Linux Kernel  3.7.1
 All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
af_irda.c
Go to the documentation of this file.
1 /*********************************************************************
2  *
3  * Filename: af_irda.c
4  * Version: 0.9
5  * Description: IrDA sockets implementation
6  * Status: Stable
7  * Author: Dag Brattli <[email protected]>
8  * Created at: Sun May 31 10:12:43 1998
9  * Modified at: Sat Dec 25 21:10:23 1999
10  * Modified by: Dag Brattli <[email protected]>
11  * Sources: af_netroom.c, af_ax25.c, af_rose.c, af_x25.c etc.
12  *
13  * Copyright (c) 1999 Dag Brattli <[email protected]>
14  * Copyright (c) 1999-2003 Jean Tourrilhes <[email protected]>
15  * All Rights Reserved.
16  *
17  * This program is free software; you can redistribute it and/or
18  * modify it under the terms of the GNU General Public License as
19  * published by the Free Software Foundation; either version 2 of
20  * the License, or (at your option) any later version.
21  *
22  * This program is distributed in the hope that it will be useful,
23  * but WITHOUT ANY WARRANTY; without even the implied warranty of
24  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
25  * GNU General Public License for more details.
26  *
27  * You should have received a copy of the GNU General Public License
28  * along with this program; if not, write to the Free Software
29  * Foundation, Inc., 59 Temple Place, Suite 330, Boston,
30  * MA 02111-1307 USA
31  *
32  * Linux-IrDA now supports four different types of IrDA sockets:
33  *
34  * o SOCK_STREAM: TinyTP connections with SAR disabled. The
35  * max SDU size is 0 for conn. of this type
36  * o SOCK_SEQPACKET: TinyTP connections with SAR enabled. TTP may
37  * fragment the messages, but will preserve
38  * the message boundaries
39  * o SOCK_DGRAM: IRDAPROTO_UNITDATA: TinyTP connections with Unitdata
40  * (unreliable) transfers
41  * IRDAPROTO_ULTRA: Connectionless and unreliable data
42  *
43  ********************************************************************/
44 
45 #include <linux/capability.h>
46 #include <linux/module.h>
47 #include <linux/types.h>
48 #include <linux/socket.h>
49 #include <linux/sockios.h>
50 #include <linux/slab.h>
51 #include <linux/init.h>
52 #include <linux/net.h>
53 #include <linux/irda.h>
54 #include <linux/poll.h>
55 
56 #include <asm/ioctls.h> /* TIOCOUTQ, TIOCINQ */
57 #include <asm/uaccess.h>
58 
59 #include <net/sock.h>
60 #include <net/tcp_states.h>
61 
62 #include <net/irda/af_irda.h>
63 
64 static int irda_create(struct net *net, struct socket *sock, int protocol, int kern);
65 
66 static const struct proto_ops irda_stream_ops;
67 static const struct proto_ops irda_seqpacket_ops;
68 static const struct proto_ops irda_dgram_ops;
69 
70 #ifdef CONFIG_IRDA_ULTRA
71 static const struct proto_ops irda_ultra_ops;
72 #define ULTRA_MAX_DATA 382
73 #endif /* CONFIG_IRDA_ULTRA */
74 
75 #define IRDA_MAX_HEADER (TTP_MAX_HEADER)
76 
77 /*
78  * Function irda_data_indication (instance, sap, skb)
79  *
80  * Received some data from TinyTP. Just queue it on the receive queue
81  *
82  */
83 static int irda_data_indication(void *instance, void *sap, struct sk_buff *skb)
84 {
85  struct irda_sock *self;
86  struct sock *sk;
87  int err;
88 
89  IRDA_DEBUG(3, "%s()\n", __func__);
90 
91  self = instance;
92  sk = instance;
93 
94  err = sock_queue_rcv_skb(sk, skb);
95  if (err) {
96  IRDA_DEBUG(1, "%s(), error: no more mem!\n", __func__);
97  self->rx_flow = FLOW_STOP;
98 
99  /* When we return error, TTP will need to requeue the skb */
100  return err;
101  }
102 
103  return 0;
104 }
105 
106 /*
107  * Function irda_disconnect_indication (instance, sap, reason, skb)
108  *
109  * Connection has been closed. Check reason to find out why
110  *
111  */
112 static void irda_disconnect_indication(void *instance, void *sap,
113  LM_REASON reason, struct sk_buff *skb)
114 {
115  struct irda_sock *self;
116  struct sock *sk;
117 
118  self = instance;
119 
120  IRDA_DEBUG(2, "%s(%p)\n", __func__, self);
121 
122  /* Don't care about it, but let's not leak it */
123  if(skb)
124  dev_kfree_skb(skb);
125 
126  sk = instance;
127  if (sk == NULL) {
128  IRDA_DEBUG(0, "%s(%p) : BUG : sk is NULL\n",
129  __func__, self);
130  return;
131  }
132 
133  /* Prevent race conditions with irda_release() and irda_shutdown() */
134  bh_lock_sock(sk);
135  if (!sock_flag(sk, SOCK_DEAD) && sk->sk_state != TCP_CLOSE) {
136  sk->sk_state = TCP_CLOSE;
137  sk->sk_shutdown |= SEND_SHUTDOWN;
138 
139  sk->sk_state_change(sk);
140 
141  /* Close our TSAP.
142  * If we leave it open, IrLMP put it back into the list of
143  * unconnected LSAPs. The problem is that any incoming request
144  * can then be matched to this socket (and it will be, because
145  * it is at the head of the list). This would prevent any
146  * listening socket waiting on the same TSAP to get those
147  * requests. Some apps forget to close sockets, or hang to it
148  * a bit too long, so we may stay in this dead state long
149  * enough to be noticed...
150  * Note : all socket function do check sk->sk_state, so we are
151  * safe...
152  * Jean II
153  */
154  if (self->tsap) {
155  irttp_close_tsap(self->tsap);
156  self->tsap = NULL;
157  }
158  }
159  bh_unlock_sock(sk);
160 
161  /* Note : once we are there, there is not much you want to do
162  * with the socket anymore, apart from closing it.
163  * For example, bind() and connect() won't reset sk->sk_err,
164  * sk->sk_shutdown and sk->sk_flags to valid values...
165  * Jean II
166  */
167 }
168 
169 /*
170  * Function irda_connect_confirm (instance, sap, qos, max_sdu_size, skb)
171  *
172  * Connections has been confirmed by the remote device
173  *
174  */
175 static void irda_connect_confirm(void *instance, void *sap,
176  struct qos_info *qos,
177  __u32 max_sdu_size, __u8 max_header_size,
178  struct sk_buff *skb)
179 {
180  struct irda_sock *self;
181  struct sock *sk;
182 
183  self = instance;
184 
185  IRDA_DEBUG(2, "%s(%p)\n", __func__, self);
186 
187  sk = instance;
188  if (sk == NULL) {
189  dev_kfree_skb(skb);
190  return;
191  }
192 
193  dev_kfree_skb(skb);
194  // Should be ??? skb_queue_tail(&sk->sk_receive_queue, skb);
195 
196  /* How much header space do we need to reserve */
197  self->max_header_size = max_header_size;
198 
199  /* IrTTP max SDU size in transmit direction */
200  self->max_sdu_size_tx = max_sdu_size;
201 
202  /* Find out what the largest chunk of data that we can transmit is */
203  switch (sk->sk_type) {
204  case SOCK_STREAM:
205  if (max_sdu_size != 0) {
206  IRDA_ERROR("%s: max_sdu_size must be 0\n",
207  __func__);
208  return;
209  }
210  self->max_data_size = irttp_get_max_seg_size(self->tsap);
211  break;
212  case SOCK_SEQPACKET:
213  if (max_sdu_size == 0) {
214  IRDA_ERROR("%s: max_sdu_size cannot be 0\n",
215  __func__);
216  return;
217  }
218  self->max_data_size = max_sdu_size;
219  break;
220  default:
221  self->max_data_size = irttp_get_max_seg_size(self->tsap);
222  }
223 
224  IRDA_DEBUG(2, "%s(), max_data_size=%d\n", __func__,
225  self->max_data_size);
226 
227  memcpy(&self->qos_tx, qos, sizeof(struct qos_info));
228 
229  /* We are now connected! */
230  sk->sk_state = TCP_ESTABLISHED;
231  sk->sk_state_change(sk);
232 }
233 
234 /*
235  * Function irda_connect_indication(instance, sap, qos, max_sdu_size, userdata)
236  *
237  * Incoming connection
238  *
239  */
240 static void irda_connect_indication(void *instance, void *sap,
241  struct qos_info *qos, __u32 max_sdu_size,
242  __u8 max_header_size, struct sk_buff *skb)
243 {
244  struct irda_sock *self;
245  struct sock *sk;
246 
247  self = instance;
248 
249  IRDA_DEBUG(2, "%s(%p)\n", __func__, self);
250 
251  sk = instance;
252  if (sk == NULL) {
253  dev_kfree_skb(skb);
254  return;
255  }
256 
257  /* How much header space do we need to reserve */
258  self->max_header_size = max_header_size;
259 
260  /* IrTTP max SDU size in transmit direction */
261  self->max_sdu_size_tx = max_sdu_size;
262 
263  /* Find out what the largest chunk of data that we can transmit is */
264  switch (sk->sk_type) {
265  case SOCK_STREAM:
266  if (max_sdu_size != 0) {
267  IRDA_ERROR("%s: max_sdu_size must be 0\n",
268  __func__);
269  kfree_skb(skb);
270  return;
271  }
272  self->max_data_size = irttp_get_max_seg_size(self->tsap);
273  break;
274  case SOCK_SEQPACKET:
275  if (max_sdu_size == 0) {
276  IRDA_ERROR("%s: max_sdu_size cannot be 0\n",
277  __func__);
278  kfree_skb(skb);
279  return;
280  }
281  self->max_data_size = max_sdu_size;
282  break;
283  default:
284  self->max_data_size = irttp_get_max_seg_size(self->tsap);
285  }
286 
287  IRDA_DEBUG(2, "%s(), max_data_size=%d\n", __func__,
288  self->max_data_size);
289 
290  memcpy(&self->qos_tx, qos, sizeof(struct qos_info));
291 
292  skb_queue_tail(&sk->sk_receive_queue, skb);
293  sk->sk_state_change(sk);
294 }
295 
296 /*
297  * Function irda_connect_response (handle)
298  *
299  * Accept incoming connection
300  *
301  */
302 static void irda_connect_response(struct irda_sock *self)
303 {
304  struct sk_buff *skb;
305 
306  IRDA_DEBUG(2, "%s()\n", __func__);
307 
308  skb = alloc_skb(TTP_MAX_HEADER + TTP_SAR_HEADER,
309  GFP_ATOMIC);
310  if (skb == NULL) {
311  IRDA_DEBUG(0, "%s() Unable to allocate sk_buff!\n",
312  __func__);
313  return;
314  }
315 
316  /* Reserve space for MUX_CONTROL and LAP header */
317  skb_reserve(skb, IRDA_MAX_HEADER);
318 
319  irttp_connect_response(self->tsap, self->max_sdu_size_rx, skb);
320 }
321 
322 /*
323  * Function irda_flow_indication (instance, sap, flow)
324  *
325  * Used by TinyTP to tell us if it can accept more data or not
326  *
327  */
328 static void irda_flow_indication(void *instance, void *sap, LOCAL_FLOW flow)
329 {
330  struct irda_sock *self;
331  struct sock *sk;
332 
333  IRDA_DEBUG(2, "%s()\n", __func__);
334 
335  self = instance;
336  sk = instance;
337  BUG_ON(sk == NULL);
338 
339  switch (flow) {
340  case FLOW_STOP:
341  IRDA_DEBUG(1, "%s(), IrTTP wants us to slow down\n",
342  __func__);
343  self->tx_flow = flow;
344  break;
345  case FLOW_START:
346  self->tx_flow = flow;
347  IRDA_DEBUG(1, "%s(), IrTTP wants us to start again\n",
348  __func__);
349  wake_up_interruptible(sk_sleep(sk));
350  break;
351  default:
352  IRDA_DEBUG(0, "%s(), Unknown flow command!\n", __func__);
353  /* Unknown flow command, better stop */
354  self->tx_flow = flow;
355  break;
356  }
357 }
358 
359 /*
360  * Function irda_getvalue_confirm (obj_id, value, priv)
361  *
362  * Got answer from remote LM-IAS, just pass object to requester...
363  *
364  * Note : duplicate from above, but we need our own version that
365  * doesn't touch the dtsap_sel and save the full value structure...
366  */
367 static void irda_getvalue_confirm(int result, __u16 obj_id,
368  struct ias_value *value, void *priv)
369 {
370  struct irda_sock *self;
371 
372  self = priv;
373  if (!self) {
374  IRDA_WARNING("%s: lost myself!\n", __func__);
375  return;
376  }
377 
378  IRDA_DEBUG(2, "%s(%p)\n", __func__, self);
379 
380  /* We probably don't need to make any more queries */
381  iriap_close(self->iriap);
382  self->iriap = NULL;
383 
384  /* Check if request succeeded */
385  if (result != IAS_SUCCESS) {
386  IRDA_DEBUG(1, "%s(), IAS query failed! (%d)\n", __func__,
387  result);
388 
389  self->errno = result; /* We really need it later */
390 
391  /* Wake up any processes waiting for result */
392  wake_up_interruptible(&self->query_wait);
393 
394  return;
395  }
396 
397  /* Pass the object to the caller (so the caller must delete it) */
398  self->ias_result = value;
399  self->errno = 0;
400 
401  /* Wake up any processes waiting for result */
402  wake_up_interruptible(&self->query_wait);
403 }
404 
405 /*
406  * Function irda_selective_discovery_indication (discovery)
407  *
408  * Got a selective discovery indication from IrLMP.
409  *
410  * IrLMP is telling us that this node is new and matching our hint bit
411  * filter. Wake up any process waiting for answer...
412  */
413 static void irda_selective_discovery_indication(discinfo_t *discovery,
414  DISCOVERY_MODE mode,
415  void *priv)
416 {
417  struct irda_sock *self;
418 
419  IRDA_DEBUG(2, "%s()\n", __func__);
420 
421  self = priv;
422  if (!self) {
423  IRDA_WARNING("%s: lost myself!\n", __func__);
424  return;
425  }
426 
427  /* Pass parameter to the caller */
428  self->cachedaddr = discovery->daddr;
429 
430  /* Wake up process if its waiting for device to be discovered */
431  wake_up_interruptible(&self->query_wait);
432 }
433 
434 /*
435  * Function irda_discovery_timeout (priv)
436  *
437  * Timeout in the selective discovery process
438  *
439  * We were waiting for a node to be discovered, but nothing has come up
440  * so far. Wake up the user and tell him that we failed...
441  */
442 static void irda_discovery_timeout(u_long priv)
443 {
444  struct irda_sock *self;
445 
446  IRDA_DEBUG(2, "%s()\n", __func__);
447 
448  self = (struct irda_sock *) priv;
449  BUG_ON(self == NULL);
450 
451  /* Nothing for the caller */
452  self->cachelog = NULL;
453  self->cachedaddr = 0;
454  self->errno = -ETIME;
455 
456  /* Wake up process if its still waiting... */
457  wake_up_interruptible(&self->query_wait);
458 }
459 
460 /*
461  * Function irda_open_tsap (self)
462  *
463  * Open local Transport Service Access Point (TSAP)
464  *
465  */
466 static int irda_open_tsap(struct irda_sock *self, __u8 tsap_sel, char *name)
467 {
468  notify_t notify;
469 
470  if (self->tsap) {
471  IRDA_DEBUG(0, "%s: busy!\n", __func__);
472  return -EBUSY;
473  }
474 
475  /* Initialize callbacks to be used by the IrDA stack */
476  irda_notify_init(&notify);
477  notify.connect_confirm = irda_connect_confirm;
478  notify.connect_indication = irda_connect_indication;
479  notify.disconnect_indication = irda_disconnect_indication;
480  notify.data_indication = irda_data_indication;
481  notify.udata_indication = irda_data_indication;
482  notify.flow_indication = irda_flow_indication;
483  notify.instance = self;
484  strncpy(notify.name, name, NOTIFY_MAX_NAME);
485 
486  self->tsap = irttp_open_tsap(tsap_sel, DEFAULT_INITIAL_CREDIT,
487  &notify);
488  if (self->tsap == NULL) {
489  IRDA_DEBUG(0, "%s(), Unable to allocate TSAP!\n",
490  __func__);
491  return -ENOMEM;
492  }
493  /* Remember which TSAP selector we actually got */
494  self->stsap_sel = self->tsap->stsap_sel;
495 
496  return 0;
497 }
498 
499 /*
500  * Function irda_open_lsap (self)
501  *
502  * Open local Link Service Access Point (LSAP). Used for opening Ultra
503  * sockets
504  */
505 #ifdef CONFIG_IRDA_ULTRA
506 static int irda_open_lsap(struct irda_sock *self, int pid)
507 {
508  notify_t notify;
509 
510  if (self->lsap) {
511  IRDA_WARNING("%s(), busy!\n", __func__);
512  return -EBUSY;
513  }
514 
515  /* Initialize callbacks to be used by the IrDA stack */
516  irda_notify_init(&notify);
517  notify.udata_indication = irda_data_indication;
518  notify.instance = self;
519  strncpy(notify.name, "Ultra", NOTIFY_MAX_NAME);
520 
521  self->lsap = irlmp_open_lsap(LSAP_CONNLESS, &notify, pid);
522  if (self->lsap == NULL) {
523  IRDA_DEBUG( 0, "%s(), Unable to allocate LSAP!\n", __func__);
524  return -ENOMEM;
525  }
526 
527  return 0;
528 }
529 #endif /* CONFIG_IRDA_ULTRA */
530 
531 /*
532  * Function irda_find_lsap_sel (self, name)
533  *
534  * Try to lookup LSAP selector in remote LM-IAS
535  *
536  * Basically, we start a IAP query, and then go to sleep. When the query
537  * return, irda_getvalue_confirm will wake us up, and we can examine the
538  * result of the query...
539  * Note that in some case, the query fail even before we go to sleep,
540  * creating some races...
541  */
542 static int irda_find_lsap_sel(struct irda_sock *self, char *name)
543 {
544  IRDA_DEBUG(2, "%s(%p, %s)\n", __func__, self, name);
545 
546  if (self->iriap) {
547  IRDA_WARNING("%s(): busy with a previous query\n",
548  __func__);
549  return -EBUSY;
550  }
551 
552  self->iriap = iriap_open(LSAP_ANY, IAS_CLIENT, self,
553  irda_getvalue_confirm);
554  if(self->iriap == NULL)
555  return -ENOMEM;
556 
557  /* Treat unexpected wakeup as disconnect */
558  self->errno = -EHOSTUNREACH;
559 
560  /* Query remote LM-IAS */
561  iriap_getvaluebyclass_request(self->iriap, self->saddr, self->daddr,
562  name, "IrDA:TinyTP:LsapSel");
563 
564  /* Wait for answer, if not yet finished (or failed) */
565  if (wait_event_interruptible(self->query_wait, (self->iriap==NULL)))
566  /* Treat signals as disconnect */
567  return -EHOSTUNREACH;
568 
569  /* Check what happened */
570  if (self->errno)
571  {
572  /* Requested object/attribute doesn't exist */
573  if((self->errno == IAS_CLASS_UNKNOWN) ||
574  (self->errno == IAS_ATTRIB_UNKNOWN))
575  return -EADDRNOTAVAIL;
576  else
577  return -EHOSTUNREACH;
578  }
579 
580  /* Get the remote TSAP selector */
581  switch (self->ias_result->type) {
582  case IAS_INTEGER:
583  IRDA_DEBUG(4, "%s() int=%d\n",
584  __func__, self->ias_result->t.integer);
585 
586  if (self->ias_result->t.integer != -1)
587  self->dtsap_sel = self->ias_result->t.integer;
588  else
589  self->dtsap_sel = 0;
590  break;
591  default:
592  self->dtsap_sel = 0;
593  IRDA_DEBUG(0, "%s(), bad type!\n", __func__);
594  break;
595  }
596  if (self->ias_result)
597  irias_delete_value(self->ias_result);
598 
599  if (self->dtsap_sel)
600  return 0;
601 
602  return -EADDRNOTAVAIL;
603 }
604 
605 /*
606  * Function irda_discover_daddr_and_lsap_sel (self, name)
607  *
608  * This try to find a device with the requested service.
609  *
610  * It basically look into the discovery log. For each address in the list,
611  * it queries the LM-IAS of the device to find if this device offer
612  * the requested service.
613  * If there is more than one node supporting the service, we complain
614  * to the user (it should move devices around).
615  * The, we set both the destination address and the lsap selector to point
616  * on the service on the unique device we have found.
617  *
618  * Note : this function fails if there is more than one device in range,
619  * because IrLMP doesn't disconnect the LAP when the last LSAP is closed.
620  * Moreover, we would need to wait the LAP disconnection...
621  */
622 static int irda_discover_daddr_and_lsap_sel(struct irda_sock *self, char *name)
623 {
624  discinfo_t *discoveries; /* Copy of the discovery log */
625  int number; /* Number of nodes in the log */
626  int i;
627  int err = -ENETUNREACH;
628  __u32 daddr = DEV_ADDR_ANY; /* Address we found the service on */
629  __u8 dtsap_sel = 0x0; /* TSAP associated with it */
630 
631  IRDA_DEBUG(2, "%s(), name=%s\n", __func__, name);
632 
633  /* Ask lmp for the current discovery log
634  * Note : we have to use irlmp_get_discoveries(), as opposed
635  * to play with the cachelog directly, because while we are
636  * making our ias query, le log might change... */
637  discoveries = irlmp_get_discoveries(&number, self->mask.word,
638  self->nslots);
639  /* Check if the we got some results */
640  if (discoveries == NULL)
641  return -ENETUNREACH; /* No nodes discovered */
642 
643  /*
644  * Now, check all discovered devices (if any), and connect
645  * client only about the services that the client is
646  * interested in...
647  */
648  for(i = 0; i < number; i++) {
649  /* Try the address in the log */
650  self->daddr = discoveries[i].daddr;
651  self->saddr = 0x0;
652  IRDA_DEBUG(1, "%s(), trying daddr = %08x\n",
653  __func__, self->daddr);
654 
655  /* Query remote LM-IAS for this service */
656  err = irda_find_lsap_sel(self, name);
657  switch (err) {
658  case 0:
659  /* We found the requested service */
660  if(daddr != DEV_ADDR_ANY) {
661  IRDA_DEBUG(1, "%s(), discovered service ''%s'' in two different devices !!!\n",
662  __func__, name);
663  self->daddr = DEV_ADDR_ANY;
664  kfree(discoveries);
665  return -ENOTUNIQ;
666  }
667  /* First time we found that one, save it ! */
668  daddr = self->daddr;
669  dtsap_sel = self->dtsap_sel;
670  break;
671  case -EADDRNOTAVAIL:
672  /* Requested service simply doesn't exist on this node */
673  break;
674  default:
675  /* Something bad did happen :-( */
676  IRDA_DEBUG(0, "%s(), unexpected IAS query failure\n", __func__);
677  self->daddr = DEV_ADDR_ANY;
678  kfree(discoveries);
679  return -EHOSTUNREACH;
680  break;
681  }
682  }
683  /* Cleanup our copy of the discovery log */
684  kfree(discoveries);
685 
686  /* Check out what we found */
687  if(daddr == DEV_ADDR_ANY) {
688  IRDA_DEBUG(1, "%s(), cannot discover service ''%s'' in any device !!!\n",
689  __func__, name);
690  self->daddr = DEV_ADDR_ANY;
691  return -EADDRNOTAVAIL;
692  }
693 
694  /* Revert back to discovered device & service */
695  self->daddr = daddr;
696  self->saddr = 0x0;
697  self->dtsap_sel = dtsap_sel;
698 
699  IRDA_DEBUG(1, "%s(), discovered requested service ''%s'' at address %08x\n",
700  __func__, name, self->daddr);
701 
702  return 0;
703 }
704 
705 /*
706  * Function irda_getname (sock, uaddr, uaddr_len, peer)
707  *
708  * Return the our own, or peers socket address (sockaddr_irda)
709  *
710  */
711 static int irda_getname(struct socket *sock, struct sockaddr *uaddr,
712  int *uaddr_len, int peer)
713 {
714  struct sockaddr_irda saddr;
715  struct sock *sk = sock->sk;
716  struct irda_sock *self = irda_sk(sk);
717 
718  memset(&saddr, 0, sizeof(saddr));
719  if (peer) {
720  if (sk->sk_state != TCP_ESTABLISHED)
721  return -ENOTCONN;
722 
723  saddr.sir_family = AF_IRDA;
724  saddr.sir_lsap_sel = self->dtsap_sel;
725  saddr.sir_addr = self->daddr;
726  } else {
727  saddr.sir_family = AF_IRDA;
728  saddr.sir_lsap_sel = self->stsap_sel;
729  saddr.sir_addr = self->saddr;
730  }
731 
732  IRDA_DEBUG(1, "%s(), tsap_sel = %#x\n", __func__, saddr.sir_lsap_sel);
733  IRDA_DEBUG(1, "%s(), addr = %08x\n", __func__, saddr.sir_addr);
734 
735  /* uaddr_len come to us uninitialised */
736  *uaddr_len = sizeof (struct sockaddr_irda);
737  memcpy(uaddr, &saddr, *uaddr_len);
738 
739  return 0;
740 }
741 
742 /*
743  * Function irda_listen (sock, backlog)
744  *
745  * Just move to the listen state
746  *
747  */
748 static int irda_listen(struct socket *sock, int backlog)
749 {
750  struct sock *sk = sock->sk;
751  int err = -EOPNOTSUPP;
752 
753  IRDA_DEBUG(2, "%s()\n", __func__);
754 
755  lock_sock(sk);
756 
757  if ((sk->sk_type != SOCK_STREAM) && (sk->sk_type != SOCK_SEQPACKET) &&
758  (sk->sk_type != SOCK_DGRAM))
759  goto out;
760 
761  if (sk->sk_state != TCP_LISTEN) {
762  sk->sk_max_ack_backlog = backlog;
763  sk->sk_state = TCP_LISTEN;
764 
765  err = 0;
766  }
767 out:
768  release_sock(sk);
769 
770  return err;
771 }
772 
773 /*
774  * Function irda_bind (sock, uaddr, addr_len)
775  *
776  * Used by servers to register their well known TSAP
777  *
778  */
779 static int irda_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
780 {
781  struct sock *sk = sock->sk;
782  struct sockaddr_irda *addr = (struct sockaddr_irda *) uaddr;
783  struct irda_sock *self = irda_sk(sk);
784  int err;
785 
786  IRDA_DEBUG(2, "%s(%p)\n", __func__, self);
787 
788  if (addr_len != sizeof(struct sockaddr_irda))
789  return -EINVAL;
790 
791  lock_sock(sk);
792 #ifdef CONFIG_IRDA_ULTRA
793  /* Special care for Ultra sockets */
794  if ((sk->sk_type == SOCK_DGRAM) &&
795  (sk->sk_protocol == IRDAPROTO_ULTRA)) {
796  self->pid = addr->sir_lsap_sel;
797  err = -EOPNOTSUPP;
798  if (self->pid & 0x80) {
799  IRDA_DEBUG(0, "%s(), extension in PID not supp!\n", __func__);
800  goto out;
801  }
802  err = irda_open_lsap(self, self->pid);
803  if (err < 0)
804  goto out;
805 
806  /* Pretend we are connected */
807  sock->state = SS_CONNECTED;
808  sk->sk_state = TCP_ESTABLISHED;
809  err = 0;
810 
811  goto out;
812  }
813 #endif /* CONFIG_IRDA_ULTRA */
814 
815  self->ias_obj = irias_new_object(addr->sir_name, jiffies);
816  err = -ENOMEM;
817  if (self->ias_obj == NULL)
818  goto out;
819 
820  err = irda_open_tsap(self, addr->sir_lsap_sel, addr->sir_name);
821  if (err < 0) {
822  irias_delete_object(self->ias_obj);
823  self->ias_obj = NULL;
824  goto out;
825  }
826 
827  /* Register with LM-IAS */
828  irias_add_integer_attrib(self->ias_obj, "IrDA:TinyTP:LsapSel",
829  self->stsap_sel, IAS_KERNEL_ATTR);
830  irias_insert_object(self->ias_obj);
831 
832  err = 0;
833 out:
834  release_sock(sk);
835  return err;
836 }
837 
838 /*
839  * Function irda_accept (sock, newsock, flags)
840  *
841  * Wait for incoming connection
842  *
843  */
844 static int irda_accept(struct socket *sock, struct socket *newsock, int flags)
845 {
846  struct sock *sk = sock->sk;
847  struct irda_sock *new, *self = irda_sk(sk);
848  struct sock *newsk;
849  struct sk_buff *skb;
850  int err;
851 
852  IRDA_DEBUG(2, "%s()\n", __func__);
853 
854  err = irda_create(sock_net(sk), newsock, sk->sk_protocol, 0);
855  if (err)
856  return err;
857 
858  err = -EINVAL;
859 
860  lock_sock(sk);
861  if (sock->state != SS_UNCONNECTED)
862  goto out;
863 
864  if ((sk = sock->sk) == NULL)
865  goto out;
866 
867  err = -EOPNOTSUPP;
868  if ((sk->sk_type != SOCK_STREAM) && (sk->sk_type != SOCK_SEQPACKET) &&
869  (sk->sk_type != SOCK_DGRAM))
870  goto out;
871 
872  err = -EINVAL;
873  if (sk->sk_state != TCP_LISTEN)
874  goto out;
875 
876  /*
877  * The read queue this time is holding sockets ready to use
878  * hooked into the SABM we saved
879  */
880 
881  /*
882  * We can perform the accept only if there is incoming data
883  * on the listening socket.
884  * So, we will block the caller until we receive any data.
885  * If the caller was waiting on select() or poll() before
886  * calling us, the data is waiting for us ;-)
887  * Jean II
888  */
889  while (1) {
890  skb = skb_dequeue(&sk->sk_receive_queue);
891  if (skb)
892  break;
893 
894  /* Non blocking operation */
895  err = -EWOULDBLOCK;
896  if (flags & O_NONBLOCK)
897  goto out;
898 
899  err = wait_event_interruptible(*(sk_sleep(sk)),
900  skb_peek(&sk->sk_receive_queue));
901  if (err)
902  goto out;
903  }
904 
905  newsk = newsock->sk;
906  err = -EIO;
907  if (newsk == NULL)
908  goto out;
909 
910  newsk->sk_state = TCP_ESTABLISHED;
911 
912  new = irda_sk(newsk);
913 
914  /* Now attach up the new socket */
915  new->tsap = irttp_dup(self->tsap, new);
916  err = -EPERM; /* value does not seem to make sense. -arnd */
917  if (!new->tsap) {
918  IRDA_DEBUG(0, "%s(), dup failed!\n", __func__);
919  kfree_skb(skb);
920  goto out;
921  }
922 
923  new->stsap_sel = new->tsap->stsap_sel;
924  new->dtsap_sel = new->tsap->dtsap_sel;
925  new->saddr = irttp_get_saddr(new->tsap);
926  new->daddr = irttp_get_daddr(new->tsap);
927 
928  new->max_sdu_size_tx = self->max_sdu_size_tx;
929  new->max_sdu_size_rx = self->max_sdu_size_rx;
930  new->max_data_size = self->max_data_size;
931  new->max_header_size = self->max_header_size;
932 
933  memcpy(&new->qos_tx, &self->qos_tx, sizeof(struct qos_info));
934 
935  /* Clean up the original one to keep it in listen state */
936  irttp_listen(self->tsap);
937 
938  kfree_skb(skb);
939  sk->sk_ack_backlog--;
940 
941  newsock->state = SS_CONNECTED;
942 
943  irda_connect_response(new);
944  err = 0;
945 out:
946  release_sock(sk);
947  return err;
948 }
949 
950 /*
951  * Function irda_connect (sock, uaddr, addr_len, flags)
952  *
953  * Connect to a IrDA device
954  *
955  * The main difference with a "standard" connect is that with IrDA we need
956  * to resolve the service name into a TSAP selector (in TCP, port number
957  * doesn't have to be resolved).
958  * Because of this service name resolution, we can offer "auto-connect",
959  * where we connect to a service without specifying a destination address.
960  *
961  * Note : by consulting "errno", the user space caller may learn the cause
962  * of the failure. Most of them are visible in the function, others may come
963  * from subroutines called and are listed here :
964  * o EBUSY : already processing a connect
965  * o EHOSTUNREACH : bad addr->sir_addr argument
966  * o EADDRNOTAVAIL : bad addr->sir_name argument
967  * o ENOTUNIQ : more than one node has addr->sir_name (auto-connect)
968  * o ENETUNREACH : no node found on the network (auto-connect)
969  */
970 static int irda_connect(struct socket *sock, struct sockaddr *uaddr,
971  int addr_len, int flags)
972 {
973  struct sock *sk = sock->sk;
974  struct sockaddr_irda *addr = (struct sockaddr_irda *) uaddr;
975  struct irda_sock *self = irda_sk(sk);
976  int err;
977 
978  IRDA_DEBUG(2, "%s(%p)\n", __func__, self);
979 
980  lock_sock(sk);
981  /* Don't allow connect for Ultra sockets */
982  err = -ESOCKTNOSUPPORT;
983  if ((sk->sk_type == SOCK_DGRAM) && (sk->sk_protocol == IRDAPROTO_ULTRA))
984  goto out;
985 
986  if (sk->sk_state == TCP_ESTABLISHED && sock->state == SS_CONNECTING) {
987  sock->state = SS_CONNECTED;
988  err = 0;
989  goto out; /* Connect completed during a ERESTARTSYS event */
990  }
991 
992  if (sk->sk_state == TCP_CLOSE && sock->state == SS_CONNECTING) {
993  sock->state = SS_UNCONNECTED;
994  err = -ECONNREFUSED;
995  goto out;
996  }
997 
998  err = -EISCONN; /* No reconnect on a seqpacket socket */
999  if (sk->sk_state == TCP_ESTABLISHED)
1000  goto out;
1001 
1002  sk->sk_state = TCP_CLOSE;
1003  sock->state = SS_UNCONNECTED;
1004 
1005  err = -EINVAL;
1006  if (addr_len != sizeof(struct sockaddr_irda))
1007  goto out;
1008 
1009  /* Check if user supplied any destination device address */
1010  if ((!addr->sir_addr) || (addr->sir_addr == DEV_ADDR_ANY)) {
1011  /* Try to find one suitable */
1012  err = irda_discover_daddr_and_lsap_sel(self, addr->sir_name);
1013  if (err) {
1014  IRDA_DEBUG(0, "%s(), auto-connect failed!\n", __func__);
1015  goto out;
1016  }
1017  } else {
1018  /* Use the one provided by the user */
1019  self->daddr = addr->sir_addr;
1020  IRDA_DEBUG(1, "%s(), daddr = %08x\n", __func__, self->daddr);
1021 
1022  /* If we don't have a valid service name, we assume the
1023  * user want to connect on a specific LSAP. Prevent
1024  * the use of invalid LSAPs (IrLMP 1.1 p10). Jean II */
1025  if((addr->sir_name[0] != '\0') ||
1026  (addr->sir_lsap_sel >= 0x70)) {
1027  /* Query remote LM-IAS using service name */
1028  err = irda_find_lsap_sel(self, addr->sir_name);
1029  if (err) {
1030  IRDA_DEBUG(0, "%s(), connect failed!\n", __func__);
1031  goto out;
1032  }
1033  } else {
1034  /* Directly connect to the remote LSAP
1035  * specified by the sir_lsap field.
1036  * Please use with caution, in IrDA LSAPs are
1037  * dynamic and there is no "well-known" LSAP. */
1038  self->dtsap_sel = addr->sir_lsap_sel;
1039  }
1040  }
1041 
1042  /* Check if we have opened a local TSAP */
1043  if (!self->tsap)
1044  irda_open_tsap(self, LSAP_ANY, addr->sir_name);
1045 
1046  /* Move to connecting socket, start sending Connect Requests */
1047  sock->state = SS_CONNECTING;
1048  sk->sk_state = TCP_SYN_SENT;
1049 
1050  /* Connect to remote device */
1051  err = irttp_connect_request(self->tsap, self->dtsap_sel,
1052  self->saddr, self->daddr, NULL,
1053  self->max_sdu_size_rx, NULL);
1054  if (err) {
1055  IRDA_DEBUG(0, "%s(), connect failed!\n", __func__);
1056  goto out;
1057  }
1058 
1059  /* Now the loop */
1060  err = -EINPROGRESS;
1061  if (sk->sk_state != TCP_ESTABLISHED && (flags & O_NONBLOCK))
1062  goto out;
1063 
1064  err = -ERESTARTSYS;
1065  if (wait_event_interruptible(*(sk_sleep(sk)),
1066  (sk->sk_state != TCP_SYN_SENT)))
1067  goto out;
1068 
1069  if (sk->sk_state != TCP_ESTABLISHED) {
1070  sock->state = SS_UNCONNECTED;
1071  if (sk->sk_prot->disconnect(sk, flags))
1072  sock->state = SS_DISCONNECTING;
1073  err = sock_error(sk);
1074  if (!err)
1075  err = -ECONNRESET;
1076  goto out;
1077  }
1078 
1079  sock->state = SS_CONNECTED;
1080 
1081  /* At this point, IrLMP has assigned our source address */
1082  self->saddr = irttp_get_saddr(self->tsap);
1083  err = 0;
1084 out:
1085  release_sock(sk);
1086  return err;
1087 }
1088 
1089 static struct proto irda_proto = {
1090  .name = "IRDA",
1091  .owner = THIS_MODULE,
1092  .obj_size = sizeof(struct irda_sock),
1093 };
1094 
1095 /*
1096  * Function irda_create (sock, protocol)
1097  *
1098  * Create IrDA socket
1099  *
1100  */
1101 static int irda_create(struct net *net, struct socket *sock, int protocol,
1102  int kern)
1103 {
1104  struct sock *sk;
1105  struct irda_sock *self;
1106 
1107  IRDA_DEBUG(2, "%s()\n", __func__);
1108 
1109  if (net != &init_net)
1110  return -EAFNOSUPPORT;
1111 
1112  /* Check for valid socket type */
1113  switch (sock->type) {
1114  case SOCK_STREAM: /* For TTP connections with SAR disabled */
1115  case SOCK_SEQPACKET: /* For TTP connections with SAR enabled */
1116  case SOCK_DGRAM: /* For TTP Unitdata or LMP Ultra transfers */
1117  break;
1118  default:
1119  return -ESOCKTNOSUPPORT;
1120  }
1121 
1122  /* Allocate networking socket */
1123  sk = sk_alloc(net, PF_IRDA, GFP_ATOMIC, &irda_proto);
1124  if (sk == NULL)
1125  return -ENOMEM;
1126 
1127  self = irda_sk(sk);
1128  IRDA_DEBUG(2, "%s() : self is %p\n", __func__, self);
1129 
1130  init_waitqueue_head(&self->query_wait);
1131 
1132  switch (sock->type) {
1133  case SOCK_STREAM:
1134  sock->ops = &irda_stream_ops;
1135  self->max_sdu_size_rx = TTP_SAR_DISABLE;
1136  break;
1137  case SOCK_SEQPACKET:
1138  sock->ops = &irda_seqpacket_ops;
1139  self->max_sdu_size_rx = TTP_SAR_UNBOUND;
1140  break;
1141  case SOCK_DGRAM:
1142  switch (protocol) {
1143 #ifdef CONFIG_IRDA_ULTRA
1144  case IRDAPROTO_ULTRA:
1145  sock->ops = &irda_ultra_ops;
1146  /* Initialise now, because we may send on unbound
1147  * sockets. Jean II */
1148  self->max_data_size = ULTRA_MAX_DATA - LMP_PID_HEADER;
1149  self->max_header_size = IRDA_MAX_HEADER + LMP_PID_HEADER;
1150  break;
1151 #endif /* CONFIG_IRDA_ULTRA */
1152  case IRDAPROTO_UNITDATA:
1153  sock->ops = &irda_dgram_ops;
1154  /* We let Unitdata conn. be like seqpack conn. */
1155  self->max_sdu_size_rx = TTP_SAR_UNBOUND;
1156  break;
1157  default:
1158  sk_free(sk);
1159  return -ESOCKTNOSUPPORT;
1160  }
1161  break;
1162  default:
1163  sk_free(sk);
1164  return -ESOCKTNOSUPPORT;
1165  }
1166 
1167  /* Initialise networking socket struct */
1168  sock_init_data(sock, sk); /* Note : set sk->sk_refcnt to 1 */
1169  sk->sk_family = PF_IRDA;
1170  sk->sk_protocol = protocol;
1171 
1172  /* Register as a client with IrLMP */
1173  self->ckey = irlmp_register_client(0, NULL, NULL, NULL);
1174  self->mask.word = 0xffff;
1175  self->rx_flow = self->tx_flow = FLOW_START;
1176  self->nslots = DISCOVERY_DEFAULT_SLOTS;
1177  self->daddr = DEV_ADDR_ANY; /* Until we get connected */
1178  self->saddr = 0x0; /* so IrLMP assign us any link */
1179  return 0;
1180 }
1181 
1182 /*
1183  * Function irda_destroy_socket (self)
1184  *
1185  * Destroy socket
1186  *
1187  */
1188 static void irda_destroy_socket(struct irda_sock *self)
1189 {
1190  IRDA_DEBUG(2, "%s(%p)\n", __func__, self);
1191 
1192  /* Unregister with IrLMP */
1193  irlmp_unregister_client(self->ckey);
1194  irlmp_unregister_service(self->skey);
1195 
1196  /* Unregister with LM-IAS */
1197  if (self->ias_obj) {
1198  irias_delete_object(self->ias_obj);
1199  self->ias_obj = NULL;
1200  }
1201 
1202  if (self->iriap) {
1203  iriap_close(self->iriap);
1204  self->iriap = NULL;
1205  }
1206 
1207  if (self->tsap) {
1208  irttp_disconnect_request(self->tsap, NULL, P_NORMAL);
1209  irttp_close_tsap(self->tsap);
1210  self->tsap = NULL;
1211  }
1212 #ifdef CONFIG_IRDA_ULTRA
1213  if (self->lsap) {
1214  irlmp_close_lsap(self->lsap);
1215  self->lsap = NULL;
1216  }
1217 #endif /* CONFIG_IRDA_ULTRA */
1218 }
1219 
1220 /*
1221  * Function irda_release (sock)
1222  */
1223 static int irda_release(struct socket *sock)
1224 {
1225  struct sock *sk = sock->sk;
1226 
1227  IRDA_DEBUG(2, "%s()\n", __func__);
1228 
1229  if (sk == NULL)
1230  return 0;
1231 
1232  lock_sock(sk);
1233  sk->sk_state = TCP_CLOSE;
1234  sk->sk_shutdown |= SEND_SHUTDOWN;
1235  sk->sk_state_change(sk);
1236 
1237  /* Destroy IrDA socket */
1238  irda_destroy_socket(irda_sk(sk));
1239 
1240  sock_orphan(sk);
1241  sock->sk = NULL;
1242  release_sock(sk);
1243 
1244  /* Purge queues (see sock_init_data()) */
1245  skb_queue_purge(&sk->sk_receive_queue);
1246 
1247  /* Destroy networking socket if we are the last reference on it,
1248  * i.e. if(sk->sk_refcnt == 0) -> sk_free(sk) */
1249  sock_put(sk);
1250 
1251  /* Notes on socket locking and deallocation... - Jean II
1252  * In theory we should put pairs of sock_hold() / sock_put() to
1253  * prevent the socket to be destroyed whenever there is an
1254  * outstanding request or outstanding incoming packet or event.
1255  *
1256  * 1) This may include IAS request, both in connect and getsockopt.
1257  * Unfortunately, the situation is a bit more messy than it looks,
1258  * because we close iriap and kfree(self) above.
1259  *
1260  * 2) This may include selective discovery in getsockopt.
1261  * Same stuff as above, irlmp registration and self are gone.
1262  *
1263  * Probably 1 and 2 may not matter, because it's all triggered
1264  * by a process and the socket layer already prevent the
1265  * socket to go away while a process is holding it, through
1266  * sockfd_put() and fput()...
1267  *
1268  * 3) This may include deferred TSAP closure. In particular,
1269  * we may receive a late irda_disconnect_indication()
1270  * Fortunately, (tsap_cb *)->close_pend should protect us
1271  * from that.
1272  *
1273  * I did some testing on SMP, and it looks solid. And the socket
1274  * memory leak is now gone... - Jean II
1275  */
1276 
1277  return 0;
1278 }
1279 
1280 /*
1281  * Function irda_sendmsg (iocb, sock, msg, len)
1282  *
1283  * Send message down to TinyTP. This function is used for both STREAM and
1284  * SEQPACK services. This is possible since it forces the client to
1285  * fragment the message if necessary
1286  */
1287 static int irda_sendmsg(struct kiocb *iocb, struct socket *sock,
1288  struct msghdr *msg, size_t len)
1289 {
1290  struct sock *sk = sock->sk;
1291  struct irda_sock *self;
1292  struct sk_buff *skb;
1293  int err = -EPIPE;
1294 
1295  IRDA_DEBUG(4, "%s(), len=%zd\n", __func__, len);
1296 
1297  /* Note : socket.c set MSG_EOR on SEQPACKET sockets */
1298  if (msg->msg_flags & ~(MSG_DONTWAIT | MSG_EOR | MSG_CMSG_COMPAT |
1299  MSG_NOSIGNAL)) {
1300  return -EINVAL;
1301  }
1302 
1303  lock_sock(sk);
1304 
1305  if (sk->sk_shutdown & SEND_SHUTDOWN)
1306  goto out_err;
1307 
1308  if (sk->sk_state != TCP_ESTABLISHED) {
1309  err = -ENOTCONN;
1310  goto out;
1311  }
1312 
1313  self = irda_sk(sk);
1314 
1315  /* Check if IrTTP is wants us to slow down */
1316 
1317  if (wait_event_interruptible(*(sk_sleep(sk)),
1318  (self->tx_flow != FLOW_STOP || sk->sk_state != TCP_ESTABLISHED))) {
1319  err = -ERESTARTSYS;
1320  goto out;
1321  }
1322 
1323  /* Check if we are still connected */
1324  if (sk->sk_state != TCP_ESTABLISHED) {
1325  err = -ENOTCONN;
1326  goto out;
1327  }
1328 
1329  /* Check that we don't send out too big frames */
1330  if (len > self->max_data_size) {
1331  IRDA_DEBUG(2, "%s(), Chopping frame from %zd to %d bytes!\n",
1332  __func__, len, self->max_data_size);
1333  len = self->max_data_size;
1334  }
1335 
1336  skb = sock_alloc_send_skb(sk, len + self->max_header_size + 16,
1337  msg->msg_flags & MSG_DONTWAIT, &err);
1338  if (!skb)
1339  goto out_err;
1340 
1341  skb_reserve(skb, self->max_header_size + 16);
1342  skb_reset_transport_header(skb);
1343  skb_put(skb, len);
1344  err = memcpy_fromiovec(skb_transport_header(skb), msg->msg_iov, len);
1345  if (err) {
1346  kfree_skb(skb);
1347  goto out_err;
1348  }
1349 
1350  /*
1351  * Just send the message to TinyTP, and let it deal with possible
1352  * errors. No need to duplicate all that here
1353  */
1354  err = irttp_data_request(self->tsap, skb);
1355  if (err) {
1356  IRDA_DEBUG(0, "%s(), err=%d\n", __func__, err);
1357  goto out_err;
1358  }
1359 
1360  release_sock(sk);
1361  /* Tell client how much data we actually sent */
1362  return len;
1363 
1364 out_err:
1365  err = sk_stream_error(sk, msg->msg_flags, err);
1366 out:
1367  release_sock(sk);
1368  return err;
1369 
1370 }
1371 
1372 /*
1373  * Function irda_recvmsg_dgram (iocb, sock, msg, size, flags)
1374  *
1375  * Try to receive message and copy it to user. The frame is discarded
1376  * after being read, regardless of how much the user actually read
1377  */
1378 static int irda_recvmsg_dgram(struct kiocb *iocb, struct socket *sock,
1379  struct msghdr *msg, size_t size, int flags)
1380 {
1381  struct sock *sk = sock->sk;
1382  struct irda_sock *self = irda_sk(sk);
1383  struct sk_buff *skb;
1384  size_t copied;
1385  int err;
1386 
1387  IRDA_DEBUG(4, "%s()\n", __func__);
1388 
1389  skb = skb_recv_datagram(sk, flags & ~MSG_DONTWAIT,
1390  flags & MSG_DONTWAIT, &err);
1391  if (!skb)
1392  return err;
1393 
1394  skb_reset_transport_header(skb);
1395  copied = skb->len;
1396 
1397  if (copied > size) {
1398  IRDA_DEBUG(2, "%s(), Received truncated frame (%zd < %zd)!\n",
1399  __func__, copied, size);
1400  copied = size;
1401  msg->msg_flags |= MSG_TRUNC;
1402  }
1403  skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied);
1404 
1405  skb_free_datagram(sk, skb);
1406 
1407  /*
1408  * Check if we have previously stopped IrTTP and we know
1409  * have more free space in our rx_queue. If so tell IrTTP
1410  * to start delivering frames again before our rx_queue gets
1411  * empty
1412  */
1413  if (self->rx_flow == FLOW_STOP) {
1414  if ((atomic_read(&sk->sk_rmem_alloc) << 2) <= sk->sk_rcvbuf) {
1415  IRDA_DEBUG(2, "%s(), Starting IrTTP\n", __func__);
1416  self->rx_flow = FLOW_START;
1417  irttp_flow_request(self->tsap, FLOW_START);
1418  }
1419  }
1420 
1421  return copied;
1422 }
1423 
1424 /*
1425  * Function irda_recvmsg_stream (iocb, sock, msg, size, flags)
1426  */
1427 static int irda_recvmsg_stream(struct kiocb *iocb, struct socket *sock,
1428  struct msghdr *msg, size_t size, int flags)
1429 {
1430  struct sock *sk = sock->sk;
1431  struct irda_sock *self = irda_sk(sk);
1432  int noblock = flags & MSG_DONTWAIT;
1433  size_t copied = 0;
1434  int target, err;
1435  long timeo;
1436 
1437  IRDA_DEBUG(3, "%s()\n", __func__);
1438 
1439  if ((err = sock_error(sk)) < 0)
1440  return err;
1441 
1442  if (sock->flags & __SO_ACCEPTCON)
1443  return -EINVAL;
1444 
1445  err =-EOPNOTSUPP;
1446  if (flags & MSG_OOB)
1447  return -EOPNOTSUPP;
1448 
1449  err = 0;
1450  target = sock_rcvlowat(sk, flags & MSG_WAITALL, size);
1451  timeo = sock_rcvtimeo(sk, noblock);
1452 
1453  msg->msg_namelen = 0;
1454 
1455  do {
1456  int chunk;
1457  struct sk_buff *skb = skb_dequeue(&sk->sk_receive_queue);
1458 
1459  if (skb == NULL) {
1460  DEFINE_WAIT(wait);
1461  err = 0;
1462 
1463  if (copied >= target)
1464  break;
1465 
1466  prepare_to_wait_exclusive(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE);
1467 
1468  /*
1469  * POSIX 1003.1g mandates this order.
1470  */
1471  err = sock_error(sk);
1472  if (err)
1473  ;
1474  else if (sk->sk_shutdown & RCV_SHUTDOWN)
1475  ;
1476  else if (noblock)
1477  err = -EAGAIN;
1478  else if (signal_pending(current))
1479  err = sock_intr_errno(timeo);
1480  else if (sk->sk_state != TCP_ESTABLISHED)
1481  err = -ENOTCONN;
1482  else if (skb_peek(&sk->sk_receive_queue) == NULL)
1483  /* Wait process until data arrives */
1484  schedule();
1485 
1486  finish_wait(sk_sleep(sk), &wait);
1487 
1488  if (err)
1489  return err;
1490  if (sk->sk_shutdown & RCV_SHUTDOWN)
1491  break;
1492 
1493  continue;
1494  }
1495 
1496  chunk = min_t(unsigned int, skb->len, size);
1497  if (memcpy_toiovec(msg->msg_iov, skb->data, chunk)) {
1498  skb_queue_head(&sk->sk_receive_queue, skb);
1499  if (copied == 0)
1500  copied = -EFAULT;
1501  break;
1502  }
1503  copied += chunk;
1504  size -= chunk;
1505 
1506  /* Mark read part of skb as used */
1507  if (!(flags & MSG_PEEK)) {
1508  skb_pull(skb, chunk);
1509 
1510  /* put the skb back if we didn't use it up.. */
1511  if (skb->len) {
1512  IRDA_DEBUG(1, "%s(), back on q!\n",
1513  __func__);
1514  skb_queue_head(&sk->sk_receive_queue, skb);
1515  break;
1516  }
1517 
1518  kfree_skb(skb);
1519  } else {
1520  IRDA_DEBUG(0, "%s() questionable!?\n", __func__);
1521 
1522  /* put message back and return */
1523  skb_queue_head(&sk->sk_receive_queue, skb);
1524  break;
1525  }
1526  } while (size);
1527 
1528  /*
1529  * Check if we have previously stopped IrTTP and we know
1530  * have more free space in our rx_queue. If so tell IrTTP
1531  * to start delivering frames again before our rx_queue gets
1532  * empty
1533  */
1534  if (self->rx_flow == FLOW_STOP) {
1535  if ((atomic_read(&sk->sk_rmem_alloc) << 2) <= sk->sk_rcvbuf) {
1536  IRDA_DEBUG(2, "%s(), Starting IrTTP\n", __func__);
1537  self->rx_flow = FLOW_START;
1538  irttp_flow_request(self->tsap, FLOW_START);
1539  }
1540  }
1541 
1542  return copied;
1543 }
1544 
1545 /*
1546  * Function irda_sendmsg_dgram (iocb, sock, msg, len)
1547  *
1548  * Send message down to TinyTP for the unreliable sequenced
1549  * packet service...
1550  *
1551  */
1552 static int irda_sendmsg_dgram(struct kiocb *iocb, struct socket *sock,
1553  struct msghdr *msg, size_t len)
1554 {
1555  struct sock *sk = sock->sk;
1556  struct irda_sock *self;
1557  struct sk_buff *skb;
1558  int err;
1559 
1560  IRDA_DEBUG(4, "%s(), len=%zd\n", __func__, len);
1561 
1562  if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_CMSG_COMPAT))
1563  return -EINVAL;
1564 
1565  lock_sock(sk);
1566 
1567  if (sk->sk_shutdown & SEND_SHUTDOWN) {
1568  send_sig(SIGPIPE, current, 0);
1569  err = -EPIPE;
1570  goto out;
1571  }
1572 
1573  err = -ENOTCONN;
1574  if (sk->sk_state != TCP_ESTABLISHED)
1575  goto out;
1576 
1577  self = irda_sk(sk);
1578 
1579  /*
1580  * Check that we don't send out too big frames. This is an unreliable
1581  * service, so we have no fragmentation and no coalescence
1582  */
1583  if (len > self->max_data_size) {
1584  IRDA_DEBUG(0, "%s(), Warning to much data! "
1585  "Chopping frame from %zd to %d bytes!\n",
1586  __func__, len, self->max_data_size);
1587  len = self->max_data_size;
1588  }
1589 
1590  skb = sock_alloc_send_skb(sk, len + self->max_header_size,
1591  msg->msg_flags & MSG_DONTWAIT, &err);
1592  err = -ENOBUFS;
1593  if (!skb)
1594  goto out;
1595 
1596  skb_reserve(skb, self->max_header_size);
1597  skb_reset_transport_header(skb);
1598 
1599  IRDA_DEBUG(4, "%s(), appending user data\n", __func__);
1600  skb_put(skb, len);
1601  err = memcpy_fromiovec(skb_transport_header(skb), msg->msg_iov, len);
1602  if (err) {
1603  kfree_skb(skb);
1604  goto out;
1605  }
1606 
1607  /*
1608  * Just send the message to TinyTP, and let it deal with possible
1609  * errors. No need to duplicate all that here
1610  */
1611  err = irttp_udata_request(self->tsap, skb);
1612  if (err) {
1613  IRDA_DEBUG(0, "%s(), err=%d\n", __func__, err);
1614  goto out;
1615  }
1616 
1617  release_sock(sk);
1618  return len;
1619 
1620 out:
1621  release_sock(sk);
1622  return err;
1623 }
1624 
1625 /*
1626  * Function irda_sendmsg_ultra (iocb, sock, msg, len)
1627  *
1628  * Send message down to IrLMP for the unreliable Ultra
1629  * packet service...
1630  */
1631 #ifdef CONFIG_IRDA_ULTRA
1632 static int irda_sendmsg_ultra(struct kiocb *iocb, struct socket *sock,
1633  struct msghdr *msg, size_t len)
1634 {
1635  struct sock *sk = sock->sk;
1636  struct irda_sock *self;
1637  __u8 pid = 0;
1638  int bound = 0;
1639  struct sk_buff *skb;
1640  int err;
1641 
1642  IRDA_DEBUG(4, "%s(), len=%zd\n", __func__, len);
1643 
1644  err = -EINVAL;
1645  if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_CMSG_COMPAT))
1646  return -EINVAL;
1647 
1648  lock_sock(sk);
1649 
1650  err = -EPIPE;
1651  if (sk->sk_shutdown & SEND_SHUTDOWN) {
1652  send_sig(SIGPIPE, current, 0);
1653  goto out;
1654  }
1655 
1656  self = irda_sk(sk);
1657 
1658  /* Check if an address was specified with sendto. Jean II */
1659  if (msg->msg_name) {
1660  struct sockaddr_irda *addr = (struct sockaddr_irda *) msg->msg_name;
1661  err = -EINVAL;
1662  /* Check address, extract pid. Jean II */
1663  if (msg->msg_namelen < sizeof(*addr))
1664  goto out;
1665  if (addr->sir_family != AF_IRDA)
1666  goto out;
1667 
1668  pid = addr->sir_lsap_sel;
1669  if (pid & 0x80) {
1670  IRDA_DEBUG(0, "%s(), extension in PID not supp!\n", __func__);
1671  err = -EOPNOTSUPP;
1672  goto out;
1673  }
1674  } else {
1675  /* Check that the socket is properly bound to an Ultra
1676  * port. Jean II */
1677  if ((self->lsap == NULL) ||
1678  (sk->sk_state != TCP_ESTABLISHED)) {
1679  IRDA_DEBUG(0, "%s(), socket not bound to Ultra PID.\n",
1680  __func__);
1681  err = -ENOTCONN;
1682  goto out;
1683  }
1684  /* Use PID from socket */
1685  bound = 1;
1686  }
1687 
1688  /*
1689  * Check that we don't send out too big frames. This is an unreliable
1690  * service, so we have no fragmentation and no coalescence
1691  */
1692  if (len > self->max_data_size) {
1693  IRDA_DEBUG(0, "%s(), Warning to much data! "
1694  "Chopping frame from %zd to %d bytes!\n",
1695  __func__, len, self->max_data_size);
1696  len = self->max_data_size;
1697  }
1698 
1699  skb = sock_alloc_send_skb(sk, len + self->max_header_size,
1700  msg->msg_flags & MSG_DONTWAIT, &err);
1701  err = -ENOBUFS;
1702  if (!skb)
1703  goto out;
1704 
1705  skb_reserve(skb, self->max_header_size);
1706  skb_reset_transport_header(skb);
1707 
1708  IRDA_DEBUG(4, "%s(), appending user data\n", __func__);
1709  skb_put(skb, len);
1710  err = memcpy_fromiovec(skb_transport_header(skb), msg->msg_iov, len);
1711  if (err) {
1712  kfree_skb(skb);
1713  goto out;
1714  }
1715 
1716  err = irlmp_connless_data_request((bound ? self->lsap : NULL),
1717  skb, pid);
1718  if (err)
1719  IRDA_DEBUG(0, "%s(), err=%d\n", __func__, err);
1720 out:
1721  release_sock(sk);
1722  return err ? : len;
1723 }
1724 #endif /* CONFIG_IRDA_ULTRA */
1725 
1726 /*
1727  * Function irda_shutdown (sk, how)
1728  */
1729 static int irda_shutdown(struct socket *sock, int how)
1730 {
1731  struct sock *sk = sock->sk;
1732  struct irda_sock *self = irda_sk(sk);
1733 
1734  IRDA_DEBUG(1, "%s(%p)\n", __func__, self);
1735 
1736  lock_sock(sk);
1737 
1738  sk->sk_state = TCP_CLOSE;
1739  sk->sk_shutdown |= SEND_SHUTDOWN;
1740  sk->sk_state_change(sk);
1741 
1742  if (self->iriap) {
1743  iriap_close(self->iriap);
1744  self->iriap = NULL;
1745  }
1746 
1747  if (self->tsap) {
1748  irttp_disconnect_request(self->tsap, NULL, P_NORMAL);
1749  irttp_close_tsap(self->tsap);
1750  self->tsap = NULL;
1751  }
1752 
1753  /* A few cleanup so the socket look as good as new... */
1754  self->rx_flow = self->tx_flow = FLOW_START; /* needed ??? */
1755  self->daddr = DEV_ADDR_ANY; /* Until we get re-connected */
1756  self->saddr = 0x0; /* so IrLMP assign us any link */
1757 
1758  release_sock(sk);
1759 
1760  return 0;
1761 }
1762 
1763 /*
1764  * Function irda_poll (file, sock, wait)
1765  */
1766 static unsigned int irda_poll(struct file * file, struct socket *sock,
1767  poll_table *wait)
1768 {
1769  struct sock *sk = sock->sk;
1770  struct irda_sock *self = irda_sk(sk);
1771  unsigned int mask;
1772 
1773  IRDA_DEBUG(4, "%s()\n", __func__);
1774 
1775  poll_wait(file, sk_sleep(sk), wait);
1776  mask = 0;
1777 
1778  /* Exceptional events? */
1779  if (sk->sk_err)
1780  mask |= POLLERR;
1781  if (sk->sk_shutdown & RCV_SHUTDOWN) {
1782  IRDA_DEBUG(0, "%s(), POLLHUP\n", __func__);
1783  mask |= POLLHUP;
1784  }
1785 
1786  /* Readable? */
1787  if (!skb_queue_empty(&sk->sk_receive_queue)) {
1788  IRDA_DEBUG(4, "Socket is readable\n");
1789  mask |= POLLIN | POLLRDNORM;
1790  }
1791 
1792  /* Connection-based need to check for termination and startup */
1793  switch (sk->sk_type) {
1794  case SOCK_STREAM:
1795  if (sk->sk_state == TCP_CLOSE) {
1796  IRDA_DEBUG(0, "%s(), POLLHUP\n", __func__);
1797  mask |= POLLHUP;
1798  }
1799 
1800  if (sk->sk_state == TCP_ESTABLISHED) {
1801  if ((self->tx_flow == FLOW_START) &&
1802  sock_writeable(sk))
1803  {
1804  mask |= POLLOUT | POLLWRNORM | POLLWRBAND;
1805  }
1806  }
1807  break;
1808  case SOCK_SEQPACKET:
1809  if ((self->tx_flow == FLOW_START) &&
1810  sock_writeable(sk))
1811  {
1812  mask |= POLLOUT | POLLWRNORM | POLLWRBAND;
1813  }
1814  break;
1815  case SOCK_DGRAM:
1816  if (sock_writeable(sk))
1817  mask |= POLLOUT | POLLWRNORM | POLLWRBAND;
1818  break;
1819  default:
1820  break;
1821  }
1822 
1823  return mask;
1824 }
1825 
1826 /*
1827  * Function irda_ioctl (sock, cmd, arg)
1828  */
1829 static int irda_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
1830 {
1831  struct sock *sk = sock->sk;
1832  int err;
1833 
1834  IRDA_DEBUG(4, "%s(), cmd=%#x\n", __func__, cmd);
1835 
1836  err = -EINVAL;
1837  switch (cmd) {
1838  case TIOCOUTQ: {
1839  long amount;
1840 
1841  amount = sk->sk_sndbuf - sk_wmem_alloc_get(sk);
1842  if (amount < 0)
1843  amount = 0;
1844  err = put_user(amount, (unsigned int __user *)arg);
1845  break;
1846  }
1847 
1848  case TIOCINQ: {
1849  struct sk_buff *skb;
1850  long amount = 0L;
1851  /* These two are safe on a single CPU system as only user tasks fiddle here */
1852  if ((skb = skb_peek(&sk->sk_receive_queue)) != NULL)
1853  amount = skb->len;
1854  err = put_user(amount, (unsigned int __user *)arg);
1855  break;
1856  }
1857 
1858  case SIOCGSTAMP:
1859  if (sk != NULL)
1860  err = sock_get_timestamp(sk, (struct timeval __user *)arg);
1861  break;
1862 
1863  case SIOCGIFADDR:
1864  case SIOCSIFADDR:
1865  case SIOCGIFDSTADDR:
1866  case SIOCSIFDSTADDR:
1867  case SIOCGIFBRDADDR:
1868  case SIOCSIFBRDADDR:
1869  case SIOCGIFNETMASK:
1870  case SIOCSIFNETMASK:
1871  case SIOCGIFMETRIC:
1872  case SIOCSIFMETRIC:
1873  break;
1874  default:
1875  IRDA_DEBUG(1, "%s(), doing device ioctl!\n", __func__);
1876  err = -ENOIOCTLCMD;
1877  }
1878 
1879  return err;
1880 }
1881 
1882 #ifdef CONFIG_COMPAT
1883 /*
1884  * Function irda_ioctl (sock, cmd, arg)
1885  */
1886 static int irda_compat_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
1887 {
1888  /*
1889  * All IRDA's ioctl are standard ones.
1890  */
1891  return -ENOIOCTLCMD;
1892 }
1893 #endif
1894 
1895 /*
1896  * Function irda_setsockopt (sock, level, optname, optval, optlen)
1897  *
1898  * Set some options for the socket
1899  *
1900  */
1901 static int irda_setsockopt(struct socket *sock, int level, int optname,
1902  char __user *optval, unsigned int optlen)
1903 {
1904  struct sock *sk = sock->sk;
1905  struct irda_sock *self = irda_sk(sk);
1906  struct irda_ias_set *ias_opt;
1907  struct ias_object *ias_obj;
1908  struct ias_attrib * ias_attr; /* Attribute in IAS object */
1909  int opt, free_ias = 0, err = 0;
1910 
1911  IRDA_DEBUG(2, "%s(%p)\n", __func__, self);
1912 
1913  if (level != SOL_IRLMP)
1914  return -ENOPROTOOPT;
1915 
1916  lock_sock(sk);
1917 
1918  switch (optname) {
1919  case IRLMP_IAS_SET:
1920  /* The user want to add an attribute to an existing IAS object
1921  * (in the IAS database) or to create a new object with this
1922  * attribute.
1923  * We first query IAS to know if the object exist, and then
1924  * create the right attribute...
1925  */
1926 
1927  if (optlen != sizeof(struct irda_ias_set)) {
1928  err = -EINVAL;
1929  goto out;
1930  }
1931 
1932  ias_opt = kmalloc(sizeof(struct irda_ias_set), GFP_ATOMIC);
1933  if (ias_opt == NULL) {
1934  err = -ENOMEM;
1935  goto out;
1936  }
1937 
1938  /* Copy query to the driver. */
1939  if (copy_from_user(ias_opt, optval, optlen)) {
1940  kfree(ias_opt);
1941  err = -EFAULT;
1942  goto out;
1943  }
1944 
1945  /* Find the object we target.
1946  * If the user gives us an empty string, we use the object
1947  * associated with this socket. This will workaround
1948  * duplicated class name - Jean II */
1949  if(ias_opt->irda_class_name[0] == '\0') {
1950  if(self->ias_obj == NULL) {
1951  kfree(ias_opt);
1952  err = -EINVAL;
1953  goto out;
1954  }
1955  ias_obj = self->ias_obj;
1956  } else
1957  ias_obj = irias_find_object(ias_opt->irda_class_name);
1958 
1959  /* Only ROOT can mess with the global IAS database.
1960  * Users can only add attributes to the object associated
1961  * with the socket they own - Jean II */
1962  if((!capable(CAP_NET_ADMIN)) &&
1963  ((ias_obj == NULL) || (ias_obj != self->ias_obj))) {
1964  kfree(ias_opt);
1965  err = -EPERM;
1966  goto out;
1967  }
1968 
1969  /* If the object doesn't exist, create it */
1970  if(ias_obj == (struct ias_object *) NULL) {
1971  /* Create a new object */
1972  ias_obj = irias_new_object(ias_opt->irda_class_name,
1973  jiffies);
1974  if (ias_obj == NULL) {
1975  kfree(ias_opt);
1976  err = -ENOMEM;
1977  goto out;
1978  }
1979  free_ias = 1;
1980  }
1981 
1982  /* Do we have the attribute already ? */
1983  if(irias_find_attrib(ias_obj, ias_opt->irda_attrib_name)) {
1984  kfree(ias_opt);
1985  if (free_ias) {
1986  kfree(ias_obj->name);
1987  kfree(ias_obj);
1988  }
1989  err = -EINVAL;
1990  goto out;
1991  }
1992 
1993  /* Look at the type */
1994  switch(ias_opt->irda_attrib_type) {
1995  case IAS_INTEGER:
1996  /* Add an integer attribute */
1997  irias_add_integer_attrib(
1998  ias_obj,
1999  ias_opt->irda_attrib_name,
2000  ias_opt->attribute.irda_attrib_int,
2001  IAS_USER_ATTR);
2002  break;
2003  case IAS_OCT_SEQ:
2004  /* Check length */
2005  if(ias_opt->attribute.irda_attrib_octet_seq.len >
2006  IAS_MAX_OCTET_STRING) {
2007  kfree(ias_opt);
2008  if (free_ias) {
2009  kfree(ias_obj->name);
2010  kfree(ias_obj);
2011  }
2012 
2013  err = -EINVAL;
2014  goto out;
2015  }
2016  /* Add an octet sequence attribute */
2017  irias_add_octseq_attrib(
2018  ias_obj,
2019  ias_opt->irda_attrib_name,
2020  ias_opt->attribute.irda_attrib_octet_seq.octet_seq,
2021  ias_opt->attribute.irda_attrib_octet_seq.len,
2022  IAS_USER_ATTR);
2023  break;
2024  case IAS_STRING:
2025  /* Should check charset & co */
2026  /* Check length */
2027  /* The length is encoded in a __u8, and
2028  * IAS_MAX_STRING == 256, so there is no way
2029  * userspace can pass us a string too large.
2030  * Jean II */
2031  /* NULL terminate the string (avoid troubles) */
2032  ias_opt->attribute.irda_attrib_string.string[ias_opt->attribute.irda_attrib_string.len] = '\0';
2033  /* Add a string attribute */
2034  irias_add_string_attrib(
2035  ias_obj,
2036  ias_opt->irda_attrib_name,
2037  ias_opt->attribute.irda_attrib_string.string,
2038  IAS_USER_ATTR);
2039  break;
2040  default :
2041  kfree(ias_opt);
2042  if (free_ias) {
2043  kfree(ias_obj->name);
2044  kfree(ias_obj);
2045  }
2046  err = -EINVAL;
2047  goto out;
2048  }
2049  irias_insert_object(ias_obj);
2050  kfree(ias_opt);
2051  break;
2052  case IRLMP_IAS_DEL:
2053  /* The user want to delete an object from our local IAS
2054  * database. We just need to query the IAS, check is the
2055  * object is not owned by the kernel and delete it.
2056  */
2057 
2058  if (optlen != sizeof(struct irda_ias_set)) {
2059  err = -EINVAL;
2060  goto out;
2061  }
2062 
2063  ias_opt = kmalloc(sizeof(struct irda_ias_set), GFP_ATOMIC);
2064  if (ias_opt == NULL) {
2065  err = -ENOMEM;
2066  goto out;
2067  }
2068 
2069  /* Copy query to the driver. */
2070  if (copy_from_user(ias_opt, optval, optlen)) {
2071  kfree(ias_opt);
2072  err = -EFAULT;
2073  goto out;
2074  }
2075 
2076  /* Find the object we target.
2077  * If the user gives us an empty string, we use the object
2078  * associated with this socket. This will workaround
2079  * duplicated class name - Jean II */
2080  if(ias_opt->irda_class_name[0] == '\0')
2081  ias_obj = self->ias_obj;
2082  else
2083  ias_obj = irias_find_object(ias_opt->irda_class_name);
2084  if(ias_obj == (struct ias_object *) NULL) {
2085  kfree(ias_opt);
2086  err = -EINVAL;
2087  goto out;
2088  }
2089 
2090  /* Only ROOT can mess with the global IAS database.
2091  * Users can only del attributes from the object associated
2092  * with the socket they own - Jean II */
2093  if((!capable(CAP_NET_ADMIN)) &&
2094  ((ias_obj == NULL) || (ias_obj != self->ias_obj))) {
2095  kfree(ias_opt);
2096  err = -EPERM;
2097  goto out;
2098  }
2099 
2100  /* Find the attribute (in the object) we target */
2101  ias_attr = irias_find_attrib(ias_obj,
2102  ias_opt->irda_attrib_name);
2103  if(ias_attr == (struct ias_attrib *) NULL) {
2104  kfree(ias_opt);
2105  err = -EINVAL;
2106  goto out;
2107  }
2108 
2109  /* Check is the user space own the object */
2110  if(ias_attr->value->owner != IAS_USER_ATTR) {
2111  IRDA_DEBUG(1, "%s(), attempting to delete a kernel attribute\n", __func__);
2112  kfree(ias_opt);
2113  err = -EPERM;
2114  goto out;
2115  }
2116 
2117  /* Remove the attribute (and maybe the object) */
2118  irias_delete_attrib(ias_obj, ias_attr, 1);
2119  kfree(ias_opt);
2120  break;
2121  case IRLMP_MAX_SDU_SIZE:
2122  if (optlen < sizeof(int)) {
2123  err = -EINVAL;
2124  goto out;
2125  }
2126 
2127  if (get_user(opt, (int __user *)optval)) {
2128  err = -EFAULT;
2129  goto out;
2130  }
2131 
2132  /* Only possible for a seqpacket service (TTP with SAR) */
2133  if (sk->sk_type != SOCK_SEQPACKET) {
2134  IRDA_DEBUG(2, "%s(), setting max_sdu_size = %d\n",
2135  __func__, opt);
2136  self->max_sdu_size_rx = opt;
2137  } else {
2138  IRDA_WARNING("%s: not allowed to set MAXSDUSIZE for this socket type!\n",
2139  __func__);
2140  err = -ENOPROTOOPT;
2141  goto out;
2142  }
2143  break;
2144  case IRLMP_HINTS_SET:
2145  if (optlen < sizeof(int)) {
2146  err = -EINVAL;
2147  goto out;
2148  }
2149 
2150  /* The input is really a (__u8 hints[2]), easier as an int */
2151  if (get_user(opt, (int __user *)optval)) {
2152  err = -EFAULT;
2153  goto out;
2154  }
2155 
2156  /* Unregister any old registration */
2157  if (self->skey)
2158  irlmp_unregister_service(self->skey);
2159 
2160  self->skey = irlmp_register_service((__u16) opt);
2161  break;
2162  case IRLMP_HINT_MASK_SET:
2163  /* As opposed to the previous case which set the hint bits
2164  * that we advertise, this one set the filter we use when
2165  * making a discovery (nodes which don't match any hint
2166  * bit in the mask are not reported).
2167  */
2168  if (optlen < sizeof(int)) {
2169  err = -EINVAL;
2170  goto out;
2171  }
2172 
2173  /* The input is really a (__u8 hints[2]), easier as an int */
2174  if (get_user(opt, (int __user *)optval)) {
2175  err = -EFAULT;
2176  goto out;
2177  }
2178 
2179  /* Set the new hint mask */
2180  self->mask.word = (__u16) opt;
2181  /* Mask out extension bits */
2182  self->mask.word &= 0x7f7f;
2183  /* Check if no bits */
2184  if(!self->mask.word)
2185  self->mask.word = 0xFFFF;
2186 
2187  break;
2188  default:
2189  err = -ENOPROTOOPT;
2190  break;
2191  }
2192 
2193 out:
2194  release_sock(sk);
2195 
2196  return err;
2197 }
2198 
2199 /*
2200  * Function irda_extract_ias_value(ias_opt, ias_value)
2201  *
2202  * Translate internal IAS value structure to the user space representation
2203  *
2204  * The external representation of IAS values, as we exchange them with
2205  * user space program is quite different from the internal representation,
2206  * as stored in the IAS database (because we need a flat structure for
2207  * crossing kernel boundary).
2208  * This function transform the former in the latter. We also check
2209  * that the value type is valid.
2210  */
2211 static int irda_extract_ias_value(struct irda_ias_set *ias_opt,
2212  struct ias_value *ias_value)
2213 {
2214  /* Look at the type */
2215  switch (ias_value->type) {
2216  case IAS_INTEGER:
2217  /* Copy the integer */
2218  ias_opt->attribute.irda_attrib_int = ias_value->t.integer;
2219  break;
2220  case IAS_OCT_SEQ:
2221  /* Set length */
2222  ias_opt->attribute.irda_attrib_octet_seq.len = ias_value->len;
2223  /* Copy over */
2224  memcpy(ias_opt->attribute.irda_attrib_octet_seq.octet_seq,
2225  ias_value->t.oct_seq, ias_value->len);
2226  break;
2227  case IAS_STRING:
2228  /* Set length */
2229  ias_opt->attribute.irda_attrib_string.len = ias_value->len;
2230  ias_opt->attribute.irda_attrib_string.charset = ias_value->charset;
2231  /* Copy over */
2232  memcpy(ias_opt->attribute.irda_attrib_string.string,
2233  ias_value->t.string, ias_value->len);
2234  /* NULL terminate the string (avoid troubles) */
2235  ias_opt->attribute.irda_attrib_string.string[ias_value->len] = '\0';
2236  break;
2237  case IAS_MISSING:
2238  default :
2239  return -EINVAL;
2240  }
2241 
2242  /* Copy type over */
2243  ias_opt->irda_attrib_type = ias_value->type;
2244 
2245  return 0;
2246 }
2247 
2248 /*
2249  * Function irda_getsockopt (sock, level, optname, optval, optlen)
2250  */
2251 static int irda_getsockopt(struct socket *sock, int level, int optname,
2252  char __user *optval, int __user *optlen)
2253 {
2254  struct sock *sk = sock->sk;
2255  struct irda_sock *self = irda_sk(sk);
2256  struct irda_device_list list;
2257  struct irda_device_info *discoveries;
2258  struct irda_ias_set * ias_opt; /* IAS get/query params */
2259  struct ias_object * ias_obj; /* Object in IAS */
2260  struct ias_attrib * ias_attr; /* Attribute in IAS object */
2261  int daddr = DEV_ADDR_ANY; /* Dest address for IAS queries */
2262  int val = 0;
2263  int len = 0;
2264  int err = 0;
2265  int offset, total;
2266 
2267  IRDA_DEBUG(2, "%s(%p)\n", __func__, self);
2268 
2269  if (level != SOL_IRLMP)
2270  return -ENOPROTOOPT;
2271 
2272  if (get_user(len, optlen))
2273  return -EFAULT;
2274 
2275  if(len < 0)
2276  return -EINVAL;
2277 
2278  lock_sock(sk);
2279 
2280  switch (optname) {
2281  case IRLMP_ENUMDEVICES:
2282 
2283  /* Offset to first device entry */
2284  offset = sizeof(struct irda_device_list) -
2285  sizeof(struct irda_device_info);
2286 
2287  if (len < offset) {
2288  err = -EINVAL;
2289  goto out;
2290  }
2291 
2292  /* Ask lmp for the current discovery log */
2293  discoveries = irlmp_get_discoveries(&list.len, self->mask.word,
2294  self->nslots);
2295  /* Check if the we got some results */
2296  if (discoveries == NULL) {
2297  err = -EAGAIN;
2298  goto out; /* Didn't find any devices */
2299  }
2300 
2301  /* Write total list length back to client */
2302  if (copy_to_user(optval, &list, offset))
2303  err = -EFAULT;
2304 
2305  /* Copy the list itself - watch for overflow */
2306  if (list.len > 2048) {
2307  err = -EINVAL;
2308  goto bed;
2309  }
2310  total = offset + (list.len * sizeof(struct irda_device_info));
2311  if (total > len)
2312  total = len;
2313  if (copy_to_user(optval+offset, discoveries, total - offset))
2314  err = -EFAULT;
2315 
2316  /* Write total number of bytes used back to client */
2317  if (put_user(total, optlen))
2318  err = -EFAULT;
2319 bed:
2320  /* Free up our buffer */
2321  kfree(discoveries);
2322  break;
2323  case IRLMP_MAX_SDU_SIZE:
2324  val = self->max_data_size;
2325  len = sizeof(int);
2326  if (put_user(len, optlen)) {
2327  err = -EFAULT;
2328  goto out;
2329  }
2330 
2331  if (copy_to_user(optval, &val, len)) {
2332  err = -EFAULT;
2333  goto out;
2334  }
2335 
2336  break;
2337  case IRLMP_IAS_GET:
2338  /* The user want an object from our local IAS database.
2339  * We just need to query the IAS and return the value
2340  * that we found */
2341 
2342  /* Check that the user has allocated the right space for us */
2343  if (len != sizeof(struct irda_ias_set)) {
2344  err = -EINVAL;
2345  goto out;
2346  }
2347 
2348  ias_opt = kmalloc(sizeof(struct irda_ias_set), GFP_ATOMIC);
2349  if (ias_opt == NULL) {
2350  err = -ENOMEM;
2351  goto out;
2352  }
2353 
2354  /* Copy query to the driver. */
2355  if (copy_from_user(ias_opt, optval, len)) {
2356  kfree(ias_opt);
2357  err = -EFAULT;
2358  goto out;
2359  }
2360 
2361  /* Find the object we target.
2362  * If the user gives us an empty string, we use the object
2363  * associated with this socket. This will workaround
2364  * duplicated class name - Jean II */
2365  if(ias_opt->irda_class_name[0] == '\0')
2366  ias_obj = self->ias_obj;
2367  else
2368  ias_obj = irias_find_object(ias_opt->irda_class_name);
2369  if(ias_obj == (struct ias_object *) NULL) {
2370  kfree(ias_opt);
2371  err = -EINVAL;
2372  goto out;
2373  }
2374 
2375  /* Find the attribute (in the object) we target */
2376  ias_attr = irias_find_attrib(ias_obj,
2377  ias_opt->irda_attrib_name);
2378  if(ias_attr == (struct ias_attrib *) NULL) {
2379  kfree(ias_opt);
2380  err = -EINVAL;
2381  goto out;
2382  }
2383 
2384  /* Translate from internal to user structure */
2385  err = irda_extract_ias_value(ias_opt, ias_attr->value);
2386  if(err) {
2387  kfree(ias_opt);
2388  goto out;
2389  }
2390 
2391  /* Copy reply to the user */
2392  if (copy_to_user(optval, ias_opt,
2393  sizeof(struct irda_ias_set))) {
2394  kfree(ias_opt);
2395  err = -EFAULT;
2396  goto out;
2397  }
2398  /* Note : don't need to put optlen, we checked it */
2399  kfree(ias_opt);
2400  break;
2401  case IRLMP_IAS_QUERY:
2402  /* The user want an object from a remote IAS database.
2403  * We need to use IAP to query the remote database and
2404  * then wait for the answer to come back. */
2405 
2406  /* Check that the user has allocated the right space for us */
2407  if (len != sizeof(struct irda_ias_set)) {
2408  err = -EINVAL;
2409  goto out;
2410  }
2411 
2412  ias_opt = kmalloc(sizeof(struct irda_ias_set), GFP_ATOMIC);
2413  if (ias_opt == NULL) {
2414  err = -ENOMEM;
2415  goto out;
2416  }
2417 
2418  /* Copy query to the driver. */
2419  if (copy_from_user(ias_opt, optval, len)) {
2420  kfree(ias_opt);
2421  err = -EFAULT;
2422  goto out;
2423  }
2424 
2425  /* At this point, there are two cases...
2426  * 1) the socket is connected - that's the easy case, we
2427  * just query the device we are connected to...
2428  * 2) the socket is not connected - the user doesn't want
2429  * to connect and/or may not have a valid service name
2430  * (so can't create a fake connection). In this case,
2431  * we assume that the user pass us a valid destination
2432  * address in the requesting structure...
2433  */
2434  if(self->daddr != DEV_ADDR_ANY) {
2435  /* We are connected - reuse known daddr */
2436  daddr = self->daddr;
2437  } else {
2438  /* We are not connected, we must specify a valid
2439  * destination address */
2440  daddr = ias_opt->daddr;
2441  if((!daddr) || (daddr == DEV_ADDR_ANY)) {
2442  kfree(ias_opt);
2443  err = -EINVAL;
2444  goto out;
2445  }
2446  }
2447 
2448  /* Check that we can proceed with IAP */
2449  if (self->iriap) {
2450  IRDA_WARNING("%s: busy with a previous query\n",
2451  __func__);
2452  kfree(ias_opt);
2453  err = -EBUSY;
2454  goto out;
2455  }
2456 
2457  self->iriap = iriap_open(LSAP_ANY, IAS_CLIENT, self,
2458  irda_getvalue_confirm);
2459 
2460  if (self->iriap == NULL) {
2461  kfree(ias_opt);
2462  err = -ENOMEM;
2463  goto out;
2464  }
2465 
2466  /* Treat unexpected wakeup as disconnect */
2467  self->errno = -EHOSTUNREACH;
2468 
2469  /* Query remote LM-IAS */
2470  iriap_getvaluebyclass_request(self->iriap,
2471  self->saddr, daddr,
2472  ias_opt->irda_class_name,
2473  ias_opt->irda_attrib_name);
2474 
2475  /* Wait for answer, if not yet finished (or failed) */
2476  if (wait_event_interruptible(self->query_wait,
2477  (self->iriap == NULL))) {
2478  /* pending request uses copy of ias_opt-content
2479  * we can free it regardless! */
2480  kfree(ias_opt);
2481  /* Treat signals as disconnect */
2482  err = -EHOSTUNREACH;
2483  goto out;
2484  }
2485 
2486  /* Check what happened */
2487  if (self->errno)
2488  {
2489  kfree(ias_opt);
2490  /* Requested object/attribute doesn't exist */
2491  if((self->errno == IAS_CLASS_UNKNOWN) ||
2492  (self->errno == IAS_ATTRIB_UNKNOWN))
2493  err = -EADDRNOTAVAIL;
2494  else
2495  err = -EHOSTUNREACH;
2496 
2497  goto out;
2498  }
2499 
2500  /* Translate from internal to user structure */
2501  err = irda_extract_ias_value(ias_opt, self->ias_result);
2502  if (self->ias_result)
2503  irias_delete_value(self->ias_result);
2504  if (err) {
2505  kfree(ias_opt);
2506  goto out;
2507  }
2508 
2509  /* Copy reply to the user */
2510  if (copy_to_user(optval, ias_opt,
2511  sizeof(struct irda_ias_set))) {
2512  kfree(ias_opt);
2513  err = -EFAULT;
2514  goto out;
2515  }
2516  /* Note : don't need to put optlen, we checked it */
2517  kfree(ias_opt);
2518  break;
2519  case IRLMP_WAITDEVICE:
2520  /* This function is just another way of seeing life ;-)
2521  * IRLMP_ENUMDEVICES assumes that you have a static network,
2522  * and that you just want to pick one of the devices present.
2523  * On the other hand, in here we assume that no device is
2524  * present and that at some point in the future a device will
2525  * come into range. When this device arrive, we just wake
2526  * up the caller, so that he has time to connect to it before
2527  * the device goes away...
2528  * Note : once the node has been discovered for more than a
2529  * few second, it won't trigger this function, unless it
2530  * goes away and come back changes its hint bits (so we
2531  * might call it IRLMP_WAITNEWDEVICE).
2532  */
2533 
2534  /* Check that the user is passing us an int */
2535  if (len != sizeof(int)) {
2536  err = -EINVAL;
2537  goto out;
2538  }
2539  /* Get timeout in ms (max time we block the caller) */
2540  if (get_user(val, (int __user *)optval)) {
2541  err = -EFAULT;
2542  goto out;
2543  }
2544 
2545  /* Tell IrLMP we want to be notified */
2546  irlmp_update_client(self->ckey, self->mask.word,
2547  irda_selective_discovery_indication,
2548  NULL, (void *) self);
2549 
2550  /* Do some discovery (and also return cached results) */
2551  irlmp_discovery_request(self->nslots);
2552 
2553  /* Wait until a node is discovered */
2554  if (!self->cachedaddr) {
2555  IRDA_DEBUG(1, "%s(), nothing discovered yet, going to sleep...\n", __func__);
2556 
2557  /* Set watchdog timer to expire in <val> ms. */
2558  self->errno = 0;
2559  setup_timer(&self->watchdog, irda_discovery_timeout,
2560  (unsigned long)self);
2561  mod_timer(&self->watchdog,
2562  jiffies + msecs_to_jiffies(val));
2563 
2564  /* Wait for IR-LMP to call us back */
2565  __wait_event_interruptible(self->query_wait,
2566  (self->cachedaddr != 0 || self->errno == -ETIME),
2567  err);
2568 
2569  /* If watchdog is still activated, kill it! */
2570  if(timer_pending(&(self->watchdog)))
2571  del_timer(&(self->watchdog));
2572 
2573  IRDA_DEBUG(1, "%s(), ...waking up !\n", __func__);
2574 
2575  if (err != 0)
2576  goto out;
2577  }
2578  else
2579  IRDA_DEBUG(1, "%s(), found immediately !\n",
2580  __func__);
2581 
2582  /* Tell IrLMP that we have been notified */
2583  irlmp_update_client(self->ckey, self->mask.word,
2584  NULL, NULL, NULL);
2585 
2586  /* Check if the we got some results */
2587  if (!self->cachedaddr)
2588  return -EAGAIN; /* Didn't find any devices */
2589  daddr = self->cachedaddr;
2590  /* Cleanup */
2591  self->cachedaddr = 0;
2592 
2593  /* We return the daddr of the device that trigger the
2594  * wakeup. As irlmp pass us only the new devices, we
2595  * are sure that it's not an old device.
2596  * If the user want more details, he should query
2597  * the whole discovery log and pick one device...
2598  */
2599  if (put_user(daddr, (int __user *)optval)) {
2600  err = -EFAULT;
2601  goto out;
2602  }
2603 
2604  break;
2605  default:
2606  err = -ENOPROTOOPT;
2607  }
2608 
2609 out:
2610 
2611  release_sock(sk);
2612 
2613  return err;
2614 }
2615 
2616 static const struct net_proto_family irda_family_ops = {
2617  .family = PF_IRDA,
2618  .create = irda_create,
2619  .owner = THIS_MODULE,
2620 };
2621 
2622 static const struct proto_ops irda_stream_ops = {
2623  .family = PF_IRDA,
2624  .owner = THIS_MODULE,
2625  .release = irda_release,
2626  .bind = irda_bind,
2627  .connect = irda_connect,
2628  .socketpair = sock_no_socketpair,
2629  .accept = irda_accept,
2630  .getname = irda_getname,
2631  .poll = irda_poll,
2632  .ioctl = irda_ioctl,
2633 #ifdef CONFIG_COMPAT
2634  .compat_ioctl = irda_compat_ioctl,
2635 #endif
2636  .listen = irda_listen,
2637  .shutdown = irda_shutdown,
2638  .setsockopt = irda_setsockopt,
2639  .getsockopt = irda_getsockopt,
2640  .sendmsg = irda_sendmsg,
2641  .recvmsg = irda_recvmsg_stream,
2642  .mmap = sock_no_mmap,
2643  .sendpage = sock_no_sendpage,
2644 };
2645 
2646 static const struct proto_ops irda_seqpacket_ops = {
2647  .family = PF_IRDA,
2648  .owner = THIS_MODULE,
2649  .release = irda_release,
2650  .bind = irda_bind,
2651  .connect = irda_connect,
2652  .socketpair = sock_no_socketpair,
2653  .accept = irda_accept,
2654  .getname = irda_getname,
2655  .poll = datagram_poll,
2656  .ioctl = irda_ioctl,
2657 #ifdef CONFIG_COMPAT
2658  .compat_ioctl = irda_compat_ioctl,
2659 #endif
2660  .listen = irda_listen,
2661  .shutdown = irda_shutdown,
2662  .setsockopt = irda_setsockopt,
2663  .getsockopt = irda_getsockopt,
2664  .sendmsg = irda_sendmsg,
2665  .recvmsg = irda_recvmsg_dgram,
2666  .mmap = sock_no_mmap,
2667  .sendpage = sock_no_sendpage,
2668 };
2669 
2670 static const struct proto_ops irda_dgram_ops = {
2671  .family = PF_IRDA,
2672  .owner = THIS_MODULE,
2673  .release = irda_release,
2674  .bind = irda_bind,
2675  .connect = irda_connect,
2676  .socketpair = sock_no_socketpair,
2677  .accept = irda_accept,
2678  .getname = irda_getname,
2679  .poll = datagram_poll,
2680  .ioctl = irda_ioctl,
2681 #ifdef CONFIG_COMPAT
2682  .compat_ioctl = irda_compat_ioctl,
2683 #endif
2684  .listen = irda_listen,
2685  .shutdown = irda_shutdown,
2686  .setsockopt = irda_setsockopt,
2687  .getsockopt = irda_getsockopt,
2688  .sendmsg = irda_sendmsg_dgram,
2689  .recvmsg = irda_recvmsg_dgram,
2690  .mmap = sock_no_mmap,
2691  .sendpage = sock_no_sendpage,
2692 };
2693 
2694 #ifdef CONFIG_IRDA_ULTRA
2695 static const struct proto_ops irda_ultra_ops = {
2696  .family = PF_IRDA,
2697  .owner = THIS_MODULE,
2698  .release = irda_release,
2699  .bind = irda_bind,
2700  .connect = sock_no_connect,
2701  .socketpair = sock_no_socketpair,
2702  .accept = sock_no_accept,
2703  .getname = irda_getname,
2704  .poll = datagram_poll,
2705  .ioctl = irda_ioctl,
2706 #ifdef CONFIG_COMPAT
2707  .compat_ioctl = irda_compat_ioctl,
2708 #endif
2709  .listen = sock_no_listen,
2710  .shutdown = irda_shutdown,
2711  .setsockopt = irda_setsockopt,
2712  .getsockopt = irda_getsockopt,
2713  .sendmsg = irda_sendmsg_ultra,
2714  .recvmsg = irda_recvmsg_dgram,
2715  .mmap = sock_no_mmap,
2716  .sendpage = sock_no_sendpage,
2717 };
2718 #endif /* CONFIG_IRDA_ULTRA */
2719 
2720 /*
2721  * Function irsock_init (pro)
2722  *
2723  * Initialize IrDA protocol
2724  *
2725  */
2726 int __init irsock_init(void)
2727 {
2728  int rc = proto_register(&irda_proto, 0);
2729 
2730  if (rc == 0)
2731  rc = sock_register(&irda_family_ops);
2732 
2733  return rc;
2734 }
2735 
2736 /*
2737  * Function irsock_cleanup (void)
2738  *
2739  * Remove IrDA protocol
2740  *
2741  */
2742 void irsock_cleanup(void)
2743 {
2744  sock_unregister(PF_IRDA);
2745  proto_unregister(&irda_proto);
2746 }
Generated on Thu Jan 10 2013 14:59:32 for Linux Kernel by   doxygen 1.8.2