Merge master.kernel.org:/pub/scm/linux/kernel/git/holtmann/bluetooth-2.6
[linux-2.6] / net / bluetooth / rfcomm / sock.c
1 /* 
2    RFCOMM implementation for Linux Bluetooth stack (BlueZ).
3    Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com>
4    Copyright (C) 2002 Marcel Holtmann <marcel@holtmann.org>
5
6    This program is free software; you can redistribute it and/or modify
7    it under the terms of the GNU General Public License version 2 as
8    published by the Free Software Foundation;
9
10    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
11    OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
12    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
13    IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
14    CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES 
15    WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 
16    ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 
17    OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18
19    ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, 
20    COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS 
21    SOFTWARE IS DISCLAIMED.
22 */
23
24 /*
25  * RFCOMM sockets.
26  *
27  * $Id: sock.c,v 1.24 2002/10/03 01:00:34 maxk Exp $
28  */
29
30 #include <linux/config.h>
31 #include <linux/module.h>
32
33 #include <linux/types.h>
34 #include <linux/errno.h>
35 #include <linux/kernel.h>
36 #include <linux/sched.h>
37 #include <linux/slab.h>
38 #include <linux/poll.h>
39 #include <linux/fcntl.h>
40 #include <linux/init.h>
41 #include <linux/interrupt.h>
42 #include <linux/socket.h>
43 #include <linux/skbuff.h>
44 #include <linux/list.h>
45 #include <linux/proc_fs.h>
46 #include <linux/seq_file.h>
47 #include <net/sock.h>
48
49 #include <asm/system.h>
50 #include <asm/uaccess.h>
51
52 #include <net/bluetooth/bluetooth.h>
53 #include <net/bluetooth/hci_core.h>
54 #include <net/bluetooth/l2cap.h>
55 #include <net/bluetooth/rfcomm.h>
56
57 #ifndef CONFIG_BT_RFCOMM_DEBUG
58 #undef  BT_DBG
59 #define BT_DBG(D...)
60 #endif
61
62 static struct proto_ops rfcomm_sock_ops;
63
64 static struct bt_sock_list rfcomm_sk_list = {
65         .lock = RW_LOCK_UNLOCKED
66 };
67
68 static void rfcomm_sock_close(struct sock *sk);
69 static void rfcomm_sock_kill(struct sock *sk);
70
71 /* ---- DLC callbacks ----
72  *
73  * called under rfcomm_dlc_lock()
74  */
75 static void rfcomm_sk_data_ready(struct rfcomm_dlc *d, struct sk_buff *skb)
76 {
77         struct sock *sk = d->owner;
78         if (!sk)
79                 return;
80
81         atomic_add(skb->len, &sk->sk_rmem_alloc);
82         skb_queue_tail(&sk->sk_receive_queue, skb);
83         sk->sk_data_ready(sk, skb->len);
84
85         if (atomic_read(&sk->sk_rmem_alloc) >= sk->sk_rcvbuf)
86                 rfcomm_dlc_throttle(d);
87 }
88
89 static void rfcomm_sk_state_change(struct rfcomm_dlc *d, int err)
90 {
91         struct sock *sk = d->owner, *parent;
92         if (!sk)
93                 return;
94
95         BT_DBG("dlc %p state %ld err %d", d, d->state, err);
96
97         bh_lock_sock(sk);
98
99         if (err)
100                 sk->sk_err = err;
101
102         sk->sk_state = d->state;
103
104         parent = bt_sk(sk)->parent;
105         if (parent) {
106                 if (d->state == BT_CLOSED) {
107                         sock_set_flag(sk, SOCK_ZAPPED);
108                         bt_accept_unlink(sk);
109                 }
110                 parent->sk_data_ready(parent, 0);
111         } else {
112                 if (d->state == BT_CONNECTED)
113                         rfcomm_session_getaddr(d->session, &bt_sk(sk)->src, NULL);
114                 sk->sk_state_change(sk);
115         }
116
117         bh_unlock_sock(sk);
118
119         if (parent && sock_flag(sk, SOCK_ZAPPED)) {
120                 /* We have to drop DLC lock here, otherwise
121                  * rfcomm_sock_destruct() will dead lock. */
122                 rfcomm_dlc_unlock(d);
123                 rfcomm_sock_kill(sk);
124                 rfcomm_dlc_lock(d);
125         }
126 }
127
128 /* ---- Socket functions ---- */
129 static struct sock *__rfcomm_get_sock_by_addr(u8 channel, bdaddr_t *src)
130 {
131         struct sock *sk = NULL;
132         struct hlist_node *node;
133
134         sk_for_each(sk, node, &rfcomm_sk_list.head) {
135                 if (rfcomm_pi(sk)->channel == channel && 
136                                 !bacmp(&bt_sk(sk)->src, src))
137                         break;
138         }
139
140         return node ? sk : NULL;
141 }
142
143 /* Find socket with channel and source bdaddr.
144  * Returns closest match.
145  */
146 static struct sock *__rfcomm_get_sock_by_channel(int state, u8 channel, bdaddr_t *src)
147 {
148         struct sock *sk = NULL, *sk1 = NULL;
149         struct hlist_node *node;
150
151         sk_for_each(sk, node, &rfcomm_sk_list.head) {
152                 if (state && sk->sk_state != state)
153                         continue;
154
155                 if (rfcomm_pi(sk)->channel == channel) {
156                         /* Exact match. */
157                         if (!bacmp(&bt_sk(sk)->src, src))
158                                 break;
159
160                         /* Closest match */
161                         if (!bacmp(&bt_sk(sk)->src, BDADDR_ANY))
162                                 sk1 = sk;
163                 }
164         }
165         return node ? sk : sk1;
166 }
167
168 /* Find socket with given address (channel, src).
169  * Returns locked socket */
170 static inline struct sock *rfcomm_get_sock_by_channel(int state, u8 channel, bdaddr_t *src)
171 {
172         struct sock *s;
173         read_lock(&rfcomm_sk_list.lock);
174         s = __rfcomm_get_sock_by_channel(state, channel, src);
175         if (s) bh_lock_sock(s);
176         read_unlock(&rfcomm_sk_list.lock);
177         return s;
178 }
179
180 static void rfcomm_sock_destruct(struct sock *sk)
181 {
182         struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc;
183
184         BT_DBG("sk %p dlc %p", sk, d);
185
186         skb_queue_purge(&sk->sk_receive_queue);
187         skb_queue_purge(&sk->sk_write_queue);
188
189         rfcomm_dlc_lock(d);
190         rfcomm_pi(sk)->dlc = NULL;
191
192         /* Detach DLC if it's owned by this socket */
193         if (d->owner == sk)
194                 d->owner = NULL;
195         rfcomm_dlc_unlock(d);
196
197         rfcomm_dlc_put(d);
198 }
199
200 static void rfcomm_sock_cleanup_listen(struct sock *parent)
201 {
202         struct sock *sk;
203
204         BT_DBG("parent %p", parent);
205
206         /* Close not yet accepted dlcs */
207         while ((sk = bt_accept_dequeue(parent, NULL))) {
208                 rfcomm_sock_close(sk);
209                 rfcomm_sock_kill(sk);
210         }
211
212         parent->sk_state  = BT_CLOSED;
213         sock_set_flag(parent, SOCK_ZAPPED);
214 }
215
216 /* Kill socket (only if zapped and orphan)
217  * Must be called on unlocked socket.
218  */
219 static void rfcomm_sock_kill(struct sock *sk)
220 {
221         if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket)
222                 return;
223
224         BT_DBG("sk %p state %d refcnt %d", sk, sk->sk_state, atomic_read(&sk->sk_refcnt));
225
226         /* Kill poor orphan */
227         bt_sock_unlink(&rfcomm_sk_list, sk);
228         sock_set_flag(sk, SOCK_DEAD);
229         sock_put(sk);
230 }
231
232 static void __rfcomm_sock_close(struct sock *sk)
233 {
234         struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc;
235
236         BT_DBG("sk %p state %d socket %p", sk, sk->sk_state, sk->sk_socket);
237
238         switch (sk->sk_state) {
239         case BT_LISTEN:
240                 rfcomm_sock_cleanup_listen(sk);
241                 break;
242
243         case BT_CONNECT:
244         case BT_CONNECT2:
245         case BT_CONFIG:
246         case BT_CONNECTED:
247                 rfcomm_dlc_close(d, 0);
248
249         default:
250                 sock_set_flag(sk, SOCK_ZAPPED);
251                 break;
252         }
253 }
254
255 /* Close socket.
256  * Must be called on unlocked socket.
257  */
258 static void rfcomm_sock_close(struct sock *sk)
259 {
260         lock_sock(sk);
261         __rfcomm_sock_close(sk);
262         release_sock(sk);
263 }
264
265 static void rfcomm_sock_init(struct sock *sk, struct sock *parent)
266 {
267         struct rfcomm_pinfo *pi = rfcomm_pi(sk);
268
269         BT_DBG("sk %p", sk);
270
271         if (parent) {
272                 sk->sk_type = parent->sk_type;
273                 pi->link_mode = rfcomm_pi(parent)->link_mode;
274         } else {
275                 pi->link_mode = 0;
276         }
277
278         pi->dlc->link_mode = pi->link_mode;
279 }
280
281 static struct proto rfcomm_proto = {
282         .name           = "RFCOMM",
283         .owner          = THIS_MODULE,
284         .obj_size       = sizeof(struct rfcomm_pinfo)
285 };
286
287 static struct sock *rfcomm_sock_alloc(struct socket *sock, int proto, gfp_t prio)
288 {
289         struct rfcomm_dlc *d;
290         struct sock *sk;
291
292         sk = sk_alloc(PF_BLUETOOTH, prio, &rfcomm_proto, 1);
293         if (!sk)
294                 return NULL;
295
296         sock_init_data(sock, sk);
297         INIT_LIST_HEAD(&bt_sk(sk)->accept_q);
298
299         d = rfcomm_dlc_alloc(prio);
300         if (!d) {
301                 sk_free(sk);
302                 return NULL;
303         }
304
305         d->data_ready   = rfcomm_sk_data_ready;
306         d->state_change = rfcomm_sk_state_change;
307
308         rfcomm_pi(sk)->dlc = d;
309         d->owner = sk;
310
311         sk->sk_destruct = rfcomm_sock_destruct;
312         sk->sk_sndtimeo = RFCOMM_CONN_TIMEOUT;
313
314         sk->sk_sndbuf   = RFCOMM_MAX_CREDITS * RFCOMM_DEFAULT_MTU * 10;
315         sk->sk_rcvbuf   = RFCOMM_MAX_CREDITS * RFCOMM_DEFAULT_MTU * 10;
316
317         sock_reset_flag(sk, SOCK_ZAPPED);
318
319         sk->sk_protocol = proto;
320         sk->sk_state    = BT_OPEN;
321
322         bt_sock_link(&rfcomm_sk_list, sk);
323
324         BT_DBG("sk %p", sk);
325         return sk;
326 }
327
328 static int rfcomm_sock_create(struct socket *sock, int protocol)
329 {
330         struct sock *sk;
331
332         BT_DBG("sock %p", sock);
333
334         sock->state = SS_UNCONNECTED;
335
336         if (sock->type != SOCK_STREAM && sock->type != SOCK_RAW)
337                 return -ESOCKTNOSUPPORT;
338
339         sock->ops = &rfcomm_sock_ops;
340
341         if (!(sk = rfcomm_sock_alloc(sock, protocol, GFP_KERNEL)))
342                 return -ENOMEM;
343
344         rfcomm_sock_init(sk, NULL);
345         return 0;
346 }
347
348 static int rfcomm_sock_bind(struct socket *sock, struct sockaddr *addr, int addr_len)
349 {
350         struct sockaddr_rc *sa = (struct sockaddr_rc *) addr;
351         struct sock *sk = sock->sk;
352         int err = 0;
353
354         BT_DBG("sk %p %s", sk, batostr(&sa->rc_bdaddr));
355
356         if (!addr || addr->sa_family != AF_BLUETOOTH)
357                 return -EINVAL;
358
359         lock_sock(sk);
360
361         if (sk->sk_state != BT_OPEN) {
362                 err = -EBADFD;
363                 goto done;
364         }
365
366         if (sk->sk_type != SOCK_STREAM) {
367                 err = -EINVAL;
368                 goto done;
369         }
370
371         write_lock_bh(&rfcomm_sk_list.lock);
372
373         if (sa->rc_channel && __rfcomm_get_sock_by_addr(sa->rc_channel, &sa->rc_bdaddr)) {
374                 err = -EADDRINUSE;
375         } else {
376                 /* Save source address */
377                 bacpy(&bt_sk(sk)->src, &sa->rc_bdaddr);
378                 rfcomm_pi(sk)->channel = sa->rc_channel;
379                 sk->sk_state = BT_BOUND;
380         }
381
382         write_unlock_bh(&rfcomm_sk_list.lock);
383
384 done:
385         release_sock(sk);
386         return err;
387 }
388
389 static int rfcomm_sock_connect(struct socket *sock, struct sockaddr *addr, int alen, int flags)
390 {
391         struct sockaddr_rc *sa = (struct sockaddr_rc *) addr;
392         struct sock *sk = sock->sk;
393         struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc;
394         int err = 0;
395
396         BT_DBG("sk %p", sk);
397
398         if (addr->sa_family != AF_BLUETOOTH || alen < sizeof(struct sockaddr_rc))
399                 return -EINVAL;
400
401         lock_sock(sk);
402
403         if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND) {
404                 err = -EBADFD;
405                 goto done;
406         }
407
408         if (sk->sk_type != SOCK_STREAM) {
409                 err = -EINVAL;
410                 goto done;
411         }
412
413         sk->sk_state = BT_CONNECT;
414         bacpy(&bt_sk(sk)->dst, &sa->rc_bdaddr);
415         rfcomm_pi(sk)->channel = sa->rc_channel;
416
417         err = rfcomm_dlc_open(d, &bt_sk(sk)->src, &sa->rc_bdaddr, sa->rc_channel);
418         if (!err)
419                 err = bt_sock_wait_state(sk, BT_CONNECTED,
420                                 sock_sndtimeo(sk, flags & O_NONBLOCK));
421
422 done:
423         release_sock(sk);
424         return err;
425 }
426
427 static int rfcomm_sock_listen(struct socket *sock, int backlog)
428 {
429         struct sock *sk = sock->sk;
430         int err = 0;
431
432         BT_DBG("sk %p backlog %d", sk, backlog);
433
434         lock_sock(sk);
435
436         if (sk->sk_state != BT_BOUND) {
437                 err = -EBADFD;
438                 goto done;
439         }
440
441         if (sk->sk_type != SOCK_STREAM) {
442                 err = -EINVAL;
443                 goto done;
444         }
445
446         if (!rfcomm_pi(sk)->channel) {
447                 bdaddr_t *src = &bt_sk(sk)->src;
448                 u8 channel;
449
450                 err = -EINVAL;
451
452                 write_lock_bh(&rfcomm_sk_list.lock);
453
454                 for (channel = 1; channel < 31; channel++)
455                         if (!__rfcomm_get_sock_by_addr(channel, src)) {
456                                 rfcomm_pi(sk)->channel = channel;
457                                 err = 0;
458                                 break;
459                         }
460
461                 write_unlock_bh(&rfcomm_sk_list.lock);
462
463                 if (err < 0)
464                         goto done;
465         }
466
467         sk->sk_max_ack_backlog = backlog;
468         sk->sk_ack_backlog = 0;
469         sk->sk_state = BT_LISTEN;
470
471 done:
472         release_sock(sk);
473         return err;
474 }
475
476 static int rfcomm_sock_accept(struct socket *sock, struct socket *newsock, int flags)
477 {
478         DECLARE_WAITQUEUE(wait, current);
479         struct sock *sk = sock->sk, *nsk;
480         long timeo;
481         int err = 0;
482
483         lock_sock(sk);
484
485         if (sk->sk_state != BT_LISTEN) {
486                 err = -EBADFD;
487                 goto done;
488         }
489
490         if (sk->sk_type != SOCK_STREAM) {
491                 err = -EINVAL;
492                 goto done;
493         }
494
495         timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK);
496
497         BT_DBG("sk %p timeo %ld", sk, timeo);
498
499         /* Wait for an incoming connection. (wake-one). */
500         add_wait_queue_exclusive(sk->sk_sleep, &wait);
501         while (!(nsk = bt_accept_dequeue(sk, newsock))) {
502                 set_current_state(TASK_INTERRUPTIBLE);
503                 if (!timeo) {
504                         err = -EAGAIN;
505                         break;
506                 }
507
508                 release_sock(sk);
509                 timeo = schedule_timeout(timeo);
510                 lock_sock(sk);
511
512                 if (sk->sk_state != BT_LISTEN) {
513                         err = -EBADFD;
514                         break;
515                 }
516
517                 if (signal_pending(current)) {
518                         err = sock_intr_errno(timeo);
519                         break;
520                 }
521         }
522         set_current_state(TASK_RUNNING);
523         remove_wait_queue(sk->sk_sleep, &wait);
524
525         if (err)
526                 goto done;
527
528         newsock->state = SS_CONNECTED;
529
530         BT_DBG("new socket %p", nsk);
531
532 done:
533         release_sock(sk);
534         return err;
535 }
536
537 static int rfcomm_sock_getname(struct socket *sock, struct sockaddr *addr, int *len, int peer)
538 {
539         struct sockaddr_rc *sa = (struct sockaddr_rc *) addr;
540         struct sock *sk = sock->sk;
541
542         BT_DBG("sock %p, sk %p", sock, sk);
543
544         sa->rc_family  = AF_BLUETOOTH;
545         sa->rc_channel = rfcomm_pi(sk)->channel;
546         if (peer)
547                 bacpy(&sa->rc_bdaddr, &bt_sk(sk)->dst);
548         else
549                 bacpy(&sa->rc_bdaddr, &bt_sk(sk)->src);
550
551         *len = sizeof(struct sockaddr_rc);
552         return 0;
553 }
554
555 static int rfcomm_sock_sendmsg(struct kiocb *iocb, struct socket *sock,
556                                struct msghdr *msg, size_t len)
557 {
558         struct sock *sk = sock->sk;
559         struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc;
560         struct sk_buff *skb;
561         int err;
562         int sent = 0;
563
564         if (msg->msg_flags & MSG_OOB)
565                 return -EOPNOTSUPP;
566
567         if (sk->sk_shutdown & SEND_SHUTDOWN)
568                 return -EPIPE;
569
570         BT_DBG("sock %p, sk %p", sock, sk);
571
572         lock_sock(sk);
573
574         while (len) {
575                 size_t size = min_t(size_t, len, d->mtu);
576                 
577                 skb = sock_alloc_send_skb(sk, size + RFCOMM_SKB_RESERVE,
578                                 msg->msg_flags & MSG_DONTWAIT, &err);
579                 if (!skb)
580                         break;
581                 skb_reserve(skb, RFCOMM_SKB_HEAD_RESERVE);
582
583                 err = memcpy_fromiovec(skb_put(skb, size), msg->msg_iov, size);
584                 if (err) {
585                         kfree_skb(skb);
586                         sent = err;
587                         break;
588                 }
589
590                 err = rfcomm_dlc_send(d, skb);
591                 if (err < 0) {
592                         kfree_skb(skb);
593                         break;
594                 }
595
596                 sent += size;
597                 len  -= size;
598         }
599
600         release_sock(sk);
601
602         return sent ? sent : err;
603 }
604
605 static long rfcomm_sock_data_wait(struct sock *sk, long timeo)
606 {
607         DECLARE_WAITQUEUE(wait, current);
608
609         add_wait_queue(sk->sk_sleep, &wait);
610         for (;;) {
611                 set_current_state(TASK_INTERRUPTIBLE);
612
613                 if (!skb_queue_empty(&sk->sk_receive_queue) ||
614                     sk->sk_err ||
615                     (sk->sk_shutdown & RCV_SHUTDOWN) ||
616                     signal_pending(current) ||
617                     !timeo)
618                         break;
619
620                 set_bit(SOCK_ASYNC_WAITDATA, &sk->sk_socket->flags);
621                 release_sock(sk);
622                 timeo = schedule_timeout(timeo);
623                 lock_sock(sk);
624                 clear_bit(SOCK_ASYNC_WAITDATA, &sk->sk_socket->flags);
625         }
626
627         __set_current_state(TASK_RUNNING);
628         remove_wait_queue(sk->sk_sleep, &wait);
629         return timeo;
630 }
631
632 static int rfcomm_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
633                                struct msghdr *msg, size_t size, int flags)
634 {
635         struct sock *sk = sock->sk;
636         int err = 0;
637         size_t target, copied = 0;
638         long timeo;
639
640         if (flags & MSG_OOB)
641                 return -EOPNOTSUPP;
642
643         msg->msg_namelen = 0;
644
645         BT_DBG("sk %p size %d", sk, size);
646
647         lock_sock(sk);
648
649         target = sock_rcvlowat(sk, flags & MSG_WAITALL, size);
650         timeo  = sock_rcvtimeo(sk, flags & MSG_DONTWAIT);
651
652         do {
653                 struct sk_buff *skb;
654                 int chunk;
655
656                 skb = skb_dequeue(&sk->sk_receive_queue);
657                 if (!skb) {
658                         if (copied >= target)
659                                 break;
660
661                         if ((err = sock_error(sk)) != 0)
662                                 break;
663                         if (sk->sk_shutdown & RCV_SHUTDOWN)
664                                 break;
665
666                         err = -EAGAIN;
667                         if (!timeo)
668                                 break;
669
670                         timeo = rfcomm_sock_data_wait(sk, timeo);
671
672                         if (signal_pending(current)) {
673                                 err = sock_intr_errno(timeo);
674                                 goto out;
675                         }
676                         continue;
677                 }
678
679                 chunk = min_t(unsigned int, skb->len, size);
680                 if (memcpy_toiovec(msg->msg_iov, skb->data, chunk)) {
681                         skb_queue_head(&sk->sk_receive_queue, skb);
682                         if (!copied)
683                                 copied = -EFAULT;
684                         break;
685                 }
686                 copied += chunk;
687                 size   -= chunk;
688
689                 if (!(flags & MSG_PEEK)) {
690                         atomic_sub(chunk, &sk->sk_rmem_alloc);
691
692                         skb_pull(skb, chunk);
693                         if (skb->len) {
694                                 skb_queue_head(&sk->sk_receive_queue, skb);
695                                 break;
696                         }
697                         kfree_skb(skb);
698
699                 } else {
700                         /* put message back and return */
701                         skb_queue_head(&sk->sk_receive_queue, skb);
702                         break;
703                 }
704         } while (size);
705
706 out:
707         if (atomic_read(&sk->sk_rmem_alloc) <= (sk->sk_rcvbuf >> 2))
708                 rfcomm_dlc_unthrottle(rfcomm_pi(sk)->dlc);
709
710         release_sock(sk);
711         return copied ? : err;
712 }
713
714 static int rfcomm_sock_setsockopt(struct socket *sock, int level, int optname, char __user *optval, int optlen)
715 {
716         struct sock *sk = sock->sk;
717         int err = 0;
718         u32 opt;
719
720         BT_DBG("sk %p", sk);
721
722         lock_sock(sk);
723
724         switch (optname) {
725         case RFCOMM_LM:
726                 if (get_user(opt, (u32 __user *) optval)) {
727                         err = -EFAULT;
728                         break;
729                 }
730
731                 rfcomm_pi(sk)->link_mode = opt;
732                 break;
733
734         default:
735                 err = -ENOPROTOOPT;
736                 break;
737         }
738
739         release_sock(sk);
740         return err;
741 }
742
743 static int rfcomm_sock_getsockopt(struct socket *sock, int level, int optname, char __user *optval, int __user *optlen)
744 {
745         struct sock *sk = sock->sk;
746         struct sock *l2cap_sk;
747         struct rfcomm_conninfo cinfo;
748         int len, err = 0;
749
750         BT_DBG("sk %p", sk);
751
752         if (get_user(len, optlen))
753                 return -EFAULT;
754
755         lock_sock(sk);
756
757         switch (optname) {
758         case RFCOMM_LM:
759                 if (put_user(rfcomm_pi(sk)->link_mode, (u32 __user *) optval))
760                         err = -EFAULT;
761                 break;
762
763         case RFCOMM_CONNINFO:
764                 if (sk->sk_state != BT_CONNECTED) {
765                         err = -ENOTCONN;
766                         break;
767                 }
768
769                 l2cap_sk = rfcomm_pi(sk)->dlc->session->sock->sk;
770
771                 cinfo.hci_handle = l2cap_pi(l2cap_sk)->conn->hcon->handle;
772                 memcpy(cinfo.dev_class, l2cap_pi(l2cap_sk)->conn->hcon->dev_class, 3);
773
774                 len = min_t(unsigned int, len, sizeof(cinfo));
775                 if (copy_to_user(optval, (char *) &cinfo, len))
776                         err = -EFAULT;
777
778                 break;
779
780         default:
781                 err = -ENOPROTOOPT;
782                 break;
783         }
784
785         release_sock(sk);
786         return err;
787 }
788
789 static int rfcomm_sock_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
790 {
791         struct sock *sk = sock->sk;
792         int err;
793
794         lock_sock(sk);
795
796 #ifdef CONFIG_BT_RFCOMM_TTY
797         err = rfcomm_dev_ioctl(sk, cmd, (void __user *)arg);
798 #else
799         err = -EOPNOTSUPP;
800 #endif
801
802         release_sock(sk);
803         return err;
804 }
805
806 static int rfcomm_sock_shutdown(struct socket *sock, int how)
807 {
808         struct sock *sk = sock->sk;
809         int err = 0;
810
811         BT_DBG("sock %p, sk %p", sock, sk);
812
813         if (!sk) return 0;
814
815         lock_sock(sk);
816         if (!sk->sk_shutdown) {
817                 sk->sk_shutdown = SHUTDOWN_MASK;
818                 __rfcomm_sock_close(sk);
819
820                 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime)
821                         err = bt_sock_wait_state(sk, BT_CLOSED, sk->sk_lingertime);
822         }
823         release_sock(sk);
824         return err;
825 }
826
827 static int rfcomm_sock_release(struct socket *sock)
828 {
829         struct sock *sk = sock->sk;
830         int err;
831
832         BT_DBG("sock %p, sk %p", sock, sk);
833
834         if (!sk)
835                 return 0;
836
837         err = rfcomm_sock_shutdown(sock, 2);
838
839         sock_orphan(sk);
840         rfcomm_sock_kill(sk);
841         return err;
842 }
843
844 /* ---- RFCOMM core layer callbacks ---- 
845  *
846  * called under rfcomm_lock()
847  */
848 int rfcomm_connect_ind(struct rfcomm_session *s, u8 channel, struct rfcomm_dlc **d)
849 {
850         struct sock *sk, *parent;
851         bdaddr_t src, dst;
852         int result = 0;
853
854         BT_DBG("session %p channel %d", s, channel);
855
856         rfcomm_session_getaddr(s, &src, &dst);
857
858         /* Check if we have socket listening on channel */
859         parent = rfcomm_get_sock_by_channel(BT_LISTEN, channel, &src);
860         if (!parent)
861                 return 0;
862
863         /* Check for backlog size */
864         if (sk_acceptq_is_full(parent)) {
865                 BT_DBG("backlog full %d", parent->sk_ack_backlog); 
866                 goto done;
867         }
868
869         sk = rfcomm_sock_alloc(NULL, BTPROTO_RFCOMM, GFP_ATOMIC);
870         if (!sk)
871                 goto done;
872
873         rfcomm_sock_init(sk, parent);
874         bacpy(&bt_sk(sk)->src, &src);
875         bacpy(&bt_sk(sk)->dst, &dst);
876         rfcomm_pi(sk)->channel = channel;
877
878         sk->sk_state = BT_CONFIG;
879         bt_accept_enqueue(parent, sk);
880
881         /* Accept connection and return socket DLC */
882         *d = rfcomm_pi(sk)->dlc;
883         result = 1;
884
885 done:
886         bh_unlock_sock(parent);
887         return result;
888 }
889
890 /* ---- Proc fs support ---- */
891 #ifdef CONFIG_PROC_FS
892 static void *rfcomm_seq_start(struct seq_file *seq, loff_t *pos)
893 {
894         struct sock *sk;
895         struct hlist_node *node;
896         loff_t l = *pos;
897
898         read_lock_bh(&rfcomm_sk_list.lock);
899
900         sk_for_each(sk, node, &rfcomm_sk_list.head)
901                 if (!l--)
902                         return sk;
903         return NULL;
904 }
905
906 static void *rfcomm_seq_next(struct seq_file *seq, void *e, loff_t *pos)
907 {
908         struct sock *sk = e;
909         (*pos)++;
910         return sk_next(sk);
911 }
912
913 static void rfcomm_seq_stop(struct seq_file *seq, void *e)
914 {
915         read_unlock_bh(&rfcomm_sk_list.lock);
916 }
917
918 static int  rfcomm_seq_show(struct seq_file *seq, void *e)
919 {
920         struct sock *sk = e;
921         seq_printf(seq, "%s %s %d %d\n",
922                         batostr(&bt_sk(sk)->src), batostr(&bt_sk(sk)->dst),
923                         sk->sk_state, rfcomm_pi(sk)->channel);
924         return 0;
925 }
926
927 static struct seq_operations rfcomm_seq_ops = {
928         .start  = rfcomm_seq_start,
929         .next   = rfcomm_seq_next,
930         .stop   = rfcomm_seq_stop,
931         .show   = rfcomm_seq_show 
932 };
933
934 static int rfcomm_seq_open(struct inode *inode, struct file *file)
935 {
936         return seq_open(file, &rfcomm_seq_ops);
937 }
938
939 static struct file_operations rfcomm_seq_fops = {
940         .owner   = THIS_MODULE,
941         .open    = rfcomm_seq_open,
942         .read    = seq_read,
943         .llseek  = seq_lseek,
944         .release = seq_release,
945 };
946
947 static int  __init rfcomm_sock_proc_init(void)
948 {
949         struct proc_dir_entry *p = create_proc_entry("sock", S_IRUGO, proc_bt_rfcomm);
950         if (!p)
951                 return -ENOMEM;
952         p->proc_fops = &rfcomm_seq_fops;
953         return 0;
954 }
955
956 static void __exit rfcomm_sock_proc_cleanup(void)
957 {
958         remove_proc_entry("sock", proc_bt_rfcomm);
959 }
960
961 #else /* CONFIG_PROC_FS */
962
963 static int  __init rfcomm_sock_proc_init(void)
964 {
965         return 0;
966 }
967
968 static void __exit rfcomm_sock_proc_cleanup(void)
969 {
970         return;
971 }
972 #endif /* CONFIG_PROC_FS */
973
974 static struct proto_ops rfcomm_sock_ops = {
975         .family         = PF_BLUETOOTH,
976         .owner          = THIS_MODULE,
977         .release        = rfcomm_sock_release,
978         .bind           = rfcomm_sock_bind,
979         .connect        = rfcomm_sock_connect,
980         .listen         = rfcomm_sock_listen,
981         .accept         = rfcomm_sock_accept,
982         .getname        = rfcomm_sock_getname,
983         .sendmsg        = rfcomm_sock_sendmsg,
984         .recvmsg        = rfcomm_sock_recvmsg,
985         .shutdown       = rfcomm_sock_shutdown,
986         .setsockopt     = rfcomm_sock_setsockopt,
987         .getsockopt     = rfcomm_sock_getsockopt,
988         .ioctl          = rfcomm_sock_ioctl,
989         .poll           = bt_sock_poll,
990         .socketpair     = sock_no_socketpair,
991         .mmap           = sock_no_mmap
992 };
993
994 static struct net_proto_family rfcomm_sock_family_ops = {
995         .family         = PF_BLUETOOTH,
996         .owner          = THIS_MODULE,
997         .create         = rfcomm_sock_create
998 };
999
1000 int  __init rfcomm_init_sockets(void)
1001 {
1002         int err;
1003
1004         err = proto_register(&rfcomm_proto, 0);
1005         if (err < 0)
1006                 return err;
1007
1008         err = bt_sock_register(BTPROTO_RFCOMM, &rfcomm_sock_family_ops);
1009         if (err < 0)
1010                 goto error;
1011
1012         rfcomm_sock_proc_init();
1013
1014         BT_INFO("RFCOMM socket layer initialized");
1015
1016         return 0;
1017
1018 error:
1019         BT_ERR("RFCOMM socket layer registration failed");
1020         proto_unregister(&rfcomm_proto);
1021         return err;
1022 }
1023
1024 void __exit rfcomm_cleanup_sockets(void)
1025 {
1026         rfcomm_sock_proc_cleanup();
1027
1028         if (bt_sock_unregister(BTPROTO_RFCOMM) < 0)
1029                 BT_ERR("RFCOMM socket layer unregistration failed");
1030
1031         proto_unregister(&rfcomm_proto);
1032 }