TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / hafnium / third_party / linux / 0e64123141f3854e695eb4924d82b52856691466 / . / net / bluetooth / sco.c
blob: 1915943bb646ad3b6fa86887134955f54b82244b [file] [log] [blame]
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]1/*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
4
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
23*/
24
25/* Bluetooth SCO sockets. */
26
27#include <linux/module.h>
28#include <linux/debugfs.h>
29#include <linux/seq_file.h>
30#include <linux/sched/signal.h>
31
32#include <net/bluetooth/bluetooth.h>
33#include <net/bluetooth/hci_core.h>
34#include <net/bluetooth/sco.h>
35
36static bool disable_esco;
37
38static const struct proto_ops sco_sock_ops;
39
40static struct bt_sock_list sco_sk_list = {
41 .lock = __RW_LOCK_UNLOCKED(sco_sk_list.lock)
42};
43
44/* ---- SCO connections ---- */
45struct sco_conn {
46 struct hci_conn *hcon;
47
48 spinlock_t lock;
49 struct sock *sk;
50
Olivier Deprez0e641232021-09-23 10:07:05 +0200[diff] [blame^]51 struct delayed_work timeout_work;
52
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]53 unsigned int mtu;
54};
55
56#define sco_conn_lock(c) spin_lock(&c->lock);
57#define sco_conn_unlock(c) spin_unlock(&c->lock);
58
59static void sco_sock_close(struct sock *sk);
60static void sco_sock_kill(struct sock *sk);
61
62/* ----- SCO socket info ----- */
63#define sco_pi(sk) ((struct sco_pinfo *) sk)
64
65struct sco_pinfo {
66 struct bt_sock bt;
67 bdaddr_t src;
68 bdaddr_t dst;
69 __u32 flags;
70 __u16 setting;
71 struct sco_conn *conn;
72};
73
74/* ---- SCO timers ---- */
75#define SCO_CONN_TIMEOUT (HZ * 40)
76#define SCO_DISCONN_TIMEOUT (HZ * 2)
77
Olivier Deprez0e641232021-09-23 10:07:05 +0200[diff] [blame^]78static void sco_sock_timeout(struct work_struct *work)
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]79{
Olivier Deprez0e641232021-09-23 10:07:05 +0200[diff] [blame^]80 struct sco_conn *conn = container_of(work, struct sco_conn,
81 timeout_work.work);
82 struct sock *sk;
83
84 sco_conn_lock(conn);
85 sk = conn->sk;
86 if (sk)
87 sock_hold(sk);
88 sco_conn_unlock(conn);
89
90 if (!sk)
91 return;
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]92
93 BT_DBG("sock %p state %d", sk, sk->sk_state);
94
95 bh_lock_sock(sk);
96 sk->sk_err = ETIMEDOUT;
97 sk->sk_state_change(sk);
98 bh_unlock_sock(sk);
99
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]100 sock_put(sk);
101}
102
103static void sco_sock_set_timer(struct sock *sk, long timeout)
104{
Olivier Deprez0e641232021-09-23 10:07:05 +0200[diff] [blame^]105 if (!sco_pi(sk)->conn)
106 return;
107
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]108 BT_DBG("sock %p state %d timeout %ld", sk, sk->sk_state, timeout);
Olivier Deprez0e641232021-09-23 10:07:05 +0200[diff] [blame^]109 cancel_delayed_work(&sco_pi(sk)->conn->timeout_work);
110 schedule_delayed_work(&sco_pi(sk)->conn->timeout_work, timeout);
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]111}
112
113static void sco_sock_clear_timer(struct sock *sk)
114{
Olivier Deprez0e641232021-09-23 10:07:05 +0200[diff] [blame^]115 if (!sco_pi(sk)->conn)
116 return;
117
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]118 BT_DBG("sock %p state %d", sk, sk->sk_state);
Olivier Deprez0e641232021-09-23 10:07:05 +0200[diff] [blame^]119 cancel_delayed_work(&sco_pi(sk)->conn->timeout_work);
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]120}
121
122/* ---- SCO connections ---- */
123static struct sco_conn *sco_conn_add(struct hci_conn *hcon)
124{
125 struct hci_dev *hdev = hcon->hdev;
126 struct sco_conn *conn = hcon->sco_data;
127
128 if (conn)
129 return conn;
130
131 conn = kzalloc(sizeof(struct sco_conn), GFP_KERNEL);
132 if (!conn)
133 return NULL;
134
135 spin_lock_init(&conn->lock);
136
137 hcon->sco_data = conn;
138 conn->hcon = hcon;
139
140 if (hdev->sco_mtu > 0)
141 conn->mtu = hdev->sco_mtu;
142 else
143 conn->mtu = 60;
144
145 BT_DBG("hcon %p conn %p", hcon, conn);
146
147 return conn;
148}
149
150/* Delete channel.
151 * Must be called on the locked socket. */
152static void sco_chan_del(struct sock *sk, int err)
153{
154 struct sco_conn *conn;
155
156 conn = sco_pi(sk)->conn;
157
158 BT_DBG("sk %p, conn %p, err %d", sk, conn, err);
159
160 if (conn) {
161 sco_conn_lock(conn);
162 conn->sk = NULL;
163 sco_pi(sk)->conn = NULL;
164 sco_conn_unlock(conn);
165
166 if (conn->hcon)
167 hci_conn_drop(conn->hcon);
168 }
169
170 sk->sk_state = BT_CLOSED;
171 sk->sk_err = err;
172 sk->sk_state_change(sk);
173
174 sock_set_flag(sk, SOCK_ZAPPED);
175}
176
177static void sco_conn_del(struct hci_conn *hcon, int err)
178{
179 struct sco_conn *conn = hcon->sco_data;
180 struct sock *sk;
181
182 if (!conn)
183 return;
184
185 BT_DBG("hcon %p conn %p, err %d", hcon, conn, err);
186
187 /* Kill socket */
188 sco_conn_lock(conn);
189 sk = conn->sk;
190 sco_conn_unlock(conn);
191
192 if (sk) {
193 sock_hold(sk);
194 bh_lock_sock(sk);
195 sco_sock_clear_timer(sk);
196 sco_chan_del(sk, err);
197 bh_unlock_sock(sk);
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]198 sock_put(sk);
Olivier Deprez0e641232021-09-23 10:07:05 +0200[diff] [blame^]199
200 /* Ensure no more work items will run before freeing conn. */
201 cancel_delayed_work_sync(&conn->timeout_work);
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]202 }
203
204 hcon->sco_data = NULL;
205 kfree(conn);
206}
207
208static void __sco_chan_add(struct sco_conn *conn, struct sock *sk,
209 struct sock *parent)
210{
211 BT_DBG("conn %p", conn);
212
213 sco_pi(sk)->conn = conn;
214 conn->sk = sk;
215
Olivier Deprez0e641232021-09-23 10:07:05 +0200[diff] [blame^]216 INIT_DELAYED_WORK(&conn->timeout_work, sco_sock_timeout);
217
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]218 if (parent)
David Brazdil0f672f62019-12-10 10:32:29 +0000[diff] [blame]219 bt_accept_enqueue(parent, sk, true);
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]220}
221
222static int sco_chan_add(struct sco_conn *conn, struct sock *sk,
223 struct sock *parent)
224{
225 int err = 0;
226
227 sco_conn_lock(conn);
228 if (conn->sk)
229 err = -EBUSY;
230 else
231 __sco_chan_add(conn, sk, parent);
232
233 sco_conn_unlock(conn);
234 return err;
235}
236
Olivier Deprez0e641232021-09-23 10:07:05 +0200[diff] [blame^]237static int sco_connect(struct hci_dev *hdev, struct sock *sk)
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]238{
239 struct sco_conn *conn;
240 struct hci_conn *hcon;
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]241 int err, type;
242
243 BT_DBG("%pMR -> %pMR", &sco_pi(sk)->src, &sco_pi(sk)->dst);
244
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]245 if (lmp_esco_capable(hdev) && !disable_esco)
246 type = ESCO_LINK;
247 else
248 type = SCO_LINK;
249
250 if (sco_pi(sk)->setting == BT_VOICE_TRANSPARENT &&
Olivier Deprez0e641232021-09-23 10:07:05 +0200[diff] [blame^]251 (!lmp_transp_capable(hdev) || !lmp_esco_capable(hdev)))
252 return -EOPNOTSUPP;
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]253
254 hcon = hci_connect_sco(hdev, type, &sco_pi(sk)->dst,
255 sco_pi(sk)->setting);
Olivier Deprez0e641232021-09-23 10:07:05 +0200[diff] [blame^]256 if (IS_ERR(hcon))
257 return PTR_ERR(hcon);
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]258
259 conn = sco_conn_add(hcon);
260 if (!conn) {
261 hci_conn_drop(hcon);
Olivier Deprez0e641232021-09-23 10:07:05 +0200[diff] [blame^]262 return -ENOMEM;
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]263 }
264
265 /* Update source addr of the socket */
266 bacpy(&sco_pi(sk)->src, &hcon->src);
267
268 err = sco_chan_add(conn, sk, NULL);
269 if (err)
Olivier Deprez0e641232021-09-23 10:07:05 +0200[diff] [blame^]270 return err;
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]271
272 if (hcon->state == BT_CONNECTED) {
273 sco_sock_clear_timer(sk);
274 sk->sk_state = BT_CONNECTED;
275 } else {
276 sk->sk_state = BT_CONNECT;
277 sco_sock_set_timer(sk, sk->sk_sndtimeo);
278 }
279
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]280 return err;
281}
282
283static int sco_send_frame(struct sock *sk, struct msghdr *msg, int len)
284{
285 struct sco_conn *conn = sco_pi(sk)->conn;
286 struct sk_buff *skb;
287 int err;
288
289 /* Check outgoing MTU */
290 if (len > conn->mtu)
291 return -EINVAL;
292
293 BT_DBG("sk %p len %d", sk, len);
294
295 skb = bt_skb_send_alloc(sk, len, msg->msg_flags & MSG_DONTWAIT, &err);
296 if (!skb)
297 return err;
298
299 if (memcpy_from_msg(skb_put(skb, len), msg, len)) {
300 kfree_skb(skb);
301 return -EFAULT;
302 }
303
304 hci_send_sco(conn->hcon, skb);
305
306 return len;
307}
308
309static void sco_recv_frame(struct sco_conn *conn, struct sk_buff *skb)
310{
311 struct sock *sk;
312
313 sco_conn_lock(conn);
314 sk = conn->sk;
315 sco_conn_unlock(conn);
316
317 if (!sk)
318 goto drop;
319
320 BT_DBG("sk %p len %d", sk, skb->len);
321
322 if (sk->sk_state != BT_CONNECTED)
323 goto drop;
324
325 if (!sock_queue_rcv_skb(sk, skb))
326 return;
327
328drop:
329 kfree_skb(skb);
330}
331
332/* -------- Socket interface ---------- */
333static struct sock *__sco_get_sock_listen_by_addr(bdaddr_t *ba)
334{
335 struct sock *sk;
336
337 sk_for_each(sk, &sco_sk_list.head) {
338 if (sk->sk_state != BT_LISTEN)
339 continue;
340
341 if (!bacmp(&sco_pi(sk)->src, ba))
342 return sk;
343 }
344
345 return NULL;
346}
347
348/* Find socket listening on source bdaddr.
349 * Returns closest match.
350 */
351static struct sock *sco_get_sock_listen(bdaddr_t *src)
352{
353 struct sock *sk = NULL, *sk1 = NULL;
354
355 read_lock(&sco_sk_list.lock);
356
357 sk_for_each(sk, &sco_sk_list.head) {
358 if (sk->sk_state != BT_LISTEN)
359 continue;
360
361 /* Exact match. */
362 if (!bacmp(&sco_pi(sk)->src, src))
363 break;
364
365 /* Closest match */
366 if (!bacmp(&sco_pi(sk)->src, BDADDR_ANY))
367 sk1 = sk;
368 }
369
370 read_unlock(&sco_sk_list.lock);
371
372 return sk ? sk : sk1;
373}
374
375static void sco_sock_destruct(struct sock *sk)
376{
377 BT_DBG("sk %p", sk);
378
379 skb_queue_purge(&sk->sk_receive_queue);
380 skb_queue_purge(&sk->sk_write_queue);
381}
382
383static void sco_sock_cleanup_listen(struct sock *parent)
384{
385 struct sock *sk;
386
387 BT_DBG("parent %p", parent);
388
389 /* Close not yet accepted channels */
390 while ((sk = bt_accept_dequeue(parent, NULL))) {
391 sco_sock_close(sk);
392 sco_sock_kill(sk);
393 }
394
395 parent->sk_state = BT_CLOSED;
396 sock_set_flag(parent, SOCK_ZAPPED);
397}
398
399/* Kill socket (only if zapped and orphan)
400 * Must be called on unlocked socket.
401 */
402static void sco_sock_kill(struct sock *sk)
403{
Olivier Deprez0e641232021-09-23 10:07:05 +0200[diff] [blame^]404 if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket)
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]405 return;
406
407 BT_DBG("sk %p state %d", sk, sk->sk_state);
408
409 /* Kill poor orphan */
410 bt_sock_unlink(&sco_sk_list, sk);
411 sock_set_flag(sk, SOCK_DEAD);
412 sock_put(sk);
413}
414
415static void __sco_sock_close(struct sock *sk)
416{
417 BT_DBG("sk %p state %d socket %p", sk, sk->sk_state, sk->sk_socket);
418
419 switch (sk->sk_state) {
420 case BT_LISTEN:
421 sco_sock_cleanup_listen(sk);
422 break;
423
424 case BT_CONNECTED:
425 case BT_CONFIG:
426 if (sco_pi(sk)->conn->hcon) {
427 sk->sk_state = BT_DISCONN;
428 sco_sock_set_timer(sk, SCO_DISCONN_TIMEOUT);
429 sco_conn_lock(sco_pi(sk)->conn);
430 hci_conn_drop(sco_pi(sk)->conn->hcon);
431 sco_pi(sk)->conn->hcon = NULL;
432 sco_conn_unlock(sco_pi(sk)->conn);
433 } else
434 sco_chan_del(sk, ECONNRESET);
435 break;
436
437 case BT_CONNECT2:
438 case BT_CONNECT:
439 case BT_DISCONN:
440 sco_chan_del(sk, ECONNRESET);
441 break;
442
443 default:
444 sock_set_flag(sk, SOCK_ZAPPED);
445 break;
446 }
447}
448
449/* Must be called on unlocked socket. */
450static void sco_sock_close(struct sock *sk)
451{
452 sco_sock_clear_timer(sk);
453 lock_sock(sk);
454 __sco_sock_close(sk);
455 release_sock(sk);
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]456}
457
458static void sco_sock_init(struct sock *sk, struct sock *parent)
459{
460 BT_DBG("sk %p", sk);
461
462 if (parent) {
463 sk->sk_type = parent->sk_type;
464 bt_sk(sk)->flags = bt_sk(parent)->flags;
465 security_sk_clone(parent, sk);
466 }
467}
468
469static struct proto sco_proto = {
470 .name = "SCO",
471 .owner = THIS_MODULE,
472 .obj_size = sizeof(struct sco_pinfo)
473};
474
475static struct sock *sco_sock_alloc(struct net *net, struct socket *sock,
476 int proto, gfp_t prio, int kern)
477{
478 struct sock *sk;
479
480 sk = sk_alloc(net, PF_BLUETOOTH, prio, &sco_proto, kern);
481 if (!sk)
482 return NULL;
483
484 sock_init_data(sock, sk);
485 INIT_LIST_HEAD(&bt_sk(sk)->accept_q);
486
487 sk->sk_destruct = sco_sock_destruct;
488 sk->sk_sndtimeo = SCO_CONN_TIMEOUT;
489
490 sock_reset_flag(sk, SOCK_ZAPPED);
491
492 sk->sk_protocol = proto;
493 sk->sk_state = BT_OPEN;
494
495 sco_pi(sk)->setting = BT_VOICE_CVSD_16BIT;
496
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]497 bt_sock_link(&sco_sk_list, sk);
498 return sk;
499}
500
501static int sco_sock_create(struct net *net, struct socket *sock, int protocol,
502 int kern)
503{
504 struct sock *sk;
505
506 BT_DBG("sock %p", sock);
507
508 sock->state = SS_UNCONNECTED;
509
510 if (sock->type != SOCK_SEQPACKET)
511 return -ESOCKTNOSUPPORT;
512
513 sock->ops = &sco_sock_ops;
514
515 sk = sco_sock_alloc(net, sock, protocol, GFP_ATOMIC, kern);
516 if (!sk)
517 return -ENOMEM;
518
519 sco_sock_init(sk, NULL);
520 return 0;
521}
522
523static int sco_sock_bind(struct socket *sock, struct sockaddr *addr,
524 int addr_len)
525{
526 struct sockaddr_sco *sa = (struct sockaddr_sco *) addr;
527 struct sock *sk = sock->sk;
528 int err = 0;
529
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]530 if (!addr || addr_len < sizeof(struct sockaddr_sco) ||
531 addr->sa_family != AF_BLUETOOTH)
532 return -EINVAL;
533
David Brazdil0f672f62019-12-10 10:32:29 +0000[diff] [blame]534 BT_DBG("sk %p %pMR", sk, &sa->sco_bdaddr);
535
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]536 lock_sock(sk);
537
538 if (sk->sk_state != BT_OPEN) {
539 err = -EBADFD;
540 goto done;
541 }
542
543 if (sk->sk_type != SOCK_SEQPACKET) {
544 err = -EINVAL;
545 goto done;
546 }
547
548 bacpy(&sco_pi(sk)->src, &sa->sco_bdaddr);
549
550 sk->sk_state = BT_BOUND;
551
552done:
553 release_sock(sk);
554 return err;
555}
556
557static int sco_sock_connect(struct socket *sock, struct sockaddr *addr, int alen, int flags)
558{
559 struct sockaddr_sco *sa = (struct sockaddr_sco *) addr;
560 struct sock *sk = sock->sk;
Olivier Deprez0e641232021-09-23 10:07:05 +0200[diff] [blame^]561 struct hci_dev *hdev;
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]562 int err;
563
564 BT_DBG("sk %p", sk);
565
566 if (alen < sizeof(struct sockaddr_sco) ||
567 addr->sa_family != AF_BLUETOOTH)
568 return -EINVAL;
569
570 if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND)
571 return -EBADFD;
572
573 if (sk->sk_type != SOCK_SEQPACKET)
574 return -EINVAL;
575
Olivier Deprez0e641232021-09-23 10:07:05 +0200[diff] [blame^]576 hdev = hci_get_route(&sa->sco_bdaddr, &sco_pi(sk)->src, BDADDR_BREDR);
577 if (!hdev)
578 return -EHOSTUNREACH;
579 hci_dev_lock(hdev);
580
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]581 lock_sock(sk);
582
583 /* Set destination address and psm */
584 bacpy(&sco_pi(sk)->dst, &sa->sco_bdaddr);
585
Olivier Deprez0e641232021-09-23 10:07:05 +0200[diff] [blame^]586 err = sco_connect(hdev, sk);
587 hci_dev_unlock(hdev);
588 hci_dev_put(hdev);
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]589 if (err)
590 goto done;
591
592 err = bt_sock_wait_state(sk, BT_CONNECTED,
593 sock_sndtimeo(sk, flags & O_NONBLOCK));
594
595done:
596 release_sock(sk);
597 return err;
598}
599
600static int sco_sock_listen(struct socket *sock, int backlog)
601{
602 struct sock *sk = sock->sk;
603 bdaddr_t *src = &sco_pi(sk)->src;
604 int err = 0;
605
606 BT_DBG("sk %p backlog %d", sk, backlog);
607
608 lock_sock(sk);
609
610 if (sk->sk_state != BT_BOUND) {
611 err = -EBADFD;
612 goto done;
613 }
614
615 if (sk->sk_type != SOCK_SEQPACKET) {
616 err = -EINVAL;
617 goto done;
618 }
619
620 write_lock(&sco_sk_list.lock);
621
622 if (__sco_get_sock_listen_by_addr(src)) {
623 err = -EADDRINUSE;
624 goto unlock;
625 }
626
627 sk->sk_max_ack_backlog = backlog;
628 sk->sk_ack_backlog = 0;
629
630 sk->sk_state = BT_LISTEN;
631
632unlock:
633 write_unlock(&sco_sk_list.lock);
634
635done:
636 release_sock(sk);
637 return err;
638}
639
640static int sco_sock_accept(struct socket *sock, struct socket *newsock,
641 int flags, bool kern)
642{
643 DEFINE_WAIT_FUNC(wait, woken_wake_function);
644 struct sock *sk = sock->sk, *ch;
645 long timeo;
646 int err = 0;
647
648 lock_sock(sk);
649
650 timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK);
651
652 BT_DBG("sk %p timeo %ld", sk, timeo);
653
654 /* Wait for an incoming connection. (wake-one). */
655 add_wait_queue_exclusive(sk_sleep(sk), &wait);
656 while (1) {
657 if (sk->sk_state != BT_LISTEN) {
658 err = -EBADFD;
659 break;
660 }
661
662 ch = bt_accept_dequeue(sk, newsock);
663 if (ch)
664 break;
665
666 if (!timeo) {
667 err = -EAGAIN;
668 break;
669 }
670
671 if (signal_pending(current)) {
672 err = sock_intr_errno(timeo);
673 break;
674 }
675
676 release_sock(sk);
677
678 timeo = wait_woken(&wait, TASK_INTERRUPTIBLE, timeo);
679 lock_sock(sk);
680 }
681 remove_wait_queue(sk_sleep(sk), &wait);
682
683 if (err)
684 goto done;
685
686 newsock->state = SS_CONNECTED;
687
688 BT_DBG("new socket %p", ch);
689
690done:
691 release_sock(sk);
692 return err;
693}
694
695static int sco_sock_getname(struct socket *sock, struct sockaddr *addr,
696 int peer)
697{
698 struct sockaddr_sco *sa = (struct sockaddr_sco *) addr;
699 struct sock *sk = sock->sk;
700
701 BT_DBG("sock %p, sk %p", sock, sk);
702
703 addr->sa_family = AF_BLUETOOTH;
704
705 if (peer)
706 bacpy(&sa->sco_bdaddr, &sco_pi(sk)->dst);
707 else
708 bacpy(&sa->sco_bdaddr, &sco_pi(sk)->src);
709
710 return sizeof(struct sockaddr_sco);
711}
712
713static int sco_sock_sendmsg(struct socket *sock, struct msghdr *msg,
714 size_t len)
715{
716 struct sock *sk = sock->sk;
717 int err;
718
719 BT_DBG("sock %p, sk %p", sock, sk);
720
721 err = sock_error(sk);
722 if (err)
723 return err;
724
725 if (msg->msg_flags & MSG_OOB)
726 return -EOPNOTSUPP;
727
728 lock_sock(sk);
729
730 if (sk->sk_state == BT_CONNECTED)
731 err = sco_send_frame(sk, msg, len);
732 else
733 err = -ENOTCONN;
734
735 release_sock(sk);
736 return err;
737}
738
739static void sco_conn_defer_accept(struct hci_conn *conn, u16 setting)
740{
741 struct hci_dev *hdev = conn->hdev;
742
743 BT_DBG("conn %p", conn);
744
745 conn->state = BT_CONFIG;
746
747 if (!lmp_esco_capable(hdev)) {
748 struct hci_cp_accept_conn_req cp;
749
750 bacpy(&cp.bdaddr, &conn->dst);
751 cp.role = 0x00; /* Ignored */
752
753 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ, sizeof(cp), &cp);
754 } else {
755 struct hci_cp_accept_sync_conn_req cp;
756
757 bacpy(&cp.bdaddr, &conn->dst);
758 cp.pkt_type = cpu_to_le16(conn->pkt_type);
759
760 cp.tx_bandwidth = cpu_to_le32(0x00001f40);
761 cp.rx_bandwidth = cpu_to_le32(0x00001f40);
762 cp.content_format = cpu_to_le16(setting);
763
764 switch (setting & SCO_AIRMODE_MASK) {
765 case SCO_AIRMODE_TRANSP:
766 if (conn->pkt_type & ESCO_2EV3)
767 cp.max_latency = cpu_to_le16(0x0008);
768 else
769 cp.max_latency = cpu_to_le16(0x000D);
770 cp.retrans_effort = 0x02;
771 break;
772 case SCO_AIRMODE_CVSD:
773 cp.max_latency = cpu_to_le16(0xffff);
774 cp.retrans_effort = 0xff;
775 break;
Olivier Deprez0e641232021-09-23 10:07:05 +0200[diff] [blame^]776 default:
777 /* use CVSD settings as fallback */
778 cp.max_latency = cpu_to_le16(0xffff);
779 cp.retrans_effort = 0xff;
780 break;
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]781 }
782
783 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
784 sizeof(cp), &cp);
785 }
786}
787
788static int sco_sock_recvmsg(struct socket *sock, struct msghdr *msg,
789 size_t len, int flags)
790{
791 struct sock *sk = sock->sk;
792 struct sco_pinfo *pi = sco_pi(sk);
793
794 lock_sock(sk);
795
796 if (sk->sk_state == BT_CONNECT2 &&
797 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) {
798 sco_conn_defer_accept(pi->conn->hcon, pi->setting);
799 sk->sk_state = BT_CONFIG;
800
801 release_sock(sk);
802 return 0;
803 }
804
805 release_sock(sk);
806
807 return bt_sock_recvmsg(sock, msg, len, flags);
808}
809
810static int sco_sock_setsockopt(struct socket *sock, int level, int optname,
811 char __user *optval, unsigned int optlen)
812{
813 struct sock *sk = sock->sk;
814 int len, err = 0;
815 struct bt_voice voice;
816 u32 opt;
817
818 BT_DBG("sk %p", sk);
819
820 lock_sock(sk);
821
822 switch (optname) {
823
824 case BT_DEFER_SETUP:
825 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
826 err = -EINVAL;
827 break;
828 }
829
830 if (get_user(opt, (u32 __user *) optval)) {
831 err = -EFAULT;
832 break;
833 }
834
835 if (opt)
836 set_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
837 else
838 clear_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
839 break;
840
841 case BT_VOICE:
842 if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND &&
843 sk->sk_state != BT_CONNECT2) {
844 err = -EINVAL;
845 break;
846 }
847
848 voice.setting = sco_pi(sk)->setting;
849
850 len = min_t(unsigned int, sizeof(voice), optlen);
851 if (copy_from_user((char *)&voice, optval, len)) {
852 err = -EFAULT;
853 break;
854 }
855
856 /* Explicitly check for these values */
857 if (voice.setting != BT_VOICE_TRANSPARENT &&
858 voice.setting != BT_VOICE_CVSD_16BIT) {
859 err = -EINVAL;
860 break;
861 }
862
863 sco_pi(sk)->setting = voice.setting;
864 break;
865
866 default:
867 err = -ENOPROTOOPT;
868 break;
869 }
870
871 release_sock(sk);
872 return err;
873}
874
875static int sco_sock_getsockopt_old(struct socket *sock, int optname,
876 char __user *optval, int __user *optlen)
877{
878 struct sock *sk = sock->sk;
879 struct sco_options opts;
880 struct sco_conninfo cinfo;
881 int len, err = 0;
882
883 BT_DBG("sk %p", sk);
884
885 if (get_user(len, optlen))
886 return -EFAULT;
887
888 lock_sock(sk);
889
890 switch (optname) {
891 case SCO_OPTIONS:
892 if (sk->sk_state != BT_CONNECTED &&
893 !(sk->sk_state == BT_CONNECT2 &&
894 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags))) {
895 err = -ENOTCONN;
896 break;
897 }
898
899 opts.mtu = sco_pi(sk)->conn->mtu;
900
901 BT_DBG("mtu %d", opts.mtu);
902
903 len = min_t(unsigned int, len, sizeof(opts));
904 if (copy_to_user(optval, (char *)&opts, len))
905 err = -EFAULT;
906
907 break;
908
909 case SCO_CONNINFO:
910 if (sk->sk_state != BT_CONNECTED &&
911 !(sk->sk_state == BT_CONNECT2 &&
912 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags))) {
913 err = -ENOTCONN;
914 break;
915 }
916
917 memset(&cinfo, 0, sizeof(cinfo));
918 cinfo.hci_handle = sco_pi(sk)->conn->hcon->handle;
919 memcpy(cinfo.dev_class, sco_pi(sk)->conn->hcon->dev_class, 3);
920
921 len = min_t(unsigned int, len, sizeof(cinfo));
922 if (copy_to_user(optval, (char *)&cinfo, len))
923 err = -EFAULT;
924
925 break;
926
927 default:
928 err = -ENOPROTOOPT;
929 break;
930 }
931
932 release_sock(sk);
933 return err;
934}
935
936static int sco_sock_getsockopt(struct socket *sock, int level, int optname,
937 char __user *optval, int __user *optlen)
938{
939 struct sock *sk = sock->sk;
940 int len, err = 0;
941 struct bt_voice voice;
942
943 BT_DBG("sk %p", sk);
944
945 if (level == SOL_SCO)
946 return sco_sock_getsockopt_old(sock, optname, optval, optlen);
947
948 if (get_user(len, optlen))
949 return -EFAULT;
950
951 lock_sock(sk);
952
953 switch (optname) {
954
955 case BT_DEFER_SETUP:
956 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
957 err = -EINVAL;
958 break;
959 }
960
961 if (put_user(test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags),
962 (u32 __user *)optval))
963 err = -EFAULT;
964
965 break;
966
967 case BT_VOICE:
968 voice.setting = sco_pi(sk)->setting;
969
970 len = min_t(unsigned int, len, sizeof(voice));
971 if (copy_to_user(optval, (char *)&voice, len))
972 err = -EFAULT;
973
974 break;
975
976 default:
977 err = -ENOPROTOOPT;
978 break;
979 }
980
981 release_sock(sk);
982 return err;
983}
984
985static int sco_sock_shutdown(struct socket *sock, int how)
986{
987 struct sock *sk = sock->sk;
988 int err = 0;
989
990 BT_DBG("sock %p, sk %p", sock, sk);
991
992 if (!sk)
993 return 0;
994
995 sock_hold(sk);
996 lock_sock(sk);
997
998 if (!sk->sk_shutdown) {
999 sk->sk_shutdown = SHUTDOWN_MASK;
1000 sco_sock_clear_timer(sk);
1001 __sco_sock_close(sk);
1002
1003 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime &&
1004 !(current->flags & PF_EXITING))
1005 err = bt_sock_wait_state(sk, BT_CLOSED,
1006 sk->sk_lingertime);
1007 }
1008
1009 release_sock(sk);
1010 sock_put(sk);
1011
1012 return err;
1013}
1014
1015static int sco_sock_release(struct socket *sock)
1016{
1017 struct sock *sk = sock->sk;
1018 int err = 0;
1019
1020 BT_DBG("sock %p, sk %p", sock, sk);
1021
1022 if (!sk)
1023 return 0;
1024
1025 sco_sock_close(sk);
1026
1027 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime &&
1028 !(current->flags & PF_EXITING)) {
1029 lock_sock(sk);
1030 err = bt_sock_wait_state(sk, BT_CLOSED, sk->sk_lingertime);
1031 release_sock(sk);
1032 }
1033
1034 sock_orphan(sk);
1035 sco_sock_kill(sk);
1036 return err;
1037}
1038
1039static void sco_conn_ready(struct sco_conn *conn)
1040{
1041 struct sock *parent;
1042 struct sock *sk = conn->sk;
1043
1044 BT_DBG("conn %p", conn);
1045
1046 if (sk) {
1047 sco_sock_clear_timer(sk);
1048 bh_lock_sock(sk);
1049 sk->sk_state = BT_CONNECTED;
1050 sk->sk_state_change(sk);
1051 bh_unlock_sock(sk);
1052 } else {
1053 sco_conn_lock(conn);
1054
1055 if (!conn->hcon) {
1056 sco_conn_unlock(conn);
1057 return;
1058 }
1059
1060 parent = sco_get_sock_listen(&conn->hcon->src);
1061 if (!parent) {
1062 sco_conn_unlock(conn);
1063 return;
1064 }
1065
1066 bh_lock_sock(parent);
1067
1068 sk = sco_sock_alloc(sock_net(parent), NULL,
1069 BTPROTO_SCO, GFP_ATOMIC, 0);
1070 if (!sk) {
1071 bh_unlock_sock(parent);
1072 sco_conn_unlock(conn);
1073 return;
1074 }
1075
1076 sco_sock_init(sk, parent);
1077
1078 bacpy(&sco_pi(sk)->src, &conn->hcon->src);
1079 bacpy(&sco_pi(sk)->dst, &conn->hcon->dst);
1080
1081 hci_conn_hold(conn->hcon);
1082 __sco_chan_add(conn, sk, parent);
1083
1084 if (test_bit(BT_SK_DEFER_SETUP, &bt_sk(parent)->flags))
1085 sk->sk_state = BT_CONNECT2;
1086 else
1087 sk->sk_state = BT_CONNECTED;
1088
1089 /* Wake up parent */
1090 parent->sk_data_ready(parent);
1091
1092 bh_unlock_sock(parent);
1093
1094 sco_conn_unlock(conn);
1095 }
1096}
1097
1098/* ----- SCO interface with lower layer (HCI) ----- */
1099int sco_connect_ind(struct hci_dev *hdev, bdaddr_t *bdaddr, __u8 *flags)
1100{
1101 struct sock *sk;
1102 int lm = 0;
1103
1104 BT_DBG("hdev %s, bdaddr %pMR", hdev->name, bdaddr);
1105
1106 /* Find listening sockets */
1107 read_lock(&sco_sk_list.lock);
1108 sk_for_each(sk, &sco_sk_list.head) {
1109 if (sk->sk_state != BT_LISTEN)
1110 continue;
1111
1112 if (!bacmp(&sco_pi(sk)->src, &hdev->bdaddr) ||
1113 !bacmp(&sco_pi(sk)->src, BDADDR_ANY)) {
1114 lm |= HCI_LM_ACCEPT;
1115
1116 if (test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags))
1117 *flags |= HCI_PROTO_DEFER;
1118 break;
1119 }
1120 }
1121 read_unlock(&sco_sk_list.lock);
1122
1123 return lm;
1124}
1125
1126static void sco_connect_cfm(struct hci_conn *hcon, __u8 status)
1127{
1128 if (hcon->type != SCO_LINK && hcon->type != ESCO_LINK)
1129 return;
1130
1131 BT_DBG("hcon %p bdaddr %pMR status %d", hcon, &hcon->dst, status);
1132
1133 if (!status) {
1134 struct sco_conn *conn;
1135
1136 conn = sco_conn_add(hcon);
1137 if (conn)
1138 sco_conn_ready(conn);
1139 } else
1140 sco_conn_del(hcon, bt_to_errno(status));
1141}
1142
1143static void sco_disconn_cfm(struct hci_conn *hcon, __u8 reason)
1144{
1145 if (hcon->type != SCO_LINK && hcon->type != ESCO_LINK)
1146 return;
1147
1148 BT_DBG("hcon %p reason %d", hcon, reason);
1149
1150 sco_conn_del(hcon, bt_to_errno(reason));
1151}
1152
1153void sco_recv_scodata(struct hci_conn *hcon, struct sk_buff *skb)
1154{
1155 struct sco_conn *conn = hcon->sco_data;
1156
1157 if (!conn)
1158 goto drop;
1159
1160 BT_DBG("conn %p len %d", conn, skb->len);
1161
1162 if (skb->len) {
1163 sco_recv_frame(conn, skb);
1164 return;
1165 }
1166
1167drop:
1168 kfree_skb(skb);
1169}
1170
1171static struct hci_cb sco_cb = {
1172 .name = "SCO",
1173 .connect_cfm = sco_connect_cfm,
1174 .disconn_cfm = sco_disconn_cfm,
1175};
1176
1177static int sco_debugfs_show(struct seq_file *f, void *p)
1178{
1179 struct sock *sk;
1180
1181 read_lock(&sco_sk_list.lock);
1182
1183 sk_for_each(sk, &sco_sk_list.head) {
1184 seq_printf(f, "%pMR %pMR %d\n", &sco_pi(sk)->src,
1185 &sco_pi(sk)->dst, sk->sk_state);
1186 }
1187
1188 read_unlock(&sco_sk_list.lock);
1189
1190 return 0;
1191}
1192
David Brazdil0f672f62019-12-10 10:32:29 +0000[diff] [blame]1193DEFINE_SHOW_ATTRIBUTE(sco_debugfs);
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]1194
1195static struct dentry *sco_debugfs;
1196
1197static const struct proto_ops sco_sock_ops = {
1198 .family = PF_BLUETOOTH,
1199 .owner = THIS_MODULE,
1200 .release = sco_sock_release,
1201 .bind = sco_sock_bind,
1202 .connect = sco_sock_connect,
1203 .listen = sco_sock_listen,
1204 .accept = sco_sock_accept,
1205 .getname = sco_sock_getname,
1206 .sendmsg = sco_sock_sendmsg,
1207 .recvmsg = sco_sock_recvmsg,
1208 .poll = bt_sock_poll,
1209 .ioctl = bt_sock_ioctl,
David Brazdil0f672f62019-12-10 10:32:29 +0000[diff] [blame]1210 .gettstamp = sock_gettstamp,
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]1211 .mmap = sock_no_mmap,
1212 .socketpair = sock_no_socketpair,
1213 .shutdown = sco_sock_shutdown,
1214 .setsockopt = sco_sock_setsockopt,
1215 .getsockopt = sco_sock_getsockopt
1216};
1217
1218static const struct net_proto_family sco_sock_family_ops = {
1219 .family = PF_BLUETOOTH,
1220 .owner = THIS_MODULE,
1221 .create = sco_sock_create,
1222};
1223
1224int __init sco_init(void)
1225{
1226 int err;
1227
1228 BUILD_BUG_ON(sizeof(struct sockaddr_sco) > sizeof(struct sockaddr));
1229
1230 err = proto_register(&sco_proto, 0);
1231 if (err < 0)
1232 return err;
1233
1234 err = bt_sock_register(BTPROTO_SCO, &sco_sock_family_ops);
1235 if (err < 0) {
1236 BT_ERR("SCO socket registration failed");
1237 goto error;
1238 }
1239
1240 err = bt_procfs_init(&init_net, "sco", &sco_sk_list, NULL);
1241 if (err < 0) {
1242 BT_ERR("Failed to create SCO proc file");
1243 bt_sock_unregister(BTPROTO_SCO);
1244 goto error;
1245 }
1246
1247 BT_INFO("SCO socket layer initialized");
1248
1249 hci_register_cb(&sco_cb);
1250
1251 if (IS_ERR_OR_NULL(bt_debugfs))
1252 return 0;
1253
1254 sco_debugfs = debugfs_create_file("sco", 0444, bt_debugfs,
1255 NULL, &sco_debugfs_fops);
1256
1257 return 0;
1258
1259error:
1260 proto_unregister(&sco_proto);
1261 return err;
1262}
1263
1264void sco_exit(void)
1265{
1266 bt_procfs_cleanup(&init_net, "sco");
1267
1268 debugfs_remove(sco_debugfs);
1269
1270 hci_unregister_cb(&sco_cb);
1271
1272 bt_sock_unregister(BTPROTO_SCO);
1273
1274 proto_unregister(&sco_proto);
1275}
1276
1277module_param(disable_esco, bool, 0644);
1278MODULE_PARM_DESC(disable_esco, "Disable eSCO connection creation");