1 /*********************************************************************
2 *
3 * Filename: af_irda.c
4 * Version: 0.9
5 * Description: IrDA sockets implementation
6 * Status: Stable
7 * Author: Dag Brattli <dagb@cs.uit.no>
8 * Created at: Sun May 31 10:12:43 1998
9 * Modified at: Sat Dec 25 21:10:23 1999
10 * Modified by: Dag Brattli <dag@brattli.net>
11 * Sources: af_netroom.c, af_ax25.c, af_rose.c, af_x25.c etc.
12 *
13 * Copyright (c) 1999 Dag Brattli <dagb@cs.uit.no>
14 * Copyright (c) 1999-2003 Jean Tourrilhes <jt@hpl.hp.com>
15 * All Rights Reserved.
16 *
17 * This program is free software; you can redistribute it and/or
18 * modify it under the terms of the GNU General Public License as
19 * published by the Free Software Foundation; either version 2 of
20 * the License, or (at your option) any later version.
21 *
22 * This program is distributed in the hope that it will be useful,
23 * but WITHOUT ANY WARRANTY; without even the implied warranty of
24 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
25 * GNU General Public License for more details.
26 *
27 * You should have received a copy of the GNU General Public License
28 * along with this program; if not, see <http://www.gnu.org/licenses/>.
29 *
30 * Linux-IrDA now supports four different types of IrDA sockets:
31 *
32 * o SOCK_STREAM: TinyTP connections with SAR disabled. The
33 * max SDU size is 0 for conn. of this type
34 * o SOCK_SEQPACKET: TinyTP connections with SAR enabled. TTP may
35 * fragment the messages, but will preserve
36 * the message boundaries
37 * o SOCK_DGRAM: IRDAPROTO_UNITDATA: TinyTP connections with Unitdata
38 * (unreliable) transfers
39 * IRDAPROTO_ULTRA: Connectionless and unreliable data
40 *
41 ********************************************************************/
42
43 #include <linux/capability.h>
44 #include <linux/module.h>
45 #include <linux/types.h>
46 #include <linux/socket.h>
47 #include <linux/sockios.h>
48 #include <linux/slab.h>
49 #include <linux/init.h>
50 #include <linux/net.h>
51 #include <linux/irda.h>
52 #include <linux/poll.h>
53
54 #include <asm/ioctls.h> /* TIOCOUTQ, TIOCINQ */
55 #include <asm/uaccess.h>
56
57 #include <net/sock.h>
58 #include <net/tcp_states.h>
59
60 #include <net/irda/af_irda.h>
61
62 static int irda_create(struct net *net, struct socket *sock, int protocol, int kern);
63
64 static const struct proto_ops irda_stream_ops;
65 static const struct proto_ops irda_seqpacket_ops;
66 static const struct proto_ops irda_dgram_ops;
67
68 #ifdef CONFIG_IRDA_ULTRA
69 static const struct proto_ops irda_ultra_ops;
70 #define ULTRA_MAX_DATA 382
71 #endif /* CONFIG_IRDA_ULTRA */
72
73 #define IRDA_MAX_HEADER (TTP_MAX_HEADER)
74
75 /*
76 * Function irda_data_indication (instance, sap, skb)
77 *
78 * Received some data from TinyTP. Just queue it on the receive queue
79 *
80 */
81 static int irda_data_indication(void *instance, void *sap, struct sk_buff *skb)
82 {
83 struct irda_sock *self;
84 struct sock *sk;
85 int err;
86
87 self = instance;
88 sk = instance;
89
90 err = sock_queue_rcv_skb(sk, skb);
91 if (err) {
92 pr_debug("%s(), error: no more mem!\n", __func__);
93 self->rx_flow = FLOW_STOP;
94
95 /* When we return error, TTP will need to requeue the skb */
96 return err;
97 }
98
99 return 0;
100 }
101
102 /*
103 * Function irda_disconnect_indication (instance, sap, reason, skb)
104 *
105 * Connection has been closed. Check reason to find out why
106 *
107 */
108 static void irda_disconnect_indication(void *instance, void *sap,
109 LM_REASON reason, struct sk_buff *skb)
110 {
111 struct irda_sock *self;
112 struct sock *sk;
113
114 self = instance;
115
116 pr_debug("%s(%p)\n", __func__, self);
117
118 /* Don't care about it, but let's not leak it */
119 if(skb)
120 dev_kfree_skb(skb);
121
122 sk = instance;
123 if (sk == NULL) {
124 pr_debug("%s(%p) : BUG : sk is NULL\n",
125 __func__, self);
126 return;
127 }
128
129 /* Prevent race conditions with irda_release() and irda_shutdown() */
130 bh_lock_sock(sk);
131 if (!sock_flag(sk, SOCK_DEAD) && sk->sk_state != TCP_CLOSE) {
132 sk->sk_state = TCP_CLOSE;
133 sk->sk_shutdown |= SEND_SHUTDOWN;
134
135 sk->sk_state_change(sk);
136
137 /* Close our TSAP.
138 * If we leave it open, IrLMP put it back into the list of
139 * unconnected LSAPs. The problem is that any incoming request
140 * can then be matched to this socket (and it will be, because
141 * it is at the head of the list). This would prevent any
142 * listening socket waiting on the same TSAP to get those
143 * requests. Some apps forget to close sockets, or hang to it
144 * a bit too long, so we may stay in this dead state long
145 * enough to be noticed...
146 * Note : all socket function do check sk->sk_state, so we are
147 * safe...
148 * Jean II
149 */
150 if (self->tsap) {
151 irttp_close_tsap(self->tsap);
152 self->tsap = NULL;
153 }
154 }
155 bh_unlock_sock(sk);
156
157 /* Note : once we are there, there is not much you want to do
158 * with the socket anymore, apart from closing it.
159 * For example, bind() and connect() won't reset sk->sk_err,
160 * sk->sk_shutdown and sk->sk_flags to valid values...
161 * Jean II
162 */
163 }
164
165 /*
166 * Function irda_connect_confirm (instance, sap, qos, max_sdu_size, skb)
167 *
168 * Connections has been confirmed by the remote device
169 *
170 */
171 static void irda_connect_confirm(void *instance, void *sap,
172 struct qos_info *qos,
173 __u32 max_sdu_size, __u8 max_header_size,
174 struct sk_buff *skb)
175 {
176 struct irda_sock *self;
177 struct sock *sk;
178
179 self = instance;
180
181 pr_debug("%s(%p)\n", __func__, self);
182
183 sk = instance;
184 if (sk == NULL) {
185 dev_kfree_skb(skb);
186 return;
187 }
188
189 dev_kfree_skb(skb);
190 // Should be ??? skb_queue_tail(&sk->sk_receive_queue, skb);
191
192 /* How much header space do we need to reserve */
193 self->max_header_size = max_header_size;
194
195 /* IrTTP max SDU size in transmit direction */
196 self->max_sdu_size_tx = max_sdu_size;
197
198 /* Find out what the largest chunk of data that we can transmit is */
199 switch (sk->sk_type) {
200 case SOCK_STREAM:
201 if (max_sdu_size != 0) {
202 net_err_ratelimited("%s: max_sdu_size must be 0\n",
203 __func__);
204 return;
205 }
206 self->max_data_size = irttp_get_max_seg_size(self->tsap);
207 break;
208 case SOCK_SEQPACKET:
209 if (max_sdu_size == 0) {
210 net_err_ratelimited("%s: max_sdu_size cannot be 0\n",
211 __func__);
212 return;
213 }
214 self->max_data_size = max_sdu_size;
215 break;
216 default:
217 self->max_data_size = irttp_get_max_seg_size(self->tsap);
218 }
219
220 pr_debug("%s(), max_data_size=%d\n", __func__,
221 self->max_data_size);
222
223 memcpy(&self->qos_tx, qos, sizeof(struct qos_info));
224
225 /* We are now connected! */
226 sk->sk_state = TCP_ESTABLISHED;
227 sk->sk_state_change(sk);
228 }
229
230 /*
231 * Function irda_connect_indication(instance, sap, qos, max_sdu_size, userdata)
232 *
233 * Incoming connection
234 *
235 */
236 static void irda_connect_indication(void *instance, void *sap,
237 struct qos_info *qos, __u32 max_sdu_size,
238 __u8 max_header_size, struct sk_buff *skb)
239 {
240 struct irda_sock *self;
241 struct sock *sk;
242
243 self = instance;
244
245 pr_debug("%s(%p)\n", __func__, self);
246
247 sk = instance;
248 if (sk == NULL) {
249 dev_kfree_skb(skb);
250 return;
251 }
252
253 /* How much header space do we need to reserve */
254 self->max_header_size = max_header_size;
255
256 /* IrTTP max SDU size in transmit direction */
257 self->max_sdu_size_tx = max_sdu_size;
258
259 /* Find out what the largest chunk of data that we can transmit is */
260 switch (sk->sk_type) {
261 case SOCK_STREAM:
262 if (max_sdu_size != 0) {
263 net_err_ratelimited("%s: max_sdu_size must be 0\n",
264 __func__);
265 kfree_skb(skb);
266 return;
267 }
268 self->max_data_size = irttp_get_max_seg_size(self->tsap);
269 break;
270 case SOCK_SEQPACKET:
271 if (max_sdu_size == 0) {
272 net_err_ratelimited("%s: max_sdu_size cannot be 0\n",
273 __func__);
274 kfree_skb(skb);
275 return;
276 }
277 self->max_data_size = max_sdu_size;
278 break;
279 default:
280 self->max_data_size = irttp_get_max_seg_size(self->tsap);
281 }
282
283 pr_debug("%s(), max_data_size=%d\n", __func__,
284 self->max_data_size);
285
286 memcpy(&self->qos_tx, qos, sizeof(struct qos_info));
287
288 skb_queue_tail(&sk->sk_receive_queue, skb);
289 sk->sk_state_change(sk);
290 }
291
292 /*
293 * Function irda_connect_response (handle)
294 *
295 * Accept incoming connection
296 *
297 */
298 static void irda_connect_response(struct irda_sock *self)
299 {
300 struct sk_buff *skb;
301
302 skb = alloc_skb(TTP_MAX_HEADER + TTP_SAR_HEADER, GFP_KERNEL);
303 if (skb == NULL) {
304 pr_debug("%s() Unable to allocate sk_buff!\n",
305 __func__);
306 return;
307 }
308
309 /* Reserve space for MUX_CONTROL and LAP header */
310 skb_reserve(skb, IRDA_MAX_HEADER);
311
312 irttp_connect_response(self->tsap, self->max_sdu_size_rx, skb);
313 }
314
315 /*
316 * Function irda_flow_indication (instance, sap, flow)
317 *
318 * Used by TinyTP to tell us if it can accept more data or not
319 *
320 */
321 static void irda_flow_indication(void *instance, void *sap, LOCAL_FLOW flow)
322 {
323 struct irda_sock *self;
324 struct sock *sk;
325
326 self = instance;
327 sk = instance;
328 BUG_ON(sk == NULL);
329
330 switch (flow) {
331 case FLOW_STOP:
332 pr_debug("%s(), IrTTP wants us to slow down\n",
333 __func__);
334 self->tx_flow = flow;
335 break;
336 case FLOW_START:
337 self->tx_flow = flow;
338 pr_debug("%s(), IrTTP wants us to start again\n",
339 __func__);
340 wake_up_interruptible(sk_sleep(sk));
341 break;
342 default:
343 pr_debug("%s(), Unknown flow command!\n", __func__);
344 /* Unknown flow command, better stop */
345 self->tx_flow = flow;
346 break;
347 }
348 }
349
350 /*
351 * Function irda_getvalue_confirm (obj_id, value, priv)
352 *
353 * Got answer from remote LM-IAS, just pass object to requester...
354 *
355 * Note : duplicate from above, but we need our own version that
356 * doesn't touch the dtsap_sel and save the full value structure...
357 */
358 static void irda_getvalue_confirm(int result, __u16 obj_id,
359 struct ias_value *value, void *priv)
360 {
361 struct irda_sock *self;
362
363 self = priv;
364 if (!self) {
365 net_warn_ratelimited("%s: lost myself!\n", __func__);
366 return;
367 }
368
369 pr_debug("%s(%p)\n", __func__, self);
370
371 /* We probably don't need to make any more queries */
372 iriap_close(self->iriap);
373 self->iriap = NULL;
374
375 /* Check if request succeeded */
376 if (result != IAS_SUCCESS) {
377 pr_debug("%s(), IAS query failed! (%d)\n", __func__,
378 result);
379
380 self->errno = result; /* We really need it later */
381
382 /* Wake up any processes waiting for result */
383 wake_up_interruptible(&self->query_wait);
384
385 return;
386 }
387
388 /* Pass the object to the caller (so the caller must delete it) */
389 self->ias_result = value;
390 self->errno = 0;
391
392 /* Wake up any processes waiting for result */
393 wake_up_interruptible(&self->query_wait);
394 }
395
396 /*
397 * Function irda_selective_discovery_indication (discovery)
398 *
399 * Got a selective discovery indication from IrLMP.
400 *
401 * IrLMP is telling us that this node is new and matching our hint bit
402 * filter. Wake up any process waiting for answer...
403 */
404 static void irda_selective_discovery_indication(discinfo_t *discovery,
405 DISCOVERY_MODE mode,
406 void *priv)
407 {
408 struct irda_sock *self;
409
410 self = priv;
411 if (!self) {
412 net_warn_ratelimited("%s: lost myself!\n", __func__);
413 return;
414 }
415
416 /* Pass parameter to the caller */
417 self->cachedaddr = discovery->daddr;
418
419 /* Wake up process if its waiting for device to be discovered */
420 wake_up_interruptible(&self->query_wait);
421 }
422
423 /*
424 * Function irda_discovery_timeout (priv)
425 *
426 * Timeout in the selective discovery process
427 *
428 * We were waiting for a node to be discovered, but nothing has come up
429 * so far. Wake up the user and tell him that we failed...
430 */
431 static void irda_discovery_timeout(u_long priv)
432 {
433 struct irda_sock *self;
434
435 self = (struct irda_sock *) priv;
436 BUG_ON(self == NULL);
437
438 /* Nothing for the caller */
439 self->cachelog = NULL;
440 self->cachedaddr = 0;
441 self->errno = -ETIME;
442
443 /* Wake up process if its still waiting... */
444 wake_up_interruptible(&self->query_wait);
445 }
446
447 /*
448 * Function irda_open_tsap (self)
449 *
450 * Open local Transport Service Access Point (TSAP)
451 *
452 */
453 static int irda_open_tsap(struct irda_sock *self, __u8 tsap_sel, char *name)
454 {
455 notify_t notify;
456
457 if (self->tsap) {
458 pr_debug("%s: busy!\n", __func__);
459 return -EBUSY;
460 }
461
462 /* Initialize callbacks to be used by the IrDA stack */
463 irda_notify_init(¬ify);
464 notify.connect_confirm = irda_connect_confirm;
465 notify.connect_indication = irda_connect_indication;
466 notify.disconnect_indication = irda_disconnect_indication;
467 notify.data_indication = irda_data_indication;
468 notify.udata_indication = irda_data_indication;
469 notify.flow_indication = irda_flow_indication;
470 notify.instance = self;
471 strncpy(notify.name, name, NOTIFY_MAX_NAME);
472
473 self->tsap = irttp_open_tsap(tsap_sel, DEFAULT_INITIAL_CREDIT,
474 ¬ify);
475 if (self->tsap == NULL) {
476 pr_debug("%s(), Unable to allocate TSAP!\n",
477 __func__);
478 return -ENOMEM;
479 }
480 /* Remember which TSAP selector we actually got */
481 self->stsap_sel = self->tsap->stsap_sel;
482
483 return 0;
484 }
485
486 /*
487 * Function irda_open_lsap (self)
488 *
489 * Open local Link Service Access Point (LSAP). Used for opening Ultra
490 * sockets
491 */
492 #ifdef CONFIG_IRDA_ULTRA
493 static int irda_open_lsap(struct irda_sock *self, int pid)
494 {
495 notify_t notify;
496
497 if (self->lsap) {
498 net_warn_ratelimited("%s(), busy!\n", __func__);
499 return -EBUSY;
500 }
501
502 /* Initialize callbacks to be used by the IrDA stack */
503 irda_notify_init(¬ify);
504 notify.udata_indication = irda_data_indication;
505 notify.instance = self;
506 strncpy(notify.name, "Ultra", NOTIFY_MAX_NAME);
507
508 self->lsap = irlmp_open_lsap(LSAP_CONNLESS, ¬ify, pid);
509 if (self->lsap == NULL) {
510 pr_debug("%s(), Unable to allocate LSAP!\n", __func__);
511 return -ENOMEM;
512 }
513
514 return 0;
515 }
516 #endif /* CONFIG_IRDA_ULTRA */
517
518 /*
519 * Function irda_find_lsap_sel (self, name)
520 *
521 * Try to lookup LSAP selector in remote LM-IAS
522 *
523 * Basically, we start a IAP query, and then go to sleep. When the query
524 * return, irda_getvalue_confirm will wake us up, and we can examine the
525 * result of the query...
526 * Note that in some case, the query fail even before we go to sleep,
527 * creating some races...
528 */
529 static int irda_find_lsap_sel(struct irda_sock *self, char *name)
530 {
531 pr_debug("%s(%p, %s)\n", __func__, self, name);
532
533 if (self->iriap) {
534 net_warn_ratelimited("%s(): busy with a previous query\n",
535 __func__);
536 return -EBUSY;
537 }
538
539 self->iriap = iriap_open(LSAP_ANY, IAS_CLIENT, self,
540 irda_getvalue_confirm);
541 if(self->iriap == NULL)
542 return -ENOMEM;
543
544 /* Treat unexpected wakeup as disconnect */
545 self->errno = -EHOSTUNREACH;
546
547 /* Query remote LM-IAS */
548 iriap_getvaluebyclass_request(self->iriap, self->saddr, self->daddr,
549 name, "IrDA:TinyTP:LsapSel");
550
551 /* Wait for answer, if not yet finished (or failed) */
552 if (wait_event_interruptible(self->query_wait, (self->iriap==NULL)))
553 /* Treat signals as disconnect */
554 return -EHOSTUNREACH;
555
556 /* Check what happened */
557 if (self->errno)
558 {
559 /* Requested object/attribute doesn't exist */
560 if((self->errno == IAS_CLASS_UNKNOWN) ||
561 (self->errno == IAS_ATTRIB_UNKNOWN))
562 return -EADDRNOTAVAIL;
563 else
564 return -EHOSTUNREACH;
565 }
566
567 /* Get the remote TSAP selector */
568 switch (self->ias_result->type) {
569 case IAS_INTEGER:
570 pr_debug("%s() int=%d\n",
571 __func__, self->ias_result->t.integer);
572
573 if (self->ias_result->t.integer != -1)
574 self->dtsap_sel = self->ias_result->t.integer;
575 else
576 self->dtsap_sel = 0;
577 break;
578 default:
579 self->dtsap_sel = 0;
580 pr_debug("%s(), bad type!\n", __func__);
581 break;
582 }
583 if (self->ias_result)
584 irias_delete_value(self->ias_result);
585
586 if (self->dtsap_sel)
587 return 0;
588
589 return -EADDRNOTAVAIL;
590 }
591
592 /*
593 * Function irda_discover_daddr_and_lsap_sel (self, name)
594 *
595 * This try to find a device with the requested service.
596 *
597 * It basically look into the discovery log. For each address in the list,
598 * it queries the LM-IAS of the device to find if this device offer
599 * the requested service.
600 * If there is more than one node supporting the service, we complain
601 * to the user (it should move devices around).
602 * The, we set both the destination address and the lsap selector to point
603 * on the service on the unique device we have found.
604 *
605 * Note : this function fails if there is more than one device in range,
606 * because IrLMP doesn't disconnect the LAP when the last LSAP is closed.
607 * Moreover, we would need to wait the LAP disconnection...
608 */
609 static int irda_discover_daddr_and_lsap_sel(struct irda_sock *self, char *name)
610 {
611 discinfo_t *discoveries; /* Copy of the discovery log */
612 int number; /* Number of nodes in the log */
613 int i;
614 int err = -ENETUNREACH;
615 __u32 daddr = DEV_ADDR_ANY; /* Address we found the service on */
616 __u8 dtsap_sel = 0x0; /* TSAP associated with it */
617
618 pr_debug("%s(), name=%s\n", __func__, name);
619
620 /* Ask lmp for the current discovery log
621 * Note : we have to use irlmp_get_discoveries(), as opposed
622 * to play with the cachelog directly, because while we are
623 * making our ias query, le log might change... */
624 discoveries = irlmp_get_discoveries(&number, self->mask.word,
625 self->nslots);
626 /* Check if the we got some results */
627 if (discoveries == NULL)
628 return -ENETUNREACH; /* No nodes discovered */
629
630 /*
631 * Now, check all discovered devices (if any), and connect
632 * client only about the services that the client is
633 * interested in...
634 */
635 for(i = 0; i < number; i++) {
636 /* Try the address in the log */
637 self->daddr = discoveries[i].daddr;
638 self->saddr = 0x0;
639 pr_debug("%s(), trying daddr = %08x\n",
640 __func__, self->daddr);
641
642 /* Query remote LM-IAS for this service */
643 err = irda_find_lsap_sel(self, name);
644 switch (err) {
645 case 0:
646 /* We found the requested service */
647 if(daddr != DEV_ADDR_ANY) {
648 pr_debug("%s(), discovered service ''%s'' in two different devices !!!\n",
649 __func__, name);
650 self->daddr = DEV_ADDR_ANY;
651 kfree(discoveries);
652 return -ENOTUNIQ;
653 }
654 /* First time we found that one, save it ! */
655 daddr = self->daddr;
656 dtsap_sel = self->dtsap_sel;
657 break;
658 case -EADDRNOTAVAIL:
659 /* Requested service simply doesn't exist on this node */
660 break;
661 default:
662 /* Something bad did happen :-( */
663 pr_debug("%s(), unexpected IAS query failure\n",
664 __func__);
665 self->daddr = DEV_ADDR_ANY;
666 kfree(discoveries);
667 return -EHOSTUNREACH;
668 }
669 }
670 /* Cleanup our copy of the discovery log */
671 kfree(discoveries);
672
673 /* Check out what we found */
674 if(daddr == DEV_ADDR_ANY) {
675 pr_debug("%s(), cannot discover service ''%s'' in any device !!!\n",
676 __func__, name);
677 self->daddr = DEV_ADDR_ANY;
678 return -EADDRNOTAVAIL;
679 }
680
681 /* Revert back to discovered device & service */
682 self->daddr = daddr;
683 self->saddr = 0x0;
684 self->dtsap_sel = dtsap_sel;
685
686 pr_debug("%s(), discovered requested service ''%s'' at address %08x\n",
687 __func__, name, self->daddr);
688
689 return 0;
690 }
691
692 /*
693 * Function irda_getname (sock, uaddr, uaddr_len, peer)
694 *
695 * Return the our own, or peers socket address (sockaddr_irda)
696 *
697 */
698 static int irda_getname(struct socket *sock, struct sockaddr *uaddr,
699 int *uaddr_len, int peer)
700 {
701 struct sockaddr_irda saddr;
702 struct sock *sk = sock->sk;
703 struct irda_sock *self = irda_sk(sk);
704
705 memset(&saddr, 0, sizeof(saddr));
706 if (peer) {
707 if (sk->sk_state != TCP_ESTABLISHED)
708 return -ENOTCONN;
709
710 saddr.sir_family = AF_IRDA;
711 saddr.sir_lsap_sel = self->dtsap_sel;
712 saddr.sir_addr = self->daddr;
713 } else {
714 saddr.sir_family = AF_IRDA;
715 saddr.sir_lsap_sel = self->stsap_sel;
716 saddr.sir_addr = self->saddr;
717 }
718
719 pr_debug("%s(), tsap_sel = %#x\n", __func__, saddr.sir_lsap_sel);
720 pr_debug("%s(), addr = %08x\n", __func__, saddr.sir_addr);
721
722 /* uaddr_len come to us uninitialised */
723 *uaddr_len = sizeof (struct sockaddr_irda);
724 memcpy(uaddr, &saddr, *uaddr_len);
725
726 return 0;
727 }
728
729 /*
730 * Function irda_listen (sock, backlog)
731 *
732 * Just move to the listen state
733 *
734 */
735 static int irda_listen(struct socket *sock, int backlog)
736 {
737 struct sock *sk = sock->sk;
738 int err = -EOPNOTSUPP;
739
740 lock_sock(sk);
741
742 if ((sk->sk_type != SOCK_STREAM) && (sk->sk_type != SOCK_SEQPACKET) &&
743 (sk->sk_type != SOCK_DGRAM))
744 goto out;
745
746 if (sk->sk_state != TCP_LISTEN) {
747 sk->sk_max_ack_backlog = backlog;
748 sk->sk_state = TCP_LISTEN;
749
750 err = 0;
751 }
752 out:
753 release_sock(sk);
754
755 return err;
756 }
757
758 /*
759 * Function irda_bind (sock, uaddr, addr_len)
760 *
761 * Used by servers to register their well known TSAP
762 *
763 */
764 static int irda_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
765 {
766 struct sock *sk = sock->sk;
767 struct sockaddr_irda *addr = (struct sockaddr_irda *) uaddr;
768 struct irda_sock *self = irda_sk(sk);
769 int err;
770
771 pr_debug("%s(%p)\n", __func__, self);
772
773 if (addr_len != sizeof(struct sockaddr_irda))
774 return -EINVAL;
775
776 lock_sock(sk);
777 #ifdef CONFIG_IRDA_ULTRA
778 /* Special care for Ultra sockets */
779 if ((sk->sk_type == SOCK_DGRAM) &&
780 (sk->sk_protocol == IRDAPROTO_ULTRA)) {
781 self->pid = addr->sir_lsap_sel;
782 err = -EOPNOTSUPP;
783 if (self->pid & 0x80) {
784 pr_debug("%s(), extension in PID not supp!\n",
785 __func__);
786 goto out;
787 }
788 err = irda_open_lsap(self, self->pid);
789 if (err < 0)
790 goto out;
791
792 /* Pretend we are connected */
793 sock->state = SS_CONNECTED;
794 sk->sk_state = TCP_ESTABLISHED;
795 err = 0;
796
797 goto out;
798 }
799 #endif /* CONFIG_IRDA_ULTRA */
800
801 self->ias_obj = irias_new_object(addr->sir_name, jiffies);
802 err = -ENOMEM;
803 if (self->ias_obj == NULL)
804 goto out;
805
806 err = irda_open_tsap(self, addr->sir_lsap_sel, addr->sir_name);
807 if (err < 0) {
808 irias_delete_object(self->ias_obj);
809 self->ias_obj = NULL;
810 goto out;
811 }
812
813 /* Register with LM-IAS */
814 irias_add_integer_attrib(self->ias_obj, "IrDA:TinyTP:LsapSel",
815 self->stsap_sel, IAS_KERNEL_ATTR);
816 irias_insert_object(self->ias_obj);
817
818 err = 0;
819 out:
820 release_sock(sk);
821 return err;
822 }
823
824 /*
825 * Function irda_accept (sock, newsock, flags)
826 *
827 * Wait for incoming connection
828 *
829 */
830 static int irda_accept(struct socket *sock, struct socket *newsock, int flags)
831 {
832 struct sock *sk = sock->sk;
833 struct irda_sock *new, *self = irda_sk(sk);
834 struct sock *newsk;
835 struct sk_buff *skb = NULL;
836 int err;
837
838 err = irda_create(sock_net(sk), newsock, sk->sk_protocol, 0);
839 if (err)
840 return err;
841
842 err = -EINVAL;
843
844 lock_sock(sk);
845 if (sock->state != SS_UNCONNECTED)
846 goto out;
847
848 if ((sk = sock->sk) == NULL)
849 goto out;
850
851 err = -EOPNOTSUPP;
852 if ((sk->sk_type != SOCK_STREAM) && (sk->sk_type != SOCK_SEQPACKET) &&
853 (sk->sk_type != SOCK_DGRAM))
854 goto out;
855
856 err = -EINVAL;
857 if (sk->sk_state != TCP_LISTEN)
858 goto out;
859
860 /*
861 * The read queue this time is holding sockets ready to use
862 * hooked into the SABM we saved
863 */
864
865 /*
866 * We can perform the accept only if there is incoming data
867 * on the listening socket.
868 * So, we will block the caller until we receive any data.
869 * If the caller was waiting on select() or poll() before
870 * calling us, the data is waiting for us ;-)
871 * Jean II
872 */
873 while (1) {
874 skb = skb_dequeue(&sk->sk_receive_queue);
875 if (skb)
876 break;
877
878 /* Non blocking operation */
879 err = -EWOULDBLOCK;
880 if (flags & O_NONBLOCK)
881 goto out;
882
883 err = wait_event_interruptible(*(sk_sleep(sk)),
884 skb_peek(&sk->sk_receive_queue));
885 if (err)
886 goto out;
887 }
888
889 newsk = newsock->sk;
890 err = -EIO;
891 if (newsk == NULL)
892 goto out;
893
894 newsk->sk_state = TCP_ESTABLISHED;
895
896 new = irda_sk(newsk);
897
898 /* Now attach up the new socket */
899 new->tsap = irttp_dup(self->tsap, new);
900 err = -EPERM; /* value does not seem to make sense. -arnd */
901 if (!new->tsap) {
902 pr_debug("%s(), dup failed!\n", __func__);
903 goto out;
904 }
905
906 new->stsap_sel = new->tsap->stsap_sel;
907 new->dtsap_sel = new->tsap->dtsap_sel;
908 new->saddr = irttp_get_saddr(new->tsap);
909 new->daddr = irttp_get_daddr(new->tsap);
910
911 new->max_sdu_size_tx = self->max_sdu_size_tx;
912 new->max_sdu_size_rx = self->max_sdu_size_rx;
913 new->max_data_size = self->max_data_size;
914 new->max_header_size = self->max_header_size;
915
916 memcpy(&new->qos_tx, &self->qos_tx, sizeof(struct qos_info));
917
918 /* Clean up the original one to keep it in listen state */
919 irttp_listen(self->tsap);
920
921 sk->sk_ack_backlog--;
922
923 newsock->state = SS_CONNECTED;
924
925 irda_connect_response(new);
926 err = 0;
927 out:
928 kfree_skb(skb);
929 release_sock(sk);
930 return err;
931 }
932
933 /*
934 * Function irda_connect (sock, uaddr, addr_len, flags)
935 *
936 * Connect to a IrDA device
937 *
938 * The main difference with a "standard" connect is that with IrDA we need
939 * to resolve the service name into a TSAP selector (in TCP, port number
940 * doesn't have to be resolved).
941 * Because of this service name resolution, we can offer "auto-connect",
942 * where we connect to a service without specifying a destination address.
943 *
944 * Note : by consulting "errno", the user space caller may learn the cause
945 * of the failure. Most of them are visible in the function, others may come
946 * from subroutines called and are listed here :
947 * o EBUSY : already processing a connect
948 * o EHOSTUNREACH : bad addr->sir_addr argument
949 * o EADDRNOTAVAIL : bad addr->sir_name argument
950 * o ENOTUNIQ : more than one node has addr->sir_name (auto-connect)
951 * o ENETUNREACH : no node found on the network (auto-connect)
952 */
953 static int irda_connect(struct socket *sock, struct sockaddr *uaddr,
954 int addr_len, int flags)
955 {
956 struct sock *sk = sock->sk;
957 struct sockaddr_irda *addr = (struct sockaddr_irda *) uaddr;
958 struct irda_sock *self = irda_sk(sk);
959 int err;
960
961 pr_debug("%s(%p)\n", __func__, self);
962
963 lock_sock(sk);
964 /* Don't allow connect for Ultra sockets */
965 err = -ESOCKTNOSUPPORT;
966 if ((sk->sk_type == SOCK_DGRAM) && (sk->sk_protocol == IRDAPROTO_ULTRA))
967 goto out;
968
969 if (sk->sk_state == TCP_ESTABLISHED && sock->state == SS_CONNECTING) {
970 sock->state = SS_CONNECTED;
971 err = 0;
972 goto out; /* Connect completed during a ERESTARTSYS event */
973 }
974
975 if (sk->sk_state == TCP_CLOSE && sock->state == SS_CONNECTING) {
976 sock->state = SS_UNCONNECTED;
977 err = -ECONNREFUSED;
978 goto out;
979 }
980
981 err = -EISCONN; /* No reconnect on a seqpacket socket */
982 if (sk->sk_state == TCP_ESTABLISHED)
983 goto out;
984
985 sk->sk_state = TCP_CLOSE;
986 sock->state = SS_UNCONNECTED;
987
988 err = -EINVAL;
989 if (addr_len != sizeof(struct sockaddr_irda))
990 goto out;
991
992 /* Check if user supplied any destination device address */
993 if ((!addr->sir_addr) || (addr->sir_addr == DEV_ADDR_ANY)) {
994 /* Try to find one suitable */
995 err = irda_discover_daddr_and_lsap_sel(self, addr->sir_name);
996 if (err) {
997 pr_debug("%s(), auto-connect failed!\n", __func__);
998 goto out;
999 }
1000 } else {
1001 /* Use the one provided by the user */
1002 self->daddr = addr->sir_addr;
1003 pr_debug("%s(), daddr = %08x\n", __func__, self->daddr);
1004
1005 /* If we don't have a valid service name, we assume the
1006 * user want to connect on a specific LSAP. Prevent
1007 * the use of invalid LSAPs (IrLMP 1.1 p10). Jean II */
1008 if((addr->sir_name[0] != '\0') ||
1009 (addr->sir_lsap_sel >= 0x70)) {
1010 /* Query remote LM-IAS using service name */
1011 err = irda_find_lsap_sel(self, addr->sir_name);
1012 if (err) {
1013 pr_debug("%s(), connect failed!\n", __func__);
1014 goto out;
1015 }
1016 } else {
1017 /* Directly connect to the remote LSAP
1018 * specified by the sir_lsap field.
1019 * Please use with caution, in IrDA LSAPs are
1020 * dynamic and there is no "well-known" LSAP. */
1021 self->dtsap_sel = addr->sir_lsap_sel;
1022 }
1023 }
1024
1025 /* Check if we have opened a local TSAP */
1026 if (!self->tsap) {
1027 err = irda_open_tsap(self, LSAP_ANY, addr->sir_name);
1028 if (err)
1029 goto out;
1030 }
1031
1032 /* Move to connecting socket, start sending Connect Requests */
1033 sock->state = SS_CONNECTING;
1034 sk->sk_state = TCP_SYN_SENT;
1035
1036 /* Connect to remote device */
1037 err = irttp_connect_request(self->tsap, self->dtsap_sel,
1038 self->saddr, self->daddr, NULL,
1039 self->max_sdu_size_rx, NULL);
1040 if (err) {
1041 pr_debug("%s(), connect failed!\n", __func__);
1042 goto out;
1043 }
1044
1045 /* Now the loop */
1046 err = -EINPROGRESS;
1047 if (sk->sk_state != TCP_ESTABLISHED && (flags & O_NONBLOCK))
1048 goto out;
1049
1050 err = -ERESTARTSYS;
1051 if (wait_event_interruptible(*(sk_sleep(sk)),
1052 (sk->sk_state != TCP_SYN_SENT)))
1053 goto out;
1054
1055 if (sk->sk_state != TCP_ESTABLISHED) {
1056 sock->state = SS_UNCONNECTED;
1057 err = sock_error(sk);
1058 if (!err)
1059 err = -ECONNRESET;
1060 goto out;
1061 }
1062
1063 sock->state = SS_CONNECTED;
1064
1065 /* At this point, IrLMP has assigned our source address */
1066 self->saddr = irttp_get_saddr(self->tsap);
1067 err = 0;
1068 out:
1069 release_sock(sk);
1070 return err;
1071 }
1072
1073 static struct proto irda_proto = {
1074 .name = "IRDA",
1075 .owner = THIS_MODULE,
1076 .obj_size = sizeof(struct irda_sock),
1077 };
1078
1079 /*
1080 * Function irda_create (sock, protocol)
1081 *
1082 * Create IrDA socket
1083 *
1084 */
1085 static int irda_create(struct net *net, struct socket *sock, int protocol,
1086 int kern)
1087 {
1088 struct sock *sk;
1089 struct irda_sock *self;
1090
1091 if (protocol < 0 || protocol > SK_PROTOCOL_MAX)
1092 return -EINVAL;
1093
1094 if (net != &init_net)
1095 return -EAFNOSUPPORT;
1096
1097 /* Check for valid socket type */
1098 switch (sock->type) {
1099 case SOCK_STREAM: /* For TTP connections with SAR disabled */
1100 case SOCK_SEQPACKET: /* For TTP connections with SAR enabled */
1101 case SOCK_DGRAM: /* For TTP Unitdata or LMP Ultra transfers */
1102 break;
1103 default:
1104 return -ESOCKTNOSUPPORT;
1105 }
1106
1107 /* Allocate networking socket */
1108 sk = sk_alloc(net, PF_IRDA, GFP_KERNEL, &irda_proto, kern);
1109 if (sk == NULL)
1110 return -ENOMEM;
1111
1112 self = irda_sk(sk);
1113 pr_debug("%s() : self is %p\n", __func__, self);
1114
1115 init_waitqueue_head(&self->query_wait);
1116
1117 switch (sock->type) {
1118 case SOCK_STREAM:
1119 sock->ops = &irda_stream_ops;
1120 self->max_sdu_size_rx = TTP_SAR_DISABLE;
1121 break;
1122 case SOCK_SEQPACKET:
1123 sock->ops = &irda_seqpacket_ops;
1124 self->max_sdu_size_rx = TTP_SAR_UNBOUND;
1125 break;
1126 case SOCK_DGRAM:
1127 switch (protocol) {
1128 #ifdef CONFIG_IRDA_ULTRA
1129 case IRDAPROTO_ULTRA:
1130 sock->ops = &irda_ultra_ops;
1131 /* Initialise now, because we may send on unbound
1132 * sockets. Jean II */
1133 self->max_data_size = ULTRA_MAX_DATA - LMP_PID_HEADER;
1134 self->max_header_size = IRDA_MAX_HEADER + LMP_PID_HEADER;
1135 break;
1136 #endif /* CONFIG_IRDA_ULTRA */
1137 case IRDAPROTO_UNITDATA:
1138 sock->ops = &irda_dgram_ops;
1139 /* We let Unitdata conn. be like seqpack conn. */
1140 self->max_sdu_size_rx = TTP_SAR_UNBOUND;
1141 break;
1142 default:
1143 sk_free(sk);
1144 return -ESOCKTNOSUPPORT;
1145 }
1146 break;
1147 default:
1148 sk_free(sk);
1149 return -ESOCKTNOSUPPORT;
1150 }
1151
1152 /* Initialise networking socket struct */
1153 sock_init_data(sock, sk); /* Note : set sk->sk_refcnt to 1 */
1154 sk->sk_family = PF_IRDA;
1155 sk->sk_protocol = protocol;
1156
1157 /* Register as a client with IrLMP */
1158 self->ckey = irlmp_register_client(0, NULL, NULL, NULL);
1159 self->mask.word = 0xffff;
1160 self->rx_flow = self->tx_flow = FLOW_START;
1161 self->nslots = DISCOVERY_DEFAULT_SLOTS;
1162 self->daddr = DEV_ADDR_ANY; /* Until we get connected */
1163 self->saddr = 0x0; /* so IrLMP assign us any link */
1164 return 0;
1165 }
1166
1167 /*
1168 * Function irda_destroy_socket (self)
1169 *
1170 * Destroy socket
1171 *
1172 */
1173 static void irda_destroy_socket(struct irda_sock *self)
1174 {
1175 pr_debug("%s(%p)\n", __func__, self);
1176
1177 /* Unregister with IrLMP */
1178 irlmp_unregister_client(self->ckey);
1179 irlmp_unregister_service(self->skey);
1180
1181 /* Unregister with LM-IAS */
1182 if (self->ias_obj) {
1183 irias_delete_object(self->ias_obj);
1184 self->ias_obj = NULL;
1185 }
1186
1187 if (self->iriap) {
1188 iriap_close(self->iriap);
1189 self->iriap = NULL;
1190 }
1191
1192 if (self->tsap) {
1193 irttp_disconnect_request(self->tsap, NULL, P_NORMAL);
1194 irttp_close_tsap(self->tsap);
1195 self->tsap = NULL;
1196 }
1197 #ifdef CONFIG_IRDA_ULTRA
1198 if (self->lsap) {
1199 irlmp_close_lsap(self->lsap);
1200 self->lsap = NULL;
1201 }
1202 #endif /* CONFIG_IRDA_ULTRA */
1203 }
1204
1205 /*
1206 * Function irda_release (sock)
1207 */
1208 static int irda_release(struct socket *sock)
1209 {
1210 struct sock *sk = sock->sk;
1211
1212 if (sk == NULL)
1213 return 0;
1214
1215 lock_sock(sk);
1216 sk->sk_state = TCP_CLOSE;
1217 sk->sk_shutdown |= SEND_SHUTDOWN;
1218 sk->sk_state_change(sk);
1219
1220 /* Destroy IrDA socket */
1221 irda_destroy_socket(irda_sk(sk));
1222
1223 sock_orphan(sk);
1224 sock->sk = NULL;
1225 release_sock(sk);
1226
1227 /* Purge queues (see sock_init_data()) */
1228 skb_queue_purge(&sk->sk_receive_queue);
1229
1230 /* Destroy networking socket if we are the last reference on it,
1231 * i.e. if(sk->sk_refcnt == 0) -> sk_free(sk) */
1232 sock_put(sk);
1233
1234 /* Notes on socket locking and deallocation... - Jean II
1235 * In theory we should put pairs of sock_hold() / sock_put() to
1236 * prevent the socket to be destroyed whenever there is an
1237 * outstanding request or outstanding incoming packet or event.
1238 *
1239 * 1) This may include IAS request, both in connect and getsockopt.
1240 * Unfortunately, the situation is a bit more messy than it looks,
1241 * because we close iriap and kfree(self) above.
1242 *
1243 * 2) This may include selective discovery in getsockopt.
1244 * Same stuff as above, irlmp registration and self are gone.
1245 *
1246 * Probably 1 and 2 may not matter, because it's all triggered
1247 * by a process and the socket layer already prevent the
1248 * socket to go away while a process is holding it, through
1249 * sockfd_put() and fput()...
1250 *
1251 * 3) This may include deferred TSAP closure. In particular,
1252 * we may receive a late irda_disconnect_indication()
1253 * Fortunately, (tsap_cb *)->close_pend should protect us
1254 * from that.
1255 *
1256 * I did some testing on SMP, and it looks solid. And the socket
1257 * memory leak is now gone... - Jean II
1258 */
1259
1260 return 0;
1261 }
1262
1263 /*
1264 * Function irda_sendmsg (sock, msg, len)
1265 *
1266 * Send message down to TinyTP. This function is used for both STREAM and
1267 * SEQPACK services. This is possible since it forces the client to
1268 * fragment the message if necessary
1269 */
1270 static int irda_sendmsg(struct socket *sock, struct msghdr *msg, size_t len)
1271 {
1272 struct sock *sk = sock->sk;
1273 struct irda_sock *self;
1274 struct sk_buff *skb;
1275 int err = -EPIPE;
1276
1277 pr_debug("%s(), len=%zd\n", __func__, len);
1278
1279 /* Note : socket.c set MSG_EOR on SEQPACKET sockets */
1280 if (msg->msg_flags & ~(MSG_DONTWAIT | MSG_EOR | MSG_CMSG_COMPAT |
1281 MSG_NOSIGNAL)) {
1282 return -EINVAL;
1283 }
1284
1285 lock_sock(sk);
1286
1287 if (sk->sk_shutdown & SEND_SHUTDOWN)
1288 goto out_err;
1289
1290 if (sk->sk_state != TCP_ESTABLISHED) {
1291 err = -ENOTCONN;
1292 goto out;
1293 }
1294
1295 self = irda_sk(sk);
1296
1297 /* Check if IrTTP is wants us to slow down */
1298
1299 if (wait_event_interruptible(*(sk_sleep(sk)),
1300 (self->tx_flow != FLOW_STOP || sk->sk_state != TCP_ESTABLISHED))) {
1301 err = -ERESTARTSYS;
1302 goto out;
1303 }
1304
1305 /* Check if we are still connected */
1306 if (sk->sk_state != TCP_ESTABLISHED) {
1307 err = -ENOTCONN;
1308 goto out;
1309 }
1310
1311 /* Check that we don't send out too big frames */
1312 if (len > self->max_data_size) {
1313 pr_debug("%s(), Chopping frame from %zd to %d bytes!\n",
1314 __func__, len, self->max_data_size);
1315 len = self->max_data_size;
1316 }
1317
1318 skb = sock_alloc_send_skb(sk, len + self->max_header_size + 16,
1319 msg->msg_flags & MSG_DONTWAIT, &err);
1320 if (!skb)
1321 goto out_err;
1322
1323 skb_reserve(skb, self->max_header_size + 16);
1324 skb_reset_transport_header(skb);
1325 skb_put(skb, len);
1326 err = memcpy_from_msg(skb_transport_header(skb), msg, len);
1327 if (err) {
1328 kfree_skb(skb);
1329 goto out_err;
1330 }
1331
1332 /*
1333 * Just send the message to TinyTP, and let it deal with possible
1334 * errors. No need to duplicate all that here
1335 */
1336 err = irttp_data_request(self->tsap, skb);
1337 if (err) {
1338 pr_debug("%s(), err=%d\n", __func__, err);
1339 goto out_err;
1340 }
1341
1342 release_sock(sk);
1343 /* Tell client how much data we actually sent */
1344 return len;
1345
1346 out_err:
1347 err = sk_stream_error(sk, msg->msg_flags, err);
1348 out:
1349 release_sock(sk);
1350 return err;
1351
1352 }
1353
1354 /*
1355 * Function irda_recvmsg_dgram (sock, msg, size, flags)
1356 *
1357 * Try to receive message and copy it to user. The frame is discarded
1358 * after being read, regardless of how much the user actually read
1359 */
1360 static int irda_recvmsg_dgram(struct socket *sock, struct msghdr *msg,
1361 size_t size, int flags)
1362 {
1363 struct sock *sk = sock->sk;
1364 struct irda_sock *self = irda_sk(sk);
1365 struct sk_buff *skb;
1366 size_t copied;
1367 int err;
1368
1369 skb = skb_recv_datagram(sk, flags & ~MSG_DONTWAIT,
1370 flags & MSG_DONTWAIT, &err);
1371 if (!skb)
1372 return err;
1373
1374 skb_reset_transport_header(skb);
1375 copied = skb->len;
1376
1377 if (copied > size) {
1378 pr_debug("%s(), Received truncated frame (%zd < %zd)!\n",
1379 __func__, copied, size);
1380 copied = size;
1381 msg->msg_flags |= MSG_TRUNC;
1382 }
1383 skb_copy_datagram_msg(skb, 0, msg, copied);
1384
1385 skb_free_datagram(sk, skb);
1386
1387 /*
1388 * Check if we have previously stopped IrTTP and we know
1389 * have more free space in our rx_queue. If so tell IrTTP
1390 * to start delivering frames again before our rx_queue gets
1391 * empty
1392 */
1393 if (self->rx_flow == FLOW_STOP) {
1394 if ((atomic_read(&sk->sk_rmem_alloc) << 2) <= sk->sk_rcvbuf) {
1395 pr_debug("%s(), Starting IrTTP\n", __func__);
1396 self->rx_flow = FLOW_START;
1397 irttp_flow_request(self->tsap, FLOW_START);
1398 }
1399 }
1400
1401 return copied;
1402 }
1403
1404 /*
1405 * Function irda_recvmsg_stream (sock, msg, size, flags)
1406 */
1407 static int irda_recvmsg_stream(struct socket *sock, struct msghdr *msg,
1408 size_t size, int flags)
1409 {
1410 struct sock *sk = sock->sk;
1411 struct irda_sock *self = irda_sk(sk);
1412 int noblock = flags & MSG_DONTWAIT;
1413 size_t copied = 0;
1414 int target, err;
1415 long timeo;
1416
1417 if ((err = sock_error(sk)) < 0)
1418 return err;
1419
1420 if (sock->flags & __SO_ACCEPTCON)
1421 return -EINVAL;
1422
1423 err =-EOPNOTSUPP;
1424 if (flags & MSG_OOB)
1425 return -EOPNOTSUPP;
1426
1427 err = 0;
1428 target = sock_rcvlowat(sk, flags & MSG_WAITALL, size);
1429 timeo = sock_rcvtimeo(sk, noblock);
1430
1431 do {
1432 int chunk;
1433 struct sk_buff *skb = skb_dequeue(&sk->sk_receive_queue);
1434
1435 if (skb == NULL) {
1436 DEFINE_WAIT(wait);
1437 err = 0;
1438
1439 if (copied >= target)
1440 break;
1441
1442 prepare_to_wait_exclusive(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE);
1443
1444 /*
1445 * POSIX 1003.1g mandates this order.
1446 */
1447 err = sock_error(sk);
1448 if (err)
1449 ;
1450 else if (sk->sk_shutdown & RCV_SHUTDOWN)
1451 ;
1452 else if (noblock)
1453 err = -EAGAIN;
1454 else if (signal_pending(current))
1455 err = sock_intr_errno(timeo);
1456 else if (sk->sk_state != TCP_ESTABLISHED)
1457 err = -ENOTCONN;
1458 else if (skb_peek(&sk->sk_receive_queue) == NULL)
1459 /* Wait process until data arrives */
1460 schedule();
1461
1462 finish_wait(sk_sleep(sk), &wait);
1463
1464 if (err)
1465 return err;
1466 if (sk->sk_shutdown & RCV_SHUTDOWN)
1467 break;
1468
1469 continue;
1470 }
1471
1472 chunk = min_t(unsigned int, skb->len, size);
1473 if (memcpy_to_msg(msg, skb->data, chunk)) {
1474 skb_queue_head(&sk->sk_receive_queue, skb);
1475 if (copied == 0)
1476 copied = -EFAULT;
1477 break;
1478 }
1479 copied += chunk;
1480 size -= chunk;
1481
1482 /* Mark read part of skb as used */
1483 if (!(flags & MSG_PEEK)) {
1484 skb_pull(skb, chunk);
1485
1486 /* put the skb back if we didn't use it up.. */
1487 if (skb->len) {
1488 pr_debug("%s(), back on q!\n",
1489 __func__);
1490 skb_queue_head(&sk->sk_receive_queue, skb);
1491 break;
1492 }
1493
1494 kfree_skb(skb);
1495 } else {
1496 pr_debug("%s() questionable!?\n", __func__);
1497
1498 /* put message back and return */
1499 skb_queue_head(&sk->sk_receive_queue, skb);
1500 break;
1501 }
1502 } while (size);
1503
1504 /*
1505 * Check if we have previously stopped IrTTP and we know
1506 * have more free space in our rx_queue. If so tell IrTTP
1507 * to start delivering frames again before our rx_queue gets
1508 * empty
1509 */
1510 if (self->rx_flow == FLOW_STOP) {
1511 if ((atomic_read(&sk->sk_rmem_alloc) << 2) <= sk->sk_rcvbuf) {
1512 pr_debug("%s(), Starting IrTTP\n", __func__);
1513 self->rx_flow = FLOW_START;
1514 irttp_flow_request(self->tsap, FLOW_START);
1515 }
1516 }
1517
1518 return copied;
1519 }
1520
1521 /*
1522 * Function irda_sendmsg_dgram (sock, msg, len)
1523 *
1524 * Send message down to TinyTP for the unreliable sequenced
1525 * packet service...
1526 *
1527 */
1528 static int irda_sendmsg_dgram(struct socket *sock, struct msghdr *msg,
1529 size_t len)
1530 {
1531 struct sock *sk = sock->sk;
1532 struct irda_sock *self;
1533 struct sk_buff *skb;
1534 int err;
1535
1536 pr_debug("%s(), len=%zd\n", __func__, len);
1537
1538 if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_CMSG_COMPAT))
1539 return -EINVAL;
1540
1541 lock_sock(sk);
1542
1543 if (sk->sk_shutdown & SEND_SHUTDOWN) {
1544 send_sig(SIGPIPE, current, 0);
1545 err = -EPIPE;
1546 goto out;
1547 }
1548
1549 err = -ENOTCONN;
1550 if (sk->sk_state != TCP_ESTABLISHED)
1551 goto out;
1552
1553 self = irda_sk(sk);
1554
1555 /*
1556 * Check that we don't send out too big frames. This is an unreliable
1557 * service, so we have no fragmentation and no coalescence
1558 */
1559 if (len > self->max_data_size) {
1560 pr_debug("%s(), Warning too much data! Chopping frame from %zd to %d bytes!\n",
1561 __func__, len, self->max_data_size);
1562 len = self->max_data_size;
1563 }
1564
1565 skb = sock_alloc_send_skb(sk, len + self->max_header_size,
1566 msg->msg_flags & MSG_DONTWAIT, &err);
1567 err = -ENOBUFS;
1568 if (!skb)
1569 goto out;
1570
1571 skb_reserve(skb, self->max_header_size);
1572 skb_reset_transport_header(skb);
1573
1574 pr_debug("%s(), appending user data\n", __func__);
1575 skb_put(skb, len);
1576 err = memcpy_from_msg(skb_transport_header(skb), msg, len);
1577 if (err) {
1578 kfree_skb(skb);
1579 goto out;
1580 }
1581
1582 /*
1583 * Just send the message to TinyTP, and let it deal with possible
1584 * errors. No need to duplicate all that here
1585 */
1586 err = irttp_udata_request(self->tsap, skb);
1587 if (err) {
1588 pr_debug("%s(), err=%d\n", __func__, err);
1589 goto out;
1590 }
1591
1592 release_sock(sk);
1593 return len;
1594
1595 out:
1596 release_sock(sk);
1597 return err;
1598 }
1599
1600 /*
1601 * Function irda_sendmsg_ultra (sock, msg, len)
1602 *
1603 * Send message down to IrLMP for the unreliable Ultra
1604 * packet service...
1605 */
1606 #ifdef CONFIG_IRDA_ULTRA
1607 static int irda_sendmsg_ultra(struct socket *sock, struct msghdr *msg,
1608 size_t len)
1609 {
1610 struct sock *sk = sock->sk;
1611 struct irda_sock *self;
1612 __u8 pid = 0;
1613 int bound = 0;
1614 struct sk_buff *skb;
1615 int err;
1616
1617 pr_debug("%s(), len=%zd\n", __func__, len);
1618
1619 err = -EINVAL;
1620 if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_CMSG_COMPAT))
1621 return -EINVAL;
1622
1623 lock_sock(sk);
1624
1625 err = -EPIPE;
1626 if (sk->sk_shutdown & SEND_SHUTDOWN) {
1627 send_sig(SIGPIPE, current, 0);
1628 goto out;
1629 }
1630
1631 self = irda_sk(sk);
1632
1633 /* Check if an address was specified with sendto. Jean II */
1634 if (msg->msg_name) {
1635 DECLARE_SOCKADDR(struct sockaddr_irda *, addr, msg->msg_name);
1636 err = -EINVAL;
1637 /* Check address, extract pid. Jean II */
1638 if (msg->msg_namelen < sizeof(*addr))
1639 goto out;
1640 if (addr->sir_family != AF_IRDA)
1641 goto out;
1642
1643 pid = addr->sir_lsap_sel;
1644 if (pid & 0x80) {
1645 pr_debug("%s(), extension in PID not supp!\n",
1646 __func__);
1647 err = -EOPNOTSUPP;
1648 goto out;
1649 }
1650 } else {
1651 /* Check that the socket is properly bound to an Ultra
1652 * port. Jean II */
1653 if ((self->lsap == NULL) ||
1654 (sk->sk_state != TCP_ESTABLISHED)) {
1655 pr_debug("%s(), socket not bound to Ultra PID.\n",
1656 __func__);
1657 err = -ENOTCONN;
1658 goto out;
1659 }
1660 /* Use PID from socket */
1661 bound = 1;
1662 }
1663
1664 /*
1665 * Check that we don't send out too big frames. This is an unreliable
1666 * service, so we have no fragmentation and no coalescence
1667 */
1668 if (len > self->max_data_size) {
1669 pr_debug("%s(), Warning too much data! Chopping frame from %zd to %d bytes!\n",
1670 __func__, len, self->max_data_size);
1671 len = self->max_data_size;
1672 }
1673
1674 skb = sock_alloc_send_skb(sk, len + self->max_header_size,
1675 msg->msg_flags & MSG_DONTWAIT, &err);
1676 err = -ENOBUFS;
1677 if (!skb)
1678 goto out;
1679
1680 skb_reserve(skb, self->max_header_size);
1681 skb_reset_transport_header(skb);
1682
1683 pr_debug("%s(), appending user data\n", __func__);
1684 skb_put(skb, len);
1685 err = memcpy_from_msg(skb_transport_header(skb), msg, len);
1686 if (err) {
1687 kfree_skb(skb);
1688 goto out;
1689 }
1690
1691 err = irlmp_connless_data_request((bound ? self->lsap : NULL),
1692 skb, pid);
1693 if (err)
1694 pr_debug("%s(), err=%d\n", __func__, err);
1695 out:
1696 release_sock(sk);
1697 return err ? : len;
1698 }
1699 #endif /* CONFIG_IRDA_ULTRA */
1700
1701 /*
1702 * Function irda_shutdown (sk, how)
1703 */
1704 static int irda_shutdown(struct socket *sock, int how)
1705 {
1706 struct sock *sk = sock->sk;
1707 struct irda_sock *self = irda_sk(sk);
1708
1709 pr_debug("%s(%p)\n", __func__, self);
1710
1711 lock_sock(sk);
1712
1713 sk->sk_state = TCP_CLOSE;
1714 sk->sk_shutdown |= SEND_SHUTDOWN;
1715 sk->sk_state_change(sk);
1716
1717 if (self->iriap) {
1718 iriap_close(self->iriap);
1719 self->iriap = NULL;
1720 }
1721
1722 if (self->tsap) {
1723 irttp_disconnect_request(self->tsap, NULL, P_NORMAL);
1724 irttp_close_tsap(self->tsap);
1725 self->tsap = NULL;
1726 }
1727
1728 /* A few cleanup so the socket look as good as new... */
1729 self->rx_flow = self->tx_flow = FLOW_START; /* needed ??? */
1730 self->daddr = DEV_ADDR_ANY; /* Until we get re-connected */
1731 self->saddr = 0x0; /* so IrLMP assign us any link */
1732
1733 release_sock(sk);
1734
1735 return 0;
1736 }
1737
1738 /*
1739 * Function irda_poll (file, sock, wait)
1740 */
1741 static unsigned int irda_poll(struct file * file, struct socket *sock,
1742 poll_table *wait)
1743 {
1744 struct sock *sk = sock->sk;
1745 struct irda_sock *self = irda_sk(sk);
1746 unsigned int mask;
1747
1748 poll_wait(file, sk_sleep(sk), wait);
1749 mask = 0;
1750
1751 /* Exceptional events? */
1752 if (sk->sk_err)
1753 mask |= POLLERR;
1754 if (sk->sk_shutdown & RCV_SHUTDOWN) {
1755 pr_debug("%s(), POLLHUP\n", __func__);
1756 mask |= POLLHUP;
1757 }
1758
1759 /* Readable? */
1760 if (!skb_queue_empty(&sk->sk_receive_queue)) {
1761 pr_debug("Socket is readable\n");
1762 mask |= POLLIN | POLLRDNORM;
1763 }
1764
1765 /* Connection-based need to check for termination and startup */
1766 switch (sk->sk_type) {
1767 case SOCK_STREAM:
1768 if (sk->sk_state == TCP_CLOSE) {
1769 pr_debug("%s(), POLLHUP\n", __func__);
1770 mask |= POLLHUP;
1771 }
1772
1773 if (sk->sk_state == TCP_ESTABLISHED) {
1774 if ((self->tx_flow == FLOW_START) &&
1775 sock_writeable(sk))
1776 {
1777 mask |= POLLOUT | POLLWRNORM | POLLWRBAND;
1778 }
1779 }
1780 break;
1781 case SOCK_SEQPACKET:
1782 if ((self->tx_flow == FLOW_START) &&
1783 sock_writeable(sk))
1784 {
1785 mask |= POLLOUT | POLLWRNORM | POLLWRBAND;
1786 }
1787 break;
1788 case SOCK_DGRAM:
1789 if (sock_writeable(sk))
1790 mask |= POLLOUT | POLLWRNORM | POLLWRBAND;
1791 break;
1792 default:
1793 break;
1794 }
1795
1796 return mask;
1797 }
1798
1799 /*
1800 * Function irda_ioctl (sock, cmd, arg)
1801 */
1802 static int irda_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
1803 {
1804 struct sock *sk = sock->sk;
1805 int err;
1806
1807 pr_debug("%s(), cmd=%#x\n", __func__, cmd);
1808
1809 err = -EINVAL;
1810 switch (cmd) {
1811 case TIOCOUTQ: {
1812 long amount;
1813
1814 amount = sk->sk_sndbuf - sk_wmem_alloc_get(sk);
1815 if (amount < 0)
1816 amount = 0;
1817 err = put_user(amount, (unsigned int __user *)arg);
1818 break;
1819 }
1820
1821 case TIOCINQ: {
1822 struct sk_buff *skb;
1823 long amount = 0L;
1824 /* These two are safe on a single CPU system as only user tasks fiddle here */
1825 if ((skb = skb_peek(&sk->sk_receive_queue)) != NULL)
1826 amount = skb->len;
1827 err = put_user(amount, (unsigned int __user *)arg);
1828 break;
1829 }
1830
1831 case SIOCGSTAMP:
1832 if (sk != NULL)
1833 err = sock_get_timestamp(sk, (struct timeval __user *)arg);
1834 break;
1835
1836 case SIOCGIFADDR:
1837 case SIOCSIFADDR:
1838 case SIOCGIFDSTADDR:
1839 case SIOCSIFDSTADDR:
1840 case SIOCGIFBRDADDR:
1841 case SIOCSIFBRDADDR:
1842 case SIOCGIFNETMASK:
1843 case SIOCSIFNETMASK:
1844 case SIOCGIFMETRIC:
1845 case SIOCSIFMETRIC:
1846 break;
1847 default:
1848 pr_debug("%s(), doing device ioctl!\n", __func__);
1849 err = -ENOIOCTLCMD;
1850 }
1851
1852 return err;
1853 }
1854
1855 #ifdef CONFIG_COMPAT
1856 /*
1857 * Function irda_ioctl (sock, cmd, arg)
1858 */
1859 static int irda_compat_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
1860 {
1861 /*
1862 * All IRDA's ioctl are standard ones.
1863 */
1864 return -ENOIOCTLCMD;
1865 }
1866 #endif
1867
1868 /*
1869 * Function irda_setsockopt (sock, level, optname, optval, optlen)
1870 *
1871 * Set some options for the socket
1872 *
1873 */
1874 static int irda_setsockopt(struct socket *sock, int level, int optname,
1875 char __user *optval, unsigned int optlen)
1876 {
1877 struct sock *sk = sock->sk;
1878 struct irda_sock *self = irda_sk(sk);
1879 struct irda_ias_set *ias_opt;
1880 struct ias_object *ias_obj;
1881 struct ias_attrib * ias_attr; /* Attribute in IAS object */
1882 int opt, free_ias = 0, err = 0;
1883
1884 pr_debug("%s(%p)\n", __func__, self);
1885
1886 if (level != SOL_IRLMP)
1887 return -ENOPROTOOPT;
1888
1889 lock_sock(sk);
1890
1891 switch (optname) {
1892 case IRLMP_IAS_SET:
1893 /* The user want to add an attribute to an existing IAS object
1894 * (in the IAS database) or to create a new object with this
1895 * attribute.
1896 * We first query IAS to know if the object exist, and then
1897 * create the right attribute...
1898 */
1899
1900 if (optlen != sizeof(struct irda_ias_set)) {
1901 err = -EINVAL;
1902 goto out;
1903 }
1904
1905 ias_opt = kmalloc(sizeof(struct irda_ias_set), GFP_ATOMIC);
1906 if (ias_opt == NULL) {
1907 err = -ENOMEM;
1908 goto out;
1909 }
1910
1911 /* Copy query to the driver. */
1912 if (copy_from_user(ias_opt, optval, optlen)) {
1913 kfree(ias_opt);
1914 err = -EFAULT;
1915 goto out;
1916 }
1917
1918 /* Find the object we target.
1919 * If the user gives us an empty string, we use the object
1920 * associated with this socket. This will workaround
1921 * duplicated class name - Jean II */
1922 if(ias_opt->irda_class_name[0] == '\0') {
1923 if(self->ias_obj == NULL) {
1924 kfree(ias_opt);
1925 err = -EINVAL;
1926 goto out;
1927 }
1928 ias_obj = self->ias_obj;
1929 } else
1930 ias_obj = irias_find_object(ias_opt->irda_class_name);
1931
1932 /* Only ROOT can mess with the global IAS database.
1933 * Users can only add attributes to the object associated
1934 * with the socket they own - Jean II */
1935 if((!capable(CAP_NET_ADMIN)) &&
1936 ((ias_obj == NULL) || (ias_obj != self->ias_obj))) {
1937 kfree(ias_opt);
1938 err = -EPERM;
1939 goto out;
1940 }
1941
1942 /* If the object doesn't exist, create it */
1943 if(ias_obj == (struct ias_object *) NULL) {
1944 /* Create a new object */
1945 ias_obj = irias_new_object(ias_opt->irda_class_name,
1946 jiffies);
1947 if (ias_obj == NULL) {
1948 kfree(ias_opt);
1949 err = -ENOMEM;
1950 goto out;
1951 }
1952 free_ias = 1;
1953 }
1954
1955 /* Do we have the attribute already ? */
1956 if(irias_find_attrib(ias_obj, ias_opt->irda_attrib_name)) {
1957 kfree(ias_opt);
1958 if (free_ias) {
1959 kfree(ias_obj->name);
1960 kfree(ias_obj);
1961 }
1962 err = -EINVAL;
1963 goto out;
1964 }
1965
1966 /* Look at the type */
1967 switch(ias_opt->irda_attrib_type) {
1968 case IAS_INTEGER:
1969 /* Add an integer attribute */
1970 irias_add_integer_attrib(
1971 ias_obj,
1972 ias_opt->irda_attrib_name,
1973 ias_opt->attribute.irda_attrib_int,
1974 IAS_USER_ATTR);
1975 break;
1976 case IAS_OCT_SEQ:
1977 /* Check length */
1978 if(ias_opt->attribute.irda_attrib_octet_seq.len >
1979 IAS_MAX_OCTET_STRING) {
1980 kfree(ias_opt);
1981 if (free_ias) {
1982 kfree(ias_obj->name);
1983 kfree(ias_obj);
1984 }
1985
1986 err = -EINVAL;
1987 goto out;
1988 }
1989 /* Add an octet sequence attribute */
1990 irias_add_octseq_attrib(
1991 ias_obj,
1992 ias_opt->irda_attrib_name,
1993 ias_opt->attribute.irda_attrib_octet_seq.octet_seq,
1994 ias_opt->attribute.irda_attrib_octet_seq.len,
1995 IAS_USER_ATTR);
1996 break;
1997 case IAS_STRING:
1998 /* Should check charset & co */
1999 /* Check length */
2000 /* The length is encoded in a __u8, and
2001 * IAS_MAX_STRING == 256, so there is no way
2002 * userspace can pass us a string too large.
2003 * Jean II */
2004 /* NULL terminate the string (avoid troubles) */
2005 ias_opt->attribute.irda_attrib_string.string[ias_opt->attribute.irda_attrib_string.len] = '\0';
2006 /* Add a string attribute */
2007 irias_add_string_attrib(
2008 ias_obj,
2009 ias_opt->irda_attrib_name,
2010 ias_opt->attribute.irda_attrib_string.string,
2011 IAS_USER_ATTR);
2012 break;
2013 default :
2014 kfree(ias_opt);
2015 if (free_ias) {
2016 kfree(ias_obj->name);
2017 kfree(ias_obj);
2018 }
2019 err = -EINVAL;
2020 goto out;
2021 }
2022 irias_insert_object(ias_obj);
2023 kfree(ias_opt);
2024 break;
2025 case IRLMP_IAS_DEL:
2026 /* The user want to delete an object from our local IAS
2027 * database. We just need to query the IAS, check is the
2028 * object is not owned by the kernel and delete it.
2029 */
2030
2031 if (optlen != sizeof(struct irda_ias_set)) {
2032 err = -EINVAL;
2033 goto out;
2034 }
2035
2036 ias_opt = kmalloc(sizeof(struct irda_ias_set), GFP_ATOMIC);
2037 if (ias_opt == NULL) {
2038 err = -ENOMEM;
2039 goto out;
2040 }
2041
2042 /* Copy query to the driver. */
2043 if (copy_from_user(ias_opt, optval, optlen)) {
2044 kfree(ias_opt);
2045 err = -EFAULT;
2046 goto out;
2047 }
2048
2049 /* Find the object we target.
2050 * If the user gives us an empty string, we use the object
2051 * associated with this socket. This will workaround
2052 * duplicated class name - Jean II */
2053 if(ias_opt->irda_class_name[0] == '\0')
2054 ias_obj = self->ias_obj;
2055 else
2056 ias_obj = irias_find_object(ias_opt->irda_class_name);
2057 if(ias_obj == (struct ias_object *) NULL) {
2058 kfree(ias_opt);
2059 err = -EINVAL;
2060 goto out;
2061 }
2062
2063 /* Only ROOT can mess with the global IAS database.
2064 * Users can only del attributes from the object associated
2065 * with the socket they own - Jean II */
2066 if((!capable(CAP_NET_ADMIN)) &&
2067 ((ias_obj == NULL) || (ias_obj != self->ias_obj))) {
2068 kfree(ias_opt);
2069 err = -EPERM;
2070 goto out;
2071 }
2072
2073 /* Find the attribute (in the object) we target */
2074 ias_attr = irias_find_attrib(ias_obj,
2075 ias_opt->irda_attrib_name);
2076 if(ias_attr == (struct ias_attrib *) NULL) {
2077 kfree(ias_opt);
2078 err = -EINVAL;
2079 goto out;
2080 }
2081
2082 /* Check is the user space own the object */
2083 if(ias_attr->value->owner != IAS_USER_ATTR) {
2084 pr_debug("%s(), attempting to delete a kernel attribute\n",
2085 __func__);
2086 kfree(ias_opt);
2087 err = -EPERM;
2088 goto out;
2089 }
2090
2091 /* Remove the attribute (and maybe the object) */
2092 irias_delete_attrib(ias_obj, ias_attr, 1);
2093 kfree(ias_opt);
2094 break;
2095 case IRLMP_MAX_SDU_SIZE:
2096 if (optlen < sizeof(int)) {
2097 err = -EINVAL;
2098 goto out;
2099 }
2100
2101 if (get_user(opt, (int __user *)optval)) {
2102 err = -EFAULT;
2103 goto out;
2104 }
2105
2106 /* Only possible for a seqpacket service (TTP with SAR) */
2107 if (sk->sk_type != SOCK_SEQPACKET) {
2108 pr_debug("%s(), setting max_sdu_size = %d\n",
2109 __func__, opt);
2110 self->max_sdu_size_rx = opt;
2111 } else {
2112 net_warn_ratelimited("%s: not allowed to set MAXSDUSIZE for this socket type!\n",
2113 __func__);
2114 err = -ENOPROTOOPT;
2115 goto out;
2116 }
2117 break;
2118 case IRLMP_HINTS_SET:
2119 if (optlen < sizeof(int)) {
2120 err = -EINVAL;
2121 goto out;
2122 }
2123
2124 /* The input is really a (__u8 hints[2]), easier as an int */
2125 if (get_user(opt, (int __user *)optval)) {
2126 err = -EFAULT;
2127 goto out;
2128 }
2129
2130 /* Unregister any old registration */
2131 irlmp_unregister_service(self->skey);
2132
2133 self->skey = irlmp_register_service((__u16) opt);
2134 break;
2135 case IRLMP_HINT_MASK_SET:
2136 /* As opposed to the previous case which set the hint bits
2137 * that we advertise, this one set the filter we use when
2138 * making a discovery (nodes which don't match any hint
2139 * bit in the mask are not reported).
2140 */
2141 if (optlen < sizeof(int)) {
2142 err = -EINVAL;
2143 goto out;
2144 }
2145
2146 /* The input is really a (__u8 hints[2]), easier as an int */
2147 if (get_user(opt, (int __user *)optval)) {
2148 err = -EFAULT;
2149 goto out;
2150 }
2151
2152 /* Set the new hint mask */
2153 self->mask.word = (__u16) opt;
2154 /* Mask out extension bits */
2155 self->mask.word &= 0x7f7f;
2156 /* Check if no bits */
2157 if(!self->mask.word)
2158 self->mask.word = 0xFFFF;
2159
2160 break;
2161 default:
2162 err = -ENOPROTOOPT;
2163 break;
2164 }
2165
2166 out:
2167 release_sock(sk);
2168
2169 return err;
2170 }
2171
2172 /*
2173 * Function irda_extract_ias_value(ias_opt, ias_value)
2174 *
2175 * Translate internal IAS value structure to the user space representation
2176 *
2177 * The external representation of IAS values, as we exchange them with
2178 * user space program is quite different from the internal representation,
2179 * as stored in the IAS database (because we need a flat structure for
2180 * crossing kernel boundary).
2181 * This function transform the former in the latter. We also check
2182 * that the value type is valid.
2183 */
2184 static int irda_extract_ias_value(struct irda_ias_set *ias_opt,
2185 struct ias_value *ias_value)
2186 {
2187 /* Look at the type */
2188 switch (ias_value->type) {
2189 case IAS_INTEGER:
2190 /* Copy the integer */
2191 ias_opt->attribute.irda_attrib_int = ias_value->t.integer;
2192 break;
2193 case IAS_OCT_SEQ:
2194 /* Set length */
2195 ias_opt->attribute.irda_attrib_octet_seq.len = ias_value->len;
2196 /* Copy over */
2197 memcpy(ias_opt->attribute.irda_attrib_octet_seq.octet_seq,
2198 ias_value->t.oct_seq, ias_value->len);
2199 break;
2200 case IAS_STRING:
2201 /* Set length */
2202 ias_opt->attribute.irda_attrib_string.len = ias_value->len;
2203 ias_opt->attribute.irda_attrib_string.charset = ias_value->charset;
2204 /* Copy over */
2205 memcpy(ias_opt->attribute.irda_attrib_string.string,
2206 ias_value->t.string, ias_value->len);
2207 /* NULL terminate the string (avoid troubles) */
2208 ias_opt->attribute.irda_attrib_string.string[ias_value->len] = '\0';
2209 break;
2210 case IAS_MISSING:
2211 default :
2212 return -EINVAL;
2213 }
2214
2215 /* Copy type over */
2216 ias_opt->irda_attrib_type = ias_value->type;
2217
2218 return 0;
2219 }
2220
2221 /*
2222 * Function irda_getsockopt (sock, level, optname, optval, optlen)
2223 */
2224 static int irda_getsockopt(struct socket *sock, int level, int optname,
2225 char __user *optval, int __user *optlen)
2226 {
2227 struct sock *sk = sock->sk;
2228 struct irda_sock *self = irda_sk(sk);
2229 struct irda_device_list list;
2230 struct irda_device_info *discoveries;
2231 struct irda_ias_set * ias_opt; /* IAS get/query params */
2232 struct ias_object * ias_obj; /* Object in IAS */
2233 struct ias_attrib * ias_attr; /* Attribute in IAS object */
2234 int daddr = DEV_ADDR_ANY; /* Dest address for IAS queries */
2235 int val = 0;
2236 int len = 0;
2237 int err = 0;
2238 int offset, total;
2239
2240 pr_debug("%s(%p)\n", __func__, self);
2241
2242 if (level != SOL_IRLMP)
2243 return -ENOPROTOOPT;
2244
2245 if (get_user(len, optlen))
2246 return -EFAULT;
2247
2248 if(len < 0)
2249 return -EINVAL;
2250
2251 lock_sock(sk);
2252
2253 switch (optname) {
2254 case IRLMP_ENUMDEVICES:
2255
2256 /* Offset to first device entry */
2257 offset = sizeof(struct irda_device_list) -
2258 sizeof(struct irda_device_info);
2259
2260 if (len < offset) {
2261 err = -EINVAL;
2262 goto out;
2263 }
2264
2265 /* Ask lmp for the current discovery log */
2266 discoveries = irlmp_get_discoveries(&list.len, self->mask.word,
2267 self->nslots);
2268 /* Check if the we got some results */
2269 if (discoveries == NULL) {
2270 err = -EAGAIN;
2271 goto out; /* Didn't find any devices */
2272 }
2273
2274 /* Write total list length back to client */
2275 if (copy_to_user(optval, &list, offset))
2276 err = -EFAULT;
2277
2278 /* Copy the list itself - watch for overflow */
2279 if (list.len > 2048) {
2280 err = -EINVAL;
2281 goto bed;
2282 }
2283 total = offset + (list.len * sizeof(struct irda_device_info));
2284 if (total > len)
2285 total = len;
2286 if (copy_to_user(optval+offset, discoveries, total - offset))
2287 err = -EFAULT;
2288
2289 /* Write total number of bytes used back to client */
2290 if (put_user(total, optlen))
2291 err = -EFAULT;
2292 bed:
2293 /* Free up our buffer */
2294 kfree(discoveries);
2295 break;
2296 case IRLMP_MAX_SDU_SIZE:
2297 val = self->max_data_size;
2298 len = sizeof(int);
2299 if (put_user(len, optlen)) {
2300 err = -EFAULT;
2301 goto out;
2302 }
2303
2304 if (copy_to_user(optval, &val, len)) {
2305 err = -EFAULT;
2306 goto out;
2307 }
2308
2309 break;
2310 case IRLMP_IAS_GET:
2311 /* The user want an object from our local IAS database.
2312 * We just need to query the IAS and return the value
2313 * that we found */
2314
2315 /* Check that the user has allocated the right space for us */
2316 if (len != sizeof(struct irda_ias_set)) {
2317 err = -EINVAL;
2318 goto out;
2319 }
2320
2321 ias_opt = kmalloc(sizeof(struct irda_ias_set), GFP_ATOMIC);
2322 if (ias_opt == NULL) {
2323 err = -ENOMEM;
2324 goto out;
2325 }
2326
2327 /* Copy query to the driver. */
2328 if (copy_from_user(ias_opt, optval, len)) {
2329 kfree(ias_opt);
2330 err = -EFAULT;
2331 goto out;
2332 }
2333
2334 /* Find the object we target.
2335 * If the user gives us an empty string, we use the object
2336 * associated with this socket. This will workaround
2337 * duplicated class name - Jean II */
2338 if(ias_opt->irda_class_name[0] == '\0')
2339 ias_obj = self->ias_obj;
2340 else
2341 ias_obj = irias_find_object(ias_opt->irda_class_name);
2342 if(ias_obj == (struct ias_object *) NULL) {
2343 kfree(ias_opt);
2344 err = -EINVAL;
2345 goto out;
2346 }
2347
2348 /* Find the attribute (in the object) we target */
2349 ias_attr = irias_find_attrib(ias_obj,
2350 ias_opt->irda_attrib_name);
2351 if(ias_attr == (struct ias_attrib *) NULL) {
2352 kfree(ias_opt);
2353 err = -EINVAL;
2354 goto out;
2355 }
2356
2357 /* Translate from internal to user structure */
2358 err = irda_extract_ias_value(ias_opt, ias_attr->value);
2359 if(err) {
2360 kfree(ias_opt);
2361 goto out;
2362 }
2363
2364 /* Copy reply to the user */
2365 if (copy_to_user(optval, ias_opt,
2366 sizeof(struct irda_ias_set))) {
2367 kfree(ias_opt);
2368 err = -EFAULT;
2369 goto out;
2370 }
2371 /* Note : don't need to put optlen, we checked it */
2372 kfree(ias_opt);
2373 break;
2374 case IRLMP_IAS_QUERY:
2375 /* The user want an object from a remote IAS database.
2376 * We need to use IAP to query the remote database and
2377 * then wait for the answer to come back. */
2378
2379 /* Check that the user has allocated the right space for us */
2380 if (len != sizeof(struct irda_ias_set)) {
2381 err = -EINVAL;
2382 goto out;
2383 }
2384
2385 ias_opt = kmalloc(sizeof(struct irda_ias_set), GFP_ATOMIC);
2386 if (ias_opt == NULL) {
2387 err = -ENOMEM;
2388 goto out;
2389 }
2390
2391 /* Copy query to the driver. */
2392 if (copy_from_user(ias_opt, optval, len)) {
2393 kfree(ias_opt);
2394 err = -EFAULT;
2395 goto out;
2396 }
2397
2398 /* At this point, there are two cases...
2399 * 1) the socket is connected - that's the easy case, we
2400 * just query the device we are connected to...
2401 * 2) the socket is not connected - the user doesn't want
2402 * to connect and/or may not have a valid service name
2403 * (so can't create a fake connection). In this case,
2404 * we assume that the user pass us a valid destination
2405 * address in the requesting structure...
2406 */
2407 if(self->daddr != DEV_ADDR_ANY) {
2408 /* We are connected - reuse known daddr */
2409 daddr = self->daddr;
2410 } else {
2411 /* We are not connected, we must specify a valid
2412 * destination address */
2413 daddr = ias_opt->daddr;
2414 if((!daddr) || (daddr == DEV_ADDR_ANY)) {
2415 kfree(ias_opt);
2416 err = -EINVAL;
2417 goto out;
2418 }
2419 }
2420
2421 /* Check that we can proceed with IAP */
2422 if (self->iriap) {
2423 net_warn_ratelimited("%s: busy with a previous query\n",
2424 __func__);
2425 kfree(ias_opt);
2426 err = -EBUSY;
2427 goto out;
2428 }
2429
2430 self->iriap = iriap_open(LSAP_ANY, IAS_CLIENT, self,
2431 irda_getvalue_confirm);
2432
2433 if (self->iriap == NULL) {
2434 kfree(ias_opt);
2435 err = -ENOMEM;
2436 goto out;
2437 }
2438
2439 /* Treat unexpected wakeup as disconnect */
2440 self->errno = -EHOSTUNREACH;
2441
2442 /* Query remote LM-IAS */
2443 iriap_getvaluebyclass_request(self->iriap,
2444 self->saddr, daddr,
2445 ias_opt->irda_class_name,
2446 ias_opt->irda_attrib_name);
2447
2448 /* Wait for answer, if not yet finished (or failed) */
2449 if (wait_event_interruptible(self->query_wait,
2450 (self->iriap == NULL))) {
2451 /* pending request uses copy of ias_opt-content
2452 * we can free it regardless! */
2453 kfree(ias_opt);
2454 /* Treat signals as disconnect */
2455 err = -EHOSTUNREACH;
2456 goto out;
2457 }
2458
2459 /* Check what happened */
2460 if (self->errno)
2461 {
2462 kfree(ias_opt);
2463 /* Requested object/attribute doesn't exist */
2464 if((self->errno == IAS_CLASS_UNKNOWN) ||
2465 (self->errno == IAS_ATTRIB_UNKNOWN))
2466 err = -EADDRNOTAVAIL;
2467 else
2468 err = -EHOSTUNREACH;
2469
2470 goto out;
2471 }
2472
2473 /* Translate from internal to user structure */
2474 err = irda_extract_ias_value(ias_opt, self->ias_result);
2475 if (self->ias_result)
2476 irias_delete_value(self->ias_result);
2477 if (err) {
2478 kfree(ias_opt);
2479 goto out;
2480 }
2481
2482 /* Copy reply to the user */
2483 if (copy_to_user(optval, ias_opt,
2484 sizeof(struct irda_ias_set))) {
2485 kfree(ias_opt);
2486 err = -EFAULT;
2487 goto out;
2488 }
2489 /* Note : don't need to put optlen, we checked it */
2490 kfree(ias_opt);
2491 break;
2492 case IRLMP_WAITDEVICE:
2493 /* This function is just another way of seeing life ;-)
2494 * IRLMP_ENUMDEVICES assumes that you have a static network,
2495 * and that you just want to pick one of the devices present.
2496 * On the other hand, in here we assume that no device is
2497 * present and that at some point in the future a device will
2498 * come into range. When this device arrive, we just wake
2499 * up the caller, so that he has time to connect to it before
2500 * the device goes away...
2501 * Note : once the node has been discovered for more than a
2502 * few second, it won't trigger this function, unless it
2503 * goes away and come back changes its hint bits (so we
2504 * might call it IRLMP_WAITNEWDEVICE).
2505 */
2506
2507 /* Check that the user is passing us an int */
2508 if (len != sizeof(int)) {
2509 err = -EINVAL;
2510 goto out;
2511 }
2512 /* Get timeout in ms (max time we block the caller) */
2513 if (get_user(val, (int __user *)optval)) {
2514 err = -EFAULT;
2515 goto out;
2516 }
2517
2518 /* Tell IrLMP we want to be notified */
2519 irlmp_update_client(self->ckey, self->mask.word,
2520 irda_selective_discovery_indication,
2521 NULL, (void *) self);
2522
2523 /* Do some discovery (and also return cached results) */
2524 irlmp_discovery_request(self->nslots);
2525
2526 /* Wait until a node is discovered */
2527 if (!self->cachedaddr) {
2528 pr_debug("%s(), nothing discovered yet, going to sleep...\n",
2529 __func__);
2530
2531 /* Set watchdog timer to expire in <val> ms. */
2532 self->errno = 0;
2533 setup_timer(&self->watchdog, irda_discovery_timeout,
2534 (unsigned long)self);
2535 mod_timer(&self->watchdog,
2536 jiffies + msecs_to_jiffies(val));
2537
2538 /* Wait for IR-LMP to call us back */
2539 err = __wait_event_interruptible(self->query_wait,
2540 (self->cachedaddr != 0 || self->errno == -ETIME));
2541
2542 /* If watchdog is still activated, kill it! */
2543 del_timer(&(self->watchdog));
2544
2545 pr_debug("%s(), ...waking up !\n", __func__);
2546
2547 if (err != 0)
2548 goto out;
2549 }
2550 else
2551 pr_debug("%s(), found immediately !\n",
2552 __func__);
2553
2554 /* Tell IrLMP that we have been notified */
2555 irlmp_update_client(self->ckey, self->mask.word,
2556 NULL, NULL, NULL);
2557
2558 /* Check if the we got some results */
2559 if (!self->cachedaddr) {
2560 err = -EAGAIN; /* Didn't find any devices */
2561 goto out;
2562 }
2563 daddr = self->cachedaddr;
2564 /* Cleanup */
2565 self->cachedaddr = 0;
2566
2567 /* We return the daddr of the device that trigger the
2568 * wakeup. As irlmp pass us only the new devices, we
2569 * are sure that it's not an old device.
2570 * If the user want more details, he should query
2571 * the whole discovery log and pick one device...
2572 */
2573 if (put_user(daddr, (int __user *)optval)) {
2574 err = -EFAULT;
2575 goto out;
2576 }
2577
2578 break;
2579 default:
2580 err = -ENOPROTOOPT;
2581 }
2582
2583 out:
2584
2585 release_sock(sk);
2586
2587 return err;
2588 }
2589
2590 static const struct net_proto_family irda_family_ops = {
2591 .family = PF_IRDA,
2592 .create = irda_create,
2593 .owner = THIS_MODULE,
2594 };
2595
2596 static const struct proto_ops irda_stream_ops = {
2597 .family = PF_IRDA,
2598 .owner = THIS_MODULE,
2599 .release = irda_release,
2600 .bind = irda_bind,
2601 .connect = irda_connect,
2602 .socketpair = sock_no_socketpair,
2603 .accept = irda_accept,
2604 .getname = irda_getname,
2605 .poll = irda_poll,
2606 .ioctl = irda_ioctl,
2607 #ifdef CONFIG_COMPAT
2608 .compat_ioctl = irda_compat_ioctl,
2609 #endif
2610 .listen = irda_listen,
2611 .shutdown = irda_shutdown,
2612 .setsockopt = irda_setsockopt,
2613 .getsockopt = irda_getsockopt,
2614 .sendmsg = irda_sendmsg,
2615 .recvmsg = irda_recvmsg_stream,
2616 .mmap = sock_no_mmap,
2617 .sendpage = sock_no_sendpage,
2618 };
2619
2620 static const struct proto_ops irda_seqpacket_ops = {
2621 .family = PF_IRDA,
2622 .owner = THIS_MODULE,
2623 .release = irda_release,
2624 .bind = irda_bind,
2625 .connect = irda_connect,
2626 .socketpair = sock_no_socketpair,
2627 .accept = irda_accept,
2628 .getname = irda_getname,
2629 .poll = datagram_poll,
2630 .ioctl = irda_ioctl,
2631 #ifdef CONFIG_COMPAT
2632 .compat_ioctl = irda_compat_ioctl,
2633 #endif
2634 .listen = irda_listen,
2635 .shutdown = irda_shutdown,
2636 .setsockopt = irda_setsockopt,
2637 .getsockopt = irda_getsockopt,
2638 .sendmsg = irda_sendmsg,
2639 .recvmsg = irda_recvmsg_dgram,
2640 .mmap = sock_no_mmap,
2641 .sendpage = sock_no_sendpage,
2642 };
2643
2644 static const struct proto_ops irda_dgram_ops = {
2645 .family = PF_IRDA,
2646 .owner = THIS_MODULE,
2647 .release = irda_release,
2648 .bind = irda_bind,
2649 .connect = irda_connect,
2650 .socketpair = sock_no_socketpair,
2651 .accept = irda_accept,
2652 .getname = irda_getname,
2653 .poll = datagram_poll,
2654 .ioctl = irda_ioctl,
2655 #ifdef CONFIG_COMPAT
2656 .compat_ioctl = irda_compat_ioctl,
2657 #endif
2658 .listen = irda_listen,
2659 .shutdown = irda_shutdown,
2660 .setsockopt = irda_setsockopt,
2661 .getsockopt = irda_getsockopt,
2662 .sendmsg = irda_sendmsg_dgram,
2663 .recvmsg = irda_recvmsg_dgram,
2664 .mmap = sock_no_mmap,
2665 .sendpage = sock_no_sendpage,
2666 };
2667
2668 #ifdef CONFIG_IRDA_ULTRA
2669 static const struct proto_ops irda_ultra_ops = {
2670 .family = PF_IRDA,
2671 .owner = THIS_MODULE,
2672 .release = irda_release,
2673 .bind = irda_bind,
2674 .connect = sock_no_connect,
2675 .socketpair = sock_no_socketpair,
2676 .accept = sock_no_accept,
2677 .getname = irda_getname,
2678 .poll = datagram_poll,
2679 .ioctl = irda_ioctl,
2680 #ifdef CONFIG_COMPAT
2681 .compat_ioctl = irda_compat_ioctl,
2682 #endif
2683 .listen = sock_no_listen,
2684 .shutdown = irda_shutdown,
2685 .setsockopt = irda_setsockopt,
2686 .getsockopt = irda_getsockopt,
2687 .sendmsg = irda_sendmsg_ultra,
2688 .recvmsg = irda_recvmsg_dgram,
2689 .mmap = sock_no_mmap,
2690 .sendpage = sock_no_sendpage,
2691 };
2692 #endif /* CONFIG_IRDA_ULTRA */
2693
2694 /*
2695 * Function irsock_init (pro)
2696 *
2697 * Initialize IrDA protocol
2698 *
2699 */
2700 int __init irsock_init(void)
2701 {
2702 int rc = proto_register(&irda_proto, 0);
2703
2704 if (rc == 0)
2705 rc = sock_register(&irda_family_ops);
2706
2707 return rc;
2708 }
2709
2710 /*
2711 * Function irsock_cleanup (void)
2712 *
2713 * Remove IrDA protocol
2714 *
2715 */
2716 void irsock_cleanup(void)
2717 {
2718 sock_unregister(PF_IRDA);
2719 proto_unregister(&irda_proto);
2720 }
2721
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.