2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
4 Copyright (C) 2009-2010 Gustavo F. Padovan <gustavo@padovan.org>
5 Copyright (C) 2010 Google Inc.
6 Copyright (C) 2011 ProFUSION Embedded Systems
8 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License version 2 as
12 published by the Free Software Foundation;
14 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
15 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
17 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
18 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
19 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
20 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
21 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
23 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
24 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
25 SOFTWARE IS DISCLAIMED.
28 /* Bluetooth L2CAP sockets. */
30 #include <linux/security.h>
31 #include <linux/export.h>
33 #include <net/bluetooth/bluetooth.h>
34 #include <net/bluetooth/hci_core.h>
35 #include <net/bluetooth/l2cap.h>
36 #include <net/bluetooth/smp.h>
38 static const struct proto_ops l2cap_sock_ops;
39 static void l2cap_sock_init(struct sock *sk, struct sock *parent);
40 static struct sock *l2cap_sock_alloc(struct net *net, struct socket *sock, int proto, gfp_t prio);
42 static int l2cap_sock_bind(struct socket *sock, struct sockaddr *addr, int alen)
44 struct sock *sk = sock->sk;
45 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
46 struct sockaddr_l2 la;
51 if (!addr || addr->sa_family != AF_BLUETOOTH)
54 memset(&la, 0, sizeof(la));
55 len = min_t(unsigned int, sizeof(la), alen);
56 memcpy(&la, addr, len);
58 if (la.l2_cid && la.l2_psm)
63 if (sk->sk_state != BT_OPEN) {
69 __u16 psm = __le16_to_cpu(la.l2_psm);
71 /* PSM must be odd and lsb of upper byte must be 0 */
72 if ((psm & 0x0101) != 0x0001) {
77 /* Restrict usage of well-known PSMs */
78 if (psm < 0x1001 && !capable(CAP_NET_BIND_SERVICE)) {
85 err = l2cap_add_scid(chan, __le16_to_cpu(la.l2_cid));
87 err = l2cap_add_psm(chan, &la.l2_bdaddr, la.l2_psm);
92 if (__le16_to_cpu(la.l2_psm) == 0x0001 ||
93 __le16_to_cpu(la.l2_psm) == 0x0003)
94 chan->sec_level = BT_SECURITY_SDP;
96 bacpy(&bt_sk(sk)->src, &la.l2_bdaddr);
98 chan->state = BT_BOUND;
99 sk->sk_state = BT_BOUND;
106 static int l2cap_sock_connect(struct socket *sock, struct sockaddr *addr, int alen, int flags)
108 struct sock *sk = sock->sk;
109 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
110 struct sockaddr_l2 la;
115 if (!addr || alen < sizeof(addr->sa_family) ||
116 addr->sa_family != AF_BLUETOOTH)
119 memset(&la, 0, sizeof(la));
120 len = min_t(unsigned int, sizeof(la), alen);
121 memcpy(&la, addr, len);
123 if (la.l2_cid && la.l2_psm)
126 err = l2cap_chan_connect(chan, la.l2_psm, __le16_to_cpu(la.l2_cid),
127 &la.l2_bdaddr, la.l2_bdaddr_type);
133 err = bt_sock_wait_state(sk, BT_CONNECTED,
134 sock_sndtimeo(sk, flags & O_NONBLOCK));
141 static int l2cap_sock_listen(struct socket *sock, int backlog)
143 struct sock *sk = sock->sk;
144 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
147 BT_DBG("sk %p backlog %d", sk, backlog);
151 if (sk->sk_state != BT_BOUND) {
156 if (sk->sk_type != SOCK_SEQPACKET && sk->sk_type != SOCK_STREAM) {
161 switch (chan->mode) {
162 case L2CAP_MODE_BASIC:
164 case L2CAP_MODE_ERTM:
165 case L2CAP_MODE_STREAMING:
174 sk->sk_max_ack_backlog = backlog;
175 sk->sk_ack_backlog = 0;
177 chan->state = BT_LISTEN;
178 sk->sk_state = BT_LISTEN;
185 static int l2cap_sock_accept(struct socket *sock, struct socket *newsock, int flags)
187 DECLARE_WAITQUEUE(wait, current);
188 struct sock *sk = sock->sk, *nsk;
192 lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
194 timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK);
196 BT_DBG("sk %p timeo %ld", sk, timeo);
198 /* Wait for an incoming connection. (wake-one). */
199 add_wait_queue_exclusive(sk_sleep(sk), &wait);
201 set_current_state(TASK_INTERRUPTIBLE);
203 if (sk->sk_state != BT_LISTEN) {
208 nsk = bt_accept_dequeue(sk, newsock);
217 if (signal_pending(current)) {
218 err = sock_intr_errno(timeo);
223 timeo = schedule_timeout(timeo);
224 lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
226 __set_current_state(TASK_RUNNING);
227 remove_wait_queue(sk_sleep(sk), &wait);
232 newsock->state = SS_CONNECTED;
234 BT_DBG("new socket %p", nsk);
241 static int l2cap_sock_getname(struct socket *sock, struct sockaddr *addr, int *len, int peer)
243 struct sockaddr_l2 *la = (struct sockaddr_l2 *) addr;
244 struct sock *sk = sock->sk;
245 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
247 BT_DBG("sock %p, sk %p", sock, sk);
249 addr->sa_family = AF_BLUETOOTH;
250 *len = sizeof(struct sockaddr_l2);
253 la->l2_psm = chan->psm;
254 bacpy(&la->l2_bdaddr, &bt_sk(sk)->dst);
255 la->l2_cid = cpu_to_le16(chan->dcid);
257 la->l2_psm = chan->sport;
258 bacpy(&la->l2_bdaddr, &bt_sk(sk)->src);
259 la->l2_cid = cpu_to_le16(chan->scid);
265 static int l2cap_sock_getsockopt_old(struct socket *sock, int optname, char __user *optval, int __user *optlen)
267 struct sock *sk = sock->sk;
268 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
269 struct l2cap_options opts;
270 struct l2cap_conninfo cinfo;
276 if (get_user(len, optlen))
283 memset(&opts, 0, sizeof(opts));
284 opts.imtu = chan->imtu;
285 opts.omtu = chan->omtu;
286 opts.flush_to = chan->flush_to;
287 opts.mode = chan->mode;
288 opts.fcs = chan->fcs;
289 opts.max_tx = chan->max_tx;
290 opts.txwin_size = chan->tx_win;
292 len = min_t(unsigned int, len, sizeof(opts));
293 if (copy_to_user(optval, (char *) &opts, len))
299 switch (chan->sec_level) {
300 case BT_SECURITY_LOW:
303 case BT_SECURITY_MEDIUM:
304 opt = L2CAP_LM_AUTH | L2CAP_LM_ENCRYPT;
306 case BT_SECURITY_HIGH:
307 opt = L2CAP_LM_AUTH | L2CAP_LM_ENCRYPT |
315 if (test_bit(FLAG_ROLE_SWITCH, &chan->flags))
316 opt |= L2CAP_LM_MASTER;
318 if (test_bit(FLAG_FORCE_RELIABLE, &chan->flags))
319 opt |= L2CAP_LM_RELIABLE;
321 if (put_user(opt, (u32 __user *) optval))
326 if (sk->sk_state != BT_CONNECTED &&
327 !(sk->sk_state == BT_CONNECT2 &&
328 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags))) {
333 memset(&cinfo, 0, sizeof(cinfo));
334 cinfo.hci_handle = chan->conn->hcon->handle;
335 memcpy(cinfo.dev_class, chan->conn->hcon->dev_class, 3);
337 len = min_t(unsigned int, len, sizeof(cinfo));
338 if (copy_to_user(optval, (char *) &cinfo, len))
352 static int l2cap_sock_getsockopt(struct socket *sock, int level, int optname, char __user *optval, int __user *optlen)
354 struct sock *sk = sock->sk;
355 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
356 struct bt_security sec;
362 if (level == SOL_L2CAP)
363 return l2cap_sock_getsockopt_old(sock, optname, optval, optlen);
365 if (level != SOL_BLUETOOTH)
368 if (get_user(len, optlen))
375 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
376 chan->chan_type != L2CAP_CHAN_RAW) {
381 memset(&sec, 0, sizeof(sec));
383 sec.level = chan->conn->hcon->sec_level;
385 sec.level = chan->sec_level;
387 if (sk->sk_state == BT_CONNECTED)
388 sec.key_size = chan->conn->hcon->enc_key_size;
390 len = min_t(unsigned int, len, sizeof(sec));
391 if (copy_to_user(optval, (char *) &sec, len))
397 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
402 if (put_user(test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags),
403 (u32 __user *) optval))
409 if (put_user(test_bit(FLAG_FLUSHABLE, &chan->flags),
410 (u32 __user *) optval))
416 if (sk->sk_type != SOCK_SEQPACKET && sk->sk_type != SOCK_STREAM
417 && sk->sk_type != SOCK_RAW) {
422 pwr.force_active = test_bit(FLAG_FORCE_ACTIVE, &chan->flags);
424 len = min_t(unsigned int, len, sizeof(pwr));
425 if (copy_to_user(optval, (char *) &pwr, len))
430 case BT_CHANNEL_POLICY:
436 if (put_user(chan->chan_policy, (u32 __user *) optval))
449 static int l2cap_sock_setsockopt_old(struct socket *sock, int optname, char __user *optval, unsigned int optlen)
451 struct sock *sk = sock->sk;
452 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
453 struct l2cap_options opts;
463 if (sk->sk_state == BT_CONNECTED) {
468 opts.imtu = chan->imtu;
469 opts.omtu = chan->omtu;
470 opts.flush_to = chan->flush_to;
471 opts.mode = chan->mode;
472 opts.fcs = chan->fcs;
473 opts.max_tx = chan->max_tx;
474 opts.txwin_size = chan->tx_win;
476 len = min_t(unsigned int, sizeof(opts), optlen);
477 if (copy_from_user((char *) &opts, optval, len)) {
482 if (opts.txwin_size > L2CAP_DEFAULT_EXT_WINDOW) {
487 chan->mode = opts.mode;
488 switch (chan->mode) {
489 case L2CAP_MODE_BASIC:
490 clear_bit(CONF_STATE2_DEVICE, &chan->conf_state);
492 case L2CAP_MODE_ERTM:
493 case L2CAP_MODE_STREAMING:
502 chan->imtu = opts.imtu;
503 chan->omtu = opts.omtu;
504 chan->fcs = opts.fcs;
505 chan->max_tx = opts.max_tx;
506 chan->tx_win = opts.txwin_size;
510 if (get_user(opt, (u32 __user *) optval)) {
515 if (opt & L2CAP_LM_AUTH)
516 chan->sec_level = BT_SECURITY_LOW;
517 if (opt & L2CAP_LM_ENCRYPT)
518 chan->sec_level = BT_SECURITY_MEDIUM;
519 if (opt & L2CAP_LM_SECURE)
520 chan->sec_level = BT_SECURITY_HIGH;
522 if (opt & L2CAP_LM_MASTER)
523 set_bit(FLAG_ROLE_SWITCH, &chan->flags);
525 clear_bit(FLAG_ROLE_SWITCH, &chan->flags);
527 if (opt & L2CAP_LM_RELIABLE)
528 set_bit(FLAG_FORCE_RELIABLE, &chan->flags);
530 clear_bit(FLAG_FORCE_RELIABLE, &chan->flags);
542 static int l2cap_sock_setsockopt(struct socket *sock, int level, int optname, char __user *optval, unsigned int optlen)
544 struct sock *sk = sock->sk;
545 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
546 struct bt_security sec;
548 struct l2cap_conn *conn;
554 if (level == SOL_L2CAP)
555 return l2cap_sock_setsockopt_old(sock, optname, optval, optlen);
557 if (level != SOL_BLUETOOTH)
564 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
565 chan->chan_type != L2CAP_CHAN_RAW) {
570 sec.level = BT_SECURITY_LOW;
572 len = min_t(unsigned int, sizeof(sec), optlen);
573 if (copy_from_user((char *) &sec, optval, len)) {
578 if (sec.level < BT_SECURITY_LOW ||
579 sec.level > BT_SECURITY_HIGH) {
584 chan->sec_level = sec.level;
591 /*change security for LE channels */
592 if (chan->scid == L2CAP_CID_LE_DATA) {
593 if (!conn->hcon->out) {
598 if (smp_conn_security(conn, sec.level))
600 sk->sk_state = BT_CONFIG;
601 chan->state = BT_CONFIG;
603 /* or for ACL link */
604 } else if ((sk->sk_state == BT_CONNECT2 &&
605 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) ||
606 sk->sk_state == BT_CONNECTED) {
607 if (!l2cap_chan_check_security(chan))
608 set_bit(BT_SK_SUSPEND, &bt_sk(sk)->flags);
610 sk->sk_state_change(sk);
617 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
622 if (get_user(opt, (u32 __user *) optval)) {
628 set_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
630 clear_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
634 if (get_user(opt, (u32 __user *) optval)) {
639 if (opt > BT_FLUSHABLE_ON) {
644 if (opt == BT_FLUSHABLE_OFF) {
645 struct l2cap_conn *conn = chan->conn;
646 /* proceed further only when we have l2cap_conn and
647 No Flush support in the LM */
648 if (!conn || !lmp_no_flush_capable(conn->hcon->hdev)) {
655 set_bit(FLAG_FLUSHABLE, &chan->flags);
657 clear_bit(FLAG_FLUSHABLE, &chan->flags);
661 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
662 chan->chan_type != L2CAP_CHAN_RAW) {
667 pwr.force_active = BT_POWER_FORCE_ACTIVE_ON;
669 len = min_t(unsigned int, sizeof(pwr), optlen);
670 if (copy_from_user((char *) &pwr, optval, len)) {
675 if (pwr.force_active)
676 set_bit(FLAG_FORCE_ACTIVE, &chan->flags);
678 clear_bit(FLAG_FORCE_ACTIVE, &chan->flags);
681 case BT_CHANNEL_POLICY:
687 if (get_user(opt, (u32 __user *) optval)) {
692 if (opt > BT_CHANNEL_POLICY_AMP_PREFERRED) {
697 if (chan->mode != L2CAP_MODE_ERTM &&
698 chan->mode != L2CAP_MODE_STREAMING) {
703 chan->chan_policy = (u8) opt;
715 static int l2cap_sock_sendmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *msg, size_t len)
717 struct sock *sk = sock->sk;
718 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
721 BT_DBG("sock %p, sk %p", sock, sk);
723 err = sock_error(sk);
727 if (msg->msg_flags & MSG_OOB)
730 if (sk->sk_state != BT_CONNECTED)
733 l2cap_chan_lock(chan);
734 err = l2cap_chan_send(chan, msg, len, sk->sk_priority);
735 l2cap_chan_unlock(chan);
740 static int l2cap_sock_recvmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *msg, size_t len, int flags)
742 struct sock *sk = sock->sk;
743 struct l2cap_pinfo *pi = l2cap_pi(sk);
748 if (sk->sk_state == BT_CONNECT2 && test_bit(BT_SK_DEFER_SETUP,
749 &bt_sk(sk)->flags)) {
750 sk->sk_state = BT_CONFIG;
751 pi->chan->state = BT_CONFIG;
753 __l2cap_connect_rsp_defer(pi->chan);
760 if (sock->type == SOCK_STREAM)
761 err = bt_sock_stream_recvmsg(iocb, sock, msg, len, flags);
763 err = bt_sock_recvmsg(iocb, sock, msg, len, flags);
765 if (pi->chan->mode != L2CAP_MODE_ERTM)
768 /* Attempt to put pending rx data in the socket buffer */
772 if (!test_bit(CONN_LOCAL_BUSY, &pi->chan->conn_state))
775 if (pi->rx_busy_skb) {
776 if (!sock_queue_rcv_skb(sk, pi->rx_busy_skb))
777 pi->rx_busy_skb = NULL;
782 /* Restore data flow when half of the receive buffer is
783 * available. This avoids resending large numbers of
786 if (atomic_read(&sk->sk_rmem_alloc) <= sk->sk_rcvbuf >> 1)
787 l2cap_chan_busy(pi->chan, 0);
794 /* Kill socket (only if zapped and orphan)
795 * Must be called on unlocked socket.
797 static void l2cap_sock_kill(struct sock *sk)
799 if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket)
802 BT_DBG("sk %p state %s", sk, state_to_string(sk->sk_state));
804 /* Kill poor orphan */
806 l2cap_chan_destroy(l2cap_pi(sk)->chan);
807 sock_set_flag(sk, SOCK_DEAD);
811 static int l2cap_sock_shutdown(struct socket *sock, int how)
813 struct sock *sk = sock->sk;
814 struct l2cap_chan *chan;
815 struct l2cap_conn *conn;
818 BT_DBG("sock %p, sk %p", sock, sk);
823 chan = l2cap_pi(sk)->chan;
827 mutex_lock(&conn->chan_lock);
829 l2cap_chan_lock(chan);
832 if (!sk->sk_shutdown) {
833 if (chan->mode == L2CAP_MODE_ERTM)
834 err = __l2cap_wait_ack(sk);
836 sk->sk_shutdown = SHUTDOWN_MASK;
839 l2cap_chan_close(chan, 0);
842 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime)
843 err = bt_sock_wait_state(sk, BT_CLOSED,
847 if (!err && sk->sk_err)
851 l2cap_chan_unlock(chan);
854 mutex_unlock(&conn->chan_lock);
859 static int l2cap_sock_release(struct socket *sock)
861 struct sock *sk = sock->sk;
864 BT_DBG("sock %p, sk %p", sock, sk);
869 err = l2cap_sock_shutdown(sock, 2);
876 static struct l2cap_chan *l2cap_sock_new_connection_cb(void *data)
878 struct sock *sk, *parent = data;
880 sk = l2cap_sock_alloc(sock_net(parent), NULL, BTPROTO_L2CAP,
885 bt_sock_reclassify_lock(sk, BTPROTO_L2CAP);
887 l2cap_sock_init(sk, parent);
889 return l2cap_pi(sk)->chan;
892 static int l2cap_sock_recv_cb(void *data, struct sk_buff *skb)
895 struct sock *sk = data;
896 struct l2cap_pinfo *pi = l2cap_pi(sk);
900 if (pi->rx_busy_skb) {
905 err = sock_queue_rcv_skb(sk, skb);
907 /* For ERTM, handle one skb that doesn't fit into the recv
908 * buffer. This is important to do because the data frames
909 * have already been acked, so the skb cannot be discarded.
911 * Notify the l2cap core that the buffer is full, so the
912 * LOCAL_BUSY state is entered and no more frames are
913 * acked and reassembled until there is buffer space
916 if (err < 0 && pi->chan->mode == L2CAP_MODE_ERTM) {
917 pi->rx_busy_skb = skb;
918 l2cap_chan_busy(pi->chan, 1);
928 static void l2cap_sock_close_cb(void *data)
930 struct sock *sk = data;
935 static void l2cap_sock_state_change_cb(void *data, int state)
937 struct sock *sk = data;
939 sk->sk_state = state;
942 static struct sk_buff *l2cap_sock_alloc_skb_cb(struct l2cap_chan *chan,
943 unsigned long len, int nb)
948 l2cap_chan_unlock(chan);
949 skb = bt_skb_send_alloc(chan->sk, len, nb, &err);
950 l2cap_chan_lock(chan);
958 static struct l2cap_ops l2cap_chan_ops = {
959 .name = "L2CAP Socket Interface",
960 .new_connection = l2cap_sock_new_connection_cb,
961 .recv = l2cap_sock_recv_cb,
962 .close = l2cap_sock_close_cb,
963 .state_change = l2cap_sock_state_change_cb,
964 .alloc_skb = l2cap_sock_alloc_skb_cb,
967 static void l2cap_sock_destruct(struct sock *sk)
971 l2cap_chan_put(l2cap_pi(sk)->chan);
972 if (l2cap_pi(sk)->rx_busy_skb) {
973 kfree_skb(l2cap_pi(sk)->rx_busy_skb);
974 l2cap_pi(sk)->rx_busy_skb = NULL;
977 skb_queue_purge(&sk->sk_receive_queue);
978 skb_queue_purge(&sk->sk_write_queue);
981 static void l2cap_sock_init(struct sock *sk, struct sock *parent)
983 struct l2cap_pinfo *pi = l2cap_pi(sk);
984 struct l2cap_chan *chan = pi->chan;
989 struct l2cap_chan *pchan = l2cap_pi(parent)->chan;
991 sk->sk_type = parent->sk_type;
992 bt_sk(sk)->flags = bt_sk(parent)->flags;
994 chan->chan_type = pchan->chan_type;
995 chan->imtu = pchan->imtu;
996 chan->omtu = pchan->omtu;
997 chan->conf_state = pchan->conf_state;
998 chan->mode = pchan->mode;
999 chan->fcs = pchan->fcs;
1000 chan->max_tx = pchan->max_tx;
1001 chan->tx_win = pchan->tx_win;
1002 chan->tx_win_max = pchan->tx_win_max;
1003 chan->sec_level = pchan->sec_level;
1004 chan->flags = pchan->flags;
1006 security_sk_clone(parent, sk);
1009 switch (sk->sk_type) {
1011 chan->chan_type = L2CAP_CHAN_RAW;
1014 chan->chan_type = L2CAP_CHAN_CONN_LESS;
1016 case SOCK_SEQPACKET:
1018 chan->chan_type = L2CAP_CHAN_CONN_ORIENTED;
1022 chan->imtu = L2CAP_DEFAULT_MTU;
1024 if (!disable_ertm && sk->sk_type == SOCK_STREAM) {
1025 chan->mode = L2CAP_MODE_ERTM;
1026 set_bit(CONF_STATE2_DEVICE, &chan->conf_state);
1028 chan->mode = L2CAP_MODE_BASIC;
1031 l2cap_chan_set_defaults(chan);
1034 /* Default config options */
1035 chan->flush_to = L2CAP_DEFAULT_FLUSH_TO;
1038 chan->ops = &l2cap_chan_ops;
1041 static struct proto l2cap_proto = {
1043 .owner = THIS_MODULE,
1044 .obj_size = sizeof(struct l2cap_pinfo)
1047 static struct sock *l2cap_sock_alloc(struct net *net, struct socket *sock, int proto, gfp_t prio)
1050 struct l2cap_chan *chan;
1052 sk = sk_alloc(net, PF_BLUETOOTH, prio, &l2cap_proto);
1056 sock_init_data(sock, sk);
1057 INIT_LIST_HEAD(&bt_sk(sk)->accept_q);
1059 sk->sk_destruct = l2cap_sock_destruct;
1060 sk->sk_sndtimeo = L2CAP_CONN_TIMEOUT;
1062 sock_reset_flag(sk, SOCK_ZAPPED);
1064 sk->sk_protocol = proto;
1065 sk->sk_state = BT_OPEN;
1067 chan = l2cap_chan_create();
1069 l2cap_sock_kill(sk);
1073 l2cap_chan_hold(chan);
1077 l2cap_pi(sk)->chan = chan;
1082 static int l2cap_sock_create(struct net *net, struct socket *sock, int protocol,
1087 BT_DBG("sock %p", sock);
1089 sock->state = SS_UNCONNECTED;
1091 if (sock->type != SOCK_SEQPACKET && sock->type != SOCK_STREAM &&
1092 sock->type != SOCK_DGRAM && sock->type != SOCK_RAW)
1093 return -ESOCKTNOSUPPORT;
1095 if (sock->type == SOCK_RAW && !kern && !capable(CAP_NET_RAW))
1098 sock->ops = &l2cap_sock_ops;
1100 sk = l2cap_sock_alloc(net, sock, protocol, GFP_ATOMIC);
1104 l2cap_sock_init(sk, NULL);
1108 static const struct proto_ops l2cap_sock_ops = {
1109 .family = PF_BLUETOOTH,
1110 .owner = THIS_MODULE,
1111 .release = l2cap_sock_release,
1112 .bind = l2cap_sock_bind,
1113 .connect = l2cap_sock_connect,
1114 .listen = l2cap_sock_listen,
1115 .accept = l2cap_sock_accept,
1116 .getname = l2cap_sock_getname,
1117 .sendmsg = l2cap_sock_sendmsg,
1118 .recvmsg = l2cap_sock_recvmsg,
1119 .poll = bt_sock_poll,
1120 .ioctl = bt_sock_ioctl,
1121 .mmap = sock_no_mmap,
1122 .socketpair = sock_no_socketpair,
1123 .shutdown = l2cap_sock_shutdown,
1124 .setsockopt = l2cap_sock_setsockopt,
1125 .getsockopt = l2cap_sock_getsockopt
1128 static const struct net_proto_family l2cap_sock_family_ops = {
1129 .family = PF_BLUETOOTH,
1130 .owner = THIS_MODULE,
1131 .create = l2cap_sock_create,
1134 int __init l2cap_init_sockets(void)
1138 err = proto_register(&l2cap_proto, 0);
1142 err = bt_sock_register(BTPROTO_L2CAP, &l2cap_sock_family_ops);
1146 BT_INFO("L2CAP socket layer initialized");
1151 BT_ERR("L2CAP socket registration failed");
1152 proto_unregister(&l2cap_proto);
1156 void l2cap_cleanup_sockets(void)
1158 if (bt_sock_unregister(BTPROTO_L2CAP) < 0)
1159 BT_ERR("L2CAP socket unregistration failed");
1161 proto_unregister(&l2cap_proto);