2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
25 /* Bluetooth HCI sockets. */
27 #include <linux/module.h>
29 #include <linux/types.h>
30 #include <linux/capability.h>
31 #include <linux/errno.h>
32 #include <linux/kernel.h>
33 #include <linux/slab.h>
34 #include <linux/poll.h>
35 #include <linux/fcntl.h>
36 #include <linux/init.h>
37 #include <linux/skbuff.h>
38 #include <linux/workqueue.h>
39 #include <linux/interrupt.h>
40 #include <linux/compat.h>
41 #include <linux/socket.h>
42 #include <linux/ioctl.h>
45 #include <asm/system.h>
46 #include <linux/uaccess.h>
47 #include <asm/unaligned.h>
49 #include <net/bluetooth/bluetooth.h>
50 #include <net/bluetooth/hci_core.h>
52 static int enable_mgmt;
54 /* ----- HCI socket interface ----- */
56 static inline int hci_test_bit(int nr, void *addr)
58 return *((__u32 *) addr + (nr >> 5)) & ((__u32) 1 << (nr & 31));
62 static struct hci_sec_filter hci_sec_filter = {
66 { 0x1000d9fe, 0x0000b00c },
71 { 0xbe000006, 0x00000001, 0x00000000, 0x00 },
73 { 0x00005200, 0x00000000, 0x00000000, 0x00 },
75 { 0xaab00200, 0x2b402aaa, 0x05220154, 0x00 },
77 { 0x000002be, 0x00000000, 0x00000000, 0x00 },
78 /* OGF_STATUS_PARAM */
79 { 0x000000ea, 0x00000000, 0x00000000, 0x00 }
83 static struct bt_sock_list hci_sk_list = {
84 .lock = __RW_LOCK_UNLOCKED(hci_sk_list.lock)
87 /* Send frame to RAW socket */
88 void hci_send_to_sock(struct hci_dev *hdev, struct sk_buff *skb,
92 struct hlist_node *node;
94 BT_DBG("hdev %p len %d", hdev, skb->len);
96 read_lock(&hci_sk_list.lock);
97 sk_for_each(sk, node, &hci_sk_list.head) {
98 struct hci_filter *flt;
104 if (sk->sk_state != BT_BOUND || hci_pi(sk)->hdev != hdev)
107 /* Don't send frame to the socket it came from */
111 if (bt_cb(skb)->channel != hci_pi(sk)->channel)
114 if (bt_cb(skb)->channel == HCI_CHANNEL_CONTROL)
118 flt = &hci_pi(sk)->filter;
120 if (!test_bit((bt_cb(skb)->pkt_type == HCI_VENDOR_PKT) ?
121 0 : (bt_cb(skb)->pkt_type & HCI_FLT_TYPE_BITS), &flt->type_mask))
124 if (bt_cb(skb)->pkt_type == HCI_EVENT_PKT) {
125 register int evt = (*(__u8 *)skb->data & HCI_FLT_EVENT_BITS);
127 if (!hci_test_bit(evt, &flt->event_mask))
131 ((evt == HCI_EV_CMD_COMPLETE &&
133 get_unaligned((__le16 *)(skb->data + 3))) ||
134 (evt == HCI_EV_CMD_STATUS &&
136 get_unaligned((__le16 *)(skb->data + 4)))))
141 nskb = skb_clone(skb, GFP_ATOMIC);
145 /* Put type byte before the data */
146 if (bt_cb(skb)->channel == HCI_CHANNEL_RAW)
147 memcpy(skb_push(nskb, 1), &bt_cb(nskb)->pkt_type, 1);
149 if (sock_queue_rcv_skb(sk, nskb))
152 read_unlock(&hci_sk_list.lock);
155 static int hci_sock_release(struct socket *sock)
157 struct sock *sk = sock->sk;
158 struct hci_dev *hdev;
160 BT_DBG("sock %p sk %p", sock, sk);
165 hdev = hci_pi(sk)->hdev;
167 bt_sock_unlink(&hci_sk_list, sk);
170 atomic_dec(&hdev->promisc);
176 skb_queue_purge(&sk->sk_receive_queue);
177 skb_queue_purge(&sk->sk_write_queue);
183 static int hci_sock_blacklist_add(struct hci_dev *hdev, void __user *arg)
187 if (copy_from_user(&bdaddr, arg, sizeof(bdaddr)))
190 return hci_blacklist_add(hdev, &bdaddr);
193 static int hci_sock_blacklist_del(struct hci_dev *hdev, void __user *arg)
197 if (copy_from_user(&bdaddr, arg, sizeof(bdaddr)))
200 return hci_blacklist_del(hdev, &bdaddr);
203 /* Ioctls that require bound socket */
204 static inline int hci_sock_bound_ioctl(struct sock *sk, unsigned int cmd, unsigned long arg)
206 struct hci_dev *hdev = hci_pi(sk)->hdev;
213 if (!capable(CAP_NET_ADMIN))
216 if (test_bit(HCI_QUIRK_RAW_DEVICE, &hdev->quirks))
220 set_bit(HCI_RAW, &hdev->flags);
222 clear_bit(HCI_RAW, &hdev->flags);
227 return hci_get_conn_info(hdev, (void __user *) arg);
230 return hci_get_auth_info(hdev, (void __user *) arg);
233 if (!capable(CAP_NET_ADMIN))
235 return hci_sock_blacklist_add(hdev, (void __user *) arg);
238 if (!capable(CAP_NET_ADMIN))
240 return hci_sock_blacklist_del(hdev, (void __user *) arg);
244 return hdev->ioctl(hdev, cmd, arg);
249 static int hci_sock_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
251 struct sock *sk = sock->sk;
252 void __user *argp = (void __user *) arg;
255 BT_DBG("cmd %x arg %lx", cmd, arg);
259 return hci_get_dev_list(argp);
262 return hci_get_dev_info(argp);
265 return hci_get_conn_list(argp);
268 if (!capable(CAP_NET_ADMIN))
270 return hci_dev_open(arg);
273 if (!capable(CAP_NET_ADMIN))
275 return hci_dev_close(arg);
278 if (!capable(CAP_NET_ADMIN))
280 return hci_dev_reset(arg);
283 if (!capable(CAP_NET_ADMIN))
285 return hci_dev_reset_stat(arg);
295 if (!capable(CAP_NET_ADMIN))
297 return hci_dev_cmd(cmd, argp);
300 return hci_inquiry(argp);
304 err = hci_sock_bound_ioctl(sk, cmd, arg);
310 static int hci_sock_bind(struct socket *sock, struct sockaddr *addr, int addr_len)
312 struct sockaddr_hci haddr;
313 struct sock *sk = sock->sk;
314 struct hci_dev *hdev = NULL;
317 BT_DBG("sock %p sk %p", sock, sk);
322 memset(&haddr, 0, sizeof(haddr));
323 len = min_t(unsigned int, sizeof(haddr), addr_len);
324 memcpy(&haddr, addr, len);
326 if (haddr.hci_family != AF_BLUETOOTH)
329 if (haddr.hci_channel > HCI_CHANNEL_CONTROL)
332 if (haddr.hci_channel == HCI_CHANNEL_CONTROL && !enable_mgmt)
337 if (sk->sk_state == BT_BOUND || hci_pi(sk)->hdev) {
342 if (haddr.hci_dev != HCI_DEV_NONE) {
343 hdev = hci_dev_get(haddr.hci_dev);
349 atomic_inc(&hdev->promisc);
352 hci_pi(sk)->channel = haddr.hci_channel;
353 hci_pi(sk)->hdev = hdev;
354 sk->sk_state = BT_BOUND;
361 static int hci_sock_getname(struct socket *sock, struct sockaddr *addr, int *addr_len, int peer)
363 struct sockaddr_hci *haddr = (struct sockaddr_hci *) addr;
364 struct sock *sk = sock->sk;
365 struct hci_dev *hdev = hci_pi(sk)->hdev;
367 BT_DBG("sock %p sk %p", sock, sk);
374 *addr_len = sizeof(*haddr);
375 haddr->hci_family = AF_BLUETOOTH;
376 haddr->hci_dev = hdev->id;
382 static inline void hci_sock_cmsg(struct sock *sk, struct msghdr *msg, struct sk_buff *skb)
384 __u32 mask = hci_pi(sk)->cmsg_mask;
386 if (mask & HCI_CMSG_DIR) {
387 int incoming = bt_cb(skb)->incoming;
388 put_cmsg(msg, SOL_HCI, HCI_CMSG_DIR, sizeof(incoming), &incoming);
391 if (mask & HCI_CMSG_TSTAMP) {
393 struct compat_timeval ctv;
399 skb_get_timestamp(skb, &tv);
404 if (msg->msg_flags & MSG_CMSG_COMPAT) {
405 ctv.tv_sec = tv.tv_sec;
406 ctv.tv_usec = tv.tv_usec;
412 put_cmsg(msg, SOL_HCI, HCI_CMSG_TSTAMP, len, data);
416 static int hci_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
417 struct msghdr *msg, size_t len, int flags)
419 int noblock = flags & MSG_DONTWAIT;
420 struct sock *sk = sock->sk;
424 BT_DBG("sock %p, sk %p", sock, sk);
426 if (flags & (MSG_OOB))
429 if (sk->sk_state == BT_CLOSED)
432 skb = skb_recv_datagram(sk, flags, noblock, &err);
436 msg->msg_namelen = 0;
440 msg->msg_flags |= MSG_TRUNC;
444 skb_reset_transport_header(skb);
445 err = skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied);
447 hci_sock_cmsg(sk, msg, skb);
449 skb_free_datagram(sk, skb);
451 return err ? : copied;
454 static int hci_sock_sendmsg(struct kiocb *iocb, struct socket *sock,
455 struct msghdr *msg, size_t len)
457 struct sock *sk = sock->sk;
458 struct hci_dev *hdev;
462 BT_DBG("sock %p sk %p", sock, sk);
464 if (msg->msg_flags & MSG_OOB)
467 if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_NOSIGNAL|MSG_ERRQUEUE))
470 if (len < 4 || len > HCI_MAX_FRAME_SIZE)
475 switch (hci_pi(sk)->channel) {
476 case HCI_CHANNEL_RAW:
478 case HCI_CHANNEL_CONTROL:
479 err = mgmt_control(sk, msg, len);
486 hdev = hci_pi(sk)->hdev;
492 if (!test_bit(HCI_UP, &hdev->flags)) {
497 skb = bt_skb_send_alloc(sk, len, msg->msg_flags & MSG_DONTWAIT, &err);
501 if (memcpy_fromiovec(skb_put(skb, len), msg->msg_iov, len)) {
506 bt_cb(skb)->pkt_type = *((unsigned char *) skb->data);
508 skb->dev = (void *) hdev;
510 if (bt_cb(skb)->pkt_type == HCI_COMMAND_PKT) {
511 u16 opcode = get_unaligned_le16(skb->data);
512 u16 ogf = hci_opcode_ogf(opcode);
513 u16 ocf = hci_opcode_ocf(opcode);
515 if (((ogf > HCI_SFLT_MAX_OGF) ||
516 !hci_test_bit(ocf & HCI_FLT_OCF_BITS, &hci_sec_filter.ocf_mask[ogf])) &&
517 !capable(CAP_NET_RAW)) {
522 if (test_bit(HCI_RAW, &hdev->flags) || (ogf == 0x3f)) {
523 skb_queue_tail(&hdev->raw_q, skb);
524 tasklet_schedule(&hdev->tx_task);
526 skb_queue_tail(&hdev->cmd_q, skb);
527 tasklet_schedule(&hdev->cmd_task);
530 if (!capable(CAP_NET_RAW)) {
535 skb_queue_tail(&hdev->raw_q, skb);
536 tasklet_schedule(&hdev->tx_task);
550 static int hci_sock_setsockopt(struct socket *sock, int level, int optname, char __user *optval, unsigned int len)
552 struct hci_ufilter uf = { .opcode = 0 };
553 struct sock *sk = sock->sk;
554 int err = 0, opt = 0;
556 BT_DBG("sk %p, opt %d", sk, optname);
562 if (get_user(opt, (int __user *)optval)) {
568 hci_pi(sk)->cmsg_mask |= HCI_CMSG_DIR;
570 hci_pi(sk)->cmsg_mask &= ~HCI_CMSG_DIR;
574 if (get_user(opt, (int __user *)optval)) {
580 hci_pi(sk)->cmsg_mask |= HCI_CMSG_TSTAMP;
582 hci_pi(sk)->cmsg_mask &= ~HCI_CMSG_TSTAMP;
587 struct hci_filter *f = &hci_pi(sk)->filter;
589 uf.type_mask = f->type_mask;
590 uf.opcode = f->opcode;
591 uf.event_mask[0] = *((u32 *) f->event_mask + 0);
592 uf.event_mask[1] = *((u32 *) f->event_mask + 1);
595 len = min_t(unsigned int, len, sizeof(uf));
596 if (copy_from_user(&uf, optval, len)) {
601 if (!capable(CAP_NET_RAW)) {
602 uf.type_mask &= hci_sec_filter.type_mask;
603 uf.event_mask[0] &= *((u32 *) hci_sec_filter.event_mask + 0);
604 uf.event_mask[1] &= *((u32 *) hci_sec_filter.event_mask + 1);
608 struct hci_filter *f = &hci_pi(sk)->filter;
610 f->type_mask = uf.type_mask;
611 f->opcode = uf.opcode;
612 *((u32 *) f->event_mask + 0) = uf.event_mask[0];
613 *((u32 *) f->event_mask + 1) = uf.event_mask[1];
626 static int hci_sock_getsockopt(struct socket *sock, int level, int optname, char __user *optval, int __user *optlen)
628 struct hci_ufilter uf;
629 struct sock *sk = sock->sk;
632 if (get_user(len, optlen))
637 if (hci_pi(sk)->cmsg_mask & HCI_CMSG_DIR)
642 if (put_user(opt, optval))
647 if (hci_pi(sk)->cmsg_mask & HCI_CMSG_TSTAMP)
652 if (put_user(opt, optval))
658 struct hci_filter *f = &hci_pi(sk)->filter;
660 uf.type_mask = f->type_mask;
661 uf.opcode = f->opcode;
662 uf.event_mask[0] = *((u32 *) f->event_mask + 0);
663 uf.event_mask[1] = *((u32 *) f->event_mask + 1);
666 len = min_t(unsigned int, len, sizeof(uf));
667 if (copy_to_user(optval, &uf, len))
679 static const struct proto_ops hci_sock_ops = {
680 .family = PF_BLUETOOTH,
681 .owner = THIS_MODULE,
682 .release = hci_sock_release,
683 .bind = hci_sock_bind,
684 .getname = hci_sock_getname,
685 .sendmsg = hci_sock_sendmsg,
686 .recvmsg = hci_sock_recvmsg,
687 .ioctl = hci_sock_ioctl,
688 .poll = datagram_poll,
689 .listen = sock_no_listen,
690 .shutdown = sock_no_shutdown,
691 .setsockopt = hci_sock_setsockopt,
692 .getsockopt = hci_sock_getsockopt,
693 .connect = sock_no_connect,
694 .socketpair = sock_no_socketpair,
695 .accept = sock_no_accept,
699 static struct proto hci_sk_proto = {
701 .owner = THIS_MODULE,
702 .obj_size = sizeof(struct hci_pinfo)
705 static int hci_sock_create(struct net *net, struct socket *sock, int protocol,
710 BT_DBG("sock %p", sock);
712 if (sock->type != SOCK_RAW)
713 return -ESOCKTNOSUPPORT;
715 sock->ops = &hci_sock_ops;
717 sk = sk_alloc(net, PF_BLUETOOTH, GFP_ATOMIC, &hci_sk_proto);
721 sock_init_data(sock, sk);
723 sock_reset_flag(sk, SOCK_ZAPPED);
725 sk->sk_protocol = protocol;
727 sock->state = SS_UNCONNECTED;
728 sk->sk_state = BT_OPEN;
730 bt_sock_link(&hci_sk_list, sk);
734 static int hci_sock_dev_event(struct notifier_block *this, unsigned long event, void *ptr)
736 struct hci_dev *hdev = (struct hci_dev *) ptr;
737 struct hci_ev_si_device ev;
739 BT_DBG("hdev %s event %ld", hdev->name, event);
741 /* Send event to sockets */
743 ev.dev_id = hdev->id;
744 hci_si_event(NULL, HCI_EV_SI_DEVICE, sizeof(ev), &ev);
746 if (event == HCI_DEV_UNREG) {
748 struct hlist_node *node;
750 /* Detach sockets from device */
751 read_lock(&hci_sk_list.lock);
752 sk_for_each(sk, node, &hci_sk_list.head) {
754 bh_lock_sock_nested(sk);
755 if (hci_pi(sk)->hdev == hdev) {
756 hci_pi(sk)->hdev = NULL;
758 sk->sk_state = BT_OPEN;
759 sk->sk_state_change(sk);
766 read_unlock(&hci_sk_list.lock);
772 static const struct net_proto_family hci_sock_family_ops = {
773 .family = PF_BLUETOOTH,
774 .owner = THIS_MODULE,
775 .create = hci_sock_create,
778 static struct notifier_block hci_sock_nblock = {
779 .notifier_call = hci_sock_dev_event
782 int __init hci_sock_init(void)
786 err = proto_register(&hci_sk_proto, 0);
790 err = bt_sock_register(BTPROTO_HCI, &hci_sock_family_ops);
794 hci_register_notifier(&hci_sock_nblock);
796 BT_INFO("HCI socket layer initialized");
801 BT_ERR("HCI socket registration failed");
802 proto_unregister(&hci_sk_proto);
806 void hci_sock_cleanup(void)
808 if (bt_sock_unregister(BTPROTO_HCI) < 0)
809 BT_ERR("HCI socket unregistration failed");
811 hci_unregister_notifier(&hci_sock_nblock);
813 proto_unregister(&hci_sk_proto);
816 module_param(enable_mgmt, bool, 0644);
817 MODULE_PARM_DESC(enable_mgmt, "Enable Management interface");
git.openpandora.org / pandora-kernel.git / blob