2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
25 /* Bluetooth SCO sockets. */
27 #include <linux/module.h>
29 #include <linux/types.h>
30 #include <linux/errno.h>
31 #include <linux/kernel.h>
32 #include <linux/sched.h>
33 #include <linux/slab.h>
34 #include <linux/poll.h>
35 #include <linux/fcntl.h>
36 #include <linux/init.h>
37 #include <linux/interrupt.h>
38 #include <linux/socket.h>
39 #include <linux/skbuff.h>
40 #include <linux/device.h>
41 #include <linux/debugfs.h>
42 #include <linux/seq_file.h>
43 #include <linux/list.h>
44 #include <linux/security.h>
47 #include <linux/uaccess.h>
49 #include <net/bluetooth/bluetooth.h>
50 #include <net/bluetooth/hci_core.h>
51 #include <net/bluetooth/sco.h>
53 static bool disable_esco;
55 static const struct proto_ops sco_sock_ops;
57 static struct bt_sock_list sco_sk_list = {
58 .lock = __RW_LOCK_UNLOCKED(sco_sk_list.lock)
61 static void __sco_chan_add(struct sco_conn *conn, struct sock *sk, struct sock *parent);
62 static void sco_chan_del(struct sock *sk, int err);
64 static void sco_sock_close(struct sock *sk);
65 static void sco_sock_kill(struct sock *sk);
67 /* ---- SCO timers ---- */
68 static void sco_sock_timeout(unsigned long arg)
70 struct sock *sk = (struct sock *) arg;
72 BT_DBG("sock %p state %d", sk, sk->sk_state);
75 sk->sk_err = ETIMEDOUT;
76 sk->sk_state_change(sk);
83 static void sco_sock_set_timer(struct sock *sk, long timeout)
85 BT_DBG("sock %p state %d timeout %ld", sk, sk->sk_state, timeout);
86 sk_reset_timer(sk, &sk->sk_timer, jiffies + timeout);
89 static void sco_sock_clear_timer(struct sock *sk)
91 BT_DBG("sock %p state %d", sk, sk->sk_state);
92 sk_stop_timer(sk, &sk->sk_timer);
95 /* ---- SCO connections ---- */
96 static struct sco_conn *sco_conn_add(struct hci_conn *hcon)
98 struct hci_dev *hdev = hcon->hdev;
99 struct sco_conn *conn = hcon->sco_data;
104 conn = kzalloc(sizeof(struct sco_conn), GFP_ATOMIC);
108 spin_lock_init(&conn->lock);
110 hcon->sco_data = conn;
113 conn->src = &hdev->bdaddr;
114 conn->dst = &hcon->dst;
116 if (hdev->sco_mtu > 0)
117 conn->mtu = hdev->sco_mtu;
121 BT_DBG("hcon %p conn %p", hcon, conn);
126 static struct sock *sco_chan_get(struct sco_conn *conn)
128 struct sock *sk = NULL;
131 sco_conn_unlock(conn);
135 static int sco_conn_del(struct hci_conn *hcon, int err)
137 struct sco_conn *conn = hcon->sco_data;
143 BT_DBG("hcon %p conn %p, err %d", hcon, conn, err);
146 sk = sco_chan_get(conn);
149 sco_sock_clear_timer(sk);
150 sco_chan_del(sk, err);
155 hcon->sco_data = NULL;
160 static int sco_chan_add(struct sco_conn *conn, struct sock *sk,
169 __sco_chan_add(conn, sk, parent);
171 sco_conn_unlock(conn);
175 static int sco_connect(struct sock *sk)
177 bdaddr_t *src = &bt_sk(sk)->src;
178 bdaddr_t *dst = &bt_sk(sk)->dst;
179 struct sco_conn *conn;
180 struct hci_conn *hcon;
181 struct hci_dev *hdev;
184 BT_DBG("%s -> %s", batostr(src), batostr(dst));
186 hdev = hci_get_route(dst, src);
188 return -EHOSTUNREACH;
192 if (lmp_esco_capable(hdev) && !disable_esco)
197 hcon = hci_connect(hdev, type, dst, BDADDR_BREDR, BT_SECURITY_LOW,
204 conn = sco_conn_add(hcon);
211 /* Update source addr of the socket */
212 bacpy(src, conn->src);
214 err = sco_chan_add(conn, sk, NULL);
218 if (hcon->state == BT_CONNECTED) {
219 sco_sock_clear_timer(sk);
220 sk->sk_state = BT_CONNECTED;
222 sk->sk_state = BT_CONNECT;
223 sco_sock_set_timer(sk, sk->sk_sndtimeo);
227 hci_dev_unlock(hdev);
232 static int sco_send_frame(struct sock *sk, struct msghdr *msg, int len)
234 struct sco_conn *conn = sco_pi(sk)->conn;
238 /* Check outgoing MTU */
242 BT_DBG("sk %p len %d", sk, len);
244 skb = bt_skb_send_alloc(sk, len, msg->msg_flags & MSG_DONTWAIT, &err);
248 if (memcpy_fromiovec(skb_put(skb, len), msg->msg_iov, len)) {
253 hci_send_sco(conn->hcon, skb);
258 static void sco_recv_frame(struct sco_conn *conn, struct sk_buff *skb)
260 struct sock *sk = sco_chan_get(conn);
265 BT_DBG("sk %p len %d", sk, skb->len);
267 if (sk->sk_state != BT_CONNECTED)
270 if (!sock_queue_rcv_skb(sk, skb))
277 /* -------- Socket interface ---------- */
278 static struct sock *__sco_get_sock_listen_by_addr(bdaddr_t *ba)
280 struct hlist_node *node;
283 sk_for_each(sk, node, &sco_sk_list.head) {
284 if (sk->sk_state != BT_LISTEN)
287 if (!bacmp(&bt_sk(sk)->src, ba))
294 /* Find socket listening on source bdaddr.
295 * Returns closest match.
297 static struct sock *sco_get_sock_listen(bdaddr_t *src)
299 struct sock *sk = NULL, *sk1 = NULL;
300 struct hlist_node *node;
302 read_lock(&sco_sk_list.lock);
304 sk_for_each(sk, node, &sco_sk_list.head) {
305 if (sk->sk_state != BT_LISTEN)
309 if (!bacmp(&bt_sk(sk)->src, src))
313 if (!bacmp(&bt_sk(sk)->src, BDADDR_ANY))
317 read_unlock(&sco_sk_list.lock);
319 return node ? sk : sk1;
322 static void sco_sock_destruct(struct sock *sk)
326 skb_queue_purge(&sk->sk_receive_queue);
327 skb_queue_purge(&sk->sk_write_queue);
330 static void sco_sock_cleanup_listen(struct sock *parent)
334 BT_DBG("parent %p", parent);
336 /* Close not yet accepted channels */
337 while ((sk = bt_accept_dequeue(parent, NULL))) {
342 parent->sk_state = BT_CLOSED;
343 sock_set_flag(parent, SOCK_ZAPPED);
346 /* Kill socket (only if zapped and orphan)
347 * Must be called on unlocked socket.
349 static void sco_sock_kill(struct sock *sk)
351 if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket)
354 BT_DBG("sk %p state %d", sk, sk->sk_state);
356 /* Kill poor orphan */
357 bt_sock_unlink(&sco_sk_list, sk);
358 sock_set_flag(sk, SOCK_DEAD);
362 static void __sco_sock_close(struct sock *sk)
364 BT_DBG("sk %p state %d socket %p", sk, sk->sk_state, sk->sk_socket);
366 switch (sk->sk_state) {
368 sco_sock_cleanup_listen(sk);
373 if (sco_pi(sk)->conn) {
374 sk->sk_state = BT_DISCONN;
375 sco_sock_set_timer(sk, SCO_DISCONN_TIMEOUT);
376 hci_conn_put(sco_pi(sk)->conn->hcon);
377 sco_pi(sk)->conn->hcon = NULL;
379 sco_chan_del(sk, ECONNRESET);
384 sco_chan_del(sk, ECONNRESET);
388 sock_set_flag(sk, SOCK_ZAPPED);
393 /* Must be called on unlocked socket. */
394 static void sco_sock_close(struct sock *sk)
396 sco_sock_clear_timer(sk);
398 __sco_sock_close(sk);
403 static void sco_sock_init(struct sock *sk, struct sock *parent)
408 sk->sk_type = parent->sk_type;
409 security_sk_clone(parent, sk);
413 static struct proto sco_proto = {
415 .owner = THIS_MODULE,
416 .obj_size = sizeof(struct sco_pinfo)
419 static struct sock *sco_sock_alloc(struct net *net, struct socket *sock, int proto, gfp_t prio)
423 sk = sk_alloc(net, PF_BLUETOOTH, prio, &sco_proto);
427 sock_init_data(sock, sk);
428 INIT_LIST_HEAD(&bt_sk(sk)->accept_q);
430 sk->sk_destruct = sco_sock_destruct;
431 sk->sk_sndtimeo = SCO_CONN_TIMEOUT;
433 sock_reset_flag(sk, SOCK_ZAPPED);
435 sk->sk_protocol = proto;
436 sk->sk_state = BT_OPEN;
438 setup_timer(&sk->sk_timer, sco_sock_timeout, (unsigned long)sk);
440 bt_sock_link(&sco_sk_list, sk);
444 static int sco_sock_create(struct net *net, struct socket *sock, int protocol,
449 BT_DBG("sock %p", sock);
451 sock->state = SS_UNCONNECTED;
453 if (sock->type != SOCK_SEQPACKET)
454 return -ESOCKTNOSUPPORT;
456 sock->ops = &sco_sock_ops;
458 sk = sco_sock_alloc(net, sock, protocol, GFP_ATOMIC);
462 sco_sock_init(sk, NULL);
466 static int sco_sock_bind(struct socket *sock, struct sockaddr *addr, int addr_len)
468 struct sockaddr_sco *sa = (struct sockaddr_sco *) addr;
469 struct sock *sk = sock->sk;
472 BT_DBG("sk %p %s", sk, batostr(&sa->sco_bdaddr));
474 if (!addr || addr->sa_family != AF_BLUETOOTH)
479 if (sk->sk_state != BT_OPEN) {
484 if (sk->sk_type != SOCK_SEQPACKET) {
489 bacpy(&bt_sk(sk)->src, &sa->sco_bdaddr);
491 sk->sk_state = BT_BOUND;
498 static int sco_sock_connect(struct socket *sock, struct sockaddr *addr, int alen, int flags)
500 struct sockaddr_sco *sa = (struct sockaddr_sco *) addr;
501 struct sock *sk = sock->sk;
507 if (alen < sizeof(struct sockaddr_sco) ||
508 addr->sa_family != AF_BLUETOOTH)
511 if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND)
514 if (sk->sk_type != SOCK_SEQPACKET)
519 /* Set destination address and psm */
520 bacpy(&bt_sk(sk)->dst, &sa->sco_bdaddr);
522 err = sco_connect(sk);
526 err = bt_sock_wait_state(sk, BT_CONNECTED,
527 sock_sndtimeo(sk, flags & O_NONBLOCK));
534 static int sco_sock_listen(struct socket *sock, int backlog)
536 struct sock *sk = sock->sk;
537 bdaddr_t *src = &bt_sk(sk)->src;
540 BT_DBG("sk %p backlog %d", sk, backlog);
544 if (sk->sk_state != BT_BOUND) {
549 if (sk->sk_type != SOCK_SEQPACKET) {
554 write_lock(&sco_sk_list.lock);
556 if (__sco_get_sock_listen_by_addr(src)) {
561 sk->sk_max_ack_backlog = backlog;
562 sk->sk_ack_backlog = 0;
564 sk->sk_state = BT_LISTEN;
567 write_unlock(&sco_sk_list.lock);
574 static int sco_sock_accept(struct socket *sock, struct socket *newsock, int flags)
576 DECLARE_WAITQUEUE(wait, current);
577 struct sock *sk = sock->sk, *ch;
583 timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK);
585 BT_DBG("sk %p timeo %ld", sk, timeo);
587 /* Wait for an incoming connection. (wake-one). */
588 add_wait_queue_exclusive(sk_sleep(sk), &wait);
590 set_current_state(TASK_INTERRUPTIBLE);
592 if (sk->sk_state != BT_LISTEN) {
597 ch = bt_accept_dequeue(sk, newsock);
606 if (signal_pending(current)) {
607 err = sock_intr_errno(timeo);
612 timeo = schedule_timeout(timeo);
615 __set_current_state(TASK_RUNNING);
616 remove_wait_queue(sk_sleep(sk), &wait);
621 newsock->state = SS_CONNECTED;
623 BT_DBG("new socket %p", ch);
630 static int sco_sock_getname(struct socket *sock, struct sockaddr *addr, int *len, int peer)
632 struct sockaddr_sco *sa = (struct sockaddr_sco *) addr;
633 struct sock *sk = sock->sk;
635 BT_DBG("sock %p, sk %p", sock, sk);
637 addr->sa_family = AF_BLUETOOTH;
638 *len = sizeof(struct sockaddr_sco);
641 bacpy(&sa->sco_bdaddr, &bt_sk(sk)->dst);
643 bacpy(&sa->sco_bdaddr, &bt_sk(sk)->src);
648 static int sco_sock_sendmsg(struct kiocb *iocb, struct socket *sock,
649 struct msghdr *msg, size_t len)
651 struct sock *sk = sock->sk;
654 BT_DBG("sock %p, sk %p", sock, sk);
656 err = sock_error(sk);
660 if (msg->msg_flags & MSG_OOB)
665 if (sk->sk_state == BT_CONNECTED)
666 err = sco_send_frame(sk, msg, len);
674 static int sco_sock_setsockopt(struct socket *sock, int level, int optname, char __user *optval, unsigned int optlen)
676 struct sock *sk = sock->sk;
693 static int sco_sock_getsockopt_old(struct socket *sock, int optname, char __user *optval, int __user *optlen)
695 struct sock *sk = sock->sk;
696 struct sco_options opts;
697 struct sco_conninfo cinfo;
702 if (get_user(len, optlen))
709 if (sk->sk_state != BT_CONNECTED) {
714 opts.mtu = sco_pi(sk)->conn->mtu;
716 BT_DBG("mtu %d", opts.mtu);
718 len = min_t(unsigned int, len, sizeof(opts));
719 if (copy_to_user(optval, (char *)&opts, len))
725 if (sk->sk_state != BT_CONNECTED) {
730 memset(&cinfo, 0, sizeof(cinfo));
731 cinfo.hci_handle = sco_pi(sk)->conn->hcon->handle;
732 memcpy(cinfo.dev_class, sco_pi(sk)->conn->hcon->dev_class, 3);
734 len = min_t(unsigned int, len, sizeof(cinfo));
735 if (copy_to_user(optval, (char *)&cinfo, len))
749 static int sco_sock_getsockopt(struct socket *sock, int level, int optname, char __user *optval, int __user *optlen)
751 struct sock *sk = sock->sk;
756 if (level == SOL_SCO)
757 return sco_sock_getsockopt_old(sock, optname, optval, optlen);
759 if (get_user(len, optlen))
774 static int sco_sock_shutdown(struct socket *sock, int how)
776 struct sock *sk = sock->sk;
779 BT_DBG("sock %p, sk %p", sock, sk);
785 if (!sk->sk_shutdown) {
786 sk->sk_shutdown = SHUTDOWN_MASK;
787 sco_sock_clear_timer(sk);
788 __sco_sock_close(sk);
790 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime)
791 err = bt_sock_wait_state(sk, BT_CLOSED,
798 static int sco_sock_release(struct socket *sock)
800 struct sock *sk = sock->sk;
803 BT_DBG("sock %p, sk %p", sock, sk);
810 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime) {
812 err = bt_sock_wait_state(sk, BT_CLOSED, sk->sk_lingertime);
821 static void __sco_chan_add(struct sco_conn *conn, struct sock *sk, struct sock *parent)
823 BT_DBG("conn %p", conn);
825 sco_pi(sk)->conn = conn;
829 bt_accept_enqueue(parent, sk);
833 * Must be called on the locked socket. */
834 static void sco_chan_del(struct sock *sk, int err)
836 struct sco_conn *conn;
838 conn = sco_pi(sk)->conn;
840 BT_DBG("sk %p, conn %p, err %d", sk, conn, err);
845 sco_pi(sk)->conn = NULL;
846 sco_conn_unlock(conn);
849 hci_conn_put(conn->hcon);
852 sk->sk_state = BT_CLOSED;
854 sk->sk_state_change(sk);
856 sock_set_flag(sk, SOCK_ZAPPED);
859 static void sco_conn_ready(struct sco_conn *conn)
862 struct sock *sk = conn->sk;
864 BT_DBG("conn %p", conn);
869 sco_sock_clear_timer(sk);
871 sk->sk_state = BT_CONNECTED;
872 sk->sk_state_change(sk);
875 parent = sco_get_sock_listen(conn->src);
879 bh_lock_sock(parent);
881 sk = sco_sock_alloc(sock_net(parent), NULL,
882 BTPROTO_SCO, GFP_ATOMIC);
884 bh_unlock_sock(parent);
888 sco_sock_init(sk, parent);
890 bacpy(&bt_sk(sk)->src, conn->src);
891 bacpy(&bt_sk(sk)->dst, conn->dst);
893 hci_conn_hold(conn->hcon);
894 __sco_chan_add(conn, sk, parent);
896 sk->sk_state = BT_CONNECTED;
899 parent->sk_data_ready(parent, 1);
901 bh_unlock_sock(parent);
905 sco_conn_unlock(conn);
908 /* ----- SCO interface with lower layer (HCI) ----- */
909 int sco_connect_ind(struct hci_dev *hdev, bdaddr_t *bdaddr)
912 struct hlist_node *node;
915 BT_DBG("hdev %s, bdaddr %s", hdev->name, batostr(bdaddr));
917 /* Find listening sockets */
918 read_lock(&sco_sk_list.lock);
919 sk_for_each(sk, node, &sco_sk_list.head) {
920 if (sk->sk_state != BT_LISTEN)
923 if (!bacmp(&bt_sk(sk)->src, &hdev->bdaddr) ||
924 !bacmp(&bt_sk(sk)->src, BDADDR_ANY)) {
929 read_unlock(&sco_sk_list.lock);
934 int sco_connect_cfm(struct hci_conn *hcon, __u8 status)
936 BT_DBG("hcon %p bdaddr %s status %d", hcon, batostr(&hcon->dst), status);
938 struct sco_conn *conn;
940 conn = sco_conn_add(hcon);
942 sco_conn_ready(conn);
944 sco_conn_del(hcon, bt_to_errno(status));
949 int sco_disconn_cfm(struct hci_conn *hcon, __u8 reason)
951 BT_DBG("hcon %p reason %d", hcon, reason);
953 sco_conn_del(hcon, bt_to_errno(reason));
957 int sco_recv_scodata(struct hci_conn *hcon, struct sk_buff *skb)
959 struct sco_conn *conn = hcon->sco_data;
964 BT_DBG("conn %p len %d", conn, skb->len);
967 sco_recv_frame(conn, skb);
976 static int sco_debugfs_show(struct seq_file *f, void *p)
979 struct hlist_node *node;
981 read_lock(&sco_sk_list.lock);
983 sk_for_each(sk, node, &sco_sk_list.head) {
984 seq_printf(f, "%s %s %d\n", batostr(&bt_sk(sk)->src),
985 batostr(&bt_sk(sk)->dst), sk->sk_state);
988 read_unlock(&sco_sk_list.lock);
993 static int sco_debugfs_open(struct inode *inode, struct file *file)
995 return single_open(file, sco_debugfs_show, inode->i_private);
998 static const struct file_operations sco_debugfs_fops = {
999 .open = sco_debugfs_open,
1001 .llseek = seq_lseek,
1002 .release = single_release,
1005 static struct dentry *sco_debugfs;
1007 static const struct proto_ops sco_sock_ops = {
1008 .family = PF_BLUETOOTH,
1009 .owner = THIS_MODULE,
1010 .release = sco_sock_release,
1011 .bind = sco_sock_bind,
1012 .connect = sco_sock_connect,
1013 .listen = sco_sock_listen,
1014 .accept = sco_sock_accept,
1015 .getname = sco_sock_getname,
1016 .sendmsg = sco_sock_sendmsg,
1017 .recvmsg = bt_sock_recvmsg,
1018 .poll = bt_sock_poll,
1019 .ioctl = bt_sock_ioctl,
1020 .mmap = sock_no_mmap,
1021 .socketpair = sock_no_socketpair,
1022 .shutdown = sco_sock_shutdown,
1023 .setsockopt = sco_sock_setsockopt,
1024 .getsockopt = sco_sock_getsockopt
1027 static const struct net_proto_family sco_sock_family_ops = {
1028 .family = PF_BLUETOOTH,
1029 .owner = THIS_MODULE,
1030 .create = sco_sock_create,
1033 int __init sco_init(void)
1037 err = proto_register(&sco_proto, 0);
1041 err = bt_sock_register(BTPROTO_SCO, &sco_sock_family_ops);
1043 BT_ERR("SCO socket registration failed");
1048 sco_debugfs = debugfs_create_file("sco", 0444, bt_debugfs,
1049 NULL, &sco_debugfs_fops);
1051 BT_ERR("Failed to create SCO debug file");
1054 BT_INFO("SCO socket layer initialized");
1059 proto_unregister(&sco_proto);
1063 void __exit sco_exit(void)
1065 debugfs_remove(sco_debugfs);
1067 if (bt_sock_unregister(BTPROTO_SCO) < 0)
1068 BT_ERR("SCO socket unregistration failed");
1070 proto_unregister(&sco_proto);
1073 module_param(disable_esco, bool, 0644);
1074 MODULE_PARM_DESC(disable_esco, "Disable eSCO connection creation");