diff options
Diffstat (limited to 'net/bluetooth')
-rw-r--r-- | net/bluetooth/af_bluetooth.c | 114 | ||||
-rw-r--r-- | net/bluetooth/cmtp/core.c | 6 | ||||
-rw-r--r-- | net/bluetooth/hci_core.c | 1 | ||||
-rw-r--r-- | net/bluetooth/hci_sysfs.c | 21 | ||||
-rw-r--r-- | net/bluetooth/hidp/core.c | 8 | ||||
-rw-r--r-- | net/bluetooth/l2cap.c | 60 | ||||
-rw-r--r-- | net/bluetooth/lib.c | 4 | ||||
-rw-r--r-- | net/bluetooth/rfcomm/core.c | 43 | ||||
-rw-r--r-- | net/bluetooth/rfcomm/sock.c | 104 | ||||
-rw-r--r-- | net/bluetooth/rfcomm/tty.c | 4 |
10 files changed, 199 insertions, 166 deletions
diff --git a/net/bluetooth/af_bluetooth.c b/net/bluetooth/af_bluetooth.c index 421c45bd1b95..c4cf3f595004 100644 --- a/net/bluetooth/af_bluetooth.c +++ b/net/bluetooth/af_bluetooth.c | |||
@@ -265,6 +265,115 @@ int bt_sock_recvmsg(struct kiocb *iocb, struct socket *sock, | |||
265 | } | 265 | } |
266 | EXPORT_SYMBOL(bt_sock_recvmsg); | 266 | EXPORT_SYMBOL(bt_sock_recvmsg); |
267 | 267 | ||
268 | static long bt_sock_data_wait(struct sock *sk, long timeo) | ||
269 | { | ||
270 | DECLARE_WAITQUEUE(wait, current); | ||
271 | |||
272 | add_wait_queue(sk_sleep(sk), &wait); | ||
273 | for (;;) { | ||
274 | set_current_state(TASK_INTERRUPTIBLE); | ||
275 | |||
276 | if (!skb_queue_empty(&sk->sk_receive_queue)) | ||
277 | break; | ||
278 | |||
279 | if (sk->sk_err || (sk->sk_shutdown & RCV_SHUTDOWN)) | ||
280 | break; | ||
281 | |||
282 | if (signal_pending(current) || !timeo) | ||
283 | break; | ||
284 | |||
285 | set_bit(SOCK_ASYNC_WAITDATA, &sk->sk_socket->flags); | ||
286 | release_sock(sk); | ||
287 | timeo = schedule_timeout(timeo); | ||
288 | lock_sock(sk); | ||
289 | clear_bit(SOCK_ASYNC_WAITDATA, &sk->sk_socket->flags); | ||
290 | } | ||
291 | |||
292 | __set_current_state(TASK_RUNNING); | ||
293 | remove_wait_queue(sk_sleep(sk), &wait); | ||
294 | return timeo; | ||
295 | } | ||
296 | |||
297 | int bt_sock_stream_recvmsg(struct kiocb *iocb, struct socket *sock, | ||
298 | struct msghdr *msg, size_t size, int flags) | ||
299 | { | ||
300 | struct sock *sk = sock->sk; | ||
301 | int err = 0; | ||
302 | size_t target, copied = 0; | ||
303 | long timeo; | ||
304 | |||
305 | if (flags & MSG_OOB) | ||
306 | return -EOPNOTSUPP; | ||
307 | |||
308 | msg->msg_namelen = 0; | ||
309 | |||
310 | BT_DBG("sk %p size %zu", sk, size); | ||
311 | |||
312 | lock_sock(sk); | ||
313 | |||
314 | target = sock_rcvlowat(sk, flags & MSG_WAITALL, size); | ||
315 | timeo = sock_rcvtimeo(sk, flags & MSG_DONTWAIT); | ||
316 | |||
317 | do { | ||
318 | struct sk_buff *skb; | ||
319 | int chunk; | ||
320 | |||
321 | skb = skb_dequeue(&sk->sk_receive_queue); | ||
322 | if (!skb) { | ||
323 | if (copied >= target) | ||
324 | break; | ||
325 | |||
326 | if ((err = sock_error(sk)) != 0) | ||
327 | break; | ||
328 | if (sk->sk_shutdown & RCV_SHUTDOWN) | ||
329 | break; | ||
330 | |||
331 | err = -EAGAIN; | ||
332 | if (!timeo) | ||
333 | break; | ||
334 | |||
335 | timeo = bt_sock_data_wait(sk, timeo); | ||
336 | |||
337 | if (signal_pending(current)) { | ||
338 | err = sock_intr_errno(timeo); | ||
339 | goto out; | ||
340 | } | ||
341 | continue; | ||
342 | } | ||
343 | |||
344 | chunk = min_t(unsigned int, skb->len, size); | ||
345 | if (memcpy_toiovec(msg->msg_iov, skb->data, chunk)) { | ||
346 | skb_queue_head(&sk->sk_receive_queue, skb); | ||
347 | if (!copied) | ||
348 | copied = -EFAULT; | ||
349 | break; | ||
350 | } | ||
351 | copied += chunk; | ||
352 | size -= chunk; | ||
353 | |||
354 | sock_recv_ts_and_drops(msg, sk, skb); | ||
355 | |||
356 | if (!(flags & MSG_PEEK)) { | ||
357 | skb_pull(skb, chunk); | ||
358 | if (skb->len) { | ||
359 | skb_queue_head(&sk->sk_receive_queue, skb); | ||
360 | break; | ||
361 | } | ||
362 | kfree_skb(skb); | ||
363 | |||
364 | } else { | ||
365 | /* put message back and return */ | ||
366 | skb_queue_head(&sk->sk_receive_queue, skb); | ||
367 | break; | ||
368 | } | ||
369 | } while (size); | ||
370 | |||
371 | out: | ||
372 | release_sock(sk); | ||
373 | return copied ? : err; | ||
374 | } | ||
375 | EXPORT_SYMBOL(bt_sock_stream_recvmsg); | ||
376 | |||
268 | static inline unsigned int bt_accept_poll(struct sock *parent) | 377 | static inline unsigned int bt_accept_poll(struct sock *parent) |
269 | { | 378 | { |
270 | struct list_head *p, *n; | 379 | struct list_head *p, *n; |
@@ -297,13 +406,12 @@ unsigned int bt_sock_poll(struct file * file, struct socket *sock, poll_table *w | |||
297 | mask |= POLLERR; | 406 | mask |= POLLERR; |
298 | 407 | ||
299 | if (sk->sk_shutdown & RCV_SHUTDOWN) | 408 | if (sk->sk_shutdown & RCV_SHUTDOWN) |
300 | mask |= POLLRDHUP; | 409 | mask |= POLLRDHUP | POLLIN | POLLRDNORM; |
301 | 410 | ||
302 | if (sk->sk_shutdown == SHUTDOWN_MASK) | 411 | if (sk->sk_shutdown == SHUTDOWN_MASK) |
303 | mask |= POLLHUP; | 412 | mask |= POLLHUP; |
304 | 413 | ||
305 | if (!skb_queue_empty(&sk->sk_receive_queue) || | 414 | if (!skb_queue_empty(&sk->sk_receive_queue)) |
306 | (sk->sk_shutdown & RCV_SHUTDOWN)) | ||
307 | mask |= POLLIN | POLLRDNORM; | 415 | mask |= POLLIN | POLLRDNORM; |
308 | 416 | ||
309 | if (sk->sk_state == BT_CLOSED) | 417 | if (sk->sk_state == BT_CLOSED) |
diff --git a/net/bluetooth/cmtp/core.c b/net/bluetooth/cmtp/core.c index d4c6af082d48..ec0a1347f933 100644 --- a/net/bluetooth/cmtp/core.c +++ b/net/bluetooth/cmtp/core.c | |||
@@ -321,14 +321,10 @@ static int cmtp_session(void *arg) | |||
321 | int cmtp_add_connection(struct cmtp_connadd_req *req, struct socket *sock) | 321 | int cmtp_add_connection(struct cmtp_connadd_req *req, struct socket *sock) |
322 | { | 322 | { |
323 | struct cmtp_session *session, *s; | 323 | struct cmtp_session *session, *s; |
324 | bdaddr_t src, dst; | ||
325 | int i, err; | 324 | int i, err; |
326 | 325 | ||
327 | BT_DBG(""); | 326 | BT_DBG(""); |
328 | 327 | ||
329 | baswap(&src, &bt_sk(sock->sk)->src); | ||
330 | baswap(&dst, &bt_sk(sock->sk)->dst); | ||
331 | |||
332 | session = kzalloc(sizeof(struct cmtp_session), GFP_KERNEL); | 328 | session = kzalloc(sizeof(struct cmtp_session), GFP_KERNEL); |
333 | if (!session) | 329 | if (!session) |
334 | return -ENOMEM; | 330 | return -ENOMEM; |
@@ -347,7 +343,7 @@ int cmtp_add_connection(struct cmtp_connadd_req *req, struct socket *sock) | |||
347 | 343 | ||
348 | BT_DBG("mtu %d", session->mtu); | 344 | BT_DBG("mtu %d", session->mtu); |
349 | 345 | ||
350 | sprintf(session->name, "%s", batostr(&dst)); | 346 | sprintf(session->name, "%s", batostr(&bt_sk(sock->sk)->dst)); |
351 | 347 | ||
352 | session->sock = sock; | 348 | session->sock = sock; |
353 | session->state = BT_CONFIG; | 349 | session->state = BT_CONFIG; |
diff --git a/net/bluetooth/hci_core.c b/net/bluetooth/hci_core.c index c52f091ee6de..bc2a052e518b 100644 --- a/net/bluetooth/hci_core.c +++ b/net/bluetooth/hci_core.c | |||
@@ -562,7 +562,6 @@ static int hci_dev_do_close(struct hci_dev *hdev) | |||
562 | hci_dev_lock_bh(hdev); | 562 | hci_dev_lock_bh(hdev); |
563 | inquiry_cache_flush(hdev); | 563 | inquiry_cache_flush(hdev); |
564 | hci_conn_hash_flush(hdev); | 564 | hci_conn_hash_flush(hdev); |
565 | hci_blacklist_clear(hdev); | ||
566 | hci_dev_unlock_bh(hdev); | 565 | hci_dev_unlock_bh(hdev); |
567 | 566 | ||
568 | hci_notify(hdev, HCI_DEV_DOWN); | 567 | hci_notify(hdev, HCI_DEV_DOWN); |
diff --git a/net/bluetooth/hci_sysfs.c b/net/bluetooth/hci_sysfs.c index 8fb967beee80..5fce3d6d07b4 100644 --- a/net/bluetooth/hci_sysfs.c +++ b/net/bluetooth/hci_sysfs.c | |||
@@ -37,9 +37,7 @@ static ssize_t show_link_type(struct device *dev, struct device_attribute *attr, | |||
37 | static ssize_t show_link_address(struct device *dev, struct device_attribute *attr, char *buf) | 37 | static ssize_t show_link_address(struct device *dev, struct device_attribute *attr, char *buf) |
38 | { | 38 | { |
39 | struct hci_conn *conn = dev_get_drvdata(dev); | 39 | struct hci_conn *conn = dev_get_drvdata(dev); |
40 | bdaddr_t bdaddr; | 40 | return sprintf(buf, "%s\n", batostr(&conn->dst)); |
41 | baswap(&bdaddr, &conn->dst); | ||
42 | return sprintf(buf, "%s\n", batostr(&bdaddr)); | ||
43 | } | 41 | } |
44 | 42 | ||
45 | static ssize_t show_link_features(struct device *dev, struct device_attribute *attr, char *buf) | 43 | static ssize_t show_link_features(struct device *dev, struct device_attribute *attr, char *buf) |
@@ -196,8 +194,8 @@ static inline char *host_typetostr(int type) | |||
196 | switch (type) { | 194 | switch (type) { |
197 | case HCI_BREDR: | 195 | case HCI_BREDR: |
198 | return "BR/EDR"; | 196 | return "BR/EDR"; |
199 | case HCI_80211: | 197 | case HCI_AMP: |
200 | return "802.11"; | 198 | return "AMP"; |
201 | default: | 199 | default: |
202 | return "UNKNOWN"; | 200 | return "UNKNOWN"; |
203 | } | 201 | } |
@@ -238,9 +236,7 @@ static ssize_t show_class(struct device *dev, struct device_attribute *attr, cha | |||
238 | static ssize_t show_address(struct device *dev, struct device_attribute *attr, char *buf) | 236 | static ssize_t show_address(struct device *dev, struct device_attribute *attr, char *buf) |
239 | { | 237 | { |
240 | struct hci_dev *hdev = dev_get_drvdata(dev); | 238 | struct hci_dev *hdev = dev_get_drvdata(dev); |
241 | bdaddr_t bdaddr; | 239 | return sprintf(buf, "%s\n", batostr(&hdev->bdaddr)); |
242 | baswap(&bdaddr, &hdev->bdaddr); | ||
243 | return sprintf(buf, "%s\n", batostr(&bdaddr)); | ||
244 | } | 240 | } |
245 | 241 | ||
246 | static ssize_t show_features(struct device *dev, struct device_attribute *attr, char *buf) | 242 | static ssize_t show_features(struct device *dev, struct device_attribute *attr, char *buf) |
@@ -408,10 +404,8 @@ static int inquiry_cache_show(struct seq_file *f, void *p) | |||
408 | 404 | ||
409 | for (e = cache->list; e; e = e->next) { | 405 | for (e = cache->list; e; e = e->next) { |
410 | struct inquiry_data *data = &e->data; | 406 | struct inquiry_data *data = &e->data; |
411 | bdaddr_t bdaddr; | ||
412 | baswap(&bdaddr, &data->bdaddr); | ||
413 | seq_printf(f, "%s %d %d %d 0x%.2x%.2x%.2x 0x%.4x %d %d %u\n", | 407 | seq_printf(f, "%s %d %d %d 0x%.2x%.2x%.2x 0x%.4x %d %d %u\n", |
414 | batostr(&bdaddr), | 408 | batostr(&data->bdaddr), |
415 | data->pscan_rep_mode, data->pscan_period_mode, | 409 | data->pscan_rep_mode, data->pscan_period_mode, |
416 | data->pscan_mode, data->dev_class[2], | 410 | data->pscan_mode, data->dev_class[2], |
417 | data->dev_class[1], data->dev_class[0], | 411 | data->dev_class[1], data->dev_class[0], |
@@ -445,13 +439,10 @@ static int blacklist_show(struct seq_file *f, void *p) | |||
445 | 439 | ||
446 | list_for_each(l, &hdev->blacklist) { | 440 | list_for_each(l, &hdev->blacklist) { |
447 | struct bdaddr_list *b; | 441 | struct bdaddr_list *b; |
448 | bdaddr_t bdaddr; | ||
449 | 442 | ||
450 | b = list_entry(l, struct bdaddr_list, list); | 443 | b = list_entry(l, struct bdaddr_list, list); |
451 | 444 | ||
452 | baswap(&bdaddr, &b->bdaddr); | 445 | seq_printf(f, "%s\n", batostr(&b->bdaddr)); |
453 | |||
454 | seq_printf(f, "%s\n", batostr(&bdaddr)); | ||
455 | } | 446 | } |
456 | 447 | ||
457 | hci_dev_unlock_bh(hdev); | 448 | hci_dev_unlock_bh(hdev); |
diff --git a/net/bluetooth/hidp/core.c b/net/bluetooth/hidp/core.c index bfe641b7dfaf..c0ee8b3928ed 100644 --- a/net/bluetooth/hidp/core.c +++ b/net/bluetooth/hidp/core.c | |||
@@ -758,7 +758,6 @@ static int hidp_setup_hid(struct hidp_session *session, | |||
758 | struct hidp_connadd_req *req) | 758 | struct hidp_connadd_req *req) |
759 | { | 759 | { |
760 | struct hid_device *hid; | 760 | struct hid_device *hid; |
761 | bdaddr_t src, dst; | ||
762 | int err; | 761 | int err; |
763 | 762 | ||
764 | session->rd_data = kzalloc(req->rd_size, GFP_KERNEL); | 763 | session->rd_data = kzalloc(req->rd_size, GFP_KERNEL); |
@@ -781,9 +780,6 @@ static int hidp_setup_hid(struct hidp_session *session, | |||
781 | 780 | ||
782 | hid->driver_data = session; | 781 | hid->driver_data = session; |
783 | 782 | ||
784 | baswap(&src, &bt_sk(session->ctrl_sock->sk)->src); | ||
785 | baswap(&dst, &bt_sk(session->ctrl_sock->sk)->dst); | ||
786 | |||
787 | hid->bus = BUS_BLUETOOTH; | 783 | hid->bus = BUS_BLUETOOTH; |
788 | hid->vendor = req->vendor; | 784 | hid->vendor = req->vendor; |
789 | hid->product = req->product; | 785 | hid->product = req->product; |
@@ -791,8 +787,8 @@ static int hidp_setup_hid(struct hidp_session *session, | |||
791 | hid->country = req->country; | 787 | hid->country = req->country; |
792 | 788 | ||
793 | strncpy(hid->name, req->name, 128); | 789 | strncpy(hid->name, req->name, 128); |
794 | strncpy(hid->phys, batostr(&src), 64); | 790 | strncpy(hid->phys, batostr(&bt_sk(session->ctrl_sock->sk)->src), 64); |
795 | strncpy(hid->uniq, batostr(&dst), 64); | 791 | strncpy(hid->uniq, batostr(&bt_sk(session->ctrl_sock->sk)->dst), 64); |
796 | 792 | ||
797 | hid->dev.parent = hidp_get_device(session); | 793 | hid->dev.parent = hidp_get_device(session); |
798 | hid->ll_driver = &hidp_hid_driver; | 794 | hid->ll_driver = &hidp_hid_driver; |
diff --git a/net/bluetooth/l2cap.c b/net/bluetooth/l2cap.c index 0b54b7dd8401..daa7a988d9a6 100644 --- a/net/bluetooth/l2cap.c +++ b/net/bluetooth/l2cap.c | |||
@@ -1008,10 +1008,20 @@ static int l2cap_sock_bind(struct socket *sock, struct sockaddr *addr, int alen) | |||
1008 | goto done; | 1008 | goto done; |
1009 | } | 1009 | } |
1010 | 1010 | ||
1011 | if (la.l2_psm && __le16_to_cpu(la.l2_psm) < 0x1001 && | 1011 | if (la.l2_psm) { |
1012 | !capable(CAP_NET_BIND_SERVICE)) { | 1012 | __u16 psm = __le16_to_cpu(la.l2_psm); |
1013 | err = -EACCES; | 1013 | |
1014 | goto done; | 1014 | /* PSM must be odd and lsb of upper byte must be 0 */ |
1015 | if ((psm & 0x0101) != 0x0001) { | ||
1016 | err = -EINVAL; | ||
1017 | goto done; | ||
1018 | } | ||
1019 | |||
1020 | /* Restrict usage of well-known PSMs */ | ||
1021 | if (psm < 0x1001 && !capable(CAP_NET_BIND_SERVICE)) { | ||
1022 | err = -EACCES; | ||
1023 | goto done; | ||
1024 | } | ||
1015 | } | 1025 | } |
1016 | 1026 | ||
1017 | write_lock_bh(&l2cap_sk_list.lock); | 1027 | write_lock_bh(&l2cap_sk_list.lock); |
@@ -1190,6 +1200,13 @@ static int l2cap_sock_connect(struct socket *sock, struct sockaddr *addr, int al | |||
1190 | goto done; | 1200 | goto done; |
1191 | } | 1201 | } |
1192 | 1202 | ||
1203 | /* PSM must be odd and lsb of upper byte must be 0 */ | ||
1204 | if ((__le16_to_cpu(la.l2_psm) & 0x0101) != 0x0001 && | ||
1205 | sk->sk_type != SOCK_RAW) { | ||
1206 | err = -EINVAL; | ||
1207 | goto done; | ||
1208 | } | ||
1209 | |||
1193 | /* Set destination address and psm */ | 1210 | /* Set destination address and psm */ |
1194 | bacpy(&bt_sk(sk)->dst, &la.l2_bdaddr); | 1211 | bacpy(&bt_sk(sk)->dst, &la.l2_bdaddr); |
1195 | l2cap_pi(sk)->psm = la.l2_psm; | 1212 | l2cap_pi(sk)->psm = la.l2_psm; |
@@ -1635,7 +1652,7 @@ static inline int l2cap_skbuff_fromiovec(struct sock *sk, struct msghdr *msg, in | |||
1635 | 1652 | ||
1636 | *frag = bt_skb_send_alloc(sk, count, msg->msg_flags & MSG_DONTWAIT, &err); | 1653 | *frag = bt_skb_send_alloc(sk, count, msg->msg_flags & MSG_DONTWAIT, &err); |
1637 | if (!*frag) | 1654 | if (!*frag) |
1638 | return -EFAULT; | 1655 | return err; |
1639 | if (memcpy_fromiovec(skb_put(*frag, count), msg->msg_iov, count)) | 1656 | if (memcpy_fromiovec(skb_put(*frag, count), msg->msg_iov, count)) |
1640 | return -EFAULT; | 1657 | return -EFAULT; |
1641 | 1658 | ||
@@ -1661,7 +1678,7 @@ static struct sk_buff *l2cap_create_connless_pdu(struct sock *sk, struct msghdr | |||
1661 | skb = bt_skb_send_alloc(sk, count + hlen, | 1678 | skb = bt_skb_send_alloc(sk, count + hlen, |
1662 | msg->msg_flags & MSG_DONTWAIT, &err); | 1679 | msg->msg_flags & MSG_DONTWAIT, &err); |
1663 | if (!skb) | 1680 | if (!skb) |
1664 | return ERR_PTR(-ENOMEM); | 1681 | return ERR_PTR(err); |
1665 | 1682 | ||
1666 | /* Create L2CAP header */ | 1683 | /* Create L2CAP header */ |
1667 | lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE); | 1684 | lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE); |
@@ -1690,7 +1707,7 @@ static struct sk_buff *l2cap_create_basic_pdu(struct sock *sk, struct msghdr *ms | |||
1690 | skb = bt_skb_send_alloc(sk, count + hlen, | 1707 | skb = bt_skb_send_alloc(sk, count + hlen, |
1691 | msg->msg_flags & MSG_DONTWAIT, &err); | 1708 | msg->msg_flags & MSG_DONTWAIT, &err); |
1692 | if (!skb) | 1709 | if (!skb) |
1693 | return ERR_PTR(-ENOMEM); | 1710 | return ERR_PTR(err); |
1694 | 1711 | ||
1695 | /* Create L2CAP header */ | 1712 | /* Create L2CAP header */ |
1696 | lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE); | 1713 | lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE); |
@@ -1727,7 +1744,7 @@ static struct sk_buff *l2cap_create_iframe_pdu(struct sock *sk, struct msghdr *m | |||
1727 | skb = bt_skb_send_alloc(sk, count + hlen, | 1744 | skb = bt_skb_send_alloc(sk, count + hlen, |
1728 | msg->msg_flags & MSG_DONTWAIT, &err); | 1745 | msg->msg_flags & MSG_DONTWAIT, &err); |
1729 | if (!skb) | 1746 | if (!skb) |
1730 | return ERR_PTR(-ENOMEM); | 1747 | return ERR_PTR(err); |
1731 | 1748 | ||
1732 | /* Create L2CAP header */ | 1749 | /* Create L2CAP header */ |
1733 | lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE); | 1750 | lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE); |
@@ -1934,6 +1951,9 @@ static int l2cap_sock_recvmsg(struct kiocb *iocb, struct socket *sock, struct ms | |||
1934 | 1951 | ||
1935 | release_sock(sk); | 1952 | release_sock(sk); |
1936 | 1953 | ||
1954 | if (sock->type == SOCK_STREAM) | ||
1955 | return bt_sock_stream_recvmsg(iocb, sock, msg, len, flags); | ||
1956 | |||
1937 | return bt_sock_recvmsg(iocb, sock, msg, len, flags); | 1957 | return bt_sock_recvmsg(iocb, sock, msg, len, flags); |
1938 | } | 1958 | } |
1939 | 1959 | ||
@@ -2891,7 +2911,7 @@ static inline int l2cap_connect_req(struct l2cap_conn *conn, struct l2cap_cmd_hd | |||
2891 | struct l2cap_chan_list *list = &conn->chan_list; | 2911 | struct l2cap_chan_list *list = &conn->chan_list; |
2892 | struct l2cap_conn_req *req = (struct l2cap_conn_req *) data; | 2912 | struct l2cap_conn_req *req = (struct l2cap_conn_req *) data; |
2893 | struct l2cap_conn_rsp rsp; | 2913 | struct l2cap_conn_rsp rsp; |
2894 | struct sock *parent, *uninitialized_var(sk); | 2914 | struct sock *parent, *sk = NULL; |
2895 | int result, status = L2CAP_CS_NO_INFO; | 2915 | int result, status = L2CAP_CS_NO_INFO; |
2896 | 2916 | ||
2897 | u16 dcid = 0, scid = __le16_to_cpu(req->scid); | 2917 | u16 dcid = 0, scid = __le16_to_cpu(req->scid); |
@@ -3000,7 +3020,7 @@ sendresp: | |||
3000 | L2CAP_INFO_REQ, sizeof(info), &info); | 3020 | L2CAP_INFO_REQ, sizeof(info), &info); |
3001 | } | 3021 | } |
3002 | 3022 | ||
3003 | if (!(l2cap_pi(sk)->conf_state & L2CAP_CONF_REQ_SENT) && | 3023 | if (sk && !(l2cap_pi(sk)->conf_state & L2CAP_CONF_REQ_SENT) && |
3004 | result == L2CAP_CR_SUCCESS) { | 3024 | result == L2CAP_CR_SUCCESS) { |
3005 | u8 buf[128]; | 3025 | u8 buf[128]; |
3006 | l2cap_pi(sk)->conf_state |= L2CAP_CONF_REQ_SENT; | 3026 | l2cap_pi(sk)->conf_state |= L2CAP_CONF_REQ_SENT; |
@@ -3151,6 +3171,7 @@ static inline int l2cap_config_req(struct l2cap_conn *conn, struct l2cap_cmd_hdr | |||
3151 | 3171 | ||
3152 | if (!(l2cap_pi(sk)->conf_state & L2CAP_CONF_REQ_SENT)) { | 3172 | if (!(l2cap_pi(sk)->conf_state & L2CAP_CONF_REQ_SENT)) { |
3153 | u8 buf[64]; | 3173 | u8 buf[64]; |
3174 | l2cap_pi(sk)->conf_state |= L2CAP_CONF_REQ_SENT; | ||
3154 | l2cap_send_cmd(conn, l2cap_get_ident(conn), L2CAP_CONF_REQ, | 3175 | l2cap_send_cmd(conn, l2cap_get_ident(conn), L2CAP_CONF_REQ, |
3155 | l2cap_build_conf_req(sk, buf), buf); | 3176 | l2cap_build_conf_req(sk, buf), buf); |
3156 | l2cap_pi(sk)->num_conf_req++; | 3177 | l2cap_pi(sk)->num_conf_req++; |
@@ -4643,6 +4664,8 @@ static int l2cap_recv_acldata(struct hci_conn *hcon, struct sk_buff *skb, u16 fl | |||
4643 | 4664 | ||
4644 | if (flags & ACL_START) { | 4665 | if (flags & ACL_START) { |
4645 | struct l2cap_hdr *hdr; | 4666 | struct l2cap_hdr *hdr; |
4667 | struct sock *sk; | ||
4668 | u16 cid; | ||
4646 | int len; | 4669 | int len; |
4647 | 4670 | ||
4648 | if (conn->rx_len) { | 4671 | if (conn->rx_len) { |
@@ -4653,7 +4676,8 @@ static int l2cap_recv_acldata(struct hci_conn *hcon, struct sk_buff *skb, u16 fl | |||
4653 | l2cap_conn_unreliable(conn, ECOMM); | 4676 | l2cap_conn_unreliable(conn, ECOMM); |
4654 | } | 4677 | } |
4655 | 4678 | ||
4656 | if (skb->len < 2) { | 4679 | /* Start fragment always begin with Basic L2CAP header */ |
4680 | if (skb->len < L2CAP_HDR_SIZE) { | ||
4657 | BT_ERR("Frame is too short (len %d)", skb->len); | 4681 | BT_ERR("Frame is too short (len %d)", skb->len); |
4658 | l2cap_conn_unreliable(conn, ECOMM); | 4682 | l2cap_conn_unreliable(conn, ECOMM); |
4659 | goto drop; | 4683 | goto drop; |
@@ -4661,6 +4685,7 @@ static int l2cap_recv_acldata(struct hci_conn *hcon, struct sk_buff *skb, u16 fl | |||
4661 | 4685 | ||
4662 | hdr = (struct l2cap_hdr *) skb->data; | 4686 | hdr = (struct l2cap_hdr *) skb->data; |
4663 | len = __le16_to_cpu(hdr->len) + L2CAP_HDR_SIZE; | 4687 | len = __le16_to_cpu(hdr->len) + L2CAP_HDR_SIZE; |
4688 | cid = __le16_to_cpu(hdr->cid); | ||
4664 | 4689 | ||
4665 | if (len == skb->len) { | 4690 | if (len == skb->len) { |
4666 | /* Complete frame received */ | 4691 | /* Complete frame received */ |
@@ -4677,6 +4702,19 @@ static int l2cap_recv_acldata(struct hci_conn *hcon, struct sk_buff *skb, u16 fl | |||
4677 | goto drop; | 4702 | goto drop; |
4678 | } | 4703 | } |
4679 | 4704 | ||
4705 | sk = l2cap_get_chan_by_scid(&conn->chan_list, cid); | ||
4706 | |||
4707 | if (sk && l2cap_pi(sk)->imtu < len - L2CAP_HDR_SIZE) { | ||
4708 | BT_ERR("Frame exceeding recv MTU (len %d, MTU %d)", | ||
4709 | len, l2cap_pi(sk)->imtu); | ||
4710 | bh_unlock_sock(sk); | ||
4711 | l2cap_conn_unreliable(conn, ECOMM); | ||
4712 | goto drop; | ||
4713 | } | ||
4714 | |||
4715 | if (sk) | ||
4716 | bh_unlock_sock(sk); | ||
4717 | |||
4680 | /* Allocate skb for the complete frame (with header) */ | 4718 | /* Allocate skb for the complete frame (with header) */ |
4681 | conn->rx_skb = bt_skb_alloc(len, GFP_ATOMIC); | 4719 | conn->rx_skb = bt_skb_alloc(len, GFP_ATOMIC); |
4682 | if (!conn->rx_skb) | 4720 | if (!conn->rx_skb) |
diff --git a/net/bluetooth/lib.c b/net/bluetooth/lib.c index ad2af5814e40..b826d1bf10df 100644 --- a/net/bluetooth/lib.c +++ b/net/bluetooth/lib.c | |||
@@ -51,8 +51,8 @@ char *batostr(bdaddr_t *ba) | |||
51 | 51 | ||
52 | i ^= 1; | 52 | i ^= 1; |
53 | sprintf(str[i], "%2.2X:%2.2X:%2.2X:%2.2X:%2.2X:%2.2X", | 53 | sprintf(str[i], "%2.2X:%2.2X:%2.2X:%2.2X:%2.2X:%2.2X", |
54 | ba->b[0], ba->b[1], ba->b[2], | 54 | ba->b[5], ba->b[4], ba->b[3], |
55 | ba->b[3], ba->b[4], ba->b[5]); | 55 | ba->b[2], ba->b[1], ba->b[0]); |
56 | 56 | ||
57 | return str[i]; | 57 | return str[i]; |
58 | } | 58 | } |
diff --git a/net/bluetooth/rfcomm/core.c b/net/bluetooth/rfcomm/core.c index 7dca91bb8c57..39a5d87e33b4 100644 --- a/net/bluetooth/rfcomm/core.c +++ b/net/bluetooth/rfcomm/core.c | |||
@@ -113,11 +113,10 @@ static void rfcomm_session_del(struct rfcomm_session *s); | |||
113 | #define __get_rpn_stop_bits(line) (((line) >> 2) & 0x1) | 113 | #define __get_rpn_stop_bits(line) (((line) >> 2) & 0x1) |
114 | #define __get_rpn_parity(line) (((line) >> 3) & 0x7) | 114 | #define __get_rpn_parity(line) (((line) >> 3) & 0x7) |
115 | 115 | ||
116 | static inline void rfcomm_schedule(uint event) | 116 | static inline void rfcomm_schedule(void) |
117 | { | 117 | { |
118 | if (!rfcomm_thread) | 118 | if (!rfcomm_thread) |
119 | return; | 119 | return; |
120 | //set_bit(event, &rfcomm_event); | ||
121 | set_bit(RFCOMM_SCHED_WAKEUP, &rfcomm_event); | 120 | set_bit(RFCOMM_SCHED_WAKEUP, &rfcomm_event); |
122 | wake_up_process(rfcomm_thread); | 121 | wake_up_process(rfcomm_thread); |
123 | } | 122 | } |
@@ -179,13 +178,13 @@ static unsigned char rfcomm_crc_table[256] = { | |||
179 | /* FCS on 2 bytes */ | 178 | /* FCS on 2 bytes */ |
180 | static inline u8 __fcs(u8 *data) | 179 | static inline u8 __fcs(u8 *data) |
181 | { | 180 | { |
182 | return (0xff - __crc(data)); | 181 | return 0xff - __crc(data); |
183 | } | 182 | } |
184 | 183 | ||
185 | /* FCS on 3 bytes */ | 184 | /* FCS on 3 bytes */ |
186 | static inline u8 __fcs2(u8 *data) | 185 | static inline u8 __fcs2(u8 *data) |
187 | { | 186 | { |
188 | return (0xff - rfcomm_crc_table[__crc(data) ^ data[2]]); | 187 | return 0xff - rfcomm_crc_table[__crc(data) ^ data[2]]; |
189 | } | 188 | } |
190 | 189 | ||
191 | /* Check FCS */ | 190 | /* Check FCS */ |
@@ -203,13 +202,13 @@ static inline int __check_fcs(u8 *data, int type, u8 fcs) | |||
203 | static void rfcomm_l2state_change(struct sock *sk) | 202 | static void rfcomm_l2state_change(struct sock *sk) |
204 | { | 203 | { |
205 | BT_DBG("%p state %d", sk, sk->sk_state); | 204 | BT_DBG("%p state %d", sk, sk->sk_state); |
206 | rfcomm_schedule(RFCOMM_SCHED_STATE); | 205 | rfcomm_schedule(); |
207 | } | 206 | } |
208 | 207 | ||
209 | static void rfcomm_l2data_ready(struct sock *sk, int bytes) | 208 | static void rfcomm_l2data_ready(struct sock *sk, int bytes) |
210 | { | 209 | { |
211 | BT_DBG("%p bytes %d", sk, bytes); | 210 | BT_DBG("%p bytes %d", sk, bytes); |
212 | rfcomm_schedule(RFCOMM_SCHED_RX); | 211 | rfcomm_schedule(); |
213 | } | 212 | } |
214 | 213 | ||
215 | static int rfcomm_l2sock_create(struct socket **sock) | 214 | static int rfcomm_l2sock_create(struct socket **sock) |
@@ -255,7 +254,7 @@ static void rfcomm_session_timeout(unsigned long arg) | |||
255 | BT_DBG("session %p state %ld", s, s->state); | 254 | BT_DBG("session %p state %ld", s, s->state); |
256 | 255 | ||
257 | set_bit(RFCOMM_TIMED_OUT, &s->flags); | 256 | set_bit(RFCOMM_TIMED_OUT, &s->flags); |
258 | rfcomm_schedule(RFCOMM_SCHED_TIMEO); | 257 | rfcomm_schedule(); |
259 | } | 258 | } |
260 | 259 | ||
261 | static void rfcomm_session_set_timer(struct rfcomm_session *s, long timeout) | 260 | static void rfcomm_session_set_timer(struct rfcomm_session *s, long timeout) |
@@ -283,7 +282,7 @@ static void rfcomm_dlc_timeout(unsigned long arg) | |||
283 | 282 | ||
284 | set_bit(RFCOMM_TIMED_OUT, &d->flags); | 283 | set_bit(RFCOMM_TIMED_OUT, &d->flags); |
285 | rfcomm_dlc_put(d); | 284 | rfcomm_dlc_put(d); |
286 | rfcomm_schedule(RFCOMM_SCHED_TIMEO); | 285 | rfcomm_schedule(); |
287 | } | 286 | } |
288 | 287 | ||
289 | static void rfcomm_dlc_set_timer(struct rfcomm_dlc *d, long timeout) | 288 | static void rfcomm_dlc_set_timer(struct rfcomm_dlc *d, long timeout) |
@@ -465,7 +464,7 @@ static int __rfcomm_dlc_close(struct rfcomm_dlc *d, int err) | |||
465 | case BT_CONFIG: | 464 | case BT_CONFIG: |
466 | if (test_and_clear_bit(RFCOMM_DEFER_SETUP, &d->flags)) { | 465 | if (test_and_clear_bit(RFCOMM_DEFER_SETUP, &d->flags)) { |
467 | set_bit(RFCOMM_AUTH_REJECT, &d->flags); | 466 | set_bit(RFCOMM_AUTH_REJECT, &d->flags); |
468 | rfcomm_schedule(RFCOMM_SCHED_AUTH); | 467 | rfcomm_schedule(); |
469 | break; | 468 | break; |
470 | } | 469 | } |
471 | /* Fall through */ | 470 | /* Fall through */ |
@@ -485,7 +484,7 @@ static int __rfcomm_dlc_close(struct rfcomm_dlc *d, int err) | |||
485 | case BT_CONNECT2: | 484 | case BT_CONNECT2: |
486 | if (test_and_clear_bit(RFCOMM_DEFER_SETUP, &d->flags)) { | 485 | if (test_and_clear_bit(RFCOMM_DEFER_SETUP, &d->flags)) { |
487 | set_bit(RFCOMM_AUTH_REJECT, &d->flags); | 486 | set_bit(RFCOMM_AUTH_REJECT, &d->flags); |
488 | rfcomm_schedule(RFCOMM_SCHED_AUTH); | 487 | rfcomm_schedule(); |
489 | break; | 488 | break; |
490 | } | 489 | } |
491 | /* Fall through */ | 490 | /* Fall through */ |
@@ -533,7 +532,7 @@ int rfcomm_dlc_send(struct rfcomm_dlc *d, struct sk_buff *skb) | |||
533 | skb_queue_tail(&d->tx_queue, skb); | 532 | skb_queue_tail(&d->tx_queue, skb); |
534 | 533 | ||
535 | if (!test_bit(RFCOMM_TX_THROTTLED, &d->flags)) | 534 | if (!test_bit(RFCOMM_TX_THROTTLED, &d->flags)) |
536 | rfcomm_schedule(RFCOMM_SCHED_TX); | 535 | rfcomm_schedule(); |
537 | return len; | 536 | return len; |
538 | } | 537 | } |
539 | 538 | ||
@@ -545,7 +544,7 @@ void __rfcomm_dlc_throttle(struct rfcomm_dlc *d) | |||
545 | d->v24_sig |= RFCOMM_V24_FC; | 544 | d->v24_sig |= RFCOMM_V24_FC; |
546 | set_bit(RFCOMM_MSC_PENDING, &d->flags); | 545 | set_bit(RFCOMM_MSC_PENDING, &d->flags); |
547 | } | 546 | } |
548 | rfcomm_schedule(RFCOMM_SCHED_TX); | 547 | rfcomm_schedule(); |
549 | } | 548 | } |
550 | 549 | ||
551 | void __rfcomm_dlc_unthrottle(struct rfcomm_dlc *d) | 550 | void __rfcomm_dlc_unthrottle(struct rfcomm_dlc *d) |
@@ -556,7 +555,7 @@ void __rfcomm_dlc_unthrottle(struct rfcomm_dlc *d) | |||
556 | d->v24_sig &= ~RFCOMM_V24_FC; | 555 | d->v24_sig &= ~RFCOMM_V24_FC; |
557 | set_bit(RFCOMM_MSC_PENDING, &d->flags); | 556 | set_bit(RFCOMM_MSC_PENDING, &d->flags); |
558 | } | 557 | } |
559 | rfcomm_schedule(RFCOMM_SCHED_TX); | 558 | rfcomm_schedule(); |
560 | } | 559 | } |
561 | 560 | ||
562 | /* | 561 | /* |
@@ -577,7 +576,7 @@ int rfcomm_dlc_set_modem_status(struct rfcomm_dlc *d, u8 v24_sig) | |||
577 | d->v24_sig = v24_sig; | 576 | d->v24_sig = v24_sig; |
578 | 577 | ||
579 | if (!test_and_set_bit(RFCOMM_MSC_PENDING, &d->flags)) | 578 | if (!test_and_set_bit(RFCOMM_MSC_PENDING, &d->flags)) |
580 | rfcomm_schedule(RFCOMM_SCHED_TX); | 579 | rfcomm_schedule(); |
581 | 580 | ||
582 | return 0; | 581 | return 0; |
583 | } | 582 | } |
@@ -816,7 +815,7 @@ static int rfcomm_queue_disc(struct rfcomm_dlc *d) | |||
816 | cmd->fcs = __fcs2((u8 *) cmd); | 815 | cmd->fcs = __fcs2((u8 *) cmd); |
817 | 816 | ||
818 | skb_queue_tail(&d->tx_queue, skb); | 817 | skb_queue_tail(&d->tx_queue, skb); |
819 | rfcomm_schedule(RFCOMM_SCHED_TX); | 818 | rfcomm_schedule(); |
820 | return 0; | 819 | return 0; |
821 | } | 820 | } |
822 | 821 | ||
@@ -1415,8 +1414,8 @@ static int rfcomm_recv_rpn(struct rfcomm_session *s, int cr, int len, struct sk_ | |||
1415 | return 0; | 1414 | return 0; |
1416 | 1415 | ||
1417 | if (len == 1) { | 1416 | if (len == 1) { |
1418 | /* This is a request, return default settings */ | 1417 | /* This is a request, return default (according to ETSI TS 07.10) settings */ |
1419 | bit_rate = RFCOMM_RPN_BR_115200; | 1418 | bit_rate = RFCOMM_RPN_BR_9600; |
1420 | data_bits = RFCOMM_RPN_DATA_8; | 1419 | data_bits = RFCOMM_RPN_DATA_8; |
1421 | stop_bits = RFCOMM_RPN_STOP_1; | 1420 | stop_bits = RFCOMM_RPN_STOP_1; |
1422 | parity = RFCOMM_RPN_PARITY_NONE; | 1421 | parity = RFCOMM_RPN_PARITY_NONE; |
@@ -1431,9 +1430,9 @@ static int rfcomm_recv_rpn(struct rfcomm_session *s, int cr, int len, struct sk_ | |||
1431 | 1430 | ||
1432 | if (rpn->param_mask & cpu_to_le16(RFCOMM_RPN_PM_BITRATE)) { | 1431 | if (rpn->param_mask & cpu_to_le16(RFCOMM_RPN_PM_BITRATE)) { |
1433 | bit_rate = rpn->bit_rate; | 1432 | bit_rate = rpn->bit_rate; |
1434 | if (bit_rate != RFCOMM_RPN_BR_115200) { | 1433 | if (bit_rate > RFCOMM_RPN_BR_230400) { |
1435 | BT_DBG("RPN bit rate mismatch 0x%x", bit_rate); | 1434 | BT_DBG("RPN bit rate mismatch 0x%x", bit_rate); |
1436 | bit_rate = RFCOMM_RPN_BR_115200; | 1435 | bit_rate = RFCOMM_RPN_BR_9600; |
1437 | rpn_mask ^= RFCOMM_RPN_PM_BITRATE; | 1436 | rpn_mask ^= RFCOMM_RPN_PM_BITRATE; |
1438 | } | 1437 | } |
1439 | } | 1438 | } |
@@ -1698,7 +1697,7 @@ static int rfcomm_recv_frame(struct rfcomm_session *s, struct sk_buff *skb) | |||
1698 | break; | 1697 | break; |
1699 | 1698 | ||
1700 | default: | 1699 | default: |
1701 | BT_ERR("Unknown packet type 0x%02x\n", type); | 1700 | BT_ERR("Unknown packet type 0x%02x", type); |
1702 | break; | 1701 | break; |
1703 | } | 1702 | } |
1704 | kfree_skb(skb); | 1703 | kfree_skb(skb); |
@@ -1884,7 +1883,7 @@ static inline void rfcomm_accept_connection(struct rfcomm_session *s) | |||
1884 | * L2CAP MTU minus UIH header and FCS. */ | 1883 | * L2CAP MTU minus UIH header and FCS. */ |
1885 | s->mtu = min(l2cap_pi(nsock->sk)->omtu, l2cap_pi(nsock->sk)->imtu) - 5; | 1884 | s->mtu = min(l2cap_pi(nsock->sk)->omtu, l2cap_pi(nsock->sk)->imtu) - 5; |
1886 | 1885 | ||
1887 | rfcomm_schedule(RFCOMM_SCHED_RX); | 1886 | rfcomm_schedule(); |
1888 | } else | 1887 | } else |
1889 | sock_release(nsock); | 1888 | sock_release(nsock); |
1890 | } | 1889 | } |
@@ -2093,7 +2092,7 @@ static void rfcomm_security_cfm(struct hci_conn *conn, u8 status, u8 encrypt) | |||
2093 | 2092 | ||
2094 | rfcomm_session_put(s); | 2093 | rfcomm_session_put(s); |
2095 | 2094 | ||
2096 | rfcomm_schedule(RFCOMM_SCHED_AUTH); | 2095 | rfcomm_schedule(); |
2097 | } | 2096 | } |
2098 | 2097 | ||
2099 | static struct hci_cb rfcomm_cb = { | 2098 | static struct hci_cb rfcomm_cb = { |
diff --git a/net/bluetooth/rfcomm/sock.c b/net/bluetooth/rfcomm/sock.c index 194b3a04cfd3..aec505f934df 100644 --- a/net/bluetooth/rfcomm/sock.c +++ b/net/bluetooth/rfcomm/sock.c | |||
@@ -621,121 +621,29 @@ static int rfcomm_sock_sendmsg(struct kiocb *iocb, struct socket *sock, | |||
621 | return sent; | 621 | return sent; |
622 | } | 622 | } |
623 | 623 | ||
624 | static long rfcomm_sock_data_wait(struct sock *sk, long timeo) | ||
625 | { | ||
626 | DECLARE_WAITQUEUE(wait, current); | ||
627 | |||
628 | add_wait_queue(sk_sleep(sk), &wait); | ||
629 | for (;;) { | ||
630 | set_current_state(TASK_INTERRUPTIBLE); | ||
631 | |||
632 | if (!skb_queue_empty(&sk->sk_receive_queue) || | ||
633 | sk->sk_err || | ||
634 | (sk->sk_shutdown & RCV_SHUTDOWN) || | ||
635 | signal_pending(current) || | ||
636 | !timeo) | ||
637 | break; | ||
638 | |||
639 | set_bit(SOCK_ASYNC_WAITDATA, &sk->sk_socket->flags); | ||
640 | release_sock(sk); | ||
641 | timeo = schedule_timeout(timeo); | ||
642 | lock_sock(sk); | ||
643 | clear_bit(SOCK_ASYNC_WAITDATA, &sk->sk_socket->flags); | ||
644 | } | ||
645 | |||
646 | __set_current_state(TASK_RUNNING); | ||
647 | remove_wait_queue(sk_sleep(sk), &wait); | ||
648 | return timeo; | ||
649 | } | ||
650 | |||
651 | static int rfcomm_sock_recvmsg(struct kiocb *iocb, struct socket *sock, | 624 | static int rfcomm_sock_recvmsg(struct kiocb *iocb, struct socket *sock, |
652 | struct msghdr *msg, size_t size, int flags) | 625 | struct msghdr *msg, size_t size, int flags) |
653 | { | 626 | { |
654 | struct sock *sk = sock->sk; | 627 | struct sock *sk = sock->sk; |
655 | struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc; | 628 | struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc; |
656 | int err = 0; | 629 | int len; |
657 | size_t target, copied = 0; | ||
658 | long timeo; | ||
659 | 630 | ||
660 | if (test_and_clear_bit(RFCOMM_DEFER_SETUP, &d->flags)) { | 631 | if (test_and_clear_bit(RFCOMM_DEFER_SETUP, &d->flags)) { |
661 | rfcomm_dlc_accept(d); | 632 | rfcomm_dlc_accept(d); |
662 | return 0; | 633 | return 0; |
663 | } | 634 | } |
664 | 635 | ||
665 | if (flags & MSG_OOB) | 636 | len = bt_sock_stream_recvmsg(iocb, sock, msg, size, flags); |
666 | return -EOPNOTSUPP; | ||
667 | |||
668 | msg->msg_namelen = 0; | ||
669 | |||
670 | BT_DBG("sk %p size %zu", sk, size); | ||
671 | 637 | ||
672 | lock_sock(sk); | 638 | lock_sock(sk); |
639 | if (!(flags & MSG_PEEK) && len > 0) | ||
640 | atomic_sub(len, &sk->sk_rmem_alloc); | ||
673 | 641 | ||
674 | target = sock_rcvlowat(sk, flags & MSG_WAITALL, size); | ||
675 | timeo = sock_rcvtimeo(sk, flags & MSG_DONTWAIT); | ||
676 | |||
677 | do { | ||
678 | struct sk_buff *skb; | ||
679 | int chunk; | ||
680 | |||
681 | skb = skb_dequeue(&sk->sk_receive_queue); | ||
682 | if (!skb) { | ||
683 | if (copied >= target) | ||
684 | break; | ||
685 | |||
686 | if ((err = sock_error(sk)) != 0) | ||
687 | break; | ||
688 | if (sk->sk_shutdown & RCV_SHUTDOWN) | ||
689 | break; | ||
690 | |||
691 | err = -EAGAIN; | ||
692 | if (!timeo) | ||
693 | break; | ||
694 | |||
695 | timeo = rfcomm_sock_data_wait(sk, timeo); | ||
696 | |||
697 | if (signal_pending(current)) { | ||
698 | err = sock_intr_errno(timeo); | ||
699 | goto out; | ||
700 | } | ||
701 | continue; | ||
702 | } | ||
703 | |||
704 | chunk = min_t(unsigned int, skb->len, size); | ||
705 | if (memcpy_toiovec(msg->msg_iov, skb->data, chunk)) { | ||
706 | skb_queue_head(&sk->sk_receive_queue, skb); | ||
707 | if (!copied) | ||
708 | copied = -EFAULT; | ||
709 | break; | ||
710 | } | ||
711 | copied += chunk; | ||
712 | size -= chunk; | ||
713 | |||
714 | sock_recv_ts_and_drops(msg, sk, skb); | ||
715 | |||
716 | if (!(flags & MSG_PEEK)) { | ||
717 | atomic_sub(chunk, &sk->sk_rmem_alloc); | ||
718 | |||
719 | skb_pull(skb, chunk); | ||
720 | if (skb->len) { | ||
721 | skb_queue_head(&sk->sk_receive_queue, skb); | ||
722 | break; | ||
723 | } | ||
724 | kfree_skb(skb); | ||
725 | |||
726 | } else { | ||
727 | /* put message back and return */ | ||
728 | skb_queue_head(&sk->sk_receive_queue, skb); | ||
729 | break; | ||
730 | } | ||
731 | } while (size); | ||
732 | |||
733 | out: | ||
734 | if (atomic_read(&sk->sk_rmem_alloc) <= (sk->sk_rcvbuf >> 2)) | 642 | if (atomic_read(&sk->sk_rmem_alloc) <= (sk->sk_rcvbuf >> 2)) |
735 | rfcomm_dlc_unthrottle(rfcomm_pi(sk)->dlc); | 643 | rfcomm_dlc_unthrottle(rfcomm_pi(sk)->dlc); |
736 | |||
737 | release_sock(sk); | 644 | release_sock(sk); |
738 | return copied ? : err; | 645 | |
646 | return len; | ||
739 | } | 647 | } |
740 | 648 | ||
741 | static int rfcomm_sock_setsockopt_old(struct socket *sock, int optname, char __user *optval, unsigned int optlen) | 649 | static int rfcomm_sock_setsockopt_old(struct socket *sock, int optname, char __user *optval, unsigned int optlen) |
diff --git a/net/bluetooth/rfcomm/tty.c b/net/bluetooth/rfcomm/tty.c index 84c2a4d013c6..a9b81f5dacd1 100644 --- a/net/bluetooth/rfcomm/tty.c +++ b/net/bluetooth/rfcomm/tty.c | |||
@@ -183,9 +183,7 @@ static struct device *rfcomm_get_device(struct rfcomm_dev *dev) | |||
183 | static ssize_t show_address(struct device *tty_dev, struct device_attribute *attr, char *buf) | 183 | static ssize_t show_address(struct device *tty_dev, struct device_attribute *attr, char *buf) |
184 | { | 184 | { |
185 | struct rfcomm_dev *dev = dev_get_drvdata(tty_dev); | 185 | struct rfcomm_dev *dev = dev_get_drvdata(tty_dev); |
186 | bdaddr_t bdaddr; | 186 | return sprintf(buf, "%s\n", batostr(&dev->dst)); |
187 | baswap(&bdaddr, &dev->dst); | ||
188 | return sprintf(buf, "%s\n", batostr(&bdaddr)); | ||
189 | } | 187 | } |
190 | 188 | ||
191 | static ssize_t show_channel(struct device *tty_dev, struct device_attribute *attr, char *buf) | 189 | static ssize_t show_channel(struct device *tty_dev, struct device_attribute *attr, char *buf) |