kernel/netgraph7: Replace usage of MALLOC/FREE with kmalloc/kfree here too.
[dragonfly.git] / sys / netgraph7 / bluetooth / socket / ng_btsocket_hci_raw.c
CommitLineData
b06ebda0
MD
1/*
2 * ng_btsocket_hci_raw.c
3 */
4
5/*-
6 * Copyright (c) 2001-2002 Maksim Yevmenkin <m_evmenkin@yahoo.com>
7 * All rights reserved.
8 *
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
11 * are met:
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in the
16 * documentation and/or other materials provided with the distribution.
17 *
18 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
19 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
20 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
21 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
22 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
23 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
24 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
25 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
26 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
27 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
28 * SUCH DAMAGE.
29 *
30 * $Id: ng_btsocket_hci_raw.c,v 1.14 2003/09/14 23:29:06 max Exp $
31 * $FreeBSD: src/sys/netgraph/bluetooth/socket/ng_btsocket_hci_raw.c,v 1.23 2006/11/06 13:42:04 rwatson Exp $
5a975a3d 32 * $DragonFly: src/sys/netgraph7/bluetooth/socket/ng_btsocket_hci_raw.c,v 1.2 2008/06/26 23:05:40 dillon Exp $
b06ebda0
MD
33 */
34
35#include <sys/param.h>
36#include <sys/systm.h>
37#include <sys/bitstring.h>
38#include <sys/domain.h>
39#include <sys/endian.h>
40#include <sys/errno.h>
41#include <sys/filedesc.h>
b06ebda0
MD
42#include <sys/kernel.h>
43#include <sys/lock.h>
44#include <sys/malloc.h>
45#include <sys/mbuf.h>
46#include <sys/mutex.h>
47#include <sys/priv.h>
48#include <sys/protosw.h>
49#include <sys/queue.h>
50#include <sys/socket.h>
51#include <sys/socketvar.h>
52#include <sys/sysctl.h>
53#include <sys/taskqueue.h>
5a975a3d
MD
54#include "ng_message.h"
55#include "netgraph.h"
56#include "bluetooth/include/ng_bluetooth.h"
57#include "bluetooth/include/ng_hci.h"
58#include "bluetooth/include/ng_l2cap.h"
59#include "bluetooth/include/ng_btsocket.h"
60#include "bluetooth/include/ng_btsocket_hci_raw.h"
b06ebda0
MD
61
62/* MALLOC define */
63#ifdef NG_SEPARATE_MALLOC
64MALLOC_DEFINE(M_NETGRAPH_BTSOCKET_HCI_RAW, "netgraph_btsocks_hci_raw",
65 "Netgraph Bluetooth raw HCI sockets");
66#else
67#define M_NETGRAPH_BTSOCKET_HCI_RAW M_NETGRAPH
68#endif /* NG_SEPARATE_MALLOC */
69
70/* Netgraph node methods */
71static ng_constructor_t ng_btsocket_hci_raw_node_constructor;
72static ng_rcvmsg_t ng_btsocket_hci_raw_node_rcvmsg;
73static ng_shutdown_t ng_btsocket_hci_raw_node_shutdown;
74static ng_newhook_t ng_btsocket_hci_raw_node_newhook;
75static ng_connect_t ng_btsocket_hci_raw_node_connect;
76static ng_rcvdata_t ng_btsocket_hci_raw_node_rcvdata;
77static ng_disconnect_t ng_btsocket_hci_raw_node_disconnect;
78
79static void ng_btsocket_hci_raw_input (void *, int);
80static void ng_btsocket_hci_raw_output(node_p, hook_p, void *, int);
81static void ng_btsocket_hci_raw_savctl(ng_btsocket_hci_raw_pcb_p,
82 struct mbuf **,
83 struct mbuf *);
84static int ng_btsocket_hci_raw_filter(ng_btsocket_hci_raw_pcb_p,
85 struct mbuf *, int);
86
87#define ng_btsocket_hci_raw_wakeup_input_task() \
88 taskqueue_enqueue(taskqueue_swi, &ng_btsocket_hci_raw_task)
89
90/* Security filter */
91struct ng_btsocket_hci_raw_sec_filter {
92 bitstr_t bit_decl(events, 0xff);
93 bitstr_t bit_decl(commands[0x3f], 0x3ff);
94};
95
96/* Netgraph type descriptor */
97static struct ng_type typestruct = {
98 .version = NG_ABI_VERSION,
99 .name = NG_BTSOCKET_HCI_RAW_NODE_TYPE,
100 .constructor = ng_btsocket_hci_raw_node_constructor,
101 .rcvmsg = ng_btsocket_hci_raw_node_rcvmsg,
102 .shutdown = ng_btsocket_hci_raw_node_shutdown,
103 .newhook = ng_btsocket_hci_raw_node_newhook,
104 .connect = ng_btsocket_hci_raw_node_connect,
105 .rcvdata = ng_btsocket_hci_raw_node_rcvdata,
106 .disconnect = ng_btsocket_hci_raw_node_disconnect,
107};
108
109/* Globals */
110extern int ifqmaxlen;
111static u_int32_t ng_btsocket_hci_raw_debug_level;
112static u_int32_t ng_btsocket_hci_raw_ioctl_timeout;
113static node_p ng_btsocket_hci_raw_node;
114static struct ng_bt_itemq ng_btsocket_hci_raw_queue;
115static struct mtx ng_btsocket_hci_raw_queue_mtx;
116static struct task ng_btsocket_hci_raw_task;
117static LIST_HEAD(, ng_btsocket_hci_raw_pcb) ng_btsocket_hci_raw_sockets;
118static struct mtx ng_btsocket_hci_raw_sockets_mtx;
119static u_int32_t ng_btsocket_hci_raw_token;
120static struct mtx ng_btsocket_hci_raw_token_mtx;
121static struct ng_btsocket_hci_raw_sec_filter *ng_btsocket_hci_raw_sec_filter;
122
123/* Sysctl tree */
124SYSCTL_DECL(_net_bluetooth_hci_sockets);
125SYSCTL_NODE(_net_bluetooth_hci_sockets, OID_AUTO, raw, CTLFLAG_RW,
126 0, "Bluetooth raw HCI sockets family");
127SYSCTL_INT(_net_bluetooth_hci_sockets_raw, OID_AUTO, debug_level, CTLFLAG_RW,
128 &ng_btsocket_hci_raw_debug_level, NG_BTSOCKET_WARN_LEVEL,
129 "Bluetooth raw HCI sockets debug level");
130SYSCTL_INT(_net_bluetooth_hci_sockets_raw, OID_AUTO, ioctl_timeout, CTLFLAG_RW,
131 &ng_btsocket_hci_raw_ioctl_timeout, 5,
132 "Bluetooth raw HCI sockets ioctl timeout");
133SYSCTL_INT(_net_bluetooth_hci_sockets_raw, OID_AUTO, queue_len, CTLFLAG_RD,
134 &ng_btsocket_hci_raw_queue.len, 0,
135 "Bluetooth raw HCI sockets input queue length");
136SYSCTL_INT(_net_bluetooth_hci_sockets_raw, OID_AUTO, queue_maxlen, CTLFLAG_RD,
137 &ng_btsocket_hci_raw_queue.maxlen, 0,
138 "Bluetooth raw HCI sockets input queue max. length");
139SYSCTL_INT(_net_bluetooth_hci_sockets_raw, OID_AUTO, queue_drops, CTLFLAG_RD,
140 &ng_btsocket_hci_raw_queue.drops, 0,
141 "Bluetooth raw HCI sockets input queue drops");
142
143/* Debug */
144#define NG_BTSOCKET_HCI_RAW_INFO \
145 if (ng_btsocket_hci_raw_debug_level >= NG_BTSOCKET_INFO_LEVEL) \
146 printf
147
148#define NG_BTSOCKET_HCI_RAW_WARN \
149 if (ng_btsocket_hci_raw_debug_level >= NG_BTSOCKET_WARN_LEVEL) \
150 printf
151
152#define NG_BTSOCKET_HCI_RAW_ERR \
153 if (ng_btsocket_hci_raw_debug_level >= NG_BTSOCKET_ERR_LEVEL) \
154 printf
155
156#define NG_BTSOCKET_HCI_RAW_ALERT \
157 if (ng_btsocket_hci_raw_debug_level >= NG_BTSOCKET_ALERT_LEVEL) \
158 printf
159
160/****************************************************************************
161 ****************************************************************************
162 ** Netgraph specific
163 ****************************************************************************
164 ****************************************************************************/
165
166/*
167 * Netgraph node constructor. Do not allow to create node of this type.
168 */
169
170static int
171ng_btsocket_hci_raw_node_constructor(node_p node)
172{
173 return (EINVAL);
174} /* ng_btsocket_hci_raw_node_constructor */
175
176/*
177 * Netgraph node destructor. Just let old node go and create new fresh one.
178 */
179
180static int
181ng_btsocket_hci_raw_node_shutdown(node_p node)
182{
183 int error = 0;
184
185 NG_NODE_UNREF(node);
186
187 error = ng_make_node_common(&typestruct, &ng_btsocket_hci_raw_node);
188 if (error != 0) {
189 NG_BTSOCKET_HCI_RAW_ALERT(
190"%s: Could not create Netgraph node, error=%d\n", __func__, error);
191
192 ng_btsocket_hci_raw_node = NULL;
193
194 return (ENOMEM);
195 }
196
197 error = ng_name_node(ng_btsocket_hci_raw_node,
198 NG_BTSOCKET_HCI_RAW_NODE_TYPE);
199 if (error != 0) {
200 NG_BTSOCKET_HCI_RAW_ALERT(
201"%s: Could not name Netgraph node, error=%d\n", __func__, error);
202
203 NG_NODE_UNREF(ng_btsocket_hci_raw_node);
204 ng_btsocket_hci_raw_node = NULL;
205
206 return (EINVAL);
207 }
208
209 return (0);
210} /* ng_btsocket_hci_raw_node_shutdown */
211
212/*
213 * Create new hook. Just say "yes"
214 */
215
216static int
217ng_btsocket_hci_raw_node_newhook(node_p node, hook_p hook, char const *name)
218{
219 return (0);
220} /* ng_btsocket_hci_raw_node_newhook */
221
222/*
223 * Connect hook. Just say "yes"
224 */
225
226static int
227ng_btsocket_hci_raw_node_connect(hook_p hook)
228{
229 return (0);
230} /* ng_btsocket_hci_raw_node_connect */
231
232/*
233 * Disconnect hook
234 */
235
236static int
237ng_btsocket_hci_raw_node_disconnect(hook_p hook)
238{
239 return (0);
240} /* ng_btsocket_hci_raw_node_disconnect */
241
242/*
243 * Receive control message.
244 * Make sure it is a message from HCI node and it is a response.
245 * Enqueue item and schedule input task.
246 */
247
248static int
249ng_btsocket_hci_raw_node_rcvmsg(node_p node, item_p item, hook_p lasthook)
250{
251 struct ng_mesg *msg = NGI_MSG(item); /* item still has message */
252 int error = 0;
253
254 /*
255 * Check for empty sockets list creates LOR when both sender and
256 * receiver device are connected to the same host, so remove it
257 * for now
258 */
259
260 if (msg != NULL &&
261 (msg->header.typecookie == NGM_HCI_COOKIE ||
262 msg->header.typecookie == NGM_GENERIC_COOKIE) &&
263 msg->header.flags & NGF_RESP) {
264 if (msg->header.token == 0) {
265 NG_FREE_ITEM(item);
266 return (0);
267 }
268
269 mtx_lock(&ng_btsocket_hci_raw_queue_mtx);
270 if (NG_BT_ITEMQ_FULL(&ng_btsocket_hci_raw_queue)) {
271 NG_BTSOCKET_HCI_RAW_ERR(
272"%s: Input queue is full\n", __func__);
273
274 NG_BT_ITEMQ_DROP(&ng_btsocket_hci_raw_queue);
275 NG_FREE_ITEM(item);
276 error = ENOBUFS;
277 } else {
278 NG_BT_ITEMQ_ENQUEUE(&ng_btsocket_hci_raw_queue, item);
279 error = ng_btsocket_hci_raw_wakeup_input_task();
280 }
281 mtx_unlock(&ng_btsocket_hci_raw_queue_mtx);
282 } else {
283 NG_FREE_ITEM(item);
284 error = EINVAL;
285 }
286
287 return (error);
288} /* ng_btsocket_hci_raw_node_rcvmsg */
289
290/*
291 * Receive packet from the one of our hook.
292 * Prepend every packet with sockaddr_hci and record sender's node name.
293 * Enqueue item and schedule input task.
294 */
295
296static int
297ng_btsocket_hci_raw_node_rcvdata(hook_p hook, item_p item)
298{
299 struct mbuf *nam = NULL;
300 int error;
301
302 /*
303 * Check for empty sockets list creates LOR when both sender and
304 * receiver device are connected to the same host, so remove it
305 * for now
306 */
307
5a975a3d 308 MGET(nam, MB_DONTWAIT, MT_SONAME);
b06ebda0
MD
309 if (nam != NULL) {
310 struct sockaddr_hci *sa = mtod(nam, struct sockaddr_hci *);
311
312 nam->m_len = sizeof(struct sockaddr_hci);
313
314 sa->hci_len = sizeof(*sa);
315 sa->hci_family = AF_BLUETOOTH;
316 strlcpy(sa->hci_node, NG_PEER_NODE_NAME(hook),
317 sizeof(sa->hci_node));
318
319 NGI_GET_M(item, nam->m_next);
320 NGI_M(item) = nam;
321
322 mtx_lock(&ng_btsocket_hci_raw_queue_mtx);
323 if (NG_BT_ITEMQ_FULL(&ng_btsocket_hci_raw_queue)) {
324 NG_BTSOCKET_HCI_RAW_ERR(
325"%s: Input queue is full\n", __func__);
326
327 NG_BT_ITEMQ_DROP(&ng_btsocket_hci_raw_queue);
328 NG_FREE_ITEM(item);
329 error = ENOBUFS;
330 } else {
331 NG_BT_ITEMQ_ENQUEUE(&ng_btsocket_hci_raw_queue, item);
332 error = ng_btsocket_hci_raw_wakeup_input_task();
333 }
334 mtx_unlock(&ng_btsocket_hci_raw_queue_mtx);
335 } else {
336 NG_BTSOCKET_HCI_RAW_ERR(
337"%s: Failed to allocate address mbuf\n", __func__);
338
339 NG_FREE_ITEM(item);
340 error = ENOBUFS;
341 }
342
343 return (error);
344} /* ng_btsocket_hci_raw_node_rcvdata */
345
346/****************************************************************************
347 ****************************************************************************
348 ** Sockets specific
349 ****************************************************************************
350 ****************************************************************************/
351
352/*
353 * Get next token. We need token to avoid theoretical race where process
354 * submits ioctl() message then interrupts ioctl() and re-submits another
355 * ioctl() on the same socket *before* first ioctl() complete.
356 */
357
358static void
359ng_btsocket_hci_raw_get_token(u_int32_t *token)
360{
361 mtx_lock(&ng_btsocket_hci_raw_token_mtx);
362
363 if (++ ng_btsocket_hci_raw_token == 0)
364 ng_btsocket_hci_raw_token = 1;
365
366 *token = ng_btsocket_hci_raw_token;
367
368 mtx_unlock(&ng_btsocket_hci_raw_token_mtx);
369} /* ng_btsocket_hci_raw_get_token */
370
371/*
372 * Send Netgraph message to the node - do not expect reply
373 */
374
375static int
376ng_btsocket_hci_raw_send_ngmsg(char *path, int cmd, void *arg, int arglen)
377{
378 struct ng_mesg *msg = NULL;
379 int error = 0;
380
5a975a3d 381 NG_MKMESSAGE(msg, NGM_HCI_COOKIE, cmd, arglen, M_WAITOK | M_NULLOK);
b06ebda0
MD
382 if (msg == NULL)
383 return (ENOMEM);
384
385 if (arg != NULL && arglen > 0)
386 bcopy(arg, msg->data, arglen);
387
388 NG_SEND_MSG_PATH(error, ng_btsocket_hci_raw_node, msg, path, 0);
389
390 return (error);
391} /* ng_btsocket_hci_raw_send_ngmsg */
392
393/*
394 * Send Netgraph message to the node (no data) and wait for reply
395 */
396
397static int
398ng_btsocket_hci_raw_send_sync_ngmsg(ng_btsocket_hci_raw_pcb_p pcb, char *path,
399 int cmd, void *rsp, int rsplen)
400{
401 struct ng_mesg *msg = NULL;
402 int error = 0;
403
404 mtx_assert(&pcb->pcb_mtx, MA_OWNED);
405
5a975a3d 406 NG_MKMESSAGE(msg, NGM_HCI_COOKIE, cmd, 0, M_WAITOK | M_NULLOK);
b06ebda0
MD
407 if (msg == NULL)
408 return (ENOMEM);
409
410 ng_btsocket_hci_raw_get_token(&msg->header.token);
411 pcb->token = msg->header.token;
412 pcb->msg = NULL;
413
414 NG_SEND_MSG_PATH(error, ng_btsocket_hci_raw_node, msg, path, 0);
415 if (error != 0) {
416 pcb->token = 0;
417 return (error);
418 }
419
420 error = msleep(&pcb->msg, &pcb->pcb_mtx, PZERO|PCATCH, "hcictl",
421 ng_btsocket_hci_raw_ioctl_timeout * hz);
422 pcb->token = 0;
423
424 if (error != 0)
425 return (error);
426
427 if (pcb->msg != NULL && pcb->msg->header.cmd == cmd)
428 bcopy(pcb->msg->data, rsp, rsplen);
429 else
430 error = EINVAL;
431
432 NG_FREE_MSG(pcb->msg); /* checks for != NULL */
433
434 return (0);
435} /* ng_btsocket_hci_raw_send_sync_ngmsg */
436
437/*
438 * Create control information for the packet
439 */
440
441static void
442ng_btsocket_hci_raw_savctl(ng_btsocket_hci_raw_pcb_p pcb, struct mbuf **ctl,
443 struct mbuf *m)
444{
445 int dir;
446 struct timeval tv;
447
448 mtx_assert(&pcb->pcb_mtx, MA_OWNED);
449
450 if (pcb->flags & NG_BTSOCKET_HCI_RAW_DIRECTION) {
451 dir = (m->m_flags & M_PROTO1)? 1 : 0;
452 *ctl = sbcreatecontrol((caddr_t) &dir, sizeof(dir),
453 SCM_HCI_RAW_DIRECTION, SOL_HCI_RAW);
454 if (*ctl != NULL)
455 ctl = &((*ctl)->m_next);
456 }
457
458 if (pcb->so->so_options & SO_TIMESTAMP) {
459 microtime(&tv);
460 *ctl = sbcreatecontrol((caddr_t) &tv, sizeof(tv),
461 SCM_TIMESTAMP, SOL_SOCKET);
462 if (*ctl != NULL)
463 ctl = &((*ctl)->m_next);
464 }
465} /* ng_btsocket_hci_raw_savctl */
466
467/*
468 * Raw HCI sockets data input routine
469 */
470
471static void
472ng_btsocket_hci_raw_data_input(struct mbuf *nam)
473{
474 ng_btsocket_hci_raw_pcb_p pcb = NULL;
475 struct mbuf *m0 = NULL, *m = NULL;
476 struct sockaddr_hci *sa = NULL;
477
478 m0 = nam->m_next;
479 nam->m_next = NULL;
480
481 KASSERT((nam->m_type == MT_SONAME),
482 ("%s: m_type=%d\n", __func__, nam->m_type));
483 KASSERT((m0->m_flags & M_PKTHDR),
484 ("%s: m_flags=%#x\n", __func__, m0->m_flags));
485
486 sa = mtod(nam, struct sockaddr_hci *);
487
488 mtx_lock(&ng_btsocket_hci_raw_sockets_mtx);
489
490 LIST_FOREACH(pcb, &ng_btsocket_hci_raw_sockets, next) {
491
492 mtx_lock(&pcb->pcb_mtx);
493
494 /*
495 * If socket was bound then check address and
496 * make sure it matches.
497 */
498
499 if (pcb->addr.hci_node[0] != 0 &&
500 strcmp(sa->hci_node, pcb->addr.hci_node) != 0)
501 goto next;
502
503 /*
504 * Check packet against filters
505 * XXX do we have to call m_pullup() here?
506 */
507
508 if (ng_btsocket_hci_raw_filter(pcb, m0, 1) != 0)
509 goto next;
510
511 /*
512 * Make a copy of the packet, append to the socket's
513 * receive queue and wakeup socket. sbappendaddr()
514 * will check if socket has enough buffer space.
515 */
516
5a975a3d 517 m = m_dup(m0, MB_DONTWAIT);
b06ebda0
MD
518 if (m != NULL) {
519 struct mbuf *ctl = NULL;
520
521 ng_btsocket_hci_raw_savctl(pcb, &ctl, m);
522
523 if (sbappendaddr(&pcb->so->so_rcv,
524 (struct sockaddr *) sa, m, ctl))
525 sorwakeup(pcb->so);
526 else {
527 NG_BTSOCKET_HCI_RAW_INFO(
528"%s: sbappendaddr() failed\n", __func__);
529
530 NG_FREE_M(m);
531 NG_FREE_M(ctl);
532 }
533 }
534next:
535 mtx_unlock(&pcb->pcb_mtx);
536 }
537
538 mtx_unlock(&ng_btsocket_hci_raw_sockets_mtx);
539
540 NG_FREE_M(nam);
541 NG_FREE_M(m0);
542} /* ng_btsocket_hci_raw_data_input */
543
544/*
545 * Raw HCI sockets message input routine
546 */
547
548static void
549ng_btsocket_hci_raw_msg_input(struct ng_mesg *msg)
550{
551 ng_btsocket_hci_raw_pcb_p pcb = NULL;
552
553 mtx_lock(&ng_btsocket_hci_raw_sockets_mtx);
554
555 LIST_FOREACH(pcb, &ng_btsocket_hci_raw_sockets, next) {
556 mtx_lock(&pcb->pcb_mtx);
557
558 if (msg->header.token == pcb->token) {
559 pcb->msg = msg;
560 wakeup(&pcb->msg);
561
562 mtx_unlock(&pcb->pcb_mtx);
563 mtx_unlock(&ng_btsocket_hci_raw_sockets_mtx);
564
565 return;
566 }
567
568 mtx_unlock(&pcb->pcb_mtx);
569 }
570
571 mtx_unlock(&ng_btsocket_hci_raw_sockets_mtx);
572
573 NG_FREE_MSG(msg); /* checks for != NULL */
574} /* ng_btsocket_hci_raw_msg_input */
575
576/*
577 * Raw HCI sockets input routines
578 */
579
580static void
581ng_btsocket_hci_raw_input(void *context, int pending)
582{
583 item_p item = NULL;
584
585 for (;;) {
586 mtx_lock(&ng_btsocket_hci_raw_queue_mtx);
587 NG_BT_ITEMQ_DEQUEUE(&ng_btsocket_hci_raw_queue, item);
588 mtx_unlock(&ng_btsocket_hci_raw_queue_mtx);
589
590 if (item == NULL)
591 break;
592
593 switch(item->el_flags & NGQF_TYPE) {
594 case NGQF_DATA: {
595 struct mbuf *m = NULL;
596
597 NGI_GET_M(item, m);
598 ng_btsocket_hci_raw_data_input(m);
599 } break;
600
601 case NGQF_MESG: {
602 struct ng_mesg *msg = NULL;
603
604 NGI_GET_MSG(item, msg);
605 ng_btsocket_hci_raw_msg_input(msg);
606 } break;
607
608 default:
609 KASSERT(0,
610("%s: invalid item type=%ld\n", __func__, (item->el_flags & NGQF_TYPE)));
611 break;
612 }
613
614 NG_FREE_ITEM(item);
615 }
616} /* ng_btsocket_hci_raw_input */
617
618/*
619 * Raw HCI sockets output routine
620 */
621
622static void
623ng_btsocket_hci_raw_output(node_p node, hook_p hook, void *arg1, int arg2)
624{
625 struct mbuf *nam = (struct mbuf *) arg1, *m = NULL;
626 struct sockaddr_hci *sa = NULL;
627 int error;
628
629 m = nam->m_next;
630 nam->m_next = NULL;
631
632 KASSERT((nam->m_type == MT_SONAME),
633 ("%s: m_type=%d\n", __func__, nam->m_type));
634 KASSERT((m->m_flags & M_PKTHDR),
635 ("%s: m_flags=%#x\n", __func__, m->m_flags));
636
637 sa = mtod(nam, struct sockaddr_hci *);
638
639 /*
640 * Find downstream hook
641 * XXX For now access node hook list directly. Should be safe because
642 * we used ng_send_fn() and we should have exclusive lock on the node.
643 */
644
645 LIST_FOREACH(hook, &node->nd_hooks, hk_hooks) {
646 if (hook == NULL || NG_HOOK_NOT_VALID(hook) ||
647 NG_NODE_NOT_VALID(NG_PEER_NODE(hook)))
648 continue;
649
650 if (strcmp(sa->hci_node, NG_PEER_NODE_NAME(hook)) == 0) {
651 NG_SEND_DATA_ONLY(error, hook, m); /* sets m to NULL */
652 break;
653 }
654 }
655
656 NG_FREE_M(nam); /* check for != NULL */
657 NG_FREE_M(m);
658} /* ng_btsocket_hci_raw_output */
659
660/*
661 * Check frame against security and socket filters.
662 * d (direction bit) == 1 means incoming frame.
663 */
664
665static int
666ng_btsocket_hci_raw_filter(ng_btsocket_hci_raw_pcb_p pcb, struct mbuf *m, int d)
667{
668 int type, event, opcode;
669
670 mtx_assert(&pcb->pcb_mtx, MA_OWNED);
671
672 switch ((type = *mtod(m, u_int8_t *))) {
673 case NG_HCI_CMD_PKT:
674 if (!(pcb->flags & NG_BTSOCKET_HCI_RAW_PRIVILEGED)) {
675 opcode = le16toh(mtod(m, ng_hci_cmd_pkt_t *)->opcode);
676
677 if (!bit_test(
678ng_btsocket_hci_raw_sec_filter->commands[NG_HCI_OGF(opcode) - 1],
679NG_HCI_OCF(opcode) - 1))
680 return (EPERM);
681 }
682
683 if (d && !bit_test(pcb->filter.packet_mask, NG_HCI_CMD_PKT - 1))
684 return (EPERM);
685 break;
686
687 case NG_HCI_ACL_DATA_PKT:
688 case NG_HCI_SCO_DATA_PKT:
689 if (!(pcb->flags & NG_BTSOCKET_HCI_RAW_PRIVILEGED) ||
690 !bit_test(pcb->filter.packet_mask, type - 1) ||
691 !d)
692 return (EPERM);
693 break;
694
695 case NG_HCI_EVENT_PKT:
696 if (!d)
697 return (EINVAL);
698
699 event = mtod(m, ng_hci_event_pkt_t *)->event - 1;
700
701 if (!(pcb->flags & NG_BTSOCKET_HCI_RAW_PRIVILEGED))
702 if (!bit_test(ng_btsocket_hci_raw_sec_filter->events, event))
703 return (EPERM);
704
705 if (!bit_test(pcb->filter.event_mask, event))
706 return (EPERM);
707 break;
708
709 default:
710 return (EINVAL);
711 }
712
713 return (0);
714} /* ng_btsocket_hci_raw_filter */
715
716/*
717 * Initialize everything
718 */
719
720void
721ng_btsocket_hci_raw_init(void)
722{
723 bitstr_t *f = NULL;
724 int error = 0;
725
726 ng_btsocket_hci_raw_node = NULL;
727 ng_btsocket_hci_raw_debug_level = NG_BTSOCKET_WARN_LEVEL;
728 ng_btsocket_hci_raw_ioctl_timeout = 5;
729
730 /* Register Netgraph node type */
731 error = ng_newtype(&typestruct);
732 if (error != 0) {
733 NG_BTSOCKET_HCI_RAW_ALERT(
734"%s: Could not register Netgraph node type, error=%d\n", __func__, error);
735
736 return;
737 }
738
739 /* Create Netgrapg node */
740 error = ng_make_node_common(&typestruct, &ng_btsocket_hci_raw_node);
741 if (error != 0) {
742 NG_BTSOCKET_HCI_RAW_ALERT(
743"%s: Could not create Netgraph node, error=%d\n", __func__, error);
744
745 ng_btsocket_hci_raw_node = NULL;
746
747 return;
748 }
749
750 error = ng_name_node(ng_btsocket_hci_raw_node,
751 NG_BTSOCKET_HCI_RAW_NODE_TYPE);
752 if (error != 0) {
753 NG_BTSOCKET_HCI_RAW_ALERT(
754"%s: Could not name Netgraph node, error=%d\n", __func__, error);
755
756 NG_NODE_UNREF(ng_btsocket_hci_raw_node);
757 ng_btsocket_hci_raw_node = NULL;
758
759 return;
760 }
761
762 /* Create input queue */
763 NG_BT_ITEMQ_INIT(&ng_btsocket_hci_raw_queue, ifqmaxlen);
764 mtx_init(&ng_btsocket_hci_raw_queue_mtx,
765 "btsocks_hci_raw_queue_mtx", NULL, MTX_DEF);
766 TASK_INIT(&ng_btsocket_hci_raw_task, 0,
767 ng_btsocket_hci_raw_input, NULL);
768
769 /* Create list of sockets */
770 LIST_INIT(&ng_btsocket_hci_raw_sockets);
771 mtx_init(&ng_btsocket_hci_raw_sockets_mtx,
772 "btsocks_hci_raw_sockets_mtx", NULL, MTX_DEF);
773
774 /* Tokens */
775 ng_btsocket_hci_raw_token = 0;
776 mtx_init(&ng_btsocket_hci_raw_token_mtx,
777 "btsocks_hci_raw_token_mtx", NULL, MTX_DEF);
778
779 /*
780 * Security filter
781 * XXX never FREE()ed
782 */
783
784 ng_btsocket_hci_raw_sec_filter = NULL;
785
fc025606
SW
786 ng_btsocket_hci_raw_sec_filter = kmalloc(sizeof(struct ng_btsocket_hci_raw_sec_filter),
787 M_NETGRAPH_BTSOCKET_HCI_RAW,
788 M_WAITOK | M_NULLOK | M_ZERO);
b06ebda0
MD
789 if (ng_btsocket_hci_raw_sec_filter == NULL) {
790 printf("%s: Could not allocate security filter!\n", __func__);
791 return;
792 }
793
794 /*
795 * XXX How paranoid can we get?
796 *
797 * Initialize security filter. If bit is set in the mask then
798 * unprivileged socket is allowed to send (receive) this command
799 * (event).
800 */
801
802 /* Enable all events */
803 memset(&ng_btsocket_hci_raw_sec_filter->events, 0xff,
804 sizeof(ng_btsocket_hci_raw_sec_filter->events)/
805 sizeof(ng_btsocket_hci_raw_sec_filter->events[0]));
806
807 /* Disable some critical events */
808 f = ng_btsocket_hci_raw_sec_filter->events;
809 bit_clear(f, NG_HCI_EVENT_RETURN_LINK_KEYS - 1);
810 bit_clear(f, NG_HCI_EVENT_LINK_KEY_NOTIFICATION - 1);
811 bit_clear(f, NG_HCI_EVENT_VENDOR - 1);
812
813 /* Commands - Link control */
814 f = ng_btsocket_hci_raw_sec_filter->commands[NG_HCI_OGF_LINK_CONTROL-1];
815 bit_set(f, NG_HCI_OCF_INQUIRY - 1);
816 bit_set(f, NG_HCI_OCF_INQUIRY_CANCEL - 1);
817 bit_set(f, NG_HCI_OCF_PERIODIC_INQUIRY - 1);
818 bit_set(f, NG_HCI_OCF_EXIT_PERIODIC_INQUIRY - 1);
819 bit_set(f, NG_HCI_OCF_REMOTE_NAME_REQ - 1);
820 bit_set(f, NG_HCI_OCF_READ_REMOTE_FEATURES - 1);
821 bit_set(f, NG_HCI_OCF_READ_REMOTE_VER_INFO - 1);
822 bit_set(f, NG_HCI_OCF_READ_CLOCK_OFFSET - 1);
823
824 /* Commands - Link policy */
825 f = ng_btsocket_hci_raw_sec_filter->commands[NG_HCI_OGF_LINK_POLICY-1];
826 bit_set(f, NG_HCI_OCF_ROLE_DISCOVERY - 1);
827 bit_set(f, NG_HCI_OCF_READ_LINK_POLICY_SETTINGS - 1);
828
829 /* Commands - Host controller and baseband */
830 f = ng_btsocket_hci_raw_sec_filter->commands[NG_HCI_OGF_HC_BASEBAND-1];
831 bit_set(f, NG_HCI_OCF_READ_PIN_TYPE - 1);
832 bit_set(f, NG_HCI_OCF_READ_LOCAL_NAME - 1);
833 bit_set(f, NG_HCI_OCF_READ_CON_ACCEPT_TIMO - 1);
834 bit_set(f, NG_HCI_OCF_READ_PAGE_TIMO - 1);
835 bit_set(f, NG_HCI_OCF_READ_SCAN_ENABLE - 1);
836 bit_set(f, NG_HCI_OCF_READ_PAGE_SCAN_ACTIVITY - 1);
837 bit_set(f, NG_HCI_OCF_READ_INQUIRY_SCAN_ACTIVITY - 1);
838 bit_set(f, NG_HCI_OCF_READ_AUTH_ENABLE - 1);
839 bit_set(f, NG_HCI_OCF_READ_ENCRYPTION_MODE - 1);
840 bit_set(f, NG_HCI_OCF_READ_UNIT_CLASS - 1);
841 bit_set(f, NG_HCI_OCF_READ_VOICE_SETTINGS - 1);
842 bit_set(f, NG_HCI_OCF_READ_AUTO_FLUSH_TIMO - 1);
843 bit_set(f, NG_HCI_OCF_READ_NUM_BROADCAST_RETRANS - 1);
844 bit_set(f, NG_HCI_OCF_READ_HOLD_MODE_ACTIVITY - 1);
845 bit_set(f, NG_HCI_OCF_READ_XMIT_LEVEL - 1);
846 bit_set(f, NG_HCI_OCF_READ_SCO_FLOW_CONTROL - 1);
847 bit_set(f, NG_HCI_OCF_READ_LINK_SUPERVISION_TIMO - 1);
848 bit_set(f, NG_HCI_OCF_READ_SUPPORTED_IAC_NUM - 1);
849 bit_set(f, NG_HCI_OCF_READ_IAC_LAP - 1);
850 bit_set(f, NG_HCI_OCF_READ_PAGE_SCAN_PERIOD - 1);
851 bit_set(f, NG_HCI_OCF_READ_PAGE_SCAN - 1);
852
853 /* Commands - Informational */
854 f = ng_btsocket_hci_raw_sec_filter->commands[NG_HCI_OGF_INFO - 1];
855 bit_set(f, NG_HCI_OCF_READ_LOCAL_VER - 1);
856 bit_set(f, NG_HCI_OCF_READ_LOCAL_FEATURES - 1);
857 bit_set(f, NG_HCI_OCF_READ_BUFFER_SIZE - 1);
858 bit_set(f, NG_HCI_OCF_READ_COUNTRY_CODE - 1);
859 bit_set(f, NG_HCI_OCF_READ_BDADDR - 1);
860
861 /* Commands - Status */
862 f = ng_btsocket_hci_raw_sec_filter->commands[NG_HCI_OGF_STATUS - 1];
863 bit_set(f, NG_HCI_OCF_READ_FAILED_CONTACT_CNTR - 1);
864 bit_set(f, NG_HCI_OCF_GET_LINK_QUALITY - 1);
865 bit_set(f, NG_HCI_OCF_READ_RSSI - 1);
866
867 /* Commands - Testing */
868 f = ng_btsocket_hci_raw_sec_filter->commands[NG_HCI_OGF_TESTING - 1];
869 bit_set(f, NG_HCI_OCF_READ_LOOPBACK_MODE - 1);
870} /* ng_btsocket_hci_raw_init */
871
872/*
873 * Abort connection on socket
874 */
875
876void
877ng_btsocket_hci_raw_abort(struct socket *so)
878{
879} /* ng_btsocket_hci_raw_abort */
880
881void
882ng_btsocket_hci_raw_close(struct socket *so)
883{
884} /* ng_btsocket_hci_raw_close */
885
886/*
887 * Create new raw HCI socket
888 */
889
890int
891ng_btsocket_hci_raw_attach(struct socket *so, int proto, struct thread *td)
892{
893 ng_btsocket_hci_raw_pcb_p pcb = so2hci_raw_pcb(so);
894 int error = 0;
895
896 if (pcb != NULL)
897 return (EISCONN);
898
899 if (ng_btsocket_hci_raw_node == NULL)
900 return (EPROTONOSUPPORT);
901 if (proto != BLUETOOTH_PROTO_HCI)
902 return (EPROTONOSUPPORT);
903 if (so->so_type != SOCK_RAW)
904 return (ESOCKTNOSUPPORT);
905
906 error = soreserve(so, NG_BTSOCKET_HCI_RAW_SENDSPACE,
907 NG_BTSOCKET_HCI_RAW_RECVSPACE);
908 if (error != 0)
909 return (error);
910
fc025606
SW
911 pcb = kmalloc(sizeof(*pcb), M_NETGRAPH_BTSOCKET_HCI_RAW,
912 M_WAITOK | M_NULLOK | M_ZERO);
b06ebda0
MD
913 if (pcb == NULL)
914 return (ENOMEM);
915
916 so->so_pcb = (caddr_t) pcb;
917 pcb->so = so;
918
919 if (priv_check(td, PRIV_NETBLUETOOTH_RAW) == 0)
920 pcb->flags |= NG_BTSOCKET_HCI_RAW_PRIVILEGED;
921
922 /*
923 * Set default socket filter. By default socket only accepts HCI
924 * Command_Complete and Command_Status event packets.
925 */
926
927 bit_set(pcb->filter.event_mask, NG_HCI_EVENT_COMMAND_COMPL - 1);
928 bit_set(pcb->filter.event_mask, NG_HCI_EVENT_COMMAND_STATUS - 1);
929
930 mtx_init(&pcb->pcb_mtx, "btsocks_hci_raw_pcb_mtx", NULL, MTX_DEF);
931
932 mtx_lock(&ng_btsocket_hci_raw_sockets_mtx);
933 LIST_INSERT_HEAD(&ng_btsocket_hci_raw_sockets, pcb, next);
934 mtx_unlock(&ng_btsocket_hci_raw_sockets_mtx);
935
936 return (0);
937} /* ng_btsocket_hci_raw_attach */
938
939/*
940 * Bind raw HCI socket
941 */
942
943int
944ng_btsocket_hci_raw_bind(struct socket *so, struct sockaddr *nam,
945 struct thread *td)
946{
947 ng_btsocket_hci_raw_pcb_p pcb = so2hci_raw_pcb(so);
948 struct sockaddr_hci *sa = (struct sockaddr_hci *) nam;
949
950 if (pcb == NULL)
951 return (EINVAL);
952 if (ng_btsocket_hci_raw_node == NULL)
953 return (EINVAL);
954
955 if (sa == NULL)
956 return (EINVAL);
957 if (sa->hci_family != AF_BLUETOOTH)
958 return (EAFNOSUPPORT);
959 if (sa->hci_len != sizeof(*sa))
960 return (EINVAL);
961 if (sa->hci_node[0] == 0)
962 return (EINVAL);
963
964 mtx_lock(&pcb->pcb_mtx);
965 bcopy(sa, &pcb->addr, sizeof(pcb->addr));
966 mtx_unlock(&pcb->pcb_mtx);
967
968 return (0);
969} /* ng_btsocket_hci_raw_bind */
970
971/*
972 * Connect raw HCI socket
973 */
974
975int
976ng_btsocket_hci_raw_connect(struct socket *so, struct sockaddr *nam,
977 struct thread *td)
978{
979 ng_btsocket_hci_raw_pcb_p pcb = so2hci_raw_pcb(so);
980 struct sockaddr_hci *sa = (struct sockaddr_hci *) nam;
981
982 if (pcb == NULL)
983 return (EINVAL);
984 if (ng_btsocket_hci_raw_node == NULL)
985 return (EINVAL);
986
987 if (sa == NULL)
988 return (EINVAL);
989 if (sa->hci_family != AF_BLUETOOTH)
990 return (EAFNOSUPPORT);
991 if (sa->hci_len != sizeof(*sa))
992 return (EINVAL);
993 if (sa->hci_node[0] == 0)
994 return (EDESTADDRREQ);
995
996 mtx_lock(&pcb->pcb_mtx);
997
998 if (bcmp(sa, &pcb->addr, sizeof(pcb->addr)) != 0) {
999 mtx_unlock(&pcb->pcb_mtx);
1000 return (EADDRNOTAVAIL);
1001 }
1002
1003 soisconnected(so);
1004
1005 mtx_unlock(&pcb->pcb_mtx);
1006
1007 return (0);
1008} /* ng_btsocket_hci_raw_connect */
1009
1010/*
1011 * Process ioctl on socket
1012 */
1013
1014int
1015ng_btsocket_hci_raw_control(struct socket *so, u_long cmd, caddr_t data,
1016 struct ifnet *ifp, struct thread *td)
1017{
1018 ng_btsocket_hci_raw_pcb_p pcb = so2hci_raw_pcb(so);
1019 char path[NG_NODESIZ + 1];
1020 struct ng_mesg *msg = NULL;
1021 int error = 0;
1022
1023 if (pcb == NULL)
1024 return (EINVAL);
1025 if (ng_btsocket_hci_raw_node == NULL)
1026 return (EINVAL);
1027
1028 mtx_lock(&pcb->pcb_mtx);
1029
1030 /* Check if we have device name */
1031 if (pcb->addr.hci_node[0] == 0) {
1032 mtx_unlock(&pcb->pcb_mtx);
1033 return (EHOSTUNREACH);
1034 }
1035
1036 /* Check if we have pending ioctl() */
1037 if (pcb->token != 0) {
1038 mtx_unlock(&pcb->pcb_mtx);
1039 return (EBUSY);
1040 }
1041
1042 snprintf(path, sizeof(path), "%s:", pcb->addr.hci_node);
1043
1044 switch (cmd) {
1045 case SIOC_HCI_RAW_NODE_GET_STATE: {
1046 struct ng_btsocket_hci_raw_node_state *p =
1047 (struct ng_btsocket_hci_raw_node_state *) data;
1048
1049 error = ng_btsocket_hci_raw_send_sync_ngmsg(pcb, path,
1050 NGM_HCI_NODE_GET_STATE,
1051 &p->state, sizeof(p->state));
1052 } break;
1053
1054 case SIOC_HCI_RAW_NODE_INIT:
1055 if (pcb->flags & NG_BTSOCKET_HCI_RAW_PRIVILEGED)
1056 error = ng_btsocket_hci_raw_send_ngmsg(path,
1057 NGM_HCI_NODE_INIT, NULL, 0);
1058 else
1059 error = EPERM;
1060 break;
1061
1062 case SIOC_HCI_RAW_NODE_GET_DEBUG: {
1063 struct ng_btsocket_hci_raw_node_debug *p =
1064 (struct ng_btsocket_hci_raw_node_debug *) data;
1065
1066 error = ng_btsocket_hci_raw_send_sync_ngmsg(pcb, path,
1067 NGM_HCI_NODE_GET_DEBUG,
1068 &p->debug, sizeof(p->debug));
1069 } break;
1070
1071 case SIOC_HCI_RAW_NODE_SET_DEBUG: {
1072 struct ng_btsocket_hci_raw_node_debug *p =
1073 (struct ng_btsocket_hci_raw_node_debug *) data;
1074
1075 if (pcb->flags & NG_BTSOCKET_HCI_RAW_PRIVILEGED)
1076 error = ng_btsocket_hci_raw_send_ngmsg(path,
1077 NGM_HCI_NODE_SET_DEBUG, &p->debug,
1078 sizeof(p->debug));
1079 else
1080 error = EPERM;
1081 } break;
1082
1083 case SIOC_HCI_RAW_NODE_GET_BUFFER: {
1084 struct ng_btsocket_hci_raw_node_buffer *p =
1085 (struct ng_btsocket_hci_raw_node_buffer *) data;
1086
1087 error = ng_btsocket_hci_raw_send_sync_ngmsg(pcb, path,
1088 NGM_HCI_NODE_GET_BUFFER,
1089 &p->buffer, sizeof(p->buffer));
1090 } break;
1091
1092 case SIOC_HCI_RAW_NODE_GET_BDADDR: {
1093 struct ng_btsocket_hci_raw_node_bdaddr *p =
1094 (struct ng_btsocket_hci_raw_node_bdaddr *) data;
1095
1096 error = ng_btsocket_hci_raw_send_sync_ngmsg(pcb, path,
1097 NGM_HCI_NODE_GET_BDADDR,
1098 &p->bdaddr, sizeof(p->bdaddr));
1099 } break;
1100
1101 case SIOC_HCI_RAW_NODE_GET_FEATURES: {
1102 struct ng_btsocket_hci_raw_node_features *p =
1103 (struct ng_btsocket_hci_raw_node_features *) data;
1104
1105 error = ng_btsocket_hci_raw_send_sync_ngmsg(pcb, path,
1106 NGM_HCI_NODE_GET_FEATURES,
1107 &p->features, sizeof(p->features));
1108 } break;
1109
1110 case SIOC_HCI_RAW_NODE_GET_STAT: {
1111 struct ng_btsocket_hci_raw_node_stat *p =
1112 (struct ng_btsocket_hci_raw_node_stat *) data;
1113
1114 error = ng_btsocket_hci_raw_send_sync_ngmsg(pcb, path,
1115 NGM_HCI_NODE_GET_STAT,
1116 &p->stat, sizeof(p->stat));
1117 } break;
1118
1119 case SIOC_HCI_RAW_NODE_RESET_STAT:
1120 if (pcb->flags & NG_BTSOCKET_HCI_RAW_PRIVILEGED)
1121 error = ng_btsocket_hci_raw_send_ngmsg(path,
1122 NGM_HCI_NODE_RESET_STAT, NULL, 0);
1123 else
1124 error = EPERM;
1125 break;
1126
1127 case SIOC_HCI_RAW_NODE_FLUSH_NEIGHBOR_CACHE:
1128 if (pcb->flags & NG_BTSOCKET_HCI_RAW_PRIVILEGED)
1129 error = ng_btsocket_hci_raw_send_ngmsg(path,
1130 NGM_HCI_NODE_FLUSH_NEIGHBOR_CACHE,
1131 NULL, 0);
1132 else
1133 error = EPERM;
1134 break;
1135
1136 case SIOC_HCI_RAW_NODE_GET_NEIGHBOR_CACHE: {
1137 struct ng_btsocket_hci_raw_node_neighbor_cache *p =
1138 (struct ng_btsocket_hci_raw_node_neighbor_cache *) data;
1139 ng_hci_node_get_neighbor_cache_ep *p1 = NULL;
1140 ng_hci_node_neighbor_cache_entry_ep *p2 = NULL;
1141
1142 if (p->num_entries <= 0 ||
1143 p->num_entries > NG_HCI_MAX_NEIGHBOR_NUM ||
1144 p->entries == NULL) {
1145 error = EINVAL;
1146 break;
1147 }
1148
1149 NG_MKMESSAGE(msg, NGM_HCI_COOKIE,
5a975a3d 1150 NGM_HCI_NODE_GET_NEIGHBOR_CACHE, 0, M_WAITOK | M_NULLOK);
b06ebda0
MD
1151 if (msg == NULL) {
1152 error = ENOMEM;
1153 break;
1154 }
1155 ng_btsocket_hci_raw_get_token(&msg->header.token);
1156 pcb->token = msg->header.token;
1157 pcb->msg = NULL;
1158
1159 NG_SEND_MSG_PATH(error, ng_btsocket_hci_raw_node, msg, path, 0);
1160 if (error != 0) {
1161 pcb->token = 0;
1162 break;
1163 }
1164
1165 error = msleep(&pcb->msg, &pcb->pcb_mtx,
1166 PZERO|PCATCH, "hcictl",
1167 ng_btsocket_hci_raw_ioctl_timeout * hz);
1168 pcb->token = 0;
1169
1170 if (error != 0)
1171 break;
1172
1173 if (pcb->msg != NULL &&
1174 pcb->msg->header.cmd == NGM_HCI_NODE_GET_NEIGHBOR_CACHE) {
1175 /* Return data back to user space */
1176 p1 = (ng_hci_node_get_neighbor_cache_ep *)
1177 (pcb->msg->data);
1178 p2 = (ng_hci_node_neighbor_cache_entry_ep *)
1179 (p1 + 1);
1180
1181 p->num_entries = min(p->num_entries, p1->num_entries);
1182 if (p->num_entries > 0)
1183 error = copyout((caddr_t) p2,
1184 (caddr_t) p->entries,
1185 p->num_entries * sizeof(*p2));
1186 } else
1187 error = EINVAL;
1188
1189 NG_FREE_MSG(pcb->msg); /* checks for != NULL */
1190 }break;
1191
1192 case SIOC_HCI_RAW_NODE_GET_CON_LIST: {
1193 struct ng_btsocket_hci_raw_con_list *p =
1194 (struct ng_btsocket_hci_raw_con_list *) data;
1195 ng_hci_node_con_list_ep *p1 = NULL;
1196 ng_hci_node_con_ep *p2 = NULL;
1197
1198 if (p->num_connections == 0 ||
1199 p->num_connections > NG_HCI_MAX_CON_NUM ||
1200 p->connections == NULL) {
1201 error = EINVAL;
1202 break;
1203 }
1204
1205 NG_MKMESSAGE(msg, NGM_HCI_COOKIE, NGM_HCI_NODE_GET_CON_LIST,
5a975a3d 1206 0, M_WAITOK | M_NULLOK);
b06ebda0
MD
1207 if (msg == NULL) {
1208 error = ENOMEM;
1209 break;
1210 }
1211 ng_btsocket_hci_raw_get_token(&msg->header.token);
1212 pcb->token = msg->header.token;
1213 pcb->msg = NULL;
1214
1215 NG_SEND_MSG_PATH(error, ng_btsocket_hci_raw_node, msg, path, 0);
1216 if (error != 0) {
1217 pcb->token = 0;
1218 break;
1219 }
1220
1221 error = msleep(&pcb->msg, &pcb->pcb_mtx,
1222 PZERO|PCATCH, "hcictl",
1223 ng_btsocket_hci_raw_ioctl_timeout * hz);
1224 pcb->token = 0;
1225
1226 if (error != 0)
1227 break;
1228
1229 if (pcb->msg != NULL &&
1230 pcb->msg->header.cmd == NGM_HCI_NODE_GET_CON_LIST) {
1231 /* Return data back to user space */
1232 p1 = (ng_hci_node_con_list_ep *)(pcb->msg->data);
1233 p2 = (ng_hci_node_con_ep *)(p1 + 1);
1234
1235 p->num_connections = min(p->num_connections,
1236 p1->num_connections);
1237 if (p->num_connections > 0)
1238 error = copyout((caddr_t) p2,
1239 (caddr_t) p->connections,
1240 p->num_connections * sizeof(*p2));
1241 } else
1242 error = EINVAL;
1243
1244 NG_FREE_MSG(pcb->msg); /* checks for != NULL */
1245 } break;
1246
1247 case SIOC_HCI_RAW_NODE_GET_LINK_POLICY_MASK: {
1248 struct ng_btsocket_hci_raw_node_link_policy_mask *p =
1249 (struct ng_btsocket_hci_raw_node_link_policy_mask *)
1250 data;
1251
1252 error = ng_btsocket_hci_raw_send_sync_ngmsg(pcb, path,
1253 NGM_HCI_NODE_GET_LINK_POLICY_SETTINGS_MASK,
1254 &p->policy_mask, sizeof(p->policy_mask));
1255 } break;
1256
1257 case SIOC_HCI_RAW_NODE_SET_LINK_POLICY_MASK: {
1258 struct ng_btsocket_hci_raw_node_link_policy_mask *p =
1259 (struct ng_btsocket_hci_raw_node_link_policy_mask *)
1260 data;
1261
1262 if (pcb->flags & NG_BTSOCKET_HCI_RAW_PRIVILEGED)
1263 error = ng_btsocket_hci_raw_send_ngmsg(path,
1264 NGM_HCI_NODE_SET_LINK_POLICY_SETTINGS_MASK,
1265 &p->policy_mask,
1266 sizeof(p->policy_mask));
1267 else
1268 error = EPERM;
1269 } break;
1270
1271 case SIOC_HCI_RAW_NODE_GET_PACKET_MASK: {
1272 struct ng_btsocket_hci_raw_node_packet_mask *p =
1273 (struct ng_btsocket_hci_raw_node_packet_mask *) data;
1274
1275 error = ng_btsocket_hci_raw_send_sync_ngmsg(pcb, path,
1276 NGM_HCI_NODE_GET_PACKET_MASK,
1277 &p->packet_mask, sizeof(p->packet_mask));
1278 } break;
1279
1280 case SIOC_HCI_RAW_NODE_SET_PACKET_MASK: {
1281 struct ng_btsocket_hci_raw_node_packet_mask *p =
1282 (struct ng_btsocket_hci_raw_node_packet_mask *) data;
1283
1284 if (pcb->flags & NG_BTSOCKET_HCI_RAW_PRIVILEGED)
1285 error = ng_btsocket_hci_raw_send_ngmsg(path,
1286 NGM_HCI_NODE_SET_PACKET_MASK,
1287 &p->packet_mask,
1288 sizeof(p->packet_mask));
1289 else
1290 error = EPERM;
1291 } break;
1292
1293 case SIOC_HCI_RAW_NODE_GET_ROLE_SWITCH: {
1294 struct ng_btsocket_hci_raw_node_role_switch *p =
1295 (struct ng_btsocket_hci_raw_node_role_switch *) data;
1296
1297 error = ng_btsocket_hci_raw_send_sync_ngmsg(pcb, path,
1298 NGM_HCI_NODE_GET_ROLE_SWITCH,
1299 &p->role_switch, sizeof(p->role_switch));
1300 } break;
1301
1302 case SIOC_HCI_RAW_NODE_SET_ROLE_SWITCH: {
1303 struct ng_btsocket_hci_raw_node_role_switch *p =
1304 (struct ng_btsocket_hci_raw_node_role_switch *) data;
1305
1306 if (pcb->flags & NG_BTSOCKET_HCI_RAW_PRIVILEGED)
1307 error = ng_btsocket_hci_raw_send_ngmsg(path,
1308 NGM_HCI_NODE_SET_ROLE_SWITCH,
1309 &p->role_switch,
1310 sizeof(p->role_switch));
1311 else
1312 error = EPERM;
1313 } break;
1314
1315 case SIOC_HCI_RAW_NODE_LIST_NAMES: {
1316 struct ng_btsocket_hci_raw_node_list_names *nl =
1317 (struct ng_btsocket_hci_raw_node_list_names *) data;
1318 struct nodeinfo *ni = nl->names;
1319
1320 if (nl->num_names == 0) {
1321 error = EINVAL;
1322 break;
1323 }
1324
1325 NG_MKMESSAGE(msg, NGM_GENERIC_COOKIE, NGM_LISTNAMES,
5a975a3d 1326 0, M_WAITOK | M_NULLOK);
b06ebda0
MD
1327 if (msg == NULL) {
1328 error = ENOMEM;
1329 break;
1330 }
1331 ng_btsocket_hci_raw_get_token(&msg->header.token);
1332 pcb->token = msg->header.token;
1333 pcb->msg = NULL;
1334
1335 NG_SEND_MSG_PATH(error, ng_btsocket_hci_raw_node, msg, ".:", 0);
1336 if (error != 0) {
1337 pcb->token = 0;
1338 break;
1339 }
1340
1341 error = msleep(&pcb->msg, &pcb->pcb_mtx,
1342 PZERO|PCATCH, "hcictl",
1343 ng_btsocket_hci_raw_ioctl_timeout * hz);
1344 pcb->token = 0;
1345
1346 if (error != 0)
1347 break;
1348
1349 if (pcb->msg != NULL && pcb->msg->header.cmd == NGM_LISTNAMES) {
1350 /* Return data back to user space */
1351 struct namelist *nl1 = (struct namelist *) pcb->msg->data;
1352 struct nodeinfo *ni1 = &nl1->nodeinfo[0];
1353
1354 while (nl->num_names > 0 && nl1->numnames > 0) {
1355 if (strcmp(ni1->type, NG_HCI_NODE_TYPE) == 0) {
1356 error = copyout((caddr_t) ni1,
1357 (caddr_t) ni,
1358 sizeof(*ni));
1359 if (error != 0)
1360 break;
1361
1362 nl->num_names --;
1363 ni ++;
1364 }
1365
1366 nl1->numnames --;
1367 ni1 ++;
1368 }
1369
1370 nl->num_names = ni - nl->names;
1371 } else
1372 error = EINVAL;
1373
1374 NG_FREE_MSG(pcb->msg); /* checks for != NULL */
1375 } break;
1376
1377 default:
1378 error = EINVAL;
1379 break;
1380 }
1381
1382 mtx_unlock(&pcb->pcb_mtx);
1383
1384 return (error);
1385} /* ng_btsocket_hci_raw_control */
1386
1387/*
1388 * Process getsockopt/setsockopt system calls
1389 */
1390
1391int
1392ng_btsocket_hci_raw_ctloutput(struct socket *so, struct sockopt *sopt)
1393{
1394 ng_btsocket_hci_raw_pcb_p pcb = so2hci_raw_pcb(so);
1395 struct ng_btsocket_hci_raw_filter filter;
1396 int error = 0, dir;
1397
1398 if (pcb == NULL)
1399 return (EINVAL);
1400 if (ng_btsocket_hci_raw_node == NULL)
1401 return (EINVAL);
1402
1403 if (sopt->sopt_level != SOL_HCI_RAW)
1404 return (0);
1405
1406 mtx_lock(&pcb->pcb_mtx);
1407
1408 switch (sopt->sopt_dir) {
1409 case SOPT_GET:
1410 switch (sopt->sopt_name) {
1411 case SO_HCI_RAW_FILTER:
1412 error = sooptcopyout(sopt, &pcb->filter,
1413 sizeof(pcb->filter));
1414 break;
1415
1416 case SO_HCI_RAW_DIRECTION:
1417 dir = (pcb->flags & NG_BTSOCKET_HCI_RAW_DIRECTION)?1:0;
1418 error = sooptcopyout(sopt, &dir, sizeof(dir));
1419 break;
1420
1421 default:
1422 error = EINVAL;
1423 break;
1424 }
1425 break;
1426
1427 case SOPT_SET:
1428 switch (sopt->sopt_name) {
1429 case SO_HCI_RAW_FILTER:
1430 error = sooptcopyin(sopt, &filter, sizeof(filter),
1431 sizeof(filter));
1432 if (error == 0)
1433 bcopy(&filter, &pcb->filter,
1434 sizeof(pcb->filter));
1435 break;
1436
1437 case SO_HCI_RAW_DIRECTION:
1438 error = sooptcopyin(sopt, &dir, sizeof(dir),
1439 sizeof(dir));
1440 if (error != 0)
1441 break;
1442
1443 if (dir)
1444 pcb->flags |= NG_BTSOCKET_HCI_RAW_DIRECTION;
1445 else
1446 pcb->flags &= ~NG_BTSOCKET_HCI_RAW_DIRECTION;
1447 break;
1448
1449 default:
1450 error = EINVAL;
1451 break;
1452 }
1453 break;
1454
1455 default:
1456 error = EINVAL;
1457 break;
1458 }
1459
1460 mtx_unlock(&pcb->pcb_mtx);
1461
1462 return (error);
1463} /* ng_btsocket_hci_raw_ctloutput */
1464
1465/*
1466 * Detach raw HCI socket
1467 */
1468
1469void
1470ng_btsocket_hci_raw_detach(struct socket *so)
1471{
1472 ng_btsocket_hci_raw_pcb_p pcb = so2hci_raw_pcb(so);
1473
1474 KASSERT(pcb != NULL, ("ng_btsocket_hci_raw_detach: pcb == NULL"));
1475
1476 if (ng_btsocket_hci_raw_node == NULL)
1477 return;
1478
1479 mtx_lock(&ng_btsocket_hci_raw_sockets_mtx);
1480 mtx_lock(&pcb->pcb_mtx);
1481
1482 LIST_REMOVE(pcb, next);
1483
1484 mtx_unlock(&pcb->pcb_mtx);
1485 mtx_unlock(&ng_btsocket_hci_raw_sockets_mtx);
1486
1487 mtx_destroy(&pcb->pcb_mtx);
1488
1489 bzero(pcb, sizeof(*pcb));
fc025606 1490 kfree(pcb, M_NETGRAPH_BTSOCKET_HCI_RAW);
b06ebda0
MD
1491
1492 so->so_pcb = NULL;
1493} /* ng_btsocket_hci_raw_detach */
1494
1495/*
1496 * Disconnect raw HCI socket
1497 */
1498
1499int
1500ng_btsocket_hci_raw_disconnect(struct socket *so)
1501{
1502 ng_btsocket_hci_raw_pcb_p pcb = so2hci_raw_pcb(so);
1503
1504 if (pcb == NULL)
1505 return (EINVAL);
1506 if (ng_btsocket_hci_raw_node == NULL)
1507 return (EINVAL);
1508
1509 mtx_lock(&pcb->pcb_mtx);
1510 soisdisconnected(so);
1511 mtx_unlock(&pcb->pcb_mtx);
1512
1513 return (0);
1514} /* ng_btsocket_hci_raw_disconnect */
1515
1516/*
1517 * Get socket peer's address
1518 */
1519
1520int
1521ng_btsocket_hci_raw_peeraddr(struct socket *so, struct sockaddr **nam)
1522{
1523 return (ng_btsocket_hci_raw_sockaddr(so, nam));
1524} /* ng_btsocket_hci_raw_peeraddr */
1525
1526/*
1527 * Send data
1528 */
1529
1530int
1531ng_btsocket_hci_raw_send(struct socket *so, int flags, struct mbuf *m,
1532 struct sockaddr *sa, struct mbuf *control, struct thread *td)
1533{
1534 ng_btsocket_hci_raw_pcb_p pcb = so2hci_raw_pcb(so);
1535 struct mbuf *nam = NULL;
1536 int error = 0;
1537
1538 if (ng_btsocket_hci_raw_node == NULL) {
1539 error = ENETDOWN;
1540 goto drop;
1541 }
1542 if (pcb == NULL) {
1543 error = EINVAL;
1544 goto drop;
1545 }
1546 if (control != NULL) {
1547 error = EINVAL;
1548 goto drop;
1549 }
1550
1551 if (m->m_pkthdr.len < sizeof(ng_hci_cmd_pkt_t) ||
1552 m->m_pkthdr.len > sizeof(ng_hci_cmd_pkt_t) + NG_HCI_CMD_PKT_SIZE) {
1553 error = EMSGSIZE;
1554 goto drop;
1555 }
1556
1557 if (m->m_len < sizeof(ng_hci_cmd_pkt_t)) {
1558 if ((m = m_pullup(m, sizeof(ng_hci_cmd_pkt_t))) == NULL) {
1559 error = ENOBUFS;
1560 goto drop;
1561 }
1562 }
1563 if (*mtod(m, u_int8_t *) != NG_HCI_CMD_PKT) {
1564 error = ENOTSUP;
1565 goto drop;
1566 }
1567
1568 mtx_lock(&pcb->pcb_mtx);
1569
1570 error = ng_btsocket_hci_raw_filter(pcb, m, 0);
1571 if (error != 0) {
1572 mtx_unlock(&pcb->pcb_mtx);
1573 goto drop;
1574 }
1575
1576 if (sa == NULL) {
1577 if (pcb->addr.hci_node[0] == 0) {
1578 mtx_unlock(&pcb->pcb_mtx);
1579 error = EDESTADDRREQ;
1580 goto drop;
1581 }
1582
1583 sa = (struct sockaddr *) &pcb->addr;
1584 }
1585
5a975a3d 1586 MGET(nam, MB_DONTWAIT, MT_SONAME);
b06ebda0
MD
1587 if (nam == NULL) {
1588 mtx_unlock(&pcb->pcb_mtx);
1589 error = ENOBUFS;
1590 goto drop;
1591 }
1592
1593 nam->m_len = sizeof(struct sockaddr_hci);
1594 bcopy(sa,mtod(nam, struct sockaddr_hci *),sizeof(struct sockaddr_hci));
1595
1596 nam->m_next = m;
1597 m = NULL;
1598
1599 mtx_unlock(&pcb->pcb_mtx);
1600
1601 return (ng_send_fn(ng_btsocket_hci_raw_node, NULL,
1602 ng_btsocket_hci_raw_output, nam, 0));
1603drop:
1604 NG_FREE_M(control); /* NG_FREE_M checks for != NULL */
1605 NG_FREE_M(nam);
1606 NG_FREE_M(m);
1607
1608 return (error);
1609} /* ng_btsocket_hci_raw_send */
1610
1611/*
1612 * Get socket address
1613 */
1614
1615int
1616ng_btsocket_hci_raw_sockaddr(struct socket *so, struct sockaddr **nam)
1617{
1618 ng_btsocket_hci_raw_pcb_p pcb = so2hci_raw_pcb(so);
1619 struct sockaddr_hci sa;
1620
1621 if (pcb == NULL)
1622 return (EINVAL);
1623 if (ng_btsocket_hci_raw_node == NULL)
1624 return (EINVAL);
1625
1626 bzero(&sa, sizeof(sa));
1627 sa.hci_len = sizeof(sa);
1628 sa.hci_family = AF_BLUETOOTH;
1629
1630 mtx_lock(&pcb->pcb_mtx);
1631 strlcpy(sa.hci_node, pcb->addr.hci_node, sizeof(sa.hci_node));
1632 mtx_unlock(&pcb->pcb_mtx);
1633
5a975a3d 1634 *nam = sodupsockaddr((struct sockaddr *) &sa, M_WAITOK | M_NULLOK);
b06ebda0
MD
1635
1636 return ((*nam == NULL)? ENOMEM : 0);
1637} /* ng_btsocket_hci_raw_sockaddr */
1638