2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
4 Copyright (C) 2009-2010 Gustavo F. Padovan <gustavo@padovan.org>
5 Copyright (C) 2010 Google Inc.
6 Copyright (C) 2011 ProFUSION Embedded Systems
8 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License version 2 as
12 published by the Free Software Foundation;
14 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
15 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
17 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
18 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
19 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
20 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
21 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
23 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
24 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
25 SOFTWARE IS DISCLAIMED.
28 /* Bluetooth L2CAP sockets. */
30 #include <linux/export.h>
32 #include <net/bluetooth/bluetooth.h>
33 #include <net/bluetooth/hci_core.h>
34 #include <net/bluetooth/l2cap.h>
35 #include <net/bluetooth/smp.h>
37 static struct bt_sock_list l2cap_sk_list = {
38 .lock = __RW_LOCK_UNLOCKED(l2cap_sk_list.lock)
41 static const struct proto_ops l2cap_sock_ops;
42 static void l2cap_sock_init(struct sock *sk, struct sock *parent);
43 static struct sock *l2cap_sock_alloc(struct net *net, struct socket *sock,
44 int proto, gfp_t prio);
46 static int l2cap_sock_bind(struct socket *sock, struct sockaddr *addr, int alen)
48 struct sock *sk = sock->sk;
49 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
50 struct sockaddr_l2 la;
55 if (!addr || addr->sa_family != AF_BLUETOOTH)
58 memset(&la, 0, sizeof(la));
59 len = min_t(unsigned int, sizeof(la), alen);
60 memcpy(&la, addr, len);
62 if (la.l2_cid && la.l2_psm)
67 if (sk->sk_state != BT_OPEN) {
73 __u16 psm = __le16_to_cpu(la.l2_psm);
75 /* PSM must be odd and lsb of upper byte must be 0 */
76 if ((psm & 0x0101) != 0x0001) {
81 /* Restrict usage of well-known PSMs */
82 if (psm < 0x1001 && !capable(CAP_NET_BIND_SERVICE)) {
89 err = l2cap_add_scid(chan, __le16_to_cpu(la.l2_cid));
91 err = l2cap_add_psm(chan, &la.l2_bdaddr, la.l2_psm);
96 if (__le16_to_cpu(la.l2_psm) == L2CAP_PSM_SDP ||
97 __le16_to_cpu(la.l2_psm) == L2CAP_PSM_RFCOMM)
98 chan->sec_level = BT_SECURITY_SDP;
100 bacpy(&bt_sk(sk)->src, &la.l2_bdaddr);
102 chan->state = BT_BOUND;
103 sk->sk_state = BT_BOUND;
110 static int l2cap_sock_connect(struct socket *sock, struct sockaddr *addr,
113 struct sock *sk = sock->sk;
114 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
115 struct sockaddr_l2 la;
120 if (!addr || alen < sizeof(addr->sa_family) ||
121 addr->sa_family != AF_BLUETOOTH)
124 memset(&la, 0, sizeof(la));
125 len = min_t(unsigned int, sizeof(la), alen);
126 memcpy(&la, addr, len);
128 if (la.l2_cid && la.l2_psm)
131 err = l2cap_chan_connect(chan, la.l2_psm, __le16_to_cpu(la.l2_cid),
132 &la.l2_bdaddr, la.l2_bdaddr_type);
138 err = bt_sock_wait_state(sk, BT_CONNECTED,
139 sock_sndtimeo(sk, flags & O_NONBLOCK));
146 static int l2cap_sock_listen(struct socket *sock, int backlog)
148 struct sock *sk = sock->sk;
149 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
152 BT_DBG("sk %p backlog %d", sk, backlog);
156 if (sk->sk_state != BT_BOUND) {
161 if (sk->sk_type != SOCK_SEQPACKET && sk->sk_type != SOCK_STREAM) {
166 switch (chan->mode) {
167 case L2CAP_MODE_BASIC:
169 case L2CAP_MODE_ERTM:
170 case L2CAP_MODE_STREAMING:
179 sk->sk_max_ack_backlog = backlog;
180 sk->sk_ack_backlog = 0;
182 chan->state = BT_LISTEN;
183 sk->sk_state = BT_LISTEN;
190 static int l2cap_sock_accept(struct socket *sock, struct socket *newsock,
193 DECLARE_WAITQUEUE(wait, current);
194 struct sock *sk = sock->sk, *nsk;
198 lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
200 timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK);
202 BT_DBG("sk %p timeo %ld", sk, timeo);
204 /* Wait for an incoming connection. (wake-one). */
205 add_wait_queue_exclusive(sk_sleep(sk), &wait);
207 set_current_state(TASK_INTERRUPTIBLE);
209 if (sk->sk_state != BT_LISTEN) {
214 nsk = bt_accept_dequeue(sk, newsock);
223 if (signal_pending(current)) {
224 err = sock_intr_errno(timeo);
229 timeo = schedule_timeout(timeo);
230 lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
232 __set_current_state(TASK_RUNNING);
233 remove_wait_queue(sk_sleep(sk), &wait);
238 newsock->state = SS_CONNECTED;
240 BT_DBG("new socket %p", nsk);
247 static int l2cap_sock_getname(struct socket *sock, struct sockaddr *addr,
250 struct sockaddr_l2 *la = (struct sockaddr_l2 *) addr;
251 struct sock *sk = sock->sk;
252 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
254 BT_DBG("sock %p, sk %p", sock, sk);
256 memset(la, 0, sizeof(struct sockaddr_l2));
257 addr->sa_family = AF_BLUETOOTH;
258 *len = sizeof(struct sockaddr_l2);
261 la->l2_psm = chan->psm;
262 bacpy(&la->l2_bdaddr, &bt_sk(sk)->dst);
263 la->l2_cid = cpu_to_le16(chan->dcid);
265 la->l2_psm = chan->sport;
266 bacpy(&la->l2_bdaddr, &bt_sk(sk)->src);
267 la->l2_cid = cpu_to_le16(chan->scid);
273 static int l2cap_sock_getsockopt_old(struct socket *sock, int optname,
274 char __user *optval, int __user *optlen)
276 struct sock *sk = sock->sk;
277 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
278 struct l2cap_options opts;
279 struct l2cap_conninfo cinfo;
285 if (get_user(len, optlen))
292 memset(&opts, 0, sizeof(opts));
293 opts.imtu = chan->imtu;
294 opts.omtu = chan->omtu;
295 opts.flush_to = chan->flush_to;
296 opts.mode = chan->mode;
297 opts.fcs = chan->fcs;
298 opts.max_tx = chan->max_tx;
299 opts.txwin_size = chan->tx_win;
301 len = min_t(unsigned int, len, sizeof(opts));
302 if (copy_to_user(optval, (char *) &opts, len))
308 switch (chan->sec_level) {
309 case BT_SECURITY_LOW:
312 case BT_SECURITY_MEDIUM:
313 opt = L2CAP_LM_AUTH | L2CAP_LM_ENCRYPT;
315 case BT_SECURITY_HIGH:
316 opt = L2CAP_LM_AUTH | L2CAP_LM_ENCRYPT |
324 if (test_bit(FLAG_ROLE_SWITCH, &chan->flags))
325 opt |= L2CAP_LM_MASTER;
327 if (test_bit(FLAG_FORCE_RELIABLE, &chan->flags))
328 opt |= L2CAP_LM_RELIABLE;
330 if (put_user(opt, (u32 __user *) optval))
335 if (sk->sk_state != BT_CONNECTED &&
336 !(sk->sk_state == BT_CONNECT2 &&
337 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags))) {
342 memset(&cinfo, 0, sizeof(cinfo));
343 cinfo.hci_handle = chan->conn->hcon->handle;
344 memcpy(cinfo.dev_class, chan->conn->hcon->dev_class, 3);
346 len = min_t(unsigned int, len, sizeof(cinfo));
347 if (copy_to_user(optval, (char *) &cinfo, len))
361 static int l2cap_sock_getsockopt(struct socket *sock, int level, int optname,
362 char __user *optval, int __user *optlen)
364 struct sock *sk = sock->sk;
365 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
366 struct bt_security sec;
372 if (level == SOL_L2CAP)
373 return l2cap_sock_getsockopt_old(sock, optname, optval, optlen);
375 if (level != SOL_BLUETOOTH)
378 if (get_user(len, optlen))
385 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
386 chan->chan_type != L2CAP_CHAN_RAW) {
391 memset(&sec, 0, sizeof(sec));
393 sec.level = chan->conn->hcon->sec_level;
395 if (sk->sk_state == BT_CONNECTED)
396 sec.key_size = chan->conn->hcon->enc_key_size;
398 sec.level = chan->sec_level;
401 len = min_t(unsigned int, len, sizeof(sec));
402 if (copy_to_user(optval, (char *) &sec, len))
408 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
413 if (put_user(test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags),
414 (u32 __user *) optval))
420 if (put_user(test_bit(FLAG_FLUSHABLE, &chan->flags),
421 (u32 __user *) optval))
427 if (sk->sk_type != SOCK_SEQPACKET && sk->sk_type != SOCK_STREAM
428 && sk->sk_type != SOCK_RAW) {
433 pwr.force_active = test_bit(FLAG_FORCE_ACTIVE, &chan->flags);
435 len = min_t(unsigned int, len, sizeof(pwr));
436 if (copy_to_user(optval, (char *) &pwr, len))
441 case BT_CHANNEL_POLICY:
447 if (put_user(chan->chan_policy, (u32 __user *) optval))
460 static bool l2cap_valid_mtu(struct l2cap_chan *chan, u16 mtu)
462 switch (chan->scid) {
463 case L2CAP_CID_LE_DATA:
464 if (mtu < L2CAP_LE_MIN_MTU)
469 if (mtu < L2CAP_DEFAULT_MIN_MTU)
476 static int l2cap_sock_setsockopt_old(struct socket *sock, int optname,
477 char __user *optval, unsigned int optlen)
479 struct sock *sk = sock->sk;
480 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
481 struct l2cap_options opts;
491 if (sk->sk_state == BT_CONNECTED) {
496 opts.imtu = chan->imtu;
497 opts.omtu = chan->omtu;
498 opts.flush_to = chan->flush_to;
499 opts.mode = chan->mode;
500 opts.fcs = chan->fcs;
501 opts.max_tx = chan->max_tx;
502 opts.txwin_size = chan->tx_win;
504 len = min_t(unsigned int, sizeof(opts), optlen);
505 if (copy_from_user((char *) &opts, optval, len)) {
510 if (opts.txwin_size > L2CAP_DEFAULT_EXT_WINDOW) {
515 if (!l2cap_valid_mtu(chan, opts.imtu)) {
520 chan->mode = opts.mode;
521 switch (chan->mode) {
522 case L2CAP_MODE_BASIC:
523 clear_bit(CONF_STATE2_DEVICE, &chan->conf_state);
525 case L2CAP_MODE_ERTM:
526 case L2CAP_MODE_STREAMING:
535 chan->imtu = opts.imtu;
536 chan->omtu = opts.omtu;
537 chan->fcs = opts.fcs;
538 chan->max_tx = opts.max_tx;
539 chan->tx_win = opts.txwin_size;
540 chan->flush_to = opts.flush_to;
544 if (get_user(opt, (u32 __user *) optval)) {
549 if (opt & L2CAP_LM_AUTH)
550 chan->sec_level = BT_SECURITY_LOW;
551 if (opt & L2CAP_LM_ENCRYPT)
552 chan->sec_level = BT_SECURITY_MEDIUM;
553 if (opt & L2CAP_LM_SECURE)
554 chan->sec_level = BT_SECURITY_HIGH;
556 if (opt & L2CAP_LM_MASTER)
557 set_bit(FLAG_ROLE_SWITCH, &chan->flags);
559 clear_bit(FLAG_ROLE_SWITCH, &chan->flags);
561 if (opt & L2CAP_LM_RELIABLE)
562 set_bit(FLAG_FORCE_RELIABLE, &chan->flags);
564 clear_bit(FLAG_FORCE_RELIABLE, &chan->flags);
576 static int l2cap_sock_setsockopt(struct socket *sock, int level, int optname,
577 char __user *optval, unsigned int optlen)
579 struct sock *sk = sock->sk;
580 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
581 struct bt_security sec;
583 struct l2cap_conn *conn;
589 if (level == SOL_L2CAP)
590 return l2cap_sock_setsockopt_old(sock, optname, optval, optlen);
592 if (level != SOL_BLUETOOTH)
599 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
600 chan->chan_type != L2CAP_CHAN_RAW) {
605 sec.level = BT_SECURITY_LOW;
607 len = min_t(unsigned int, sizeof(sec), optlen);
608 if (copy_from_user((char *) &sec, optval, len)) {
613 if (sec.level < BT_SECURITY_LOW ||
614 sec.level > BT_SECURITY_HIGH) {
619 chan->sec_level = sec.level;
626 /*change security for LE channels */
627 if (chan->scid == L2CAP_CID_LE_DATA) {
628 if (!conn->hcon->out) {
633 if (smp_conn_security(conn->hcon, sec.level))
635 sk->sk_state = BT_CONFIG;
636 chan->state = BT_CONFIG;
638 /* or for ACL link */
639 } else if ((sk->sk_state == BT_CONNECT2 &&
640 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) ||
641 sk->sk_state == BT_CONNECTED) {
642 if (!l2cap_chan_check_security(chan))
643 set_bit(BT_SK_SUSPEND, &bt_sk(sk)->flags);
645 sk->sk_state_change(sk);
652 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
657 if (get_user(opt, (u32 __user *) optval)) {
663 set_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
665 clear_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
669 if (get_user(opt, (u32 __user *) optval)) {
674 if (opt > BT_FLUSHABLE_ON) {
679 if (opt == BT_FLUSHABLE_OFF) {
680 struct l2cap_conn *conn = chan->conn;
681 /* proceed further only when we have l2cap_conn and
682 No Flush support in the LM */
683 if (!conn || !lmp_no_flush_capable(conn->hcon->hdev)) {
690 set_bit(FLAG_FLUSHABLE, &chan->flags);
692 clear_bit(FLAG_FLUSHABLE, &chan->flags);
696 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
697 chan->chan_type != L2CAP_CHAN_RAW) {
702 pwr.force_active = BT_POWER_FORCE_ACTIVE_ON;
704 len = min_t(unsigned int, sizeof(pwr), optlen);
705 if (copy_from_user((char *) &pwr, optval, len)) {
710 if (pwr.force_active)
711 set_bit(FLAG_FORCE_ACTIVE, &chan->flags);
713 clear_bit(FLAG_FORCE_ACTIVE, &chan->flags);
716 case BT_CHANNEL_POLICY:
722 if (get_user(opt, (u32 __user *) optval)) {
727 if (opt > BT_CHANNEL_POLICY_AMP_PREFERRED) {
732 if (chan->mode != L2CAP_MODE_ERTM &&
733 chan->mode != L2CAP_MODE_STREAMING) {
738 chan->chan_policy = (u8) opt;
750 static int l2cap_sock_sendmsg(struct kiocb *iocb, struct socket *sock,
751 struct msghdr *msg, size_t len)
753 struct sock *sk = sock->sk;
754 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
757 BT_DBG("sock %p, sk %p", sock, sk);
759 err = sock_error(sk);
763 if (msg->msg_flags & MSG_OOB)
766 if (sk->sk_state != BT_CONNECTED)
769 l2cap_chan_lock(chan);
770 err = l2cap_chan_send(chan, msg, len, sk->sk_priority);
771 l2cap_chan_unlock(chan);
776 static int l2cap_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
777 struct msghdr *msg, size_t len, int flags)
779 struct sock *sk = sock->sk;
780 struct l2cap_pinfo *pi = l2cap_pi(sk);
785 if (sk->sk_state == BT_CONNECT2 && test_bit(BT_SK_DEFER_SETUP,
786 &bt_sk(sk)->flags)) {
787 sk->sk_state = BT_CONFIG;
788 pi->chan->state = BT_CONFIG;
790 __l2cap_connect_rsp_defer(pi->chan);
797 if (sock->type == SOCK_STREAM)
798 err = bt_sock_stream_recvmsg(iocb, sock, msg, len, flags);
800 err = bt_sock_recvmsg(iocb, sock, msg, len, flags);
802 if (pi->chan->mode != L2CAP_MODE_ERTM)
805 /* Attempt to put pending rx data in the socket buffer */
809 if (!test_bit(CONN_LOCAL_BUSY, &pi->chan->conn_state))
812 if (pi->rx_busy_skb) {
813 if (!sock_queue_rcv_skb(sk, pi->rx_busy_skb))
814 pi->rx_busy_skb = NULL;
819 /* Restore data flow when half of the receive buffer is
820 * available. This avoids resending large numbers of
823 if (atomic_read(&sk->sk_rmem_alloc) <= sk->sk_rcvbuf >> 1)
824 l2cap_chan_busy(pi->chan, 0);
831 /* Kill socket (only if zapped and orphan)
832 * Must be called on unlocked socket.
834 static void l2cap_sock_kill(struct sock *sk)
836 if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket)
839 BT_DBG("sk %p state %s", sk, state_to_string(sk->sk_state));
841 /* Kill poor orphan */
843 l2cap_chan_put(l2cap_pi(sk)->chan);
844 sock_set_flag(sk, SOCK_DEAD);
848 static int l2cap_sock_shutdown(struct socket *sock, int how)
850 struct sock *sk = sock->sk;
851 struct l2cap_chan *chan;
852 struct l2cap_conn *conn;
855 BT_DBG("sock %p, sk %p", sock, sk);
860 chan = l2cap_pi(sk)->chan;
864 mutex_lock(&conn->chan_lock);
866 l2cap_chan_lock(chan);
869 if (!sk->sk_shutdown) {
870 if (chan->mode == L2CAP_MODE_ERTM)
871 err = __l2cap_wait_ack(sk);
873 sk->sk_shutdown = SHUTDOWN_MASK;
876 l2cap_chan_close(chan, 0);
879 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime)
880 err = bt_sock_wait_state(sk, BT_CLOSED,
884 if (!err && sk->sk_err)
888 l2cap_chan_unlock(chan);
891 mutex_unlock(&conn->chan_lock);
896 static int l2cap_sock_release(struct socket *sock)
898 struct sock *sk = sock->sk;
901 BT_DBG("sock %p, sk %p", sock, sk);
906 bt_sock_unlink(&l2cap_sk_list, sk);
908 err = l2cap_sock_shutdown(sock, 2);
915 static void l2cap_sock_cleanup_listen(struct sock *parent)
919 BT_DBG("parent %p", parent);
921 /* Close not yet accepted channels */
922 while ((sk = bt_accept_dequeue(parent, NULL))) {
923 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
925 l2cap_chan_lock(chan);
926 __clear_chan_timer(chan);
927 l2cap_chan_close(chan, ECONNRESET);
928 l2cap_chan_unlock(chan);
934 static struct l2cap_chan *l2cap_sock_new_connection_cb(struct l2cap_chan *chan)
936 struct sock *sk, *parent = chan->data;
938 /* Check for backlog size */
939 if (sk_acceptq_is_full(parent)) {
940 BT_DBG("backlog full %d", parent->sk_ack_backlog);
944 sk = l2cap_sock_alloc(sock_net(parent), NULL, BTPROTO_L2CAP,
949 bt_sock_reclassify_lock(sk, BTPROTO_L2CAP);
951 l2cap_sock_init(sk, parent);
953 bt_accept_enqueue(parent, sk);
955 return l2cap_pi(sk)->chan;
958 static int l2cap_sock_recv_cb(struct l2cap_chan *chan, struct sk_buff *skb)
961 struct sock *sk = chan->data;
962 struct l2cap_pinfo *pi = l2cap_pi(sk);
966 if (pi->rx_busy_skb) {
971 err = sock_queue_rcv_skb(sk, skb);
973 /* For ERTM, handle one skb that doesn't fit into the recv
974 * buffer. This is important to do because the data frames
975 * have already been acked, so the skb cannot be discarded.
977 * Notify the l2cap core that the buffer is full, so the
978 * LOCAL_BUSY state is entered and no more frames are
979 * acked and reassembled until there is buffer space
982 if (err < 0 && pi->chan->mode == L2CAP_MODE_ERTM) {
983 pi->rx_busy_skb = skb;
984 l2cap_chan_busy(pi->chan, 1);
994 static void l2cap_sock_close_cb(struct l2cap_chan *chan)
996 struct sock *sk = chan->data;
1001 static void l2cap_sock_teardown_cb(struct l2cap_chan *chan, int err)
1003 struct sock *sk = chan->data;
1004 struct sock *parent;
1008 parent = bt_sk(sk)->parent;
1010 sock_set_flag(sk, SOCK_ZAPPED);
1012 switch (chan->state) {
1018 l2cap_sock_cleanup_listen(sk);
1019 sk->sk_state = BT_CLOSED;
1020 chan->state = BT_CLOSED;
1024 sk->sk_state = BT_CLOSED;
1025 chan->state = BT_CLOSED;
1030 bt_accept_unlink(sk);
1031 parent->sk_data_ready(parent, 0);
1033 sk->sk_state_change(sk);
1042 static void l2cap_sock_state_change_cb(struct l2cap_chan *chan, int state)
1044 struct sock *sk = chan->data;
1046 sk->sk_state = state;
1049 static struct sk_buff *l2cap_sock_alloc_skb_cb(struct l2cap_chan *chan,
1050 unsigned long len, int nb)
1052 struct sk_buff *skb;
1055 l2cap_chan_unlock(chan);
1056 skb = bt_skb_send_alloc(chan->sk, len, nb, &err);
1057 l2cap_chan_lock(chan);
1060 return ERR_PTR(err);
1065 static void l2cap_sock_ready_cb(struct l2cap_chan *chan)
1067 struct sock *sk = chan->data;
1068 struct sock *parent;
1072 parent = bt_sk(sk)->parent;
1074 BT_DBG("sk %p, parent %p", sk, parent);
1076 sk->sk_state = BT_CONNECTED;
1077 sk->sk_state_change(sk);
1080 parent->sk_data_ready(parent, 0);
1085 static void l2cap_sock_defer_cb(struct l2cap_chan *chan)
1087 struct sock *sk = chan->data;
1088 struct sock *parent = bt_sk(sk)->parent;
1091 parent->sk_data_ready(parent, 0);
1094 static struct l2cap_ops l2cap_chan_ops = {
1095 .name = "L2CAP Socket Interface",
1096 .new_connection = l2cap_sock_new_connection_cb,
1097 .recv = l2cap_sock_recv_cb,
1098 .close = l2cap_sock_close_cb,
1099 .teardown = l2cap_sock_teardown_cb,
1100 .state_change = l2cap_sock_state_change_cb,
1101 .ready = l2cap_sock_ready_cb,
1102 .defer = l2cap_sock_defer_cb,
1103 .alloc_skb = l2cap_sock_alloc_skb_cb,
1106 static void l2cap_sock_destruct(struct sock *sk)
1108 BT_DBG("sk %p", sk);
1110 if (l2cap_pi(sk)->chan)
1111 l2cap_chan_put(l2cap_pi(sk)->chan);
1112 if (l2cap_pi(sk)->rx_busy_skb) {
1113 kfree_skb(l2cap_pi(sk)->rx_busy_skb);
1114 l2cap_pi(sk)->rx_busy_skb = NULL;
1117 skb_queue_purge(&sk->sk_receive_queue);
1118 skb_queue_purge(&sk->sk_write_queue);
1121 static void l2cap_sock_init(struct sock *sk, struct sock *parent)
1123 struct l2cap_pinfo *pi = l2cap_pi(sk);
1124 struct l2cap_chan *chan = pi->chan;
1126 BT_DBG("sk %p", sk);
1129 struct l2cap_chan *pchan = l2cap_pi(parent)->chan;
1131 sk->sk_type = parent->sk_type;
1132 bt_sk(sk)->flags = bt_sk(parent)->flags;
1134 chan->chan_type = pchan->chan_type;
1135 chan->imtu = pchan->imtu;
1136 chan->omtu = pchan->omtu;
1137 chan->conf_state = pchan->conf_state;
1138 chan->mode = pchan->mode;
1139 chan->fcs = pchan->fcs;
1140 chan->max_tx = pchan->max_tx;
1141 chan->tx_win = pchan->tx_win;
1142 chan->tx_win_max = pchan->tx_win_max;
1143 chan->sec_level = pchan->sec_level;
1144 chan->flags = pchan->flags;
1146 security_sk_clone(parent, sk);
1149 switch (sk->sk_type) {
1151 chan->chan_type = L2CAP_CHAN_RAW;
1154 chan->chan_type = L2CAP_CHAN_CONN_LESS;
1156 case SOCK_SEQPACKET:
1158 chan->chan_type = L2CAP_CHAN_CONN_ORIENTED;
1162 chan->imtu = L2CAP_DEFAULT_MTU;
1164 if (!disable_ertm && sk->sk_type == SOCK_STREAM) {
1165 chan->mode = L2CAP_MODE_ERTM;
1166 set_bit(CONF_STATE2_DEVICE, &chan->conf_state);
1168 chan->mode = L2CAP_MODE_BASIC;
1171 l2cap_chan_set_defaults(chan);
1174 /* Default config options */
1175 chan->flush_to = L2CAP_DEFAULT_FLUSH_TO;
1178 chan->ops = &l2cap_chan_ops;
1181 static struct proto l2cap_proto = {
1183 .owner = THIS_MODULE,
1184 .obj_size = sizeof(struct l2cap_pinfo)
1187 static struct sock *l2cap_sock_alloc(struct net *net, struct socket *sock,
1188 int proto, gfp_t prio)
1191 struct l2cap_chan *chan;
1193 sk = sk_alloc(net, PF_BLUETOOTH, prio, &l2cap_proto);
1197 sock_init_data(sock, sk);
1198 INIT_LIST_HEAD(&bt_sk(sk)->accept_q);
1200 sk->sk_destruct = l2cap_sock_destruct;
1201 sk->sk_sndtimeo = L2CAP_CONN_TIMEOUT;
1203 sock_reset_flag(sk, SOCK_ZAPPED);
1205 sk->sk_protocol = proto;
1206 sk->sk_state = BT_OPEN;
1208 chan = l2cap_chan_create();
1214 l2cap_chan_hold(chan);
1218 l2cap_pi(sk)->chan = chan;
1223 static int l2cap_sock_create(struct net *net, struct socket *sock, int protocol,
1228 BT_DBG("sock %p", sock);
1230 sock->state = SS_UNCONNECTED;
1232 if (sock->type != SOCK_SEQPACKET && sock->type != SOCK_STREAM &&
1233 sock->type != SOCK_DGRAM && sock->type != SOCK_RAW)
1234 return -ESOCKTNOSUPPORT;
1236 if (sock->type == SOCK_RAW && !kern && !capable(CAP_NET_RAW))
1239 sock->ops = &l2cap_sock_ops;
1241 sk = l2cap_sock_alloc(net, sock, protocol, GFP_ATOMIC);
1245 l2cap_sock_init(sk, NULL);
1246 bt_sock_link(&l2cap_sk_list, sk);
1250 static const struct proto_ops l2cap_sock_ops = {
1251 .family = PF_BLUETOOTH,
1252 .owner = THIS_MODULE,
1253 .release = l2cap_sock_release,
1254 .bind = l2cap_sock_bind,
1255 .connect = l2cap_sock_connect,
1256 .listen = l2cap_sock_listen,
1257 .accept = l2cap_sock_accept,
1258 .getname = l2cap_sock_getname,
1259 .sendmsg = l2cap_sock_sendmsg,
1260 .recvmsg = l2cap_sock_recvmsg,
1261 .poll = bt_sock_poll,
1262 .ioctl = bt_sock_ioctl,
1263 .mmap = sock_no_mmap,
1264 .socketpair = sock_no_socketpair,
1265 .shutdown = l2cap_sock_shutdown,
1266 .setsockopt = l2cap_sock_setsockopt,
1267 .getsockopt = l2cap_sock_getsockopt
1270 static const struct net_proto_family l2cap_sock_family_ops = {
1271 .family = PF_BLUETOOTH,
1272 .owner = THIS_MODULE,
1273 .create = l2cap_sock_create,
1276 int __init l2cap_init_sockets(void)
1280 err = proto_register(&l2cap_proto, 0);
1284 err = bt_sock_register(BTPROTO_L2CAP, &l2cap_sock_family_ops);
1286 BT_ERR("L2CAP socket registration failed");
1290 err = bt_procfs_init(THIS_MODULE, &init_net, "l2cap", &l2cap_sk_list,
1293 BT_ERR("Failed to create L2CAP proc file");
1294 bt_sock_unregister(BTPROTO_L2CAP);
1298 BT_INFO("L2CAP socket layer initialized");
1303 proto_unregister(&l2cap_proto);
1307 void l2cap_cleanup_sockets(void)
1309 bt_procfs_cleanup(&init_net, "l2cap");
1310 if (bt_sock_unregister(BTPROTO_L2CAP) < 0)
1311 BT_ERR("L2CAP socket unregistration failed");
1313 proto_unregister(&l2cap_proto);