Path: blob/main/sys/netgraph/bluetooth/socket/ng_btsocket_hci_raw.c
34677 views
/*1* ng_btsocket_hci_raw.c2*/34/*-5* SPDX-License-Identifier: BSD-2-Clause6*7* Copyright (c) 2001-2002 Maksim Yevmenkin <[email protected]>8* All rights reserved.9*10* Redistribution and use in source and binary forms, with or without11* modification, are permitted provided that the following conditions12* are met:13* 1. Redistributions of source code must retain the above copyright14* notice, this list of conditions and the following disclaimer.15* 2. Redistributions in binary form must reproduce the above copyright16* notice, this list of conditions and the following disclaimer in the17* documentation and/or other materials provided with the distribution.18*19* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND20* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE21* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE22* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE23* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL24* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS25* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)26* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT27* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY28* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF29* SUCH DAMAGE.30*31* $Id: ng_btsocket_hci_raw.c,v 1.14 2003/09/14 23:29:06 max Exp $32*/3334#include <sys/param.h>35#include <sys/systm.h>36#include <sys/bitstring.h>37#include <sys/domain.h>38#include <sys/endian.h>39#include <sys/errno.h>40#include <sys/filedesc.h>41#include <sys/ioccom.h>42#include <sys/kernel.h>43#include <sys/lock.h>44#include <sys/malloc.h>45#include <sys/mbuf.h>46#include <sys/mutex.h>47#include <sys/priv.h>48#include <sys/protosw.h>49#include <sys/queue.h>50#include <sys/socket.h>51#include <sys/socketvar.h>52#include <sys/sysctl.h>53#include <sys/taskqueue.h>5455#include <net/vnet.h>5657#include <netgraph/ng_message.h>58#include <netgraph/netgraph.h>59#include <netgraph/bluetooth/include/ng_bluetooth.h>60#include <netgraph/bluetooth/include/ng_hci.h>61#include <netgraph/bluetooth/include/ng_l2cap.h>62#include <netgraph/bluetooth/include/ng_btsocket.h>63#include <netgraph/bluetooth/include/ng_btsocket_hci_raw.h>6465/* MALLOC define */66#ifdef NG_SEPARATE_MALLOC67static MALLOC_DEFINE(M_NETGRAPH_BTSOCKET_HCI_RAW, "netgraph_btsocks_hci_raw",68"Netgraph Bluetooth raw HCI sockets");69#else70#define M_NETGRAPH_BTSOCKET_HCI_RAW M_NETGRAPH71#endif /* NG_SEPARATE_MALLOC */7273/* Netgraph node methods */74static ng_constructor_t ng_btsocket_hci_raw_node_constructor;75static ng_rcvmsg_t ng_btsocket_hci_raw_node_rcvmsg;76static ng_shutdown_t ng_btsocket_hci_raw_node_shutdown;77static ng_newhook_t ng_btsocket_hci_raw_node_newhook;78static ng_connect_t ng_btsocket_hci_raw_node_connect;79static ng_rcvdata_t ng_btsocket_hci_raw_node_rcvdata;80static ng_disconnect_t ng_btsocket_hci_raw_node_disconnect;8182static void ng_btsocket_hci_raw_input (void *, int);83static void ng_btsocket_hci_raw_output(node_p, hook_p, void *, int);84static void ng_btsocket_hci_raw_savctl(ng_btsocket_hci_raw_pcb_p,85struct mbuf **,86struct mbuf *);87static int ng_btsocket_hci_raw_filter(ng_btsocket_hci_raw_pcb_p,88struct mbuf *, int);8990#define ng_btsocket_hci_raw_wakeup_input_task() \91taskqueue_enqueue(taskqueue_swi, &ng_btsocket_hci_raw_task)9293/* Security filter */94struct ng_btsocket_hci_raw_sec_filter {95bitstr_t bit_decl(events, 0xff);96bitstr_t bit_decl(commands[0x3f], 0x3ff);97};9899/* Netgraph type descriptor */100static struct ng_type typestruct = {101.version = NG_ABI_VERSION,102.name = NG_BTSOCKET_HCI_RAW_NODE_TYPE,103.constructor = ng_btsocket_hci_raw_node_constructor,104.rcvmsg = ng_btsocket_hci_raw_node_rcvmsg,105.shutdown = ng_btsocket_hci_raw_node_shutdown,106.newhook = ng_btsocket_hci_raw_node_newhook,107.connect = ng_btsocket_hci_raw_node_connect,108.rcvdata = ng_btsocket_hci_raw_node_rcvdata,109.disconnect = ng_btsocket_hci_raw_node_disconnect,110};111112/* Globals */113static u_int32_t ng_btsocket_hci_raw_debug_level;114static u_int32_t ng_btsocket_hci_raw_ioctl_timeout;115static node_p ng_btsocket_hci_raw_node;116static struct ng_bt_itemq ng_btsocket_hci_raw_queue;117static struct mtx ng_btsocket_hci_raw_queue_mtx;118static struct task ng_btsocket_hci_raw_task;119static LIST_HEAD(, ng_btsocket_hci_raw_pcb) ng_btsocket_hci_raw_sockets;120static struct mtx ng_btsocket_hci_raw_sockets_mtx;121static u_int32_t ng_btsocket_hci_raw_token;122static struct mtx ng_btsocket_hci_raw_token_mtx;123static struct ng_btsocket_hci_raw_sec_filter *ng_btsocket_hci_raw_sec_filter;124static struct timeval ng_btsocket_hci_raw_lasttime;125static int ng_btsocket_hci_raw_curpps;126127/* Sysctl tree */128SYSCTL_DECL(_net_bluetooth_hci_sockets);129static SYSCTL_NODE(_net_bluetooth_hci_sockets, OID_AUTO, raw,130CTLFLAG_RW | CTLFLAG_MPSAFE, 0,131"Bluetooth raw HCI sockets family");132SYSCTL_UINT(_net_bluetooth_hci_sockets_raw, OID_AUTO, debug_level, CTLFLAG_RW,133&ng_btsocket_hci_raw_debug_level, NG_BTSOCKET_WARN_LEVEL,134"Bluetooth raw HCI sockets debug level");135SYSCTL_UINT(_net_bluetooth_hci_sockets_raw, OID_AUTO, ioctl_timeout, CTLFLAG_RW,136&ng_btsocket_hci_raw_ioctl_timeout, 5,137"Bluetooth raw HCI sockets ioctl timeout");138SYSCTL_UINT(_net_bluetooth_hci_sockets_raw, OID_AUTO, queue_len, CTLFLAG_RD,139&ng_btsocket_hci_raw_queue.len, 0,140"Bluetooth raw HCI sockets input queue length");141SYSCTL_UINT(_net_bluetooth_hci_sockets_raw, OID_AUTO, queue_maxlen, CTLFLAG_RD,142&ng_btsocket_hci_raw_queue.maxlen, 0,143"Bluetooth raw HCI sockets input queue max. length");144SYSCTL_UINT(_net_bluetooth_hci_sockets_raw, OID_AUTO, queue_drops, CTLFLAG_RD,145&ng_btsocket_hci_raw_queue.drops, 0,146"Bluetooth raw HCI sockets input queue drops");147148/* Debug */149#define NG_BTSOCKET_HCI_RAW_INFO \150if (ng_btsocket_hci_raw_debug_level >= NG_BTSOCKET_INFO_LEVEL && \151ppsratecheck(&ng_btsocket_hci_raw_lasttime, &ng_btsocket_hci_raw_curpps, 1)) \152printf153154#define NG_BTSOCKET_HCI_RAW_WARN \155if (ng_btsocket_hci_raw_debug_level >= NG_BTSOCKET_WARN_LEVEL && \156ppsratecheck(&ng_btsocket_hci_raw_lasttime, &ng_btsocket_hci_raw_curpps, 1)) \157printf158159#define NG_BTSOCKET_HCI_RAW_ERR \160if (ng_btsocket_hci_raw_debug_level >= NG_BTSOCKET_ERR_LEVEL && \161ppsratecheck(&ng_btsocket_hci_raw_lasttime, &ng_btsocket_hci_raw_curpps, 1)) \162printf163164#define NG_BTSOCKET_HCI_RAW_ALERT \165if (ng_btsocket_hci_raw_debug_level >= NG_BTSOCKET_ALERT_LEVEL && \166ppsratecheck(&ng_btsocket_hci_raw_lasttime, &ng_btsocket_hci_raw_curpps, 1)) \167printf168169/****************************************************************************170****************************************************************************171** Netgraph specific172****************************************************************************173****************************************************************************/174175/*176* Netgraph node constructor. Do not allow to create node of this type.177*/178179static int180ng_btsocket_hci_raw_node_constructor(node_p node)181{182return (EINVAL);183} /* ng_btsocket_hci_raw_node_constructor */184185/*186* Netgraph node destructor. Just let old node go and create new fresh one.187*/188189static int190ng_btsocket_hci_raw_node_shutdown(node_p node)191{192int error = 0;193194NG_NODE_UNREF(node);195196error = ng_make_node_common(&typestruct, &ng_btsocket_hci_raw_node);197if (error != 0) {198NG_BTSOCKET_HCI_RAW_ALERT(199"%s: Could not create Netgraph node, error=%d\n", __func__, error);200201ng_btsocket_hci_raw_node = NULL;202203return (ENOMEM);204}205206error = ng_name_node(ng_btsocket_hci_raw_node,207NG_BTSOCKET_HCI_RAW_NODE_TYPE);208if (error != 0) {209NG_BTSOCKET_HCI_RAW_ALERT(210"%s: Could not name Netgraph node, error=%d\n", __func__, error);211212NG_NODE_UNREF(ng_btsocket_hci_raw_node);213ng_btsocket_hci_raw_node = NULL;214215return (EINVAL);216}217218return (0);219} /* ng_btsocket_hci_raw_node_shutdown */220221/*222* Create new hook. Just say "yes"223*/224225static int226ng_btsocket_hci_raw_node_newhook(node_p node, hook_p hook, char const *name)227{228return (0);229} /* ng_btsocket_hci_raw_node_newhook */230231/*232* Connect hook. Just say "yes"233*/234235static int236ng_btsocket_hci_raw_node_connect(hook_p hook)237{238return (0);239} /* ng_btsocket_hci_raw_node_connect */240241/*242* Disconnect hook243*/244245static int246ng_btsocket_hci_raw_node_disconnect(hook_p hook)247{248return (0);249} /* ng_btsocket_hci_raw_node_disconnect */250251/*252* Receive control message.253* Make sure it is a message from HCI node and it is a response.254* Enqueue item and schedule input task.255*/256257static int258ng_btsocket_hci_raw_node_rcvmsg(node_p node, item_p item, hook_p lasthook)259{260struct ng_mesg *msg = NGI_MSG(item); /* item still has message */261int error = 0;262263/*264* Check for empty sockets list creates LOR when both sender and265* receiver device are connected to the same host, so remove it266* for now267*/268269if (msg != NULL &&270(msg->header.typecookie == NGM_HCI_COOKIE ||271msg->header.typecookie == NGM_GENERIC_COOKIE) &&272msg->header.flags & NGF_RESP) {273if (msg->header.token == 0) {274NG_FREE_ITEM(item);275return (0);276}277278mtx_lock(&ng_btsocket_hci_raw_queue_mtx);279if (NG_BT_ITEMQ_FULL(&ng_btsocket_hci_raw_queue)) {280NG_BTSOCKET_HCI_RAW_ERR(281"%s: Input queue is full\n", __func__);282283NG_BT_ITEMQ_DROP(&ng_btsocket_hci_raw_queue);284NG_FREE_ITEM(item);285error = ENOBUFS;286} else {287NG_BT_ITEMQ_ENQUEUE(&ng_btsocket_hci_raw_queue, item);288error = ng_btsocket_hci_raw_wakeup_input_task();289}290mtx_unlock(&ng_btsocket_hci_raw_queue_mtx);291} else {292NG_FREE_ITEM(item);293error = EINVAL;294}295296return (error);297} /* ng_btsocket_hci_raw_node_rcvmsg */298299/*300* Receive packet from the one of our hook.301* Prepend every packet with sockaddr_hci and record sender's node name.302* Enqueue item and schedule input task.303*/304305static int306ng_btsocket_hci_raw_node_rcvdata(hook_p hook, item_p item)307{308struct mbuf *nam = NULL;309int error;310311/*312* Check for empty sockets list creates LOR when both sender and313* receiver device are connected to the same host, so remove it314* for now315*/316317MGET(nam, M_NOWAIT, MT_SONAME);318if (nam != NULL) {319struct sockaddr_hci *sa = mtod(nam, struct sockaddr_hci *);320321nam->m_len = sizeof(struct sockaddr_hci);322323sa->hci_len = sizeof(*sa);324sa->hci_family = AF_BLUETOOTH;325strlcpy(sa->hci_node, NG_PEER_NODE_NAME(hook),326sizeof(sa->hci_node));327328NGI_GET_M(item, nam->m_next);329NGI_M(item) = nam;330331mtx_lock(&ng_btsocket_hci_raw_queue_mtx);332if (NG_BT_ITEMQ_FULL(&ng_btsocket_hci_raw_queue)) {333NG_BTSOCKET_HCI_RAW_ERR(334"%s: Input queue is full\n", __func__);335336NG_BT_ITEMQ_DROP(&ng_btsocket_hci_raw_queue);337NG_FREE_ITEM(item);338error = ENOBUFS;339} else {340NG_BT_ITEMQ_ENQUEUE(&ng_btsocket_hci_raw_queue, item);341error = ng_btsocket_hci_raw_wakeup_input_task();342}343mtx_unlock(&ng_btsocket_hci_raw_queue_mtx);344} else {345NG_BTSOCKET_HCI_RAW_ERR(346"%s: Failed to allocate address mbuf\n", __func__);347348NG_FREE_ITEM(item);349error = ENOBUFS;350}351352return (error);353} /* ng_btsocket_hci_raw_node_rcvdata */354355/****************************************************************************356****************************************************************************357** Sockets specific358****************************************************************************359****************************************************************************/360361/*362* Get next token. We need token to avoid theoretical race where process363* submits ioctl() message then interrupts ioctl() and re-submits another364* ioctl() on the same socket *before* first ioctl() complete.365*/366367static void368ng_btsocket_hci_raw_get_token(u_int32_t *token)369{370mtx_lock(&ng_btsocket_hci_raw_token_mtx);371372if (++ ng_btsocket_hci_raw_token == 0)373ng_btsocket_hci_raw_token = 1;374375*token = ng_btsocket_hci_raw_token;376377mtx_unlock(&ng_btsocket_hci_raw_token_mtx);378} /* ng_btsocket_hci_raw_get_token */379380/*381* Send Netgraph message to the node - do not expect reply382*/383384static int385ng_btsocket_hci_raw_send_ngmsg(char *path, int cmd, void *arg, int arglen)386{387struct ng_mesg *msg = NULL;388int error = 0;389390NG_MKMESSAGE(msg, NGM_HCI_COOKIE, cmd, arglen, M_NOWAIT);391if (msg == NULL)392return (ENOMEM);393394if (arg != NULL && arglen > 0)395bcopy(arg, msg->data, arglen);396397NG_SEND_MSG_PATH(error, ng_btsocket_hci_raw_node, msg, path, 0);398399return (error);400} /* ng_btsocket_hci_raw_send_ngmsg */401402/*403* Send Netgraph message to the node (no data) and wait for reply404*/405406static int407ng_btsocket_hci_raw_send_sync_ngmsg(ng_btsocket_hci_raw_pcb_p pcb, char *path,408int cmd, void *rsp, int rsplen)409{410struct ng_mesg *msg = NULL;411int error = 0;412413mtx_assert(&pcb->pcb_mtx, MA_OWNED);414415NG_MKMESSAGE(msg, NGM_HCI_COOKIE, cmd, 0, M_NOWAIT);416if (msg == NULL)417return (ENOMEM);418419ng_btsocket_hci_raw_get_token(&msg->header.token);420pcb->token = msg->header.token;421pcb->msg = NULL;422423NG_SEND_MSG_PATH(error, ng_btsocket_hci_raw_node, msg, path, 0);424if (error != 0) {425pcb->token = 0;426return (error);427}428429error = msleep(&pcb->msg, &pcb->pcb_mtx, PZERO|PCATCH, "hcictl",430ng_btsocket_hci_raw_ioctl_timeout * hz);431pcb->token = 0;432433if (error != 0)434return (error);435436if (pcb->msg != NULL && pcb->msg->header.cmd == cmd)437bcopy(pcb->msg->data, rsp, rsplen);438else439error = EINVAL;440441NG_FREE_MSG(pcb->msg); /* checks for != NULL */442443return (0);444} /* ng_btsocket_hci_raw_send_sync_ngmsg */445446/*447* Create control information for the packet448*/449450static void451ng_btsocket_hci_raw_savctl(ng_btsocket_hci_raw_pcb_p pcb, struct mbuf **ctl,452struct mbuf *m)453{454int dir;455struct timeval tv;456457mtx_assert(&pcb->pcb_mtx, MA_OWNED);458459if (pcb->flags & NG_BTSOCKET_HCI_RAW_DIRECTION) {460dir = (m->m_flags & M_PROTO1)? 1 : 0;461*ctl = sbcreatecontrol(&dir, sizeof(dir),462SCM_HCI_RAW_DIRECTION, SOL_HCI_RAW, M_NOWAIT);463if (*ctl != NULL)464ctl = &((*ctl)->m_next);465}466467if (pcb->so->so_options & SO_TIMESTAMP) {468microtime(&tv);469*ctl = sbcreatecontrol(&tv, sizeof(tv), SCM_TIMESTAMP,470SOL_SOCKET, M_NOWAIT);471if (*ctl != NULL)472ctl = &((*ctl)->m_next);473}474} /* ng_btsocket_hci_raw_savctl */475476/*477* Raw HCI sockets data input routine478*/479480static void481ng_btsocket_hci_raw_data_input(struct mbuf *nam)482{483ng_btsocket_hci_raw_pcb_p pcb = NULL;484struct mbuf *m0 = NULL, *m = NULL;485struct sockaddr_hci *sa = NULL;486487m0 = nam->m_next;488nam->m_next = NULL;489490KASSERT((nam->m_type == MT_SONAME),491("%s: m_type=%d\n", __func__, nam->m_type));492KASSERT((m0->m_flags & M_PKTHDR),493("%s: m_flags=%#x\n", __func__, m0->m_flags));494495sa = mtod(nam, struct sockaddr_hci *);496497mtx_lock(&ng_btsocket_hci_raw_sockets_mtx);498499LIST_FOREACH(pcb, &ng_btsocket_hci_raw_sockets, next) {500mtx_lock(&pcb->pcb_mtx);501502/*503* If socket was bound then check address and504* make sure it matches.505*/506507if (pcb->addr.hci_node[0] != 0 &&508strcmp(sa->hci_node, pcb->addr.hci_node) != 0)509goto next;510511/*512* Check packet against filters513* XXX do we have to call m_pullup() here?514*/515516if (ng_btsocket_hci_raw_filter(pcb, m0, 1) != 0)517goto next;518519/*520* Make a copy of the packet, append to the socket's521* receive queue and wakeup socket. sbappendaddr()522* will check if socket has enough buffer space.523*/524525m = m_dup(m0, M_NOWAIT);526if (m != NULL) {527struct mbuf *ctl = NULL;528529ng_btsocket_hci_raw_savctl(pcb, &ctl, m);530531if (sbappendaddr(&pcb->so->so_rcv,532(struct sockaddr *) sa, m, ctl))533sorwakeup(pcb->so);534else {535NG_BTSOCKET_HCI_RAW_INFO(536"%s: sbappendaddr() failed\n", __func__);537538NG_FREE_M(m);539NG_FREE_M(ctl);540soroverflow(pcb->so);541}542}543next:544mtx_unlock(&pcb->pcb_mtx);545}546547mtx_unlock(&ng_btsocket_hci_raw_sockets_mtx);548549NG_FREE_M(nam);550NG_FREE_M(m0);551} /* ng_btsocket_hci_raw_data_input */552553/*554* Raw HCI sockets message input routine555*/556557static void558ng_btsocket_hci_raw_msg_input(struct ng_mesg *msg)559{560ng_btsocket_hci_raw_pcb_p pcb = NULL;561562mtx_lock(&ng_btsocket_hci_raw_sockets_mtx);563564LIST_FOREACH(pcb, &ng_btsocket_hci_raw_sockets, next) {565mtx_lock(&pcb->pcb_mtx);566567if (msg->header.token == pcb->token) {568pcb->msg = msg;569wakeup(&pcb->msg);570571mtx_unlock(&pcb->pcb_mtx);572mtx_unlock(&ng_btsocket_hci_raw_sockets_mtx);573574return;575}576577mtx_unlock(&pcb->pcb_mtx);578}579580mtx_unlock(&ng_btsocket_hci_raw_sockets_mtx);581582NG_FREE_MSG(msg); /* checks for != NULL */583} /* ng_btsocket_hci_raw_msg_input */584585/*586* Raw HCI sockets input routines587*/588589static void590ng_btsocket_hci_raw_input(void *context, int pending)591{592item_p item = NULL;593594for (;;) {595mtx_lock(&ng_btsocket_hci_raw_queue_mtx);596NG_BT_ITEMQ_DEQUEUE(&ng_btsocket_hci_raw_queue, item);597mtx_unlock(&ng_btsocket_hci_raw_queue_mtx);598599if (item == NULL)600break;601602switch(item->el_flags & NGQF_TYPE) {603case NGQF_DATA: {604struct mbuf *m = NULL;605606NGI_GET_M(item, m);607ng_btsocket_hci_raw_data_input(m);608} break;609610case NGQF_MESG: {611struct ng_mesg *msg = NULL;612613NGI_GET_MSG(item, msg);614ng_btsocket_hci_raw_msg_input(msg);615} break;616617default:618KASSERT(0,619("%s: invalid item type=%ld\n", __func__, (item->el_flags & NGQF_TYPE)));620break;621}622623NG_FREE_ITEM(item);624}625} /* ng_btsocket_hci_raw_input */626627/*628* Raw HCI sockets output routine629*/630631static void632ng_btsocket_hci_raw_output(node_p node, hook_p hook, void *arg1, int arg2)633{634struct mbuf *nam = (struct mbuf *) arg1, *m = NULL;635struct sockaddr_hci *sa = NULL;636int error;637638m = nam->m_next;639nam->m_next = NULL;640641KASSERT((nam->m_type == MT_SONAME),642("%s: m_type=%d\n", __func__, nam->m_type));643KASSERT((m->m_flags & M_PKTHDR),644("%s: m_flags=%#x\n", __func__, m->m_flags));645646sa = mtod(nam, struct sockaddr_hci *);647648/*649* Find downstream hook650* XXX For now access node hook list directly. Should be safe because651* we used ng_send_fn() and we should have exclusive lock on the node.652*/653654LIST_FOREACH(hook, &node->nd_hooks, hk_hooks) {655if (hook == NULL || NG_HOOK_NOT_VALID(hook) ||656NG_NODE_NOT_VALID(NG_PEER_NODE(hook)))657continue;658659if (strcmp(sa->hci_node, NG_PEER_NODE_NAME(hook)) == 0) {660NG_SEND_DATA_ONLY(error, hook, m); /* sets m to NULL */661break;662}663}664665NG_FREE_M(nam); /* check for != NULL */666NG_FREE_M(m);667} /* ng_btsocket_hci_raw_output */668669/*670* Check frame against security and socket filters.671* d (direction bit) == 1 means incoming frame.672*/673674static int675ng_btsocket_hci_raw_filter(ng_btsocket_hci_raw_pcb_p pcb, struct mbuf *m, int d)676{677int type, event, opcode;678679mtx_assert(&pcb->pcb_mtx, MA_OWNED);680681switch ((type = *mtod(m, u_int8_t *))) {682case NG_HCI_CMD_PKT:683if (!(pcb->flags & NG_BTSOCKET_HCI_RAW_PRIVILEGED)) {684opcode = le16toh(mtod(m, ng_hci_cmd_pkt_t *)->opcode);685686if (!bit_test(687ng_btsocket_hci_raw_sec_filter->commands[NG_HCI_OGF(opcode) - 1],688NG_HCI_OCF(opcode) - 1))689return (EPERM);690}691692if (d && !bit_test(pcb->filter.packet_mask, NG_HCI_CMD_PKT - 1))693return (EPERM);694break;695696case NG_HCI_ACL_DATA_PKT:697case NG_HCI_SCO_DATA_PKT:698if (!(pcb->flags & NG_BTSOCKET_HCI_RAW_PRIVILEGED) ||699!bit_test(pcb->filter.packet_mask, type - 1) ||700!d)701return (EPERM);702break;703704case NG_HCI_EVENT_PKT:705if (!d)706return (EINVAL);707708event = mtod(m, ng_hci_event_pkt_t *)->event - 1;709710if (!(pcb->flags & NG_BTSOCKET_HCI_RAW_PRIVILEGED))711if (!bit_test(ng_btsocket_hci_raw_sec_filter->events, event))712return (EPERM);713714if (!bit_test(pcb->filter.event_mask, event))715return (EPERM);716break;717718default:719return (EINVAL);720}721722return (0);723} /* ng_btsocket_hci_raw_filter */724725/*726* Initialize everything727*/728729static void730ng_btsocket_hci_raw_init(void *arg __unused)731{732bitstr_t *f = NULL;733int error = 0;734735ng_btsocket_hci_raw_node = NULL;736ng_btsocket_hci_raw_debug_level = NG_BTSOCKET_WARN_LEVEL;737ng_btsocket_hci_raw_ioctl_timeout = 5;738739/* Register Netgraph node type */740error = ng_newtype(&typestruct);741if (error != 0) {742NG_BTSOCKET_HCI_RAW_ALERT(743"%s: Could not register Netgraph node type, error=%d\n", __func__, error);744745return;746}747748/* Create Netgrapg node */749error = ng_make_node_common(&typestruct, &ng_btsocket_hci_raw_node);750if (error != 0) {751NG_BTSOCKET_HCI_RAW_ALERT(752"%s: Could not create Netgraph node, error=%d\n", __func__, error);753754ng_btsocket_hci_raw_node = NULL;755756return;757}758759error = ng_name_node(ng_btsocket_hci_raw_node,760NG_BTSOCKET_HCI_RAW_NODE_TYPE);761if (error != 0) {762NG_BTSOCKET_HCI_RAW_ALERT(763"%s: Could not name Netgraph node, error=%d\n", __func__, error);764765NG_NODE_UNREF(ng_btsocket_hci_raw_node);766ng_btsocket_hci_raw_node = NULL;767768return;769}770771/* Create input queue */772NG_BT_ITEMQ_INIT(&ng_btsocket_hci_raw_queue, 300);773mtx_init(&ng_btsocket_hci_raw_queue_mtx,774"btsocks_hci_raw_queue_mtx", NULL, MTX_DEF);775TASK_INIT(&ng_btsocket_hci_raw_task, 0,776ng_btsocket_hci_raw_input, NULL);777778/* Create list of sockets */779LIST_INIT(&ng_btsocket_hci_raw_sockets);780mtx_init(&ng_btsocket_hci_raw_sockets_mtx,781"btsocks_hci_raw_sockets_mtx", NULL, MTX_DEF);782783/* Tokens */784ng_btsocket_hci_raw_token = 0;785mtx_init(&ng_btsocket_hci_raw_token_mtx,786"btsocks_hci_raw_token_mtx", NULL, MTX_DEF);787788/*789* Security filter790* XXX never free()ed791*/792ng_btsocket_hci_raw_sec_filter =793malloc(sizeof(struct ng_btsocket_hci_raw_sec_filter),794M_NETGRAPH_BTSOCKET_HCI_RAW, M_NOWAIT|M_ZERO);795if (ng_btsocket_hci_raw_sec_filter == NULL) {796printf("%s: Could not allocate security filter!\n", __func__);797return;798}799800/*801* XXX How paranoid can we get?802*803* Initialize security filter. If bit is set in the mask then804* unprivileged socket is allowed to send (receive) this command805* (event).806*/807808/* Enable all events */809memset(&ng_btsocket_hci_raw_sec_filter->events, 0xff,810sizeof(ng_btsocket_hci_raw_sec_filter->events));811812/* Disable some critical events */813f = ng_btsocket_hci_raw_sec_filter->events;814bit_clear(f, NG_HCI_EVENT_RETURN_LINK_KEYS - 1);815bit_clear(f, NG_HCI_EVENT_LINK_KEY_NOTIFICATION - 1);816bit_clear(f, NG_HCI_EVENT_VENDOR - 1);817818/* Commands - Link control */819f = ng_btsocket_hci_raw_sec_filter->commands[NG_HCI_OGF_LINK_CONTROL-1];820bit_set(f, NG_HCI_OCF_INQUIRY - 1);821bit_set(f, NG_HCI_OCF_INQUIRY_CANCEL - 1);822bit_set(f, NG_HCI_OCF_PERIODIC_INQUIRY - 1);823bit_set(f, NG_HCI_OCF_EXIT_PERIODIC_INQUIRY - 1);824bit_set(f, NG_HCI_OCF_REMOTE_NAME_REQ - 1);825bit_set(f, NG_HCI_OCF_READ_REMOTE_FEATURES - 1);826bit_set(f, NG_HCI_OCF_READ_REMOTE_VER_INFO - 1);827bit_set(f, NG_HCI_OCF_READ_CLOCK_OFFSET - 1);828829/* Commands - Link policy */830f = ng_btsocket_hci_raw_sec_filter->commands[NG_HCI_OGF_LINK_POLICY-1];831bit_set(f, NG_HCI_OCF_ROLE_DISCOVERY - 1);832bit_set(f, NG_HCI_OCF_READ_LINK_POLICY_SETTINGS - 1);833834/* Commands - Host controller and baseband */835f = ng_btsocket_hci_raw_sec_filter->commands[NG_HCI_OGF_HC_BASEBAND-1];836bit_set(f, NG_HCI_OCF_READ_PIN_TYPE - 1);837bit_set(f, NG_HCI_OCF_READ_LOCAL_NAME - 1);838bit_set(f, NG_HCI_OCF_READ_CON_ACCEPT_TIMO - 1);839bit_set(f, NG_HCI_OCF_READ_PAGE_TIMO - 1);840bit_set(f, NG_HCI_OCF_READ_SCAN_ENABLE - 1);841bit_set(f, NG_HCI_OCF_READ_PAGE_SCAN_ACTIVITY - 1);842bit_set(f, NG_HCI_OCF_READ_INQUIRY_SCAN_ACTIVITY - 1);843bit_set(f, NG_HCI_OCF_READ_AUTH_ENABLE - 1);844bit_set(f, NG_HCI_OCF_READ_ENCRYPTION_MODE - 1);845bit_set(f, NG_HCI_OCF_READ_UNIT_CLASS - 1);846bit_set(f, NG_HCI_OCF_READ_VOICE_SETTINGS - 1);847bit_set(f, NG_HCI_OCF_READ_AUTO_FLUSH_TIMO - 1);848bit_set(f, NG_HCI_OCF_READ_NUM_BROADCAST_RETRANS - 1);849bit_set(f, NG_HCI_OCF_READ_HOLD_MODE_ACTIVITY - 1);850bit_set(f, NG_HCI_OCF_READ_XMIT_LEVEL - 1);851bit_set(f, NG_HCI_OCF_READ_SCO_FLOW_CONTROL - 1);852bit_set(f, NG_HCI_OCF_READ_LINK_SUPERVISION_TIMO - 1);853bit_set(f, NG_HCI_OCF_READ_SUPPORTED_IAC_NUM - 1);854bit_set(f, NG_HCI_OCF_READ_IAC_LAP - 1);855bit_set(f, NG_HCI_OCF_READ_PAGE_SCAN_PERIOD - 1);856bit_set(f, NG_HCI_OCF_READ_PAGE_SCAN - 1);857bit_set(f, NG_HCI_OCF_READ_LE_HOST_SUPPORTED -1);858859/* Commands - Informational */860f = ng_btsocket_hci_raw_sec_filter->commands[NG_HCI_OGF_INFO - 1];861bit_set(f, NG_HCI_OCF_READ_LOCAL_VER - 1);862bit_set(f, NG_HCI_OCF_READ_LOCAL_FEATURES - 1);863bit_set(f, NG_HCI_OCF_READ_BUFFER_SIZE - 1);864bit_set(f, NG_HCI_OCF_READ_COUNTRY_CODE - 1);865bit_set(f, NG_HCI_OCF_READ_BDADDR - 1);866867/* Commands - Status */868f = ng_btsocket_hci_raw_sec_filter->commands[NG_HCI_OGF_STATUS - 1];869bit_set(f, NG_HCI_OCF_READ_FAILED_CONTACT_CNTR - 1);870bit_set(f, NG_HCI_OCF_GET_LINK_QUALITY - 1);871bit_set(f, NG_HCI_OCF_READ_RSSI - 1);872873/* Commands - Testing */874f = ng_btsocket_hci_raw_sec_filter->commands[NG_HCI_OGF_TESTING - 1];875bit_set(f, NG_HCI_OCF_READ_LOOPBACK_MODE - 1);876/*Commands - LE*/877f = ng_btsocket_hci_raw_sec_filter->commands[NG_HCI_OGF_LE -1];878bit_set(f, NG_HCI_OCF_LE_SET_SCAN_ENABLE - 1);879bit_set(f, NG_HCI_OCF_LE_SET_SCAN_PARAMETERS - 1);880bit_set(f, NG_HCI_OCF_LE_READ_LOCAL_SUPPORTED_FEATURES - 1);881bit_set(f, NG_HCI_OCF_LE_READ_BUFFER_SIZE - 1);882bit_set(f, NG_HCI_OCF_LE_READ_WHITE_LIST_SIZE - 1);883884} /* ng_btsocket_hci_raw_init */885SYSINIT(ng_btsocket_hci_raw_init, SI_SUB_PROTO_DOMAIN, SI_ORDER_THIRD,886ng_btsocket_hci_raw_init, NULL);887888/*889* Abort connection on socket890*/891892void893ng_btsocket_hci_raw_abort(struct socket *so)894{895} /* ng_btsocket_hci_raw_abort */896897void898ng_btsocket_hci_raw_close(struct socket *so)899{900} /* ng_btsocket_hci_raw_close */901902/*903* Create new raw HCI socket904*/905906int907ng_btsocket_hci_raw_attach(struct socket *so, int proto, struct thread *td)908{909ng_btsocket_hci_raw_pcb_p pcb = so2hci_raw_pcb(so);910int error = 0;911912if (pcb != NULL)913return (EISCONN);914915if (ng_btsocket_hci_raw_node == NULL)916return (EPROTONOSUPPORT);917if (proto != BLUETOOTH_PROTO_HCI)918return (EPROTONOSUPPORT);919if (so->so_type != SOCK_RAW)920return (ESOCKTNOSUPPORT);921922error = soreserve(so, NG_BTSOCKET_HCI_RAW_SENDSPACE,923NG_BTSOCKET_HCI_RAW_RECVSPACE);924if (error != 0)925return (error);926927pcb = malloc(sizeof(*pcb),928M_NETGRAPH_BTSOCKET_HCI_RAW, M_NOWAIT|M_ZERO);929if (pcb == NULL)930return (ENOMEM);931932so->so_pcb = (caddr_t) pcb;933pcb->so = so;934935if (priv_check(td, PRIV_NETBLUETOOTH_RAW) == 0)936pcb->flags |= NG_BTSOCKET_HCI_RAW_PRIVILEGED;937938/*939* Set default socket filter. By default socket only accepts HCI940* Command_Complete and Command_Status event packets.941*/942943bit_set(pcb->filter.event_mask, NG_HCI_EVENT_COMMAND_COMPL - 1);944bit_set(pcb->filter.event_mask, NG_HCI_EVENT_COMMAND_STATUS - 1);945946mtx_init(&pcb->pcb_mtx, "btsocks_hci_raw_pcb_mtx", NULL, MTX_DEF);947948mtx_lock(&ng_btsocket_hci_raw_sockets_mtx);949LIST_INSERT_HEAD(&ng_btsocket_hci_raw_sockets, pcb, next);950mtx_unlock(&ng_btsocket_hci_raw_sockets_mtx);951952return (0);953} /* ng_btsocket_hci_raw_attach */954955/*956* Bind raw HCI socket957*/958959int960ng_btsocket_hci_raw_bind(struct socket *so, struct sockaddr *nam,961struct thread *td)962{963ng_btsocket_hci_raw_pcb_p pcb = so2hci_raw_pcb(so);964struct sockaddr_hci *sa = (struct sockaddr_hci *) nam;965966if (pcb == NULL)967return (EINVAL);968if (ng_btsocket_hci_raw_node == NULL)969return (EINVAL);970971if (sa == NULL)972return (EINVAL);973if (sa->hci_family != AF_BLUETOOTH)974return (EAFNOSUPPORT);975if (sa->hci_len != sizeof(*sa))976return (EINVAL);977if (sa->hci_node[0] == 0)978return (EINVAL);979980mtx_lock(&pcb->pcb_mtx);981bcopy(sa, &pcb->addr, sizeof(pcb->addr));982mtx_unlock(&pcb->pcb_mtx);983984return (0);985} /* ng_btsocket_hci_raw_bind */986987/*988* Connect raw HCI socket989*/990991int992ng_btsocket_hci_raw_connect(struct socket *so, struct sockaddr *nam,993struct thread *td)994{995ng_btsocket_hci_raw_pcb_p pcb = so2hci_raw_pcb(so);996struct sockaddr_hci *sa = (struct sockaddr_hci *) nam;997998if (pcb == NULL)999return (EINVAL);1000if (ng_btsocket_hci_raw_node == NULL)1001return (EINVAL);10021003if (sa == NULL)1004return (EINVAL);1005if (sa->hci_family != AF_BLUETOOTH)1006return (EAFNOSUPPORT);1007if (sa->hci_len != sizeof(*sa))1008return (EINVAL);1009if (sa->hci_node[0] == 0)1010return (EDESTADDRREQ);10111012mtx_lock(&pcb->pcb_mtx);10131014if (bcmp(sa, &pcb->addr, sizeof(pcb->addr)) != 0) {1015mtx_unlock(&pcb->pcb_mtx);1016return (EADDRNOTAVAIL);1017}10181019soisconnected(so);10201021mtx_unlock(&pcb->pcb_mtx);10221023return (0);1024} /* ng_btsocket_hci_raw_connect */10251026/*1027* Process ioctl on socket1028*/10291030int1031ng_btsocket_hci_raw_control(struct socket *so, u_long cmd, void *data,1032struct ifnet *ifp, struct thread *td)1033{1034ng_btsocket_hci_raw_pcb_p pcb = so2hci_raw_pcb(so);1035char path[NG_NODESIZ + 1];1036struct ng_mesg *msg = NULL;1037int error = 0;10381039if (pcb == NULL)1040return (EINVAL);1041if (ng_btsocket_hci_raw_node == NULL)1042return (EINVAL);10431044mtx_lock(&pcb->pcb_mtx);10451046/* Check if we have device name */1047if (pcb->addr.hci_node[0] == 0) {1048mtx_unlock(&pcb->pcb_mtx);1049return (EHOSTUNREACH);1050}10511052/* Check if we have pending ioctl() */1053if (pcb->token != 0) {1054mtx_unlock(&pcb->pcb_mtx);1055return (EBUSY);1056}10571058snprintf(path, sizeof(path), "%s:", pcb->addr.hci_node);10591060switch (cmd) {1061case SIOC_HCI_RAW_NODE_GET_STATE: {1062struct ng_btsocket_hci_raw_node_state *p =1063(struct ng_btsocket_hci_raw_node_state *) data;10641065error = ng_btsocket_hci_raw_send_sync_ngmsg(pcb, path,1066NGM_HCI_NODE_GET_STATE,1067&p->state, sizeof(p->state));1068} break;10691070case SIOC_HCI_RAW_NODE_INIT:1071if (pcb->flags & NG_BTSOCKET_HCI_RAW_PRIVILEGED)1072error = ng_btsocket_hci_raw_send_ngmsg(path,1073NGM_HCI_NODE_INIT, NULL, 0);1074else1075error = EPERM;1076break;10771078case SIOC_HCI_RAW_NODE_GET_DEBUG: {1079struct ng_btsocket_hci_raw_node_debug *p =1080(struct ng_btsocket_hci_raw_node_debug *) data;10811082error = ng_btsocket_hci_raw_send_sync_ngmsg(pcb, path,1083NGM_HCI_NODE_GET_DEBUG,1084&p->debug, sizeof(p->debug));1085} break;10861087case SIOC_HCI_RAW_NODE_SET_DEBUG: {1088struct ng_btsocket_hci_raw_node_debug *p =1089(struct ng_btsocket_hci_raw_node_debug *) data;10901091if (pcb->flags & NG_BTSOCKET_HCI_RAW_PRIVILEGED)1092error = ng_btsocket_hci_raw_send_ngmsg(path,1093NGM_HCI_NODE_SET_DEBUG, &p->debug,1094sizeof(p->debug));1095else1096error = EPERM;1097} break;10981099case SIOC_HCI_RAW_NODE_GET_BUFFER: {1100struct ng_btsocket_hci_raw_node_buffer *p =1101(struct ng_btsocket_hci_raw_node_buffer *) data;11021103error = ng_btsocket_hci_raw_send_sync_ngmsg(pcb, path,1104NGM_HCI_NODE_GET_BUFFER,1105&p->buffer, sizeof(p->buffer));1106} break;11071108case SIOC_HCI_RAW_NODE_GET_BDADDR: {1109struct ng_btsocket_hci_raw_node_bdaddr *p =1110(struct ng_btsocket_hci_raw_node_bdaddr *) data;11111112error = ng_btsocket_hci_raw_send_sync_ngmsg(pcb, path,1113NGM_HCI_NODE_GET_BDADDR,1114&p->bdaddr, sizeof(p->bdaddr));1115} break;11161117case SIOC_HCI_RAW_NODE_GET_FEATURES: {1118struct ng_btsocket_hci_raw_node_features *p =1119(struct ng_btsocket_hci_raw_node_features *) data;11201121error = ng_btsocket_hci_raw_send_sync_ngmsg(pcb, path,1122NGM_HCI_NODE_GET_FEATURES,1123&p->features, sizeof(p->features));1124} break;11251126case SIOC_HCI_RAW_NODE_GET_STAT: {1127struct ng_btsocket_hci_raw_node_stat *p =1128(struct ng_btsocket_hci_raw_node_stat *) data;11291130error = ng_btsocket_hci_raw_send_sync_ngmsg(pcb, path,1131NGM_HCI_NODE_GET_STAT,1132&p->stat, sizeof(p->stat));1133} break;11341135case SIOC_HCI_RAW_NODE_RESET_STAT:1136if (pcb->flags & NG_BTSOCKET_HCI_RAW_PRIVILEGED)1137error = ng_btsocket_hci_raw_send_ngmsg(path,1138NGM_HCI_NODE_RESET_STAT, NULL, 0);1139else1140error = EPERM;1141break;11421143case SIOC_HCI_RAW_NODE_FLUSH_NEIGHBOR_CACHE:1144if (pcb->flags & NG_BTSOCKET_HCI_RAW_PRIVILEGED)1145error = ng_btsocket_hci_raw_send_ngmsg(path,1146NGM_HCI_NODE_FLUSH_NEIGHBOR_CACHE,1147NULL, 0);1148else1149error = EPERM;1150break;11511152case SIOC_HCI_RAW_NODE_GET_NEIGHBOR_CACHE: {1153struct ng_btsocket_hci_raw_node_neighbor_cache *p =1154(struct ng_btsocket_hci_raw_node_neighbor_cache *) data;1155ng_hci_node_get_neighbor_cache_ep *p1 = NULL;1156ng_hci_node_neighbor_cache_entry_ep *p2 = NULL;11571158if (p->num_entries <= 0 ||1159p->num_entries > NG_HCI_MAX_NEIGHBOR_NUM ||1160p->entries == NULL) {1161mtx_unlock(&pcb->pcb_mtx);1162return (EINVAL);1163}11641165NG_MKMESSAGE(msg, NGM_HCI_COOKIE,1166NGM_HCI_NODE_GET_NEIGHBOR_CACHE, 0, M_NOWAIT);1167if (msg == NULL) {1168mtx_unlock(&pcb->pcb_mtx);1169return (ENOMEM);1170}1171ng_btsocket_hci_raw_get_token(&msg->header.token);1172pcb->token = msg->header.token;1173pcb->msg = NULL;11741175NG_SEND_MSG_PATH(error, ng_btsocket_hci_raw_node, msg, path, 0);1176if (error != 0) {1177pcb->token = 0;1178mtx_unlock(&pcb->pcb_mtx);1179return (error);1180}11811182error = msleep(&pcb->msg, &pcb->pcb_mtx,1183PZERO|PCATCH, "hcictl",1184ng_btsocket_hci_raw_ioctl_timeout * hz);1185pcb->token = 0;11861187if (error != 0) {1188mtx_unlock(&pcb->pcb_mtx);1189return (error);1190}11911192msg = pcb->msg;1193pcb->msg = NULL;11941195mtx_unlock(&pcb->pcb_mtx);11961197if (msg != NULL &&1198msg->header.cmd == NGM_HCI_NODE_GET_NEIGHBOR_CACHE) {1199/* Return data back to user space */1200p1 = (ng_hci_node_get_neighbor_cache_ep *)(msg->data);1201p2 = (ng_hci_node_neighbor_cache_entry_ep *)(p1 + 1);12021203p->num_entries = min(p->num_entries, p1->num_entries);1204if (p->num_entries > 0)1205error = copyout((caddr_t) p2,1206(caddr_t) p->entries,1207p->num_entries * sizeof(*p2));1208} else1209error = EINVAL;12101211NG_FREE_MSG(msg); /* checks for != NULL */1212return (error);1213} /* NOTREACHED */12141215case SIOC_HCI_RAW_NODE_GET_CON_LIST: {1216struct ng_btsocket_hci_raw_con_list *p =1217(struct ng_btsocket_hci_raw_con_list *) data;1218ng_hci_node_con_list_ep *p1 = NULL;1219ng_hci_node_con_ep *p2 = NULL;12201221if (p->num_connections == 0 ||1222p->num_connections > NG_HCI_MAX_CON_NUM ||1223p->connections == NULL) {1224mtx_unlock(&pcb->pcb_mtx);1225return (EINVAL);1226}12271228NG_MKMESSAGE(msg, NGM_HCI_COOKIE, NGM_HCI_NODE_GET_CON_LIST,12290, M_NOWAIT);1230if (msg == NULL) {1231mtx_unlock(&pcb->pcb_mtx);1232return (ENOMEM);1233}1234ng_btsocket_hci_raw_get_token(&msg->header.token);1235pcb->token = msg->header.token;1236pcb->msg = NULL;12371238NG_SEND_MSG_PATH(error, ng_btsocket_hci_raw_node, msg, path, 0);1239if (error != 0) {1240pcb->token = 0;1241mtx_unlock(&pcb->pcb_mtx);1242return (error);1243}12441245error = msleep(&pcb->msg, &pcb->pcb_mtx,1246PZERO|PCATCH, "hcictl",1247ng_btsocket_hci_raw_ioctl_timeout * hz);1248pcb->token = 0;12491250if (error != 0) {1251mtx_unlock(&pcb->pcb_mtx);1252return (error);1253}12541255msg = pcb->msg;1256pcb->msg = NULL;12571258mtx_unlock(&pcb->pcb_mtx);12591260if (msg != NULL &&1261msg->header.cmd == NGM_HCI_NODE_GET_CON_LIST) {1262/* Return data back to user space */1263p1 = (ng_hci_node_con_list_ep *)(msg->data);1264p2 = (ng_hci_node_con_ep *)(p1 + 1);12651266p->num_connections = min(p->num_connections,1267p1->num_connections);1268if (p->num_connections > 0)1269error = copyout((caddr_t) p2,1270(caddr_t) p->connections,1271p->num_connections * sizeof(*p2));1272} else1273error = EINVAL;12741275NG_FREE_MSG(msg); /* checks for != NULL */1276return (error);1277} /* NOTREACHED */12781279case SIOC_HCI_RAW_NODE_GET_LINK_POLICY_MASK: {1280struct ng_btsocket_hci_raw_node_link_policy_mask *p =1281(struct ng_btsocket_hci_raw_node_link_policy_mask *)1282data;12831284error = ng_btsocket_hci_raw_send_sync_ngmsg(pcb, path,1285NGM_HCI_NODE_GET_LINK_POLICY_SETTINGS_MASK,1286&p->policy_mask, sizeof(p->policy_mask));1287} break;12881289case SIOC_HCI_RAW_NODE_SET_LINK_POLICY_MASK: {1290struct ng_btsocket_hci_raw_node_link_policy_mask *p =1291(struct ng_btsocket_hci_raw_node_link_policy_mask *)1292data;12931294if (pcb->flags & NG_BTSOCKET_HCI_RAW_PRIVILEGED)1295error = ng_btsocket_hci_raw_send_ngmsg(path,1296NGM_HCI_NODE_SET_LINK_POLICY_SETTINGS_MASK,1297&p->policy_mask,1298sizeof(p->policy_mask));1299else1300error = EPERM;1301} break;13021303case SIOC_HCI_RAW_NODE_GET_PACKET_MASK: {1304struct ng_btsocket_hci_raw_node_packet_mask *p =1305(struct ng_btsocket_hci_raw_node_packet_mask *) data;13061307error = ng_btsocket_hci_raw_send_sync_ngmsg(pcb, path,1308NGM_HCI_NODE_GET_PACKET_MASK,1309&p->packet_mask, sizeof(p->packet_mask));1310} break;13111312case SIOC_HCI_RAW_NODE_SET_PACKET_MASK: {1313struct ng_btsocket_hci_raw_node_packet_mask *p =1314(struct ng_btsocket_hci_raw_node_packet_mask *) data;13151316if (pcb->flags & NG_BTSOCKET_HCI_RAW_PRIVILEGED)1317error = ng_btsocket_hci_raw_send_ngmsg(path,1318NGM_HCI_NODE_SET_PACKET_MASK,1319&p->packet_mask,1320sizeof(p->packet_mask));1321else1322error = EPERM;1323} break;13241325case SIOC_HCI_RAW_NODE_GET_ROLE_SWITCH: {1326struct ng_btsocket_hci_raw_node_role_switch *p =1327(struct ng_btsocket_hci_raw_node_role_switch *) data;13281329error = ng_btsocket_hci_raw_send_sync_ngmsg(pcb, path,1330NGM_HCI_NODE_GET_ROLE_SWITCH,1331&p->role_switch, sizeof(p->role_switch));1332} break;13331334case SIOC_HCI_RAW_NODE_SET_ROLE_SWITCH: {1335struct ng_btsocket_hci_raw_node_role_switch *p =1336(struct ng_btsocket_hci_raw_node_role_switch *) data;13371338if (pcb->flags & NG_BTSOCKET_HCI_RAW_PRIVILEGED)1339error = ng_btsocket_hci_raw_send_ngmsg(path,1340NGM_HCI_NODE_SET_ROLE_SWITCH,1341&p->role_switch,1342sizeof(p->role_switch));1343else1344error = EPERM;1345} break;13461347case SIOC_HCI_RAW_NODE_LIST_NAMES: {1348struct ng_btsocket_hci_raw_node_list_names *nl =1349(struct ng_btsocket_hci_raw_node_list_names *) data;1350struct nodeinfo *ni = nl->names;13511352if (nl->num_names == 0) {1353mtx_unlock(&pcb->pcb_mtx);1354return (EINVAL);1355}13561357NG_MKMESSAGE(msg, NGM_GENERIC_COOKIE, NGM_LISTNAMES,13580, M_NOWAIT);1359if (msg == NULL) {1360mtx_unlock(&pcb->pcb_mtx);1361return (ENOMEM);1362}1363ng_btsocket_hci_raw_get_token(&msg->header.token);1364pcb->token = msg->header.token;1365pcb->msg = NULL;13661367NG_SEND_MSG_PATH(error, ng_btsocket_hci_raw_node, msg, ".:", 0);1368if (error != 0) {1369pcb->token = 0;1370mtx_unlock(&pcb->pcb_mtx);1371return (error);1372}13731374error = msleep(&pcb->msg, &pcb->pcb_mtx,1375PZERO|PCATCH, "hcictl",1376ng_btsocket_hci_raw_ioctl_timeout * hz);1377pcb->token = 0;13781379if (error != 0) {1380mtx_unlock(&pcb->pcb_mtx);1381return (error);1382}13831384msg = pcb->msg;1385pcb->msg = NULL;13861387mtx_unlock(&pcb->pcb_mtx);13881389if (msg != NULL && msg->header.cmd == NGM_LISTNAMES) {1390/* Return data back to user space */1391struct namelist *nl1 = (struct namelist *) msg->data;1392struct nodeinfo *ni1 = &nl1->nodeinfo[0];13931394while (nl->num_names > 0 && nl1->numnames > 0) {1395if (strcmp(ni1->type, NG_HCI_NODE_TYPE) == 0) {1396error = copyout((caddr_t) ni1,1397(caddr_t) ni,1398sizeof(*ni));1399if (error != 0)1400break;14011402nl->num_names --;1403ni ++;1404}14051406nl1->numnames --;1407ni1 ++;1408}14091410nl->num_names = ni - nl->names;1411} else1412error = EINVAL;14131414NG_FREE_MSG(msg); /* checks for != NULL */1415return (error);1416} /* NOTREACHED */14171418default:1419error = EINVAL;1420break;1421}14221423mtx_unlock(&pcb->pcb_mtx);14241425return (error);1426} /* ng_btsocket_hci_raw_control */14271428/*1429* Process getsockopt/setsockopt system calls1430*/14311432int1433ng_btsocket_hci_raw_ctloutput(struct socket *so, struct sockopt *sopt)1434{1435ng_btsocket_hci_raw_pcb_p pcb = so2hci_raw_pcb(so);1436struct ng_btsocket_hci_raw_filter filter;1437int error = 0, dir;14381439if (pcb == NULL)1440return (EINVAL);1441if (ng_btsocket_hci_raw_node == NULL)1442return (EINVAL);14431444if (sopt->sopt_level != SOL_HCI_RAW)1445return (0);14461447mtx_lock(&pcb->pcb_mtx);14481449switch (sopt->sopt_dir) {1450case SOPT_GET:1451switch (sopt->sopt_name) {1452case SO_HCI_RAW_FILTER:1453error = sooptcopyout(sopt, &pcb->filter,1454sizeof(pcb->filter));1455break;14561457case SO_HCI_RAW_DIRECTION:1458dir = (pcb->flags & NG_BTSOCKET_HCI_RAW_DIRECTION)?1:0;1459error = sooptcopyout(sopt, &dir, sizeof(dir));1460break;14611462default:1463error = EINVAL;1464break;1465}1466break;14671468case SOPT_SET:1469switch (sopt->sopt_name) {1470case SO_HCI_RAW_FILTER:1471error = sooptcopyin(sopt, &filter, sizeof(filter),1472sizeof(filter));1473if (error == 0)1474bcopy(&filter, &pcb->filter,1475sizeof(pcb->filter));1476break;14771478case SO_HCI_RAW_DIRECTION:1479error = sooptcopyin(sopt, &dir, sizeof(dir),1480sizeof(dir));1481if (error != 0)1482break;14831484if (dir)1485pcb->flags |= NG_BTSOCKET_HCI_RAW_DIRECTION;1486else1487pcb->flags &= ~NG_BTSOCKET_HCI_RAW_DIRECTION;1488break;14891490default:1491error = EINVAL;1492break;1493}1494break;14951496default:1497error = EINVAL;1498break;1499}15001501mtx_unlock(&pcb->pcb_mtx);15021503return (error);1504} /* ng_btsocket_hci_raw_ctloutput */15051506/*1507* Detach raw HCI socket1508*/15091510void1511ng_btsocket_hci_raw_detach(struct socket *so)1512{1513ng_btsocket_hci_raw_pcb_p pcb = so2hci_raw_pcb(so);15141515KASSERT(pcb != NULL, ("ng_btsocket_hci_raw_detach: pcb == NULL"));15161517if (ng_btsocket_hci_raw_node == NULL)1518return;15191520mtx_lock(&ng_btsocket_hci_raw_sockets_mtx);1521mtx_lock(&pcb->pcb_mtx);15221523LIST_REMOVE(pcb, next);15241525mtx_unlock(&pcb->pcb_mtx);1526mtx_unlock(&ng_btsocket_hci_raw_sockets_mtx);15271528mtx_destroy(&pcb->pcb_mtx);15291530bzero(pcb, sizeof(*pcb));1531free(pcb, M_NETGRAPH_BTSOCKET_HCI_RAW);15321533so->so_pcb = NULL;1534} /* ng_btsocket_hci_raw_detach */15351536/*1537* Disconnect raw HCI socket1538*/15391540int1541ng_btsocket_hci_raw_disconnect(struct socket *so)1542{1543ng_btsocket_hci_raw_pcb_p pcb = so2hci_raw_pcb(so);15441545if (pcb == NULL)1546return (EINVAL);1547if (ng_btsocket_hci_raw_node == NULL)1548return (EINVAL);15491550mtx_lock(&pcb->pcb_mtx);1551soisdisconnected(so);1552mtx_unlock(&pcb->pcb_mtx);15531554return (0);1555} /* ng_btsocket_hci_raw_disconnect */15561557/*1558* Send data1559*/15601561int1562ng_btsocket_hci_raw_send(struct socket *so, int flags, struct mbuf *m,1563struct sockaddr *sa, struct mbuf *control, struct thread *td)1564{1565ng_btsocket_hci_raw_pcb_p pcb = so2hci_raw_pcb(so);1566struct mbuf *nam = NULL;1567int error = 0;15681569if (ng_btsocket_hci_raw_node == NULL) {1570error = ENETDOWN;1571goto drop;1572}1573if (pcb == NULL) {1574error = EINVAL;1575goto drop;1576}1577if (control != NULL) {1578error = EINVAL;1579goto drop;1580}15811582if (m->m_pkthdr.len < sizeof(ng_hci_cmd_pkt_t) ||1583m->m_pkthdr.len > sizeof(ng_hci_cmd_pkt_t) + NG_HCI_CMD_PKT_SIZE) {1584error = EMSGSIZE;1585goto drop;1586}15871588if (m->m_len < sizeof(ng_hci_cmd_pkt_t)) {1589if ((m = m_pullup(m, sizeof(ng_hci_cmd_pkt_t))) == NULL) {1590error = ENOBUFS;1591goto drop;1592}1593}1594if (*mtod(m, u_int8_t *) != NG_HCI_CMD_PKT) {1595error = ENOTSUP;1596goto drop;1597}15981599if (sa != NULL) {1600if (sa->sa_family != AF_BLUETOOTH) {1601error = EAFNOSUPPORT;1602goto drop;1603}1604if (sa->sa_len != sizeof(struct sockaddr_hci)) {1605error = EINVAL;1606goto drop;1607}1608}16091610mtx_lock(&pcb->pcb_mtx);16111612error = ng_btsocket_hci_raw_filter(pcb, m, 0);1613if (error != 0) {1614mtx_unlock(&pcb->pcb_mtx);1615goto drop;1616}16171618if (sa == NULL) {1619if (pcb->addr.hci_node[0] == 0) {1620mtx_unlock(&pcb->pcb_mtx);1621error = EDESTADDRREQ;1622goto drop;1623}16241625sa = (struct sockaddr *) &pcb->addr;1626}16271628MGET(nam, M_NOWAIT, MT_SONAME);1629if (nam == NULL) {1630mtx_unlock(&pcb->pcb_mtx);1631error = ENOBUFS;1632goto drop;1633}16341635nam->m_len = sizeof(struct sockaddr_hci);1636bcopy(sa,mtod(nam, struct sockaddr_hci *),sizeof(struct sockaddr_hci));16371638nam->m_next = m;1639m = NULL;16401641mtx_unlock(&pcb->pcb_mtx);16421643return (ng_send_fn(ng_btsocket_hci_raw_node, NULL,1644ng_btsocket_hci_raw_output, nam, 0));1645drop:1646NG_FREE_M(control); /* NG_FREE_M checks for != NULL */1647NG_FREE_M(nam);1648NG_FREE_M(m);16491650return (error);1651} /* ng_btsocket_hci_raw_send */16521653/*1654* Get socket address1655*/16561657int1658ng_btsocket_hci_raw_sockaddr(struct socket *so, struct sockaddr *sa)1659{1660ng_btsocket_hci_raw_pcb_p pcb = so2hci_raw_pcb(so);1661struct sockaddr_hci *hci = (struct sockaddr_hci *)sa;16621663if (pcb == NULL)1664return (EINVAL);1665if (ng_btsocket_hci_raw_node == NULL)1666return (EINVAL);16671668*hci = (struct sockaddr_hci ){1669.hci_len = sizeof(struct sockaddr_hci),1670.hci_family = AF_BLUETOOTH,1671};16721673mtx_lock(&pcb->pcb_mtx);1674strlcpy(hci->hci_node, pcb->addr.hci_node, sizeof(hci->hci_node));1675mtx_unlock(&pcb->pcb_mtx);16761677return (0);1678}167916801681