This source file includes following definitions.
- sco_sock_timeout
- sco_sock_set_timer
- sco_sock_clear_timer
- sco_conn_add
- sco_chan_del
- sco_conn_del
- __sco_chan_add
- sco_chan_add
- sco_connect
- sco_send_frame
- sco_recv_frame
- __sco_get_sock_listen_by_addr
- sco_get_sock_listen
- sco_sock_destruct
- sco_sock_cleanup_listen
- sco_sock_kill
- __sco_sock_close
- sco_sock_close
- sco_sock_init
- sco_sock_alloc
- sco_sock_create
- sco_sock_bind
- sco_sock_connect
- sco_sock_listen
- sco_sock_accept
- sco_sock_getname
- sco_sock_sendmsg
- sco_conn_defer_accept
- sco_sock_recvmsg
- sco_sock_setsockopt
- sco_sock_getsockopt_old
- sco_sock_getsockopt
- sco_sock_shutdown
- sco_sock_release
- sco_conn_ready
- sco_connect_ind
- sco_connect_cfm
- sco_disconn_cfm
- sco_recv_scodata
- sco_debugfs_show
- sco_init
- sco_exit
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27 #include <linux/module.h>
28 #include <linux/debugfs.h>
29 #include <linux/seq_file.h>
30 #include <linux/sched/signal.h>
31
32 #include <net/bluetooth/bluetooth.h>
33 #include <net/bluetooth/hci_core.h>
34 #include <net/bluetooth/sco.h>
35
36 static bool disable_esco;
37
38 static const struct proto_ops sco_sock_ops;
39
40 static struct bt_sock_list sco_sk_list = {
41 .lock = __RW_LOCK_UNLOCKED(sco_sk_list.lock)
42 };
43
44
45 struct sco_conn {
46 struct hci_conn *hcon;
47
48 spinlock_t lock;
49 struct sock *sk;
50
51 unsigned int mtu;
52 };
53
54 #define sco_conn_lock(c) spin_lock(&c->lock);
55 #define sco_conn_unlock(c) spin_unlock(&c->lock);
56
57 static void sco_sock_close(struct sock *sk);
58 static void sco_sock_kill(struct sock *sk);
59
60
61 #define sco_pi(sk) ((struct sco_pinfo *) sk)
62
63 struct sco_pinfo {
64 struct bt_sock bt;
65 bdaddr_t src;
66 bdaddr_t dst;
67 __u32 flags;
68 __u16 setting;
69 struct sco_conn *conn;
70 };
71
72
73 #define SCO_CONN_TIMEOUT (HZ * 40)
74 #define SCO_DISCONN_TIMEOUT (HZ * 2)
75
76 static void sco_sock_timeout(struct timer_list *t)
77 {
78 struct sock *sk = from_timer(sk, t, sk_timer);
79
80 BT_DBG("sock %p state %d", sk, sk->sk_state);
81
82 bh_lock_sock(sk);
83 sk->sk_err = ETIMEDOUT;
84 sk->sk_state_change(sk);
85 bh_unlock_sock(sk);
86
87 sco_sock_kill(sk);
88 sock_put(sk);
89 }
90
91 static void sco_sock_set_timer(struct sock *sk, long timeout)
92 {
93 BT_DBG("sock %p state %d timeout %ld", sk, sk->sk_state, timeout);
94 sk_reset_timer(sk, &sk->sk_timer, jiffies + timeout);
95 }
96
97 static void sco_sock_clear_timer(struct sock *sk)
98 {
99 BT_DBG("sock %p state %d", sk, sk->sk_state);
100 sk_stop_timer(sk, &sk->sk_timer);
101 }
102
103
104 static struct sco_conn *sco_conn_add(struct hci_conn *hcon)
105 {
106 struct hci_dev *hdev = hcon->hdev;
107 struct sco_conn *conn = hcon->sco_data;
108
109 if (conn)
110 return conn;
111
112 conn = kzalloc(sizeof(struct sco_conn), GFP_KERNEL);
113 if (!conn)
114 return NULL;
115
116 spin_lock_init(&conn->lock);
117
118 hcon->sco_data = conn;
119 conn->hcon = hcon;
120
121 if (hdev->sco_mtu > 0)
122 conn->mtu = hdev->sco_mtu;
123 else
124 conn->mtu = 60;
125
126 BT_DBG("hcon %p conn %p", hcon, conn);
127
128 return conn;
129 }
130
131
132
133 static void sco_chan_del(struct sock *sk, int err)
134 {
135 struct sco_conn *conn;
136
137 conn = sco_pi(sk)->conn;
138
139 BT_DBG("sk %p, conn %p, err %d", sk, conn, err);
140
141 if (conn) {
142 sco_conn_lock(conn);
143 conn->sk = NULL;
144 sco_pi(sk)->conn = NULL;
145 sco_conn_unlock(conn);
146
147 if (conn->hcon)
148 hci_conn_drop(conn->hcon);
149 }
150
151 sk->sk_state = BT_CLOSED;
152 sk->sk_err = err;
153 sk->sk_state_change(sk);
154
155 sock_set_flag(sk, SOCK_ZAPPED);
156 }
157
158 static void sco_conn_del(struct hci_conn *hcon, int err)
159 {
160 struct sco_conn *conn = hcon->sco_data;
161 struct sock *sk;
162
163 if (!conn)
164 return;
165
166 BT_DBG("hcon %p conn %p, err %d", hcon, conn, err);
167
168
169 sco_conn_lock(conn);
170 sk = conn->sk;
171 sco_conn_unlock(conn);
172
173 if (sk) {
174 sock_hold(sk);
175 bh_lock_sock(sk);
176 sco_sock_clear_timer(sk);
177 sco_chan_del(sk, err);
178 bh_unlock_sock(sk);
179 sco_sock_kill(sk);
180 sock_put(sk);
181 }
182
183 hcon->sco_data = NULL;
184 kfree(conn);
185 }
186
187 static void __sco_chan_add(struct sco_conn *conn, struct sock *sk,
188 struct sock *parent)
189 {
190 BT_DBG("conn %p", conn);
191
192 sco_pi(sk)->conn = conn;
193 conn->sk = sk;
194
195 if (parent)
196 bt_accept_enqueue(parent, sk, true);
197 }
198
199 static int sco_chan_add(struct sco_conn *conn, struct sock *sk,
200 struct sock *parent)
201 {
202 int err = 0;
203
204 sco_conn_lock(conn);
205 if (conn->sk)
206 err = -EBUSY;
207 else
208 __sco_chan_add(conn, sk, parent);
209
210 sco_conn_unlock(conn);
211 return err;
212 }
213
214 static int sco_connect(struct sock *sk)
215 {
216 struct sco_conn *conn;
217 struct hci_conn *hcon;
218 struct hci_dev *hdev;
219 int err, type;
220
221 BT_DBG("%pMR -> %pMR", &sco_pi(sk)->src, &sco_pi(sk)->dst);
222
223 hdev = hci_get_route(&sco_pi(sk)->dst, &sco_pi(sk)->src, BDADDR_BREDR);
224 if (!hdev)
225 return -EHOSTUNREACH;
226
227 hci_dev_lock(hdev);
228
229 if (lmp_esco_capable(hdev) && !disable_esco)
230 type = ESCO_LINK;
231 else
232 type = SCO_LINK;
233
234 if (sco_pi(sk)->setting == BT_VOICE_TRANSPARENT &&
235 (!lmp_transp_capable(hdev) || !lmp_esco_capable(hdev))) {
236 err = -EOPNOTSUPP;
237 goto done;
238 }
239
240 hcon = hci_connect_sco(hdev, type, &sco_pi(sk)->dst,
241 sco_pi(sk)->setting);
242 if (IS_ERR(hcon)) {
243 err = PTR_ERR(hcon);
244 goto done;
245 }
246
247 conn = sco_conn_add(hcon);
248 if (!conn) {
249 hci_conn_drop(hcon);
250 err = -ENOMEM;
251 goto done;
252 }
253
254
255 bacpy(&sco_pi(sk)->src, &hcon->src);
256
257 err = sco_chan_add(conn, sk, NULL);
258 if (err)
259 goto done;
260
261 if (hcon->state == BT_CONNECTED) {
262 sco_sock_clear_timer(sk);
263 sk->sk_state = BT_CONNECTED;
264 } else {
265 sk->sk_state = BT_CONNECT;
266 sco_sock_set_timer(sk, sk->sk_sndtimeo);
267 }
268
269 done:
270 hci_dev_unlock(hdev);
271 hci_dev_put(hdev);
272 return err;
273 }
274
275 static int sco_send_frame(struct sock *sk, struct msghdr *msg, int len)
276 {
277 struct sco_conn *conn = sco_pi(sk)->conn;
278 struct sk_buff *skb;
279 int err;
280
281
282 if (len > conn->mtu)
283 return -EINVAL;
284
285 BT_DBG("sk %p len %d", sk, len);
286
287 skb = bt_skb_send_alloc(sk, len, msg->msg_flags & MSG_DONTWAIT, &err);
288 if (!skb)
289 return err;
290
291 if (memcpy_from_msg(skb_put(skb, len), msg, len)) {
292 kfree_skb(skb);
293 return -EFAULT;
294 }
295
296 hci_send_sco(conn->hcon, skb);
297
298 return len;
299 }
300
301 static void sco_recv_frame(struct sco_conn *conn, struct sk_buff *skb)
302 {
303 struct sock *sk;
304
305 sco_conn_lock(conn);
306 sk = conn->sk;
307 sco_conn_unlock(conn);
308
309 if (!sk)
310 goto drop;
311
312 BT_DBG("sk %p len %d", sk, skb->len);
313
314 if (sk->sk_state != BT_CONNECTED)
315 goto drop;
316
317 if (!sock_queue_rcv_skb(sk, skb))
318 return;
319
320 drop:
321 kfree_skb(skb);
322 }
323
324
325 static struct sock *__sco_get_sock_listen_by_addr(bdaddr_t *ba)
326 {
327 struct sock *sk;
328
329 sk_for_each(sk, &sco_sk_list.head) {
330 if (sk->sk_state != BT_LISTEN)
331 continue;
332
333 if (!bacmp(&sco_pi(sk)->src, ba))
334 return sk;
335 }
336
337 return NULL;
338 }
339
340
341
342
343 static struct sock *sco_get_sock_listen(bdaddr_t *src)
344 {
345 struct sock *sk = NULL, *sk1 = NULL;
346
347 read_lock(&sco_sk_list.lock);
348
349 sk_for_each(sk, &sco_sk_list.head) {
350 if (sk->sk_state != BT_LISTEN)
351 continue;
352
353
354 if (!bacmp(&sco_pi(sk)->src, src))
355 break;
356
357
358 if (!bacmp(&sco_pi(sk)->src, BDADDR_ANY))
359 sk1 = sk;
360 }
361
362 read_unlock(&sco_sk_list.lock);
363
364 return sk ? sk : sk1;
365 }
366
367 static void sco_sock_destruct(struct sock *sk)
368 {
369 BT_DBG("sk %p", sk);
370
371 skb_queue_purge(&sk->sk_receive_queue);
372 skb_queue_purge(&sk->sk_write_queue);
373 }
374
375 static void sco_sock_cleanup_listen(struct sock *parent)
376 {
377 struct sock *sk;
378
379 BT_DBG("parent %p", parent);
380
381
382 while ((sk = bt_accept_dequeue(parent, NULL))) {
383 sco_sock_close(sk);
384 sco_sock_kill(sk);
385 }
386
387 parent->sk_state = BT_CLOSED;
388 sock_set_flag(parent, SOCK_ZAPPED);
389 }
390
391
392
393
394 static void sco_sock_kill(struct sock *sk)
395 {
396 if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket ||
397 sock_flag(sk, SOCK_DEAD))
398 return;
399
400 BT_DBG("sk %p state %d", sk, sk->sk_state);
401
402
403 bt_sock_unlink(&sco_sk_list, sk);
404 sock_set_flag(sk, SOCK_DEAD);
405 sock_put(sk);
406 }
407
408 static void __sco_sock_close(struct sock *sk)
409 {
410 BT_DBG("sk %p state %d socket %p", sk, sk->sk_state, sk->sk_socket);
411
412 switch (sk->sk_state) {
413 case BT_LISTEN:
414 sco_sock_cleanup_listen(sk);
415 break;
416
417 case BT_CONNECTED:
418 case BT_CONFIG:
419 if (sco_pi(sk)->conn->hcon) {
420 sk->sk_state = BT_DISCONN;
421 sco_sock_set_timer(sk, SCO_DISCONN_TIMEOUT);
422 sco_conn_lock(sco_pi(sk)->conn);
423 hci_conn_drop(sco_pi(sk)->conn->hcon);
424 sco_pi(sk)->conn->hcon = NULL;
425 sco_conn_unlock(sco_pi(sk)->conn);
426 } else
427 sco_chan_del(sk, ECONNRESET);
428 break;
429
430 case BT_CONNECT2:
431 case BT_CONNECT:
432 case BT_DISCONN:
433 sco_chan_del(sk, ECONNRESET);
434 break;
435
436 default:
437 sock_set_flag(sk, SOCK_ZAPPED);
438 break;
439 }
440 }
441
442
443 static void sco_sock_close(struct sock *sk)
444 {
445 sco_sock_clear_timer(sk);
446 lock_sock(sk);
447 __sco_sock_close(sk);
448 release_sock(sk);
449 sco_sock_kill(sk);
450 }
451
452 static void sco_sock_init(struct sock *sk, struct sock *parent)
453 {
454 BT_DBG("sk %p", sk);
455
456 if (parent) {
457 sk->sk_type = parent->sk_type;
458 bt_sk(sk)->flags = bt_sk(parent)->flags;
459 security_sk_clone(parent, sk);
460 }
461 }
462
463 static struct proto sco_proto = {
464 .name = "SCO",
465 .owner = THIS_MODULE,
466 .obj_size = sizeof(struct sco_pinfo)
467 };
468
469 static struct sock *sco_sock_alloc(struct net *net, struct socket *sock,
470 int proto, gfp_t prio, int kern)
471 {
472 struct sock *sk;
473
474 sk = sk_alloc(net, PF_BLUETOOTH, prio, &sco_proto, kern);
475 if (!sk)
476 return NULL;
477
478 sock_init_data(sock, sk);
479 INIT_LIST_HEAD(&bt_sk(sk)->accept_q);
480
481 sk->sk_destruct = sco_sock_destruct;
482 sk->sk_sndtimeo = SCO_CONN_TIMEOUT;
483
484 sock_reset_flag(sk, SOCK_ZAPPED);
485
486 sk->sk_protocol = proto;
487 sk->sk_state = BT_OPEN;
488
489 sco_pi(sk)->setting = BT_VOICE_CVSD_16BIT;
490
491 timer_setup(&sk->sk_timer, sco_sock_timeout, 0);
492
493 bt_sock_link(&sco_sk_list, sk);
494 return sk;
495 }
496
497 static int sco_sock_create(struct net *net, struct socket *sock, int protocol,
498 int kern)
499 {
500 struct sock *sk;
501
502 BT_DBG("sock %p", sock);
503
504 sock->state = SS_UNCONNECTED;
505
506 if (sock->type != SOCK_SEQPACKET)
507 return -ESOCKTNOSUPPORT;
508
509 sock->ops = &sco_sock_ops;
510
511 sk = sco_sock_alloc(net, sock, protocol, GFP_ATOMIC, kern);
512 if (!sk)
513 return -ENOMEM;
514
515 sco_sock_init(sk, NULL);
516 return 0;
517 }
518
519 static int sco_sock_bind(struct socket *sock, struct sockaddr *addr,
520 int addr_len)
521 {
522 struct sockaddr_sco *sa = (struct sockaddr_sco *) addr;
523 struct sock *sk = sock->sk;
524 int err = 0;
525
526 if (!addr || addr_len < sizeof(struct sockaddr_sco) ||
527 addr->sa_family != AF_BLUETOOTH)
528 return -EINVAL;
529
530 BT_DBG("sk %p %pMR", sk, &sa->sco_bdaddr);
531
532 lock_sock(sk);
533
534 if (sk->sk_state != BT_OPEN) {
535 err = -EBADFD;
536 goto done;
537 }
538
539 if (sk->sk_type != SOCK_SEQPACKET) {
540 err = -EINVAL;
541 goto done;
542 }
543
544 bacpy(&sco_pi(sk)->src, &sa->sco_bdaddr);
545
546 sk->sk_state = BT_BOUND;
547
548 done:
549 release_sock(sk);
550 return err;
551 }
552
553 static int sco_sock_connect(struct socket *sock, struct sockaddr *addr, int alen, int flags)
554 {
555 struct sockaddr_sco *sa = (struct sockaddr_sco *) addr;
556 struct sock *sk = sock->sk;
557 int err;
558
559 BT_DBG("sk %p", sk);
560
561 if (alen < sizeof(struct sockaddr_sco) ||
562 addr->sa_family != AF_BLUETOOTH)
563 return -EINVAL;
564
565 if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND)
566 return -EBADFD;
567
568 if (sk->sk_type != SOCK_SEQPACKET)
569 return -EINVAL;
570
571 lock_sock(sk);
572
573
574 bacpy(&sco_pi(sk)->dst, &sa->sco_bdaddr);
575
576 err = sco_connect(sk);
577 if (err)
578 goto done;
579
580 err = bt_sock_wait_state(sk, BT_CONNECTED,
581 sock_sndtimeo(sk, flags & O_NONBLOCK));
582
583 done:
584 release_sock(sk);
585 return err;
586 }
587
588 static int sco_sock_listen(struct socket *sock, int backlog)
589 {
590 struct sock *sk = sock->sk;
591 bdaddr_t *src = &sco_pi(sk)->src;
592 int err = 0;
593
594 BT_DBG("sk %p backlog %d", sk, backlog);
595
596 lock_sock(sk);
597
598 if (sk->sk_state != BT_BOUND) {
599 err = -EBADFD;
600 goto done;
601 }
602
603 if (sk->sk_type != SOCK_SEQPACKET) {
604 err = -EINVAL;
605 goto done;
606 }
607
608 write_lock(&sco_sk_list.lock);
609
610 if (__sco_get_sock_listen_by_addr(src)) {
611 err = -EADDRINUSE;
612 goto unlock;
613 }
614
615 sk->sk_max_ack_backlog = backlog;
616 sk->sk_ack_backlog = 0;
617
618 sk->sk_state = BT_LISTEN;
619
620 unlock:
621 write_unlock(&sco_sk_list.lock);
622
623 done:
624 release_sock(sk);
625 return err;
626 }
627
628 static int sco_sock_accept(struct socket *sock, struct socket *newsock,
629 int flags, bool kern)
630 {
631 DEFINE_WAIT_FUNC(wait, woken_wake_function);
632 struct sock *sk = sock->sk, *ch;
633 long timeo;
634 int err = 0;
635
636 lock_sock(sk);
637
638 timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK);
639
640 BT_DBG("sk %p timeo %ld", sk, timeo);
641
642
643 add_wait_queue_exclusive(sk_sleep(sk), &wait);
644 while (1) {
645 if (sk->sk_state != BT_LISTEN) {
646 err = -EBADFD;
647 break;
648 }
649
650 ch = bt_accept_dequeue(sk, newsock);
651 if (ch)
652 break;
653
654 if (!timeo) {
655 err = -EAGAIN;
656 break;
657 }
658
659 if (signal_pending(current)) {
660 err = sock_intr_errno(timeo);
661 break;
662 }
663
664 release_sock(sk);
665
666 timeo = wait_woken(&wait, TASK_INTERRUPTIBLE, timeo);
667 lock_sock(sk);
668 }
669 remove_wait_queue(sk_sleep(sk), &wait);
670
671 if (err)
672 goto done;
673
674 newsock->state = SS_CONNECTED;
675
676 BT_DBG("new socket %p", ch);
677
678 done:
679 release_sock(sk);
680 return err;
681 }
682
683 static int sco_sock_getname(struct socket *sock, struct sockaddr *addr,
684 int peer)
685 {
686 struct sockaddr_sco *sa = (struct sockaddr_sco *) addr;
687 struct sock *sk = sock->sk;
688
689 BT_DBG("sock %p, sk %p", sock, sk);
690
691 addr->sa_family = AF_BLUETOOTH;
692
693 if (peer)
694 bacpy(&sa->sco_bdaddr, &sco_pi(sk)->dst);
695 else
696 bacpy(&sa->sco_bdaddr, &sco_pi(sk)->src);
697
698 return sizeof(struct sockaddr_sco);
699 }
700
701 static int sco_sock_sendmsg(struct socket *sock, struct msghdr *msg,
702 size_t len)
703 {
704 struct sock *sk = sock->sk;
705 int err;
706
707 BT_DBG("sock %p, sk %p", sock, sk);
708
709 err = sock_error(sk);
710 if (err)
711 return err;
712
713 if (msg->msg_flags & MSG_OOB)
714 return -EOPNOTSUPP;
715
716 lock_sock(sk);
717
718 if (sk->sk_state == BT_CONNECTED)
719 err = sco_send_frame(sk, msg, len);
720 else
721 err = -ENOTCONN;
722
723 release_sock(sk);
724 return err;
725 }
726
727 static void sco_conn_defer_accept(struct hci_conn *conn, u16 setting)
728 {
729 struct hci_dev *hdev = conn->hdev;
730
731 BT_DBG("conn %p", conn);
732
733 conn->state = BT_CONFIG;
734
735 if (!lmp_esco_capable(hdev)) {
736 struct hci_cp_accept_conn_req cp;
737
738 bacpy(&cp.bdaddr, &conn->dst);
739 cp.role = 0x00;
740
741 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ, sizeof(cp), &cp);
742 } else {
743 struct hci_cp_accept_sync_conn_req cp;
744
745 bacpy(&cp.bdaddr, &conn->dst);
746 cp.pkt_type = cpu_to_le16(conn->pkt_type);
747
748 cp.tx_bandwidth = cpu_to_le32(0x00001f40);
749 cp.rx_bandwidth = cpu_to_le32(0x00001f40);
750 cp.content_format = cpu_to_le16(setting);
751
752 switch (setting & SCO_AIRMODE_MASK) {
753 case SCO_AIRMODE_TRANSP:
754 if (conn->pkt_type & ESCO_2EV3)
755 cp.max_latency = cpu_to_le16(0x0008);
756 else
757 cp.max_latency = cpu_to_le16(0x000D);
758 cp.retrans_effort = 0x02;
759 break;
760 case SCO_AIRMODE_CVSD:
761 cp.max_latency = cpu_to_le16(0xffff);
762 cp.retrans_effort = 0xff;
763 break;
764 }
765
766 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
767 sizeof(cp), &cp);
768 }
769 }
770
771 static int sco_sock_recvmsg(struct socket *sock, struct msghdr *msg,
772 size_t len, int flags)
773 {
774 struct sock *sk = sock->sk;
775 struct sco_pinfo *pi = sco_pi(sk);
776
777 lock_sock(sk);
778
779 if (sk->sk_state == BT_CONNECT2 &&
780 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) {
781 sco_conn_defer_accept(pi->conn->hcon, pi->setting);
782 sk->sk_state = BT_CONFIG;
783
784 release_sock(sk);
785 return 0;
786 }
787
788 release_sock(sk);
789
790 return bt_sock_recvmsg(sock, msg, len, flags);
791 }
792
793 static int sco_sock_setsockopt(struct socket *sock, int level, int optname,
794 char __user *optval, unsigned int optlen)
795 {
796 struct sock *sk = sock->sk;
797 int len, err = 0;
798 struct bt_voice voice;
799 u32 opt;
800
801 BT_DBG("sk %p", sk);
802
803 lock_sock(sk);
804
805 switch (optname) {
806
807 case BT_DEFER_SETUP:
808 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
809 err = -EINVAL;
810 break;
811 }
812
813 if (get_user(opt, (u32 __user *) optval)) {
814 err = -EFAULT;
815 break;
816 }
817
818 if (opt)
819 set_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
820 else
821 clear_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
822 break;
823
824 case BT_VOICE:
825 if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND &&
826 sk->sk_state != BT_CONNECT2) {
827 err = -EINVAL;
828 break;
829 }
830
831 voice.setting = sco_pi(sk)->setting;
832
833 len = min_t(unsigned int, sizeof(voice), optlen);
834 if (copy_from_user((char *)&voice, optval, len)) {
835 err = -EFAULT;
836 break;
837 }
838
839
840 if (voice.setting != BT_VOICE_TRANSPARENT &&
841 voice.setting != BT_VOICE_CVSD_16BIT) {
842 err = -EINVAL;
843 break;
844 }
845
846 sco_pi(sk)->setting = voice.setting;
847 break;
848
849 default:
850 err = -ENOPROTOOPT;
851 break;
852 }
853
854 release_sock(sk);
855 return err;
856 }
857
858 static int sco_sock_getsockopt_old(struct socket *sock, int optname,
859 char __user *optval, int __user *optlen)
860 {
861 struct sock *sk = sock->sk;
862 struct sco_options opts;
863 struct sco_conninfo cinfo;
864 int len, err = 0;
865
866 BT_DBG("sk %p", sk);
867
868 if (get_user(len, optlen))
869 return -EFAULT;
870
871 lock_sock(sk);
872
873 switch (optname) {
874 case SCO_OPTIONS:
875 if (sk->sk_state != BT_CONNECTED &&
876 !(sk->sk_state == BT_CONNECT2 &&
877 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags))) {
878 err = -ENOTCONN;
879 break;
880 }
881
882 opts.mtu = sco_pi(sk)->conn->mtu;
883
884 BT_DBG("mtu %d", opts.mtu);
885
886 len = min_t(unsigned int, len, sizeof(opts));
887 if (copy_to_user(optval, (char *)&opts, len))
888 err = -EFAULT;
889
890 break;
891
892 case SCO_CONNINFO:
893 if (sk->sk_state != BT_CONNECTED &&
894 !(sk->sk_state == BT_CONNECT2 &&
895 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags))) {
896 err = -ENOTCONN;
897 break;
898 }
899
900 memset(&cinfo, 0, sizeof(cinfo));
901 cinfo.hci_handle = sco_pi(sk)->conn->hcon->handle;
902 memcpy(cinfo.dev_class, sco_pi(sk)->conn->hcon->dev_class, 3);
903
904 len = min_t(unsigned int, len, sizeof(cinfo));
905 if (copy_to_user(optval, (char *)&cinfo, len))
906 err = -EFAULT;
907
908 break;
909
910 default:
911 err = -ENOPROTOOPT;
912 break;
913 }
914
915 release_sock(sk);
916 return err;
917 }
918
919 static int sco_sock_getsockopt(struct socket *sock, int level, int optname,
920 char __user *optval, int __user *optlen)
921 {
922 struct sock *sk = sock->sk;
923 int len, err = 0;
924 struct bt_voice voice;
925
926 BT_DBG("sk %p", sk);
927
928 if (level == SOL_SCO)
929 return sco_sock_getsockopt_old(sock, optname, optval, optlen);
930
931 if (get_user(len, optlen))
932 return -EFAULT;
933
934 lock_sock(sk);
935
936 switch (optname) {
937
938 case BT_DEFER_SETUP:
939 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
940 err = -EINVAL;
941 break;
942 }
943
944 if (put_user(test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags),
945 (u32 __user *)optval))
946 err = -EFAULT;
947
948 break;
949
950 case BT_VOICE:
951 voice.setting = sco_pi(sk)->setting;
952
953 len = min_t(unsigned int, len, sizeof(voice));
954 if (copy_to_user(optval, (char *)&voice, len))
955 err = -EFAULT;
956
957 break;
958
959 default:
960 err = -ENOPROTOOPT;
961 break;
962 }
963
964 release_sock(sk);
965 return err;
966 }
967
968 static int sco_sock_shutdown(struct socket *sock, int how)
969 {
970 struct sock *sk = sock->sk;
971 int err = 0;
972
973 BT_DBG("sock %p, sk %p", sock, sk);
974
975 if (!sk)
976 return 0;
977
978 sock_hold(sk);
979 lock_sock(sk);
980
981 if (!sk->sk_shutdown) {
982 sk->sk_shutdown = SHUTDOWN_MASK;
983 sco_sock_clear_timer(sk);
984 __sco_sock_close(sk);
985
986 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime &&
987 !(current->flags & PF_EXITING))
988 err = bt_sock_wait_state(sk, BT_CLOSED,
989 sk->sk_lingertime);
990 }
991
992 release_sock(sk);
993 sock_put(sk);
994
995 return err;
996 }
997
998 static int sco_sock_release(struct socket *sock)
999 {
1000 struct sock *sk = sock->sk;
1001 int err = 0;
1002
1003 BT_DBG("sock %p, sk %p", sock, sk);
1004
1005 if (!sk)
1006 return 0;
1007
1008 sco_sock_close(sk);
1009
1010 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime &&
1011 !(current->flags & PF_EXITING)) {
1012 lock_sock(sk);
1013 err = bt_sock_wait_state(sk, BT_CLOSED, sk->sk_lingertime);
1014 release_sock(sk);
1015 }
1016
1017 sock_orphan(sk);
1018 sco_sock_kill(sk);
1019 return err;
1020 }
1021
1022 static void sco_conn_ready(struct sco_conn *conn)
1023 {
1024 struct sock *parent;
1025 struct sock *sk = conn->sk;
1026
1027 BT_DBG("conn %p", conn);
1028
1029 if (sk) {
1030 sco_sock_clear_timer(sk);
1031 bh_lock_sock(sk);
1032 sk->sk_state = BT_CONNECTED;
1033 sk->sk_state_change(sk);
1034 bh_unlock_sock(sk);
1035 } else {
1036 sco_conn_lock(conn);
1037
1038 if (!conn->hcon) {
1039 sco_conn_unlock(conn);
1040 return;
1041 }
1042
1043 parent = sco_get_sock_listen(&conn->hcon->src);
1044 if (!parent) {
1045 sco_conn_unlock(conn);
1046 return;
1047 }
1048
1049 bh_lock_sock(parent);
1050
1051 sk = sco_sock_alloc(sock_net(parent), NULL,
1052 BTPROTO_SCO, GFP_ATOMIC, 0);
1053 if (!sk) {
1054 bh_unlock_sock(parent);
1055 sco_conn_unlock(conn);
1056 return;
1057 }
1058
1059 sco_sock_init(sk, parent);
1060
1061 bacpy(&sco_pi(sk)->src, &conn->hcon->src);
1062 bacpy(&sco_pi(sk)->dst, &conn->hcon->dst);
1063
1064 hci_conn_hold(conn->hcon);
1065 __sco_chan_add(conn, sk, parent);
1066
1067 if (test_bit(BT_SK_DEFER_SETUP, &bt_sk(parent)->flags))
1068 sk->sk_state = BT_CONNECT2;
1069 else
1070 sk->sk_state = BT_CONNECTED;
1071
1072
1073 parent->sk_data_ready(parent);
1074
1075 bh_unlock_sock(parent);
1076
1077 sco_conn_unlock(conn);
1078 }
1079 }
1080
1081
1082 int sco_connect_ind(struct hci_dev *hdev, bdaddr_t *bdaddr, __u8 *flags)
1083 {
1084 struct sock *sk;
1085 int lm = 0;
1086
1087 BT_DBG("hdev %s, bdaddr %pMR", hdev->name, bdaddr);
1088
1089
1090 read_lock(&sco_sk_list.lock);
1091 sk_for_each(sk, &sco_sk_list.head) {
1092 if (sk->sk_state != BT_LISTEN)
1093 continue;
1094
1095 if (!bacmp(&sco_pi(sk)->src, &hdev->bdaddr) ||
1096 !bacmp(&sco_pi(sk)->src, BDADDR_ANY)) {
1097 lm |= HCI_LM_ACCEPT;
1098
1099 if (test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags))
1100 *flags |= HCI_PROTO_DEFER;
1101 break;
1102 }
1103 }
1104 read_unlock(&sco_sk_list.lock);
1105
1106 return lm;
1107 }
1108
1109 static void sco_connect_cfm(struct hci_conn *hcon, __u8 status)
1110 {
1111 if (hcon->type != SCO_LINK && hcon->type != ESCO_LINK)
1112 return;
1113
1114 BT_DBG("hcon %p bdaddr %pMR status %d", hcon, &hcon->dst, status);
1115
1116 if (!status) {
1117 struct sco_conn *conn;
1118
1119 conn = sco_conn_add(hcon);
1120 if (conn)
1121 sco_conn_ready(conn);
1122 } else
1123 sco_conn_del(hcon, bt_to_errno(status));
1124 }
1125
1126 static void sco_disconn_cfm(struct hci_conn *hcon, __u8 reason)
1127 {
1128 if (hcon->type != SCO_LINK && hcon->type != ESCO_LINK)
1129 return;
1130
1131 BT_DBG("hcon %p reason %d", hcon, reason);
1132
1133 sco_conn_del(hcon, bt_to_errno(reason));
1134 }
1135
1136 void sco_recv_scodata(struct hci_conn *hcon, struct sk_buff *skb)
1137 {
1138 struct sco_conn *conn = hcon->sco_data;
1139
1140 if (!conn)
1141 goto drop;
1142
1143 BT_DBG("conn %p len %d", conn, skb->len);
1144
1145 if (skb->len) {
1146 sco_recv_frame(conn, skb);
1147 return;
1148 }
1149
1150 drop:
1151 kfree_skb(skb);
1152 }
1153
1154 static struct hci_cb sco_cb = {
1155 .name = "SCO",
1156 .connect_cfm = sco_connect_cfm,
1157 .disconn_cfm = sco_disconn_cfm,
1158 };
1159
1160 static int sco_debugfs_show(struct seq_file *f, void *p)
1161 {
1162 struct sock *sk;
1163
1164 read_lock(&sco_sk_list.lock);
1165
1166 sk_for_each(sk, &sco_sk_list.head) {
1167 seq_printf(f, "%pMR %pMR %d\n", &sco_pi(sk)->src,
1168 &sco_pi(sk)->dst, sk->sk_state);
1169 }
1170
1171 read_unlock(&sco_sk_list.lock);
1172
1173 return 0;
1174 }
1175
1176 DEFINE_SHOW_ATTRIBUTE(sco_debugfs);
1177
1178 static struct dentry *sco_debugfs;
1179
1180 static const struct proto_ops sco_sock_ops = {
1181 .family = PF_BLUETOOTH,
1182 .owner = THIS_MODULE,
1183 .release = sco_sock_release,
1184 .bind = sco_sock_bind,
1185 .connect = sco_sock_connect,
1186 .listen = sco_sock_listen,
1187 .accept = sco_sock_accept,
1188 .getname = sco_sock_getname,
1189 .sendmsg = sco_sock_sendmsg,
1190 .recvmsg = sco_sock_recvmsg,
1191 .poll = bt_sock_poll,
1192 .ioctl = bt_sock_ioctl,
1193 .gettstamp = sock_gettstamp,
1194 .mmap = sock_no_mmap,
1195 .socketpair = sock_no_socketpair,
1196 .shutdown = sco_sock_shutdown,
1197 .setsockopt = sco_sock_setsockopt,
1198 .getsockopt = sco_sock_getsockopt
1199 };
1200
1201 static const struct net_proto_family sco_sock_family_ops = {
1202 .family = PF_BLUETOOTH,
1203 .owner = THIS_MODULE,
1204 .create = sco_sock_create,
1205 };
1206
1207 int __init sco_init(void)
1208 {
1209 int err;
1210
1211 BUILD_BUG_ON(sizeof(struct sockaddr_sco) > sizeof(struct sockaddr));
1212
1213 err = proto_register(&sco_proto, 0);
1214 if (err < 0)
1215 return err;
1216
1217 err = bt_sock_register(BTPROTO_SCO, &sco_sock_family_ops);
1218 if (err < 0) {
1219 BT_ERR("SCO socket registration failed");
1220 goto error;
1221 }
1222
1223 err = bt_procfs_init(&init_net, "sco", &sco_sk_list, NULL);
1224 if (err < 0) {
1225 BT_ERR("Failed to create SCO proc file");
1226 bt_sock_unregister(BTPROTO_SCO);
1227 goto error;
1228 }
1229
1230 BT_INFO("SCO socket layer initialized");
1231
1232 hci_register_cb(&sco_cb);
1233
1234 if (IS_ERR_OR_NULL(bt_debugfs))
1235 return 0;
1236
1237 sco_debugfs = debugfs_create_file("sco", 0444, bt_debugfs,
1238 NULL, &sco_debugfs_fops);
1239
1240 return 0;
1241
1242 error:
1243 proto_unregister(&sco_proto);
1244 return err;
1245 }
1246
1247 void sco_exit(void)
1248 {
1249 bt_procfs_cleanup(&init_net, "sco");
1250
1251 debugfs_remove(sco_debugfs);
1252
1253 hci_unregister_cb(&sco_cb);
1254
1255 bt_sock_unregister(BTPROTO_SCO);
1256
1257 proto_unregister(&sco_proto);
1258 }
1259
1260 module_param(disable_esco, bool, 0644);
1261 MODULE_PARM_DESC(disable_esco, "Disable eSCO connection creation");