net/irda/af_irda.c at v2.6.23-rc5

tjh.dev / kernel
fork
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork
kernel / net / irda / af_irda.c
at v2.6.23-rc5 2574 lines 68 kB view raw
wrap content
   1/*********************************************************************
   2 *
   3 * Filename:      af_irda.c
   4 * Version:       0.9
   5 * Description:   IrDA sockets implementation
   6 * Status:        Stable
   7 * Author:        Dag Brattli <dagb@cs.uit.no>
   8 * Created at:    Sun May 31 10:12:43 1998
   9 * Modified at:   Sat Dec 25 21:10:23 1999
  10 * Modified by:   Dag Brattli <dag@brattli.net>
  11 * Sources:       af_netroom.c, af_ax25.c, af_rose.c, af_x25.c etc.
  12 *
  13 *     Copyright (c) 1999 Dag Brattli <dagb@cs.uit.no>
  14 *     Copyright (c) 1999-2003 Jean Tourrilhes <jt@hpl.hp.com>
  15 *     All Rights Reserved.
  16 *
  17 *     This program is free software; you can redistribute it and/or
  18 *     modify it under the terms of the GNU General Public License as
  19 *     published by the Free Software Foundation; either version 2 of
  20 *     the License, or (at your option) any later version.
  21 *
  22 *     This program is distributed in the hope that it will be useful,
  23 *     but WITHOUT ANY WARRANTY; without even the implied warranty of
  24 *     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  25 *     GNU General Public License for more details.
  26 *
  27 *     You should have received a copy of the GNU General Public License
  28 *     along with this program; if not, write to the Free Software
  29 *     Foundation, Inc., 59 Temple Place, Suite 330, Boston,
  30 *     MA 02111-1307 USA
  31 *
  32 *     Linux-IrDA now supports four different types of IrDA sockets:
  33 *
  34 *     o SOCK_STREAM:    TinyTP connections with SAR disabled. The
  35 *                       max SDU size is 0 for conn. of this type
  36 *     o SOCK_SEQPACKET: TinyTP connections with SAR enabled. TTP may
  37 *                       fragment the messages, but will preserve
  38 *                       the message boundaries
  39 *     o SOCK_DGRAM:     IRDAPROTO_UNITDATA: TinyTP connections with Unitdata
  40 *                       (unreliable) transfers
  41 *                       IRDAPROTO_ULTRA: Connectionless and unreliable data
  42 *
  43 ********************************************************************/
  44
  45#include <linux/capability.h>
  46#include <linux/module.h>
  47#include <linux/types.h>
  48#include <linux/socket.h>
  49#include <linux/sockios.h>
  50#include <linux/init.h>
  51#include <linux/net.h>
  52#include <linux/irda.h>
  53#include <linux/poll.h>
  54
  55#include <asm/ioctls.h>		/* TIOCOUTQ, TIOCINQ */
  56#include <asm/uaccess.h>
  57
  58#include <net/sock.h>
  59#include <net/tcp_states.h>
  60
  61#include <net/irda/af_irda.h>
  62
  63static int irda_create(struct socket *sock, int protocol);
  64
  65static const struct proto_ops irda_stream_ops;
  66static const struct proto_ops irda_seqpacket_ops;
  67static const struct proto_ops irda_dgram_ops;
  68
  69#ifdef CONFIG_IRDA_ULTRA
  70static const struct proto_ops irda_ultra_ops;
  71#define ULTRA_MAX_DATA 382
  72#endif /* CONFIG_IRDA_ULTRA */
  73
  74#define IRDA_MAX_HEADER (TTP_MAX_HEADER)
  75
  76/*
  77 * Function irda_data_indication (instance, sap, skb)
  78 *
  79 *    Received some data from TinyTP. Just queue it on the receive queue
  80 *
  81 */
  82static int irda_data_indication(void *instance, void *sap, struct sk_buff *skb)
  83{
  84	struct irda_sock *self;
  85	struct sock *sk;
  86	int err;
  87
  88	IRDA_DEBUG(3, "%s()\n", __FUNCTION__);
  89
  90	self = instance;
  91	sk = instance;
  92
  93	err = sock_queue_rcv_skb(sk, skb);
  94	if (err) {
  95		IRDA_DEBUG(1, "%s(), error: no more mem!\n", __FUNCTION__);
  96		self->rx_flow = FLOW_STOP;
  97
  98		/* When we return error, TTP will need to requeue the skb */
  99		return err;
 100	}
 101
 102	return 0;
 103}
 104
 105/*
 106 * Function irda_disconnect_indication (instance, sap, reason, skb)
 107 *
 108 *    Connection has been closed. Check reason to find out why
 109 *
 110 */
 111static void irda_disconnect_indication(void *instance, void *sap,
 112				       LM_REASON reason, struct sk_buff *skb)
 113{
 114	struct irda_sock *self;
 115	struct sock *sk;
 116
 117	self = instance;
 118
 119	IRDA_DEBUG(2, "%s(%p)\n", __FUNCTION__, self);
 120
 121	/* Don't care about it, but let's not leak it */
 122	if(skb)
 123		dev_kfree_skb(skb);
 124
 125	sk = instance;
 126	if (sk == NULL) {
 127		IRDA_DEBUG(0, "%s(%p) : BUG : sk is NULL\n",
 128			   __FUNCTION__, self);
 129		return;
 130	}
 131
 132	/* Prevent race conditions with irda_release() and irda_shutdown() */
 133	bh_lock_sock(sk);
 134	if (!sock_flag(sk, SOCK_DEAD) && sk->sk_state != TCP_CLOSE) {
 135		sk->sk_state     = TCP_CLOSE;
 136		sk->sk_shutdown |= SEND_SHUTDOWN;
 137
 138		sk->sk_state_change(sk);
 139
 140		/* Close our TSAP.
 141		 * If we leave it open, IrLMP put it back into the list of
 142		 * unconnected LSAPs. The problem is that any incoming request
 143		 * can then be matched to this socket (and it will be, because
 144		 * it is at the head of the list). This would prevent any
 145		 * listening socket waiting on the same TSAP to get those
 146		 * requests. Some apps forget to close sockets, or hang to it
 147		 * a bit too long, so we may stay in this dead state long
 148		 * enough to be noticed...
 149		 * Note : all socket function do check sk->sk_state, so we are
 150		 * safe...
 151		 * Jean II
 152		 */
 153		if (self->tsap) {
 154			irttp_close_tsap(self->tsap);
 155			self->tsap = NULL;
 156		}
 157	}
 158	bh_unlock_sock(sk);
 159
 160	/* Note : once we are there, there is not much you want to do
 161	 * with the socket anymore, apart from closing it.
 162	 * For example, bind() and connect() won't reset sk->sk_err,
 163	 * sk->sk_shutdown and sk->sk_flags to valid values...
 164	 * Jean II
 165	 */
 166}
 167
 168/*
 169 * Function irda_connect_confirm (instance, sap, qos, max_sdu_size, skb)
 170 *
 171 *    Connections has been confirmed by the remote device
 172 *
 173 */
 174static void irda_connect_confirm(void *instance, void *sap,
 175				 struct qos_info *qos,
 176				 __u32 max_sdu_size, __u8 max_header_size,
 177				 struct sk_buff *skb)
 178{
 179	struct irda_sock *self;
 180	struct sock *sk;
 181
 182	self = instance;
 183
 184	IRDA_DEBUG(2, "%s(%p)\n", __FUNCTION__, self);
 185
 186	sk = instance;
 187	if (sk == NULL) {
 188		dev_kfree_skb(skb);
 189		return;
 190	}
 191
 192	dev_kfree_skb(skb);
 193	// Should be ??? skb_queue_tail(&sk->sk_receive_queue, skb);
 194
 195	/* How much header space do we need to reserve */
 196	self->max_header_size = max_header_size;
 197
 198	/* IrTTP max SDU size in transmit direction */
 199	self->max_sdu_size_tx = max_sdu_size;
 200
 201	/* Find out what the largest chunk of data that we can transmit is */
 202	switch (sk->sk_type) {
 203	case SOCK_STREAM:
 204		if (max_sdu_size != 0) {
 205			IRDA_ERROR("%s: max_sdu_size must be 0\n",
 206				   __FUNCTION__);
 207			return;
 208		}
 209		self->max_data_size = irttp_get_max_seg_size(self->tsap);
 210		break;
 211	case SOCK_SEQPACKET:
 212		if (max_sdu_size == 0) {
 213			IRDA_ERROR("%s: max_sdu_size cannot be 0\n",
 214				   __FUNCTION__);
 215			return;
 216		}
 217		self->max_data_size = max_sdu_size;
 218		break;
 219	default:
 220		self->max_data_size = irttp_get_max_seg_size(self->tsap);
 221	}
 222
 223	IRDA_DEBUG(2, "%s(), max_data_size=%d\n", __FUNCTION__,
 224		   self->max_data_size);
 225
 226	memcpy(&self->qos_tx, qos, sizeof(struct qos_info));
 227
 228	/* We are now connected! */
 229	sk->sk_state = TCP_ESTABLISHED;
 230	sk->sk_state_change(sk);
 231}
 232
 233/*
 234 * Function irda_connect_indication(instance, sap, qos, max_sdu_size, userdata)
 235 *
 236 *    Incoming connection
 237 *
 238 */
 239static void irda_connect_indication(void *instance, void *sap,
 240				    struct qos_info *qos, __u32 max_sdu_size,
 241				    __u8 max_header_size, struct sk_buff *skb)
 242{
 243	struct irda_sock *self;
 244	struct sock *sk;
 245
 246	self = instance;
 247
 248	IRDA_DEBUG(2, "%s(%p)\n", __FUNCTION__, self);
 249
 250	sk = instance;
 251	if (sk == NULL) {
 252		dev_kfree_skb(skb);
 253		return;
 254	}
 255
 256	/* How much header space do we need to reserve */
 257	self->max_header_size = max_header_size;
 258
 259	/* IrTTP max SDU size in transmit direction */
 260	self->max_sdu_size_tx = max_sdu_size;
 261
 262	/* Find out what the largest chunk of data that we can transmit is */
 263	switch (sk->sk_type) {
 264	case SOCK_STREAM:
 265		if (max_sdu_size != 0) {
 266			IRDA_ERROR("%s: max_sdu_size must be 0\n",
 267				   __FUNCTION__);
 268			kfree_skb(skb);
 269			return;
 270		}
 271		self->max_data_size = irttp_get_max_seg_size(self->tsap);
 272		break;
 273	case SOCK_SEQPACKET:
 274		if (max_sdu_size == 0) {
 275			IRDA_ERROR("%s: max_sdu_size cannot be 0\n",
 276				   __FUNCTION__);
 277			kfree_skb(skb);
 278			return;
 279		}
 280		self->max_data_size = max_sdu_size;
 281		break;
 282	default:
 283		self->max_data_size = irttp_get_max_seg_size(self->tsap);
 284	}
 285
 286	IRDA_DEBUG(2, "%s(), max_data_size=%d\n", __FUNCTION__,
 287		   self->max_data_size);
 288
 289	memcpy(&self->qos_tx, qos, sizeof(struct qos_info));
 290
 291	skb_queue_tail(&sk->sk_receive_queue, skb);
 292	sk->sk_state_change(sk);
 293}
 294
 295/*
 296 * Function irda_connect_response (handle)
 297 *
 298 *    Accept incoming connection
 299 *
 300 */
 301static void irda_connect_response(struct irda_sock *self)
 302{
 303	struct sk_buff *skb;
 304
 305	IRDA_DEBUG(2, "%s()\n", __FUNCTION__);
 306
 307	skb = alloc_skb(TTP_MAX_HEADER + TTP_SAR_HEADER,
 308			GFP_ATOMIC);
 309	if (skb == NULL) {
 310		IRDA_DEBUG(0, "%s() Unable to allocate sk_buff!\n",
 311			   __FUNCTION__);
 312		return;
 313	}
 314
 315	/* Reserve space for MUX_CONTROL and LAP header */
 316	skb_reserve(skb, IRDA_MAX_HEADER);
 317
 318	irttp_connect_response(self->tsap, self->max_sdu_size_rx, skb);
 319}
 320
 321/*
 322 * Function irda_flow_indication (instance, sap, flow)
 323 *
 324 *    Used by TinyTP to tell us if it can accept more data or not
 325 *
 326 */
 327static void irda_flow_indication(void *instance, void *sap, LOCAL_FLOW flow)
 328{
 329	struct irda_sock *self;
 330	struct sock *sk;
 331
 332	IRDA_DEBUG(2, "%s()\n", __FUNCTION__);
 333
 334	self = instance;
 335	sk = instance;
 336	BUG_ON(sk == NULL);
 337
 338	switch (flow) {
 339	case FLOW_STOP:
 340		IRDA_DEBUG(1, "%s(), IrTTP wants us to slow down\n",
 341			   __FUNCTION__);
 342		self->tx_flow = flow;
 343		break;
 344	case FLOW_START:
 345		self->tx_flow = flow;
 346		IRDA_DEBUG(1, "%s(), IrTTP wants us to start again\n",
 347			   __FUNCTION__);
 348		wake_up_interruptible(sk->sk_sleep);
 349		break;
 350	default:
 351		IRDA_DEBUG(0, "%s(), Unknown flow command!\n", __FUNCTION__);
 352		/* Unknown flow command, better stop */
 353		self->tx_flow = flow;
 354		break;
 355	}
 356}
 357
 358/*
 359 * Function irda_getvalue_confirm (obj_id, value, priv)
 360 *
 361 *    Got answer from remote LM-IAS, just pass object to requester...
 362 *
 363 * Note : duplicate from above, but we need our own version that
 364 * doesn't touch the dtsap_sel and save the full value structure...
 365 */
 366static void irda_getvalue_confirm(int result, __u16 obj_id,
 367				  struct ias_value *value, void *priv)
 368{
 369	struct irda_sock *self;
 370
 371	self = (struct irda_sock *) priv;
 372	if (!self) {
 373		IRDA_WARNING("%s: lost myself!\n", __FUNCTION__);
 374		return;
 375	}
 376
 377	IRDA_DEBUG(2, "%s(%p)\n", __FUNCTION__, self);
 378
 379	/* We probably don't need to make any more queries */
 380	iriap_close(self->iriap);
 381	self->iriap = NULL;
 382
 383	/* Check if request succeeded */
 384	if (result != IAS_SUCCESS) {
 385		IRDA_DEBUG(1, "%s(), IAS query failed! (%d)\n", __FUNCTION__,
 386			   result);
 387
 388		self->errno = result;	/* We really need it later */
 389
 390		/* Wake up any processes waiting for result */
 391		wake_up_interruptible(&self->query_wait);
 392
 393		return;
 394	}
 395
 396	/* Pass the object to the caller (so the caller must delete it) */
 397	self->ias_result = value;
 398	self->errno = 0;
 399
 400	/* Wake up any processes waiting for result */
 401	wake_up_interruptible(&self->query_wait);
 402}
 403
 404/*
 405 * Function irda_selective_discovery_indication (discovery)
 406 *
 407 *    Got a selective discovery indication from IrLMP.
 408 *
 409 * IrLMP is telling us that this node is new and matching our hint bit
 410 * filter. Wake up any process waiting for answer...
 411 */
 412static void irda_selective_discovery_indication(discinfo_t *discovery,
 413						DISCOVERY_MODE mode,
 414						void *priv)
 415{
 416	struct irda_sock *self;
 417
 418	IRDA_DEBUG(2, "%s()\n", __FUNCTION__);
 419
 420	self = (struct irda_sock *) priv;
 421	if (!self) {
 422		IRDA_WARNING("%s: lost myself!\n", __FUNCTION__);
 423		return;
 424	}
 425
 426	/* Pass parameter to the caller */
 427	self->cachedaddr = discovery->daddr;
 428
 429	/* Wake up process if its waiting for device to be discovered */
 430	wake_up_interruptible(&self->query_wait);
 431}
 432
 433/*
 434 * Function irda_discovery_timeout (priv)
 435 *
 436 *    Timeout in the selective discovery process
 437 *
 438 * We were waiting for a node to be discovered, but nothing has come up
 439 * so far. Wake up the user and tell him that we failed...
 440 */
 441static void irda_discovery_timeout(u_long priv)
 442{
 443	struct irda_sock *self;
 444
 445	IRDA_DEBUG(2, "%s()\n", __FUNCTION__);
 446
 447	self = (struct irda_sock *) priv;
 448	BUG_ON(self == NULL);
 449
 450	/* Nothing for the caller */
 451	self->cachelog = NULL;
 452	self->cachedaddr = 0;
 453	self->errno = -ETIME;
 454
 455	/* Wake up process if its still waiting... */
 456	wake_up_interruptible(&self->query_wait);
 457}
 458
 459/*
 460 * Function irda_open_tsap (self)
 461 *
 462 *    Open local Transport Service Access Point (TSAP)
 463 *
 464 */
 465static int irda_open_tsap(struct irda_sock *self, __u8 tsap_sel, char *name)
 466{
 467	notify_t notify;
 468
 469	if (self->tsap) {
 470		IRDA_WARNING("%s: busy!\n", __FUNCTION__);
 471		return -EBUSY;
 472	}
 473
 474	/* Initialize callbacks to be used by the IrDA stack */
 475	irda_notify_init(&notify);
 476	notify.connect_confirm       = irda_connect_confirm;
 477	notify.connect_indication    = irda_connect_indication;
 478	notify.disconnect_indication = irda_disconnect_indication;
 479	notify.data_indication       = irda_data_indication;
 480	notify.udata_indication	     = irda_data_indication;
 481	notify.flow_indication       = irda_flow_indication;
 482	notify.instance = self;
 483	strncpy(notify.name, name, NOTIFY_MAX_NAME);
 484
 485	self->tsap = irttp_open_tsap(tsap_sel, DEFAULT_INITIAL_CREDIT,
 486				     &notify);
 487	if (self->tsap == NULL) {
 488		IRDA_DEBUG(0, "%s(), Unable to allocate TSAP!\n",
 489			   __FUNCTION__);
 490		return -ENOMEM;
 491	}
 492	/* Remember which TSAP selector we actually got */
 493	self->stsap_sel = self->tsap->stsap_sel;
 494
 495	return 0;
 496}
 497
 498/*
 499 * Function irda_open_lsap (self)
 500 *
 501 *    Open local Link Service Access Point (LSAP). Used for opening Ultra
 502 *    sockets
 503 */
 504#ifdef CONFIG_IRDA_ULTRA
 505static int irda_open_lsap(struct irda_sock *self, int pid)
 506{
 507	notify_t notify;
 508
 509	if (self->lsap) {
 510		IRDA_WARNING("%s(), busy!\n", __FUNCTION__);
 511		return -EBUSY;
 512	}
 513
 514	/* Initialize callbacks to be used by the IrDA stack */
 515	irda_notify_init(&notify);
 516	notify.udata_indication	= irda_data_indication;
 517	notify.instance = self;
 518	strncpy(notify.name, "Ultra", NOTIFY_MAX_NAME);
 519
 520	self->lsap = irlmp_open_lsap(LSAP_CONNLESS, &notify, pid);
 521	if (self->lsap == NULL) {
 522		IRDA_DEBUG( 0, "%s(), Unable to allocate LSAP!\n", __FUNCTION__);
 523		return -ENOMEM;
 524	}
 525
 526	return 0;
 527}
 528#endif /* CONFIG_IRDA_ULTRA */
 529
 530/*
 531 * Function irda_find_lsap_sel (self, name)
 532 *
 533 *    Try to lookup LSAP selector in remote LM-IAS
 534 *
 535 * Basically, we start a IAP query, and then go to sleep. When the query
 536 * return, irda_getvalue_confirm will wake us up, and we can examine the
 537 * result of the query...
 538 * Note that in some case, the query fail even before we go to sleep,
 539 * creating some races...
 540 */
 541static int irda_find_lsap_sel(struct irda_sock *self, char *name)
 542{
 543	IRDA_DEBUG(2, "%s(%p, %s)\n", __FUNCTION__, self, name);
 544
 545	if (self->iriap) {
 546		IRDA_WARNING("%s(): busy with a previous query\n",
 547			     __FUNCTION__);
 548		return -EBUSY;
 549	}
 550
 551	self->iriap = iriap_open(LSAP_ANY, IAS_CLIENT, self,
 552				 irda_getvalue_confirm);
 553	if(self->iriap == NULL)
 554		return -ENOMEM;
 555
 556	/* Treat unexpected wakeup as disconnect */
 557	self->errno = -EHOSTUNREACH;
 558
 559	/* Query remote LM-IAS */
 560	iriap_getvaluebyclass_request(self->iriap, self->saddr, self->daddr,
 561				      name, "IrDA:TinyTP:LsapSel");
 562
 563	/* Wait for answer, if not yet finished (or failed) */
 564	if (wait_event_interruptible(self->query_wait, (self->iriap==NULL)))
 565		/* Treat signals as disconnect */
 566		return -EHOSTUNREACH;
 567
 568	/* Check what happened */
 569	if (self->errno)
 570	{
 571		/* Requested object/attribute doesn't exist */
 572		if((self->errno == IAS_CLASS_UNKNOWN) ||
 573		   (self->errno == IAS_ATTRIB_UNKNOWN))
 574			return (-EADDRNOTAVAIL);
 575		else
 576			return (-EHOSTUNREACH);
 577	}
 578
 579	/* Get the remote TSAP selector */
 580	switch (self->ias_result->type) {
 581	case IAS_INTEGER:
 582		IRDA_DEBUG(4, "%s() int=%d\n",
 583			   __FUNCTION__, self->ias_result->t.integer);
 584
 585		if (self->ias_result->t.integer != -1)
 586			self->dtsap_sel = self->ias_result->t.integer;
 587		else
 588			self->dtsap_sel = 0;
 589		break;
 590	default:
 591		self->dtsap_sel = 0;
 592		IRDA_DEBUG(0, "%s(), bad type!\n", __FUNCTION__);
 593		break;
 594	}
 595	if (self->ias_result)
 596		irias_delete_value(self->ias_result);
 597
 598	if (self->dtsap_sel)
 599		return 0;
 600
 601	return -EADDRNOTAVAIL;
 602}
 603
 604/*
 605 * Function irda_discover_daddr_and_lsap_sel (self, name)
 606 *
 607 *    This try to find a device with the requested service.
 608 *
 609 * It basically look into the discovery log. For each address in the list,
 610 * it queries the LM-IAS of the device to find if this device offer
 611 * the requested service.
 612 * If there is more than one node supporting the service, we complain
 613 * to the user (it should move devices around).
 614 * The, we set both the destination address and the lsap selector to point
 615 * on the service on the unique device we have found.
 616 *
 617 * Note : this function fails if there is more than one device in range,
 618 * because IrLMP doesn't disconnect the LAP when the last LSAP is closed.
 619 * Moreover, we would need to wait the LAP disconnection...
 620 */
 621static int irda_discover_daddr_and_lsap_sel(struct irda_sock *self, char *name)
 622{
 623	discinfo_t *discoveries;	/* Copy of the discovery log */
 624	int	number;			/* Number of nodes in the log */
 625	int	i;
 626	int	err = -ENETUNREACH;
 627	__u32	daddr = DEV_ADDR_ANY;	/* Address we found the service on */
 628	__u8	dtsap_sel = 0x0;	/* TSAP associated with it */
 629
 630	IRDA_DEBUG(2, "%s(), name=%s\n", __FUNCTION__, name);
 631
 632	/* Ask lmp for the current discovery log
 633	 * Note : we have to use irlmp_get_discoveries(), as opposed
 634	 * to play with the cachelog directly, because while we are
 635	 * making our ias query, le log might change... */
 636	discoveries = irlmp_get_discoveries(&number, self->mask.word,
 637					    self->nslots);
 638	/* Check if the we got some results */
 639	if (discoveries == NULL)
 640		return -ENETUNREACH;	/* No nodes discovered */
 641
 642	/*
 643	 * Now, check all discovered devices (if any), and connect
 644	 * client only about the services that the client is
 645	 * interested in...
 646	 */
 647	for(i = 0; i < number; i++) {
 648		/* Try the address in the log */
 649		self->daddr = discoveries[i].daddr;
 650		self->saddr = 0x0;
 651		IRDA_DEBUG(1, "%s(), trying daddr = %08x\n",
 652			   __FUNCTION__, self->daddr);
 653
 654		/* Query remote LM-IAS for this service */
 655		err = irda_find_lsap_sel(self, name);
 656		switch (err) {
 657		case 0:
 658			/* We found the requested service */
 659			if(daddr != DEV_ADDR_ANY) {
 660				IRDA_DEBUG(1, "%s(), discovered service ''%s'' in two different devices !!!\n",
 661					   __FUNCTION__, name);
 662				self->daddr = DEV_ADDR_ANY;
 663				kfree(discoveries);
 664				return(-ENOTUNIQ);
 665			}
 666			/* First time we found that one, save it ! */
 667			daddr = self->daddr;
 668			dtsap_sel = self->dtsap_sel;
 669			break;
 670		case -EADDRNOTAVAIL:
 671			/* Requested service simply doesn't exist on this node */
 672			break;
 673		default:
 674			/* Something bad did happen :-( */
 675			IRDA_DEBUG(0, "%s(), unexpected IAS query failure\n", __FUNCTION__);
 676			self->daddr = DEV_ADDR_ANY;
 677			kfree(discoveries);
 678			return(-EHOSTUNREACH);
 679			break;
 680		}
 681	}
 682	/* Cleanup our copy of the discovery log */
 683	kfree(discoveries);
 684
 685	/* Check out what we found */
 686	if(daddr == DEV_ADDR_ANY) {
 687		IRDA_DEBUG(1, "%s(), cannot discover service ''%s'' in any device !!!\n",
 688			   __FUNCTION__, name);
 689		self->daddr = DEV_ADDR_ANY;
 690		return(-EADDRNOTAVAIL);
 691	}
 692
 693	/* Revert back to discovered device & service */
 694	self->daddr = daddr;
 695	self->saddr = 0x0;
 696	self->dtsap_sel = dtsap_sel;
 697
 698	IRDA_DEBUG(1, "%s(), discovered requested service ''%s'' at address %08x\n",
 699		   __FUNCTION__, name, self->daddr);
 700
 701	return 0;
 702}
 703
 704/*
 705 * Function irda_getname (sock, uaddr, uaddr_len, peer)
 706 *
 707 *    Return the our own, or peers socket address (sockaddr_irda)
 708 *
 709 */
 710static int irda_getname(struct socket *sock, struct sockaddr *uaddr,
 711			int *uaddr_len, int peer)
 712{
 713	struct sockaddr_irda saddr;
 714	struct sock *sk = sock->sk;
 715	struct irda_sock *self = irda_sk(sk);
 716
 717	if (peer) {
 718		if (sk->sk_state != TCP_ESTABLISHED)
 719			return -ENOTCONN;
 720
 721		saddr.sir_family = AF_IRDA;
 722		saddr.sir_lsap_sel = self->dtsap_sel;
 723		saddr.sir_addr = self->daddr;
 724	} else {
 725		saddr.sir_family = AF_IRDA;
 726		saddr.sir_lsap_sel = self->stsap_sel;
 727		saddr.sir_addr = self->saddr;
 728	}
 729
 730	IRDA_DEBUG(1, "%s(), tsap_sel = %#x\n", __FUNCTION__, saddr.sir_lsap_sel);
 731	IRDA_DEBUG(1, "%s(), addr = %08x\n", __FUNCTION__, saddr.sir_addr);
 732
 733	/* uaddr_len come to us uninitialised */
 734	*uaddr_len = sizeof (struct sockaddr_irda);
 735	memcpy(uaddr, &saddr, *uaddr_len);
 736
 737	return 0;
 738}
 739
 740/*
 741 * Function irda_listen (sock, backlog)
 742 *
 743 *    Just move to the listen state
 744 *
 745 */
 746static int irda_listen(struct socket *sock, int backlog)
 747{
 748	struct sock *sk = sock->sk;
 749
 750	IRDA_DEBUG(2, "%s()\n", __FUNCTION__);
 751
 752	if ((sk->sk_type != SOCK_STREAM) && (sk->sk_type != SOCK_SEQPACKET) &&
 753	    (sk->sk_type != SOCK_DGRAM))
 754		return -EOPNOTSUPP;
 755
 756	if (sk->sk_state != TCP_LISTEN) {
 757		sk->sk_max_ack_backlog = backlog;
 758		sk->sk_state           = TCP_LISTEN;
 759
 760		return 0;
 761	}
 762
 763	return -EOPNOTSUPP;
 764}
 765
 766/*
 767 * Function irda_bind (sock, uaddr, addr_len)
 768 *
 769 *    Used by servers to register their well known TSAP
 770 *
 771 */
 772static int irda_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
 773{
 774	struct sock *sk = sock->sk;
 775	struct sockaddr_irda *addr = (struct sockaddr_irda *) uaddr;
 776	struct irda_sock *self = irda_sk(sk);
 777	int err;
 778
 779	IRDA_DEBUG(2, "%s(%p)\n", __FUNCTION__, self);
 780
 781	if (addr_len != sizeof(struct sockaddr_irda))
 782		return -EINVAL;
 783
 784#ifdef CONFIG_IRDA_ULTRA
 785	/* Special care for Ultra sockets */
 786	if ((sk->sk_type == SOCK_DGRAM) &&
 787	    (sk->sk_protocol == IRDAPROTO_ULTRA)) {
 788		self->pid = addr->sir_lsap_sel;
 789		if (self->pid & 0x80) {
 790			IRDA_DEBUG(0, "%s(), extension in PID not supp!\n", __FUNCTION__);
 791			return -EOPNOTSUPP;
 792		}
 793		err = irda_open_lsap(self, self->pid);
 794		if (err < 0)
 795			return err;
 796
 797		/* Pretend we are connected */
 798		sock->state = SS_CONNECTED;
 799		sk->sk_state   = TCP_ESTABLISHED;
 800
 801		return 0;
 802	}
 803#endif /* CONFIG_IRDA_ULTRA */
 804
 805	err = irda_open_tsap(self, addr->sir_lsap_sel, addr->sir_name);
 806	if (err < 0)
 807		return err;
 808
 809	/*  Register with LM-IAS */
 810	self->ias_obj = irias_new_object(addr->sir_name, jiffies);
 811	irias_add_integer_attrib(self->ias_obj, "IrDA:TinyTP:LsapSel",
 812				 self->stsap_sel, IAS_KERNEL_ATTR);
 813	irias_insert_object(self->ias_obj);
 814
 815	return 0;
 816}
 817
 818/*
 819 * Function irda_accept (sock, newsock, flags)
 820 *
 821 *    Wait for incoming connection
 822 *
 823 */
 824static int irda_accept(struct socket *sock, struct socket *newsock, int flags)
 825{
 826	struct sock *sk = sock->sk;
 827	struct irda_sock *new, *self = irda_sk(sk);
 828	struct sock *newsk;
 829	struct sk_buff *skb;
 830	int err;
 831
 832	IRDA_DEBUG(2, "%s()\n", __FUNCTION__);
 833
 834	err = irda_create(newsock, sk->sk_protocol);
 835	if (err)
 836		return err;
 837
 838	if (sock->state != SS_UNCONNECTED)
 839		return -EINVAL;
 840
 841	if ((sk = sock->sk) == NULL)
 842		return -EINVAL;
 843
 844	if ((sk->sk_type != SOCK_STREAM) && (sk->sk_type != SOCK_SEQPACKET) &&
 845	    (sk->sk_type != SOCK_DGRAM))
 846		return -EOPNOTSUPP;
 847
 848	if (sk->sk_state != TCP_LISTEN)
 849		return -EINVAL;
 850
 851	/*
 852	 *	The read queue this time is holding sockets ready to use
 853	 *	hooked into the SABM we saved
 854	 */
 855
 856	/*
 857	 * We can perform the accept only if there is incoming data
 858	 * on the listening socket.
 859	 * So, we will block the caller until we receive any data.
 860	 * If the caller was waiting on select() or poll() before
 861	 * calling us, the data is waiting for us ;-)
 862	 * Jean II
 863	 */
 864	while (1) {
 865		skb = skb_dequeue(&sk->sk_receive_queue);
 866		if (skb)
 867			break;
 868
 869		/* Non blocking operation */
 870		if (flags & O_NONBLOCK)
 871			return -EWOULDBLOCK;
 872
 873		err = wait_event_interruptible(*(sk->sk_sleep),
 874					skb_peek(&sk->sk_receive_queue));
 875		if (err)
 876			return err;
 877	}
 878
 879	newsk = newsock->sk;
 880	if (newsk == NULL)
 881		return -EIO;
 882
 883	newsk->sk_state = TCP_ESTABLISHED;
 884
 885	new = irda_sk(newsk);
 886
 887	/* Now attach up the new socket */
 888	new->tsap = irttp_dup(self->tsap, new);
 889	if (!new->tsap) {
 890		IRDA_DEBUG(0, "%s(), dup failed!\n", __FUNCTION__);
 891		kfree_skb(skb);
 892		return -1;
 893	}
 894
 895	new->stsap_sel = new->tsap->stsap_sel;
 896	new->dtsap_sel = new->tsap->dtsap_sel;
 897	new->saddr = irttp_get_saddr(new->tsap);
 898	new->daddr = irttp_get_daddr(new->tsap);
 899
 900	new->max_sdu_size_tx = self->max_sdu_size_tx;
 901	new->max_sdu_size_rx = self->max_sdu_size_rx;
 902	new->max_data_size   = self->max_data_size;
 903	new->max_header_size = self->max_header_size;
 904
 905	memcpy(&new->qos_tx, &self->qos_tx, sizeof(struct qos_info));
 906
 907	/* Clean up the original one to keep it in listen state */
 908	irttp_listen(self->tsap);
 909
 910	/* Wow ! What is that ? Jean II */
 911	skb->sk = NULL;
 912	skb->destructor = NULL;
 913	kfree_skb(skb);
 914	sk->sk_ack_backlog--;
 915
 916	newsock->state = SS_CONNECTED;
 917
 918	irda_connect_response(new);
 919
 920	return 0;
 921}
 922
 923/*
 924 * Function irda_connect (sock, uaddr, addr_len, flags)
 925 *
 926 *    Connect to a IrDA device
 927 *
 928 * The main difference with a "standard" connect is that with IrDA we need
 929 * to resolve the service name into a TSAP selector (in TCP, port number
 930 * doesn't have to be resolved).
 931 * Because of this service name resoltion, we can offer "auto-connect",
 932 * where we connect to a service without specifying a destination address.
 933 *
 934 * Note : by consulting "errno", the user space caller may learn the cause
 935 * of the failure. Most of them are visible in the function, others may come
 936 * from subroutines called and are listed here :
 937 *	o EBUSY : already processing a connect
 938 *	o EHOSTUNREACH : bad addr->sir_addr argument
 939 *	o EADDRNOTAVAIL : bad addr->sir_name argument
 940 *	o ENOTUNIQ : more than one node has addr->sir_name (auto-connect)
 941 *	o ENETUNREACH : no node found on the network (auto-connect)
 942 */
 943static int irda_connect(struct socket *sock, struct sockaddr *uaddr,
 944			int addr_len, int flags)
 945{
 946	struct sock *sk = sock->sk;
 947	struct sockaddr_irda *addr = (struct sockaddr_irda *) uaddr;
 948	struct irda_sock *self = irda_sk(sk);
 949	int err;
 950
 951	IRDA_DEBUG(2, "%s(%p)\n", __FUNCTION__, self);
 952
 953	/* Don't allow connect for Ultra sockets */
 954	if ((sk->sk_type == SOCK_DGRAM) && (sk->sk_protocol == IRDAPROTO_ULTRA))
 955		return -ESOCKTNOSUPPORT;
 956
 957	if (sk->sk_state == TCP_ESTABLISHED && sock->state == SS_CONNECTING) {
 958		sock->state = SS_CONNECTED;
 959		return 0;   /* Connect completed during a ERESTARTSYS event */
 960	}
 961
 962	if (sk->sk_state == TCP_CLOSE && sock->state == SS_CONNECTING) {
 963		sock->state = SS_UNCONNECTED;
 964		return -ECONNREFUSED;
 965	}
 966
 967	if (sk->sk_state == TCP_ESTABLISHED)
 968		return -EISCONN;      /* No reconnect on a seqpacket socket */
 969
 970	sk->sk_state   = TCP_CLOSE;
 971	sock->state = SS_UNCONNECTED;
 972
 973	if (addr_len != sizeof(struct sockaddr_irda))
 974		return -EINVAL;
 975
 976	/* Check if user supplied any destination device address */
 977	if ((!addr->sir_addr) || (addr->sir_addr == DEV_ADDR_ANY)) {
 978		/* Try to find one suitable */
 979		err = irda_discover_daddr_and_lsap_sel(self, addr->sir_name);
 980		if (err) {
 981			IRDA_DEBUG(0, "%s(), auto-connect failed!\n", __FUNCTION__);
 982			return err;
 983		}
 984	} else {
 985		/* Use the one provided by the user */
 986		self->daddr = addr->sir_addr;
 987		IRDA_DEBUG(1, "%s(), daddr = %08x\n", __FUNCTION__, self->daddr);
 988
 989		/* If we don't have a valid service name, we assume the
 990		 * user want to connect on a specific LSAP. Prevent
 991		 * the use of invalid LSAPs (IrLMP 1.1 p10). Jean II */
 992		if((addr->sir_name[0] != '\0') ||
 993		   (addr->sir_lsap_sel >= 0x70)) {
 994			/* Query remote LM-IAS using service name */
 995			err = irda_find_lsap_sel(self, addr->sir_name);
 996			if (err) {
 997				IRDA_DEBUG(0, "%s(), connect failed!\n", __FUNCTION__);
 998				return err;
 999			}
1000		} else {
1001			/* Directly connect to the remote LSAP
1002			 * specified by the sir_lsap field.
1003			 * Please use with caution, in IrDA LSAPs are
1004			 * dynamic and there is no "well-known" LSAP. */
1005			self->dtsap_sel = addr->sir_lsap_sel;
1006		}
1007	}
1008
1009	/* Check if we have opened a local TSAP */
1010	if (!self->tsap)
1011		irda_open_tsap(self, LSAP_ANY, addr->sir_name);
1012
1013	/* Move to connecting socket, start sending Connect Requests */
1014	sock->state = SS_CONNECTING;
1015	sk->sk_state   = TCP_SYN_SENT;
1016
1017	/* Connect to remote device */
1018	err = irttp_connect_request(self->tsap, self->dtsap_sel,
1019				    self->saddr, self->daddr, NULL,
1020				    self->max_sdu_size_rx, NULL);
1021	if (err) {
1022		IRDA_DEBUG(0, "%s(), connect failed!\n", __FUNCTION__);
1023		return err;
1024	}
1025
1026	/* Now the loop */
1027	if (sk->sk_state != TCP_ESTABLISHED && (flags & O_NONBLOCK))
1028		return -EINPROGRESS;
1029
1030	if (wait_event_interruptible(*(sk->sk_sleep),
1031				     (sk->sk_state != TCP_SYN_SENT)))
1032		return -ERESTARTSYS;
1033
1034	if (sk->sk_state != TCP_ESTABLISHED) {
1035		sock->state = SS_UNCONNECTED;
1036		err = sock_error(sk);
1037		return err? err : -ECONNRESET;
1038	}
1039
1040	sock->state = SS_CONNECTED;
1041
1042	/* At this point, IrLMP has assigned our source address */
1043	self->saddr = irttp_get_saddr(self->tsap);
1044
1045	return 0;
1046}
1047
1048static struct proto irda_proto = {
1049	.name	  = "IRDA",
1050	.owner	  = THIS_MODULE,
1051	.obj_size = sizeof(struct irda_sock),
1052};
1053
1054/*
1055 * Function irda_create (sock, protocol)
1056 *
1057 *    Create IrDA socket
1058 *
1059 */
1060static int irda_create(struct socket *sock, int protocol)
1061{
1062	struct sock *sk;
1063	struct irda_sock *self;
1064
1065	IRDA_DEBUG(2, "%s()\n", __FUNCTION__);
1066
1067	/* Check for valid socket type */
1068	switch (sock->type) {
1069	case SOCK_STREAM:     /* For TTP connections with SAR disabled */
1070	case SOCK_SEQPACKET:  /* For TTP connections with SAR enabled */
1071	case SOCK_DGRAM:      /* For TTP Unitdata or LMP Ultra transfers */
1072		break;
1073	default:
1074		return -ESOCKTNOSUPPORT;
1075	}
1076
1077	/* Allocate networking socket */
1078	sk = sk_alloc(PF_IRDA, GFP_ATOMIC, &irda_proto, 1);
1079	if (sk == NULL)
1080		return -ENOMEM;
1081
1082	self = irda_sk(sk);
1083	IRDA_DEBUG(2, "%s() : self is %p\n", __FUNCTION__, self);
1084
1085	init_waitqueue_head(&self->query_wait);
1086
1087	/* Initialise networking socket struct */
1088	sock_init_data(sock, sk);	/* Note : set sk->sk_refcnt to 1 */
1089	sk->sk_family = PF_IRDA;
1090	sk->sk_protocol = protocol;
1091
1092	switch (sock->type) {
1093	case SOCK_STREAM:
1094		sock->ops = &irda_stream_ops;
1095		self->max_sdu_size_rx = TTP_SAR_DISABLE;
1096		break;
1097	case SOCK_SEQPACKET:
1098		sock->ops = &irda_seqpacket_ops;
1099		self->max_sdu_size_rx = TTP_SAR_UNBOUND;
1100		break;
1101	case SOCK_DGRAM:
1102		switch (protocol) {
1103#ifdef CONFIG_IRDA_ULTRA
1104		case IRDAPROTO_ULTRA:
1105			sock->ops = &irda_ultra_ops;
1106			/* Initialise now, because we may send on unbound
1107			 * sockets. Jean II */
1108			self->max_data_size = ULTRA_MAX_DATA - LMP_PID_HEADER;
1109			self->max_header_size = IRDA_MAX_HEADER + LMP_PID_HEADER;
1110			break;
1111#endif /* CONFIG_IRDA_ULTRA */
1112		case IRDAPROTO_UNITDATA:
1113			sock->ops = &irda_dgram_ops;
1114			/* We let Unitdata conn. be like seqpack conn. */
1115			self->max_sdu_size_rx = TTP_SAR_UNBOUND;
1116			break;
1117		default:
1118			IRDA_ERROR("%s: protocol not supported!\n",
1119				   __FUNCTION__);
1120			return -ESOCKTNOSUPPORT;
1121		}
1122		break;
1123	default:
1124		return -ESOCKTNOSUPPORT;
1125	}
1126
1127	/* Register as a client with IrLMP */
1128	self->ckey = irlmp_register_client(0, NULL, NULL, NULL);
1129	self->mask.word = 0xffff;
1130	self->rx_flow = self->tx_flow = FLOW_START;
1131	self->nslots = DISCOVERY_DEFAULT_SLOTS;
1132	self->daddr = DEV_ADDR_ANY;	/* Until we get connected */
1133	self->saddr = 0x0;		/* so IrLMP assign us any link */
1134	return 0;
1135}
1136
1137/*
1138 * Function irda_destroy_socket (self)
1139 *
1140 *    Destroy socket
1141 *
1142 */
1143static void irda_destroy_socket(struct irda_sock *self)
1144{
1145	IRDA_DEBUG(2, "%s(%p)\n", __FUNCTION__, self);
1146
1147	/* Unregister with IrLMP */
1148	irlmp_unregister_client(self->ckey);
1149	irlmp_unregister_service(self->skey);
1150
1151	/* Unregister with LM-IAS */
1152	if (self->ias_obj) {
1153		irias_delete_object(self->ias_obj);
1154		self->ias_obj = NULL;
1155	}
1156
1157	if (self->iriap) {
1158		iriap_close(self->iriap);
1159		self->iriap = NULL;
1160	}
1161
1162	if (self->tsap) {
1163		irttp_disconnect_request(self->tsap, NULL, P_NORMAL);
1164		irttp_close_tsap(self->tsap);
1165		self->tsap = NULL;
1166	}
1167#ifdef CONFIG_IRDA_ULTRA
1168	if (self->lsap) {
1169		irlmp_close_lsap(self->lsap);
1170		self->lsap = NULL;
1171	}
1172#endif /* CONFIG_IRDA_ULTRA */
1173}
1174
1175/*
1176 * Function irda_release (sock)
1177 */
1178static int irda_release(struct socket *sock)
1179{
1180	struct sock *sk = sock->sk;
1181
1182	IRDA_DEBUG(2, "%s()\n", __FUNCTION__);
1183
1184	if (sk == NULL)
1185		return 0;
1186
1187	lock_sock(sk);
1188	sk->sk_state       = TCP_CLOSE;
1189	sk->sk_shutdown   |= SEND_SHUTDOWN;
1190	sk->sk_state_change(sk);
1191
1192	/* Destroy IrDA socket */
1193	irda_destroy_socket(irda_sk(sk));
1194
1195	sock_orphan(sk);
1196	sock->sk   = NULL;
1197	release_sock(sk);
1198
1199	/* Purge queues (see sock_init_data()) */
1200	skb_queue_purge(&sk->sk_receive_queue);
1201
1202	/* Destroy networking socket if we are the last reference on it,
1203	 * i.e. if(sk->sk_refcnt == 0) -> sk_free(sk) */
1204	sock_put(sk);
1205
1206	/* Notes on socket locking and deallocation... - Jean II
1207	 * In theory we should put pairs of sock_hold() / sock_put() to
1208	 * prevent the socket to be destroyed whenever there is an
1209	 * outstanding request or outstanding incoming packet or event.
1210	 *
1211	 * 1) This may include IAS request, both in connect and getsockopt.
1212	 * Unfortunately, the situation is a bit more messy than it looks,
1213	 * because we close iriap and kfree(self) above.
1214	 *
1215	 * 2) This may include selective discovery in getsockopt.
1216	 * Same stuff as above, irlmp registration and self are gone.
1217	 *
1218	 * Probably 1 and 2 may not matter, because it's all triggered
1219	 * by a process and the socket layer already prevent the
1220	 * socket to go away while a process is holding it, through
1221	 * sockfd_put() and fput()...
1222	 *
1223	 * 3) This may include deferred TSAP closure. In particular,
1224	 * we may receive a late irda_disconnect_indication()
1225	 * Fortunately, (tsap_cb *)->close_pend should protect us
1226	 * from that.
1227	 *
1228	 * I did some testing on SMP, and it looks solid. And the socket
1229	 * memory leak is now gone... - Jean II
1230	 */
1231
1232	return 0;
1233}
1234
1235/*
1236 * Function irda_sendmsg (iocb, sock, msg, len)
1237 *
1238 *    Send message down to TinyTP. This function is used for both STREAM and
1239 *    SEQPACK services. This is possible since it forces the client to
1240 *    fragment the message if necessary
1241 */
1242static int irda_sendmsg(struct kiocb *iocb, struct socket *sock,
1243			struct msghdr *msg, size_t len)
1244{
1245	struct sock *sk = sock->sk;
1246	struct irda_sock *self;
1247	struct sk_buff *skb;
1248	int err;
1249
1250	IRDA_DEBUG(4, "%s(), len=%zd\n", __FUNCTION__, len);
1251
1252	/* Note : socket.c set MSG_EOR on SEQPACKET sockets */
1253	if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_EOR|MSG_CMSG_COMPAT))
1254		return -EINVAL;
1255
1256	if (sk->sk_shutdown & SEND_SHUTDOWN) {
1257		send_sig(SIGPIPE, current, 0);
1258		return -EPIPE;
1259	}
1260
1261	if (sk->sk_state != TCP_ESTABLISHED)
1262		return -ENOTCONN;
1263
1264	self = irda_sk(sk);
1265
1266	/* Check if IrTTP is wants us to slow down */
1267
1268	if (wait_event_interruptible(*(sk->sk_sleep),
1269	    (self->tx_flow != FLOW_STOP  ||  sk->sk_state != TCP_ESTABLISHED)))
1270		return -ERESTARTSYS;
1271
1272	/* Check if we are still connected */
1273	if (sk->sk_state != TCP_ESTABLISHED)
1274		return -ENOTCONN;
1275
1276	/* Check that we don't send out too big frames */
1277	if (len > self->max_data_size) {
1278		IRDA_DEBUG(2, "%s(), Chopping frame from %zd to %d bytes!\n",
1279			   __FUNCTION__, len, self->max_data_size);
1280		len = self->max_data_size;
1281	}
1282
1283	skb = sock_alloc_send_skb(sk, len + self->max_header_size + 16,
1284				  msg->msg_flags & MSG_DONTWAIT, &err);
1285	if (!skb)
1286		return -ENOBUFS;
1287
1288	skb_reserve(skb, self->max_header_size + 16);
1289	skb_reset_transport_header(skb);
1290	skb_put(skb, len);
1291	err = memcpy_fromiovec(skb_transport_header(skb), msg->msg_iov, len);
1292	if (err) {
1293		kfree_skb(skb);
1294		return err;
1295	}
1296
1297	/*
1298	 * Just send the message to TinyTP, and let it deal with possible
1299	 * errors. No need to duplicate all that here
1300	 */
1301	err = irttp_data_request(self->tsap, skb);
1302	if (err) {
1303		IRDA_DEBUG(0, "%s(), err=%d\n", __FUNCTION__, err);
1304		return err;
1305	}
1306	/* Tell client how much data we actually sent */
1307	return len;
1308}
1309
1310/*
1311 * Function irda_recvmsg_dgram (iocb, sock, msg, size, flags)
1312 *
1313 *    Try to receive message and copy it to user. The frame is discarded
1314 *    after being read, regardless of how much the user actually read
1315 */
1316static int irda_recvmsg_dgram(struct kiocb *iocb, struct socket *sock,
1317			      struct msghdr *msg, size_t size, int flags)
1318{
1319	struct sock *sk = sock->sk;
1320	struct irda_sock *self = irda_sk(sk);
1321	struct sk_buff *skb;
1322	size_t copied;
1323	int err;
1324
1325	IRDA_DEBUG(4, "%s()\n", __FUNCTION__);
1326
1327	if ((err = sock_error(sk)) < 0)
1328		return err;
1329
1330	skb = skb_recv_datagram(sk, flags & ~MSG_DONTWAIT,
1331				flags & MSG_DONTWAIT, &err);
1332	if (!skb)
1333		return err;
1334
1335	skb_reset_transport_header(skb);
1336	copied = skb->len;
1337
1338	if (copied > size) {
1339		IRDA_DEBUG(2, "%s(), Received truncated frame (%zd < %zd)!\n",
1340			   __FUNCTION__, copied, size);
1341		copied = size;
1342		msg->msg_flags |= MSG_TRUNC;
1343	}
1344	skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied);
1345
1346	skb_free_datagram(sk, skb);
1347
1348	/*
1349	 *  Check if we have previously stopped IrTTP and we know
1350	 *  have more free space in our rx_queue. If so tell IrTTP
1351	 *  to start delivering frames again before our rx_queue gets
1352	 *  empty
1353	 */
1354	if (self->rx_flow == FLOW_STOP) {
1355		if ((atomic_read(&sk->sk_rmem_alloc) << 2) <= sk->sk_rcvbuf) {
1356			IRDA_DEBUG(2, "%s(), Starting IrTTP\n", __FUNCTION__);
1357			self->rx_flow = FLOW_START;
1358			irttp_flow_request(self->tsap, FLOW_START);
1359		}
1360	}
1361
1362	return copied;
1363}
1364
1365/*
1366 * Function irda_recvmsg_stream (iocb, sock, msg, size, flags)
1367 */
1368static int irda_recvmsg_stream(struct kiocb *iocb, struct socket *sock,
1369			       struct msghdr *msg, size_t size, int flags)
1370{
1371	struct sock *sk = sock->sk;
1372	struct irda_sock *self = irda_sk(sk);
1373	int noblock = flags & MSG_DONTWAIT;
1374	size_t copied = 0;
1375	int target, err;
1376	long timeo;
1377
1378	IRDA_DEBUG(3, "%s()\n", __FUNCTION__);
1379
1380	if ((err = sock_error(sk)) < 0)
1381		return err;
1382
1383	if (sock->flags & __SO_ACCEPTCON)
1384		return(-EINVAL);
1385
1386	if (flags & MSG_OOB)
1387		return -EOPNOTSUPP;
1388
1389	target = sock_rcvlowat(sk, flags & MSG_WAITALL, size);
1390	timeo = sock_rcvtimeo(sk, noblock);
1391
1392	msg->msg_namelen = 0;
1393
1394	do {
1395		int chunk;
1396		struct sk_buff *skb = skb_dequeue(&sk->sk_receive_queue);
1397
1398		if (skb == NULL) {
1399			DEFINE_WAIT(wait);
1400			int ret = 0;
1401
1402			if (copied >= target)
1403				break;
1404
1405			prepare_to_wait_exclusive(sk->sk_sleep, &wait, TASK_INTERRUPTIBLE);
1406
1407			/*
1408			 *	POSIX 1003.1g mandates this order.
1409			 */
1410			ret = sock_error(sk);
1411			if (ret)
1412				;
1413			else if (sk->sk_shutdown & RCV_SHUTDOWN)
1414				;
1415			else if (noblock)
1416				ret = -EAGAIN;
1417			else if (signal_pending(current))
1418				ret = sock_intr_errno(timeo);
1419			else if (sk->sk_state != TCP_ESTABLISHED)
1420				ret = -ENOTCONN;
1421			else if (skb_peek(&sk->sk_receive_queue) == NULL)
1422				/* Wait process until data arrives */
1423				schedule();
1424
1425			finish_wait(sk->sk_sleep, &wait);
1426
1427			if (ret)
1428				return ret;
1429			if (sk->sk_shutdown & RCV_SHUTDOWN)
1430				break;
1431
1432			continue;
1433		}
1434
1435		chunk = min_t(unsigned int, skb->len, size);
1436		if (memcpy_toiovec(msg->msg_iov, skb->data, chunk)) {
1437			skb_queue_head(&sk->sk_receive_queue, skb);
1438			if (copied == 0)
1439				copied = -EFAULT;
1440			break;
1441		}
1442		copied += chunk;
1443		size -= chunk;
1444
1445		/* Mark read part of skb as used */
1446		if (!(flags & MSG_PEEK)) {
1447			skb_pull(skb, chunk);
1448
1449			/* put the skb back if we didn't use it up.. */
1450			if (skb->len) {
1451				IRDA_DEBUG(1, "%s(), back on q!\n",
1452					   __FUNCTION__);
1453				skb_queue_head(&sk->sk_receive_queue, skb);
1454				break;
1455			}
1456
1457			kfree_skb(skb);
1458		} else {
1459			IRDA_DEBUG(0, "%s() questionable!?\n", __FUNCTION__);
1460
1461			/* put message back and return */
1462			skb_queue_head(&sk->sk_receive_queue, skb);
1463			break;
1464		}
1465	} while (size);
1466
1467	/*
1468	 *  Check if we have previously stopped IrTTP and we know
1469	 *  have more free space in our rx_queue. If so tell IrTTP
1470	 *  to start delivering frames again before our rx_queue gets
1471	 *  empty
1472	 */
1473	if (self->rx_flow == FLOW_STOP) {
1474		if ((atomic_read(&sk->sk_rmem_alloc) << 2) <= sk->sk_rcvbuf) {
1475			IRDA_DEBUG(2, "%s(), Starting IrTTP\n", __FUNCTION__);
1476			self->rx_flow = FLOW_START;
1477			irttp_flow_request(self->tsap, FLOW_START);
1478		}
1479	}
1480
1481	return copied;
1482}
1483
1484/*
1485 * Function irda_sendmsg_dgram (iocb, sock, msg, len)
1486 *
1487 *    Send message down to TinyTP for the unreliable sequenced
1488 *    packet service...
1489 *
1490 */
1491static int irda_sendmsg_dgram(struct kiocb *iocb, struct socket *sock,
1492			      struct msghdr *msg, size_t len)
1493{
1494	struct sock *sk = sock->sk;
1495	struct irda_sock *self;
1496	struct sk_buff *skb;
1497	int err;
1498
1499	IRDA_DEBUG(4, "%s(), len=%zd\n", __FUNCTION__, len);
1500
1501	if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_CMSG_COMPAT))
1502		return -EINVAL;
1503
1504	if (sk->sk_shutdown & SEND_SHUTDOWN) {
1505		send_sig(SIGPIPE, current, 0);
1506		return -EPIPE;
1507	}
1508
1509	if (sk->sk_state != TCP_ESTABLISHED)
1510		return -ENOTCONN;
1511
1512	self = irda_sk(sk);
1513
1514	/*
1515	 * Check that we don't send out too big frames. This is an unreliable
1516	 * service, so we have no fragmentation and no coalescence
1517	 */
1518	if (len > self->max_data_size) {
1519		IRDA_DEBUG(0, "%s(), Warning to much data! "
1520			   "Chopping frame from %zd to %d bytes!\n",
1521			   __FUNCTION__, len, self->max_data_size);
1522		len = self->max_data_size;
1523	}
1524
1525	skb = sock_alloc_send_skb(sk, len + self->max_header_size,
1526				  msg->msg_flags & MSG_DONTWAIT, &err);
1527	if (!skb)
1528		return -ENOBUFS;
1529
1530	skb_reserve(skb, self->max_header_size);
1531	skb_reset_transport_header(skb);
1532
1533	IRDA_DEBUG(4, "%s(), appending user data\n", __FUNCTION__);
1534	skb_put(skb, len);
1535	err = memcpy_fromiovec(skb_transport_header(skb), msg->msg_iov, len);
1536	if (err) {
1537		kfree_skb(skb);
1538		return err;
1539	}
1540
1541	/*
1542	 * Just send the message to TinyTP, and let it deal with possible
1543	 * errors. No need to duplicate all that here
1544	 */
1545	err = irttp_udata_request(self->tsap, skb);
1546	if (err) {
1547		IRDA_DEBUG(0, "%s(), err=%d\n", __FUNCTION__, err);
1548		return err;
1549	}
1550	return len;
1551}
1552
1553/*
1554 * Function irda_sendmsg_ultra (iocb, sock, msg, len)
1555 *
1556 *    Send message down to IrLMP for the unreliable Ultra
1557 *    packet service...
1558 */
1559#ifdef CONFIG_IRDA_ULTRA
1560static int irda_sendmsg_ultra(struct kiocb *iocb, struct socket *sock,
1561			      struct msghdr *msg, size_t len)
1562{
1563	struct sock *sk = sock->sk;
1564	struct irda_sock *self;
1565	__u8 pid = 0;
1566	int bound = 0;
1567	struct sk_buff *skb;
1568	int err;
1569
1570	IRDA_DEBUG(4, "%s(), len=%zd\n", __FUNCTION__, len);
1571
1572	if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_CMSG_COMPAT))
1573		return -EINVAL;
1574
1575	if (sk->sk_shutdown & SEND_SHUTDOWN) {
1576		send_sig(SIGPIPE, current, 0);
1577		return -EPIPE;
1578	}
1579
1580	self = irda_sk(sk);
1581
1582	/* Check if an address was specified with sendto. Jean II */
1583	if (msg->msg_name) {
1584		struct sockaddr_irda *addr = (struct sockaddr_irda *) msg->msg_name;
1585		/* Check address, extract pid. Jean II */
1586		if (msg->msg_namelen < sizeof(*addr))
1587			return -EINVAL;
1588		if (addr->sir_family != AF_IRDA)
1589			return -EINVAL;
1590
1591		pid = addr->sir_lsap_sel;
1592		if (pid & 0x80) {
1593			IRDA_DEBUG(0, "%s(), extension in PID not supp!\n", __FUNCTION__);
1594			return -EOPNOTSUPP;
1595		}
1596	} else {
1597		/* Check that the socket is properly bound to an Ultra
1598		 * port. Jean II */
1599		if ((self->lsap == NULL) ||
1600		    (sk->sk_state != TCP_ESTABLISHED)) {
1601			IRDA_DEBUG(0, "%s(), socket not bound to Ultra PID.\n",
1602				   __FUNCTION__);
1603			return -ENOTCONN;
1604		}
1605		/* Use PID from socket */
1606		bound = 1;
1607	}
1608
1609	/*
1610	 * Check that we don't send out too big frames. This is an unreliable
1611	 * service, so we have no fragmentation and no coalescence
1612	 */
1613	if (len > self->max_data_size) {
1614		IRDA_DEBUG(0, "%s(), Warning to much data! "
1615			   "Chopping frame from %zd to %d bytes!\n",
1616			   __FUNCTION__, len, self->max_data_size);
1617		len = self->max_data_size;
1618	}
1619
1620	skb = sock_alloc_send_skb(sk, len + self->max_header_size,
1621				  msg->msg_flags & MSG_DONTWAIT, &err);
1622	if (!skb)
1623		return -ENOBUFS;
1624
1625	skb_reserve(skb, self->max_header_size);
1626	skb_reset_transport_header(skb);
1627
1628	IRDA_DEBUG(4, "%s(), appending user data\n", __FUNCTION__);
1629	skb_put(skb, len);
1630	err = memcpy_fromiovec(skb_transport_header(skb), msg->msg_iov, len);
1631	if (err) {
1632		kfree_skb(skb);
1633		return err;
1634	}
1635
1636	err = irlmp_connless_data_request((bound ? self->lsap : NULL),
1637					  skb, pid);
1638	if (err) {
1639		IRDA_DEBUG(0, "%s(), err=%d\n", __FUNCTION__, err);
1640		return err;
1641	}
1642	return len;
1643}
1644#endif /* CONFIG_IRDA_ULTRA */
1645
1646/*
1647 * Function irda_shutdown (sk, how)
1648 */
1649static int irda_shutdown(struct socket *sock, int how)
1650{
1651	struct sock *sk = sock->sk;
1652	struct irda_sock *self = irda_sk(sk);
1653
1654	IRDA_DEBUG(1, "%s(%p)\n", __FUNCTION__, self);
1655
1656	sk->sk_state       = TCP_CLOSE;
1657	sk->sk_shutdown   |= SEND_SHUTDOWN;
1658	sk->sk_state_change(sk);
1659
1660	if (self->iriap) {
1661		iriap_close(self->iriap);
1662		self->iriap = NULL;
1663	}
1664
1665	if (self->tsap) {
1666		irttp_disconnect_request(self->tsap, NULL, P_NORMAL);
1667		irttp_close_tsap(self->tsap);
1668		self->tsap = NULL;
1669	}
1670
1671	/* A few cleanup so the socket look as good as new... */
1672	self->rx_flow = self->tx_flow = FLOW_START;	/* needed ??? */
1673	self->daddr = DEV_ADDR_ANY;	/* Until we get re-connected */
1674	self->saddr = 0x0;		/* so IrLMP assign us any link */
1675
1676	return 0;
1677}
1678
1679/*
1680 * Function irda_poll (file, sock, wait)
1681 */
1682static unsigned int irda_poll(struct file * file, struct socket *sock,
1683			      poll_table *wait)
1684{
1685	struct sock *sk = sock->sk;
1686	struct irda_sock *self = irda_sk(sk);
1687	unsigned int mask;
1688
1689	IRDA_DEBUG(4, "%s()\n", __FUNCTION__);
1690
1691	poll_wait(file, sk->sk_sleep, wait);
1692	mask = 0;
1693
1694	/* Exceptional events? */
1695	if (sk->sk_err)
1696		mask |= POLLERR;
1697	if (sk->sk_shutdown & RCV_SHUTDOWN) {
1698		IRDA_DEBUG(0, "%s(), POLLHUP\n", __FUNCTION__);
1699		mask |= POLLHUP;
1700	}
1701
1702	/* Readable? */
1703	if (!skb_queue_empty(&sk->sk_receive_queue)) {
1704		IRDA_DEBUG(4, "Socket is readable\n");
1705		mask |= POLLIN | POLLRDNORM;
1706	}
1707
1708	/* Connection-based need to check for termination and startup */
1709	switch (sk->sk_type) {
1710	case SOCK_STREAM:
1711		if (sk->sk_state == TCP_CLOSE) {
1712			IRDA_DEBUG(0, "%s(), POLLHUP\n", __FUNCTION__);
1713			mask |= POLLHUP;
1714		}
1715
1716		if (sk->sk_state == TCP_ESTABLISHED) {
1717			if ((self->tx_flow == FLOW_START) &&
1718			    sock_writeable(sk))
1719			{
1720				mask |= POLLOUT | POLLWRNORM | POLLWRBAND;
1721			}
1722		}
1723		break;
1724	case SOCK_SEQPACKET:
1725		if ((self->tx_flow == FLOW_START) &&
1726		    sock_writeable(sk))
1727		{
1728			mask |= POLLOUT | POLLWRNORM | POLLWRBAND;
1729		}
1730		break;
1731	case SOCK_DGRAM:
1732		if (sock_writeable(sk))
1733			mask |= POLLOUT | POLLWRNORM | POLLWRBAND;
1734		break;
1735	default:
1736		break;
1737	}
1738	return mask;
1739}
1740
1741/*
1742 * Function irda_ioctl (sock, cmd, arg)
1743 */
1744static int irda_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
1745{
1746	struct sock *sk = sock->sk;
1747
1748	IRDA_DEBUG(4, "%s(), cmd=%#x\n", __FUNCTION__, cmd);
1749
1750	switch (cmd) {
1751	case TIOCOUTQ: {
1752		long amount;
1753		amount = sk->sk_sndbuf - atomic_read(&sk->sk_wmem_alloc);
1754		if (amount < 0)
1755			amount = 0;
1756		if (put_user(amount, (unsigned int __user *)arg))
1757			return -EFAULT;
1758		return 0;
1759	}
1760
1761	case TIOCINQ: {
1762		struct sk_buff *skb;
1763		long amount = 0L;
1764		/* These two are safe on a single CPU system as only user tasks fiddle here */
1765		if ((skb = skb_peek(&sk->sk_receive_queue)) != NULL)
1766			amount = skb->len;
1767		if (put_user(amount, (unsigned int __user *)arg))
1768			return -EFAULT;
1769		return 0;
1770	}
1771
1772	case SIOCGSTAMP:
1773		if (sk != NULL)
1774			return sock_get_timestamp(sk, (struct timeval __user *)arg);
1775		return -EINVAL;
1776
1777	case SIOCGIFADDR:
1778	case SIOCSIFADDR:
1779	case SIOCGIFDSTADDR:
1780	case SIOCSIFDSTADDR:
1781	case SIOCGIFBRDADDR:
1782	case SIOCSIFBRDADDR:
1783	case SIOCGIFNETMASK:
1784	case SIOCSIFNETMASK:
1785	case SIOCGIFMETRIC:
1786	case SIOCSIFMETRIC:
1787		return -EINVAL;
1788	default:
1789		IRDA_DEBUG(1, "%s(), doing device ioctl!\n", __FUNCTION__);
1790		return -ENOIOCTLCMD;
1791	}
1792
1793	/*NOTREACHED*/
1794	return 0;
1795}
1796
1797#ifdef CONFIG_COMPAT
1798/*
1799 * Function irda_ioctl (sock, cmd, arg)
1800 */
1801static int irda_compat_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
1802{
1803	/*
1804	 * All IRDA's ioctl are standard ones.
1805	 */
1806	return -ENOIOCTLCMD;
1807}
1808#endif
1809
1810/*
1811 * Function irda_setsockopt (sock, level, optname, optval, optlen)
1812 *
1813 *    Set some options for the socket
1814 *
1815 */
1816static int irda_setsockopt(struct socket *sock, int level, int optname,
1817			   char __user *optval, int optlen)
1818{
1819	struct sock *sk = sock->sk;
1820	struct irda_sock *self = irda_sk(sk);
1821	struct irda_ias_set    *ias_opt;
1822	struct ias_object      *ias_obj;
1823	struct ias_attrib *	ias_attr;	/* Attribute in IAS object */
1824	int opt;
1825
1826	IRDA_DEBUG(2, "%s(%p)\n", __FUNCTION__, self);
1827
1828	if (level != SOL_IRLMP)
1829		return -ENOPROTOOPT;
1830
1831	switch (optname) {
1832	case IRLMP_IAS_SET:
1833		/* The user want to add an attribute to an existing IAS object
1834		 * (in the IAS database) or to create a new object with this
1835		 * attribute.
1836		 * We first query IAS to know if the object exist, and then
1837		 * create the right attribute...
1838		 */
1839
1840		if (optlen != sizeof(struct irda_ias_set))
1841			return -EINVAL;
1842
1843		ias_opt = kmalloc(sizeof(struct irda_ias_set), GFP_ATOMIC);
1844		if (ias_opt == NULL)
1845			return -ENOMEM;
1846
1847		/* Copy query to the driver. */
1848		if (copy_from_user(ias_opt, optval, optlen)) {
1849			kfree(ias_opt);
1850			return -EFAULT;
1851		}
1852
1853		/* Find the object we target.
1854		 * If the user gives us an empty string, we use the object
1855		 * associated with this socket. This will workaround
1856		 * duplicated class name - Jean II */
1857		if(ias_opt->irda_class_name[0] == '\0') {
1858			if(self->ias_obj == NULL) {
1859				kfree(ias_opt);
1860				return -EINVAL;
1861			}
1862			ias_obj = self->ias_obj;
1863		} else
1864			ias_obj = irias_find_object(ias_opt->irda_class_name);
1865
1866		/* Only ROOT can mess with the global IAS database.
1867		 * Users can only add attributes to the object associated
1868		 * with the socket they own - Jean II */
1869		if((!capable(CAP_NET_ADMIN)) &&
1870		   ((ias_obj == NULL) || (ias_obj != self->ias_obj))) {
1871			kfree(ias_opt);
1872			return -EPERM;
1873		}
1874
1875		/* If the object doesn't exist, create it */
1876		if(ias_obj == (struct ias_object *) NULL) {
1877			/* Create a new object */
1878			ias_obj = irias_new_object(ias_opt->irda_class_name,
1879						   jiffies);
1880		}
1881
1882		/* Do we have the attribute already ? */
1883		if(irias_find_attrib(ias_obj, ias_opt->irda_attrib_name)) {
1884			kfree(ias_opt);
1885			return -EINVAL;
1886		}
1887
1888		/* Look at the type */
1889		switch(ias_opt->irda_attrib_type) {
1890		case IAS_INTEGER:
1891			/* Add an integer attribute */
1892			irias_add_integer_attrib(
1893				ias_obj,
1894				ias_opt->irda_attrib_name,
1895				ias_opt->attribute.irda_attrib_int,
1896				IAS_USER_ATTR);
1897			break;
1898		case IAS_OCT_SEQ:
1899			/* Check length */
1900			if(ias_opt->attribute.irda_attrib_octet_seq.len >
1901			   IAS_MAX_OCTET_STRING) {
1902				kfree(ias_opt);
1903				return -EINVAL;
1904			}
1905			/* Add an octet sequence attribute */
1906			irias_add_octseq_attrib(
1907			      ias_obj,
1908			      ias_opt->irda_attrib_name,
1909			      ias_opt->attribute.irda_attrib_octet_seq.octet_seq,
1910			      ias_opt->attribute.irda_attrib_octet_seq.len,
1911			      IAS_USER_ATTR);
1912			break;
1913		case IAS_STRING:
1914			/* Should check charset & co */
1915			/* Check length */
1916			/* The length is encoded in a __u8, and
1917			 * IAS_MAX_STRING == 256, so there is no way
1918			 * userspace can pass us a string too large.
1919			 * Jean II */
1920			/* NULL terminate the string (avoid troubles) */
1921			ias_opt->attribute.irda_attrib_string.string[ias_opt->attribute.irda_attrib_string.len] = '\0';
1922			/* Add a string attribute */
1923			irias_add_string_attrib(
1924				ias_obj,
1925				ias_opt->irda_attrib_name,
1926				ias_opt->attribute.irda_attrib_string.string,
1927				IAS_USER_ATTR);
1928			break;
1929		default :
1930			kfree(ias_opt);
1931			return -EINVAL;
1932		}
1933		irias_insert_object(ias_obj);
1934		kfree(ias_opt);
1935		break;
1936	case IRLMP_IAS_DEL:
1937		/* The user want to delete an object from our local IAS
1938		 * database. We just need to query the IAS, check is the
1939		 * object is not owned by the kernel and delete it.
1940		 */
1941
1942		if (optlen != sizeof(struct irda_ias_set))
1943			return -EINVAL;
1944
1945		ias_opt = kmalloc(sizeof(struct irda_ias_set), GFP_ATOMIC);
1946		if (ias_opt == NULL)
1947			return -ENOMEM;
1948
1949		/* Copy query to the driver. */
1950		if (copy_from_user(ias_opt, optval, optlen)) {
1951			kfree(ias_opt);
1952			return -EFAULT;
1953		}
1954
1955		/* Find the object we target.
1956		 * If the user gives us an empty string, we use the object
1957		 * associated with this socket. This will workaround
1958		 * duplicated class name - Jean II */
1959		if(ias_opt->irda_class_name[0] == '\0')
1960			ias_obj = self->ias_obj;
1961		else
1962			ias_obj = irias_find_object(ias_opt->irda_class_name);
1963		if(ias_obj == (struct ias_object *) NULL) {
1964			kfree(ias_opt);
1965			return -EINVAL;
1966		}
1967
1968		/* Only ROOT can mess with the global IAS database.
1969		 * Users can only del attributes from the object associated
1970		 * with the socket they own - Jean II */
1971		if((!capable(CAP_NET_ADMIN)) &&
1972		   ((ias_obj == NULL) || (ias_obj != self->ias_obj))) {
1973			kfree(ias_opt);
1974			return -EPERM;
1975		}
1976
1977		/* Find the attribute (in the object) we target */
1978		ias_attr = irias_find_attrib(ias_obj,
1979					     ias_opt->irda_attrib_name);
1980		if(ias_attr == (struct ias_attrib *) NULL) {
1981			kfree(ias_opt);
1982			return -EINVAL;
1983		}
1984
1985		/* Check is the user space own the object */
1986		if(ias_attr->value->owner != IAS_USER_ATTR) {
1987			IRDA_DEBUG(1, "%s(), attempting to delete a kernel attribute\n", __FUNCTION__);
1988			kfree(ias_opt);
1989			return -EPERM;
1990		}
1991
1992		/* Remove the attribute (and maybe the object) */
1993		irias_delete_attrib(ias_obj, ias_attr, 1);
1994		kfree(ias_opt);
1995		break;
1996	case IRLMP_MAX_SDU_SIZE:
1997		if (optlen < sizeof(int))
1998			return -EINVAL;
1999
2000		if (get_user(opt, (int __user *)optval))
2001			return -EFAULT;
2002
2003		/* Only possible for a seqpacket service (TTP with SAR) */
2004		if (sk->sk_type != SOCK_SEQPACKET) {
2005			IRDA_DEBUG(2, "%s(), setting max_sdu_size = %d\n",
2006				   __FUNCTION__, opt);
2007			self->max_sdu_size_rx = opt;
2008		} else {
2009			IRDA_WARNING("%s: not allowed to set MAXSDUSIZE for this socket type!\n",
2010				     __FUNCTION__);
2011			return -ENOPROTOOPT;
2012		}
2013		break;
2014	case IRLMP_HINTS_SET:
2015		if (optlen < sizeof(int))
2016			return -EINVAL;
2017
2018		/* The input is really a (__u8 hints[2]), easier as an int */
2019		if (get_user(opt, (int __user *)optval))
2020			return -EFAULT;
2021
2022		/* Unregister any old registration */
2023		if (self->skey)
2024			irlmp_unregister_service(self->skey);
2025
2026		self->skey = irlmp_register_service((__u16) opt);
2027		break;
2028	case IRLMP_HINT_MASK_SET:
2029		/* As opposed to the previous case which set the hint bits
2030		 * that we advertise, this one set the filter we use when
2031		 * making a discovery (nodes which don't match any hint
2032		 * bit in the mask are not reported).
2033		 */
2034		if (optlen < sizeof(int))
2035			return -EINVAL;
2036
2037		/* The input is really a (__u8 hints[2]), easier as an int */
2038		if (get_user(opt, (int __user *)optval))
2039			return -EFAULT;
2040
2041		/* Set the new hint mask */
2042		self->mask.word = (__u16) opt;
2043		/* Mask out extension bits */
2044		self->mask.word &= 0x7f7f;
2045		/* Check if no bits */
2046		if(!self->mask.word)
2047			self->mask.word = 0xFFFF;
2048
2049		break;
2050	default:
2051		return -ENOPROTOOPT;
2052	}
2053	return 0;
2054}
2055
2056/*
2057 * Function irda_extract_ias_value(ias_opt, ias_value)
2058 *
2059 *    Translate internal IAS value structure to the user space representation
2060 *
2061 * The external representation of IAS values, as we exchange them with
2062 * user space program is quite different from the internal representation,
2063 * as stored in the IAS database (because we need a flat structure for
2064 * crossing kernel boundary).
2065 * This function transform the former in the latter. We also check
2066 * that the value type is valid.
2067 */
2068static int irda_extract_ias_value(struct irda_ias_set *ias_opt,
2069				  struct ias_value *ias_value)
2070{
2071	/* Look at the type */
2072	switch (ias_value->type) {
2073	case IAS_INTEGER:
2074		/* Copy the integer */
2075		ias_opt->attribute.irda_attrib_int = ias_value->t.integer;
2076		break;
2077	case IAS_OCT_SEQ:
2078		/* Set length */
2079		ias_opt->attribute.irda_attrib_octet_seq.len = ias_value->len;
2080		/* Copy over */
2081		memcpy(ias_opt->attribute.irda_attrib_octet_seq.octet_seq,
2082		       ias_value->t.oct_seq, ias_value->len);
2083		break;
2084	case IAS_STRING:
2085		/* Set length */
2086		ias_opt->attribute.irda_attrib_string.len = ias_value->len;
2087		ias_opt->attribute.irda_attrib_string.charset = ias_value->charset;
2088		/* Copy over */
2089		memcpy(ias_opt->attribute.irda_attrib_string.string,
2090		       ias_value->t.string, ias_value->len);
2091		/* NULL terminate the string (avoid troubles) */
2092		ias_opt->attribute.irda_attrib_string.string[ias_value->len] = '\0';
2093		break;
2094	case IAS_MISSING:
2095	default :
2096		return -EINVAL;
2097	}
2098
2099	/* Copy type over */
2100	ias_opt->irda_attrib_type = ias_value->type;
2101
2102	return 0;
2103}
2104
2105/*
2106 * Function irda_getsockopt (sock, level, optname, optval, optlen)
2107 */
2108static int irda_getsockopt(struct socket *sock, int level, int optname,
2109			   char __user *optval, int __user *optlen)
2110{
2111	struct sock *sk = sock->sk;
2112	struct irda_sock *self = irda_sk(sk);
2113	struct irda_device_list list;
2114	struct irda_device_info *discoveries;
2115	struct irda_ias_set *	ias_opt;	/* IAS get/query params */
2116	struct ias_object *	ias_obj;	/* Object in IAS */
2117	struct ias_attrib *	ias_attr;	/* Attribute in IAS object */
2118	int daddr = DEV_ADDR_ANY;	/* Dest address for IAS queries */
2119	int val = 0;
2120	int len = 0;
2121	int err;
2122	int offset, total;
2123
2124	IRDA_DEBUG(2, "%s(%p)\n", __FUNCTION__, self);
2125
2126	if (level != SOL_IRLMP)
2127		return -ENOPROTOOPT;
2128
2129	if (get_user(len, optlen))
2130		return -EFAULT;
2131
2132	if(len < 0)
2133		return -EINVAL;
2134
2135	switch (optname) {
2136	case IRLMP_ENUMDEVICES:
2137		/* Ask lmp for the current discovery log */
2138		discoveries = irlmp_get_discoveries(&list.len, self->mask.word,
2139						    self->nslots);
2140		/* Check if the we got some results */
2141		if (discoveries == NULL)
2142			return -EAGAIN;		/* Didn't find any devices */
2143		err = 0;
2144
2145		/* Write total list length back to client */
2146		if (copy_to_user(optval, &list,
2147				 sizeof(struct irda_device_list) -
2148				 sizeof(struct irda_device_info)))
2149			err = -EFAULT;
2150
2151		/* Offset to first device entry */
2152		offset = sizeof(struct irda_device_list) -
2153			sizeof(struct irda_device_info);
2154
2155		/* Copy the list itself - watch for overflow */
2156		if(list.len > 2048)
2157		{
2158			err = -EINVAL;
2159			goto bed;
2160		}
2161		total = offset + (list.len * sizeof(struct irda_device_info));
2162		if (total > len)
2163			total = len;
2164		if (copy_to_user(optval+offset, discoveries, total - offset))
2165			err = -EFAULT;
2166
2167		/* Write total number of bytes used back to client */
2168		if (put_user(total, optlen))
2169			err = -EFAULT;
2170bed:
2171		/* Free up our buffer */
2172		kfree(discoveries);
2173		if (err)
2174			return err;
2175		break;
2176	case IRLMP_MAX_SDU_SIZE:
2177		val = self->max_data_size;
2178		len = sizeof(int);
2179		if (put_user(len, optlen))
2180			return -EFAULT;
2181
2182		if (copy_to_user(optval, &val, len))
2183			return -EFAULT;
2184		break;
2185	case IRLMP_IAS_GET:
2186		/* The user want an object from our local IAS database.
2187		 * We just need to query the IAS and return the value
2188		 * that we found */
2189
2190		/* Check that the user has allocated the right space for us */
2191		if (len != sizeof(struct irda_ias_set))
2192			return -EINVAL;
2193
2194		ias_opt = kmalloc(sizeof(struct irda_ias_set), GFP_ATOMIC);
2195		if (ias_opt == NULL)
2196			return -ENOMEM;
2197
2198		/* Copy query to the driver. */
2199		if (copy_from_user(ias_opt, optval, len)) {
2200			kfree(ias_opt);
2201			return -EFAULT;
2202		}
2203
2204		/* Find the object we target.
2205		 * If the user gives us an empty string, we use the object
2206		 * associated with this socket. This will workaround
2207		 * duplicated class name - Jean II */
2208		if(ias_opt->irda_class_name[0] == '\0')
2209			ias_obj = self->ias_obj;
2210		else
2211			ias_obj = irias_find_object(ias_opt->irda_class_name);
2212		if(ias_obj == (struct ias_object *) NULL) {
2213			kfree(ias_opt);
2214			return -EINVAL;
2215		}
2216
2217		/* Find the attribute (in the object) we target */
2218		ias_attr = irias_find_attrib(ias_obj,
2219					     ias_opt->irda_attrib_name);
2220		if(ias_attr == (struct ias_attrib *) NULL) {
2221			kfree(ias_opt);
2222			return -EINVAL;
2223		}
2224
2225		/* Translate from internal to user structure */
2226		err = irda_extract_ias_value(ias_opt, ias_attr->value);
2227		if(err) {
2228			kfree(ias_opt);
2229			return err;
2230		}
2231
2232		/* Copy reply to the user */
2233		if (copy_to_user(optval, ias_opt,
2234				 sizeof(struct irda_ias_set))) {
2235			kfree(ias_opt);
2236			return -EFAULT;
2237		}
2238		/* Note : don't need to put optlen, we checked it */
2239		kfree(ias_opt);
2240		break;
2241	case IRLMP_IAS_QUERY:
2242		/* The user want an object from a remote IAS database.
2243		 * We need to use IAP to query the remote database and
2244		 * then wait for the answer to come back. */
2245
2246		/* Check that the user has allocated the right space for us */
2247		if (len != sizeof(struct irda_ias_set))
2248			return -EINVAL;
2249
2250		ias_opt = kmalloc(sizeof(struct irda_ias_set), GFP_ATOMIC);
2251		if (ias_opt == NULL)
2252			return -ENOMEM;
2253
2254		/* Copy query to the driver. */
2255		if (copy_from_user(ias_opt, optval, len)) {
2256			kfree(ias_opt);
2257			return -EFAULT;
2258		}
2259
2260		/* At this point, there are two cases...
2261		 * 1) the socket is connected - that's the easy case, we
2262		 *	just query the device we are connected to...
2263		 * 2) the socket is not connected - the user doesn't want
2264		 *	to connect and/or may not have a valid service name
2265		 *	(so can't create a fake connection). In this case,
2266		 *	we assume that the user pass us a valid destination
2267		 *	address in the requesting structure...
2268		 */
2269		if(self->daddr != DEV_ADDR_ANY) {
2270			/* We are connected - reuse known daddr */
2271			daddr = self->daddr;
2272		} else {
2273			/* We are not connected, we must specify a valid
2274			 * destination address */
2275			daddr = ias_opt->daddr;
2276			if((!daddr) || (daddr == DEV_ADDR_ANY)) {
2277				kfree(ias_opt);
2278				return -EINVAL;
2279			}
2280		}
2281
2282		/* Check that we can proceed with IAP */
2283		if (self->iriap) {
2284			IRDA_WARNING("%s: busy with a previous query\n",
2285				     __FUNCTION__);
2286			kfree(ias_opt);
2287			return -EBUSY;
2288		}
2289
2290		self->iriap = iriap_open(LSAP_ANY, IAS_CLIENT, self,
2291					 irda_getvalue_confirm);
2292
2293		if (self->iriap == NULL) {
2294			kfree(ias_opt);
2295			return -ENOMEM;
2296		}
2297
2298		/* Treat unexpected wakeup as disconnect */
2299		self->errno = -EHOSTUNREACH;
2300
2301		/* Query remote LM-IAS */
2302		iriap_getvaluebyclass_request(self->iriap,
2303					      self->saddr, daddr,
2304					      ias_opt->irda_class_name,
2305					      ias_opt->irda_attrib_name);
2306
2307		/* Wait for answer, if not yet finished (or failed) */
2308		if (wait_event_interruptible(self->query_wait,
2309					     (self->iriap == NULL))) {
2310			/* pending request uses copy of ias_opt-content
2311			 * we can free it regardless! */
2312			kfree(ias_opt);
2313			/* Treat signals as disconnect */
2314			return -EHOSTUNREACH;
2315		}
2316
2317		/* Check what happened */
2318		if (self->errno)
2319		{
2320			kfree(ias_opt);
2321			/* Requested object/attribute doesn't exist */
2322			if((self->errno == IAS_CLASS_UNKNOWN) ||
2323			   (self->errno == IAS_ATTRIB_UNKNOWN))
2324				return (-EADDRNOTAVAIL);
2325			else
2326				return (-EHOSTUNREACH);
2327		}
2328
2329		/* Translate from internal to user structure */
2330		err = irda_extract_ias_value(ias_opt, self->ias_result);
2331		if (self->ias_result)
2332			irias_delete_value(self->ias_result);
2333		if (err) {
2334			kfree(ias_opt);
2335			return err;
2336		}
2337
2338		/* Copy reply to the user */
2339		if (copy_to_user(optval, ias_opt,
2340				 sizeof(struct irda_ias_set))) {
2341			kfree(ias_opt);
2342			return -EFAULT;
2343		}
2344		/* Note : don't need to put optlen, we checked it */
2345		kfree(ias_opt);
2346		break;
2347	case IRLMP_WAITDEVICE:
2348		/* This function is just another way of seeing life ;-)
2349		 * IRLMP_ENUMDEVICES assumes that you have a static network,
2350		 * and that you just want to pick one of the devices present.
2351		 * On the other hand, in here we assume that no device is
2352		 * present and that at some point in the future a device will
2353		 * come into range. When this device arrive, we just wake
2354		 * up the caller, so that he has time to connect to it before
2355		 * the device goes away...
2356		 * Note : once the node has been discovered for more than a
2357		 * few second, it won't trigger this function, unless it
2358		 * goes away and come back changes its hint bits (so we
2359		 * might call it IRLMP_WAITNEWDEVICE).
2360		 */
2361
2362		/* Check that the user is passing us an int */
2363		if (len != sizeof(int))
2364			return -EINVAL;
2365		/* Get timeout in ms (max time we block the caller) */
2366		if (get_user(val, (int __user *)optval))
2367			return -EFAULT;
2368
2369		/* Tell IrLMP we want to be notified */
2370		irlmp_update_client(self->ckey, self->mask.word,
2371				    irda_selective_discovery_indication,
2372				    NULL, (void *) self);
2373
2374		/* Do some discovery (and also return cached results) */
2375		irlmp_discovery_request(self->nslots);
2376
2377		/* Wait until a node is discovered */
2378		if (!self->cachedaddr) {
2379			int ret = 0;
2380
2381			IRDA_DEBUG(1, "%s(), nothing discovered yet, going to sleep...\n", __FUNCTION__);
2382
2383			/* Set watchdog timer to expire in <val> ms. */
2384			self->errno = 0;
2385			init_timer(&self->watchdog);
2386			self->watchdog.function = irda_discovery_timeout;
2387			self->watchdog.data = (unsigned long) self;
2388			self->watchdog.expires = jiffies + (val * HZ/1000);
2389			add_timer(&(self->watchdog));
2390
2391			/* Wait for IR-LMP to call us back */
2392			__wait_event_interruptible(self->query_wait,
2393			      (self->cachedaddr != 0 || self->errno == -ETIME),
2394						   ret);
2395
2396			/* If watchdog is still activated, kill it! */
2397			if(timer_pending(&(self->watchdog)))
2398				del_timer(&(self->watchdog));
2399
2400			IRDA_DEBUG(1, "%s(), ...waking up !\n", __FUNCTION__);
2401
2402			if (ret != 0)
2403				return ret;
2404		}
2405		else
2406			IRDA_DEBUG(1, "%s(), found immediately !\n",
2407				   __FUNCTION__);
2408
2409		/* Tell IrLMP that we have been notified */
2410		irlmp_update_client(self->ckey, self->mask.word,
2411				    NULL, NULL, NULL);
2412
2413		/* Check if the we got some results */
2414		if (!self->cachedaddr)
2415			return -EAGAIN;		/* Didn't find any devices */
2416		daddr = self->cachedaddr;
2417		/* Cleanup */
2418		self->cachedaddr = 0;
2419
2420		/* We return the daddr of the device that trigger the
2421		 * wakeup. As irlmp pass us only the new devices, we
2422		 * are sure that it's not an old device.
2423		 * If the user want more details, he should query
2424		 * the whole discovery log and pick one device...
2425		 */
2426		if (put_user(daddr, (int __user *)optval))
2427			return -EFAULT;
2428
2429		break;
2430	default:
2431		return -ENOPROTOOPT;
2432	}
2433
2434	return 0;
2435}
2436
2437static struct net_proto_family irda_family_ops = {
2438	.family = PF_IRDA,
2439	.create = irda_create,
2440	.owner	= THIS_MODULE,
2441};
2442
2443static const struct proto_ops SOCKOPS_WRAPPED(irda_stream_ops) = {
2444	.family =	PF_IRDA,
2445	.owner =	THIS_MODULE,
2446	.release =	irda_release,
2447	.bind =		irda_bind,
2448	.connect =	irda_connect,
2449	.socketpair =	sock_no_socketpair,
2450	.accept =	irda_accept,
2451	.getname =	irda_getname,
2452	.poll =		irda_poll,
2453	.ioctl =	irda_ioctl,
2454#ifdef CONFIG_COMPAT
2455	.compat_ioctl =	irda_compat_ioctl,
2456#endif
2457	.listen =	irda_listen,
2458	.shutdown =	irda_shutdown,
2459	.setsockopt =	irda_setsockopt,
2460	.getsockopt =	irda_getsockopt,
2461	.sendmsg =	irda_sendmsg,
2462	.recvmsg =	irda_recvmsg_stream,
2463	.mmap =		sock_no_mmap,
2464	.sendpage =	sock_no_sendpage,
2465};
2466
2467static const struct proto_ops SOCKOPS_WRAPPED(irda_seqpacket_ops) = {
2468	.family =	PF_IRDA,
2469	.owner =	THIS_MODULE,
2470	.release =	irda_release,
2471	.bind =		irda_bind,
2472	.connect =	irda_connect,
2473	.socketpair =	sock_no_socketpair,
2474	.accept =	irda_accept,
2475	.getname =	irda_getname,
2476	.poll =		datagram_poll,
2477	.ioctl =	irda_ioctl,
2478#ifdef CONFIG_COMPAT
2479	.compat_ioctl =	irda_compat_ioctl,
2480#endif
2481	.listen =	irda_listen,
2482	.shutdown =	irda_shutdown,
2483	.setsockopt =	irda_setsockopt,
2484	.getsockopt =	irda_getsockopt,
2485	.sendmsg =	irda_sendmsg,
2486	.recvmsg =	irda_recvmsg_dgram,
2487	.mmap =		sock_no_mmap,
2488	.sendpage =	sock_no_sendpage,
2489};
2490
2491static const struct proto_ops SOCKOPS_WRAPPED(irda_dgram_ops) = {
2492	.family =	PF_IRDA,
2493	.owner =	THIS_MODULE,
2494	.release =	irda_release,
2495	.bind =		irda_bind,
2496	.connect =	irda_connect,
2497	.socketpair =	sock_no_socketpair,
2498	.accept =	irda_accept,
2499	.getname =	irda_getname,
2500	.poll =		datagram_poll,
2501	.ioctl =	irda_ioctl,
2502#ifdef CONFIG_COMPAT
2503	.compat_ioctl =	irda_compat_ioctl,
2504#endif
2505	.listen =	irda_listen,
2506	.shutdown =	irda_shutdown,
2507	.setsockopt =	irda_setsockopt,
2508	.getsockopt =	irda_getsockopt,
2509	.sendmsg =	irda_sendmsg_dgram,
2510	.recvmsg =	irda_recvmsg_dgram,
2511	.mmap =		sock_no_mmap,
2512	.sendpage =	sock_no_sendpage,
2513};
2514
2515#ifdef CONFIG_IRDA_ULTRA
2516static const struct proto_ops SOCKOPS_WRAPPED(irda_ultra_ops) = {
2517	.family =	PF_IRDA,
2518	.owner =	THIS_MODULE,
2519	.release =	irda_release,
2520	.bind =		irda_bind,
2521	.connect =	sock_no_connect,
2522	.socketpair =	sock_no_socketpair,
2523	.accept =	sock_no_accept,
2524	.getname =	irda_getname,
2525	.poll =		datagram_poll,
2526	.ioctl =	irda_ioctl,
2527#ifdef CONFIG_COMPAT
2528	.compat_ioctl =	irda_compat_ioctl,
2529#endif
2530	.listen =	sock_no_listen,
2531	.shutdown =	irda_shutdown,
2532	.setsockopt =	irda_setsockopt,
2533	.getsockopt =	irda_getsockopt,
2534	.sendmsg =	irda_sendmsg_ultra,
2535	.recvmsg =	irda_recvmsg_dgram,
2536	.mmap =		sock_no_mmap,
2537	.sendpage =	sock_no_sendpage,
2538};
2539#endif /* CONFIG_IRDA_ULTRA */
2540
2541SOCKOPS_WRAP(irda_stream, PF_IRDA);
2542SOCKOPS_WRAP(irda_seqpacket, PF_IRDA);
2543SOCKOPS_WRAP(irda_dgram, PF_IRDA);
2544#ifdef CONFIG_IRDA_ULTRA
2545SOCKOPS_WRAP(irda_ultra, PF_IRDA);
2546#endif /* CONFIG_IRDA_ULTRA */
2547
2548/*
2549 * Function irsock_init (pro)
2550 *
2551 *    Initialize IrDA protocol
2552 *
2553 */
2554int __init irsock_init(void)
2555{
2556	int rc = proto_register(&irda_proto, 0);
2557
2558	if (rc == 0)
2559		rc = sock_register(&irda_family_ops);
2560
2561	return rc;
2562}
2563
2564/*
2565 * Function irsock_cleanup (void)
2566 *
2567 *    Remove IrDA protocol
2568 *
2569 */
2570void irsock_cleanup(void)
2571{
2572	sock_unregister(PF_IRDA);
2573	proto_unregister(&irda_proto);
2574}
Configure Feed

Configure Feed
