android: staging: ram_console: fix crash in ram_console_late_init
[linux-2.6.git] / net / bluetooth / af_bluetooth.c
1 /*
2    BlueZ - Bluetooth protocol stack for Linux
3    Copyright (C) 2000-2001 Qualcomm Incorporated
4
5    Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
6
7    This program is free software; you can redistribute it and/or modify
8    it under the terms of the GNU General Public License version 2 as
9    published by the Free Software Foundation;
10
11    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12    OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14    IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15    CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16    WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17    ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18    OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
20    ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21    COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22    SOFTWARE IS DISCLAIMED.
23 */
24
25 /* Bluetooth address family and sockets. */
26
27 #include <linux/module.h>
28
29 #include <linux/types.h>
30 #include <linux/list.h>
31 #include <linux/errno.h>
32 #include <linux/kernel.h>
33 #include <linux/sched.h>
34 #include <linux/skbuff.h>
35 #include <linux/init.h>
36 #include <linux/poll.h>
37 #include <net/sock.h>
38 #include <asm/ioctls.h>
39 #include <linux/kmod.h>
40
41 #include <net/bluetooth/bluetooth.h>
42
43 #ifdef CONFIG_ANDROID_PARANOID_NETWORK
44 #include <linux/android_aid.h>
45 #endif
46
47 #ifndef CONFIG_BT_SOCK_DEBUG
48 #undef  BT_DBG
49 #define BT_DBG(D...)
50 #endif
51
52 #define VERSION "2.16"
53
54 /* Bluetooth sockets */
55 #define BT_MAX_PROTO    8
56 static const struct net_proto_family *bt_proto[BT_MAX_PROTO];
57 static DEFINE_RWLOCK(bt_proto_lock);
58
59 static struct lock_class_key bt_lock_key[BT_MAX_PROTO];
60 static const char *const bt_key_strings[BT_MAX_PROTO] = {
61         "sk_lock-AF_BLUETOOTH-BTPROTO_L2CAP",
62         "sk_lock-AF_BLUETOOTH-BTPROTO_HCI",
63         "sk_lock-AF_BLUETOOTH-BTPROTO_SCO",
64         "sk_lock-AF_BLUETOOTH-BTPROTO_RFCOMM",
65         "sk_lock-AF_BLUETOOTH-BTPROTO_BNEP",
66         "sk_lock-AF_BLUETOOTH-BTPROTO_CMTP",
67         "sk_lock-AF_BLUETOOTH-BTPROTO_HIDP",
68         "sk_lock-AF_BLUETOOTH-BTPROTO_AVDTP",
69 };
70
71 static struct lock_class_key bt_slock_key[BT_MAX_PROTO];
72 static const char *const bt_slock_key_strings[BT_MAX_PROTO] = {
73         "slock-AF_BLUETOOTH-BTPROTO_L2CAP",
74         "slock-AF_BLUETOOTH-BTPROTO_HCI",
75         "slock-AF_BLUETOOTH-BTPROTO_SCO",
76         "slock-AF_BLUETOOTH-BTPROTO_RFCOMM",
77         "slock-AF_BLUETOOTH-BTPROTO_BNEP",
78         "slock-AF_BLUETOOTH-BTPROTO_CMTP",
79         "slock-AF_BLUETOOTH-BTPROTO_HIDP",
80         "slock-AF_BLUETOOTH-BTPROTO_AVDTP",
81 };
82
83 static inline void bt_sock_reclassify_lock(struct socket *sock, int proto)
84 {
85         struct sock *sk = sock->sk;
86
87         if (!sk)
88                 return;
89
90         BUG_ON(sock_owned_by_user(sk));
91
92         sock_lock_init_class_and_name(sk,
93                         bt_slock_key_strings[proto], &bt_slock_key[proto],
94                                 bt_key_strings[proto], &bt_lock_key[proto]);
95 }
96
97 int bt_sock_register(int proto, const struct net_proto_family *ops)
98 {
99         int err = 0;
100
101         if (proto < 0 || proto >= BT_MAX_PROTO)
102                 return -EINVAL;
103
104         write_lock(&bt_proto_lock);
105
106         if (bt_proto[proto])
107                 err = -EEXIST;
108         else
109                 bt_proto[proto] = ops;
110
111         write_unlock(&bt_proto_lock);
112
113         return err;
114 }
115 EXPORT_SYMBOL(bt_sock_register);
116
117 int bt_sock_unregister(int proto)
118 {
119         int err = 0;
120
121         if (proto < 0 || proto >= BT_MAX_PROTO)
122                 return -EINVAL;
123
124         write_lock(&bt_proto_lock);
125
126         if (!bt_proto[proto])
127                 err = -ENOENT;
128         else
129                 bt_proto[proto] = NULL;
130
131         write_unlock(&bt_proto_lock);
132
133         return err;
134 }
135 EXPORT_SYMBOL(bt_sock_unregister);
136
137 #ifdef CONFIG_ANDROID_PARANOID_NETWORK
138 static inline int current_has_bt_admin(void)
139 {
140         return (!current_euid() || in_egroup_p(AID_NET_BT_ADMIN));
141 }
142
143 static inline int current_has_bt(void)
144 {
145         return (current_has_bt_admin() || in_egroup_p(AID_NET_BT));
146 }
147 # else
148 static inline int current_has_bt_admin(void)
149 {
150         return 1;
151 }
152
153 static inline int current_has_bt(void)
154 {
155         return 1;
156 }
157 #endif
158
159 static int bt_sock_create(struct net *net, struct socket *sock, int proto,
160                           int kern)
161 {
162         int err;
163
164         if (proto == BTPROTO_RFCOMM || proto == BTPROTO_SCO ||
165                         proto == BTPROTO_L2CAP) {
166                 if (!current_has_bt())
167                         return -EPERM;
168         } else if (!current_has_bt_admin())
169                 return -EPERM;
170
171         if (net != &init_net)
172                 return -EAFNOSUPPORT;
173
174         if (proto < 0 || proto >= BT_MAX_PROTO)
175                 return -EINVAL;
176
177         if (!bt_proto[proto])
178                 request_module("bt-proto-%d", proto);
179
180         err = -EPROTONOSUPPORT;
181
182         read_lock(&bt_proto_lock);
183
184         if (bt_proto[proto] && try_module_get(bt_proto[proto]->owner)) {
185                 err = bt_proto[proto]->create(net, sock, proto, kern);
186                 bt_sock_reclassify_lock(sock, proto);
187                 module_put(bt_proto[proto]->owner);
188         }
189
190         read_unlock(&bt_proto_lock);
191
192         return err;
193 }
194
195 void bt_sock_link(struct bt_sock_list *l, struct sock *sk)
196 {
197         write_lock(&l->lock);
198         sk_add_node(sk, &l->head);
199         write_unlock(&l->lock);
200 }
201 EXPORT_SYMBOL(bt_sock_link);
202
203 void bt_sock_unlink(struct bt_sock_list *l, struct sock *sk)
204 {
205         write_lock(&l->lock);
206         sk_del_node_init(sk);
207         write_unlock(&l->lock);
208 }
209 EXPORT_SYMBOL(bt_sock_unlink);
210
211 void bt_accept_enqueue(struct sock *parent, struct sock *sk)
212 {
213         BT_DBG("parent %p, sk %p", parent, sk);
214
215         sock_hold(sk);
216         list_add_tail(&bt_sk(sk)->accept_q, &bt_sk(parent)->accept_q);
217         bt_sk(sk)->parent = parent;
218         parent->sk_ack_backlog++;
219 }
220 EXPORT_SYMBOL(bt_accept_enqueue);
221
222 void bt_accept_unlink(struct sock *sk)
223 {
224         BT_DBG("sk %p state %d", sk, sk->sk_state);
225
226         list_del_init(&bt_sk(sk)->accept_q);
227         bt_sk(sk)->parent->sk_ack_backlog--;
228         bt_sk(sk)->parent = NULL;
229         sock_put(sk);
230 }
231 EXPORT_SYMBOL(bt_accept_unlink);
232
233 struct sock *bt_accept_dequeue(struct sock *parent, struct socket *newsock)
234 {
235         struct list_head *p, *n;
236         struct sock *sk;
237
238         BT_DBG("parent %p", parent);
239
240         list_for_each_safe(p, n, &bt_sk(parent)->accept_q) {
241                 sk = (struct sock *) list_entry(p, struct bt_sock, accept_q);
242
243                 lock_sock(sk);
244
245                 /* FIXME: Is this check still needed */
246                 if (sk->sk_state == BT_CLOSED) {
247                         release_sock(sk);
248                         bt_accept_unlink(sk);
249                         continue;
250                 }
251
252                 if (sk->sk_state == BT_CONNECTED || !newsock ||
253                                                 bt_sk(parent)->defer_setup) {
254                         bt_accept_unlink(sk);
255                         if (newsock)
256                                 sock_graft(sk, newsock);
257
258                         release_sock(sk);
259                         return sk;
260                 }
261
262                 release_sock(sk);
263         }
264
265         return NULL;
266 }
267 EXPORT_SYMBOL(bt_accept_dequeue);
268
269 int bt_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
270                                 struct msghdr *msg, size_t len, int flags)
271 {
272         int noblock = flags & MSG_DONTWAIT;
273         struct sock *sk = sock->sk;
274         struct sk_buff *skb;
275         size_t copied;
276         int err;
277
278         BT_DBG("sock %p sk %p len %zu", sock, sk, len);
279
280         if (flags & (MSG_OOB))
281                 return -EOPNOTSUPP;
282
283         skb = skb_recv_datagram(sk, flags, noblock, &err);
284         if (!skb) {
285                 if (sk->sk_shutdown & RCV_SHUTDOWN)
286                         return 0;
287                 return err;
288         }
289
290         msg->msg_namelen = 0;
291
292         copied = skb->len;
293         if (len < copied) {
294                 msg->msg_flags |= MSG_TRUNC;
295                 copied = len;
296         }
297
298         skb_reset_transport_header(skb);
299         err = skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied);
300         if (err == 0)
301                 sock_recv_ts_and_drops(msg, sk, skb);
302
303         skb_free_datagram(sk, skb);
304
305         return err ? : copied;
306 }
307 EXPORT_SYMBOL(bt_sock_recvmsg);
308
309 static long bt_sock_data_wait(struct sock *sk, long timeo)
310 {
311         DECLARE_WAITQUEUE(wait, current);
312
313         add_wait_queue(sk_sleep(sk), &wait);
314         for (;;) {
315                 set_current_state(TASK_INTERRUPTIBLE);
316
317                 if (!skb_queue_empty(&sk->sk_receive_queue))
318                         break;
319
320                 if (sk->sk_err || (sk->sk_shutdown & RCV_SHUTDOWN))
321                         break;
322
323                 if (signal_pending(current) || !timeo)
324                         break;
325
326                 set_bit(SOCK_ASYNC_WAITDATA, &sk->sk_socket->flags);
327                 release_sock(sk);
328                 timeo = schedule_timeout(timeo);
329                 lock_sock(sk);
330                 clear_bit(SOCK_ASYNC_WAITDATA, &sk->sk_socket->flags);
331         }
332
333         __set_current_state(TASK_RUNNING);
334         remove_wait_queue(sk_sleep(sk), &wait);
335         return timeo;
336 }
337
338 int bt_sock_stream_recvmsg(struct kiocb *iocb, struct socket *sock,
339                                struct msghdr *msg, size_t size, int flags)
340 {
341         struct sock *sk = sock->sk;
342         int err = 0;
343         size_t target, copied = 0;
344         long timeo;
345
346         if (flags & MSG_OOB)
347                 return -EOPNOTSUPP;
348
349         msg->msg_namelen = 0;
350
351         BT_DBG("sk %p size %zu", sk, size);
352
353         lock_sock(sk);
354
355         target = sock_rcvlowat(sk, flags & MSG_WAITALL, size);
356         timeo  = sock_rcvtimeo(sk, flags & MSG_DONTWAIT);
357
358         do {
359                 struct sk_buff *skb;
360                 int chunk;
361
362                 skb = skb_dequeue(&sk->sk_receive_queue);
363                 if (!skb) {
364                         if (copied >= target)
365                                 break;
366
367                         err = sock_error(sk);
368                         if (err)
369                                 break;
370                         if (sk->sk_shutdown & RCV_SHUTDOWN)
371                                 break;
372
373                         err = -EAGAIN;
374                         if (!timeo)
375                                 break;
376
377                         timeo = bt_sock_data_wait(sk, timeo);
378
379                         if (signal_pending(current)) {
380                                 err = sock_intr_errno(timeo);
381                                 goto out;
382                         }
383                         continue;
384                 }
385
386                 chunk = min_t(unsigned int, skb->len, size);
387                 if (skb_copy_datagram_iovec(skb, 0, msg->msg_iov, chunk)) {
388                         skb_queue_head(&sk->sk_receive_queue, skb);
389                         if (!copied)
390                                 copied = -EFAULT;
391                         break;
392                 }
393                 copied += chunk;
394                 size   -= chunk;
395
396                 sock_recv_ts_and_drops(msg, sk, skb);
397
398                 if (!(flags & MSG_PEEK)) {
399                         int skb_len = skb_headlen(skb);
400
401                         if (chunk <= skb_len) {
402                                 __skb_pull(skb, chunk);
403                         } else {
404                                 struct sk_buff *frag;
405
406                                 __skb_pull(skb, skb_len);
407                                 chunk -= skb_len;
408
409                                 skb_walk_frags(skb, frag) {
410                                         if (chunk <= frag->len) {
411                                                 /* Pulling partial data */
412                                                 skb->len -= chunk;
413                                                 skb->data_len -= chunk;
414                                                 __skb_pull(frag, chunk);
415                                                 break;
416                                         } else if (frag->len) {
417                                                 /* Pulling all frag data */
418                                                 chunk -= frag->len;
419                                                 skb->len -= frag->len;
420                                                 skb->data_len -= frag->len;
421                                                 __skb_pull(frag, frag->len);
422                                         }
423                                 }
424                         }
425
426                         if (skb->len) {
427                                 skb_queue_head(&sk->sk_receive_queue, skb);
428                                 break;
429                         }
430                         kfree_skb(skb);
431
432                 } else {
433                         /* put message back and return */
434                         skb_queue_head(&sk->sk_receive_queue, skb);
435                         break;
436                 }
437         } while (size);
438
439 out:
440         release_sock(sk);
441         return copied ? : err;
442 }
443 EXPORT_SYMBOL(bt_sock_stream_recvmsg);
444
445 static inline unsigned int bt_accept_poll(struct sock *parent)
446 {
447         struct list_head *p, *n;
448         struct sock *sk;
449
450         list_for_each_safe(p, n, &bt_sk(parent)->accept_q) {
451                 sk = (struct sock *) list_entry(p, struct bt_sock, accept_q);
452                 if (sk->sk_state == BT_CONNECTED ||
453                                         (bt_sk(parent)->defer_setup &&
454                                                 sk->sk_state == BT_CONNECT2))
455                         return POLLIN | POLLRDNORM;
456         }
457
458         return 0;
459 }
460
461 unsigned int bt_sock_poll(struct file *file, struct socket *sock, poll_table *wait)
462 {
463         struct sock *sk = sock->sk;
464         unsigned int mask = 0;
465
466         BT_DBG("sock %p, sk %p", sock, sk);
467
468         poll_wait(file, sk_sleep(sk), wait);
469
470         if (sk->sk_state == BT_LISTEN)
471                 return bt_accept_poll(sk);
472
473         if (sk->sk_err || !skb_queue_empty(&sk->sk_error_queue))
474                 mask |= POLLERR;
475
476         if (sk->sk_shutdown & RCV_SHUTDOWN)
477                 mask |= POLLRDHUP | POLLIN | POLLRDNORM;
478
479         if (sk->sk_shutdown == SHUTDOWN_MASK)
480                 mask |= POLLHUP;
481
482         if (!skb_queue_empty(&sk->sk_receive_queue))
483                 mask |= POLLIN | POLLRDNORM;
484
485         if (sk->sk_state == BT_CLOSED)
486                 mask |= POLLHUP;
487
488         if (sk->sk_state == BT_CONNECT ||
489                         sk->sk_state == BT_CONNECT2 ||
490                         sk->sk_state == BT_CONFIG)
491                 return mask;
492
493         if (sock_writeable(sk))
494                 mask |= POLLOUT | POLLWRNORM | POLLWRBAND;
495         else
496                 set_bit(SOCK_ASYNC_NOSPACE, &sk->sk_socket->flags);
497
498         return mask;
499 }
500 EXPORT_SYMBOL(bt_sock_poll);
501
502 int bt_sock_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
503 {
504         struct sock *sk = sock->sk;
505         struct sk_buff *skb;
506         long amount;
507         int err;
508
509         BT_DBG("sk %p cmd %x arg %lx", sk, cmd, arg);
510
511         switch (cmd) {
512         case TIOCOUTQ:
513                 if (sk->sk_state == BT_LISTEN)
514                         return -EINVAL;
515
516                 amount = sk->sk_sndbuf - sk_wmem_alloc_get(sk);
517                 if (amount < 0)
518                         amount = 0;
519                 err = put_user(amount, (int __user *) arg);
520                 break;
521
522         case TIOCINQ:
523                 if (sk->sk_state == BT_LISTEN)
524                         return -EINVAL;
525
526                 lock_sock(sk);
527                 skb = skb_peek(&sk->sk_receive_queue);
528                 amount = skb ? skb->len : 0;
529                 release_sock(sk);
530                 err = put_user(amount, (int __user *) arg);
531                 break;
532
533         case SIOCGSTAMP:
534                 err = sock_get_timestamp(sk, (struct timeval __user *) arg);
535                 break;
536
537         case SIOCGSTAMPNS:
538                 err = sock_get_timestampns(sk, (struct timespec __user *) arg);
539                 break;
540
541         default:
542                 err = -ENOIOCTLCMD;
543                 break;
544         }
545
546         return err;
547 }
548 EXPORT_SYMBOL(bt_sock_ioctl);
549
550 int bt_sock_wait_state(struct sock *sk, int state, unsigned long timeo)
551 {
552         DECLARE_WAITQUEUE(wait, current);
553         int err = 0;
554
555         BT_DBG("sk %p", sk);
556
557         add_wait_queue(sk_sleep(sk), &wait);
558         set_current_state(TASK_INTERRUPTIBLE);
559         while (sk->sk_state != state) {
560                 if (!timeo) {
561                         err = -EINPROGRESS;
562                         break;
563                 }
564
565                 if (signal_pending(current)) {
566                         err = sock_intr_errno(timeo);
567                         break;
568                 }
569
570                 release_sock(sk);
571                 timeo = schedule_timeout(timeo);
572                 lock_sock(sk);
573                 set_current_state(TASK_INTERRUPTIBLE);
574
575                 err = sock_error(sk);
576                 if (err)
577                         break;
578         }
579         __set_current_state(TASK_RUNNING);
580         remove_wait_queue(sk_sleep(sk), &wait);
581         return err;
582 }
583 EXPORT_SYMBOL(bt_sock_wait_state);
584
585 static struct net_proto_family bt_sock_family_ops = {
586         .owner  = THIS_MODULE,
587         .family = PF_BLUETOOTH,
588         .create = bt_sock_create,
589 };
590
591 static int __init bt_init(void)
592 {
593         int err;
594
595         BT_INFO("Core ver %s", VERSION);
596
597         err = bt_sysfs_init();
598         if (err < 0)
599                 return err;
600
601         err = sock_register(&bt_sock_family_ops);
602         if (err < 0) {
603                 bt_sysfs_cleanup();
604                 return err;
605         }
606
607         BT_INFO("HCI device and connection manager initialized");
608
609         err = hci_sock_init();
610         if (err < 0)
611                 goto error;
612
613         err = l2cap_init();
614         if (err < 0)
615                 goto sock_err;
616
617         err = sco_init();
618         if (err < 0) {
619                 l2cap_exit();
620                 goto sock_err;
621         }
622
623         return 0;
624
625 sock_err:
626         hci_sock_cleanup();
627
628 error:
629         sock_unregister(PF_BLUETOOTH);
630         bt_sysfs_cleanup();
631
632         return err;
633 }
634
635 static void __exit bt_exit(void)
636 {
637
638         sco_exit();
639
640         l2cap_exit();
641
642         hci_sock_cleanup();
643
644         sock_unregister(PF_BLUETOOTH);
645
646         bt_sysfs_cleanup();
647 }
648
649 subsys_initcall(bt_init);
650 module_exit(bt_exit);
651
652 MODULE_AUTHOR("Marcel Holtmann <marcel@holtmann.org>");
653 MODULE_DESCRIPTION("Bluetooth Core ver " VERSION);
654 MODULE_VERSION(VERSION);
655 MODULE_LICENSE("GPL");
656 MODULE_ALIAS_NETPROTO(PF_BLUETOOTH);