[linux-block.git] / net / nfc / rawsock.c

// SPDX-License-Identifier: GPL-2.0-or-later
/*
 * Copyright (C) 2011 Instituto Nokia de Tecnologia
 *
 * Authors:
 *    Aloisio Almeida Jr <aloisio.almeida@openbossa.org>
 *    Lauro Ramos Venancio <lauro.venancio@openbossa.org>
 */

#define pr_fmt(fmt) KBUILD_MODNAME ": %s: " fmt, __func__

#include <net/tcp_states.h>
#include <linux/nfc.h>
#include <linux/export.h>
#include <linux/kcov.h>

#include "nfc.h"

static struct nfc_sock_list raw_sk_list = {
	.lock = __RW_LOCK_UNLOCKED(raw_sk_list.lock)
};

static void nfc_sock_link(struct nfc_sock_list *l, struct sock *sk)
{
	write_lock(&l->lock);
	sk_add_node(sk, &l->head);
	write_unlock(&l->lock);
}

static void nfc_sock_unlink(struct nfc_sock_list *l, struct sock *sk)
{
	write_lock(&l->lock);
	sk_del_node_init(sk);
	write_unlock(&l->lock);
}

static void rawsock_write_queue_purge(struct sock *sk)
{
	pr_debug("sk=%p\n", sk);

	spin_lock_bh(&sk->sk_write_queue.lock);
	__skb_queue_purge(&sk->sk_write_queue);
	nfc_rawsock(sk)->tx_work_scheduled = false;
	spin_unlock_bh(&sk->sk_write_queue.lock);
}

static void rawsock_report_error(struct sock *sk, int err)
{
	pr_debug("sk=%p err=%d\n", sk, err);

	sk->sk_shutdown = SHUTDOWN_MASK;
	sk->sk_err = -err;
	sk_error_report(sk);

	rawsock_write_queue_purge(sk);
}

static int rawsock_release(struct socket *sock)
{
	struct sock *sk = sock->sk;

	pr_debug("sock=%p sk=%p\n", sock, sk);

	if (!sk)
		return 0;

	if (sock->type == SOCK_RAW)
		nfc_sock_unlink(&raw_sk_list, sk);

	sock_orphan(sk);
	sock_put(sk);

	return 0;
}

static int rawsock_connect(struct socket *sock, struct sockaddr *_addr,
			   int len, int flags)
{
	struct sock *sk = sock->sk;
	struct sockaddr_nfc *addr = (struct sockaddr_nfc *)_addr;
	struct nfc_dev *dev;
	int rc = 0;

	pr_debug("sock=%p sk=%p flags=%d\n", sock, sk, flags);

	if (!addr || len < sizeof(struct sockaddr_nfc) ||
	    addr->sa_family != AF_NFC)
		return -EINVAL;

	pr_debug("addr dev_idx=%u target_idx=%u protocol=%u\n",
		 addr->dev_idx, addr->target_idx, addr->nfc_protocol);

	lock_sock(sk);

	if (sock->state == SS_CONNECTED) {
		rc = -EISCONN;
		goto error;
	}

	dev = nfc_get_device(addr->dev_idx);
	if (!dev) {
		rc = -ENODEV;
		goto error;
	}

	if (addr->target_idx > dev->target_next_idx - 1 ||
	    addr->target_idx < dev->target_next_idx - dev->n_targets) {
		rc = -EINVAL;
		goto put_dev;
	}

	rc = nfc_activate_target(dev, addr->target_idx, addr->nfc_protocol);
	if (rc)
		goto put_dev;

	nfc_rawsock(sk)->dev = dev;
	nfc_rawsock(sk)->target_idx = addr->target_idx;
	sock->state = SS_CONNECTED;
	sk->sk_state = TCP_ESTABLISHED;
	sk->sk_state_change(sk);

	release_sock(sk);
	return 0;

put_dev:
	nfc_put_device(dev);
error:
	release_sock(sk);
	return rc;
}

static int rawsock_add_header(struct sk_buff *skb)
{
	*(u8 *)skb_push(skb, NFC_HEADER_SIZE) = 0;

	return 0;
}

static void rawsock_data_exchange_complete(void *context, struct sk_buff *skb,
					   int err)
{
	struct sock *sk = (struct sock *) context;

	BUG_ON(in_hardirq());

	pr_debug("sk=%p err=%d\n", sk, err);

	if (err)
		goto error;

	err = rawsock_add_header(skb);
	if (err)
		goto error_skb;

	err = sock_queue_rcv_skb(sk, skb);
	if (err)
		goto error_skb;

	spin_lock_bh(&sk->sk_write_queue.lock);
	if (!skb_queue_empty(&sk->sk_write_queue))
		schedule_work(&nfc_rawsock(sk)->tx_work);
	else
		nfc_rawsock(sk)->tx_work_scheduled = false;
	spin_unlock_bh(&sk->sk_write_queue.lock);

	sock_put(sk);
	return;

error_skb:
	kfree_skb(skb);

error:
	rawsock_report_error(sk, err);
	sock_put(sk);
}

static void rawsock_tx_work(struct work_struct *work)
{
	struct sock *sk = to_rawsock_sk(work);
	struct nfc_dev *dev = nfc_rawsock(sk)->dev;
	u32 target_idx = nfc_rawsock(sk)->target_idx;
	struct sk_buff *skb;
	int rc;

	pr_debug("sk=%p target_idx=%u\n", sk, target_idx);

	if (sk->sk_shutdown & SEND_SHUTDOWN) {
		rawsock_write_queue_purge(sk);
		return;
	}

	skb = skb_dequeue(&sk->sk_write_queue);
	kcov_remote_start_common(skb_get_kcov_handle(skb));

	sock_hold(sk);
	rc = nfc_data_exchange(dev, target_idx, skb,
			       rawsock_data_exchange_complete, sk);
	if (rc) {
		rawsock_report_error(sk, rc);
		sock_put(sk);
	}
	kcov_remote_stop();
}

static int rawsock_sendmsg(struct socket *sock, struct msghdr *msg, size_t len)
{
	struct sock *sk = sock->sk;
	struct nfc_dev *dev = nfc_rawsock(sk)->dev;
	struct sk_buff *skb;
	int rc;

	pr_debug("sock=%p sk=%p len=%zu\n", sock, sk, len);

	if (msg->msg_namelen)
		return -EOPNOTSUPP;

	if (sock->state != SS_CONNECTED)
		return -ENOTCONN;

	skb = nfc_alloc_send_skb(dev, sk, msg->msg_flags, len, &rc);
	if (skb == NULL)
		return rc;

	rc = memcpy_from_msg(skb_put(skb, len), msg, len);
	if (rc < 0) {
		kfree_skb(skb);
		return rc;
	}

	spin_lock_bh(&sk->sk_write_queue.lock);
	__skb_queue_tail(&sk->sk_write_queue, skb);
	if (!nfc_rawsock(sk)->tx_work_scheduled) {
		schedule_work(&nfc_rawsock(sk)->tx_work);
		nfc_rawsock(sk)->tx_work_scheduled = true;
	}
	spin_unlock_bh(&sk->sk_write_queue.lock);

	return len;
}

static int rawsock_recvmsg(struct socket *sock, struct msghdr *msg, size_t len,
			   int flags)
{
	struct sock *sk = sock->sk;
	struct sk_buff *skb;
	int copied;
	int rc;

	pr_debug("sock=%p sk=%p len=%zu flags=%d\n", sock, sk, len, flags);

	skb = skb_recv_datagram(sk, flags, &rc);
	if (!skb)
		return rc;

	copied = skb->len;
	if (len < copied) {
		msg->msg_flags |= MSG_TRUNC;
		copied = len;
	}

	rc = skb_copy_datagram_msg(skb, 0, msg, copied);

	skb_free_datagram(sk, skb);

	return rc ? : copied;
}

static const struct proto_ops rawsock_ops = {
	.family         = PF_NFC,
	.owner          = THIS_MODULE,
	.release        = rawsock_release,
	.bind           = sock_no_bind,
	.connect        = rawsock_connect,
	.socketpair     = sock_no_socketpair,
	.accept         = sock_no_accept,
	.getname        = sock_no_getname,
	.poll           = datagram_poll,
	.ioctl          = sock_no_ioctl,
	.listen         = sock_no_listen,
	.shutdown       = sock_no_shutdown,
	.sendmsg        = rawsock_sendmsg,
	.recvmsg        = rawsock_recvmsg,
	.mmap           = sock_no_mmap,
};

static const struct proto_ops rawsock_raw_ops = {
	.family         = PF_NFC,
	.owner          = THIS_MODULE,
	.release        = rawsock_release,
	.bind           = sock_no_bind,
	.connect        = sock_no_connect,
	.socketpair     = sock_no_socketpair,
	.accept         = sock_no_accept,
	.getname        = sock_no_getname,
	.poll           = datagram_poll,
	.ioctl          = sock_no_ioctl,
	.listen         = sock_no_listen,
	.shutdown       = sock_no_shutdown,
	.sendmsg        = sock_no_sendmsg,
	.recvmsg        = rawsock_recvmsg,
	.mmap           = sock_no_mmap,
};

static void rawsock_destruct(struct sock *sk)
{
	pr_debug("sk=%p\n", sk);

	if (sk->sk_state == TCP_ESTABLISHED) {
		nfc_deactivate_target(nfc_rawsock(sk)->dev,
				      nfc_rawsock(sk)->target_idx,
				      NFC_TARGET_MODE_IDLE);
		nfc_put_device(nfc_rawsock(sk)->dev);
	}

	skb_queue_purge(&sk->sk_receive_queue);

	if (!sock_flag(sk, SOCK_DEAD)) {
		pr_err("Freeing alive NFC raw socket %p\n", sk);
		return;
	}
}

static int rawsock_create(struct net *net, struct socket *sock,
			  const struct nfc_protocol *nfc_proto, int kern)
{
	struct sock *sk;

	pr_debug("sock=%p\n", sock);

	if ((sock->type != SOCK_SEQPACKET) && (sock->type != SOCK_RAW))
		return -ESOCKTNOSUPPORT;

	if (sock->type == SOCK_RAW) {
		if (!ns_capable(net->user_ns, CAP_NET_RAW))
			return -EPERM;
		sock->ops = &rawsock_raw_ops;
	} else {
		sock->ops = &rawsock_ops;
	}

	sk = sk_alloc(net, PF_NFC, GFP_ATOMIC, nfc_proto->proto, kern);
	if (!sk)
		return -ENOMEM;

	sock_init_data(sock, sk);
	sk->sk_protocol = nfc_proto->id;
	sk->sk_destruct = rawsock_destruct;
	sock->state = SS_UNCONNECTED;
	if (sock->type == SOCK_RAW)
		nfc_sock_link(&raw_sk_list, sk);
	else {
		INIT_WORK(&nfc_rawsock(sk)->tx_work, rawsock_tx_work);
		nfc_rawsock(sk)->tx_work_scheduled = false;
	}

	return 0;
}

void nfc_send_to_raw_sock(struct nfc_dev *dev, struct sk_buff *skb,
			  u8 payload_type, u8 direction)
{
	struct sk_buff *skb_copy = NULL, *nskb;
	struct sock *sk;
	u8 *data;

	read_lock(&raw_sk_list.lock);

	sk_for_each(sk, &raw_sk_list.head) {
		if (!skb_copy) {
			skb_copy = __pskb_copy_fclone(skb, NFC_RAW_HEADER_SIZE,
						      GFP_ATOMIC, true);
			if (!skb_copy)
				continue;

			data = skb_push(skb_copy, NFC_RAW_HEADER_SIZE);

			data[0] = dev ? dev->idx : 0xFF;
			data[1] = direction & 0x01;
			data[1] |= (payload_type << 1);
		}

		nskb = skb_clone(skb_copy, GFP_ATOMIC);
		if (!nskb)
			continue;

		if (sock_queue_rcv_skb(sk, nskb))
			kfree_skb(nskb);
	}

	read_unlock(&raw_sk_list.lock);

	kfree_skb(skb_copy);
}
EXPORT_SYMBOL(nfc_send_to_raw_sock);

static struct proto rawsock_proto = {
	.name     = "NFC_RAW",
	.owner    = THIS_MODULE,
	.obj_size = sizeof(struct nfc_rawsock),
};

static const struct nfc_protocol rawsock_nfc_proto = {
	.id	  = NFC_SOCKPROTO_RAW,
	.proto    = &rawsock_proto,
	.owner    = THIS_MODULE,
	.create   = rawsock_create
};

int __init rawsock_init(void)
{
	int rc;

	rc = nfc_proto_register(&rawsock_nfc_proto);

	return rc;
}

void rawsock_exit(void)
{
	nfc_proto_unregister(&rawsock_nfc_proto);
}
Commit	Line	Data
1ccea77e	1	// SPDX-License-Identifier: GPL-2.0-or-later
23b7869c LRV	2	/*
	3	* Copyright (C) 2011 Instituto Nokia de Tecnologia
	4	*
	5	* Authors:
	6	* Aloisio Almeida Jr <aloisio.almeida@openbossa.org>
	7	* Lauro Ramos Venancio <lauro.venancio@openbossa.org>
23b7869c LRV	8	*/
23b7869c LRV	9
52858b51	10	#define pr_fmt(fmt) KBUILD_MODNAME ": %s: " fmt, __func__
ed1e0ad8	11
23b7869c LRV	12	#include <net/tcp_states.h>
23b7869c LRV	13	#include <linux/nfc.h>
bc3b2d7f	14	#include <linux/export.h>
7e8cdc97	15	#include <linux/kcov.h>
23b7869c LRV	16
	17	#include "nfc.h"
	18
57be1f3f HT	19	static struct nfc_sock_list raw_sk_list = {
	20	.lock = __RW_LOCK_UNLOCKED(raw_sk_list.lock)
	21	};
	22
db3287da	23	static void nfc_sock_link(struct nfc_sock_list l, struct sock sk)
57be1f3f HT	24	{
	25	write_lock(&l->lock);
	26	sk_add_node(sk, &l->head);
	27	write_unlock(&l->lock);
	28	}
	29
db3287da	30	static void nfc_sock_unlink(struct nfc_sock_list l, struct sock sk)
57be1f3f HT	31	{
	32	write_lock(&l->lock);
	33	sk_del_node_init(sk);
	34	write_unlock(&l->lock);
	35	}
	36
23b7869c LRV	37	static void rawsock_write_queue_purge(struct sock *sk)
23b7869c LRV	38	{
20c239c1	39	pr_debug("sk=%p\n", sk);
23b7869c LRV	40
	41	spin_lock_bh(&sk->sk_write_queue.lock);
	42	__skb_queue_purge(&sk->sk_write_queue);
	43	nfc_rawsock(sk)->tx_work_scheduled = false;
	44	spin_unlock_bh(&sk->sk_write_queue.lock);
	45	}
	46
	47	static void rawsock_report_error(struct sock *sk, int err)
	48	{
20c239c1	49	pr_debug("sk=%p err=%d\n", sk, err);
23b7869c LRV	50
	51	sk->sk_shutdown = SHUTDOWN_MASK;
	52	sk->sk_err = -err;
e3ae2365	53	sk_error_report(sk);
23b7869c LRV	54
	55	rawsock_write_queue_purge(sk);
	56	}
	57
	58	static int rawsock_release(struct socket *sock)
	59	{
	60	struct sock *sk = sock->sk;
	61
03e934f6 ED	62	pr_debug("sock=%p sk=%p\n", sock, sk);
	63
	64	if (!sk)
	65	return 0;
23b7869c	66
57be1f3f HT	67	if (sock->type == SOCK_RAW)
	68	nfc_sock_unlink(&raw_sk_list, sk);
	69
23b7869c LRV	70	sock_orphan(sk);
	71	sock_put(sk);
	72
	73	return 0;
	74	}
	75
	76	static int rawsock_connect(struct socket sock, struct sockaddr _addr,
0a40acb2	77	int len, int flags)
23b7869c LRV	78	{
	79	struct sock *sk = sock->sk;
	80	struct sockaddr_nfc addr = (struct sockaddr_nfc )_addr;
	81	struct nfc_dev *dev;
	82	int rc = 0;
	83
20c239c1	84	pr_debug("sock=%p sk=%p flags=%d\n", sock, sk, flags);
23b7869c LRV	85
23b7869c LRV	86	if (!addr \|\| len < sizeof(struct sockaddr_nfc) \|\|
0a40acb2	87	addr->sa_family != AF_NFC)
23b7869c LRV	88	return -EINVAL;
23b7869c LRV	89
20c239c1 JP	90	pr_debug("addr dev_idx=%u target_idx=%u protocol=%u\n",
20c239c1 JP	91	addr->dev_idx, addr->target_idx, addr->nfc_protocol);
23b7869c LRV	92
	93	lock_sock(sk);
	94
	95	if (sock->state == SS_CONNECTED) {
	96	rc = -EISCONN;
	97	goto error;
	98	}
	99
	100	dev = nfc_get_device(addr->dev_idx);
	101	if (!dev) {
	102	rc = -ENODEV;
	103	goto error;
	104	}
	105
01ae0eea EL	106	if (addr->target_idx > dev->target_next_idx - 1 \|\|
01ae0eea EL	107	addr->target_idx < dev->target_next_idx - dev->n_targets) {
c4fbb651	108	rc = -EINVAL;
3a30537c	109	goto put_dev;
c4fbb651 SO	110	}
c4fbb651 SO	111
23b7869c LRV	112	rc = nfc_activate_target(dev, addr->target_idx, addr->nfc_protocol);
	113	if (rc)
	114	goto put_dev;
	115
	116	nfc_rawsock(sk)->dev = dev;
	117	nfc_rawsock(sk)->target_idx = addr->target_idx;
	118	sock->state = SS_CONNECTED;
	119	sk->sk_state = TCP_ESTABLISHED;
	120	sk->sk_state_change(sk);
	121
	122	release_sock(sk);
	123	return 0;
	124
	125	put_dev:
	126	nfc_put_device(dev);
	127	error:
	128	release_sock(sk);
	129	return rc;
	130	}
	131
	132	static int rawsock_add_header(struct sk_buff *skb)
	133	{
d58ff351	134	(u8 )skb_push(skb, NFC_HEADER_SIZE) = 0;
23b7869c LRV	135
	136	return 0;
	137	}
	138
	139	static void rawsock_data_exchange_complete(void context, struct sk_buff skb,
0a40acb2	140	int err)
23b7869c LRV	141	{
	142	struct sock sk = (struct sock ) context;
	143
afa79d08	144	BUG_ON(in_hardirq());
23b7869c	145
20c239c1	146	pr_debug("sk=%p err=%d\n", sk, err);
23b7869c LRV	147
	148	if (err)
	149	goto error;
	150
	151	err = rawsock_add_header(skb);
	152	if (err)
4cf7e032	153	goto error_skb;
23b7869c LRV	154
	155	err = sock_queue_rcv_skb(sk, skb);
	156	if (err)
4cf7e032	157	goto error_skb;
23b7869c LRV	158
	159	spin_lock_bh(&sk->sk_write_queue.lock);
	160	if (!skb_queue_empty(&sk->sk_write_queue))
	161	schedule_work(&nfc_rawsock(sk)->tx_work);
	162	else
	163	nfc_rawsock(sk)->tx_work_scheduled = false;
	164	spin_unlock_bh(&sk->sk_write_queue.lock);
	165
	166	sock_put(sk);
	167	return;
	168
4cf7e032 TE	169	error_skb:
	170	kfree_skb(skb);
	171
23b7869c LRV	172	error:
	173	rawsock_report_error(sk, err);
	174	sock_put(sk);
	175	}
	176
	177	static void rawsock_tx_work(struct work_struct *work)
	178	{
	179	struct sock *sk = to_rawsock_sk(work);
	180	struct nfc_dev *dev = nfc_rawsock(sk)->dev;
	181	u32 target_idx = nfc_rawsock(sk)->target_idx;
	182	struct sk_buff *skb;
	183	int rc;
	184
20c239c1	185	pr_debug("sk=%p target_idx=%u\n", sk, target_idx);
23b7869c LRV	186
	187	if (sk->sk_shutdown & SEND_SHUTDOWN) {
	188	rawsock_write_queue_purge(sk);
	189	return;
	190	}
	191
	192	skb = skb_dequeue(&sk->sk_write_queue);
7e8cdc97	193	kcov_remote_start_common(skb_get_kcov_handle(skb));
23b7869c LRV	194
	195	sock_hold(sk);
	196	rc = nfc_data_exchange(dev, target_idx, skb,
0a40acb2	197	rawsock_data_exchange_complete, sk);
23b7869c LRV	198	if (rc) {
	199	rawsock_report_error(sk, rc);
	200	sock_put(sk);
	201	}
7e8cdc97	202	kcov_remote_stop();
23b7869c LRV	203	}
23b7869c LRV	204
1b784140	205	static int rawsock_sendmsg(struct socket sock, struct msghdr msg, size_t len)
23b7869c LRV	206	{
23b7869c LRV	207	struct sock *sk = sock->sk;
e8753043	208	struct nfc_dev *dev = nfc_rawsock(sk)->dev;
23b7869c LRV	209	struct sk_buff *skb;
	210	int rc;
	211
20c239c1	212	pr_debug("sock=%p sk=%p len=%zu\n", sock, sk, len);
23b7869c LRV	213
	214	if (msg->msg_namelen)
	215	return -EOPNOTSUPP;
	216
	217	if (sock->state != SS_CONNECTED)
	218	return -ENOTCONN;
	219
7c7cd3bf SO	220	skb = nfc_alloc_send_skb(dev, sk, msg->msg_flags, len, &rc);
7c7cd3bf SO	221	if (skb == NULL)
23b7869c LRV	222	return rc;
23b7869c LRV	223
6ce8e9ce	224	rc = memcpy_from_msg(skb_put(skb, len), msg, len);
23b7869c LRV	225	if (rc < 0) {
	226	kfree_skb(skb);
	227	return rc;
	228	}
	229
	230	spin_lock_bh(&sk->sk_write_queue.lock);
	231	__skb_queue_tail(&sk->sk_write_queue, skb);
	232	if (!nfc_rawsock(sk)->tx_work_scheduled) {
	233	schedule_work(&nfc_rawsock(sk)->tx_work);
	234	nfc_rawsock(sk)->tx_work_scheduled = true;
	235	}
	236	spin_unlock_bh(&sk->sk_write_queue.lock);
	237
	238	return len;
	239	}
	240
1b784140 YX	241	static int rawsock_recvmsg(struct socket sock, struct msghdr msg, size_t len,
1b784140 YX	242	int flags)
23b7869c	243	{
23b7869c LRV	244	struct sock *sk = sock->sk;
	245	struct sk_buff *skb;
	246	int copied;
	247	int rc;
	248
20c239c1	249	pr_debug("sock=%p sk=%p len=%zu flags=%d\n", sock, sk, len, flags);
23b7869c	250
f4b41f06	251	skb = skb_recv_datagram(sk, flags, &rc);
23b7869c LRV	252	if (!skb)
	253	return rc;
	254
23b7869c LRV	255	copied = skb->len;
	256	if (len < copied) {
	257	msg->msg_flags \|= MSG_TRUNC;
	258	copied = len;
	259	}
	260
51f3d02b	261	rc = skb_copy_datagram_msg(skb, 0, msg, copied);
23b7869c LRV	262
	263	skb_free_datagram(sk, skb);
	264
	265	return rc ? : copied;
	266	}
	267
23b7869c LRV	268	static const struct proto_ops rawsock_ops = {
	269	.family = PF_NFC,
	270	.owner = THIS_MODULE,
	271	.release = rawsock_release,
	272	.bind = sock_no_bind,
	273	.connect = rawsock_connect,
	274	.socketpair = sock_no_socketpair,
	275	.accept = sock_no_accept,
	276	.getname = sock_no_getname,
a11e1d43	277	.poll = datagram_poll,
23b7869c LRV	278	.ioctl = sock_no_ioctl,
	279	.listen = sock_no_listen,
	280	.shutdown = sock_no_shutdown,
23b7869c LRV	281	.sendmsg = rawsock_sendmsg,
	282	.recvmsg = rawsock_recvmsg,
	283	.mmap = sock_no_mmap,
	284	};
	285
57be1f3f HT	286	static const struct proto_ops rawsock_raw_ops = {
	287	.family = PF_NFC,
	288	.owner = THIS_MODULE,
	289	.release = rawsock_release,
	290	.bind = sock_no_bind,
	291	.connect = sock_no_connect,
	292	.socketpair = sock_no_socketpair,
	293	.accept = sock_no_accept,
	294	.getname = sock_no_getname,
a11e1d43	295	.poll = datagram_poll,
57be1f3f HT	296	.ioctl = sock_no_ioctl,
	297	.listen = sock_no_listen,
	298	.shutdown = sock_no_shutdown,
57be1f3f HT	299	.sendmsg = sock_no_sendmsg,
	300	.recvmsg = rawsock_recvmsg,
	301	.mmap = sock_no_mmap,
	302	};
	303
23b7869c LRV	304	static void rawsock_destruct(struct sock *sk)
23b7869c LRV	305	{
20c239c1	306	pr_debug("sk=%p\n", sk);
23b7869c LRV	307
	308	if (sk->sk_state == TCP_ESTABLISHED) {
	309	nfc_deactivate_target(nfc_rawsock(sk)->dev,
96d4581f CR	310	nfc_rawsock(sk)->target_idx,
96d4581f CR	311	NFC_TARGET_MODE_IDLE);
23b7869c LRV	312	nfc_put_device(nfc_rawsock(sk)->dev);
	313	}
	314
	315	skb_queue_purge(&sk->sk_receive_queue);
	316
	317	if (!sock_flag(sk, SOCK_DEAD)) {
ed1e0ad8	318	pr_err("Freeing alive NFC raw socket %p\n", sk);
23b7869c LRV	319	return;
	320	}
	321	}
	322
	323	static int rawsock_create(struct net net, struct socket sock,
11aa9c28	324	const struct nfc_protocol *nfc_proto, int kern)
23b7869c LRV	325	{
	326	struct sock *sk;
	327
20c239c1	328	pr_debug("sock=%p\n", sock);
23b7869c	329
57be1f3f	330	if ((sock->type != SOCK_SEQPACKET) && (sock->type != SOCK_RAW))
23b7869c LRV	331	return -ESOCKTNOSUPPORT;
23b7869c LRV	332
26896f01	333	if (sock->type == SOCK_RAW) {
8ab78863	334	if (!ns_capable(net->user_ns, CAP_NET_RAW))
26896f01	335	return -EPERM;
57be1f3f	336	sock->ops = &rawsock_raw_ops;
26896f01	337	} else {
57be1f3f	338	sock->ops = &rawsock_ops;
26896f01	339	}
23b7869c	340
11aa9c28	341	sk = sk_alloc(net, PF_NFC, GFP_ATOMIC, nfc_proto->proto, kern);
23b7869c LRV	342	if (!sk)
	343	return -ENOMEM;
	344
	345	sock_init_data(sock, sk);
	346	sk->sk_protocol = nfc_proto->id;
	347	sk->sk_destruct = rawsock_destruct;
	348	sock->state = SS_UNCONNECTED;
57be1f3f HT	349	if (sock->type == SOCK_RAW)
	350	nfc_sock_link(&raw_sk_list, sk);
	351	else {
	352	INIT_WORK(&nfc_rawsock(sk)->tx_work, rawsock_tx_work);
	353	nfc_rawsock(sk)->tx_work_scheduled = false;
	354	}
23b7869c LRV	355
	356	return 0;
	357	}
	358
57be1f3f HT	359	void nfc_send_to_raw_sock(struct nfc_dev dev, struct sk_buff skb,
	360	u8 payload_type, u8 direction)
	361	{
	362	struct sk_buff skb_copy = NULL, nskb;
	363	struct sock *sk;
	364	u8 *data;
	365
	366	read_lock(&raw_sk_list.lock);
	367
	368	sk_for_each(sk, &raw_sk_list.head) {
	369	if (!skb_copy) {
bad93e9d OP	370	skb_copy = __pskb_copy_fclone(skb, NFC_RAW_HEADER_SIZE,
bad93e9d OP	371	GFP_ATOMIC, true);
57be1f3f HT	372	if (!skb_copy)
	373	continue;
	374
	375	data = skb_push(skb_copy, NFC_RAW_HEADER_SIZE);
	376
	377	data[0] = dev ? dev->idx : 0xFF;
	378	data[1] = direction & 0x01;
	379	data[1] \|= (payload_type << 1);
	380	}
	381
	382	nskb = skb_clone(skb_copy, GFP_ATOMIC);
	383	if (!nskb)
	384	continue;
	385
	386	if (sock_queue_rcv_skb(sk, nskb))
	387	kfree_skb(nskb);
	388	}
	389
	390	read_unlock(&raw_sk_list.lock);
	391
	392	kfree_skb(skb_copy);
	393	}
	394	EXPORT_SYMBOL(nfc_send_to_raw_sock);
	395
23b7869c LRV	396	static struct proto rawsock_proto = {
	397	.name = "NFC_RAW",
	398	.owner = THIS_MODULE,
	399	.obj_size = sizeof(struct nfc_rawsock),
	400	};
	401
	402	static const struct nfc_protocol rawsock_nfc_proto = {
	403	.id = NFC_SOCKPROTO_RAW,
	404	.proto = &rawsock_proto,
	405	.owner = THIS_MODULE,
	406	.create = rawsock_create
	407	};
	408
	409	int __init rawsock_init(void)
	410	{
	411	int rc;
	412
	413	rc = nfc_proto_register(&rawsock_nfc_proto);
	414
	415	return rc;
	416	}
	417
	418	void rawsock_exit(void)
	419	{
	420	nfc_proto_unregister(&rawsock_nfc_proto);
	421	}