aboutsummaryrefslogtreecommitdiffstats
path: root/net/bluetooth
diff options
context:
space:
mode:
Diffstat (limited to 'net/bluetooth')
-rw-r--r--net/bluetooth/af_bluetooth.c2
-rw-r--r--net/bluetooth/bnep/core.c16
-rw-r--r--net/bluetooth/cmtp/core.c4
-rw-r--r--net/bluetooth/hci_conn.c36
-rw-r--r--net/bluetooth/hci_core.c35
-rw-r--r--net/bluetooth/hci_event.c8
-rw-r--r--net/bluetooth/hci_sock.c2
-rw-r--r--net/bluetooth/l2cap.c76
-rw-r--r--net/bluetooth/rfcomm/core.c6
-rw-r--r--net/bluetooth/sco.c2
10 files changed, 96 insertions, 91 deletions
diff --git a/net/bluetooth/af_bluetooth.c b/net/bluetooth/af_bluetooth.c
index c7228cfc6218..d942b946ba07 100644
--- a/net/bluetooth/af_bluetooth.c
+++ b/net/bluetooth/af_bluetooth.c
@@ -221,7 +221,7 @@ int bt_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
221 copied = len; 221 copied = len;
222 } 222 }
223 223
224 skb->h.raw = skb->data; 224 skb_reset_transport_header(skb);
225 err = skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied); 225 err = skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied);
226 226
227 skb_free_datagram(sk, skb); 227 skb_free_datagram(sk, skb);
diff --git a/net/bluetooth/bnep/core.c b/net/bluetooth/bnep/core.c
index b85d1492c357..ab2db55982ca 100644
--- a/net/bluetooth/bnep/core.c
+++ b/net/bluetooth/bnep/core.c
@@ -326,7 +326,7 @@ static inline int bnep_rx_frame(struct bnep_session *s, struct sk_buff *skb)
326 return 0; 326 return 0;
327 } 327 }
328 328
329 skb->mac.raw = skb->data; 329 skb_reset_mac_header(skb);
330 330
331 /* Verify and pull out header */ 331 /* Verify and pull out header */
332 if (!skb_pull(skb, __bnep_rx_hlen[type & BNEP_TYPE_MASK])) 332 if (!skb_pull(skb, __bnep_rx_hlen[type & BNEP_TYPE_MASK]))
@@ -364,26 +364,28 @@ static inline int bnep_rx_frame(struct bnep_session *s, struct sk_buff *skb)
364 364
365 case BNEP_COMPRESSED_SRC_ONLY: 365 case BNEP_COMPRESSED_SRC_ONLY:
366 memcpy(__skb_put(nskb, ETH_ALEN), s->eh.h_dest, ETH_ALEN); 366 memcpy(__skb_put(nskb, ETH_ALEN), s->eh.h_dest, ETH_ALEN);
367 memcpy(__skb_put(nskb, ETH_ALEN), skb->mac.raw, ETH_ALEN); 367 memcpy(__skb_put(nskb, ETH_ALEN), skb_mac_header(skb), ETH_ALEN);
368 put_unaligned(s->eh.h_proto, (__be16 *) __skb_put(nskb, 2)); 368 put_unaligned(s->eh.h_proto, (__be16 *) __skb_put(nskb, 2));
369 break; 369 break;
370 370
371 case BNEP_COMPRESSED_DST_ONLY: 371 case BNEP_COMPRESSED_DST_ONLY:
372 memcpy(__skb_put(nskb, ETH_ALEN), skb->mac.raw, ETH_ALEN); 372 memcpy(__skb_put(nskb, ETH_ALEN), skb_mac_header(skb),
373 memcpy(__skb_put(nskb, ETH_ALEN + 2), s->eh.h_source, ETH_ALEN + 2); 373 ETH_ALEN);
374 memcpy(__skb_put(nskb, ETH_ALEN + 2), s->eh.h_source,
375 ETH_ALEN + 2);
374 break; 376 break;
375 377
376 case BNEP_GENERAL: 378 case BNEP_GENERAL:
377 memcpy(__skb_put(nskb, ETH_ALEN * 2), skb->mac.raw, ETH_ALEN * 2); 379 memcpy(__skb_put(nskb, ETH_ALEN * 2), skb_mac_header(skb),
380 ETH_ALEN * 2);
378 put_unaligned(s->eh.h_proto, (__be16 *) __skb_put(nskb, 2)); 381 put_unaligned(s->eh.h_proto, (__be16 *) __skb_put(nskb, 2));
379 break; 382 break;
380 } 383 }
381 384
382 memcpy(__skb_put(nskb, skb->len), skb->data, skb->len); 385 skb_copy_from_linear_data(skb, __skb_put(nskb, skb->len), skb->len);
383 kfree_skb(skb); 386 kfree_skb(skb);
384 387
385 s->stats.rx_packets++; 388 s->stats.rx_packets++;
386 nskb->dev = dev;
387 nskb->ip_summed = CHECKSUM_NONE; 389 nskb->ip_summed = CHECKSUM_NONE;
388 nskb->protocol = eth_type_trans(nskb, dev); 390 nskb->protocol = eth_type_trans(nskb, dev);
389 netif_rx_ni(nskb); 391 netif_rx_ni(nskb);
diff --git a/net/bluetooth/cmtp/core.c b/net/bluetooth/cmtp/core.c
index 3933608a9296..66bef1ccee2a 100644
--- a/net/bluetooth/cmtp/core.c
+++ b/net/bluetooth/cmtp/core.c
@@ -124,7 +124,7 @@ static inline void cmtp_add_msgpart(struct cmtp_session *session, int id, const
124 } 124 }
125 125
126 if (skb && (skb->len > 0)) 126 if (skb && (skb->len > 0))
127 memcpy(skb_put(nskb, skb->len), skb->data, skb->len); 127 skb_copy_from_linear_data(skb, skb_put(nskb, skb->len), skb->len);
128 128
129 memcpy(skb_put(nskb, count), buf, count); 129 memcpy(skb_put(nskb, count), buf, count);
130 130
@@ -256,7 +256,7 @@ static void cmtp_process_transmit(struct cmtp_session *session)
256 hdr[2] = size >> 8; 256 hdr[2] = size >> 8;
257 } 257 }
258 258
259 memcpy(skb_put(nskb, size), skb->data, size); 259 skb_copy_from_linear_data(skb, skb_put(nskb, size), size);
260 skb_pull(skb, size); 260 skb_pull(skb, size);
261 261
262 if (skb->len > 0) { 262 if (skb->len > 0) {
diff --git a/net/bluetooth/hci_conn.c b/net/bluetooth/hci_conn.c
index f3403fdb59f8..63980bd6b5f2 100644
--- a/net/bluetooth/hci_conn.c
+++ b/net/bluetooth/hci_conn.c
@@ -72,11 +72,11 @@ void hci_acl_connect(struct hci_conn *conn)
72 inquiry_entry_age(ie) <= INQUIRY_ENTRY_AGE_MAX) { 72 inquiry_entry_age(ie) <= INQUIRY_ENTRY_AGE_MAX) {
73 cp.pscan_rep_mode = ie->data.pscan_rep_mode; 73 cp.pscan_rep_mode = ie->data.pscan_rep_mode;
74 cp.pscan_mode = ie->data.pscan_mode; 74 cp.pscan_mode = ie->data.pscan_mode;
75 cp.clock_offset = ie->data.clock_offset | __cpu_to_le16(0x8000); 75 cp.clock_offset = ie->data.clock_offset | cpu_to_le16(0x8000);
76 memcpy(conn->dev_class, ie->data.dev_class, 3); 76 memcpy(conn->dev_class, ie->data.dev_class, 3);
77 } 77 }
78 78
79 cp.pkt_type = __cpu_to_le16(hdev->pkt_type & ACL_PTYPE_MASK); 79 cp.pkt_type = cpu_to_le16(hdev->pkt_type & ACL_PTYPE_MASK);
80 if (lmp_rswitch_capable(hdev) && !(hdev->link_mode & HCI_LM_MASTER)) 80 if (lmp_rswitch_capable(hdev) && !(hdev->link_mode & HCI_LM_MASTER))
81 cp.role_switch = 0x01; 81 cp.role_switch = 0x01;
82 else 82 else
@@ -107,7 +107,7 @@ void hci_acl_disconn(struct hci_conn *conn, __u8 reason)
107 107
108 conn->state = BT_DISCONN; 108 conn->state = BT_DISCONN;
109 109
110 cp.handle = __cpu_to_le16(conn->handle); 110 cp.handle = cpu_to_le16(conn->handle);
111 cp.reason = reason; 111 cp.reason = reason;
112 hci_send_cmd(conn->hdev, OGF_LINK_CTL, 112 hci_send_cmd(conn->hdev, OGF_LINK_CTL,
113 OCF_DISCONNECT, sizeof(cp), &cp); 113 OCF_DISCONNECT, sizeof(cp), &cp);
@@ -123,8 +123,8 @@ void hci_add_sco(struct hci_conn *conn, __u16 handle)
123 conn->state = BT_CONNECT; 123 conn->state = BT_CONNECT;
124 conn->out = 1; 124 conn->out = 1;
125 125
126 cp.pkt_type = __cpu_to_le16(hdev->pkt_type & SCO_PTYPE_MASK); 126 cp.pkt_type = cpu_to_le16(hdev->pkt_type & SCO_PTYPE_MASK);
127 cp.handle = __cpu_to_le16(handle); 127 cp.handle = cpu_to_le16(handle);
128 128
129 hci_send_cmd(hdev, OGF_LINK_CTL, OCF_ADD_SCO, sizeof(cp), &cp); 129 hci_send_cmd(hdev, OGF_LINK_CTL, OCF_ADD_SCO, sizeof(cp), &cp);
130} 130}
@@ -348,7 +348,7 @@ int hci_conn_auth(struct hci_conn *conn)
348 348
349 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->pend)) { 349 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->pend)) {
350 struct hci_cp_auth_requested cp; 350 struct hci_cp_auth_requested cp;
351 cp.handle = __cpu_to_le16(conn->handle); 351 cp.handle = cpu_to_le16(conn->handle);
352 hci_send_cmd(conn->hdev, OGF_LINK_CTL, OCF_AUTH_REQUESTED, sizeof(cp), &cp); 352 hci_send_cmd(conn->hdev, OGF_LINK_CTL, OCF_AUTH_REQUESTED, sizeof(cp), &cp);
353 } 353 }
354 return 0; 354 return 0;
@@ -368,7 +368,7 @@ int hci_conn_encrypt(struct hci_conn *conn)
368 368
369 if (hci_conn_auth(conn)) { 369 if (hci_conn_auth(conn)) {
370 struct hci_cp_set_conn_encrypt cp; 370 struct hci_cp_set_conn_encrypt cp;
371 cp.handle = __cpu_to_le16(conn->handle); 371 cp.handle = cpu_to_le16(conn->handle);
372 cp.encrypt = 1; 372 cp.encrypt = 1;
373 hci_send_cmd(conn->hdev, OGF_LINK_CTL, OCF_SET_CONN_ENCRYPT, sizeof(cp), &cp); 373 hci_send_cmd(conn->hdev, OGF_LINK_CTL, OCF_SET_CONN_ENCRYPT, sizeof(cp), &cp);
374 } 374 }
@@ -383,7 +383,7 @@ int hci_conn_change_link_key(struct hci_conn *conn)
383 383
384 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->pend)) { 384 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->pend)) {
385 struct hci_cp_change_conn_link_key cp; 385 struct hci_cp_change_conn_link_key cp;
386 cp.handle = __cpu_to_le16(conn->handle); 386 cp.handle = cpu_to_le16(conn->handle);
387 hci_send_cmd(conn->hdev, OGF_LINK_CTL, OCF_CHANGE_CONN_LINK_KEY, sizeof(cp), &cp); 387 hci_send_cmd(conn->hdev, OGF_LINK_CTL, OCF_CHANGE_CONN_LINK_KEY, sizeof(cp), &cp);
388 } 388 }
389 return 0; 389 return 0;
@@ -423,7 +423,7 @@ void hci_conn_enter_active_mode(struct hci_conn *conn)
423 423
424 if (!test_and_set_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend)) { 424 if (!test_and_set_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend)) {
425 struct hci_cp_exit_sniff_mode cp; 425 struct hci_cp_exit_sniff_mode cp;
426 cp.handle = __cpu_to_le16(conn->handle); 426 cp.handle = cpu_to_le16(conn->handle);
427 hci_send_cmd(hdev, OGF_LINK_POLICY, 427 hci_send_cmd(hdev, OGF_LINK_POLICY,
428 OCF_EXIT_SNIFF_MODE, sizeof(cp), &cp); 428 OCF_EXIT_SNIFF_MODE, sizeof(cp), &cp);
429 } 429 }
@@ -452,21 +452,21 @@ void hci_conn_enter_sniff_mode(struct hci_conn *conn)
452 452
453 if (lmp_sniffsubr_capable(hdev) && lmp_sniffsubr_capable(conn)) { 453 if (lmp_sniffsubr_capable(hdev) && lmp_sniffsubr_capable(conn)) {
454 struct hci_cp_sniff_subrate cp; 454 struct hci_cp_sniff_subrate cp;
455 cp.handle = __cpu_to_le16(conn->handle); 455 cp.handle = cpu_to_le16(conn->handle);
456 cp.max_latency = __constant_cpu_to_le16(0); 456 cp.max_latency = cpu_to_le16(0);
457 cp.min_remote_timeout = __constant_cpu_to_le16(0); 457 cp.min_remote_timeout = cpu_to_le16(0);
458 cp.min_local_timeout = __constant_cpu_to_le16(0); 458 cp.min_local_timeout = cpu_to_le16(0);
459 hci_send_cmd(hdev, OGF_LINK_POLICY, 459 hci_send_cmd(hdev, OGF_LINK_POLICY,
460 OCF_SNIFF_SUBRATE, sizeof(cp), &cp); 460 OCF_SNIFF_SUBRATE, sizeof(cp), &cp);
461 } 461 }
462 462
463 if (!test_and_set_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend)) { 463 if (!test_and_set_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend)) {
464 struct hci_cp_sniff_mode cp; 464 struct hci_cp_sniff_mode cp;
465 cp.handle = __cpu_to_le16(conn->handle); 465 cp.handle = cpu_to_le16(conn->handle);
466 cp.max_interval = __cpu_to_le16(hdev->sniff_max_interval); 466 cp.max_interval = cpu_to_le16(hdev->sniff_max_interval);
467 cp.min_interval = __cpu_to_le16(hdev->sniff_min_interval); 467 cp.min_interval = cpu_to_le16(hdev->sniff_min_interval);
468 cp.attempt = __constant_cpu_to_le16(4); 468 cp.attempt = cpu_to_le16(4);
469 cp.timeout = __constant_cpu_to_le16(1); 469 cp.timeout = cpu_to_le16(1);
470 hci_send_cmd(hdev, OGF_LINK_POLICY, 470 hci_send_cmd(hdev, OGF_LINK_POLICY,
471 OCF_SNIFF_MODE, sizeof(cp), &cp); 471 OCF_SNIFF_MODE, sizeof(cp), &cp);
472 } 472 }
diff --git a/net/bluetooth/hci_core.c b/net/bluetooth/hci_core.c
index 4917919d86a6..aa4b56a8c3ea 100644
--- a/net/bluetooth/hci_core.c
+++ b/net/bluetooth/hci_core.c
@@ -149,7 +149,7 @@ static int __hci_request(struct hci_dev *hdev, void (*req)(struct hci_dev *hdev,
149 default: 149 default:
150 err = -ETIMEDOUT; 150 err = -ETIMEDOUT;
151 break; 151 break;
152 }; 152 }
153 153
154 hdev->req_status = hdev->req_result = 0; 154 hdev->req_status = hdev->req_result = 0;
155 155
@@ -216,10 +216,10 @@ static void hci_init_req(struct hci_dev *hdev, unsigned long opt)
216 /* Host buffer size */ 216 /* Host buffer size */
217 { 217 {
218 struct hci_cp_host_buffer_size cp; 218 struct hci_cp_host_buffer_size cp;
219 cp.acl_mtu = __cpu_to_le16(HCI_MAX_ACL_SIZE); 219 cp.acl_mtu = cpu_to_le16(HCI_MAX_ACL_SIZE);
220 cp.sco_mtu = HCI_MAX_SCO_SIZE; 220 cp.sco_mtu = HCI_MAX_SCO_SIZE;
221 cp.acl_max_pkt = __cpu_to_le16(0xffff); 221 cp.acl_max_pkt = cpu_to_le16(0xffff);
222 cp.sco_max_pkt = __cpu_to_le16(0xffff); 222 cp.sco_max_pkt = cpu_to_le16(0xffff);
223 hci_send_cmd(hdev, OGF_HOST_CTL, OCF_HOST_BUFFER_SIZE, sizeof(cp), &cp); 223 hci_send_cmd(hdev, OGF_HOST_CTL, OCF_HOST_BUFFER_SIZE, sizeof(cp), &cp);
224 } 224 }
225#endif 225#endif
@@ -240,11 +240,11 @@ static void hci_init_req(struct hci_dev *hdev, unsigned long opt)
240 } 240 }
241 241
242 /* Page timeout ~20 secs */ 242 /* Page timeout ~20 secs */
243 param = __cpu_to_le16(0x8000); 243 param = cpu_to_le16(0x8000);
244 hci_send_cmd(hdev, OGF_HOST_CTL, OCF_WRITE_PG_TIMEOUT, 2, &param); 244 hci_send_cmd(hdev, OGF_HOST_CTL, OCF_WRITE_PG_TIMEOUT, 2, &param);
245 245
246 /* Connection accept timeout ~20 secs */ 246 /* Connection accept timeout ~20 secs */
247 param = __cpu_to_le16(0x7d00); 247 param = cpu_to_le16(0x7d00);
248 hci_send_cmd(hdev, OGF_HOST_CTL, OCF_WRITE_CA_TIMEOUT, 2, &param); 248 hci_send_cmd(hdev, OGF_HOST_CTL, OCF_WRITE_CA_TIMEOUT, 2, &param);
249} 249}
250 250
@@ -1034,7 +1034,7 @@ int hci_send_cmd(struct hci_dev *hdev, __u16 ogf, __u16 ocf, __u32 plen, void *p
1034 } 1034 }
1035 1035
1036 hdr = (struct hci_command_hdr *) skb_put(skb, HCI_COMMAND_HDR_SIZE); 1036 hdr = (struct hci_command_hdr *) skb_put(skb, HCI_COMMAND_HDR_SIZE);
1037 hdr->opcode = __cpu_to_le16(hci_opcode_pack(ogf, ocf)); 1037 hdr->opcode = cpu_to_le16(hci_opcode_pack(ogf, ocf));
1038 hdr->plen = plen; 1038 hdr->plen = plen;
1039 1039
1040 if (plen) 1040 if (plen)
@@ -1060,7 +1060,7 @@ void *hci_sent_cmd_data(struct hci_dev *hdev, __u16 ogf, __u16 ocf)
1060 1060
1061 hdr = (void *) hdev->sent_cmd->data; 1061 hdr = (void *) hdev->sent_cmd->data;
1062 1062
1063 if (hdr->opcode != __cpu_to_le16(hci_opcode_pack(ogf, ocf))) 1063 if (hdr->opcode != cpu_to_le16(hci_opcode_pack(ogf, ocf)))
1064 return NULL; 1064 return NULL;
1065 1065
1066 BT_DBG("%s ogf 0x%x ocf 0x%x", hdev->name, ogf, ocf); 1066 BT_DBG("%s ogf 0x%x ocf 0x%x", hdev->name, ogf, ocf);
@@ -1074,11 +1074,11 @@ static void hci_add_acl_hdr(struct sk_buff *skb, __u16 handle, __u16 flags)
1074 struct hci_acl_hdr *hdr; 1074 struct hci_acl_hdr *hdr;
1075 int len = skb->len; 1075 int len = skb->len;
1076 1076
1077 hdr = (struct hci_acl_hdr *) skb_push(skb, HCI_ACL_HDR_SIZE); 1077 skb_push(skb, HCI_ACL_HDR_SIZE);
1078 hdr->handle = __cpu_to_le16(hci_handle_pack(handle, flags)); 1078 skb_reset_transport_header(skb);
1079 hdr->dlen = __cpu_to_le16(len); 1079 hdr = (struct hci_acl_hdr *)skb_transport_header(skb);
1080 1080 hdr->handle = cpu_to_le16(hci_handle_pack(handle, flags));
1081 skb->h.raw = (void *) hdr; 1081 hdr->dlen = cpu_to_le16(len);
1082} 1082}
1083 1083
1084int hci_send_acl(struct hci_conn *conn, struct sk_buff *skb, __u16 flags) 1084int hci_send_acl(struct hci_conn *conn, struct sk_buff *skb, __u16 flags)
@@ -1140,11 +1140,12 @@ int hci_send_sco(struct hci_conn *conn, struct sk_buff *skb)
1140 return -EINVAL; 1140 return -EINVAL;
1141 } 1141 }
1142 1142
1143 hdr.handle = __cpu_to_le16(conn->handle); 1143 hdr.handle = cpu_to_le16(conn->handle);
1144 hdr.dlen = skb->len; 1144 hdr.dlen = skb->len;
1145 1145
1146 skb->h.raw = skb_push(skb, HCI_SCO_HDR_SIZE); 1146 skb_push(skb, HCI_SCO_HDR_SIZE);
1147 memcpy(skb->h.raw, &hdr, HCI_SCO_HDR_SIZE); 1147 skb_reset_transport_header(skb);
1148 memcpy(skb_transport_header(skb), &hdr, HCI_SCO_HDR_SIZE);
1148 1149
1149 skb->dev = (void *) hdev; 1150 skb->dev = (void *) hdev;
1150 bt_cb(skb)->pkt_type = HCI_SCODATA_PKT; 1151 bt_cb(skb)->pkt_type = HCI_SCODATA_PKT;
@@ -1387,7 +1388,7 @@ static void hci_rx_task(unsigned long arg)
1387 case HCI_SCODATA_PKT: 1388 case HCI_SCODATA_PKT:
1388 kfree_skb(skb); 1389 kfree_skb(skb);
1389 continue; 1390 continue;
1390 }; 1391 }
1391 } 1392 }
1392 1393
1393 /* Process frame */ 1394 /* Process frame */
diff --git a/net/bluetooth/hci_event.c b/net/bluetooth/hci_event.c
index 936d3fc479cd..447ba7131220 100644
--- a/net/bluetooth/hci_event.c
+++ b/net/bluetooth/hci_event.c
@@ -783,7 +783,7 @@ static inline void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *s
783 if (conn->type == ACL_LINK && hdev->link_policy) { 783 if (conn->type == ACL_LINK && hdev->link_policy) {
784 struct hci_cp_write_link_policy cp; 784 struct hci_cp_write_link_policy cp;
785 cp.handle = ev->handle; 785 cp.handle = ev->handle;
786 cp.policy = __cpu_to_le16(hdev->link_policy); 786 cp.policy = cpu_to_le16(hdev->link_policy);
787 hci_send_cmd(hdev, OGF_LINK_POLICY, 787 hci_send_cmd(hdev, OGF_LINK_POLICY,
788 OCF_WRITE_LINK_POLICY, sizeof(cp), &cp); 788 OCF_WRITE_LINK_POLICY, sizeof(cp), &cp);
789 } 789 }
@@ -793,8 +793,8 @@ static inline void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *s
793 struct hci_cp_change_conn_ptype cp; 793 struct hci_cp_change_conn_ptype cp;
794 cp.handle = ev->handle; 794 cp.handle = ev->handle;
795 cp.pkt_type = (conn->type == ACL_LINK) ? 795 cp.pkt_type = (conn->type == ACL_LINK) ?
796 __cpu_to_le16(hdev->pkt_type & ACL_PTYPE_MASK): 796 cpu_to_le16(hdev->pkt_type & ACL_PTYPE_MASK):
797 __cpu_to_le16(hdev->pkt_type & SCO_PTYPE_MASK); 797 cpu_to_le16(hdev->pkt_type & SCO_PTYPE_MASK);
798 798
799 hci_send_cmd(hdev, OGF_LINK_CTL, 799 hci_send_cmd(hdev, OGF_LINK_CTL,
800 OCF_CHANGE_CONN_PTYPE, sizeof(cp), &cp); 800 OCF_CHANGE_CONN_PTYPE, sizeof(cp), &cp);
@@ -970,7 +970,7 @@ static inline void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *s
970 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend)) { 970 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend)) {
971 if (!ev->status) { 971 if (!ev->status) {
972 struct hci_cp_set_conn_encrypt cp; 972 struct hci_cp_set_conn_encrypt cp;
973 cp.handle = __cpu_to_le16(conn->handle); 973 cp.handle = cpu_to_le16(conn->handle);
974 cp.encrypt = 1; 974 cp.encrypt = 1;
975 hci_send_cmd(conn->hdev, OGF_LINK_CTL, 975 hci_send_cmd(conn->hdev, OGF_LINK_CTL,
976 OCF_SET_CONN_ENCRYPT, sizeof(cp), &cp); 976 OCF_SET_CONN_ENCRYPT, sizeof(cp), &cp);
diff --git a/net/bluetooth/hci_sock.c b/net/bluetooth/hci_sock.c
index 71f5cfbbebb8..832b5f44be5c 100644
--- a/net/bluetooth/hci_sock.c
+++ b/net/bluetooth/hci_sock.c
@@ -375,7 +375,7 @@ static int hci_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
375 copied = len; 375 copied = len;
376 } 376 }
377 377
378 skb->h.raw = skb->data; 378 skb_reset_transport_header(skb);
379 err = skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied); 379 err = skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied);
380 380
381 hci_sock_cmsg(sk, msg, skb); 381 hci_sock_cmsg(sk, msg, skb);
diff --git a/net/bluetooth/l2cap.c b/net/bluetooth/l2cap.c
index e83ee82440d3..a5867879b615 100644
--- a/net/bluetooth/l2cap.c
+++ b/net/bluetooth/l2cap.c
@@ -459,8 +459,8 @@ static void __l2cap_sock_close(struct sock *sk, int reason)
459 sk->sk_state = BT_DISCONN; 459 sk->sk_state = BT_DISCONN;
460 l2cap_sock_set_timer(sk, sk->sk_sndtimeo); 460 l2cap_sock_set_timer(sk, sk->sk_sndtimeo);
461 461
462 req.dcid = __cpu_to_le16(l2cap_pi(sk)->dcid); 462 req.dcid = cpu_to_le16(l2cap_pi(sk)->dcid);
463 req.scid = __cpu_to_le16(l2cap_pi(sk)->scid); 463 req.scid = cpu_to_le16(l2cap_pi(sk)->scid);
464 l2cap_send_cmd(conn, l2cap_get_ident(conn), 464 l2cap_send_cmd(conn, l2cap_get_ident(conn),
465 L2CAP_DISCONN_REQ, sizeof(req), &req); 465 L2CAP_DISCONN_REQ, sizeof(req), &req);
466 } else { 466 } else {
@@ -652,7 +652,7 @@ static int l2cap_do_connect(struct sock *sk)
652 if (sk->sk_type == SOCK_SEQPACKET) { 652 if (sk->sk_type == SOCK_SEQPACKET) {
653 struct l2cap_conn_req req; 653 struct l2cap_conn_req req;
654 l2cap_pi(sk)->ident = l2cap_get_ident(conn); 654 l2cap_pi(sk)->ident = l2cap_get_ident(conn);
655 req.scid = __cpu_to_le16(l2cap_pi(sk)->scid); 655 req.scid = cpu_to_le16(l2cap_pi(sk)->scid);
656 req.psm = l2cap_pi(sk)->psm; 656 req.psm = l2cap_pi(sk)->psm;
657 l2cap_send_cmd(conn, l2cap_pi(sk)->ident, 657 l2cap_send_cmd(conn, l2cap_pi(sk)->ident,
658 L2CAP_CONN_REQ, sizeof(req), &req); 658 L2CAP_CONN_REQ, sizeof(req), &req);
@@ -868,8 +868,8 @@ static inline int l2cap_do_send(struct sock *sk, struct msghdr *msg, int len)
868 868
869 /* Create L2CAP header */ 869 /* Create L2CAP header */
870 lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE); 870 lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE);
871 lh->cid = __cpu_to_le16(l2cap_pi(sk)->dcid); 871 lh->cid = cpu_to_le16(l2cap_pi(sk)->dcid);
872 lh->len = __cpu_to_le16(len + (hlen - L2CAP_HDR_SIZE)); 872 lh->len = cpu_to_le16(len + (hlen - L2CAP_HDR_SIZE));
873 873
874 if (sk->sk_type == SOCK_DGRAM) 874 if (sk->sk_type == SOCK_DGRAM)
875 put_unaligned(l2cap_pi(sk)->psm, (u16 *) skb_put(skb, 2)); 875 put_unaligned(l2cap_pi(sk)->psm, (u16 *) skb_put(skb, 2));
@@ -1096,7 +1096,7 @@ static void l2cap_conn_ready(struct l2cap_conn *conn)
1096 } else if (sk->sk_state == BT_CONNECT) { 1096 } else if (sk->sk_state == BT_CONNECT) {
1097 struct l2cap_conn_req req; 1097 struct l2cap_conn_req req;
1098 l2cap_pi(sk)->ident = l2cap_get_ident(conn); 1098 l2cap_pi(sk)->ident = l2cap_get_ident(conn);
1099 req.scid = __cpu_to_le16(l2cap_pi(sk)->scid); 1099 req.scid = cpu_to_le16(l2cap_pi(sk)->scid);
1100 req.psm = l2cap_pi(sk)->psm; 1100 req.psm = l2cap_pi(sk)->psm;
1101 l2cap_send_cmd(conn, l2cap_pi(sk)->ident, L2CAP_CONN_REQ, sizeof(req), &req); 1101 l2cap_send_cmd(conn, l2cap_pi(sk)->ident, L2CAP_CONN_REQ, sizeof(req), &req);
1102 } 1102 }
@@ -1192,13 +1192,13 @@ static struct sk_buff *l2cap_build_cmd(struct l2cap_conn *conn,
1192 return NULL; 1192 return NULL;
1193 1193
1194 lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE); 1194 lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE);
1195 lh->len = __cpu_to_le16(L2CAP_CMD_HDR_SIZE + dlen); 1195 lh->len = cpu_to_le16(L2CAP_CMD_HDR_SIZE + dlen);
1196 lh->cid = __cpu_to_le16(0x0001); 1196 lh->cid = cpu_to_le16(0x0001);
1197 1197
1198 cmd = (struct l2cap_cmd_hdr *) skb_put(skb, L2CAP_CMD_HDR_SIZE); 1198 cmd = (struct l2cap_cmd_hdr *) skb_put(skb, L2CAP_CMD_HDR_SIZE);
1199 cmd->code = code; 1199 cmd->code = code;
1200 cmd->ident = ident; 1200 cmd->ident = ident;
1201 cmd->len = __cpu_to_le16(dlen); 1201 cmd->len = cpu_to_le16(dlen);
1202 1202
1203 if (dlen) { 1203 if (dlen) {
1204 count -= L2CAP_HDR_SIZE + L2CAP_CMD_HDR_SIZE; 1204 count -= L2CAP_HDR_SIZE + L2CAP_CMD_HDR_SIZE;
@@ -1316,11 +1316,11 @@ static void l2cap_add_conf_opt(void **ptr, u8 type, u8 len, unsigned long val)
1316 break; 1316 break;
1317 1317
1318 case 2: 1318 case 2:
1319 *((u16 *) opt->val) = __cpu_to_le16(val); 1319 *((u16 *) opt->val) = cpu_to_le16(val);
1320 break; 1320 break;
1321 1321
1322 case 4: 1322 case 4:
1323 *((u32 *) opt->val) = __cpu_to_le32(val); 1323 *((u32 *) opt->val) = cpu_to_le32(val);
1324 break; 1324 break;
1325 1325
1326 default: 1326 default:
@@ -1346,8 +1346,8 @@ static int l2cap_build_conf_req(struct sock *sk, void *data)
1346 //if (flush_to != L2CAP_DEFAULT_FLUSH_TO) 1346 //if (flush_to != L2CAP_DEFAULT_FLUSH_TO)
1347 // l2cap_add_conf_opt(&ptr, L2CAP_CONF_FLUSH_TO, 2, pi->flush_to); 1347 // l2cap_add_conf_opt(&ptr, L2CAP_CONF_FLUSH_TO, 2, pi->flush_to);
1348 1348
1349 req->dcid = __cpu_to_le16(pi->dcid); 1349 req->dcid = cpu_to_le16(pi->dcid);
1350 req->flags = __cpu_to_le16(0); 1350 req->flags = cpu_to_le16(0);
1351 1351
1352 return ptr - data; 1352 return ptr - data;
1353} 1353}
@@ -1383,9 +1383,9 @@ static int l2cap_build_conf_rsp(struct sock *sk, void *data, int *result)
1383 else 1383 else
1384 flags = 0x0001; 1384 flags = 0x0001;
1385 1385
1386 rsp->scid = __cpu_to_le16(l2cap_pi(sk)->dcid); 1386 rsp->scid = cpu_to_le16(l2cap_pi(sk)->dcid);
1387 rsp->result = __cpu_to_le16(result ? *result : 0); 1387 rsp->result = cpu_to_le16(result ? *result : 0);
1388 rsp->flags = __cpu_to_le16(flags); 1388 rsp->flags = cpu_to_le16(flags);
1389 1389
1390 return ptr - data; 1390 return ptr - data;
1391} 1391}
@@ -1470,10 +1470,10 @@ response:
1470 bh_unlock_sock(parent); 1470 bh_unlock_sock(parent);
1471 1471
1472sendresp: 1472sendresp:
1473 rsp.scid = __cpu_to_le16(scid); 1473 rsp.scid = cpu_to_le16(scid);
1474 rsp.dcid = __cpu_to_le16(dcid); 1474 rsp.dcid = cpu_to_le16(dcid);
1475 rsp.result = __cpu_to_le16(result); 1475 rsp.result = cpu_to_le16(result);
1476 rsp.status = __cpu_to_le16(status); 1476 rsp.status = cpu_to_le16(status);
1477 l2cap_send_cmd(conn, cmd->ident, L2CAP_CONN_RSP, sizeof(rsp), &rsp); 1477 l2cap_send_cmd(conn, cmd->ident, L2CAP_CONN_RSP, sizeof(rsp), &rsp);
1478 return 0; 1478 return 0;
1479} 1479}
@@ -1613,8 +1613,8 @@ static inline int l2cap_config_rsp(struct l2cap_conn *conn, struct l2cap_cmd_hdr
1613 l2cap_sock_set_timer(sk, HZ * 5); 1613 l2cap_sock_set_timer(sk, HZ * 5);
1614 { 1614 {
1615 struct l2cap_disconn_req req; 1615 struct l2cap_disconn_req req;
1616 req.dcid = __cpu_to_le16(l2cap_pi(sk)->dcid); 1616 req.dcid = cpu_to_le16(l2cap_pi(sk)->dcid);
1617 req.scid = __cpu_to_le16(l2cap_pi(sk)->scid); 1617 req.scid = cpu_to_le16(l2cap_pi(sk)->scid);
1618 l2cap_send_cmd(conn, l2cap_get_ident(conn), 1618 l2cap_send_cmd(conn, l2cap_get_ident(conn),
1619 L2CAP_DISCONN_REQ, sizeof(req), &req); 1619 L2CAP_DISCONN_REQ, sizeof(req), &req);
1620 } 1620 }
@@ -1652,8 +1652,8 @@ static inline int l2cap_disconnect_req(struct l2cap_conn *conn, struct l2cap_cmd
1652 if (!(sk = l2cap_get_chan_by_scid(&conn->chan_list, dcid))) 1652 if (!(sk = l2cap_get_chan_by_scid(&conn->chan_list, dcid)))
1653 return 0; 1653 return 0;
1654 1654
1655 rsp.dcid = __cpu_to_le16(l2cap_pi(sk)->scid); 1655 rsp.dcid = cpu_to_le16(l2cap_pi(sk)->scid);
1656 rsp.scid = __cpu_to_le16(l2cap_pi(sk)->dcid); 1656 rsp.scid = cpu_to_le16(l2cap_pi(sk)->dcid);
1657 l2cap_send_cmd(conn, cmd->ident, L2CAP_DISCONN_RSP, sizeof(rsp), &rsp); 1657 l2cap_send_cmd(conn, cmd->ident, L2CAP_DISCONN_RSP, sizeof(rsp), &rsp);
1658 1658
1659 sk->sk_shutdown = SHUTDOWN_MASK; 1659 sk->sk_shutdown = SHUTDOWN_MASK;
@@ -1696,8 +1696,8 @@ static inline int l2cap_information_req(struct l2cap_conn *conn, struct l2cap_cm
1696 1696
1697 BT_DBG("type 0x%4.4x", type); 1697 BT_DBG("type 0x%4.4x", type);
1698 1698
1699 rsp.type = __cpu_to_le16(type); 1699 rsp.type = cpu_to_le16(type);
1700 rsp.result = __cpu_to_le16(L2CAP_IR_NOTSUPP); 1700 rsp.result = cpu_to_le16(L2CAP_IR_NOTSUPP);
1701 l2cap_send_cmd(conn, cmd->ident, L2CAP_INFO_RSP, sizeof(rsp), &rsp); 1701 l2cap_send_cmd(conn, cmd->ident, L2CAP_INFO_RSP, sizeof(rsp), &rsp);
1702 1702
1703 return 0; 1703 return 0;
@@ -1794,7 +1794,7 @@ static inline void l2cap_sig_channel(struct l2cap_conn *conn, struct sk_buff *sk
1794 BT_DBG("error %d", err); 1794 BT_DBG("error %d", err);
1795 1795
1796 /* FIXME: Map err to a valid reason */ 1796 /* FIXME: Map err to a valid reason */
1797 rej.reason = __cpu_to_le16(0); 1797 rej.reason = cpu_to_le16(0);
1798 l2cap_send_cmd(conn, cmd.ident, L2CAP_COMMAND_REJ, sizeof(rej), &rej); 1798 l2cap_send_cmd(conn, cmd.ident, L2CAP_COMMAND_REJ, sizeof(rej), &rej);
1799 } 1799 }
1800 1800
@@ -1993,10 +1993,10 @@ static int l2cap_auth_cfm(struct hci_conn *hcon, u8 status)
1993 result = L2CAP_CR_SEC_BLOCK; 1993 result = L2CAP_CR_SEC_BLOCK;
1994 } 1994 }
1995 1995
1996 rsp.scid = __cpu_to_le16(l2cap_pi(sk)->dcid); 1996 rsp.scid = cpu_to_le16(l2cap_pi(sk)->dcid);
1997 rsp.dcid = __cpu_to_le16(l2cap_pi(sk)->scid); 1997 rsp.dcid = cpu_to_le16(l2cap_pi(sk)->scid);
1998 rsp.result = __cpu_to_le16(result); 1998 rsp.result = cpu_to_le16(result);
1999 rsp.status = __cpu_to_le16(0); 1999 rsp.status = cpu_to_le16(0);
2000 l2cap_send_cmd(conn, l2cap_pi(sk)->ident, 2000 l2cap_send_cmd(conn, l2cap_pi(sk)->ident,
2001 L2CAP_CONN_RSP, sizeof(rsp), &rsp); 2001 L2CAP_CONN_RSP, sizeof(rsp), &rsp);
2002 2002
@@ -2041,10 +2041,10 @@ static int l2cap_encrypt_cfm(struct hci_conn *hcon, u8 status)
2041 result = L2CAP_CR_SEC_BLOCK; 2041 result = L2CAP_CR_SEC_BLOCK;
2042 } 2042 }
2043 2043
2044 rsp.scid = __cpu_to_le16(l2cap_pi(sk)->dcid); 2044 rsp.scid = cpu_to_le16(l2cap_pi(sk)->dcid);
2045 rsp.dcid = __cpu_to_le16(l2cap_pi(sk)->scid); 2045 rsp.dcid = cpu_to_le16(l2cap_pi(sk)->scid);
2046 rsp.result = __cpu_to_le16(result); 2046 rsp.result = cpu_to_le16(result);
2047 rsp.status = __cpu_to_le16(0); 2047 rsp.status = cpu_to_le16(0);
2048 l2cap_send_cmd(conn, l2cap_pi(sk)->ident, 2048 l2cap_send_cmd(conn, l2cap_pi(sk)->ident,
2049 L2CAP_CONN_RSP, sizeof(rsp), &rsp); 2049 L2CAP_CONN_RSP, sizeof(rsp), &rsp);
2050 2050
@@ -2107,7 +2107,8 @@ static int l2cap_recv_acldata(struct hci_conn *hcon, struct sk_buff *skb, u16 fl
2107 if (!(conn->rx_skb = bt_skb_alloc(len, GFP_ATOMIC))) 2107 if (!(conn->rx_skb = bt_skb_alloc(len, GFP_ATOMIC)))
2108 goto drop; 2108 goto drop;
2109 2109
2110 memcpy(skb_put(conn->rx_skb, skb->len), skb->data, skb->len); 2110 skb_copy_from_linear_data(skb, skb_put(conn->rx_skb, skb->len),
2111 skb->len);
2111 conn->rx_len = len - skb->len; 2112 conn->rx_len = len - skb->len;
2112 } else { 2113 } else {
2113 BT_DBG("Cont: frag len %d (expecting %d)", skb->len, conn->rx_len); 2114 BT_DBG("Cont: frag len %d (expecting %d)", skb->len, conn->rx_len);
@@ -2128,7 +2129,8 @@ static int l2cap_recv_acldata(struct hci_conn *hcon, struct sk_buff *skb, u16 fl
2128 goto drop; 2129 goto drop;
2129 } 2130 }
2130 2131
2131 memcpy(skb_put(conn->rx_skb, skb->len), skb->data, skb->len); 2132 skb_copy_from_linear_data(skb, skb_put(conn->rx_skb, skb->len),
2133 skb->len);
2132 conn->rx_len -= skb->len; 2134 conn->rx_len -= skb->len;
2133 2135
2134 if (!conn->rx_len) { 2136 if (!conn->rx_len) {
diff --git a/net/bluetooth/rfcomm/core.c b/net/bluetooth/rfcomm/core.c
index 94f457360560..fe7df90eb707 100644
--- a/net/bluetooth/rfcomm/core.c
+++ b/net/bluetooth/rfcomm/core.c
@@ -1567,7 +1567,7 @@ static int rfcomm_recv_frame(struct rfcomm_session *s, struct sk_buff *skb)
1567 1567
1568 /* Trim FCS */ 1568 /* Trim FCS */
1569 skb->len--; skb->tail--; 1569 skb->len--; skb->tail--;
1570 fcs = *(u8 *) skb->tail; 1570 fcs = *(u8 *)skb_tail_pointer(skb);
1571 1571
1572 if (__check_fcs(skb->data, type, fcs)) { 1572 if (__check_fcs(skb->data, type, fcs)) {
1573 BT_ERR("bad checksum in packet"); 1573 BT_ERR("bad checksum in packet");
@@ -1851,18 +1851,18 @@ static void rfcomm_worker(void)
1851 BT_DBG(""); 1851 BT_DBG("");
1852 1852
1853 while (!atomic_read(&terminate)) { 1853 while (!atomic_read(&terminate)) {
1854 set_current_state(TASK_INTERRUPTIBLE);
1854 if (!test_bit(RFCOMM_SCHED_WAKEUP, &rfcomm_event)) { 1855 if (!test_bit(RFCOMM_SCHED_WAKEUP, &rfcomm_event)) {
1855 /* No pending events. Let's sleep. 1856 /* No pending events. Let's sleep.
1856 * Incoming connections and data will wake us up. */ 1857 * Incoming connections and data will wake us up. */
1857 set_current_state(TASK_INTERRUPTIBLE);
1858 schedule(); 1858 schedule();
1859 } 1859 }
1860 set_current_state(TASK_RUNNING);
1860 1861
1861 /* Process stuff */ 1862 /* Process stuff */
1862 clear_bit(RFCOMM_SCHED_WAKEUP, &rfcomm_event); 1863 clear_bit(RFCOMM_SCHED_WAKEUP, &rfcomm_event);
1863 rfcomm_process_sessions(); 1864 rfcomm_process_sessions();
1864 } 1865 }
1865 set_current_state(TASK_RUNNING);
1866 return; 1866 return;
1867} 1867}
1868 1868
diff --git a/net/bluetooth/sco.c b/net/bluetooth/sco.c
index ae4391440950..3f5163e725ed 100644
--- a/net/bluetooth/sco.c
+++ b/net/bluetooth/sco.c
@@ -393,7 +393,7 @@ static void sco_sock_close(struct sock *sk)
393 default: 393 default:
394 sock_set_flag(sk, SOCK_ZAPPED); 394 sock_set_flag(sk, SOCK_ZAPPED);
395 break; 395 break;
396 }; 396 }
397 397
398 release_sock(sk); 398 release_sock(sk);
399 399
generated by cgit v1.2.2 (git 2.25.0) at 2025-01-10 16:04:49 -0500