diff options
author | John W. Linville <linville@tuxdriver.com> | 2011-05-05 13:32:35 -0400 |
---|---|---|
committer | John W. Linville <linville@tuxdriver.com> | 2011-05-05 13:32:35 -0400 |
commit | a70171dce9cd44cb06c7d299eba9fa87a8933045 (patch) | |
tree | 5425df5f33fadc617c7dec99578d06f0d933578e /net | |
parent | 5a412ad7f4c95bb5b756aa12b52646e857e7c75d (diff) | |
parent | eaef6a93bd52a2cc47b9fce201310010707afdb4 (diff) |
Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next-2.6 into for-davem
Conflicts:
drivers/net/wireless/libertas/if_cs.c
drivers/net/wireless/rtlwifi/pci.c
net/bluetooth/l2cap_sock.c
Diffstat (limited to 'net')
30 files changed, 1008 insertions, 599 deletions
diff --git a/net/bluetooth/cmtp/core.c b/net/bluetooth/cmtp/core.c index cce99b0919f..c5b11af908b 100644 --- a/net/bluetooth/cmtp/core.c +++ b/net/bluetooth/cmtp/core.c | |||
@@ -346,7 +346,8 @@ int cmtp_add_connection(struct cmtp_connadd_req *req, struct socket *sock) | |||
346 | 346 | ||
347 | bacpy(&session->bdaddr, &bt_sk(sock->sk)->dst); | 347 | bacpy(&session->bdaddr, &bt_sk(sock->sk)->dst); |
348 | 348 | ||
349 | session->mtu = min_t(uint, l2cap_pi(sock->sk)->omtu, l2cap_pi(sock->sk)->imtu); | 349 | session->mtu = min_t(uint, l2cap_pi(sock->sk)->chan->omtu, |
350 | l2cap_pi(sock->sk)->chan->imtu); | ||
350 | 351 | ||
351 | BT_DBG("mtu %d", session->mtu); | 352 | BT_DBG("mtu %d", session->mtu); |
352 | 353 | ||
diff --git a/net/bluetooth/hci_conn.c b/net/bluetooth/hci_conn.c index 7a6f56b2f49..7f5ad8a2b22 100644 --- a/net/bluetooth/hci_conn.c +++ b/net/bluetooth/hci_conn.c | |||
@@ -269,6 +269,19 @@ static void hci_conn_idle(unsigned long arg) | |||
269 | hci_conn_enter_sniff_mode(conn); | 269 | hci_conn_enter_sniff_mode(conn); |
270 | } | 270 | } |
271 | 271 | ||
272 | static void hci_conn_auto_accept(unsigned long arg) | ||
273 | { | ||
274 | struct hci_conn *conn = (void *) arg; | ||
275 | struct hci_dev *hdev = conn->hdev; | ||
276 | |||
277 | hci_dev_lock(hdev); | ||
278 | |||
279 | hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_REPLY, sizeof(conn->dst), | ||
280 | &conn->dst); | ||
281 | |||
282 | hci_dev_unlock(hdev); | ||
283 | } | ||
284 | |||
272 | struct hci_conn *hci_conn_add(struct hci_dev *hdev, int type, bdaddr_t *dst) | 285 | struct hci_conn *hci_conn_add(struct hci_dev *hdev, int type, bdaddr_t *dst) |
273 | { | 286 | { |
274 | struct hci_conn *conn; | 287 | struct hci_conn *conn; |
@@ -287,6 +300,7 @@ struct hci_conn *hci_conn_add(struct hci_dev *hdev, int type, bdaddr_t *dst) | |||
287 | conn->auth_type = HCI_AT_GENERAL_BONDING; | 300 | conn->auth_type = HCI_AT_GENERAL_BONDING; |
288 | conn->io_capability = hdev->io_capability; | 301 | conn->io_capability = hdev->io_capability; |
289 | conn->remote_auth = 0xff; | 302 | conn->remote_auth = 0xff; |
303 | conn->key_type = 0xff; | ||
290 | 304 | ||
291 | conn->power_save = 1; | 305 | conn->power_save = 1; |
292 | conn->disc_timeout = HCI_DISCONN_TIMEOUT; | 306 | conn->disc_timeout = HCI_DISCONN_TIMEOUT; |
@@ -311,6 +325,8 @@ struct hci_conn *hci_conn_add(struct hci_dev *hdev, int type, bdaddr_t *dst) | |||
311 | 325 | ||
312 | setup_timer(&conn->disc_timer, hci_conn_timeout, (unsigned long)conn); | 326 | setup_timer(&conn->disc_timer, hci_conn_timeout, (unsigned long)conn); |
313 | setup_timer(&conn->idle_timer, hci_conn_idle, (unsigned long)conn); | 327 | setup_timer(&conn->idle_timer, hci_conn_idle, (unsigned long)conn); |
328 | setup_timer(&conn->auto_accept_timer, hci_conn_auto_accept, | ||
329 | (unsigned long) conn); | ||
314 | 330 | ||
315 | atomic_set(&conn->refcnt, 0); | 331 | atomic_set(&conn->refcnt, 0); |
316 | 332 | ||
@@ -341,6 +357,8 @@ int hci_conn_del(struct hci_conn *conn) | |||
341 | 357 | ||
342 | del_timer(&conn->disc_timer); | 358 | del_timer(&conn->disc_timer); |
343 | 359 | ||
360 | del_timer(&conn->auto_accept_timer); | ||
361 | |||
344 | if (conn->type == ACL_LINK) { | 362 | if (conn->type == ACL_LINK) { |
345 | struct hci_conn *sco = conn->link; | 363 | struct hci_conn *sco = conn->link; |
346 | if (sco) | 364 | if (sco) |
@@ -535,32 +553,72 @@ static int hci_conn_auth(struct hci_conn *conn, __u8 sec_level, __u8 auth_type) | |||
535 | return 0; | 553 | return 0; |
536 | } | 554 | } |
537 | 555 | ||
556 | /* Encrypt the the link */ | ||
557 | static void hci_conn_encrypt(struct hci_conn *conn) | ||
558 | { | ||
559 | BT_DBG("conn %p", conn); | ||
560 | |||
561 | if (!test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend)) { | ||
562 | struct hci_cp_set_conn_encrypt cp; | ||
563 | cp.handle = cpu_to_le16(conn->handle); | ||
564 | cp.encrypt = 0x01; | ||
565 | hci_send_cmd(conn->hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp), | ||
566 | &cp); | ||
567 | } | ||
568 | } | ||
569 | |||
538 | /* Enable security */ | 570 | /* Enable security */ |
539 | int hci_conn_security(struct hci_conn *conn, __u8 sec_level, __u8 auth_type) | 571 | int hci_conn_security(struct hci_conn *conn, __u8 sec_level, __u8 auth_type) |
540 | { | 572 | { |
541 | BT_DBG("conn %p", conn); | 573 | BT_DBG("conn %p", conn); |
542 | 574 | ||
575 | /* For sdp we don't need the link key. */ | ||
543 | if (sec_level == BT_SECURITY_SDP) | 576 | if (sec_level == BT_SECURITY_SDP) |
544 | return 1; | 577 | return 1; |
545 | 578 | ||
579 | /* For non 2.1 devices and low security level we don't need the link | ||
580 | key. */ | ||
546 | if (sec_level == BT_SECURITY_LOW && | 581 | if (sec_level == BT_SECURITY_LOW && |
547 | (!conn->ssp_mode || !conn->hdev->ssp_mode)) | 582 | (!conn->ssp_mode || !conn->hdev->ssp_mode)) |
548 | return 1; | 583 | return 1; |
549 | 584 | ||
550 | if (conn->link_mode & HCI_LM_ENCRYPT) | 585 | /* For other security levels we need the link key. */ |
551 | return hci_conn_auth(conn, sec_level, auth_type); | 586 | if (!(conn->link_mode & HCI_LM_AUTH)) |
552 | 587 | goto auth; | |
588 | |||
589 | /* An authenticated combination key has sufficient security for any | ||
590 | security level. */ | ||
591 | if (conn->key_type == HCI_LK_AUTH_COMBINATION) | ||
592 | goto encrypt; | ||
593 | |||
594 | /* An unauthenticated combination key has sufficient security for | ||
595 | security level 1 and 2. */ | ||
596 | if (conn->key_type == HCI_LK_UNAUTH_COMBINATION && | ||
597 | (sec_level == BT_SECURITY_MEDIUM || | ||
598 | sec_level == BT_SECURITY_LOW)) | ||
599 | goto encrypt; | ||
600 | |||
601 | /* A combination key has always sufficient security for the security | ||
602 | levels 1 or 2. High security level requires the combination key | ||
603 | is generated using maximum PIN code length (16). | ||
604 | For pre 2.1 units. */ | ||
605 | if (conn->key_type == HCI_LK_COMBINATION && | ||
606 | (sec_level != BT_SECURITY_HIGH || | ||
607 | conn->pin_length == 16)) | ||
608 | goto encrypt; | ||
609 | |||
610 | auth: | ||
553 | if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend)) | 611 | if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend)) |
554 | return 0; | 612 | return 0; |
555 | 613 | ||
556 | if (hci_conn_auth(conn, sec_level, auth_type)) { | 614 | hci_conn_auth(conn, sec_level, auth_type); |
557 | struct hci_cp_set_conn_encrypt cp; | 615 | return 0; |
558 | cp.handle = cpu_to_le16(conn->handle); | 616 | |
559 | cp.encrypt = 1; | 617 | encrypt: |
560 | hci_send_cmd(conn->hdev, HCI_OP_SET_CONN_ENCRYPT, | 618 | if (conn->link_mode & HCI_LM_ENCRYPT) |
561 | sizeof(cp), &cp); | 619 | return 1; |
562 | } | ||
563 | 620 | ||
621 | hci_conn_encrypt(conn); | ||
564 | return 0; | 622 | return 0; |
565 | } | 623 | } |
566 | EXPORT_SYMBOL(hci_conn_security); | 624 | EXPORT_SYMBOL(hci_conn_security); |
diff --git a/net/bluetooth/hci_core.c b/net/bluetooth/hci_core.c index e057d123599..815269b07f2 100644 --- a/net/bluetooth/hci_core.c +++ b/net/bluetooth/hci_core.c | |||
@@ -1020,18 +1020,54 @@ struct link_key *hci_find_link_key(struct hci_dev *hdev, bdaddr_t *bdaddr) | |||
1020 | return NULL; | 1020 | return NULL; |
1021 | } | 1021 | } |
1022 | 1022 | ||
1023 | int hci_add_link_key(struct hci_dev *hdev, int new_key, bdaddr_t *bdaddr, | 1023 | static int hci_persistent_key(struct hci_dev *hdev, struct hci_conn *conn, |
1024 | u8 *val, u8 type, u8 pin_len) | 1024 | u8 key_type, u8 old_key_type) |
1025 | { | ||
1026 | /* Legacy key */ | ||
1027 | if (key_type < 0x03) | ||
1028 | return 1; | ||
1029 | |||
1030 | /* Debug keys are insecure so don't store them persistently */ | ||
1031 | if (key_type == HCI_LK_DEBUG_COMBINATION) | ||
1032 | return 0; | ||
1033 | |||
1034 | /* Changed combination key and there's no previous one */ | ||
1035 | if (key_type == HCI_LK_CHANGED_COMBINATION && old_key_type == 0xff) | ||
1036 | return 0; | ||
1037 | |||
1038 | /* Security mode 3 case */ | ||
1039 | if (!conn) | ||
1040 | return 1; | ||
1041 | |||
1042 | /* Neither local nor remote side had no-bonding as requirement */ | ||
1043 | if (conn->auth_type > 0x01 && conn->remote_auth > 0x01) | ||
1044 | return 1; | ||
1045 | |||
1046 | /* Local side had dedicated bonding as requirement */ | ||
1047 | if (conn->auth_type == 0x02 || conn->auth_type == 0x03) | ||
1048 | return 1; | ||
1049 | |||
1050 | /* Remote side had dedicated bonding as requirement */ | ||
1051 | if (conn->remote_auth == 0x02 || conn->remote_auth == 0x03) | ||
1052 | return 1; | ||
1053 | |||
1054 | /* If none of the above criteria match, then don't store the key | ||
1055 | * persistently */ | ||
1056 | return 0; | ||
1057 | } | ||
1058 | |||
1059 | int hci_add_link_key(struct hci_dev *hdev, struct hci_conn *conn, int new_key, | ||
1060 | bdaddr_t *bdaddr, u8 *val, u8 type, u8 pin_len) | ||
1025 | { | 1061 | { |
1026 | struct link_key *key, *old_key; | 1062 | struct link_key *key, *old_key; |
1027 | u8 old_key_type; | 1063 | u8 old_key_type, persistent; |
1028 | 1064 | ||
1029 | old_key = hci_find_link_key(hdev, bdaddr); | 1065 | old_key = hci_find_link_key(hdev, bdaddr); |
1030 | if (old_key) { | 1066 | if (old_key) { |
1031 | old_key_type = old_key->type; | 1067 | old_key_type = old_key->type; |
1032 | key = old_key; | 1068 | key = old_key; |
1033 | } else { | 1069 | } else { |
1034 | old_key_type = 0xff; | 1070 | old_key_type = conn ? conn->key_type : 0xff; |
1035 | key = kzalloc(sizeof(*key), GFP_ATOMIC); | 1071 | key = kzalloc(sizeof(*key), GFP_ATOMIC); |
1036 | if (!key) | 1072 | if (!key) |
1037 | return -ENOMEM; | 1073 | return -ENOMEM; |
@@ -1040,16 +1076,37 @@ int hci_add_link_key(struct hci_dev *hdev, int new_key, bdaddr_t *bdaddr, | |||
1040 | 1076 | ||
1041 | BT_DBG("%s key for %s type %u", hdev->name, batostr(bdaddr), type); | 1077 | BT_DBG("%s key for %s type %u", hdev->name, batostr(bdaddr), type); |
1042 | 1078 | ||
1079 | /* Some buggy controller combinations generate a changed | ||
1080 | * combination key for legacy pairing even when there's no | ||
1081 | * previous key */ | ||
1082 | if (type == HCI_LK_CHANGED_COMBINATION && | ||
1083 | (!conn || conn->remote_auth == 0xff) && | ||
1084 | old_key_type == 0xff) { | ||
1085 | type = HCI_LK_COMBINATION; | ||
1086 | if (conn) | ||
1087 | conn->key_type = type; | ||
1088 | } | ||
1089 | |||
1043 | bacpy(&key->bdaddr, bdaddr); | 1090 | bacpy(&key->bdaddr, bdaddr); |
1044 | memcpy(key->val, val, 16); | 1091 | memcpy(key->val, val, 16); |
1045 | key->type = type; | ||
1046 | key->pin_len = pin_len; | 1092 | key->pin_len = pin_len; |
1047 | 1093 | ||
1048 | if (new_key) | 1094 | if (type == HCI_LK_CHANGED_COMBINATION) |
1049 | mgmt_new_key(hdev->id, key, old_key_type); | ||
1050 | |||
1051 | if (type == 0x06) | ||
1052 | key->type = old_key_type; | 1095 | key->type = old_key_type; |
1096 | else | ||
1097 | key->type = type; | ||
1098 | |||
1099 | if (!new_key) | ||
1100 | return 0; | ||
1101 | |||
1102 | persistent = hci_persistent_key(hdev, conn, type, old_key_type); | ||
1103 | |||
1104 | mgmt_new_key(hdev->id, key, persistent); | ||
1105 | |||
1106 | if (!persistent) { | ||
1107 | list_del(&key->list); | ||
1108 | kfree(key); | ||
1109 | } | ||
1053 | 1110 | ||
1054 | return 0; | 1111 | return 0; |
1055 | } | 1112 | } |
diff --git a/net/bluetooth/hci_event.c b/net/bluetooth/hci_event.c index cb25628c058..d5aa97ee6ff 100644 --- a/net/bluetooth/hci_event.c +++ b/net/bluetooth/hci_event.c | |||
@@ -56,7 +56,9 @@ static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb) | |||
56 | if (status) | 56 | if (status) |
57 | return; | 57 | return; |
58 | 58 | ||
59 | clear_bit(HCI_INQUIRY, &hdev->flags); | 59 | if (test_bit(HCI_MGMT, &hdev->flags) && |
60 | test_and_clear_bit(HCI_INQUIRY, &hdev->flags)) | ||
61 | mgmt_discovering(hdev->id, 0); | ||
60 | 62 | ||
61 | hci_req_complete(hdev, HCI_OP_INQUIRY_CANCEL, status); | 63 | hci_req_complete(hdev, HCI_OP_INQUIRY_CANCEL, status); |
62 | 64 | ||
@@ -72,7 +74,9 @@ static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb) | |||
72 | if (status) | 74 | if (status) |
73 | return; | 75 | return; |
74 | 76 | ||
75 | clear_bit(HCI_INQUIRY, &hdev->flags); | 77 | if (test_bit(HCI_MGMT, &hdev->flags) && |
78 | test_and_clear_bit(HCI_INQUIRY, &hdev->flags)) | ||
79 | mgmt_discovering(hdev->id, 0); | ||
76 | 80 | ||
77 | hci_conn_check_pending(hdev); | 81 | hci_conn_check_pending(hdev); |
78 | } | 82 | } |
@@ -841,10 +845,14 @@ static inline void hci_cs_inquiry(struct hci_dev *hdev, __u8 status) | |||
841 | 845 | ||
842 | if (status) { | 846 | if (status) { |
843 | hci_req_complete(hdev, HCI_OP_INQUIRY, status); | 847 | hci_req_complete(hdev, HCI_OP_INQUIRY, status); |
844 | |||
845 | hci_conn_check_pending(hdev); | 848 | hci_conn_check_pending(hdev); |
846 | } else | 849 | return; |
847 | set_bit(HCI_INQUIRY, &hdev->flags); | 850 | } |
851 | |||
852 | if (test_bit(HCI_MGMT, &hdev->flags) && | ||
853 | !test_and_set_bit(HCI_INQUIRY, | ||
854 | &hdev->flags)) | ||
855 | mgmt_discovering(hdev->id, 1); | ||
848 | } | 856 | } |
849 | 857 | ||
850 | static inline void hci_cs_create_conn(struct hci_dev *hdev, __u8 status) | 858 | static inline void hci_cs_create_conn(struct hci_dev *hdev, __u8 status) |
@@ -1013,12 +1021,19 @@ static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status) | |||
1013 | hci_dev_lock(hdev); | 1021 | hci_dev_lock(hdev); |
1014 | 1022 | ||
1015 | conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr); | 1023 | conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr); |
1016 | if (conn && hci_outgoing_auth_needed(hdev, conn)) { | 1024 | if (!conn) |
1025 | goto unlock; | ||
1026 | |||
1027 | if (!hci_outgoing_auth_needed(hdev, conn)) | ||
1028 | goto unlock; | ||
1029 | |||
1030 | if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->pend)) { | ||
1017 | struct hci_cp_auth_requested cp; | 1031 | struct hci_cp_auth_requested cp; |
1018 | cp.handle = __cpu_to_le16(conn->handle); | 1032 | cp.handle = __cpu_to_le16(conn->handle); |
1019 | hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp); | 1033 | hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp); |
1020 | } | 1034 | } |
1021 | 1035 | ||
1036 | unlock: | ||
1022 | hci_dev_unlock(hdev); | 1037 | hci_dev_unlock(hdev); |
1023 | } | 1038 | } |
1024 | 1039 | ||
@@ -1208,7 +1223,9 @@ static inline void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff | |||
1208 | 1223 | ||
1209 | BT_DBG("%s status %d", hdev->name, status); | 1224 | BT_DBG("%s status %d", hdev->name, status); |
1210 | 1225 | ||
1211 | clear_bit(HCI_INQUIRY, &hdev->flags); | 1226 | if (test_bit(HCI_MGMT, &hdev->flags) && |
1227 | test_and_clear_bit(HCI_INQUIRY, &hdev->flags)) | ||
1228 | mgmt_discovering(hdev->id, 0); | ||
1212 | 1229 | ||
1213 | hci_req_complete(hdev, HCI_OP_INQUIRY, status); | 1230 | hci_req_complete(hdev, HCI_OP_INQUIRY, status); |
1214 | 1231 | ||
@@ -1228,6 +1245,12 @@ static inline void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff * | |||
1228 | 1245 | ||
1229 | hci_dev_lock(hdev); | 1246 | hci_dev_lock(hdev); |
1230 | 1247 | ||
1248 | if (!test_and_set_bit(HCI_INQUIRY, &hdev->flags)) { | ||
1249 | |||
1250 | if (test_bit(HCI_MGMT, &hdev->flags)) | ||
1251 | mgmt_discovering(hdev->id, 1); | ||
1252 | } | ||
1253 | |||
1231 | for (; num_rsp; num_rsp--, info++) { | 1254 | for (; num_rsp; num_rsp--, info++) { |
1232 | bacpy(&data.bdaddr, &info->bdaddr); | 1255 | bacpy(&data.bdaddr, &info->bdaddr); |
1233 | data.pscan_rep_mode = info->pscan_rep_mode; | 1256 | data.pscan_rep_mode = info->pscan_rep_mode; |
@@ -1443,7 +1466,6 @@ static inline void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *s | |||
1443 | conn->sec_level = conn->pending_sec_level; | 1466 | conn->sec_level = conn->pending_sec_level; |
1444 | } else { | 1467 | } else { |
1445 | mgmt_auth_failed(hdev->id, &conn->dst, ev->status); | 1468 | mgmt_auth_failed(hdev->id, &conn->dst, ev->status); |
1446 | conn->sec_level = BT_SECURITY_LOW; | ||
1447 | } | 1469 | } |
1448 | 1470 | ||
1449 | clear_bit(HCI_CONN_AUTH_PEND, &conn->pend); | 1471 | clear_bit(HCI_CONN_AUTH_PEND, &conn->pend); |
@@ -1501,12 +1523,19 @@ static inline void hci_remote_name_evt(struct hci_dev *hdev, struct sk_buff *skb | |||
1501 | mgmt_remote_name(hdev->id, &ev->bdaddr, ev->name); | 1523 | mgmt_remote_name(hdev->id, &ev->bdaddr, ev->name); |
1502 | 1524 | ||
1503 | conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); | 1525 | conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); |
1504 | if (conn && hci_outgoing_auth_needed(hdev, conn)) { | 1526 | if (!conn) |
1527 | goto unlock; | ||
1528 | |||
1529 | if (!hci_outgoing_auth_needed(hdev, conn)) | ||
1530 | goto unlock; | ||
1531 | |||
1532 | if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->pend)) { | ||
1505 | struct hci_cp_auth_requested cp; | 1533 | struct hci_cp_auth_requested cp; |
1506 | cp.handle = __cpu_to_le16(conn->handle); | 1534 | cp.handle = __cpu_to_le16(conn->handle); |
1507 | hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp); | 1535 | hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp); |
1508 | } | 1536 | } |
1509 | 1537 | ||
1538 | unlock: | ||
1510 | hci_dev_unlock(hdev); | 1539 | hci_dev_unlock(hdev); |
1511 | } | 1540 | } |
1512 | 1541 | ||
@@ -2006,9 +2035,16 @@ static inline void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff | |||
2006 | if (!test_bit(HCI_PAIRABLE, &hdev->flags)) | 2035 | if (!test_bit(HCI_PAIRABLE, &hdev->flags)) |
2007 | hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY, | 2036 | hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY, |
2008 | sizeof(ev->bdaddr), &ev->bdaddr); | 2037 | sizeof(ev->bdaddr), &ev->bdaddr); |
2038 | else if (test_bit(HCI_MGMT, &hdev->flags)) { | ||
2039 | u8 secure; | ||
2009 | 2040 | ||
2010 | if (test_bit(HCI_MGMT, &hdev->flags)) | 2041 | if (conn->pending_sec_level == BT_SECURITY_HIGH) |
2011 | mgmt_pin_code_request(hdev->id, &ev->bdaddr); | 2042 | secure = 1; |
2043 | else | ||
2044 | secure = 0; | ||
2045 | |||
2046 | mgmt_pin_code_request(hdev->id, &ev->bdaddr, secure); | ||
2047 | } | ||
2012 | 2048 | ||
2013 | hci_dev_unlock(hdev); | 2049 | hci_dev_unlock(hdev); |
2014 | } | 2050 | } |
@@ -2037,17 +2073,30 @@ static inline void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff | |||
2037 | BT_DBG("%s found key type %u for %s", hdev->name, key->type, | 2073 | BT_DBG("%s found key type %u for %s", hdev->name, key->type, |
2038 | batostr(&ev->bdaddr)); | 2074 | batostr(&ev->bdaddr)); |
2039 | 2075 | ||
2040 | if (!test_bit(HCI_DEBUG_KEYS, &hdev->flags) && key->type == 0x03) { | 2076 | if (!test_bit(HCI_DEBUG_KEYS, &hdev->flags) && |
2077 | key->type == HCI_LK_DEBUG_COMBINATION) { | ||
2041 | BT_DBG("%s ignoring debug key", hdev->name); | 2078 | BT_DBG("%s ignoring debug key", hdev->name); |
2042 | goto not_found; | 2079 | goto not_found; |
2043 | } | 2080 | } |
2044 | 2081 | ||
2045 | conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); | 2082 | conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); |
2083 | if (conn) { | ||
2084 | if (key->type == HCI_LK_UNAUTH_COMBINATION && | ||
2085 | conn->auth_type != 0xff && | ||
2086 | (conn->auth_type & 0x01)) { | ||
2087 | BT_DBG("%s ignoring unauthenticated key", hdev->name); | ||
2088 | goto not_found; | ||
2089 | } | ||
2046 | 2090 | ||
2047 | if (key->type == 0x04 && conn && conn->auth_type != 0xff && | 2091 | if (key->type == HCI_LK_COMBINATION && key->pin_len < 16 && |
2048 | (conn->auth_type & 0x01)) { | 2092 | conn->pending_sec_level == BT_SECURITY_HIGH) { |
2049 | BT_DBG("%s ignoring unauthenticated key", hdev->name); | 2093 | BT_DBG("%s ignoring key unauthenticated for high \ |
2050 | goto not_found; | 2094 | security", hdev->name); |
2095 | goto not_found; | ||
2096 | } | ||
2097 | |||
2098 | conn->key_type = key->type; | ||
2099 | conn->pin_length = key->pin_len; | ||
2051 | } | 2100 | } |
2052 | 2101 | ||
2053 | bacpy(&cp.bdaddr, &ev->bdaddr); | 2102 | bacpy(&cp.bdaddr, &ev->bdaddr); |
@@ -2079,11 +2128,15 @@ static inline void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff | |||
2079 | hci_conn_hold(conn); | 2128 | hci_conn_hold(conn); |
2080 | conn->disc_timeout = HCI_DISCONN_TIMEOUT; | 2129 | conn->disc_timeout = HCI_DISCONN_TIMEOUT; |
2081 | pin_len = conn->pin_length; | 2130 | pin_len = conn->pin_length; |
2131 | |||
2132 | if (ev->key_type != HCI_LK_CHANGED_COMBINATION) | ||
2133 | conn->key_type = ev->key_type; | ||
2134 | |||
2082 | hci_conn_put(conn); | 2135 | hci_conn_put(conn); |
2083 | } | 2136 | } |
2084 | 2137 | ||
2085 | if (test_bit(HCI_LINK_KEYS, &hdev->flags)) | 2138 | if (test_bit(HCI_LINK_KEYS, &hdev->flags)) |
2086 | hci_add_link_key(hdev, 1, &ev->bdaddr, ev->link_key, | 2139 | hci_add_link_key(hdev, conn, 1, &ev->bdaddr, ev->link_key, |
2087 | ev->key_type, pin_len); | 2140 | ev->key_type, pin_len); |
2088 | 2141 | ||
2089 | hci_dev_unlock(hdev); | 2142 | hci_dev_unlock(hdev); |
@@ -2158,6 +2211,12 @@ static inline void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev, struct | |||
2158 | 2211 | ||
2159 | hci_dev_lock(hdev); | 2212 | hci_dev_lock(hdev); |
2160 | 2213 | ||
2214 | if (!test_and_set_bit(HCI_INQUIRY, &hdev->flags)) { | ||
2215 | |||
2216 | if (test_bit(HCI_MGMT, &hdev->flags)) | ||
2217 | mgmt_discovering(hdev->id, 1); | ||
2218 | } | ||
2219 | |||
2161 | if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) { | 2220 | if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) { |
2162 | struct inquiry_info_with_rssi_and_pscan_mode *info; | 2221 | struct inquiry_info_with_rssi_and_pscan_mode *info; |
2163 | info = (void *) (skb->data + 1); | 2222 | info = (void *) (skb->data + 1); |
@@ -2320,6 +2379,12 @@ static inline void hci_extended_inquiry_result_evt(struct hci_dev *hdev, struct | |||
2320 | if (!num_rsp) | 2379 | if (!num_rsp) |
2321 | return; | 2380 | return; |
2322 | 2381 | ||
2382 | if (!test_and_set_bit(HCI_INQUIRY, &hdev->flags)) { | ||
2383 | |||
2384 | if (test_bit(HCI_MGMT, &hdev->flags)) | ||
2385 | mgmt_discovering(hdev->id, 1); | ||
2386 | } | ||
2387 | |||
2323 | hci_dev_lock(hdev); | 2388 | hci_dev_lock(hdev); |
2324 | 2389 | ||
2325 | for (; num_rsp; num_rsp--, info++) { | 2390 | for (; num_rsp; num_rsp--, info++) { |
@@ -2353,7 +2418,7 @@ static inline u8 hci_get_auth_req(struct hci_conn *conn) | |||
2353 | 2418 | ||
2354 | /* If remote requests no-bonding follow that lead */ | 2419 | /* If remote requests no-bonding follow that lead */ |
2355 | if (conn->remote_auth == 0x00 || conn->remote_auth == 0x01) | 2420 | if (conn->remote_auth == 0x00 || conn->remote_auth == 0x01) |
2356 | return 0x00; | 2421 | return conn->remote_auth | (conn->auth_type & 0x01); |
2357 | 2422 | ||
2358 | return conn->auth_type; | 2423 | return conn->auth_type; |
2359 | } | 2424 | } |
@@ -2382,7 +2447,8 @@ static inline void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff | |||
2382 | 2447 | ||
2383 | bacpy(&cp.bdaddr, &ev->bdaddr); | 2448 | bacpy(&cp.bdaddr, &ev->bdaddr); |
2384 | cp.capability = conn->io_capability; | 2449 | cp.capability = conn->io_capability; |
2385 | cp.authentication = hci_get_auth_req(conn); | 2450 | conn->auth_type = hci_get_auth_req(conn); |
2451 | cp.authentication = conn->auth_type; | ||
2386 | 2452 | ||
2387 | if ((conn->out == 0x01 || conn->remote_oob == 0x01) && | 2453 | if ((conn->out == 0x01 || conn->remote_oob == 0x01) && |
2388 | hci_find_remote_oob_data(hdev, &conn->dst)) | 2454 | hci_find_remote_oob_data(hdev, &conn->dst)) |
@@ -2396,7 +2462,7 @@ static inline void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff | |||
2396 | struct hci_cp_io_capability_neg_reply cp; | 2462 | struct hci_cp_io_capability_neg_reply cp; |
2397 | 2463 | ||
2398 | bacpy(&cp.bdaddr, &ev->bdaddr); | 2464 | bacpy(&cp.bdaddr, &ev->bdaddr); |
2399 | cp.reason = 0x16; /* Pairing not allowed */ | 2465 | cp.reason = 0x18; /* Pairing not allowed */ |
2400 | 2466 | ||
2401 | hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_NEG_REPLY, | 2467 | hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_NEG_REPLY, |
2402 | sizeof(cp), &cp); | 2468 | sizeof(cp), &cp); |
@@ -2431,14 +2497,67 @@ static inline void hci_user_confirm_request_evt(struct hci_dev *hdev, | |||
2431 | struct sk_buff *skb) | 2497 | struct sk_buff *skb) |
2432 | { | 2498 | { |
2433 | struct hci_ev_user_confirm_req *ev = (void *) skb->data; | 2499 | struct hci_ev_user_confirm_req *ev = (void *) skb->data; |
2500 | int loc_mitm, rem_mitm, confirm_hint = 0; | ||
2501 | struct hci_conn *conn; | ||
2434 | 2502 | ||
2435 | BT_DBG("%s", hdev->name); | 2503 | BT_DBG("%s", hdev->name); |
2436 | 2504 | ||
2437 | hci_dev_lock(hdev); | 2505 | hci_dev_lock(hdev); |
2438 | 2506 | ||
2439 | if (test_bit(HCI_MGMT, &hdev->flags)) | 2507 | if (!test_bit(HCI_MGMT, &hdev->flags)) |
2440 | mgmt_user_confirm_request(hdev->id, &ev->bdaddr, ev->passkey); | 2508 | goto unlock; |
2509 | |||
2510 | conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); | ||
2511 | if (!conn) | ||
2512 | goto unlock; | ||
2513 | |||
2514 | loc_mitm = (conn->auth_type & 0x01); | ||
2515 | rem_mitm = (conn->remote_auth & 0x01); | ||
2516 | |||
2517 | /* If we require MITM but the remote device can't provide that | ||
2518 | * (it has NoInputNoOutput) then reject the confirmation | ||
2519 | * request. The only exception is when we're dedicated bonding | ||
2520 | * initiators (connect_cfm_cb set) since then we always have the MITM | ||
2521 | * bit set. */ | ||
2522 | if (!conn->connect_cfm_cb && loc_mitm && conn->remote_cap == 0x03) { | ||
2523 | BT_DBG("Rejecting request: remote device can't provide MITM"); | ||
2524 | hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_NEG_REPLY, | ||
2525 | sizeof(ev->bdaddr), &ev->bdaddr); | ||
2526 | goto unlock; | ||
2527 | } | ||
2528 | |||
2529 | /* If no side requires MITM protection; auto-accept */ | ||
2530 | if ((!loc_mitm || conn->remote_cap == 0x03) && | ||
2531 | (!rem_mitm || conn->io_capability == 0x03)) { | ||
2441 | 2532 | ||
2533 | /* If we're not the initiators request authorization to | ||
2534 | * proceed from user space (mgmt_user_confirm with | ||
2535 | * confirm_hint set to 1). */ | ||
2536 | if (!test_bit(HCI_CONN_AUTH_PEND, &conn->pend)) { | ||
2537 | BT_DBG("Confirming auto-accept as acceptor"); | ||
2538 | confirm_hint = 1; | ||
2539 | goto confirm; | ||
2540 | } | ||
2541 | |||
2542 | BT_DBG("Auto-accept of user confirmation with %ums delay", | ||
2543 | hdev->auto_accept_delay); | ||
2544 | |||
2545 | if (hdev->auto_accept_delay > 0) { | ||
2546 | int delay = msecs_to_jiffies(hdev->auto_accept_delay); | ||
2547 | mod_timer(&conn->auto_accept_timer, jiffies + delay); | ||
2548 | goto unlock; | ||
2549 | } | ||
2550 | |||
2551 | hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_REPLY, | ||
2552 | sizeof(ev->bdaddr), &ev->bdaddr); | ||
2553 | goto unlock; | ||
2554 | } | ||
2555 | |||
2556 | confirm: | ||
2557 | mgmt_user_confirm_request(hdev->id, &ev->bdaddr, ev->passkey, | ||
2558 | confirm_hint); | ||
2559 | |||
2560 | unlock: | ||
2442 | hci_dev_unlock(hdev); | 2561 | hci_dev_unlock(hdev); |
2443 | } | 2562 | } |
2444 | 2563 | ||
diff --git a/net/bluetooth/hci_sysfs.c b/net/bluetooth/hci_sysfs.c index 8775933ea83..a6c3aa8be1f 100644 --- a/net/bluetooth/hci_sysfs.c +++ b/net/bluetooth/hci_sysfs.c | |||
@@ -511,6 +511,35 @@ static const struct file_operations uuids_fops = { | |||
511 | .release = single_release, | 511 | .release = single_release, |
512 | }; | 512 | }; |
513 | 513 | ||
514 | static int auto_accept_delay_set(void *data, u64 val) | ||
515 | { | ||
516 | struct hci_dev *hdev = data; | ||
517 | |||
518 | hci_dev_lock_bh(hdev); | ||
519 | |||
520 | hdev->auto_accept_delay = val; | ||
521 | |||
522 | hci_dev_unlock_bh(hdev); | ||
523 | |||
524 | return 0; | ||
525 | } | ||
526 | |||
527 | static int auto_accept_delay_get(void *data, u64 *val) | ||
528 | { | ||
529 | struct hci_dev *hdev = data; | ||
530 | |||
531 | hci_dev_lock_bh(hdev); | ||
532 | |||
533 | *val = hdev->auto_accept_delay; | ||
534 | |||
535 | hci_dev_unlock_bh(hdev); | ||
536 | |||
537 | return 0; | ||
538 | } | ||
539 | |||
540 | DEFINE_SIMPLE_ATTRIBUTE(auto_accept_delay_fops, auto_accept_delay_get, | ||
541 | auto_accept_delay_set, "%llu\n"); | ||
542 | |||
514 | int hci_register_sysfs(struct hci_dev *hdev) | 543 | int hci_register_sysfs(struct hci_dev *hdev) |
515 | { | 544 | { |
516 | struct device *dev = &hdev->dev; | 545 | struct device *dev = &hdev->dev; |
@@ -545,6 +574,8 @@ int hci_register_sysfs(struct hci_dev *hdev) | |||
545 | 574 | ||
546 | debugfs_create_file("uuids", 0444, hdev->debugfs, hdev, &uuids_fops); | 575 | debugfs_create_file("uuids", 0444, hdev->debugfs, hdev, &uuids_fops); |
547 | 576 | ||
577 | debugfs_create_file("auto_accept_delay", 0444, hdev->debugfs, hdev, | ||
578 | &auto_accept_delay_fops); | ||
548 | return 0; | 579 | return 0; |
549 | } | 580 | } |
550 | 581 | ||
diff --git a/net/bluetooth/hidp/core.c b/net/bluetooth/hidp/core.c index ae6ebc6c348..c405a954a60 100644 --- a/net/bluetooth/hidp/core.c +++ b/net/bluetooth/hidp/core.c | |||
@@ -979,8 +979,10 @@ int hidp_add_connection(struct hidp_connadd_req *req, struct socket *ctrl_sock, | |||
979 | 979 | ||
980 | bacpy(&session->bdaddr, &bt_sk(ctrl_sock->sk)->dst); | 980 | bacpy(&session->bdaddr, &bt_sk(ctrl_sock->sk)->dst); |
981 | 981 | ||
982 | session->ctrl_mtu = min_t(uint, l2cap_pi(ctrl_sock->sk)->omtu, l2cap_pi(ctrl_sock->sk)->imtu); | 982 | session->ctrl_mtu = min_t(uint, l2cap_pi(ctrl_sock->sk)->chan->omtu, |
983 | session->intr_mtu = min_t(uint, l2cap_pi(intr_sock->sk)->omtu, l2cap_pi(intr_sock->sk)->imtu); | 983 | l2cap_pi(ctrl_sock->sk)->chan->imtu); |
984 | session->intr_mtu = min_t(uint, l2cap_pi(intr_sock->sk)->chan->omtu, | ||
985 | l2cap_pi(intr_sock->sk)->chan->imtu); | ||
984 | 986 | ||
985 | BT_DBG("ctrl mtu %d intr mtu %d", session->ctrl_mtu, session->intr_mtu); | 987 | BT_DBG("ctrl mtu %d intr mtu %d", session->ctrl_mtu, session->intr_mtu); |
986 | 988 | ||
diff --git a/net/bluetooth/l2cap_core.c b/net/bluetooth/l2cap_core.c index fd3c1f35aa0..a378acc491e 100644 --- a/net/bluetooth/l2cap_core.c +++ b/net/bluetooth/l2cap_core.c | |||
@@ -80,8 +80,7 @@ static struct l2cap_chan *__l2cap_get_chan_by_dcid(struct l2cap_conn *conn, u16 | |||
80 | struct l2cap_chan *c; | 80 | struct l2cap_chan *c; |
81 | 81 | ||
82 | list_for_each_entry(c, &conn->chan_l, list) { | 82 | list_for_each_entry(c, &conn->chan_l, list) { |
83 | struct sock *s = c->sk; | 83 | if (c->dcid == cid) |
84 | if (l2cap_pi(s)->dcid == cid) | ||
85 | return c; | 84 | return c; |
86 | } | 85 | } |
87 | return NULL; | 86 | return NULL; |
@@ -93,8 +92,7 @@ static struct l2cap_chan *__l2cap_get_chan_by_scid(struct l2cap_conn *conn, u16 | |||
93 | struct l2cap_chan *c; | 92 | struct l2cap_chan *c; |
94 | 93 | ||
95 | list_for_each_entry(c, &conn->chan_l, list) { | 94 | list_for_each_entry(c, &conn->chan_l, list) { |
96 | struct sock *s = c->sk; | 95 | if (c->scid == cid) |
97 | if (l2cap_pi(s)->scid == cid) | ||
98 | return c; | 96 | return c; |
99 | } | 97 | } |
100 | return NULL; | 98 | return NULL; |
@@ -149,7 +147,7 @@ static u16 l2cap_alloc_cid(struct l2cap_conn *conn) | |||
149 | return 0; | 147 | return 0; |
150 | } | 148 | } |
151 | 149 | ||
152 | static struct l2cap_chan *l2cap_chan_alloc(struct sock *sk) | 150 | struct l2cap_chan *l2cap_chan_alloc(struct sock *sk) |
153 | { | 151 | { |
154 | struct l2cap_chan *chan; | 152 | struct l2cap_chan *chan; |
155 | 153 | ||
@@ -162,38 +160,43 @@ static struct l2cap_chan *l2cap_chan_alloc(struct sock *sk) | |||
162 | return chan; | 160 | return chan; |
163 | } | 161 | } |
164 | 162 | ||
163 | void l2cap_chan_free(struct l2cap_chan *chan) | ||
164 | { | ||
165 | kfree(chan); | ||
166 | } | ||
167 | |||
165 | static void __l2cap_chan_add(struct l2cap_conn *conn, struct l2cap_chan *chan) | 168 | static void __l2cap_chan_add(struct l2cap_conn *conn, struct l2cap_chan *chan) |
166 | { | 169 | { |
167 | struct sock *sk = chan->sk; | 170 | struct sock *sk = chan->sk; |
168 | 171 | ||
169 | BT_DBG("conn %p, psm 0x%2.2x, dcid 0x%4.4x", conn, | 172 | BT_DBG("conn %p, psm 0x%2.2x, dcid 0x%4.4x", conn, |
170 | l2cap_pi(sk)->psm, l2cap_pi(sk)->dcid); | 173 | chan->psm, chan->dcid); |
171 | 174 | ||
172 | conn->disc_reason = 0x13; | 175 | conn->disc_reason = 0x13; |
173 | 176 | ||
174 | l2cap_pi(sk)->conn = conn; | 177 | chan->conn = conn; |
175 | 178 | ||
176 | if (sk->sk_type == SOCK_SEQPACKET || sk->sk_type == SOCK_STREAM) { | 179 | if (sk->sk_type == SOCK_SEQPACKET || sk->sk_type == SOCK_STREAM) { |
177 | if (conn->hcon->type == LE_LINK) { | 180 | if (conn->hcon->type == LE_LINK) { |
178 | /* LE connection */ | 181 | /* LE connection */ |
179 | l2cap_pi(sk)->omtu = L2CAP_LE_DEFAULT_MTU; | 182 | chan->omtu = L2CAP_LE_DEFAULT_MTU; |
180 | l2cap_pi(sk)->scid = L2CAP_CID_LE_DATA; | 183 | chan->scid = L2CAP_CID_LE_DATA; |
181 | l2cap_pi(sk)->dcid = L2CAP_CID_LE_DATA; | 184 | chan->dcid = L2CAP_CID_LE_DATA; |
182 | } else { | 185 | } else { |
183 | /* Alloc CID for connection-oriented socket */ | 186 | /* Alloc CID for connection-oriented socket */ |
184 | l2cap_pi(sk)->scid = l2cap_alloc_cid(conn); | 187 | chan->scid = l2cap_alloc_cid(conn); |
185 | l2cap_pi(sk)->omtu = L2CAP_DEFAULT_MTU; | 188 | chan->omtu = L2CAP_DEFAULT_MTU; |
186 | } | 189 | } |
187 | } else if (sk->sk_type == SOCK_DGRAM) { | 190 | } else if (sk->sk_type == SOCK_DGRAM) { |
188 | /* Connectionless socket */ | 191 | /* Connectionless socket */ |
189 | l2cap_pi(sk)->scid = L2CAP_CID_CONN_LESS; | 192 | chan->scid = L2CAP_CID_CONN_LESS; |
190 | l2cap_pi(sk)->dcid = L2CAP_CID_CONN_LESS; | 193 | chan->dcid = L2CAP_CID_CONN_LESS; |
191 | l2cap_pi(sk)->omtu = L2CAP_DEFAULT_MTU; | 194 | chan->omtu = L2CAP_DEFAULT_MTU; |
192 | } else { | 195 | } else { |
193 | /* Raw socket can send/recv signalling messages only */ | 196 | /* Raw socket can send/recv signalling messages only */ |
194 | l2cap_pi(sk)->scid = L2CAP_CID_SIGNALING; | 197 | chan->scid = L2CAP_CID_SIGNALING; |
195 | l2cap_pi(sk)->dcid = L2CAP_CID_SIGNALING; | 198 | chan->dcid = L2CAP_CID_SIGNALING; |
196 | l2cap_pi(sk)->omtu = L2CAP_DEFAULT_MTU; | 199 | chan->omtu = L2CAP_DEFAULT_MTU; |
197 | } | 200 | } |
198 | 201 | ||
199 | sock_hold(sk); | 202 | sock_hold(sk); |
@@ -206,7 +209,7 @@ static void __l2cap_chan_add(struct l2cap_conn *conn, struct l2cap_chan *chan) | |||
206 | void l2cap_chan_del(struct l2cap_chan *chan, int err) | 209 | void l2cap_chan_del(struct l2cap_chan *chan, int err) |
207 | { | 210 | { |
208 | struct sock *sk = chan->sk; | 211 | struct sock *sk = chan->sk; |
209 | struct l2cap_conn *conn = l2cap_pi(sk)->conn; | 212 | struct l2cap_conn *conn = chan->conn; |
210 | struct sock *parent = bt_sk(sk)->parent; | 213 | struct sock *parent = bt_sk(sk)->parent; |
211 | 214 | ||
212 | l2cap_sock_clear_timer(sk); | 215 | l2cap_sock_clear_timer(sk); |
@@ -220,7 +223,7 @@ void l2cap_chan_del(struct l2cap_chan *chan, int err) | |||
220 | write_unlock_bh(&conn->chan_lock); | 223 | write_unlock_bh(&conn->chan_lock); |
221 | __sock_put(sk); | 224 | __sock_put(sk); |
222 | 225 | ||
223 | l2cap_pi(sk)->conn = NULL; | 226 | chan->conn = NULL; |
224 | hci_conn_put(conn->hcon); | 227 | hci_conn_put(conn->hcon); |
225 | } | 228 | } |
226 | 229 | ||
@@ -236,13 +239,13 @@ void l2cap_chan_del(struct l2cap_chan *chan, int err) | |||
236 | } else | 239 | } else |
237 | sk->sk_state_change(sk); | 240 | sk->sk_state_change(sk); |
238 | 241 | ||
239 | if (!(l2cap_pi(sk)->conf_state & L2CAP_CONF_OUTPUT_DONE && | 242 | if (!(chan->conf_state & L2CAP_CONF_OUTPUT_DONE && |
240 | l2cap_pi(sk)->conf_state & L2CAP_CONF_INPUT_DONE)) | 243 | chan->conf_state & L2CAP_CONF_INPUT_DONE)) |
241 | goto free; | 244 | return; |
242 | 245 | ||
243 | skb_queue_purge(&chan->tx_q); | 246 | skb_queue_purge(&chan->tx_q); |
244 | 247 | ||
245 | if (l2cap_pi(sk)->mode == L2CAP_MODE_ERTM) { | 248 | if (chan->mode == L2CAP_MODE_ERTM) { |
246 | struct srej_list *l, *tmp; | 249 | struct srej_list *l, *tmp; |
247 | 250 | ||
248 | del_timer(&chan->retrans_timer); | 251 | del_timer(&chan->retrans_timer); |
@@ -257,15 +260,14 @@ void l2cap_chan_del(struct l2cap_chan *chan, int err) | |||
257 | kfree(l); | 260 | kfree(l); |
258 | } | 261 | } |
259 | } | 262 | } |
260 | |||
261 | free: | ||
262 | kfree(chan); | ||
263 | } | 263 | } |
264 | 264 | ||
265 | static inline u8 l2cap_get_auth_type(struct sock *sk) | 265 | static inline u8 l2cap_get_auth_type(struct l2cap_chan *chan) |
266 | { | 266 | { |
267 | struct sock *sk = chan->sk; | ||
268 | |||
267 | if (sk->sk_type == SOCK_RAW) { | 269 | if (sk->sk_type == SOCK_RAW) { |
268 | switch (l2cap_pi(sk)->sec_level) { | 270 | switch (chan->sec_level) { |
269 | case BT_SECURITY_HIGH: | 271 | case BT_SECURITY_HIGH: |
270 | return HCI_AT_DEDICATED_BONDING_MITM; | 272 | return HCI_AT_DEDICATED_BONDING_MITM; |
271 | case BT_SECURITY_MEDIUM: | 273 | case BT_SECURITY_MEDIUM: |
@@ -273,16 +275,16 @@ static inline u8 l2cap_get_auth_type(struct sock *sk) | |||
273 | default: | 275 | default: |
274 | return HCI_AT_NO_BONDING; | 276 | return HCI_AT_NO_BONDING; |
275 | } | 277 | } |
276 | } else if (l2cap_pi(sk)->psm == cpu_to_le16(0x0001)) { | 278 | } else if (chan->psm == cpu_to_le16(0x0001)) { |
277 | if (l2cap_pi(sk)->sec_level == BT_SECURITY_LOW) | 279 | if (chan->sec_level == BT_SECURITY_LOW) |
278 | l2cap_pi(sk)->sec_level = BT_SECURITY_SDP; | 280 | chan->sec_level = BT_SECURITY_SDP; |
279 | 281 | ||
280 | if (l2cap_pi(sk)->sec_level == BT_SECURITY_HIGH) | 282 | if (chan->sec_level == BT_SECURITY_HIGH) |
281 | return HCI_AT_NO_BONDING_MITM; | 283 | return HCI_AT_NO_BONDING_MITM; |
282 | else | 284 | else |
283 | return HCI_AT_NO_BONDING; | 285 | return HCI_AT_NO_BONDING; |
284 | } else { | 286 | } else { |
285 | switch (l2cap_pi(sk)->sec_level) { | 287 | switch (chan->sec_level) { |
286 | case BT_SECURITY_HIGH: | 288 | case BT_SECURITY_HIGH: |
287 | return HCI_AT_GENERAL_BONDING_MITM; | 289 | return HCI_AT_GENERAL_BONDING_MITM; |
288 | case BT_SECURITY_MEDIUM: | 290 | case BT_SECURITY_MEDIUM: |
@@ -294,15 +296,14 @@ static inline u8 l2cap_get_auth_type(struct sock *sk) | |||
294 | } | 296 | } |
295 | 297 | ||
296 | /* Service level security */ | 298 | /* Service level security */ |
297 | static inline int l2cap_check_security(struct sock *sk) | 299 | static inline int l2cap_check_security(struct l2cap_chan *chan) |
298 | { | 300 | { |
299 | struct l2cap_conn *conn = l2cap_pi(sk)->conn; | 301 | struct l2cap_conn *conn = chan->conn; |
300 | __u8 auth_type; | 302 | __u8 auth_type; |
301 | 303 | ||
302 | auth_type = l2cap_get_auth_type(sk); | 304 | auth_type = l2cap_get_auth_type(chan); |
303 | 305 | ||
304 | return hci_conn_security(conn->hcon, l2cap_pi(sk)->sec_level, | 306 | return hci_conn_security(conn->hcon, chan->sec_level, auth_type); |
305 | auth_type); | ||
306 | } | 307 | } |
307 | 308 | ||
308 | u8 l2cap_get_ident(struct l2cap_conn *conn) | 309 | u8 l2cap_get_ident(struct l2cap_conn *conn) |
@@ -350,7 +351,7 @@ static inline void l2cap_send_sframe(struct l2cap_chan *chan, u16 control) | |||
350 | struct sk_buff *skb; | 351 | struct sk_buff *skb; |
351 | struct l2cap_hdr *lh; | 352 | struct l2cap_hdr *lh; |
352 | struct l2cap_pinfo *pi = l2cap_pi(chan->sk); | 353 | struct l2cap_pinfo *pi = l2cap_pi(chan->sk); |
353 | struct l2cap_conn *conn = pi->conn; | 354 | struct l2cap_conn *conn = chan->conn; |
354 | struct sock *sk = (struct sock *)pi; | 355 | struct sock *sk = (struct sock *)pi; |
355 | int count, hlen = L2CAP_HDR_SIZE + 2; | 356 | int count, hlen = L2CAP_HDR_SIZE + 2; |
356 | u8 flags; | 357 | u8 flags; |
@@ -358,7 +359,7 @@ static inline void l2cap_send_sframe(struct l2cap_chan *chan, u16 control) | |||
358 | if (sk->sk_state != BT_CONNECTED) | 359 | if (sk->sk_state != BT_CONNECTED) |
359 | return; | 360 | return; |
360 | 361 | ||
361 | if (pi->fcs == L2CAP_FCS_CRC16) | 362 | if (chan->fcs == L2CAP_FCS_CRC16) |
362 | hlen += 2; | 363 | hlen += 2; |
363 | 364 | ||
364 | BT_DBG("chan %p, control 0x%2.2x", chan, control); | 365 | BT_DBG("chan %p, control 0x%2.2x", chan, control); |
@@ -382,10 +383,10 @@ static inline void l2cap_send_sframe(struct l2cap_chan *chan, u16 control) | |||
382 | 383 | ||
383 | lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE); | 384 | lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE); |
384 | lh->len = cpu_to_le16(hlen - L2CAP_HDR_SIZE); | 385 | lh->len = cpu_to_le16(hlen - L2CAP_HDR_SIZE); |
385 | lh->cid = cpu_to_le16(pi->dcid); | 386 | lh->cid = cpu_to_le16(chan->dcid); |
386 | put_unaligned_le16(control, skb_put(skb, 2)); | 387 | put_unaligned_le16(control, skb_put(skb, 2)); |
387 | 388 | ||
388 | if (pi->fcs == L2CAP_FCS_CRC16) { | 389 | if (chan->fcs == L2CAP_FCS_CRC16) { |
389 | u16 fcs = crc16(0, (u8 *)lh, count - 2); | 390 | u16 fcs = crc16(0, (u8 *)lh, count - 2); |
390 | put_unaligned_le16(fcs, skb_put(skb, 2)); | 391 | put_unaligned_le16(fcs, skb_put(skb, 2)); |
391 | } | 392 | } |
@@ -395,7 +396,7 @@ static inline void l2cap_send_sframe(struct l2cap_chan *chan, u16 control) | |||
395 | else | 396 | else |
396 | flags = ACL_START; | 397 | flags = ACL_START; |
397 | 398 | ||
398 | hci_send_acl(pi->conn->hcon, skb, flags); | 399 | hci_send_acl(chan->conn->hcon, skb, flags); |
399 | } | 400 | } |
400 | 401 | ||
401 | static inline void l2cap_send_rr_or_rnr(struct l2cap_chan *chan, u16 control) | 402 | static inline void l2cap_send_rr_or_rnr(struct l2cap_chan *chan, u16 control) |
@@ -411,27 +412,27 @@ static inline void l2cap_send_rr_or_rnr(struct l2cap_chan *chan, u16 control) | |||
411 | l2cap_send_sframe(chan, control); | 412 | l2cap_send_sframe(chan, control); |
412 | } | 413 | } |
413 | 414 | ||
414 | static inline int __l2cap_no_conn_pending(struct sock *sk) | 415 | static inline int __l2cap_no_conn_pending(struct l2cap_chan *chan) |
415 | { | 416 | { |
416 | return !(l2cap_pi(sk)->conf_state & L2CAP_CONF_CONNECT_PEND); | 417 | return !(chan->conf_state & L2CAP_CONF_CONNECT_PEND); |
417 | } | 418 | } |
418 | 419 | ||
419 | static void l2cap_do_start(struct l2cap_chan *chan) | 420 | static void l2cap_do_start(struct l2cap_chan *chan) |
420 | { | 421 | { |
421 | struct sock *sk = chan->sk; | 422 | struct l2cap_conn *conn = chan->conn; |
422 | struct l2cap_conn *conn = l2cap_pi(sk)->conn; | ||
423 | 423 | ||
424 | if (conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_SENT) { | 424 | if (conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_SENT) { |
425 | if (!(conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_DONE)) | 425 | if (!(conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_DONE)) |
426 | return; | 426 | return; |
427 | 427 | ||
428 | if (l2cap_check_security(sk) && __l2cap_no_conn_pending(sk)) { | 428 | if (l2cap_check_security(chan) && |
429 | __l2cap_no_conn_pending(chan)) { | ||
429 | struct l2cap_conn_req req; | 430 | struct l2cap_conn_req req; |
430 | req.scid = cpu_to_le16(l2cap_pi(sk)->scid); | 431 | req.scid = cpu_to_le16(chan->scid); |
431 | req.psm = l2cap_pi(sk)->psm; | 432 | req.psm = chan->psm; |
432 | 433 | ||
433 | chan->ident = l2cap_get_ident(conn); | 434 | chan->ident = l2cap_get_ident(conn); |
434 | l2cap_pi(sk)->conf_state |= L2CAP_CONF_CONNECT_PEND; | 435 | chan->conf_state |= L2CAP_CONF_CONNECT_PEND; |
435 | 436 | ||
436 | l2cap_send_cmd(conn, chan->ident, L2CAP_CONN_REQ, | 437 | l2cap_send_cmd(conn, chan->ident, L2CAP_CONN_REQ, |
437 | sizeof(req), &req); | 438 | sizeof(req), &req); |
@@ -477,14 +478,14 @@ void l2cap_send_disconn_req(struct l2cap_conn *conn, struct l2cap_chan *chan, in | |||
477 | 478 | ||
478 | sk = chan->sk; | 479 | sk = chan->sk; |
479 | 480 | ||
480 | if (l2cap_pi(sk)->mode == L2CAP_MODE_ERTM) { | 481 | if (chan->mode == L2CAP_MODE_ERTM) { |
481 | del_timer(&chan->retrans_timer); | 482 | del_timer(&chan->retrans_timer); |
482 | del_timer(&chan->monitor_timer); | 483 | del_timer(&chan->monitor_timer); |
483 | del_timer(&chan->ack_timer); | 484 | del_timer(&chan->ack_timer); |
484 | } | 485 | } |
485 | 486 | ||
486 | req.dcid = cpu_to_le16(l2cap_pi(sk)->dcid); | 487 | req.dcid = cpu_to_le16(chan->dcid); |
487 | req.scid = cpu_to_le16(l2cap_pi(sk)->scid); | 488 | req.scid = cpu_to_le16(chan->scid); |
488 | l2cap_send_cmd(conn, l2cap_get_ident(conn), | 489 | l2cap_send_cmd(conn, l2cap_get_ident(conn), |
489 | L2CAP_DISCONN_REQ, sizeof(req), &req); | 490 | L2CAP_DISCONN_REQ, sizeof(req), &req); |
490 | 491 | ||
@@ -515,15 +516,15 @@ static void l2cap_conn_start(struct l2cap_conn *conn) | |||
515 | if (sk->sk_state == BT_CONNECT) { | 516 | if (sk->sk_state == BT_CONNECT) { |
516 | struct l2cap_conn_req req; | 517 | struct l2cap_conn_req req; |
517 | 518 | ||
518 | if (!l2cap_check_security(sk) || | 519 | if (!l2cap_check_security(chan) || |
519 | !__l2cap_no_conn_pending(sk)) { | 520 | !__l2cap_no_conn_pending(chan)) { |
520 | bh_unlock_sock(sk); | 521 | bh_unlock_sock(sk); |
521 | continue; | 522 | continue; |
522 | } | 523 | } |
523 | 524 | ||
524 | if (!l2cap_mode_supported(l2cap_pi(sk)->mode, | 525 | if (!l2cap_mode_supported(chan->mode, |
525 | conn->feat_mask) | 526 | conn->feat_mask) |
526 | && l2cap_pi(sk)->conf_state & | 527 | && chan->conf_state & |
527 | L2CAP_CONF_STATE2_DEVICE) { | 528 | L2CAP_CONF_STATE2_DEVICE) { |
528 | /* __l2cap_sock_close() calls list_del(chan) | 529 | /* __l2cap_sock_close() calls list_del(chan) |
529 | * so release the lock */ | 530 | * so release the lock */ |
@@ -534,11 +535,11 @@ static void l2cap_conn_start(struct l2cap_conn *conn) | |||
534 | continue; | 535 | continue; |
535 | } | 536 | } |
536 | 537 | ||
537 | req.scid = cpu_to_le16(l2cap_pi(sk)->scid); | 538 | req.scid = cpu_to_le16(chan->scid); |
538 | req.psm = l2cap_pi(sk)->psm; | 539 | req.psm = chan->psm; |
539 | 540 | ||
540 | chan->ident = l2cap_get_ident(conn); | 541 | chan->ident = l2cap_get_ident(conn); |
541 | l2cap_pi(sk)->conf_state |= L2CAP_CONF_CONNECT_PEND; | 542 | chan->conf_state |= L2CAP_CONF_CONNECT_PEND; |
542 | 543 | ||
543 | l2cap_send_cmd(conn, chan->ident, L2CAP_CONN_REQ, | 544 | l2cap_send_cmd(conn, chan->ident, L2CAP_CONN_REQ, |
544 | sizeof(req), &req); | 545 | sizeof(req), &req); |
@@ -546,10 +547,10 @@ static void l2cap_conn_start(struct l2cap_conn *conn) | |||
546 | } else if (sk->sk_state == BT_CONNECT2) { | 547 | } else if (sk->sk_state == BT_CONNECT2) { |
547 | struct l2cap_conn_rsp rsp; | 548 | struct l2cap_conn_rsp rsp; |
548 | char buf[128]; | 549 | char buf[128]; |
549 | rsp.scid = cpu_to_le16(l2cap_pi(sk)->dcid); | 550 | rsp.scid = cpu_to_le16(chan->dcid); |
550 | rsp.dcid = cpu_to_le16(l2cap_pi(sk)->scid); | 551 | rsp.dcid = cpu_to_le16(chan->scid); |
551 | 552 | ||
552 | if (l2cap_check_security(sk)) { | 553 | if (l2cap_check_security(chan)) { |
553 | if (bt_sk(sk)->defer_setup) { | 554 | if (bt_sk(sk)->defer_setup) { |
554 | struct sock *parent = bt_sk(sk)->parent; | 555 | struct sock *parent = bt_sk(sk)->parent; |
555 | rsp.result = cpu_to_le16(L2CAP_CR_PEND); | 556 | rsp.result = cpu_to_le16(L2CAP_CR_PEND); |
@@ -569,13 +570,13 @@ static void l2cap_conn_start(struct l2cap_conn *conn) | |||
569 | l2cap_send_cmd(conn, chan->ident, L2CAP_CONN_RSP, | 570 | l2cap_send_cmd(conn, chan->ident, L2CAP_CONN_RSP, |
570 | sizeof(rsp), &rsp); | 571 | sizeof(rsp), &rsp); |
571 | 572 | ||
572 | if (l2cap_pi(sk)->conf_state & L2CAP_CONF_REQ_SENT || | 573 | if (chan->conf_state & L2CAP_CONF_REQ_SENT || |
573 | rsp.result != L2CAP_CR_SUCCESS) { | 574 | rsp.result != L2CAP_CR_SUCCESS) { |
574 | bh_unlock_sock(sk); | 575 | bh_unlock_sock(sk); |
575 | continue; | 576 | continue; |
576 | } | 577 | } |
577 | 578 | ||
578 | l2cap_pi(sk)->conf_state |= L2CAP_CONF_REQ_SENT; | 579 | chan->conf_state |= L2CAP_CONF_REQ_SENT; |
579 | l2cap_send_cmd(conn, l2cap_get_ident(conn), L2CAP_CONF_REQ, | 580 | l2cap_send_cmd(conn, l2cap_get_ident(conn), L2CAP_CONF_REQ, |
580 | l2cap_build_conf_req(chan, buf), buf); | 581 | l2cap_build_conf_req(chan, buf), buf); |
581 | chan->num_conf_req++; | 582 | chan->num_conf_req++; |
@@ -598,10 +599,12 @@ static struct sock *l2cap_get_sock_by_scid(int state, __le16 cid, bdaddr_t *src) | |||
598 | read_lock(&l2cap_sk_list.lock); | 599 | read_lock(&l2cap_sk_list.lock); |
599 | 600 | ||
600 | sk_for_each(sk, node, &l2cap_sk_list.head) { | 601 | sk_for_each(sk, node, &l2cap_sk_list.head) { |
602 | struct l2cap_chan *chan = l2cap_pi(sk)->chan; | ||
603 | |||
601 | if (state && sk->sk_state != state) | 604 | if (state && sk->sk_state != state) |
602 | continue; | 605 | continue; |
603 | 606 | ||
604 | if (l2cap_pi(sk)->scid == cid) { | 607 | if (chan->scid == cid) { |
605 | /* Exact match. */ | 608 | /* Exact match. */ |
606 | if (!bacmp(&bt_sk(sk)->src, src)) | 609 | if (!bacmp(&bt_sk(sk)->src, src)) |
607 | break; | 610 | break; |
@@ -648,6 +651,8 @@ static void l2cap_le_conn_ready(struct l2cap_conn *conn) | |||
648 | goto clean; | 651 | goto clean; |
649 | } | 652 | } |
650 | 653 | ||
654 | l2cap_pi(sk)->chan = chan; | ||
655 | |||
651 | write_lock_bh(&conn->chan_lock); | 656 | write_lock_bh(&conn->chan_lock); |
652 | 657 | ||
653 | hci_conn_hold(conn->hcon); | 658 | hci_conn_hold(conn->hcon); |
@@ -661,8 +666,6 @@ static void l2cap_le_conn_ready(struct l2cap_conn *conn) | |||
661 | 666 | ||
662 | __l2cap_chan_add(conn, chan); | 667 | __l2cap_chan_add(conn, chan); |
663 | 668 | ||
664 | l2cap_pi(sk)->chan = chan; | ||
665 | |||
666 | l2cap_sock_set_timer(sk, sk->sk_sndtimeo); | 669 | l2cap_sock_set_timer(sk, sk->sk_sndtimeo); |
667 | 670 | ||
668 | sk->sk_state = BT_CONNECTED; | 671 | sk->sk_state = BT_CONNECTED; |
@@ -722,7 +725,7 @@ static void l2cap_conn_unreliable(struct l2cap_conn *conn, int err) | |||
722 | list_for_each_entry(chan, &conn->chan_l, list) { | 725 | list_for_each_entry(chan, &conn->chan_l, list) { |
723 | struct sock *sk = chan->sk; | 726 | struct sock *sk = chan->sk; |
724 | 727 | ||
725 | if (l2cap_pi(sk)->force_reliable) | 728 | if (chan->force_reliable) |
726 | sk->sk_err = err; | 729 | sk->sk_err = err; |
727 | } | 730 | } |
728 | 731 | ||
@@ -828,10 +831,12 @@ static struct sock *l2cap_get_sock_by_psm(int state, __le16 psm, bdaddr_t *src) | |||
828 | read_lock(&l2cap_sk_list.lock); | 831 | read_lock(&l2cap_sk_list.lock); |
829 | 832 | ||
830 | sk_for_each(sk, node, &l2cap_sk_list.head) { | 833 | sk_for_each(sk, node, &l2cap_sk_list.head) { |
834 | struct l2cap_chan *chan = l2cap_pi(sk)->chan; | ||
835 | |||
831 | if (state && sk->sk_state != state) | 836 | if (state && sk->sk_state != state) |
832 | continue; | 837 | continue; |
833 | 838 | ||
834 | if (l2cap_pi(sk)->psm == psm) { | 839 | if (chan->psm == psm) { |
835 | /* Exact match. */ | 840 | /* Exact match. */ |
836 | if (!bacmp(&bt_sk(sk)->src, src)) | 841 | if (!bacmp(&bt_sk(sk)->src, src)) |
837 | break; | 842 | break; |
@@ -847,19 +852,19 @@ static struct sock *l2cap_get_sock_by_psm(int state, __le16 psm, bdaddr_t *src) | |||
847 | return node ? sk : sk1; | 852 | return node ? sk : sk1; |
848 | } | 853 | } |
849 | 854 | ||
850 | int l2cap_do_connect(struct sock *sk) | 855 | int l2cap_chan_connect(struct l2cap_chan *chan) |
851 | { | 856 | { |
857 | struct sock *sk = chan->sk; | ||
852 | bdaddr_t *src = &bt_sk(sk)->src; | 858 | bdaddr_t *src = &bt_sk(sk)->src; |
853 | bdaddr_t *dst = &bt_sk(sk)->dst; | 859 | bdaddr_t *dst = &bt_sk(sk)->dst; |
854 | struct l2cap_conn *conn; | 860 | struct l2cap_conn *conn; |
855 | struct l2cap_chan *chan; | ||
856 | struct hci_conn *hcon; | 861 | struct hci_conn *hcon; |
857 | struct hci_dev *hdev; | 862 | struct hci_dev *hdev; |
858 | __u8 auth_type; | 863 | __u8 auth_type; |
859 | int err; | 864 | int err; |
860 | 865 | ||
861 | BT_DBG("%s -> %s psm 0x%2.2x", batostr(src), batostr(dst), | 866 | BT_DBG("%s -> %s psm 0x%2.2x", batostr(src), batostr(dst), |
862 | l2cap_pi(sk)->psm); | 867 | chan->psm); |
863 | 868 | ||
864 | hdev = hci_get_route(dst, src); | 869 | hdev = hci_get_route(dst, src); |
865 | if (!hdev) | 870 | if (!hdev) |
@@ -867,14 +872,14 @@ int l2cap_do_connect(struct sock *sk) | |||
867 | 872 | ||
868 | hci_dev_lock_bh(hdev); | 873 | hci_dev_lock_bh(hdev); |
869 | 874 | ||
870 | auth_type = l2cap_get_auth_type(sk); | 875 | auth_type = l2cap_get_auth_type(chan); |
871 | 876 | ||
872 | if (l2cap_pi(sk)->dcid == L2CAP_CID_LE_DATA) | 877 | if (chan->dcid == L2CAP_CID_LE_DATA) |
873 | hcon = hci_connect(hdev, LE_LINK, dst, | 878 | hcon = hci_connect(hdev, LE_LINK, dst, |
874 | l2cap_pi(sk)->sec_level, auth_type); | 879 | chan->sec_level, auth_type); |
875 | else | 880 | else |
876 | hcon = hci_connect(hdev, ACL_LINK, dst, | 881 | hcon = hci_connect(hdev, ACL_LINK, dst, |
877 | l2cap_pi(sk)->sec_level, auth_type); | 882 | chan->sec_level, auth_type); |
878 | 883 | ||
879 | if (IS_ERR(hcon)) { | 884 | if (IS_ERR(hcon)) { |
880 | err = PTR_ERR(hcon); | 885 | err = PTR_ERR(hcon); |
@@ -888,20 +893,11 @@ int l2cap_do_connect(struct sock *sk) | |||
888 | goto done; | 893 | goto done; |
889 | } | 894 | } |
890 | 895 | ||
891 | chan = l2cap_chan_alloc(sk); | ||
892 | if (!chan) { | ||
893 | hci_conn_put(hcon); | ||
894 | err = -ENOMEM; | ||
895 | goto done; | ||
896 | } | ||
897 | |||
898 | /* Update source addr of the socket */ | 896 | /* Update source addr of the socket */ |
899 | bacpy(src, conn->src); | 897 | bacpy(src, conn->src); |
900 | 898 | ||
901 | l2cap_chan_add(conn, chan); | 899 | l2cap_chan_add(conn, chan); |
902 | 900 | ||
903 | l2cap_pi(sk)->chan = chan; | ||
904 | |||
905 | sk->sk_state = BT_CONNECT; | 901 | sk->sk_state = BT_CONNECT; |
906 | l2cap_sock_set_timer(sk, sk->sk_sndtimeo); | 902 | l2cap_sock_set_timer(sk, sk->sk_sndtimeo); |
907 | 903 | ||
@@ -909,7 +905,7 @@ int l2cap_do_connect(struct sock *sk) | |||
909 | if (sk->sk_type != SOCK_SEQPACKET && | 905 | if (sk->sk_type != SOCK_SEQPACKET && |
910 | sk->sk_type != SOCK_STREAM) { | 906 | sk->sk_type != SOCK_STREAM) { |
911 | l2cap_sock_clear_timer(sk); | 907 | l2cap_sock_clear_timer(sk); |
912 | if (l2cap_check_security(sk)) | 908 | if (l2cap_check_security(chan)) |
913 | sk->sk_state = BT_CONNECTED; | 909 | sk->sk_state = BT_CONNECTED; |
914 | } else | 910 | } else |
915 | l2cap_do_start(chan); | 911 | l2cap_do_start(chan); |
@@ -925,12 +921,13 @@ done: | |||
925 | 921 | ||
926 | int __l2cap_wait_ack(struct sock *sk) | 922 | int __l2cap_wait_ack(struct sock *sk) |
927 | { | 923 | { |
924 | struct l2cap_chan *chan = l2cap_pi(sk)->chan; | ||
928 | DECLARE_WAITQUEUE(wait, current); | 925 | DECLARE_WAITQUEUE(wait, current); |
929 | int err = 0; | 926 | int err = 0; |
930 | int timeo = HZ/5; | 927 | int timeo = HZ/5; |
931 | 928 | ||
932 | add_wait_queue(sk_sleep(sk), &wait); | 929 | add_wait_queue(sk_sleep(sk), &wait); |
933 | while ((l2cap_pi(sk)->chan->unacked_frames > 0 && l2cap_pi(sk)->conn)) { | 930 | while ((chan->unacked_frames > 0 && chan->conn)) { |
934 | set_current_state(TASK_INTERRUPTIBLE); | 931 | set_current_state(TASK_INTERRUPTIBLE); |
935 | 932 | ||
936 | if (!timeo) | 933 | if (!timeo) |
@@ -963,7 +960,7 @@ static void l2cap_monitor_timeout(unsigned long arg) | |||
963 | 960 | ||
964 | bh_lock_sock(sk); | 961 | bh_lock_sock(sk); |
965 | if (chan->retry_count >= chan->remote_max_tx) { | 962 | if (chan->retry_count >= chan->remote_max_tx) { |
966 | l2cap_send_disconn_req(l2cap_pi(sk)->conn, chan, ECONNABORTED); | 963 | l2cap_send_disconn_req(chan->conn, chan, ECONNABORTED); |
967 | bh_unlock_sock(sk); | 964 | bh_unlock_sock(sk); |
968 | return; | 965 | return; |
969 | } | 966 | } |
@@ -1011,15 +1008,14 @@ static void l2cap_drop_acked_frames(struct l2cap_chan *chan) | |||
1011 | del_timer(&chan->retrans_timer); | 1008 | del_timer(&chan->retrans_timer); |
1012 | } | 1009 | } |
1013 | 1010 | ||
1014 | void l2cap_do_send(struct sock *sk, struct sk_buff *skb) | 1011 | void l2cap_do_send(struct l2cap_chan *chan, struct sk_buff *skb) |
1015 | { | 1012 | { |
1016 | struct l2cap_pinfo *pi = l2cap_pi(sk); | 1013 | struct hci_conn *hcon = chan->conn->hcon; |
1017 | struct hci_conn *hcon = pi->conn->hcon; | ||
1018 | u16 flags; | 1014 | u16 flags; |
1019 | 1015 | ||
1020 | BT_DBG("sk %p, skb %p len %d", sk, skb, skb->len); | 1016 | BT_DBG("chan %p, skb %p len %d", chan, skb, skb->len); |
1021 | 1017 | ||
1022 | if (!pi->flushable && lmp_no_flush_capable(hcon->hdev)) | 1018 | if (!chan->flushable && lmp_no_flush_capable(hcon->hdev)) |
1023 | flags = ACL_START_NO_FLUSH; | 1019 | flags = ACL_START_NO_FLUSH; |
1024 | else | 1020 | else |
1025 | flags = ACL_START; | 1021 | flags = ACL_START; |
@@ -1029,9 +1025,7 @@ void l2cap_do_send(struct sock *sk, struct sk_buff *skb) | |||
1029 | 1025 | ||
1030 | void l2cap_streaming_send(struct l2cap_chan *chan) | 1026 | void l2cap_streaming_send(struct l2cap_chan *chan) |
1031 | { | 1027 | { |
1032 | struct sock *sk = chan->sk; | ||
1033 | struct sk_buff *skb; | 1028 | struct sk_buff *skb; |
1034 | struct l2cap_pinfo *pi = l2cap_pi(sk); | ||
1035 | u16 control, fcs; | 1029 | u16 control, fcs; |
1036 | 1030 | ||
1037 | while ((skb = skb_dequeue(&chan->tx_q))) { | 1031 | while ((skb = skb_dequeue(&chan->tx_q))) { |
@@ -1039,12 +1033,12 @@ void l2cap_streaming_send(struct l2cap_chan *chan) | |||
1039 | control |= chan->next_tx_seq << L2CAP_CTRL_TXSEQ_SHIFT; | 1033 | control |= chan->next_tx_seq << L2CAP_CTRL_TXSEQ_SHIFT; |
1040 | put_unaligned_le16(control, skb->data + L2CAP_HDR_SIZE); | 1034 | put_unaligned_le16(control, skb->data + L2CAP_HDR_SIZE); |
1041 | 1035 | ||
1042 | if (pi->fcs == L2CAP_FCS_CRC16) { | 1036 | if (chan->fcs == L2CAP_FCS_CRC16) { |
1043 | fcs = crc16(0, (u8 *)skb->data, skb->len - 2); | 1037 | fcs = crc16(0, (u8 *)skb->data, skb->len - 2); |
1044 | put_unaligned_le16(fcs, skb->data + skb->len - 2); | 1038 | put_unaligned_le16(fcs, skb->data + skb->len - 2); |
1045 | } | 1039 | } |
1046 | 1040 | ||
1047 | l2cap_do_send(sk, skb); | 1041 | l2cap_do_send(chan, skb); |
1048 | 1042 | ||
1049 | chan->next_tx_seq = (chan->next_tx_seq + 1) % 64; | 1043 | chan->next_tx_seq = (chan->next_tx_seq + 1) % 64; |
1050 | } | 1044 | } |
@@ -1052,8 +1046,6 @@ void l2cap_streaming_send(struct l2cap_chan *chan) | |||
1052 | 1046 | ||
1053 | static void l2cap_retransmit_one_frame(struct l2cap_chan *chan, u8 tx_seq) | 1047 | static void l2cap_retransmit_one_frame(struct l2cap_chan *chan, u8 tx_seq) |
1054 | { | 1048 | { |
1055 | struct sock *sk = chan->sk; | ||
1056 | struct l2cap_pinfo *pi = l2cap_pi(sk); | ||
1057 | struct sk_buff *skb, *tx_skb; | 1049 | struct sk_buff *skb, *tx_skb; |
1058 | u16 control, fcs; | 1050 | u16 control, fcs; |
1059 | 1051 | ||
@@ -1072,7 +1064,7 @@ static void l2cap_retransmit_one_frame(struct l2cap_chan *chan, u8 tx_seq) | |||
1072 | 1064 | ||
1073 | if (chan->remote_max_tx && | 1065 | if (chan->remote_max_tx && |
1074 | bt_cb(skb)->retries == chan->remote_max_tx) { | 1066 | bt_cb(skb)->retries == chan->remote_max_tx) { |
1075 | l2cap_send_disconn_req(pi->conn, chan, ECONNABORTED); | 1067 | l2cap_send_disconn_req(chan->conn, chan, ECONNABORTED); |
1076 | return; | 1068 | return; |
1077 | } | 1069 | } |
1078 | 1070 | ||
@@ -1091,19 +1083,18 @@ static void l2cap_retransmit_one_frame(struct l2cap_chan *chan, u8 tx_seq) | |||
1091 | 1083 | ||
1092 | put_unaligned_le16(control, tx_skb->data + L2CAP_HDR_SIZE); | 1084 | put_unaligned_le16(control, tx_skb->data + L2CAP_HDR_SIZE); |
1093 | 1085 | ||
1094 | if (pi->fcs == L2CAP_FCS_CRC16) { | 1086 | if (chan->fcs == L2CAP_FCS_CRC16) { |
1095 | fcs = crc16(0, (u8 *)tx_skb->data, tx_skb->len - 2); | 1087 | fcs = crc16(0, (u8 *)tx_skb->data, tx_skb->len - 2); |
1096 | put_unaligned_le16(fcs, tx_skb->data + tx_skb->len - 2); | 1088 | put_unaligned_le16(fcs, tx_skb->data + tx_skb->len - 2); |
1097 | } | 1089 | } |
1098 | 1090 | ||
1099 | l2cap_do_send(sk, tx_skb); | 1091 | l2cap_do_send(chan, tx_skb); |
1100 | } | 1092 | } |
1101 | 1093 | ||
1102 | int l2cap_ertm_send(struct l2cap_chan *chan) | 1094 | int l2cap_ertm_send(struct l2cap_chan *chan) |
1103 | { | 1095 | { |
1104 | struct sk_buff *skb, *tx_skb; | 1096 | struct sk_buff *skb, *tx_skb; |
1105 | struct sock *sk = chan->sk; | 1097 | struct sock *sk = chan->sk; |
1106 | struct l2cap_pinfo *pi = l2cap_pi(sk); | ||
1107 | u16 control, fcs; | 1098 | u16 control, fcs; |
1108 | int nsent = 0; | 1099 | int nsent = 0; |
1109 | 1100 | ||
@@ -1114,7 +1105,7 @@ int l2cap_ertm_send(struct l2cap_chan *chan) | |||
1114 | 1105 | ||
1115 | if (chan->remote_max_tx && | 1106 | if (chan->remote_max_tx && |
1116 | bt_cb(skb)->retries == chan->remote_max_tx) { | 1107 | bt_cb(skb)->retries == chan->remote_max_tx) { |
1117 | l2cap_send_disconn_req(pi->conn, chan, ECONNABORTED); | 1108 | l2cap_send_disconn_req(chan->conn, chan, ECONNABORTED); |
1118 | break; | 1109 | break; |
1119 | } | 1110 | } |
1120 | 1111 | ||
@@ -1134,12 +1125,12 @@ int l2cap_ertm_send(struct l2cap_chan *chan) | |||
1134 | put_unaligned_le16(control, tx_skb->data + L2CAP_HDR_SIZE); | 1125 | put_unaligned_le16(control, tx_skb->data + L2CAP_HDR_SIZE); |
1135 | 1126 | ||
1136 | 1127 | ||
1137 | if (pi->fcs == L2CAP_FCS_CRC16) { | 1128 | if (chan->fcs == L2CAP_FCS_CRC16) { |
1138 | fcs = crc16(0, (u8 *)skb->data, tx_skb->len - 2); | 1129 | fcs = crc16(0, (u8 *)skb->data, tx_skb->len - 2); |
1139 | put_unaligned_le16(fcs, skb->data + tx_skb->len - 2); | 1130 | put_unaligned_le16(fcs, skb->data + tx_skb->len - 2); |
1140 | } | 1131 | } |
1141 | 1132 | ||
1142 | l2cap_do_send(sk, tx_skb); | 1133 | l2cap_do_send(chan, tx_skb); |
1143 | 1134 | ||
1144 | __mod_retrans_timer(); | 1135 | __mod_retrans_timer(); |
1145 | 1136 | ||
@@ -1210,7 +1201,7 @@ static void l2cap_send_srejtail(struct l2cap_chan *chan) | |||
1210 | 1201 | ||
1211 | static inline int l2cap_skbuff_fromiovec(struct sock *sk, struct msghdr *msg, int len, int count, struct sk_buff *skb) | 1202 | static inline int l2cap_skbuff_fromiovec(struct sock *sk, struct msghdr *msg, int len, int count, struct sk_buff *skb) |
1212 | { | 1203 | { |
1213 | struct l2cap_conn *conn = l2cap_pi(sk)->conn; | 1204 | struct l2cap_conn *conn = l2cap_pi(sk)->chan->conn; |
1214 | struct sk_buff **frag; | 1205 | struct sk_buff **frag; |
1215 | int err, sent = 0; | 1206 | int err, sent = 0; |
1216 | 1207 | ||
@@ -1240,9 +1231,10 @@ static inline int l2cap_skbuff_fromiovec(struct sock *sk, struct msghdr *msg, in | |||
1240 | return sent; | 1231 | return sent; |
1241 | } | 1232 | } |
1242 | 1233 | ||
1243 | struct sk_buff *l2cap_create_connless_pdu(struct sock *sk, struct msghdr *msg, size_t len) | 1234 | struct sk_buff *l2cap_create_connless_pdu(struct l2cap_chan *chan, struct msghdr *msg, size_t len) |
1244 | { | 1235 | { |
1245 | struct l2cap_conn *conn = l2cap_pi(sk)->conn; | 1236 | struct sock *sk = chan->sk; |
1237 | struct l2cap_conn *conn = chan->conn; | ||
1246 | struct sk_buff *skb; | 1238 | struct sk_buff *skb; |
1247 | int err, count, hlen = L2CAP_HDR_SIZE + 2; | 1239 | int err, count, hlen = L2CAP_HDR_SIZE + 2; |
1248 | struct l2cap_hdr *lh; | 1240 | struct l2cap_hdr *lh; |
@@ -1257,9 +1249,9 @@ struct sk_buff *l2cap_create_connless_pdu(struct sock *sk, struct msghdr *msg, s | |||
1257 | 1249 | ||
1258 | /* Create L2CAP header */ | 1250 | /* Create L2CAP header */ |
1259 | lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE); | 1251 | lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE); |
1260 | lh->cid = cpu_to_le16(l2cap_pi(sk)->dcid); | 1252 | lh->cid = cpu_to_le16(chan->dcid); |
1261 | lh->len = cpu_to_le16(len + (hlen - L2CAP_HDR_SIZE)); | 1253 | lh->len = cpu_to_le16(len + (hlen - L2CAP_HDR_SIZE)); |
1262 | put_unaligned_le16(l2cap_pi(sk)->psm, skb_put(skb, 2)); | 1254 | put_unaligned_le16(chan->psm, skb_put(skb, 2)); |
1263 | 1255 | ||
1264 | err = l2cap_skbuff_fromiovec(sk, msg, len, count, skb); | 1256 | err = l2cap_skbuff_fromiovec(sk, msg, len, count, skb); |
1265 | if (unlikely(err < 0)) { | 1257 | if (unlikely(err < 0)) { |
@@ -1269,9 +1261,10 @@ struct sk_buff *l2cap_create_connless_pdu(struct sock *sk, struct msghdr *msg, s | |||
1269 | return skb; | 1261 | return skb; |
1270 | } | 1262 | } |
1271 | 1263 | ||
1272 | struct sk_buff *l2cap_create_basic_pdu(struct sock *sk, struct msghdr *msg, size_t len) | 1264 | struct sk_buff *l2cap_create_basic_pdu(struct l2cap_chan *chan, struct msghdr *msg, size_t len) |
1273 | { | 1265 | { |
1274 | struct l2cap_conn *conn = l2cap_pi(sk)->conn; | 1266 | struct sock *sk = chan->sk; |
1267 | struct l2cap_conn *conn = chan->conn; | ||
1275 | struct sk_buff *skb; | 1268 | struct sk_buff *skb; |
1276 | int err, count, hlen = L2CAP_HDR_SIZE; | 1269 | int err, count, hlen = L2CAP_HDR_SIZE; |
1277 | struct l2cap_hdr *lh; | 1270 | struct l2cap_hdr *lh; |
@@ -1286,7 +1279,7 @@ struct sk_buff *l2cap_create_basic_pdu(struct sock *sk, struct msghdr *msg, size | |||
1286 | 1279 | ||
1287 | /* Create L2CAP header */ | 1280 | /* Create L2CAP header */ |
1288 | lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE); | 1281 | lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE); |
1289 | lh->cid = cpu_to_le16(l2cap_pi(sk)->dcid); | 1282 | lh->cid = cpu_to_le16(chan->dcid); |
1290 | lh->len = cpu_to_le16(len + (hlen - L2CAP_HDR_SIZE)); | 1283 | lh->len = cpu_to_le16(len + (hlen - L2CAP_HDR_SIZE)); |
1291 | 1284 | ||
1292 | err = l2cap_skbuff_fromiovec(sk, msg, len, count, skb); | 1285 | err = l2cap_skbuff_fromiovec(sk, msg, len, count, skb); |
@@ -1297,9 +1290,10 @@ struct sk_buff *l2cap_create_basic_pdu(struct sock *sk, struct msghdr *msg, size | |||
1297 | return skb; | 1290 | return skb; |
1298 | } | 1291 | } |
1299 | 1292 | ||
1300 | struct sk_buff *l2cap_create_iframe_pdu(struct sock *sk, struct msghdr *msg, size_t len, u16 control, u16 sdulen) | 1293 | struct sk_buff *l2cap_create_iframe_pdu(struct l2cap_chan *chan, struct msghdr *msg, size_t len, u16 control, u16 sdulen) |
1301 | { | 1294 | { |
1302 | struct l2cap_conn *conn = l2cap_pi(sk)->conn; | 1295 | struct sock *sk = chan->sk; |
1296 | struct l2cap_conn *conn = chan->conn; | ||
1303 | struct sk_buff *skb; | 1297 | struct sk_buff *skb; |
1304 | int err, count, hlen = L2CAP_HDR_SIZE + 2; | 1298 | int err, count, hlen = L2CAP_HDR_SIZE + 2; |
1305 | struct l2cap_hdr *lh; | 1299 | struct l2cap_hdr *lh; |
@@ -1312,7 +1306,7 @@ struct sk_buff *l2cap_create_iframe_pdu(struct sock *sk, struct msghdr *msg, siz | |||
1312 | if (sdulen) | 1306 | if (sdulen) |
1313 | hlen += 2; | 1307 | hlen += 2; |
1314 | 1308 | ||
1315 | if (l2cap_pi(sk)->fcs == L2CAP_FCS_CRC16) | 1309 | if (chan->fcs == L2CAP_FCS_CRC16) |
1316 | hlen += 2; | 1310 | hlen += 2; |
1317 | 1311 | ||
1318 | count = min_t(unsigned int, (conn->mtu - hlen), len); | 1312 | count = min_t(unsigned int, (conn->mtu - hlen), len); |
@@ -1323,7 +1317,7 @@ struct sk_buff *l2cap_create_iframe_pdu(struct sock *sk, struct msghdr *msg, siz | |||
1323 | 1317 | ||
1324 | /* Create L2CAP header */ | 1318 | /* Create L2CAP header */ |
1325 | lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE); | 1319 | lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE); |
1326 | lh->cid = cpu_to_le16(l2cap_pi(sk)->dcid); | 1320 | lh->cid = cpu_to_le16(chan->dcid); |
1327 | lh->len = cpu_to_le16(len + (hlen - L2CAP_HDR_SIZE)); | 1321 | lh->len = cpu_to_le16(len + (hlen - L2CAP_HDR_SIZE)); |
1328 | put_unaligned_le16(control, skb_put(skb, 2)); | 1322 | put_unaligned_le16(control, skb_put(skb, 2)); |
1329 | if (sdulen) | 1323 | if (sdulen) |
@@ -1335,7 +1329,7 @@ struct sk_buff *l2cap_create_iframe_pdu(struct sock *sk, struct msghdr *msg, siz | |||
1335 | return ERR_PTR(err); | 1329 | return ERR_PTR(err); |
1336 | } | 1330 | } |
1337 | 1331 | ||
1338 | if (l2cap_pi(sk)->fcs == L2CAP_FCS_CRC16) | 1332 | if (chan->fcs == L2CAP_FCS_CRC16) |
1339 | put_unaligned_le16(0, skb_put(skb, 2)); | 1333 | put_unaligned_le16(0, skb_put(skb, 2)); |
1340 | 1334 | ||
1341 | bt_cb(skb)->retries = 0; | 1335 | bt_cb(skb)->retries = 0; |
@@ -1344,7 +1338,6 @@ struct sk_buff *l2cap_create_iframe_pdu(struct sock *sk, struct msghdr *msg, siz | |||
1344 | 1338 | ||
1345 | int l2cap_sar_segment_sdu(struct l2cap_chan *chan, struct msghdr *msg, size_t len) | 1339 | int l2cap_sar_segment_sdu(struct l2cap_chan *chan, struct msghdr *msg, size_t len) |
1346 | { | 1340 | { |
1347 | struct sock *sk = chan->sk; | ||
1348 | struct sk_buff *skb; | 1341 | struct sk_buff *skb; |
1349 | struct sk_buff_head sar_queue; | 1342 | struct sk_buff_head sar_queue; |
1350 | u16 control; | 1343 | u16 control; |
@@ -1352,7 +1345,7 @@ int l2cap_sar_segment_sdu(struct l2cap_chan *chan, struct msghdr *msg, size_t le | |||
1352 | 1345 | ||
1353 | skb_queue_head_init(&sar_queue); | 1346 | skb_queue_head_init(&sar_queue); |
1354 | control = L2CAP_SDU_START; | 1347 | control = L2CAP_SDU_START; |
1355 | skb = l2cap_create_iframe_pdu(sk, msg, chan->remote_mps, control, len); | 1348 | skb = l2cap_create_iframe_pdu(chan, msg, chan->remote_mps, control, len); |
1356 | if (IS_ERR(skb)) | 1349 | if (IS_ERR(skb)) |
1357 | return PTR_ERR(skb); | 1350 | return PTR_ERR(skb); |
1358 | 1351 | ||
@@ -1371,7 +1364,7 @@ int l2cap_sar_segment_sdu(struct l2cap_chan *chan, struct msghdr *msg, size_t le | |||
1371 | buflen = len; | 1364 | buflen = len; |
1372 | } | 1365 | } |
1373 | 1366 | ||
1374 | skb = l2cap_create_iframe_pdu(sk, msg, buflen, control, 0); | 1367 | skb = l2cap_create_iframe_pdu(chan, msg, buflen, control, 0); |
1375 | if (IS_ERR(skb)) { | 1368 | if (IS_ERR(skb)) { |
1376 | skb_queue_purge(&sar_queue); | 1369 | skb_queue_purge(&sar_queue); |
1377 | return PTR_ERR(skb); | 1370 | return PTR_ERR(skb); |
@@ -1391,10 +1384,11 @@ int l2cap_sar_segment_sdu(struct l2cap_chan *chan, struct msghdr *msg, size_t le | |||
1391 | static void l2cap_chan_ready(struct sock *sk) | 1384 | static void l2cap_chan_ready(struct sock *sk) |
1392 | { | 1385 | { |
1393 | struct sock *parent = bt_sk(sk)->parent; | 1386 | struct sock *parent = bt_sk(sk)->parent; |
1387 | struct l2cap_chan *chan = l2cap_pi(sk)->chan; | ||
1394 | 1388 | ||
1395 | BT_DBG("sk %p, parent %p", sk, parent); | 1389 | BT_DBG("sk %p, parent %p", sk, parent); |
1396 | 1390 | ||
1397 | l2cap_pi(sk)->conf_state = 0; | 1391 | chan->conf_state = 0; |
1398 | l2cap_sock_clear_timer(sk); | 1392 | l2cap_sock_clear_timer(sk); |
1399 | 1393 | ||
1400 | if (!parent) { | 1394 | if (!parent) { |
@@ -1615,9 +1609,8 @@ static inline __u8 l2cap_select_mode(__u8 mode, __u16 remote_feat_mask) | |||
1615 | 1609 | ||
1616 | static int l2cap_build_conf_req(struct l2cap_chan *chan, void *data) | 1610 | static int l2cap_build_conf_req(struct l2cap_chan *chan, void *data) |
1617 | { | 1611 | { |
1618 | struct l2cap_pinfo *pi = l2cap_pi(chan->sk); | ||
1619 | struct l2cap_conf_req *req = data; | 1612 | struct l2cap_conf_req *req = data; |
1620 | struct l2cap_conf_rfc rfc = { .mode = pi->mode }; | 1613 | struct l2cap_conf_rfc rfc = { .mode = chan->mode }; |
1621 | void *ptr = req->data; | 1614 | void *ptr = req->data; |
1622 | 1615 | ||
1623 | BT_DBG("chan %p", chan); | 1616 | BT_DBG("chan %p", chan); |
@@ -1625,26 +1618,26 @@ static int l2cap_build_conf_req(struct l2cap_chan *chan, void *data) | |||
1625 | if (chan->num_conf_req || chan->num_conf_rsp) | 1618 | if (chan->num_conf_req || chan->num_conf_rsp) |
1626 | goto done; | 1619 | goto done; |
1627 | 1620 | ||
1628 | switch (pi->mode) { | 1621 | switch (chan->mode) { |
1629 | case L2CAP_MODE_STREAMING: | 1622 | case L2CAP_MODE_STREAMING: |
1630 | case L2CAP_MODE_ERTM: | 1623 | case L2CAP_MODE_ERTM: |
1631 | if (pi->conf_state & L2CAP_CONF_STATE2_DEVICE) | 1624 | if (chan->conf_state & L2CAP_CONF_STATE2_DEVICE) |
1632 | break; | 1625 | break; |
1633 | 1626 | ||
1634 | /* fall through */ | 1627 | /* fall through */ |
1635 | default: | 1628 | default: |
1636 | pi->mode = l2cap_select_mode(rfc.mode, pi->conn->feat_mask); | 1629 | chan->mode = l2cap_select_mode(rfc.mode, chan->conn->feat_mask); |
1637 | break; | 1630 | break; |
1638 | } | 1631 | } |
1639 | 1632 | ||
1640 | done: | 1633 | done: |
1641 | if (pi->imtu != L2CAP_DEFAULT_MTU) | 1634 | if (chan->imtu != L2CAP_DEFAULT_MTU) |
1642 | l2cap_add_conf_opt(&ptr, L2CAP_CONF_MTU, 2, pi->imtu); | 1635 | l2cap_add_conf_opt(&ptr, L2CAP_CONF_MTU, 2, chan->imtu); |
1643 | 1636 | ||
1644 | switch (pi->mode) { | 1637 | switch (chan->mode) { |
1645 | case L2CAP_MODE_BASIC: | 1638 | case L2CAP_MODE_BASIC: |
1646 | if (!(pi->conn->feat_mask & L2CAP_FEAT_ERTM) && | 1639 | if (!(chan->conn->feat_mask & L2CAP_FEAT_ERTM) && |
1647 | !(pi->conn->feat_mask & L2CAP_FEAT_STREAMING)) | 1640 | !(chan->conn->feat_mask & L2CAP_FEAT_STREAMING)) |
1648 | break; | 1641 | break; |
1649 | 1642 | ||
1650 | rfc.mode = L2CAP_MODE_BASIC; | 1643 | rfc.mode = L2CAP_MODE_BASIC; |
@@ -1660,24 +1653,24 @@ done: | |||
1660 | 1653 | ||
1661 | case L2CAP_MODE_ERTM: | 1654 | case L2CAP_MODE_ERTM: |
1662 | rfc.mode = L2CAP_MODE_ERTM; | 1655 | rfc.mode = L2CAP_MODE_ERTM; |
1663 | rfc.txwin_size = pi->tx_win; | 1656 | rfc.txwin_size = chan->tx_win; |
1664 | rfc.max_transmit = pi->max_tx; | 1657 | rfc.max_transmit = chan->max_tx; |
1665 | rfc.retrans_timeout = 0; | 1658 | rfc.retrans_timeout = 0; |
1666 | rfc.monitor_timeout = 0; | 1659 | rfc.monitor_timeout = 0; |
1667 | rfc.max_pdu_size = cpu_to_le16(L2CAP_DEFAULT_MAX_PDU_SIZE); | 1660 | rfc.max_pdu_size = cpu_to_le16(L2CAP_DEFAULT_MAX_PDU_SIZE); |
1668 | if (L2CAP_DEFAULT_MAX_PDU_SIZE > pi->conn->mtu - 10) | 1661 | if (L2CAP_DEFAULT_MAX_PDU_SIZE > chan->conn->mtu - 10) |
1669 | rfc.max_pdu_size = cpu_to_le16(pi->conn->mtu - 10); | 1662 | rfc.max_pdu_size = cpu_to_le16(chan->conn->mtu - 10); |
1670 | 1663 | ||
1671 | l2cap_add_conf_opt(&ptr, L2CAP_CONF_RFC, sizeof(rfc), | 1664 | l2cap_add_conf_opt(&ptr, L2CAP_CONF_RFC, sizeof(rfc), |
1672 | (unsigned long) &rfc); | 1665 | (unsigned long) &rfc); |
1673 | 1666 | ||
1674 | if (!(pi->conn->feat_mask & L2CAP_FEAT_FCS)) | 1667 | if (!(chan->conn->feat_mask & L2CAP_FEAT_FCS)) |
1675 | break; | 1668 | break; |
1676 | 1669 | ||
1677 | if (pi->fcs == L2CAP_FCS_NONE || | 1670 | if (chan->fcs == L2CAP_FCS_NONE || |
1678 | pi->conf_state & L2CAP_CONF_NO_FCS_RECV) { | 1671 | chan->conf_state & L2CAP_CONF_NO_FCS_RECV) { |
1679 | pi->fcs = L2CAP_FCS_NONE; | 1672 | chan->fcs = L2CAP_FCS_NONE; |
1680 | l2cap_add_conf_opt(&ptr, L2CAP_CONF_FCS, 1, pi->fcs); | 1673 | l2cap_add_conf_opt(&ptr, L2CAP_CONF_FCS, 1, chan->fcs); |
1681 | } | 1674 | } |
1682 | break; | 1675 | break; |
1683 | 1676 | ||
@@ -1688,24 +1681,24 @@ done: | |||
1688 | rfc.retrans_timeout = 0; | 1681 | rfc.retrans_timeout = 0; |
1689 | rfc.monitor_timeout = 0; | 1682 | rfc.monitor_timeout = 0; |
1690 | rfc.max_pdu_size = cpu_to_le16(L2CAP_DEFAULT_MAX_PDU_SIZE); | 1683 | rfc.max_pdu_size = cpu_to_le16(L2CAP_DEFAULT_MAX_PDU_SIZE); |
1691 | if (L2CAP_DEFAULT_MAX_PDU_SIZE > pi->conn->mtu - 10) | 1684 | if (L2CAP_DEFAULT_MAX_PDU_SIZE > chan->conn->mtu - 10) |
1692 | rfc.max_pdu_size = cpu_to_le16(pi->conn->mtu - 10); | 1685 | rfc.max_pdu_size = cpu_to_le16(chan->conn->mtu - 10); |
1693 | 1686 | ||
1694 | l2cap_add_conf_opt(&ptr, L2CAP_CONF_RFC, sizeof(rfc), | 1687 | l2cap_add_conf_opt(&ptr, L2CAP_CONF_RFC, sizeof(rfc), |
1695 | (unsigned long) &rfc); | 1688 | (unsigned long) &rfc); |
1696 | 1689 | ||
1697 | if (!(pi->conn->feat_mask & L2CAP_FEAT_FCS)) | 1690 | if (!(chan->conn->feat_mask & L2CAP_FEAT_FCS)) |
1698 | break; | 1691 | break; |
1699 | 1692 | ||
1700 | if (pi->fcs == L2CAP_FCS_NONE || | 1693 | if (chan->fcs == L2CAP_FCS_NONE || |
1701 | pi->conf_state & L2CAP_CONF_NO_FCS_RECV) { | 1694 | chan->conf_state & L2CAP_CONF_NO_FCS_RECV) { |
1702 | pi->fcs = L2CAP_FCS_NONE; | 1695 | chan->fcs = L2CAP_FCS_NONE; |
1703 | l2cap_add_conf_opt(&ptr, L2CAP_CONF_FCS, 1, pi->fcs); | 1696 | l2cap_add_conf_opt(&ptr, L2CAP_CONF_FCS, 1, chan->fcs); |
1704 | } | 1697 | } |
1705 | break; | 1698 | break; |
1706 | } | 1699 | } |
1707 | 1700 | ||
1708 | req->dcid = cpu_to_le16(pi->dcid); | 1701 | req->dcid = cpu_to_le16(chan->dcid); |
1709 | req->flags = cpu_to_le16(0); | 1702 | req->flags = cpu_to_le16(0); |
1710 | 1703 | ||
1711 | return ptr - data; | 1704 | return ptr - data; |
@@ -1713,7 +1706,6 @@ done: | |||
1713 | 1706 | ||
1714 | static int l2cap_parse_conf_req(struct l2cap_chan *chan, void *data) | 1707 | static int l2cap_parse_conf_req(struct l2cap_chan *chan, void *data) |
1715 | { | 1708 | { |
1716 | struct l2cap_pinfo *pi = l2cap_pi(chan->sk); | ||
1717 | struct l2cap_conf_rsp *rsp = data; | 1709 | struct l2cap_conf_rsp *rsp = data; |
1718 | void *ptr = rsp->data; | 1710 | void *ptr = rsp->data; |
1719 | void *req = chan->conf_req; | 1711 | void *req = chan->conf_req; |
@@ -1738,7 +1730,7 @@ static int l2cap_parse_conf_req(struct l2cap_chan *chan, void *data) | |||
1738 | break; | 1730 | break; |
1739 | 1731 | ||
1740 | case L2CAP_CONF_FLUSH_TO: | 1732 | case L2CAP_CONF_FLUSH_TO: |
1741 | pi->flush_to = val; | 1733 | chan->flush_to = val; |
1742 | break; | 1734 | break; |
1743 | 1735 | ||
1744 | case L2CAP_CONF_QOS: | 1736 | case L2CAP_CONF_QOS: |
@@ -1751,7 +1743,7 @@ static int l2cap_parse_conf_req(struct l2cap_chan *chan, void *data) | |||
1751 | 1743 | ||
1752 | case L2CAP_CONF_FCS: | 1744 | case L2CAP_CONF_FCS: |
1753 | if (val == L2CAP_FCS_NONE) | 1745 | if (val == L2CAP_FCS_NONE) |
1754 | pi->conf_state |= L2CAP_CONF_NO_FCS_RECV; | 1746 | chan->conf_state |= L2CAP_CONF_NO_FCS_RECV; |
1755 | 1747 | ||
1756 | break; | 1748 | break; |
1757 | 1749 | ||
@@ -1768,25 +1760,25 @@ static int l2cap_parse_conf_req(struct l2cap_chan *chan, void *data) | |||
1768 | if (chan->num_conf_rsp || chan->num_conf_req > 1) | 1760 | if (chan->num_conf_rsp || chan->num_conf_req > 1) |
1769 | goto done; | 1761 | goto done; |
1770 | 1762 | ||
1771 | switch (pi->mode) { | 1763 | switch (chan->mode) { |
1772 | case L2CAP_MODE_STREAMING: | 1764 | case L2CAP_MODE_STREAMING: |
1773 | case L2CAP_MODE_ERTM: | 1765 | case L2CAP_MODE_ERTM: |
1774 | if (!(pi->conf_state & L2CAP_CONF_STATE2_DEVICE)) { | 1766 | if (!(chan->conf_state & L2CAP_CONF_STATE2_DEVICE)) { |
1775 | pi->mode = l2cap_select_mode(rfc.mode, | 1767 | chan->mode = l2cap_select_mode(rfc.mode, |
1776 | pi->conn->feat_mask); | 1768 | chan->conn->feat_mask); |
1777 | break; | 1769 | break; |
1778 | } | 1770 | } |
1779 | 1771 | ||
1780 | if (pi->mode != rfc.mode) | 1772 | if (chan->mode != rfc.mode) |
1781 | return -ECONNREFUSED; | 1773 | return -ECONNREFUSED; |
1782 | 1774 | ||
1783 | break; | 1775 | break; |
1784 | } | 1776 | } |
1785 | 1777 | ||
1786 | done: | 1778 | done: |
1787 | if (pi->mode != rfc.mode) { | 1779 | if (chan->mode != rfc.mode) { |
1788 | result = L2CAP_CONF_UNACCEPT; | 1780 | result = L2CAP_CONF_UNACCEPT; |
1789 | rfc.mode = pi->mode; | 1781 | rfc.mode = chan->mode; |
1790 | 1782 | ||
1791 | if (chan->num_conf_rsp == 1) | 1783 | if (chan->num_conf_rsp == 1) |
1792 | return -ECONNREFUSED; | 1784 | return -ECONNREFUSED; |
@@ -1803,23 +1795,23 @@ done: | |||
1803 | if (mtu < L2CAP_DEFAULT_MIN_MTU) | 1795 | if (mtu < L2CAP_DEFAULT_MIN_MTU) |
1804 | result = L2CAP_CONF_UNACCEPT; | 1796 | result = L2CAP_CONF_UNACCEPT; |
1805 | else { | 1797 | else { |
1806 | pi->omtu = mtu; | 1798 | chan->omtu = mtu; |
1807 | pi->conf_state |= L2CAP_CONF_MTU_DONE; | 1799 | chan->conf_state |= L2CAP_CONF_MTU_DONE; |
1808 | } | 1800 | } |
1809 | l2cap_add_conf_opt(&ptr, L2CAP_CONF_MTU, 2, pi->omtu); | 1801 | l2cap_add_conf_opt(&ptr, L2CAP_CONF_MTU, 2, chan->omtu); |
1810 | 1802 | ||
1811 | switch (rfc.mode) { | 1803 | switch (rfc.mode) { |
1812 | case L2CAP_MODE_BASIC: | 1804 | case L2CAP_MODE_BASIC: |
1813 | pi->fcs = L2CAP_FCS_NONE; | 1805 | chan->fcs = L2CAP_FCS_NONE; |
1814 | pi->conf_state |= L2CAP_CONF_MODE_DONE; | 1806 | chan->conf_state |= L2CAP_CONF_MODE_DONE; |
1815 | break; | 1807 | break; |
1816 | 1808 | ||
1817 | case L2CAP_MODE_ERTM: | 1809 | case L2CAP_MODE_ERTM: |
1818 | chan->remote_tx_win = rfc.txwin_size; | 1810 | chan->remote_tx_win = rfc.txwin_size; |
1819 | chan->remote_max_tx = rfc.max_transmit; | 1811 | chan->remote_max_tx = rfc.max_transmit; |
1820 | 1812 | ||
1821 | if (le16_to_cpu(rfc.max_pdu_size) > pi->conn->mtu - 10) | 1813 | if (le16_to_cpu(rfc.max_pdu_size) > chan->conn->mtu - 10) |
1822 | rfc.max_pdu_size = cpu_to_le16(pi->conn->mtu - 10); | 1814 | rfc.max_pdu_size = cpu_to_le16(chan->conn->mtu - 10); |
1823 | 1815 | ||
1824 | chan->remote_mps = le16_to_cpu(rfc.max_pdu_size); | 1816 | chan->remote_mps = le16_to_cpu(rfc.max_pdu_size); |
1825 | 1817 | ||
@@ -1828,7 +1820,7 @@ done: | |||
1828 | rfc.monitor_timeout = | 1820 | rfc.monitor_timeout = |
1829 | le16_to_cpu(L2CAP_DEFAULT_MONITOR_TO); | 1821 | le16_to_cpu(L2CAP_DEFAULT_MONITOR_TO); |
1830 | 1822 | ||
1831 | pi->conf_state |= L2CAP_CONF_MODE_DONE; | 1823 | chan->conf_state |= L2CAP_CONF_MODE_DONE; |
1832 | 1824 | ||
1833 | l2cap_add_conf_opt(&ptr, L2CAP_CONF_RFC, | 1825 | l2cap_add_conf_opt(&ptr, L2CAP_CONF_RFC, |
1834 | sizeof(rfc), (unsigned long) &rfc); | 1826 | sizeof(rfc), (unsigned long) &rfc); |
@@ -1836,12 +1828,12 @@ done: | |||
1836 | break; | 1828 | break; |
1837 | 1829 | ||
1838 | case L2CAP_MODE_STREAMING: | 1830 | case L2CAP_MODE_STREAMING: |
1839 | if (le16_to_cpu(rfc.max_pdu_size) > pi->conn->mtu - 10) | 1831 | if (le16_to_cpu(rfc.max_pdu_size) > chan->conn->mtu - 10) |
1840 | rfc.max_pdu_size = cpu_to_le16(pi->conn->mtu - 10); | 1832 | rfc.max_pdu_size = cpu_to_le16(chan->conn->mtu - 10); |
1841 | 1833 | ||
1842 | chan->remote_mps = le16_to_cpu(rfc.max_pdu_size); | 1834 | chan->remote_mps = le16_to_cpu(rfc.max_pdu_size); |
1843 | 1835 | ||
1844 | pi->conf_state |= L2CAP_CONF_MODE_DONE; | 1836 | chan->conf_state |= L2CAP_CONF_MODE_DONE; |
1845 | 1837 | ||
1846 | l2cap_add_conf_opt(&ptr, L2CAP_CONF_RFC, | 1838 | l2cap_add_conf_opt(&ptr, L2CAP_CONF_RFC, |
1847 | sizeof(rfc), (unsigned long) &rfc); | 1839 | sizeof(rfc), (unsigned long) &rfc); |
@@ -1852,29 +1844,28 @@ done: | |||
1852 | result = L2CAP_CONF_UNACCEPT; | 1844 | result = L2CAP_CONF_UNACCEPT; |
1853 | 1845 | ||
1854 | memset(&rfc, 0, sizeof(rfc)); | 1846 | memset(&rfc, 0, sizeof(rfc)); |
1855 | rfc.mode = pi->mode; | 1847 | rfc.mode = chan->mode; |
1856 | } | 1848 | } |
1857 | 1849 | ||
1858 | if (result == L2CAP_CONF_SUCCESS) | 1850 | if (result == L2CAP_CONF_SUCCESS) |
1859 | pi->conf_state |= L2CAP_CONF_OUTPUT_DONE; | 1851 | chan->conf_state |= L2CAP_CONF_OUTPUT_DONE; |
1860 | } | 1852 | } |
1861 | rsp->scid = cpu_to_le16(pi->dcid); | 1853 | rsp->scid = cpu_to_le16(chan->dcid); |
1862 | rsp->result = cpu_to_le16(result); | 1854 | rsp->result = cpu_to_le16(result); |
1863 | rsp->flags = cpu_to_le16(0x0000); | 1855 | rsp->flags = cpu_to_le16(0x0000); |
1864 | 1856 | ||
1865 | return ptr - data; | 1857 | return ptr - data; |
1866 | } | 1858 | } |
1867 | 1859 | ||
1868 | static int l2cap_parse_conf_rsp(struct sock *sk, void *rsp, int len, void *data, u16 *result) | 1860 | static int l2cap_parse_conf_rsp(struct l2cap_chan *chan, void *rsp, int len, void *data, u16 *result) |
1869 | { | 1861 | { |
1870 | struct l2cap_pinfo *pi = l2cap_pi(sk); | ||
1871 | struct l2cap_conf_req *req = data; | 1862 | struct l2cap_conf_req *req = data; |
1872 | void *ptr = req->data; | 1863 | void *ptr = req->data; |
1873 | int type, olen; | 1864 | int type, olen; |
1874 | unsigned long val; | 1865 | unsigned long val; |
1875 | struct l2cap_conf_rfc rfc; | 1866 | struct l2cap_conf_rfc rfc; |
1876 | 1867 | ||
1877 | BT_DBG("sk %p, rsp %p, len %d, req %p", sk, rsp, len, data); | 1868 | BT_DBG("chan %p, rsp %p, len %d, req %p", chan, rsp, len, data); |
1878 | 1869 | ||
1879 | while (len >= L2CAP_CONF_OPT_SIZE) { | 1870 | while (len >= L2CAP_CONF_OPT_SIZE) { |
1880 | len -= l2cap_get_conf_opt(&rsp, &type, &olen, &val); | 1871 | len -= l2cap_get_conf_opt(&rsp, &type, &olen, &val); |
@@ -1883,27 +1874,27 @@ static int l2cap_parse_conf_rsp(struct sock *sk, void *rsp, int len, void *data, | |||
1883 | case L2CAP_CONF_MTU: | 1874 | case L2CAP_CONF_MTU: |
1884 | if (val < L2CAP_DEFAULT_MIN_MTU) { | 1875 | if (val < L2CAP_DEFAULT_MIN_MTU) { |
1885 | *result = L2CAP_CONF_UNACCEPT; | 1876 | *result = L2CAP_CONF_UNACCEPT; |
1886 | pi->imtu = L2CAP_DEFAULT_MIN_MTU; | 1877 | chan->imtu = L2CAP_DEFAULT_MIN_MTU; |
1887 | } else | 1878 | } else |
1888 | pi->imtu = val; | 1879 | chan->imtu = val; |
1889 | l2cap_add_conf_opt(&ptr, L2CAP_CONF_MTU, 2, pi->imtu); | 1880 | l2cap_add_conf_opt(&ptr, L2CAP_CONF_MTU, 2, chan->imtu); |
1890 | break; | 1881 | break; |
1891 | 1882 | ||
1892 | case L2CAP_CONF_FLUSH_TO: | 1883 | case L2CAP_CONF_FLUSH_TO: |
1893 | pi->flush_to = val; | 1884 | chan->flush_to = val; |
1894 | l2cap_add_conf_opt(&ptr, L2CAP_CONF_FLUSH_TO, | 1885 | l2cap_add_conf_opt(&ptr, L2CAP_CONF_FLUSH_TO, |
1895 | 2, pi->flush_to); | 1886 | 2, chan->flush_to); |
1896 | break; | 1887 | break; |
1897 | 1888 | ||
1898 | case L2CAP_CONF_RFC: | 1889 | case L2CAP_CONF_RFC: |
1899 | if (olen == sizeof(rfc)) | 1890 | if (olen == sizeof(rfc)) |
1900 | memcpy(&rfc, (void *)val, olen); | 1891 | memcpy(&rfc, (void *)val, olen); |
1901 | 1892 | ||
1902 | if ((pi->conf_state & L2CAP_CONF_STATE2_DEVICE) && | 1893 | if ((chan->conf_state & L2CAP_CONF_STATE2_DEVICE) && |
1903 | rfc.mode != pi->mode) | 1894 | rfc.mode != chan->mode) |
1904 | return -ECONNREFUSED; | 1895 | return -ECONNREFUSED; |
1905 | 1896 | ||
1906 | pi->fcs = 0; | 1897 | chan->fcs = 0; |
1907 | 1898 | ||
1908 | l2cap_add_conf_opt(&ptr, L2CAP_CONF_RFC, | 1899 | l2cap_add_conf_opt(&ptr, L2CAP_CONF_RFC, |
1909 | sizeof(rfc), (unsigned long) &rfc); | 1900 | sizeof(rfc), (unsigned long) &rfc); |
@@ -1911,78 +1902,74 @@ static int l2cap_parse_conf_rsp(struct sock *sk, void *rsp, int len, void *data, | |||
1911 | } | 1902 | } |
1912 | } | 1903 | } |
1913 | 1904 | ||
1914 | if (pi->mode == L2CAP_MODE_BASIC && pi->mode != rfc.mode) | 1905 | if (chan->mode == L2CAP_MODE_BASIC && chan->mode != rfc.mode) |
1915 | return -ECONNREFUSED; | 1906 | return -ECONNREFUSED; |
1916 | 1907 | ||
1917 | pi->mode = rfc.mode; | 1908 | chan->mode = rfc.mode; |
1918 | 1909 | ||
1919 | if (*result == L2CAP_CONF_SUCCESS) { | 1910 | if (*result == L2CAP_CONF_SUCCESS) { |
1920 | switch (rfc.mode) { | 1911 | switch (rfc.mode) { |
1921 | case L2CAP_MODE_ERTM: | 1912 | case L2CAP_MODE_ERTM: |
1922 | pi->retrans_timeout = le16_to_cpu(rfc.retrans_timeout); | 1913 | chan->retrans_timeout = le16_to_cpu(rfc.retrans_timeout); |
1923 | pi->monitor_timeout = le16_to_cpu(rfc.monitor_timeout); | 1914 | chan->monitor_timeout = le16_to_cpu(rfc.monitor_timeout); |
1924 | pi->mps = le16_to_cpu(rfc.max_pdu_size); | 1915 | chan->mps = le16_to_cpu(rfc.max_pdu_size); |
1925 | break; | 1916 | break; |
1926 | case L2CAP_MODE_STREAMING: | 1917 | case L2CAP_MODE_STREAMING: |
1927 | pi->mps = le16_to_cpu(rfc.max_pdu_size); | 1918 | chan->mps = le16_to_cpu(rfc.max_pdu_size); |
1928 | } | 1919 | } |
1929 | } | 1920 | } |
1930 | 1921 | ||
1931 | req->dcid = cpu_to_le16(pi->dcid); | 1922 | req->dcid = cpu_to_le16(chan->dcid); |
1932 | req->flags = cpu_to_le16(0x0000); | 1923 | req->flags = cpu_to_le16(0x0000); |
1933 | 1924 | ||
1934 | return ptr - data; | 1925 | return ptr - data; |
1935 | } | 1926 | } |
1936 | 1927 | ||
1937 | static int l2cap_build_conf_rsp(struct sock *sk, void *data, u16 result, u16 flags) | 1928 | static int l2cap_build_conf_rsp(struct l2cap_chan *chan, void *data, u16 result, u16 flags) |
1938 | { | 1929 | { |
1939 | struct l2cap_conf_rsp *rsp = data; | 1930 | struct l2cap_conf_rsp *rsp = data; |
1940 | void *ptr = rsp->data; | 1931 | void *ptr = rsp->data; |
1941 | 1932 | ||
1942 | BT_DBG("sk %p", sk); | 1933 | BT_DBG("chan %p", chan); |
1943 | 1934 | ||
1944 | rsp->scid = cpu_to_le16(l2cap_pi(sk)->dcid); | 1935 | rsp->scid = cpu_to_le16(chan->dcid); |
1945 | rsp->result = cpu_to_le16(result); | 1936 | rsp->result = cpu_to_le16(result); |
1946 | rsp->flags = cpu_to_le16(flags); | 1937 | rsp->flags = cpu_to_le16(flags); |
1947 | 1938 | ||
1948 | return ptr - data; | 1939 | return ptr - data; |
1949 | } | 1940 | } |
1950 | 1941 | ||
1951 | void __l2cap_connect_rsp_defer(struct sock *sk) | 1942 | void __l2cap_connect_rsp_defer(struct l2cap_chan *chan) |
1952 | { | 1943 | { |
1953 | struct l2cap_conn_rsp rsp; | 1944 | struct l2cap_conn_rsp rsp; |
1954 | struct l2cap_conn *conn = l2cap_pi(sk)->conn; | 1945 | struct l2cap_conn *conn = chan->conn; |
1955 | struct l2cap_chan *chan = l2cap_pi(sk)->chan; | ||
1956 | u8 buf[128]; | 1946 | u8 buf[128]; |
1957 | 1947 | ||
1958 | sk->sk_state = BT_CONFIG; | 1948 | rsp.scid = cpu_to_le16(chan->dcid); |
1959 | 1949 | rsp.dcid = cpu_to_le16(chan->scid); | |
1960 | rsp.scid = cpu_to_le16(l2cap_pi(sk)->dcid); | ||
1961 | rsp.dcid = cpu_to_le16(l2cap_pi(sk)->scid); | ||
1962 | rsp.result = cpu_to_le16(L2CAP_CR_SUCCESS); | 1950 | rsp.result = cpu_to_le16(L2CAP_CR_SUCCESS); |
1963 | rsp.status = cpu_to_le16(L2CAP_CS_NO_INFO); | 1951 | rsp.status = cpu_to_le16(L2CAP_CS_NO_INFO); |
1964 | l2cap_send_cmd(conn, chan->ident, | 1952 | l2cap_send_cmd(conn, chan->ident, |
1965 | L2CAP_CONN_RSP, sizeof(rsp), &rsp); | 1953 | L2CAP_CONN_RSP, sizeof(rsp), &rsp); |
1966 | 1954 | ||
1967 | if (l2cap_pi(sk)->conf_state & L2CAP_CONF_REQ_SENT) | 1955 | if (chan->conf_state & L2CAP_CONF_REQ_SENT) |
1968 | return; | 1956 | return; |
1969 | 1957 | ||
1970 | l2cap_pi(sk)->conf_state |= L2CAP_CONF_REQ_SENT; | 1958 | chan->conf_state |= L2CAP_CONF_REQ_SENT; |
1971 | l2cap_send_cmd(conn, l2cap_get_ident(conn), L2CAP_CONF_REQ, | 1959 | l2cap_send_cmd(conn, l2cap_get_ident(conn), L2CAP_CONF_REQ, |
1972 | l2cap_build_conf_req(chan, buf), buf); | 1960 | l2cap_build_conf_req(chan, buf), buf); |
1973 | chan->num_conf_req++; | 1961 | chan->num_conf_req++; |
1974 | } | 1962 | } |
1975 | 1963 | ||
1976 | static void l2cap_conf_rfc_get(struct sock *sk, void *rsp, int len) | 1964 | static void l2cap_conf_rfc_get(struct l2cap_chan *chan, void *rsp, int len) |
1977 | { | 1965 | { |
1978 | struct l2cap_pinfo *pi = l2cap_pi(sk); | ||
1979 | int type, olen; | 1966 | int type, olen; |
1980 | unsigned long val; | 1967 | unsigned long val; |
1981 | struct l2cap_conf_rfc rfc; | 1968 | struct l2cap_conf_rfc rfc; |
1982 | 1969 | ||
1983 | BT_DBG("sk %p, rsp %p, len %d", sk, rsp, len); | 1970 | BT_DBG("chan %p, rsp %p, len %d", chan, rsp, len); |
1984 | 1971 | ||
1985 | if ((pi->mode != L2CAP_MODE_ERTM) && (pi->mode != L2CAP_MODE_STREAMING)) | 1972 | if ((chan->mode != L2CAP_MODE_ERTM) && (chan->mode != L2CAP_MODE_STREAMING)) |
1986 | return; | 1973 | return; |
1987 | 1974 | ||
1988 | while (len >= L2CAP_CONF_OPT_SIZE) { | 1975 | while (len >= L2CAP_CONF_OPT_SIZE) { |
@@ -1999,12 +1986,12 @@ static void l2cap_conf_rfc_get(struct sock *sk, void *rsp, int len) | |||
1999 | done: | 1986 | done: |
2000 | switch (rfc.mode) { | 1987 | switch (rfc.mode) { |
2001 | case L2CAP_MODE_ERTM: | 1988 | case L2CAP_MODE_ERTM: |
2002 | pi->retrans_timeout = le16_to_cpu(rfc.retrans_timeout); | 1989 | chan->retrans_timeout = le16_to_cpu(rfc.retrans_timeout); |
2003 | pi->monitor_timeout = le16_to_cpu(rfc.monitor_timeout); | 1990 | chan->monitor_timeout = le16_to_cpu(rfc.monitor_timeout); |
2004 | pi->mps = le16_to_cpu(rfc.max_pdu_size); | 1991 | chan->mps = le16_to_cpu(rfc.max_pdu_size); |
2005 | break; | 1992 | break; |
2006 | case L2CAP_MODE_STREAMING: | 1993 | case L2CAP_MODE_STREAMING: |
2007 | pi->mps = le16_to_cpu(rfc.max_pdu_size); | 1994 | chan->mps = le16_to_cpu(rfc.max_pdu_size); |
2008 | } | 1995 | } |
2009 | } | 1996 | } |
2010 | 1997 | ||
@@ -2076,6 +2063,8 @@ static inline int l2cap_connect_req(struct l2cap_conn *conn, struct l2cap_cmd_hd | |||
2076 | goto response; | 2063 | goto response; |
2077 | } | 2064 | } |
2078 | 2065 | ||
2066 | l2cap_pi(sk)->chan = chan; | ||
2067 | |||
2079 | write_lock_bh(&conn->chan_lock); | 2068 | write_lock_bh(&conn->chan_lock); |
2080 | 2069 | ||
2081 | /* Check if we already have channel with that dcid */ | 2070 | /* Check if we already have channel with that dcid */ |
@@ -2091,23 +2080,21 @@ static inline int l2cap_connect_req(struct l2cap_conn *conn, struct l2cap_cmd_hd | |||
2091 | l2cap_sock_init(sk, parent); | 2080 | l2cap_sock_init(sk, parent); |
2092 | bacpy(&bt_sk(sk)->src, conn->src); | 2081 | bacpy(&bt_sk(sk)->src, conn->src); |
2093 | bacpy(&bt_sk(sk)->dst, conn->dst); | 2082 | bacpy(&bt_sk(sk)->dst, conn->dst); |
2094 | l2cap_pi(sk)->psm = psm; | 2083 | chan->psm = psm; |
2095 | l2cap_pi(sk)->dcid = scid; | 2084 | chan->dcid = scid; |
2096 | 2085 | ||
2097 | bt_accept_enqueue(parent, sk); | 2086 | bt_accept_enqueue(parent, sk); |
2098 | 2087 | ||
2099 | __l2cap_chan_add(conn, chan); | 2088 | __l2cap_chan_add(conn, chan); |
2100 | 2089 | ||
2101 | l2cap_pi(sk)->chan = chan; | 2090 | dcid = chan->scid; |
2102 | |||
2103 | dcid = l2cap_pi(sk)->scid; | ||
2104 | 2091 | ||
2105 | l2cap_sock_set_timer(sk, sk->sk_sndtimeo); | 2092 | l2cap_sock_set_timer(sk, sk->sk_sndtimeo); |
2106 | 2093 | ||
2107 | chan->ident = cmd->ident; | 2094 | chan->ident = cmd->ident; |
2108 | 2095 | ||
2109 | if (conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_DONE) { | 2096 | if (conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_DONE) { |
2110 | if (l2cap_check_security(sk)) { | 2097 | if (l2cap_check_security(chan)) { |
2111 | if (bt_sk(sk)->defer_setup) { | 2098 | if (bt_sk(sk)->defer_setup) { |
2112 | sk->sk_state = BT_CONNECT2; | 2099 | sk->sk_state = BT_CONNECT2; |
2113 | result = L2CAP_CR_PEND; | 2100 | result = L2CAP_CR_PEND; |
@@ -2155,10 +2142,10 @@ sendresp: | |||
2155 | L2CAP_INFO_REQ, sizeof(info), &info); | 2142 | L2CAP_INFO_REQ, sizeof(info), &info); |
2156 | } | 2143 | } |
2157 | 2144 | ||
2158 | if (chan && !(l2cap_pi(sk)->conf_state & L2CAP_CONF_REQ_SENT) && | 2145 | if (chan && !(chan->conf_state & L2CAP_CONF_REQ_SENT) && |
2159 | result == L2CAP_CR_SUCCESS) { | 2146 | result == L2CAP_CR_SUCCESS) { |
2160 | u8 buf[128]; | 2147 | u8 buf[128]; |
2161 | l2cap_pi(sk)->conf_state |= L2CAP_CONF_REQ_SENT; | 2148 | chan->conf_state |= L2CAP_CONF_REQ_SENT; |
2162 | l2cap_send_cmd(conn, l2cap_get_ident(conn), L2CAP_CONF_REQ, | 2149 | l2cap_send_cmd(conn, l2cap_get_ident(conn), L2CAP_CONF_REQ, |
2163 | l2cap_build_conf_req(chan, buf), buf); | 2150 | l2cap_build_conf_req(chan, buf), buf); |
2164 | chan->num_conf_req++; | 2151 | chan->num_conf_req++; |
@@ -2198,13 +2185,13 @@ static inline int l2cap_connect_rsp(struct l2cap_conn *conn, struct l2cap_cmd_hd | |||
2198 | case L2CAP_CR_SUCCESS: | 2185 | case L2CAP_CR_SUCCESS: |
2199 | sk->sk_state = BT_CONFIG; | 2186 | sk->sk_state = BT_CONFIG; |
2200 | chan->ident = 0; | 2187 | chan->ident = 0; |
2201 | l2cap_pi(sk)->dcid = dcid; | 2188 | chan->dcid = dcid; |
2202 | l2cap_pi(sk)->conf_state &= ~L2CAP_CONF_CONNECT_PEND; | 2189 | chan->conf_state &= ~L2CAP_CONF_CONNECT_PEND; |
2203 | 2190 | ||
2204 | if (l2cap_pi(sk)->conf_state & L2CAP_CONF_REQ_SENT) | 2191 | if (chan->conf_state & L2CAP_CONF_REQ_SENT) |
2205 | break; | 2192 | break; |
2206 | 2193 | ||
2207 | l2cap_pi(sk)->conf_state |= L2CAP_CONF_REQ_SENT; | 2194 | chan->conf_state |= L2CAP_CONF_REQ_SENT; |
2208 | 2195 | ||
2209 | l2cap_send_cmd(conn, l2cap_get_ident(conn), L2CAP_CONF_REQ, | 2196 | l2cap_send_cmd(conn, l2cap_get_ident(conn), L2CAP_CONF_REQ, |
2210 | l2cap_build_conf_req(chan, req), req); | 2197 | l2cap_build_conf_req(chan, req), req); |
@@ -2212,7 +2199,7 @@ static inline int l2cap_connect_rsp(struct l2cap_conn *conn, struct l2cap_cmd_hd | |||
2212 | break; | 2199 | break; |
2213 | 2200 | ||
2214 | case L2CAP_CR_PEND: | 2201 | case L2CAP_CR_PEND: |
2215 | l2cap_pi(sk)->conf_state |= L2CAP_CONF_CONNECT_PEND; | 2202 | chan->conf_state |= L2CAP_CONF_CONNECT_PEND; |
2216 | break; | 2203 | break; |
2217 | 2204 | ||
2218 | default: | 2205 | default: |
@@ -2232,15 +2219,17 @@ static inline int l2cap_connect_rsp(struct l2cap_conn *conn, struct l2cap_cmd_hd | |||
2232 | return 0; | 2219 | return 0; |
2233 | } | 2220 | } |
2234 | 2221 | ||
2235 | static inline void set_default_fcs(struct l2cap_pinfo *pi) | 2222 | static inline void set_default_fcs(struct l2cap_chan *chan) |
2236 | { | 2223 | { |
2224 | struct l2cap_pinfo *pi = l2cap_pi(chan->sk); | ||
2225 | |||
2237 | /* FCS is enabled only in ERTM or streaming mode, if one or both | 2226 | /* FCS is enabled only in ERTM or streaming mode, if one or both |
2238 | * sides request it. | 2227 | * sides request it. |
2239 | */ | 2228 | */ |
2240 | if (pi->mode != L2CAP_MODE_ERTM && pi->mode != L2CAP_MODE_STREAMING) | 2229 | if (chan->mode != L2CAP_MODE_ERTM && chan->mode != L2CAP_MODE_STREAMING) |
2241 | pi->fcs = L2CAP_FCS_NONE; | 2230 | chan->fcs = L2CAP_FCS_NONE; |
2242 | else if (!(pi->conf_state & L2CAP_CONF_NO_FCS_RECV)) | 2231 | else if (!(pi->chan->conf_state & L2CAP_CONF_NO_FCS_RECV)) |
2243 | pi->fcs = L2CAP_FCS_CRC16; | 2232 | chan->fcs = L2CAP_FCS_CRC16; |
2244 | } | 2233 | } |
2245 | 2234 | ||
2246 | static inline int l2cap_config_req(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u16 cmd_len, u8 *data) | 2235 | static inline int l2cap_config_req(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u16 cmd_len, u8 *data) |
@@ -2276,7 +2265,7 @@ static inline int l2cap_config_req(struct l2cap_conn *conn, struct l2cap_cmd_hdr | |||
2276 | len = cmd_len - sizeof(*req); | 2265 | len = cmd_len - sizeof(*req); |
2277 | if (chan->conf_len + len > sizeof(chan->conf_req)) { | 2266 | if (chan->conf_len + len > sizeof(chan->conf_req)) { |
2278 | l2cap_send_cmd(conn, cmd->ident, L2CAP_CONF_RSP, | 2267 | l2cap_send_cmd(conn, cmd->ident, L2CAP_CONF_RSP, |
2279 | l2cap_build_conf_rsp(sk, rsp, | 2268 | l2cap_build_conf_rsp(chan, rsp, |
2280 | L2CAP_CONF_REJECT, flags), rsp); | 2269 | L2CAP_CONF_REJECT, flags), rsp); |
2281 | goto unlock; | 2270 | goto unlock; |
2282 | } | 2271 | } |
@@ -2288,7 +2277,7 @@ static inline int l2cap_config_req(struct l2cap_conn *conn, struct l2cap_cmd_hdr | |||
2288 | if (flags & 0x0001) { | 2277 | if (flags & 0x0001) { |
2289 | /* Incomplete config. Send empty response. */ | 2278 | /* Incomplete config. Send empty response. */ |
2290 | l2cap_send_cmd(conn, cmd->ident, L2CAP_CONF_RSP, | 2279 | l2cap_send_cmd(conn, cmd->ident, L2CAP_CONF_RSP, |
2291 | l2cap_build_conf_rsp(sk, rsp, | 2280 | l2cap_build_conf_rsp(chan, rsp, |
2292 | L2CAP_CONF_SUCCESS, 0x0001), rsp); | 2281 | L2CAP_CONF_SUCCESS, 0x0001), rsp); |
2293 | goto unlock; | 2282 | goto unlock; |
2294 | } | 2283 | } |
@@ -2306,27 +2295,27 @@ static inline int l2cap_config_req(struct l2cap_conn *conn, struct l2cap_cmd_hdr | |||
2306 | /* Reset config buffer. */ | 2295 | /* Reset config buffer. */ |
2307 | chan->conf_len = 0; | 2296 | chan->conf_len = 0; |
2308 | 2297 | ||
2309 | if (!(l2cap_pi(sk)->conf_state & L2CAP_CONF_OUTPUT_DONE)) | 2298 | if (!(chan->conf_state & L2CAP_CONF_OUTPUT_DONE)) |
2310 | goto unlock; | 2299 | goto unlock; |
2311 | 2300 | ||
2312 | if (l2cap_pi(sk)->conf_state & L2CAP_CONF_INPUT_DONE) { | 2301 | if (chan->conf_state & L2CAP_CONF_INPUT_DONE) { |
2313 | set_default_fcs(l2cap_pi(sk)); | 2302 | set_default_fcs(chan); |
2314 | 2303 | ||
2315 | sk->sk_state = BT_CONNECTED; | 2304 | sk->sk_state = BT_CONNECTED; |
2316 | 2305 | ||
2317 | chan->next_tx_seq = 0; | 2306 | chan->next_tx_seq = 0; |
2318 | chan->expected_tx_seq = 0; | 2307 | chan->expected_tx_seq = 0; |
2319 | skb_queue_head_init(&chan->tx_q); | 2308 | skb_queue_head_init(&chan->tx_q); |
2320 | if (l2cap_pi(sk)->mode == L2CAP_MODE_ERTM) | 2309 | if (chan->mode == L2CAP_MODE_ERTM) |
2321 | l2cap_ertm_init(chan); | 2310 | l2cap_ertm_init(chan); |
2322 | 2311 | ||
2323 | l2cap_chan_ready(sk); | 2312 | l2cap_chan_ready(sk); |
2324 | goto unlock; | 2313 | goto unlock; |
2325 | } | 2314 | } |
2326 | 2315 | ||
2327 | if (!(l2cap_pi(sk)->conf_state & L2CAP_CONF_REQ_SENT)) { | 2316 | if (!(chan->conf_state & L2CAP_CONF_REQ_SENT)) { |
2328 | u8 buf[64]; | 2317 | u8 buf[64]; |
2329 | l2cap_pi(sk)->conf_state |= L2CAP_CONF_REQ_SENT; | 2318 | chan->conf_state |= L2CAP_CONF_REQ_SENT; |
2330 | l2cap_send_cmd(conn, l2cap_get_ident(conn), L2CAP_CONF_REQ, | 2319 | l2cap_send_cmd(conn, l2cap_get_ident(conn), L2CAP_CONF_REQ, |
2331 | l2cap_build_conf_req(chan, buf), buf); | 2320 | l2cap_build_conf_req(chan, buf), buf); |
2332 | chan->num_conf_req++; | 2321 | chan->num_conf_req++; |
@@ -2360,7 +2349,7 @@ static inline int l2cap_config_rsp(struct l2cap_conn *conn, struct l2cap_cmd_hdr | |||
2360 | 2349 | ||
2361 | switch (result) { | 2350 | switch (result) { |
2362 | case L2CAP_CONF_SUCCESS: | 2351 | case L2CAP_CONF_SUCCESS: |
2363 | l2cap_conf_rfc_get(sk, rsp->data, len); | 2352 | l2cap_conf_rfc_get(chan, rsp->data, len); |
2364 | break; | 2353 | break; |
2365 | 2354 | ||
2366 | case L2CAP_CONF_UNACCEPT: | 2355 | case L2CAP_CONF_UNACCEPT: |
@@ -2374,8 +2363,8 @@ static inline int l2cap_config_rsp(struct l2cap_conn *conn, struct l2cap_cmd_hdr | |||
2374 | 2363 | ||
2375 | /* throw out any old stored conf requests */ | 2364 | /* throw out any old stored conf requests */ |
2376 | result = L2CAP_CONF_SUCCESS; | 2365 | result = L2CAP_CONF_SUCCESS; |
2377 | len = l2cap_parse_conf_rsp(sk, rsp->data, | 2366 | len = l2cap_parse_conf_rsp(chan, rsp->data, len, |
2378 | len, req, &result); | 2367 | req, &result); |
2379 | if (len < 0) { | 2368 | if (len < 0) { |
2380 | l2cap_send_disconn_req(conn, chan, ECONNRESET); | 2369 | l2cap_send_disconn_req(conn, chan, ECONNRESET); |
2381 | goto done; | 2370 | goto done; |
@@ -2399,16 +2388,16 @@ static inline int l2cap_config_rsp(struct l2cap_conn *conn, struct l2cap_cmd_hdr | |||
2399 | if (flags & 0x01) | 2388 | if (flags & 0x01) |
2400 | goto done; | 2389 | goto done; |
2401 | 2390 | ||
2402 | l2cap_pi(sk)->conf_state |= L2CAP_CONF_INPUT_DONE; | 2391 | chan->conf_state |= L2CAP_CONF_INPUT_DONE; |
2403 | 2392 | ||
2404 | if (l2cap_pi(sk)->conf_state & L2CAP_CONF_OUTPUT_DONE) { | 2393 | if (chan->conf_state & L2CAP_CONF_OUTPUT_DONE) { |
2405 | set_default_fcs(l2cap_pi(sk)); | 2394 | set_default_fcs(chan); |
2406 | 2395 | ||
2407 | sk->sk_state = BT_CONNECTED; | 2396 | sk->sk_state = BT_CONNECTED; |
2408 | chan->next_tx_seq = 0; | 2397 | chan->next_tx_seq = 0; |
2409 | chan->expected_tx_seq = 0; | 2398 | chan->expected_tx_seq = 0; |
2410 | skb_queue_head_init(&chan->tx_q); | 2399 | skb_queue_head_init(&chan->tx_q); |
2411 | if (l2cap_pi(sk)->mode == L2CAP_MODE_ERTM) | 2400 | if (chan->mode == L2CAP_MODE_ERTM) |
2412 | l2cap_ertm_init(chan); | 2401 | l2cap_ertm_init(chan); |
2413 | 2402 | ||
2414 | l2cap_chan_ready(sk); | 2403 | l2cap_chan_ready(sk); |
@@ -2438,8 +2427,8 @@ static inline int l2cap_disconnect_req(struct l2cap_conn *conn, struct l2cap_cmd | |||
2438 | 2427 | ||
2439 | sk = chan->sk; | 2428 | sk = chan->sk; |
2440 | 2429 | ||
2441 | rsp.dcid = cpu_to_le16(l2cap_pi(sk)->scid); | 2430 | rsp.dcid = cpu_to_le16(chan->scid); |
2442 | rsp.scid = cpu_to_le16(l2cap_pi(sk)->dcid); | 2431 | rsp.scid = cpu_to_le16(chan->dcid); |
2443 | l2cap_send_cmd(conn, cmd->ident, L2CAP_DISCONN_RSP, sizeof(rsp), &rsp); | 2432 | l2cap_send_cmd(conn, cmd->ident, L2CAP_DISCONN_RSP, sizeof(rsp), &rsp); |
2444 | 2433 | ||
2445 | sk->sk_shutdown = SHUTDOWN_MASK; | 2434 | sk->sk_shutdown = SHUTDOWN_MASK; |
@@ -2774,12 +2763,12 @@ static inline void l2cap_sig_channel(struct l2cap_conn *conn, | |||
2774 | kfree_skb(skb); | 2763 | kfree_skb(skb); |
2775 | } | 2764 | } |
2776 | 2765 | ||
2777 | static int l2cap_check_fcs(struct l2cap_pinfo *pi, struct sk_buff *skb) | 2766 | static int l2cap_check_fcs(struct l2cap_chan *chan, struct sk_buff *skb) |
2778 | { | 2767 | { |
2779 | u16 our_fcs, rcv_fcs; | 2768 | u16 our_fcs, rcv_fcs; |
2780 | int hdr_size = L2CAP_HDR_SIZE + 2; | 2769 | int hdr_size = L2CAP_HDR_SIZE + 2; |
2781 | 2770 | ||
2782 | if (pi->fcs == L2CAP_FCS_CRC16) { | 2771 | if (chan->fcs == L2CAP_FCS_CRC16) { |
2783 | skb_trim(skb, skb->len - 2); | 2772 | skb_trim(skb, skb->len - 2); |
2784 | rcv_fcs = get_unaligned_le16(skb->data + skb->len); | 2773 | rcv_fcs = get_unaligned_le16(skb->data + skb->len); |
2785 | our_fcs = crc16(0, skb->data - hdr_size, skb->len + hdr_size); | 2774 | our_fcs = crc16(0, skb->data - hdr_size, skb->len + hdr_size); |
@@ -2860,7 +2849,6 @@ static int l2cap_add_to_srej_queue(struct l2cap_chan *chan, struct sk_buff *skb, | |||
2860 | 2849 | ||
2861 | static int l2cap_ertm_reassembly_sdu(struct l2cap_chan *chan, struct sk_buff *skb, u16 control) | 2850 | static int l2cap_ertm_reassembly_sdu(struct l2cap_chan *chan, struct sk_buff *skb, u16 control) |
2862 | { | 2851 | { |
2863 | struct l2cap_pinfo *pi = l2cap_pi(chan->sk); | ||
2864 | struct sk_buff *_skb; | 2852 | struct sk_buff *_skb; |
2865 | int err; | 2853 | int err; |
2866 | 2854 | ||
@@ -2881,7 +2869,7 @@ static int l2cap_ertm_reassembly_sdu(struct l2cap_chan *chan, struct sk_buff *sk | |||
2881 | 2869 | ||
2882 | chan->sdu_len = get_unaligned_le16(skb->data); | 2870 | chan->sdu_len = get_unaligned_le16(skb->data); |
2883 | 2871 | ||
2884 | if (chan->sdu_len > pi->imtu) | 2872 | if (chan->sdu_len > chan->imtu) |
2885 | goto disconnect; | 2873 | goto disconnect; |
2886 | 2874 | ||
2887 | chan->sdu = bt_skb_alloc(chan->sdu_len, GFP_ATOMIC); | 2875 | chan->sdu = bt_skb_alloc(chan->sdu_len, GFP_ATOMIC); |
@@ -2924,7 +2912,7 @@ static int l2cap_ertm_reassembly_sdu(struct l2cap_chan *chan, struct sk_buff *sk | |||
2924 | if (!(chan->conn_state & L2CAP_CONN_SAR_RETRY)) { | 2912 | if (!(chan->conn_state & L2CAP_CONN_SAR_RETRY)) { |
2925 | chan->partial_sdu_len += skb->len; | 2913 | chan->partial_sdu_len += skb->len; |
2926 | 2914 | ||
2927 | if (chan->partial_sdu_len > pi->imtu) | 2915 | if (chan->partial_sdu_len > chan->imtu) |
2928 | goto drop; | 2916 | goto drop; |
2929 | 2917 | ||
2930 | if (chan->partial_sdu_len != chan->sdu_len) | 2918 | if (chan->partial_sdu_len != chan->sdu_len) |
@@ -2961,7 +2949,7 @@ drop: | |||
2961 | chan->sdu = NULL; | 2949 | chan->sdu = NULL; |
2962 | 2950 | ||
2963 | disconnect: | 2951 | disconnect: |
2964 | l2cap_send_disconn_req(pi->conn, chan, ECONNRESET); | 2952 | l2cap_send_disconn_req(chan->conn, chan, ECONNRESET); |
2965 | kfree_skb(skb); | 2953 | kfree_skb(skb); |
2966 | return 0; | 2954 | return 0; |
2967 | } | 2955 | } |
@@ -3022,7 +3010,7 @@ static void l2cap_busy_work(struct work_struct *work) | |||
3022 | 3010 | ||
3023 | if (n_tries++ > L2CAP_LOCAL_BUSY_TRIES) { | 3011 | if (n_tries++ > L2CAP_LOCAL_BUSY_TRIES) { |
3024 | err = -EBUSY; | 3012 | err = -EBUSY; |
3025 | l2cap_send_disconn_req(l2cap_pi(sk)->conn, chan, EBUSY); | 3013 | l2cap_send_disconn_req(chan->conn, chan, EBUSY); |
3026 | break; | 3014 | break; |
3027 | } | 3015 | } |
3028 | 3016 | ||
@@ -3092,7 +3080,6 @@ static int l2cap_push_rx_skb(struct l2cap_chan *chan, struct sk_buff *skb, u16 c | |||
3092 | 3080 | ||
3093 | static int l2cap_streaming_reassembly_sdu(struct l2cap_chan *chan, struct sk_buff *skb, u16 control) | 3081 | static int l2cap_streaming_reassembly_sdu(struct l2cap_chan *chan, struct sk_buff *skb, u16 control) |
3094 | { | 3082 | { |
3095 | struct l2cap_pinfo *pi = l2cap_pi(chan->sk); | ||
3096 | struct sk_buff *_skb; | 3083 | struct sk_buff *_skb; |
3097 | int err = -EINVAL; | 3084 | int err = -EINVAL; |
3098 | 3085 | ||
@@ -3123,7 +3110,7 @@ static int l2cap_streaming_reassembly_sdu(struct l2cap_chan *chan, struct sk_buf | |||
3123 | chan->sdu_len = get_unaligned_le16(skb->data); | 3110 | chan->sdu_len = get_unaligned_le16(skb->data); |
3124 | skb_pull(skb, 2); | 3111 | skb_pull(skb, 2); |
3125 | 3112 | ||
3126 | if (chan->sdu_len > pi->imtu) { | 3113 | if (chan->sdu_len > chan->imtu) { |
3127 | err = -EMSGSIZE; | 3114 | err = -EMSGSIZE; |
3128 | break; | 3115 | break; |
3129 | } | 3116 | } |
@@ -3164,7 +3151,7 @@ static int l2cap_streaming_reassembly_sdu(struct l2cap_chan *chan, struct sk_buf | |||
3164 | chan->conn_state &= ~L2CAP_CONN_SAR_SDU; | 3151 | chan->conn_state &= ~L2CAP_CONN_SAR_SDU; |
3165 | chan->partial_sdu_len += skb->len; | 3152 | chan->partial_sdu_len += skb->len; |
3166 | 3153 | ||
3167 | if (chan->partial_sdu_len > pi->imtu) | 3154 | if (chan->partial_sdu_len > chan->imtu) |
3168 | goto drop; | 3155 | goto drop; |
3169 | 3156 | ||
3170 | if (chan->partial_sdu_len == chan->sdu_len) { | 3157 | if (chan->partial_sdu_len == chan->sdu_len) { |
@@ -3241,12 +3228,11 @@ static void l2cap_send_srejframe(struct l2cap_chan *chan, u8 tx_seq) | |||
3241 | 3228 | ||
3242 | static inline int l2cap_data_channel_iframe(struct l2cap_chan *chan, u16 rx_control, struct sk_buff *skb) | 3229 | static inline int l2cap_data_channel_iframe(struct l2cap_chan *chan, u16 rx_control, struct sk_buff *skb) |
3243 | { | 3230 | { |
3244 | struct l2cap_pinfo *pi = l2cap_pi(chan->sk); | ||
3245 | u8 tx_seq = __get_txseq(rx_control); | 3231 | u8 tx_seq = __get_txseq(rx_control); |
3246 | u8 req_seq = __get_reqseq(rx_control); | 3232 | u8 req_seq = __get_reqseq(rx_control); |
3247 | u8 sar = rx_control >> L2CAP_CTRL_SAR_SHIFT; | 3233 | u8 sar = rx_control >> L2CAP_CTRL_SAR_SHIFT; |
3248 | int tx_seq_offset, expected_tx_seq_offset; | 3234 | int tx_seq_offset, expected_tx_seq_offset; |
3249 | int num_to_ack = (pi->tx_win/6) + 1; | 3235 | int num_to_ack = (chan->tx_win/6) + 1; |
3250 | int err = 0; | 3236 | int err = 0; |
3251 | 3237 | ||
3252 | BT_DBG("chan %p len %d tx_seq %d rx_control 0x%4.4x", chan, skb->len, | 3238 | BT_DBG("chan %p len %d tx_seq %d rx_control 0x%4.4x", chan, skb->len, |
@@ -3271,8 +3257,8 @@ static inline int l2cap_data_channel_iframe(struct l2cap_chan *chan, u16 rx_cont | |||
3271 | tx_seq_offset += 64; | 3257 | tx_seq_offset += 64; |
3272 | 3258 | ||
3273 | /* invalid tx_seq */ | 3259 | /* invalid tx_seq */ |
3274 | if (tx_seq_offset >= pi->tx_win) { | 3260 | if (tx_seq_offset >= chan->tx_win) { |
3275 | l2cap_send_disconn_req(pi->conn, chan, ECONNRESET); | 3261 | l2cap_send_disconn_req(chan->conn, chan, ECONNRESET); |
3276 | goto drop; | 3262 | goto drop; |
3277 | } | 3263 | } |
3278 | 3264 | ||
@@ -3539,7 +3525,6 @@ static inline int l2cap_data_channel_sframe(struct l2cap_chan *chan, u16 rx_cont | |||
3539 | static int l2cap_ertm_data_rcv(struct sock *sk, struct sk_buff *skb) | 3525 | static int l2cap_ertm_data_rcv(struct sock *sk, struct sk_buff *skb) |
3540 | { | 3526 | { |
3541 | struct l2cap_chan *chan = l2cap_pi(sk)->chan; | 3527 | struct l2cap_chan *chan = l2cap_pi(sk)->chan; |
3542 | struct l2cap_pinfo *pi = l2cap_pi(sk); | ||
3543 | u16 control; | 3528 | u16 control; |
3544 | u8 req_seq; | 3529 | u8 req_seq; |
3545 | int len, next_tx_seq_offset, req_seq_offset; | 3530 | int len, next_tx_seq_offset, req_seq_offset; |
@@ -3553,17 +3538,17 @@ static int l2cap_ertm_data_rcv(struct sock *sk, struct sk_buff *skb) | |||
3553 | * Receiver will miss it and start proper recovery | 3538 | * Receiver will miss it and start proper recovery |
3554 | * procedures and ask retransmission. | 3539 | * procedures and ask retransmission. |
3555 | */ | 3540 | */ |
3556 | if (l2cap_check_fcs(pi, skb)) | 3541 | if (l2cap_check_fcs(chan, skb)) |
3557 | goto drop; | 3542 | goto drop; |
3558 | 3543 | ||
3559 | if (__is_sar_start(control) && __is_iframe(control)) | 3544 | if (__is_sar_start(control) && __is_iframe(control)) |
3560 | len -= 2; | 3545 | len -= 2; |
3561 | 3546 | ||
3562 | if (pi->fcs == L2CAP_FCS_CRC16) | 3547 | if (chan->fcs == L2CAP_FCS_CRC16) |
3563 | len -= 2; | 3548 | len -= 2; |
3564 | 3549 | ||
3565 | if (len > pi->mps) { | 3550 | if (len > chan->mps) { |
3566 | l2cap_send_disconn_req(pi->conn, chan, ECONNRESET); | 3551 | l2cap_send_disconn_req(chan->conn, chan, ECONNRESET); |
3567 | goto drop; | 3552 | goto drop; |
3568 | } | 3553 | } |
3569 | 3554 | ||
@@ -3579,13 +3564,13 @@ static int l2cap_ertm_data_rcv(struct sock *sk, struct sk_buff *skb) | |||
3579 | 3564 | ||
3580 | /* check for invalid req-seq */ | 3565 | /* check for invalid req-seq */ |
3581 | if (req_seq_offset > next_tx_seq_offset) { | 3566 | if (req_seq_offset > next_tx_seq_offset) { |
3582 | l2cap_send_disconn_req(pi->conn, chan, ECONNRESET); | 3567 | l2cap_send_disconn_req(chan->conn, chan, ECONNRESET); |
3583 | goto drop; | 3568 | goto drop; |
3584 | } | 3569 | } |
3585 | 3570 | ||
3586 | if (__is_iframe(control)) { | 3571 | if (__is_iframe(control)) { |
3587 | if (len < 0) { | 3572 | if (len < 0) { |
3588 | l2cap_send_disconn_req(pi->conn, chan, ECONNRESET); | 3573 | l2cap_send_disconn_req(chan->conn, chan, ECONNRESET); |
3589 | goto drop; | 3574 | goto drop; |
3590 | } | 3575 | } |
3591 | 3576 | ||
@@ -3593,7 +3578,7 @@ static int l2cap_ertm_data_rcv(struct sock *sk, struct sk_buff *skb) | |||
3593 | } else { | 3578 | } else { |
3594 | if (len != 0) { | 3579 | if (len != 0) { |
3595 | BT_ERR("%d", len); | 3580 | BT_ERR("%d", len); |
3596 | l2cap_send_disconn_req(pi->conn, chan, ECONNRESET); | 3581 | l2cap_send_disconn_req(chan->conn, chan, ECONNRESET); |
3597 | goto drop; | 3582 | goto drop; |
3598 | } | 3583 | } |
3599 | 3584 | ||
@@ -3630,14 +3615,14 @@ static inline int l2cap_data_channel(struct l2cap_conn *conn, u16 cid, struct sk | |||
3630 | if (sk->sk_state != BT_CONNECTED) | 3615 | if (sk->sk_state != BT_CONNECTED) |
3631 | goto drop; | 3616 | goto drop; |
3632 | 3617 | ||
3633 | switch (pi->mode) { | 3618 | switch (chan->mode) { |
3634 | case L2CAP_MODE_BASIC: | 3619 | case L2CAP_MODE_BASIC: |
3635 | /* If socket recv buffers overflows we drop data here | 3620 | /* If socket recv buffers overflows we drop data here |
3636 | * which is *bad* because L2CAP has to be reliable. | 3621 | * which is *bad* because L2CAP has to be reliable. |
3637 | * But we don't have any other choice. L2CAP doesn't | 3622 | * But we don't have any other choice. L2CAP doesn't |
3638 | * provide flow control mechanism. */ | 3623 | * provide flow control mechanism. */ |
3639 | 3624 | ||
3640 | if (pi->imtu < skb->len) | 3625 | if (chan->imtu < skb->len) |
3641 | goto drop; | 3626 | goto drop; |
3642 | 3627 | ||
3643 | if (!sock_queue_rcv_skb(sk, skb)) | 3628 | if (!sock_queue_rcv_skb(sk, skb)) |
@@ -3659,16 +3644,16 @@ static inline int l2cap_data_channel(struct l2cap_conn *conn, u16 cid, struct sk | |||
3659 | skb_pull(skb, 2); | 3644 | skb_pull(skb, 2); |
3660 | len = skb->len; | 3645 | len = skb->len; |
3661 | 3646 | ||
3662 | if (l2cap_check_fcs(pi, skb)) | 3647 | if (l2cap_check_fcs(chan, skb)) |
3663 | goto drop; | 3648 | goto drop; |
3664 | 3649 | ||
3665 | if (__is_sar_start(control)) | 3650 | if (__is_sar_start(control)) |
3666 | len -= 2; | 3651 | len -= 2; |
3667 | 3652 | ||
3668 | if (pi->fcs == L2CAP_FCS_CRC16) | 3653 | if (chan->fcs == L2CAP_FCS_CRC16) |
3669 | len -= 2; | 3654 | len -= 2; |
3670 | 3655 | ||
3671 | if (len > pi->mps || len < 0 || __is_sframe(control)) | 3656 | if (len > chan->mps || len < 0 || __is_sframe(control)) |
3672 | goto drop; | 3657 | goto drop; |
3673 | 3658 | ||
3674 | tx_seq = __get_txseq(control); | 3659 | tx_seq = __get_txseq(control); |
@@ -3683,7 +3668,7 @@ static inline int l2cap_data_channel(struct l2cap_conn *conn, u16 cid, struct sk | |||
3683 | goto done; | 3668 | goto done; |
3684 | 3669 | ||
3685 | default: | 3670 | default: |
3686 | BT_DBG("chan %p: bad mode 0x%2.2x", chan, pi->mode); | 3671 | BT_DBG("chan %p: bad mode 0x%2.2x", chan, chan->mode); |
3687 | break; | 3672 | break; |
3688 | } | 3673 | } |
3689 | 3674 | ||
@@ -3712,7 +3697,7 @@ static inline int l2cap_conless_channel(struct l2cap_conn *conn, __le16 psm, str | |||
3712 | if (sk->sk_state != BT_BOUND && sk->sk_state != BT_CONNECTED) | 3697 | if (sk->sk_state != BT_BOUND && sk->sk_state != BT_CONNECTED) |
3713 | goto drop; | 3698 | goto drop; |
3714 | 3699 | ||
3715 | if (l2cap_pi(sk)->imtu < skb->len) | 3700 | if (l2cap_pi(sk)->chan->imtu < skb->len) |
3716 | goto drop; | 3701 | goto drop; |
3717 | 3702 | ||
3718 | if (!sock_queue_rcv_skb(sk, skb)) | 3703 | if (!sock_queue_rcv_skb(sk, skb)) |
@@ -3742,7 +3727,7 @@ static inline int l2cap_att_channel(struct l2cap_conn *conn, __le16 cid, struct | |||
3742 | if (sk->sk_state != BT_BOUND && sk->sk_state != BT_CONNECTED) | 3727 | if (sk->sk_state != BT_BOUND && sk->sk_state != BT_CONNECTED) |
3743 | goto drop; | 3728 | goto drop; |
3744 | 3729 | ||
3745 | if (l2cap_pi(sk)->imtu < skb->len) | 3730 | if (l2cap_pi(sk)->chan->imtu < skb->len) |
3746 | goto drop; | 3731 | goto drop; |
3747 | 3732 | ||
3748 | if (!sock_queue_rcv_skb(sk, skb)) | 3733 | if (!sock_queue_rcv_skb(sk, skb)) |
@@ -3812,17 +3797,19 @@ static int l2cap_connect_ind(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type) | |||
3812 | /* Find listening sockets and check their link_mode */ | 3797 | /* Find listening sockets and check their link_mode */ |
3813 | read_lock(&l2cap_sk_list.lock); | 3798 | read_lock(&l2cap_sk_list.lock); |
3814 | sk_for_each(sk, node, &l2cap_sk_list.head) { | 3799 | sk_for_each(sk, node, &l2cap_sk_list.head) { |
3800 | struct l2cap_chan *chan = l2cap_pi(sk)->chan; | ||
3801 | |||
3815 | if (sk->sk_state != BT_LISTEN) | 3802 | if (sk->sk_state != BT_LISTEN) |
3816 | continue; | 3803 | continue; |
3817 | 3804 | ||
3818 | if (!bacmp(&bt_sk(sk)->src, &hdev->bdaddr)) { | 3805 | if (!bacmp(&bt_sk(sk)->src, &hdev->bdaddr)) { |
3819 | lm1 |= HCI_LM_ACCEPT; | 3806 | lm1 |= HCI_LM_ACCEPT; |
3820 | if (l2cap_pi(sk)->role_switch) | 3807 | if (chan->role_switch) |
3821 | lm1 |= HCI_LM_MASTER; | 3808 | lm1 |= HCI_LM_MASTER; |
3822 | exact++; | 3809 | exact++; |
3823 | } else if (!bacmp(&bt_sk(sk)->src, BDADDR_ANY)) { | 3810 | } else if (!bacmp(&bt_sk(sk)->src, BDADDR_ANY)) { |
3824 | lm2 |= HCI_LM_ACCEPT; | 3811 | lm2 |= HCI_LM_ACCEPT; |
3825 | if (l2cap_pi(sk)->role_switch) | 3812 | if (chan->role_switch) |
3826 | lm2 |= HCI_LM_MASTER; | 3813 | lm2 |= HCI_LM_MASTER; |
3827 | } | 3814 | } |
3828 | } | 3815 | } |
@@ -3874,19 +3861,21 @@ static int l2cap_disconn_cfm(struct hci_conn *hcon, u8 reason) | |||
3874 | return 0; | 3861 | return 0; |
3875 | } | 3862 | } |
3876 | 3863 | ||
3877 | static inline void l2cap_check_encryption(struct sock *sk, u8 encrypt) | 3864 | static inline void l2cap_check_encryption(struct l2cap_chan *chan, u8 encrypt) |
3878 | { | 3865 | { |
3866 | struct sock *sk = chan->sk; | ||
3867 | |||
3879 | if (sk->sk_type != SOCK_SEQPACKET && sk->sk_type != SOCK_STREAM) | 3868 | if (sk->sk_type != SOCK_SEQPACKET && sk->sk_type != SOCK_STREAM) |
3880 | return; | 3869 | return; |
3881 | 3870 | ||
3882 | if (encrypt == 0x00) { | 3871 | if (encrypt == 0x00) { |
3883 | if (l2cap_pi(sk)->sec_level == BT_SECURITY_MEDIUM) { | 3872 | if (chan->sec_level == BT_SECURITY_MEDIUM) { |
3884 | l2cap_sock_clear_timer(sk); | 3873 | l2cap_sock_clear_timer(sk); |
3885 | l2cap_sock_set_timer(sk, HZ * 5); | 3874 | l2cap_sock_set_timer(sk, HZ * 5); |
3886 | } else if (l2cap_pi(sk)->sec_level == BT_SECURITY_HIGH) | 3875 | } else if (chan->sec_level == BT_SECURITY_HIGH) |
3887 | __l2cap_sock_close(sk, ECONNREFUSED); | 3876 | __l2cap_sock_close(sk, ECONNREFUSED); |
3888 | } else { | 3877 | } else { |
3889 | if (l2cap_pi(sk)->sec_level == BT_SECURITY_MEDIUM) | 3878 | if (chan->sec_level == BT_SECURITY_MEDIUM) |
3890 | l2cap_sock_clear_timer(sk); | 3879 | l2cap_sock_clear_timer(sk); |
3891 | } | 3880 | } |
3892 | } | 3881 | } |
@@ -3908,14 +3897,14 @@ static int l2cap_security_cfm(struct hci_conn *hcon, u8 status, u8 encrypt) | |||
3908 | 3897 | ||
3909 | bh_lock_sock(sk); | 3898 | bh_lock_sock(sk); |
3910 | 3899 | ||
3911 | if (l2cap_pi(sk)->conf_state & L2CAP_CONF_CONNECT_PEND) { | 3900 | if (chan->conf_state & L2CAP_CONF_CONNECT_PEND) { |
3912 | bh_unlock_sock(sk); | 3901 | bh_unlock_sock(sk); |
3913 | continue; | 3902 | continue; |
3914 | } | 3903 | } |
3915 | 3904 | ||
3916 | if (!status && (sk->sk_state == BT_CONNECTED || | 3905 | if (!status && (sk->sk_state == BT_CONNECTED || |
3917 | sk->sk_state == BT_CONFIG)) { | 3906 | sk->sk_state == BT_CONFIG)) { |
3918 | l2cap_check_encryption(sk, encrypt); | 3907 | l2cap_check_encryption(chan, encrypt); |
3919 | bh_unlock_sock(sk); | 3908 | bh_unlock_sock(sk); |
3920 | continue; | 3909 | continue; |
3921 | } | 3910 | } |
@@ -3923,11 +3912,11 @@ static int l2cap_security_cfm(struct hci_conn *hcon, u8 status, u8 encrypt) | |||
3923 | if (sk->sk_state == BT_CONNECT) { | 3912 | if (sk->sk_state == BT_CONNECT) { |
3924 | if (!status) { | 3913 | if (!status) { |
3925 | struct l2cap_conn_req req; | 3914 | struct l2cap_conn_req req; |
3926 | req.scid = cpu_to_le16(l2cap_pi(sk)->scid); | 3915 | req.scid = cpu_to_le16(chan->scid); |
3927 | req.psm = l2cap_pi(sk)->psm; | 3916 | req.psm = chan->psm; |
3928 | 3917 | ||
3929 | chan->ident = l2cap_get_ident(conn); | 3918 | chan->ident = l2cap_get_ident(conn); |
3930 | l2cap_pi(sk)->conf_state |= L2CAP_CONF_CONNECT_PEND; | 3919 | chan->conf_state |= L2CAP_CONF_CONNECT_PEND; |
3931 | 3920 | ||
3932 | l2cap_send_cmd(conn, chan->ident, | 3921 | l2cap_send_cmd(conn, chan->ident, |
3933 | L2CAP_CONN_REQ, sizeof(req), &req); | 3922 | L2CAP_CONN_REQ, sizeof(req), &req); |
@@ -3948,8 +3937,8 @@ static int l2cap_security_cfm(struct hci_conn *hcon, u8 status, u8 encrypt) | |||
3948 | result = L2CAP_CR_SEC_BLOCK; | 3937 | result = L2CAP_CR_SEC_BLOCK; |
3949 | } | 3938 | } |
3950 | 3939 | ||
3951 | rsp.scid = cpu_to_le16(l2cap_pi(sk)->dcid); | 3940 | rsp.scid = cpu_to_le16(chan->dcid); |
3952 | rsp.dcid = cpu_to_le16(l2cap_pi(sk)->scid); | 3941 | rsp.dcid = cpu_to_le16(chan->scid); |
3953 | rsp.result = cpu_to_le16(result); | 3942 | rsp.result = cpu_to_le16(result); |
3954 | rsp.status = cpu_to_le16(L2CAP_CS_NO_INFO); | 3943 | rsp.status = cpu_to_le16(L2CAP_CS_NO_INFO); |
3955 | l2cap_send_cmd(conn, chan->ident, L2CAP_CONN_RSP, | 3944 | l2cap_send_cmd(conn, chan->ident, L2CAP_CONN_RSP, |
@@ -4021,10 +4010,10 @@ static int l2cap_recv_acldata(struct hci_conn *hcon, struct sk_buff *skb, u16 fl | |||
4021 | if (chan && chan->sk) { | 4010 | if (chan && chan->sk) { |
4022 | struct sock *sk = chan->sk; | 4011 | struct sock *sk = chan->sk; |
4023 | 4012 | ||
4024 | if (l2cap_pi(sk)->imtu < len - L2CAP_HDR_SIZE) { | 4013 | if (chan->imtu < len - L2CAP_HDR_SIZE) { |
4025 | BT_ERR("Frame exceeding recv MTU (len %d, " | 4014 | BT_ERR("Frame exceeding recv MTU (len %d, " |
4026 | "MTU %d)", len, | 4015 | "MTU %d)", len, |
4027 | l2cap_pi(sk)->imtu); | 4016 | chan->imtu); |
4028 | bh_unlock_sock(sk); | 4017 | bh_unlock_sock(sk); |
4029 | l2cap_conn_unreliable(conn, ECOMM); | 4018 | l2cap_conn_unreliable(conn, ECOMM); |
4030 | goto drop; | 4019 | goto drop; |
@@ -4084,14 +4073,15 @@ static int l2cap_debugfs_show(struct seq_file *f, void *p) | |||
4084 | 4073 | ||
4085 | sk_for_each(sk, node, &l2cap_sk_list.head) { | 4074 | sk_for_each(sk, node, &l2cap_sk_list.head) { |
4086 | struct l2cap_pinfo *pi = l2cap_pi(sk); | 4075 | struct l2cap_pinfo *pi = l2cap_pi(sk); |
4076 | struct l2cap_chan *chan = pi->chan; | ||
4087 | 4077 | ||
4088 | seq_printf(f, "%s %s %d %d 0x%4.4x 0x%4.4x %d %d %d %d\n", | 4078 | seq_printf(f, "%s %s %d %d 0x%4.4x 0x%4.4x %d %d %d %d\n", |
4089 | batostr(&bt_sk(sk)->src), | 4079 | batostr(&bt_sk(sk)->src), |
4090 | batostr(&bt_sk(sk)->dst), | 4080 | batostr(&bt_sk(sk)->dst), |
4091 | sk->sk_state, __le16_to_cpu(pi->psm), | 4081 | sk->sk_state, __le16_to_cpu(chan->psm), |
4092 | pi->scid, pi->dcid, | 4082 | chan->scid, chan->dcid, |
4093 | pi->imtu, pi->omtu, pi->sec_level, | 4083 | chan->imtu, chan->omtu, chan->sec_level, |
4094 | pi->mode); | 4084 | chan->mode); |
4095 | } | 4085 | } |
4096 | 4086 | ||
4097 | read_unlock_bh(&l2cap_sk_list.lock); | 4087 | read_unlock_bh(&l2cap_sk_list.lock); |
diff --git a/net/bluetooth/l2cap_sock.c b/net/bluetooth/l2cap_sock.c index 47394a178bd..7c4a9ae9b3c 100644 --- a/net/bluetooth/l2cap_sock.c +++ b/net/bluetooth/l2cap_sock.c | |||
@@ -30,6 +30,8 @@ | |||
30 | #include <net/bluetooth/hci_core.h> | 30 | #include <net/bluetooth/hci_core.h> |
31 | #include <net/bluetooth/l2cap.h> | 31 | #include <net/bluetooth/l2cap.h> |
32 | 32 | ||
33 | static const struct proto_ops l2cap_sock_ops; | ||
34 | |||
33 | /* ---- L2CAP timers ---- */ | 35 | /* ---- L2CAP timers ---- */ |
34 | static void l2cap_sock_timeout(unsigned long arg) | 36 | static void l2cap_sock_timeout(unsigned long arg) |
35 | { | 37 | { |
@@ -51,7 +53,7 @@ static void l2cap_sock_timeout(unsigned long arg) | |||
51 | if (sk->sk_state == BT_CONNECTED || sk->sk_state == BT_CONFIG) | 53 | if (sk->sk_state == BT_CONNECTED || sk->sk_state == BT_CONFIG) |
52 | reason = ECONNREFUSED; | 54 | reason = ECONNREFUSED; |
53 | else if (sk->sk_state == BT_CONNECT && | 55 | else if (sk->sk_state == BT_CONNECT && |
54 | l2cap_pi(sk)->sec_level != BT_SECURITY_SDP) | 56 | l2cap_pi(sk)->chan->sec_level != BT_SECURITY_SDP) |
55 | reason = ECONNREFUSED; | 57 | reason = ECONNREFUSED; |
56 | else | 58 | else |
57 | reason = ETIMEDOUT; | 59 | reason = ETIMEDOUT; |
@@ -80,9 +82,13 @@ static struct sock *__l2cap_get_sock_by_addr(__le16 psm, bdaddr_t *src) | |||
80 | { | 82 | { |
81 | struct sock *sk; | 83 | struct sock *sk; |
82 | struct hlist_node *node; | 84 | struct hlist_node *node; |
83 | sk_for_each(sk, node, &l2cap_sk_list.head) | 85 | sk_for_each(sk, node, &l2cap_sk_list.head) { |
84 | if (l2cap_pi(sk)->sport == psm && !bacmp(&bt_sk(sk)->src, src)) | 86 | struct l2cap_chan *chan = l2cap_pi(sk)->chan; |
87 | |||
88 | if (chan->sport == psm && !bacmp(&bt_sk(sk)->src, src)) | ||
85 | goto found; | 89 | goto found; |
90 | } | ||
91 | |||
86 | sk = NULL; | 92 | sk = NULL; |
87 | found: | 93 | found: |
88 | return sk; | 94 | return sk; |
@@ -91,6 +97,7 @@ found: | |||
91 | static int l2cap_sock_bind(struct socket *sock, struct sockaddr *addr, int alen) | 97 | static int l2cap_sock_bind(struct socket *sock, struct sockaddr *addr, int alen) |
92 | { | 98 | { |
93 | struct sock *sk = sock->sk; | 99 | struct sock *sk = sock->sk; |
100 | struct l2cap_chan *chan = l2cap_pi(sk)->chan; | ||
94 | struct sockaddr_l2 la; | 101 | struct sockaddr_l2 la; |
95 | int len, err = 0; | 102 | int len, err = 0; |
96 | 103 | ||
@@ -136,17 +143,17 @@ static int l2cap_sock_bind(struct socket *sock, struct sockaddr *addr, int alen) | |||
136 | } else { | 143 | } else { |
137 | /* Save source address */ | 144 | /* Save source address */ |
138 | bacpy(&bt_sk(sk)->src, &la.l2_bdaddr); | 145 | bacpy(&bt_sk(sk)->src, &la.l2_bdaddr); |
139 | l2cap_pi(sk)->psm = la.l2_psm; | 146 | chan->psm = la.l2_psm; |
140 | l2cap_pi(sk)->sport = la.l2_psm; | 147 | chan->sport = la.l2_psm; |
141 | sk->sk_state = BT_BOUND; | 148 | sk->sk_state = BT_BOUND; |
142 | 149 | ||
143 | if (__le16_to_cpu(la.l2_psm) == 0x0001 || | 150 | if (__le16_to_cpu(la.l2_psm) == 0x0001 || |
144 | __le16_to_cpu(la.l2_psm) == 0x0003) | 151 | __le16_to_cpu(la.l2_psm) == 0x0003) |
145 | l2cap_pi(sk)->sec_level = BT_SECURITY_SDP; | 152 | chan->sec_level = BT_SECURITY_SDP; |
146 | } | 153 | } |
147 | 154 | ||
148 | if (la.l2_cid) | 155 | if (la.l2_cid) |
149 | l2cap_pi(sk)->scid = la.l2_cid; | 156 | chan->scid = la.l2_cid; |
150 | 157 | ||
151 | write_unlock_bh(&l2cap_sk_list.lock); | 158 | write_unlock_bh(&l2cap_sk_list.lock); |
152 | 159 | ||
@@ -158,6 +165,7 @@ done: | |||
158 | static int l2cap_sock_connect(struct socket *sock, struct sockaddr *addr, int alen, int flags) | 165 | static int l2cap_sock_connect(struct socket *sock, struct sockaddr *addr, int alen, int flags) |
159 | { | 166 | { |
160 | struct sock *sk = sock->sk; | 167 | struct sock *sk = sock->sk; |
168 | struct l2cap_chan *chan = l2cap_pi(sk)->chan; | ||
161 | struct sockaddr_l2 la; | 169 | struct sockaddr_l2 la; |
162 | int len, err = 0; | 170 | int len, err = 0; |
163 | 171 | ||
@@ -182,7 +190,7 @@ static int l2cap_sock_connect(struct socket *sock, struct sockaddr *addr, int al | |||
182 | goto done; | 190 | goto done; |
183 | } | 191 | } |
184 | 192 | ||
185 | switch (l2cap_pi(sk)->mode) { | 193 | switch (chan->mode) { |
186 | case L2CAP_MODE_BASIC: | 194 | case L2CAP_MODE_BASIC: |
187 | break; | 195 | break; |
188 | case L2CAP_MODE_ERTM: | 196 | case L2CAP_MODE_ERTM: |
@@ -226,10 +234,10 @@ static int l2cap_sock_connect(struct socket *sock, struct sockaddr *addr, int al | |||
226 | 234 | ||
227 | /* Set destination address and psm */ | 235 | /* Set destination address and psm */ |
228 | bacpy(&bt_sk(sk)->dst, &la.l2_bdaddr); | 236 | bacpy(&bt_sk(sk)->dst, &la.l2_bdaddr); |
229 | l2cap_pi(sk)->psm = la.l2_psm; | 237 | chan->psm = la.l2_psm; |
230 | l2cap_pi(sk)->dcid = la.l2_cid; | 238 | chan->dcid = la.l2_cid; |
231 | 239 | ||
232 | err = l2cap_do_connect(sk); | 240 | err = l2cap_chan_connect(l2cap_pi(sk)->chan); |
233 | if (err) | 241 | if (err) |
234 | goto done; | 242 | goto done; |
235 | 243 | ||
@@ -244,6 +252,7 @@ done: | |||
244 | static int l2cap_sock_listen(struct socket *sock, int backlog) | 252 | static int l2cap_sock_listen(struct socket *sock, int backlog) |
245 | { | 253 | { |
246 | struct sock *sk = sock->sk; | 254 | struct sock *sk = sock->sk; |
255 | struct l2cap_chan *chan = l2cap_pi(sk)->chan; | ||
247 | int err = 0; | 256 | int err = 0; |
248 | 257 | ||
249 | BT_DBG("sk %p backlog %d", sk, backlog); | 258 | BT_DBG("sk %p backlog %d", sk, backlog); |
@@ -256,7 +265,7 @@ static int l2cap_sock_listen(struct socket *sock, int backlog) | |||
256 | goto done; | 265 | goto done; |
257 | } | 266 | } |
258 | 267 | ||
259 | switch (l2cap_pi(sk)->mode) { | 268 | switch (chan->mode) { |
260 | case L2CAP_MODE_BASIC: | 269 | case L2CAP_MODE_BASIC: |
261 | break; | 270 | break; |
262 | case L2CAP_MODE_ERTM: | 271 | case L2CAP_MODE_ERTM: |
@@ -269,7 +278,7 @@ static int l2cap_sock_listen(struct socket *sock, int backlog) | |||
269 | goto done; | 278 | goto done; |
270 | } | 279 | } |
271 | 280 | ||
272 | if (!l2cap_pi(sk)->psm && !l2cap_pi(sk)->scid) { | 281 | if (!chan->psm && !chan->scid) { |
273 | bdaddr_t *src = &bt_sk(sk)->src; | 282 | bdaddr_t *src = &bt_sk(sk)->src; |
274 | u16 psm; | 283 | u16 psm; |
275 | 284 | ||
@@ -279,8 +288,8 @@ static int l2cap_sock_listen(struct socket *sock, int backlog) | |||
279 | 288 | ||
280 | for (psm = 0x1001; psm < 0x1100; psm += 2) | 289 | for (psm = 0x1001; psm < 0x1100; psm += 2) |
281 | if (!__l2cap_get_sock_by_addr(cpu_to_le16(psm), src)) { | 290 | if (!__l2cap_get_sock_by_addr(cpu_to_le16(psm), src)) { |
282 | l2cap_pi(sk)->psm = cpu_to_le16(psm); | 291 | chan->psm = cpu_to_le16(psm); |
283 | l2cap_pi(sk)->sport = cpu_to_le16(psm); | 292 | chan->sport = cpu_to_le16(psm); |
284 | err = 0; | 293 | err = 0; |
285 | break; | 294 | break; |
286 | } | 295 | } |
@@ -360,6 +369,7 @@ static int l2cap_sock_getname(struct socket *sock, struct sockaddr *addr, int *l | |||
360 | { | 369 | { |
361 | struct sockaddr_l2 *la = (struct sockaddr_l2 *) addr; | 370 | struct sockaddr_l2 *la = (struct sockaddr_l2 *) addr; |
362 | struct sock *sk = sock->sk; | 371 | struct sock *sk = sock->sk; |
372 | struct l2cap_chan *chan = l2cap_pi(sk)->chan; | ||
363 | 373 | ||
364 | BT_DBG("sock %p, sk %p", sock, sk); | 374 | BT_DBG("sock %p, sk %p", sock, sk); |
365 | 375 | ||
@@ -367,13 +377,13 @@ static int l2cap_sock_getname(struct socket *sock, struct sockaddr *addr, int *l | |||
367 | *len = sizeof(struct sockaddr_l2); | 377 | *len = sizeof(struct sockaddr_l2); |
368 | 378 | ||
369 | if (peer) { | 379 | if (peer) { |
370 | la->l2_psm = l2cap_pi(sk)->psm; | 380 | la->l2_psm = chan->psm; |
371 | bacpy(&la->l2_bdaddr, &bt_sk(sk)->dst); | 381 | bacpy(&la->l2_bdaddr, &bt_sk(sk)->dst); |
372 | la->l2_cid = cpu_to_le16(l2cap_pi(sk)->dcid); | 382 | la->l2_cid = cpu_to_le16(chan->dcid); |
373 | } else { | 383 | } else { |
374 | la->l2_psm = l2cap_pi(sk)->sport; | 384 | la->l2_psm = chan->sport; |
375 | bacpy(&la->l2_bdaddr, &bt_sk(sk)->src); | 385 | bacpy(&la->l2_bdaddr, &bt_sk(sk)->src); |
376 | la->l2_cid = cpu_to_le16(l2cap_pi(sk)->scid); | 386 | la->l2_cid = cpu_to_le16(chan->scid); |
377 | } | 387 | } |
378 | 388 | ||
379 | return 0; | 389 | return 0; |
@@ -382,6 +392,7 @@ static int l2cap_sock_getname(struct socket *sock, struct sockaddr *addr, int *l | |||
382 | static int l2cap_sock_getsockopt_old(struct socket *sock, int optname, char __user *optval, int __user *optlen) | 392 | static int l2cap_sock_getsockopt_old(struct socket *sock, int optname, char __user *optval, int __user *optlen) |
383 | { | 393 | { |
384 | struct sock *sk = sock->sk; | 394 | struct sock *sk = sock->sk; |
395 | struct l2cap_chan *chan = l2cap_pi(sk)->chan; | ||
385 | struct l2cap_options opts; | 396 | struct l2cap_options opts; |
386 | struct l2cap_conninfo cinfo; | 397 | struct l2cap_conninfo cinfo; |
387 | int len, err = 0; | 398 | int len, err = 0; |
@@ -397,13 +408,13 @@ static int l2cap_sock_getsockopt_old(struct socket *sock, int optname, char __us | |||
397 | switch (optname) { | 408 | switch (optname) { |
398 | case L2CAP_OPTIONS: | 409 | case L2CAP_OPTIONS: |
399 | memset(&opts, 0, sizeof(opts)); | 410 | memset(&opts, 0, sizeof(opts)); |
400 | opts.imtu = l2cap_pi(sk)->imtu; | 411 | opts.imtu = chan->imtu; |
401 | opts.omtu = l2cap_pi(sk)->omtu; | 412 | opts.omtu = chan->omtu; |
402 | opts.flush_to = l2cap_pi(sk)->flush_to; | 413 | opts.flush_to = chan->flush_to; |
403 | opts.mode = l2cap_pi(sk)->mode; | 414 | opts.mode = chan->mode; |
404 | opts.fcs = l2cap_pi(sk)->fcs; | 415 | opts.fcs = chan->fcs; |
405 | opts.max_tx = l2cap_pi(sk)->max_tx; | 416 | opts.max_tx = chan->max_tx; |
406 | opts.txwin_size = (__u16)l2cap_pi(sk)->tx_win; | 417 | opts.txwin_size = (__u16)chan->tx_win; |
407 | 418 | ||
408 | len = min_t(unsigned int, len, sizeof(opts)); | 419 | len = min_t(unsigned int, len, sizeof(opts)); |
409 | if (copy_to_user(optval, (char *) &opts, len)) | 420 | if (copy_to_user(optval, (char *) &opts, len)) |
@@ -412,7 +423,7 @@ static int l2cap_sock_getsockopt_old(struct socket *sock, int optname, char __us | |||
412 | break; | 423 | break; |
413 | 424 | ||
414 | case L2CAP_LM: | 425 | case L2CAP_LM: |
415 | switch (l2cap_pi(sk)->sec_level) { | 426 | switch (chan->sec_level) { |
416 | case BT_SECURITY_LOW: | 427 | case BT_SECURITY_LOW: |
417 | opt = L2CAP_LM_AUTH; | 428 | opt = L2CAP_LM_AUTH; |
418 | break; | 429 | break; |
@@ -428,10 +439,10 @@ static int l2cap_sock_getsockopt_old(struct socket *sock, int optname, char __us | |||
428 | break; | 439 | break; |
429 | } | 440 | } |
430 | 441 | ||
431 | if (l2cap_pi(sk)->role_switch) | 442 | if (chan->role_switch) |
432 | opt |= L2CAP_LM_MASTER; | 443 | opt |= L2CAP_LM_MASTER; |
433 | 444 | ||
434 | if (l2cap_pi(sk)->force_reliable) | 445 | if (chan->force_reliable) |
435 | opt |= L2CAP_LM_RELIABLE; | 446 | opt |= L2CAP_LM_RELIABLE; |
436 | 447 | ||
437 | if (put_user(opt, (u32 __user *) optval)) | 448 | if (put_user(opt, (u32 __user *) optval)) |
@@ -446,8 +457,8 @@ static int l2cap_sock_getsockopt_old(struct socket *sock, int optname, char __us | |||
446 | break; | 457 | break; |
447 | } | 458 | } |
448 | 459 | ||
449 | cinfo.hci_handle = l2cap_pi(sk)->conn->hcon->handle; | 460 | cinfo.hci_handle = chan->conn->hcon->handle; |
450 | memcpy(cinfo.dev_class, l2cap_pi(sk)->conn->hcon->dev_class, 3); | 461 | memcpy(cinfo.dev_class, chan->conn->hcon->dev_class, 3); |
451 | 462 | ||
452 | len = min_t(unsigned int, len, sizeof(cinfo)); | 463 | len = min_t(unsigned int, len, sizeof(cinfo)); |
453 | if (copy_to_user(optval, (char *) &cinfo, len)) | 464 | if (copy_to_user(optval, (char *) &cinfo, len)) |
@@ -467,6 +478,7 @@ static int l2cap_sock_getsockopt_old(struct socket *sock, int optname, char __us | |||
467 | static int l2cap_sock_getsockopt(struct socket *sock, int level, int optname, char __user *optval, int __user *optlen) | 478 | static int l2cap_sock_getsockopt(struct socket *sock, int level, int optname, char __user *optval, int __user *optlen) |
468 | { | 479 | { |
469 | struct sock *sk = sock->sk; | 480 | struct sock *sk = sock->sk; |
481 | struct l2cap_chan *chan = l2cap_pi(sk)->chan; | ||
470 | struct bt_security sec; | 482 | struct bt_security sec; |
471 | int len, err = 0; | 483 | int len, err = 0; |
472 | 484 | ||
@@ -491,7 +503,7 @@ static int l2cap_sock_getsockopt(struct socket *sock, int level, int optname, ch | |||
491 | break; | 503 | break; |
492 | } | 504 | } |
493 | 505 | ||
494 | sec.level = l2cap_pi(sk)->sec_level; | 506 | sec.level = chan->sec_level; |
495 | 507 | ||
496 | len = min_t(unsigned int, len, sizeof(sec)); | 508 | len = min_t(unsigned int, len, sizeof(sec)); |
497 | if (copy_to_user(optval, (char *) &sec, len)) | 509 | if (copy_to_user(optval, (char *) &sec, len)) |
@@ -511,7 +523,7 @@ static int l2cap_sock_getsockopt(struct socket *sock, int level, int optname, ch | |||
511 | break; | 523 | break; |
512 | 524 | ||
513 | case BT_FLUSHABLE: | 525 | case BT_FLUSHABLE: |
514 | if (put_user(l2cap_pi(sk)->flushable, (u32 __user *) optval)) | 526 | if (put_user(chan->flushable, (u32 __user *) optval)) |
515 | err = -EFAULT; | 527 | err = -EFAULT; |
516 | 528 | ||
517 | break; | 529 | break; |
@@ -528,6 +540,7 @@ static int l2cap_sock_getsockopt(struct socket *sock, int level, int optname, ch | |||
528 | static int l2cap_sock_setsockopt_old(struct socket *sock, int optname, char __user *optval, unsigned int optlen) | 540 | static int l2cap_sock_setsockopt_old(struct socket *sock, int optname, char __user *optval, unsigned int optlen) |
529 | { | 541 | { |
530 | struct sock *sk = sock->sk; | 542 | struct sock *sk = sock->sk; |
543 | struct l2cap_chan *chan = l2cap_pi(sk)->chan; | ||
531 | struct l2cap_options opts; | 544 | struct l2cap_options opts; |
532 | int len, err = 0; | 545 | int len, err = 0; |
533 | u32 opt; | 546 | u32 opt; |
@@ -543,13 +556,13 @@ static int l2cap_sock_setsockopt_old(struct socket *sock, int optname, char __us | |||
543 | break; | 556 | break; |
544 | } | 557 | } |
545 | 558 | ||
546 | opts.imtu = l2cap_pi(sk)->imtu; | 559 | opts.imtu = chan->imtu; |
547 | opts.omtu = l2cap_pi(sk)->omtu; | 560 | opts.omtu = chan->omtu; |
548 | opts.flush_to = l2cap_pi(sk)->flush_to; | 561 | opts.flush_to = chan->flush_to; |
549 | opts.mode = l2cap_pi(sk)->mode; | 562 | opts.mode = chan->mode; |
550 | opts.fcs = l2cap_pi(sk)->fcs; | 563 | opts.fcs = chan->fcs; |
551 | opts.max_tx = l2cap_pi(sk)->max_tx; | 564 | opts.max_tx = chan->max_tx; |
552 | opts.txwin_size = (__u16)l2cap_pi(sk)->tx_win; | 565 | opts.txwin_size = (__u16)chan->tx_win; |
553 | 566 | ||
554 | len = min_t(unsigned int, sizeof(opts), optlen); | 567 | len = min_t(unsigned int, sizeof(opts), optlen); |
555 | if (copy_from_user((char *) &opts, optval, len)) { | 568 | if (copy_from_user((char *) &opts, optval, len)) { |
@@ -562,10 +575,10 @@ static int l2cap_sock_setsockopt_old(struct socket *sock, int optname, char __us | |||
562 | break; | 575 | break; |
563 | } | 576 | } |
564 | 577 | ||
565 | l2cap_pi(sk)->mode = opts.mode; | 578 | chan->mode = opts.mode; |
566 | switch (l2cap_pi(sk)->mode) { | 579 | switch (chan->mode) { |
567 | case L2CAP_MODE_BASIC: | 580 | case L2CAP_MODE_BASIC: |
568 | l2cap_pi(sk)->conf_state &= ~L2CAP_CONF_STATE2_DEVICE; | 581 | chan->conf_state &= ~L2CAP_CONF_STATE2_DEVICE; |
569 | break; | 582 | break; |
570 | case L2CAP_MODE_ERTM: | 583 | case L2CAP_MODE_ERTM: |
571 | case L2CAP_MODE_STREAMING: | 584 | case L2CAP_MODE_STREAMING: |
@@ -577,11 +590,11 @@ static int l2cap_sock_setsockopt_old(struct socket *sock, int optname, char __us | |||
577 | break; | 590 | break; |
578 | } | 591 | } |
579 | 592 | ||
580 | l2cap_pi(sk)->imtu = opts.imtu; | 593 | chan->imtu = opts.imtu; |
581 | l2cap_pi(sk)->omtu = opts.omtu; | 594 | chan->omtu = opts.omtu; |
582 | l2cap_pi(sk)->fcs = opts.fcs; | 595 | chan->fcs = opts.fcs; |
583 | l2cap_pi(sk)->max_tx = opts.max_tx; | 596 | chan->max_tx = opts.max_tx; |
584 | l2cap_pi(sk)->tx_win = (__u8)opts.txwin_size; | 597 | chan->tx_win = (__u8)opts.txwin_size; |
585 | break; | 598 | break; |
586 | 599 | ||
587 | case L2CAP_LM: | 600 | case L2CAP_LM: |
@@ -591,14 +604,14 @@ static int l2cap_sock_setsockopt_old(struct socket *sock, int optname, char __us | |||
591 | } | 604 | } |
592 | 605 | ||
593 | if (opt & L2CAP_LM_AUTH) | 606 | if (opt & L2CAP_LM_AUTH) |
594 | l2cap_pi(sk)->sec_level = BT_SECURITY_LOW; | 607 | chan->sec_level = BT_SECURITY_LOW; |
595 | if (opt & L2CAP_LM_ENCRYPT) | 608 | if (opt & L2CAP_LM_ENCRYPT) |
596 | l2cap_pi(sk)->sec_level = BT_SECURITY_MEDIUM; | 609 | chan->sec_level = BT_SECURITY_MEDIUM; |
597 | if (opt & L2CAP_LM_SECURE) | 610 | if (opt & L2CAP_LM_SECURE) |
598 | l2cap_pi(sk)->sec_level = BT_SECURITY_HIGH; | 611 | chan->sec_level = BT_SECURITY_HIGH; |
599 | 612 | ||
600 | l2cap_pi(sk)->role_switch = (opt & L2CAP_LM_MASTER); | 613 | chan->role_switch = (opt & L2CAP_LM_MASTER); |
601 | l2cap_pi(sk)->force_reliable = (opt & L2CAP_LM_RELIABLE); | 614 | chan->force_reliable = (opt & L2CAP_LM_RELIABLE); |
602 | break; | 615 | break; |
603 | 616 | ||
604 | default: | 617 | default: |
@@ -613,6 +626,7 @@ static int l2cap_sock_setsockopt_old(struct socket *sock, int optname, char __us | |||
613 | static int l2cap_sock_setsockopt(struct socket *sock, int level, int optname, char __user *optval, unsigned int optlen) | 626 | static int l2cap_sock_setsockopt(struct socket *sock, int level, int optname, char __user *optval, unsigned int optlen) |
614 | { | 627 | { |
615 | struct sock *sk = sock->sk; | 628 | struct sock *sk = sock->sk; |
629 | struct l2cap_chan *chan = l2cap_pi(sk)->chan; | ||
616 | struct bt_security sec; | 630 | struct bt_security sec; |
617 | int len, err = 0; | 631 | int len, err = 0; |
618 | u32 opt; | 632 | u32 opt; |
@@ -649,7 +663,7 @@ static int l2cap_sock_setsockopt(struct socket *sock, int level, int optname, ch | |||
649 | break; | 663 | break; |
650 | } | 664 | } |
651 | 665 | ||
652 | l2cap_pi(sk)->sec_level = sec.level; | 666 | chan->sec_level = sec.level; |
653 | break; | 667 | break; |
654 | 668 | ||
655 | case BT_DEFER_SETUP: | 669 | case BT_DEFER_SETUP: |
@@ -678,7 +692,7 @@ static int l2cap_sock_setsockopt(struct socket *sock, int level, int optname, ch | |||
678 | } | 692 | } |
679 | 693 | ||
680 | if (opt == BT_FLUSHABLE_OFF) { | 694 | if (opt == BT_FLUSHABLE_OFF) { |
681 | struct l2cap_conn *conn = l2cap_pi(sk)->conn; | 695 | struct l2cap_conn *conn = chan->conn; |
682 | /* proceed further only when we have l2cap_conn and | 696 | /* proceed further only when we have l2cap_conn and |
683 | No Flush support in the LM */ | 697 | No Flush support in the LM */ |
684 | if (!conn || !lmp_no_flush_capable(conn->hcon->hdev)) { | 698 | if (!conn || !lmp_no_flush_capable(conn->hcon->hdev)) { |
@@ -687,7 +701,7 @@ static int l2cap_sock_setsockopt(struct socket *sock, int level, int optname, ch | |||
687 | } | 701 | } |
688 | } | 702 | } |
689 | 703 | ||
690 | l2cap_pi(sk)->flushable = opt; | 704 | chan->flushable = opt; |
691 | break; | 705 | break; |
692 | 706 | ||
693 | default: | 707 | default: |
@@ -702,7 +716,7 @@ static int l2cap_sock_setsockopt(struct socket *sock, int level, int optname, ch | |||
702 | static int l2cap_sock_sendmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *msg, size_t len) | 716 | static int l2cap_sock_sendmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *msg, size_t len) |
703 | { | 717 | { |
704 | struct sock *sk = sock->sk; | 718 | struct sock *sk = sock->sk; |
705 | struct l2cap_pinfo *pi = l2cap_pi(sk); | 719 | struct l2cap_chan *chan = l2cap_pi(sk)->chan; |
706 | struct sk_buff *skb; | 720 | struct sk_buff *skb; |
707 | u16 control; | 721 | u16 control; |
708 | int err; | 722 | int err; |
@@ -725,76 +739,77 @@ static int l2cap_sock_sendmsg(struct kiocb *iocb, struct socket *sock, struct ms | |||
725 | 739 | ||
726 | /* Connectionless channel */ | 740 | /* Connectionless channel */ |
727 | if (sk->sk_type == SOCK_DGRAM) { | 741 | if (sk->sk_type == SOCK_DGRAM) { |
728 | skb = l2cap_create_connless_pdu(sk, msg, len); | 742 | skb = l2cap_create_connless_pdu(chan, msg, len); |
729 | if (IS_ERR(skb)) { | 743 | if (IS_ERR(skb)) { |
730 | err = PTR_ERR(skb); | 744 | err = PTR_ERR(skb); |
731 | } else { | 745 | } else { |
732 | l2cap_do_send(sk, skb); | 746 | l2cap_do_send(chan, skb); |
733 | err = len; | 747 | err = len; |
734 | } | 748 | } |
735 | goto done; | 749 | goto done; |
736 | } | 750 | } |
737 | 751 | ||
738 | switch (pi->mode) { | 752 | switch (chan->mode) { |
739 | case L2CAP_MODE_BASIC: | 753 | case L2CAP_MODE_BASIC: |
740 | /* Check outgoing MTU */ | 754 | /* Check outgoing MTU */ |
741 | if (len > pi->omtu) { | 755 | if (len > chan->omtu) { |
742 | err = -EMSGSIZE; | 756 | err = -EMSGSIZE; |
743 | goto done; | 757 | goto done; |
744 | } | 758 | } |
745 | 759 | ||
746 | /* Create a basic PDU */ | 760 | /* Create a basic PDU */ |
747 | skb = l2cap_create_basic_pdu(sk, msg, len); | 761 | skb = l2cap_create_basic_pdu(chan, msg, len); |
748 | if (IS_ERR(skb)) { | 762 | if (IS_ERR(skb)) { |
749 | err = PTR_ERR(skb); | 763 | err = PTR_ERR(skb); |
750 | goto done; | 764 | goto done; |
751 | } | 765 | } |
752 | 766 | ||
753 | l2cap_do_send(sk, skb); | 767 | l2cap_do_send(chan, skb); |
754 | err = len; | 768 | err = len; |
755 | break; | 769 | break; |
756 | 770 | ||
757 | case L2CAP_MODE_ERTM: | 771 | case L2CAP_MODE_ERTM: |
758 | case L2CAP_MODE_STREAMING: | 772 | case L2CAP_MODE_STREAMING: |
759 | /* Entire SDU fits into one PDU */ | 773 | /* Entire SDU fits into one PDU */ |
760 | if (len <= pi->chan->remote_mps) { | 774 | if (len <= chan->remote_mps) { |
761 | control = L2CAP_SDU_UNSEGMENTED; | 775 | control = L2CAP_SDU_UNSEGMENTED; |
762 | skb = l2cap_create_iframe_pdu(sk, msg, len, control, 0); | 776 | skb = l2cap_create_iframe_pdu(chan, msg, len, control, |
777 | 0); | ||
763 | if (IS_ERR(skb)) { | 778 | if (IS_ERR(skb)) { |
764 | err = PTR_ERR(skb); | 779 | err = PTR_ERR(skb); |
765 | goto done; | 780 | goto done; |
766 | } | 781 | } |
767 | __skb_queue_tail(&pi->chan->tx_q, skb); | 782 | __skb_queue_tail(&chan->tx_q, skb); |
768 | 783 | ||
769 | if (pi->chan->tx_send_head == NULL) | 784 | if (chan->tx_send_head == NULL) |
770 | pi->chan->tx_send_head = skb; | 785 | chan->tx_send_head = skb; |
771 | 786 | ||
772 | } else { | 787 | } else { |
773 | /* Segment SDU into multiples PDUs */ | 788 | /* Segment SDU into multiples PDUs */ |
774 | err = l2cap_sar_segment_sdu(pi->chan, msg, len); | 789 | err = l2cap_sar_segment_sdu(chan, msg, len); |
775 | if (err < 0) | 790 | if (err < 0) |
776 | goto done; | 791 | goto done; |
777 | } | 792 | } |
778 | 793 | ||
779 | if (pi->mode == L2CAP_MODE_STREAMING) { | 794 | if (chan->mode == L2CAP_MODE_STREAMING) { |
780 | l2cap_streaming_send(pi->chan); | 795 | l2cap_streaming_send(chan); |
781 | err = len; | 796 | err = len; |
782 | break; | 797 | break; |
783 | } | 798 | } |
784 | 799 | ||
785 | if ((pi->chan->conn_state & L2CAP_CONN_REMOTE_BUSY) && | 800 | if ((chan->conn_state & L2CAP_CONN_REMOTE_BUSY) && |
786 | (pi->chan->conn_state & L2CAP_CONN_WAIT_F)) { | 801 | (chan->conn_state & L2CAP_CONN_WAIT_F)) { |
787 | err = len; | 802 | err = len; |
788 | break; | 803 | break; |
789 | } | 804 | } |
790 | err = l2cap_ertm_send(pi->chan); | 805 | err = l2cap_ertm_send(chan); |
791 | 806 | ||
792 | if (err >= 0) | 807 | if (err >= 0) |
793 | err = len; | 808 | err = len; |
794 | break; | 809 | break; |
795 | 810 | ||
796 | default: | 811 | default: |
797 | BT_DBG("bad state %1.1x", pi->mode); | 812 | BT_DBG("bad state %1.1x", chan->mode); |
798 | err = -EBADFD; | 813 | err = -EBADFD; |
799 | } | 814 | } |
800 | 815 | ||
@@ -810,7 +825,9 @@ static int l2cap_sock_recvmsg(struct kiocb *iocb, struct socket *sock, struct ms | |||
810 | lock_sock(sk); | 825 | lock_sock(sk); |
811 | 826 | ||
812 | if (sk->sk_state == BT_CONNECT2 && bt_sk(sk)->defer_setup) { | 827 | if (sk->sk_state == BT_CONNECT2 && bt_sk(sk)->defer_setup) { |
813 | __l2cap_connect_rsp_defer(sk); | 828 | sk->sk_state = BT_CONFIG; |
829 | |||
830 | __l2cap_connect_rsp_defer(l2cap_pi(sk)->chan); | ||
814 | release_sock(sk); | 831 | release_sock(sk); |
815 | return 0; | 832 | return 0; |
816 | } | 833 | } |
@@ -834,6 +851,8 @@ void l2cap_sock_kill(struct sock *sk) | |||
834 | BT_DBG("sk %p state %d", sk, sk->sk_state); | 851 | BT_DBG("sk %p state %d", sk, sk->sk_state); |
835 | 852 | ||
836 | /* Kill poor orphan */ | 853 | /* Kill poor orphan */ |
854 | |||
855 | l2cap_chan_free(l2cap_pi(sk)->chan); | ||
837 | bt_sock_unlink(&l2cap_sk_list, sk); | 856 | bt_sock_unlink(&l2cap_sk_list, sk); |
838 | sock_set_flag(sk, SOCK_DEAD); | 857 | sock_set_flag(sk, SOCK_DEAD); |
839 | sock_put(sk); | 858 | sock_put(sk); |
@@ -865,8 +884,8 @@ static void l2cap_sock_cleanup_listen(struct sock *parent) | |||
865 | 884 | ||
866 | void __l2cap_sock_close(struct sock *sk, int reason) | 885 | void __l2cap_sock_close(struct sock *sk, int reason) |
867 | { | 886 | { |
868 | struct l2cap_conn *conn = l2cap_pi(sk)->conn; | ||
869 | struct l2cap_chan *chan = l2cap_pi(sk)->chan; | 887 | struct l2cap_chan *chan = l2cap_pi(sk)->chan; |
888 | struct l2cap_conn *conn = chan->conn; | ||
870 | 889 | ||
871 | BT_DBG("sk %p state %d socket %p", sk, sk->sk_state, sk->sk_socket); | 890 | BT_DBG("sk %p state %d socket %p", sk, sk->sk_state, sk->sk_socket); |
872 | 891 | ||
@@ -898,8 +917,8 @@ void __l2cap_sock_close(struct sock *sk, int reason) | |||
898 | else | 917 | else |
899 | result = L2CAP_CR_BAD_PSM; | 918 | result = L2CAP_CR_BAD_PSM; |
900 | 919 | ||
901 | rsp.scid = cpu_to_le16(l2cap_pi(sk)->dcid); | 920 | rsp.scid = cpu_to_le16(chan->dcid); |
902 | rsp.dcid = cpu_to_le16(l2cap_pi(sk)->scid); | 921 | rsp.dcid = cpu_to_le16(chan->scid); |
903 | rsp.result = cpu_to_le16(result); | 922 | rsp.result = cpu_to_le16(result); |
904 | rsp.status = cpu_to_le16(L2CAP_CS_NO_INFO); | 923 | rsp.status = cpu_to_le16(L2CAP_CS_NO_INFO); |
905 | l2cap_send_cmd(conn, chan->ident, L2CAP_CONN_RSP, | 924 | l2cap_send_cmd(conn, chan->ident, L2CAP_CONN_RSP, |
@@ -923,6 +942,7 @@ void __l2cap_sock_close(struct sock *sk, int reason) | |||
923 | static int l2cap_sock_shutdown(struct socket *sock, int how) | 942 | static int l2cap_sock_shutdown(struct socket *sock, int how) |
924 | { | 943 | { |
925 | struct sock *sk = sock->sk; | 944 | struct sock *sk = sock->sk; |
945 | struct l2cap_chan *chan = l2cap_pi(sk)->chan; | ||
926 | int err = 0; | 946 | int err = 0; |
927 | 947 | ||
928 | BT_DBG("sock %p, sk %p", sock, sk); | 948 | BT_DBG("sock %p, sk %p", sock, sk); |
@@ -932,7 +952,7 @@ static int l2cap_sock_shutdown(struct socket *sock, int how) | |||
932 | 952 | ||
933 | lock_sock(sk); | 953 | lock_sock(sk); |
934 | if (!sk->sk_shutdown) { | 954 | if (!sk->sk_shutdown) { |
935 | if (l2cap_pi(sk)->mode == L2CAP_MODE_ERTM) | 955 | if (chan->mode == L2CAP_MODE_ERTM) |
936 | err = __l2cap_wait_ack(sk); | 956 | err = __l2cap_wait_ack(sk); |
937 | 957 | ||
938 | sk->sk_shutdown = SHUTDOWN_MASK; | 958 | sk->sk_shutdown = SHUTDOWN_MASK; |
@@ -979,44 +999,47 @@ static void l2cap_sock_destruct(struct sock *sk) | |||
979 | void l2cap_sock_init(struct sock *sk, struct sock *parent) | 999 | void l2cap_sock_init(struct sock *sk, struct sock *parent) |
980 | { | 1000 | { |
981 | struct l2cap_pinfo *pi = l2cap_pi(sk); | 1001 | struct l2cap_pinfo *pi = l2cap_pi(sk); |
1002 | struct l2cap_chan *chan = pi->chan; | ||
982 | 1003 | ||
983 | BT_DBG("sk %p", sk); | 1004 | BT_DBG("sk %p", sk); |
984 | 1005 | ||
985 | if (parent) { | 1006 | if (parent) { |
1007 | struct l2cap_chan *pchan = l2cap_pi(parent)->chan; | ||
1008 | |||
986 | sk->sk_type = parent->sk_type; | 1009 | sk->sk_type = parent->sk_type; |
987 | bt_sk(sk)->defer_setup = bt_sk(parent)->defer_setup; | 1010 | bt_sk(sk)->defer_setup = bt_sk(parent)->defer_setup; |
988 | 1011 | ||
989 | pi->imtu = l2cap_pi(parent)->imtu; | 1012 | chan->imtu = pchan->imtu; |
990 | pi->omtu = l2cap_pi(parent)->omtu; | 1013 | chan->omtu = pchan->omtu; |
991 | pi->conf_state = l2cap_pi(parent)->conf_state; | 1014 | chan->conf_state = pchan->conf_state; |
992 | pi->mode = l2cap_pi(parent)->mode; | 1015 | chan->mode = pchan->mode; |
993 | pi->fcs = l2cap_pi(parent)->fcs; | 1016 | chan->fcs = pchan->fcs; |
994 | pi->max_tx = l2cap_pi(parent)->max_tx; | 1017 | chan->max_tx = pchan->max_tx; |
995 | pi->tx_win = l2cap_pi(parent)->tx_win; | 1018 | chan->tx_win = pchan->tx_win; |
996 | pi->sec_level = l2cap_pi(parent)->sec_level; | 1019 | chan->sec_level = pchan->sec_level; |
997 | pi->role_switch = l2cap_pi(parent)->role_switch; | 1020 | chan->role_switch = pchan->role_switch; |
998 | pi->force_reliable = l2cap_pi(parent)->force_reliable; | 1021 | chan->force_reliable = pchan->force_reliable; |
999 | pi->flushable = l2cap_pi(parent)->flushable; | 1022 | chan->flushable = pchan->flushable; |
1000 | } else { | 1023 | } else { |
1001 | pi->imtu = L2CAP_DEFAULT_MTU; | 1024 | chan->imtu = L2CAP_DEFAULT_MTU; |
1002 | pi->omtu = 0; | 1025 | chan->omtu = 0; |
1003 | if (!disable_ertm && sk->sk_type == SOCK_STREAM) { | 1026 | if (!disable_ertm && sk->sk_type == SOCK_STREAM) { |
1004 | pi->mode = L2CAP_MODE_ERTM; | 1027 | chan->mode = L2CAP_MODE_ERTM; |
1005 | pi->conf_state |= L2CAP_CONF_STATE2_DEVICE; | 1028 | chan->conf_state |= L2CAP_CONF_STATE2_DEVICE; |
1006 | } else { | 1029 | } else { |
1007 | pi->mode = L2CAP_MODE_BASIC; | 1030 | chan->mode = L2CAP_MODE_BASIC; |
1008 | } | 1031 | } |
1009 | pi->max_tx = L2CAP_DEFAULT_MAX_TX; | 1032 | chan->max_tx = L2CAP_DEFAULT_MAX_TX; |
1010 | pi->fcs = L2CAP_FCS_CRC16; | 1033 | chan->fcs = L2CAP_FCS_CRC16; |
1011 | pi->tx_win = L2CAP_DEFAULT_TX_WINDOW; | 1034 | chan->tx_win = L2CAP_DEFAULT_TX_WINDOW; |
1012 | pi->sec_level = BT_SECURITY_LOW; | 1035 | chan->sec_level = BT_SECURITY_LOW; |
1013 | pi->role_switch = 0; | 1036 | chan->role_switch = 0; |
1014 | pi->force_reliable = 0; | 1037 | chan->force_reliable = 0; |
1015 | pi->flushable = BT_FLUSHABLE_OFF; | 1038 | chan->flushable = BT_FLUSHABLE_OFF; |
1016 | } | 1039 | } |
1017 | 1040 | ||
1018 | /* Default config options */ | 1041 | /* Default config options */ |
1019 | pi->flush_to = L2CAP_DEFAULT_FLUSH_TO; | 1042 | chan->flush_to = L2CAP_DEFAULT_FLUSH_TO; |
1020 | } | 1043 | } |
1021 | 1044 | ||
1022 | static struct proto l2cap_proto = { | 1045 | static struct proto l2cap_proto = { |
@@ -1054,6 +1077,7 @@ static int l2cap_sock_create(struct net *net, struct socket *sock, int protocol, | |||
1054 | int kern) | 1077 | int kern) |
1055 | { | 1078 | { |
1056 | struct sock *sk; | 1079 | struct sock *sk; |
1080 | struct l2cap_chan *chan; | ||
1057 | 1081 | ||
1058 | BT_DBG("sock %p", sock); | 1082 | BT_DBG("sock %p", sock); |
1059 | 1083 | ||
@@ -1072,11 +1096,19 @@ static int l2cap_sock_create(struct net *net, struct socket *sock, int protocol, | |||
1072 | if (!sk) | 1096 | if (!sk) |
1073 | return -ENOMEM; | 1097 | return -ENOMEM; |
1074 | 1098 | ||
1099 | chan = l2cap_chan_alloc(sk); | ||
1100 | if (!chan) { | ||
1101 | l2cap_sock_kill(sk); | ||
1102 | return -ENOMEM; | ||
1103 | } | ||
1104 | |||
1105 | l2cap_pi(sk)->chan = chan; | ||
1106 | |||
1075 | l2cap_sock_init(sk, NULL); | 1107 | l2cap_sock_init(sk, NULL); |
1076 | return 0; | 1108 | return 0; |
1077 | } | 1109 | } |
1078 | 1110 | ||
1079 | const struct proto_ops l2cap_sock_ops = { | 1111 | static const struct proto_ops l2cap_sock_ops = { |
1080 | .family = PF_BLUETOOTH, | 1112 | .family = PF_BLUETOOTH, |
1081 | .owner = THIS_MODULE, | 1113 | .owner = THIS_MODULE, |
1082 | .release = l2cap_sock_release, | 1114 | .release = l2cap_sock_release, |
diff --git a/net/bluetooth/mgmt.c b/net/bluetooth/mgmt.c index c304688252b..2481d257ed9 100644 --- a/net/bluetooth/mgmt.c +++ b/net/bluetooth/mgmt.c | |||
@@ -945,7 +945,7 @@ static int load_keys(struct sock *sk, u16 index, unsigned char *data, u16 len) | |||
945 | for (i = 0; i < key_count; i++) { | 945 | for (i = 0; i < key_count; i++) { |
946 | struct mgmt_key_info *key = &cp->keys[i]; | 946 | struct mgmt_key_info *key = &cp->keys[i]; |
947 | 947 | ||
948 | hci_add_link_key(hdev, 0, &key->bdaddr, key->val, key->type, | 948 | hci_add_link_key(hdev, NULL, 0, &key->bdaddr, key->val, key->type, |
949 | key->pin_len); | 949 | key->pin_len); |
950 | } | 950 | } |
951 | 951 | ||
@@ -1569,6 +1569,75 @@ static int remove_remote_oob_data(struct sock *sk, u16 index, | |||
1569 | return err; | 1569 | return err; |
1570 | } | 1570 | } |
1571 | 1571 | ||
1572 | static int start_discovery(struct sock *sk, u16 index) | ||
1573 | { | ||
1574 | u8 lap[3] = { 0x33, 0x8b, 0x9e }; | ||
1575 | struct hci_cp_inquiry cp; | ||
1576 | struct pending_cmd *cmd; | ||
1577 | struct hci_dev *hdev; | ||
1578 | int err; | ||
1579 | |||
1580 | BT_DBG("hci%u", index); | ||
1581 | |||
1582 | hdev = hci_dev_get(index); | ||
1583 | if (!hdev) | ||
1584 | return cmd_status(sk, index, MGMT_OP_START_DISCOVERY, ENODEV); | ||
1585 | |||
1586 | hci_dev_lock_bh(hdev); | ||
1587 | |||
1588 | cmd = mgmt_pending_add(sk, MGMT_OP_START_DISCOVERY, index, NULL, 0); | ||
1589 | if (!cmd) { | ||
1590 | err = -ENOMEM; | ||
1591 | goto failed; | ||
1592 | } | ||
1593 | |||
1594 | memset(&cp, 0, sizeof(cp)); | ||
1595 | memcpy(&cp.lap, lap, 3); | ||
1596 | cp.length = 0x08; | ||
1597 | cp.num_rsp = 0x00; | ||
1598 | |||
1599 | err = hci_send_cmd(hdev, HCI_OP_INQUIRY, sizeof(cp), &cp); | ||
1600 | if (err < 0) | ||
1601 | mgmt_pending_remove(cmd); | ||
1602 | |||
1603 | failed: | ||
1604 | hci_dev_unlock_bh(hdev); | ||
1605 | hci_dev_put(hdev); | ||
1606 | |||
1607 | return err; | ||
1608 | } | ||
1609 | |||
1610 | static int stop_discovery(struct sock *sk, u16 index) | ||
1611 | { | ||
1612 | struct hci_dev *hdev; | ||
1613 | struct pending_cmd *cmd; | ||
1614 | int err; | ||
1615 | |||
1616 | BT_DBG("hci%u", index); | ||
1617 | |||
1618 | hdev = hci_dev_get(index); | ||
1619 | if (!hdev) | ||
1620 | return cmd_status(sk, index, MGMT_OP_STOP_DISCOVERY, ENODEV); | ||
1621 | |||
1622 | hci_dev_lock_bh(hdev); | ||
1623 | |||
1624 | cmd = mgmt_pending_add(sk, MGMT_OP_STOP_DISCOVERY, index, NULL, 0); | ||
1625 | if (!cmd) { | ||
1626 | err = -ENOMEM; | ||
1627 | goto failed; | ||
1628 | } | ||
1629 | |||
1630 | err = hci_send_cmd(hdev, HCI_OP_INQUIRY_CANCEL, 0, NULL); | ||
1631 | if (err < 0) | ||
1632 | mgmt_pending_remove(cmd); | ||
1633 | |||
1634 | failed: | ||
1635 | hci_dev_unlock_bh(hdev); | ||
1636 | hci_dev_put(hdev); | ||
1637 | |||
1638 | return err; | ||
1639 | } | ||
1640 | |||
1572 | int mgmt_control(struct sock *sk, struct msghdr *msg, size_t msglen) | 1641 | int mgmt_control(struct sock *sk, struct msghdr *msg, size_t msglen) |
1573 | { | 1642 | { |
1574 | unsigned char *buf; | 1643 | unsigned char *buf; |
@@ -1677,7 +1746,12 @@ int mgmt_control(struct sock *sk, struct msghdr *msg, size_t msglen) | |||
1677 | err = remove_remote_oob_data(sk, index, buf + sizeof(*hdr), | 1746 | err = remove_remote_oob_data(sk, index, buf + sizeof(*hdr), |
1678 | len); | 1747 | len); |
1679 | break; | 1748 | break; |
1680 | 1749 | case MGMT_OP_START_DISCOVERY: | |
1750 | err = start_discovery(sk, index); | ||
1751 | break; | ||
1752 | case MGMT_OP_STOP_DISCOVERY: | ||
1753 | err = stop_discovery(sk, index); | ||
1754 | break; | ||
1681 | default: | 1755 | default: |
1682 | BT_DBG("Unknown op %u", opcode); | 1756 | BT_DBG("Unknown op %u", opcode); |
1683 | err = cmd_status(sk, index, opcode, 0x01); | 1757 | err = cmd_status(sk, index, opcode, 0x01); |
@@ -1784,17 +1858,17 @@ int mgmt_connectable(u16 index, u8 connectable) | |||
1784 | return ret; | 1858 | return ret; |
1785 | } | 1859 | } |
1786 | 1860 | ||
1787 | int mgmt_new_key(u16 index, struct link_key *key, u8 old_key_type) | 1861 | int mgmt_new_key(u16 index, struct link_key *key, u8 persistent) |
1788 | { | 1862 | { |
1789 | struct mgmt_ev_new_key ev; | 1863 | struct mgmt_ev_new_key ev; |
1790 | 1864 | ||
1791 | memset(&ev, 0, sizeof(ev)); | 1865 | memset(&ev, 0, sizeof(ev)); |
1792 | 1866 | ||
1867 | ev.store_hint = persistent; | ||
1793 | bacpy(&ev.key.bdaddr, &key->bdaddr); | 1868 | bacpy(&ev.key.bdaddr, &key->bdaddr); |
1794 | ev.key.type = key->type; | 1869 | ev.key.type = key->type; |
1795 | memcpy(ev.key.val, key->val, 16); | 1870 | memcpy(ev.key.val, key->val, 16); |
1796 | ev.key.pin_len = key->pin_len; | 1871 | ev.key.pin_len = key->pin_len; |
1797 | ev.old_key_type = old_key_type; | ||
1798 | 1872 | ||
1799 | return mgmt_event(MGMT_EV_NEW_KEY, index, &ev, sizeof(ev), NULL); | 1873 | return mgmt_event(MGMT_EV_NEW_KEY, index, &ev, sizeof(ev), NULL); |
1800 | } | 1874 | } |
@@ -1868,11 +1942,12 @@ int mgmt_connect_failed(u16 index, bdaddr_t *bdaddr, u8 status) | |||
1868 | return mgmt_event(MGMT_EV_CONNECT_FAILED, index, &ev, sizeof(ev), NULL); | 1942 | return mgmt_event(MGMT_EV_CONNECT_FAILED, index, &ev, sizeof(ev), NULL); |
1869 | } | 1943 | } |
1870 | 1944 | ||
1871 | int mgmt_pin_code_request(u16 index, bdaddr_t *bdaddr) | 1945 | int mgmt_pin_code_request(u16 index, bdaddr_t *bdaddr, u8 secure) |
1872 | { | 1946 | { |
1873 | struct mgmt_ev_pin_code_request ev; | 1947 | struct mgmt_ev_pin_code_request ev; |
1874 | 1948 | ||
1875 | bacpy(&ev.bdaddr, bdaddr); | 1949 | bacpy(&ev.bdaddr, bdaddr); |
1950 | ev.secure = secure; | ||
1876 | 1951 | ||
1877 | return mgmt_event(MGMT_EV_PIN_CODE_REQUEST, index, &ev, sizeof(ev), | 1952 | return mgmt_event(MGMT_EV_PIN_CODE_REQUEST, index, &ev, sizeof(ev), |
1878 | NULL); | 1953 | NULL); |
@@ -1920,13 +1995,15 @@ int mgmt_pin_code_neg_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status) | |||
1920 | return err; | 1995 | return err; |
1921 | } | 1996 | } |
1922 | 1997 | ||
1923 | int mgmt_user_confirm_request(u16 index, bdaddr_t *bdaddr, __le32 value) | 1998 | int mgmt_user_confirm_request(u16 index, bdaddr_t *bdaddr, __le32 value, |
1999 | u8 confirm_hint) | ||
1924 | { | 2000 | { |
1925 | struct mgmt_ev_user_confirm_request ev; | 2001 | struct mgmt_ev_user_confirm_request ev; |
1926 | 2002 | ||
1927 | BT_DBG("hci%u", index); | 2003 | BT_DBG("hci%u", index); |
1928 | 2004 | ||
1929 | bacpy(&ev.bdaddr, bdaddr); | 2005 | bacpy(&ev.bdaddr, bdaddr); |
2006 | ev.confirm_hint = confirm_hint; | ||
1930 | put_unaligned_le32(value, &ev.value); | 2007 | put_unaligned_le32(value, &ev.value); |
1931 | 2008 | ||
1932 | return mgmt_event(MGMT_EV_USER_CONFIRM_REQUEST, index, &ev, sizeof(ev), | 2009 | return mgmt_event(MGMT_EV_USER_CONFIRM_REQUEST, index, &ev, sizeof(ev), |
@@ -2075,3 +2152,9 @@ int mgmt_remote_name(u16 index, bdaddr_t *bdaddr, u8 *name) | |||
2075 | 2152 | ||
2076 | return mgmt_event(MGMT_EV_REMOTE_NAME, index, &ev, sizeof(ev), NULL); | 2153 | return mgmt_event(MGMT_EV_REMOTE_NAME, index, &ev, sizeof(ev), NULL); |
2077 | } | 2154 | } |
2155 | |||
2156 | int mgmt_discovering(u16 index, u8 discovering) | ||
2157 | { | ||
2158 | return mgmt_event(MGMT_EV_DISCOVERING, index, &discovering, | ||
2159 | sizeof(discovering), NULL); | ||
2160 | } | ||
diff --git a/net/bluetooth/rfcomm/core.c b/net/bluetooth/rfcomm/core.c index c9973932456..121a5c13b98 100644 --- a/net/bluetooth/rfcomm/core.c +++ b/net/bluetooth/rfcomm/core.c | |||
@@ -232,6 +232,8 @@ static int rfcomm_l2sock_create(struct socket **sock) | |||
232 | static inline int rfcomm_check_security(struct rfcomm_dlc *d) | 232 | static inline int rfcomm_check_security(struct rfcomm_dlc *d) |
233 | { | 233 | { |
234 | struct sock *sk = d->session->sock->sk; | 234 | struct sock *sk = d->session->sock->sk; |
235 | struct l2cap_conn *conn = l2cap_pi(sk)->chan->conn; | ||
236 | |||
235 | __u8 auth_type; | 237 | __u8 auth_type; |
236 | 238 | ||
237 | switch (d->sec_level) { | 239 | switch (d->sec_level) { |
@@ -246,8 +248,7 @@ static inline int rfcomm_check_security(struct rfcomm_dlc *d) | |||
246 | break; | 248 | break; |
247 | } | 249 | } |
248 | 250 | ||
249 | return hci_conn_security(l2cap_pi(sk)->conn->hcon, d->sec_level, | 251 | return hci_conn_security(conn->hcon, d->sec_level, auth_type); |
250 | auth_type); | ||
251 | } | 252 | } |
252 | 253 | ||
253 | static void rfcomm_session_timeout(unsigned long arg) | 254 | static void rfcomm_session_timeout(unsigned long arg) |
@@ -710,10 +711,10 @@ static struct rfcomm_session *rfcomm_session_create(bdaddr_t *src, | |||
710 | /* Set L2CAP options */ | 711 | /* Set L2CAP options */ |
711 | sk = sock->sk; | 712 | sk = sock->sk; |
712 | lock_sock(sk); | 713 | lock_sock(sk); |
713 | l2cap_pi(sk)->imtu = l2cap_mtu; | 714 | l2cap_pi(sk)->chan->imtu = l2cap_mtu; |
714 | l2cap_pi(sk)->sec_level = sec_level; | 715 | l2cap_pi(sk)->chan->sec_level = sec_level; |
715 | if (l2cap_ertm) | 716 | if (l2cap_ertm) |
716 | l2cap_pi(sk)->mode = L2CAP_MODE_ERTM; | 717 | l2cap_pi(sk)->chan->mode = L2CAP_MODE_ERTM; |
717 | release_sock(sk); | 718 | release_sock(sk); |
718 | 719 | ||
719 | s = rfcomm_session_add(sock, BT_BOUND); | 720 | s = rfcomm_session_add(sock, BT_BOUND); |
@@ -1241,6 +1242,7 @@ static int rfcomm_recv_disc(struct rfcomm_session *s, u8 dlci) | |||
1241 | void rfcomm_dlc_accept(struct rfcomm_dlc *d) | 1242 | void rfcomm_dlc_accept(struct rfcomm_dlc *d) |
1242 | { | 1243 | { |
1243 | struct sock *sk = d->session->sock->sk; | 1244 | struct sock *sk = d->session->sock->sk; |
1245 | struct l2cap_conn *conn = l2cap_pi(sk)->chan->conn; | ||
1244 | 1246 | ||
1245 | BT_DBG("dlc %p", d); | 1247 | BT_DBG("dlc %p", d); |
1246 | 1248 | ||
@@ -1254,7 +1256,7 @@ void rfcomm_dlc_accept(struct rfcomm_dlc *d) | |||
1254 | rfcomm_dlc_unlock(d); | 1256 | rfcomm_dlc_unlock(d); |
1255 | 1257 | ||
1256 | if (d->role_switch) | 1258 | if (d->role_switch) |
1257 | hci_conn_switch_role(l2cap_pi(sk)->conn->hcon, 0x00); | 1259 | hci_conn_switch_role(conn->hcon, 0x00); |
1258 | 1260 | ||
1259 | rfcomm_send_msc(d->session, 1, d->dlci, d->v24_sig); | 1261 | rfcomm_send_msc(d->session, 1, d->dlci, d->v24_sig); |
1260 | } | 1262 | } |
@@ -1890,7 +1892,8 @@ static inline void rfcomm_accept_connection(struct rfcomm_session *s) | |||
1890 | 1892 | ||
1891 | /* We should adjust MTU on incoming sessions. | 1893 | /* We should adjust MTU on incoming sessions. |
1892 | * L2CAP MTU minus UIH header and FCS. */ | 1894 | * L2CAP MTU minus UIH header and FCS. */ |
1893 | s->mtu = min(l2cap_pi(nsock->sk)->omtu, l2cap_pi(nsock->sk)->imtu) - 5; | 1895 | s->mtu = min(l2cap_pi(nsock->sk)->chan->omtu, |
1896 | l2cap_pi(nsock->sk)->chan->imtu) - 5; | ||
1894 | 1897 | ||
1895 | rfcomm_schedule(); | 1898 | rfcomm_schedule(); |
1896 | } else | 1899 | } else |
@@ -1909,7 +1912,7 @@ static inline void rfcomm_check_connection(struct rfcomm_session *s) | |||
1909 | 1912 | ||
1910 | /* We can adjust MTU on outgoing sessions. | 1913 | /* We can adjust MTU on outgoing sessions. |
1911 | * L2CAP MTU minus UIH header and FCS. */ | 1914 | * L2CAP MTU minus UIH header and FCS. */ |
1912 | s->mtu = min(l2cap_pi(sk)->omtu, l2cap_pi(sk)->imtu) - 5; | 1915 | s->mtu = min(l2cap_pi(sk)->chan->omtu, l2cap_pi(sk)->chan->imtu) - 5; |
1913 | 1916 | ||
1914 | rfcomm_send_sabm(s, 0); | 1917 | rfcomm_send_sabm(s, 0); |
1915 | break; | 1918 | break; |
@@ -1992,7 +1995,7 @@ static int rfcomm_add_listener(bdaddr_t *ba) | |||
1992 | /* Set L2CAP options */ | 1995 | /* Set L2CAP options */ |
1993 | sk = sock->sk; | 1996 | sk = sock->sk; |
1994 | lock_sock(sk); | 1997 | lock_sock(sk); |
1995 | l2cap_pi(sk)->imtu = l2cap_mtu; | 1998 | l2cap_pi(sk)->chan->imtu = l2cap_mtu; |
1996 | release_sock(sk); | 1999 | release_sock(sk); |
1997 | 2000 | ||
1998 | /* Start listening on the socket */ | 2001 | /* Start listening on the socket */ |
diff --git a/net/bluetooth/rfcomm/sock.c b/net/bluetooth/rfcomm/sock.c index 66cc1f0c3df..386cfaffd4b 100644 --- a/net/bluetooth/rfcomm/sock.c +++ b/net/bluetooth/rfcomm/sock.c | |||
@@ -743,6 +743,7 @@ static int rfcomm_sock_getsockopt_old(struct socket *sock, int optname, char __u | |||
743 | struct sock *sk = sock->sk; | 743 | struct sock *sk = sock->sk; |
744 | struct sock *l2cap_sk; | 744 | struct sock *l2cap_sk; |
745 | struct rfcomm_conninfo cinfo; | 745 | struct rfcomm_conninfo cinfo; |
746 | struct l2cap_conn *conn = l2cap_pi(sk)->chan->conn; | ||
746 | int len, err = 0; | 747 | int len, err = 0; |
747 | u32 opt; | 748 | u32 opt; |
748 | 749 | ||
@@ -787,8 +788,8 @@ static int rfcomm_sock_getsockopt_old(struct socket *sock, int optname, char __u | |||
787 | 788 | ||
788 | l2cap_sk = rfcomm_pi(sk)->dlc->session->sock->sk; | 789 | l2cap_sk = rfcomm_pi(sk)->dlc->session->sock->sk; |
789 | 790 | ||
790 | cinfo.hci_handle = l2cap_pi(l2cap_sk)->conn->hcon->handle; | 791 | cinfo.hci_handle = conn->hcon->handle; |
791 | memcpy(cinfo.dev_class, l2cap_pi(l2cap_sk)->conn->hcon->dev_class, 3); | 792 | memcpy(cinfo.dev_class, conn->hcon->dev_class, 3); |
792 | 793 | ||
793 | len = min_t(unsigned int, len, sizeof(cinfo)); | 794 | len = min_t(unsigned int, len, sizeof(cinfo)); |
794 | if (copy_to_user(optval, (char *) &cinfo, len)) | 795 | if (copy_to_user(optval, (char *) &cinfo, len)) |
diff --git a/net/mac80211/aes_ccm.c b/net/mac80211/aes_ccm.c index 4bd6ef0be38..b9b595c0811 100644 --- a/net/mac80211/aes_ccm.c +++ b/net/mac80211/aes_ccm.c | |||
@@ -54,13 +54,12 @@ void ieee80211_aes_ccm_encrypt(struct crypto_cipher *tfm, u8 *scratch, | |||
54 | u8 *cdata, u8 *mic) | 54 | u8 *cdata, u8 *mic) |
55 | { | 55 | { |
56 | int i, j, last_len, num_blocks; | 56 | int i, j, last_len, num_blocks; |
57 | u8 *pos, *cpos, *b, *s_0, *e, *b_0, *aad; | 57 | u8 *pos, *cpos, *b, *s_0, *e, *b_0; |
58 | 58 | ||
59 | b = scratch; | 59 | b = scratch; |
60 | s_0 = scratch + AES_BLOCK_LEN; | 60 | s_0 = scratch + AES_BLOCK_LEN; |
61 | e = scratch + 2 * AES_BLOCK_LEN; | 61 | e = scratch + 2 * AES_BLOCK_LEN; |
62 | b_0 = scratch + 3 * AES_BLOCK_LEN; | 62 | b_0 = scratch + 3 * AES_BLOCK_LEN; |
63 | aad = scratch + 4 * AES_BLOCK_LEN; | ||
64 | 63 | ||
65 | num_blocks = DIV_ROUND_UP(data_len, AES_BLOCK_LEN); | 64 | num_blocks = DIV_ROUND_UP(data_len, AES_BLOCK_LEN); |
66 | last_len = data_len % AES_BLOCK_LEN; | 65 | last_len = data_len % AES_BLOCK_LEN; |
@@ -94,13 +93,12 @@ int ieee80211_aes_ccm_decrypt(struct crypto_cipher *tfm, u8 *scratch, | |||
94 | u8 *cdata, size_t data_len, u8 *mic, u8 *data) | 93 | u8 *cdata, size_t data_len, u8 *mic, u8 *data) |
95 | { | 94 | { |
96 | int i, j, last_len, num_blocks; | 95 | int i, j, last_len, num_blocks; |
97 | u8 *pos, *cpos, *b, *s_0, *a, *b_0, *aad; | 96 | u8 *pos, *cpos, *b, *s_0, *a, *b_0; |
98 | 97 | ||
99 | b = scratch; | 98 | b = scratch; |
100 | s_0 = scratch + AES_BLOCK_LEN; | 99 | s_0 = scratch + AES_BLOCK_LEN; |
101 | a = scratch + 2 * AES_BLOCK_LEN; | 100 | a = scratch + 2 * AES_BLOCK_LEN; |
102 | b_0 = scratch + 3 * AES_BLOCK_LEN; | 101 | b_0 = scratch + 3 * AES_BLOCK_LEN; |
103 | aad = scratch + 4 * AES_BLOCK_LEN; | ||
104 | 102 | ||
105 | num_blocks = DIV_ROUND_UP(data_len, AES_BLOCK_LEN); | 103 | num_blocks = DIV_ROUND_UP(data_len, AES_BLOCK_LEN); |
106 | last_len = data_len % AES_BLOCK_LEN; | 104 | last_len = data_len % AES_BLOCK_LEN; |
diff --git a/net/mac80211/cfg.c b/net/mac80211/cfg.c index a9ddaf63ee1..12d52cec951 100644 --- a/net/mac80211/cfg.c +++ b/net/mac80211/cfg.c | |||
@@ -1633,16 +1633,13 @@ static int ieee80211_set_bitrate_mask(struct wiphy *wiphy, | |||
1633 | { | 1633 | { |
1634 | struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); | 1634 | struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); |
1635 | struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); | 1635 | struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); |
1636 | int i; | 1636 | int i, ret; |
1637 | |||
1638 | /* | ||
1639 | * This _could_ be supported by providing a hook for | ||
1640 | * drivers for this function, but at this point it | ||
1641 | * doesn't seem worth bothering. | ||
1642 | */ | ||
1643 | if (local->hw.flags & IEEE80211_HW_HAS_RATE_CONTROL) | ||
1644 | return -EOPNOTSUPP; | ||
1645 | 1637 | ||
1638 | if (local->hw.flags & IEEE80211_HW_HAS_RATE_CONTROL) { | ||
1639 | ret = drv_set_bitrate_mask(local, sdata, mask); | ||
1640 | if (ret) | ||
1641 | return ret; | ||
1642 | } | ||
1646 | 1643 | ||
1647 | for (i = 0; i < IEEE80211_NUM_BANDS; i++) | 1644 | for (i = 0; i < IEEE80211_NUM_BANDS; i++) |
1648 | sdata->rc_rateidx_mask[i] = mask->control[i].legacy; | 1645 | sdata->rc_rateidx_mask[i] = mask->control[i].legacy; |
diff --git a/net/mac80211/driver-ops.h b/net/mac80211/driver-ops.h index 00a0685f240..2ddb56e5b51 100644 --- a/net/mac80211/driver-ops.h +++ b/net/mac80211/driver-ops.h | |||
@@ -565,4 +565,22 @@ static inline bool drv_tx_frames_pending(struct ieee80211_local *local) | |||
565 | 565 | ||
566 | return ret; | 566 | return ret; |
567 | } | 567 | } |
568 | |||
569 | static inline int drv_set_bitrate_mask(struct ieee80211_local *local, | ||
570 | struct ieee80211_sub_if_data *sdata, | ||
571 | const struct cfg80211_bitrate_mask *mask) | ||
572 | { | ||
573 | int ret = -EOPNOTSUPP; | ||
574 | |||
575 | might_sleep(); | ||
576 | |||
577 | trace_drv_set_bitrate_mask(local, sdata, mask); | ||
578 | if (local->ops->set_bitrate_mask) | ||
579 | ret = local->ops->set_bitrate_mask(&local->hw, | ||
580 | &sdata->vif, mask); | ||
581 | trace_drv_return_int(local, ret); | ||
582 | |||
583 | return ret; | ||
584 | } | ||
585 | |||
568 | #endif /* __MAC80211_DRIVER_OPS */ | 586 | #endif /* __MAC80211_DRIVER_OPS */ |
diff --git a/net/mac80211/driver-trace.h b/net/mac80211/driver-trace.h index c8c934d48b7..191e834ec46 100644 --- a/net/mac80211/driver-trace.h +++ b/net/mac80211/driver-trace.h | |||
@@ -989,6 +989,33 @@ DEFINE_EVENT(local_only_evt, drv_offchannel_tx_cancel_wait, | |||
989 | TP_ARGS(local) | 989 | TP_ARGS(local) |
990 | ); | 990 | ); |
991 | 991 | ||
992 | TRACE_EVENT(drv_set_bitrate_mask, | ||
993 | TP_PROTO(struct ieee80211_local *local, | ||
994 | struct ieee80211_sub_if_data *sdata, | ||
995 | const struct cfg80211_bitrate_mask *mask), | ||
996 | |||
997 | TP_ARGS(local, sdata, mask), | ||
998 | |||
999 | TP_STRUCT__entry( | ||
1000 | LOCAL_ENTRY | ||
1001 | VIF_ENTRY | ||
1002 | __field(u32, legacy_2g) | ||
1003 | __field(u32, legacy_5g) | ||
1004 | ), | ||
1005 | |||
1006 | TP_fast_assign( | ||
1007 | LOCAL_ASSIGN; | ||
1008 | VIF_ASSIGN; | ||
1009 | __entry->legacy_2g = mask->control[IEEE80211_BAND_2GHZ].legacy; | ||
1010 | __entry->legacy_5g = mask->control[IEEE80211_BAND_5GHZ].legacy; | ||
1011 | ), | ||
1012 | |||
1013 | TP_printk( | ||
1014 | LOCAL_PR_FMT VIF_PR_FMT " 2G Mask:0x%x 5G Mask:0x%x", | ||
1015 | LOCAL_PR_ARG, VIF_PR_ARG, __entry->legacy_2g, __entry->legacy_5g | ||
1016 | ) | ||
1017 | ); | ||
1018 | |||
992 | /* | 1019 | /* |
993 | * Tracing for API calls that drivers call. | 1020 | * Tracing for API calls that drivers call. |
994 | */ | 1021 | */ |
diff --git a/net/mac80211/ibss.c b/net/mac80211/ibss.c index 14883966374..b81860c9469 100644 --- a/net/mac80211/ibss.c +++ b/net/mac80211/ibss.c | |||
@@ -40,7 +40,7 @@ static void ieee80211_rx_mgmt_auth_ibss(struct ieee80211_sub_if_data *sdata, | |||
40 | struct ieee80211_mgmt *mgmt, | 40 | struct ieee80211_mgmt *mgmt, |
41 | size_t len) | 41 | size_t len) |
42 | { | 42 | { |
43 | u16 auth_alg, auth_transaction, status_code; | 43 | u16 auth_alg, auth_transaction; |
44 | 44 | ||
45 | lockdep_assert_held(&sdata->u.ibss.mtx); | 45 | lockdep_assert_held(&sdata->u.ibss.mtx); |
46 | 46 | ||
@@ -49,7 +49,6 @@ static void ieee80211_rx_mgmt_auth_ibss(struct ieee80211_sub_if_data *sdata, | |||
49 | 49 | ||
50 | auth_alg = le16_to_cpu(mgmt->u.auth.auth_alg); | 50 | auth_alg = le16_to_cpu(mgmt->u.auth.auth_alg); |
51 | auth_transaction = le16_to_cpu(mgmt->u.auth.auth_transaction); | 51 | auth_transaction = le16_to_cpu(mgmt->u.auth.auth_transaction); |
52 | status_code = le16_to_cpu(mgmt->u.auth.status_code); | ||
53 | 52 | ||
54 | /* | 53 | /* |
55 | * IEEE 802.11 standard does not require authentication in IBSS | 54 | * IEEE 802.11 standard does not require authentication in IBSS |
@@ -527,8 +526,6 @@ static void ieee80211_sta_merge_ibss(struct ieee80211_sub_if_data *sdata) | |||
527 | static void ieee80211_sta_create_ibss(struct ieee80211_sub_if_data *sdata) | 526 | static void ieee80211_sta_create_ibss(struct ieee80211_sub_if_data *sdata) |
528 | { | 527 | { |
529 | struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; | 528 | struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; |
530 | struct ieee80211_local *local = sdata->local; | ||
531 | struct ieee80211_supported_band *sband; | ||
532 | u8 bssid[ETH_ALEN]; | 529 | u8 bssid[ETH_ALEN]; |
533 | u16 capability; | 530 | u16 capability; |
534 | int i; | 531 | int i; |
@@ -551,8 +548,6 @@ static void ieee80211_sta_create_ibss(struct ieee80211_sub_if_data *sdata) | |||
551 | printk(KERN_DEBUG "%s: Creating new IBSS network, BSSID %pM\n", | 548 | printk(KERN_DEBUG "%s: Creating new IBSS network, BSSID %pM\n", |
552 | sdata->name, bssid); | 549 | sdata->name, bssid); |
553 | 550 | ||
554 | sband = local->hw.wiphy->bands[ifibss->channel->band]; | ||
555 | |||
556 | capability = WLAN_CAPABILITY_IBSS; | 551 | capability = WLAN_CAPABILITY_IBSS; |
557 | 552 | ||
558 | if (ifibss->privacy) | 553 | if (ifibss->privacy) |
diff --git a/net/mac80211/ieee80211_i.h b/net/mac80211/ieee80211_i.h index a7784997091..027c0467d7a 100644 --- a/net/mac80211/ieee80211_i.h +++ b/net/mac80211/ieee80211_i.h | |||
@@ -766,6 +766,9 @@ struct ieee80211_local { | |||
766 | 766 | ||
767 | int tx_headroom; /* required headroom for hardware/radiotap */ | 767 | int tx_headroom; /* required headroom for hardware/radiotap */ |
768 | 768 | ||
769 | /* count for keys needing tailroom space allocation */ | ||
770 | int crypto_tx_tailroom_needed_cnt; | ||
771 | |||
769 | /* Tasklet and skb queue to process calls from IRQ mode. All frames | 772 | /* Tasklet and skb queue to process calls from IRQ mode. All frames |
770 | * added to skb_queue will be processed, but frames in | 773 | * added to skb_queue will be processed, but frames in |
771 | * skb_queue_unreliable may be dropped if the total length of these | 774 | * skb_queue_unreliable may be dropped if the total length of these |
diff --git a/net/mac80211/key.c b/net/mac80211/key.c index af3c56482c8..b510721e3b3 100644 --- a/net/mac80211/key.c +++ b/net/mac80211/key.c | |||
@@ -101,6 +101,11 @@ static int ieee80211_key_enable_hw_accel(struct ieee80211_key *key) | |||
101 | 101 | ||
102 | if (!ret) { | 102 | if (!ret) { |
103 | key->flags |= KEY_FLAG_UPLOADED_TO_HARDWARE; | 103 | key->flags |= KEY_FLAG_UPLOADED_TO_HARDWARE; |
104 | |||
105 | if (!((key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) || | ||
106 | (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV))) | ||
107 | key->local->crypto_tx_tailroom_needed_cnt--; | ||
108 | |||
104 | return 0; | 109 | return 0; |
105 | } | 110 | } |
106 | 111 | ||
@@ -156,6 +161,10 @@ static void ieee80211_key_disable_hw_accel(struct ieee80211_key *key) | |||
156 | key->conf.keyidx, sta ? sta->addr : bcast_addr, ret); | 161 | key->conf.keyidx, sta ? sta->addr : bcast_addr, ret); |
157 | 162 | ||
158 | key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE; | 163 | key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE; |
164 | |||
165 | if (!((key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) || | ||
166 | (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV))) | ||
167 | key->local->crypto_tx_tailroom_needed_cnt++; | ||
159 | } | 168 | } |
160 | 169 | ||
161 | void ieee80211_key_removed(struct ieee80211_key_conf *key_conf) | 170 | void ieee80211_key_removed(struct ieee80211_key_conf *key_conf) |
@@ -388,8 +397,10 @@ static void __ieee80211_key_destroy(struct ieee80211_key *key) | |||
388 | ieee80211_aes_key_free(key->u.ccmp.tfm); | 397 | ieee80211_aes_key_free(key->u.ccmp.tfm); |
389 | if (key->conf.cipher == WLAN_CIPHER_SUITE_AES_CMAC) | 398 | if (key->conf.cipher == WLAN_CIPHER_SUITE_AES_CMAC) |
390 | ieee80211_aes_cmac_key_free(key->u.aes_cmac.tfm); | 399 | ieee80211_aes_cmac_key_free(key->u.aes_cmac.tfm); |
391 | if (key->local) | 400 | if (key->local) { |
392 | ieee80211_debugfs_key_remove(key); | 401 | ieee80211_debugfs_key_remove(key); |
402 | key->local->crypto_tx_tailroom_needed_cnt--; | ||
403 | } | ||
393 | 404 | ||
394 | kfree(key); | 405 | kfree(key); |
395 | } | 406 | } |
@@ -451,6 +462,8 @@ int ieee80211_key_link(struct ieee80211_key *key, | |||
451 | 462 | ||
452 | ieee80211_debugfs_key_add(key); | 463 | ieee80211_debugfs_key_add(key); |
453 | 464 | ||
465 | key->local->crypto_tx_tailroom_needed_cnt++; | ||
466 | |||
454 | ret = ieee80211_key_enable_hw_accel(key); | 467 | ret = ieee80211_key_enable_hw_accel(key); |
455 | 468 | ||
456 | mutex_unlock(&sdata->local->key_mtx); | 469 | mutex_unlock(&sdata->local->key_mtx); |
@@ -492,8 +505,12 @@ void ieee80211_enable_keys(struct ieee80211_sub_if_data *sdata) | |||
492 | 505 | ||
493 | mutex_lock(&sdata->local->key_mtx); | 506 | mutex_lock(&sdata->local->key_mtx); |
494 | 507 | ||
495 | list_for_each_entry(key, &sdata->key_list, list) | 508 | sdata->local->crypto_tx_tailroom_needed_cnt = 0; |
509 | |||
510 | list_for_each_entry(key, &sdata->key_list, list) { | ||
511 | sdata->local->crypto_tx_tailroom_needed_cnt++; | ||
496 | ieee80211_key_enable_hw_accel(key); | 512 | ieee80211_key_enable_hw_accel(key); |
513 | } | ||
497 | 514 | ||
498 | mutex_unlock(&sdata->local->key_mtx); | 515 | mutex_unlock(&sdata->local->key_mtx); |
499 | } | 516 | } |
diff --git a/net/mac80211/main.c b/net/mac80211/main.c index 0ab2a8df312..61877662e8f 100644 --- a/net/mac80211/main.c +++ b/net/mac80211/main.c | |||
@@ -33,12 +33,6 @@ | |||
33 | #include "cfg.h" | 33 | #include "cfg.h" |
34 | #include "debugfs.h" | 34 | #include "debugfs.h" |
35 | 35 | ||
36 | |||
37 | static bool ieee80211_disable_40mhz_24ghz; | ||
38 | module_param(ieee80211_disable_40mhz_24ghz, bool, 0644); | ||
39 | MODULE_PARM_DESC(ieee80211_disable_40mhz_24ghz, | ||
40 | "Disable 40MHz support in the 2.4GHz band"); | ||
41 | |||
42 | static struct lock_class_key ieee80211_rx_skb_queue_class; | 36 | static struct lock_class_key ieee80211_rx_skb_queue_class; |
43 | 37 | ||
44 | void ieee80211_configure_filter(struct ieee80211_local *local) | 38 | void ieee80211_configure_filter(struct ieee80211_local *local) |
@@ -728,18 +722,6 @@ int ieee80211_register_hw(struct ieee80211_hw *hw) | |||
728 | } | 722 | } |
729 | channels += sband->n_channels; | 723 | channels += sband->n_channels; |
730 | 724 | ||
731 | /* | ||
732 | * Since ieee80211_disable_40mhz_24ghz is global, we can | ||
733 | * modify the sband's ht data even if the driver uses a | ||
734 | * global structure for that. | ||
735 | */ | ||
736 | if (ieee80211_disable_40mhz_24ghz && | ||
737 | band == IEEE80211_BAND_2GHZ && | ||
738 | sband->ht_cap.ht_supported) { | ||
739 | sband->ht_cap.cap &= ~IEEE80211_HT_CAP_SUP_WIDTH_20_40; | ||
740 | sband->ht_cap.cap &= ~IEEE80211_HT_CAP_SGI_40; | ||
741 | } | ||
742 | |||
743 | if (max_bitrates < sband->n_bitrates) | 725 | if (max_bitrates < sband->n_bitrates) |
744 | max_bitrates = sband->n_bitrates; | 726 | max_bitrates = sband->n_bitrates; |
745 | supp_ht = supp_ht || sband->ht_cap.ht_supported; | 727 | supp_ht = supp_ht || sband->ht_cap.ht_supported; |
diff --git a/net/mac80211/mesh.c b/net/mac80211/mesh.c index 11207979e2e..c1299e24954 100644 --- a/net/mac80211/mesh.c +++ b/net/mac80211/mesh.c | |||
@@ -613,12 +613,9 @@ void ieee80211_mesh_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata, | |||
613 | struct sk_buff *skb) | 613 | struct sk_buff *skb) |
614 | { | 614 | { |
615 | struct ieee80211_rx_status *rx_status; | 615 | struct ieee80211_rx_status *rx_status; |
616 | struct ieee80211_if_mesh *ifmsh; | ||
617 | struct ieee80211_mgmt *mgmt; | 616 | struct ieee80211_mgmt *mgmt; |
618 | u16 stype; | 617 | u16 stype; |
619 | 618 | ||
620 | ifmsh = &sdata->u.mesh; | ||
621 | |||
622 | rx_status = IEEE80211_SKB_RXCB(skb); | 619 | rx_status = IEEE80211_SKB_RXCB(skb); |
623 | mgmt = (struct ieee80211_mgmt *) skb->data; | 620 | mgmt = (struct ieee80211_mgmt *) skb->data; |
624 | stype = le16_to_cpu(mgmt->frame_control) & IEEE80211_FCTL_STYPE; | 621 | stype = le16_to_cpu(mgmt->frame_control) & IEEE80211_FCTL_STYPE; |
diff --git a/net/mac80211/mesh_hwmp.c b/net/mac80211/mesh_hwmp.c index 5bf64d7112b..e57f2e728cf 100644 --- a/net/mac80211/mesh_hwmp.c +++ b/net/mac80211/mesh_hwmp.c | |||
@@ -633,7 +633,6 @@ static void hwmp_perr_frame_process(struct ieee80211_sub_if_data *sdata, | |||
633 | struct mesh_path *mpath; | 633 | struct mesh_path *mpath; |
634 | u8 ttl; | 634 | u8 ttl; |
635 | u8 *ta, *target_addr; | 635 | u8 *ta, *target_addr; |
636 | u8 target_flags; | ||
637 | u32 target_sn; | 636 | u32 target_sn; |
638 | u16 target_rcode; | 637 | u16 target_rcode; |
639 | 638 | ||
@@ -644,7 +643,6 @@ static void hwmp_perr_frame_process(struct ieee80211_sub_if_data *sdata, | |||
644 | return; | 643 | return; |
645 | } | 644 | } |
646 | ttl--; | 645 | ttl--; |
647 | target_flags = PERR_IE_TARGET_FLAGS(perr_elem); | ||
648 | target_addr = PERR_IE_TARGET_ADDR(perr_elem); | 646 | target_addr = PERR_IE_TARGET_ADDR(perr_elem); |
649 | target_sn = PERR_IE_TARGET_SN(perr_elem); | 647 | target_sn = PERR_IE_TARGET_SN(perr_elem); |
650 | target_rcode = PERR_IE_TARGET_RCODE(perr_elem); | 648 | target_rcode = PERR_IE_TARGET_RCODE(perr_elem); |
@@ -675,12 +673,10 @@ static void hwmp_rann_frame_process(struct ieee80211_sub_if_data *sdata, | |||
675 | { | 673 | { |
676 | struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh; | 674 | struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh; |
677 | struct mesh_path *mpath; | 675 | struct mesh_path *mpath; |
678 | u8 *ta; | ||
679 | u8 ttl, flags, hopcount; | 676 | u8 ttl, flags, hopcount; |
680 | u8 *orig_addr; | 677 | u8 *orig_addr; |
681 | u32 orig_sn, metric; | 678 | u32 orig_sn, metric; |
682 | 679 | ||
683 | ta = mgmt->sa; | ||
684 | ttl = rann->rann_ttl; | 680 | ttl = rann->rann_ttl; |
685 | if (ttl <= 1) { | 681 | if (ttl <= 1) { |
686 | ifmsh->mshstats.dropped_frames_ttl++; | 682 | ifmsh->mshstats.dropped_frames_ttl++; |
diff --git a/net/mac80211/pm.c b/net/mac80211/pm.c index e37355193ed..04246171088 100644 --- a/net/mac80211/pm.c +++ b/net/mac80211/pm.c | |||
@@ -14,12 +14,23 @@ int __ieee80211_suspend(struct ieee80211_hw *hw) | |||
14 | 14 | ||
15 | ieee80211_scan_cancel(local); | 15 | ieee80211_scan_cancel(local); |
16 | 16 | ||
17 | if (hw->flags & IEEE80211_HW_AMPDU_AGGREGATION) { | ||
18 | mutex_lock(&local->sta_mtx); | ||
19 | list_for_each_entry(sta, &local->sta_list, list) { | ||
20 | set_sta_flags(sta, WLAN_STA_BLOCK_BA); | ||
21 | ieee80211_sta_tear_down_BA_sessions(sta, true); | ||
22 | } | ||
23 | mutex_unlock(&local->sta_mtx); | ||
24 | } | ||
25 | |||
17 | ieee80211_stop_queues_by_reason(hw, | 26 | ieee80211_stop_queues_by_reason(hw, |
18 | IEEE80211_QUEUE_STOP_REASON_SUSPEND); | 27 | IEEE80211_QUEUE_STOP_REASON_SUSPEND); |
19 | 28 | ||
20 | /* flush out all packets */ | 29 | /* flush out all packets */ |
21 | synchronize_net(); | 30 | synchronize_net(); |
22 | 31 | ||
32 | drv_flush(local, false); | ||
33 | |||
23 | local->quiescing = true; | 34 | local->quiescing = true; |
24 | /* make quiescing visible to timers everywhere */ | 35 | /* make quiescing visible to timers everywhere */ |
25 | mb(); | 36 | mb(); |
@@ -43,11 +54,6 @@ int __ieee80211_suspend(struct ieee80211_hw *hw) | |||
43 | /* tear down aggregation sessions and remove STAs */ | 54 | /* tear down aggregation sessions and remove STAs */ |
44 | mutex_lock(&local->sta_mtx); | 55 | mutex_lock(&local->sta_mtx); |
45 | list_for_each_entry(sta, &local->sta_list, list) { | 56 | list_for_each_entry(sta, &local->sta_list, list) { |
46 | if (hw->flags & IEEE80211_HW_AMPDU_AGGREGATION) { | ||
47 | set_sta_flags(sta, WLAN_STA_BLOCK_BA); | ||
48 | ieee80211_sta_tear_down_BA_sessions(sta, true); | ||
49 | } | ||
50 | |||
51 | if (sta->uploaded) { | 57 | if (sta->uploaded) { |
52 | sdata = sta->sdata; | 58 | sdata = sta->sdata; |
53 | if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) | 59 | if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) |
diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c index a864890e4d0..13a6697651a 100644 --- a/net/mac80211/rx.c +++ b/net/mac80211/rx.c | |||
@@ -652,7 +652,7 @@ static void ieee80211_sta_reorder_release(struct ieee80211_hw *hw, | |||
652 | set_release_timer: | 652 | set_release_timer: |
653 | 653 | ||
654 | mod_timer(&tid_agg_rx->reorder_timer, | 654 | mod_timer(&tid_agg_rx->reorder_timer, |
655 | tid_agg_rx->reorder_time[j] + | 655 | tid_agg_rx->reorder_time[j] + 1 + |
656 | HT_RX_REORDER_BUF_TIMEOUT); | 656 | HT_RX_REORDER_BUF_TIMEOUT); |
657 | } else { | 657 | } else { |
658 | del_timer(&tid_agg_rx->reorder_timer); | 658 | del_timer(&tid_agg_rx->reorder_timer); |
@@ -2368,47 +2368,6 @@ ieee80211_rx_h_mgmt(struct ieee80211_rx_data *rx) | |||
2368 | return RX_QUEUED; | 2368 | return RX_QUEUED; |
2369 | } | 2369 | } |
2370 | 2370 | ||
2371 | static void ieee80211_rx_michael_mic_report(struct ieee80211_hdr *hdr, | ||
2372 | struct ieee80211_rx_data *rx) | ||
2373 | { | ||
2374 | int keyidx; | ||
2375 | unsigned int hdrlen; | ||
2376 | |||
2377 | hdrlen = ieee80211_hdrlen(hdr->frame_control); | ||
2378 | if (rx->skb->len >= hdrlen + 4) | ||
2379 | keyidx = rx->skb->data[hdrlen + 3] >> 6; | ||
2380 | else | ||
2381 | keyidx = -1; | ||
2382 | |||
2383 | if (!rx->sta) { | ||
2384 | /* | ||
2385 | * Some hardware seem to generate incorrect Michael MIC | ||
2386 | * reports; ignore them to avoid triggering countermeasures. | ||
2387 | */ | ||
2388 | return; | ||
2389 | } | ||
2390 | |||
2391 | if (!ieee80211_has_protected(hdr->frame_control)) | ||
2392 | return; | ||
2393 | |||
2394 | if (rx->sdata->vif.type == NL80211_IFTYPE_AP && keyidx) { | ||
2395 | /* | ||
2396 | * APs with pairwise keys should never receive Michael MIC | ||
2397 | * errors for non-zero keyidx because these are reserved for | ||
2398 | * group keys and only the AP is sending real multicast | ||
2399 | * frames in the BSS. | ||
2400 | */ | ||
2401 | return; | ||
2402 | } | ||
2403 | |||
2404 | if (!ieee80211_is_data(hdr->frame_control) && | ||
2405 | !ieee80211_is_auth(hdr->frame_control)) | ||
2406 | return; | ||
2407 | |||
2408 | mac80211_ev_michael_mic_failure(rx->sdata, keyidx, hdr, NULL, | ||
2409 | GFP_ATOMIC); | ||
2410 | } | ||
2411 | |||
2412 | /* TODO: use IEEE80211_RX_FRAGMENTED */ | 2371 | /* TODO: use IEEE80211_RX_FRAGMENTED */ |
2413 | static void ieee80211_rx_cooked_monitor(struct ieee80211_rx_data *rx, | 2372 | static void ieee80211_rx_cooked_monitor(struct ieee80211_rx_data *rx, |
2414 | struct ieee80211_rate *rate) | 2373 | struct ieee80211_rate *rate) |
@@ -2752,12 +2711,6 @@ static bool ieee80211_prepare_and_rx_handle(struct ieee80211_rx_data *rx, | |||
2752 | if (!prepares) | 2711 | if (!prepares) |
2753 | return false; | 2712 | return false; |
2754 | 2713 | ||
2755 | if (status->flag & RX_FLAG_MMIC_ERROR) { | ||
2756 | if (status->rx_flags & IEEE80211_RX_RA_MATCH) | ||
2757 | ieee80211_rx_michael_mic_report(hdr, rx); | ||
2758 | return false; | ||
2759 | } | ||
2760 | |||
2761 | if (!consume) { | 2714 | if (!consume) { |
2762 | skb = skb_copy(skb, GFP_ATOMIC); | 2715 | skb = skb_copy(skb, GFP_ATOMIC); |
2763 | if (!skb) { | 2716 | if (!skb) { |
diff --git a/net/mac80211/sta_info.c b/net/mac80211/sta_info.c index a03d8a31287..d9e6e81ff6b 100644 --- a/net/mac80211/sta_info.c +++ b/net/mac80211/sta_info.c | |||
@@ -587,7 +587,6 @@ static bool sta_info_cleanup_expire_buffered(struct ieee80211_local *local, | |||
587 | { | 587 | { |
588 | unsigned long flags; | 588 | unsigned long flags; |
589 | struct sk_buff *skb; | 589 | struct sk_buff *skb; |
590 | struct ieee80211_sub_if_data *sdata; | ||
591 | 590 | ||
592 | if (skb_queue_empty(&sta->ps_tx_buf)) | 591 | if (skb_queue_empty(&sta->ps_tx_buf)) |
593 | return false; | 592 | return false; |
@@ -604,7 +603,6 @@ static bool sta_info_cleanup_expire_buffered(struct ieee80211_local *local, | |||
604 | if (!skb) | 603 | if (!skb) |
605 | break; | 604 | break; |
606 | 605 | ||
607 | sdata = sta->sdata; | ||
608 | local->total_ps_buffered--; | 606 | local->total_ps_buffered--; |
609 | #ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG | 607 | #ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG |
610 | printk(KERN_DEBUG "Buffered frame expired (STA %pM)\n", | 608 | printk(KERN_DEBUG "Buffered frame expired (STA %pM)\n", |
diff --git a/net/mac80211/status.c b/net/mac80211/status.c index 3ed3c835fbb..1658efaa2e8 100644 --- a/net/mac80211/status.c +++ b/net/mac80211/status.c | |||
@@ -446,3 +446,11 @@ void ieee80211_tx_status(struct ieee80211_hw *hw, struct sk_buff *skb) | |||
446 | dev_kfree_skb(skb); | 446 | dev_kfree_skb(skb); |
447 | } | 447 | } |
448 | EXPORT_SYMBOL(ieee80211_tx_status); | 448 | EXPORT_SYMBOL(ieee80211_tx_status); |
449 | |||
450 | void ieee80211_report_low_ack(struct ieee80211_sta *pubsta, u32 num_packets) | ||
451 | { | ||
452 | struct sta_info *sta = container_of(pubsta, struct sta_info, sta); | ||
453 | cfg80211_cqm_pktloss_notify(sta->sdata->dev, sta->sta.addr, | ||
454 | num_packets, GFP_ATOMIC); | ||
455 | } | ||
456 | EXPORT_SYMBOL(ieee80211_report_low_ack); | ||
diff --git a/net/mac80211/tx.c b/net/mac80211/tx.c index 17b10be31f5..e3e3aa173af 100644 --- a/net/mac80211/tx.c +++ b/net/mac80211/tx.c | |||
@@ -1036,14 +1036,11 @@ static bool __ieee80211_parse_tx_radiotap(struct ieee80211_tx_data *tx, | |||
1036 | struct ieee80211_radiotap_iterator iterator; | 1036 | struct ieee80211_radiotap_iterator iterator; |
1037 | struct ieee80211_radiotap_header *rthdr = | 1037 | struct ieee80211_radiotap_header *rthdr = |
1038 | (struct ieee80211_radiotap_header *) skb->data; | 1038 | (struct ieee80211_radiotap_header *) skb->data; |
1039 | struct ieee80211_supported_band *sband; | ||
1040 | bool hw_frag; | 1039 | bool hw_frag; |
1041 | struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); | 1040 | struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); |
1042 | int ret = ieee80211_radiotap_iterator_init(&iterator, rthdr, skb->len, | 1041 | int ret = ieee80211_radiotap_iterator_init(&iterator, rthdr, skb->len, |
1043 | NULL); | 1042 | NULL); |
1044 | 1043 | ||
1045 | sband = tx->local->hw.wiphy->bands[tx->channel->band]; | ||
1046 | |||
1047 | info->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT; | 1044 | info->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT; |
1048 | tx->flags &= ~IEEE80211_TX_FRAGMENTED; | 1045 | tx->flags &= ~IEEE80211_TX_FRAGMENTED; |
1049 | 1046 | ||
@@ -1442,11 +1439,8 @@ static bool ieee80211_tx(struct ieee80211_sub_if_data *sdata, | |||
1442 | struct ieee80211_tx_data tx; | 1439 | struct ieee80211_tx_data tx; |
1443 | ieee80211_tx_result res_prepare; | 1440 | ieee80211_tx_result res_prepare; |
1444 | struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); | 1441 | struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); |
1445 | u16 queue; | ||
1446 | bool result = true; | 1442 | bool result = true; |
1447 | 1443 | ||
1448 | queue = skb_get_queue_mapping(skb); | ||
1449 | |||
1450 | if (unlikely(skb->len < 10)) { | 1444 | if (unlikely(skb->len < 10)) { |
1451 | dev_kfree_skb(skb); | 1445 | dev_kfree_skb(skb); |
1452 | return true; | 1446 | return true; |
@@ -1482,12 +1476,7 @@ static int ieee80211_skb_resize(struct ieee80211_local *local, | |||
1482 | { | 1476 | { |
1483 | int tail_need = 0; | 1477 | int tail_need = 0; |
1484 | 1478 | ||
1485 | /* | 1479 | if (may_encrypt && local->crypto_tx_tailroom_needed_cnt) { |
1486 | * This could be optimised, devices that do full hardware | ||
1487 | * crypto (including TKIP MMIC) need no tailroom... But we | ||
1488 | * have no drivers for such devices currently. | ||
1489 | */ | ||
1490 | if (may_encrypt) { | ||
1491 | tail_need = IEEE80211_ENCRYPT_TAILROOM; | 1480 | tail_need = IEEE80211_ENCRYPT_TAILROOM; |
1492 | tail_need -= skb_tailroom(skb); | 1481 | tail_need -= skb_tailroom(skb); |
1493 | tail_need = max_t(int, tail_need, 0); | 1482 | tail_need = max_t(int, tail_need, 0); |
@@ -2485,7 +2474,6 @@ ieee80211_get_buffered_bc(struct ieee80211_hw *hw, | |||
2485 | { | 2474 | { |
2486 | struct ieee80211_local *local = hw_to_local(hw); | 2475 | struct ieee80211_local *local = hw_to_local(hw); |
2487 | struct sk_buff *skb = NULL; | 2476 | struct sk_buff *skb = NULL; |
2488 | struct sta_info *sta; | ||
2489 | struct ieee80211_tx_data tx; | 2477 | struct ieee80211_tx_data tx; |
2490 | struct ieee80211_sub_if_data *sdata; | 2478 | struct ieee80211_sub_if_data *sdata; |
2491 | struct ieee80211_if_ap *bss = NULL; | 2479 | struct ieee80211_if_ap *bss = NULL; |
@@ -2527,7 +2515,6 @@ ieee80211_get_buffered_bc(struct ieee80211_hw *hw, | |||
2527 | 2515 | ||
2528 | info = IEEE80211_SKB_CB(skb); | 2516 | info = IEEE80211_SKB_CB(skb); |
2529 | 2517 | ||
2530 | sta = tx.sta; | ||
2531 | tx.flags |= IEEE80211_TX_PS_BUFFERED; | 2518 | tx.flags |= IEEE80211_TX_PS_BUFFERED; |
2532 | tx.channel = local->hw.conf.channel; | 2519 | tx.channel = local->hw.conf.channel; |
2533 | info->band = tx.channel->band; | 2520 | info->band = tx.channel->band; |
diff --git a/net/mac80211/work.c b/net/mac80211/work.c index e73c8cae036..a94b312dbfa 100644 --- a/net/mac80211/work.c +++ b/net/mac80211/work.c | |||
@@ -198,9 +198,8 @@ static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata, | |||
198 | struct sk_buff *skb; | 198 | struct sk_buff *skb; |
199 | struct ieee80211_mgmt *mgmt; | 199 | struct ieee80211_mgmt *mgmt; |
200 | u8 *pos, qos_info; | 200 | u8 *pos, qos_info; |
201 | const u8 *ies; | ||
202 | size_t offset = 0, noffset; | 201 | size_t offset = 0, noffset; |
203 | int i, len, count, rates_len, supp_rates_len; | 202 | int i, count, rates_len, supp_rates_len; |
204 | u16 capab; | 203 | u16 capab; |
205 | struct ieee80211_supported_band *sband; | 204 | struct ieee80211_supported_band *sband; |
206 | u32 rates = 0; | 205 | u32 rates = 0; |
@@ -285,7 +284,7 @@ static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata, | |||
285 | } | 284 | } |
286 | 285 | ||
287 | /* SSID */ | 286 | /* SSID */ |
288 | ies = pos = skb_put(skb, 2 + wk->assoc.ssid_len); | 287 | pos = skb_put(skb, 2 + wk->assoc.ssid_len); |
289 | *pos++ = WLAN_EID_SSID; | 288 | *pos++ = WLAN_EID_SSID; |
290 | *pos++ = wk->assoc.ssid_len; | 289 | *pos++ = wk->assoc.ssid_len; |
291 | memcpy(pos, wk->assoc.ssid, wk->assoc.ssid_len); | 290 | memcpy(pos, wk->assoc.ssid, wk->assoc.ssid_len); |
@@ -295,7 +294,6 @@ static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata, | |||
295 | if (supp_rates_len > 8) | 294 | if (supp_rates_len > 8) |
296 | supp_rates_len = 8; | 295 | supp_rates_len = 8; |
297 | 296 | ||
298 | len = sband->n_bitrates; | ||
299 | pos = skb_put(skb, supp_rates_len + 2); | 297 | pos = skb_put(skb, supp_rates_len + 2); |
300 | *pos++ = WLAN_EID_SUPP_RATES; | 298 | *pos++ = WLAN_EID_SUPP_RATES; |
301 | *pos++ = supp_rates_len; | 299 | *pos++ = supp_rates_len; |
diff --git a/net/mac80211/wpa.c b/net/mac80211/wpa.c index f1765de2f4b..9dc3b5f26e8 100644 --- a/net/mac80211/wpa.c +++ b/net/mac80211/wpa.c | |||
@@ -87,42 +87,76 @@ ieee80211_rx_h_michael_mic_verify(struct ieee80211_rx_data *rx) | |||
87 | struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb); | 87 | struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb); |
88 | struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data; | 88 | struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data; |
89 | 89 | ||
90 | /* No way to verify the MIC if the hardware stripped it */ | 90 | /* |
91 | if (status->flag & RX_FLAG_MMIC_STRIPPED) | 91 | * it makes no sense to check for MIC errors on anything other |
92 | * than data frames. | ||
93 | */ | ||
94 | if (!ieee80211_is_data_present(hdr->frame_control)) | ||
95 | return RX_CONTINUE; | ||
96 | |||
97 | /* | ||
98 | * No way to verify the MIC if the hardware stripped it or | ||
99 | * the IV with the key index. In this case we have solely rely | ||
100 | * on the driver to set RX_FLAG_MMIC_ERROR in the event of a | ||
101 | * MIC failure report. | ||
102 | */ | ||
103 | if (status->flag & (RX_FLAG_MMIC_STRIPPED | RX_FLAG_IV_STRIPPED)) { | ||
104 | if (status->flag & RX_FLAG_MMIC_ERROR) | ||
105 | goto mic_fail; | ||
106 | |||
107 | if (!(status->flag & RX_FLAG_IV_STRIPPED)) | ||
108 | goto update_iv; | ||
109 | |||
92 | return RX_CONTINUE; | 110 | return RX_CONTINUE; |
111 | } | ||
93 | 112 | ||
113 | /* | ||
114 | * Some hardware seems to generate Michael MIC failure reports; even | ||
115 | * though, the frame was not encrypted with TKIP and therefore has no | ||
116 | * MIC. Ignore the flag them to avoid triggering countermeasures. | ||
117 | */ | ||
94 | if (!rx->key || rx->key->conf.cipher != WLAN_CIPHER_SUITE_TKIP || | 118 | if (!rx->key || rx->key->conf.cipher != WLAN_CIPHER_SUITE_TKIP || |
95 | !ieee80211_has_protected(hdr->frame_control) || | 119 | !(status->flag & RX_FLAG_DECRYPTED)) |
96 | !ieee80211_is_data_present(hdr->frame_control)) | ||
97 | return RX_CONTINUE; | 120 | return RX_CONTINUE; |
98 | 121 | ||
122 | if (rx->sdata->vif.type == NL80211_IFTYPE_AP && rx->key->conf.keyidx) { | ||
123 | /* | ||
124 | * APs with pairwise keys should never receive Michael MIC | ||
125 | * errors for non-zero keyidx because these are reserved for | ||
126 | * group keys and only the AP is sending real multicast | ||
127 | * frames in the BSS. ( | ||
128 | */ | ||
129 | return RX_DROP_UNUSABLE; | ||
130 | } | ||
131 | |||
132 | if (status->flag & RX_FLAG_MMIC_ERROR) | ||
133 | goto mic_fail; | ||
134 | |||
99 | hdrlen = ieee80211_hdrlen(hdr->frame_control); | 135 | hdrlen = ieee80211_hdrlen(hdr->frame_control); |
100 | if (skb->len < hdrlen + MICHAEL_MIC_LEN) | 136 | if (skb->len < hdrlen + MICHAEL_MIC_LEN) |
101 | return RX_DROP_UNUSABLE; | 137 | return RX_DROP_UNUSABLE; |
102 | 138 | ||
103 | data = skb->data + hdrlen; | 139 | data = skb->data + hdrlen; |
104 | data_len = skb->len - hdrlen - MICHAEL_MIC_LEN; | 140 | data_len = skb->len - hdrlen - MICHAEL_MIC_LEN; |
105 | |||
106 | key = &rx->key->conf.key[NL80211_TKIP_DATA_OFFSET_RX_MIC_KEY]; | 141 | key = &rx->key->conf.key[NL80211_TKIP_DATA_OFFSET_RX_MIC_KEY]; |
107 | michael_mic(key, hdr, data, data_len, mic); | 142 | michael_mic(key, hdr, data, data_len, mic); |
108 | if (memcmp(mic, data + data_len, MICHAEL_MIC_LEN) != 0) { | 143 | if (memcmp(mic, data + data_len, MICHAEL_MIC_LEN) != 0) |
109 | if (!(status->rx_flags & IEEE80211_RX_RA_MATCH)) | 144 | goto mic_fail; |
110 | return RX_DROP_UNUSABLE; | ||
111 | |||
112 | mac80211_ev_michael_mic_failure(rx->sdata, rx->key->conf.keyidx, | ||
113 | (void *) skb->data, NULL, | ||
114 | GFP_ATOMIC); | ||
115 | return RX_DROP_UNUSABLE; | ||
116 | } | ||
117 | 145 | ||
118 | /* remove Michael MIC from payload */ | 146 | /* remove Michael MIC from payload */ |
119 | skb_trim(skb, skb->len - MICHAEL_MIC_LEN); | 147 | skb_trim(skb, skb->len - MICHAEL_MIC_LEN); |
120 | 148 | ||
149 | update_iv: | ||
121 | /* update IV in key information to be able to detect replays */ | 150 | /* update IV in key information to be able to detect replays */ |
122 | rx->key->u.tkip.rx[rx->queue].iv32 = rx->tkip_iv32; | 151 | rx->key->u.tkip.rx[rx->queue].iv32 = rx->tkip_iv32; |
123 | rx->key->u.tkip.rx[rx->queue].iv16 = rx->tkip_iv16; | 152 | rx->key->u.tkip.rx[rx->queue].iv16 = rx->tkip_iv16; |
124 | 153 | ||
125 | return RX_CONTINUE; | 154 | return RX_CONTINUE; |
155 | |||
156 | mic_fail: | ||
157 | mac80211_ev_michael_mic_failure(rx->sdata, rx->key->conf.keyidx, | ||
158 | (void *) skb->data, NULL, GFP_ATOMIC); | ||
159 | return RX_DROP_UNUSABLE; | ||
126 | } | 160 | } |
127 | 161 | ||
128 | 162 | ||
diff --git a/net/wireless/core.c b/net/wireless/core.c index fe01de29bfe..bbf1fa11107 100644 --- a/net/wireless/core.c +++ b/net/wireless/core.c | |||
@@ -46,6 +46,11 @@ static struct dentry *ieee80211_debugfs_dir; | |||
46 | /* for the cleanup, scan and event works */ | 46 | /* for the cleanup, scan and event works */ |
47 | struct workqueue_struct *cfg80211_wq; | 47 | struct workqueue_struct *cfg80211_wq; |
48 | 48 | ||
49 | static bool cfg80211_disable_40mhz_24ghz; | ||
50 | module_param(cfg80211_disable_40mhz_24ghz, bool, 0644); | ||
51 | MODULE_PARM_DESC(cfg80211_disable_40mhz_24ghz, | ||
52 | "Disable 40MHz support in the 2.4GHz band"); | ||
53 | |||
49 | /* requires cfg80211_mutex to be held! */ | 54 | /* requires cfg80211_mutex to be held! */ |
50 | struct cfg80211_registered_device *cfg80211_rdev_by_wiphy_idx(int wiphy_idx) | 55 | struct cfg80211_registered_device *cfg80211_rdev_by_wiphy_idx(int wiphy_idx) |
51 | { | 56 | { |
@@ -451,6 +456,18 @@ int wiphy_register(struct wiphy *wiphy) | |||
451 | return -EINVAL; | 456 | return -EINVAL; |
452 | 457 | ||
453 | /* | 458 | /* |
459 | * Since cfg80211_disable_40mhz_24ghz is global, we can | ||
460 | * modify the sband's ht data even if the driver uses a | ||
461 | * global structure for that. | ||
462 | */ | ||
463 | if (cfg80211_disable_40mhz_24ghz && | ||
464 | band == IEEE80211_BAND_2GHZ && | ||
465 | sband->ht_cap.ht_supported) { | ||
466 | sband->ht_cap.cap &= ~IEEE80211_HT_CAP_SUP_WIDTH_20_40; | ||
467 | sband->ht_cap.cap &= ~IEEE80211_HT_CAP_SGI_40; | ||
468 | } | ||
469 | |||
470 | /* | ||
454 | * Since we use a u32 for rate bitmaps in | 471 | * Since we use a u32 for rate bitmaps in |
455 | * ieee80211_get_response_rate, we cannot | 472 | * ieee80211_get_response_rate, we cannot |
456 | * have more than 32 legacy rates. | 473 | * have more than 32 legacy rates. |
diff --git a/net/wireless/reg.c b/net/wireless/reg.c index 58d69959ab2..1613080a96b 100644 --- a/net/wireless/reg.c +++ b/net/wireless/reg.c | |||
@@ -1455,7 +1455,8 @@ static void reg_process_hint(struct regulatory_request *reg_request) | |||
1455 | * We only time out user hints, given that they should be the only | 1455 | * We only time out user hints, given that they should be the only |
1456 | * source of bogus requests. | 1456 | * source of bogus requests. |
1457 | */ | 1457 | */ |
1458 | if (reg_request->initiator == NL80211_REGDOM_SET_BY_USER) | 1458 | if (r != -EALREADY && |
1459 | reg_request->initiator == NL80211_REGDOM_SET_BY_USER) | ||
1459 | schedule_delayed_work(®_timeout, msecs_to_jiffies(3142)); | 1460 | schedule_delayed_work(®_timeout, msecs_to_jiffies(3142)); |
1460 | } | 1461 | } |
1461 | 1462 | ||