bluetooth : __rfcomm_dlc_close lock fix
[linux-2.6] / net / bluetooth / cmtp / capi.c
1 /*
2    CMTP implementation for Linux Bluetooth stack (BlueZ).
3    Copyright (C) 2002-2003 Marcel Holtmann <marcel@holtmann.org>
4
5    This program is free software; you can redistribute it and/or modify
6    it under the terms of the GNU General Public License version 2 as
7    published by the Free Software Foundation;
8
9    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10    OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12    IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13    CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14    WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15    ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16    OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17
18    ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19    COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20    SOFTWARE IS DISCLAIMED.
21 */
22
23 #include <linux/module.h>
24
25 #include <linux/types.h>
26 #include <linux/errno.h>
27 #include <linux/kernel.h>
28 #include <linux/sched.h>
29 #include <linux/slab.h>
30 #include <linux/poll.h>
31 #include <linux/fcntl.h>
32 #include <linux/skbuff.h>
33 #include <linux/socket.h>
34 #include <linux/ioctl.h>
35 #include <linux/file.h>
36 #include <linux/wait.h>
37 #include <net/sock.h>
38
39 #include <linux/isdn/capilli.h>
40 #include <linux/isdn/capicmd.h>
41 #include <linux/isdn/capiutil.h>
42
43 #include "cmtp.h"
44
45 #ifndef CONFIG_BT_CMTP_DEBUG
46 #undef  BT_DBG
47 #define BT_DBG(D...)
48 #endif
49
50 #define CAPI_INTEROPERABILITY           0x20
51
52 #define CAPI_INTEROPERABILITY_REQ       CAPICMD(CAPI_INTEROPERABILITY, CAPI_REQ)
53 #define CAPI_INTEROPERABILITY_CONF      CAPICMD(CAPI_INTEROPERABILITY, CAPI_CONF)
54 #define CAPI_INTEROPERABILITY_IND       CAPICMD(CAPI_INTEROPERABILITY, CAPI_IND)
55 #define CAPI_INTEROPERABILITY_RESP      CAPICMD(CAPI_INTEROPERABILITY, CAPI_RESP)
56
57 #define CAPI_INTEROPERABILITY_REQ_LEN   (CAPI_MSG_BASELEN + 2)
58 #define CAPI_INTEROPERABILITY_CONF_LEN  (CAPI_MSG_BASELEN + 4)
59 #define CAPI_INTEROPERABILITY_IND_LEN   (CAPI_MSG_BASELEN + 2)
60 #define CAPI_INTEROPERABILITY_RESP_LEN  (CAPI_MSG_BASELEN + 2)
61
62 #define CAPI_FUNCTION_REGISTER          0
63 #define CAPI_FUNCTION_RELEASE           1
64 #define CAPI_FUNCTION_GET_PROFILE       2
65 #define CAPI_FUNCTION_GET_MANUFACTURER  3
66 #define CAPI_FUNCTION_GET_VERSION       4
67 #define CAPI_FUNCTION_GET_SERIAL_NUMBER 5
68 #define CAPI_FUNCTION_MANUFACTURER      6
69 #define CAPI_FUNCTION_LOOPBACK          7
70
71
72 #define CMTP_MSGNUM     1
73 #define CMTP_APPLID     2
74 #define CMTP_MAPPING    3
75
76 static struct cmtp_application *cmtp_application_add(struct cmtp_session *session, __u16 appl)
77 {
78         struct cmtp_application *app = kzalloc(sizeof(*app), GFP_KERNEL);
79
80         BT_DBG("session %p application %p appl %d", session, app, appl);
81
82         if (!app)
83                 return NULL;
84
85         app->state = BT_OPEN;
86         app->appl = appl;
87
88         list_add_tail(&app->list, &session->applications);
89
90         return app;
91 }
92
93 static void cmtp_application_del(struct cmtp_session *session, struct cmtp_application *app)
94 {
95         BT_DBG("session %p application %p", session, app);
96
97         if (app) {
98                 list_del(&app->list);
99                 kfree(app);
100         }
101 }
102
103 static struct cmtp_application *cmtp_application_get(struct cmtp_session *session, int pattern, __u16 value)
104 {
105         struct cmtp_application *app;
106         struct list_head *p, *n;
107
108         list_for_each_safe(p, n, &session->applications) {
109                 app = list_entry(p, struct cmtp_application, list);
110                 switch (pattern) {
111                 case CMTP_MSGNUM:
112                         if (app->msgnum == value)
113                                 return app;
114                         break;
115                 case CMTP_APPLID:
116                         if (app->appl == value)
117                                 return app;
118                         break;
119                 case CMTP_MAPPING:
120                         if (app->mapping == value)
121                                 return app;
122                         break;
123                 }
124         }
125
126         return NULL;
127 }
128
129 static int cmtp_msgnum_get(struct cmtp_session *session)
130 {
131         session->msgnum++;
132
133         if ((session->msgnum & 0xff) > 200)
134                 session->msgnum = CMTP_INITIAL_MSGNUM + 1;
135
136         return session->msgnum;
137 }
138
139 static void cmtp_send_capimsg(struct cmtp_session *session, struct sk_buff *skb)
140 {
141         struct cmtp_scb *scb = (void *) skb->cb;
142
143         BT_DBG("session %p skb %p len %d", session, skb, skb->len);
144
145         scb->id = -1;
146         scb->data = (CAPIMSG_COMMAND(skb->data) == CAPI_DATA_B3);
147
148         skb_queue_tail(&session->transmit, skb);
149
150         cmtp_schedule(session);
151 }
152
153 static void cmtp_send_interopmsg(struct cmtp_session *session,
154                                         __u8 subcmd, __u16 appl, __u16 msgnum,
155                                         __u16 function, unsigned char *buf, int len)
156 {
157         struct sk_buff *skb;
158         unsigned char *s;
159
160         BT_DBG("session %p subcmd 0x%02x appl %d msgnum %d", session, subcmd, appl, msgnum);
161
162         if (!(skb = alloc_skb(CAPI_MSG_BASELEN + 6 + len, GFP_ATOMIC))) {
163                 BT_ERR("Can't allocate memory for interoperability packet");
164                 return;
165         }
166
167         s = skb_put(skb, CAPI_MSG_BASELEN + 6 + len);
168
169         capimsg_setu16(s, 0, CAPI_MSG_BASELEN + 6 + len);
170         capimsg_setu16(s, 2, appl);
171         capimsg_setu8 (s, 4, CAPI_INTEROPERABILITY);
172         capimsg_setu8 (s, 5, subcmd);
173         capimsg_setu16(s, 6, msgnum);
174
175         /* Interoperability selector (Bluetooth Device Management) */
176         capimsg_setu16(s, 8, 0x0001);
177
178         capimsg_setu8 (s, 10, 3 + len);
179         capimsg_setu16(s, 11, function);
180         capimsg_setu8 (s, 13, len);
181
182         if (len > 0)
183                 memcpy(s + 14, buf, len);
184
185         cmtp_send_capimsg(session, skb);
186 }
187
188 static void cmtp_recv_interopmsg(struct cmtp_session *session, struct sk_buff *skb)
189 {
190         struct capi_ctr *ctrl = &session->ctrl;
191         struct cmtp_application *application;
192         __u16 appl, msgnum, func, info;
193         __u32 controller;
194
195         BT_DBG("session %p skb %p len %d", session, skb, skb->len);
196
197         switch (CAPIMSG_SUBCOMMAND(skb->data)) {
198         case CAPI_CONF:
199                 if (skb->len < CAPI_MSG_BASELEN + 10)
200                         break;
201
202                 func = CAPIMSG_U16(skb->data, CAPI_MSG_BASELEN + 5);
203                 info = CAPIMSG_U16(skb->data, CAPI_MSG_BASELEN + 8);
204
205                 switch (func) {
206                 case CAPI_FUNCTION_REGISTER:
207                         msgnum = CAPIMSG_MSGID(skb->data);
208
209                         application = cmtp_application_get(session, CMTP_MSGNUM, msgnum);
210                         if (application) {
211                                 application->state = BT_CONNECTED;
212                                 application->msgnum = 0;
213                                 application->mapping = CAPIMSG_APPID(skb->data);
214                                 wake_up_interruptible(&session->wait);
215                         }
216
217                         break;
218
219                 case CAPI_FUNCTION_RELEASE:
220                         appl = CAPIMSG_APPID(skb->data);
221
222                         application = cmtp_application_get(session, CMTP_MAPPING, appl);
223                         if (application) {
224                                 application->state = BT_CLOSED;
225                                 application->msgnum = 0;
226                                 wake_up_interruptible(&session->wait);
227                         }
228
229                         break;
230
231                 case CAPI_FUNCTION_GET_PROFILE:
232                         if (skb->len < CAPI_MSG_BASELEN + 11 + sizeof(capi_profile))
233                                 break;
234
235                         controller = CAPIMSG_U16(skb->data, CAPI_MSG_BASELEN + 11);
236                         msgnum = CAPIMSG_MSGID(skb->data);
237
238                         if (!info && (msgnum == CMTP_INITIAL_MSGNUM)) {
239                                 session->ncontroller = controller;
240                                 wake_up_interruptible(&session->wait);
241                                 break;
242                         }
243
244                         if (!info && ctrl) {
245                                 memcpy(&ctrl->profile,
246                                         skb->data + CAPI_MSG_BASELEN + 11,
247                                         sizeof(capi_profile));
248                                 session->state = BT_CONNECTED;
249                                 capi_ctr_ready(ctrl);
250                         }
251
252                         break;
253
254                 case CAPI_FUNCTION_GET_MANUFACTURER:
255                         if (skb->len < CAPI_MSG_BASELEN + 15)
256                                 break;
257
258                         controller = CAPIMSG_U32(skb->data, CAPI_MSG_BASELEN + 10);
259
260                         if (!info && ctrl) {
261                                 int len = min_t(uint, CAPI_MANUFACTURER_LEN,
262                                                 skb->data[CAPI_MSG_BASELEN + 14]);
263
264                                 memset(ctrl->manu, 0, CAPI_MANUFACTURER_LEN);
265                                 strncpy(ctrl->manu,
266                                         skb->data + CAPI_MSG_BASELEN + 15, len);
267                         }
268
269                         break;
270
271                 case CAPI_FUNCTION_GET_VERSION:
272                         if (skb->len < CAPI_MSG_BASELEN + 32)
273                                 break;
274
275                         controller = CAPIMSG_U32(skb->data, CAPI_MSG_BASELEN + 12);
276
277                         if (!info && ctrl) {
278                                 ctrl->version.majorversion = CAPIMSG_U32(skb->data, CAPI_MSG_BASELEN + 16);
279                                 ctrl->version.minorversion = CAPIMSG_U32(skb->data, CAPI_MSG_BASELEN + 20);
280                                 ctrl->version.majormanuversion = CAPIMSG_U32(skb->data, CAPI_MSG_BASELEN + 24);
281                                 ctrl->version.minormanuversion = CAPIMSG_U32(skb->data, CAPI_MSG_BASELEN + 28);
282                         }
283
284                         break;
285
286                 case CAPI_FUNCTION_GET_SERIAL_NUMBER:
287                         if (skb->len < CAPI_MSG_BASELEN + 17)
288                                 break;
289
290                         controller = CAPIMSG_U32(skb->data, CAPI_MSG_BASELEN + 12);
291
292                         if (!info && ctrl) {
293                                 int len = min_t(uint, CAPI_SERIAL_LEN,
294                                                 skb->data[CAPI_MSG_BASELEN + 16]);
295
296                                 memset(ctrl->serial, 0, CAPI_SERIAL_LEN);
297                                 strncpy(ctrl->serial,
298                                         skb->data + CAPI_MSG_BASELEN + 17, len);
299                         }
300
301                         break;
302                 }
303
304                 break;
305
306         case CAPI_IND:
307                 if (skb->len < CAPI_MSG_BASELEN + 6)
308                         break;
309
310                 func = CAPIMSG_U16(skb->data, CAPI_MSG_BASELEN + 3);
311
312                 if (func == CAPI_FUNCTION_LOOPBACK) {
313                         int len = min_t(uint, skb->len - CAPI_MSG_BASELEN - 6,
314                                                 skb->data[CAPI_MSG_BASELEN + 5]);
315                         appl = CAPIMSG_APPID(skb->data);
316                         msgnum = CAPIMSG_MSGID(skb->data);
317                         cmtp_send_interopmsg(session, CAPI_RESP, appl, msgnum, func,
318                                                 skb->data + CAPI_MSG_BASELEN + 6, len);
319                 }
320
321                 break;
322         }
323
324         kfree_skb(skb);
325 }
326
327 void cmtp_recv_capimsg(struct cmtp_session *session, struct sk_buff *skb)
328 {
329         struct capi_ctr *ctrl = &session->ctrl;
330         struct cmtp_application *application;
331         __u16 cmd, appl;
332         __u32 contr;
333
334         BT_DBG("session %p skb %p len %d", session, skb, skb->len);
335
336         if (skb->len < CAPI_MSG_BASELEN)
337                 return;
338
339         if (CAPIMSG_COMMAND(skb->data) == CAPI_INTEROPERABILITY) {
340                 cmtp_recv_interopmsg(session, skb);
341                 return;
342         }
343
344         if (session->flags & (1 << CMTP_LOOPBACK)) {
345                 kfree_skb(skb);
346                 return;
347         }
348
349         cmd = CAPICMD(CAPIMSG_COMMAND(skb->data), CAPIMSG_SUBCOMMAND(skb->data));
350         appl = CAPIMSG_APPID(skb->data);
351         contr = CAPIMSG_CONTROL(skb->data);
352
353         application = cmtp_application_get(session, CMTP_MAPPING, appl);
354         if (application) {
355                 appl = application->appl;
356                 CAPIMSG_SETAPPID(skb->data, appl);
357         } else {
358                 BT_ERR("Can't find application with id %d", appl);
359                 kfree_skb(skb);
360                 return;
361         }
362
363         if ((contr & 0x7f) == 0x01) {
364                 contr = (contr & 0xffffff80) | session->num;
365                 CAPIMSG_SETCONTROL(skb->data, contr);
366         }
367
368         if (!ctrl) {
369                 BT_ERR("Can't find controller %d for message", session->num);
370                 kfree_skb(skb);
371                 return;
372         }
373
374         capi_ctr_handle_message(ctrl, appl, skb);
375 }
376
377 static int cmtp_load_firmware(struct capi_ctr *ctrl, capiloaddata *data)
378 {
379         BT_DBG("ctrl %p data %p", ctrl, data);
380
381         return 0;
382 }
383
384 static void cmtp_reset_ctr(struct capi_ctr *ctrl)
385 {
386         struct cmtp_session *session = ctrl->driverdata;
387
388         BT_DBG("ctrl %p", ctrl);
389
390         capi_ctr_reseted(ctrl);
391
392         atomic_inc(&session->terminate);
393         cmtp_schedule(session);
394 }
395
396 static void cmtp_register_appl(struct capi_ctr *ctrl, __u16 appl, capi_register_params *rp)
397 {
398         DECLARE_WAITQUEUE(wait, current);
399         struct cmtp_session *session = ctrl->driverdata;
400         struct cmtp_application *application;
401         unsigned long timeo = CMTP_INTEROP_TIMEOUT;
402         unsigned char buf[8];
403         int err = 0, nconn, want = rp->level3cnt;
404
405         BT_DBG("ctrl %p appl %d level3cnt %d datablkcnt %d datablklen %d",
406                 ctrl, appl, rp->level3cnt, rp->datablkcnt, rp->datablklen);
407
408         application = cmtp_application_add(session, appl);
409         if (!application) {
410                 BT_ERR("Can't allocate memory for new application");
411                 return;
412         }
413
414         if (want < 0)
415                 nconn = ctrl->profile.nbchannel * -want;
416         else
417                 nconn = want;
418
419         if (nconn == 0)
420                 nconn = ctrl->profile.nbchannel;
421
422         capimsg_setu16(buf, 0, nconn);
423         capimsg_setu16(buf, 2, rp->datablkcnt);
424         capimsg_setu16(buf, 4, rp->datablklen);
425
426         application->state = BT_CONFIG;
427         application->msgnum = cmtp_msgnum_get(session);
428
429         cmtp_send_interopmsg(session, CAPI_REQ, 0x0000, application->msgnum,
430                                 CAPI_FUNCTION_REGISTER, buf, 6);
431
432         add_wait_queue(&session->wait, &wait);
433         while (1) {
434                 set_current_state(TASK_INTERRUPTIBLE);
435
436                 if (!timeo) {
437                         err = -EAGAIN;
438                         break;
439                 }
440
441                 if (application->state == BT_CLOSED) {
442                         err = -application->err;
443                         break;
444                 }
445
446                 if (application->state == BT_CONNECTED)
447                         break;
448
449                 if (signal_pending(current)) {
450                         err = -EINTR;
451                         break;
452                 }
453
454                 timeo = schedule_timeout(timeo);
455         }
456         set_current_state(TASK_RUNNING);
457         remove_wait_queue(&session->wait, &wait);
458
459         if (err) {
460                 cmtp_application_del(session, application);
461                 return;
462         }
463 }
464
465 static void cmtp_release_appl(struct capi_ctr *ctrl, __u16 appl)
466 {
467         struct cmtp_session *session = ctrl->driverdata;
468         struct cmtp_application *application;
469
470         BT_DBG("ctrl %p appl %d", ctrl, appl);
471
472         application = cmtp_application_get(session, CMTP_APPLID, appl);
473         if (!application) {
474                 BT_ERR("Can't find application");
475                 return;
476         }
477
478         application->msgnum = cmtp_msgnum_get(session);
479
480         cmtp_send_interopmsg(session, CAPI_REQ, application->mapping, application->msgnum,
481                                 CAPI_FUNCTION_RELEASE, NULL, 0);
482
483         wait_event_interruptible_timeout(session->wait,
484                         (application->state == BT_CLOSED), CMTP_INTEROP_TIMEOUT);
485
486         cmtp_application_del(session, application);
487 }
488
489 static u16 cmtp_send_message(struct capi_ctr *ctrl, struct sk_buff *skb)
490 {
491         struct cmtp_session *session = ctrl->driverdata;
492         struct cmtp_application *application;
493         __u16 appl;
494         __u32 contr;
495
496         BT_DBG("ctrl %p skb %p", ctrl, skb);
497
498         appl = CAPIMSG_APPID(skb->data);
499         contr = CAPIMSG_CONTROL(skb->data);
500
501         application = cmtp_application_get(session, CMTP_APPLID, appl);
502         if ((!application) || (application->state != BT_CONNECTED)) {
503                 BT_ERR("Can't find application with id %d", appl);
504                 return CAPI_ILLAPPNR;
505         }
506
507         CAPIMSG_SETAPPID(skb->data, application->mapping);
508
509         if ((contr & 0x7f) == session->num) {
510                 contr = (contr & 0xffffff80) | 0x01;
511                 CAPIMSG_SETCONTROL(skb->data, contr);
512         }
513
514         cmtp_send_capimsg(session, skb);
515
516         return CAPI_NOERROR;
517 }
518
519 static char *cmtp_procinfo(struct capi_ctr *ctrl)
520 {
521         return "CAPI Message Transport Protocol";
522 }
523
524 static int cmtp_ctr_read_proc(char *page, char **start, off_t off, int count, int *eof, struct capi_ctr *ctrl)
525 {
526         struct cmtp_session *session = ctrl->driverdata;
527         struct cmtp_application *app;
528         struct list_head *p, *n;
529         int len = 0;
530
531         len += sprintf(page + len, "%s\n\n", cmtp_procinfo(ctrl));
532         len += sprintf(page + len, "addr %s\n", session->name);
533         len += sprintf(page + len, "ctrl %d\n", session->num);
534
535         list_for_each_safe(p, n, &session->applications) {
536                 app = list_entry(p, struct cmtp_application, list);
537                 len += sprintf(page + len, "appl %d -> %d\n", app->appl, app->mapping);
538         }
539
540         if (off + count >= len)
541                 *eof = 1;
542
543         if (len < off)
544                 return 0;
545
546         *start = page + off;
547
548         return ((count < len - off) ? count : len - off);
549 }
550
551
552 int cmtp_attach_device(struct cmtp_session *session)
553 {
554         unsigned char buf[4];
555         long ret;
556
557         BT_DBG("session %p", session);
558
559         capimsg_setu32(buf, 0, 0);
560
561         cmtp_send_interopmsg(session, CAPI_REQ, 0xffff, CMTP_INITIAL_MSGNUM,
562                                 CAPI_FUNCTION_GET_PROFILE, buf, 4);
563
564         ret = wait_event_interruptible_timeout(session->wait,
565                         session->ncontroller, CMTP_INTEROP_TIMEOUT);
566
567         BT_INFO("Found %d CAPI controller(s) on device %s", session->ncontroller, session->name);
568
569         if (!ret)
570                 return -ETIMEDOUT;
571
572         if (!session->ncontroller)
573                 return -ENODEV;
574
575         if (session->ncontroller > 1)
576                 BT_INFO("Setting up only CAPI controller 1");
577
578         session->ctrl.owner      = THIS_MODULE;
579         session->ctrl.driverdata = session;
580         strcpy(session->ctrl.name, session->name);
581
582         session->ctrl.driver_name   = "cmtp";
583         session->ctrl.load_firmware = cmtp_load_firmware;
584         session->ctrl.reset_ctr     = cmtp_reset_ctr;
585         session->ctrl.register_appl = cmtp_register_appl;
586         session->ctrl.release_appl  = cmtp_release_appl;
587         session->ctrl.send_message  = cmtp_send_message;
588
589         session->ctrl.procinfo      = cmtp_procinfo;
590         session->ctrl.ctr_read_proc = cmtp_ctr_read_proc;
591
592         if (attach_capi_ctr(&session->ctrl) < 0) {
593                 BT_ERR("Can't attach new controller");
594                 return -EBUSY;
595         }
596
597         session->num = session->ctrl.cnr;
598
599         BT_DBG("session %p num %d", session, session->num);
600
601         capimsg_setu32(buf, 0, 1);
602
603         cmtp_send_interopmsg(session, CAPI_REQ, 0xffff, cmtp_msgnum_get(session),
604                                 CAPI_FUNCTION_GET_MANUFACTURER, buf, 4);
605
606         cmtp_send_interopmsg(session, CAPI_REQ, 0xffff, cmtp_msgnum_get(session),
607                                 CAPI_FUNCTION_GET_VERSION, buf, 4);
608
609         cmtp_send_interopmsg(session, CAPI_REQ, 0xffff, cmtp_msgnum_get(session),
610                                 CAPI_FUNCTION_GET_SERIAL_NUMBER, buf, 4);
611
612         cmtp_send_interopmsg(session, CAPI_REQ, 0xffff, cmtp_msgnum_get(session),
613                                 CAPI_FUNCTION_GET_PROFILE, buf, 4);
614
615         return 0;
616 }
617
618 void cmtp_detach_device(struct cmtp_session *session)
619 {
620         BT_DBG("session %p", session);
621
622         detach_capi_ctr(&session->ctrl);
623 }