1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27#include <linux/module.h>
28#include <linux/debugfs.h>
29#include <linux/seq_file.h>
30
31#include <net/bluetooth/bluetooth.h>
32#include <net/bluetooth/hci_core.h>
33#include <net/bluetooth/sco.h>
34
35static bool disable_esco;
36
37static const struct proto_ops sco_sock_ops;
38
39static struct bt_sock_list sco_sk_list = {
40 .lock = __RW_LOCK_UNLOCKED(sco_sk_list.lock)
41};
42
43static void __sco_chan_add(struct sco_conn *conn, struct sock *sk, struct sock *parent);
44static void sco_chan_del(struct sock *sk, int err);
45
46static void sco_sock_close(struct sock *sk);
47static void sco_sock_kill(struct sock *sk);
48
49
50static void sco_sock_timeout(unsigned long arg)
51{
52 struct sock *sk = (struct sock *) arg;
53
54 BT_DBG("sock %p state %d", sk, sk->sk_state);
55
56 bh_lock_sock(sk);
57 sk->sk_err = ETIMEDOUT;
58 sk->sk_state_change(sk);
59 bh_unlock_sock(sk);
60
61 sco_sock_kill(sk);
62 sock_put(sk);
63}
64
65static void sco_sock_set_timer(struct sock *sk, long timeout)
66{
67 BT_DBG("sock %p state %d timeout %ld", sk, sk->sk_state, timeout);
68 sk_reset_timer(sk, &sk->sk_timer, jiffies + timeout);
69}
70
71static void sco_sock_clear_timer(struct sock *sk)
72{
73 BT_DBG("sock %p state %d", sk, sk->sk_state);
74 sk_stop_timer(sk, &sk->sk_timer);
75}
76
77
78static struct sco_conn *sco_conn_add(struct hci_conn *hcon)
79{
80 struct hci_dev *hdev = hcon->hdev;
81 struct sco_conn *conn = hcon->sco_data;
82
83 if (conn)
84 return conn;
85
86 conn = kzalloc(sizeof(struct sco_conn), GFP_KERNEL);
87 if (!conn)
88 return NULL;
89
90 spin_lock_init(&conn->lock);
91
92 hcon->sco_data = conn;
93 conn->hcon = hcon;
94
95 conn->src = &hdev->bdaddr;
96 conn->dst = &hcon->dst;
97
98 if (hdev->sco_mtu > 0)
99 conn->mtu = hdev->sco_mtu;
100 else
101 conn->mtu = 60;
102
103 BT_DBG("hcon %p conn %p", hcon, conn);
104
105 return conn;
106}
107
108static struct sock *sco_chan_get(struct sco_conn *conn)
109{
110 struct sock *sk = NULL;
111 sco_conn_lock(conn);
112 sk = conn->sk;
113 sco_conn_unlock(conn);
114 return sk;
115}
116
117static int sco_conn_del(struct hci_conn *hcon, int err)
118{
119 struct sco_conn *conn = hcon->sco_data;
120 struct sock *sk;
121
122 if (!conn)
123 return 0;
124
125 BT_DBG("hcon %p conn %p, err %d", hcon, conn, err);
126
127
128 sk = sco_chan_get(conn);
129 if (sk) {
130 bh_lock_sock(sk);
131 sco_sock_clear_timer(sk);
132 sco_chan_del(sk, err);
133 bh_unlock_sock(sk);
134 sco_sock_kill(sk);
135 }
136
137 hcon->sco_data = NULL;
138 kfree(conn);
139 return 0;
140}
141
142static int sco_chan_add(struct sco_conn *conn, struct sock *sk,
143 struct sock *parent)
144{
145 int err = 0;
146
147 sco_conn_lock(conn);
148 if (conn->sk)
149 err = -EBUSY;
150 else
151 __sco_chan_add(conn, sk, parent);
152
153 sco_conn_unlock(conn);
154 return err;
155}
156
157static int sco_connect(struct sock *sk)
158{
159 bdaddr_t *src = &bt_sk(sk)->src;
160 bdaddr_t *dst = &bt_sk(sk)->dst;
161 struct sco_conn *conn;
162 struct hci_conn *hcon;
163 struct hci_dev *hdev;
164 int err, type;
165
166 BT_DBG("%pMR -> %pMR", src, dst);
167
168 hdev = hci_get_route(dst, src);
169 if (!hdev)
170 return -EHOSTUNREACH;
171
172 hci_dev_lock(hdev);
173
174 if (lmp_esco_capable(hdev) && !disable_esco)
175 type = ESCO_LINK;
176 else
177 type = SCO_LINK;
178
179 hcon = hci_connect(hdev, type, dst, BDADDR_BREDR, BT_SECURITY_LOW,
180 HCI_AT_NO_BONDING);
181 if (IS_ERR(hcon)) {
182 err = PTR_ERR(hcon);
183 goto done;
184 }
185
186 conn = sco_conn_add(hcon);
187 if (!conn) {
188 hci_conn_drop(hcon);
189 err = -ENOMEM;
190 goto done;
191 }
192
193
194 bacpy(src, conn->src);
195
196 err = sco_chan_add(conn, sk, NULL);
197 if (err)
198 goto done;
199
200 if (hcon->state == BT_CONNECTED) {
201 sco_sock_clear_timer(sk);
202 sk->sk_state = BT_CONNECTED;
203 } else {
204 sk->sk_state = BT_CONNECT;
205 sco_sock_set_timer(sk, sk->sk_sndtimeo);
206 }
207
208done:
209 hci_dev_unlock(hdev);
210 hci_dev_put(hdev);
211 return err;
212}
213
214static int sco_send_frame(struct sock *sk, struct msghdr *msg, int len)
215{
216 struct sco_conn *conn = sco_pi(sk)->conn;
217 struct sk_buff *skb;
218 int err;
219
220
221 if (len > conn->mtu)
222 return -EINVAL;
223
224 BT_DBG("sk %p len %d", sk, len);
225
226 skb = bt_skb_send_alloc(sk, len, msg->msg_flags & MSG_DONTWAIT, &err);
227 if (!skb)
228 return err;
229
230 if (memcpy_fromiovec(skb_put(skb, len), msg->msg_iov, len)) {
231 kfree_skb(skb);
232 return -EFAULT;
233 }
234
235 hci_send_sco(conn->hcon, skb);
236
237 return len;
238}
239
240static void sco_recv_frame(struct sco_conn *conn, struct sk_buff *skb)
241{
242 struct sock *sk = sco_chan_get(conn);
243
244 if (!sk)
245 goto drop;
246
247 BT_DBG("sk %p len %d", sk, skb->len);
248
249 if (sk->sk_state != BT_CONNECTED)
250 goto drop;
251
252 if (!sock_queue_rcv_skb(sk, skb))
253 return;
254
255drop:
256 kfree_skb(skb);
257}
258
259
260static struct sock *__sco_get_sock_listen_by_addr(bdaddr_t *ba)
261{
262 struct sock *sk;
263
264 sk_for_each(sk, &sco_sk_list.head) {
265 if (sk->sk_state != BT_LISTEN)
266 continue;
267
268 if (!bacmp(&bt_sk(sk)->src, ba))
269 return sk;
270 }
271
272 return NULL;
273}
274
275
276
277
278static struct sock *sco_get_sock_listen(bdaddr_t *src)
279{
280 struct sock *sk = NULL, *sk1 = NULL;
281
282 read_lock(&sco_sk_list.lock);
283
284 sk_for_each(sk, &sco_sk_list.head) {
285 if (sk->sk_state != BT_LISTEN)
286 continue;
287
288
289 if (!bacmp(&bt_sk(sk)->src, src))
290 break;
291
292
293 if (!bacmp(&bt_sk(sk)->src, BDADDR_ANY))
294 sk1 = sk;
295 }
296
297 read_unlock(&sco_sk_list.lock);
298
299 return sk ? sk : sk1;
300}
301
302static void sco_sock_destruct(struct sock *sk)
303{
304 BT_DBG("sk %p", sk);
305
306 skb_queue_purge(&sk->sk_receive_queue);
307 skb_queue_purge(&sk->sk_write_queue);
308}
309
310static void sco_sock_cleanup_listen(struct sock *parent)
311{
312 struct sock *sk;
313
314 BT_DBG("parent %p", parent);
315
316
317 while ((sk = bt_accept_dequeue(parent, NULL))) {
318 sco_sock_close(sk);
319 sco_sock_kill(sk);
320 }
321
322 parent->sk_state = BT_CLOSED;
323 sock_set_flag(parent, SOCK_ZAPPED);
324}
325
326
327
328
329static void sco_sock_kill(struct sock *sk)
330{
331 if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket)
332 return;
333
334 BT_DBG("sk %p state %d", sk, sk->sk_state);
335
336
337 bt_sock_unlink(&sco_sk_list, sk);
338 sock_set_flag(sk, SOCK_DEAD);
339 sock_put(sk);
340}
341
342static void __sco_sock_close(struct sock *sk)
343{
344 BT_DBG("sk %p state %d socket %p", sk, sk->sk_state, sk->sk_socket);
345
346 switch (sk->sk_state) {
347 case BT_LISTEN:
348 sco_sock_cleanup_listen(sk);
349 break;
350
351 case BT_CONNECTED:
352 case BT_CONFIG:
353 if (sco_pi(sk)->conn->hcon) {
354 sk->sk_state = BT_DISCONN;
355 sco_sock_set_timer(sk, SCO_DISCONN_TIMEOUT);
356 hci_conn_drop(sco_pi(sk)->conn->hcon);
357 sco_pi(sk)->conn->hcon = NULL;
358 } else
359 sco_chan_del(sk, ECONNRESET);
360 break;
361
362 case BT_CONNECT2:
363 case BT_CONNECT:
364 case BT_DISCONN:
365 sco_chan_del(sk, ECONNRESET);
366 break;
367
368 default:
369 sock_set_flag(sk, SOCK_ZAPPED);
370 break;
371 }
372}
373
374
375static void sco_sock_close(struct sock *sk)
376{
377 sco_sock_clear_timer(sk);
378 lock_sock(sk);
379 __sco_sock_close(sk);
380 release_sock(sk);
381 sco_sock_kill(sk);
382}
383
384static void sco_sock_init(struct sock *sk, struct sock *parent)
385{
386 BT_DBG("sk %p", sk);
387
388 if (parent) {
389 sk->sk_type = parent->sk_type;
390 bt_sk(sk)->flags = bt_sk(parent)->flags;
391 security_sk_clone(parent, sk);
392 }
393}
394
395static struct proto sco_proto = {
396 .name = "SCO",
397 .owner = THIS_MODULE,
398 .obj_size = sizeof(struct sco_pinfo)
399};
400
401static struct sock *sco_sock_alloc(struct net *net, struct socket *sock, int proto, gfp_t prio)
402{
403 struct sock *sk;
404
405 sk = sk_alloc(net, PF_BLUETOOTH, prio, &sco_proto);
406 if (!sk)
407 return NULL;
408
409 sock_init_data(sock, sk);
410 INIT_LIST_HEAD(&bt_sk(sk)->accept_q);
411
412 sk->sk_destruct = sco_sock_destruct;
413 sk->sk_sndtimeo = SCO_CONN_TIMEOUT;
414
415 sock_reset_flag(sk, SOCK_ZAPPED);
416
417 sk->sk_protocol = proto;
418 sk->sk_state = BT_OPEN;
419
420 setup_timer(&sk->sk_timer, sco_sock_timeout, (unsigned long)sk);
421
422 bt_sock_link(&sco_sk_list, sk);
423 return sk;
424}
425
426static int sco_sock_create(struct net *net, struct socket *sock, int protocol,
427 int kern)
428{
429 struct sock *sk;
430
431 BT_DBG("sock %p", sock);
432
433 sock->state = SS_UNCONNECTED;
434
435 if (sock->type != SOCK_SEQPACKET)
436 return -ESOCKTNOSUPPORT;
437
438 sock->ops = &sco_sock_ops;
439
440 sk = sco_sock_alloc(net, sock, protocol, GFP_ATOMIC);
441 if (!sk)
442 return -ENOMEM;
443
444 sco_sock_init(sk, NULL);
445 return 0;
446}
447
448static int sco_sock_bind(struct socket *sock, struct sockaddr *addr, int addr_len)
449{
450 struct sockaddr_sco *sa = (struct sockaddr_sco *) addr;
451 struct sock *sk = sock->sk;
452 int err = 0;
453
454 BT_DBG("sk %p %pMR", sk, &sa->sco_bdaddr);
455
456 if (!addr || addr->sa_family != AF_BLUETOOTH)
457 return -EINVAL;
458
459 lock_sock(sk);
460
461 if (sk->sk_state != BT_OPEN) {
462 err = -EBADFD;
463 goto done;
464 }
465
466 if (sk->sk_type != SOCK_SEQPACKET) {
467 err = -EINVAL;
468 goto done;
469 }
470
471 bacpy(&bt_sk(sk)->src, &sa->sco_bdaddr);
472
473 sk->sk_state = BT_BOUND;
474
475done:
476 release_sock(sk);
477 return err;
478}
479
480static int sco_sock_connect(struct socket *sock, struct sockaddr *addr, int alen, int flags)
481{
482 struct sockaddr_sco *sa = (struct sockaddr_sco *) addr;
483 struct sock *sk = sock->sk;
484 int err;
485
486 BT_DBG("sk %p", sk);
487
488 if (alen < sizeof(struct sockaddr_sco) ||
489 addr->sa_family != AF_BLUETOOTH)
490 return -EINVAL;
491
492 if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND)
493 return -EBADFD;
494
495 if (sk->sk_type != SOCK_SEQPACKET)
496 return -EINVAL;
497
498 lock_sock(sk);
499
500
501 bacpy(&bt_sk(sk)->dst, &sa->sco_bdaddr);
502
503 err = sco_connect(sk);
504 if (err)
505 goto done;
506
507 err = bt_sock_wait_state(sk, BT_CONNECTED,
508 sock_sndtimeo(sk, flags & O_NONBLOCK));
509
510done:
511 release_sock(sk);
512 return err;
513}
514
515static int sco_sock_listen(struct socket *sock, int backlog)
516{
517 struct sock *sk = sock->sk;
518 bdaddr_t *src = &bt_sk(sk)->src;
519 int err = 0;
520
521 BT_DBG("sk %p backlog %d", sk, backlog);
522
523 lock_sock(sk);
524
525 if (sk->sk_state != BT_BOUND) {
526 err = -EBADFD;
527 goto done;
528 }
529
530 if (sk->sk_type != SOCK_SEQPACKET) {
531 err = -EINVAL;
532 goto done;
533 }
534
535 write_lock(&sco_sk_list.lock);
536
537 if (__sco_get_sock_listen_by_addr(src)) {
538 err = -EADDRINUSE;
539 goto unlock;
540 }
541
542 sk->sk_max_ack_backlog = backlog;
543 sk->sk_ack_backlog = 0;
544
545 sk->sk_state = BT_LISTEN;
546
547unlock:
548 write_unlock(&sco_sk_list.lock);
549
550done:
551 release_sock(sk);
552 return err;
553}
554
555static int sco_sock_accept(struct socket *sock, struct socket *newsock, int flags)
556{
557 DECLARE_WAITQUEUE(wait, current);
558 struct sock *sk = sock->sk, *ch;
559 long timeo;
560 int err = 0;
561
562 lock_sock(sk);
563
564 timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK);
565
566 BT_DBG("sk %p timeo %ld", sk, timeo);
567
568
569 add_wait_queue_exclusive(sk_sleep(sk), &wait);
570 while (1) {
571 set_current_state(TASK_INTERRUPTIBLE);
572
573 if (sk->sk_state != BT_LISTEN) {
574 err = -EBADFD;
575 break;
576 }
577
578 ch = bt_accept_dequeue(sk, newsock);
579 if (ch)
580 break;
581
582 if (!timeo) {
583 err = -EAGAIN;
584 break;
585 }
586
587 if (signal_pending(current)) {
588 err = sock_intr_errno(timeo);
589 break;
590 }
591
592 release_sock(sk);
593 timeo = schedule_timeout(timeo);
594 lock_sock(sk);
595 }
596 __set_current_state(TASK_RUNNING);
597 remove_wait_queue(sk_sleep(sk), &wait);
598
599 if (err)
600 goto done;
601
602 newsock->state = SS_CONNECTED;
603
604 BT_DBG("new socket %p", ch);
605
606done:
607 release_sock(sk);
608 return err;
609}
610
611static int sco_sock_getname(struct socket *sock, struct sockaddr *addr, int *len, int peer)
612{
613 struct sockaddr_sco *sa = (struct sockaddr_sco *) addr;
614 struct sock *sk = sock->sk;
615
616 BT_DBG("sock %p, sk %p", sock, sk);
617
618 addr->sa_family = AF_BLUETOOTH;
619 *len = sizeof(struct sockaddr_sco);
620
621 if (peer)
622 bacpy(&sa->sco_bdaddr, &bt_sk(sk)->dst);
623 else
624 bacpy(&sa->sco_bdaddr, &bt_sk(sk)->src);
625
626 return 0;
627}
628
629static int sco_sock_sendmsg(struct kiocb *iocb, struct socket *sock,
630 struct msghdr *msg, size_t len)
631{
632 struct sock *sk = sock->sk;
633 int err;
634
635 BT_DBG("sock %p, sk %p", sock, sk);
636
637 err = sock_error(sk);
638 if (err)
639 return err;
640
641 if (msg->msg_flags & MSG_OOB)
642 return -EOPNOTSUPP;
643
644 lock_sock(sk);
645
646 if (sk->sk_state == BT_CONNECTED)
647 err = sco_send_frame(sk, msg, len);
648 else
649 err = -ENOTCONN;
650
651 release_sock(sk);
652 return err;
653}
654
655static void sco_conn_defer_accept(struct hci_conn *conn, int mask)
656{
657 struct hci_dev *hdev = conn->hdev;
658
659 BT_DBG("conn %p", conn);
660
661 conn->state = BT_CONFIG;
662
663 if (!lmp_esco_capable(hdev)) {
664 struct hci_cp_accept_conn_req cp;
665
666 bacpy(&cp.bdaddr, &conn->dst);
667
668 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER))
669 cp.role = 0x00;
670 else
671 cp.role = 0x01;
672
673 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ, sizeof(cp), &cp);
674 } else {
675 struct hci_cp_accept_sync_conn_req cp;
676
677 bacpy(&cp.bdaddr, &conn->dst);
678 cp.pkt_type = cpu_to_le16(conn->pkt_type);
679
680 cp.tx_bandwidth = __constant_cpu_to_le32(0x00001f40);
681 cp.rx_bandwidth = __constant_cpu_to_le32(0x00001f40);
682 cp.max_latency = __constant_cpu_to_le16(0xffff);
683 cp.content_format = cpu_to_le16(hdev->voice_setting);
684 cp.retrans_effort = 0xff;
685
686 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
687 sizeof(cp), &cp);
688 }
689}
690
691static int sco_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
692 struct msghdr *msg, size_t len, int flags)
693{
694 struct sock *sk = sock->sk;
695 struct sco_pinfo *pi = sco_pi(sk);
696
697 lock_sock(sk);
698
699 if (sk->sk_state == BT_CONNECT2 &&
700 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) {
701 sco_conn_defer_accept(pi->conn->hcon, 0);
702 sk->sk_state = BT_CONFIG;
703 msg->msg_namelen = 0;
704
705 release_sock(sk);
706 return 0;
707 }
708
709 release_sock(sk);
710
711 return bt_sock_recvmsg(iocb, sock, msg, len, flags);
712}
713
714static int sco_sock_setsockopt(struct socket *sock, int level, int optname, char __user *optval, unsigned int optlen)
715{
716 struct sock *sk = sock->sk;
717 int err = 0;
718 u32 opt;
719
720 BT_DBG("sk %p", sk);
721
722 lock_sock(sk);
723
724 switch (optname) {
725
726 case BT_DEFER_SETUP:
727 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
728 err = -EINVAL;
729 break;
730 }
731
732 if (get_user(opt, (u32 __user *) optval)) {
733 err = -EFAULT;
734 break;
735 }
736
737 if (opt)
738 set_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
739 else
740 clear_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
741 break;
742
743 default:
744 err = -ENOPROTOOPT;
745 break;
746 }
747
748 release_sock(sk);
749 return err;
750}
751
752static int sco_sock_getsockopt_old(struct socket *sock, int optname, char __user *optval, int __user *optlen)
753{
754 struct sock *sk = sock->sk;
755 struct sco_options opts;
756 struct sco_conninfo cinfo;
757 int len, err = 0;
758
759 BT_DBG("sk %p", sk);
760
761 if (get_user(len, optlen))
762 return -EFAULT;
763
764 lock_sock(sk);
765
766 switch (optname) {
767 case SCO_OPTIONS:
768 if (sk->sk_state != BT_CONNECTED) {
769 err = -ENOTCONN;
770 break;
771 }
772
773 opts.mtu = sco_pi(sk)->conn->mtu;
774
775 BT_DBG("mtu %d", opts.mtu);
776
777 len = min_t(unsigned int, len, sizeof(opts));
778 if (copy_to_user(optval, (char *)&opts, len))
779 err = -EFAULT;
780
781 break;
782
783 case SCO_CONNINFO:
784 if (sk->sk_state != BT_CONNECTED) {
785 err = -ENOTCONN;
786 break;
787 }
788
789 memset(&cinfo, 0, sizeof(cinfo));
790 cinfo.hci_handle = sco_pi(sk)->conn->hcon->handle;
791 memcpy(cinfo.dev_class, sco_pi(sk)->conn->hcon->dev_class, 3);
792
793 len = min_t(unsigned int, len, sizeof(cinfo));
794 if (copy_to_user(optval, (char *)&cinfo, len))
795 err = -EFAULT;
796
797 break;
798
799 default:
800 err = -ENOPROTOOPT;
801 break;
802 }
803
804 release_sock(sk);
805 return err;
806}
807
808static int sco_sock_getsockopt(struct socket *sock, int level, int optname, char __user *optval, int __user *optlen)
809{
810 struct sock *sk = sock->sk;
811 int len, err = 0;
812
813 BT_DBG("sk %p", sk);
814
815 if (level == SOL_SCO)
816 return sco_sock_getsockopt_old(sock, optname, optval, optlen);
817
818 if (get_user(len, optlen))
819 return -EFAULT;
820
821 lock_sock(sk);
822
823 switch (optname) {
824
825 case BT_DEFER_SETUP:
826 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
827 err = -EINVAL;
828 break;
829 }
830
831 if (put_user(test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags),
832 (u32 __user *) optval))
833 err = -EFAULT;
834
835 break;
836
837 default:
838 err = -ENOPROTOOPT;
839 break;
840 }
841
842 release_sock(sk);
843 return err;
844}
845
846static int sco_sock_shutdown(struct socket *sock, int how)
847{
848 struct sock *sk = sock->sk;
849 int err = 0;
850
851 BT_DBG("sock %p, sk %p", sock, sk);
852
853 if (!sk)
854 return 0;
855
856 lock_sock(sk);
857 if (!sk->sk_shutdown) {
858 sk->sk_shutdown = SHUTDOWN_MASK;
859 sco_sock_clear_timer(sk);
860 __sco_sock_close(sk);
861
862 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime)
863 err = bt_sock_wait_state(sk, BT_CLOSED,
864 sk->sk_lingertime);
865 }
866 release_sock(sk);
867 return err;
868}
869
870static int sco_sock_release(struct socket *sock)
871{
872 struct sock *sk = sock->sk;
873 int err = 0;
874
875 BT_DBG("sock %p, sk %p", sock, sk);
876
877 if (!sk)
878 return 0;
879
880 sco_sock_close(sk);
881
882 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime) {
883 lock_sock(sk);
884 err = bt_sock_wait_state(sk, BT_CLOSED, sk->sk_lingertime);
885 release_sock(sk);
886 }
887
888 sock_orphan(sk);
889 sco_sock_kill(sk);
890 return err;
891}
892
893static void __sco_chan_add(struct sco_conn *conn, struct sock *sk, struct sock *parent)
894{
895 BT_DBG("conn %p", conn);
896
897 sco_pi(sk)->conn = conn;
898 conn->sk = sk;
899
900 if (parent)
901 bt_accept_enqueue(parent, sk);
902}
903
904
905
906static void sco_chan_del(struct sock *sk, int err)
907{
908 struct sco_conn *conn;
909
910 conn = sco_pi(sk)->conn;
911
912 BT_DBG("sk %p, conn %p, err %d", sk, conn, err);
913
914 if (conn) {
915 sco_conn_lock(conn);
916 conn->sk = NULL;
917 sco_pi(sk)->conn = NULL;
918 sco_conn_unlock(conn);
919
920 if (conn->hcon)
921 hci_conn_drop(conn->hcon);
922 }
923
924 sk->sk_state = BT_CLOSED;
925 sk->sk_err = err;
926 sk->sk_state_change(sk);
927
928 sock_set_flag(sk, SOCK_ZAPPED);
929}
930
931static void sco_conn_ready(struct sco_conn *conn)
932{
933 struct sock *parent;
934 struct sock *sk = conn->sk;
935
936 BT_DBG("conn %p", conn);
937
938 if (sk) {
939 sco_sock_clear_timer(sk);
940 bh_lock_sock(sk);
941 sk->sk_state = BT_CONNECTED;
942 sk->sk_state_change(sk);
943 bh_unlock_sock(sk);
944 } else {
945 sco_conn_lock(conn);
946
947 parent = sco_get_sock_listen(conn->src);
948 if (!parent) {
949 sco_conn_unlock(conn);
950 return;
951 }
952
953 bh_lock_sock(parent);
954
955 sk = sco_sock_alloc(sock_net(parent), NULL,
956 BTPROTO_SCO, GFP_ATOMIC);
957 if (!sk) {
958 bh_unlock_sock(parent);
959 sco_conn_unlock(conn);
960 return;
961 }
962
963 sco_sock_init(sk, parent);
964
965 bacpy(&bt_sk(sk)->src, conn->src);
966 bacpy(&bt_sk(sk)->dst, conn->dst);
967
968 hci_conn_hold(conn->hcon);
969 __sco_chan_add(conn, sk, parent);
970
971 if (test_bit(BT_SK_DEFER_SETUP, &bt_sk(parent)->flags))
972 sk->sk_state = BT_CONNECT2;
973 else
974 sk->sk_state = BT_CONNECTED;
975
976
977 parent->sk_data_ready(parent, 1);
978
979 bh_unlock_sock(parent);
980
981 sco_conn_unlock(conn);
982 }
983}
984
985
986int sco_connect_ind(struct hci_dev *hdev, bdaddr_t *bdaddr, __u8 *flags)
987{
988 struct sock *sk;
989 int lm = 0;
990
991 BT_DBG("hdev %s, bdaddr %pMR", hdev->name, bdaddr);
992
993
994 read_lock(&sco_sk_list.lock);
995 sk_for_each(sk, &sco_sk_list.head) {
996 if (sk->sk_state != BT_LISTEN)
997 continue;
998
999 if (!bacmp(&bt_sk(sk)->src, &hdev->bdaddr) ||
1000 !bacmp(&bt_sk(sk)->src, BDADDR_ANY)) {
1001 lm |= HCI_LM_ACCEPT;
1002
1003 if (test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags))
1004 *flags |= HCI_PROTO_DEFER;
1005 break;
1006 }
1007 }
1008 read_unlock(&sco_sk_list.lock);
1009
1010 return lm;
1011}
1012
1013void sco_connect_cfm(struct hci_conn *hcon, __u8 status)
1014{
1015 BT_DBG("hcon %p bdaddr %pMR status %d", hcon, &hcon->dst, status);
1016 if (!status) {
1017 struct sco_conn *conn;
1018
1019 conn = sco_conn_add(hcon);
1020 if (conn)
1021 sco_conn_ready(conn);
1022 } else
1023 sco_conn_del(hcon, bt_to_errno(status));
1024}
1025
1026void sco_disconn_cfm(struct hci_conn *hcon, __u8 reason)
1027{
1028 BT_DBG("hcon %p reason %d", hcon, reason);
1029
1030 sco_conn_del(hcon, bt_to_errno(reason));
1031}
1032
1033int sco_recv_scodata(struct hci_conn *hcon, struct sk_buff *skb)
1034{
1035 struct sco_conn *conn = hcon->sco_data;
1036
1037 if (!conn)
1038 goto drop;
1039
1040 BT_DBG("conn %p len %d", conn, skb->len);
1041
1042 if (skb->len) {
1043 sco_recv_frame(conn, skb);
1044 return 0;
1045 }
1046
1047drop:
1048 kfree_skb(skb);
1049 return 0;
1050}
1051
1052static int sco_debugfs_show(struct seq_file *f, void *p)
1053{
1054 struct sock *sk;
1055
1056 read_lock(&sco_sk_list.lock);
1057
1058 sk_for_each(sk, &sco_sk_list.head) {
1059 seq_printf(f, "%pMR %pMR %d\n", &bt_sk(sk)->src,
1060 &bt_sk(sk)->dst, sk->sk_state);
1061 }
1062
1063 read_unlock(&sco_sk_list.lock);
1064
1065 return 0;
1066}
1067
1068static int sco_debugfs_open(struct inode *inode, struct file *file)
1069{
1070 return single_open(file, sco_debugfs_show, inode->i_private);
1071}
1072
1073static const struct file_operations sco_debugfs_fops = {
1074 .open = sco_debugfs_open,
1075 .read = seq_read,
1076 .llseek = seq_lseek,
1077 .release = single_release,
1078};
1079
1080static struct dentry *sco_debugfs;
1081
1082static const struct proto_ops sco_sock_ops = {
1083 .family = PF_BLUETOOTH,
1084 .owner = THIS_MODULE,
1085 .release = sco_sock_release,
1086 .bind = sco_sock_bind,
1087 .connect = sco_sock_connect,
1088 .listen = sco_sock_listen,
1089 .accept = sco_sock_accept,
1090 .getname = sco_sock_getname,
1091 .sendmsg = sco_sock_sendmsg,
1092 .recvmsg = sco_sock_recvmsg,
1093 .poll = bt_sock_poll,
1094 .ioctl = bt_sock_ioctl,
1095 .mmap = sock_no_mmap,
1096 .socketpair = sock_no_socketpair,
1097 .shutdown = sco_sock_shutdown,
1098 .setsockopt = sco_sock_setsockopt,
1099 .getsockopt = sco_sock_getsockopt
1100};
1101
1102static const struct net_proto_family sco_sock_family_ops = {
1103 .family = PF_BLUETOOTH,
1104 .owner = THIS_MODULE,
1105 .create = sco_sock_create,
1106};
1107
1108int __init sco_init(void)
1109{
1110 int err;
1111
1112 err = proto_register(&sco_proto, 0);
1113 if (err < 0)
1114 return err;
1115
1116 err = bt_sock_register(BTPROTO_SCO, &sco_sock_family_ops);
1117 if (err < 0) {
1118 BT_ERR("SCO socket registration failed");
1119 goto error;
1120 }
1121
1122 err = bt_procfs_init(&init_net, "sco", &sco_sk_list, NULL);
1123 if (err < 0) {
1124 BT_ERR("Failed to create SCO proc file");
1125 bt_sock_unregister(BTPROTO_SCO);
1126 goto error;
1127 }
1128
1129 if (bt_debugfs) {
1130 sco_debugfs = debugfs_create_file("sco", 0444, bt_debugfs,
1131 NULL, &sco_debugfs_fops);
1132 if (!sco_debugfs)
1133 BT_ERR("Failed to create SCO debug file");
1134 }
1135
1136 BT_INFO("SCO socket layer initialized");
1137
1138 return 0;
1139
1140error:
1141 proto_unregister(&sco_proto);
1142 return err;
1143}
1144
1145void __exit sco_exit(void)
1146{
1147 bt_procfs_cleanup(&init_net, "sco");
1148
1149 debugfs_remove(sco_debugfs);
1150
1151 bt_sock_unregister(BTPROTO_SCO);
1152
1153 proto_unregister(&sco_proto);
1154}
1155
1156module_param(disable_esco, bool, 0644);
1157MODULE_PARM_DESC(disable_esco, "Disable eSCO connection creation");
1158
