aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--include/net/bluetooth/l2cap.h18
-rw-r--r--net/bluetooth/l2cap_core.c100
-rw-r--r--net/bluetooth/l2cap_sock.c33
-rw-r--r--net/bluetooth/rfcomm/core.c2
4 files changed, 77 insertions, 76 deletions
diff --git a/include/net/bluetooth/l2cap.h b/include/net/bluetooth/l2cap.h
index 684deee6ec52..02db90210f8d 100644
--- a/include/net/bluetooth/l2cap.h
+++ b/include/net/bluetooth/l2cap.h
@@ -297,6 +297,14 @@ struct l2cap_chan {
297 __u8 num_conf_req; 297 __u8 num_conf_req;
298 __u8 num_conf_rsp; 298 __u8 num_conf_rsp;
299 299
300 __u8 fcs;
301
302 __u8 tx_win;
303 __u8 max_tx;
304 __u16 retrans_timeout;
305 __u16 monitor_timeout;
306 __u16 mps;
307
300 __u8 conf_state; 308 __u8 conf_state;
301 __u16 conn_state; 309 __u16 conn_state;
302 310
@@ -376,14 +384,6 @@ struct l2cap_pinfo {
376 __u16 flush_to; 384 __u16 flush_to;
377 __u8 mode; 385 __u8 mode;
378 386
379 __u8 fcs;
380
381 __u8 tx_win;
382 __u8 max_tx;
383 __u16 retrans_timeout;
384 __u16 monitor_timeout;
385 __u16 mps;
386
387 __le16 sport; 387 __le16 sport;
388 388
389 struct l2cap_conn *conn; 389 struct l2cap_conn *conn;
@@ -452,7 +452,7 @@ int __l2cap_wait_ack(struct sock *sk);
452 452
453struct sk_buff *l2cap_create_connless_pdu(struct sock *sk, struct msghdr *msg, size_t len); 453struct sk_buff *l2cap_create_connless_pdu(struct sock *sk, struct msghdr *msg, size_t len);
454struct sk_buff *l2cap_create_basic_pdu(struct sock *sk, struct msghdr *msg, size_t len); 454struct sk_buff *l2cap_create_basic_pdu(struct sock *sk, struct msghdr *msg, size_t len);
455struct sk_buff *l2cap_create_iframe_pdu(struct sock *sk, struct msghdr *msg, size_t len, u16 control, u16 sdulen); 455struct sk_buff *l2cap_create_iframe_pdu(struct l2cap_chan *chan, struct msghdr *msg, size_t len, u16 control, u16 sdulen);
456int l2cap_sar_segment_sdu(struct l2cap_chan *chan, struct msghdr *msg, size_t len); 456int l2cap_sar_segment_sdu(struct l2cap_chan *chan, struct msghdr *msg, size_t len);
457void l2cap_do_send(struct l2cap_chan *chan, struct sk_buff *skb); 457void l2cap_do_send(struct l2cap_chan *chan, struct sk_buff *skb);
458void l2cap_streaming_send(struct l2cap_chan *chan); 458void l2cap_streaming_send(struct l2cap_chan *chan);
diff --git a/net/bluetooth/l2cap_core.c b/net/bluetooth/l2cap_core.c
index 0fc6bbe85d41..cb3c4ed47ae2 100644
--- a/net/bluetooth/l2cap_core.c
+++ b/net/bluetooth/l2cap_core.c
@@ -359,7 +359,7 @@ static inline void l2cap_send_sframe(struct l2cap_chan *chan, u16 control)
359 if (sk->sk_state != BT_CONNECTED) 359 if (sk->sk_state != BT_CONNECTED)
360 return; 360 return;
361 361
362 if (pi->fcs == L2CAP_FCS_CRC16) 362 if (chan->fcs == L2CAP_FCS_CRC16)
363 hlen += 2; 363 hlen += 2;
364 364
365 BT_DBG("chan %p, control 0x%2.2x", chan, control); 365 BT_DBG("chan %p, control 0x%2.2x", chan, control);
@@ -386,7 +386,7 @@ static inline void l2cap_send_sframe(struct l2cap_chan *chan, u16 control)
386 lh->cid = cpu_to_le16(pi->dcid); 386 lh->cid = cpu_to_le16(pi->dcid);
387 put_unaligned_le16(control, skb_put(skb, 2)); 387 put_unaligned_le16(control, skb_put(skb, 2));
388 388
389 if (pi->fcs == L2CAP_FCS_CRC16) { 389 if (chan->fcs == L2CAP_FCS_CRC16) {
390 u16 fcs = crc16(0, (u8 *)lh, count - 2); 390 u16 fcs = crc16(0, (u8 *)lh, count - 2);
391 put_unaligned_le16(fcs, skb_put(skb, 2)); 391 put_unaligned_le16(fcs, skb_put(skb, 2));
392 } 392 }
@@ -1022,9 +1022,7 @@ void l2cap_do_send(struct l2cap_chan *chan, struct sk_buff *skb)
1022 1022
1023void l2cap_streaming_send(struct l2cap_chan *chan) 1023void l2cap_streaming_send(struct l2cap_chan *chan)
1024{ 1024{
1025 struct sock *sk = chan->sk;
1026 struct sk_buff *skb; 1025 struct sk_buff *skb;
1027 struct l2cap_pinfo *pi = l2cap_pi(sk);
1028 u16 control, fcs; 1026 u16 control, fcs;
1029 1027
1030 while ((skb = skb_dequeue(&chan->tx_q))) { 1028 while ((skb = skb_dequeue(&chan->tx_q))) {
@@ -1032,7 +1030,7 @@ void l2cap_streaming_send(struct l2cap_chan *chan)
1032 control |= chan->next_tx_seq << L2CAP_CTRL_TXSEQ_SHIFT; 1030 control |= chan->next_tx_seq << L2CAP_CTRL_TXSEQ_SHIFT;
1033 put_unaligned_le16(control, skb->data + L2CAP_HDR_SIZE); 1031 put_unaligned_le16(control, skb->data + L2CAP_HDR_SIZE);
1034 1032
1035 if (pi->fcs == L2CAP_FCS_CRC16) { 1033 if (chan->fcs == L2CAP_FCS_CRC16) {
1036 fcs = crc16(0, (u8 *)skb->data, skb->len - 2); 1034 fcs = crc16(0, (u8 *)skb->data, skb->len - 2);
1037 put_unaligned_le16(fcs, skb->data + skb->len - 2); 1035 put_unaligned_le16(fcs, skb->data + skb->len - 2);
1038 } 1036 }
@@ -1084,7 +1082,7 @@ static void l2cap_retransmit_one_frame(struct l2cap_chan *chan, u8 tx_seq)
1084 1082
1085 put_unaligned_le16(control, tx_skb->data + L2CAP_HDR_SIZE); 1083 put_unaligned_le16(control, tx_skb->data + L2CAP_HDR_SIZE);
1086 1084
1087 if (pi->fcs == L2CAP_FCS_CRC16) { 1085 if (chan->fcs == L2CAP_FCS_CRC16) {
1088 fcs = crc16(0, (u8 *)tx_skb->data, tx_skb->len - 2); 1086 fcs = crc16(0, (u8 *)tx_skb->data, tx_skb->len - 2);
1089 put_unaligned_le16(fcs, tx_skb->data + tx_skb->len - 2); 1087 put_unaligned_le16(fcs, tx_skb->data + tx_skb->len - 2);
1090 } 1088 }
@@ -1127,7 +1125,7 @@ int l2cap_ertm_send(struct l2cap_chan *chan)
1127 put_unaligned_le16(control, tx_skb->data + L2CAP_HDR_SIZE); 1125 put_unaligned_le16(control, tx_skb->data + L2CAP_HDR_SIZE);
1128 1126
1129 1127
1130 if (pi->fcs == L2CAP_FCS_CRC16) { 1128 if (chan->fcs == L2CAP_FCS_CRC16) {
1131 fcs = crc16(0, (u8 *)skb->data, tx_skb->len - 2); 1129 fcs = crc16(0, (u8 *)skb->data, tx_skb->len - 2);
1132 put_unaligned_le16(fcs, skb->data + tx_skb->len - 2); 1130 put_unaligned_le16(fcs, skb->data + tx_skb->len - 2);
1133 } 1131 }
@@ -1290,8 +1288,9 @@ struct sk_buff *l2cap_create_basic_pdu(struct sock *sk, struct msghdr *msg, size
1290 return skb; 1288 return skb;
1291} 1289}
1292 1290
1293struct sk_buff *l2cap_create_iframe_pdu(struct sock *sk, struct msghdr *msg, size_t len, u16 control, u16 sdulen) 1291struct sk_buff *l2cap_create_iframe_pdu(struct l2cap_chan *chan, struct msghdr *msg, size_t len, u16 control, u16 sdulen)
1294{ 1292{
1293 struct sock *sk = chan->sk;
1295 struct l2cap_conn *conn = l2cap_pi(sk)->conn; 1294 struct l2cap_conn *conn = l2cap_pi(sk)->conn;
1296 struct sk_buff *skb; 1295 struct sk_buff *skb;
1297 int err, count, hlen = L2CAP_HDR_SIZE + 2; 1296 int err, count, hlen = L2CAP_HDR_SIZE + 2;
@@ -1305,7 +1304,7 @@ struct sk_buff *l2cap_create_iframe_pdu(struct sock *sk, struct msghdr *msg, siz
1305 if (sdulen) 1304 if (sdulen)
1306 hlen += 2; 1305 hlen += 2;
1307 1306
1308 if (l2cap_pi(sk)->fcs == L2CAP_FCS_CRC16) 1307 if (chan->fcs == L2CAP_FCS_CRC16)
1309 hlen += 2; 1308 hlen += 2;
1310 1309
1311 count = min_t(unsigned int, (conn->mtu - hlen), len); 1310 count = min_t(unsigned int, (conn->mtu - hlen), len);
@@ -1328,7 +1327,7 @@ struct sk_buff *l2cap_create_iframe_pdu(struct sock *sk, struct msghdr *msg, siz
1328 return ERR_PTR(err); 1327 return ERR_PTR(err);
1329 } 1328 }
1330 1329
1331 if (l2cap_pi(sk)->fcs == L2CAP_FCS_CRC16) 1330 if (chan->fcs == L2CAP_FCS_CRC16)
1332 put_unaligned_le16(0, skb_put(skb, 2)); 1331 put_unaligned_le16(0, skb_put(skb, 2));
1333 1332
1334 bt_cb(skb)->retries = 0; 1333 bt_cb(skb)->retries = 0;
@@ -1337,7 +1336,6 @@ struct sk_buff *l2cap_create_iframe_pdu(struct sock *sk, struct msghdr *msg, siz
1337 1336
1338int l2cap_sar_segment_sdu(struct l2cap_chan *chan, struct msghdr *msg, size_t len) 1337int l2cap_sar_segment_sdu(struct l2cap_chan *chan, struct msghdr *msg, size_t len)
1339{ 1338{
1340 struct sock *sk = chan->sk;
1341 struct sk_buff *skb; 1339 struct sk_buff *skb;
1342 struct sk_buff_head sar_queue; 1340 struct sk_buff_head sar_queue;
1343 u16 control; 1341 u16 control;
@@ -1345,7 +1343,7 @@ int l2cap_sar_segment_sdu(struct l2cap_chan *chan, struct msghdr *msg, size_t le
1345 1343
1346 skb_queue_head_init(&sar_queue); 1344 skb_queue_head_init(&sar_queue);
1347 control = L2CAP_SDU_START; 1345 control = L2CAP_SDU_START;
1348 skb = l2cap_create_iframe_pdu(sk, msg, chan->remote_mps, control, len); 1346 skb = l2cap_create_iframe_pdu(chan, msg, chan->remote_mps, control, len);
1349 if (IS_ERR(skb)) 1347 if (IS_ERR(skb))
1350 return PTR_ERR(skb); 1348 return PTR_ERR(skb);
1351 1349
@@ -1364,7 +1362,7 @@ int l2cap_sar_segment_sdu(struct l2cap_chan *chan, struct msghdr *msg, size_t le
1364 buflen = len; 1362 buflen = len;
1365 } 1363 }
1366 1364
1367 skb = l2cap_create_iframe_pdu(sk, msg, buflen, control, 0); 1365 skb = l2cap_create_iframe_pdu(chan, msg, buflen, control, 0);
1368 if (IS_ERR(skb)) { 1366 if (IS_ERR(skb)) {
1369 skb_queue_purge(&sar_queue); 1367 skb_queue_purge(&sar_queue);
1370 return PTR_ERR(skb); 1368 return PTR_ERR(skb);
@@ -1654,8 +1652,8 @@ done:
1654 1652
1655 case L2CAP_MODE_ERTM: 1653 case L2CAP_MODE_ERTM:
1656 rfc.mode = L2CAP_MODE_ERTM; 1654 rfc.mode = L2CAP_MODE_ERTM;
1657 rfc.txwin_size = pi->tx_win; 1655 rfc.txwin_size = chan->tx_win;
1658 rfc.max_transmit = pi->max_tx; 1656 rfc.max_transmit = chan->max_tx;
1659 rfc.retrans_timeout = 0; 1657 rfc.retrans_timeout = 0;
1660 rfc.monitor_timeout = 0; 1658 rfc.monitor_timeout = 0;
1661 rfc.max_pdu_size = cpu_to_le16(L2CAP_DEFAULT_MAX_PDU_SIZE); 1659 rfc.max_pdu_size = cpu_to_le16(L2CAP_DEFAULT_MAX_PDU_SIZE);
@@ -1668,10 +1666,10 @@ done:
1668 if (!(pi->conn->feat_mask & L2CAP_FEAT_FCS)) 1666 if (!(pi->conn->feat_mask & L2CAP_FEAT_FCS))
1669 break; 1667 break;
1670 1668
1671 if (pi->fcs == L2CAP_FCS_NONE || 1669 if (chan->fcs == L2CAP_FCS_NONE ||
1672 chan->conf_state & L2CAP_CONF_NO_FCS_RECV) { 1670 chan->conf_state & L2CAP_CONF_NO_FCS_RECV) {
1673 pi->fcs = L2CAP_FCS_NONE; 1671 chan->fcs = L2CAP_FCS_NONE;
1674 l2cap_add_conf_opt(&ptr, L2CAP_CONF_FCS, 1, pi->fcs); 1672 l2cap_add_conf_opt(&ptr, L2CAP_CONF_FCS, 1, chan->fcs);
1675 } 1673 }
1676 break; 1674 break;
1677 1675
@@ -1691,10 +1689,10 @@ done:
1691 if (!(pi->conn->feat_mask & L2CAP_FEAT_FCS)) 1689 if (!(pi->conn->feat_mask & L2CAP_FEAT_FCS))
1692 break; 1690 break;
1693 1691
1694 if (pi->fcs == L2CAP_FCS_NONE || 1692 if (chan->fcs == L2CAP_FCS_NONE ||
1695 chan->conf_state & L2CAP_CONF_NO_FCS_RECV) { 1693 chan->conf_state & L2CAP_CONF_NO_FCS_RECV) {
1696 pi->fcs = L2CAP_FCS_NONE; 1694 chan->fcs = L2CAP_FCS_NONE;
1697 l2cap_add_conf_opt(&ptr, L2CAP_CONF_FCS, 1, pi->fcs); 1695 l2cap_add_conf_opt(&ptr, L2CAP_CONF_FCS, 1, chan->fcs);
1698 } 1696 }
1699 break; 1697 break;
1700 } 1698 }
@@ -1804,7 +1802,7 @@ done:
1804 1802
1805 switch (rfc.mode) { 1803 switch (rfc.mode) {
1806 case L2CAP_MODE_BASIC: 1804 case L2CAP_MODE_BASIC:
1807 pi->fcs = L2CAP_FCS_NONE; 1805 chan->fcs = L2CAP_FCS_NONE;
1808 chan->conf_state |= L2CAP_CONF_MODE_DONE; 1806 chan->conf_state |= L2CAP_CONF_MODE_DONE;
1809 break; 1807 break;
1810 1808
@@ -1898,7 +1896,7 @@ static int l2cap_parse_conf_rsp(struct l2cap_chan *chan, void *rsp, int len, voi
1898 rfc.mode != pi->mode) 1896 rfc.mode != pi->mode)
1899 return -ECONNREFUSED; 1897 return -ECONNREFUSED;
1900 1898
1901 pi->fcs = 0; 1899 chan->fcs = 0;
1902 1900
1903 l2cap_add_conf_opt(&ptr, L2CAP_CONF_RFC, 1901 l2cap_add_conf_opt(&ptr, L2CAP_CONF_RFC,
1904 sizeof(rfc), (unsigned long) &rfc); 1902 sizeof(rfc), (unsigned long) &rfc);
@@ -1914,12 +1912,12 @@ static int l2cap_parse_conf_rsp(struct l2cap_chan *chan, void *rsp, int len, voi
1914 if (*result == L2CAP_CONF_SUCCESS) { 1912 if (*result == L2CAP_CONF_SUCCESS) {
1915 switch (rfc.mode) { 1913 switch (rfc.mode) {
1916 case L2CAP_MODE_ERTM: 1914 case L2CAP_MODE_ERTM:
1917 pi->retrans_timeout = le16_to_cpu(rfc.retrans_timeout); 1915 chan->retrans_timeout = le16_to_cpu(rfc.retrans_timeout);
1918 pi->monitor_timeout = le16_to_cpu(rfc.monitor_timeout); 1916 chan->monitor_timeout = le16_to_cpu(rfc.monitor_timeout);
1919 pi->mps = le16_to_cpu(rfc.max_pdu_size); 1917 chan->mps = le16_to_cpu(rfc.max_pdu_size);
1920 break; 1918 break;
1921 case L2CAP_MODE_STREAMING: 1919 case L2CAP_MODE_STREAMING:
1922 pi->mps = le16_to_cpu(rfc.max_pdu_size); 1920 chan->mps = le16_to_cpu(rfc.max_pdu_size);
1923 } 1921 }
1924 } 1922 }
1925 1923
@@ -1968,14 +1966,14 @@ void __l2cap_connect_rsp_defer(struct sock *sk)
1968 chan->num_conf_req++; 1966 chan->num_conf_req++;
1969} 1967}
1970 1968
1971static void l2cap_conf_rfc_get(struct sock *sk, void *rsp, int len) 1969static void l2cap_conf_rfc_get(struct l2cap_chan *chan, void *rsp, int len)
1972{ 1970{
1973 struct l2cap_pinfo *pi = l2cap_pi(sk); 1971 struct l2cap_pinfo *pi = l2cap_pi(chan->sk);
1974 int type, olen; 1972 int type, olen;
1975 unsigned long val; 1973 unsigned long val;
1976 struct l2cap_conf_rfc rfc; 1974 struct l2cap_conf_rfc rfc;
1977 1975
1978 BT_DBG("sk %p, rsp %p, len %d", sk, rsp, len); 1976 BT_DBG("chan %p, rsp %p, len %d", chan, rsp, len);
1979 1977
1980 if ((pi->mode != L2CAP_MODE_ERTM) && (pi->mode != L2CAP_MODE_STREAMING)) 1978 if ((pi->mode != L2CAP_MODE_ERTM) && (pi->mode != L2CAP_MODE_STREAMING))
1981 return; 1979 return;
@@ -1994,12 +1992,12 @@ static void l2cap_conf_rfc_get(struct sock *sk, void *rsp, int len)
1994done: 1992done:
1995 switch (rfc.mode) { 1993 switch (rfc.mode) {
1996 case L2CAP_MODE_ERTM: 1994 case L2CAP_MODE_ERTM:
1997 pi->retrans_timeout = le16_to_cpu(rfc.retrans_timeout); 1995 chan->retrans_timeout = le16_to_cpu(rfc.retrans_timeout);
1998 pi->monitor_timeout = le16_to_cpu(rfc.monitor_timeout); 1996 chan->monitor_timeout = le16_to_cpu(rfc.monitor_timeout);
1999 pi->mps = le16_to_cpu(rfc.max_pdu_size); 1997 chan->mps = le16_to_cpu(rfc.max_pdu_size);
2000 break; 1998 break;
2001 case L2CAP_MODE_STREAMING: 1999 case L2CAP_MODE_STREAMING:
2002 pi->mps = le16_to_cpu(rfc.max_pdu_size); 2000 chan->mps = le16_to_cpu(rfc.max_pdu_size);
2003 } 2001 }
2004} 2002}
2005 2003
@@ -2227,15 +2225,17 @@ static inline int l2cap_connect_rsp(struct l2cap_conn *conn, struct l2cap_cmd_hd
2227 return 0; 2225 return 0;
2228} 2226}
2229 2227
2230static inline void set_default_fcs(struct l2cap_pinfo *pi) 2228static inline void set_default_fcs(struct l2cap_chan *chan)
2231{ 2229{
2230 struct l2cap_pinfo *pi = l2cap_pi(chan->sk);
2231
2232 /* FCS is enabled only in ERTM or streaming mode, if one or both 2232 /* FCS is enabled only in ERTM or streaming mode, if one or both
2233 * sides request it. 2233 * sides request it.
2234 */ 2234 */
2235 if (pi->mode != L2CAP_MODE_ERTM && pi->mode != L2CAP_MODE_STREAMING) 2235 if (pi->mode != L2CAP_MODE_ERTM && pi->mode != L2CAP_MODE_STREAMING)
2236 pi->fcs = L2CAP_FCS_NONE; 2236 chan->fcs = L2CAP_FCS_NONE;
2237 else if (!(pi->chan->conf_state & L2CAP_CONF_NO_FCS_RECV)) 2237 else if (!(pi->chan->conf_state & L2CAP_CONF_NO_FCS_RECV))
2238 pi->fcs = L2CAP_FCS_CRC16; 2238 chan->fcs = L2CAP_FCS_CRC16;
2239} 2239}
2240 2240
2241static inline int l2cap_config_req(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u16 cmd_len, u8 *data) 2241static inline int l2cap_config_req(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u16 cmd_len, u8 *data)
@@ -2305,7 +2305,7 @@ static inline int l2cap_config_req(struct l2cap_conn *conn, struct l2cap_cmd_hdr
2305 goto unlock; 2305 goto unlock;
2306 2306
2307 if (chan->conf_state & L2CAP_CONF_INPUT_DONE) { 2307 if (chan->conf_state & L2CAP_CONF_INPUT_DONE) {
2308 set_default_fcs(l2cap_pi(sk)); 2308 set_default_fcs(chan);
2309 2309
2310 sk->sk_state = BT_CONNECTED; 2310 sk->sk_state = BT_CONNECTED;
2311 2311
@@ -2355,7 +2355,7 @@ static inline int l2cap_config_rsp(struct l2cap_conn *conn, struct l2cap_cmd_hdr
2355 2355
2356 switch (result) { 2356 switch (result) {
2357 case L2CAP_CONF_SUCCESS: 2357 case L2CAP_CONF_SUCCESS:
2358 l2cap_conf_rfc_get(sk, rsp->data, len); 2358 l2cap_conf_rfc_get(chan, rsp->data, len);
2359 break; 2359 break;
2360 2360
2361 case L2CAP_CONF_UNACCEPT: 2361 case L2CAP_CONF_UNACCEPT:
@@ -2397,7 +2397,7 @@ static inline int l2cap_config_rsp(struct l2cap_conn *conn, struct l2cap_cmd_hdr
2397 chan->conf_state |= L2CAP_CONF_INPUT_DONE; 2397 chan->conf_state |= L2CAP_CONF_INPUT_DONE;
2398 2398
2399 if (chan->conf_state & L2CAP_CONF_OUTPUT_DONE) { 2399 if (chan->conf_state & L2CAP_CONF_OUTPUT_DONE) {
2400 set_default_fcs(l2cap_pi(sk)); 2400 set_default_fcs(chan);
2401 2401
2402 sk->sk_state = BT_CONNECTED; 2402 sk->sk_state = BT_CONNECTED;
2403 chan->next_tx_seq = 0; 2403 chan->next_tx_seq = 0;
@@ -2769,12 +2769,12 @@ static inline void l2cap_sig_channel(struct l2cap_conn *conn,
2769 kfree_skb(skb); 2769 kfree_skb(skb);
2770} 2770}
2771 2771
2772static int l2cap_check_fcs(struct l2cap_pinfo *pi, struct sk_buff *skb) 2772static int l2cap_check_fcs(struct l2cap_chan *chan, struct sk_buff *skb)
2773{ 2773{
2774 u16 our_fcs, rcv_fcs; 2774 u16 our_fcs, rcv_fcs;
2775 int hdr_size = L2CAP_HDR_SIZE + 2; 2775 int hdr_size = L2CAP_HDR_SIZE + 2;
2776 2776
2777 if (pi->fcs == L2CAP_FCS_CRC16) { 2777 if (chan->fcs == L2CAP_FCS_CRC16) {
2778 skb_trim(skb, skb->len - 2); 2778 skb_trim(skb, skb->len - 2);
2779 rcv_fcs = get_unaligned_le16(skb->data + skb->len); 2779 rcv_fcs = get_unaligned_le16(skb->data + skb->len);
2780 our_fcs = crc16(0, skb->data - hdr_size, skb->len + hdr_size); 2780 our_fcs = crc16(0, skb->data - hdr_size, skb->len + hdr_size);
@@ -3241,7 +3241,7 @@ static inline int l2cap_data_channel_iframe(struct l2cap_chan *chan, u16 rx_cont
3241 u8 req_seq = __get_reqseq(rx_control); 3241 u8 req_seq = __get_reqseq(rx_control);
3242 u8 sar = rx_control >> L2CAP_CTRL_SAR_SHIFT; 3242 u8 sar = rx_control >> L2CAP_CTRL_SAR_SHIFT;
3243 int tx_seq_offset, expected_tx_seq_offset; 3243 int tx_seq_offset, expected_tx_seq_offset;
3244 int num_to_ack = (pi->tx_win/6) + 1; 3244 int num_to_ack = (chan->tx_win/6) + 1;
3245 int err = 0; 3245 int err = 0;
3246 3246
3247 BT_DBG("chan %p len %d tx_seq %d rx_control 0x%4.4x", chan, skb->len, 3247 BT_DBG("chan %p len %d tx_seq %d rx_control 0x%4.4x", chan, skb->len,
@@ -3266,7 +3266,7 @@ static inline int l2cap_data_channel_iframe(struct l2cap_chan *chan, u16 rx_cont
3266 tx_seq_offset += 64; 3266 tx_seq_offset += 64;
3267 3267
3268 /* invalid tx_seq */ 3268 /* invalid tx_seq */
3269 if (tx_seq_offset >= pi->tx_win) { 3269 if (tx_seq_offset >= chan->tx_win) {
3270 l2cap_send_disconn_req(pi->conn, chan, ECONNRESET); 3270 l2cap_send_disconn_req(pi->conn, chan, ECONNRESET);
3271 goto drop; 3271 goto drop;
3272 } 3272 }
@@ -3548,16 +3548,16 @@ static int l2cap_ertm_data_rcv(struct sock *sk, struct sk_buff *skb)
3548 * Receiver will miss it and start proper recovery 3548 * Receiver will miss it and start proper recovery
3549 * procedures and ask retransmission. 3549 * procedures and ask retransmission.
3550 */ 3550 */
3551 if (l2cap_check_fcs(pi, skb)) 3551 if (l2cap_check_fcs(chan, skb))
3552 goto drop; 3552 goto drop;
3553 3553
3554 if (__is_sar_start(control) && __is_iframe(control)) 3554 if (__is_sar_start(control) && __is_iframe(control))
3555 len -= 2; 3555 len -= 2;
3556 3556
3557 if (pi->fcs == L2CAP_FCS_CRC16) 3557 if (chan->fcs == L2CAP_FCS_CRC16)
3558 len -= 2; 3558 len -= 2;
3559 3559
3560 if (len > pi->mps) { 3560 if (len > chan->mps) {
3561 l2cap_send_disconn_req(pi->conn, chan, ECONNRESET); 3561 l2cap_send_disconn_req(pi->conn, chan, ECONNRESET);
3562 goto drop; 3562 goto drop;
3563 } 3563 }
@@ -3654,16 +3654,16 @@ static inline int l2cap_data_channel(struct l2cap_conn *conn, u16 cid, struct sk
3654 skb_pull(skb, 2); 3654 skb_pull(skb, 2);
3655 len = skb->len; 3655 len = skb->len;
3656 3656
3657 if (l2cap_check_fcs(pi, skb)) 3657 if (l2cap_check_fcs(chan, skb))
3658 goto drop; 3658 goto drop;
3659 3659
3660 if (__is_sar_start(control)) 3660 if (__is_sar_start(control))
3661 len -= 2; 3661 len -= 2;
3662 3662
3663 if (pi->fcs == L2CAP_FCS_CRC16) 3663 if (chan->fcs == L2CAP_FCS_CRC16)
3664 len -= 2; 3664 len -= 2;
3665 3665
3666 if (len > pi->mps || len < 0 || __is_sframe(control)) 3666 if (len > chan->mps || len < 0 || __is_sframe(control))
3667 goto drop; 3667 goto drop;
3668 3668
3669 tx_seq = __get_txseq(control); 3669 tx_seq = __get_txseq(control);
diff --git a/net/bluetooth/l2cap_sock.c b/net/bluetooth/l2cap_sock.c
index 612955679b34..4ba15b3b2e6a 100644
--- a/net/bluetooth/l2cap_sock.c
+++ b/net/bluetooth/l2cap_sock.c
@@ -403,9 +403,9 @@ static int l2cap_sock_getsockopt_old(struct socket *sock, int optname, char __us
403 opts.omtu = l2cap_pi(sk)->omtu; 403 opts.omtu = l2cap_pi(sk)->omtu;
404 opts.flush_to = l2cap_pi(sk)->flush_to; 404 opts.flush_to = l2cap_pi(sk)->flush_to;
405 opts.mode = l2cap_pi(sk)->mode; 405 opts.mode = l2cap_pi(sk)->mode;
406 opts.fcs = l2cap_pi(sk)->fcs; 406 opts.fcs = chan->fcs;
407 opts.max_tx = l2cap_pi(sk)->max_tx; 407 opts.max_tx = chan->max_tx;
408 opts.txwin_size = (__u16)l2cap_pi(sk)->tx_win; 408 opts.txwin_size = (__u16)chan->tx_win;
409 409
410 len = min_t(unsigned int, len, sizeof(opts)); 410 len = min_t(unsigned int, len, sizeof(opts));
411 if (copy_to_user(optval, (char *) &opts, len)) 411 if (copy_to_user(optval, (char *) &opts, len))
@@ -551,9 +551,9 @@ static int l2cap_sock_setsockopt_old(struct socket *sock, int optname, char __us
551 opts.omtu = l2cap_pi(sk)->omtu; 551 opts.omtu = l2cap_pi(sk)->omtu;
552 opts.flush_to = l2cap_pi(sk)->flush_to; 552 opts.flush_to = l2cap_pi(sk)->flush_to;
553 opts.mode = l2cap_pi(sk)->mode; 553 opts.mode = l2cap_pi(sk)->mode;
554 opts.fcs = l2cap_pi(sk)->fcs; 554 opts.fcs = chan->fcs;
555 opts.max_tx = l2cap_pi(sk)->max_tx; 555 opts.max_tx = chan->max_tx;
556 opts.txwin_size = (__u16)l2cap_pi(sk)->tx_win; 556 opts.txwin_size = (__u16)chan->tx_win;
557 557
558 len = min_t(unsigned int, sizeof(opts), optlen); 558 len = min_t(unsigned int, sizeof(opts), optlen);
559 if (copy_from_user((char *) &opts, optval, len)) { 559 if (copy_from_user((char *) &opts, optval, len)) {
@@ -583,9 +583,9 @@ static int l2cap_sock_setsockopt_old(struct socket *sock, int optname, char __us
583 583
584 l2cap_pi(sk)->imtu = opts.imtu; 584 l2cap_pi(sk)->imtu = opts.imtu;
585 l2cap_pi(sk)->omtu = opts.omtu; 585 l2cap_pi(sk)->omtu = opts.omtu;
586 l2cap_pi(sk)->fcs = opts.fcs; 586 chan->fcs = opts.fcs;
587 l2cap_pi(sk)->max_tx = opts.max_tx; 587 chan->max_tx = opts.max_tx;
588 l2cap_pi(sk)->tx_win = (__u8)opts.txwin_size; 588 chan->tx_win = (__u8)opts.txwin_size;
589 break; 589 break;
590 590
591 case L2CAP_LM: 591 case L2CAP_LM:
@@ -764,7 +764,8 @@ static int l2cap_sock_sendmsg(struct kiocb *iocb, struct socket *sock, struct ms
764 /* Entire SDU fits into one PDU */ 764 /* Entire SDU fits into one PDU */
765 if (len <= pi->chan->remote_mps) { 765 if (len <= pi->chan->remote_mps) {
766 control = L2CAP_SDU_UNSEGMENTED; 766 control = L2CAP_SDU_UNSEGMENTED;
767 skb = l2cap_create_iframe_pdu(sk, msg, len, control, 0); 767 skb = l2cap_create_iframe_pdu(pi->chan, msg, len,
768 control, 0);
768 if (IS_ERR(skb)) { 769 if (IS_ERR(skb)) {
769 err = PTR_ERR(skb); 770 err = PTR_ERR(skb);
770 goto done; 771 goto done;
@@ -998,9 +999,9 @@ void l2cap_sock_init(struct sock *sk, struct sock *parent)
998 pi->omtu = l2cap_pi(parent)->omtu; 999 pi->omtu = l2cap_pi(parent)->omtu;
999 chan->conf_state = pchan->conf_state; 1000 chan->conf_state = pchan->conf_state;
1000 pi->mode = l2cap_pi(parent)->mode; 1001 pi->mode = l2cap_pi(parent)->mode;
1001 pi->fcs = l2cap_pi(parent)->fcs; 1002 chan->fcs = pchan->fcs;
1002 pi->max_tx = l2cap_pi(parent)->max_tx; 1003 chan->max_tx = pchan->max_tx;
1003 pi->tx_win = l2cap_pi(parent)->tx_win; 1004 chan->tx_win = pchan->tx_win;
1004 chan->sec_level = pchan->sec_level; 1005 chan->sec_level = pchan->sec_level;
1005 chan->role_switch = pchan->role_switch; 1006 chan->role_switch = pchan->role_switch;
1006 chan->force_reliable = pchan->force_reliable; 1007 chan->force_reliable = pchan->force_reliable;
@@ -1014,9 +1015,9 @@ void l2cap_sock_init(struct sock *sk, struct sock *parent)
1014 } else { 1015 } else {
1015 pi->mode = L2CAP_MODE_BASIC; 1016 pi->mode = L2CAP_MODE_BASIC;
1016 } 1017 }
1017 pi->max_tx = L2CAP_DEFAULT_MAX_TX; 1018 chan->max_tx = L2CAP_DEFAULT_MAX_TX;
1018 pi->fcs = L2CAP_FCS_CRC16; 1019 chan->fcs = L2CAP_FCS_CRC16;
1019 pi->tx_win = L2CAP_DEFAULT_TX_WINDOW; 1020 chan->tx_win = L2CAP_DEFAULT_TX_WINDOW;
1020 chan->sec_level = BT_SECURITY_LOW; 1021 chan->sec_level = BT_SECURITY_LOW;
1021 chan->role_switch = 0; 1022 chan->role_switch = 0;
1022 chan->force_reliable = 0; 1023 chan->force_reliable = 0;
diff --git a/net/bluetooth/rfcomm/core.c b/net/bluetooth/rfcomm/core.c
index c9973932456f..4f728a4f7177 100644
--- a/net/bluetooth/rfcomm/core.c
+++ b/net/bluetooth/rfcomm/core.c
@@ -711,7 +711,7 @@ static struct rfcomm_session *rfcomm_session_create(bdaddr_t *src,
711 sk = sock->sk; 711 sk = sock->sk;
712 lock_sock(sk); 712 lock_sock(sk);
713 l2cap_pi(sk)->imtu = l2cap_mtu; 713 l2cap_pi(sk)->imtu = l2cap_mtu;
714 l2cap_pi(sk)->sec_level = sec_level; 714 l2cap_pi(sk)->chan->sec_level = sec_level;
715 if (l2cap_ertm) 715 if (l2cap_ertm)
716 l2cap_pi(sk)->mode = L2CAP_MODE_ERTM; 716 l2cap_pi(sk)->mode = L2CAP_MODE_ERTM;
717 release_sock(sk); 717 release_sock(sk);