2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
25 /* Bluetooth HCI sockets. */
27 #include <linux/module.h>
29 #include <linux/types.h>
30 #include <linux/capability.h>
31 #include <linux/errno.h>
32 #include <linux/kernel.h>
33 #include <linux/slab.h>
34 #include <linux/poll.h>
35 #include <linux/fcntl.h>
36 #include <linux/init.h>
37 #include <linux/skbuff.h>
38 #include <linux/workqueue.h>
39 #include <linux/interrupt.h>
40 #include <linux/compat.h>
41 #include <linux/socket.h>
42 #include <linux/ioctl.h>
45 #include <asm/system.h>
46 #include <linux/uaccess.h>
47 #include <asm/unaligned.h>
49 #include <net/bluetooth/bluetooth.h>
50 #include <net/bluetooth/hci_core.h>
52 static int enable_mgmt;
54 /* ----- HCI socket interface ----- */
56 static inline int hci_test_bit(int nr, void *addr)
58 return *((__u32 *) addr + (nr >> 5)) & ((__u32) 1 << (nr & 31));
62 static struct hci_sec_filter hci_sec_filter = {
66 { 0x1000d9fe, 0x0000b00c },
71 { 0xbe000006, 0x00000001, 0x00000000, 0x00 },
73 { 0x00005200, 0x00000000, 0x00000000, 0x00 },
75 { 0xaab00200, 0x2b402aaa, 0x05220154, 0x00 },
77 { 0x000002be, 0x00000000, 0x00000000, 0x00 },
78 /* OGF_STATUS_PARAM */
79 { 0x000000ea, 0x00000000, 0x00000000, 0x00 }
83 static struct bt_sock_list hci_sk_list = {
84 .lock = __RW_LOCK_UNLOCKED(hci_sk_list.lock)
87 /* Send frame to RAW socket */
88 void hci_send_to_sock(struct hci_dev *hdev, struct sk_buff *skb)
91 struct hlist_node *node;
93 BT_DBG("hdev %p len %d", hdev, skb->len);
95 read_lock(&hci_sk_list.lock);
96 sk_for_each(sk, node, &hci_sk_list.head) {
97 struct hci_filter *flt;
100 if (sk->sk_state != BT_BOUND || hci_pi(sk)->hdev != hdev)
103 /* Don't send frame to the socket it came from */
107 if (bt_cb(skb)->channel != hci_pi(sk)->channel)
110 if (bt_cb(skb)->channel == HCI_CHANNEL_CONTROL)
114 flt = &hci_pi(sk)->filter;
116 if (!test_bit((bt_cb(skb)->pkt_type == HCI_VENDOR_PKT) ?
117 0 : (bt_cb(skb)->pkt_type & HCI_FLT_TYPE_BITS), &flt->type_mask))
120 if (bt_cb(skb)->pkt_type == HCI_EVENT_PKT) {
121 register int evt = (*(__u8 *)skb->data & HCI_FLT_EVENT_BITS);
123 if (!hci_test_bit(evt, &flt->event_mask))
127 ((evt == HCI_EV_CMD_COMPLETE &&
129 get_unaligned((__le16 *)(skb->data + 3))) ||
130 (evt == HCI_EV_CMD_STATUS &&
132 get_unaligned((__le16 *)(skb->data + 4)))))
137 nskb = skb_clone(skb, GFP_ATOMIC);
141 /* Put type byte before the data */
142 if (bt_cb(skb)->channel == HCI_CHANNEL_RAW)
143 memcpy(skb_push(nskb, 1), &bt_cb(nskb)->pkt_type, 1);
145 if (sock_queue_rcv_skb(sk, nskb))
148 read_unlock(&hci_sk_list.lock);
151 static int hci_sock_release(struct socket *sock)
153 struct sock *sk = sock->sk;
154 struct hci_dev *hdev;
156 BT_DBG("sock %p sk %p", sock, sk);
161 hdev = hci_pi(sk)->hdev;
163 bt_sock_unlink(&hci_sk_list, sk);
166 atomic_dec(&hdev->promisc);
172 skb_queue_purge(&sk->sk_receive_queue);
173 skb_queue_purge(&sk->sk_write_queue);
179 struct bdaddr_list *hci_blacklist_lookup(struct hci_dev *hdev, bdaddr_t *bdaddr)
183 list_for_each(p, &hdev->blacklist) {
184 struct bdaddr_list *b;
186 b = list_entry(p, struct bdaddr_list, list);
188 if (bacmp(bdaddr, &b->bdaddr) == 0)
195 static int hci_blacklist_add(struct hci_dev *hdev, void __user *arg)
198 struct bdaddr_list *entry;
200 if (copy_from_user(&bdaddr, arg, sizeof(bdaddr)))
203 if (bacmp(&bdaddr, BDADDR_ANY) == 0)
206 if (hci_blacklist_lookup(hdev, &bdaddr))
209 entry = kzalloc(sizeof(struct bdaddr_list), GFP_KERNEL);
213 bacpy(&entry->bdaddr, &bdaddr);
215 list_add(&entry->list, &hdev->blacklist);
220 int hci_blacklist_clear(struct hci_dev *hdev)
222 struct list_head *p, *n;
224 list_for_each_safe(p, n, &hdev->blacklist) {
225 struct bdaddr_list *b;
227 b = list_entry(p, struct bdaddr_list, list);
236 static int hci_blacklist_del(struct hci_dev *hdev, void __user *arg)
239 struct bdaddr_list *entry;
241 if (copy_from_user(&bdaddr, arg, sizeof(bdaddr)))
244 if (bacmp(&bdaddr, BDADDR_ANY) == 0)
245 return hci_blacklist_clear(hdev);
247 entry = hci_blacklist_lookup(hdev, &bdaddr);
251 list_del(&entry->list);
257 /* Ioctls that require bound socket */
258 static inline int hci_sock_bound_ioctl(struct sock *sk, unsigned int cmd, unsigned long arg)
260 struct hci_dev *hdev = hci_pi(sk)->hdev;
267 if (!capable(CAP_NET_ADMIN))
270 if (test_bit(HCI_QUIRK_RAW_DEVICE, &hdev->quirks))
274 set_bit(HCI_RAW, &hdev->flags);
276 clear_bit(HCI_RAW, &hdev->flags);
281 return hci_get_conn_info(hdev, (void __user *) arg);
284 return hci_get_auth_info(hdev, (void __user *) arg);
287 if (!capable(CAP_NET_ADMIN))
289 return hci_blacklist_add(hdev, (void __user *) arg);
292 if (!capable(CAP_NET_ADMIN))
294 return hci_blacklist_del(hdev, (void __user *) arg);
298 return hdev->ioctl(hdev, cmd, arg);
303 static int hci_sock_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
305 struct sock *sk = sock->sk;
306 void __user *argp = (void __user *) arg;
309 BT_DBG("cmd %x arg %lx", cmd, arg);
313 return hci_get_dev_list(argp);
316 return hci_get_dev_info(argp);
319 return hci_get_conn_list(argp);
322 if (!capable(CAP_NET_ADMIN))
324 return hci_dev_open(arg);
327 if (!capable(CAP_NET_ADMIN))
329 return hci_dev_close(arg);
332 if (!capable(CAP_NET_ADMIN))
334 return hci_dev_reset(arg);
337 if (!capable(CAP_NET_ADMIN))
339 return hci_dev_reset_stat(arg);
349 if (!capable(CAP_NET_ADMIN))
351 return hci_dev_cmd(cmd, argp);
354 return hci_inquiry(argp);
358 err = hci_sock_bound_ioctl(sk, cmd, arg);
364 static int hci_sock_bind(struct socket *sock, struct sockaddr *addr, int addr_len)
366 struct sockaddr_hci haddr;
367 struct sock *sk = sock->sk;
368 struct hci_dev *hdev = NULL;
371 BT_DBG("sock %p sk %p", sock, sk);
376 memset(&haddr, 0, sizeof(haddr));
377 len = min_t(unsigned int, sizeof(haddr), addr_len);
378 memcpy(&haddr, addr, len);
380 if (haddr.hci_family != AF_BLUETOOTH)
383 if (haddr.hci_channel > HCI_CHANNEL_CONTROL)
386 if (haddr.hci_channel == HCI_CHANNEL_CONTROL && !enable_mgmt)
391 if (sk->sk_state == BT_BOUND || hci_pi(sk)->hdev) {
396 if (haddr.hci_dev != HCI_DEV_NONE) {
397 hdev = hci_dev_get(haddr.hci_dev);
403 atomic_inc(&hdev->promisc);
406 hci_pi(sk)->channel = haddr.hci_channel;
407 hci_pi(sk)->hdev = hdev;
408 sk->sk_state = BT_BOUND;
415 static int hci_sock_getname(struct socket *sock, struct sockaddr *addr, int *addr_len, int peer)
417 struct sockaddr_hci *haddr = (struct sockaddr_hci *) addr;
418 struct sock *sk = sock->sk;
419 struct hci_dev *hdev = hci_pi(sk)->hdev;
421 BT_DBG("sock %p sk %p", sock, sk);
428 *addr_len = sizeof(*haddr);
429 haddr->hci_family = AF_BLUETOOTH;
430 haddr->hci_dev = hdev->id;
436 static inline void hci_sock_cmsg(struct sock *sk, struct msghdr *msg, struct sk_buff *skb)
438 __u32 mask = hci_pi(sk)->cmsg_mask;
440 if (mask & HCI_CMSG_DIR) {
441 int incoming = bt_cb(skb)->incoming;
442 put_cmsg(msg, SOL_HCI, HCI_CMSG_DIR, sizeof(incoming), &incoming);
445 if (mask & HCI_CMSG_TSTAMP) {
447 struct compat_timeval ctv;
453 skb_get_timestamp(skb, &tv);
458 if (msg->msg_flags & MSG_CMSG_COMPAT) {
459 ctv.tv_sec = tv.tv_sec;
460 ctv.tv_usec = tv.tv_usec;
466 put_cmsg(msg, SOL_HCI, HCI_CMSG_TSTAMP, len, data);
470 static int hci_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
471 struct msghdr *msg, size_t len, int flags)
473 int noblock = flags & MSG_DONTWAIT;
474 struct sock *sk = sock->sk;
478 BT_DBG("sock %p, sk %p", sock, sk);
480 if (flags & (MSG_OOB))
483 if (sk->sk_state == BT_CLOSED)
486 skb = skb_recv_datagram(sk, flags, noblock, &err);
490 msg->msg_namelen = 0;
494 msg->msg_flags |= MSG_TRUNC;
498 skb_reset_transport_header(skb);
499 err = skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied);
501 hci_sock_cmsg(sk, msg, skb);
503 skb_free_datagram(sk, skb);
505 return err ? : copied;
508 static int hci_sock_sendmsg(struct kiocb *iocb, struct socket *sock,
509 struct msghdr *msg, size_t len)
511 struct sock *sk = sock->sk;
512 struct hci_dev *hdev;
516 BT_DBG("sock %p sk %p", sock, sk);
518 if (msg->msg_flags & MSG_OOB)
521 if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_NOSIGNAL|MSG_ERRQUEUE))
524 if (len < 4 || len > HCI_MAX_FRAME_SIZE)
529 switch (hci_pi(sk)->channel) {
530 case HCI_CHANNEL_RAW:
532 case HCI_CHANNEL_CONTROL:
533 err = mgmt_control(sk, msg, len);
540 hdev = hci_pi(sk)->hdev;
546 if (!test_bit(HCI_UP, &hdev->flags)) {
551 skb = bt_skb_send_alloc(sk, len, msg->msg_flags & MSG_DONTWAIT, &err);
555 if (memcpy_fromiovec(skb_put(skb, len), msg->msg_iov, len)) {
560 bt_cb(skb)->pkt_type = *((unsigned char *) skb->data);
562 skb->dev = (void *) hdev;
564 if (bt_cb(skb)->pkt_type == HCI_COMMAND_PKT) {
565 u16 opcode = get_unaligned_le16(skb->data);
566 u16 ogf = hci_opcode_ogf(opcode);
567 u16 ocf = hci_opcode_ocf(opcode);
569 if (((ogf > HCI_SFLT_MAX_OGF) ||
570 !hci_test_bit(ocf & HCI_FLT_OCF_BITS, &hci_sec_filter.ocf_mask[ogf])) &&
571 !capable(CAP_NET_RAW)) {
576 if (test_bit(HCI_RAW, &hdev->flags) || (ogf == 0x3f)) {
577 skb_queue_tail(&hdev->raw_q, skb);
578 tasklet_schedule(&hdev->tx_task);
580 skb_queue_tail(&hdev->cmd_q, skb);
581 tasklet_schedule(&hdev->cmd_task);
584 if (!capable(CAP_NET_RAW)) {
589 skb_queue_tail(&hdev->raw_q, skb);
590 tasklet_schedule(&hdev->tx_task);
604 static int hci_sock_setsockopt(struct socket *sock, int level, int optname, char __user *optval, unsigned int len)
606 struct hci_ufilter uf = { .opcode = 0 };
607 struct sock *sk = sock->sk;
608 int err = 0, opt = 0;
610 BT_DBG("sk %p, opt %d", sk, optname);
616 if (get_user(opt, (int __user *)optval)) {
622 hci_pi(sk)->cmsg_mask |= HCI_CMSG_DIR;
624 hci_pi(sk)->cmsg_mask &= ~HCI_CMSG_DIR;
628 if (get_user(opt, (int __user *)optval)) {
634 hci_pi(sk)->cmsg_mask |= HCI_CMSG_TSTAMP;
636 hci_pi(sk)->cmsg_mask &= ~HCI_CMSG_TSTAMP;
641 struct hci_filter *f = &hci_pi(sk)->filter;
643 uf.type_mask = f->type_mask;
644 uf.opcode = f->opcode;
645 uf.event_mask[0] = *((u32 *) f->event_mask + 0);
646 uf.event_mask[1] = *((u32 *) f->event_mask + 1);
649 len = min_t(unsigned int, len, sizeof(uf));
650 if (copy_from_user(&uf, optval, len)) {
655 if (!capable(CAP_NET_RAW)) {
656 uf.type_mask &= hci_sec_filter.type_mask;
657 uf.event_mask[0] &= *((u32 *) hci_sec_filter.event_mask + 0);
658 uf.event_mask[1] &= *((u32 *) hci_sec_filter.event_mask + 1);
662 struct hci_filter *f = &hci_pi(sk)->filter;
664 f->type_mask = uf.type_mask;
665 f->opcode = uf.opcode;
666 *((u32 *) f->event_mask + 0) = uf.event_mask[0];
667 *((u32 *) f->event_mask + 1) = uf.event_mask[1];
680 static int hci_sock_getsockopt(struct socket *sock, int level, int optname, char __user *optval, int __user *optlen)
682 struct hci_ufilter uf;
683 struct sock *sk = sock->sk;
686 if (get_user(len, optlen))
691 if (hci_pi(sk)->cmsg_mask & HCI_CMSG_DIR)
696 if (put_user(opt, optval))
701 if (hci_pi(sk)->cmsg_mask & HCI_CMSG_TSTAMP)
706 if (put_user(opt, optval))
712 struct hci_filter *f = &hci_pi(sk)->filter;
714 uf.type_mask = f->type_mask;
715 uf.opcode = f->opcode;
716 uf.event_mask[0] = *((u32 *) f->event_mask + 0);
717 uf.event_mask[1] = *((u32 *) f->event_mask + 1);
720 len = min_t(unsigned int, len, sizeof(uf));
721 if (copy_to_user(optval, &uf, len))
733 static const struct proto_ops hci_sock_ops = {
734 .family = PF_BLUETOOTH,
735 .owner = THIS_MODULE,
736 .release = hci_sock_release,
737 .bind = hci_sock_bind,
738 .getname = hci_sock_getname,
739 .sendmsg = hci_sock_sendmsg,
740 .recvmsg = hci_sock_recvmsg,
741 .ioctl = hci_sock_ioctl,
742 .poll = datagram_poll,
743 .listen = sock_no_listen,
744 .shutdown = sock_no_shutdown,
745 .setsockopt = hci_sock_setsockopt,
746 .getsockopt = hci_sock_getsockopt,
747 .connect = sock_no_connect,
748 .socketpair = sock_no_socketpair,
749 .accept = sock_no_accept,
753 static struct proto hci_sk_proto = {
755 .owner = THIS_MODULE,
756 .obj_size = sizeof(struct hci_pinfo)
759 static int hci_sock_create(struct net *net, struct socket *sock, int protocol,
764 BT_DBG("sock %p", sock);
766 if (sock->type != SOCK_RAW)
767 return -ESOCKTNOSUPPORT;
769 sock->ops = &hci_sock_ops;
771 sk = sk_alloc(net, PF_BLUETOOTH, GFP_ATOMIC, &hci_sk_proto);
775 sock_init_data(sock, sk);
777 sock_reset_flag(sk, SOCK_ZAPPED);
779 sk->sk_protocol = protocol;
781 sock->state = SS_UNCONNECTED;
782 sk->sk_state = BT_OPEN;
784 bt_sock_link(&hci_sk_list, sk);
788 static int hci_sock_dev_event(struct notifier_block *this, unsigned long event, void *ptr)
790 struct hci_dev *hdev = (struct hci_dev *) ptr;
791 struct hci_ev_si_device ev;
793 BT_DBG("hdev %s event %ld", hdev->name, event);
795 /* Send event to sockets */
797 ev.dev_id = hdev->id;
798 hci_si_event(NULL, HCI_EV_SI_DEVICE, sizeof(ev), &ev);
800 if (event == HCI_DEV_UNREG) {
802 struct hlist_node *node;
804 /* Detach sockets from device */
805 read_lock(&hci_sk_list.lock);
806 sk_for_each(sk, node, &hci_sk_list.head) {
808 bh_lock_sock_nested(sk);
809 if (hci_pi(sk)->hdev == hdev) {
810 hci_pi(sk)->hdev = NULL;
812 sk->sk_state = BT_OPEN;
813 sk->sk_state_change(sk);
820 read_unlock(&hci_sk_list.lock);
826 static const struct net_proto_family hci_sock_family_ops = {
827 .family = PF_BLUETOOTH,
828 .owner = THIS_MODULE,
829 .create = hci_sock_create,
832 static struct notifier_block hci_sock_nblock = {
833 .notifier_call = hci_sock_dev_event
836 int __init hci_sock_init(void)
840 err = proto_register(&hci_sk_proto, 0);
844 err = bt_sock_register(BTPROTO_HCI, &hci_sock_family_ops);
848 hci_register_notifier(&hci_sock_nblock);
850 BT_INFO("HCI socket layer initialized");
855 BT_ERR("HCI socket registration failed");
856 proto_unregister(&hci_sk_proto);
860 void __exit hci_sock_cleanup(void)
862 if (bt_sock_unregister(BTPROTO_HCI) < 0)
863 BT_ERR("HCI socket unregistration failed");
865 hci_unregister_notifier(&hci_sock_nblock);
867 proto_unregister(&hci_sk_proto);
870 module_param(enable_mgmt, bool, 0644);
871 MODULE_PARM_DESC(enable_mgmt, "Enable Management interface");
git.openpandora.org / pandora-kernel.git / blob