2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
26 * Bluetooth HCI socket layer.
28 * $Id: hci_sock.c,v 1.4 2002/04/18 22:26:14 maxk Exp $
31 #include <linux/config.h>
32 #include <linux/module.h>
34 #include <linux/types.h>
35 #include <linux/errno.h>
36 #include <linux/kernel.h>
37 #include <linux/major.h>
38 #include <linux/sched.h>
39 #include <linux/slab.h>
40 #include <linux/poll.h>
41 #include <linux/fcntl.h>
42 #include <linux/init.h>
43 #include <linux/skbuff.h>
44 #include <linux/workqueue.h>
45 #include <linux/interrupt.h>
46 #include <linux/socket.h>
47 #include <linux/ioctl.h>
50 #include <asm/system.h>
51 #include <asm/uaccess.h>
52 #include <asm/unaligned.h>
54 #include <net/bluetooth/bluetooth.h>
55 #include <net/bluetooth/hci_core.h>
57 #ifndef CONFIG_BT_HCI_SOCK_DEBUG
59 #define BT_DBG( A... )
62 /* ----- HCI socket interface ----- */
64 static inline int hci_test_bit(int nr, void *addr)
66 return *((__u32 *) addr + (nr >> 5)) & ((__u32) 1 << (nr & 31));
70 static struct hci_sec_filter hci_sec_filter = {
74 { 0x1000d9fe, 0x0000300c },
79 { 0xbe000006, 0x00000001, 0x0000, 0x00 },
81 { 0x00005200, 0x00000000, 0x0000, 0x00 },
83 { 0xaab00200, 0x2b402aaa, 0x0154, 0x00 },
85 { 0x000002be, 0x00000000, 0x0000, 0x00 },
86 /* OGF_STATUS_PARAM */
87 { 0x000000ea, 0x00000000, 0x0000, 0x00 }
91 static struct bt_sock_list hci_sk_list = {
92 .lock = RW_LOCK_UNLOCKED
95 /* Send frame to RAW socket */
96 void hci_send_to_sock(struct hci_dev *hdev, struct sk_buff *skb)
99 struct hlist_node *node;
101 BT_DBG("hdev %p len %d", hdev, skb->len);
103 read_lock(&hci_sk_list.lock);
104 sk_for_each(sk, node, &hci_sk_list.head) {
105 struct hci_filter *flt;
106 struct sk_buff *nskb;
108 if (sk->sk_state != BT_BOUND || hci_pi(sk)->hdev != hdev)
111 /* Don't send frame to the socket it came from */
116 flt = &hci_pi(sk)->filter;
118 if (!test_bit((skb->pkt_type & HCI_FLT_TYPE_BITS), &flt->type_mask))
121 if (skb->pkt_type == HCI_EVENT_PKT) {
122 register int evt = (*(__u8 *)skb->data & HCI_FLT_EVENT_BITS);
124 if (!hci_test_bit(evt, &flt->event_mask))
127 if (flt->opcode && ((evt == HCI_EV_CMD_COMPLETE &&
128 flt->opcode != *(__u16 *)(skb->data + 3)) ||
129 (evt == HCI_EV_CMD_STATUS &&
130 flt->opcode != *(__u16 *)(skb->data + 4))))
134 if (!(nskb = skb_clone(skb, GFP_ATOMIC)))
137 /* Put type byte before the data */
138 memcpy(skb_push(nskb, 1), &nskb->pkt_type, 1);
140 if (sock_queue_rcv_skb(sk, nskb))
144 read_unlock(&hci_sk_list.lock);
147 static int hci_sock_release(struct socket *sock)
149 struct sock *sk = sock->sk;
150 struct hci_dev *hdev = hci_pi(sk)->hdev;
152 BT_DBG("sock %p sk %p", sock, sk);
157 bt_sock_unlink(&hci_sk_list, sk);
160 atomic_dec(&hdev->promisc);
166 skb_queue_purge(&sk->sk_receive_queue);
167 skb_queue_purge(&sk->sk_write_queue);
173 /* Ioctls that require bound socket */
174 static inline int hci_sock_bound_ioctl(struct sock *sk, unsigned int cmd, unsigned long arg)
176 struct hci_dev *hdev = hci_pi(sk)->hdev;
183 if (!capable(CAP_NET_ADMIN))
187 set_bit(HCI_RAW, &hdev->flags);
189 clear_bit(HCI_RAW, &hdev->flags);
194 return hci_get_conn_info(hdev, arg);
198 return hdev->ioctl(hdev, cmd, arg);
203 static int hci_sock_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
205 struct sock *sk = sock->sk;
208 BT_DBG("cmd %x arg %lx", cmd, arg);
212 return hci_get_dev_list(arg);
215 return hci_get_dev_info(arg);
218 return hci_get_conn_list(arg);
221 if (!capable(CAP_NET_ADMIN))
223 return hci_dev_open(arg);
226 if (!capable(CAP_NET_ADMIN))
228 return hci_dev_close(arg);
231 if (!capable(CAP_NET_ADMIN))
233 return hci_dev_reset(arg);
236 if (!capable(CAP_NET_ADMIN))
238 return hci_dev_reset_stat(arg);
248 if (!capable(CAP_NET_ADMIN))
250 return hci_dev_cmd(cmd, arg);
253 return hci_inquiry(arg);
257 err = hci_sock_bound_ioctl(sk, cmd, arg);
263 static int hci_sock_bind(struct socket *sock, struct sockaddr *addr, int addr_len)
265 struct sockaddr_hci *haddr = (struct sockaddr_hci *) addr;
266 struct sock *sk = sock->sk;
267 struct hci_dev *hdev = NULL;
270 BT_DBG("sock %p sk %p", sock, sk);
272 if (!haddr || haddr->hci_family != AF_BLUETOOTH)
277 if (hci_pi(sk)->hdev) {
282 if (haddr->hci_dev != HCI_DEV_NONE) {
283 if (!(hdev = hci_dev_get(haddr->hci_dev))) {
288 atomic_inc(&hdev->promisc);
291 hci_pi(sk)->hdev = hdev;
292 sk->sk_state = BT_BOUND;
299 static int hci_sock_getname(struct socket *sock, struct sockaddr *addr, int *addr_len, int peer)
301 struct sockaddr_hci *haddr = (struct sockaddr_hci *) addr;
302 struct sock *sk = sock->sk;
304 BT_DBG("sock %p sk %p", sock, sk);
308 *addr_len = sizeof(*haddr);
309 haddr->hci_family = AF_BLUETOOTH;
310 haddr->hci_dev = hci_pi(sk)->hdev->id;
316 static inline void hci_sock_cmsg(struct sock *sk, struct msghdr *msg, struct sk_buff *skb)
318 __u32 mask = hci_pi(sk)->cmsg_mask;
320 if (mask & HCI_CMSG_DIR)
321 put_cmsg(msg, SOL_HCI, HCI_CMSG_DIR, sizeof(int), &bt_cb(skb)->incoming);
323 if (mask & HCI_CMSG_TSTAMP)
324 put_cmsg(msg, SOL_HCI, HCI_CMSG_TSTAMP, sizeof(skb->stamp), &skb->stamp);
327 static int hci_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
328 struct msghdr *msg, size_t len, int flags)
330 int noblock = flags & MSG_DONTWAIT;
331 struct sock *sk = sock->sk;
335 BT_DBG("sock %p, sk %p", sock, sk);
337 if (flags & (MSG_OOB))
340 if (sk->sk_state == BT_CLOSED)
343 if (!(skb = skb_recv_datagram(sk, flags, noblock, &err)))
346 msg->msg_namelen = 0;
350 msg->msg_flags |= MSG_TRUNC;
354 skb->h.raw = skb->data;
355 err = skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied);
357 hci_sock_cmsg(sk, msg, skb);
359 skb_free_datagram(sk, skb);
361 return err ? : copied;
364 static int hci_sock_sendmsg(struct kiocb *iocb, struct socket *sock,
365 struct msghdr *msg, size_t len)
367 struct sock *sk = sock->sk;
368 struct hci_dev *hdev;
372 BT_DBG("sock %p sk %p", sock, sk);
374 if (msg->msg_flags & MSG_OOB)
377 if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_NOSIGNAL|MSG_ERRQUEUE))
380 if (len < 4 || len > HCI_MAX_FRAME_SIZE)
385 if (!(hdev = hci_pi(sk)->hdev)) {
390 if (!(skb = bt_skb_send_alloc(sk, len, msg->msg_flags & MSG_DONTWAIT, &err)))
393 if (memcpy_fromiovec(skb_put(skb, len), msg->msg_iov, len)) {
398 skb->pkt_type = *((unsigned char *) skb->data);
400 skb->dev = (void *) hdev;
402 if (skb->pkt_type == HCI_COMMAND_PKT) {
403 u16 opcode = __le16_to_cpu(get_unaligned((u16 *)skb->data));
404 u16 ogf = hci_opcode_ogf(opcode);
405 u16 ocf = hci_opcode_ocf(opcode);
407 if (((ogf > HCI_SFLT_MAX_OGF) ||
408 !hci_test_bit(ocf & HCI_FLT_OCF_BITS, &hci_sec_filter.ocf_mask[ogf])) &&
409 !capable(CAP_NET_RAW)) {
414 if (test_bit(HCI_RAW, &hdev->flags) || (ogf == OGF_VENDOR_CMD)) {
415 skb_queue_tail(&hdev->raw_q, skb);
418 skb_queue_tail(&hdev->cmd_q, skb);
422 if (!capable(CAP_NET_RAW)) {
427 skb_queue_tail(&hdev->raw_q, skb);
442 int hci_sock_setsockopt(struct socket *sock, int level, int optname, char *optval, int len)
444 struct hci_ufilter uf = { .opcode = 0 };
445 struct sock *sk = sock->sk;
446 int err = 0, opt = 0;
448 BT_DBG("sk %p, opt %d", sk, optname);
454 if (get_user(opt, (int *)optval)) {
460 hci_pi(sk)->cmsg_mask |= HCI_CMSG_DIR;
462 hci_pi(sk)->cmsg_mask &= ~HCI_CMSG_DIR;
466 if (get_user(opt, (int *)optval)) {
472 hci_pi(sk)->cmsg_mask |= HCI_CMSG_TSTAMP;
474 hci_pi(sk)->cmsg_mask &= ~HCI_CMSG_TSTAMP;
478 len = min_t(unsigned int, len, sizeof(uf));
479 if (copy_from_user(&uf, optval, len)) {
484 if (!capable(CAP_NET_RAW)) {
485 uf.type_mask &= hci_sec_filter.type_mask;
486 uf.event_mask[0] &= *((u32 *) hci_sec_filter.event_mask + 0);
487 uf.event_mask[1] &= *((u32 *) hci_sec_filter.event_mask + 1);
491 struct hci_filter *f = &hci_pi(sk)->filter;
493 f->type_mask = uf.type_mask;
494 f->opcode = uf.opcode;
495 *((u32 *) f->event_mask + 0) = uf.event_mask[0];
496 *((u32 *) f->event_mask + 1) = uf.event_mask[1];
509 int hci_sock_getsockopt(struct socket *sock, int level, int optname, char *optval, int *optlen)
511 struct hci_ufilter uf;
512 struct sock *sk = sock->sk;
515 if (get_user(len, optlen))
520 if (hci_pi(sk)->cmsg_mask & HCI_CMSG_DIR)
525 if (put_user(opt, optval))
530 if (hci_pi(sk)->cmsg_mask & HCI_CMSG_TSTAMP)
535 if (put_user(opt, optval))
541 struct hci_filter *f = &hci_pi(sk)->filter;
543 uf.type_mask = f->type_mask;
544 uf.opcode = f->opcode;
545 uf.event_mask[0] = *((u32 *) f->event_mask + 0);
546 uf.event_mask[1] = *((u32 *) f->event_mask + 1);
549 len = min_t(unsigned int, len, sizeof(uf));
550 if (copy_to_user(optval, &uf, len))
562 struct proto_ops hci_sock_ops = {
563 .family = PF_BLUETOOTH,
564 .owner = THIS_MODULE,
565 .release = hci_sock_release,
566 .bind = hci_sock_bind,
567 .getname = hci_sock_getname,
568 .sendmsg = hci_sock_sendmsg,
569 .recvmsg = hci_sock_recvmsg,
570 .ioctl = hci_sock_ioctl,
571 .poll = datagram_poll,
572 .listen = sock_no_listen,
573 .shutdown = sock_no_shutdown,
574 .setsockopt = hci_sock_setsockopt,
575 .getsockopt = hci_sock_getsockopt,
576 .connect = sock_no_connect,
577 .socketpair = sock_no_socketpair,
578 .accept = sock_no_accept,
582 static int hci_sock_create(struct socket *sock, int protocol)
586 BT_DBG("sock %p", sock);
588 if (sock->type != SOCK_RAW)
589 return -ESOCKTNOSUPPORT;
591 sock->ops = &hci_sock_ops;
593 sk = bt_sock_alloc(sock, protocol, sizeof(struct hci_pinfo), GFP_KERNEL);
597 sk_set_owner(sk, THIS_MODULE);
599 sock->state = SS_UNCONNECTED;
600 sk->sk_state = BT_OPEN;
602 bt_sock_link(&hci_sk_list, sk);
606 static int hci_sock_dev_event(struct notifier_block *this, unsigned long event, void *ptr)
608 struct hci_dev *hdev = (struct hci_dev *) ptr;
609 struct hci_ev_si_device ev;
611 BT_DBG("hdev %s event %ld", hdev->name, event);
613 /* Send event to sockets */
615 ev.dev_id = hdev->id;
616 hci_si_event(NULL, HCI_EV_SI_DEVICE, sizeof(ev), &ev);
618 if (event == HCI_DEV_UNREG) {
620 struct hlist_node *node;
622 /* Detach sockets from device */
623 read_lock(&hci_sk_list.lock);
624 sk_for_each(sk, node, &hci_sk_list.head) {
626 if (hci_pi(sk)->hdev == hdev) {
627 hci_pi(sk)->hdev = NULL;
629 sk->sk_state = BT_OPEN;
630 sk->sk_state_change(sk);
636 read_unlock(&hci_sk_list.lock);
642 struct net_proto_family hci_sock_family_ops = {
643 .family = PF_BLUETOOTH,
644 .owner = THIS_MODULE,
645 .create = hci_sock_create,
648 struct notifier_block hci_sock_nblock = {
649 .notifier_call = hci_sock_dev_event
652 int __init hci_sock_init(void)
654 if (bt_sock_register(BTPROTO_HCI, &hci_sock_family_ops)) {
655 BT_ERR("HCI socket registration failed");
659 hci_register_notifier(&hci_sock_nblock);
661 BT_INFO("HCI socket layer initialized");
666 int __exit hci_sock_cleanup(void)
668 if (bt_sock_unregister(BTPROTO_HCI))
669 BT_ERR("HCI socket unregistration failed");
671 hci_unregister_notifier(&hci_sock_nblock);