1 /*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
23 */
25 /* Bluetooth SCO sockets. */
27 #include <linux/module.h>
28 #include <linux/debugfs.h>
29 #include <linux/seq_file.h>
31 #include <net/bluetooth/bluetooth.h>
32 #include <net/bluetooth/hci_core.h>
33 #include <net/bluetooth/sco.h>
35 static bool disable_esco;
37 static const struct proto_ops sco_sock_ops;
39 static struct bt_sock_list sco_sk_list = {
40 .lock = __RW_LOCK_UNLOCKED(sco_sk_list.lock)
41 };
43 static void __sco_chan_add(struct sco_conn *conn, struct sock *sk, struct sock *parent);
44 static void sco_chan_del(struct sock *sk, int err);
46 static void sco_sock_close(struct sock *sk);
47 static void sco_sock_kill(struct sock *sk);
49 /* ---- SCO timers ---- */
50 static void sco_sock_timeout(unsigned long arg)
51 {
52 struct sock *sk = (struct sock *) arg;
54 BT_DBG("sock %p state %d", sk, sk->sk_state);
56 bh_lock_sock(sk);
57 sk->sk_err = ETIMEDOUT;
58 sk->sk_state_change(sk);
59 bh_unlock_sock(sk);
61 sco_sock_kill(sk);
62 sock_put(sk);
63 }
65 static void sco_sock_set_timer(struct sock *sk, long timeout)
66 {
67 BT_DBG("sock %p state %d timeout %ld", sk, sk->sk_state, timeout);
68 sk_reset_timer(sk, &sk->sk_timer, jiffies + timeout);
69 }
71 static void sco_sock_clear_timer(struct sock *sk)
72 {
73 BT_DBG("sock %p state %d", sk, sk->sk_state);
74 sk_stop_timer(sk, &sk->sk_timer);
75 }
77 /* ---- SCO connections ---- */
78 static struct sco_conn *sco_conn_add(struct hci_conn *hcon)
79 {
80 struct hci_dev *hdev = hcon->hdev;
81 struct sco_conn *conn = hcon->sco_data;
83 if (conn)
84 return conn;
86 conn = kzalloc(sizeof(struct sco_conn), GFP_ATOMIC);
87 if (!conn)
88 return NULL;
90 spin_lock_init(&conn->lock);
92 hcon->sco_data = conn;
93 conn->hcon = hcon;
95 conn->src = &hdev->bdaddr;
96 conn->dst = &hcon->dst;
98 if (hdev->sco_mtu > 0)
99 conn->mtu = hdev->sco_mtu;
100 else
101 conn->mtu = 60;
103 BT_DBG("hcon %p conn %p", hcon, conn);
105 return conn;
106 }
108 static struct sock *sco_chan_get(struct sco_conn *conn)
109 {
110 struct sock *sk = NULL;
111 sco_conn_lock(conn);
112 sk = conn->sk;
113 sco_conn_unlock(conn);
114 return sk;
115 }
117 static int sco_conn_del(struct hci_conn *hcon, int err)
118 {
119 struct sco_conn *conn = hcon->sco_data;
120 struct sock *sk;
122 if (!conn)
123 return 0;
125 BT_DBG("hcon %p conn %p, err %d", hcon, conn, err);
127 /* Kill socket */
128 sk = sco_chan_get(conn);
129 if (sk) {
130 bh_lock_sock(sk);
131 sco_sock_clear_timer(sk);
132 sco_chan_del(sk, err);
133 bh_unlock_sock(sk);
134 sco_sock_kill(sk);
135 }
137 hcon->sco_data = NULL;
138 kfree(conn);
139 return 0;
140 }
142 static int sco_chan_add(struct sco_conn *conn, struct sock *sk,
143 struct sock *parent)
144 {
145 int err = 0;
147 sco_conn_lock(conn);
148 if (conn->sk)
149 err = -EBUSY;
150 else
151 __sco_chan_add(conn, sk, parent);
153 sco_conn_unlock(conn);
154 return err;
155 }
157 static int sco_connect(struct sock *sk)
158 {
159 bdaddr_t *src = &bt_sk(sk)->src;
160 bdaddr_t *dst = &bt_sk(sk)->dst;
161 __u16 pkt_type = sco_pi(sk)->pkt_type;
162 struct sco_conn *conn;
163 struct hci_conn *hcon;
164 struct hci_dev *hdev;
165 int err, type;
167 BT_DBG("%pMR -> %pMR", src, dst);
169 hdev = hci_get_route(dst, src);
170 if (!hdev)
171 return -EHOSTUNREACH;
173 hci_dev_lock(hdev);
175 if (lmp_esco_capable(hdev) && !disable_esco)
176 type = ESCO_LINK;
177 else {
178 type = SCO_LINK;
179 pkt_type &= SCO_ESCO_MASK;
180 }
182 hcon = hci_connect(hdev, type, pkt_type, dst, BDADDR_BREDR,
183 BT_SECURITY_LOW, HCI_AT_NO_BONDING);
184 if (IS_ERR(hcon)) {
185 err = PTR_ERR(hcon);
186 goto done;
187 }
189 conn = sco_conn_add(hcon);
190 if (!conn) {
191 hci_conn_put(hcon);
192 err = -ENOMEM;
193 goto done;
194 }
196 /* Update source addr of the socket */
197 bacpy(src, conn->src);
199 err = sco_chan_add(conn, sk, NULL);
200 if (err)
201 goto done;
203 if (hcon->state == BT_CONNECTED) {
204 sco_sock_clear_timer(sk);
205 sk->sk_state = BT_CONNECTED;
206 } else {
207 sk->sk_state = BT_CONNECT;
208 sco_sock_set_timer(sk, sk->sk_sndtimeo);
209 }
211 done:
212 hci_dev_unlock(hdev);
213 hci_dev_put(hdev);
214 return err;
215 }
217 static int sco_send_frame(struct sock *sk, struct msghdr *msg, int len)
218 {
219 struct sco_conn *conn = sco_pi(sk)->conn;
220 struct sk_buff *skb;
221 int err;
223 /* Check outgoing MTU */
224 if (len > conn->mtu)
225 return -EINVAL;
227 BT_DBG("sk %p len %d", sk, len);
229 skb = bt_skb_send_alloc(sk, len, msg->msg_flags & MSG_DONTWAIT, &err);
230 if (!skb)
231 return err;
233 if (memcpy_fromiovec(skb_put(skb, len), msg->msg_iov, len)) {
234 kfree_skb(skb);
235 return -EFAULT;
236 }
238 hci_send_sco(conn->hcon, skb);
240 return len;
241 }
243 static void sco_recv_frame(struct sco_conn *conn, struct sk_buff *skb)
244 {
245 struct sock *sk = sco_chan_get(conn);
247 if (!sk)
248 goto drop;
250 BT_DBG("sk %p len %d", sk, skb->len);
252 if (sk->sk_state != BT_CONNECTED)
253 goto drop;
255 if (!sock_queue_rcv_skb(sk, skb))
256 return;
258 drop:
259 kfree_skb(skb);
260 }
262 /* -------- Socket interface ---------- */
263 static struct sock *__sco_get_sock_listen_by_addr(bdaddr_t *ba)
264 {
265 struct hlist_node *node;
266 struct sock *sk;
268 sk_for_each(sk, node, &sco_sk_list.head) {
269 if (sk->sk_state != BT_LISTEN)
270 continue;
272 if (!bacmp(&bt_sk(sk)->src, ba))
273 return sk;
274 }
276 return NULL;
277 }
279 /* Find socket listening on source bdaddr.
280 * Returns closest match.
281 */
282 static struct sock *sco_get_sock_listen(bdaddr_t *src)
283 {
284 struct sock *sk = NULL, *sk1 = NULL;
285 struct hlist_node *node;
287 read_lock(&sco_sk_list.lock);
289 sk_for_each(sk, node, &sco_sk_list.head) {
290 if (sk->sk_state != BT_LISTEN)
291 continue;
293 /* Exact match. */
294 if (!bacmp(&bt_sk(sk)->src, src))
295 break;
297 /* Closest match */
298 if (!bacmp(&bt_sk(sk)->src, BDADDR_ANY))
299 sk1 = sk;
300 }
302 read_unlock(&sco_sk_list.lock);
304 return node ? sk : sk1;
305 }
307 static void sco_sock_destruct(struct sock *sk)
308 {
309 BT_DBG("sk %p", sk);
311 skb_queue_purge(&sk->sk_receive_queue);
312 skb_queue_purge(&sk->sk_write_queue);
313 }
315 static void sco_sock_cleanup_listen(struct sock *parent)
316 {
317 struct sock *sk;
319 BT_DBG("parent %p", parent);
321 /* Close not yet accepted channels */
322 while ((sk = bt_accept_dequeue(parent, NULL))) {
323 sco_sock_close(sk);
324 sco_sock_kill(sk);
325 }
327 parent->sk_state = BT_CLOSED;
328 sock_set_flag(parent, SOCK_ZAPPED);
329 }
331 /* Kill socket (only if zapped and orphan)
332 * Must be called on unlocked socket.
333 */
334 static void sco_sock_kill(struct sock *sk)
335 {
336 if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket)
337 return;
339 BT_DBG("sk %p state %d", sk, sk->sk_state);
341 /* Kill poor orphan */
342 bt_sock_unlink(&sco_sk_list, sk);
343 sock_set_flag(sk, SOCK_DEAD);
344 sock_put(sk);
345 }
347 static void __sco_sock_close(struct sock *sk)
348 {
349 BT_DBG("sk %p state %d socket %p", sk, sk->sk_state, sk->sk_socket);
351 switch (sk->sk_state) {
352 case BT_LISTEN:
353 sco_sock_cleanup_listen(sk);
354 break;
356 case BT_CONNECTED:
357 case BT_CONFIG:
358 if (sco_pi(sk)->conn->hcon) {
359 sk->sk_state = BT_DISCONN;
360 sco_sock_set_timer(sk, SCO_DISCONN_TIMEOUT);
361 hci_conn_put(sco_pi(sk)->conn->hcon);
362 sco_pi(sk)->conn->hcon = NULL;
363 } else
364 sco_chan_del(sk, ECONNRESET);
365 break;
367 case BT_CONNECT2:
368 case BT_CONNECT:
369 case BT_DISCONN:
370 sco_chan_del(sk, ECONNRESET);
371 break;
373 default:
374 sock_set_flag(sk, SOCK_ZAPPED);
375 break;
376 }
377 }
379 /* Must be called on unlocked socket. */
380 static void sco_sock_close(struct sock *sk)
381 {
382 sco_sock_clear_timer(sk);
383 lock_sock(sk);
384 __sco_sock_close(sk);
385 release_sock(sk);
386 sco_sock_kill(sk);
387 }
389 static void sco_sock_init(struct sock *sk, struct sock *parent)
390 {
391 BT_DBG("sk %p", sk);
393 if (parent) {
394 sk->sk_type = parent->sk_type;
395 bt_sk(sk)->flags = bt_sk(parent)->flags;
396 security_sk_clone(parent, sk);
397 }
398 }
400 static struct proto sco_proto = {
401 .name = "SCO",
402 .owner = THIS_MODULE,
403 .obj_size = sizeof(struct sco_pinfo)
404 };
406 static struct sock *sco_sock_alloc(struct net *net, struct socket *sock, int proto, gfp_t prio)
407 {
408 struct sock *sk;
410 sk = sk_alloc(net, PF_BLUETOOTH, prio, &sco_proto);
411 if (!sk)
412 return NULL;
414 sock_init_data(sock, sk);
415 INIT_LIST_HEAD(&bt_sk(sk)->accept_q);
417 sk->sk_destruct = sco_sock_destruct;
418 sk->sk_sndtimeo = SCO_CONN_TIMEOUT;
420 sock_reset_flag(sk, SOCK_ZAPPED);
422 sk->sk_protocol = proto;
423 sk->sk_state = BT_OPEN;
425 setup_timer(&sk->sk_timer, sco_sock_timeout, (unsigned long)sk);
427 bt_sock_link(&sco_sk_list, sk);
428 return sk;
429 }
431 static int sco_sock_create(struct net *net, struct socket *sock, int protocol,
432 int kern)
433 {
434 struct sock *sk;
436 BT_DBG("sock %p", sock);
438 sock->state = SS_UNCONNECTED;
440 if (sock->type != SOCK_SEQPACKET)
441 return -ESOCKTNOSUPPORT;
443 sock->ops = &sco_sock_ops;
445 sk = sco_sock_alloc(net, sock, protocol, GFP_ATOMIC);
446 if (!sk)
447 return -ENOMEM;
449 sco_sock_init(sk, NULL);
450 return 0;
451 }
453 static int sco_sock_bind(struct socket *sock, struct sockaddr *addr, int alen)
454 {
455 struct sockaddr_sco sa;
456 struct sock *sk = sock->sk;
457 int len, err = 0;
459 BT_DBG("sk %p %pMR", sk, &sa.sco_bdaddr);
461 if (!addr || addr->sa_family != AF_BLUETOOTH)
462 return -EINVAL;
464 memset(&sa, 0, sizeof(sa));
465 len = min_t(unsigned int, sizeof(sa), alen);
466 memcpy(&sa, addr, len);
468 lock_sock(sk);
470 if (sk->sk_state != BT_OPEN) {
471 err = -EBADFD;
472 goto done;
473 }
475 if (sk->sk_type != SOCK_SEQPACKET) {
476 err = -EINVAL;
477 goto done;
478 }
480 bacpy(&bt_sk(sk)->src, &sa.sco_bdaddr);
481 sco_pi(sk)->pkt_type = sa.sco_pkt_type;
483 sk->sk_state = BT_BOUND;
485 done:
486 release_sock(sk);
487 return err;
488 }
490 static int sco_sock_connect(struct socket *sock, struct sockaddr *addr, int alen, int flags)
491 {
492 struct sock *sk = sock->sk;
493 struct sockaddr_sco sa;
494 int len, err = 0;
496 BT_DBG("sk %p", sk);
498 if (!addr || addr->sa_family != AF_BLUETOOTH)
499 return -EINVAL;
501 memset(&sa, 0, sizeof(sa));
502 len = min_t(unsigned int, sizeof(sa), alen);
503 memcpy(&sa, addr, len);
505 lock_sock(sk);
507 if (sk->sk_type != SOCK_SEQPACKET) {
508 err = -EINVAL;
509 goto done;
510 }
512 if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND) {
513 err = -EBADFD;
514 goto done;
515 }
517 /* Set destination address and psm */
518 bacpy(&bt_sk(sk)->dst, &sa.sco_bdaddr);
519 sco_pi(sk)->pkt_type = sa.sco_pkt_type;
521 err = sco_connect(sk);
522 if (err)
523 goto done;
525 err = bt_sock_wait_state(sk, BT_CONNECTED,
526 sock_sndtimeo(sk, flags & O_NONBLOCK));
528 done:
529 release_sock(sk);
530 return err;
531 }
533 static int sco_sock_listen(struct socket *sock, int backlog)
534 {
535 struct sock *sk = sock->sk;
536 bdaddr_t *src = &bt_sk(sk)->src;
537 int err = 0;
539 BT_DBG("sk %p backlog %d", sk, backlog);
541 lock_sock(sk);
543 if (sk->sk_state != BT_BOUND) {
544 err = -EBADFD;
545 goto done;
546 }
548 if (sk->sk_type != SOCK_SEQPACKET) {
549 err = -EINVAL;
550 goto done;
551 }
553 write_lock(&sco_sk_list.lock);
555 if (__sco_get_sock_listen_by_addr(src)) {
556 err = -EADDRINUSE;
557 goto unlock;
558 }
560 sk->sk_max_ack_backlog = backlog;
561 sk->sk_ack_backlog = 0;
563 sk->sk_state = BT_LISTEN;
565 unlock:
566 write_unlock(&sco_sk_list.lock);
568 done:
569 release_sock(sk);
570 return err;
571 }
573 static int sco_sock_accept(struct socket *sock, struct socket *newsock, int flags)
574 {
575 DECLARE_WAITQUEUE(wait, current);
576 struct sock *sk = sock->sk, *ch;
577 long timeo;
578 int err = 0;
580 lock_sock(sk);
582 timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK);
584 BT_DBG("sk %p timeo %ld", sk, timeo);
586 /* Wait for an incoming connection. (wake-one). */
587 add_wait_queue_exclusive(sk_sleep(sk), &wait);
588 while (1) {
589 set_current_state(TASK_INTERRUPTIBLE);
591 if (sk->sk_state != BT_LISTEN) {
592 err = -EBADFD;
593 break;
594 }
596 ch = bt_accept_dequeue(sk, newsock);
597 if (ch)
598 break;
600 if (!timeo) {
601 err = -EAGAIN;
602 break;
603 }
605 if (signal_pending(current)) {
606 err = sock_intr_errno(timeo);
607 break;
608 }
610 release_sock(sk);
611 timeo = schedule_timeout(timeo);
612 lock_sock(sk);
613 }
614 __set_current_state(TASK_RUNNING);
615 remove_wait_queue(sk_sleep(sk), &wait);
617 if (err)
618 goto done;
620 newsock->state = SS_CONNECTED;
622 BT_DBG("new socket %p", ch);
624 done:
625 release_sock(sk);
626 return err;
627 }
629 static int sco_sock_getname(struct socket *sock, struct sockaddr *addr, int *len, int peer)
630 {
631 struct sockaddr_sco *sa = (struct sockaddr_sco *) addr;
632 struct sock *sk = sock->sk;
634 BT_DBG("sock %p, sk %p", sock, sk);
636 addr->sa_family = AF_BLUETOOTH;
637 *len = sizeof(struct sockaddr_sco);
639 if (peer)
640 bacpy(&sa->sco_bdaddr, &bt_sk(sk)->dst);
641 else
642 bacpy(&sa->sco_bdaddr, &bt_sk(sk)->src);
643 sa->sco_pkt_type = sco_pi(sk)->pkt_type;
645 return 0;
646 }
648 static int sco_sock_sendmsg(struct kiocb *iocb, struct socket *sock,
649 struct msghdr *msg, size_t len)
650 {
651 struct sock *sk = sock->sk;
652 int err;
654 BT_DBG("sock %p, sk %p", sock, sk);
656 err = sock_error(sk);
657 if (err)
658 return err;
660 if (msg->msg_flags & MSG_OOB)
661 return -EOPNOTSUPP;
663 lock_sock(sk);
665 if (sk->sk_state == BT_CONNECTED)
666 err = sco_send_frame(sk, msg, len);
667 else
668 err = -ENOTCONN;
670 release_sock(sk);
671 return err;
672 }
674 static int sco_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
675 struct msghdr *msg, size_t len, int flags)
676 {
677 struct sock *sk = sock->sk;
678 struct sco_pinfo *pi = sco_pi(sk);
680 lock_sock(sk);
682 if (sk->sk_state == BT_CONNECT2 &&
683 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) {
684 hci_conn_accept(pi->conn->hcon, 0);
685 sk->sk_state = BT_CONFIG;
686 msg->msg_namelen = 0;
688 release_sock(sk);
689 return 0;
690 }
692 release_sock(sk);
694 return bt_sock_recvmsg(iocb, sock, msg, len, flags);
695 }
697 static int sco_sock_setsockopt(struct socket *sock, int level, int optname, char __user *optval, unsigned int optlen)
698 {
699 struct sock *sk = sock->sk;
700 int err = 0;
701 u32 opt;
703 BT_DBG("sk %p", sk);
705 lock_sock(sk);
707 switch (optname) {
709 case BT_DEFER_SETUP:
710 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
711 err = -EINVAL;
712 break;
713 }
715 if (get_user(opt, (u32 __user *) optval)) {
716 err = -EFAULT;
717 break;
718 }
720 if (opt)
721 set_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
722 else
723 clear_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
724 break;
726 default:
727 err = -ENOPROTOOPT;
728 break;
729 }
731 release_sock(sk);
732 return err;
733 }
735 static int sco_sock_getsockopt_old(struct socket *sock, int optname, char __user *optval, int __user *optlen)
736 {
737 struct sock *sk = sock->sk;
738 struct sco_options opts;
739 struct sco_conninfo cinfo;
740 int len, err = 0;
742 BT_DBG("sk %p", sk);
744 if (get_user(len, optlen))
745 return -EFAULT;
747 lock_sock(sk);
749 switch (optname) {
750 case SCO_OPTIONS:
751 if (sk->sk_state != BT_CONNECTED) {
752 err = -ENOTCONN;
753 break;
754 }
756 opts.mtu = sco_pi(sk)->conn->mtu;
758 BT_DBG("mtu %d", opts.mtu);
760 len = min_t(unsigned int, len, sizeof(opts));
761 if (copy_to_user(optval, (char *)&opts, len))
762 err = -EFAULT;
764 break;
766 case SCO_CONNINFO:
767 if (sk->sk_state != BT_CONNECTED) {
768 err = -ENOTCONN;
769 break;
770 }
772 memset(&cinfo, 0, sizeof(cinfo));
773 cinfo.hci_handle = sco_pi(sk)->conn->hcon->handle;
774 memcpy(cinfo.dev_class, sco_pi(sk)->conn->hcon->dev_class, 3);
776 len = min_t(unsigned int, len, sizeof(cinfo));
777 if (copy_to_user(optval, (char *)&cinfo, len))
778 err = -EFAULT;
780 break;
782 default:
783 err = -ENOPROTOOPT;
784 break;
785 }
787 release_sock(sk);
788 return err;
789 }
791 static int sco_sock_getsockopt(struct socket *sock, int level, int optname, char __user *optval, int __user *optlen)
792 {
793 struct sock *sk = sock->sk;
794 int len, err = 0;
796 BT_DBG("sk %p", sk);
798 if (level == SOL_SCO)
799 return sco_sock_getsockopt_old(sock, optname, optval, optlen);
801 if (get_user(len, optlen))
802 return -EFAULT;
804 lock_sock(sk);
806 switch (optname) {
808 case BT_DEFER_SETUP:
809 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
810 err = -EINVAL;
811 break;
812 }
814 if (put_user(test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags),
815 (u32 __user *) optval))
816 err = -EFAULT;
818 break;
820 default:
821 err = -ENOPROTOOPT;
822 break;
823 }
825 release_sock(sk);
826 return err;
827 }
829 static int sco_sock_shutdown(struct socket *sock, int how)
830 {
831 struct sock *sk = sock->sk;
832 int err = 0;
834 BT_DBG("sock %p, sk %p", sock, sk);
836 if (!sk)
837 return 0;
839 lock_sock(sk);
840 if (!sk->sk_shutdown) {
841 sk->sk_shutdown = SHUTDOWN_MASK;
842 sco_sock_clear_timer(sk);
843 __sco_sock_close(sk);
845 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime)
846 err = bt_sock_wait_state(sk, BT_CLOSED,
847 sk->sk_lingertime);
848 }
849 release_sock(sk);
850 return err;
851 }
853 static int sco_sock_release(struct socket *sock)
854 {
855 struct sock *sk = sock->sk;
856 int err = 0;
858 BT_DBG("sock %p, sk %p", sock, sk);
860 if (!sk)
861 return 0;
863 sco_sock_close(sk);
865 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime) {
866 lock_sock(sk);
867 err = bt_sock_wait_state(sk, BT_CLOSED, sk->sk_lingertime);
868 release_sock(sk);
869 }
871 sock_orphan(sk);
872 sco_sock_kill(sk);
873 return err;
874 }
876 static void __sco_chan_add(struct sco_conn *conn, struct sock *sk, struct sock *parent)
877 {
878 BT_DBG("conn %p", conn);
880 sco_pi(sk)->conn = conn;
881 conn->sk = sk;
883 if (parent)
884 bt_accept_enqueue(parent, sk);
885 }
887 /* Delete channel.
888 * Must be called on the locked socket. */
889 static void sco_chan_del(struct sock *sk, int err)
890 {
891 struct sco_conn *conn;
893 conn = sco_pi(sk)->conn;
895 BT_DBG("sk %p, conn %p, err %d", sk, conn, err);
897 if (conn) {
898 sco_conn_lock(conn);
899 conn->sk = NULL;
900 sco_pi(sk)->conn = NULL;
901 sco_conn_unlock(conn);
903 if (conn->hcon)
904 hci_conn_put(conn->hcon);
905 }
907 sk->sk_state = BT_CLOSED;
908 sk->sk_err = err;
909 sk->sk_state_change(sk);
911 sock_set_flag(sk, SOCK_ZAPPED);
912 }
914 static void sco_conn_ready(struct sco_conn *conn)
915 {
916 struct sock *parent;
917 struct sock *sk = conn->sk;
919 BT_DBG("conn %p", conn);
921 if (sk) {
922 sco_sock_clear_timer(sk);
923 bh_lock_sock(sk);
924 sk->sk_state = BT_CONNECTED;
925 sk->sk_state_change(sk);
926 bh_unlock_sock(sk);
927 } else {
928 sco_conn_lock(conn);
930 parent = sco_get_sock_listen(conn->src);
931 if (!parent) {
932 sco_conn_unlock(conn);
933 return;
934 }
936 bh_lock_sock(parent);
938 sk = sco_sock_alloc(sock_net(parent), NULL,
939 BTPROTO_SCO, GFP_ATOMIC);
940 if (!sk) {
941 bh_unlock_sock(parent);
942 sco_conn_unlock(conn);
943 return;
944 }
946 sco_sock_init(sk, parent);
948 bacpy(&bt_sk(sk)->src, conn->src);
949 bacpy(&bt_sk(sk)->dst, conn->dst);
951 hci_conn_hold(conn->hcon);
952 __sco_chan_add(conn, sk, parent);
954 if (test_bit(BT_SK_DEFER_SETUP, &bt_sk(parent)->flags))
955 sk->sk_state = BT_CONNECT2;
956 else
957 sk->sk_state = BT_CONNECTED;
959 /* Wake up parent */
960 parent->sk_data_ready(parent, 1);
962 bh_unlock_sock(parent);
964 sco_conn_unlock(conn);
965 }
966 }
968 /* ----- SCO interface with lower layer (HCI) ----- */
969 int sco_connect_ind(struct hci_dev *hdev, bdaddr_t *bdaddr, __u8 *flags)
970 {
971 struct sock *sk;
972 struct hlist_node *node;
973 int lm = 0;
975 BT_DBG("hdev %s, bdaddr %pMR", hdev->name, bdaddr);
977 /* Find listening sockets */
978 read_lock(&sco_sk_list.lock);
979 sk_for_each(sk, node, &sco_sk_list.head) {
980 if (sk->sk_state != BT_LISTEN)
981 continue;
983 if (!bacmp(&bt_sk(sk)->src, &hdev->bdaddr) ||
984 !bacmp(&bt_sk(sk)->src, BDADDR_ANY)) {
985 lm |= HCI_LM_ACCEPT;
987 if (test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags))
988 *flags |= HCI_PROTO_DEFER;
989 break;
990 }
991 }
992 read_unlock(&sco_sk_list.lock);
994 return lm;
995 }
997 void sco_connect_cfm(struct hci_conn *hcon, __u8 status)
998 {
999 BT_DBG("hcon %p bdaddr %pMR status %d", hcon, &hcon->dst, status);
1000 if (!status) {
1001 struct sco_conn *conn;
1003 conn = sco_conn_add(hcon);
1004 if (conn)
1005 sco_conn_ready(conn);
1006 } else
1007 sco_conn_del(hcon, bt_to_errno(status));
1008 }
1010 void sco_disconn_cfm(struct hci_conn *hcon, __u8 reason)
1011 {
1012 BT_DBG("hcon %p reason %d", hcon, reason);
1014 sco_conn_del(hcon, bt_to_errno(reason));
1015 }
1017 int sco_recv_scodata(struct hci_conn *hcon, struct sk_buff *skb)
1018 {
1019 struct sco_conn *conn = hcon->sco_data;
1021 if (!conn)
1022 goto drop;
1024 BT_DBG("conn %p len %d", conn, skb->len);
1026 if (skb->len) {
1027 sco_recv_frame(conn, skb);
1028 return 0;
1029 }
1031 drop:
1032 kfree_skb(skb);
1033 return 0;
1034 }
1036 static int sco_debugfs_show(struct seq_file *f, void *p)
1037 {
1038 struct sock *sk;
1039 struct hlist_node *node;
1041 read_lock(&sco_sk_list.lock);
1043 sk_for_each(sk, node, &sco_sk_list.head) {
1044 seq_printf(f, "%pMR %pMR %d\n", &bt_sk(sk)->src,
1045 &bt_sk(sk)->dst, sk->sk_state);
1046 }
1048 read_unlock(&sco_sk_list.lock);
1050 return 0;
1051 }
1053 static int sco_debugfs_open(struct inode *inode, struct file *file)
1054 {
1055 return single_open(file, sco_debugfs_show, inode->i_private);
1056 }
1058 static const struct file_operations sco_debugfs_fops = {
1059 .open = sco_debugfs_open,
1060 .read = seq_read,
1061 .llseek = seq_lseek,
1062 .release = single_release,
1063 };
1065 static struct dentry *sco_debugfs;
1067 static const struct proto_ops sco_sock_ops = {
1068 .family = PF_BLUETOOTH,
1069 .owner = THIS_MODULE,
1070 .release = sco_sock_release,
1071 .bind = sco_sock_bind,
1072 .connect = sco_sock_connect,
1073 .listen = sco_sock_listen,
1074 .accept = sco_sock_accept,
1075 .getname = sco_sock_getname,
1076 .sendmsg = sco_sock_sendmsg,
1077 .recvmsg = sco_sock_recvmsg,
1078 .poll = bt_sock_poll,
1079 .ioctl = bt_sock_ioctl,
1080 .mmap = sock_no_mmap,
1081 .socketpair = sock_no_socketpair,
1082 .shutdown = sco_sock_shutdown,
1083 .setsockopt = sco_sock_setsockopt,
1084 .getsockopt = sco_sock_getsockopt
1085 };
1087 static const struct net_proto_family sco_sock_family_ops = {
1088 .family = PF_BLUETOOTH,
1089 .owner = THIS_MODULE,
1090 .create = sco_sock_create,
1091 };
1093 int __init sco_init(void)
1094 {
1095 int err;
1097 err = proto_register(&sco_proto, 0);
1098 if (err < 0)
1099 return err;
1101 err = bt_sock_register(BTPROTO_SCO, &sco_sock_family_ops);
1102 if (err < 0) {
1103 BT_ERR("SCO socket registration failed");
1104 goto error;
1105 }
1107 err = bt_procfs_init(THIS_MODULE, &init_net, "sco", &sco_sk_list, NULL);
1108 if (err < 0) {
1109 BT_ERR("Failed to create SCO proc file");
1110 bt_sock_unregister(BTPROTO_SCO);
1111 goto error;
1112 }
1114 if (bt_debugfs) {
1115 sco_debugfs = debugfs_create_file("sco", 0444, bt_debugfs,
1116 NULL, &sco_debugfs_fops);
1117 if (!sco_debugfs)
1118 BT_ERR("Failed to create SCO debug file");
1119 }
1121 BT_INFO("SCO socket layer initialized");
1123 return 0;
1125 error:
1126 proto_unregister(&sco_proto);
1127 return err;
1128 }
1130 void __exit sco_exit(void)
1131 {
1132 bt_procfs_cleanup(&init_net, "sco");
1134 debugfs_remove(sco_debugfs);
1136 if (bt_sock_unregister(BTPROTO_SCO) < 0)
1137 BT_ERR("SCO socket unregistration failed");
1139 proto_unregister(&sco_proto);
1140 }
1142 module_param(disable_esco, bool, 0644);
1143 MODULE_PARM_DESC(disable_esco, "Disable eSCO connection creation");