#define BT_DBG(D...)
#endif
-#define VERSION "2.9"
+#define VERSION "2.11"
static u32 l2cap_feat_mask = 0x0000;
static void l2cap_sock_timeout(unsigned long arg)
{
struct sock *sk = (struct sock *) arg;
+ int reason;
BT_DBG("sock %p state %d", sk, sk->sk_state);
bh_lock_sock(sk);
- __l2cap_sock_close(sk, ETIMEDOUT);
+
+ if (sk->sk_state == BT_CONNECT &&
+ (l2cap_pi(sk)->link_mode & (L2CAP_LM_AUTH |
+ L2CAP_LM_ENCRYPT | L2CAP_LM_SECURE)))
+ reason = ECONNREFUSED;
+ else
+ reason = ETIMEDOUT;
+
+ __l2cap_sock_close(sk, reason);
+
bh_unlock_sock(sk);
l2cap_sock_kill(sk);
hci_conn_put(conn->hcon);
}
- sk->sk_state = BT_CLOSED;
+ sk->sk_state = BT_CLOSED;
sock_set_flag(sk, SOCK_ZAPPED);
if (err)
sk->sk_state_change(sk);
}
+/* Service level security */
+static inline int l2cap_check_link_mode(struct sock *sk)
+{
+ struct l2cap_conn *conn = l2cap_pi(sk)->conn;
+
+ if ((l2cap_pi(sk)->link_mode & L2CAP_LM_ENCRYPT) ||
+ (l2cap_pi(sk)->link_mode & L2CAP_LM_SECURE))
+ return hci_conn_encrypt(conn->hcon);
+
+ if (l2cap_pi(sk)->link_mode & L2CAP_LM_AUTH)
+ return hci_conn_auth(conn->hcon);
+
+ return 1;
+}
+
static inline u8 l2cap_get_ident(struct l2cap_conn *conn)
{
u8 id;
return hci_send_acl(conn->hcon, skb, 0);
}
+static void l2cap_do_start(struct sock *sk)
+{
+ struct l2cap_conn *conn = l2cap_pi(sk)->conn;
+
+ if (conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_SENT) {
+ if (l2cap_check_link_mode(sk)) {
+ struct l2cap_conn_req req;
+ req.scid = cpu_to_le16(l2cap_pi(sk)->scid);
+ req.psm = l2cap_pi(sk)->psm;
+
+ l2cap_pi(sk)->ident = l2cap_get_ident(conn);
+
+ l2cap_send_cmd(conn, l2cap_pi(sk)->ident,
+ L2CAP_CONN_REQ, sizeof(req), &req);
+ }
+ } else {
+ struct l2cap_info_req req;
+ req.type = cpu_to_le16(L2CAP_IT_FEAT_MASK);
+
+ conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_SENT;
+ conn->info_ident = l2cap_get_ident(conn);
+
+ mod_timer(&conn->info_timer, jiffies +
+ msecs_to_jiffies(L2CAP_INFO_TIMEOUT));
+
+ l2cap_send_cmd(conn, conn->info_ident,
+ L2CAP_INFO_REQ, sizeof(req), &req);
+ }
+}
+
/* ---- L2CAP connections ---- */
static void l2cap_conn_start(struct l2cap_conn *conn)
{
bh_lock_sock(sk);
if (sk->sk_type != SOCK_SEQPACKET) {
- l2cap_sock_clear_timer(sk);
- sk->sk_state = BT_CONNECTED;
- sk->sk_state_change(sk);
- } else if (sk->sk_state == BT_CONNECT) {
- struct l2cap_conn_req req;
- l2cap_pi(sk)->ident = l2cap_get_ident(conn);
- req.scid = cpu_to_le16(l2cap_pi(sk)->scid);
- req.psm = l2cap_pi(sk)->psm;
- l2cap_send_cmd(conn, l2cap_pi(sk)->ident,
+ bh_unlock_sock(sk);
+ continue;
+ }
+
+ if (sk->sk_state == BT_CONNECT) {
+ if (l2cap_check_link_mode(sk)) {
+ struct l2cap_conn_req req;
+ req.scid = cpu_to_le16(l2cap_pi(sk)->scid);
+ req.psm = l2cap_pi(sk)->psm;
+
+ l2cap_pi(sk)->ident = l2cap_get_ident(conn);
+
+ l2cap_send_cmd(conn, l2cap_pi(sk)->ident,
L2CAP_CONN_REQ, sizeof(req), &req);
+ }
+ } else if (sk->sk_state == BT_CONNECT2) {
+ struct l2cap_conn_rsp rsp;
+ rsp.scid = cpu_to_le16(l2cap_pi(sk)->dcid);
+ rsp.dcid = cpu_to_le16(l2cap_pi(sk)->scid);
+
+ if (l2cap_check_link_mode(sk)) {
+ sk->sk_state = BT_CONFIG;
+ rsp.result = cpu_to_le16(L2CAP_CR_SUCCESS);
+ rsp.status = cpu_to_le16(L2CAP_CS_NO_INFO);
+ } else {
+ rsp.result = cpu_to_le16(L2CAP_CR_PEND);
+ rsp.status = cpu_to_le16(L2CAP_CS_AUTHEN_PEND);
+ }
+
+ l2cap_send_cmd(conn, l2cap_pi(sk)->ident,
+ L2CAP_CONN_RSP, sizeof(rsp), &rsp);
}
bh_unlock_sock(sk);
static void l2cap_conn_ready(struct l2cap_conn *conn)
{
- BT_DBG("conn %p", conn);
+ struct l2cap_chan_list *l = &conn->chan_list;
+ struct sock *sk;
- if (conn->chan_list.head || !hlist_empty(&l2cap_sk_list.head)) {
- struct l2cap_info_req req;
+ BT_DBG("conn %p", conn);
- req.type = cpu_to_le16(L2CAP_IT_FEAT_MASK);
+ read_lock(&l->lock);
- conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_SENT;
- conn->info_ident = l2cap_get_ident(conn);
+ for (sk = l->head; sk; sk = l2cap_pi(sk)->next_c) {
+ bh_lock_sock(sk);
- mod_timer(&conn->info_timer,
- jiffies + msecs_to_jiffies(L2CAP_INFO_TIMEOUT));
+ if (sk->sk_type != SOCK_SEQPACKET) {
+ l2cap_sock_clear_timer(sk);
+ sk->sk_state = BT_CONNECTED;
+ sk->sk_state_change(sk);
+ } else if (sk->sk_state == BT_CONNECT)
+ l2cap_do_start(sk);
- l2cap_send_cmd(conn, conn->info_ident,
- L2CAP_INFO_REQ, sizeof(req), &req);
+ bh_unlock_sock(sk);
}
+
+ read_unlock(&l->lock);
}
/* Notify sockets that we cannot guaranty reliability anymore */
conn->feat_mask = 0;
- setup_timer(&conn->info_timer, l2cap_info_timeout, (unsigned long)conn);
+ setup_timer(&conn->info_timer, l2cap_info_timeout,
+ (unsigned long) conn);
spin_lock_init(&conn->lock);
rwlock_init(&conn->chan_list.lock);
while ((sk = bt_accept_dequeue(parent, NULL)))
l2cap_sock_close(sk);
- parent->sk_state = BT_CLOSED;
+ parent->sk_state = BT_CLOSED;
sock_set_flag(parent, SOCK_ZAPPED);
}
req.scid = cpu_to_le16(l2cap_pi(sk)->scid);
l2cap_send_cmd(conn, l2cap_get_ident(conn),
L2CAP_DISCONN_REQ, sizeof(req), &req);
- } else {
+ } else
l2cap_chan_del(sk, reason);
- }
break;
case BT_CONNECT:
sock_reset_flag(sk, SOCK_ZAPPED);
sk->sk_protocol = proto;
- sk->sk_state = BT_OPEN;
+ sk->sk_state = BT_OPEN;
- setup_timer(&sk->sk_timer, l2cap_sock_timeout, (unsigned long)sk);
+ setup_timer(&sk->sk_timer, l2cap_sock_timeout, (unsigned long) sk);
bt_sock_link(&l2cap_sk_list, sk);
return sk;
struct l2cap_conn *conn;
struct hci_conn *hcon;
struct hci_dev *hdev;
+ __u8 auth_type;
int err = 0;
BT_DBG("%s -> %s psm 0x%2.2x", batostr(src), batostr(dst), l2cap_pi(sk)->psm);
err = -ENOMEM;
- hcon = hci_connect(hdev, ACL_LINK, dst);
+ if (l2cap_pi(sk)->link_mode & L2CAP_LM_AUTH ||
+ l2cap_pi(sk)->link_mode & L2CAP_LM_ENCRYPT ||
+ l2cap_pi(sk)->link_mode & L2CAP_LM_SECURE) {
+ if (l2cap_pi(sk)->psm == cpu_to_le16(0x0001))
+ auth_type = HCI_AT_NO_BONDING_MITM;
+ else
+ auth_type = HCI_AT_GENERAL_BONDING_MITM;
+ } else {
+ if (l2cap_pi(sk)->psm == cpu_to_le16(0x0001))
+ auth_type = HCI_AT_NO_BONDING;
+ else
+ auth_type = HCI_AT_GENERAL_BONDING;
+ }
+
+ hcon = hci_connect(hdev, ACL_LINK, dst, auth_type);
if (!hcon)
goto done;
l2cap_sock_set_timer(sk, sk->sk_sndtimeo);
if (hcon->state == BT_CONNECTED) {
- if (!(conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_SENT)) {
- l2cap_conn_ready(conn);
- goto done;
- }
-
- if (sk->sk_type == SOCK_SEQPACKET) {
- struct l2cap_conn_req req;
- l2cap_pi(sk)->ident = l2cap_get_ident(conn);
- req.scid = cpu_to_le16(l2cap_pi(sk)->scid);
- req.psm = l2cap_pi(sk)->psm;
- l2cap_send_cmd(conn, l2cap_pi(sk)->ident,
- L2CAP_CONN_REQ, sizeof(req), &req);
- } else {
+ if (sk->sk_type != SOCK_SEQPACKET) {
l2cap_sock_clear_timer(sk);
sk->sk_state = BT_CONNECTED;
- }
+ } else
+ l2cap_do_start(sk);
}
done:
__l2cap_sock_close(sk, 0);
if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime)
- err = bt_sock_wait_state(sk, BT_CLOSED, sk->sk_lingertime);
+ err = bt_sock_wait_state(sk, BT_CLOSED,
+ sk->sk_lingertime);
}
release_sock(sk);
return err;
*/
parent->sk_data_ready(parent, 0);
}
+
+ if (l2cap_pi(sk)->link_mode & L2CAP_LM_SECURE) {
+ struct l2cap_conn *conn = l2cap_pi(sk)->conn;
+ hci_conn_change_link_key(conn->hcon);
+ }
}
/* Copy frame to all raw sockets on that connection */
struct l2cap_conn_req *req = (struct l2cap_conn_req *) data;
struct l2cap_conn_rsp rsp;
struct sock *sk, *parent;
- int result = 0, status = 0;
+ int result, status = L2CAP_CS_NO_INFO;
u16 dcid = 0, scid = __le16_to_cpu(req->scid);
- __le16 psm = req->psm;
+ __le16 psm = req->psm;
BT_DBG("psm 0x%2.2x scid 0x%4.4x", psm, scid);
goto sendresp;
}
+ /* Check if the ACL is secure enough (if not SDP) */
+ if (psm != cpu_to_le16(0x0001) &&
+ !hci_conn_check_link_mode(conn->hcon)) {
+ result = L2CAP_CR_SEC_BLOCK;
+ goto response;
+ }
+
result = L2CAP_CR_NO_MEM;
/* Check for backlog size */
l2cap_sock_set_timer(sk, sk->sk_sndtimeo);
- /* Service level security */
- result = L2CAP_CR_PEND;
- status = L2CAP_CS_AUTHEN_PEND;
- sk->sk_state = BT_CONNECT2;
l2cap_pi(sk)->ident = cmd->ident;
- if ((l2cap_pi(sk)->link_mode & L2CAP_LM_ENCRYPT) ||
- (l2cap_pi(sk)->link_mode & L2CAP_LM_SECURE)) {
- if (!hci_conn_encrypt(conn->hcon))
- goto done;
- } else if (l2cap_pi(sk)->link_mode & L2CAP_LM_AUTH) {
- if (!hci_conn_auth(conn->hcon))
- goto done;
+ if (conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_SENT) {
+ if (l2cap_check_link_mode(sk)) {
+ sk->sk_state = BT_CONFIG;
+ result = L2CAP_CR_SUCCESS;
+ status = L2CAP_CS_NO_INFO;
+ } else {
+ sk->sk_state = BT_CONNECT2;
+ result = L2CAP_CR_PEND;
+ status = L2CAP_CS_AUTHEN_PEND;
+ }
+ } else {
+ sk->sk_state = BT_CONNECT2;
+ result = L2CAP_CR_PEND;
+ status = L2CAP_CS_NO_INFO;
}
- sk->sk_state = BT_CONFIG;
- result = status = 0;
-
-done:
write_unlock_bh(&list->lock);
response:
rsp.result = cpu_to_le16(result);
rsp.status = cpu_to_le16(status);
l2cap_send_cmd(conn, cmd->ident, L2CAP_CONN_RSP, sizeof(rsp), &rsp);
+
+ if (result == L2CAP_CR_PEND && status == L2CAP_CS_NO_INFO) {
+ struct l2cap_info_req info;
+ info.type = cpu_to_le16(L2CAP_IT_FEAT_MASK);
+
+ conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_SENT;
+ conn->info_ident = l2cap_get_ident(conn);
+
+ mod_timer(&conn->info_timer, jiffies +
+ msecs_to_jiffies(L2CAP_INFO_TIMEOUT));
+
+ l2cap_send_cmd(conn, conn->info_ident,
+ L2CAP_INFO_REQ, sizeof(info), &info);
+ }
+
return 0;
}
}
if (!(l2cap_pi(sk)->conf_state & L2CAP_CONF_REQ_SENT)) {
- u8 req[64];
+ u8 buf[64];
l2cap_send_cmd(conn, l2cap_get_ident(conn), L2CAP_CONF_REQ,
- l2cap_build_conf_req(sk, req), req);
+ l2cap_build_conf_req(sk, buf), buf);
}
unlock:
default:
sk->sk_state = BT_DISCONN;
- sk->sk_err = ECONNRESET;
+ sk->sk_err = ECONNRESET;
l2cap_sock_set_timer(sk, HZ * 5);
{
struct l2cap_disconn_req req;
static int l2cap_auth_cfm(struct hci_conn *hcon, u8 status)
{
struct l2cap_chan_list *l;
- struct l2cap_conn *conn = conn = hcon->l2cap_data;
- struct l2cap_conn_rsp rsp;
+ struct l2cap_conn *conn = hcon->l2cap_data;
struct sock *sk;
- int result;
if (!conn)
return 0;
read_lock(&l->lock);
for (sk = l->head; sk; sk = l2cap_pi(sk)->next_c) {
+ struct l2cap_pinfo *pi = l2cap_pi(sk);
+
bh_lock_sock(sk);
- if (sk->sk_state != BT_CONNECT2 ||
- (l2cap_pi(sk)->link_mode & L2CAP_LM_ENCRYPT) ||
- (l2cap_pi(sk)->link_mode & L2CAP_LM_SECURE)) {
+ if ((pi->link_mode & (L2CAP_LM_ENCRYPT | L2CAP_LM_SECURE)) &&
+ !(hcon->link_mode & HCI_LM_ENCRYPT) &&
+ !status) {
bh_unlock_sock(sk);
continue;
}
- if (!status) {
- sk->sk_state = BT_CONFIG;
- result = 0;
- } else {
- sk->sk_state = BT_DISCONN;
- l2cap_sock_set_timer(sk, HZ/10);
- result = L2CAP_CR_SEC_BLOCK;
- }
+ if (sk->sk_state == BT_CONNECT) {
+ if (!status) {
+ struct l2cap_conn_req req;
+ req.scid = cpu_to_le16(l2cap_pi(sk)->scid);
+ req.psm = l2cap_pi(sk)->psm;
- rsp.scid = cpu_to_le16(l2cap_pi(sk)->dcid);
- rsp.dcid = cpu_to_le16(l2cap_pi(sk)->scid);
- rsp.result = cpu_to_le16(result);
- rsp.status = cpu_to_le16(0);
- l2cap_send_cmd(conn, l2cap_pi(sk)->ident,
- L2CAP_CONN_RSP, sizeof(rsp), &rsp);
+ l2cap_pi(sk)->ident = l2cap_get_ident(conn);
+
+ l2cap_send_cmd(conn, l2cap_pi(sk)->ident,
+ L2CAP_CONN_REQ, sizeof(req), &req);
+ } else {
+ l2cap_sock_clear_timer(sk);
+ l2cap_sock_set_timer(sk, HZ / 10);
+ }
+ } else if (sk->sk_state == BT_CONNECT2) {
+ struct l2cap_conn_rsp rsp;
+ __u16 result;
+
+ if (!status) {
+ sk->sk_state = BT_CONFIG;
+ result = L2CAP_CR_SUCCESS;
+ } else {
+ sk->sk_state = BT_DISCONN;
+ l2cap_sock_set_timer(sk, HZ / 10);
+ result = L2CAP_CR_SEC_BLOCK;
+ }
+
+ rsp.scid = cpu_to_le16(l2cap_pi(sk)->dcid);
+ rsp.dcid = cpu_to_le16(l2cap_pi(sk)->scid);
+ rsp.result = cpu_to_le16(result);
+ rsp.status = cpu_to_le16(L2CAP_CS_NO_INFO);
+ l2cap_send_cmd(conn, l2cap_pi(sk)->ident,
+ L2CAP_CONN_RSP, sizeof(rsp), &rsp);
+ }
bh_unlock_sock(sk);
}
read_unlock(&l->lock);
+
return 0;
}
-static int l2cap_encrypt_cfm(struct hci_conn *hcon, u8 status)
+static int l2cap_encrypt_cfm(struct hci_conn *hcon, u8 status, u8 encrypt)
{
struct l2cap_chan_list *l;
struct l2cap_conn *conn = hcon->l2cap_data;
- struct l2cap_conn_rsp rsp;
struct sock *sk;
- int result;
if (!conn)
return 0;
read_lock(&l->lock);
for (sk = l->head; sk; sk = l2cap_pi(sk)->next_c) {
+ struct l2cap_pinfo *pi = l2cap_pi(sk);
+
bh_lock_sock(sk);
- if (sk->sk_state != BT_CONNECT2) {
+ if ((pi->link_mode & (L2CAP_LM_ENCRYPT | L2CAP_LM_SECURE)) &&
+ (sk->sk_state == BT_CONNECTED ||
+ sk->sk_state == BT_CONFIG) &&
+ !status && encrypt == 0x00) {
+ __l2cap_sock_close(sk, ECONNREFUSED);
bh_unlock_sock(sk);
continue;
}
- if (!status) {
- sk->sk_state = BT_CONFIG;
- result = 0;
- } else {
- sk->sk_state = BT_DISCONN;
- l2cap_sock_set_timer(sk, HZ/10);
- result = L2CAP_CR_SEC_BLOCK;
- }
+ if (sk->sk_state == BT_CONNECT) {
+ if (!status) {
+ struct l2cap_conn_req req;
+ req.scid = cpu_to_le16(l2cap_pi(sk)->scid);
+ req.psm = l2cap_pi(sk)->psm;
- rsp.scid = cpu_to_le16(l2cap_pi(sk)->dcid);
- rsp.dcid = cpu_to_le16(l2cap_pi(sk)->scid);
- rsp.result = cpu_to_le16(result);
- rsp.status = cpu_to_le16(0);
- l2cap_send_cmd(conn, l2cap_pi(sk)->ident,
- L2CAP_CONN_RSP, sizeof(rsp), &rsp);
+ l2cap_pi(sk)->ident = l2cap_get_ident(conn);
- if (l2cap_pi(sk)->link_mode & L2CAP_LM_SECURE)
- hci_conn_change_link_key(hcon);
+ l2cap_send_cmd(conn, l2cap_pi(sk)->ident,
+ L2CAP_CONN_REQ, sizeof(req), &req);
+ } else {
+ l2cap_sock_clear_timer(sk);
+ l2cap_sock_set_timer(sk, HZ / 10);
+ }
+ } else if (sk->sk_state == BT_CONNECT2) {
+ struct l2cap_conn_rsp rsp;
+ __u16 result;
+
+ if (!status) {
+ sk->sk_state = BT_CONFIG;
+ result = L2CAP_CR_SUCCESS;
+ } else {
+ sk->sk_state = BT_DISCONN;
+ l2cap_sock_set_timer(sk, HZ / 10);
+ result = L2CAP_CR_SEC_BLOCK;
+ }
+
+ rsp.scid = cpu_to_le16(l2cap_pi(sk)->dcid);
+ rsp.dcid = cpu_to_le16(l2cap_pi(sk)->scid);
+ rsp.result = cpu_to_le16(result);
+ rsp.status = cpu_to_le16(L2CAP_CS_NO_INFO);
+ l2cap_send_cmd(conn, l2cap_pi(sk)->ident,
+ L2CAP_CONN_RSP, sizeof(rsp), &rsp);
+ }
bh_unlock_sock(sk);
}
read_unlock(&l->lock);
+
return 0;
}
.sendmsg = l2cap_sock_sendmsg,
.recvmsg = bt_sock_recvmsg,
.poll = bt_sock_poll,
+ .ioctl = bt_sock_ioctl,
.mmap = sock_no_mmap,
.socketpair = sock_no_socketpair,
- .ioctl = sock_no_ioctl,
.shutdown = l2cap_sock_shutdown,
.setsockopt = l2cap_sock_setsockopt,
.getsockopt = l2cap_sock_getsockopt
module_init(l2cap_init);
module_exit(l2cap_exit);
-MODULE_AUTHOR("Maxim Krasnyansky <maxk@qualcomm.com>, Marcel Holtmann <marcel@holtmann.org>");
+MODULE_AUTHOR("Marcel Holtmann <marcel@holtmann.org>");
MODULE_DESCRIPTION("Bluetooth L2CAP ver " VERSION);
MODULE_VERSION(VERSION);
MODULE_LICENSE("GPL");
git.openpandora.org / pandora-kernel.git / blobdiff