net/irda/af_irda.c at v4.13-rc7

tjh.dev / kernel
fork
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork
kernel / net / irda / af_irda.c
at v4.13-rc7 2695 lines 68 kB view raw
wrap content
   1/*********************************************************************
   2 *
   3 * Filename:      af_irda.c
   4 * Version:       0.9
   5 * Description:   IrDA sockets implementation
   6 * Status:        Stable
   7 * Author:        Dag Brattli <dagb@cs.uit.no>
   8 * Created at:    Sun May 31 10:12:43 1998
   9 * Modified at:   Sat Dec 25 21:10:23 1999
  10 * Modified by:   Dag Brattli <dag@brattli.net>
  11 * Sources:       af_netroom.c, af_ax25.c, af_rose.c, af_x25.c etc.
  12 *
  13 *     Copyright (c) 1999 Dag Brattli <dagb@cs.uit.no>
  14 *     Copyright (c) 1999-2003 Jean Tourrilhes <jt@hpl.hp.com>
  15 *     All Rights Reserved.
  16 *
  17 *     This program is free software; you can redistribute it and/or
  18 *     modify it under the terms of the GNU General Public License as
  19 *     published by the Free Software Foundation; either version 2 of
  20 *     the License, or (at your option) any later version.
  21 *
  22 *     This program is distributed in the hope that it will be useful,
  23 *     but WITHOUT ANY WARRANTY; without even the implied warranty of
  24 *     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  25 *     GNU General Public License for more details.
  26 *
  27 *     You should have received a copy of the GNU General Public License
  28 *     along with this program; if not, see <http://www.gnu.org/licenses/>.
  29 *
  30 *     Linux-IrDA now supports four different types of IrDA sockets:
  31 *
  32 *     o SOCK_STREAM:    TinyTP connections with SAR disabled. The
  33 *                       max SDU size is 0 for conn. of this type
  34 *     o SOCK_SEQPACKET: TinyTP connections with SAR enabled. TTP may
  35 *                       fragment the messages, but will preserve
  36 *                       the message boundaries
  37 *     o SOCK_DGRAM:     IRDAPROTO_UNITDATA: TinyTP connections with Unitdata
  38 *                       (unreliable) transfers
  39 *                       IRDAPROTO_ULTRA: Connectionless and unreliable data
  40 *
  41 ********************************************************************/
  42
  43#include <linux/capability.h>
  44#include <linux/module.h>
  45#include <linux/types.h>
  46#include <linux/socket.h>
  47#include <linux/sockios.h>
  48#include <linux/slab.h>
  49#include <linux/sched/signal.h>
  50#include <linux/init.h>
  51#include <linux/net.h>
  52#include <linux/irda.h>
  53#include <linux/poll.h>
  54
  55#include <asm/ioctls.h>		/* TIOCOUTQ, TIOCINQ */
  56#include <linux/uaccess.h>
  57
  58#include <net/sock.h>
  59#include <net/tcp_states.h>
  60
  61#include <net/irda/af_irda.h>
  62
  63static int irda_create(struct net *net, struct socket *sock, int protocol, int kern);
  64
  65static const struct proto_ops irda_stream_ops;
  66static const struct proto_ops irda_seqpacket_ops;
  67static const struct proto_ops irda_dgram_ops;
  68
  69#ifdef CONFIG_IRDA_ULTRA
  70static const struct proto_ops irda_ultra_ops;
  71#define ULTRA_MAX_DATA 382
  72#endif /* CONFIG_IRDA_ULTRA */
  73
  74#define IRDA_MAX_HEADER (TTP_MAX_HEADER)
  75
  76/*
  77 * Function irda_data_indication (instance, sap, skb)
  78 *
  79 *    Received some data from TinyTP. Just queue it on the receive queue
  80 *
  81 */
  82static int irda_data_indication(void *instance, void *sap, struct sk_buff *skb)
  83{
  84	struct irda_sock *self;
  85	struct sock *sk;
  86	int err;
  87
  88	self = instance;
  89	sk = instance;
  90
  91	err = sock_queue_rcv_skb(sk, skb);
  92	if (err) {
  93		pr_debug("%s(), error: no more mem!\n", __func__);
  94		self->rx_flow = FLOW_STOP;
  95
  96		/* When we return error, TTP will need to requeue the skb */
  97		return err;
  98	}
  99
 100	return 0;
 101}
 102
 103/*
 104 * Function irda_disconnect_indication (instance, sap, reason, skb)
 105 *
 106 *    Connection has been closed. Check reason to find out why
 107 *
 108 */
 109static void irda_disconnect_indication(void *instance, void *sap,
 110				       LM_REASON reason, struct sk_buff *skb)
 111{
 112	struct irda_sock *self;
 113	struct sock *sk;
 114
 115	self = instance;
 116
 117	pr_debug("%s(%p)\n", __func__, self);
 118
 119	/* Don't care about it, but let's not leak it */
 120	if(skb)
 121		dev_kfree_skb(skb);
 122
 123	sk = instance;
 124	if (sk == NULL) {
 125		pr_debug("%s(%p) : BUG : sk is NULL\n",
 126			 __func__, self);
 127		return;
 128	}
 129
 130	/* Prevent race conditions with irda_release() and irda_shutdown() */
 131	bh_lock_sock(sk);
 132	if (!sock_flag(sk, SOCK_DEAD) && sk->sk_state != TCP_CLOSE) {
 133		sk->sk_state     = TCP_CLOSE;
 134		sk->sk_shutdown |= SEND_SHUTDOWN;
 135
 136		sk->sk_state_change(sk);
 137
 138		/* Close our TSAP.
 139		 * If we leave it open, IrLMP put it back into the list of
 140		 * unconnected LSAPs. The problem is that any incoming request
 141		 * can then be matched to this socket (and it will be, because
 142		 * it is at the head of the list). This would prevent any
 143		 * listening socket waiting on the same TSAP to get those
 144		 * requests. Some apps forget to close sockets, or hang to it
 145		 * a bit too long, so we may stay in this dead state long
 146		 * enough to be noticed...
 147		 * Note : all socket function do check sk->sk_state, so we are
 148		 * safe...
 149		 * Jean II
 150		 */
 151		if (self->tsap) {
 152			irttp_close_tsap(self->tsap);
 153			self->tsap = NULL;
 154		}
 155	}
 156	bh_unlock_sock(sk);
 157
 158	/* Note : once we are there, there is not much you want to do
 159	 * with the socket anymore, apart from closing it.
 160	 * For example, bind() and connect() won't reset sk->sk_err,
 161	 * sk->sk_shutdown and sk->sk_flags to valid values...
 162	 * Jean II
 163	 */
 164}
 165
 166/*
 167 * Function irda_connect_confirm (instance, sap, qos, max_sdu_size, skb)
 168 *
 169 *    Connections has been confirmed by the remote device
 170 *
 171 */
 172static void irda_connect_confirm(void *instance, void *sap,
 173				 struct qos_info *qos,
 174				 __u32 max_sdu_size, __u8 max_header_size,
 175				 struct sk_buff *skb)
 176{
 177	struct irda_sock *self;
 178	struct sock *sk;
 179
 180	self = instance;
 181
 182	pr_debug("%s(%p)\n", __func__, self);
 183
 184	sk = instance;
 185	if (sk == NULL) {
 186		dev_kfree_skb(skb);
 187		return;
 188	}
 189
 190	dev_kfree_skb(skb);
 191	// Should be ??? skb_queue_tail(&sk->sk_receive_queue, skb);
 192
 193	/* How much header space do we need to reserve */
 194	self->max_header_size = max_header_size;
 195
 196	/* IrTTP max SDU size in transmit direction */
 197	self->max_sdu_size_tx = max_sdu_size;
 198
 199	/* Find out what the largest chunk of data that we can transmit is */
 200	switch (sk->sk_type) {
 201	case SOCK_STREAM:
 202		if (max_sdu_size != 0) {
 203			net_err_ratelimited("%s: max_sdu_size must be 0\n",
 204					    __func__);
 205			return;
 206		}
 207		self->max_data_size = irttp_get_max_seg_size(self->tsap);
 208		break;
 209	case SOCK_SEQPACKET:
 210		if (max_sdu_size == 0) {
 211			net_err_ratelimited("%s: max_sdu_size cannot be 0\n",
 212					    __func__);
 213			return;
 214		}
 215		self->max_data_size = max_sdu_size;
 216		break;
 217	default:
 218		self->max_data_size = irttp_get_max_seg_size(self->tsap);
 219	}
 220
 221	pr_debug("%s(), max_data_size=%d\n", __func__,
 222		 self->max_data_size);
 223
 224	memcpy(&self->qos_tx, qos, sizeof(struct qos_info));
 225
 226	/* We are now connected! */
 227	sk->sk_state = TCP_ESTABLISHED;
 228	sk->sk_state_change(sk);
 229}
 230
 231/*
 232 * Function irda_connect_indication(instance, sap, qos, max_sdu_size, userdata)
 233 *
 234 *    Incoming connection
 235 *
 236 */
 237static void irda_connect_indication(void *instance, void *sap,
 238				    struct qos_info *qos, __u32 max_sdu_size,
 239				    __u8 max_header_size, struct sk_buff *skb)
 240{
 241	struct irda_sock *self;
 242	struct sock *sk;
 243
 244	self = instance;
 245
 246	pr_debug("%s(%p)\n", __func__, self);
 247
 248	sk = instance;
 249	if (sk == NULL) {
 250		dev_kfree_skb(skb);
 251		return;
 252	}
 253
 254	/* How much header space do we need to reserve */
 255	self->max_header_size = max_header_size;
 256
 257	/* IrTTP max SDU size in transmit direction */
 258	self->max_sdu_size_tx = max_sdu_size;
 259
 260	/* Find out what the largest chunk of data that we can transmit is */
 261	switch (sk->sk_type) {
 262	case SOCK_STREAM:
 263		if (max_sdu_size != 0) {
 264			net_err_ratelimited("%s: max_sdu_size must be 0\n",
 265					    __func__);
 266			kfree_skb(skb);
 267			return;
 268		}
 269		self->max_data_size = irttp_get_max_seg_size(self->tsap);
 270		break;
 271	case SOCK_SEQPACKET:
 272		if (max_sdu_size == 0) {
 273			net_err_ratelimited("%s: max_sdu_size cannot be 0\n",
 274					    __func__);
 275			kfree_skb(skb);
 276			return;
 277		}
 278		self->max_data_size = max_sdu_size;
 279		break;
 280	default:
 281		self->max_data_size = irttp_get_max_seg_size(self->tsap);
 282	}
 283
 284	pr_debug("%s(), max_data_size=%d\n", __func__,
 285		 self->max_data_size);
 286
 287	memcpy(&self->qos_tx, qos, sizeof(struct qos_info));
 288
 289	skb_queue_tail(&sk->sk_receive_queue, skb);
 290	sk->sk_state_change(sk);
 291}
 292
 293/*
 294 * Function irda_connect_response (handle)
 295 *
 296 *    Accept incoming connection
 297 *
 298 */
 299static void irda_connect_response(struct irda_sock *self)
 300{
 301	struct sk_buff *skb;
 302
 303	skb = alloc_skb(TTP_MAX_HEADER + TTP_SAR_HEADER, GFP_KERNEL);
 304	if (skb == NULL) {
 305		pr_debug("%s() Unable to allocate sk_buff!\n",
 306			 __func__);
 307		return;
 308	}
 309
 310	/* Reserve space for MUX_CONTROL and LAP header */
 311	skb_reserve(skb, IRDA_MAX_HEADER);
 312
 313	irttp_connect_response(self->tsap, self->max_sdu_size_rx, skb);
 314}
 315
 316/*
 317 * Function irda_flow_indication (instance, sap, flow)
 318 *
 319 *    Used by TinyTP to tell us if it can accept more data or not
 320 *
 321 */
 322static void irda_flow_indication(void *instance, void *sap, LOCAL_FLOW flow)
 323{
 324	struct irda_sock *self;
 325	struct sock *sk;
 326
 327	self = instance;
 328	sk = instance;
 329	BUG_ON(sk == NULL);
 330
 331	switch (flow) {
 332	case FLOW_STOP:
 333		pr_debug("%s(), IrTTP wants us to slow down\n",
 334			 __func__);
 335		self->tx_flow = flow;
 336		break;
 337	case FLOW_START:
 338		self->tx_flow = flow;
 339		pr_debug("%s(), IrTTP wants us to start again\n",
 340			 __func__);
 341		wake_up_interruptible(sk_sleep(sk));
 342		break;
 343	default:
 344		pr_debug("%s(), Unknown flow command!\n", __func__);
 345		/* Unknown flow command, better stop */
 346		self->tx_flow = flow;
 347		break;
 348	}
 349}
 350
 351/*
 352 * Function irda_getvalue_confirm (obj_id, value, priv)
 353 *
 354 *    Got answer from remote LM-IAS, just pass object to requester...
 355 *
 356 * Note : duplicate from above, but we need our own version that
 357 * doesn't touch the dtsap_sel and save the full value structure...
 358 */
 359static void irda_getvalue_confirm(int result, __u16 obj_id,
 360				  struct ias_value *value, void *priv)
 361{
 362	struct irda_sock *self;
 363
 364	self = priv;
 365	if (!self) {
 366		net_warn_ratelimited("%s: lost myself!\n", __func__);
 367		return;
 368	}
 369
 370	pr_debug("%s(%p)\n", __func__, self);
 371
 372	/* We probably don't need to make any more queries */
 373	iriap_close(self->iriap);
 374	self->iriap = NULL;
 375
 376	/* Check if request succeeded */
 377	if (result != IAS_SUCCESS) {
 378		pr_debug("%s(), IAS query failed! (%d)\n", __func__,
 379			 result);
 380
 381		self->errno = result;	/* We really need it later */
 382
 383		/* Wake up any processes waiting for result */
 384		wake_up_interruptible(&self->query_wait);
 385
 386		return;
 387	}
 388
 389	/* Pass the object to the caller (so the caller must delete it) */
 390	self->ias_result = value;
 391	self->errno = 0;
 392
 393	/* Wake up any processes waiting for result */
 394	wake_up_interruptible(&self->query_wait);
 395}
 396
 397/*
 398 * Function irda_selective_discovery_indication (discovery)
 399 *
 400 *    Got a selective discovery indication from IrLMP.
 401 *
 402 * IrLMP is telling us that this node is new and matching our hint bit
 403 * filter. Wake up any process waiting for answer...
 404 */
 405static void irda_selective_discovery_indication(discinfo_t *discovery,
 406						DISCOVERY_MODE mode,
 407						void *priv)
 408{
 409	struct irda_sock *self;
 410
 411	self = priv;
 412	if (!self) {
 413		net_warn_ratelimited("%s: lost myself!\n", __func__);
 414		return;
 415	}
 416
 417	/* Pass parameter to the caller */
 418	self->cachedaddr = discovery->daddr;
 419
 420	/* Wake up process if its waiting for device to be discovered */
 421	wake_up_interruptible(&self->query_wait);
 422}
 423
 424/*
 425 * Function irda_discovery_timeout (priv)
 426 *
 427 *    Timeout in the selective discovery process
 428 *
 429 * We were waiting for a node to be discovered, but nothing has come up
 430 * so far. Wake up the user and tell him that we failed...
 431 */
 432static void irda_discovery_timeout(u_long priv)
 433{
 434	struct irda_sock *self;
 435
 436	self = (struct irda_sock *) priv;
 437	BUG_ON(self == NULL);
 438
 439	/* Nothing for the caller */
 440	self->cachelog = NULL;
 441	self->cachedaddr = 0;
 442	self->errno = -ETIME;
 443
 444	/* Wake up process if its still waiting... */
 445	wake_up_interruptible(&self->query_wait);
 446}
 447
 448/*
 449 * Function irda_open_tsap (self)
 450 *
 451 *    Open local Transport Service Access Point (TSAP)
 452 *
 453 */
 454static int irda_open_tsap(struct irda_sock *self, __u8 tsap_sel, char *name)
 455{
 456	notify_t notify;
 457
 458	if (self->tsap) {
 459		pr_debug("%s: busy!\n", __func__);
 460		return -EBUSY;
 461	}
 462
 463	/* Initialize callbacks to be used by the IrDA stack */
 464	irda_notify_init(&notify);
 465	notify.connect_confirm       = irda_connect_confirm;
 466	notify.connect_indication    = irda_connect_indication;
 467	notify.disconnect_indication = irda_disconnect_indication;
 468	notify.data_indication       = irda_data_indication;
 469	notify.udata_indication	     = irda_data_indication;
 470	notify.flow_indication       = irda_flow_indication;
 471	notify.instance = self;
 472	strncpy(notify.name, name, NOTIFY_MAX_NAME);
 473
 474	self->tsap = irttp_open_tsap(tsap_sel, DEFAULT_INITIAL_CREDIT,
 475				     &notify);
 476	if (self->tsap == NULL) {
 477		pr_debug("%s(), Unable to allocate TSAP!\n",
 478			 __func__);
 479		return -ENOMEM;
 480	}
 481	/* Remember which TSAP selector we actually got */
 482	self->stsap_sel = self->tsap->stsap_sel;
 483
 484	return 0;
 485}
 486
 487/*
 488 * Function irda_open_lsap (self)
 489 *
 490 *    Open local Link Service Access Point (LSAP). Used for opening Ultra
 491 *    sockets
 492 */
 493#ifdef CONFIG_IRDA_ULTRA
 494static int irda_open_lsap(struct irda_sock *self, int pid)
 495{
 496	notify_t notify;
 497
 498	if (self->lsap) {
 499		net_warn_ratelimited("%s(), busy!\n", __func__);
 500		return -EBUSY;
 501	}
 502
 503	/* Initialize callbacks to be used by the IrDA stack */
 504	irda_notify_init(&notify);
 505	notify.udata_indication	= irda_data_indication;
 506	notify.instance = self;
 507	strncpy(notify.name, "Ultra", NOTIFY_MAX_NAME);
 508
 509	self->lsap = irlmp_open_lsap(LSAP_CONNLESS, &notify, pid);
 510	if (self->lsap == NULL) {
 511		pr_debug("%s(), Unable to allocate LSAP!\n", __func__);
 512		return -ENOMEM;
 513	}
 514
 515	return 0;
 516}
 517#endif /* CONFIG_IRDA_ULTRA */
 518
 519/*
 520 * Function irda_find_lsap_sel (self, name)
 521 *
 522 *    Try to lookup LSAP selector in remote LM-IAS
 523 *
 524 * Basically, we start a IAP query, and then go to sleep. When the query
 525 * return, irda_getvalue_confirm will wake us up, and we can examine the
 526 * result of the query...
 527 * Note that in some case, the query fail even before we go to sleep,
 528 * creating some races...
 529 */
 530static int irda_find_lsap_sel(struct irda_sock *self, char *name)
 531{
 532	pr_debug("%s(%p, %s)\n", __func__, self, name);
 533
 534	if (self->iriap) {
 535		net_warn_ratelimited("%s(): busy with a previous query\n",
 536				     __func__);
 537		return -EBUSY;
 538	}
 539
 540	self->iriap = iriap_open(LSAP_ANY, IAS_CLIENT, self,
 541				 irda_getvalue_confirm);
 542	if(self->iriap == NULL)
 543		return -ENOMEM;
 544
 545	/* Treat unexpected wakeup as disconnect */
 546	self->errno = -EHOSTUNREACH;
 547
 548	/* Query remote LM-IAS */
 549	iriap_getvaluebyclass_request(self->iriap, self->saddr, self->daddr,
 550				      name, "IrDA:TinyTP:LsapSel");
 551
 552	/* Wait for answer, if not yet finished (or failed) */
 553	if (wait_event_interruptible(self->query_wait, (self->iriap==NULL)))
 554		/* Treat signals as disconnect */
 555		return -EHOSTUNREACH;
 556
 557	/* Check what happened */
 558	if (self->errno)
 559	{
 560		/* Requested object/attribute doesn't exist */
 561		if((self->errno == IAS_CLASS_UNKNOWN) ||
 562		   (self->errno == IAS_ATTRIB_UNKNOWN))
 563			return -EADDRNOTAVAIL;
 564		else
 565			return -EHOSTUNREACH;
 566	}
 567
 568	/* Get the remote TSAP selector */
 569	switch (self->ias_result->type) {
 570	case IAS_INTEGER:
 571		pr_debug("%s() int=%d\n",
 572			 __func__, self->ias_result->t.integer);
 573
 574		if (self->ias_result->t.integer != -1)
 575			self->dtsap_sel = self->ias_result->t.integer;
 576		else
 577			self->dtsap_sel = 0;
 578		break;
 579	default:
 580		self->dtsap_sel = 0;
 581		pr_debug("%s(), bad type!\n", __func__);
 582		break;
 583	}
 584	if (self->ias_result)
 585		irias_delete_value(self->ias_result);
 586
 587	if (self->dtsap_sel)
 588		return 0;
 589
 590	return -EADDRNOTAVAIL;
 591}
 592
 593/*
 594 * Function irda_discover_daddr_and_lsap_sel (self, name)
 595 *
 596 *    This try to find a device with the requested service.
 597 *
 598 * It basically look into the discovery log. For each address in the list,
 599 * it queries the LM-IAS of the device to find if this device offer
 600 * the requested service.
 601 * If there is more than one node supporting the service, we complain
 602 * to the user (it should move devices around).
 603 * The, we set both the destination address and the lsap selector to point
 604 * on the service on the unique device we have found.
 605 *
 606 * Note : this function fails if there is more than one device in range,
 607 * because IrLMP doesn't disconnect the LAP when the last LSAP is closed.
 608 * Moreover, we would need to wait the LAP disconnection...
 609 */
 610static int irda_discover_daddr_and_lsap_sel(struct irda_sock *self, char *name)
 611{
 612	discinfo_t *discoveries;	/* Copy of the discovery log */
 613	int	number;			/* Number of nodes in the log */
 614	int	i;
 615	int	err = -ENETUNREACH;
 616	__u32	daddr = DEV_ADDR_ANY;	/* Address we found the service on */
 617	__u8	dtsap_sel = 0x0;	/* TSAP associated with it */
 618
 619	pr_debug("%s(), name=%s\n", __func__, name);
 620
 621	/* Ask lmp for the current discovery log
 622	 * Note : we have to use irlmp_get_discoveries(), as opposed
 623	 * to play with the cachelog directly, because while we are
 624	 * making our ias query, le log might change... */
 625	discoveries = irlmp_get_discoveries(&number, self->mask.word,
 626					    self->nslots);
 627	/* Check if the we got some results */
 628	if (discoveries == NULL)
 629		return -ENETUNREACH;	/* No nodes discovered */
 630
 631	/*
 632	 * Now, check all discovered devices (if any), and connect
 633	 * client only about the services that the client is
 634	 * interested in...
 635	 */
 636	for(i = 0; i < number; i++) {
 637		/* Try the address in the log */
 638		self->daddr = discoveries[i].daddr;
 639		self->saddr = 0x0;
 640		pr_debug("%s(), trying daddr = %08x\n",
 641			 __func__, self->daddr);
 642
 643		/* Query remote LM-IAS for this service */
 644		err = irda_find_lsap_sel(self, name);
 645		switch (err) {
 646		case 0:
 647			/* We found the requested service */
 648			if(daddr != DEV_ADDR_ANY) {
 649				pr_debug("%s(), discovered service ''%s'' in two different devices !!!\n",
 650					 __func__, name);
 651				self->daddr = DEV_ADDR_ANY;
 652				kfree(discoveries);
 653				return -ENOTUNIQ;
 654			}
 655			/* First time we found that one, save it ! */
 656			daddr = self->daddr;
 657			dtsap_sel = self->dtsap_sel;
 658			break;
 659		case -EADDRNOTAVAIL:
 660			/* Requested service simply doesn't exist on this node */
 661			break;
 662		default:
 663			/* Something bad did happen :-( */
 664			pr_debug("%s(), unexpected IAS query failure\n",
 665				 __func__);
 666			self->daddr = DEV_ADDR_ANY;
 667			kfree(discoveries);
 668			return -EHOSTUNREACH;
 669		}
 670	}
 671	/* Cleanup our copy of the discovery log */
 672	kfree(discoveries);
 673
 674	/* Check out what we found */
 675	if(daddr == DEV_ADDR_ANY) {
 676		pr_debug("%s(), cannot discover service ''%s'' in any device !!!\n",
 677			 __func__, name);
 678		self->daddr = DEV_ADDR_ANY;
 679		return -EADDRNOTAVAIL;
 680	}
 681
 682	/* Revert back to discovered device & service */
 683	self->daddr = daddr;
 684	self->saddr = 0x0;
 685	self->dtsap_sel = dtsap_sel;
 686
 687	pr_debug("%s(), discovered requested service ''%s'' at address %08x\n",
 688		 __func__, name, self->daddr);
 689
 690	return 0;
 691}
 692
 693/*
 694 * Function irda_getname (sock, uaddr, uaddr_len, peer)
 695 *
 696 *    Return the our own, or peers socket address (sockaddr_irda)
 697 *
 698 */
 699static int irda_getname(struct socket *sock, struct sockaddr *uaddr,
 700			int *uaddr_len, int peer)
 701{
 702	struct sockaddr_irda saddr;
 703	struct sock *sk = sock->sk;
 704	struct irda_sock *self = irda_sk(sk);
 705
 706	memset(&saddr, 0, sizeof(saddr));
 707	if (peer) {
 708		if (sk->sk_state != TCP_ESTABLISHED)
 709			return -ENOTCONN;
 710
 711		saddr.sir_family = AF_IRDA;
 712		saddr.sir_lsap_sel = self->dtsap_sel;
 713		saddr.sir_addr = self->daddr;
 714	} else {
 715		saddr.sir_family = AF_IRDA;
 716		saddr.sir_lsap_sel = self->stsap_sel;
 717		saddr.sir_addr = self->saddr;
 718	}
 719
 720	pr_debug("%s(), tsap_sel = %#x\n", __func__, saddr.sir_lsap_sel);
 721	pr_debug("%s(), addr = %08x\n", __func__, saddr.sir_addr);
 722
 723	/* uaddr_len come to us uninitialised */
 724	*uaddr_len = sizeof (struct sockaddr_irda);
 725	memcpy(uaddr, &saddr, *uaddr_len);
 726
 727	return 0;
 728}
 729
 730/*
 731 * Function irda_listen (sock, backlog)
 732 *
 733 *    Just move to the listen state
 734 *
 735 */
 736static int irda_listen(struct socket *sock, int backlog)
 737{
 738	struct sock *sk = sock->sk;
 739	int err = -EOPNOTSUPP;
 740
 741	lock_sock(sk);
 742
 743	if ((sk->sk_type != SOCK_STREAM) && (sk->sk_type != SOCK_SEQPACKET) &&
 744	    (sk->sk_type != SOCK_DGRAM))
 745		goto out;
 746
 747	if (sk->sk_state != TCP_LISTEN) {
 748		sk->sk_max_ack_backlog = backlog;
 749		sk->sk_state           = TCP_LISTEN;
 750
 751		err = 0;
 752	}
 753out:
 754	release_sock(sk);
 755
 756	return err;
 757}
 758
 759/*
 760 * Function irda_bind (sock, uaddr, addr_len)
 761 *
 762 *    Used by servers to register their well known TSAP
 763 *
 764 */
 765static int irda_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
 766{
 767	struct sock *sk = sock->sk;
 768	struct sockaddr_irda *addr = (struct sockaddr_irda *) uaddr;
 769	struct irda_sock *self = irda_sk(sk);
 770	int err;
 771
 772	pr_debug("%s(%p)\n", __func__, self);
 773
 774	if (addr_len != sizeof(struct sockaddr_irda))
 775		return -EINVAL;
 776
 777	lock_sock(sk);
 778#ifdef CONFIG_IRDA_ULTRA
 779	/* Special care for Ultra sockets */
 780	if ((sk->sk_type == SOCK_DGRAM) &&
 781	    (sk->sk_protocol == IRDAPROTO_ULTRA)) {
 782		self->pid = addr->sir_lsap_sel;
 783		err = -EOPNOTSUPP;
 784		if (self->pid & 0x80) {
 785			pr_debug("%s(), extension in PID not supp!\n",
 786				 __func__);
 787			goto out;
 788		}
 789		err = irda_open_lsap(self, self->pid);
 790		if (err < 0)
 791			goto out;
 792
 793		/* Pretend we are connected */
 794		sock->state = SS_CONNECTED;
 795		sk->sk_state   = TCP_ESTABLISHED;
 796		err = 0;
 797
 798		goto out;
 799	}
 800#endif /* CONFIG_IRDA_ULTRA */
 801
 802	self->ias_obj = irias_new_object(addr->sir_name, jiffies);
 803	err = -ENOMEM;
 804	if (self->ias_obj == NULL)
 805		goto out;
 806
 807	err = irda_open_tsap(self, addr->sir_lsap_sel, addr->sir_name);
 808	if (err < 0) {
 809		irias_delete_object(self->ias_obj);
 810		self->ias_obj = NULL;
 811		goto out;
 812	}
 813
 814	/*  Register with LM-IAS */
 815	irias_add_integer_attrib(self->ias_obj, "IrDA:TinyTP:LsapSel",
 816				 self->stsap_sel, IAS_KERNEL_ATTR);
 817	irias_insert_object(self->ias_obj);
 818
 819	err = 0;
 820out:
 821	release_sock(sk);
 822	return err;
 823}
 824
 825/*
 826 * Function irda_accept (sock, newsock, flags)
 827 *
 828 *    Wait for incoming connection
 829 *
 830 */
 831static int irda_accept(struct socket *sock, struct socket *newsock, int flags,
 832		       bool kern)
 833{
 834	struct sock *sk = sock->sk;
 835	struct irda_sock *new, *self = irda_sk(sk);
 836	struct sock *newsk;
 837	struct sk_buff *skb = NULL;
 838	int err;
 839
 840	err = irda_create(sock_net(sk), newsock, sk->sk_protocol, kern);
 841	if (err)
 842		return err;
 843
 844	err = -EINVAL;
 845
 846	lock_sock(sk);
 847	if (sock->state != SS_UNCONNECTED)
 848		goto out;
 849
 850	err = -EOPNOTSUPP;
 851	if ((sk->sk_type != SOCK_STREAM) && (sk->sk_type != SOCK_SEQPACKET) &&
 852	    (sk->sk_type != SOCK_DGRAM))
 853		goto out;
 854
 855	err = -EINVAL;
 856	if (sk->sk_state != TCP_LISTEN)
 857		goto out;
 858
 859	/*
 860	 *	The read queue this time is holding sockets ready to use
 861	 *	hooked into the SABM we saved
 862	 */
 863
 864	/*
 865	 * We can perform the accept only if there is incoming data
 866	 * on the listening socket.
 867	 * So, we will block the caller until we receive any data.
 868	 * If the caller was waiting on select() or poll() before
 869	 * calling us, the data is waiting for us ;-)
 870	 * Jean II
 871	 */
 872	while (1) {
 873		skb = skb_dequeue(&sk->sk_receive_queue);
 874		if (skb)
 875			break;
 876
 877		/* Non blocking operation */
 878		err = -EWOULDBLOCK;
 879		if (flags & O_NONBLOCK)
 880			goto out;
 881
 882		err = wait_event_interruptible(*(sk_sleep(sk)),
 883					skb_peek(&sk->sk_receive_queue));
 884		if (err)
 885			goto out;
 886	}
 887
 888	newsk = newsock->sk;
 889	err = -EIO;
 890	if (newsk == NULL)
 891		goto out;
 892
 893	newsk->sk_state = TCP_ESTABLISHED;
 894
 895	new = irda_sk(newsk);
 896
 897	/* Now attach up the new socket */
 898	new->tsap = irttp_dup(self->tsap, new);
 899	err = -EPERM; /* value does not seem to make sense. -arnd */
 900	if (!new->tsap) {
 901		pr_debug("%s(), dup failed!\n", __func__);
 902		goto out;
 903	}
 904
 905	new->stsap_sel = new->tsap->stsap_sel;
 906	new->dtsap_sel = new->tsap->dtsap_sel;
 907	new->saddr = irttp_get_saddr(new->tsap);
 908	new->daddr = irttp_get_daddr(new->tsap);
 909
 910	new->max_sdu_size_tx = self->max_sdu_size_tx;
 911	new->max_sdu_size_rx = self->max_sdu_size_rx;
 912	new->max_data_size   = self->max_data_size;
 913	new->max_header_size = self->max_header_size;
 914
 915	memcpy(&new->qos_tx, &self->qos_tx, sizeof(struct qos_info));
 916
 917	/* Clean up the original one to keep it in listen state */
 918	irttp_listen(self->tsap);
 919
 920	sk->sk_ack_backlog--;
 921
 922	newsock->state = SS_CONNECTED;
 923
 924	irda_connect_response(new);
 925	err = 0;
 926out:
 927	kfree_skb(skb);
 928	release_sock(sk);
 929	return err;
 930}
 931
 932/*
 933 * Function irda_connect (sock, uaddr, addr_len, flags)
 934 *
 935 *    Connect to a IrDA device
 936 *
 937 * The main difference with a "standard" connect is that with IrDA we need
 938 * to resolve the service name into a TSAP selector (in TCP, port number
 939 * doesn't have to be resolved).
 940 * Because of this service name resolution, we can offer "auto-connect",
 941 * where we connect to a service without specifying a destination address.
 942 *
 943 * Note : by consulting "errno", the user space caller may learn the cause
 944 * of the failure. Most of them are visible in the function, others may come
 945 * from subroutines called and are listed here :
 946 *	o EBUSY : already processing a connect
 947 *	o EHOSTUNREACH : bad addr->sir_addr argument
 948 *	o EADDRNOTAVAIL : bad addr->sir_name argument
 949 *	o ENOTUNIQ : more than one node has addr->sir_name (auto-connect)
 950 *	o ENETUNREACH : no node found on the network (auto-connect)
 951 */
 952static int irda_connect(struct socket *sock, struct sockaddr *uaddr,
 953			int addr_len, int flags)
 954{
 955	struct sock *sk = sock->sk;
 956	struct sockaddr_irda *addr = (struct sockaddr_irda *) uaddr;
 957	struct irda_sock *self = irda_sk(sk);
 958	int err;
 959
 960	pr_debug("%s(%p)\n", __func__, self);
 961
 962	lock_sock(sk);
 963	/* Don't allow connect for Ultra sockets */
 964	err = -ESOCKTNOSUPPORT;
 965	if ((sk->sk_type == SOCK_DGRAM) && (sk->sk_protocol == IRDAPROTO_ULTRA))
 966		goto out;
 967
 968	if (sk->sk_state == TCP_ESTABLISHED && sock->state == SS_CONNECTING) {
 969		sock->state = SS_CONNECTED;
 970		err = 0;
 971		goto out;   /* Connect completed during a ERESTARTSYS event */
 972	}
 973
 974	if (sk->sk_state == TCP_CLOSE && sock->state == SS_CONNECTING) {
 975		sock->state = SS_UNCONNECTED;
 976		err = -ECONNREFUSED;
 977		goto out;
 978	}
 979
 980	err = -EISCONN;      /* No reconnect on a seqpacket socket */
 981	if (sk->sk_state == TCP_ESTABLISHED)
 982		goto out;
 983
 984	sk->sk_state   = TCP_CLOSE;
 985	sock->state = SS_UNCONNECTED;
 986
 987	err = -EINVAL;
 988	if (addr_len != sizeof(struct sockaddr_irda))
 989		goto out;
 990
 991	/* Check if user supplied any destination device address */
 992	if ((!addr->sir_addr) || (addr->sir_addr == DEV_ADDR_ANY)) {
 993		/* Try to find one suitable */
 994		err = irda_discover_daddr_and_lsap_sel(self, addr->sir_name);
 995		if (err) {
 996			pr_debug("%s(), auto-connect failed!\n", __func__);
 997			goto out;
 998		}
 999	} else {
1000		/* Use the one provided by the user */
1001		self->daddr = addr->sir_addr;
1002		pr_debug("%s(), daddr = %08x\n", __func__, self->daddr);
1003
1004		/* If we don't have a valid service name, we assume the
1005		 * user want to connect on a specific LSAP. Prevent
1006		 * the use of invalid LSAPs (IrLMP 1.1 p10). Jean II */
1007		if((addr->sir_name[0] != '\0') ||
1008		   (addr->sir_lsap_sel >= 0x70)) {
1009			/* Query remote LM-IAS using service name */
1010			err = irda_find_lsap_sel(self, addr->sir_name);
1011			if (err) {
1012				pr_debug("%s(), connect failed!\n", __func__);
1013				goto out;
1014			}
1015		} else {
1016			/* Directly connect to the remote LSAP
1017			 * specified by the sir_lsap field.
1018			 * Please use with caution, in IrDA LSAPs are
1019			 * dynamic and there is no "well-known" LSAP. */
1020			self->dtsap_sel = addr->sir_lsap_sel;
1021		}
1022	}
1023
1024	/* Check if we have opened a local TSAP */
1025	if (!self->tsap) {
1026		err = irda_open_tsap(self, LSAP_ANY, addr->sir_name);
1027		if (err)
1028			goto out;
1029	}
1030
1031	/* Move to connecting socket, start sending Connect Requests */
1032	sock->state = SS_CONNECTING;
1033	sk->sk_state   = TCP_SYN_SENT;
1034
1035	/* Connect to remote device */
1036	err = irttp_connect_request(self->tsap, self->dtsap_sel,
1037				    self->saddr, self->daddr, NULL,
1038				    self->max_sdu_size_rx, NULL);
1039	if (err) {
1040		pr_debug("%s(), connect failed!\n", __func__);
1041		goto out;
1042	}
1043
1044	/* Now the loop */
1045	err = -EINPROGRESS;
1046	if (sk->sk_state != TCP_ESTABLISHED && (flags & O_NONBLOCK))
1047		goto out;
1048
1049	err = -ERESTARTSYS;
1050	if (wait_event_interruptible(*(sk_sleep(sk)),
1051				     (sk->sk_state != TCP_SYN_SENT)))
1052		goto out;
1053
1054	if (sk->sk_state != TCP_ESTABLISHED) {
1055		sock->state = SS_UNCONNECTED;
1056		err = sock_error(sk);
1057		if (!err)
1058			err = -ECONNRESET;
1059		goto out;
1060	}
1061
1062	sock->state = SS_CONNECTED;
1063
1064	/* At this point, IrLMP has assigned our source address */
1065	self->saddr = irttp_get_saddr(self->tsap);
1066	err = 0;
1067out:
1068	release_sock(sk);
1069	return err;
1070}
1071
1072static struct proto irda_proto = {
1073	.name	  = "IRDA",
1074	.owner	  = THIS_MODULE,
1075	.obj_size = sizeof(struct irda_sock),
1076};
1077
1078/*
1079 * Function irda_create (sock, protocol)
1080 *
1081 *    Create IrDA socket
1082 *
1083 */
1084static int irda_create(struct net *net, struct socket *sock, int protocol,
1085		       int kern)
1086{
1087	struct sock *sk;
1088	struct irda_sock *self;
1089
1090	if (protocol < 0 || protocol > SK_PROTOCOL_MAX)
1091		return -EINVAL;
1092
1093	if (net != &init_net)
1094		return -EAFNOSUPPORT;
1095
1096	/* Check for valid socket type */
1097	switch (sock->type) {
1098	case SOCK_STREAM:     /* For TTP connections with SAR disabled */
1099	case SOCK_SEQPACKET:  /* For TTP connections with SAR enabled */
1100	case SOCK_DGRAM:      /* For TTP Unitdata or LMP Ultra transfers */
1101		break;
1102	default:
1103		return -ESOCKTNOSUPPORT;
1104	}
1105
1106	/* Allocate networking socket */
1107	sk = sk_alloc(net, PF_IRDA, GFP_KERNEL, &irda_proto, kern);
1108	if (sk == NULL)
1109		return -ENOMEM;
1110
1111	self = irda_sk(sk);
1112	pr_debug("%s() : self is %p\n", __func__, self);
1113
1114	init_waitqueue_head(&self->query_wait);
1115
1116	switch (sock->type) {
1117	case SOCK_STREAM:
1118		sock->ops = &irda_stream_ops;
1119		self->max_sdu_size_rx = TTP_SAR_DISABLE;
1120		break;
1121	case SOCK_SEQPACKET:
1122		sock->ops = &irda_seqpacket_ops;
1123		self->max_sdu_size_rx = TTP_SAR_UNBOUND;
1124		break;
1125	case SOCK_DGRAM:
1126		switch (protocol) {
1127#ifdef CONFIG_IRDA_ULTRA
1128		case IRDAPROTO_ULTRA:
1129			sock->ops = &irda_ultra_ops;
1130			/* Initialise now, because we may send on unbound
1131			 * sockets. Jean II */
1132			self->max_data_size = ULTRA_MAX_DATA - LMP_PID_HEADER;
1133			self->max_header_size = IRDA_MAX_HEADER + LMP_PID_HEADER;
1134			break;
1135#endif /* CONFIG_IRDA_ULTRA */
1136		case IRDAPROTO_UNITDATA:
1137			sock->ops = &irda_dgram_ops;
1138			/* We let Unitdata conn. be like seqpack conn. */
1139			self->max_sdu_size_rx = TTP_SAR_UNBOUND;
1140			break;
1141		default:
1142			sk_free(sk);
1143			return -ESOCKTNOSUPPORT;
1144		}
1145		break;
1146	default:
1147		sk_free(sk);
1148		return -ESOCKTNOSUPPORT;
1149	}
1150
1151	/* Initialise networking socket struct */
1152	sock_init_data(sock, sk);	/* Note : set sk->sk_refcnt to 1 */
1153	sk->sk_family = PF_IRDA;
1154	sk->sk_protocol = protocol;
1155
1156	/* Register as a client with IrLMP */
1157	self->ckey = irlmp_register_client(0, NULL, NULL, NULL);
1158	self->mask.word = 0xffff;
1159	self->rx_flow = self->tx_flow = FLOW_START;
1160	self->nslots = DISCOVERY_DEFAULT_SLOTS;
1161	self->daddr = DEV_ADDR_ANY;	/* Until we get connected */
1162	self->saddr = 0x0;		/* so IrLMP assign us any link */
1163	return 0;
1164}
1165
1166/*
1167 * Function irda_destroy_socket (self)
1168 *
1169 *    Destroy socket
1170 *
1171 */
1172static void irda_destroy_socket(struct irda_sock *self)
1173{
1174	pr_debug("%s(%p)\n", __func__, self);
1175
1176	/* Unregister with IrLMP */
1177	irlmp_unregister_client(self->ckey);
1178	irlmp_unregister_service(self->skey);
1179
1180	/* Unregister with LM-IAS */
1181	if (self->ias_obj) {
1182		irias_delete_object(self->ias_obj);
1183		self->ias_obj = NULL;
1184	}
1185
1186	if (self->iriap) {
1187		iriap_close(self->iriap);
1188		self->iriap = NULL;
1189	}
1190
1191	if (self->tsap) {
1192		irttp_disconnect_request(self->tsap, NULL, P_NORMAL);
1193		irttp_close_tsap(self->tsap);
1194		self->tsap = NULL;
1195	}
1196#ifdef CONFIG_IRDA_ULTRA
1197	if (self->lsap) {
1198		irlmp_close_lsap(self->lsap);
1199		self->lsap = NULL;
1200	}
1201#endif /* CONFIG_IRDA_ULTRA */
1202}
1203
1204/*
1205 * Function irda_release (sock)
1206 */
1207static int irda_release(struct socket *sock)
1208{
1209	struct sock *sk = sock->sk;
1210
1211	if (sk == NULL)
1212		return 0;
1213
1214	lock_sock(sk);
1215	sk->sk_state       = TCP_CLOSE;
1216	sk->sk_shutdown   |= SEND_SHUTDOWN;
1217	sk->sk_state_change(sk);
1218
1219	/* Destroy IrDA socket */
1220	irda_destroy_socket(irda_sk(sk));
1221
1222	sock_orphan(sk);
1223	sock->sk   = NULL;
1224	release_sock(sk);
1225
1226	/* Purge queues (see sock_init_data()) */
1227	skb_queue_purge(&sk->sk_receive_queue);
1228
1229	/* Destroy networking socket if we are the last reference on it,
1230	 * i.e. if(sk->sk_refcnt == 0) -> sk_free(sk) */
1231	sock_put(sk);
1232
1233	/* Notes on socket locking and deallocation... - Jean II
1234	 * In theory we should put pairs of sock_hold() / sock_put() to
1235	 * prevent the socket to be destroyed whenever there is an
1236	 * outstanding request or outstanding incoming packet or event.
1237	 *
1238	 * 1) This may include IAS request, both in connect and getsockopt.
1239	 * Unfortunately, the situation is a bit more messy than it looks,
1240	 * because we close iriap and kfree(self) above.
1241	 *
1242	 * 2) This may include selective discovery in getsockopt.
1243	 * Same stuff as above, irlmp registration and self are gone.
1244	 *
1245	 * Probably 1 and 2 may not matter, because it's all triggered
1246	 * by a process and the socket layer already prevent the
1247	 * socket to go away while a process is holding it, through
1248	 * sockfd_put() and fput()...
1249	 *
1250	 * 3) This may include deferred TSAP closure. In particular,
1251	 * we may receive a late irda_disconnect_indication()
1252	 * Fortunately, (tsap_cb *)->close_pend should protect us
1253	 * from that.
1254	 *
1255	 * I did some testing on SMP, and it looks solid. And the socket
1256	 * memory leak is now gone... - Jean II
1257	 */
1258
1259	return 0;
1260}
1261
1262/*
1263 * Function irda_sendmsg (sock, msg, len)
1264 *
1265 *    Send message down to TinyTP. This function is used for both STREAM and
1266 *    SEQPACK services. This is possible since it forces the client to
1267 *    fragment the message if necessary
1268 */
1269static int irda_sendmsg(struct socket *sock, struct msghdr *msg, size_t len)
1270{
1271	struct sock *sk = sock->sk;
1272	struct irda_sock *self;
1273	struct sk_buff *skb;
1274	int err = -EPIPE;
1275
1276	pr_debug("%s(), len=%zd\n", __func__, len);
1277
1278	/* Note : socket.c set MSG_EOR on SEQPACKET sockets */
1279	if (msg->msg_flags & ~(MSG_DONTWAIT | MSG_EOR | MSG_CMSG_COMPAT |
1280			       MSG_NOSIGNAL)) {
1281		return -EINVAL;
1282	}
1283
1284	lock_sock(sk);
1285
1286	if (sk->sk_shutdown & SEND_SHUTDOWN)
1287		goto out_err;
1288
1289	if (sk->sk_state != TCP_ESTABLISHED) {
1290		err = -ENOTCONN;
1291		goto out;
1292	}
1293
1294	self = irda_sk(sk);
1295
1296	/* Check if IrTTP is wants us to slow down */
1297
1298	if (wait_event_interruptible(*(sk_sleep(sk)),
1299	    (self->tx_flow != FLOW_STOP  ||  sk->sk_state != TCP_ESTABLISHED))) {
1300		err = -ERESTARTSYS;
1301		goto out;
1302	}
1303
1304	/* Check if we are still connected */
1305	if (sk->sk_state != TCP_ESTABLISHED) {
1306		err = -ENOTCONN;
1307		goto out;
1308	}
1309
1310	/* Check that we don't send out too big frames */
1311	if (len > self->max_data_size) {
1312		pr_debug("%s(), Chopping frame from %zd to %d bytes!\n",
1313			 __func__, len, self->max_data_size);
1314		len = self->max_data_size;
1315	}
1316
1317	skb = sock_alloc_send_skb(sk, len + self->max_header_size + 16,
1318				  msg->msg_flags & MSG_DONTWAIT, &err);
1319	if (!skb)
1320		goto out_err;
1321
1322	skb_reserve(skb, self->max_header_size + 16);
1323	skb_reset_transport_header(skb);
1324	skb_put(skb, len);
1325	err = memcpy_from_msg(skb_transport_header(skb), msg, len);
1326	if (err) {
1327		kfree_skb(skb);
1328		goto out_err;
1329	}
1330
1331	/*
1332	 * Just send the message to TinyTP, and let it deal with possible
1333	 * errors. No need to duplicate all that here
1334	 */
1335	err = irttp_data_request(self->tsap, skb);
1336	if (err) {
1337		pr_debug("%s(), err=%d\n", __func__, err);
1338		goto out_err;
1339	}
1340
1341	release_sock(sk);
1342	/* Tell client how much data we actually sent */
1343	return len;
1344
1345out_err:
1346	err = sk_stream_error(sk, msg->msg_flags, err);
1347out:
1348	release_sock(sk);
1349	return err;
1350
1351}
1352
1353/*
1354 * Function irda_recvmsg_dgram (sock, msg, size, flags)
1355 *
1356 *    Try to receive message and copy it to user. The frame is discarded
1357 *    after being read, regardless of how much the user actually read
1358 */
1359static int irda_recvmsg_dgram(struct socket *sock, struct msghdr *msg,
1360			      size_t size, int flags)
1361{
1362	struct sock *sk = sock->sk;
1363	struct irda_sock *self = irda_sk(sk);
1364	struct sk_buff *skb;
1365	size_t copied;
1366	int err;
1367
1368	skb = skb_recv_datagram(sk, flags & ~MSG_DONTWAIT,
1369				flags & MSG_DONTWAIT, &err);
1370	if (!skb)
1371		return err;
1372
1373	skb_reset_transport_header(skb);
1374	copied = skb->len;
1375
1376	if (copied > size) {
1377		pr_debug("%s(), Received truncated frame (%zd < %zd)!\n",
1378			 __func__, copied, size);
1379		copied = size;
1380		msg->msg_flags |= MSG_TRUNC;
1381	}
1382	skb_copy_datagram_msg(skb, 0, msg, copied);
1383
1384	skb_free_datagram(sk, skb);
1385
1386	/*
1387	 *  Check if we have previously stopped IrTTP and we know
1388	 *  have more free space in our rx_queue. If so tell IrTTP
1389	 *  to start delivering frames again before our rx_queue gets
1390	 *  empty
1391	 */
1392	if (self->rx_flow == FLOW_STOP) {
1393		if ((atomic_read(&sk->sk_rmem_alloc) << 2) <= sk->sk_rcvbuf) {
1394			pr_debug("%s(), Starting IrTTP\n", __func__);
1395			self->rx_flow = FLOW_START;
1396			irttp_flow_request(self->tsap, FLOW_START);
1397		}
1398	}
1399
1400	return copied;
1401}
1402
1403/*
1404 * Function irda_recvmsg_stream (sock, msg, size, flags)
1405 */
1406static int irda_recvmsg_stream(struct socket *sock, struct msghdr *msg,
1407			       size_t size, int flags)
1408{
1409	struct sock *sk = sock->sk;
1410	struct irda_sock *self = irda_sk(sk);
1411	int noblock = flags & MSG_DONTWAIT;
1412	size_t copied = 0;
1413	int target, err;
1414	long timeo;
1415
1416	if ((err = sock_error(sk)) < 0)
1417		return err;
1418
1419	if (sock->flags & __SO_ACCEPTCON)
1420		return -EINVAL;
1421
1422	err =-EOPNOTSUPP;
1423	if (flags & MSG_OOB)
1424		return -EOPNOTSUPP;
1425
1426	err = 0;
1427	target = sock_rcvlowat(sk, flags & MSG_WAITALL, size);
1428	timeo = sock_rcvtimeo(sk, noblock);
1429
1430	do {
1431		int chunk;
1432		struct sk_buff *skb = skb_dequeue(&sk->sk_receive_queue);
1433
1434		if (skb == NULL) {
1435			DEFINE_WAIT(wait);
1436			err = 0;
1437
1438			if (copied >= target)
1439				break;
1440
1441			prepare_to_wait_exclusive(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE);
1442
1443			/*
1444			 *	POSIX 1003.1g mandates this order.
1445			 */
1446			err = sock_error(sk);
1447			if (err)
1448				;
1449			else if (sk->sk_shutdown & RCV_SHUTDOWN)
1450				;
1451			else if (noblock)
1452				err = -EAGAIN;
1453			else if (signal_pending(current))
1454				err = sock_intr_errno(timeo);
1455			else if (sk->sk_state != TCP_ESTABLISHED)
1456				err = -ENOTCONN;
1457			else if (skb_peek(&sk->sk_receive_queue) == NULL)
1458				/* Wait process until data arrives */
1459				schedule();
1460
1461			finish_wait(sk_sleep(sk), &wait);
1462
1463			if (err)
1464				return err;
1465			if (sk->sk_shutdown & RCV_SHUTDOWN)
1466				break;
1467
1468			continue;
1469		}
1470
1471		chunk = min_t(unsigned int, skb->len, size);
1472		if (memcpy_to_msg(msg, skb->data, chunk)) {
1473			skb_queue_head(&sk->sk_receive_queue, skb);
1474			if (copied == 0)
1475				copied = -EFAULT;
1476			break;
1477		}
1478		copied += chunk;
1479		size -= chunk;
1480
1481		/* Mark read part of skb as used */
1482		if (!(flags & MSG_PEEK)) {
1483			skb_pull(skb, chunk);
1484
1485			/* put the skb back if we didn't use it up.. */
1486			if (skb->len) {
1487				pr_debug("%s(), back on q!\n",
1488					 __func__);
1489				skb_queue_head(&sk->sk_receive_queue, skb);
1490				break;
1491			}
1492
1493			kfree_skb(skb);
1494		} else {
1495			pr_debug("%s() questionable!?\n", __func__);
1496
1497			/* put message back and return */
1498			skb_queue_head(&sk->sk_receive_queue, skb);
1499			break;
1500		}
1501	} while (size);
1502
1503	/*
1504	 *  Check if we have previously stopped IrTTP and we know
1505	 *  have more free space in our rx_queue. If so tell IrTTP
1506	 *  to start delivering frames again before our rx_queue gets
1507	 *  empty
1508	 */
1509	if (self->rx_flow == FLOW_STOP) {
1510		if ((atomic_read(&sk->sk_rmem_alloc) << 2) <= sk->sk_rcvbuf) {
1511			pr_debug("%s(), Starting IrTTP\n", __func__);
1512			self->rx_flow = FLOW_START;
1513			irttp_flow_request(self->tsap, FLOW_START);
1514		}
1515	}
1516
1517	return copied;
1518}
1519
1520/*
1521 * Function irda_sendmsg_dgram (sock, msg, len)
1522 *
1523 *    Send message down to TinyTP for the unreliable sequenced
1524 *    packet service...
1525 *
1526 */
1527static int irda_sendmsg_dgram(struct socket *sock, struct msghdr *msg,
1528			      size_t len)
1529{
1530	struct sock *sk = sock->sk;
1531	struct irda_sock *self;
1532	struct sk_buff *skb;
1533	int err;
1534
1535	pr_debug("%s(), len=%zd\n", __func__, len);
1536
1537	if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_CMSG_COMPAT))
1538		return -EINVAL;
1539
1540	lock_sock(sk);
1541
1542	if (sk->sk_shutdown & SEND_SHUTDOWN) {
1543		send_sig(SIGPIPE, current, 0);
1544		err = -EPIPE;
1545		goto out;
1546	}
1547
1548	err = -ENOTCONN;
1549	if (sk->sk_state != TCP_ESTABLISHED)
1550		goto out;
1551
1552	self = irda_sk(sk);
1553
1554	/*
1555	 * Check that we don't send out too big frames. This is an unreliable
1556	 * service, so we have no fragmentation and no coalescence
1557	 */
1558	if (len > self->max_data_size) {
1559		pr_debug("%s(), Warning too much data! Chopping frame from %zd to %d bytes!\n",
1560			 __func__, len, self->max_data_size);
1561		len = self->max_data_size;
1562	}
1563
1564	skb = sock_alloc_send_skb(sk, len + self->max_header_size,
1565				  msg->msg_flags & MSG_DONTWAIT, &err);
1566	err = -ENOBUFS;
1567	if (!skb)
1568		goto out;
1569
1570	skb_reserve(skb, self->max_header_size);
1571	skb_reset_transport_header(skb);
1572
1573	pr_debug("%s(), appending user data\n", __func__);
1574	skb_put(skb, len);
1575	err = memcpy_from_msg(skb_transport_header(skb), msg, len);
1576	if (err) {
1577		kfree_skb(skb);
1578		goto out;
1579	}
1580
1581	/*
1582	 * Just send the message to TinyTP, and let it deal with possible
1583	 * errors. No need to duplicate all that here
1584	 */
1585	err = irttp_udata_request(self->tsap, skb);
1586	if (err) {
1587		pr_debug("%s(), err=%d\n", __func__, err);
1588		goto out;
1589	}
1590
1591	release_sock(sk);
1592	return len;
1593
1594out:
1595	release_sock(sk);
1596	return err;
1597}
1598
1599/*
1600 * Function irda_sendmsg_ultra (sock, msg, len)
1601 *
1602 *    Send message down to IrLMP for the unreliable Ultra
1603 *    packet service...
1604 */
1605#ifdef CONFIG_IRDA_ULTRA
1606static int irda_sendmsg_ultra(struct socket *sock, struct msghdr *msg,
1607			      size_t len)
1608{
1609	struct sock *sk = sock->sk;
1610	struct irda_sock *self;
1611	__u8 pid = 0;
1612	int bound = 0;
1613	struct sk_buff *skb;
1614	int err;
1615
1616	pr_debug("%s(), len=%zd\n", __func__, len);
1617
1618	err = -EINVAL;
1619	if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_CMSG_COMPAT))
1620		return -EINVAL;
1621
1622	lock_sock(sk);
1623
1624	err = -EPIPE;
1625	if (sk->sk_shutdown & SEND_SHUTDOWN) {
1626		send_sig(SIGPIPE, current, 0);
1627		goto out;
1628	}
1629
1630	self = irda_sk(sk);
1631
1632	/* Check if an address was specified with sendto. Jean II */
1633	if (msg->msg_name) {
1634		DECLARE_SOCKADDR(struct sockaddr_irda *, addr, msg->msg_name);
1635		err = -EINVAL;
1636		/* Check address, extract pid. Jean II */
1637		if (msg->msg_namelen < sizeof(*addr))
1638			goto out;
1639		if (addr->sir_family != AF_IRDA)
1640			goto out;
1641
1642		pid = addr->sir_lsap_sel;
1643		if (pid & 0x80) {
1644			pr_debug("%s(), extension in PID not supp!\n",
1645				 __func__);
1646			err = -EOPNOTSUPP;
1647			goto out;
1648		}
1649	} else {
1650		/* Check that the socket is properly bound to an Ultra
1651		 * port. Jean II */
1652		if ((self->lsap == NULL) ||
1653		    (sk->sk_state != TCP_ESTABLISHED)) {
1654			pr_debug("%s(), socket not bound to Ultra PID.\n",
1655				 __func__);
1656			err = -ENOTCONN;
1657			goto out;
1658		}
1659		/* Use PID from socket */
1660		bound = 1;
1661	}
1662
1663	/*
1664	 * Check that we don't send out too big frames. This is an unreliable
1665	 * service, so we have no fragmentation and no coalescence
1666	 */
1667	if (len > self->max_data_size) {
1668		pr_debug("%s(), Warning too much data! Chopping frame from %zd to %d bytes!\n",
1669			 __func__, len, self->max_data_size);
1670		len = self->max_data_size;
1671	}
1672
1673	skb = sock_alloc_send_skb(sk, len + self->max_header_size,
1674				  msg->msg_flags & MSG_DONTWAIT, &err);
1675	err = -ENOBUFS;
1676	if (!skb)
1677		goto out;
1678
1679	skb_reserve(skb, self->max_header_size);
1680	skb_reset_transport_header(skb);
1681
1682	pr_debug("%s(), appending user data\n", __func__);
1683	skb_put(skb, len);
1684	err = memcpy_from_msg(skb_transport_header(skb), msg, len);
1685	if (err) {
1686		kfree_skb(skb);
1687		goto out;
1688	}
1689
1690	err = irlmp_connless_data_request((bound ? self->lsap : NULL),
1691					  skb, pid);
1692	if (err)
1693		pr_debug("%s(), err=%d\n", __func__, err);
1694out:
1695	release_sock(sk);
1696	return err ? : len;
1697}
1698#endif /* CONFIG_IRDA_ULTRA */
1699
1700/*
1701 * Function irda_shutdown (sk, how)
1702 */
1703static int irda_shutdown(struct socket *sock, int how)
1704{
1705	struct sock *sk = sock->sk;
1706	struct irda_sock *self = irda_sk(sk);
1707
1708	pr_debug("%s(%p)\n", __func__, self);
1709
1710	lock_sock(sk);
1711
1712	sk->sk_state       = TCP_CLOSE;
1713	sk->sk_shutdown   |= SEND_SHUTDOWN;
1714	sk->sk_state_change(sk);
1715
1716	if (self->iriap) {
1717		iriap_close(self->iriap);
1718		self->iriap = NULL;
1719	}
1720
1721	if (self->tsap) {
1722		irttp_disconnect_request(self->tsap, NULL, P_NORMAL);
1723		irttp_close_tsap(self->tsap);
1724		self->tsap = NULL;
1725	}
1726
1727	/* A few cleanup so the socket look as good as new... */
1728	self->rx_flow = self->tx_flow = FLOW_START;	/* needed ??? */
1729	self->daddr = DEV_ADDR_ANY;	/* Until we get re-connected */
1730	self->saddr = 0x0;		/* so IrLMP assign us any link */
1731
1732	release_sock(sk);
1733
1734	return 0;
1735}
1736
1737/*
1738 * Function irda_poll (file, sock, wait)
1739 */
1740static unsigned int irda_poll(struct file * file, struct socket *sock,
1741			      poll_table *wait)
1742{
1743	struct sock *sk = sock->sk;
1744	struct irda_sock *self = irda_sk(sk);
1745	unsigned int mask;
1746
1747	poll_wait(file, sk_sleep(sk), wait);
1748	mask = 0;
1749
1750	/* Exceptional events? */
1751	if (sk->sk_err)
1752		mask |= POLLERR;
1753	if (sk->sk_shutdown & RCV_SHUTDOWN) {
1754		pr_debug("%s(), POLLHUP\n", __func__);
1755		mask |= POLLHUP;
1756	}
1757
1758	/* Readable? */
1759	if (!skb_queue_empty(&sk->sk_receive_queue)) {
1760		pr_debug("Socket is readable\n");
1761		mask |= POLLIN | POLLRDNORM;
1762	}
1763
1764	/* Connection-based need to check for termination and startup */
1765	switch (sk->sk_type) {
1766	case SOCK_STREAM:
1767		if (sk->sk_state == TCP_CLOSE) {
1768			pr_debug("%s(), POLLHUP\n", __func__);
1769			mask |= POLLHUP;
1770		}
1771
1772		if (sk->sk_state == TCP_ESTABLISHED) {
1773			if ((self->tx_flow == FLOW_START) &&
1774			    sock_writeable(sk))
1775			{
1776				mask |= POLLOUT | POLLWRNORM | POLLWRBAND;
1777			}
1778		}
1779		break;
1780	case SOCK_SEQPACKET:
1781		if ((self->tx_flow == FLOW_START) &&
1782		    sock_writeable(sk))
1783		{
1784			mask |= POLLOUT | POLLWRNORM | POLLWRBAND;
1785		}
1786		break;
1787	case SOCK_DGRAM:
1788		if (sock_writeable(sk))
1789			mask |= POLLOUT | POLLWRNORM | POLLWRBAND;
1790		break;
1791	default:
1792		break;
1793	}
1794
1795	return mask;
1796}
1797
1798/*
1799 * Function irda_ioctl (sock, cmd, arg)
1800 */
1801static int irda_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
1802{
1803	struct sock *sk = sock->sk;
1804	int err;
1805
1806	pr_debug("%s(), cmd=%#x\n", __func__, cmd);
1807
1808	err = -EINVAL;
1809	switch (cmd) {
1810	case TIOCOUTQ: {
1811		long amount;
1812
1813		amount = sk->sk_sndbuf - sk_wmem_alloc_get(sk);
1814		if (amount < 0)
1815			amount = 0;
1816		err = put_user(amount, (unsigned int __user *)arg);
1817		break;
1818	}
1819
1820	case TIOCINQ: {
1821		struct sk_buff *skb;
1822		long amount = 0L;
1823		/* These two are safe on a single CPU system as only user tasks fiddle here */
1824		if ((skb = skb_peek(&sk->sk_receive_queue)) != NULL)
1825			amount = skb->len;
1826		err = put_user(amount, (unsigned int __user *)arg);
1827		break;
1828	}
1829
1830	case SIOCGSTAMP:
1831		if (sk != NULL)
1832			err = sock_get_timestamp(sk, (struct timeval __user *)arg);
1833		break;
1834
1835	case SIOCGIFADDR:
1836	case SIOCSIFADDR:
1837	case SIOCGIFDSTADDR:
1838	case SIOCSIFDSTADDR:
1839	case SIOCGIFBRDADDR:
1840	case SIOCSIFBRDADDR:
1841	case SIOCGIFNETMASK:
1842	case SIOCSIFNETMASK:
1843	case SIOCGIFMETRIC:
1844	case SIOCSIFMETRIC:
1845		break;
1846	default:
1847		pr_debug("%s(), doing device ioctl!\n", __func__);
1848		err = -ENOIOCTLCMD;
1849	}
1850
1851	return err;
1852}
1853
1854#ifdef CONFIG_COMPAT
1855/*
1856 * Function irda_ioctl (sock, cmd, arg)
1857 */
1858static int irda_compat_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
1859{
1860	/*
1861	 * All IRDA's ioctl are standard ones.
1862	 */
1863	return -ENOIOCTLCMD;
1864}
1865#endif
1866
1867/*
1868 * Function irda_setsockopt (sock, level, optname, optval, optlen)
1869 *
1870 *    Set some options for the socket
1871 *
1872 */
1873static int irda_setsockopt(struct socket *sock, int level, int optname,
1874			   char __user *optval, unsigned int optlen)
1875{
1876	struct sock *sk = sock->sk;
1877	struct irda_sock *self = irda_sk(sk);
1878	struct irda_ias_set    *ias_opt;
1879	struct ias_object      *ias_obj;
1880	struct ias_attrib *	ias_attr;	/* Attribute in IAS object */
1881	int opt, free_ias = 0, err = 0;
1882
1883	pr_debug("%s(%p)\n", __func__, self);
1884
1885	if (level != SOL_IRLMP)
1886		return -ENOPROTOOPT;
1887
1888	lock_sock(sk);
1889
1890	switch (optname) {
1891	case IRLMP_IAS_SET:
1892		/* The user want to add an attribute to an existing IAS object
1893		 * (in the IAS database) or to create a new object with this
1894		 * attribute.
1895		 * We first query IAS to know if the object exist, and then
1896		 * create the right attribute...
1897		 */
1898
1899		if (optlen != sizeof(struct irda_ias_set)) {
1900			err = -EINVAL;
1901			goto out;
1902		}
1903
1904		/* Copy query to the driver. */
1905		ias_opt = memdup_user(optval, optlen);
1906		if (IS_ERR(ias_opt)) {
1907			err = PTR_ERR(ias_opt);
1908			goto out;
1909		}
1910
1911		/* Find the object we target.
1912		 * If the user gives us an empty string, we use the object
1913		 * associated with this socket. This will workaround
1914		 * duplicated class name - Jean II */
1915		if(ias_opt->irda_class_name[0] == '\0') {
1916			if(self->ias_obj == NULL) {
1917				kfree(ias_opt);
1918				err = -EINVAL;
1919				goto out;
1920			}
1921			ias_obj = self->ias_obj;
1922		} else
1923			ias_obj = irias_find_object(ias_opt->irda_class_name);
1924
1925		/* Only ROOT can mess with the global IAS database.
1926		 * Users can only add attributes to the object associated
1927		 * with the socket they own - Jean II */
1928		if((!capable(CAP_NET_ADMIN)) &&
1929		   ((ias_obj == NULL) || (ias_obj != self->ias_obj))) {
1930			kfree(ias_opt);
1931			err = -EPERM;
1932			goto out;
1933		}
1934
1935		/* If the object doesn't exist, create it */
1936		if(ias_obj == (struct ias_object *) NULL) {
1937			/* Create a new object */
1938			ias_obj = irias_new_object(ias_opt->irda_class_name,
1939						   jiffies);
1940			if (ias_obj == NULL) {
1941				kfree(ias_opt);
1942				err = -ENOMEM;
1943				goto out;
1944			}
1945			free_ias = 1;
1946		}
1947
1948		/* Do we have the attribute already ? */
1949		if(irias_find_attrib(ias_obj, ias_opt->irda_attrib_name)) {
1950			kfree(ias_opt);
1951			if (free_ias) {
1952				kfree(ias_obj->name);
1953				kfree(ias_obj);
1954			}
1955			err = -EINVAL;
1956			goto out;
1957		}
1958
1959		/* Look at the type */
1960		switch(ias_opt->irda_attrib_type) {
1961		case IAS_INTEGER:
1962			/* Add an integer attribute */
1963			irias_add_integer_attrib(
1964				ias_obj,
1965				ias_opt->irda_attrib_name,
1966				ias_opt->attribute.irda_attrib_int,
1967				IAS_USER_ATTR);
1968			break;
1969		case IAS_OCT_SEQ:
1970			/* Check length */
1971			if(ias_opt->attribute.irda_attrib_octet_seq.len >
1972			   IAS_MAX_OCTET_STRING) {
1973				kfree(ias_opt);
1974				if (free_ias) {
1975					kfree(ias_obj->name);
1976					kfree(ias_obj);
1977				}
1978
1979				err = -EINVAL;
1980				goto out;
1981			}
1982			/* Add an octet sequence attribute */
1983			irias_add_octseq_attrib(
1984			      ias_obj,
1985			      ias_opt->irda_attrib_name,
1986			      ias_opt->attribute.irda_attrib_octet_seq.octet_seq,
1987			      ias_opt->attribute.irda_attrib_octet_seq.len,
1988			      IAS_USER_ATTR);
1989			break;
1990		case IAS_STRING:
1991			/* Should check charset & co */
1992			/* Check length */
1993			/* The length is encoded in a __u8, and
1994			 * IAS_MAX_STRING == 256, so there is no way
1995			 * userspace can pass us a string too large.
1996			 * Jean II */
1997			/* NULL terminate the string (avoid troubles) */
1998			ias_opt->attribute.irda_attrib_string.string[ias_opt->attribute.irda_attrib_string.len] = '\0';
1999			/* Add a string attribute */
2000			irias_add_string_attrib(
2001				ias_obj,
2002				ias_opt->irda_attrib_name,
2003				ias_opt->attribute.irda_attrib_string.string,
2004				IAS_USER_ATTR);
2005			break;
2006		default :
2007			kfree(ias_opt);
2008			if (free_ias) {
2009				kfree(ias_obj->name);
2010				kfree(ias_obj);
2011			}
2012			err = -EINVAL;
2013			goto out;
2014		}
2015		irias_insert_object(ias_obj);
2016		kfree(ias_opt);
2017		break;
2018	case IRLMP_IAS_DEL:
2019		/* The user want to delete an object from our local IAS
2020		 * database. We just need to query the IAS, check is the
2021		 * object is not owned by the kernel and delete it.
2022		 */
2023
2024		if (optlen != sizeof(struct irda_ias_set)) {
2025			err = -EINVAL;
2026			goto out;
2027		}
2028
2029		/* Copy query to the driver. */
2030		ias_opt = memdup_user(optval, optlen);
2031		if (IS_ERR(ias_opt)) {
2032			err = PTR_ERR(ias_opt);
2033			goto out;
2034		}
2035
2036		/* Find the object we target.
2037		 * If the user gives us an empty string, we use the object
2038		 * associated with this socket. This will workaround
2039		 * duplicated class name - Jean II */
2040		if(ias_opt->irda_class_name[0] == '\0')
2041			ias_obj = self->ias_obj;
2042		else
2043			ias_obj = irias_find_object(ias_opt->irda_class_name);
2044		if(ias_obj == (struct ias_object *) NULL) {
2045			kfree(ias_opt);
2046			err = -EINVAL;
2047			goto out;
2048		}
2049
2050		/* Only ROOT can mess with the global IAS database.
2051		 * Users can only del attributes from the object associated
2052		 * with the socket they own - Jean II */
2053		if((!capable(CAP_NET_ADMIN)) &&
2054		   ((ias_obj == NULL) || (ias_obj != self->ias_obj))) {
2055			kfree(ias_opt);
2056			err = -EPERM;
2057			goto out;
2058		}
2059
2060		/* Find the attribute (in the object) we target */
2061		ias_attr = irias_find_attrib(ias_obj,
2062					     ias_opt->irda_attrib_name);
2063		if(ias_attr == (struct ias_attrib *) NULL) {
2064			kfree(ias_opt);
2065			err = -EINVAL;
2066			goto out;
2067		}
2068
2069		/* Check is the user space own the object */
2070		if(ias_attr->value->owner != IAS_USER_ATTR) {
2071			pr_debug("%s(), attempting to delete a kernel attribute\n",
2072				 __func__);
2073			kfree(ias_opt);
2074			err = -EPERM;
2075			goto out;
2076		}
2077
2078		/* Remove the attribute (and maybe the object) */
2079		irias_delete_attrib(ias_obj, ias_attr, 1);
2080		kfree(ias_opt);
2081		break;
2082	case IRLMP_MAX_SDU_SIZE:
2083		if (optlen < sizeof(int)) {
2084			err = -EINVAL;
2085			goto out;
2086		}
2087
2088		if (get_user(opt, (int __user *)optval)) {
2089			err = -EFAULT;
2090			goto out;
2091		}
2092
2093		/* Only possible for a seqpacket service (TTP with SAR) */
2094		if (sk->sk_type != SOCK_SEQPACKET) {
2095			pr_debug("%s(), setting max_sdu_size = %d\n",
2096				 __func__, opt);
2097			self->max_sdu_size_rx = opt;
2098		} else {
2099			net_warn_ratelimited("%s: not allowed to set MAXSDUSIZE for this socket type!\n",
2100					     __func__);
2101			err = -ENOPROTOOPT;
2102			goto out;
2103		}
2104		break;
2105	case IRLMP_HINTS_SET:
2106		if (optlen < sizeof(int)) {
2107			err = -EINVAL;
2108			goto out;
2109		}
2110
2111		/* The input is really a (__u8 hints[2]), easier as an int */
2112		if (get_user(opt, (int __user *)optval)) {
2113			err = -EFAULT;
2114			goto out;
2115		}
2116
2117		/* Unregister any old registration */
2118		irlmp_unregister_service(self->skey);
2119
2120		self->skey = irlmp_register_service((__u16) opt);
2121		break;
2122	case IRLMP_HINT_MASK_SET:
2123		/* As opposed to the previous case which set the hint bits
2124		 * that we advertise, this one set the filter we use when
2125		 * making a discovery (nodes which don't match any hint
2126		 * bit in the mask are not reported).
2127		 */
2128		if (optlen < sizeof(int)) {
2129			err = -EINVAL;
2130			goto out;
2131		}
2132
2133		/* The input is really a (__u8 hints[2]), easier as an int */
2134		if (get_user(opt, (int __user *)optval)) {
2135			err = -EFAULT;
2136			goto out;
2137		}
2138
2139		/* Set the new hint mask */
2140		self->mask.word = (__u16) opt;
2141		/* Mask out extension bits */
2142		self->mask.word &= 0x7f7f;
2143		/* Check if no bits */
2144		if(!self->mask.word)
2145			self->mask.word = 0xFFFF;
2146
2147		break;
2148	default:
2149		err = -ENOPROTOOPT;
2150		break;
2151	}
2152
2153out:
2154	release_sock(sk);
2155
2156	return err;
2157}
2158
2159/*
2160 * Function irda_extract_ias_value(ias_opt, ias_value)
2161 *
2162 *    Translate internal IAS value structure to the user space representation
2163 *
2164 * The external representation of IAS values, as we exchange them with
2165 * user space program is quite different from the internal representation,
2166 * as stored in the IAS database (because we need a flat structure for
2167 * crossing kernel boundary).
2168 * This function transform the former in the latter. We also check
2169 * that the value type is valid.
2170 */
2171static int irda_extract_ias_value(struct irda_ias_set *ias_opt,
2172				  struct ias_value *ias_value)
2173{
2174	/* Look at the type */
2175	switch (ias_value->type) {
2176	case IAS_INTEGER:
2177		/* Copy the integer */
2178		ias_opt->attribute.irda_attrib_int = ias_value->t.integer;
2179		break;
2180	case IAS_OCT_SEQ:
2181		/* Set length */
2182		ias_opt->attribute.irda_attrib_octet_seq.len = ias_value->len;
2183		/* Copy over */
2184		memcpy(ias_opt->attribute.irda_attrib_octet_seq.octet_seq,
2185		       ias_value->t.oct_seq, ias_value->len);
2186		break;
2187	case IAS_STRING:
2188		/* Set length */
2189		ias_opt->attribute.irda_attrib_string.len = ias_value->len;
2190		ias_opt->attribute.irda_attrib_string.charset = ias_value->charset;
2191		/* Copy over */
2192		memcpy(ias_opt->attribute.irda_attrib_string.string,
2193		       ias_value->t.string, ias_value->len);
2194		/* NULL terminate the string (avoid troubles) */
2195		ias_opt->attribute.irda_attrib_string.string[ias_value->len] = '\0';
2196		break;
2197	case IAS_MISSING:
2198	default :
2199		return -EINVAL;
2200	}
2201
2202	/* Copy type over */
2203	ias_opt->irda_attrib_type = ias_value->type;
2204
2205	return 0;
2206}
2207
2208/*
2209 * Function irda_getsockopt (sock, level, optname, optval, optlen)
2210 */
2211static int irda_getsockopt(struct socket *sock, int level, int optname,
2212			   char __user *optval, int __user *optlen)
2213{
2214	struct sock *sk = sock->sk;
2215	struct irda_sock *self = irda_sk(sk);
2216	struct irda_device_list list = { 0 };
2217	struct irda_device_info *discoveries;
2218	struct irda_ias_set *	ias_opt;	/* IAS get/query params */
2219	struct ias_object *	ias_obj;	/* Object in IAS */
2220	struct ias_attrib *	ias_attr;	/* Attribute in IAS object */
2221	int daddr = DEV_ADDR_ANY;	/* Dest address for IAS queries */
2222	int val = 0;
2223	int len = 0;
2224	int err = 0;
2225	int offset, total;
2226
2227	pr_debug("%s(%p)\n", __func__, self);
2228
2229	if (level != SOL_IRLMP)
2230		return -ENOPROTOOPT;
2231
2232	if (get_user(len, optlen))
2233		return -EFAULT;
2234
2235	if(len < 0)
2236		return -EINVAL;
2237
2238	lock_sock(sk);
2239
2240	switch (optname) {
2241	case IRLMP_ENUMDEVICES:
2242
2243		/* Offset to first device entry */
2244		offset = sizeof(struct irda_device_list) -
2245			sizeof(struct irda_device_info);
2246
2247		if (len < offset) {
2248			err = -EINVAL;
2249			goto out;
2250		}
2251
2252		/* Ask lmp for the current discovery log */
2253		discoveries = irlmp_get_discoveries(&list.len, self->mask.word,
2254						    self->nslots);
2255		/* Check if the we got some results */
2256		if (discoveries == NULL) {
2257			err = -EAGAIN;
2258			goto out;		/* Didn't find any devices */
2259		}
2260
2261		/* Write total list length back to client */
2262		if (copy_to_user(optval, &list, offset))
2263			err = -EFAULT;
2264
2265		/* Copy the list itself - watch for overflow */
2266		if (list.len > 2048) {
2267			err = -EINVAL;
2268			goto bed;
2269		}
2270		total = offset + (list.len * sizeof(struct irda_device_info));
2271		if (total > len)
2272			total = len;
2273		if (copy_to_user(optval+offset, discoveries, total - offset))
2274			err = -EFAULT;
2275
2276		/* Write total number of bytes used back to client */
2277		if (put_user(total, optlen))
2278			err = -EFAULT;
2279bed:
2280		/* Free up our buffer */
2281		kfree(discoveries);
2282		break;
2283	case IRLMP_MAX_SDU_SIZE:
2284		val = self->max_data_size;
2285		len = sizeof(int);
2286		if (put_user(len, optlen)) {
2287			err = -EFAULT;
2288			goto out;
2289		}
2290
2291		if (copy_to_user(optval, &val, len)) {
2292			err = -EFAULT;
2293			goto out;
2294		}
2295
2296		break;
2297	case IRLMP_IAS_GET:
2298		/* The user want an object from our local IAS database.
2299		 * We just need to query the IAS and return the value
2300		 * that we found */
2301
2302		/* Check that the user has allocated the right space for us */
2303		if (len != sizeof(struct irda_ias_set)) {
2304			err = -EINVAL;
2305			goto out;
2306		}
2307
2308		/* Copy query to the driver. */
2309		ias_opt = memdup_user(optval, len);
2310		if (IS_ERR(ias_opt)) {
2311			err = PTR_ERR(ias_opt);
2312			goto out;
2313		}
2314
2315		/* Find the object we target.
2316		 * If the user gives us an empty string, we use the object
2317		 * associated with this socket. This will workaround
2318		 * duplicated class name - Jean II */
2319		if(ias_opt->irda_class_name[0] == '\0')
2320			ias_obj = self->ias_obj;
2321		else
2322			ias_obj = irias_find_object(ias_opt->irda_class_name);
2323		if(ias_obj == (struct ias_object *) NULL) {
2324			kfree(ias_opt);
2325			err = -EINVAL;
2326			goto out;
2327		}
2328
2329		/* Find the attribute (in the object) we target */
2330		ias_attr = irias_find_attrib(ias_obj,
2331					     ias_opt->irda_attrib_name);
2332		if(ias_attr == (struct ias_attrib *) NULL) {
2333			kfree(ias_opt);
2334			err = -EINVAL;
2335			goto out;
2336		}
2337
2338		/* Translate from internal to user structure */
2339		err = irda_extract_ias_value(ias_opt, ias_attr->value);
2340		if(err) {
2341			kfree(ias_opt);
2342			goto out;
2343		}
2344
2345		/* Copy reply to the user */
2346		if (copy_to_user(optval, ias_opt,
2347				 sizeof(struct irda_ias_set))) {
2348			kfree(ias_opt);
2349			err = -EFAULT;
2350			goto out;
2351		}
2352		/* Note : don't need to put optlen, we checked it */
2353		kfree(ias_opt);
2354		break;
2355	case IRLMP_IAS_QUERY:
2356		/* The user want an object from a remote IAS database.
2357		 * We need to use IAP to query the remote database and
2358		 * then wait for the answer to come back. */
2359
2360		/* Check that the user has allocated the right space for us */
2361		if (len != sizeof(struct irda_ias_set)) {
2362			err = -EINVAL;
2363			goto out;
2364		}
2365
2366		/* Copy query to the driver. */
2367		ias_opt = memdup_user(optval, len);
2368		if (IS_ERR(ias_opt)) {
2369			err = PTR_ERR(ias_opt);
2370			goto out;
2371		}
2372
2373		/* At this point, there are two cases...
2374		 * 1) the socket is connected - that's the easy case, we
2375		 *	just query the device we are connected to...
2376		 * 2) the socket is not connected - the user doesn't want
2377		 *	to connect and/or may not have a valid service name
2378		 *	(so can't create a fake connection). In this case,
2379		 *	we assume that the user pass us a valid destination
2380		 *	address in the requesting structure...
2381		 */
2382		if(self->daddr != DEV_ADDR_ANY) {
2383			/* We are connected - reuse known daddr */
2384			daddr = self->daddr;
2385		} else {
2386			/* We are not connected, we must specify a valid
2387			 * destination address */
2388			daddr = ias_opt->daddr;
2389			if((!daddr) || (daddr == DEV_ADDR_ANY)) {
2390				kfree(ias_opt);
2391				err = -EINVAL;
2392				goto out;
2393			}
2394		}
2395
2396		/* Check that we can proceed with IAP */
2397		if (self->iriap) {
2398			net_warn_ratelimited("%s: busy with a previous query\n",
2399					     __func__);
2400			kfree(ias_opt);
2401			err = -EBUSY;
2402			goto out;
2403		}
2404
2405		self->iriap = iriap_open(LSAP_ANY, IAS_CLIENT, self,
2406					 irda_getvalue_confirm);
2407
2408		if (self->iriap == NULL) {
2409			kfree(ias_opt);
2410			err = -ENOMEM;
2411			goto out;
2412		}
2413
2414		/* Treat unexpected wakeup as disconnect */
2415		self->errno = -EHOSTUNREACH;
2416
2417		/* Query remote LM-IAS */
2418		iriap_getvaluebyclass_request(self->iriap,
2419					      self->saddr, daddr,
2420					      ias_opt->irda_class_name,
2421					      ias_opt->irda_attrib_name);
2422
2423		/* Wait for answer, if not yet finished (or failed) */
2424		if (wait_event_interruptible(self->query_wait,
2425					     (self->iriap == NULL))) {
2426			/* pending request uses copy of ias_opt-content
2427			 * we can free it regardless! */
2428			kfree(ias_opt);
2429			/* Treat signals as disconnect */
2430			err = -EHOSTUNREACH;
2431			goto out;
2432		}
2433
2434		/* Check what happened */
2435		if (self->errno)
2436		{
2437			kfree(ias_opt);
2438			/* Requested object/attribute doesn't exist */
2439			if((self->errno == IAS_CLASS_UNKNOWN) ||
2440			   (self->errno == IAS_ATTRIB_UNKNOWN))
2441				err = -EADDRNOTAVAIL;
2442			else
2443				err = -EHOSTUNREACH;
2444
2445			goto out;
2446		}
2447
2448		/* Translate from internal to user structure */
2449		err = irda_extract_ias_value(ias_opt, self->ias_result);
2450		if (self->ias_result)
2451			irias_delete_value(self->ias_result);
2452		if (err) {
2453			kfree(ias_opt);
2454			goto out;
2455		}
2456
2457		/* Copy reply to the user */
2458		if (copy_to_user(optval, ias_opt,
2459				 sizeof(struct irda_ias_set))) {
2460			kfree(ias_opt);
2461			err = -EFAULT;
2462			goto out;
2463		}
2464		/* Note : don't need to put optlen, we checked it */
2465		kfree(ias_opt);
2466		break;
2467	case IRLMP_WAITDEVICE:
2468		/* This function is just another way of seeing life ;-)
2469		 * IRLMP_ENUMDEVICES assumes that you have a static network,
2470		 * and that you just want to pick one of the devices present.
2471		 * On the other hand, in here we assume that no device is
2472		 * present and that at some point in the future a device will
2473		 * come into range. When this device arrive, we just wake
2474		 * up the caller, so that he has time to connect to it before
2475		 * the device goes away...
2476		 * Note : once the node has been discovered for more than a
2477		 * few second, it won't trigger this function, unless it
2478		 * goes away and come back changes its hint bits (so we
2479		 * might call it IRLMP_WAITNEWDEVICE).
2480		 */
2481
2482		/* Check that the user is passing us an int */
2483		if (len != sizeof(int)) {
2484			err = -EINVAL;
2485			goto out;
2486		}
2487		/* Get timeout in ms (max time we block the caller) */
2488		if (get_user(val, (int __user *)optval)) {
2489			err = -EFAULT;
2490			goto out;
2491		}
2492
2493		/* Tell IrLMP we want to be notified */
2494		irlmp_update_client(self->ckey, self->mask.word,
2495				    irda_selective_discovery_indication,
2496				    NULL, (void *) self);
2497
2498		/* Do some discovery (and also return cached results) */
2499		irlmp_discovery_request(self->nslots);
2500
2501		/* Wait until a node is discovered */
2502		if (!self->cachedaddr) {
2503			pr_debug("%s(), nothing discovered yet, going to sleep...\n",
2504				 __func__);
2505
2506			/* Set watchdog timer to expire in <val> ms. */
2507			self->errno = 0;
2508			setup_timer(&self->watchdog, irda_discovery_timeout,
2509					(unsigned long)self);
2510			mod_timer(&self->watchdog,
2511				  jiffies + msecs_to_jiffies(val));
2512
2513			/* Wait for IR-LMP to call us back */
2514			err = __wait_event_interruptible(self->query_wait,
2515			      (self->cachedaddr != 0 || self->errno == -ETIME));
2516
2517			/* If watchdog is still activated, kill it! */
2518			del_timer(&(self->watchdog));
2519
2520			pr_debug("%s(), ...waking up !\n", __func__);
2521
2522			if (err != 0)
2523				goto out;
2524		}
2525		else
2526			pr_debug("%s(), found immediately !\n",
2527				 __func__);
2528
2529		/* Tell IrLMP that we have been notified */
2530		irlmp_update_client(self->ckey, self->mask.word,
2531				    NULL, NULL, NULL);
2532
2533		/* Check if the we got some results */
2534		if (!self->cachedaddr) {
2535			err = -EAGAIN;		/* Didn't find any devices */
2536			goto out;
2537		}
2538		daddr = self->cachedaddr;
2539		/* Cleanup */
2540		self->cachedaddr = 0;
2541
2542		/* We return the daddr of the device that trigger the
2543		 * wakeup. As irlmp pass us only the new devices, we
2544		 * are sure that it's not an old device.
2545		 * If the user want more details, he should query
2546		 * the whole discovery log and pick one device...
2547		 */
2548		if (put_user(daddr, (int __user *)optval)) {
2549			err = -EFAULT;
2550			goto out;
2551		}
2552
2553		break;
2554	default:
2555		err = -ENOPROTOOPT;
2556	}
2557
2558out:
2559
2560	release_sock(sk);
2561
2562	return err;
2563}
2564
2565static const struct net_proto_family irda_family_ops = {
2566	.family = PF_IRDA,
2567	.create = irda_create,
2568	.owner	= THIS_MODULE,
2569};
2570
2571static const struct proto_ops irda_stream_ops = {
2572	.family =	PF_IRDA,
2573	.owner =	THIS_MODULE,
2574	.release =	irda_release,
2575	.bind =		irda_bind,
2576	.connect =	irda_connect,
2577	.socketpair =	sock_no_socketpair,
2578	.accept =	irda_accept,
2579	.getname =	irda_getname,
2580	.poll =		irda_poll,
2581	.ioctl =	irda_ioctl,
2582#ifdef CONFIG_COMPAT
2583	.compat_ioctl =	irda_compat_ioctl,
2584#endif
2585	.listen =	irda_listen,
2586	.shutdown =	irda_shutdown,
2587	.setsockopt =	irda_setsockopt,
2588	.getsockopt =	irda_getsockopt,
2589	.sendmsg =	irda_sendmsg,
2590	.recvmsg =	irda_recvmsg_stream,
2591	.mmap =		sock_no_mmap,
2592	.sendpage =	sock_no_sendpage,
2593};
2594
2595static const struct proto_ops irda_seqpacket_ops = {
2596	.family =	PF_IRDA,
2597	.owner =	THIS_MODULE,
2598	.release =	irda_release,
2599	.bind =		irda_bind,
2600	.connect =	irda_connect,
2601	.socketpair =	sock_no_socketpair,
2602	.accept =	irda_accept,
2603	.getname =	irda_getname,
2604	.poll =		datagram_poll,
2605	.ioctl =	irda_ioctl,
2606#ifdef CONFIG_COMPAT
2607	.compat_ioctl =	irda_compat_ioctl,
2608#endif
2609	.listen =	irda_listen,
2610	.shutdown =	irda_shutdown,
2611	.setsockopt =	irda_setsockopt,
2612	.getsockopt =	irda_getsockopt,
2613	.sendmsg =	irda_sendmsg,
2614	.recvmsg =	irda_recvmsg_dgram,
2615	.mmap =		sock_no_mmap,
2616	.sendpage =	sock_no_sendpage,
2617};
2618
2619static const struct proto_ops irda_dgram_ops = {
2620	.family =	PF_IRDA,
2621	.owner =	THIS_MODULE,
2622	.release =	irda_release,
2623	.bind =		irda_bind,
2624	.connect =	irda_connect,
2625	.socketpair =	sock_no_socketpair,
2626	.accept =	irda_accept,
2627	.getname =	irda_getname,
2628	.poll =		datagram_poll,
2629	.ioctl =	irda_ioctl,
2630#ifdef CONFIG_COMPAT
2631	.compat_ioctl =	irda_compat_ioctl,
2632#endif
2633	.listen =	irda_listen,
2634	.shutdown =	irda_shutdown,
2635	.setsockopt =	irda_setsockopt,
2636	.getsockopt =	irda_getsockopt,
2637	.sendmsg =	irda_sendmsg_dgram,
2638	.recvmsg =	irda_recvmsg_dgram,
2639	.mmap =		sock_no_mmap,
2640	.sendpage =	sock_no_sendpage,
2641};
2642
2643#ifdef CONFIG_IRDA_ULTRA
2644static const struct proto_ops irda_ultra_ops = {
2645	.family =	PF_IRDA,
2646	.owner =	THIS_MODULE,
2647	.release =	irda_release,
2648	.bind =		irda_bind,
2649	.connect =	sock_no_connect,
2650	.socketpair =	sock_no_socketpair,
2651	.accept =	sock_no_accept,
2652	.getname =	irda_getname,
2653	.poll =		datagram_poll,
2654	.ioctl =	irda_ioctl,
2655#ifdef CONFIG_COMPAT
2656	.compat_ioctl =	irda_compat_ioctl,
2657#endif
2658	.listen =	sock_no_listen,
2659	.shutdown =	irda_shutdown,
2660	.setsockopt =	irda_setsockopt,
2661	.getsockopt =	irda_getsockopt,
2662	.sendmsg =	irda_sendmsg_ultra,
2663	.recvmsg =	irda_recvmsg_dgram,
2664	.mmap =		sock_no_mmap,
2665	.sendpage =	sock_no_sendpage,
2666};
2667#endif /* CONFIG_IRDA_ULTRA */
2668
2669/*
2670 * Function irsock_init (pro)
2671 *
2672 *    Initialize IrDA protocol
2673 *
2674 */
2675int __init irsock_init(void)
2676{
2677	int rc = proto_register(&irda_proto, 0);
2678
2679	if (rc == 0)
2680		rc = sock_register(&irda_family_ops);
2681
2682	return rc;
2683}
2684
2685/*
2686 * Function irsock_cleanup (void)
2687 *
2688 *    Remove IrDA protocol
2689 *
2690 */
2691void irsock_cleanup(void)
2692{
2693	sock_unregister(PF_IRDA);
2694	proto_unregister(&irda_proto);
2695}
Configure Feed

Configure Feed
