diff options
Diffstat (limited to 'net/bluetooth/l2cap_sock.c')
| -rw-r--r-- | net/bluetooth/l2cap_sock.c | 476 |
1 files changed, 227 insertions, 249 deletions
diff --git a/net/bluetooth/l2cap_sock.c b/net/bluetooth/l2cap_sock.c index 8248303f44e..e8292369cdc 100644 --- a/net/bluetooth/l2cap_sock.c +++ b/net/bluetooth/l2cap_sock.c | |||
| @@ -26,57 +26,16 @@ | |||
| 26 | 26 | ||
| 27 | /* Bluetooth L2CAP sockets. */ | 27 | /* Bluetooth L2CAP sockets. */ |
| 28 | 28 | ||
| 29 | #include <linux/security.h> | ||
| 30 | |||
| 29 | #include <net/bluetooth/bluetooth.h> | 31 | #include <net/bluetooth/bluetooth.h> |
| 30 | #include <net/bluetooth/hci_core.h> | 32 | #include <net/bluetooth/hci_core.h> |
| 31 | #include <net/bluetooth/l2cap.h> | 33 | #include <net/bluetooth/l2cap.h> |
| 34 | #include <net/bluetooth/smp.h> | ||
| 32 | 35 | ||
| 33 | static const struct proto_ops l2cap_sock_ops; | 36 | static const struct proto_ops l2cap_sock_ops; |
| 34 | 37 | static void l2cap_sock_init(struct sock *sk, struct sock *parent); | |
| 35 | /* ---- L2CAP timers ---- */ | 38 | static struct sock *l2cap_sock_alloc(struct net *net, struct socket *sock, int proto, gfp_t prio); |
| 36 | static void l2cap_sock_timeout(unsigned long arg) | ||
| 37 | { | ||
| 38 | struct sock *sk = (struct sock *) arg; | ||
| 39 | int reason; | ||
| 40 | |||
| 41 | BT_DBG("sock %p state %d", sk, sk->sk_state); | ||
| 42 | |||
| 43 | bh_lock_sock(sk); | ||
| 44 | |||
| 45 | if (sock_owned_by_user(sk)) { | ||
| 46 | /* sk is owned by user. Try again later */ | ||
| 47 | l2cap_sock_set_timer(sk, HZ / 5); | ||
| 48 | bh_unlock_sock(sk); | ||
| 49 | sock_put(sk); | ||
| 50 | return; | ||
| 51 | } | ||
| 52 | |||
| 53 | if (sk->sk_state == BT_CONNECTED || sk->sk_state == BT_CONFIG) | ||
| 54 | reason = ECONNREFUSED; | ||
| 55 | else if (sk->sk_state == BT_CONNECT && | ||
| 56 | l2cap_pi(sk)->chan->sec_level != BT_SECURITY_SDP) | ||
| 57 | reason = ECONNREFUSED; | ||
| 58 | else | ||
| 59 | reason = ETIMEDOUT; | ||
| 60 | |||
| 61 | __l2cap_sock_close(sk, reason); | ||
| 62 | |||
| 63 | bh_unlock_sock(sk); | ||
| 64 | |||
| 65 | l2cap_sock_kill(sk); | ||
| 66 | sock_put(sk); | ||
| 67 | } | ||
| 68 | |||
| 69 | void l2cap_sock_set_timer(struct sock *sk, long timeout) | ||
| 70 | { | ||
| 71 | BT_DBG("sk %p state %d timeout %ld", sk, sk->sk_state, timeout); | ||
| 72 | sk_reset_timer(sk, &sk->sk_timer, jiffies + timeout); | ||
| 73 | } | ||
| 74 | |||
| 75 | void l2cap_sock_clear_timer(struct sock *sk) | ||
| 76 | { | ||
| 77 | BT_DBG("sock %p state %d", sk, sk->sk_state); | ||
| 78 | sk_stop_timer(sk, &sk->sk_timer); | ||
| 79 | } | ||
| 80 | 39 | ||
| 81 | static int l2cap_sock_bind(struct socket *sock, struct sockaddr *addr, int alen) | 40 | static int l2cap_sock_bind(struct socket *sock, struct sockaddr *addr, int alen) |
| 82 | { | 41 | { |
| @@ -133,6 +92,8 @@ static int l2cap_sock_bind(struct socket *sock, struct sockaddr *addr, int alen) | |||
| 133 | chan->sec_level = BT_SECURITY_SDP; | 92 | chan->sec_level = BT_SECURITY_SDP; |
| 134 | 93 | ||
| 135 | bacpy(&bt_sk(sk)->src, &la.l2_bdaddr); | 94 | bacpy(&bt_sk(sk)->src, &la.l2_bdaddr); |
| 95 | |||
| 96 | chan->state = BT_BOUND; | ||
| 136 | sk->sk_state = BT_BOUND; | 97 | sk->sk_state = BT_BOUND; |
| 137 | 98 | ||
| 138 | done: | 99 | done: |
| @@ -162,7 +123,7 @@ static int l2cap_sock_connect(struct socket *sock, struct sockaddr *addr, int al | |||
| 162 | 123 | ||
| 163 | lock_sock(sk); | 124 | lock_sock(sk); |
| 164 | 125 | ||
| 165 | if ((sk->sk_type == SOCK_SEQPACKET || sk->sk_type == SOCK_STREAM) | 126 | if (chan->chan_type == L2CAP_CHAN_CONN_ORIENTED |
| 166 | && !(la.l2_psm || la.l2_cid)) { | 127 | && !(la.l2_psm || la.l2_cid)) { |
| 167 | err = -EINVAL; | 128 | err = -EINVAL; |
| 168 | goto done; | 129 | goto done; |
| @@ -204,8 +165,8 @@ static int l2cap_sock_connect(struct socket *sock, struct sockaddr *addr, int al | |||
| 204 | } | 165 | } |
| 205 | 166 | ||
| 206 | /* PSM must be odd and lsb of upper byte must be 0 */ | 167 | /* PSM must be odd and lsb of upper byte must be 0 */ |
| 207 | if ((__le16_to_cpu(la.l2_psm) & 0x0101) != 0x0001 && | 168 | if ((__le16_to_cpu(la.l2_psm) & 0x0101) != 0x0001 && !la.l2_cid && |
| 208 | sk->sk_type != SOCK_RAW && !la.l2_cid) { | 169 | chan->chan_type != L2CAP_CHAN_RAW) { |
| 209 | err = -EINVAL; | 170 | err = -EINVAL; |
| 210 | goto done; | 171 | goto done; |
| 211 | } | 172 | } |
| @@ -258,6 +219,8 @@ static int l2cap_sock_listen(struct socket *sock, int backlog) | |||
| 258 | 219 | ||
| 259 | sk->sk_max_ack_backlog = backlog; | 220 | sk->sk_max_ack_backlog = backlog; |
| 260 | sk->sk_ack_backlog = 0; | 221 | sk->sk_ack_backlog = 0; |
| 222 | |||
| 223 | chan->state = BT_LISTEN; | ||
| 261 | sk->sk_state = BT_LISTEN; | 224 | sk->sk_state = BT_LISTEN; |
| 262 | 225 | ||
| 263 | done: | 226 | done: |
| @@ -274,30 +237,26 @@ static int l2cap_sock_accept(struct socket *sock, struct socket *newsock, int fl | |||
| 274 | 237 | ||
| 275 | lock_sock_nested(sk, SINGLE_DEPTH_NESTING); | 238 | lock_sock_nested(sk, SINGLE_DEPTH_NESTING); |
| 276 | 239 | ||
| 277 | if (sk->sk_state != BT_LISTEN) { | ||
| 278 | err = -EBADFD; | ||
| 279 | goto done; | ||
| 280 | } | ||
| 281 | |||
| 282 | timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK); | 240 | timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK); |
| 283 | 241 | ||
| 284 | BT_DBG("sk %p timeo %ld", sk, timeo); | 242 | BT_DBG("sk %p timeo %ld", sk, timeo); |
| 285 | 243 | ||
| 286 | /* Wait for an incoming connection. (wake-one). */ | 244 | /* Wait for an incoming connection. (wake-one). */ |
| 287 | add_wait_queue_exclusive(sk_sleep(sk), &wait); | 245 | add_wait_queue_exclusive(sk_sleep(sk), &wait); |
| 288 | while (!(nsk = bt_accept_dequeue(sk, newsock))) { | 246 | while (1) { |
| 289 | set_current_state(TASK_INTERRUPTIBLE); | 247 | set_current_state(TASK_INTERRUPTIBLE); |
| 290 | if (!timeo) { | 248 | |
| 291 | err = -EAGAIN; | 249 | if (sk->sk_state != BT_LISTEN) { |
| 250 | err = -EBADFD; | ||
| 292 | break; | 251 | break; |
| 293 | } | 252 | } |
| 294 | 253 | ||
| 295 | release_sock(sk); | 254 | nsk = bt_accept_dequeue(sk, newsock); |
| 296 | timeo = schedule_timeout(timeo); | 255 | if (nsk) |
| 297 | lock_sock_nested(sk, SINGLE_DEPTH_NESTING); | 256 | break; |
| 298 | 257 | ||
| 299 | if (sk->sk_state != BT_LISTEN) { | 258 | if (!timeo) { |
| 300 | err = -EBADFD; | 259 | err = -EAGAIN; |
| 301 | break; | 260 | break; |
| 302 | } | 261 | } |
| 303 | 262 | ||
| @@ -305,8 +264,12 @@ static int l2cap_sock_accept(struct socket *sock, struct socket *newsock, int fl | |||
| 305 | err = sock_intr_errno(timeo); | 264 | err = sock_intr_errno(timeo); |
| 306 | break; | 265 | break; |
| 307 | } | 266 | } |
| 267 | |||
| 268 | release_sock(sk); | ||
| 269 | timeo = schedule_timeout(timeo); | ||
| 270 | lock_sock_nested(sk, SINGLE_DEPTH_NESTING); | ||
| 308 | } | 271 | } |
| 309 | set_current_state(TASK_RUNNING); | 272 | __set_current_state(TASK_RUNNING); |
| 310 | remove_wait_queue(sk_sleep(sk), &wait); | 273 | remove_wait_queue(sk_sleep(sk), &wait); |
| 311 | 274 | ||
| 312 | if (err) | 275 | if (err) |
| @@ -437,6 +400,7 @@ static int l2cap_sock_getsockopt(struct socket *sock, int level, int optname, ch | |||
| 437 | struct sock *sk = sock->sk; | 400 | struct sock *sk = sock->sk; |
| 438 | struct l2cap_chan *chan = l2cap_pi(sk)->chan; | 401 | struct l2cap_chan *chan = l2cap_pi(sk)->chan; |
| 439 | struct bt_security sec; | 402 | struct bt_security sec; |
| 403 | struct bt_power pwr; | ||
| 440 | int len, err = 0; | 404 | int len, err = 0; |
| 441 | 405 | ||
| 442 | BT_DBG("sk %p", sk); | 406 | BT_DBG("sk %p", sk); |
| @@ -454,14 +418,18 @@ static int l2cap_sock_getsockopt(struct socket *sock, int level, int optname, ch | |||
| 454 | 418 | ||
| 455 | switch (optname) { | 419 | switch (optname) { |
| 456 | case BT_SECURITY: | 420 | case BT_SECURITY: |
| 457 | if (sk->sk_type != SOCK_SEQPACKET && sk->sk_type != SOCK_STREAM | 421 | if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED && |
| 458 | && sk->sk_type != SOCK_RAW) { | 422 | chan->chan_type != L2CAP_CHAN_RAW) { |
| 459 | err = -EINVAL; | 423 | err = -EINVAL; |
| 460 | break; | 424 | break; |
| 461 | } | 425 | } |
| 462 | 426 | ||
| 427 | memset(&sec, 0, sizeof(sec)); | ||
| 463 | sec.level = chan->sec_level; | 428 | sec.level = chan->sec_level; |
| 464 | 429 | ||
| 430 | if (sk->sk_state == BT_CONNECTED) | ||
| 431 | sec.key_size = chan->conn->hcon->enc_key_size; | ||
| 432 | |||
| 465 | len = min_t(unsigned int, len, sizeof(sec)); | 433 | len = min_t(unsigned int, len, sizeof(sec)); |
| 466 | if (copy_to_user(optval, (char *) &sec, len)) | 434 | if (copy_to_user(optval, (char *) &sec, len)) |
| 467 | err = -EFAULT; | 435 | err = -EFAULT; |
| @@ -485,6 +453,21 @@ static int l2cap_sock_getsockopt(struct socket *sock, int level, int optname, ch | |||
| 485 | 453 | ||
| 486 | break; | 454 | break; |
| 487 | 455 | ||
| 456 | case BT_POWER: | ||
| 457 | if (sk->sk_type != SOCK_SEQPACKET && sk->sk_type != SOCK_STREAM | ||
| 458 | && sk->sk_type != SOCK_RAW) { | ||
| 459 | err = -EINVAL; | ||
| 460 | break; | ||
| 461 | } | ||
| 462 | |||
| 463 | pwr.force_active = chan->force_active; | ||
| 464 | |||
| 465 | len = min_t(unsigned int, len, sizeof(pwr)); | ||
| 466 | if (copy_to_user(optval, (char *) &pwr, len)) | ||
| 467 | err = -EFAULT; | ||
| 468 | |||
| 469 | break; | ||
| 470 | |||
| 488 | default: | 471 | default: |
| 489 | err = -ENOPROTOOPT; | 472 | err = -ENOPROTOOPT; |
| 490 | break; | 473 | break; |
| @@ -535,7 +518,7 @@ static int l2cap_sock_setsockopt_old(struct socket *sock, int optname, char __us | |||
| 535 | chan->mode = opts.mode; | 518 | chan->mode = opts.mode; |
| 536 | switch (chan->mode) { | 519 | switch (chan->mode) { |
| 537 | case L2CAP_MODE_BASIC: | 520 | case L2CAP_MODE_BASIC: |
| 538 | chan->conf_state &= ~L2CAP_CONF_STATE2_DEVICE; | 521 | clear_bit(CONF_STATE2_DEVICE, &chan->conf_state); |
| 539 | break; | 522 | break; |
| 540 | case L2CAP_MODE_ERTM: | 523 | case L2CAP_MODE_ERTM: |
| 541 | case L2CAP_MODE_STREAMING: | 524 | case L2CAP_MODE_STREAMING: |
| @@ -585,6 +568,8 @@ static int l2cap_sock_setsockopt(struct socket *sock, int level, int optname, ch | |||
| 585 | struct sock *sk = sock->sk; | 568 | struct sock *sk = sock->sk; |
| 586 | struct l2cap_chan *chan = l2cap_pi(sk)->chan; | 569 | struct l2cap_chan *chan = l2cap_pi(sk)->chan; |
| 587 | struct bt_security sec; | 570 | struct bt_security sec; |
| 571 | struct bt_power pwr; | ||
| 572 | struct l2cap_conn *conn; | ||
| 588 | int len, err = 0; | 573 | int len, err = 0; |
| 589 | u32 opt; | 574 | u32 opt; |
| 590 | 575 | ||
| @@ -600,8 +585,8 @@ static int l2cap_sock_setsockopt(struct socket *sock, int level, int optname, ch | |||
| 600 | 585 | ||
| 601 | switch (optname) { | 586 | switch (optname) { |
| 602 | case BT_SECURITY: | 587 | case BT_SECURITY: |
| 603 | if (sk->sk_type != SOCK_SEQPACKET && sk->sk_type != SOCK_STREAM | 588 | if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED && |
| 604 | && sk->sk_type != SOCK_RAW) { | 589 | chan->chan_type != L2CAP_CHAN_RAW) { |
| 605 | err = -EINVAL; | 590 | err = -EINVAL; |
| 606 | break; | 591 | break; |
| 607 | } | 592 | } |
| @@ -621,6 +606,20 @@ static int l2cap_sock_setsockopt(struct socket *sock, int level, int optname, ch | |||
| 621 | } | 606 | } |
| 622 | 607 | ||
| 623 | chan->sec_level = sec.level; | 608 | chan->sec_level = sec.level; |
| 609 | |||
| 610 | conn = chan->conn; | ||
| 611 | if (conn && chan->scid == L2CAP_CID_LE_DATA) { | ||
| 612 | if (!conn->hcon->out) { | ||
| 613 | err = -EINVAL; | ||
| 614 | break; | ||
| 615 | } | ||
| 616 | |||
| 617 | if (smp_conn_security(conn, sec.level)) | ||
| 618 | break; | ||
| 619 | |||
| 620 | err = 0; | ||
| 621 | sk->sk_state = BT_CONFIG; | ||
| 622 | } | ||
| 624 | break; | 623 | break; |
| 625 | 624 | ||
| 626 | case BT_DEFER_SETUP: | 625 | case BT_DEFER_SETUP: |
| @@ -661,6 +660,23 @@ static int l2cap_sock_setsockopt(struct socket *sock, int level, int optname, ch | |||
| 661 | chan->flushable = opt; | 660 | chan->flushable = opt; |
| 662 | break; | 661 | break; |
| 663 | 662 | ||
| 663 | case BT_POWER: | ||
| 664 | if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED && | ||
| 665 | chan->chan_type != L2CAP_CHAN_RAW) { | ||
| 666 | err = -EINVAL; | ||
| 667 | break; | ||
| 668 | } | ||
| 669 | |||
| 670 | pwr.force_active = BT_POWER_FORCE_ACTIVE_ON; | ||
| 671 | |||
| 672 | len = min_t(unsigned int, sizeof(pwr), optlen); | ||
| 673 | if (copy_from_user((char *) &pwr, optval, len)) { | ||
| 674 | err = -EFAULT; | ||
| 675 | break; | ||
| 676 | } | ||
| 677 | chan->force_active = pwr.force_active; | ||
| 678 | break; | ||
| 679 | |||
| 664 | default: | 680 | default: |
| 665 | err = -ENOPROTOOPT; | 681 | err = -ENOPROTOOPT; |
| 666 | break; | 682 | break; |
| @@ -674,8 +690,6 @@ static int l2cap_sock_sendmsg(struct kiocb *iocb, struct socket *sock, struct ms | |||
| 674 | { | 690 | { |
| 675 | struct sock *sk = sock->sk; | 691 | struct sock *sk = sock->sk; |
| 676 | struct l2cap_chan *chan = l2cap_pi(sk)->chan; | 692 | struct l2cap_chan *chan = l2cap_pi(sk)->chan; |
| 677 | struct sk_buff *skb; | ||
| 678 | u16 control; | ||
| 679 | int err; | 693 | int err; |
| 680 | 694 | ||
| 681 | BT_DBG("sock %p, sk %p", sock, sk); | 695 | BT_DBG("sock %p, sk %p", sock, sk); |
| @@ -690,87 +704,12 @@ static int l2cap_sock_sendmsg(struct kiocb *iocb, struct socket *sock, struct ms | |||
| 690 | lock_sock(sk); | 704 | lock_sock(sk); |
| 691 | 705 | ||
| 692 | if (sk->sk_state != BT_CONNECTED) { | 706 | if (sk->sk_state != BT_CONNECTED) { |
| 693 | err = -ENOTCONN; | 707 | release_sock(sk); |
| 694 | goto done; | 708 | return -ENOTCONN; |
| 695 | } | ||
| 696 | |||
| 697 | /* Connectionless channel */ | ||
| 698 | if (sk->sk_type == SOCK_DGRAM) { | ||
| 699 | skb = l2cap_create_connless_pdu(chan, msg, len); | ||
| 700 | if (IS_ERR(skb)) { | ||
| 701 | err = PTR_ERR(skb); | ||
| 702 | } else { | ||
| 703 | l2cap_do_send(chan, skb); | ||
| 704 | err = len; | ||
| 705 | } | ||
| 706 | goto done; | ||
| 707 | } | 709 | } |
| 708 | 710 | ||
| 709 | switch (chan->mode) { | 711 | err = l2cap_chan_send(chan, msg, len); |
| 710 | case L2CAP_MODE_BASIC: | ||
| 711 | /* Check outgoing MTU */ | ||
| 712 | if (len > chan->omtu) { | ||
| 713 | err = -EMSGSIZE; | ||
| 714 | goto done; | ||
| 715 | } | ||
| 716 | |||
| 717 | /* Create a basic PDU */ | ||
| 718 | skb = l2cap_create_basic_pdu(chan, msg, len); | ||
| 719 | if (IS_ERR(skb)) { | ||
| 720 | err = PTR_ERR(skb); | ||
| 721 | goto done; | ||
| 722 | } | ||
| 723 | |||
| 724 | l2cap_do_send(chan, skb); | ||
| 725 | err = len; | ||
| 726 | break; | ||
| 727 | |||
| 728 | case L2CAP_MODE_ERTM: | ||
| 729 | case L2CAP_MODE_STREAMING: | ||
| 730 | /* Entire SDU fits into one PDU */ | ||
| 731 | if (len <= chan->remote_mps) { | ||
| 732 | control = L2CAP_SDU_UNSEGMENTED; | ||
| 733 | skb = l2cap_create_iframe_pdu(chan, msg, len, control, | ||
| 734 | 0); | ||
| 735 | if (IS_ERR(skb)) { | ||
| 736 | err = PTR_ERR(skb); | ||
| 737 | goto done; | ||
| 738 | } | ||
| 739 | __skb_queue_tail(&chan->tx_q, skb); | ||
| 740 | |||
| 741 | if (chan->tx_send_head == NULL) | ||
| 742 | chan->tx_send_head = skb; | ||
| 743 | |||
| 744 | } else { | ||
| 745 | /* Segment SDU into multiples PDUs */ | ||
| 746 | err = l2cap_sar_segment_sdu(chan, msg, len); | ||
| 747 | if (err < 0) | ||
| 748 | goto done; | ||
| 749 | } | ||
| 750 | |||
| 751 | if (chan->mode == L2CAP_MODE_STREAMING) { | ||
| 752 | l2cap_streaming_send(chan); | ||
| 753 | err = len; | ||
| 754 | break; | ||
| 755 | } | ||
| 756 | |||
| 757 | if ((chan->conn_state & L2CAP_CONN_REMOTE_BUSY) && | ||
| 758 | (chan->conn_state & L2CAP_CONN_WAIT_F)) { | ||
| 759 | err = len; | ||
| 760 | break; | ||
| 761 | } | ||
| 762 | err = l2cap_ertm_send(chan); | ||
| 763 | |||
| 764 | if (err >= 0) | ||
| 765 | err = len; | ||
| 766 | break; | ||
| 767 | |||
| 768 | default: | ||
| 769 | BT_DBG("bad state %1.1x", chan->mode); | ||
| 770 | err = -EBADFD; | ||
| 771 | } | ||
| 772 | 712 | ||
| 773 | done: | ||
| 774 | release_sock(sk); | 713 | release_sock(sk); |
| 775 | return err; | 714 | return err; |
| 776 | } | 715 | } |
| @@ -778,13 +717,15 @@ done: | |||
| 778 | static int l2cap_sock_recvmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *msg, size_t len, int flags) | 717 | static int l2cap_sock_recvmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *msg, size_t len, int flags) |
| 779 | { | 718 | { |
| 780 | struct sock *sk = sock->sk; | 719 | struct sock *sk = sock->sk; |
| 720 | struct l2cap_pinfo *pi = l2cap_pi(sk); | ||
| 721 | int err; | ||
| 781 | 722 | ||
| 782 | lock_sock(sk); | 723 | lock_sock(sk); |
| 783 | 724 | ||
| 784 | if (sk->sk_state == BT_CONNECT2 && bt_sk(sk)->defer_setup) { | 725 | if (sk->sk_state == BT_CONNECT2 && bt_sk(sk)->defer_setup) { |
| 785 | sk->sk_state = BT_CONFIG; | 726 | sk->sk_state = BT_CONFIG; |
| 786 | 727 | ||
| 787 | __l2cap_connect_rsp_defer(l2cap_pi(sk)->chan); | 728 | __l2cap_connect_rsp_defer(pi->chan); |
| 788 | release_sock(sk); | 729 | release_sock(sk); |
| 789 | return 0; | 730 | return 0; |
| 790 | } | 731 | } |
| @@ -792,15 +733,43 @@ static int l2cap_sock_recvmsg(struct kiocb *iocb, struct socket *sock, struct ms | |||
| 792 | release_sock(sk); | 733 | release_sock(sk); |
| 793 | 734 | ||
| 794 | if (sock->type == SOCK_STREAM) | 735 | if (sock->type == SOCK_STREAM) |
| 795 | return bt_sock_stream_recvmsg(iocb, sock, msg, len, flags); | 736 | err = bt_sock_stream_recvmsg(iocb, sock, msg, len, flags); |
| 737 | else | ||
| 738 | err = bt_sock_recvmsg(iocb, sock, msg, len, flags); | ||
| 739 | |||
| 740 | if (pi->chan->mode != L2CAP_MODE_ERTM) | ||
| 741 | return err; | ||
| 742 | |||
| 743 | /* Attempt to put pending rx data in the socket buffer */ | ||
| 744 | |||
| 745 | lock_sock(sk); | ||
| 746 | |||
| 747 | if (!test_bit(CONN_LOCAL_BUSY, &pi->chan->conn_state)) | ||
| 748 | goto done; | ||
| 749 | |||
| 750 | if (pi->rx_busy_skb) { | ||
| 751 | if (!sock_queue_rcv_skb(sk, pi->rx_busy_skb)) | ||
| 752 | pi->rx_busy_skb = NULL; | ||
| 753 | else | ||
| 754 | goto done; | ||
| 755 | } | ||
| 796 | 756 | ||
| 797 | return bt_sock_recvmsg(iocb, sock, msg, len, flags); | 757 | /* Restore data flow when half of the receive buffer is |
| 758 | * available. This avoids resending large numbers of | ||
| 759 | * frames. | ||
| 760 | */ | ||
| 761 | if (atomic_read(&sk->sk_rmem_alloc) <= sk->sk_rcvbuf >> 1) | ||
| 762 | l2cap_chan_busy(pi->chan, 0); | ||
| 763 | |||
| 764 | done: | ||
| 765 | release_sock(sk); | ||
| 766 | return err; | ||
| 798 | } | 767 | } |
| 799 | 768 | ||
| 800 | /* Kill socket (only if zapped and orphan) | 769 | /* Kill socket (only if zapped and orphan) |
| 801 | * Must be called on unlocked socket. | 770 | * Must be called on unlocked socket. |
| 802 | */ | 771 | */ |
| 803 | void l2cap_sock_kill(struct sock *sk) | 772 | static void l2cap_sock_kill(struct sock *sk) |
| 804 | { | 773 | { |
| 805 | if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket) | 774 | if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket) |
| 806 | return; | 775 | return; |
| @@ -814,87 +783,6 @@ void l2cap_sock_kill(struct sock *sk) | |||
| 814 | sock_put(sk); | 783 | sock_put(sk); |
| 815 | } | 784 | } |
| 816 | 785 | ||
| 817 | /* Must be called on unlocked socket. */ | ||
| 818 | static void l2cap_sock_close(struct sock *sk) | ||
| 819 | { | ||
| 820 | l2cap_sock_clear_timer(sk); | ||
| 821 | lock_sock(sk); | ||
| 822 | __l2cap_sock_close(sk, ECONNRESET); | ||
| 823 | release_sock(sk); | ||
| 824 | l2cap_sock_kill(sk); | ||
| 825 | } | ||
| 826 | |||
| 827 | static void l2cap_sock_cleanup_listen(struct sock *parent) | ||
| 828 | { | ||
| 829 | struct sock *sk; | ||
| 830 | |||
| 831 | BT_DBG("parent %p", parent); | ||
| 832 | |||
| 833 | /* Close not yet accepted channels */ | ||
| 834 | while ((sk = bt_accept_dequeue(parent, NULL))) | ||
| 835 | l2cap_sock_close(sk); | ||
| 836 | |||
| 837 | parent->sk_state = BT_CLOSED; | ||
| 838 | sock_set_flag(parent, SOCK_ZAPPED); | ||
| 839 | } | ||
| 840 | |||
| 841 | void __l2cap_sock_close(struct sock *sk, int reason) | ||
| 842 | { | ||
| 843 | struct l2cap_chan *chan = l2cap_pi(sk)->chan; | ||
| 844 | struct l2cap_conn *conn = chan->conn; | ||
| 845 | |||
| 846 | BT_DBG("sk %p state %d socket %p", sk, sk->sk_state, sk->sk_socket); | ||
| 847 | |||
| 848 | switch (sk->sk_state) { | ||
| 849 | case BT_LISTEN: | ||
| 850 | l2cap_sock_cleanup_listen(sk); | ||
| 851 | break; | ||
| 852 | |||
| 853 | case BT_CONNECTED: | ||
| 854 | case BT_CONFIG: | ||
| 855 | if ((sk->sk_type == SOCK_SEQPACKET || | ||
| 856 | sk->sk_type == SOCK_STREAM) && | ||
| 857 | conn->hcon->type == ACL_LINK) { | ||
| 858 | l2cap_sock_set_timer(sk, sk->sk_sndtimeo); | ||
| 859 | l2cap_send_disconn_req(conn, chan, reason); | ||
| 860 | } else | ||
| 861 | l2cap_chan_del(chan, reason); | ||
| 862 | break; | ||
| 863 | |||
| 864 | case BT_CONNECT2: | ||
| 865 | if ((sk->sk_type == SOCK_SEQPACKET || | ||
| 866 | sk->sk_type == SOCK_STREAM) && | ||
| 867 | conn->hcon->type == ACL_LINK) { | ||
| 868 | struct l2cap_conn_rsp rsp; | ||
| 869 | __u16 result; | ||
| 870 | |||
| 871 | if (bt_sk(sk)->defer_setup) | ||
| 872 | result = L2CAP_CR_SEC_BLOCK; | ||
| 873 | else | ||
| 874 | result = L2CAP_CR_BAD_PSM; | ||
| 875 | |||
| 876 | rsp.scid = cpu_to_le16(chan->dcid); | ||
| 877 | rsp.dcid = cpu_to_le16(chan->scid); | ||
| 878 | rsp.result = cpu_to_le16(result); | ||
| 879 | rsp.status = cpu_to_le16(L2CAP_CS_NO_INFO); | ||
| 880 | l2cap_send_cmd(conn, chan->ident, L2CAP_CONN_RSP, | ||
| 881 | sizeof(rsp), &rsp); | ||
| 882 | } | ||
| 883 | |||
| 884 | l2cap_chan_del(chan, reason); | ||
| 885 | break; | ||
| 886 | |||
| 887 | case BT_CONNECT: | ||
| 888 | case BT_DISCONN: | ||
| 889 | l2cap_chan_del(chan, reason); | ||
| 890 | break; | ||
| 891 | |||
| 892 | default: | ||
| 893 | sock_set_flag(sk, SOCK_ZAPPED); | ||
| 894 | break; | ||
| 895 | } | ||
| 896 | } | ||
| 897 | |||
| 898 | static int l2cap_sock_shutdown(struct socket *sock, int how) | 786 | static int l2cap_sock_shutdown(struct socket *sock, int how) |
| 899 | { | 787 | { |
| 900 | struct sock *sk = sock->sk; | 788 | struct sock *sk = sock->sk; |
| @@ -912,8 +800,7 @@ static int l2cap_sock_shutdown(struct socket *sock, int how) | |||
| 912 | err = __l2cap_wait_ack(sk); | 800 | err = __l2cap_wait_ack(sk); |
| 913 | 801 | ||
| 914 | sk->sk_shutdown = SHUTDOWN_MASK; | 802 | sk->sk_shutdown = SHUTDOWN_MASK; |
| 915 | l2cap_sock_clear_timer(sk); | 803 | l2cap_chan_close(chan, 0); |
| 916 | __l2cap_sock_close(sk, 0); | ||
| 917 | 804 | ||
| 918 | if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime) | 805 | if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime) |
| 919 | err = bt_sock_wait_state(sk, BT_CLOSED, | 806 | err = bt_sock_wait_state(sk, BT_CLOSED, |
| @@ -944,15 +831,85 @@ static int l2cap_sock_release(struct socket *sock) | |||
| 944 | return err; | 831 | return err; |
| 945 | } | 832 | } |
| 946 | 833 | ||
| 834 | static struct l2cap_chan *l2cap_sock_new_connection_cb(void *data) | ||
| 835 | { | ||
| 836 | struct sock *sk, *parent = data; | ||
| 837 | |||
| 838 | sk = l2cap_sock_alloc(sock_net(parent), NULL, BTPROTO_L2CAP, | ||
| 839 | GFP_ATOMIC); | ||
| 840 | if (!sk) | ||
| 841 | return NULL; | ||
| 842 | |||
| 843 | l2cap_sock_init(sk, parent); | ||
| 844 | |||
| 845 | return l2cap_pi(sk)->chan; | ||
| 846 | } | ||
| 847 | |||
| 848 | static int l2cap_sock_recv_cb(void *data, struct sk_buff *skb) | ||
| 849 | { | ||
| 850 | int err; | ||
| 851 | struct sock *sk = data; | ||
| 852 | struct l2cap_pinfo *pi = l2cap_pi(sk); | ||
| 853 | |||
| 854 | if (pi->rx_busy_skb) | ||
| 855 | return -ENOMEM; | ||
| 856 | |||
| 857 | err = sock_queue_rcv_skb(sk, skb); | ||
| 858 | |||
| 859 | /* For ERTM, handle one skb that doesn't fit into the recv | ||
| 860 | * buffer. This is important to do because the data frames | ||
| 861 | * have already been acked, so the skb cannot be discarded. | ||
| 862 | * | ||
| 863 | * Notify the l2cap core that the buffer is full, so the | ||
| 864 | * LOCAL_BUSY state is entered and no more frames are | ||
| 865 | * acked and reassembled until there is buffer space | ||
| 866 | * available. | ||
| 867 | */ | ||
| 868 | if (err < 0 && pi->chan->mode == L2CAP_MODE_ERTM) { | ||
| 869 | pi->rx_busy_skb = skb; | ||
| 870 | l2cap_chan_busy(pi->chan, 1); | ||
| 871 | err = 0; | ||
| 872 | } | ||
| 873 | |||
| 874 | return err; | ||
| 875 | } | ||
| 876 | |||
| 877 | static void l2cap_sock_close_cb(void *data) | ||
| 878 | { | ||
| 879 | struct sock *sk = data; | ||
| 880 | |||
| 881 | l2cap_sock_kill(sk); | ||
| 882 | } | ||
| 883 | |||
| 884 | static void l2cap_sock_state_change_cb(void *data, int state) | ||
| 885 | { | ||
| 886 | struct sock *sk = data; | ||
| 887 | |||
| 888 | sk->sk_state = state; | ||
| 889 | } | ||
| 890 | |||
| 891 | static struct l2cap_ops l2cap_chan_ops = { | ||
| 892 | .name = "L2CAP Socket Interface", | ||
| 893 | .new_connection = l2cap_sock_new_connection_cb, | ||
| 894 | .recv = l2cap_sock_recv_cb, | ||
| 895 | .close = l2cap_sock_close_cb, | ||
| 896 | .state_change = l2cap_sock_state_change_cb, | ||
| 897 | }; | ||
| 898 | |||
| 947 | static void l2cap_sock_destruct(struct sock *sk) | 899 | static void l2cap_sock_destruct(struct sock *sk) |
| 948 | { | 900 | { |
| 949 | BT_DBG("sk %p", sk); | 901 | BT_DBG("sk %p", sk); |
| 950 | 902 | ||
| 903 | if (l2cap_pi(sk)->rx_busy_skb) { | ||
| 904 | kfree_skb(l2cap_pi(sk)->rx_busy_skb); | ||
| 905 | l2cap_pi(sk)->rx_busy_skb = NULL; | ||
| 906 | } | ||
| 907 | |||
| 951 | skb_queue_purge(&sk->sk_receive_queue); | 908 | skb_queue_purge(&sk->sk_receive_queue); |
| 952 | skb_queue_purge(&sk->sk_write_queue); | 909 | skb_queue_purge(&sk->sk_write_queue); |
| 953 | } | 910 | } |
| 954 | 911 | ||
| 955 | void l2cap_sock_init(struct sock *sk, struct sock *parent) | 912 | static void l2cap_sock_init(struct sock *sk, struct sock *parent) |
| 956 | { | 913 | { |
| 957 | struct l2cap_pinfo *pi = l2cap_pi(sk); | 914 | struct l2cap_pinfo *pi = l2cap_pi(sk); |
| 958 | struct l2cap_chan *chan = pi->chan; | 915 | struct l2cap_chan *chan = pi->chan; |
| @@ -965,6 +922,7 @@ void l2cap_sock_init(struct sock *sk, struct sock *parent) | |||
| 965 | sk->sk_type = parent->sk_type; | 922 | sk->sk_type = parent->sk_type; |
| 966 | bt_sk(sk)->defer_setup = bt_sk(parent)->defer_setup; | 923 | bt_sk(sk)->defer_setup = bt_sk(parent)->defer_setup; |
| 967 | 924 | ||
| 925 | chan->chan_type = pchan->chan_type; | ||
| 968 | chan->imtu = pchan->imtu; | 926 | chan->imtu = pchan->imtu; |
| 969 | chan->omtu = pchan->omtu; | 927 | chan->omtu = pchan->omtu; |
| 970 | chan->conf_state = pchan->conf_state; | 928 | chan->conf_state = pchan->conf_state; |
| @@ -976,12 +934,29 @@ void l2cap_sock_init(struct sock *sk, struct sock *parent) | |||
| 976 | chan->role_switch = pchan->role_switch; | 934 | chan->role_switch = pchan->role_switch; |
| 977 | chan->force_reliable = pchan->force_reliable; | 935 | chan->force_reliable = pchan->force_reliable; |
| 978 | chan->flushable = pchan->flushable; | 936 | chan->flushable = pchan->flushable; |
| 937 | chan->force_active = pchan->force_active; | ||
| 938 | |||
| 939 | security_sk_clone(parent, sk); | ||
| 979 | } else { | 940 | } else { |
| 941 | |||
| 942 | switch (sk->sk_type) { | ||
| 943 | case SOCK_RAW: | ||
| 944 | chan->chan_type = L2CAP_CHAN_RAW; | ||
| 945 | break; | ||
| 946 | case SOCK_DGRAM: | ||
| 947 | chan->chan_type = L2CAP_CHAN_CONN_LESS; | ||
| 948 | break; | ||
| 949 | case SOCK_SEQPACKET: | ||
| 950 | case SOCK_STREAM: | ||
| 951 | chan->chan_type = L2CAP_CHAN_CONN_ORIENTED; | ||
| 952 | break; | ||
| 953 | } | ||
| 954 | |||
| 980 | chan->imtu = L2CAP_DEFAULT_MTU; | 955 | chan->imtu = L2CAP_DEFAULT_MTU; |
| 981 | chan->omtu = 0; | 956 | chan->omtu = 0; |
| 982 | if (!disable_ertm && sk->sk_type == SOCK_STREAM) { | 957 | if (!disable_ertm && sk->sk_type == SOCK_STREAM) { |
| 983 | chan->mode = L2CAP_MODE_ERTM; | 958 | chan->mode = L2CAP_MODE_ERTM; |
| 984 | chan->conf_state |= L2CAP_CONF_STATE2_DEVICE; | 959 | set_bit(CONF_STATE2_DEVICE, &chan->conf_state); |
| 985 | } else { | 960 | } else { |
| 986 | chan->mode = L2CAP_MODE_BASIC; | 961 | chan->mode = L2CAP_MODE_BASIC; |
| 987 | } | 962 | } |
| @@ -992,10 +967,15 @@ void l2cap_sock_init(struct sock *sk, struct sock *parent) | |||
| 992 | chan->role_switch = 0; | 967 | chan->role_switch = 0; |
| 993 | chan->force_reliable = 0; | 968 | chan->force_reliable = 0; |
| 994 | chan->flushable = BT_FLUSHABLE_OFF; | 969 | chan->flushable = BT_FLUSHABLE_OFF; |
| 970 | chan->force_active = BT_POWER_FORCE_ACTIVE_ON; | ||
| 971 | |||
| 995 | } | 972 | } |
| 996 | 973 | ||
| 997 | /* Default config options */ | 974 | /* Default config options */ |
| 998 | chan->flush_to = L2CAP_DEFAULT_FLUSH_TO; | 975 | chan->flush_to = L2CAP_DEFAULT_FLUSH_TO; |
| 976 | |||
| 977 | chan->data = sk; | ||
| 978 | chan->ops = &l2cap_chan_ops; | ||
| 999 | } | 979 | } |
| 1000 | 980 | ||
| 1001 | static struct proto l2cap_proto = { | 981 | static struct proto l2cap_proto = { |
| @@ -1004,9 +984,10 @@ static struct proto l2cap_proto = { | |||
| 1004 | .obj_size = sizeof(struct l2cap_pinfo) | 984 | .obj_size = sizeof(struct l2cap_pinfo) |
| 1005 | }; | 985 | }; |
| 1006 | 986 | ||
| 1007 | struct sock *l2cap_sock_alloc(struct net *net, struct socket *sock, int proto, gfp_t prio) | 987 | static struct sock *l2cap_sock_alloc(struct net *net, struct socket *sock, int proto, gfp_t prio) |
| 1008 | { | 988 | { |
| 1009 | struct sock *sk; | 989 | struct sock *sk; |
| 990 | struct l2cap_chan *chan; | ||
| 1010 | 991 | ||
| 1011 | sk = sk_alloc(net, PF_BLUETOOTH, prio, &l2cap_proto); | 992 | sk = sk_alloc(net, PF_BLUETOOTH, prio, &l2cap_proto); |
| 1012 | if (!sk) | 993 | if (!sk) |
| @@ -1016,14 +997,20 @@ struct sock *l2cap_sock_alloc(struct net *net, struct socket *sock, int proto, g | |||
| 1016 | INIT_LIST_HEAD(&bt_sk(sk)->accept_q); | 997 | INIT_LIST_HEAD(&bt_sk(sk)->accept_q); |
| 1017 | 998 | ||
| 1018 | sk->sk_destruct = l2cap_sock_destruct; | 999 | sk->sk_destruct = l2cap_sock_destruct; |
| 1019 | sk->sk_sndtimeo = msecs_to_jiffies(L2CAP_CONN_TIMEOUT); | 1000 | sk->sk_sndtimeo = L2CAP_CONN_TIMEOUT; |
| 1020 | 1001 | ||
| 1021 | sock_reset_flag(sk, SOCK_ZAPPED); | 1002 | sock_reset_flag(sk, SOCK_ZAPPED); |
| 1022 | 1003 | ||
| 1023 | sk->sk_protocol = proto; | 1004 | sk->sk_protocol = proto; |
| 1024 | sk->sk_state = BT_OPEN; | 1005 | sk->sk_state = BT_OPEN; |
| 1025 | 1006 | ||
| 1026 | setup_timer(&sk->sk_timer, l2cap_sock_timeout, (unsigned long) sk); | 1007 | chan = l2cap_chan_create(sk); |
| 1008 | if (!chan) { | ||
| 1009 | l2cap_sock_kill(sk); | ||
| 1010 | return NULL; | ||
| 1011 | } | ||
| 1012 | |||
| 1013 | l2cap_pi(sk)->chan = chan; | ||
| 1027 | 1014 | ||
| 1028 | return sk; | 1015 | return sk; |
| 1029 | } | 1016 | } |
| @@ -1032,7 +1019,6 @@ static int l2cap_sock_create(struct net *net, struct socket *sock, int protocol, | |||
| 1032 | int kern) | 1019 | int kern) |
| 1033 | { | 1020 | { |
| 1034 | struct sock *sk; | 1021 | struct sock *sk; |
| 1035 | struct l2cap_chan *chan; | ||
| 1036 | 1022 | ||
| 1037 | BT_DBG("sock %p", sock); | 1023 | BT_DBG("sock %p", sock); |
| 1038 | 1024 | ||
| @@ -1051,14 +1037,6 @@ static int l2cap_sock_create(struct net *net, struct socket *sock, int protocol, | |||
| 1051 | if (!sk) | 1037 | if (!sk) |
| 1052 | return -ENOMEM; | 1038 | return -ENOMEM; |
| 1053 | 1039 | ||
| 1054 | chan = l2cap_chan_create(sk); | ||
| 1055 | if (!chan) { | ||
| 1056 | l2cap_sock_kill(sk); | ||
| 1057 | return -ENOMEM; | ||
| 1058 | } | ||
| 1059 | |||
| 1060 | l2cap_pi(sk)->chan = chan; | ||
| 1061 | |||
| 1062 | l2cap_sock_init(sk, NULL); | 1040 | l2cap_sock_init(sk, NULL); |
| 1063 | return 0; | 1041 | return 0; |
| 1064 | } | 1042 | } |