diff options
Diffstat (limited to 'net/bluetooth')
-rw-r--r-- | net/bluetooth/Kconfig | 1 | ||||
-rw-r--r-- | net/bluetooth/af_bluetooth.c | 4 | ||||
-rw-r--r-- | net/bluetooth/bnep/core.c | 5 | ||||
-rw-r--r-- | net/bluetooth/bnep/netdev.c | 9 | ||||
-rw-r--r-- | net/bluetooth/hci_conn.c | 17 | ||||
-rw-r--r-- | net/bluetooth/hci_core.c | 2 | ||||
-rw-r--r-- | net/bluetooth/hci_event.c | 2 | ||||
-rw-r--r-- | net/bluetooth/hidp/core.c | 66 | ||||
-rw-r--r-- | net/bluetooth/hidp/hidp.h | 2 | ||||
-rw-r--r-- | net/bluetooth/l2cap.c | 1357 | ||||
-rw-r--r-- | net/bluetooth/rfcomm/core.c | 69 | ||||
-rw-r--r-- | net/bluetooth/sco.c | 49 |
12 files changed, 1431 insertions, 152 deletions
diff --git a/net/bluetooth/Kconfig b/net/bluetooth/Kconfig index 59fdb1d2e8ed..ed371684c133 100644 --- a/net/bluetooth/Kconfig +++ b/net/bluetooth/Kconfig | |||
@@ -34,6 +34,7 @@ menuconfig BT | |||
34 | config BT_L2CAP | 34 | config BT_L2CAP |
35 | tristate "L2CAP protocol support" | 35 | tristate "L2CAP protocol support" |
36 | depends on BT | 36 | depends on BT |
37 | select CRC16 | ||
37 | help | 38 | help |
38 | L2CAP (Logical Link Control and Adaptation Protocol) provides | 39 | L2CAP (Logical Link Control and Adaptation Protocol) provides |
39 | connection oriented and connection-less data transport. L2CAP | 40 | connection oriented and connection-less data transport. L2CAP |
diff --git a/net/bluetooth/af_bluetooth.c b/net/bluetooth/af_bluetooth.c index 0250e0600150..8cfb5a849841 100644 --- a/net/bluetooth/af_bluetooth.c +++ b/net/bluetooth/af_bluetooth.c | |||
@@ -49,7 +49,7 @@ static struct net_proto_family *bt_proto[BT_MAX_PROTO]; | |||
49 | static DEFINE_RWLOCK(bt_proto_lock); | 49 | static DEFINE_RWLOCK(bt_proto_lock); |
50 | 50 | ||
51 | static struct lock_class_key bt_lock_key[BT_MAX_PROTO]; | 51 | static struct lock_class_key bt_lock_key[BT_MAX_PROTO]; |
52 | static const char *bt_key_strings[BT_MAX_PROTO] = { | 52 | static const char *const bt_key_strings[BT_MAX_PROTO] = { |
53 | "sk_lock-AF_BLUETOOTH-BTPROTO_L2CAP", | 53 | "sk_lock-AF_BLUETOOTH-BTPROTO_L2CAP", |
54 | "sk_lock-AF_BLUETOOTH-BTPROTO_HCI", | 54 | "sk_lock-AF_BLUETOOTH-BTPROTO_HCI", |
55 | "sk_lock-AF_BLUETOOTH-BTPROTO_SCO", | 55 | "sk_lock-AF_BLUETOOTH-BTPROTO_SCO", |
@@ -61,7 +61,7 @@ static const char *bt_key_strings[BT_MAX_PROTO] = { | |||
61 | }; | 61 | }; |
62 | 62 | ||
63 | static struct lock_class_key bt_slock_key[BT_MAX_PROTO]; | 63 | static struct lock_class_key bt_slock_key[BT_MAX_PROTO]; |
64 | static const char *bt_slock_key_strings[BT_MAX_PROTO] = { | 64 | static const char *const bt_slock_key_strings[BT_MAX_PROTO] = { |
65 | "slock-AF_BLUETOOTH-BTPROTO_L2CAP", | 65 | "slock-AF_BLUETOOTH-BTPROTO_L2CAP", |
66 | "slock-AF_BLUETOOTH-BTPROTO_HCI", | 66 | "slock-AF_BLUETOOTH-BTPROTO_HCI", |
67 | "slock-AF_BLUETOOTH-BTPROTO_SCO", | 67 | "slock-AF_BLUETOOTH-BTPROTO_SCO", |
diff --git a/net/bluetooth/bnep/core.c b/net/bluetooth/bnep/core.c index 52a6ce0d772b..cafe9f54d841 100644 --- a/net/bluetooth/bnep/core.c +++ b/net/bluetooth/bnep/core.c | |||
@@ -533,6 +533,10 @@ static struct device *bnep_get_device(struct bnep_session *session) | |||
533 | return conn ? &conn->dev : NULL; | 533 | return conn ? &conn->dev : NULL; |
534 | } | 534 | } |
535 | 535 | ||
536 | static struct device_type bnep_type = { | ||
537 | .name = "bluetooth", | ||
538 | }; | ||
539 | |||
536 | int bnep_add_connection(struct bnep_connadd_req *req, struct socket *sock) | 540 | int bnep_add_connection(struct bnep_connadd_req *req, struct socket *sock) |
537 | { | 541 | { |
538 | struct net_device *dev; | 542 | struct net_device *dev; |
@@ -586,6 +590,7 @@ int bnep_add_connection(struct bnep_connadd_req *req, struct socket *sock) | |||
586 | #endif | 590 | #endif |
587 | 591 | ||
588 | SET_NETDEV_DEV(dev, bnep_get_device(s)); | 592 | SET_NETDEV_DEV(dev, bnep_get_device(s)); |
593 | SET_NETDEV_DEVTYPE(dev, &bnep_type); | ||
589 | 594 | ||
590 | err = register_netdev(dev); | 595 | err = register_netdev(dev); |
591 | if (err) { | 596 | if (err) { |
diff --git a/net/bluetooth/bnep/netdev.c b/net/bluetooth/bnep/netdev.c index d7a0e9722def..26fb831ef7e0 100644 --- a/net/bluetooth/bnep/netdev.c +++ b/net/bluetooth/bnep/netdev.c | |||
@@ -165,7 +165,8 @@ static inline int bnep_net_proto_filter(struct sk_buff *skb, struct bnep_session | |||
165 | } | 165 | } |
166 | #endif | 166 | #endif |
167 | 167 | ||
168 | static int bnep_net_xmit(struct sk_buff *skb, struct net_device *dev) | 168 | static netdev_tx_t bnep_net_xmit(struct sk_buff *skb, |
169 | struct net_device *dev) | ||
169 | { | 170 | { |
170 | struct bnep_session *s = netdev_priv(dev); | 171 | struct bnep_session *s = netdev_priv(dev); |
171 | struct sock *sk = s->sock->sk; | 172 | struct sock *sk = s->sock->sk; |
@@ -175,14 +176,14 @@ static int bnep_net_xmit(struct sk_buff *skb, struct net_device *dev) | |||
175 | #ifdef CONFIG_BT_BNEP_MC_FILTER | 176 | #ifdef CONFIG_BT_BNEP_MC_FILTER |
176 | if (bnep_net_mc_filter(skb, s)) { | 177 | if (bnep_net_mc_filter(skb, s)) { |
177 | kfree_skb(skb); | 178 | kfree_skb(skb); |
178 | return 0; | 179 | return NETDEV_TX_OK; |
179 | } | 180 | } |
180 | #endif | 181 | #endif |
181 | 182 | ||
182 | #ifdef CONFIG_BT_BNEP_PROTO_FILTER | 183 | #ifdef CONFIG_BT_BNEP_PROTO_FILTER |
183 | if (bnep_net_proto_filter(skb, s)) { | 184 | if (bnep_net_proto_filter(skb, s)) { |
184 | kfree_skb(skb); | 185 | kfree_skb(skb); |
185 | return 0; | 186 | return NETDEV_TX_OK; |
186 | } | 187 | } |
187 | #endif | 188 | #endif |
188 | 189 | ||
@@ -203,7 +204,7 @@ static int bnep_net_xmit(struct sk_buff *skb, struct net_device *dev) | |||
203 | netif_stop_queue(dev); | 204 | netif_stop_queue(dev); |
204 | } | 205 | } |
205 | 206 | ||
206 | return 0; | 207 | return NETDEV_TX_OK; |
207 | } | 208 | } |
208 | 209 | ||
209 | static const struct net_device_ops bnep_netdev_ops = { | 210 | static const struct net_device_ops bnep_netdev_ops = { |
diff --git a/net/bluetooth/hci_conn.c b/net/bluetooth/hci_conn.c index fa47d5d84f5c..a9750984f772 100644 --- a/net/bluetooth/hci_conn.c +++ b/net/bluetooth/hci_conn.c | |||
@@ -246,6 +246,8 @@ struct hci_conn *hci_conn_add(struct hci_dev *hdev, int type, bdaddr_t *dst) | |||
246 | if (hdev->notify) | 246 | if (hdev->notify) |
247 | hdev->notify(hdev, HCI_NOTIFY_CONN_ADD); | 247 | hdev->notify(hdev, HCI_NOTIFY_CONN_ADD); |
248 | 248 | ||
249 | atomic_set(&conn->devref, 0); | ||
250 | |||
249 | hci_conn_init_sysfs(conn); | 251 | hci_conn_init_sysfs(conn); |
250 | 252 | ||
251 | tasklet_enable(&hdev->tx_task); | 253 | tasklet_enable(&hdev->tx_task); |
@@ -288,7 +290,7 @@ int hci_conn_del(struct hci_conn *conn) | |||
288 | 290 | ||
289 | skb_queue_purge(&conn->data_q); | 291 | skb_queue_purge(&conn->data_q); |
290 | 292 | ||
291 | hci_conn_del_sysfs(conn); | 293 | hci_conn_put_device(conn); |
292 | 294 | ||
293 | hci_dev_put(hdev); | 295 | hci_dev_put(hdev); |
294 | 296 | ||
@@ -583,6 +585,19 @@ void hci_conn_check_pending(struct hci_dev *hdev) | |||
583 | hci_dev_unlock(hdev); | 585 | hci_dev_unlock(hdev); |
584 | } | 586 | } |
585 | 587 | ||
588 | void hci_conn_hold_device(struct hci_conn *conn) | ||
589 | { | ||
590 | atomic_inc(&conn->devref); | ||
591 | } | ||
592 | EXPORT_SYMBOL(hci_conn_hold_device); | ||
593 | |||
594 | void hci_conn_put_device(struct hci_conn *conn) | ||
595 | { | ||
596 | if (atomic_dec_and_test(&conn->devref)) | ||
597 | hci_conn_del_sysfs(conn); | ||
598 | } | ||
599 | EXPORT_SYMBOL(hci_conn_put_device); | ||
600 | |||
586 | int hci_get_conn_list(void __user *arg) | 601 | int hci_get_conn_list(void __user *arg) |
587 | { | 602 | { |
588 | struct hci_conn_list_req req, *cl; | 603 | struct hci_conn_list_req req, *cl; |
diff --git a/net/bluetooth/hci_core.c b/net/bluetooth/hci_core.c index 406ad07cdea1..e1da8f68759c 100644 --- a/net/bluetooth/hci_core.c +++ b/net/bluetooth/hci_core.c | |||
@@ -911,7 +911,7 @@ int hci_register_dev(struct hci_dev *hdev) | |||
911 | hdev->reassembly[i] = NULL; | 911 | hdev->reassembly[i] = NULL; |
912 | 912 | ||
913 | init_waitqueue_head(&hdev->req_wait_q); | 913 | init_waitqueue_head(&hdev->req_wait_q); |
914 | init_MUTEX(&hdev->req_lock); | 914 | mutex_init(&hdev->req_lock); |
915 | 915 | ||
916 | inquiry_cache_init(hdev); | 916 | inquiry_cache_init(hdev); |
917 | 917 | ||
diff --git a/net/bluetooth/hci_event.c b/net/bluetooth/hci_event.c index 184ba0a88ec0..e99fe385fba2 100644 --- a/net/bluetooth/hci_event.c +++ b/net/bluetooth/hci_event.c | |||
@@ -887,6 +887,7 @@ static inline void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *s | |||
887 | } else | 887 | } else |
888 | conn->state = BT_CONNECTED; | 888 | conn->state = BT_CONNECTED; |
889 | 889 | ||
890 | hci_conn_hold_device(conn); | ||
890 | hci_conn_add_sysfs(conn); | 891 | hci_conn_add_sysfs(conn); |
891 | 892 | ||
892 | if (test_bit(HCI_AUTH, &hdev->flags)) | 893 | if (test_bit(HCI_AUTH, &hdev->flags)) |
@@ -1693,6 +1694,7 @@ static inline void hci_sync_conn_complete_evt(struct hci_dev *hdev, struct sk_bu | |||
1693 | conn->handle = __le16_to_cpu(ev->handle); | 1694 | conn->handle = __le16_to_cpu(ev->handle); |
1694 | conn->state = BT_CONNECTED; | 1695 | conn->state = BT_CONNECTED; |
1695 | 1696 | ||
1697 | hci_conn_hold_device(conn); | ||
1696 | hci_conn_add_sysfs(conn); | 1698 | hci_conn_add_sysfs(conn); |
1697 | break; | 1699 | break; |
1698 | 1700 | ||
diff --git a/net/bluetooth/hidp/core.c b/net/bluetooth/hidp/core.c index b18676870d55..09bedeb5579c 100644 --- a/net/bluetooth/hidp/core.c +++ b/net/bluetooth/hidp/core.c | |||
@@ -40,6 +40,7 @@ | |||
40 | 40 | ||
41 | #include <linux/input.h> | 41 | #include <linux/input.h> |
42 | #include <linux/hid.h> | 42 | #include <linux/hid.h> |
43 | #include <linux/hidraw.h> | ||
43 | 44 | ||
44 | #include <net/bluetooth/bluetooth.h> | 45 | #include <net/bluetooth/bluetooth.h> |
45 | #include <net/bluetooth/hci_core.h> | 46 | #include <net/bluetooth/hci_core.h> |
@@ -92,10 +93,14 @@ static void __hidp_link_session(struct hidp_session *session) | |||
92 | { | 93 | { |
93 | __module_get(THIS_MODULE); | 94 | __module_get(THIS_MODULE); |
94 | list_add(&session->list, &hidp_session_list); | 95 | list_add(&session->list, &hidp_session_list); |
96 | |||
97 | hci_conn_hold_device(session->conn); | ||
95 | } | 98 | } |
96 | 99 | ||
97 | static void __hidp_unlink_session(struct hidp_session *session) | 100 | static void __hidp_unlink_session(struct hidp_session *session) |
98 | { | 101 | { |
102 | hci_conn_put_device(session->conn); | ||
103 | |||
99 | list_del(&session->list); | 104 | list_del(&session->list); |
100 | module_put(THIS_MODULE); | 105 | module_put(THIS_MODULE); |
101 | } | 106 | } |
@@ -374,6 +379,7 @@ static void hidp_process_hid_control(struct hidp_session *session, | |||
374 | 379 | ||
375 | /* Kill session thread */ | 380 | /* Kill session thread */ |
376 | atomic_inc(&session->terminate); | 381 | atomic_inc(&session->terminate); |
382 | hidp_schedule(session); | ||
377 | } | 383 | } |
378 | } | 384 | } |
379 | 385 | ||
@@ -573,7 +579,11 @@ static int hidp_session(void *arg) | |||
573 | if (session->hid) { | 579 | if (session->hid) { |
574 | if (session->hid->claimed & HID_CLAIMED_INPUT) | 580 | if (session->hid->claimed & HID_CLAIMED_INPUT) |
575 | hidinput_disconnect(session->hid); | 581 | hidinput_disconnect(session->hid); |
582 | if (session->hid->claimed & HID_CLAIMED_HIDRAW) | ||
583 | hidraw_disconnect(session->hid); | ||
584 | |||
576 | hid_destroy_device(session->hid); | 585 | hid_destroy_device(session->hid); |
586 | session->hid = NULL; | ||
577 | } | 587 | } |
578 | 588 | ||
579 | /* Wakeup user-space polling for socket errors */ | 589 | /* Wakeup user-space polling for socket errors */ |
@@ -601,25 +611,27 @@ static struct device *hidp_get_device(struct hidp_session *session) | |||
601 | { | 611 | { |
602 | bdaddr_t *src = &bt_sk(session->ctrl_sock->sk)->src; | 612 | bdaddr_t *src = &bt_sk(session->ctrl_sock->sk)->src; |
603 | bdaddr_t *dst = &bt_sk(session->ctrl_sock->sk)->dst; | 613 | bdaddr_t *dst = &bt_sk(session->ctrl_sock->sk)->dst; |
614 | struct device *device = NULL; | ||
604 | struct hci_dev *hdev; | 615 | struct hci_dev *hdev; |
605 | struct hci_conn *conn; | ||
606 | 616 | ||
607 | hdev = hci_get_route(dst, src); | 617 | hdev = hci_get_route(dst, src); |
608 | if (!hdev) | 618 | if (!hdev) |
609 | return NULL; | 619 | return NULL; |
610 | 620 | ||
611 | conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, dst); | 621 | session->conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, dst); |
622 | if (session->conn) | ||
623 | device = &session->conn->dev; | ||
612 | 624 | ||
613 | hci_dev_put(hdev); | 625 | hci_dev_put(hdev); |
614 | 626 | ||
615 | return conn ? &conn->dev : NULL; | 627 | return device; |
616 | } | 628 | } |
617 | 629 | ||
618 | static int hidp_setup_input(struct hidp_session *session, | 630 | static int hidp_setup_input(struct hidp_session *session, |
619 | struct hidp_connadd_req *req) | 631 | struct hidp_connadd_req *req) |
620 | { | 632 | { |
621 | struct input_dev *input; | 633 | struct input_dev *input; |
622 | int i; | 634 | int err, i; |
623 | 635 | ||
624 | input = input_allocate_device(); | 636 | input = input_allocate_device(); |
625 | if (!input) | 637 | if (!input) |
@@ -666,7 +678,13 @@ static int hidp_setup_input(struct hidp_session *session, | |||
666 | 678 | ||
667 | input->event = hidp_input_event; | 679 | input->event = hidp_input_event; |
668 | 680 | ||
669 | return input_register_device(input); | 681 | err = input_register_device(input); |
682 | if (err < 0) { | ||
683 | hci_conn_put_device(session->conn); | ||
684 | return err; | ||
685 | } | ||
686 | |||
687 | return 0; | ||
670 | } | 688 | } |
671 | 689 | ||
672 | static int hidp_open(struct hid_device *hid) | 690 | static int hidp_open(struct hid_device *hid) |
@@ -748,13 +766,11 @@ static int hidp_setup_hid(struct hidp_session *session, | |||
748 | { | 766 | { |
749 | struct hid_device *hid; | 767 | struct hid_device *hid; |
750 | bdaddr_t src, dst; | 768 | bdaddr_t src, dst; |
751 | int ret; | 769 | int err; |
752 | 770 | ||
753 | hid = hid_allocate_device(); | 771 | hid = hid_allocate_device(); |
754 | if (IS_ERR(hid)) { | 772 | if (IS_ERR(hid)) |
755 | ret = PTR_ERR(session->hid); | 773 | return PTR_ERR(session->hid); |
756 | goto err; | ||
757 | } | ||
758 | 774 | ||
759 | session->hid = hid; | 775 | session->hid = hid; |
760 | session->req = req; | 776 | session->req = req; |
@@ -776,16 +792,17 @@ static int hidp_setup_hid(struct hidp_session *session, | |||
776 | hid->dev.parent = hidp_get_device(session); | 792 | hid->dev.parent = hidp_get_device(session); |
777 | hid->ll_driver = &hidp_hid_driver; | 793 | hid->ll_driver = &hidp_hid_driver; |
778 | 794 | ||
779 | ret = hid_add_device(hid); | 795 | err = hid_add_device(hid); |
780 | if (ret) | 796 | if (err < 0) |
781 | goto err_hid; | 797 | goto failed; |
782 | 798 | ||
783 | return 0; | 799 | return 0; |
784 | err_hid: | 800 | |
801 | failed: | ||
785 | hid_destroy_device(hid); | 802 | hid_destroy_device(hid); |
786 | session->hid = NULL; | 803 | session->hid = NULL; |
787 | err: | 804 | |
788 | return ret; | 805 | return err; |
789 | } | 806 | } |
790 | 807 | ||
791 | int hidp_add_connection(struct hidp_connadd_req *req, struct socket *ctrl_sock, struct socket *intr_sock) | 808 | int hidp_add_connection(struct hidp_connadd_req *req, struct socket *ctrl_sock, struct socket *intr_sock) |
@@ -835,13 +852,13 @@ int hidp_add_connection(struct hidp_connadd_req *req, struct socket *ctrl_sock, | |||
835 | if (req->rd_size > 0) { | 852 | if (req->rd_size > 0) { |
836 | err = hidp_setup_hid(session, req); | 853 | err = hidp_setup_hid(session, req); |
837 | if (err && err != -ENODEV) | 854 | if (err && err != -ENODEV) |
838 | goto err_skb; | 855 | goto purge; |
839 | } | 856 | } |
840 | 857 | ||
841 | if (!session->hid) { | 858 | if (!session->hid) { |
842 | err = hidp_setup_input(session, req); | 859 | err = hidp_setup_input(session, req); |
843 | if (err < 0) | 860 | if (err < 0) |
844 | goto err_skb; | 861 | goto purge; |
845 | } | 862 | } |
846 | 863 | ||
847 | __hidp_link_session(session); | 864 | __hidp_link_session(session); |
@@ -869,13 +886,20 @@ unlink: | |||
869 | 886 | ||
870 | __hidp_unlink_session(session); | 887 | __hidp_unlink_session(session); |
871 | 888 | ||
872 | if (session->input) | 889 | if (session->input) { |
873 | input_unregister_device(session->input); | 890 | input_unregister_device(session->input); |
874 | if (session->hid) | 891 | session->input = NULL; |
892 | } | ||
893 | |||
894 | if (session->hid) { | ||
875 | hid_destroy_device(session->hid); | 895 | hid_destroy_device(session->hid); |
876 | err_skb: | 896 | session->hid = NULL; |
897 | } | ||
898 | |||
899 | purge: | ||
877 | skb_queue_purge(&session->ctrl_transmit); | 900 | skb_queue_purge(&session->ctrl_transmit); |
878 | skb_queue_purge(&session->intr_transmit); | 901 | skb_queue_purge(&session->intr_transmit); |
902 | |||
879 | failed: | 903 | failed: |
880 | up_write(&hidp_session_sem); | 904 | up_write(&hidp_session_sem); |
881 | 905 | ||
diff --git a/net/bluetooth/hidp/hidp.h b/net/bluetooth/hidp/hidp.h index e503c89057ad..faf3d74c3586 100644 --- a/net/bluetooth/hidp/hidp.h +++ b/net/bluetooth/hidp/hidp.h | |||
@@ -126,6 +126,8 @@ int hidp_get_conninfo(struct hidp_conninfo *ci); | |||
126 | struct hidp_session { | 126 | struct hidp_session { |
127 | struct list_head list; | 127 | struct list_head list; |
128 | 128 | ||
129 | struct hci_conn *conn; | ||
130 | |||
129 | struct socket *ctrl_sock; | 131 | struct socket *ctrl_sock; |
130 | struct socket *intr_sock; | 132 | struct socket *intr_sock; |
131 | 133 | ||
diff --git a/net/bluetooth/l2cap.c b/net/bluetooth/l2cap.c index bd0a4c1bced0..b03012564647 100644 --- a/net/bluetooth/l2cap.c +++ b/net/bluetooth/l2cap.c | |||
@@ -41,6 +41,7 @@ | |||
41 | #include <linux/list.h> | 41 | #include <linux/list.h> |
42 | #include <linux/device.h> | 42 | #include <linux/device.h> |
43 | #include <linux/uaccess.h> | 43 | #include <linux/uaccess.h> |
44 | #include <linux/crc16.h> | ||
44 | #include <net/sock.h> | 45 | #include <net/sock.h> |
45 | 46 | ||
46 | #include <asm/system.h> | 47 | #include <asm/system.h> |
@@ -50,7 +51,9 @@ | |||
50 | #include <net/bluetooth/hci_core.h> | 51 | #include <net/bluetooth/hci_core.h> |
51 | #include <net/bluetooth/l2cap.h> | 52 | #include <net/bluetooth/l2cap.h> |
52 | 53 | ||
53 | #define VERSION "2.13" | 54 | #define VERSION "2.14" |
55 | |||
56 | static int enable_ertm = 0; | ||
54 | 57 | ||
55 | static u32 l2cap_feat_mask = L2CAP_FEAT_FIXED_CHAN; | 58 | static u32 l2cap_feat_mask = L2CAP_FEAT_FIXED_CHAN; |
56 | static u8 l2cap_fixed_chan[8] = { 0x02, }; | 59 | static u8 l2cap_fixed_chan[8] = { 0x02, }; |
@@ -331,6 +334,48 @@ static inline int l2cap_send_cmd(struct l2cap_conn *conn, u8 ident, u8 code, u16 | |||
331 | return hci_send_acl(conn->hcon, skb, 0); | 334 | return hci_send_acl(conn->hcon, skb, 0); |
332 | } | 335 | } |
333 | 336 | ||
337 | static inline int l2cap_send_sframe(struct l2cap_pinfo *pi, u16 control) | ||
338 | { | ||
339 | struct sk_buff *skb; | ||
340 | struct l2cap_hdr *lh; | ||
341 | struct l2cap_conn *conn = pi->conn; | ||
342 | int count, hlen = L2CAP_HDR_SIZE + 2; | ||
343 | |||
344 | if (pi->fcs == L2CAP_FCS_CRC16) | ||
345 | hlen += 2; | ||
346 | |||
347 | BT_DBG("pi %p, control 0x%2.2x", pi, control); | ||
348 | |||
349 | count = min_t(unsigned int, conn->mtu, hlen); | ||
350 | control |= L2CAP_CTRL_FRAME_TYPE; | ||
351 | |||
352 | skb = bt_skb_alloc(count, GFP_ATOMIC); | ||
353 | if (!skb) | ||
354 | return -ENOMEM; | ||
355 | |||
356 | lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE); | ||
357 | lh->len = cpu_to_le16(hlen - L2CAP_HDR_SIZE); | ||
358 | lh->cid = cpu_to_le16(pi->dcid); | ||
359 | put_unaligned_le16(control, skb_put(skb, 2)); | ||
360 | |||
361 | if (pi->fcs == L2CAP_FCS_CRC16) { | ||
362 | u16 fcs = crc16(0, (u8 *)lh, count - 2); | ||
363 | put_unaligned_le16(fcs, skb_put(skb, 2)); | ||
364 | } | ||
365 | |||
366 | return hci_send_acl(pi->conn->hcon, skb, 0); | ||
367 | } | ||
368 | |||
369 | static inline int l2cap_send_rr_or_rnr(struct l2cap_pinfo *pi, u16 control) | ||
370 | { | ||
371 | if (pi->conn_state & L2CAP_CONN_LOCAL_BUSY) | ||
372 | control |= L2CAP_SUPER_RCV_NOT_READY; | ||
373 | else | ||
374 | control |= L2CAP_SUPER_RCV_READY; | ||
375 | |||
376 | return l2cap_send_sframe(pi, control); | ||
377 | } | ||
378 | |||
334 | static void l2cap_do_start(struct sock *sk) | 379 | static void l2cap_do_start(struct sock *sk) |
335 | { | 380 | { |
336 | struct l2cap_conn *conn = l2cap_pi(sk)->conn; | 381 | struct l2cap_conn *conn = l2cap_pi(sk)->conn; |
@@ -364,6 +409,16 @@ static void l2cap_do_start(struct sock *sk) | |||
364 | } | 409 | } |
365 | } | 410 | } |
366 | 411 | ||
412 | static void l2cap_send_disconn_req(struct l2cap_conn *conn, struct sock *sk) | ||
413 | { | ||
414 | struct l2cap_disconn_req req; | ||
415 | |||
416 | req.dcid = cpu_to_le16(l2cap_pi(sk)->dcid); | ||
417 | req.scid = cpu_to_le16(l2cap_pi(sk)->scid); | ||
418 | l2cap_send_cmd(conn, l2cap_get_ident(conn), | ||
419 | L2CAP_DISCONN_REQ, sizeof(req), &req); | ||
420 | } | ||
421 | |||
367 | /* ---- L2CAP connections ---- */ | 422 | /* ---- L2CAP connections ---- */ |
368 | static void l2cap_conn_start(struct l2cap_conn *conn) | 423 | static void l2cap_conn_start(struct l2cap_conn *conn) |
369 | { | 424 | { |
@@ -648,15 +703,10 @@ static void __l2cap_sock_close(struct sock *sk, int reason) | |||
648 | case BT_CONFIG: | 703 | case BT_CONFIG: |
649 | if (sk->sk_type == SOCK_SEQPACKET) { | 704 | if (sk->sk_type == SOCK_SEQPACKET) { |
650 | struct l2cap_conn *conn = l2cap_pi(sk)->conn; | 705 | struct l2cap_conn *conn = l2cap_pi(sk)->conn; |
651 | struct l2cap_disconn_req req; | ||
652 | 706 | ||
653 | sk->sk_state = BT_DISCONN; | 707 | sk->sk_state = BT_DISCONN; |
654 | l2cap_sock_set_timer(sk, sk->sk_sndtimeo); | 708 | l2cap_sock_set_timer(sk, sk->sk_sndtimeo); |
655 | 709 | l2cap_send_disconn_req(conn, sk); | |
656 | req.dcid = cpu_to_le16(l2cap_pi(sk)->dcid); | ||
657 | req.scid = cpu_to_le16(l2cap_pi(sk)->scid); | ||
658 | l2cap_send_cmd(conn, l2cap_get_ident(conn), | ||
659 | L2CAP_DISCONN_REQ, sizeof(req), &req); | ||
660 | } else | 710 | } else |
661 | l2cap_chan_del(sk, reason); | 711 | l2cap_chan_del(sk, reason); |
662 | break; | 712 | break; |
@@ -715,12 +765,16 @@ static void l2cap_sock_init(struct sock *sk, struct sock *parent) | |||
715 | 765 | ||
716 | pi->imtu = l2cap_pi(parent)->imtu; | 766 | pi->imtu = l2cap_pi(parent)->imtu; |
717 | pi->omtu = l2cap_pi(parent)->omtu; | 767 | pi->omtu = l2cap_pi(parent)->omtu; |
768 | pi->mode = l2cap_pi(parent)->mode; | ||
769 | pi->fcs = l2cap_pi(parent)->fcs; | ||
718 | pi->sec_level = l2cap_pi(parent)->sec_level; | 770 | pi->sec_level = l2cap_pi(parent)->sec_level; |
719 | pi->role_switch = l2cap_pi(parent)->role_switch; | 771 | pi->role_switch = l2cap_pi(parent)->role_switch; |
720 | pi->force_reliable = l2cap_pi(parent)->force_reliable; | 772 | pi->force_reliable = l2cap_pi(parent)->force_reliable; |
721 | } else { | 773 | } else { |
722 | pi->imtu = L2CAP_DEFAULT_MTU; | 774 | pi->imtu = L2CAP_DEFAULT_MTU; |
723 | pi->omtu = 0; | 775 | pi->omtu = 0; |
776 | pi->mode = L2CAP_MODE_BASIC; | ||
777 | pi->fcs = L2CAP_FCS_CRC16; | ||
724 | pi->sec_level = BT_SECURITY_LOW; | 778 | pi->sec_level = BT_SECURITY_LOW; |
725 | pi->role_switch = 0; | 779 | pi->role_switch = 0; |
726 | pi->force_reliable = 0; | 780 | pi->force_reliable = 0; |
@@ -956,6 +1010,19 @@ static int l2cap_sock_connect(struct socket *sock, struct sockaddr *addr, int al | |||
956 | goto done; | 1010 | goto done; |
957 | } | 1011 | } |
958 | 1012 | ||
1013 | switch (l2cap_pi(sk)->mode) { | ||
1014 | case L2CAP_MODE_BASIC: | ||
1015 | break; | ||
1016 | case L2CAP_MODE_ERTM: | ||
1017 | case L2CAP_MODE_STREAMING: | ||
1018 | if (enable_ertm) | ||
1019 | break; | ||
1020 | /* fall through */ | ||
1021 | default: | ||
1022 | err = -ENOTSUPP; | ||
1023 | goto done; | ||
1024 | } | ||
1025 | |||
959 | switch (sk->sk_state) { | 1026 | switch (sk->sk_state) { |
960 | case BT_CONNECT: | 1027 | case BT_CONNECT: |
961 | case BT_CONNECT2: | 1028 | case BT_CONNECT2: |
@@ -1007,6 +1074,19 @@ static int l2cap_sock_listen(struct socket *sock, int backlog) | |||
1007 | goto done; | 1074 | goto done; |
1008 | } | 1075 | } |
1009 | 1076 | ||
1077 | switch (l2cap_pi(sk)->mode) { | ||
1078 | case L2CAP_MODE_BASIC: | ||
1079 | break; | ||
1080 | case L2CAP_MODE_ERTM: | ||
1081 | case L2CAP_MODE_STREAMING: | ||
1082 | if (enable_ertm) | ||
1083 | break; | ||
1084 | /* fall through */ | ||
1085 | default: | ||
1086 | err = -ENOTSUPP; | ||
1087 | goto done; | ||
1088 | } | ||
1089 | |||
1010 | if (!l2cap_pi(sk)->psm) { | 1090 | if (!l2cap_pi(sk)->psm) { |
1011 | bdaddr_t *src = &bt_sk(sk)->src; | 1091 | bdaddr_t *src = &bt_sk(sk)->src; |
1012 | u16 psm; | 1092 | u16 psm; |
@@ -1117,39 +1197,219 @@ static int l2cap_sock_getname(struct socket *sock, struct sockaddr *addr, int *l | |||
1117 | return 0; | 1197 | return 0; |
1118 | } | 1198 | } |
1119 | 1199 | ||
1120 | static inline int l2cap_do_send(struct sock *sk, struct msghdr *msg, int len) | 1200 | static void l2cap_monitor_timeout(unsigned long arg) |
1121 | { | 1201 | { |
1122 | struct l2cap_conn *conn = l2cap_pi(sk)->conn; | 1202 | struct sock *sk = (void *) arg; |
1123 | struct sk_buff *skb, **frag; | 1203 | u16 control; |
1124 | int err, hlen, count, sent = 0; | ||
1125 | struct l2cap_hdr *lh; | ||
1126 | 1204 | ||
1127 | BT_DBG("sk %p len %d", sk, len); | 1205 | bh_lock_sock(sk); |
1206 | if (l2cap_pi(sk)->retry_count >= l2cap_pi(sk)->remote_max_tx) { | ||
1207 | l2cap_send_disconn_req(l2cap_pi(sk)->conn, sk); | ||
1208 | return; | ||
1209 | } | ||
1128 | 1210 | ||
1129 | /* First fragment (with L2CAP header) */ | 1211 | l2cap_pi(sk)->retry_count++; |
1130 | if (sk->sk_type == SOCK_DGRAM) | 1212 | __mod_monitor_timer(); |
1131 | hlen = L2CAP_HDR_SIZE + 2; | ||
1132 | else | ||
1133 | hlen = L2CAP_HDR_SIZE; | ||
1134 | 1213 | ||
1135 | count = min_t(unsigned int, (conn->mtu - hlen), len); | 1214 | control = L2CAP_CTRL_POLL; |
1215 | l2cap_send_rr_or_rnr(l2cap_pi(sk), control); | ||
1216 | bh_unlock_sock(sk); | ||
1217 | } | ||
1136 | 1218 | ||
1137 | skb = bt_skb_send_alloc(sk, hlen + count, | 1219 | static void l2cap_retrans_timeout(unsigned long arg) |
1138 | msg->msg_flags & MSG_DONTWAIT, &err); | 1220 | { |
1139 | if (!skb) | 1221 | struct sock *sk = (void *) arg; |
1140 | return err; | 1222 | u16 control; |
1141 | 1223 | ||
1142 | /* Create L2CAP header */ | 1224 | bh_lock_sock(sk); |
1143 | lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE); | 1225 | l2cap_pi(sk)->retry_count = 1; |
1144 | lh->cid = cpu_to_le16(l2cap_pi(sk)->dcid); | 1226 | __mod_monitor_timer(); |
1145 | lh->len = cpu_to_le16(len + (hlen - L2CAP_HDR_SIZE)); | 1227 | |
1228 | l2cap_pi(sk)->conn_state |= L2CAP_CONN_WAIT_F; | ||
1229 | |||
1230 | control = L2CAP_CTRL_POLL; | ||
1231 | l2cap_send_rr_or_rnr(l2cap_pi(sk), control); | ||
1232 | bh_unlock_sock(sk); | ||
1233 | } | ||
1234 | |||
1235 | static void l2cap_drop_acked_frames(struct sock *sk) | ||
1236 | { | ||
1237 | struct sk_buff *skb; | ||
1238 | |||
1239 | while ((skb = skb_peek(TX_QUEUE(sk)))) { | ||
1240 | if (bt_cb(skb)->tx_seq == l2cap_pi(sk)->expected_ack_seq) | ||
1241 | break; | ||
1242 | |||
1243 | skb = skb_dequeue(TX_QUEUE(sk)); | ||
1244 | kfree_skb(skb); | ||
1245 | |||
1246 | l2cap_pi(sk)->unacked_frames--; | ||
1247 | } | ||
1248 | |||
1249 | if (!l2cap_pi(sk)->unacked_frames) | ||
1250 | del_timer(&l2cap_pi(sk)->retrans_timer); | ||
1146 | 1251 | ||
1147 | if (sk->sk_type == SOCK_DGRAM) | 1252 | return; |
1148 | put_unaligned(l2cap_pi(sk)->psm, (__le16 *) skb_put(skb, 2)); | 1253 | } |
1254 | |||
1255 | static inline int l2cap_do_send(struct sock *sk, struct sk_buff *skb) | ||
1256 | { | ||
1257 | struct l2cap_pinfo *pi = l2cap_pi(sk); | ||
1258 | int err; | ||
1259 | |||
1260 | BT_DBG("sk %p, skb %p len %d", sk, skb, skb->len); | ||
1261 | |||
1262 | err = hci_send_acl(pi->conn->hcon, skb, 0); | ||
1263 | if (err < 0) | ||
1264 | kfree_skb(skb); | ||
1265 | |||
1266 | return err; | ||
1267 | } | ||
1268 | |||
1269 | static int l2cap_streaming_send(struct sock *sk) | ||
1270 | { | ||
1271 | struct sk_buff *skb, *tx_skb; | ||
1272 | struct l2cap_pinfo *pi = l2cap_pi(sk); | ||
1273 | u16 control, fcs; | ||
1274 | int err; | ||
1275 | |||
1276 | while ((skb = sk->sk_send_head)) { | ||
1277 | tx_skb = skb_clone(skb, GFP_ATOMIC); | ||
1278 | |||
1279 | control = get_unaligned_le16(tx_skb->data + L2CAP_HDR_SIZE); | ||
1280 | control |= pi->next_tx_seq << L2CAP_CTRL_TXSEQ_SHIFT; | ||
1281 | put_unaligned_le16(control, tx_skb->data + L2CAP_HDR_SIZE); | ||
1282 | |||
1283 | if (l2cap_pi(sk)->fcs == L2CAP_FCS_CRC16) { | ||
1284 | fcs = crc16(0, (u8 *)tx_skb->data, tx_skb->len - 2); | ||
1285 | put_unaligned_le16(fcs, tx_skb->data + tx_skb->len - 2); | ||
1286 | } | ||
1287 | |||
1288 | err = l2cap_do_send(sk, tx_skb); | ||
1289 | if (err < 0) { | ||
1290 | l2cap_send_disconn_req(pi->conn, sk); | ||
1291 | return err; | ||
1292 | } | ||
1293 | |||
1294 | pi->next_tx_seq = (pi->next_tx_seq + 1) % 64; | ||
1295 | |||
1296 | if (skb_queue_is_last(TX_QUEUE(sk), skb)) | ||
1297 | sk->sk_send_head = NULL; | ||
1298 | else | ||
1299 | sk->sk_send_head = skb_queue_next(TX_QUEUE(sk), skb); | ||
1300 | |||
1301 | skb = skb_dequeue(TX_QUEUE(sk)); | ||
1302 | kfree_skb(skb); | ||
1303 | } | ||
1304 | return 0; | ||
1305 | } | ||
1306 | |||
1307 | static int l2cap_retransmit_frame(struct sock *sk, u8 tx_seq) | ||
1308 | { | ||
1309 | struct l2cap_pinfo *pi = l2cap_pi(sk); | ||
1310 | struct sk_buff *skb, *tx_skb; | ||
1311 | u16 control, fcs; | ||
1312 | int err; | ||
1313 | |||
1314 | skb = skb_peek(TX_QUEUE(sk)); | ||
1315 | do { | ||
1316 | if (bt_cb(skb)->tx_seq != tx_seq) { | ||
1317 | if (skb_queue_is_last(TX_QUEUE(sk), skb)) | ||
1318 | break; | ||
1319 | skb = skb_queue_next(TX_QUEUE(sk), skb); | ||
1320 | continue; | ||
1321 | } | ||
1322 | |||
1323 | if (pi->remote_max_tx && | ||
1324 | bt_cb(skb)->retries == pi->remote_max_tx) { | ||
1325 | l2cap_send_disconn_req(pi->conn, sk); | ||
1326 | break; | ||
1327 | } | ||
1328 | |||
1329 | tx_skb = skb_clone(skb, GFP_ATOMIC); | ||
1330 | bt_cb(skb)->retries++; | ||
1331 | control = get_unaligned_le16(tx_skb->data + L2CAP_HDR_SIZE); | ||
1332 | control |= (pi->req_seq << L2CAP_CTRL_REQSEQ_SHIFT) | ||
1333 | | (tx_seq << L2CAP_CTRL_TXSEQ_SHIFT); | ||
1334 | put_unaligned_le16(control, tx_skb->data + L2CAP_HDR_SIZE); | ||
1335 | |||
1336 | if (l2cap_pi(sk)->fcs == L2CAP_FCS_CRC16) { | ||
1337 | fcs = crc16(0, (u8 *)tx_skb->data, tx_skb->len - 2); | ||
1338 | put_unaligned_le16(fcs, tx_skb->data + tx_skb->len - 2); | ||
1339 | } | ||
1340 | |||
1341 | err = l2cap_do_send(sk, tx_skb); | ||
1342 | if (err < 0) { | ||
1343 | l2cap_send_disconn_req(pi->conn, sk); | ||
1344 | return err; | ||
1345 | } | ||
1346 | break; | ||
1347 | } while(1); | ||
1348 | return 0; | ||
1349 | } | ||
1350 | |||
1351 | static int l2cap_ertm_send(struct sock *sk) | ||
1352 | { | ||
1353 | struct sk_buff *skb, *tx_skb; | ||
1354 | struct l2cap_pinfo *pi = l2cap_pi(sk); | ||
1355 | u16 control, fcs; | ||
1356 | int err; | ||
1357 | |||
1358 | if (pi->conn_state & L2CAP_CONN_WAIT_F) | ||
1359 | return 0; | ||
1360 | |||
1361 | while ((skb = sk->sk_send_head) && (!l2cap_tx_window_full(sk)) | ||
1362 | && !(pi->conn_state & L2CAP_CONN_REMOTE_BUSY)) { | ||
1363 | tx_skb = skb_clone(skb, GFP_ATOMIC); | ||
1364 | |||
1365 | if (pi->remote_max_tx && | ||
1366 | bt_cb(skb)->retries == pi->remote_max_tx) { | ||
1367 | l2cap_send_disconn_req(pi->conn, sk); | ||
1368 | break; | ||
1369 | } | ||
1370 | |||
1371 | bt_cb(skb)->retries++; | ||
1372 | |||
1373 | control = get_unaligned_le16(tx_skb->data + L2CAP_HDR_SIZE); | ||
1374 | control |= (pi->req_seq << L2CAP_CTRL_REQSEQ_SHIFT) | ||
1375 | | (pi->next_tx_seq << L2CAP_CTRL_TXSEQ_SHIFT); | ||
1376 | put_unaligned_le16(control, tx_skb->data + L2CAP_HDR_SIZE); | ||
1377 | |||
1378 | |||
1379 | if (l2cap_pi(sk)->fcs == L2CAP_FCS_CRC16) { | ||
1380 | fcs = crc16(0, (u8 *)skb->data, tx_skb->len - 2); | ||
1381 | put_unaligned_le16(fcs, skb->data + tx_skb->len - 2); | ||
1382 | } | ||
1383 | |||
1384 | err = l2cap_do_send(sk, tx_skb); | ||
1385 | if (err < 0) { | ||
1386 | l2cap_send_disconn_req(pi->conn, sk); | ||
1387 | return err; | ||
1388 | } | ||
1389 | __mod_retrans_timer(); | ||
1390 | |||
1391 | bt_cb(skb)->tx_seq = pi->next_tx_seq; | ||
1392 | pi->next_tx_seq = (pi->next_tx_seq + 1) % 64; | ||
1393 | |||
1394 | pi->unacked_frames++; | ||
1395 | |||
1396 | if (skb_queue_is_last(TX_QUEUE(sk), skb)) | ||
1397 | sk->sk_send_head = NULL; | ||
1398 | else | ||
1399 | sk->sk_send_head = skb_queue_next(TX_QUEUE(sk), skb); | ||
1400 | } | ||
1401 | |||
1402 | return 0; | ||
1403 | } | ||
1404 | |||
1405 | static inline int l2cap_skbuff_fromiovec(struct sock *sk, struct msghdr *msg, int len, int count, struct sk_buff *skb) | ||
1406 | { | ||
1407 | struct l2cap_conn *conn = l2cap_pi(sk)->conn; | ||
1408 | struct sk_buff **frag; | ||
1409 | int err, sent = 0; | ||
1149 | 1410 | ||
1150 | if (memcpy_fromiovec(skb_put(skb, count), msg->msg_iov, count)) { | 1411 | if (memcpy_fromiovec(skb_put(skb, count), msg->msg_iov, count)) { |
1151 | err = -EFAULT; | 1412 | return -EFAULT; |
1152 | goto fail; | ||
1153 | } | 1413 | } |
1154 | 1414 | ||
1155 | sent += count; | 1415 | sent += count; |
@@ -1162,33 +1422,173 @@ static inline int l2cap_do_send(struct sock *sk, struct msghdr *msg, int len) | |||
1162 | 1422 | ||
1163 | *frag = bt_skb_send_alloc(sk, count, msg->msg_flags & MSG_DONTWAIT, &err); | 1423 | *frag = bt_skb_send_alloc(sk, count, msg->msg_flags & MSG_DONTWAIT, &err); |
1164 | if (!*frag) | 1424 | if (!*frag) |
1165 | goto fail; | 1425 | return -EFAULT; |
1166 | 1426 | if (memcpy_fromiovec(skb_put(*frag, count), msg->msg_iov, count)) | |
1167 | if (memcpy_fromiovec(skb_put(*frag, count), msg->msg_iov, count)) { | 1427 | return -EFAULT; |
1168 | err = -EFAULT; | ||
1169 | goto fail; | ||
1170 | } | ||
1171 | 1428 | ||
1172 | sent += count; | 1429 | sent += count; |
1173 | len -= count; | 1430 | len -= count; |
1174 | 1431 | ||
1175 | frag = &(*frag)->next; | 1432 | frag = &(*frag)->next; |
1176 | } | 1433 | } |
1177 | err = hci_send_acl(conn->hcon, skb, 0); | ||
1178 | if (err < 0) | ||
1179 | goto fail; | ||
1180 | 1434 | ||
1181 | return sent; | 1435 | return sent; |
1436 | } | ||
1182 | 1437 | ||
1183 | fail: | 1438 | static struct sk_buff *l2cap_create_connless_pdu(struct sock *sk, struct msghdr *msg, size_t len) |
1184 | kfree_skb(skb); | 1439 | { |
1185 | return err; | 1440 | struct l2cap_conn *conn = l2cap_pi(sk)->conn; |
1441 | struct sk_buff *skb; | ||
1442 | int err, count, hlen = L2CAP_HDR_SIZE + 2; | ||
1443 | struct l2cap_hdr *lh; | ||
1444 | |||
1445 | BT_DBG("sk %p len %d", sk, (int)len); | ||
1446 | |||
1447 | count = min_t(unsigned int, (conn->mtu - hlen), len); | ||
1448 | skb = bt_skb_send_alloc(sk, count + hlen, | ||
1449 | msg->msg_flags & MSG_DONTWAIT, &err); | ||
1450 | if (!skb) | ||
1451 | return ERR_PTR(-ENOMEM); | ||
1452 | |||
1453 | /* Create L2CAP header */ | ||
1454 | lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE); | ||
1455 | lh->cid = cpu_to_le16(l2cap_pi(sk)->dcid); | ||
1456 | lh->len = cpu_to_le16(len + (hlen - L2CAP_HDR_SIZE)); | ||
1457 | put_unaligned_le16(l2cap_pi(sk)->psm, skb_put(skb, 2)); | ||
1458 | |||
1459 | err = l2cap_skbuff_fromiovec(sk, msg, len, count, skb); | ||
1460 | if (unlikely(err < 0)) { | ||
1461 | kfree_skb(skb); | ||
1462 | return ERR_PTR(err); | ||
1463 | } | ||
1464 | return skb; | ||
1465 | } | ||
1466 | |||
1467 | static struct sk_buff *l2cap_create_basic_pdu(struct sock *sk, struct msghdr *msg, size_t len) | ||
1468 | { | ||
1469 | struct l2cap_conn *conn = l2cap_pi(sk)->conn; | ||
1470 | struct sk_buff *skb; | ||
1471 | int err, count, hlen = L2CAP_HDR_SIZE; | ||
1472 | struct l2cap_hdr *lh; | ||
1473 | |||
1474 | BT_DBG("sk %p len %d", sk, (int)len); | ||
1475 | |||
1476 | count = min_t(unsigned int, (conn->mtu - hlen), len); | ||
1477 | skb = bt_skb_send_alloc(sk, count + hlen, | ||
1478 | msg->msg_flags & MSG_DONTWAIT, &err); | ||
1479 | if (!skb) | ||
1480 | return ERR_PTR(-ENOMEM); | ||
1481 | |||
1482 | /* Create L2CAP header */ | ||
1483 | lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE); | ||
1484 | lh->cid = cpu_to_le16(l2cap_pi(sk)->dcid); | ||
1485 | lh->len = cpu_to_le16(len + (hlen - L2CAP_HDR_SIZE)); | ||
1486 | |||
1487 | err = l2cap_skbuff_fromiovec(sk, msg, len, count, skb); | ||
1488 | if (unlikely(err < 0)) { | ||
1489 | kfree_skb(skb); | ||
1490 | return ERR_PTR(err); | ||
1491 | } | ||
1492 | return skb; | ||
1493 | } | ||
1494 | |||
1495 | static struct sk_buff *l2cap_create_iframe_pdu(struct sock *sk, struct msghdr *msg, size_t len, u16 control, u16 sdulen) | ||
1496 | { | ||
1497 | struct l2cap_conn *conn = l2cap_pi(sk)->conn; | ||
1498 | struct sk_buff *skb; | ||
1499 | int err, count, hlen = L2CAP_HDR_SIZE + 2; | ||
1500 | struct l2cap_hdr *lh; | ||
1501 | |||
1502 | BT_DBG("sk %p len %d", sk, (int)len); | ||
1503 | |||
1504 | if (sdulen) | ||
1505 | hlen += 2; | ||
1506 | |||
1507 | if (l2cap_pi(sk)->fcs == L2CAP_FCS_CRC16) | ||
1508 | hlen += 2; | ||
1509 | |||
1510 | count = min_t(unsigned int, (conn->mtu - hlen), len); | ||
1511 | skb = bt_skb_send_alloc(sk, count + hlen, | ||
1512 | msg->msg_flags & MSG_DONTWAIT, &err); | ||
1513 | if (!skb) | ||
1514 | return ERR_PTR(-ENOMEM); | ||
1515 | |||
1516 | /* Create L2CAP header */ | ||
1517 | lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE); | ||
1518 | lh->cid = cpu_to_le16(l2cap_pi(sk)->dcid); | ||
1519 | lh->len = cpu_to_le16(len + (hlen - L2CAP_HDR_SIZE)); | ||
1520 | put_unaligned_le16(control, skb_put(skb, 2)); | ||
1521 | if (sdulen) | ||
1522 | put_unaligned_le16(sdulen, skb_put(skb, 2)); | ||
1523 | |||
1524 | err = l2cap_skbuff_fromiovec(sk, msg, len, count, skb); | ||
1525 | if (unlikely(err < 0)) { | ||
1526 | kfree_skb(skb); | ||
1527 | return ERR_PTR(err); | ||
1528 | } | ||
1529 | |||
1530 | if (l2cap_pi(sk)->fcs == L2CAP_FCS_CRC16) | ||
1531 | put_unaligned_le16(0, skb_put(skb, 2)); | ||
1532 | |||
1533 | bt_cb(skb)->retries = 0; | ||
1534 | return skb; | ||
1535 | } | ||
1536 | |||
1537 | static inline int l2cap_sar_segment_sdu(struct sock *sk, struct msghdr *msg, size_t len) | ||
1538 | { | ||
1539 | struct l2cap_pinfo *pi = l2cap_pi(sk); | ||
1540 | struct sk_buff *skb; | ||
1541 | struct sk_buff_head sar_queue; | ||
1542 | u16 control; | ||
1543 | size_t size = 0; | ||
1544 | |||
1545 | __skb_queue_head_init(&sar_queue); | ||
1546 | control = L2CAP_SDU_START; | ||
1547 | skb = l2cap_create_iframe_pdu(sk, msg, pi->max_pdu_size, control, len); | ||
1548 | if (IS_ERR(skb)) | ||
1549 | return PTR_ERR(skb); | ||
1550 | |||
1551 | __skb_queue_tail(&sar_queue, skb); | ||
1552 | len -= pi->max_pdu_size; | ||
1553 | size +=pi->max_pdu_size; | ||
1554 | control = 0; | ||
1555 | |||
1556 | while (len > 0) { | ||
1557 | size_t buflen; | ||
1558 | |||
1559 | if (len > pi->max_pdu_size) { | ||
1560 | control |= L2CAP_SDU_CONTINUE; | ||
1561 | buflen = pi->max_pdu_size; | ||
1562 | } else { | ||
1563 | control |= L2CAP_SDU_END; | ||
1564 | buflen = len; | ||
1565 | } | ||
1566 | |||
1567 | skb = l2cap_create_iframe_pdu(sk, msg, buflen, control, 0); | ||
1568 | if (IS_ERR(skb)) { | ||
1569 | skb_queue_purge(&sar_queue); | ||
1570 | return PTR_ERR(skb); | ||
1571 | } | ||
1572 | |||
1573 | __skb_queue_tail(&sar_queue, skb); | ||
1574 | len -= buflen; | ||
1575 | size += buflen; | ||
1576 | control = 0; | ||
1577 | } | ||
1578 | skb_queue_splice_tail(&sar_queue, TX_QUEUE(sk)); | ||
1579 | if (sk->sk_send_head == NULL) | ||
1580 | sk->sk_send_head = sar_queue.next; | ||
1581 | |||
1582 | return size; | ||
1186 | } | 1583 | } |
1187 | 1584 | ||
1188 | static int l2cap_sock_sendmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *msg, size_t len) | 1585 | static int l2cap_sock_sendmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *msg, size_t len) |
1189 | { | 1586 | { |
1190 | struct sock *sk = sock->sk; | 1587 | struct sock *sk = sock->sk; |
1191 | int err = 0; | 1588 | struct l2cap_pinfo *pi = l2cap_pi(sk); |
1589 | struct sk_buff *skb; | ||
1590 | u16 control; | ||
1591 | int err; | ||
1192 | 1592 | ||
1193 | BT_DBG("sock %p, sk %p", sock, sk); | 1593 | BT_DBG("sock %p, sk %p", sock, sk); |
1194 | 1594 | ||
@@ -1200,16 +1600,73 @@ static int l2cap_sock_sendmsg(struct kiocb *iocb, struct socket *sock, struct ms | |||
1200 | return -EOPNOTSUPP; | 1600 | return -EOPNOTSUPP; |
1201 | 1601 | ||
1202 | /* Check outgoing MTU */ | 1602 | /* Check outgoing MTU */ |
1203 | if (sk->sk_type != SOCK_RAW && len > l2cap_pi(sk)->omtu) | 1603 | if (sk->sk_type == SOCK_SEQPACKET && pi->mode == L2CAP_MODE_BASIC |
1604 | && len > pi->omtu) | ||
1204 | return -EINVAL; | 1605 | return -EINVAL; |
1205 | 1606 | ||
1206 | lock_sock(sk); | 1607 | lock_sock(sk); |
1207 | 1608 | ||
1208 | if (sk->sk_state == BT_CONNECTED) | 1609 | if (sk->sk_state != BT_CONNECTED) { |
1209 | err = l2cap_do_send(sk, msg, len); | ||
1210 | else | ||
1211 | err = -ENOTCONN; | 1610 | err = -ENOTCONN; |
1611 | goto done; | ||
1612 | } | ||
1613 | |||
1614 | /* Connectionless channel */ | ||
1615 | if (sk->sk_type == SOCK_DGRAM) { | ||
1616 | skb = l2cap_create_connless_pdu(sk, msg, len); | ||
1617 | err = l2cap_do_send(sk, skb); | ||
1618 | goto done; | ||
1619 | } | ||
1620 | |||
1621 | switch (pi->mode) { | ||
1622 | case L2CAP_MODE_BASIC: | ||
1623 | /* Create a basic PDU */ | ||
1624 | skb = l2cap_create_basic_pdu(sk, msg, len); | ||
1625 | if (IS_ERR(skb)) { | ||
1626 | err = PTR_ERR(skb); | ||
1627 | goto done; | ||
1628 | } | ||
1629 | |||
1630 | err = l2cap_do_send(sk, skb); | ||
1631 | if (!err) | ||
1632 | err = len; | ||
1633 | break; | ||
1634 | |||
1635 | case L2CAP_MODE_ERTM: | ||
1636 | case L2CAP_MODE_STREAMING: | ||
1637 | /* Entire SDU fits into one PDU */ | ||
1638 | if (len <= pi->max_pdu_size) { | ||
1639 | control = L2CAP_SDU_UNSEGMENTED; | ||
1640 | skb = l2cap_create_iframe_pdu(sk, msg, len, control, 0); | ||
1641 | if (IS_ERR(skb)) { | ||
1642 | err = PTR_ERR(skb); | ||
1643 | goto done; | ||
1644 | } | ||
1645 | __skb_queue_tail(TX_QUEUE(sk), skb); | ||
1646 | if (sk->sk_send_head == NULL) | ||
1647 | sk->sk_send_head = skb; | ||
1648 | } else { | ||
1649 | /* Segment SDU into multiples PDUs */ | ||
1650 | err = l2cap_sar_segment_sdu(sk, msg, len); | ||
1651 | if (err < 0) | ||
1652 | goto done; | ||
1653 | } | ||
1654 | |||
1655 | if (pi->mode == L2CAP_MODE_STREAMING) | ||
1656 | err = l2cap_streaming_send(sk); | ||
1657 | else | ||
1658 | err = l2cap_ertm_send(sk); | ||
1659 | |||
1660 | if (!err) | ||
1661 | err = len; | ||
1662 | break; | ||
1663 | |||
1664 | default: | ||
1665 | BT_DBG("bad state %1.1x", pi->mode); | ||
1666 | err = -EINVAL; | ||
1667 | } | ||
1212 | 1668 | ||
1669 | done: | ||
1213 | release_sock(sk); | 1670 | release_sock(sk); |
1214 | return err; | 1671 | return err; |
1215 | } | 1672 | } |
@@ -1257,7 +1714,8 @@ static int l2cap_sock_setsockopt_old(struct socket *sock, int optname, char __us | |||
1257 | opts.imtu = l2cap_pi(sk)->imtu; | 1714 | opts.imtu = l2cap_pi(sk)->imtu; |
1258 | opts.omtu = l2cap_pi(sk)->omtu; | 1715 | opts.omtu = l2cap_pi(sk)->omtu; |
1259 | opts.flush_to = l2cap_pi(sk)->flush_to; | 1716 | opts.flush_to = l2cap_pi(sk)->flush_to; |
1260 | opts.mode = L2CAP_MODE_BASIC; | 1717 | opts.mode = l2cap_pi(sk)->mode; |
1718 | opts.fcs = l2cap_pi(sk)->fcs; | ||
1261 | 1719 | ||
1262 | len = min_t(unsigned int, sizeof(opts), optlen); | 1720 | len = min_t(unsigned int, sizeof(opts), optlen); |
1263 | if (copy_from_user((char *) &opts, optval, len)) { | 1721 | if (copy_from_user((char *) &opts, optval, len)) { |
@@ -1265,8 +1723,10 @@ static int l2cap_sock_setsockopt_old(struct socket *sock, int optname, char __us | |||
1265 | break; | 1723 | break; |
1266 | } | 1724 | } |
1267 | 1725 | ||
1268 | l2cap_pi(sk)->imtu = opts.imtu; | 1726 | l2cap_pi(sk)->imtu = opts.imtu; |
1269 | l2cap_pi(sk)->omtu = opts.omtu; | 1727 | l2cap_pi(sk)->omtu = opts.omtu; |
1728 | l2cap_pi(sk)->mode = opts.mode; | ||
1729 | l2cap_pi(sk)->fcs = opts.fcs; | ||
1270 | break; | 1730 | break; |
1271 | 1731 | ||
1272 | case L2CAP_LM: | 1732 | case L2CAP_LM: |
@@ -1379,7 +1839,8 @@ static int l2cap_sock_getsockopt_old(struct socket *sock, int optname, char __us | |||
1379 | opts.imtu = l2cap_pi(sk)->imtu; | 1839 | opts.imtu = l2cap_pi(sk)->imtu; |
1380 | opts.omtu = l2cap_pi(sk)->omtu; | 1840 | opts.omtu = l2cap_pi(sk)->omtu; |
1381 | opts.flush_to = l2cap_pi(sk)->flush_to; | 1841 | opts.flush_to = l2cap_pi(sk)->flush_to; |
1382 | opts.mode = L2CAP_MODE_BASIC; | 1842 | opts.mode = l2cap_pi(sk)->mode; |
1843 | opts.fcs = l2cap_pi(sk)->fcs; | ||
1383 | 1844 | ||
1384 | len = min_t(unsigned int, len, sizeof(opts)); | 1845 | len = min_t(unsigned int, len, sizeof(opts)); |
1385 | if (copy_to_user(optval, (char *) &opts, len)) | 1846 | if (copy_to_user(optval, (char *) &opts, len)) |
@@ -1708,16 +2169,108 @@ static void l2cap_add_conf_opt(void **ptr, u8 type, u8 len, unsigned long val) | |||
1708 | *ptr += L2CAP_CONF_OPT_SIZE + len; | 2169 | *ptr += L2CAP_CONF_OPT_SIZE + len; |
1709 | } | 2170 | } |
1710 | 2171 | ||
2172 | static int l2cap_mode_supported(__u8 mode, __u32 feat_mask) | ||
2173 | { | ||
2174 | u32 local_feat_mask = l2cap_feat_mask; | ||
2175 | if (enable_ertm) | ||
2176 | local_feat_mask |= L2CAP_FEAT_ERTM | L2CAP_FEAT_STREAMING; | ||
2177 | |||
2178 | switch (mode) { | ||
2179 | case L2CAP_MODE_ERTM: | ||
2180 | return L2CAP_FEAT_ERTM & feat_mask & local_feat_mask; | ||
2181 | case L2CAP_MODE_STREAMING: | ||
2182 | return L2CAP_FEAT_STREAMING & feat_mask & local_feat_mask; | ||
2183 | default: | ||
2184 | return 0x00; | ||
2185 | } | ||
2186 | } | ||
2187 | |||
2188 | static inline __u8 l2cap_select_mode(__u8 mode, __u16 remote_feat_mask) | ||
2189 | { | ||
2190 | switch (mode) { | ||
2191 | case L2CAP_MODE_STREAMING: | ||
2192 | case L2CAP_MODE_ERTM: | ||
2193 | if (l2cap_mode_supported(mode, remote_feat_mask)) | ||
2194 | return mode; | ||
2195 | /* fall through */ | ||
2196 | default: | ||
2197 | return L2CAP_MODE_BASIC; | ||
2198 | } | ||
2199 | } | ||
2200 | |||
1711 | static int l2cap_build_conf_req(struct sock *sk, void *data) | 2201 | static int l2cap_build_conf_req(struct sock *sk, void *data) |
1712 | { | 2202 | { |
1713 | struct l2cap_pinfo *pi = l2cap_pi(sk); | 2203 | struct l2cap_pinfo *pi = l2cap_pi(sk); |
1714 | struct l2cap_conf_req *req = data; | 2204 | struct l2cap_conf_req *req = data; |
2205 | struct l2cap_conf_rfc rfc = { .mode = L2CAP_MODE_ERTM }; | ||
1715 | void *ptr = req->data; | 2206 | void *ptr = req->data; |
1716 | 2207 | ||
1717 | BT_DBG("sk %p", sk); | 2208 | BT_DBG("sk %p", sk); |
1718 | 2209 | ||
1719 | if (pi->imtu != L2CAP_DEFAULT_MTU) | 2210 | if (pi->num_conf_req || pi->num_conf_rsp) |
1720 | l2cap_add_conf_opt(&ptr, L2CAP_CONF_MTU, 2, pi->imtu); | 2211 | goto done; |
2212 | |||
2213 | switch (pi->mode) { | ||
2214 | case L2CAP_MODE_STREAMING: | ||
2215 | case L2CAP_MODE_ERTM: | ||
2216 | pi->conf_state |= L2CAP_CONF_STATE2_DEVICE; | ||
2217 | if (!l2cap_mode_supported(pi->mode, pi->conn->feat_mask)) | ||
2218 | l2cap_send_disconn_req(pi->conn, sk); | ||
2219 | break; | ||
2220 | default: | ||
2221 | pi->mode = l2cap_select_mode(rfc.mode, pi->conn->feat_mask); | ||
2222 | break; | ||
2223 | } | ||
2224 | |||
2225 | done: | ||
2226 | switch (pi->mode) { | ||
2227 | case L2CAP_MODE_BASIC: | ||
2228 | if (pi->imtu != L2CAP_DEFAULT_MTU) | ||
2229 | l2cap_add_conf_opt(&ptr, L2CAP_CONF_MTU, 2, pi->imtu); | ||
2230 | break; | ||
2231 | |||
2232 | case L2CAP_MODE_ERTM: | ||
2233 | rfc.mode = L2CAP_MODE_ERTM; | ||
2234 | rfc.txwin_size = L2CAP_DEFAULT_TX_WINDOW; | ||
2235 | rfc.max_transmit = L2CAP_DEFAULT_MAX_TX; | ||
2236 | rfc.retrans_timeout = 0; | ||
2237 | rfc.monitor_timeout = 0; | ||
2238 | rfc.max_pdu_size = cpu_to_le16(L2CAP_DEFAULT_MAX_PDU_SIZE); | ||
2239 | |||
2240 | l2cap_add_conf_opt(&ptr, L2CAP_CONF_RFC, | ||
2241 | sizeof(rfc), (unsigned long) &rfc); | ||
2242 | |||
2243 | if (!(pi->conn->feat_mask & L2CAP_FEAT_FCS)) | ||
2244 | break; | ||
2245 | |||
2246 | if (pi->fcs == L2CAP_FCS_NONE || | ||
2247 | pi->conf_state & L2CAP_CONF_NO_FCS_RECV) { | ||
2248 | pi->fcs = L2CAP_FCS_NONE; | ||
2249 | l2cap_add_conf_opt(&ptr, L2CAP_CONF_FCS, 1, pi->fcs); | ||
2250 | } | ||
2251 | break; | ||
2252 | |||
2253 | case L2CAP_MODE_STREAMING: | ||
2254 | rfc.mode = L2CAP_MODE_STREAMING; | ||
2255 | rfc.txwin_size = 0; | ||
2256 | rfc.max_transmit = 0; | ||
2257 | rfc.retrans_timeout = 0; | ||
2258 | rfc.monitor_timeout = 0; | ||
2259 | rfc.max_pdu_size = cpu_to_le16(L2CAP_DEFAULT_MAX_PDU_SIZE); | ||
2260 | |||
2261 | l2cap_add_conf_opt(&ptr, L2CAP_CONF_RFC, | ||
2262 | sizeof(rfc), (unsigned long) &rfc); | ||
2263 | |||
2264 | if (!(pi->conn->feat_mask & L2CAP_FEAT_FCS)) | ||
2265 | break; | ||
2266 | |||
2267 | if (pi->fcs == L2CAP_FCS_NONE || | ||
2268 | pi->conf_state & L2CAP_CONF_NO_FCS_RECV) { | ||
2269 | pi->fcs = L2CAP_FCS_NONE; | ||
2270 | l2cap_add_conf_opt(&ptr, L2CAP_CONF_FCS, 1, pi->fcs); | ||
2271 | } | ||
2272 | break; | ||
2273 | } | ||
1721 | 2274 | ||
1722 | /* FIXME: Need actual value of the flush timeout */ | 2275 | /* FIXME: Need actual value of the flush timeout */ |
1723 | //if (flush_to != L2CAP_DEFAULT_FLUSH_TO) | 2276 | //if (flush_to != L2CAP_DEFAULT_FLUSH_TO) |
@@ -1767,6 +2320,12 @@ static int l2cap_parse_conf_req(struct sock *sk, void *data) | |||
1767 | memcpy(&rfc, (void *) val, olen); | 2320 | memcpy(&rfc, (void *) val, olen); |
1768 | break; | 2321 | break; |
1769 | 2322 | ||
2323 | case L2CAP_CONF_FCS: | ||
2324 | if (val == L2CAP_FCS_NONE) | ||
2325 | pi->conf_state |= L2CAP_CONF_NO_FCS_RECV; | ||
2326 | |||
2327 | break; | ||
2328 | |||
1770 | default: | 2329 | default: |
1771 | if (hint) | 2330 | if (hint) |
1772 | break; | 2331 | break; |
@@ -1777,30 +2336,83 @@ static int l2cap_parse_conf_req(struct sock *sk, void *data) | |||
1777 | } | 2336 | } |
1778 | } | 2337 | } |
1779 | 2338 | ||
2339 | if (pi->num_conf_rsp || pi->num_conf_req) | ||
2340 | goto done; | ||
2341 | |||
2342 | switch (pi->mode) { | ||
2343 | case L2CAP_MODE_STREAMING: | ||
2344 | case L2CAP_MODE_ERTM: | ||
2345 | pi->conf_state |= L2CAP_CONF_STATE2_DEVICE; | ||
2346 | if (!l2cap_mode_supported(pi->mode, pi->conn->feat_mask)) | ||
2347 | return -ECONNREFUSED; | ||
2348 | break; | ||
2349 | default: | ||
2350 | pi->mode = l2cap_select_mode(rfc.mode, pi->conn->feat_mask); | ||
2351 | break; | ||
2352 | } | ||
2353 | |||
2354 | done: | ||
2355 | if (pi->mode != rfc.mode) { | ||
2356 | result = L2CAP_CONF_UNACCEPT; | ||
2357 | rfc.mode = pi->mode; | ||
2358 | |||
2359 | if (pi->num_conf_rsp == 1) | ||
2360 | return -ECONNREFUSED; | ||
2361 | |||
2362 | l2cap_add_conf_opt(&ptr, L2CAP_CONF_RFC, | ||
2363 | sizeof(rfc), (unsigned long) &rfc); | ||
2364 | } | ||
2365 | |||
2366 | |||
1780 | if (result == L2CAP_CONF_SUCCESS) { | 2367 | if (result == L2CAP_CONF_SUCCESS) { |
1781 | /* Configure output options and let the other side know | 2368 | /* Configure output options and let the other side know |
1782 | * which ones we don't like. */ | 2369 | * which ones we don't like. */ |
1783 | 2370 | ||
1784 | if (rfc.mode == L2CAP_MODE_BASIC) { | 2371 | if (mtu < L2CAP_DEFAULT_MIN_MTU) |
1785 | if (mtu < pi->omtu) | 2372 | result = L2CAP_CONF_UNACCEPT; |
1786 | result = L2CAP_CONF_UNACCEPT; | 2373 | else { |
1787 | else { | 2374 | pi->omtu = mtu; |
1788 | pi->omtu = mtu; | 2375 | pi->conf_state |= L2CAP_CONF_MTU_DONE; |
1789 | pi->conf_state |= L2CAP_CONF_OUTPUT_DONE; | 2376 | } |
1790 | } | 2377 | l2cap_add_conf_opt(&ptr, L2CAP_CONF_MTU, 2, pi->omtu); |
1791 | 2378 | ||
1792 | l2cap_add_conf_opt(&ptr, L2CAP_CONF_MTU, 2, pi->omtu); | 2379 | switch (rfc.mode) { |
1793 | } else { | 2380 | case L2CAP_MODE_BASIC: |
2381 | pi->fcs = L2CAP_FCS_NONE; | ||
2382 | pi->conf_state |= L2CAP_CONF_MODE_DONE; | ||
2383 | break; | ||
2384 | |||
2385 | case L2CAP_MODE_ERTM: | ||
2386 | pi->remote_tx_win = rfc.txwin_size; | ||
2387 | pi->remote_max_tx = rfc.max_transmit; | ||
2388 | pi->max_pdu_size = rfc.max_pdu_size; | ||
2389 | |||
2390 | rfc.retrans_timeout = L2CAP_DEFAULT_RETRANS_TO; | ||
2391 | rfc.monitor_timeout = L2CAP_DEFAULT_MONITOR_TO; | ||
2392 | |||
2393 | pi->conf_state |= L2CAP_CONF_MODE_DONE; | ||
2394 | break; | ||
2395 | |||
2396 | case L2CAP_MODE_STREAMING: | ||
2397 | pi->remote_tx_win = rfc.txwin_size; | ||
2398 | pi->max_pdu_size = rfc.max_pdu_size; | ||
2399 | |||
2400 | pi->conf_state |= L2CAP_CONF_MODE_DONE; | ||
2401 | break; | ||
2402 | |||
2403 | default: | ||
1794 | result = L2CAP_CONF_UNACCEPT; | 2404 | result = L2CAP_CONF_UNACCEPT; |
1795 | 2405 | ||
1796 | memset(&rfc, 0, sizeof(rfc)); | 2406 | memset(&rfc, 0, sizeof(rfc)); |
1797 | rfc.mode = L2CAP_MODE_BASIC; | 2407 | rfc.mode = pi->mode; |
1798 | |||
1799 | l2cap_add_conf_opt(&ptr, L2CAP_CONF_RFC, | ||
1800 | sizeof(rfc), (unsigned long) &rfc); | ||
1801 | } | 2408 | } |
1802 | } | ||
1803 | 2409 | ||
2410 | l2cap_add_conf_opt(&ptr, L2CAP_CONF_RFC, | ||
2411 | sizeof(rfc), (unsigned long) &rfc); | ||
2412 | |||
2413 | if (result == L2CAP_CONF_SUCCESS) | ||
2414 | pi->conf_state |= L2CAP_CONF_OUTPUT_DONE; | ||
2415 | } | ||
1804 | rsp->scid = cpu_to_le16(pi->dcid); | 2416 | rsp->scid = cpu_to_le16(pi->dcid); |
1805 | rsp->result = cpu_to_le16(result); | 2417 | rsp->result = cpu_to_le16(result); |
1806 | rsp->flags = cpu_to_le16(0x0000); | 2418 | rsp->flags = cpu_to_le16(0x0000); |
@@ -1808,6 +2420,73 @@ static int l2cap_parse_conf_req(struct sock *sk, void *data) | |||
1808 | return ptr - data; | 2420 | return ptr - data; |
1809 | } | 2421 | } |
1810 | 2422 | ||
2423 | static int l2cap_parse_conf_rsp(struct sock *sk, void *rsp, int len, void *data, u16 *result) | ||
2424 | { | ||
2425 | struct l2cap_pinfo *pi = l2cap_pi(sk); | ||
2426 | struct l2cap_conf_req *req = data; | ||
2427 | void *ptr = req->data; | ||
2428 | int type, olen; | ||
2429 | unsigned long val; | ||
2430 | struct l2cap_conf_rfc rfc; | ||
2431 | |||
2432 | BT_DBG("sk %p, rsp %p, len %d, req %p", sk, rsp, len, data); | ||
2433 | |||
2434 | while (len >= L2CAP_CONF_OPT_SIZE) { | ||
2435 | len -= l2cap_get_conf_opt(&rsp, &type, &olen, &val); | ||
2436 | |||
2437 | switch (type) { | ||
2438 | case L2CAP_CONF_MTU: | ||
2439 | if (val < L2CAP_DEFAULT_MIN_MTU) { | ||
2440 | *result = L2CAP_CONF_UNACCEPT; | ||
2441 | pi->omtu = L2CAP_DEFAULT_MIN_MTU; | ||
2442 | } else | ||
2443 | pi->omtu = val; | ||
2444 | l2cap_add_conf_opt(&ptr, L2CAP_CONF_MTU, 2, pi->omtu); | ||
2445 | break; | ||
2446 | |||
2447 | case L2CAP_CONF_FLUSH_TO: | ||
2448 | pi->flush_to = val; | ||
2449 | l2cap_add_conf_opt(&ptr, L2CAP_CONF_FLUSH_TO, | ||
2450 | 2, pi->flush_to); | ||
2451 | break; | ||
2452 | |||
2453 | case L2CAP_CONF_RFC: | ||
2454 | if (olen == sizeof(rfc)) | ||
2455 | memcpy(&rfc, (void *)val, olen); | ||
2456 | |||
2457 | if ((pi->conf_state & L2CAP_CONF_STATE2_DEVICE) && | ||
2458 | rfc.mode != pi->mode) | ||
2459 | return -ECONNREFUSED; | ||
2460 | |||
2461 | pi->mode = rfc.mode; | ||
2462 | pi->fcs = 0; | ||
2463 | |||
2464 | l2cap_add_conf_opt(&ptr, L2CAP_CONF_RFC, | ||
2465 | sizeof(rfc), (unsigned long) &rfc); | ||
2466 | break; | ||
2467 | } | ||
2468 | } | ||
2469 | |||
2470 | if (*result == L2CAP_CONF_SUCCESS) { | ||
2471 | switch (rfc.mode) { | ||
2472 | case L2CAP_MODE_ERTM: | ||
2473 | pi->remote_tx_win = rfc.txwin_size; | ||
2474 | pi->retrans_timeout = rfc.retrans_timeout; | ||
2475 | pi->monitor_timeout = rfc.monitor_timeout; | ||
2476 | pi->max_pdu_size = le16_to_cpu(rfc.max_pdu_size); | ||
2477 | break; | ||
2478 | case L2CAP_MODE_STREAMING: | ||
2479 | pi->max_pdu_size = le16_to_cpu(rfc.max_pdu_size); | ||
2480 | break; | ||
2481 | } | ||
2482 | } | ||
2483 | |||
2484 | req->dcid = cpu_to_le16(pi->dcid); | ||
2485 | req->flags = cpu_to_le16(0x0000); | ||
2486 | |||
2487 | return ptr - data; | ||
2488 | } | ||
2489 | |||
1811 | static int l2cap_build_conf_rsp(struct sock *sk, void *data, u16 result, u16 flags) | 2490 | static int l2cap_build_conf_rsp(struct sock *sk, void *data, u16 result, u16 flags) |
1812 | { | 2491 | { |
1813 | struct l2cap_conf_rsp *rsp = data; | 2492 | struct l2cap_conf_rsp *rsp = data; |
@@ -1994,6 +2673,7 @@ static inline int l2cap_connect_rsp(struct l2cap_conn *conn, struct l2cap_cmd_hd | |||
1994 | 2673 | ||
1995 | l2cap_send_cmd(conn, l2cap_get_ident(conn), L2CAP_CONF_REQ, | 2674 | l2cap_send_cmd(conn, l2cap_get_ident(conn), L2CAP_CONF_REQ, |
1996 | l2cap_build_conf_req(sk, req), req); | 2675 | l2cap_build_conf_req(sk, req), req); |
2676 | l2cap_pi(sk)->num_conf_req++; | ||
1997 | break; | 2677 | break; |
1998 | 2678 | ||
1999 | case L2CAP_CR_PEND: | 2679 | case L2CAP_CR_PEND: |
@@ -2052,10 +2732,13 @@ static inline int l2cap_config_req(struct l2cap_conn *conn, struct l2cap_cmd_hdr | |||
2052 | 2732 | ||
2053 | /* Complete config. */ | 2733 | /* Complete config. */ |
2054 | len = l2cap_parse_conf_req(sk, rsp); | 2734 | len = l2cap_parse_conf_req(sk, rsp); |
2055 | if (len < 0) | 2735 | if (len < 0) { |
2736 | l2cap_send_disconn_req(conn, sk); | ||
2056 | goto unlock; | 2737 | goto unlock; |
2738 | } | ||
2057 | 2739 | ||
2058 | l2cap_send_cmd(conn, cmd->ident, L2CAP_CONF_RSP, len, rsp); | 2740 | l2cap_send_cmd(conn, cmd->ident, L2CAP_CONF_RSP, len, rsp); |
2741 | l2cap_pi(sk)->num_conf_rsp++; | ||
2059 | 2742 | ||
2060 | /* Reset config buffer. */ | 2743 | /* Reset config buffer. */ |
2061 | l2cap_pi(sk)->conf_len = 0; | 2744 | l2cap_pi(sk)->conf_len = 0; |
@@ -2064,7 +2747,22 @@ static inline int l2cap_config_req(struct l2cap_conn *conn, struct l2cap_cmd_hdr | |||
2064 | goto unlock; | 2747 | goto unlock; |
2065 | 2748 | ||
2066 | if (l2cap_pi(sk)->conf_state & L2CAP_CONF_INPUT_DONE) { | 2749 | if (l2cap_pi(sk)->conf_state & L2CAP_CONF_INPUT_DONE) { |
2750 | if (!(l2cap_pi(sk)->conf_state & L2CAP_CONF_NO_FCS_RECV) | ||
2751 | || l2cap_pi(sk)->fcs != L2CAP_FCS_NONE) | ||
2752 | l2cap_pi(sk)->fcs = L2CAP_FCS_CRC16; | ||
2753 | |||
2067 | sk->sk_state = BT_CONNECTED; | 2754 | sk->sk_state = BT_CONNECTED; |
2755 | l2cap_pi(sk)->next_tx_seq = 0; | ||
2756 | l2cap_pi(sk)->expected_ack_seq = 0; | ||
2757 | l2cap_pi(sk)->unacked_frames = 0; | ||
2758 | |||
2759 | setup_timer(&l2cap_pi(sk)->retrans_timer, | ||
2760 | l2cap_retrans_timeout, (unsigned long) sk); | ||
2761 | setup_timer(&l2cap_pi(sk)->monitor_timer, | ||
2762 | l2cap_monitor_timeout, (unsigned long) sk); | ||
2763 | |||
2764 | __skb_queue_head_init(TX_QUEUE(sk)); | ||
2765 | __skb_queue_head_init(SREJ_QUEUE(sk)); | ||
2068 | l2cap_chan_ready(sk); | 2766 | l2cap_chan_ready(sk); |
2069 | goto unlock; | 2767 | goto unlock; |
2070 | } | 2768 | } |
@@ -2073,6 +2771,7 @@ static inline int l2cap_config_req(struct l2cap_conn *conn, struct l2cap_cmd_hdr | |||
2073 | u8 buf[64]; | 2771 | u8 buf[64]; |
2074 | l2cap_send_cmd(conn, l2cap_get_ident(conn), L2CAP_CONF_REQ, | 2772 | l2cap_send_cmd(conn, l2cap_get_ident(conn), L2CAP_CONF_REQ, |
2075 | l2cap_build_conf_req(sk, buf), buf); | 2773 | l2cap_build_conf_req(sk, buf), buf); |
2774 | l2cap_pi(sk)->num_conf_req++; | ||
2076 | } | 2775 | } |
2077 | 2776 | ||
2078 | unlock: | 2777 | unlock: |
@@ -2102,29 +2801,32 @@ static inline int l2cap_config_rsp(struct l2cap_conn *conn, struct l2cap_cmd_hdr | |||
2102 | break; | 2801 | break; |
2103 | 2802 | ||
2104 | case L2CAP_CONF_UNACCEPT: | 2803 | case L2CAP_CONF_UNACCEPT: |
2105 | if (++l2cap_pi(sk)->conf_retry < L2CAP_CONF_MAX_RETRIES) { | 2804 | if (l2cap_pi(sk)->num_conf_rsp <= L2CAP_CONF_MAX_CONF_RSP) { |
2106 | char req[128]; | 2805 | int len = cmd->len - sizeof(*rsp); |
2107 | /* It does not make sense to adjust L2CAP parameters | 2806 | char req[64]; |
2108 | * that are currently defined in the spec. We simply | 2807 | |
2109 | * resend config request that we sent earlier. It is | 2808 | /* throw out any old stored conf requests */ |
2110 | * stupid, but it helps qualification testing which | 2809 | result = L2CAP_CONF_SUCCESS; |
2111 | * expects at least some response from us. */ | 2810 | len = l2cap_parse_conf_rsp(sk, rsp->data, |
2112 | l2cap_send_cmd(conn, l2cap_get_ident(conn), L2CAP_CONF_REQ, | 2811 | len, req, &result); |
2113 | l2cap_build_conf_req(sk, req), req); | 2812 | if (len < 0) { |
2114 | goto done; | 2813 | l2cap_send_disconn_req(conn, sk); |
2814 | goto done; | ||
2815 | } | ||
2816 | |||
2817 | l2cap_send_cmd(conn, l2cap_get_ident(conn), | ||
2818 | L2CAP_CONF_REQ, len, req); | ||
2819 | l2cap_pi(sk)->num_conf_req++; | ||
2820 | if (result != L2CAP_CONF_SUCCESS) | ||
2821 | goto done; | ||
2822 | break; | ||
2115 | } | 2823 | } |
2116 | 2824 | ||
2117 | default: | 2825 | default: |
2118 | sk->sk_state = BT_DISCONN; | 2826 | sk->sk_state = BT_DISCONN; |
2119 | sk->sk_err = ECONNRESET; | 2827 | sk->sk_err = ECONNRESET; |
2120 | l2cap_sock_set_timer(sk, HZ * 5); | 2828 | l2cap_sock_set_timer(sk, HZ * 5); |
2121 | { | 2829 | l2cap_send_disconn_req(conn, sk); |
2122 | struct l2cap_disconn_req req; | ||
2123 | req.dcid = cpu_to_le16(l2cap_pi(sk)->dcid); | ||
2124 | req.scid = cpu_to_le16(l2cap_pi(sk)->scid); | ||
2125 | l2cap_send_cmd(conn, l2cap_get_ident(conn), | ||
2126 | L2CAP_DISCONN_REQ, sizeof(req), &req); | ||
2127 | } | ||
2128 | goto done; | 2830 | goto done; |
2129 | } | 2831 | } |
2130 | 2832 | ||
@@ -2134,7 +2836,16 @@ static inline int l2cap_config_rsp(struct l2cap_conn *conn, struct l2cap_cmd_hdr | |||
2134 | l2cap_pi(sk)->conf_state |= L2CAP_CONF_INPUT_DONE; | 2836 | l2cap_pi(sk)->conf_state |= L2CAP_CONF_INPUT_DONE; |
2135 | 2837 | ||
2136 | if (l2cap_pi(sk)->conf_state & L2CAP_CONF_OUTPUT_DONE) { | 2838 | if (l2cap_pi(sk)->conf_state & L2CAP_CONF_OUTPUT_DONE) { |
2839 | if (!(l2cap_pi(sk)->conf_state & L2CAP_CONF_NO_FCS_RECV) | ||
2840 | || l2cap_pi(sk)->fcs != L2CAP_FCS_NONE) | ||
2841 | l2cap_pi(sk)->fcs = L2CAP_FCS_CRC16; | ||
2842 | |||
2137 | sk->sk_state = BT_CONNECTED; | 2843 | sk->sk_state = BT_CONNECTED; |
2844 | l2cap_pi(sk)->expected_tx_seq = 0; | ||
2845 | l2cap_pi(sk)->buffer_seq = 0; | ||
2846 | l2cap_pi(sk)->num_to_ack = 0; | ||
2847 | __skb_queue_head_init(TX_QUEUE(sk)); | ||
2848 | __skb_queue_head_init(SREJ_QUEUE(sk)); | ||
2138 | l2cap_chan_ready(sk); | 2849 | l2cap_chan_ready(sk); |
2139 | } | 2850 | } |
2140 | 2851 | ||
@@ -2165,6 +2876,11 @@ static inline int l2cap_disconnect_req(struct l2cap_conn *conn, struct l2cap_cmd | |||
2165 | 2876 | ||
2166 | sk->sk_shutdown = SHUTDOWN_MASK; | 2877 | sk->sk_shutdown = SHUTDOWN_MASK; |
2167 | 2878 | ||
2879 | skb_queue_purge(TX_QUEUE(sk)); | ||
2880 | skb_queue_purge(SREJ_QUEUE(sk)); | ||
2881 | del_timer(&l2cap_pi(sk)->retrans_timer); | ||
2882 | del_timer(&l2cap_pi(sk)->monitor_timer); | ||
2883 | |||
2168 | l2cap_chan_del(sk, ECONNRESET); | 2884 | l2cap_chan_del(sk, ECONNRESET); |
2169 | bh_unlock_sock(sk); | 2885 | bh_unlock_sock(sk); |
2170 | 2886 | ||
@@ -2187,6 +2903,11 @@ static inline int l2cap_disconnect_rsp(struct l2cap_conn *conn, struct l2cap_cmd | |||
2187 | if (!sk) | 2903 | if (!sk) |
2188 | return 0; | 2904 | return 0; |
2189 | 2905 | ||
2906 | skb_queue_purge(TX_QUEUE(sk)); | ||
2907 | skb_queue_purge(SREJ_QUEUE(sk)); | ||
2908 | del_timer(&l2cap_pi(sk)->retrans_timer); | ||
2909 | del_timer(&l2cap_pi(sk)->monitor_timer); | ||
2910 | |||
2190 | l2cap_chan_del(sk, 0); | 2911 | l2cap_chan_del(sk, 0); |
2191 | bh_unlock_sock(sk); | 2912 | bh_unlock_sock(sk); |
2192 | 2913 | ||
@@ -2205,10 +2926,14 @@ static inline int l2cap_information_req(struct l2cap_conn *conn, struct l2cap_cm | |||
2205 | 2926 | ||
2206 | if (type == L2CAP_IT_FEAT_MASK) { | 2927 | if (type == L2CAP_IT_FEAT_MASK) { |
2207 | u8 buf[8]; | 2928 | u8 buf[8]; |
2929 | u32 feat_mask = l2cap_feat_mask; | ||
2208 | struct l2cap_info_rsp *rsp = (struct l2cap_info_rsp *) buf; | 2930 | struct l2cap_info_rsp *rsp = (struct l2cap_info_rsp *) buf; |
2209 | rsp->type = cpu_to_le16(L2CAP_IT_FEAT_MASK); | 2931 | rsp->type = cpu_to_le16(L2CAP_IT_FEAT_MASK); |
2210 | rsp->result = cpu_to_le16(L2CAP_IR_SUCCESS); | 2932 | rsp->result = cpu_to_le16(L2CAP_IR_SUCCESS); |
2211 | put_unaligned(cpu_to_le32(l2cap_feat_mask), (__le32 *) rsp->data); | 2933 | if (enable_ertm) |
2934 | feat_mask |= L2CAP_FEAT_ERTM | L2CAP_FEAT_STREAMING | ||
2935 | | L2CAP_FEAT_FCS; | ||
2936 | put_unaligned_le32(feat_mask, rsp->data); | ||
2212 | l2cap_send_cmd(conn, cmd->ident, | 2937 | l2cap_send_cmd(conn, cmd->ident, |
2213 | L2CAP_INFO_RSP, sizeof(buf), buf); | 2938 | L2CAP_INFO_RSP, sizeof(buf), buf); |
2214 | } else if (type == L2CAP_IT_FIXED_CHAN) { | 2939 | } else if (type == L2CAP_IT_FIXED_CHAN) { |
@@ -2359,9 +3084,374 @@ static inline void l2cap_sig_channel(struct l2cap_conn *conn, struct sk_buff *sk | |||
2359 | kfree_skb(skb); | 3084 | kfree_skb(skb); |
2360 | } | 3085 | } |
2361 | 3086 | ||
3087 | static int l2cap_check_fcs(struct l2cap_pinfo *pi, struct sk_buff *skb) | ||
3088 | { | ||
3089 | u16 our_fcs, rcv_fcs; | ||
3090 | int hdr_size = L2CAP_HDR_SIZE + 2; | ||
3091 | |||
3092 | if (pi->fcs == L2CAP_FCS_CRC16) { | ||
3093 | skb_trim(skb, skb->len - 2); | ||
3094 | rcv_fcs = get_unaligned_le16(skb->data + skb->len); | ||
3095 | our_fcs = crc16(0, skb->data - hdr_size, skb->len + hdr_size); | ||
3096 | |||
3097 | if (our_fcs != rcv_fcs) | ||
3098 | return -EINVAL; | ||
3099 | } | ||
3100 | return 0; | ||
3101 | } | ||
3102 | |||
3103 | static void l2cap_add_to_srej_queue(struct sock *sk, struct sk_buff *skb, u8 tx_seq, u8 sar) | ||
3104 | { | ||
3105 | struct sk_buff *next_skb; | ||
3106 | |||
3107 | bt_cb(skb)->tx_seq = tx_seq; | ||
3108 | bt_cb(skb)->sar = sar; | ||
3109 | |||
3110 | next_skb = skb_peek(SREJ_QUEUE(sk)); | ||
3111 | if (!next_skb) { | ||
3112 | __skb_queue_tail(SREJ_QUEUE(sk), skb); | ||
3113 | return; | ||
3114 | } | ||
3115 | |||
3116 | do { | ||
3117 | if (bt_cb(next_skb)->tx_seq > tx_seq) { | ||
3118 | __skb_queue_before(SREJ_QUEUE(sk), next_skb, skb); | ||
3119 | return; | ||
3120 | } | ||
3121 | |||
3122 | if (skb_queue_is_last(SREJ_QUEUE(sk), next_skb)) | ||
3123 | break; | ||
3124 | |||
3125 | } while((next_skb = skb_queue_next(SREJ_QUEUE(sk), next_skb))); | ||
3126 | |||
3127 | __skb_queue_tail(SREJ_QUEUE(sk), skb); | ||
3128 | } | ||
3129 | |||
3130 | static int l2cap_sar_reassembly_sdu(struct sock *sk, struct sk_buff *skb, u16 control) | ||
3131 | { | ||
3132 | struct l2cap_pinfo *pi = l2cap_pi(sk); | ||
3133 | struct sk_buff *_skb; | ||
3134 | int err = -EINVAL; | ||
3135 | |||
3136 | switch (control & L2CAP_CTRL_SAR) { | ||
3137 | case L2CAP_SDU_UNSEGMENTED: | ||
3138 | if (pi->conn_state & L2CAP_CONN_SAR_SDU) { | ||
3139 | kfree_skb(pi->sdu); | ||
3140 | break; | ||
3141 | } | ||
3142 | |||
3143 | err = sock_queue_rcv_skb(sk, skb); | ||
3144 | if (!err) | ||
3145 | return 0; | ||
3146 | |||
3147 | break; | ||
3148 | |||
3149 | case L2CAP_SDU_START: | ||
3150 | if (pi->conn_state & L2CAP_CONN_SAR_SDU) { | ||
3151 | kfree_skb(pi->sdu); | ||
3152 | break; | ||
3153 | } | ||
3154 | |||
3155 | pi->sdu_len = get_unaligned_le16(skb->data); | ||
3156 | skb_pull(skb, 2); | ||
3157 | |||
3158 | pi->sdu = bt_skb_alloc(pi->sdu_len, GFP_ATOMIC); | ||
3159 | if (!pi->sdu) { | ||
3160 | err = -ENOMEM; | ||
3161 | break; | ||
3162 | } | ||
3163 | |||
3164 | memcpy(skb_put(pi->sdu, skb->len), skb->data, skb->len); | ||
3165 | |||
3166 | pi->conn_state |= L2CAP_CONN_SAR_SDU; | ||
3167 | pi->partial_sdu_len = skb->len; | ||
3168 | err = 0; | ||
3169 | break; | ||
3170 | |||
3171 | case L2CAP_SDU_CONTINUE: | ||
3172 | if (!(pi->conn_state & L2CAP_CONN_SAR_SDU)) | ||
3173 | break; | ||
3174 | |||
3175 | memcpy(skb_put(pi->sdu, skb->len), skb->data, skb->len); | ||
3176 | |||
3177 | pi->partial_sdu_len += skb->len; | ||
3178 | if (pi->partial_sdu_len > pi->sdu_len) | ||
3179 | kfree_skb(pi->sdu); | ||
3180 | else | ||
3181 | err = 0; | ||
3182 | |||
3183 | break; | ||
3184 | |||
3185 | case L2CAP_SDU_END: | ||
3186 | if (!(pi->conn_state & L2CAP_CONN_SAR_SDU)) | ||
3187 | break; | ||
3188 | |||
3189 | memcpy(skb_put(pi->sdu, skb->len), skb->data, skb->len); | ||
3190 | |||
3191 | pi->conn_state &= ~L2CAP_CONN_SAR_SDU; | ||
3192 | pi->partial_sdu_len += skb->len; | ||
3193 | |||
3194 | if (pi->partial_sdu_len == pi->sdu_len) { | ||
3195 | _skb = skb_clone(pi->sdu, GFP_ATOMIC); | ||
3196 | err = sock_queue_rcv_skb(sk, _skb); | ||
3197 | if (err < 0) | ||
3198 | kfree_skb(_skb); | ||
3199 | } | ||
3200 | kfree_skb(pi->sdu); | ||
3201 | err = 0; | ||
3202 | |||
3203 | break; | ||
3204 | } | ||
3205 | |||
3206 | kfree_skb(skb); | ||
3207 | return err; | ||
3208 | } | ||
3209 | |||
3210 | static void l2cap_check_srej_gap(struct sock *sk, u8 tx_seq) | ||
3211 | { | ||
3212 | struct sk_buff *skb; | ||
3213 | u16 control = 0; | ||
3214 | |||
3215 | while((skb = skb_peek(SREJ_QUEUE(sk)))) { | ||
3216 | if (bt_cb(skb)->tx_seq != tx_seq) | ||
3217 | break; | ||
3218 | |||
3219 | skb = skb_dequeue(SREJ_QUEUE(sk)); | ||
3220 | control |= bt_cb(skb)->sar << L2CAP_CTRL_SAR_SHIFT; | ||
3221 | l2cap_sar_reassembly_sdu(sk, skb, control); | ||
3222 | l2cap_pi(sk)->buffer_seq_srej = | ||
3223 | (l2cap_pi(sk)->buffer_seq_srej + 1) % 64; | ||
3224 | tx_seq++; | ||
3225 | } | ||
3226 | } | ||
3227 | |||
3228 | static void l2cap_resend_srejframe(struct sock *sk, u8 tx_seq) | ||
3229 | { | ||
3230 | struct l2cap_pinfo *pi = l2cap_pi(sk); | ||
3231 | struct srej_list *l, *tmp; | ||
3232 | u16 control; | ||
3233 | |||
3234 | list_for_each_entry_safe(l,tmp, SREJ_LIST(sk), list) { | ||
3235 | if (l->tx_seq == tx_seq) { | ||
3236 | list_del(&l->list); | ||
3237 | kfree(l); | ||
3238 | return; | ||
3239 | } | ||
3240 | control = L2CAP_SUPER_SELECT_REJECT; | ||
3241 | control |= l->tx_seq << L2CAP_CTRL_REQSEQ_SHIFT; | ||
3242 | l2cap_send_sframe(pi, control); | ||
3243 | list_del(&l->list); | ||
3244 | list_add_tail(&l->list, SREJ_LIST(sk)); | ||
3245 | } | ||
3246 | } | ||
3247 | |||
3248 | static void l2cap_send_srejframe(struct sock *sk, u8 tx_seq) | ||
3249 | { | ||
3250 | struct l2cap_pinfo *pi = l2cap_pi(sk); | ||
3251 | struct srej_list *new; | ||
3252 | u16 control; | ||
3253 | |||
3254 | while (tx_seq != pi->expected_tx_seq) { | ||
3255 | control = L2CAP_SUPER_SELECT_REJECT; | ||
3256 | control |= pi->expected_tx_seq << L2CAP_CTRL_REQSEQ_SHIFT; | ||
3257 | if (pi->conn_state & L2CAP_CONN_SEND_PBIT) { | ||
3258 | control |= L2CAP_CTRL_POLL; | ||
3259 | pi->conn_state &= ~L2CAP_CONN_SEND_PBIT; | ||
3260 | } | ||
3261 | l2cap_send_sframe(pi, control); | ||
3262 | |||
3263 | new = kzalloc(sizeof(struct srej_list), GFP_ATOMIC); | ||
3264 | new->tx_seq = pi->expected_tx_seq++; | ||
3265 | list_add_tail(&new->list, SREJ_LIST(sk)); | ||
3266 | } | ||
3267 | pi->expected_tx_seq++; | ||
3268 | } | ||
3269 | |||
3270 | static inline int l2cap_data_channel_iframe(struct sock *sk, u16 rx_control, struct sk_buff *skb) | ||
3271 | { | ||
3272 | struct l2cap_pinfo *pi = l2cap_pi(sk); | ||
3273 | u8 tx_seq = __get_txseq(rx_control); | ||
3274 | u16 tx_control = 0; | ||
3275 | u8 sar = rx_control >> L2CAP_CTRL_SAR_SHIFT; | ||
3276 | int err = 0; | ||
3277 | |||
3278 | BT_DBG("sk %p rx_control 0x%4.4x len %d", sk, rx_control, skb->len); | ||
3279 | |||
3280 | if (tx_seq == pi->expected_tx_seq) | ||
3281 | goto expected; | ||
3282 | |||
3283 | if (pi->conn_state & L2CAP_CONN_SREJ_SENT) { | ||
3284 | struct srej_list *first; | ||
3285 | |||
3286 | first = list_first_entry(SREJ_LIST(sk), | ||
3287 | struct srej_list, list); | ||
3288 | if (tx_seq == first->tx_seq) { | ||
3289 | l2cap_add_to_srej_queue(sk, skb, tx_seq, sar); | ||
3290 | l2cap_check_srej_gap(sk, tx_seq); | ||
3291 | |||
3292 | list_del(&first->list); | ||
3293 | kfree(first); | ||
3294 | |||
3295 | if (list_empty(SREJ_LIST(sk))) { | ||
3296 | pi->buffer_seq = pi->buffer_seq_srej; | ||
3297 | pi->conn_state &= ~L2CAP_CONN_SREJ_SENT; | ||
3298 | } | ||
3299 | } else { | ||
3300 | struct srej_list *l; | ||
3301 | l2cap_add_to_srej_queue(sk, skb, tx_seq, sar); | ||
3302 | |||
3303 | list_for_each_entry(l, SREJ_LIST(sk), list) { | ||
3304 | if (l->tx_seq == tx_seq) { | ||
3305 | l2cap_resend_srejframe(sk, tx_seq); | ||
3306 | return 0; | ||
3307 | } | ||
3308 | } | ||
3309 | l2cap_send_srejframe(sk, tx_seq); | ||
3310 | } | ||
3311 | } else { | ||
3312 | pi->conn_state |= L2CAP_CONN_SREJ_SENT; | ||
3313 | |||
3314 | INIT_LIST_HEAD(SREJ_LIST(sk)); | ||
3315 | pi->buffer_seq_srej = pi->buffer_seq; | ||
3316 | |||
3317 | __skb_queue_head_init(SREJ_QUEUE(sk)); | ||
3318 | l2cap_add_to_srej_queue(sk, skb, tx_seq, sar); | ||
3319 | |||
3320 | pi->conn_state |= L2CAP_CONN_SEND_PBIT; | ||
3321 | |||
3322 | l2cap_send_srejframe(sk, tx_seq); | ||
3323 | } | ||
3324 | return 0; | ||
3325 | |||
3326 | expected: | ||
3327 | pi->expected_tx_seq = (pi->expected_tx_seq + 1) % 64; | ||
3328 | |||
3329 | if (pi->conn_state & L2CAP_CONN_SREJ_SENT) { | ||
3330 | l2cap_add_to_srej_queue(sk, skb, tx_seq, sar); | ||
3331 | return 0; | ||
3332 | } | ||
3333 | |||
3334 | pi->buffer_seq = (pi->buffer_seq + 1) % 64; | ||
3335 | |||
3336 | err = l2cap_sar_reassembly_sdu(sk, skb, rx_control); | ||
3337 | if (err < 0) | ||
3338 | return err; | ||
3339 | |||
3340 | pi->num_to_ack = (pi->num_to_ack + 1) % L2CAP_DEFAULT_NUM_TO_ACK; | ||
3341 | if (pi->num_to_ack == L2CAP_DEFAULT_NUM_TO_ACK - 1) { | ||
3342 | tx_control |= L2CAP_SUPER_RCV_READY; | ||
3343 | tx_control |= pi->buffer_seq << L2CAP_CTRL_REQSEQ_SHIFT; | ||
3344 | l2cap_send_sframe(pi, tx_control); | ||
3345 | } | ||
3346 | return 0; | ||
3347 | } | ||
3348 | |||
3349 | static inline int l2cap_data_channel_sframe(struct sock *sk, u16 rx_control, struct sk_buff *skb) | ||
3350 | { | ||
3351 | struct l2cap_pinfo *pi = l2cap_pi(sk); | ||
3352 | u8 tx_seq = __get_reqseq(rx_control); | ||
3353 | |||
3354 | BT_DBG("sk %p rx_control 0x%4.4x len %d", sk, rx_control, skb->len); | ||
3355 | |||
3356 | switch (rx_control & L2CAP_CTRL_SUPERVISE) { | ||
3357 | case L2CAP_SUPER_RCV_READY: | ||
3358 | if (rx_control & L2CAP_CTRL_POLL) { | ||
3359 | u16 control = L2CAP_CTRL_FINAL; | ||
3360 | control |= L2CAP_SUPER_RCV_READY | | ||
3361 | (pi->buffer_seq << L2CAP_CTRL_REQSEQ_SHIFT); | ||
3362 | l2cap_send_sframe(l2cap_pi(sk), control); | ||
3363 | pi->conn_state &= ~L2CAP_CONN_REMOTE_BUSY; | ||
3364 | |||
3365 | } else if (rx_control & L2CAP_CTRL_FINAL) { | ||
3366 | pi->conn_state &= ~L2CAP_CONN_REMOTE_BUSY; | ||
3367 | pi->expected_ack_seq = tx_seq; | ||
3368 | l2cap_drop_acked_frames(sk); | ||
3369 | |||
3370 | if (!(pi->conn_state & L2CAP_CONN_WAIT_F)) | ||
3371 | break; | ||
3372 | |||
3373 | pi->conn_state &= ~L2CAP_CONN_WAIT_F; | ||
3374 | del_timer(&pi->monitor_timer); | ||
3375 | |||
3376 | if (pi->unacked_frames > 0) | ||
3377 | __mod_retrans_timer(); | ||
3378 | } else { | ||
3379 | pi->expected_ack_seq = tx_seq; | ||
3380 | l2cap_drop_acked_frames(sk); | ||
3381 | |||
3382 | if ((pi->conn_state & L2CAP_CONN_REMOTE_BUSY) | ||
3383 | && (pi->unacked_frames > 0)) | ||
3384 | __mod_retrans_timer(); | ||
3385 | |||
3386 | l2cap_ertm_send(sk); | ||
3387 | pi->conn_state &= ~L2CAP_CONN_REMOTE_BUSY; | ||
3388 | } | ||
3389 | break; | ||
3390 | |||
3391 | case L2CAP_SUPER_REJECT: | ||
3392 | pi->conn_state &= ~L2CAP_CONN_REMOTE_BUSY; | ||
3393 | |||
3394 | pi->expected_ack_seq = __get_reqseq(rx_control); | ||
3395 | l2cap_drop_acked_frames(sk); | ||
3396 | |||
3397 | sk->sk_send_head = TX_QUEUE(sk)->next; | ||
3398 | pi->next_tx_seq = pi->expected_ack_seq; | ||
3399 | |||
3400 | l2cap_ertm_send(sk); | ||
3401 | |||
3402 | break; | ||
3403 | |||
3404 | case L2CAP_SUPER_SELECT_REJECT: | ||
3405 | pi->conn_state &= ~L2CAP_CONN_REMOTE_BUSY; | ||
3406 | |||
3407 | if (rx_control & L2CAP_CTRL_POLL) { | ||
3408 | l2cap_retransmit_frame(sk, tx_seq); | ||
3409 | pi->expected_ack_seq = tx_seq; | ||
3410 | l2cap_drop_acked_frames(sk); | ||
3411 | l2cap_ertm_send(sk); | ||
3412 | if (pi->conn_state & L2CAP_CONN_WAIT_F) { | ||
3413 | pi->srej_save_reqseq = tx_seq; | ||
3414 | pi->conn_state |= L2CAP_CONN_SREJ_ACT; | ||
3415 | } | ||
3416 | } else if (rx_control & L2CAP_CTRL_FINAL) { | ||
3417 | if ((pi->conn_state & L2CAP_CONN_SREJ_ACT) && | ||
3418 | pi->srej_save_reqseq == tx_seq) | ||
3419 | pi->srej_save_reqseq &= ~L2CAP_CONN_SREJ_ACT; | ||
3420 | else | ||
3421 | l2cap_retransmit_frame(sk, tx_seq); | ||
3422 | } | ||
3423 | else { | ||
3424 | l2cap_retransmit_frame(sk, tx_seq); | ||
3425 | if (pi->conn_state & L2CAP_CONN_WAIT_F) { | ||
3426 | pi->srej_save_reqseq = tx_seq; | ||
3427 | pi->conn_state |= L2CAP_CONN_SREJ_ACT; | ||
3428 | } | ||
3429 | } | ||
3430 | break; | ||
3431 | |||
3432 | case L2CAP_SUPER_RCV_NOT_READY: | ||
3433 | pi->conn_state |= L2CAP_CONN_REMOTE_BUSY; | ||
3434 | pi->expected_ack_seq = tx_seq; | ||
3435 | l2cap_drop_acked_frames(sk); | ||
3436 | |||
3437 | del_timer(&l2cap_pi(sk)->retrans_timer); | ||
3438 | if (rx_control & L2CAP_CTRL_POLL) { | ||
3439 | u16 control = L2CAP_CTRL_FINAL; | ||
3440 | l2cap_send_rr_or_rnr(l2cap_pi(sk), control); | ||
3441 | } | ||
3442 | break; | ||
3443 | } | ||
3444 | |||
3445 | return 0; | ||
3446 | } | ||
3447 | |||
2362 | static inline int l2cap_data_channel(struct l2cap_conn *conn, u16 cid, struct sk_buff *skb) | 3448 | static inline int l2cap_data_channel(struct l2cap_conn *conn, u16 cid, struct sk_buff *skb) |
2363 | { | 3449 | { |
2364 | struct sock *sk; | 3450 | struct sock *sk; |
3451 | struct l2cap_pinfo *pi; | ||
3452 | u16 control, len; | ||
3453 | u8 tx_seq; | ||
3454 | int err; | ||
2365 | 3455 | ||
2366 | sk = l2cap_get_chan_by_scid(&conn->chan_list, cid); | 3456 | sk = l2cap_get_chan_by_scid(&conn->chan_list, cid); |
2367 | if (!sk) { | 3457 | if (!sk) { |
@@ -2369,22 +3459,91 @@ static inline int l2cap_data_channel(struct l2cap_conn *conn, u16 cid, struct sk | |||
2369 | goto drop; | 3459 | goto drop; |
2370 | } | 3460 | } |
2371 | 3461 | ||
3462 | pi = l2cap_pi(sk); | ||
3463 | |||
2372 | BT_DBG("sk %p, len %d", sk, skb->len); | 3464 | BT_DBG("sk %p, len %d", sk, skb->len); |
2373 | 3465 | ||
2374 | if (sk->sk_state != BT_CONNECTED) | 3466 | if (sk->sk_state != BT_CONNECTED) |
2375 | goto drop; | 3467 | goto drop; |
2376 | 3468 | ||
2377 | if (l2cap_pi(sk)->imtu < skb->len) | 3469 | switch (pi->mode) { |
2378 | goto drop; | 3470 | case L2CAP_MODE_BASIC: |
3471 | /* If socket recv buffers overflows we drop data here | ||
3472 | * which is *bad* because L2CAP has to be reliable. | ||
3473 | * But we don't have any other choice. L2CAP doesn't | ||
3474 | * provide flow control mechanism. */ | ||
2379 | 3475 | ||
2380 | /* If socket recv buffers overflows we drop data here | 3476 | if (pi->imtu < skb->len) |
2381 | * which is *bad* because L2CAP has to be reliable. | 3477 | goto drop; |
2382 | * But we don't have any other choice. L2CAP doesn't | 3478 | |
2383 | * provide flow control mechanism. */ | 3479 | if (!sock_queue_rcv_skb(sk, skb)) |
3480 | goto done; | ||
3481 | break; | ||
3482 | |||
3483 | case L2CAP_MODE_ERTM: | ||
3484 | control = get_unaligned_le16(skb->data); | ||
3485 | skb_pull(skb, 2); | ||
3486 | len = skb->len; | ||
3487 | |||
3488 | if (__is_sar_start(control)) | ||
3489 | len -= 2; | ||
3490 | |||
3491 | if (pi->fcs == L2CAP_FCS_CRC16) | ||
3492 | len -= 2; | ||
3493 | |||
3494 | /* | ||
3495 | * We can just drop the corrupted I-frame here. | ||
3496 | * Receiver will miss it and start proper recovery | ||
3497 | * procedures and ask retransmission. | ||
3498 | */ | ||
3499 | if (len > L2CAP_DEFAULT_MAX_PDU_SIZE) | ||
3500 | goto drop; | ||
3501 | |||
3502 | if (l2cap_check_fcs(pi, skb)) | ||
3503 | goto drop; | ||
3504 | |||
3505 | if (__is_iframe(control)) | ||
3506 | err = l2cap_data_channel_iframe(sk, control, skb); | ||
3507 | else | ||
3508 | err = l2cap_data_channel_sframe(sk, control, skb); | ||
3509 | |||
3510 | if (!err) | ||
3511 | goto done; | ||
3512 | break; | ||
3513 | |||
3514 | case L2CAP_MODE_STREAMING: | ||
3515 | control = get_unaligned_le16(skb->data); | ||
3516 | skb_pull(skb, 2); | ||
3517 | len = skb->len; | ||
3518 | |||
3519 | if (__is_sar_start(control)) | ||
3520 | len -= 2; | ||
3521 | |||
3522 | if (pi->fcs == L2CAP_FCS_CRC16) | ||
3523 | len -= 2; | ||
3524 | |||
3525 | if (len > L2CAP_DEFAULT_MAX_PDU_SIZE || __is_sframe(control)) | ||
3526 | goto drop; | ||
3527 | |||
3528 | if (l2cap_check_fcs(pi, skb)) | ||
3529 | goto drop; | ||
3530 | |||
3531 | tx_seq = __get_txseq(control); | ||
3532 | |||
3533 | if (pi->expected_tx_seq == tx_seq) | ||
3534 | pi->expected_tx_seq = (pi->expected_tx_seq + 1) % 64; | ||
3535 | else | ||
3536 | pi->expected_tx_seq = tx_seq + 1; | ||
3537 | |||
3538 | err = l2cap_sar_reassembly_sdu(sk, skb, control); | ||
2384 | 3539 | ||
2385 | if (!sock_queue_rcv_skb(sk, skb)) | ||
2386 | goto done; | 3540 | goto done; |
2387 | 3541 | ||
3542 | default: | ||
3543 | BT_DBG("sk %p: bad mode 0x%2.2x", sk, l2cap_pi(sk)->mode); | ||
3544 | break; | ||
3545 | } | ||
3546 | |||
2388 | drop: | 3547 | drop: |
2389 | kfree_skb(skb); | 3548 | kfree_skb(skb); |
2390 | 3549 | ||
@@ -2433,6 +3592,11 @@ static void l2cap_recv_frame(struct l2cap_conn *conn, struct sk_buff *skb) | |||
2433 | cid = __le16_to_cpu(lh->cid); | 3592 | cid = __le16_to_cpu(lh->cid); |
2434 | len = __le16_to_cpu(lh->len); | 3593 | len = __le16_to_cpu(lh->len); |
2435 | 3594 | ||
3595 | if (len != skb->len) { | ||
3596 | kfree_skb(skb); | ||
3597 | return; | ||
3598 | } | ||
3599 | |||
2436 | BT_DBG("len %d, cid 0x%4.4x", len, cid); | 3600 | BT_DBG("len %d, cid 0x%4.4x", len, cid); |
2437 | 3601 | ||
2438 | switch (cid) { | 3602 | switch (cid) { |
@@ -2441,7 +3605,7 @@ static void l2cap_recv_frame(struct l2cap_conn *conn, struct sk_buff *skb) | |||
2441 | break; | 3605 | break; |
2442 | 3606 | ||
2443 | case L2CAP_CID_CONN_LESS: | 3607 | case L2CAP_CID_CONN_LESS: |
2444 | psm = get_unaligned((__le16 *) skb->data); | 3608 | psm = get_unaligned_le16(skb->data); |
2445 | skb_pull(skb, 2); | 3609 | skb_pull(skb, 2); |
2446 | l2cap_conless_channel(conn, psm, skb); | 3610 | l2cap_conless_channel(conn, psm, skb); |
2447 | break; | 3611 | break; |
@@ -2828,6 +3992,9 @@ EXPORT_SYMBOL(l2cap_load); | |||
2828 | module_init(l2cap_init); | 3992 | module_init(l2cap_init); |
2829 | module_exit(l2cap_exit); | 3993 | module_exit(l2cap_exit); |
2830 | 3994 | ||
3995 | module_param(enable_ertm, bool, 0644); | ||
3996 | MODULE_PARM_DESC(enable_ertm, "Enable enhanced retransmission mode"); | ||
3997 | |||
2831 | MODULE_AUTHOR("Marcel Holtmann <marcel@holtmann.org>"); | 3998 | MODULE_AUTHOR("Marcel Holtmann <marcel@holtmann.org>"); |
2832 | MODULE_DESCRIPTION("Bluetooth L2CAP ver " VERSION); | 3999 | MODULE_DESCRIPTION("Bluetooth L2CAP ver " VERSION); |
2833 | MODULE_VERSION(VERSION); | 4000 | MODULE_VERSION(VERSION); |
diff --git a/net/bluetooth/rfcomm/core.c b/net/bluetooth/rfcomm/core.c index 94b3388c188b..25692bc0a342 100644 --- a/net/bluetooth/rfcomm/core.c +++ b/net/bluetooth/rfcomm/core.c | |||
@@ -244,6 +244,33 @@ static inline int rfcomm_check_security(struct rfcomm_dlc *d) | |||
244 | auth_type); | 244 | auth_type); |
245 | } | 245 | } |
246 | 246 | ||
247 | static void rfcomm_session_timeout(unsigned long arg) | ||
248 | { | ||
249 | struct rfcomm_session *s = (void *) arg; | ||
250 | |||
251 | BT_DBG("session %p state %ld", s, s->state); | ||
252 | |||
253 | set_bit(RFCOMM_TIMED_OUT, &s->flags); | ||
254 | rfcomm_session_put(s); | ||
255 | rfcomm_schedule(RFCOMM_SCHED_TIMEO); | ||
256 | } | ||
257 | |||
258 | static void rfcomm_session_set_timer(struct rfcomm_session *s, long timeout) | ||
259 | { | ||
260 | BT_DBG("session %p state %ld timeout %ld", s, s->state, timeout); | ||
261 | |||
262 | if (!mod_timer(&s->timer, jiffies + timeout)) | ||
263 | rfcomm_session_hold(s); | ||
264 | } | ||
265 | |||
266 | static void rfcomm_session_clear_timer(struct rfcomm_session *s) | ||
267 | { | ||
268 | BT_DBG("session %p state %ld", s, s->state); | ||
269 | |||
270 | if (timer_pending(&s->timer) && del_timer(&s->timer)) | ||
271 | rfcomm_session_put(s); | ||
272 | } | ||
273 | |||
247 | /* ---- RFCOMM DLCs ---- */ | 274 | /* ---- RFCOMM DLCs ---- */ |
248 | static void rfcomm_dlc_timeout(unsigned long arg) | 275 | static void rfcomm_dlc_timeout(unsigned long arg) |
249 | { | 276 | { |
@@ -320,6 +347,7 @@ static void rfcomm_dlc_link(struct rfcomm_session *s, struct rfcomm_dlc *d) | |||
320 | 347 | ||
321 | rfcomm_session_hold(s); | 348 | rfcomm_session_hold(s); |
322 | 349 | ||
350 | rfcomm_session_clear_timer(s); | ||
323 | rfcomm_dlc_hold(d); | 351 | rfcomm_dlc_hold(d); |
324 | list_add(&d->list, &s->dlcs); | 352 | list_add(&d->list, &s->dlcs); |
325 | d->session = s; | 353 | d->session = s; |
@@ -335,6 +363,9 @@ static void rfcomm_dlc_unlink(struct rfcomm_dlc *d) | |||
335 | d->session = NULL; | 363 | d->session = NULL; |
336 | rfcomm_dlc_put(d); | 364 | rfcomm_dlc_put(d); |
337 | 365 | ||
366 | if (list_empty(&s->dlcs)) | ||
367 | rfcomm_session_set_timer(s, RFCOMM_IDLE_TIMEOUT); | ||
368 | |||
338 | rfcomm_session_put(s); | 369 | rfcomm_session_put(s); |
339 | } | 370 | } |
340 | 371 | ||
@@ -567,6 +598,8 @@ static struct rfcomm_session *rfcomm_session_add(struct socket *sock, int state) | |||
567 | 598 | ||
568 | BT_DBG("session %p sock %p", s, sock); | 599 | BT_DBG("session %p sock %p", s, sock); |
569 | 600 | ||
601 | setup_timer(&s->timer, rfcomm_session_timeout, (unsigned long) s); | ||
602 | |||
570 | INIT_LIST_HEAD(&s->dlcs); | 603 | INIT_LIST_HEAD(&s->dlcs); |
571 | s->state = state; | 604 | s->state = state; |
572 | s->sock = sock; | 605 | s->sock = sock; |
@@ -598,6 +631,7 @@ static void rfcomm_session_del(struct rfcomm_session *s) | |||
598 | if (state == BT_CONNECTED) | 631 | if (state == BT_CONNECTED) |
599 | rfcomm_send_disc(s, 0); | 632 | rfcomm_send_disc(s, 0); |
600 | 633 | ||
634 | rfcomm_session_clear_timer(s); | ||
601 | sock_release(s->sock); | 635 | sock_release(s->sock); |
602 | kfree(s); | 636 | kfree(s); |
603 | 637 | ||
@@ -639,6 +673,7 @@ static void rfcomm_session_close(struct rfcomm_session *s, int err) | |||
639 | __rfcomm_dlc_close(d, err); | 673 | __rfcomm_dlc_close(d, err); |
640 | } | 674 | } |
641 | 675 | ||
676 | rfcomm_session_clear_timer(s); | ||
642 | rfcomm_session_put(s); | 677 | rfcomm_session_put(s); |
643 | } | 678 | } |
644 | 679 | ||
@@ -1879,6 +1914,12 @@ static inline void rfcomm_process_sessions(void) | |||
1879 | struct rfcomm_session *s; | 1914 | struct rfcomm_session *s; |
1880 | s = list_entry(p, struct rfcomm_session, list); | 1915 | s = list_entry(p, struct rfcomm_session, list); |
1881 | 1916 | ||
1917 | if (test_and_clear_bit(RFCOMM_TIMED_OUT, &s->flags)) { | ||
1918 | s->state = BT_DISCONN; | ||
1919 | rfcomm_send_disc(s, 0); | ||
1920 | continue; | ||
1921 | } | ||
1922 | |||
1882 | if (s->state == BT_LISTEN) { | 1923 | if (s->state == BT_LISTEN) { |
1883 | rfcomm_accept_connection(s); | 1924 | rfcomm_accept_connection(s); |
1884 | continue; | 1925 | continue; |
@@ -2080,7 +2121,7 @@ static CLASS_ATTR(rfcomm_dlc, S_IRUGO, rfcomm_dlc_sysfs_show, NULL); | |||
2080 | /* ---- Initialization ---- */ | 2121 | /* ---- Initialization ---- */ |
2081 | static int __init rfcomm_init(void) | 2122 | static int __init rfcomm_init(void) |
2082 | { | 2123 | { |
2083 | int ret; | 2124 | int err; |
2084 | 2125 | ||
2085 | l2cap_load(); | 2126 | l2cap_load(); |
2086 | 2127 | ||
@@ -2088,33 +2129,35 @@ static int __init rfcomm_init(void) | |||
2088 | 2129 | ||
2089 | rfcomm_thread = kthread_run(rfcomm_run, NULL, "krfcommd"); | 2130 | rfcomm_thread = kthread_run(rfcomm_run, NULL, "krfcommd"); |
2090 | if (IS_ERR(rfcomm_thread)) { | 2131 | if (IS_ERR(rfcomm_thread)) { |
2091 | ret = PTR_ERR(rfcomm_thread); | 2132 | err = PTR_ERR(rfcomm_thread); |
2092 | goto out_thread; | 2133 | goto unregister; |
2093 | } | 2134 | } |
2094 | 2135 | ||
2095 | if (class_create_file(bt_class, &class_attr_rfcomm_dlc) < 0) | 2136 | if (class_create_file(bt_class, &class_attr_rfcomm_dlc) < 0) |
2096 | BT_ERR("Failed to create RFCOMM info file"); | 2137 | BT_ERR("Failed to create RFCOMM info file"); |
2097 | 2138 | ||
2098 | ret = rfcomm_init_ttys(); | 2139 | err = rfcomm_init_ttys(); |
2099 | if (ret) | 2140 | if (err < 0) |
2100 | goto out_tty; | 2141 | goto stop; |
2101 | 2142 | ||
2102 | ret = rfcomm_init_sockets(); | 2143 | err = rfcomm_init_sockets(); |
2103 | if (ret) | 2144 | if (err < 0) |
2104 | goto out_sock; | 2145 | goto cleanup; |
2105 | 2146 | ||
2106 | BT_INFO("RFCOMM ver %s", VERSION); | 2147 | BT_INFO("RFCOMM ver %s", VERSION); |
2107 | 2148 | ||
2108 | return 0; | 2149 | return 0; |
2109 | 2150 | ||
2110 | out_sock: | 2151 | cleanup: |
2111 | rfcomm_cleanup_ttys(); | 2152 | rfcomm_cleanup_ttys(); |
2112 | out_tty: | 2153 | |
2154 | stop: | ||
2113 | kthread_stop(rfcomm_thread); | 2155 | kthread_stop(rfcomm_thread); |
2114 | out_thread: | 2156 | |
2157 | unregister: | ||
2115 | hci_unregister_cb(&rfcomm_cb); | 2158 | hci_unregister_cb(&rfcomm_cb); |
2116 | 2159 | ||
2117 | return ret; | 2160 | return err; |
2118 | } | 2161 | } |
2119 | 2162 | ||
2120 | static void __exit rfcomm_exit(void) | 2163 | static void __exit rfcomm_exit(void) |
diff --git a/net/bluetooth/sco.c b/net/bluetooth/sco.c index 51ae0c3e470a..13c27f17192c 100644 --- a/net/bluetooth/sco.c +++ b/net/bluetooth/sco.c | |||
@@ -359,20 +359,9 @@ static void sco_sock_kill(struct sock *sk) | |||
359 | sock_put(sk); | 359 | sock_put(sk); |
360 | } | 360 | } |
361 | 361 | ||
362 | /* Close socket. | 362 | static void __sco_sock_close(struct sock *sk) |
363 | * Must be called on unlocked socket. | ||
364 | */ | ||
365 | static void sco_sock_close(struct sock *sk) | ||
366 | { | 363 | { |
367 | struct sco_conn *conn; | 364 | BT_DBG("sk %p state %d socket %p", sk, sk->sk_state, sk->sk_socket); |
368 | |||
369 | sco_sock_clear_timer(sk); | ||
370 | |||
371 | lock_sock(sk); | ||
372 | |||
373 | conn = sco_pi(sk)->conn; | ||
374 | |||
375 | BT_DBG("sk %p state %d conn %p socket %p", sk, sk->sk_state, conn, sk->sk_socket); | ||
376 | 365 | ||
377 | switch (sk->sk_state) { | 366 | switch (sk->sk_state) { |
378 | case BT_LISTEN: | 367 | case BT_LISTEN: |
@@ -390,9 +379,15 @@ static void sco_sock_close(struct sock *sk) | |||
390 | sock_set_flag(sk, SOCK_ZAPPED); | 379 | sock_set_flag(sk, SOCK_ZAPPED); |
391 | break; | 380 | break; |
392 | } | 381 | } |
382 | } | ||
393 | 383 | ||
384 | /* Must be called on unlocked socket. */ | ||
385 | static void sco_sock_close(struct sock *sk) | ||
386 | { | ||
387 | sco_sock_clear_timer(sk); | ||
388 | lock_sock(sk); | ||
389 | __sco_sock_close(sk); | ||
394 | release_sock(sk); | 390 | release_sock(sk); |
395 | |||
396 | sco_sock_kill(sk); | 391 | sco_sock_kill(sk); |
397 | } | 392 | } |
398 | 393 | ||
@@ -748,6 +743,30 @@ static int sco_sock_getsockopt(struct socket *sock, int level, int optname, char | |||
748 | return err; | 743 | return err; |
749 | } | 744 | } |
750 | 745 | ||
746 | static int sco_sock_shutdown(struct socket *sock, int how) | ||
747 | { | ||
748 | struct sock *sk = sock->sk; | ||
749 | int err = 0; | ||
750 | |||
751 | BT_DBG("sock %p, sk %p", sock, sk); | ||
752 | |||
753 | if (!sk) | ||
754 | return 0; | ||
755 | |||
756 | lock_sock(sk); | ||
757 | if (!sk->sk_shutdown) { | ||
758 | sk->sk_shutdown = SHUTDOWN_MASK; | ||
759 | sco_sock_clear_timer(sk); | ||
760 | __sco_sock_close(sk); | ||
761 | |||
762 | if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime) | ||
763 | err = bt_sock_wait_state(sk, BT_CLOSED, | ||
764 | sk->sk_lingertime); | ||
765 | } | ||
766 | release_sock(sk); | ||
767 | return err; | ||
768 | } | ||
769 | |||
751 | static int sco_sock_release(struct socket *sock) | 770 | static int sco_sock_release(struct socket *sock) |
752 | { | 771 | { |
753 | struct sock *sk = sock->sk; | 772 | struct sock *sk = sock->sk; |
@@ -969,7 +988,7 @@ static const struct proto_ops sco_sock_ops = { | |||
969 | .ioctl = bt_sock_ioctl, | 988 | .ioctl = bt_sock_ioctl, |
970 | .mmap = sock_no_mmap, | 989 | .mmap = sock_no_mmap, |
971 | .socketpair = sock_no_socketpair, | 990 | .socketpair = sock_no_socketpair, |
972 | .shutdown = sock_no_shutdown, | 991 | .shutdown = sco_sock_shutdown, |
973 | .setsockopt = sco_sock_setsockopt, | 992 | .setsockopt = sco_sock_setsockopt, |
974 | .getsockopt = sco_sock_getsockopt | 993 | .getsockopt = sco_sock_getsockopt |
975 | }; | 994 | }; |