1 /*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
23 */
25 /* Bluetooth SCO sockets. */
27 #include <linux/module.h>
28 #include <linux/debugfs.h>
29 #include <linux/seq_file.h>
31 #include <net/bluetooth/bluetooth.h>
32 #include <net/bluetooth/hci_core.h>
33 #include <net/bluetooth/sco.h>
35 static bool disable_esco;
37 static const struct proto_ops sco_sock_ops;
39 static struct bt_sock_list sco_sk_list = {
40 .lock = __RW_LOCK_UNLOCKED(sco_sk_list.lock)
41 };
43 static void __sco_chan_add(struct sco_conn *conn, struct sock *sk, struct sock *parent);
44 static void sco_chan_del(struct sock *sk, int err);
46 static void sco_sock_close(struct sock *sk);
47 static void sco_sock_kill(struct sock *sk);
49 /* ---- SCO timers ---- */
50 static void sco_sock_timeout(unsigned long arg)
51 {
52 struct sock *sk = (struct sock *) arg;
54 BT_DBG("sock %p state %d", sk, sk->sk_state);
56 bh_lock_sock(sk);
57 sk->sk_err = ETIMEDOUT;
58 sk->sk_state_change(sk);
59 bh_unlock_sock(sk);
61 sco_sock_kill(sk);
62 sock_put(sk);
63 }
65 static void sco_sock_set_timer(struct sock *sk, long timeout)
66 {
67 BT_DBG("sock %p state %d timeout %ld", sk, sk->sk_state, timeout);
68 sk_reset_timer(sk, &sk->sk_timer, jiffies + timeout);
69 }
71 static void sco_sock_clear_timer(struct sock *sk)
72 {
73 BT_DBG("sock %p state %d", sk, sk->sk_state);
74 sk_stop_timer(sk, &sk->sk_timer);
75 }
77 /* ---- SCO connections ---- */
78 static struct sco_conn *sco_conn_add(struct hci_conn *hcon)
79 {
80 struct hci_dev *hdev = hcon->hdev;
81 struct sco_conn *conn = hcon->sco_data;
83 if (conn)
84 return conn;
86 conn = kzalloc(sizeof(struct sco_conn), GFP_ATOMIC);
87 if (!conn)
88 return NULL;
90 spin_lock_init(&conn->lock);
92 hcon->sco_data = conn;
93 conn->hcon = hcon;
95 conn->src = &hdev->bdaddr;
96 conn->dst = &hcon->dst;
98 if (hdev->sco_mtu > 0)
99 conn->mtu = hdev->sco_mtu;
100 else
101 conn->mtu = 60;
103 BT_DBG("hcon %p conn %p", hcon, conn);
105 return conn;
106 }
108 static struct sock *sco_chan_get(struct sco_conn *conn)
109 {
110 struct sock *sk = NULL;
111 sco_conn_lock(conn);
112 sk = conn->sk;
113 sco_conn_unlock(conn);
114 return sk;
115 }
117 static int sco_conn_del(struct hci_conn *hcon, int err)
118 {
119 struct sco_conn *conn = hcon->sco_data;
120 struct sock *sk;
122 if (!conn)
123 return 0;
125 BT_DBG("hcon %p conn %p, err %d", hcon, conn, err);
127 /* Kill socket */
128 sk = sco_chan_get(conn);
129 if (sk) {
130 bh_lock_sock(sk);
131 sco_sock_clear_timer(sk);
132 sco_chan_del(sk, err);
133 bh_unlock_sock(sk);
134 sco_sock_kill(sk);
135 }
137 hcon->sco_data = NULL;
138 kfree(conn);
139 return 0;
140 }
142 static int sco_chan_add(struct sco_conn *conn, struct sock *sk,
143 struct sock *parent)
144 {
145 int err = 0;
147 sco_conn_lock(conn);
148 if (conn->sk)
149 err = -EBUSY;
150 else
151 __sco_chan_add(conn, sk, parent);
153 sco_conn_unlock(conn);
154 return err;
155 }
157 static int sco_connect(struct sock *sk)
158 {
159 bdaddr_t *src = &bt_sk(sk)->src;
160 bdaddr_t *dst = &bt_sk(sk)->dst;
161 struct sco_conn *conn;
162 struct hci_conn *hcon;
163 struct hci_dev *hdev;
164 int err, type;
166 BT_DBG("%pMR -> %pMR", src, dst);
168 hdev = hci_get_route(dst, src);
169 if (!hdev)
170 return -EHOSTUNREACH;
172 hci_dev_lock(hdev);
174 if (lmp_esco_capable(hdev) && !disable_esco)
175 type = ESCO_LINK;
176 else
177 type = SCO_LINK;
179 hcon = hci_connect(hdev, type, dst, BDADDR_BREDR, BT_SECURITY_LOW,
180 HCI_AT_NO_BONDING);
181 if (IS_ERR(hcon)) {
182 err = PTR_ERR(hcon);
183 goto done;
184 }
186 conn = sco_conn_add(hcon);
187 if (!conn) {
188 hci_conn_put(hcon);
189 err = -ENOMEM;
190 goto done;
191 }
193 /* Update source addr of the socket */
194 bacpy(src, conn->src);
196 err = sco_chan_add(conn, sk, NULL);
197 if (err)
198 goto done;
200 if (hcon->state == BT_CONNECTED) {
201 sco_sock_clear_timer(sk);
202 sk->sk_state = BT_CONNECTED;
203 } else {
204 sk->sk_state = BT_CONNECT;
205 sco_sock_set_timer(sk, sk->sk_sndtimeo);
206 }
208 done:
209 hci_dev_unlock(hdev);
210 hci_dev_put(hdev);
211 return err;
212 }
214 static int sco_send_frame(struct sock *sk, struct msghdr *msg, int len)
215 {
216 struct sco_conn *conn = sco_pi(sk)->conn;
217 struct sk_buff *skb;
218 int err;
220 /* Check outgoing MTU */
221 if (len > conn->mtu)
222 return -EINVAL;
224 BT_DBG("sk %p len %d", sk, len);
226 skb = bt_skb_send_alloc(sk, len, msg->msg_flags & MSG_DONTWAIT, &err);
227 if (!skb)
228 return err;
230 if (memcpy_fromiovec(skb_put(skb, len), msg->msg_iov, len)) {
231 kfree_skb(skb);
232 return -EFAULT;
233 }
235 hci_send_sco(conn->hcon, skb);
237 return len;
238 }
240 static void sco_recv_frame(struct sco_conn *conn, struct sk_buff *skb)
241 {
242 struct sock *sk = sco_chan_get(conn);
244 if (!sk)
245 goto drop;
247 BT_DBG("sk %p len %d", sk, skb->len);
249 if (sk->sk_state != BT_CONNECTED)
250 goto drop;
252 if (!sock_queue_rcv_skb(sk, skb))
253 return;
255 drop:
256 kfree_skb(skb);
257 }
259 /* -------- Socket interface ---------- */
260 static struct sock *__sco_get_sock_listen_by_addr(bdaddr_t *ba)
261 {
262 struct hlist_node *node;
263 struct sock *sk;
265 sk_for_each(sk, node, &sco_sk_list.head) {
266 if (sk->sk_state != BT_LISTEN)
267 continue;
269 if (!bacmp(&bt_sk(sk)->src, ba))
270 return sk;
271 }
273 return NULL;
274 }
276 /* Find socket listening on source bdaddr.
277 * Returns closest match.
278 */
279 static struct sock *sco_get_sock_listen(bdaddr_t *src)
280 {
281 struct sock *sk = NULL, *sk1 = NULL;
282 struct hlist_node *node;
284 read_lock(&sco_sk_list.lock);
286 sk_for_each(sk, node, &sco_sk_list.head) {
287 if (sk->sk_state != BT_LISTEN)
288 continue;
290 /* Exact match. */
291 if (!bacmp(&bt_sk(sk)->src, src))
292 break;
294 /* Closest match */
295 if (!bacmp(&bt_sk(sk)->src, BDADDR_ANY))
296 sk1 = sk;
297 }
299 read_unlock(&sco_sk_list.lock);
301 return node ? sk : sk1;
302 }
304 static void sco_sock_destruct(struct sock *sk)
305 {
306 BT_DBG("sk %p", sk);
308 skb_queue_purge(&sk->sk_receive_queue);
309 skb_queue_purge(&sk->sk_write_queue);
310 }
312 static void sco_sock_cleanup_listen(struct sock *parent)
313 {
314 struct sock *sk;
316 BT_DBG("parent %p", parent);
318 /* Close not yet accepted channels */
319 while ((sk = bt_accept_dequeue(parent, NULL))) {
320 sco_sock_close(sk);
321 sco_sock_kill(sk);
322 }
324 parent->sk_state = BT_CLOSED;
325 sock_set_flag(parent, SOCK_ZAPPED);
326 }
328 /* Kill socket (only if zapped and orphan)
329 * Must be called on unlocked socket.
330 */
331 static void sco_sock_kill(struct sock *sk)
332 {
333 if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket)
334 return;
336 BT_DBG("sk %p state %d", sk, sk->sk_state);
338 /* Kill poor orphan */
339 bt_sock_unlink(&sco_sk_list, sk);
340 sock_set_flag(sk, SOCK_DEAD);
341 sock_put(sk);
342 }
344 static void __sco_sock_close(struct sock *sk)
345 {
346 BT_DBG("sk %p state %d socket %p", sk, sk->sk_state, sk->sk_socket);
348 switch (sk->sk_state) {
349 case BT_LISTEN:
350 sco_sock_cleanup_listen(sk);
351 break;
353 case BT_CONNECTED:
354 case BT_CONFIG:
355 if (sco_pi(sk)->conn->hcon) {
356 sk->sk_state = BT_DISCONN;
357 sco_sock_set_timer(sk, SCO_DISCONN_TIMEOUT);
358 hci_conn_put(sco_pi(sk)->conn->hcon);
359 sco_pi(sk)->conn->hcon = NULL;
360 } else
361 sco_chan_del(sk, ECONNRESET);
362 break;
364 case BT_CONNECT:
365 case BT_DISCONN:
366 sco_chan_del(sk, ECONNRESET);
367 break;
369 default:
370 sock_set_flag(sk, SOCK_ZAPPED);
371 break;
372 }
373 }
375 /* Must be called on unlocked socket. */
376 static void sco_sock_close(struct sock *sk)
377 {
378 sco_sock_clear_timer(sk);
379 lock_sock(sk);
380 __sco_sock_close(sk);
381 release_sock(sk);
382 sco_sock_kill(sk);
383 }
385 static void sco_sock_init(struct sock *sk, struct sock *parent)
386 {
387 BT_DBG("sk %p", sk);
389 if (parent) {
390 sk->sk_type = parent->sk_type;
391 bt_sk(sk)->flags = bt_sk(parent)->flags;
392 security_sk_clone(parent, sk);
393 }
394 }
396 static struct proto sco_proto = {
397 .name = "SCO",
398 .owner = THIS_MODULE,
399 .obj_size = sizeof(struct sco_pinfo)
400 };
402 static struct sock *sco_sock_alloc(struct net *net, struct socket *sock, int proto, gfp_t prio)
403 {
404 struct sock *sk;
406 sk = sk_alloc(net, PF_BLUETOOTH, prio, &sco_proto);
407 if (!sk)
408 return NULL;
410 sock_init_data(sock, sk);
411 INIT_LIST_HEAD(&bt_sk(sk)->accept_q);
413 sk->sk_destruct = sco_sock_destruct;
414 sk->sk_sndtimeo = SCO_CONN_TIMEOUT;
416 sock_reset_flag(sk, SOCK_ZAPPED);
418 sk->sk_protocol = proto;
419 sk->sk_state = BT_OPEN;
421 setup_timer(&sk->sk_timer, sco_sock_timeout, (unsigned long)sk);
423 bt_sock_link(&sco_sk_list, sk);
424 return sk;
425 }
427 static int sco_sock_create(struct net *net, struct socket *sock, int protocol,
428 int kern)
429 {
430 struct sock *sk;
432 BT_DBG("sock %p", sock);
434 sock->state = SS_UNCONNECTED;
436 if (sock->type != SOCK_SEQPACKET)
437 return -ESOCKTNOSUPPORT;
439 sock->ops = &sco_sock_ops;
441 sk = sco_sock_alloc(net, sock, protocol, GFP_ATOMIC);
442 if (!sk)
443 return -ENOMEM;
445 sco_sock_init(sk, NULL);
446 return 0;
447 }
449 static int sco_sock_bind(struct socket *sock, struct sockaddr *addr, int addr_len)
450 {
451 struct sockaddr_sco *sa = (struct sockaddr_sco *) addr;
452 struct sock *sk = sock->sk;
453 int err = 0;
455 BT_DBG("sk %p %pMR", sk, &sa->sco_bdaddr);
457 if (!addr || addr->sa_family != AF_BLUETOOTH)
458 return -EINVAL;
460 lock_sock(sk);
462 if (sk->sk_state != BT_OPEN) {
463 err = -EBADFD;
464 goto done;
465 }
467 if (sk->sk_type != SOCK_SEQPACKET) {
468 err = -EINVAL;
469 goto done;
470 }
472 bacpy(&bt_sk(sk)->src, &sa->sco_bdaddr);
474 sk->sk_state = BT_BOUND;
476 done:
477 release_sock(sk);
478 return err;
479 }
481 static int sco_sock_connect(struct socket *sock, struct sockaddr *addr, int alen, int flags)
482 {
483 struct sockaddr_sco *sa = (struct sockaddr_sco *) addr;
484 struct sock *sk = sock->sk;
485 int err = 0;
488 BT_DBG("sk %p", sk);
490 if (alen < sizeof(struct sockaddr_sco) ||
491 addr->sa_family != AF_BLUETOOTH)
492 return -EINVAL;
494 if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND)
495 return -EBADFD;
497 if (sk->sk_type != SOCK_SEQPACKET)
498 return -EINVAL;
500 lock_sock(sk);
502 /* Set destination address and psm */
503 bacpy(&bt_sk(sk)->dst, &sa->sco_bdaddr);
505 err = sco_connect(sk);
506 if (err)
507 goto done;
509 err = bt_sock_wait_state(sk, BT_CONNECTED,
510 sock_sndtimeo(sk, flags & O_NONBLOCK));
512 done:
513 release_sock(sk);
514 return err;
515 }
517 static int sco_sock_listen(struct socket *sock, int backlog)
518 {
519 struct sock *sk = sock->sk;
520 bdaddr_t *src = &bt_sk(sk)->src;
521 int err = 0;
523 BT_DBG("sk %p backlog %d", sk, backlog);
525 lock_sock(sk);
527 if (sk->sk_state != BT_BOUND) {
528 err = -EBADFD;
529 goto done;
530 }
532 if (sk->sk_type != SOCK_SEQPACKET) {
533 err = -EINVAL;
534 goto done;
535 }
537 write_lock(&sco_sk_list.lock);
539 if (__sco_get_sock_listen_by_addr(src)) {
540 err = -EADDRINUSE;
541 goto unlock;
542 }
544 sk->sk_max_ack_backlog = backlog;
545 sk->sk_ack_backlog = 0;
547 sk->sk_state = BT_LISTEN;
549 unlock:
550 write_unlock(&sco_sk_list.lock);
552 done:
553 release_sock(sk);
554 return err;
555 }
557 static int sco_sock_accept(struct socket *sock, struct socket *newsock, int flags)
558 {
559 DECLARE_WAITQUEUE(wait, current);
560 struct sock *sk = sock->sk, *ch;
561 long timeo;
562 int err = 0;
564 lock_sock(sk);
566 timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK);
568 BT_DBG("sk %p timeo %ld", sk, timeo);
570 /* Wait for an incoming connection. (wake-one). */
571 add_wait_queue_exclusive(sk_sleep(sk), &wait);
572 while (1) {
573 set_current_state(TASK_INTERRUPTIBLE);
575 if (sk->sk_state != BT_LISTEN) {
576 err = -EBADFD;
577 break;
578 }
580 ch = bt_accept_dequeue(sk, newsock);
581 if (ch)
582 break;
584 if (!timeo) {
585 err = -EAGAIN;
586 break;
587 }
589 if (signal_pending(current)) {
590 err = sock_intr_errno(timeo);
591 break;
592 }
594 release_sock(sk);
595 timeo = schedule_timeout(timeo);
596 lock_sock(sk);
597 }
598 __set_current_state(TASK_RUNNING);
599 remove_wait_queue(sk_sleep(sk), &wait);
601 if (err)
602 goto done;
604 newsock->state = SS_CONNECTED;
606 BT_DBG("new socket %p", ch);
608 done:
609 release_sock(sk);
610 return err;
611 }
613 static int sco_sock_getname(struct socket *sock, struct sockaddr *addr, int *len, int peer)
614 {
615 struct sockaddr_sco *sa = (struct sockaddr_sco *) addr;
616 struct sock *sk = sock->sk;
618 BT_DBG("sock %p, sk %p", sock, sk);
620 addr->sa_family = AF_BLUETOOTH;
621 *len = sizeof(struct sockaddr_sco);
623 if (peer)
624 bacpy(&sa->sco_bdaddr, &bt_sk(sk)->dst);
625 else
626 bacpy(&sa->sco_bdaddr, &bt_sk(sk)->src);
628 return 0;
629 }
631 static int sco_sock_sendmsg(struct kiocb *iocb, struct socket *sock,
632 struct msghdr *msg, size_t len)
633 {
634 struct sock *sk = sock->sk;
635 int err;
637 BT_DBG("sock %p, sk %p", sock, sk);
639 err = sock_error(sk);
640 if (err)
641 return err;
643 if (msg->msg_flags & MSG_OOB)
644 return -EOPNOTSUPP;
646 lock_sock(sk);
648 if (sk->sk_state == BT_CONNECTED)
649 err = sco_send_frame(sk, msg, len);
650 else
651 err = -ENOTCONN;
653 release_sock(sk);
654 return err;
655 }
657 static int sco_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
658 struct msghdr *msg, size_t len, int flags)
659 {
660 struct sock *sk = sock->sk;
661 struct sco_pinfo *pi = sco_pi(sk);
663 lock_sock(sk);
665 if (sk->sk_state == BT_CONNECT2 &&
666 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) {
667 hci_conn_accept(pi->conn->hcon, 0);
668 sk->sk_state = BT_CONFIG;
670 release_sock(sk);
671 return 0;
672 }
674 release_sock(sk);
676 return bt_sock_recvmsg(iocb, sock, msg, len, flags);
677 }
679 static int sco_sock_setsockopt(struct socket *sock, int level, int optname, char __user *optval, unsigned int optlen)
680 {
681 struct sock *sk = sock->sk;
682 int err = 0;
683 u32 opt;
685 BT_DBG("sk %p", sk);
687 lock_sock(sk);
689 switch (optname) {
691 case BT_DEFER_SETUP:
692 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
693 err = -EINVAL;
694 break;
695 }
697 if (get_user(opt, (u32 __user *) optval)) {
698 err = -EFAULT;
699 break;
700 }
702 if (opt)
703 set_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
704 else
705 clear_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
706 break;
708 default:
709 err = -ENOPROTOOPT;
710 break;
711 }
713 release_sock(sk);
714 return err;
715 }
717 static int sco_sock_getsockopt_old(struct socket *sock, int optname, char __user *optval, int __user *optlen)
718 {
719 struct sock *sk = sock->sk;
720 struct sco_options opts;
721 struct sco_conninfo cinfo;
722 int len, err = 0;
724 BT_DBG("sk %p", sk);
726 if (get_user(len, optlen))
727 return -EFAULT;
729 lock_sock(sk);
731 switch (optname) {
732 case SCO_OPTIONS:
733 if (sk->sk_state != BT_CONNECTED) {
734 err = -ENOTCONN;
735 break;
736 }
738 opts.mtu = sco_pi(sk)->conn->mtu;
740 BT_DBG("mtu %d", opts.mtu);
742 len = min_t(unsigned int, len, sizeof(opts));
743 if (copy_to_user(optval, (char *)&opts, len))
744 err = -EFAULT;
746 break;
748 case SCO_CONNINFO:
749 if (sk->sk_state != BT_CONNECTED) {
750 err = -ENOTCONN;
751 break;
752 }
754 memset(&cinfo, 0, sizeof(cinfo));
755 cinfo.hci_handle = sco_pi(sk)->conn->hcon->handle;
756 memcpy(cinfo.dev_class, sco_pi(sk)->conn->hcon->dev_class, 3);
758 len = min_t(unsigned int, len, sizeof(cinfo));
759 if (copy_to_user(optval, (char *)&cinfo, len))
760 err = -EFAULT;
762 break;
764 default:
765 err = -ENOPROTOOPT;
766 break;
767 }
769 release_sock(sk);
770 return err;
771 }
773 static int sco_sock_getsockopt(struct socket *sock, int level, int optname, char __user *optval, int __user *optlen)
774 {
775 struct sock *sk = sock->sk;
776 int len, err = 0;
778 BT_DBG("sk %p", sk);
780 if (level == SOL_SCO)
781 return sco_sock_getsockopt_old(sock, optname, optval, optlen);
783 if (get_user(len, optlen))
784 return -EFAULT;
786 lock_sock(sk);
788 switch (optname) {
790 case BT_DEFER_SETUP:
791 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
792 err = -EINVAL;
793 break;
794 }
796 if (put_user(test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags),
797 (u32 __user *) optval))
798 err = -EFAULT;
800 break;
802 default:
803 err = -ENOPROTOOPT;
804 break;
805 }
807 release_sock(sk);
808 return err;
809 }
811 static int sco_sock_shutdown(struct socket *sock, int how)
812 {
813 struct sock *sk = sock->sk;
814 int err = 0;
816 BT_DBG("sock %p, sk %p", sock, sk);
818 if (!sk)
819 return 0;
821 lock_sock(sk);
822 if (!sk->sk_shutdown) {
823 sk->sk_shutdown = SHUTDOWN_MASK;
824 sco_sock_clear_timer(sk);
825 __sco_sock_close(sk);
827 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime)
828 err = bt_sock_wait_state(sk, BT_CLOSED,
829 sk->sk_lingertime);
830 }
831 release_sock(sk);
832 return err;
833 }
835 static int sco_sock_release(struct socket *sock)
836 {
837 struct sock *sk = sock->sk;
838 int err = 0;
840 BT_DBG("sock %p, sk %p", sock, sk);
842 if (!sk)
843 return 0;
845 sco_sock_close(sk);
847 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime) {
848 lock_sock(sk);
849 err = bt_sock_wait_state(sk, BT_CLOSED, sk->sk_lingertime);
850 release_sock(sk);
851 }
853 sock_orphan(sk);
854 sco_sock_kill(sk);
855 return err;
856 }
858 static void __sco_chan_add(struct sco_conn *conn, struct sock *sk, struct sock *parent)
859 {
860 BT_DBG("conn %p", conn);
862 sco_pi(sk)->conn = conn;
863 conn->sk = sk;
865 if (parent)
866 bt_accept_enqueue(parent, sk);
867 }
869 /* Delete channel.
870 * Must be called on the locked socket. */
871 static void sco_chan_del(struct sock *sk, int err)
872 {
873 struct sco_conn *conn;
875 conn = sco_pi(sk)->conn;
877 BT_DBG("sk %p, conn %p, err %d", sk, conn, err);
879 if (conn) {
880 sco_conn_lock(conn);
881 conn->sk = NULL;
882 sco_pi(sk)->conn = NULL;
883 sco_conn_unlock(conn);
885 if (conn->hcon)
886 hci_conn_put(conn->hcon);
887 }
889 sk->sk_state = BT_CLOSED;
890 sk->sk_err = err;
891 sk->sk_state_change(sk);
893 sock_set_flag(sk, SOCK_ZAPPED);
894 }
896 static void sco_conn_ready(struct sco_conn *conn)
897 {
898 struct sock *parent;
899 struct sock *sk = conn->sk;
901 BT_DBG("conn %p", conn);
903 if (sk) {
904 sco_sock_clear_timer(sk);
905 bh_lock_sock(sk);
906 sk->sk_state = BT_CONNECTED;
907 sk->sk_state_change(sk);
908 bh_unlock_sock(sk);
909 } else {
910 sco_conn_lock(conn);
912 parent = sco_get_sock_listen(conn->src);
913 if (!parent) {
914 sco_conn_unlock(conn);
915 return;
916 }
918 bh_lock_sock(parent);
920 sk = sco_sock_alloc(sock_net(parent), NULL,
921 BTPROTO_SCO, GFP_ATOMIC);
922 if (!sk) {
923 bh_unlock_sock(parent);
924 sco_conn_unlock(conn);
925 return;
926 }
928 sco_sock_init(sk, parent);
930 bacpy(&bt_sk(sk)->src, conn->src);
931 bacpy(&bt_sk(sk)->dst, conn->dst);
933 hci_conn_hold(conn->hcon);
934 __sco_chan_add(conn, sk, parent);
936 if (test_bit(BT_SK_DEFER_SETUP, &bt_sk(parent)->flags))
937 sk->sk_state = BT_CONNECT2;
938 else
939 sk->sk_state = BT_CONNECTED;
941 /* Wake up parent */
942 parent->sk_data_ready(parent, 1);
944 bh_unlock_sock(parent);
946 sco_conn_unlock(conn);
947 }
948 }
950 /* ----- SCO interface with lower layer (HCI) ----- */
951 int sco_connect_ind(struct hci_dev *hdev, bdaddr_t *bdaddr, __u8 *flags)
952 {
953 struct sock *sk;
954 struct hlist_node *node;
955 int lm = 0;
957 BT_DBG("hdev %s, bdaddr %pMR", hdev->name, bdaddr);
959 /* Find listening sockets */
960 read_lock(&sco_sk_list.lock);
961 sk_for_each(sk, node, &sco_sk_list.head) {
962 if (sk->sk_state != BT_LISTEN)
963 continue;
965 if (!bacmp(&bt_sk(sk)->src, &hdev->bdaddr) ||
966 !bacmp(&bt_sk(sk)->src, BDADDR_ANY)) {
967 lm |= HCI_LM_ACCEPT;
969 if (test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags))
970 *flags |= HCI_PROTO_DEFER;
971 break;
972 }
973 }
974 read_unlock(&sco_sk_list.lock);
976 return lm;
977 }
979 void sco_connect_cfm(struct hci_conn *hcon, __u8 status)
980 {
981 BT_DBG("hcon %p bdaddr %pMR status %d", hcon, &hcon->dst, status);
982 if (!status) {
983 struct sco_conn *conn;
985 conn = sco_conn_add(hcon);
986 if (conn)
987 sco_conn_ready(conn);
988 } else
989 sco_conn_del(hcon, bt_to_errno(status));
990 }
992 void sco_disconn_cfm(struct hci_conn *hcon, __u8 reason)
993 {
994 BT_DBG("hcon %p reason %d", hcon, reason);
996 sco_conn_del(hcon, bt_to_errno(reason));
997 }
999 int sco_recv_scodata(struct hci_conn *hcon, struct sk_buff *skb)
1000 {
1001 struct sco_conn *conn = hcon->sco_data;
1003 if (!conn)
1004 goto drop;
1006 BT_DBG("conn %p len %d", conn, skb->len);
1008 if (skb->len) {
1009 sco_recv_frame(conn, skb);
1010 return 0;
1011 }
1013 drop:
1014 kfree_skb(skb);
1015 return 0;
1016 }
1018 static int sco_debugfs_show(struct seq_file *f, void *p)
1019 {
1020 struct sock *sk;
1021 struct hlist_node *node;
1023 read_lock(&sco_sk_list.lock);
1025 sk_for_each(sk, node, &sco_sk_list.head) {
1026 seq_printf(f, "%pMR %pMR %d\n", &bt_sk(sk)->src,
1027 &bt_sk(sk)->dst, sk->sk_state);
1028 }
1030 read_unlock(&sco_sk_list.lock);
1032 return 0;
1033 }
1035 static int sco_debugfs_open(struct inode *inode, struct file *file)
1036 {
1037 return single_open(file, sco_debugfs_show, inode->i_private);
1038 }
1040 static const struct file_operations sco_debugfs_fops = {
1041 .open = sco_debugfs_open,
1042 .read = seq_read,
1043 .llseek = seq_lseek,
1044 .release = single_release,
1045 };
1047 static struct dentry *sco_debugfs;
1049 static const struct proto_ops sco_sock_ops = {
1050 .family = PF_BLUETOOTH,
1051 .owner = THIS_MODULE,
1052 .release = sco_sock_release,
1053 .bind = sco_sock_bind,
1054 .connect = sco_sock_connect,
1055 .listen = sco_sock_listen,
1056 .accept = sco_sock_accept,
1057 .getname = sco_sock_getname,
1058 .sendmsg = sco_sock_sendmsg,
1059 .recvmsg = sco_sock_recvmsg,
1060 .poll = bt_sock_poll,
1061 .ioctl = bt_sock_ioctl,
1062 .mmap = sock_no_mmap,
1063 .socketpair = sock_no_socketpair,
1064 .shutdown = sco_sock_shutdown,
1065 .setsockopt = sco_sock_setsockopt,
1066 .getsockopt = sco_sock_getsockopt
1067 };
1069 static const struct net_proto_family sco_sock_family_ops = {
1070 .family = PF_BLUETOOTH,
1071 .owner = THIS_MODULE,
1072 .create = sco_sock_create,
1073 };
1075 int __init sco_init(void)
1076 {
1077 int err;
1079 err = proto_register(&sco_proto, 0);
1080 if (err < 0)
1081 return err;
1083 err = bt_sock_register(BTPROTO_SCO, &sco_sock_family_ops);
1084 if (err < 0) {
1085 BT_ERR("SCO socket registration failed");
1086 goto error;
1087 }
1089 err = bt_procfs_init(THIS_MODULE, &init_net, "sco", &sco_sk_list, NULL);
1090 if (err < 0) {
1091 BT_ERR("Failed to create SCO proc file");
1092 bt_sock_unregister(BTPROTO_SCO);
1093 goto error;
1094 }
1096 if (bt_debugfs) {
1097 sco_debugfs = debugfs_create_file("sco", 0444, bt_debugfs,
1098 NULL, &sco_debugfs_fops);
1099 if (!sco_debugfs)
1100 BT_ERR("Failed to create SCO debug file");
1101 }
1103 BT_INFO("SCO socket layer initialized");
1105 return 0;
1107 error:
1108 proto_unregister(&sco_proto);
1109 return err;
1110 }
1112 void __exit sco_exit(void)
1113 {
1114 bt_procfs_cleanup(&init_net, "sco");
1116 debugfs_remove(sco_debugfs);
1118 if (bt_sock_unregister(BTPROTO_SCO) < 0)
1119 BT_ERR("SCO socket unregistration failed");
1121 proto_unregister(&sco_proto);
1122 }
1124 module_param(disable_esco, bool, 0644);
1125 MODULE_PARM_DESC(disable_esco, "Disable eSCO connection creation");