
588 | goto done; | ||
589 | } | ||
590 | |||
591 | if (!l2cap_pi(sk)->psm) { | ||
592 | bdaddr_t *src = &bt_sk(sk)->src; | ||
593 | u16 psm; | ||
594 | |||
595 | err = -EINVAL; | ||
596 | |||
597 | write_lock_bh(&l2cap_sk_list.lock); | ||
598 | |||
599 | for (psm = 0x1001; psm < 0x1100; psm += 2) | ||
600 | if (!__l2cap_get_sock_by_addr(psm, src)) { | ||
601 | l2cap_pi(sk)->psm = htobs(psm); | ||
602 | l2cap_pi(sk)->sport = htobs(psm); | ||
603 | err = 0; | ||
604 | break; | ||
605 | } | ||
606 | |||
607 | write_unlock_bh(&l2cap_sk_list.lock); | ||
608 | |||
609 | if (err < 0) | ||
610 | goto done; | ||
611 | } | ||
612 | |||
613 | sk->sk_max_ack_backlog = backlog; | ||
614 | sk->sk_ack_backlog = 0; | ||
615 | sk->sk_state = BT_LISTEN; | ||
616 | |||
617 | done: | ||
618 | release_sock(sk); | ||
619 | return err; | ||
620 | } | ||
621 | |||
622 | static int l2cap_sock_accept(struct socket *sock, struct socket *newsock, int flags) | ||
623 | { | ||
624 | DECLARE_WAITQUEUE(wait, current); | ||
625 | struct sock *sk = sock->sk, *nsk; | ||
626 | long timeo; | ||
627 | int err = 0; | ||
628 | |||
629 | lock_sock(sk); | ||
630 | |||
631 | if (sk->sk_state != BT_LISTEN) { | ||
632 | err = -EBADFD; | ||
633 | goto done; | ||
634 | } | ||
635 | |||
636 | timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK); | ||
637 | |||
638 | BT_DBG("sk %p timeo %ld", sk, timeo); | ||
639 | |||
640 | /* Wait for an incoming connection. (wake-one). */ | ||
641 | add_wait_queue_exclusive(sk->sk_sleep, &wait); | ||
642 | while (!(nsk = bt_accept_dequeue(sk, newsock))) { | ||
643 | set_current_state(TASK_INTERRUPTIBLE); | ||
644 | if (!timeo) { | ||
645 | err = -EAGAIN; | ||
646 | break; | ||
647 | } | ||
648 | |||
649 | release_sock(sk); | ||
650 | timeo = schedule_timeout(timeo); | ||
651 | lock_sock(sk); | ||
652 | |||
653 | if (sk->sk_state != BT_LISTEN) { | ||
654 | err = -EBADFD; | ||
655 | break; | ||
656 | } | ||
657 | |||
658 | if (signal_pending(current)) { | ||
659 | err = sock_intr_errno(timeo); | ||
660 | break; | ||
661 | } | ||
662 | } | ||
663 | set_current_state(TASK_RUNNING); | ||
664 | remove_wait_queue(sk->sk_sleep, &wait); | ||
665 | |||
666 | if (err) | ||
667 | goto done; | ||
668 | |||
669 | newsock->state = SS_CONNECTED; | ||
670 | |||
671 | BT_DBG("new socket %p", nsk); | ||
672 | |||
673 | done: | ||
674 | release_sock(sk); | ||
675 | return err; | ||
676 | } | ||
677 | |||
678 | static int l2cap_sock_getname(struct socket *sock, struct sockaddr *addr, int *len, int peer) | ||
679 | { | ||
680 | struct sockaddr_l2 *la = (struct sockaddr_l2 *) addr; | ||
681 | struct sock *sk = sock->sk; | ||
682 | |||
683 | BT_DBG("sock %p, sk %p", sock, sk); | ||
684 | |||
685 | addr->sa_family = AF_BLUETOOTH; | ||
686 | *len = sizeof(struct sockaddr_l2); | ||
687 | |||
688 | if (peer) | ||
689 | bacpy(&la->l2_bdaddr, &bt_sk(sk)->dst); | ||
690 | else | ||
691 | bacpy(&la->l2_bdaddr, &bt_sk(sk)->src); | ||
692 | |||
693 | la->l2_psm = l2cap_pi(sk)->psm; | ||
694 | return 0; | ||
695 | } | ||
696 | |||
697 | static inline int l2cap_do_send(struct sock *sk, struct msghdr *msg, int len) | ||
698 | { | ||
699 | struct l2cap_conn *conn = l2cap_pi(sk)->conn; | ||
700 | struct sk_buff *skb, **frag; | ||
701 | int err, hlen, count, sent=0; | ||
702 | struct l2cap_hdr *lh; | ||
703 | |||
704 | BT_DBG("sk %p len %d", sk, len); | ||
705 | |||
706 | /* First fragment (with L2CAP header) */ | ||
707 | if (sk->sk_type == SOCK_DGRAM) | ||
708 | hlen = L2CAP_HDR_SIZE + 2; | ||
709 | else | ||
710 | hlen = L2CAP_HDR_SIZE; | ||
711 | |||
712 | count = min_t(unsigned int, (conn->mtu - hlen), len); | ||
713 | |||
714 | skb = bt_skb_send_alloc(sk, hlen + count, | ||
715 | msg->msg_flags & MSG_DONTWAIT, &err); | ||
716 | if (!skb) | ||
717 | return err; | ||
718 | |||
719 | /* Create L2CAP header */ | ||
720 | lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE); | ||
721 | lh->cid = __cpu_to_le16(l2cap_pi(sk)->dcid); | ||
722 | lh->len = __cpu_to_le16(len + (hlen - L2CAP_HDR_SIZE)); | ||
723 | |||
724 | if (sk->sk_type == SOCK_DGRAM) | ||
725 | put_unaligned(l2cap_pi(sk)->psm, (u16 *) skb_put(skb, 2)); | ||
726 | |||
727 | if (memcpy_fromiovec(skb_put(skb, count), msg->msg_iov, count)) { | ||
728 | err = -EFAULT; | ||
729 | goto fail; | ||
730 | } | ||
731 | |||
732 | sent += count; | ||
733 | len -= count; | ||
734 | |||
735 | /* Continuation fragments (no L2CAP header) */ | ||
736 | frag = &skb_shinfo(skb)->frag_list; | ||
737 | while (len) { | ||
738 | count = min_t(unsigned int, conn->mtu, len); | ||
739 | |||
740 | *frag = bt_skb_send_alloc(sk, count, msg->msg_flags & MSG_DONTWAIT, &err); | ||
741 | if (!*frag) | ||
742 | goto fail; | ||
743 | |||
744 | if (memcpy_fromiovec(skb_put(*frag, count), msg->msg_iov, count)) { | ||
745 | err = -EFAULT; | ||
746 | goto fail; | ||
747 | } | ||
748 | |||
749 | sent += count; | ||
750 | len -= count; | ||
751 | |||
752 | frag = &(*frag)->next; | ||
753 | } | ||
754 | |||
755 | if ((err = hci_send_acl(conn->hcon, skb, 0)) < 0) | ||
756 | goto fail; | ||
757 | |||
758 | return sent; | ||
759 | |||
760 | fail: | ||
761 | kfree_skb(skb); | ||
762 | return err; | ||
763 | } | ||
764 | |||
765 | static int l2cap_sock_sendmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *msg, size_t len) | ||
766 | { | ||
767 | struct sock *sk = sock->sk; | ||
768 | int err = 0; | ||
769 | |||
770 | BT_DBG("sock %p, sk %p", sock, sk); | ||
771 | |||
772 | if (sk->sk_err) | ||
773 | return sock_error(sk); | ||
774 | |||
775 | if (msg->msg_flags & MSG_OOB) | ||
776 | return -EOPNOTSUPP; | ||
777 | |||
778 | /* Check outgoing MTU */ | ||
779 | if (sk->sk_type != SOCK_RAW && len > l2cap_pi(sk)->omtu) | ||
780 | return -EINVAL; | ||
781 | |||
782 | lock_sock(sk); | ||
783 | |||
784 | if (sk->sk_state == BT_CONNECTED) | ||
785 | err = l2cap_do_send(sk, msg, len); | ||
786 | else | ||
787 | err = -ENOTCONN; | ||
788 | |||
789 | release_sock(sk); | ||
790 | return err; | ||
791 | } | ||
792 | |||
793 | static int l2cap_sock_setsockopt(struct socket *sock, int level, int optname, char __user *optval, int optlen) | ||
794 | { | ||
795 | struct sock *sk = sock->sk; | ||
796 | struct l2cap_options opts; | ||
797 | int err = 0, len; | ||
798 | u32 opt; | ||
799 | |||
800 | BT_DBG("sk %p", sk); | ||
801 | |||
802 | lock_sock(sk); | ||
803 | |||
804 | switch (optname) { | ||
805 | case L2CAP_OPTIONS: | ||
806 | len = min_t(unsigned int, sizeof(opts), optlen); | ||
807 | if (copy_from_user((char *) &opts, optval, len)) { | ||
808 | err = -EFAULT; | ||
809 | break; | ||
810 | } | ||
811 | l2cap_pi(sk)->imtu = opts.imtu; | ||
812 | l2cap_pi(sk)->omtu = opts.omtu; | ||
813 | break; | ||
814 | |||
815 | case L2CAP_LM: | ||
816 | if (get_user(opt, (u32 __user *) optval)) { | ||
817 | err = -EFAULT; | ||
818 | break; | ||
819 | } | ||
820 | |||
821 | l2cap_pi(sk)->link_mode = opt; | ||
822 | break; | ||
823 | |||
824 | default: | ||
825 | err = -ENOPROTOOPT; | ||
826 | break; | ||
827 | } | ||
828 | |||
829 | release_sock(sk); | ||
830 | return err; | ||
831 | } | ||
832 | |||
833 | static int l2cap_sock_getsockopt(struct socket *sock, int level, int optname, char __user *optval, int __user *optlen) | ||
834 | { | ||
835 | struct sock *sk = sock->sk; | ||
836 | struct l2cap_options opts; | ||
837 | struct l2cap_conninfo cinfo; | ||
838 | int len, err = 0; | ||
839 | |||
840 | BT_DBG("sk %p", sk); | ||
841 | |||
842 | if (get_user(len, optlen)) | ||
843 | return -EFAULT; | ||
844 | |||
845 | lock_sock(sk); | ||
846 | |||
847 | switch (optname) { | ||
848 | case L2CAP_OPTIONS: | ||
849 | opts.imtu = l2cap_pi(sk)->imtu; | ||
850 | opts.omtu = l2cap_pi(sk)->omtu; | ||
851 | opts.flush_to = l2cap_pi(sk)->flush_to; | ||
852 | opts.mode = 0x00; | ||
853 | |||
854 | len = min_t(unsigned int, len, sizeof(opts)); | ||
855 | if (copy_to_user(optval, (char *) &opts, len)) | ||
856 | err = -EFAULT; | ||
857 | |||
858 | break; | ||
859 | |||
860 | case L2CAP_LM: | ||
861 | if (put_user(l2cap_pi(sk)->link_mode, (u32 __user *) optval)) | ||
862 | err = -EFAULT; | ||
863 | break; | ||
864 | |||
865 | case L2CAP_CONNINFO: | ||
866 | if (sk->sk_state != BT_CONNECTED) { | ||
867 | err = -ENOTCONN; | ||
868 | break; | ||
869 | } | ||
870 | |||
871 | cinfo.hci_handle = l2cap_pi(sk)->conn->hcon->handle; | ||
872 | memcpy(cinfo.dev_class, l2cap_pi(sk)->conn->hcon->dev_class, 3); | ||
873 | |||
874 | len = min_t(unsigned int, len, sizeof(cinfo)); | ||
875 | if (copy_to_user(optval, (char *) &cinfo, len)) | ||
876 | err = -EFAULT; | ||
877 | |||
878 | break; | ||
879 | |||
880 | default: | ||
881 | err = -ENOPROTOOPT; | ||
882 | break; | ||
883 | } | ||
884 | |||
885 | release_sock(sk); | ||
886 | return err; | ||
887 | } | ||
888 | |||
889 | static int l2cap_sock_shutdown(struct socket *sock, int how) | ||
890 | { | ||
891 | struct sock *sk = sock->sk; | ||
892 | int err = 0; | ||
893 | |||
894 | BT_DBG("sock %p, sk %p", sock, sk); | ||
895 | |||
896 | if (!sk) | ||
897 | return 0; | ||
898 | |||
899 | lock_sock(sk); | ||
900 | if (!sk->sk_shutdown) { | ||
901 | sk->sk_shutdown = SHUTDOWN_MASK; | ||
902 | l2cap_sock_clear_timer(sk); | ||
903 | __l2cap_sock_close(sk, 0); | ||
904 | |||
905 | if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime) | ||
906 | err = bt_sock_wait_state(sk, BT_CLOSED, sk->sk_lingertime); | ||
907 | } | ||
908 | release_sock(sk); | ||
909 | return err; | ||
910 | } | ||
911 | |||
912 | static int l2cap_sock_release(struct socket *sock) | ||
913 | { | ||
914 | struct sock *sk = sock->sk; | ||
915 | int err; | ||
916 | |||
917 | BT_DBG("sock %p, sk %p", sock, sk); | ||
918 | |||
919 | if (!sk) | ||
920 | return 0; | ||
921 | |||
922 | err = l2cap_sock_shutdown(sock, 2); | ||
923 | |||
924 | sock_orphan(sk); | ||
925 | l2cap_sock_kill(sk); | ||
926 | return err; | ||
927 | } | ||
928 | |||
929 | /* ---- L2CAP channels ---- */ | ||
930 | static struct sock *__l2cap_get_chan_by_dcid(struct l2cap_chan_list *l, u16 cid) | ||
931 | { | ||
932 | struct sock *s; | ||
933 | for (s = l->head; s; s = l2cap_pi(s)->next_c) { | ||
934 | if (l2cap_pi(s)->dcid == cid) | ||
935 | break; | ||
936 | } | ||
937 | return s; | ||
938 | } | ||
939 | |||
940 | static struct sock *__l2cap_get_chan_by_scid(struct l2cap_chan_list *l, u16 cid) | ||
941 | { | ||
942 | struct sock *s; | ||
943 | for (s = l->head; s; s = l2cap_pi(s)->next_c) { | ||
944 | if (l2cap_pi(s)->scid == cid) | ||
945 | break; | ||
946 | } | ||
947 | return s; | ||
948 | } | ||
949 | |||
950 | /* Find channel with given SCID. | ||
951 | * Returns locked socket */ | ||
952 | static inline struct sock *l2cap_get_chan_by_scid(struct l2cap_chan_list *l, u16 cid) | ||
953 | { | ||
954 | struct sock *s; | ||
955 | read_lock(&l->lock); | ||
956 | s = __l2cap_get_chan_by_scid(l, cid); | ||
957 | if (s) bh_lock_sock(s); | ||
958 | read_unlock(&l->lock); | ||
959 | return s; | ||
960 | } | ||
961 | |||
962 | static struct sock *__l2cap_get_chan_by_ident(struct l2cap_chan_list *l, u8 ident) | ||
963 | { | ||
964 | struct sock *s; | ||
965 | for (s = l->head; s; s = l2cap_pi(s)->next_c) { | ||
966 | if (l2cap_pi(s)->ident == ident) | ||
967 | break; | ||
968 | } | ||
969 | return s; | ||
970 | } | ||
971 | |||
972 | static inline struct sock *l2cap_get_chan_by_ident(struct l2cap_chan_list *l, u8 ident) | ||
973 | { | ||
974 | struct sock *s; | ||
975 | read_lock(&l->lock); | ||
976 | s = __l2cap_get_chan_by_ident(l, ident); | ||
977 | if (s) bh_lock_sock(s); | ||
978 | read_unlock(&l->lock); | ||
979 | return s; | ||
980 | } | ||
981 | |||
982 | static u16 l2cap_alloc_cid(struct l2cap_chan_list *l) | ||
983 | { | ||
984 | u16 cid = 0x0040; | ||
985 | |||
986 | for (; cid < 0xffff; cid++) { | ||
987 | if(!__l2cap_get_chan_by_scid(l, cid)) | ||
988 | return cid; | ||
989 | } | ||
990 | |||
991 | return 0; | ||
992 | } | ||
993 | |||
994 | static inline void __l2cap_chan_link(struct l2cap_chan_list *l, struct sock *sk) | ||
995 | { | ||
996 | sock_hold(sk); | ||
997 | |||
998 | if (l->head) | ||
999 | l2cap_pi(l->head)->prev_c = sk; | ||
1000 | |||
1001 | l2cap_pi(sk)->next_c = l->head; | ||
1002 | l2cap_pi(sk)->prev_c = NULL; | ||
1003 | l->head = sk; | ||
1004 | } | ||
1005 | |||
1006 | static inline void l2cap_chan_unlink(struct l2cap_chan_list *l, struct sock *sk) | ||
1007 | { | ||
1008 | struct sock *next = l2cap_pi(sk)->next_c, *prev = l2cap_pi(sk)->prev_c; | ||
1009 | |||
1010 | write_lock(&l->lock); | ||
1011 | if (sk == l->head) | ||
1012 | l->head = next; | ||
1013 | |||
1014 | if (next) | ||
1015 | l2cap_pi(next)->prev_c = prev; | ||
1016 | if (prev) | ||
1017 | l2cap_pi(prev)->next_c = next; | ||
1018 | write_unlock(&l->lock); | ||
1019 | |||
1020 | __sock_put(sk); | ||
1021 | } | ||
1022 | |||
1023 | static void __l2cap_chan_add(struct l2cap_conn *conn, struct sock *sk, struct sock *parent) | ||
1024 | { | ||
1025 | struct l2cap_chan_list *l = &conn->chan_list; | ||
1026 | |||
1027 | BT_DBG("conn %p, psm 0x%2.2x, dcid 0x%4.4x", conn, l2cap_pi(sk)->psm, l2cap_pi(sk)->dcid); | ||
1028 | |||
1029 | l2cap_pi(sk)->conn = conn; | ||
1030 | |||
1031 | if (sk->sk_type == SOCK_SEQPACKET) { | ||
1032 | /* Alloc CID for connection-oriented socket */ | ||
1033 | l2cap_pi(sk)->scid = l2cap_alloc_cid(l); | ||
1034 | } else if (sk->sk_type == SOCK_DGRAM) { | ||
1035 | /* Connectionless socket */ | ||
1036 | l2cap_pi(sk)->scid = 0x0002; | ||
1037 | l2cap_pi(sk)->dcid = 0x0002; | ||
1038 | l2cap_pi(sk)->omtu = L2CAP_DEFAULT_MTU; | ||
1039 | } else { | ||
1040 | /* Raw socket can send/recv signalling messages only */ | ||
1041 | l2cap_pi(sk)->scid = 0x0001; | ||
1042 | l2cap_pi(sk)->dcid = 0x0001; | ||
1043 | l2cap_pi(sk)->omtu = L2CAP_DEFAULT_MTU; | ||
1044 | } | ||
1045 | |||
1046 | __l2cap_chan_link(l, sk); | ||
1047 | |||
1048 | if (parent) | ||
1049 | bt_accept_enqueue(parent, sk); | ||
1050 | } | ||
1051 | |||
1052 | /* Delete channel. | ||
1053 | * Must be called on the locked socket. */ | ||
1054 | static void l2cap_chan_del(struct sock *sk, int err) | ||
1055 | { | ||
1056 | struct l2cap_conn *conn = l2cap_pi(sk)->conn; | ||
1057 | struct sock *parent = bt_sk(sk)->parent; | ||
1058 | |||
1059 | l2cap_sock_clear_timer(sk); | ||
1060 | |||
1061 | BT_DBG("sk %p, conn %p, err %d", sk, conn, err); | ||
1062 | |||
1063 | if (conn) { | ||
1064 | /* Unlink from channel list */ | ||
1065 | l2cap_chan_unlink(&conn->chan_list, sk); | ||
1066 | l2cap_pi(sk)->conn = NULL; | ||
1067 | hci_conn_put(conn->hcon); | ||
1068 | } | ||
1069 | |||
1070 | sk->sk_state = BT_CLOSED; | ||
1071 | sock_set_flag(sk, SOCK_ZAPPED); | ||
1072 | |||
1073 | if (err) | ||
1074 | sk->sk_err = err; | ||
1075 | |||
1076 | if (parent) { | ||
1077 | bt_accept_unlink(sk); | ||
1078 | parent->sk_data_ready(parent, 0); | ||
1079 | } else | ||
1080 | sk->sk_state_change(sk); | ||
1081 | } | ||
1082 | |||
1083 | static void l2cap_conn_ready(struct l2cap_conn *conn) | ||
1084 | { | ||
1085 | struct l2cap_chan_list *l = &conn->chan_list; | ||
1086 | struct sock *sk; | ||
1087 | |||
1088 | BT_DBG("conn %p", conn); | ||
1089 | |||
1090 | read_lock(&l->lock); | ||
1091 | |||
1092 | for (sk = l->head; sk; sk = l2cap_pi(sk)->next_c) { | ||
1093 | bh_lock_sock(sk); | ||
1094 | |||
1095 | if (sk->sk_type != SOCK_SEQPACKET) { | ||
1096 | l2cap_sock_clear_timer(sk); | ||
1097 | sk->sk_state = BT_CONNECTED; | ||
1098 | sk->sk_state_change(sk); | ||
1099 | } else if (sk->sk_state == BT_CONNECT) { | ||
1100 | struct l2cap_conn_req req; | ||
1101 | l2cap_pi(sk)->ident = l2cap_get_ident(conn); | ||
1102 | req.scid = __cpu_to_le16(l2cap_pi(sk)->scid); | ||
1103 | req.psm = l2cap_pi(sk)->psm; | ||
1104 | l2cap_send_cmd(conn, l2cap_pi(sk)->ident, L2CAP_CONN_REQ, sizeof(req), &req); | ||
1105 | } | ||
1106 | |||
1107 | bh_unlock_sock(sk); | ||
1108 | } | ||
1109 | |||
1110 | read_unlock(&l->lock); | ||
1111 | } | ||
1112 | |||
1113 | /* Notify sockets that we cannot guaranty reliability anymore */ | ||
1114 | static void l2cap_conn_unreliable(struct l2cap_conn *conn, int err) | ||
1115 | { | ||
1116 | struct l2cap_chan_list *l = &conn->chan_list; | ||
1117 | struct sock *sk; | ||
1118 | |||
1119 | BT_DBG("conn %p", conn); | ||
1120 | |||
1121 | read_lock(&l->lock); | ||
1122 | for (sk = l->head; sk; sk = l2cap_pi(sk)->next_c) { | ||
1123 | if (l2cap_pi(sk)->link_mode & L2CAP_LM_RELIABLE) | ||
1124 | sk->sk_err = err; | ||
1125 | } | ||
1126 | read_unlock(&l->lock); | ||
1127 | } | ||
1128 | |||
1129 | static void l2cap_chan_ready(struct sock *sk) | ||
1130 | { | ||
1131 | struct sock *parent = bt_sk(sk)->parent; | ||
1132 | |||
1133 | BT_DBG("sk %p, parent %p", sk, parent); | ||
1134 | |||
1135 | l2cap_pi(sk)->conf_state = 0; | ||
1136 | l2cap_sock_clear_timer(sk); | ||
1137 | |||
1138 | if (!parent) { | ||
1139 | /* Outgoing channel. | ||
1140 | * Wake up socket sleeping on connect. | ||
1141 | */ | ||
1142 | sk->sk_state = BT_CONNECTED; | ||
1143 | sk->sk_state_change(sk); | ||
1144 | } else { | ||
1145 | /* Incoming channel. | ||
1146 | * Wake up socket sleeping on accept. | ||
1147 | */ | ||
1148 | parent->sk_data_ready(parent, 0); | ||
1149 | } | ||
1150 | } | ||
1151 | |||
1152 | /* Copy frame to all raw sockets on that connection */ | ||
1153 | static void l2cap_raw_recv(struct l2cap_conn *conn, struct sk_buff *skb) | ||
1154 | { | ||
1155 | struct l2cap_chan_list *l = &conn->chan_list; | ||
1156 | struct sk_buff *nskb; | ||
1157 | struct sock * sk; | ||
1158 | |||
1159 | BT_DBG("conn %p", conn); | ||
1160 | |||
1161 | read_lock(&l->lock); | ||
1162 | for (sk = l->head; sk; sk = l2cap_pi(sk)->next_c) { | ||
1163 | if (sk->sk_type != SOCK_RAW) | ||
1164 | continue; | ||
1165 | |||
1166 | /* Don't send frame to the socket it came from */ | ||
1167 | if (skb->sk == sk) | ||
1168 | continue; | ||
1169 | |||
1170 | if (!(nskb = skb_clone(skb, GFP_ATOMIC))) | ||
1171 | continue; | ||
1172 | |||
1173 | if (sock_queue_rcv_skb(sk, nskb)) | ||
1174 | kfree_skb(nskb); | ||
1175 | } | ||
1176 | read_unlock(&l->lock); | ||
1177 | } | ||
1178 | |||
1179 | /* ---- L2CAP signalling commands ---- */ | ||
1180 | static struct sk_buff *l2cap_build_cmd(struct l2cap_conn *conn, | ||
1181 | u8 code, u8 ident, u16 dlen, void *data) | ||
1182 | { | ||
1183 | struct sk_buff *skb, **frag; | ||
1184 | struct l2cap_cmd_hdr *cmd; | ||
1185 | struct l2cap_hdr *lh; | ||
1186 | int len, count; | ||
1187 | |||
1188 | BT_DBG("conn %p, code 0x%2.2x, ident 0x%2.2x, len %d", conn, code, ident, dlen); | ||
1189 | |||
1190 | len = L2CAP_HDR_SIZE + L2CAP_CMD_HDR_SIZE + dlen; | ||
1191 | count = min_t(unsigned int, conn->mtu, len); | ||
1192 | |||
1193 | skb = bt_skb_alloc(count, GFP_ATOMIC); | ||
1194 | if (!skb) | ||
1195 | return NULL; | ||
1196 | |||
1197 | lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE); | ||
1198 | lh->len = __cpu_to_le16(L2CAP_CMD_HDR_SIZE + dlen); | ||
1199 | lh->cid = __cpu_to_le16(0x0001); | ||
1200 | |||
1201 | cmd = (struct l2cap_cmd_hdr *) skb_put(skb, L2CAP_CMD_HDR_SIZE); | ||
1202 | cmd->code = code; | ||
1203 | cmd->ident = ident; | ||
1204 | cmd->len = __cpu_to_le16(dlen); | ||
1205 | |||
1206 | if (dlen) { | ||
1207 | count -= L2CAP_HDR_SIZE + L2CAP_CMD_HDR_SIZE; | ||
1208 | memcpy(skb_put(skb, count), data, count); | ||
1209 | data += count; | ||
1210 | } | ||
1211 | |||
1212 | len -= skb->len; | ||
1213 | |||
1214 | /* Continuation fragments (no L2CAP header) */ | ||
1215 | frag = &skb_shinfo(skb)->frag_list; | ||
1216 | while (len) { | ||
1217 | count = min_t(unsigned int, conn->mtu, len); | ||
1218 | |||
1219 | *frag = bt_skb_alloc(count, GFP_ATOMIC); | ||
1220 | if (!*frag) | ||
1221 | goto fail; | ||
1222 | |||
1223 | memcpy(skb_put(*frag, count), data, count); | ||
1224 | |||
1225 | len -= count; | ||
1226 | data += count; | ||
1227 | |||
1228 | frag = &(*frag)->next; | ||
1229 | } | ||
1230 | |||
1231 | return skb; | ||
1232 | |||
1233 | fail: | ||
1234 | kfree_skb(skb); | ||
1235 | return NULL; | ||
1236 | } | ||
1237 | |||
1238 | static inline int l2cap_get_conf_opt(void **ptr, int *type, int *olen, unsigned long *val) | ||
1239 | { | ||
1240 | struct l2cap_conf_opt *opt = *ptr; | ||
1241 | int len; | ||
1242 | |||
1243 | len = L2CAP_CONF_OPT_SIZE + opt->len; | ||
1244 | *ptr += len; | ||
1245 | |||
1246 | *type = opt->type; | ||
1247 | *olen = opt->len; | ||
1248 | |||
1249 | switch (opt->len) { | ||
1250 | case 1: | ||
1251 | *val = *((u8 *) opt->val); | ||
1252 | break; | ||
1253 | |||
1254 | case 2: | ||
1255 | *val = __le16_to_cpu(*((u16 *)opt->val)); | ||
1256 | break; | ||
1257 | |||
1258 | case 4: | ||
1259 | *val = __le32_to_cpu(*((u32 *)opt->val)); | ||
1260 | break; | ||
1261 | |||
1262 | default: | ||
1263 | *val = (unsigned long) opt->val; | ||
1264 | break; | ||
1265 | } | ||
1266 | |||
1267 | BT_DBG("type 0x%2.2x len %d val 0x%lx", *type, opt->len, *val); | ||
1268 | return len; | ||
1269 | } | ||
1270 | |||
1271 | static inline void l2cap_parse_conf_req(struct sock *sk, void *data, int len) | ||
1272 | { | ||
1273 | int type, hint, olen; | ||
1274 | unsigned long val; | ||
1275 | void *ptr = data; | ||
1276 | |||
1277 | BT_DBG("sk %p len %d", sk, len); | ||
1278 | |||
1279 | while (len >= L2CAP_CONF_OPT_SIZE) { | ||
1280 | len -= l2cap_get_conf_opt(&ptr, &type, &olen, &val); | ||
1281 | |||
1282 | hint = type & 0x80; | ||
1283 | type &= 0x7f; | ||
1284 | |||
1285 | switch (type) { | ||
1286 | case L2CAP_CONF_MTU: | ||
1287 | l2cap_pi(sk)->conf_mtu = val; | ||
1288 | break; | ||
1289 | |||
1290 | case L2CAP_CONF_FLUSH_TO: | ||
1291 | l2cap_pi(sk)->flush_to = val; | ||
1292 | break; | ||
1293 | |||
1294 | case L2CAP_CONF_QOS: | ||
1295 | break; | ||
1296 | |||
1297 | default: | ||
1298 | if (hint) | ||
1299 | break; | ||
1300 | |||
1301 | /* FIXME: Reject unknown option */ | ||
1302 | break; | ||
1303 | } | ||
1304 | } | ||
1305 | } | ||
1306 | |||
1307 | static void l2cap_add_conf_opt(void **ptr, u8 type, u8 len, unsigned long val) | ||
1308 | { | ||
1309 | struct l2cap_conf_opt *opt = *ptr; | ||
1310 | |||
1311 | BT_DBG("type 0x%2.2x len %d val 0x%lx", type, len, val); | ||
1312 | |||
1313 | opt->type = type; | ||
1314 | opt->len = len; | ||
1315 | |||
1316 | switch (len) { | ||
1317 | case 1: | ||
1318 | *((u8 *) opt->val) = val; | ||
1319 | break; | ||
1320 | |||
1321 | case 2: | ||
1322 | *((u16 *) opt->val) = __cpu_to_le16(val); | ||
1323 | break; | ||
1324 | |||
1325 | case 4: | ||
1326 | *((u32 *) opt->val) = __cpu_to_le32(val); | ||
1327 | break; | ||
1328 | |||
1329 | default: | ||
1330 | memcpy(opt->val, (void *) val, len); | ||
1331 | break; | ||
1332 | } | ||
1333 | |||
1334 | *ptr += L2CAP_CONF_OPT_SIZE + len; | ||
1335 | } | ||
1336 | |||
1337 | static int l2cap_build_conf_req(struct sock *sk, void *data) | ||
1338 | { | ||
1339 | struct l2cap_pinfo *pi = l2cap_pi(sk); | ||
1340 | struct l2cap_conf_req *req = data; | ||
1341 | void *ptr = req->data; | ||
1342 | |||
1343 | BT_DBG("sk %p", sk); | ||
1344 | |||
1345 | if (pi->imtu != L2CAP_DEFAULT_MTU) | ||
1346 | l2cap_add_conf_opt(&ptr, L2CAP_CONF_MTU, 2, pi->imtu); | ||
1347 | |||
1348 | /* FIXME: Need actual value of the flush timeout */ | ||
1349 | //if (flush_to != L2CAP_DEFAULT_FLUSH_TO) | ||
1350 | // l2cap_add_conf_opt(&ptr, L2CAP_CONF_FLUSH_TO, 2, pi->flush_to); | ||
1351 | |||
1352 | req->dcid = __cpu_to_le16(pi->dcid); | ||
1353 | req->flags = __cpu_to_le16(0); | ||
1354 | |||
1355 | return ptr - data; | ||
1356 | } | ||
1357 | |||
1358 | static inline int l2cap_conf_output(struct sock *sk, void **ptr) | ||
1359 | { | ||
1360 | struct l2cap_pinfo *pi = l2cap_pi(sk); | ||
1361 | int result = 0; | ||
1362 | |||
1363 | /* Configure output options and let the other side know | ||
1364 | * which ones we don't like. */ | ||
1365 | if (pi->conf_mtu < pi->omtu) { | ||
1366 | l2cap_add_conf_opt(ptr, L2CAP_CONF_MTU, 2, pi->omtu); | ||
1367 | result = L2CAP_CONF_UNACCEPT; | ||
1368 | } else { | ||
1369 | pi->omtu = pi->conf_mtu; | ||
1370 | } | ||
1371 | |||
1372 | BT_DBG("sk %p result %d", sk, result); | ||
1373 | return result; | ||
1374 | } | ||
1375 | |||
1376 | static int l2cap_build_conf_rsp(struct sock *sk, void *data, int *result) | ||
1377 | { | ||
1378 | struct l2cap_conf_rsp *rsp = data; | ||
1379 | void *ptr = rsp->data; | ||
1380 | u16 flags = 0; | ||
1381 | |||
1382 | BT_DBG("sk %p complete %d", sk, result ? 1 : 0); | ||
1383 | |||
1384 | if (result) | ||
1385 | *result = l2cap_conf_output(sk, &ptr); | ||
1386 | else | ||
1387 | flags = 0x0001; | ||
1388 | |||
1389 | rsp->scid = __cpu_to_le16(l2cap_pi(sk)->dcid); | ||
1390 | rsp->result = __cpu_to_le16(result ? *result : 0); | ||
1391 | rsp->flags = __cpu_to_le16(flags); | ||
1392 | |||
1393 | return ptr - data; | ||
1394 | } | ||
1395 | |||
1396 | static inline int l2cap_connect_req(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u8 *data) | ||
1397 | { | ||
1398 | struct l2cap_chan_list *list = &conn->chan_list; | ||
1399 | struct l2cap_conn_req *req = (struct l2cap_conn_req *) data; | ||
1400 | struct l2cap_conn_rsp rsp; | ||
1401 | struct sock *sk, *parent; | ||
1402 | int result = 0, status = 0; | ||
1403 | |||
1404 | u16 dcid = 0, scid = __le16_to_cpu(req->scid); | ||
1405 | u16 psm = req->psm; | ||
1406 | |||
1407 | BT_DBG("psm 0x%2.2x scid 0x%4.4x", psm, scid); | ||
1408 | |||
1409 | /* Check if we have socket listening on psm */ | ||
1410 | parent = l2cap_get_sock_by_psm(BT_LISTEN, psm, conn->src); | ||
1411 | if (!parent) { | ||
1412 | result = L2CAP_CR_BAD_PSM; | ||
1413 | goto sendresp; | ||
1414 | } | ||
1415 | |||
1416 | result = L2CAP_CR_NO_MEM; | ||
1417 | |||
1418 | /* Check for backlog size */ | ||
1419 | if (sk_acceptq_is_full(parent)) { | ||
1420 | BT_DBG("backlog full %d", parent->sk_ack_backlog); | ||
1421 | goto response; | ||
1422 | } | ||
1423 | |||
1424 | sk = l2cap_sock_alloc(NULL, BTPROTO_L2CAP, GFP_ATOMIC); | ||
1425 | if (!sk) | ||
1426 | goto response; | ||
1427 | |||
1428 | write_lock(&list->lock); | ||
1429 | |||
1430 | /* Check if we already have channel with that dcid */ | ||
1431 | if (__l2cap_get_chan_by_dcid(list, scid)) { | ||
1432 | write_unlock(&list->lock); | ||
1433 | sock_set_flag(sk, SOCK_ZAPPED); | ||
1434 | l2cap_sock_kill(sk); | ||
1435 | goto response; | ||
1436 | } | ||
1437 | |||
1438 | hci_conn_hold(conn->hcon); | ||
1439 | |||
1440 | l2cap_sock_init(sk, parent); | ||
1441 | bacpy(&bt_sk(sk)->src, conn->src); | ||
1442 | bacpy(&bt_sk(sk)->dst, conn->dst); | ||
1443 | l2cap_pi(sk)->psm = psm; | ||
1444 | l2cap_pi(sk)->dcid = scid; | ||
1445 | |||
1446 | __l2cap_chan_add(conn, sk, parent); | ||
1447 | dcid = l2cap_pi(sk)->scid; | ||
1448 | |||
1449 | l2cap_sock_set_timer(sk, sk->sk_sndtimeo); | ||
1450 | |||
1451 | /* Service level security */ | ||
1452 | result = L2CAP_CR_PEND; | ||
1453 | status = L2CAP_CS_AUTHEN_PEND; | ||
1454 | sk->sk_state = BT_CONNECT2; | ||
1455 | l2cap_pi(sk)->ident = cmd->ident; | ||
1456 | |||
1457 | if ((l2cap_pi(sk)->link_mode & L2CAP_LM_ENCRYPT) || | ||
1458 | (l2cap_pi(sk)->link_mode & L2CAP_LM_SECURE)) { | ||
1459 | if (!hci_conn_encrypt(conn->hcon)) | ||
1460 | goto done; | ||
1461 | } else if (l2cap_pi(sk)->link_mode & L2CAP_LM_AUTH) { | ||
1462 | if (!hci_conn_auth(conn->hcon)) | ||
1463 | goto done; | ||
1464 | } | ||
1465 | |||
1466 | sk->sk_state = BT_CONFIG; | ||
1467 | result = status = 0; | ||
1468 | |||
1469 | done: | ||
1470 | write_unlock(&list->lock); | ||
1471 | |||
1472 | response: | ||
1473 | bh_unlock_sock(parent); | ||
1474 | |||
1475 | sendresp: | ||
1476 | rsp.scid = __cpu_to_le16(scid); | ||
1477 | rsp.dcid = __cpu_to_le16(dcid); | ||
1478 | rsp.result = __cpu_to_le16(result); | ||
1479 | rsp.status = __cpu_to_le16(status); | ||
1480 | l2cap_send_cmd(conn, cmd->ident, L2CAP_CONN_RSP, sizeof(rsp), &rsp); | ||
1481 | return 0; | ||
1482 | } | ||
1483 | |||
1484 | static inline int l2cap_connect_rsp(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u8 *data) | ||
1485 | { | ||
1486 | struct l2cap_conn_rsp *rsp = (struct l2cap_conn_rsp *) data; | ||
1487 | u16 scid, dcid, result, status; | ||
1488 | struct sock *sk; | ||
1489 | u8 req[128]; | ||
1490 | |||
1491 | scid = __le16_to_cpu(rsp->scid); | ||
1492 | dcid = __le16_to_cpu(rsp->dcid); | ||
1493 | result = __le16_to_cpu(rsp->result); | ||
1494 | status = __le16_to_cpu(rsp->status); | ||
1495 | |||
1496 | BT_DBG("dcid 0x%4.4x scid 0x%4.4x result 0x%2.2x status 0x%2.2x", dcid, scid, result, status); | ||
1497 | |||
1498 | if (scid) { | ||
1499 | if (!(sk = l2cap_get_chan_by_scid(&conn->chan_list, scid))) | ||
1500 | return 0; | ||
1501 | } else { | ||
1502 | if (!(sk = l2cap_get_chan_by_ident(&conn->chan_list, cmd->ident))) | ||
1503 | return 0; | ||
1504 | } | ||
1505 | |||
1506 | switch (result) { | ||
1507 | case L2CAP_CR_SUCCESS: | ||
1508 | sk->sk_state = BT_CONFIG; | ||
1509 | l2cap_pi(sk)->ident = 0; | ||
1510 | l2cap_pi(sk)->dcid = dcid; | ||
1511 | l2cap_pi(sk)->conf_state |= L2CAP_CONF_REQ_SENT; | ||
1512 | |||
1513 | l2cap_send_cmd(conn, l2cap_get_ident(conn), L2CAP_CONF_REQ, | ||
1514 | l2cap_build_conf_req(sk, req), req); | ||
1515 | break; | ||
1516 | |||
1517 | case L2CAP_CR_PEND: | ||
1518 | break; | ||
1519 | |||
1520 | default: | ||
1521 | l2cap_chan_del(sk, ECONNREFUSED); | ||
1522 | break; | ||
1523 | } | ||
1524 | |||
1525 | bh_unlock_sock(sk); | ||
1526 | return 0; | ||
1527 | } | ||
1528 | |||
1529 | static inline int l2cap_config_req(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u8 *data) | ||
1530 | { | ||
1531 | struct l2cap_conf_req *req = (struct l2cap_conf_req *) data; | ||
1532 | u16 dcid, flags; | ||
1533 | u8 rsp[64]; | ||
1534 | struct sock *sk; | ||
1535 | int result; | ||
1536 | |||
1537 | dcid = __le16_to_cpu(req->dcid); | ||
1538 | flags = __le16_to_cpu(req->flags); | ||
1539 | |||
1540 | BT_DBG("dcid 0x%4.4x flags 0x%2.2x", dcid, flags); | ||
1541 | |||
1542 | if (!(sk = l2cap_get_chan_by_scid(&conn->chan_list, dcid))) | ||
1543 | return -ENOENT; | ||
1544 | |||
1545 | l2cap_parse_conf_req(sk, req->data, cmd->len - sizeof(*req)); | ||
1546 | |||
1547 | if (flags & 0x0001) { | ||
1548 | /* Incomplete config. Send empty response. */ | ||
1549 | l2cap_send_cmd(conn, cmd->ident, L2CAP_CONF_RSP, | ||
1550 | l2cap_build_conf_rsp(sk, rsp, NULL), rsp); | ||
1551 | goto unlock; | ||
1552 | } | ||
1553 | |||
1554 | /* Complete config. */ | ||
1555 | l2cap_send_cmd(conn, cmd->ident, L2CAP_CONF_RSP, | ||
1556 | l2cap_build_conf_rsp(sk, rsp, &result), rsp); | ||
1557 | |||
1558 | if (result) | ||
1559 | goto unlock; | ||
1560 | |||
1561 | /* Output config done */ | ||
1562 | l2cap_pi(sk)->conf_state |= L2CAP_CONF_OUTPUT_DONE; | ||
1563 | |||
1564 | if (l2cap_pi(sk)->conf_state & L2CAP_CONF_INPUT_DONE) { | ||
1565 | sk->sk_state = BT_CONNECTED; | ||
1566 | l2cap_chan_ready(sk); | ||
1567 | } else if (!(l2cap_pi(sk)->conf_state & L2CAP_CONF_REQ_SENT)) { | ||
1568 | u8 req[64]; | ||
1569 | l2cap_send_cmd(conn, l2cap_get_ident(conn), L2CAP_CONF_REQ, | ||
1570 | l2cap_build_conf_req(sk, req), req); | ||
1571 | } | ||
1572 | |||
1573 | unlock: | ||
1574 | bh_unlock_sock(sk); | ||
1575 | return 0; | ||
1576 | } | ||
1577 | |||
1578 | static inline int l2cap_config_rsp(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u8 *data) | ||
1579 | { | ||
1580 | struct l2cap_conf_rsp *rsp = (struct l2cap_conf_rsp *)data; | ||
1581 | u16 scid, flags, result; | ||
1582 | struct sock *sk; | ||
1583 | |||
1584 | scid = __le16_to_cpu(rsp->scid); | ||
1585 | flags = __le16_to_cpu(rsp->flags); | ||
1586 | result = __le16_to_cpu(rsp->result); | ||
1587 | |||
1588 | BT_DBG("scid 0x%4.4x flags 0x%2.2x result 0x%2.2x", scid, flags, result); | ||
1589 | |||
1590 | if (!(sk = l2cap_get_chan_by_scid(&conn->chan_list, scid))) | ||
1591 | return 0; | ||
1592 | |||
1593 | switch (result) { | ||
1594 | case L2CAP_CONF_SUCCESS: | ||
1595 | break; | ||
1596 | |||
1597 | case L2CAP_CONF_UNACCEPT: | ||
1598 | if (++l2cap_pi(sk)->conf_retry < L2CAP_CONF_MAX_RETRIES) { | ||
1599 | char req[128]; | ||
1600 | /* It does not make sense to adjust L2CAP parameters | ||
1601 | * that are currently defined in the spec. We simply | ||
1602 | * resend config request that we sent earlier. It is | ||
1603 | * stupid, but it helps qualification testing which | ||
1604 | * expects at least some response from us. */ | ||
1605 | l2cap_send_cmd(conn, l2cap_get_ident(conn), L2CAP_CONF_REQ, | ||
1606 | l2cap_build_conf_req(sk, req), req); | ||
1607 | goto done; | ||
1608 | } | ||
1609 | |||
1610 | default: | ||
1611 | sk->sk_state = BT_DISCONN; | ||
1612 | sk->sk_err = ECONNRESET; | ||
1613 | l2cap_sock_set_timer(sk, HZ * 5); | ||
1614 | { | ||
1615 | struct l2cap_disconn_req req; | ||
1616 | req.dcid = __cpu_to_le16(l2cap_pi(sk)->dcid); | ||
1617 | req.scid = __cpu_to_le16(l2cap_pi(sk)->scid); | ||
1618 | l2cap_send_cmd(conn, l2cap_get_ident(conn), | ||
1619 | L2CAP_DISCONN_REQ, sizeof(req), &req); | ||
1620 | } | ||
1621 | goto done; | ||
1622 | } | ||
1623 | |||
1624 | if (flags & 0x01) | ||
1625 | goto done; | ||
1626 | |||
1627 | /* Input config done */ | ||
1628 | l2cap_pi(sk)->conf_state |= L2CAP_CONF_INPUT_DONE; | ||
1629 | |||
1630 | if (l2cap_pi(sk)->conf_state & L2CAP_CONF_OUTPUT_DONE) { | ||
1631 | sk->sk_state = BT_CONNECTED; | ||
1632 | l2cap_chan_ready(sk); | ||
1633 | } | ||
1634 | |||
1635 | done: | ||
1636 | bh_unlock_sock(sk); | ||
1637 | return 0; | ||
1638 | } | ||
1639 | |||
1640 | static inline int l2cap_disconnect_req(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u8 *data) | ||
1641 | { | ||
1642 | struct l2cap_disconn_req *req = (struct l2cap_disconn_req *) data; | ||
1643 | struct l2cap_disconn_rsp rsp; | ||
1644 | u16 dcid, scid; | ||
1645 | struct sock *sk; | ||
1646 | |||
1647 | scid = __le16_to_cpu(req->scid); | ||
1648 | dcid = __le16_to_cpu(req->dcid); | ||
1649 | |||
1650 | BT_DBG("scid 0x%4.4x dcid 0x%4.4x", scid, dcid); | ||
1651 | |||
1652 | if (!(sk = l2cap_get_chan_by_scid(&conn->chan_list, dcid))) | ||
1653 | return 0; | ||
1654 | |||
1655 | rsp.dcid = __cpu_to_le16(l2cap_pi(sk)->scid); | ||
1656 | rsp.scid = __cpu_to_le16(l2cap_pi(sk)->dcid); | ||
1657 | l2cap_send_cmd(conn, cmd->ident, L2CAP_DISCONN_RSP, sizeof(rsp), &rsp); | ||
1658 | |||
1659 | sk->sk_shutdown = SHUTDOWN_MASK; | ||
1660 | |||
1661 | l2cap_chan_del(sk, ECONNRESET); | ||
1662 | bh_unlock_sock(sk); | ||
1663 | |||
1664 | l2cap_sock_kill(sk); | ||
1665 | return 0; | ||
1666 | } | ||
1667 | |||
1668 | static inline int l2cap_disconnect_rsp(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u8 *data) | ||
1669 | { | ||
1670 | struct l2cap_disconn_rsp *rsp = (struct l2cap_disconn_rsp *) data; | ||
1671 | u16 dcid, scid; | ||
1672 | struct sock *sk; | ||
1673 | |||
1674 | scid = __le16_to_cpu(rsp->scid); | ||
1675 | dcid = __le16_to_cpu(rsp->dcid); | ||
1676 | |||
1677 | BT_DBG("dcid 0x%4.4x scid 0x%4.4x", dcid, scid); | ||
1678 | |||
1679 | if (!(sk = l2cap_get_chan_by_scid(&conn->chan_list, scid))) | ||
1680 | return 0; | ||
1681 | |||
1682 | l2cap_chan_del(sk, 0); | ||
1683 | bh_unlock_sock(sk); | ||
1684 | |||
1685 | l2cap_sock_kill(sk); | ||
1686 | return 0; | ||
1687 | } | ||
1688 | |||
1689 | static inline int l2cap_information_req(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u8 *data) | ||
1690 | { | ||
1691 | struct l2cap_info_req *req = (struct l2cap_info_req *) data; | ||
1692 | struct l2cap_info_rsp rsp; | ||
1693 | u16 type; | ||
1694 | |||
1695 | type = __le16_to_cpu(req->type); | ||
1696 | |||
1697 | BT_DBG("type 0x%4.4x", type); | ||
1698 | |||
1699 | rsp.type = __cpu_to_le16(type); | ||
1700 | rsp.result = __cpu_to_le16(L2CAP_IR_NOTSUPP); | ||
1701 | l2cap_send_cmd(conn, cmd->ident, L2CAP_INFO_RSP, sizeof(rsp), &rsp); | ||
1702 | |||
1703 | return 0; | ||
1704 | } | ||
1705 | |||
1706 | static inline int l2cap_information_rsp(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u8 *data) | ||
1707 | { | ||
1708 | struct l2cap_info_rsp *rsp = (struct l2cap_info_rsp *) data; | ||
1709 | u16 type, result; | ||
1710 | |||
1711 | type = __le16_to_cpu(rsp->type); | ||
1712 | result = __le16_to_cpu(rsp->result); | ||
1713 | |||
1714 | BT_DBG("type 0x%4.4x result 0x%2.2x", type, result); | ||
1715 | |||
1716 | return 0; | ||
1717 | } | ||
1718 | |||
1719 | static inline void l2cap_sig_channel(struct l2cap_conn *conn, struct sk_buff *skb) | ||
1720 | { | ||
1721 | u8 *data = skb->data; | ||
1722 | int len = skb->len; | ||
1723 | struct l2cap_cmd_hdr cmd; | ||
1724 | int err = 0; | ||
1725 | |||
1726 | l2cap_raw_recv(conn, skb); | ||
1727 | |||
1728 | while (len >= L2CAP_CMD_HDR_SIZE) { | ||
1729 | memcpy(&cmd, data, L2CAP_CMD_HDR_SIZE); | ||
1730 | data += L2CAP_CMD_HDR_SIZE; | ||
1731 | len -= L2CAP_CMD_HDR_SIZE; | ||
1732 | |||
1733 | cmd.len = __le16_to_cpu(cmd.len); | ||
1734 | |||
1735 | BT_DBG("code 0x%2.2x len %d id 0x%2.2x", cmd.code, cmd.len, cmd.ident); | ||
1736 | |||
1737 | if (cmd.len > len || !cmd.ident) { | ||
1738 | BT_DBG("corrupted command"); | ||
1739 | break; | ||
1740 | } | ||
1741 | |||
1742 | switch (cmd.code) { | ||
1743 | case L2CAP_COMMAND_REJ: | ||
1744 | /* FIXME: We should process this */ | ||
1745 | break; | ||
1746 | |||
1747 | case L2CAP_CONN_REQ: | ||
1748 | err = l2cap_connect_req(conn, &cmd, data); | ||
1749 | break; | ||
1750 | |||
1751 | case L2CAP_CONN_RSP: | ||
1752 | err = l2cap_connect_rsp(conn, &cmd, data); | ||
1753 | break; | ||
1754 | |||
1755 | case L2CAP_CONF_REQ: | ||
1756 | err = l2cap_config_req(conn, &cmd, data); | ||
1757 | break; | ||
1758 | |||
1759 | case L2CAP_CONF_RSP: | ||
1760 | err = l2cap_config_rsp(conn, &cmd, data); | ||
1761 | break; | ||
1762 | |||
1763 | case L2CAP_DISCONN_REQ: | ||
1764 | err = l2cap_disconnect_req(conn, &cmd, data); | ||
1765 | break; | ||
1766 | |||
1767 | case L2CAP_DISCONN_RSP: | ||
1768 | err = l2cap_disconnect_rsp(conn, &cmd, data); | ||
1769 | break; | ||
1770 | |||
1771 | case L2CAP_ECHO_REQ: | ||
1772 | l2cap_send_cmd(conn, cmd.ident, L2CAP_ECHO_RSP, cmd.len, data); | ||
1773 | break; | ||
1774 | |||
1775 | case L2CAP_ECHO_RSP: | ||
1776 | break; | ||
1777 | |||
1778 | case L2CAP_INFO_REQ: | ||
1779 | err = l2cap_information_req(conn, &cmd, data); | ||
1780 | break; | ||
1781 | |||
1782 | case L2CAP_INFO_RSP: | ||
1783 | err = l2cap_information_rsp(conn, &cmd, data); | ||
1784 | break; | ||
1785 | |||
1786 | default: | ||
1787 | BT_ERR("Unknown signaling command 0x%2.2x", cmd.code); | ||
1788 | err = -EINVAL; | ||
1789 | break; | ||
1790 | } | ||
1791 | |||
1792 | if (err) { | ||
1793 | struct l2cap_cmd_rej rej; | ||
1794 | BT_DBG("error %d", err); | ||
1795 | |||
1796 | /* FIXME: Map err to a valid reason */ | ||
1797 | rej.reason = __cpu_to_le16(0); | ||
1798 | l2cap_send_cmd(conn, cmd.ident, L2CAP_COMMAND_REJ, sizeof(rej), &rej); | ||
1799 | } | ||
1800 | |||
1801 | data += cmd.len; | ||
1802 | len -= cmd.len; | ||
1803 | } | ||
1804 | |||
1805 | kfree_skb(skb); | ||
1806 | } | ||
1807 | |||
1808 | static inline int l2cap_data_channel(struct l2cap_conn *conn, u16 cid, struct sk_buff *skb) | ||
1809 | { | ||
1810 | struct sock *sk; | ||
1811 | |||
1812 | sk = l2cap_get_chan_by_scid(&conn->chan_list, cid); | ||
1813 | if (!sk) { | ||
1814 | BT_DBG("unknown cid 0x%4.4x", cid); | ||
1815 | goto drop; | ||
1816 | } | ||
1817 | |||
1818 | BT_DBG("sk %p, len %d", sk, skb->len); | ||
1819 | |||
1820 | if (sk->sk_state != BT_CONNECTED) | ||
1821 | goto drop; | ||
1822 | |||
1823 | if (l2cap_pi(sk)->imtu < skb->len) | ||
1824 | goto drop; | ||
1825 | |||
1826 | /* If socket recv buffers overflows we drop data here | ||
1827 | * which is *bad* because L2CAP has to be reliable. | ||
1828 | * But we don't have any other choice. L2CAP doesn't | ||
1829 | * provide flow control mechanism. */ | ||
1830 | |||
1831 | if (!sock_queue_rcv_skb(sk, skb)) | ||
1832 | goto done; | ||
1833 | |||
1834 | drop: | ||
1835 | kfree_skb(skb); | ||
1836 | |||
1837 | done: | ||
1838 | if (sk) bh_unlock_sock(sk); | ||
1839 | return 0; | ||
1840 | } | ||
1841 | |||
1842 | static inline int l2cap_conless_channel(struct l2cap_conn *conn, u16 psm, struct sk_buff *skb) | ||
1843 | { | ||
1844 | struct sock *sk; | ||
1845 | |||
1846 | sk = l2cap_get_sock_by_psm(0, psm, conn->src); | ||
1847 | if (!sk) | ||
1848 | goto drop; | ||
1849 | |||
1850 | BT_DBG("sk %p, len %d", sk, skb->len); | ||
1851 | |||
1852 | if (sk->sk_state != BT_BOUND && sk->sk_state != BT_CONNECTED) | ||
1853 | goto drop; | ||
1854 | |||
1855 | if (l2cap_pi(sk)->imtu < skb->len) | ||
1856 | goto drop; | ||
1857 | |||
1858 | if (!sock_queue_rcv_skb(sk, skb)) | ||
1859 | goto done; | ||
1860 | |||
1861 | drop: | ||
1862 | kfree_skb(skb); | ||
1863 | |||
1864 | done: | ||
1865 | if (sk) bh_unlock_sock(sk); | ||
1866 | return 0; | ||
1867 | } | ||
1868 | |||
1869 | static void l2cap_recv_frame(struct l2cap_conn *conn, struct sk_buff *skb) | ||
1870 | { | ||
1871 | struct l2cap_hdr *lh = (void *) skb->data; | ||
1872 | u16 cid, psm, len; | ||
1873 | |||
1874 | skb_pull(skb, L2CAP_HDR_SIZE); | ||
1875 | cid = __le16_to_cpu(lh->cid); | ||
1876 | len = __le16_to_cpu(lh->len); | ||
1877 | |||
1878 | BT_DBG("len %d, cid 0x%4.4x", len, cid); | ||
1879 | |||
1880 | switch (cid) { | ||
1881 | case 0x0001: | ||
1882 | l2cap_sig_channel(conn, skb); | ||
1883 | break; | ||
1884 | |||
1885 | case 0x0002: | ||
1886 | psm = get_unaligned((u16 *) skb->data); | ||
1887 | skb_pull(skb, 2); | ||
1888 | l2cap_conless_channel(conn, psm, skb); | ||
1889 | break; | ||
1890 | |||
1891 | default: | ||
1892 | l2cap_data_channel(conn, cid, skb); | ||
1893 | break; | ||
1894 | } | ||
1895 | } | ||
1896 | |||
1897 | /* ---- L2CAP interface with lower layer (HCI) ---- */ | ||
1898 | |||
1899 | static int l2cap_connect_ind(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type) | ||
1900 | { | ||
1901 | int exact = 0, lm1 = 0, lm2 = 0; | ||
1902 | register struct sock *sk; | ||
1903 | struct hlist_node *node; | ||
1904 | |||
1905 | if (type != ACL_LINK) | ||
1906 | return 0; | ||
1907 | |||
1908 | BT_DBG("hdev %s, bdaddr %s", hdev->name, batostr(bdaddr)); | ||
1909 | |||
1910 | /* Find listening sockets and check their link_mode */ | ||
1911 | read_lock(&l2cap_sk_list.lock); | ||
1912 | sk_for_each(sk, node, &l2cap_sk_list.head) { | ||
1913 | if (sk->sk_state != BT_LISTEN) | ||
1914 | continue; | ||
1915 | |||
1916 | if (!bacmp(&bt_sk(sk)->src, &hdev->bdaddr)) { | ||
1917 | lm1 |= (HCI_LM_ACCEPT | l2cap_pi(sk)->link_mode); | ||
1918 | exact++; | ||
1919 | } else if (!bacmp(&bt_sk(sk)->src, BDADDR_ANY)) | ||
1920 | lm2 |= (HCI_LM_ACCEPT | l2cap_pi(sk)->link_mode); | ||
1921 | } | ||
1922 | read_unlock(&l2cap_sk_list.lock); | ||
1923 | |||
1924 | return exact ? lm1 : lm2; | ||
1925 | } | ||
1926 | |||
1927 | static int l2cap_connect_cfm(struct hci_conn *hcon, u8 status) | ||
1928 | { | ||
1929 | BT_DBG("hcon %p bdaddr %s status %d", hcon, batostr(&hcon->dst), status); | ||
1930 | |||
1931 | if (hcon->type != ACL_LINK) | ||
1932 | return 0; | ||
1933 | |||
1934 | if (!status) { | ||
1935 | struct l2cap_conn *conn; | ||
1936 | |||
1937 | conn = l2cap_conn_add(hcon, status); | ||
1938 | if (conn) | ||
1939 | l2cap_conn_ready(conn); | ||
1940 | } else | ||
1941 | l2cap_conn_del(hcon, bt_err(status)); | ||
1942 | |||
1943 | return 0; | ||
1944 | } | ||
1945 | |||
1946 | static int l2cap_disconn_ind(struct hci_conn *hcon, u8 reason) | ||
1947 | { | ||
1948 | BT_DBG("hcon %p reason %d", hcon, reason); | ||
1949 | |||
1950 | if (hcon->type != ACL_LINK) | ||
1951 | return 0; | ||
1952 | |||
1953 | l2cap_conn_del(hcon, bt_err(reason)); | ||
1954 | return 0; | ||
1955 | } | ||
1956 | |||
1957 | static int l2cap_auth_cfm(struct hci_conn *hcon, u8 status) | ||
1958 | { | ||
1959 | struct l2cap_chan_list *l; | ||
1960 | struct l2cap_conn *conn; | ||
1961 | struct l2cap_conn_rsp rsp; | ||
1962 | struct sock *sk; | ||
1963 | int result; | ||
1964 | |||
1965 | if (!(conn = hcon->l2cap_data)) | ||
1966 | return 0; | ||
1967 | l = &conn->chan_list; | ||
1968 | |||
1969 | BT_DBG("conn %p", conn); | ||
1970 | |||
1971 | read_lock(&l->lock); | ||
1972 | |||
1973 | for (sk = l->head; sk; sk = l2cap_pi(sk)->next_c) { | ||
1974 | bh_lock_sock(sk); | ||
1975 | |||
1976 | if (sk->sk_state != BT_CONNECT2 || | ||
1977 | (l2cap_pi(sk)->link_mode & L2CAP_LM_ENCRYPT) || | ||
1978 | (l2cap_pi(sk)->link_mode & L2CAP_LM_SECURE)) { | ||
1979 | bh_unlock_sock(sk); | ||
1980 | continue; | ||
1981 | } | ||
1982 | |||
1983 | if (!status) { | ||
1984 | sk->sk_state = BT_CONFIG; | ||
1985 | result = 0; | ||
1986 | } else { | ||
1987 | sk->sk_state = BT_DISCONN; | ||
1988 | l2cap_sock_set_timer(sk, HZ/10); | ||
1989 | result = L2CAP_CR_SEC_BLOCK; | ||
1990 | } | ||
1991 | |||
1992 | rsp.scid = __cpu_to_le16(l2cap_pi(sk)->dcid); | ||
1993 | rsp.dcid = __cpu_to_le16(l2cap_pi(sk)->scid); | ||
1994 | rsp.result = __cpu_to_le16(result); | ||
1995 | rsp.status = __cpu_to_le16(0); | ||
1996 | l2cap_send_cmd(conn, l2cap_pi(sk)->ident, | ||
1997 | L2CAP_CONN_RSP, sizeof(rsp), &rsp); | ||
1998 | |||
1999 | bh_unlock_sock(sk); | ||
2000 | } | ||
2001 | |||
2002 | read_unlock(&l->lock); | ||
2003 | return 0; | ||
2004 | } | ||
2005 | |||
2006 | static int l2cap_encrypt_cfm(struct hci_conn *hcon, u8 status) | ||
2007 | { | ||
2008 | struct l2cap_chan_list *l; | ||
2009 | struct l2cap_conn *conn; | ||
2010 | struct l2cap_conn_rsp rsp; | ||
2011 | struct sock *sk; | ||
2012 | int result; | ||
2013 | |||
2014 | if (!(conn = hcon->l2cap_data)) | ||
2015 | return 0; | ||
2016 | l = &conn->chan_list; | ||
2017 | |||
2018 | BT_DBG("conn %p", conn); | ||
2019 | |||
2020 | read_lock(&l->lock); | ||
2021 | |||
2022 | for (sk = l->head; sk; sk = l2cap_pi(sk)->next_c) { | ||
2023 | bh_lock_sock(sk); | ||
2024 | |||
2025 | if (sk->sk_state != BT_CONNECT2) { | ||
2026 | bh_unlock_sock(sk); | ||
2027 | continue; | ||
2028 | } | ||
2029 | |||
2030 | if (!status) { | ||
2031 | sk->sk_state = BT_CONFIG; | ||
2032 | result = 0; | ||
2033 | } else { | ||
2034 | sk->sk_state = BT_DISCONN; | ||
2035 | l2cap_sock_set_timer(sk, HZ/10); | ||
2036 | result = L2CAP_CR_SEC_BLOCK; | ||
2037 | } | ||
2038 | |||
2039 | rsp.scid = __cpu_to_le16(l2cap_pi(sk)->dcid); | ||
2040 | rsp.dcid = __cpu_to_le16(l2cap_pi(sk)->scid); | ||
2041 | rsp.result = __cpu_to_le16(result); | ||
2042 | rsp.status = __cpu_to_le16(0); | ||
2043 | l2cap_send_cmd(conn, l2cap_pi(sk)->ident, | ||
2044 | L2CAP_CONN_RSP, sizeof(rsp), &rsp); | ||
2045 | |||
2046 | if (l2cap_pi(sk)->link_mode & L2CAP_LM_SECURE) | ||
2047 | hci_conn_change_link_key(hcon); | ||
2048 | |||
2049 | bh_unlock_sock(sk); | ||
2050 | } | ||
2051 | |||
2052 | read_unlock(&l->lock); | ||
2053 | return 0; | ||
2054 | } | ||
2055 | |||
2056 | static int l2cap_recv_acldata(struct hci_conn *hcon, struct sk_buff *skb, u16 flags) | ||
2057 | { | ||
2058 | struct l2cap_conn *conn = hcon->l2cap_data; | ||
2059 | |||
2060 | if (!conn && !(conn = l2cap_conn_add(hcon, 0))) | ||
2061 | goto drop; | ||
2062 | |||
2063 | BT_DBG("conn %p len %d flags 0x%x", conn, skb->len, flags); | ||
2064 | |||
2065 | if (flags & ACL_START) { | ||
2066 | struct l2cap_hdr *hdr; | ||
2067 | int len; | ||
2068 | |||
2069 | if (conn->rx_len) { | ||
2070 | BT_ERR("Unexpected start frame (len %d)", skb->len); | ||
2071 | kfree_skb(conn->rx_skb); | ||
2072 | conn->rx_skb = NULL; | ||
2073 | conn->rx_len = 0; | ||
2074 | l2cap_conn_unreliable(conn, ECOMM); | ||
2075 | } | ||
2076 | |||
2077 | if (skb->len < 2) { | ||
2078 | BT_ERR("Frame is too short (len %d)", skb->len); | ||
2079 | l2cap_conn_unreliable(conn, ECOMM); | ||
2080 | goto drop; | ||
2081 | } | ||
2082 | |||
2083 | hdr = (struct l2cap_hdr *) skb->data; | ||
2084 | len = __le16_to_cpu(hdr->len) + L2CAP_HDR_SIZE; | ||
2085 | |||
2086 | if (len == skb->len) { | ||
2087 | /* Complete frame received */ | ||
2088 | l2cap_recv_frame(conn, skb); | ||
2089 | return 0; | ||
2090 | } | ||
2091 | |||
2092 | BT_DBG("Start: total len %d, frag len %d", len, skb->len); | ||
2093 | |||
2094 | if (skb->len > len) { | ||
2095 | BT_ERR("Frame is too long (len %d, expected len %d)", | ||
2096 | skb->len, len); | ||
2097 | l2cap_conn_unreliable(conn, ECOMM); | ||
2098 | goto drop; | ||
2099 | } | ||
2100 | |||
2101 | /* Allocate skb for the complete frame (with header) */ | ||
2102 | if (!(conn->rx_skb = bt_skb_alloc(len, GFP_ATOMIC))) | ||
2103 | goto drop; | ||
2104 | |||
2105 | memcpy(skb_put(conn->rx_skb, skb->len), skb->data, skb->len); | ||
2106 | conn->rx_len = len - skb->len; | ||
2107 | } else { | ||
2108 | BT_DBG("Cont: frag len %d (expecting %d)", skb->len, conn->rx_len); | ||
2109 | |||
2110 | if (!conn->rx_len) { | ||
2111 | BT_ERR("Unexpected continuation frame (len %d)", skb->len); | ||
2112 | l2cap_conn_unreliable(conn, ECOMM); | ||
2113 | goto drop; | ||
2114 | } | ||
2115 | |||
2116 | if (skb->len > conn->rx_len) { | ||
2117 | BT_ERR("Fragment is too long (len %d, expected %d)", | ||
2118 | skb->len, conn->rx_len); | ||
2119 | kfree_skb(conn->rx_skb); | ||
2120 | conn->rx_skb = NULL; | ||
2121 | conn->rx_len = 0; | ||
2122 | l2cap_conn_unreliable(conn, ECOMM); | ||
2123 | goto drop; | ||
2124 | } | ||
2125 | |||
2126 | memcpy(skb_put(conn->rx_skb, skb->len), skb->data, skb->len); | ||
2127 | conn->rx_len -= skb->len; | ||
2128 | |||
2129 | if (!conn->rx_len) { | ||
2130 | /* Complete frame received */ | ||
2131 | l2cap_recv_frame(conn, conn->rx_skb); | ||
2132 | conn->rx_skb = NULL; | ||
2133 | } | ||
2134 | } | ||
2135 | |||
2136 | drop: | ||
2137 | kfree_skb(skb); | ||
2138 | return 0; | ||
2139 | } | ||
2140 | |||
2141 | /* ---- Proc fs support ---- */ | ||
2142 | #ifdef CONFIG_PROC_FS | ||
2143 | static void *l2cap_seq_start(struct seq_file *seq, loff_t *pos) | ||
2144 | { | ||
2145 | struct sock *sk; | ||
2146 | struct hlist_node *node; | ||
2147 | loff_t l = *pos; | ||
2148 | |||
2149 | read_lock_bh(&l2cap_sk_list.lock); | ||
2150 | |||
2151 | sk_for_each(sk, node, &l2cap_sk_list.head) | ||
2152 | if (!l--) | ||
2153 | goto found; | ||
2154 | sk = NULL; | ||
2155 | found: | ||
2156 | return sk; | ||
2157 | } | ||
2158 | |||
2159 | static void *l2cap_seq_next(struct seq_file *seq, void *e, loff_t *pos) | ||
2160 | { | ||
2161 | (*pos)++; | ||
2162 | return sk_next(e); | ||
2163 | } | ||
2164 | |||
2165 | static void l2cap_seq_stop(struct seq_file *seq, void *e) | ||
2166 | { | ||
2167 | read_unlock_bh(&l2cap_sk_list.lock); | ||
2168 | } | ||
2169 | |||
2170 | static int l2cap_seq_show(struct seq_file *seq, void *e) | ||
2171 | { | ||
2172 | struct sock *sk = e; | ||
2173 | struct l2cap_pinfo *pi = l2cap_pi(sk); | ||
2174 | |||
2175 | seq_printf(seq, "%s %s %d %d 0x%4.4x 0x%4.4x %d %d 0x%x\n", | ||
2176 | batostr(&bt_sk(sk)->src), batostr(&bt_sk(sk)->dst), | ||
2177 | sk->sk_state, pi->psm, pi->scid, pi->dcid, pi->imtu, | ||
2178 | pi->omtu, pi->link_mode); | ||
2179 | return 0; | ||
2180 | } | ||
2181 | |||
2182 | static struct seq_operations l2cap_seq_ops = { | ||
2183 | .start = l2cap_seq_start, | ||
2184 | .next = l2cap_seq_next, | ||
2185 | .stop = l2cap_seq_stop, | ||
2186 | .show = l2cap_seq_show | ||
2187 | }; | ||
2188 | |||
2189 | static int l2cap_seq_open(struct inode *inode, struct file *file) | ||
2190 | { | ||
2191 | return seq_open(file, &l2cap_seq_ops); | ||
2192 | } | ||
2193 | |||
2194 | static struct file_operations l2cap_seq_fops = { | ||
2195 | .owner = THIS_MODULE, | ||
2196 | .open = l2cap_seq_open, | ||
2197 | .read = seq_read, | ||
2198 | .llseek = seq_lseek, | ||
2199 | .release = seq_release, | ||
2200 | }; | ||
2201 | |||
2202 | static int __init l2cap_proc_init(void) | ||
2203 | { | ||
2204 | struct proc_dir_entry *p = create_proc_entry("l2cap", S_IRUGO, proc_bt); | ||
2205 | if (!p) | ||
2206 | return -ENOMEM; | ||
2207 | p->owner = THIS_MODULE; | ||
2208 | p->proc_fops = &l2cap_seq_fops; | ||
2209 | return 0; | ||
2210 | } | ||
2211 | |||
2212 | static void __exit l2cap_proc_cleanup(void) | ||
2213 | { | ||
2214 | remove_proc_entry("l2cap", proc_bt); | ||
2215 | } | ||
2216 | |||
2217 | #else /* CONFIG_PROC_FS */ | ||
2218 | |||
2219 | static int __init l2cap_proc_init(void) | ||
2220 | { | ||
2221 | return 0; | ||
2222 | } | ||
2223 | |||
2224 | static void __exit l2cap_proc_cleanup(void) | ||
2225 | { | ||
2226 | return; | ||
2227 | } | ||
2228 | #endif /* CONFIG_PROC_FS */ | ||
2229 | |||
2230 | static struct proto_ops l2cap_sock_ops = { | ||
2231 | .family = PF_BLUETOOTH, | ||
2232 | .owner = THIS_MODULE, | ||
2233 | .release = l2cap_sock_release, | ||
2234 | .bind = l2cap_sock_bind, | ||
2235 | .connect = l2cap_sock_connect, | ||
2236 | .listen = l2cap_sock_listen, | ||
2237 | .accept = l2cap_sock_accept, | ||
2238 | .getname = l2cap_sock_getname, | ||
2239 | .sendmsg = l2cap_sock_sendmsg, | ||
2240 | .recvmsg = bt_sock_recvmsg, | ||
2241 | .poll = bt_sock_poll, | ||
2242 | .mmap = sock_no_mmap, | ||
2243 | .socketpair = sock_no_socketpair, | ||
2244 | .ioctl = sock_no_ioctl, | ||
2245 | .shutdown = l2cap_sock_shutdown, | ||
2246 | .setsockopt = l2cap_sock_setsockopt, | ||
2247 | .getsockopt = l2cap_sock_getsockopt | ||
2248 | }; | ||
2249 | |||
2250 | static struct net_proto_family l2cap_sock_family_ops = { | ||
2251 | .family = PF_BLUETOOTH, | ||
2252 | .owner = THIS_MODULE, | ||
2253 | .create = l2cap_sock_create, | ||
2254 | }; | ||
2255 | |||
2256 | static struct hci_proto l2cap_hci_proto = { | ||
2257 | .name = "L2CAP", | ||
2258 | .id = HCI_PROTO_L2CAP, | ||
2259 | .connect_ind = l2cap_connect_ind, | ||
2260 | .connect_cfm = l2cap_connect_cfm, | ||
2261 | .disconn_ind = l2cap_disconn_ind, | ||
2262 | .auth_cfm = l2cap_auth_cfm, | ||
2263 | .encrypt_cfm = l2cap_encrypt_cfm, | ||
2264 | .recv_acldata = l2cap_recv_acldata | ||
2265 | }; | ||
2266 | |||
2267 | static int __init l2cap_init(void) | ||
2268 | { | ||
2269 | int err; | ||
2270 | |||
2271 | err = proto_register(&l2cap_proto, 0); | ||
2272 | if (err < 0) | ||
2273 | return err; | ||
2274 | |||
2275 | err = bt_sock_register(BTPROTO_L2CAP, &l2cap_sock_family_ops); | ||
2276 | if (err < 0) { | ||
2277 | BT_ERR("L2CAP socket registration failed"); | ||
2278 | goto error; | ||
2279 | } | ||
2280 | |||
2281 | err = hci_register_proto(&l2cap_hci_proto); | ||
2282 | if (err < 0) { | ||
2283 | BT_ERR("L2CAP protocol registration failed"); | ||
2284 | bt_sock_unregister(BTPROTO_L2CAP); | ||
2285 | goto error; | ||
2286 | } | ||
2287 | |||
2288 | l2cap_proc_init(); | ||
2289 | |||
2290 | BT_INFO("L2CAP ver %s", VERSION); | ||
2291 | BT_INFO("L2CAP socket layer initialized"); | ||
2292 | |||
2293 | return 0; | ||
2294 | |||
2295 | error: | ||
2296 | proto_unregister(&l2cap_proto); | ||
2297 | return err; | ||
2298 | } | ||
2299 | |||
2300 | static void __exit l2cap_exit(void) | ||
2301 | { | ||
2302 | l2cap_proc_cleanup(); | ||
2303 | |||
2304 | if (bt_sock_unregister(BTPROTO_L2CAP) < 0) | ||
2305 | BT_ERR("L2CAP socket unregistration failed"); | ||
2306 | |||
2307 | if (hci_unregister_proto(&l2cap_hci_proto) < 0) | ||
2308 | BT_ERR("L2CAP protocol unregistration failed"); | ||
2309 | |||
2310 | proto_unregister(&l2cap_proto); | ||
2311 | } | ||
2312 | |||
2313 | void l2cap_load(void) | ||
2314 | { | ||
2315 | /* Dummy function to trigger automatic L2CAP module loading by | ||
2316 | * other modules that use L2CAP sockets but don't use any other | ||
2317 | * symbols from it. */ | ||
2318 | return; | ||
2319 | } | ||
2320 | EXPORT_SYMBOL(l2cap_load); | ||
2321 | |||
2322 | module_init(l2cap_init); | ||
2323 | module_exit(l2cap_exit); | ||
2324 | |||
2325 | MODULE_AUTHOR("Maxim Krasnyansky <maxk@qualcomm.com>, Marcel Holtmann <marcel@holtmann.org>"); | ||
2326 | MODULE_DESCRIPTION("Bluetooth L2CAP ver " VERSION); | ||
2327 | MODULE_VERSION(VERSION); | ||
2328 | MODULE_LICENSE("GPL"); | ||
2329 | MODULE_ALIAS("bt-proto-0"); | ||
diff --git a/net/bluetooth/lib.c b/net/bluetooth/lib.c new file mode 100644 index 00000000000..9efb0a09361 --- /dev/null +++ b/net/bluetooth/lib.c | |||
@@ -0,0 +1,178 @@ | |||
1 | /* | ||
2 | BlueZ - Bluetooth protocol stack for Linux | ||
3 | Copyright (C) 2000-2001 Qualcomm Incorporated | ||
4 | |||
5 | Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com> | ||
6 | |||
7 | This program is free software; you can redistribute it and/or modify | ||
8 | it under the terms of the GNU General Public License version 2 as | ||
9 | published by the Free Software Foundation; | ||
10 | |||
11 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS | ||
12 | OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | ||
13 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. | ||
14 | IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY | ||
15 | CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES | ||
16 | WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | ||
17 | ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | ||
18 | OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | ||
19 | |||
20 | ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, | ||
21 | COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS | ||
22 | SOFTWARE IS DISCLAIMED. | ||
23 | */ | ||
24 | |||
25 | /* Bluetooth kernel library. */ | ||
26 | |||
27 | #include <linux/config.h> | ||
28 | #include <linux/module.h> | ||
29 | |||
30 | #include <linux/kernel.h> | ||
31 | #include <linux/stddef.h> | ||
32 | #include <linux/string.h> | ||
33 | #include <asm/errno.h> | ||
34 | |||
35 | #include <net/bluetooth/bluetooth.h> | ||
36 | |||
37 | void bt_dump(char *pref, __u8 *buf, int count) | ||
38 | { | ||
39 | char *ptr; | ||
40 | char line[100]; | ||
41 | unsigned int i; | ||
42 | |||
43 | printk(KERN_INFO "%s: dump, len %d\n", pref, count); | ||
44 | |||
45 | ptr = line; | ||
46 | *ptr = 0; | ||
47 | for (i = 0; i < count; i++) { | ||
48 | ptr += sprintf(ptr, " %2.2X", buf[i]); | ||
49 | |||
50 | if (i && !((i + 1) % 20)) { | ||
51 | printk(KERN_INFO "%s:%s\n", pref, line); | ||
52 | ptr = line; | ||
53 | *ptr = 0; | ||
54 | } | ||
55 | } | ||
56 | |||
57 | if (line[0]) | ||
58 | printk(KERN_INFO "%s:%s\n", pref, line); | ||
59 | } | ||
60 | EXPORT_SYMBOL(bt_dump); | ||
61 | |||
62 | void baswap(bdaddr_t *dst, bdaddr_t *src) | ||
63 | { | ||
64 | unsigned char *d = (unsigned char *) dst; | ||
65 | unsigned char *s = (unsigned char *) src; | ||
66 | unsigned int i; | ||
67 | |||
68 | for (i = 0; i < 6; i++) | ||
69 | d[i] = s[5 - i]; | ||
70 | } | ||
71 | EXPORT_SYMBOL(baswap); | ||
72 | |||
73 | char *batostr(bdaddr_t *ba) | ||
74 | { | ||
75 | static char str[2][18]; | ||
76 | static int i = 1; | ||
77 | |||
78 | i ^= 1; | ||
79 | sprintf(str[i], "%2.2X:%2.2X:%2.2X:%2.2X:%2.2X:%2.2X", | ||
80 | ba->b[0], ba->b[1], ba->b[2], | ||
81 | ba->b[3], ba->b[4], ba->b[5]); | ||
82 | |||
83 | return str[i]; | ||
84 | } | ||
85 | EXPORT_SYMBOL(batostr); | ||
86 | |||
87 | /* Bluetooth error codes to Unix errno mapping */ | ||
88 | int bt_err(__u16 code) | ||
89 | { | ||
90 | switch (code) { | ||
91 | case 0: | ||
92 | return 0; | ||
93 | |||
94 | case 0x01: | ||
95 | return EBADRQC; | ||
96 | |||
97 | case 0x02: | ||
98 | return ENOTCONN; | ||
99 | |||
100 | case 0x03: | ||
101 | return EIO; | ||
102 | |||
103 | case 0x04: | ||
104 | return EHOSTDOWN; | ||
105 | |||
106 | case 0x05: | ||
107 | return EACCES; | ||
108 | |||
109 | case 0x06: | ||
110 | return EBADE; | ||
111 | |||
112 | case 0x07: | ||
113 | return ENOMEM; | ||
114 | |||
115 | case 0x08: | ||
116 | return ETIMEDOUT; | ||
117 | |||
118 | case 0x09: | ||
119 | return EMLINK; | ||
120 | |||
121 | case 0x0a: | ||
122 | return EMLINK; | ||
123 | |||
124 | case 0x0b: | ||
125 | return EALREADY; | ||
126 | |||
127 | case 0x0c: | ||
128 | return EBUSY; | ||
129 | |||
130 | case 0x0d: | ||
131 | case 0x0e: | ||
132 | case 0x0f: | ||
133 | return ECONNREFUSED; | ||
134 | |||
135 | case 0x10: | ||
136 | return ETIMEDOUT; | ||
137 | |||
138 | case 0x11: | ||
139 | case 0x27: | ||
140 | case 0x29: | ||
141 | case 0x20: | ||
142 | return EOPNOTSUPP; | ||
143 | |||
144 | case 0x12: | ||
145 | return EINVAL; | ||
146 | |||
147 | case 0x13: | ||
148 | case 0x14: | ||
149 | case 0x15: | ||
150 | return ECONNRESET; | ||
151 | |||
152 | case 0x16: | ||
153 | return ECONNABORTED; | ||
154 | |||
155 | case 0x17: | ||
156 | return ELOOP; | ||
157 | |||
158 | case 0x18: | ||
159 | return EACCES; | ||
160 | |||
161 | case 0x1a: | ||
162 | return EPROTONOSUPPORT; | ||
163 | |||
164 | case 0x1b: | ||
165 | return ECONNREFUSED; | ||
166 | |||
167 | case 0x19: | ||
168 | case 0x1e: | ||
169 | case 0x23: | ||
170 | case 0x24: | ||
171 | case 0x25: | ||
172 | return EPROTO; | ||
173 | |||
174 | default: | ||
175 | return ENOSYS; | ||
176 | } | ||
177 | } | ||
178 | EXPORT_SYMBOL(bt_err); | ||
diff --git a/net/bluetooth/rfcomm/Kconfig b/net/bluetooth/rfcomm/Kconfig new file mode 100644 index 00000000000..405a0e61e7d --- /dev/null +++ b/net/bluetooth/rfcomm/Kconfig | |||
@@ -0,0 +1,17 @@ | |||
1 | config BT_RFCOMM | ||
2 | tristate "RFCOMM protocol support" | ||
3 | depends on BT && BT_L2CAP | ||
4 | help | ||
5 | RFCOMM provides connection oriented stream transport. RFCOMM | ||
6 | support is required for Dialup Networking, OBEX and other Bluetooth | ||
7 | applications. | ||
8 | |||
9 | Say Y here to compile RFCOMM support into the kernel or say M to | ||
10 | compile it as module (rfcomm). | ||
11 | |||
12 | config BT_RFCOMM_TTY | ||
13 | bool "RFCOMM TTY support" | ||
14 | depends on BT_RFCOMM | ||
15 | help | ||
16 | This option enables TTY emulation support for RFCOMM channels. | ||
17 | |||
diff --git a/net/bluetooth/rfcomm/Makefile b/net/bluetooth/rfcomm/Makefile new file mode 100644 index 00000000000..aecec45ec68 --- /dev/null +++ b/net/bluetooth/rfcomm/Makefile | |||
@@ -0,0 +1,8 @@ | |||
1 | # | ||
2 | # Makefile for the Linux Bluetooth RFCOMM layer. | ||
3 | # | ||
4 | |||
5 | obj-$(CONFIG_BT_RFCOMM) += rfcomm.o | ||
6 | |||
7 | rfcomm-y := core.o sock.o crc.o | ||
8 | rfcomm-$(CONFIG_BT_RFCOMM_TTY) += tty.o | ||
diff --git a/net/bluetooth/rfcomm/core.c b/net/bluetooth/rfcomm/core.c new file mode 100644 index 00000000000..e9e6fda66f1 --- /dev/null +++ b/net/bluetooth/rfcomm/core.c | |||
@@ -0,0 +1,2127 @@ | |||
1 | /* | ||
2 | RFCOMM implementation for Linux Bluetooth stack (BlueZ). | ||
3 | Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com> | ||
4 | Copyright (C) 2002 Marcel Holtmann <marcel@holtmann.org> | ||
5 | |||
6 | This program is free software; you can redistribute it and/or modify | ||
7 | it under the terms of the GNU General Public License version 2 as | ||
8 | published by the Free Software Foundation; | ||
9 | |||
10 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS | ||
11 | OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | ||
12 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. | ||
13 | IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY | ||
14 | CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES | ||
15 | WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | ||
16 | ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | ||
17 | OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | ||
18 | |||
19 | ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, | ||
20 | COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS | ||
21 | SOFTWARE IS DISCLAIMED. | ||
22 | */ | ||
23 | |||
24 | /* | ||
25 | RPN support - Dirk Husemann <hud@zurich.ibm.com> | ||
26 | */ | ||
27 | |||
28 | /* | ||
29 | * Bluetooth RFCOMM core. | ||
30 | * | ||
31 | * $Id: core.c,v 1.42 2002/10/01 23:26:25 maxk Exp $ | ||
32 | */ | ||
33 | |||
34 | #include <linux/config.h> | ||
35 | #include <linux/module.h> | ||
36 | #include <linux/errno.h> | ||
37 | #include <linux/kernel.h> | ||
38 | #include <linux/sched.h> | ||
39 | #include <linux/signal.h> | ||
40 | #include <linux/init.h> | ||
41 | #include <linux/wait.h> | ||
42 | #include <linux/net.h> | ||
43 | #include <linux/proc_fs.h> | ||
44 | #include <linux/seq_file.h> | ||
45 | #include <net/sock.h> | ||
46 | #include <asm/uaccess.h> | ||
47 | #include <asm/unaligned.h> | ||
48 | |||
49 | #include <net/bluetooth/bluetooth.h> | ||
50 | #include <net/bluetooth/hci_core.h> | ||
51 | #include <net/bluetooth/l2cap.h> | ||
52 | #include <net/bluetooth/rfcomm.h> | ||
53 | |||
54 | #define VERSION "1.5" | ||
55 | |||
56 | #ifndef CONFIG_BT_RFCOMM_DEBUG | ||
57 | #undef BT_DBG | ||
58 | #define BT_DBG(D...) | ||
59 | #endif | ||
60 | |||
61 | #ifdef CONFIG_PROC_FS | ||
62 | struct proc_dir_entry *proc_bt_rfcomm; | ||
63 | #endif | ||
64 | |||
65 | static struct task_struct *rfcomm_thread; | ||
66 | |||
67 | static DECLARE_MUTEX(rfcomm_sem); | ||
68 | #define rfcomm_lock() down(&rfcomm_sem); | ||
69 | #define rfcomm_unlock() up(&rfcomm_sem); | ||
70 | |||
71 | static unsigned long rfcomm_event; | ||
72 | |||
73 | static LIST_HEAD(session_list); | ||
74 | static atomic_t terminate, running; | ||
75 | |||
76 | static int rfcomm_send_frame(struct rfcomm_session *s, u8 *data, int len); | ||
77 | static int rfcomm_send_sabm(struct rfcomm_session *s, u8 dlci); | ||
78 | static int rfcomm_send_disc(struct rfcomm_session *s, u8 dlci); | ||
79 | static int rfcomm_queue_disc(struct rfcomm_dlc *d); | ||
80 | static int rfcomm_send_nsc(struct rfcomm_session *s, int cr, u8 type); | ||
81 | static int rfcomm_send_pn(struct rfcomm_session *s, int cr, struct rfcomm_dlc *d); | ||
82 | static int rfcomm_send_msc(struct rfcomm_session *s, int cr, u8 dlci, u8 v24_sig); | ||
83 | static int rfcomm_send_test(struct rfcomm_session *s, int cr, u8 *pattern, int len); | ||
84 | static int rfcomm_send_credits(struct rfcomm_session *s, u8 addr, u8 credits); | ||
85 | static void rfcomm_make_uih(struct sk_buff *skb, u8 addr); | ||
86 | |||
87 | static void rfcomm_process_connect(struct rfcomm_session *s); | ||
88 | |||
89 | static struct rfcomm_session *rfcomm_session_create(bdaddr_t *src, bdaddr_t *dst, int *err); | ||
90 | static struct rfcomm_session *rfcomm_session_get(bdaddr_t *src, bdaddr_t *dst); | ||
91 | static void rfcomm_session_del(struct rfcomm_session *s); | ||
92 | |||
93 | /* ---- RFCOMM frame parsing macros ---- */ | ||
94 | #define __get_dlci(b) ((b & 0xfc) >> 2) | ||
95 | #define __get_channel(b) ((b & 0xf8) >> 3) | ||
96 | #define __get_dir(b) ((b & 0x04) >> 2) | ||
97 | #define __get_type(b) ((b & 0xef)) | ||
98 | |||
99 | #define __test_ea(b) ((b & 0x01)) | ||
100 | #define __test_cr(b) ((b & 0x02)) | ||
101 | #define __test_pf(b) ((b & 0x10)) | ||
102 | |||
103 | #define __addr(cr, dlci) (((dlci & 0x3f) << 2) | (cr << 1) | 0x01) | ||
104 | #define __ctrl(type, pf) (((type & 0xef) | (pf << 4))) | ||
105 | #define __dlci(dir, chn) (((chn & 0x1f) << 1) | dir) | ||
106 | #define __srv_channel(dlci) (dlci >> 1) | ||
107 | #define __dir(dlci) (dlci & 0x01) | ||
108 | |||
109 | #define __len8(len) (((len) << 1) | 1) | ||
110 | #define __len16(len) ((len) << 1) | ||
111 | |||
112 | /* MCC macros */ | ||
113 | #define __mcc_type(cr, type) (((type << 2) | (cr << 1) | 0x01)) | ||
114 | #define __get_mcc_type(b) ((b & 0xfc) >> 2) | ||
115 | #define __get_mcc_len(b) ((b & 0xfe) >> 1) | ||
116 | |||
117 | /* RPN macros */ | ||
118 | #define __rpn_line_settings(data, stop, parity) ((data & 0x3) | ((stop & 0x1) << 2) | ((parity & 0x3) << 3)) | ||
119 | #define __get_rpn_data_bits(line) ((line) & 0x3) | ||
120 | #define __get_rpn_stop_bits(line) (((line) >> 2) & 0x1) | ||
121 | #define __get_rpn_parity(line) (((line) >> 3) & 0x3) | ||
122 | |||
123 | static inline void rfcomm_schedule(uint event) | ||
124 | { | ||
125 | if (!rfcomm_thread) | ||
126 | return; | ||
127 | //set_bit(event, &rfcomm_event); | ||
128 | set_bit(RFCOMM_SCHED_WAKEUP, &rfcomm_event); | ||
129 | wake_up_process(rfcomm_thread); | ||
130 | } | ||
131 | |||
132 | static inline void rfcomm_session_put(struct rfcomm_session *s) | ||
133 | { | ||
134 | if (atomic_dec_and_test(&s->refcnt)) | ||
135 | rfcomm_session_del(s); | ||
136 | } | ||
137 | |||
138 | /* ---- RFCOMM FCS computation ---- */ | ||
139 | |||
140 | /* CRC on 2 bytes */ | ||
141 | #define __crc(data) (rfcomm_crc_table[rfcomm_crc_table[0xff ^ data[0]] ^ data[1]]) | ||
142 | |||
143 | /* FCS on 2 bytes */ | ||
144 | static inline u8 __fcs(u8 *data) | ||
145 | { | ||
146 | return (0xff - __crc(data)); | ||
147 | } | ||
148 | |||
149 | /* FCS on 3 bytes */ | ||
150 | static inline u8 __fcs2(u8 *data) | ||
151 | { | ||
152 | return (0xff - rfcomm_crc_table[__crc(data) ^ data[2]]); | ||
153 | } | ||
154 | |||
155 | /* Check FCS */ | ||
156 | static inline int __check_fcs(u8 *data, int type, u8 fcs) | ||
157 | { | ||
158 | u8 f = __crc(data); | ||
159 | |||
160 | if (type != RFCOMM_UIH) | ||
161 | f = rfcomm_crc_table[f ^ data[2]]; | ||
162 | |||
163 | return rfcomm_crc_table[f ^ fcs] != 0xcf; | ||
164 | } | ||
165 | |||
166 | /* ---- L2CAP callbacks ---- */ | ||
167 | static void rfcomm_l2state_change(struct sock *sk) | ||
168 | { | ||
169 | BT_DBG("%p state %d", sk, sk->sk_state); | ||
170 | rfcomm_schedule(RFCOMM_SCHED_STATE); | ||
171 | } | ||
172 | |||
173 | static void rfcomm_l2data_ready(struct sock *sk, int bytes) | ||
174 | { | ||
175 | BT_DBG("%p bytes %d", sk, bytes); | ||
176 | rfcomm_schedule(RFCOMM_SCHED_RX); | ||
177 | } | ||
178 | |||
179 | static int rfcomm_l2sock_create(struct socket **sock) | ||
180 | { | ||
181 | int err; | ||
182 | |||
183 | BT_DBG(""); | ||
184 | |||
185 | err = sock_create_kern(PF_BLUETOOTH, SOCK_SEQPACKET, BTPROTO_L2CAP, sock); | ||
186 | if (!err) { | ||
187 | struct sock *sk = (*sock)->sk; | ||
188 | sk->sk_data_ready = rfcomm_l2data_ready; | ||
189 | sk->sk_state_change = rfcomm_l2state_change; | ||
190 | } | ||
191 | return err; | ||
192 | } | ||
193 | |||
194 | /* ---- RFCOMM DLCs ---- */ | ||
195 | static void rfcomm_dlc_timeout(unsigned long arg) | ||
196 | { | ||
197 | struct rfcomm_dlc *d = (void *) arg; | ||
198 | |||
199 | BT_DBG("dlc %p state %ld", d, d->state); | ||
200 | |||
201 | set_bit(RFCOMM_TIMED_OUT, &d->flags); | ||
202 | rfcomm_dlc_put(d); | ||
203 | rfcomm_schedule(RFCOMM_SCHED_TIMEO); | ||
204 | } | ||
205 | |||
206 | static void rfcomm_dlc_set_timer(struct rfcomm_dlc *d, long timeout) | ||
207 | { | ||
208 | BT_DBG("dlc %p state %ld timeout %ld", d, d->state, timeout); | ||
209 | |||
210 | if (!mod_timer(&d->timer, jiffies + timeout)) | ||
211 | rfcomm_dlc_hold(d); | ||
212 | } | ||
213 | |||
214 | static void rfcomm_dlc_clear_timer(struct rfcomm_dlc *d) | ||
215 | { | ||
216 | BT_DBG("dlc %p state %ld", d, d->state); | ||
217 | |||
218 | if (timer_pending(&d->timer) && del_timer(&d->timer)) | ||
219 | rfcomm_dlc_put(d); | ||
220 | } | ||
221 | |||
222 | static void rfcomm_dlc_clear_state(struct rfcomm_dlc *d) | ||
223 | { | ||
224 | BT_DBG("%p", d); | ||
225 | |||
226 | d->state = BT_OPEN; | ||
227 | d->flags = 0; | ||
228 | d->mscex = 0; | ||
229 | d->mtu = RFCOMM_DEFAULT_MTU; | ||
230 | d->v24_sig = RFCOMM_V24_RTC | RFCOMM_V24_RTR | RFCOMM_V24_DV; | ||
231 | |||
232 | d->cfc = RFCOMM_CFC_DISABLED; | ||
233 | d->rx_credits = RFCOMM_DEFAULT_CREDITS; | ||
234 | } | ||
235 | |||
236 | struct rfcomm_dlc *rfcomm_dlc_alloc(int prio) | ||
237 | { | ||
238 | struct rfcomm_dlc *d = kmalloc(sizeof(*d), prio); | ||
239 | if (!d) | ||
240 | return NULL; | ||
241 | memset(d, 0, sizeof(*d)); | ||
242 | |||
243 | init_timer(&d->timer); | ||
244 | d->timer.function = rfcomm_dlc_timeout; | ||
245 | d->timer.data = (unsigned long) d; | ||
246 | |||
247 | skb_queue_head_init(&d->tx_queue); | ||
248 | spin_lock_init(&d->lock); | ||
249 | atomic_set(&d->refcnt, 1); | ||
250 | |||
251 | rfcomm_dlc_clear_state(d); | ||
252 | |||
253 | BT_DBG("%p", d); | ||
254 | return d; | ||
255 | } | ||
256 | |||
257 | void rfcomm_dlc_free(struct rfcomm_dlc *d) | ||
258 | { | ||
259 | BT_DBG("%p", d); | ||
260 | |||
261 | skb_queue_purge(&d->tx_queue); | ||
262 | kfree(d); | ||
263 | } | ||
264 | |||
265 | static void rfcomm_dlc_link(struct rfcomm_session *s, struct rfcomm_dlc *d) | ||
266 | { | ||
267 | BT_DBG("dlc %p session %p", d, s); | ||
268 | |||
269 | rfcomm_session_hold(s); | ||
270 | |||
271 | rfcomm_dlc_hold(d); | ||
272 | list_add(&d->list, &s->dlcs); | ||
273 | d->session = s; | ||
274 | } | ||
275 | |||
276 | static void rfcomm_dlc_unlink(struct rfcomm_dlc *d) | ||
277 | { | ||
278 | struct rfcomm_session *s = d->session; | ||
279 | |||
280 | BT_DBG("dlc %p refcnt %d session %p", d, atomic_read(&d->refcnt), s); | ||
281 | |||
282 | list_del(&d->list); | ||
283 | d->session = NULL; | ||
284 | rfcomm_dlc_put(d); | ||
285 | |||
286 | rfcomm_session_put(s); | ||
287 | } | ||
288 | |||
289 | static struct rfcomm_dlc *rfcomm_dlc_get(struct rfcomm_session *s, u8 dlci) | ||
290 | { | ||
291 | struct rfcomm_dlc *d; | ||
292 | struct list_head *p; | ||
293 | |||
294 | list_for_each(p, &s->dlcs) { | ||
295 | d = list_entry(p, struct rfcomm_dlc, list); | ||
296 | if (d->dlci == dlci) | ||
297 | return d; | ||
298 | } | ||
299 | return NULL; | ||
300 | } | ||
301 | |||
302 | static int __rfcomm_dlc_open(struct rfcomm_dlc *d, bdaddr_t *src, bdaddr_t *dst, u8 channel) | ||
303 | { | ||
304 | struct rfcomm_session *s; | ||
305 | int err = 0; | ||
306 | u8 dlci; | ||
307 | |||
308 | BT_DBG("dlc %p state %ld %s %s channel %d", | ||
309 | d, d->state, batostr(src), batostr(dst), channel); | ||
310 | |||
311 | if (channel < 1 || channel > 30) | ||
312 | return -EINVAL; | ||
313 | |||
314 | if (d->state != BT_OPEN && d->state != BT_CLOSED) | ||
315 | return 0; | ||
316 | |||
317 | s = rfcomm_session_get(src, dst); | ||
318 | if (!s) { | ||
319 | s = rfcomm_session_create(src, dst, &err); | ||
320 | if (!s) | ||
321 | return err; | ||
322 | } | ||
323 | |||
324 | dlci = __dlci(!s->initiator, channel); | ||
325 | |||
326 | /* Check if DLCI already exists */ | ||
327 | if (rfcomm_dlc_get(s, dlci)) | ||
328 | return -EBUSY; | ||
329 | |||
330 | rfcomm_dlc_clear_state(d); | ||
331 | |||
332 | d->dlci = dlci; | ||
333 | d->addr = __addr(s->initiator, dlci); | ||
334 | d->priority = 7; | ||
335 | |||
336 | d->state = BT_CONFIG; | ||
337 | rfcomm_dlc_link(s, d); | ||
338 | |||
339 | d->mtu = s->mtu; | ||
340 | d->cfc = (s->cfc == RFCOMM_CFC_UNKNOWN) ? 0 : s->cfc; | ||
341 | |||
342 | if (s->state == BT_CONNECTED) | ||
343 | rfcomm_send_pn(s, 1, d); | ||
344 | rfcomm_dlc_set_timer(d, RFCOMM_CONN_TIMEOUT); | ||
345 | return 0; | ||
346 | } | ||
347 | |||
348 | int rfcomm_dlc_open(struct rfcomm_dlc *d, bdaddr_t *src, bdaddr_t *dst, u8 channel) | ||
349 | { | ||
350 | int r; | ||
351 | |||
352 | rfcomm_lock(); | ||
353 | |||
354 | r = __rfcomm_dlc_open(d, src, dst, channel); | ||
355 | |||
356 | rfcomm_unlock(); | ||
357 | return r; | ||
358 | } | ||
359 | |||
360 | static int __rfcomm_dlc_close(struct rfcomm_dlc *d, int err) | ||
361 | { | ||
362 | struct rfcomm_session *s = d->session; | ||
363 | if (!s) | ||
364 | return 0; | ||
365 | |||
366 | BT_DBG("dlc %p state %ld dlci %d err %d session %p", | ||
367 | d, d->state, d->dlci, err, s); | ||
368 | |||
369 | switch (d->state) { | ||
370 | case BT_CONNECTED: | ||
371 | case BT_CONFIG: | ||
372 | case BT_CONNECT: | ||
373 | d->state = BT_DISCONN; | ||
374 | if (skb_queue_empty(&d->tx_queue)) { | ||
375 | rfcomm_send_disc(s, d->dlci); | ||
376 | rfcomm_dlc_set_timer(d, RFCOMM_DISC_TIMEOUT); | ||
377 | } else { | ||
378 | rfcomm_queue_disc(d); | ||
379 | rfcomm_dlc_set_timer(d, RFCOMM_DISC_TIMEOUT * 2); | ||
380 | } | ||
381 | break; | ||
382 | |||
383 | default: | ||
384 | rfcomm_dlc_clear_timer(d); | ||
385 | |||
386 | rfcomm_dlc_lock(d); | ||
387 | d->state = BT_CLOSED; | ||
388 | d->state_change(d, err); | ||
389 | rfcomm_dlc_unlock(d); | ||
390 | |||
391 | skb_queue_purge(&d->tx_queue); | ||
392 | rfcomm_session_put(s); | ||
393 | |||
394 | rfcomm_dlc_unlink(d); | ||
395 | } | ||
396 | |||
397 | return 0; | ||
398 | } | ||
399 | |||
400 | int rfcomm_dlc_close(struct rfcomm_dlc *d, int err) | ||
401 | { | ||
402 | int r; | ||
403 | |||
404 | rfcomm_lock(); | ||
405 | |||
406 | r = __rfcomm_dlc_close(d, err); | ||
407 | |||
408 | rfcomm_unlock(); | ||
409 | return r; | ||
410 | } | ||
411 | |||
412 | int rfcomm_dlc_send(struct rfcomm_dlc *d, struct sk_buff *skb) | ||
413 | { | ||
414 | int len = skb->len; | ||
415 | |||
416 | if (d->state != BT_CONNECTED) | ||
417 | return -ENOTCONN; | ||
418 | |||
419 | BT_DBG("dlc %p mtu %d len %d", d, d->mtu, len); | ||
420 | |||
421 | if (len > d->mtu) | ||
422 | return -EINVAL; | ||
423 | |||
424 | rfcomm_make_uih(skb, d->addr); | ||
425 | skb_queue_tail(&d->tx_queue, skb); | ||
426 | |||
427 | if (!test_bit(RFCOMM_TX_THROTTLED, &d->flags)) | ||
428 | rfcomm_schedule(RFCOMM_SCHED_TX); | ||
429 | return len; | ||
430 | } | ||
431 | |||
432 | void fastcall __rfcomm_dlc_throttle(struct rfcomm_dlc *d) | ||
433 | { | ||
434 | BT_DBG("dlc %p state %ld", d, d->state); | ||
435 | |||
436 | if (!d->cfc) { | ||
437 | d->v24_sig |= RFCOMM_V24_FC; | ||
438 | set_bit(RFCOMM_MSC_PENDING, &d->flags); | ||
439 | } | ||
440 | rfcomm_schedule(RFCOMM_SCHED_TX); | ||
441 | } | ||
442 | |||
443 | void fastcall __rfcomm_dlc_unthrottle(struct rfcomm_dlc *d) | ||
444 | { | ||
445 | BT_DBG("dlc %p state %ld", d, d->state); | ||
446 | |||
447 | if (!d->cfc) { | ||
448 | d->v24_sig &= ~RFCOMM_V24_FC; | ||
449 | set_bit(RFCOMM_MSC_PENDING, &d->flags); | ||
450 | } | ||
451 | rfcomm_schedule(RFCOMM_SCHED_TX); | ||
452 | } | ||
453 | |||
454 | /* | ||
455 | Set/get modem status functions use _local_ status i.e. what we report | ||
456 | to the other side. | ||
457 | Remote status is provided by dlc->modem_status() callback. | ||
458 | */ | ||
459 | int rfcomm_dlc_set_modem_status(struct rfcomm_dlc *d, u8 v24_sig) | ||
460 | { | ||
461 | BT_DBG("dlc %p state %ld v24_sig 0x%x", | ||
462 | d, d->state, v24_sig); | ||
463 | |||
464 | if (test_bit(RFCOMM_RX_THROTTLED, &d->flags)) | ||
465 | v24_sig |= RFCOMM_V24_FC; | ||
466 | else | ||
467 | v24_sig &= ~RFCOMM_V24_FC; | ||
468 | |||
469 | d->v24_sig = v24_sig; | ||
470 | |||
471 | if (!test_and_set_bit(RFCOMM_MSC_PENDING, &d->flags)) | ||
472 | rfcomm_schedule(RFCOMM_SCHED_TX); | ||
473 | |||
474 | return 0; | ||
475 | } | ||
476 | |||
477 | int rfcomm_dlc_get_modem_status(struct rfcomm_dlc *d, u8 *v24_sig) | ||
478 | { | ||
479 | BT_DBG("dlc %p state %ld v24_sig 0x%x", | ||
480 | d, d->state, d->v24_sig); | ||
481 | |||
482 | *v24_sig = d->v24_sig; | ||
483 | return 0; | ||
484 | } | ||
485 | |||
486 | /* ---- RFCOMM sessions ---- */ | ||
487 | static struct rfcomm_session *rfcomm_session_add(struct socket *sock, int state) | ||
488 | { | ||
489 | struct rfcomm_session *s = kmalloc(sizeof(*s), GFP_KERNEL); | ||
490 | if (!s) | ||
491 | return NULL; | ||
492 | memset(s, 0, sizeof(*s)); | ||
493 | |||
494 | BT_DBG("session %p sock %p", s, sock); | ||
495 | |||
496 | INIT_LIST_HEAD(&s->dlcs); | ||
497 | s->state = state; | ||
498 | s->sock = sock; | ||
499 | |||
500 | s->mtu = RFCOMM_DEFAULT_MTU; | ||
501 | s->cfc = RFCOMM_CFC_UNKNOWN; | ||
502 | |||
503 | /* Do not increment module usage count for listening sessions. | ||
504 | * Otherwise we won't be able to unload the module. */ | ||
505 | if (state != BT_LISTEN) | ||
506 | if (!try_module_get(THIS_MODULE)) { | ||
507 | kfree(s); | ||
508 | return NULL; | ||
509 | } | ||
510 | |||
511 | list_add(&s->list, &session_list); | ||
512 | |||
513 | return s; | ||
514 | } | ||
515 | |||
516 | static void rfcomm_session_del(struct rfcomm_session *s) | ||
517 | { | ||
518 | int state = s->state; | ||
519 | |||
520 | BT_DBG("session %p state %ld", s, s->state); | ||
521 | |||
522 | list_del(&s->list); | ||
523 | |||
524 | if (state == BT_CONNECTED) | ||
525 | rfcomm_send_disc(s, 0); | ||
526 | |||
527 | sock_release(s->sock); | ||
528 | kfree(s); | ||
529 | |||
530 | if (state != BT_LISTEN) | ||
531 | module_put(THIS_MODULE); | ||
532 | } | ||
533 | |||
534 | static struct rfcomm_session *rfcomm_session_get(bdaddr_t *src, bdaddr_t *dst) | ||
535 | { | ||
536 | struct rfcomm_session *s; | ||
537 | struct list_head *p, *n; | ||
538 | struct bt_sock *sk; | ||
539 | list_for_each_safe(p, n, &session_list) { | ||
540 | s = list_entry(p, struct rfcomm_session, list); | ||
541 | sk = bt_sk(s->sock->sk); | ||
542 | |||
543 | if ((!bacmp(src, BDADDR_ANY) || !bacmp(&sk->src, src)) && | ||
544 | !bacmp(&sk->dst, dst)) | ||
545 | return s; | ||
546 | } | ||
547 | return NULL; | ||
548 | } | ||
549 | |||
550 | static void rfcomm_session_close(struct rfcomm_session *s, int err) | ||
551 | { | ||
552 | struct rfcomm_dlc *d; | ||
553 | struct list_head *p, *n; | ||
554 | |||
555 | BT_DBG("session %p state %ld err %d", s, s->state, err); | ||
556 | |||
557 | rfcomm_session_hold(s); | ||
558 | |||
559 | s->state = BT_CLOSED; | ||
560 | |||
561 | /* Close all dlcs */ | ||
562 | list_for_each_safe(p, n, &s->dlcs) { | ||
563 | d = list_entry(p, struct rfcomm_dlc, list); | ||
564 | d->state = BT_CLOSED; | ||
565 | __rfcomm_dlc_close(d, err); | ||
566 | } | ||
567 | |||
568 | rfcomm_session_put(s); | ||
569 | } | ||
570 | |||
571 | static struct rfcomm_session *rfcomm_session_create(bdaddr_t *src, bdaddr_t *dst, int *err) | ||
572 | { | ||
573 | struct rfcomm_session *s = NULL; | ||
574 | struct sockaddr_l2 addr; | ||
575 | struct socket *sock; | ||
576 | struct sock *sk; | ||
577 | |||
578 | BT_DBG("%s %s", batostr(src), batostr(dst)); | ||
579 | |||
580 | *err = rfcomm_l2sock_create(&sock); | ||
581 | if (*err < 0) | ||
582 | return NULL; | ||
583 | |||
584 | bacpy(&addr.l2_bdaddr, src); | ||
585 | addr.l2_family = AF_BLUETOOTH; | ||
586 | addr.l2_psm = 0; | ||
587 | *err = sock->ops->bind(sock, (struct sockaddr *) &addr, sizeof(addr)); | ||
588 | if (*err < 0) | ||
589 | goto failed; | ||
590 | |||
591 | /* Set L2CAP options */ | ||
592 | sk = sock->sk; | ||
593 | lock_sock(sk); | ||
594 | l2cap_pi(sk)->imtu = RFCOMM_MAX_L2CAP_MTU; | ||
595 | release_sock(sk); | ||
596 | |||
597 | s = rfcomm_session_add(sock, BT_BOUND); | ||
598 | if (!s) { | ||
599 | *err = -ENOMEM; | ||
600 | goto failed; | ||
601 | } | ||
602 | |||
603 | rfcomm_session_hold(s); | ||
604 | |||
605 | s->initiator = 1; | ||
606 | |||
607 | bacpy(&addr.l2_bdaddr, dst); | ||
608 | addr.l2_family = AF_BLUETOOTH; | ||
609 | addr.l2_psm = htobs(RFCOMM_PSM); | ||
610 | *err = sock->ops->connect(sock, (struct sockaddr *) &addr, sizeof(addr), O_NONBLOCK); | ||
611 | if (*err == 0 || *err == -EAGAIN) | ||
612 | return s; | ||
613 | |||
614 | rfcomm_session_del(s); | ||
615 | return NULL; | ||
616 | |||
617 | failed: | ||
618 | sock_release(sock); | ||
619 | return NULL; | ||
620 | } | ||
621 | |||
622 | void rfcomm_session_getaddr(struct rfcomm_session *s, bdaddr_t *src, bdaddr_t *dst) | ||
623 | { | ||
624 | struct sock *sk = s->sock->sk; | ||
625 | if (src) | ||
626 | bacpy(src, &bt_sk(sk)->src); | ||
627 | if (dst) | ||
628 | bacpy(dst, &bt_sk(sk)->dst); | ||
629 | } | ||
630 | |||
631 | /* ---- RFCOMM frame sending ---- */ | ||
632 | static int rfcomm_send_frame(struct rfcomm_session *s, u8 *data, int len) | ||
633 | { | ||
634 | struct socket *sock = s->sock; | ||
635 | struct kvec iv = { data, len }; | ||
636 | struct msghdr msg; | ||
637 | |||
638 | BT_DBG("session %p len %d", s, len); | ||
639 | |||
640 | memset(&msg, 0, sizeof(msg)); | ||
641 | |||
642 | return kernel_sendmsg(sock, &msg, &iv, 1, len); | ||
643 | } | ||
644 | |||
645 | static int rfcomm_send_sabm(struct rfcomm_session *s, u8 dlci) | ||
646 | { | ||
647 | struct rfcomm_cmd cmd; | ||
648 | |||
649 | BT_DBG("%p dlci %d", s, dlci); | ||
650 | |||
651 | cmd.addr = __addr(s->initiator, dlci); | ||
652 | cmd.ctrl = __ctrl(RFCOMM_SABM, 1); | ||
653 | cmd.len = __len8(0); | ||
654 | cmd.fcs = __fcs2((u8 *) &cmd); | ||
655 | |||
656 | return rfcomm_send_frame(s, (void *) &cmd, sizeof(cmd)); | ||
657 | } | ||
658 | |||
659 | static int rfcomm_send_ua(struct rfcomm_session *s, u8 dlci) | ||
660 | { | ||
661 | struct rfcomm_cmd cmd; | ||
662 | |||
663 | BT_DBG("%p dlci %d", s, dlci); | ||
664 | |||
665 | cmd.addr = __addr(!s->initiator, dlci); | ||
666 | cmd.ctrl = __ctrl(RFCOMM_UA, 1); | ||
667 | cmd.len = __len8(0); | ||
668 | cmd.fcs = __fcs2((u8 *) &cmd); | ||
669 | |||
670 | return rfcomm_send_frame(s, (void *) &cmd, sizeof(cmd)); | ||
671 | } | ||
672 | |||
673 | static int rfcomm_send_disc(struct rfcomm_session *s, u8 dlci) | ||
674 | { | ||
675 | struct rfcomm_cmd cmd; | ||
676 | |||
677 | BT_DBG("%p dlci %d", s, dlci); | ||
678 | |||
679 | cmd.addr = __addr(s->initiator, dlci); | ||
680 | cmd.ctrl = __ctrl(RFCOMM_DISC, 1); | ||
681 | cmd.len = __len8(0); | ||
682 | cmd.fcs = __fcs2((u8 *) &cmd); | ||
683 | |||
684 | return rfcomm_send_frame(s, (void *) &cmd, sizeof(cmd)); | ||
685 | } | ||
686 | |||
687 | static int rfcomm_queue_disc(struct rfcomm_dlc *d) | ||
688 | { | ||
689 | struct rfcomm_cmd *cmd; | ||
690 | struct sk_buff *skb; | ||
691 | |||
692 | BT_DBG("dlc %p dlci %d", d, d->dlci); | ||
693 | |||
694 | skb = alloc_skb(sizeof(*cmd), GFP_KERNEL); | ||
695 | if (!skb) | ||
696 | return -ENOMEM; | ||
697 | |||
698 | cmd = (void *) __skb_put(skb, sizeof(*cmd)); | ||
699 | cmd->addr = d->addr; | ||
700 | cmd->ctrl = __ctrl(RFCOMM_DISC, 1); | ||
701 | cmd->len = __len8(0); | ||
702 | cmd->fcs = __fcs2((u8 *) cmd); | ||
703 | |||
704 | skb_queue_tail(&d->tx_queue, skb); | ||
705 | rfcomm_schedule(RFCOMM_SCHED_TX); | ||
706 | return 0; | ||
707 | } | ||
708 | |||
709 | static int rfcomm_send_dm(struct rfcomm_session *s, u8 dlci) | ||
710 | { | ||
711 | struct rfcomm_cmd cmd; | ||
712 | |||
713 | BT_DBG("%p dlci %d", s, dlci); | ||
714 | |||
715 | cmd.addr = __addr(!s->initiator, dlci); | ||
716 | cmd.ctrl = __ctrl(RFCOMM_DM, 1); | ||
717 | cmd.len = __len8(0); | ||
718 | cmd.fcs = __fcs2((u8 *) &cmd); | ||
719 | |||
720 | return rfcomm_send_frame(s, (void *) &cmd, sizeof(cmd)); | ||
721 | } | ||
722 | |||
723 | static int rfcomm_send_nsc(struct rfcomm_session *s, int cr, u8 type) | ||
724 | { | ||
725 | struct rfcomm_hdr *hdr; | ||
726 | struct rfcomm_mcc *mcc; | ||
727 | u8 buf[16], *ptr = buf; | ||
728 | |||
729 | BT_DBG("%p cr %d type %d", s, cr, type); | ||
730 | |||
731 | hdr = (void *) ptr; ptr += sizeof(*hdr); | ||
732 | hdr->addr = __addr(s->initiator, 0); | ||
733 | hdr->ctrl = __ctrl(RFCOMM_UIH, 0); | ||
734 | hdr->len = __len8(sizeof(*mcc) + 1); | ||
735 | |||
736 | mcc = (void *) ptr; ptr += sizeof(*mcc); | ||
737 | mcc->type = __mcc_type(cr, RFCOMM_NSC); | ||
738 | mcc->len = __len8(1); | ||
739 | |||
740 | /* Type that we didn't like */ | ||
741 | *ptr = __mcc_type(cr, type); ptr++; | ||
742 | |||
743 | *ptr = __fcs(buf); ptr++; | ||
744 | |||
745 | return rfcomm_send_frame(s, buf, ptr - buf); | ||
746 | } | ||
747 | |||
748 | static int rfcomm_send_pn(struct rfcomm_session *s, int cr, struct rfcomm_dlc *d) | ||
749 | { | ||
750 | struct rfcomm_hdr *hdr; | ||
751 | struct rfcomm_mcc *mcc; | ||
752 | struct rfcomm_pn *pn; | ||
753 | u8 buf[16], *ptr = buf; | ||
754 | |||
755 | BT_DBG("%p cr %d dlci %d mtu %d", s, cr, d->dlci, d->mtu); | ||
756 | |||
757 | hdr = (void *) ptr; ptr += sizeof(*hdr); | ||
758 | hdr->addr = __addr(s->initiator, 0); | ||
759 | hdr->ctrl = __ctrl(RFCOMM_UIH, 0); | ||
760 | hdr->len = __len8(sizeof(*mcc) + sizeof(*pn)); | ||
761 | |||
762 | mcc = (void *) ptr; ptr += sizeof(*mcc); | ||
763 | mcc->type = __mcc_type(cr, RFCOMM_PN); | ||
764 | mcc->len = __len8(sizeof(*pn)); | ||
765 | |||
766 | pn = (void *) ptr; ptr += sizeof(*pn); | ||
767 | pn->dlci = d->dlci; | ||
768 | pn->priority = d->priority; | ||
769 | pn->ack_timer = 0; | ||
770 | pn->max_retrans = 0; | ||
771 | |||
772 | if (s->cfc) { | ||
773 | pn->flow_ctrl = cr ? 0xf0 : 0xe0; | ||
774 | pn->credits = RFCOMM_DEFAULT_CREDITS; | ||
775 | } else { | ||
776 | pn->flow_ctrl = 0; | ||
777 | pn->credits = 0; | ||
778 | } | ||
779 | |||
780 | pn->mtu = htobs(d->mtu); | ||
781 | |||
782 | *ptr = __fcs(buf); ptr++; | ||
783 | |||
784 | return rfcomm_send_frame(s, buf, ptr - buf); | ||
785 | } | ||
786 | |||
787 | static int rfcomm_send_rpn(struct rfcomm_session *s, int cr, u8 dlci, | ||
788 | u8 bit_rate, u8 data_bits, u8 stop_bits, | ||
789 | u8 parity, u8 flow_ctrl_settings, | ||
790 | u8 xon_char, u8 xoff_char, u16 param_mask) | ||
791 | { | ||
792 | struct rfcomm_hdr *hdr; | ||
793 | struct rfcomm_mcc *mcc; | ||
794 | struct rfcomm_rpn *rpn; | ||
795 | u8 buf[16], *ptr = buf; | ||
796 | |||
797 | BT_DBG("%p cr %d dlci %d bit_r 0x%x data_b 0x%x stop_b 0x%x parity 0x%x" | ||
798 | "flwc_s 0x%x xon_c 0x%x xoff_c 0x%x p_mask 0x%x", | ||
799 | s, cr, dlci, bit_rate, data_bits, stop_bits, parity, | ||
800 | flow_ctrl_settings, xon_char, xoff_char, param_mask); | ||
801 | |||
802 | hdr = (void *) ptr; ptr += sizeof(*hdr); | ||
803 | hdr->addr = __addr(s->initiator, 0); | ||
804 | hdr->ctrl = __ctrl(RFCOMM_UIH, 0); | ||
805 | hdr->len = __len8(sizeof(*mcc) + sizeof(*rpn)); | ||
806 | |||
807 | mcc = (void *) ptr; ptr += sizeof(*mcc); | ||
808 | mcc->type = __mcc_type(cr, RFCOMM_RPN); | ||
809 | mcc->len = __len8(sizeof(*rpn)); | ||
810 | |||
811 | rpn = (void *) ptr; ptr += sizeof(*rpn); | ||
812 | rpn->dlci = __addr(1, dlci); | ||
813 | rpn->bit_rate = bit_rate; | ||
814 | rpn->line_settings = __rpn_line_settings(data_bits, stop_bits, parity); | ||
815 | rpn->flow_ctrl = flow_ctrl_settings; | ||
816 | rpn->xon_char = xon_char; | ||
817 | rpn->xoff_char = xoff_char; | ||
818 | rpn->param_mask = param_mask; | ||
819 | |||
820 | *ptr = __fcs(buf); ptr++; | ||
821 | |||
822 | return rfcomm_send_frame(s, buf, ptr - buf); | ||
823 | } | ||
824 | |||
825 | static int rfcomm_send_rls(struct rfcomm_session *s, int cr, u8 dlci, u8 status) | ||
826 | { | ||
827 | struct rfcomm_hdr *hdr; | ||
828 | struct rfcomm_mcc *mcc; | ||
829 | struct rfcomm_rls *rls; | ||
830 | u8 buf[16], *ptr = buf; | ||
831 | |||
832 | BT_DBG("%p cr %d status 0x%x", s, cr, status); | ||
833 | |||
834 | hdr = (void *) ptr; ptr += sizeof(*hdr); | ||
835 | hdr->addr = __addr(s->initiator, 0); | ||
836 | hdr->ctrl = __ctrl(RFCOMM_UIH, 0); | ||
837 | hdr->len = __len8(sizeof(*mcc) + sizeof(*rls)); | ||
838 | |||
839 | mcc = (void *) ptr; ptr += sizeof(*mcc); | ||
840 | mcc->type = __mcc_type(cr, RFCOMM_RLS); | ||
841 | mcc->len = __len8(sizeof(*rls)); | ||
842 | |||
843 | rls = (void *) ptr; ptr += sizeof(*rls); | ||
844 | rls->dlci = __addr(1, dlci); | ||
845 | rls->status = status; | ||
846 | |||
847 | *ptr = __fcs(buf); ptr++; | ||
848 | |||
849 | return rfcomm_send_frame(s, buf, ptr - buf); | ||
850 | } | ||
851 | |||
852 | static int rfcomm_send_msc(struct rfcomm_session *s, int cr, u8 dlci, u8 v24_sig) | ||
853 | { | ||
854 | struct rfcomm_hdr *hdr; | ||
855 | struct rfcomm_mcc *mcc; | ||
856 | struct rfcomm_msc *msc; | ||
857 | u8 buf[16], *ptr = buf; | ||
858 | |||
859 | BT_DBG("%p cr %d v24 0x%x", s, cr, v24_sig); | ||
860 | |||
861 | hdr = (void *) ptr; ptr += sizeof(*hdr); | ||
862 | hdr->addr = __addr(s->initiator, 0); | ||
863 | hdr->ctrl = __ctrl(RFCOMM_UIH, 0); | ||
864 | hdr->len = __len8(sizeof(*mcc) + sizeof(*msc)); | ||
865 | |||
866 | mcc = (void *) ptr; ptr += sizeof(*mcc); | ||
867 | mcc->type = __mcc_type(cr, RFCOMM_MSC); | ||
868 | mcc->len = __len8(sizeof(*msc)); | ||
869 | |||
870 | msc = (void *) ptr; ptr += sizeof(*msc); | ||
871 | msc->dlci = __addr(1, dlci); | ||
872 | msc->v24_sig = v24_sig | 0x01; | ||
873 | |||
874 | *ptr = __fcs(buf); ptr++; | ||
875 | |||
876 | return rfcomm_send_frame(s, buf, ptr - buf); | ||
877 | } | ||
878 | |||
879 | static int rfcomm_send_fcoff(struct rfcomm_session *s, int cr) | ||
880 | { | ||
881 | struct rfcomm_hdr *hdr; | ||
882 | struct rfcomm_mcc *mcc; | ||
883 | u8 buf[16], *ptr = buf; | ||
884 | |||
885 | BT_DBG("%p cr %d", s, cr); | ||
886 | |||
887 | hdr = (void *) ptr; ptr += sizeof(*hdr); | ||
888 | hdr->addr = __addr(s->initiator, 0); | ||
889 | hdr->ctrl = __ctrl(RFCOMM_UIH, 0); | ||
890 | hdr->len = __len8(sizeof(*mcc)); | ||
891 | |||
892 | mcc = (void *) ptr; ptr += sizeof(*mcc); | ||
893 | mcc->type = __mcc_type(cr, RFCOMM_FCOFF); | ||
894 | mcc->len = __len8(0); | ||
895 | |||
896 | *ptr = __fcs(buf); ptr++; | ||
897 | |||
898 | return rfcomm_send_frame(s, buf, ptr - buf); | ||
899 | } | ||
900 | |||
901 | static int rfcomm_send_fcon(struct rfcomm_session *s, int cr) | ||
902 | { | ||
903 | struct rfcomm_hdr *hdr; | ||
904 | struct rfcomm_mcc *mcc; | ||
905 | u8 buf[16], *ptr = buf; | ||
906 | |||
907 | BT_DBG("%p cr %d", s, cr); | ||
908 | |||
909 | hdr = (void *) ptr; ptr += sizeof(*hdr); | ||
910 | hdr->addr = __addr(s->initiator, 0); | ||
911 | hdr->ctrl = __ctrl(RFCOMM_UIH, 0); | ||
912 | hdr->len = __len8(sizeof(*mcc)); | ||
913 | |||
914 | mcc = (void *) ptr; ptr += sizeof(*mcc); | ||
915 | mcc->type = __mcc_type(cr, RFCOMM_FCON); | ||
916 | mcc->len = __len8(0); | ||
917 | |||
918 | *ptr = __fcs(buf); ptr++; | ||
919 | |||
920 | return rfcomm_send_frame(s, buf, ptr - buf); | ||
921 | } | ||
922 | |||
923 | static int rfcomm_send_test(struct rfcomm_session *s, int cr, u8 *pattern, int len) | ||
924 | { | ||
925 | struct socket *sock = s->sock; | ||
926 | struct kvec iv[3]; | ||
927 | struct msghdr msg; | ||
928 | unsigned char hdr[5], crc[1]; | ||
929 | |||
930 | if (len > 125) | ||
931 | return -EINVAL; | ||
932 | |||
933 | BT_DBG("%p cr %d", s, cr); | ||
934 | |||
935 | hdr[0] = __addr(s->initiator, 0); | ||
936 | hdr[1] = __ctrl(RFCOMM_UIH, 0); | ||
937 | hdr[2] = 0x01 | ((len + 2) << 1); | ||
938 | hdr[3] = 0x01 | ((cr & 0x01) << 1) | (RFCOMM_TEST << 2); | ||
939 | hdr[4] = 0x01 | (len << 1); | ||
940 | |||
941 | crc[0] = __fcs(hdr); | ||
942 | |||
943 | iv[0].iov_base = hdr; | ||
944 | iv[0].iov_len = 5; | ||
945 | iv[1].iov_base = pattern; | ||
946 | iv[1].iov_len = len; | ||
947 | iv[2].iov_base = crc; | ||
948 | iv[2].iov_len = 1; | ||
949 | |||
950 | memset(&msg, 0, sizeof(msg)); | ||
951 | |||
952 | return kernel_sendmsg(sock, &msg, iv, 3, 6 + len); | ||
953 | } | ||
954 | |||
955 | static int rfcomm_send_credits(struct rfcomm_session *s, u8 addr, u8 credits) | ||
956 | { | ||
957 | struct rfcomm_hdr *hdr; | ||
958 | u8 buf[16], *ptr = buf; | ||
959 | |||
960 | BT_DBG("%p addr %d credits %d", s, addr, credits); | ||
961 | |||
962 | hdr = (void *) ptr; ptr += sizeof(*hdr); | ||
963 | hdr->addr = addr; | ||
964 | hdr->ctrl = __ctrl(RFCOMM_UIH, 1); | ||
965 | hdr->len = __len8(0); | ||
966 | |||
967 | *ptr = credits; ptr++; | ||
968 | |||
969 | *ptr = __fcs(buf); ptr++; | ||
970 | |||
971 | return rfcomm_send_frame(s, buf, ptr - buf); | ||
972 | } | ||
973 | |||
974 | static void rfcomm_make_uih(struct sk_buff *skb, u8 addr) | ||
975 | { | ||
976 | struct rfcomm_hdr *hdr; | ||
977 | int len = skb->len; | ||
978 | u8 *crc; | ||
979 | |||
980 | if (len > 127) { | ||
981 | hdr = (void *) skb_push(skb, 4); | ||
982 | put_unaligned(htobs(__len16(len)), (u16 *) &hdr->len); | ||
983 | } else { | ||
984 | hdr = (void *) skb_push(skb, 3); | ||
985 | hdr->len = __len8(len); | ||
986 | } | ||
987 | hdr->addr = addr; | ||
988 | hdr->ctrl = __ctrl(RFCOMM_UIH, 0); | ||
989 | |||
990 | crc = skb_put(skb, 1); | ||
991 | *crc = __fcs((void *) hdr); | ||
992 | } | ||
993 | |||
994 | /* ---- RFCOMM frame reception ---- */ | ||
995 | static int rfcomm_recv_ua(struct rfcomm_session *s, u8 dlci) | ||
996 | { | ||
997 | BT_DBG("session %p state %ld dlci %d", s, s->state, dlci); | ||
998 | |||
999 | if (dlci) { | ||
1000 | /* Data channel */ | ||
1001 | struct rfcomm_dlc *d = rfcomm_dlc_get(s, dlci); | ||
1002 | if (!d) { | ||
1003 | rfcomm_send_dm(s, dlci); | ||
1004 | return 0; | ||
1005 | } | ||
1006 | |||
1007 | switch (d->state) { | ||
1008 | case BT_CONNECT: | ||
1009 | rfcomm_dlc_clear_timer(d); | ||
1010 | |||
1011 | rfcomm_dlc_lock(d); | ||
1012 | d->state = BT_CONNECTED; | ||
1013 | d->state_change(d, 0); | ||
1014 | rfcomm_dlc_unlock(d); | ||
1015 | |||
1016 | rfcomm_send_msc(s, 1, dlci, d->v24_sig); | ||
1017 | break; | ||
1018 | |||
1019 | case BT_DISCONN: | ||
1020 | d->state = BT_CLOSED; | ||
1021 | __rfcomm_dlc_close(d, 0); | ||
1022 | break; | ||
1023 | } | ||
1024 | } else { | ||
1025 | /* Control channel */ | ||
1026 | switch (s->state) { | ||
1027 | case BT_CONNECT: | ||
1028 | s->state = BT_CONNECTED; | ||
1029 | rfcomm_process_connect(s); | ||
1030 | break; | ||
1031 | } | ||
1032 | } | ||
1033 | return 0; | ||
1034 | } | ||
1035 | |||
1036 | static int rfcomm_recv_dm(struct rfcomm_session *s, u8 dlci) | ||
1037 | { | ||
1038 | int err = 0; | ||
1039 | |||
1040 | BT_DBG("session %p state %ld dlci %d", s, s->state, dlci); | ||
1041 | |||
1042 | if (dlci) { | ||
1043 | /* Data DLC */ | ||
1044 | struct rfcomm_dlc *d = rfcomm_dlc_get(s, dlci); | ||
1045 | if (d) { | ||
1046 | if (d->state == BT_CONNECT || d->state == BT_CONFIG) | ||
1047 | err = ECONNREFUSED; | ||
1048 | else | ||
1049 | err = ECONNRESET; | ||
1050 | |||
1051 | d->state = BT_CLOSED; | ||
1052 | __rfcomm_dlc_close(d, err); | ||
1053 | } | ||
1054 | } else { | ||
1055 | if (s->state == BT_CONNECT) | ||
1056 | err = ECONNREFUSED; | ||
1057 | else | ||
1058 | err = ECONNRESET; | ||
1059 | |||
1060 | s->state = BT_CLOSED; | ||
1061 | rfcomm_session_close(s, err); | ||
1062 | } | ||
1063 | return 0; | ||
1064 | } | ||
1065 | |||
1066 | static int rfcomm_recv_disc(struct rfcomm_session *s, u8 dlci) | ||
1067 | { | ||
1068 | int err = 0; | ||
1069 | |||
1070 | BT_DBG("session %p state %ld dlci %d", s, s->state, dlci); | ||
1071 | |||
1072 | if (dlci) { | ||
1073 | struct rfcomm_dlc *d = rfcomm_dlc_get(s, dlci); | ||
1074 | if (d) { | ||
1075 | rfcomm_send_ua(s, dlci); | ||
1076 | |||
1077 | if (d->state == BT_CONNECT || d->state == BT_CONFIG) | ||
1078 | err = ECONNREFUSED; | ||
1079 | else | ||
1080 | err = ECONNRESET; | ||
1081 | |||
1082 | d->state = BT_CLOSED; | ||
1083 | __rfcomm_dlc_close(d, err); | ||
1084 | } else | ||
1085 | rfcomm_send_dm(s, dlci); | ||
1086 | |||
1087 | } else { | ||
1088 | rfcomm_send_ua(s, 0); | ||
1089 | |||
1090 | if (s->state == BT_CONNECT) | ||
1091 | err = ECONNREFUSED; | ||
1092 | else | ||
1093 | err = ECONNRESET; | ||
1094 | |||
1095 | s->state = BT_CLOSED; | ||
1096 | rfcomm_session_close(s, err); | ||
1097 | } | ||
1098 | |||
1099 | return 0; | ||
1100 | } | ||
1101 | |||
1102 | static inline int rfcomm_check_link_mode(struct rfcomm_dlc *d) | ||
1103 | { | ||
1104 | struct sock *sk = d->session->sock->sk; | ||
1105 | |||
1106 | if (d->link_mode & (RFCOMM_LM_ENCRYPT | RFCOMM_LM_SECURE)) { | ||
1107 | if (!hci_conn_encrypt(l2cap_pi(sk)->conn->hcon)) | ||
1108 | return 1; | ||
1109 | } else if (d->link_mode & RFCOMM_LM_AUTH) { | ||
1110 | if (!hci_conn_auth(l2cap_pi(sk)->conn->hcon)) | ||
1111 | return 1; | ||
1112 | } | ||
1113 | |||
1114 | return 0; | ||
1115 | } | ||
1116 | |||
1117 | static void rfcomm_dlc_accept(struct rfcomm_dlc *d) | ||
1118 | { | ||
1119 | BT_DBG("dlc %p", d); | ||
1120 | |||
1121 | rfcomm_send_ua(d->session, d->dlci); | ||
1122 | |||
1123 | rfcomm_dlc_lock(d); | ||
1124 | d->state = BT_CONNECTED; | ||
1125 | d->state_change(d, 0); | ||
1126 | rfcomm_dlc_unlock(d); | ||
1127 | |||
1128 | rfcomm_send_msc(d->session, 1, d->dlci, d->v24_sig); | ||
1129 | } | ||
1130 | |||
1131 | static int rfcomm_recv_sabm(struct rfcomm_session *s, u8 dlci) | ||
1132 | { | ||
1133 | struct rfcomm_dlc *d; | ||
1134 | u8 channel; | ||
1135 | |||
1136 | BT_DBG("session %p state %ld dlci %d", s, s->state, dlci); | ||
1137 | |||
1138 | if (!dlci) { | ||
1139 | rfcomm_send_ua(s, 0); | ||
1140 | |||
1141 | if (s->state == BT_OPEN) { | ||
1142 | s->state = BT_CONNECTED; | ||
1143 | rfcomm_process_connect(s); | ||
1144 | } | ||
1145 | return 0; | ||
1146 | } | ||
1147 | |||
1148 | /* Check if DLC exists */ | ||
1149 | d = rfcomm_dlc_get(s, dlci); | ||
1150 | if (d) { | ||
1151 | if (d->state == BT_OPEN) { | ||
1152 | /* DLC was previously opened by PN request */ | ||
1153 | if (rfcomm_check_link_mode(d)) { | ||
1154 | set_bit(RFCOMM_AUTH_PENDING, &d->flags); | ||
1155 | rfcomm_dlc_set_timer(d, RFCOMM_AUTH_TIMEOUT); | ||
1156 | return 0; | ||
1157 | } | ||
1158 | |||
1159 | rfcomm_dlc_accept(d); | ||
1160 | } | ||
1161 | return 0; | ||
1162 | } | ||
1163 | |||
1164 | /* Notify socket layer about incoming connection */ | ||
1165 | channel = __srv_channel(dlci); | ||
1166 | if (rfcomm_connect_ind(s, channel, &d)) { | ||
1167 | d->dlci = dlci; | ||
1168 | d->addr = __addr(s->initiator, dlci); | ||
1169 | rfcomm_dlc_link(s, d); | ||
1170 | |||
1171 | if (rfcomm_check_link_mode(d)) { | ||
1172 | set_bit(RFCOMM_AUTH_PENDING, &d->flags); | ||
1173 | rfcomm_dlc_set_timer(d, RFCOMM_AUTH_TIMEOUT); | ||
1174 | return 0; | ||
1175 | } | ||
1176 | |||
1177 | rfcomm_dlc_accept(d); | ||
1178 | } else { | ||
1179 | rfcomm_send_dm(s, dlci); | ||
1180 | } | ||
1181 | |||
1182 | return 0; | ||
1183 | } | ||
1184 | |||
1185 | static int rfcomm_apply_pn(struct rfcomm_dlc *d, int cr, struct rfcomm_pn *pn) | ||
1186 | { | ||
1187 | struct rfcomm_session *s = d->session; | ||
1188 | |||
1189 | BT_DBG("dlc %p state %ld dlci %d mtu %d fc 0x%x credits %d", | ||
1190 | d, d->state, d->dlci, pn->mtu, pn->flow_ctrl, pn->credits); | ||
1191 | |||
1192 | if (pn->flow_ctrl == 0xf0 || pn->flow_ctrl == 0xe0) { | ||
1193 | d->cfc = s->cfc = RFCOMM_CFC_ENABLED; | ||
1194 | d->tx_credits = pn->credits; | ||
1195 | } else { | ||
1196 | d->cfc = s->cfc = RFCOMM_CFC_DISABLED; | ||
1197 | set_bit(RFCOMM_TX_THROTTLED, &d->flags); | ||
1198 | } | ||
1199 | |||
1200 | d->priority = pn->priority; | ||
1201 | |||
1202 | d->mtu = s->mtu = btohs(pn->mtu); | ||
1203 | |||
1204 | return 0; | ||
1205 | } | ||
1206 | |||
1207 | static int rfcomm_recv_pn(struct rfcomm_session *s, int cr, struct sk_buff *skb) | ||
1208 | { | ||
1209 | struct rfcomm_pn *pn = (void *) skb->data; | ||
1210 | struct rfcomm_dlc *d; | ||
1211 | u8 dlci = pn->dlci; | ||
1212 | |||
1213 | BT_DBG("session %p state %ld dlci %d", s, s->state, dlci); | ||
1214 | |||
1215 | if (!dlci) | ||
1216 | return 0; | ||
1217 | |||
1218 | d = rfcomm_dlc_get(s, dlci); | ||
1219 | if (d) { | ||
1220 | if (cr) { | ||
1221 | /* PN request */ | ||
1222 | rfcomm_apply_pn(d, cr, pn); | ||
1223 | rfcomm_send_pn(s, 0, d); | ||
1224 | } else { | ||
1225 | /* PN response */ | ||
1226 | switch (d->state) { | ||
1227 | case BT_CONFIG: | ||
1228 | rfcomm_apply_pn(d, cr, pn); | ||
1229 | |||
1230 | d->state = BT_CONNECT; | ||
1231 | rfcomm_send_sabm(s, d->dlci); | ||
1232 | break; | ||
1233 | } | ||
1234 | } | ||
1235 | } else { | ||
1236 | u8 channel = __srv_channel(dlci); | ||
1237 | |||
1238 | if (!cr) | ||
1239 | return 0; | ||
1240 | |||
1241 | /* PN request for non existing DLC. | ||
1242 | * Assume incoming connection. */ | ||
1243 | if (rfcomm_connect_ind(s, channel, &d)) { | ||
1244 | d->dlci = dlci; | ||
1245 | d->addr = __addr(s->initiator, dlci); | ||
1246 | rfcomm_dlc_link(s, d); | ||
1247 | |||
1248 | rfcomm_apply_pn(d, cr, pn); | ||
1249 | |||
1250 | d->state = BT_OPEN; | ||
1251 | rfcomm_send_pn(s, 0, d); | ||
1252 | } else { | ||
1253 | rfcomm_send_dm(s, dlci); | ||
1254 | } | ||
1255 | } | ||
1256 | return 0; | ||
1257 | } | ||
1258 | |||
1259 | static int rfcomm_recv_rpn(struct rfcomm_session *s, int cr, int len, struct sk_buff *skb) | ||
1260 | { | ||
1261 | struct rfcomm_rpn *rpn = (void *) skb->data; | ||
1262 | u8 dlci = __get_dlci(rpn->dlci); | ||
1263 | |||
1264 | u8 bit_rate = 0; | ||
1265 | u8 data_bits = 0; | ||
1266 | u8 stop_bits = 0; | ||
1267 | u8 parity = 0; | ||
1268 | u8 flow_ctrl = 0; | ||
1269 | u8 xon_char = 0; | ||
1270 | u8 xoff_char = 0; | ||
1271 | u16 rpn_mask = RFCOMM_RPN_PM_ALL; | ||
1272 | |||
1273 | BT_DBG("dlci %d cr %d len 0x%x bitr 0x%x line 0x%x flow 0x%x xonc 0x%x xoffc 0x%x pm 0x%x", | ||
1274 | dlci, cr, len, rpn->bit_rate, rpn->line_settings, rpn->flow_ctrl, | ||
1275 | rpn->xon_char, rpn->xoff_char, rpn->param_mask); | ||
1276 | |||
1277 | if (!cr) | ||
1278 | return 0; | ||
1279 | |||
1280 | if (len == 1) { | ||
1281 | /* request: return default setting */ | ||
1282 | bit_rate = RFCOMM_RPN_BR_115200; | ||
1283 | data_bits = RFCOMM_RPN_DATA_8; | ||
1284 | stop_bits = RFCOMM_RPN_STOP_1; | ||
1285 | parity = RFCOMM_RPN_PARITY_NONE; | ||
1286 | flow_ctrl = RFCOMM_RPN_FLOW_NONE; | ||
1287 | xon_char = RFCOMM_RPN_XON_CHAR; | ||
1288 | xoff_char = RFCOMM_RPN_XOFF_CHAR; | ||
1289 | |||
1290 | goto rpn_out; | ||
1291 | } | ||
1292 | /* check for sane values: ignore/accept bit_rate, 8 bits, 1 stop bit, no parity, | ||
1293 | no flow control lines, normal XON/XOFF chars */ | ||
1294 | if (rpn->param_mask & RFCOMM_RPN_PM_BITRATE) { | ||
1295 | bit_rate = rpn->bit_rate; | ||
1296 | if (bit_rate != RFCOMM_RPN_BR_115200) { | ||
1297 | BT_DBG("RPN bit rate mismatch 0x%x", bit_rate); | ||
1298 | bit_rate = RFCOMM_RPN_BR_115200; | ||
1299 | rpn_mask ^= RFCOMM_RPN_PM_BITRATE; | ||
1300 | } | ||
1301 | } | ||
1302 | if (rpn->param_mask & RFCOMM_RPN_PM_DATA) { | ||
1303 | data_bits = __get_rpn_data_bits(rpn->line_settings); | ||
1304 | if (data_bits != RFCOMM_RPN_DATA_8) { | ||
1305 | BT_DBG("RPN data bits mismatch 0x%x", data_bits); | ||
1306 | data_bits = RFCOMM_RPN_DATA_8; | ||
1307 | rpn_mask ^= RFCOMM_RPN_PM_DATA; | ||
1308 | } | ||
1309 | } | ||
1310 | if (rpn->param_mask & RFCOMM_RPN_PM_STOP) { | ||
1311 | stop_bits = __get_rpn_stop_bits(rpn->line_settings); | ||
1312 | if (stop_bits != RFCOMM_RPN_STOP_1) { | ||
1313 | BT_DBG("RPN stop bits mismatch 0x%x", stop_bits); | ||
1314 | stop_bits = RFCOMM_RPN_STOP_1; | ||
1315 | rpn_mask ^= RFCOMM_RPN_PM_STOP; | ||
1316 | } | ||
1317 | } | ||
1318 | if (rpn->param_mask & RFCOMM_RPN_PM_PARITY) { | ||
1319 | parity = __get_rpn_parity(rpn->line_settings); | ||
1320 | if (parity != RFCOMM_RPN_PARITY_NONE) { | ||
1321 | BT_DBG("RPN parity mismatch 0x%x", parity); | ||
1322 | parity = RFCOMM_RPN_PARITY_NONE; | ||
1323 | rpn_mask ^= RFCOMM_RPN_PM_PARITY; | ||
1324 | } | ||
1325 | } | ||
1326 | if (rpn->param_mask & RFCOMM_RPN_PM_FLOW) { | ||
1327 | flow_ctrl = rpn->flow_ctrl; | ||
1328 | if (flow_ctrl != RFCOMM_RPN_FLOW_NONE) { | ||
1329 | BT_DBG("RPN flow ctrl mismatch 0x%x", flow_ctrl); | ||
1330 | flow_ctrl = RFCOMM_RPN_FLOW_NONE; | ||
1331 | rpn_mask ^= RFCOMM_RPN_PM_FLOW; | ||
1332 | } | ||
1333 | } | ||
1334 | if (rpn->param_mask & RFCOMM_RPN_PM_XON) { | ||
1335 | xon_char = rpn->xon_char; | ||
1336 | if (xon_char != RFCOMM_RPN_XON_CHAR) { | ||
1337 | BT_DBG("RPN XON char mismatch 0x%x", xon_char); | ||
1338 | xon_char = RFCOMM_RPN_XON_CHAR; | ||
1339 | rpn_mask ^= RFCOMM_RPN_PM_XON; | ||
1340 | } | ||
1341 | } | ||
1342 | if (rpn->param_mask & RFCOMM_RPN_PM_XOFF) { | ||
1343 | xoff_char = rpn->xoff_char; | ||
1344 | if (xoff_char != RFCOMM_RPN_XOFF_CHAR) { | ||
1345 | BT_DBG("RPN XOFF char mismatch 0x%x", xoff_char); | ||
1346 | xoff_char = RFCOMM_RPN_XOFF_CHAR; | ||
1347 | rpn_mask ^= RFCOMM_RPN_PM_XOFF; | ||
1348 | } | ||
1349 | } | ||
1350 | |||
1351 | rpn_out: | ||
1352 | rfcomm_send_rpn(s, 0, dlci, | ||
1353 | bit_rate, data_bits, stop_bits, parity, flow_ctrl, | ||
1354 | xon_char, xoff_char, rpn_mask); | ||
1355 | |||
1356 | return 0; | ||
1357 | } | ||
1358 | |||
1359 | static int rfcomm_recv_rls(struct rfcomm_session *s, int cr, struct sk_buff *skb) | ||
1360 | { | ||
1361 | struct rfcomm_rls *rls = (void *) skb->data; | ||
1362 | u8 dlci = __get_dlci(rls->dlci); | ||
1363 | |||
1364 | BT_DBG("dlci %d cr %d status 0x%x", dlci, cr, rls->status); | ||
1365 | |||
1366 | if (!cr) | ||
1367 | return 0; | ||
1368 | |||
1369 | /* FIXME: We should probably do something with this | ||
1370 | information here. But for now it's sufficient just | ||
1371 | to reply -- Bluetooth 1.1 says it's mandatory to | ||
1372 | recognise and respond to RLS */ | ||
1373 | |||
1374 | rfcomm_send_rls(s, 0, dlci, rls->status); | ||
1375 | |||
1376 | return 0; | ||
1377 | } | ||
1378 | |||
1379 | static int rfcomm_recv_msc(struct rfcomm_session *s, int cr, struct sk_buff *skb) | ||
1380 | { | ||
1381 | struct rfcomm_msc *msc = (void *) skb->data; | ||
1382 | struct rfcomm_dlc *d; | ||
1383 | u8 dlci = __get_dlci(msc->dlci); | ||
1384 | |||
1385 | BT_DBG("dlci %d cr %d v24 0x%x", dlci, cr, msc->v24_sig); | ||
1386 | |||
1387 | d = rfcomm_dlc_get(s, dlci); | ||
1388 | if (!d) | ||
1389 | return 0; | ||
1390 | |||
1391 | if (cr) { | ||
1392 | if (msc->v24_sig & RFCOMM_V24_FC && !d->cfc) | ||
1393 | set_bit(RFCOMM_TX_THROTTLED, &d->flags); | ||
1394 | else | ||
1395 | clear_bit(RFCOMM_TX_THROTTLED, &d->flags); | ||
1396 | |||
1397 | rfcomm_dlc_lock(d); | ||
1398 | if (d->modem_status) | ||
1399 | d->modem_status(d, msc->v24_sig); | ||
1400 | rfcomm_dlc_unlock(d); | ||
1401 | |||
1402 | rfcomm_send_msc(s, 0, dlci, msc->v24_sig); | ||
1403 | |||
1404 | d->mscex |= RFCOMM_MSCEX_RX; | ||
1405 | } else | ||
1406 | d->mscex |= RFCOMM_MSCEX_TX; | ||
1407 | |||
1408 | return 0; | ||
1409 | } | ||
1410 | |||
1411 | static int rfcomm_recv_mcc(struct rfcomm_session *s, struct sk_buff *skb) | ||
1412 | { | ||
1413 | struct rfcomm_mcc *mcc = (void *) skb->data; | ||
1414 | u8 type, cr, len; | ||
1415 | |||
1416 | cr = __test_cr(mcc->type); | ||
1417 | type = __get_mcc_type(mcc->type); | ||
1418 | len = __get_mcc_len(mcc->len); | ||
1419 | |||
1420 | BT_DBG("%p type 0x%x cr %d", s, type, cr); | ||
1421 | |||
1422 | skb_pull(skb, 2); | ||
1423 | |||
1424 | switch (type) { | ||
1425 | case RFCOMM_PN: | ||
1426 | rfcomm_recv_pn(s, cr, skb); | ||
1427 | break; | ||
1428 | |||
1429 | case RFCOMM_RPN: | ||
1430 | rfcomm_recv_rpn(s, cr, len, skb); | ||
1431 | break; | ||
1432 | |||
1433 | case RFCOMM_RLS: | ||
1434 | rfcomm_recv_rls(s, cr, skb); | ||
1435 | break; | ||
1436 | |||
1437 | case RFCOMM_MSC: | ||
1438 | rfcomm_recv_msc(s, cr, skb); | ||
1439 | break; | ||
1440 | |||
1441 | case RFCOMM_FCOFF: | ||
1442 | if (cr) { | ||
1443 | set_bit(RFCOMM_TX_THROTTLED, &s->flags); | ||
1444 | rfcomm_send_fcoff(s, 0); | ||
1445 | } | ||
1446 | break; | ||
1447 | |||
1448 | case RFCOMM_FCON: | ||
1449 | if (cr) { | ||
1450 | clear_bit(RFCOMM_TX_THROTTLED, &s->flags); | ||
1451 | rfcomm_send_fcon(s, 0); | ||
1452 | } | ||
1453 | break; | ||
1454 | |||
1455 | case RFCOMM_TEST: | ||
1456 | if (cr) | ||
1457 | rfcomm_send_test(s, 0, skb->data, skb->len); | ||
1458 | break; | ||
1459 | |||
1460 | case RFCOMM_NSC: | ||
1461 | break; | ||
1462 | |||
1463 | default: | ||
1464 | BT_ERR("Unknown control type 0x%02x", type); | ||
1465 | rfcomm_send_nsc(s, cr, type); | ||
1466 | break; | ||
1467 | } | ||
1468 | return 0; | ||
1469 | } | ||
1470 | |||
1471 | static int rfcomm_recv_data(struct rfcomm_session *s, u8 dlci, int pf, struct sk_buff *skb) | ||
1472 | { | ||
1473 | struct rfcomm_dlc *d; | ||
1474 | |||
1475 | BT_DBG("session %p state %ld dlci %d pf %d", s, s->state, dlci, pf); | ||
1476 | |||
1477 | d = rfcomm_dlc_get(s, dlci); | ||
1478 | if (!d) { | ||
1479 | rfcomm_send_dm(s, dlci); | ||
1480 | goto drop; | ||
1481 | } | ||
1482 | |||
1483 | if (pf && d->cfc) { | ||
1484 | u8 credits = *(u8 *) skb->data; skb_pull(skb, 1); | ||
1485 | |||
1486 | d->tx_credits += credits; | ||
1487 | if (d->tx_credits) | ||
1488 | clear_bit(RFCOMM_TX_THROTTLED, &d->flags); | ||
1489 | } | ||
1490 | |||
1491 | if (skb->len && d->state == BT_CONNECTED) { | ||
1492 | rfcomm_dlc_lock(d); | ||
1493 | d->rx_credits--; | ||
1494 | d->data_ready(d, skb); | ||
1495 | rfcomm_dlc_unlock(d); | ||
1496 | return 0; | ||
1497 | } | ||
1498 | |||
1499 | drop: | ||
1500 | kfree_skb(skb); | ||
1501 | return 0; | ||
1502 | } | ||
1503 | |||
1504 | static int rfcomm_recv_frame(struct rfcomm_session *s, struct sk_buff *skb) | ||
1505 | { | ||
1506 | struct rfcomm_hdr *hdr = (void *) skb->data; | ||
1507 | u8 type, dlci, fcs; | ||
1508 | |||
1509 | dlci = __get_dlci(hdr->addr); | ||
1510 | type = __get_type(hdr->ctrl); | ||
1511 | |||
1512 | /* Trim FCS */ | ||
1513 | skb->len--; skb->tail--; | ||
1514 | fcs = *(u8 *) skb->tail; | ||
1515 | |||
1516 | if (__check_fcs(skb->data, type, fcs)) { | ||
1517 | BT_ERR("bad checksum in packet"); | ||
1518 | kfree_skb(skb); | ||
1519 | return -EILSEQ; | ||
1520 | } | ||
1521 | |||
1522 | if (__test_ea(hdr->len)) | ||
1523 | skb_pull(skb, 3); | ||
1524 | else | ||
1525 | skb_pull(skb, 4); | ||
1526 | |||
1527 | switch (type) { | ||
1528 | case RFCOMM_SABM: | ||
1529 | if (__test_pf(hdr->ctrl)) | ||
1530 | rfcomm_recv_sabm(s, dlci); | ||
1531 | break; | ||
1532 | |||
1533 | case RFCOMM_DISC: | ||
1534 | if (__test_pf(hdr->ctrl)) | ||
1535 | rfcomm_recv_disc(s, dlci); | ||
1536 | break; | ||
1537 | |||
1538 | case RFCOMM_UA: | ||
1539 | if (__test_pf(hdr->ctrl)) | ||
1540 | rfcomm_recv_ua(s, dlci); | ||
1541 | break; | ||
1542 | |||
1543 | case RFCOMM_DM: | ||
1544 | rfcomm_recv_dm(s, dlci); | ||
1545 | break; | ||
1546 | |||
1547 | case RFCOMM_UIH: | ||
1548 | if (dlci) | ||
1549 | return rfcomm_recv_data(s, dlci, __test_pf(hdr->ctrl), skb); | ||
1550 | |||
1551 | rfcomm_recv_mcc(s, skb); | ||
1552 | break; | ||
1553 | |||
1554 | default: | ||
1555 | BT_ERR("Unknown packet type 0x%02x\n", type); | ||
1556 | break; | ||
1557 | } | ||
1558 | kfree_skb(skb); | ||
1559 | return 0; | ||
1560 | } | ||
1561 | |||
1562 | /* ---- Connection and data processing ---- */ | ||
1563 | |||
1564 | static void rfcomm_process_connect(struct rfcomm_session *s) | ||
1565 | { | ||
1566 | struct rfcomm_dlc *d; | ||
1567 | struct list_head *p, *n; | ||
1568 | |||
1569 | BT_DBG("session %p state %ld", s, s->state); | ||
1570 | |||
1571 | list_for_each_safe(p, n, &s->dlcs) { | ||
1572 | d = list_entry(p, struct rfcomm_dlc, list); | ||
1573 | if (d->state == BT_CONFIG) { | ||
1574 | d->mtu = s->mtu; | ||
1575 | rfcomm_send_pn(s, 1, d); | ||
1576 | } | ||
1577 | } | ||
1578 | } | ||
1579 | |||
1580 | /* Send data queued for the DLC. | ||
1581 | * Return number of frames left in the queue. | ||
1582 | */ | ||
1583 | static inline int rfcomm_process_tx(struct rfcomm_dlc *d) | ||
1584 | { | ||
1585 | struct sk_buff *skb; | ||
1586 | int err; | ||
1587 | |||
1588 | BT_DBG("dlc %p state %ld cfc %d rx_credits %d tx_credits %d", | ||
1589 | d, d->state, d->cfc, d->rx_credits, d->tx_credits); | ||
1590 | |||
1591 | /* Send pending MSC */ | ||
1592 | if (test_and_clear_bit(RFCOMM_MSC_PENDING, &d->flags)) | ||
1593 | rfcomm_send_msc(d->session, 1, d->dlci, d->v24_sig); | ||
1594 | |||
1595 | if (d->cfc) { | ||
1596 | /* CFC enabled. | ||
1597 | * Give them some credits */ | ||
1598 | if (!test_bit(RFCOMM_RX_THROTTLED, &d->flags) && | ||
1599 | d->rx_credits <= (d->cfc >> 2)) { | ||
1600 | rfcomm_send_credits(d->session, d->addr, d->cfc - d->rx_credits); | ||
1601 | d->rx_credits = d->cfc; | ||
1602 | } | ||
1603 | } else { | ||
1604 | /* CFC disabled. | ||
1605 | * Give ourselves some credits */ | ||
1606 | d->tx_credits = 5; | ||
1607 | } | ||
1608 | |||
1609 | if (test_bit(RFCOMM_TX_THROTTLED, &d->flags)) | ||
1610 | return skb_queue_len(&d->tx_queue); | ||
1611 | |||
1612 | while (d->tx_credits && (skb = skb_dequeue(&d->tx_queue))) { | ||
1613 | err = rfcomm_send_frame(d->session, skb->data, skb->len); | ||
1614 | if (err < 0) { | ||
1615 | skb_queue_head(&d->tx_queue, skb); | ||
1616 | break; | ||
1617 | } | ||
1618 | kfree_skb(skb); | ||
1619 | d->tx_credits--; | ||
1620 | } | ||
1621 | |||
1622 | if (d->cfc && !d->tx_credits) { | ||
1623 | /* We're out of TX credits. | ||
1624 | * Set TX_THROTTLED flag to avoid unnesary wakeups by dlc_send. */ | ||
1625 | set_bit(RFCOMM_TX_THROTTLED, &d->flags); | ||
1626 | } | ||
1627 | |||
1628 | return skb_queue_len(&d->tx_queue); | ||
1629 | } | ||
1630 | |||
1631 | static inline void rfcomm_process_dlcs(struct rfcomm_session *s) | ||
1632 | { | ||
1633 | struct rfcomm_dlc *d; | ||
1634 | struct list_head *p, *n; | ||
1635 | |||
1636 | BT_DBG("session %p state %ld", s, s->state); | ||
1637 | |||
1638 | list_for_each_safe(p, n, &s->dlcs) { | ||
1639 | d = list_entry(p, struct rfcomm_dlc, list); | ||
1640 | |||
1641 | if (test_bit(RFCOMM_TIMED_OUT, &d->flags)) { | ||
1642 | __rfcomm_dlc_close(d, ETIMEDOUT); | ||
1643 | continue; | ||
1644 | } | ||
1645 | |||
1646 | if (test_and_clear_bit(RFCOMM_AUTH_ACCEPT, &d->flags)) { | ||
1647 | rfcomm_dlc_clear_timer(d); | ||
1648 | rfcomm_dlc_accept(d); | ||
1649 | if (d->link_mode & RFCOMM_LM_SECURE) { | ||
1650 | struct sock *sk = s->sock->sk; | ||
1651 | hci_conn_change_link_key(l2cap_pi(sk)->conn->hcon); | ||
1652 | } | ||
1653 | continue; | ||
1654 | } else if (test_and_clear_bit(RFCOMM_AUTH_REJECT, &d->flags)) { | ||
1655 | rfcomm_dlc_clear_timer(d); | ||
1656 | rfcomm_send_dm(s, d->dlci); | ||
1657 | __rfcomm_dlc_close(d, ECONNREFUSED); | ||
1658 | continue; | ||
1659 | } | ||
1660 | |||
1661 | if (test_bit(RFCOMM_TX_THROTTLED, &s->flags)) | ||
1662 | continue; | ||
1663 | |||
1664 | if ((d->state == BT_CONNECTED || d->state == BT_DISCONN) && | ||
1665 | d->mscex == RFCOMM_MSCEX_OK) | ||
1666 | rfcomm_process_tx(d); | ||
1667 | } | ||
1668 | } | ||
1669 | |||
1670 | static inline void rfcomm_process_rx(struct rfcomm_session *s) | ||
1671 | { | ||
1672 | struct socket *sock = s->sock; | ||
1673 | struct sock *sk = sock->sk; | ||
1674 | struct sk_buff *skb; | ||
1675 | |||
1676 | BT_DBG("session %p state %ld qlen %d", s, s->state, skb_queue_len(&sk->sk_receive_queue)); | ||
1677 | |||
1678 | /* Get data directly from socket receive queue without copying it. */ | ||
1679 | while ((skb = skb_dequeue(&sk->sk_receive_queue))) { | ||
1680 | skb_orphan(skb); | ||
1681 | rfcomm_recv_frame(s, skb); | ||
1682 | } | ||
1683 | |||
1684 | if (sk->sk_state == BT_CLOSED) { | ||
1685 | if (!s->initiator) | ||
1686 | rfcomm_session_put(s); | ||
1687 | |||
1688 | rfcomm_session_close(s, sk->sk_err); | ||
1689 | } | ||
1690 | } | ||
1691 | |||
1692 | static inline void rfcomm_accept_connection(struct rfcomm_session *s) | ||
1693 | { | ||
1694 | struct socket *sock = s->sock, *nsock; | ||
1695 | int err; | ||
1696 | |||
1697 | /* Fast check for a new connection. | ||
1698 | * Avoids unnesesary socket allocations. */ | ||
1699 | if (list_empty(&bt_sk(sock->sk)->accept_q)) | ||
1700 | return; | ||
1701 | |||
1702 | BT_DBG("session %p", s); | ||
1703 | |||
1704 | if (sock_create_lite(PF_BLUETOOTH, sock->type, BTPROTO_L2CAP, &nsock)) | ||
1705 | return; | ||
1706 | |||
1707 | nsock->ops = sock->ops; | ||
1708 | |||
1709 | __module_get(nsock->ops->owner); | ||
1710 | |||
1711 | err = sock->ops->accept(sock, nsock, O_NONBLOCK); | ||
1712 | if (err < 0) { | ||
1713 | sock_release(nsock); | ||
1714 | return; | ||
1715 | } | ||
1716 | |||
1717 | /* Set our callbacks */ | ||
1718 | nsock->sk->sk_data_ready = rfcomm_l2data_ready; | ||
1719 | nsock->sk->sk_state_change = rfcomm_l2state_change; | ||
1720 | |||
1721 | s = rfcomm_session_add(nsock, BT_OPEN); | ||
1722 | if (s) { | ||
1723 | rfcomm_session_hold(s); | ||
1724 | rfcomm_schedule(RFCOMM_SCHED_RX); | ||
1725 | } else | ||
1726 | sock_release(nsock); | ||
1727 | } | ||
1728 | |||
1729 | static inline void rfcomm_check_connection(struct rfcomm_session *s) | ||
1730 | { | ||
1731 | struct sock *sk = s->sock->sk; | ||
1732 | |||
1733 | BT_DBG("%p state %ld", s, s->state); | ||
1734 | |||
1735 | switch(sk->sk_state) { | ||
1736 | case BT_CONNECTED: | ||
1737 | s->state = BT_CONNECT; | ||
1738 | |||
1739 | /* We can adjust MTU on outgoing sessions. | ||
1740 | * L2CAP MTU minus UIH header and FCS. */ | ||
1741 | s->mtu = min(l2cap_pi(sk)->omtu, l2cap_pi(sk)->imtu) - 5; | ||
1742 | |||
1743 | rfcomm_send_sabm(s, 0); | ||
1744 | break; | ||
1745 | |||
1746 | case BT_CLOSED: | ||
1747 | s->state = BT_CLOSED; | ||
1748 | rfcomm_session_close(s, sk->sk_err); | ||
1749 | break; | ||
1750 | } | ||
1751 | } | ||
1752 | |||
1753 | static inline void rfcomm_process_sessions(void) | ||
1754 | { | ||
1755 | struct list_head *p, *n; | ||
1756 | |||
1757 | rfcomm_lock(); | ||
1758 | |||
1759 | list_for_each_safe(p, n, &session_list) { | ||
1760 | struct rfcomm_session *s; | ||
1761 | s = list_entry(p, struct rfcomm_session, list); | ||
1762 | |||
1763 | if (s->state == BT_LISTEN) { | ||
1764 | rfcomm_accept_connection(s); | ||
1765 | continue; | ||
1766 | } | ||
1767 | |||
1768 | rfcomm_session_hold(s); | ||
1769 | |||
1770 | switch (s->state) { | ||
1771 | case BT_BOUND: | ||
1772 | rfcomm_check_connection(s); | ||
1773 | break; | ||
1774 | |||
1775 | default: | ||
1776 | rfcomm_process_rx(s); | ||
1777 | break; | ||
1778 | } | ||
1779 | |||
1780 | rfcomm_process_dlcs(s); | ||
1781 | |||
1782 | rfcomm_session_put(s); | ||
1783 | } | ||
1784 | |||
1785 | rfcomm_unlock(); | ||
1786 | } | ||
1787 | |||
1788 | static void rfcomm_worker(void) | ||
1789 | { | ||
1790 | BT_DBG(""); | ||
1791 | |||
1792 | while (!atomic_read(&terminate)) { | ||
1793 | if (!test_bit(RFCOMM_SCHED_WAKEUP, &rfcomm_event)) { | ||
1794 | /* No pending events. Let's sleep. | ||
1795 | * Incoming connections and data will wake us up. */ | ||
1796 | set_current_state(TASK_INTERRUPTIBLE); | ||
1797 | schedule(); | ||
1798 | } | ||
1799 | |||
1800 | /* Process stuff */ | ||
1801 | clear_bit(RFCOMM_SCHED_WAKEUP, &rfcomm_event); | ||
1802 | rfcomm_process_sessions(); | ||
1803 | } | ||
1804 | set_current_state(TASK_RUNNING); | ||
1805 | return; | ||
1806 | } | ||
1807 | |||
1808 | static int rfcomm_add_listener(bdaddr_t *ba) | ||
1809 | { | ||
1810 | struct sockaddr_l2 addr; | ||
1811 | struct socket *sock; | ||
1812 | struct sock *sk; | ||
1813 | struct rfcomm_session *s; | ||
1814 | int err = 0; | ||
1815 | |||
1816 | /* Create socket */ | ||
1817 | err = rfcomm_l2sock_create(&sock); | ||
1818 | if (err < 0) { | ||
1819 | BT_ERR("Create socket failed %d", err); | ||
1820 | return err; | ||
1821 | } | ||
1822 | |||
1823 | /* Bind socket */ | ||
1824 | bacpy(&addr.l2_bdaddr, ba); | ||
1825 | addr.l2_family = AF_BLUETOOTH; | ||
1826 | addr.l2_psm = htobs(RFCOMM_PSM); | ||
1827 | err = sock->ops->bind(sock, (struct sockaddr *) &addr, sizeof(addr)); | ||
1828 | if (err < 0) { | ||
1829 | BT_ERR("Bind failed %d", err); | ||
1830 | goto failed; | ||
1831 | } | ||
1832 | |||
1833 | /* Set L2CAP options */ | ||
1834 | sk = sock->sk; | ||
1835 | lock_sock(sk); | ||
1836 | l2cap_pi(sk)->imtu = RFCOMM_MAX_L2CAP_MTU; | ||
1837 | release_sock(sk); | ||
1838 | |||
1839 | /* Start listening on the socket */ | ||
1840 | err = sock->ops->listen(sock, 10); | ||
1841 | if (err) { | ||
1842 | BT_ERR("Listen failed %d", err); | ||
1843 | goto failed; | ||
1844 | } | ||
1845 | |||
1846 | /* Add listening session */ | ||
1847 | s = rfcomm_session_add(sock, BT_LISTEN); | ||
1848 | if (!s) | ||
1849 | goto failed; | ||
1850 | |||
1851 | rfcomm_session_hold(s); | ||
1852 | return 0; | ||
1853 | failed: | ||
1854 | sock_release(sock); | ||
1855 | return err; | ||
1856 | } | ||
1857 | |||
1858 | static void rfcomm_kill_listener(void) | ||
1859 | { | ||
1860 | struct rfcomm_session *s; | ||
1861 | struct list_head *p, *n; | ||
1862 | |||
1863 | BT_DBG(""); | ||
1864 | |||
1865 | list_for_each_safe(p, n, &session_list) { | ||
1866 | s = list_entry(p, struct rfcomm_session, list); | ||
1867 | rfcomm_session_del(s); | ||
1868 | } | ||
1869 | } | ||
1870 | |||
1871 | static int rfcomm_run(void *unused) | ||
1872 | { | ||
1873 | rfcomm_thread = current; | ||
1874 | |||
1875 | atomic_inc(&running); | ||
1876 | |||
1877 | daemonize("krfcommd"); | ||
1878 | set_user_nice(current, -10); | ||
1879 | current->flags |= PF_NOFREEZE; | ||
1880 | |||
1881 | BT_DBG(""); | ||
1882 | |||
1883 | rfcomm_add_listener(BDADDR_ANY); | ||
1884 | |||
1885 | rfcomm_worker(); | ||
1886 | |||
1887 | rfcomm_kill_listener(); | ||
1888 | |||
1889 | atomic_dec(&running); | ||
1890 | return 0; | ||
1891 | } | ||
1892 | |||
1893 | static void rfcomm_auth_cfm(struct hci_conn *conn, u8 status) | ||
1894 | { | ||
1895 | struct rfcomm_session *s; | ||
1896 | struct rfcomm_dlc *d; | ||
1897 | struct list_head *p, *n; | ||
1898 | |||
1899 | BT_DBG("conn %p status 0x%02x", conn, status); | ||
1900 | |||
1901 | s = rfcomm_session_get(&conn->hdev->bdaddr, &conn->dst); | ||
1902 | if (!s) | ||
1903 | return; | ||
1904 | |||
1905 | rfcomm_session_hold(s); | ||
1906 | |||
1907 | list_for_each_safe(p, n, &s->dlcs) { | ||
1908 | d = list_entry(p, struct rfcomm_dlc, list); | ||
1909 | |||
1910 | if (d->link_mode & (RFCOMM_LM_ENCRYPT | RFCOMM_LM_SECURE)) | ||
1911 | continue; | ||
1912 | |||
1913 | if (!test_and_clear_bit(RFCOMM_AUTH_PENDING, &d->flags)) | ||
1914 | continue; | ||
1915 | |||
1916 | if (!status) | ||
1917 | set_bit(RFCOMM_AUTH_ACCEPT, &d->flags); | ||
1918 | else | ||
1919 | set_bit(RFCOMM_AUTH_REJECT, &d->flags); | ||
1920 | } | ||
1921 | |||
1922 | rfcomm_session_put(s); | ||
1923 | |||
1924 | rfcomm_schedule(RFCOMM_SCHED_AUTH); | ||
1925 | } | ||
1926 | |||
1927 | static void rfcomm_encrypt_cfm(struct hci_conn *conn, u8 status, u8 encrypt) | ||
1928 | { | ||
1929 | struct rfcomm_session *s; | ||
1930 | struct rfcomm_dlc *d; | ||
1931 | struct list_head *p, *n; | ||
1932 | |||
1933 | BT_DBG("conn %p status 0x%02x encrypt 0x%02x", conn, status, encrypt); | ||
1934 | |||
1935 | s = rfcomm_session_get(&conn->hdev->bdaddr, &conn->dst); | ||
1936 | if (!s) | ||
1937 | return; | ||
1938 | |||
1939 | rfcomm_session_hold(s); | ||
1940 | |||
1941 | list_for_each_safe(p, n, &s->dlcs) { | ||
1942 | d = list_entry(p, struct rfcomm_dlc, list); | ||
1943 | |||
1944 | if (!test_and_clear_bit(RFCOMM_AUTH_PENDING, &d->flags)) | ||
1945 | continue; | ||
1946 | |||
1947 | if (!status && encrypt) | ||
1948 | set_bit(RFCOMM_AUTH_ACCEPT, &d->flags); | ||
1949 | else | ||
1950 | set_bit(RFCOMM_AUTH_REJECT, &d->flags); | ||
1951 | } | ||
1952 | |||
1953 | rfcomm_session_put(s); | ||
1954 | |||
1955 | rfcomm_schedule(RFCOMM_SCHED_AUTH); | ||
1956 | } | ||
1957 | |||
1958 | static struct hci_cb rfcomm_cb = { | ||
1959 | .name = "RFCOMM", | ||
1960 | .auth_cfm = rfcomm_auth_cfm, | ||
1961 | .encrypt_cfm = rfcomm_encrypt_cfm | ||
1962 | }; | ||
1963 | |||
1964 | /* ---- Proc fs support ---- */ | ||
1965 | #ifdef CONFIG_PROC_FS | ||
1966 | static void *rfcomm_seq_start(struct seq_file *seq, loff_t *pos) | ||
1967 | { | ||
1968 | struct rfcomm_session *s; | ||
1969 | struct list_head *pp, *p; | ||
1970 | loff_t l = *pos; | ||
1971 | |||
1972 | rfcomm_lock(); | ||
1973 | |||
1974 | list_for_each(p, &session_list) { | ||
1975 | s = list_entry(p, struct rfcomm_session, list); | ||
1976 | list_for_each(pp, &s->dlcs) | ||
1977 | if (!l--) { | ||
1978 | seq->private = s; | ||
1979 | return pp; | ||
1980 | } | ||
1981 | } | ||
1982 | return NULL; | ||
1983 | } | ||
1984 | |||
1985 | static void *rfcomm_seq_next(struct seq_file *seq, void *e, loff_t *pos) | ||
1986 | { | ||
1987 | struct rfcomm_session *s = seq->private; | ||
1988 | struct list_head *pp, *p = e; | ||
1989 | (*pos)++; | ||
1990 | |||
1991 | if (p->next != &s->dlcs) | ||
1992 | return p->next; | ||
1993 | |||
1994 | list_for_each(p, &session_list) { | ||
1995 | s = list_entry(p, struct rfcomm_session, list); | ||
1996 | __list_for_each(pp, &s->dlcs) { | ||
1997 | seq->private = s; | ||
1998 | return pp; | ||
1999 | } | ||
2000 | } | ||
2001 | return NULL; | ||
2002 | } | ||
2003 | |||
2004 | static void rfcomm_seq_stop(struct seq_file *seq, void *e) | ||
2005 | { | ||
2006 | rfcomm_unlock(); | ||
2007 | } | ||
2008 | |||
2009 | static int rfcomm_seq_show(struct seq_file *seq, void *e) | ||
2010 | { | ||
2011 | struct rfcomm_session *s = seq->private; | ||
2012 | struct sock *sk = s->sock->sk; | ||
2013 | struct rfcomm_dlc *d = list_entry(e, struct rfcomm_dlc, list); | ||
2014 | |||
2015 | seq_printf(seq, "%s %s %ld %d %d %d %d\n", | ||
2016 | batostr(&bt_sk(sk)->src), batostr(&bt_sk(sk)->dst), | ||
2017 | d->state, d->dlci, d->mtu, d->rx_credits, d->tx_credits); | ||
2018 | return 0; | ||
2019 | } | ||
2020 | |||
2021 | static struct seq_operations rfcomm_seq_ops = { | ||
2022 | .start = rfcomm_seq_start, | ||
2023 | .next = rfcomm_seq_next, | ||
2024 | .stop = rfcomm_seq_stop, | ||
2025 | .show = rfcomm_seq_show | ||
2026 | }; | ||
2027 | |||
2028 | static int rfcomm_seq_open(struct inode *inode, struct file *file) | ||
2029 | { | ||
2030 | return seq_open(file, &rfcomm_seq_ops); | ||
2031 | } | ||
2032 | |||
2033 | static struct file_operations rfcomm_seq_fops = { | ||
2034 | .owner = THIS_MODULE, | ||
2035 | .open = rfcomm_seq_open, | ||
2036 | .read = seq_read, | ||
2037 | .llseek = seq_lseek, | ||
2038 | .release = seq_release, | ||
2039 | }; | ||
2040 | |||
2041 | static int __init rfcomm_proc_init(void) | ||
2042 | { | ||
2043 | struct proc_dir_entry *p; | ||
2044 | |||
2045 | proc_bt_rfcomm = proc_mkdir("rfcomm", proc_bt); | ||
2046 | if (proc_bt_rfcomm) { | ||
2047 | proc_bt_rfcomm->owner = THIS_MODULE; | ||
2048 | |||
2049 | p = create_proc_entry("dlc", S_IRUGO, proc_bt_rfcomm); | ||
2050 | if (p) | ||
2051 | p->proc_fops = &rfcomm_seq_fops; | ||
2052 | } | ||
2053 | return 0; | ||
2054 | } | ||
2055 | |||
2056 | static void __exit rfcomm_proc_cleanup(void) | ||
2057 | { | ||
2058 | remove_proc_entry("dlc", proc_bt_rfcomm); | ||
2059 | |||
2060 | remove_proc_entry("rfcomm", proc_bt); | ||
2061 | } | ||
2062 | |||
2063 | #else /* CONFIG_PROC_FS */ | ||
2064 | |||
2065 | static int __init rfcomm_proc_init(void) | ||
2066 | { | ||
2067 | return 0; | ||
2068 | } | ||
2069 | |||
2070 | static void __exit rfcomm_proc_cleanup(void) | ||
2071 | { | ||
2072 | return; | ||
2073 | } | ||
2074 | #endif /* CONFIG_PROC_FS */ | ||
2075 | |||
2076 | /* ---- Initialization ---- */ | ||
2077 | static int __init rfcomm_init(void) | ||
2078 | { | ||
2079 | l2cap_load(); | ||
2080 | |||
2081 | hci_register_cb(&rfcomm_cb); | ||
2082 | |||
2083 | kernel_thread(rfcomm_run, NULL, CLONE_KERNEL); | ||
2084 | |||
2085 | BT_INFO("RFCOMM ver %s", VERSION); | ||
2086 | |||
2087 | rfcomm_proc_init(); | ||
2088 | |||
2089 | rfcomm_init_sockets(); | ||
2090 | |||
2091 | #ifdef CONFIG_BT_RFCOMM_TTY | ||
2092 | rfcomm_init_ttys(); | ||
2093 | #endif | ||
2094 | |||
2095 | return 0; | ||
2096 | } | ||
2097 | |||
2098 | static void __exit rfcomm_exit(void) | ||
2099 | { | ||
2100 | hci_unregister_cb(&rfcomm_cb); | ||
2101 | |||
2102 | /* Terminate working thread. | ||
2103 | * ie. Set terminate flag and wake it up */ | ||
2104 | atomic_inc(&terminate); | ||
2105 | rfcomm_schedule(RFCOMM_SCHED_STATE); | ||
2106 | |||
2107 | /* Wait until thread is running */ | ||
2108 | while (atomic_read(&running)) | ||
2109 | schedule(); | ||
2110 | |||
2111 | #ifdef CONFIG_BT_RFCOMM_TTY | ||
2112 | rfcomm_cleanup_ttys(); | ||
2113 | #endif | ||
2114 | |||
2115 | rfcomm_cleanup_sockets(); | ||
2116 | |||
2117 | rfcomm_proc_cleanup(); | ||
2118 | } | ||
2119 | |||
2120 | module_init(rfcomm_init); | ||
2121 | module_exit(rfcomm_exit); | ||
2122 | |||
2123 | MODULE_AUTHOR("Maxim Krasnyansky <maxk@qualcomm.com>, Marcel Holtmann <marcel@holtmann.org>"); | ||
2124 | MODULE_DESCRIPTION("Bluetooth RFCOMM ver " VERSION); | ||
2125 | MODULE_VERSION(VERSION); | ||
2126 | MODULE_LICENSE("GPL"); | ||
2127 | MODULE_ALIAS("bt-proto-3"); | ||
diff --git a/net/bluetooth/rfcomm/crc.c b/net/bluetooth/rfcomm/crc.c new file mode 100644 index 00000000000..1011bc4a869 --- /dev/null +++ b/net/bluetooth/rfcomm/crc.c | |||
@@ -0,0 +1,71 @@ | |||
1 | /* | ||
2 | RFCOMM implementation for Linux Bluetooth stack (BlueZ). | ||
3 | Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com> | ||
4 | Copyright (C) 2002 Marcel Holtmann <marcel@holtmann.org> | ||
5 | |||
6 | This program is free software; you can redistribute it and/or modify | ||
7 | it under the terms of the GNU General Public License version 2 as | ||
8 | published by the Free Software Foundation; | ||
9 | |||
10 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS | ||
11 | OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | ||
12 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. | ||
13 | IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY | ||
14 | CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES | ||
15 | WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | ||
16 | ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | ||
17 | OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | ||
18 | |||
19 | ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, | ||
20 | COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS | ||
21 | SOFTWARE IS DISCLAIMED. | ||
22 | */ | ||
23 | |||
24 | /* | ||
25 | * RFCOMM FCS calculation. | ||
26 | * | ||
27 | * $Id: crc.c,v 1.2 2002/09/21 09:54:32 holtmann Exp $ | ||
28 | */ | ||
29 | |||
30 | /* reversed, 8-bit, poly=0x07 */ | ||
31 | unsigned char rfcomm_crc_table[256] = { | ||
32 | 0x00, 0x91, 0xe3, 0x72, 0x07, 0x96, 0xe4, 0x75, | ||
33 | 0x0e, 0x9f, 0xed, 0x7c, 0x09, 0x98, 0xea, 0x7b, | ||
34 | 0x1c, 0x8d, 0xff, 0x6e, 0x1b, 0x8a, 0xf8, 0x69, | ||
35 | 0x12, 0x83, 0xf1, 0x60, 0x15, 0x84, 0xf6, 0x67, | ||
36 | |||
37 | 0x38, 0xa9, 0xdb, 0x4a, 0x3f, 0xae, 0xdc, 0x4d, | ||
38 | 0x36, 0xa7, 0xd5, 0x44, 0x31, 0xa0, 0xd2, 0x43, | ||
39 | 0x24, 0xb5, 0xc7, 0x56, 0x23, 0xb2, 0xc0, 0x51, | ||
40 | 0x2a, 0xbb, 0xc9, 0x58, 0x2d, 0xbc, 0xce, 0x5f, | ||
41 | |||
42 | 0x70, 0xe1, 0x93, 0x02, 0x77, 0xe6, 0x94, 0x05, | ||
43 | 0x7e, 0xef, 0x9d, 0x0c, 0x79, 0xe8, 0x9a, 0x0b, | ||
44 | 0x6c, 0xfd, 0x8f, 0x1e, 0x6b, 0xfa, 0x88, 0x19, | ||
45 | 0x62, 0xf3, 0x81, 0x10, 0x65, 0xf4, 0x86, 0x17, | ||
46 | |||
47 | 0x48, 0xd9, 0xab, 0x3a, 0x4f, 0xde, 0xac, 0x3d, | ||
48 | 0x46, 0xd7, 0xa5, 0x34, 0x41, 0xd0, 0xa2, 0x33, | ||
49 | 0x54, 0xc5, 0xb7, 0x26, 0x53, 0xc2, 0xb0, 0x21, | ||
50 | 0x5a, 0xcb, 0xb9, 0x28, 0x5d, 0xcc, 0xbe, 0x2f, | ||
51 | |||
52 | 0xe0, 0x71, 0x03, 0x92, 0xe7, 0x76, 0x04, 0x95, | ||
53 | 0xee, 0x7f, 0x0d, 0x9c, 0xe9, 0x78, 0x0a, 0x9b, | ||
54 | 0xfc, 0x6d, 0x1f, 0x8e, 0xfb, 0x6a, 0x18, 0x89, | ||
55 | 0xf2, 0x63, 0x11, 0x80, 0xf5, 0x64, 0x16, 0x87, | ||
56 | |||
57 | 0xd8, 0x49, 0x3b, 0xaa, 0xdf, 0x4e, 0x3c, 0xad, | ||
58 | 0xd6, 0x47, 0x35, 0xa4, 0xd1, 0x40, 0x32, 0xa3, | ||
59 | 0xc4, 0x55, 0x27, 0xb6, 0xc3, 0x52, 0x20, 0xb1, | ||
60 | 0xca, 0x5b, 0x29, 0xb8, 0xcd, 0x5c, 0x2e, 0xbf, | ||
61 | |||
62 | 0x90, 0x01, 0x73, 0xe2, 0x97, 0x06, 0x74, 0xe5, | ||
63 | 0x9e, 0x0f, 0x7d, 0xec, 0x99, 0x08, 0x7a, 0xeb, | ||
64 | 0x8c, 0x1d, 0x6f, 0xfe, 0x8b, 0x1a, 0x68, 0xf9, | ||
65 | 0x82, 0x13, 0x61, 0xf0, 0x85, 0x14, 0x66, 0xf7, | ||
66 | |||
67 | 0xa8, 0x39, 0x4b, 0xda, 0xaf, 0x3e, 0x4c, 0xdd, | ||
68 | 0xa6, 0x37, 0x45, 0xd4, 0xa1, 0x30, 0x42, 0xd3, | ||
69 | 0xb4, 0x25, 0x57, 0xc6, 0xb3, 0x22, 0x50, 0xc1, | ||
70 | 0xba, 0x2b, 0x59, 0xc8, 0xbd, 0x2c, 0x5e, 0xcf | ||
71 | }; | ||
diff --git a/net/bluetooth/rfcomm/sock.c b/net/bluetooth/rfcomm/sock.c new file mode 100644 index 00000000000..640028a2183 --- /dev/null +++ b/net/bluetooth/rfcomm/sock.c | |||
@@ -0,0 +1,1010 @@ | |||
1 | /* | ||
2 | RFCOMM implementation for Linux Bluetooth stack (BlueZ). | ||
3 | Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com> | ||
4 | Copyright (C) 2002 Marcel Holtmann <marcel@holtmann.org> | ||
5 | |||
6 | This program is free software; you can redistribute it and/or modify | ||
7 | it under the terms of the GNU General Public License version 2 as | ||
8 | published by the Free Software Foundation; | ||
9 | |||
10 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS | ||
11 | OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | ||
12 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. | ||
13 | IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY | ||
14 | CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES | ||
15 | WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | ||
16 | ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | ||
17 | OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | ||
18 | |||
19 | ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, | ||
20 | COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS | ||
21 | SOFTWARE IS DISCLAIMED. | ||
22 | */ | ||
23 | |||
24 | /* | ||
25 | * RFCOMM sockets. | ||
26 | * | ||
27 | * $Id: sock.c,v 1.24 2002/10/03 01:00:34 maxk Exp $ | ||
28 | */ | ||
29 | |||
30 | #include <linux/config.h> | ||
31 | #include <linux/module.h> | ||
32 | |||
33 | #include <linux/types.h> | ||
34 | #include <linux/errno.h> | ||
35 | #include <linux/kernel.h> | ||
36 | #include <linux/major.h> | ||
37 | #include <linux/sched.h> | ||
38 | #include <linux/slab.h> | ||
39 | #include <linux/poll.h> | ||
40 | #include <linux/fcntl.h> | ||
41 | #include <linux/init.h> | ||
42 | #include <linux/interrupt.h> | ||
43 | #include <linux/socket.h> | ||
44 | #include <linux/skbuff.h> | ||
45 | #include <linux/list.h> | ||
46 | #include <linux/proc_fs.h> | ||
47 | #include <linux/seq_file.h> | ||
48 | #include <net/sock.h> | ||
49 | |||
50 | #include <asm/system.h> | ||
51 | #include <asm/uaccess.h> | ||
52 | |||
53 | #include <net/bluetooth/bluetooth.h> | ||
54 | #include <net/bluetooth/hci_core.h> | ||
55 | #include <net/bluetooth/l2cap.h> | ||
56 | #include <net/bluetooth/rfcomm.h> | ||
57 | |||
58 | #ifndef CONFIG_BT_RFCOMM_DEBUG | ||
59 | #undef BT_DBG | ||
60 | #define BT_DBG(D...) | ||
61 | #endif | ||
62 | |||
63 | static struct proto_ops rfcomm_sock_ops; | ||
64 | |||
65 | static struct bt_sock_list rfcomm_sk_list = { | ||
66 | .lock = RW_LOCK_UNLOCKED | ||
67 | }; | ||
68 | |||
69 | static void rfcomm_sock_close(struct sock *sk); | ||
70 | static void rfcomm_sock_kill(struct sock *sk); | ||
71 | |||
72 | /* ---- DLC callbacks ---- | ||
73 | * | ||
74 | * called under rfcomm_dlc_lock() | ||
75 | */ | ||
76 | static void rfcomm_sk_data_ready(struct rfcomm_dlc *d, struct sk_buff *skb) | ||
77 | { | ||
78 | struct sock *sk = d->owner; | ||
79 | if (!sk) | ||
80 | return; | ||
81 | |||
82 | atomic_add(skb->len, &sk->sk_rmem_alloc); | ||
83 | skb_queue_tail(&sk->sk_receive_queue, skb); | ||
84 | sk->sk_data_ready(sk, skb->len); | ||
85 | |||
86 | if (atomic_read(&sk->sk_rmem_alloc) >= sk->sk_rcvbuf) | ||
87 | rfcomm_dlc_throttle(d); | ||
88 | } | ||
89 | |||
90 | static void rfcomm_sk_state_change(struct rfcomm_dlc *d, int err) | ||
91 | { | ||
92 | struct sock *sk = d->owner, *parent; | ||
93 | if (!sk) | ||
94 | return; | ||
95 | |||
96 | BT_DBG("dlc %p state %ld err %d", d, d->state, err); | ||
97 | |||
98 | bh_lock_sock(sk); | ||
99 | |||
100 | if (err) | ||
101 | sk->sk_err = err; | ||
102 | |||
103 | sk->sk_state = d->state; | ||
104 | |||
105 | parent = bt_sk(sk)->parent; | ||
106 | if (parent) { | ||
107 | if (d->state == BT_CLOSED) { | ||
108 | sock_set_flag(sk, SOCK_ZAPPED); | ||
109 | bt_accept_unlink(sk); | ||
110 | } | ||
111 | parent->sk_data_ready(parent, 0); | ||
112 | } else { | ||
113 | if (d->state == BT_CONNECTED) | ||
114 | rfcomm_session_getaddr(d->session, &bt_sk(sk)->src, NULL); | ||
115 | sk->sk_state_change(sk); | ||
116 | } | ||
117 | |||
118 | bh_unlock_sock(sk); | ||
119 | |||
120 | if (parent && sock_flag(sk, SOCK_ZAPPED)) { | ||
121 | /* We have to drop DLC lock here, otherwise | ||
122 | * rfcomm_sock_destruct() will dead lock. */ | ||
123 | rfcomm_dlc_unlock(d); | ||
124 | rfcomm_sock_kill(sk); | ||
125 | rfcomm_dlc_lock(d); | ||
126 | } | ||
127 | } | ||
128 | |||
129 | /* ---- Socket functions ---- */ | ||
130 | static struct sock *__rfcomm_get_sock_by_addr(u8 channel, bdaddr_t *src) | ||
131 | { | ||
132 | struct sock *sk = NULL; | ||
133 | struct hlist_node *node; | ||
134 | |||
135 | sk_for_each(sk, node, &rfcomm_sk_list.head) { | ||
136 | if (rfcomm_pi(sk)->channel == channel && | ||
137 | !bacmp(&bt_sk(sk)->src, src)) | ||
138 | break; | ||
139 | } | ||
140 | |||
141 | return node ? sk : NULL; | ||
142 | } | ||
143 | |||
144 | /* Find socket with channel and source bdaddr. | ||
145 | * Returns closest match. | ||
146 | */ | ||
147 | static struct sock *__rfcomm_get_sock_by_channel(int state, u8 channel, bdaddr_t *src) | ||
148 | { | ||
149 | struct sock *sk = NULL, *sk1 = NULL; | ||
150 | struct hlist_node *node; | ||
151 | |||
152 | sk_for_each(sk, node, &rfcomm_sk_list.head) { | ||
153 | if (state && sk->sk_state != state) | ||
154 | continue; | ||
155 | |||
156 | if (rfcomm_pi(sk)->channel == channel) { | ||
157 | /* Exact match. */ | ||
158 | if (!bacmp(&bt_sk(sk)->src, src)) | ||
159 | break; | ||
160 | |||
161 | /* Closest match */ | ||
162 | if (!bacmp(&bt_sk(sk)->src, BDADDR_ANY)) | ||
163 | sk1 = sk; | ||
164 | } | ||
165 | } | ||
166 | return node ? sk : sk1; | ||
167 | } | ||
168 | |||
169 | /* Find socket with given address (channel, src). | ||
170 | * Returns locked socket */ | ||
171 | static inline struct sock *rfcomm_get_sock_by_channel(int state, u8 channel, bdaddr_t *src) | ||
172 | { | ||
173 | struct sock *s; | ||
174 | read_lock(&rfcomm_sk_list.lock); | ||
175 | s = __rfcomm_get_sock_by_channel(state, channel, src); | ||
176 | if (s) bh_lock_sock(s); | ||
177 | read_unlock(&rfcomm_sk_list.lock); | ||
178 | return s; | ||
179 | } | ||
180 | |||
181 | static void rfcomm_sock_destruct(struct sock *sk) | ||
182 | { | ||
183 | struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc; | ||
184 | |||
185 | BT_DBG("sk %p dlc %p", sk, d); | ||
186 | |||
187 | skb_queue_purge(&sk->sk_receive_queue); | ||
188 | skb_queue_purge(&sk->sk_write_queue); | ||
189 | |||
190 | rfcomm_dlc_lock(d); | ||
191 | rfcomm_pi(sk)->dlc = NULL; | ||
192 | |||
193 | /* Detach DLC if it's owned by this socket */ | ||
194 | if (d->owner == sk) | ||
195 | d->owner = NULL; | ||
196 | rfcomm_dlc_unlock(d); | ||
197 | |||
198 | rfcomm_dlc_put(d); | ||
199 | } | ||
200 | |||
201 | static void rfcomm_sock_cleanup_listen(struct sock *parent) | ||
202 | { | ||
203 | struct sock *sk; | ||
204 | |||
205 | BT_DBG("parent %p", parent); | ||
206 | |||
207 | /* Close not yet accepted dlcs */ | ||
208 | while ((sk = bt_accept_dequeue(parent, NULL))) { | ||
209 | rfcomm_sock_close(sk); | ||
210 | rfcomm_sock_kill(sk); | ||
211 | } | ||
212 | |||
213 | parent->sk_state = BT_CLOSED; | ||
214 | sock_set_flag(parent, SOCK_ZAPPED); | ||
215 | } | ||
216 | |||
217 | /* Kill socket (only if zapped and orphan) | ||
218 | * Must be called on unlocked socket. | ||
219 | */ | ||
220 | static void rfcomm_sock_kill(struct sock *sk) | ||
221 | { | ||
222 | if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket) | ||
223 | return; | ||
224 | |||
225 | BT_DBG("sk %p state %d refcnt %d", sk, sk->sk_state, atomic_read(&sk->sk_refcnt)); | ||
226 | |||
227 | /* Kill poor orphan */ | ||
228 | bt_sock_unlink(&rfcomm_sk_list, sk); | ||
229 | sock_set_flag(sk, SOCK_DEAD); | ||
230 | sock_put(sk); | ||
231 | } | ||
232 | |||
233 | static void __rfcomm_sock_close(struct sock *sk) | ||
234 | { | ||
235 | struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc; | ||
236 | |||
237 | BT_DBG("sk %p state %d socket %p", sk, sk->sk_state, sk->sk_socket); | ||
238 | |||
239 | switch (sk->sk_state) { | ||
240 | case BT_LISTEN: | ||
241 | rfcomm_sock_cleanup_listen(sk); | ||
242 | break; | ||
243 | |||
244 | case BT_CONNECT: | ||
245 | case BT_CONNECT2: | ||
246 | case BT_CONFIG: | ||
247 | case BT_CONNECTED: | ||
248 | rfcomm_dlc_close(d, 0); | ||
249 | |||
250 | default: | ||
251 | sock_set_flag(sk, SOCK_ZAPPED); | ||
252 | break; | ||
253 | } | ||
254 | } | ||
255 | |||
256 | /* Close socket. | ||
257 | * Must be called on unlocked socket. | ||
258 | */ | ||
259 | static void rfcomm_sock_close(struct sock *sk) | ||
260 | { | ||
261 | lock_sock(sk); | ||
262 | __rfcomm_sock_close(sk); | ||
263 | release_sock(sk); | ||
264 | } | ||
265 | |||
266 | static void rfcomm_sock_init(struct sock *sk, struct sock *parent) | ||
267 | { | ||
268 | struct rfcomm_pinfo *pi = rfcomm_pi(sk); | ||
269 | |||
270 | BT_DBG("sk %p", sk); | ||
271 | |||
272 | if (parent) { | ||
273 | sk->sk_type = parent->sk_type; | ||
274 | pi->link_mode = rfcomm_pi(parent)->link_mode; | ||
275 | } else { | ||
276 | pi->link_mode = 0; | ||
277 | } | ||
278 | |||
279 | pi->dlc->link_mode = pi->link_mode; | ||
280 | } | ||
281 | |||
282 | static struct proto rfcomm_proto = { | ||
283 | .name = "RFCOMM", | ||
284 | .owner = THIS_MODULE, | ||
285 | .obj_size = sizeof(struct rfcomm_pinfo) | ||
286 | }; | ||
287 | |||
288 | static struct sock *rfcomm_sock_alloc(struct socket *sock, int proto, int prio) | ||
289 | { | ||
290 | struct rfcomm_dlc *d; | ||
291 | struct sock *sk; | ||
292 | |||
293 | sk = sk_alloc(PF_BLUETOOTH, prio, &rfcomm_proto, 1); | ||
294 | if (!sk) | ||
295 | return NULL; | ||
296 | |||
297 | sock_init_data(sock, sk); | ||
298 | INIT_LIST_HEAD(&bt_sk(sk)->accept_q); | ||
299 | |||
300 | d = rfcomm_dlc_alloc(prio); | ||
301 | if (!d) { | ||
302 | sk_free(sk); | ||
303 | return NULL; | ||
304 | } | ||
305 | |||
306 | d->data_ready = rfcomm_sk_data_ready; | ||
307 | d->state_change = rfcomm_sk_state_change; | ||
308 | |||
309 | rfcomm_pi(sk)->dlc = d; | ||
310 | d->owner = sk; | ||
311 | |||
312 | sk->sk_destruct = rfcomm_sock_destruct; | ||
313 | sk->sk_sndtimeo = RFCOMM_CONN_TIMEOUT; | ||
314 | |||
315 | sk->sk_sndbuf = RFCOMM_MAX_CREDITS * RFCOMM_DEFAULT_MTU * 10; | ||
316 | sk->sk_rcvbuf = RFCOMM_MAX_CREDITS * RFCOMM_DEFAULT_MTU * 10; | ||
317 | |||
318 | sock_reset_flag(sk, SOCK_ZAPPED); | ||
319 | |||
320 | sk->sk_protocol = proto; | ||
321 | sk->sk_state = BT_OPEN; | ||
322 | |||
323 | bt_sock_link(&rfcomm_sk_list, sk); | ||
324 | |||
325 | BT_DBG("sk %p", sk); | ||
326 | return sk; | ||
327 | } | ||
328 | |||
329 | static int rfcomm_sock_create(struct socket *sock, int protocol) | ||
330 | { | ||
331 | struct sock *sk; | ||
332 | |||
333 | BT_DBG("sock %p", sock); | ||
334 | |||
335 | sock->state = SS_UNCONNECTED; | ||
336 | |||
337 | if (sock->type != SOCK_STREAM && sock->type != SOCK_RAW) | ||
338 | return -ESOCKTNOSUPPORT; | ||
339 | |||
340 | sock->ops = &rfcomm_sock_ops; | ||
341 | |||
342 | if (!(sk = rfcomm_sock_alloc(sock, protocol, GFP_KERNEL))) | ||
343 | return -ENOMEM; | ||
344 | |||
345 | rfcomm_sock_init(sk, NULL); | ||
346 | return 0; | ||
347 | } | ||
348 | |||
349 | static int rfcomm_sock_bind(struct socket *sock, struct sockaddr *addr, int addr_len) | ||
350 | { | ||
351 | struct sockaddr_rc *sa = (struct sockaddr_rc *) addr; | ||
352 | struct sock *sk = sock->sk; | ||
353 | int err = 0; | ||
354 | |||
355 | BT_DBG("sk %p %s", sk, batostr(&sa->rc_bdaddr)); | ||
356 | |||
357 | if (!addr || addr->sa_family != AF_BLUETOOTH) | ||
358 | return -EINVAL; | ||
359 | |||
360 | lock_sock(sk); | ||
361 | |||
362 | if (sk->sk_state != BT_OPEN) { | ||
363 | err = -EBADFD; | ||
364 | goto done; | ||
365 | } | ||
366 | |||
367 | write_lock_bh(&rfcomm_sk_list.lock); | ||
368 | |||
369 | if (sa->rc_channel && __rfcomm_get_sock_by_addr(sa->rc_channel, &sa->rc_bdaddr)) { | ||
370 | err = -EADDRINUSE; | ||
371 | } else { | ||
372 | /* Save source address */ | ||
373 | bacpy(&bt_sk(sk)->src, &sa->rc_bdaddr); | ||
374 | rfcomm_pi(sk)->channel = sa->rc_channel; | ||
375 | sk->sk_state = BT_BOUND; | ||
376 | } | ||
377 | |||
378 | write_unlock_bh(&rfcomm_sk_list.lock); | ||
379 | |||
380 | done: | ||
381 | release_sock(sk); | ||
382 | return err; | ||
383 | } | ||
384 | |||
385 | static int rfcomm_sock_connect(struct socket *sock, struct sockaddr *addr, int alen, int flags) | ||
386 | { | ||
387 | struct sockaddr_rc *sa = (struct sockaddr_rc *) addr; | ||
388 | struct sock *sk = sock->sk; | ||
389 | struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc; | ||
390 | int err = 0; | ||
391 | |||
392 | BT_DBG("sk %p", sk); | ||
393 | |||
394 | if (addr->sa_family != AF_BLUETOOTH || alen < sizeof(struct sockaddr_rc)) | ||
395 | return -EINVAL; | ||
396 | |||
397 | if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND) | ||
398 | return -EBADFD; | ||
399 | |||
400 | if (sk->sk_type != SOCK_STREAM) | ||
401 | return -EINVAL; | ||
402 | |||
403 | lock_sock(sk); | ||
404 | |||
405 | sk->sk_state = BT_CONNECT; | ||
406 | bacpy(&bt_sk(sk)->dst, &sa->rc_bdaddr); | ||
407 | rfcomm_pi(sk)->channel = sa->rc_channel; | ||
408 | |||
409 | err = rfcomm_dlc_open(d, &bt_sk(sk)->src, &sa->rc_bdaddr, sa->rc_channel); | ||
410 | if (!err) | ||
411 | err = bt_sock_wait_state(sk, BT_CONNECTED, | ||
412 | sock_sndtimeo(sk, flags & O_NONBLOCK)); | ||
413 | |||
414 | release_sock(sk); | ||
415 | return err; | ||
416 | } | ||
417 | |||
418 | static int rfcomm_sock_listen(struct socket *sock, int backlog) | ||
419 | { | ||
420 | struct sock *sk = sock->sk; | ||
421 | int err = 0; | ||
422 | |||
423 | BT_DBG("sk %p backlog %d", sk, backlog); | ||
424 | |||
425 | lock_sock(sk); | ||
426 | |||
427 | if (sk->sk_state != BT_BOUND) { | ||
428 | err = -EBADFD; | ||
429 | goto done; | ||
430 | } | ||
431 | |||
432 | if (!rfcomm_pi(sk)->channel) { | ||
433 | bdaddr_t *src = &bt_sk(sk)->src; | ||
434 | u8 channel; | ||
435 | |||
436 | err = -EINVAL; | ||
437 | |||
438 | write_lock_bh(&rfcomm_sk_list.lock); | ||
439 | |||
440 | for (channel = 1; channel < 31; channel++) | ||
441 | if (!__rfcomm_get_sock_by_addr(channel, src)) { | ||
442 | rfcomm_pi(sk)->channel = channel; | ||
443 | err = 0; | ||
444 | break; | ||
445 | } | ||
446 | |||
447 | write_unlock_bh(&rfcomm_sk_list.lock); | ||
448 | |||
449 | if (err < 0) | ||
450 | goto done; | ||
451 | } | ||
452 | |||
453 | sk->sk_max_ack_backlog = backlog; | ||
454 | sk->sk_ack_backlog = 0; | ||
455 | sk->sk_state = BT_LISTEN; | ||
456 | |||
457 | done: | ||
458 | release_sock(sk); | ||
459 | return err; | ||
460 | } | ||
461 | |||
462 | static int rfcomm_sock_accept(struct socket *sock, struct socket *newsock, int flags) | ||
463 | { | ||
464 | DECLARE_WAITQUEUE(wait, current); | ||
465 | struct sock *sk = sock->sk, *nsk; | ||
466 | long timeo; | ||
467 | int err = 0; | ||
468 | |||
469 | lock_sock(sk); | ||
470 | |||
471 | if (sk->sk_state != BT_LISTEN) { | ||
472 | err = -EBADFD; | ||
473 | goto done; | ||
474 | } | ||
475 | |||
476 | timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK); | ||
477 | |||
478 | BT_DBG("sk %p timeo %ld", sk, timeo); | ||
479 | |||
480 | /* Wait for an incoming connection. (wake-one). */ | ||
481 | add_wait_queue_exclusive(sk->sk_sleep, &wait); | ||
482 | while (!(nsk = bt_accept_dequeue(sk, newsock))) { | ||
483 | set_current_state(TASK_INTERRUPTIBLE); | ||
484 | if (!timeo) { | ||
485 | err = -EAGAIN; | ||
486 | break; | ||
487 | } | ||
488 | |||
489 | release_sock(sk); | ||
490 | timeo = schedule_timeout(timeo); | ||
491 | lock_sock(sk); | ||
492 | |||
493 | if (sk->sk_state != BT_LISTEN) { | ||
494 | err = -EBADFD; | ||
495 | break; | ||
496 | } | ||
497 | |||
498 | if (signal_pending(current)) { | ||
499 | err = sock_intr_errno(timeo); | ||
500 | break; | ||
501 | } | ||
502 | } | ||
503 | set_current_state(TASK_RUNNING); | ||
504 | remove_wait_queue(sk->sk_sleep, &wait); | ||
505 | |||
506 | if (err) | ||
507 | goto done; | ||
508 | |||
509 | newsock->state = SS_CONNECTED; | ||
510 | |||
511 | BT_DBG("new socket %p", nsk); | ||
512 | |||
513 | done: | ||
514 | release_sock(sk); | ||
515 | return err; | ||
516 | } | ||
517 | |||
518 | static int rfcomm_sock_getname(struct socket *sock, struct sockaddr *addr, int *len, int peer) | ||
519 | { | ||
520 | struct sockaddr_rc *sa = (struct sockaddr_rc *) addr; | ||
521 | struct sock *sk = sock->sk; | ||
522 | |||
523 | BT_DBG("sock %p, sk %p", sock, sk); | ||
524 | |||
525 | sa->rc_family = AF_BLUETOOTH; | ||
526 | sa->rc_channel = rfcomm_pi(sk)->channel; | ||
527 | if (peer) | ||
528 | bacpy(&sa->rc_bdaddr, &bt_sk(sk)->dst); | ||
529 | else | ||
530 | bacpy(&sa->rc_bdaddr, &bt_sk(sk)->src); | ||
531 | |||
532 | *len = sizeof(struct sockaddr_rc); | ||
533 | return 0; | ||
534 | } | ||
535 | |||
536 | static int rfcomm_sock_sendmsg(struct kiocb *iocb, struct socket *sock, | ||
537 | struct msghdr *msg, size_t len) | ||
538 | { | ||
539 | struct sock *sk = sock->sk; | ||
540 | struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc; | ||
541 | struct sk_buff *skb; | ||
542 | int err; | ||
543 | int sent = 0; | ||
544 | |||
545 | if (msg->msg_flags & MSG_OOB) | ||
546 | return -EOPNOTSUPP; | ||
547 | |||
548 | if (sk->sk_shutdown & SEND_SHUTDOWN) | ||
549 | return -EPIPE; | ||
550 | |||
551 | BT_DBG("sock %p, sk %p", sock, sk); | ||
552 | |||
553 | lock_sock(sk); | ||
554 | |||
555 | while (len) { | ||
556 | size_t size = min_t(size_t, len, d->mtu); | ||
557 | |||
558 | skb = sock_alloc_send_skb(sk, size + RFCOMM_SKB_RESERVE, | ||
559 | msg->msg_flags & MSG_DONTWAIT, &err); | ||
560 | if (!skb) | ||
561 | break; | ||
562 | skb_reserve(skb, RFCOMM_SKB_HEAD_RESERVE); | ||
563 | |||
564 | err = memcpy_fromiovec(skb_put(skb, size), msg->msg_iov, size); | ||
565 | if (err) { | ||
566 | kfree_skb(skb); | ||
567 | sent = err; | ||
568 | break; | ||
569 | } | ||
570 | |||
571 | err = rfcomm_dlc_send(d, skb); | ||
572 | if (err < 0) { | ||
573 | kfree_skb(skb); | ||
574 | break; | ||
575 | } | ||
576 | |||
577 | sent += size; | ||
578 | len -= size; | ||
579 | } | ||
580 | |||
581 | release_sock(sk); | ||
582 | |||
583 | return sent ? sent : err; | ||
584 | } | ||
585 | |||
586 | static long rfcomm_sock_data_wait(struct sock *sk, long timeo) | ||
587 | { | ||
588 | DECLARE_WAITQUEUE(wait, current); | ||
589 | |||
590 | add_wait_queue(sk->sk_sleep, &wait); | ||
591 | for (;;) { | ||
592 | set_current_state(TASK_INTERRUPTIBLE); | ||
593 | |||
594 | if (skb_queue_len(&sk->sk_receive_queue) || sk->sk_err || (sk->sk_shutdown & RCV_SHUTDOWN) || | ||
595 | signal_pending(current) || !timeo) | ||
596 | break; | ||
597 | |||
598 | set_bit(SOCK_ASYNC_WAITDATA, &sk->sk_socket->flags); | ||
599 | release_sock(sk); | ||
600 | timeo = schedule_timeout(timeo); | ||
601 | lock_sock(sk); | ||
602 | clear_bit(SOCK_ASYNC_WAITDATA, &sk->sk_socket->flags); | ||
603 | } | ||
604 | |||
605 | __set_current_state(TASK_RUNNING); | ||
606 | remove_wait_queue(sk->sk_sleep, &wait); | ||
607 | return timeo; | ||
608 | } | ||
609 | |||
610 | static int rfcomm_sock_recvmsg(struct kiocb *iocb, struct socket *sock, | ||
611 | struct msghdr *msg, size_t size, int flags) | ||
612 | { | ||
613 | struct sock *sk = sock->sk; | ||
614 | int err = 0; | ||
615 | size_t target, copied = 0; | ||
616 | long timeo; | ||
617 | |||
618 | if (flags & MSG_OOB) | ||
619 | return -EOPNOTSUPP; | ||
620 | |||
621 | msg->msg_namelen = 0; | ||
622 | |||
623 | BT_DBG("sk %p size %d", sk, size); | ||
624 | |||
625 | lock_sock(sk); | ||
626 | |||
627 | target = sock_rcvlowat(sk, flags & MSG_WAITALL, size); | ||
628 | timeo = sock_rcvtimeo(sk, flags & MSG_DONTWAIT); | ||
629 | |||
630 | do { | ||
631 | struct sk_buff *skb; | ||
632 | int chunk; | ||
633 | |||
634 | skb = skb_dequeue(&sk->sk_receive_queue); | ||
635 | if (!skb) { | ||
636 | if (copied >= target) | ||
637 | break; | ||
638 | |||
639 | if ((err = sock_error(sk)) != 0) | ||
640 | break; | ||
641 | if (sk->sk_shutdown & RCV_SHUTDOWN) | ||
642 | break; | ||
643 | |||
644 | err = -EAGAIN; | ||
645 | if (!timeo) | ||
646 | break; | ||
647 | |||
648 | timeo = rfcomm_sock_data_wait(sk, timeo); | ||
649 | |||
650 | if (signal_pending(current)) { | ||
651 | err = sock_intr_errno(timeo); | ||
652 | goto out; | ||
653 | } | ||
654 | continue; | ||
655 | } | ||
656 | |||
657 | chunk = min_t(unsigned int, skb->len, size); | ||
658 | if (memcpy_toiovec(msg->msg_iov, skb->data, chunk)) { | ||
659 | skb_queue_head(&sk->sk_receive_queue, skb); | ||
660 | if (!copied) | ||
661 | copied = -EFAULT; | ||
662 | break; | ||
663 | } | ||
664 | copied += chunk; | ||
665 | size -= chunk; | ||
666 | |||
667 | if (!(flags & MSG_PEEK)) { | ||
668 | atomic_sub(chunk, &sk->sk_rmem_alloc); | ||
669 | |||
670 | skb_pull(skb, chunk); | ||
671 | if (skb->len) { | ||
672 | skb_queue_head(&sk->sk_receive_queue, skb); | ||
673 | break; | ||
674 | } | ||
675 | kfree_skb(skb); | ||
676 | |||
677 | } else { | ||
678 | /* put message back and return */ | ||
679 | skb_queue_head(&sk->sk_receive_queue, skb); | ||
680 | break; | ||
681 | } | ||
682 | } while (size); | ||
683 | |||
684 | out: | ||
685 | if (atomic_read(&sk->sk_rmem_alloc) <= (sk->sk_rcvbuf >> 2)) | ||
686 | rfcomm_dlc_unthrottle(rfcomm_pi(sk)->dlc); | ||
687 | |||
688 | release_sock(sk); | ||
689 | return copied ? : err; | ||
690 | } | ||
691 | |||
692 | static int rfcomm_sock_setsockopt(struct socket *sock, int level, int optname, char __user *optval, int optlen) | ||
693 | { | ||
694 | struct sock *sk = sock->sk; | ||
695 | int err = 0; | ||
696 | u32 opt; | ||
697 | |||
698 | BT_DBG("sk %p", sk); | ||
699 | |||
700 | lock_sock(sk); | ||
701 | |||
702 | switch (optname) { | ||
703 | case RFCOMM_LM: | ||
704 | if (get_user(opt, (u32 __user *) optval)) { | ||
705 | err = -EFAULT; | ||
706 | break; | ||
707 | } | ||
708 | |||
709 | rfcomm_pi(sk)->link_mode = opt; | ||
710 | break; | ||
711 | |||
712 | default: | ||
713 | err = -ENOPROTOOPT; | ||
714 | break; | ||
715 | } | ||
716 | |||
717 | release_sock(sk); | ||
718 | return err; | ||
719 | } | ||
720 | |||
721 | static int rfcomm_sock_getsockopt(struct socket *sock, int level, int optname, char __user *optval, int __user *optlen) | ||
722 | { | ||
723 | struct sock *sk = sock->sk; | ||
724 | struct sock *l2cap_sk; | ||
725 | struct rfcomm_conninfo cinfo; | ||
726 | int len, err = 0; | ||
727 | |||
728 | BT_DBG("sk %p", sk); | ||
729 | |||
730 | if (get_user(len, optlen)) | ||
731 | return -EFAULT; | ||
732 | |||
733 | lock_sock(sk); | ||
734 | |||
735 | switch (optname) { | ||
736 | case RFCOMM_LM: | ||
737 | if (put_user(rfcomm_pi(sk)->link_mode, (u32 __user *) optval)) | ||
738 | err = -EFAULT; | ||
739 | break; | ||
740 | |||
741 | case RFCOMM_CONNINFO: | ||
742 | if (sk->sk_state != BT_CONNECTED) { | ||
743 | err = -ENOTCONN; | ||
744 | break; | ||
745 | } | ||
746 | |||
747 | l2cap_sk = rfcomm_pi(sk)->dlc->session->sock->sk; | ||
748 | |||
749 | cinfo.hci_handle = l2cap_pi(l2cap_sk)->conn->hcon->handle; | ||
750 | memcpy(cinfo.dev_class, l2cap_pi(l2cap_sk)->conn->hcon->dev_class, 3); | ||
751 | |||
752 | len = min_t(unsigned int, len, sizeof(cinfo)); | ||
753 | if (copy_to_user(optval, (char *) &cinfo, len)) | ||
754 | err = -EFAULT; | ||
755 | |||
756 | break; | ||
757 | |||
758 | default: | ||
759 | err = -ENOPROTOOPT; | ||
760 | break; | ||
761 | } | ||
762 | |||
763 | release_sock(sk); | ||
764 | return err; | ||
765 | } | ||
766 | |||
767 | static int rfcomm_sock_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg) | ||
768 | { | ||
769 | struct sock *sk = sock->sk; | ||
770 | int err; | ||
771 | |||
772 | lock_sock(sk); | ||
773 | |||
774 | #ifdef CONFIG_BT_RFCOMM_TTY | ||
775 | err = rfcomm_dev_ioctl(sk, cmd, (void __user *)arg); | ||
776 | #else | ||
777 | err = -EOPNOTSUPP; | ||
778 | #endif | ||
779 | |||
780 | release_sock(sk); | ||
781 | return err; | ||
782 | } | ||
783 | |||
784 | static int rfcomm_sock_shutdown(struct socket *sock, int how) | ||
785 | { | ||
786 | struct sock *sk = sock->sk; | ||
787 | int err = 0; | ||
788 | |||
789 | BT_DBG("sock %p, sk %p", sock, sk); | ||
790 | |||
791 | if (!sk) return 0; | ||
792 | |||
793 | lock_sock(sk); | ||
794 | if (!sk->sk_shutdown) { | ||
795 | sk->sk_shutdown = SHUTDOWN_MASK; | ||
796 | __rfcomm_sock_close(sk); | ||
797 | |||
798 | if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime) | ||
799 | err = bt_sock_wait_state(sk, BT_CLOSED, sk->sk_lingertime); | ||
800 | } | ||
801 | release_sock(sk); | ||
802 | return err; | ||
803 | } | ||
804 | |||
805 | static int rfcomm_sock_release(struct socket *sock) | ||
806 | { | ||
807 | struct sock *sk = sock->sk; | ||
808 | int err; | ||
809 | |||
810 | BT_DBG("sock %p, sk %p", sock, sk); | ||
811 | |||
812 | if (!sk) | ||
813 | return 0; | ||
814 | |||
815 | err = rfcomm_sock_shutdown(sock, 2); | ||
816 | |||
817 | sock_orphan(sk); | ||
818 | rfcomm_sock_kill(sk); | ||
819 | return err; | ||
820 | } | ||
821 | |||
822 | /* ---- RFCOMM core layer callbacks ---- | ||
823 | * | ||
824 | * called under rfcomm_lock() | ||
825 | */ | ||
826 | int rfcomm_connect_ind(struct rfcomm_session *s, u8 channel, struct rfcomm_dlc **d) | ||
827 | { | ||
828 | struct sock *sk, *parent; | ||
829 | bdaddr_t src, dst; | ||
830 | int result = 0; | ||
831 | |||
832 | BT_DBG("session %p channel %d", s, channel); | ||
833 | |||
834 | rfcomm_session_getaddr(s, &src, &dst); | ||
835 | |||
836 | /* Check if we have socket listening on channel */ | ||
837 | parent = rfcomm_get_sock_by_channel(BT_LISTEN, channel, &src); | ||
838 | if (!parent) | ||
839 | return 0; | ||
840 | |||
841 | /* Check for backlog size */ | ||
842 | if (sk_acceptq_is_full(parent)) { | ||
843 | BT_DBG("backlog full %d", parent->sk_ack_backlog); | ||
844 | goto done; | ||
845 | } | ||
846 | |||
847 | sk = rfcomm_sock_alloc(NULL, BTPROTO_RFCOMM, GFP_ATOMIC); | ||
848 | if (!sk) | ||
849 | goto done; | ||
850 | |||
851 | rfcomm_sock_init(sk, parent); | ||
852 | bacpy(&bt_sk(sk)->src, &src); | ||
853 | bacpy(&bt_sk(sk)->dst, &dst); | ||
854 | rfcomm_pi(sk)->channel = channel; | ||
855 | |||
856 | sk->sk_state = BT_CONFIG; | ||
857 | bt_accept_enqueue(parent, sk); | ||
858 | |||
859 | /* Accept connection and return socket DLC */ | ||
860 | *d = rfcomm_pi(sk)->dlc; | ||
861 | result = 1; | ||
862 | |||
863 | done: | ||
864 | bh_unlock_sock(parent); | ||
865 | return result; | ||
866 | } | ||
867 | |||
868 | /* ---- Proc fs support ---- */ | ||
869 | #ifdef CONFIG_PROC_FS | ||
870 | static void *rfcomm_seq_start(struct seq_file *seq, loff_t *pos) | ||
871 | { | ||
872 | struct sock *sk; | ||
873 | struct hlist_node *node; | ||
874 | loff_t l = *pos; | ||
875 | |||
876 | read_lock_bh(&rfcomm_sk_list.lock); | ||
877 | |||
878 | sk_for_each(sk, node, &rfcomm_sk_list.head) | ||
879 | if (!l--) | ||
880 | return sk; | ||
881 | return NULL; | ||
882 | } | ||
883 | |||
884 | static void *rfcomm_seq_next(struct seq_file *seq, void *e, loff_t *pos) | ||
885 | { | ||
886 | struct sock *sk = e; | ||
887 | (*pos)++; | ||
888 | return sk_next(sk); | ||
889 | } | ||
890 | |||
891 | static void rfcomm_seq_stop(struct seq_file *seq, void *e) | ||
892 | { | ||
893 | read_unlock_bh(&rfcomm_sk_list.lock); | ||
894 | } | ||
895 | |||
896 | static int rfcomm_seq_show(struct seq_file *seq, void *e) | ||
897 | { | ||
898 | struct sock *sk = e; | ||
899 | seq_printf(seq, "%s %s %d %d\n", | ||
900 | batostr(&bt_sk(sk)->src), batostr(&bt_sk(sk)->dst), | ||
901 | sk->sk_state, rfcomm_pi(sk)->channel); | ||
902 | return 0; | ||
903 | } | ||
904 | |||
905 | static struct seq_operations rfcomm_seq_ops = { | ||
906 | .start = rfcomm_seq_start, | ||
907 | .next = rfcomm_seq_next, | ||
908 | .stop = rfcomm_seq_stop, | ||
909 | .show = rfcomm_seq_show | ||
910 | }; | ||
911 | |||
912 | static int rfcomm_seq_open(struct inode *inode, struct file *file) | ||
913 | { | ||
914 | return seq_open(file, &rfcomm_seq_ops); | ||
915 | } | ||
916 | |||
917 | static struct file_operations rfcomm_seq_fops = { | ||
918 | .owner = THIS_MODULE, | ||
919 | .open = rfcomm_seq_open, | ||
920 | .read = seq_read, | ||
921 | .llseek = seq_lseek, | ||
922 | .release = seq_release, | ||
923 | }; | ||
924 | |||
925 | static int __init rfcomm_sock_proc_init(void) | ||
926 | { | ||
927 | struct proc_dir_entry *p = create_proc_entry("sock", S_IRUGO, proc_bt_rfcomm); | ||
928 | if (!p) | ||
929 | return -ENOMEM; | ||
930 | p->proc_fops = &rfcomm_seq_fops; | ||
931 | return 0; | ||
932 | } | ||
933 | |||
934 | static void __exit rfcomm_sock_proc_cleanup(void) | ||
935 | { | ||
936 | remove_proc_entry("sock", proc_bt_rfcomm); | ||
937 | } | ||
938 | |||
939 | #else /* CONFIG_PROC_FS */ | ||
940 | |||
941 | static int __init rfcomm_sock_proc_init(void) | ||
942 | { | ||
943 | return 0; | ||
944 | } | ||
945 | |||
946 | static void __exit rfcomm_sock_proc_cleanup(void) | ||
947 | { | ||
948 | return; | ||
949 | } | ||
950 | #endif /* CONFIG_PROC_FS */ | ||
951 | |||
952 | static struct proto_ops rfcomm_sock_ops = { | ||
953 | .family = PF_BLUETOOTH, | ||
954 | .owner = THIS_MODULE, | ||
955 | .release = rfcomm_sock_release, | ||
956 | .bind = rfcomm_sock_bind, | ||
957 | .connect = rfcomm_sock_connect, | ||
958 | .listen = rfcomm_sock_listen, | ||
959 | .accept = rfcomm_sock_accept, | ||
960 | .getname = rfcomm_sock_getname, | ||
961 | .sendmsg = rfcomm_sock_sendmsg, | ||
962 | .recvmsg = rfcomm_sock_recvmsg, | ||
963 | .shutdown = rfcomm_sock_shutdown, | ||
964 | .setsockopt = rfcomm_sock_setsockopt, | ||
965 | .getsockopt = rfcomm_sock_getsockopt, | ||
966 | .ioctl = rfcomm_sock_ioctl, | ||
967 | .poll = bt_sock_poll, | ||
968 | .socketpair = sock_no_socketpair, | ||
969 | .mmap = sock_no_mmap | ||
970 | }; | ||
971 | |||
972 | static struct net_proto_family rfcomm_sock_family_ops = { | ||
973 | .family = PF_BLUETOOTH, | ||
974 | .owner = THIS_MODULE, | ||
975 | .create = rfcomm_sock_create | ||
976 | }; | ||
977 | |||
978 | int __init rfcomm_init_sockets(void) | ||
979 | { | ||
980 | int err; | ||
981 | |||
982 | err = proto_register(&rfcomm_proto, 0); | ||
983 | if (err < 0) | ||
984 | return err; | ||
985 | |||
986 | err = bt_sock_register(BTPROTO_RFCOMM, &rfcomm_sock_family_ops); | ||
987 | if (err < 0) | ||
988 | goto error; | ||
989 | |||
990 | rfcomm_sock_proc_init(); | ||
991 | |||
992 | BT_INFO("RFCOMM socket layer initialized"); | ||
993 | |||
994 | return 0; | ||
995 | |||
996 | error: | ||
997 | BT_ERR("RFCOMM socket layer registration failed"); | ||
998 | proto_unregister(&rfcomm_proto); | ||
999 | return err; | ||
1000 | } | ||
1001 | |||
1002 | void __exit rfcomm_cleanup_sockets(void) | ||
1003 | { | ||
1004 | rfcomm_sock_proc_cleanup(); | ||
1005 | |||
1006 | if (bt_sock_unregister(BTPROTO_RFCOMM) < 0) | ||
1007 | BT_ERR("RFCOMM socket layer unregistration failed"); | ||
1008 | |||
1009 | proto_unregister(&rfcomm_proto); | ||
1010 | } | ||
diff --git a/net/bluetooth/rfcomm/tty.c b/net/bluetooth/rfcomm/tty.c new file mode 100644 index 00000000000..6d689200bcf --- /dev/null +++ b/net/bluetooth/rfcomm/tty.c | |||
@@ -0,0 +1,930 @@ | |||
1 | /* | ||
2 | RFCOMM implementation for Linux Bluetooth stack (BlueZ). | ||
3 | Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com> | ||
4 | Copyright (C) 2002 Marcel Holtmann <marcel@holtmann.org> | ||
5 | |||
6 | This program is free software; you can redistribute it and/or modify | ||
7 | it under the terms of the GNU General Public License version 2 as | ||
8 | published by the Free Software Foundation; | ||
9 | |||
10 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS | ||
11 | OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | ||
12 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. | ||
13 | IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY | ||
14 | CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES | ||
15 | WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | ||
16 | ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | ||
17 | OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | ||
18 | |||
19 | ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, | ||
20 | COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS | ||
21 | SOFTWARE IS DISCLAIMED. | ||
22 | */ | ||
23 | |||
24 | /* | ||
25 | * RFCOMM TTY. | ||
26 | * | ||
27 | * $Id: tty.c,v 1.24 2002/10/03 01:54:38 holtmann Exp $ | ||
28 | */ | ||
29 | |||
30 | #include <linux/config.h> | ||
31 | #include <linux/module.h> | ||
32 | |||
33 | #include <linux/tty.h> | ||
34 | #include <linux/tty_driver.h> | ||
35 | #include <linux/tty_flip.h> | ||
36 | |||
37 | #include <linux/slab.h> | ||
38 | #include <linux/skbuff.h> | ||
39 | |||
40 | #include <net/bluetooth/bluetooth.h> | ||
41 | #include <net/bluetooth/rfcomm.h> | ||
42 | |||
43 | #ifndef CONFIG_BT_RFCOMM_DEBUG | ||
44 | #undef BT_DBG | ||
45 | #define BT_DBG(D...) | ||
46 | #endif | ||
47 | |||
48 | #define RFCOMM_TTY_MAGIC 0x6d02 /* magic number for rfcomm struct */ | ||
49 | #define RFCOMM_TTY_PORTS RFCOMM_MAX_DEV /* whole lotta rfcomm devices */ | ||
50 | #define RFCOMM_TTY_MAJOR 216 /* device node major id of the usb/bluetooth.c driver */ | ||
51 | #define RFCOMM_TTY_MINOR 0 | ||
52 | |||
53 | static struct tty_driver *rfcomm_tty_driver; | ||
54 | |||
55 | struct rfcomm_dev { | ||
56 | struct list_head list; | ||
57 | atomic_t refcnt; | ||
58 | |||
59 | char name[12]; | ||
60 | int id; | ||
61 | unsigned long flags; | ||
62 | int opened; | ||
63 | int err; | ||
64 | |||
65 | bdaddr_t src; | ||
66 | bdaddr_t dst; | ||
67 | u8 channel; | ||
68 | |||
69 | uint modem_status; | ||
70 | |||
71 | struct rfcomm_dlc *dlc; | ||
72 | struct tty_struct *tty; | ||
73 | wait_queue_head_t wait; | ||
74 | struct tasklet_struct wakeup_task; | ||
75 | |||
76 | atomic_t wmem_alloc; | ||
77 | }; | ||
78 | |||
79 | static LIST_HEAD(rfcomm_dev_list); | ||
80 | static DEFINE_RWLOCK(rfcomm_dev_lock); | ||
81 | |||
82 | static void rfcomm_dev_data_ready(struct rfcomm_dlc *dlc, struct sk_buff *skb); | ||
83 | static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err); | ||
84 | static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig); | ||
85 | |||
86 | static void rfcomm_tty_wakeup(unsigned long arg); | ||
87 | |||
88 | /* ---- Device functions ---- */ | ||
89 | static void rfcomm_dev_destruct(struct rfcomm_dev *dev) | ||
90 | { | ||
91 | struct rfcomm_dlc *dlc = dev->dlc; | ||
92 | |||
93 | BT_DBG("dev %p dlc %p", dev, dlc); | ||
94 | |||
95 | rfcomm_dlc_lock(dlc); | ||
96 | /* Detach DLC if it's owned by this dev */ | ||
97 | if (dlc->owner == dev) | ||
98 | dlc->owner = NULL; | ||
99 | rfcomm_dlc_unlock(dlc); | ||
100 | |||
101 | rfcomm_dlc_put(dlc); | ||
102 | |||
103 | tty_unregister_device(rfcomm_tty_driver, dev->id); | ||
104 | |||
105 | /* Refcount should only hit zero when called from rfcomm_dev_del() | ||
106 | which will have taken us off the list. Everything else are | ||
107 | refcounting bugs. */ | ||
108 | BUG_ON(!list_empty(&dev->list)); | ||
109 | |||
110 | kfree(dev); | ||
111 | |||
112 | /* It's safe to call module_put() here because socket still | ||
113 | holds reference to this module. */ | ||
114 | module_put(THIS_MODULE); | ||
115 | } | ||
116 | |||
117 | static inline void rfcomm_dev_hold(struct rfcomm_dev *dev) | ||
118 | { | ||
119 | atomic_inc(&dev->refcnt); | ||
120 | } | ||
121 | |||
122 | static inline void rfcomm_dev_put(struct rfcomm_dev *dev) | ||
123 | { | ||
124 | /* The reason this isn't actually a race, as you no | ||
125 | doubt have a little voice screaming at you in your | ||
126 | head, is that the refcount should never actually | ||
127 | reach zero unless the device has already been taken | ||
128 | off the list, in rfcomm_dev_del(). And if that's not | ||
129 | true, we'll hit the BUG() in rfcomm_dev_destruct() | ||
130 | anyway. */ | ||
131 | if (atomic_dec_and_test(&dev->refcnt)) | ||
132 | rfcomm_dev_destruct(dev); | ||
133 | } | ||
134 | |||
135 | static struct rfcomm_dev *__rfcomm_dev_get(int id) | ||
136 | { | ||
137 | struct rfcomm_dev *dev; | ||
138 | struct list_head *p; | ||
139 | |||
140 | list_for_each(p, &rfcomm_dev_list) { | ||
141 | dev = list_entry(p, struct rfcomm_dev, list); | ||
142 | if (dev->id == id) | ||
143 | return dev; | ||
144 | } | ||
145 | |||
146 | return NULL; | ||
147 | } | ||
148 | |||
149 | static inline struct rfcomm_dev *rfcomm_dev_get(int id) | ||
150 | { | ||
151 | struct rfcomm_dev *dev; | ||
152 | |||
153 | read_lock(&rfcomm_dev_lock); | ||
154 | |||
155 | dev = __rfcomm_dev_get(id); | ||
156 | if (dev) | ||
157 | rfcomm_dev_hold(dev); | ||
158 | |||
159 | read_unlock(&rfcomm_dev_lock); | ||
160 | |||
161 | return dev; | ||
162 | } | ||
163 | |||
164 | static int rfcomm_dev_add(struct rfcomm_dev_req *req, struct rfcomm_dlc *dlc) | ||
165 | { | ||
166 | struct rfcomm_dev *dev; | ||
167 | struct list_head *head = &rfcomm_dev_list, *p; | ||
168 | int err = 0; | ||
169 | |||
170 | BT_DBG("id %d channel %d", req->dev_id, req->channel); | ||
171 | |||
172 | dev = kmalloc(sizeof(struct rfcomm_dev), GFP_KERNEL); | ||
173 | if (!dev) | ||
174 | return -ENOMEM; | ||
175 | memset(dev, 0, sizeof(struct rfcomm_dev)); | ||
176 | |||
177 | write_lock_bh(&rfcomm_dev_lock); | ||
178 | |||
179 | if (req->dev_id < 0) { | ||
180 | dev->id = 0; | ||
181 | |||
182 | list_for_each(p, &rfcomm_dev_list) { | ||
183 | if (list_entry(p, struct rfcomm_dev, list)->id != dev->id) | ||
184 | break; | ||
185 | |||
186 | dev->id++; | ||
187 | head = p; | ||
188 | } | ||
189 | } else { | ||
190 | dev->id = req->dev_id; | ||
191 | |||
192 | list_for_each(p, &rfcomm_dev_list) { | ||
193 | struct rfcomm_dev *entry = list_entry(p, struct rfcomm_dev, list); | ||
194 | |||
195 | if (entry->id == dev->id) { | ||
196 | err = -EADDRINUSE; | ||
197 | goto out; | ||
198 | } | ||
199 | |||
200 | if (entry->id > dev->id - 1) | ||
201 | break; | ||
202 | |||
203 | head = p; | ||
204 | } | ||
205 | } | ||
206 | |||
207 | if ((dev->id < 0) || (dev->id > RFCOMM_MAX_DEV - 1)) { | ||
208 | err = -ENFILE; | ||
209 | goto out; | ||
210 | } | ||
211 | |||
212 | sprintf(dev->name, "rfcomm%d", dev->id); | ||
213 | |||
214 | list_add(&dev->list, head); | ||
215 | atomic_set(&dev->refcnt, 1); | ||
216 | |||
217 | bacpy(&dev->src, &req->src); | ||
218 | bacpy(&dev->dst, &req->dst); | ||
219 | dev->channel = req->channel; | ||
220 | |||
221 | dev->flags = req->flags & | ||
222 | ((1 << RFCOMM_RELEASE_ONHUP) | (1 << RFCOMM_REUSE_DLC)); | ||
223 | |||
224 | init_waitqueue_head(&dev->wait); | ||
225 | tasklet_init(&dev->wakeup_task, rfcomm_tty_wakeup, (unsigned long) dev); | ||
226 | |||
227 | rfcomm_dlc_lock(dlc); | ||
228 | dlc->data_ready = rfcomm_dev_data_ready; | ||
229 | dlc->state_change = rfcomm_dev_state_change; | ||
230 | dlc->modem_status = rfcomm_dev_modem_status; | ||
231 | |||
232 | dlc->owner = dev; | ||
233 | dev->dlc = dlc; | ||
234 | rfcomm_dlc_unlock(dlc); | ||
235 | |||
236 | /* It's safe to call __module_get() here because socket already | ||
237 | holds reference to this module. */ | ||
238 | __module_get(THIS_MODULE); | ||
239 | |||
240 | out: | ||
241 | write_unlock_bh(&rfcomm_dev_lock); | ||
242 | |||
243 | if (err) { | ||
244 | kfree(dev); | ||
245 | return err; | ||
246 | } | ||
247 | |||
248 | tty_register_device(rfcomm_tty_driver, dev->id, NULL); | ||
249 | |||
250 | return dev->id; | ||
251 | } | ||
252 | |||
253 | static void rfcomm_dev_del(struct rfcomm_dev *dev) | ||
254 | { | ||
255 | BT_DBG("dev %p", dev); | ||
256 | |||
257 | write_lock_bh(&rfcomm_dev_lock); | ||
258 | list_del_init(&dev->list); | ||
259 | write_unlock_bh(&rfcomm_dev_lock); | ||
260 | |||
261 | rfcomm_dev_put(dev); | ||
262 | } | ||
263 | |||
264 | /* ---- Send buffer ---- */ | ||
265 | static inline unsigned int rfcomm_room(struct rfcomm_dlc *dlc) | ||
266 | { | ||
267 | /* We can't let it be zero, because we don't get a callback | ||
268 | when tx_credits becomes nonzero, hence we'd never wake up */ | ||
269 | return dlc->mtu * (dlc->tx_credits?:1); | ||
270 | } | ||
271 | |||
272 | static void rfcomm_wfree(struct sk_buff *skb) | ||
273 | { | ||
274 | struct rfcomm_dev *dev = (void *) skb->sk; | ||
275 | atomic_sub(skb->truesize, &dev->wmem_alloc); | ||
276 | if (test_bit(RFCOMM_TTY_ATTACHED, &dev->flags)) | ||
277 | tasklet_schedule(&dev->wakeup_task); | ||
278 | rfcomm_dev_put(dev); | ||
279 | } | ||
280 | |||
281 | static inline void rfcomm_set_owner_w(struct sk_buff *skb, struct rfcomm_dev *dev) | ||
282 | { | ||
283 | rfcomm_dev_hold(dev); | ||
284 | atomic_add(skb->truesize, &dev->wmem_alloc); | ||
285 | skb->sk = (void *) dev; | ||
286 | skb->destructor = rfcomm_wfree; | ||
287 | } | ||
288 | |||
289 | static struct sk_buff *rfcomm_wmalloc(struct rfcomm_dev *dev, unsigned long size, int priority) | ||
290 | { | ||
291 | if (atomic_read(&dev->wmem_alloc) < rfcomm_room(dev->dlc)) { | ||
292 | struct sk_buff *skb = alloc_skb(size, priority); | ||
293 | if (skb) { | ||
294 | rfcomm_set_owner_w(skb, dev); | ||
295 | return skb; | ||
296 | } | ||
297 | } | ||
298 | return NULL; | ||
299 | } | ||
300 | |||
301 | /* ---- Device IOCTLs ---- */ | ||
302 | |||
303 | #define NOCAP_FLAGS ((1 << RFCOMM_REUSE_DLC) | (1 << RFCOMM_RELEASE_ONHUP)) | ||
304 | |||
305 | static int rfcomm_create_dev(struct sock *sk, void __user *arg) | ||
306 | { | ||
307 | struct rfcomm_dev_req req; | ||
308 | struct rfcomm_dlc *dlc; | ||
309 | int id; | ||
310 | |||
311 | if (copy_from_user(&req, arg, sizeof(req))) | ||
312 | return -EFAULT; | ||
313 | |||
314 | BT_DBG("sk %p dev_id %id flags 0x%x", sk, req.dev_id, req.flags); | ||
315 | |||
316 | if (req.flags != NOCAP_FLAGS && !capable(CAP_NET_ADMIN)) | ||
317 | return -EPERM; | ||
318 | |||
319 | if (req.flags & (1 << RFCOMM_REUSE_DLC)) { | ||
320 | /* Socket must be connected */ | ||
321 | if (sk->sk_state != BT_CONNECTED) | ||
322 | return -EBADFD; | ||
323 | |||
324 | dlc = rfcomm_pi(sk)->dlc; | ||
325 | rfcomm_dlc_hold(dlc); | ||
326 | } else { | ||
327 | dlc = rfcomm_dlc_alloc(GFP_KERNEL); | ||
328 | if (!dlc) | ||
329 | return -ENOMEM; | ||
330 | } | ||
331 | |||
332 | id = rfcomm_dev_add(&req, dlc); | ||
333 | if (id < 0) { | ||
334 | rfcomm_dlc_put(dlc); | ||
335 | return id; | ||
336 | } | ||
337 | |||
338 | if (req.flags & (1 << RFCOMM_REUSE_DLC)) { | ||
339 | /* DLC is now used by device. | ||
340 | * Socket must be disconnected */ | ||
341 | sk->sk_state = BT_CLOSED; | ||
342 | } | ||
343 | |||
344 | return id; | ||
345 | } | ||
346 | |||
347 | static int rfcomm_release_dev(void __user *arg) | ||
348 | { | ||
349 | struct rfcomm_dev_req req; | ||
350 | struct rfcomm_dev *dev; | ||
351 | |||
352 | if (copy_from_user(&req, arg, sizeof(req))) | ||
353 | return -EFAULT; | ||
354 | |||
355 | BT_DBG("dev_id %id flags 0x%x", req.dev_id, req.flags); | ||
356 | |||
357 | if (!(dev = rfcomm_dev_get(req.dev_id))) | ||
358 | return -ENODEV; | ||
359 | |||
360 | if (dev->flags != NOCAP_FLAGS && !capable(CAP_NET_ADMIN)) { | ||
361 | rfcomm_dev_put(dev); | ||
362 | return -EPERM; | ||
363 | } | ||
364 | |||
365 | if (req.flags & (1 << RFCOMM_HANGUP_NOW)) | ||
366 | rfcomm_dlc_close(dev->dlc, 0); | ||
367 | |||
368 | rfcomm_dev_del(dev); | ||
369 | rfcomm_dev_put(dev); | ||
370 | return 0; | ||
371 | } | ||
372 | |||
373 | static int rfcomm_get_dev_list(void __user *arg) | ||
374 | { | ||
375 | struct rfcomm_dev_list_req *dl; | ||
376 | struct rfcomm_dev_info *di; | ||
377 | struct list_head *p; | ||
378 | int n = 0, size, err; | ||
379 | u16 dev_num; | ||
380 | |||
381 | BT_DBG(""); | ||
382 | |||
383 | if (get_user(dev_num, (u16 __user *) arg)) | ||
384 | return -EFAULT; | ||
385 | |||
386 | if (!dev_num || dev_num > (PAGE_SIZE * 4) / sizeof(*di)) | ||
387 | return -EINVAL; | ||
388 | |||
389 | size = sizeof(*dl) + dev_num * sizeof(*di); | ||
390 | |||
391 | if (!(dl = kmalloc(size, GFP_KERNEL))) | ||
392 | return -ENOMEM; | ||
393 | |||
394 | di = dl->dev_info; | ||
395 | |||
396 | read_lock_bh(&rfcomm_dev_lock); | ||
397 | |||
398 | list_for_each(p, &rfcomm_dev_list) { | ||
399 | struct rfcomm_dev *dev = list_entry(p, struct rfcomm_dev, list); | ||
400 | (di + n)->id = dev->id; | ||
401 | (di + n)->flags = dev->flags; | ||
402 | (di + n)->state = dev->dlc->state; | ||
403 | (di + n)->channel = dev->channel; | ||
404 | bacpy(&(di + n)->src, &dev->src); | ||
405 | bacpy(&(di + n)->dst, &dev->dst); | ||
406 | if (++n >= dev_num) | ||
407 | break; | ||
408 | } | ||
409 | |||
410 | read_unlock_bh(&rfcomm_dev_lock); | ||
411 | |||
412 | dl->dev_num = n; | ||
413 | size = sizeof(*dl) + n * sizeof(*di); | ||
414 | |||
415 | err = copy_to_user(arg, dl, size); | ||
416 | kfree(dl); | ||
417 | |||
418 | return err ? -EFAULT : 0; | ||
419 | } | ||
420 | |||
421 | static int rfcomm_get_dev_info(void __user *arg) | ||
422 | { | ||
423 | struct rfcomm_dev *dev; | ||
424 | struct rfcomm_dev_info di; | ||
425 | int err = 0; | ||
426 | |||
427 | BT_DBG(""); | ||
428 | |||
429 | if (copy_from_user(&di, arg, sizeof(di))) | ||
430 | return -EFAULT; | ||
431 | |||
432 | if (!(dev = rfcomm_dev_get(di.id))) | ||
433 | return -ENODEV; | ||
434 | |||
435 | di.flags = dev->flags; | ||
436 | di.channel = dev->channel; | ||
437 | di.state = dev->dlc->state; | ||
438 | bacpy(&di.src, &dev->src); | ||
439 | bacpy(&di.dst, &dev->dst); | ||
440 | |||
441 | if (copy_to_user(arg, &di, sizeof(di))) | ||
442 | err = -EFAULT; | ||
443 | |||
444 | rfcomm_dev_put(dev); | ||
445 | return err; | ||
446 | } | ||
447 | |||
448 | int rfcomm_dev_ioctl(struct sock *sk, unsigned int cmd, void __user *arg) | ||
449 | { | ||
450 | BT_DBG("cmd %d arg %p", cmd, arg); | ||
451 | |||
452 | switch (cmd) { | ||
453 | case RFCOMMCREATEDEV: | ||
454 | return rfcomm_create_dev(sk, arg); | ||
455 | |||
456 | case RFCOMMRELEASEDEV: | ||
457 | return rfcomm_release_dev(arg); | ||
458 | |||
459 | case RFCOMMGETDEVLIST: | ||
460 | return rfcomm_get_dev_list(arg); | ||
461 | |||
462 | case RFCOMMGETDEVINFO: | ||
463 | return rfcomm_get_dev_info(arg); | ||
464 | } | ||
465 | |||
466 | return -EINVAL; | ||
467 | } | ||
468 | |||
469 | /* ---- DLC callbacks ---- */ | ||
470 | static void rfcomm_dev_data_ready(struct rfcomm_dlc *dlc, struct sk_buff *skb) | ||
471 | { | ||
472 | struct rfcomm_dev *dev = dlc->owner; | ||
473 | struct tty_struct *tty; | ||
474 | |||
475 | if (!dev || !(tty = dev->tty)) { | ||
476 | kfree_skb(skb); | ||
477 | return; | ||
478 | } | ||
479 | |||
480 | BT_DBG("dlc %p tty %p len %d", dlc, tty, skb->len); | ||
481 | |||
482 | if (test_bit(TTY_DONT_FLIP, &tty->flags)) { | ||
483 | register int i; | ||
484 | for (i = 0; i < skb->len; i++) { | ||
485 | if (tty->flip.count >= TTY_FLIPBUF_SIZE) | ||
486 | tty_flip_buffer_push(tty); | ||
487 | |||
488 | tty_insert_flip_char(tty, skb->data[i], 0); | ||
489 | } | ||
490 | tty_flip_buffer_push(tty); | ||
491 | } else | ||
492 | tty->ldisc.receive_buf(tty, skb->data, NULL, skb->len); | ||
493 | |||
494 | kfree_skb(skb); | ||
495 | } | ||
496 | |||
497 | static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err) | ||
498 | { | ||
499 | struct rfcomm_dev *dev = dlc->owner; | ||
500 | if (!dev) | ||
501 | return; | ||
502 | |||
503 | BT_DBG("dlc %p dev %p err %d", dlc, dev, err); | ||
504 | |||
505 | dev->err = err; | ||
506 | wake_up_interruptible(&dev->wait); | ||
507 | |||
508 | if (dlc->state == BT_CLOSED) { | ||
509 | if (!dev->tty) { | ||
510 | if (test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags)) { | ||
511 | rfcomm_dev_hold(dev); | ||
512 | rfcomm_dev_del(dev); | ||
513 | |||
514 | /* We have to drop DLC lock here, otherwise | ||
515 | rfcomm_dev_put() will dead lock if it's | ||
516 | the last reference. */ | ||
517 | rfcomm_dlc_unlock(dlc); | ||
518 | rfcomm_dev_put(dev); | ||
519 | rfcomm_dlc_lock(dlc); | ||
520 | } | ||
521 | } else | ||
522 | tty_hangup(dev->tty); | ||
523 | } | ||
524 | } | ||
525 | |||
526 | static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig) | ||
527 | { | ||
528 | struct rfcomm_dev *dev = dlc->owner; | ||
529 | if (!dev) | ||
530 | return; | ||
531 | |||
532 | BT_DBG("dlc %p dev %p v24_sig 0x%02x", dlc, dev, v24_sig); | ||
533 | |||
534 | dev->modem_status = | ||
535 | ((v24_sig & RFCOMM_V24_RTC) ? (TIOCM_DSR | TIOCM_DTR) : 0) | | ||
536 | ((v24_sig & RFCOMM_V24_RTR) ? (TIOCM_RTS | TIOCM_CTS) : 0) | | ||
537 | ((v24_sig & RFCOMM_V24_IC) ? TIOCM_RI : 0) | | ||
538 | ((v24_sig & RFCOMM_V24_DV) ? TIOCM_CD : 0); | ||
539 | } | ||
540 | |||
541 | /* ---- TTY functions ---- */ | ||
542 | static void rfcomm_tty_wakeup(unsigned long arg) | ||
543 | { | ||
544 | struct rfcomm_dev *dev = (void *) arg; | ||
545 | struct tty_struct *tty = dev->tty; | ||
546 | if (!tty) | ||
547 | return; | ||
548 | |||
549 | BT_DBG("dev %p tty %p", dev, tty); | ||
550 | |||
551 | if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags) && tty->ldisc.write_wakeup) | ||
552 | (tty->ldisc.write_wakeup)(tty); | ||
553 | |||
554 | wake_up_interruptible(&tty->write_wait); | ||
555 | #ifdef SERIAL_HAVE_POLL_WAIT | ||
556 | wake_up_interruptible(&tty->poll_wait); | ||
557 | #endif | ||
558 | } | ||
559 | |||
560 | static int rfcomm_tty_open(struct tty_struct *tty, struct file *filp) | ||
561 | { | ||
562 | DECLARE_WAITQUEUE(wait, current); | ||
563 | struct rfcomm_dev *dev; | ||
564 | struct rfcomm_dlc *dlc; | ||
565 | int err, id; | ||
566 | |||
567 | id = tty->index; | ||
568 | |||
569 | BT_DBG("tty %p id %d", tty, id); | ||
570 | |||
571 | /* We don't leak this refcount. For reasons which are not entirely | ||
572 | clear, the TTY layer will call our ->close() method even if the | ||
573 | open fails. We decrease the refcount there, and decreasing it | ||
574 | here too would cause breakage. */ | ||
575 | dev = rfcomm_dev_get(id); | ||
576 | if (!dev) | ||
577 | return -ENODEV; | ||
578 | |||
579 | BT_DBG("dev %p dst %s channel %d opened %d", dev, batostr(&dev->dst), dev->channel, dev->opened); | ||
580 | |||
581 | if (dev->opened++ != 0) | ||
582 | return 0; | ||
583 | |||
584 | dlc = dev->dlc; | ||
585 | |||
586 | /* Attach TTY and open DLC */ | ||
587 | |||
588 | rfcomm_dlc_lock(dlc); | ||
589 | tty->driver_data = dev; | ||
590 | dev->tty = tty; | ||
591 | rfcomm_dlc_unlock(dlc); | ||
592 | set_bit(RFCOMM_TTY_ATTACHED, &dev->flags); | ||
593 | |||
594 | err = rfcomm_dlc_open(dlc, &dev->src, &dev->dst, dev->channel); | ||
595 | if (err < 0) | ||
596 | return err; | ||
597 | |||
598 | /* Wait for DLC to connect */ | ||
599 | add_wait_queue(&dev->wait, &wait); | ||
600 | while (1) { | ||
601 | set_current_state(TASK_INTERRUPTIBLE); | ||
602 | |||
603 | if (dlc->state == BT_CLOSED) { | ||
604 | err = -dev->err; | ||
605 | break; | ||
606 | } | ||
607 | |||
608 | if (dlc->state == BT_CONNECTED) | ||
609 | break; | ||
610 | |||
611 | if (signal_pending(current)) { | ||
612 | err = -EINTR; | ||
613 | break; | ||
614 | } | ||
615 | |||
616 | schedule(); | ||
617 | } | ||
618 | set_current_state(TASK_RUNNING); | ||
619 | remove_wait_queue(&dev->wait, &wait); | ||
620 | |||
621 | return err; | ||
622 | } | ||
623 | |||
624 | static void rfcomm_tty_close(struct tty_struct *tty, struct file *filp) | ||
625 | { | ||
626 | struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; | ||
627 | if (!dev) | ||
628 | return; | ||
629 | |||
630 | BT_DBG("tty %p dev %p dlc %p opened %d", tty, dev, dev->dlc, dev->opened); | ||
631 | |||
632 | if (--dev->opened == 0) { | ||
633 | /* Close DLC and dettach TTY */ | ||
634 | rfcomm_dlc_close(dev->dlc, 0); | ||
635 | |||
636 | clear_bit(RFCOMM_TTY_ATTACHED, &dev->flags); | ||
637 | tasklet_kill(&dev->wakeup_task); | ||
638 | |||
639 | rfcomm_dlc_lock(dev->dlc); | ||
640 | tty->driver_data = NULL; | ||
641 | dev->tty = NULL; | ||
642 | rfcomm_dlc_unlock(dev->dlc); | ||
643 | } | ||
644 | |||
645 | rfcomm_dev_put(dev); | ||
646 | } | ||
647 | |||
648 | static int rfcomm_tty_write(struct tty_struct *tty, const unsigned char *buf, int count) | ||
649 | { | ||
650 | struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; | ||
651 | struct rfcomm_dlc *dlc = dev->dlc; | ||
652 | struct sk_buff *skb; | ||
653 | int err = 0, sent = 0, size; | ||
654 | |||
655 | BT_DBG("tty %p count %d", tty, count); | ||
656 | |||
657 | while (count) { | ||
658 | size = min_t(uint, count, dlc->mtu); | ||
659 | |||
660 | skb = rfcomm_wmalloc(dev, size + RFCOMM_SKB_RESERVE, GFP_ATOMIC); | ||
661 | |||
662 | if (!skb) | ||
663 | break; | ||
664 | |||
665 | skb_reserve(skb, RFCOMM_SKB_HEAD_RESERVE); | ||
666 | |||
667 | memcpy(skb_put(skb, size), buf + sent, size); | ||
668 | |||
669 | if ((err = rfcomm_dlc_send(dlc, skb)) < 0) { | ||
670 | kfree_skb(skb); | ||
671 | break; | ||
672 | } | ||
673 | |||
674 | sent += size; | ||
675 | count -= size; | ||
676 | } | ||
677 | |||
678 | return sent ? sent : err; | ||
679 | } | ||
680 | |||
681 | static int rfcomm_tty_write_room(struct tty_struct *tty) | ||
682 | { | ||
683 | struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; | ||
684 | int room; | ||
685 | |||
686 | BT_DBG("tty %p", tty); | ||
687 | |||
688 | room = rfcomm_room(dev->dlc) - atomic_read(&dev->wmem_alloc); | ||
689 | if (room < 0) | ||
690 | room = 0; | ||
691 | return room; | ||
692 | } | ||
693 | |||
694 | static int rfcomm_tty_ioctl(struct tty_struct *tty, struct file *filp, unsigned int cmd, unsigned long arg) | ||
695 | { | ||
696 | BT_DBG("tty %p cmd 0x%02x", tty, cmd); | ||
697 | |||
698 | switch (cmd) { | ||
699 | case TCGETS: | ||
700 | BT_DBG("TCGETS is not supported"); | ||
701 | return -ENOIOCTLCMD; | ||
702 | |||
703 | case TCSETS: | ||
704 | BT_DBG("TCSETS is not supported"); | ||
705 | return -ENOIOCTLCMD; | ||
706 | |||
707 | case TIOCMIWAIT: | ||
708 | BT_DBG("TIOCMIWAIT"); | ||
709 | break; | ||
710 | |||
711 | case TIOCGICOUNT: | ||
712 | BT_DBG("TIOCGICOUNT"); | ||
713 | break; | ||
714 | |||
715 | case TIOCGSERIAL: | ||
716 | BT_ERR("TIOCGSERIAL is not supported"); | ||
717 | return -ENOIOCTLCMD; | ||
718 | |||
719 | case TIOCSSERIAL: | ||
720 | BT_ERR("TIOCSSERIAL is not supported"); | ||
721 | return -ENOIOCTLCMD; | ||
722 | |||
723 | case TIOCSERGSTRUCT: | ||
724 | BT_ERR("TIOCSERGSTRUCT is not supported"); | ||
725 | return -ENOIOCTLCMD; | ||
726 | |||
727 | case TIOCSERGETLSR: | ||
728 | BT_ERR("TIOCSERGETLSR is not supported"); | ||
729 | return -ENOIOCTLCMD; | ||
730 | |||
731 | case TIOCSERCONFIG: | ||
732 | BT_ERR("TIOCSERCONFIG is not supported"); | ||
733 | return -ENOIOCTLCMD; | ||
734 | |||
735 | default: | ||
736 | return -ENOIOCTLCMD; /* ioctls which we must ignore */ | ||
737 | |||
738 | } | ||
739 | |||
740 | return -ENOIOCTLCMD; | ||
741 | } | ||
742 | |||
743 | #define RELEVANT_IFLAG(iflag) (iflag & (IGNBRK|BRKINT|IGNPAR|PARMRK|INPCK)) | ||
744 | |||
745 | static void rfcomm_tty_set_termios(struct tty_struct *tty, struct termios *old) | ||
746 | { | ||
747 | BT_DBG("tty %p", tty); | ||
748 | |||
749 | if ((tty->termios->c_cflag == old->c_cflag) && | ||
750 | (RELEVANT_IFLAG(tty->termios->c_iflag) == RELEVANT_IFLAG(old->c_iflag))) | ||
751 | return; | ||
752 | |||
753 | /* handle turning off CRTSCTS */ | ||
754 | if ((old->c_cflag & CRTSCTS) && !(tty->termios->c_cflag & CRTSCTS)) { | ||
755 | BT_DBG("turning off CRTSCTS"); | ||
756 | } | ||
757 | } | ||
758 | |||
759 | static void rfcomm_tty_throttle(struct tty_struct *tty) | ||
760 | { | ||
761 | struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; | ||
762 | |||
763 | BT_DBG("tty %p dev %p", tty, dev); | ||
764 | |||
765 | rfcomm_dlc_throttle(dev->dlc); | ||
766 | } | ||
767 | |||
768 | static void rfcomm_tty_unthrottle(struct tty_struct *tty) | ||
769 | { | ||
770 | struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; | ||
771 | |||
772 | BT_DBG("tty %p dev %p", tty, dev); | ||
773 | |||
774 | rfcomm_dlc_unthrottle(dev->dlc); | ||
775 | } | ||
776 | |||
777 | static int rfcomm_tty_chars_in_buffer(struct tty_struct *tty) | ||
778 | { | ||
779 | struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; | ||
780 | struct rfcomm_dlc *dlc = dev->dlc; | ||
781 | |||
782 | BT_DBG("tty %p dev %p", tty, dev); | ||
783 | |||
784 | if (skb_queue_len(&dlc->tx_queue)) | ||
785 | return dlc->mtu; | ||
786 | |||
787 | return 0; | ||
788 | } | ||
789 | |||
790 | static void rfcomm_tty_flush_buffer(struct tty_struct *tty) | ||
791 | { | ||
792 | struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; | ||
793 | if (!dev) | ||
794 | return; | ||
795 | |||
796 | BT_DBG("tty %p dev %p", tty, dev); | ||
797 | |||
798 | skb_queue_purge(&dev->dlc->tx_queue); | ||
799 | |||
800 | if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags) && tty->ldisc.write_wakeup) | ||
801 | tty->ldisc.write_wakeup(tty); | ||
802 | } | ||
803 | |||
804 | static void rfcomm_tty_send_xchar(struct tty_struct *tty, char ch) | ||
805 | { | ||
806 | BT_DBG("tty %p ch %c", tty, ch); | ||
807 | } | ||
808 | |||
809 | static void rfcomm_tty_wait_until_sent(struct tty_struct *tty, int timeout) | ||
810 | { | ||
811 | BT_DBG("tty %p timeout %d", tty, timeout); | ||
812 | } | ||
813 | |||
814 | static void rfcomm_tty_hangup(struct tty_struct *tty) | ||
815 | { | ||
816 | struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; | ||
817 | if (!dev) | ||
818 | return; | ||
819 | |||
820 | BT_DBG("tty %p dev %p", tty, dev); | ||
821 | |||
822 | rfcomm_tty_flush_buffer(tty); | ||
823 | |||
824 | if (test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags)) | ||
825 | rfcomm_dev_del(dev); | ||
826 | } | ||
827 | |||
828 | static int rfcomm_tty_read_proc(char *buf, char **start, off_t offset, int len, int *eof, void *unused) | ||
829 | { | ||
830 | return 0; | ||
831 | } | ||
832 | |||
833 | static int rfcomm_tty_tiocmget(struct tty_struct *tty, struct file *filp) | ||
834 | { | ||
835 | struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; | ||
836 | |||
837 | BT_DBG("tty %p dev %p", tty, dev); | ||
838 | |||
839 | return dev->modem_status; | ||
840 | } | ||
841 | |||
842 | static int rfcomm_tty_tiocmset(struct tty_struct *tty, struct file *filp, unsigned int set, unsigned int clear) | ||
843 | { | ||
844 | struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; | ||
845 | struct rfcomm_dlc *dlc = dev->dlc; | ||
846 | u8 v24_sig; | ||
847 | |||
848 | BT_DBG("tty %p dev %p set 0x%02x clear 0x%02x", tty, dev, set, clear); | ||
849 | |||
850 | rfcomm_dlc_get_modem_status(dlc, &v24_sig); | ||
851 | |||
852 | if (set & TIOCM_DSR || set & TIOCM_DTR) | ||
853 | v24_sig |= RFCOMM_V24_RTC; | ||
854 | if (set & TIOCM_RTS || set & TIOCM_CTS) | ||
855 | v24_sig |= RFCOMM_V24_RTR; | ||
856 | if (set & TIOCM_RI) | ||
857 | v24_sig |= RFCOMM_V24_IC; | ||
858 | if (set & TIOCM_CD) | ||
859 | v24_sig |= RFCOMM_V24_DV; | ||
860 | |||
861 | if (clear & TIOCM_DSR || clear & TIOCM_DTR) | ||
862 | v24_sig &= ~RFCOMM_V24_RTC; | ||
863 | if (clear & TIOCM_RTS || clear & TIOCM_CTS) | ||
864 | v24_sig &= ~RFCOMM_V24_RTR; | ||
865 | if (clear & TIOCM_RI) | ||
866 | v24_sig &= ~RFCOMM_V24_IC; | ||
867 | if (clear & TIOCM_CD) | ||
868 | v24_sig &= ~RFCOMM_V24_DV; | ||
869 | |||
870 | rfcomm_dlc_set_modem_status(dlc, v24_sig); | ||
871 | |||
872 | return 0; | ||
873 | } | ||
874 | |||
875 | /* ---- TTY structure ---- */ | ||
876 | |||
877 | static struct tty_operations rfcomm_ops = { | ||
878 | .open = rfcomm_tty_open, | ||
879 | .close = rfcomm_tty_close, | ||
880 | .write = rfcomm_tty_write, | ||
881 | .write_room = rfcomm_tty_write_room, | ||
882 | .chars_in_buffer = rfcomm_tty_chars_in_buffer, | ||
883 | .flush_buffer = rfcomm_tty_flush_buffer, | ||
884 | .ioctl = rfcomm_tty_ioctl, | ||
885 | .throttle = rfcomm_tty_throttle, | ||
886 | .unthrottle = rfcomm_tty_unthrottle, | ||
887 | .set_termios = rfcomm_tty_set_termios, | ||
888 | .send_xchar = rfcomm_tty_send_xchar, | ||
889 | .hangup = rfcomm_tty_hangup, | ||
890 | .wait_until_sent = rfcomm_tty_wait_until_sent, | ||
891 | .read_proc = rfcomm_tty_read_proc, | ||
892 | .tiocmget = rfcomm_tty_tiocmget, | ||
893 | .tiocmset = rfcomm_tty_tiocmset, | ||
894 | }; | ||
895 | |||
896 | int rfcomm_init_ttys(void) | ||
897 | { | ||
898 | rfcomm_tty_driver = alloc_tty_driver(RFCOMM_TTY_PORTS); | ||
899 | if (!rfcomm_tty_driver) | ||
900 | return -1; | ||
901 | |||
902 | rfcomm_tty_driver->owner = THIS_MODULE; | ||
903 | rfcomm_tty_driver->driver_name = "rfcomm"; | ||
904 | rfcomm_tty_driver->devfs_name = "bluetooth/rfcomm/"; | ||
905 | rfcomm_tty_driver->name = "rfcomm"; | ||
906 | rfcomm_tty_driver->major = RFCOMM_TTY_MAJOR; | ||
907 | rfcomm_tty_driver->minor_start = RFCOMM_TTY_MINOR; | ||
908 | rfcomm_tty_driver->type = TTY_DRIVER_TYPE_SERIAL; | ||
909 | rfcomm_tty_driver->subtype = SERIAL_TYPE_NORMAL; | ||
910 | rfcomm_tty_driver->flags = TTY_DRIVER_REAL_RAW | TTY_DRIVER_NO_DEVFS; | ||
911 | rfcomm_tty_driver->init_termios = tty_std_termios; | ||
912 | rfcomm_tty_driver->init_termios.c_cflag = B9600 | CS8 | CREAD | HUPCL | CLOCAL; | ||
913 | tty_set_operations(rfcomm_tty_driver, &rfcomm_ops); | ||
914 | |||
915 | if (tty_register_driver(rfcomm_tty_driver)) { | ||
916 | BT_ERR("Can't register RFCOMM TTY driver"); | ||
917 | put_tty_driver(rfcomm_tty_driver); | ||
918 | return -1; | ||
919 | } | ||
920 | |||
921 | BT_INFO("RFCOMM TTY layer initialized"); | ||
922 | |||
923 | return 0; | ||
924 | } | ||
925 | |||
926 | void rfcomm_cleanup_ttys(void) | ||
927 | { | ||
928 | tty_unregister_driver(rfcomm_tty_driver); | ||
929 | put_tty_driver(rfcomm_tty_driver); | ||
930 | } | ||
diff --git a/net/bluetooth/sco.c b/net/bluetooth/sco.c new file mode 100644 index 00000000000..3e750ef09e6 --- /dev/null +++ b/net/bluetooth/sco.c | |||
@@ -0,0 +1,1071 @@ | |||
1 | /* | ||
2 | BlueZ - Bluetooth protocol stack for Linux | ||
3 | Copyright (C) 2000-2001 Qualcomm Incorporated | ||
4 | |||
5 | Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com> | ||
6 | |||
7 | This program is free software; you can redistribute it and/or modify | ||
8 | it under the terms of the GNU General Public License version 2 as | ||
9 | published by the Free Software Foundation; | ||
10 | |||
11 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS | ||
12 | OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | ||
13 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. | ||
14 | IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY | ||
15 | CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES | ||
16 | WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | ||
17 | ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | ||
18 | OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | ||
19 | |||
20 | ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, | ||
21 | COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS | ||
22 | SOFTWARE IS DISCLAIMED. | ||
23 | */ | ||
24 | |||
25 | /* Bluetooth SCO sockets. */ | ||
26 | |||
27 | #include <linux/config.h> | ||
28 | #include <linux/module.h> | ||
29 | |||
30 | #include <linux/types.h> | ||
31 | #include <linux/errno.h> | ||
32 | #include <linux/kernel.h> | ||
33 | #include <linux/major.h> | ||
34 | #include <linux/sched.h> | ||
35 | #include <linux/slab.h> | ||
36 | #include <linux/poll.h> | ||
37 | #include <linux/fcntl.h> | ||
38 | #include <linux/init.h> | ||
39 | #include <linux/interrupt.h> | ||
40 | #include <linux/socket.h> | ||
41 | #include <linux/skbuff.h> | ||
42 | #include <linux/proc_fs.h> | ||
43 | #include <linux/seq_file.h> | ||
44 | #include <linux/list.h> | ||
45 | #include <net/sock.h> | ||
46 | |||
47 | #include <asm/system.h> | ||
48 | #include <asm/uaccess.h> | ||
49 | |||
50 | #include <net/bluetooth/bluetooth.h> | ||
51 | #include <net/bluetooth/hci_core.h> | ||
52 | #include <net/bluetooth/sco.h> | ||
53 | |||
54 | #ifndef CONFIG_BT_SCO_DEBUG | ||
55 | #undef BT_DBG | ||
56 | #define BT_DBG(D...) | ||
57 | #endif | ||
58 | |||
59 | #define VERSION "0.4" | ||
60 | |||
61 | static struct proto_ops sco_sock_ops; | ||
62 | |||
63 | static struct bt_sock_list sco_sk_list = { | ||
64 | .lock = RW_LOCK_UNLOCKED | ||
65 | }; | ||
66 | |||
67 | static void __sco_chan_add(struct sco_conn *conn, struct sock *sk, struct sock *parent); | ||
68 | static void sco_chan_del(struct sock *sk, int err); | ||
69 | |||
70 | static int sco_conn_del(struct hci_conn *conn, int err); | ||
71 | |||
72 | static void sco_sock_close(struct sock *sk); | ||
73 | static void sco_sock_kill(struct sock *sk); | ||
74 | |||
75 | /* ---- SCO timers ---- */ | ||
76 | static void sco_sock_timeout(unsigned long arg) | ||
77 | { | ||
78 | struct sock *sk = (struct sock *) arg; | ||
79 | |||
80 | BT_DBG("sock %p state %d", sk, sk->sk_state); | ||
81 | |||
82 | bh_lock_sock(sk); | ||
83 | sk->sk_err = ETIMEDOUT; | ||
84 | sk->sk_state_change(sk); | ||
85 | bh_unlock_sock(sk); | ||
86 | |||
87 | sco_sock_kill(sk); | ||
88 | sock_put(sk); | ||
89 | } | ||
90 | |||
91 | static void sco_sock_set_timer(struct sock *sk, long timeout) | ||
92 | { | ||
93 | BT_DBG("sock %p state %d timeout %ld", sk, sk->sk_state, timeout); | ||
94 | sk_reset_timer(sk, &sk->sk_timer, jiffies + timeout); | ||
95 | } | ||
96 | |||
97 | static void sco_sock_clear_timer(struct sock *sk) | ||
98 | { | ||
99 | BT_DBG("sock %p state %d", sk, sk->sk_state); | ||
100 | sk_stop_timer(sk, &sk->sk_timer); | ||
101 | } | ||
102 | |||
103 | static void sco_sock_init_timer(struct sock *sk) | ||
104 | { | ||
105 | init_timer(&sk->sk_timer); | ||
106 | sk->sk_timer.function = sco_sock_timeout; | ||
107 | sk->sk_timer.data = (unsigned long)sk; | ||
108 | } | ||
109 | |||
110 | /* ---- SCO connections ---- */ | ||
111 | static struct sco_conn *sco_conn_add(struct hci_conn *hcon, __u8 status) | ||
112 | { | ||
113 | struct hci_dev *hdev = hcon->hdev; | ||
114 | struct sco_conn *conn; | ||
115 | |||
116 | if ((conn = hcon->sco_data)) | ||
117 | return conn; | ||
118 | |||
119 | if (status) | ||
120 | return conn; | ||
121 | |||
122 | if (!(conn = kmalloc(sizeof(struct sco_conn), GFP_ATOMIC))) | ||
123 | return NULL; | ||
124 | memset(conn, 0, sizeof(struct sco_conn)); | ||
125 | |||
126 | spin_lock_init(&conn->lock); | ||
127 | |||
128 | hcon->sco_data = conn; | ||
129 | conn->hcon = hcon; | ||
130 | |||
131 | conn->src = &hdev->bdaddr; | ||
132 | conn->dst = &hcon->dst; | ||
133 | |||
134 | if (hdev->sco_mtu > 0) | ||
135 | conn->mtu = hdev->sco_mtu; | ||
136 | else | ||
137 | conn->mtu = 60; | ||
138 | |||
139 | BT_DBG("hcon %p conn %p", hcon, conn); | ||
140 | return conn; | ||
141 | } | ||
142 | |||
143 | static inline struct sock *sco_chan_get(struct sco_conn *conn) | ||
144 | { | ||
145 | struct sock *sk = NULL; | ||
146 | sco_conn_lock(conn); | ||
147 | sk = conn->sk; | ||
148 | sco_conn_unlock(conn); | ||
149 | return sk; | ||
150 | } | ||
151 | |||
152 | static int sco_conn_del(struct hci_conn *hcon, int err) | ||
153 | { | ||
154 | struct sco_conn *conn; | ||
155 | struct sock *sk; | ||
156 | |||
157 | if (!(conn = hcon->sco_data)) | ||
158 | return 0; | ||
159 | |||
160 | BT_DBG("hcon %p conn %p, err %d", hcon, conn, err); | ||
161 | |||
162 | /* Kill socket */ | ||
163 | if ((sk = sco_chan_get(conn))) { | ||
164 | bh_lock_sock(sk); | ||
165 | sco_sock_clear_timer(sk); | ||
166 | sco_chan_del(sk, err); | ||
167 | bh_unlock_sock(sk); | ||
168 | sco_sock_kill(sk); | ||
169 | } | ||
170 | |||
171 | hcon->sco_data = NULL; | ||
172 | kfree(conn); | ||
173 | return 0; | ||
174 | } | ||
175 | |||
176 | static inline int sco_chan_add(struct sco_conn *conn, struct sock *sk, struct sock *parent) | ||
177 | { | ||
178 | int err = 0; | ||
179 | |||
180 | sco_conn_lock(conn); | ||
181 | if (conn->sk) { | ||
182 | err = -EBUSY; | ||
183 | } else { | ||
184 | __sco_chan_add(conn, sk, parent); | ||
185 | } | ||
186 | sco_conn_unlock(conn); | ||
187 | return err; | ||
188 | } | ||
189 | |||
190 | static int sco_connect(struct sock *sk) | ||
191 | { | ||
192 | bdaddr_t *src = &bt_sk(sk)->src; | ||
193 | bdaddr_t *dst = &bt_sk(sk)->dst; | ||
194 | struct sco_conn *conn; | ||
195 | struct hci_conn *hcon; | ||
196 | struct hci_dev *hdev; | ||
197 | int err = 0; | ||
198 | |||
199 | BT_DBG("%s -> %s", batostr(src), batostr(dst)); | ||
200 | |||
201 | if (!(hdev = hci_get_route(dst, src))) | ||
202 | return -EHOSTUNREACH; | ||
203 | |||
204 | hci_dev_lock_bh(hdev); | ||
205 | |||
206 | err = -ENOMEM; | ||
207 | |||
208 | hcon = hci_connect(hdev, SCO_LINK, dst); | ||
209 | if (!hcon) | ||
210 | goto done; | ||
211 | |||
212 | conn = sco_conn_add(hcon, 0); | ||
213 | if (!conn) { | ||
214 | hci_conn_put(hcon); | ||
215 | goto done; | ||
216 | } | ||
217 | |||
218 | /* Update source addr of the socket */ | ||
219 | bacpy(src, conn->src); | ||
220 | |||
221 | err = sco_chan_add(conn, sk, NULL); | ||
222 | if (err) | ||
223 | goto done; | ||
224 | |||
225 | if (hcon->state == BT_CONNECTED) { | ||
226 | sco_sock_clear_timer(sk); | ||
227 | sk->sk_state = BT_CONNECTED; | ||
228 | } else { | ||
229 | sk->sk_state = BT_CONNECT; | ||
230 | sco_sock_set_timer(sk, sk->sk_sndtimeo); | ||
231 | } | ||
232 | done: | ||
233 | hci_dev_unlock_bh(hdev); | ||
234 | hci_dev_put(hdev); | ||
235 | return err; | ||
236 | } | ||
237 | |||
238 | static inline int sco_send_frame(struct sock *sk, struct msghdr *msg, int len) | ||
239 | { | ||
240 | struct sco_conn *conn = sco_pi(sk)->conn; | ||
241 | struct sk_buff *skb; | ||
242 | int err, count; | ||
243 | |||
244 | /* Check outgoing MTU */ | ||
245 | if (len > conn->mtu) | ||
246 | return -EINVAL; | ||
247 | |||
248 | BT_DBG("sk %p len %d", sk, len); | ||
249 | |||
250 | count = min_t(unsigned int, conn->mtu, len); | ||
251 | if (!(skb = bt_skb_send_alloc(sk, count, msg->msg_flags & MSG_DONTWAIT, &err))) | ||
252 | return err; | ||
253 | |||
254 | if (memcpy_fromiovec(skb_put(skb, count), msg->msg_iov, count)) { | ||
255 | err = -EFAULT; | ||
256 | goto fail; | ||
257 | } | ||
258 | |||
259 | if ((err = hci_send_sco(conn->hcon, skb)) < 0) | ||
260 | goto fail; | ||
261 | |||
262 | return count; | ||
263 | |||
264 | fail: | ||
265 | kfree_skb(skb); | ||
266 | return err; | ||
267 | } | ||
268 | |||
269 | static inline void sco_recv_frame(struct sco_conn *conn, struct sk_buff *skb) | ||
270 | { | ||
271 | struct sock *sk = sco_chan_get(conn); | ||
272 | |||
273 | if (!sk) | ||
274 | goto drop; | ||
275 | |||
276 | BT_DBG("sk %p len %d", sk, skb->len); | ||
277 | |||
278 | if (sk->sk_state != BT_CONNECTED) | ||
279 | goto drop; | ||
280 | |||
281 | if (!sock_queue_rcv_skb(sk, skb)) | ||
282 | return; | ||
283 | |||
284 | drop: | ||
285 | kfree_skb(skb); | ||
286 | return; | ||
287 | } | ||
288 | |||
289 | /* -------- Socket interface ---------- */ | ||
290 | static struct sock *__sco_get_sock_by_addr(bdaddr_t *ba) | ||
291 | { | ||
292 | struct sock *sk; | ||
293 | struct hlist_node *node; | ||
294 | |||
295 | sk_for_each(sk, node, &sco_sk_list.head) | ||
296 | if (!bacmp(&bt_sk(sk)->src, ba)) | ||
297 | goto found; | ||
298 | sk = NULL; | ||
299 | found: | ||
300 | return sk; | ||
301 | } | ||
302 | |||
303 | /* Find socket listening on source bdaddr. | ||
304 | * Returns closest match. | ||
305 | */ | ||
306 | static struct sock *sco_get_sock_listen(bdaddr_t *src) | ||
307 | { | ||
308 | struct sock *sk = NULL, *sk1 = NULL; | ||
309 | struct hlist_node *node; | ||
310 | |||
311 | read_lock(&sco_sk_list.lock); | ||
312 | |||
313 | sk_for_each(sk, node, &sco_sk_list.head) { | ||
314 | if (sk->sk_state != BT_LISTEN) | ||
315 | continue; | ||
316 | |||
317 | /* Exact match. */ | ||
318 | if (!bacmp(&bt_sk(sk)->src, src)) | ||
319 | break; | ||
320 | |||
321 | /* Closest match */ | ||
322 | if (!bacmp(&bt_sk(sk)->src, BDADDR_ANY)) | ||
323 | sk1 = sk; | ||
324 | } | ||
325 | |||
326 | read_unlock(&sco_sk_list.lock); | ||
327 | |||
328 | return node ? sk : sk1; | ||
329 | } | ||
330 | |||
331 | static void sco_sock_destruct(struct sock *sk) | ||
332 | { | ||
333 | BT_DBG("sk %p", sk); | ||
334 | |||
335 | skb_queue_purge(&sk->sk_receive_queue); | ||
336 | skb_queue_purge(&sk->sk_write_queue); | ||
337 | } | ||
338 | |||
339 | static void sco_sock_cleanup_listen(struct sock *parent) | ||
340 | { | ||
341 | struct sock *sk; | ||
342 | |||
343 | BT_DBG("parent %p", parent); | ||
344 | |||
345 | /* Close not yet accepted channels */ | ||
346 | while ((sk = bt_accept_dequeue(parent, NULL))) { | ||
347 | sco_sock_close(sk); | ||
348 | sco_sock_kill(sk); | ||
349 | } | ||
350 | |||
351 | parent->sk_state = BT_CLOSED; | ||
352 | sock_set_flag(parent, SOCK_ZAPPED); | ||
353 | } | ||
354 | |||
355 | /* Kill socket (only if zapped and orphan) | ||
356 | * Must be called on unlocked socket. | ||
357 | */ | ||
358 | static void sco_sock_kill(struct sock *sk) | ||
359 | { | ||
360 | if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket) | ||
361 | return; | ||
362 | |||
363 | BT_DBG("sk %p state %d", sk, sk->sk_state); | ||
364 | |||
365 | /* Kill poor orphan */ | ||
366 | bt_sock_unlink(&sco_sk_list, sk); | ||
367 | sock_set_flag(sk, SOCK_DEAD); | ||
368 | sock_put(sk); | ||
369 | } | ||
370 | |||
371 | /* Close socket. | ||
372 | * Must be called on unlocked socket. | ||
373 | */ | ||
374 | static void sco_sock_close(struct sock *sk) | ||
375 | { | ||
376 | struct sco_conn *conn; | ||
377 | |||
378 | sco_sock_clear_timer(sk); | ||
379 | |||
380 | lock_sock(sk); | ||
381 | |||
382 | conn = sco_pi(sk)->conn; | ||
383 | |||
384 | BT_DBG("sk %p state %d conn %p socket %p", sk, sk->sk_state, conn, sk->sk_socket); | ||
385 | |||
386 | switch (sk->sk_state) { | ||
387 | case BT_LISTEN: | ||
388 | sco_sock_cleanup_listen(sk); | ||
389 | break; | ||
390 | |||
391 | case BT_CONNECTED: | ||
392 | case BT_CONFIG: | ||
393 | case BT_CONNECT: | ||
394 | case BT_DISCONN: | ||
395 | sco_chan_del(sk, ECONNRESET); | ||
396 | break; | ||
397 | |||
398 | default: | ||
399 | sock_set_flag(sk, SOCK_ZAPPED); | ||
400 | break; | ||
401 | }; | ||
402 | |||
403 | release_sock(sk); | ||
404 | |||
405 | sco_sock_kill(sk); | ||
406 | } | ||
407 | |||
408 | static void sco_sock_init(struct sock *sk, struct sock *parent) | ||
409 | { | ||
410 | BT_DBG("sk %p", sk); | ||
411 | |||
412 | if (parent) | ||
413 | sk->sk_type = parent->sk_type; | ||
414 | } | ||
415 | |||
416 | static struct proto sco_proto = { | ||
417 | .name = "SCO", | ||
418 | .owner = THIS_MODULE, | ||
419 | .obj_size = sizeof(struct sco_pinfo) | ||
420 | }; | ||
421 | |||
422 | static struct sock *sco_sock_alloc(struct socket *sock, int proto, int prio) | ||
423 | { | ||
424 | struct sock *sk; | ||
425 | |||
426 | sk = sk_alloc(PF_BLUETOOTH, prio, &sco_proto, 1); | ||
427 | if (!sk) | ||
428 | return NULL; | ||
429 | |||
430 | sock_init_data(sock, sk); | ||
431 | INIT_LIST_HEAD(&bt_sk(sk)->accept_q); | ||
432 | |||
433 | sk->sk_destruct = sco_sock_destruct; | ||
434 | sk->sk_sndtimeo = SCO_CONN_TIMEOUT; | ||
435 | |||
436 | sock_reset_flag(sk, SOCK_ZAPPED); | ||
437 | |||
438 | sk->sk_protocol = proto; | ||
439 | sk->sk_state = BT_OPEN; | ||
440 | |||
441 | sco_sock_init_timer(sk); | ||
442 | |||
443 | bt_sock_link(&sco_sk_list, sk); | ||
444 | return sk; | ||
445 | } | ||
446 | |||
447 | static int sco_sock_create(struct socket *sock, int protocol) | ||
448 | { | ||
449 | struct sock *sk; | ||
450 | |||
451 | BT_DBG("sock %p", sock); | ||
452 | |||
453 | sock->state = SS_UNCONNECTED; | ||
454 | |||
455 | if (sock->type != SOCK_SEQPACKET) | ||
456 | return -ESOCKTNOSUPPORT; | ||
457 | |||
458 | sock->ops = &sco_sock_ops; | ||
459 | |||
460 | if (!(sk = sco_sock_alloc(sock, protocol, GFP_KERNEL))) | ||
461 | return -ENOMEM; | ||
462 | |||
463 | sco_sock_init(sk, NULL); | ||
464 | return 0; | ||
465 | } | ||
466 | |||
467 | static int sco_sock_bind(struct socket *sock, struct sockaddr *addr, int addr_len) | ||
468 | { | ||
469 | struct sockaddr_sco *sa = (struct sockaddr_sco *) addr; | ||
470 | struct sock *sk = sock->sk; | ||
471 | bdaddr_t *src = &sa->sco_bdaddr; | ||
472 | int err = 0; | ||
473 | |||
474 | BT_DBG("sk %p %s", sk, batostr(&sa->sco_bdaddr)); | ||
475 | |||
476 | if (!addr || addr->sa_family != AF_BLUETOOTH) | ||
477 | return -EINVAL; | ||
478 | |||
479 | lock_sock(sk); | ||
480 | |||
481 | if (sk->sk_state != BT_OPEN) { | ||
482 | err = -EBADFD; | ||
483 | goto done; | ||
484 | } | ||
485 | |||
486 | write_lock_bh(&sco_sk_list.lock); | ||
487 | |||
488 | if (bacmp(src, BDADDR_ANY) && __sco_get_sock_by_addr(src)) { | ||
489 | err = -EADDRINUSE; | ||
490 | } else { | ||
491 | /* Save source address */ | ||
492 | bacpy(&bt_sk(sk)->src, &sa->sco_bdaddr); | ||
493 | sk->sk_state = BT_BOUND; | ||
494 | } | ||
495 | |||
496 | write_unlock_bh(&sco_sk_list.lock); | ||
497 | |||
498 | done: | ||
499 | release_sock(sk); | ||
500 | return err; | ||
501 | } | ||
502 | |||
503 | static int sco_sock_connect(struct socket *sock, struct sockaddr *addr, int alen, int flags) | ||
504 | { | ||
505 | struct sockaddr_sco *sa = (struct sockaddr_sco *) addr; | ||
506 | struct sock *sk = sock->sk; | ||
507 | int err = 0; | ||
508 | |||
509 | |||
510 | BT_DBG("sk %p", sk); | ||
511 | |||
512 | if (addr->sa_family != AF_BLUETOOTH || alen < sizeof(struct sockaddr_sco)) | ||
513 | return -EINVAL; | ||
514 | |||
515 | if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND) | ||
516 | return -EBADFD; | ||
517 | |||
518 | if (sk->sk_type != SOCK_SEQPACKET) | ||
519 | return -EINVAL; | ||
520 | |||
521 | lock_sock(sk); | ||
522 | |||
523 | /* Set destination address and psm */ | ||
524 | bacpy(&bt_sk(sk)->dst, &sa->sco_bdaddr); | ||
525 | |||
526 | if ((err = sco_connect(sk))) | ||
527 | goto done; | ||
528 | |||
529 | err = bt_sock_wait_state(sk, BT_CONNECTED, | ||
530 | sock_sndtimeo(sk, flags & O_NONBLOCK)); | ||
531 | |||
532 | done: | ||
533 | release_sock(sk); | ||
534 | return err; | ||
535 | } | ||
536 | |||
537 | static int sco_sock_listen(struct socket *sock, int backlog) | ||
538 | { | ||
539 | struct sock *sk = sock->sk; | ||
540 | int err = 0; | ||
541 | |||
542 | BT_DBG("sk %p backlog %d", sk, backlog); | ||
543 | |||
544 | lock_sock(sk); | ||
545 | |||
546 | if (sk->sk_state != BT_BOUND || sock->type != SOCK_SEQPACKET) { | ||
547 | err = -EBADFD; | ||
548 | goto done; | ||
549 | } | ||
550 | |||
551 | sk->sk_max_ack_backlog = backlog; | ||
552 | sk->sk_ack_backlog = 0; | ||
553 | sk->sk_state = BT_LISTEN; | ||
554 | |||
555 | done: | ||
556 | release_sock(sk); | ||
557 | return err; | ||
558 | } | ||
559 | |||
560 | static int sco_sock_accept(struct socket *sock, struct socket *newsock, int flags) | ||
561 | { | ||
562 | DECLARE_WAITQUEUE(wait, current); | ||
563 | struct sock *sk = sock->sk, *ch; | ||
564 | long timeo; | ||
565 | int err = 0; | ||
566 | |||
567 | lock_sock(sk); | ||
568 | |||
569 | if (sk->sk_state != BT_LISTEN) { | ||
570 | err = -EBADFD; | ||
571 | goto done; | ||
572 | } | ||
573 | |||
574 | timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK); | ||
575 | |||
576 | BT_DBG("sk %p timeo %ld", sk, timeo); | ||
577 | |||
578 | /* Wait for an incoming connection. (wake-one). */ | ||
579 | add_wait_queue_exclusive(sk->sk_sleep, &wait); | ||
580 | while (!(ch = bt_accept_dequeue(sk, newsock))) { | ||
581 | set_current_state(TASK_INTERRUPTIBLE); | ||
582 | if (!timeo) { | ||
583 | err = -EAGAIN; | ||
584 | break; | ||
585 | } | ||
586 | |||
587 | release_sock(sk); | ||
588 | timeo = schedule_timeout(timeo); | ||
589 | lock_sock(sk); | ||
590 | |||
591 | if (sk->sk_state != BT_LISTEN) { | ||
592 | err = -EBADFD; | ||
593 | break; | ||
594 | } | ||
595 | |||
596 | if (signal_pending(current)) { | ||
597 | err = sock_intr_errno(timeo); | ||
598 | break; | ||
599 | } | ||
600 | } | ||
601 | set_current_state(TASK_RUNNING); | ||
602 | remove_wait_queue(sk->sk_sleep, &wait); | ||
603 | |||
604 | if (err) | ||
605 | goto done; | ||
606 | |||
607 | newsock->state = SS_CONNECTED; | ||
608 | |||
609 | BT_DBG("new socket %p", ch); | ||
610 | |||
611 | done: | ||
612 | release_sock(sk); | ||
613 | return err; | ||
614 | } | ||
615 | |||
616 | static int sco_sock_getname(struct socket *sock, struct sockaddr *addr, int *len, int peer) | ||
617 | { | ||
618 | struct sockaddr_sco *sa = (struct sockaddr_sco *) addr; | ||
619 | struct sock *sk = sock->sk; | ||
620 | |||
621 | BT_DBG("sock %p, sk %p", sock, sk); | ||
622 | |||
623 | addr->sa_family = AF_BLUETOOTH; | ||
624 | *len = sizeof(struct sockaddr_sco); | ||
625 | |||
626 | if (peer) | ||
627 | bacpy(&sa->sco_bdaddr, &bt_sk(sk)->dst); | ||
628 | else | ||
629 | bacpy(&sa->sco_bdaddr, &bt_sk(sk)->src); | ||
630 | |||
631 | return 0; | ||
632 | } | ||
633 | |||
634 | static int sco_sock_sendmsg(struct kiocb *iocb, struct socket *sock, | ||
635 | struct msghdr *msg, size_t len) | ||
636 | { | ||
637 | struct sock *sk = sock->sk; | ||
638 | int err = 0; | ||
639 | |||
640 | BT_DBG("sock %p, sk %p", sock, sk); | ||
641 | |||
642 | if (sk->sk_err) | ||
643 | return sock_error(sk); | ||
644 | |||
645 | if (msg->msg_flags & MSG_OOB) | ||
646 | return -EOPNOTSUPP; | ||
647 | |||
648 | lock_sock(sk); | ||
649 | |||
650 | if (sk->sk_state == BT_CONNECTED) | ||
651 | err = sco_send_frame(sk, msg, len); | ||
652 | else | ||
653 | err = -ENOTCONN; | ||
654 | |||
655 | release_sock(sk); | ||
656 | return err; | ||
657 | } | ||
658 | |||
659 | static int sco_sock_setsockopt(struct socket *sock, int level, int optname, char __user *optval, int optlen) | ||
660 | { | ||
661 | struct sock *sk = sock->sk; | ||
662 | int err = 0; | ||
663 | |||
664 | BT_DBG("sk %p", sk); | ||
665 | |||
666 | lock_sock(sk); | ||
667 | |||
668 | switch (optname) { | ||
669 | default: | ||
670 | err = -ENOPROTOOPT; | ||
671 | break; | ||
672 | } | ||
673 | |||
674 | release_sock(sk); | ||
675 | return err; | ||
676 | } | ||
677 | |||
678 | static int sco_sock_getsockopt(struct socket *sock, int level, int optname, char __user *optval, int __user *optlen) | ||
679 | { | ||
680 | struct sock *sk = sock->sk; | ||
681 | struct sco_options opts; | ||
682 | struct sco_conninfo cinfo; | ||
683 | int len, err = 0; | ||
684 | |||
685 | BT_DBG("sk %p", sk); | ||
686 | |||
687 | if (get_user(len, optlen)) | ||
688 | return -EFAULT; | ||
689 | |||
690 | lock_sock(sk); | ||
691 | |||
692 | switch (optname) { | ||
693 | case SCO_OPTIONS: | ||
694 | if (sk->sk_state != BT_CONNECTED) { | ||
695 | err = -ENOTCONN; | ||
696 | break; | ||
697 | } | ||
698 | |||
699 | opts.mtu = sco_pi(sk)->conn->mtu; | ||
700 | |||
701 | BT_DBG("mtu %d", opts.mtu); | ||
702 | |||
703 | len = min_t(unsigned int, len, sizeof(opts)); | ||
704 | if (copy_to_user(optval, (char *)&opts, len)) | ||
705 | err = -EFAULT; | ||
706 | |||
707 | break; | ||
708 | |||
709 | case SCO_CONNINFO: | ||
710 | if (sk->sk_state != BT_CONNECTED) { | ||
711 | err = -ENOTCONN; | ||
712 | break; | ||
713 | } | ||
714 | |||
715 | cinfo.hci_handle = sco_pi(sk)->conn->hcon->handle; | ||
716 | memcpy(cinfo.dev_class, sco_pi(sk)->conn->hcon->dev_class, 3); | ||
717 | |||
718 | len = min_t(unsigned int, len, sizeof(cinfo)); | ||
719 | if (copy_to_user(optval, (char *)&cinfo, len)) | ||
720 | err = -EFAULT; | ||
721 | |||
722 | break; | ||
723 | |||
724 | default: | ||
725 | err = -ENOPROTOOPT; | ||
726 | break; | ||
727 | } | ||
728 | |||
729 | release_sock(sk); | ||
730 | return err; | ||
731 | } | ||
732 | |||
733 | static int sco_sock_release(struct socket *sock) | ||
734 | { | ||
735 | struct sock *sk = sock->sk; | ||
736 | int err = 0; | ||
737 | |||
738 | BT_DBG("sock %p, sk %p", sock, sk); | ||
739 | |||
740 | if (!sk) | ||
741 | return 0; | ||
742 | |||
743 | sco_sock_close(sk); | ||
744 | |||
745 | if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime) { | ||
746 | lock_sock(sk); | ||
747 | err = bt_sock_wait_state(sk, BT_CLOSED, sk->sk_lingertime); | ||
748 | release_sock(sk); | ||
749 | } | ||
750 | |||
751 | sock_orphan(sk); | ||
752 | sco_sock_kill(sk); | ||
753 | return err; | ||
754 | } | ||
755 | |||
756 | static void __sco_chan_add(struct sco_conn *conn, struct sock *sk, struct sock *parent) | ||
757 | { | ||
758 | BT_DBG("conn %p", conn); | ||
759 | |||
760 | sco_pi(sk)->conn = conn; | ||
761 | conn->sk = sk; | ||
762 | |||
763 | if (parent) | ||
764 | bt_accept_enqueue(parent, sk); | ||
765 | } | ||
766 | |||
767 | /* Delete channel. | ||
768 | * Must be called on the locked socket. */ | ||
769 | static void sco_chan_del(struct sock *sk, int err) | ||
770 | { | ||
771 | struct sco_conn *conn; | ||
772 | |||
773 | conn = sco_pi(sk)->conn; | ||
774 | |||
775 | BT_DBG("sk %p, conn %p, err %d", sk, conn, err); | ||
776 | |||
777 | if (conn) { | ||
778 | sco_conn_lock(conn); | ||
779 | conn->sk = NULL; | ||
780 | sco_pi(sk)->conn = NULL; | ||
781 | sco_conn_unlock(conn); | ||
782 | hci_conn_put(conn->hcon); | ||
783 | } | ||
784 | |||
785 | sk->sk_state = BT_CLOSED; | ||
786 | sk->sk_err = err; | ||
787 | sk->sk_state_change(sk); | ||
788 | |||
789 | sock_set_flag(sk, SOCK_ZAPPED); | ||
790 | } | ||
791 | |||
792 | static void sco_conn_ready(struct sco_conn *conn) | ||
793 | { | ||
794 | struct sock *parent, *sk; | ||
795 | |||
796 | BT_DBG("conn %p", conn); | ||
797 | |||
798 | sco_conn_lock(conn); | ||
799 | |||
800 | if ((sk = conn->sk)) { | ||
801 | sco_sock_clear_timer(sk); | ||
802 | bh_lock_sock(sk); | ||
803 | sk->sk_state = BT_CONNECTED; | ||
804 | sk->sk_state_change(sk); | ||
805 | bh_unlock_sock(sk); | ||
806 | } else { | ||
807 | parent = sco_get_sock_listen(conn->src); | ||
808 | if (!parent) | ||
809 | goto done; | ||
810 | |||
811 | bh_lock_sock(parent); | ||
812 | |||
813 | sk = sco_sock_alloc(NULL, BTPROTO_SCO, GFP_ATOMIC); | ||
814 | if (!sk) { | ||
815 | bh_unlock_sock(parent); | ||
816 | goto done; | ||
817 | } | ||
818 | |||
819 | sco_sock_init(sk, parent); | ||
820 | |||
821 | bacpy(&bt_sk(sk)->src, conn->src); | ||
822 | bacpy(&bt_sk(sk)->dst, conn->dst); | ||
823 | |||
824 | hci_conn_hold(conn->hcon); | ||
825 | __sco_chan_add(conn, sk, parent); | ||
826 | |||
827 | sk->sk_state = BT_CONNECTED; | ||
828 | |||
829 | /* Wake up parent */ | ||
830 | parent->sk_data_ready(parent, 1); | ||
831 | |||
832 | bh_unlock_sock(parent); | ||
833 | } | ||
834 | |||
835 | done: | ||
836 | sco_conn_unlock(conn); | ||
837 | } | ||
838 | |||
839 | /* ----- SCO interface with lower layer (HCI) ----- */ | ||
840 | static int sco_connect_ind(struct hci_dev *hdev, bdaddr_t *bdaddr, __u8 type) | ||
841 | { | ||
842 | BT_DBG("hdev %s, bdaddr %s", hdev->name, batostr(bdaddr)); | ||
843 | |||
844 | /* Always accept connection */ | ||
845 | return HCI_LM_ACCEPT; | ||
846 | } | ||
847 | |||
848 | static int sco_connect_cfm(struct hci_conn *hcon, __u8 status) | ||
849 | { | ||
850 | BT_DBG("hcon %p bdaddr %s status %d", hcon, batostr(&hcon->dst), status); | ||
851 | |||
852 | if (hcon->type != SCO_LINK) | ||
853 | return 0; | ||
854 | |||
855 | if (!status) { | ||
856 | struct sco_conn *conn; | ||
857 | |||
858 | conn = sco_conn_add(hcon, status); | ||
859 | if (conn) | ||
860 | sco_conn_ready(conn); | ||
861 | } else | ||
862 | sco_conn_del(hcon, bt_err(status)); | ||
863 | |||
864 | return 0; | ||
865 | } | ||
866 | |||
867 | static int sco_disconn_ind(struct hci_conn *hcon, __u8 reason) | ||
868 | { | ||
869 | BT_DBG("hcon %p reason %d", hcon, reason); | ||
870 | |||
871 | if (hcon->type != SCO_LINK) | ||
872 | return 0; | ||
873 | |||
874 | sco_conn_del(hcon, bt_err(reason)); | ||
875 | return 0; | ||
876 | } | ||
877 | |||
878 | static int sco_recv_scodata(struct hci_conn *hcon, struct sk_buff *skb) | ||
879 | { | ||
880 | struct sco_conn *conn = hcon->sco_data; | ||
881 | |||
882 | if (!conn) | ||
883 | goto drop; | ||
884 | |||
885 | BT_DBG("conn %p len %d", conn, skb->len); | ||
886 | |||
887 | if (skb->len) { | ||
888 | sco_recv_frame(conn, skb); | ||
889 | return 0; | ||
890 | } | ||
891 | |||
892 | drop: | ||
893 | kfree_skb(skb); | ||
894 | return 0; | ||
895 | } | ||
896 | |||
897 | /* ---- Proc fs support ---- */ | ||
898 | #ifdef CONFIG_PROC_FS | ||
899 | static void *sco_seq_start(struct seq_file *seq, loff_t *pos) | ||
900 | { | ||
901 | struct sock *sk; | ||
902 | struct hlist_node *node; | ||
903 | loff_t l = *pos; | ||
904 | |||
905 | read_lock_bh(&sco_sk_list.lock); | ||
906 | |||
907 | sk_for_each(sk, node, &sco_sk_list.head) | ||
908 | if (!l--) | ||
909 | goto found; | ||
910 | sk = NULL; | ||
911 | found: | ||
912 | return sk; | ||
913 | } | ||
914 | |||
915 | static void *sco_seq_next(struct seq_file *seq, void *e, loff_t *pos) | ||
916 | { | ||
917 | struct sock *sk = e; | ||
918 | (*pos)++; | ||
919 | return sk_next(sk); | ||
920 | } | ||
921 | |||
922 | static void sco_seq_stop(struct seq_file *seq, void *e) | ||
923 | { | ||
924 | read_unlock_bh(&sco_sk_list.lock); | ||
925 | } | ||
926 | |||
927 | static int sco_seq_show(struct seq_file *seq, void *e) | ||
928 | { | ||
929 | struct sock *sk = e; | ||
930 | seq_printf(seq, "%s %s %d\n", | ||
931 | batostr(&bt_sk(sk)->src), batostr(&bt_sk(sk)->dst), sk->sk_state); | ||
932 | return 0; | ||
933 | } | ||
934 | |||
935 | static struct seq_operations sco_seq_ops = { | ||
936 | .start = sco_seq_start, | ||
937 | .next = sco_seq_next, | ||
938 | .stop = sco_seq_stop, | ||
939 | .show = sco_seq_show | ||
940 | }; | ||
941 | |||
942 | static int sco_seq_open(struct inode *inode, struct file *file) | ||
943 | { | ||
944 | return seq_open(file, &sco_seq_ops); | ||
945 | } | ||
946 | |||
947 | static struct file_operations sco_seq_fops = { | ||
948 | .owner = THIS_MODULE, | ||
949 | .open = sco_seq_open, | ||
950 | .read = seq_read, | ||
951 | .llseek = seq_lseek, | ||
952 | .release = seq_release, | ||
953 | }; | ||
954 | |||
955 | static int __init sco_proc_init(void) | ||
956 | { | ||
957 | struct proc_dir_entry *p = create_proc_entry("sco", S_IRUGO, proc_bt); | ||
958 | if (!p) | ||
959 | return -ENOMEM; | ||
960 | p->owner = THIS_MODULE; | ||
961 | p->proc_fops = &sco_seq_fops; | ||
962 | return 0; | ||
963 | } | ||
964 | |||
965 | static void __exit sco_proc_cleanup(void) | ||
966 | { | ||
967 | remove_proc_entry("sco", proc_bt); | ||
968 | } | ||
969 | |||
970 | #else /* CONFIG_PROC_FS */ | ||
971 | |||
972 | static int __init sco_proc_init(void) | ||
973 | { | ||
974 | return 0; | ||
975 | } | ||
976 | |||
977 | static void __exit sco_proc_cleanup(void) | ||
978 | { | ||
979 | return; | ||
980 | } | ||
981 | #endif /* CONFIG_PROC_FS */ | ||
982 | |||
983 | static struct proto_ops sco_sock_ops = { | ||
984 | .family = PF_BLUETOOTH, | ||
985 | .owner = THIS_MODULE, | ||
986 | .release = sco_sock_release, | ||
987 | .bind = sco_sock_bind, | ||
988 | .connect = sco_sock_connect, | ||
989 | .listen = sco_sock_listen, | ||
990 | .accept = sco_sock_accept, | ||
991 | .getname = sco_sock_getname, | ||
992 | .sendmsg = sco_sock_sendmsg, | ||
993 | .recvmsg = bt_sock_recvmsg, | ||
994 | .poll = bt_sock_poll, | ||
995 | .ioctl = sock_no_ioctl, | ||
996 | .mmap = sock_no_mmap, | ||
997 | .socketpair = sock_no_socketpair, | ||
998 | .shutdown = sock_no_shutdown, | ||
999 | .setsockopt = sco_sock_setsockopt, | ||
1000 | .getsockopt = sco_sock_getsockopt | ||
1001 | }; | ||
1002 | |||
1003 | static struct net_proto_family sco_sock_family_ops = { | ||
1004 | .family = PF_BLUETOOTH, | ||
1005 | .owner = THIS_MODULE, | ||
1006 | .create = sco_sock_create, | ||
1007 | }; | ||
1008 | |||
1009 | static struct hci_proto sco_hci_proto = { | ||
1010 | .name = "SCO", | ||
1011 | .id = HCI_PROTO_SCO, | ||
1012 | .connect_ind = sco_connect_ind, | ||
1013 | .connect_cfm = sco_connect_cfm, | ||
1014 | .disconn_ind = sco_disconn_ind, | ||
1015 | .recv_scodata = sco_recv_scodata | ||
1016 | }; | ||
1017 | |||
1018 | static int __init sco_init(void) | ||
1019 | { | ||
1020 | int err; | ||
1021 | |||
1022 | err = proto_register(&sco_proto, 0); | ||
1023 | if (err < 0) | ||
1024 | return err; | ||
1025 | |||
1026 | err = bt_sock_register(BTPROTO_SCO, &sco_sock_family_ops); | ||
1027 | if (err < 0) { | ||
1028 | BT_ERR("SCO socket registration failed"); | ||
1029 | goto error; | ||
1030 | } | ||
1031 | |||
1032 | err = hci_register_proto(&sco_hci_proto); | ||
1033 | if (err < 0) { | ||
1034 | BT_ERR("SCO protocol registration failed"); | ||
1035 | bt_sock_unregister(BTPROTO_SCO); | ||
1036 | goto error; | ||
1037 | } | ||
1038 | |||
1039 | sco_proc_init(); | ||
1040 | |||
1041 | BT_INFO("SCO (Voice Link) ver %s", VERSION); | ||
1042 | BT_INFO("SCO socket layer initialized"); | ||
1043 | |||
1044 | return 0; | ||
1045 | |||
1046 | error: | ||
1047 | proto_unregister(&sco_proto); | ||
1048 | return err; | ||
1049 | } | ||
1050 | |||
1051 | static void __exit sco_exit(void) | ||
1052 | { | ||
1053 | sco_proc_cleanup(); | ||
1054 | |||
1055 | if (bt_sock_unregister(BTPROTO_SCO) < 0) | ||
1056 | BT_ERR("SCO socket unregistration failed"); | ||
1057 | |||
1058 | if (hci_unregister_proto(&sco_hci_proto) < 0) | ||
1059 | BT_ERR("SCO protocol unregistration failed"); | ||
1060 | |||
1061 | proto_unregister(&sco_proto); | ||
1062 | } | ||
1063 | |||
1064 | module_init(sco_init); | ||
1065 | module_exit(sco_exit); | ||
1066 | |||
1067 | MODULE_AUTHOR("Maxim Krasnyansky <maxk@qualcomm.com>, Marcel Holtmann <marcel@holtmann.org>"); | ||
1068 | MODULE_DESCRIPTION("Bluetooth SCO ver " VERSION); | ||
1069 | MODULE_VERSION(VERSION); | ||
1070 | MODULE_LICENSE("GPL"); | ||
1071 | MODULE_ALIAS("bt-proto-2"); | ||