2 RFCOMM implementation for Linux Bluetooth stack (BlueZ).
3 Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com>
4 Copyright (C) 2002 Marcel Holtmann <marcel@holtmann.org>
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License version 2 as
8 published by the Free Software Foundation;
10 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
11 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
12 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
13 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
14 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
15 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
17 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
20 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
21 SOFTWARE IS DISCLAIMED.
27 * $Id: sock.c,v 1.24 2002/10/03 01:00:34 maxk Exp $
30 #include <linux/config.h>
31 #include <linux/module.h>
33 #include <linux/types.h>
34 #include <linux/errno.h>
35 #include <linux/kernel.h>
36 #include <linux/major.h>
37 #include <linux/sched.h>
38 #include <linux/slab.h>
39 #include <linux/poll.h>
40 #include <linux/fcntl.h>
41 #include <linux/init.h>
42 #include <linux/interrupt.h>
43 #include <linux/socket.h>
44 #include <linux/skbuff.h>
45 #include <linux/list.h>
46 #include <linux/proc_fs.h>
47 #include <linux/seq_file.h>
50 #include <asm/system.h>
51 #include <asm/uaccess.h>
53 #include <net/bluetooth/bluetooth.h>
54 #include <net/bluetooth/hci_core.h>
55 #include <net/bluetooth/l2cap.h>
56 #include <net/bluetooth/rfcomm.h>
58 #ifndef CONFIG_BT_RFCOMM_DEBUG
63 static struct proto_ops rfcomm_sock_ops;
65 static struct bt_sock_list rfcomm_sk_list = {
66 .lock = RW_LOCK_UNLOCKED
69 static void rfcomm_sock_close(struct sock *sk);
70 static void rfcomm_sock_kill(struct sock *sk);
72 /* ---- DLC callbacks ----
74 * called under rfcomm_dlc_lock()
76 static void rfcomm_sk_data_ready(struct rfcomm_dlc *d, struct sk_buff *skb)
78 struct sock *sk = d->owner;
82 atomic_add(skb->len, &sk->sk_rmem_alloc);
83 skb_queue_tail(&sk->sk_receive_queue, skb);
84 sk->sk_data_ready(sk, skb->len);
86 if (atomic_read(&sk->sk_rmem_alloc) >= sk->sk_rcvbuf)
87 rfcomm_dlc_throttle(d);
90 static void rfcomm_sk_state_change(struct rfcomm_dlc *d, int err)
92 struct sock *sk = d->owner, *parent;
96 BT_DBG("dlc %p state %ld err %d", d, d->state, err);
103 sk->sk_state = d->state;
105 parent = bt_sk(sk)->parent;
107 if (d->state == BT_CLOSED) {
109 bt_accept_unlink(sk);
111 parent->sk_data_ready(parent, 0);
113 if (d->state == BT_CONNECTED)
114 rfcomm_session_getaddr(d->session, &bt_sk(sk)->src, NULL);
115 sk->sk_state_change(sk);
120 if (parent && sk->sk_zapped) {
121 /* We have to drop DLC lock here, otherwise
122 * rfcomm_sock_destruct() will dead lock. */
123 rfcomm_dlc_unlock(d);
124 rfcomm_sock_kill(sk);
129 /* ---- Socket functions ---- */
130 static struct sock *__rfcomm_get_sock_by_addr(u8 channel, bdaddr_t *src)
132 struct sock *sk = NULL;
133 struct hlist_node *node;
135 sk_for_each(sk, node, &rfcomm_sk_list.head) {
136 if (rfcomm_pi(sk)->channel == channel &&
137 !bacmp(&bt_sk(sk)->src, src))
141 return node ? sk : NULL;
144 /* Find socket with channel and source bdaddr.
145 * Returns closest match.
147 static struct sock *__rfcomm_get_sock_by_channel(int state, u8 channel, bdaddr_t *src)
149 struct sock *sk = NULL, *sk1 = NULL;
150 struct hlist_node *node;
152 sk_for_each(sk, node, &rfcomm_sk_list.head) {
153 if (state && sk->sk_state != state)
156 if (rfcomm_pi(sk)->channel == channel) {
158 if (!bacmp(&bt_sk(sk)->src, src))
162 if (!bacmp(&bt_sk(sk)->src, BDADDR_ANY))
166 return node ? sk : sk1;
169 /* Find socket with given address (channel, src).
170 * Returns locked socket */
171 static inline struct sock *rfcomm_get_sock_by_channel(int state, u8 channel, bdaddr_t *src)
174 read_lock(&rfcomm_sk_list.lock);
175 s = __rfcomm_get_sock_by_channel(state, channel, src);
176 if (s) bh_lock_sock(s);
177 read_unlock(&rfcomm_sk_list.lock);
181 static void rfcomm_sock_destruct(struct sock *sk)
183 struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc;
185 BT_DBG("sk %p dlc %p", sk, d);
187 skb_queue_purge(&sk->sk_receive_queue);
188 skb_queue_purge(&sk->sk_write_queue);
191 rfcomm_pi(sk)->dlc = NULL;
193 /* Detach DLC if it's owned by this socket */
196 rfcomm_dlc_unlock(d);
201 kfree(sk->sk_protinfo);
204 static void rfcomm_sock_cleanup_listen(struct sock *parent)
208 BT_DBG("parent %p", parent);
210 /* Close not yet accepted dlcs */
211 while ((sk = bt_accept_dequeue(parent, NULL))) {
212 rfcomm_sock_close(sk);
213 rfcomm_sock_kill(sk);
216 parent->sk_state = BT_CLOSED;
217 parent->sk_zapped = 1;
220 /* Kill socket (only if zapped and orphan)
221 * Must be called on unlocked socket.
223 static void rfcomm_sock_kill(struct sock *sk)
225 if (!sk->sk_zapped || sk->sk_socket)
228 BT_DBG("sk %p state %d refcnt %d", sk, sk->sk_state, atomic_read(&sk->sk_refcnt));
230 /* Kill poor orphan */
231 bt_sock_unlink(&rfcomm_sk_list, sk);
232 sock_set_flag(sk, SOCK_DEAD);
236 static void __rfcomm_sock_close(struct sock *sk)
238 struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc;
240 BT_DBG("sk %p state %d socket %p", sk, sk->sk_state, sk->sk_socket);
242 switch (sk->sk_state) {
244 rfcomm_sock_cleanup_listen(sk);
251 rfcomm_dlc_close(d, 0);
260 * Must be called on unlocked socket.
262 static void rfcomm_sock_close(struct sock *sk)
265 __rfcomm_sock_close(sk);
269 static void rfcomm_sock_init(struct sock *sk, struct sock *parent)
271 struct rfcomm_pinfo *pi = rfcomm_pi(sk);
276 sk->sk_type = parent->sk_type;
277 pi->link_mode = rfcomm_pi(parent)->link_mode;
282 pi->dlc->link_mode = pi->link_mode;
285 static struct sock *rfcomm_sock_alloc(struct socket *sock, int proto, int prio)
287 struct rfcomm_dlc *d;
290 sk = bt_sock_alloc(sock, BTPROTO_RFCOMM, sizeof(struct rfcomm_pinfo), prio);
294 sk_set_owner(sk, THIS_MODULE);
296 d = rfcomm_dlc_alloc(prio);
301 d->data_ready = rfcomm_sk_data_ready;
302 d->state_change = rfcomm_sk_state_change;
304 rfcomm_pi(sk)->dlc = d;
307 sk->sk_destruct = rfcomm_sock_destruct;
308 sk->sk_sndtimeo = RFCOMM_CONN_TIMEOUT;
310 sk->sk_sndbuf = RFCOMM_MAX_CREDITS * RFCOMM_DEFAULT_MTU * 10;
311 sk->sk_rcvbuf = RFCOMM_MAX_CREDITS * RFCOMM_DEFAULT_MTU * 10;
313 sk->sk_protocol = proto;
314 sk->sk_state = BT_OPEN;
316 bt_sock_link(&rfcomm_sk_list, sk);
322 static int rfcomm_sock_create(struct socket *sock, int protocol)
326 BT_DBG("sock %p", sock);
328 sock->state = SS_UNCONNECTED;
330 if (sock->type != SOCK_STREAM && sock->type != SOCK_RAW)
331 return -ESOCKTNOSUPPORT;
333 sock->ops = &rfcomm_sock_ops;
335 if (!(sk = rfcomm_sock_alloc(sock, protocol, GFP_KERNEL)))
338 rfcomm_sock_init(sk, NULL);
342 static int rfcomm_sock_bind(struct socket *sock, struct sockaddr *addr, int addr_len)
344 struct sockaddr_rc *sa = (struct sockaddr_rc *) addr;
345 struct sock *sk = sock->sk;
348 BT_DBG("sk %p %s", sk, batostr(&sa->rc_bdaddr));
350 if (!addr || addr->sa_family != AF_BLUETOOTH)
355 if (sk->sk_state != BT_OPEN) {
360 write_lock_bh(&rfcomm_sk_list.lock);
362 if (sa->rc_channel && __rfcomm_get_sock_by_addr(sa->rc_channel, &sa->rc_bdaddr)) {
365 /* Save source address */
366 bacpy(&bt_sk(sk)->src, &sa->rc_bdaddr);
367 rfcomm_pi(sk)->channel = sa->rc_channel;
368 sk->sk_state = BT_BOUND;
371 write_unlock_bh(&rfcomm_sk_list.lock);
378 static int rfcomm_sock_connect(struct socket *sock, struct sockaddr *addr, int alen, int flags)
380 struct sockaddr_rc *sa = (struct sockaddr_rc *) addr;
381 struct sock *sk = sock->sk;
382 struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc;
387 if (addr->sa_family != AF_BLUETOOTH || alen < sizeof(struct sockaddr_rc))
390 if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND)
393 if (sk->sk_type != SOCK_STREAM)
398 sk->sk_state = BT_CONNECT;
399 bacpy(&bt_sk(sk)->dst, &sa->rc_bdaddr);
400 rfcomm_pi(sk)->channel = sa->rc_channel;
402 err = rfcomm_dlc_open(d, &bt_sk(sk)->src, &sa->rc_bdaddr, sa->rc_channel);
404 err = bt_sock_wait_state(sk, BT_CONNECTED,
405 sock_sndtimeo(sk, flags & O_NONBLOCK));
411 static int rfcomm_sock_listen(struct socket *sock, int backlog)
413 struct sock *sk = sock->sk;
416 BT_DBG("sk %p backlog %d", sk, backlog);
420 if (sk->sk_state != BT_BOUND) {
425 if (!rfcomm_pi(sk)->channel) {
426 bdaddr_t *src = &bt_sk(sk)->src;
431 write_lock_bh(&rfcomm_sk_list.lock);
433 for (channel = 1; channel < 31; channel++)
434 if (!__rfcomm_get_sock_by_addr(channel, src)) {
435 rfcomm_pi(sk)->channel = channel;
440 write_unlock_bh(&rfcomm_sk_list.lock);
446 sk->sk_max_ack_backlog = backlog;
447 sk->sk_ack_backlog = 0;
448 sk->sk_state = BT_LISTEN;
455 static int rfcomm_sock_accept(struct socket *sock, struct socket *newsock, int flags)
457 DECLARE_WAITQUEUE(wait, current);
458 struct sock *sk = sock->sk, *nsk;
464 if (sk->sk_state != BT_LISTEN) {
469 timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK);
471 BT_DBG("sk %p timeo %ld", sk, timeo);
473 /* Wait for an incoming connection. (wake-one). */
474 add_wait_queue_exclusive(sk->sk_sleep, &wait);
475 while (!(nsk = bt_accept_dequeue(sk, newsock))) {
476 set_current_state(TASK_INTERRUPTIBLE);
483 timeo = schedule_timeout(timeo);
486 if (sk->sk_state != BT_LISTEN) {
491 if (signal_pending(current)) {
492 err = sock_intr_errno(timeo);
496 set_current_state(TASK_RUNNING);
497 remove_wait_queue(sk->sk_sleep, &wait);
502 newsock->state = SS_CONNECTED;
504 BT_DBG("new socket %p", nsk);
511 static int rfcomm_sock_getname(struct socket *sock, struct sockaddr *addr, int *len, int peer)
513 struct sockaddr_rc *sa = (struct sockaddr_rc *) addr;
514 struct sock *sk = sock->sk;
516 BT_DBG("sock %p, sk %p", sock, sk);
518 sa->rc_family = AF_BLUETOOTH;
519 sa->rc_channel = rfcomm_pi(sk)->channel;
521 bacpy(&sa->rc_bdaddr, &bt_sk(sk)->dst);
523 bacpy(&sa->rc_bdaddr, &bt_sk(sk)->src);
525 *len = sizeof(struct sockaddr_rc);
529 static int rfcomm_sock_sendmsg(struct kiocb *iocb, struct socket *sock,
530 struct msghdr *msg, size_t len)
532 struct sock *sk = sock->sk;
533 struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc;
538 if (msg->msg_flags & MSG_OOB)
541 if (sk->sk_shutdown & SEND_SHUTDOWN)
544 BT_DBG("sock %p, sk %p", sock, sk);
549 size_t size = min_t(size_t, len, d->mtu);
551 skb = sock_alloc_send_skb(sk, size + RFCOMM_SKB_RESERVE,
552 msg->msg_flags & MSG_DONTWAIT, &err);
555 skb_reserve(skb, RFCOMM_SKB_HEAD_RESERVE);
557 err = memcpy_fromiovec(skb_put(skb, size), msg->msg_iov, size);
564 err = rfcomm_dlc_send(d, skb);
576 return sent ? sent : err;
579 static long rfcomm_sock_data_wait(struct sock *sk, long timeo)
581 DECLARE_WAITQUEUE(wait, current);
583 add_wait_queue(sk->sk_sleep, &wait);
585 set_current_state(TASK_INTERRUPTIBLE);
587 if (skb_queue_len(&sk->sk_receive_queue) || sk->sk_err || (sk->sk_shutdown & RCV_SHUTDOWN) ||
588 signal_pending(current) || !timeo)
591 set_bit(SOCK_ASYNC_WAITDATA, &sk->sk_socket->flags);
593 timeo = schedule_timeout(timeo);
595 clear_bit(SOCK_ASYNC_WAITDATA, &sk->sk_socket->flags);
598 __set_current_state(TASK_RUNNING);
599 remove_wait_queue(sk->sk_sleep, &wait);
603 static int rfcomm_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
604 struct msghdr *msg, size_t size, int flags)
606 struct sock *sk = sock->sk;
608 size_t target, copied = 0;
614 msg->msg_namelen = 0;
616 BT_DBG("sk %p size %d", sk, size);
620 target = sock_rcvlowat(sk, flags & MSG_WAITALL, size);
621 timeo = sock_rcvtimeo(sk, flags & MSG_DONTWAIT);
627 skb = skb_dequeue(&sk->sk_receive_queue);
629 if (copied >= target)
632 if ((err = sock_error(sk)) != 0)
634 if (sk->sk_shutdown & RCV_SHUTDOWN)
641 timeo = rfcomm_sock_data_wait(sk, timeo);
643 if (signal_pending(current)) {
644 err = sock_intr_errno(timeo);
650 chunk = min_t(unsigned int, skb->len, size);
651 if (memcpy_toiovec(msg->msg_iov, skb->data, chunk)) {
652 skb_queue_head(&sk->sk_receive_queue, skb);
660 if (!(flags & MSG_PEEK)) {
661 atomic_sub(chunk, &sk->sk_rmem_alloc);
663 skb_pull(skb, chunk);
665 skb_queue_head(&sk->sk_receive_queue, skb);
671 /* put message back and return */
672 skb_queue_head(&sk->sk_receive_queue, skb);
678 if (atomic_read(&sk->sk_rmem_alloc) <= (sk->sk_rcvbuf >> 2))
679 rfcomm_dlc_unthrottle(rfcomm_pi(sk)->dlc);
682 return copied ? : err;
685 static int rfcomm_sock_setsockopt(struct socket *sock, int level, int optname, char __user *optval, int optlen)
687 struct sock *sk = sock->sk;
697 if (get_user(opt, (u32 __user *) optval)) {
702 rfcomm_pi(sk)->link_mode = opt;
714 static int rfcomm_sock_getsockopt(struct socket *sock, int level, int optname, char __user *optval, int __user *optlen)
716 struct sock *sk = sock->sk;
717 struct sock *l2cap_sk;
718 struct rfcomm_conninfo cinfo;
723 if (get_user(len, optlen))
730 if (put_user(rfcomm_pi(sk)->link_mode, (u32 __user *) optval))
734 case RFCOMM_CONNINFO:
735 if (sk->sk_state != BT_CONNECTED) {
740 l2cap_sk = rfcomm_pi(sk)->dlc->session->sock->sk;
742 cinfo.hci_handle = l2cap_pi(l2cap_sk)->conn->hcon->handle;
743 memcpy(cinfo.dev_class, l2cap_pi(l2cap_sk)->conn->hcon->dev_class, 3);
745 len = min_t(unsigned int, len, sizeof(cinfo));
746 if (copy_to_user(optval, (char *) &cinfo, len))
760 static int rfcomm_sock_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
762 struct sock *sk = sock->sk;
767 #ifdef CONFIG_BT_RFCOMM_TTY
768 err = rfcomm_dev_ioctl(sk, cmd, (void __user *)arg);
777 static int rfcomm_sock_shutdown(struct socket *sock, int how)
779 struct sock *sk = sock->sk;
782 BT_DBG("sock %p, sk %p", sock, sk);
787 if (!sk->sk_shutdown) {
788 sk->sk_shutdown = SHUTDOWN_MASK;
789 __rfcomm_sock_close(sk);
791 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime)
792 err = bt_sock_wait_state(sk, BT_CLOSED, sk->sk_lingertime);
798 static int rfcomm_sock_release(struct socket *sock)
800 struct sock *sk = sock->sk;
803 BT_DBG("sock %p, sk %p", sock, sk);
808 err = rfcomm_sock_shutdown(sock, 2);
811 rfcomm_sock_kill(sk);
815 /* ---- RFCOMM core layer callbacks ----
817 * called under rfcomm_lock()
819 int rfcomm_connect_ind(struct rfcomm_session *s, u8 channel, struct rfcomm_dlc **d)
821 struct sock *sk, *parent;
825 BT_DBG("session %p channel %d", s, channel);
827 rfcomm_session_getaddr(s, &src, &dst);
829 /* Check if we have socket listening on channel */
830 parent = rfcomm_get_sock_by_channel(BT_LISTEN, channel, &src);
834 /* Check for backlog size */
835 if (parent->sk_ack_backlog > parent->sk_max_ack_backlog) {
836 BT_DBG("backlog full %d", parent->sk_ack_backlog);
840 sk = rfcomm_sock_alloc(NULL, BTPROTO_RFCOMM, GFP_ATOMIC);
844 rfcomm_sock_init(sk, parent);
845 bacpy(&bt_sk(sk)->src, &src);
846 bacpy(&bt_sk(sk)->dst, &dst);
847 rfcomm_pi(sk)->channel = channel;
849 sk->sk_state = BT_CONFIG;
850 bt_accept_enqueue(parent, sk);
852 /* Accept connection and return socket DLC */
853 *d = rfcomm_pi(sk)->dlc;
857 bh_unlock_sock(parent);
861 /* ---- Proc fs support ---- */
862 #ifdef CONFIG_PROC_FS
863 static void *rfcomm_seq_start(struct seq_file *seq, loff_t *pos)
866 struct hlist_node *node;
869 read_lock_bh(&rfcomm_sk_list.lock);
871 sk_for_each(sk, node, &rfcomm_sk_list.head)
877 static void *rfcomm_seq_next(struct seq_file *seq, void *e, loff_t *pos)
884 static void rfcomm_seq_stop(struct seq_file *seq, void *e)
886 read_unlock_bh(&rfcomm_sk_list.lock);
889 static int rfcomm_seq_show(struct seq_file *seq, void *e)
892 seq_printf(seq, "%s %s %d %d\n",
893 batostr(&bt_sk(sk)->src), batostr(&bt_sk(sk)->dst),
894 sk->sk_state, rfcomm_pi(sk)->channel);
898 static struct seq_operations rfcomm_seq_ops = {
899 .start = rfcomm_seq_start,
900 .next = rfcomm_seq_next,
901 .stop = rfcomm_seq_stop,
902 .show = rfcomm_seq_show
905 static int rfcomm_seq_open(struct inode *inode, struct file *file)
907 return seq_open(file, &rfcomm_seq_ops);
910 static struct file_operations rfcomm_seq_fops = {
911 .owner = THIS_MODULE,
912 .open = rfcomm_seq_open,
915 .release = seq_release,
918 static int __init rfcomm_sock_proc_init(void)
920 struct proc_dir_entry *p = create_proc_entry("sock", S_IRUGO, proc_bt_rfcomm);
923 p->proc_fops = &rfcomm_seq_fops;
927 static void __exit rfcomm_sock_proc_cleanup(void)
929 remove_proc_entry("sock", proc_bt_rfcomm);
932 #else /* CONFIG_PROC_FS */
934 static int __init rfcomm_sock_proc_init(void)
939 static void __exit rfcomm_sock_proc_cleanup(void)
943 #endif /* CONFIG_PROC_FS */
945 static struct proto_ops rfcomm_sock_ops = {
946 .family = PF_BLUETOOTH,
947 .owner = THIS_MODULE,
948 .release = rfcomm_sock_release,
949 .bind = rfcomm_sock_bind,
950 .connect = rfcomm_sock_connect,
951 .listen = rfcomm_sock_listen,
952 .accept = rfcomm_sock_accept,
953 .getname = rfcomm_sock_getname,
954 .sendmsg = rfcomm_sock_sendmsg,
955 .recvmsg = rfcomm_sock_recvmsg,
956 .shutdown = rfcomm_sock_shutdown,
957 .setsockopt = rfcomm_sock_setsockopt,
958 .getsockopt = rfcomm_sock_getsockopt,
959 .ioctl = rfcomm_sock_ioctl,
960 .poll = bt_sock_poll,
961 .socketpair = sock_no_socketpair,
965 static struct net_proto_family rfcomm_sock_family_ops = {
966 .family = PF_BLUETOOTH,
967 .owner = THIS_MODULE,
968 .create = rfcomm_sock_create
971 int __init rfcomm_init_sockets(void)
975 if ((err = bt_sock_register(BTPROTO_RFCOMM, &rfcomm_sock_family_ops))) {
976 BT_ERR("RFCOMM socket layer registration failed. %d", err);
980 rfcomm_sock_proc_init();
982 BT_INFO("RFCOMM socket layer initialized");
986 void __exit rfcomm_cleanup_sockets(void)
990 rfcomm_sock_proc_cleanup();
992 /* Unregister socket, protocol and notifier */
993 if ((err = bt_sock_unregister(BTPROTO_RFCOMM)))
994 BT_ERR("RFCOMM socket layer unregistration failed. %d", err);