diff options
Diffstat (limited to 'net/bluetooth/l2cap.c')
-rw-r--r-- | net/bluetooth/l2cap.c | 117 |
1 files changed, 67 insertions, 50 deletions
diff --git a/net/bluetooth/l2cap.c b/net/bluetooth/l2cap.c index ca4d3b40d5ce..bd0a4c1bced0 100644 --- a/net/bluetooth/l2cap.c +++ b/net/bluetooth/l2cap.c | |||
@@ -40,10 +40,10 @@ | |||
40 | #include <linux/skbuff.h> | 40 | #include <linux/skbuff.h> |
41 | #include <linux/list.h> | 41 | #include <linux/list.h> |
42 | #include <linux/device.h> | 42 | #include <linux/device.h> |
43 | #include <linux/uaccess.h> | ||
43 | #include <net/sock.h> | 44 | #include <net/sock.h> |
44 | 45 | ||
45 | #include <asm/system.h> | 46 | #include <asm/system.h> |
46 | #include <asm/uaccess.h> | ||
47 | #include <asm/unaligned.h> | 47 | #include <asm/unaligned.h> |
48 | 48 | ||
49 | #include <net/bluetooth/bluetooth.h> | 49 | #include <net/bluetooth/bluetooth.h> |
@@ -52,7 +52,7 @@ | |||
52 | 52 | ||
53 | #define VERSION "2.13" | 53 | #define VERSION "2.13" |
54 | 54 | ||
55 | static u32 l2cap_feat_mask = 0x0080; | 55 | static u32 l2cap_feat_mask = L2CAP_FEAT_FIXED_CHAN; |
56 | static u8 l2cap_fixed_chan[8] = { 0x02, }; | 56 | static u8 l2cap_fixed_chan[8] = { 0x02, }; |
57 | 57 | ||
58 | static const struct proto_ops l2cap_sock_ops; | 58 | static const struct proto_ops l2cap_sock_ops; |
@@ -134,7 +134,8 @@ static inline struct sock *l2cap_get_chan_by_scid(struct l2cap_chan_list *l, u16 | |||
134 | struct sock *s; | 134 | struct sock *s; |
135 | read_lock(&l->lock); | 135 | read_lock(&l->lock); |
136 | s = __l2cap_get_chan_by_scid(l, cid); | 136 | s = __l2cap_get_chan_by_scid(l, cid); |
137 | if (s) bh_lock_sock(s); | 137 | if (s) |
138 | bh_lock_sock(s); | ||
138 | read_unlock(&l->lock); | 139 | read_unlock(&l->lock); |
139 | return s; | 140 | return s; |
140 | } | 141 | } |
@@ -154,17 +155,18 @@ static inline struct sock *l2cap_get_chan_by_ident(struct l2cap_chan_list *l, u8 | |||
154 | struct sock *s; | 155 | struct sock *s; |
155 | read_lock(&l->lock); | 156 | read_lock(&l->lock); |
156 | s = __l2cap_get_chan_by_ident(l, ident); | 157 | s = __l2cap_get_chan_by_ident(l, ident); |
157 | if (s) bh_lock_sock(s); | 158 | if (s) |
159 | bh_lock_sock(s); | ||
158 | read_unlock(&l->lock); | 160 | read_unlock(&l->lock); |
159 | return s; | 161 | return s; |
160 | } | 162 | } |
161 | 163 | ||
162 | static u16 l2cap_alloc_cid(struct l2cap_chan_list *l) | 164 | static u16 l2cap_alloc_cid(struct l2cap_chan_list *l) |
163 | { | 165 | { |
164 | u16 cid = 0x0040; | 166 | u16 cid = L2CAP_CID_DYN_START; |
165 | 167 | ||
166 | for (; cid < 0xffff; cid++) { | 168 | for (; cid < L2CAP_CID_DYN_END; cid++) { |
167 | if(!__l2cap_get_chan_by_scid(l, cid)) | 169 | if (!__l2cap_get_chan_by_scid(l, cid)) |
168 | return cid; | 170 | return cid; |
169 | } | 171 | } |
170 | 172 | ||
@@ -204,7 +206,8 @@ static void __l2cap_chan_add(struct l2cap_conn *conn, struct sock *sk, struct so | |||
204 | { | 206 | { |
205 | struct l2cap_chan_list *l = &conn->chan_list; | 207 | struct l2cap_chan_list *l = &conn->chan_list; |
206 | 208 | ||
207 | BT_DBG("conn %p, psm 0x%2.2x, dcid 0x%4.4x", conn, l2cap_pi(sk)->psm, l2cap_pi(sk)->dcid); | 209 | BT_DBG("conn %p, psm 0x%2.2x, dcid 0x%4.4x", conn, |
210 | l2cap_pi(sk)->psm, l2cap_pi(sk)->dcid); | ||
208 | 211 | ||
209 | conn->disc_reason = 0x13; | 212 | conn->disc_reason = 0x13; |
210 | 213 | ||
@@ -215,13 +218,13 @@ static void __l2cap_chan_add(struct l2cap_conn *conn, struct sock *sk, struct so | |||
215 | l2cap_pi(sk)->scid = l2cap_alloc_cid(l); | 218 | l2cap_pi(sk)->scid = l2cap_alloc_cid(l); |
216 | } else if (sk->sk_type == SOCK_DGRAM) { | 219 | } else if (sk->sk_type == SOCK_DGRAM) { |
217 | /* Connectionless socket */ | 220 | /* Connectionless socket */ |
218 | l2cap_pi(sk)->scid = 0x0002; | 221 | l2cap_pi(sk)->scid = L2CAP_CID_CONN_LESS; |
219 | l2cap_pi(sk)->dcid = 0x0002; | 222 | l2cap_pi(sk)->dcid = L2CAP_CID_CONN_LESS; |
220 | l2cap_pi(sk)->omtu = L2CAP_DEFAULT_MTU; | 223 | l2cap_pi(sk)->omtu = L2CAP_DEFAULT_MTU; |
221 | } else { | 224 | } else { |
222 | /* Raw socket can send/recv signalling messages only */ | 225 | /* Raw socket can send/recv signalling messages only */ |
223 | l2cap_pi(sk)->scid = 0x0001; | 226 | l2cap_pi(sk)->scid = L2CAP_CID_SIGNALING; |
224 | l2cap_pi(sk)->dcid = 0x0001; | 227 | l2cap_pi(sk)->dcid = L2CAP_CID_SIGNALING; |
225 | l2cap_pi(sk)->omtu = L2CAP_DEFAULT_MTU; | 228 | l2cap_pi(sk)->omtu = L2CAP_DEFAULT_MTU; |
226 | } | 229 | } |
227 | 230 | ||
@@ -272,7 +275,7 @@ static inline int l2cap_check_security(struct sock *sk) | |||
272 | if (l2cap_pi(sk)->sec_level == BT_SECURITY_HIGH) | 275 | if (l2cap_pi(sk)->sec_level == BT_SECURITY_HIGH) |
273 | auth_type = HCI_AT_NO_BONDING_MITM; | 276 | auth_type = HCI_AT_NO_BONDING_MITM; |
274 | else | 277 | else |
275 | auth_type = HCI_AT_NO_BONDING; | 278 | auth_type = HCI_AT_NO_BONDING; |
276 | 279 | ||
277 | if (l2cap_pi(sk)->sec_level == BT_SECURITY_LOW) | 280 | if (l2cap_pi(sk)->sec_level == BT_SECURITY_LOW) |
278 | l2cap_pi(sk)->sec_level = BT_SECURITY_SDP; | 281 | l2cap_pi(sk)->sec_level = BT_SECURITY_SDP; |
@@ -588,7 +591,8 @@ static inline struct sock *l2cap_get_sock_by_psm(int state, __le16 psm, bdaddr_t | |||
588 | struct sock *s; | 591 | struct sock *s; |
589 | read_lock(&l2cap_sk_list.lock); | 592 | read_lock(&l2cap_sk_list.lock); |
590 | s = __l2cap_get_sock_by_psm(state, psm, src); | 593 | s = __l2cap_get_sock_by_psm(state, psm, src); |
591 | if (s) bh_lock_sock(s); | 594 | if (s) |
595 | bh_lock_sock(s); | ||
592 | read_unlock(&l2cap_sk_list.lock); | 596 | read_unlock(&l2cap_sk_list.lock); |
593 | return s; | 597 | return s; |
594 | } | 598 | } |
@@ -808,7 +812,7 @@ static int l2cap_sock_bind(struct socket *sock, struct sockaddr *addr, int alen) | |||
808 | goto done; | 812 | goto done; |
809 | } | 813 | } |
810 | 814 | ||
811 | if (la.l2_psm && btohs(la.l2_psm) < 0x1001 && | 815 | if (la.l2_psm && __le16_to_cpu(la.l2_psm) < 0x1001 && |
812 | !capable(CAP_NET_BIND_SERVICE)) { | 816 | !capable(CAP_NET_BIND_SERVICE)) { |
813 | err = -EACCES; | 817 | err = -EACCES; |
814 | goto done; | 818 | goto done; |
@@ -825,7 +829,8 @@ static int l2cap_sock_bind(struct socket *sock, struct sockaddr *addr, int alen) | |||
825 | l2cap_pi(sk)->sport = la.l2_psm; | 829 | l2cap_pi(sk)->sport = la.l2_psm; |
826 | sk->sk_state = BT_BOUND; | 830 | sk->sk_state = BT_BOUND; |
827 | 831 | ||
828 | if (btohs(la.l2_psm) == 0x0001 || btohs(la.l2_psm) == 0x0003) | 832 | if (__le16_to_cpu(la.l2_psm) == 0x0001 || |
833 | __le16_to_cpu(la.l2_psm) == 0x0003) | ||
829 | l2cap_pi(sk)->sec_level = BT_SECURITY_SDP; | 834 | l2cap_pi(sk)->sec_level = BT_SECURITY_SDP; |
830 | } | 835 | } |
831 | 836 | ||
@@ -844,12 +849,13 @@ static int l2cap_do_connect(struct sock *sk) | |||
844 | struct hci_conn *hcon; | 849 | struct hci_conn *hcon; |
845 | struct hci_dev *hdev; | 850 | struct hci_dev *hdev; |
846 | __u8 auth_type; | 851 | __u8 auth_type; |
847 | int err = 0; | 852 | int err; |
848 | 853 | ||
849 | BT_DBG("%s -> %s psm 0x%2.2x", batostr(src), batostr(dst), | 854 | BT_DBG("%s -> %s psm 0x%2.2x", batostr(src), batostr(dst), |
850 | l2cap_pi(sk)->psm); | 855 | l2cap_pi(sk)->psm); |
851 | 856 | ||
852 | if (!(hdev = hci_get_route(dst, src))) | 857 | hdev = hci_get_route(dst, src); |
858 | if (!hdev) | ||
853 | return -EHOSTUNREACH; | 859 | return -EHOSTUNREACH; |
854 | 860 | ||
855 | hci_dev_lock_bh(hdev); | 861 | hci_dev_lock_bh(hdev); |
@@ -950,7 +956,7 @@ static int l2cap_sock_connect(struct socket *sock, struct sockaddr *addr, int al | |||
950 | goto done; | 956 | goto done; |
951 | } | 957 | } |
952 | 958 | ||
953 | switch(sk->sk_state) { | 959 | switch (sk->sk_state) { |
954 | case BT_CONNECT: | 960 | case BT_CONNECT: |
955 | case BT_CONNECT2: | 961 | case BT_CONNECT2: |
956 | case BT_CONFIG: | 962 | case BT_CONFIG: |
@@ -975,7 +981,8 @@ static int l2cap_sock_connect(struct socket *sock, struct sockaddr *addr, int al | |||
975 | bacpy(&bt_sk(sk)->dst, &la.l2_bdaddr); | 981 | bacpy(&bt_sk(sk)->dst, &la.l2_bdaddr); |
976 | l2cap_pi(sk)->psm = la.l2_psm; | 982 | l2cap_pi(sk)->psm = la.l2_psm; |
977 | 983 | ||
978 | if ((err = l2cap_do_connect(sk))) | 984 | err = l2cap_do_connect(sk); |
985 | if (err) | ||
979 | goto done; | 986 | goto done; |
980 | 987 | ||
981 | wait: | 988 | wait: |
@@ -1009,9 +1016,9 @@ static int l2cap_sock_listen(struct socket *sock, int backlog) | |||
1009 | write_lock_bh(&l2cap_sk_list.lock); | 1016 | write_lock_bh(&l2cap_sk_list.lock); |
1010 | 1017 | ||
1011 | for (psm = 0x1001; psm < 0x1100; psm += 2) | 1018 | for (psm = 0x1001; psm < 0x1100; psm += 2) |
1012 | if (!__l2cap_get_sock_by_addr(htobs(psm), src)) { | 1019 | if (!__l2cap_get_sock_by_addr(cpu_to_le16(psm), src)) { |
1013 | l2cap_pi(sk)->psm = htobs(psm); | 1020 | l2cap_pi(sk)->psm = cpu_to_le16(psm); |
1014 | l2cap_pi(sk)->sport = htobs(psm); | 1021 | l2cap_pi(sk)->sport = cpu_to_le16(psm); |
1015 | err = 0; | 1022 | err = 0; |
1016 | break; | 1023 | break; |
1017 | } | 1024 | } |
@@ -1100,11 +1107,11 @@ static int l2cap_sock_getname(struct socket *sock, struct sockaddr *addr, int *l | |||
1100 | if (peer) { | 1107 | if (peer) { |
1101 | la->l2_psm = l2cap_pi(sk)->psm; | 1108 | la->l2_psm = l2cap_pi(sk)->psm; |
1102 | bacpy(&la->l2_bdaddr, &bt_sk(sk)->dst); | 1109 | bacpy(&la->l2_bdaddr, &bt_sk(sk)->dst); |
1103 | la->l2_cid = htobs(l2cap_pi(sk)->dcid); | 1110 | la->l2_cid = cpu_to_le16(l2cap_pi(sk)->dcid); |
1104 | } else { | 1111 | } else { |
1105 | la->l2_psm = l2cap_pi(sk)->sport; | 1112 | la->l2_psm = l2cap_pi(sk)->sport; |
1106 | bacpy(&la->l2_bdaddr, &bt_sk(sk)->src); | 1113 | bacpy(&la->l2_bdaddr, &bt_sk(sk)->src); |
1107 | la->l2_cid = htobs(l2cap_pi(sk)->scid); | 1114 | la->l2_cid = cpu_to_le16(l2cap_pi(sk)->scid); |
1108 | } | 1115 | } |
1109 | 1116 | ||
1110 | return 0; | 1117 | return 0; |
@@ -1114,7 +1121,7 @@ static inline int l2cap_do_send(struct sock *sk, struct msghdr *msg, int len) | |||
1114 | { | 1121 | { |
1115 | struct l2cap_conn *conn = l2cap_pi(sk)->conn; | 1122 | struct l2cap_conn *conn = l2cap_pi(sk)->conn; |
1116 | struct sk_buff *skb, **frag; | 1123 | struct sk_buff *skb, **frag; |
1117 | int err, hlen, count, sent=0; | 1124 | int err, hlen, count, sent = 0; |
1118 | struct l2cap_hdr *lh; | 1125 | struct l2cap_hdr *lh; |
1119 | 1126 | ||
1120 | BT_DBG("sk %p len %d", sk, len); | 1127 | BT_DBG("sk %p len %d", sk, len); |
@@ -1167,8 +1174,8 @@ static inline int l2cap_do_send(struct sock *sk, struct msghdr *msg, int len) | |||
1167 | 1174 | ||
1168 | frag = &(*frag)->next; | 1175 | frag = &(*frag)->next; |
1169 | } | 1176 | } |
1170 | 1177 | err = hci_send_acl(conn->hcon, skb, 0); | |
1171 | if ((err = hci_send_acl(conn->hcon, skb, 0)) < 0) | 1178 | if (err < 0) |
1172 | goto fail; | 1179 | goto fail; |
1173 | 1180 | ||
1174 | return sent; | 1181 | return sent; |
@@ -1556,7 +1563,7 @@ static void l2cap_raw_recv(struct l2cap_conn *conn, struct sk_buff *skb) | |||
1556 | { | 1563 | { |
1557 | struct l2cap_chan_list *l = &conn->chan_list; | 1564 | struct l2cap_chan_list *l = &conn->chan_list; |
1558 | struct sk_buff *nskb; | 1565 | struct sk_buff *nskb; |
1559 | struct sock * sk; | 1566 | struct sock *sk; |
1560 | 1567 | ||
1561 | BT_DBG("conn %p", conn); | 1568 | BT_DBG("conn %p", conn); |
1562 | 1569 | ||
@@ -1568,8 +1575,8 @@ static void l2cap_raw_recv(struct l2cap_conn *conn, struct sk_buff *skb) | |||
1568 | /* Don't send frame to the socket it came from */ | 1575 | /* Don't send frame to the socket it came from */ |
1569 | if (skb->sk == sk) | 1576 | if (skb->sk == sk) |
1570 | continue; | 1577 | continue; |
1571 | 1578 | nskb = skb_clone(skb, GFP_ATOMIC); | |
1572 | if (!(nskb = skb_clone(skb, GFP_ATOMIC))) | 1579 | if (!nskb) |
1573 | continue; | 1580 | continue; |
1574 | 1581 | ||
1575 | if (sock_queue_rcv_skb(sk, nskb)) | 1582 | if (sock_queue_rcv_skb(sk, nskb)) |
@@ -1587,7 +1594,8 @@ static struct sk_buff *l2cap_build_cmd(struct l2cap_conn *conn, | |||
1587 | struct l2cap_hdr *lh; | 1594 | struct l2cap_hdr *lh; |
1588 | int len, count; | 1595 | int len, count; |
1589 | 1596 | ||
1590 | BT_DBG("conn %p, code 0x%2.2x, ident 0x%2.2x, len %d", conn, code, ident, dlen); | 1597 | BT_DBG("conn %p, code 0x%2.2x, ident 0x%2.2x, len %d", |
1598 | conn, code, ident, dlen); | ||
1591 | 1599 | ||
1592 | len = L2CAP_HDR_SIZE + L2CAP_CMD_HDR_SIZE + dlen; | 1600 | len = L2CAP_HDR_SIZE + L2CAP_CMD_HDR_SIZE + dlen; |
1593 | count = min_t(unsigned int, conn->mtu, len); | 1601 | count = min_t(unsigned int, conn->mtu, len); |
@@ -1598,7 +1606,7 @@ static struct sk_buff *l2cap_build_cmd(struct l2cap_conn *conn, | |||
1598 | 1606 | ||
1599 | lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE); | 1607 | lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE); |
1600 | lh->len = cpu_to_le16(L2CAP_CMD_HDR_SIZE + dlen); | 1608 | lh->len = cpu_to_le16(L2CAP_CMD_HDR_SIZE + dlen); |
1601 | lh->cid = cpu_to_le16(0x0001); | 1609 | lh->cid = cpu_to_le16(L2CAP_CID_SIGNALING); |
1602 | 1610 | ||
1603 | cmd = (struct l2cap_cmd_hdr *) skb_put(skb, L2CAP_CMD_HDR_SIZE); | 1611 | cmd = (struct l2cap_cmd_hdr *) skb_put(skb, L2CAP_CMD_HDR_SIZE); |
1604 | cmd->code = code; | 1612 | cmd->code = code; |
@@ -1739,8 +1747,8 @@ static int l2cap_parse_conf_req(struct sock *sk, void *data) | |||
1739 | while (len >= L2CAP_CONF_OPT_SIZE) { | 1747 | while (len >= L2CAP_CONF_OPT_SIZE) { |
1740 | len -= l2cap_get_conf_opt(&req, &type, &olen, &val); | 1748 | len -= l2cap_get_conf_opt(&req, &type, &olen, &val); |
1741 | 1749 | ||
1742 | hint = type & 0x80; | 1750 | hint = type & L2CAP_CONF_HINT; |
1743 | type &= 0x7f; | 1751 | type &= L2CAP_CONF_MASK; |
1744 | 1752 | ||
1745 | switch (type) { | 1753 | switch (type) { |
1746 | case L2CAP_CONF_MTU: | 1754 | case L2CAP_CONF_MTU: |
@@ -1966,10 +1974,12 @@ static inline int l2cap_connect_rsp(struct l2cap_conn *conn, struct l2cap_cmd_hd | |||
1966 | BT_DBG("dcid 0x%4.4x scid 0x%4.4x result 0x%2.2x status 0x%2.2x", dcid, scid, result, status); | 1974 | BT_DBG("dcid 0x%4.4x scid 0x%4.4x result 0x%2.2x status 0x%2.2x", dcid, scid, result, status); |
1967 | 1975 | ||
1968 | if (scid) { | 1976 | if (scid) { |
1969 | if (!(sk = l2cap_get_chan_by_scid(&conn->chan_list, scid))) | 1977 | sk = l2cap_get_chan_by_scid(&conn->chan_list, scid); |
1978 | if (!sk) | ||
1970 | return 0; | 1979 | return 0; |
1971 | } else { | 1980 | } else { |
1972 | if (!(sk = l2cap_get_chan_by_ident(&conn->chan_list, cmd->ident))) | 1981 | sk = l2cap_get_chan_by_ident(&conn->chan_list, cmd->ident); |
1982 | if (!sk) | ||
1973 | return 0; | 1983 | return 0; |
1974 | } | 1984 | } |
1975 | 1985 | ||
@@ -2012,7 +2022,8 @@ static inline int l2cap_config_req(struct l2cap_conn *conn, struct l2cap_cmd_hdr | |||
2012 | 2022 | ||
2013 | BT_DBG("dcid 0x%4.4x flags 0x%2.2x", dcid, flags); | 2023 | BT_DBG("dcid 0x%4.4x flags 0x%2.2x", dcid, flags); |
2014 | 2024 | ||
2015 | if (!(sk = l2cap_get_chan_by_scid(&conn->chan_list, dcid))) | 2025 | sk = l2cap_get_chan_by_scid(&conn->chan_list, dcid); |
2026 | if (!sk) | ||
2016 | return -ENOENT; | 2027 | return -ENOENT; |
2017 | 2028 | ||
2018 | if (sk->sk_state == BT_DISCONN) | 2029 | if (sk->sk_state == BT_DISCONN) |
@@ -2079,9 +2090,11 @@ static inline int l2cap_config_rsp(struct l2cap_conn *conn, struct l2cap_cmd_hdr | |||
2079 | flags = __le16_to_cpu(rsp->flags); | 2090 | flags = __le16_to_cpu(rsp->flags); |
2080 | result = __le16_to_cpu(rsp->result); | 2091 | result = __le16_to_cpu(rsp->result); |
2081 | 2092 | ||
2082 | BT_DBG("scid 0x%4.4x flags 0x%2.2x result 0x%2.2x", scid, flags, result); | 2093 | BT_DBG("scid 0x%4.4x flags 0x%2.2x result 0x%2.2x", |
2094 | scid, flags, result); | ||
2083 | 2095 | ||
2084 | if (!(sk = l2cap_get_chan_by_scid(&conn->chan_list, scid))) | 2096 | sk = l2cap_get_chan_by_scid(&conn->chan_list, scid); |
2097 | if (!sk) | ||
2085 | return 0; | 2098 | return 0; |
2086 | 2099 | ||
2087 | switch (result) { | 2100 | switch (result) { |
@@ -2142,7 +2155,8 @@ static inline int l2cap_disconnect_req(struct l2cap_conn *conn, struct l2cap_cmd | |||
2142 | 2155 | ||
2143 | BT_DBG("scid 0x%4.4x dcid 0x%4.4x", scid, dcid); | 2156 | BT_DBG("scid 0x%4.4x dcid 0x%4.4x", scid, dcid); |
2144 | 2157 | ||
2145 | if (!(sk = l2cap_get_chan_by_scid(&conn->chan_list, dcid))) | 2158 | sk = l2cap_get_chan_by_scid(&conn->chan_list, dcid); |
2159 | if (!sk) | ||
2146 | return 0; | 2160 | return 0; |
2147 | 2161 | ||
2148 | rsp.dcid = cpu_to_le16(l2cap_pi(sk)->scid); | 2162 | rsp.dcid = cpu_to_le16(l2cap_pi(sk)->scid); |
@@ -2169,7 +2183,8 @@ static inline int l2cap_disconnect_rsp(struct l2cap_conn *conn, struct l2cap_cmd | |||
2169 | 2183 | ||
2170 | BT_DBG("dcid 0x%4.4x scid 0x%4.4x", dcid, scid); | 2184 | BT_DBG("dcid 0x%4.4x scid 0x%4.4x", dcid, scid); |
2171 | 2185 | ||
2172 | if (!(sk = l2cap_get_chan_by_scid(&conn->chan_list, scid))) | 2186 | sk = l2cap_get_chan_by_scid(&conn->chan_list, scid); |
2187 | if (!sk) | ||
2173 | return 0; | 2188 | return 0; |
2174 | 2189 | ||
2175 | l2cap_chan_del(sk, 0); | 2190 | l2cap_chan_del(sk, 0); |
@@ -2230,7 +2245,7 @@ static inline int l2cap_information_rsp(struct l2cap_conn *conn, struct l2cap_cm | |||
2230 | if (type == L2CAP_IT_FEAT_MASK) { | 2245 | if (type == L2CAP_IT_FEAT_MASK) { |
2231 | conn->feat_mask = get_unaligned_le32(rsp->data); | 2246 | conn->feat_mask = get_unaligned_le32(rsp->data); |
2232 | 2247 | ||
2233 | if (conn->feat_mask & 0x0080) { | 2248 | if (conn->feat_mask & L2CAP_FEAT_FIXED_CHAN) { |
2234 | struct l2cap_info_req req; | 2249 | struct l2cap_info_req req; |
2235 | req.type = cpu_to_le16(L2CAP_IT_FIXED_CHAN); | 2250 | req.type = cpu_to_le16(L2CAP_IT_FIXED_CHAN); |
2236 | 2251 | ||
@@ -2403,7 +2418,8 @@ drop: | |||
2403 | kfree_skb(skb); | 2418 | kfree_skb(skb); |
2404 | 2419 | ||
2405 | done: | 2420 | done: |
2406 | if (sk) bh_unlock_sock(sk); | 2421 | if (sk) |
2422 | bh_unlock_sock(sk); | ||
2407 | return 0; | 2423 | return 0; |
2408 | } | 2424 | } |
2409 | 2425 | ||
@@ -2420,11 +2436,11 @@ static void l2cap_recv_frame(struct l2cap_conn *conn, struct sk_buff *skb) | |||
2420 | BT_DBG("len %d, cid 0x%4.4x", len, cid); | 2436 | BT_DBG("len %d, cid 0x%4.4x", len, cid); |
2421 | 2437 | ||
2422 | switch (cid) { | 2438 | switch (cid) { |
2423 | case 0x0001: | 2439 | case L2CAP_CID_SIGNALING: |
2424 | l2cap_sig_channel(conn, skb); | 2440 | l2cap_sig_channel(conn, skb); |
2425 | break; | 2441 | break; |
2426 | 2442 | ||
2427 | case 0x0002: | 2443 | case L2CAP_CID_CONN_LESS: |
2428 | psm = get_unaligned((__le16 *) skb->data); | 2444 | psm = get_unaligned((__le16 *) skb->data); |
2429 | skb_pull(skb, 2); | 2445 | skb_pull(skb, 2); |
2430 | l2cap_conless_channel(conn, psm, skb); | 2446 | l2cap_conless_channel(conn, psm, skb); |
@@ -2650,7 +2666,8 @@ static int l2cap_recv_acldata(struct hci_conn *hcon, struct sk_buff *skb, u16 fl | |||
2650 | } | 2666 | } |
2651 | 2667 | ||
2652 | /* Allocate skb for the complete frame (with header) */ | 2668 | /* Allocate skb for the complete frame (with header) */ |
2653 | if (!(conn->rx_skb = bt_skb_alloc(len, GFP_ATOMIC))) | 2669 | conn->rx_skb = bt_skb_alloc(len, GFP_ATOMIC); |
2670 | if (!conn->rx_skb) | ||
2654 | goto drop; | 2671 | goto drop; |
2655 | 2672 | ||
2656 | skb_copy_from_linear_data(skb, skb_put(conn->rx_skb, skb->len), | 2673 | skb_copy_from_linear_data(skb, skb_put(conn->rx_skb, skb->len), |
@@ -2704,13 +2721,13 @@ static ssize_t l2cap_sysfs_show(struct class *dev, char *buf) | |||
2704 | 2721 | ||
2705 | str += sprintf(str, "%s %s %d %d 0x%4.4x 0x%4.4x %d %d %d\n", | 2722 | str += sprintf(str, "%s %s %d %d 0x%4.4x 0x%4.4x %d %d %d\n", |
2706 | batostr(&bt_sk(sk)->src), batostr(&bt_sk(sk)->dst), | 2723 | batostr(&bt_sk(sk)->src), batostr(&bt_sk(sk)->dst), |
2707 | sk->sk_state, btohs(pi->psm), pi->scid, pi->dcid, | 2724 | sk->sk_state, __le16_to_cpu(pi->psm), pi->scid, |
2708 | pi->imtu, pi->omtu, pi->sec_level); | 2725 | pi->dcid, pi->imtu, pi->omtu, pi->sec_level); |
2709 | } | 2726 | } |
2710 | 2727 | ||
2711 | read_unlock_bh(&l2cap_sk_list.lock); | 2728 | read_unlock_bh(&l2cap_sk_list.lock); |
2712 | 2729 | ||
2713 | return (str - buf); | 2730 | return str - buf; |
2714 | } | 2731 | } |
2715 | 2732 | ||
2716 | static CLASS_ATTR(l2cap, S_IRUGO, l2cap_sysfs_show, NULL); | 2733 | static CLASS_ATTR(l2cap, S_IRUGO, l2cap_sysfs_show, NULL); |