2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
5 Copyright (C) 2010 Google Inc.
6 Copyright (C) 2011 ProFUSION Embedded Systems
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License version 2 as
12 published by the Free Software Foundation;
14 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
15 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
17 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
18 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
19 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
20 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
21 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
23 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
24 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
25 SOFTWARE IS DISCLAIMED.
28 /* Bluetooth L2CAP sockets. */
30 #include <linux/module.h>
31 #include <linux/export.h>
32 #include <linux/filter.h>
33 #include <linux/sched/signal.h>
35 #include <net/bluetooth/bluetooth.h>
36 #include <net/bluetooth/hci_core.h>
37 #include <net/bluetooth/l2cap.h>
41 static struct bt_sock_list l2cap_sk_list = {
42 .lock = __RW_LOCK_UNLOCKED(l2cap_sk_list.lock)
45 static const struct proto_ops l2cap_sock_ops;
46 static void l2cap_sock_init(struct sock *sk, struct sock *parent);
47 static struct sock *l2cap_sock_alloc(struct net *net, struct socket *sock,
48 int proto, gfp_t prio, int kern);
49 static void l2cap_sock_cleanup_listen(struct sock *parent);
51 bool l2cap_is_socket(struct socket *sock)
53 return sock && sock->ops == &l2cap_sock_ops;
55 EXPORT_SYMBOL(l2cap_is_socket);
57 static int l2cap_validate_bredr_psm(u16 psm)
59 /* PSM must be odd and lsb of upper byte must be 0 */
60 if ((psm & 0x0101) != 0x0001)
63 /* Restrict usage of well-known PSMs */
64 if (psm < L2CAP_PSM_DYN_START && !capable(CAP_NET_BIND_SERVICE))
70 static int l2cap_validate_le_psm(u16 psm)
72 /* Valid LE_PSM ranges are defined only until 0x00ff */
73 if (psm > L2CAP_PSM_LE_DYN_END)
76 /* Restrict fixed, SIG assigned PSM values to CAP_NET_BIND_SERVICE */
77 if (psm < L2CAP_PSM_LE_DYN_START && !capable(CAP_NET_BIND_SERVICE))
83 static int l2cap_sock_bind(struct socket *sock, struct sockaddr *addr, int alen)
85 struct sock *sk = sock->sk;
86 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
87 struct sockaddr_l2 la;
92 if (!addr || alen < offsetofend(struct sockaddr, sa_family) ||
93 addr->sa_family != AF_BLUETOOTH)
96 memset(&la, 0, sizeof(la));
97 len = min_t(unsigned int, sizeof(la), alen);
98 memcpy(&la, addr, len);
100 if (la.l2_cid && la.l2_psm)
103 if (!bdaddr_type_is_valid(la.l2_bdaddr_type))
106 if (bdaddr_type_is_le(la.l2_bdaddr_type)) {
107 /* We only allow ATT user space socket */
109 la.l2_cid != cpu_to_le16(L2CAP_CID_ATT))
115 if (sk->sk_state != BT_OPEN) {
121 __u16 psm = __le16_to_cpu(la.l2_psm);
123 if (la.l2_bdaddr_type == BDADDR_BREDR)
124 err = l2cap_validate_bredr_psm(psm);
126 err = l2cap_validate_le_psm(psm);
132 bacpy(&chan->src, &la.l2_bdaddr);
133 chan->src_type = la.l2_bdaddr_type;
136 err = l2cap_add_scid(chan, __le16_to_cpu(la.l2_cid));
138 err = l2cap_add_psm(chan, &la.l2_bdaddr, la.l2_psm);
143 switch (chan->chan_type) {
144 case L2CAP_CHAN_CONN_LESS:
145 if (__le16_to_cpu(la.l2_psm) == L2CAP_PSM_3DSP)
146 chan->sec_level = BT_SECURITY_SDP;
148 case L2CAP_CHAN_CONN_ORIENTED:
149 if (__le16_to_cpu(la.l2_psm) == L2CAP_PSM_SDP ||
150 __le16_to_cpu(la.l2_psm) == L2CAP_PSM_RFCOMM)
151 chan->sec_level = BT_SECURITY_SDP;
154 chan->sec_level = BT_SECURITY_SDP;
156 case L2CAP_CHAN_FIXED:
157 /* Fixed channels default to the L2CAP core not holding a
158 * hci_conn reference for them. For fixed channels mapping to
159 * L2CAP sockets we do want to hold a reference so set the
160 * appropriate flag to request it.
162 set_bit(FLAG_HOLD_HCI_CONN, &chan->flags);
166 /* Use L2CAP_MODE_LE_FLOWCTL (CoC) in case of LE address and
167 * L2CAP_MODE_EXT_FLOWCTL (ECRED) has not been set.
169 if (chan->psm && bdaddr_type_is_le(chan->src_type) &&
170 chan->mode != L2CAP_MODE_EXT_FLOWCTL)
171 chan->mode = L2CAP_MODE_LE_FLOWCTL;
173 chan->state = BT_BOUND;
174 sk->sk_state = BT_BOUND;
181 static int l2cap_sock_connect(struct socket *sock, struct sockaddr *addr,
184 struct sock *sk = sock->sk;
185 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
186 struct sockaddr_l2 la;
193 zapped = sock_flag(sk, SOCK_ZAPPED);
199 if (!addr || alen < offsetofend(struct sockaddr, sa_family) ||
200 addr->sa_family != AF_BLUETOOTH)
203 memset(&la, 0, sizeof(la));
204 len = min_t(unsigned int, sizeof(la), alen);
205 memcpy(&la, addr, len);
207 if (la.l2_cid && la.l2_psm)
210 if (!bdaddr_type_is_valid(la.l2_bdaddr_type))
213 /* Check that the socket wasn't bound to something that
214 * conflicts with the address given to connect(). If chan->src
215 * is BDADDR_ANY it means bind() was never used, in which case
216 * chan->src_type and la.l2_bdaddr_type do not need to match.
218 if (chan->src_type == BDADDR_BREDR && bacmp(&chan->src, BDADDR_ANY) &&
219 bdaddr_type_is_le(la.l2_bdaddr_type)) {
220 /* Old user space versions will try to incorrectly bind
221 * the ATT socket using BDADDR_BREDR. We need to accept
222 * this and fix up the source address type only when
223 * both the source CID and destination CID indicate
224 * ATT. Anything else is an invalid combination.
226 if (chan->scid != L2CAP_CID_ATT ||
227 la.l2_cid != cpu_to_le16(L2CAP_CID_ATT))
230 /* We don't have the hdev available here to make a
231 * better decision on random vs public, but since all
232 * user space versions that exhibit this issue anyway do
233 * not support random local addresses assuming public
234 * here is good enough.
236 chan->src_type = BDADDR_LE_PUBLIC;
239 if (chan->src_type != BDADDR_BREDR && la.l2_bdaddr_type == BDADDR_BREDR)
242 if (bdaddr_type_is_le(la.l2_bdaddr_type)) {
243 /* We only allow ATT user space socket */
245 la.l2_cid != cpu_to_le16(L2CAP_CID_ATT))
249 /* Use L2CAP_MODE_LE_FLOWCTL (CoC) in case of LE address and
250 * L2CAP_MODE_EXT_FLOWCTL (ECRED) has not been set.
252 if (chan->psm && bdaddr_type_is_le(chan->src_type) &&
253 chan->mode != L2CAP_MODE_EXT_FLOWCTL)
254 chan->mode = L2CAP_MODE_LE_FLOWCTL;
256 err = l2cap_chan_connect(chan, la.l2_psm, __le16_to_cpu(la.l2_cid),
257 &la.l2_bdaddr, la.l2_bdaddr_type,
264 err = bt_sock_wait_state(sk, BT_CONNECTED,
265 sock_sndtimeo(sk, flags & O_NONBLOCK));
272 static int l2cap_sock_listen(struct socket *sock, int backlog)
274 struct sock *sk = sock->sk;
275 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
278 BT_DBG("sk %p backlog %d", sk, backlog);
282 if (sk->sk_state != BT_BOUND) {
287 if (sk->sk_type != SOCK_SEQPACKET && sk->sk_type != SOCK_STREAM) {
292 switch (chan->mode) {
293 case L2CAP_MODE_BASIC:
294 case L2CAP_MODE_LE_FLOWCTL:
296 case L2CAP_MODE_EXT_FLOWCTL:
302 case L2CAP_MODE_ERTM:
303 case L2CAP_MODE_STREAMING:
312 sk->sk_max_ack_backlog = backlog;
313 sk->sk_ack_backlog = 0;
315 /* Listening channels need to use nested locking in order not to
316 * cause lockdep warnings when the created child channels end up
317 * being locked in the same thread as the parent channel.
319 atomic_set(&chan->nesting, L2CAP_NESTING_PARENT);
321 chan->state = BT_LISTEN;
322 sk->sk_state = BT_LISTEN;
329 static int l2cap_sock_accept(struct socket *sock, struct socket *newsock,
330 struct proto_accept_arg *arg)
332 DEFINE_WAIT_FUNC(wait, woken_wake_function);
333 struct sock *sk = sock->sk, *nsk;
337 lock_sock_nested(sk, L2CAP_NESTING_PARENT);
339 timeo = sock_rcvtimeo(sk, arg->flags & O_NONBLOCK);
341 BT_DBG("sk %p timeo %ld", sk, timeo);
343 /* Wait for an incoming connection. (wake-one). */
344 add_wait_queue_exclusive(sk_sleep(sk), &wait);
346 if (sk->sk_state != BT_LISTEN) {
351 nsk = bt_accept_dequeue(sk, newsock);
360 if (signal_pending(current)) {
361 err = sock_intr_errno(timeo);
367 timeo = wait_woken(&wait, TASK_INTERRUPTIBLE, timeo);
369 lock_sock_nested(sk, L2CAP_NESTING_PARENT);
371 remove_wait_queue(sk_sleep(sk), &wait);
376 newsock->state = SS_CONNECTED;
378 BT_DBG("new socket %p", nsk);
385 static int l2cap_sock_getname(struct socket *sock, struct sockaddr *addr,
388 struct sockaddr_l2 *la = (struct sockaddr_l2 *) addr;
389 struct sock *sk = sock->sk;
390 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
392 BT_DBG("sock %p, sk %p", sock, sk);
394 if (peer && sk->sk_state != BT_CONNECTED &&
395 sk->sk_state != BT_CONNECT && sk->sk_state != BT_CONNECT2 &&
396 sk->sk_state != BT_CONFIG)
399 memset(la, 0, sizeof(struct sockaddr_l2));
400 addr->sa_family = AF_BLUETOOTH;
402 la->l2_psm = chan->psm;
405 bacpy(&la->l2_bdaddr, &chan->dst);
406 la->l2_cid = cpu_to_le16(chan->dcid);
407 la->l2_bdaddr_type = chan->dst_type;
409 bacpy(&la->l2_bdaddr, &chan->src);
410 la->l2_cid = cpu_to_le16(chan->scid);
411 la->l2_bdaddr_type = chan->src_type;
414 return sizeof(struct sockaddr_l2);
417 static int l2cap_get_mode(struct l2cap_chan *chan)
419 switch (chan->mode) {
420 case L2CAP_MODE_BASIC:
421 return BT_MODE_BASIC;
422 case L2CAP_MODE_ERTM:
424 case L2CAP_MODE_STREAMING:
425 return BT_MODE_STREAMING;
426 case L2CAP_MODE_LE_FLOWCTL:
427 return BT_MODE_LE_FLOWCTL;
428 case L2CAP_MODE_EXT_FLOWCTL:
429 return BT_MODE_EXT_FLOWCTL;
435 static int l2cap_sock_getsockopt_old(struct socket *sock, int optname,
436 char __user *optval, int __user *optlen)
438 struct sock *sk = sock->sk;
439 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
440 struct l2cap_options opts;
441 struct l2cap_conninfo cinfo;
448 if (get_user(len, optlen))
455 /* LE sockets should use BT_SNDMTU/BT_RCVMTU, but since
456 * legacy ATT code depends on getsockopt for
457 * L2CAP_OPTIONS we need to let this pass.
459 if (bdaddr_type_is_le(chan->src_type) &&
460 chan->scid != L2CAP_CID_ATT) {
465 /* Only BR/EDR modes are supported here */
466 switch (chan->mode) {
467 case L2CAP_MODE_BASIC:
468 case L2CAP_MODE_ERTM:
469 case L2CAP_MODE_STREAMING:
479 memset(&opts, 0, sizeof(opts));
480 opts.imtu = chan->imtu;
481 opts.omtu = chan->omtu;
482 opts.flush_to = chan->flush_to;
483 opts.mode = chan->mode;
484 opts.fcs = chan->fcs;
485 opts.max_tx = chan->max_tx;
486 opts.txwin_size = chan->tx_win;
488 BT_DBG("mode 0x%2.2x", chan->mode);
490 len = min(len, sizeof(opts));
491 if (copy_to_user(optval, (char *) &opts, len))
497 switch (chan->sec_level) {
498 case BT_SECURITY_LOW:
501 case BT_SECURITY_MEDIUM:
502 opt = L2CAP_LM_AUTH | L2CAP_LM_ENCRYPT;
504 case BT_SECURITY_HIGH:
505 opt = L2CAP_LM_AUTH | L2CAP_LM_ENCRYPT |
508 case BT_SECURITY_FIPS:
509 opt = L2CAP_LM_AUTH | L2CAP_LM_ENCRYPT |
510 L2CAP_LM_SECURE | L2CAP_LM_FIPS;
517 if (test_bit(FLAG_ROLE_SWITCH, &chan->flags))
518 opt |= L2CAP_LM_MASTER;
520 if (test_bit(FLAG_FORCE_RELIABLE, &chan->flags))
521 opt |= L2CAP_LM_RELIABLE;
523 if (put_user(opt, (u32 __user *) optval))
529 if (sk->sk_state != BT_CONNECTED &&
530 !(sk->sk_state == BT_CONNECT2 &&
531 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags))) {
536 memset(&cinfo, 0, sizeof(cinfo));
537 cinfo.hci_handle = chan->conn->hcon->handle;
538 memcpy(cinfo.dev_class, chan->conn->hcon->dev_class, 3);
540 len = min(len, sizeof(cinfo));
541 if (copy_to_user(optval, (char *) &cinfo, len))
555 static int l2cap_sock_getsockopt(struct socket *sock, int level, int optname,
556 char __user *optval, int __user *optlen)
558 struct sock *sk = sock->sk;
559 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
560 struct bt_security sec;
563 int len, mode, err = 0;
567 if (level == SOL_L2CAP)
568 return l2cap_sock_getsockopt_old(sock, optname, optval, optlen);
570 if (level != SOL_BLUETOOTH)
573 if (get_user(len, optlen))
580 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
581 chan->chan_type != L2CAP_CHAN_FIXED &&
582 chan->chan_type != L2CAP_CHAN_RAW) {
587 memset(&sec, 0, sizeof(sec));
589 sec.level = chan->conn->hcon->sec_level;
591 if (sk->sk_state == BT_CONNECTED)
592 sec.key_size = chan->conn->hcon->enc_key_size;
594 sec.level = chan->sec_level;
597 len = min_t(unsigned int, len, sizeof(sec));
598 if (copy_to_user(optval, (char *) &sec, len))
604 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
609 if (put_user(test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags),
610 (u32 __user *) optval))
616 if (put_user(test_bit(FLAG_FLUSHABLE, &chan->flags),
617 (u32 __user *) optval))
623 if (sk->sk_type != SOCK_SEQPACKET && sk->sk_type != SOCK_STREAM
624 && sk->sk_type != SOCK_RAW) {
629 pwr.force_active = test_bit(FLAG_FORCE_ACTIVE, &chan->flags);
631 len = min_t(unsigned int, len, sizeof(pwr));
632 if (copy_to_user(optval, (char *) &pwr, len))
637 case BT_CHANNEL_POLICY:
638 if (put_user(chan->chan_policy, (u32 __user *) optval))
643 if (!bdaddr_type_is_le(chan->src_type)) {
648 if (sk->sk_state != BT_CONNECTED) {
653 if (put_user(chan->omtu, (u16 __user *) optval))
658 if (!bdaddr_type_is_le(chan->src_type)) {
663 if (put_user(chan->imtu, (u16 __user *) optval))
668 if (sk->sk_state != BT_CONNECTED) {
673 phys = hci_conn_get_phy(chan->conn->hcon);
675 if (put_user(phys, (u32 __user *) optval))
685 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED) {
690 mode = l2cap_get_mode(chan);
696 if (put_user(mode, (u8 __user *) optval))
709 static bool l2cap_valid_mtu(struct l2cap_chan *chan, u16 mtu)
711 switch (chan->scid) {
713 if (mtu && mtu < L2CAP_LE_MIN_MTU)
718 if (mtu && mtu < L2CAP_DEFAULT_MIN_MTU)
725 static int l2cap_sock_setsockopt_old(struct socket *sock, int optname,
726 sockptr_t optval, unsigned int optlen)
728 struct sock *sk = sock->sk;
729 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
730 struct l2cap_options opts;
740 if (bdaddr_type_is_le(chan->src_type)) {
745 if (sk->sk_state == BT_CONNECTED) {
750 opts.imtu = chan->imtu;
751 opts.omtu = chan->omtu;
752 opts.flush_to = chan->flush_to;
753 opts.mode = chan->mode;
754 opts.fcs = chan->fcs;
755 opts.max_tx = chan->max_tx;
756 opts.txwin_size = chan->tx_win;
758 err = copy_safe_from_sockptr(&opts, sizeof(opts), optval,
763 if (opts.txwin_size > L2CAP_DEFAULT_EXT_WINDOW) {
768 if (!l2cap_valid_mtu(chan, opts.imtu)) {
773 /* Only BR/EDR modes are supported here */
775 case L2CAP_MODE_BASIC:
776 clear_bit(CONF_STATE2_DEVICE, &chan->conf_state);
778 case L2CAP_MODE_ERTM:
779 case L2CAP_MODE_STREAMING:
791 chan->mode = opts.mode;
793 BT_DBG("mode 0x%2.2x", chan->mode);
795 chan->imtu = opts.imtu;
796 chan->omtu = opts.omtu;
797 chan->fcs = opts.fcs;
798 chan->max_tx = opts.max_tx;
799 chan->tx_win = opts.txwin_size;
800 chan->flush_to = opts.flush_to;
804 err = copy_safe_from_sockptr(&opt, sizeof(opt), optval, optlen);
808 if (opt & L2CAP_LM_FIPS) {
813 if (opt & L2CAP_LM_AUTH)
814 chan->sec_level = BT_SECURITY_LOW;
815 if (opt & L2CAP_LM_ENCRYPT)
816 chan->sec_level = BT_SECURITY_MEDIUM;
817 if (opt & L2CAP_LM_SECURE)
818 chan->sec_level = BT_SECURITY_HIGH;
820 if (opt & L2CAP_LM_MASTER)
821 set_bit(FLAG_ROLE_SWITCH, &chan->flags);
823 clear_bit(FLAG_ROLE_SWITCH, &chan->flags);
825 if (opt & L2CAP_LM_RELIABLE)
826 set_bit(FLAG_FORCE_RELIABLE, &chan->flags);
828 clear_bit(FLAG_FORCE_RELIABLE, &chan->flags);
840 static int l2cap_set_mode(struct l2cap_chan *chan, u8 mode)
844 if (bdaddr_type_is_le(chan->src_type))
846 mode = L2CAP_MODE_BASIC;
847 clear_bit(CONF_STATE2_DEVICE, &chan->conf_state);
850 if (!disable_ertm || bdaddr_type_is_le(chan->src_type))
852 mode = L2CAP_MODE_ERTM;
854 case BT_MODE_STREAMING:
855 if (!disable_ertm || bdaddr_type_is_le(chan->src_type))
857 mode = L2CAP_MODE_STREAMING;
859 case BT_MODE_LE_FLOWCTL:
860 if (!bdaddr_type_is_le(chan->src_type))
862 mode = L2CAP_MODE_LE_FLOWCTL;
864 case BT_MODE_EXT_FLOWCTL:
865 /* TODO: Add support for ECRED PDUs to BR/EDR */
866 if (!bdaddr_type_is_le(chan->src_type))
868 mode = L2CAP_MODE_EXT_FLOWCTL;
879 static int l2cap_sock_setsockopt(struct socket *sock, int level, int optname,
880 sockptr_t optval, unsigned int optlen)
882 struct sock *sk = sock->sk;
883 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
884 struct bt_security sec;
886 struct l2cap_conn *conn;
894 if (level == SOL_L2CAP)
895 return l2cap_sock_setsockopt_old(sock, optname, optval, optlen);
897 if (level != SOL_BLUETOOTH)
904 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
905 chan->chan_type != L2CAP_CHAN_FIXED &&
906 chan->chan_type != L2CAP_CHAN_RAW) {
911 sec.level = BT_SECURITY_LOW;
913 err = copy_safe_from_sockptr(&sec, sizeof(sec), optval, optlen);
917 if (sec.level < BT_SECURITY_LOW ||
918 sec.level > BT_SECURITY_FIPS) {
923 chan->sec_level = sec.level;
930 /* change security for LE channels */
931 if (chan->scid == L2CAP_CID_ATT) {
932 if (smp_conn_security(conn->hcon, sec.level)) {
937 set_bit(FLAG_PENDING_SECURITY, &chan->flags);
938 sk->sk_state = BT_CONFIG;
939 chan->state = BT_CONFIG;
941 /* or for ACL link */
942 } else if ((sk->sk_state == BT_CONNECT2 &&
943 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) ||
944 sk->sk_state == BT_CONNECTED) {
945 if (!l2cap_chan_check_security(chan, true))
946 set_bit(BT_SK_SUSPEND, &bt_sk(sk)->flags);
948 sk->sk_state_change(sk);
955 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
960 err = copy_safe_from_sockptr(&opt, sizeof(opt), optval, optlen);
965 set_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
966 set_bit(FLAG_DEFER_SETUP, &chan->flags);
968 clear_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
969 clear_bit(FLAG_DEFER_SETUP, &chan->flags);
974 err = copy_safe_from_sockptr(&opt, sizeof(opt), optval, optlen);
978 if (opt > BT_FLUSHABLE_ON) {
983 if (opt == BT_FLUSHABLE_OFF) {
985 /* proceed further only when we have l2cap_conn and
986 No Flush support in the LM */
987 if (!conn || !lmp_no_flush_capable(conn->hcon->hdev)) {
994 set_bit(FLAG_FLUSHABLE, &chan->flags);
996 clear_bit(FLAG_FLUSHABLE, &chan->flags);
1000 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
1001 chan->chan_type != L2CAP_CHAN_RAW) {
1006 pwr.force_active = BT_POWER_FORCE_ACTIVE_ON;
1008 err = copy_safe_from_sockptr(&pwr, sizeof(pwr), optval, optlen);
1012 if (pwr.force_active)
1013 set_bit(FLAG_FORCE_ACTIVE, &chan->flags);
1015 clear_bit(FLAG_FORCE_ACTIVE, &chan->flags);
1018 case BT_CHANNEL_POLICY:
1019 err = copy_safe_from_sockptr(&opt, sizeof(opt), optval, optlen);
1027 if (!bdaddr_type_is_le(chan->src_type)) {
1032 /* Setting is not supported as it's the remote side that
1039 if (!bdaddr_type_is_le(chan->src_type)) {
1044 if (chan->mode == L2CAP_MODE_LE_FLOWCTL &&
1045 sk->sk_state == BT_CONNECTED) {
1050 err = copy_safe_from_sockptr(&mtu, sizeof(mtu), optval, optlen);
1054 if (chan->mode == L2CAP_MODE_EXT_FLOWCTL &&
1055 sk->sk_state == BT_CONNECTED)
1056 err = l2cap_chan_reconfigure(chan, mtu);
1063 if (!enable_ecred) {
1068 BT_DBG("sk->sk_state %u", sk->sk_state);
1070 if (sk->sk_state != BT_BOUND) {
1075 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED) {
1080 err = copy_safe_from_sockptr(&mode, sizeof(mode), optval,
1085 BT_DBG("mode %u", mode);
1087 err = l2cap_set_mode(chan, mode);
1091 BT_DBG("mode 0x%2.2x", chan->mode);
1104 static int l2cap_sock_sendmsg(struct socket *sock, struct msghdr *msg,
1107 struct sock *sk = sock->sk;
1108 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
1111 BT_DBG("sock %p, sk %p", sock, sk);
1113 err = sock_error(sk);
1117 if (msg->msg_flags & MSG_OOB)
1120 if (sk->sk_state != BT_CONNECTED)
1124 err = bt_sock_wait_ready(sk, msg->msg_flags);
1129 l2cap_chan_lock(chan);
1130 err = l2cap_chan_send(chan, msg, len);
1131 l2cap_chan_unlock(chan);
1136 static void l2cap_publish_rx_avail(struct l2cap_chan *chan)
1138 struct sock *sk = chan->data;
1139 ssize_t avail = sk->sk_rcvbuf - atomic_read(&sk->sk_rmem_alloc);
1140 int expected_skbs, skb_overhead;
1143 l2cap_chan_rx_avail(chan, 0);
1148 l2cap_chan_rx_avail(chan, -1);
1152 /* Correct available memory by estimated sk_buff overhead.
1153 * This is significant due to small transfer sizes. However, accept
1154 * at least one full packet if receive space is non-zero.
1156 expected_skbs = DIV_ROUND_UP(avail, chan->mps);
1157 skb_overhead = expected_skbs * sizeof(struct sk_buff);
1158 if (skb_overhead < avail)
1159 l2cap_chan_rx_avail(chan, avail - skb_overhead);
1161 l2cap_chan_rx_avail(chan, -1);
1164 static int l2cap_sock_recvmsg(struct socket *sock, struct msghdr *msg,
1165 size_t len, int flags)
1167 struct sock *sk = sock->sk;
1168 struct l2cap_pinfo *pi = l2cap_pi(sk);
1173 if (sk->sk_state == BT_CONNECT2 && test_bit(BT_SK_DEFER_SETUP,
1174 &bt_sk(sk)->flags)) {
1175 if (pi->chan->mode == L2CAP_MODE_EXT_FLOWCTL) {
1176 sk->sk_state = BT_CONNECTED;
1177 pi->chan->state = BT_CONNECTED;
1178 __l2cap_ecred_conn_rsp_defer(pi->chan);
1179 } else if (bdaddr_type_is_le(pi->chan->src_type)) {
1180 sk->sk_state = BT_CONNECTED;
1181 pi->chan->state = BT_CONNECTED;
1182 __l2cap_le_connect_rsp_defer(pi->chan);
1184 sk->sk_state = BT_CONFIG;
1185 pi->chan->state = BT_CONFIG;
1186 __l2cap_connect_rsp_defer(pi->chan);
1195 if (sock->type == SOCK_STREAM)
1196 err = bt_sock_stream_recvmsg(sock, msg, len, flags);
1198 err = bt_sock_recvmsg(sock, msg, len, flags);
1200 if (pi->chan->mode != L2CAP_MODE_ERTM &&
1201 pi->chan->mode != L2CAP_MODE_LE_FLOWCTL &&
1202 pi->chan->mode != L2CAP_MODE_EXT_FLOWCTL)
1207 l2cap_publish_rx_avail(pi->chan);
1209 /* Attempt to put pending rx data in the socket buffer */
1210 while (!list_empty(&pi->rx_busy)) {
1211 struct l2cap_rx_busy *rx_busy =
1212 list_first_entry(&pi->rx_busy,
1213 struct l2cap_rx_busy,
1215 if (__sock_queue_rcv_skb(sk, rx_busy->skb) < 0)
1217 list_del(&rx_busy->list);
1221 /* Restore data flow when half of the receive buffer is
1222 * available. This avoids resending large numbers of
1225 if (test_bit(CONN_LOCAL_BUSY, &pi->chan->conn_state) &&
1226 atomic_read(&sk->sk_rmem_alloc) <= sk->sk_rcvbuf >> 1)
1227 l2cap_chan_busy(pi->chan, 0);
1234 /* Kill socket (only if zapped and orphan)
1235 * Must be called on unlocked socket, with l2cap channel lock.
1237 static void l2cap_sock_kill(struct sock *sk)
1239 if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket)
1242 BT_DBG("sk %p state %s", sk, state_to_string(sk->sk_state));
1244 /* Sock is dead, so set chan data to NULL, avoid other task use invalid
1247 l2cap_pi(sk)->chan->data = NULL;
1248 /* Kill poor orphan */
1250 l2cap_chan_put(l2cap_pi(sk)->chan);
1251 sock_set_flag(sk, SOCK_DEAD);
1255 static int __l2cap_wait_ack(struct sock *sk, struct l2cap_chan *chan)
1257 DECLARE_WAITQUEUE(wait, current);
1259 int timeo = L2CAP_WAIT_ACK_POLL_PERIOD;
1260 /* Timeout to prevent infinite loop */
1261 unsigned long timeout = jiffies + L2CAP_WAIT_ACK_TIMEOUT;
1263 add_wait_queue(sk_sleep(sk), &wait);
1264 set_current_state(TASK_INTERRUPTIBLE);
1266 BT_DBG("Waiting for %d ACKs, timeout %04d ms",
1267 chan->unacked_frames, time_after(jiffies, timeout) ? 0 :
1268 jiffies_to_msecs(timeout - jiffies));
1271 timeo = L2CAP_WAIT_ACK_POLL_PERIOD;
1273 if (signal_pending(current)) {
1274 err = sock_intr_errno(timeo);
1279 timeo = schedule_timeout(timeo);
1281 set_current_state(TASK_INTERRUPTIBLE);
1283 err = sock_error(sk);
1287 if (time_after(jiffies, timeout)) {
1292 } while (chan->unacked_frames > 0 &&
1293 chan->state == BT_CONNECTED);
1295 set_current_state(TASK_RUNNING);
1296 remove_wait_queue(sk_sleep(sk), &wait);
1300 static int l2cap_sock_shutdown(struct socket *sock, int how)
1302 struct sock *sk = sock->sk;
1303 struct l2cap_chan *chan;
1304 struct l2cap_conn *conn;
1307 BT_DBG("sock %p, sk %p, how %d", sock, sk, how);
1309 /* 'how' parameter is mapped to sk_shutdown as follows:
1310 * SHUT_RD (0) --> RCV_SHUTDOWN (1)
1311 * SHUT_WR (1) --> SEND_SHUTDOWN (2)
1312 * SHUT_RDWR (2) --> SHUTDOWN_MASK (3)
1321 if ((sk->sk_shutdown & how) == how)
1322 goto shutdown_already;
1324 BT_DBG("Handling sock shutdown");
1326 /* prevent sk structure from being freed whilst unlocked */
1329 /* prevent chan structure from being freed whilst unlocked */
1330 chan = l2cap_chan_hold_unless_zero(l2cap_pi(sk)->chan);
1332 goto shutdown_already;
1334 BT_DBG("chan %p state %s", chan, state_to_string(chan->state));
1336 if (chan->mode == L2CAP_MODE_ERTM &&
1337 chan->unacked_frames > 0 &&
1338 chan->state == BT_CONNECTED) {
1339 err = __l2cap_wait_ack(sk, chan);
1341 /* After waiting for ACKs, check whether shutdown
1342 * has already been actioned to close the L2CAP
1343 * link such as by l2cap_disconnection_req().
1345 if ((sk->sk_shutdown & how) == how)
1346 goto shutdown_matched;
1349 /* Try setting the RCV_SHUTDOWN bit, return early if SEND_SHUTDOWN
1352 if ((how & RCV_SHUTDOWN) && !(sk->sk_shutdown & RCV_SHUTDOWN)) {
1353 sk->sk_shutdown |= RCV_SHUTDOWN;
1354 if ((sk->sk_shutdown & how) == how)
1355 goto shutdown_matched;
1358 sk->sk_shutdown |= SEND_SHUTDOWN;
1361 l2cap_chan_lock(chan);
1362 /* prevent conn structure from being freed */
1363 conn = l2cap_conn_hold_unless_zero(chan->conn);
1364 l2cap_chan_unlock(chan);
1367 /* mutex lock must be taken before l2cap_chan_lock() */
1368 mutex_lock(&conn->lock);
1370 l2cap_chan_lock(chan);
1371 l2cap_chan_close(chan, 0);
1372 l2cap_chan_unlock(chan);
1375 mutex_unlock(&conn->lock);
1376 l2cap_conn_put(conn);
1381 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime &&
1382 !(current->flags & PF_EXITING))
1383 err = bt_sock_wait_state(sk, BT_CLOSED,
1387 l2cap_chan_put(chan);
1391 if (!err && sk->sk_err)
1396 BT_DBG("Sock shutdown complete err: %d", err);
1401 static int l2cap_sock_release(struct socket *sock)
1403 struct sock *sk = sock->sk;
1405 struct l2cap_chan *chan;
1407 BT_DBG("sock %p, sk %p", sock, sk);
1412 l2cap_sock_cleanup_listen(sk);
1413 bt_sock_unlink(&l2cap_sk_list, sk);
1415 err = l2cap_sock_shutdown(sock, SHUT_RDWR);
1416 chan = l2cap_pi(sk)->chan;
1418 l2cap_chan_hold(chan);
1419 l2cap_chan_lock(chan);
1422 l2cap_sock_kill(sk);
1424 l2cap_chan_unlock(chan);
1425 l2cap_chan_put(chan);
1430 static void l2cap_sock_cleanup_listen(struct sock *parent)
1434 BT_DBG("parent %p state %s", parent,
1435 state_to_string(parent->sk_state));
1437 /* Close not yet accepted channels */
1438 while ((sk = bt_accept_dequeue(parent, NULL))) {
1439 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
1441 BT_DBG("child chan %p state %s", chan,
1442 state_to_string(chan->state));
1444 l2cap_chan_hold(chan);
1445 l2cap_chan_lock(chan);
1447 __clear_chan_timer(chan);
1448 l2cap_chan_close(chan, ECONNRESET);
1449 l2cap_sock_kill(sk);
1451 l2cap_chan_unlock(chan);
1452 l2cap_chan_put(chan);
1456 static struct l2cap_chan *l2cap_sock_new_connection_cb(struct l2cap_chan *chan)
1458 struct sock *sk, *parent = chan->data;
1462 /* Check for backlog size */
1463 if (sk_acceptq_is_full(parent)) {
1464 BT_DBG("backlog full %d", parent->sk_ack_backlog);
1465 release_sock(parent);
1469 sk = l2cap_sock_alloc(sock_net(parent), NULL, BTPROTO_L2CAP,
1472 release_sock(parent);
1476 bt_sock_reclassify_lock(sk, BTPROTO_L2CAP);
1478 l2cap_sock_init(sk, parent);
1480 bt_accept_enqueue(parent, sk, false);
1482 release_sock(parent);
1484 return l2cap_pi(sk)->chan;
1487 static int l2cap_sock_recv_cb(struct l2cap_chan *chan, struct sk_buff *skb)
1490 struct l2cap_pinfo *pi;
1499 if (chan->mode == L2CAP_MODE_ERTM && !list_empty(&pi->rx_busy)) {
1504 if (chan->mode != L2CAP_MODE_ERTM &&
1505 chan->mode != L2CAP_MODE_STREAMING &&
1506 chan->mode != L2CAP_MODE_LE_FLOWCTL &&
1507 chan->mode != L2CAP_MODE_EXT_FLOWCTL) {
1508 /* Even if no filter is attached, we could potentially
1509 * get errors from security modules, etc.
1511 err = sk_filter(sk, skb);
1516 err = __sock_queue_rcv_skb(sk, skb);
1518 l2cap_publish_rx_avail(chan);
1520 /* For ERTM and LE, handle a skb that doesn't fit into the recv
1521 * buffer. This is important to do because the data frames
1522 * have already been acked, so the skb cannot be discarded.
1524 * Notify the l2cap core that the buffer is full, so the
1525 * LOCAL_BUSY state is entered and no more frames are
1526 * acked and reassembled until there is buffer space
1530 (chan->mode == L2CAP_MODE_ERTM ||
1531 chan->mode == L2CAP_MODE_LE_FLOWCTL ||
1532 chan->mode == L2CAP_MODE_EXT_FLOWCTL)) {
1533 struct l2cap_rx_busy *rx_busy =
1534 kmalloc(sizeof(*rx_busy), GFP_KERNEL);
1540 list_add_tail(&rx_busy->list, &pi->rx_busy);
1541 l2cap_chan_busy(chan, 1);
1551 static void l2cap_sock_close_cb(struct l2cap_chan *chan)
1553 struct sock *sk = chan->data;
1558 l2cap_sock_kill(sk);
1561 static void l2cap_sock_teardown_cb(struct l2cap_chan *chan, int err)
1563 struct sock *sk = chan->data;
1564 struct sock *parent;
1569 BT_DBG("chan %p state %s", chan, state_to_string(chan->state));
1571 /* This callback can be called both for server (BT_LISTEN)
1572 * sockets as well as "normal" ones. To avoid lockdep warnings
1573 * with child socket locking (through l2cap_sock_cleanup_listen)
1574 * we need separation into separate nesting levels. The simplest
1575 * way to accomplish this is to inherit the nesting level used
1578 lock_sock_nested(sk, atomic_read(&chan->nesting));
1580 parent = bt_sk(sk)->parent;
1582 switch (chan->state) {
1588 l2cap_sock_cleanup_listen(sk);
1589 sk->sk_state = BT_CLOSED;
1590 chan->state = BT_CLOSED;
1594 sk->sk_state = BT_CLOSED;
1595 chan->state = BT_CLOSED;
1600 bt_accept_unlink(sk);
1601 parent->sk_data_ready(parent);
1603 sk->sk_state_change(sk);
1610 /* Only zap after cleanup to avoid use after free race */
1611 sock_set_flag(sk, SOCK_ZAPPED);
1615 static void l2cap_sock_state_change_cb(struct l2cap_chan *chan, int state,
1618 struct sock *sk = chan->data;
1620 sk->sk_state = state;
1626 static struct sk_buff *l2cap_sock_alloc_skb_cb(struct l2cap_chan *chan,
1627 unsigned long hdr_len,
1628 unsigned long len, int nb)
1630 struct sock *sk = chan->data;
1631 struct sk_buff *skb;
1634 l2cap_chan_unlock(chan);
1635 skb = bt_skb_send_alloc(sk, hdr_len + len, nb, &err);
1636 l2cap_chan_lock(chan);
1639 return ERR_PTR(err);
1641 /* Channel lock is released before requesting new skb and then
1642 * reacquired thus we need to recheck channel state.
1644 if (chan->state != BT_CONNECTED) {
1646 return ERR_PTR(-ENOTCONN);
1649 skb->priority = READ_ONCE(sk->sk_priority);
1651 bt_cb(skb)->l2cap.chan = chan;
1656 static void l2cap_sock_ready_cb(struct l2cap_chan *chan)
1658 struct sock *sk = chan->data;
1659 struct sock *parent;
1663 parent = bt_sk(sk)->parent;
1665 BT_DBG("sk %p, parent %p", sk, parent);
1667 sk->sk_state = BT_CONNECTED;
1668 sk->sk_state_change(sk);
1671 parent->sk_data_ready(parent);
1676 static void l2cap_sock_defer_cb(struct l2cap_chan *chan)
1678 struct sock *parent, *sk = chan->data;
1682 parent = bt_sk(sk)->parent;
1684 parent->sk_data_ready(parent);
1689 static void l2cap_sock_resume_cb(struct l2cap_chan *chan)
1691 struct sock *sk = chan->data;
1693 if (test_and_clear_bit(FLAG_PENDING_SECURITY, &chan->flags)) {
1694 sk->sk_state = BT_CONNECTED;
1695 chan->state = BT_CONNECTED;
1698 clear_bit(BT_SK_SUSPEND, &bt_sk(sk)->flags);
1699 sk->sk_state_change(sk);
1702 static void l2cap_sock_set_shutdown_cb(struct l2cap_chan *chan)
1704 struct sock *sk = chan->data;
1707 sk->sk_shutdown = SHUTDOWN_MASK;
1711 static long l2cap_sock_get_sndtimeo_cb(struct l2cap_chan *chan)
1713 struct sock *sk = chan->data;
1715 return sk->sk_sndtimeo;
1718 static struct pid *l2cap_sock_get_peer_pid_cb(struct l2cap_chan *chan)
1720 struct sock *sk = chan->data;
1722 return sk->sk_peer_pid;
1725 static void l2cap_sock_suspend_cb(struct l2cap_chan *chan)
1727 struct sock *sk = chan->data;
1729 set_bit(BT_SK_SUSPEND, &bt_sk(sk)->flags);
1730 sk->sk_state_change(sk);
1733 static int l2cap_sock_filter(struct l2cap_chan *chan, struct sk_buff *skb)
1735 struct sock *sk = chan->data;
1737 switch (chan->mode) {
1738 case L2CAP_MODE_ERTM:
1739 case L2CAP_MODE_STREAMING:
1740 return sk_filter(sk, skb);
1746 static const struct l2cap_ops l2cap_chan_ops = {
1747 .name = "L2CAP Socket Interface",
1748 .new_connection = l2cap_sock_new_connection_cb,
1749 .recv = l2cap_sock_recv_cb,
1750 .close = l2cap_sock_close_cb,
1751 .teardown = l2cap_sock_teardown_cb,
1752 .state_change = l2cap_sock_state_change_cb,
1753 .ready = l2cap_sock_ready_cb,
1754 .defer = l2cap_sock_defer_cb,
1755 .resume = l2cap_sock_resume_cb,
1756 .suspend = l2cap_sock_suspend_cb,
1757 .set_shutdown = l2cap_sock_set_shutdown_cb,
1758 .get_sndtimeo = l2cap_sock_get_sndtimeo_cb,
1759 .get_peer_pid = l2cap_sock_get_peer_pid_cb,
1760 .alloc_skb = l2cap_sock_alloc_skb_cb,
1761 .filter = l2cap_sock_filter,
1764 static void l2cap_sock_destruct(struct sock *sk)
1766 struct l2cap_rx_busy *rx_busy, *next;
1768 BT_DBG("sk %p", sk);
1770 if (l2cap_pi(sk)->chan) {
1771 l2cap_pi(sk)->chan->data = NULL;
1772 l2cap_chan_put(l2cap_pi(sk)->chan);
1775 list_for_each_entry_safe(rx_busy, next, &l2cap_pi(sk)->rx_busy, list) {
1776 kfree_skb(rx_busy->skb);
1777 list_del(&rx_busy->list);
1781 skb_queue_purge(&sk->sk_receive_queue);
1782 skb_queue_purge(&sk->sk_write_queue);
1785 static void l2cap_skb_msg_name(struct sk_buff *skb, void *msg_name,
1788 DECLARE_SOCKADDR(struct sockaddr_l2 *, la, msg_name);
1790 memset(la, 0, sizeof(struct sockaddr_l2));
1791 la->l2_family = AF_BLUETOOTH;
1792 la->l2_psm = bt_cb(skb)->l2cap.psm;
1793 bacpy(&la->l2_bdaddr, &bt_cb(skb)->l2cap.bdaddr);
1795 *msg_namelen = sizeof(struct sockaddr_l2);
1798 static void l2cap_sock_init(struct sock *sk, struct sock *parent)
1800 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
1802 BT_DBG("sk %p", sk);
1805 struct l2cap_chan *pchan = l2cap_pi(parent)->chan;
1807 sk->sk_type = parent->sk_type;
1808 bt_sk(sk)->flags = bt_sk(parent)->flags;
1810 chan->chan_type = pchan->chan_type;
1811 chan->imtu = pchan->imtu;
1812 chan->omtu = pchan->omtu;
1813 chan->conf_state = pchan->conf_state;
1814 chan->mode = pchan->mode;
1815 chan->fcs = pchan->fcs;
1816 chan->max_tx = pchan->max_tx;
1817 chan->tx_win = pchan->tx_win;
1818 chan->tx_win_max = pchan->tx_win_max;
1819 chan->sec_level = pchan->sec_level;
1820 chan->flags = pchan->flags;
1821 chan->tx_credits = pchan->tx_credits;
1822 chan->rx_credits = pchan->rx_credits;
1824 if (chan->chan_type == L2CAP_CHAN_FIXED) {
1825 chan->scid = pchan->scid;
1826 chan->dcid = pchan->scid;
1829 security_sk_clone(parent, sk);
1831 switch (sk->sk_type) {
1833 chan->chan_type = L2CAP_CHAN_RAW;
1836 chan->chan_type = L2CAP_CHAN_CONN_LESS;
1837 bt_sk(sk)->skb_msg_name = l2cap_skb_msg_name;
1839 case SOCK_SEQPACKET:
1841 chan->chan_type = L2CAP_CHAN_CONN_ORIENTED;
1845 chan->imtu = L2CAP_DEFAULT_MTU;
1847 if (!disable_ertm && sk->sk_type == SOCK_STREAM) {
1848 chan->mode = L2CAP_MODE_ERTM;
1849 set_bit(CONF_STATE2_DEVICE, &chan->conf_state);
1851 chan->mode = L2CAP_MODE_BASIC;
1854 l2cap_chan_set_defaults(chan);
1857 /* Default config options */
1858 chan->flush_to = L2CAP_DEFAULT_FLUSH_TO;
1861 chan->ops = &l2cap_chan_ops;
1863 l2cap_publish_rx_avail(chan);
1866 static struct proto l2cap_proto = {
1868 .owner = THIS_MODULE,
1869 .obj_size = sizeof(struct l2cap_pinfo)
1872 static struct sock *l2cap_sock_alloc(struct net *net, struct socket *sock,
1873 int proto, gfp_t prio, int kern)
1876 struct l2cap_chan *chan;
1878 sk = bt_sock_alloc(net, sock, &l2cap_proto, proto, prio, kern);
1882 sk->sk_destruct = l2cap_sock_destruct;
1883 sk->sk_sndtimeo = L2CAP_CONN_TIMEOUT;
1885 INIT_LIST_HEAD(&l2cap_pi(sk)->rx_busy);
1887 chan = l2cap_chan_create();
1895 l2cap_chan_hold(chan);
1897 l2cap_pi(sk)->chan = chan;
1902 static int l2cap_sock_create(struct net *net, struct socket *sock, int protocol,
1907 BT_DBG("sock %p", sock);
1909 sock->state = SS_UNCONNECTED;
1911 if (sock->type != SOCK_SEQPACKET && sock->type != SOCK_STREAM &&
1912 sock->type != SOCK_DGRAM && sock->type != SOCK_RAW)
1913 return -ESOCKTNOSUPPORT;
1915 if (sock->type == SOCK_RAW && !kern && !capable(CAP_NET_RAW))
1918 sock->ops = &l2cap_sock_ops;
1920 sk = l2cap_sock_alloc(net, sock, protocol, GFP_ATOMIC, kern);
1924 l2cap_sock_init(sk, NULL);
1925 bt_sock_link(&l2cap_sk_list, sk);
1929 static const struct proto_ops l2cap_sock_ops = {
1930 .family = PF_BLUETOOTH,
1931 .owner = THIS_MODULE,
1932 .release = l2cap_sock_release,
1933 .bind = l2cap_sock_bind,
1934 .connect = l2cap_sock_connect,
1935 .listen = l2cap_sock_listen,
1936 .accept = l2cap_sock_accept,
1937 .getname = l2cap_sock_getname,
1938 .sendmsg = l2cap_sock_sendmsg,
1939 .recvmsg = l2cap_sock_recvmsg,
1940 .poll = bt_sock_poll,
1941 .ioctl = bt_sock_ioctl,
1942 .gettstamp = sock_gettstamp,
1943 .mmap = sock_no_mmap,
1944 .socketpair = sock_no_socketpair,
1945 .shutdown = l2cap_sock_shutdown,
1946 .setsockopt = l2cap_sock_setsockopt,
1947 .getsockopt = l2cap_sock_getsockopt
1950 static const struct net_proto_family l2cap_sock_family_ops = {
1951 .family = PF_BLUETOOTH,
1952 .owner = THIS_MODULE,
1953 .create = l2cap_sock_create,
1956 int __init l2cap_init_sockets(void)
1960 BUILD_BUG_ON(sizeof(struct sockaddr_l2) > sizeof(struct sockaddr));
1962 err = proto_register(&l2cap_proto, 0);
1966 err = bt_sock_register(BTPROTO_L2CAP, &l2cap_sock_family_ops);
1968 BT_ERR("L2CAP socket registration failed");
1972 err = bt_procfs_init(&init_net, "l2cap", &l2cap_sk_list,
1975 BT_ERR("Failed to create L2CAP proc file");
1976 bt_sock_unregister(BTPROTO_L2CAP);
1980 BT_INFO("L2CAP socket layer initialized");
1985 proto_unregister(&l2cap_proto);
1989 void l2cap_cleanup_sockets(void)
1991 bt_procfs_cleanup(&init_net, "l2cap");
1992 bt_sock_unregister(BTPROTO_L2CAP);
1993 proto_unregister(&l2cap_proto);
projects / linux.git / blob