aboutsummaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
authorJohn W. Linville <linville@tuxdriver.com>2012-11-14 14:51:06 -0500
committerJohn W. Linville <linville@tuxdriver.com>2012-11-14 14:51:06 -0500
commitb7fd76d114568d0b1e0d443049ed597b3a55f9c6 (patch)
treef78ffffe96d4ad4c1405f48c34c344db48b4139f /net
parent38141fcfaad34a388e61a7a7e98d521330e049d6 (diff)
parent0c0afedf55ff409be9db0b0aeeaa1c6fe0f3cd3c (diff)
Merge branch 'for-upstream' of git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next
Diffstat (limited to 'net')
-rw-r--r--net/bluetooth/Kconfig1
-rw-r--r--net/bluetooth/a2mp.c4
-rw-r--r--net/bluetooth/amp.c93
-rw-r--r--net/bluetooth/bnep/netdev.c1
-rw-r--r--net/bluetooth/cmtp/capi.c2
-rw-r--r--net/bluetooth/cmtp/sock.c2
-rw-r--r--net/bluetooth/hci_conn.c6
-rw-r--r--net/bluetooth/hci_core.c65
-rw-r--r--net/bluetooth/hci_event.c309
-rw-r--r--net/bluetooth/l2cap_core.c1000
-rw-r--r--net/bluetooth/l2cap_sock.c5
-rw-r--r--net/bluetooth/mgmt.c98
12 files changed, 1412 insertions, 174 deletions
diff --git a/net/bluetooth/Kconfig b/net/bluetooth/Kconfig
index 1c11d0dcd863..d3f3f7b1d32c 100644
--- a/net/bluetooth/Kconfig
+++ b/net/bluetooth/Kconfig
@@ -48,4 +48,3 @@ source "net/bluetooth/cmtp/Kconfig"
48source "net/bluetooth/hidp/Kconfig" 48source "net/bluetooth/hidp/Kconfig"
49 49
50source "drivers/bluetooth/Kconfig" 50source "drivers/bluetooth/Kconfig"
51
diff --git a/net/bluetooth/a2mp.c b/net/bluetooth/a2mp.c
index d5136cfb57e2..2f67d5ecc907 100644
--- a/net/bluetooth/a2mp.c
+++ b/net/bluetooth/a2mp.c
@@ -423,7 +423,7 @@ static int a2mp_getampassoc_rsp(struct amp_mgr *mgr, struct sk_buff *skb,
423 423
424 BT_DBG("Created hcon %p: loc:%d -> rem:%d", hcon, hdev->id, rsp->id); 424 BT_DBG("Created hcon %p: loc:%d -> rem:%d", hcon, hdev->id, rsp->id);
425 425
426 mgr->bredr_chan->ctrl_id = rsp->id; 426 mgr->bredr_chan->remote_amp_id = rsp->id;
427 427
428 amp_create_phylink(hdev, mgr, hcon); 428 amp_create_phylink(hdev, mgr, hcon);
429 429
@@ -939,7 +939,7 @@ void a2mp_send_create_phy_link_req(struct hci_dev *hdev, u8 status)
939 goto clean; 939 goto clean;
940 940
941 req->local_id = hdev->id; 941 req->local_id = hdev->id;
942 req->remote_id = bredr_chan->ctrl_id; 942 req->remote_id = bredr_chan->remote_amp_id;
943 memcpy(req->amp_assoc, loc_assoc->data, loc_assoc->len); 943 memcpy(req->amp_assoc, loc_assoc->data, loc_assoc->len);
944 944
945 a2mp_send(mgr, A2MP_CREATEPHYSLINK_REQ, __next_ident(mgr), len, req); 945 a2mp_send(mgr, A2MP_CREATEPHYSLINK_REQ, __next_ident(mgr), len, req);
diff --git a/net/bluetooth/amp.c b/net/bluetooth/amp.c
index 231d7ef53ecb..4b2fea6c1c2a 100644
--- a/net/bluetooth/amp.c
+++ b/net/bluetooth/amp.c
@@ -372,3 +372,96 @@ void amp_accept_phylink(struct hci_dev *hdev, struct amp_mgr *mgr,
372 372
373 hci_send_cmd(hdev, HCI_OP_ACCEPT_PHY_LINK, sizeof(cp), &cp); 373 hci_send_cmd(hdev, HCI_OP_ACCEPT_PHY_LINK, sizeof(cp), &cp);
374} 374}
375
376void amp_physical_cfm(struct hci_conn *bredr_hcon, struct hci_conn *hs_hcon)
377{
378 struct hci_dev *bredr_hdev = hci_dev_hold(bredr_hcon->hdev);
379 struct amp_mgr *mgr = hs_hcon->amp_mgr;
380 struct l2cap_chan *bredr_chan;
381
382 BT_DBG("bredr_hcon %p hs_hcon %p mgr %p", bredr_hcon, hs_hcon, mgr);
383
384 if (!bredr_hdev || !mgr || !mgr->bredr_chan)
385 return;
386
387 bredr_chan = mgr->bredr_chan;
388
389 set_bit(FLAG_EFS_ENABLE, &bredr_chan->flags);
390 bredr_chan->remote_amp_id = hs_hcon->remote_id;
391 bredr_chan->hs_hcon = hs_hcon;
392 bredr_chan->conn->mtu = hs_hcon->hdev->block_mtu;
393 bredr_chan->fcs = L2CAP_FCS_NONE;
394
395 l2cap_physical_cfm(bredr_chan, 0);
396
397 hci_dev_put(bredr_hdev);
398}
399
400void amp_create_logical_link(struct l2cap_chan *chan)
401{
402 struct hci_cp_create_accept_logical_link cp;
403 struct hci_conn *hcon;
404 struct hci_dev *hdev;
405
406 BT_DBG("chan %p", chan);
407
408 if (!chan->hs_hcon)
409 return;
410
411 hdev = hci_dev_hold(chan->hs_hcon->hdev);
412 if (!hdev)
413 return;
414
415 BT_DBG("chan %p dst %pMR", chan, chan->conn->dst);
416
417 hcon = hci_conn_hash_lookup_ba(hdev, AMP_LINK, chan->conn->dst);
418 if (!hcon)
419 goto done;
420
421 cp.phy_handle = hcon->handle;
422
423 cp.tx_flow_spec.id = chan->local_id;
424 cp.tx_flow_spec.stype = chan->local_stype;
425 cp.tx_flow_spec.msdu = cpu_to_le16(chan->local_msdu);
426 cp.tx_flow_spec.sdu_itime = cpu_to_le32(chan->local_sdu_itime);
427 cp.tx_flow_spec.acc_lat = cpu_to_le32(chan->local_acc_lat);
428 cp.tx_flow_spec.flush_to = cpu_to_le32(chan->local_flush_to);
429
430 cp.rx_flow_spec.id = chan->remote_id;
431 cp.rx_flow_spec.stype = chan->remote_stype;
432 cp.rx_flow_spec.msdu = cpu_to_le16(chan->remote_msdu);
433 cp.rx_flow_spec.sdu_itime = cpu_to_le32(chan->remote_sdu_itime);
434 cp.rx_flow_spec.acc_lat = cpu_to_le32(chan->remote_acc_lat);
435 cp.rx_flow_spec.flush_to = cpu_to_le32(chan->remote_flush_to);
436
437 if (hcon->out)
438 hci_send_cmd(hdev, HCI_OP_CREATE_LOGICAL_LINK, sizeof(cp),
439 &cp);
440 else
441 hci_send_cmd(hdev, HCI_OP_ACCEPT_LOGICAL_LINK, sizeof(cp),
442 &cp);
443
444done:
445 hci_dev_put(hdev);
446}
447
448void amp_disconnect_logical_link(struct hci_chan *hchan)
449{
450 struct hci_conn *hcon = hchan->conn;
451 struct hci_cp_disconn_logical_link cp;
452
453 if (hcon->state != BT_CONNECTED) {
454 BT_DBG("hchan %p not connected", hchan);
455 return;
456 }
457
458 cp.log_handle = cpu_to_le16(hchan->handle);
459 hci_send_cmd(hcon->hdev, HCI_OP_DISCONN_LOGICAL_LINK, sizeof(cp), &cp);
460}
461
462void amp_destroy_logical_link(struct hci_chan *hchan, u8 reason)
463{
464 BT_DBG("hchan %p", hchan);
465
466 hci_chan_del(hchan);
467}
diff --git a/net/bluetooth/bnep/netdev.c b/net/bluetooth/bnep/netdev.c
index 98f86f91d47c..e58c8b32589c 100644
--- a/net/bluetooth/bnep/netdev.c
+++ b/net/bluetooth/bnep/netdev.c
@@ -25,7 +25,6 @@
25 SOFTWARE IS DISCLAIMED. 25 SOFTWARE IS DISCLAIMED.
26*/ 26*/
27 27
28#include <linux/export.h>
29#include <linux/etherdevice.h> 28#include <linux/etherdevice.h>
30 29
31#include <net/bluetooth/bluetooth.h> 30#include <net/bluetooth/bluetooth.h>
diff --git a/net/bluetooth/cmtp/capi.c b/net/bluetooth/cmtp/capi.c
index 50f0d135eb8f..a4a9d4b6816c 100644
--- a/net/bluetooth/cmtp/capi.c
+++ b/net/bluetooth/cmtp/capi.c
@@ -20,7 +20,7 @@
20 SOFTWARE IS DISCLAIMED. 20 SOFTWARE IS DISCLAIMED.
21*/ 21*/
22 22
23#include <linux/module.h> 23#include <linux/export.h>
24#include <linux/proc_fs.h> 24#include <linux/proc_fs.h>
25#include <linux/seq_file.h> 25#include <linux/seq_file.h>
26#include <linux/types.h> 26#include <linux/types.h>
diff --git a/net/bluetooth/cmtp/sock.c b/net/bluetooth/cmtp/sock.c
index aacb802d1ee4..1c57482112b6 100644
--- a/net/bluetooth/cmtp/sock.c
+++ b/net/bluetooth/cmtp/sock.c
@@ -20,7 +20,7 @@
20 SOFTWARE IS DISCLAIMED. 20 SOFTWARE IS DISCLAIMED.
21*/ 21*/
22 22
23#include <linux/module.h> 23#include <linux/export.h>
24 24
25#include <linux/types.h> 25#include <linux/types.h>
26#include <linux/capability.h> 26#include <linux/capability.h>
diff --git a/net/bluetooth/hci_conn.c b/net/bluetooth/hci_conn.c
index fe646211c61f..25bfce0666eb 100644
--- a/net/bluetooth/hci_conn.c
+++ b/net/bluetooth/hci_conn.c
@@ -502,6 +502,9 @@ static struct hci_conn *hci_connect_le(struct hci_dev *hdev, bdaddr_t *dst,
502{ 502{
503 struct hci_conn *le; 503 struct hci_conn *le;
504 504
505 if (test_bit(HCI_LE_PERIPHERAL, &hdev->flags))
506 return ERR_PTR(-ENOTSUPP);
507
505 le = hci_conn_hash_lookup_ba(hdev, LE_LINK, dst); 508 le = hci_conn_hash_lookup_ba(hdev, LE_LINK, dst);
506 if (!le) { 509 if (!le) {
507 le = hci_conn_hash_lookup_state(hdev, LE_LINK, BT_CONNECT); 510 le = hci_conn_hash_lookup_state(hdev, LE_LINK, BT_CONNECT);
@@ -959,6 +962,7 @@ struct hci_chan *hci_chan_create(struct hci_conn *conn)
959 962
960 chan->conn = conn; 963 chan->conn = conn;
961 skb_queue_head_init(&chan->data_q); 964 skb_queue_head_init(&chan->data_q);
965 chan->state = BT_CONNECTED;
962 966
963 list_add_rcu(&chan->list, &conn->chan_list); 967 list_add_rcu(&chan->list, &conn->chan_list);
964 968
@@ -976,6 +980,8 @@ void hci_chan_del(struct hci_chan *chan)
976 980
977 synchronize_rcu(); 981 synchronize_rcu();
978 982
983 hci_conn_put(conn);
984
979 skb_queue_purge(&chan->data_q); 985 skb_queue_purge(&chan->data_q);
980 kfree(chan); 986 kfree(chan);
981} 987}
diff --git a/net/bluetooth/hci_core.c b/net/bluetooth/hci_core.c
index 5a3f941b610f..515d0c394f35 100644
--- a/net/bluetooth/hci_core.c
+++ b/net/bluetooth/hci_core.c
@@ -178,48 +178,13 @@ static void hci_reset_req(struct hci_dev *hdev, unsigned long opt)
178 178
179static void bredr_init(struct hci_dev *hdev) 179static void bredr_init(struct hci_dev *hdev)
180{ 180{
181 struct hci_cp_delete_stored_link_key cp;
182 __le16 param;
183 __u8 flt_type;
184
185 hdev->flow_ctl_mode = HCI_FLOW_CTL_MODE_PACKET_BASED; 181 hdev->flow_ctl_mode = HCI_FLOW_CTL_MODE_PACKET_BASED;
186 182
187 /* Mandatory initialization */
188
189 /* Read Local Supported Features */ 183 /* Read Local Supported Features */
190 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_FEATURES, 0, NULL); 184 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_FEATURES, 0, NULL);
191 185
192 /* Read Local Version */ 186 /* Read Local Version */
193 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_VERSION, 0, NULL); 187 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_VERSION, 0, NULL);
194
195 /* Read Buffer Size (ACL mtu, max pkt, etc.) */
196 hci_send_cmd(hdev, HCI_OP_READ_BUFFER_SIZE, 0, NULL);
197
198 /* Read BD Address */
199 hci_send_cmd(hdev, HCI_OP_READ_BD_ADDR, 0, NULL);
200
201 /* Read Class of Device */
202 hci_send_cmd(hdev, HCI_OP_READ_CLASS_OF_DEV, 0, NULL);
203
204 /* Read Local Name */
205 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_NAME, 0, NULL);
206
207 /* Read Voice Setting */
208 hci_send_cmd(hdev, HCI_OP_READ_VOICE_SETTING, 0, NULL);
209
210 /* Optional initialization */
211
212 /* Clear Event Filters */
213 flt_type = HCI_FLT_CLEAR_ALL;
214 hci_send_cmd(hdev, HCI_OP_SET_EVENT_FLT, 1, &flt_type);
215
216 /* Connection accept timeout ~20 secs */
217 param = __constant_cpu_to_le16(0x7d00);
218 hci_send_cmd(hdev, HCI_OP_WRITE_CA_TIMEOUT, 2, &param);
219
220 bacpy(&cp.bdaddr, BDADDR_ANY);
221 cp.delete_all = 1;
222 hci_send_cmd(hdev, HCI_OP_DELETE_STORED_LINK_KEY, sizeof(cp), &cp);
223} 188}
224 189
225static void amp_init(struct hci_dev *hdev) 190static void amp_init(struct hci_dev *hdev)
@@ -273,14 +238,6 @@ static void hci_init_req(struct hci_dev *hdev, unsigned long opt)
273 } 238 }
274} 239}
275 240
276static void hci_le_init_req(struct hci_dev *hdev, unsigned long opt)
277{
278 BT_DBG("%s", hdev->name);
279
280 /* Read LE buffer size */
281 hci_send_cmd(hdev, HCI_OP_LE_READ_BUFFER_SIZE, 0, NULL);
282}
283
284static void hci_scan_req(struct hci_dev *hdev, unsigned long opt) 241static void hci_scan_req(struct hci_dev *hdev, unsigned long opt)
285{ 242{
286 __u8 scan = opt; 243 __u8 scan = opt;
@@ -687,10 +644,6 @@ int hci_dev_open(__u16 dev)
687 644
688 ret = __hci_request(hdev, hci_init_req, 0, HCI_INIT_TIMEOUT); 645 ret = __hci_request(hdev, hci_init_req, 0, HCI_INIT_TIMEOUT);
689 646
690 if (lmp_host_le_capable(hdev))
691 ret = __hci_request(hdev, hci_le_init_req, 0,
692 HCI_INIT_TIMEOUT);
693
694 clear_bit(HCI_INIT, &hdev->flags); 647 clear_bit(HCI_INIT, &hdev->flags);
695 } 648 }
696 649
@@ -1039,10 +992,17 @@ int hci_get_dev_info(void __user *arg)
1039 di.type = (hdev->bus & 0x0f) | (hdev->dev_type << 4); 992 di.type = (hdev->bus & 0x0f) | (hdev->dev_type << 4);
1040 di.flags = hdev->flags; 993 di.flags = hdev->flags;
1041 di.pkt_type = hdev->pkt_type; 994 di.pkt_type = hdev->pkt_type;
1042 di.acl_mtu = hdev->acl_mtu; 995 if (lmp_bredr_capable(hdev)) {
1043 di.acl_pkts = hdev->acl_pkts; 996 di.acl_mtu = hdev->acl_mtu;
1044 di.sco_mtu = hdev->sco_mtu; 997 di.acl_pkts = hdev->acl_pkts;
1045 di.sco_pkts = hdev->sco_pkts; 998 di.sco_mtu = hdev->sco_mtu;
999 di.sco_pkts = hdev->sco_pkts;
1000 } else {
1001 di.acl_mtu = hdev->le_mtu;
1002 di.acl_pkts = hdev->le_pkts;
1003 di.sco_mtu = 0;
1004 di.sco_pkts = 0;
1005 }
1046 di.link_policy = hdev->link_policy; 1006 di.link_policy = hdev->link_policy;
1047 di.link_mode = hdev->link_mode; 1007 di.link_mode = hdev->link_mode;
1048 1008
@@ -1617,6 +1577,9 @@ int hci_le_scan(struct hci_dev *hdev, u8 type, u16 interval, u16 window,
1617 1577
1618 BT_DBG("%s", hdev->name); 1578 BT_DBG("%s", hdev->name);
1619 1579
1580 if (test_bit(HCI_LE_PERIPHERAL, &hdev->dev_flags))
1581 return -ENOTSUPP;
1582
1620 if (work_busy(&hdev->le_scan)) 1583 if (work_busy(&hdev->le_scan))
1621 return -EINPROGRESS; 1584 return -EINPROGRESS;
1622 1585
diff --git a/net/bluetooth/hci_event.c b/net/bluetooth/hci_event.c
index 0383635f91fb..c08ac7c03711 100644
--- a/net/bluetooth/hci_event.c
+++ b/net/bluetooth/hci_event.c
@@ -24,7 +24,6 @@
24 24
25/* Bluetooth HCI event handling. */ 25/* Bluetooth HCI event handling. */
26 26
27#include <linux/export.h>
28#include <asm/unaligned.h> 27#include <asm/unaligned.h>
29 28
30#include <net/bluetooth/bluetooth.h> 29#include <net/bluetooth/bluetooth.h>
@@ -440,7 +439,7 @@ static void hci_cc_host_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
440static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb) 439static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
441{ 440{
442 __u8 status = *((__u8 *) skb->data); 441 __u8 status = *((__u8 *) skb->data);
443 void *sent; 442 struct hci_cp_write_ssp_mode *sent;
444 443
445 BT_DBG("%s status 0x%2.2x", hdev->name, status); 444 BT_DBG("%s status 0x%2.2x", hdev->name, status);
446 445
@@ -448,10 +447,17 @@ static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
448 if (!sent) 447 if (!sent)
449 return; 448 return;
450 449
450 if (!status) {
451 if (sent->mode)
452 hdev->host_features[0] |= LMP_HOST_SSP;
453 else
454 hdev->host_features[0] &= ~LMP_HOST_SSP;
455 }
456
451 if (test_bit(HCI_MGMT, &hdev->dev_flags)) 457 if (test_bit(HCI_MGMT, &hdev->dev_flags))
452 mgmt_ssp_enable_complete(hdev, *((u8 *) sent), status); 458 mgmt_ssp_enable_complete(hdev, sent->mode, status);
453 else if (!status) { 459 else if (!status) {
454 if (*((u8 *) sent)) 460 if (sent->mode)
455 set_bit(HCI_SSP_ENABLED, &hdev->dev_flags); 461 set_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
456 else 462 else
457 clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags); 463 clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
@@ -460,10 +466,10 @@ static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
460 466
461static u8 hci_get_inquiry_mode(struct hci_dev *hdev) 467static u8 hci_get_inquiry_mode(struct hci_dev *hdev)
462{ 468{
463 if (hdev->features[6] & LMP_EXT_INQ) 469 if (lmp_ext_inq_capable(hdev))
464 return 2; 470 return 2;
465 471
466 if (hdev->features[3] & LMP_RSSI_INQ) 472 if (lmp_inq_rssi_capable(hdev))
467 return 1; 473 return 1;
468 474
469 if (hdev->manufacturer == 11 && hdev->hci_rev == 0x00 && 475 if (hdev->manufacturer == 11 && hdev->hci_rev == 0x00 &&
@@ -507,28 +513,30 @@ static void hci_setup_event_mask(struct hci_dev *hdev)
507 if (hdev->hci_ver < BLUETOOTH_VER_1_2) 513 if (hdev->hci_ver < BLUETOOTH_VER_1_2)
508 return; 514 return;
509 515
510 events[4] |= 0x01; /* Flow Specification Complete */ 516 if (lmp_bredr_capable(hdev)) {
511 events[4] |= 0x02; /* Inquiry Result with RSSI */ 517 events[4] |= 0x01; /* Flow Specification Complete */
512 events[4] |= 0x04; /* Read Remote Extended Features Complete */ 518 events[4] |= 0x02; /* Inquiry Result with RSSI */
513 events[5] |= 0x08; /* Synchronous Connection Complete */ 519 events[4] |= 0x04; /* Read Remote Extended Features Complete */
514 events[5] |= 0x10; /* Synchronous Connection Changed */ 520 events[5] |= 0x08; /* Synchronous Connection Complete */
521 events[5] |= 0x10; /* Synchronous Connection Changed */
522 }
515 523
516 if (hdev->features[3] & LMP_RSSI_INQ) 524 if (lmp_inq_rssi_capable(hdev))
517 events[4] |= 0x02; /* Inquiry Result with RSSI */ 525 events[4] |= 0x02; /* Inquiry Result with RSSI */
518 526
519 if (lmp_sniffsubr_capable(hdev)) 527 if (lmp_sniffsubr_capable(hdev))
520 events[5] |= 0x20; /* Sniff Subrating */ 528 events[5] |= 0x20; /* Sniff Subrating */
521 529
522 if (hdev->features[5] & LMP_PAUSE_ENC) 530 if (lmp_pause_enc_capable(hdev))
523 events[5] |= 0x80; /* Encryption Key Refresh Complete */ 531 events[5] |= 0x80; /* Encryption Key Refresh Complete */
524 532
525 if (hdev->features[6] & LMP_EXT_INQ) 533 if (lmp_ext_inq_capable(hdev))
526 events[5] |= 0x40; /* Extended Inquiry Result */ 534 events[5] |= 0x40; /* Extended Inquiry Result */
527 535
528 if (lmp_no_flush_capable(hdev)) 536 if (lmp_no_flush_capable(hdev))
529 events[7] |= 0x01; /* Enhanced Flush Complete */ 537 events[7] |= 0x01; /* Enhanced Flush Complete */
530 538
531 if (hdev->features[7] & LMP_LSTO) 539 if (lmp_lsto_capable(hdev))
532 events[6] |= 0x80; /* Link Supervision Timeout Changed */ 540 events[6] |= 0x80; /* Link Supervision Timeout Changed */
533 541
534 if (lmp_ssp_capable(hdev)) { 542 if (lmp_ssp_capable(hdev)) {
@@ -548,6 +556,53 @@ static void hci_setup_event_mask(struct hci_dev *hdev)
548 events[7] |= 0x20; /* LE Meta-Event */ 556 events[7] |= 0x20; /* LE Meta-Event */
549 557
550 hci_send_cmd(hdev, HCI_OP_SET_EVENT_MASK, sizeof(events), events); 558 hci_send_cmd(hdev, HCI_OP_SET_EVENT_MASK, sizeof(events), events);
559
560 if (lmp_le_capable(hdev)) {
561 memset(events, 0, sizeof(events));
562 events[0] = 0x1f;
563 hci_send_cmd(hdev, HCI_OP_LE_SET_EVENT_MASK,
564 sizeof(events), events);
565 }
566}
567
568static void bredr_setup(struct hci_dev *hdev)
569{
570 struct hci_cp_delete_stored_link_key cp;
571 __le16 param;
572 __u8 flt_type;
573
574 /* Read Buffer Size (ACL mtu, max pkt, etc.) */
575 hci_send_cmd(hdev, HCI_OP_READ_BUFFER_SIZE, 0, NULL);
576
577 /* Read Class of Device */
578 hci_send_cmd(hdev, HCI_OP_READ_CLASS_OF_DEV, 0, NULL);
579
580 /* Read Local Name */
581 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_NAME, 0, NULL);
582
583 /* Read Voice Setting */
584 hci_send_cmd(hdev, HCI_OP_READ_VOICE_SETTING, 0, NULL);
585
586 /* Clear Event Filters */
587 flt_type = HCI_FLT_CLEAR_ALL;
588 hci_send_cmd(hdev, HCI_OP_SET_EVENT_FLT, 1, &flt_type);
589
590 /* Connection accept timeout ~20 secs */
591 param = __constant_cpu_to_le16(0x7d00);
592 hci_send_cmd(hdev, HCI_OP_WRITE_CA_TIMEOUT, 2, &param);
593
594 bacpy(&cp.bdaddr, BDADDR_ANY);
595 cp.delete_all = 1;
596 hci_send_cmd(hdev, HCI_OP_DELETE_STORED_LINK_KEY, sizeof(cp), &cp);
597}
598
599static void le_setup(struct hci_dev *hdev)
600{
601 /* Read LE Buffer Size */
602 hci_send_cmd(hdev, HCI_OP_LE_READ_BUFFER_SIZE, 0, NULL);
603
604 /* Read LE Advertising Channel TX Power */
605 hci_send_cmd(hdev, HCI_OP_LE_READ_ADV_TX_POWER, 0, NULL);
551} 606}
552 607
553static void hci_setup(struct hci_dev *hdev) 608static void hci_setup(struct hci_dev *hdev)
@@ -555,6 +610,15 @@ static void hci_setup(struct hci_dev *hdev)
555 if (hdev->dev_type != HCI_BREDR) 610 if (hdev->dev_type != HCI_BREDR)
556 return; 611 return;
557 612
613 /* Read BD Address */
614 hci_send_cmd(hdev, HCI_OP_READ_BD_ADDR, 0, NULL);
615
616 if (lmp_bredr_capable(hdev))
617 bredr_setup(hdev);
618
619 if (lmp_le_capable(hdev))
620 le_setup(hdev);
621
558 hci_setup_event_mask(hdev); 622 hci_setup_event_mask(hdev);
559 623
560 if (hdev->hci_ver > BLUETOOTH_VER_1_1) 624 if (hdev->hci_ver > BLUETOOTH_VER_1_1)
@@ -575,13 +639,13 @@ static void hci_setup(struct hci_dev *hdev)
575 } 639 }
576 } 640 }
577 641
578 if (hdev->features[3] & LMP_RSSI_INQ) 642 if (lmp_inq_rssi_capable(hdev))
579 hci_setup_inquiry_mode(hdev); 643 hci_setup_inquiry_mode(hdev);
580 644
581 if (hdev->features[7] & LMP_INQ_TX_PWR) 645 if (lmp_inq_tx_pwr_capable(hdev))
582 hci_send_cmd(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, 0, NULL); 646 hci_send_cmd(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, 0, NULL);
583 647
584 if (hdev->features[7] & LMP_EXTFEATURES) { 648 if (lmp_ext_feat_capable(hdev)) {
585 struct hci_cp_read_local_ext_features cp; 649 struct hci_cp_read_local_ext_features cp;
586 650
587 cp.page = 0x01; 651 cp.page = 0x01;
@@ -628,11 +692,11 @@ static void hci_setup_link_policy(struct hci_dev *hdev)
628 692
629 if (lmp_rswitch_capable(hdev)) 693 if (lmp_rswitch_capable(hdev))
630 link_policy |= HCI_LP_RSWITCH; 694 link_policy |= HCI_LP_RSWITCH;
631 if (hdev->features[0] & LMP_HOLD) 695 if (lmp_hold_capable(hdev))
632 link_policy |= HCI_LP_HOLD; 696 link_policy |= HCI_LP_HOLD;
633 if (lmp_sniff_capable(hdev)) 697 if (lmp_sniff_capable(hdev))
634 link_policy |= HCI_LP_SNIFF; 698 link_policy |= HCI_LP_SNIFF;
635 if (hdev->features[1] & LMP_PARK) 699 if (lmp_park_capable(hdev))
636 link_policy |= HCI_LP_PARK; 700 link_policy |= HCI_LP_PARK;
637 701
638 cp.policy = cpu_to_le16(link_policy); 702 cp.policy = cpu_to_le16(link_policy);
@@ -722,10 +786,10 @@ static void hci_set_le_support(struct hci_dev *hdev)
722 786
723 if (test_bit(HCI_LE_ENABLED, &hdev->dev_flags)) { 787 if (test_bit(HCI_LE_ENABLED, &hdev->dev_flags)) {
724 cp.le = 1; 788 cp.le = 1;
725 cp.simul = !!(hdev->features[6] & LMP_SIMUL_LE_BR); 789 cp.simul = !!lmp_le_br_capable(hdev);
726 } 790 }
727 791
728 if (cp.le != !!(hdev->host_features[0] & LMP_HOST_LE)) 792 if (cp.le != !!lmp_host_le_capable(hdev))
729 hci_send_cmd(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, sizeof(cp), 793 hci_send_cmd(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, sizeof(cp),
730 &cp); 794 &cp);
731} 795}
@@ -1018,6 +1082,28 @@ static void hci_cc_le_read_buffer_size(struct hci_dev *hdev,
1018 hci_req_complete(hdev, HCI_OP_LE_READ_BUFFER_SIZE, rp->status); 1082 hci_req_complete(hdev, HCI_OP_LE_READ_BUFFER_SIZE, rp->status);
1019} 1083}
1020 1084
1085static void hci_cc_le_read_adv_tx_power(struct hci_dev *hdev,
1086 struct sk_buff *skb)
1087{
1088 struct hci_rp_le_read_adv_tx_power *rp = (void *) skb->data;
1089
1090 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1091
1092 if (!rp->status)
1093 hdev->adv_tx_power = rp->tx_power;
1094
1095 hci_req_complete(hdev, HCI_OP_LE_READ_ADV_TX_POWER, rp->status);
1096}
1097
1098static void hci_cc_le_set_event_mask(struct hci_dev *hdev, struct sk_buff *skb)
1099{
1100 __u8 status = *((__u8 *) skb->data);
1101
1102 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1103
1104 hci_req_complete(hdev, HCI_OP_LE_SET_EVENT_MASK, status);
1105}
1106
1021static void hci_cc_user_confirm_reply(struct hci_dev *hdev, struct sk_buff *skb) 1107static void hci_cc_user_confirm_reply(struct hci_dev *hdev, struct sk_buff *skb)
1022{ 1108{
1023 struct hci_rp_user_confirm_reply *rp = (void *) skb->data; 1109 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
@@ -1207,6 +1293,11 @@ static void hci_cc_write_le_host_supported(struct hci_dev *hdev,
1207 hdev->host_features[0] |= LMP_HOST_LE; 1293 hdev->host_features[0] |= LMP_HOST_LE;
1208 else 1294 else
1209 hdev->host_features[0] &= ~LMP_HOST_LE; 1295 hdev->host_features[0] &= ~LMP_HOST_LE;
1296
1297 if (sent->simul)
1298 hdev->host_features[0] |= LMP_HOST_LE_BREDR;
1299 else
1300 hdev->host_features[0] &= ~LMP_HOST_LE_BREDR;
1210 } 1301 }
1211 1302
1212 if (test_bit(HCI_MGMT, &hdev->dev_flags) && 1303 if (test_bit(HCI_MGMT, &hdev->dev_flags) &&
@@ -1718,14 +1809,23 @@ static void hci_cs_create_phylink(struct hci_dev *hdev, u8 status)
1718 1809
1719 BT_DBG("%s status 0x%2.2x", hdev->name, status); 1810 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1720 1811
1721 if (status)
1722 return;
1723
1724 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_PHY_LINK); 1812 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_PHY_LINK);
1725 if (!cp) 1813 if (!cp)
1726 return; 1814 return;
1727 1815
1728 amp_write_remote_assoc(hdev, cp->phy_handle); 1816 hci_dev_lock(hdev);
1817
1818 if (status) {
1819 struct hci_conn *hcon;
1820
1821 hcon = hci_conn_hash_lookup_handle(hdev, cp->phy_handle);
1822 if (hcon)
1823 hci_conn_del(hcon);
1824 } else {
1825 amp_write_remote_assoc(hdev, cp->phy_handle);
1826 }
1827
1828 hci_dev_unlock(hdev);
1729} 1829}
1730 1830
1731static void hci_cs_accept_phylink(struct hci_dev *hdev, u8 status) 1831static void hci_cs_accept_phylink(struct hci_dev *hdev, u8 status)
@@ -1744,6 +1844,11 @@ static void hci_cs_accept_phylink(struct hci_dev *hdev, u8 status)
1744 amp_write_remote_assoc(hdev, cp->phy_handle); 1844 amp_write_remote_assoc(hdev, cp->phy_handle);
1745} 1845}
1746 1846
1847static void hci_cs_create_logical_link(struct hci_dev *hdev, u8 status)
1848{
1849 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1850}
1851
1747static void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb) 1852static void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1748{ 1853{
1749 __u8 status = *((__u8 *) skb->data); 1854 __u8 status = *((__u8 *) skb->data);
@@ -2441,6 +2546,14 @@ static void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2441 hci_cc_le_read_buffer_size(hdev, skb); 2546 hci_cc_le_read_buffer_size(hdev, skb);
2442 break; 2547 break;
2443 2548
2549 case HCI_OP_LE_READ_ADV_TX_POWER:
2550 hci_cc_le_read_adv_tx_power(hdev, skb);
2551 break;
2552
2553 case HCI_OP_LE_SET_EVENT_MASK:
2554 hci_cc_le_set_event_mask(hdev, skb);
2555 break;
2556
2444 case HCI_OP_USER_CONFIRM_REPLY: 2557 case HCI_OP_USER_CONFIRM_REPLY:
2445 hci_cc_user_confirm_reply(hdev, skb); 2558 hci_cc_user_confirm_reply(hdev, skb);
2446 break; 2559 break;
@@ -2570,6 +2683,10 @@ static void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb)
2570 hci_cs_accept_phylink(hdev, ev->status); 2683 hci_cs_accept_phylink(hdev, ev->status);
2571 break; 2684 break;
2572 2685
2686 case HCI_OP_CREATE_LOGICAL_LINK:
2687 hci_cs_create_logical_link(hdev, ev->status);
2688 break;
2689
2573 default: 2690 default:
2574 BT_DBG("%s opcode 0x%4.4x", hdev->name, opcode); 2691 BT_DBG("%s opcode 0x%4.4x", hdev->name, opcode);
2575 break; 2692 break;
@@ -3544,6 +3661,130 @@ unlock:
3544 hci_dev_unlock(hdev); 3661 hci_dev_unlock(hdev);
3545} 3662}
3546 3663
3664static void hci_phy_link_complete_evt(struct hci_dev *hdev,
3665 struct sk_buff *skb)
3666{
3667 struct hci_ev_phy_link_complete *ev = (void *) skb->data;
3668 struct hci_conn *hcon, *bredr_hcon;
3669
3670 BT_DBG("%s handle 0x%2.2x status 0x%2.2x", hdev->name, ev->phy_handle,
3671 ev->status);
3672
3673 hci_dev_lock(hdev);
3674
3675 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle);
3676 if (!hcon) {
3677 hci_dev_unlock(hdev);
3678 return;
3679 }
3680
3681 if (ev->status) {
3682 hci_conn_del(hcon);
3683 hci_dev_unlock(hdev);
3684 return;
3685 }
3686
3687 bredr_hcon = hcon->amp_mgr->l2cap_conn->hcon;
3688
3689 hcon->state = BT_CONNECTED;
3690 bacpy(&hcon->dst, &bredr_hcon->dst);
3691
3692 hci_conn_hold(hcon);
3693 hcon->disc_timeout = HCI_DISCONN_TIMEOUT;
3694 hci_conn_put(hcon);
3695
3696 hci_conn_hold_device(hcon);
3697 hci_conn_add_sysfs(hcon);
3698
3699 amp_physical_cfm(bredr_hcon, hcon);
3700
3701 hci_dev_unlock(hdev);
3702}
3703
3704static void hci_loglink_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
3705{
3706 struct hci_ev_logical_link_complete *ev = (void *) skb->data;
3707 struct hci_conn *hcon;
3708 struct hci_chan *hchan;
3709 struct amp_mgr *mgr;
3710
3711 BT_DBG("%s log_handle 0x%4.4x phy_handle 0x%2.2x status 0x%2.2x",
3712 hdev->name, le16_to_cpu(ev->handle), ev->phy_handle,
3713 ev->status);
3714
3715 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle);
3716 if (!hcon)
3717 return;
3718
3719 /* Create AMP hchan */
3720 hchan = hci_chan_create(hcon);
3721 if (!hchan)
3722 return;
3723
3724 hchan->handle = le16_to_cpu(ev->handle);
3725
3726 BT_DBG("hcon %p mgr %p hchan %p", hcon, hcon->amp_mgr, hchan);
3727
3728 mgr = hcon->amp_mgr;
3729 if (mgr && mgr->bredr_chan) {
3730 struct l2cap_chan *bredr_chan = mgr->bredr_chan;
3731
3732 l2cap_chan_lock(bredr_chan);
3733
3734 bredr_chan->conn->mtu = hdev->block_mtu;
3735 l2cap_logical_cfm(bredr_chan, hchan, 0);
3736 hci_conn_hold(hcon);
3737
3738 l2cap_chan_unlock(bredr_chan);
3739 }
3740}
3741
3742static void hci_disconn_loglink_complete_evt(struct hci_dev *hdev,
3743 struct sk_buff *skb)
3744{
3745 struct hci_ev_disconn_logical_link_complete *ev = (void *) skb->data;
3746 struct hci_chan *hchan;
3747
3748 BT_DBG("%s log handle 0x%4.4x status 0x%2.2x", hdev->name,
3749 le16_to_cpu(ev->handle), ev->status);
3750
3751 if (ev->status)
3752 return;
3753
3754 hci_dev_lock(hdev);
3755
3756 hchan = hci_chan_lookup_handle(hdev, le16_to_cpu(ev->handle));
3757 if (!hchan)
3758 goto unlock;
3759
3760 amp_destroy_logical_link(hchan, ev->reason);
3761
3762unlock:
3763 hci_dev_unlock(hdev);
3764}
3765
3766static void hci_disconn_phylink_complete_evt(struct hci_dev *hdev,
3767 struct sk_buff *skb)
3768{
3769 struct hci_ev_disconn_phy_link_complete *ev = (void *) skb->data;
3770 struct hci_conn *hcon;
3771
3772 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
3773
3774 if (ev->status)
3775 return;
3776
3777 hci_dev_lock(hdev);
3778
3779 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle);
3780 if (hcon) {
3781 hcon->state = BT_CLOSED;
3782 hci_conn_del(hcon);
3783 }
3784
3785 hci_dev_unlock(hdev);
3786}
3787
3547static void hci_le_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb) 3788static void hci_le_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
3548{ 3789{
3549 struct hci_ev_le_conn_complete *ev = (void *) skb->data; 3790 struct hci_ev_le_conn_complete *ev = (void *) skb->data;
@@ -3871,6 +4112,22 @@ void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
3871 hci_remote_oob_data_request_evt(hdev, skb); 4112 hci_remote_oob_data_request_evt(hdev, skb);
3872 break; 4113 break;
3873 4114
4115 case HCI_EV_PHY_LINK_COMPLETE:
4116 hci_phy_link_complete_evt(hdev, skb);
4117 break;
4118
4119 case HCI_EV_LOGICAL_LINK_COMPLETE:
4120 hci_loglink_complete_evt(hdev, skb);
4121 break;
4122
4123 case HCI_EV_DISCONN_LOGICAL_LINK_COMPLETE:
4124 hci_disconn_loglink_complete_evt(hdev, skb);
4125 break;
4126
4127 case HCI_EV_DISCONN_PHY_LINK_COMPLETE:
4128 hci_disconn_phylink_complete_evt(hdev, skb);
4129 break;
4130
3874 case HCI_EV_NUM_COMP_BLOCKS: 4131 case HCI_EV_NUM_COMP_BLOCKS:
3875 hci_num_comp_blocks_evt(hdev, skb); 4132 hci_num_comp_blocks_evt(hdev, skb);
3876 break; 4133 break;
diff --git a/net/bluetooth/l2cap_core.c b/net/bluetooth/l2cap_core.c
index 08efc256c931..a1faaab41839 100644
--- a/net/bluetooth/l2cap_core.c
+++ b/net/bluetooth/l2cap_core.c
@@ -38,6 +38,7 @@
38#include <net/bluetooth/l2cap.h> 38#include <net/bluetooth/l2cap.h>
39#include <net/bluetooth/smp.h> 39#include <net/bluetooth/smp.h>
40#include <net/bluetooth/a2mp.h> 40#include <net/bluetooth/a2mp.h>
41#include <net/bluetooth/amp.h>
41 42
42bool disable_ertm; 43bool disable_ertm;
43 44
@@ -100,6 +101,23 @@ static struct l2cap_chan *l2cap_get_chan_by_scid(struct l2cap_conn *conn,
100 return c; 101 return c;
101} 102}
102 103
104/* Find channel with given DCID.
105 * Returns locked channel.
106 */
107static struct l2cap_chan *l2cap_get_chan_by_dcid(struct l2cap_conn *conn,
108 u16 cid)
109{
110 struct l2cap_chan *c;
111
112 mutex_lock(&conn->chan_lock);
113 c = __l2cap_get_chan_by_dcid(conn, cid);
114 if (c)
115 l2cap_chan_lock(c);
116 mutex_unlock(&conn->chan_lock);
117
118 return c;
119}
120
103static struct l2cap_chan *__l2cap_get_chan_by_ident(struct l2cap_conn *conn, 121static struct l2cap_chan *__l2cap_get_chan_by_ident(struct l2cap_conn *conn,
104 u8 ident) 122 u8 ident)
105{ 123{
@@ -112,6 +130,20 @@ static struct l2cap_chan *__l2cap_get_chan_by_ident(struct l2cap_conn *conn,
112 return NULL; 130 return NULL;
113} 131}
114 132
133static struct l2cap_chan *l2cap_get_chan_by_ident(struct l2cap_conn *conn,
134 u8 ident)
135{
136 struct l2cap_chan *c;
137
138 mutex_lock(&conn->chan_lock);
139 c = __l2cap_get_chan_by_ident(conn, ident);
140 if (c)
141 l2cap_chan_lock(c);
142 mutex_unlock(&conn->chan_lock);
143
144 return c;
145}
146
115static struct l2cap_chan *__l2cap_global_chan_by_addr(__le16 psm, bdaddr_t *src) 147static struct l2cap_chan *__l2cap_global_chan_by_addr(__le16 psm, bdaddr_t *src)
116{ 148{
117 struct l2cap_chan *c; 149 struct l2cap_chan *c;
@@ -546,6 +578,13 @@ void l2cap_chan_del(struct l2cap_chan *chan, int err)
546 mgr->bredr_chan = NULL; 578 mgr->bredr_chan = NULL;
547 } 579 }
548 580
581 if (chan->hs_hchan) {
582 struct hci_chan *hs_hchan = chan->hs_hchan;
583
584 BT_DBG("chan %p disconnect hs_hchan %p", chan, hs_hchan);
585 amp_disconnect_logical_link(hs_hchan);
586 }
587
549 chan->ops->teardown(chan, err); 588 chan->ops->teardown(chan, err);
550 589
551 if (test_bit(CONF_NOT_COMPLETE, &chan->conf_state)) 590 if (test_bit(CONF_NOT_COMPLETE, &chan->conf_state))
@@ -718,6 +757,12 @@ static void l2cap_send_cmd(struct l2cap_conn *conn, u8 ident, u8 code, u16 len,
718 hci_send_acl(conn->hchan, skb, flags); 757 hci_send_acl(conn->hchan, skb, flags);
719} 758}
720 759
760static bool __chan_is_moving(struct l2cap_chan *chan)
761{
762 return chan->move_state != L2CAP_MOVE_STABLE &&
763 chan->move_state != L2CAP_MOVE_WAIT_PREPARE;
764}
765
721static void l2cap_do_send(struct l2cap_chan *chan, struct sk_buff *skb) 766static void l2cap_do_send(struct l2cap_chan *chan, struct sk_buff *skb)
722{ 767{
723 struct hci_conn *hcon = chan->conn->hcon; 768 struct hci_conn *hcon = chan->conn->hcon;
@@ -726,6 +771,15 @@ static void l2cap_do_send(struct l2cap_chan *chan, struct sk_buff *skb)
726 BT_DBG("chan %p, skb %p len %d priority %u", chan, skb, skb->len, 771 BT_DBG("chan %p, skb %p len %d priority %u", chan, skb, skb->len,
727 skb->priority); 772 skb->priority);
728 773
774 if (chan->hs_hcon && !__chan_is_moving(chan)) {
775 if (chan->hs_hchan)
776 hci_send_acl(chan->hs_hchan, skb, ACL_COMPLETE);
777 else
778 kfree_skb(skb);
779
780 return;
781 }
782
729 if (!test_bit(FLAG_FLUSHABLE, &chan->flags) && 783 if (!test_bit(FLAG_FLUSHABLE, &chan->flags) &&
730 lmp_no_flush_capable(hcon->hdev)) 784 lmp_no_flush_capable(hcon->hdev))
731 flags = ACL_START_NO_FLUSH; 785 flags = ACL_START_NO_FLUSH;
@@ -901,6 +955,9 @@ static void l2cap_send_sframe(struct l2cap_chan *chan,
901 if (!control->sframe) 955 if (!control->sframe)
902 return; 956 return;
903 957
958 if (__chan_is_moving(chan))
959 return;
960
904 if (test_and_clear_bit(CONN_SEND_FBIT, &chan->conn_state) && 961 if (test_and_clear_bit(CONN_SEND_FBIT, &chan->conn_state) &&
905 !control->poll) 962 !control->poll)
906 control->final = 1; 963 control->final = 1;
@@ -964,6 +1021,12 @@ static bool __amp_capable(struct l2cap_chan *chan)
964 return false; 1021 return false;
965} 1022}
966 1023
1024static bool l2cap_check_efs(struct l2cap_chan *chan)
1025{
1026 /* Check EFS parameters */
1027 return true;
1028}
1029
967void l2cap_send_conn_req(struct l2cap_chan *chan) 1030void l2cap_send_conn_req(struct l2cap_chan *chan)
968{ 1031{
969 struct l2cap_conn *conn = chan->conn; 1032 struct l2cap_conn *conn = chan->conn;
@@ -979,6 +1042,76 @@ void l2cap_send_conn_req(struct l2cap_chan *chan)
979 l2cap_send_cmd(conn, chan->ident, L2CAP_CONN_REQ, sizeof(req), &req); 1042 l2cap_send_cmd(conn, chan->ident, L2CAP_CONN_REQ, sizeof(req), &req);
980} 1043}
981 1044
1045static void l2cap_send_create_chan_req(struct l2cap_chan *chan, u8 amp_id)
1046{
1047 struct l2cap_create_chan_req req;
1048 req.scid = cpu_to_le16(chan->scid);
1049 req.psm = chan->psm;
1050 req.amp_id = amp_id;
1051
1052 chan->ident = l2cap_get_ident(chan->conn);
1053
1054 l2cap_send_cmd(chan->conn, chan->ident, L2CAP_CREATE_CHAN_REQ,
1055 sizeof(req), &req);
1056}
1057
1058static void l2cap_move_setup(struct l2cap_chan *chan)
1059{
1060 struct sk_buff *skb;
1061
1062 BT_DBG("chan %p", chan);
1063
1064 if (chan->mode != L2CAP_MODE_ERTM)
1065 return;
1066
1067 __clear_retrans_timer(chan);
1068 __clear_monitor_timer(chan);
1069 __clear_ack_timer(chan);
1070
1071 chan->retry_count = 0;
1072 skb_queue_walk(&chan->tx_q, skb) {
1073 if (bt_cb(skb)->control.retries)
1074 bt_cb(skb)->control.retries = 1;
1075 else
1076 break;
1077 }
1078
1079 chan->expected_tx_seq = chan->buffer_seq;
1080
1081 clear_bit(CONN_REJ_ACT, &chan->conn_state);
1082 clear_bit(CONN_SREJ_ACT, &chan->conn_state);
1083 l2cap_seq_list_clear(&chan->retrans_list);
1084 l2cap_seq_list_clear(&chan->srej_list);
1085 skb_queue_purge(&chan->srej_q);
1086
1087 chan->tx_state = L2CAP_TX_STATE_XMIT;
1088 chan->rx_state = L2CAP_RX_STATE_MOVE;
1089
1090 set_bit(CONN_REMOTE_BUSY, &chan->conn_state);
1091}
1092
1093static void l2cap_move_done(struct l2cap_chan *chan)
1094{
1095 u8 move_role = chan->move_role;
1096 BT_DBG("chan %p", chan);
1097
1098 chan->move_state = L2CAP_MOVE_STABLE;
1099 chan->move_role = L2CAP_MOVE_ROLE_NONE;
1100
1101 if (chan->mode != L2CAP_MODE_ERTM)
1102 return;
1103
1104 switch (move_role) {
1105 case L2CAP_MOVE_ROLE_INITIATOR:
1106 l2cap_tx(chan, NULL, NULL, L2CAP_EV_EXPLICIT_POLL);
1107 chan->rx_state = L2CAP_RX_STATE_WAIT_F;
1108 break;
1109 case L2CAP_MOVE_ROLE_RESPONDER:
1110 chan->rx_state = L2CAP_RX_STATE_WAIT_P;
1111 break;
1112 }
1113}
1114
982static void l2cap_chan_ready(struct l2cap_chan *chan) 1115static void l2cap_chan_ready(struct l2cap_chan *chan)
983{ 1116{
984 /* This clears all conf flags, including CONF_NOT_COMPLETE */ 1117 /* This clears all conf flags, including CONF_NOT_COMPLETE */
@@ -1695,6 +1828,9 @@ static void l2cap_streaming_send(struct l2cap_chan *chan,
1695 1828
1696 BT_DBG("chan %p, skbs %p", chan, skbs); 1829 BT_DBG("chan %p, skbs %p", chan, skbs);
1697 1830
1831 if (__chan_is_moving(chan))
1832 return;
1833
1698 skb_queue_splice_tail_init(skbs, &chan->tx_q); 1834 skb_queue_splice_tail_init(skbs, &chan->tx_q);
1699 1835
1700 while (!skb_queue_empty(&chan->tx_q)) { 1836 while (!skb_queue_empty(&chan->tx_q)) {
@@ -1737,6 +1873,9 @@ static int l2cap_ertm_send(struct l2cap_chan *chan)
1737 if (test_bit(CONN_REMOTE_BUSY, &chan->conn_state)) 1873 if (test_bit(CONN_REMOTE_BUSY, &chan->conn_state))
1738 return 0; 1874 return 0;
1739 1875
1876 if (__chan_is_moving(chan))
1877 return 0;
1878
1740 while (chan->tx_send_head && 1879 while (chan->tx_send_head &&
1741 chan->unacked_frames < chan->remote_tx_win && 1880 chan->unacked_frames < chan->remote_tx_win &&
1742 chan->tx_state == L2CAP_TX_STATE_XMIT) { 1881 chan->tx_state == L2CAP_TX_STATE_XMIT) {
@@ -1802,6 +1941,9 @@ static void l2cap_ertm_resend(struct l2cap_chan *chan)
1802 if (test_bit(CONN_REMOTE_BUSY, &chan->conn_state)) 1941 if (test_bit(CONN_REMOTE_BUSY, &chan->conn_state))
1803 return; 1942 return;
1804 1943
1944 if (__chan_is_moving(chan))
1945 return;
1946
1805 while (chan->retrans_list.head != L2CAP_SEQ_LIST_CLEAR) { 1947 while (chan->retrans_list.head != L2CAP_SEQ_LIST_CLEAR) {
1806 seq = l2cap_seq_list_pop(&chan->retrans_list); 1948 seq = l2cap_seq_list_pop(&chan->retrans_list);
1807 1949
@@ -2144,7 +2286,9 @@ static int l2cap_segment_sdu(struct l2cap_chan *chan,
2144 /* PDU size is derived from the HCI MTU */ 2286 /* PDU size is derived from the HCI MTU */
2145 pdu_len = chan->conn->mtu; 2287 pdu_len = chan->conn->mtu;
2146 2288
2147 pdu_len = min_t(size_t, pdu_len, L2CAP_BREDR_MAX_PAYLOAD); 2289 /* Constrain PDU size for BR/EDR connections */
2290 if (!chan->hs_hcon)
2291 pdu_len = min_t(size_t, pdu_len, L2CAP_BREDR_MAX_PAYLOAD);
2148 2292
2149 /* Adjust for largest possible L2CAP overhead. */ 2293 /* Adjust for largest possible L2CAP overhead. */
2150 if (chan->fcs) 2294 if (chan->fcs)
@@ -2788,6 +2932,11 @@ int l2cap_ertm_init(struct l2cap_chan *chan)
2788 2932
2789 skb_queue_head_init(&chan->tx_q); 2933 skb_queue_head_init(&chan->tx_q);
2790 2934
2935 chan->local_amp_id = 0;
2936 chan->move_id = 0;
2937 chan->move_state = L2CAP_MOVE_STABLE;
2938 chan->move_role = L2CAP_MOVE_ROLE_NONE;
2939
2791 if (chan->mode != L2CAP_MODE_ERTM) 2940 if (chan->mode != L2CAP_MODE_ERTM)
2792 return 0; 2941 return 0;
2793 2942
@@ -2834,6 +2983,44 @@ static inline bool __l2cap_efs_supported(struct l2cap_chan *chan)
2834 return enable_hs && chan->conn->feat_mask & L2CAP_FEAT_EXT_FLOW; 2983 return enable_hs && chan->conn->feat_mask & L2CAP_FEAT_EXT_FLOW;
2835} 2984}
2836 2985
2986static void __l2cap_set_ertm_timeouts(struct l2cap_chan *chan,
2987 struct l2cap_conf_rfc *rfc)
2988{
2989 if (chan->local_amp_id && chan->hs_hcon) {
2990 u64 ertm_to = chan->hs_hcon->hdev->amp_be_flush_to;
2991
2992 /* Class 1 devices have must have ERTM timeouts
2993 * exceeding the Link Supervision Timeout. The
2994 * default Link Supervision Timeout for AMP
2995 * controllers is 10 seconds.
2996 *
2997 * Class 1 devices use 0xffffffff for their
2998 * best-effort flush timeout, so the clamping logic
2999 * will result in a timeout that meets the above
3000 * requirement. ERTM timeouts are 16-bit values, so
3001 * the maximum timeout is 65.535 seconds.
3002 */
3003
3004 /* Convert timeout to milliseconds and round */
3005 ertm_to = DIV_ROUND_UP_ULL(ertm_to, 1000);
3006
3007 /* This is the recommended formula for class 2 devices
3008 * that start ERTM timers when packets are sent to the
3009 * controller.
3010 */
3011 ertm_to = 3 * ertm_to + 500;
3012
3013 if (ertm_to > 0xffff)
3014 ertm_to = 0xffff;
3015
3016 rfc->retrans_timeout = cpu_to_le16((u16) ertm_to);
3017 rfc->monitor_timeout = rfc->retrans_timeout;
3018 } else {
3019 rfc->retrans_timeout = __constant_cpu_to_le16(L2CAP_DEFAULT_RETRANS_TO);
3020 rfc->monitor_timeout = __constant_cpu_to_le16(L2CAP_DEFAULT_MONITOR_TO);
3021 }
3022}
3023
2837static inline void l2cap_txwin_setup(struct l2cap_chan *chan) 3024static inline void l2cap_txwin_setup(struct l2cap_chan *chan)
2838{ 3025{
2839 if (chan->tx_win > L2CAP_DEFAULT_TX_WINDOW && 3026 if (chan->tx_win > L2CAP_DEFAULT_TX_WINDOW &&
@@ -2900,8 +3087,8 @@ done:
2900 case L2CAP_MODE_ERTM: 3087 case L2CAP_MODE_ERTM:
2901 rfc.mode = L2CAP_MODE_ERTM; 3088 rfc.mode = L2CAP_MODE_ERTM;
2902 rfc.max_transmit = chan->max_tx; 3089 rfc.max_transmit = chan->max_tx;
2903 rfc.retrans_timeout = 0; 3090
2904 rfc.monitor_timeout = 0; 3091 __l2cap_set_ertm_timeouts(chan, &rfc);
2905 3092
2906 size = min_t(u16, L2CAP_DEFAULT_MAX_PDU_SIZE, chan->conn->mtu - 3093 size = min_t(u16, L2CAP_DEFAULT_MAX_PDU_SIZE, chan->conn->mtu -
2907 L2CAP_EXT_HDR_SIZE - L2CAP_SDULEN_SIZE - 3094 L2CAP_EXT_HDR_SIZE - L2CAP_SDULEN_SIZE -
@@ -3129,10 +3316,7 @@ done:
3129 rfc.max_pdu_size = cpu_to_le16(size); 3316 rfc.max_pdu_size = cpu_to_le16(size);
3130 chan->remote_mps = size; 3317 chan->remote_mps = size;
3131 3318
3132 rfc.retrans_timeout = 3319 __l2cap_set_ertm_timeouts(chan, &rfc);
3133 __constant_cpu_to_le16(L2CAP_DEFAULT_RETRANS_TO);
3134 rfc.monitor_timeout =
3135 __constant_cpu_to_le16(L2CAP_DEFAULT_MONITOR_TO);
3136 3320
3137 set_bit(CONF_MODE_DONE, &chan->conf_state); 3321 set_bit(CONF_MODE_DONE, &chan->conf_state);
3138 3322
@@ -3308,12 +3492,21 @@ void __l2cap_connect_rsp_defer(struct l2cap_chan *chan)
3308 struct l2cap_conn_rsp rsp; 3492 struct l2cap_conn_rsp rsp;
3309 struct l2cap_conn *conn = chan->conn; 3493 struct l2cap_conn *conn = chan->conn;
3310 u8 buf[128]; 3494 u8 buf[128];
3495 u8 rsp_code;
3311 3496
3312 rsp.scid = cpu_to_le16(chan->dcid); 3497 rsp.scid = cpu_to_le16(chan->dcid);
3313 rsp.dcid = cpu_to_le16(chan->scid); 3498 rsp.dcid = cpu_to_le16(chan->scid);
3314 rsp.result = __constant_cpu_to_le16(L2CAP_CR_SUCCESS); 3499 rsp.result = __constant_cpu_to_le16(L2CAP_CR_SUCCESS);
3315 rsp.status = __constant_cpu_to_le16(L2CAP_CS_NO_INFO); 3500 rsp.status = __constant_cpu_to_le16(L2CAP_CS_NO_INFO);
3316 l2cap_send_cmd(conn, chan->ident, L2CAP_CONN_RSP, sizeof(rsp), &rsp); 3501
3502 if (chan->hs_hcon)
3503 rsp_code = L2CAP_CREATE_CHAN_RSP;
3504 else
3505 rsp_code = L2CAP_CONN_RSP;
3506
3507 BT_DBG("chan %p rsp_code %u", chan, rsp_code);
3508
3509 l2cap_send_cmd(conn, chan->ident, rsp_code, sizeof(rsp), &rsp);
3317 3510
3318 if (test_and_set_bit(CONF_REQ_SENT, &chan->conf_state)) 3511 if (test_and_set_bit(CONF_REQ_SENT, &chan->conf_state))
3319 return; 3512 return;
@@ -3395,8 +3588,9 @@ static inline int l2cap_command_rej(struct l2cap_conn *conn,
3395 return 0; 3588 return 0;
3396} 3589}
3397 3590
3398static void l2cap_connect(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, 3591static struct l2cap_chan *l2cap_connect(struct l2cap_conn *conn,
3399 u8 *data, u8 rsp_code, u8 amp_id) 3592 struct l2cap_cmd_hdr *cmd,
3593 u8 *data, u8 rsp_code, u8 amp_id)
3400{ 3594{
3401 struct l2cap_conn_req *req = (struct l2cap_conn_req *) data; 3595 struct l2cap_conn_req *req = (struct l2cap_conn_req *) data;
3402 struct l2cap_conn_rsp rsp; 3596 struct l2cap_conn_rsp rsp;
@@ -3447,6 +3641,7 @@ static void l2cap_connect(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd,
3447 bacpy(&bt_sk(sk)->dst, conn->dst); 3641 bacpy(&bt_sk(sk)->dst, conn->dst);
3448 chan->psm = psm; 3642 chan->psm = psm;
3449 chan->dcid = scid; 3643 chan->dcid = scid;
3644 chan->local_amp_id = amp_id;
3450 3645
3451 __l2cap_chan_add(conn, chan); 3646 __l2cap_chan_add(conn, chan);
3452 3647
@@ -3464,8 +3659,17 @@ static void l2cap_connect(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd,
3464 status = L2CAP_CS_AUTHOR_PEND; 3659 status = L2CAP_CS_AUTHOR_PEND;
3465 chan->ops->defer(chan); 3660 chan->ops->defer(chan);
3466 } else { 3661 } else {
3467 __l2cap_state_change(chan, BT_CONFIG); 3662 /* Force pending result for AMP controllers.
3468 result = L2CAP_CR_SUCCESS; 3663 * The connection will succeed after the
3664 * physical link is up.
3665 */
3666 if (amp_id) {
3667 __l2cap_state_change(chan, BT_CONNECT2);
3668 result = L2CAP_CR_PEND;
3669 } else {
3670 __l2cap_state_change(chan, BT_CONFIG);
3671 result = L2CAP_CR_SUCCESS;
3672 }
3469 status = L2CAP_CS_NO_INFO; 3673 status = L2CAP_CS_NO_INFO;
3470 } 3674 }
3471 } else { 3675 } else {
@@ -3511,6 +3715,8 @@ sendresp:
3511 l2cap_build_conf_req(chan, buf), buf); 3715 l2cap_build_conf_req(chan, buf), buf);
3512 chan->num_conf_req++; 3716 chan->num_conf_req++;
3513 } 3717 }
3718
3719 return chan;
3514} 3720}
3515 3721
3516static int l2cap_connect_req(struct l2cap_conn *conn, 3722static int l2cap_connect_req(struct l2cap_conn *conn,
@@ -3520,7 +3726,7 @@ static int l2cap_connect_req(struct l2cap_conn *conn,
3520 return 0; 3726 return 0;
3521} 3727}
3522 3728
3523static inline int l2cap_connect_rsp(struct l2cap_conn *conn, 3729static int l2cap_connect_create_rsp(struct l2cap_conn *conn,
3524 struct l2cap_cmd_hdr *cmd, u8 *data) 3730 struct l2cap_cmd_hdr *cmd, u8 *data)
3525{ 3731{
3526 struct l2cap_conn_rsp *rsp = (struct l2cap_conn_rsp *) data; 3732 struct l2cap_conn_rsp *rsp = (struct l2cap_conn_rsp *) data;
@@ -3675,6 +3881,7 @@ static inline int l2cap_config_req(struct l2cap_conn *conn,
3675 goto unlock; 3881 goto unlock;
3676 } 3882 }
3677 3883
3884 chan->ident = cmd->ident;
3678 l2cap_send_cmd(conn, cmd->ident, L2CAP_CONF_RSP, len, rsp); 3885 l2cap_send_cmd(conn, cmd->ident, L2CAP_CONF_RSP, len, rsp);
3679 chan->num_conf_rsp++; 3886 chan->num_conf_rsp++;
3680 3887
@@ -3714,7 +3921,7 @@ static inline int l2cap_config_req(struct l2cap_conn *conn,
3714 /* check compatibility */ 3921 /* check compatibility */
3715 3922
3716 /* Send rsp for BR/EDR channel */ 3923 /* Send rsp for BR/EDR channel */
3717 if (!chan->ctrl_id) 3924 if (!chan->hs_hcon)
3718 l2cap_send_efs_conf_rsp(chan, rsp, cmd->ident, flags); 3925 l2cap_send_efs_conf_rsp(chan, rsp, cmd->ident, flags);
3719 else 3926 else
3720 chan->ident = cmd->ident; 3927 chan->ident = cmd->ident;
@@ -3764,13 +3971,15 @@ static inline int l2cap_config_rsp(struct l2cap_conn *conn,
3764 goto done; 3971 goto done;
3765 } 3972 }
3766 3973
3767 /* check compatibility */ 3974 if (!chan->hs_hcon) {
3768
3769 if (!chan->ctrl_id)
3770 l2cap_send_efs_conf_rsp(chan, buf, cmd->ident, 3975 l2cap_send_efs_conf_rsp(chan, buf, cmd->ident,
3771 0); 3976 0);
3772 else 3977 } else {
3773 chan->ident = cmd->ident; 3978 if (l2cap_check_efs(chan)) {
3979 amp_create_logical_link(chan);
3980 chan->ident = cmd->ident;
3981 }
3982 }
3774 } 3983 }
3775 goto done; 3984 goto done;
3776 3985
@@ -4023,12 +4232,14 @@ static inline int l2cap_information_rsp(struct l2cap_conn *conn,
4023 return 0; 4232 return 0;
4024} 4233}
4025 4234
4026static inline int l2cap_create_channel_req(struct l2cap_conn *conn, 4235static int l2cap_create_channel_req(struct l2cap_conn *conn,
4027 struct l2cap_cmd_hdr *cmd, 4236 struct l2cap_cmd_hdr *cmd,
4028 u16 cmd_len, void *data) 4237 u16 cmd_len, void *data)
4029{ 4238{
4030 struct l2cap_create_chan_req *req = data; 4239 struct l2cap_create_chan_req *req = data;
4031 struct l2cap_create_chan_rsp rsp; 4240 struct l2cap_create_chan_rsp rsp;
4241 struct l2cap_chan *chan;
4242 struct hci_dev *hdev;
4032 u16 psm, scid; 4243 u16 psm, scid;
4033 4244
4034 if (cmd_len != sizeof(*req)) 4245 if (cmd_len != sizeof(*req))
@@ -4042,57 +4253,119 @@ static inline int l2cap_create_channel_req(struct l2cap_conn *conn,
4042 4253
4043 BT_DBG("psm 0x%2.2x, scid 0x%4.4x, amp_id %d", psm, scid, req->amp_id); 4254 BT_DBG("psm 0x%2.2x, scid 0x%4.4x, amp_id %d", psm, scid, req->amp_id);
4044 4255
4045 /* Placeholder: Always reject */ 4256 /* For controller id 0 make BR/EDR connection */
4257 if (req->amp_id == HCI_BREDR_ID) {
4258 l2cap_connect(conn, cmd, data, L2CAP_CREATE_CHAN_RSP,
4259 req->amp_id);
4260 return 0;
4261 }
4262
4263 /* Validate AMP controller id */
4264 hdev = hci_dev_get(req->amp_id);
4265 if (!hdev)
4266 goto error;
4267
4268 if (hdev->dev_type != HCI_AMP || !test_bit(HCI_UP, &hdev->flags)) {
4269 hci_dev_put(hdev);
4270 goto error;
4271 }
4272
4273 chan = l2cap_connect(conn, cmd, data, L2CAP_CREATE_CHAN_RSP,
4274 req->amp_id);
4275 if (chan) {
4276 struct amp_mgr *mgr = conn->hcon->amp_mgr;
4277 struct hci_conn *hs_hcon;
4278
4279 hs_hcon = hci_conn_hash_lookup_ba(hdev, AMP_LINK, conn->dst);
4280 if (!hs_hcon) {
4281 hci_dev_put(hdev);
4282 return -EFAULT;
4283 }
4284
4285 BT_DBG("mgr %p bredr_chan %p hs_hcon %p", mgr, chan, hs_hcon);
4286
4287 chan->local_amp_id = req->amp_id;
4288 mgr->bredr_chan = chan;
4289 chan->hs_hcon = hs_hcon;
4290 conn->mtu = hdev->block_mtu;
4291 }
4292
4293 hci_dev_put(hdev);
4294
4295 return 0;
4296
4297error:
4046 rsp.dcid = 0; 4298 rsp.dcid = 0;
4047 rsp.scid = cpu_to_le16(scid); 4299 rsp.scid = cpu_to_le16(scid);
4048 rsp.result = __constant_cpu_to_le16(L2CAP_CR_NO_MEM); 4300 rsp.result = __constant_cpu_to_le16(L2CAP_CR_BAD_AMP);
4049 rsp.status = __constant_cpu_to_le16(L2CAP_CS_NO_INFO); 4301 rsp.status = __constant_cpu_to_le16(L2CAP_CS_NO_INFO);
4050 4302
4051 l2cap_send_cmd(conn, cmd->ident, L2CAP_CREATE_CHAN_RSP, 4303 l2cap_send_cmd(conn, cmd->ident, L2CAP_CREATE_CHAN_RSP,
4052 sizeof(rsp), &rsp); 4304 sizeof(rsp), &rsp);
4053 4305
4054 return 0; 4306 return -EFAULT;
4055} 4307}
4056 4308
4057static inline int l2cap_create_channel_rsp(struct l2cap_conn *conn, 4309static void l2cap_send_move_chan_req(struct l2cap_chan *chan, u8 dest_amp_id)
4058 struct l2cap_cmd_hdr *cmd,
4059 void *data)
4060{ 4310{
4061 BT_DBG("conn %p", conn); 4311 struct l2cap_move_chan_req req;
4312 u8 ident;
4313
4314 BT_DBG("chan %p, dest_amp_id %d", chan, dest_amp_id);
4315
4316 ident = l2cap_get_ident(chan->conn);
4317 chan->ident = ident;
4062 4318
4063 return l2cap_connect_rsp(conn, cmd, data); 4319 req.icid = cpu_to_le16(chan->scid);
4320 req.dest_amp_id = dest_amp_id;
4321
4322 l2cap_send_cmd(chan->conn, ident, L2CAP_MOVE_CHAN_REQ, sizeof(req),
4323 &req);
4324
4325 __set_chan_timer(chan, L2CAP_MOVE_TIMEOUT);
4064} 4326}
4065 4327
4066static void l2cap_send_move_chan_rsp(struct l2cap_conn *conn, u8 ident, 4328static void l2cap_send_move_chan_rsp(struct l2cap_chan *chan, u16 result)
4067 u16 icid, u16 result)
4068{ 4329{
4069 struct l2cap_move_chan_rsp rsp; 4330 struct l2cap_move_chan_rsp rsp;
4070 4331
4071 BT_DBG("icid 0x%4.4x, result 0x%4.4x", icid, result); 4332 BT_DBG("chan %p, result 0x%4.4x", chan, result);
4072 4333
4073 rsp.icid = cpu_to_le16(icid); 4334 rsp.icid = cpu_to_le16(chan->dcid);
4074 rsp.result = cpu_to_le16(result); 4335 rsp.result = cpu_to_le16(result);
4075 4336
4076 l2cap_send_cmd(conn, ident, L2CAP_MOVE_CHAN_RSP, sizeof(rsp), &rsp); 4337 l2cap_send_cmd(chan->conn, chan->ident, L2CAP_MOVE_CHAN_RSP,
4338 sizeof(rsp), &rsp);
4077} 4339}
4078 4340
4079static void l2cap_send_move_chan_cfm(struct l2cap_conn *conn, 4341static void l2cap_send_move_chan_cfm(struct l2cap_chan *chan, u16 result)
4080 struct l2cap_chan *chan,
4081 u16 icid, u16 result)
4082{ 4342{
4083 struct l2cap_move_chan_cfm cfm; 4343 struct l2cap_move_chan_cfm cfm;
4084 u8 ident;
4085 4344
4086 BT_DBG("icid 0x%4.4x, result 0x%4.4x", icid, result); 4345 BT_DBG("chan %p, result 0x%4.4x", chan, result);
4087 4346
4088 ident = l2cap_get_ident(conn); 4347 chan->ident = l2cap_get_ident(chan->conn);
4089 if (chan)
4090 chan->ident = ident;
4091 4348
4092 cfm.icid = cpu_to_le16(icid); 4349 cfm.icid = cpu_to_le16(chan->scid);
4093 cfm.result = cpu_to_le16(result); 4350 cfm.result = cpu_to_le16(result);
4094 4351
4095 l2cap_send_cmd(conn, ident, L2CAP_MOVE_CHAN_CFM, sizeof(cfm), &cfm); 4352 l2cap_send_cmd(chan->conn, chan->ident, L2CAP_MOVE_CHAN_CFM,
4353 sizeof(cfm), &cfm);
4354
4355 __set_chan_timer(chan, L2CAP_MOVE_TIMEOUT);
4356}
4357
4358static void l2cap_send_move_chan_cfm_icid(struct l2cap_conn *conn, u16 icid)
4359{
4360 struct l2cap_move_chan_cfm cfm;
4361
4362 BT_DBG("conn %p, icid 0x%4.4x", conn, icid);
4363
4364 cfm.icid = cpu_to_le16(icid);
4365 cfm.result = __constant_cpu_to_le16(L2CAP_MC_UNCONFIRMED);
4366
4367 l2cap_send_cmd(conn, l2cap_get_ident(conn), L2CAP_MOVE_CHAN_CFM,
4368 sizeof(cfm), &cfm);
4096} 4369}
4097 4370
4098static void l2cap_send_move_chan_cfm_rsp(struct l2cap_conn *conn, u8 ident, 4371static void l2cap_send_move_chan_cfm_rsp(struct l2cap_conn *conn, u8 ident,
@@ -4106,11 +4379,283 @@ static void l2cap_send_move_chan_cfm_rsp(struct l2cap_conn *conn, u8 ident,
4106 l2cap_send_cmd(conn, ident, L2CAP_MOVE_CHAN_CFM_RSP, sizeof(rsp), &rsp); 4379 l2cap_send_cmd(conn, ident, L2CAP_MOVE_CHAN_CFM_RSP, sizeof(rsp), &rsp);
4107} 4380}
4108 4381
4382static void __release_logical_link(struct l2cap_chan *chan)
4383{
4384 chan->hs_hchan = NULL;
4385 chan->hs_hcon = NULL;
4386
4387 /* Placeholder - release the logical link */
4388}
4389
4390static void l2cap_logical_fail(struct l2cap_chan *chan)
4391{
4392 /* Logical link setup failed */
4393 if (chan->state != BT_CONNECTED) {
4394 /* Create channel failure, disconnect */
4395 l2cap_send_disconn_req(chan->conn, chan, ECONNRESET);
4396 return;
4397 }
4398
4399 switch (chan->move_role) {
4400 case L2CAP_MOVE_ROLE_RESPONDER:
4401 l2cap_move_done(chan);
4402 l2cap_send_move_chan_rsp(chan, L2CAP_MR_NOT_SUPP);
4403 break;
4404 case L2CAP_MOVE_ROLE_INITIATOR:
4405 if (chan->move_state == L2CAP_MOVE_WAIT_LOGICAL_COMP ||
4406 chan->move_state == L2CAP_MOVE_WAIT_LOGICAL_CFM) {
4407 /* Remote has only sent pending or
4408 * success responses, clean up
4409 */
4410 l2cap_move_done(chan);
4411 }
4412
4413 /* Other amp move states imply that the move
4414 * has already aborted
4415 */
4416 l2cap_send_move_chan_cfm(chan, L2CAP_MC_UNCONFIRMED);
4417 break;
4418 }
4419}
4420
4421static void l2cap_logical_finish_create(struct l2cap_chan *chan,
4422 struct hci_chan *hchan)
4423{
4424 struct l2cap_conf_rsp rsp;
4425
4426 chan->hs_hchan = hchan;
4427 chan->hs_hcon->l2cap_data = chan->conn;
4428
4429 l2cap_send_efs_conf_rsp(chan, &rsp, chan->ident, 0);
4430
4431 if (test_bit(CONF_INPUT_DONE, &chan->conf_state)) {
4432 int err;
4433
4434 set_default_fcs(chan);
4435
4436 err = l2cap_ertm_init(chan);
4437 if (err < 0)
4438 l2cap_send_disconn_req(chan->conn, chan, -err);
4439 else
4440 l2cap_chan_ready(chan);
4441 }
4442}
4443
4444static void l2cap_logical_finish_move(struct l2cap_chan *chan,
4445 struct hci_chan *hchan)
4446{
4447 chan->hs_hcon = hchan->conn;
4448 chan->hs_hcon->l2cap_data = chan->conn;
4449
4450 BT_DBG("move_state %d", chan->move_state);
4451
4452 switch (chan->move_state) {
4453 case L2CAP_MOVE_WAIT_LOGICAL_COMP:
4454 /* Move confirm will be sent after a success
4455 * response is received
4456 */
4457 chan->move_state = L2CAP_MOVE_WAIT_RSP_SUCCESS;
4458 break;
4459 case L2CAP_MOVE_WAIT_LOGICAL_CFM:
4460 if (test_bit(CONN_LOCAL_BUSY, &chan->conn_state)) {
4461 chan->move_state = L2CAP_MOVE_WAIT_LOCAL_BUSY;
4462 } else if (chan->move_role == L2CAP_MOVE_ROLE_INITIATOR) {
4463 chan->move_state = L2CAP_MOVE_WAIT_CONFIRM_RSP;
4464 l2cap_send_move_chan_cfm(chan, L2CAP_MC_CONFIRMED);
4465 } else if (chan->move_role == L2CAP_MOVE_ROLE_RESPONDER) {
4466 chan->move_state = L2CAP_MOVE_WAIT_CONFIRM;
4467 l2cap_send_move_chan_rsp(chan, L2CAP_MR_SUCCESS);
4468 }
4469 break;
4470 default:
4471 /* Move was not in expected state, free the channel */
4472 __release_logical_link(chan);
4473
4474 chan->move_state = L2CAP_MOVE_STABLE;
4475 }
4476}
4477
4478/* Call with chan locked */
4479void l2cap_logical_cfm(struct l2cap_chan *chan, struct hci_chan *hchan,
4480 u8 status)
4481{
4482 BT_DBG("chan %p, hchan %p, status %d", chan, hchan, status);
4483
4484 if (status) {
4485 l2cap_logical_fail(chan);
4486 __release_logical_link(chan);
4487 return;
4488 }
4489
4490 if (chan->state != BT_CONNECTED) {
4491 /* Ignore logical link if channel is on BR/EDR */
4492 if (chan->local_amp_id)
4493 l2cap_logical_finish_create(chan, hchan);
4494 } else {
4495 l2cap_logical_finish_move(chan, hchan);
4496 }
4497}
4498
4499void l2cap_move_start(struct l2cap_chan *chan)
4500{
4501 BT_DBG("chan %p", chan);
4502
4503 if (chan->local_amp_id == HCI_BREDR_ID) {
4504 if (chan->chan_policy != BT_CHANNEL_POLICY_AMP_PREFERRED)
4505 return;
4506 chan->move_role = L2CAP_MOVE_ROLE_INITIATOR;
4507 chan->move_state = L2CAP_MOVE_WAIT_PREPARE;
4508 /* Placeholder - start physical link setup */
4509 } else {
4510 chan->move_role = L2CAP_MOVE_ROLE_INITIATOR;
4511 chan->move_state = L2CAP_MOVE_WAIT_RSP_SUCCESS;
4512 chan->move_id = 0;
4513 l2cap_move_setup(chan);
4514 l2cap_send_move_chan_req(chan, 0);
4515 }
4516}
4517
4518static void l2cap_do_create(struct l2cap_chan *chan, int result,
4519 u8 local_amp_id, u8 remote_amp_id)
4520{
4521 if (!test_bit(CONF_CONNECT_PEND, &chan->conf_state)) {
4522 struct l2cap_conn_rsp rsp;
4523 char buf[128];
4524 rsp.scid = cpu_to_le16(chan->dcid);
4525 rsp.dcid = cpu_to_le16(chan->scid);
4526
4527 /* Incoming channel on AMP */
4528 if (result == L2CAP_CR_SUCCESS) {
4529 /* Send successful response */
4530 rsp.result = cpu_to_le16(L2CAP_CR_SUCCESS);
4531 rsp.status = cpu_to_le16(L2CAP_CS_NO_INFO);
4532 } else {
4533 /* Send negative response */
4534 rsp.result = cpu_to_le16(L2CAP_CR_NO_MEM);
4535 rsp.status = cpu_to_le16(L2CAP_CS_NO_INFO);
4536 }
4537
4538 l2cap_send_cmd(chan->conn, chan->ident, L2CAP_CREATE_CHAN_RSP,
4539 sizeof(rsp), &rsp);
4540
4541 if (result == L2CAP_CR_SUCCESS) {
4542 __l2cap_state_change(chan, BT_CONFIG);
4543 set_bit(CONF_REQ_SENT, &chan->conf_state);
4544 l2cap_send_cmd(chan->conn, l2cap_get_ident(chan->conn),
4545 L2CAP_CONF_REQ,
4546 l2cap_build_conf_req(chan, buf), buf);
4547 chan->num_conf_req++;
4548 }
4549 } else {
4550 /* Outgoing channel on AMP */
4551 if (result == L2CAP_CR_SUCCESS) {
4552 chan->local_amp_id = local_amp_id;
4553 l2cap_send_create_chan_req(chan, remote_amp_id);
4554 } else {
4555 /* Revert to BR/EDR connect */
4556 l2cap_send_conn_req(chan);
4557 }
4558 }
4559}
4560
4561static void l2cap_do_move_initiate(struct l2cap_chan *chan, u8 local_amp_id,
4562 u8 remote_amp_id)
4563{
4564 l2cap_move_setup(chan);
4565 chan->move_id = local_amp_id;
4566 chan->move_state = L2CAP_MOVE_WAIT_RSP;
4567
4568 l2cap_send_move_chan_req(chan, remote_amp_id);
4569}
4570
4571static void l2cap_do_move_respond(struct l2cap_chan *chan, int result)
4572{
4573 struct hci_chan *hchan = NULL;
4574
4575 /* Placeholder - get hci_chan for logical link */
4576
4577 if (hchan) {
4578 if (hchan->state == BT_CONNECTED) {
4579 /* Logical link is ready to go */
4580 chan->hs_hcon = hchan->conn;
4581 chan->hs_hcon->l2cap_data = chan->conn;
4582 chan->move_state = L2CAP_MOVE_WAIT_CONFIRM;
4583 l2cap_send_move_chan_rsp(chan, L2CAP_MR_SUCCESS);
4584
4585 l2cap_logical_cfm(chan, hchan, L2CAP_MR_SUCCESS);
4586 } else {
4587 /* Wait for logical link to be ready */
4588 chan->move_state = L2CAP_MOVE_WAIT_LOGICAL_CFM;
4589 }
4590 } else {
4591 /* Logical link not available */
4592 l2cap_send_move_chan_rsp(chan, L2CAP_MR_NOT_ALLOWED);
4593 }
4594}
4595
4596static void l2cap_do_move_cancel(struct l2cap_chan *chan, int result)
4597{
4598 if (chan->move_role == L2CAP_MOVE_ROLE_RESPONDER) {
4599 u8 rsp_result;
4600 if (result == -EINVAL)
4601 rsp_result = L2CAP_MR_BAD_ID;
4602 else
4603 rsp_result = L2CAP_MR_NOT_ALLOWED;
4604
4605 l2cap_send_move_chan_rsp(chan, rsp_result);
4606 }
4607
4608 chan->move_role = L2CAP_MOVE_ROLE_NONE;
4609 chan->move_state = L2CAP_MOVE_STABLE;
4610
4611 /* Restart data transmission */
4612 l2cap_ertm_send(chan);
4613}
4614
4615void l2cap_physical_cfm(struct l2cap_chan *chan, int result)
4616{
4617 u8 local_amp_id = chan->local_amp_id;
4618 u8 remote_amp_id = chan->remote_amp_id;
4619
4620 BT_DBG("chan %p, result %d, local_amp_id %d, remote_amp_id %d",
4621 chan, result, local_amp_id, remote_amp_id);
4622
4623 l2cap_chan_lock(chan);
4624
4625 if (chan->state == BT_DISCONN || chan->state == BT_CLOSED) {
4626 l2cap_chan_unlock(chan);
4627 return;
4628 }
4629
4630 if (chan->state != BT_CONNECTED) {
4631 l2cap_do_create(chan, result, local_amp_id, remote_amp_id);
4632 } else if (result != L2CAP_MR_SUCCESS) {
4633 l2cap_do_move_cancel(chan, result);
4634 } else {
4635 switch (chan->move_role) {
4636 case L2CAP_MOVE_ROLE_INITIATOR:
4637 l2cap_do_move_initiate(chan, local_amp_id,
4638 remote_amp_id);
4639 break;
4640 case L2CAP_MOVE_ROLE_RESPONDER:
4641 l2cap_do_move_respond(chan, result);
4642 break;
4643 default:
4644 l2cap_do_move_cancel(chan, result);
4645 break;
4646 }
4647 }
4648
4649 l2cap_chan_unlock(chan);
4650}
4651
4109static inline int l2cap_move_channel_req(struct l2cap_conn *conn, 4652static inline int l2cap_move_channel_req(struct l2cap_conn *conn,
4110 struct l2cap_cmd_hdr *cmd, 4653 struct l2cap_cmd_hdr *cmd,
4111 u16 cmd_len, void *data) 4654 u16 cmd_len, void *data)
4112{ 4655{
4113 struct l2cap_move_chan_req *req = data; 4656 struct l2cap_move_chan_req *req = data;
4657 struct l2cap_move_chan_rsp rsp;
4658 struct l2cap_chan *chan;
4114 u16 icid = 0; 4659 u16 icid = 0;
4115 u16 result = L2CAP_MR_NOT_ALLOWED; 4660 u16 result = L2CAP_MR_NOT_ALLOWED;
4116 4661
@@ -4124,15 +4669,206 @@ static inline int l2cap_move_channel_req(struct l2cap_conn *conn,
4124 if (!enable_hs) 4669 if (!enable_hs)
4125 return -EINVAL; 4670 return -EINVAL;
4126 4671
4127 /* Placeholder: Always refuse */ 4672 chan = l2cap_get_chan_by_dcid(conn, icid);
4128 l2cap_send_move_chan_rsp(conn, cmd->ident, icid, result); 4673 if (!chan) {
4674 rsp.icid = cpu_to_le16(icid);
4675 rsp.result = __constant_cpu_to_le16(L2CAP_MR_NOT_ALLOWED);
4676 l2cap_send_cmd(conn, cmd->ident, L2CAP_MOVE_CHAN_RSP,
4677 sizeof(rsp), &rsp);
4678 return 0;
4679 }
4680
4681 chan->ident = cmd->ident;
4682
4683 if (chan->scid < L2CAP_CID_DYN_START ||
4684 chan->chan_policy == BT_CHANNEL_POLICY_BREDR_ONLY ||
4685 (chan->mode != L2CAP_MODE_ERTM &&
4686 chan->mode != L2CAP_MODE_STREAMING)) {
4687 result = L2CAP_MR_NOT_ALLOWED;
4688 goto send_move_response;
4689 }
4690
4691 if (chan->local_amp_id == req->dest_amp_id) {
4692 result = L2CAP_MR_SAME_ID;
4693 goto send_move_response;
4694 }
4695
4696 if (req->dest_amp_id) {
4697 struct hci_dev *hdev;
4698 hdev = hci_dev_get(req->dest_amp_id);
4699 if (!hdev || hdev->dev_type != HCI_AMP ||
4700 !test_bit(HCI_UP, &hdev->flags)) {
4701 if (hdev)
4702 hci_dev_put(hdev);
4703
4704 result = L2CAP_MR_BAD_ID;
4705 goto send_move_response;
4706 }
4707 hci_dev_put(hdev);
4708 }
4709
4710 /* Detect a move collision. Only send a collision response
4711 * if this side has "lost", otherwise proceed with the move.
4712 * The winner has the larger bd_addr.
4713 */
4714 if ((__chan_is_moving(chan) ||
4715 chan->move_role != L2CAP_MOVE_ROLE_NONE) &&
4716 bacmp(conn->src, conn->dst) > 0) {
4717 result = L2CAP_MR_COLLISION;
4718 goto send_move_response;
4719 }
4720
4721 chan->move_role = L2CAP_MOVE_ROLE_RESPONDER;
4722 l2cap_move_setup(chan);
4723 chan->move_id = req->dest_amp_id;
4724 icid = chan->dcid;
4725
4726 if (!req->dest_amp_id) {
4727 /* Moving to BR/EDR */
4728 if (test_bit(CONN_LOCAL_BUSY, &chan->conn_state)) {
4729 chan->move_state = L2CAP_MOVE_WAIT_LOCAL_BUSY;
4730 result = L2CAP_MR_PEND;
4731 } else {
4732 chan->move_state = L2CAP_MOVE_WAIT_CONFIRM;
4733 result = L2CAP_MR_SUCCESS;
4734 }
4735 } else {
4736 chan->move_state = L2CAP_MOVE_WAIT_PREPARE;
4737 /* Placeholder - uncomment when amp functions are available */
4738 /*amp_accept_physical(chan, req->dest_amp_id);*/
4739 result = L2CAP_MR_PEND;
4740 }
4741
4742send_move_response:
4743 l2cap_send_move_chan_rsp(chan, result);
4744
4745 l2cap_chan_unlock(chan);
4129 4746
4130 return 0; 4747 return 0;
4131} 4748}
4132 4749
4133static inline int l2cap_move_channel_rsp(struct l2cap_conn *conn, 4750static void l2cap_move_continue(struct l2cap_conn *conn, u16 icid, u16 result)
4134 struct l2cap_cmd_hdr *cmd, 4751{
4135 u16 cmd_len, void *data) 4752 struct l2cap_chan *chan;
4753 struct hci_chan *hchan = NULL;
4754
4755 chan = l2cap_get_chan_by_scid(conn, icid);
4756 if (!chan) {
4757 l2cap_send_move_chan_cfm_icid(conn, icid);
4758 return;
4759 }
4760
4761 __clear_chan_timer(chan);
4762 if (result == L2CAP_MR_PEND)
4763 __set_chan_timer(chan, L2CAP_MOVE_ERTX_TIMEOUT);
4764
4765 switch (chan->move_state) {
4766 case L2CAP_MOVE_WAIT_LOGICAL_COMP:
4767 /* Move confirm will be sent when logical link
4768 * is complete.
4769 */
4770 chan->move_state = L2CAP_MOVE_WAIT_LOGICAL_CFM;
4771 break;
4772 case L2CAP_MOVE_WAIT_RSP_SUCCESS:
4773 if (result == L2CAP_MR_PEND) {
4774 break;
4775 } else if (test_bit(CONN_LOCAL_BUSY,
4776 &chan->conn_state)) {
4777 chan->move_state = L2CAP_MOVE_WAIT_LOCAL_BUSY;
4778 } else {
4779 /* Logical link is up or moving to BR/EDR,
4780 * proceed with move
4781 */
4782 chan->move_state = L2CAP_MOVE_WAIT_CONFIRM_RSP;
4783 l2cap_send_move_chan_cfm(chan, L2CAP_MC_CONFIRMED);
4784 }
4785 break;
4786 case L2CAP_MOVE_WAIT_RSP:
4787 /* Moving to AMP */
4788 if (result == L2CAP_MR_SUCCESS) {
4789 /* Remote is ready, send confirm immediately
4790 * after logical link is ready
4791 */
4792 chan->move_state = L2CAP_MOVE_WAIT_LOGICAL_CFM;
4793 } else {
4794 /* Both logical link and move success
4795 * are required to confirm
4796 */
4797 chan->move_state = L2CAP_MOVE_WAIT_LOGICAL_COMP;
4798 }
4799
4800 /* Placeholder - get hci_chan for logical link */
4801 if (!hchan) {
4802 /* Logical link not available */
4803 l2cap_send_move_chan_cfm(chan, L2CAP_MC_UNCONFIRMED);
4804 break;
4805 }
4806
4807 /* If the logical link is not yet connected, do not
4808 * send confirmation.
4809 */
4810 if (hchan->state != BT_CONNECTED)
4811 break;
4812
4813 /* Logical link is already ready to go */
4814
4815 chan->hs_hcon = hchan->conn;
4816 chan->hs_hcon->l2cap_data = chan->conn;
4817
4818 if (result == L2CAP_MR_SUCCESS) {
4819 /* Can confirm now */
4820 l2cap_send_move_chan_cfm(chan, L2CAP_MC_CONFIRMED);
4821 } else {
4822 /* Now only need move success
4823 * to confirm
4824 */
4825 chan->move_state = L2CAP_MOVE_WAIT_RSP_SUCCESS;
4826 }
4827
4828 l2cap_logical_cfm(chan, hchan, L2CAP_MR_SUCCESS);
4829 break;
4830 default:
4831 /* Any other amp move state means the move failed. */
4832 chan->move_id = chan->local_amp_id;
4833 l2cap_move_done(chan);
4834 l2cap_send_move_chan_cfm(chan, L2CAP_MC_UNCONFIRMED);
4835 }
4836
4837 l2cap_chan_unlock(chan);
4838}
4839
4840static void l2cap_move_fail(struct l2cap_conn *conn, u8 ident, u16 icid,
4841 u16 result)
4842{
4843 struct l2cap_chan *chan;
4844
4845 chan = l2cap_get_chan_by_ident(conn, ident);
4846 if (!chan) {
4847 /* Could not locate channel, icid is best guess */
4848 l2cap_send_move_chan_cfm_icid(conn, icid);
4849 return;
4850 }
4851
4852 __clear_chan_timer(chan);
4853
4854 if (chan->move_role == L2CAP_MOVE_ROLE_INITIATOR) {
4855 if (result == L2CAP_MR_COLLISION) {
4856 chan->move_role = L2CAP_MOVE_ROLE_RESPONDER;
4857 } else {
4858 /* Cleanup - cancel move */
4859 chan->move_id = chan->local_amp_id;
4860 l2cap_move_done(chan);
4861 }
4862 }
4863
4864 l2cap_send_move_chan_cfm(chan, L2CAP_MC_UNCONFIRMED);
4865
4866 l2cap_chan_unlock(chan);
4867}
4868
4869static int l2cap_move_channel_rsp(struct l2cap_conn *conn,
4870 struct l2cap_cmd_hdr *cmd,
4871 u16 cmd_len, void *data)
4136{ 4872{
4137 struct l2cap_move_chan_rsp *rsp = data; 4873 struct l2cap_move_chan_rsp *rsp = data;
4138 u16 icid, result; 4874 u16 icid, result;
@@ -4145,17 +4881,20 @@ static inline int l2cap_move_channel_rsp(struct l2cap_conn *conn,
4145 4881
4146 BT_DBG("icid 0x%4.4x, result 0x%4.4x", icid, result); 4882 BT_DBG("icid 0x%4.4x, result 0x%4.4x", icid, result);
4147 4883
4148 /* Placeholder: Always unconfirmed */ 4884 if (result == L2CAP_MR_SUCCESS || result == L2CAP_MR_PEND)
4149 l2cap_send_move_chan_cfm(conn, NULL, icid, L2CAP_MC_UNCONFIRMED); 4885 l2cap_move_continue(conn, icid, result);
4886 else
4887 l2cap_move_fail(conn, cmd->ident, icid, result);
4150 4888
4151 return 0; 4889 return 0;
4152} 4890}
4153 4891
4154static inline int l2cap_move_channel_confirm(struct l2cap_conn *conn, 4892static int l2cap_move_channel_confirm(struct l2cap_conn *conn,
4155 struct l2cap_cmd_hdr *cmd, 4893 struct l2cap_cmd_hdr *cmd,
4156 u16 cmd_len, void *data) 4894 u16 cmd_len, void *data)
4157{ 4895{
4158 struct l2cap_move_chan_cfm *cfm = data; 4896 struct l2cap_move_chan_cfm *cfm = data;
4897 struct l2cap_chan *chan;
4159 u16 icid, result; 4898 u16 icid, result;
4160 4899
4161 if (cmd_len != sizeof(*cfm)) 4900 if (cmd_len != sizeof(*cfm))
@@ -4166,8 +4905,29 @@ static inline int l2cap_move_channel_confirm(struct l2cap_conn *conn,
4166 4905
4167 BT_DBG("icid 0x%4.4x, result 0x%4.4x", icid, result); 4906 BT_DBG("icid 0x%4.4x, result 0x%4.4x", icid, result);
4168 4907
4908 chan = l2cap_get_chan_by_dcid(conn, icid);
4909 if (!chan) {
4910 /* Spec requires a response even if the icid was not found */
4911 l2cap_send_move_chan_cfm_rsp(conn, cmd->ident, icid);
4912 return 0;
4913 }
4914
4915 if (chan->move_state == L2CAP_MOVE_WAIT_CONFIRM) {
4916 if (result == L2CAP_MC_CONFIRMED) {
4917 chan->local_amp_id = chan->move_id;
4918 if (!chan->local_amp_id)
4919 __release_logical_link(chan);
4920 } else {
4921 chan->move_id = chan->local_amp_id;
4922 }
4923
4924 l2cap_move_done(chan);
4925 }
4926
4169 l2cap_send_move_chan_cfm_rsp(conn, cmd->ident, icid); 4927 l2cap_send_move_chan_cfm_rsp(conn, cmd->ident, icid);
4170 4928
4929 l2cap_chan_unlock(chan);
4930
4171 return 0; 4931 return 0;
4172} 4932}
4173 4933
@@ -4176,6 +4936,7 @@ static inline int l2cap_move_channel_confirm_rsp(struct l2cap_conn *conn,
4176 u16 cmd_len, void *data) 4936 u16 cmd_len, void *data)
4177{ 4937{
4178 struct l2cap_move_chan_cfm_rsp *rsp = data; 4938 struct l2cap_move_chan_cfm_rsp *rsp = data;
4939 struct l2cap_chan *chan;
4179 u16 icid; 4940 u16 icid;
4180 4941
4181 if (cmd_len != sizeof(*rsp)) 4942 if (cmd_len != sizeof(*rsp))
@@ -4185,6 +4946,23 @@ static inline int l2cap_move_channel_confirm_rsp(struct l2cap_conn *conn,
4185 4946
4186 BT_DBG("icid 0x%4.4x", icid); 4947 BT_DBG("icid 0x%4.4x", icid);
4187 4948
4949 chan = l2cap_get_chan_by_scid(conn, icid);
4950 if (!chan)
4951 return 0;
4952
4953 __clear_chan_timer(chan);
4954
4955 if (chan->move_state == L2CAP_MOVE_WAIT_CONFIRM_RSP) {
4956 chan->local_amp_id = chan->move_id;
4957
4958 if (!chan->local_amp_id && chan->hs_hchan)
4959 __release_logical_link(chan);
4960
4961 l2cap_move_done(chan);
4962 }
4963
4964 l2cap_chan_unlock(chan);
4965
4188 return 0; 4966 return 0;
4189} 4967}
4190 4968
@@ -4269,7 +5047,7 @@ static inline int l2cap_bredr_sig_cmd(struct l2cap_conn *conn,
4269 5047
4270 case L2CAP_CONN_RSP: 5048 case L2CAP_CONN_RSP:
4271 case L2CAP_CREATE_CHAN_RSP: 5049 case L2CAP_CREATE_CHAN_RSP:
4272 err = l2cap_connect_rsp(conn, cmd, data); 5050 err = l2cap_connect_create_rsp(conn, cmd, data);
4273 break; 5051 break;
4274 5052
4275 case L2CAP_CONF_REQ: 5053 case L2CAP_CONF_REQ:
@@ -4556,6 +5334,12 @@ static int l2cap_reassemble_sdu(struct l2cap_chan *chan, struct sk_buff *skb,
4556 return err; 5334 return err;
4557} 5335}
4558 5336
5337static int l2cap_resegment(struct l2cap_chan *chan)
5338{
5339 /* Placeholder */
5340 return 0;
5341}
5342
4559void l2cap_chan_busy(struct l2cap_chan *chan, int busy) 5343void l2cap_chan_busy(struct l2cap_chan *chan, int busy)
4560{ 5344{
4561 u8 event; 5345 u8 event;
@@ -4871,8 +5655,8 @@ static int l2cap_rx_state_recv(struct l2cap_chan *chan,
4871 if (control->final) { 5655 if (control->final) {
4872 clear_bit(CONN_REMOTE_BUSY, &chan->conn_state); 5656 clear_bit(CONN_REMOTE_BUSY, &chan->conn_state);
4873 5657
4874 if (!test_and_clear_bit(CONN_REJ_ACT, 5658 if (!test_and_clear_bit(CONN_REJ_ACT, &chan->conn_state) &&
4875 &chan->conn_state)) { 5659 !__chan_is_moving(chan)) {
4876 control->final = 0; 5660 control->final = 0;
4877 l2cap_retransmit_all(chan, control); 5661 l2cap_retransmit_all(chan, control);
4878 } 5662 }
@@ -5061,6 +5845,96 @@ static int l2cap_rx_state_srej_sent(struct l2cap_chan *chan,
5061 return err; 5845 return err;
5062} 5846}
5063 5847
5848static int l2cap_finish_move(struct l2cap_chan *chan)
5849{
5850 BT_DBG("chan %p", chan);
5851
5852 chan->rx_state = L2CAP_RX_STATE_RECV;
5853
5854 if (chan->hs_hcon)
5855 chan->conn->mtu = chan->hs_hcon->hdev->block_mtu;
5856 else
5857 chan->conn->mtu = chan->conn->hcon->hdev->acl_mtu;
5858
5859 return l2cap_resegment(chan);
5860}
5861
5862static int l2cap_rx_state_wait_p(struct l2cap_chan *chan,
5863 struct l2cap_ctrl *control,
5864 struct sk_buff *skb, u8 event)
5865{
5866 int err;
5867
5868 BT_DBG("chan %p, control %p, skb %p, event %d", chan, control, skb,
5869 event);
5870
5871 if (!control->poll)
5872 return -EPROTO;
5873
5874 l2cap_process_reqseq(chan, control->reqseq);
5875
5876 if (!skb_queue_empty(&chan->tx_q))
5877 chan->tx_send_head = skb_peek(&chan->tx_q);
5878 else
5879 chan->tx_send_head = NULL;
5880
5881 /* Rewind next_tx_seq to the point expected
5882 * by the receiver.
5883 */
5884 chan->next_tx_seq = control->reqseq;
5885 chan->unacked_frames = 0;
5886
5887 err = l2cap_finish_move(chan);
5888 if (err)
5889 return err;
5890
5891 set_bit(CONN_SEND_FBIT, &chan->conn_state);
5892 l2cap_send_i_or_rr_or_rnr(chan);
5893
5894 if (event == L2CAP_EV_RECV_IFRAME)
5895 return -EPROTO;
5896
5897 return l2cap_rx_state_recv(chan, control, NULL, event);
5898}
5899
5900static int l2cap_rx_state_wait_f(struct l2cap_chan *chan,
5901 struct l2cap_ctrl *control,
5902 struct sk_buff *skb, u8 event)
5903{
5904 int err;
5905
5906 if (!control->final)
5907 return -EPROTO;
5908
5909 clear_bit(CONN_REMOTE_BUSY, &chan->conn_state);
5910
5911 chan->rx_state = L2CAP_RX_STATE_RECV;
5912 l2cap_process_reqseq(chan, control->reqseq);
5913
5914 if (!skb_queue_empty(&chan->tx_q))
5915 chan->tx_send_head = skb_peek(&chan->tx_q);
5916 else
5917 chan->tx_send_head = NULL;
5918
5919 /* Rewind next_tx_seq to the point expected
5920 * by the receiver.
5921 */
5922 chan->next_tx_seq = control->reqseq;
5923 chan->unacked_frames = 0;
5924
5925 if (chan->hs_hcon)
5926 chan->conn->mtu = chan->hs_hcon->hdev->block_mtu;
5927 else
5928 chan->conn->mtu = chan->conn->hcon->hdev->acl_mtu;
5929
5930 err = l2cap_resegment(chan);
5931
5932 if (!err)
5933 err = l2cap_rx_state_recv(chan, control, skb, event);
5934
5935 return err;
5936}
5937
5064static bool __valid_reqseq(struct l2cap_chan *chan, u16 reqseq) 5938static bool __valid_reqseq(struct l2cap_chan *chan, u16 reqseq)
5065{ 5939{
5066 /* Make sure reqseq is for a packet that has been sent but not acked */ 5940 /* Make sure reqseq is for a packet that has been sent but not acked */
@@ -5087,6 +5961,12 @@ static int l2cap_rx(struct l2cap_chan *chan, struct l2cap_ctrl *control,
5087 err = l2cap_rx_state_srej_sent(chan, control, skb, 5961 err = l2cap_rx_state_srej_sent(chan, control, skb,
5088 event); 5962 event);
5089 break; 5963 break;
5964 case L2CAP_RX_STATE_WAIT_P:
5965 err = l2cap_rx_state_wait_p(chan, control, skb, event);
5966 break;
5967 case L2CAP_RX_STATE_WAIT_F:
5968 err = l2cap_rx_state_wait_f(chan, control, skb, event);
5969 break;
5090 default: 5970 default:
5091 /* shut it down */ 5971 /* shut it down */
5092 break; 5972 break;
@@ -5422,9 +6302,9 @@ void l2cap_connect_cfm(struct hci_conn *hcon, u8 status)
5422 conn = l2cap_conn_add(hcon, status); 6302 conn = l2cap_conn_add(hcon, status);
5423 if (conn) 6303 if (conn)
5424 l2cap_conn_ready(conn); 6304 l2cap_conn_ready(conn);
5425 } else 6305 } else {
5426 l2cap_conn_del(hcon, bt_to_errno(status)); 6306 l2cap_conn_del(hcon, bt_to_errno(status));
5427 6307 }
5428} 6308}
5429 6309
5430int l2cap_disconn_ind(struct hci_conn *hcon) 6310int l2cap_disconn_ind(struct hci_conn *hcon)
diff --git a/net/bluetooth/l2cap_sock.c b/net/bluetooth/l2cap_sock.c
index 89f1472939ec..1bcfb8422fdc 100644
--- a/net/bluetooth/l2cap_sock.c
+++ b/net/bluetooth/l2cap_sock.c
@@ -736,6 +736,11 @@ static int l2cap_sock_setsockopt(struct socket *sock, int level, int optname,
736 } 736 }
737 737
738 chan->chan_policy = (u8) opt; 738 chan->chan_policy = (u8) opt;
739
740 if (sk->sk_state == BT_CONNECTED &&
741 chan->move_role == L2CAP_MOVE_ROLE_NONE)
742 l2cap_move_start(chan);
743
739 break; 744 break;
740 745
741 default: 746 default:
diff --git a/net/bluetooth/mgmt.c b/net/bluetooth/mgmt.c
index 399e5024b5bd..a1a62baaaafb 100644
--- a/net/bluetooth/mgmt.c
+++ b/net/bluetooth/mgmt.c
@@ -222,7 +222,7 @@ static int cmd_status(struct sock *sk, u16 index, u16 cmd, u8 status)
222 222
223 hdr = (void *) skb_put(skb, sizeof(*hdr)); 223 hdr = (void *) skb_put(skb, sizeof(*hdr));
224 224
225 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_STATUS); 225 hdr->opcode = __constant_cpu_to_le16(MGMT_EV_CMD_STATUS);
226 hdr->index = cpu_to_le16(index); 226 hdr->index = cpu_to_le16(index);
227 hdr->len = cpu_to_le16(sizeof(*ev)); 227 hdr->len = cpu_to_le16(sizeof(*ev));
228 228
@@ -253,7 +253,7 @@ static int cmd_complete(struct sock *sk, u16 index, u16 cmd, u8 status,
253 253
254 hdr = (void *) skb_put(skb, sizeof(*hdr)); 254 hdr = (void *) skb_put(skb, sizeof(*hdr));
255 255
256 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_COMPLETE); 256 hdr->opcode = __constant_cpu_to_le16(MGMT_EV_CMD_COMPLETE);
257 hdr->index = cpu_to_le16(index); 257 hdr->index = cpu_to_le16(index);
258 hdr->len = cpu_to_le16(sizeof(*ev) + rp_len); 258 hdr->len = cpu_to_le16(sizeof(*ev) + rp_len);
259 259
@@ -376,15 +376,15 @@ static u32 get_supported_settings(struct hci_dev *hdev)
376 u32 settings = 0; 376 u32 settings = 0;
377 377
378 settings |= MGMT_SETTING_POWERED; 378 settings |= MGMT_SETTING_POWERED;
379 settings |= MGMT_SETTING_CONNECTABLE;
380 settings |= MGMT_SETTING_FAST_CONNECTABLE;
381 settings |= MGMT_SETTING_DISCOVERABLE;
382 settings |= MGMT_SETTING_PAIRABLE; 379 settings |= MGMT_SETTING_PAIRABLE;
383 380
384 if (lmp_ssp_capable(hdev)) 381 if (lmp_ssp_capable(hdev))
385 settings |= MGMT_SETTING_SSP; 382 settings |= MGMT_SETTING_SSP;
386 383
387 if (lmp_bredr_capable(hdev)) { 384 if (lmp_bredr_capable(hdev)) {
385 settings |= MGMT_SETTING_CONNECTABLE;
386 settings |= MGMT_SETTING_FAST_CONNECTABLE;
387 settings |= MGMT_SETTING_DISCOVERABLE;
388 settings |= MGMT_SETTING_BREDR; 388 settings |= MGMT_SETTING_BREDR;
389 settings |= MGMT_SETTING_LINK_SECURITY; 389 settings |= MGMT_SETTING_LINK_SECURITY;
390 } 390 }
@@ -565,7 +565,7 @@ static int update_eir(struct hci_dev *hdev)
565 if (!hdev_is_powered(hdev)) 565 if (!hdev_is_powered(hdev))
566 return 0; 566 return 0;
567 567
568 if (!(hdev->features[6] & LMP_EXT_INQ)) 568 if (!lmp_ext_inq_capable(hdev))
569 return 0; 569 return 0;
570 570
571 if (!test_bit(HCI_SSP_ENABLED, &hdev->dev_flags)) 571 if (!test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
@@ -832,7 +832,7 @@ static int mgmt_event(u16 event, struct hci_dev *hdev, void *data, u16 data_len,
832 if (hdev) 832 if (hdev)
833 hdr->index = cpu_to_le16(hdev->id); 833 hdr->index = cpu_to_le16(hdev->id);
834 else 834 else
835 hdr->index = cpu_to_le16(MGMT_INDEX_NONE); 835 hdr->index = __constant_cpu_to_le16(MGMT_INDEX_NONE);
836 hdr->len = cpu_to_le16(data_len); 836 hdr->len = cpu_to_le16(data_len);
837 837
838 if (data) 838 if (data)
@@ -867,6 +867,10 @@ static int set_discoverable(struct sock *sk, struct hci_dev *hdev, void *data,
867 867
868 BT_DBG("request for %s", hdev->name); 868 BT_DBG("request for %s", hdev->name);
869 869
870 if (!lmp_bredr_capable(hdev))
871 return cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
872 MGMT_STATUS_NOT_SUPPORTED);
873
870 timeout = __le16_to_cpu(cp->timeout); 874 timeout = __le16_to_cpu(cp->timeout);
871 if (!cp->val && timeout > 0) 875 if (!cp->val && timeout > 0)
872 return cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE, 876 return cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
@@ -962,6 +966,10 @@ static int set_connectable(struct sock *sk, struct hci_dev *hdev, void *data,
962 966
963 BT_DBG("request for %s", hdev->name); 967 BT_DBG("request for %s", hdev->name);
964 968
969 if (!lmp_bredr_capable(hdev))
970 return cmd_status(sk, hdev->id, MGMT_OP_SET_CONNECTABLE,
971 MGMT_STATUS_NOT_SUPPORTED);
972
965 hci_dev_lock(hdev); 973 hci_dev_lock(hdev);
966 974
967 if (!hdev_is_powered(hdev)) { 975 if (!hdev_is_powered(hdev)) {
@@ -1060,6 +1068,10 @@ static int set_link_security(struct sock *sk, struct hci_dev *hdev, void *data,
1060 1068
1061 BT_DBG("request for %s", hdev->name); 1069 BT_DBG("request for %s", hdev->name);
1062 1070
1071 if (!lmp_bredr_capable(hdev))
1072 return cmd_status(sk, hdev->id, MGMT_OP_SET_LINK_SECURITY,
1073 MGMT_STATUS_NOT_SUPPORTED);
1074
1063 hci_dev_lock(hdev); 1075 hci_dev_lock(hdev);
1064 1076
1065 if (!hdev_is_powered(hdev)) { 1077 if (!hdev_is_powered(hdev)) {
@@ -1213,7 +1225,7 @@ static int set_le(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
1213 } 1225 }
1214 1226
1215 val = !!cp->val; 1227 val = !!cp->val;
1216 enabled = !!(hdev->host_features[0] & LMP_HOST_LE); 1228 enabled = !!lmp_host_le_capable(hdev);
1217 1229
1218 if (!hdev_is_powered(hdev) || val == enabled) { 1230 if (!hdev_is_powered(hdev) || val == enabled) {
1219 bool changed = false; 1231 bool changed = false;
@@ -1249,7 +1261,7 @@ static int set_le(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
1249 1261
1250 if (val) { 1262 if (val) {
1251 hci_cp.le = val; 1263 hci_cp.le = val;
1252 hci_cp.simul = !!(hdev->features[6] & LMP_SIMUL_LE_BR); 1264 hci_cp.simul = !!lmp_le_br_capable(hdev);
1253 } 1265 }
1254 1266
1255 err = hci_send_cmd(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, sizeof(hci_cp), 1267 err = hci_send_cmd(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, sizeof(hci_cp),
@@ -2594,6 +2606,10 @@ static int set_fast_connectable(struct sock *sk, struct hci_dev *hdev,
2594 2606
2595 BT_DBG("%s", hdev->name); 2607 BT_DBG("%s", hdev->name);
2596 2608
2609 if (!lmp_bredr_capable(hdev))
2610 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
2611 MGMT_STATUS_NOT_SUPPORTED);
2612
2597 if (!hdev_is_powered(hdev)) 2613 if (!hdev_is_powered(hdev))
2598 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE, 2614 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
2599 MGMT_STATUS_NOT_POWERED); 2615 MGMT_STATUS_NOT_POWERED);
@@ -2871,6 +2887,21 @@ static void settings_rsp(struct pending_cmd *cmd, void *data)
2871 mgmt_pending_free(cmd); 2887 mgmt_pending_free(cmd);
2872} 2888}
2873 2889
2890static int set_bredr_scan(struct hci_dev *hdev)
2891{
2892 u8 scan = 0;
2893
2894 if (test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
2895 scan |= SCAN_PAGE;
2896 if (test_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
2897 scan |= SCAN_INQUIRY;
2898
2899 if (!scan)
2900 return 0;
2901
2902 return hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
2903}
2904
2874int mgmt_powered(struct hci_dev *hdev, u8 powered) 2905int mgmt_powered(struct hci_dev *hdev, u8 powered)
2875{ 2906{
2876 struct cmd_lookup match = { NULL, hdev }; 2907 struct cmd_lookup match = { NULL, hdev };
@@ -2882,17 +2913,8 @@ int mgmt_powered(struct hci_dev *hdev, u8 powered)
2882 mgmt_pending_foreach(MGMT_OP_SET_POWERED, hdev, settings_rsp, &match); 2913 mgmt_pending_foreach(MGMT_OP_SET_POWERED, hdev, settings_rsp, &match);
2883 2914
2884 if (powered) { 2915 if (powered) {
2885 u8 scan = 0; 2916 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags) &&
2886 2917 !lmp_host_ssp_capable(hdev)) {
2887 if (test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
2888 scan |= SCAN_PAGE;
2889 if (test_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
2890 scan |= SCAN_INQUIRY;
2891
2892 if (scan)
2893 hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
2894
2895 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags)) {
2896 u8 ssp = 1; 2918 u8 ssp = 1;
2897 2919
2898 hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE, 1, &ssp); 2920 hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE, 1, &ssp);
@@ -2902,15 +2924,24 @@ int mgmt_powered(struct hci_dev *hdev, u8 powered)
2902 struct hci_cp_write_le_host_supported cp; 2924 struct hci_cp_write_le_host_supported cp;
2903 2925
2904 cp.le = 1; 2926 cp.le = 1;
2905 cp.simul = !!(hdev->features[6] & LMP_SIMUL_LE_BR); 2927 cp.simul = !!lmp_le_br_capable(hdev);
2906 2928
2907 hci_send_cmd(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, 2929 /* Check first if we already have the right
2908 sizeof(cp), &cp); 2930 * host state (host features set)
2931 */
2932 if (cp.le != !!lmp_host_le_capable(hdev) ||
2933 cp.simul != !!lmp_host_le_br_capable(hdev))
2934 hci_send_cmd(hdev,
2935 HCI_OP_WRITE_LE_HOST_SUPPORTED,
2936 sizeof(cp), &cp);
2909 } 2937 }
2910 2938
2911 update_class(hdev); 2939 if (lmp_bredr_capable(hdev)) {
2912 update_name(hdev, hdev->dev_name); 2940 set_bredr_scan(hdev);
2913 update_eir(hdev); 2941 update_class(hdev);
2942 update_name(hdev, hdev->dev_name);
2943 update_eir(hdev);
2944 }
2914 } else { 2945 } else {
2915 u8 status = MGMT_STATUS_NOT_POWERED; 2946 u8 status = MGMT_STATUS_NOT_POWERED;
2916 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status); 2947 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status);
@@ -3359,7 +3390,7 @@ static int clear_eir(struct hci_dev *hdev)
3359{ 3390{
3360 struct hci_cp_write_eir cp; 3391 struct hci_cp_write_eir cp;
3361 3392
3362 if (!(hdev->features[6] & LMP_EXT_INQ)) 3393 if (!lmp_ext_inq_capable(hdev))
3363 return 0; 3394 return 0;
3364 3395
3365 memset(hdev->eir, 0, sizeof(hdev->eir)); 3396 memset(hdev->eir, 0, sizeof(hdev->eir));
@@ -3491,7 +3522,12 @@ send_event:
3491 err = mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, hdev, &ev, 3522 err = mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, hdev, &ev,
3492 sizeof(ev), cmd ? cmd->sk : NULL); 3523 sizeof(ev), cmd ? cmd->sk : NULL);
3493 3524
3494 update_eir(hdev); 3525 /* EIR is taken care of separately when powering on the
3526 * adapter so only update them here if this is a name change
3527 * unrelated to power on.
3528 */
3529 if (!test_bit(HCI_INIT, &hdev->flags))
3530 update_eir(hdev);
3495 3531
3496failed: 3532failed:
3497 if (cmd) 3533 if (cmd)
@@ -3586,9 +3622,9 @@ int mgmt_device_found(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
3586 ev->addr.type = link_to_bdaddr(link_type, addr_type); 3622 ev->addr.type = link_to_bdaddr(link_type, addr_type);
3587 ev->rssi = rssi; 3623 ev->rssi = rssi;
3588 if (cfm_name) 3624 if (cfm_name)
3589 ev->flags |= cpu_to_le32(MGMT_DEV_FOUND_CONFIRM_NAME); 3625 ev->flags |= __constant_cpu_to_le32(MGMT_DEV_FOUND_CONFIRM_NAME);
3590 if (!ssp) 3626 if (!ssp)
3591 ev->flags |= cpu_to_le32(MGMT_DEV_FOUND_LEGACY_PAIRING); 3627 ev->flags |= __constant_cpu_to_le32(MGMT_DEV_FOUND_LEGACY_PAIRING);
3592 3628
3593 if (eir_len > 0) 3629 if (eir_len > 0)
3594 memcpy(ev->eir, eir, eir_len); 3630 memcpy(ev->eir, eir, eir_len);
generated by cgit v1.2.2 (git 2.25.0) at 2025-03-27 05:56:02 -0400