aboutsummaryrefslogtreecommitdiffstats
path: root/net/bluetooth/l2cap.c
diff options
context:
space:
mode:
Diffstat (limited to 'net/bluetooth/l2cap.c')
-rw-r--r--net/bluetooth/l2cap.c48
1 files changed, 25 insertions, 23 deletions
diff --git a/net/bluetooth/l2cap.c b/net/bluetooth/l2cap.c
index 670ff95ca64b..c4e4ce4ebb2b 100644
--- a/net/bluetooth/l2cap.c
+++ b/net/bluetooth/l2cap.c
@@ -353,7 +353,7 @@ static inline int l2cap_send_cmd(struct l2cap_conn *conn, u8 ident, u8 code, u16
353} 353}
354 354
355/* ---- Socket interface ---- */ 355/* ---- Socket interface ---- */
356static struct sock *__l2cap_get_sock_by_addr(u16 psm, bdaddr_t *src) 356static struct sock *__l2cap_get_sock_by_addr(__le16 psm, bdaddr_t *src)
357{ 357{
358 struct sock *sk; 358 struct sock *sk;
359 struct hlist_node *node; 359 struct hlist_node *node;
@@ -368,7 +368,7 @@ found:
368/* Find socket with psm and source bdaddr. 368/* Find socket with psm and source bdaddr.
369 * Returns closest match. 369 * Returns closest match.
370 */ 370 */
371static struct sock *__l2cap_get_sock_by_psm(int state, u16 psm, bdaddr_t *src) 371static struct sock *__l2cap_get_sock_by_psm(int state, __le16 psm, bdaddr_t *src)
372{ 372{
373 struct sock *sk = NULL, *sk1 = NULL; 373 struct sock *sk = NULL, *sk1 = NULL;
374 struct hlist_node *node; 374 struct hlist_node *node;
@@ -392,7 +392,7 @@ static struct sock *__l2cap_get_sock_by_psm(int state, u16 psm, bdaddr_t *src)
392 392
393/* Find socket with given address (psm, src). 393/* Find socket with given address (psm, src).
394 * Returns locked socket */ 394 * Returns locked socket */
395static inline struct sock *l2cap_get_sock_by_psm(int state, u16 psm, bdaddr_t *src) 395static inline struct sock *l2cap_get_sock_by_psm(int state, __le16 psm, bdaddr_t *src)
396{ 396{
397 struct sock *s; 397 struct sock *s;
398 read_lock(&l2cap_sk_list.lock); 398 read_lock(&l2cap_sk_list.lock);
@@ -586,7 +586,7 @@ static int l2cap_sock_bind(struct socket *sock, struct sockaddr *addr, int addr_
586 goto done; 586 goto done;
587 } 587 }
588 588
589 if (la->l2_psm > 0 && btohs(la->l2_psm) < 0x1001 && 589 if (la->l2_psm && btohs(la->l2_psm) < 0x1001 &&
590 !capable(CAP_NET_BIND_SERVICE)) { 590 !capable(CAP_NET_BIND_SERVICE)) {
591 err = -EACCES; 591 err = -EACCES;
592 goto done; 592 goto done;
@@ -748,7 +748,7 @@ static int l2cap_sock_listen(struct socket *sock, int backlog)
748 write_lock_bh(&l2cap_sk_list.lock); 748 write_lock_bh(&l2cap_sk_list.lock);
749 749
750 for (psm = 0x1001; psm < 0x1100; psm += 2) 750 for (psm = 0x1001; psm < 0x1100; psm += 2)
751 if (!__l2cap_get_sock_by_addr(psm, src)) { 751 if (!__l2cap_get_sock_by_addr(htobs(psm), src)) {
752 l2cap_pi(sk)->psm = htobs(psm); 752 l2cap_pi(sk)->psm = htobs(psm);
753 l2cap_pi(sk)->sport = htobs(psm); 753 l2cap_pi(sk)->sport = htobs(psm);
754 err = 0; 754 err = 0;
@@ -873,7 +873,7 @@ static inline int l2cap_do_send(struct sock *sk, struct msghdr *msg, int len)
873 lh->len = cpu_to_le16(len + (hlen - L2CAP_HDR_SIZE)); 873 lh->len = cpu_to_le16(len + (hlen - L2CAP_HDR_SIZE));
874 874
875 if (sk->sk_type == SOCK_DGRAM) 875 if (sk->sk_type == SOCK_DGRAM)
876 put_unaligned(l2cap_pi(sk)->psm, (u16 *) skb_put(skb, 2)); 876 put_unaligned(l2cap_pi(sk)->psm, (__le16 *) skb_put(skb, 2));
877 877
878 if (memcpy_fromiovec(skb_put(skb, count), msg->msg_iov, count)) { 878 if (memcpy_fromiovec(skb_put(skb, count), msg->msg_iov, count)) {
879 err = -EFAULT; 879 err = -EFAULT;
@@ -1256,11 +1256,11 @@ static inline int l2cap_get_conf_opt(void **ptr, int *type, int *olen, unsigned
1256 break; 1256 break;
1257 1257
1258 case 2: 1258 case 2:
1259 *val = __le16_to_cpu(*((u16 *)opt->val)); 1259 *val = __le16_to_cpu(*((__le16 *)opt->val));
1260 break; 1260 break;
1261 1261
1262 case 4: 1262 case 4:
1263 *val = __le32_to_cpu(*((u32 *)opt->val)); 1263 *val = __le32_to_cpu(*((__le32 *)opt->val));
1264 break; 1264 break;
1265 1265
1266 default: 1266 default:
@@ -1287,11 +1287,11 @@ static void l2cap_add_conf_opt(void **ptr, u8 type, u8 len, unsigned long val)
1287 break; 1287 break;
1288 1288
1289 case 2: 1289 case 2:
1290 *((u16 *) opt->val) = cpu_to_le16(val); 1290 *((__le16 *) opt->val) = cpu_to_le16(val);
1291 break; 1291 break;
1292 1292
1293 case 4: 1293 case 4:
1294 *((u32 *) opt->val) = cpu_to_le32(val); 1294 *((__le32 *) opt->val) = cpu_to_le32(val);
1295 break; 1295 break;
1296 1296
1297 default: 1297 default:
@@ -1406,7 +1406,7 @@ static inline int l2cap_connect_req(struct l2cap_conn *conn, struct l2cap_cmd_hd
1406 int result = 0, status = 0; 1406 int result = 0, status = 0;
1407 1407
1408 u16 dcid = 0, scid = __le16_to_cpu(req->scid); 1408 u16 dcid = 0, scid = __le16_to_cpu(req->scid);
1409 u16 psm = req->psm; 1409 __le16 psm = req->psm;
1410 1410
1411 BT_DBG("psm 0x%2.2x scid 0x%4.4x", psm, scid); 1411 BT_DBG("psm 0x%2.2x scid 0x%4.4x", psm, scid);
1412 1412
@@ -1530,7 +1530,7 @@ static inline int l2cap_connect_rsp(struct l2cap_conn *conn, struct l2cap_cmd_hd
1530 return 0; 1530 return 0;
1531} 1531}
1532 1532
1533static inline int l2cap_config_req(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u8 *data) 1533static inline int l2cap_config_req(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u16 cmd_len, u8 *data)
1534{ 1534{
1535 struct l2cap_conf_req *req = (struct l2cap_conf_req *) data; 1535 struct l2cap_conf_req *req = (struct l2cap_conf_req *) data;
1536 u16 dcid, flags; 1536 u16 dcid, flags;
@@ -1550,7 +1550,7 @@ static inline int l2cap_config_req(struct l2cap_conn *conn, struct l2cap_cmd_hdr
1550 goto unlock; 1550 goto unlock;
1551 1551
1552 /* Reject if config buffer is too small. */ 1552 /* Reject if config buffer is too small. */
1553 len = cmd->len - sizeof(*req); 1553 len = cmd_len - sizeof(*req);
1554 if (l2cap_pi(sk)->conf_len + len > sizeof(l2cap_pi(sk)->conf_req)) { 1554 if (l2cap_pi(sk)->conf_len + len > sizeof(l2cap_pi(sk)->conf_req)) {
1555 l2cap_send_cmd(conn, cmd->ident, L2CAP_CONF_RSP, 1555 l2cap_send_cmd(conn, cmd->ident, L2CAP_CONF_RSP,
1556 l2cap_build_conf_rsp(sk, rsp, 1556 l2cap_build_conf_rsp(sk, rsp,
@@ -1748,15 +1748,16 @@ static inline void l2cap_sig_channel(struct l2cap_conn *conn, struct sk_buff *sk
1748 l2cap_raw_recv(conn, skb); 1748 l2cap_raw_recv(conn, skb);
1749 1749
1750 while (len >= L2CAP_CMD_HDR_SIZE) { 1750 while (len >= L2CAP_CMD_HDR_SIZE) {
1751 u16 cmd_len;
1751 memcpy(&cmd, data, L2CAP_CMD_HDR_SIZE); 1752 memcpy(&cmd, data, L2CAP_CMD_HDR_SIZE);
1752 data += L2CAP_CMD_HDR_SIZE; 1753 data += L2CAP_CMD_HDR_SIZE;
1753 len -= L2CAP_CMD_HDR_SIZE; 1754 len -= L2CAP_CMD_HDR_SIZE;
1754 1755
1755 cmd.len = __le16_to_cpu(cmd.len); 1756 cmd_len = le16_to_cpu(cmd.len);
1756 1757
1757 BT_DBG("code 0x%2.2x len %d id 0x%2.2x", cmd.code, cmd.len, cmd.ident); 1758 BT_DBG("code 0x%2.2x len %d id 0x%2.2x", cmd.code, cmd_len, cmd.ident);
1758 1759
1759 if (cmd.len > len || !cmd.ident) { 1760 if (cmd_len > len || !cmd.ident) {
1760 BT_DBG("corrupted command"); 1761 BT_DBG("corrupted command");
1761 break; 1762 break;
1762 } 1763 }
@@ -1775,7 +1776,7 @@ static inline void l2cap_sig_channel(struct l2cap_conn *conn, struct sk_buff *sk
1775 break; 1776 break;
1776 1777
1777 case L2CAP_CONF_REQ: 1778 case L2CAP_CONF_REQ:
1778 err = l2cap_config_req(conn, &cmd, data); 1779 err = l2cap_config_req(conn, &cmd, cmd_len, data);
1779 break; 1780 break;
1780 1781
1781 case L2CAP_CONF_RSP: 1782 case L2CAP_CONF_RSP:
@@ -1791,7 +1792,7 @@ static inline void l2cap_sig_channel(struct l2cap_conn *conn, struct sk_buff *sk
1791 break; 1792 break;
1792 1793
1793 case L2CAP_ECHO_REQ: 1794 case L2CAP_ECHO_REQ:
1794 l2cap_send_cmd(conn, cmd.ident, L2CAP_ECHO_RSP, cmd.len, data); 1795 l2cap_send_cmd(conn, cmd.ident, L2CAP_ECHO_RSP, cmd_len, data);
1795 break; 1796 break;
1796 1797
1797 case L2CAP_ECHO_RSP: 1798 case L2CAP_ECHO_RSP:
@@ -1820,8 +1821,8 @@ static inline void l2cap_sig_channel(struct l2cap_conn *conn, struct sk_buff *sk
1820 l2cap_send_cmd(conn, cmd.ident, L2CAP_COMMAND_REJ, sizeof(rej), &rej); 1821 l2cap_send_cmd(conn, cmd.ident, L2CAP_COMMAND_REJ, sizeof(rej), &rej);
1821 } 1822 }
1822 1823
1823 data += cmd.len; 1824 data += cmd_len;
1824 len -= cmd.len; 1825 len -= cmd_len;
1825 } 1826 }
1826 1827
1827 kfree_skb(skb); 1828 kfree_skb(skb);
@@ -1863,7 +1864,7 @@ done:
1863 return 0; 1864 return 0;
1864} 1865}
1865 1866
1866static inline int l2cap_conless_channel(struct l2cap_conn *conn, u16 psm, struct sk_buff *skb) 1867static inline int l2cap_conless_channel(struct l2cap_conn *conn, __le16 psm, struct sk_buff *skb)
1867{ 1868{
1868 struct sock *sk; 1869 struct sock *sk;
1869 1870
@@ -1893,7 +1894,8 @@ done:
1893static void l2cap_recv_frame(struct l2cap_conn *conn, struct sk_buff *skb) 1894static void l2cap_recv_frame(struct l2cap_conn *conn, struct sk_buff *skb)
1894{ 1895{
1895 struct l2cap_hdr *lh = (void *) skb->data; 1896 struct l2cap_hdr *lh = (void *) skb->data;
1896 u16 cid, psm, len; 1897 u16 cid, len;
1898 __le16 psm;
1897 1899
1898 skb_pull(skb, L2CAP_HDR_SIZE); 1900 skb_pull(skb, L2CAP_HDR_SIZE);
1899 cid = __le16_to_cpu(lh->cid); 1901 cid = __le16_to_cpu(lh->cid);
@@ -1907,7 +1909,7 @@ static void l2cap_recv_frame(struct l2cap_conn *conn, struct sk_buff *skb)
1907 break; 1909 break;
1908 1910
1909 case 0x0002: 1911 case 0x0002:
1910 psm = get_unaligned((u16 *) skb->data); 1912 psm = get_unaligned((__le16 *) skb->data);
1911 skb_pull(skb, 2); 1913 skb_pull(skb, 2);
1912 l2cap_conless_channel(conn, psm, skb); 1914 l2cap_conless_channel(conn, psm, skb);
1913 break; 1915 break;
generated by cgit v1.2.2 (git 2.25.0) at 2025-10-03 21:29:06 -0400