2 RFCOMM implementation for Linux Bluetooth stack (BlueZ).
3 Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com>
4 Copyright (C) 2002 Marcel Holtmann <marcel@holtmann.org>
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License version 2 as
8 published by the Free Software Foundation;
10 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
11 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
12 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
13 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
14 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
15 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
17 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
20 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
21 SOFTWARE IS DISCLAIMED.
28 #include <linux/module.h>
30 #include <linux/types.h>
31 #include <linux/errno.h>
32 #include <linux/kernel.h>
33 #include <linux/sched.h>
34 #include <linux/slab.h>
35 #include <linux/poll.h>
36 #include <linux/fcntl.h>
37 #include <linux/init.h>
38 #include <linux/interrupt.h>
39 #include <linux/socket.h>
40 #include <linux/skbuff.h>
41 #include <linux/list.h>
42 #include <linux/device.h>
45 #include <asm/system.h>
46 #include <asm/uaccess.h>
48 #include <net/bluetooth/bluetooth.h>
49 #include <net/bluetooth/hci_core.h>
50 #include <net/bluetooth/l2cap.h>
51 #include <net/bluetooth/rfcomm.h>
53 static const struct proto_ops rfcomm_sock_ops;
55 static struct bt_sock_list rfcomm_sk_list = {
56 .lock = __RW_LOCK_UNLOCKED(rfcomm_sk_list.lock)
59 static void rfcomm_sock_close(struct sock *sk);
60 static void rfcomm_sock_kill(struct sock *sk);
62 /* ---- DLC callbacks ----
64 * called under rfcomm_dlc_lock()
66 static void rfcomm_sk_data_ready(struct rfcomm_dlc *d, struct sk_buff *skb)
68 struct sock *sk = d->owner;
72 atomic_add(skb->len, &sk->sk_rmem_alloc);
73 skb_queue_tail(&sk->sk_receive_queue, skb);
74 sk->sk_data_ready(sk, skb->len);
76 if (atomic_read(&sk->sk_rmem_alloc) >= sk->sk_rcvbuf)
77 rfcomm_dlc_throttle(d);
80 static void rfcomm_sk_state_change(struct rfcomm_dlc *d, int err)
82 struct sock *sk = d->owner, *parent;
86 BT_DBG("dlc %p state %ld err %d", d, d->state, err);
93 sk->sk_state = d->state;
95 parent = bt_sk(sk)->parent;
97 if (d->state == BT_CLOSED) {
98 sock_set_flag(sk, SOCK_ZAPPED);
101 parent->sk_data_ready(parent, 0);
103 if (d->state == BT_CONNECTED)
104 rfcomm_session_getaddr(d->session, &bt_sk(sk)->src, NULL);
105 sk->sk_state_change(sk);
110 if (parent && sock_flag(sk, SOCK_ZAPPED)) {
111 /* We have to drop DLC lock here, otherwise
112 * rfcomm_sock_destruct() will dead lock. */
113 rfcomm_dlc_unlock(d);
114 rfcomm_sock_kill(sk);
119 /* ---- Socket functions ---- */
120 static struct sock *__rfcomm_get_sock_by_addr(u8 channel, bdaddr_t *src)
122 struct sock *sk = NULL;
123 struct hlist_node *node;
125 sk_for_each(sk, node, &rfcomm_sk_list.head) {
126 if (rfcomm_pi(sk)->channel == channel &&
127 !bacmp(&bt_sk(sk)->src, src))
131 return node ? sk : NULL;
134 /* Find socket with channel and source bdaddr.
135 * Returns closest match.
137 static struct sock *__rfcomm_get_sock_by_channel(int state, u8 channel, bdaddr_t *src)
139 struct sock *sk = NULL, *sk1 = NULL;
140 struct hlist_node *node;
142 sk_for_each(sk, node, &rfcomm_sk_list.head) {
143 if (state && sk->sk_state != state)
146 if (rfcomm_pi(sk)->channel == channel) {
148 if (!bacmp(&bt_sk(sk)->src, src))
152 if (!bacmp(&bt_sk(sk)->src, BDADDR_ANY))
156 return node ? sk : sk1;
159 /* Find socket with given address (channel, src).
160 * Returns locked socket */
161 static inline struct sock *rfcomm_get_sock_by_channel(int state, u8 channel, bdaddr_t *src)
164 read_lock(&rfcomm_sk_list.lock);
165 s = __rfcomm_get_sock_by_channel(state, channel, src);
166 if (s) bh_lock_sock(s);
167 read_unlock(&rfcomm_sk_list.lock);
171 static void rfcomm_sock_destruct(struct sock *sk)
173 struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc;
175 BT_DBG("sk %p dlc %p", sk, d);
177 skb_queue_purge(&sk->sk_receive_queue);
178 skb_queue_purge(&sk->sk_write_queue);
181 rfcomm_pi(sk)->dlc = NULL;
183 /* Detach DLC if it's owned by this socket */
186 rfcomm_dlc_unlock(d);
191 static void rfcomm_sock_cleanup_listen(struct sock *parent)
195 BT_DBG("parent %p", parent);
197 /* Close not yet accepted dlcs */
198 while ((sk = bt_accept_dequeue(parent, NULL))) {
199 rfcomm_sock_close(sk);
200 rfcomm_sock_kill(sk);
203 parent->sk_state = BT_CLOSED;
204 sock_set_flag(parent, SOCK_ZAPPED);
207 /* Kill socket (only if zapped and orphan)
208 * Must be called on unlocked socket.
210 static void rfcomm_sock_kill(struct sock *sk)
212 if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket)
215 BT_DBG("sk %p state %d refcnt %d", sk, sk->sk_state, atomic_read(&sk->sk_refcnt));
217 /* Kill poor orphan */
218 bt_sock_unlink(&rfcomm_sk_list, sk);
219 sock_set_flag(sk, SOCK_DEAD);
223 static void __rfcomm_sock_close(struct sock *sk)
225 struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc;
227 BT_DBG("sk %p state %d socket %p", sk, sk->sk_state, sk->sk_socket);
229 switch (sk->sk_state) {
231 rfcomm_sock_cleanup_listen(sk);
238 rfcomm_dlc_close(d, 0);
241 sock_set_flag(sk, SOCK_ZAPPED);
247 * Must be called on unlocked socket.
249 static void rfcomm_sock_close(struct sock *sk)
252 __rfcomm_sock_close(sk);
256 static void rfcomm_sock_init(struct sock *sk, struct sock *parent)
258 struct rfcomm_pinfo *pi = rfcomm_pi(sk);
263 sk->sk_type = parent->sk_type;
264 pi->link_mode = rfcomm_pi(parent)->link_mode;
269 pi->dlc->link_mode = pi->link_mode;
272 static struct proto rfcomm_proto = {
274 .owner = THIS_MODULE,
275 .obj_size = sizeof(struct rfcomm_pinfo)
278 static struct sock *rfcomm_sock_alloc(struct net *net, struct socket *sock, int proto, gfp_t prio)
280 struct rfcomm_dlc *d;
283 sk = sk_alloc(net, PF_BLUETOOTH, prio, &rfcomm_proto);
287 sock_init_data(sock, sk);
288 INIT_LIST_HEAD(&bt_sk(sk)->accept_q);
290 d = rfcomm_dlc_alloc(prio);
296 d->data_ready = rfcomm_sk_data_ready;
297 d->state_change = rfcomm_sk_state_change;
299 rfcomm_pi(sk)->dlc = d;
302 sk->sk_destruct = rfcomm_sock_destruct;
303 sk->sk_sndtimeo = RFCOMM_CONN_TIMEOUT;
305 sk->sk_sndbuf = RFCOMM_MAX_CREDITS * RFCOMM_DEFAULT_MTU * 10;
306 sk->sk_rcvbuf = RFCOMM_MAX_CREDITS * RFCOMM_DEFAULT_MTU * 10;
308 sock_reset_flag(sk, SOCK_ZAPPED);
310 sk->sk_protocol = proto;
311 sk->sk_state = BT_OPEN;
313 bt_sock_link(&rfcomm_sk_list, sk);
319 static int rfcomm_sock_create(struct net *net, struct socket *sock, int protocol)
323 BT_DBG("sock %p", sock);
325 sock->state = SS_UNCONNECTED;
327 if (sock->type != SOCK_STREAM && sock->type != SOCK_RAW)
328 return -ESOCKTNOSUPPORT;
330 sock->ops = &rfcomm_sock_ops;
332 sk = rfcomm_sock_alloc(net, sock, protocol, GFP_ATOMIC);
336 rfcomm_sock_init(sk, NULL);
340 static int rfcomm_sock_bind(struct socket *sock, struct sockaddr *addr, int addr_len)
342 struct sockaddr_rc *sa = (struct sockaddr_rc *) addr;
343 struct sock *sk = sock->sk;
346 BT_DBG("sk %p %s", sk, batostr(&sa->rc_bdaddr));
348 if (!addr || addr->sa_family != AF_BLUETOOTH)
353 if (sk->sk_state != BT_OPEN) {
358 if (sk->sk_type != SOCK_STREAM) {
363 write_lock_bh(&rfcomm_sk_list.lock);
365 if (sa->rc_channel && __rfcomm_get_sock_by_addr(sa->rc_channel, &sa->rc_bdaddr)) {
368 /* Save source address */
369 bacpy(&bt_sk(sk)->src, &sa->rc_bdaddr);
370 rfcomm_pi(sk)->channel = sa->rc_channel;
371 sk->sk_state = BT_BOUND;
374 write_unlock_bh(&rfcomm_sk_list.lock);
381 static int rfcomm_sock_connect(struct socket *sock, struct sockaddr *addr, int alen, int flags)
383 struct sockaddr_rc *sa = (struct sockaddr_rc *) addr;
384 struct sock *sk = sock->sk;
385 struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc;
390 if (addr->sa_family != AF_BLUETOOTH || alen < sizeof(struct sockaddr_rc))
395 if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND) {
400 if (sk->sk_type != SOCK_STREAM) {
405 sk->sk_state = BT_CONNECT;
406 bacpy(&bt_sk(sk)->dst, &sa->rc_bdaddr);
407 rfcomm_pi(sk)->channel = sa->rc_channel;
409 d->link_mode = rfcomm_pi(sk)->link_mode;
411 err = rfcomm_dlc_open(d, &bt_sk(sk)->src, &sa->rc_bdaddr, sa->rc_channel);
413 err = bt_sock_wait_state(sk, BT_CONNECTED,
414 sock_sndtimeo(sk, flags & O_NONBLOCK));
421 static int rfcomm_sock_listen(struct socket *sock, int backlog)
423 struct sock *sk = sock->sk;
426 BT_DBG("sk %p backlog %d", sk, backlog);
430 if (sk->sk_state != BT_BOUND) {
435 if (sk->sk_type != SOCK_STREAM) {
440 if (!rfcomm_pi(sk)->channel) {
441 bdaddr_t *src = &bt_sk(sk)->src;
446 write_lock_bh(&rfcomm_sk_list.lock);
448 for (channel = 1; channel < 31; channel++)
449 if (!__rfcomm_get_sock_by_addr(channel, src)) {
450 rfcomm_pi(sk)->channel = channel;
455 write_unlock_bh(&rfcomm_sk_list.lock);
461 sk->sk_max_ack_backlog = backlog;
462 sk->sk_ack_backlog = 0;
463 sk->sk_state = BT_LISTEN;
470 static int rfcomm_sock_accept(struct socket *sock, struct socket *newsock, int flags)
472 DECLARE_WAITQUEUE(wait, current);
473 struct sock *sk = sock->sk, *nsk;
479 if (sk->sk_state != BT_LISTEN) {
484 if (sk->sk_type != SOCK_STREAM) {
489 timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK);
491 BT_DBG("sk %p timeo %ld", sk, timeo);
493 /* Wait for an incoming connection. (wake-one). */
494 add_wait_queue_exclusive(sk->sk_sleep, &wait);
495 while (!(nsk = bt_accept_dequeue(sk, newsock))) {
496 set_current_state(TASK_INTERRUPTIBLE);
503 timeo = schedule_timeout(timeo);
506 if (sk->sk_state != BT_LISTEN) {
511 if (signal_pending(current)) {
512 err = sock_intr_errno(timeo);
516 set_current_state(TASK_RUNNING);
517 remove_wait_queue(sk->sk_sleep, &wait);
522 newsock->state = SS_CONNECTED;
524 BT_DBG("new socket %p", nsk);
531 static int rfcomm_sock_getname(struct socket *sock, struct sockaddr *addr, int *len, int peer)
533 struct sockaddr_rc *sa = (struct sockaddr_rc *) addr;
534 struct sock *sk = sock->sk;
536 BT_DBG("sock %p, sk %p", sock, sk);
538 sa->rc_family = AF_BLUETOOTH;
539 sa->rc_channel = rfcomm_pi(sk)->channel;
541 bacpy(&sa->rc_bdaddr, &bt_sk(sk)->dst);
543 bacpy(&sa->rc_bdaddr, &bt_sk(sk)->src);
545 *len = sizeof(struct sockaddr_rc);
549 static int rfcomm_sock_sendmsg(struct kiocb *iocb, struct socket *sock,
550 struct msghdr *msg, size_t len)
552 struct sock *sk = sock->sk;
553 struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc;
557 if (msg->msg_flags & MSG_OOB)
560 if (sk->sk_shutdown & SEND_SHUTDOWN)
563 BT_DBG("sock %p, sk %p", sock, sk);
568 size_t size = min_t(size_t, len, d->mtu);
571 skb = sock_alloc_send_skb(sk, size + RFCOMM_SKB_RESERVE,
572 msg->msg_flags & MSG_DONTWAIT, &err);
575 skb_reserve(skb, RFCOMM_SKB_HEAD_RESERVE);
577 err = memcpy_fromiovec(skb_put(skb, size), msg->msg_iov, size);
585 err = rfcomm_dlc_send(d, skb);
602 static long rfcomm_sock_data_wait(struct sock *sk, long timeo)
604 DECLARE_WAITQUEUE(wait, current);
606 add_wait_queue(sk->sk_sleep, &wait);
608 set_current_state(TASK_INTERRUPTIBLE);
610 if (!skb_queue_empty(&sk->sk_receive_queue) ||
612 (sk->sk_shutdown & RCV_SHUTDOWN) ||
613 signal_pending(current) ||
617 set_bit(SOCK_ASYNC_WAITDATA, &sk->sk_socket->flags);
619 timeo = schedule_timeout(timeo);
621 clear_bit(SOCK_ASYNC_WAITDATA, &sk->sk_socket->flags);
624 __set_current_state(TASK_RUNNING);
625 remove_wait_queue(sk->sk_sleep, &wait);
629 static int rfcomm_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
630 struct msghdr *msg, size_t size, int flags)
632 struct sock *sk = sock->sk;
634 size_t target, copied = 0;
640 msg->msg_namelen = 0;
642 BT_DBG("sk %p size %zu", sk, size);
646 target = sock_rcvlowat(sk, flags & MSG_WAITALL, size);
647 timeo = sock_rcvtimeo(sk, flags & MSG_DONTWAIT);
653 skb = skb_dequeue(&sk->sk_receive_queue);
655 if (copied >= target)
658 if ((err = sock_error(sk)) != 0)
660 if (sk->sk_shutdown & RCV_SHUTDOWN)
667 timeo = rfcomm_sock_data_wait(sk, timeo);
669 if (signal_pending(current)) {
670 err = sock_intr_errno(timeo);
676 chunk = min_t(unsigned int, skb->len, size);
677 if (memcpy_toiovec(msg->msg_iov, skb->data, chunk)) {
678 skb_queue_head(&sk->sk_receive_queue, skb);
686 sock_recv_timestamp(msg, sk, skb);
688 if (!(flags & MSG_PEEK)) {
689 atomic_sub(chunk, &sk->sk_rmem_alloc);
691 skb_pull(skb, chunk);
693 skb_queue_head(&sk->sk_receive_queue, skb);
699 /* put message back and return */
700 skb_queue_head(&sk->sk_receive_queue, skb);
706 if (atomic_read(&sk->sk_rmem_alloc) <= (sk->sk_rcvbuf >> 2))
707 rfcomm_dlc_unthrottle(rfcomm_pi(sk)->dlc);
710 return copied ? : err;
713 static int rfcomm_sock_setsockopt(struct socket *sock, int level, int optname, char __user *optval, int optlen)
715 struct sock *sk = sock->sk;
725 if (get_user(opt, (u32 __user *) optval)) {
730 rfcomm_pi(sk)->link_mode = opt;
742 static int rfcomm_sock_getsockopt(struct socket *sock, int level, int optname, char __user *optval, int __user *optlen)
744 struct sock *sk = sock->sk;
745 struct sock *l2cap_sk;
746 struct rfcomm_conninfo cinfo;
751 if (get_user(len, optlen))
758 if (put_user(rfcomm_pi(sk)->link_mode, (u32 __user *) optval))
762 case RFCOMM_CONNINFO:
763 if (sk->sk_state != BT_CONNECTED) {
768 l2cap_sk = rfcomm_pi(sk)->dlc->session->sock->sk;
770 cinfo.hci_handle = l2cap_pi(l2cap_sk)->conn->hcon->handle;
771 memcpy(cinfo.dev_class, l2cap_pi(l2cap_sk)->conn->hcon->dev_class, 3);
773 len = min_t(unsigned int, len, sizeof(cinfo));
774 if (copy_to_user(optval, (char *) &cinfo, len))
788 static int rfcomm_sock_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
790 #if defined(CONFIG_BT_RFCOMM_TTY) || defined(CONFIG_BT_RFCOMM_DEBUG)
791 struct sock *sk = sock->sk;
795 BT_DBG("sk %p cmd %x arg %lx", sock, cmd, arg);
797 err = bt_sock_ioctl(sock, cmd, arg);
799 if (err == -ENOIOCTLCMD) {
800 #ifdef CONFIG_BT_RFCOMM_TTY
802 err = rfcomm_dev_ioctl(sk, cmd, (void __user *) arg);
812 static int rfcomm_sock_shutdown(struct socket *sock, int how)
814 struct sock *sk = sock->sk;
817 BT_DBG("sock %p, sk %p", sock, sk);
822 if (!sk->sk_shutdown) {
823 sk->sk_shutdown = SHUTDOWN_MASK;
824 __rfcomm_sock_close(sk);
826 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime)
827 err = bt_sock_wait_state(sk, BT_CLOSED, sk->sk_lingertime);
833 static int rfcomm_sock_release(struct socket *sock)
835 struct sock *sk = sock->sk;
838 BT_DBG("sock %p, sk %p", sock, sk);
843 err = rfcomm_sock_shutdown(sock, 2);
846 rfcomm_sock_kill(sk);
850 /* ---- RFCOMM core layer callbacks ----
852 * called under rfcomm_lock()
854 int rfcomm_connect_ind(struct rfcomm_session *s, u8 channel, struct rfcomm_dlc **d)
856 struct sock *sk, *parent;
860 BT_DBG("session %p channel %d", s, channel);
862 rfcomm_session_getaddr(s, &src, &dst);
864 /* Check if we have socket listening on channel */
865 parent = rfcomm_get_sock_by_channel(BT_LISTEN, channel, &src);
869 /* Check for backlog size */
870 if (sk_acceptq_is_full(parent)) {
871 BT_DBG("backlog full %d", parent->sk_ack_backlog);
875 sk = rfcomm_sock_alloc(sock_net(parent), NULL, BTPROTO_RFCOMM, GFP_ATOMIC);
879 rfcomm_sock_init(sk, parent);
880 bacpy(&bt_sk(sk)->src, &src);
881 bacpy(&bt_sk(sk)->dst, &dst);
882 rfcomm_pi(sk)->channel = channel;
884 sk->sk_state = BT_CONFIG;
885 bt_accept_enqueue(parent, sk);
887 /* Accept connection and return socket DLC */
888 *d = rfcomm_pi(sk)->dlc;
892 bh_unlock_sock(parent);
896 static ssize_t rfcomm_sock_sysfs_show(struct class *dev, char *buf)
899 struct hlist_node *node;
902 read_lock_bh(&rfcomm_sk_list.lock);
904 sk_for_each(sk, node, &rfcomm_sk_list.head) {
905 str += sprintf(str, "%s %s %d %d\n",
906 batostr(&bt_sk(sk)->src), batostr(&bt_sk(sk)->dst),
907 sk->sk_state, rfcomm_pi(sk)->channel);
910 read_unlock_bh(&rfcomm_sk_list.lock);
915 static CLASS_ATTR(rfcomm, S_IRUGO, rfcomm_sock_sysfs_show, NULL);
917 static const struct proto_ops rfcomm_sock_ops = {
918 .family = PF_BLUETOOTH,
919 .owner = THIS_MODULE,
920 .release = rfcomm_sock_release,
921 .bind = rfcomm_sock_bind,
922 .connect = rfcomm_sock_connect,
923 .listen = rfcomm_sock_listen,
924 .accept = rfcomm_sock_accept,
925 .getname = rfcomm_sock_getname,
926 .sendmsg = rfcomm_sock_sendmsg,
927 .recvmsg = rfcomm_sock_recvmsg,
928 .shutdown = rfcomm_sock_shutdown,
929 .setsockopt = rfcomm_sock_setsockopt,
930 .getsockopt = rfcomm_sock_getsockopt,
931 .ioctl = rfcomm_sock_ioctl,
932 .poll = bt_sock_poll,
933 .socketpair = sock_no_socketpair,
937 static struct net_proto_family rfcomm_sock_family_ops = {
938 .family = PF_BLUETOOTH,
939 .owner = THIS_MODULE,
940 .create = rfcomm_sock_create
943 int __init rfcomm_init_sockets(void)
947 err = proto_register(&rfcomm_proto, 0);
951 err = bt_sock_register(BTPROTO_RFCOMM, &rfcomm_sock_family_ops);
955 if (class_create_file(bt_class, &class_attr_rfcomm) < 0)
956 BT_ERR("Failed to create RFCOMM info file");
958 BT_INFO("RFCOMM socket layer initialized");
963 BT_ERR("RFCOMM socket layer registration failed");
964 proto_unregister(&rfcomm_proto);
968 void __exit rfcomm_cleanup_sockets(void)
970 class_remove_file(bt_class, &class_attr_rfcomm);
972 if (bt_sock_unregister(BTPROTO_RFCOMM) < 0)
973 BT_ERR("RFCOMM socket layer unregistration failed");
975 proto_unregister(&rfcomm_proto);
git.openpandora.org / pandora-kernel.git / blob