~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/net/bluetooth/sco.c

Version: ~ [ linux-5.3 ] ~ [ linux-5.2.15 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.73 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.144 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.193 ] ~ [ linux-4.8.17 ] ~ [ linux-4.7.10 ] ~ [ linux-4.6.7 ] ~ [ linux-4.5.7 ] ~ [ linux-4.4.193 ] ~ [ linux-4.3.6 ] ~ [ linux-4.2.8 ] ~ [ linux-4.1.52 ] ~ [ linux-4.0.9 ] ~ [ linux-3.19.8 ] ~ [ linux-3.18.140 ] ~ [ linux-3.17.8 ] ~ [ linux-3.16.73 ] ~ [ linux-3.15.10 ] ~ [ linux-3.14.79 ] ~ [ linux-3.13.11 ] ~ [ linux-3.12.74 ] ~ [ linux-3.11.10 ] ~ [ linux-3.10.108 ] ~ [ linux-3.9.11 ] ~ [ linux-3.8.13 ] ~ [ linux-3.7.10 ] ~ [ linux-3.6.11 ] ~ [ linux-3.5.7 ] ~ [ linux-3.4.113 ] ~ [ linux-3.3.8 ] ~ [ linux-3.2.102 ] ~ [ linux-3.1.10 ] ~ [ linux-3.0.101 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.5 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

  1 /*
  2    BlueZ - Bluetooth protocol stack for Linux
  3    Copyright (C) 2000-2001 Qualcomm Incorporated
  4 
  5    Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
  6 
  7    This program is free software; you can redistribute it and/or modify
  8    it under the terms of the GNU General Public License version 2 as
  9    published by the Free Software Foundation;
 10 
 11    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
 12    OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 13    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
 14    IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
 15    CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
 16    WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
 17    ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 18    OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 19 
 20    ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
 21    COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
 22    SOFTWARE IS DISCLAIMED.
 23 */
 24 
 25 /* Bluetooth SCO sockets. */
 26 
 27 #include <linux/module.h>
 28 #include <linux/debugfs.h>
 29 #include <linux/seq_file.h>
 30 #include <linux/sched/signal.h>
 31 
 32 #include <net/bluetooth/bluetooth.h>
 33 #include <net/bluetooth/hci_core.h>
 34 #include <net/bluetooth/sco.h>
 35 
 36 static bool disable_esco;
 37 
 38 static const struct proto_ops sco_sock_ops;
 39 
 40 static struct bt_sock_list sco_sk_list = {
 41         .lock = __RW_LOCK_UNLOCKED(sco_sk_list.lock)
 42 };
 43 
 44 /* ---- SCO connections ---- */
 45 struct sco_conn {
 46         struct hci_conn *hcon;
 47 
 48         spinlock_t      lock;
 49         struct sock     *sk;
 50 
 51         unsigned int    mtu;
 52 };
 53 
 54 #define sco_conn_lock(c)        spin_lock(&c->lock);
 55 #define sco_conn_unlock(c)      spin_unlock(&c->lock);
 56 
 57 static void sco_sock_close(struct sock *sk);
 58 static void sco_sock_kill(struct sock *sk);
 59 
 60 /* ----- SCO socket info ----- */
 61 #define sco_pi(sk) ((struct sco_pinfo *) sk)
 62 
 63 struct sco_pinfo {
 64         struct bt_sock  bt;
 65         bdaddr_t        src;
 66         bdaddr_t        dst;
 67         __u32           flags;
 68         __u16           setting;
 69         struct sco_conn *conn;
 70 };
 71 
 72 /* ---- SCO timers ---- */
 73 #define SCO_CONN_TIMEOUT        (HZ * 40)
 74 #define SCO_DISCONN_TIMEOUT     (HZ * 2)
 75 
 76 static void sco_sock_timeout(unsigned long arg)
 77 {
 78         struct sock *sk = (struct sock *)arg;
 79 
 80         BT_DBG("sock %p state %d", sk, sk->sk_state);
 81 
 82         bh_lock_sock(sk);
 83         sk->sk_err = ETIMEDOUT;
 84         sk->sk_state_change(sk);
 85         bh_unlock_sock(sk);
 86 
 87         sco_sock_kill(sk);
 88         sock_put(sk);
 89 }
 90 
 91 static void sco_sock_set_timer(struct sock *sk, long timeout)
 92 {
 93         BT_DBG("sock %p state %d timeout %ld", sk, sk->sk_state, timeout);
 94         sk_reset_timer(sk, &sk->sk_timer, jiffies + timeout);
 95 }
 96 
 97 static void sco_sock_clear_timer(struct sock *sk)
 98 {
 99         BT_DBG("sock %p state %d", sk, sk->sk_state);
100         sk_stop_timer(sk, &sk->sk_timer);
101 }
102 
103 /* ---- SCO connections ---- */
104 static struct sco_conn *sco_conn_add(struct hci_conn *hcon)
105 {
106         struct hci_dev *hdev = hcon->hdev;
107         struct sco_conn *conn = hcon->sco_data;
108 
109         if (conn)
110                 return conn;
111 
112         conn = kzalloc(sizeof(struct sco_conn), GFP_KERNEL);
113         if (!conn)
114                 return NULL;
115 
116         spin_lock_init(&conn->lock);
117 
118         hcon->sco_data = conn;
119         conn->hcon = hcon;
120 
121         if (hdev->sco_mtu > 0)
122                 conn->mtu = hdev->sco_mtu;
123         else
124                 conn->mtu = 60;
125 
126         BT_DBG("hcon %p conn %p", hcon, conn);
127 
128         return conn;
129 }
130 
131 /* Delete channel.
132  * Must be called on the locked socket. */
133 static void sco_chan_del(struct sock *sk, int err)
134 {
135         struct sco_conn *conn;
136 
137         conn = sco_pi(sk)->conn;
138 
139         BT_DBG("sk %p, conn %p, err %d", sk, conn, err);
140 
141         if (conn) {
142                 sco_conn_lock(conn);
143                 conn->sk = NULL;
144                 sco_pi(sk)->conn = NULL;
145                 sco_conn_unlock(conn);
146 
147                 if (conn->hcon)
148                         hci_conn_drop(conn->hcon);
149         }
150 
151         sk->sk_state = BT_CLOSED;
152         sk->sk_err   = err;
153         sk->sk_state_change(sk);
154 
155         sock_set_flag(sk, SOCK_ZAPPED);
156 }
157 
158 static void sco_conn_del(struct hci_conn *hcon, int err)
159 {
160         struct sco_conn *conn = hcon->sco_data;
161         struct sock *sk;
162 
163         if (!conn)
164                 return;
165 
166         BT_DBG("hcon %p conn %p, err %d", hcon, conn, err);
167 
168         /* Kill socket */
169         sco_conn_lock(conn);
170         sk = conn->sk;
171         sco_conn_unlock(conn);
172 
173         if (sk) {
174                 sock_hold(sk);
175                 bh_lock_sock(sk);
176                 sco_sock_clear_timer(sk);
177                 sco_chan_del(sk, err);
178                 bh_unlock_sock(sk);
179                 sco_sock_kill(sk);
180                 sock_put(sk);
181         }
182 
183         hcon->sco_data = NULL;
184         kfree(conn);
185 }
186 
187 static void __sco_chan_add(struct sco_conn *conn, struct sock *sk,
188                            struct sock *parent)
189 {
190         BT_DBG("conn %p", conn);
191 
192         sco_pi(sk)->conn = conn;
193         conn->sk = sk;
194 
195         if (parent)
196                 bt_accept_enqueue(parent, sk);
197 }
198 
199 static int sco_chan_add(struct sco_conn *conn, struct sock *sk,
200                         struct sock *parent)
201 {
202         int err = 0;
203 
204         sco_conn_lock(conn);
205         if (conn->sk)
206                 err = -EBUSY;
207         else
208                 __sco_chan_add(conn, sk, parent);
209 
210         sco_conn_unlock(conn);
211         return err;
212 }
213 
214 static int sco_connect(struct sock *sk)
215 {
216         struct sco_conn *conn;
217         struct hci_conn *hcon;
218         struct hci_dev  *hdev;
219         int err, type;
220 
221         BT_DBG("%pMR -> %pMR", &sco_pi(sk)->src, &sco_pi(sk)->dst);
222 
223         hdev = hci_get_route(&sco_pi(sk)->dst, &sco_pi(sk)->src, BDADDR_BREDR);
224         if (!hdev)
225                 return -EHOSTUNREACH;
226 
227         hci_dev_lock(hdev);
228 
229         if (lmp_esco_capable(hdev) && !disable_esco)
230                 type = ESCO_LINK;
231         else
232                 type = SCO_LINK;
233 
234         if (sco_pi(sk)->setting == BT_VOICE_TRANSPARENT &&
235             (!lmp_transp_capable(hdev) || !lmp_esco_capable(hdev))) {
236                 err = -EOPNOTSUPP;
237                 goto done;
238         }
239 
240         hcon = hci_connect_sco(hdev, type, &sco_pi(sk)->dst,
241                                sco_pi(sk)->setting);
242         if (IS_ERR(hcon)) {
243                 err = PTR_ERR(hcon);
244                 goto done;
245         }
246 
247         conn = sco_conn_add(hcon);
248         if (!conn) {
249                 hci_conn_drop(hcon);
250                 err = -ENOMEM;
251                 goto done;
252         }
253 
254         /* Update source addr of the socket */
255         bacpy(&sco_pi(sk)->src, &hcon->src);
256 
257         err = sco_chan_add(conn, sk, NULL);
258         if (err)
259                 goto done;
260 
261         if (hcon->state == BT_CONNECTED) {
262                 sco_sock_clear_timer(sk);
263                 sk->sk_state = BT_CONNECTED;
264         } else {
265                 sk->sk_state = BT_CONNECT;
266                 sco_sock_set_timer(sk, sk->sk_sndtimeo);
267         }
268 
269 done:
270         hci_dev_unlock(hdev);
271         hci_dev_put(hdev);
272         return err;
273 }
274 
275 static int sco_send_frame(struct sock *sk, struct msghdr *msg, int len)
276 {
277         struct sco_conn *conn = sco_pi(sk)->conn;
278         struct sk_buff *skb;
279         int err;
280 
281         /* Check outgoing MTU */
282         if (len > conn->mtu)
283                 return -EINVAL;
284 
285         BT_DBG("sk %p len %d", sk, len);
286 
287         skb = bt_skb_send_alloc(sk, len, msg->msg_flags & MSG_DONTWAIT, &err);
288         if (!skb)
289                 return err;
290 
291         if (memcpy_from_msg(skb_put(skb, len), msg, len)) {
292                 kfree_skb(skb);
293                 return -EFAULT;
294         }
295 
296         hci_send_sco(conn->hcon, skb);
297 
298         return len;
299 }
300 
301 static void sco_recv_frame(struct sco_conn *conn, struct sk_buff *skb)
302 {
303         struct sock *sk;
304 
305         sco_conn_lock(conn);
306         sk = conn->sk;
307         sco_conn_unlock(conn);
308 
309         if (!sk)
310                 goto drop;
311 
312         BT_DBG("sk %p len %d", sk, skb->len);
313 
314         if (sk->sk_state != BT_CONNECTED)
315                 goto drop;
316 
317         if (!sock_queue_rcv_skb(sk, skb))
318                 return;
319 
320 drop:
321         kfree_skb(skb);
322 }
323 
324 /* -------- Socket interface ---------- */
325 static struct sock *__sco_get_sock_listen_by_addr(bdaddr_t *ba)
326 {
327         struct sock *sk;
328 
329         sk_for_each(sk, &sco_sk_list.head) {
330                 if (sk->sk_state != BT_LISTEN)
331                         continue;
332 
333                 if (!bacmp(&sco_pi(sk)->src, ba))
334                         return sk;
335         }
336 
337         return NULL;
338 }
339 
340 /* Find socket listening on source bdaddr.
341  * Returns closest match.
342  */
343 static struct sock *sco_get_sock_listen(bdaddr_t *src)
344 {
345         struct sock *sk = NULL, *sk1 = NULL;
346 
347         read_lock(&sco_sk_list.lock);
348 
349         sk_for_each(sk, &sco_sk_list.head) {
350                 if (sk->sk_state != BT_LISTEN)
351                         continue;
352 
353                 /* Exact match. */
354                 if (!bacmp(&sco_pi(sk)->src, src))
355                         break;
356 
357                 /* Closest match */
358                 if (!bacmp(&sco_pi(sk)->src, BDADDR_ANY))
359                         sk1 = sk;
360         }
361 
362         read_unlock(&sco_sk_list.lock);
363 
364         return sk ? sk : sk1;
365 }
366 
367 static void sco_sock_destruct(struct sock *sk)
368 {
369         BT_DBG("sk %p", sk);
370 
371         skb_queue_purge(&sk->sk_receive_queue);
372         skb_queue_purge(&sk->sk_write_queue);
373 }
374 
375 static void sco_sock_cleanup_listen(struct sock *parent)
376 {
377         struct sock *sk;
378 
379         BT_DBG("parent %p", parent);
380 
381         /* Close not yet accepted channels */
382         while ((sk = bt_accept_dequeue(parent, NULL))) {
383                 sco_sock_close(sk);
384                 sco_sock_kill(sk);
385         }
386 
387         parent->sk_state  = BT_CLOSED;
388         sock_set_flag(parent, SOCK_ZAPPED);
389 }
390 
391 /* Kill socket (only if zapped and orphan)
392  * Must be called on unlocked socket.
393  */
394 static void sco_sock_kill(struct sock *sk)
395 {
396         if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket)
397                 return;
398 
399         BT_DBG("sk %p state %d", sk, sk->sk_state);
400 
401         /* Kill poor orphan */
402         bt_sock_unlink(&sco_sk_list, sk);
403         sock_set_flag(sk, SOCK_DEAD);
404         sock_put(sk);
405 }
406 
407 static void __sco_sock_close(struct sock *sk)
408 {
409         BT_DBG("sk %p state %d socket %p", sk, sk->sk_state, sk->sk_socket);
410 
411         switch (sk->sk_state) {
412         case BT_LISTEN:
413                 sco_sock_cleanup_listen(sk);
414                 break;
415 
416         case BT_CONNECTED:
417         case BT_CONFIG:
418                 if (sco_pi(sk)->conn->hcon) {
419                         sk->sk_state = BT_DISCONN;
420                         sco_sock_set_timer(sk, SCO_DISCONN_TIMEOUT);
421                         sco_conn_lock(sco_pi(sk)->conn);
422                         hci_conn_drop(sco_pi(sk)->conn->hcon);
423                         sco_pi(sk)->conn->hcon = NULL;
424                         sco_conn_unlock(sco_pi(sk)->conn);
425                 } else
426                         sco_chan_del(sk, ECONNRESET);
427                 break;
428 
429         case BT_CONNECT2:
430         case BT_CONNECT:
431         case BT_DISCONN:
432                 sco_chan_del(sk, ECONNRESET);
433                 break;
434 
435         default:
436                 sock_set_flag(sk, SOCK_ZAPPED);
437                 break;
438         }
439 }
440 
441 /* Must be called on unlocked socket. */
442 static void sco_sock_close(struct sock *sk)
443 {
444         sco_sock_clear_timer(sk);
445         lock_sock(sk);
446         __sco_sock_close(sk);
447         release_sock(sk);
448         sco_sock_kill(sk);
449 }
450 
451 static void sco_sock_init(struct sock *sk, struct sock *parent)
452 {
453         BT_DBG("sk %p", sk);
454 
455         if (parent) {
456                 sk->sk_type = parent->sk_type;
457                 bt_sk(sk)->flags = bt_sk(parent)->flags;
458                 security_sk_clone(parent, sk);
459         }
460 }
461 
462 static struct proto sco_proto = {
463         .name           = "SCO",
464         .owner          = THIS_MODULE,
465         .obj_size       = sizeof(struct sco_pinfo)
466 };
467 
468 static struct sock *sco_sock_alloc(struct net *net, struct socket *sock,
469                                    int proto, gfp_t prio, int kern)
470 {
471         struct sock *sk;
472 
473         sk = sk_alloc(net, PF_BLUETOOTH, prio, &sco_proto, kern);
474         if (!sk)
475                 return NULL;
476 
477         sock_init_data(sock, sk);
478         INIT_LIST_HEAD(&bt_sk(sk)->accept_q);
479 
480         sk->sk_destruct = sco_sock_destruct;
481         sk->sk_sndtimeo = SCO_CONN_TIMEOUT;
482 
483         sock_reset_flag(sk, SOCK_ZAPPED);
484 
485         sk->sk_protocol = proto;
486         sk->sk_state    = BT_OPEN;
487 
488         sco_pi(sk)->setting = BT_VOICE_CVSD_16BIT;
489 
490         setup_timer(&sk->sk_timer, sco_sock_timeout, (unsigned long)sk);
491 
492         bt_sock_link(&sco_sk_list, sk);
493         return sk;
494 }
495 
496 static int sco_sock_create(struct net *net, struct socket *sock, int protocol,
497                            int kern)
498 {
499         struct sock *sk;
500 
501         BT_DBG("sock %p", sock);
502 
503         sock->state = SS_UNCONNECTED;
504 
505         if (sock->type != SOCK_SEQPACKET)
506                 return -ESOCKTNOSUPPORT;
507 
508         sock->ops = &sco_sock_ops;
509 
510         sk = sco_sock_alloc(net, sock, protocol, GFP_ATOMIC, kern);
511         if (!sk)
512                 return -ENOMEM;
513 
514         sco_sock_init(sk, NULL);
515         return 0;
516 }
517 
518 static int sco_sock_bind(struct socket *sock, struct sockaddr *addr,
519                          int addr_len)
520 {
521         struct sockaddr_sco *sa = (struct sockaddr_sco *) addr;
522         struct sock *sk = sock->sk;
523         int err = 0;
524 
525         BT_DBG("sk %p %pMR", sk, &sa->sco_bdaddr);
526 
527         if (!addr || addr->sa_family != AF_BLUETOOTH)
528                 return -EINVAL;
529 
530         if (addr_len < sizeof(struct sockaddr_sco))
531                 return -EINVAL;
532 
533         lock_sock(sk);
534 
535         if (sk->sk_state != BT_OPEN) {
536                 err = -EBADFD;
537                 goto done;
538         }
539 
540         if (sk->sk_type != SOCK_SEQPACKET) {
541                 err = -EINVAL;
542                 goto done;
543         }
544 
545         bacpy(&sco_pi(sk)->src, &sa->sco_bdaddr);
546 
547         sk->sk_state = BT_BOUND;
548 
549 done:
550         release_sock(sk);
551         return err;
552 }
553 
554 static int sco_sock_connect(struct socket *sock, struct sockaddr *addr, int alen, int flags)
555 {
556         struct sockaddr_sco *sa = (struct sockaddr_sco *) addr;
557         struct sock *sk = sock->sk;
558         int err;
559 
560         BT_DBG("sk %p", sk);
561 
562         if (alen < sizeof(struct sockaddr_sco) ||
563             addr->sa_family != AF_BLUETOOTH)
564                 return -EINVAL;
565 
566         if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND)
567                 return -EBADFD;
568 
569         if (sk->sk_type != SOCK_SEQPACKET)
570                 return -EINVAL;
571 
572         lock_sock(sk);
573 
574         /* Set destination address and psm */
575         bacpy(&sco_pi(sk)->dst, &sa->sco_bdaddr);
576 
577         err = sco_connect(sk);
578         if (err)
579                 goto done;
580 
581         err = bt_sock_wait_state(sk, BT_CONNECTED,
582                                  sock_sndtimeo(sk, flags & O_NONBLOCK));
583 
584 done:
585         release_sock(sk);
586         return err;
587 }
588 
589 static int sco_sock_listen(struct socket *sock, int backlog)
590 {
591         struct sock *sk = sock->sk;
592         bdaddr_t *src = &sco_pi(sk)->src;
593         int err = 0;
594 
595         BT_DBG("sk %p backlog %d", sk, backlog);
596 
597         lock_sock(sk);
598 
599         if (sk->sk_state != BT_BOUND) {
600                 err = -EBADFD;
601                 goto done;
602         }
603 
604         if (sk->sk_type != SOCK_SEQPACKET) {
605                 err = -EINVAL;
606                 goto done;
607         }
608 
609         write_lock(&sco_sk_list.lock);
610 
611         if (__sco_get_sock_listen_by_addr(src)) {
612                 err = -EADDRINUSE;
613                 goto unlock;
614         }
615 
616         sk->sk_max_ack_backlog = backlog;
617         sk->sk_ack_backlog = 0;
618 
619         sk->sk_state = BT_LISTEN;
620 
621 unlock:
622         write_unlock(&sco_sk_list.lock);
623 
624 done:
625         release_sock(sk);
626         return err;
627 }
628 
629 static int sco_sock_accept(struct socket *sock, struct socket *newsock,
630                            int flags, bool kern)
631 {
632         DEFINE_WAIT_FUNC(wait, woken_wake_function);
633         struct sock *sk = sock->sk, *ch;
634         long timeo;
635         int err = 0;
636 
637         lock_sock(sk);
638 
639         timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK);
640 
641         BT_DBG("sk %p timeo %ld", sk, timeo);
642 
643         /* Wait for an incoming connection. (wake-one). */
644         add_wait_queue_exclusive(sk_sleep(sk), &wait);
645         while (1) {
646                 if (sk->sk_state != BT_LISTEN) {
647                         err = -EBADFD;
648                         break;
649                 }
650 
651                 ch = bt_accept_dequeue(sk, newsock);
652                 if (ch)
653                         break;
654 
655                 if (!timeo) {
656                         err = -EAGAIN;
657                         break;
658                 }
659 
660                 if (signal_pending(current)) {
661                         err = sock_intr_errno(timeo);
662                         break;
663                 }
664 
665                 release_sock(sk);
666 
667                 timeo = wait_woken(&wait, TASK_INTERRUPTIBLE, timeo);
668                 lock_sock(sk);
669         }
670         remove_wait_queue(sk_sleep(sk), &wait);
671 
672         if (err)
673                 goto done;
674 
675         newsock->state = SS_CONNECTED;
676 
677         BT_DBG("new socket %p", ch);
678 
679 done:
680         release_sock(sk);
681         return err;
682 }
683 
684 static int sco_sock_getname(struct socket *sock, struct sockaddr *addr,
685                             int *len, int peer)
686 {
687         struct sockaddr_sco *sa = (struct sockaddr_sco *) addr;
688         struct sock *sk = sock->sk;
689 
690         BT_DBG("sock %p, sk %p", sock, sk);
691 
692         addr->sa_family = AF_BLUETOOTH;
693         *len = sizeof(struct sockaddr_sco);
694 
695         if (peer)
696                 bacpy(&sa->sco_bdaddr, &sco_pi(sk)->dst);
697         else
698                 bacpy(&sa->sco_bdaddr, &sco_pi(sk)->src);
699 
700         return 0;
701 }
702 
703 static int sco_sock_sendmsg(struct socket *sock, struct msghdr *msg,
704                             size_t len)
705 {
706         struct sock *sk = sock->sk;
707         int err;
708 
709         BT_DBG("sock %p, sk %p", sock, sk);
710 
711         err = sock_error(sk);
712         if (err)
713                 return err;
714 
715         if (msg->msg_flags & MSG_OOB)
716                 return -EOPNOTSUPP;
717 
718         lock_sock(sk);
719 
720         if (sk->sk_state == BT_CONNECTED)
721                 err = sco_send_frame(sk, msg, len);
722         else
723                 err = -ENOTCONN;
724 
725         release_sock(sk);
726         return err;
727 }
728 
729 static void sco_conn_defer_accept(struct hci_conn *conn, u16 setting)
730 {
731         struct hci_dev *hdev = conn->hdev;
732 
733         BT_DBG("conn %p", conn);
734 
735         conn->state = BT_CONFIG;
736 
737         if (!lmp_esco_capable(hdev)) {
738                 struct hci_cp_accept_conn_req cp;
739 
740                 bacpy(&cp.bdaddr, &conn->dst);
741                 cp.role = 0x00; /* Ignored */
742 
743                 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ, sizeof(cp), &cp);
744         } else {
745                 struct hci_cp_accept_sync_conn_req cp;
746 
747                 bacpy(&cp.bdaddr, &conn->dst);
748                 cp.pkt_type = cpu_to_le16(conn->pkt_type);
749 
750                 cp.tx_bandwidth   = cpu_to_le32(0x00001f40);
751                 cp.rx_bandwidth   = cpu_to_le32(0x00001f40);
752                 cp.content_format = cpu_to_le16(setting);
753 
754                 switch (setting & SCO_AIRMODE_MASK) {
755                 case SCO_AIRMODE_TRANSP:
756                         if (conn->pkt_type & ESCO_2EV3)
757                                 cp.max_latency = cpu_to_le16(0x0008);
758                         else
759                                 cp.max_latency = cpu_to_le16(0x000D);
760                         cp.retrans_effort = 0x02;
761                         break;
762                 case SCO_AIRMODE_CVSD:
763                         cp.max_latency = cpu_to_le16(0xffff);
764                         cp.retrans_effort = 0xff;
765                         break;
766                 }
767 
768                 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
769                              sizeof(cp), &cp);
770         }
771 }
772 
773 static int sco_sock_recvmsg(struct socket *sock, struct msghdr *msg,
774                             size_t len, int flags)
775 {
776         struct sock *sk = sock->sk;
777         struct sco_pinfo *pi = sco_pi(sk);
778 
779         lock_sock(sk);
780 
781         if (sk->sk_state == BT_CONNECT2 &&
782             test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) {
783                 sco_conn_defer_accept(pi->conn->hcon, pi->setting);
784                 sk->sk_state = BT_CONFIG;
785 
786                 release_sock(sk);
787                 return 0;
788         }
789 
790         release_sock(sk);
791 
792         return bt_sock_recvmsg(sock, msg, len, flags);
793 }
794 
795 static int sco_sock_setsockopt(struct socket *sock, int level, int optname,
796                                char __user *optval, unsigned int optlen)
797 {
798         struct sock *sk = sock->sk;
799         int len, err = 0;
800         struct bt_voice voice;
801         u32 opt;
802 
803         BT_DBG("sk %p", sk);
804 
805         lock_sock(sk);
806 
807         switch (optname) {
808 
809         case BT_DEFER_SETUP:
810                 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
811                         err = -EINVAL;
812                         break;
813                 }
814 
815                 if (get_user(opt, (u32 __user *) optval)) {
816                         err = -EFAULT;
817                         break;
818                 }
819 
820                 if (opt)
821                         set_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
822                 else
823                         clear_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
824                 break;
825 
826         case BT_VOICE:
827                 if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND &&
828                     sk->sk_state != BT_CONNECT2) {
829                         err = -EINVAL;
830                         break;
831                 }
832 
833                 voice.setting = sco_pi(sk)->setting;
834 
835                 len = min_t(unsigned int, sizeof(voice), optlen);
836                 if (copy_from_user((char *)&voice, optval, len)) {
837                         err = -EFAULT;
838                         break;
839                 }
840 
841                 /* Explicitly check for these values */
842                 if (voice.setting != BT_VOICE_TRANSPARENT &&
843                     voice.setting != BT_VOICE_CVSD_16BIT) {
844                         err = -EINVAL;
845                         break;
846                 }
847 
848                 sco_pi(sk)->setting = voice.setting;
849                 break;
850 
851         default:
852                 err = -ENOPROTOOPT;
853                 break;
854         }
855 
856         release_sock(sk);
857         return err;
858 }
859 
860 static int sco_sock_getsockopt_old(struct socket *sock, int optname,
861                                    char __user *optval, int __user *optlen)
862 {
863         struct sock *sk = sock->sk;
864         struct sco_options opts;
865         struct sco_conninfo cinfo;
866         int len, err = 0;
867 
868         BT_DBG("sk %p", sk);
869 
870         if (get_user(len, optlen))
871                 return -EFAULT;
872 
873         lock_sock(sk);
874 
875         switch (optname) {
876         case SCO_OPTIONS:
877                 if (sk->sk_state != BT_CONNECTED &&
878                     !(sk->sk_state == BT_CONNECT2 &&
879                       test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags))) {
880                         err = -ENOTCONN;
881                         break;
882                 }
883 
884                 opts.mtu = sco_pi(sk)->conn->mtu;
885 
886                 BT_DBG("mtu %d", opts.mtu);
887 
888                 len = min_t(unsigned int, len, sizeof(opts));
889                 if (copy_to_user(optval, (char *)&opts, len))
890                         err = -EFAULT;
891 
892                 break;
893 
894         case SCO_CONNINFO:
895                 if (sk->sk_state != BT_CONNECTED &&
896                     !(sk->sk_state == BT_CONNECT2 &&
897                       test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags))) {
898                         err = -ENOTCONN;
899                         break;
900                 }
901 
902                 memset(&cinfo, 0, sizeof(cinfo));
903                 cinfo.hci_handle = sco_pi(sk)->conn->hcon->handle;
904                 memcpy(cinfo.dev_class, sco_pi(sk)->conn->hcon->dev_class, 3);
905 
906                 len = min_t(unsigned int, len, sizeof(cinfo));
907                 if (copy_to_user(optval, (char *)&cinfo, len))
908                         err = -EFAULT;
909 
910                 break;
911 
912         default:
913                 err = -ENOPROTOOPT;
914                 break;
915         }
916 
917         release_sock(sk);
918         return err;
919 }
920 
921 static int sco_sock_getsockopt(struct socket *sock, int level, int optname,
922                                char __user *optval, int __user *optlen)
923 {
924         struct sock *sk = sock->sk;
925         int len, err = 0;
926         struct bt_voice voice;
927 
928         BT_DBG("sk %p", sk);
929 
930         if (level == SOL_SCO)
931                 return sco_sock_getsockopt_old(sock, optname, optval, optlen);
932 
933         if (get_user(len, optlen))
934                 return -EFAULT;
935 
936         lock_sock(sk);
937 
938         switch (optname) {
939 
940         case BT_DEFER_SETUP:
941                 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
942                         err = -EINVAL;
943                         break;
944                 }
945 
946                 if (put_user(test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags),
947                              (u32 __user *)optval))
948                         err = -EFAULT;
949 
950                 break;
951 
952         case BT_VOICE:
953                 voice.setting = sco_pi(sk)->setting;
954 
955                 len = min_t(unsigned int, len, sizeof(voice));
956                 if (copy_to_user(optval, (char *)&voice, len))
957                         err = -EFAULT;
958 
959                 break;
960 
961         default:
962                 err = -ENOPROTOOPT;
963                 break;
964         }
965 
966         release_sock(sk);
967         return err;
968 }
969 
970 static int sco_sock_shutdown(struct socket *sock, int how)
971 {
972         struct sock *sk = sock->sk;
973         int err = 0;
974 
975         BT_DBG("sock %p, sk %p", sock, sk);
976 
977         if (!sk)
978                 return 0;
979 
980         sock_hold(sk);
981         lock_sock(sk);
982 
983         if (!sk->sk_shutdown) {
984                 sk->sk_shutdown = SHUTDOWN_MASK;
985                 sco_sock_clear_timer(sk);
986                 __sco_sock_close(sk);
987 
988                 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime &&
989                     !(current->flags & PF_EXITING))
990                         err = bt_sock_wait_state(sk, BT_CLOSED,
991                                                  sk->sk_lingertime);
992         }
993 
994         release_sock(sk);
995         sock_put(sk);
996 
997         return err;
998 }
999 
1000 static int sco_sock_release(struct socket *sock)
1001 {
1002         struct sock *sk = sock->sk;
1003         int err = 0;
1004 
1005         BT_DBG("sock %p, sk %p", sock, sk);
1006 
1007         if (!sk)
1008                 return 0;
1009 
1010         sco_sock_close(sk);
1011 
1012         if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime &&
1013             !(current->flags & PF_EXITING)) {
1014                 lock_sock(sk);
1015                 err = bt_sock_wait_state(sk, BT_CLOSED, sk->sk_lingertime);
1016                 release_sock(sk);
1017         }
1018 
1019         sock_orphan(sk);
1020         sco_sock_kill(sk);
1021         return err;
1022 }
1023 
1024 static void sco_conn_ready(struct sco_conn *conn)
1025 {
1026         struct sock *parent;
1027         struct sock *sk = conn->sk;
1028 
1029         BT_DBG("conn %p", conn);
1030 
1031         if (sk) {
1032                 sco_sock_clear_timer(sk);
1033                 bh_lock_sock(sk);
1034                 sk->sk_state = BT_CONNECTED;
1035                 sk->sk_state_change(sk);
1036                 bh_unlock_sock(sk);
1037         } else {
1038                 sco_conn_lock(conn);
1039 
1040                 if (!conn->hcon) {
1041                         sco_conn_unlock(conn);
1042                         return;
1043                 }
1044 
1045                 parent = sco_get_sock_listen(&conn->hcon->src);
1046                 if (!parent) {
1047                         sco_conn_unlock(conn);
1048                         return;
1049                 }
1050 
1051                 bh_lock_sock(parent);
1052 
1053                 sk = sco_sock_alloc(sock_net(parent), NULL,
1054                                     BTPROTO_SCO, GFP_ATOMIC, 0);
1055                 if (!sk) {
1056                         bh_unlock_sock(parent);
1057                         sco_conn_unlock(conn);
1058                         return;
1059                 }
1060 
1061                 sco_sock_init(sk, parent);
1062 
1063                 bacpy(&sco_pi(sk)->src, &conn->hcon->src);
1064                 bacpy(&sco_pi(sk)->dst, &conn->hcon->dst);
1065 
1066                 hci_conn_hold(conn->hcon);
1067                 __sco_chan_add(conn, sk, parent);
1068 
1069                 if (test_bit(BT_SK_DEFER_SETUP, &bt_sk(parent)->flags))
1070                         sk->sk_state = BT_CONNECT2;
1071                 else
1072                         sk->sk_state = BT_CONNECTED;
1073 
1074                 /* Wake up parent */
1075                 parent->sk_data_ready(parent);
1076 
1077                 bh_unlock_sock(parent);
1078 
1079                 sco_conn_unlock(conn);
1080         }
1081 }
1082 
1083 /* ----- SCO interface with lower layer (HCI) ----- */
1084 int sco_connect_ind(struct hci_dev *hdev, bdaddr_t *bdaddr, __u8 *flags)
1085 {
1086         struct sock *sk;
1087         int lm = 0;
1088 
1089         BT_DBG("hdev %s, bdaddr %pMR", hdev->name, bdaddr);
1090 
1091         /* Find listening sockets */
1092         read_lock(&sco_sk_list.lock);
1093         sk_for_each(sk, &sco_sk_list.head) {
1094                 if (sk->sk_state != BT_LISTEN)
1095                         continue;
1096 
1097                 if (!bacmp(&sco_pi(sk)->src, &hdev->bdaddr) ||
1098                     !bacmp(&sco_pi(sk)->src, BDADDR_ANY)) {
1099                         lm |= HCI_LM_ACCEPT;
1100 
1101                         if (test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags))
1102                                 *flags |= HCI_PROTO_DEFER;
1103                         break;
1104                 }
1105         }
1106         read_unlock(&sco_sk_list.lock);
1107 
1108         return lm;
1109 }
1110 
1111 static void sco_connect_cfm(struct hci_conn *hcon, __u8 status)
1112 {
1113         if (hcon->type != SCO_LINK && hcon->type != ESCO_LINK)
1114                 return;
1115 
1116         BT_DBG("hcon %p bdaddr %pMR status %d", hcon, &hcon->dst, status);
1117 
1118         if (!status) {
1119                 struct sco_conn *conn;
1120 
1121                 conn = sco_conn_add(hcon);
1122                 if (conn)
1123                         sco_conn_ready(conn);
1124         } else
1125                 sco_conn_del(hcon, bt_to_errno(status));
1126 }
1127 
1128 static void sco_disconn_cfm(struct hci_conn *hcon, __u8 reason)
1129 {
1130         if (hcon->type != SCO_LINK && hcon->type != ESCO_LINK)
1131                 return;
1132 
1133         BT_DBG("hcon %p reason %d", hcon, reason);
1134 
1135         sco_conn_del(hcon, bt_to_errno(reason));
1136 }
1137 
1138 void sco_recv_scodata(struct hci_conn *hcon, struct sk_buff *skb)
1139 {
1140         struct sco_conn *conn = hcon->sco_data;
1141 
1142         if (!conn)
1143                 goto drop;
1144 
1145         BT_DBG("conn %p len %d", conn, skb->len);
1146 
1147         if (skb->len) {
1148                 sco_recv_frame(conn, skb);
1149                 return;
1150         }
1151 
1152 drop:
1153         kfree_skb(skb);
1154 }
1155 
1156 static struct hci_cb sco_cb = {
1157         .name           = "SCO",
1158         .connect_cfm    = sco_connect_cfm,
1159         .disconn_cfm    = sco_disconn_cfm,
1160 };
1161 
1162 static int sco_debugfs_show(struct seq_file *f, void *p)
1163 {
1164         struct sock *sk;
1165 
1166         read_lock(&sco_sk_list.lock);
1167 
1168         sk_for_each(sk, &sco_sk_list.head) {
1169                 seq_printf(f, "%pMR %pMR %d\n", &sco_pi(sk)->src,
1170                            &sco_pi(sk)->dst, sk->sk_state);
1171         }
1172 
1173         read_unlock(&sco_sk_list.lock);
1174 
1175         return 0;
1176 }
1177 
1178 static int sco_debugfs_open(struct inode *inode, struct file *file)
1179 {
1180         return single_open(file, sco_debugfs_show, inode->i_private);
1181 }
1182 
1183 static const struct file_operations sco_debugfs_fops = {
1184         .open           = sco_debugfs_open,
1185         .read           = seq_read,
1186         .llseek         = seq_lseek,
1187         .release        = single_release,
1188 };
1189 
1190 static struct dentry *sco_debugfs;
1191 
1192 static const struct proto_ops sco_sock_ops = {
1193         .family         = PF_BLUETOOTH,
1194         .owner          = THIS_MODULE,
1195         .release        = sco_sock_release,
1196         .bind           = sco_sock_bind,
1197         .connect        = sco_sock_connect,
1198         .listen         = sco_sock_listen,
1199         .accept         = sco_sock_accept,
1200         .getname        = sco_sock_getname,
1201         .sendmsg        = sco_sock_sendmsg,
1202         .recvmsg        = sco_sock_recvmsg,
1203         .poll           = bt_sock_poll,
1204         .ioctl          = bt_sock_ioctl,
1205         .mmap           = sock_no_mmap,
1206         .socketpair     = sock_no_socketpair,
1207         .shutdown       = sco_sock_shutdown,
1208         .setsockopt     = sco_sock_setsockopt,
1209         .getsockopt     = sco_sock_getsockopt
1210 };
1211 
1212 static const struct net_proto_family sco_sock_family_ops = {
1213         .family = PF_BLUETOOTH,
1214         .owner  = THIS_MODULE,
1215         .create = sco_sock_create,
1216 };
1217 
1218 int __init sco_init(void)
1219 {
1220         int err;
1221 
1222         BUILD_BUG_ON(sizeof(struct sockaddr_sco) > sizeof(struct sockaddr));
1223 
1224         err = proto_register(&sco_proto, 0);
1225         if (err < 0)
1226                 return err;
1227 
1228         err = bt_sock_register(BTPROTO_SCO, &sco_sock_family_ops);
1229         if (err < 0) {
1230                 BT_ERR("SCO socket registration failed");
1231                 goto error;
1232         }
1233 
1234         err = bt_procfs_init(&init_net, "sco", &sco_sk_list, NULL);
1235         if (err < 0) {
1236                 BT_ERR("Failed to create SCO proc file");
1237                 bt_sock_unregister(BTPROTO_SCO);
1238                 goto error;
1239         }
1240 
1241         BT_INFO("SCO socket layer initialized");
1242 
1243         hci_register_cb(&sco_cb);
1244 
1245         if (IS_ERR_OR_NULL(bt_debugfs))
1246                 return 0;
1247 
1248         sco_debugfs = debugfs_create_file("sco", 0444, bt_debugfs,
1249                                           NULL, &sco_debugfs_fops);
1250 
1251         return 0;
1252 
1253 error:
1254         proto_unregister(&sco_proto);
1255         return err;
1256 }
1257 
1258 void sco_exit(void)
1259 {
1260         bt_procfs_cleanup(&init_net, "sco");
1261 
1262         debugfs_remove(sco_debugfs);
1263 
1264         hci_unregister_cb(&sco_cb);
1265 
1266         bt_sock_unregister(BTPROTO_SCO);
1267 
1268         proto_unregister(&sco_proto);
1269 }
1270 
1271 module_param(disable_esco, bool, 0644);
1272 MODULE_PARM_DESC(disable_esco, "Disable eSCO connection creation");
1273 

~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

kernel.org | git.kernel.org | LWN.net | Project Home | Wiki (Japanese) | Wiki (English) | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

osdn.jp