1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30#include <linux/module.h>
31
32#include <linux/types.h>
33#include <linux/errno.h>
34#include <linux/kernel.h>
35#include <linux/sched.h>
36#include <linux/slab.h>
37#include <linux/poll.h>
38#include <linux/fcntl.h>
39#include <linux/init.h>
40#include <linux/interrupt.h>
41#include <linux/socket.h>
42#include <linux/skbuff.h>
43#include <linux/list.h>
44#include <linux/device.h>
45#include <net/sock.h>
46
47#include <asm/system.h>
48#include <asm/uaccess.h>
49
50#include <net/bluetooth/bluetooth.h>
51#include <net/bluetooth/hci_core.h>
52#include <net/bluetooth/l2cap.h>
53#include <net/bluetooth/rfcomm.h>
54
55#ifndef CONFIG_BT_RFCOMM_DEBUG
56#undef BT_DBG
57#define BT_DBG(D...)
58#endif
59
60static const struct proto_ops rfcomm_sock_ops;
61
62static struct bt_sock_list rfcomm_sk_list = {
63 .lock = RW_LOCK_UNLOCKED
64};
65
66static void rfcomm_sock_close(struct sock *sk);
67static void rfcomm_sock_kill(struct sock *sk);
68
69
70
71
72
73static void rfcomm_sk_data_ready(struct rfcomm_dlc *d, struct sk_buff *skb)
74{
75 struct sock *sk = d->owner;
76 if (!sk)
77 return;
78
79 atomic_add(skb->len, &sk->sk_rmem_alloc);
80 skb_queue_tail(&sk->sk_receive_queue, skb);
81 sk->sk_data_ready(sk, skb->len);
82
83 if (atomic_read(&sk->sk_rmem_alloc) >= sk->sk_rcvbuf)
84 rfcomm_dlc_throttle(d);
85}
86
87static void rfcomm_sk_state_change(struct rfcomm_dlc *d, int err)
88{
89 struct sock *sk = d->owner, *parent;
90 if (!sk)
91 return;
92
93 BT_DBG("dlc %p state %ld err %d", d, d->state, err);
94
95 bh_lock_sock(sk);
96
97 if (err)
98 sk->sk_err = err;
99
100 sk->sk_state = d->state;
101
102 parent = bt_sk(sk)->parent;
103 if (parent) {
104 if (d->state == BT_CLOSED) {
105 sock_set_flag(sk, SOCK_ZAPPED);
106 bt_accept_unlink(sk);
107 }
108 parent->sk_data_ready(parent, 0);
109 } else {
110 if (d->state == BT_CONNECTED)
111 rfcomm_session_getaddr(d->session, &bt_sk(sk)->src, NULL);
112 sk->sk_state_change(sk);
113 }
114
115 bh_unlock_sock(sk);
116
117 if (parent && sock_flag(sk, SOCK_ZAPPED)) {
118
119
120 rfcomm_dlc_unlock(d);
121 rfcomm_sock_kill(sk);
122 rfcomm_dlc_lock(d);
123 }
124}
125
126
127static struct sock *__rfcomm_get_sock_by_addr(u8 channel, bdaddr_t *src)
128{
129 struct sock *sk = NULL;
130 struct hlist_node *node;
131
132 sk_for_each(sk, node, &rfcomm_sk_list.head) {
133 if (rfcomm_pi(sk)->channel == channel &&
134 !bacmp(&bt_sk(sk)->src, src))
135 break;
136 }
137
138 return node ? sk : NULL;
139}
140
141
142
143
144static struct sock *__rfcomm_get_sock_by_channel(int state, u8 channel, bdaddr_t *src)
145{
146 struct sock *sk = NULL, *sk1 = NULL;
147 struct hlist_node *node;
148
149 sk_for_each(sk, node, &rfcomm_sk_list.head) {
150 if (state && sk->sk_state != state)
151 continue;
152
153 if (rfcomm_pi(sk)->channel == channel) {
154
155 if (!bacmp(&bt_sk(sk)->src, src))
156 break;
157
158
159 if (!bacmp(&bt_sk(sk)->src, BDADDR_ANY))
160 sk1 = sk;
161 }
162 }
163 return node ? sk : sk1;
164}
165
166
167
168static inline struct sock *rfcomm_get_sock_by_channel(int state, u8 channel, bdaddr_t *src)
169{
170 struct sock *s;
171 read_lock(&rfcomm_sk_list.lock);
172 s = __rfcomm_get_sock_by_channel(state, channel, src);
173 if (s) bh_lock_sock(s);
174 read_unlock(&rfcomm_sk_list.lock);
175 return s;
176}
177
178static void rfcomm_sock_destruct(struct sock *sk)
179{
180 struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc;
181
182 BT_DBG("sk %p dlc %p", sk, d);
183
184 skb_queue_purge(&sk->sk_receive_queue);
185 skb_queue_purge(&sk->sk_write_queue);
186
187 rfcomm_dlc_lock(d);
188 rfcomm_pi(sk)->dlc = NULL;
189
190
191 if (d->owner == sk)
192 d->owner = NULL;
193 rfcomm_dlc_unlock(d);
194
195 rfcomm_dlc_put(d);
196}
197
198static void rfcomm_sock_cleanup_listen(struct sock *parent)
199{
200 struct sock *sk;
201
202 BT_DBG("parent %p", parent);
203
204
205 while ((sk = bt_accept_dequeue(parent, NULL))) {
206 rfcomm_sock_close(sk);
207 rfcomm_sock_kill(sk);
208 }
209
210 parent->sk_state = BT_CLOSED;
211 sock_set_flag(parent, SOCK_ZAPPED);
212}
213
214
215
216
217static void rfcomm_sock_kill(struct sock *sk)
218{
219 if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket)
220 return;
221
222 BT_DBG("sk %p state %d refcnt %d", sk, sk->sk_state, atomic_read(&sk->sk_refcnt));
223
224
225 bt_sock_unlink(&rfcomm_sk_list, sk);
226 sock_set_flag(sk, SOCK_DEAD);
227 sock_put(sk);
228}
229
230static void __rfcomm_sock_close(struct sock *sk)
231{
232 struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc;
233
234 BT_DBG("sk %p state %d socket %p", sk, sk->sk_state, sk->sk_socket);
235
236 switch (sk->sk_state) {
237 case BT_LISTEN:
238 rfcomm_sock_cleanup_listen(sk);
239 break;
240
241 case BT_CONNECT:
242 case BT_CONNECT2:
243 case BT_CONFIG:
244 case BT_CONNECTED:
245 rfcomm_dlc_close(d, 0);
246
247 default:
248 sock_set_flag(sk, SOCK_ZAPPED);
249 break;
250 }
251}
252
253
254
255
256static void rfcomm_sock_close(struct sock *sk)
257{
258 lock_sock(sk);
259 __rfcomm_sock_close(sk);
260 release_sock(sk);
261}
262
263static void rfcomm_sock_init(struct sock *sk, struct sock *parent)
264{
265 struct rfcomm_pinfo *pi = rfcomm_pi(sk);
266
267 BT_DBG("sk %p", sk);
268
269 if (parent) {
270 sk->sk_type = parent->sk_type;
271 pi->link_mode = rfcomm_pi(parent)->link_mode;
272 } else {
273 pi->link_mode = 0;
274 }
275
276 pi->dlc->link_mode = pi->link_mode;
277}
278
279static struct proto rfcomm_proto = {
280 .name = "RFCOMM",
281 .owner = THIS_MODULE,
282 .obj_size = sizeof(struct rfcomm_pinfo)
283};
284
285static struct sock *rfcomm_sock_alloc(struct net *net, struct socket *sock, int proto, gfp_t prio)
286{
287 struct rfcomm_dlc *d;
288 struct sock *sk;
289
290 sk = sk_alloc(net, PF_BLUETOOTH, prio, &rfcomm_proto);
291 if (!sk)
292 return NULL;
293
294 sock_init_data(sock, sk);
295 INIT_LIST_HEAD(&bt_sk(sk)->accept_q);
296
297 d = rfcomm_dlc_alloc(prio);
298 if (!d) {
299 sk_free(sk);
300 return NULL;
301 }
302
303 d->data_ready = rfcomm_sk_data_ready;
304 d->state_change = rfcomm_sk_state_change;
305
306 rfcomm_pi(sk)->dlc = d;
307 d->owner = sk;
308
309 sk->sk_destruct = rfcomm_sock_destruct;
310 sk->sk_sndtimeo = RFCOMM_CONN_TIMEOUT;
311
312 sk->sk_sndbuf = RFCOMM_MAX_CREDITS * RFCOMM_DEFAULT_MTU * 10;
313 sk->sk_rcvbuf = RFCOMM_MAX_CREDITS * RFCOMM_DEFAULT_MTU * 10;
314
315 sock_reset_flag(sk, SOCK_ZAPPED);
316
317 sk->sk_protocol = proto;
318 sk->sk_state = BT_OPEN;
319
320 bt_sock_link(&rfcomm_sk_list, sk);
321
322 BT_DBG("sk %p", sk);
323 return sk;
324}
325
326static int rfcomm_sock_create(struct net *net, struct socket *sock, int protocol)
327{
328 struct sock *sk;
329
330 BT_DBG("sock %p", sock);
331
332 sock->state = SS_UNCONNECTED;
333
334 if (sock->type != SOCK_STREAM && sock->type != SOCK_RAW)
335 return -ESOCKTNOSUPPORT;
336
337 sock->ops = &rfcomm_sock_ops;
338
339 sk = rfcomm_sock_alloc(net, sock, protocol, GFP_ATOMIC);
340 if (!sk)
341 return -ENOMEM;
342
343 rfcomm_sock_init(sk, NULL);
344 return 0;
345}
346
347static int rfcomm_sock_bind(struct socket *sock, struct sockaddr *addr, int addr_len)
348{
349 struct sockaddr_rc *sa = (struct sockaddr_rc *) addr;
350 struct sock *sk = sock->sk;
351 int err = 0;
352
353 BT_DBG("sk %p %s", sk, batostr(&sa->rc_bdaddr));
354
355 if (!addr || addr->sa_family != AF_BLUETOOTH)
356 return -EINVAL;
357
358 lock_sock(sk);
359
360 if (sk->sk_state != BT_OPEN) {
361 err = -EBADFD;
362 goto done;
363 }
364
365 if (sk->sk_type != SOCK_STREAM) {
366 err = -EINVAL;
367 goto done;
368 }
369
370 write_lock_bh(&rfcomm_sk_list.lock);
371
372 if (sa->rc_channel && __rfcomm_get_sock_by_addr(sa->rc_channel, &sa->rc_bdaddr)) {
373 err = -EADDRINUSE;
374 } else {
375
376 bacpy(&bt_sk(sk)->src, &sa->rc_bdaddr);
377 rfcomm_pi(sk)->channel = sa->rc_channel;
378 sk->sk_state = BT_BOUND;
379 }
380
381 write_unlock_bh(&rfcomm_sk_list.lock);
382
383done:
384 release_sock(sk);
385 return err;
386}
387
388static int rfcomm_sock_connect(struct socket *sock, struct sockaddr *addr, int alen, int flags)
389{
390 struct sockaddr_rc *sa = (struct sockaddr_rc *) addr;
391 struct sock *sk = sock->sk;
392 struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc;
393 int err = 0;
394
395 BT_DBG("sk %p", sk);
396
397 if (addr->sa_family != AF_BLUETOOTH || alen < sizeof(struct sockaddr_rc))
398 return -EINVAL;
399
400 lock_sock(sk);
401
402 if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND) {
403 err = -EBADFD;
404 goto done;
405 }
406
407 if (sk->sk_type != SOCK_STREAM) {
408 err = -EINVAL;
409 goto done;
410 }
411
412 sk->sk_state = BT_CONNECT;
413 bacpy(&bt_sk(sk)->dst, &sa->rc_bdaddr);
414 rfcomm_pi(sk)->channel = sa->rc_channel;
415
416 err = rfcomm_dlc_open(d, &bt_sk(sk)->src, &sa->rc_bdaddr, sa->rc_channel);
417 if (!err)
418 err = bt_sock_wait_state(sk, BT_CONNECTED,
419 sock_sndtimeo(sk, flags & O_NONBLOCK));
420
421done:
422 release_sock(sk);
423 return err;
424}
425
426static int rfcomm_sock_listen(struct socket *sock, int backlog)
427{
428 struct sock *sk = sock->sk;
429 int err = 0;
430
431 BT_DBG("sk %p backlog %d", sk, backlog);
432
433 lock_sock(sk);
434
435 if (sk->sk_state != BT_BOUND) {
436 err = -EBADFD;
437 goto done;
438 }
439
440 if (sk->sk_type != SOCK_STREAM) {
441 err = -EINVAL;
442 goto done;
443 }
444
445 if (!rfcomm_pi(sk)->channel) {
446 bdaddr_t *src = &bt_sk(sk)->src;
447 u8 channel;
448
449 err = -EINVAL;
450
451 write_lock_bh(&rfcomm_sk_list.lock);
452
453 for (channel = 1; channel < 31; channel++)
454 if (!__rfcomm_get_sock_by_addr(channel, src)) {
455 rfcomm_pi(sk)->channel = channel;
456 err = 0;
457 break;
458 }
459
460 write_unlock_bh(&rfcomm_sk_list.lock);
461
462 if (err < 0)
463 goto done;
464 }
465
466 sk->sk_max_ack_backlog = backlog;
467 sk->sk_ack_backlog = 0;
468 sk->sk_state = BT_LISTEN;
469
470done:
471 release_sock(sk);
472 return err;
473}
474
475static int rfcomm_sock_accept(struct socket *sock, struct socket *newsock, int flags)
476{
477 DECLARE_WAITQUEUE(wait, current);
478 struct sock *sk = sock->sk, *nsk;
479 long timeo;
480 int err = 0;
481
482 lock_sock(sk);
483
484 if (sk->sk_state != BT_LISTEN) {
485 err = -EBADFD;
486 goto done;
487 }
488
489 if (sk->sk_type != SOCK_STREAM) {
490 err = -EINVAL;
491 goto done;
492 }
493
494 timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK);
495
496 BT_DBG("sk %p timeo %ld", sk, timeo);
497
498
499 add_wait_queue_exclusive(sk->sk_sleep, &wait);
500 while (!(nsk = bt_accept_dequeue(sk, newsock))) {
501 set_current_state(TASK_INTERRUPTIBLE);
502 if (!timeo) {
503 err = -EAGAIN;
504 break;
505 }
506
507 release_sock(sk);
508 timeo = schedule_timeout(timeo);
509 lock_sock(sk);
510
511 if (sk->sk_state != BT_LISTEN) {
512 err = -EBADFD;
513 break;
514 }
515
516 if (signal_pending(current)) {
517 err = sock_intr_errno(timeo);
518 break;
519 }
520 }
521 set_current_state(TASK_RUNNING);
522 remove_wait_queue(sk->sk_sleep, &wait);
523
524 if (err)
525 goto done;
526
527 newsock->state = SS_CONNECTED;
528
529 BT_DBG("new socket %p", nsk);
530
531done:
532 release_sock(sk);
533 return err;
534}
535
536static int rfcomm_sock_getname(struct socket *sock, struct sockaddr *addr, int *len, int peer)
537{
538 struct sockaddr_rc *sa = (struct sockaddr_rc *) addr;
539 struct sock *sk = sock->sk;
540
541 BT_DBG("sock %p, sk %p", sock, sk);
542
543 sa->rc_family = AF_BLUETOOTH;
544 sa->rc_channel = rfcomm_pi(sk)->channel;
545 if (peer)
546 bacpy(&sa->rc_bdaddr, &bt_sk(sk)->dst);
547 else
548 bacpy(&sa->rc_bdaddr, &bt_sk(sk)->src);
549
550 *len = sizeof(struct sockaddr_rc);
551 return 0;
552}
553
554static int rfcomm_sock_sendmsg(struct kiocb *iocb, struct socket *sock,
555 struct msghdr *msg, size_t len)
556{
557 struct sock *sk = sock->sk;
558 struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc;
559 struct sk_buff *skb;
560 int sent = 0;
561
562 if (msg->msg_flags & MSG_OOB)
563 return -EOPNOTSUPP;
564
565 if (sk->sk_shutdown & SEND_SHUTDOWN)
566 return -EPIPE;
567
568 BT_DBG("sock %p, sk %p", sock, sk);
569
570 lock_sock(sk);
571
572 while (len) {
573 size_t size = min_t(size_t, len, d->mtu);
574 int err;
575
576 skb = sock_alloc_send_skb(sk, size + RFCOMM_SKB_RESERVE,
577 msg->msg_flags & MSG_DONTWAIT, &err);
578 if (!skb)
579 break;
580 skb_reserve(skb, RFCOMM_SKB_HEAD_RESERVE);
581
582 err = memcpy_fromiovec(skb_put(skb, size), msg->msg_iov, size);
583 if (err) {
584 kfree_skb(skb);
585 if (sent == 0)
586 sent = err;
587 break;
588 }
589
590 err = rfcomm_dlc_send(d, skb);
591 if (err < 0) {
592 kfree_skb(skb);
593 if (sent == 0)
594 sent = err;
595 break;
596 }
597
598 sent += size;
599 len -= size;
600 }
601
602 release_sock(sk);
603
604 return sent;
605}
606
607static long rfcomm_sock_data_wait(struct sock *sk, long timeo)
608{
609 DECLARE_WAITQUEUE(wait, current);
610
611 add_wait_queue(sk->sk_sleep, &wait);
612 for (;;) {
613 set_current_state(TASK_INTERRUPTIBLE);
614
615 if (!skb_queue_empty(&sk->sk_receive_queue) ||
616 sk->sk_err ||
617 (sk->sk_shutdown & RCV_SHUTDOWN) ||
618 signal_pending(current) ||
619 !timeo)
620 break;
621
622 set_bit(SOCK_ASYNC_WAITDATA, &sk->sk_socket->flags);
623 release_sock(sk);
624 timeo = schedule_timeout(timeo);
625 lock_sock(sk);
626 clear_bit(SOCK_ASYNC_WAITDATA, &sk->sk_socket->flags);
627 }
628
629 __set_current_state(TASK_RUNNING);
630 remove_wait_queue(sk->sk_sleep, &wait);
631 return timeo;
632}
633
634static int rfcomm_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
635 struct msghdr *msg, size_t size, int flags)
636{
637 struct sock *sk = sock->sk;
638 int err = 0;
639 size_t target, copied = 0;
640 long timeo;
641
642 if (flags & MSG_OOB)
643 return -EOPNOTSUPP;
644
645 msg->msg_namelen = 0;
646
647 BT_DBG("sk %p size %d", sk, size);
648
649 lock_sock(sk);
650
651 target = sock_rcvlowat(sk, flags & MSG_WAITALL, size);
652 timeo = sock_rcvtimeo(sk, flags & MSG_DONTWAIT);
653
654 do {
655 struct sk_buff *skb;
656 int chunk;
657
658 skb = skb_dequeue(&sk->sk_receive_queue);
659 if (!skb) {
660 if (copied >= target)
661 break;
662
663 if ((err = sock_error(sk)) != 0)
664 break;
665 if (sk->sk_shutdown & RCV_SHUTDOWN)
666 break;
667
668 err = -EAGAIN;
669 if (!timeo)
670 break;
671
672 timeo = rfcomm_sock_data_wait(sk, timeo);
673
674 if (signal_pending(current)) {
675 err = sock_intr_errno(timeo);
676 goto out;
677 }
678 continue;
679 }
680
681 chunk = min_t(unsigned int, skb->len, size);
682 if (memcpy_toiovec(msg->msg_iov, skb->data, chunk)) {
683 skb_queue_head(&sk->sk_receive_queue, skb);
684 if (!copied)
685 copied = -EFAULT;
686 break;
687 }
688 copied += chunk;
689 size -= chunk;
690
691 if (!(flags & MSG_PEEK)) {
692 atomic_sub(chunk, &sk->sk_rmem_alloc);
693
694 skb_pull(skb, chunk);
695 if (skb->len) {
696 skb_queue_head(&sk->sk_receive_queue, skb);
697 break;
698 }
699 kfree_skb(skb);
700
701 } else {
702
703 skb_queue_head(&sk->sk_receive_queue, skb);
704 break;
705 }
706 } while (size);
707
708out:
709 if (atomic_read(&sk->sk_rmem_alloc) <= (sk->sk_rcvbuf >> 2))
710 rfcomm_dlc_unthrottle(rfcomm_pi(sk)->dlc);
711
712 release_sock(sk);
713 return copied ? : err;
714}
715
716static int rfcomm_sock_setsockopt(struct socket *sock, int level, int optname, char __user *optval, int optlen)
717{
718 struct sock *sk = sock->sk;
719 int err = 0;
720 u32 opt;
721
722 BT_DBG("sk %p", sk);
723
724 lock_sock(sk);
725
726 switch (optname) {
727 case RFCOMM_LM:
728 if (get_user(opt, (u32 __user *) optval)) {
729 err = -EFAULT;
730 break;
731 }
732
733 rfcomm_pi(sk)->link_mode = opt;
734 break;
735
736 default:
737 err = -ENOPROTOOPT;
738 break;
739 }
740
741 release_sock(sk);
742 return err;
743}
744
745static int rfcomm_sock_getsockopt(struct socket *sock, int level, int optname, char __user *optval, int __user *optlen)
746{
747 struct sock *sk = sock->sk;
748 struct sock *l2cap_sk;
749 struct rfcomm_conninfo cinfo;
750 int len, err = 0;
751
752 BT_DBG("sk %p", sk);
753
754 if (get_user(len, optlen))
755 return -EFAULT;
756
757 lock_sock(sk);
758
759 switch (optname) {
760 case RFCOMM_LM:
761 if (put_user(rfcomm_pi(sk)->link_mode, (u32 __user *) optval))
762 err = -EFAULT;
763 break;
764
765 case RFCOMM_CONNINFO:
766 if (sk->sk_state != BT_CONNECTED) {
767 err = -ENOTCONN;
768 break;
769 }
770
771 l2cap_sk = rfcomm_pi(sk)->dlc->session->sock->sk;
772
773 cinfo.hci_handle = l2cap_pi(l2cap_sk)->conn->hcon->handle;
774 memcpy(cinfo.dev_class, l2cap_pi(l2cap_sk)->conn->hcon->dev_class, 3);
775
776 len = min_t(unsigned int, len, sizeof(cinfo));
777 if (copy_to_user(optval, (char *) &cinfo, len))
778 err = -EFAULT;
779
780 break;
781
782 default:
783 err = -ENOPROTOOPT;
784 break;
785 }
786
787 release_sock(sk);
788 return err;
789}
790
791static int rfcomm_sock_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
792{
793 struct sock *sk = sock->sk;
794 int err;
795
796 lock_sock(sk);
797
798#ifdef CONFIG_BT_RFCOMM_TTY
799 err = rfcomm_dev_ioctl(sk, cmd, (void __user *)arg);
800#else
801 err = -EOPNOTSUPP;
802#endif
803
804 release_sock(sk);
805 return err;
806}
807
808static int rfcomm_sock_shutdown(struct socket *sock, int how)
809{
810 struct sock *sk = sock->sk;
811 int err = 0;
812
813 BT_DBG("sock %p, sk %p", sock, sk);
814
815 if (!sk) return 0;
816
817 lock_sock(sk);
818 if (!sk->sk_shutdown) {
819 sk->sk_shutdown = SHUTDOWN_MASK;
820 __rfcomm_sock_close(sk);
821
822 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime)
823 err = bt_sock_wait_state(sk, BT_CLOSED, sk->sk_lingertime);
824 }
825 release_sock(sk);
826 return err;
827}
828
829static int rfcomm_sock_release(struct socket *sock)
830{
831 struct sock *sk = sock->sk;
832 int err;
833
834 BT_DBG("sock %p, sk %p", sock, sk);
835
836 if (!sk)
837 return 0;
838
839 err = rfcomm_sock_shutdown(sock, 2);
840
841 sock_orphan(sk);
842 rfcomm_sock_kill(sk);
843 return err;
844}
845
846
847
848
849
850int rfcomm_connect_ind(struct rfcomm_session *s, u8 channel, struct rfcomm_dlc **d)
851{
852 struct sock *sk, *parent;
853 bdaddr_t src, dst;
854 int result = 0;
855
856 BT_DBG("session %p channel %d", s, channel);
857
858 rfcomm_session_getaddr(s, &src, &dst);
859
860
861 parent = rfcomm_get_sock_by_channel(BT_LISTEN, channel, &src);
862 if (!parent)
863 return 0;
864
865
866 if (sk_acceptq_is_full(parent)) {
867 BT_DBG("backlog full %d", parent->sk_ack_backlog);
868 goto done;
869 }
870
871 sk = rfcomm_sock_alloc(parent->sk_net, NULL, BTPROTO_RFCOMM, GFP_ATOMIC);
872 if (!sk)
873 goto done;
874
875 rfcomm_sock_init(sk, parent);
876 bacpy(&bt_sk(sk)->src, &src);
877 bacpy(&bt_sk(sk)->dst, &dst);
878 rfcomm_pi(sk)->channel = channel;
879
880 sk->sk_state = BT_CONFIG;
881 bt_accept_enqueue(parent, sk);
882
883
884 *d = rfcomm_pi(sk)->dlc;
885 result = 1;
886
887done:
888 bh_unlock_sock(parent);
889 return result;
890}
891
892static ssize_t rfcomm_sock_sysfs_show(struct class *dev, char *buf)
893{
894 struct sock *sk;
895 struct hlist_node *node;
896 char *str = buf;
897
898 read_lock_bh(&rfcomm_sk_list.lock);
899
900 sk_for_each(sk, node, &rfcomm_sk_list.head) {
901 str += sprintf(str, "%s %s %d %d\n",
902 batostr(&bt_sk(sk)->src), batostr(&bt_sk(sk)->dst),
903 sk->sk_state, rfcomm_pi(sk)->channel);
904 }
905
906 read_unlock_bh(&rfcomm_sk_list.lock);
907
908 return (str - buf);
909}
910
911static CLASS_ATTR(rfcomm, S_IRUGO, rfcomm_sock_sysfs_show, NULL);
912
913static const struct proto_ops rfcomm_sock_ops = {
914 .family = PF_BLUETOOTH,
915 .owner = THIS_MODULE,
916 .release = rfcomm_sock_release,
917 .bind = rfcomm_sock_bind,
918 .connect = rfcomm_sock_connect,
919 .listen = rfcomm_sock_listen,
920 .accept = rfcomm_sock_accept,
921 .getname = rfcomm_sock_getname,
922 .sendmsg = rfcomm_sock_sendmsg,
923 .recvmsg = rfcomm_sock_recvmsg,
924 .shutdown = rfcomm_sock_shutdown,
925 .setsockopt = rfcomm_sock_setsockopt,
926 .getsockopt = rfcomm_sock_getsockopt,
927 .ioctl = rfcomm_sock_ioctl,
928 .poll = bt_sock_poll,
929 .socketpair = sock_no_socketpair,
930 .mmap = sock_no_mmap
931};
932
933static struct net_proto_family rfcomm_sock_family_ops = {
934 .family = PF_BLUETOOTH,
935 .owner = THIS_MODULE,
936 .create = rfcomm_sock_create
937};
938
939int __init rfcomm_init_sockets(void)
940{
941 int err;
942
943 err = proto_register(&rfcomm_proto, 0);
944 if (err < 0)
945 return err;
946
947 err = bt_sock_register(BTPROTO_RFCOMM, &rfcomm_sock_family_ops);
948 if (err < 0)
949 goto error;
950
951 if (class_create_file(bt_class, &class_attr_rfcomm) < 0)
952 BT_ERR("Failed to create RFCOMM info file");
953
954 BT_INFO("RFCOMM socket layer initialized");
955
956 return 0;
957
958error:
959 BT_ERR("RFCOMM socket layer registration failed");
960 proto_unregister(&rfcomm_proto);
961 return err;
962}
963
964void __exit rfcomm_cleanup_sockets(void)
965{
966 class_remove_file(bt_class, &class_attr_rfcomm);
967
968 if (bt_sock_unregister(BTPROTO_RFCOMM) < 0)
969 BT_ERR("RFCOMM socket layer unregistration failed");
970
971 proto_unregister(&rfcomm_proto);
972}
973
