Loading...
Note: File does not exist in v4.17.
1// SPDX-License-Identifier: GPL-2.0
2/*
3 * BlueZ - Bluetooth protocol stack for Linux
4 *
5 * Copyright (C) 2022 Intel Corporation
6 * Copyright 2023 NXP
7 */
8
9#include <linux/module.h>
10#include <linux/debugfs.h>
11#include <linux/seq_file.h>
12#include <linux/sched/signal.h>
13
14#include <net/bluetooth/bluetooth.h>
15#include <net/bluetooth/hci_core.h>
16#include <net/bluetooth/iso.h>
17#include "eir.h"
18
19static const struct proto_ops iso_sock_ops;
20
21static struct bt_sock_list iso_sk_list = {
22 .lock = __RW_LOCK_UNLOCKED(iso_sk_list.lock)
23};
24
25/* ---- ISO connections ---- */
26struct iso_conn {
27 struct hci_conn *hcon;
28
29 /* @lock: spinlock protecting changes to iso_conn fields */
30 spinlock_t lock;
31 struct sock *sk;
32
33 struct delayed_work timeout_work;
34
35 struct sk_buff *rx_skb;
36 __u32 rx_len;
37 __u16 tx_sn;
38};
39
40#define iso_conn_lock(c) spin_lock(&(c)->lock)
41#define iso_conn_unlock(c) spin_unlock(&(c)->lock)
42
43static void iso_sock_close(struct sock *sk);
44static void iso_sock_kill(struct sock *sk);
45
46/* ----- ISO socket info ----- */
47#define iso_pi(sk) ((struct iso_pinfo *)sk)
48
49#define EIR_SERVICE_DATA_LENGTH 4
50#define BASE_MAX_LENGTH (HCI_MAX_PER_AD_LENGTH - EIR_SERVICE_DATA_LENGTH)
51#define EIR_BAA_SERVICE_UUID 0x1851
52
53/* iso_pinfo flags values */
54enum {
55 BT_SK_BIG_SYNC,
56 BT_SK_PA_SYNC,
57 BT_SK_PA_SYNC_TERM,
58};
59
60struct iso_pinfo {
61 struct bt_sock bt;
62 bdaddr_t src;
63 __u8 src_type;
64 bdaddr_t dst;
65 __u8 dst_type;
66 __u8 bc_sid;
67 __u8 bc_num_bis;
68 __u8 bc_bis[ISO_MAX_NUM_BIS];
69 __u16 sync_handle;
70 unsigned long flags;
71 struct bt_iso_qos qos;
72 bool qos_user_set;
73 __u8 base_len;
74 __u8 base[BASE_MAX_LENGTH];
75 struct iso_conn *conn;
76};
77
78static struct bt_iso_qos default_qos;
79
80static bool check_ucast_qos(struct bt_iso_qos *qos);
81static bool check_bcast_qos(struct bt_iso_qos *qos);
82static bool iso_match_sid(struct sock *sk, void *data);
83static bool iso_match_sync_handle(struct sock *sk, void *data);
84static void iso_sock_disconn(struct sock *sk);
85
86typedef bool (*iso_sock_match_t)(struct sock *sk, void *data);
87
88static struct sock *iso_get_sock_listen(bdaddr_t *src, bdaddr_t *dst,
89 iso_sock_match_t match, void *data);
90
91/* ---- ISO timers ---- */
92#define ISO_CONN_TIMEOUT (HZ * 40)
93#define ISO_DISCONN_TIMEOUT (HZ * 2)
94
95static void iso_sock_timeout(struct work_struct *work)
96{
97 struct iso_conn *conn = container_of(work, struct iso_conn,
98 timeout_work.work);
99 struct sock *sk;
100
101 iso_conn_lock(conn);
102 sk = conn->sk;
103 if (sk)
104 sock_hold(sk);
105 iso_conn_unlock(conn);
106
107 if (!sk)
108 return;
109
110 BT_DBG("sock %p state %d", sk, sk->sk_state);
111
112 lock_sock(sk);
113 sk->sk_err = ETIMEDOUT;
114 sk->sk_state_change(sk);
115 release_sock(sk);
116 sock_put(sk);
117}
118
119static void iso_sock_set_timer(struct sock *sk, long timeout)
120{
121 if (!iso_pi(sk)->conn)
122 return;
123
124 BT_DBG("sock %p state %d timeout %ld", sk, sk->sk_state, timeout);
125 cancel_delayed_work(&iso_pi(sk)->conn->timeout_work);
126 schedule_delayed_work(&iso_pi(sk)->conn->timeout_work, timeout);
127}
128
129static void iso_sock_clear_timer(struct sock *sk)
130{
131 if (!iso_pi(sk)->conn)
132 return;
133
134 BT_DBG("sock %p state %d", sk, sk->sk_state);
135 cancel_delayed_work(&iso_pi(sk)->conn->timeout_work);
136}
137
138/* ---- ISO connections ---- */
139static struct iso_conn *iso_conn_add(struct hci_conn *hcon)
140{
141 struct iso_conn *conn = hcon->iso_data;
142
143 if (conn) {
144 if (!conn->hcon)
145 conn->hcon = hcon;
146 return conn;
147 }
148
149 conn = kzalloc(sizeof(*conn), GFP_KERNEL);
150 if (!conn)
151 return NULL;
152
153 spin_lock_init(&conn->lock);
154 INIT_DELAYED_WORK(&conn->timeout_work, iso_sock_timeout);
155
156 hcon->iso_data = conn;
157 conn->hcon = hcon;
158 conn->tx_sn = 0;
159
160 BT_DBG("hcon %p conn %p", hcon, conn);
161
162 return conn;
163}
164
165/* Delete channel. Must be called on the locked socket. */
166static void iso_chan_del(struct sock *sk, int err)
167{
168 struct iso_conn *conn;
169 struct sock *parent;
170
171 conn = iso_pi(sk)->conn;
172
173 BT_DBG("sk %p, conn %p, err %d", sk, conn, err);
174
175 if (conn) {
176 iso_conn_lock(conn);
177 conn->sk = NULL;
178 iso_pi(sk)->conn = NULL;
179 iso_conn_unlock(conn);
180
181 if (conn->hcon)
182 hci_conn_drop(conn->hcon);
183 }
184
185 sk->sk_state = BT_CLOSED;
186 sk->sk_err = err;
187
188 parent = bt_sk(sk)->parent;
189 if (parent) {
190 bt_accept_unlink(sk);
191 parent->sk_data_ready(parent);
192 } else {
193 sk->sk_state_change(sk);
194 }
195
196 sock_set_flag(sk, SOCK_ZAPPED);
197}
198
199static bool iso_match_conn_sync_handle(struct sock *sk, void *data)
200{
201 struct hci_conn *hcon = data;
202
203 if (test_bit(BT_SK_PA_SYNC, &iso_pi(sk)->flags))
204 return false;
205
206 return hcon->sync_handle == iso_pi(sk)->sync_handle;
207}
208
209static void iso_conn_del(struct hci_conn *hcon, int err)
210{
211 struct iso_conn *conn = hcon->iso_data;
212 struct sock *sk;
213 struct sock *parent;
214
215 if (!conn)
216 return;
217
218 BT_DBG("hcon %p conn %p, err %d", hcon, conn, err);
219
220 /* Kill socket */
221 iso_conn_lock(conn);
222 sk = conn->sk;
223 if (sk)
224 sock_hold(sk);
225 iso_conn_unlock(conn);
226
227 if (sk) {
228 lock_sock(sk);
229
230 /* While a PA sync hcon is in the process of closing,
231 * mark parent socket with a flag, so that any residual
232 * BIGInfo adv reports that arrive before PA sync is
233 * terminated are not processed anymore.
234 */
235 if (test_bit(BT_SK_PA_SYNC, &iso_pi(sk)->flags)) {
236 parent = iso_get_sock_listen(&hcon->src,
237 &hcon->dst,
238 iso_match_conn_sync_handle,
239 hcon);
240
241 if (parent) {
242 set_bit(BT_SK_PA_SYNC_TERM,
243 &iso_pi(parent)->flags);
244 sock_put(parent);
245 }
246 }
247
248 iso_sock_clear_timer(sk);
249 iso_chan_del(sk, err);
250 release_sock(sk);
251 sock_put(sk);
252 }
253
254 /* Ensure no more work items will run before freeing conn. */
255 cancel_delayed_work_sync(&conn->timeout_work);
256
257 hcon->iso_data = NULL;
258 kfree(conn);
259}
260
261static int __iso_chan_add(struct iso_conn *conn, struct sock *sk,
262 struct sock *parent)
263{
264 BT_DBG("conn %p", conn);
265
266 if (iso_pi(sk)->conn == conn && conn->sk == sk)
267 return 0;
268
269 if (conn->sk) {
270 BT_ERR("conn->sk already set");
271 return -EBUSY;
272 }
273
274 iso_pi(sk)->conn = conn;
275 conn->sk = sk;
276
277 if (parent)
278 bt_accept_enqueue(parent, sk, true);
279
280 return 0;
281}
282
283static int iso_chan_add(struct iso_conn *conn, struct sock *sk,
284 struct sock *parent)
285{
286 int err;
287
288 iso_conn_lock(conn);
289 err = __iso_chan_add(conn, sk, parent);
290 iso_conn_unlock(conn);
291
292 return err;
293}
294
295static inline u8 le_addr_type(u8 bdaddr_type)
296{
297 if (bdaddr_type == BDADDR_LE_PUBLIC)
298 return ADDR_LE_DEV_PUBLIC;
299 else
300 return ADDR_LE_DEV_RANDOM;
301}
302
303static int iso_connect_bis(struct sock *sk)
304{
305 struct iso_conn *conn;
306 struct hci_conn *hcon;
307 struct hci_dev *hdev;
308 int err;
309
310 BT_DBG("%pMR", &iso_pi(sk)->src);
311
312 hdev = hci_get_route(&iso_pi(sk)->dst, &iso_pi(sk)->src,
313 iso_pi(sk)->src_type);
314 if (!hdev)
315 return -EHOSTUNREACH;
316
317 hci_dev_lock(hdev);
318
319 if (!bis_capable(hdev)) {
320 err = -EOPNOTSUPP;
321 goto unlock;
322 }
323
324 /* Fail if user set invalid QoS */
325 if (iso_pi(sk)->qos_user_set && !check_bcast_qos(&iso_pi(sk)->qos)) {
326 iso_pi(sk)->qos = default_qos;
327 err = -EINVAL;
328 goto unlock;
329 }
330
331 /* Fail if out PHYs are marked as disabled */
332 if (!iso_pi(sk)->qos.bcast.out.phy) {
333 err = -EINVAL;
334 goto unlock;
335 }
336
337 /* Just bind if DEFER_SETUP has been set */
338 if (test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) {
339 hcon = hci_bind_bis(hdev, &iso_pi(sk)->dst,
340 &iso_pi(sk)->qos, iso_pi(sk)->base_len,
341 iso_pi(sk)->base);
342 if (IS_ERR(hcon)) {
343 err = PTR_ERR(hcon);
344 goto unlock;
345 }
346 } else {
347 hcon = hci_connect_bis(hdev, &iso_pi(sk)->dst,
348 le_addr_type(iso_pi(sk)->dst_type),
349 &iso_pi(sk)->qos, iso_pi(sk)->base_len,
350 iso_pi(sk)->base);
351 if (IS_ERR(hcon)) {
352 err = PTR_ERR(hcon);
353 goto unlock;
354 }
355 }
356
357 conn = iso_conn_add(hcon);
358 if (!conn) {
359 hci_conn_drop(hcon);
360 err = -ENOMEM;
361 goto unlock;
362 }
363
364 lock_sock(sk);
365
366 err = iso_chan_add(conn, sk, NULL);
367 if (err) {
368 release_sock(sk);
369 goto unlock;
370 }
371
372 /* Update source addr of the socket */
373 bacpy(&iso_pi(sk)->src, &hcon->src);
374
375 if (hcon->state == BT_CONNECTED) {
376 iso_sock_clear_timer(sk);
377 sk->sk_state = BT_CONNECTED;
378 } else if (test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) {
379 iso_sock_clear_timer(sk);
380 sk->sk_state = BT_CONNECT;
381 } else {
382 sk->sk_state = BT_CONNECT;
383 iso_sock_set_timer(sk, sk->sk_sndtimeo);
384 }
385
386 release_sock(sk);
387
388unlock:
389 hci_dev_unlock(hdev);
390 hci_dev_put(hdev);
391 return err;
392}
393
394static int iso_connect_cis(struct sock *sk)
395{
396 struct iso_conn *conn;
397 struct hci_conn *hcon;
398 struct hci_dev *hdev;
399 int err;
400
401 BT_DBG("%pMR -> %pMR", &iso_pi(sk)->src, &iso_pi(sk)->dst);
402
403 hdev = hci_get_route(&iso_pi(sk)->dst, &iso_pi(sk)->src,
404 iso_pi(sk)->src_type);
405 if (!hdev)
406 return -EHOSTUNREACH;
407
408 hci_dev_lock(hdev);
409
410 if (!cis_central_capable(hdev)) {
411 err = -EOPNOTSUPP;
412 goto unlock;
413 }
414
415 /* Fail if user set invalid QoS */
416 if (iso_pi(sk)->qos_user_set && !check_ucast_qos(&iso_pi(sk)->qos)) {
417 iso_pi(sk)->qos = default_qos;
418 err = -EINVAL;
419 goto unlock;
420 }
421
422 /* Fail if either PHYs are marked as disabled */
423 if (!iso_pi(sk)->qos.ucast.in.phy && !iso_pi(sk)->qos.ucast.out.phy) {
424 err = -EINVAL;
425 goto unlock;
426 }
427
428 /* Just bind if DEFER_SETUP has been set */
429 if (test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) {
430 hcon = hci_bind_cis(hdev, &iso_pi(sk)->dst,
431 le_addr_type(iso_pi(sk)->dst_type),
432 &iso_pi(sk)->qos);
433 if (IS_ERR(hcon)) {
434 err = PTR_ERR(hcon);
435 goto unlock;
436 }
437 } else {
438 hcon = hci_connect_cis(hdev, &iso_pi(sk)->dst,
439 le_addr_type(iso_pi(sk)->dst_type),
440 &iso_pi(sk)->qos);
441 if (IS_ERR(hcon)) {
442 err = PTR_ERR(hcon);
443 goto unlock;
444 }
445 }
446
447 conn = iso_conn_add(hcon);
448 if (!conn) {
449 hci_conn_drop(hcon);
450 err = -ENOMEM;
451 goto unlock;
452 }
453
454 lock_sock(sk);
455
456 err = iso_chan_add(conn, sk, NULL);
457 if (err) {
458 release_sock(sk);
459 goto unlock;
460 }
461
462 /* Update source addr of the socket */
463 bacpy(&iso_pi(sk)->src, &hcon->src);
464
465 if (hcon->state == BT_CONNECTED) {
466 iso_sock_clear_timer(sk);
467 sk->sk_state = BT_CONNECTED;
468 } else if (test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) {
469 iso_sock_clear_timer(sk);
470 sk->sk_state = BT_CONNECT;
471 } else {
472 sk->sk_state = BT_CONNECT;
473 iso_sock_set_timer(sk, sk->sk_sndtimeo);
474 }
475
476 release_sock(sk);
477
478unlock:
479 hci_dev_unlock(hdev);
480 hci_dev_put(hdev);
481 return err;
482}
483
484static struct bt_iso_qos *iso_sock_get_qos(struct sock *sk)
485{
486 if (sk->sk_state == BT_CONNECTED || sk->sk_state == BT_CONNECT2)
487 return &iso_pi(sk)->conn->hcon->iso_qos;
488
489 return &iso_pi(sk)->qos;
490}
491
492static int iso_send_frame(struct sock *sk, struct sk_buff *skb)
493{
494 struct iso_conn *conn = iso_pi(sk)->conn;
495 struct bt_iso_qos *qos = iso_sock_get_qos(sk);
496 struct hci_iso_data_hdr *hdr;
497 int len = 0;
498
499 BT_DBG("sk %p len %d", sk, skb->len);
500
501 if (skb->len > qos->ucast.out.sdu)
502 return -EMSGSIZE;
503
504 len = skb->len;
505
506 /* Push ISO data header */
507 hdr = skb_push(skb, HCI_ISO_DATA_HDR_SIZE);
508 hdr->sn = cpu_to_le16(conn->tx_sn++);
509 hdr->slen = cpu_to_le16(hci_iso_data_len_pack(len,
510 HCI_ISO_STATUS_VALID));
511
512 if (sk->sk_state == BT_CONNECTED)
513 hci_send_iso(conn->hcon, skb);
514 else
515 len = -ENOTCONN;
516
517 return len;
518}
519
520static void iso_recv_frame(struct iso_conn *conn, struct sk_buff *skb)
521{
522 struct sock *sk;
523
524 iso_conn_lock(conn);
525 sk = conn->sk;
526 iso_conn_unlock(conn);
527
528 if (!sk)
529 goto drop;
530
531 BT_DBG("sk %p len %d", sk, skb->len);
532
533 if (sk->sk_state != BT_CONNECTED)
534 goto drop;
535
536 if (!sock_queue_rcv_skb(sk, skb))
537 return;
538
539drop:
540 kfree_skb(skb);
541}
542
543/* -------- Socket interface ---------- */
544static struct sock *__iso_get_sock_listen_by_addr(bdaddr_t *src, bdaddr_t *dst)
545{
546 struct sock *sk;
547
548 sk_for_each(sk, &iso_sk_list.head) {
549 if (sk->sk_state != BT_LISTEN)
550 continue;
551
552 if (bacmp(&iso_pi(sk)->dst, dst))
553 continue;
554
555 if (!bacmp(&iso_pi(sk)->src, src))
556 return sk;
557 }
558
559 return NULL;
560}
561
562static struct sock *__iso_get_sock_listen_by_sid(bdaddr_t *ba, bdaddr_t *bc,
563 __u8 sid)
564{
565 struct sock *sk;
566
567 sk_for_each(sk, &iso_sk_list.head) {
568 if (sk->sk_state != BT_LISTEN)
569 continue;
570
571 if (bacmp(&iso_pi(sk)->src, ba))
572 continue;
573
574 if (bacmp(&iso_pi(sk)->dst, bc))
575 continue;
576
577 if (iso_pi(sk)->bc_sid == sid)
578 return sk;
579 }
580
581 return NULL;
582}
583
584/* Find socket listening:
585 * source bdaddr (Unicast)
586 * destination bdaddr (Broadcast only)
587 * match func - pass NULL to ignore
588 * match func data - pass -1 to ignore
589 * Returns closest match.
590 */
591static struct sock *iso_get_sock_listen(bdaddr_t *src, bdaddr_t *dst,
592 iso_sock_match_t match, void *data)
593{
594 struct sock *sk = NULL, *sk1 = NULL;
595
596 read_lock(&iso_sk_list.lock);
597
598 sk_for_each(sk, &iso_sk_list.head) {
599 if (sk->sk_state != BT_LISTEN)
600 continue;
601
602 /* Match Broadcast destination */
603 if (bacmp(dst, BDADDR_ANY) && bacmp(&iso_pi(sk)->dst, dst))
604 continue;
605
606 /* Use Match function if provided */
607 if (match && !match(sk, data))
608 continue;
609
610 /* Exact match. */
611 if (!bacmp(&iso_pi(sk)->src, src)) {
612 sock_hold(sk);
613 break;
614 }
615
616 /* Closest match */
617 if (!bacmp(&iso_pi(sk)->src, BDADDR_ANY)) {
618 if (sk1)
619 sock_put(sk1);
620
621 sk1 = sk;
622 sock_hold(sk1);
623 }
624 }
625
626 if (sk && sk1)
627 sock_put(sk1);
628
629 read_unlock(&iso_sk_list.lock);
630
631 return sk ? sk : sk1;
632}
633
634static struct sock *iso_get_sock_big(struct sock *match_sk, bdaddr_t *src,
635 bdaddr_t *dst, uint8_t big)
636{
637 struct sock *sk = NULL;
638
639 read_lock(&iso_sk_list.lock);
640
641 sk_for_each(sk, &iso_sk_list.head) {
642 if (match_sk == sk)
643 continue;
644
645 /* Look for sockets that have already been
646 * connected to the BIG
647 */
648 if (sk->sk_state != BT_CONNECTED &&
649 sk->sk_state != BT_CONNECT)
650 continue;
651
652 /* Match Broadcast destination */
653 if (bacmp(&iso_pi(sk)->dst, dst))
654 continue;
655
656 /* Match BIG handle */
657 if (iso_pi(sk)->qos.bcast.big != big)
658 continue;
659
660 /* Match source address */
661 if (bacmp(&iso_pi(sk)->src, src))
662 continue;
663
664 sock_hold(sk);
665 break;
666 }
667
668 read_unlock(&iso_sk_list.lock);
669
670 return sk;
671}
672
673static void iso_sock_destruct(struct sock *sk)
674{
675 BT_DBG("sk %p", sk);
676
677 skb_queue_purge(&sk->sk_receive_queue);
678 skb_queue_purge(&sk->sk_write_queue);
679}
680
681static void iso_sock_cleanup_listen(struct sock *parent)
682{
683 struct sock *sk;
684
685 BT_DBG("parent %p", parent);
686
687 /* Close not yet accepted channels */
688 while ((sk = bt_accept_dequeue(parent, NULL))) {
689 iso_sock_close(sk);
690 iso_sock_kill(sk);
691 }
692
693 /* If listening socket stands for a PA sync connection,
694 * properly disconnect the hcon and socket.
695 */
696 if (iso_pi(parent)->conn && iso_pi(parent)->conn->hcon &&
697 test_bit(HCI_CONN_PA_SYNC, &iso_pi(parent)->conn->hcon->flags)) {
698 iso_sock_disconn(parent);
699 return;
700 }
701
702 parent->sk_state = BT_CLOSED;
703 sock_set_flag(parent, SOCK_ZAPPED);
704}
705
706/* Kill socket (only if zapped and orphan)
707 * Must be called on unlocked socket.
708 */
709static void iso_sock_kill(struct sock *sk)
710{
711 if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket ||
712 sock_flag(sk, SOCK_DEAD))
713 return;
714
715 BT_DBG("sk %p state %d", sk, sk->sk_state);
716
717 /* Kill poor orphan */
718 bt_sock_unlink(&iso_sk_list, sk);
719 sock_set_flag(sk, SOCK_DEAD);
720 sock_put(sk);
721}
722
723static void iso_sock_disconn(struct sock *sk)
724{
725 struct sock *bis_sk;
726 struct hci_conn *hcon = iso_pi(sk)->conn->hcon;
727
728 if (test_bit(HCI_CONN_BIG_CREATED, &hcon->flags)) {
729 bis_sk = iso_get_sock_big(sk, &iso_pi(sk)->src,
730 &iso_pi(sk)->dst,
731 iso_pi(sk)->qos.bcast.big);
732
733 /* If there are any other connected sockets for the
734 * same BIG, just delete the sk and leave the bis
735 * hcon active, in case later rebinding is needed.
736 */
737 if (bis_sk) {
738 hcon->state = BT_OPEN;
739 iso_pi(sk)->conn->hcon = NULL;
740 iso_sock_clear_timer(sk);
741 iso_chan_del(sk, bt_to_errno(hcon->abort_reason));
742 sock_put(bis_sk);
743 return;
744 }
745 }
746
747 sk->sk_state = BT_DISCONN;
748 iso_sock_set_timer(sk, ISO_DISCONN_TIMEOUT);
749 iso_conn_lock(iso_pi(sk)->conn);
750 hci_conn_drop(iso_pi(sk)->conn->hcon);
751 iso_pi(sk)->conn->hcon = NULL;
752 iso_conn_unlock(iso_pi(sk)->conn);
753}
754
755static void __iso_sock_close(struct sock *sk)
756{
757 BT_DBG("sk %p state %d socket %p", sk, sk->sk_state, sk->sk_socket);
758
759 switch (sk->sk_state) {
760 case BT_LISTEN:
761 iso_sock_cleanup_listen(sk);
762 break;
763
764 case BT_CONNECT:
765 case BT_CONNECTED:
766 case BT_CONFIG:
767 if (iso_pi(sk)->conn->hcon)
768 iso_sock_disconn(sk);
769 else
770 iso_chan_del(sk, ECONNRESET);
771 break;
772
773 case BT_CONNECT2:
774 if (iso_pi(sk)->conn->hcon &&
775 (test_bit(HCI_CONN_PA_SYNC, &iso_pi(sk)->conn->hcon->flags) ||
776 test_bit(HCI_CONN_PA_SYNC_FAILED, &iso_pi(sk)->conn->hcon->flags)))
777 iso_sock_disconn(sk);
778 else
779 iso_chan_del(sk, ECONNRESET);
780 break;
781 case BT_DISCONN:
782 iso_chan_del(sk, ECONNRESET);
783 break;
784
785 default:
786 sock_set_flag(sk, SOCK_ZAPPED);
787 break;
788 }
789}
790
791/* Must be called on unlocked socket. */
792static void iso_sock_close(struct sock *sk)
793{
794 iso_sock_clear_timer(sk);
795 lock_sock(sk);
796 __iso_sock_close(sk);
797 release_sock(sk);
798 iso_sock_kill(sk);
799}
800
801static void iso_sock_init(struct sock *sk, struct sock *parent)
802{
803 BT_DBG("sk %p", sk);
804
805 if (parent) {
806 sk->sk_type = parent->sk_type;
807 bt_sk(sk)->flags = bt_sk(parent)->flags;
808 security_sk_clone(parent, sk);
809 }
810}
811
812static struct proto iso_proto = {
813 .name = "ISO",
814 .owner = THIS_MODULE,
815 .obj_size = sizeof(struct iso_pinfo)
816};
817
818#define DEFAULT_IO_QOS \
819{ \
820 .interval = 10000u, \
821 .latency = 10u, \
822 .sdu = 40u, \
823 .phy = BT_ISO_PHY_2M, \
824 .rtn = 2u, \
825}
826
827static struct bt_iso_qos default_qos = {
828 .bcast = {
829 .big = BT_ISO_QOS_BIG_UNSET,
830 .bis = BT_ISO_QOS_BIS_UNSET,
831 .sync_factor = 0x01,
832 .packing = 0x00,
833 .framing = 0x00,
834 .in = DEFAULT_IO_QOS,
835 .out = DEFAULT_IO_QOS,
836 .encryption = 0x00,
837 .bcode = {0x00},
838 .options = 0x00,
839 .skip = 0x0000,
840 .sync_timeout = 0x4000,
841 .sync_cte_type = 0x00,
842 .mse = 0x00,
843 .timeout = 0x4000,
844 },
845};
846
847static struct sock *iso_sock_alloc(struct net *net, struct socket *sock,
848 int proto, gfp_t prio, int kern)
849{
850 struct sock *sk;
851
852 sk = bt_sock_alloc(net, sock, &iso_proto, proto, prio, kern);
853 if (!sk)
854 return NULL;
855
856 sk->sk_destruct = iso_sock_destruct;
857 sk->sk_sndtimeo = ISO_CONN_TIMEOUT;
858
859 /* Set address type as public as default src address is BDADDR_ANY */
860 iso_pi(sk)->src_type = BDADDR_LE_PUBLIC;
861
862 iso_pi(sk)->qos = default_qos;
863
864 bt_sock_link(&iso_sk_list, sk);
865 return sk;
866}
867
868static int iso_sock_create(struct net *net, struct socket *sock, int protocol,
869 int kern)
870{
871 struct sock *sk;
872
873 BT_DBG("sock %p", sock);
874
875 sock->state = SS_UNCONNECTED;
876
877 if (sock->type != SOCK_SEQPACKET)
878 return -ESOCKTNOSUPPORT;
879
880 sock->ops = &iso_sock_ops;
881
882 sk = iso_sock_alloc(net, sock, protocol, GFP_ATOMIC, kern);
883 if (!sk)
884 return -ENOMEM;
885
886 iso_sock_init(sk, NULL);
887 return 0;
888}
889
890static int iso_sock_bind_bc(struct socket *sock, struct sockaddr *addr,
891 int addr_len)
892{
893 struct sockaddr_iso *sa = (struct sockaddr_iso *)addr;
894 struct sock *sk = sock->sk;
895 int i;
896
897 BT_DBG("sk %p bc_sid %u bc_num_bis %u", sk, sa->iso_bc->bc_sid,
898 sa->iso_bc->bc_num_bis);
899
900 if (addr_len != sizeof(*sa) + sizeof(*sa->iso_bc))
901 return -EINVAL;
902
903 bacpy(&iso_pi(sk)->dst, &sa->iso_bc->bc_bdaddr);
904
905 /* Check if the address type is of LE type */
906 if (!bdaddr_type_is_le(sa->iso_bc->bc_bdaddr_type))
907 return -EINVAL;
908
909 iso_pi(sk)->dst_type = sa->iso_bc->bc_bdaddr_type;
910 iso_pi(sk)->sync_handle = -1;
911
912 if (sa->iso_bc->bc_sid > 0x0f)
913 return -EINVAL;
914
915 iso_pi(sk)->bc_sid = sa->iso_bc->bc_sid;
916
917 if (sa->iso_bc->bc_num_bis > ISO_MAX_NUM_BIS)
918 return -EINVAL;
919
920 iso_pi(sk)->bc_num_bis = sa->iso_bc->bc_num_bis;
921
922 for (i = 0; i < iso_pi(sk)->bc_num_bis; i++)
923 if (sa->iso_bc->bc_bis[i] < 0x01 ||
924 sa->iso_bc->bc_bis[i] > 0x1f)
925 return -EINVAL;
926
927 memcpy(iso_pi(sk)->bc_bis, sa->iso_bc->bc_bis,
928 iso_pi(sk)->bc_num_bis);
929
930 return 0;
931}
932
933static int iso_sock_bind_pa_sk(struct sock *sk, struct sockaddr_iso *sa,
934 int addr_len)
935{
936 int err = 0;
937
938 if (sk->sk_type != SOCK_SEQPACKET) {
939 err = -EINVAL;
940 goto done;
941 }
942
943 if (addr_len != sizeof(*sa) + sizeof(*sa->iso_bc)) {
944 err = -EINVAL;
945 goto done;
946 }
947
948 if (sa->iso_bc->bc_num_bis > ISO_MAX_NUM_BIS) {
949 err = -EINVAL;
950 goto done;
951 }
952
953 iso_pi(sk)->bc_num_bis = sa->iso_bc->bc_num_bis;
954
955 for (int i = 0; i < iso_pi(sk)->bc_num_bis; i++)
956 if (sa->iso_bc->bc_bis[i] < 0x01 ||
957 sa->iso_bc->bc_bis[i] > 0x1f) {
958 err = -EINVAL;
959 goto done;
960 }
961
962 memcpy(iso_pi(sk)->bc_bis, sa->iso_bc->bc_bis,
963 iso_pi(sk)->bc_num_bis);
964
965done:
966 return err;
967}
968
969static int iso_sock_bind(struct socket *sock, struct sockaddr *addr,
970 int addr_len)
971{
972 struct sockaddr_iso *sa = (struct sockaddr_iso *)addr;
973 struct sock *sk = sock->sk;
974 int err = 0;
975
976 BT_DBG("sk %p %pMR type %u", sk, &sa->iso_bdaddr, sa->iso_bdaddr_type);
977
978 if (!addr || addr_len < sizeof(struct sockaddr_iso) ||
979 addr->sa_family != AF_BLUETOOTH)
980 return -EINVAL;
981
982 lock_sock(sk);
983
984 /* Allow the user to bind a PA sync socket to a number
985 * of BISes to sync to.
986 */
987 if (sk->sk_state == BT_CONNECT2 &&
988 test_bit(BT_SK_PA_SYNC, &iso_pi(sk)->flags)) {
989 err = iso_sock_bind_pa_sk(sk, sa, addr_len);
990 goto done;
991 }
992
993 if (sk->sk_state != BT_OPEN) {
994 err = -EBADFD;
995 goto done;
996 }
997
998 if (sk->sk_type != SOCK_SEQPACKET) {
999 err = -EINVAL;
1000 goto done;
1001 }
1002
1003 /* Check if the address type is of LE type */
1004 if (!bdaddr_type_is_le(sa->iso_bdaddr_type)) {
1005 err = -EINVAL;
1006 goto done;
1007 }
1008
1009 bacpy(&iso_pi(sk)->src, &sa->iso_bdaddr);
1010 iso_pi(sk)->src_type = sa->iso_bdaddr_type;
1011
1012 /* Check for Broadcast address */
1013 if (addr_len > sizeof(*sa)) {
1014 err = iso_sock_bind_bc(sock, addr, addr_len);
1015 if (err)
1016 goto done;
1017 }
1018
1019 sk->sk_state = BT_BOUND;
1020
1021done:
1022 release_sock(sk);
1023 return err;
1024}
1025
1026static int iso_sock_connect(struct socket *sock, struct sockaddr *addr,
1027 int alen, int flags)
1028{
1029 struct sockaddr_iso *sa = (struct sockaddr_iso *)addr;
1030 struct sock *sk = sock->sk;
1031 int err;
1032
1033 BT_DBG("sk %p", sk);
1034
1035 if (alen < sizeof(struct sockaddr_iso) ||
1036 addr->sa_family != AF_BLUETOOTH)
1037 return -EINVAL;
1038
1039 if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND)
1040 return -EBADFD;
1041
1042 if (sk->sk_type != SOCK_SEQPACKET)
1043 return -EINVAL;
1044
1045 /* Check if the address type is of LE type */
1046 if (!bdaddr_type_is_le(sa->iso_bdaddr_type))
1047 return -EINVAL;
1048
1049 lock_sock(sk);
1050
1051 bacpy(&iso_pi(sk)->dst, &sa->iso_bdaddr);
1052 iso_pi(sk)->dst_type = sa->iso_bdaddr_type;
1053
1054 release_sock(sk);
1055
1056 if (bacmp(&iso_pi(sk)->dst, BDADDR_ANY))
1057 err = iso_connect_cis(sk);
1058 else
1059 err = iso_connect_bis(sk);
1060
1061 if (err)
1062 return err;
1063
1064 lock_sock(sk);
1065
1066 if (!test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) {
1067 err = bt_sock_wait_state(sk, BT_CONNECTED,
1068 sock_sndtimeo(sk, flags & O_NONBLOCK));
1069 }
1070
1071 release_sock(sk);
1072 return err;
1073}
1074
1075static int iso_listen_bis(struct sock *sk)
1076{
1077 struct hci_dev *hdev;
1078 int err = 0;
1079
1080 BT_DBG("%pMR -> %pMR (SID 0x%2.2x)", &iso_pi(sk)->src,
1081 &iso_pi(sk)->dst, iso_pi(sk)->bc_sid);
1082
1083 write_lock(&iso_sk_list.lock);
1084
1085 if (__iso_get_sock_listen_by_sid(&iso_pi(sk)->src, &iso_pi(sk)->dst,
1086 iso_pi(sk)->bc_sid))
1087 err = -EADDRINUSE;
1088
1089 write_unlock(&iso_sk_list.lock);
1090
1091 if (err)
1092 return err;
1093
1094 hdev = hci_get_route(&iso_pi(sk)->dst, &iso_pi(sk)->src,
1095 iso_pi(sk)->src_type);
1096 if (!hdev)
1097 return -EHOSTUNREACH;
1098
1099 /* Fail if user set invalid QoS */
1100 if (iso_pi(sk)->qos_user_set && !check_bcast_qos(&iso_pi(sk)->qos)) {
1101 iso_pi(sk)->qos = default_qos;
1102 return -EINVAL;
1103 }
1104
1105 err = hci_pa_create_sync(hdev, &iso_pi(sk)->dst,
1106 le_addr_type(iso_pi(sk)->dst_type),
1107 iso_pi(sk)->bc_sid, &iso_pi(sk)->qos);
1108
1109 hci_dev_put(hdev);
1110
1111 return err;
1112}
1113
1114static int iso_listen_cis(struct sock *sk)
1115{
1116 int err = 0;
1117
1118 BT_DBG("%pMR", &iso_pi(sk)->src);
1119
1120 write_lock(&iso_sk_list.lock);
1121
1122 if (__iso_get_sock_listen_by_addr(&iso_pi(sk)->src, &iso_pi(sk)->dst))
1123 err = -EADDRINUSE;
1124
1125 write_unlock(&iso_sk_list.lock);
1126
1127 return err;
1128}
1129
1130static int iso_sock_listen(struct socket *sock, int backlog)
1131{
1132 struct sock *sk = sock->sk;
1133 int err = 0;
1134
1135 BT_DBG("sk %p backlog %d", sk, backlog);
1136
1137 lock_sock(sk);
1138
1139 if (sk->sk_state != BT_BOUND) {
1140 err = -EBADFD;
1141 goto done;
1142 }
1143
1144 if (sk->sk_type != SOCK_SEQPACKET) {
1145 err = -EINVAL;
1146 goto done;
1147 }
1148
1149 if (!bacmp(&iso_pi(sk)->dst, BDADDR_ANY))
1150 err = iso_listen_cis(sk);
1151 else
1152 err = iso_listen_bis(sk);
1153
1154 if (err)
1155 goto done;
1156
1157 sk->sk_max_ack_backlog = backlog;
1158 sk->sk_ack_backlog = 0;
1159
1160 sk->sk_state = BT_LISTEN;
1161
1162done:
1163 release_sock(sk);
1164 return err;
1165}
1166
1167static int iso_sock_accept(struct socket *sock, struct socket *newsock,
1168 int flags, bool kern)
1169{
1170 DEFINE_WAIT_FUNC(wait, woken_wake_function);
1171 struct sock *sk = sock->sk, *ch;
1172 long timeo;
1173 int err = 0;
1174
1175 lock_sock(sk);
1176
1177 timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK);
1178
1179 BT_DBG("sk %p timeo %ld", sk, timeo);
1180
1181 /* Wait for an incoming connection. (wake-one). */
1182 add_wait_queue_exclusive(sk_sleep(sk), &wait);
1183 while (1) {
1184 if (sk->sk_state != BT_LISTEN) {
1185 err = -EBADFD;
1186 break;
1187 }
1188
1189 ch = bt_accept_dequeue(sk, newsock);
1190 if (ch)
1191 break;
1192
1193 if (!timeo) {
1194 err = -EAGAIN;
1195 break;
1196 }
1197
1198 if (signal_pending(current)) {
1199 err = sock_intr_errno(timeo);
1200 break;
1201 }
1202
1203 release_sock(sk);
1204
1205 timeo = wait_woken(&wait, TASK_INTERRUPTIBLE, timeo);
1206 lock_sock(sk);
1207 }
1208 remove_wait_queue(sk_sleep(sk), &wait);
1209
1210 if (err)
1211 goto done;
1212
1213 newsock->state = SS_CONNECTED;
1214
1215 BT_DBG("new socket %p", ch);
1216
1217done:
1218 release_sock(sk);
1219 return err;
1220}
1221
1222static int iso_sock_getname(struct socket *sock, struct sockaddr *addr,
1223 int peer)
1224{
1225 struct sockaddr_iso *sa = (struct sockaddr_iso *)addr;
1226 struct sock *sk = sock->sk;
1227
1228 BT_DBG("sock %p, sk %p", sock, sk);
1229
1230 addr->sa_family = AF_BLUETOOTH;
1231
1232 if (peer) {
1233 bacpy(&sa->iso_bdaddr, &iso_pi(sk)->dst);
1234 sa->iso_bdaddr_type = iso_pi(sk)->dst_type;
1235 } else {
1236 bacpy(&sa->iso_bdaddr, &iso_pi(sk)->src);
1237 sa->iso_bdaddr_type = iso_pi(sk)->src_type;
1238 }
1239
1240 return sizeof(struct sockaddr_iso);
1241}
1242
1243static int iso_sock_sendmsg(struct socket *sock, struct msghdr *msg,
1244 size_t len)
1245{
1246 struct sock *sk = sock->sk;
1247 struct sk_buff *skb, **frag;
1248 size_t mtu;
1249 int err;
1250
1251 BT_DBG("sock %p, sk %p", sock, sk);
1252
1253 err = sock_error(sk);
1254 if (err)
1255 return err;
1256
1257 if (msg->msg_flags & MSG_OOB)
1258 return -EOPNOTSUPP;
1259
1260 lock_sock(sk);
1261
1262 if (sk->sk_state != BT_CONNECTED) {
1263 release_sock(sk);
1264 return -ENOTCONN;
1265 }
1266
1267 mtu = iso_pi(sk)->conn->hcon->hdev->iso_mtu;
1268
1269 release_sock(sk);
1270
1271 skb = bt_skb_sendmsg(sk, msg, len, mtu, HCI_ISO_DATA_HDR_SIZE, 0);
1272 if (IS_ERR(skb))
1273 return PTR_ERR(skb);
1274
1275 len -= skb->len;
1276
1277 BT_DBG("skb %p len %d", sk, skb->len);
1278
1279 /* Continuation fragments */
1280 frag = &skb_shinfo(skb)->frag_list;
1281 while (len) {
1282 struct sk_buff *tmp;
1283
1284 tmp = bt_skb_sendmsg(sk, msg, len, mtu, 0, 0);
1285 if (IS_ERR(tmp)) {
1286 kfree_skb(skb);
1287 return PTR_ERR(tmp);
1288 }
1289
1290 *frag = tmp;
1291
1292 len -= tmp->len;
1293
1294 skb->len += tmp->len;
1295 skb->data_len += tmp->len;
1296
1297 BT_DBG("frag %p len %d", *frag, tmp->len);
1298
1299 frag = &(*frag)->next;
1300 }
1301
1302 lock_sock(sk);
1303
1304 if (sk->sk_state == BT_CONNECTED)
1305 err = iso_send_frame(sk, skb);
1306 else
1307 err = -ENOTCONN;
1308
1309 release_sock(sk);
1310
1311 if (err < 0)
1312 kfree_skb(skb);
1313 return err;
1314}
1315
1316static void iso_conn_defer_accept(struct hci_conn *conn)
1317{
1318 struct hci_cp_le_accept_cis cp;
1319 struct hci_dev *hdev = conn->hdev;
1320
1321 BT_DBG("conn %p", conn);
1322
1323 conn->state = BT_CONFIG;
1324
1325 cp.handle = cpu_to_le16(conn->handle);
1326
1327 hci_send_cmd(hdev, HCI_OP_LE_ACCEPT_CIS, sizeof(cp), &cp);
1328}
1329
1330static void iso_conn_big_sync(struct sock *sk)
1331{
1332 int err;
1333 struct hci_dev *hdev;
1334
1335 hdev = hci_get_route(&iso_pi(sk)->dst, &iso_pi(sk)->src,
1336 iso_pi(sk)->src_type);
1337
1338 if (!hdev)
1339 return;
1340
1341 if (!test_and_set_bit(BT_SK_BIG_SYNC, &iso_pi(sk)->flags)) {
1342 err = hci_le_big_create_sync(hdev, iso_pi(sk)->conn->hcon,
1343 &iso_pi(sk)->qos,
1344 iso_pi(sk)->sync_handle,
1345 iso_pi(sk)->bc_num_bis,
1346 iso_pi(sk)->bc_bis);
1347 if (err)
1348 bt_dev_err(hdev, "hci_le_big_create_sync: %d",
1349 err);
1350 }
1351}
1352
1353static int iso_sock_recvmsg(struct socket *sock, struct msghdr *msg,
1354 size_t len, int flags)
1355{
1356 struct sock *sk = sock->sk;
1357 struct iso_pinfo *pi = iso_pi(sk);
1358
1359 BT_DBG("sk %p", sk);
1360
1361 if (test_and_clear_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) {
1362 lock_sock(sk);
1363 switch (sk->sk_state) {
1364 case BT_CONNECT2:
1365 if (pi->conn->hcon &&
1366 test_bit(HCI_CONN_PA_SYNC, &pi->conn->hcon->flags)) {
1367 iso_conn_big_sync(sk);
1368 sk->sk_state = BT_LISTEN;
1369 } else {
1370 iso_conn_defer_accept(pi->conn->hcon);
1371 sk->sk_state = BT_CONFIG;
1372 }
1373 release_sock(sk);
1374 return 0;
1375 case BT_CONNECT:
1376 release_sock(sk);
1377 return iso_connect_cis(sk);
1378 default:
1379 release_sock(sk);
1380 break;
1381 }
1382 }
1383
1384 return bt_sock_recvmsg(sock, msg, len, flags);
1385}
1386
1387static bool check_io_qos(struct bt_iso_io_qos *qos)
1388{
1389 /* If no PHY is enable SDU must be 0 */
1390 if (!qos->phy && qos->sdu)
1391 return false;
1392
1393 if (qos->interval && (qos->interval < 0xff || qos->interval > 0xfffff))
1394 return false;
1395
1396 if (qos->latency && (qos->latency < 0x05 || qos->latency > 0xfa0))
1397 return false;
1398
1399 if (qos->phy > BT_ISO_PHY_ANY)
1400 return false;
1401
1402 return true;
1403}
1404
1405static bool check_ucast_qos(struct bt_iso_qos *qos)
1406{
1407 if (qos->ucast.cig > 0xef && qos->ucast.cig != BT_ISO_QOS_CIG_UNSET)
1408 return false;
1409
1410 if (qos->ucast.cis > 0xef && qos->ucast.cis != BT_ISO_QOS_CIS_UNSET)
1411 return false;
1412
1413 if (qos->ucast.sca > 0x07)
1414 return false;
1415
1416 if (qos->ucast.packing > 0x01)
1417 return false;
1418
1419 if (qos->ucast.framing > 0x01)
1420 return false;
1421
1422 if (!check_io_qos(&qos->ucast.in))
1423 return false;
1424
1425 if (!check_io_qos(&qos->ucast.out))
1426 return false;
1427
1428 return true;
1429}
1430
1431static bool check_bcast_qos(struct bt_iso_qos *qos)
1432{
1433 if (qos->bcast.sync_factor == 0x00)
1434 return false;
1435
1436 if (qos->bcast.packing > 0x01)
1437 return false;
1438
1439 if (qos->bcast.framing > 0x01)
1440 return false;
1441
1442 if (!check_io_qos(&qos->bcast.in))
1443 return false;
1444
1445 if (!check_io_qos(&qos->bcast.out))
1446 return false;
1447
1448 if (qos->bcast.encryption > 0x01)
1449 return false;
1450
1451 if (qos->bcast.options > 0x07)
1452 return false;
1453
1454 if (qos->bcast.skip > 0x01f3)
1455 return false;
1456
1457 if (qos->bcast.sync_timeout < 0x000a || qos->bcast.sync_timeout > 0x4000)
1458 return false;
1459
1460 if (qos->bcast.sync_cte_type > 0x1f)
1461 return false;
1462
1463 if (qos->bcast.mse > 0x1f)
1464 return false;
1465
1466 if (qos->bcast.timeout < 0x000a || qos->bcast.timeout > 0x4000)
1467 return false;
1468
1469 return true;
1470}
1471
1472static int iso_sock_setsockopt(struct socket *sock, int level, int optname,
1473 sockptr_t optval, unsigned int optlen)
1474{
1475 struct sock *sk = sock->sk;
1476 int len, err = 0;
1477 struct bt_iso_qos qos = default_qos;
1478 u32 opt;
1479
1480 BT_DBG("sk %p", sk);
1481
1482 lock_sock(sk);
1483
1484 switch (optname) {
1485 case BT_DEFER_SETUP:
1486 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
1487 err = -EINVAL;
1488 break;
1489 }
1490
1491 if (copy_from_sockptr(&opt, optval, sizeof(u32))) {
1492 err = -EFAULT;
1493 break;
1494 }
1495
1496 if (opt)
1497 set_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
1498 else
1499 clear_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
1500 break;
1501
1502 case BT_PKT_STATUS:
1503 if (copy_from_sockptr(&opt, optval, sizeof(u32))) {
1504 err = -EFAULT;
1505 break;
1506 }
1507
1508 if (opt)
1509 set_bit(BT_SK_PKT_STATUS, &bt_sk(sk)->flags);
1510 else
1511 clear_bit(BT_SK_PKT_STATUS, &bt_sk(sk)->flags);
1512 break;
1513
1514 case BT_ISO_QOS:
1515 if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND &&
1516 sk->sk_state != BT_CONNECT2) {
1517 err = -EINVAL;
1518 break;
1519 }
1520
1521 len = min_t(unsigned int, sizeof(qos), optlen);
1522
1523 if (copy_from_sockptr(&qos, optval, len)) {
1524 err = -EFAULT;
1525 break;
1526 }
1527
1528 if (len == sizeof(qos.ucast) && !check_ucast_qos(&qos)) {
1529 err = -EINVAL;
1530 break;
1531 }
1532
1533 iso_pi(sk)->qos = qos;
1534 iso_pi(sk)->qos_user_set = true;
1535
1536 break;
1537
1538 case BT_ISO_BASE:
1539 if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND &&
1540 sk->sk_state != BT_CONNECT2) {
1541 err = -EINVAL;
1542 break;
1543 }
1544
1545 if (optlen > sizeof(iso_pi(sk)->base)) {
1546 err = -EOVERFLOW;
1547 break;
1548 }
1549
1550 len = min_t(unsigned int, sizeof(iso_pi(sk)->base), optlen);
1551
1552 if (copy_from_sockptr(iso_pi(sk)->base, optval, len)) {
1553 err = -EFAULT;
1554 break;
1555 }
1556
1557 iso_pi(sk)->base_len = len;
1558
1559 break;
1560
1561 default:
1562 err = -ENOPROTOOPT;
1563 break;
1564 }
1565
1566 release_sock(sk);
1567 return err;
1568}
1569
1570static int iso_sock_getsockopt(struct socket *sock, int level, int optname,
1571 char __user *optval, int __user *optlen)
1572{
1573 struct sock *sk = sock->sk;
1574 int len, err = 0;
1575 struct bt_iso_qos *qos;
1576 u8 base_len;
1577 u8 *base;
1578
1579 BT_DBG("sk %p", sk);
1580
1581 if (get_user(len, optlen))
1582 return -EFAULT;
1583
1584 lock_sock(sk);
1585
1586 switch (optname) {
1587 case BT_DEFER_SETUP:
1588 if (sk->sk_state == BT_CONNECTED) {
1589 err = -EINVAL;
1590 break;
1591 }
1592
1593 if (put_user(test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags),
1594 (u32 __user *)optval))
1595 err = -EFAULT;
1596
1597 break;
1598
1599 case BT_PKT_STATUS:
1600 if (put_user(test_bit(BT_SK_PKT_STATUS, &bt_sk(sk)->flags),
1601 (int __user *)optval))
1602 err = -EFAULT;
1603 break;
1604
1605 case BT_ISO_QOS:
1606 qos = iso_sock_get_qos(sk);
1607
1608 len = min_t(unsigned int, len, sizeof(*qos));
1609 if (copy_to_user(optval, qos, len))
1610 err = -EFAULT;
1611
1612 break;
1613
1614 case BT_ISO_BASE:
1615 if (sk->sk_state == BT_CONNECTED &&
1616 !bacmp(&iso_pi(sk)->dst, BDADDR_ANY)) {
1617 base_len = iso_pi(sk)->conn->hcon->le_per_adv_data_len;
1618 base = iso_pi(sk)->conn->hcon->le_per_adv_data;
1619 } else {
1620 base_len = iso_pi(sk)->base_len;
1621 base = iso_pi(sk)->base;
1622 }
1623
1624 len = min_t(unsigned int, len, base_len);
1625 if (copy_to_user(optval, base, len))
1626 err = -EFAULT;
1627 if (put_user(len, optlen))
1628 err = -EFAULT;
1629
1630 break;
1631
1632 default:
1633 err = -ENOPROTOOPT;
1634 break;
1635 }
1636
1637 release_sock(sk);
1638 return err;
1639}
1640
1641static int iso_sock_shutdown(struct socket *sock, int how)
1642{
1643 struct sock *sk = sock->sk;
1644 int err = 0;
1645
1646 BT_DBG("sock %p, sk %p, how %d", sock, sk, how);
1647
1648 if (!sk)
1649 return 0;
1650
1651 sock_hold(sk);
1652 lock_sock(sk);
1653
1654 switch (how) {
1655 case SHUT_RD:
1656 if (sk->sk_shutdown & RCV_SHUTDOWN)
1657 goto unlock;
1658 sk->sk_shutdown |= RCV_SHUTDOWN;
1659 break;
1660 case SHUT_WR:
1661 if (sk->sk_shutdown & SEND_SHUTDOWN)
1662 goto unlock;
1663 sk->sk_shutdown |= SEND_SHUTDOWN;
1664 break;
1665 case SHUT_RDWR:
1666 if (sk->sk_shutdown & SHUTDOWN_MASK)
1667 goto unlock;
1668 sk->sk_shutdown |= SHUTDOWN_MASK;
1669 break;
1670 }
1671
1672 iso_sock_clear_timer(sk);
1673 __iso_sock_close(sk);
1674
1675 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime &&
1676 !(current->flags & PF_EXITING))
1677 err = bt_sock_wait_state(sk, BT_CLOSED, sk->sk_lingertime);
1678
1679unlock:
1680 release_sock(sk);
1681 sock_put(sk);
1682
1683 return err;
1684}
1685
1686static int iso_sock_release(struct socket *sock)
1687{
1688 struct sock *sk = sock->sk;
1689 int err = 0;
1690
1691 BT_DBG("sock %p, sk %p", sock, sk);
1692
1693 if (!sk)
1694 return 0;
1695
1696 iso_sock_close(sk);
1697
1698 if (sock_flag(sk, SOCK_LINGER) && READ_ONCE(sk->sk_lingertime) &&
1699 !(current->flags & PF_EXITING)) {
1700 lock_sock(sk);
1701 err = bt_sock_wait_state(sk, BT_CLOSED, sk->sk_lingertime);
1702 release_sock(sk);
1703 }
1704
1705 sock_orphan(sk);
1706 iso_sock_kill(sk);
1707 return err;
1708}
1709
1710static void iso_sock_ready(struct sock *sk)
1711{
1712 BT_DBG("sk %p", sk);
1713
1714 if (!sk)
1715 return;
1716
1717 lock_sock(sk);
1718 iso_sock_clear_timer(sk);
1719 sk->sk_state = BT_CONNECTED;
1720 sk->sk_state_change(sk);
1721 release_sock(sk);
1722}
1723
1724struct iso_list_data {
1725 struct hci_conn *hcon;
1726 int count;
1727};
1728
1729static bool iso_match_big(struct sock *sk, void *data)
1730{
1731 struct hci_evt_le_big_sync_estabilished *ev = data;
1732
1733 return ev->handle == iso_pi(sk)->qos.bcast.big;
1734}
1735
1736static bool iso_match_pa_sync_flag(struct sock *sk, void *data)
1737{
1738 return test_bit(BT_SK_PA_SYNC, &iso_pi(sk)->flags);
1739}
1740
1741static void iso_conn_ready(struct iso_conn *conn)
1742{
1743 struct sock *parent = NULL;
1744 struct sock *sk = conn->sk;
1745 struct hci_ev_le_big_sync_estabilished *ev = NULL;
1746 struct hci_ev_le_pa_sync_established *ev2 = NULL;
1747 struct hci_evt_le_big_info_adv_report *ev3 = NULL;
1748 struct hci_conn *hcon;
1749
1750 BT_DBG("conn %p", conn);
1751
1752 if (sk) {
1753 iso_sock_ready(conn->sk);
1754 } else {
1755 hcon = conn->hcon;
1756 if (!hcon)
1757 return;
1758
1759 if (test_bit(HCI_CONN_BIG_SYNC, &hcon->flags) ||
1760 test_bit(HCI_CONN_BIG_SYNC_FAILED, &hcon->flags)) {
1761 ev = hci_recv_event_data(hcon->hdev,
1762 HCI_EVT_LE_BIG_SYNC_ESTABILISHED);
1763
1764 /* Get reference to PA sync parent socket, if it exists */
1765 parent = iso_get_sock_listen(&hcon->src,
1766 &hcon->dst,
1767 iso_match_pa_sync_flag, NULL);
1768 if (!parent && ev)
1769 parent = iso_get_sock_listen(&hcon->src,
1770 &hcon->dst,
1771 iso_match_big, ev);
1772 } else if (test_bit(HCI_CONN_PA_SYNC_FAILED, &hcon->flags)) {
1773 ev2 = hci_recv_event_data(hcon->hdev,
1774 HCI_EV_LE_PA_SYNC_ESTABLISHED);
1775 if (ev2)
1776 parent = iso_get_sock_listen(&hcon->src,
1777 &hcon->dst,
1778 iso_match_sid, ev2);
1779 } else if (test_bit(HCI_CONN_PA_SYNC, &hcon->flags)) {
1780 ev3 = hci_recv_event_data(hcon->hdev,
1781 HCI_EVT_LE_BIG_INFO_ADV_REPORT);
1782 if (ev3)
1783 parent = iso_get_sock_listen(&hcon->src,
1784 &hcon->dst,
1785 iso_match_sync_handle, ev3);
1786 }
1787
1788 if (!parent)
1789 parent = iso_get_sock_listen(&hcon->src,
1790 BDADDR_ANY, NULL, NULL);
1791
1792 if (!parent)
1793 return;
1794
1795 lock_sock(parent);
1796
1797 sk = iso_sock_alloc(sock_net(parent), NULL,
1798 BTPROTO_ISO, GFP_ATOMIC, 0);
1799 if (!sk) {
1800 release_sock(parent);
1801 return;
1802 }
1803
1804 iso_sock_init(sk, parent);
1805
1806 bacpy(&iso_pi(sk)->src, &hcon->src);
1807
1808 /* Convert from HCI to three-value type */
1809 if (hcon->src_type == ADDR_LE_DEV_PUBLIC)
1810 iso_pi(sk)->src_type = BDADDR_LE_PUBLIC;
1811 else
1812 iso_pi(sk)->src_type = BDADDR_LE_RANDOM;
1813
1814 /* If hcon has no destination address (BDADDR_ANY) it means it
1815 * was created by HCI_EV_LE_BIG_SYNC_ESTABILISHED or
1816 * HCI_EV_LE_PA_SYNC_ESTABLISHED so we need to initialize using
1817 * the parent socket destination address.
1818 */
1819 if (!bacmp(&hcon->dst, BDADDR_ANY)) {
1820 bacpy(&hcon->dst, &iso_pi(parent)->dst);
1821 hcon->dst_type = iso_pi(parent)->dst_type;
1822 hcon->sync_handle = iso_pi(parent)->sync_handle;
1823 }
1824
1825 if (ev3) {
1826 iso_pi(sk)->qos = iso_pi(parent)->qos;
1827 iso_pi(sk)->qos.bcast.encryption = ev3->encryption;
1828 hcon->iso_qos = iso_pi(sk)->qos;
1829 iso_pi(sk)->bc_num_bis = iso_pi(parent)->bc_num_bis;
1830 memcpy(iso_pi(sk)->bc_bis, iso_pi(parent)->bc_bis, ISO_MAX_NUM_BIS);
1831 set_bit(BT_SK_PA_SYNC, &iso_pi(sk)->flags);
1832 }
1833
1834 bacpy(&iso_pi(sk)->dst, &hcon->dst);
1835 iso_pi(sk)->dst_type = hcon->dst_type;
1836 iso_pi(sk)->sync_handle = iso_pi(parent)->sync_handle;
1837 memcpy(iso_pi(sk)->base, iso_pi(parent)->base, iso_pi(parent)->base_len);
1838 iso_pi(sk)->base_len = iso_pi(parent)->base_len;
1839
1840 hci_conn_hold(hcon);
1841 iso_chan_add(conn, sk, parent);
1842
1843 if ((ev && ((struct hci_evt_le_big_sync_estabilished *)ev)->status) ||
1844 (ev2 && ev2->status)) {
1845 /* Trigger error signal on child socket */
1846 sk->sk_err = ECONNREFUSED;
1847 sk->sk_error_report(sk);
1848 }
1849
1850 if (test_bit(BT_SK_DEFER_SETUP, &bt_sk(parent)->flags))
1851 sk->sk_state = BT_CONNECT2;
1852 else
1853 sk->sk_state = BT_CONNECTED;
1854
1855 /* Wake up parent */
1856 parent->sk_data_ready(parent);
1857
1858 release_sock(parent);
1859 sock_put(parent);
1860 }
1861}
1862
1863static bool iso_match_sid(struct sock *sk, void *data)
1864{
1865 struct hci_ev_le_pa_sync_established *ev = data;
1866
1867 return ev->sid == iso_pi(sk)->bc_sid;
1868}
1869
1870static bool iso_match_sync_handle(struct sock *sk, void *data)
1871{
1872 struct hci_evt_le_big_info_adv_report *ev = data;
1873
1874 return le16_to_cpu(ev->sync_handle) == iso_pi(sk)->sync_handle;
1875}
1876
1877static bool iso_match_sync_handle_pa_report(struct sock *sk, void *data)
1878{
1879 struct hci_ev_le_per_adv_report *ev = data;
1880
1881 return le16_to_cpu(ev->sync_handle) == iso_pi(sk)->sync_handle;
1882}
1883
1884/* ----- ISO interface with lower layer (HCI) ----- */
1885
1886int iso_connect_ind(struct hci_dev *hdev, bdaddr_t *bdaddr, __u8 *flags)
1887{
1888 struct hci_ev_le_pa_sync_established *ev1;
1889 struct hci_evt_le_big_info_adv_report *ev2;
1890 struct hci_ev_le_per_adv_report *ev3;
1891 struct sock *sk;
1892 int lm = 0;
1893
1894 bt_dev_dbg(hdev, "bdaddr %pMR", bdaddr);
1895
1896 /* Broadcast receiver requires handling of some events before it can
1897 * proceed to establishing a BIG sync:
1898 *
1899 * 1. HCI_EV_LE_PA_SYNC_ESTABLISHED: The socket may specify a specific
1900 * SID to listen to and once sync is estabilished its handle needs to
1901 * be stored in iso_pi(sk)->sync_handle so it can be matched once
1902 * receiving the BIG Info.
1903 * 2. HCI_EVT_LE_BIG_INFO_ADV_REPORT: When connect_ind is triggered by a
1904 * a BIG Info it attempts to check if there any listening socket with
1905 * the same sync_handle and if it does then attempt to create a sync.
1906 * 3. HCI_EV_LE_PER_ADV_REPORT: When a PA report is received, it is stored
1907 * in iso_pi(sk)->base so it can be passed up to user, in the case of a
1908 * broadcast sink.
1909 */
1910 ev1 = hci_recv_event_data(hdev, HCI_EV_LE_PA_SYNC_ESTABLISHED);
1911 if (ev1) {
1912 sk = iso_get_sock_listen(&hdev->bdaddr, bdaddr, iso_match_sid,
1913 ev1);
1914 if (sk && !ev1->status)
1915 iso_pi(sk)->sync_handle = le16_to_cpu(ev1->handle);
1916
1917 goto done;
1918 }
1919
1920 ev2 = hci_recv_event_data(hdev, HCI_EVT_LE_BIG_INFO_ADV_REPORT);
1921 if (ev2) {
1922 /* Try to get PA sync listening socket, if it exists */
1923 sk = iso_get_sock_listen(&hdev->bdaddr, bdaddr,
1924 iso_match_pa_sync_flag, NULL);
1925
1926 if (!sk) {
1927 sk = iso_get_sock_listen(&hdev->bdaddr, bdaddr,
1928 iso_match_sync_handle, ev2);
1929
1930 /* If PA Sync is in process of terminating,
1931 * do not handle any more BIGInfo adv reports.
1932 */
1933
1934 if (sk && test_bit(BT_SK_PA_SYNC_TERM,
1935 &iso_pi(sk)->flags))
1936 return lm;
1937 }
1938
1939 if (sk) {
1940 int err;
1941
1942 if (ev2->num_bis < iso_pi(sk)->bc_num_bis)
1943 iso_pi(sk)->bc_num_bis = ev2->num_bis;
1944
1945 if (!test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags) &&
1946 !test_and_set_bit(BT_SK_BIG_SYNC, &iso_pi(sk)->flags)) {
1947 err = hci_le_big_create_sync(hdev, NULL,
1948 &iso_pi(sk)->qos,
1949 iso_pi(sk)->sync_handle,
1950 iso_pi(sk)->bc_num_bis,
1951 iso_pi(sk)->bc_bis);
1952 if (err) {
1953 bt_dev_err(hdev, "hci_le_big_create_sync: %d",
1954 err);
1955 sock_put(sk);
1956 sk = NULL;
1957 }
1958 }
1959 }
1960 }
1961
1962 ev3 = hci_recv_event_data(hdev, HCI_EV_LE_PER_ADV_REPORT);
1963 if (ev3) {
1964 size_t base_len = ev3->length;
1965 u8 *base;
1966
1967 sk = iso_get_sock_listen(&hdev->bdaddr, bdaddr,
1968 iso_match_sync_handle_pa_report, ev3);
1969 base = eir_get_service_data(ev3->data, ev3->length,
1970 EIR_BAA_SERVICE_UUID, &base_len);
1971 if (base && sk && base_len <= sizeof(iso_pi(sk)->base)) {
1972 memcpy(iso_pi(sk)->base, base, base_len);
1973 iso_pi(sk)->base_len = base_len;
1974 }
1975 } else {
1976 sk = iso_get_sock_listen(&hdev->bdaddr, BDADDR_ANY, NULL, NULL);
1977 }
1978
1979done:
1980 if (!sk)
1981 return lm;
1982
1983 lm |= HCI_LM_ACCEPT;
1984
1985 if (test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags))
1986 *flags |= HCI_PROTO_DEFER;
1987
1988 sock_put(sk);
1989
1990 return lm;
1991}
1992
1993static void iso_connect_cfm(struct hci_conn *hcon, __u8 status)
1994{
1995 if (hcon->type != ISO_LINK) {
1996 if (hcon->type != LE_LINK)
1997 return;
1998
1999 /* Check if LE link has failed */
2000 if (status) {
2001 struct hci_link *link, *t;
2002
2003 list_for_each_entry_safe(link, t, &hcon->link_list,
2004 list)
2005 iso_conn_del(link->conn, bt_to_errno(status));
2006
2007 return;
2008 }
2009
2010 /* Create CIS if pending */
2011 hci_le_create_cis_pending(hcon->hdev);
2012 return;
2013 }
2014
2015 BT_DBG("hcon %p bdaddr %pMR status %d", hcon, &hcon->dst, status);
2016
2017 /* Similar to the success case, if HCI_CONN_BIG_SYNC_FAILED or
2018 * HCI_CONN_PA_SYNC_FAILED is set, queue the failed connection
2019 * into the accept queue of the listening socket and wake up
2020 * userspace, to inform the user about the event.
2021 */
2022 if (!status || test_bit(HCI_CONN_BIG_SYNC_FAILED, &hcon->flags) ||
2023 test_bit(HCI_CONN_PA_SYNC_FAILED, &hcon->flags)) {
2024 struct iso_conn *conn;
2025
2026 conn = iso_conn_add(hcon);
2027 if (conn)
2028 iso_conn_ready(conn);
2029 } else {
2030 iso_conn_del(hcon, bt_to_errno(status));
2031 }
2032}
2033
2034static void iso_disconn_cfm(struct hci_conn *hcon, __u8 reason)
2035{
2036 if (hcon->type != ISO_LINK)
2037 return;
2038
2039 BT_DBG("hcon %p reason %d", hcon, reason);
2040
2041 iso_conn_del(hcon, bt_to_errno(reason));
2042}
2043
2044void iso_recv(struct hci_conn *hcon, struct sk_buff *skb, u16 flags)
2045{
2046 struct iso_conn *conn = hcon->iso_data;
2047 __u16 pb, ts, len;
2048
2049 if (!conn)
2050 goto drop;
2051
2052 pb = hci_iso_flags_pb(flags);
2053 ts = hci_iso_flags_ts(flags);
2054
2055 BT_DBG("conn %p len %d pb 0x%x ts 0x%x", conn, skb->len, pb, ts);
2056
2057 switch (pb) {
2058 case ISO_START:
2059 case ISO_SINGLE:
2060 if (conn->rx_len) {
2061 BT_ERR("Unexpected start frame (len %d)", skb->len);
2062 kfree_skb(conn->rx_skb);
2063 conn->rx_skb = NULL;
2064 conn->rx_len = 0;
2065 }
2066
2067 if (ts) {
2068 struct hci_iso_ts_data_hdr *hdr;
2069
2070 /* TODO: add timestamp to the packet? */
2071 hdr = skb_pull_data(skb, HCI_ISO_TS_DATA_HDR_SIZE);
2072 if (!hdr) {
2073 BT_ERR("Frame is too short (len %d)", skb->len);
2074 goto drop;
2075 }
2076
2077 len = __le16_to_cpu(hdr->slen);
2078 } else {
2079 struct hci_iso_data_hdr *hdr;
2080
2081 hdr = skb_pull_data(skb, HCI_ISO_DATA_HDR_SIZE);
2082 if (!hdr) {
2083 BT_ERR("Frame is too short (len %d)", skb->len);
2084 goto drop;
2085 }
2086
2087 len = __le16_to_cpu(hdr->slen);
2088 }
2089
2090 flags = hci_iso_data_flags(len);
2091 len = hci_iso_data_len(len);
2092
2093 BT_DBG("Start: total len %d, frag len %d flags 0x%4.4x", len,
2094 skb->len, flags);
2095
2096 if (len == skb->len) {
2097 /* Complete frame received */
2098 hci_skb_pkt_status(skb) = flags & 0x03;
2099 iso_recv_frame(conn, skb);
2100 return;
2101 }
2102
2103 if (pb == ISO_SINGLE) {
2104 BT_ERR("Frame malformed (len %d, expected len %d)",
2105 skb->len, len);
2106 goto drop;
2107 }
2108
2109 if (skb->len > len) {
2110 BT_ERR("Frame is too long (len %d, expected len %d)",
2111 skb->len, len);
2112 goto drop;
2113 }
2114
2115 /* Allocate skb for the complete frame (with header) */
2116 conn->rx_skb = bt_skb_alloc(len, GFP_KERNEL);
2117 if (!conn->rx_skb)
2118 goto drop;
2119
2120 hci_skb_pkt_status(conn->rx_skb) = flags & 0x03;
2121 skb_copy_from_linear_data(skb, skb_put(conn->rx_skb, skb->len),
2122 skb->len);
2123 conn->rx_len = len - skb->len;
2124 break;
2125
2126 case ISO_CONT:
2127 BT_DBG("Cont: frag len %d (expecting %d)", skb->len,
2128 conn->rx_len);
2129
2130 if (!conn->rx_len) {
2131 BT_ERR("Unexpected continuation frame (len %d)",
2132 skb->len);
2133 goto drop;
2134 }
2135
2136 if (skb->len > conn->rx_len) {
2137 BT_ERR("Fragment is too long (len %d, expected %d)",
2138 skb->len, conn->rx_len);
2139 kfree_skb(conn->rx_skb);
2140 conn->rx_skb = NULL;
2141 conn->rx_len = 0;
2142 goto drop;
2143 }
2144
2145 skb_copy_from_linear_data(skb, skb_put(conn->rx_skb, skb->len),
2146 skb->len);
2147 conn->rx_len -= skb->len;
2148 return;
2149
2150 case ISO_END:
2151 skb_copy_from_linear_data(skb, skb_put(conn->rx_skb, skb->len),
2152 skb->len);
2153 conn->rx_len -= skb->len;
2154
2155 if (!conn->rx_len) {
2156 struct sk_buff *rx_skb = conn->rx_skb;
2157
2158 /* Complete frame received. iso_recv_frame
2159 * takes ownership of the skb so set the global
2160 * rx_skb pointer to NULL first.
2161 */
2162 conn->rx_skb = NULL;
2163 iso_recv_frame(conn, rx_skb);
2164 }
2165 break;
2166 }
2167
2168drop:
2169 kfree_skb(skb);
2170}
2171
2172static struct hci_cb iso_cb = {
2173 .name = "ISO",
2174 .connect_cfm = iso_connect_cfm,
2175 .disconn_cfm = iso_disconn_cfm,
2176};
2177
2178static int iso_debugfs_show(struct seq_file *f, void *p)
2179{
2180 struct sock *sk;
2181
2182 read_lock(&iso_sk_list.lock);
2183
2184 sk_for_each(sk, &iso_sk_list.head) {
2185 seq_printf(f, "%pMR %pMR %d\n", &iso_pi(sk)->src,
2186 &iso_pi(sk)->dst, sk->sk_state);
2187 }
2188
2189 read_unlock(&iso_sk_list.lock);
2190
2191 return 0;
2192}
2193
2194DEFINE_SHOW_ATTRIBUTE(iso_debugfs);
2195
2196static struct dentry *iso_debugfs;
2197
2198static const struct proto_ops iso_sock_ops = {
2199 .family = PF_BLUETOOTH,
2200 .owner = THIS_MODULE,
2201 .release = iso_sock_release,
2202 .bind = iso_sock_bind,
2203 .connect = iso_sock_connect,
2204 .listen = iso_sock_listen,
2205 .accept = iso_sock_accept,
2206 .getname = iso_sock_getname,
2207 .sendmsg = iso_sock_sendmsg,
2208 .recvmsg = iso_sock_recvmsg,
2209 .poll = bt_sock_poll,
2210 .ioctl = bt_sock_ioctl,
2211 .mmap = sock_no_mmap,
2212 .socketpair = sock_no_socketpair,
2213 .shutdown = iso_sock_shutdown,
2214 .setsockopt = iso_sock_setsockopt,
2215 .getsockopt = iso_sock_getsockopt
2216};
2217
2218static const struct net_proto_family iso_sock_family_ops = {
2219 .family = PF_BLUETOOTH,
2220 .owner = THIS_MODULE,
2221 .create = iso_sock_create,
2222};
2223
2224static bool iso_inited;
2225
2226bool iso_enabled(void)
2227{
2228 return iso_inited;
2229}
2230
2231int iso_init(void)
2232{
2233 int err;
2234
2235 BUILD_BUG_ON(sizeof(struct sockaddr_iso) > sizeof(struct sockaddr));
2236
2237 if (iso_inited)
2238 return -EALREADY;
2239
2240 err = proto_register(&iso_proto, 0);
2241 if (err < 0)
2242 return err;
2243
2244 err = bt_sock_register(BTPROTO_ISO, &iso_sock_family_ops);
2245 if (err < 0) {
2246 BT_ERR("ISO socket registration failed");
2247 goto error;
2248 }
2249
2250 err = bt_procfs_init(&init_net, "iso", &iso_sk_list, NULL);
2251 if (err < 0) {
2252 BT_ERR("Failed to create ISO proc file");
2253 bt_sock_unregister(BTPROTO_ISO);
2254 goto error;
2255 }
2256
2257 BT_INFO("ISO socket layer initialized");
2258
2259 hci_register_cb(&iso_cb);
2260
2261 if (IS_ERR_OR_NULL(bt_debugfs))
2262 return 0;
2263
2264 if (!iso_debugfs) {
2265 iso_debugfs = debugfs_create_file("iso", 0444, bt_debugfs,
2266 NULL, &iso_debugfs_fops);
2267 }
2268
2269 iso_inited = true;
2270
2271 return 0;
2272
2273error:
2274 proto_unregister(&iso_proto);
2275 return err;
2276}
2277
2278int iso_exit(void)
2279{
2280 if (!iso_inited)
2281 return -EALREADY;
2282
2283 bt_procfs_cleanup(&init_net, "iso");
2284
2285 debugfs_remove(iso_debugfs);
2286 iso_debugfs = NULL;
2287
2288 hci_unregister_cb(&iso_cb);
2289
2290 bt_sock_unregister(BTPROTO_ISO);
2291
2292 proto_unregister(&iso_proto);
2293
2294 iso_inited = false;
2295
2296 return 0;
2297}