net/irda/af_irda.c at v2.6.20-rc4

tjh.dev / kernel
fork
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork
kernel / net / irda / af_irda.c
at v2.6.20-rc4 2618 lines 69 kB view raw
wrap content
   1/*********************************************************************
   2 *
   3 * Filename:      af_irda.c
   4 * Version:       0.9
   5 * Description:   IrDA sockets implementation
   6 * Status:        Stable
   7 * Author:        Dag Brattli <dagb@cs.uit.no>
   8 * Created at:    Sun May 31 10:12:43 1998
   9 * Modified at:   Sat Dec 25 21:10:23 1999
  10 * Modified by:   Dag Brattli <dag@brattli.net>
  11 * Sources:       af_netroom.c, af_ax25.c, af_rose.c, af_x25.c etc.
  12 *
  13 *     Copyright (c) 1999 Dag Brattli <dagb@cs.uit.no>
  14 *     Copyright (c) 1999-2003 Jean Tourrilhes <jt@hpl.hp.com>
  15 *     All Rights Reserved.
  16 *
  17 *     This program is free software; you can redistribute it and/or
  18 *     modify it under the terms of the GNU General Public License as
  19 *     published by the Free Software Foundation; either version 2 of
  20 *     the License, or (at your option) any later version.
  21 *
  22 *     This program is distributed in the hope that it will be useful,
  23 *     but WITHOUT ANY WARRANTY; without even the implied warranty of
  24 *     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  25 *     GNU General Public License for more details.
  26 *
  27 *     You should have received a copy of the GNU General Public License
  28 *     along with this program; if not, write to the Free Software
  29 *     Foundation, Inc., 59 Temple Place, Suite 330, Boston,
  30 *     MA 02111-1307 USA
  31 *
  32 *     Linux-IrDA now supports four different types of IrDA sockets:
  33 *
  34 *     o SOCK_STREAM:    TinyTP connections with SAR disabled. The
  35 *                       max SDU size is 0 for conn. of this type
  36 *     o SOCK_SEQPACKET: TinyTP connections with SAR enabled. TTP may
  37 *                       fragment the messages, but will preserve
  38 *                       the message boundaries
  39 *     o SOCK_DGRAM:     IRDAPROTO_UNITDATA: TinyTP connections with Unitdata
  40 *                       (unreliable) transfers
  41 *                       IRDAPROTO_ULTRA: Connectionless and unreliable data
  42 *
  43 ********************************************************************/
  44
  45#include <linux/capability.h>
  46#include <linux/module.h>
  47#include <linux/types.h>
  48#include <linux/socket.h>
  49#include <linux/sockios.h>
  50#include <linux/init.h>
  51#include <linux/net.h>
  52#include <linux/irda.h>
  53#include <linux/poll.h>
  54
  55#include <asm/ioctls.h>		/* TIOCOUTQ, TIOCINQ */
  56#include <asm/uaccess.h>
  57
  58#include <net/sock.h>
  59#include <net/tcp_states.h>
  60
  61#include <net/irda/af_irda.h>
  62
  63static int irda_create(struct socket *sock, int protocol);
  64
  65static const struct proto_ops irda_stream_ops;
  66static const struct proto_ops irda_seqpacket_ops;
  67static const struct proto_ops irda_dgram_ops;
  68
  69#ifdef CONFIG_IRDA_ULTRA
  70static const struct proto_ops irda_ultra_ops;
  71#define ULTRA_MAX_DATA 382
  72#endif /* CONFIG_IRDA_ULTRA */
  73
  74#define IRDA_MAX_HEADER (TTP_MAX_HEADER)
  75
  76/*
  77 * Function irda_data_indication (instance, sap, skb)
  78 *
  79 *    Received some data from TinyTP. Just queue it on the receive queue
  80 *
  81 */
  82static int irda_data_indication(void *instance, void *sap, struct sk_buff *skb)
  83{
  84	struct irda_sock *self;
  85	struct sock *sk;
  86	int err;
  87
  88	IRDA_DEBUG(3, "%s()\n", __FUNCTION__);
  89
  90	self = instance;
  91	sk = instance;
  92	IRDA_ASSERT(sk != NULL, return -1;);
  93
  94	err = sock_queue_rcv_skb(sk, skb);
  95	if (err) {
  96		IRDA_DEBUG(1, "%s(), error: no more mem!\n", __FUNCTION__);
  97		self->rx_flow = FLOW_STOP;
  98
  99		/* When we return error, TTP will need to requeue the skb */
 100		return err;
 101	}
 102
 103	return 0;
 104}
 105
 106/*
 107 * Function irda_disconnect_indication (instance, sap, reason, skb)
 108 *
 109 *    Connection has been closed. Check reason to find out why
 110 *
 111 */
 112static void irda_disconnect_indication(void *instance, void *sap,
 113				       LM_REASON reason, struct sk_buff *skb)
 114{
 115	struct irda_sock *self;
 116	struct sock *sk;
 117
 118	self = instance;
 119
 120	IRDA_DEBUG(2, "%s(%p)\n", __FUNCTION__, self);
 121
 122	/* Don't care about it, but let's not leak it */
 123	if(skb)
 124		dev_kfree_skb(skb);
 125
 126	sk = instance;
 127	if (sk == NULL) {
 128		IRDA_DEBUG(0, "%s(%p) : BUG : sk is NULL\n",
 129			   __FUNCTION__, self);
 130		return;
 131	}
 132
 133	/* Prevent race conditions with irda_release() and irda_shutdown() */
 134	if (!sock_flag(sk, SOCK_DEAD) && sk->sk_state != TCP_CLOSE) {
 135		lock_sock(sk);
 136		sk->sk_state     = TCP_CLOSE;
 137		sk->sk_err       = ECONNRESET;
 138		sk->sk_shutdown |= SEND_SHUTDOWN;
 139
 140		sk->sk_state_change(sk);
 141                sock_orphan(sk);
 142		release_sock(sk);
 143
 144		/* Close our TSAP.
 145		 * If we leave it open, IrLMP put it back into the list of
 146		 * unconnected LSAPs. The problem is that any incoming request
 147		 * can then be matched to this socket (and it will be, because
 148		 * it is at the head of the list). This would prevent any
 149		 * listening socket waiting on the same TSAP to get those
 150		 * requests. Some apps forget to close sockets, or hang to it
 151		 * a bit too long, so we may stay in this dead state long
 152		 * enough to be noticed...
 153		 * Note : all socket function do check sk->sk_state, so we are
 154		 * safe...
 155		 * Jean II
 156		 */
 157		if (self->tsap) {
 158			irttp_close_tsap(self->tsap);
 159			self->tsap = NULL;
 160		}
 161        }
 162
 163	/* Note : once we are there, there is not much you want to do
 164	 * with the socket anymore, apart from closing it.
 165	 * For example, bind() and connect() won't reset sk->sk_err,
 166	 * sk->sk_shutdown and sk->sk_flags to valid values...
 167	 * Jean II
 168	 */
 169}
 170
 171/*
 172 * Function irda_connect_confirm (instance, sap, qos, max_sdu_size, skb)
 173 *
 174 *    Connections has been confirmed by the remote device
 175 *
 176 */
 177static void irda_connect_confirm(void *instance, void *sap,
 178				 struct qos_info *qos,
 179				 __u32 max_sdu_size, __u8 max_header_size,
 180				 struct sk_buff *skb)
 181{
 182	struct irda_sock *self;
 183	struct sock *sk;
 184
 185	self = instance;
 186
 187	IRDA_DEBUG(2, "%s(%p)\n", __FUNCTION__, self);
 188
 189	sk = instance;
 190	if (sk == NULL) {
 191		dev_kfree_skb(skb);
 192		return;
 193	}
 194
 195	dev_kfree_skb(skb);
 196	// Should be ??? skb_queue_tail(&sk->sk_receive_queue, skb);
 197
 198	/* How much header space do we need to reserve */
 199	self->max_header_size = max_header_size;
 200
 201	/* IrTTP max SDU size in transmit direction */
 202	self->max_sdu_size_tx = max_sdu_size;
 203
 204	/* Find out what the largest chunk of data that we can transmit is */
 205	switch (sk->sk_type) {
 206	case SOCK_STREAM:
 207		if (max_sdu_size != 0) {
 208			IRDA_ERROR("%s: max_sdu_size must be 0\n",
 209				   __FUNCTION__);
 210			return;
 211		}
 212		self->max_data_size = irttp_get_max_seg_size(self->tsap);
 213		break;
 214	case SOCK_SEQPACKET:
 215		if (max_sdu_size == 0) {
 216			IRDA_ERROR("%s: max_sdu_size cannot be 0\n",
 217				   __FUNCTION__);
 218			return;
 219		}
 220		self->max_data_size = max_sdu_size;
 221		break;
 222	default:
 223		self->max_data_size = irttp_get_max_seg_size(self->tsap);
 224	};
 225
 226	IRDA_DEBUG(2, "%s(), max_data_size=%d\n", __FUNCTION__,
 227		   self->max_data_size);
 228
 229	memcpy(&self->qos_tx, qos, sizeof(struct qos_info));
 230
 231	/* We are now connected! */
 232	sk->sk_state = TCP_ESTABLISHED;
 233	sk->sk_state_change(sk);
 234}
 235
 236/*
 237 * Function irda_connect_indication(instance, sap, qos, max_sdu_size, userdata)
 238 *
 239 *    Incoming connection
 240 *
 241 */
 242static void irda_connect_indication(void *instance, void *sap,
 243				    struct qos_info *qos, __u32 max_sdu_size,
 244				    __u8 max_header_size, struct sk_buff *skb)
 245{
 246	struct irda_sock *self;
 247	struct sock *sk;
 248
 249	self = instance;
 250
 251	IRDA_DEBUG(2, "%s(%p)\n", __FUNCTION__, self);
 252
 253	sk = instance;
 254	if (sk == NULL) {
 255		dev_kfree_skb(skb);
 256		return;
 257	}
 258
 259	/* How much header space do we need to reserve */
 260	self->max_header_size = max_header_size;
 261
 262	/* IrTTP max SDU size in transmit direction */
 263	self->max_sdu_size_tx = max_sdu_size;
 264
 265	/* Find out what the largest chunk of data that we can transmit is */
 266	switch (sk->sk_type) {
 267	case SOCK_STREAM:
 268		if (max_sdu_size != 0) {
 269			IRDA_ERROR("%s: max_sdu_size must be 0\n",
 270				   __FUNCTION__);
 271			kfree_skb(skb);
 272			return;
 273		}
 274		self->max_data_size = irttp_get_max_seg_size(self->tsap);
 275		break;
 276	case SOCK_SEQPACKET:
 277		if (max_sdu_size == 0) {
 278			IRDA_ERROR("%s: max_sdu_size cannot be 0\n",
 279				   __FUNCTION__);
 280			kfree_skb(skb);
 281			return;
 282		}
 283		self->max_data_size = max_sdu_size;
 284		break;
 285	default:
 286		self->max_data_size = irttp_get_max_seg_size(self->tsap);
 287	};
 288
 289	IRDA_DEBUG(2, "%s(), max_data_size=%d\n", __FUNCTION__,
 290		   self->max_data_size);
 291
 292	memcpy(&self->qos_tx, qos, sizeof(struct qos_info));
 293
 294	skb_queue_tail(&sk->sk_receive_queue, skb);
 295	sk->sk_state_change(sk);
 296}
 297
 298/*
 299 * Function irda_connect_response (handle)
 300 *
 301 *    Accept incoming connection
 302 *
 303 */
 304static void irda_connect_response(struct irda_sock *self)
 305{
 306	struct sk_buff *skb;
 307
 308	IRDA_DEBUG(2, "%s()\n", __FUNCTION__);
 309
 310	IRDA_ASSERT(self != NULL, return;);
 311
 312	skb = alloc_skb(TTP_MAX_HEADER + TTP_SAR_HEADER,
 313			GFP_ATOMIC);
 314	if (skb == NULL) {
 315		IRDA_DEBUG(0, "%s() Unable to allocate sk_buff!\n",
 316			   __FUNCTION__);
 317		return;
 318	}
 319
 320	/* Reserve space for MUX_CONTROL and LAP header */
 321	skb_reserve(skb, IRDA_MAX_HEADER);
 322
 323	irttp_connect_response(self->tsap, self->max_sdu_size_rx, skb);
 324}
 325
 326/*
 327 * Function irda_flow_indication (instance, sap, flow)
 328 *
 329 *    Used by TinyTP to tell us if it can accept more data or not
 330 *
 331 */
 332static void irda_flow_indication(void *instance, void *sap, LOCAL_FLOW flow)
 333{
 334	struct irda_sock *self;
 335	struct sock *sk;
 336
 337	IRDA_DEBUG(2, "%s()\n", __FUNCTION__);
 338
 339	self = instance;
 340	sk = instance;
 341	IRDA_ASSERT(sk != NULL, return;);
 342
 343	switch (flow) {
 344	case FLOW_STOP:
 345		IRDA_DEBUG(1, "%s(), IrTTP wants us to slow down\n",
 346			   __FUNCTION__);
 347		self->tx_flow = flow;
 348		break;
 349	case FLOW_START:
 350		self->tx_flow = flow;
 351		IRDA_DEBUG(1, "%s(), IrTTP wants us to start again\n",
 352			   __FUNCTION__);
 353		wake_up_interruptible(sk->sk_sleep);
 354		break;
 355	default:
 356		IRDA_DEBUG(0, "%s(), Unknown flow command!\n", __FUNCTION__);
 357		/* Unknown flow command, better stop */
 358		self->tx_flow = flow;
 359		break;
 360	}
 361}
 362
 363/*
 364 * Function irda_getvalue_confirm (obj_id, value, priv)
 365 *
 366 *    Got answer from remote LM-IAS, just pass object to requester...
 367 *
 368 * Note : duplicate from above, but we need our own version that
 369 * doesn't touch the dtsap_sel and save the full value structure...
 370 */
 371static void irda_getvalue_confirm(int result, __u16 obj_id,
 372				  struct ias_value *value, void *priv)
 373{
 374	struct irda_sock *self;
 375
 376	self = (struct irda_sock *) priv;
 377	if (!self) {
 378		IRDA_WARNING("%s: lost myself!\n", __FUNCTION__);
 379		return;
 380	}
 381
 382	IRDA_DEBUG(2, "%s(%p)\n", __FUNCTION__, self);
 383
 384	/* We probably don't need to make any more queries */
 385	iriap_close(self->iriap);
 386	self->iriap = NULL;
 387
 388	/* Check if request succeeded */
 389	if (result != IAS_SUCCESS) {
 390		IRDA_DEBUG(1, "%s(), IAS query failed! (%d)\n", __FUNCTION__,
 391			   result);
 392
 393		self->errno = result;	/* We really need it later */
 394
 395		/* Wake up any processes waiting for result */
 396		wake_up_interruptible(&self->query_wait);
 397
 398		return;
 399	}
 400
 401	/* Pass the object to the caller (so the caller must delete it) */
 402	self->ias_result = value;
 403	self->errno = 0;
 404
 405	/* Wake up any processes waiting for result */
 406	wake_up_interruptible(&self->query_wait);
 407}
 408
 409/*
 410 * Function irda_selective_discovery_indication (discovery)
 411 *
 412 *    Got a selective discovery indication from IrLMP.
 413 *
 414 * IrLMP is telling us that this node is new and matching our hint bit
 415 * filter. Wake up any process waiting for answer...
 416 */
 417static void irda_selective_discovery_indication(discinfo_t *discovery,
 418						DISCOVERY_MODE mode,
 419						void *priv)
 420{
 421	struct irda_sock *self;
 422
 423	IRDA_DEBUG(2, "%s()\n", __FUNCTION__);
 424
 425	self = (struct irda_sock *) priv;
 426	if (!self) {
 427		IRDA_WARNING("%s: lost myself!\n", __FUNCTION__);
 428		return;
 429	}
 430
 431	/* Pass parameter to the caller */
 432	self->cachedaddr = discovery->daddr;
 433
 434	/* Wake up process if its waiting for device to be discovered */
 435	wake_up_interruptible(&self->query_wait);
 436}
 437
 438/*
 439 * Function irda_discovery_timeout (priv)
 440 *
 441 *    Timeout in the selective discovery process
 442 *
 443 * We were waiting for a node to be discovered, but nothing has come up
 444 * so far. Wake up the user and tell him that we failed...
 445 */
 446static void irda_discovery_timeout(u_long priv)
 447{
 448	struct irda_sock *self;
 449
 450	IRDA_DEBUG(2, "%s()\n", __FUNCTION__);
 451
 452	self = (struct irda_sock *) priv;
 453	IRDA_ASSERT(self != NULL, return;);
 454
 455	/* Nothing for the caller */
 456	self->cachelog = NULL;
 457	self->cachedaddr = 0;
 458	self->errno = -ETIME;
 459
 460	/* Wake up process if its still waiting... */
 461	wake_up_interruptible(&self->query_wait);
 462}
 463
 464/*
 465 * Function irda_open_tsap (self)
 466 *
 467 *    Open local Transport Service Access Point (TSAP)
 468 *
 469 */
 470static int irda_open_tsap(struct irda_sock *self, __u8 tsap_sel, char *name)
 471{
 472	notify_t notify;
 473
 474	if (self->tsap) {
 475		IRDA_WARNING("%s: busy!\n", __FUNCTION__);
 476		return -EBUSY;
 477	}
 478
 479	/* Initialize callbacks to be used by the IrDA stack */
 480	irda_notify_init(&notify);
 481	notify.connect_confirm       = irda_connect_confirm;
 482	notify.connect_indication    = irda_connect_indication;
 483	notify.disconnect_indication = irda_disconnect_indication;
 484	notify.data_indication       = irda_data_indication;
 485	notify.udata_indication	     = irda_data_indication;
 486	notify.flow_indication       = irda_flow_indication;
 487	notify.instance = self;
 488	strncpy(notify.name, name, NOTIFY_MAX_NAME);
 489
 490	self->tsap = irttp_open_tsap(tsap_sel, DEFAULT_INITIAL_CREDIT,
 491				     &notify);
 492	if (self->tsap == NULL) {
 493		IRDA_DEBUG(0, "%s(), Unable to allocate TSAP!\n",
 494			   __FUNCTION__);
 495		return -ENOMEM;
 496	}
 497	/* Remember which TSAP selector we actually got */
 498	self->stsap_sel = self->tsap->stsap_sel;
 499
 500	return 0;
 501}
 502
 503/*
 504 * Function irda_open_lsap (self)
 505 *
 506 *    Open local Link Service Access Point (LSAP). Used for opening Ultra
 507 *    sockets
 508 */
 509#ifdef CONFIG_IRDA_ULTRA
 510static int irda_open_lsap(struct irda_sock *self, int pid)
 511{
 512	notify_t notify;
 513
 514	if (self->lsap) {
 515		IRDA_WARNING("%s(), busy!\n", __FUNCTION__);
 516		return -EBUSY;
 517	}
 518
 519	/* Initialize callbacks to be used by the IrDA stack */
 520	irda_notify_init(&notify);
 521	notify.udata_indication	= irda_data_indication;
 522	notify.instance = self;
 523	strncpy(notify.name, "Ultra", NOTIFY_MAX_NAME);
 524
 525	self->lsap = irlmp_open_lsap(LSAP_CONNLESS, &notify, pid);
 526	if (self->lsap == NULL) {
 527		IRDA_DEBUG( 0, "%s(), Unable to allocate LSAP!\n", __FUNCTION__);
 528		return -ENOMEM;
 529	}
 530
 531	return 0;
 532}
 533#endif /* CONFIG_IRDA_ULTRA */
 534
 535/*
 536 * Function irda_find_lsap_sel (self, name)
 537 *
 538 *    Try to lookup LSAP selector in remote LM-IAS
 539 *
 540 * Basically, we start a IAP query, and then go to sleep. When the query
 541 * return, irda_getvalue_confirm will wake us up, and we can examine the
 542 * result of the query...
 543 * Note that in some case, the query fail even before we go to sleep,
 544 * creating some races...
 545 */
 546static int irda_find_lsap_sel(struct irda_sock *self, char *name)
 547{
 548	IRDA_DEBUG(2, "%s(%p, %s)\n", __FUNCTION__, self, name);
 549
 550	IRDA_ASSERT(self != NULL, return -1;);
 551
 552	if (self->iriap) {
 553		IRDA_WARNING("%s(): busy with a previous query\n",
 554			     __FUNCTION__);
 555		return -EBUSY;
 556	}
 557
 558	self->iriap = iriap_open(LSAP_ANY, IAS_CLIENT, self,
 559				 irda_getvalue_confirm);
 560	if(self->iriap == NULL)
 561		return -ENOMEM;
 562
 563	/* Treat unexpected wakeup as disconnect */
 564	self->errno = -EHOSTUNREACH;
 565
 566	/* Query remote LM-IAS */
 567	iriap_getvaluebyclass_request(self->iriap, self->saddr, self->daddr,
 568				      name, "IrDA:TinyTP:LsapSel");
 569
 570	/* Wait for answer, if not yet finished (or failed) */
 571	if (wait_event_interruptible(self->query_wait, (self->iriap==NULL)))
 572		/* Treat signals as disconnect */
 573		return -EHOSTUNREACH;
 574
 575	/* Check what happened */
 576	if (self->errno)
 577	{
 578		/* Requested object/attribute doesn't exist */
 579		if((self->errno == IAS_CLASS_UNKNOWN) ||
 580		   (self->errno == IAS_ATTRIB_UNKNOWN))
 581			return (-EADDRNOTAVAIL);
 582		else
 583			return (-EHOSTUNREACH);
 584	}
 585
 586	/* Get the remote TSAP selector */
 587	switch (self->ias_result->type) {
 588	case IAS_INTEGER:
 589		IRDA_DEBUG(4, "%s() int=%d\n",
 590			   __FUNCTION__, self->ias_result->t.integer);
 591
 592		if (self->ias_result->t.integer != -1)
 593			self->dtsap_sel = self->ias_result->t.integer;
 594		else
 595			self->dtsap_sel = 0;
 596		break;
 597	default:
 598		self->dtsap_sel = 0;
 599		IRDA_DEBUG(0, "%s(), bad type!\n", __FUNCTION__);
 600		break;
 601	}
 602	if (self->ias_result)
 603		irias_delete_value(self->ias_result);
 604
 605	if (self->dtsap_sel)
 606		return 0;
 607
 608	return -EADDRNOTAVAIL;
 609}
 610
 611/*
 612 * Function irda_discover_daddr_and_lsap_sel (self, name)
 613 *
 614 *    This try to find a device with the requested service.
 615 *
 616 * It basically look into the discovery log. For each address in the list,
 617 * it queries the LM-IAS of the device to find if this device offer
 618 * the requested service.
 619 * If there is more than one node supporting the service, we complain
 620 * to the user (it should move devices around).
 621 * The, we set both the destination address and the lsap selector to point
 622 * on the service on the unique device we have found.
 623 *
 624 * Note : this function fails if there is more than one device in range,
 625 * because IrLMP doesn't disconnect the LAP when the last LSAP is closed.
 626 * Moreover, we would need to wait the LAP disconnection...
 627 */
 628static int irda_discover_daddr_and_lsap_sel(struct irda_sock *self, char *name)
 629{
 630	discinfo_t *discoveries;	/* Copy of the discovery log */
 631	int	number;			/* Number of nodes in the log */
 632	int	i;
 633	int	err = -ENETUNREACH;
 634	__u32	daddr = DEV_ADDR_ANY;	/* Address we found the service on */
 635	__u8	dtsap_sel = 0x0;	/* TSAP associated with it */
 636
 637	IRDA_DEBUG(2, "%s(), name=%s\n", __FUNCTION__, name);
 638
 639	IRDA_ASSERT(self != NULL, return -1;);
 640
 641	/* Ask lmp for the current discovery log
 642	 * Note : we have to use irlmp_get_discoveries(), as opposed
 643	 * to play with the cachelog directly, because while we are
 644	 * making our ias query, le log might change... */
 645	discoveries = irlmp_get_discoveries(&number, self->mask.word,
 646					    self->nslots);
 647	/* Check if the we got some results */
 648	if (discoveries == NULL)
 649		return -ENETUNREACH;	/* No nodes discovered */
 650
 651	/*
 652	 * Now, check all discovered devices (if any), and connect
 653	 * client only about the services that the client is
 654	 * interested in...
 655	 */
 656	for(i = 0; i < number; i++) {
 657		/* Try the address in the log */
 658		self->daddr = discoveries[i].daddr;
 659		self->saddr = 0x0;
 660		IRDA_DEBUG(1, "%s(), trying daddr = %08x\n",
 661			   __FUNCTION__, self->daddr);
 662
 663		/* Query remote LM-IAS for this service */
 664		err = irda_find_lsap_sel(self, name);
 665		switch (err) {
 666		case 0:
 667			/* We found the requested service */
 668			if(daddr != DEV_ADDR_ANY) {
 669				IRDA_DEBUG(1, "%s(), discovered service ''%s'' in two different devices !!!\n",
 670					   __FUNCTION__, name);
 671				self->daddr = DEV_ADDR_ANY;
 672				kfree(discoveries);
 673				return(-ENOTUNIQ);
 674			}
 675			/* First time we found that one, save it ! */
 676			daddr = self->daddr;
 677			dtsap_sel = self->dtsap_sel;
 678			break;
 679		case -EADDRNOTAVAIL:
 680			/* Requested service simply doesn't exist on this node */
 681			break;
 682		default:
 683			/* Something bad did happen :-( */
 684			IRDA_DEBUG(0, "%s(), unexpected IAS query failure\n", __FUNCTION__);
 685			self->daddr = DEV_ADDR_ANY;
 686			kfree(discoveries);
 687			return(-EHOSTUNREACH);
 688			break;
 689		}
 690	}
 691	/* Cleanup our copy of the discovery log */
 692	kfree(discoveries);
 693
 694	/* Check out what we found */
 695	if(daddr == DEV_ADDR_ANY) {
 696		IRDA_DEBUG(1, "%s(), cannot discover service ''%s'' in any device !!!\n",
 697			   __FUNCTION__, name);
 698		self->daddr = DEV_ADDR_ANY;
 699		return(-EADDRNOTAVAIL);
 700	}
 701
 702	/* Revert back to discovered device & service */
 703	self->daddr = daddr;
 704	self->saddr = 0x0;
 705	self->dtsap_sel = dtsap_sel;
 706
 707	IRDA_DEBUG(1, "%s(), discovered requested service ''%s'' at address %08x\n",
 708		   __FUNCTION__, name, self->daddr);
 709
 710	return 0;
 711}
 712
 713/*
 714 * Function irda_getname (sock, uaddr, uaddr_len, peer)
 715 *
 716 *    Return the our own, or peers socket address (sockaddr_irda)
 717 *
 718 */
 719static int irda_getname(struct socket *sock, struct sockaddr *uaddr,
 720			int *uaddr_len, int peer)
 721{
 722	struct sockaddr_irda saddr;
 723	struct sock *sk = sock->sk;
 724	struct irda_sock *self = irda_sk(sk);
 725
 726	if (peer) {
 727		if (sk->sk_state != TCP_ESTABLISHED)
 728			return -ENOTCONN;
 729
 730		saddr.sir_family = AF_IRDA;
 731		saddr.sir_lsap_sel = self->dtsap_sel;
 732		saddr.sir_addr = self->daddr;
 733	} else {
 734		saddr.sir_family = AF_IRDA;
 735		saddr.sir_lsap_sel = self->stsap_sel;
 736		saddr.sir_addr = self->saddr;
 737	}
 738
 739	IRDA_DEBUG(1, "%s(), tsap_sel = %#x\n", __FUNCTION__, saddr.sir_lsap_sel);
 740	IRDA_DEBUG(1, "%s(), addr = %08x\n", __FUNCTION__, saddr.sir_addr);
 741
 742	/* uaddr_len come to us uninitialised */
 743	*uaddr_len = sizeof (struct sockaddr_irda);
 744	memcpy(uaddr, &saddr, *uaddr_len);
 745
 746	return 0;
 747}
 748
 749/*
 750 * Function irda_listen (sock, backlog)
 751 *
 752 *    Just move to the listen state
 753 *
 754 */
 755static int irda_listen(struct socket *sock, int backlog)
 756{
 757	struct sock *sk = sock->sk;
 758
 759	IRDA_DEBUG(2, "%s()\n", __FUNCTION__);
 760
 761	if ((sk->sk_type != SOCK_STREAM) && (sk->sk_type != SOCK_SEQPACKET) &&
 762	    (sk->sk_type != SOCK_DGRAM))
 763		return -EOPNOTSUPP;
 764
 765	if (sk->sk_state != TCP_LISTEN) {
 766		sk->sk_max_ack_backlog = backlog;
 767		sk->sk_state           = TCP_LISTEN;
 768
 769		return 0;
 770	}
 771
 772	return -EOPNOTSUPP;
 773}
 774
 775/*
 776 * Function irda_bind (sock, uaddr, addr_len)
 777 *
 778 *    Used by servers to register their well known TSAP
 779 *
 780 */
 781static int irda_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
 782{
 783	struct sock *sk = sock->sk;
 784	struct sockaddr_irda *addr = (struct sockaddr_irda *) uaddr;
 785	struct irda_sock *self = irda_sk(sk);
 786	int err;
 787
 788	IRDA_ASSERT(self != NULL, return -1;);
 789
 790	IRDA_DEBUG(2, "%s(%p)\n", __FUNCTION__, self);
 791
 792	if (addr_len != sizeof(struct sockaddr_irda))
 793		return -EINVAL;
 794
 795#ifdef CONFIG_IRDA_ULTRA
 796	/* Special care for Ultra sockets */
 797	if ((sk->sk_type == SOCK_DGRAM) &&
 798	    (sk->sk_protocol == IRDAPROTO_ULTRA)) {
 799		self->pid = addr->sir_lsap_sel;
 800		if (self->pid & 0x80) {
 801			IRDA_DEBUG(0, "%s(), extension in PID not supp!\n", __FUNCTION__);
 802			return -EOPNOTSUPP;
 803		}
 804		err = irda_open_lsap(self, self->pid);
 805		if (err < 0)
 806			return err;
 807
 808		/* Pretend we are connected */
 809		sock->state = SS_CONNECTED;
 810		sk->sk_state   = TCP_ESTABLISHED;
 811
 812		return 0;
 813	}
 814#endif /* CONFIG_IRDA_ULTRA */
 815
 816	err = irda_open_tsap(self, addr->sir_lsap_sel, addr->sir_name);
 817	if (err < 0)
 818		return err;
 819
 820	/*  Register with LM-IAS */
 821	self->ias_obj = irias_new_object(addr->sir_name, jiffies);
 822	irias_add_integer_attrib(self->ias_obj, "IrDA:TinyTP:LsapSel",
 823				 self->stsap_sel, IAS_KERNEL_ATTR);
 824	irias_insert_object(self->ias_obj);
 825
 826	return 0;
 827}
 828
 829/*
 830 * Function irda_accept (sock, newsock, flags)
 831 *
 832 *    Wait for incoming connection
 833 *
 834 */
 835static int irda_accept(struct socket *sock, struct socket *newsock, int flags)
 836{
 837	struct sock *sk = sock->sk;
 838	struct irda_sock *new, *self = irda_sk(sk);
 839	struct sock *newsk;
 840	struct sk_buff *skb;
 841	int err;
 842
 843	IRDA_DEBUG(2, "%s()\n", __FUNCTION__);
 844
 845	IRDA_ASSERT(self != NULL, return -1;);
 846
 847	err = irda_create(newsock, sk->sk_protocol);
 848	if (err)
 849		return err;
 850
 851	if (sock->state != SS_UNCONNECTED)
 852		return -EINVAL;
 853
 854	if ((sk = sock->sk) == NULL)
 855		return -EINVAL;
 856
 857	if ((sk->sk_type != SOCK_STREAM) && (sk->sk_type != SOCK_SEQPACKET) &&
 858	    (sk->sk_type != SOCK_DGRAM))
 859		return -EOPNOTSUPP;
 860
 861	if (sk->sk_state != TCP_LISTEN)
 862		return -EINVAL;
 863
 864	/*
 865	 *	The read queue this time is holding sockets ready to use
 866	 *	hooked into the SABM we saved
 867	 */
 868
 869	/*
 870	 * We can perform the accept only if there is incoming data
 871	 * on the listening socket.
 872	 * So, we will block the caller until we receive any data.
 873	 * If the caller was waiting on select() or poll() before
 874	 * calling us, the data is waiting for us ;-)
 875	 * Jean II
 876	 */
 877	skb = skb_dequeue(&sk->sk_receive_queue);
 878	if (skb == NULL) {
 879		int ret = 0;
 880		DECLARE_WAITQUEUE(waitq, current);
 881
 882		/* Non blocking operation */
 883		if (flags & O_NONBLOCK)
 884			return -EWOULDBLOCK;
 885
 886		/* The following code is a cut'n'paste of the
 887		 * wait_event_interruptible() macro.
 888		 * We don't us the macro because the condition has
 889		 * side effects : we want to make sure that only one
 890		 * skb get dequeued - Jean II */
 891		add_wait_queue(sk->sk_sleep, &waitq);
 892		for (;;) {
 893			set_current_state(TASK_INTERRUPTIBLE);
 894			skb = skb_dequeue(&sk->sk_receive_queue);
 895			if (skb != NULL)
 896				break;
 897			if (!signal_pending(current)) {
 898				schedule();
 899				continue;
 900			}
 901			ret = -ERESTARTSYS;
 902			break;
 903		}
 904		current->state = TASK_RUNNING;
 905		remove_wait_queue(sk->sk_sleep, &waitq);
 906		if(ret)
 907			return -ERESTARTSYS;
 908	}
 909
 910	newsk = newsock->sk;
 911	newsk->sk_state = TCP_ESTABLISHED;
 912
 913	new = irda_sk(newsk);
 914	IRDA_ASSERT(new != NULL, return -1;);
 915
 916	/* Now attach up the new socket */
 917	new->tsap = irttp_dup(self->tsap, new);
 918	if (!new->tsap) {
 919		IRDA_DEBUG(0, "%s(), dup failed!\n", __FUNCTION__);
 920		kfree_skb(skb);
 921		return -1;
 922	}
 923
 924	new->stsap_sel = new->tsap->stsap_sel;
 925	new->dtsap_sel = new->tsap->dtsap_sel;
 926	new->saddr = irttp_get_saddr(new->tsap);
 927	new->daddr = irttp_get_daddr(new->tsap);
 928
 929	new->max_sdu_size_tx = self->max_sdu_size_tx;
 930	new->max_sdu_size_rx = self->max_sdu_size_rx;
 931	new->max_data_size   = self->max_data_size;
 932	new->max_header_size = self->max_header_size;
 933
 934	memcpy(&new->qos_tx, &self->qos_tx, sizeof(struct qos_info));
 935
 936	/* Clean up the original one to keep it in listen state */
 937	irttp_listen(self->tsap);
 938
 939	/* Wow ! What is that ? Jean II */
 940	skb->sk = NULL;
 941	skb->destructor = NULL;
 942	kfree_skb(skb);
 943	sk->sk_ack_backlog--;
 944
 945	newsock->state = SS_CONNECTED;
 946
 947	irda_connect_response(new);
 948
 949	return 0;
 950}
 951
 952/*
 953 * Function irda_connect (sock, uaddr, addr_len, flags)
 954 *
 955 *    Connect to a IrDA device
 956 *
 957 * The main difference with a "standard" connect is that with IrDA we need
 958 * to resolve the service name into a TSAP selector (in TCP, port number
 959 * doesn't have to be resolved).
 960 * Because of this service name resoltion, we can offer "auto-connect",
 961 * where we connect to a service without specifying a destination address.
 962 *
 963 * Note : by consulting "errno", the user space caller may learn the cause
 964 * of the failure. Most of them are visible in the function, others may come
 965 * from subroutines called and are listed here :
 966 *	o EBUSY : already processing a connect
 967 *	o EHOSTUNREACH : bad addr->sir_addr argument
 968 *	o EADDRNOTAVAIL : bad addr->sir_name argument
 969 *	o ENOTUNIQ : more than one node has addr->sir_name (auto-connect)
 970 *	o ENETUNREACH : no node found on the network (auto-connect)
 971 */
 972static int irda_connect(struct socket *sock, struct sockaddr *uaddr,
 973			int addr_len, int flags)
 974{
 975	struct sock *sk = sock->sk;
 976	struct sockaddr_irda *addr = (struct sockaddr_irda *) uaddr;
 977	struct irda_sock *self = irda_sk(sk);
 978	int err;
 979
 980	IRDA_DEBUG(2, "%s(%p)\n", __FUNCTION__, self);
 981
 982	/* Don't allow connect for Ultra sockets */
 983	if ((sk->sk_type == SOCK_DGRAM) && (sk->sk_protocol == IRDAPROTO_ULTRA))
 984		return -ESOCKTNOSUPPORT;
 985
 986	if (sk->sk_state == TCP_ESTABLISHED && sock->state == SS_CONNECTING) {
 987		sock->state = SS_CONNECTED;
 988		return 0;   /* Connect completed during a ERESTARTSYS event */
 989	}
 990
 991	if (sk->sk_state == TCP_CLOSE && sock->state == SS_CONNECTING) {
 992		sock->state = SS_UNCONNECTED;
 993		return -ECONNREFUSED;
 994	}
 995
 996	if (sk->sk_state == TCP_ESTABLISHED)
 997		return -EISCONN;      /* No reconnect on a seqpacket socket */
 998
 999	sk->sk_state   = TCP_CLOSE;
1000	sock->state = SS_UNCONNECTED;
1001
1002	if (addr_len != sizeof(struct sockaddr_irda))
1003		return -EINVAL;
1004
1005	/* Check if user supplied any destination device address */
1006	if ((!addr->sir_addr) || (addr->sir_addr == DEV_ADDR_ANY)) {
1007		/* Try to find one suitable */
1008		err = irda_discover_daddr_and_lsap_sel(self, addr->sir_name);
1009		if (err) {
1010			IRDA_DEBUG(0, "%s(), auto-connect failed!\n", __FUNCTION__);
1011			return err;
1012		}
1013	} else {
1014		/* Use the one provided by the user */
1015		self->daddr = addr->sir_addr;
1016		IRDA_DEBUG(1, "%s(), daddr = %08x\n", __FUNCTION__, self->daddr);
1017
1018		/* If we don't have a valid service name, we assume the
1019		 * user want to connect on a specific LSAP. Prevent
1020		 * the use of invalid LSAPs (IrLMP 1.1 p10). Jean II */
1021		if((addr->sir_name[0] != '\0') ||
1022		   (addr->sir_lsap_sel >= 0x70)) {
1023			/* Query remote LM-IAS using service name */
1024			err = irda_find_lsap_sel(self, addr->sir_name);
1025			if (err) {
1026				IRDA_DEBUG(0, "%s(), connect failed!\n", __FUNCTION__);
1027				return err;
1028			}
1029		} else {
1030			/* Directly connect to the remote LSAP
1031			 * specified by the sir_lsap field.
1032			 * Please use with caution, in IrDA LSAPs are
1033			 * dynamic and there is no "well-known" LSAP. */
1034			self->dtsap_sel = addr->sir_lsap_sel;
1035		}
1036	}
1037
1038	/* Check if we have opened a local TSAP */
1039	if (!self->tsap)
1040		irda_open_tsap(self, LSAP_ANY, addr->sir_name);
1041
1042	/* Move to connecting socket, start sending Connect Requests */
1043	sock->state = SS_CONNECTING;
1044	sk->sk_state   = TCP_SYN_SENT;
1045
1046	/* Connect to remote device */
1047	err = irttp_connect_request(self->tsap, self->dtsap_sel,
1048				    self->saddr, self->daddr, NULL,
1049				    self->max_sdu_size_rx, NULL);
1050	if (err) {
1051		IRDA_DEBUG(0, "%s(), connect failed!\n", __FUNCTION__);
1052		return err;
1053	}
1054
1055	/* Now the loop */
1056	if (sk->sk_state != TCP_ESTABLISHED && (flags & O_NONBLOCK))
1057		return -EINPROGRESS;
1058
1059	if (wait_event_interruptible(*(sk->sk_sleep),
1060				     (sk->sk_state != TCP_SYN_SENT)))
1061		return -ERESTARTSYS;
1062
1063	if (sk->sk_state != TCP_ESTABLISHED) {
1064		sock->state = SS_UNCONNECTED;
1065		return sock_error(sk);	/* Always set at this point */
1066	}
1067
1068	sock->state = SS_CONNECTED;
1069
1070	/* At this point, IrLMP has assigned our source address */
1071	self->saddr = irttp_get_saddr(self->tsap);
1072
1073	return 0;
1074}
1075
1076static struct proto irda_proto = {
1077	.name	  = "IRDA",
1078	.owner	  = THIS_MODULE,
1079	.obj_size = sizeof(struct irda_sock),
1080};
1081
1082/*
1083 * Function irda_create (sock, protocol)
1084 *
1085 *    Create IrDA socket
1086 *
1087 */
1088static int irda_create(struct socket *sock, int protocol)
1089{
1090	struct sock *sk;
1091	struct irda_sock *self;
1092
1093	IRDA_DEBUG(2, "%s()\n", __FUNCTION__);
1094
1095	/* Check for valid socket type */
1096	switch (sock->type) {
1097	case SOCK_STREAM:     /* For TTP connections with SAR disabled */
1098	case SOCK_SEQPACKET:  /* For TTP connections with SAR enabled */
1099	case SOCK_DGRAM:      /* For TTP Unitdata or LMP Ultra transfers */
1100		break;
1101	default:
1102		return -ESOCKTNOSUPPORT;
1103	}
1104
1105	/* Allocate networking socket */
1106	sk = sk_alloc(PF_IRDA, GFP_ATOMIC, &irda_proto, 1);
1107	if (sk == NULL)
1108		return -ENOMEM;
1109
1110	self = irda_sk(sk);
1111	IRDA_DEBUG(2, "%s() : self is %p\n", __FUNCTION__, self);
1112
1113	init_waitqueue_head(&self->query_wait);
1114
1115	/* Initialise networking socket struct */
1116	sock_init_data(sock, sk);	/* Note : set sk->sk_refcnt to 1 */
1117	sk->sk_family = PF_IRDA;
1118	sk->sk_protocol = protocol;
1119
1120	switch (sock->type) {
1121	case SOCK_STREAM:
1122		sock->ops = &irda_stream_ops;
1123		self->max_sdu_size_rx = TTP_SAR_DISABLE;
1124		break;
1125	case SOCK_SEQPACKET:
1126		sock->ops = &irda_seqpacket_ops;
1127		self->max_sdu_size_rx = TTP_SAR_UNBOUND;
1128		break;
1129	case SOCK_DGRAM:
1130		switch (protocol) {
1131#ifdef CONFIG_IRDA_ULTRA
1132		case IRDAPROTO_ULTRA:
1133			sock->ops = &irda_ultra_ops;
1134			/* Initialise now, because we may send on unbound
1135			 * sockets. Jean II */
1136			self->max_data_size = ULTRA_MAX_DATA - LMP_PID_HEADER;
1137			self->max_header_size = IRDA_MAX_HEADER + LMP_PID_HEADER;
1138			break;
1139#endif /* CONFIG_IRDA_ULTRA */
1140		case IRDAPROTO_UNITDATA:
1141			sock->ops = &irda_dgram_ops;
1142			/* We let Unitdata conn. be like seqpack conn. */
1143			self->max_sdu_size_rx = TTP_SAR_UNBOUND;
1144			break;
1145		default:
1146			IRDA_ERROR("%s: protocol not supported!\n",
1147				   __FUNCTION__);
1148			return -ESOCKTNOSUPPORT;
1149		}
1150		break;
1151	default:
1152		return -ESOCKTNOSUPPORT;
1153	}
1154
1155	/* Register as a client with IrLMP */
1156	self->ckey = irlmp_register_client(0, NULL, NULL, NULL);
1157	self->mask.word = 0xffff;
1158	self->rx_flow = self->tx_flow = FLOW_START;
1159	self->nslots = DISCOVERY_DEFAULT_SLOTS;
1160	self->daddr = DEV_ADDR_ANY;	/* Until we get connected */
1161	self->saddr = 0x0;		/* so IrLMP assign us any link */
1162	return 0;
1163}
1164
1165/*
1166 * Function irda_destroy_socket (self)
1167 *
1168 *    Destroy socket
1169 *
1170 */
1171static void irda_destroy_socket(struct irda_sock *self)
1172{
1173	IRDA_DEBUG(2, "%s(%p)\n", __FUNCTION__, self);
1174
1175	IRDA_ASSERT(self != NULL, return;);
1176
1177	/* Unregister with IrLMP */
1178	irlmp_unregister_client(self->ckey);
1179	irlmp_unregister_service(self->skey);
1180
1181	/* Unregister with LM-IAS */
1182	if (self->ias_obj) {
1183		irias_delete_object(self->ias_obj);
1184		self->ias_obj = NULL;
1185	}
1186
1187	if (self->iriap) {
1188		iriap_close(self->iriap);
1189		self->iriap = NULL;
1190	}
1191
1192	if (self->tsap) {
1193		irttp_disconnect_request(self->tsap, NULL, P_NORMAL);
1194		irttp_close_tsap(self->tsap);
1195		self->tsap = NULL;
1196	}
1197#ifdef CONFIG_IRDA_ULTRA
1198	if (self->lsap) {
1199		irlmp_close_lsap(self->lsap);
1200		self->lsap = NULL;
1201	}
1202#endif /* CONFIG_IRDA_ULTRA */
1203}
1204
1205/*
1206 * Function irda_release (sock)
1207 */
1208static int irda_release(struct socket *sock)
1209{
1210	struct sock *sk = sock->sk;
1211
1212	IRDA_DEBUG(2, "%s()\n", __FUNCTION__);
1213
1214        if (sk == NULL)
1215		return 0;
1216
1217	lock_sock(sk);
1218	sk->sk_state       = TCP_CLOSE;
1219	sk->sk_shutdown   |= SEND_SHUTDOWN;
1220	sk->sk_state_change(sk);
1221
1222	/* Destroy IrDA socket */
1223	irda_destroy_socket(irda_sk(sk));
1224
1225	sock_orphan(sk);
1226	sock->sk   = NULL;
1227	release_sock(sk);
1228
1229	/* Purge queues (see sock_init_data()) */
1230	skb_queue_purge(&sk->sk_receive_queue);
1231
1232	/* Destroy networking socket if we are the last reference on it,
1233	 * i.e. if(sk->sk_refcnt == 0) -> sk_free(sk) */
1234	sock_put(sk);
1235
1236	/* Notes on socket locking and deallocation... - Jean II
1237	 * In theory we should put pairs of sock_hold() / sock_put() to
1238	 * prevent the socket to be destroyed whenever there is an
1239	 * outstanding request or outstanding incoming packet or event.
1240	 *
1241	 * 1) This may include IAS request, both in connect and getsockopt.
1242	 * Unfortunately, the situation is a bit more messy than it looks,
1243	 * because we close iriap and kfree(self) above.
1244	 *
1245	 * 2) This may include selective discovery in getsockopt.
1246	 * Same stuff as above, irlmp registration and self are gone.
1247	 *
1248	 * Probably 1 and 2 may not matter, because it's all triggered
1249	 * by a process and the socket layer already prevent the
1250	 * socket to go away while a process is holding it, through
1251	 * sockfd_put() and fput()...
1252	 *
1253	 * 3) This may include deferred TSAP closure. In particular,
1254	 * we may receive a late irda_disconnect_indication()
1255	 * Fortunately, (tsap_cb *)->close_pend should protect us
1256	 * from that.
1257	 *
1258	 * I did some testing on SMP, and it looks solid. And the socket
1259	 * memory leak is now gone... - Jean II
1260	 */
1261
1262        return 0;
1263}
1264
1265/*
1266 * Function irda_sendmsg (iocb, sock, msg, len)
1267 *
1268 *    Send message down to TinyTP. This function is used for both STREAM and
1269 *    SEQPACK services. This is possible since it forces the client to
1270 *    fragment the message if necessary
1271 */
1272static int irda_sendmsg(struct kiocb *iocb, struct socket *sock,
1273			struct msghdr *msg, size_t len)
1274{
1275	struct sock *sk = sock->sk;
1276	struct irda_sock *self;
1277	struct sk_buff *skb;
1278	unsigned char *asmptr;
1279	int err;
1280
1281	IRDA_DEBUG(4, "%s(), len=%zd\n", __FUNCTION__, len);
1282
1283	/* Note : socket.c set MSG_EOR on SEQPACKET sockets */
1284	if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_EOR|MSG_CMSG_COMPAT))
1285		return -EINVAL;
1286
1287	if (sk->sk_shutdown & SEND_SHUTDOWN) {
1288		send_sig(SIGPIPE, current, 0);
1289		return -EPIPE;
1290	}
1291
1292	if (sk->sk_state != TCP_ESTABLISHED)
1293		return -ENOTCONN;
1294
1295	self = irda_sk(sk);
1296	IRDA_ASSERT(self != NULL, return -1;);
1297
1298	/* Check if IrTTP is wants us to slow down */
1299
1300	if (wait_event_interruptible(*(sk->sk_sleep),
1301	    (self->tx_flow != FLOW_STOP  ||  sk->sk_state != TCP_ESTABLISHED)))
1302		return -ERESTARTSYS;
1303
1304	/* Check if we are still connected */
1305	if (sk->sk_state != TCP_ESTABLISHED)
1306		return -ENOTCONN;
1307
1308	/* Check that we don't send out too big frames */
1309	if (len > self->max_data_size) {
1310		IRDA_DEBUG(2, "%s(), Chopping frame from %zd to %d bytes!\n",
1311			   __FUNCTION__, len, self->max_data_size);
1312		len = self->max_data_size;
1313	}
1314
1315	skb = sock_alloc_send_skb(sk, len + self->max_header_size + 16, 
1316				  msg->msg_flags & MSG_DONTWAIT, &err);
1317	if (!skb)
1318		return -ENOBUFS;
1319
1320	skb_reserve(skb, self->max_header_size + 16);
1321
1322	asmptr = skb->h.raw = skb_put(skb, len);
1323	err = memcpy_fromiovec(asmptr, msg->msg_iov, len);
1324	if (err) {
1325		kfree_skb(skb);
1326		return err;
1327	}
1328
1329	/*
1330	 * Just send the message to TinyTP, and let it deal with possible
1331	 * errors. No need to duplicate all that here
1332	 */
1333	err = irttp_data_request(self->tsap, skb);
1334	if (err) {
1335		IRDA_DEBUG(0, "%s(), err=%d\n", __FUNCTION__, err);
1336		return err;
1337	}
1338	/* Tell client how much data we actually sent */
1339	return len;
1340}
1341
1342/*
1343 * Function irda_recvmsg_dgram (iocb, sock, msg, size, flags)
1344 *
1345 *    Try to receive message and copy it to user. The frame is discarded
1346 *    after being read, regardless of how much the user actually read
1347 */
1348static int irda_recvmsg_dgram(struct kiocb *iocb, struct socket *sock,
1349			      struct msghdr *msg, size_t size, int flags)
1350{
1351	struct sock *sk = sock->sk;
1352	struct irda_sock *self = irda_sk(sk);
1353	struct sk_buff *skb;
1354	size_t copied;
1355	int err;
1356
1357	IRDA_DEBUG(4, "%s()\n", __FUNCTION__);
1358
1359	IRDA_ASSERT(self != NULL, return -1;);
1360	IRDA_ASSERT(!sock_error(sk), return -1;);
1361
1362	skb = skb_recv_datagram(sk, flags & ~MSG_DONTWAIT,
1363				flags & MSG_DONTWAIT, &err);
1364	if (!skb)
1365		return err;
1366
1367	skb->h.raw = skb->data;
1368	copied     = skb->len;
1369
1370	if (copied > size) {
1371		IRDA_DEBUG(2, "%s(), Received truncated frame (%zd < %zd)!\n",
1372			   __FUNCTION__, copied, size);
1373		copied = size;
1374		msg->msg_flags |= MSG_TRUNC;
1375	}
1376	skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied);
1377
1378	skb_free_datagram(sk, skb);
1379
1380	/*
1381	 *  Check if we have previously stopped IrTTP and we know
1382	 *  have more free space in our rx_queue. If so tell IrTTP
1383	 *  to start delivering frames again before our rx_queue gets
1384	 *  empty
1385	 */
1386	if (self->rx_flow == FLOW_STOP) {
1387		if ((atomic_read(&sk->sk_rmem_alloc) << 2) <= sk->sk_rcvbuf) {
1388			IRDA_DEBUG(2, "%s(), Starting IrTTP\n", __FUNCTION__);
1389			self->rx_flow = FLOW_START;
1390			irttp_flow_request(self->tsap, FLOW_START);
1391		}
1392	}
1393
1394	return copied;
1395}
1396
1397/*
1398 * Function irda_recvmsg_stream (iocb, sock, msg, size, flags)
1399 */
1400static int irda_recvmsg_stream(struct kiocb *iocb, struct socket *sock,
1401			       struct msghdr *msg, size_t size, int flags)
1402{
1403	struct sock *sk = sock->sk;
1404	struct irda_sock *self = irda_sk(sk);
1405	int noblock = flags & MSG_DONTWAIT;
1406	size_t copied = 0;
1407	int target = 1;
1408	DECLARE_WAITQUEUE(waitq, current);
1409
1410	IRDA_DEBUG(3, "%s()\n", __FUNCTION__);
1411
1412	IRDA_ASSERT(self != NULL, return -1;);
1413	IRDA_ASSERT(!sock_error(sk), return -1;);
1414
1415	if (sock->flags & __SO_ACCEPTCON)
1416		return(-EINVAL);
1417
1418	if (flags & MSG_OOB)
1419		return -EOPNOTSUPP;
1420
1421	if (flags & MSG_WAITALL)
1422		target = size;
1423
1424	msg->msg_namelen = 0;
1425
1426	do {
1427		int chunk;
1428		struct sk_buff *skb = skb_dequeue(&sk->sk_receive_queue);
1429
1430		if (skb==NULL) {
1431			int ret = 0;
1432
1433			if (copied >= target)
1434				break;
1435
1436			/* The following code is a cut'n'paste of the
1437			 * wait_event_interruptible() macro.
1438			 * We don't us the macro because the test condition
1439			 * is messy. - Jean II */
1440			set_bit(SOCK_ASYNC_WAITDATA, &sk->sk_socket->flags);
1441			add_wait_queue(sk->sk_sleep, &waitq);
1442			set_current_state(TASK_INTERRUPTIBLE);
1443
1444			/*
1445			 *	POSIX 1003.1g mandates this order.
1446			 */
1447			ret = sock_error(sk);
1448			if (ret)
1449				break;
1450			else if (sk->sk_shutdown & RCV_SHUTDOWN)
1451				;
1452			else if (noblock)
1453				ret = -EAGAIN;
1454			else if (signal_pending(current))
1455				ret = -ERESTARTSYS;
1456			else if (skb_peek(&sk->sk_receive_queue) == NULL)
1457				/* Wait process until data arrives */
1458				schedule();
1459
1460			current->state = TASK_RUNNING;
1461			remove_wait_queue(sk->sk_sleep, &waitq);
1462			clear_bit(SOCK_ASYNC_WAITDATA, &sk->sk_socket->flags);
1463
1464			if(ret)
1465				return(ret);
1466			if (sk->sk_shutdown & RCV_SHUTDOWN)
1467				break;
1468
1469			continue;
1470		}
1471
1472		chunk = min_t(unsigned int, skb->len, size);
1473		if (memcpy_toiovec(msg->msg_iov, skb->data, chunk)) {
1474			skb_queue_head(&sk->sk_receive_queue, skb);
1475			if (copied == 0)
1476				copied = -EFAULT;
1477			break;
1478		}
1479		copied += chunk;
1480		size -= chunk;
1481
1482		/* Mark read part of skb as used */
1483		if (!(flags & MSG_PEEK)) {
1484			skb_pull(skb, chunk);
1485
1486			/* put the skb back if we didn't use it up.. */
1487			if (skb->len) {
1488				IRDA_DEBUG(1, "%s(), back on q!\n",
1489					   __FUNCTION__);
1490				skb_queue_head(&sk->sk_receive_queue, skb);
1491				break;
1492			}
1493
1494			kfree_skb(skb);
1495		} else {
1496			IRDA_DEBUG(0, "%s() questionable!?\n", __FUNCTION__);
1497
1498			/* put message back and return */
1499			skb_queue_head(&sk->sk_receive_queue, skb);
1500			break;
1501		}
1502	} while (size);
1503
1504	/*
1505	 *  Check if we have previously stopped IrTTP and we know
1506	 *  have more free space in our rx_queue. If so tell IrTTP
1507	 *  to start delivering frames again before our rx_queue gets
1508	 *  empty
1509	 */
1510	if (self->rx_flow == FLOW_STOP) {
1511		if ((atomic_read(&sk->sk_rmem_alloc) << 2) <= sk->sk_rcvbuf) {
1512			IRDA_DEBUG(2, "%s(), Starting IrTTP\n", __FUNCTION__);
1513			self->rx_flow = FLOW_START;
1514			irttp_flow_request(self->tsap, FLOW_START);
1515		}
1516	}
1517
1518	return copied;
1519}
1520
1521/*
1522 * Function irda_sendmsg_dgram (iocb, sock, msg, len)
1523 *
1524 *    Send message down to TinyTP for the unreliable sequenced
1525 *    packet service...
1526 *
1527 */
1528static int irda_sendmsg_dgram(struct kiocb *iocb, struct socket *sock,
1529			      struct msghdr *msg, size_t len)
1530{
1531	struct sock *sk = sock->sk;
1532	struct irda_sock *self;
1533	struct sk_buff *skb;
1534	unsigned char *asmptr;
1535	int err;
1536
1537	IRDA_DEBUG(4, "%s(), len=%zd\n", __FUNCTION__, len);
1538
1539	if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_CMSG_COMPAT))
1540		return -EINVAL;
1541
1542	if (sk->sk_shutdown & SEND_SHUTDOWN) {
1543		send_sig(SIGPIPE, current, 0);
1544		return -EPIPE;
1545	}
1546
1547	if (sk->sk_state != TCP_ESTABLISHED)
1548		return -ENOTCONN;
1549
1550	self = irda_sk(sk);
1551	IRDA_ASSERT(self != NULL, return -1;);
1552
1553	/*
1554	 * Check that we don't send out too big frames. This is an unreliable
1555	 * service, so we have no fragmentation and no coalescence
1556	 */
1557	if (len > self->max_data_size) {
1558		IRDA_DEBUG(0, "%s(), Warning to much data! "
1559			   "Chopping frame from %zd to %d bytes!\n",
1560			   __FUNCTION__, len, self->max_data_size);
1561		len = self->max_data_size;
1562	}
1563
1564	skb = sock_alloc_send_skb(sk, len + self->max_header_size,
1565				  msg->msg_flags & MSG_DONTWAIT, &err);
1566	if (!skb)
1567		return -ENOBUFS;
1568
1569	skb_reserve(skb, self->max_header_size);
1570
1571	IRDA_DEBUG(4, "%s(), appending user data\n", __FUNCTION__);
1572	asmptr = skb->h.raw = skb_put(skb, len);
1573	err = memcpy_fromiovec(asmptr, msg->msg_iov, len);
1574	if (err) {
1575		kfree_skb(skb);
1576		return err;
1577	}
1578
1579	/*
1580	 * Just send the message to TinyTP, and let it deal with possible
1581	 * errors. No need to duplicate all that here
1582	 */
1583	err = irttp_udata_request(self->tsap, skb);
1584	if (err) {
1585		IRDA_DEBUG(0, "%s(), err=%d\n", __FUNCTION__, err);
1586		return err;
1587	}
1588	return len;
1589}
1590
1591/*
1592 * Function irda_sendmsg_ultra (iocb, sock, msg, len)
1593 *
1594 *    Send message down to IrLMP for the unreliable Ultra
1595 *    packet service...
1596 */
1597#ifdef CONFIG_IRDA_ULTRA
1598static int irda_sendmsg_ultra(struct kiocb *iocb, struct socket *sock,
1599			      struct msghdr *msg, size_t len)
1600{
1601	struct sock *sk = sock->sk;
1602	struct irda_sock *self;
1603	__u8 pid = 0;
1604	int bound = 0;
1605	struct sk_buff *skb;
1606	unsigned char *asmptr;
1607	int err;
1608
1609	IRDA_DEBUG(4, "%s(), len=%zd\n", __FUNCTION__, len);
1610
1611	if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_CMSG_COMPAT))
1612		return -EINVAL;
1613
1614	if (sk->sk_shutdown & SEND_SHUTDOWN) {
1615		send_sig(SIGPIPE, current, 0);
1616		return -EPIPE;
1617	}
1618
1619	self = irda_sk(sk);
1620	IRDA_ASSERT(self != NULL, return -1;);
1621
1622	/* Check if an address was specified with sendto. Jean II */
1623	if (msg->msg_name) {
1624		struct sockaddr_irda *addr = (struct sockaddr_irda *) msg->msg_name;
1625		/* Check address, extract pid. Jean II */
1626		if (msg->msg_namelen < sizeof(*addr))
1627			return -EINVAL;
1628		if (addr->sir_family != AF_IRDA)
1629			return -EINVAL;
1630
1631		pid = addr->sir_lsap_sel;
1632		if (pid & 0x80) {
1633			IRDA_DEBUG(0, "%s(), extension in PID not supp!\n", __FUNCTION__);
1634			return -EOPNOTSUPP;
1635		}
1636	} else {
1637		/* Check that the socket is properly bound to an Ultra
1638		 * port. Jean II */
1639		if ((self->lsap == NULL) ||
1640		    (sk->sk_state != TCP_ESTABLISHED)) {
1641			IRDA_DEBUG(0, "%s(), socket not bound to Ultra PID.\n",
1642				   __FUNCTION__);
1643			return -ENOTCONN;
1644		}
1645		/* Use PID from socket */
1646		bound = 1;
1647	}
1648
1649	/*
1650	 * Check that we don't send out too big frames. This is an unreliable
1651	 * service, so we have no fragmentation and no coalescence
1652	 */
1653	if (len > self->max_data_size) {
1654		IRDA_DEBUG(0, "%s(), Warning to much data! "
1655			   "Chopping frame from %zd to %d bytes!\n",
1656			   __FUNCTION__, len, self->max_data_size);
1657		len = self->max_data_size;
1658	}
1659
1660	skb = sock_alloc_send_skb(sk, len + self->max_header_size,
1661				  msg->msg_flags & MSG_DONTWAIT, &err);
1662	if (!skb)
1663		return -ENOBUFS;
1664
1665	skb_reserve(skb, self->max_header_size);
1666
1667	IRDA_DEBUG(4, "%s(), appending user data\n", __FUNCTION__);
1668	asmptr = skb->h.raw = skb_put(skb, len);
1669	err = memcpy_fromiovec(asmptr, msg->msg_iov, len);
1670	if (err) {
1671		kfree_skb(skb);
1672		return err;
1673	}
1674
1675	err = irlmp_connless_data_request((bound ? self->lsap : NULL),
1676					  skb, pid);
1677	if (err) {
1678		IRDA_DEBUG(0, "%s(), err=%d\n", __FUNCTION__, err);
1679		return err;
1680	}
1681	return len;
1682}
1683#endif /* CONFIG_IRDA_ULTRA */
1684
1685/*
1686 * Function irda_shutdown (sk, how)
1687 */
1688static int irda_shutdown(struct socket *sock, int how)
1689{
1690	struct sock *sk = sock->sk;
1691	struct irda_sock *self = irda_sk(sk);
1692
1693	IRDA_ASSERT(self != NULL, return -1;);
1694
1695	IRDA_DEBUG(1, "%s(%p)\n", __FUNCTION__, self);
1696
1697	sk->sk_state       = TCP_CLOSE;
1698	sk->sk_shutdown   |= SEND_SHUTDOWN;
1699	sk->sk_state_change(sk);
1700
1701	if (self->iriap) {
1702		iriap_close(self->iriap);
1703		self->iriap = NULL;
1704	}
1705
1706	if (self->tsap) {
1707		irttp_disconnect_request(self->tsap, NULL, P_NORMAL);
1708		irttp_close_tsap(self->tsap);
1709		self->tsap = NULL;
1710	}
1711
1712	/* A few cleanup so the socket look as good as new... */
1713	self->rx_flow = self->tx_flow = FLOW_START;	/* needed ??? */
1714	self->daddr = DEV_ADDR_ANY;	/* Until we get re-connected */
1715	self->saddr = 0x0;		/* so IrLMP assign us any link */
1716
1717        return 0;
1718}
1719
1720/*
1721 * Function irda_poll (file, sock, wait)
1722 */
1723static unsigned int irda_poll(struct file * file, struct socket *sock,
1724			      poll_table *wait)
1725{
1726	struct sock *sk = sock->sk;
1727	struct irda_sock *self = irda_sk(sk);
1728	unsigned int mask;
1729
1730	IRDA_DEBUG(4, "%s()\n", __FUNCTION__);
1731
1732	poll_wait(file, sk->sk_sleep, wait);
1733	mask = 0;
1734
1735	/* Exceptional events? */
1736	if (sk->sk_err)
1737		mask |= POLLERR;
1738	if (sk->sk_shutdown & RCV_SHUTDOWN) {
1739		IRDA_DEBUG(0, "%s(), POLLHUP\n", __FUNCTION__);
1740		mask |= POLLHUP;
1741	}
1742
1743	/* Readable? */
1744	if (!skb_queue_empty(&sk->sk_receive_queue)) {
1745		IRDA_DEBUG(4, "Socket is readable\n");
1746		mask |= POLLIN | POLLRDNORM;
1747	}
1748
1749	/* Connection-based need to check for termination and startup */
1750	switch (sk->sk_type) {
1751	case SOCK_STREAM:
1752		if (sk->sk_state == TCP_CLOSE) {
1753			IRDA_DEBUG(0, "%s(), POLLHUP\n", __FUNCTION__);
1754			mask |= POLLHUP;
1755		}
1756
1757		if (sk->sk_state == TCP_ESTABLISHED) {
1758			if ((self->tx_flow == FLOW_START) &&
1759			    sock_writeable(sk))
1760			{
1761				mask |= POLLOUT | POLLWRNORM | POLLWRBAND;
1762			}
1763		}
1764		break;
1765	case SOCK_SEQPACKET:
1766		if ((self->tx_flow == FLOW_START) &&
1767		    sock_writeable(sk))
1768		{
1769			mask |= POLLOUT | POLLWRNORM | POLLWRBAND;
1770		}
1771		break;
1772	case SOCK_DGRAM:
1773		if (sock_writeable(sk))
1774			mask |= POLLOUT | POLLWRNORM | POLLWRBAND;
1775		break;
1776	default:
1777		break;
1778	}
1779	return mask;
1780}
1781
1782/*
1783 * Function irda_ioctl (sock, cmd, arg)
1784 */
1785static int irda_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
1786{
1787	struct sock *sk = sock->sk;
1788
1789	IRDA_DEBUG(4, "%s(), cmd=%#x\n", __FUNCTION__, cmd);
1790
1791	switch (cmd) {
1792	case TIOCOUTQ: {
1793		long amount;
1794		amount = sk->sk_sndbuf - atomic_read(&sk->sk_wmem_alloc);
1795		if (amount < 0)
1796			amount = 0;
1797		if (put_user(amount, (unsigned int __user *)arg))
1798			return -EFAULT;
1799		return 0;
1800	}
1801
1802	case TIOCINQ: {
1803		struct sk_buff *skb;
1804		long amount = 0L;
1805		/* These two are safe on a single CPU system as only user tasks fiddle here */
1806		if ((skb = skb_peek(&sk->sk_receive_queue)) != NULL)
1807			amount = skb->len;
1808		if (put_user(amount, (unsigned int __user *)arg))
1809			return -EFAULT;
1810		return 0;
1811	}
1812
1813	case SIOCGSTAMP:
1814		if (sk != NULL)
1815			return sock_get_timestamp(sk, (struct timeval __user *)arg);
1816		return -EINVAL;
1817
1818	case SIOCGIFADDR:
1819	case SIOCSIFADDR:
1820	case SIOCGIFDSTADDR:
1821	case SIOCSIFDSTADDR:
1822	case SIOCGIFBRDADDR:
1823	case SIOCSIFBRDADDR:
1824	case SIOCGIFNETMASK:
1825	case SIOCSIFNETMASK:
1826	case SIOCGIFMETRIC:
1827	case SIOCSIFMETRIC:
1828		return -EINVAL;
1829	default:
1830		IRDA_DEBUG(1, "%s(), doing device ioctl!\n", __FUNCTION__);
1831		return -ENOIOCTLCMD;
1832	}
1833
1834	/*NOTREACHED*/
1835	return 0;
1836}
1837
1838#ifdef CONFIG_COMPAT
1839/*
1840 * Function irda_ioctl (sock, cmd, arg)
1841 */
1842static int irda_compat_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
1843{
1844	/*
1845	 * All IRDA's ioctl are standard ones.
1846	 */
1847	return -ENOIOCTLCMD;
1848}
1849#endif
1850
1851/*
1852 * Function irda_setsockopt (sock, level, optname, optval, optlen)
1853 *
1854 *    Set some options for the socket
1855 *
1856 */
1857static int irda_setsockopt(struct socket *sock, int level, int optname,
1858			   char __user *optval, int optlen)
1859{
1860	struct sock *sk = sock->sk;
1861	struct irda_sock *self = irda_sk(sk);
1862	struct irda_ias_set    *ias_opt;
1863	struct ias_object      *ias_obj;
1864	struct ias_attrib *	ias_attr;	/* Attribute in IAS object */
1865	int opt;
1866
1867	IRDA_ASSERT(self != NULL, return -1;);
1868
1869	IRDA_DEBUG(2, "%s(%p)\n", __FUNCTION__, self);
1870
1871	if (level != SOL_IRLMP)
1872		return -ENOPROTOOPT;
1873
1874	switch (optname) {
1875	case IRLMP_IAS_SET:
1876		/* The user want to add an attribute to an existing IAS object
1877		 * (in the IAS database) or to create a new object with this
1878		 * attribute.
1879		 * We first query IAS to know if the object exist, and then
1880		 * create the right attribute...
1881		 */
1882
1883		if (optlen != sizeof(struct irda_ias_set))
1884			return -EINVAL;
1885
1886		ias_opt = kmalloc(sizeof(struct irda_ias_set), GFP_ATOMIC);
1887		if (ias_opt == NULL)
1888			return -ENOMEM;
1889
1890		/* Copy query to the driver. */
1891		if (copy_from_user(ias_opt, optval, optlen)) {
1892			kfree(ias_opt);
1893			return -EFAULT;
1894		}
1895
1896		/* Find the object we target.
1897		 * If the user gives us an empty string, we use the object
1898		 * associated with this socket. This will workaround
1899		 * duplicated class name - Jean II */
1900		if(ias_opt->irda_class_name[0] == '\0') {
1901			if(self->ias_obj == NULL) {
1902				kfree(ias_opt);
1903				return -EINVAL;
1904			}
1905			ias_obj = self->ias_obj;
1906		} else
1907			ias_obj = irias_find_object(ias_opt->irda_class_name);
1908
1909		/* Only ROOT can mess with the global IAS database.
1910		 * Users can only add attributes to the object associated
1911		 * with the socket they own - Jean II */
1912		if((!capable(CAP_NET_ADMIN)) &&
1913		   ((ias_obj == NULL) || (ias_obj != self->ias_obj))) {
1914			kfree(ias_opt);
1915			return -EPERM;
1916		}
1917
1918		/* If the object doesn't exist, create it */
1919		if(ias_obj == (struct ias_object *) NULL) {
1920			/* Create a new object */
1921			ias_obj = irias_new_object(ias_opt->irda_class_name,
1922						   jiffies);
1923		}
1924
1925		/* Do we have the attribute already ? */
1926		if(irias_find_attrib(ias_obj, ias_opt->irda_attrib_name)) {
1927			kfree(ias_opt);
1928			return -EINVAL;
1929		}
1930
1931		/* Look at the type */
1932		switch(ias_opt->irda_attrib_type) {
1933		case IAS_INTEGER:
1934			/* Add an integer attribute */
1935			irias_add_integer_attrib(
1936				ias_obj,
1937				ias_opt->irda_attrib_name,
1938				ias_opt->attribute.irda_attrib_int,
1939				IAS_USER_ATTR);
1940			break;
1941		case IAS_OCT_SEQ:
1942			/* Check length */
1943			if(ias_opt->attribute.irda_attrib_octet_seq.len >
1944			   IAS_MAX_OCTET_STRING) {
1945				kfree(ias_opt);
1946				return -EINVAL;
1947			}
1948			/* Add an octet sequence attribute */
1949			irias_add_octseq_attrib(
1950			      ias_obj,
1951			      ias_opt->irda_attrib_name,
1952			      ias_opt->attribute.irda_attrib_octet_seq.octet_seq,
1953			      ias_opt->attribute.irda_attrib_octet_seq.len,
1954			      IAS_USER_ATTR);
1955			break;
1956		case IAS_STRING:
1957			/* Should check charset & co */
1958			/* Check length */
1959			/* The length is encoded in a __u8, and
1960			 * IAS_MAX_STRING == 256, so there is no way
1961			 * userspace can pass us a string too large.
1962			 * Jean II */
1963			/* NULL terminate the string (avoid troubles) */
1964			ias_opt->attribute.irda_attrib_string.string[ias_opt->attribute.irda_attrib_string.len] = '\0';
1965			/* Add a string attribute */
1966			irias_add_string_attrib(
1967				ias_obj,
1968				ias_opt->irda_attrib_name,
1969				ias_opt->attribute.irda_attrib_string.string,
1970				IAS_USER_ATTR);
1971			break;
1972		default :
1973			kfree(ias_opt);
1974			return -EINVAL;
1975		}
1976		irias_insert_object(ias_obj);
1977		kfree(ias_opt);
1978		break;
1979	case IRLMP_IAS_DEL:
1980		/* The user want to delete an object from our local IAS
1981		 * database. We just need to query the IAS, check is the
1982		 * object is not owned by the kernel and delete it.
1983		 */
1984
1985		if (optlen != sizeof(struct irda_ias_set))
1986			return -EINVAL;
1987
1988		ias_opt = kmalloc(sizeof(struct irda_ias_set), GFP_ATOMIC);
1989		if (ias_opt == NULL)
1990			return -ENOMEM;
1991
1992		/* Copy query to the driver. */
1993		if (copy_from_user(ias_opt, optval, optlen)) {
1994			kfree(ias_opt);
1995			return -EFAULT;
1996		}
1997
1998		/* Find the object we target.
1999		 * If the user gives us an empty string, we use the object
2000		 * associated with this socket. This will workaround
2001		 * duplicated class name - Jean II */
2002		if(ias_opt->irda_class_name[0] == '\0')
2003			ias_obj = self->ias_obj;
2004		else
2005			ias_obj = irias_find_object(ias_opt->irda_class_name);
2006		if(ias_obj == (struct ias_object *) NULL) {
2007			kfree(ias_opt);
2008			return -EINVAL;
2009		}
2010
2011		/* Only ROOT can mess with the global IAS database.
2012		 * Users can only del attributes from the object associated
2013		 * with the socket they own - Jean II */
2014		if((!capable(CAP_NET_ADMIN)) &&
2015		   ((ias_obj == NULL) || (ias_obj != self->ias_obj))) {
2016			kfree(ias_opt);
2017			return -EPERM;
2018		}
2019
2020		/* Find the attribute (in the object) we target */
2021		ias_attr = irias_find_attrib(ias_obj,
2022					     ias_opt->irda_attrib_name);
2023		if(ias_attr == (struct ias_attrib *) NULL) {
2024			kfree(ias_opt);
2025			return -EINVAL;
2026		}
2027
2028		/* Check is the user space own the object */
2029		if(ias_attr->value->owner != IAS_USER_ATTR) {
2030			IRDA_DEBUG(1, "%s(), attempting to delete a kernel attribute\n", __FUNCTION__);
2031			kfree(ias_opt);
2032			return -EPERM;
2033		}
2034
2035		/* Remove the attribute (and maybe the object) */
2036		irias_delete_attrib(ias_obj, ias_attr, 1);
2037		kfree(ias_opt);
2038		break;
2039	case IRLMP_MAX_SDU_SIZE:
2040		if (optlen < sizeof(int))
2041			return -EINVAL;
2042
2043		if (get_user(opt, (int __user *)optval))
2044			return -EFAULT;
2045
2046		/* Only possible for a seqpacket service (TTP with SAR) */
2047		if (sk->sk_type != SOCK_SEQPACKET) {
2048			IRDA_DEBUG(2, "%s(), setting max_sdu_size = %d\n",
2049				   __FUNCTION__, opt);
2050			self->max_sdu_size_rx = opt;
2051		} else {
2052			IRDA_WARNING("%s: not allowed to set MAXSDUSIZE for this socket type!\n",
2053				     __FUNCTION__);
2054			return -ENOPROTOOPT;
2055		}
2056		break;
2057	case IRLMP_HINTS_SET:
2058		if (optlen < sizeof(int))
2059			return -EINVAL;
2060
2061		/* The input is really a (__u8 hints[2]), easier as an int */
2062		if (get_user(opt, (int __user *)optval))
2063			return -EFAULT;
2064
2065		/* Unregister any old registration */
2066		if (self->skey)
2067			irlmp_unregister_service(self->skey);
2068
2069		self->skey = irlmp_register_service((__u16) opt);
2070		break;
2071	case IRLMP_HINT_MASK_SET:
2072		/* As opposed to the previous case which set the hint bits
2073		 * that we advertise, this one set the filter we use when
2074		 * making a discovery (nodes which don't match any hint
2075		 * bit in the mask are not reported).
2076		 */
2077		if (optlen < sizeof(int))
2078			return -EINVAL;
2079
2080		/* The input is really a (__u8 hints[2]), easier as an int */
2081		if (get_user(opt, (int __user *)optval))
2082			return -EFAULT;
2083
2084		/* Set the new hint mask */
2085		self->mask.word = (__u16) opt;
2086		/* Mask out extension bits */
2087		self->mask.word &= 0x7f7f;
2088		/* Check if no bits */
2089		if(!self->mask.word)
2090			self->mask.word = 0xFFFF;
2091
2092		break;
2093	default:
2094		return -ENOPROTOOPT;
2095	}
2096	return 0;
2097}
2098
2099/*
2100 * Function irda_extract_ias_value(ias_opt, ias_value)
2101 *
2102 *    Translate internal IAS value structure to the user space representation
2103 *
2104 * The external representation of IAS values, as we exchange them with
2105 * user space program is quite different from the internal representation,
2106 * as stored in the IAS database (because we need a flat structure for
2107 * crossing kernel boundary).
2108 * This function transform the former in the latter. We also check
2109 * that the value type is valid.
2110 */
2111static int irda_extract_ias_value(struct irda_ias_set *ias_opt,
2112				  struct ias_value *ias_value)
2113{
2114	/* Look at the type */
2115	switch (ias_value->type) {
2116	case IAS_INTEGER:
2117		/* Copy the integer */
2118		ias_opt->attribute.irda_attrib_int = ias_value->t.integer;
2119		break;
2120	case IAS_OCT_SEQ:
2121		/* Set length */
2122		ias_opt->attribute.irda_attrib_octet_seq.len = ias_value->len;
2123		/* Copy over */
2124		memcpy(ias_opt->attribute.irda_attrib_octet_seq.octet_seq,
2125		       ias_value->t.oct_seq, ias_value->len);
2126		break;
2127	case IAS_STRING:
2128		/* Set length */
2129		ias_opt->attribute.irda_attrib_string.len = ias_value->len;
2130		ias_opt->attribute.irda_attrib_string.charset = ias_value->charset;
2131		/* Copy over */
2132		memcpy(ias_opt->attribute.irda_attrib_string.string,
2133		       ias_value->t.string, ias_value->len);
2134		/* NULL terminate the string (avoid troubles) */
2135		ias_opt->attribute.irda_attrib_string.string[ias_value->len] = '\0';
2136		break;
2137	case IAS_MISSING:
2138	default :
2139		return -EINVAL;
2140	}
2141
2142	/* Copy type over */
2143	ias_opt->irda_attrib_type = ias_value->type;
2144
2145	return 0;
2146}
2147
2148/*
2149 * Function irda_getsockopt (sock, level, optname, optval, optlen)
2150 */
2151static int irda_getsockopt(struct socket *sock, int level, int optname,
2152			   char __user *optval, int __user *optlen)
2153{
2154	struct sock *sk = sock->sk;
2155	struct irda_sock *self = irda_sk(sk);
2156	struct irda_device_list list;
2157	struct irda_device_info *discoveries;
2158	struct irda_ias_set *	ias_opt;	/* IAS get/query params */
2159	struct ias_object *	ias_obj;	/* Object in IAS */
2160	struct ias_attrib *	ias_attr;	/* Attribute in IAS object */
2161	int daddr = DEV_ADDR_ANY;	/* Dest address for IAS queries */
2162	int val = 0;
2163	int len = 0;
2164	int err;
2165	int offset, total;
2166
2167	IRDA_DEBUG(2, "%s(%p)\n", __FUNCTION__, self);
2168
2169	if (level != SOL_IRLMP)
2170		return -ENOPROTOOPT;
2171
2172	if (get_user(len, optlen))
2173		return -EFAULT;
2174
2175	if(len < 0)
2176		return -EINVAL;
2177
2178	switch (optname) {
2179	case IRLMP_ENUMDEVICES:
2180		/* Ask lmp for the current discovery log */
2181		discoveries = irlmp_get_discoveries(&list.len, self->mask.word,
2182						    self->nslots);
2183		/* Check if the we got some results */
2184		if (discoveries == NULL)
2185			return -EAGAIN;		/* Didn't find any devices */
2186		err = 0;
2187
2188		/* Write total list length back to client */
2189		if (copy_to_user(optval, &list,
2190				 sizeof(struct irda_device_list) -
2191				 sizeof(struct irda_device_info)))
2192			err = -EFAULT;
2193
2194		/* Offset to first device entry */
2195		offset = sizeof(struct irda_device_list) -
2196			sizeof(struct irda_device_info);
2197
2198		/* Copy the list itself - watch for overflow */
2199		if(list.len > 2048)
2200		{
2201			err = -EINVAL;
2202			goto bed;
2203		}
2204		total = offset + (list.len * sizeof(struct irda_device_info));
2205		if (total > len)
2206			total = len;
2207		if (copy_to_user(optval+offset, discoveries, total - offset))
2208			err = -EFAULT;
2209
2210		/* Write total number of bytes used back to client */
2211		if (put_user(total, optlen))
2212			err = -EFAULT;
2213bed:
2214		/* Free up our buffer */
2215		kfree(discoveries);
2216		if (err)
2217			return err;
2218		break;
2219	case IRLMP_MAX_SDU_SIZE:
2220		val = self->max_data_size;
2221		len = sizeof(int);
2222		if (put_user(len, optlen))
2223			return -EFAULT;
2224
2225		if (copy_to_user(optval, &val, len))
2226			return -EFAULT;
2227		break;
2228	case IRLMP_IAS_GET:
2229		/* The user want an object from our local IAS database.
2230		 * We just need to query the IAS and return the value
2231		 * that we found */
2232
2233		/* Check that the user has allocated the right space for us */
2234		if (len != sizeof(struct irda_ias_set))
2235			return -EINVAL;
2236
2237		ias_opt = kmalloc(sizeof(struct irda_ias_set), GFP_ATOMIC);
2238		if (ias_opt == NULL)
2239			return -ENOMEM;
2240
2241		/* Copy query to the driver. */
2242		if (copy_from_user(ias_opt, optval, len)) {
2243			kfree(ias_opt);
2244			return -EFAULT;
2245		}
2246
2247		/* Find the object we target.
2248		 * If the user gives us an empty string, we use the object
2249		 * associated with this socket. This will workaround
2250		 * duplicated class name - Jean II */
2251		if(ias_opt->irda_class_name[0] == '\0')
2252			ias_obj = self->ias_obj;
2253		else
2254			ias_obj = irias_find_object(ias_opt->irda_class_name);
2255		if(ias_obj == (struct ias_object *) NULL) {
2256			kfree(ias_opt);
2257			return -EINVAL;
2258		}
2259
2260		/* Find the attribute (in the object) we target */
2261		ias_attr = irias_find_attrib(ias_obj,
2262					     ias_opt->irda_attrib_name);
2263		if(ias_attr == (struct ias_attrib *) NULL) {
2264			kfree(ias_opt);
2265			return -EINVAL;
2266		}
2267
2268		/* Translate from internal to user structure */
2269		err = irda_extract_ias_value(ias_opt, ias_attr->value);
2270		if(err) {
2271			kfree(ias_opt);
2272			return err;
2273		}
2274
2275		/* Copy reply to the user */
2276		if (copy_to_user(optval, ias_opt,
2277				 sizeof(struct irda_ias_set))) {
2278			kfree(ias_opt);
2279			return -EFAULT;
2280		}
2281		/* Note : don't need to put optlen, we checked it */
2282		kfree(ias_opt);
2283		break;
2284	case IRLMP_IAS_QUERY:
2285		/* The user want an object from a remote IAS database.
2286		 * We need to use IAP to query the remote database and
2287		 * then wait for the answer to come back. */
2288
2289		/* Check that the user has allocated the right space for us */
2290		if (len != sizeof(struct irda_ias_set))
2291			return -EINVAL;
2292
2293		ias_opt = kmalloc(sizeof(struct irda_ias_set), GFP_ATOMIC);
2294		if (ias_opt == NULL)
2295			return -ENOMEM;
2296
2297		/* Copy query to the driver. */
2298		if (copy_from_user(ias_opt, optval, len)) {
2299			kfree(ias_opt);
2300			return -EFAULT;
2301		}
2302
2303		/* At this point, there are two cases...
2304		 * 1) the socket is connected - that's the easy case, we
2305		 *	just query the device we are connected to...
2306		 * 2) the socket is not connected - the user doesn't want
2307		 *	to connect and/or may not have a valid service name
2308		 *	(so can't create a fake connection). In this case,
2309		 *	we assume that the user pass us a valid destination
2310		 *	address in the requesting structure...
2311		 */
2312		if(self->daddr != DEV_ADDR_ANY) {
2313			/* We are connected - reuse known daddr */
2314			daddr = self->daddr;
2315		} else {
2316			/* We are not connected, we must specify a valid
2317			 * destination address */
2318			daddr = ias_opt->daddr;
2319			if((!daddr) || (daddr == DEV_ADDR_ANY)) {
2320				kfree(ias_opt);
2321				return -EINVAL;
2322			}
2323		}
2324
2325		/* Check that we can proceed with IAP */
2326		if (self->iriap) {
2327			IRDA_WARNING("%s: busy with a previous query\n",
2328				     __FUNCTION__);
2329			kfree(ias_opt);
2330			return -EBUSY;
2331		}
2332
2333		self->iriap = iriap_open(LSAP_ANY, IAS_CLIENT, self,
2334					 irda_getvalue_confirm);
2335
2336		if (self->iriap == NULL) {
2337			kfree(ias_opt);
2338			return -ENOMEM;
2339		}
2340
2341		/* Treat unexpected wakeup as disconnect */
2342		self->errno = -EHOSTUNREACH;
2343
2344		/* Query remote LM-IAS */
2345		iriap_getvaluebyclass_request(self->iriap,
2346					      self->saddr, daddr,
2347					      ias_opt->irda_class_name,
2348					      ias_opt->irda_attrib_name);
2349
2350		/* Wait for answer, if not yet finished (or failed) */
2351		if (wait_event_interruptible(self->query_wait,
2352					     (self->iriap == NULL))) {
2353			/* pending request uses copy of ias_opt-content
2354			 * we can free it regardless! */
2355			kfree(ias_opt);
2356			/* Treat signals as disconnect */
2357			return -EHOSTUNREACH;
2358		}
2359
2360		/* Check what happened */
2361		if (self->errno)
2362		{
2363			kfree(ias_opt);
2364			/* Requested object/attribute doesn't exist */
2365			if((self->errno == IAS_CLASS_UNKNOWN) ||
2366			   (self->errno == IAS_ATTRIB_UNKNOWN))
2367				return (-EADDRNOTAVAIL);
2368			else
2369				return (-EHOSTUNREACH);
2370		}
2371
2372		/* Translate from internal to user structure */
2373		err = irda_extract_ias_value(ias_opt, self->ias_result);
2374		if (self->ias_result)
2375			irias_delete_value(self->ias_result);
2376		if (err) {
2377			kfree(ias_opt);
2378			return err;
2379		}
2380
2381		/* Copy reply to the user */
2382		if (copy_to_user(optval, ias_opt,
2383				 sizeof(struct irda_ias_set))) {
2384			kfree(ias_opt);
2385			return -EFAULT;
2386		}
2387		/* Note : don't need to put optlen, we checked it */
2388		kfree(ias_opt);
2389		break;
2390	case IRLMP_WAITDEVICE:
2391		/* This function is just another way of seeing life ;-)
2392		 * IRLMP_ENUMDEVICES assumes that you have a static network,
2393		 * and that you just want to pick one of the devices present.
2394		 * On the other hand, in here we assume that no device is
2395		 * present and that at some point in the future a device will
2396		 * come into range. When this device arrive, we just wake
2397		 * up the caller, so that he has time to connect to it before
2398		 * the device goes away...
2399		 * Note : once the node has been discovered for more than a
2400		 * few second, it won't trigger this function, unless it
2401		 * goes away and come back changes its hint bits (so we
2402		 * might call it IRLMP_WAITNEWDEVICE).
2403		 */
2404
2405		/* Check that the user is passing us an int */
2406		if (len != sizeof(int))
2407			return -EINVAL;
2408		/* Get timeout in ms (max time we block the caller) */
2409		if (get_user(val, (int __user *)optval))
2410			return -EFAULT;
2411
2412		/* Tell IrLMP we want to be notified */
2413		irlmp_update_client(self->ckey, self->mask.word,
2414				    irda_selective_discovery_indication,
2415				    NULL, (void *) self);
2416
2417		/* Do some discovery (and also return cached results) */
2418		irlmp_discovery_request(self->nslots);
2419
2420		/* Wait until a node is discovered */
2421		if (!self->cachedaddr) {
2422			int ret = 0;
2423
2424			IRDA_DEBUG(1, "%s(), nothing discovered yet, going to sleep...\n", __FUNCTION__);
2425
2426			/* Set watchdog timer to expire in <val> ms. */
2427			self->errno = 0;
2428			init_timer(&self->watchdog);
2429			self->watchdog.function = irda_discovery_timeout;
2430			self->watchdog.data = (unsigned long) self;
2431			self->watchdog.expires = jiffies + (val * HZ/1000);
2432			add_timer(&(self->watchdog));
2433
2434			/* Wait for IR-LMP to call us back */
2435			__wait_event_interruptible(self->query_wait,
2436			      (self->cachedaddr != 0 || self->errno == -ETIME),
2437						   ret);
2438
2439			/* If watchdog is still activated, kill it! */
2440			if(timer_pending(&(self->watchdog)))
2441				del_timer(&(self->watchdog));
2442
2443			IRDA_DEBUG(1, "%s(), ...waking up !\n", __FUNCTION__);
2444
2445			if (ret != 0)
2446				return ret;
2447		}
2448		else
2449			IRDA_DEBUG(1, "%s(), found immediately !\n",
2450				   __FUNCTION__);
2451
2452		/* Tell IrLMP that we have been notified */
2453		irlmp_update_client(self->ckey, self->mask.word,
2454				    NULL, NULL, NULL);
2455
2456		/* Check if the we got some results */
2457		if (!self->cachedaddr)
2458			return -EAGAIN;		/* Didn't find any devices */
2459		daddr = self->cachedaddr;
2460		/* Cleanup */
2461		self->cachedaddr = 0;
2462
2463		/* We return the daddr of the device that trigger the
2464		 * wakeup. As irlmp pass us only the new devices, we
2465		 * are sure that it's not an old device.
2466		 * If the user want more details, he should query
2467		 * the whole discovery log and pick one device...
2468		 */
2469		if (put_user(daddr, (int __user *)optval))
2470			return -EFAULT;
2471
2472		break;
2473	default:
2474		return -ENOPROTOOPT;
2475	}
2476
2477	return 0;
2478}
2479
2480static struct net_proto_family irda_family_ops = {
2481	.family = PF_IRDA,
2482	.create = irda_create,
2483	.owner	= THIS_MODULE,
2484};
2485
2486static const struct proto_ops SOCKOPS_WRAPPED(irda_stream_ops) = {
2487	.family =	PF_IRDA,
2488	.owner =	THIS_MODULE,
2489	.release =	irda_release,
2490	.bind =		irda_bind,
2491	.connect =	irda_connect,
2492	.socketpair =	sock_no_socketpair,
2493	.accept =	irda_accept,
2494	.getname =	irda_getname,
2495	.poll =		irda_poll,
2496	.ioctl =	irda_ioctl,
2497#ifdef CONFIG_COMPAT
2498	.compat_ioctl =	irda_compat_ioctl,
2499#endif
2500	.listen =	irda_listen,
2501	.shutdown =	irda_shutdown,
2502	.setsockopt =	irda_setsockopt,
2503	.getsockopt =	irda_getsockopt,
2504	.sendmsg =	irda_sendmsg,
2505	.recvmsg =	irda_recvmsg_stream,
2506	.mmap =		sock_no_mmap,
2507	.sendpage =	sock_no_sendpage,
2508};
2509
2510static const struct proto_ops SOCKOPS_WRAPPED(irda_seqpacket_ops) = {
2511	.family =	PF_IRDA,
2512	.owner =	THIS_MODULE,
2513	.release =	irda_release,
2514	.bind =		irda_bind,
2515	.connect =	irda_connect,
2516	.socketpair =	sock_no_socketpair,
2517	.accept =	irda_accept,
2518	.getname =	irda_getname,
2519	.poll =		datagram_poll,
2520	.ioctl =	irda_ioctl,
2521#ifdef CONFIG_COMPAT
2522	.compat_ioctl =	irda_compat_ioctl,
2523#endif
2524	.listen =	irda_listen,
2525	.shutdown =	irda_shutdown,
2526	.setsockopt =	irda_setsockopt,
2527	.getsockopt =	irda_getsockopt,
2528	.sendmsg =	irda_sendmsg,
2529	.recvmsg =	irda_recvmsg_dgram,
2530	.mmap =		sock_no_mmap,
2531	.sendpage =	sock_no_sendpage,
2532};
2533
2534static const struct proto_ops SOCKOPS_WRAPPED(irda_dgram_ops) = {
2535	.family =	PF_IRDA,
2536	.owner =	THIS_MODULE,
2537	.release =	irda_release,
2538	.bind =		irda_bind,
2539	.connect =	irda_connect,
2540	.socketpair =	sock_no_socketpair,
2541	.accept =	irda_accept,
2542	.getname =	irda_getname,
2543	.poll =		datagram_poll,
2544	.ioctl =	irda_ioctl,
2545#ifdef CONFIG_COMPAT
2546	.compat_ioctl =	irda_compat_ioctl,
2547#endif
2548	.listen =	irda_listen,
2549	.shutdown =	irda_shutdown,
2550	.setsockopt =	irda_setsockopt,
2551	.getsockopt =	irda_getsockopt,
2552	.sendmsg =	irda_sendmsg_dgram,
2553	.recvmsg =	irda_recvmsg_dgram,
2554	.mmap =		sock_no_mmap,
2555	.sendpage =	sock_no_sendpage,
2556};
2557
2558#ifdef CONFIG_IRDA_ULTRA
2559static const struct proto_ops SOCKOPS_WRAPPED(irda_ultra_ops) = {
2560	.family =	PF_IRDA,
2561	.owner =	THIS_MODULE,
2562	.release =	irda_release,
2563	.bind =		irda_bind,
2564	.connect =	sock_no_connect,
2565	.socketpair =	sock_no_socketpair,
2566	.accept =	sock_no_accept,
2567	.getname =	irda_getname,
2568	.poll =		datagram_poll,
2569	.ioctl =	irda_ioctl,
2570#ifdef CONFIG_COMPAT
2571	.compat_ioctl =	irda_compat_ioctl,
2572#endif
2573	.listen =	sock_no_listen,
2574	.shutdown =	irda_shutdown,
2575	.setsockopt =	irda_setsockopt,
2576	.getsockopt =	irda_getsockopt,
2577	.sendmsg =	irda_sendmsg_ultra,
2578	.recvmsg =	irda_recvmsg_dgram,
2579	.mmap =		sock_no_mmap,
2580	.sendpage =	sock_no_sendpage,
2581};
2582#endif /* CONFIG_IRDA_ULTRA */
2583
2584#include <linux/smp_lock.h>
2585SOCKOPS_WRAP(irda_stream, PF_IRDA);
2586SOCKOPS_WRAP(irda_seqpacket, PF_IRDA);
2587SOCKOPS_WRAP(irda_dgram, PF_IRDA);
2588#ifdef CONFIG_IRDA_ULTRA
2589SOCKOPS_WRAP(irda_ultra, PF_IRDA);
2590#endif /* CONFIG_IRDA_ULTRA */
2591
2592/*
2593 * Function irsock_init (pro)
2594 *
2595 *    Initialize IrDA protocol
2596 *
2597 */
2598int __init irsock_init(void)
2599{
2600	int rc = proto_register(&irda_proto, 0);
2601
2602	if (rc == 0)
2603		rc = sock_register(&irda_family_ops);
2604
2605	return rc;
2606}
2607
2608/*
2609 * Function irsock_cleanup (void)
2610 *
2611 *    Remove IrDA protocol
2612 *
2613 */
2614void __exit irsock_cleanup(void)
2615{
2616	sock_unregister(PF_IRDA);
2617	proto_unregister(&irda_proto);
2618}
Configure Feed

Configure Feed
