2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
4 Copyright (C) 2009-2010 Gustavo F. Padovan <gustavo@padovan.org>
5 Copyright (C) 2010 Google Inc.
6 Copyright (C) 2011 ProFUSION Embedded Systems
8 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License version 2 as
12 published by the Free Software Foundation;
14 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
15 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
17 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
18 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
19 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
20 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
21 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
23 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
24 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
25 SOFTWARE IS DISCLAIMED.
28 /* Bluetooth L2CAP sockets. */
30 #include <linux/export.h>
32 #include <net/bluetooth/bluetooth.h>
33 #include <net/bluetooth/hci_core.h>
34 #include <net/bluetooth/l2cap.h>
35 #include <net/bluetooth/smp.h>
37 static struct bt_sock_list l2cap_sk_list = {
38 .lock = __RW_LOCK_UNLOCKED(l2cap_sk_list.lock)
41 static const struct proto_ops l2cap_sock_ops;
42 static void l2cap_sock_init(struct sock *sk, struct sock *parent);
43 static struct sock *l2cap_sock_alloc(struct net *net, struct socket *sock, int proto, gfp_t prio);
45 static int l2cap_sock_bind(struct socket *sock, struct sockaddr *addr, int alen)
47 struct sock *sk = sock->sk;
48 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
49 struct sockaddr_l2 la;
54 if (!addr || addr->sa_family != AF_BLUETOOTH)
57 memset(&la, 0, sizeof(la));
58 len = min_t(unsigned int, sizeof(la), alen);
59 memcpy(&la, addr, len);
61 if (la.l2_cid && la.l2_psm)
66 if (sk->sk_state != BT_OPEN) {
72 __u16 psm = __le16_to_cpu(la.l2_psm);
74 /* PSM must be odd and lsb of upper byte must be 0 */
75 if ((psm & 0x0101) != 0x0001) {
80 /* Restrict usage of well-known PSMs */
81 if (psm < 0x1001 && !capable(CAP_NET_BIND_SERVICE)) {
88 err = l2cap_add_scid(chan, __le16_to_cpu(la.l2_cid));
90 err = l2cap_add_psm(chan, &la.l2_bdaddr, la.l2_psm);
95 if (__le16_to_cpu(la.l2_psm) == L2CAP_PSM_SDP ||
96 __le16_to_cpu(la.l2_psm) == L2CAP_PSM_RFCOMM)
97 chan->sec_level = BT_SECURITY_SDP;
99 bacpy(&bt_sk(sk)->src, &la.l2_bdaddr);
101 chan->state = BT_BOUND;
102 sk->sk_state = BT_BOUND;
109 static int l2cap_sock_connect(struct socket *sock, struct sockaddr *addr, int alen, int flags)
111 struct sock *sk = sock->sk;
112 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
113 struct sockaddr_l2 la;
118 if (!addr || alen < sizeof(addr->sa_family) ||
119 addr->sa_family != AF_BLUETOOTH)
122 memset(&la, 0, sizeof(la));
123 len = min_t(unsigned int, sizeof(la), alen);
124 memcpy(&la, addr, len);
126 if (la.l2_cid && la.l2_psm)
129 err = l2cap_chan_connect(chan, la.l2_psm, __le16_to_cpu(la.l2_cid),
130 &la.l2_bdaddr, la.l2_bdaddr_type);
136 err = bt_sock_wait_state(sk, BT_CONNECTED,
137 sock_sndtimeo(sk, flags & O_NONBLOCK));
144 static int l2cap_sock_listen(struct socket *sock, int backlog)
146 struct sock *sk = sock->sk;
147 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
150 BT_DBG("sk %p backlog %d", sk, backlog);
154 if (sk->sk_state != BT_BOUND) {
159 if (sk->sk_type != SOCK_SEQPACKET && sk->sk_type != SOCK_STREAM) {
164 switch (chan->mode) {
165 case L2CAP_MODE_BASIC:
167 case L2CAP_MODE_ERTM:
168 case L2CAP_MODE_STREAMING:
177 sk->sk_max_ack_backlog = backlog;
178 sk->sk_ack_backlog = 0;
180 chan->state = BT_LISTEN;
181 sk->sk_state = BT_LISTEN;
188 static int l2cap_sock_accept(struct socket *sock, struct socket *newsock, int flags)
190 DECLARE_WAITQUEUE(wait, current);
191 struct sock *sk = sock->sk, *nsk;
195 lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
197 timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK);
199 BT_DBG("sk %p timeo %ld", sk, timeo);
201 /* Wait for an incoming connection. (wake-one). */
202 add_wait_queue_exclusive(sk_sleep(sk), &wait);
204 set_current_state(TASK_INTERRUPTIBLE);
206 if (sk->sk_state != BT_LISTEN) {
211 nsk = bt_accept_dequeue(sk, newsock);
220 if (signal_pending(current)) {
221 err = sock_intr_errno(timeo);
226 timeo = schedule_timeout(timeo);
227 lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
229 __set_current_state(TASK_RUNNING);
230 remove_wait_queue(sk_sleep(sk), &wait);
235 newsock->state = SS_CONNECTED;
237 BT_DBG("new socket %p", nsk);
244 static int l2cap_sock_getname(struct socket *sock, struct sockaddr *addr, int *len, int peer)
246 struct sockaddr_l2 *la = (struct sockaddr_l2 *) addr;
247 struct sock *sk = sock->sk;
248 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
250 BT_DBG("sock %p, sk %p", sock, sk);
252 addr->sa_family = AF_BLUETOOTH;
253 *len = sizeof(struct sockaddr_l2);
256 la->l2_psm = chan->psm;
257 bacpy(&la->l2_bdaddr, &bt_sk(sk)->dst);
258 la->l2_cid = cpu_to_le16(chan->dcid);
260 la->l2_psm = chan->sport;
261 bacpy(&la->l2_bdaddr, &bt_sk(sk)->src);
262 la->l2_cid = cpu_to_le16(chan->scid);
268 static int l2cap_sock_getsockopt_old(struct socket *sock, int optname, char __user *optval, int __user *optlen)
270 struct sock *sk = sock->sk;
271 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
272 struct l2cap_options opts;
273 struct l2cap_conninfo cinfo;
279 if (get_user(len, optlen))
286 memset(&opts, 0, sizeof(opts));
287 opts.imtu = chan->imtu;
288 opts.omtu = chan->omtu;
289 opts.flush_to = chan->flush_to;
290 opts.mode = chan->mode;
291 opts.fcs = chan->fcs;
292 opts.max_tx = chan->max_tx;
293 opts.txwin_size = chan->tx_win;
295 len = min_t(unsigned int, len, sizeof(opts));
296 if (copy_to_user(optval, (char *) &opts, len))
302 switch (chan->sec_level) {
303 case BT_SECURITY_LOW:
306 case BT_SECURITY_MEDIUM:
307 opt = L2CAP_LM_AUTH | L2CAP_LM_ENCRYPT;
309 case BT_SECURITY_HIGH:
310 opt = L2CAP_LM_AUTH | L2CAP_LM_ENCRYPT |
318 if (test_bit(FLAG_ROLE_SWITCH, &chan->flags))
319 opt |= L2CAP_LM_MASTER;
321 if (test_bit(FLAG_FORCE_RELIABLE, &chan->flags))
322 opt |= L2CAP_LM_RELIABLE;
324 if (put_user(opt, (u32 __user *) optval))
329 if (sk->sk_state != BT_CONNECTED &&
330 !(sk->sk_state == BT_CONNECT2 &&
331 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags))) {
336 memset(&cinfo, 0, sizeof(cinfo));
337 cinfo.hci_handle = chan->conn->hcon->handle;
338 memcpy(cinfo.dev_class, chan->conn->hcon->dev_class, 3);
340 len = min_t(unsigned int, len, sizeof(cinfo));
341 if (copy_to_user(optval, (char *) &cinfo, len))
355 static int l2cap_sock_getsockopt(struct socket *sock, int level, int optname, char __user *optval, int __user *optlen)
357 struct sock *sk = sock->sk;
358 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
359 struct bt_security sec;
365 if (level == SOL_L2CAP)
366 return l2cap_sock_getsockopt_old(sock, optname, optval, optlen);
368 if (level != SOL_BLUETOOTH)
371 if (get_user(len, optlen))
378 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
379 chan->chan_type != L2CAP_CHAN_RAW) {
384 memset(&sec, 0, sizeof(sec));
386 sec.level = chan->conn->hcon->sec_level;
388 sec.level = chan->sec_level;
390 if (sk->sk_state == BT_CONNECTED)
391 sec.key_size = chan->conn->hcon->enc_key_size;
393 len = min_t(unsigned int, len, sizeof(sec));
394 if (copy_to_user(optval, (char *) &sec, len))
400 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
405 if (put_user(test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags),
406 (u32 __user *) optval))
412 if (put_user(test_bit(FLAG_FLUSHABLE, &chan->flags),
413 (u32 __user *) optval))
419 if (sk->sk_type != SOCK_SEQPACKET && sk->sk_type != SOCK_STREAM
420 && sk->sk_type != SOCK_RAW) {
425 pwr.force_active = test_bit(FLAG_FORCE_ACTIVE, &chan->flags);
427 len = min_t(unsigned int, len, sizeof(pwr));
428 if (copy_to_user(optval, (char *) &pwr, len))
433 case BT_CHANNEL_POLICY:
439 if (put_user(chan->chan_policy, (u32 __user *) optval))
452 static bool l2cap_valid_mtu(struct l2cap_chan *chan, u16 mtu)
454 switch (chan->scid) {
455 case L2CAP_CID_LE_DATA:
456 if (mtu < L2CAP_LE_MIN_MTU)
461 if (mtu < L2CAP_DEFAULT_MIN_MTU)
468 static int l2cap_sock_setsockopt_old(struct socket *sock, int optname, char __user *optval, unsigned int optlen)
470 struct sock *sk = sock->sk;
471 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
472 struct l2cap_options opts;
482 if (sk->sk_state == BT_CONNECTED) {
487 opts.imtu = chan->imtu;
488 opts.omtu = chan->omtu;
489 opts.flush_to = chan->flush_to;
490 opts.mode = chan->mode;
491 opts.fcs = chan->fcs;
492 opts.max_tx = chan->max_tx;
493 opts.txwin_size = chan->tx_win;
495 len = min_t(unsigned int, sizeof(opts), optlen);
496 if (copy_from_user((char *) &opts, optval, len)) {
501 if (opts.txwin_size > L2CAP_DEFAULT_EXT_WINDOW) {
506 if (!l2cap_valid_mtu(chan, opts.imtu)) {
511 chan->mode = opts.mode;
512 switch (chan->mode) {
513 case L2CAP_MODE_BASIC:
514 clear_bit(CONF_STATE2_DEVICE, &chan->conf_state);
516 case L2CAP_MODE_ERTM:
517 case L2CAP_MODE_STREAMING:
526 chan->imtu = opts.imtu;
527 chan->omtu = opts.omtu;
528 chan->fcs = opts.fcs;
529 chan->max_tx = opts.max_tx;
530 chan->tx_win = opts.txwin_size;
534 if (get_user(opt, (u32 __user *) optval)) {
539 if (opt & L2CAP_LM_AUTH)
540 chan->sec_level = BT_SECURITY_LOW;
541 if (opt & L2CAP_LM_ENCRYPT)
542 chan->sec_level = BT_SECURITY_MEDIUM;
543 if (opt & L2CAP_LM_SECURE)
544 chan->sec_level = BT_SECURITY_HIGH;
546 if (opt & L2CAP_LM_MASTER)
547 set_bit(FLAG_ROLE_SWITCH, &chan->flags);
549 clear_bit(FLAG_ROLE_SWITCH, &chan->flags);
551 if (opt & L2CAP_LM_RELIABLE)
552 set_bit(FLAG_FORCE_RELIABLE, &chan->flags);
554 clear_bit(FLAG_FORCE_RELIABLE, &chan->flags);
566 static int l2cap_sock_setsockopt(struct socket *sock, int level, int optname, char __user *optval, unsigned int optlen)
568 struct sock *sk = sock->sk;
569 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
570 struct bt_security sec;
572 struct l2cap_conn *conn;
578 if (level == SOL_L2CAP)
579 return l2cap_sock_setsockopt_old(sock, optname, optval, optlen);
581 if (level != SOL_BLUETOOTH)
588 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
589 chan->chan_type != L2CAP_CHAN_RAW) {
594 sec.level = BT_SECURITY_LOW;
596 len = min_t(unsigned int, sizeof(sec), optlen);
597 if (copy_from_user((char *) &sec, optval, len)) {
602 if (sec.level < BT_SECURITY_LOW ||
603 sec.level > BT_SECURITY_HIGH) {
608 chan->sec_level = sec.level;
615 /*change security for LE channels */
616 if (chan->scid == L2CAP_CID_LE_DATA) {
617 if (!conn->hcon->out) {
622 if (smp_conn_security(conn->hcon, sec.level))
624 sk->sk_state = BT_CONFIG;
625 chan->state = BT_CONFIG;
627 /* or for ACL link */
628 } else if ((sk->sk_state == BT_CONNECT2 &&
629 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) ||
630 sk->sk_state == BT_CONNECTED) {
631 if (!l2cap_chan_check_security(chan))
632 set_bit(BT_SK_SUSPEND, &bt_sk(sk)->flags);
634 sk->sk_state_change(sk);
641 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
646 if (get_user(opt, (u32 __user *) optval)) {
652 set_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
654 clear_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
658 if (get_user(opt, (u32 __user *) optval)) {
663 if (opt > BT_FLUSHABLE_ON) {
668 if (opt == BT_FLUSHABLE_OFF) {
669 struct l2cap_conn *conn = chan->conn;
670 /* proceed further only when we have l2cap_conn and
671 No Flush support in the LM */
672 if (!conn || !lmp_no_flush_capable(conn->hcon->hdev)) {
679 set_bit(FLAG_FLUSHABLE, &chan->flags);
681 clear_bit(FLAG_FLUSHABLE, &chan->flags);
685 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
686 chan->chan_type != L2CAP_CHAN_RAW) {
691 pwr.force_active = BT_POWER_FORCE_ACTIVE_ON;
693 len = min_t(unsigned int, sizeof(pwr), optlen);
694 if (copy_from_user((char *) &pwr, optval, len)) {
699 if (pwr.force_active)
700 set_bit(FLAG_FORCE_ACTIVE, &chan->flags);
702 clear_bit(FLAG_FORCE_ACTIVE, &chan->flags);
705 case BT_CHANNEL_POLICY:
711 if (get_user(opt, (u32 __user *) optval)) {
716 if (opt > BT_CHANNEL_POLICY_AMP_PREFERRED) {
721 if (chan->mode != L2CAP_MODE_ERTM &&
722 chan->mode != L2CAP_MODE_STREAMING) {
727 chan->chan_policy = (u8) opt;
739 static int l2cap_sock_sendmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *msg, size_t len)
741 struct sock *sk = sock->sk;
742 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
745 BT_DBG("sock %p, sk %p", sock, sk);
747 err = sock_error(sk);
751 if (msg->msg_flags & MSG_OOB)
754 if (sk->sk_state != BT_CONNECTED)
757 l2cap_chan_lock(chan);
758 err = l2cap_chan_send(chan, msg, len, sk->sk_priority);
759 l2cap_chan_unlock(chan);
764 static int l2cap_sock_recvmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *msg, size_t len, int flags)
766 struct sock *sk = sock->sk;
767 struct l2cap_pinfo *pi = l2cap_pi(sk);
772 if (sk->sk_state == BT_CONNECT2 && test_bit(BT_SK_DEFER_SETUP,
773 &bt_sk(sk)->flags)) {
774 sk->sk_state = BT_CONFIG;
775 pi->chan->state = BT_CONFIG;
777 __l2cap_connect_rsp_defer(pi->chan);
784 if (sock->type == SOCK_STREAM)
785 err = bt_sock_stream_recvmsg(iocb, sock, msg, len, flags);
787 err = bt_sock_recvmsg(iocb, sock, msg, len, flags);
789 if (pi->chan->mode != L2CAP_MODE_ERTM)
792 /* Attempt to put pending rx data in the socket buffer */
796 if (!test_bit(CONN_LOCAL_BUSY, &pi->chan->conn_state))
799 if (pi->rx_busy_skb) {
800 if (!sock_queue_rcv_skb(sk, pi->rx_busy_skb))
801 pi->rx_busy_skb = NULL;
806 /* Restore data flow when half of the receive buffer is
807 * available. This avoids resending large numbers of
810 if (atomic_read(&sk->sk_rmem_alloc) <= sk->sk_rcvbuf >> 1)
811 l2cap_chan_busy(pi->chan, 0);
818 /* Kill socket (only if zapped and orphan)
819 * Must be called on unlocked socket.
821 static void l2cap_sock_kill(struct sock *sk)
823 if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket)
826 BT_DBG("sk %p state %s", sk, state_to_string(sk->sk_state));
828 /* Kill poor orphan */
830 l2cap_chan_put(l2cap_pi(sk)->chan);
831 sock_set_flag(sk, SOCK_DEAD);
835 static int l2cap_sock_shutdown(struct socket *sock, int how)
837 struct sock *sk = sock->sk;
838 struct l2cap_chan *chan;
839 struct l2cap_conn *conn;
842 BT_DBG("sock %p, sk %p", sock, sk);
847 chan = l2cap_pi(sk)->chan;
851 mutex_lock(&conn->chan_lock);
853 l2cap_chan_lock(chan);
856 if (!sk->sk_shutdown) {
857 if (chan->mode == L2CAP_MODE_ERTM)
858 err = __l2cap_wait_ack(sk);
860 sk->sk_shutdown = SHUTDOWN_MASK;
863 l2cap_chan_close(chan, 0);
866 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime)
867 err = bt_sock_wait_state(sk, BT_CLOSED,
871 if (!err && sk->sk_err)
875 l2cap_chan_unlock(chan);
878 mutex_unlock(&conn->chan_lock);
883 static int l2cap_sock_release(struct socket *sock)
885 struct sock *sk = sock->sk;
888 BT_DBG("sock %p, sk %p", sock, sk);
893 bt_sock_unlink(&l2cap_sk_list, sk);
895 err = l2cap_sock_shutdown(sock, 2);
902 static void l2cap_sock_cleanup_listen(struct sock *parent)
906 BT_DBG("parent %p", parent);
908 /* Close not yet accepted channels */
909 while ((sk = bt_accept_dequeue(parent, NULL))) {
910 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
912 l2cap_chan_lock(chan);
913 __clear_chan_timer(chan);
914 l2cap_chan_close(chan, ECONNRESET);
915 l2cap_chan_unlock(chan);
921 static struct l2cap_chan *l2cap_sock_new_connection_cb(struct l2cap_chan *chan)
923 struct sock *sk, *parent = chan->data;
925 /* Check for backlog size */
926 if (sk_acceptq_is_full(parent)) {
927 BT_DBG("backlog full %d", parent->sk_ack_backlog);
931 sk = l2cap_sock_alloc(sock_net(parent), NULL, BTPROTO_L2CAP,
936 bt_sock_reclassify_lock(sk, BTPROTO_L2CAP);
938 l2cap_sock_init(sk, parent);
940 return l2cap_pi(sk)->chan;
943 static int l2cap_sock_recv_cb(struct l2cap_chan *chan, struct sk_buff *skb)
946 struct sock *sk = chan->data;
947 struct l2cap_pinfo *pi = l2cap_pi(sk);
951 if (pi->rx_busy_skb) {
956 err = sock_queue_rcv_skb(sk, skb);
958 /* For ERTM, handle one skb that doesn't fit into the recv
959 * buffer. This is important to do because the data frames
960 * have already been acked, so the skb cannot be discarded.
962 * Notify the l2cap core that the buffer is full, so the
963 * LOCAL_BUSY state is entered and no more frames are
964 * acked and reassembled until there is buffer space
967 if (err < 0 && pi->chan->mode == L2CAP_MODE_ERTM) {
968 pi->rx_busy_skb = skb;
969 l2cap_chan_busy(pi->chan, 1);
979 static void l2cap_sock_close_cb(struct l2cap_chan *chan)
981 struct sock *sk = chan->data;
986 static void l2cap_sock_teardown_cb(struct l2cap_chan *chan, int err)
988 struct sock *sk = chan->data;
993 parent = bt_sk(sk)->parent;
995 sock_set_flag(sk, SOCK_ZAPPED);
997 switch (chan->state) {
1003 l2cap_sock_cleanup_listen(sk);
1004 sk->sk_state = BT_CLOSED;
1005 chan->state = BT_CLOSED;
1009 sk->sk_state = BT_CLOSED;
1010 chan->state = BT_CLOSED;
1015 bt_accept_unlink(sk);
1016 parent->sk_data_ready(parent, 0);
1018 sk->sk_state_change(sk);
1027 static void l2cap_sock_state_change_cb(struct l2cap_chan *chan, int state)
1029 struct sock *sk = chan->data;
1031 sk->sk_state = state;
1034 static struct sk_buff *l2cap_sock_alloc_skb_cb(struct l2cap_chan *chan,
1035 unsigned long len, int nb)
1037 struct sk_buff *skb;
1040 l2cap_chan_unlock(chan);
1041 skb = bt_skb_send_alloc(chan->sk, len, nb, &err);
1042 l2cap_chan_lock(chan);
1045 return ERR_PTR(err);
1050 static void l2cap_sock_ready_cb(struct l2cap_chan *chan)
1052 struct sock *sk = chan->data;
1053 struct sock *parent;
1057 parent = bt_sk(sk)->parent;
1059 BT_DBG("sk %p, parent %p", sk, parent);
1061 sk->sk_state = BT_CONNECTED;
1062 sk->sk_state_change(sk);
1065 parent->sk_data_ready(parent, 0);
1070 static struct l2cap_ops l2cap_chan_ops = {
1071 .name = "L2CAP Socket Interface",
1072 .new_connection = l2cap_sock_new_connection_cb,
1073 .recv = l2cap_sock_recv_cb,
1074 .close = l2cap_sock_close_cb,
1075 .teardown = l2cap_sock_teardown_cb,
1076 .state_change = l2cap_sock_state_change_cb,
1077 .ready = l2cap_sock_ready_cb,
1078 .alloc_skb = l2cap_sock_alloc_skb_cb,
1081 static void l2cap_sock_destruct(struct sock *sk)
1083 BT_DBG("sk %p", sk);
1085 l2cap_chan_put(l2cap_pi(sk)->chan);
1086 if (l2cap_pi(sk)->rx_busy_skb) {
1087 kfree_skb(l2cap_pi(sk)->rx_busy_skb);
1088 l2cap_pi(sk)->rx_busy_skb = NULL;
1091 skb_queue_purge(&sk->sk_receive_queue);
1092 skb_queue_purge(&sk->sk_write_queue);
1095 static void l2cap_sock_init(struct sock *sk, struct sock *parent)
1097 struct l2cap_pinfo *pi = l2cap_pi(sk);
1098 struct l2cap_chan *chan = pi->chan;
1100 BT_DBG("sk %p", sk);
1103 struct l2cap_chan *pchan = l2cap_pi(parent)->chan;
1105 sk->sk_type = parent->sk_type;
1106 bt_sk(sk)->flags = bt_sk(parent)->flags;
1108 chan->chan_type = pchan->chan_type;
1109 chan->imtu = pchan->imtu;
1110 chan->omtu = pchan->omtu;
1111 chan->conf_state = pchan->conf_state;
1112 chan->mode = pchan->mode;
1113 chan->fcs = pchan->fcs;
1114 chan->max_tx = pchan->max_tx;
1115 chan->tx_win = pchan->tx_win;
1116 chan->tx_win_max = pchan->tx_win_max;
1117 chan->sec_level = pchan->sec_level;
1118 chan->flags = pchan->flags;
1120 security_sk_clone(parent, sk);
1123 switch (sk->sk_type) {
1125 chan->chan_type = L2CAP_CHAN_RAW;
1128 chan->chan_type = L2CAP_CHAN_CONN_LESS;
1130 case SOCK_SEQPACKET:
1132 chan->chan_type = L2CAP_CHAN_CONN_ORIENTED;
1136 chan->imtu = L2CAP_DEFAULT_MTU;
1138 if (!disable_ertm && sk->sk_type == SOCK_STREAM) {
1139 chan->mode = L2CAP_MODE_ERTM;
1140 set_bit(CONF_STATE2_DEVICE, &chan->conf_state);
1142 chan->mode = L2CAP_MODE_BASIC;
1145 l2cap_chan_set_defaults(chan);
1148 /* Default config options */
1149 chan->flush_to = L2CAP_DEFAULT_FLUSH_TO;
1152 chan->ops = &l2cap_chan_ops;
1155 static struct proto l2cap_proto = {
1157 .owner = THIS_MODULE,
1158 .obj_size = sizeof(struct l2cap_pinfo)
1161 static struct sock *l2cap_sock_alloc(struct net *net, struct socket *sock, int proto, gfp_t prio)
1164 struct l2cap_chan *chan;
1166 sk = sk_alloc(net, PF_BLUETOOTH, prio, &l2cap_proto);
1170 sock_init_data(sock, sk);
1171 INIT_LIST_HEAD(&bt_sk(sk)->accept_q);
1173 sk->sk_destruct = l2cap_sock_destruct;
1174 sk->sk_sndtimeo = L2CAP_CONN_TIMEOUT;
1176 sock_reset_flag(sk, SOCK_ZAPPED);
1178 sk->sk_protocol = proto;
1179 sk->sk_state = BT_OPEN;
1181 chan = l2cap_chan_create();
1187 l2cap_chan_hold(chan);
1191 l2cap_pi(sk)->chan = chan;
1196 static int l2cap_sock_create(struct net *net, struct socket *sock, int protocol,
1201 BT_DBG("sock %p", sock);
1203 sock->state = SS_UNCONNECTED;
1205 if (sock->type != SOCK_SEQPACKET && sock->type != SOCK_STREAM &&
1206 sock->type != SOCK_DGRAM && sock->type != SOCK_RAW)
1207 return -ESOCKTNOSUPPORT;
1209 if (sock->type == SOCK_RAW && !kern && !capable(CAP_NET_RAW))
1212 sock->ops = &l2cap_sock_ops;
1214 sk = l2cap_sock_alloc(net, sock, protocol, GFP_ATOMIC);
1218 l2cap_sock_init(sk, NULL);
1219 bt_sock_link(&l2cap_sk_list, sk);
1223 static const struct proto_ops l2cap_sock_ops = {
1224 .family = PF_BLUETOOTH,
1225 .owner = THIS_MODULE,
1226 .release = l2cap_sock_release,
1227 .bind = l2cap_sock_bind,
1228 .connect = l2cap_sock_connect,
1229 .listen = l2cap_sock_listen,
1230 .accept = l2cap_sock_accept,
1231 .getname = l2cap_sock_getname,
1232 .sendmsg = l2cap_sock_sendmsg,
1233 .recvmsg = l2cap_sock_recvmsg,
1234 .poll = bt_sock_poll,
1235 .ioctl = bt_sock_ioctl,
1236 .mmap = sock_no_mmap,
1237 .socketpair = sock_no_socketpair,
1238 .shutdown = l2cap_sock_shutdown,
1239 .setsockopt = l2cap_sock_setsockopt,
1240 .getsockopt = l2cap_sock_getsockopt
1243 static const struct net_proto_family l2cap_sock_family_ops = {
1244 .family = PF_BLUETOOTH,
1245 .owner = THIS_MODULE,
1246 .create = l2cap_sock_create,
1249 int __init l2cap_init_sockets(void)
1253 err = proto_register(&l2cap_proto, 0);
1257 err = bt_sock_register(BTPROTO_L2CAP, &l2cap_sock_family_ops);
1259 BT_ERR("L2CAP socket registration failed");
1263 err = bt_procfs_init(THIS_MODULE, &init_net, "l2cap", &l2cap_sk_list, NULL);
1265 BT_ERR("Failed to create L2CAP proc file");
1266 bt_sock_unregister(BTPROTO_L2CAP);
1270 BT_INFO("L2CAP socket layer initialized");
1275 proto_unregister(&l2cap_proto);
1279 void l2cap_cleanup_sockets(void)
1281 bt_procfs_cleanup(&init_net, "l2cap");
1282 if (bt_sock_unregister(BTPROTO_L2CAP) < 0)
1283 BT_ERR("L2CAP socket unregistration failed");
1285 proto_unregister(&l2cap_proto);