aboutsummaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
authorJohn W. Linville <linville@tuxdriver.com>2011-02-18 16:49:17 -0500
committerJohn W. Linville <linville@tuxdriver.com>2011-02-18 16:49:17 -0500
commitf4f314bf6fd39d85065c3fcda27bd594163abcf0 (patch)
tree2b88d345b2563e51c196b038ff5f74b94c77b2e0 /net
parentc269a20393500e84e8cbae23ca6d65e1107433c4 (diff)
parent8ffd878419839638d1aea102455b575da39c1a62 (diff)
Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/padovan/bluetooth-next-2.6
Diffstat (limited to 'net')
-rw-r--r--net/bluetooth/Kconfig10
-rw-r--r--net/bluetooth/Makefile5
-rw-r--r--net/bluetooth/af_bluetooth.c34
-rw-r--r--net/bluetooth/bnep/core.c2
-rw-r--r--net/bluetooth/bnep/sock.c1
-rw-r--r--net/bluetooth/cmtp/core.c2
-rw-r--r--net/bluetooth/hci_conn.c77
-rw-r--r--net/bluetooth/hci_core.c115
-rw-r--r--net/bluetooth/hci_event.c165
-rw-r--r--net/bluetooth/hci_sysfs.c6
-rw-r--r--net/bluetooth/hidp/core.c2
-rw-r--r--net/bluetooth/l2cap_core.c355
-rw-r--r--net/bluetooth/l2cap_sock.c60
-rw-r--r--net/bluetooth/mgmt.c2
-rw-r--r--net/bluetooth/rfcomm/core.c2
-rw-r--r--net/bluetooth/sco.c17
16 files changed, 662 insertions, 193 deletions
diff --git a/net/bluetooth/Kconfig b/net/bluetooth/Kconfig
index e45eae66eaf3..c6f9c2fb4891 100644
--- a/net/bluetooth/Kconfig
+++ b/net/bluetooth/Kconfig
@@ -32,7 +32,7 @@ menuconfig BT
32 more information, see <http://www.bluez.org/>. 32 more information, see <http://www.bluez.org/>.
33 33
34config BT_L2CAP 34config BT_L2CAP
35 tristate "L2CAP protocol support" 35 bool "L2CAP protocol support"
36 depends on BT 36 depends on BT
37 select CRC16 37 select CRC16
38 help 38 help
@@ -40,19 +40,13 @@ config BT_L2CAP
40 connection oriented and connection-less data transport. L2CAP 40 connection oriented and connection-less data transport. L2CAP
41 support is required for most Bluetooth applications. 41 support is required for most Bluetooth applications.
42 42
43 Say Y here to compile L2CAP support into the kernel or say M to
44 compile it as module (l2cap).
45
46config BT_SCO 43config BT_SCO
47 tristate "SCO links support" 44 bool "SCO links support"
48 depends on BT 45 depends on BT
49 help 46 help
50 SCO link provides voice transport over Bluetooth. SCO support is 47 SCO link provides voice transport over Bluetooth. SCO support is
51 required for voice applications like Headset and Audio. 48 required for voice applications like Headset and Audio.
52 49
53 Say Y here to compile SCO support into the kernel or say M to
54 compile it as module (sco).
55
56source "net/bluetooth/rfcomm/Kconfig" 50source "net/bluetooth/rfcomm/Kconfig"
57 51
58source "net/bluetooth/bnep/Kconfig" 52source "net/bluetooth/bnep/Kconfig"
diff --git a/net/bluetooth/Makefile b/net/bluetooth/Makefile
index 339b42932b33..f04fe9a9d634 100644
--- a/net/bluetooth/Makefile
+++ b/net/bluetooth/Makefile
@@ -3,12 +3,11 @@
3# 3#
4 4
5obj-$(CONFIG_BT) += bluetooth.o 5obj-$(CONFIG_BT) += bluetooth.o
6obj-$(CONFIG_BT_L2CAP) += l2cap.o
7obj-$(CONFIG_BT_SCO) += sco.o
8obj-$(CONFIG_BT_RFCOMM) += rfcomm/ 6obj-$(CONFIG_BT_RFCOMM) += rfcomm/
9obj-$(CONFIG_BT_BNEP) += bnep/ 7obj-$(CONFIG_BT_BNEP) += bnep/
10obj-$(CONFIG_BT_CMTP) += cmtp/ 8obj-$(CONFIG_BT_CMTP) += cmtp/
11obj-$(CONFIG_BT_HIDP) += hidp/ 9obj-$(CONFIG_BT_HIDP) += hidp/
12 10
13bluetooth-y := af_bluetooth.o hci_core.o hci_conn.o hci_event.o mgmt.o hci_sock.o hci_sysfs.o lib.o 11bluetooth-y := af_bluetooth.o hci_core.o hci_conn.o hci_event.o mgmt.o hci_sock.o hci_sysfs.o lib.o
14l2cap-y := l2cap_core.o l2cap_sock.o 12bluetooth-$(CONFIG_BT_L2CAP) += l2cap_core.o l2cap_sock.o
13bluetooth-$(CONFIG_BT_SCO) += sco.o
diff --git a/net/bluetooth/af_bluetooth.c b/net/bluetooth/af_bluetooth.c
index 2abfe2f30453..88af9eb9aa48 100644
--- a/net/bluetooth/af_bluetooth.c
+++ b/net/bluetooth/af_bluetooth.c
@@ -40,7 +40,7 @@
40 40
41#include <net/bluetooth/bluetooth.h> 41#include <net/bluetooth/bluetooth.h>
42 42
43#define VERSION "2.15" 43#define VERSION "2.16"
44 44
45/* Bluetooth sockets */ 45/* Bluetooth sockets */
46#define BT_MAX_PROTO 8 46#define BT_MAX_PROTO 8
@@ -397,7 +397,7 @@ static inline unsigned int bt_accept_poll(struct sock *parent)
397 return 0; 397 return 0;
398} 398}
399 399
400unsigned int bt_sock_poll(struct file * file, struct socket *sock, poll_table *wait) 400unsigned int bt_sock_poll(struct file *file, struct socket *sock, poll_table *wait)
401{ 401{
402 struct sock *sk = sock->sk; 402 struct sock *sk = sock->sk;
403 unsigned int mask = 0; 403 unsigned int mask = 0;
@@ -545,13 +545,41 @@ static int __init bt_init(void)
545 545
546 BT_INFO("HCI device and connection manager initialized"); 546 BT_INFO("HCI device and connection manager initialized");
547 547
548 hci_sock_init(); 548 err = hci_sock_init();
549 if (err < 0)
550 goto error;
551
552 err = l2cap_init();
553 if (err < 0) {
554 hci_sock_cleanup();
555 goto sock_err;
556 }
557
558 err = sco_init();
559 if (err < 0) {
560 l2cap_exit();
561 goto sock_err;
562 }
549 563
550 return 0; 564 return 0;
565
566sock_err:
567 hci_sock_cleanup();
568
569error:
570 sock_unregister(PF_BLUETOOTH);
571 bt_sysfs_cleanup();
572
573 return err;
551} 574}
552 575
553static void __exit bt_exit(void) 576static void __exit bt_exit(void)
554{ 577{
578
579 sco_exit();
580
581 l2cap_exit();
582
555 hci_sock_cleanup(); 583 hci_sock_cleanup();
556 584
557 sock_unregister(PF_BLUETOOTH); 585 sock_unregister(PF_BLUETOOTH);
diff --git a/net/bluetooth/bnep/core.c b/net/bluetooth/bnep/core.c
index 5868597534e5..03d4d1245d58 100644
--- a/net/bluetooth/bnep/core.c
+++ b/net/bluetooth/bnep/core.c
@@ -708,8 +708,6 @@ static int __init bnep_init(void)
708{ 708{
709 char flt[50] = ""; 709 char flt[50] = "";
710 710
711 l2cap_load();
712
713#ifdef CONFIG_BT_BNEP_PROTO_FILTER 711#ifdef CONFIG_BT_BNEP_PROTO_FILTER
714 strcat(flt, "protocol "); 712 strcat(flt, "protocol ");
715#endif 713#endif
diff --git a/net/bluetooth/bnep/sock.c b/net/bluetooth/bnep/sock.c
index 2862f53b66b1..d935da71ab3b 100644
--- a/net/bluetooth/bnep/sock.c
+++ b/net/bluetooth/bnep/sock.c
@@ -88,6 +88,7 @@ static int bnep_sock_ioctl(struct socket *sock, unsigned int cmd, unsigned long
88 sockfd_put(nsock); 88 sockfd_put(nsock);
89 return -EBADFD; 89 return -EBADFD;
90 } 90 }
91 ca.device[sizeof(ca.device)-1] = 0;
91 92
92 err = bnep_add_connection(&ca, nsock); 93 err = bnep_add_connection(&ca, nsock);
93 if (!err) { 94 if (!err) {
diff --git a/net/bluetooth/cmtp/core.c b/net/bluetooth/cmtp/core.c
index 2cee71a714c4..964ea9126f9f 100644
--- a/net/bluetooth/cmtp/core.c
+++ b/net/bluetooth/cmtp/core.c
@@ -469,8 +469,6 @@ int cmtp_get_conninfo(struct cmtp_conninfo *ci)
469 469
470static int __init cmtp_init(void) 470static int __init cmtp_init(void)
471{ 471{
472 l2cap_load();
473
474 BT_INFO("CMTP (CAPI Emulation) ver %s", VERSION); 472 BT_INFO("CMTP (CAPI Emulation) ver %s", VERSION);
475 473
476 cmtp_init_sockets(); 474 cmtp_init_sockets();
diff --git a/net/bluetooth/hci_conn.c b/net/bluetooth/hci_conn.c
index 42dc39f25b72..a050a6984901 100644
--- a/net/bluetooth/hci_conn.c
+++ b/net/bluetooth/hci_conn.c
@@ -45,6 +45,33 @@
45#include <net/bluetooth/bluetooth.h> 45#include <net/bluetooth/bluetooth.h>
46#include <net/bluetooth/hci_core.h> 46#include <net/bluetooth/hci_core.h>
47 47
48static void hci_le_connect(struct hci_conn *conn)
49{
50 struct hci_dev *hdev = conn->hdev;
51 struct hci_cp_le_create_conn cp;
52
53 conn->state = BT_CONNECT;
54 conn->out = 1;
55 conn->link_mode |= HCI_LM_MASTER;
56
57 memset(&cp, 0, sizeof(cp));
58 cp.scan_interval = cpu_to_le16(0x0004);
59 cp.scan_window = cpu_to_le16(0x0004);
60 bacpy(&cp.peer_addr, &conn->dst);
61 cp.conn_interval_min = cpu_to_le16(0x0008);
62 cp.conn_interval_max = cpu_to_le16(0x0100);
63 cp.supervision_timeout = cpu_to_le16(0x0064);
64 cp.min_ce_len = cpu_to_le16(0x0001);
65 cp.max_ce_len = cpu_to_le16(0x0001);
66
67 hci_send_cmd(hdev, HCI_OP_LE_CREATE_CONN, sizeof(cp), &cp);
68}
69
70static void hci_le_connect_cancel(struct hci_conn *conn)
71{
72 hci_send_cmd(conn->hdev, HCI_OP_LE_CREATE_CONN_CANCEL, 0, NULL);
73}
74
48void hci_acl_connect(struct hci_conn *conn) 75void hci_acl_connect(struct hci_conn *conn)
49{ 76{
50 struct hci_dev *hdev = conn->hdev; 77 struct hci_dev *hdev = conn->hdev;
@@ -156,6 +183,26 @@ void hci_setup_sync(struct hci_conn *conn, __u16 handle)
156 hci_send_cmd(hdev, HCI_OP_SETUP_SYNC_CONN, sizeof(cp), &cp); 183 hci_send_cmd(hdev, HCI_OP_SETUP_SYNC_CONN, sizeof(cp), &cp);
157} 184}
158 185
186void hci_le_conn_update(struct hci_conn *conn, u16 min, u16 max,
187 u16 latency, u16 to_multiplier)
188{
189 struct hci_cp_le_conn_update cp;
190 struct hci_dev *hdev = conn->hdev;
191
192 memset(&cp, 0, sizeof(cp));
193
194 cp.handle = cpu_to_le16(conn->handle);
195 cp.conn_interval_min = cpu_to_le16(min);
196 cp.conn_interval_max = cpu_to_le16(max);
197 cp.conn_latency = cpu_to_le16(latency);
198 cp.supervision_timeout = cpu_to_le16(to_multiplier);
199 cp.min_ce_len = cpu_to_le16(0x0001);
200 cp.max_ce_len = cpu_to_le16(0x0001);
201
202 hci_send_cmd(hdev, HCI_OP_LE_CONN_UPDATE, sizeof(cp), &cp);
203}
204EXPORT_SYMBOL(hci_le_conn_update);
205
159/* Device _must_ be locked */ 206/* Device _must_ be locked */
160void hci_sco_setup(struct hci_conn *conn, __u8 status) 207void hci_sco_setup(struct hci_conn *conn, __u8 status)
161{ 208{
@@ -193,8 +240,12 @@ static void hci_conn_timeout(unsigned long arg)
193 switch (conn->state) { 240 switch (conn->state) {
194 case BT_CONNECT: 241 case BT_CONNECT:
195 case BT_CONNECT2: 242 case BT_CONNECT2:
196 if (conn->type == ACL_LINK && conn->out) 243 if (conn->out) {
197 hci_acl_connect_cancel(conn); 244 if (conn->type == ACL_LINK)
245 hci_acl_connect_cancel(conn);
246 else if (conn->type == LE_LINK)
247 hci_le_connect_cancel(conn);
248 }
198 break; 249 break;
199 case BT_CONFIG: 250 case BT_CONFIG:
200 case BT_CONNECTED: 251 case BT_CONNECTED:
@@ -296,6 +347,11 @@ int hci_conn_del(struct hci_conn *conn)
296 347
297 /* Unacked frames */ 348 /* Unacked frames */
298 hdev->acl_cnt += conn->sent; 349 hdev->acl_cnt += conn->sent;
350 } else if (conn->type == LE_LINK) {
351 if (hdev->le_pkts)
352 hdev->le_cnt += conn->sent;
353 else
354 hdev->acl_cnt += conn->sent;
299 } else { 355 } else {
300 struct hci_conn *acl = conn->link; 356 struct hci_conn *acl = conn->link;
301 if (acl) { 357 if (acl) {
@@ -361,15 +417,30 @@ struct hci_dev *hci_get_route(bdaddr_t *dst, bdaddr_t *src)
361} 417}
362EXPORT_SYMBOL(hci_get_route); 418EXPORT_SYMBOL(hci_get_route);
363 419
364/* Create SCO or ACL connection. 420/* Create SCO, ACL or LE connection.
365 * Device _must_ be locked */ 421 * Device _must_ be locked */
366struct hci_conn *hci_connect(struct hci_dev *hdev, int type, bdaddr_t *dst, __u8 sec_level, __u8 auth_type) 422struct hci_conn *hci_connect(struct hci_dev *hdev, int type, bdaddr_t *dst, __u8 sec_level, __u8 auth_type)
367{ 423{
368 struct hci_conn *acl; 424 struct hci_conn *acl;
369 struct hci_conn *sco; 425 struct hci_conn *sco;
426 struct hci_conn *le;
370 427
371 BT_DBG("%s dst %s", hdev->name, batostr(dst)); 428 BT_DBG("%s dst %s", hdev->name, batostr(dst));
372 429
430 if (type == LE_LINK) {
431 le = hci_conn_hash_lookup_ba(hdev, LE_LINK, dst);
432 if (!le)
433 le = hci_conn_add(hdev, LE_LINK, dst);
434 if (!le)
435 return NULL;
436 if (le->state == BT_OPEN)
437 hci_le_connect(le);
438
439 hci_conn_hold(le);
440
441 return le;
442 }
443
373 acl = hci_conn_hash_lookup_ba(hdev, ACL_LINK, dst); 444 acl = hci_conn_hash_lookup_ba(hdev, ACL_LINK, dst);
374 if (!acl) { 445 if (!acl) {
375 acl = hci_conn_add(hdev, ACL_LINK, dst); 446 acl = hci_conn_add(hdev, ACL_LINK, dst);
diff --git a/net/bluetooth/hci_core.c b/net/bluetooth/hci_core.c
index 2f003224d2ea..b372fb8bcdcf 100644
--- a/net/bluetooth/hci_core.c
+++ b/net/bluetooth/hci_core.c
@@ -41,6 +41,7 @@
41#include <linux/interrupt.h> 41#include <linux/interrupt.h>
42#include <linux/notifier.h> 42#include <linux/notifier.h>
43#include <linux/rfkill.h> 43#include <linux/rfkill.h>
44#include <linux/timer.h>
44#include <net/sock.h> 45#include <net/sock.h>
45 46
46#include <asm/system.h> 47#include <asm/system.h>
@@ -123,7 +124,7 @@ static void hci_req_cancel(struct hci_dev *hdev, int err)
123 124
124/* Execute request and wait for completion. */ 125/* Execute request and wait for completion. */
125static int __hci_request(struct hci_dev *hdev, void (*req)(struct hci_dev *hdev, unsigned long opt), 126static int __hci_request(struct hci_dev *hdev, void (*req)(struct hci_dev *hdev, unsigned long opt),
126 unsigned long opt, __u32 timeout) 127 unsigned long opt, __u32 timeout)
127{ 128{
128 DECLARE_WAITQUEUE(wait, current); 129 DECLARE_WAITQUEUE(wait, current);
129 int err = 0; 130 int err = 0;
@@ -165,7 +166,7 @@ static int __hci_request(struct hci_dev *hdev, void (*req)(struct hci_dev *hdev,
165} 166}
166 167
167static inline int hci_request(struct hci_dev *hdev, void (*req)(struct hci_dev *hdev, unsigned long opt), 168static inline int hci_request(struct hci_dev *hdev, void (*req)(struct hci_dev *hdev, unsigned long opt),
168 unsigned long opt, __u32 timeout) 169 unsigned long opt, __u32 timeout)
169{ 170{
170 int ret; 171 int ret;
171 172
@@ -263,6 +264,14 @@ static void hci_init_req(struct hci_dev *hdev, unsigned long opt)
263 hci_send_cmd(hdev, HCI_OP_DELETE_STORED_LINK_KEY, sizeof(cp), &cp); 264 hci_send_cmd(hdev, HCI_OP_DELETE_STORED_LINK_KEY, sizeof(cp), &cp);
264} 265}
265 266
267static void hci_le_init_req(struct hci_dev *hdev, unsigned long opt)
268{
269 BT_DBG("%s", hdev->name);
270
271 /* Read LE buffer size */
272 hci_send_cmd(hdev, HCI_OP_LE_READ_BUFFER_SIZE, 0, NULL);
273}
274
266static void hci_scan_req(struct hci_dev *hdev, unsigned long opt) 275static void hci_scan_req(struct hci_dev *hdev, unsigned long opt)
267{ 276{
268 __u8 scan = opt; 277 __u8 scan = opt;
@@ -456,7 +465,7 @@ int hci_inquiry(void __user *arg)
456 /* cache_dump can't sleep. Therefore we allocate temp buffer and then 465 /* cache_dump can't sleep. Therefore we allocate temp buffer and then
457 * copy it to the user space. 466 * copy it to the user space.
458 */ 467 */
459 buf = kmalloc(sizeof(struct inquiry_info) *max_rsp, GFP_KERNEL); 468 buf = kmalloc(sizeof(struct inquiry_info) * max_rsp, GFP_KERNEL);
460 if (!buf) { 469 if (!buf) {
461 err = -ENOMEM; 470 err = -ENOMEM;
462 goto done; 471 goto done;
@@ -525,10 +534,13 @@ int hci_dev_open(__u16 dev)
525 set_bit(HCI_INIT, &hdev->flags); 534 set_bit(HCI_INIT, &hdev->flags);
526 hdev->init_last_cmd = 0; 535 hdev->init_last_cmd = 0;
527 536
528 //__hci_request(hdev, hci_reset_req, 0, HZ);
529 ret = __hci_request(hdev, hci_init_req, 0, 537 ret = __hci_request(hdev, hci_init_req, 0,
530 msecs_to_jiffies(HCI_INIT_TIMEOUT)); 538 msecs_to_jiffies(HCI_INIT_TIMEOUT));
531 539
540 if (lmp_le_capable(hdev))
541 ret = __hci_request(hdev, hci_le_init_req, 0,
542 msecs_to_jiffies(HCI_INIT_TIMEOUT));
543
532 clear_bit(HCI_INIT, &hdev->flags); 544 clear_bit(HCI_INIT, &hdev->flags);
533 } 545 }
534 546
@@ -611,6 +623,7 @@ static int hci_dev_do_close(struct hci_dev *hdev)
611 623
612 /* Drop last sent command */ 624 /* Drop last sent command */
613 if (hdev->sent_cmd) { 625 if (hdev->sent_cmd) {
626 del_timer_sync(&hdev->cmd_timer);
614 kfree_skb(hdev->sent_cmd); 627 kfree_skb(hdev->sent_cmd);
615 hdev->sent_cmd = NULL; 628 hdev->sent_cmd = NULL;
616 } 629 }
@@ -671,7 +684,7 @@ int hci_dev_reset(__u16 dev)
671 hdev->flush(hdev); 684 hdev->flush(hdev);
672 685
673 atomic_set(&hdev->cmd_cnt, 1); 686 atomic_set(&hdev->cmd_cnt, 1);
674 hdev->acl_cnt = 0; hdev->sco_cnt = 0; 687 hdev->acl_cnt = 0; hdev->sco_cnt = 0; hdev->le_cnt = 0;
675 688
676 if (!test_bit(HCI_RAW, &hdev->flags)) 689 if (!test_bit(HCI_RAW, &hdev->flags))
677 ret = __hci_request(hdev, hci_reset_req, 0, 690 ret = __hci_request(hdev, hci_reset_req, 0,
@@ -1054,6 +1067,16 @@ int hci_remove_link_key(struct hci_dev *hdev, bdaddr_t *bdaddr)
1054 return 0; 1067 return 0;
1055} 1068}
1056 1069
1070/* HCI command timer function */
1071static void hci_cmd_timer(unsigned long arg)
1072{
1073 struct hci_dev *hdev = (void *) arg;
1074
1075 BT_ERR("%s command tx timeout", hdev->name);
1076 atomic_set(&hdev->cmd_cnt, 1);
1077 tasklet_schedule(&hdev->cmd_task);
1078}
1079
1057/* Register HCI device */ 1080/* Register HCI device */
1058int hci_register_dev(struct hci_dev *hdev) 1081int hci_register_dev(struct hci_dev *hdev)
1059{ 1082{
@@ -1100,6 +1123,8 @@ int hci_register_dev(struct hci_dev *hdev)
1100 skb_queue_head_init(&hdev->cmd_q); 1123 skb_queue_head_init(&hdev->cmd_q);
1101 skb_queue_head_init(&hdev->raw_q); 1124 skb_queue_head_init(&hdev->raw_q);
1102 1125
1126 setup_timer(&hdev->cmd_timer, hci_cmd_timer, (unsigned long) hdev);
1127
1103 for (i = 0; i < NUM_REASSEMBLY; i++) 1128 for (i = 0; i < NUM_REASSEMBLY; i++)
1104 hdev->reassembly[i] = NULL; 1129 hdev->reassembly[i] = NULL;
1105 1130
@@ -1187,6 +1212,8 @@ int hci_unregister_dev(struct hci_dev *hdev)
1187 1212
1188 hci_unregister_sysfs(hdev); 1213 hci_unregister_sysfs(hdev);
1189 1214
1215 hci_del_off_timer(hdev);
1216
1190 destroy_workqueue(hdev->workqueue); 1217 destroy_workqueue(hdev->workqueue);
1191 1218
1192 hci_dev_lock_bh(hdev); 1219 hci_dev_lock_bh(hdev);
@@ -1672,8 +1699,25 @@ static inline struct hci_conn *hci_low_sent(struct hci_dev *hdev, __u8 type, int
1672 } 1699 }
1673 1700
1674 if (conn) { 1701 if (conn) {
1675 int cnt = (type == ACL_LINK ? hdev->acl_cnt : hdev->sco_cnt); 1702 int cnt, q;
1676 int q = cnt / num; 1703
1704 switch (conn->type) {
1705 case ACL_LINK:
1706 cnt = hdev->acl_cnt;
1707 break;
1708 case SCO_LINK:
1709 case ESCO_LINK:
1710 cnt = hdev->sco_cnt;
1711 break;
1712 case LE_LINK:
1713 cnt = hdev->le_mtu ? hdev->le_cnt : hdev->acl_cnt;
1714 break;
1715 default:
1716 cnt = 0;
1717 BT_ERR("Unknown link type");
1718 }
1719
1720 q = cnt / num;
1677 *quote = q ? q : 1; 1721 *quote = q ? q : 1;
1678 } else 1722 } else
1679 *quote = 0; 1723 *quote = 0;
@@ -1682,19 +1726,19 @@ static inline struct hci_conn *hci_low_sent(struct hci_dev *hdev, __u8 type, int
1682 return conn; 1726 return conn;
1683} 1727}
1684 1728
1685static inline void hci_acl_tx_to(struct hci_dev *hdev) 1729static inline void hci_link_tx_to(struct hci_dev *hdev, __u8 type)
1686{ 1730{
1687 struct hci_conn_hash *h = &hdev->conn_hash; 1731 struct hci_conn_hash *h = &hdev->conn_hash;
1688 struct list_head *p; 1732 struct list_head *p;
1689 struct hci_conn *c; 1733 struct hci_conn *c;
1690 1734
1691 BT_ERR("%s ACL tx timeout", hdev->name); 1735 BT_ERR("%s link tx timeout", hdev->name);
1692 1736
1693 /* Kill stalled connections */ 1737 /* Kill stalled connections */
1694 list_for_each(p, &h->list) { 1738 list_for_each(p, &h->list) {
1695 c = list_entry(p, struct hci_conn, list); 1739 c = list_entry(p, struct hci_conn, list);
1696 if (c->type == ACL_LINK && c->sent) { 1740 if (c->type == type && c->sent) {
1697 BT_ERR("%s killing stalled ACL connection %s", 1741 BT_ERR("%s killing stalled connection %s",
1698 hdev->name, batostr(&c->dst)); 1742 hdev->name, batostr(&c->dst));
1699 hci_acl_disconn(c, 0x13); 1743 hci_acl_disconn(c, 0x13);
1700 } 1744 }
@@ -1713,7 +1757,7 @@ static inline void hci_sched_acl(struct hci_dev *hdev)
1713 /* ACL tx timeout must be longer than maximum 1757 /* ACL tx timeout must be longer than maximum
1714 * link supervision timeout (40.9 seconds) */ 1758 * link supervision timeout (40.9 seconds) */
1715 if (!hdev->acl_cnt && time_after(jiffies, hdev->acl_last_tx + HZ * 45)) 1759 if (!hdev->acl_cnt && time_after(jiffies, hdev->acl_last_tx + HZ * 45))
1716 hci_acl_tx_to(hdev); 1760 hci_link_tx_to(hdev, ACL_LINK);
1717 } 1761 }
1718 1762
1719 while (hdev->acl_cnt && (conn = hci_low_sent(hdev, ACL_LINK, &quote))) { 1763 while (hdev->acl_cnt && (conn = hci_low_sent(hdev, ACL_LINK, &quote))) {
@@ -1772,6 +1816,40 @@ static inline void hci_sched_esco(struct hci_dev *hdev)
1772 } 1816 }
1773} 1817}
1774 1818
1819static inline void hci_sched_le(struct hci_dev *hdev)
1820{
1821 struct hci_conn *conn;
1822 struct sk_buff *skb;
1823 int quote, cnt;
1824
1825 BT_DBG("%s", hdev->name);
1826
1827 if (!test_bit(HCI_RAW, &hdev->flags)) {
1828 /* LE tx timeout must be longer than maximum
1829 * link supervision timeout (40.9 seconds) */
1830 if (!hdev->le_cnt && hdev->le_pkts &&
1831 time_after(jiffies, hdev->le_last_tx + HZ * 45))
1832 hci_link_tx_to(hdev, LE_LINK);
1833 }
1834
1835 cnt = hdev->le_pkts ? hdev->le_cnt : hdev->acl_cnt;
1836 while (cnt && (conn = hci_low_sent(hdev, LE_LINK, &quote))) {
1837 while (quote-- && (skb = skb_dequeue(&conn->data_q))) {
1838 BT_DBG("skb %p len %d", skb, skb->len);
1839
1840 hci_send_frame(skb);
1841 hdev->le_last_tx = jiffies;
1842
1843 cnt--;
1844 conn->sent++;
1845 }
1846 }
1847 if (hdev->le_pkts)
1848 hdev->le_cnt = cnt;
1849 else
1850 hdev->acl_cnt = cnt;
1851}
1852
1775static void hci_tx_task(unsigned long arg) 1853static void hci_tx_task(unsigned long arg)
1776{ 1854{
1777 struct hci_dev *hdev = (struct hci_dev *) arg; 1855 struct hci_dev *hdev = (struct hci_dev *) arg;
@@ -1779,7 +1857,8 @@ static void hci_tx_task(unsigned long arg)
1779 1857
1780 read_lock(&hci_task_lock); 1858 read_lock(&hci_task_lock);
1781 1859
1782 BT_DBG("%s acl %d sco %d", hdev->name, hdev->acl_cnt, hdev->sco_cnt); 1860 BT_DBG("%s acl %d sco %d le %d", hdev->name, hdev->acl_cnt,
1861 hdev->sco_cnt, hdev->le_cnt);
1783 1862
1784 /* Schedule queues and send stuff to HCI driver */ 1863 /* Schedule queues and send stuff to HCI driver */
1785 1864
@@ -1789,6 +1868,8 @@ static void hci_tx_task(unsigned long arg)
1789 1868
1790 hci_sched_esco(hdev); 1869 hci_sched_esco(hdev);
1791 1870
1871 hci_sched_le(hdev);
1872
1792 /* Send next queued raw (unknown type) packet */ 1873 /* Send next queued raw (unknown type) packet */
1793 while ((skb = skb_dequeue(&hdev->raw_q))) 1874 while ((skb = skb_dequeue(&hdev->raw_q)))
1794 hci_send_frame(skb); 1875 hci_send_frame(skb);
@@ -1936,11 +2017,6 @@ static void hci_cmd_task(unsigned long arg)
1936 2017
1937 BT_DBG("%s cmd %d", hdev->name, atomic_read(&hdev->cmd_cnt)); 2018 BT_DBG("%s cmd %d", hdev->name, atomic_read(&hdev->cmd_cnt));
1938 2019
1939 if (!atomic_read(&hdev->cmd_cnt) && time_after(jiffies, hdev->cmd_last_tx + HZ)) {
1940 BT_ERR("%s command tx timeout", hdev->name);
1941 atomic_set(&hdev->cmd_cnt, 1);
1942 }
1943
1944 /* Send queued commands */ 2020 /* Send queued commands */
1945 if (atomic_read(&hdev->cmd_cnt)) { 2021 if (atomic_read(&hdev->cmd_cnt)) {
1946 skb = skb_dequeue(&hdev->cmd_q); 2022 skb = skb_dequeue(&hdev->cmd_q);
@@ -1953,7 +2029,8 @@ static void hci_cmd_task(unsigned long arg)
1953 if (hdev->sent_cmd) { 2029 if (hdev->sent_cmd) {
1954 atomic_dec(&hdev->cmd_cnt); 2030 atomic_dec(&hdev->cmd_cnt);
1955 hci_send_frame(skb); 2031 hci_send_frame(skb);
1956 hdev->cmd_last_tx = jiffies; 2032 mod_timer(&hdev->cmd_timer,
2033 jiffies + msecs_to_jiffies(HCI_CMD_TIMEOUT));
1957 } else { 2034 } else {
1958 skb_queue_head(&hdev->cmd_q, skb); 2035 skb_queue_head(&hdev->cmd_q, skb);
1959 tasklet_schedule(&hdev->cmd_task); 2036 tasklet_schedule(&hdev->cmd_task);
diff --git a/net/bluetooth/hci_event.c b/net/bluetooth/hci_event.c
index cee46cbe7aeb..98b5764e4315 100644
--- a/net/bluetooth/hci_event.c
+++ b/net/bluetooth/hci_event.c
@@ -776,6 +776,25 @@ static void hci_cc_pin_code_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
776 mgmt_pin_code_neg_reply_complete(hdev->id, &rp->bdaddr, 776 mgmt_pin_code_neg_reply_complete(hdev->id, &rp->bdaddr,
777 rp->status); 777 rp->status);
778} 778}
779static void hci_cc_le_read_buffer_size(struct hci_dev *hdev,
780 struct sk_buff *skb)
781{
782 struct hci_rp_le_read_buffer_size *rp = (void *) skb->data;
783
784 BT_DBG("%s status 0x%x", hdev->name, rp->status);
785
786 if (rp->status)
787 return;
788
789 hdev->le_mtu = __le16_to_cpu(rp->le_mtu);
790 hdev->le_pkts = rp->le_max_pkt;
791
792 hdev->le_cnt = hdev->le_pkts;
793
794 BT_DBG("%s le mtu %d:%d", hdev->name, hdev->le_mtu, hdev->le_pkts);
795
796 hci_req_complete(hdev, HCI_OP_LE_READ_BUFFER_SIZE, rp->status);
797}
779 798
780static inline void hci_cs_inquiry(struct hci_dev *hdev, __u8 status) 799static inline void hci_cs_inquiry(struct hci_dev *hdev, __u8 status)
781{ 800{
@@ -919,7 +938,7 @@ static void hci_cs_set_conn_encrypt(struct hci_dev *hdev, __u8 status)
919} 938}
920 939
921static int hci_outgoing_auth_needed(struct hci_dev *hdev, 940static int hci_outgoing_auth_needed(struct hci_dev *hdev,
922 struct hci_conn *conn) 941 struct hci_conn *conn)
923{ 942{
924 if (conn->state != BT_CONFIG || !conn->out) 943 if (conn->state != BT_CONFIG || !conn->out)
925 return 0; 944 return 0;
@@ -1107,6 +1126,43 @@ static void hci_cs_exit_sniff_mode(struct hci_dev *hdev, __u8 status)
1107 hci_dev_unlock(hdev); 1126 hci_dev_unlock(hdev);
1108} 1127}
1109 1128
1129static void hci_cs_le_create_conn(struct hci_dev *hdev, __u8 status)
1130{
1131 struct hci_cp_le_create_conn *cp;
1132 struct hci_conn *conn;
1133
1134 BT_DBG("%s status 0x%x", hdev->name, status);
1135
1136 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_CREATE_CONN);
1137 if (!cp)
1138 return;
1139
1140 hci_dev_lock(hdev);
1141
1142 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->peer_addr);
1143
1144 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->peer_addr),
1145 conn);
1146
1147 if (status) {
1148 if (conn && conn->state == BT_CONNECT) {
1149 conn->state = BT_CLOSED;
1150 hci_proto_connect_cfm(conn, status);
1151 hci_conn_del(conn);
1152 }
1153 } else {
1154 if (!conn) {
1155 conn = hci_conn_add(hdev, LE_LINK, &cp->peer_addr);
1156 if (conn)
1157 conn->out = 1;
1158 else
1159 BT_ERR("No memory for new connection");
1160 }
1161 }
1162
1163 hci_dev_unlock(hdev);
1164}
1165
1110static inline void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb) 1166static inline void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1111{ 1167{
1112 __u8 status = *((__u8 *) skb->data); 1168 __u8 status = *((__u8 *) skb->data);
@@ -1237,7 +1293,8 @@ static inline void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *sk
1237 1293
1238 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type); 1294 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type);
1239 1295
1240 if ((mask & HCI_LM_ACCEPT) && !hci_blacklist_lookup(hdev, &ev->bdaddr)) { 1296 if ((mask & HCI_LM_ACCEPT) &&
1297 !hci_blacklist_lookup(hdev, &ev->bdaddr)) {
1241 /* Connection accepted */ 1298 /* Connection accepted */
1242 struct inquiry_entry *ie; 1299 struct inquiry_entry *ie;
1243 struct hci_conn *conn; 1300 struct hci_conn *conn;
@@ -1667,11 +1724,18 @@ static inline void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *sk
1667 hci_cc_pin_code_neg_reply(hdev, skb); 1724 hci_cc_pin_code_neg_reply(hdev, skb);
1668 break; 1725 break;
1669 1726
1727 case HCI_OP_LE_READ_BUFFER_SIZE:
1728 hci_cc_le_read_buffer_size(hdev, skb);
1729 break;
1730
1670 default: 1731 default:
1671 BT_DBG("%s opcode 0x%x", hdev->name, opcode); 1732 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
1672 break; 1733 break;
1673 } 1734 }
1674 1735
1736 if (ev->opcode != HCI_OP_NOP)
1737 del_timer(&hdev->cmd_timer);
1738
1675 if (ev->ncmd) { 1739 if (ev->ncmd) {
1676 atomic_set(&hdev->cmd_cnt, 1); 1740 atomic_set(&hdev->cmd_cnt, 1);
1677 if (!skb_queue_empty(&hdev->cmd_q)) 1741 if (!skb_queue_empty(&hdev->cmd_q))
@@ -1738,11 +1802,18 @@ static inline void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb)
1738 mgmt_disconnect_failed(hdev->id); 1802 mgmt_disconnect_failed(hdev->id);
1739 break; 1803 break;
1740 1804
1805 case HCI_OP_LE_CREATE_CONN:
1806 hci_cs_le_create_conn(hdev, ev->status);
1807 break;
1808
1741 default: 1809 default:
1742 BT_DBG("%s opcode 0x%x", hdev->name, opcode); 1810 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
1743 break; 1811 break;
1744 } 1812 }
1745 1813
1814 if (ev->opcode != HCI_OP_NOP)
1815 del_timer(&hdev->cmd_timer);
1816
1746 if (ev->ncmd) { 1817 if (ev->ncmd) {
1747 atomic_set(&hdev->cmd_cnt, 1); 1818 atomic_set(&hdev->cmd_cnt, 1);
1748 if (!skb_queue_empty(&hdev->cmd_q)) 1819 if (!skb_queue_empty(&hdev->cmd_q))
@@ -1808,6 +1879,16 @@ static inline void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *s
1808 hdev->acl_cnt += count; 1879 hdev->acl_cnt += count;
1809 if (hdev->acl_cnt > hdev->acl_pkts) 1880 if (hdev->acl_cnt > hdev->acl_pkts)
1810 hdev->acl_cnt = hdev->acl_pkts; 1881 hdev->acl_cnt = hdev->acl_pkts;
1882 } else if (conn->type == LE_LINK) {
1883 if (hdev->le_pkts) {
1884 hdev->le_cnt += count;
1885 if (hdev->le_cnt > hdev->le_pkts)
1886 hdev->le_cnt = hdev->le_pkts;
1887 } else {
1888 hdev->acl_cnt += count;
1889 if (hdev->acl_cnt > hdev->acl_pkts)
1890 hdev->acl_cnt = hdev->acl_pkts;
1891 }
1811 } else { 1892 } else {
1812 hdev->sco_cnt += count; 1893 hdev->sco_cnt += count;
1813 if (hdev->sco_cnt > hdev->sco_pkts) 1894 if (hdev->sco_cnt > hdev->sco_pkts)
@@ -2021,7 +2102,8 @@ static inline void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev, struct
2021 hci_dev_lock(hdev); 2102 hci_dev_lock(hdev);
2022 2103
2023 if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) { 2104 if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) {
2024 struct inquiry_info_with_rssi_and_pscan_mode *info = (void *) (skb->data + 1); 2105 struct inquiry_info_with_rssi_and_pscan_mode *info;
2106 info = (void *) (skb->data + 1);
2025 2107
2026 for (; num_rsp; num_rsp--) { 2108 for (; num_rsp; num_rsp--) {
2027 bacpy(&data.bdaddr, &info->bdaddr); 2109 bacpy(&data.bdaddr, &info->bdaddr);
@@ -2162,17 +2244,8 @@ static inline void hci_sync_conn_changed_evt(struct hci_dev *hdev, struct sk_buf
2162static inline void hci_sniff_subrate_evt(struct hci_dev *hdev, struct sk_buff *skb) 2244static inline void hci_sniff_subrate_evt(struct hci_dev *hdev, struct sk_buff *skb)
2163{ 2245{
2164 struct hci_ev_sniff_subrate *ev = (void *) skb->data; 2246 struct hci_ev_sniff_subrate *ev = (void *) skb->data;
2165 struct hci_conn *conn;
2166 2247
2167 BT_DBG("%s status %d", hdev->name, ev->status); 2248 BT_DBG("%s status %d", hdev->name, ev->status);
2168
2169 hci_dev_lock(hdev);
2170
2171 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2172 if (conn) {
2173 }
2174
2175 hci_dev_unlock(hdev);
2176} 2249}
2177 2250
2178static inline void hci_extended_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb) 2251static inline void hci_extended_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
@@ -2190,12 +2263,12 @@ static inline void hci_extended_inquiry_result_evt(struct hci_dev *hdev, struct
2190 2263
2191 for (; num_rsp; num_rsp--) { 2264 for (; num_rsp; num_rsp--) {
2192 bacpy(&data.bdaddr, &info->bdaddr); 2265 bacpy(&data.bdaddr, &info->bdaddr);
2193 data.pscan_rep_mode = info->pscan_rep_mode; 2266 data.pscan_rep_mode = info->pscan_rep_mode;
2194 data.pscan_period_mode = info->pscan_period_mode; 2267 data.pscan_period_mode = info->pscan_period_mode;
2195 data.pscan_mode = 0x00; 2268 data.pscan_mode = 0x00;
2196 memcpy(data.dev_class, info->dev_class, 3); 2269 memcpy(data.dev_class, info->dev_class, 3);
2197 data.clock_offset = info->clock_offset; 2270 data.clock_offset = info->clock_offset;
2198 data.rssi = info->rssi; 2271 data.rssi = info->rssi;
2199 data.ssp_mode = 0x01; 2272 data.ssp_mode = 0x01;
2200 info++; 2273 info++;
2201 hci_inquiry_cache_update(hdev, &data); 2274 hci_inquiry_cache_update(hdev, &data);
@@ -2321,6 +2394,60 @@ static inline void hci_remote_host_features_evt(struct hci_dev *hdev, struct sk_
2321 hci_dev_unlock(hdev); 2394 hci_dev_unlock(hdev);
2322} 2395}
2323 2396
2397static inline void hci_le_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2398{
2399 struct hci_ev_le_conn_complete *ev = (void *) skb->data;
2400 struct hci_conn *conn;
2401
2402 BT_DBG("%s status %d", hdev->name, ev->status);
2403
2404 hci_dev_lock(hdev);
2405
2406 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &ev->bdaddr);
2407 if (!conn) {
2408 conn = hci_conn_add(hdev, LE_LINK, &ev->bdaddr);
2409 if (!conn) {
2410 BT_ERR("No memory for new connection");
2411 hci_dev_unlock(hdev);
2412 return;
2413 }
2414 }
2415
2416 if (ev->status) {
2417 hci_proto_connect_cfm(conn, ev->status);
2418 conn->state = BT_CLOSED;
2419 hci_conn_del(conn);
2420 goto unlock;
2421 }
2422
2423 conn->handle = __le16_to_cpu(ev->handle);
2424 conn->state = BT_CONNECTED;
2425
2426 hci_conn_hold_device(conn);
2427 hci_conn_add_sysfs(conn);
2428
2429 hci_proto_connect_cfm(conn, ev->status);
2430
2431unlock:
2432 hci_dev_unlock(hdev);
2433}
2434
2435static inline void hci_le_meta_evt(struct hci_dev *hdev, struct sk_buff *skb)
2436{
2437 struct hci_ev_le_meta *le_ev = (void *) skb->data;
2438
2439 skb_pull(skb, sizeof(*le_ev));
2440
2441 switch (le_ev->subevent) {
2442 case HCI_EV_LE_CONN_COMPLETE:
2443 hci_le_conn_complete_evt(hdev, skb);
2444 break;
2445
2446 default:
2447 break;
2448 }
2449}
2450
2324void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb) 2451void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
2325{ 2452{
2326 struct hci_event_hdr *hdr = (void *) skb->data; 2453 struct hci_event_hdr *hdr = (void *) skb->data;
@@ -2461,6 +2588,10 @@ void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
2461 hci_remote_host_features_evt(hdev, skb); 2588 hci_remote_host_features_evt(hdev, skb);
2462 break; 2589 break;
2463 2590
2591 case HCI_EV_LE_META:
2592 hci_le_meta_evt(hdev, skb);
2593 break;
2594
2464 default: 2595 default:
2465 BT_DBG("%s event 0x%x", hdev->name, event); 2596 BT_DBG("%s event 0x%x", hdev->name, event);
2466 break; 2597 break;
diff --git a/net/bluetooth/hci_sysfs.c b/net/bluetooth/hci_sysfs.c
index 23471dd9ee2f..3c838a65a75a 100644
--- a/net/bluetooth/hci_sysfs.c
+++ b/net/bluetooth/hci_sysfs.c
@@ -11,7 +11,7 @@
11 11
12static struct class *bt_class; 12static struct class *bt_class;
13 13
14struct dentry *bt_debugfs = NULL; 14struct dentry *bt_debugfs;
15EXPORT_SYMBOL_GPL(bt_debugfs); 15EXPORT_SYMBOL_GPL(bt_debugfs);
16 16
17static inline char *link_typetostr(int type) 17static inline char *link_typetostr(int type)
@@ -51,8 +51,8 @@ static ssize_t show_link_features(struct device *dev, struct device_attribute *a
51 conn->features[6], conn->features[7]); 51 conn->features[6], conn->features[7]);
52} 52}
53 53
54#define LINK_ATTR(_name,_mode,_show,_store) \ 54#define LINK_ATTR(_name, _mode, _show, _store) \
55struct device_attribute link_attr_##_name = __ATTR(_name,_mode,_show,_store) 55struct device_attribute link_attr_##_name = __ATTR(_name, _mode, _show, _store)
56 56
57static LINK_ATTR(type, S_IRUGO, show_link_type, NULL); 57static LINK_ATTR(type, S_IRUGO, show_link_type, NULL);
58static LINK_ATTR(address, S_IRUGO, show_link_address, NULL); 58static LINK_ATTR(address, S_IRUGO, show_link_address, NULL);
diff --git a/net/bluetooth/hidp/core.c b/net/bluetooth/hidp/core.c
index e0de92952f32..2429ca2d7b06 100644
--- a/net/bluetooth/hidp/core.c
+++ b/net/bluetooth/hidp/core.c
@@ -1019,8 +1019,6 @@ static int __init hidp_init(void)
1019{ 1019{
1020 int ret; 1020 int ret;
1021 1021
1022 l2cap_load();
1023
1024 BT_INFO("HIDP (Human Interface Emulation) ver %s", VERSION); 1022 BT_INFO("HIDP (Human Interface Emulation) ver %s", VERSION);
1025 1023
1026 ret = hid_register_driver(&hidp_driver); 1024 ret = hid_register_driver(&hidp_driver);
diff --git a/net/bluetooth/l2cap_core.c b/net/bluetooth/l2cap_core.c
index ba7f9da68998..efcef0dc1259 100644
--- a/net/bluetooth/l2cap_core.c
+++ b/net/bluetooth/l2cap_core.c
@@ -55,8 +55,6 @@
55#include <net/bluetooth/hci_core.h> 55#include <net/bluetooth/hci_core.h>
56#include <net/bluetooth/l2cap.h> 56#include <net/bluetooth/l2cap.h>
57 57
58#define VERSION "2.15"
59
60int disable_ertm; 58int disable_ertm;
61 59
62static u32 l2cap_feat_mask = L2CAP_FEAT_FIXED_CHAN; 60static u32 l2cap_feat_mask = L2CAP_FEAT_FIXED_CHAN;
@@ -183,8 +181,16 @@ static void __l2cap_chan_add(struct l2cap_conn *conn, struct sock *sk, struct so
183 l2cap_pi(sk)->conn = conn; 181 l2cap_pi(sk)->conn = conn;
184 182
185 if (sk->sk_type == SOCK_SEQPACKET || sk->sk_type == SOCK_STREAM) { 183 if (sk->sk_type == SOCK_SEQPACKET || sk->sk_type == SOCK_STREAM) {
186 /* Alloc CID for connection-oriented socket */ 184 if (conn->hcon->type == LE_LINK) {
187 l2cap_pi(sk)->scid = l2cap_alloc_cid(l); 185 /* LE connection */
186 l2cap_pi(sk)->omtu = L2CAP_LE_DEFAULT_MTU;
187 l2cap_pi(sk)->scid = L2CAP_CID_LE_DATA;
188 l2cap_pi(sk)->dcid = L2CAP_CID_LE_DATA;
189 } else {
190 /* Alloc CID for connection-oriented socket */
191 l2cap_pi(sk)->scid = l2cap_alloc_cid(l);
192 l2cap_pi(sk)->omtu = L2CAP_DEFAULT_MTU;
193 }
188 } else if (sk->sk_type == SOCK_DGRAM) { 194 } else if (sk->sk_type == SOCK_DGRAM) {
189 /* Connectionless socket */ 195 /* Connectionless socket */
190 l2cap_pi(sk)->scid = L2CAP_CID_CONN_LESS; 196 l2cap_pi(sk)->scid = L2CAP_CID_CONN_LESS;
@@ -583,6 +589,82 @@ static void l2cap_conn_start(struct l2cap_conn *conn)
583 } 589 }
584} 590}
585 591
592/* Find socket with cid and source bdaddr.
593 * Returns closest match, locked.
594 */
595static struct sock *l2cap_get_sock_by_scid(int state, __le16 cid, bdaddr_t *src)
596{
597 struct sock *s, *sk = NULL, *sk1 = NULL;
598 struct hlist_node *node;
599
600 read_lock(&l2cap_sk_list.lock);
601
602 sk_for_each(sk, node, &l2cap_sk_list.head) {
603 if (state && sk->sk_state != state)
604 continue;
605
606 if (l2cap_pi(sk)->scid == cid) {
607 /* Exact match. */
608 if (!bacmp(&bt_sk(sk)->src, src))
609 break;
610
611 /* Closest match */
612 if (!bacmp(&bt_sk(sk)->src, BDADDR_ANY))
613 sk1 = sk;
614 }
615 }
616 s = node ? sk : sk1;
617 if (s)
618 bh_lock_sock(s);
619 read_unlock(&l2cap_sk_list.lock);
620
621 return s;
622}
623
624static void l2cap_le_conn_ready(struct l2cap_conn *conn)
625{
626 struct l2cap_chan_list *list = &conn->chan_list;
627 struct sock *parent, *uninitialized_var(sk);
628
629 BT_DBG("");
630
631 /* Check if we have socket listening on cid */
632 parent = l2cap_get_sock_by_scid(BT_LISTEN, L2CAP_CID_LE_DATA,
633 conn->src);
634 if (!parent)
635 return;
636
637 /* Check for backlog size */
638 if (sk_acceptq_is_full(parent)) {
639 BT_DBG("backlog full %d", parent->sk_ack_backlog);
640 goto clean;
641 }
642
643 sk = l2cap_sock_alloc(sock_net(parent), NULL, BTPROTO_L2CAP, GFP_ATOMIC);
644 if (!sk)
645 goto clean;
646
647 write_lock_bh(&list->lock);
648
649 hci_conn_hold(conn->hcon);
650
651 l2cap_sock_init(sk, parent);
652 bacpy(&bt_sk(sk)->src, conn->src);
653 bacpy(&bt_sk(sk)->dst, conn->dst);
654
655 __l2cap_chan_add(conn, sk, parent);
656
657 l2cap_sock_set_timer(sk, sk->sk_sndtimeo);
658
659 sk->sk_state = BT_CONNECTED;
660 parent->sk_data_ready(parent, 0);
661
662 write_unlock_bh(&list->lock);
663
664clean:
665 bh_unlock_sock(parent);
666}
667
586static void l2cap_conn_ready(struct l2cap_conn *conn) 668static void l2cap_conn_ready(struct l2cap_conn *conn)
587{ 669{
588 struct l2cap_chan_list *l = &conn->chan_list; 670 struct l2cap_chan_list *l = &conn->chan_list;
@@ -590,11 +672,20 @@ static void l2cap_conn_ready(struct l2cap_conn *conn)
590 672
591 BT_DBG("conn %p", conn); 673 BT_DBG("conn %p", conn);
592 674
675 if (!conn->hcon->out && conn->hcon->type == LE_LINK)
676 l2cap_le_conn_ready(conn);
677
593 read_lock(&l->lock); 678 read_lock(&l->lock);
594 679
595 for (sk = l->head; sk; sk = l2cap_pi(sk)->next_c) { 680 for (sk = l->head; sk; sk = l2cap_pi(sk)->next_c) {
596 bh_lock_sock(sk); 681 bh_lock_sock(sk);
597 682
683 if (conn->hcon->type == LE_LINK) {
684 l2cap_sock_clear_timer(sk);
685 sk->sk_state = BT_CONNECTED;
686 sk->sk_state_change(sk);
687 }
688
598 if (sk->sk_type != SOCK_SEQPACKET && 689 if (sk->sk_type != SOCK_SEQPACKET &&
599 sk->sk_type != SOCK_STREAM) { 690 sk->sk_type != SOCK_STREAM) {
600 l2cap_sock_clear_timer(sk); 691 l2cap_sock_clear_timer(sk);
@@ -653,7 +744,11 @@ static struct l2cap_conn *l2cap_conn_add(struct hci_conn *hcon, u8 status)
653 744
654 BT_DBG("hcon %p conn %p", hcon, conn); 745 BT_DBG("hcon %p conn %p", hcon, conn);
655 746
656 conn->mtu = hcon->hdev->acl_mtu; 747 if (hcon->hdev->le_mtu && hcon->type == LE_LINK)
748 conn->mtu = hcon->hdev->le_mtu;
749 else
750 conn->mtu = hcon->hdev->acl_mtu;
751
657 conn->src = &hcon->hdev->bdaddr; 752 conn->src = &hcon->hdev->bdaddr;
658 conn->dst = &hcon->dst; 753 conn->dst = &hcon->dst;
659 754
@@ -662,7 +757,8 @@ static struct l2cap_conn *l2cap_conn_add(struct hci_conn *hcon, u8 status)
662 spin_lock_init(&conn->lock); 757 spin_lock_init(&conn->lock);
663 rwlock_init(&conn->chan_list.lock); 758 rwlock_init(&conn->chan_list.lock);
664 759
665 setup_timer(&conn->info_timer, l2cap_info_timeout, 760 if (hcon->type != LE_LINK)
761 setup_timer(&conn->info_timer, l2cap_info_timeout,
666 (unsigned long) conn); 762 (unsigned long) conn);
667 763
668 conn->disc_reason = 0x13; 764 conn->disc_reason = 0x13;
@@ -760,8 +856,13 @@ int l2cap_do_connect(struct sock *sk)
760 856
761 auth_type = l2cap_get_auth_type(sk); 857 auth_type = l2cap_get_auth_type(sk);
762 858
763 hcon = hci_connect(hdev, ACL_LINK, dst, 859 if (l2cap_pi(sk)->dcid == L2CAP_CID_LE_DATA)
860 hcon = hci_connect(hdev, LE_LINK, dst,
764 l2cap_pi(sk)->sec_level, auth_type); 861 l2cap_pi(sk)->sec_level, auth_type);
862 else
863 hcon = hci_connect(hdev, ACL_LINK, dst,
864 l2cap_pi(sk)->sec_level, auth_type);
865
765 if (!hcon) 866 if (!hcon)
766 goto done; 867 goto done;
767 868
@@ -1327,7 +1428,11 @@ static struct sk_buff *l2cap_build_cmd(struct l2cap_conn *conn,
1327 1428
1328 lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE); 1429 lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE);
1329 lh->len = cpu_to_le16(L2CAP_CMD_HDR_SIZE + dlen); 1430 lh->len = cpu_to_le16(L2CAP_CMD_HDR_SIZE + dlen);
1330 lh->cid = cpu_to_le16(L2CAP_CID_SIGNALING); 1431
1432 if (conn->hcon->type == LE_LINK)
1433 lh->cid = cpu_to_le16(L2CAP_CID_LE_SIGNALING);
1434 else
1435 lh->cid = cpu_to_le16(L2CAP_CID_SIGNALING);
1331 1436
1332 cmd = (struct l2cap_cmd_hdr *) skb_put(skb, L2CAP_CMD_HDR_SIZE); 1437 cmd = (struct l2cap_cmd_hdr *) skb_put(skb, L2CAP_CMD_HDR_SIZE);
1333 cmd->code = code; 1438 cmd->code = code;
@@ -1566,10 +1671,6 @@ done:
1566 break; 1671 break;
1567 } 1672 }
1568 1673
1569 /* FIXME: Need actual value of the flush timeout */
1570 //if (flush_to != L2CAP_DEFAULT_FLUSH_TO)
1571 // l2cap_add_conf_opt(&ptr, L2CAP_CONF_FLUSH_TO, 2, pi->flush_to);
1572
1573 req->dcid = cpu_to_le16(pi->dcid); 1674 req->dcid = cpu_to_le16(pi->dcid);
1574 req->flags = cpu_to_le16(0); 1675 req->flags = cpu_to_le16(0);
1575 1676
@@ -2396,12 +2497,153 @@ static inline int l2cap_information_rsp(struct l2cap_conn *conn, struct l2cap_cm
2396 return 0; 2497 return 0;
2397} 2498}
2398 2499
2399static inline void l2cap_sig_channel(struct l2cap_conn *conn, struct sk_buff *skb) 2500static inline int l2cap_check_conn_param(u16 min, u16 max, u16 latency,
2501 u16 to_multiplier)
2502{
2503 u16 max_latency;
2504
2505 if (min > max || min < 6 || max > 3200)
2506 return -EINVAL;
2507
2508 if (to_multiplier < 10 || to_multiplier > 3200)
2509 return -EINVAL;
2510
2511 if (max >= to_multiplier * 8)
2512 return -EINVAL;
2513
2514 max_latency = (to_multiplier * 8 / max) - 1;
2515 if (latency > 499 || latency > max_latency)
2516 return -EINVAL;
2517
2518 return 0;
2519}
2520
2521static inline int l2cap_conn_param_update_req(struct l2cap_conn *conn,
2522 struct l2cap_cmd_hdr *cmd, u8 *data)
2523{
2524 struct hci_conn *hcon = conn->hcon;
2525 struct l2cap_conn_param_update_req *req;
2526 struct l2cap_conn_param_update_rsp rsp;
2527 u16 min, max, latency, to_multiplier, cmd_len;
2528 int err;
2529
2530 if (!(hcon->link_mode & HCI_LM_MASTER))
2531 return -EINVAL;
2532
2533 cmd_len = __le16_to_cpu(cmd->len);
2534 if (cmd_len != sizeof(struct l2cap_conn_param_update_req))
2535 return -EPROTO;
2536
2537 req = (struct l2cap_conn_param_update_req *) data;
2538 min = __le16_to_cpu(req->min);
2539 max = __le16_to_cpu(req->max);
2540 latency = __le16_to_cpu(req->latency);
2541 to_multiplier = __le16_to_cpu(req->to_multiplier);
2542
2543 BT_DBG("min 0x%4.4x max 0x%4.4x latency: 0x%4.4x Timeout: 0x%4.4x",
2544 min, max, latency, to_multiplier);
2545
2546 memset(&rsp, 0, sizeof(rsp));
2547
2548 err = l2cap_check_conn_param(min, max, latency, to_multiplier);
2549 if (err)
2550 rsp.result = cpu_to_le16(L2CAP_CONN_PARAM_REJECTED);
2551 else
2552 rsp.result = cpu_to_le16(L2CAP_CONN_PARAM_ACCEPTED);
2553
2554 l2cap_send_cmd(conn, cmd->ident, L2CAP_CONN_PARAM_UPDATE_RSP,
2555 sizeof(rsp), &rsp);
2556
2557 if (!err)
2558 hci_le_conn_update(hcon, min, max, latency, to_multiplier);
2559
2560 return 0;
2561}
2562
2563static inline int l2cap_bredr_sig_cmd(struct l2cap_conn *conn,
2564 struct l2cap_cmd_hdr *cmd, u16 cmd_len, u8 *data)
2565{
2566 int err = 0;
2567
2568 switch (cmd->code) {
2569 case L2CAP_COMMAND_REJ:
2570 l2cap_command_rej(conn, cmd, data);
2571 break;
2572
2573 case L2CAP_CONN_REQ:
2574 err = l2cap_connect_req(conn, cmd, data);
2575 break;
2576
2577 case L2CAP_CONN_RSP:
2578 err = l2cap_connect_rsp(conn, cmd, data);
2579 break;
2580
2581 case L2CAP_CONF_REQ:
2582 err = l2cap_config_req(conn, cmd, cmd_len, data);
2583 break;
2584
2585 case L2CAP_CONF_RSP:
2586 err = l2cap_config_rsp(conn, cmd, data);
2587 break;
2588
2589 case L2CAP_DISCONN_REQ:
2590 err = l2cap_disconnect_req(conn, cmd, data);
2591 break;
2592
2593 case L2CAP_DISCONN_RSP:
2594 err = l2cap_disconnect_rsp(conn, cmd, data);
2595 break;
2596
2597 case L2CAP_ECHO_REQ:
2598 l2cap_send_cmd(conn, cmd->ident, L2CAP_ECHO_RSP, cmd_len, data);
2599 break;
2600
2601 case L2CAP_ECHO_RSP:
2602 break;
2603
2604 case L2CAP_INFO_REQ:
2605 err = l2cap_information_req(conn, cmd, data);
2606 break;
2607
2608 case L2CAP_INFO_RSP:
2609 err = l2cap_information_rsp(conn, cmd, data);
2610 break;
2611
2612 default:
2613 BT_ERR("Unknown BR/EDR signaling command 0x%2.2x", cmd->code);
2614 err = -EINVAL;
2615 break;
2616 }
2617
2618 return err;
2619}
2620
2621static inline int l2cap_le_sig_cmd(struct l2cap_conn *conn,
2622 struct l2cap_cmd_hdr *cmd, u8 *data)
2623{
2624 switch (cmd->code) {
2625 case L2CAP_COMMAND_REJ:
2626 return 0;
2627
2628 case L2CAP_CONN_PARAM_UPDATE_REQ:
2629 return l2cap_conn_param_update_req(conn, cmd, data);
2630
2631 case L2CAP_CONN_PARAM_UPDATE_RSP:
2632 return 0;
2633
2634 default:
2635 BT_ERR("Unknown LE signaling command 0x%2.2x", cmd->code);
2636 return -EINVAL;
2637 }
2638}
2639
2640static inline void l2cap_sig_channel(struct l2cap_conn *conn,
2641 struct sk_buff *skb)
2400{ 2642{
2401 u8 *data = skb->data; 2643 u8 *data = skb->data;
2402 int len = skb->len; 2644 int len = skb->len;
2403 struct l2cap_cmd_hdr cmd; 2645 struct l2cap_cmd_hdr cmd;
2404 int err = 0; 2646 int err;
2405 2647
2406 l2cap_raw_recv(conn, skb); 2648 l2cap_raw_recv(conn, skb);
2407 2649
@@ -2420,55 +2662,10 @@ static inline void l2cap_sig_channel(struct l2cap_conn *conn, struct sk_buff *sk
2420 break; 2662 break;
2421 } 2663 }
2422 2664
2423 switch (cmd.code) { 2665 if (conn->hcon->type == LE_LINK)
2424 case L2CAP_COMMAND_REJ: 2666 err = l2cap_le_sig_cmd(conn, &cmd, data);
2425 l2cap_command_rej(conn, &cmd, data); 2667 else
2426 break; 2668 err = l2cap_bredr_sig_cmd(conn, &cmd, cmd_len, data);
2427
2428 case L2CAP_CONN_REQ:
2429 err = l2cap_connect_req(conn, &cmd, data);
2430 break;
2431
2432 case L2CAP_CONN_RSP:
2433 err = l2cap_connect_rsp(conn, &cmd, data);
2434 break;
2435
2436 case L2CAP_CONF_REQ:
2437 err = l2cap_config_req(conn, &cmd, cmd_len, data);
2438 break;
2439
2440 case L2CAP_CONF_RSP:
2441 err = l2cap_config_rsp(conn, &cmd, data);
2442 break;
2443
2444 case L2CAP_DISCONN_REQ:
2445 err = l2cap_disconnect_req(conn, &cmd, data);
2446 break;
2447
2448 case L2CAP_DISCONN_RSP:
2449 err = l2cap_disconnect_rsp(conn, &cmd, data);
2450 break;
2451
2452 case L2CAP_ECHO_REQ:
2453 l2cap_send_cmd(conn, cmd.ident, L2CAP_ECHO_RSP, cmd_len, data);
2454 break;
2455
2456 case L2CAP_ECHO_RSP:
2457 break;
2458
2459 case L2CAP_INFO_REQ:
2460 err = l2cap_information_req(conn, &cmd, data);
2461 break;
2462
2463 case L2CAP_INFO_RSP:
2464 err = l2cap_information_rsp(conn, &cmd, data);
2465 break;
2466
2467 default:
2468 BT_ERR("Unknown signaling command 0x%2.2x", cmd.code);
2469 err = -EINVAL;
2470 break;
2471 }
2472 2669
2473 if (err) { 2670 if (err) {
2474 struct l2cap_cmd_rej rej; 2671 struct l2cap_cmd_rej rej;
@@ -3465,6 +3662,7 @@ static void l2cap_recv_frame(struct l2cap_conn *conn, struct sk_buff *skb)
3465 BT_DBG("len %d, cid 0x%4.4x", len, cid); 3662 BT_DBG("len %d, cid 0x%4.4x", len, cid);
3466 3663
3467 switch (cid) { 3664 switch (cid) {
3665 case L2CAP_CID_LE_SIGNALING:
3468 case L2CAP_CID_SIGNALING: 3666 case L2CAP_CID_SIGNALING:
3469 l2cap_sig_channel(conn, skb); 3667 l2cap_sig_channel(conn, skb);
3470 break; 3668 break;
@@ -3522,7 +3720,7 @@ static int l2cap_connect_cfm(struct hci_conn *hcon, u8 status)
3522 3720
3523 BT_DBG("hcon %p bdaddr %s status %d", hcon, batostr(&hcon->dst), status); 3721 BT_DBG("hcon %p bdaddr %s status %d", hcon, batostr(&hcon->dst), status);
3524 3722
3525 if (hcon->type != ACL_LINK) 3723 if (!(hcon->type == ACL_LINK || hcon->type == LE_LINK))
3526 return -EINVAL; 3724 return -EINVAL;
3527 3725
3528 if (!status) { 3726 if (!status) {
@@ -3551,7 +3749,7 @@ static int l2cap_disconn_cfm(struct hci_conn *hcon, u8 reason)
3551{ 3749{
3552 BT_DBG("hcon %p reason %d", hcon, reason); 3750 BT_DBG("hcon %p reason %d", hcon, reason);
3553 3751
3554 if (hcon->type != ACL_LINK) 3752 if (!(hcon->type == ACL_LINK || hcon->type == LE_LINK))
3555 return -EINVAL; 3753 return -EINVAL;
3556 3754
3557 l2cap_conn_del(hcon, bt_err(reason)); 3755 l2cap_conn_del(hcon, bt_err(reason));
@@ -3768,12 +3966,13 @@ static int l2cap_debugfs_show(struct seq_file *f, void *p)
3768 sk_for_each(sk, node, &l2cap_sk_list.head) { 3966 sk_for_each(sk, node, &l2cap_sk_list.head) {
3769 struct l2cap_pinfo *pi = l2cap_pi(sk); 3967 struct l2cap_pinfo *pi = l2cap_pi(sk);
3770 3968
3771 seq_printf(f, "%s %s %d %d 0x%4.4x 0x%4.4x %d %d %d\n", 3969 seq_printf(f, "%s %s %d %d 0x%4.4x 0x%4.4x %d %d %d %d\n",
3772 batostr(&bt_sk(sk)->src), 3970 batostr(&bt_sk(sk)->src),
3773 batostr(&bt_sk(sk)->dst), 3971 batostr(&bt_sk(sk)->dst),
3774 sk->sk_state, __le16_to_cpu(pi->psm), 3972 sk->sk_state, __le16_to_cpu(pi->psm),
3775 pi->scid, pi->dcid, 3973 pi->scid, pi->dcid,
3776 pi->imtu, pi->omtu, pi->sec_level); 3974 pi->imtu, pi->omtu, pi->sec_level,
3975 pi->mode);
3777 } 3976 }
3778 3977
3779 read_unlock_bh(&l2cap_sk_list.lock); 3978 read_unlock_bh(&l2cap_sk_list.lock);
@@ -3806,7 +4005,7 @@ static struct hci_proto l2cap_hci_proto = {
3806 .recv_acldata = l2cap_recv_acldata 4005 .recv_acldata = l2cap_recv_acldata
3807}; 4006};
3808 4007
3809static int __init l2cap_init(void) 4008int __init l2cap_init(void)
3810{ 4009{
3811 int err; 4010 int err;
3812 4011
@@ -3834,7 +4033,6 @@ static int __init l2cap_init(void)
3834 BT_ERR("Failed to create L2CAP debug file"); 4033 BT_ERR("Failed to create L2CAP debug file");
3835 } 4034 }
3836 4035
3837 BT_INFO("L2CAP ver %s", VERSION);
3838 BT_INFO("L2CAP socket layer initialized"); 4036 BT_INFO("L2CAP socket layer initialized");
3839 4037
3840 return 0; 4038 return 0;
@@ -3845,7 +4043,7 @@ error:
3845 return err; 4043 return err;
3846} 4044}
3847 4045
3848static void __exit l2cap_exit(void) 4046void l2cap_exit(void)
3849{ 4047{
3850 debugfs_remove(l2cap_debugfs); 4048 debugfs_remove(l2cap_debugfs);
3851 4049
@@ -3858,22 +4056,5 @@ static void __exit l2cap_exit(void)
3858 l2cap_cleanup_sockets(); 4056 l2cap_cleanup_sockets();
3859} 4057}
3860 4058
3861void l2cap_load(void)
3862{
3863 /* Dummy function to trigger automatic L2CAP module loading by
3864 * other modules that use L2CAP sockets but don't use any other
3865 * symbols from it. */
3866}
3867EXPORT_SYMBOL(l2cap_load);
3868
3869module_init(l2cap_init);
3870module_exit(l2cap_exit);
3871
3872module_param(disable_ertm, bool, 0644); 4059module_param(disable_ertm, bool, 0644);
3873MODULE_PARM_DESC(disable_ertm, "Disable enhanced retransmission mode"); 4060MODULE_PARM_DESC(disable_ertm, "Disable enhanced retransmission mode");
3874
3875MODULE_AUTHOR("Marcel Holtmann <marcel@holtmann.org>");
3876MODULE_DESCRIPTION("Bluetooth L2CAP ver " VERSION);
3877MODULE_VERSION(VERSION);
3878MODULE_LICENSE("GPL");
3879MODULE_ALIAS("bt-proto-0");
diff --git a/net/bluetooth/l2cap_sock.c b/net/bluetooth/l2cap_sock.c
index adf41692daf3..fc85e7ae33c7 100644
--- a/net/bluetooth/l2cap_sock.c
+++ b/net/bluetooth/l2cap_sock.c
@@ -103,7 +103,7 @@ static int l2cap_sock_bind(struct socket *sock, struct sockaddr *addr, int alen)
103 len = min_t(unsigned int, sizeof(la), alen); 103 len = min_t(unsigned int, sizeof(la), alen);
104 memcpy(&la, addr, len); 104 memcpy(&la, addr, len);
105 105
106 if (la.l2_cid) 106 if (la.l2_cid && la.l2_psm)
107 return -EINVAL; 107 return -EINVAL;
108 108
109 lock_sock(sk); 109 lock_sock(sk);
@@ -145,6 +145,9 @@ static int l2cap_sock_bind(struct socket *sock, struct sockaddr *addr, int alen)
145 l2cap_pi(sk)->sec_level = BT_SECURITY_SDP; 145 l2cap_pi(sk)->sec_level = BT_SECURITY_SDP;
146 } 146 }
147 147
148 if (la.l2_cid)
149 l2cap_pi(sk)->scid = la.l2_cid;
150
148 write_unlock_bh(&l2cap_sk_list.lock); 151 write_unlock_bh(&l2cap_sk_list.lock);
149 152
150done: 153done:
@@ -168,13 +171,13 @@ static int l2cap_sock_connect(struct socket *sock, struct sockaddr *addr, int al
168 len = min_t(unsigned int, sizeof(la), alen); 171 len = min_t(unsigned int, sizeof(la), alen);
169 memcpy(&la, addr, len); 172 memcpy(&la, addr, len);
170 173
171 if (la.l2_cid) 174 if (la.l2_cid && la.l2_psm)
172 return -EINVAL; 175 return -EINVAL;
173 176
174 lock_sock(sk); 177 lock_sock(sk);
175 178
176 if ((sk->sk_type == SOCK_SEQPACKET || sk->sk_type == SOCK_STREAM) 179 if ((sk->sk_type == SOCK_SEQPACKET || sk->sk_type == SOCK_STREAM)
177 && !la.l2_psm) { 180 && !(la.l2_psm || la.l2_cid)) {
178 err = -EINVAL; 181 err = -EINVAL;
179 goto done; 182 goto done;
180 } 183 }
@@ -216,7 +219,7 @@ static int l2cap_sock_connect(struct socket *sock, struct sockaddr *addr, int al
216 219
217 /* PSM must be odd and lsb of upper byte must be 0 */ 220 /* PSM must be odd and lsb of upper byte must be 0 */
218 if ((__le16_to_cpu(la.l2_psm) & 0x0101) != 0x0001 && 221 if ((__le16_to_cpu(la.l2_psm) & 0x0101) != 0x0001 &&
219 sk->sk_type != SOCK_RAW) { 222 sk->sk_type != SOCK_RAW && !la.l2_cid) {
220 err = -EINVAL; 223 err = -EINVAL;
221 goto done; 224 goto done;
222 } 225 }
@@ -224,6 +227,7 @@ static int l2cap_sock_connect(struct socket *sock, struct sockaddr *addr, int al
224 /* Set destination address and psm */ 227 /* Set destination address and psm */
225 bacpy(&bt_sk(sk)->dst, &la.l2_bdaddr); 228 bacpy(&bt_sk(sk)->dst, &la.l2_bdaddr);
226 l2cap_pi(sk)->psm = la.l2_psm; 229 l2cap_pi(sk)->psm = la.l2_psm;
230 l2cap_pi(sk)->dcid = la.l2_cid;
227 231
228 err = l2cap_do_connect(sk); 232 err = l2cap_do_connect(sk);
229 if (err) 233 if (err)
@@ -265,7 +269,7 @@ static int l2cap_sock_listen(struct socket *sock, int backlog)
265 goto done; 269 goto done;
266 } 270 }
267 271
268 if (!l2cap_pi(sk)->psm) { 272 if (!l2cap_pi(sk)->psm && !l2cap_pi(sk)->dcid) {
269 bdaddr_t *src = &bt_sk(sk)->src; 273 bdaddr_t *src = &bt_sk(sk)->src;
270 u16 psm; 274 u16 psm;
271 275
@@ -392,6 +396,7 @@ static int l2cap_sock_getsockopt_old(struct socket *sock, int optname, char __us
392 396
393 switch (optname) { 397 switch (optname) {
394 case L2CAP_OPTIONS: 398 case L2CAP_OPTIONS:
399 memset(&opts, 0, sizeof(opts));
395 opts.imtu = l2cap_pi(sk)->imtu; 400 opts.imtu = l2cap_pi(sk)->imtu;
396 opts.omtu = l2cap_pi(sk)->omtu; 401 opts.omtu = l2cap_pi(sk)->omtu;
397 opts.flush_to = l2cap_pi(sk)->flush_to; 402 opts.flush_to = l2cap_pi(sk)->flush_to;
@@ -880,6 +885,8 @@ static void l2cap_sock_cleanup_listen(struct sock *parent)
880 885
881void __l2cap_sock_close(struct sock *sk, int reason) 886void __l2cap_sock_close(struct sock *sk, int reason)
882{ 887{
888 struct l2cap_conn *conn = l2cap_pi(sk)->conn;
889
883 BT_DBG("sk %p state %d socket %p", sk, sk->sk_state, sk->sk_socket); 890 BT_DBG("sk %p state %d socket %p", sk, sk->sk_state, sk->sk_socket);
884 891
885 switch (sk->sk_state) { 892 switch (sk->sk_state) {
@@ -889,10 +896,9 @@ void __l2cap_sock_close(struct sock *sk, int reason)
889 896
890 case BT_CONNECTED: 897 case BT_CONNECTED:
891 case BT_CONFIG: 898 case BT_CONFIG:
892 if (sk->sk_type == SOCK_SEQPACKET || 899 if ((sk->sk_type == SOCK_SEQPACKET ||
893 sk->sk_type == SOCK_STREAM) { 900 sk->sk_type == SOCK_STREAM) &&
894 struct l2cap_conn *conn = l2cap_pi(sk)->conn; 901 conn->hcon->type == ACL_LINK) {
895
896 l2cap_sock_set_timer(sk, sk->sk_sndtimeo); 902 l2cap_sock_set_timer(sk, sk->sk_sndtimeo);
897 l2cap_send_disconn_req(conn, sk, reason); 903 l2cap_send_disconn_req(conn, sk, reason);
898 } else 904 } else
@@ -900,9 +906,9 @@ void __l2cap_sock_close(struct sock *sk, int reason)
900 break; 906 break;
901 907
902 case BT_CONNECT2: 908 case BT_CONNECT2:
903 if (sk->sk_type == SOCK_SEQPACKET || 909 if ((sk->sk_type == SOCK_SEQPACKET ||
904 sk->sk_type == SOCK_STREAM) { 910 sk->sk_type == SOCK_STREAM) &&
905 struct l2cap_conn *conn = l2cap_pi(sk)->conn; 911 conn->hcon->type == ACL_LINK) {
906 struct l2cap_conn_rsp rsp; 912 struct l2cap_conn_rsp rsp;
907 __u16 result; 913 __u16 result;
908 914
@@ -1121,30 +1127,30 @@ static const struct net_proto_family l2cap_sock_family_ops = {
1121 1127
1122int __init l2cap_init_sockets(void) 1128int __init l2cap_init_sockets(void)
1123{ 1129{
1124 int err; 1130 int err;
1125 1131
1126 err = proto_register(&l2cap_proto, 0); 1132 err = proto_register(&l2cap_proto, 0);
1127 if (err < 0) 1133 if (err < 0)
1128 return err; 1134 return err;
1129 1135
1130 err = bt_sock_register(BTPROTO_L2CAP, &l2cap_sock_family_ops); 1136 err = bt_sock_register(BTPROTO_L2CAP, &l2cap_sock_family_ops);
1131 if (err < 0) 1137 if (err < 0)
1132 goto error; 1138 goto error;
1133 1139
1134 BT_INFO("L2CAP socket layer initialized"); 1140 BT_INFO("L2CAP socket layer initialized");
1135 1141
1136 return 0; 1142 return 0;
1137 1143
1138error: 1144error:
1139 BT_ERR("L2CAP socket registration failed"); 1145 BT_ERR("L2CAP socket registration failed");
1140 proto_unregister(&l2cap_proto); 1146 proto_unregister(&l2cap_proto);
1141 return err; 1147 return err;
1142} 1148}
1143 1149
1144void l2cap_cleanup_sockets(void) 1150void l2cap_cleanup_sockets(void)
1145{ 1151{
1146 if (bt_sock_unregister(BTPROTO_L2CAP) < 0) 1152 if (bt_sock_unregister(BTPROTO_L2CAP) < 0)
1147 BT_ERR("L2CAP socket unregistration failed"); 1153 BT_ERR("L2CAP socket unregistration failed");
1148 1154
1149 proto_unregister(&l2cap_proto); 1155 proto_unregister(&l2cap_proto);
1150} 1156}
diff --git a/net/bluetooth/mgmt.c b/net/bluetooth/mgmt.c
index b2bda83050a4..f5ef7a3374c7 100644
--- a/net/bluetooth/mgmt.c
+++ b/net/bluetooth/mgmt.c
@@ -22,7 +22,7 @@
22 22
23/* Bluetooth HCI Management interface */ 23/* Bluetooth HCI Management interface */
24 24
25#include <asm/uaccess.h> 25#include <linux/uaccess.h>
26#include <asm/unaligned.h> 26#include <asm/unaligned.h>
27 27
28#include <net/bluetooth/bluetooth.h> 28#include <net/bluetooth/bluetooth.h>
diff --git a/net/bluetooth/rfcomm/core.c b/net/bluetooth/rfcomm/core.c
index 6b83776534fb..c9973932456f 100644
--- a/net/bluetooth/rfcomm/core.c
+++ b/net/bluetooth/rfcomm/core.c
@@ -2154,8 +2154,6 @@ static int __init rfcomm_init(void)
2154{ 2154{
2155 int err; 2155 int err;
2156 2156
2157 l2cap_load();
2158
2159 hci_register_cb(&rfcomm_cb); 2157 hci_register_cb(&rfcomm_cb);
2160 2158
2161 rfcomm_thread = kthread_run(rfcomm_run, NULL, "krfcommd"); 2159 rfcomm_thread = kthread_run(rfcomm_run, NULL, "krfcommd");
diff --git a/net/bluetooth/sco.c b/net/bluetooth/sco.c
index 960c6d1637da..c9348ddda877 100644
--- a/net/bluetooth/sco.c
+++ b/net/bluetooth/sco.c
@@ -50,8 +50,6 @@
50#include <net/bluetooth/hci_core.h> 50#include <net/bluetooth/hci_core.h>
51#include <net/bluetooth/sco.h> 51#include <net/bluetooth/sco.h>
52 52
53#define VERSION "0.6"
54
55static int disable_esco; 53static int disable_esco;
56 54
57static const struct proto_ops sco_sock_ops; 55static const struct proto_ops sco_sock_ops;
@@ -703,6 +701,7 @@ static int sco_sock_getsockopt_old(struct socket *sock, int optname, char __user
703 break; 701 break;
704 } 702 }
705 703
704 memset(&cinfo, 0, sizeof(cinfo));
706 cinfo.hci_handle = sco_pi(sk)->conn->hcon->handle; 705 cinfo.hci_handle = sco_pi(sk)->conn->hcon->handle;
707 memcpy(cinfo.dev_class, sco_pi(sk)->conn->hcon->dev_class, 3); 706 memcpy(cinfo.dev_class, sco_pi(sk)->conn->hcon->dev_class, 3);
708 707
@@ -1023,7 +1022,7 @@ static struct hci_proto sco_hci_proto = {
1023 .recv_scodata = sco_recv_scodata 1022 .recv_scodata = sco_recv_scodata
1024}; 1023};
1025 1024
1026static int __init sco_init(void) 1025int __init sco_init(void)
1027{ 1026{
1028 int err; 1027 int err;
1029 1028
@@ -1051,7 +1050,6 @@ static int __init sco_init(void)
1051 BT_ERR("Failed to create SCO debug file"); 1050 BT_ERR("Failed to create SCO debug file");
1052 } 1051 }
1053 1052
1054 BT_INFO("SCO (Voice Link) ver %s", VERSION);
1055 BT_INFO("SCO socket layer initialized"); 1053 BT_INFO("SCO socket layer initialized");
1056 1054
1057 return 0; 1055 return 0;
@@ -1061,7 +1059,7 @@ error:
1061 return err; 1059 return err;
1062} 1060}
1063 1061
1064static void __exit sco_exit(void) 1062void __exit sco_exit(void)
1065{ 1063{
1066 debugfs_remove(sco_debugfs); 1064 debugfs_remove(sco_debugfs);
1067 1065
@@ -1074,14 +1072,5 @@ static void __exit sco_exit(void)
1074 proto_unregister(&sco_proto); 1072 proto_unregister(&sco_proto);
1075} 1073}
1076 1074
1077module_init(sco_init);
1078module_exit(sco_exit);
1079
1080module_param(disable_esco, bool, 0644); 1075module_param(disable_esco, bool, 0644);
1081MODULE_PARM_DESC(disable_esco, "Disable eSCO connection creation"); 1076MODULE_PARM_DESC(disable_esco, "Disable eSCO connection creation");
1082
1083MODULE_AUTHOR("Marcel Holtmann <marcel@holtmann.org>");
1084MODULE_DESCRIPTION("Bluetooth SCO ver " VERSION);
1085MODULE_VERSION(VERSION);
1086MODULE_LICENSE("GPL");
1087MODULE_ALIAS("bt-proto-2");
generated by cgit v1.2.2 (git 2.25.0) at 2025-01-27 16:57:35 -0500