1/********************************************************************* 2 * 3 * Filename: af_irda.c 4 * Version: 0.9 5 * Description: IrDA sockets implementation 6 * Status: Stable 7 * Author: Dag Brattli <dagb@cs.uit.no> 8 * Created at: Sun May 31 10:12:43 1998 9 * Modified at: Sat Dec 25 21:10:23 1999 10 * Modified by: Dag Brattli <dag@brattli.net> 11 * Sources: af_netroom.c, af_ax25.c, af_rose.c, af_x25.c etc. 12 * 13 * Copyright (c) 1999 Dag Brattli <dagb@cs.uit.no> 14 * Copyright (c) 1999-2003 Jean Tourrilhes <jt@hpl.hp.com> 15 * All Rights Reserved. 16 * 17 * This program is free software; you can redistribute it and/or 18 * modify it under the terms of the GNU General Public License as 19 * published by the Free Software Foundation; either version 2 of 20 * the License, or (at your option) any later version. 21 * 22 * This program is distributed in the hope that it will be useful, 23 * but WITHOUT ANY WARRANTY; without even the implied warranty of 24 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 25 * GNU General Public License for more details. 26 * 27 * You should have received a copy of the GNU General Public License 28 * along with this program; if not, see <http://www.gnu.org/licenses/>. 29 * 30 * Linux-IrDA now supports four different types of IrDA sockets: 31 * 32 * o SOCK_STREAM: TinyTP connections with SAR disabled. The 33 * max SDU size is 0 for conn. of this type 34 * o SOCK_SEQPACKET: TinyTP connections with SAR enabled. TTP may 35 * fragment the messages, but will preserve 36 * the message boundaries 37 * o SOCK_DGRAM: IRDAPROTO_UNITDATA: TinyTP connections with Unitdata 38 * (unreliable) transfers 39 * IRDAPROTO_ULTRA: Connectionless and unreliable data 40 * 41 ********************************************************************/ 42 43#include <linux/capability.h> 44#include <linux/module.h> 45#include <linux/types.h> 46#include <linux/socket.h> 47#include <linux/sockios.h> 48#include <linux/slab.h> 49#include <linux/init.h> 50#include <linux/net.h> 51#include <linux/irda.h> 52#include <linux/poll.h> 53 54#include <asm/ioctls.h> /* TIOCOUTQ, TIOCINQ */ 55#include <asm/uaccess.h> 56 57#include <net/sock.h> 58#include <net/tcp_states.h> 59 60#include <net/irda/af_irda.h> 61 62static int irda_create(struct net *net, struct socket *sock, int protocol, int kern); 63 64static const struct proto_ops irda_stream_ops; 65static const struct proto_ops irda_seqpacket_ops; 66static const struct proto_ops irda_dgram_ops; 67 68#ifdef CONFIG_IRDA_ULTRA 69static const struct proto_ops irda_ultra_ops; 70#define ULTRA_MAX_DATA 382 71#endif /* CONFIG_IRDA_ULTRA */ 72 73#define IRDA_MAX_HEADER (TTP_MAX_HEADER) 74 75/* 76 * Function irda_data_indication (instance, sap, skb) 77 * 78 * Received some data from TinyTP. Just queue it on the receive queue 79 * 80 */ 81static int irda_data_indication(void *instance, void *sap, struct sk_buff *skb) 82{ 83 struct irda_sock *self; 84 struct sock *sk; 85 int err; 86 87 self = instance; 88 sk = instance; 89 90 err = sock_queue_rcv_skb(sk, skb); 91 if (err) { 92 pr_debug("%s(), error: no more mem!\n", __func__); 93 self->rx_flow = FLOW_STOP; 94 95 /* When we return error, TTP will need to requeue the skb */ 96 return err; 97 } 98 99 return 0; 100} 101 102/* 103 * Function irda_disconnect_indication (instance, sap, reason, skb) 104 * 105 * Connection has been closed. Check reason to find out why 106 * 107 */ 108static void irda_disconnect_indication(void *instance, void *sap, 109 LM_REASON reason, struct sk_buff *skb) 110{ 111 struct irda_sock *self; 112 struct sock *sk; 113 114 self = instance; 115 116 pr_debug("%s(%p)\n", __func__, self); 117 118 /* Don't care about it, but let's not leak it */ 119 if(skb) 120 dev_kfree_skb(skb); 121 122 sk = instance; 123 if (sk == NULL) { 124 pr_debug("%s(%p) : BUG : sk is NULL\n", 125 __func__, self); 126 return; 127 } 128 129 /* Prevent race conditions with irda_release() and irda_shutdown() */ 130 bh_lock_sock(sk); 131 if (!sock_flag(sk, SOCK_DEAD) && sk->sk_state != TCP_CLOSE) { 132 sk->sk_state = TCP_CLOSE; 133 sk->sk_shutdown |= SEND_SHUTDOWN; 134 135 sk->sk_state_change(sk); 136 137 /* Close our TSAP. 138 * If we leave it open, IrLMP put it back into the list of 139 * unconnected LSAPs. The problem is that any incoming request 140 * can then be matched to this socket (and it will be, because 141 * it is at the head of the list). This would prevent any 142 * listening socket waiting on the same TSAP to get those 143 * requests. Some apps forget to close sockets, or hang to it 144 * a bit too long, so we may stay in this dead state long 145 * enough to be noticed... 146 * Note : all socket function do check sk->sk_state, so we are 147 * safe... 148 * Jean II 149 */ 150 if (self->tsap) { 151 irttp_close_tsap(self->tsap); 152 self->tsap = NULL; 153 } 154 } 155 bh_unlock_sock(sk); 156 157 /* Note : once we are there, there is not much you want to do 158 * with the socket anymore, apart from closing it. 159 * For example, bind() and connect() won't reset sk->sk_err, 160 * sk->sk_shutdown and sk->sk_flags to valid values... 161 * Jean II 162 */ 163} 164 165/* 166 * Function irda_connect_confirm (instance, sap, qos, max_sdu_size, skb) 167 * 168 * Connections has been confirmed by the remote device 169 * 170 */ 171static void irda_connect_confirm(void *instance, void *sap, 172 struct qos_info *qos, 173 __u32 max_sdu_size, __u8 max_header_size, 174 struct sk_buff *skb) 175{ 176 struct irda_sock *self; 177 struct sock *sk; 178 179 self = instance; 180 181 pr_debug("%s(%p)\n", __func__, self); 182 183 sk = instance; 184 if (sk == NULL) { 185 dev_kfree_skb(skb); 186 return; 187 } 188 189 dev_kfree_skb(skb); 190 // Should be ??? skb_queue_tail(&sk->sk_receive_queue, skb); 191 192 /* How much header space do we need to reserve */ 193 self->max_header_size = max_header_size; 194 195 /* IrTTP max SDU size in transmit direction */ 196 self->max_sdu_size_tx = max_sdu_size; 197 198 /* Find out what the largest chunk of data that we can transmit is */ 199 switch (sk->sk_type) { 200 case SOCK_STREAM: 201 if (max_sdu_size != 0) { 202 net_err_ratelimited("%s: max_sdu_size must be 0\n", 203 __func__); 204 return; 205 } 206 self->max_data_size = irttp_get_max_seg_size(self->tsap); 207 break; 208 case SOCK_SEQPACKET: 209 if (max_sdu_size == 0) { 210 net_err_ratelimited("%s: max_sdu_size cannot be 0\n", 211 __func__); 212 return; 213 } 214 self->max_data_size = max_sdu_size; 215 break; 216 default: 217 self->max_data_size = irttp_get_max_seg_size(self->tsap); 218 } 219 220 pr_debug("%s(), max_data_size=%d\n", __func__, 221 self->max_data_size); 222 223 memcpy(&self->qos_tx, qos, sizeof(struct qos_info)); 224 225 /* We are now connected! */ 226 sk->sk_state = TCP_ESTABLISHED; 227 sk->sk_state_change(sk); 228} 229 230/* 231 * Function irda_connect_indication(instance, sap, qos, max_sdu_size, userdata) 232 * 233 * Incoming connection 234 * 235 */ 236static void irda_connect_indication(void *instance, void *sap, 237 struct qos_info *qos, __u32 max_sdu_size, 238 __u8 max_header_size, struct sk_buff *skb) 239{ 240 struct irda_sock *self; 241 struct sock *sk; 242 243 self = instance; 244 245 pr_debug("%s(%p)\n", __func__, self); 246 247 sk = instance; 248 if (sk == NULL) { 249 dev_kfree_skb(skb); 250 return; 251 } 252 253 /* How much header space do we need to reserve */ 254 self->max_header_size = max_header_size; 255 256 /* IrTTP max SDU size in transmit direction */ 257 self->max_sdu_size_tx = max_sdu_size; 258 259 /* Find out what the largest chunk of data that we can transmit is */ 260 switch (sk->sk_type) { 261 case SOCK_STREAM: 262 if (max_sdu_size != 0) { 263 net_err_ratelimited("%s: max_sdu_size must be 0\n", 264 __func__); 265 kfree_skb(skb); 266 return; 267 } 268 self->max_data_size = irttp_get_max_seg_size(self->tsap); 269 break; 270 case SOCK_SEQPACKET: 271 if (max_sdu_size == 0) { 272 net_err_ratelimited("%s: max_sdu_size cannot be 0\n", 273 __func__); 274 kfree_skb(skb); 275 return; 276 } 277 self->max_data_size = max_sdu_size; 278 break; 279 default: 280 self->max_data_size = irttp_get_max_seg_size(self->tsap); 281 } 282 283 pr_debug("%s(), max_data_size=%d\n", __func__, 284 self->max_data_size); 285 286 memcpy(&self->qos_tx, qos, sizeof(struct qos_info)); 287 288 skb_queue_tail(&sk->sk_receive_queue, skb); 289 sk->sk_state_change(sk); 290} 291 292/* 293 * Function irda_connect_response (handle) 294 * 295 * Accept incoming connection 296 * 297 */ 298static void irda_connect_response(struct irda_sock *self) 299{ 300 struct sk_buff *skb; 301 302 skb = alloc_skb(TTP_MAX_HEADER + TTP_SAR_HEADER, GFP_KERNEL); 303 if (skb == NULL) { 304 pr_debug("%s() Unable to allocate sk_buff!\n", 305 __func__); 306 return; 307 } 308 309 /* Reserve space for MUX_CONTROL and LAP header */ 310 skb_reserve(skb, IRDA_MAX_HEADER); 311 312 irttp_connect_response(self->tsap, self->max_sdu_size_rx, skb); 313} 314 315/* 316 * Function irda_flow_indication (instance, sap, flow) 317 * 318 * Used by TinyTP to tell us if it can accept more data or not 319 * 320 */ 321static void irda_flow_indication(void *instance, void *sap, LOCAL_FLOW flow) 322{ 323 struct irda_sock *self; 324 struct sock *sk; 325 326 self = instance; 327 sk = instance; 328 BUG_ON(sk == NULL); 329 330 switch (flow) { 331 case FLOW_STOP: 332 pr_debug("%s(), IrTTP wants us to slow down\n", 333 __func__); 334 self->tx_flow = flow; 335 break; 336 case FLOW_START: 337 self->tx_flow = flow; 338 pr_debug("%s(), IrTTP wants us to start again\n", 339 __func__); 340 wake_up_interruptible(sk_sleep(sk)); 341 break; 342 default: 343 pr_debug("%s(), Unknown flow command!\n", __func__); 344 /* Unknown flow command, better stop */ 345 self->tx_flow = flow; 346 break; 347 } 348} 349 350/* 351 * Function irda_getvalue_confirm (obj_id, value, priv) 352 * 353 * Got answer from remote LM-IAS, just pass object to requester... 354 * 355 * Note : duplicate from above, but we need our own version that 356 * doesn't touch the dtsap_sel and save the full value structure... 357 */ 358static void irda_getvalue_confirm(int result, __u16 obj_id, 359 struct ias_value *value, void *priv) 360{ 361 struct irda_sock *self; 362 363 self = priv; 364 if (!self) { 365 net_warn_ratelimited("%s: lost myself!\n", __func__); 366 return; 367 } 368 369 pr_debug("%s(%p)\n", __func__, self); 370 371 /* We probably don't need to make any more queries */ 372 iriap_close(self->iriap); 373 self->iriap = NULL; 374 375 /* Check if request succeeded */ 376 if (result != IAS_SUCCESS) { 377 pr_debug("%s(), IAS query failed! (%d)\n", __func__, 378 result); 379 380 self->errno = result; /* We really need it later */ 381 382 /* Wake up any processes waiting for result */ 383 wake_up_interruptible(&self->query_wait); 384 385 return; 386 } 387 388 /* Pass the object to the caller (so the caller must delete it) */ 389 self->ias_result = value; 390 self->errno = 0; 391 392 /* Wake up any processes waiting for result */ 393 wake_up_interruptible(&self->query_wait); 394} 395 396/* 397 * Function irda_selective_discovery_indication (discovery) 398 * 399 * Got a selective discovery indication from IrLMP. 400 * 401 * IrLMP is telling us that this node is new and matching our hint bit 402 * filter. Wake up any process waiting for answer... 403 */ 404static void irda_selective_discovery_indication(discinfo_t *discovery, 405 DISCOVERY_MODE mode, 406 void *priv) 407{ 408 struct irda_sock *self; 409 410 self = priv; 411 if (!self) { 412 net_warn_ratelimited("%s: lost myself!\n", __func__); 413 return; 414 } 415 416 /* Pass parameter to the caller */ 417 self->cachedaddr = discovery->daddr; 418 419 /* Wake up process if its waiting for device to be discovered */ 420 wake_up_interruptible(&self->query_wait); 421} 422 423/* 424 * Function irda_discovery_timeout (priv) 425 * 426 * Timeout in the selective discovery process 427 * 428 * We were waiting for a node to be discovered, but nothing has come up 429 * so far. Wake up the user and tell him that we failed... 430 */ 431static void irda_discovery_timeout(u_long priv) 432{ 433 struct irda_sock *self; 434 435 self = (struct irda_sock *) priv; 436 BUG_ON(self == NULL); 437 438 /* Nothing for the caller */ 439 self->cachelog = NULL; 440 self->cachedaddr = 0; 441 self->errno = -ETIME; 442 443 /* Wake up process if its still waiting... */ 444 wake_up_interruptible(&self->query_wait); 445} 446 447/* 448 * Function irda_open_tsap (self) 449 * 450 * Open local Transport Service Access Point (TSAP) 451 * 452 */ 453static int irda_open_tsap(struct irda_sock *self, __u8 tsap_sel, char *name) 454{ 455 notify_t notify; 456 457 if (self->tsap) { 458 pr_debug("%s: busy!\n", __func__); 459 return -EBUSY; 460 } 461 462 /* Initialize callbacks to be used by the IrDA stack */ 463 irda_notify_init(¬ify); 464 notify.connect_confirm = irda_connect_confirm; 465 notify.connect_indication = irda_connect_indication; 466 notify.disconnect_indication = irda_disconnect_indication; 467 notify.data_indication = irda_data_indication; 468 notify.udata_indication = irda_data_indication; 469 notify.flow_indication = irda_flow_indication; 470 notify.instance = self; 471 strncpy(notify.name, name, NOTIFY_MAX_NAME); 472 473 self->tsap = irttp_open_tsap(tsap_sel, DEFAULT_INITIAL_CREDIT, 474 ¬ify); 475 if (self->tsap == NULL) { 476 pr_debug("%s(), Unable to allocate TSAP!\n", 477 __func__); 478 return -ENOMEM; 479 } 480 /* Remember which TSAP selector we actually got */ 481 self->stsap_sel = self->tsap->stsap_sel; 482 483 return 0; 484} 485 486/* 487 * Function irda_open_lsap (self) 488 * 489 * Open local Link Service Access Point (LSAP). Used for opening Ultra 490 * sockets 491 */ 492#ifdef CONFIG_IRDA_ULTRA 493static int irda_open_lsap(struct irda_sock *self, int pid) 494{ 495 notify_t notify; 496 497 if (self->lsap) { 498 net_warn_ratelimited("%s(), busy!\n", __func__); 499 return -EBUSY; 500 } 501 502 /* Initialize callbacks to be used by the IrDA stack */ 503 irda_notify_init(¬ify); 504 notify.udata_indication = irda_data_indication; 505 notify.instance = self; 506 strncpy(notify.name, "Ultra", NOTIFY_MAX_NAME); 507 508 self->lsap = irlmp_open_lsap(LSAP_CONNLESS, ¬ify, pid); 509 if (self->lsap == NULL) { 510 pr_debug("%s(), Unable to allocate LSAP!\n", __func__); 511 return -ENOMEM; 512 } 513 514 return 0; 515} 516#endif /* CONFIG_IRDA_ULTRA */ 517 518/* 519 * Function irda_find_lsap_sel (self, name) 520 * 521 * Try to lookup LSAP selector in remote LM-IAS 522 * 523 * Basically, we start a IAP query, and then go to sleep. When the query 524 * return, irda_getvalue_confirm will wake us up, and we can examine the 525 * result of the query... 526 * Note that in some case, the query fail even before we go to sleep, 527 * creating some races... 528 */ 529static int irda_find_lsap_sel(struct irda_sock *self, char *name) 530{ 531 pr_debug("%s(%p, %s)\n", __func__, self, name); 532 533 if (self->iriap) { 534 net_warn_ratelimited("%s(): busy with a previous query\n", 535 __func__); 536 return -EBUSY; 537 } 538 539 self->iriap = iriap_open(LSAP_ANY, IAS_CLIENT, self, 540 irda_getvalue_confirm); 541 if(self->iriap == NULL) 542 return -ENOMEM; 543 544 /* Treat unexpected wakeup as disconnect */ 545 self->errno = -EHOSTUNREACH; 546 547 /* Query remote LM-IAS */ 548 iriap_getvaluebyclass_request(self->iriap, self->saddr, self->daddr, 549 name, "IrDA:TinyTP:LsapSel"); 550 551 /* Wait for answer, if not yet finished (or failed) */ 552 if (wait_event_interruptible(self->query_wait, (self->iriap==NULL))) 553 /* Treat signals as disconnect */ 554 return -EHOSTUNREACH; 555 556 /* Check what happened */ 557 if (self->errno) 558 { 559 /* Requested object/attribute doesn't exist */ 560 if((self->errno == IAS_CLASS_UNKNOWN) || 561 (self->errno == IAS_ATTRIB_UNKNOWN)) 562 return -EADDRNOTAVAIL; 563 else 564 return -EHOSTUNREACH; 565 } 566 567 /* Get the remote TSAP selector */ 568 switch (self->ias_result->type) { 569 case IAS_INTEGER: 570 pr_debug("%s() int=%d\n", 571 __func__, self->ias_result->t.integer); 572 573 if (self->ias_result->t.integer != -1) 574 self->dtsap_sel = self->ias_result->t.integer; 575 else 576 self->dtsap_sel = 0; 577 break; 578 default: 579 self->dtsap_sel = 0; 580 pr_debug("%s(), bad type!\n", __func__); 581 break; 582 } 583 if (self->ias_result) 584 irias_delete_value(self->ias_result); 585 586 if (self->dtsap_sel) 587 return 0; 588 589 return -EADDRNOTAVAIL; 590} 591 592/* 593 * Function irda_discover_daddr_and_lsap_sel (self, name) 594 * 595 * This try to find a device with the requested service. 596 * 597 * It basically look into the discovery log. For each address in the list, 598 * it queries the LM-IAS of the device to find if this device offer 599 * the requested service. 600 * If there is more than one node supporting the service, we complain 601 * to the user (it should move devices around). 602 * The, we set both the destination address and the lsap selector to point 603 * on the service on the unique device we have found. 604 * 605 * Note : this function fails if there is more than one device in range, 606 * because IrLMP doesn't disconnect the LAP when the last LSAP is closed. 607 * Moreover, we would need to wait the LAP disconnection... 608 */ 609static int irda_discover_daddr_and_lsap_sel(struct irda_sock *self, char *name) 610{ 611 discinfo_t *discoveries; /* Copy of the discovery log */ 612 int number; /* Number of nodes in the log */ 613 int i; 614 int err = -ENETUNREACH; 615 __u32 daddr = DEV_ADDR_ANY; /* Address we found the service on */ 616 __u8 dtsap_sel = 0x0; /* TSAP associated with it */ 617 618 pr_debug("%s(), name=%s\n", __func__, name); 619 620 /* Ask lmp for the current discovery log 621 * Note : we have to use irlmp_get_discoveries(), as opposed 622 * to play with the cachelog directly, because while we are 623 * making our ias query, le log might change... */ 624 discoveries = irlmp_get_discoveries(&number, self->mask.word, 625 self->nslots); 626 /* Check if the we got some results */ 627 if (discoveries == NULL) 628 return -ENETUNREACH; /* No nodes discovered */ 629 630 /* 631 * Now, check all discovered devices (if any), and connect 632 * client only about the services that the client is 633 * interested in... 634 */ 635 for(i = 0; i < number; i++) { 636 /* Try the address in the log */ 637 self->daddr = discoveries[i].daddr; 638 self->saddr = 0x0; 639 pr_debug("%s(), trying daddr = %08x\n", 640 __func__, self->daddr); 641 642 /* Query remote LM-IAS for this service */ 643 err = irda_find_lsap_sel(self, name); 644 switch (err) { 645 case 0: 646 /* We found the requested service */ 647 if(daddr != DEV_ADDR_ANY) { 648 pr_debug("%s(), discovered service ''%s'' in two different devices !!!\n", 649 __func__, name); 650 self->daddr = DEV_ADDR_ANY; 651 kfree(discoveries); 652 return -ENOTUNIQ; 653 } 654 /* First time we found that one, save it ! */ 655 daddr = self->daddr; 656 dtsap_sel = self->dtsap_sel; 657 break; 658 case -EADDRNOTAVAIL: 659 /* Requested service simply doesn't exist on this node */ 660 break; 661 default: 662 /* Something bad did happen :-( */ 663 pr_debug("%s(), unexpected IAS query failure\n", 664 __func__); 665 self->daddr = DEV_ADDR_ANY; 666 kfree(discoveries); 667 return -EHOSTUNREACH; 668 } 669 } 670 /* Cleanup our copy of the discovery log */ 671 kfree(discoveries); 672 673 /* Check out what we found */ 674 if(daddr == DEV_ADDR_ANY) { 675 pr_debug("%s(), cannot discover service ''%s'' in any device !!!\n", 676 __func__, name); 677 self->daddr = DEV_ADDR_ANY; 678 return -EADDRNOTAVAIL; 679 } 680 681 /* Revert back to discovered device & service */ 682 self->daddr = daddr; 683 self->saddr = 0x0; 684 self->dtsap_sel = dtsap_sel; 685 686 pr_debug("%s(), discovered requested service ''%s'' at address %08x\n", 687 __func__, name, self->daddr); 688 689 return 0; 690} 691 692/* 693 * Function irda_getname (sock, uaddr, uaddr_len, peer) 694 * 695 * Return the our own, or peers socket address (sockaddr_irda) 696 * 697 */ 698static int irda_getname(struct socket *sock, struct sockaddr *uaddr, 699 int *uaddr_len, int peer) 700{ 701 struct sockaddr_irda saddr; 702 struct sock *sk = sock->sk; 703 struct irda_sock *self = irda_sk(sk); 704 705 memset(&saddr, 0, sizeof(saddr)); 706 if (peer) { 707 if (sk->sk_state != TCP_ESTABLISHED) 708 return -ENOTCONN; 709 710 saddr.sir_family = AF_IRDA; 711 saddr.sir_lsap_sel = self->dtsap_sel; 712 saddr.sir_addr = self->daddr; 713 } else { 714 saddr.sir_family = AF_IRDA; 715 saddr.sir_lsap_sel = self->stsap_sel; 716 saddr.sir_addr = self->saddr; 717 } 718 719 pr_debug("%s(), tsap_sel = %#x\n", __func__, saddr.sir_lsap_sel); 720 pr_debug("%s(), addr = %08x\n", __func__, saddr.sir_addr); 721 722 /* uaddr_len come to us uninitialised */ 723 *uaddr_len = sizeof (struct sockaddr_irda); 724 memcpy(uaddr, &saddr, *uaddr_len); 725 726 return 0; 727} 728 729/* 730 * Function irda_listen (sock, backlog) 731 * 732 * Just move to the listen state 733 * 734 */ 735static int irda_listen(struct socket *sock, int backlog) 736{ 737 struct sock *sk = sock->sk; 738 int err = -EOPNOTSUPP; 739 740 lock_sock(sk); 741 742 if ((sk->sk_type != SOCK_STREAM) && (sk->sk_type != SOCK_SEQPACKET) && 743 (sk->sk_type != SOCK_DGRAM)) 744 goto out; 745 746 if (sk->sk_state != TCP_LISTEN) { 747 sk->sk_max_ack_backlog = backlog; 748 sk->sk_state = TCP_LISTEN; 749 750 err = 0; 751 } 752out: 753 release_sock(sk); 754 755 return err; 756} 757 758/* 759 * Function irda_bind (sock, uaddr, addr_len) 760 * 761 * Used by servers to register their well known TSAP 762 * 763 */ 764static int irda_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len) 765{ 766 struct sock *sk = sock->sk; 767 struct sockaddr_irda *addr = (struct sockaddr_irda *) uaddr; 768 struct irda_sock *self = irda_sk(sk); 769 int err; 770 771 pr_debug("%s(%p)\n", __func__, self); 772 773 if (addr_len != sizeof(struct sockaddr_irda)) 774 return -EINVAL; 775 776 lock_sock(sk); 777#ifdef CONFIG_IRDA_ULTRA 778 /* Special care for Ultra sockets */ 779 if ((sk->sk_type == SOCK_DGRAM) && 780 (sk->sk_protocol == IRDAPROTO_ULTRA)) { 781 self->pid = addr->sir_lsap_sel; 782 err = -EOPNOTSUPP; 783 if (self->pid & 0x80) { 784 pr_debug("%s(), extension in PID not supp!\n", 785 __func__); 786 goto out; 787 } 788 err = irda_open_lsap(self, self->pid); 789 if (err < 0) 790 goto out; 791 792 /* Pretend we are connected */ 793 sock->state = SS_CONNECTED; 794 sk->sk_state = TCP_ESTABLISHED; 795 err = 0; 796 797 goto out; 798 } 799#endif /* CONFIG_IRDA_ULTRA */ 800 801 self->ias_obj = irias_new_object(addr->sir_name, jiffies); 802 err = -ENOMEM; 803 if (self->ias_obj == NULL) 804 goto out; 805 806 err = irda_open_tsap(self, addr->sir_lsap_sel, addr->sir_name); 807 if (err < 0) { 808 irias_delete_object(self->ias_obj); 809 self->ias_obj = NULL; 810 goto out; 811 } 812 813 /* Register with LM-IAS */ 814 irias_add_integer_attrib(self->ias_obj, "IrDA:TinyTP:LsapSel", 815 self->stsap_sel, IAS_KERNEL_ATTR); 816 irias_insert_object(self->ias_obj); 817 818 err = 0; 819out: 820 release_sock(sk); 821 return err; 822} 823 824/* 825 * Function irda_accept (sock, newsock, flags) 826 * 827 * Wait for incoming connection 828 * 829 */ 830static int irda_accept(struct socket *sock, struct socket *newsock, int flags) 831{ 832 struct sock *sk = sock->sk; 833 struct irda_sock *new, *self = irda_sk(sk); 834 struct sock *newsk; 835 struct sk_buff *skb; 836 int err; 837 838 err = irda_create(sock_net(sk), newsock, sk->sk_protocol, 0); 839 if (err) 840 return err; 841 842 err = -EINVAL; 843 844 lock_sock(sk); 845 if (sock->state != SS_UNCONNECTED) 846 goto out; 847 848 if ((sk = sock->sk) == NULL) 849 goto out; 850 851 err = -EOPNOTSUPP; 852 if ((sk->sk_type != SOCK_STREAM) && (sk->sk_type != SOCK_SEQPACKET) && 853 (sk->sk_type != SOCK_DGRAM)) 854 goto out; 855 856 err = -EINVAL; 857 if (sk->sk_state != TCP_LISTEN) 858 goto out; 859 860 /* 861 * The read queue this time is holding sockets ready to use 862 * hooked into the SABM we saved 863 */ 864 865 /* 866 * We can perform the accept only if there is incoming data 867 * on the listening socket. 868 * So, we will block the caller until we receive any data. 869 * If the caller was waiting on select() or poll() before 870 * calling us, the data is waiting for us ;-) 871 * Jean II 872 */ 873 while (1) { 874 skb = skb_dequeue(&sk->sk_receive_queue); 875 if (skb) 876 break; 877 878 /* Non blocking operation */ 879 err = -EWOULDBLOCK; 880 if (flags & O_NONBLOCK) 881 goto out; 882 883 err = wait_event_interruptible(*(sk_sleep(sk)), 884 skb_peek(&sk->sk_receive_queue)); 885 if (err) 886 goto out; 887 } 888 889 newsk = newsock->sk; 890 err = -EIO; 891 if (newsk == NULL) 892 goto out; 893 894 newsk->sk_state = TCP_ESTABLISHED; 895 896 new = irda_sk(newsk); 897 898 /* Now attach up the new socket */ 899 new->tsap = irttp_dup(self->tsap, new); 900 err = -EPERM; /* value does not seem to make sense. -arnd */ 901 if (!new->tsap) { 902 pr_debug("%s(), dup failed!\n", __func__); 903 kfree_skb(skb); 904 goto out; 905 } 906 907 new->stsap_sel = new->tsap->stsap_sel; 908 new->dtsap_sel = new->tsap->dtsap_sel; 909 new->saddr = irttp_get_saddr(new->tsap); 910 new->daddr = irttp_get_daddr(new->tsap); 911 912 new->max_sdu_size_tx = self->max_sdu_size_tx; 913 new->max_sdu_size_rx = self->max_sdu_size_rx; 914 new->max_data_size = self->max_data_size; 915 new->max_header_size = self->max_header_size; 916 917 memcpy(&new->qos_tx, &self->qos_tx, sizeof(struct qos_info)); 918 919 /* Clean up the original one to keep it in listen state */ 920 irttp_listen(self->tsap); 921 922 kfree_skb(skb); 923 sk->sk_ack_backlog--; 924 925 newsock->state = SS_CONNECTED; 926 927 irda_connect_response(new); 928 err = 0; 929out: 930 release_sock(sk); 931 return err; 932} 933 934/* 935 * Function irda_connect (sock, uaddr, addr_len, flags) 936 * 937 * Connect to a IrDA device 938 * 939 * The main difference with a "standard" connect is that with IrDA we need 940 * to resolve the service name into a TSAP selector (in TCP, port number 941 * doesn't have to be resolved). 942 * Because of this service name resolution, we can offer "auto-connect", 943 * where we connect to a service without specifying a destination address. 944 * 945 * Note : by consulting "errno", the user space caller may learn the cause 946 * of the failure. Most of them are visible in the function, others may come 947 * from subroutines called and are listed here : 948 * o EBUSY : already processing a connect 949 * o EHOSTUNREACH : bad addr->sir_addr argument 950 * o EADDRNOTAVAIL : bad addr->sir_name argument 951 * o ENOTUNIQ : more than one node has addr->sir_name (auto-connect) 952 * o ENETUNREACH : no node found on the network (auto-connect) 953 */ 954static int irda_connect(struct socket *sock, struct sockaddr *uaddr, 955 int addr_len, int flags) 956{ 957 struct sock *sk = sock->sk; 958 struct sockaddr_irda *addr = (struct sockaddr_irda *) uaddr; 959 struct irda_sock *self = irda_sk(sk); 960 int err; 961 962 pr_debug("%s(%p)\n", __func__, self); 963 964 lock_sock(sk); 965 /* Don't allow connect for Ultra sockets */ 966 err = -ESOCKTNOSUPPORT; 967 if ((sk->sk_type == SOCK_DGRAM) && (sk->sk_protocol == IRDAPROTO_ULTRA)) 968 goto out; 969 970 if (sk->sk_state == TCP_ESTABLISHED && sock->state == SS_CONNECTING) { 971 sock->state = SS_CONNECTED; 972 err = 0; 973 goto out; /* Connect completed during a ERESTARTSYS event */ 974 } 975 976 if (sk->sk_state == TCP_CLOSE && sock->state == SS_CONNECTING) { 977 sock->state = SS_UNCONNECTED; 978 err = -ECONNREFUSED; 979 goto out; 980 } 981 982 err = -EISCONN; /* No reconnect on a seqpacket socket */ 983 if (sk->sk_state == TCP_ESTABLISHED) 984 goto out; 985 986 sk->sk_state = TCP_CLOSE; 987 sock->state = SS_UNCONNECTED; 988 989 err = -EINVAL; 990 if (addr_len != sizeof(struct sockaddr_irda)) 991 goto out; 992 993 /* Check if user supplied any destination device address */ 994 if ((!addr->sir_addr) || (addr->sir_addr == DEV_ADDR_ANY)) { 995 /* Try to find one suitable */ 996 err = irda_discover_daddr_and_lsap_sel(self, addr->sir_name); 997 if (err) { 998 pr_debug("%s(), auto-connect failed!\n", __func__); 999 goto out; 1000 } 1001 } else { 1002 /* Use the one provided by the user */ 1003 self->daddr = addr->sir_addr; 1004 pr_debug("%s(), daddr = %08x\n", __func__, self->daddr); 1005 1006 /* If we don't have a valid service name, we assume the 1007 * user want to connect on a specific LSAP. Prevent 1008 * the use of invalid LSAPs (IrLMP 1.1 p10). Jean II */ 1009 if((addr->sir_name[0] != '\0') || 1010 (addr->sir_lsap_sel >= 0x70)) { 1011 /* Query remote LM-IAS using service name */ 1012 err = irda_find_lsap_sel(self, addr->sir_name); 1013 if (err) { 1014 pr_debug("%s(), connect failed!\n", __func__); 1015 goto out; 1016 } 1017 } else { 1018 /* Directly connect to the remote LSAP 1019 * specified by the sir_lsap field. 1020 * Please use with caution, in IrDA LSAPs are 1021 * dynamic and there is no "well-known" LSAP. */ 1022 self->dtsap_sel = addr->sir_lsap_sel; 1023 } 1024 } 1025 1026 /* Check if we have opened a local TSAP */ 1027 if (!self->tsap) 1028 irda_open_tsap(self, LSAP_ANY, addr->sir_name); 1029 1030 /* Move to connecting socket, start sending Connect Requests */ 1031 sock->state = SS_CONNECTING; 1032 sk->sk_state = TCP_SYN_SENT; 1033 1034 /* Connect to remote device */ 1035 err = irttp_connect_request(self->tsap, self->dtsap_sel, 1036 self->saddr, self->daddr, NULL, 1037 self->max_sdu_size_rx, NULL); 1038 if (err) { 1039 pr_debug("%s(), connect failed!\n", __func__); 1040 goto out; 1041 } 1042 1043 /* Now the loop */ 1044 err = -EINPROGRESS; 1045 if (sk->sk_state != TCP_ESTABLISHED && (flags & O_NONBLOCK)) 1046 goto out; 1047 1048 err = -ERESTARTSYS; 1049 if (wait_event_interruptible(*(sk_sleep(sk)), 1050 (sk->sk_state != TCP_SYN_SENT))) 1051 goto out; 1052 1053 if (sk->sk_state != TCP_ESTABLISHED) { 1054 sock->state = SS_UNCONNECTED; 1055 err = sock_error(sk); 1056 if (!err) 1057 err = -ECONNRESET; 1058 goto out; 1059 } 1060 1061 sock->state = SS_CONNECTED; 1062 1063 /* At this point, IrLMP has assigned our source address */ 1064 self->saddr = irttp_get_saddr(self->tsap); 1065 err = 0; 1066out: 1067 release_sock(sk); 1068 return err; 1069} 1070 1071static struct proto irda_proto = { 1072 .name = "IRDA", 1073 .owner = THIS_MODULE, 1074 .obj_size = sizeof(struct irda_sock), 1075}; 1076 1077/* 1078 * Function irda_create (sock, protocol) 1079 * 1080 * Create IrDA socket 1081 * 1082 */ 1083static int irda_create(struct net *net, struct socket *sock, int protocol, 1084 int kern) 1085{ 1086 struct sock *sk; 1087 struct irda_sock *self; 1088 1089 if (protocol < 0 || protocol > SK_PROTOCOL_MAX) 1090 return -EINVAL; 1091 1092 if (net != &init_net) 1093 return -EAFNOSUPPORT; 1094 1095 /* Check for valid socket type */ 1096 switch (sock->type) { 1097 case SOCK_STREAM: /* For TTP connections with SAR disabled */ 1098 case SOCK_SEQPACKET: /* For TTP connections with SAR enabled */ 1099 case SOCK_DGRAM: /* For TTP Unitdata or LMP Ultra transfers */ 1100 break; 1101 default: 1102 return -ESOCKTNOSUPPORT; 1103 } 1104 1105 /* Allocate networking socket */ 1106 sk = sk_alloc(net, PF_IRDA, GFP_KERNEL, &irda_proto); 1107 if (sk == NULL) 1108 return -ENOMEM; 1109 1110 self = irda_sk(sk); 1111 pr_debug("%s() : self is %p\n", __func__, self); 1112 1113 init_waitqueue_head(&self->query_wait); 1114 1115 switch (sock->type) { 1116 case SOCK_STREAM: 1117 sock->ops = &irda_stream_ops; 1118 self->max_sdu_size_rx = TTP_SAR_DISABLE; 1119 break; 1120 case SOCK_SEQPACKET: 1121 sock->ops = &irda_seqpacket_ops; 1122 self->max_sdu_size_rx = TTP_SAR_UNBOUND; 1123 break; 1124 case SOCK_DGRAM: 1125 switch (protocol) { 1126#ifdef CONFIG_IRDA_ULTRA 1127 case IRDAPROTO_ULTRA: 1128 sock->ops = &irda_ultra_ops; 1129 /* Initialise now, because we may send on unbound 1130 * sockets. Jean II */ 1131 self->max_data_size = ULTRA_MAX_DATA - LMP_PID_HEADER; 1132 self->max_header_size = IRDA_MAX_HEADER + LMP_PID_HEADER; 1133 break; 1134#endif /* CONFIG_IRDA_ULTRA */ 1135 case IRDAPROTO_UNITDATA: 1136 sock->ops = &irda_dgram_ops; 1137 /* We let Unitdata conn. be like seqpack conn. */ 1138 self->max_sdu_size_rx = TTP_SAR_UNBOUND; 1139 break; 1140 default: 1141 sk_free(sk); 1142 return -ESOCKTNOSUPPORT; 1143 } 1144 break; 1145 default: 1146 sk_free(sk); 1147 return -ESOCKTNOSUPPORT; 1148 } 1149 1150 /* Initialise networking socket struct */ 1151 sock_init_data(sock, sk); /* Note : set sk->sk_refcnt to 1 */ 1152 sk->sk_family = PF_IRDA; 1153 sk->sk_protocol = protocol; 1154 1155 /* Register as a client with IrLMP */ 1156 self->ckey = irlmp_register_client(0, NULL, NULL, NULL); 1157 self->mask.word = 0xffff; 1158 self->rx_flow = self->tx_flow = FLOW_START; 1159 self->nslots = DISCOVERY_DEFAULT_SLOTS; 1160 self->daddr = DEV_ADDR_ANY; /* Until we get connected */ 1161 self->saddr = 0x0; /* so IrLMP assign us any link */ 1162 return 0; 1163} 1164 1165/* 1166 * Function irda_destroy_socket (self) 1167 * 1168 * Destroy socket 1169 * 1170 */ 1171static void irda_destroy_socket(struct irda_sock *self) 1172{ 1173 pr_debug("%s(%p)\n", __func__, self); 1174 1175 /* Unregister with IrLMP */ 1176 irlmp_unregister_client(self->ckey); 1177 irlmp_unregister_service(self->skey); 1178 1179 /* Unregister with LM-IAS */ 1180 if (self->ias_obj) { 1181 irias_delete_object(self->ias_obj); 1182 self->ias_obj = NULL; 1183 } 1184 1185 if (self->iriap) { 1186 iriap_close(self->iriap); 1187 self->iriap = NULL; 1188 } 1189 1190 if (self->tsap) { 1191 irttp_disconnect_request(self->tsap, NULL, P_NORMAL); 1192 irttp_close_tsap(self->tsap); 1193 self->tsap = NULL; 1194 } 1195#ifdef CONFIG_IRDA_ULTRA 1196 if (self->lsap) { 1197 irlmp_close_lsap(self->lsap); 1198 self->lsap = NULL; 1199 } 1200#endif /* CONFIG_IRDA_ULTRA */ 1201} 1202 1203/* 1204 * Function irda_release (sock) 1205 */ 1206static int irda_release(struct socket *sock) 1207{ 1208 struct sock *sk = sock->sk; 1209 1210 if (sk == NULL) 1211 return 0; 1212 1213 lock_sock(sk); 1214 sk->sk_state = TCP_CLOSE; 1215 sk->sk_shutdown |= SEND_SHUTDOWN; 1216 sk->sk_state_change(sk); 1217 1218 /* Destroy IrDA socket */ 1219 irda_destroy_socket(irda_sk(sk)); 1220 1221 sock_orphan(sk); 1222 sock->sk = NULL; 1223 release_sock(sk); 1224 1225 /* Purge queues (see sock_init_data()) */ 1226 skb_queue_purge(&sk->sk_receive_queue); 1227 1228 /* Destroy networking socket if we are the last reference on it, 1229 * i.e. if(sk->sk_refcnt == 0) -> sk_free(sk) */ 1230 sock_put(sk); 1231 1232 /* Notes on socket locking and deallocation... - Jean II 1233 * In theory we should put pairs of sock_hold() / sock_put() to 1234 * prevent the socket to be destroyed whenever there is an 1235 * outstanding request or outstanding incoming packet or event. 1236 * 1237 * 1) This may include IAS request, both in connect and getsockopt. 1238 * Unfortunately, the situation is a bit more messy than it looks, 1239 * because we close iriap and kfree(self) above. 1240 * 1241 * 2) This may include selective discovery in getsockopt. 1242 * Same stuff as above, irlmp registration and self are gone. 1243 * 1244 * Probably 1 and 2 may not matter, because it's all triggered 1245 * by a process and the socket layer already prevent the 1246 * socket to go away while a process is holding it, through 1247 * sockfd_put() and fput()... 1248 * 1249 * 3) This may include deferred TSAP closure. In particular, 1250 * we may receive a late irda_disconnect_indication() 1251 * Fortunately, (tsap_cb *)->close_pend should protect us 1252 * from that. 1253 * 1254 * I did some testing on SMP, and it looks solid. And the socket 1255 * memory leak is now gone... - Jean II 1256 */ 1257 1258 return 0; 1259} 1260 1261/* 1262 * Function irda_sendmsg (sock, msg, len) 1263 * 1264 * Send message down to TinyTP. This function is used for both STREAM and 1265 * SEQPACK services. This is possible since it forces the client to 1266 * fragment the message if necessary 1267 */ 1268static int irda_sendmsg(struct socket *sock, struct msghdr *msg, size_t len) 1269{ 1270 struct sock *sk = sock->sk; 1271 struct irda_sock *self; 1272 struct sk_buff *skb; 1273 int err = -EPIPE; 1274 1275 pr_debug("%s(), len=%zd\n", __func__, len); 1276 1277 /* Note : socket.c set MSG_EOR on SEQPACKET sockets */ 1278 if (msg->msg_flags & ~(MSG_DONTWAIT | MSG_EOR | MSG_CMSG_COMPAT | 1279 MSG_NOSIGNAL)) { 1280 return -EINVAL; 1281 } 1282 1283 lock_sock(sk); 1284 1285 if (sk->sk_shutdown & SEND_SHUTDOWN) 1286 goto out_err; 1287 1288 if (sk->sk_state != TCP_ESTABLISHED) { 1289 err = -ENOTCONN; 1290 goto out; 1291 } 1292 1293 self = irda_sk(sk); 1294 1295 /* Check if IrTTP is wants us to slow down */ 1296 1297 if (wait_event_interruptible(*(sk_sleep(sk)), 1298 (self->tx_flow != FLOW_STOP || sk->sk_state != TCP_ESTABLISHED))) { 1299 err = -ERESTARTSYS; 1300 goto out; 1301 } 1302 1303 /* Check if we are still connected */ 1304 if (sk->sk_state != TCP_ESTABLISHED) { 1305 err = -ENOTCONN; 1306 goto out; 1307 } 1308 1309 /* Check that we don't send out too big frames */ 1310 if (len > self->max_data_size) { 1311 pr_debug("%s(), Chopping frame from %zd to %d bytes!\n", 1312 __func__, len, self->max_data_size); 1313 len = self->max_data_size; 1314 } 1315 1316 skb = sock_alloc_send_skb(sk, len + self->max_header_size + 16, 1317 msg->msg_flags & MSG_DONTWAIT, &err); 1318 if (!skb) 1319 goto out_err; 1320 1321 skb_reserve(skb, self->max_header_size + 16); 1322 skb_reset_transport_header(skb); 1323 skb_put(skb, len); 1324 err = memcpy_from_msg(skb_transport_header(skb), msg, len); 1325 if (err) { 1326 kfree_skb(skb); 1327 goto out_err; 1328 } 1329 1330 /* 1331 * Just send the message to TinyTP, and let it deal with possible 1332 * errors. No need to duplicate all that here 1333 */ 1334 err = irttp_data_request(self->tsap, skb); 1335 if (err) { 1336 pr_debug("%s(), err=%d\n", __func__, err); 1337 goto out_err; 1338 } 1339 1340 release_sock(sk); 1341 /* Tell client how much data we actually sent */ 1342 return len; 1343 1344out_err: 1345 err = sk_stream_error(sk, msg->msg_flags, err); 1346out: 1347 release_sock(sk); 1348 return err; 1349 1350} 1351 1352/* 1353 * Function irda_recvmsg_dgram (sock, msg, size, flags) 1354 * 1355 * Try to receive message and copy it to user. The frame is discarded 1356 * after being read, regardless of how much the user actually read 1357 */ 1358static int irda_recvmsg_dgram(struct socket *sock, struct msghdr *msg, 1359 size_t size, int flags) 1360{ 1361 struct sock *sk = sock->sk; 1362 struct irda_sock *self = irda_sk(sk); 1363 struct sk_buff *skb; 1364 size_t copied; 1365 int err; 1366 1367 skb = skb_recv_datagram(sk, flags & ~MSG_DONTWAIT, 1368 flags & MSG_DONTWAIT, &err); 1369 if (!skb) 1370 return err; 1371 1372 skb_reset_transport_header(skb); 1373 copied = skb->len; 1374 1375 if (copied > size) { 1376 pr_debug("%s(), Received truncated frame (%zd < %zd)!\n", 1377 __func__, copied, size); 1378 copied = size; 1379 msg->msg_flags |= MSG_TRUNC; 1380 } 1381 skb_copy_datagram_msg(skb, 0, msg, copied); 1382 1383 skb_free_datagram(sk, skb); 1384 1385 /* 1386 * Check if we have previously stopped IrTTP and we know 1387 * have more free space in our rx_queue. If so tell IrTTP 1388 * to start delivering frames again before our rx_queue gets 1389 * empty 1390 */ 1391 if (self->rx_flow == FLOW_STOP) { 1392 if ((atomic_read(&sk->sk_rmem_alloc) << 2) <= sk->sk_rcvbuf) { 1393 pr_debug("%s(), Starting IrTTP\n", __func__); 1394 self->rx_flow = FLOW_START; 1395 irttp_flow_request(self->tsap, FLOW_START); 1396 } 1397 } 1398 1399 return copied; 1400} 1401 1402/* 1403 * Function irda_recvmsg_stream (sock, msg, size, flags) 1404 */ 1405static int irda_recvmsg_stream(struct socket *sock, struct msghdr *msg, 1406 size_t size, int flags) 1407{ 1408 struct sock *sk = sock->sk; 1409 struct irda_sock *self = irda_sk(sk); 1410 int noblock = flags & MSG_DONTWAIT; 1411 size_t copied = 0; 1412 int target, err; 1413 long timeo; 1414 1415 if ((err = sock_error(sk)) < 0) 1416 return err; 1417 1418 if (sock->flags & __SO_ACCEPTCON) 1419 return -EINVAL; 1420 1421 err =-EOPNOTSUPP; 1422 if (flags & MSG_OOB) 1423 return -EOPNOTSUPP; 1424 1425 err = 0; 1426 target = sock_rcvlowat(sk, flags & MSG_WAITALL, size); 1427 timeo = sock_rcvtimeo(sk, noblock); 1428 1429 do { 1430 int chunk; 1431 struct sk_buff *skb = skb_dequeue(&sk->sk_receive_queue); 1432 1433 if (skb == NULL) { 1434 DEFINE_WAIT(wait); 1435 err = 0; 1436 1437 if (copied >= target) 1438 break; 1439 1440 prepare_to_wait_exclusive(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE); 1441 1442 /* 1443 * POSIX 1003.1g mandates this order. 1444 */ 1445 err = sock_error(sk); 1446 if (err) 1447 ; 1448 else if (sk->sk_shutdown & RCV_SHUTDOWN) 1449 ; 1450 else if (noblock) 1451 err = -EAGAIN; 1452 else if (signal_pending(current)) 1453 err = sock_intr_errno(timeo); 1454 else if (sk->sk_state != TCP_ESTABLISHED) 1455 err = -ENOTCONN; 1456 else if (skb_peek(&sk->sk_receive_queue) == NULL) 1457 /* Wait process until data arrives */ 1458 schedule(); 1459 1460 finish_wait(sk_sleep(sk), &wait); 1461 1462 if (err) 1463 return err; 1464 if (sk->sk_shutdown & RCV_SHUTDOWN) 1465 break; 1466 1467 continue; 1468 } 1469 1470 chunk = min_t(unsigned int, skb->len, size); 1471 if (memcpy_to_msg(msg, skb->data, chunk)) { 1472 skb_queue_head(&sk->sk_receive_queue, skb); 1473 if (copied == 0) 1474 copied = -EFAULT; 1475 break; 1476 } 1477 copied += chunk; 1478 size -= chunk; 1479 1480 /* Mark read part of skb as used */ 1481 if (!(flags & MSG_PEEK)) { 1482 skb_pull(skb, chunk); 1483 1484 /* put the skb back if we didn't use it up.. */ 1485 if (skb->len) { 1486 pr_debug("%s(), back on q!\n", 1487 __func__); 1488 skb_queue_head(&sk->sk_receive_queue, skb); 1489 break; 1490 } 1491 1492 kfree_skb(skb); 1493 } else { 1494 pr_debug("%s() questionable!?\n", __func__); 1495 1496 /* put message back and return */ 1497 skb_queue_head(&sk->sk_receive_queue, skb); 1498 break; 1499 } 1500 } while (size); 1501 1502 /* 1503 * Check if we have previously stopped IrTTP and we know 1504 * have more free space in our rx_queue. If so tell IrTTP 1505 * to start delivering frames again before our rx_queue gets 1506 * empty 1507 */ 1508 if (self->rx_flow == FLOW_STOP) { 1509 if ((atomic_read(&sk->sk_rmem_alloc) << 2) <= sk->sk_rcvbuf) { 1510 pr_debug("%s(), Starting IrTTP\n", __func__); 1511 self->rx_flow = FLOW_START; 1512 irttp_flow_request(self->tsap, FLOW_START); 1513 } 1514 } 1515 1516 return copied; 1517} 1518 1519/* 1520 * Function irda_sendmsg_dgram (sock, msg, len) 1521 * 1522 * Send message down to TinyTP for the unreliable sequenced 1523 * packet service... 1524 * 1525 */ 1526static int irda_sendmsg_dgram(struct socket *sock, struct msghdr *msg, 1527 size_t len) 1528{ 1529 struct sock *sk = sock->sk; 1530 struct irda_sock *self; 1531 struct sk_buff *skb; 1532 int err; 1533 1534 pr_debug("%s(), len=%zd\n", __func__, len); 1535 1536 if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_CMSG_COMPAT)) 1537 return -EINVAL; 1538 1539 lock_sock(sk); 1540 1541 if (sk->sk_shutdown & SEND_SHUTDOWN) { 1542 send_sig(SIGPIPE, current, 0); 1543 err = -EPIPE; 1544 goto out; 1545 } 1546 1547 err = -ENOTCONN; 1548 if (sk->sk_state != TCP_ESTABLISHED) 1549 goto out; 1550 1551 self = irda_sk(sk); 1552 1553 /* 1554 * Check that we don't send out too big frames. This is an unreliable 1555 * service, so we have no fragmentation and no coalescence 1556 */ 1557 if (len > self->max_data_size) { 1558 pr_debug("%s(), Warning too much data! Chopping frame from %zd to %d bytes!\n", 1559 __func__, len, self->max_data_size); 1560 len = self->max_data_size; 1561 } 1562 1563 skb = sock_alloc_send_skb(sk, len + self->max_header_size, 1564 msg->msg_flags & MSG_DONTWAIT, &err); 1565 err = -ENOBUFS; 1566 if (!skb) 1567 goto out; 1568 1569 skb_reserve(skb, self->max_header_size); 1570 skb_reset_transport_header(skb); 1571 1572 pr_debug("%s(), appending user data\n", __func__); 1573 skb_put(skb, len); 1574 err = memcpy_from_msg(skb_transport_header(skb), msg, len); 1575 if (err) { 1576 kfree_skb(skb); 1577 goto out; 1578 } 1579 1580 /* 1581 * Just send the message to TinyTP, and let it deal with possible 1582 * errors. No need to duplicate all that here 1583 */ 1584 err = irttp_udata_request(self->tsap, skb); 1585 if (err) { 1586 pr_debug("%s(), err=%d\n", __func__, err); 1587 goto out; 1588 } 1589 1590 release_sock(sk); 1591 return len; 1592 1593out: 1594 release_sock(sk); 1595 return err; 1596} 1597 1598/* 1599 * Function irda_sendmsg_ultra (sock, msg, len) 1600 * 1601 * Send message down to IrLMP for the unreliable Ultra 1602 * packet service... 1603 */ 1604#ifdef CONFIG_IRDA_ULTRA 1605static int irda_sendmsg_ultra(struct socket *sock, struct msghdr *msg, 1606 size_t len) 1607{ 1608 struct sock *sk = sock->sk; 1609 struct irda_sock *self; 1610 __u8 pid = 0; 1611 int bound = 0; 1612 struct sk_buff *skb; 1613 int err; 1614 1615 pr_debug("%s(), len=%zd\n", __func__, len); 1616 1617 err = -EINVAL; 1618 if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_CMSG_COMPAT)) 1619 return -EINVAL; 1620 1621 lock_sock(sk); 1622 1623 err = -EPIPE; 1624 if (sk->sk_shutdown & SEND_SHUTDOWN) { 1625 send_sig(SIGPIPE, current, 0); 1626 goto out; 1627 } 1628 1629 self = irda_sk(sk); 1630 1631 /* Check if an address was specified with sendto. Jean II */ 1632 if (msg->msg_name) { 1633 DECLARE_SOCKADDR(struct sockaddr_irda *, addr, msg->msg_name); 1634 err = -EINVAL; 1635 /* Check address, extract pid. Jean II */ 1636 if (msg->msg_namelen < sizeof(*addr)) 1637 goto out; 1638 if (addr->sir_family != AF_IRDA) 1639 goto out; 1640 1641 pid = addr->sir_lsap_sel; 1642 if (pid & 0x80) { 1643 pr_debug("%s(), extension in PID not supp!\n", 1644 __func__); 1645 err = -EOPNOTSUPP; 1646 goto out; 1647 } 1648 } else { 1649 /* Check that the socket is properly bound to an Ultra 1650 * port. Jean II */ 1651 if ((self->lsap == NULL) || 1652 (sk->sk_state != TCP_ESTABLISHED)) { 1653 pr_debug("%s(), socket not bound to Ultra PID.\n", 1654 __func__); 1655 err = -ENOTCONN; 1656 goto out; 1657 } 1658 /* Use PID from socket */ 1659 bound = 1; 1660 } 1661 1662 /* 1663 * Check that we don't send out too big frames. This is an unreliable 1664 * service, so we have no fragmentation and no coalescence 1665 */ 1666 if (len > self->max_data_size) { 1667 pr_debug("%s(), Warning too much data! Chopping frame from %zd to %d bytes!\n", 1668 __func__, len, self->max_data_size); 1669 len = self->max_data_size; 1670 } 1671 1672 skb = sock_alloc_send_skb(sk, len + self->max_header_size, 1673 msg->msg_flags & MSG_DONTWAIT, &err); 1674 err = -ENOBUFS; 1675 if (!skb) 1676 goto out; 1677 1678 skb_reserve(skb, self->max_header_size); 1679 skb_reset_transport_header(skb); 1680 1681 pr_debug("%s(), appending user data\n", __func__); 1682 skb_put(skb, len); 1683 err = memcpy_from_msg(skb_transport_header(skb), msg, len); 1684 if (err) { 1685 kfree_skb(skb); 1686 goto out; 1687 } 1688 1689 err = irlmp_connless_data_request((bound ? self->lsap : NULL), 1690 skb, pid); 1691 if (err) 1692 pr_debug("%s(), err=%d\n", __func__, err); 1693out: 1694 release_sock(sk); 1695 return err ? : len; 1696} 1697#endif /* CONFIG_IRDA_ULTRA */ 1698 1699/* 1700 * Function irda_shutdown (sk, how) 1701 */ 1702static int irda_shutdown(struct socket *sock, int how) 1703{ 1704 struct sock *sk = sock->sk; 1705 struct irda_sock *self = irda_sk(sk); 1706 1707 pr_debug("%s(%p)\n", __func__, self); 1708 1709 lock_sock(sk); 1710 1711 sk->sk_state = TCP_CLOSE; 1712 sk->sk_shutdown |= SEND_SHUTDOWN; 1713 sk->sk_state_change(sk); 1714 1715 if (self->iriap) { 1716 iriap_close(self->iriap); 1717 self->iriap = NULL; 1718 } 1719 1720 if (self->tsap) { 1721 irttp_disconnect_request(self->tsap, NULL, P_NORMAL); 1722 irttp_close_tsap(self->tsap); 1723 self->tsap = NULL; 1724 } 1725 1726 /* A few cleanup so the socket look as good as new... */ 1727 self->rx_flow = self->tx_flow = FLOW_START; /* needed ??? */ 1728 self->daddr = DEV_ADDR_ANY; /* Until we get re-connected */ 1729 self->saddr = 0x0; /* so IrLMP assign us any link */ 1730 1731 release_sock(sk); 1732 1733 return 0; 1734} 1735 1736/* 1737 * Function irda_poll (file, sock, wait) 1738 */ 1739static unsigned int irda_poll(struct file * file, struct socket *sock, 1740 poll_table *wait) 1741{ 1742 struct sock *sk = sock->sk; 1743 struct irda_sock *self = irda_sk(sk); 1744 unsigned int mask; 1745 1746 poll_wait(file, sk_sleep(sk), wait); 1747 mask = 0; 1748 1749 /* Exceptional events? */ 1750 if (sk->sk_err) 1751 mask |= POLLERR; 1752 if (sk->sk_shutdown & RCV_SHUTDOWN) { 1753 pr_debug("%s(), POLLHUP\n", __func__); 1754 mask |= POLLHUP; 1755 } 1756 1757 /* Readable? */ 1758 if (!skb_queue_empty(&sk->sk_receive_queue)) { 1759 pr_debug("Socket is readable\n"); 1760 mask |= POLLIN | POLLRDNORM; 1761 } 1762 1763 /* Connection-based need to check for termination and startup */ 1764 switch (sk->sk_type) { 1765 case SOCK_STREAM: 1766 if (sk->sk_state == TCP_CLOSE) { 1767 pr_debug("%s(), POLLHUP\n", __func__); 1768 mask |= POLLHUP; 1769 } 1770 1771 if (sk->sk_state == TCP_ESTABLISHED) { 1772 if ((self->tx_flow == FLOW_START) && 1773 sock_writeable(sk)) 1774 { 1775 mask |= POLLOUT | POLLWRNORM | POLLWRBAND; 1776 } 1777 } 1778 break; 1779 case SOCK_SEQPACKET: 1780 if ((self->tx_flow == FLOW_START) && 1781 sock_writeable(sk)) 1782 { 1783 mask |= POLLOUT | POLLWRNORM | POLLWRBAND; 1784 } 1785 break; 1786 case SOCK_DGRAM: 1787 if (sock_writeable(sk)) 1788 mask |= POLLOUT | POLLWRNORM | POLLWRBAND; 1789 break; 1790 default: 1791 break; 1792 } 1793 1794 return mask; 1795} 1796 1797/* 1798 * Function irda_ioctl (sock, cmd, arg) 1799 */ 1800static int irda_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg) 1801{ 1802 struct sock *sk = sock->sk; 1803 int err; 1804 1805 pr_debug("%s(), cmd=%#x\n", __func__, cmd); 1806 1807 err = -EINVAL; 1808 switch (cmd) { 1809 case TIOCOUTQ: { 1810 long amount; 1811 1812 amount = sk->sk_sndbuf - sk_wmem_alloc_get(sk); 1813 if (amount < 0) 1814 amount = 0; 1815 err = put_user(amount, (unsigned int __user *)arg); 1816 break; 1817 } 1818 1819 case TIOCINQ: { 1820 struct sk_buff *skb; 1821 long amount = 0L; 1822 /* These two are safe on a single CPU system as only user tasks fiddle here */ 1823 if ((skb = skb_peek(&sk->sk_receive_queue)) != NULL) 1824 amount = skb->len; 1825 err = put_user(amount, (unsigned int __user *)arg); 1826 break; 1827 } 1828 1829 case SIOCGSTAMP: 1830 if (sk != NULL) 1831 err = sock_get_timestamp(sk, (struct timeval __user *)arg); 1832 break; 1833 1834 case SIOCGIFADDR: 1835 case SIOCSIFADDR: 1836 case SIOCGIFDSTADDR: 1837 case SIOCSIFDSTADDR: 1838 case SIOCGIFBRDADDR: 1839 case SIOCSIFBRDADDR: 1840 case SIOCGIFNETMASK: 1841 case SIOCSIFNETMASK: 1842 case SIOCGIFMETRIC: 1843 case SIOCSIFMETRIC: 1844 break; 1845 default: 1846 pr_debug("%s(), doing device ioctl!\n", __func__); 1847 err = -ENOIOCTLCMD; 1848 } 1849 1850 return err; 1851} 1852 1853#ifdef CONFIG_COMPAT 1854/* 1855 * Function irda_ioctl (sock, cmd, arg) 1856 */ 1857static int irda_compat_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg) 1858{ 1859 /* 1860 * All IRDA's ioctl are standard ones. 1861 */ 1862 return -ENOIOCTLCMD; 1863} 1864#endif 1865 1866/* 1867 * Function irda_setsockopt (sock, level, optname, optval, optlen) 1868 * 1869 * Set some options for the socket 1870 * 1871 */ 1872static int irda_setsockopt(struct socket *sock, int level, int optname, 1873 char __user *optval, unsigned int optlen) 1874{ 1875 struct sock *sk = sock->sk; 1876 struct irda_sock *self = irda_sk(sk); 1877 struct irda_ias_set *ias_opt; 1878 struct ias_object *ias_obj; 1879 struct ias_attrib * ias_attr; /* Attribute in IAS object */ 1880 int opt, free_ias = 0, err = 0; 1881 1882 pr_debug("%s(%p)\n", __func__, self); 1883 1884 if (level != SOL_IRLMP) 1885 return -ENOPROTOOPT; 1886 1887 lock_sock(sk); 1888 1889 switch (optname) { 1890 case IRLMP_IAS_SET: 1891 /* The user want to add an attribute to an existing IAS object 1892 * (in the IAS database) or to create a new object with this 1893 * attribute. 1894 * We first query IAS to know if the object exist, and then 1895 * create the right attribute... 1896 */ 1897 1898 if (optlen != sizeof(struct irda_ias_set)) { 1899 err = -EINVAL; 1900 goto out; 1901 } 1902 1903 ias_opt = kmalloc(sizeof(struct irda_ias_set), GFP_ATOMIC); 1904 if (ias_opt == NULL) { 1905 err = -ENOMEM; 1906 goto out; 1907 } 1908 1909 /* Copy query to the driver. */ 1910 if (copy_from_user(ias_opt, optval, optlen)) { 1911 kfree(ias_opt); 1912 err = -EFAULT; 1913 goto out; 1914 } 1915 1916 /* Find the object we target. 1917 * If the user gives us an empty string, we use the object 1918 * associated with this socket. This will workaround 1919 * duplicated class name - Jean II */ 1920 if(ias_opt->irda_class_name[0] == '\0') { 1921 if(self->ias_obj == NULL) { 1922 kfree(ias_opt); 1923 err = -EINVAL; 1924 goto out; 1925 } 1926 ias_obj = self->ias_obj; 1927 } else 1928 ias_obj = irias_find_object(ias_opt->irda_class_name); 1929 1930 /* Only ROOT can mess with the global IAS database. 1931 * Users can only add attributes to the object associated 1932 * with the socket they own - Jean II */ 1933 if((!capable(CAP_NET_ADMIN)) && 1934 ((ias_obj == NULL) || (ias_obj != self->ias_obj))) { 1935 kfree(ias_opt); 1936 err = -EPERM; 1937 goto out; 1938 } 1939 1940 /* If the object doesn't exist, create it */ 1941 if(ias_obj == (struct ias_object *) NULL) { 1942 /* Create a new object */ 1943 ias_obj = irias_new_object(ias_opt->irda_class_name, 1944 jiffies); 1945 if (ias_obj == NULL) { 1946 kfree(ias_opt); 1947 err = -ENOMEM; 1948 goto out; 1949 } 1950 free_ias = 1; 1951 } 1952 1953 /* Do we have the attribute already ? */ 1954 if(irias_find_attrib(ias_obj, ias_opt->irda_attrib_name)) { 1955 kfree(ias_opt); 1956 if (free_ias) { 1957 kfree(ias_obj->name); 1958 kfree(ias_obj); 1959 } 1960 err = -EINVAL; 1961 goto out; 1962 } 1963 1964 /* Look at the type */ 1965 switch(ias_opt->irda_attrib_type) { 1966 case IAS_INTEGER: 1967 /* Add an integer attribute */ 1968 irias_add_integer_attrib( 1969 ias_obj, 1970 ias_opt->irda_attrib_name, 1971 ias_opt->attribute.irda_attrib_int, 1972 IAS_USER_ATTR); 1973 break; 1974 case IAS_OCT_SEQ: 1975 /* Check length */ 1976 if(ias_opt->attribute.irda_attrib_octet_seq.len > 1977 IAS_MAX_OCTET_STRING) { 1978 kfree(ias_opt); 1979 if (free_ias) { 1980 kfree(ias_obj->name); 1981 kfree(ias_obj); 1982 } 1983 1984 err = -EINVAL; 1985 goto out; 1986 } 1987 /* Add an octet sequence attribute */ 1988 irias_add_octseq_attrib( 1989 ias_obj, 1990 ias_opt->irda_attrib_name, 1991 ias_opt->attribute.irda_attrib_octet_seq.octet_seq, 1992 ias_opt->attribute.irda_attrib_octet_seq.len, 1993 IAS_USER_ATTR); 1994 break; 1995 case IAS_STRING: 1996 /* Should check charset & co */ 1997 /* Check length */ 1998 /* The length is encoded in a __u8, and 1999 * IAS_MAX_STRING == 256, so there is no way 2000 * userspace can pass us a string too large. 2001 * Jean II */ 2002 /* NULL terminate the string (avoid troubles) */ 2003 ias_opt->attribute.irda_attrib_string.string[ias_opt->attribute.irda_attrib_string.len] = '\0'; 2004 /* Add a string attribute */ 2005 irias_add_string_attrib( 2006 ias_obj, 2007 ias_opt->irda_attrib_name, 2008 ias_opt->attribute.irda_attrib_string.string, 2009 IAS_USER_ATTR); 2010 break; 2011 default : 2012 kfree(ias_opt); 2013 if (free_ias) { 2014 kfree(ias_obj->name); 2015 kfree(ias_obj); 2016 } 2017 err = -EINVAL; 2018 goto out; 2019 } 2020 irias_insert_object(ias_obj); 2021 kfree(ias_opt); 2022 break; 2023 case IRLMP_IAS_DEL: 2024 /* The user want to delete an object from our local IAS 2025 * database. We just need to query the IAS, check is the 2026 * object is not owned by the kernel and delete it. 2027 */ 2028 2029 if (optlen != sizeof(struct irda_ias_set)) { 2030 err = -EINVAL; 2031 goto out; 2032 } 2033 2034 ias_opt = kmalloc(sizeof(struct irda_ias_set), GFP_ATOMIC); 2035 if (ias_opt == NULL) { 2036 err = -ENOMEM; 2037 goto out; 2038 } 2039 2040 /* Copy query to the driver. */ 2041 if (copy_from_user(ias_opt, optval, optlen)) { 2042 kfree(ias_opt); 2043 err = -EFAULT; 2044 goto out; 2045 } 2046 2047 /* Find the object we target. 2048 * If the user gives us an empty string, we use the object 2049 * associated with this socket. This will workaround 2050 * duplicated class name - Jean II */ 2051 if(ias_opt->irda_class_name[0] == '\0') 2052 ias_obj = self->ias_obj; 2053 else 2054 ias_obj = irias_find_object(ias_opt->irda_class_name); 2055 if(ias_obj == (struct ias_object *) NULL) { 2056 kfree(ias_opt); 2057 err = -EINVAL; 2058 goto out; 2059 } 2060 2061 /* Only ROOT can mess with the global IAS database. 2062 * Users can only del attributes from the object associated 2063 * with the socket they own - Jean II */ 2064 if((!capable(CAP_NET_ADMIN)) && 2065 ((ias_obj == NULL) || (ias_obj != self->ias_obj))) { 2066 kfree(ias_opt); 2067 err = -EPERM; 2068 goto out; 2069 } 2070 2071 /* Find the attribute (in the object) we target */ 2072 ias_attr = irias_find_attrib(ias_obj, 2073 ias_opt->irda_attrib_name); 2074 if(ias_attr == (struct ias_attrib *) NULL) { 2075 kfree(ias_opt); 2076 err = -EINVAL; 2077 goto out; 2078 } 2079 2080 /* Check is the user space own the object */ 2081 if(ias_attr->value->owner != IAS_USER_ATTR) { 2082 pr_debug("%s(), attempting to delete a kernel attribute\n", 2083 __func__); 2084 kfree(ias_opt); 2085 err = -EPERM; 2086 goto out; 2087 } 2088 2089 /* Remove the attribute (and maybe the object) */ 2090 irias_delete_attrib(ias_obj, ias_attr, 1); 2091 kfree(ias_opt); 2092 break; 2093 case IRLMP_MAX_SDU_SIZE: 2094 if (optlen < sizeof(int)) { 2095 err = -EINVAL; 2096 goto out; 2097 } 2098 2099 if (get_user(opt, (int __user *)optval)) { 2100 err = -EFAULT; 2101 goto out; 2102 } 2103 2104 /* Only possible for a seqpacket service (TTP with SAR) */ 2105 if (sk->sk_type != SOCK_SEQPACKET) { 2106 pr_debug("%s(), setting max_sdu_size = %d\n", 2107 __func__, opt); 2108 self->max_sdu_size_rx = opt; 2109 } else { 2110 net_warn_ratelimited("%s: not allowed to set MAXSDUSIZE for this socket type!\n", 2111 __func__); 2112 err = -ENOPROTOOPT; 2113 goto out; 2114 } 2115 break; 2116 case IRLMP_HINTS_SET: 2117 if (optlen < sizeof(int)) { 2118 err = -EINVAL; 2119 goto out; 2120 } 2121 2122 /* The input is really a (__u8 hints[2]), easier as an int */ 2123 if (get_user(opt, (int __user *)optval)) { 2124 err = -EFAULT; 2125 goto out; 2126 } 2127 2128 /* Unregister any old registration */ 2129 if (self->skey) 2130 irlmp_unregister_service(self->skey); 2131 2132 self->skey = irlmp_register_service((__u16) opt); 2133 break; 2134 case IRLMP_HINT_MASK_SET: 2135 /* As opposed to the previous case which set the hint bits 2136 * that we advertise, this one set the filter we use when 2137 * making a discovery (nodes which don't match any hint 2138 * bit in the mask are not reported). 2139 */ 2140 if (optlen < sizeof(int)) { 2141 err = -EINVAL; 2142 goto out; 2143 } 2144 2145 /* The input is really a (__u8 hints[2]), easier as an int */ 2146 if (get_user(opt, (int __user *)optval)) { 2147 err = -EFAULT; 2148 goto out; 2149 } 2150 2151 /* Set the new hint mask */ 2152 self->mask.word = (__u16) opt; 2153 /* Mask out extension bits */ 2154 self->mask.word &= 0x7f7f; 2155 /* Check if no bits */ 2156 if(!self->mask.word) 2157 self->mask.word = 0xFFFF; 2158 2159 break; 2160 default: 2161 err = -ENOPROTOOPT; 2162 break; 2163 } 2164 2165out: 2166 release_sock(sk); 2167 2168 return err; 2169} 2170 2171/* 2172 * Function irda_extract_ias_value(ias_opt, ias_value) 2173 * 2174 * Translate internal IAS value structure to the user space representation 2175 * 2176 * The external representation of IAS values, as we exchange them with 2177 * user space program is quite different from the internal representation, 2178 * as stored in the IAS database (because we need a flat structure for 2179 * crossing kernel boundary). 2180 * This function transform the former in the latter. We also check 2181 * that the value type is valid. 2182 */ 2183static int irda_extract_ias_value(struct irda_ias_set *ias_opt, 2184 struct ias_value *ias_value) 2185{ 2186 /* Look at the type */ 2187 switch (ias_value->type) { 2188 case IAS_INTEGER: 2189 /* Copy the integer */ 2190 ias_opt->attribute.irda_attrib_int = ias_value->t.integer; 2191 break; 2192 case IAS_OCT_SEQ: 2193 /* Set length */ 2194 ias_opt->attribute.irda_attrib_octet_seq.len = ias_value->len; 2195 /* Copy over */ 2196 memcpy(ias_opt->attribute.irda_attrib_octet_seq.octet_seq, 2197 ias_value->t.oct_seq, ias_value->len); 2198 break; 2199 case IAS_STRING: 2200 /* Set length */ 2201 ias_opt->attribute.irda_attrib_string.len = ias_value->len; 2202 ias_opt->attribute.irda_attrib_string.charset = ias_value->charset; 2203 /* Copy over */ 2204 memcpy(ias_opt->attribute.irda_attrib_string.string, 2205 ias_value->t.string, ias_value->len); 2206 /* NULL terminate the string (avoid troubles) */ 2207 ias_opt->attribute.irda_attrib_string.string[ias_value->len] = '\0'; 2208 break; 2209 case IAS_MISSING: 2210 default : 2211 return -EINVAL; 2212 } 2213 2214 /* Copy type over */ 2215 ias_opt->irda_attrib_type = ias_value->type; 2216 2217 return 0; 2218} 2219 2220/* 2221 * Function irda_getsockopt (sock, level, optname, optval, optlen) 2222 */ 2223static int irda_getsockopt(struct socket *sock, int level, int optname, 2224 char __user *optval, int __user *optlen) 2225{ 2226 struct sock *sk = sock->sk; 2227 struct irda_sock *self = irda_sk(sk); 2228 struct irda_device_list list; 2229 struct irda_device_info *discoveries; 2230 struct irda_ias_set * ias_opt; /* IAS get/query params */ 2231 struct ias_object * ias_obj; /* Object in IAS */ 2232 struct ias_attrib * ias_attr; /* Attribute in IAS object */ 2233 int daddr = DEV_ADDR_ANY; /* Dest address for IAS queries */ 2234 int val = 0; 2235 int len = 0; 2236 int err = 0; 2237 int offset, total; 2238 2239 pr_debug("%s(%p)\n", __func__, self); 2240 2241 if (level != SOL_IRLMP) 2242 return -ENOPROTOOPT; 2243 2244 if (get_user(len, optlen)) 2245 return -EFAULT; 2246 2247 if(len < 0) 2248 return -EINVAL; 2249 2250 lock_sock(sk); 2251 2252 switch (optname) { 2253 case IRLMP_ENUMDEVICES: 2254 2255 /* Offset to first device entry */ 2256 offset = sizeof(struct irda_device_list) - 2257 sizeof(struct irda_device_info); 2258 2259 if (len < offset) { 2260 err = -EINVAL; 2261 goto out; 2262 } 2263 2264 /* Ask lmp for the current discovery log */ 2265 discoveries = irlmp_get_discoveries(&list.len, self->mask.word, 2266 self->nslots); 2267 /* Check if the we got some results */ 2268 if (discoveries == NULL) { 2269 err = -EAGAIN; 2270 goto out; /* Didn't find any devices */ 2271 } 2272 2273 /* Write total list length back to client */ 2274 if (copy_to_user(optval, &list, offset)) 2275 err = -EFAULT; 2276 2277 /* Copy the list itself - watch for overflow */ 2278 if (list.len > 2048) { 2279 err = -EINVAL; 2280 goto bed; 2281 } 2282 total = offset + (list.len * sizeof(struct irda_device_info)); 2283 if (total > len) 2284 total = len; 2285 if (copy_to_user(optval+offset, discoveries, total - offset)) 2286 err = -EFAULT; 2287 2288 /* Write total number of bytes used back to client */ 2289 if (put_user(total, optlen)) 2290 err = -EFAULT; 2291bed: 2292 /* Free up our buffer */ 2293 kfree(discoveries); 2294 break; 2295 case IRLMP_MAX_SDU_SIZE: 2296 val = self->max_data_size; 2297 len = sizeof(int); 2298 if (put_user(len, optlen)) { 2299 err = -EFAULT; 2300 goto out; 2301 } 2302 2303 if (copy_to_user(optval, &val, len)) { 2304 err = -EFAULT; 2305 goto out; 2306 } 2307 2308 break; 2309 case IRLMP_IAS_GET: 2310 /* The user want an object from our local IAS database. 2311 * We just need to query the IAS and return the value 2312 * that we found */ 2313 2314 /* Check that the user has allocated the right space for us */ 2315 if (len != sizeof(struct irda_ias_set)) { 2316 err = -EINVAL; 2317 goto out; 2318 } 2319 2320 ias_opt = kmalloc(sizeof(struct irda_ias_set), GFP_ATOMIC); 2321 if (ias_opt == NULL) { 2322 err = -ENOMEM; 2323 goto out; 2324 } 2325 2326 /* Copy query to the driver. */ 2327 if (copy_from_user(ias_opt, optval, len)) { 2328 kfree(ias_opt); 2329 err = -EFAULT; 2330 goto out; 2331 } 2332 2333 /* Find the object we target. 2334 * If the user gives us an empty string, we use the object 2335 * associated with this socket. This will workaround 2336 * duplicated class name - Jean II */ 2337 if(ias_opt->irda_class_name[0] == '\0') 2338 ias_obj = self->ias_obj; 2339 else 2340 ias_obj = irias_find_object(ias_opt->irda_class_name); 2341 if(ias_obj == (struct ias_object *) NULL) { 2342 kfree(ias_opt); 2343 err = -EINVAL; 2344 goto out; 2345 } 2346 2347 /* Find the attribute (in the object) we target */ 2348 ias_attr = irias_find_attrib(ias_obj, 2349 ias_opt->irda_attrib_name); 2350 if(ias_attr == (struct ias_attrib *) NULL) { 2351 kfree(ias_opt); 2352 err = -EINVAL; 2353 goto out; 2354 } 2355 2356 /* Translate from internal to user structure */ 2357 err = irda_extract_ias_value(ias_opt, ias_attr->value); 2358 if(err) { 2359 kfree(ias_opt); 2360 goto out; 2361 } 2362 2363 /* Copy reply to the user */ 2364 if (copy_to_user(optval, ias_opt, 2365 sizeof(struct irda_ias_set))) { 2366 kfree(ias_opt); 2367 err = -EFAULT; 2368 goto out; 2369 } 2370 /* Note : don't need to put optlen, we checked it */ 2371 kfree(ias_opt); 2372 break; 2373 case IRLMP_IAS_QUERY: 2374 /* The user want an object from a remote IAS database. 2375 * We need to use IAP to query the remote database and 2376 * then wait for the answer to come back. */ 2377 2378 /* Check that the user has allocated the right space for us */ 2379 if (len != sizeof(struct irda_ias_set)) { 2380 err = -EINVAL; 2381 goto out; 2382 } 2383 2384 ias_opt = kmalloc(sizeof(struct irda_ias_set), GFP_ATOMIC); 2385 if (ias_opt == NULL) { 2386 err = -ENOMEM; 2387 goto out; 2388 } 2389 2390 /* Copy query to the driver. */ 2391 if (copy_from_user(ias_opt, optval, len)) { 2392 kfree(ias_opt); 2393 err = -EFAULT; 2394 goto out; 2395 } 2396 2397 /* At this point, there are two cases... 2398 * 1) the socket is connected - that's the easy case, we 2399 * just query the device we are connected to... 2400 * 2) the socket is not connected - the user doesn't want 2401 * to connect and/or may not have a valid service name 2402 * (so can't create a fake connection). In this case, 2403 * we assume that the user pass us a valid destination 2404 * address in the requesting structure... 2405 */ 2406 if(self->daddr != DEV_ADDR_ANY) { 2407 /* We are connected - reuse known daddr */ 2408 daddr = self->daddr; 2409 } else { 2410 /* We are not connected, we must specify a valid 2411 * destination address */ 2412 daddr = ias_opt->daddr; 2413 if((!daddr) || (daddr == DEV_ADDR_ANY)) { 2414 kfree(ias_opt); 2415 err = -EINVAL; 2416 goto out; 2417 } 2418 } 2419 2420 /* Check that we can proceed with IAP */ 2421 if (self->iriap) { 2422 net_warn_ratelimited("%s: busy with a previous query\n", 2423 __func__); 2424 kfree(ias_opt); 2425 err = -EBUSY; 2426 goto out; 2427 } 2428 2429 self->iriap = iriap_open(LSAP_ANY, IAS_CLIENT, self, 2430 irda_getvalue_confirm); 2431 2432 if (self->iriap == NULL) { 2433 kfree(ias_opt); 2434 err = -ENOMEM; 2435 goto out; 2436 } 2437 2438 /* Treat unexpected wakeup as disconnect */ 2439 self->errno = -EHOSTUNREACH; 2440 2441 /* Query remote LM-IAS */ 2442 iriap_getvaluebyclass_request(self->iriap, 2443 self->saddr, daddr, 2444 ias_opt->irda_class_name, 2445 ias_opt->irda_attrib_name); 2446 2447 /* Wait for answer, if not yet finished (or failed) */ 2448 if (wait_event_interruptible(self->query_wait, 2449 (self->iriap == NULL))) { 2450 /* pending request uses copy of ias_opt-content 2451 * we can free it regardless! */ 2452 kfree(ias_opt); 2453 /* Treat signals as disconnect */ 2454 err = -EHOSTUNREACH; 2455 goto out; 2456 } 2457 2458 /* Check what happened */ 2459 if (self->errno) 2460 { 2461 kfree(ias_opt); 2462 /* Requested object/attribute doesn't exist */ 2463 if((self->errno == IAS_CLASS_UNKNOWN) || 2464 (self->errno == IAS_ATTRIB_UNKNOWN)) 2465 err = -EADDRNOTAVAIL; 2466 else 2467 err = -EHOSTUNREACH; 2468 2469 goto out; 2470 } 2471 2472 /* Translate from internal to user structure */ 2473 err = irda_extract_ias_value(ias_opt, self->ias_result); 2474 if (self->ias_result) 2475 irias_delete_value(self->ias_result); 2476 if (err) { 2477 kfree(ias_opt); 2478 goto out; 2479 } 2480 2481 /* Copy reply to the user */ 2482 if (copy_to_user(optval, ias_opt, 2483 sizeof(struct irda_ias_set))) { 2484 kfree(ias_opt); 2485 err = -EFAULT; 2486 goto out; 2487 } 2488 /* Note : don't need to put optlen, we checked it */ 2489 kfree(ias_opt); 2490 break; 2491 case IRLMP_WAITDEVICE: 2492 /* This function is just another way of seeing life ;-) 2493 * IRLMP_ENUMDEVICES assumes that you have a static network, 2494 * and that you just want to pick one of the devices present. 2495 * On the other hand, in here we assume that no device is 2496 * present and that at some point in the future a device will 2497 * come into range. When this device arrive, we just wake 2498 * up the caller, so that he has time to connect to it before 2499 * the device goes away... 2500 * Note : once the node has been discovered for more than a 2501 * few second, it won't trigger this function, unless it 2502 * goes away and come back changes its hint bits (so we 2503 * might call it IRLMP_WAITNEWDEVICE). 2504 */ 2505 2506 /* Check that the user is passing us an int */ 2507 if (len != sizeof(int)) { 2508 err = -EINVAL; 2509 goto out; 2510 } 2511 /* Get timeout in ms (max time we block the caller) */ 2512 if (get_user(val, (int __user *)optval)) { 2513 err = -EFAULT; 2514 goto out; 2515 } 2516 2517 /* Tell IrLMP we want to be notified */ 2518 irlmp_update_client(self->ckey, self->mask.word, 2519 irda_selective_discovery_indication, 2520 NULL, (void *) self); 2521 2522 /* Do some discovery (and also return cached results) */ 2523 irlmp_discovery_request(self->nslots); 2524 2525 /* Wait until a node is discovered */ 2526 if (!self->cachedaddr) { 2527 pr_debug("%s(), nothing discovered yet, going to sleep...\n", 2528 __func__); 2529 2530 /* Set watchdog timer to expire in <val> ms. */ 2531 self->errno = 0; 2532 setup_timer(&self->watchdog, irda_discovery_timeout, 2533 (unsigned long)self); 2534 mod_timer(&self->watchdog, 2535 jiffies + msecs_to_jiffies(val)); 2536 2537 /* Wait for IR-LMP to call us back */ 2538 err = __wait_event_interruptible(self->query_wait, 2539 (self->cachedaddr != 0 || self->errno == -ETIME)); 2540 2541 /* If watchdog is still activated, kill it! */ 2542 del_timer(&(self->watchdog)); 2543 2544 pr_debug("%s(), ...waking up !\n", __func__); 2545 2546 if (err != 0) 2547 goto out; 2548 } 2549 else 2550 pr_debug("%s(), found immediately !\n", 2551 __func__); 2552 2553 /* Tell IrLMP that we have been notified */ 2554 irlmp_update_client(self->ckey, self->mask.word, 2555 NULL, NULL, NULL); 2556 2557 /* Check if the we got some results */ 2558 if (!self->cachedaddr) { 2559 err = -EAGAIN; /* Didn't find any devices */ 2560 goto out; 2561 } 2562 daddr = self->cachedaddr; 2563 /* Cleanup */ 2564 self->cachedaddr = 0; 2565 2566 /* We return the daddr of the device that trigger the 2567 * wakeup. As irlmp pass us only the new devices, we 2568 * are sure that it's not an old device. 2569 * If the user want more details, he should query 2570 * the whole discovery log and pick one device... 2571 */ 2572 if (put_user(daddr, (int __user *)optval)) { 2573 err = -EFAULT; 2574 goto out; 2575 } 2576 2577 break; 2578 default: 2579 err = -ENOPROTOOPT; 2580 } 2581 2582out: 2583 2584 release_sock(sk); 2585 2586 return err; 2587} 2588 2589static const struct net_proto_family irda_family_ops = { 2590 .family = PF_IRDA, 2591 .create = irda_create, 2592 .owner = THIS_MODULE, 2593}; 2594 2595static const struct proto_ops irda_stream_ops = { 2596 .family = PF_IRDA, 2597 .owner = THIS_MODULE, 2598 .release = irda_release, 2599 .bind = irda_bind, 2600 .connect = irda_connect, 2601 .socketpair = sock_no_socketpair, 2602 .accept = irda_accept, 2603 .getname = irda_getname, 2604 .poll = irda_poll, 2605 .ioctl = irda_ioctl, 2606#ifdef CONFIG_COMPAT 2607 .compat_ioctl = irda_compat_ioctl, 2608#endif 2609 .listen = irda_listen, 2610 .shutdown = irda_shutdown, 2611 .setsockopt = irda_setsockopt, 2612 .getsockopt = irda_getsockopt, 2613 .sendmsg = irda_sendmsg, 2614 .recvmsg = irda_recvmsg_stream, 2615 .mmap = sock_no_mmap, 2616 .sendpage = sock_no_sendpage, 2617}; 2618 2619static const struct proto_ops irda_seqpacket_ops = { 2620 .family = PF_IRDA, 2621 .owner = THIS_MODULE, 2622 .release = irda_release, 2623 .bind = irda_bind, 2624 .connect = irda_connect, 2625 .socketpair = sock_no_socketpair, 2626 .accept = irda_accept, 2627 .getname = irda_getname, 2628 .poll = datagram_poll, 2629 .ioctl = irda_ioctl, 2630#ifdef CONFIG_COMPAT 2631 .compat_ioctl = irda_compat_ioctl, 2632#endif 2633 .listen = irda_listen, 2634 .shutdown = irda_shutdown, 2635 .setsockopt = irda_setsockopt, 2636 .getsockopt = irda_getsockopt, 2637 .sendmsg = irda_sendmsg, 2638 .recvmsg = irda_recvmsg_dgram, 2639 .mmap = sock_no_mmap, 2640 .sendpage = sock_no_sendpage, 2641}; 2642 2643static const struct proto_ops irda_dgram_ops = { 2644 .family = PF_IRDA, 2645 .owner = THIS_MODULE, 2646 .release = irda_release, 2647 .bind = irda_bind, 2648 .connect = irda_connect, 2649 .socketpair = sock_no_socketpair, 2650 .accept = irda_accept, 2651 .getname = irda_getname, 2652 .poll = datagram_poll, 2653 .ioctl = irda_ioctl, 2654#ifdef CONFIG_COMPAT 2655 .compat_ioctl = irda_compat_ioctl, 2656#endif 2657 .listen = irda_listen, 2658 .shutdown = irda_shutdown, 2659 .setsockopt = irda_setsockopt, 2660 .getsockopt = irda_getsockopt, 2661 .sendmsg = irda_sendmsg_dgram, 2662 .recvmsg = irda_recvmsg_dgram, 2663 .mmap = sock_no_mmap, 2664 .sendpage = sock_no_sendpage, 2665}; 2666 2667#ifdef CONFIG_IRDA_ULTRA 2668static const struct proto_ops irda_ultra_ops = { 2669 .family = PF_IRDA, 2670 .owner = THIS_MODULE, 2671 .release = irda_release, 2672 .bind = irda_bind, 2673 .connect = sock_no_connect, 2674 .socketpair = sock_no_socketpair, 2675 .accept = sock_no_accept, 2676 .getname = irda_getname, 2677 .poll = datagram_poll, 2678 .ioctl = irda_ioctl, 2679#ifdef CONFIG_COMPAT 2680 .compat_ioctl = irda_compat_ioctl, 2681#endif 2682 .listen = sock_no_listen, 2683 .shutdown = irda_shutdown, 2684 .setsockopt = irda_setsockopt, 2685 .getsockopt = irda_getsockopt, 2686 .sendmsg = irda_sendmsg_ultra, 2687 .recvmsg = irda_recvmsg_dgram, 2688 .mmap = sock_no_mmap, 2689 .sendpage = sock_no_sendpage, 2690}; 2691#endif /* CONFIG_IRDA_ULTRA */ 2692 2693/* 2694 * Function irsock_init (pro) 2695 * 2696 * Initialize IrDA protocol 2697 * 2698 */ 2699int __init irsock_init(void) 2700{ 2701 int rc = proto_register(&irda_proto, 0); 2702 2703 if (rc == 0) 2704 rc = sock_register(&irda_family_ops); 2705 2706 return rc; 2707} 2708 2709/* 2710 * Function irsock_cleanup (void) 2711 * 2712 * Remove IrDA protocol 2713 * 2714 */ 2715void irsock_cleanup(void) 2716{ 2717 sock_unregister(PF_IRDA); 2718 proto_unregister(&irda_proto); 2719} 2720