2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
25 /* Bluetooth L2CAP core and sockets. */
27 #include <linux/module.h>
29 #include <linux/types.h>
30 #include <linux/capability.h>
31 #include <linux/errno.h>
32 #include <linux/kernel.h>
33 #include <linux/sched.h>
34 #include <linux/slab.h>
35 #include <linux/poll.h>
36 #include <linux/fcntl.h>
37 #include <linux/init.h>
38 #include <linux/interrupt.h>
39 #include <linux/socket.h>
40 #include <linux/skbuff.h>
41 #include <linux/list.h>
42 #include <linux/device.h>
45 #include <asm/system.h>
46 #include <asm/uaccess.h>
47 #include <asm/unaligned.h>
49 #include <net/bluetooth/bluetooth.h>
50 #include <net/bluetooth/hci_core.h>
51 #include <net/bluetooth/l2cap.h>
53 #define VERSION "2.11"
55 static u32 l2cap_feat_mask = 0x0000;
57 static const struct proto_ops l2cap_sock_ops;
59 static struct bt_sock_list l2cap_sk_list = {
60 .lock = __RW_LOCK_UNLOCKED(l2cap_sk_list.lock)
63 static void __l2cap_sock_close(struct sock *sk, int reason);
64 static void l2cap_sock_close(struct sock *sk);
65 static void l2cap_sock_kill(struct sock *sk);
67 static struct sk_buff *l2cap_build_cmd(struct l2cap_conn *conn,
68 u8 code, u8 ident, u16 dlen, void *data);
70 /* ---- L2CAP timers ---- */
71 static void l2cap_sock_timeout(unsigned long arg)
73 struct sock *sk = (struct sock *) arg;
76 BT_DBG("sock %p state %d", sk, sk->sk_state);
80 if (sk->sk_state == BT_CONNECTED || sk->sk_state == BT_CONFIG)
81 reason = ECONNREFUSED;
82 else if (sk->sk_state == BT_CONNECT &&
83 l2cap_pi(sk)->sec_level != BT_SECURITY_SDP)
84 reason = ECONNREFUSED;
88 __l2cap_sock_close(sk, reason);
96 static void l2cap_sock_set_timer(struct sock *sk, long timeout)
98 BT_DBG("sk %p state %d timeout %ld", sk, sk->sk_state, timeout);
99 sk_reset_timer(sk, &sk->sk_timer, jiffies + timeout);
102 static void l2cap_sock_clear_timer(struct sock *sk)
104 BT_DBG("sock %p state %d", sk, sk->sk_state);
105 sk_stop_timer(sk, &sk->sk_timer);
108 /* ---- L2CAP channels ---- */
109 static struct sock *__l2cap_get_chan_by_dcid(struct l2cap_chan_list *l, u16 cid)
112 for (s = l->head; s; s = l2cap_pi(s)->next_c) {
113 if (l2cap_pi(s)->dcid == cid)
119 static struct sock *__l2cap_get_chan_by_scid(struct l2cap_chan_list *l, u16 cid)
122 for (s = l->head; s; s = l2cap_pi(s)->next_c) {
123 if (l2cap_pi(s)->scid == cid)
129 /* Find channel with given SCID.
130 * Returns locked socket */
131 static inline struct sock *l2cap_get_chan_by_scid(struct l2cap_chan_list *l, u16 cid)
135 s = __l2cap_get_chan_by_scid(l, cid);
136 if (s) bh_lock_sock(s);
137 read_unlock(&l->lock);
141 static struct sock *__l2cap_get_chan_by_ident(struct l2cap_chan_list *l, u8 ident)
144 for (s = l->head; s; s = l2cap_pi(s)->next_c) {
145 if (l2cap_pi(s)->ident == ident)
151 static inline struct sock *l2cap_get_chan_by_ident(struct l2cap_chan_list *l, u8 ident)
155 s = __l2cap_get_chan_by_ident(l, ident);
156 if (s) bh_lock_sock(s);
157 read_unlock(&l->lock);
161 static u16 l2cap_alloc_cid(struct l2cap_chan_list *l)
165 for (; cid < 0xffff; cid++) {
166 if(!__l2cap_get_chan_by_scid(l, cid))
173 static inline void __l2cap_chan_link(struct l2cap_chan_list *l, struct sock *sk)
178 l2cap_pi(l->head)->prev_c = sk;
180 l2cap_pi(sk)->next_c = l->head;
181 l2cap_pi(sk)->prev_c = NULL;
185 static inline void l2cap_chan_unlink(struct l2cap_chan_list *l, struct sock *sk)
187 struct sock *next = l2cap_pi(sk)->next_c, *prev = l2cap_pi(sk)->prev_c;
189 write_lock_bh(&l->lock);
194 l2cap_pi(next)->prev_c = prev;
196 l2cap_pi(prev)->next_c = next;
197 write_unlock_bh(&l->lock);
202 static void __l2cap_chan_add(struct l2cap_conn *conn, struct sock *sk, struct sock *parent)
204 struct l2cap_chan_list *l = &conn->chan_list;
206 BT_DBG("conn %p, psm 0x%2.2x, dcid 0x%4.4x", conn, l2cap_pi(sk)->psm, l2cap_pi(sk)->dcid);
208 l2cap_pi(sk)->conn = conn;
210 if (sk->sk_type == SOCK_SEQPACKET) {
211 /* Alloc CID for connection-oriented socket */
212 l2cap_pi(sk)->scid = l2cap_alloc_cid(l);
213 } else if (sk->sk_type == SOCK_DGRAM) {
214 /* Connectionless socket */
215 l2cap_pi(sk)->scid = 0x0002;
216 l2cap_pi(sk)->dcid = 0x0002;
217 l2cap_pi(sk)->omtu = L2CAP_DEFAULT_MTU;
219 /* Raw socket can send/recv signalling messages only */
220 l2cap_pi(sk)->scid = 0x0001;
221 l2cap_pi(sk)->dcid = 0x0001;
222 l2cap_pi(sk)->omtu = L2CAP_DEFAULT_MTU;
225 __l2cap_chan_link(l, sk);
228 bt_accept_enqueue(parent, sk);
232 * Must be called on the locked socket. */
233 static void l2cap_chan_del(struct sock *sk, int err)
235 struct l2cap_conn *conn = l2cap_pi(sk)->conn;
236 struct sock *parent = bt_sk(sk)->parent;
238 l2cap_sock_clear_timer(sk);
240 BT_DBG("sk %p, conn %p, err %d", sk, conn, err);
243 /* Unlink from channel list */
244 l2cap_chan_unlink(&conn->chan_list, sk);
245 l2cap_pi(sk)->conn = NULL;
246 hci_conn_put(conn->hcon);
249 sk->sk_state = BT_CLOSED;
250 sock_set_flag(sk, SOCK_ZAPPED);
256 bt_accept_unlink(sk);
257 parent->sk_data_ready(parent, 0);
259 sk->sk_state_change(sk);
262 /* Service level security */
263 static inline int l2cap_check_security(struct sock *sk)
265 struct l2cap_conn *conn = l2cap_pi(sk)->conn;
267 return hci_conn_security(conn->hcon, l2cap_pi(sk)->sec_level);
270 static inline u8 l2cap_get_ident(struct l2cap_conn *conn)
274 /* Get next available identificator.
275 * 1 - 128 are used by kernel.
276 * 129 - 199 are reserved.
277 * 200 - 254 are used by utilities like l2ping, etc.
280 spin_lock_bh(&conn->lock);
282 if (++conn->tx_ident > 128)
287 spin_unlock_bh(&conn->lock);
292 static inline int l2cap_send_cmd(struct l2cap_conn *conn, u8 ident, u8 code, u16 len, void *data)
294 struct sk_buff *skb = l2cap_build_cmd(conn, code, ident, len, data);
296 BT_DBG("code 0x%2.2x", code);
301 return hci_send_acl(conn->hcon, skb, 0);
304 static void l2cap_do_start(struct sock *sk)
306 struct l2cap_conn *conn = l2cap_pi(sk)->conn;
308 if (conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_SENT) {
309 if (l2cap_check_security(sk)) {
310 struct l2cap_conn_req req;
311 req.scid = cpu_to_le16(l2cap_pi(sk)->scid);
312 req.psm = l2cap_pi(sk)->psm;
314 l2cap_pi(sk)->ident = l2cap_get_ident(conn);
316 l2cap_send_cmd(conn, l2cap_pi(sk)->ident,
317 L2CAP_CONN_REQ, sizeof(req), &req);
320 struct l2cap_info_req req;
321 req.type = cpu_to_le16(L2CAP_IT_FEAT_MASK);
323 conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_SENT;
324 conn->info_ident = l2cap_get_ident(conn);
326 mod_timer(&conn->info_timer, jiffies +
327 msecs_to_jiffies(L2CAP_INFO_TIMEOUT));
329 l2cap_send_cmd(conn, conn->info_ident,
330 L2CAP_INFO_REQ, sizeof(req), &req);
334 /* ---- L2CAP connections ---- */
335 static void l2cap_conn_start(struct l2cap_conn *conn)
337 struct l2cap_chan_list *l = &conn->chan_list;
340 BT_DBG("conn %p", conn);
344 for (sk = l->head; sk; sk = l2cap_pi(sk)->next_c) {
347 if (sk->sk_type != SOCK_SEQPACKET) {
352 if (sk->sk_state == BT_CONNECT) {
353 if (l2cap_check_security(sk)) {
354 struct l2cap_conn_req req;
355 req.scid = cpu_to_le16(l2cap_pi(sk)->scid);
356 req.psm = l2cap_pi(sk)->psm;
358 l2cap_pi(sk)->ident = l2cap_get_ident(conn);
360 l2cap_send_cmd(conn, l2cap_pi(sk)->ident,
361 L2CAP_CONN_REQ, sizeof(req), &req);
363 } else if (sk->sk_state == BT_CONNECT2) {
364 struct l2cap_conn_rsp rsp;
365 rsp.scid = cpu_to_le16(l2cap_pi(sk)->dcid);
366 rsp.dcid = cpu_to_le16(l2cap_pi(sk)->scid);
368 if (l2cap_check_security(sk)) {
369 if (bt_sk(sk)->defer_setup) {
370 struct sock *parent = bt_sk(sk)->parent;
371 rsp.result = cpu_to_le16(L2CAP_CR_PEND);
372 rsp.status = cpu_to_le16(L2CAP_CS_AUTHOR_PEND);
373 parent->sk_data_ready(parent, 0);
376 sk->sk_state = BT_CONFIG;
377 rsp.result = cpu_to_le16(L2CAP_CR_SUCCESS);
378 rsp.status = cpu_to_le16(L2CAP_CS_NO_INFO);
381 rsp.result = cpu_to_le16(L2CAP_CR_PEND);
382 rsp.status = cpu_to_le16(L2CAP_CS_AUTHEN_PEND);
385 l2cap_send_cmd(conn, l2cap_pi(sk)->ident,
386 L2CAP_CONN_RSP, sizeof(rsp), &rsp);
392 read_unlock(&l->lock);
395 static void l2cap_conn_ready(struct l2cap_conn *conn)
397 struct l2cap_chan_list *l = &conn->chan_list;
400 BT_DBG("conn %p", conn);
404 for (sk = l->head; sk; sk = l2cap_pi(sk)->next_c) {
407 if (sk->sk_type != SOCK_SEQPACKET) {
408 l2cap_sock_clear_timer(sk);
409 sk->sk_state = BT_CONNECTED;
410 sk->sk_state_change(sk);
411 } else if (sk->sk_state == BT_CONNECT)
417 read_unlock(&l->lock);
420 /* Notify sockets that we cannot guaranty reliability anymore */
421 static void l2cap_conn_unreliable(struct l2cap_conn *conn, int err)
423 struct l2cap_chan_list *l = &conn->chan_list;
426 BT_DBG("conn %p", conn);
430 for (sk = l->head; sk; sk = l2cap_pi(sk)->next_c) {
431 if (l2cap_pi(sk)->force_reliable)
435 read_unlock(&l->lock);
438 static void l2cap_info_timeout(unsigned long arg)
440 struct l2cap_conn *conn = (void *) arg;
442 conn->info_ident = 0;
444 l2cap_conn_start(conn);
447 static struct l2cap_conn *l2cap_conn_add(struct hci_conn *hcon, u8 status)
449 struct l2cap_conn *conn = hcon->l2cap_data;
454 conn = kzalloc(sizeof(struct l2cap_conn), GFP_ATOMIC);
458 hcon->l2cap_data = conn;
461 BT_DBG("hcon %p conn %p", hcon, conn);
463 conn->mtu = hcon->hdev->acl_mtu;
464 conn->src = &hcon->hdev->bdaddr;
465 conn->dst = &hcon->dst;
469 setup_timer(&conn->info_timer, l2cap_info_timeout,
470 (unsigned long) conn);
472 spin_lock_init(&conn->lock);
473 rwlock_init(&conn->chan_list.lock);
478 static void l2cap_conn_del(struct hci_conn *hcon, int err)
480 struct l2cap_conn *conn = hcon->l2cap_data;
486 BT_DBG("hcon %p conn %p, err %d", hcon, conn, err);
489 kfree_skb(conn->rx_skb);
492 while ((sk = conn->chan_list.head)) {
494 l2cap_chan_del(sk, err);
499 if (conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_SENT)
500 del_timer_sync(&conn->info_timer);
502 hcon->l2cap_data = NULL;
506 static inline void l2cap_chan_add(struct l2cap_conn *conn, struct sock *sk, struct sock *parent)
508 struct l2cap_chan_list *l = &conn->chan_list;
509 write_lock_bh(&l->lock);
510 __l2cap_chan_add(conn, sk, parent);
511 write_unlock_bh(&l->lock);
514 /* ---- Socket interface ---- */
515 static struct sock *__l2cap_get_sock_by_addr(__le16 psm, bdaddr_t *src)
518 struct hlist_node *node;
519 sk_for_each(sk, node, &l2cap_sk_list.head)
520 if (l2cap_pi(sk)->sport == psm && !bacmp(&bt_sk(sk)->src, src))
527 /* Find socket with psm and source bdaddr.
528 * Returns closest match.
530 static struct sock *__l2cap_get_sock_by_psm(int state, __le16 psm, bdaddr_t *src)
532 struct sock *sk = NULL, *sk1 = NULL;
533 struct hlist_node *node;
535 sk_for_each(sk, node, &l2cap_sk_list.head) {
536 if (state && sk->sk_state != state)
539 if (l2cap_pi(sk)->psm == psm) {
541 if (!bacmp(&bt_sk(sk)->src, src))
545 if (!bacmp(&bt_sk(sk)->src, BDADDR_ANY))
549 return node ? sk : sk1;
552 /* Find socket with given address (psm, src).
553 * Returns locked socket */
554 static inline struct sock *l2cap_get_sock_by_psm(int state, __le16 psm, bdaddr_t *src)
557 read_lock(&l2cap_sk_list.lock);
558 s = __l2cap_get_sock_by_psm(state, psm, src);
559 if (s) bh_lock_sock(s);
560 read_unlock(&l2cap_sk_list.lock);
564 static void l2cap_sock_destruct(struct sock *sk)
568 skb_queue_purge(&sk->sk_receive_queue);
569 skb_queue_purge(&sk->sk_write_queue);
572 static void l2cap_sock_cleanup_listen(struct sock *parent)
576 BT_DBG("parent %p", parent);
578 /* Close not yet accepted channels */
579 while ((sk = bt_accept_dequeue(parent, NULL)))
580 l2cap_sock_close(sk);
582 parent->sk_state = BT_CLOSED;
583 sock_set_flag(parent, SOCK_ZAPPED);
586 /* Kill socket (only if zapped and orphan)
587 * Must be called on unlocked socket.
589 static void l2cap_sock_kill(struct sock *sk)
591 if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket)
594 BT_DBG("sk %p state %d", sk, sk->sk_state);
596 /* Kill poor orphan */
597 bt_sock_unlink(&l2cap_sk_list, sk);
598 sock_set_flag(sk, SOCK_DEAD);
602 static void __l2cap_sock_close(struct sock *sk, int reason)
604 BT_DBG("sk %p state %d socket %p", sk, sk->sk_state, sk->sk_socket);
606 switch (sk->sk_state) {
608 l2cap_sock_cleanup_listen(sk);
613 if (sk->sk_type == SOCK_SEQPACKET) {
614 struct l2cap_conn *conn = l2cap_pi(sk)->conn;
615 struct l2cap_disconn_req req;
617 sk->sk_state = BT_DISCONN;
618 l2cap_sock_set_timer(sk, sk->sk_sndtimeo);
620 req.dcid = cpu_to_le16(l2cap_pi(sk)->dcid);
621 req.scid = cpu_to_le16(l2cap_pi(sk)->scid);
622 l2cap_send_cmd(conn, l2cap_get_ident(conn),
623 L2CAP_DISCONN_REQ, sizeof(req), &req);
625 l2cap_chan_del(sk, reason);
629 if (sk->sk_type == SOCK_SEQPACKET) {
630 struct l2cap_conn *conn = l2cap_pi(sk)->conn;
631 struct l2cap_conn_rsp rsp;
634 if (bt_sk(sk)->defer_setup)
635 result = L2CAP_CR_SEC_BLOCK;
637 result = L2CAP_CR_BAD_PSM;
639 rsp.scid = cpu_to_le16(l2cap_pi(sk)->dcid);
640 rsp.dcid = cpu_to_le16(l2cap_pi(sk)->scid);
641 rsp.result = cpu_to_le16(result);
642 rsp.status = cpu_to_le16(L2CAP_CS_NO_INFO);
643 l2cap_send_cmd(conn, l2cap_pi(sk)->ident,
644 L2CAP_CONN_RSP, sizeof(rsp), &rsp);
646 l2cap_chan_del(sk, reason);
651 l2cap_chan_del(sk, reason);
655 sock_set_flag(sk, SOCK_ZAPPED);
660 /* Must be called on unlocked socket. */
661 static void l2cap_sock_close(struct sock *sk)
663 l2cap_sock_clear_timer(sk);
665 __l2cap_sock_close(sk, ECONNRESET);
670 static void l2cap_sock_init(struct sock *sk, struct sock *parent)
672 struct l2cap_pinfo *pi = l2cap_pi(sk);
677 sk->sk_type = parent->sk_type;
678 bt_sk(sk)->defer_setup = bt_sk(parent)->defer_setup;
680 pi->imtu = l2cap_pi(parent)->imtu;
681 pi->omtu = l2cap_pi(parent)->omtu;
682 pi->sec_level = l2cap_pi(parent)->sec_level;
683 pi->role_switch = l2cap_pi(parent)->role_switch;
684 pi->force_reliable = l2cap_pi(parent)->force_reliable;
686 pi->imtu = L2CAP_DEFAULT_MTU;
688 pi->sec_level = BT_SECURITY_LOW;
690 pi->force_reliable = 0;
693 /* Default config options */
695 pi->flush_to = L2CAP_DEFAULT_FLUSH_TO;
698 static struct proto l2cap_proto = {
700 .owner = THIS_MODULE,
701 .obj_size = sizeof(struct l2cap_pinfo)
704 static struct sock *l2cap_sock_alloc(struct net *net, struct socket *sock, int proto, gfp_t prio)
708 sk = sk_alloc(net, PF_BLUETOOTH, prio, &l2cap_proto);
712 sock_init_data(sock, sk);
713 INIT_LIST_HEAD(&bt_sk(sk)->accept_q);
715 sk->sk_destruct = l2cap_sock_destruct;
716 sk->sk_sndtimeo = msecs_to_jiffies(L2CAP_CONN_TIMEOUT);
718 sock_reset_flag(sk, SOCK_ZAPPED);
720 sk->sk_protocol = proto;
721 sk->sk_state = BT_OPEN;
723 setup_timer(&sk->sk_timer, l2cap_sock_timeout, (unsigned long) sk);
725 bt_sock_link(&l2cap_sk_list, sk);
729 static int l2cap_sock_create(struct net *net, struct socket *sock, int protocol)
733 BT_DBG("sock %p", sock);
735 sock->state = SS_UNCONNECTED;
737 if (sock->type != SOCK_SEQPACKET &&
738 sock->type != SOCK_DGRAM && sock->type != SOCK_RAW)
739 return -ESOCKTNOSUPPORT;
741 if (sock->type == SOCK_RAW && !capable(CAP_NET_RAW))
744 sock->ops = &l2cap_sock_ops;
746 sk = l2cap_sock_alloc(net, sock, protocol, GFP_ATOMIC);
750 l2cap_sock_init(sk, NULL);
754 static int l2cap_sock_bind(struct socket *sock, struct sockaddr *addr, int addr_len)
756 struct sockaddr_l2 *la = (struct sockaddr_l2 *) addr;
757 struct sock *sk = sock->sk;
760 BT_DBG("sk %p, %s %d", sk, batostr(&la->l2_bdaddr), la->l2_psm);
762 if (!addr || addr->sa_family != AF_BLUETOOTH)
767 if (sk->sk_state != BT_OPEN) {
772 if (la->l2_psm && btohs(la->l2_psm) < 0x1001 &&
773 !capable(CAP_NET_BIND_SERVICE)) {
778 write_lock_bh(&l2cap_sk_list.lock);
780 if (la->l2_psm && __l2cap_get_sock_by_addr(la->l2_psm, &la->l2_bdaddr)) {
783 /* Save source address */
784 bacpy(&bt_sk(sk)->src, &la->l2_bdaddr);
785 l2cap_pi(sk)->psm = la->l2_psm;
786 l2cap_pi(sk)->sport = la->l2_psm;
787 sk->sk_state = BT_BOUND;
789 if (btohs(la->l2_psm) == 0x0001)
790 l2cap_pi(sk)->sec_level = BT_SECURITY_SDP;
793 write_unlock_bh(&l2cap_sk_list.lock);
800 static int l2cap_do_connect(struct sock *sk)
802 bdaddr_t *src = &bt_sk(sk)->src;
803 bdaddr_t *dst = &bt_sk(sk)->dst;
804 struct l2cap_conn *conn;
805 struct hci_conn *hcon;
806 struct hci_dev *hdev;
810 BT_DBG("%s -> %s psm 0x%2.2x", batostr(src), batostr(dst), l2cap_pi(sk)->psm);
812 if (!(hdev = hci_get_route(dst, src)))
813 return -EHOSTUNREACH;
815 hci_dev_lock_bh(hdev);
819 if (sk->sk_type == SOCK_RAW) {
820 switch (l2cap_pi(sk)->sec_level) {
821 case BT_SECURITY_HIGH:
822 auth_type = HCI_AT_DEDICATED_BONDING_MITM;
824 case BT_SECURITY_MEDIUM:
825 auth_type = HCI_AT_DEDICATED_BONDING;
828 auth_type = HCI_AT_NO_BONDING;
831 } else if (l2cap_pi(sk)->psm == cpu_to_le16(0x0001)) {
832 if (l2cap_pi(sk)->sec_level == BT_SECURITY_HIGH)
833 auth_type = HCI_AT_NO_BONDING_MITM;
835 auth_type = HCI_AT_NO_BONDING;
837 switch (l2cap_pi(sk)->sec_level) {
838 case BT_SECURITY_HIGH:
839 auth_type = HCI_AT_GENERAL_BONDING_MITM;
841 case BT_SECURITY_MEDIUM:
842 auth_type = HCI_AT_GENERAL_BONDING;
845 auth_type = HCI_AT_NO_BONDING;
850 hcon = hci_connect(hdev, ACL_LINK, dst,
851 l2cap_pi(sk)->sec_level, auth_type);
855 conn = l2cap_conn_add(hcon, 0);
863 /* Update source addr of the socket */
864 bacpy(src, conn->src);
866 l2cap_chan_add(conn, sk, NULL);
868 sk->sk_state = BT_CONNECT;
869 l2cap_sock_set_timer(sk, sk->sk_sndtimeo);
871 if (hcon->state == BT_CONNECTED) {
872 if (sk->sk_type != SOCK_SEQPACKET) {
873 l2cap_sock_clear_timer(sk);
874 sk->sk_state = BT_CONNECTED;
880 hci_dev_unlock_bh(hdev);
885 static int l2cap_sock_connect(struct socket *sock, struct sockaddr *addr, int alen, int flags)
887 struct sockaddr_l2 *la = (struct sockaddr_l2 *) addr;
888 struct sock *sk = sock->sk;
895 if (addr->sa_family != AF_BLUETOOTH || alen < sizeof(struct sockaddr_l2)) {
900 if (sk->sk_type == SOCK_SEQPACKET && !la->l2_psm) {
905 switch(sk->sk_state) {
909 /* Already connecting */
913 /* Already connected */
926 /* Set destination address and psm */
927 bacpy(&bt_sk(sk)->dst, &la->l2_bdaddr);
928 l2cap_pi(sk)->psm = la->l2_psm;
930 if ((err = l2cap_do_connect(sk)))
934 err = bt_sock_wait_state(sk, BT_CONNECTED,
935 sock_sndtimeo(sk, flags & O_NONBLOCK));
941 static int l2cap_sock_listen(struct socket *sock, int backlog)
943 struct sock *sk = sock->sk;
946 BT_DBG("sk %p backlog %d", sk, backlog);
950 if (sk->sk_state != BT_BOUND || sock->type != SOCK_SEQPACKET) {
955 if (!l2cap_pi(sk)->psm) {
956 bdaddr_t *src = &bt_sk(sk)->src;
961 write_lock_bh(&l2cap_sk_list.lock);
963 for (psm = 0x1001; psm < 0x1100; psm += 2)
964 if (!__l2cap_get_sock_by_addr(htobs(psm), src)) {
965 l2cap_pi(sk)->psm = htobs(psm);
966 l2cap_pi(sk)->sport = htobs(psm);
971 write_unlock_bh(&l2cap_sk_list.lock);
977 sk->sk_max_ack_backlog = backlog;
978 sk->sk_ack_backlog = 0;
979 sk->sk_state = BT_LISTEN;
986 static int l2cap_sock_accept(struct socket *sock, struct socket *newsock, int flags)
988 DECLARE_WAITQUEUE(wait, current);
989 struct sock *sk = sock->sk, *nsk;
993 lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
995 if (sk->sk_state != BT_LISTEN) {
1000 timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK);
1002 BT_DBG("sk %p timeo %ld", sk, timeo);
1004 /* Wait for an incoming connection. (wake-one). */
1005 add_wait_queue_exclusive(sk->sk_sleep, &wait);
1006 while (!(nsk = bt_accept_dequeue(sk, newsock))) {
1007 set_current_state(TASK_INTERRUPTIBLE);
1014 timeo = schedule_timeout(timeo);
1015 lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
1017 if (sk->sk_state != BT_LISTEN) {
1022 if (signal_pending(current)) {
1023 err = sock_intr_errno(timeo);
1027 set_current_state(TASK_RUNNING);
1028 remove_wait_queue(sk->sk_sleep, &wait);
1033 newsock->state = SS_CONNECTED;
1035 BT_DBG("new socket %p", nsk);
1042 static int l2cap_sock_getname(struct socket *sock, struct sockaddr *addr, int *len, int peer)
1044 struct sockaddr_l2 *la = (struct sockaddr_l2 *) addr;
1045 struct sock *sk = sock->sk;
1047 BT_DBG("sock %p, sk %p", sock, sk);
1049 addr->sa_family = AF_BLUETOOTH;
1050 *len = sizeof(struct sockaddr_l2);
1053 bacpy(&la->l2_bdaddr, &bt_sk(sk)->dst);
1055 bacpy(&la->l2_bdaddr, &bt_sk(sk)->src);
1057 la->l2_psm = l2cap_pi(sk)->psm;
1061 static inline int l2cap_do_send(struct sock *sk, struct msghdr *msg, int len)
1063 struct l2cap_conn *conn = l2cap_pi(sk)->conn;
1064 struct sk_buff *skb, **frag;
1065 int err, hlen, count, sent=0;
1066 struct l2cap_hdr *lh;
1068 BT_DBG("sk %p len %d", sk, len);
1070 /* First fragment (with L2CAP header) */
1071 if (sk->sk_type == SOCK_DGRAM)
1072 hlen = L2CAP_HDR_SIZE + 2;
1074 hlen = L2CAP_HDR_SIZE;
1076 count = min_t(unsigned int, (conn->mtu - hlen), len);
1078 skb = bt_skb_send_alloc(sk, hlen + count,
1079 msg->msg_flags & MSG_DONTWAIT, &err);
1083 /* Create L2CAP header */
1084 lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE);
1085 lh->cid = cpu_to_le16(l2cap_pi(sk)->dcid);
1086 lh->len = cpu_to_le16(len + (hlen - L2CAP_HDR_SIZE));
1088 if (sk->sk_type == SOCK_DGRAM)
1089 put_unaligned(l2cap_pi(sk)->psm, (__le16 *) skb_put(skb, 2));
1091 if (memcpy_fromiovec(skb_put(skb, count), msg->msg_iov, count)) {
1099 /* Continuation fragments (no L2CAP header) */
1100 frag = &skb_shinfo(skb)->frag_list;
1102 count = min_t(unsigned int, conn->mtu, len);
1104 *frag = bt_skb_send_alloc(sk, count, msg->msg_flags & MSG_DONTWAIT, &err);
1108 if (memcpy_fromiovec(skb_put(*frag, count), msg->msg_iov, count)) {
1116 frag = &(*frag)->next;
1119 if ((err = hci_send_acl(conn->hcon, skb, 0)) < 0)
1129 static int l2cap_sock_sendmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *msg, size_t len)
1131 struct sock *sk = sock->sk;
1134 BT_DBG("sock %p, sk %p", sock, sk);
1136 err = sock_error(sk);
1140 if (msg->msg_flags & MSG_OOB)
1143 /* Check outgoing MTU */
1144 if (sk->sk_type != SOCK_RAW && len > l2cap_pi(sk)->omtu)
1149 if (sk->sk_state == BT_CONNECTED)
1150 err = l2cap_do_send(sk, msg, len);
1158 static int l2cap_sock_recvmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *msg, size_t len, int flags)
1160 struct sock *sk = sock->sk;
1164 if (sk->sk_state == BT_CONNECT2 && bt_sk(sk)->defer_setup) {
1165 struct l2cap_conn_rsp rsp;
1167 sk->sk_state = BT_CONFIG;
1169 rsp.scid = cpu_to_le16(l2cap_pi(sk)->dcid);
1170 rsp.dcid = cpu_to_le16(l2cap_pi(sk)->scid);
1171 rsp.result = cpu_to_le16(L2CAP_CR_SUCCESS);
1172 rsp.status = cpu_to_le16(L2CAP_CS_NO_INFO);
1173 l2cap_send_cmd(l2cap_pi(sk)->conn, l2cap_pi(sk)->ident,
1174 L2CAP_CONN_RSP, sizeof(rsp), &rsp);
1182 return bt_sock_recvmsg(iocb, sock, msg, len, flags);
1185 static int l2cap_sock_setsockopt_old(struct socket *sock, int optname, char __user *optval, int optlen)
1187 struct sock *sk = sock->sk;
1188 struct l2cap_options opts;
1192 BT_DBG("sk %p", sk);
1198 opts.imtu = l2cap_pi(sk)->imtu;
1199 opts.omtu = l2cap_pi(sk)->omtu;
1200 opts.flush_to = l2cap_pi(sk)->flush_to;
1201 opts.mode = L2CAP_MODE_BASIC;
1203 len = min_t(unsigned int, sizeof(opts), optlen);
1204 if (copy_from_user((char *) &opts, optval, len)) {
1209 l2cap_pi(sk)->imtu = opts.imtu;
1210 l2cap_pi(sk)->omtu = opts.omtu;
1214 if (get_user(opt, (u32 __user *) optval)) {
1219 if (opt & L2CAP_LM_AUTH)
1220 l2cap_pi(sk)->sec_level = BT_SECURITY_LOW;
1221 if (opt & L2CAP_LM_ENCRYPT)
1222 l2cap_pi(sk)->sec_level = BT_SECURITY_MEDIUM;
1223 if (opt & L2CAP_LM_SECURE)
1224 l2cap_pi(sk)->sec_level = BT_SECURITY_HIGH;
1226 l2cap_pi(sk)->role_switch = (opt & L2CAP_LM_MASTER);
1227 l2cap_pi(sk)->force_reliable = (opt & L2CAP_LM_RELIABLE);
1239 static int l2cap_sock_setsockopt(struct socket *sock, int level, int optname, char __user *optval, int optlen)
1241 struct sock *sk = sock->sk;
1242 struct bt_security sec;
1246 BT_DBG("sk %p", sk);
1248 if (level == SOL_L2CAP)
1249 return l2cap_sock_setsockopt_old(sock, optname, optval, optlen);
1255 sec.level = BT_SECURITY_LOW;
1257 len = min_t(unsigned int, sizeof(sec), optlen);
1258 if (copy_from_user((char *) &sec, optval, len)) {
1263 if (sec.level < BT_SECURITY_LOW ||
1264 sec.level > BT_SECURITY_HIGH) {
1269 l2cap_pi(sk)->sec_level = sec.level;
1272 case BT_DEFER_SETUP:
1273 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
1278 if (get_user(opt, (u32 __user *) optval)) {
1283 bt_sk(sk)->defer_setup = opt;
1295 static int l2cap_sock_getsockopt_old(struct socket *sock, int optname, char __user *optval, int __user *optlen)
1297 struct sock *sk = sock->sk;
1298 struct l2cap_options opts;
1299 struct l2cap_conninfo cinfo;
1303 BT_DBG("sk %p", sk);
1305 if (get_user(len, optlen))
1312 opts.imtu = l2cap_pi(sk)->imtu;
1313 opts.omtu = l2cap_pi(sk)->omtu;
1314 opts.flush_to = l2cap_pi(sk)->flush_to;
1315 opts.mode = L2CAP_MODE_BASIC;
1317 len = min_t(unsigned int, len, sizeof(opts));
1318 if (copy_to_user(optval, (char *) &opts, len))
1324 switch (l2cap_pi(sk)->sec_level) {
1325 case BT_SECURITY_LOW:
1326 opt = L2CAP_LM_AUTH;
1328 case BT_SECURITY_MEDIUM:
1329 opt = L2CAP_LM_AUTH | L2CAP_LM_ENCRYPT;
1331 case BT_SECURITY_HIGH:
1332 opt = L2CAP_LM_AUTH | L2CAP_LM_ENCRYPT |
1340 if (l2cap_pi(sk)->role_switch)
1341 opt |= L2CAP_LM_MASTER;
1343 if (l2cap_pi(sk)->force_reliable)
1344 opt |= L2CAP_LM_RELIABLE;
1346 if (put_user(opt, (u32 __user *) optval))
1350 case L2CAP_CONNINFO:
1351 if (sk->sk_state != BT_CONNECTED &&
1352 !(sk->sk_state == BT_CONNECT2 &&
1353 bt_sk(sk)->defer_setup)) {
1358 cinfo.hci_handle = l2cap_pi(sk)->conn->hcon->handle;
1359 memcpy(cinfo.dev_class, l2cap_pi(sk)->conn->hcon->dev_class, 3);
1361 len = min_t(unsigned int, len, sizeof(cinfo));
1362 if (copy_to_user(optval, (char *) &cinfo, len))
1376 static int l2cap_sock_getsockopt(struct socket *sock, int level, int optname, char __user *optval, int __user *optlen)
1378 struct sock *sk = sock->sk;
1379 struct bt_security sec;
1382 BT_DBG("sk %p", sk);
1384 if (level == SOL_L2CAP)
1385 return l2cap_sock_getsockopt_old(sock, optname, optval, optlen);
1387 if (get_user(len, optlen))
1394 sec.level = l2cap_pi(sk)->sec_level;
1396 len = min_t(unsigned int, len, sizeof(sec));
1397 if (copy_to_user(optval, (char *) &sec, len))
1402 case BT_DEFER_SETUP:
1403 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
1408 if (put_user(bt_sk(sk)->defer_setup, (u32 __user *) optval))
1422 static int l2cap_sock_shutdown(struct socket *sock, int how)
1424 struct sock *sk = sock->sk;
1427 BT_DBG("sock %p, sk %p", sock, sk);
1433 if (!sk->sk_shutdown) {
1434 sk->sk_shutdown = SHUTDOWN_MASK;
1435 l2cap_sock_clear_timer(sk);
1436 __l2cap_sock_close(sk, 0);
1438 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime)
1439 err = bt_sock_wait_state(sk, BT_CLOSED,
1446 static int l2cap_sock_release(struct socket *sock)
1448 struct sock *sk = sock->sk;
1451 BT_DBG("sock %p, sk %p", sock, sk);
1456 err = l2cap_sock_shutdown(sock, 2);
1459 l2cap_sock_kill(sk);
1463 static void l2cap_chan_ready(struct sock *sk)
1465 struct sock *parent = bt_sk(sk)->parent;
1467 BT_DBG("sk %p, parent %p", sk, parent);
1469 l2cap_pi(sk)->conf_state = 0;
1470 l2cap_sock_clear_timer(sk);
1473 /* Outgoing channel.
1474 * Wake up socket sleeping on connect.
1476 sk->sk_state = BT_CONNECTED;
1477 sk->sk_state_change(sk);
1479 /* Incoming channel.
1480 * Wake up socket sleeping on accept.
1482 parent->sk_data_ready(parent, 0);
1486 /* Copy frame to all raw sockets on that connection */
1487 static void l2cap_raw_recv(struct l2cap_conn *conn, struct sk_buff *skb)
1489 struct l2cap_chan_list *l = &conn->chan_list;
1490 struct sk_buff *nskb;
1493 BT_DBG("conn %p", conn);
1495 read_lock(&l->lock);
1496 for (sk = l->head; sk; sk = l2cap_pi(sk)->next_c) {
1497 if (sk->sk_type != SOCK_RAW)
1500 /* Don't send frame to the socket it came from */
1504 if (!(nskb = skb_clone(skb, GFP_ATOMIC)))
1507 if (sock_queue_rcv_skb(sk, nskb))
1510 read_unlock(&l->lock);
1513 /* ---- L2CAP signalling commands ---- */
1514 static struct sk_buff *l2cap_build_cmd(struct l2cap_conn *conn,
1515 u8 code, u8 ident, u16 dlen, void *data)
1517 struct sk_buff *skb, **frag;
1518 struct l2cap_cmd_hdr *cmd;
1519 struct l2cap_hdr *lh;
1522 BT_DBG("conn %p, code 0x%2.2x, ident 0x%2.2x, len %d", conn, code, ident, dlen);
1524 len = L2CAP_HDR_SIZE + L2CAP_CMD_HDR_SIZE + dlen;
1525 count = min_t(unsigned int, conn->mtu, len);
1527 skb = bt_skb_alloc(count, GFP_ATOMIC);
1531 lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE);
1532 lh->len = cpu_to_le16(L2CAP_CMD_HDR_SIZE + dlen);
1533 lh->cid = cpu_to_le16(0x0001);
1535 cmd = (struct l2cap_cmd_hdr *) skb_put(skb, L2CAP_CMD_HDR_SIZE);
1538 cmd->len = cpu_to_le16(dlen);
1541 count -= L2CAP_HDR_SIZE + L2CAP_CMD_HDR_SIZE;
1542 memcpy(skb_put(skb, count), data, count);
1548 /* Continuation fragments (no L2CAP header) */
1549 frag = &skb_shinfo(skb)->frag_list;
1551 count = min_t(unsigned int, conn->mtu, len);
1553 *frag = bt_skb_alloc(count, GFP_ATOMIC);
1557 memcpy(skb_put(*frag, count), data, count);
1562 frag = &(*frag)->next;
1572 static inline int l2cap_get_conf_opt(void **ptr, int *type, int *olen, unsigned long *val)
1574 struct l2cap_conf_opt *opt = *ptr;
1577 len = L2CAP_CONF_OPT_SIZE + opt->len;
1585 *val = *((u8 *) opt->val);
1589 *val = __le16_to_cpu(*((__le16 *) opt->val));
1593 *val = __le32_to_cpu(*((__le32 *) opt->val));
1597 *val = (unsigned long) opt->val;
1601 BT_DBG("type 0x%2.2x len %d val 0x%lx", *type, opt->len, *val);
1605 static void l2cap_add_conf_opt(void **ptr, u8 type, u8 len, unsigned long val)
1607 struct l2cap_conf_opt *opt = *ptr;
1609 BT_DBG("type 0x%2.2x len %d val 0x%lx", type, len, val);
1616 *((u8 *) opt->val) = val;
1620 *((__le16 *) opt->val) = cpu_to_le16(val);
1624 *((__le32 *) opt->val) = cpu_to_le32(val);
1628 memcpy(opt->val, (void *) val, len);
1632 *ptr += L2CAP_CONF_OPT_SIZE + len;
1635 static int l2cap_build_conf_req(struct sock *sk, void *data)
1637 struct l2cap_pinfo *pi = l2cap_pi(sk);
1638 struct l2cap_conf_req *req = data;
1639 void *ptr = req->data;
1641 BT_DBG("sk %p", sk);
1643 if (pi->imtu != L2CAP_DEFAULT_MTU)
1644 l2cap_add_conf_opt(&ptr, L2CAP_CONF_MTU, 2, pi->imtu);
1646 /* FIXME: Need actual value of the flush timeout */
1647 //if (flush_to != L2CAP_DEFAULT_FLUSH_TO)
1648 // l2cap_add_conf_opt(&ptr, L2CAP_CONF_FLUSH_TO, 2, pi->flush_to);
1650 req->dcid = cpu_to_le16(pi->dcid);
1651 req->flags = cpu_to_le16(0);
1656 static int l2cap_parse_conf_req(struct sock *sk, void *data)
1658 struct l2cap_pinfo *pi = l2cap_pi(sk);
1659 struct l2cap_conf_rsp *rsp = data;
1660 void *ptr = rsp->data;
1661 void *req = pi->conf_req;
1662 int len = pi->conf_len;
1663 int type, hint, olen;
1665 struct l2cap_conf_rfc rfc = { .mode = L2CAP_MODE_BASIC };
1666 u16 mtu = L2CAP_DEFAULT_MTU;
1667 u16 result = L2CAP_CONF_SUCCESS;
1669 BT_DBG("sk %p", sk);
1671 while (len >= L2CAP_CONF_OPT_SIZE) {
1672 len -= l2cap_get_conf_opt(&req, &type, &olen, &val);
1678 case L2CAP_CONF_MTU:
1682 case L2CAP_CONF_FLUSH_TO:
1686 case L2CAP_CONF_QOS:
1689 case L2CAP_CONF_RFC:
1690 if (olen == sizeof(rfc))
1691 memcpy(&rfc, (void *) val, olen);
1698 result = L2CAP_CONF_UNKNOWN;
1699 *((u8 *) ptr++) = type;
1704 if (result == L2CAP_CONF_SUCCESS) {
1705 /* Configure output options and let the other side know
1706 * which ones we don't like. */
1708 if (rfc.mode == L2CAP_MODE_BASIC) {
1710 result = L2CAP_CONF_UNACCEPT;
1713 pi->conf_state |= L2CAP_CONF_OUTPUT_DONE;
1716 l2cap_add_conf_opt(&ptr, L2CAP_CONF_MTU, 2, pi->omtu);
1718 result = L2CAP_CONF_UNACCEPT;
1720 memset(&rfc, 0, sizeof(rfc));
1721 rfc.mode = L2CAP_MODE_BASIC;
1723 l2cap_add_conf_opt(&ptr, L2CAP_CONF_RFC,
1724 sizeof(rfc), (unsigned long) &rfc);
1728 rsp->scid = cpu_to_le16(pi->dcid);
1729 rsp->result = cpu_to_le16(result);
1730 rsp->flags = cpu_to_le16(0x0000);
1735 static int l2cap_build_conf_rsp(struct sock *sk, void *data, u16 result, u16 flags)
1737 struct l2cap_conf_rsp *rsp = data;
1738 void *ptr = rsp->data;
1740 BT_DBG("sk %p", sk);
1742 rsp->scid = cpu_to_le16(l2cap_pi(sk)->dcid);
1743 rsp->result = cpu_to_le16(result);
1744 rsp->flags = cpu_to_le16(flags);
1749 static inline int l2cap_command_rej(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u8 *data)
1751 struct l2cap_cmd_rej *rej = (struct l2cap_cmd_rej *) data;
1753 if (rej->reason != 0x0000)
1756 if ((conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_SENT) &&
1757 cmd->ident == conn->info_ident) {
1758 conn->info_ident = 0;
1759 del_timer(&conn->info_timer);
1760 l2cap_conn_start(conn);
1766 static inline int l2cap_connect_req(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u8 *data)
1768 struct l2cap_chan_list *list = &conn->chan_list;
1769 struct l2cap_conn_req *req = (struct l2cap_conn_req *) data;
1770 struct l2cap_conn_rsp rsp;
1771 struct sock *sk, *parent;
1772 int result, status = L2CAP_CS_NO_INFO;
1774 u16 dcid = 0, scid = __le16_to_cpu(req->scid);
1775 __le16 psm = req->psm;
1777 BT_DBG("psm 0x%2.2x scid 0x%4.4x", psm, scid);
1779 /* Check if we have socket listening on psm */
1780 parent = l2cap_get_sock_by_psm(BT_LISTEN, psm, conn->src);
1782 result = L2CAP_CR_BAD_PSM;
1786 /* Check if the ACL is secure enough (if not SDP) */
1787 if (psm != cpu_to_le16(0x0001) &&
1788 !hci_conn_check_link_mode(conn->hcon)) {
1789 result = L2CAP_CR_SEC_BLOCK;
1793 result = L2CAP_CR_NO_MEM;
1795 /* Check for backlog size */
1796 if (sk_acceptq_is_full(parent)) {
1797 BT_DBG("backlog full %d", parent->sk_ack_backlog);
1801 sk = l2cap_sock_alloc(sock_net(parent), NULL, BTPROTO_L2CAP, GFP_ATOMIC);
1805 write_lock_bh(&list->lock);
1807 /* Check if we already have channel with that dcid */
1808 if (__l2cap_get_chan_by_dcid(list, scid)) {
1809 write_unlock_bh(&list->lock);
1810 sock_set_flag(sk, SOCK_ZAPPED);
1811 l2cap_sock_kill(sk);
1815 hci_conn_hold(conn->hcon);
1817 l2cap_sock_init(sk, parent);
1818 bacpy(&bt_sk(sk)->src, conn->src);
1819 bacpy(&bt_sk(sk)->dst, conn->dst);
1820 l2cap_pi(sk)->psm = psm;
1821 l2cap_pi(sk)->dcid = scid;
1823 __l2cap_chan_add(conn, sk, parent);
1824 dcid = l2cap_pi(sk)->scid;
1826 l2cap_sock_set_timer(sk, sk->sk_sndtimeo);
1828 l2cap_pi(sk)->ident = cmd->ident;
1830 if (conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_SENT) {
1831 if (l2cap_check_security(sk)) {
1832 if (bt_sk(sk)->defer_setup) {
1833 sk->sk_state = BT_CONNECT2;
1834 result = L2CAP_CR_PEND;
1835 status = L2CAP_CS_AUTHOR_PEND;
1836 parent->sk_data_ready(parent, 0);
1838 sk->sk_state = BT_CONFIG;
1839 result = L2CAP_CR_SUCCESS;
1840 status = L2CAP_CS_NO_INFO;
1843 sk->sk_state = BT_CONNECT2;
1844 result = L2CAP_CR_PEND;
1845 status = L2CAP_CS_AUTHEN_PEND;
1848 sk->sk_state = BT_CONNECT2;
1849 result = L2CAP_CR_PEND;
1850 status = L2CAP_CS_NO_INFO;
1853 write_unlock_bh(&list->lock);
1856 bh_unlock_sock(parent);
1859 rsp.scid = cpu_to_le16(scid);
1860 rsp.dcid = cpu_to_le16(dcid);
1861 rsp.result = cpu_to_le16(result);
1862 rsp.status = cpu_to_le16(status);
1863 l2cap_send_cmd(conn, cmd->ident, L2CAP_CONN_RSP, sizeof(rsp), &rsp);
1865 if (result == L2CAP_CR_PEND && status == L2CAP_CS_NO_INFO) {
1866 struct l2cap_info_req info;
1867 info.type = cpu_to_le16(L2CAP_IT_FEAT_MASK);
1869 conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_SENT;
1870 conn->info_ident = l2cap_get_ident(conn);
1872 mod_timer(&conn->info_timer, jiffies +
1873 msecs_to_jiffies(L2CAP_INFO_TIMEOUT));
1875 l2cap_send_cmd(conn, conn->info_ident,
1876 L2CAP_INFO_REQ, sizeof(info), &info);
1882 static inline int l2cap_connect_rsp(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u8 *data)
1884 struct l2cap_conn_rsp *rsp = (struct l2cap_conn_rsp *) data;
1885 u16 scid, dcid, result, status;
1889 scid = __le16_to_cpu(rsp->scid);
1890 dcid = __le16_to_cpu(rsp->dcid);
1891 result = __le16_to_cpu(rsp->result);
1892 status = __le16_to_cpu(rsp->status);
1894 BT_DBG("dcid 0x%4.4x scid 0x%4.4x result 0x%2.2x status 0x%2.2x", dcid, scid, result, status);
1897 if (!(sk = l2cap_get_chan_by_scid(&conn->chan_list, scid)))
1900 if (!(sk = l2cap_get_chan_by_ident(&conn->chan_list, cmd->ident)))
1905 case L2CAP_CR_SUCCESS:
1906 sk->sk_state = BT_CONFIG;
1907 l2cap_pi(sk)->ident = 0;
1908 l2cap_pi(sk)->dcid = dcid;
1909 l2cap_pi(sk)->conf_state |= L2CAP_CONF_REQ_SENT;
1911 l2cap_send_cmd(conn, l2cap_get_ident(conn), L2CAP_CONF_REQ,
1912 l2cap_build_conf_req(sk, req), req);
1919 l2cap_chan_del(sk, ECONNREFUSED);
1927 static inline int l2cap_config_req(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u16 cmd_len, u8 *data)
1929 struct l2cap_conf_req *req = (struct l2cap_conf_req *) data;
1935 dcid = __le16_to_cpu(req->dcid);
1936 flags = __le16_to_cpu(req->flags);
1938 BT_DBG("dcid 0x%4.4x flags 0x%2.2x", dcid, flags);
1940 if (!(sk = l2cap_get_chan_by_scid(&conn->chan_list, dcid)))
1943 if (sk->sk_state == BT_DISCONN)
1946 /* Reject if config buffer is too small. */
1947 len = cmd_len - sizeof(*req);
1948 if (l2cap_pi(sk)->conf_len + len > sizeof(l2cap_pi(sk)->conf_req)) {
1949 l2cap_send_cmd(conn, cmd->ident, L2CAP_CONF_RSP,
1950 l2cap_build_conf_rsp(sk, rsp,
1951 L2CAP_CONF_REJECT, flags), rsp);
1956 memcpy(l2cap_pi(sk)->conf_req + l2cap_pi(sk)->conf_len, req->data, len);
1957 l2cap_pi(sk)->conf_len += len;
1959 if (flags & 0x0001) {
1960 /* Incomplete config. Send empty response. */
1961 l2cap_send_cmd(conn, cmd->ident, L2CAP_CONF_RSP,
1962 l2cap_build_conf_rsp(sk, rsp,
1963 L2CAP_CONF_SUCCESS, 0x0001), rsp);
1967 /* Complete config. */
1968 len = l2cap_parse_conf_req(sk, rsp);
1972 l2cap_send_cmd(conn, cmd->ident, L2CAP_CONF_RSP, len, rsp);
1974 /* Reset config buffer. */
1975 l2cap_pi(sk)->conf_len = 0;
1977 if (!(l2cap_pi(sk)->conf_state & L2CAP_CONF_OUTPUT_DONE))
1980 if (l2cap_pi(sk)->conf_state & L2CAP_CONF_INPUT_DONE) {
1981 sk->sk_state = BT_CONNECTED;
1982 l2cap_chan_ready(sk);
1986 if (!(l2cap_pi(sk)->conf_state & L2CAP_CONF_REQ_SENT)) {
1988 l2cap_send_cmd(conn, l2cap_get_ident(conn), L2CAP_CONF_REQ,
1989 l2cap_build_conf_req(sk, buf), buf);
1997 static inline int l2cap_config_rsp(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u8 *data)
1999 struct l2cap_conf_rsp *rsp = (struct l2cap_conf_rsp *)data;
2000 u16 scid, flags, result;
2003 scid = __le16_to_cpu(rsp->scid);
2004 flags = __le16_to_cpu(rsp->flags);
2005 result = __le16_to_cpu(rsp->result);
2007 BT_DBG("scid 0x%4.4x flags 0x%2.2x result 0x%2.2x", scid, flags, result);
2009 if (!(sk = l2cap_get_chan_by_scid(&conn->chan_list, scid)))
2013 case L2CAP_CONF_SUCCESS:
2016 case L2CAP_CONF_UNACCEPT:
2017 if (++l2cap_pi(sk)->conf_retry < L2CAP_CONF_MAX_RETRIES) {
2019 /* It does not make sense to adjust L2CAP parameters
2020 * that are currently defined in the spec. We simply
2021 * resend config request that we sent earlier. It is
2022 * stupid, but it helps qualification testing which
2023 * expects at least some response from us. */
2024 l2cap_send_cmd(conn, l2cap_get_ident(conn), L2CAP_CONF_REQ,
2025 l2cap_build_conf_req(sk, req), req);
2030 sk->sk_state = BT_DISCONN;
2031 sk->sk_err = ECONNRESET;
2032 l2cap_sock_set_timer(sk, HZ * 5);
2034 struct l2cap_disconn_req req;
2035 req.dcid = cpu_to_le16(l2cap_pi(sk)->dcid);
2036 req.scid = cpu_to_le16(l2cap_pi(sk)->scid);
2037 l2cap_send_cmd(conn, l2cap_get_ident(conn),
2038 L2CAP_DISCONN_REQ, sizeof(req), &req);
2046 l2cap_pi(sk)->conf_state |= L2CAP_CONF_INPUT_DONE;
2048 if (l2cap_pi(sk)->conf_state & L2CAP_CONF_OUTPUT_DONE) {
2049 sk->sk_state = BT_CONNECTED;
2050 l2cap_chan_ready(sk);
2058 static inline int l2cap_disconnect_req(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u8 *data)
2060 struct l2cap_disconn_req *req = (struct l2cap_disconn_req *) data;
2061 struct l2cap_disconn_rsp rsp;
2065 scid = __le16_to_cpu(req->scid);
2066 dcid = __le16_to_cpu(req->dcid);
2068 BT_DBG("scid 0x%4.4x dcid 0x%4.4x", scid, dcid);
2070 if (!(sk = l2cap_get_chan_by_scid(&conn->chan_list, dcid)))
2073 rsp.dcid = cpu_to_le16(l2cap_pi(sk)->scid);
2074 rsp.scid = cpu_to_le16(l2cap_pi(sk)->dcid);
2075 l2cap_send_cmd(conn, cmd->ident, L2CAP_DISCONN_RSP, sizeof(rsp), &rsp);
2077 sk->sk_shutdown = SHUTDOWN_MASK;
2079 l2cap_chan_del(sk, ECONNRESET);
2082 l2cap_sock_kill(sk);
2086 static inline int l2cap_disconnect_rsp(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u8 *data)
2088 struct l2cap_disconn_rsp *rsp = (struct l2cap_disconn_rsp *) data;
2092 scid = __le16_to_cpu(rsp->scid);
2093 dcid = __le16_to_cpu(rsp->dcid);
2095 BT_DBG("dcid 0x%4.4x scid 0x%4.4x", dcid, scid);
2097 if (!(sk = l2cap_get_chan_by_scid(&conn->chan_list, scid)))
2100 l2cap_chan_del(sk, 0);
2103 l2cap_sock_kill(sk);
2107 static inline int l2cap_information_req(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u8 *data)
2109 struct l2cap_info_req *req = (struct l2cap_info_req *) data;
2112 type = __le16_to_cpu(req->type);
2114 BT_DBG("type 0x%4.4x", type);
2116 if (type == L2CAP_IT_FEAT_MASK) {
2118 struct l2cap_info_rsp *rsp = (struct l2cap_info_rsp *) buf;
2119 rsp->type = cpu_to_le16(L2CAP_IT_FEAT_MASK);
2120 rsp->result = cpu_to_le16(L2CAP_IR_SUCCESS);
2121 put_unaligned(cpu_to_le32(l2cap_feat_mask), (__le32 *) rsp->data);
2122 l2cap_send_cmd(conn, cmd->ident,
2123 L2CAP_INFO_RSP, sizeof(buf), buf);
2125 struct l2cap_info_rsp rsp;
2126 rsp.type = cpu_to_le16(type);
2127 rsp.result = cpu_to_le16(L2CAP_IR_NOTSUPP);
2128 l2cap_send_cmd(conn, cmd->ident,
2129 L2CAP_INFO_RSP, sizeof(rsp), &rsp);
2135 static inline int l2cap_information_rsp(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u8 *data)
2137 struct l2cap_info_rsp *rsp = (struct l2cap_info_rsp *) data;
2140 type = __le16_to_cpu(rsp->type);
2141 result = __le16_to_cpu(rsp->result);
2143 BT_DBG("type 0x%4.4x result 0x%2.2x", type, result);
2145 conn->info_ident = 0;
2147 del_timer(&conn->info_timer);
2149 if (type == L2CAP_IT_FEAT_MASK)
2150 conn->feat_mask = get_unaligned_le32(rsp->data);
2152 l2cap_conn_start(conn);
2157 static inline void l2cap_sig_channel(struct l2cap_conn *conn, struct sk_buff *skb)
2159 u8 *data = skb->data;
2161 struct l2cap_cmd_hdr cmd;
2164 l2cap_raw_recv(conn, skb);
2166 while (len >= L2CAP_CMD_HDR_SIZE) {
2168 memcpy(&cmd, data, L2CAP_CMD_HDR_SIZE);
2169 data += L2CAP_CMD_HDR_SIZE;
2170 len -= L2CAP_CMD_HDR_SIZE;
2172 cmd_len = le16_to_cpu(cmd.len);
2174 BT_DBG("code 0x%2.2x len %d id 0x%2.2x", cmd.code, cmd_len, cmd.ident);
2176 if (cmd_len > len || !cmd.ident) {
2177 BT_DBG("corrupted command");
2182 case L2CAP_COMMAND_REJ:
2183 l2cap_command_rej(conn, &cmd, data);
2186 case L2CAP_CONN_REQ:
2187 err = l2cap_connect_req(conn, &cmd, data);
2190 case L2CAP_CONN_RSP:
2191 err = l2cap_connect_rsp(conn, &cmd, data);
2194 case L2CAP_CONF_REQ:
2195 err = l2cap_config_req(conn, &cmd, cmd_len, data);
2198 case L2CAP_CONF_RSP:
2199 err = l2cap_config_rsp(conn, &cmd, data);
2202 case L2CAP_DISCONN_REQ:
2203 err = l2cap_disconnect_req(conn, &cmd, data);
2206 case L2CAP_DISCONN_RSP:
2207 err = l2cap_disconnect_rsp(conn, &cmd, data);
2210 case L2CAP_ECHO_REQ:
2211 l2cap_send_cmd(conn, cmd.ident, L2CAP_ECHO_RSP, cmd_len, data);
2214 case L2CAP_ECHO_RSP:
2217 case L2CAP_INFO_REQ:
2218 err = l2cap_information_req(conn, &cmd, data);
2221 case L2CAP_INFO_RSP:
2222 err = l2cap_information_rsp(conn, &cmd, data);
2226 BT_ERR("Unknown signaling command 0x%2.2x", cmd.code);
2232 struct l2cap_cmd_rej rej;
2233 BT_DBG("error %d", err);
2235 /* FIXME: Map err to a valid reason */
2236 rej.reason = cpu_to_le16(0);
2237 l2cap_send_cmd(conn, cmd.ident, L2CAP_COMMAND_REJ, sizeof(rej), &rej);
2247 static inline int l2cap_data_channel(struct l2cap_conn *conn, u16 cid, struct sk_buff *skb)
2251 sk = l2cap_get_chan_by_scid(&conn->chan_list, cid);
2253 BT_DBG("unknown cid 0x%4.4x", cid);
2257 BT_DBG("sk %p, len %d", sk, skb->len);
2259 if (sk->sk_state != BT_CONNECTED)
2262 if (l2cap_pi(sk)->imtu < skb->len)
2265 /* If socket recv buffers overflows we drop data here
2266 * which is *bad* because L2CAP has to be reliable.
2267 * But we don't have any other choice. L2CAP doesn't
2268 * provide flow control mechanism. */
2270 if (!sock_queue_rcv_skb(sk, skb))
2283 static inline int l2cap_conless_channel(struct l2cap_conn *conn, __le16 psm, struct sk_buff *skb)
2287 sk = l2cap_get_sock_by_psm(0, psm, conn->src);
2291 BT_DBG("sk %p, len %d", sk, skb->len);
2293 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_CONNECTED)
2296 if (l2cap_pi(sk)->imtu < skb->len)
2299 if (!sock_queue_rcv_skb(sk, skb))
2306 if (sk) bh_unlock_sock(sk);
2310 static void l2cap_recv_frame(struct l2cap_conn *conn, struct sk_buff *skb)
2312 struct l2cap_hdr *lh = (void *) skb->data;
2316 skb_pull(skb, L2CAP_HDR_SIZE);
2317 cid = __le16_to_cpu(lh->cid);
2318 len = __le16_to_cpu(lh->len);
2320 BT_DBG("len %d, cid 0x%4.4x", len, cid);
2324 l2cap_sig_channel(conn, skb);
2328 psm = get_unaligned((__le16 *) skb->data);
2330 l2cap_conless_channel(conn, psm, skb);
2334 l2cap_data_channel(conn, cid, skb);
2339 /* ---- L2CAP interface with lower layer (HCI) ---- */
2341 static int l2cap_connect_ind(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type)
2343 int exact = 0, lm1 = 0, lm2 = 0;
2344 register struct sock *sk;
2345 struct hlist_node *node;
2347 if (type != ACL_LINK)
2350 BT_DBG("hdev %s, bdaddr %s", hdev->name, batostr(bdaddr));
2352 /* Find listening sockets and check their link_mode */
2353 read_lock(&l2cap_sk_list.lock);
2354 sk_for_each(sk, node, &l2cap_sk_list.head) {
2355 if (sk->sk_state != BT_LISTEN)
2358 if (!bacmp(&bt_sk(sk)->src, &hdev->bdaddr)) {
2359 lm1 |= HCI_LM_ACCEPT;
2360 if (l2cap_pi(sk)->role_switch)
2361 lm1 |= HCI_LM_MASTER;
2363 } else if (!bacmp(&bt_sk(sk)->src, BDADDR_ANY)) {
2364 lm2 |= HCI_LM_ACCEPT;
2365 if (l2cap_pi(sk)->role_switch)
2366 lm2 |= HCI_LM_MASTER;
2369 read_unlock(&l2cap_sk_list.lock);
2371 return exact ? lm1 : lm2;
2374 static int l2cap_connect_cfm(struct hci_conn *hcon, u8 status)
2376 struct l2cap_conn *conn;
2378 BT_DBG("hcon %p bdaddr %s status %d", hcon, batostr(&hcon->dst), status);
2380 if (hcon->type != ACL_LINK)
2384 conn = l2cap_conn_add(hcon, status);
2386 l2cap_conn_ready(conn);
2388 l2cap_conn_del(hcon, bt_err(status));
2393 static int l2cap_disconn_ind(struct hci_conn *hcon, u8 reason)
2395 BT_DBG("hcon %p reason %d", hcon, reason);
2397 if (hcon->type != ACL_LINK)
2400 l2cap_conn_del(hcon, bt_err(reason));
2405 static inline void l2cap_check_encryption(struct sock *sk, u8 encrypt)
2407 if (encrypt == 0x00) {
2408 if (l2cap_pi(sk)->sec_level == BT_SECURITY_MEDIUM) {
2409 l2cap_sock_clear_timer(sk);
2410 l2cap_sock_set_timer(sk, HZ * 5);
2411 } else if (l2cap_pi(sk)->sec_level == BT_SECURITY_HIGH)
2412 __l2cap_sock_close(sk, ECONNREFUSED);
2414 if (l2cap_pi(sk)->sec_level == BT_SECURITY_MEDIUM)
2415 l2cap_sock_clear_timer(sk);
2419 static int l2cap_security_cfm(struct hci_conn *hcon, u8 status, u8 encrypt)
2421 struct l2cap_chan_list *l;
2422 struct l2cap_conn *conn = hcon->l2cap_data;
2428 l = &conn->chan_list;
2430 BT_DBG("conn %p", conn);
2432 read_lock(&l->lock);
2434 for (sk = l->head; sk; sk = l2cap_pi(sk)->next_c) {
2437 if (!status && (sk->sk_state == BT_CONNECTED ||
2438 sk->sk_state == BT_CONFIG)) {
2439 l2cap_check_encryption(sk, encrypt);
2444 if (sk->sk_state == BT_CONNECT) {
2446 struct l2cap_conn_req req;
2447 req.scid = cpu_to_le16(l2cap_pi(sk)->scid);
2448 req.psm = l2cap_pi(sk)->psm;
2450 l2cap_pi(sk)->ident = l2cap_get_ident(conn);
2452 l2cap_send_cmd(conn, l2cap_pi(sk)->ident,
2453 L2CAP_CONN_REQ, sizeof(req), &req);
2455 l2cap_sock_clear_timer(sk);
2456 l2cap_sock_set_timer(sk, HZ / 10);
2458 } else if (sk->sk_state == BT_CONNECT2) {
2459 struct l2cap_conn_rsp rsp;
2463 sk->sk_state = BT_CONFIG;
2464 result = L2CAP_CR_SUCCESS;
2466 sk->sk_state = BT_DISCONN;
2467 l2cap_sock_set_timer(sk, HZ / 10);
2468 result = L2CAP_CR_SEC_BLOCK;
2471 rsp.scid = cpu_to_le16(l2cap_pi(sk)->dcid);
2472 rsp.dcid = cpu_to_le16(l2cap_pi(sk)->scid);
2473 rsp.result = cpu_to_le16(result);
2474 rsp.status = cpu_to_le16(L2CAP_CS_NO_INFO);
2475 l2cap_send_cmd(conn, l2cap_pi(sk)->ident,
2476 L2CAP_CONN_RSP, sizeof(rsp), &rsp);
2482 read_unlock(&l->lock);
2487 static int l2cap_recv_acldata(struct hci_conn *hcon, struct sk_buff *skb, u16 flags)
2489 struct l2cap_conn *conn = hcon->l2cap_data;
2491 if (!conn && !(conn = l2cap_conn_add(hcon, 0)))
2494 BT_DBG("conn %p len %d flags 0x%x", conn, skb->len, flags);
2496 if (flags & ACL_START) {
2497 struct l2cap_hdr *hdr;
2501 BT_ERR("Unexpected start frame (len %d)", skb->len);
2502 kfree_skb(conn->rx_skb);
2503 conn->rx_skb = NULL;
2505 l2cap_conn_unreliable(conn, ECOMM);
2509 BT_ERR("Frame is too short (len %d)", skb->len);
2510 l2cap_conn_unreliable(conn, ECOMM);
2514 hdr = (struct l2cap_hdr *) skb->data;
2515 len = __le16_to_cpu(hdr->len) + L2CAP_HDR_SIZE;
2517 if (len == skb->len) {
2518 /* Complete frame received */
2519 l2cap_recv_frame(conn, skb);
2523 BT_DBG("Start: total len %d, frag len %d", len, skb->len);
2525 if (skb->len > len) {
2526 BT_ERR("Frame is too long (len %d, expected len %d)",
2528 l2cap_conn_unreliable(conn, ECOMM);
2532 /* Allocate skb for the complete frame (with header) */
2533 if (!(conn->rx_skb = bt_skb_alloc(len, GFP_ATOMIC)))
2536 skb_copy_from_linear_data(skb, skb_put(conn->rx_skb, skb->len),
2538 conn->rx_len = len - skb->len;
2540 BT_DBG("Cont: frag len %d (expecting %d)", skb->len, conn->rx_len);
2542 if (!conn->rx_len) {
2543 BT_ERR("Unexpected continuation frame (len %d)", skb->len);
2544 l2cap_conn_unreliable(conn, ECOMM);
2548 if (skb->len > conn->rx_len) {
2549 BT_ERR("Fragment is too long (len %d, expected %d)",
2550 skb->len, conn->rx_len);
2551 kfree_skb(conn->rx_skb);
2552 conn->rx_skb = NULL;
2554 l2cap_conn_unreliable(conn, ECOMM);
2558 skb_copy_from_linear_data(skb, skb_put(conn->rx_skb, skb->len),
2560 conn->rx_len -= skb->len;
2562 if (!conn->rx_len) {
2563 /* Complete frame received */
2564 l2cap_recv_frame(conn, conn->rx_skb);
2565 conn->rx_skb = NULL;
2574 static ssize_t l2cap_sysfs_show(struct class *dev, char *buf)
2577 struct hlist_node *node;
2580 read_lock_bh(&l2cap_sk_list.lock);
2582 sk_for_each(sk, node, &l2cap_sk_list.head) {
2583 struct l2cap_pinfo *pi = l2cap_pi(sk);
2585 str += sprintf(str, "%s %s %d %d 0x%4.4x 0x%4.4x %d %d %d\n",
2586 batostr(&bt_sk(sk)->src), batostr(&bt_sk(sk)->dst),
2587 sk->sk_state, btohs(pi->psm), pi->scid, pi->dcid,
2588 pi->imtu, pi->omtu, pi->sec_level);
2591 read_unlock_bh(&l2cap_sk_list.lock);
2596 static CLASS_ATTR(l2cap, S_IRUGO, l2cap_sysfs_show, NULL);
2598 static const struct proto_ops l2cap_sock_ops = {
2599 .family = PF_BLUETOOTH,
2600 .owner = THIS_MODULE,
2601 .release = l2cap_sock_release,
2602 .bind = l2cap_sock_bind,
2603 .connect = l2cap_sock_connect,
2604 .listen = l2cap_sock_listen,
2605 .accept = l2cap_sock_accept,
2606 .getname = l2cap_sock_getname,
2607 .sendmsg = l2cap_sock_sendmsg,
2608 .recvmsg = l2cap_sock_recvmsg,
2609 .poll = bt_sock_poll,
2610 .ioctl = bt_sock_ioctl,
2611 .mmap = sock_no_mmap,
2612 .socketpair = sock_no_socketpair,
2613 .shutdown = l2cap_sock_shutdown,
2614 .setsockopt = l2cap_sock_setsockopt,
2615 .getsockopt = l2cap_sock_getsockopt
2618 static struct net_proto_family l2cap_sock_family_ops = {
2619 .family = PF_BLUETOOTH,
2620 .owner = THIS_MODULE,
2621 .create = l2cap_sock_create,
2624 static struct hci_proto l2cap_hci_proto = {
2626 .id = HCI_PROTO_L2CAP,
2627 .connect_ind = l2cap_connect_ind,
2628 .connect_cfm = l2cap_connect_cfm,
2629 .disconn_ind = l2cap_disconn_ind,
2630 .security_cfm = l2cap_security_cfm,
2631 .recv_acldata = l2cap_recv_acldata
2634 static int __init l2cap_init(void)
2638 err = proto_register(&l2cap_proto, 0);
2642 err = bt_sock_register(BTPROTO_L2CAP, &l2cap_sock_family_ops);
2644 BT_ERR("L2CAP socket registration failed");
2648 err = hci_register_proto(&l2cap_hci_proto);
2650 BT_ERR("L2CAP protocol registration failed");
2651 bt_sock_unregister(BTPROTO_L2CAP);
2655 if (class_create_file(bt_class, &class_attr_l2cap) < 0)
2656 BT_ERR("Failed to create L2CAP info file");
2658 BT_INFO("L2CAP ver %s", VERSION);
2659 BT_INFO("L2CAP socket layer initialized");
2664 proto_unregister(&l2cap_proto);
2668 static void __exit l2cap_exit(void)
2670 class_remove_file(bt_class, &class_attr_l2cap);
2672 if (bt_sock_unregister(BTPROTO_L2CAP) < 0)
2673 BT_ERR("L2CAP socket unregistration failed");
2675 if (hci_unregister_proto(&l2cap_hci_proto) < 0)
2676 BT_ERR("L2CAP protocol unregistration failed");
2678 proto_unregister(&l2cap_proto);
2681 void l2cap_load(void)
2683 /* Dummy function to trigger automatic L2CAP module loading by
2684 * other modules that use L2CAP sockets but don't use any other
2685 * symbols from it. */
2688 EXPORT_SYMBOL(l2cap_load);
2690 module_init(l2cap_init);
2691 module_exit(l2cap_exit);
2693 MODULE_AUTHOR("Marcel Holtmann <marcel@holtmann.org>");
2694 MODULE_DESCRIPTION("Bluetooth L2CAP ver " VERSION);
2695 MODULE_VERSION(VERSION);
2696 MODULE_LICENSE("GPL");
2697 MODULE_ALIAS("bt-proto-0");
git.openpandora.org / pandora-kernel.git / blob