l2cap_sock.c revision 1f435424ce2c93c31c3887ec67e3afb6056f18f6
1/* 2 BlueZ - Bluetooth protocol stack for Linux 3 Copyright (C) 2000-2001 Qualcomm Incorporated 4 Copyright (C) 2009-2010 Gustavo F. Padovan <gustavo@padovan.org> 5 Copyright (C) 2010 Google Inc. 6 Copyright (C) 2011 ProFUSION Embedded Systems 7 8 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com> 9 10 This program is free software; you can redistribute it and/or modify 11 it under the terms of the GNU General Public License version 2 as 12 published by the Free Software Foundation; 13 14 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS 15 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 16 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. 17 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY 18 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES 19 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 20 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 21 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 22 23 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, 24 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS 25 SOFTWARE IS DISCLAIMED. 26*/ 27 28/* Bluetooth L2CAP sockets. */ 29 30#include <linux/module.h> 31#include <linux/export.h> 32 33#include <net/bluetooth/bluetooth.h> 34#include <net/bluetooth/hci_core.h> 35#include <net/bluetooth/l2cap.h> 36 37#include "smp.h" 38 39bool enable_lecoc; 40 41static struct bt_sock_list l2cap_sk_list = { 42 .lock = __RW_LOCK_UNLOCKED(l2cap_sk_list.lock) 43}; 44 45static const struct proto_ops l2cap_sock_ops; 46static void l2cap_sock_init(struct sock *sk, struct sock *parent); 47static struct sock *l2cap_sock_alloc(struct net *net, struct socket *sock, 48 int proto, gfp_t prio); 49 50bool l2cap_is_socket(struct socket *sock) 51{ 52 return sock && sock->ops == &l2cap_sock_ops; 53} 54EXPORT_SYMBOL(l2cap_is_socket); 55 56static int l2cap_sock_bind(struct socket *sock, struct sockaddr *addr, int alen) 57{ 58 struct sock *sk = sock->sk; 59 struct l2cap_chan *chan = l2cap_pi(sk)->chan; 60 struct sockaddr_l2 la; 61 int len, err = 0; 62 63 BT_DBG("sk %p", sk); 64 65 if (!addr || addr->sa_family != AF_BLUETOOTH) 66 return -EINVAL; 67 68 memset(&la, 0, sizeof(la)); 69 len = min_t(unsigned int, sizeof(la), alen); 70 memcpy(&la, addr, len); 71 72 if (la.l2_cid && la.l2_psm) 73 return -EINVAL; 74 75 if (!bdaddr_type_is_valid(la.l2_bdaddr_type)) 76 return -EINVAL; 77 78 if (bdaddr_type_is_le(la.l2_bdaddr_type)) { 79 if (!enable_lecoc && la.l2_psm) 80 return -EINVAL; 81 /* We only allow ATT user space socket */ 82 if (la.l2_cid && 83 la.l2_cid != __constant_cpu_to_le16(L2CAP_CID_ATT)) 84 return -EINVAL; 85 } 86 87 lock_sock(sk); 88 89 if (sk->sk_state != BT_OPEN) { 90 err = -EBADFD; 91 goto done; 92 } 93 94 if (la.l2_psm) { 95 __u16 psm = __le16_to_cpu(la.l2_psm); 96 97 /* PSM must be odd and lsb of upper byte must be 0 */ 98 if ((psm & 0x0101) != 0x0001) { 99 err = -EINVAL; 100 goto done; 101 } 102 103 /* Restrict usage of well-known PSMs */ 104 if (psm < 0x1001 && !capable(CAP_NET_BIND_SERVICE)) { 105 err = -EACCES; 106 goto done; 107 } 108 } 109 110 if (la.l2_cid) 111 err = l2cap_add_scid(chan, __le16_to_cpu(la.l2_cid)); 112 else 113 err = l2cap_add_psm(chan, &la.l2_bdaddr, la.l2_psm); 114 115 if (err < 0) 116 goto done; 117 118 switch (chan->chan_type) { 119 case L2CAP_CHAN_CONN_LESS: 120 if (__le16_to_cpu(la.l2_psm) == L2CAP_PSM_3DSP) 121 chan->sec_level = BT_SECURITY_SDP; 122 break; 123 case L2CAP_CHAN_CONN_ORIENTED: 124 if (__le16_to_cpu(la.l2_psm) == L2CAP_PSM_SDP || 125 __le16_to_cpu(la.l2_psm) == L2CAP_PSM_RFCOMM) 126 chan->sec_level = BT_SECURITY_SDP; 127 break; 128 } 129 130 bacpy(&chan->src, &la.l2_bdaddr); 131 chan->src_type = la.l2_bdaddr_type; 132 133 if (chan->psm && bdaddr_type_is_le(chan->src_type)) 134 l2cap_le_flowctl_init(chan); 135 136 chan->state = BT_BOUND; 137 sk->sk_state = BT_BOUND; 138 139done: 140 release_sock(sk); 141 return err; 142} 143 144static int l2cap_sock_connect(struct socket *sock, struct sockaddr *addr, 145 int alen, int flags) 146{ 147 struct sock *sk = sock->sk; 148 struct l2cap_chan *chan = l2cap_pi(sk)->chan; 149 struct sockaddr_l2 la; 150 int len, err = 0; 151 152 BT_DBG("sk %p", sk); 153 154 if (!addr || alen < sizeof(addr->sa_family) || 155 addr->sa_family != AF_BLUETOOTH) 156 return -EINVAL; 157 158 memset(&la, 0, sizeof(la)); 159 len = min_t(unsigned int, sizeof(la), alen); 160 memcpy(&la, addr, len); 161 162 if (la.l2_cid && la.l2_psm) 163 return -EINVAL; 164 165 if (!bdaddr_type_is_valid(la.l2_bdaddr_type)) 166 return -EINVAL; 167 168 /* Check that the socket wasn't bound to something that 169 * conflicts with the address given to connect(). If chan->src 170 * is BDADDR_ANY it means bind() was never used, in which case 171 * chan->src_type and la.l2_bdaddr_type do not need to match. 172 */ 173 if (chan->src_type == BDADDR_BREDR && bacmp(&chan->src, BDADDR_ANY) && 174 bdaddr_type_is_le(la.l2_bdaddr_type)) { 175 /* Old user space versions will try to incorrectly bind 176 * the ATT socket using BDADDR_BREDR. We need to accept 177 * this and fix up the source address type only when 178 * both the source CID and destination CID indicate 179 * ATT. Anything else is an invalid combination. 180 */ 181 if (chan->scid != L2CAP_CID_ATT || 182 la.l2_cid != __constant_cpu_to_le16(L2CAP_CID_ATT)) 183 return -EINVAL; 184 185 /* We don't have the hdev available here to make a 186 * better decision on random vs public, but since all 187 * user space versions that exhibit this issue anyway do 188 * not support random local addresses assuming public 189 * here is good enough. 190 */ 191 chan->src_type = BDADDR_LE_PUBLIC; 192 } 193 194 if (chan->src_type != BDADDR_BREDR && la.l2_bdaddr_type == BDADDR_BREDR) 195 return -EINVAL; 196 197 if (bdaddr_type_is_le(la.l2_bdaddr_type)) { 198 if (!enable_lecoc && la.l2_psm) 199 return -EINVAL; 200 /* We only allow ATT user space socket */ 201 if (la.l2_cid && 202 la.l2_cid != __constant_cpu_to_le16(L2CAP_CID_ATT)) 203 return -EINVAL; 204 } 205 206 if (chan->psm && bdaddr_type_is_le(chan->src_type)) 207 l2cap_le_flowctl_init(chan); 208 209 err = l2cap_chan_connect(chan, la.l2_psm, __le16_to_cpu(la.l2_cid), 210 &la.l2_bdaddr, la.l2_bdaddr_type); 211 if (err) 212 return err; 213 214 lock_sock(sk); 215 216 err = bt_sock_wait_state(sk, BT_CONNECTED, 217 sock_sndtimeo(sk, flags & O_NONBLOCK)); 218 219 release_sock(sk); 220 221 return err; 222} 223 224static int l2cap_sock_listen(struct socket *sock, int backlog) 225{ 226 struct sock *sk = sock->sk; 227 struct l2cap_chan *chan = l2cap_pi(sk)->chan; 228 int err = 0; 229 230 BT_DBG("sk %p backlog %d", sk, backlog); 231 232 lock_sock(sk); 233 234 if (sk->sk_state != BT_BOUND) { 235 err = -EBADFD; 236 goto done; 237 } 238 239 if (sk->sk_type != SOCK_SEQPACKET && sk->sk_type != SOCK_STREAM) { 240 err = -EINVAL; 241 goto done; 242 } 243 244 switch (chan->mode) { 245 case L2CAP_MODE_BASIC: 246 case L2CAP_MODE_LE_FLOWCTL: 247 break; 248 case L2CAP_MODE_ERTM: 249 case L2CAP_MODE_STREAMING: 250 if (!disable_ertm) 251 break; 252 /* fall through */ 253 default: 254 err = -ENOTSUPP; 255 goto done; 256 } 257 258 sk->sk_max_ack_backlog = backlog; 259 sk->sk_ack_backlog = 0; 260 261 chan->state = BT_LISTEN; 262 sk->sk_state = BT_LISTEN; 263 264done: 265 release_sock(sk); 266 return err; 267} 268 269static int l2cap_sock_accept(struct socket *sock, struct socket *newsock, 270 int flags) 271{ 272 DECLARE_WAITQUEUE(wait, current); 273 struct sock *sk = sock->sk, *nsk; 274 long timeo; 275 int err = 0; 276 277 lock_sock_nested(sk, SINGLE_DEPTH_NESTING); 278 279 timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK); 280 281 BT_DBG("sk %p timeo %ld", sk, timeo); 282 283 /* Wait for an incoming connection. (wake-one). */ 284 add_wait_queue_exclusive(sk_sleep(sk), &wait); 285 while (1) { 286 set_current_state(TASK_INTERRUPTIBLE); 287 288 if (sk->sk_state != BT_LISTEN) { 289 err = -EBADFD; 290 break; 291 } 292 293 nsk = bt_accept_dequeue(sk, newsock); 294 if (nsk) 295 break; 296 297 if (!timeo) { 298 err = -EAGAIN; 299 break; 300 } 301 302 if (signal_pending(current)) { 303 err = sock_intr_errno(timeo); 304 break; 305 } 306 307 release_sock(sk); 308 timeo = schedule_timeout(timeo); 309 lock_sock_nested(sk, SINGLE_DEPTH_NESTING); 310 } 311 __set_current_state(TASK_RUNNING); 312 remove_wait_queue(sk_sleep(sk), &wait); 313 314 if (err) 315 goto done; 316 317 newsock->state = SS_CONNECTED; 318 319 BT_DBG("new socket %p", nsk); 320 321done: 322 release_sock(sk); 323 return err; 324} 325 326static int l2cap_sock_getname(struct socket *sock, struct sockaddr *addr, 327 int *len, int peer) 328{ 329 struct sockaddr_l2 *la = (struct sockaddr_l2 *) addr; 330 struct sock *sk = sock->sk; 331 struct l2cap_chan *chan = l2cap_pi(sk)->chan; 332 333 BT_DBG("sock %p, sk %p", sock, sk); 334 335 memset(la, 0, sizeof(struct sockaddr_l2)); 336 addr->sa_family = AF_BLUETOOTH; 337 *len = sizeof(struct sockaddr_l2); 338 339 if (peer) { 340 la->l2_psm = chan->psm; 341 bacpy(&la->l2_bdaddr, &chan->dst); 342 la->l2_cid = cpu_to_le16(chan->dcid); 343 la->l2_bdaddr_type = chan->dst_type; 344 } else { 345 la->l2_psm = chan->sport; 346 bacpy(&la->l2_bdaddr, &chan->src); 347 la->l2_cid = cpu_to_le16(chan->scid); 348 la->l2_bdaddr_type = chan->src_type; 349 } 350 351 return 0; 352} 353 354static int l2cap_sock_getsockopt_old(struct socket *sock, int optname, 355 char __user *optval, int __user *optlen) 356{ 357 struct sock *sk = sock->sk; 358 struct l2cap_chan *chan = l2cap_pi(sk)->chan; 359 struct l2cap_options opts; 360 struct l2cap_conninfo cinfo; 361 int len, err = 0; 362 u32 opt; 363 364 BT_DBG("sk %p", sk); 365 366 if (get_user(len, optlen)) 367 return -EFAULT; 368 369 lock_sock(sk); 370 371 switch (optname) { 372 case L2CAP_OPTIONS: 373 /* LE sockets should use BT_SNDMTU/BT_RCVMTU, but since 374 * legacy ATT code depends on getsockopt for 375 * L2CAP_OPTIONS we need to let this pass. 376 */ 377 if (bdaddr_type_is_le(chan->src_type) && 378 chan->scid != L2CAP_CID_ATT) { 379 err = -EINVAL; 380 break; 381 } 382 383 memset(&opts, 0, sizeof(opts)); 384 opts.imtu = chan->imtu; 385 opts.omtu = chan->omtu; 386 opts.flush_to = chan->flush_to; 387 opts.mode = chan->mode; 388 opts.fcs = chan->fcs; 389 opts.max_tx = chan->max_tx; 390 opts.txwin_size = chan->tx_win; 391 392 len = min_t(unsigned int, len, sizeof(opts)); 393 if (copy_to_user(optval, (char *) &opts, len)) 394 err = -EFAULT; 395 396 break; 397 398 case L2CAP_LM: 399 switch (chan->sec_level) { 400 case BT_SECURITY_LOW: 401 opt = L2CAP_LM_AUTH; 402 break; 403 case BT_SECURITY_MEDIUM: 404 opt = L2CAP_LM_AUTH | L2CAP_LM_ENCRYPT; 405 break; 406 case BT_SECURITY_HIGH: 407 opt = L2CAP_LM_AUTH | L2CAP_LM_ENCRYPT | 408 L2CAP_LM_SECURE; 409 break; 410 default: 411 opt = 0; 412 break; 413 } 414 415 if (test_bit(FLAG_ROLE_SWITCH, &chan->flags)) 416 opt |= L2CAP_LM_MASTER; 417 418 if (test_bit(FLAG_FORCE_RELIABLE, &chan->flags)) 419 opt |= L2CAP_LM_RELIABLE; 420 421 if (put_user(opt, (u32 __user *) optval)) 422 err = -EFAULT; 423 break; 424 425 case L2CAP_CONNINFO: 426 if (sk->sk_state != BT_CONNECTED && 427 !(sk->sk_state == BT_CONNECT2 && 428 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags))) { 429 err = -ENOTCONN; 430 break; 431 } 432 433 memset(&cinfo, 0, sizeof(cinfo)); 434 cinfo.hci_handle = chan->conn->hcon->handle; 435 memcpy(cinfo.dev_class, chan->conn->hcon->dev_class, 3); 436 437 len = min_t(unsigned int, len, sizeof(cinfo)); 438 if (copy_to_user(optval, (char *) &cinfo, len)) 439 err = -EFAULT; 440 441 break; 442 443 default: 444 err = -ENOPROTOOPT; 445 break; 446 } 447 448 release_sock(sk); 449 return err; 450} 451 452static int l2cap_sock_getsockopt(struct socket *sock, int level, int optname, 453 char __user *optval, int __user *optlen) 454{ 455 struct sock *sk = sock->sk; 456 struct l2cap_chan *chan = l2cap_pi(sk)->chan; 457 struct bt_security sec; 458 struct bt_power pwr; 459 int len, err = 0; 460 461 BT_DBG("sk %p", sk); 462 463 if (level == SOL_L2CAP) 464 return l2cap_sock_getsockopt_old(sock, optname, optval, optlen); 465 466 if (level != SOL_BLUETOOTH) 467 return -ENOPROTOOPT; 468 469 if (get_user(len, optlen)) 470 return -EFAULT; 471 472 lock_sock(sk); 473 474 switch (optname) { 475 case BT_SECURITY: 476 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED && 477 chan->chan_type != L2CAP_CHAN_RAW) { 478 err = -EINVAL; 479 break; 480 } 481 482 memset(&sec, 0, sizeof(sec)); 483 if (chan->conn) { 484 sec.level = chan->conn->hcon->sec_level; 485 486 if (sk->sk_state == BT_CONNECTED) 487 sec.key_size = chan->conn->hcon->enc_key_size; 488 } else { 489 sec.level = chan->sec_level; 490 } 491 492 len = min_t(unsigned int, len, sizeof(sec)); 493 if (copy_to_user(optval, (char *) &sec, len)) 494 err = -EFAULT; 495 496 break; 497 498 case BT_DEFER_SETUP: 499 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) { 500 err = -EINVAL; 501 break; 502 } 503 504 if (put_user(test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags), 505 (u32 __user *) optval)) 506 err = -EFAULT; 507 508 break; 509 510 case BT_FLUSHABLE: 511 if (put_user(test_bit(FLAG_FLUSHABLE, &chan->flags), 512 (u32 __user *) optval)) 513 err = -EFAULT; 514 515 break; 516 517 case BT_POWER: 518 if (sk->sk_type != SOCK_SEQPACKET && sk->sk_type != SOCK_STREAM 519 && sk->sk_type != SOCK_RAW) { 520 err = -EINVAL; 521 break; 522 } 523 524 pwr.force_active = test_bit(FLAG_FORCE_ACTIVE, &chan->flags); 525 526 len = min_t(unsigned int, len, sizeof(pwr)); 527 if (copy_to_user(optval, (char *) &pwr, len)) 528 err = -EFAULT; 529 530 break; 531 532 case BT_CHANNEL_POLICY: 533 if (put_user(chan->chan_policy, (u32 __user *) optval)) 534 err = -EFAULT; 535 break; 536 537 case BT_SNDMTU: 538 if (!enable_lecoc) { 539 err = -EPROTONOSUPPORT; 540 break; 541 } 542 543 if (!bdaddr_type_is_le(chan->src_type)) { 544 err = -EINVAL; 545 break; 546 } 547 548 if (sk->sk_state != BT_CONNECTED) { 549 err = -ENOTCONN; 550 break; 551 } 552 553 if (put_user(chan->omtu, (u16 __user *) optval)) 554 err = -EFAULT; 555 break; 556 557 case BT_RCVMTU: 558 if (!enable_lecoc) { 559 err = -EPROTONOSUPPORT; 560 break; 561 } 562 563 if (!bdaddr_type_is_le(chan->src_type)) { 564 err = -EINVAL; 565 break; 566 } 567 568 if (put_user(chan->imtu, (u16 __user *) optval)) 569 err = -EFAULT; 570 break; 571 572 default: 573 err = -ENOPROTOOPT; 574 break; 575 } 576 577 release_sock(sk); 578 return err; 579} 580 581static bool l2cap_valid_mtu(struct l2cap_chan *chan, u16 mtu) 582{ 583 switch (chan->scid) { 584 case L2CAP_CID_ATT: 585 if (mtu < L2CAP_LE_MIN_MTU) 586 return false; 587 break; 588 589 default: 590 if (mtu < L2CAP_DEFAULT_MIN_MTU) 591 return false; 592 } 593 594 return true; 595} 596 597static int l2cap_sock_setsockopt_old(struct socket *sock, int optname, 598 char __user *optval, unsigned int optlen) 599{ 600 struct sock *sk = sock->sk; 601 struct l2cap_chan *chan = l2cap_pi(sk)->chan; 602 struct l2cap_options opts; 603 int len, err = 0; 604 u32 opt; 605 606 BT_DBG("sk %p", sk); 607 608 lock_sock(sk); 609 610 switch (optname) { 611 case L2CAP_OPTIONS: 612 if (bdaddr_type_is_le(chan->src_type)) { 613 err = -EINVAL; 614 break; 615 } 616 617 if (sk->sk_state == BT_CONNECTED) { 618 err = -EINVAL; 619 break; 620 } 621 622 opts.imtu = chan->imtu; 623 opts.omtu = chan->omtu; 624 opts.flush_to = chan->flush_to; 625 opts.mode = chan->mode; 626 opts.fcs = chan->fcs; 627 opts.max_tx = chan->max_tx; 628 opts.txwin_size = chan->tx_win; 629 630 len = min_t(unsigned int, sizeof(opts), optlen); 631 if (copy_from_user((char *) &opts, optval, len)) { 632 err = -EFAULT; 633 break; 634 } 635 636 if (opts.txwin_size > L2CAP_DEFAULT_EXT_WINDOW) { 637 err = -EINVAL; 638 break; 639 } 640 641 if (!l2cap_valid_mtu(chan, opts.imtu)) { 642 err = -EINVAL; 643 break; 644 } 645 646 chan->mode = opts.mode; 647 switch (chan->mode) { 648 case L2CAP_MODE_LE_FLOWCTL: 649 break; 650 case L2CAP_MODE_BASIC: 651 clear_bit(CONF_STATE2_DEVICE, &chan->conf_state); 652 break; 653 case L2CAP_MODE_ERTM: 654 case L2CAP_MODE_STREAMING: 655 if (!disable_ertm) 656 break; 657 /* fall through */ 658 default: 659 err = -EINVAL; 660 break; 661 } 662 663 chan->imtu = opts.imtu; 664 chan->omtu = opts.omtu; 665 chan->fcs = opts.fcs; 666 chan->max_tx = opts.max_tx; 667 chan->tx_win = opts.txwin_size; 668 chan->flush_to = opts.flush_to; 669 break; 670 671 case L2CAP_LM: 672 if (get_user(opt, (u32 __user *) optval)) { 673 err = -EFAULT; 674 break; 675 } 676 677 if (opt & L2CAP_LM_AUTH) 678 chan->sec_level = BT_SECURITY_LOW; 679 if (opt & L2CAP_LM_ENCRYPT) 680 chan->sec_level = BT_SECURITY_MEDIUM; 681 if (opt & L2CAP_LM_SECURE) 682 chan->sec_level = BT_SECURITY_HIGH; 683 684 if (opt & L2CAP_LM_MASTER) 685 set_bit(FLAG_ROLE_SWITCH, &chan->flags); 686 else 687 clear_bit(FLAG_ROLE_SWITCH, &chan->flags); 688 689 if (opt & L2CAP_LM_RELIABLE) 690 set_bit(FLAG_FORCE_RELIABLE, &chan->flags); 691 else 692 clear_bit(FLAG_FORCE_RELIABLE, &chan->flags); 693 break; 694 695 default: 696 err = -ENOPROTOOPT; 697 break; 698 } 699 700 release_sock(sk); 701 return err; 702} 703 704static int l2cap_sock_setsockopt(struct socket *sock, int level, int optname, 705 char __user *optval, unsigned int optlen) 706{ 707 struct sock *sk = sock->sk; 708 struct l2cap_chan *chan = l2cap_pi(sk)->chan; 709 struct bt_security sec; 710 struct bt_power pwr; 711 struct l2cap_conn *conn; 712 int len, err = 0; 713 u32 opt; 714 715 BT_DBG("sk %p", sk); 716 717 if (level == SOL_L2CAP) 718 return l2cap_sock_setsockopt_old(sock, optname, optval, optlen); 719 720 if (level != SOL_BLUETOOTH) 721 return -ENOPROTOOPT; 722 723 lock_sock(sk); 724 725 switch (optname) { 726 case BT_SECURITY: 727 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED && 728 chan->chan_type != L2CAP_CHAN_RAW) { 729 err = -EINVAL; 730 break; 731 } 732 733 sec.level = BT_SECURITY_LOW; 734 735 len = min_t(unsigned int, sizeof(sec), optlen); 736 if (copy_from_user((char *) &sec, optval, len)) { 737 err = -EFAULT; 738 break; 739 } 740 741 if (sec.level < BT_SECURITY_LOW || 742 sec.level > BT_SECURITY_HIGH) { 743 err = -EINVAL; 744 break; 745 } 746 747 chan->sec_level = sec.level; 748 749 if (!chan->conn) 750 break; 751 752 conn = chan->conn; 753 754 /*change security for LE channels */ 755 if (chan->scid == L2CAP_CID_ATT) { 756 if (!conn->hcon->out) { 757 err = -EINVAL; 758 break; 759 } 760 761 if (smp_conn_security(conn->hcon, sec.level)) 762 break; 763 sk->sk_state = BT_CONFIG; 764 chan->state = BT_CONFIG; 765 766 /* or for ACL link */ 767 } else if ((sk->sk_state == BT_CONNECT2 && 768 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) || 769 sk->sk_state == BT_CONNECTED) { 770 if (!l2cap_chan_check_security(chan)) 771 set_bit(BT_SK_SUSPEND, &bt_sk(sk)->flags); 772 else 773 sk->sk_state_change(sk); 774 } else { 775 err = -EINVAL; 776 } 777 break; 778 779 case BT_DEFER_SETUP: 780 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) { 781 err = -EINVAL; 782 break; 783 } 784 785 if (get_user(opt, (u32 __user *) optval)) { 786 err = -EFAULT; 787 break; 788 } 789 790 if (opt) { 791 set_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags); 792 set_bit(FLAG_DEFER_SETUP, &chan->flags); 793 } else { 794 clear_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags); 795 clear_bit(FLAG_DEFER_SETUP, &chan->flags); 796 } 797 break; 798 799 case BT_FLUSHABLE: 800 if (get_user(opt, (u32 __user *) optval)) { 801 err = -EFAULT; 802 break; 803 } 804 805 if (opt > BT_FLUSHABLE_ON) { 806 err = -EINVAL; 807 break; 808 } 809 810 if (opt == BT_FLUSHABLE_OFF) { 811 conn = chan->conn; 812 /* proceed further only when we have l2cap_conn and 813 No Flush support in the LM */ 814 if (!conn || !lmp_no_flush_capable(conn->hcon->hdev)) { 815 err = -EINVAL; 816 break; 817 } 818 } 819 820 if (opt) 821 set_bit(FLAG_FLUSHABLE, &chan->flags); 822 else 823 clear_bit(FLAG_FLUSHABLE, &chan->flags); 824 break; 825 826 case BT_POWER: 827 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED && 828 chan->chan_type != L2CAP_CHAN_RAW) { 829 err = -EINVAL; 830 break; 831 } 832 833 pwr.force_active = BT_POWER_FORCE_ACTIVE_ON; 834 835 len = min_t(unsigned int, sizeof(pwr), optlen); 836 if (copy_from_user((char *) &pwr, optval, len)) { 837 err = -EFAULT; 838 break; 839 } 840 841 if (pwr.force_active) 842 set_bit(FLAG_FORCE_ACTIVE, &chan->flags); 843 else 844 clear_bit(FLAG_FORCE_ACTIVE, &chan->flags); 845 break; 846 847 case BT_CHANNEL_POLICY: 848 if (get_user(opt, (u32 __user *) optval)) { 849 err = -EFAULT; 850 break; 851 } 852 853 if (opt > BT_CHANNEL_POLICY_AMP_PREFERRED) { 854 err = -EINVAL; 855 break; 856 } 857 858 if (chan->mode != L2CAP_MODE_ERTM && 859 chan->mode != L2CAP_MODE_STREAMING) { 860 err = -EOPNOTSUPP; 861 break; 862 } 863 864 chan->chan_policy = (u8) opt; 865 866 if (sk->sk_state == BT_CONNECTED && 867 chan->move_role == L2CAP_MOVE_ROLE_NONE) 868 l2cap_move_start(chan); 869 870 break; 871 872 case BT_SNDMTU: 873 if (!enable_lecoc) { 874 err = -EPROTONOSUPPORT; 875 break; 876 } 877 878 if (!bdaddr_type_is_le(chan->src_type)) { 879 err = -EINVAL; 880 break; 881 } 882 883 /* Setting is not supported as it's the remote side that 884 * decides this. 885 */ 886 err = -EPERM; 887 break; 888 889 case BT_RCVMTU: 890 if (!enable_lecoc) { 891 err = -EPROTONOSUPPORT; 892 break; 893 } 894 895 if (!bdaddr_type_is_le(chan->src_type)) { 896 err = -EINVAL; 897 break; 898 } 899 900 if (sk->sk_state == BT_CONNECTED) { 901 err = -EISCONN; 902 break; 903 } 904 905 if (get_user(opt, (u32 __user *) optval)) { 906 err = -EFAULT; 907 break; 908 } 909 910 chan->imtu = opt; 911 break; 912 913 default: 914 err = -ENOPROTOOPT; 915 break; 916 } 917 918 release_sock(sk); 919 return err; 920} 921 922static int l2cap_sock_sendmsg(struct kiocb *iocb, struct socket *sock, 923 struct msghdr *msg, size_t len) 924{ 925 struct sock *sk = sock->sk; 926 struct l2cap_chan *chan = l2cap_pi(sk)->chan; 927 int err; 928 929 BT_DBG("sock %p, sk %p", sock, sk); 930 931 err = sock_error(sk); 932 if (err) 933 return err; 934 935 if (msg->msg_flags & MSG_OOB) 936 return -EOPNOTSUPP; 937 938 if (sk->sk_state != BT_CONNECTED) 939 return -ENOTCONN; 940 941 lock_sock(sk); 942 err = bt_sock_wait_ready(sk, msg->msg_flags); 943 release_sock(sk); 944 if (err) 945 return err; 946 947 l2cap_chan_lock(chan); 948 err = l2cap_chan_send(chan, msg, len, sk->sk_priority); 949 l2cap_chan_unlock(chan); 950 951 return err; 952} 953 954static int l2cap_sock_recvmsg(struct kiocb *iocb, struct socket *sock, 955 struct msghdr *msg, size_t len, int flags) 956{ 957 struct sock *sk = sock->sk; 958 struct l2cap_pinfo *pi = l2cap_pi(sk); 959 int err; 960 961 lock_sock(sk); 962 963 if (sk->sk_state == BT_CONNECT2 && test_bit(BT_SK_DEFER_SETUP, 964 &bt_sk(sk)->flags)) { 965 if (bdaddr_type_is_le(pi->chan->src_type)) { 966 sk->sk_state = BT_CONNECTED; 967 pi->chan->state = BT_CONNECTED; 968 __l2cap_le_connect_rsp_defer(pi->chan); 969 } else { 970 sk->sk_state = BT_CONFIG; 971 pi->chan->state = BT_CONFIG; 972 __l2cap_connect_rsp_defer(pi->chan); 973 } 974 975 err = 0; 976 goto done; 977 } 978 979 release_sock(sk); 980 981 if (sock->type == SOCK_STREAM) 982 err = bt_sock_stream_recvmsg(iocb, sock, msg, len, flags); 983 else 984 err = bt_sock_recvmsg(iocb, sock, msg, len, flags); 985 986 if (pi->chan->mode != L2CAP_MODE_ERTM) 987 return err; 988 989 /* Attempt to put pending rx data in the socket buffer */ 990 991 lock_sock(sk); 992 993 if (!test_bit(CONN_LOCAL_BUSY, &pi->chan->conn_state)) 994 goto done; 995 996 if (pi->rx_busy_skb) { 997 if (!sock_queue_rcv_skb(sk, pi->rx_busy_skb)) 998 pi->rx_busy_skb = NULL; 999 else 1000 goto done; 1001 } 1002 1003 /* Restore data flow when half of the receive buffer is 1004 * available. This avoids resending large numbers of 1005 * frames. 1006 */ 1007 if (atomic_read(&sk->sk_rmem_alloc) <= sk->sk_rcvbuf >> 1) 1008 l2cap_chan_busy(pi->chan, 0); 1009 1010done: 1011 release_sock(sk); 1012 return err; 1013} 1014 1015/* Kill socket (only if zapped and orphan) 1016 * Must be called on unlocked socket. 1017 */ 1018static void l2cap_sock_kill(struct sock *sk) 1019{ 1020 if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket) 1021 return; 1022 1023 BT_DBG("sk %p state %s", sk, state_to_string(sk->sk_state)); 1024 1025 /* Kill poor orphan */ 1026 1027 l2cap_chan_put(l2cap_pi(sk)->chan); 1028 sock_set_flag(sk, SOCK_DEAD); 1029 sock_put(sk); 1030} 1031 1032static int __l2cap_wait_ack(struct sock *sk) 1033{ 1034 struct l2cap_chan *chan = l2cap_pi(sk)->chan; 1035 DECLARE_WAITQUEUE(wait, current); 1036 int err = 0; 1037 int timeo = HZ/5; 1038 1039 add_wait_queue(sk_sleep(sk), &wait); 1040 set_current_state(TASK_INTERRUPTIBLE); 1041 while (chan->unacked_frames > 0 && chan->conn) { 1042 if (!timeo) 1043 timeo = HZ/5; 1044 1045 if (signal_pending(current)) { 1046 err = sock_intr_errno(timeo); 1047 break; 1048 } 1049 1050 release_sock(sk); 1051 timeo = schedule_timeout(timeo); 1052 lock_sock(sk); 1053 set_current_state(TASK_INTERRUPTIBLE); 1054 1055 err = sock_error(sk); 1056 if (err) 1057 break; 1058 } 1059 set_current_state(TASK_RUNNING); 1060 remove_wait_queue(sk_sleep(sk), &wait); 1061 return err; 1062} 1063 1064static int l2cap_sock_shutdown(struct socket *sock, int how) 1065{ 1066 struct sock *sk = sock->sk; 1067 struct l2cap_chan *chan; 1068 struct l2cap_conn *conn; 1069 int err = 0; 1070 1071 BT_DBG("sock %p, sk %p", sock, sk); 1072 1073 if (!sk) 1074 return 0; 1075 1076 chan = l2cap_pi(sk)->chan; 1077 conn = chan->conn; 1078 1079 if (conn) 1080 mutex_lock(&conn->chan_lock); 1081 1082 l2cap_chan_lock(chan); 1083 lock_sock(sk); 1084 1085 if (!sk->sk_shutdown) { 1086 if (chan->mode == L2CAP_MODE_ERTM) 1087 err = __l2cap_wait_ack(sk); 1088 1089 sk->sk_shutdown = SHUTDOWN_MASK; 1090 1091 release_sock(sk); 1092 l2cap_chan_close(chan, 0); 1093 lock_sock(sk); 1094 1095 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime) 1096 err = bt_sock_wait_state(sk, BT_CLOSED, 1097 sk->sk_lingertime); 1098 } 1099 1100 if (!err && sk->sk_err) 1101 err = -sk->sk_err; 1102 1103 release_sock(sk); 1104 l2cap_chan_unlock(chan); 1105 1106 if (conn) 1107 mutex_unlock(&conn->chan_lock); 1108 1109 return err; 1110} 1111 1112static int l2cap_sock_release(struct socket *sock) 1113{ 1114 struct sock *sk = sock->sk; 1115 int err; 1116 1117 BT_DBG("sock %p, sk %p", sock, sk); 1118 1119 if (!sk) 1120 return 0; 1121 1122 bt_sock_unlink(&l2cap_sk_list, sk); 1123 1124 err = l2cap_sock_shutdown(sock, 2); 1125 1126 sock_orphan(sk); 1127 l2cap_sock_kill(sk); 1128 return err; 1129} 1130 1131static void l2cap_sock_cleanup_listen(struct sock *parent) 1132{ 1133 struct sock *sk; 1134 1135 BT_DBG("parent %p", parent); 1136 1137 /* Close not yet accepted channels */ 1138 while ((sk = bt_accept_dequeue(parent, NULL))) { 1139 struct l2cap_chan *chan = l2cap_pi(sk)->chan; 1140 1141 l2cap_chan_lock(chan); 1142 __clear_chan_timer(chan); 1143 l2cap_chan_close(chan, ECONNRESET); 1144 l2cap_chan_unlock(chan); 1145 1146 l2cap_sock_kill(sk); 1147 } 1148} 1149 1150static struct l2cap_chan *l2cap_sock_new_connection_cb(struct l2cap_chan *chan) 1151{ 1152 struct sock *sk, *parent = chan->data; 1153 1154 lock_sock(parent); 1155 1156 /* Check for backlog size */ 1157 if (sk_acceptq_is_full(parent)) { 1158 BT_DBG("backlog full %d", parent->sk_ack_backlog); 1159 return NULL; 1160 } 1161 1162 sk = l2cap_sock_alloc(sock_net(parent), NULL, BTPROTO_L2CAP, 1163 GFP_ATOMIC); 1164 if (!sk) 1165 return NULL; 1166 1167 bt_sock_reclassify_lock(sk, BTPROTO_L2CAP); 1168 1169 l2cap_sock_init(sk, parent); 1170 1171 bt_accept_enqueue(parent, sk); 1172 1173 release_sock(parent); 1174 1175 return l2cap_pi(sk)->chan; 1176} 1177 1178static int l2cap_sock_recv_cb(struct l2cap_chan *chan, struct sk_buff *skb) 1179{ 1180 struct sock *sk = chan->data; 1181 int err; 1182 1183 lock_sock(sk); 1184 1185 if (l2cap_pi(sk)->rx_busy_skb) { 1186 err = -ENOMEM; 1187 goto done; 1188 } 1189 1190 err = sock_queue_rcv_skb(sk, skb); 1191 1192 /* For ERTM, handle one skb that doesn't fit into the recv 1193 * buffer. This is important to do because the data frames 1194 * have already been acked, so the skb cannot be discarded. 1195 * 1196 * Notify the l2cap core that the buffer is full, so the 1197 * LOCAL_BUSY state is entered and no more frames are 1198 * acked and reassembled until there is buffer space 1199 * available. 1200 */ 1201 if (err < 0 && chan->mode == L2CAP_MODE_ERTM) { 1202 l2cap_pi(sk)->rx_busy_skb = skb; 1203 l2cap_chan_busy(chan, 1); 1204 err = 0; 1205 } 1206 1207done: 1208 release_sock(sk); 1209 1210 return err; 1211} 1212 1213static void l2cap_sock_close_cb(struct l2cap_chan *chan) 1214{ 1215 struct sock *sk = chan->data; 1216 1217 l2cap_sock_kill(sk); 1218} 1219 1220static void l2cap_sock_teardown_cb(struct l2cap_chan *chan, int err) 1221{ 1222 struct sock *sk = chan->data; 1223 struct sock *parent; 1224 1225 lock_sock(sk); 1226 1227 parent = bt_sk(sk)->parent; 1228 1229 sock_set_flag(sk, SOCK_ZAPPED); 1230 1231 switch (chan->state) { 1232 case BT_OPEN: 1233 case BT_BOUND: 1234 case BT_CLOSED: 1235 break; 1236 case BT_LISTEN: 1237 l2cap_sock_cleanup_listen(sk); 1238 sk->sk_state = BT_CLOSED; 1239 chan->state = BT_CLOSED; 1240 1241 break; 1242 default: 1243 sk->sk_state = BT_CLOSED; 1244 chan->state = BT_CLOSED; 1245 1246 sk->sk_err = err; 1247 1248 if (parent) { 1249 bt_accept_unlink(sk); 1250 parent->sk_data_ready(parent, 0); 1251 } else { 1252 sk->sk_state_change(sk); 1253 } 1254 1255 break; 1256 } 1257 1258 release_sock(sk); 1259} 1260 1261static void l2cap_sock_state_change_cb(struct l2cap_chan *chan, int state, 1262 int err) 1263{ 1264 struct sock *sk = chan->data; 1265 1266 sk->sk_state = state; 1267 1268 if (err) 1269 sk->sk_err = err; 1270} 1271 1272static struct sk_buff *l2cap_sock_alloc_skb_cb(struct l2cap_chan *chan, 1273 unsigned long len, int nb) 1274{ 1275 struct sock *sk = chan->data; 1276 struct sk_buff *skb; 1277 int err; 1278 1279 l2cap_chan_unlock(chan); 1280 skb = bt_skb_send_alloc(sk, len, nb, &err); 1281 l2cap_chan_lock(chan); 1282 1283 if (!skb) 1284 return ERR_PTR(err); 1285 1286 bt_cb(skb)->chan = chan; 1287 1288 return skb; 1289} 1290 1291static void l2cap_sock_ready_cb(struct l2cap_chan *chan) 1292{ 1293 struct sock *sk = chan->data; 1294 struct sock *parent; 1295 1296 lock_sock(sk); 1297 1298 parent = bt_sk(sk)->parent; 1299 1300 BT_DBG("sk %p, parent %p", sk, parent); 1301 1302 sk->sk_state = BT_CONNECTED; 1303 sk->sk_state_change(sk); 1304 1305 if (parent) 1306 parent->sk_data_ready(parent, 0); 1307 1308 release_sock(sk); 1309} 1310 1311static void l2cap_sock_defer_cb(struct l2cap_chan *chan) 1312{ 1313 struct sock *parent, *sk = chan->data; 1314 1315 lock_sock(sk); 1316 1317 parent = bt_sk(sk)->parent; 1318 if (parent) 1319 parent->sk_data_ready(parent, 0); 1320 1321 release_sock(sk); 1322} 1323 1324static void l2cap_sock_resume_cb(struct l2cap_chan *chan) 1325{ 1326 struct sock *sk = chan->data; 1327 1328 clear_bit(BT_SK_SUSPEND, &bt_sk(sk)->flags); 1329 sk->sk_state_change(sk); 1330} 1331 1332static void l2cap_sock_set_shutdown_cb(struct l2cap_chan *chan) 1333{ 1334 struct sock *sk = chan->data; 1335 1336 lock_sock(sk); 1337 sk->sk_shutdown = SHUTDOWN_MASK; 1338 release_sock(sk); 1339} 1340 1341static long l2cap_sock_get_sndtimeo_cb(struct l2cap_chan *chan) 1342{ 1343 struct sock *sk = chan->data; 1344 1345 return sk->sk_sndtimeo; 1346} 1347 1348static struct l2cap_ops l2cap_chan_ops = { 1349 .name = "L2CAP Socket Interface", 1350 .new_connection = l2cap_sock_new_connection_cb, 1351 .recv = l2cap_sock_recv_cb, 1352 .close = l2cap_sock_close_cb, 1353 .teardown = l2cap_sock_teardown_cb, 1354 .state_change = l2cap_sock_state_change_cb, 1355 .ready = l2cap_sock_ready_cb, 1356 .defer = l2cap_sock_defer_cb, 1357 .resume = l2cap_sock_resume_cb, 1358 .set_shutdown = l2cap_sock_set_shutdown_cb, 1359 .get_sndtimeo = l2cap_sock_get_sndtimeo_cb, 1360 .alloc_skb = l2cap_sock_alloc_skb_cb, 1361}; 1362 1363static void l2cap_sock_destruct(struct sock *sk) 1364{ 1365 BT_DBG("sk %p", sk); 1366 1367 if (l2cap_pi(sk)->chan) 1368 l2cap_chan_put(l2cap_pi(sk)->chan); 1369 1370 if (l2cap_pi(sk)->rx_busy_skb) { 1371 kfree_skb(l2cap_pi(sk)->rx_busy_skb); 1372 l2cap_pi(sk)->rx_busy_skb = NULL; 1373 } 1374 1375 skb_queue_purge(&sk->sk_receive_queue); 1376 skb_queue_purge(&sk->sk_write_queue); 1377} 1378 1379static void l2cap_skb_msg_name(struct sk_buff *skb, void *msg_name, 1380 int *msg_namelen) 1381{ 1382 struct sockaddr_l2 *la = (struct sockaddr_l2 *) msg_name; 1383 1384 memset(la, 0, sizeof(struct sockaddr_l2)); 1385 la->l2_family = AF_BLUETOOTH; 1386 la->l2_psm = bt_cb(skb)->psm; 1387 bacpy(&la->l2_bdaddr, &bt_cb(skb)->bdaddr); 1388 1389 *msg_namelen = sizeof(struct sockaddr_l2); 1390} 1391 1392static void l2cap_sock_init(struct sock *sk, struct sock *parent) 1393{ 1394 struct l2cap_chan *chan = l2cap_pi(sk)->chan; 1395 1396 BT_DBG("sk %p", sk); 1397 1398 if (parent) { 1399 struct l2cap_chan *pchan = l2cap_pi(parent)->chan; 1400 1401 sk->sk_type = parent->sk_type; 1402 bt_sk(sk)->flags = bt_sk(parent)->flags; 1403 1404 chan->chan_type = pchan->chan_type; 1405 chan->imtu = pchan->imtu; 1406 chan->omtu = pchan->omtu; 1407 chan->conf_state = pchan->conf_state; 1408 chan->mode = pchan->mode; 1409 chan->fcs = pchan->fcs; 1410 chan->max_tx = pchan->max_tx; 1411 chan->tx_win = pchan->tx_win; 1412 chan->tx_win_max = pchan->tx_win_max; 1413 chan->sec_level = pchan->sec_level; 1414 chan->flags = pchan->flags; 1415 chan->tx_credits = pchan->tx_credits; 1416 chan->rx_credits = pchan->rx_credits; 1417 1418 security_sk_clone(parent, sk); 1419 } else { 1420 switch (sk->sk_type) { 1421 case SOCK_RAW: 1422 chan->chan_type = L2CAP_CHAN_RAW; 1423 break; 1424 case SOCK_DGRAM: 1425 chan->chan_type = L2CAP_CHAN_CONN_LESS; 1426 bt_sk(sk)->skb_msg_name = l2cap_skb_msg_name; 1427 break; 1428 case SOCK_SEQPACKET: 1429 case SOCK_STREAM: 1430 chan->chan_type = L2CAP_CHAN_CONN_ORIENTED; 1431 break; 1432 } 1433 1434 chan->imtu = L2CAP_DEFAULT_MTU; 1435 chan->omtu = 0; 1436 if (!disable_ertm && sk->sk_type == SOCK_STREAM) { 1437 chan->mode = L2CAP_MODE_ERTM; 1438 set_bit(CONF_STATE2_DEVICE, &chan->conf_state); 1439 } else { 1440 chan->mode = L2CAP_MODE_BASIC; 1441 } 1442 1443 l2cap_chan_set_defaults(chan); 1444 } 1445 1446 /* Default config options */ 1447 chan->flush_to = L2CAP_DEFAULT_FLUSH_TO; 1448 1449 chan->data = sk; 1450 chan->ops = &l2cap_chan_ops; 1451} 1452 1453static struct proto l2cap_proto = { 1454 .name = "L2CAP", 1455 .owner = THIS_MODULE, 1456 .obj_size = sizeof(struct l2cap_pinfo) 1457}; 1458 1459static struct sock *l2cap_sock_alloc(struct net *net, struct socket *sock, 1460 int proto, gfp_t prio) 1461{ 1462 struct sock *sk; 1463 struct l2cap_chan *chan; 1464 1465 sk = sk_alloc(net, PF_BLUETOOTH, prio, &l2cap_proto); 1466 if (!sk) 1467 return NULL; 1468 1469 sock_init_data(sock, sk); 1470 INIT_LIST_HEAD(&bt_sk(sk)->accept_q); 1471 1472 sk->sk_destruct = l2cap_sock_destruct; 1473 sk->sk_sndtimeo = L2CAP_CONN_TIMEOUT; 1474 1475 sock_reset_flag(sk, SOCK_ZAPPED); 1476 1477 sk->sk_protocol = proto; 1478 sk->sk_state = BT_OPEN; 1479 1480 chan = l2cap_chan_create(); 1481 if (!chan) { 1482 sk_free(sk); 1483 return NULL; 1484 } 1485 1486 l2cap_chan_hold(chan); 1487 1488 l2cap_pi(sk)->chan = chan; 1489 1490 return sk; 1491} 1492 1493static int l2cap_sock_create(struct net *net, struct socket *sock, int protocol, 1494 int kern) 1495{ 1496 struct sock *sk; 1497 1498 BT_DBG("sock %p", sock); 1499 1500 sock->state = SS_UNCONNECTED; 1501 1502 if (sock->type != SOCK_SEQPACKET && sock->type != SOCK_STREAM && 1503 sock->type != SOCK_DGRAM && sock->type != SOCK_RAW) 1504 return -ESOCKTNOSUPPORT; 1505 1506 if (sock->type == SOCK_RAW && !kern && !capable(CAP_NET_RAW)) 1507 return -EPERM; 1508 1509 sock->ops = &l2cap_sock_ops; 1510 1511 sk = l2cap_sock_alloc(net, sock, protocol, GFP_ATOMIC); 1512 if (!sk) 1513 return -ENOMEM; 1514 1515 l2cap_sock_init(sk, NULL); 1516 bt_sock_link(&l2cap_sk_list, sk); 1517 return 0; 1518} 1519 1520static const struct proto_ops l2cap_sock_ops = { 1521 .family = PF_BLUETOOTH, 1522 .owner = THIS_MODULE, 1523 .release = l2cap_sock_release, 1524 .bind = l2cap_sock_bind, 1525 .connect = l2cap_sock_connect, 1526 .listen = l2cap_sock_listen, 1527 .accept = l2cap_sock_accept, 1528 .getname = l2cap_sock_getname, 1529 .sendmsg = l2cap_sock_sendmsg, 1530 .recvmsg = l2cap_sock_recvmsg, 1531 .poll = bt_sock_poll, 1532 .ioctl = bt_sock_ioctl, 1533 .mmap = sock_no_mmap, 1534 .socketpair = sock_no_socketpair, 1535 .shutdown = l2cap_sock_shutdown, 1536 .setsockopt = l2cap_sock_setsockopt, 1537 .getsockopt = l2cap_sock_getsockopt 1538}; 1539 1540static const struct net_proto_family l2cap_sock_family_ops = { 1541 .family = PF_BLUETOOTH, 1542 .owner = THIS_MODULE, 1543 .create = l2cap_sock_create, 1544}; 1545 1546int __init l2cap_init_sockets(void) 1547{ 1548 int err; 1549 1550 err = proto_register(&l2cap_proto, 0); 1551 if (err < 0) 1552 return err; 1553 1554 err = bt_sock_register(BTPROTO_L2CAP, &l2cap_sock_family_ops); 1555 if (err < 0) { 1556 BT_ERR("L2CAP socket registration failed"); 1557 goto error; 1558 } 1559 1560 err = bt_procfs_init(&init_net, "l2cap", &l2cap_sk_list, 1561 NULL); 1562 if (err < 0) { 1563 BT_ERR("Failed to create L2CAP proc file"); 1564 bt_sock_unregister(BTPROTO_L2CAP); 1565 goto error; 1566 } 1567 1568 BT_INFO("L2CAP socket layer initialized"); 1569 1570 return 0; 1571 1572error: 1573 proto_unregister(&l2cap_proto); 1574 return err; 1575} 1576 1577void l2cap_cleanup_sockets(void) 1578{ 1579 bt_procfs_cleanup(&init_net, "l2cap"); 1580 bt_sock_unregister(BTPROTO_L2CAP); 1581 proto_unregister(&l2cap_proto); 1582} 1583 1584module_param(enable_lecoc, bool, 0644); 1585MODULE_PARM_DESC(enable_lecoc, "Enable support for LE CoC"); 1586