1 /*********************************************************************
2 *
3 * Filename: af_irda.c
4 * Version: 0.9
5 * Description: IrDA sockets implementation
6 * Status: Stable
7 * Author: Dag Brattli <dagb@cs.uit.no>
8 * Created at: Sun May 31 10:12:43 1998
9 * Modified at: Sat Dec 25 21:10:23 1999
10 * Modified by: Dag Brattli <dag@brattli.net>
11 * Sources: af_netroom.c, af_ax25.c, af_rose.c, af_x25.c etc.
12 *
13 * Copyright (c) 1999 Dag Brattli <dagb@cs.uit.no>
14 * Copyright (c) 1999-2003 Jean Tourrilhes <jt@hpl.hp.com>
15 * All Rights Reserved.
16 *
17 * This program is free software; you can redistribute it and/or
18 * modify it under the terms of the GNU General Public License as
19 * published by the Free Software Foundation; either version 2 of
20 * the License, or (at your option) any later version.
21 *
22 * This program is distributed in the hope that it will be useful,
23 * but WITHOUT ANY WARRANTY; without even the implied warranty of
24 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
25 * GNU General Public License for more details.
26 *
27 * You should have received a copy of the GNU General Public License
28 * along with this program; if not, write to the Free Software
29 * Foundation, Inc., 59 Temple Place, Suite 330, Boston,
30 * MA 02111-1307 USA
31 *
32 * Linux-IrDA now supports four different types of IrDA sockets:
33 *
34 * o SOCK_STREAM: TinyTP connections with SAR disabled. The
35 * max SDU size is 0 for conn. of this type
36 * o SOCK_SEQPACKET: TinyTP connections with SAR enabled. TTP may
37 * fragment the messages, but will preserve
38 * the message boundaries
39 * o SOCK_DGRAM: IRDAPROTO_UNITDATA: TinyTP connections with Unitdata
40 * (unreliable) transfers
41 * IRDAPROTO_ULTRA: Connectionless and unreliable data
42 *
43 ********************************************************************/
44
45 #include <linux/capability.h>
46 #include <linux/module.h>
47 #include <linux/types.h>
48 #include <linux/socket.h>
49 #include <linux/sockios.h>
50 #include <linux/init.h>
51 #include <linux/net.h>
52 #include <linux/irda.h>
53 #include <linux/poll.h>
54
55 #include <asm/ioctls.h> /* TIOCOUTQ, TIOCINQ */
56 #include <asm/uaccess.h>
57
58 #include <net/sock.h>
59 #include <net/tcp_states.h>
60
61 #include <net/irda/af_irda.h>
62
63 static int irda_create(struct net *net, struct socket *sock, int protocol);
64
65 static const struct proto_ops irda_stream_ops;
66 static const struct proto_ops irda_seqpacket_ops;
67 static const struct proto_ops irda_dgram_ops;
68
69 #ifdef CONFIG_IRDA_ULTRA
70 static const struct proto_ops irda_ultra_ops;
71 #define ULTRA_MAX_DATA 382
72 #endif /* CONFIG_IRDA_ULTRA */
73
74 #define IRDA_MAX_HEADER (TTP_MAX_HEADER)
75
76 /*
77 * Function irda_data_indication (instance, sap, skb)
78 *
79 * Received some data from TinyTP. Just queue it on the receive queue
80 *
81 */
irda_data_indication(void * instance,void * sap,struct sk_buff * skb)82 static int irda_data_indication(void *instance, void *sap, struct sk_buff *skb)
83 {
84 struct irda_sock *self;
85 struct sock *sk;
86 int err;
87
88 IRDA_DEBUG(3, "%s()\n", __func__);
89
90 self = instance;
91 sk = instance;
92
93 err = sock_queue_rcv_skb(sk, skb);
94 if (err) {
95 IRDA_DEBUG(1, "%s(), error: no more mem!\n", __func__);
96 self->rx_flow = FLOW_STOP;
97
98 /* When we return error, TTP will need to requeue the skb */
99 return err;
100 }
101
102 return 0;
103 }
104
105 /*
106 * Function irda_disconnect_indication (instance, sap, reason, skb)
107 *
108 * Connection has been closed. Check reason to find out why
109 *
110 */
irda_disconnect_indication(void * instance,void * sap,LM_REASON reason,struct sk_buff * skb)111 static void irda_disconnect_indication(void *instance, void *sap,
112 LM_REASON reason, struct sk_buff *skb)
113 {
114 struct irda_sock *self;
115 struct sock *sk;
116
117 self = instance;
118
119 IRDA_DEBUG(2, "%s(%p)\n", __func__, self);
120
121 /* Don't care about it, but let's not leak it */
122 if(skb)
123 dev_kfree_skb(skb);
124
125 sk = instance;
126 if (sk == NULL) {
127 IRDA_DEBUG(0, "%s(%p) : BUG : sk is NULL\n",
128 __func__, self);
129 return;
130 }
131
132 /* Prevent race conditions with irda_release() and irda_shutdown() */
133 bh_lock_sock(sk);
134 if (!sock_flag(sk, SOCK_DEAD) && sk->sk_state != TCP_CLOSE) {
135 sk->sk_state = TCP_CLOSE;
136 sk->sk_shutdown |= SEND_SHUTDOWN;
137
138 sk->sk_state_change(sk);
139
140 /* Close our TSAP.
141 * If we leave it open, IrLMP put it back into the list of
142 * unconnected LSAPs. The problem is that any incoming request
143 * can then be matched to this socket (and it will be, because
144 * it is at the head of the list). This would prevent any
145 * listening socket waiting on the same TSAP to get those
146 * requests. Some apps forget to close sockets, or hang to it
147 * a bit too long, so we may stay in this dead state long
148 * enough to be noticed...
149 * Note : all socket function do check sk->sk_state, so we are
150 * safe...
151 * Jean II
152 */
153 if (self->tsap) {
154 irttp_close_tsap(self->tsap);
155 self->tsap = NULL;
156 }
157 }
158 bh_unlock_sock(sk);
159
160 /* Note : once we are there, there is not much you want to do
161 * with the socket anymore, apart from closing it.
162 * For example, bind() and connect() won't reset sk->sk_err,
163 * sk->sk_shutdown and sk->sk_flags to valid values...
164 * Jean II
165 */
166 }
167
168 /*
169 * Function irda_connect_confirm (instance, sap, qos, max_sdu_size, skb)
170 *
171 * Connections has been confirmed by the remote device
172 *
173 */
irda_connect_confirm(void * instance,void * sap,struct qos_info * qos,__u32 max_sdu_size,__u8 max_header_size,struct sk_buff * skb)174 static void irda_connect_confirm(void *instance, void *sap,
175 struct qos_info *qos,
176 __u32 max_sdu_size, __u8 max_header_size,
177 struct sk_buff *skb)
178 {
179 struct irda_sock *self;
180 struct sock *sk;
181
182 self = instance;
183
184 IRDA_DEBUG(2, "%s(%p)\n", __func__, self);
185
186 sk = instance;
187 if (sk == NULL) {
188 dev_kfree_skb(skb);
189 return;
190 }
191
192 dev_kfree_skb(skb);
193 // Should be ??? skb_queue_tail(&sk->sk_receive_queue, skb);
194
195 /* How much header space do we need to reserve */
196 self->max_header_size = max_header_size;
197
198 /* IrTTP max SDU size in transmit direction */
199 self->max_sdu_size_tx = max_sdu_size;
200
201 /* Find out what the largest chunk of data that we can transmit is */
202 switch (sk->sk_type) {
203 case SOCK_STREAM:
204 if (max_sdu_size != 0) {
205 IRDA_ERROR("%s: max_sdu_size must be 0\n",
206 __func__);
207 return;
208 }
209 self->max_data_size = irttp_get_max_seg_size(self->tsap);
210 break;
211 case SOCK_SEQPACKET:
212 if (max_sdu_size == 0) {
213 IRDA_ERROR("%s: max_sdu_size cannot be 0\n",
214 __func__);
215 return;
216 }
217 self->max_data_size = max_sdu_size;
218 break;
219 default:
220 self->max_data_size = irttp_get_max_seg_size(self->tsap);
221 }
222
223 IRDA_DEBUG(2, "%s(), max_data_size=%d\n", __func__,
224 self->max_data_size);
225
226 memcpy(&self->qos_tx, qos, sizeof(struct qos_info));
227
228 /* We are now connected! */
229 sk->sk_state = TCP_ESTABLISHED;
230 sk->sk_state_change(sk);
231 }
232
233 /*
234 * Function irda_connect_indication(instance, sap, qos, max_sdu_size, userdata)
235 *
236 * Incoming connection
237 *
238 */
irda_connect_indication(void * instance,void * sap,struct qos_info * qos,__u32 max_sdu_size,__u8 max_header_size,struct sk_buff * skb)239 static void irda_connect_indication(void *instance, void *sap,
240 struct qos_info *qos, __u32 max_sdu_size,
241 __u8 max_header_size, struct sk_buff *skb)
242 {
243 struct irda_sock *self;
244 struct sock *sk;
245
246 self = instance;
247
248 IRDA_DEBUG(2, "%s(%p)\n", __func__, self);
249
250 sk = instance;
251 if (sk == NULL) {
252 dev_kfree_skb(skb);
253 return;
254 }
255
256 /* How much header space do we need to reserve */
257 self->max_header_size = max_header_size;
258
259 /* IrTTP max SDU size in transmit direction */
260 self->max_sdu_size_tx = max_sdu_size;
261
262 /* Find out what the largest chunk of data that we can transmit is */
263 switch (sk->sk_type) {
264 case SOCK_STREAM:
265 if (max_sdu_size != 0) {
266 IRDA_ERROR("%s: max_sdu_size must be 0\n",
267 __func__);
268 kfree_skb(skb);
269 return;
270 }
271 self->max_data_size = irttp_get_max_seg_size(self->tsap);
272 break;
273 case SOCK_SEQPACKET:
274 if (max_sdu_size == 0) {
275 IRDA_ERROR("%s: max_sdu_size cannot be 0\n",
276 __func__);
277 kfree_skb(skb);
278 return;
279 }
280 self->max_data_size = max_sdu_size;
281 break;
282 default:
283 self->max_data_size = irttp_get_max_seg_size(self->tsap);
284 }
285
286 IRDA_DEBUG(2, "%s(), max_data_size=%d\n", __func__,
287 self->max_data_size);
288
289 memcpy(&self->qos_tx, qos, sizeof(struct qos_info));
290
291 skb_queue_tail(&sk->sk_receive_queue, skb);
292 sk->sk_state_change(sk);
293 }
294
295 /*
296 * Function irda_connect_response (handle)
297 *
298 * Accept incoming connection
299 *
300 */
irda_connect_response(struct irda_sock * self)301 static void irda_connect_response(struct irda_sock *self)
302 {
303 struct sk_buff *skb;
304
305 IRDA_DEBUG(2, "%s()\n", __func__);
306
307 skb = alloc_skb(TTP_MAX_HEADER + TTP_SAR_HEADER,
308 GFP_ATOMIC);
309 if (skb == NULL) {
310 IRDA_DEBUG(0, "%s() Unable to allocate sk_buff!\n",
311 __func__);
312 return;
313 }
314
315 /* Reserve space for MUX_CONTROL and LAP header */
316 skb_reserve(skb, IRDA_MAX_HEADER);
317
318 irttp_connect_response(self->tsap, self->max_sdu_size_rx, skb);
319 }
320
321 /*
322 * Function irda_flow_indication (instance, sap, flow)
323 *
324 * Used by TinyTP to tell us if it can accept more data or not
325 *
326 */
irda_flow_indication(void * instance,void * sap,LOCAL_FLOW flow)327 static void irda_flow_indication(void *instance, void *sap, LOCAL_FLOW flow)
328 {
329 struct irda_sock *self;
330 struct sock *sk;
331
332 IRDA_DEBUG(2, "%s()\n", __func__);
333
334 self = instance;
335 sk = instance;
336 BUG_ON(sk == NULL);
337
338 switch (flow) {
339 case FLOW_STOP:
340 IRDA_DEBUG(1, "%s(), IrTTP wants us to slow down\n",
341 __func__);
342 self->tx_flow = flow;
343 break;
344 case FLOW_START:
345 self->tx_flow = flow;
346 IRDA_DEBUG(1, "%s(), IrTTP wants us to start again\n",
347 __func__);
348 wake_up_interruptible(sk->sk_sleep);
349 break;
350 default:
351 IRDA_DEBUG(0, "%s(), Unknown flow command!\n", __func__);
352 /* Unknown flow command, better stop */
353 self->tx_flow = flow;
354 break;
355 }
356 }
357
358 /*
359 * Function irda_getvalue_confirm (obj_id, value, priv)
360 *
361 * Got answer from remote LM-IAS, just pass object to requester...
362 *
363 * Note : duplicate from above, but we need our own version that
364 * doesn't touch the dtsap_sel and save the full value structure...
365 */
irda_getvalue_confirm(int result,__u16 obj_id,struct ias_value * value,void * priv)366 static void irda_getvalue_confirm(int result, __u16 obj_id,
367 struct ias_value *value, void *priv)
368 {
369 struct irda_sock *self;
370
371 self = (struct irda_sock *) priv;
372 if (!self) {
373 IRDA_WARNING("%s: lost myself!\n", __func__);
374 return;
375 }
376
377 IRDA_DEBUG(2, "%s(%p)\n", __func__, self);
378
379 /* We probably don't need to make any more queries */
380 iriap_close(self->iriap);
381 self->iriap = NULL;
382
383 /* Check if request succeeded */
384 if (result != IAS_SUCCESS) {
385 IRDA_DEBUG(1, "%s(), IAS query failed! (%d)\n", __func__,
386 result);
387
388 self->errno = result; /* We really need it later */
389
390 /* Wake up any processes waiting for result */
391 wake_up_interruptible(&self->query_wait);
392
393 return;
394 }
395
396 /* Pass the object to the caller (so the caller must delete it) */
397 self->ias_result = value;
398 self->errno = 0;
399
400 /* Wake up any processes waiting for result */
401 wake_up_interruptible(&self->query_wait);
402 }
403
404 /*
405 * Function irda_selective_discovery_indication (discovery)
406 *
407 * Got a selective discovery indication from IrLMP.
408 *
409 * IrLMP is telling us that this node is new and matching our hint bit
410 * filter. Wake up any process waiting for answer...
411 */
irda_selective_discovery_indication(discinfo_t * discovery,DISCOVERY_MODE mode,void * priv)412 static void irda_selective_discovery_indication(discinfo_t *discovery,
413 DISCOVERY_MODE mode,
414 void *priv)
415 {
416 struct irda_sock *self;
417
418 IRDA_DEBUG(2, "%s()\n", __func__);
419
420 self = (struct irda_sock *) priv;
421 if (!self) {
422 IRDA_WARNING("%s: lost myself!\n", __func__);
423 return;
424 }
425
426 /* Pass parameter to the caller */
427 self->cachedaddr = discovery->daddr;
428
429 /* Wake up process if its waiting for device to be discovered */
430 wake_up_interruptible(&self->query_wait);
431 }
432
433 /*
434 * Function irda_discovery_timeout (priv)
435 *
436 * Timeout in the selective discovery process
437 *
438 * We were waiting for a node to be discovered, but nothing has come up
439 * so far. Wake up the user and tell him that we failed...
440 */
irda_discovery_timeout(u_long priv)441 static void irda_discovery_timeout(u_long priv)
442 {
443 struct irda_sock *self;
444
445 IRDA_DEBUG(2, "%s()\n", __func__);
446
447 self = (struct irda_sock *) priv;
448 BUG_ON(self == NULL);
449
450 /* Nothing for the caller */
451 self->cachelog = NULL;
452 self->cachedaddr = 0;
453 self->errno = -ETIME;
454
455 /* Wake up process if its still waiting... */
456 wake_up_interruptible(&self->query_wait);
457 }
458
459 /*
460 * Function irda_open_tsap (self)
461 *
462 * Open local Transport Service Access Point (TSAP)
463 *
464 */
irda_open_tsap(struct irda_sock * self,__u8 tsap_sel,char * name)465 static int irda_open_tsap(struct irda_sock *self, __u8 tsap_sel, char *name)
466 {
467 notify_t notify;
468
469 if (self->tsap) {
470 IRDA_WARNING("%s: busy!\n", __func__);
471 return -EBUSY;
472 }
473
474 /* Initialize callbacks to be used by the IrDA stack */
475 irda_notify_init(¬ify);
476 notify.connect_confirm = irda_connect_confirm;
477 notify.connect_indication = irda_connect_indication;
478 notify.disconnect_indication = irda_disconnect_indication;
479 notify.data_indication = irda_data_indication;
480 notify.udata_indication = irda_data_indication;
481 notify.flow_indication = irda_flow_indication;
482 notify.instance = self;
483 strncpy(notify.name, name, NOTIFY_MAX_NAME);
484
485 self->tsap = irttp_open_tsap(tsap_sel, DEFAULT_INITIAL_CREDIT,
486 ¬ify);
487 if (self->tsap == NULL) {
488 IRDA_DEBUG(0, "%s(), Unable to allocate TSAP!\n",
489 __func__);
490 return -ENOMEM;
491 }
492 /* Remember which TSAP selector we actually got */
493 self->stsap_sel = self->tsap->stsap_sel;
494
495 return 0;
496 }
497
498 /*
499 * Function irda_open_lsap (self)
500 *
501 * Open local Link Service Access Point (LSAP). Used for opening Ultra
502 * sockets
503 */
504 #ifdef CONFIG_IRDA_ULTRA
irda_open_lsap(struct irda_sock * self,int pid)505 static int irda_open_lsap(struct irda_sock *self, int pid)
506 {
507 notify_t notify;
508
509 if (self->lsap) {
510 IRDA_WARNING("%s(), busy!\n", __func__);
511 return -EBUSY;
512 }
513
514 /* Initialize callbacks to be used by the IrDA stack */
515 irda_notify_init(¬ify);
516 notify.udata_indication = irda_data_indication;
517 notify.instance = self;
518 strncpy(notify.name, "Ultra", NOTIFY_MAX_NAME);
519
520 self->lsap = irlmp_open_lsap(LSAP_CONNLESS, ¬ify, pid);
521 if (self->lsap == NULL) {
522 IRDA_DEBUG( 0, "%s(), Unable to allocate LSAP!\n", __func__);
523 return -ENOMEM;
524 }
525
526 return 0;
527 }
528 #endif /* CONFIG_IRDA_ULTRA */
529
530 /*
531 * Function irda_find_lsap_sel (self, name)
532 *
533 * Try to lookup LSAP selector in remote LM-IAS
534 *
535 * Basically, we start a IAP query, and then go to sleep. When the query
536 * return, irda_getvalue_confirm will wake us up, and we can examine the
537 * result of the query...
538 * Note that in some case, the query fail even before we go to sleep,
539 * creating some races...
540 */
irda_find_lsap_sel(struct irda_sock * self,char * name)541 static int irda_find_lsap_sel(struct irda_sock *self, char *name)
542 {
543 IRDA_DEBUG(2, "%s(%p, %s)\n", __func__, self, name);
544
545 if (self->iriap) {
546 IRDA_WARNING("%s(): busy with a previous query\n",
547 __func__);
548 return -EBUSY;
549 }
550
551 self->iriap = iriap_open(LSAP_ANY, IAS_CLIENT, self,
552 irda_getvalue_confirm);
553 if(self->iriap == NULL)
554 return -ENOMEM;
555
556 /* Treat unexpected wakeup as disconnect */
557 self->errno = -EHOSTUNREACH;
558
559 /* Query remote LM-IAS */
560 iriap_getvaluebyclass_request(self->iriap, self->saddr, self->daddr,
561 name, "IrDA:TinyTP:LsapSel");
562
563 /* Wait for answer, if not yet finished (or failed) */
564 if (wait_event_interruptible(self->query_wait, (self->iriap==NULL)))
565 /* Treat signals as disconnect */
566 return -EHOSTUNREACH;
567
568 /* Check what happened */
569 if (self->errno)
570 {
571 /* Requested object/attribute doesn't exist */
572 if((self->errno == IAS_CLASS_UNKNOWN) ||
573 (self->errno == IAS_ATTRIB_UNKNOWN))
574 return (-EADDRNOTAVAIL);
575 else
576 return (-EHOSTUNREACH);
577 }
578
579 /* Get the remote TSAP selector */
580 switch (self->ias_result->type) {
581 case IAS_INTEGER:
582 IRDA_DEBUG(4, "%s() int=%d\n",
583 __func__, self->ias_result->t.integer);
584
585 if (self->ias_result->t.integer != -1)
586 self->dtsap_sel = self->ias_result->t.integer;
587 else
588 self->dtsap_sel = 0;
589 break;
590 default:
591 self->dtsap_sel = 0;
592 IRDA_DEBUG(0, "%s(), bad type!\n", __func__);
593 break;
594 }
595 if (self->ias_result)
596 irias_delete_value(self->ias_result);
597
598 if (self->dtsap_sel)
599 return 0;
600
601 return -EADDRNOTAVAIL;
602 }
603
604 /*
605 * Function irda_discover_daddr_and_lsap_sel (self, name)
606 *
607 * This try to find a device with the requested service.
608 *
609 * It basically look into the discovery log. For each address in the list,
610 * it queries the LM-IAS of the device to find if this device offer
611 * the requested service.
612 * If there is more than one node supporting the service, we complain
613 * to the user (it should move devices around).
614 * The, we set both the destination address and the lsap selector to point
615 * on the service on the unique device we have found.
616 *
617 * Note : this function fails if there is more than one device in range,
618 * because IrLMP doesn't disconnect the LAP when the last LSAP is closed.
619 * Moreover, we would need to wait the LAP disconnection...
620 */
irda_discover_daddr_and_lsap_sel(struct irda_sock * self,char * name)621 static int irda_discover_daddr_and_lsap_sel(struct irda_sock *self, char *name)
622 {
623 discinfo_t *discoveries; /* Copy of the discovery log */
624 int number; /* Number of nodes in the log */
625 int i;
626 int err = -ENETUNREACH;
627 __u32 daddr = DEV_ADDR_ANY; /* Address we found the service on */
628 __u8 dtsap_sel = 0x0; /* TSAP associated with it */
629
630 IRDA_DEBUG(2, "%s(), name=%s\n", __func__, name);
631
632 /* Ask lmp for the current discovery log
633 * Note : we have to use irlmp_get_discoveries(), as opposed
634 * to play with the cachelog directly, because while we are
635 * making our ias query, le log might change... */
636 discoveries = irlmp_get_discoveries(&number, self->mask.word,
637 self->nslots);
638 /* Check if the we got some results */
639 if (discoveries == NULL)
640 return -ENETUNREACH; /* No nodes discovered */
641
642 /*
643 * Now, check all discovered devices (if any), and connect
644 * client only about the services that the client is
645 * interested in...
646 */
647 for(i = 0; i < number; i++) {
648 /* Try the address in the log */
649 self->daddr = discoveries[i].daddr;
650 self->saddr = 0x0;
651 IRDA_DEBUG(1, "%s(), trying daddr = %08x\n",
652 __func__, self->daddr);
653
654 /* Query remote LM-IAS for this service */
655 err = irda_find_lsap_sel(self, name);
656 switch (err) {
657 case 0:
658 /* We found the requested service */
659 if(daddr != DEV_ADDR_ANY) {
660 IRDA_DEBUG(1, "%s(), discovered service ''%s'' in two different devices !!!\n",
661 __func__, name);
662 self->daddr = DEV_ADDR_ANY;
663 kfree(discoveries);
664 return(-ENOTUNIQ);
665 }
666 /* First time we found that one, save it ! */
667 daddr = self->daddr;
668 dtsap_sel = self->dtsap_sel;
669 break;
670 case -EADDRNOTAVAIL:
671 /* Requested service simply doesn't exist on this node */
672 break;
673 default:
674 /* Something bad did happen :-( */
675 IRDA_DEBUG(0, "%s(), unexpected IAS query failure\n", __func__);
676 self->daddr = DEV_ADDR_ANY;
677 kfree(discoveries);
678 return(-EHOSTUNREACH);
679 break;
680 }
681 }
682 /* Cleanup our copy of the discovery log */
683 kfree(discoveries);
684
685 /* Check out what we found */
686 if(daddr == DEV_ADDR_ANY) {
687 IRDA_DEBUG(1, "%s(), cannot discover service ''%s'' in any device !!!\n",
688 __func__, name);
689 self->daddr = DEV_ADDR_ANY;
690 return(-EADDRNOTAVAIL);
691 }
692
693 /* Revert back to discovered device & service */
694 self->daddr = daddr;
695 self->saddr = 0x0;
696 self->dtsap_sel = dtsap_sel;
697
698 IRDA_DEBUG(1, "%s(), discovered requested service ''%s'' at address %08x\n",
699 __func__, name, self->daddr);
700
701 return 0;
702 }
703
704 /*
705 * Function irda_getname (sock, uaddr, uaddr_len, peer)
706 *
707 * Return the our own, or peers socket address (sockaddr_irda)
708 *
709 */
irda_getname(struct socket * sock,struct sockaddr * uaddr,int * uaddr_len,int peer)710 static int irda_getname(struct socket *sock, struct sockaddr *uaddr,
711 int *uaddr_len, int peer)
712 {
713 struct sockaddr_irda saddr;
714 struct sock *sk = sock->sk;
715 struct irda_sock *self = irda_sk(sk);
716
717 if (peer) {
718 if (sk->sk_state != TCP_ESTABLISHED)
719 return -ENOTCONN;
720
721 saddr.sir_family = AF_IRDA;
722 saddr.sir_lsap_sel = self->dtsap_sel;
723 saddr.sir_addr = self->daddr;
724 } else {
725 saddr.sir_family = AF_IRDA;
726 saddr.sir_lsap_sel = self->stsap_sel;
727 saddr.sir_addr = self->saddr;
728 }
729
730 IRDA_DEBUG(1, "%s(), tsap_sel = %#x\n", __func__, saddr.sir_lsap_sel);
731 IRDA_DEBUG(1, "%s(), addr = %08x\n", __func__, saddr.sir_addr);
732
733 /* uaddr_len come to us uninitialised */
734 *uaddr_len = sizeof (struct sockaddr_irda);
735 memcpy(uaddr, &saddr, *uaddr_len);
736
737 return 0;
738 }
739
740 /*
741 * Function irda_listen (sock, backlog)
742 *
743 * Just move to the listen state
744 *
745 */
irda_listen(struct socket * sock,int backlog)746 static int irda_listen(struct socket *sock, int backlog)
747 {
748 struct sock *sk = sock->sk;
749
750 IRDA_DEBUG(2, "%s()\n", __func__);
751
752 if ((sk->sk_type != SOCK_STREAM) && (sk->sk_type != SOCK_SEQPACKET) &&
753 (sk->sk_type != SOCK_DGRAM))
754 return -EOPNOTSUPP;
755
756 if (sk->sk_state != TCP_LISTEN) {
757 sk->sk_max_ack_backlog = backlog;
758 sk->sk_state = TCP_LISTEN;
759
760 return 0;
761 }
762
763 return -EOPNOTSUPP;
764 }
765
766 /*
767 * Function irda_bind (sock, uaddr, addr_len)
768 *
769 * Used by servers to register their well known TSAP
770 *
771 */
irda_bind(struct socket * sock,struct sockaddr * uaddr,int addr_len)772 static int irda_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
773 {
774 struct sock *sk = sock->sk;
775 struct sockaddr_irda *addr = (struct sockaddr_irda *) uaddr;
776 struct irda_sock *self = irda_sk(sk);
777 int err;
778
779 IRDA_DEBUG(2, "%s(%p)\n", __func__, self);
780
781 if (addr_len != sizeof(struct sockaddr_irda))
782 return -EINVAL;
783
784 #ifdef CONFIG_IRDA_ULTRA
785 /* Special care for Ultra sockets */
786 if ((sk->sk_type == SOCK_DGRAM) &&
787 (sk->sk_protocol == IRDAPROTO_ULTRA)) {
788 self->pid = addr->sir_lsap_sel;
789 if (self->pid & 0x80) {
790 IRDA_DEBUG(0, "%s(), extension in PID not supp!\n", __func__);
791 return -EOPNOTSUPP;
792 }
793 err = irda_open_lsap(self, self->pid);
794 if (err < 0)
795 return err;
796
797 /* Pretend we are connected */
798 sock->state = SS_CONNECTED;
799 sk->sk_state = TCP_ESTABLISHED;
800
801 return 0;
802 }
803 #endif /* CONFIG_IRDA_ULTRA */
804
805 self->ias_obj = irias_new_object(addr->sir_name, jiffies);
806 if (self->ias_obj == NULL)
807 return -ENOMEM;
808
809 err = irda_open_tsap(self, addr->sir_lsap_sel, addr->sir_name);
810 if (err < 0) {
811 kfree(self->ias_obj->name);
812 kfree(self->ias_obj);
813 return err;
814 }
815
816 /* Register with LM-IAS */
817 irias_add_integer_attrib(self->ias_obj, "IrDA:TinyTP:LsapSel",
818 self->stsap_sel, IAS_KERNEL_ATTR);
819 irias_insert_object(self->ias_obj);
820
821 return 0;
822 }
823
824 /*
825 * Function irda_accept (sock, newsock, flags)
826 *
827 * Wait for incoming connection
828 *
829 */
irda_accept(struct socket * sock,struct socket * newsock,int flags)830 static int irda_accept(struct socket *sock, struct socket *newsock, int flags)
831 {
832 struct sock *sk = sock->sk;
833 struct irda_sock *new, *self = irda_sk(sk);
834 struct sock *newsk;
835 struct sk_buff *skb;
836 int err;
837
838 IRDA_DEBUG(2, "%s()\n", __func__);
839
840 err = irda_create(sock_net(sk), newsock, sk->sk_protocol);
841 if (err)
842 return err;
843
844 if (sock->state != SS_UNCONNECTED)
845 return -EINVAL;
846
847 if ((sk = sock->sk) == NULL)
848 return -EINVAL;
849
850 if ((sk->sk_type != SOCK_STREAM) && (sk->sk_type != SOCK_SEQPACKET) &&
851 (sk->sk_type != SOCK_DGRAM))
852 return -EOPNOTSUPP;
853
854 if (sk->sk_state != TCP_LISTEN)
855 return -EINVAL;
856
857 /*
858 * The read queue this time is holding sockets ready to use
859 * hooked into the SABM we saved
860 */
861
862 /*
863 * We can perform the accept only if there is incoming data
864 * on the listening socket.
865 * So, we will block the caller until we receive any data.
866 * If the caller was waiting on select() or poll() before
867 * calling us, the data is waiting for us ;-)
868 * Jean II
869 */
870 while (1) {
871 skb = skb_dequeue(&sk->sk_receive_queue);
872 if (skb)
873 break;
874
875 /* Non blocking operation */
876 if (flags & O_NONBLOCK)
877 return -EWOULDBLOCK;
878
879 err = wait_event_interruptible(*(sk->sk_sleep),
880 skb_peek(&sk->sk_receive_queue));
881 if (err)
882 return err;
883 }
884
885 newsk = newsock->sk;
886 if (newsk == NULL)
887 return -EIO;
888
889 newsk->sk_state = TCP_ESTABLISHED;
890
891 new = irda_sk(newsk);
892
893 /* Now attach up the new socket */
894 new->tsap = irttp_dup(self->tsap, new);
895 if (!new->tsap) {
896 IRDA_DEBUG(0, "%s(), dup failed!\n", __func__);
897 kfree_skb(skb);
898 return -1;
899 }
900
901 new->stsap_sel = new->tsap->stsap_sel;
902 new->dtsap_sel = new->tsap->dtsap_sel;
903 new->saddr = irttp_get_saddr(new->tsap);
904 new->daddr = irttp_get_daddr(new->tsap);
905
906 new->max_sdu_size_tx = self->max_sdu_size_tx;
907 new->max_sdu_size_rx = self->max_sdu_size_rx;
908 new->max_data_size = self->max_data_size;
909 new->max_header_size = self->max_header_size;
910
911 memcpy(&new->qos_tx, &self->qos_tx, sizeof(struct qos_info));
912
913 /* Clean up the original one to keep it in listen state */
914 irttp_listen(self->tsap);
915
916 /* Wow ! What is that ? Jean II */
917 skb->sk = NULL;
918 skb->destructor = NULL;
919 kfree_skb(skb);
920 sk->sk_ack_backlog--;
921
922 newsock->state = SS_CONNECTED;
923
924 irda_connect_response(new);
925
926 return 0;
927 }
928
929 /*
930 * Function irda_connect (sock, uaddr, addr_len, flags)
931 *
932 * Connect to a IrDA device
933 *
934 * The main difference with a "standard" connect is that with IrDA we need
935 * to resolve the service name into a TSAP selector (in TCP, port number
936 * doesn't have to be resolved).
937 * Because of this service name resoltion, we can offer "auto-connect",
938 * where we connect to a service without specifying a destination address.
939 *
940 * Note : by consulting "errno", the user space caller may learn the cause
941 * of the failure. Most of them are visible in the function, others may come
942 * from subroutines called and are listed here :
943 * o EBUSY : already processing a connect
944 * o EHOSTUNREACH : bad addr->sir_addr argument
945 * o EADDRNOTAVAIL : bad addr->sir_name argument
946 * o ENOTUNIQ : more than one node has addr->sir_name (auto-connect)
947 * o ENETUNREACH : no node found on the network (auto-connect)
948 */
irda_connect(struct socket * sock,struct sockaddr * uaddr,int addr_len,int flags)949 static int irda_connect(struct socket *sock, struct sockaddr *uaddr,
950 int addr_len, int flags)
951 {
952 struct sock *sk = sock->sk;
953 struct sockaddr_irda *addr = (struct sockaddr_irda *) uaddr;
954 struct irda_sock *self = irda_sk(sk);
955 int err;
956
957 IRDA_DEBUG(2, "%s(%p)\n", __func__, self);
958
959 /* Don't allow connect for Ultra sockets */
960 if ((sk->sk_type == SOCK_DGRAM) && (sk->sk_protocol == IRDAPROTO_ULTRA))
961 return -ESOCKTNOSUPPORT;
962
963 if (sk->sk_state == TCP_ESTABLISHED && sock->state == SS_CONNECTING) {
964 sock->state = SS_CONNECTED;
965 return 0; /* Connect completed during a ERESTARTSYS event */
966 }
967
968 if (sk->sk_state == TCP_CLOSE && sock->state == SS_CONNECTING) {
969 sock->state = SS_UNCONNECTED;
970 return -ECONNREFUSED;
971 }
972
973 if (sk->sk_state == TCP_ESTABLISHED)
974 return -EISCONN; /* No reconnect on a seqpacket socket */
975
976 sk->sk_state = TCP_CLOSE;
977 sock->state = SS_UNCONNECTED;
978
979 if (addr_len != sizeof(struct sockaddr_irda))
980 return -EINVAL;
981
982 /* Check if user supplied any destination device address */
983 if ((!addr->sir_addr) || (addr->sir_addr == DEV_ADDR_ANY)) {
984 /* Try to find one suitable */
985 err = irda_discover_daddr_and_lsap_sel(self, addr->sir_name);
986 if (err) {
987 IRDA_DEBUG(0, "%s(), auto-connect failed!\n", __func__);
988 return err;
989 }
990 } else {
991 /* Use the one provided by the user */
992 self->daddr = addr->sir_addr;
993 IRDA_DEBUG(1, "%s(), daddr = %08x\n", __func__, self->daddr);
994
995 /* If we don't have a valid service name, we assume the
996 * user want to connect on a specific LSAP. Prevent
997 * the use of invalid LSAPs (IrLMP 1.1 p10). Jean II */
998 if((addr->sir_name[0] != '\0') ||
999 (addr->sir_lsap_sel >= 0x70)) {
1000 /* Query remote LM-IAS using service name */
1001 err = irda_find_lsap_sel(self, addr->sir_name);
1002 if (err) {
1003 IRDA_DEBUG(0, "%s(), connect failed!\n", __func__);
1004 return err;
1005 }
1006 } else {
1007 /* Directly connect to the remote LSAP
1008 * specified by the sir_lsap field.
1009 * Please use with caution, in IrDA LSAPs are
1010 * dynamic and there is no "well-known" LSAP. */
1011 self->dtsap_sel = addr->sir_lsap_sel;
1012 }
1013 }
1014
1015 /* Check if we have opened a local TSAP */
1016 if (!self->tsap)
1017 irda_open_tsap(self, LSAP_ANY, addr->sir_name);
1018
1019 /* Move to connecting socket, start sending Connect Requests */
1020 sock->state = SS_CONNECTING;
1021 sk->sk_state = TCP_SYN_SENT;
1022
1023 /* Connect to remote device */
1024 err = irttp_connect_request(self->tsap, self->dtsap_sel,
1025 self->saddr, self->daddr, NULL,
1026 self->max_sdu_size_rx, NULL);
1027 if (err) {
1028 IRDA_DEBUG(0, "%s(), connect failed!\n", __func__);
1029 return err;
1030 }
1031
1032 /* Now the loop */
1033 if (sk->sk_state != TCP_ESTABLISHED && (flags & O_NONBLOCK))
1034 return -EINPROGRESS;
1035
1036 if (wait_event_interruptible(*(sk->sk_sleep),
1037 (sk->sk_state != TCP_SYN_SENT)))
1038 return -ERESTARTSYS;
1039
1040 if (sk->sk_state != TCP_ESTABLISHED) {
1041 sock->state = SS_UNCONNECTED;
1042 err = sock_error(sk);
1043 return err? err : -ECONNRESET;
1044 }
1045
1046 sock->state = SS_CONNECTED;
1047
1048 /* At this point, IrLMP has assigned our source address */
1049 self->saddr = irttp_get_saddr(self->tsap);
1050
1051 return 0;
1052 }
1053
1054 static struct proto irda_proto = {
1055 .name = "IRDA",
1056 .owner = THIS_MODULE,
1057 .obj_size = sizeof(struct irda_sock),
1058 };
1059
1060 /*
1061 * Function irda_create (sock, protocol)
1062 *
1063 * Create IrDA socket
1064 *
1065 */
irda_create(struct net * net,struct socket * sock,int protocol)1066 static int irda_create(struct net *net, struct socket *sock, int protocol)
1067 {
1068 struct sock *sk;
1069 struct irda_sock *self;
1070
1071 IRDA_DEBUG(2, "%s()\n", __func__);
1072
1073 if (net != &init_net)
1074 return -EAFNOSUPPORT;
1075
1076 /* Check for valid socket type */
1077 switch (sock->type) {
1078 case SOCK_STREAM: /* For TTP connections with SAR disabled */
1079 case SOCK_SEQPACKET: /* For TTP connections with SAR enabled */
1080 case SOCK_DGRAM: /* For TTP Unitdata or LMP Ultra transfers */
1081 break;
1082 default:
1083 return -ESOCKTNOSUPPORT;
1084 }
1085
1086 /* Allocate networking socket */
1087 sk = sk_alloc(net, PF_IRDA, GFP_ATOMIC, &irda_proto);
1088 if (sk == NULL)
1089 return -ENOMEM;
1090
1091 self = irda_sk(sk);
1092 IRDA_DEBUG(2, "%s() : self is %p\n", __func__, self);
1093
1094 init_waitqueue_head(&self->query_wait);
1095
1096 switch (sock->type) {
1097 case SOCK_STREAM:
1098 sock->ops = &irda_stream_ops;
1099 self->max_sdu_size_rx = TTP_SAR_DISABLE;
1100 break;
1101 case SOCK_SEQPACKET:
1102 sock->ops = &irda_seqpacket_ops;
1103 self->max_sdu_size_rx = TTP_SAR_UNBOUND;
1104 break;
1105 case SOCK_DGRAM:
1106 switch (protocol) {
1107 #ifdef CONFIG_IRDA_ULTRA
1108 case IRDAPROTO_ULTRA:
1109 sock->ops = &irda_ultra_ops;
1110 /* Initialise now, because we may send on unbound
1111 * sockets. Jean II */
1112 self->max_data_size = ULTRA_MAX_DATA - LMP_PID_HEADER;
1113 self->max_header_size = IRDA_MAX_HEADER + LMP_PID_HEADER;
1114 break;
1115 #endif /* CONFIG_IRDA_ULTRA */
1116 case IRDAPROTO_UNITDATA:
1117 sock->ops = &irda_dgram_ops;
1118 /* We let Unitdata conn. be like seqpack conn. */
1119 self->max_sdu_size_rx = TTP_SAR_UNBOUND;
1120 break;
1121 default:
1122 sk_free(sk);
1123 return -ESOCKTNOSUPPORT;
1124 }
1125 break;
1126 default:
1127 sk_free(sk);
1128 return -ESOCKTNOSUPPORT;
1129 }
1130
1131 /* Initialise networking socket struct */
1132 sock_init_data(sock, sk); /* Note : set sk->sk_refcnt to 1 */
1133 sk->sk_family = PF_IRDA;
1134 sk->sk_protocol = protocol;
1135
1136 /* Register as a client with IrLMP */
1137 self->ckey = irlmp_register_client(0, NULL, NULL, NULL);
1138 self->mask.word = 0xffff;
1139 self->rx_flow = self->tx_flow = FLOW_START;
1140 self->nslots = DISCOVERY_DEFAULT_SLOTS;
1141 self->daddr = DEV_ADDR_ANY; /* Until we get connected */
1142 self->saddr = 0x0; /* so IrLMP assign us any link */
1143 return 0;
1144 }
1145
1146 /*
1147 * Function irda_destroy_socket (self)
1148 *
1149 * Destroy socket
1150 *
1151 */
irda_destroy_socket(struct irda_sock * self)1152 static void irda_destroy_socket(struct irda_sock *self)
1153 {
1154 IRDA_DEBUG(2, "%s(%p)\n", __func__, self);
1155
1156 /* Unregister with IrLMP */
1157 irlmp_unregister_client(self->ckey);
1158 irlmp_unregister_service(self->skey);
1159
1160 /* Unregister with LM-IAS */
1161 if (self->ias_obj) {
1162 irias_delete_object(self->ias_obj);
1163 self->ias_obj = NULL;
1164 }
1165
1166 if (self->iriap) {
1167 iriap_close(self->iriap);
1168 self->iriap = NULL;
1169 }
1170
1171 if (self->tsap) {
1172 irttp_disconnect_request(self->tsap, NULL, P_NORMAL);
1173 irttp_close_tsap(self->tsap);
1174 self->tsap = NULL;
1175 }
1176 #ifdef CONFIG_IRDA_ULTRA
1177 if (self->lsap) {
1178 irlmp_close_lsap(self->lsap);
1179 self->lsap = NULL;
1180 }
1181 #endif /* CONFIG_IRDA_ULTRA */
1182 }
1183
1184 /*
1185 * Function irda_release (sock)
1186 */
irda_release(struct socket * sock)1187 static int irda_release(struct socket *sock)
1188 {
1189 struct sock *sk = sock->sk;
1190
1191 IRDA_DEBUG(2, "%s()\n", __func__);
1192
1193 if (sk == NULL)
1194 return 0;
1195
1196 lock_sock(sk);
1197 sk->sk_state = TCP_CLOSE;
1198 sk->sk_shutdown |= SEND_SHUTDOWN;
1199 sk->sk_state_change(sk);
1200
1201 /* Destroy IrDA socket */
1202 irda_destroy_socket(irda_sk(sk));
1203
1204 sock_orphan(sk);
1205 sock->sk = NULL;
1206 release_sock(sk);
1207
1208 /* Purge queues (see sock_init_data()) */
1209 skb_queue_purge(&sk->sk_receive_queue);
1210
1211 /* Destroy networking socket if we are the last reference on it,
1212 * i.e. if(sk->sk_refcnt == 0) -> sk_free(sk) */
1213 sock_put(sk);
1214
1215 /* Notes on socket locking and deallocation... - Jean II
1216 * In theory we should put pairs of sock_hold() / sock_put() to
1217 * prevent the socket to be destroyed whenever there is an
1218 * outstanding request or outstanding incoming packet or event.
1219 *
1220 * 1) This may include IAS request, both in connect and getsockopt.
1221 * Unfortunately, the situation is a bit more messy than it looks,
1222 * because we close iriap and kfree(self) above.
1223 *
1224 * 2) This may include selective discovery in getsockopt.
1225 * Same stuff as above, irlmp registration and self are gone.
1226 *
1227 * Probably 1 and 2 may not matter, because it's all triggered
1228 * by a process and the socket layer already prevent the
1229 * socket to go away while a process is holding it, through
1230 * sockfd_put() and fput()...
1231 *
1232 * 3) This may include deferred TSAP closure. In particular,
1233 * we may receive a late irda_disconnect_indication()
1234 * Fortunately, (tsap_cb *)->close_pend should protect us
1235 * from that.
1236 *
1237 * I did some testing on SMP, and it looks solid. And the socket
1238 * memory leak is now gone... - Jean II
1239 */
1240
1241 return 0;
1242 }
1243
1244 /*
1245 * Function irda_sendmsg (iocb, sock, msg, len)
1246 *
1247 * Send message down to TinyTP. This function is used for both STREAM and
1248 * SEQPACK services. This is possible since it forces the client to
1249 * fragment the message if necessary
1250 */
irda_sendmsg(struct kiocb * iocb,struct socket * sock,struct msghdr * msg,size_t len)1251 static int irda_sendmsg(struct kiocb *iocb, struct socket *sock,
1252 struct msghdr *msg, size_t len)
1253 {
1254 struct sock *sk = sock->sk;
1255 struct irda_sock *self;
1256 struct sk_buff *skb;
1257 int err = -EPIPE;
1258
1259 IRDA_DEBUG(4, "%s(), len=%zd\n", __func__, len);
1260
1261 /* Note : socket.c set MSG_EOR on SEQPACKET sockets */
1262 if (msg->msg_flags & ~(MSG_DONTWAIT | MSG_EOR | MSG_CMSG_COMPAT |
1263 MSG_NOSIGNAL))
1264 return -EINVAL;
1265
1266 if (sk->sk_shutdown & SEND_SHUTDOWN)
1267 goto out_err;
1268
1269 if (sk->sk_state != TCP_ESTABLISHED)
1270 return -ENOTCONN;
1271
1272 self = irda_sk(sk);
1273
1274 /* Check if IrTTP is wants us to slow down */
1275
1276 if (wait_event_interruptible(*(sk->sk_sleep),
1277 (self->tx_flow != FLOW_STOP || sk->sk_state != TCP_ESTABLISHED)))
1278 return -ERESTARTSYS;
1279
1280 /* Check if we are still connected */
1281 if (sk->sk_state != TCP_ESTABLISHED)
1282 return -ENOTCONN;
1283
1284 /* Check that we don't send out too big frames */
1285 if (len > self->max_data_size) {
1286 IRDA_DEBUG(2, "%s(), Chopping frame from %zd to %d bytes!\n",
1287 __func__, len, self->max_data_size);
1288 len = self->max_data_size;
1289 }
1290
1291 skb = sock_alloc_send_skb(sk, len + self->max_header_size + 16,
1292 msg->msg_flags & MSG_DONTWAIT, &err);
1293 if (!skb)
1294 goto out_err;
1295
1296 skb_reserve(skb, self->max_header_size + 16);
1297 skb_reset_transport_header(skb);
1298 skb_put(skb, len);
1299 err = memcpy_fromiovec(skb_transport_header(skb), msg->msg_iov, len);
1300 if (err) {
1301 kfree_skb(skb);
1302 goto out_err;
1303 }
1304
1305 /*
1306 * Just send the message to TinyTP, and let it deal with possible
1307 * errors. No need to duplicate all that here
1308 */
1309 err = irttp_data_request(self->tsap, skb);
1310 if (err) {
1311 IRDA_DEBUG(0, "%s(), err=%d\n", __func__, err);
1312 goto out_err;
1313 }
1314 /* Tell client how much data we actually sent */
1315 return len;
1316
1317 out_err:
1318 return sk_stream_error(sk, msg->msg_flags, err);
1319
1320 }
1321
1322 /*
1323 * Function irda_recvmsg_dgram (iocb, sock, msg, size, flags)
1324 *
1325 * Try to receive message and copy it to user. The frame is discarded
1326 * after being read, regardless of how much the user actually read
1327 */
irda_recvmsg_dgram(struct kiocb * iocb,struct socket * sock,struct msghdr * msg,size_t size,int flags)1328 static int irda_recvmsg_dgram(struct kiocb *iocb, struct socket *sock,
1329 struct msghdr *msg, size_t size, int flags)
1330 {
1331 struct sock *sk = sock->sk;
1332 struct irda_sock *self = irda_sk(sk);
1333 struct sk_buff *skb;
1334 size_t copied;
1335 int err;
1336
1337 IRDA_DEBUG(4, "%s()\n", __func__);
1338
1339 if ((err = sock_error(sk)) < 0)
1340 return err;
1341
1342 skb = skb_recv_datagram(sk, flags & ~MSG_DONTWAIT,
1343 flags & MSG_DONTWAIT, &err);
1344 if (!skb)
1345 return err;
1346
1347 skb_reset_transport_header(skb);
1348 copied = skb->len;
1349
1350 if (copied > size) {
1351 IRDA_DEBUG(2, "%s(), Received truncated frame (%zd < %zd)!\n",
1352 __func__, copied, size);
1353 copied = size;
1354 msg->msg_flags |= MSG_TRUNC;
1355 }
1356 skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied);
1357
1358 skb_free_datagram(sk, skb);
1359
1360 /*
1361 * Check if we have previously stopped IrTTP and we know
1362 * have more free space in our rx_queue. If so tell IrTTP
1363 * to start delivering frames again before our rx_queue gets
1364 * empty
1365 */
1366 if (self->rx_flow == FLOW_STOP) {
1367 if ((atomic_read(&sk->sk_rmem_alloc) << 2) <= sk->sk_rcvbuf) {
1368 IRDA_DEBUG(2, "%s(), Starting IrTTP\n", __func__);
1369 self->rx_flow = FLOW_START;
1370 irttp_flow_request(self->tsap, FLOW_START);
1371 }
1372 }
1373
1374 return copied;
1375 }
1376
1377 /*
1378 * Function irda_recvmsg_stream (iocb, sock, msg, size, flags)
1379 */
irda_recvmsg_stream(struct kiocb * iocb,struct socket * sock,struct msghdr * msg,size_t size,int flags)1380 static int irda_recvmsg_stream(struct kiocb *iocb, struct socket *sock,
1381 struct msghdr *msg, size_t size, int flags)
1382 {
1383 struct sock *sk = sock->sk;
1384 struct irda_sock *self = irda_sk(sk);
1385 int noblock = flags & MSG_DONTWAIT;
1386 size_t copied = 0;
1387 int target, err;
1388 long timeo;
1389
1390 IRDA_DEBUG(3, "%s()\n", __func__);
1391
1392 if ((err = sock_error(sk)) < 0)
1393 return err;
1394
1395 if (sock->flags & __SO_ACCEPTCON)
1396 return(-EINVAL);
1397
1398 if (flags & MSG_OOB)
1399 return -EOPNOTSUPP;
1400
1401 target = sock_rcvlowat(sk, flags & MSG_WAITALL, size);
1402 timeo = sock_rcvtimeo(sk, noblock);
1403
1404 msg->msg_namelen = 0;
1405
1406 do {
1407 int chunk;
1408 struct sk_buff *skb = skb_dequeue(&sk->sk_receive_queue);
1409
1410 if (skb == NULL) {
1411 DEFINE_WAIT(wait);
1412 int ret = 0;
1413
1414 if (copied >= target)
1415 break;
1416
1417 prepare_to_wait_exclusive(sk->sk_sleep, &wait, TASK_INTERRUPTIBLE);
1418
1419 /*
1420 * POSIX 1003.1g mandates this order.
1421 */
1422 ret = sock_error(sk);
1423 if (ret)
1424 ;
1425 else if (sk->sk_shutdown & RCV_SHUTDOWN)
1426 ;
1427 else if (noblock)
1428 ret = -EAGAIN;
1429 else if (signal_pending(current))
1430 ret = sock_intr_errno(timeo);
1431 else if (sk->sk_state != TCP_ESTABLISHED)
1432 ret = -ENOTCONN;
1433 else if (skb_peek(&sk->sk_receive_queue) == NULL)
1434 /* Wait process until data arrives */
1435 schedule();
1436
1437 finish_wait(sk->sk_sleep, &wait);
1438
1439 if (ret)
1440 return ret;
1441 if (sk->sk_shutdown & RCV_SHUTDOWN)
1442 break;
1443
1444 continue;
1445 }
1446
1447 chunk = min_t(unsigned int, skb->len, size);
1448 if (memcpy_toiovec(msg->msg_iov, skb->data, chunk)) {
1449 skb_queue_head(&sk->sk_receive_queue, skb);
1450 if (copied == 0)
1451 copied = -EFAULT;
1452 break;
1453 }
1454 copied += chunk;
1455 size -= chunk;
1456
1457 /* Mark read part of skb as used */
1458 if (!(flags & MSG_PEEK)) {
1459 skb_pull(skb, chunk);
1460
1461 /* put the skb back if we didn't use it up.. */
1462 if (skb->len) {
1463 IRDA_DEBUG(1, "%s(), back on q!\n",
1464 __func__);
1465 skb_queue_head(&sk->sk_receive_queue, skb);
1466 break;
1467 }
1468
1469 kfree_skb(skb);
1470 } else {
1471 IRDA_DEBUG(0, "%s() questionable!?\n", __func__);
1472
1473 /* put message back and return */
1474 skb_queue_head(&sk->sk_receive_queue, skb);
1475 break;
1476 }
1477 } while (size);
1478
1479 /*
1480 * Check if we have previously stopped IrTTP and we know
1481 * have more free space in our rx_queue. If so tell IrTTP
1482 * to start delivering frames again before our rx_queue gets
1483 * empty
1484 */
1485 if (self->rx_flow == FLOW_STOP) {
1486 if ((atomic_read(&sk->sk_rmem_alloc) << 2) <= sk->sk_rcvbuf) {
1487 IRDA_DEBUG(2, "%s(), Starting IrTTP\n", __func__);
1488 self->rx_flow = FLOW_START;
1489 irttp_flow_request(self->tsap, FLOW_START);
1490 }
1491 }
1492
1493 return copied;
1494 }
1495
1496 /*
1497 * Function irda_sendmsg_dgram (iocb, sock, msg, len)
1498 *
1499 * Send message down to TinyTP for the unreliable sequenced
1500 * packet service...
1501 *
1502 */
irda_sendmsg_dgram(struct kiocb * iocb,struct socket * sock,struct msghdr * msg,size_t len)1503 static int irda_sendmsg_dgram(struct kiocb *iocb, struct socket *sock,
1504 struct msghdr *msg, size_t len)
1505 {
1506 struct sock *sk = sock->sk;
1507 struct irda_sock *self;
1508 struct sk_buff *skb;
1509 int err;
1510
1511 IRDA_DEBUG(4, "%s(), len=%zd\n", __func__, len);
1512
1513 if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_CMSG_COMPAT))
1514 return -EINVAL;
1515
1516 if (sk->sk_shutdown & SEND_SHUTDOWN) {
1517 send_sig(SIGPIPE, current, 0);
1518 return -EPIPE;
1519 }
1520
1521 if (sk->sk_state != TCP_ESTABLISHED)
1522 return -ENOTCONN;
1523
1524 self = irda_sk(sk);
1525
1526 /*
1527 * Check that we don't send out too big frames. This is an unreliable
1528 * service, so we have no fragmentation and no coalescence
1529 */
1530 if (len > self->max_data_size) {
1531 IRDA_DEBUG(0, "%s(), Warning to much data! "
1532 "Chopping frame from %zd to %d bytes!\n",
1533 __func__, len, self->max_data_size);
1534 len = self->max_data_size;
1535 }
1536
1537 skb = sock_alloc_send_skb(sk, len + self->max_header_size,
1538 msg->msg_flags & MSG_DONTWAIT, &err);
1539 if (!skb)
1540 return -ENOBUFS;
1541
1542 skb_reserve(skb, self->max_header_size);
1543 skb_reset_transport_header(skb);
1544
1545 IRDA_DEBUG(4, "%s(), appending user data\n", __func__);
1546 skb_put(skb, len);
1547 err = memcpy_fromiovec(skb_transport_header(skb), msg->msg_iov, len);
1548 if (err) {
1549 kfree_skb(skb);
1550 return err;
1551 }
1552
1553 /*
1554 * Just send the message to TinyTP, and let it deal with possible
1555 * errors. No need to duplicate all that here
1556 */
1557 err = irttp_udata_request(self->tsap, skb);
1558 if (err) {
1559 IRDA_DEBUG(0, "%s(), err=%d\n", __func__, err);
1560 return err;
1561 }
1562 return len;
1563 }
1564
1565 /*
1566 * Function irda_sendmsg_ultra (iocb, sock, msg, len)
1567 *
1568 * Send message down to IrLMP for the unreliable Ultra
1569 * packet service...
1570 */
1571 #ifdef CONFIG_IRDA_ULTRA
irda_sendmsg_ultra(struct kiocb * iocb,struct socket * sock,struct msghdr * msg,size_t len)1572 static int irda_sendmsg_ultra(struct kiocb *iocb, struct socket *sock,
1573 struct msghdr *msg, size_t len)
1574 {
1575 struct sock *sk = sock->sk;
1576 struct irda_sock *self;
1577 __u8 pid = 0;
1578 int bound = 0;
1579 struct sk_buff *skb;
1580 int err;
1581
1582 IRDA_DEBUG(4, "%s(), len=%zd\n", __func__, len);
1583
1584 if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_CMSG_COMPAT))
1585 return -EINVAL;
1586
1587 if (sk->sk_shutdown & SEND_SHUTDOWN) {
1588 send_sig(SIGPIPE, current, 0);
1589 return -EPIPE;
1590 }
1591
1592 self = irda_sk(sk);
1593
1594 /* Check if an address was specified with sendto. Jean II */
1595 if (msg->msg_name) {
1596 struct sockaddr_irda *addr = (struct sockaddr_irda *) msg->msg_name;
1597 /* Check address, extract pid. Jean II */
1598 if (msg->msg_namelen < sizeof(*addr))
1599 return -EINVAL;
1600 if (addr->sir_family != AF_IRDA)
1601 return -EINVAL;
1602
1603 pid = addr->sir_lsap_sel;
1604 if (pid & 0x80) {
1605 IRDA_DEBUG(0, "%s(), extension in PID not supp!\n", __func__);
1606 return -EOPNOTSUPP;
1607 }
1608 } else {
1609 /* Check that the socket is properly bound to an Ultra
1610 * port. Jean II */
1611 if ((self->lsap == NULL) ||
1612 (sk->sk_state != TCP_ESTABLISHED)) {
1613 IRDA_DEBUG(0, "%s(), socket not bound to Ultra PID.\n",
1614 __func__);
1615 return -ENOTCONN;
1616 }
1617 /* Use PID from socket */
1618 bound = 1;
1619 }
1620
1621 /*
1622 * Check that we don't send out too big frames. This is an unreliable
1623 * service, so we have no fragmentation and no coalescence
1624 */
1625 if (len > self->max_data_size) {
1626 IRDA_DEBUG(0, "%s(), Warning to much data! "
1627 "Chopping frame from %zd to %d bytes!\n",
1628 __func__, len, self->max_data_size);
1629 len = self->max_data_size;
1630 }
1631
1632 skb = sock_alloc_send_skb(sk, len + self->max_header_size,
1633 msg->msg_flags & MSG_DONTWAIT, &err);
1634 if (!skb)
1635 return -ENOBUFS;
1636
1637 skb_reserve(skb, self->max_header_size);
1638 skb_reset_transport_header(skb);
1639
1640 IRDA_DEBUG(4, "%s(), appending user data\n", __func__);
1641 skb_put(skb, len);
1642 err = memcpy_fromiovec(skb_transport_header(skb), msg->msg_iov, len);
1643 if (err) {
1644 kfree_skb(skb);
1645 return err;
1646 }
1647
1648 err = irlmp_connless_data_request((bound ? self->lsap : NULL),
1649 skb, pid);
1650 if (err) {
1651 IRDA_DEBUG(0, "%s(), err=%d\n", __func__, err);
1652 return err;
1653 }
1654 return len;
1655 }
1656 #endif /* CONFIG_IRDA_ULTRA */
1657
1658 /*
1659 * Function irda_shutdown (sk, how)
1660 */
irda_shutdown(struct socket * sock,int how)1661 static int irda_shutdown(struct socket *sock, int how)
1662 {
1663 struct sock *sk = sock->sk;
1664 struct irda_sock *self = irda_sk(sk);
1665
1666 IRDA_DEBUG(1, "%s(%p)\n", __func__, self);
1667
1668 sk->sk_state = TCP_CLOSE;
1669 sk->sk_shutdown |= SEND_SHUTDOWN;
1670 sk->sk_state_change(sk);
1671
1672 if (self->iriap) {
1673 iriap_close(self->iriap);
1674 self->iriap = NULL;
1675 }
1676
1677 if (self->tsap) {
1678 irttp_disconnect_request(self->tsap, NULL, P_NORMAL);
1679 irttp_close_tsap(self->tsap);
1680 self->tsap = NULL;
1681 }
1682
1683 /* A few cleanup so the socket look as good as new... */
1684 self->rx_flow = self->tx_flow = FLOW_START; /* needed ??? */
1685 self->daddr = DEV_ADDR_ANY; /* Until we get re-connected */
1686 self->saddr = 0x0; /* so IrLMP assign us any link */
1687
1688 return 0;
1689 }
1690
1691 /*
1692 * Function irda_poll (file, sock, wait)
1693 */
irda_poll(struct file * file,struct socket * sock,poll_table * wait)1694 static unsigned int irda_poll(struct file * file, struct socket *sock,
1695 poll_table *wait)
1696 {
1697 struct sock *sk = sock->sk;
1698 struct irda_sock *self = irda_sk(sk);
1699 unsigned int mask;
1700
1701 IRDA_DEBUG(4, "%s()\n", __func__);
1702
1703 poll_wait(file, sk->sk_sleep, wait);
1704 mask = 0;
1705
1706 /* Exceptional events? */
1707 if (sk->sk_err)
1708 mask |= POLLERR;
1709 if (sk->sk_shutdown & RCV_SHUTDOWN) {
1710 IRDA_DEBUG(0, "%s(), POLLHUP\n", __func__);
1711 mask |= POLLHUP;
1712 }
1713
1714 /* Readable? */
1715 if (!skb_queue_empty(&sk->sk_receive_queue)) {
1716 IRDA_DEBUG(4, "Socket is readable\n");
1717 mask |= POLLIN | POLLRDNORM;
1718 }
1719
1720 /* Connection-based need to check for termination and startup */
1721 switch (sk->sk_type) {
1722 case SOCK_STREAM:
1723 if (sk->sk_state == TCP_CLOSE) {
1724 IRDA_DEBUG(0, "%s(), POLLHUP\n", __func__);
1725 mask |= POLLHUP;
1726 }
1727
1728 if (sk->sk_state == TCP_ESTABLISHED) {
1729 if ((self->tx_flow == FLOW_START) &&
1730 sock_writeable(sk))
1731 {
1732 mask |= POLLOUT | POLLWRNORM | POLLWRBAND;
1733 }
1734 }
1735 break;
1736 case SOCK_SEQPACKET:
1737 if ((self->tx_flow == FLOW_START) &&
1738 sock_writeable(sk))
1739 {
1740 mask |= POLLOUT | POLLWRNORM | POLLWRBAND;
1741 }
1742 break;
1743 case SOCK_DGRAM:
1744 if (sock_writeable(sk))
1745 mask |= POLLOUT | POLLWRNORM | POLLWRBAND;
1746 break;
1747 default:
1748 break;
1749 }
1750 return mask;
1751 }
1752
1753 /*
1754 * Function irda_ioctl (sock, cmd, arg)
1755 */
irda_ioctl(struct socket * sock,unsigned int cmd,unsigned long arg)1756 static int irda_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
1757 {
1758 struct sock *sk = sock->sk;
1759
1760 IRDA_DEBUG(4, "%s(), cmd=%#x\n", __func__, cmd);
1761
1762 switch (cmd) {
1763 case TIOCOUTQ: {
1764 long amount;
1765 amount = sk->sk_sndbuf - atomic_read(&sk->sk_wmem_alloc);
1766 if (amount < 0)
1767 amount = 0;
1768 if (put_user(amount, (unsigned int __user *)arg))
1769 return -EFAULT;
1770 return 0;
1771 }
1772
1773 case TIOCINQ: {
1774 struct sk_buff *skb;
1775 long amount = 0L;
1776 /* These two are safe on a single CPU system as only user tasks fiddle here */
1777 if ((skb = skb_peek(&sk->sk_receive_queue)) != NULL)
1778 amount = skb->len;
1779 if (put_user(amount, (unsigned int __user *)arg))
1780 return -EFAULT;
1781 return 0;
1782 }
1783
1784 case SIOCGSTAMP:
1785 if (sk != NULL)
1786 return sock_get_timestamp(sk, (struct timeval __user *)arg);
1787 return -EINVAL;
1788
1789 case SIOCGIFADDR:
1790 case SIOCSIFADDR:
1791 case SIOCGIFDSTADDR:
1792 case SIOCSIFDSTADDR:
1793 case SIOCGIFBRDADDR:
1794 case SIOCSIFBRDADDR:
1795 case SIOCGIFNETMASK:
1796 case SIOCSIFNETMASK:
1797 case SIOCGIFMETRIC:
1798 case SIOCSIFMETRIC:
1799 return -EINVAL;
1800 default:
1801 IRDA_DEBUG(1, "%s(), doing device ioctl!\n", __func__);
1802 return -ENOIOCTLCMD;
1803 }
1804
1805 /*NOTREACHED*/
1806 return 0;
1807 }
1808
1809 #ifdef CONFIG_COMPAT
1810 /*
1811 * Function irda_ioctl (sock, cmd, arg)
1812 */
irda_compat_ioctl(struct socket * sock,unsigned int cmd,unsigned long arg)1813 static int irda_compat_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
1814 {
1815 /*
1816 * All IRDA's ioctl are standard ones.
1817 */
1818 return -ENOIOCTLCMD;
1819 }
1820 #endif
1821
1822 /*
1823 * Function irda_setsockopt (sock, level, optname, optval, optlen)
1824 *
1825 * Set some options for the socket
1826 *
1827 */
irda_setsockopt(struct socket * sock,int level,int optname,char __user * optval,int optlen)1828 static int irda_setsockopt(struct socket *sock, int level, int optname,
1829 char __user *optval, int optlen)
1830 {
1831 struct sock *sk = sock->sk;
1832 struct irda_sock *self = irda_sk(sk);
1833 struct irda_ias_set *ias_opt;
1834 struct ias_object *ias_obj;
1835 struct ias_attrib * ias_attr; /* Attribute in IAS object */
1836 int opt, free_ias = 0;
1837
1838 IRDA_DEBUG(2, "%s(%p)\n", __func__, self);
1839
1840 if (level != SOL_IRLMP)
1841 return -ENOPROTOOPT;
1842
1843 switch (optname) {
1844 case IRLMP_IAS_SET:
1845 /* The user want to add an attribute to an existing IAS object
1846 * (in the IAS database) or to create a new object with this
1847 * attribute.
1848 * We first query IAS to know if the object exist, and then
1849 * create the right attribute...
1850 */
1851
1852 if (optlen != sizeof(struct irda_ias_set))
1853 return -EINVAL;
1854
1855 ias_opt = kmalloc(sizeof(struct irda_ias_set), GFP_ATOMIC);
1856 if (ias_opt == NULL)
1857 return -ENOMEM;
1858
1859 /* Copy query to the driver. */
1860 if (copy_from_user(ias_opt, optval, optlen)) {
1861 kfree(ias_opt);
1862 return -EFAULT;
1863 }
1864
1865 /* Find the object we target.
1866 * If the user gives us an empty string, we use the object
1867 * associated with this socket. This will workaround
1868 * duplicated class name - Jean II */
1869 if(ias_opt->irda_class_name[0] == '\0') {
1870 if(self->ias_obj == NULL) {
1871 kfree(ias_opt);
1872 return -EINVAL;
1873 }
1874 ias_obj = self->ias_obj;
1875 } else
1876 ias_obj = irias_find_object(ias_opt->irda_class_name);
1877
1878 /* Only ROOT can mess with the global IAS database.
1879 * Users can only add attributes to the object associated
1880 * with the socket they own - Jean II */
1881 if((!capable(CAP_NET_ADMIN)) &&
1882 ((ias_obj == NULL) || (ias_obj != self->ias_obj))) {
1883 kfree(ias_opt);
1884 return -EPERM;
1885 }
1886
1887 /* If the object doesn't exist, create it */
1888 if(ias_obj == (struct ias_object *) NULL) {
1889 /* Create a new object */
1890 ias_obj = irias_new_object(ias_opt->irda_class_name,
1891 jiffies);
1892 if (ias_obj == NULL) {
1893 kfree(ias_opt);
1894 return -ENOMEM;
1895 }
1896 free_ias = 1;
1897 }
1898
1899 /* Do we have the attribute already ? */
1900 if(irias_find_attrib(ias_obj, ias_opt->irda_attrib_name)) {
1901 kfree(ias_opt);
1902 if (free_ias) {
1903 kfree(ias_obj->name);
1904 kfree(ias_obj);
1905 }
1906 return -EINVAL;
1907 }
1908
1909 /* Look at the type */
1910 switch(ias_opt->irda_attrib_type) {
1911 case IAS_INTEGER:
1912 /* Add an integer attribute */
1913 irias_add_integer_attrib(
1914 ias_obj,
1915 ias_opt->irda_attrib_name,
1916 ias_opt->attribute.irda_attrib_int,
1917 IAS_USER_ATTR);
1918 break;
1919 case IAS_OCT_SEQ:
1920 /* Check length */
1921 if(ias_opt->attribute.irda_attrib_octet_seq.len >
1922 IAS_MAX_OCTET_STRING) {
1923 kfree(ias_opt);
1924 if (free_ias) {
1925 kfree(ias_obj->name);
1926 kfree(ias_obj);
1927 }
1928
1929 return -EINVAL;
1930 }
1931 /* Add an octet sequence attribute */
1932 irias_add_octseq_attrib(
1933 ias_obj,
1934 ias_opt->irda_attrib_name,
1935 ias_opt->attribute.irda_attrib_octet_seq.octet_seq,
1936 ias_opt->attribute.irda_attrib_octet_seq.len,
1937 IAS_USER_ATTR);
1938 break;
1939 case IAS_STRING:
1940 /* Should check charset & co */
1941 /* Check length */
1942 /* The length is encoded in a __u8, and
1943 * IAS_MAX_STRING == 256, so there is no way
1944 * userspace can pass us a string too large.
1945 * Jean II */
1946 /* NULL terminate the string (avoid troubles) */
1947 ias_opt->attribute.irda_attrib_string.string[ias_opt->attribute.irda_attrib_string.len] = '\0';
1948 /* Add a string attribute */
1949 irias_add_string_attrib(
1950 ias_obj,
1951 ias_opt->irda_attrib_name,
1952 ias_opt->attribute.irda_attrib_string.string,
1953 IAS_USER_ATTR);
1954 break;
1955 default :
1956 kfree(ias_opt);
1957 if (free_ias) {
1958 kfree(ias_obj->name);
1959 kfree(ias_obj);
1960 }
1961 return -EINVAL;
1962 }
1963 irias_insert_object(ias_obj);
1964 kfree(ias_opt);
1965 break;
1966 case IRLMP_IAS_DEL:
1967 /* The user want to delete an object from our local IAS
1968 * database. We just need to query the IAS, check is the
1969 * object is not owned by the kernel and delete it.
1970 */
1971
1972 if (optlen != sizeof(struct irda_ias_set))
1973 return -EINVAL;
1974
1975 ias_opt = kmalloc(sizeof(struct irda_ias_set), GFP_ATOMIC);
1976 if (ias_opt == NULL)
1977 return -ENOMEM;
1978
1979 /* Copy query to the driver. */
1980 if (copy_from_user(ias_opt, optval, optlen)) {
1981 kfree(ias_opt);
1982 return -EFAULT;
1983 }
1984
1985 /* Find the object we target.
1986 * If the user gives us an empty string, we use the object
1987 * associated with this socket. This will workaround
1988 * duplicated class name - Jean II */
1989 if(ias_opt->irda_class_name[0] == '\0')
1990 ias_obj = self->ias_obj;
1991 else
1992 ias_obj = irias_find_object(ias_opt->irda_class_name);
1993 if(ias_obj == (struct ias_object *) NULL) {
1994 kfree(ias_opt);
1995 return -EINVAL;
1996 }
1997
1998 /* Only ROOT can mess with the global IAS database.
1999 * Users can only del attributes from the object associated
2000 * with the socket they own - Jean II */
2001 if((!capable(CAP_NET_ADMIN)) &&
2002 ((ias_obj == NULL) || (ias_obj != self->ias_obj))) {
2003 kfree(ias_opt);
2004 return -EPERM;
2005 }
2006
2007 /* Find the attribute (in the object) we target */
2008 ias_attr = irias_find_attrib(ias_obj,
2009 ias_opt->irda_attrib_name);
2010 if(ias_attr == (struct ias_attrib *) NULL) {
2011 kfree(ias_opt);
2012 return -EINVAL;
2013 }
2014
2015 /* Check is the user space own the object */
2016 if(ias_attr->value->owner != IAS_USER_ATTR) {
2017 IRDA_DEBUG(1, "%s(), attempting to delete a kernel attribute\n", __func__);
2018 kfree(ias_opt);
2019 return -EPERM;
2020 }
2021
2022 /* Remove the attribute (and maybe the object) */
2023 irias_delete_attrib(ias_obj, ias_attr, 1);
2024 kfree(ias_opt);
2025 break;
2026 case IRLMP_MAX_SDU_SIZE:
2027 if (optlen < sizeof(int))
2028 return -EINVAL;
2029
2030 if (get_user(opt, (int __user *)optval))
2031 return -EFAULT;
2032
2033 /* Only possible for a seqpacket service (TTP with SAR) */
2034 if (sk->sk_type != SOCK_SEQPACKET) {
2035 IRDA_DEBUG(2, "%s(), setting max_sdu_size = %d\n",
2036 __func__, opt);
2037 self->max_sdu_size_rx = opt;
2038 } else {
2039 IRDA_WARNING("%s: not allowed to set MAXSDUSIZE for this socket type!\n",
2040 __func__);
2041 return -ENOPROTOOPT;
2042 }
2043 break;
2044 case IRLMP_HINTS_SET:
2045 if (optlen < sizeof(int))
2046 return -EINVAL;
2047
2048 /* The input is really a (__u8 hints[2]), easier as an int */
2049 if (get_user(opt, (int __user *)optval))
2050 return -EFAULT;
2051
2052 /* Unregister any old registration */
2053 if (self->skey)
2054 irlmp_unregister_service(self->skey);
2055
2056 self->skey = irlmp_register_service((__u16) opt);
2057 break;
2058 case IRLMP_HINT_MASK_SET:
2059 /* As opposed to the previous case which set the hint bits
2060 * that we advertise, this one set the filter we use when
2061 * making a discovery (nodes which don't match any hint
2062 * bit in the mask are not reported).
2063 */
2064 if (optlen < sizeof(int))
2065 return -EINVAL;
2066
2067 /* The input is really a (__u8 hints[2]), easier as an int */
2068 if (get_user(opt, (int __user *)optval))
2069 return -EFAULT;
2070
2071 /* Set the new hint mask */
2072 self->mask.word = (__u16) opt;
2073 /* Mask out extension bits */
2074 self->mask.word &= 0x7f7f;
2075 /* Check if no bits */
2076 if(!self->mask.word)
2077 self->mask.word = 0xFFFF;
2078
2079 break;
2080 default:
2081 return -ENOPROTOOPT;
2082 }
2083 return 0;
2084 }
2085
2086 /*
2087 * Function irda_extract_ias_value(ias_opt, ias_value)
2088 *
2089 * Translate internal IAS value structure to the user space representation
2090 *
2091 * The external representation of IAS values, as we exchange them with
2092 * user space program is quite different from the internal representation,
2093 * as stored in the IAS database (because we need a flat structure for
2094 * crossing kernel boundary).
2095 * This function transform the former in the latter. We also check
2096 * that the value type is valid.
2097 */
irda_extract_ias_value(struct irda_ias_set * ias_opt,struct ias_value * ias_value)2098 static int irda_extract_ias_value(struct irda_ias_set *ias_opt,
2099 struct ias_value *ias_value)
2100 {
2101 /* Look at the type */
2102 switch (ias_value->type) {
2103 case IAS_INTEGER:
2104 /* Copy the integer */
2105 ias_opt->attribute.irda_attrib_int = ias_value->t.integer;
2106 break;
2107 case IAS_OCT_SEQ:
2108 /* Set length */
2109 ias_opt->attribute.irda_attrib_octet_seq.len = ias_value->len;
2110 /* Copy over */
2111 memcpy(ias_opt->attribute.irda_attrib_octet_seq.octet_seq,
2112 ias_value->t.oct_seq, ias_value->len);
2113 break;
2114 case IAS_STRING:
2115 /* Set length */
2116 ias_opt->attribute.irda_attrib_string.len = ias_value->len;
2117 ias_opt->attribute.irda_attrib_string.charset = ias_value->charset;
2118 /* Copy over */
2119 memcpy(ias_opt->attribute.irda_attrib_string.string,
2120 ias_value->t.string, ias_value->len);
2121 /* NULL terminate the string (avoid troubles) */
2122 ias_opt->attribute.irda_attrib_string.string[ias_value->len] = '\0';
2123 break;
2124 case IAS_MISSING:
2125 default :
2126 return -EINVAL;
2127 }
2128
2129 /* Copy type over */
2130 ias_opt->irda_attrib_type = ias_value->type;
2131
2132 return 0;
2133 }
2134
2135 /*
2136 * Function irda_getsockopt (sock, level, optname, optval, optlen)
2137 */
irda_getsockopt(struct socket * sock,int level,int optname,char __user * optval,int __user * optlen)2138 static int irda_getsockopt(struct socket *sock, int level, int optname,
2139 char __user *optval, int __user *optlen)
2140 {
2141 struct sock *sk = sock->sk;
2142 struct irda_sock *self = irda_sk(sk);
2143 struct irda_device_list list;
2144 struct irda_device_info *discoveries;
2145 struct irda_ias_set * ias_opt; /* IAS get/query params */
2146 struct ias_object * ias_obj; /* Object in IAS */
2147 struct ias_attrib * ias_attr; /* Attribute in IAS object */
2148 int daddr = DEV_ADDR_ANY; /* Dest address for IAS queries */
2149 int val = 0;
2150 int len = 0;
2151 int err;
2152 int offset, total;
2153
2154 IRDA_DEBUG(2, "%s(%p)\n", __func__, self);
2155
2156 if (level != SOL_IRLMP)
2157 return -ENOPROTOOPT;
2158
2159 if (get_user(len, optlen))
2160 return -EFAULT;
2161
2162 if(len < 0)
2163 return -EINVAL;
2164
2165 switch (optname) {
2166 case IRLMP_ENUMDEVICES:
2167 /* Ask lmp for the current discovery log */
2168 discoveries = irlmp_get_discoveries(&list.len, self->mask.word,
2169 self->nslots);
2170 /* Check if the we got some results */
2171 if (discoveries == NULL)
2172 return -EAGAIN; /* Didn't find any devices */
2173 err = 0;
2174
2175 /* Write total list length back to client */
2176 if (copy_to_user(optval, &list,
2177 sizeof(struct irda_device_list) -
2178 sizeof(struct irda_device_info)))
2179 err = -EFAULT;
2180
2181 /* Offset to first device entry */
2182 offset = sizeof(struct irda_device_list) -
2183 sizeof(struct irda_device_info);
2184
2185 /* Copy the list itself - watch for overflow */
2186 if(list.len > 2048)
2187 {
2188 err = -EINVAL;
2189 goto bed;
2190 }
2191 total = offset + (list.len * sizeof(struct irda_device_info));
2192 if (total > len)
2193 total = len;
2194 if (copy_to_user(optval+offset, discoveries, total - offset))
2195 err = -EFAULT;
2196
2197 /* Write total number of bytes used back to client */
2198 if (put_user(total, optlen))
2199 err = -EFAULT;
2200 bed:
2201 /* Free up our buffer */
2202 kfree(discoveries);
2203 if (err)
2204 return err;
2205 break;
2206 case IRLMP_MAX_SDU_SIZE:
2207 val = self->max_data_size;
2208 len = sizeof(int);
2209 if (put_user(len, optlen))
2210 return -EFAULT;
2211
2212 if (copy_to_user(optval, &val, len))
2213 return -EFAULT;
2214 break;
2215 case IRLMP_IAS_GET:
2216 /* The user want an object from our local IAS database.
2217 * We just need to query the IAS and return the value
2218 * that we found */
2219
2220 /* Check that the user has allocated the right space for us */
2221 if (len != sizeof(struct irda_ias_set))
2222 return -EINVAL;
2223
2224 ias_opt = kmalloc(sizeof(struct irda_ias_set), GFP_ATOMIC);
2225 if (ias_opt == NULL)
2226 return -ENOMEM;
2227
2228 /* Copy query to the driver. */
2229 if (copy_from_user(ias_opt, optval, len)) {
2230 kfree(ias_opt);
2231 return -EFAULT;
2232 }
2233
2234 /* Find the object we target.
2235 * If the user gives us an empty string, we use the object
2236 * associated with this socket. This will workaround
2237 * duplicated class name - Jean II */
2238 if(ias_opt->irda_class_name[0] == '\0')
2239 ias_obj = self->ias_obj;
2240 else
2241 ias_obj = irias_find_object(ias_opt->irda_class_name);
2242 if(ias_obj == (struct ias_object *) NULL) {
2243 kfree(ias_opt);
2244 return -EINVAL;
2245 }
2246
2247 /* Find the attribute (in the object) we target */
2248 ias_attr = irias_find_attrib(ias_obj,
2249 ias_opt->irda_attrib_name);
2250 if(ias_attr == (struct ias_attrib *) NULL) {
2251 kfree(ias_opt);
2252 return -EINVAL;
2253 }
2254
2255 /* Translate from internal to user structure */
2256 err = irda_extract_ias_value(ias_opt, ias_attr->value);
2257 if(err) {
2258 kfree(ias_opt);
2259 return err;
2260 }
2261
2262 /* Copy reply to the user */
2263 if (copy_to_user(optval, ias_opt,
2264 sizeof(struct irda_ias_set))) {
2265 kfree(ias_opt);
2266 return -EFAULT;
2267 }
2268 /* Note : don't need to put optlen, we checked it */
2269 kfree(ias_opt);
2270 break;
2271 case IRLMP_IAS_QUERY:
2272 /* The user want an object from a remote IAS database.
2273 * We need to use IAP to query the remote database and
2274 * then wait for the answer to come back. */
2275
2276 /* Check that the user has allocated the right space for us */
2277 if (len != sizeof(struct irda_ias_set))
2278 return -EINVAL;
2279
2280 ias_opt = kmalloc(sizeof(struct irda_ias_set), GFP_ATOMIC);
2281 if (ias_opt == NULL)
2282 return -ENOMEM;
2283
2284 /* Copy query to the driver. */
2285 if (copy_from_user(ias_opt, optval, len)) {
2286 kfree(ias_opt);
2287 return -EFAULT;
2288 }
2289
2290 /* At this point, there are two cases...
2291 * 1) the socket is connected - that's the easy case, we
2292 * just query the device we are connected to...
2293 * 2) the socket is not connected - the user doesn't want
2294 * to connect and/or may not have a valid service name
2295 * (so can't create a fake connection). In this case,
2296 * we assume that the user pass us a valid destination
2297 * address in the requesting structure...
2298 */
2299 if(self->daddr != DEV_ADDR_ANY) {
2300 /* We are connected - reuse known daddr */
2301 daddr = self->daddr;
2302 } else {
2303 /* We are not connected, we must specify a valid
2304 * destination address */
2305 daddr = ias_opt->daddr;
2306 if((!daddr) || (daddr == DEV_ADDR_ANY)) {
2307 kfree(ias_opt);
2308 return -EINVAL;
2309 }
2310 }
2311
2312 /* Check that we can proceed with IAP */
2313 if (self->iriap) {
2314 IRDA_WARNING("%s: busy with a previous query\n",
2315 __func__);
2316 kfree(ias_opt);
2317 return -EBUSY;
2318 }
2319
2320 self->iriap = iriap_open(LSAP_ANY, IAS_CLIENT, self,
2321 irda_getvalue_confirm);
2322
2323 if (self->iriap == NULL) {
2324 kfree(ias_opt);
2325 return -ENOMEM;
2326 }
2327
2328 /* Treat unexpected wakeup as disconnect */
2329 self->errno = -EHOSTUNREACH;
2330
2331 /* Query remote LM-IAS */
2332 iriap_getvaluebyclass_request(self->iriap,
2333 self->saddr, daddr,
2334 ias_opt->irda_class_name,
2335 ias_opt->irda_attrib_name);
2336
2337 /* Wait for answer, if not yet finished (or failed) */
2338 if (wait_event_interruptible(self->query_wait,
2339 (self->iriap == NULL))) {
2340 /* pending request uses copy of ias_opt-content
2341 * we can free it regardless! */
2342 kfree(ias_opt);
2343 /* Treat signals as disconnect */
2344 return -EHOSTUNREACH;
2345 }
2346
2347 /* Check what happened */
2348 if (self->errno)
2349 {
2350 kfree(ias_opt);
2351 /* Requested object/attribute doesn't exist */
2352 if((self->errno == IAS_CLASS_UNKNOWN) ||
2353 (self->errno == IAS_ATTRIB_UNKNOWN))
2354 return (-EADDRNOTAVAIL);
2355 else
2356 return (-EHOSTUNREACH);
2357 }
2358
2359 /* Translate from internal to user structure */
2360 err = irda_extract_ias_value(ias_opt, self->ias_result);
2361 if (self->ias_result)
2362 irias_delete_value(self->ias_result);
2363 if (err) {
2364 kfree(ias_opt);
2365 return err;
2366 }
2367
2368 /* Copy reply to the user */
2369 if (copy_to_user(optval, ias_opt,
2370 sizeof(struct irda_ias_set))) {
2371 kfree(ias_opt);
2372 return -EFAULT;
2373 }
2374 /* Note : don't need to put optlen, we checked it */
2375 kfree(ias_opt);
2376 break;
2377 case IRLMP_WAITDEVICE:
2378 /* This function is just another way of seeing life ;-)
2379 * IRLMP_ENUMDEVICES assumes that you have a static network,
2380 * and that you just want to pick one of the devices present.
2381 * On the other hand, in here we assume that no device is
2382 * present and that at some point in the future a device will
2383 * come into range. When this device arrive, we just wake
2384 * up the caller, so that he has time to connect to it before
2385 * the device goes away...
2386 * Note : once the node has been discovered for more than a
2387 * few second, it won't trigger this function, unless it
2388 * goes away and come back changes its hint bits (so we
2389 * might call it IRLMP_WAITNEWDEVICE).
2390 */
2391
2392 /* Check that the user is passing us an int */
2393 if (len != sizeof(int))
2394 return -EINVAL;
2395 /* Get timeout in ms (max time we block the caller) */
2396 if (get_user(val, (int __user *)optval))
2397 return -EFAULT;
2398
2399 /* Tell IrLMP we want to be notified */
2400 irlmp_update_client(self->ckey, self->mask.word,
2401 irda_selective_discovery_indication,
2402 NULL, (void *) self);
2403
2404 /* Do some discovery (and also return cached results) */
2405 irlmp_discovery_request(self->nslots);
2406
2407 /* Wait until a node is discovered */
2408 if (!self->cachedaddr) {
2409 int ret = 0;
2410
2411 IRDA_DEBUG(1, "%s(), nothing discovered yet, going to sleep...\n", __func__);
2412
2413 /* Set watchdog timer to expire in <val> ms. */
2414 self->errno = 0;
2415 setup_timer(&self->watchdog, irda_discovery_timeout,
2416 (unsigned long)self);
2417 self->watchdog.expires = jiffies + (val * HZ/1000);
2418 add_timer(&(self->watchdog));
2419
2420 /* Wait for IR-LMP to call us back */
2421 __wait_event_interruptible(self->query_wait,
2422 (self->cachedaddr != 0 || self->errno == -ETIME),
2423 ret);
2424
2425 /* If watchdog is still activated, kill it! */
2426 if(timer_pending(&(self->watchdog)))
2427 del_timer(&(self->watchdog));
2428
2429 IRDA_DEBUG(1, "%s(), ...waking up !\n", __func__);
2430
2431 if (ret != 0)
2432 return ret;
2433 }
2434 else
2435 IRDA_DEBUG(1, "%s(), found immediately !\n",
2436 __func__);
2437
2438 /* Tell IrLMP that we have been notified */
2439 irlmp_update_client(self->ckey, self->mask.word,
2440 NULL, NULL, NULL);
2441
2442 /* Check if the we got some results */
2443 if (!self->cachedaddr)
2444 return -EAGAIN; /* Didn't find any devices */
2445 daddr = self->cachedaddr;
2446 /* Cleanup */
2447 self->cachedaddr = 0;
2448
2449 /* We return the daddr of the device that trigger the
2450 * wakeup. As irlmp pass us only the new devices, we
2451 * are sure that it's not an old device.
2452 * If the user want more details, he should query
2453 * the whole discovery log and pick one device...
2454 */
2455 if (put_user(daddr, (int __user *)optval))
2456 return -EFAULT;
2457
2458 break;
2459 default:
2460 return -ENOPROTOOPT;
2461 }
2462
2463 return 0;
2464 }
2465
2466 static struct net_proto_family irda_family_ops = {
2467 .family = PF_IRDA,
2468 .create = irda_create,
2469 .owner = THIS_MODULE,
2470 };
2471
2472 static const struct proto_ops SOCKOPS_WRAPPED(irda_stream_ops) = {
2473 .family = PF_IRDA,
2474 .owner = THIS_MODULE,
2475 .release = irda_release,
2476 .bind = irda_bind,
2477 .connect = irda_connect,
2478 .socketpair = sock_no_socketpair,
2479 .accept = irda_accept,
2480 .getname = irda_getname,
2481 .poll = irda_poll,
2482 .ioctl = irda_ioctl,
2483 #ifdef CONFIG_COMPAT
2484 .compat_ioctl = irda_compat_ioctl,
2485 #endif
2486 .listen = irda_listen,
2487 .shutdown = irda_shutdown,
2488 .setsockopt = irda_setsockopt,
2489 .getsockopt = irda_getsockopt,
2490 .sendmsg = irda_sendmsg,
2491 .recvmsg = irda_recvmsg_stream,
2492 .mmap = sock_no_mmap,
2493 .sendpage = sock_no_sendpage,
2494 };
2495
2496 static const struct proto_ops SOCKOPS_WRAPPED(irda_seqpacket_ops) = {
2497 .family = PF_IRDA,
2498 .owner = THIS_MODULE,
2499 .release = irda_release,
2500 .bind = irda_bind,
2501 .connect = irda_connect,
2502 .socketpair = sock_no_socketpair,
2503 .accept = irda_accept,
2504 .getname = irda_getname,
2505 .poll = datagram_poll,
2506 .ioctl = irda_ioctl,
2507 #ifdef CONFIG_COMPAT
2508 .compat_ioctl = irda_compat_ioctl,
2509 #endif
2510 .listen = irda_listen,
2511 .shutdown = irda_shutdown,
2512 .setsockopt = irda_setsockopt,
2513 .getsockopt = irda_getsockopt,
2514 .sendmsg = irda_sendmsg,
2515 .recvmsg = irda_recvmsg_dgram,
2516 .mmap = sock_no_mmap,
2517 .sendpage = sock_no_sendpage,
2518 };
2519
2520 static const struct proto_ops SOCKOPS_WRAPPED(irda_dgram_ops) = {
2521 .family = PF_IRDA,
2522 .owner = THIS_MODULE,
2523 .release = irda_release,
2524 .bind = irda_bind,
2525 .connect = irda_connect,
2526 .socketpair = sock_no_socketpair,
2527 .accept = irda_accept,
2528 .getname = irda_getname,
2529 .poll = datagram_poll,
2530 .ioctl = irda_ioctl,
2531 #ifdef CONFIG_COMPAT
2532 .compat_ioctl = irda_compat_ioctl,
2533 #endif
2534 .listen = irda_listen,
2535 .shutdown = irda_shutdown,
2536 .setsockopt = irda_setsockopt,
2537 .getsockopt = irda_getsockopt,
2538 .sendmsg = irda_sendmsg_dgram,
2539 .recvmsg = irda_recvmsg_dgram,
2540 .mmap = sock_no_mmap,
2541 .sendpage = sock_no_sendpage,
2542 };
2543
2544 #ifdef CONFIG_IRDA_ULTRA
2545 static const struct proto_ops SOCKOPS_WRAPPED(irda_ultra_ops) = {
2546 .family = PF_IRDA,
2547 .owner = THIS_MODULE,
2548 .release = irda_release,
2549 .bind = irda_bind,
2550 .connect = sock_no_connect,
2551 .socketpair = sock_no_socketpair,
2552 .accept = sock_no_accept,
2553 .getname = irda_getname,
2554 .poll = datagram_poll,
2555 .ioctl = irda_ioctl,
2556 #ifdef CONFIG_COMPAT
2557 .compat_ioctl = irda_compat_ioctl,
2558 #endif
2559 .listen = sock_no_listen,
2560 .shutdown = irda_shutdown,
2561 .setsockopt = irda_setsockopt,
2562 .getsockopt = irda_getsockopt,
2563 .sendmsg = irda_sendmsg_ultra,
2564 .recvmsg = irda_recvmsg_dgram,
2565 .mmap = sock_no_mmap,
2566 .sendpage = sock_no_sendpage,
2567 };
2568 #endif /* CONFIG_IRDA_ULTRA */
2569
2570 SOCKOPS_WRAP(irda_stream, PF_IRDA);
2571 SOCKOPS_WRAP(irda_seqpacket, PF_IRDA);
2572 SOCKOPS_WRAP(irda_dgram, PF_IRDA);
2573 #ifdef CONFIG_IRDA_ULTRA
2574 SOCKOPS_WRAP(irda_ultra, PF_IRDA);
2575 #endif /* CONFIG_IRDA_ULTRA */
2576
2577 /*
2578 * Function irsock_init (pro)
2579 *
2580 * Initialize IrDA protocol
2581 *
2582 */
irsock_init(void)2583 int __init irsock_init(void)
2584 {
2585 int rc = proto_register(&irda_proto, 0);
2586
2587 if (rc == 0)
2588 rc = sock_register(&irda_family_ops);
2589
2590 return rc;
2591 }
2592
2593 /*
2594 * Function irsock_cleanup (void)
2595 *
2596 * Remove IrDA protocol
2597 *
2598 */
irsock_cleanup(void)2599 void irsock_cleanup(void)
2600 {
2601 sock_unregister(PF_IRDA);
2602 proto_unregister(&irda_proto);
2603 }
2604