1 /********************************************************************* 2 * 3 * Filename: af_irda.c 4 * Version: 0.9 5 * Description: IrDA sockets implementation 6 * Status: Stable 7 * Author: Dag Brattli <dagb@cs.uit.no> 8 * Created at: Sun May 31 10:12:43 1998 9 * Modified at: Sat Dec 25 21:10:23 1999 10 * Modified by: Dag Brattli <dag@brattli.net> 11 * Sources: af_netroom.c, af_ax25.c, af_rose.c, af_x25.c etc. 12 * 13 * Copyright (c) 1999 Dag Brattli <dagb@cs.uit.no> 14 * Copyright (c) 1999-2003 Jean Tourrilhes <jt@hpl.hp.com> 15 * All Rights Reserved. 16 * 17 * This program is free software; you can redistribute it and/or 18 * modify it under the terms of the GNU General Public License as 19 * published by the Free Software Foundation; either version 2 of 20 * the License, or (at your option) any later version. 21 * 22 * This program is distributed in the hope that it will be useful, 23 * but WITHOUT ANY WARRANTY; without even the implied warranty of 24 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 25 * GNU General Public License for more details. 26 * 27 * You should have received a copy of the GNU General Public License 28 * along with this program; if not, see <http://www.gnu.org/licenses/>. 29 * 30 * Linux-IrDA now supports four different types of IrDA sockets: 31 * 32 * o SOCK_STREAM: TinyTP connections with SAR disabled. The 33 * max SDU size is 0 for conn. of this type 34 * o SOCK_SEQPACKET: TinyTP connections with SAR enabled. TTP may 35 * fragment the messages, but will preserve 36 * the message boundaries 37 * o SOCK_DGRAM: IRDAPROTO_UNITDATA: TinyTP connections with Unitdata 38 * (unreliable) transfers 39 * IRDAPROTO_ULTRA: Connectionless and unreliable data 40 * 41 ********************************************************************/ 42 43 #include <linux/capability.h> 44 #include <linux/module.h> 45 #include <linux/types.h> 46 #include <linux/socket.h> 47 #include <linux/sockios.h> 48 #include <linux/slab.h> 49 #include <linux/init.h> 50 #include <linux/net.h> 51 #include <linux/irda.h> 52 #include <linux/poll.h> 53 54 #include <asm/ioctls.h> /* TIOCOUTQ, TIOCINQ */ 55 #include <asm/uaccess.h> 56 57 #include <net/sock.h> 58 #include <net/tcp_states.h> 59 60 #include <net/irda/af_irda.h> 61 62 static int irda_create(struct net *net, struct socket *sock, int protocol, int kern); 63 64 static const struct proto_ops irda_stream_ops; 65 static const struct proto_ops irda_seqpacket_ops; 66 static const struct proto_ops irda_dgram_ops; 67 68 #ifdef CONFIG_IRDA_ULTRA 69 static const struct proto_ops irda_ultra_ops; 70 #define ULTRA_MAX_DATA 382 71 #endif /* CONFIG_IRDA_ULTRA */ 72 73 #define IRDA_MAX_HEADER (TTP_MAX_HEADER) 74 75 /* 76 * Function irda_data_indication (instance, sap, skb) 77 * 78 * Received some data from TinyTP. Just queue it on the receive queue 79 * 80 */ 81 static int irda_data_indication(void *instance, void *sap, struct sk_buff *skb) 82 { 83 struct irda_sock *self; 84 struct sock *sk; 85 int err; 86 87 self = instance; 88 sk = instance; 89 90 err = sock_queue_rcv_skb(sk, skb); 91 if (err) { 92 pr_debug("%s(), error: no more mem!\n", __func__); 93 self->rx_flow = FLOW_STOP; 94 95 /* When we return error, TTP will need to requeue the skb */ 96 return err; 97 } 98 99 return 0; 100 } 101 102 /* 103 * Function irda_disconnect_indication (instance, sap, reason, skb) 104 * 105 * Connection has been closed. Check reason to find out why 106 * 107 */ 108 static void irda_disconnect_indication(void *instance, void *sap, 109 LM_REASON reason, struct sk_buff *skb) 110 { 111 struct irda_sock *self; 112 struct sock *sk; 113 114 self = instance; 115 116 pr_debug("%s(%p)\n", __func__, self); 117 118 /* Don't care about it, but let's not leak it */ 119 if(skb) 120 dev_kfree_skb(skb); 121 122 sk = instance; 123 if (sk == NULL) { 124 pr_debug("%s(%p) : BUG : sk is NULL\n", 125 __func__, self); 126 return; 127 } 128 129 /* Prevent race conditions with irda_release() and irda_shutdown() */ 130 bh_lock_sock(sk); 131 if (!sock_flag(sk, SOCK_DEAD) && sk->sk_state != TCP_CLOSE) { 132 sk->sk_state = TCP_CLOSE; 133 sk->sk_shutdown |= SEND_SHUTDOWN; 134 135 sk->sk_state_change(sk); 136 137 /* Close our TSAP. 138 * If we leave it open, IrLMP put it back into the list of 139 * unconnected LSAPs. The problem is that any incoming request 140 * can then be matched to this socket (and it will be, because 141 * it is at the head of the list). This would prevent any 142 * listening socket waiting on the same TSAP to get those 143 * requests. Some apps forget to close sockets, or hang to it 144 * a bit too long, so we may stay in this dead state long 145 * enough to be noticed... 146 * Note : all socket function do check sk->sk_state, so we are 147 * safe... 148 * Jean II 149 */ 150 if (self->tsap) { 151 irttp_close_tsap(self->tsap); 152 self->tsap = NULL; 153 } 154 } 155 bh_unlock_sock(sk); 156 157 /* Note : once we are there, there is not much you want to do 158 * with the socket anymore, apart from closing it. 159 * For example, bind() and connect() won't reset sk->sk_err, 160 * sk->sk_shutdown and sk->sk_flags to valid values... 161 * Jean II 162 */ 163 } 164 165 /* 166 * Function irda_connect_confirm (instance, sap, qos, max_sdu_size, skb) 167 * 168 * Connections has been confirmed by the remote device 169 * 170 */ 171 static void irda_connect_confirm(void *instance, void *sap, 172 struct qos_info *qos, 173 __u32 max_sdu_size, __u8 max_header_size, 174 struct sk_buff *skb) 175 { 176 struct irda_sock *self; 177 struct sock *sk; 178 179 self = instance; 180 181 pr_debug("%s(%p)\n", __func__, self); 182 183 sk = instance; 184 if (sk == NULL) { 185 dev_kfree_skb(skb); 186 return; 187 } 188 189 dev_kfree_skb(skb); 190 // Should be ??? skb_queue_tail(&sk->sk_receive_queue, skb); 191 192 /* How much header space do we need to reserve */ 193 self->max_header_size = max_header_size; 194 195 /* IrTTP max SDU size in transmit direction */ 196 self->max_sdu_size_tx = max_sdu_size; 197 198 /* Find out what the largest chunk of data that we can transmit is */ 199 switch (sk->sk_type) { 200 case SOCK_STREAM: 201 if (max_sdu_size != 0) { 202 net_err_ratelimited("%s: max_sdu_size must be 0\n", 203 __func__); 204 return; 205 } 206 self->max_data_size = irttp_get_max_seg_size(self->tsap); 207 break; 208 case SOCK_SEQPACKET: 209 if (max_sdu_size == 0) { 210 net_err_ratelimited("%s: max_sdu_size cannot be 0\n", 211 __func__); 212 return; 213 } 214 self->max_data_size = max_sdu_size; 215 break; 216 default: 217 self->max_data_size = irttp_get_max_seg_size(self->tsap); 218 } 219 220 pr_debug("%s(), max_data_size=%d\n", __func__, 221 self->max_data_size); 222 223 memcpy(&self->qos_tx, qos, sizeof(struct qos_info)); 224 225 /* We are now connected! */ 226 sk->sk_state = TCP_ESTABLISHED; 227 sk->sk_state_change(sk); 228 } 229 230 /* 231 * Function irda_connect_indication(instance, sap, qos, max_sdu_size, userdata) 232 * 233 * Incoming connection 234 * 235 */ 236 static void irda_connect_indication(void *instance, void *sap, 237 struct qos_info *qos, __u32 max_sdu_size, 238 __u8 max_header_size, struct sk_buff *skb) 239 { 240 struct irda_sock *self; 241 struct sock *sk; 242 243 self = instance; 244 245 pr_debug("%s(%p)\n", __func__, self); 246 247 sk = instance; 248 if (sk == NULL) { 249 dev_kfree_skb(skb); 250 return; 251 } 252 253 /* How much header space do we need to reserve */ 254 self->max_header_size = max_header_size; 255 256 /* IrTTP max SDU size in transmit direction */ 257 self->max_sdu_size_tx = max_sdu_size; 258 259 /* Find out what the largest chunk of data that we can transmit is */ 260 switch (sk->sk_type) { 261 case SOCK_STREAM: 262 if (max_sdu_size != 0) { 263 net_err_ratelimited("%s: max_sdu_size must be 0\n", 264 __func__); 265 kfree_skb(skb); 266 return; 267 } 268 self->max_data_size = irttp_get_max_seg_size(self->tsap); 269 break; 270 case SOCK_SEQPACKET: 271 if (max_sdu_size == 0) { 272 net_err_ratelimited("%s: max_sdu_size cannot be 0\n", 273 __func__); 274 kfree_skb(skb); 275 return; 276 } 277 self->max_data_size = max_sdu_size; 278 break; 279 default: 280 self->max_data_size = irttp_get_max_seg_size(self->tsap); 281 } 282 283 pr_debug("%s(), max_data_size=%d\n", __func__, 284 self->max_data_size); 285 286 memcpy(&self->qos_tx, qos, sizeof(struct qos_info)); 287 288 skb_queue_tail(&sk->sk_receive_queue, skb); 289 sk->sk_state_change(sk); 290 } 291 292 /* 293 * Function irda_connect_response (handle) 294 * 295 * Accept incoming connection 296 * 297 */ 298 static void irda_connect_response(struct irda_sock *self) 299 { 300 struct sk_buff *skb; 301 302 skb = alloc_skb(TTP_MAX_HEADER + TTP_SAR_HEADER, GFP_KERNEL); 303 if (skb == NULL) { 304 pr_debug("%s() Unable to allocate sk_buff!\n", 305 __func__); 306 return; 307 } 308 309 /* Reserve space for MUX_CONTROL and LAP header */ 310 skb_reserve(skb, IRDA_MAX_HEADER); 311 312 irttp_connect_response(self->tsap, self->max_sdu_size_rx, skb); 313 } 314 315 /* 316 * Function irda_flow_indication (instance, sap, flow) 317 * 318 * Used by TinyTP to tell us if it can accept more data or not 319 * 320 */ 321 static void irda_flow_indication(void *instance, void *sap, LOCAL_FLOW flow) 322 { 323 struct irda_sock *self; 324 struct sock *sk; 325 326 self = instance; 327 sk = instance; 328 BUG_ON(sk == NULL); 329 330 switch (flow) { 331 case FLOW_STOP: 332 pr_debug("%s(), IrTTP wants us to slow down\n", 333 __func__); 334 self->tx_flow = flow; 335 break; 336 case FLOW_START: 337 self->tx_flow = flow; 338 pr_debug("%s(), IrTTP wants us to start again\n", 339 __func__); 340 wake_up_interruptible(sk_sleep(sk)); 341 break; 342 default: 343 pr_debug("%s(), Unknown flow command!\n", __func__); 344 /* Unknown flow command, better stop */ 345 self->tx_flow = flow; 346 break; 347 } 348 } 349 350 /* 351 * Function irda_getvalue_confirm (obj_id, value, priv) 352 * 353 * Got answer from remote LM-IAS, just pass object to requester... 354 * 355 * Note : duplicate from above, but we need our own version that 356 * doesn't touch the dtsap_sel and save the full value structure... 357 */ 358 static void irda_getvalue_confirm(int result, __u16 obj_id, 359 struct ias_value *value, void *priv) 360 { 361 struct irda_sock *self; 362 363 self = priv; 364 if (!self) { 365 net_warn_ratelimited("%s: lost myself!\n", __func__); 366 return; 367 } 368 369 pr_debug("%s(%p)\n", __func__, self); 370 371 /* We probably don't need to make any more queries */ 372 iriap_close(self->iriap); 373 self->iriap = NULL; 374 375 /* Check if request succeeded */ 376 if (result != IAS_SUCCESS) { 377 pr_debug("%s(), IAS query failed! (%d)\n", __func__, 378 result); 379 380 self->errno = result; /* We really need it later */ 381 382 /* Wake up any processes waiting for result */ 383 wake_up_interruptible(&self->query_wait); 384 385 return; 386 } 387 388 /* Pass the object to the caller (so the caller must delete it) */ 389 self->ias_result = value; 390 self->errno = 0; 391 392 /* Wake up any processes waiting for result */ 393 wake_up_interruptible(&self->query_wait); 394 } 395 396 /* 397 * Function irda_selective_discovery_indication (discovery) 398 * 399 * Got a selective discovery indication from IrLMP. 400 * 401 * IrLMP is telling us that this node is new and matching our hint bit 402 * filter. Wake up any process waiting for answer... 403 */ 404 static void irda_selective_discovery_indication(discinfo_t *discovery, 405 DISCOVERY_MODE mode, 406 void *priv) 407 { 408 struct irda_sock *self; 409 410 self = priv; 411 if (!self) { 412 net_warn_ratelimited("%s: lost myself!\n", __func__); 413 return; 414 } 415 416 /* Pass parameter to the caller */ 417 self->cachedaddr = discovery->daddr; 418 419 /* Wake up process if its waiting for device to be discovered */ 420 wake_up_interruptible(&self->query_wait); 421 } 422 423 /* 424 * Function irda_discovery_timeout (priv) 425 * 426 * Timeout in the selective discovery process 427 * 428 * We were waiting for a node to be discovered, but nothing has come up 429 * so far. Wake up the user and tell him that we failed... 430 */ 431 static void irda_discovery_timeout(u_long priv) 432 { 433 struct irda_sock *self; 434 435 self = (struct irda_sock *) priv; 436 BUG_ON(self == NULL); 437 438 /* Nothing for the caller */ 439 self->cachelog = NULL; 440 self->cachedaddr = 0; 441 self->errno = -ETIME; 442 443 /* Wake up process if its still waiting... */ 444 wake_up_interruptible(&self->query_wait); 445 } 446 447 /* 448 * Function irda_open_tsap (self) 449 * 450 * Open local Transport Service Access Point (TSAP) 451 * 452 */ 453 static int irda_open_tsap(struct irda_sock *self, __u8 tsap_sel, char *name) 454 { 455 notify_t notify; 456 457 if (self->tsap) { 458 pr_debug("%s: busy!\n", __func__); 459 return -EBUSY; 460 } 461 462 /* Initialize callbacks to be used by the IrDA stack */ 463 irda_notify_init(¬ify); 464 notify.connect_confirm = irda_connect_confirm; 465 notify.connect_indication = irda_connect_indication; 466 notify.disconnect_indication = irda_disconnect_indication; 467 notify.data_indication = irda_data_indication; 468 notify.udata_indication = irda_data_indication; 469 notify.flow_indication = irda_flow_indication; 470 notify.instance = self; 471 strncpy(notify.name, name, NOTIFY_MAX_NAME); 472 473 self->tsap = irttp_open_tsap(tsap_sel, DEFAULT_INITIAL_CREDIT, 474 ¬ify); 475 if (self->tsap == NULL) { 476 pr_debug("%s(), Unable to allocate TSAP!\n", 477 __func__); 478 return -ENOMEM; 479 } 480 /* Remember which TSAP selector we actually got */ 481 self->stsap_sel = self->tsap->stsap_sel; 482 483 return 0; 484 } 485 486 /* 487 * Function irda_open_lsap (self) 488 * 489 * Open local Link Service Access Point (LSAP). Used for opening Ultra 490 * sockets 491 */ 492 #ifdef CONFIG_IRDA_ULTRA 493 static int irda_open_lsap(struct irda_sock *self, int pid) 494 { 495 notify_t notify; 496 497 if (self->lsap) { 498 net_warn_ratelimited("%s(), busy!\n", __func__); 499 return -EBUSY; 500 } 501 502 /* Initialize callbacks to be used by the IrDA stack */ 503 irda_notify_init(¬ify); 504 notify.udata_indication = irda_data_indication; 505 notify.instance = self; 506 strncpy(notify.name, "Ultra", NOTIFY_MAX_NAME); 507 508 self->lsap = irlmp_open_lsap(LSAP_CONNLESS, ¬ify, pid); 509 if (self->lsap == NULL) { 510 pr_debug("%s(), Unable to allocate LSAP!\n", __func__); 511 return -ENOMEM; 512 } 513 514 return 0; 515 } 516 #endif /* CONFIG_IRDA_ULTRA */ 517 518 /* 519 * Function irda_find_lsap_sel (self, name) 520 * 521 * Try to lookup LSAP selector in remote LM-IAS 522 * 523 * Basically, we start a IAP query, and then go to sleep. When the query 524 * return, irda_getvalue_confirm will wake us up, and we can examine the 525 * result of the query... 526 * Note that in some case, the query fail even before we go to sleep, 527 * creating some races... 528 */ 529 static int irda_find_lsap_sel(struct irda_sock *self, char *name) 530 { 531 pr_debug("%s(%p, %s)\n", __func__, self, name); 532 533 if (self->iriap) { 534 net_warn_ratelimited("%s(): busy with a previous query\n", 535 __func__); 536 return -EBUSY; 537 } 538 539 self->iriap = iriap_open(LSAP_ANY, IAS_CLIENT, self, 540 irda_getvalue_confirm); 541 if(self->iriap == NULL) 542 return -ENOMEM; 543 544 /* Treat unexpected wakeup as disconnect */ 545 self->errno = -EHOSTUNREACH; 546 547 /* Query remote LM-IAS */ 548 iriap_getvaluebyclass_request(self->iriap, self->saddr, self->daddr, 549 name, "IrDA:TinyTP:LsapSel"); 550 551 /* Wait for answer, if not yet finished (or failed) */ 552 if (wait_event_interruptible(self->query_wait, (self->iriap==NULL))) 553 /* Treat signals as disconnect */ 554 return -EHOSTUNREACH; 555 556 /* Check what happened */ 557 if (self->errno) 558 { 559 /* Requested object/attribute doesn't exist */ 560 if((self->errno == IAS_CLASS_UNKNOWN) || 561 (self->errno == IAS_ATTRIB_UNKNOWN)) 562 return -EADDRNOTAVAIL; 563 else 564 return -EHOSTUNREACH; 565 } 566 567 /* Get the remote TSAP selector */ 568 switch (self->ias_result->type) { 569 case IAS_INTEGER: 570 pr_debug("%s() int=%d\n", 571 __func__, self->ias_result->t.integer); 572 573 if (self->ias_result->t.integer != -1) 574 self->dtsap_sel = self->ias_result->t.integer; 575 else 576 self->dtsap_sel = 0; 577 break; 578 default: 579 self->dtsap_sel = 0; 580 pr_debug("%s(), bad type!\n", __func__); 581 break; 582 } 583 if (self->ias_result) 584 irias_delete_value(self->ias_result); 585 586 if (self->dtsap_sel) 587 return 0; 588 589 return -EADDRNOTAVAIL; 590 } 591 592 /* 593 * Function irda_discover_daddr_and_lsap_sel (self, name) 594 * 595 * This try to find a device with the requested service. 596 * 597 * It basically look into the discovery log. For each address in the list, 598 * it queries the LM-IAS of the device to find if this device offer 599 * the requested service. 600 * If there is more than one node supporting the service, we complain 601 * to the user (it should move devices around). 602 * The, we set both the destination address and the lsap selector to point 603 * on the service on the unique device we have found. 604 * 605 * Note : this function fails if there is more than one device in range, 606 * because IrLMP doesn't disconnect the LAP when the last LSAP is closed. 607 * Moreover, we would need to wait the LAP disconnection... 608 */ 609 static int irda_discover_daddr_and_lsap_sel(struct irda_sock *self, char *name) 610 { 611 discinfo_t *discoveries; /* Copy of the discovery log */ 612 int number; /* Number of nodes in the log */ 613 int i; 614 int err = -ENETUNREACH; 615 __u32 daddr = DEV_ADDR_ANY; /* Address we found the service on */ 616 __u8 dtsap_sel = 0x0; /* TSAP associated with it */ 617 618 pr_debug("%s(), name=%s\n", __func__, name); 619 620 /* Ask lmp for the current discovery log 621 * Note : we have to use irlmp_get_discoveries(), as opposed 622 * to play with the cachelog directly, because while we are 623 * making our ias query, le log might change... */ 624 discoveries = irlmp_get_discoveries(&number, self->mask.word, 625 self->nslots); 626 /* Check if the we got some results */ 627 if (discoveries == NULL) 628 return -ENETUNREACH; /* No nodes discovered */ 629 630 /* 631 * Now, check all discovered devices (if any), and connect 632 * client only about the services that the client is 633 * interested in... 634 */ 635 for(i = 0; i < number; i++) { 636 /* Try the address in the log */ 637 self->daddr = discoveries[i].daddr; 638 self->saddr = 0x0; 639 pr_debug("%s(), trying daddr = %08x\n", 640 __func__, self->daddr); 641 642 /* Query remote LM-IAS for this service */ 643 err = irda_find_lsap_sel(self, name); 644 switch (err) { 645 case 0: 646 /* We found the requested service */ 647 if(daddr != DEV_ADDR_ANY) { 648 pr_debug("%s(), discovered service ''%s'' in two different devices !!!\n", 649 __func__, name); 650 self->daddr = DEV_ADDR_ANY; 651 kfree(discoveries); 652 return -ENOTUNIQ; 653 } 654 /* First time we found that one, save it ! */ 655 daddr = self->daddr; 656 dtsap_sel = self->dtsap_sel; 657 break; 658 case -EADDRNOTAVAIL: 659 /* Requested service simply doesn't exist on this node */ 660 break; 661 default: 662 /* Something bad did happen :-( */ 663 pr_debug("%s(), unexpected IAS query failure\n", 664 __func__); 665 self->daddr = DEV_ADDR_ANY; 666 kfree(discoveries); 667 return -EHOSTUNREACH; 668 } 669 } 670 /* Cleanup our copy of the discovery log */ 671 kfree(discoveries); 672 673 /* Check out what we found */ 674 if(daddr == DEV_ADDR_ANY) { 675 pr_debug("%s(), cannot discover service ''%s'' in any device !!!\n", 676 __func__, name); 677 self->daddr = DEV_ADDR_ANY; 678 return -EADDRNOTAVAIL; 679 } 680 681 /* Revert back to discovered device & service */ 682 self->daddr = daddr; 683 self->saddr = 0x0; 684 self->dtsap_sel = dtsap_sel; 685 686 pr_debug("%s(), discovered requested service ''%s'' at address %08x\n", 687 __func__, name, self->daddr); 688 689 return 0; 690 } 691 692 /* 693 * Function irda_getname (sock, uaddr, uaddr_len, peer) 694 * 695 * Return the our own, or peers socket address (sockaddr_irda) 696 * 697 */ 698 static int irda_getname(struct socket *sock, struct sockaddr *uaddr, 699 int *uaddr_len, int peer) 700 { 701 struct sockaddr_irda saddr; 702 struct sock *sk = sock->sk; 703 struct irda_sock *self = irda_sk(sk); 704 705 memset(&saddr, 0, sizeof(saddr)); 706 if (peer) { 707 if (sk->sk_state != TCP_ESTABLISHED) 708 return -ENOTCONN; 709 710 saddr.sir_family = AF_IRDA; 711 saddr.sir_lsap_sel = self->dtsap_sel; 712 saddr.sir_addr = self->daddr; 713 } else { 714 saddr.sir_family = AF_IRDA; 715 saddr.sir_lsap_sel = self->stsap_sel; 716 saddr.sir_addr = self->saddr; 717 } 718 719 pr_debug("%s(), tsap_sel = %#x\n", __func__, saddr.sir_lsap_sel); 720 pr_debug("%s(), addr = %08x\n", __func__, saddr.sir_addr); 721 722 /* uaddr_len come to us uninitialised */ 723 *uaddr_len = sizeof (struct sockaddr_irda); 724 memcpy(uaddr, &saddr, *uaddr_len); 725 726 return 0; 727 } 728 729 /* 730 * Function irda_listen (sock, backlog) 731 * 732 * Just move to the listen state 733 * 734 */ 735 static int irda_listen(struct socket *sock, int backlog) 736 { 737 struct sock *sk = sock->sk; 738 int err = -EOPNOTSUPP; 739 740 lock_sock(sk); 741 742 if ((sk->sk_type != SOCK_STREAM) && (sk->sk_type != SOCK_SEQPACKET) && 743 (sk->sk_type != SOCK_DGRAM)) 744 goto out; 745 746 if (sk->sk_state != TCP_LISTEN) { 747 sk->sk_max_ack_backlog = backlog; 748 sk->sk_state = TCP_LISTEN; 749 750 err = 0; 751 } 752 out: 753 release_sock(sk); 754 755 return err; 756 } 757 758 /* 759 * Function irda_bind (sock, uaddr, addr_len) 760 * 761 * Used by servers to register their well known TSAP 762 * 763 */ 764 static int irda_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len) 765 { 766 struct sock *sk = sock->sk; 767 struct sockaddr_irda *addr = (struct sockaddr_irda *) uaddr; 768 struct irda_sock *self = irda_sk(sk); 769 int err; 770 771 pr_debug("%s(%p)\n", __func__, self); 772 773 if (addr_len != sizeof(struct sockaddr_irda)) 774 return -EINVAL; 775 776 lock_sock(sk); 777 #ifdef CONFIG_IRDA_ULTRA 778 /* Special care for Ultra sockets */ 779 if ((sk->sk_type == SOCK_DGRAM) && 780 (sk->sk_protocol == IRDAPROTO_ULTRA)) { 781 self->pid = addr->sir_lsap_sel; 782 err = -EOPNOTSUPP; 783 if (self->pid & 0x80) { 784 pr_debug("%s(), extension in PID not supp!\n", 785 __func__); 786 goto out; 787 } 788 err = irda_open_lsap(self, self->pid); 789 if (err < 0) 790 goto out; 791 792 /* Pretend we are connected */ 793 sock->state = SS_CONNECTED; 794 sk->sk_state = TCP_ESTABLISHED; 795 err = 0; 796 797 goto out; 798 } 799 #endif /* CONFIG_IRDA_ULTRA */ 800 801 self->ias_obj = irias_new_object(addr->sir_name, jiffies); 802 err = -ENOMEM; 803 if (self->ias_obj == NULL) 804 goto out; 805 806 err = irda_open_tsap(self, addr->sir_lsap_sel, addr->sir_name); 807 if (err < 0) { 808 irias_delete_object(self->ias_obj); 809 self->ias_obj = NULL; 810 goto out; 811 } 812 813 /* Register with LM-IAS */ 814 irias_add_integer_attrib(self->ias_obj, "IrDA:TinyTP:LsapSel", 815 self->stsap_sel, IAS_KERNEL_ATTR); 816 irias_insert_object(self->ias_obj); 817 818 err = 0; 819 out: 820 release_sock(sk); 821 return err; 822 } 823 824 /* 825 * Function irda_accept (sock, newsock, flags) 826 * 827 * Wait for incoming connection 828 * 829 */ 830 static int irda_accept(struct socket *sock, struct socket *newsock, int flags) 831 { 832 struct sock *sk = sock->sk; 833 struct irda_sock *new, *self = irda_sk(sk); 834 struct sock *newsk; 835 struct sk_buff *skb = NULL; 836 int err; 837 838 err = irda_create(sock_net(sk), newsock, sk->sk_protocol, 0); 839 if (err) 840 return err; 841 842 err = -EINVAL; 843 844 lock_sock(sk); 845 if (sock->state != SS_UNCONNECTED) 846 goto out; 847 848 if ((sk = sock->sk) == NULL) 849 goto out; 850 851 err = -EOPNOTSUPP; 852 if ((sk->sk_type != SOCK_STREAM) && (sk->sk_type != SOCK_SEQPACKET) && 853 (sk->sk_type != SOCK_DGRAM)) 854 goto out; 855 856 err = -EINVAL; 857 if (sk->sk_state != TCP_LISTEN) 858 goto out; 859 860 /* 861 * The read queue this time is holding sockets ready to use 862 * hooked into the SABM we saved 863 */ 864 865 /* 866 * We can perform the accept only if there is incoming data 867 * on the listening socket. 868 * So, we will block the caller until we receive any data. 869 * If the caller was waiting on select() or poll() before 870 * calling us, the data is waiting for us ;-) 871 * Jean II 872 */ 873 while (1) { 874 skb = skb_dequeue(&sk->sk_receive_queue); 875 if (skb) 876 break; 877 878 /* Non blocking operation */ 879 err = -EWOULDBLOCK; 880 if (flags & O_NONBLOCK) 881 goto out; 882 883 err = wait_event_interruptible(*(sk_sleep(sk)), 884 skb_peek(&sk->sk_receive_queue)); 885 if (err) 886 goto out; 887 } 888 889 newsk = newsock->sk; 890 err = -EIO; 891 if (newsk == NULL) 892 goto out; 893 894 newsk->sk_state = TCP_ESTABLISHED; 895 896 new = irda_sk(newsk); 897 898 /* Now attach up the new socket */ 899 new->tsap = irttp_dup(self->tsap, new); 900 err = -EPERM; /* value does not seem to make sense. -arnd */ 901 if (!new->tsap) { 902 pr_debug("%s(), dup failed!\n", __func__); 903 goto out; 904 } 905 906 new->stsap_sel = new->tsap->stsap_sel; 907 new->dtsap_sel = new->tsap->dtsap_sel; 908 new->saddr = irttp_get_saddr(new->tsap); 909 new->daddr = irttp_get_daddr(new->tsap); 910 911 new->max_sdu_size_tx = self->max_sdu_size_tx; 912 new->max_sdu_size_rx = self->max_sdu_size_rx; 913 new->max_data_size = self->max_data_size; 914 new->max_header_size = self->max_header_size; 915 916 memcpy(&new->qos_tx, &self->qos_tx, sizeof(struct qos_info)); 917 918 /* Clean up the original one to keep it in listen state */ 919 irttp_listen(self->tsap); 920 921 sk->sk_ack_backlog--; 922 923 newsock->state = SS_CONNECTED; 924 925 irda_connect_response(new); 926 err = 0; 927 out: 928 kfree_skb(skb); 929 release_sock(sk); 930 return err; 931 } 932 933 /* 934 * Function irda_connect (sock, uaddr, addr_len, flags) 935 * 936 * Connect to a IrDA device 937 * 938 * The main difference with a "standard" connect is that with IrDA we need 939 * to resolve the service name into a TSAP selector (in TCP, port number 940 * doesn't have to be resolved). 941 * Because of this service name resolution, we can offer "auto-connect", 942 * where we connect to a service without specifying a destination address. 943 * 944 * Note : by consulting "errno", the user space caller may learn the cause 945 * of the failure. Most of them are visible in the function, others may come 946 * from subroutines called and are listed here : 947 * o EBUSY : already processing a connect 948 * o EHOSTUNREACH : bad addr->sir_addr argument 949 * o EADDRNOTAVAIL : bad addr->sir_name argument 950 * o ENOTUNIQ : more than one node has addr->sir_name (auto-connect) 951 * o ENETUNREACH : no node found on the network (auto-connect) 952 */ 953 static int irda_connect(struct socket *sock, struct sockaddr *uaddr, 954 int addr_len, int flags) 955 { 956 struct sock *sk = sock->sk; 957 struct sockaddr_irda *addr = (struct sockaddr_irda *) uaddr; 958 struct irda_sock *self = irda_sk(sk); 959 int err; 960 961 pr_debug("%s(%p)\n", __func__, self); 962 963 lock_sock(sk); 964 /* Don't allow connect for Ultra sockets */ 965 err = -ESOCKTNOSUPPORT; 966 if ((sk->sk_type == SOCK_DGRAM) && (sk->sk_protocol == IRDAPROTO_ULTRA)) 967 goto out; 968 969 if (sk->sk_state == TCP_ESTABLISHED && sock->state == SS_CONNECTING) { 970 sock->state = SS_CONNECTED; 971 err = 0; 972 goto out; /* Connect completed during a ERESTARTSYS event */ 973 } 974 975 if (sk->sk_state == TCP_CLOSE && sock->state == SS_CONNECTING) { 976 sock->state = SS_UNCONNECTED; 977 err = -ECONNREFUSED; 978 goto out; 979 } 980 981 err = -EISCONN; /* No reconnect on a seqpacket socket */ 982 if (sk->sk_state == TCP_ESTABLISHED) 983 goto out; 984 985 sk->sk_state = TCP_CLOSE; 986 sock->state = SS_UNCONNECTED; 987 988 err = -EINVAL; 989 if (addr_len != sizeof(struct sockaddr_irda)) 990 goto out; 991 992 /* Check if user supplied any destination device address */ 993 if ((!addr->sir_addr) || (addr->sir_addr == DEV_ADDR_ANY)) { 994 /* Try to find one suitable */ 995 err = irda_discover_daddr_and_lsap_sel(self, addr->sir_name); 996 if (err) { 997 pr_debug("%s(), auto-connect failed!\n", __func__); 998 goto out; 999 } 1000 } else { 1001 /* Use the one provided by the user */ 1002 self->daddr = addr->sir_addr; 1003 pr_debug("%s(), daddr = %08x\n", __func__, self->daddr); 1004 1005 /* If we don't have a valid service name, we assume the 1006 * user want to connect on a specific LSAP. Prevent 1007 * the use of invalid LSAPs (IrLMP 1.1 p10). Jean II */ 1008 if((addr->sir_name[0] != '\0') || 1009 (addr->sir_lsap_sel >= 0x70)) { 1010 /* Query remote LM-IAS using service name */ 1011 err = irda_find_lsap_sel(self, addr->sir_name); 1012 if (err) { 1013 pr_debug("%s(), connect failed!\n", __func__); 1014 goto out; 1015 } 1016 } else { 1017 /* Directly connect to the remote LSAP 1018 * specified by the sir_lsap field. 1019 * Please use with caution, in IrDA LSAPs are 1020 * dynamic and there is no "well-known" LSAP. */ 1021 self->dtsap_sel = addr->sir_lsap_sel; 1022 } 1023 } 1024 1025 /* Check if we have opened a local TSAP */ 1026 if (!self->tsap) { 1027 err = irda_open_tsap(self, LSAP_ANY, addr->sir_name); 1028 if (err) 1029 goto out; 1030 } 1031 1032 /* Move to connecting socket, start sending Connect Requests */ 1033 sock->state = SS_CONNECTING; 1034 sk->sk_state = TCP_SYN_SENT; 1035 1036 /* Connect to remote device */ 1037 err = irttp_connect_request(self->tsap, self->dtsap_sel, 1038 self->saddr, self->daddr, NULL, 1039 self->max_sdu_size_rx, NULL); 1040 if (err) { 1041 pr_debug("%s(), connect failed!\n", __func__); 1042 goto out; 1043 } 1044 1045 /* Now the loop */ 1046 err = -EINPROGRESS; 1047 if (sk->sk_state != TCP_ESTABLISHED && (flags & O_NONBLOCK)) 1048 goto out; 1049 1050 err = -ERESTARTSYS; 1051 if (wait_event_interruptible(*(sk_sleep(sk)), 1052 (sk->sk_state != TCP_SYN_SENT))) 1053 goto out; 1054 1055 if (sk->sk_state != TCP_ESTABLISHED) { 1056 sock->state = SS_UNCONNECTED; 1057 err = sock_error(sk); 1058 if (!err) 1059 err = -ECONNRESET; 1060 goto out; 1061 } 1062 1063 sock->state = SS_CONNECTED; 1064 1065 /* At this point, IrLMP has assigned our source address */ 1066 self->saddr = irttp_get_saddr(self->tsap); 1067 err = 0; 1068 out: 1069 release_sock(sk); 1070 return err; 1071 } 1072 1073 static struct proto irda_proto = { 1074 .name = "IRDA", 1075 .owner = THIS_MODULE, 1076 .obj_size = sizeof(struct irda_sock), 1077 }; 1078 1079 /* 1080 * Function irda_create (sock, protocol) 1081 * 1082 * Create IrDA socket 1083 * 1084 */ 1085 static int irda_create(struct net *net, struct socket *sock, int protocol, 1086 int kern) 1087 { 1088 struct sock *sk; 1089 struct irda_sock *self; 1090 1091 if (protocol < 0 || protocol > SK_PROTOCOL_MAX) 1092 return -EINVAL; 1093 1094 if (net != &init_net) 1095 return -EAFNOSUPPORT; 1096 1097 /* Check for valid socket type */ 1098 switch (sock->type) { 1099 case SOCK_STREAM: /* For TTP connections with SAR disabled */ 1100 case SOCK_SEQPACKET: /* For TTP connections with SAR enabled */ 1101 case SOCK_DGRAM: /* For TTP Unitdata or LMP Ultra transfers */ 1102 break; 1103 default: 1104 return -ESOCKTNOSUPPORT; 1105 } 1106 1107 /* Allocate networking socket */ 1108 sk = sk_alloc(net, PF_IRDA, GFP_KERNEL, &irda_proto, kern); 1109 if (sk == NULL) 1110 return -ENOMEM; 1111 1112 self = irda_sk(sk); 1113 pr_debug("%s() : self is %p\n", __func__, self); 1114 1115 init_waitqueue_head(&self->query_wait); 1116 1117 switch (sock->type) { 1118 case SOCK_STREAM: 1119 sock->ops = &irda_stream_ops; 1120 self->max_sdu_size_rx = TTP_SAR_DISABLE; 1121 break; 1122 case SOCK_SEQPACKET: 1123 sock->ops = &irda_seqpacket_ops; 1124 self->max_sdu_size_rx = TTP_SAR_UNBOUND; 1125 break; 1126 case SOCK_DGRAM: 1127 switch (protocol) { 1128 #ifdef CONFIG_IRDA_ULTRA 1129 case IRDAPROTO_ULTRA: 1130 sock->ops = &irda_ultra_ops; 1131 /* Initialise now, because we may send on unbound 1132 * sockets. Jean II */ 1133 self->max_data_size = ULTRA_MAX_DATA - LMP_PID_HEADER; 1134 self->max_header_size = IRDA_MAX_HEADER + LMP_PID_HEADER; 1135 break; 1136 #endif /* CONFIG_IRDA_ULTRA */ 1137 case IRDAPROTO_UNITDATA: 1138 sock->ops = &irda_dgram_ops; 1139 /* We let Unitdata conn. be like seqpack conn. */ 1140 self->max_sdu_size_rx = TTP_SAR_UNBOUND; 1141 break; 1142 default: 1143 sk_free(sk); 1144 return -ESOCKTNOSUPPORT; 1145 } 1146 break; 1147 default: 1148 sk_free(sk); 1149 return -ESOCKTNOSUPPORT; 1150 } 1151 1152 /* Initialise networking socket struct */ 1153 sock_init_data(sock, sk); /* Note : set sk->sk_refcnt to 1 */ 1154 sk->sk_family = PF_IRDA; 1155 sk->sk_protocol = protocol; 1156 1157 /* Register as a client with IrLMP */ 1158 self->ckey = irlmp_register_client(0, NULL, NULL, NULL); 1159 self->mask.word = 0xffff; 1160 self->rx_flow = self->tx_flow = FLOW_START; 1161 self->nslots = DISCOVERY_DEFAULT_SLOTS; 1162 self->daddr = DEV_ADDR_ANY; /* Until we get connected */ 1163 self->saddr = 0x0; /* so IrLMP assign us any link */ 1164 return 0; 1165 } 1166 1167 /* 1168 * Function irda_destroy_socket (self) 1169 * 1170 * Destroy socket 1171 * 1172 */ 1173 static void irda_destroy_socket(struct irda_sock *self) 1174 { 1175 pr_debug("%s(%p)\n", __func__, self); 1176 1177 /* Unregister with IrLMP */ 1178 irlmp_unregister_client(self->ckey); 1179 irlmp_unregister_service(self->skey); 1180 1181 /* Unregister with LM-IAS */ 1182 if (self->ias_obj) { 1183 irias_delete_object(self->ias_obj); 1184 self->ias_obj = NULL; 1185 } 1186 1187 if (self->iriap) { 1188 iriap_close(self->iriap); 1189 self->iriap = NULL; 1190 } 1191 1192 if (self->tsap) { 1193 irttp_disconnect_request(self->tsap, NULL, P_NORMAL); 1194 irttp_close_tsap(self->tsap); 1195 self->tsap = NULL; 1196 } 1197 #ifdef CONFIG_IRDA_ULTRA 1198 if (self->lsap) { 1199 irlmp_close_lsap(self->lsap); 1200 self->lsap = NULL; 1201 } 1202 #endif /* CONFIG_IRDA_ULTRA */ 1203 } 1204 1205 /* 1206 * Function irda_release (sock) 1207 */ 1208 static int irda_release(struct socket *sock) 1209 { 1210 struct sock *sk = sock->sk; 1211 1212 if (sk == NULL) 1213 return 0; 1214 1215 lock_sock(sk); 1216 sk->sk_state = TCP_CLOSE; 1217 sk->sk_shutdown |= SEND_SHUTDOWN; 1218 sk->sk_state_change(sk); 1219 1220 /* Destroy IrDA socket */ 1221 irda_destroy_socket(irda_sk(sk)); 1222 1223 sock_orphan(sk); 1224 sock->sk = NULL; 1225 release_sock(sk); 1226 1227 /* Purge queues (see sock_init_data()) */ 1228 skb_queue_purge(&sk->sk_receive_queue); 1229 1230 /* Destroy networking socket if we are the last reference on it, 1231 * i.e. if(sk->sk_refcnt == 0) -> sk_free(sk) */ 1232 sock_put(sk); 1233 1234 /* Notes on socket locking and deallocation... - Jean II 1235 * In theory we should put pairs of sock_hold() / sock_put() to 1236 * prevent the socket to be destroyed whenever there is an 1237 * outstanding request or outstanding incoming packet or event. 1238 * 1239 * 1) This may include IAS request, both in connect and getsockopt. 1240 * Unfortunately, the situation is a bit more messy than it looks, 1241 * because we close iriap and kfree(self) above. 1242 * 1243 * 2) This may include selective discovery in getsockopt. 1244 * Same stuff as above, irlmp registration and self are gone. 1245 * 1246 * Probably 1 and 2 may not matter, because it's all triggered 1247 * by a process and the socket layer already prevent the 1248 * socket to go away while a process is holding it, through 1249 * sockfd_put() and fput()... 1250 * 1251 * 3) This may include deferred TSAP closure. In particular, 1252 * we may receive a late irda_disconnect_indication() 1253 * Fortunately, (tsap_cb *)->close_pend should protect us 1254 * from that. 1255 * 1256 * I did some testing on SMP, and it looks solid. And the socket 1257 * memory leak is now gone... - Jean II 1258 */ 1259 1260 return 0; 1261 } 1262 1263 /* 1264 * Function irda_sendmsg (sock, msg, len) 1265 * 1266 * Send message down to TinyTP. This function is used for both STREAM and 1267 * SEQPACK services. This is possible since it forces the client to 1268 * fragment the message if necessary 1269 */ 1270 static int irda_sendmsg(struct socket *sock, struct msghdr *msg, size_t len) 1271 { 1272 struct sock *sk = sock->sk; 1273 struct irda_sock *self; 1274 struct sk_buff *skb; 1275 int err = -EPIPE; 1276 1277 pr_debug("%s(), len=%zd\n", __func__, len); 1278 1279 /* Note : socket.c set MSG_EOR on SEQPACKET sockets */ 1280 if (msg->msg_flags & ~(MSG_DONTWAIT | MSG_EOR | MSG_CMSG_COMPAT | 1281 MSG_NOSIGNAL)) { 1282 return -EINVAL; 1283 } 1284 1285 lock_sock(sk); 1286 1287 if (sk->sk_shutdown & SEND_SHUTDOWN) 1288 goto out_err; 1289 1290 if (sk->sk_state != TCP_ESTABLISHED) { 1291 err = -ENOTCONN; 1292 goto out; 1293 } 1294 1295 self = irda_sk(sk); 1296 1297 /* Check if IrTTP is wants us to slow down */ 1298 1299 if (wait_event_interruptible(*(sk_sleep(sk)), 1300 (self->tx_flow != FLOW_STOP || sk->sk_state != TCP_ESTABLISHED))) { 1301 err = -ERESTARTSYS; 1302 goto out; 1303 } 1304 1305 /* Check if we are still connected */ 1306 if (sk->sk_state != TCP_ESTABLISHED) { 1307 err = -ENOTCONN; 1308 goto out; 1309 } 1310 1311 /* Check that we don't send out too big frames */ 1312 if (len > self->max_data_size) { 1313 pr_debug("%s(), Chopping frame from %zd to %d bytes!\n", 1314 __func__, len, self->max_data_size); 1315 len = self->max_data_size; 1316 } 1317 1318 skb = sock_alloc_send_skb(sk, len + self->max_header_size + 16, 1319 msg->msg_flags & MSG_DONTWAIT, &err); 1320 if (!skb) 1321 goto out_err; 1322 1323 skb_reserve(skb, self->max_header_size + 16); 1324 skb_reset_transport_header(skb); 1325 skb_put(skb, len); 1326 err = memcpy_from_msg(skb_transport_header(skb), msg, len); 1327 if (err) { 1328 kfree_skb(skb); 1329 goto out_err; 1330 } 1331 1332 /* 1333 * Just send the message to TinyTP, and let it deal with possible 1334 * errors. No need to duplicate all that here 1335 */ 1336 err = irttp_data_request(self->tsap, skb); 1337 if (err) { 1338 pr_debug("%s(), err=%d\n", __func__, err); 1339 goto out_err; 1340 } 1341 1342 release_sock(sk); 1343 /* Tell client how much data we actually sent */ 1344 return len; 1345 1346 out_err: 1347 err = sk_stream_error(sk, msg->msg_flags, err); 1348 out: 1349 release_sock(sk); 1350 return err; 1351 1352 } 1353 1354 /* 1355 * Function irda_recvmsg_dgram (sock, msg, size, flags) 1356 * 1357 * Try to receive message and copy it to user. The frame is discarded 1358 * after being read, regardless of how much the user actually read 1359 */ 1360 static int irda_recvmsg_dgram(struct socket *sock, struct msghdr *msg, 1361 size_t size, int flags) 1362 { 1363 struct sock *sk = sock->sk; 1364 struct irda_sock *self = irda_sk(sk); 1365 struct sk_buff *skb; 1366 size_t copied; 1367 int err; 1368 1369 skb = skb_recv_datagram(sk, flags & ~MSG_DONTWAIT, 1370 flags & MSG_DONTWAIT, &err); 1371 if (!skb) 1372 return err; 1373 1374 skb_reset_transport_header(skb); 1375 copied = skb->len; 1376 1377 if (copied > size) { 1378 pr_debug("%s(), Received truncated frame (%zd < %zd)!\n", 1379 __func__, copied, size); 1380 copied = size; 1381 msg->msg_flags |= MSG_TRUNC; 1382 } 1383 skb_copy_datagram_msg(skb, 0, msg, copied); 1384 1385 skb_free_datagram(sk, skb); 1386 1387 /* 1388 * Check if we have previously stopped IrTTP and we know 1389 * have more free space in our rx_queue. If so tell IrTTP 1390 * to start delivering frames again before our rx_queue gets 1391 * empty 1392 */ 1393 if (self->rx_flow == FLOW_STOP) { 1394 if ((atomic_read(&sk->sk_rmem_alloc) << 2) <= sk->sk_rcvbuf) { 1395 pr_debug("%s(), Starting IrTTP\n", __func__); 1396 self->rx_flow = FLOW_START; 1397 irttp_flow_request(self->tsap, FLOW_START); 1398 } 1399 } 1400 1401 return copied; 1402 } 1403 1404 /* 1405 * Function irda_recvmsg_stream (sock, msg, size, flags) 1406 */ 1407 static int irda_recvmsg_stream(struct socket *sock, struct msghdr *msg, 1408 size_t size, int flags) 1409 { 1410 struct sock *sk = sock->sk; 1411 struct irda_sock *self = irda_sk(sk); 1412 int noblock = flags & MSG_DONTWAIT; 1413 size_t copied = 0; 1414 int target, err; 1415 long timeo; 1416 1417 if ((err = sock_error(sk)) < 0) 1418 return err; 1419 1420 if (sock->flags & __SO_ACCEPTCON) 1421 return -EINVAL; 1422 1423 err =-EOPNOTSUPP; 1424 if (flags & MSG_OOB) 1425 return -EOPNOTSUPP; 1426 1427 err = 0; 1428 target = sock_rcvlowat(sk, flags & MSG_WAITALL, size); 1429 timeo = sock_rcvtimeo(sk, noblock); 1430 1431 do { 1432 int chunk; 1433 struct sk_buff *skb = skb_dequeue(&sk->sk_receive_queue); 1434 1435 if (skb == NULL) { 1436 DEFINE_WAIT(wait); 1437 err = 0; 1438 1439 if (copied >= target) 1440 break; 1441 1442 prepare_to_wait_exclusive(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE); 1443 1444 /* 1445 * POSIX 1003.1g mandates this order. 1446 */ 1447 err = sock_error(sk); 1448 if (err) 1449 ; 1450 else if (sk->sk_shutdown & RCV_SHUTDOWN) 1451 ; 1452 else if (noblock) 1453 err = -EAGAIN; 1454 else if (signal_pending(current)) 1455 err = sock_intr_errno(timeo); 1456 else if (sk->sk_state != TCP_ESTABLISHED) 1457 err = -ENOTCONN; 1458 else if (skb_peek(&sk->sk_receive_queue) == NULL) 1459 /* Wait process until data arrives */ 1460 schedule(); 1461 1462 finish_wait(sk_sleep(sk), &wait); 1463 1464 if (err) 1465 return err; 1466 if (sk->sk_shutdown & RCV_SHUTDOWN) 1467 break; 1468 1469 continue; 1470 } 1471 1472 chunk = min_t(unsigned int, skb->len, size); 1473 if (memcpy_to_msg(msg, skb->data, chunk)) { 1474 skb_queue_head(&sk->sk_receive_queue, skb); 1475 if (copied == 0) 1476 copied = -EFAULT; 1477 break; 1478 } 1479 copied += chunk; 1480 size -= chunk; 1481 1482 /* Mark read part of skb as used */ 1483 if (!(flags & MSG_PEEK)) { 1484 skb_pull(skb, chunk); 1485 1486 /* put the skb back if we didn't use it up.. */ 1487 if (skb->len) { 1488 pr_debug("%s(), back on q!\n", 1489 __func__); 1490 skb_queue_head(&sk->sk_receive_queue, skb); 1491 break; 1492 } 1493 1494 kfree_skb(skb); 1495 } else { 1496 pr_debug("%s() questionable!?\n", __func__); 1497 1498 /* put message back and return */ 1499 skb_queue_head(&sk->sk_receive_queue, skb); 1500 break; 1501 } 1502 } while (size); 1503 1504 /* 1505 * Check if we have previously stopped IrTTP and we know 1506 * have more free space in our rx_queue. If so tell IrTTP 1507 * to start delivering frames again before our rx_queue gets 1508 * empty 1509 */ 1510 if (self->rx_flow == FLOW_STOP) { 1511 if ((atomic_read(&sk->sk_rmem_alloc) << 2) <= sk->sk_rcvbuf) { 1512 pr_debug("%s(), Starting IrTTP\n", __func__); 1513 self->rx_flow = FLOW_START; 1514 irttp_flow_request(self->tsap, FLOW_START); 1515 } 1516 } 1517 1518 return copied; 1519 } 1520 1521 /* 1522 * Function irda_sendmsg_dgram (sock, msg, len) 1523 * 1524 * Send message down to TinyTP for the unreliable sequenced 1525 * packet service... 1526 * 1527 */ 1528 static int irda_sendmsg_dgram(struct socket *sock, struct msghdr *msg, 1529 size_t len) 1530 { 1531 struct sock *sk = sock->sk; 1532 struct irda_sock *self; 1533 struct sk_buff *skb; 1534 int err; 1535 1536 pr_debug("%s(), len=%zd\n", __func__, len); 1537 1538 if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_CMSG_COMPAT)) 1539 return -EINVAL; 1540 1541 lock_sock(sk); 1542 1543 if (sk->sk_shutdown & SEND_SHUTDOWN) { 1544 send_sig(SIGPIPE, current, 0); 1545 err = -EPIPE; 1546 goto out; 1547 } 1548 1549 err = -ENOTCONN; 1550 if (sk->sk_state != TCP_ESTABLISHED) 1551 goto out; 1552 1553 self = irda_sk(sk); 1554 1555 /* 1556 * Check that we don't send out too big frames. This is an unreliable 1557 * service, so we have no fragmentation and no coalescence 1558 */ 1559 if (len > self->max_data_size) { 1560 pr_debug("%s(), Warning too much data! Chopping frame from %zd to %d bytes!\n", 1561 __func__, len, self->max_data_size); 1562 len = self->max_data_size; 1563 } 1564 1565 skb = sock_alloc_send_skb(sk, len + self->max_header_size, 1566 msg->msg_flags & MSG_DONTWAIT, &err); 1567 err = -ENOBUFS; 1568 if (!skb) 1569 goto out; 1570 1571 skb_reserve(skb, self->max_header_size); 1572 skb_reset_transport_header(skb); 1573 1574 pr_debug("%s(), appending user data\n", __func__); 1575 skb_put(skb, len); 1576 err = memcpy_from_msg(skb_transport_header(skb), msg, len); 1577 if (err) { 1578 kfree_skb(skb); 1579 goto out; 1580 } 1581 1582 /* 1583 * Just send the message to TinyTP, and let it deal with possible 1584 * errors. No need to duplicate all that here 1585 */ 1586 err = irttp_udata_request(self->tsap, skb); 1587 if (err) { 1588 pr_debug("%s(), err=%d\n", __func__, err); 1589 goto out; 1590 } 1591 1592 release_sock(sk); 1593 return len; 1594 1595 out: 1596 release_sock(sk); 1597 return err; 1598 } 1599 1600 /* 1601 * Function irda_sendmsg_ultra (sock, msg, len) 1602 * 1603 * Send message down to IrLMP for the unreliable Ultra 1604 * packet service... 1605 */ 1606 #ifdef CONFIG_IRDA_ULTRA 1607 static int irda_sendmsg_ultra(struct socket *sock, struct msghdr *msg, 1608 size_t len) 1609 { 1610 struct sock *sk = sock->sk; 1611 struct irda_sock *self; 1612 __u8 pid = 0; 1613 int bound = 0; 1614 struct sk_buff *skb; 1615 int err; 1616 1617 pr_debug("%s(), len=%zd\n", __func__, len); 1618 1619 err = -EINVAL; 1620 if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_CMSG_COMPAT)) 1621 return -EINVAL; 1622 1623 lock_sock(sk); 1624 1625 err = -EPIPE; 1626 if (sk->sk_shutdown & SEND_SHUTDOWN) { 1627 send_sig(SIGPIPE, current, 0); 1628 goto out; 1629 } 1630 1631 self = irda_sk(sk); 1632 1633 /* Check if an address was specified with sendto. Jean II */ 1634 if (msg->msg_name) { 1635 DECLARE_SOCKADDR(struct sockaddr_irda *, addr, msg->msg_name); 1636 err = -EINVAL; 1637 /* Check address, extract pid. Jean II */ 1638 if (msg->msg_namelen < sizeof(*addr)) 1639 goto out; 1640 if (addr->sir_family != AF_IRDA) 1641 goto out; 1642 1643 pid = addr->sir_lsap_sel; 1644 if (pid & 0x80) { 1645 pr_debug("%s(), extension in PID not supp!\n", 1646 __func__); 1647 err = -EOPNOTSUPP; 1648 goto out; 1649 } 1650 } else { 1651 /* Check that the socket is properly bound to an Ultra 1652 * port. Jean II */ 1653 if ((self->lsap == NULL) || 1654 (sk->sk_state != TCP_ESTABLISHED)) { 1655 pr_debug("%s(), socket not bound to Ultra PID.\n", 1656 __func__); 1657 err = -ENOTCONN; 1658 goto out; 1659 } 1660 /* Use PID from socket */ 1661 bound = 1; 1662 } 1663 1664 /* 1665 * Check that we don't send out too big frames. This is an unreliable 1666 * service, so we have no fragmentation and no coalescence 1667 */ 1668 if (len > self->max_data_size) { 1669 pr_debug("%s(), Warning too much data! Chopping frame from %zd to %d bytes!\n", 1670 __func__, len, self->max_data_size); 1671 len = self->max_data_size; 1672 } 1673 1674 skb = sock_alloc_send_skb(sk, len + self->max_header_size, 1675 msg->msg_flags & MSG_DONTWAIT, &err); 1676 err = -ENOBUFS; 1677 if (!skb) 1678 goto out; 1679 1680 skb_reserve(skb, self->max_header_size); 1681 skb_reset_transport_header(skb); 1682 1683 pr_debug("%s(), appending user data\n", __func__); 1684 skb_put(skb, len); 1685 err = memcpy_from_msg(skb_transport_header(skb), msg, len); 1686 if (err) { 1687 kfree_skb(skb); 1688 goto out; 1689 } 1690 1691 err = irlmp_connless_data_request((bound ? self->lsap : NULL), 1692 skb, pid); 1693 if (err) 1694 pr_debug("%s(), err=%d\n", __func__, err); 1695 out: 1696 release_sock(sk); 1697 return err ? : len; 1698 } 1699 #endif /* CONFIG_IRDA_ULTRA */ 1700 1701 /* 1702 * Function irda_shutdown (sk, how) 1703 */ 1704 static int irda_shutdown(struct socket *sock, int how) 1705 { 1706 struct sock *sk = sock->sk; 1707 struct irda_sock *self = irda_sk(sk); 1708 1709 pr_debug("%s(%p)\n", __func__, self); 1710 1711 lock_sock(sk); 1712 1713 sk->sk_state = TCP_CLOSE; 1714 sk->sk_shutdown |= SEND_SHUTDOWN; 1715 sk->sk_state_change(sk); 1716 1717 if (self->iriap) { 1718 iriap_close(self->iriap); 1719 self->iriap = NULL; 1720 } 1721 1722 if (self->tsap) { 1723 irttp_disconnect_request(self->tsap, NULL, P_NORMAL); 1724 irttp_close_tsap(self->tsap); 1725 self->tsap = NULL; 1726 } 1727 1728 /* A few cleanup so the socket look as good as new... */ 1729 self->rx_flow = self->tx_flow = FLOW_START; /* needed ??? */ 1730 self->daddr = DEV_ADDR_ANY; /* Until we get re-connected */ 1731 self->saddr = 0x0; /* so IrLMP assign us any link */ 1732 1733 release_sock(sk); 1734 1735 return 0; 1736 } 1737 1738 /* 1739 * Function irda_poll (file, sock, wait) 1740 */ 1741 static unsigned int irda_poll(struct file * file, struct socket *sock, 1742 poll_table *wait) 1743 { 1744 struct sock *sk = sock->sk; 1745 struct irda_sock *self = irda_sk(sk); 1746 unsigned int mask; 1747 1748 poll_wait(file, sk_sleep(sk), wait); 1749 mask = 0; 1750 1751 /* Exceptional events? */ 1752 if (sk->sk_err) 1753 mask |= POLLERR; 1754 if (sk->sk_shutdown & RCV_SHUTDOWN) { 1755 pr_debug("%s(), POLLHUP\n", __func__); 1756 mask |= POLLHUP; 1757 } 1758 1759 /* Readable? */ 1760 if (!skb_queue_empty(&sk->sk_receive_queue)) { 1761 pr_debug("Socket is readable\n"); 1762 mask |= POLLIN | POLLRDNORM; 1763 } 1764 1765 /* Connection-based need to check for termination and startup */ 1766 switch (sk->sk_type) { 1767 case SOCK_STREAM: 1768 if (sk->sk_state == TCP_CLOSE) { 1769 pr_debug("%s(), POLLHUP\n", __func__); 1770 mask |= POLLHUP; 1771 } 1772 1773 if (sk->sk_state == TCP_ESTABLISHED) { 1774 if ((self->tx_flow == FLOW_START) && 1775 sock_writeable(sk)) 1776 { 1777 mask |= POLLOUT | POLLWRNORM | POLLWRBAND; 1778 } 1779 } 1780 break; 1781 case SOCK_SEQPACKET: 1782 if ((self->tx_flow == FLOW_START) && 1783 sock_writeable(sk)) 1784 { 1785 mask |= POLLOUT | POLLWRNORM | POLLWRBAND; 1786 } 1787 break; 1788 case SOCK_DGRAM: 1789 if (sock_writeable(sk)) 1790 mask |= POLLOUT | POLLWRNORM | POLLWRBAND; 1791 break; 1792 default: 1793 break; 1794 } 1795 1796 return mask; 1797 } 1798 1799 /* 1800 * Function irda_ioctl (sock, cmd, arg) 1801 */ 1802 static int irda_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg) 1803 { 1804 struct sock *sk = sock->sk; 1805 int err; 1806 1807 pr_debug("%s(), cmd=%#x\n", __func__, cmd); 1808 1809 err = -EINVAL; 1810 switch (cmd) { 1811 case TIOCOUTQ: { 1812 long amount; 1813 1814 amount = sk->sk_sndbuf - sk_wmem_alloc_get(sk); 1815 if (amount < 0) 1816 amount = 0; 1817 err = put_user(amount, (unsigned int __user *)arg); 1818 break; 1819 } 1820 1821 case TIOCINQ: { 1822 struct sk_buff *skb; 1823 long amount = 0L; 1824 /* These two are safe on a single CPU system as only user tasks fiddle here */ 1825 if ((skb = skb_peek(&sk->sk_receive_queue)) != NULL) 1826 amount = skb->len; 1827 err = put_user(amount, (unsigned int __user *)arg); 1828 break; 1829 } 1830 1831 case SIOCGSTAMP: 1832 if (sk != NULL) 1833 err = sock_get_timestamp(sk, (struct timeval __user *)arg); 1834 break; 1835 1836 case SIOCGIFADDR: 1837 case SIOCSIFADDR: 1838 case SIOCGIFDSTADDR: 1839 case SIOCSIFDSTADDR: 1840 case SIOCGIFBRDADDR: 1841 case SIOCSIFBRDADDR: 1842 case SIOCGIFNETMASK: 1843 case SIOCSIFNETMASK: 1844 case SIOCGIFMETRIC: 1845 case SIOCSIFMETRIC: 1846 break; 1847 default: 1848 pr_debug("%s(), doing device ioctl!\n", __func__); 1849 err = -ENOIOCTLCMD; 1850 } 1851 1852 return err; 1853 } 1854 1855 #ifdef CONFIG_COMPAT 1856 /* 1857 * Function irda_ioctl (sock, cmd, arg) 1858 */ 1859 static int irda_compat_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg) 1860 { 1861 /* 1862 * All IRDA's ioctl are standard ones. 1863 */ 1864 return -ENOIOCTLCMD; 1865 } 1866 #endif 1867 1868 /* 1869 * Function irda_setsockopt (sock, level, optname, optval, optlen) 1870 * 1871 * Set some options for the socket 1872 * 1873 */ 1874 static int irda_setsockopt(struct socket *sock, int level, int optname, 1875 char __user *optval, unsigned int optlen) 1876 { 1877 struct sock *sk = sock->sk; 1878 struct irda_sock *self = irda_sk(sk); 1879 struct irda_ias_set *ias_opt; 1880 struct ias_object *ias_obj; 1881 struct ias_attrib * ias_attr; /* Attribute in IAS object */ 1882 int opt, free_ias = 0, err = 0; 1883 1884 pr_debug("%s(%p)\n", __func__, self); 1885 1886 if (level != SOL_IRLMP) 1887 return -ENOPROTOOPT; 1888 1889 lock_sock(sk); 1890 1891 switch (optname) { 1892 case IRLMP_IAS_SET: 1893 /* The user want to add an attribute to an existing IAS object 1894 * (in the IAS database) or to create a new object with this 1895 * attribute. 1896 * We first query IAS to know if the object exist, and then 1897 * create the right attribute... 1898 */ 1899 1900 if (optlen != sizeof(struct irda_ias_set)) { 1901 err = -EINVAL; 1902 goto out; 1903 } 1904 1905 ias_opt = kmalloc(sizeof(struct irda_ias_set), GFP_ATOMIC); 1906 if (ias_opt == NULL) { 1907 err = -ENOMEM; 1908 goto out; 1909 } 1910 1911 /* Copy query to the driver. */ 1912 if (copy_from_user(ias_opt, optval, optlen)) { 1913 kfree(ias_opt); 1914 err = -EFAULT; 1915 goto out; 1916 } 1917 1918 /* Find the object we target. 1919 * If the user gives us an empty string, we use the object 1920 * associated with this socket. This will workaround 1921 * duplicated class name - Jean II */ 1922 if(ias_opt->irda_class_name[0] == '\0') { 1923 if(self->ias_obj == NULL) { 1924 kfree(ias_opt); 1925 err = -EINVAL; 1926 goto out; 1927 } 1928 ias_obj = self->ias_obj; 1929 } else 1930 ias_obj = irias_find_object(ias_opt->irda_class_name); 1931 1932 /* Only ROOT can mess with the global IAS database. 1933 * Users can only add attributes to the object associated 1934 * with the socket they own - Jean II */ 1935 if((!capable(CAP_NET_ADMIN)) && 1936 ((ias_obj == NULL) || (ias_obj != self->ias_obj))) { 1937 kfree(ias_opt); 1938 err = -EPERM; 1939 goto out; 1940 } 1941 1942 /* If the object doesn't exist, create it */ 1943 if(ias_obj == (struct ias_object *) NULL) { 1944 /* Create a new object */ 1945 ias_obj = irias_new_object(ias_opt->irda_class_name, 1946 jiffies); 1947 if (ias_obj == NULL) { 1948 kfree(ias_opt); 1949 err = -ENOMEM; 1950 goto out; 1951 } 1952 free_ias = 1; 1953 } 1954 1955 /* Do we have the attribute already ? */ 1956 if(irias_find_attrib(ias_obj, ias_opt->irda_attrib_name)) { 1957 kfree(ias_opt); 1958 if (free_ias) { 1959 kfree(ias_obj->name); 1960 kfree(ias_obj); 1961 } 1962 err = -EINVAL; 1963 goto out; 1964 } 1965 1966 /* Look at the type */ 1967 switch(ias_opt->irda_attrib_type) { 1968 case IAS_INTEGER: 1969 /* Add an integer attribute */ 1970 irias_add_integer_attrib( 1971 ias_obj, 1972 ias_opt->irda_attrib_name, 1973 ias_opt->attribute.irda_attrib_int, 1974 IAS_USER_ATTR); 1975 break; 1976 case IAS_OCT_SEQ: 1977 /* Check length */ 1978 if(ias_opt->attribute.irda_attrib_octet_seq.len > 1979 IAS_MAX_OCTET_STRING) { 1980 kfree(ias_opt); 1981 if (free_ias) { 1982 kfree(ias_obj->name); 1983 kfree(ias_obj); 1984 } 1985 1986 err = -EINVAL; 1987 goto out; 1988 } 1989 /* Add an octet sequence attribute */ 1990 irias_add_octseq_attrib( 1991 ias_obj, 1992 ias_opt->irda_attrib_name, 1993 ias_opt->attribute.irda_attrib_octet_seq.octet_seq, 1994 ias_opt->attribute.irda_attrib_octet_seq.len, 1995 IAS_USER_ATTR); 1996 break; 1997 case IAS_STRING: 1998 /* Should check charset & co */ 1999 /* Check length */ 2000 /* The length is encoded in a __u8, and 2001 * IAS_MAX_STRING == 256, so there is no way 2002 * userspace can pass us a string too large. 2003 * Jean II */ 2004 /* NULL terminate the string (avoid troubles) */ 2005 ias_opt->attribute.irda_attrib_string.string[ias_opt->attribute.irda_attrib_string.len] = '\0'; 2006 /* Add a string attribute */ 2007 irias_add_string_attrib( 2008 ias_obj, 2009 ias_opt->irda_attrib_name, 2010 ias_opt->attribute.irda_attrib_string.string, 2011 IAS_USER_ATTR); 2012 break; 2013 default : 2014 kfree(ias_opt); 2015 if (free_ias) { 2016 kfree(ias_obj->name); 2017 kfree(ias_obj); 2018 } 2019 err = -EINVAL; 2020 goto out; 2021 } 2022 irias_insert_object(ias_obj); 2023 kfree(ias_opt); 2024 break; 2025 case IRLMP_IAS_DEL: 2026 /* The user want to delete an object from our local IAS 2027 * database. We just need to query the IAS, check is the 2028 * object is not owned by the kernel and delete it. 2029 */ 2030 2031 if (optlen != sizeof(struct irda_ias_set)) { 2032 err = -EINVAL; 2033 goto out; 2034 } 2035 2036 ias_opt = kmalloc(sizeof(struct irda_ias_set), GFP_ATOMIC); 2037 if (ias_opt == NULL) { 2038 err = -ENOMEM; 2039 goto out; 2040 } 2041 2042 /* Copy query to the driver. */ 2043 if (copy_from_user(ias_opt, optval, optlen)) { 2044 kfree(ias_opt); 2045 err = -EFAULT; 2046 goto out; 2047 } 2048 2049 /* Find the object we target. 2050 * If the user gives us an empty string, we use the object 2051 * associated with this socket. This will workaround 2052 * duplicated class name - Jean II */ 2053 if(ias_opt->irda_class_name[0] == '\0') 2054 ias_obj = self->ias_obj; 2055 else 2056 ias_obj = irias_find_object(ias_opt->irda_class_name); 2057 if(ias_obj == (struct ias_object *) NULL) { 2058 kfree(ias_opt); 2059 err = -EINVAL; 2060 goto out; 2061 } 2062 2063 /* Only ROOT can mess with the global IAS database. 2064 * Users can only del attributes from the object associated 2065 * with the socket they own - Jean II */ 2066 if((!capable(CAP_NET_ADMIN)) && 2067 ((ias_obj == NULL) || (ias_obj != self->ias_obj))) { 2068 kfree(ias_opt); 2069 err = -EPERM; 2070 goto out; 2071 } 2072 2073 /* Find the attribute (in the object) we target */ 2074 ias_attr = irias_find_attrib(ias_obj, 2075 ias_opt->irda_attrib_name); 2076 if(ias_attr == (struct ias_attrib *) NULL) { 2077 kfree(ias_opt); 2078 err = -EINVAL; 2079 goto out; 2080 } 2081 2082 /* Check is the user space own the object */ 2083 if(ias_attr->value->owner != IAS_USER_ATTR) { 2084 pr_debug("%s(), attempting to delete a kernel attribute\n", 2085 __func__); 2086 kfree(ias_opt); 2087 err = -EPERM; 2088 goto out; 2089 } 2090 2091 /* Remove the attribute (and maybe the object) */ 2092 irias_delete_attrib(ias_obj, ias_attr, 1); 2093 kfree(ias_opt); 2094 break; 2095 case IRLMP_MAX_SDU_SIZE: 2096 if (optlen < sizeof(int)) { 2097 err = -EINVAL; 2098 goto out; 2099 } 2100 2101 if (get_user(opt, (int __user *)optval)) { 2102 err = -EFAULT; 2103 goto out; 2104 } 2105 2106 /* Only possible for a seqpacket service (TTP with SAR) */ 2107 if (sk->sk_type != SOCK_SEQPACKET) { 2108 pr_debug("%s(), setting max_sdu_size = %d\n", 2109 __func__, opt); 2110 self->max_sdu_size_rx = opt; 2111 } else { 2112 net_warn_ratelimited("%s: not allowed to set MAXSDUSIZE for this socket type!\n", 2113 __func__); 2114 err = -ENOPROTOOPT; 2115 goto out; 2116 } 2117 break; 2118 case IRLMP_HINTS_SET: 2119 if (optlen < sizeof(int)) { 2120 err = -EINVAL; 2121 goto out; 2122 } 2123 2124 /* The input is really a (__u8 hints[2]), easier as an int */ 2125 if (get_user(opt, (int __user *)optval)) { 2126 err = -EFAULT; 2127 goto out; 2128 } 2129 2130 /* Unregister any old registration */ 2131 irlmp_unregister_service(self->skey); 2132 2133 self->skey = irlmp_register_service((__u16) opt); 2134 break; 2135 case IRLMP_HINT_MASK_SET: 2136 /* As opposed to the previous case which set the hint bits 2137 * that we advertise, this one set the filter we use when 2138 * making a discovery (nodes which don't match any hint 2139 * bit in the mask are not reported). 2140 */ 2141 if (optlen < sizeof(int)) { 2142 err = -EINVAL; 2143 goto out; 2144 } 2145 2146 /* The input is really a (__u8 hints[2]), easier as an int */ 2147 if (get_user(opt, (int __user *)optval)) { 2148 err = -EFAULT; 2149 goto out; 2150 } 2151 2152 /* Set the new hint mask */ 2153 self->mask.word = (__u16) opt; 2154 /* Mask out extension bits */ 2155 self->mask.word &= 0x7f7f; 2156 /* Check if no bits */ 2157 if(!self->mask.word) 2158 self->mask.word = 0xFFFF; 2159 2160 break; 2161 default: 2162 err = -ENOPROTOOPT; 2163 break; 2164 } 2165 2166 out: 2167 release_sock(sk); 2168 2169 return err; 2170 } 2171 2172 /* 2173 * Function irda_extract_ias_value(ias_opt, ias_value) 2174 * 2175 * Translate internal IAS value structure to the user space representation 2176 * 2177 * The external representation of IAS values, as we exchange them with 2178 * user space program is quite different from the internal representation, 2179 * as stored in the IAS database (because we need a flat structure for 2180 * crossing kernel boundary). 2181 * This function transform the former in the latter. We also check 2182 * that the value type is valid. 2183 */ 2184 static int irda_extract_ias_value(struct irda_ias_set *ias_opt, 2185 struct ias_value *ias_value) 2186 { 2187 /* Look at the type */ 2188 switch (ias_value->type) { 2189 case IAS_INTEGER: 2190 /* Copy the integer */ 2191 ias_opt->attribute.irda_attrib_int = ias_value->t.integer; 2192 break; 2193 case IAS_OCT_SEQ: 2194 /* Set length */ 2195 ias_opt->attribute.irda_attrib_octet_seq.len = ias_value->len; 2196 /* Copy over */ 2197 memcpy(ias_opt->attribute.irda_attrib_octet_seq.octet_seq, 2198 ias_value->t.oct_seq, ias_value->len); 2199 break; 2200 case IAS_STRING: 2201 /* Set length */ 2202 ias_opt->attribute.irda_attrib_string.len = ias_value->len; 2203 ias_opt->attribute.irda_attrib_string.charset = ias_value->charset; 2204 /* Copy over */ 2205 memcpy(ias_opt->attribute.irda_attrib_string.string, 2206 ias_value->t.string, ias_value->len); 2207 /* NULL terminate the string (avoid troubles) */ 2208 ias_opt->attribute.irda_attrib_string.string[ias_value->len] = '\0'; 2209 break; 2210 case IAS_MISSING: 2211 default : 2212 return -EINVAL; 2213 } 2214 2215 /* Copy type over */ 2216 ias_opt->irda_attrib_type = ias_value->type; 2217 2218 return 0; 2219 } 2220 2221 /* 2222 * Function irda_getsockopt (sock, level, optname, optval, optlen) 2223 */ 2224 static int irda_getsockopt(struct socket *sock, int level, int optname, 2225 char __user *optval, int __user *optlen) 2226 { 2227 struct sock *sk = sock->sk; 2228 struct irda_sock *self = irda_sk(sk); 2229 struct irda_device_list list; 2230 struct irda_device_info *discoveries; 2231 struct irda_ias_set * ias_opt; /* IAS get/query params */ 2232 struct ias_object * ias_obj; /* Object in IAS */ 2233 struct ias_attrib * ias_attr; /* Attribute in IAS object */ 2234 int daddr = DEV_ADDR_ANY; /* Dest address for IAS queries */ 2235 int val = 0; 2236 int len = 0; 2237 int err = 0; 2238 int offset, total; 2239 2240 pr_debug("%s(%p)\n", __func__, self); 2241 2242 if (level != SOL_IRLMP) 2243 return -ENOPROTOOPT; 2244 2245 if (get_user(len, optlen)) 2246 return -EFAULT; 2247 2248 if(len < 0) 2249 return -EINVAL; 2250 2251 lock_sock(sk); 2252 2253 switch (optname) { 2254 case IRLMP_ENUMDEVICES: 2255 2256 /* Offset to first device entry */ 2257 offset = sizeof(struct irda_device_list) - 2258 sizeof(struct irda_device_info); 2259 2260 if (len < offset) { 2261 err = -EINVAL; 2262 goto out; 2263 } 2264 2265 /* Ask lmp for the current discovery log */ 2266 discoveries = irlmp_get_discoveries(&list.len, self->mask.word, 2267 self->nslots); 2268 /* Check if the we got some results */ 2269 if (discoveries == NULL) { 2270 err = -EAGAIN; 2271 goto out; /* Didn't find any devices */ 2272 } 2273 2274 /* Write total list length back to client */ 2275 if (copy_to_user(optval, &list, offset)) 2276 err = -EFAULT; 2277 2278 /* Copy the list itself - watch for overflow */ 2279 if (list.len > 2048) { 2280 err = -EINVAL; 2281 goto bed; 2282 } 2283 total = offset + (list.len * sizeof(struct irda_device_info)); 2284 if (total > len) 2285 total = len; 2286 if (copy_to_user(optval+offset, discoveries, total - offset)) 2287 err = -EFAULT; 2288 2289 /* Write total number of bytes used back to client */ 2290 if (put_user(total, optlen)) 2291 err = -EFAULT; 2292 bed: 2293 /* Free up our buffer */ 2294 kfree(discoveries); 2295 break; 2296 case IRLMP_MAX_SDU_SIZE: 2297 val = self->max_data_size; 2298 len = sizeof(int); 2299 if (put_user(len, optlen)) { 2300 err = -EFAULT; 2301 goto out; 2302 } 2303 2304 if (copy_to_user(optval, &val, len)) { 2305 err = -EFAULT; 2306 goto out; 2307 } 2308 2309 break; 2310 case IRLMP_IAS_GET: 2311 /* The user want an object from our local IAS database. 2312 * We just need to query the IAS and return the value 2313 * that we found */ 2314 2315 /* Check that the user has allocated the right space for us */ 2316 if (len != sizeof(struct irda_ias_set)) { 2317 err = -EINVAL; 2318 goto out; 2319 } 2320 2321 ias_opt = kmalloc(sizeof(struct irda_ias_set), GFP_ATOMIC); 2322 if (ias_opt == NULL) { 2323 err = -ENOMEM; 2324 goto out; 2325 } 2326 2327 /* Copy query to the driver. */ 2328 if (copy_from_user(ias_opt, optval, len)) { 2329 kfree(ias_opt); 2330 err = -EFAULT; 2331 goto out; 2332 } 2333 2334 /* Find the object we target. 2335 * If the user gives us an empty string, we use the object 2336 * associated with this socket. This will workaround 2337 * duplicated class name - Jean II */ 2338 if(ias_opt->irda_class_name[0] == '\0') 2339 ias_obj = self->ias_obj; 2340 else 2341 ias_obj = irias_find_object(ias_opt->irda_class_name); 2342 if(ias_obj == (struct ias_object *) NULL) { 2343 kfree(ias_opt); 2344 err = -EINVAL; 2345 goto out; 2346 } 2347 2348 /* Find the attribute (in the object) we target */ 2349 ias_attr = irias_find_attrib(ias_obj, 2350 ias_opt->irda_attrib_name); 2351 if(ias_attr == (struct ias_attrib *) NULL) { 2352 kfree(ias_opt); 2353 err = -EINVAL; 2354 goto out; 2355 } 2356 2357 /* Translate from internal to user structure */ 2358 err = irda_extract_ias_value(ias_opt, ias_attr->value); 2359 if(err) { 2360 kfree(ias_opt); 2361 goto out; 2362 } 2363 2364 /* Copy reply to the user */ 2365 if (copy_to_user(optval, ias_opt, 2366 sizeof(struct irda_ias_set))) { 2367 kfree(ias_opt); 2368 err = -EFAULT; 2369 goto out; 2370 } 2371 /* Note : don't need to put optlen, we checked it */ 2372 kfree(ias_opt); 2373 break; 2374 case IRLMP_IAS_QUERY: 2375 /* The user want an object from a remote IAS database. 2376 * We need to use IAP to query the remote database and 2377 * then wait for the answer to come back. */ 2378 2379 /* Check that the user has allocated the right space for us */ 2380 if (len != sizeof(struct irda_ias_set)) { 2381 err = -EINVAL; 2382 goto out; 2383 } 2384 2385 ias_opt = kmalloc(sizeof(struct irda_ias_set), GFP_ATOMIC); 2386 if (ias_opt == NULL) { 2387 err = -ENOMEM; 2388 goto out; 2389 } 2390 2391 /* Copy query to the driver. */ 2392 if (copy_from_user(ias_opt, optval, len)) { 2393 kfree(ias_opt); 2394 err = -EFAULT; 2395 goto out; 2396 } 2397 2398 /* At this point, there are two cases... 2399 * 1) the socket is connected - that's the easy case, we 2400 * just query the device we are connected to... 2401 * 2) the socket is not connected - the user doesn't want 2402 * to connect and/or may not have a valid service name 2403 * (so can't create a fake connection). In this case, 2404 * we assume that the user pass us a valid destination 2405 * address in the requesting structure... 2406 */ 2407 if(self->daddr != DEV_ADDR_ANY) { 2408 /* We are connected - reuse known daddr */ 2409 daddr = self->daddr; 2410 } else { 2411 /* We are not connected, we must specify a valid 2412 * destination address */ 2413 daddr = ias_opt->daddr; 2414 if((!daddr) || (daddr == DEV_ADDR_ANY)) { 2415 kfree(ias_opt); 2416 err = -EINVAL; 2417 goto out; 2418 } 2419 } 2420 2421 /* Check that we can proceed with IAP */ 2422 if (self->iriap) { 2423 net_warn_ratelimited("%s: busy with a previous query\n", 2424 __func__); 2425 kfree(ias_opt); 2426 err = -EBUSY; 2427 goto out; 2428 } 2429 2430 self->iriap = iriap_open(LSAP_ANY, IAS_CLIENT, self, 2431 irda_getvalue_confirm); 2432 2433 if (self->iriap == NULL) { 2434 kfree(ias_opt); 2435 err = -ENOMEM; 2436 goto out; 2437 } 2438 2439 /* Treat unexpected wakeup as disconnect */ 2440 self->errno = -EHOSTUNREACH; 2441 2442 /* Query remote LM-IAS */ 2443 iriap_getvaluebyclass_request(self->iriap, 2444 self->saddr, daddr, 2445 ias_opt->irda_class_name, 2446 ias_opt->irda_attrib_name); 2447 2448 /* Wait for answer, if not yet finished (or failed) */ 2449 if (wait_event_interruptible(self->query_wait, 2450 (self->iriap == NULL))) { 2451 /* pending request uses copy of ias_opt-content 2452 * we can free it regardless! */ 2453 kfree(ias_opt); 2454 /* Treat signals as disconnect */ 2455 err = -EHOSTUNREACH; 2456 goto out; 2457 } 2458 2459 /* Check what happened */ 2460 if (self->errno) 2461 { 2462 kfree(ias_opt); 2463 /* Requested object/attribute doesn't exist */ 2464 if((self->errno == IAS_CLASS_UNKNOWN) || 2465 (self->errno == IAS_ATTRIB_UNKNOWN)) 2466 err = -EADDRNOTAVAIL; 2467 else 2468 err = -EHOSTUNREACH; 2469 2470 goto out; 2471 } 2472 2473 /* Translate from internal to user structure */ 2474 err = irda_extract_ias_value(ias_opt, self->ias_result); 2475 if (self->ias_result) 2476 irias_delete_value(self->ias_result); 2477 if (err) { 2478 kfree(ias_opt); 2479 goto out; 2480 } 2481 2482 /* Copy reply to the user */ 2483 if (copy_to_user(optval, ias_opt, 2484 sizeof(struct irda_ias_set))) { 2485 kfree(ias_opt); 2486 err = -EFAULT; 2487 goto out; 2488 } 2489 /* Note : don't need to put optlen, we checked it */ 2490 kfree(ias_opt); 2491 break; 2492 case IRLMP_WAITDEVICE: 2493 /* This function is just another way of seeing life ;-) 2494 * IRLMP_ENUMDEVICES assumes that you have a static network, 2495 * and that you just want to pick one of the devices present. 2496 * On the other hand, in here we assume that no device is 2497 * present and that at some point in the future a device will 2498 * come into range. When this device arrive, we just wake 2499 * up the caller, so that he has time to connect to it before 2500 * the device goes away... 2501 * Note : once the node has been discovered for more than a 2502 * few second, it won't trigger this function, unless it 2503 * goes away and come back changes its hint bits (so we 2504 * might call it IRLMP_WAITNEWDEVICE). 2505 */ 2506 2507 /* Check that the user is passing us an int */ 2508 if (len != sizeof(int)) { 2509 err = -EINVAL; 2510 goto out; 2511 } 2512 /* Get timeout in ms (max time we block the caller) */ 2513 if (get_user(val, (int __user *)optval)) { 2514 err = -EFAULT; 2515 goto out; 2516 } 2517 2518 /* Tell IrLMP we want to be notified */ 2519 irlmp_update_client(self->ckey, self->mask.word, 2520 irda_selective_discovery_indication, 2521 NULL, (void *) self); 2522 2523 /* Do some discovery (and also return cached results) */ 2524 irlmp_discovery_request(self->nslots); 2525 2526 /* Wait until a node is discovered */ 2527 if (!self->cachedaddr) { 2528 pr_debug("%s(), nothing discovered yet, going to sleep...\n", 2529 __func__); 2530 2531 /* Set watchdog timer to expire in <val> ms. */ 2532 self->errno = 0; 2533 setup_timer(&self->watchdog, irda_discovery_timeout, 2534 (unsigned long)self); 2535 mod_timer(&self->watchdog, 2536 jiffies + msecs_to_jiffies(val)); 2537 2538 /* Wait for IR-LMP to call us back */ 2539 err = __wait_event_interruptible(self->query_wait, 2540 (self->cachedaddr != 0 || self->errno == -ETIME)); 2541 2542 /* If watchdog is still activated, kill it! */ 2543 del_timer(&(self->watchdog)); 2544 2545 pr_debug("%s(), ...waking up !\n", __func__); 2546 2547 if (err != 0) 2548 goto out; 2549 } 2550 else 2551 pr_debug("%s(), found immediately !\n", 2552 __func__); 2553 2554 /* Tell IrLMP that we have been notified */ 2555 irlmp_update_client(self->ckey, self->mask.word, 2556 NULL, NULL, NULL); 2557 2558 /* Check if the we got some results */ 2559 if (!self->cachedaddr) { 2560 err = -EAGAIN; /* Didn't find any devices */ 2561 goto out; 2562 } 2563 daddr = self->cachedaddr; 2564 /* Cleanup */ 2565 self->cachedaddr = 0; 2566 2567 /* We return the daddr of the device that trigger the 2568 * wakeup. As irlmp pass us only the new devices, we 2569 * are sure that it's not an old device. 2570 * If the user want more details, he should query 2571 * the whole discovery log and pick one device... 2572 */ 2573 if (put_user(daddr, (int __user *)optval)) { 2574 err = -EFAULT; 2575 goto out; 2576 } 2577 2578 break; 2579 default: 2580 err = -ENOPROTOOPT; 2581 } 2582 2583 out: 2584 2585 release_sock(sk); 2586 2587 return err; 2588 } 2589 2590 static const struct net_proto_family irda_family_ops = { 2591 .family = PF_IRDA, 2592 .create = irda_create, 2593 .owner = THIS_MODULE, 2594 }; 2595 2596 static const struct proto_ops irda_stream_ops = { 2597 .family = PF_IRDA, 2598 .owner = THIS_MODULE, 2599 .release = irda_release, 2600 .bind = irda_bind, 2601 .connect = irda_connect, 2602 .socketpair = sock_no_socketpair, 2603 .accept = irda_accept, 2604 .getname = irda_getname, 2605 .poll = irda_poll, 2606 .ioctl = irda_ioctl, 2607 #ifdef CONFIG_COMPAT 2608 .compat_ioctl = irda_compat_ioctl, 2609 #endif 2610 .listen = irda_listen, 2611 .shutdown = irda_shutdown, 2612 .setsockopt = irda_setsockopt, 2613 .getsockopt = irda_getsockopt, 2614 .sendmsg = irda_sendmsg, 2615 .recvmsg = irda_recvmsg_stream, 2616 .mmap = sock_no_mmap, 2617 .sendpage = sock_no_sendpage, 2618 }; 2619 2620 static const struct proto_ops irda_seqpacket_ops = { 2621 .family = PF_IRDA, 2622 .owner = THIS_MODULE, 2623 .release = irda_release, 2624 .bind = irda_bind, 2625 .connect = irda_connect, 2626 .socketpair = sock_no_socketpair, 2627 .accept = irda_accept, 2628 .getname = irda_getname, 2629 .poll = datagram_poll, 2630 .ioctl = irda_ioctl, 2631 #ifdef CONFIG_COMPAT 2632 .compat_ioctl = irda_compat_ioctl, 2633 #endif 2634 .listen = irda_listen, 2635 .shutdown = irda_shutdown, 2636 .setsockopt = irda_setsockopt, 2637 .getsockopt = irda_getsockopt, 2638 .sendmsg = irda_sendmsg, 2639 .recvmsg = irda_recvmsg_dgram, 2640 .mmap = sock_no_mmap, 2641 .sendpage = sock_no_sendpage, 2642 }; 2643 2644 static const struct proto_ops irda_dgram_ops = { 2645 .family = PF_IRDA, 2646 .owner = THIS_MODULE, 2647 .release = irda_release, 2648 .bind = irda_bind, 2649 .connect = irda_connect, 2650 .socketpair = sock_no_socketpair, 2651 .accept = irda_accept, 2652 .getname = irda_getname, 2653 .poll = datagram_poll, 2654 .ioctl = irda_ioctl, 2655 #ifdef CONFIG_COMPAT 2656 .compat_ioctl = irda_compat_ioctl, 2657 #endif 2658 .listen = irda_listen, 2659 .shutdown = irda_shutdown, 2660 .setsockopt = irda_setsockopt, 2661 .getsockopt = irda_getsockopt, 2662 .sendmsg = irda_sendmsg_dgram, 2663 .recvmsg = irda_recvmsg_dgram, 2664 .mmap = sock_no_mmap, 2665 .sendpage = sock_no_sendpage, 2666 }; 2667 2668 #ifdef CONFIG_IRDA_ULTRA 2669 static const struct proto_ops irda_ultra_ops = { 2670 .family = PF_IRDA, 2671 .owner = THIS_MODULE, 2672 .release = irda_release, 2673 .bind = irda_bind, 2674 .connect = sock_no_connect, 2675 .socketpair = sock_no_socketpair, 2676 .accept = sock_no_accept, 2677 .getname = irda_getname, 2678 .poll = datagram_poll, 2679 .ioctl = irda_ioctl, 2680 #ifdef CONFIG_COMPAT 2681 .compat_ioctl = irda_compat_ioctl, 2682 #endif 2683 .listen = sock_no_listen, 2684 .shutdown = irda_shutdown, 2685 .setsockopt = irda_setsockopt, 2686 .getsockopt = irda_getsockopt, 2687 .sendmsg = irda_sendmsg_ultra, 2688 .recvmsg = irda_recvmsg_dgram, 2689 .mmap = sock_no_mmap, 2690 .sendpage = sock_no_sendpage, 2691 }; 2692 #endif /* CONFIG_IRDA_ULTRA */ 2693 2694 /* 2695 * Function irsock_init (pro) 2696 * 2697 * Initialize IrDA protocol 2698 * 2699 */ 2700 int __init irsock_init(void) 2701 { 2702 int rc = proto_register(&irda_proto, 0); 2703 2704 if (rc == 0) 2705 rc = sock_register(&irda_family_ops); 2706 2707 return rc; 2708 } 2709 2710 /* 2711 * Function irsock_cleanup (void) 2712 * 2713 * Remove IrDA protocol 2714 * 2715 */ 2716 void irsock_cleanup(void) 2717 { 2718 sock_unregister(PF_IRDA); 2719 proto_unregister(&irda_proto); 2720 } 2721
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.