10a708f8fSGustavo F. Padovan /* 20a708f8fSGustavo F. Padovan BlueZ - Bluetooth protocol stack for Linux 30a708f8fSGustavo F. Padovan Copyright (C) 2000-2001 Qualcomm Incorporated 40a708f8fSGustavo F. Padovan Copyright (C) 2009-2010 Gustavo F. Padovan <gustavo@padovan.org> 50a708f8fSGustavo F. Padovan Copyright (C) 2010 Google Inc. 60a708f8fSGustavo F. Padovan 70a708f8fSGustavo F. Padovan Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com> 80a708f8fSGustavo F. Padovan 90a708f8fSGustavo F. Padovan This program is free software; you can redistribute it and/or modify 100a708f8fSGustavo F. Padovan it under the terms of the GNU General Public License version 2 as 110a708f8fSGustavo F. Padovan published by the Free Software Foundation; 120a708f8fSGustavo F. Padovan 130a708f8fSGustavo F. Padovan THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS 140a708f8fSGustavo F. Padovan OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 150a708f8fSGustavo F. Padovan FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. 160a708f8fSGustavo F. Padovan IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY 170a708f8fSGustavo F. Padovan CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES 180a708f8fSGustavo F. Padovan WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 190a708f8fSGustavo F. Padovan ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 200a708f8fSGustavo F. Padovan OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 210a708f8fSGustavo F. Padovan 220a708f8fSGustavo F. Padovan ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, 230a708f8fSGustavo F. Padovan COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS 240a708f8fSGustavo F. Padovan SOFTWARE IS DISCLAIMED. 250a708f8fSGustavo F. Padovan */ 260a708f8fSGustavo F. Padovan 27bb58f747SGustavo F. Padovan /* Bluetooth L2CAP core. */ 280a708f8fSGustavo F. Padovan 290a708f8fSGustavo F. Padovan #include <linux/module.h> 300a708f8fSGustavo F. Padovan 310a708f8fSGustavo F. Padovan #include <linux/types.h> 320a708f8fSGustavo F. Padovan #include <linux/capability.h> 330a708f8fSGustavo F. Padovan #include <linux/errno.h> 340a708f8fSGustavo F. Padovan #include <linux/kernel.h> 350a708f8fSGustavo F. Padovan #include <linux/sched.h> 360a708f8fSGustavo F. Padovan #include <linux/slab.h> 370a708f8fSGustavo F. Padovan #include <linux/poll.h> 380a708f8fSGustavo F. Padovan #include <linux/fcntl.h> 390a708f8fSGustavo F. Padovan #include <linux/init.h> 400a708f8fSGustavo F. Padovan #include <linux/interrupt.h> 410a708f8fSGustavo F. Padovan #include <linux/socket.h> 420a708f8fSGustavo F. Padovan #include <linux/skbuff.h> 430a708f8fSGustavo F. Padovan #include <linux/list.h> 440a708f8fSGustavo F. Padovan #include <linux/device.h> 450a708f8fSGustavo F. Padovan #include <linux/debugfs.h> 460a708f8fSGustavo F. Padovan #include <linux/seq_file.h> 470a708f8fSGustavo F. Padovan #include <linux/uaccess.h> 480a708f8fSGustavo F. Padovan #include <linux/crc16.h> 490a708f8fSGustavo F. Padovan #include <net/sock.h> 500a708f8fSGustavo F. Padovan 510a708f8fSGustavo F. Padovan #include <asm/system.h> 520a708f8fSGustavo F. Padovan #include <asm/unaligned.h> 530a708f8fSGustavo F. Padovan 540a708f8fSGustavo F. Padovan #include <net/bluetooth/bluetooth.h> 550a708f8fSGustavo F. Padovan #include <net/bluetooth/hci_core.h> 560a708f8fSGustavo F. Padovan #include <net/bluetooth/l2cap.h> 57b501d6a1SAnderson Briglia #include <net/bluetooth/smp.h> 580a708f8fSGustavo F. Padovan 59bb58f747SGustavo F. Padovan int disable_ertm; 60a5fd6f30SAndrei Emeltchenko int enable_hs; 610a708f8fSGustavo F. Padovan 620a708f8fSGustavo F. Padovan static u32 l2cap_feat_mask = L2CAP_FEAT_FIXED_CHAN; 6350a147cdSMat Martineau static u8 l2cap_fixed_chan[8] = { L2CAP_FC_L2CAP, }; 640a708f8fSGustavo F. Padovan 65b5ad8b7fSJohannes Berg static LIST_HEAD(chan_list); 66b5ad8b7fSJohannes Berg static DEFINE_RWLOCK(chan_list_lock); 670a708f8fSGustavo F. Padovan 680a708f8fSGustavo F. Padovan static struct sk_buff *l2cap_build_cmd(struct l2cap_conn *conn, 690a708f8fSGustavo F. Padovan u8 code, u8 ident, u16 dlen, void *data); 704519de9aSGustavo F. Padovan static void l2cap_send_cmd(struct l2cap_conn *conn, u8 ident, u8 code, u16 len, 714519de9aSGustavo F. Padovan void *data); 72710f9b0aSGustavo F. Padovan static int l2cap_build_conf_req(struct l2cap_chan *chan, void *data); 734519de9aSGustavo F. Padovan static void l2cap_send_disconn_req(struct l2cap_conn *conn, 744519de9aSGustavo F. Padovan struct l2cap_chan *chan, int err); 750a708f8fSGustavo F. Padovan 760a708f8fSGustavo F. Padovan static int l2cap_ertm_data_rcv(struct sock *sk, struct sk_buff *skb); 770a708f8fSGustavo F. Padovan 780a708f8fSGustavo F. Padovan /* ---- L2CAP channels ---- */ 7971ba0e56SGustavo F. Padovan 8071ba0e56SGustavo F. Padovan static inline void chan_hold(struct l2cap_chan *c) 8171ba0e56SGustavo F. Padovan { 8271ba0e56SGustavo F. Padovan atomic_inc(&c->refcnt); 8371ba0e56SGustavo F. Padovan } 8471ba0e56SGustavo F. Padovan 8571ba0e56SGustavo F. Padovan static inline void chan_put(struct l2cap_chan *c) 8671ba0e56SGustavo F. Padovan { 8771ba0e56SGustavo F. Padovan if (atomic_dec_and_test(&c->refcnt)) 8871ba0e56SGustavo F. Padovan kfree(c); 8971ba0e56SGustavo F. Padovan } 9071ba0e56SGustavo F. Padovan 91baa7e1faSGustavo F. Padovan static struct l2cap_chan *__l2cap_get_chan_by_dcid(struct l2cap_conn *conn, u16 cid) 920a708f8fSGustavo F. Padovan { 9348454079SGustavo F. Padovan struct l2cap_chan *c; 94baa7e1faSGustavo F. Padovan 95baa7e1faSGustavo F. Padovan list_for_each_entry(c, &conn->chan_l, list) { 96fe4128e0SGustavo F. Padovan if (c->dcid == cid) 9748454079SGustavo F. Padovan return c; 980a708f8fSGustavo F. Padovan } 99baa7e1faSGustavo F. Padovan return NULL; 100baa7e1faSGustavo F. Padovan 101baa7e1faSGustavo F. Padovan } 1020a708f8fSGustavo F. Padovan 103baa7e1faSGustavo F. Padovan static struct l2cap_chan *__l2cap_get_chan_by_scid(struct l2cap_conn *conn, u16 cid) 1040a708f8fSGustavo F. Padovan { 10548454079SGustavo F. Padovan struct l2cap_chan *c; 106baa7e1faSGustavo F. Padovan 107baa7e1faSGustavo F. Padovan list_for_each_entry(c, &conn->chan_l, list) { 108fe4128e0SGustavo F. Padovan if (c->scid == cid) 10948454079SGustavo F. Padovan return c; 1100a708f8fSGustavo F. Padovan } 111baa7e1faSGustavo F. Padovan return NULL; 112baa7e1faSGustavo F. Padovan } 1130a708f8fSGustavo F. Padovan 1140a708f8fSGustavo F. Padovan /* Find channel with given SCID. 1150a708f8fSGustavo F. Padovan * Returns locked socket */ 116baa7e1faSGustavo F. Padovan static struct l2cap_chan *l2cap_get_chan_by_scid(struct l2cap_conn *conn, u16 cid) 1170a708f8fSGustavo F. Padovan { 11848454079SGustavo F. Padovan struct l2cap_chan *c; 119baa7e1faSGustavo F. Padovan 120baa7e1faSGustavo F. Padovan read_lock(&conn->chan_lock); 121baa7e1faSGustavo F. Padovan c = __l2cap_get_chan_by_scid(conn, cid); 12248454079SGustavo F. Padovan if (c) 12348454079SGustavo F. Padovan bh_lock_sock(c->sk); 124baa7e1faSGustavo F. Padovan read_unlock(&conn->chan_lock); 12548454079SGustavo F. Padovan return c; 1260a708f8fSGustavo F. Padovan } 1270a708f8fSGustavo F. Padovan 128baa7e1faSGustavo F. Padovan static struct l2cap_chan *__l2cap_get_chan_by_ident(struct l2cap_conn *conn, u8 ident) 1290a708f8fSGustavo F. Padovan { 13048454079SGustavo F. Padovan struct l2cap_chan *c; 131baa7e1faSGustavo F. Padovan 132baa7e1faSGustavo F. Padovan list_for_each_entry(c, &conn->chan_l, list) { 133fc7f8a7eSGustavo F. Padovan if (c->ident == ident) 13448454079SGustavo F. Padovan return c; 1350a708f8fSGustavo F. Padovan } 136baa7e1faSGustavo F. Padovan return NULL; 137baa7e1faSGustavo F. Padovan } 1380a708f8fSGustavo F. Padovan 139baa7e1faSGustavo F. Padovan static inline struct l2cap_chan *l2cap_get_chan_by_ident(struct l2cap_conn *conn, u8 ident) 1400a708f8fSGustavo F. Padovan { 14148454079SGustavo F. Padovan struct l2cap_chan *c; 142baa7e1faSGustavo F. Padovan 143baa7e1faSGustavo F. Padovan read_lock(&conn->chan_lock); 144baa7e1faSGustavo F. Padovan c = __l2cap_get_chan_by_ident(conn, ident); 14548454079SGustavo F. Padovan if (c) 14648454079SGustavo F. Padovan bh_lock_sock(c->sk); 147baa7e1faSGustavo F. Padovan read_unlock(&conn->chan_lock); 14848454079SGustavo F. Padovan return c; 1490a708f8fSGustavo F. Padovan } 1500a708f8fSGustavo F. Padovan 15123691d75SGustavo F. Padovan static struct l2cap_chan *__l2cap_global_chan_by_addr(__le16 psm, bdaddr_t *src) 1529e4425ffSGustavo F. Padovan { 15323691d75SGustavo F. Padovan struct l2cap_chan *c; 1549e4425ffSGustavo F. Padovan 15523691d75SGustavo F. Padovan list_for_each_entry(c, &chan_list, global_l) { 15623691d75SGustavo F. Padovan if (c->sport == psm && !bacmp(&bt_sk(c->sk)->src, src)) 1579e4425ffSGustavo F. Padovan goto found; 1589e4425ffSGustavo F. Padovan } 1599e4425ffSGustavo F. Padovan 16023691d75SGustavo F. Padovan c = NULL; 1619e4425ffSGustavo F. Padovan found: 16223691d75SGustavo F. Padovan return c; 1639e4425ffSGustavo F. Padovan } 1649e4425ffSGustavo F. Padovan 1659e4425ffSGustavo F. Padovan int l2cap_add_psm(struct l2cap_chan *chan, bdaddr_t *src, __le16 psm) 1669e4425ffSGustavo F. Padovan { 16773b2ec18SGustavo F. Padovan int err; 16873b2ec18SGustavo F. Padovan 16923691d75SGustavo F. Padovan write_lock_bh(&chan_list_lock); 1709e4425ffSGustavo F. Padovan 17123691d75SGustavo F. Padovan if (psm && __l2cap_global_chan_by_addr(psm, src)) { 17273b2ec18SGustavo F. Padovan err = -EADDRINUSE; 17373b2ec18SGustavo F. Padovan goto done; 1749e4425ffSGustavo F. Padovan } 1759e4425ffSGustavo F. Padovan 17673b2ec18SGustavo F. Padovan if (psm) { 1779e4425ffSGustavo F. Padovan chan->psm = psm; 1789e4425ffSGustavo F. Padovan chan->sport = psm; 17973b2ec18SGustavo F. Padovan err = 0; 18073b2ec18SGustavo F. Padovan } else { 18173b2ec18SGustavo F. Padovan u16 p; 1829e4425ffSGustavo F. Padovan 18373b2ec18SGustavo F. Padovan err = -EINVAL; 18473b2ec18SGustavo F. Padovan for (p = 0x1001; p < 0x1100; p += 2) 18523691d75SGustavo F. Padovan if (!__l2cap_global_chan_by_addr(cpu_to_le16(p), src)) { 18673b2ec18SGustavo F. Padovan chan->psm = cpu_to_le16(p); 18773b2ec18SGustavo F. Padovan chan->sport = cpu_to_le16(p); 18873b2ec18SGustavo F. Padovan err = 0; 18973b2ec18SGustavo F. Padovan break; 19073b2ec18SGustavo F. Padovan } 19173b2ec18SGustavo F. Padovan } 19273b2ec18SGustavo F. Padovan 19373b2ec18SGustavo F. Padovan done: 19423691d75SGustavo F. Padovan write_unlock_bh(&chan_list_lock); 19573b2ec18SGustavo F. Padovan return err; 1969e4425ffSGustavo F. Padovan } 1979e4425ffSGustavo F. Padovan 1989e4425ffSGustavo F. Padovan int l2cap_add_scid(struct l2cap_chan *chan, __u16 scid) 1999e4425ffSGustavo F. Padovan { 20023691d75SGustavo F. Padovan write_lock_bh(&chan_list_lock); 2019e4425ffSGustavo F. Padovan 2029e4425ffSGustavo F. Padovan chan->scid = scid; 2039e4425ffSGustavo F. Padovan 20423691d75SGustavo F. Padovan write_unlock_bh(&chan_list_lock); 2059e4425ffSGustavo F. Padovan 2069e4425ffSGustavo F. Padovan return 0; 2079e4425ffSGustavo F. Padovan } 2089e4425ffSGustavo F. Padovan 209baa7e1faSGustavo F. Padovan static u16 l2cap_alloc_cid(struct l2cap_conn *conn) 2100a708f8fSGustavo F. Padovan { 2110a708f8fSGustavo F. Padovan u16 cid = L2CAP_CID_DYN_START; 2120a708f8fSGustavo F. Padovan 2130a708f8fSGustavo F. Padovan for (; cid < L2CAP_CID_DYN_END; cid++) { 214baa7e1faSGustavo F. Padovan if (!__l2cap_get_chan_by_scid(conn, cid)) 2150a708f8fSGustavo F. Padovan return cid; 2160a708f8fSGustavo F. Padovan } 2170a708f8fSGustavo F. Padovan 2180a708f8fSGustavo F. Padovan return 0; 2190a708f8fSGustavo F. Padovan } 2200a708f8fSGustavo F. Padovan 221c9b66675SGustavo F. Padovan static void l2cap_set_timer(struct l2cap_chan *chan, struct timer_list *timer, long timeout) 222ab07801dSGustavo F. Padovan { 223457f4850SAndrei Emeltchenko BT_DBG("chan %p state %d timeout %ld", chan, chan->state, timeout); 22489bc500eSGustavo F. Padovan 225942ecc9cSMat Martineau if (!mod_timer(timer, jiffies + msecs_to_jiffies(timeout))) 22671ba0e56SGustavo F. Padovan chan_hold(chan); 227ab07801dSGustavo F. Padovan } 228ab07801dSGustavo F. Padovan 229c9b66675SGustavo F. Padovan static void l2cap_clear_timer(struct l2cap_chan *chan, struct timer_list *timer) 230ab07801dSGustavo F. Padovan { 23189bc500eSGustavo F. Padovan BT_DBG("chan %p state %d", chan, chan->state); 232ab07801dSGustavo F. Padovan 233c9b66675SGustavo F. Padovan if (timer_pending(timer) && del_timer(timer)) 23471ba0e56SGustavo F. Padovan chan_put(chan); 235ab07801dSGustavo F. Padovan } 236ab07801dSGustavo F. Padovan 23789bc500eSGustavo F. Padovan static void l2cap_state_change(struct l2cap_chan *chan, int state) 23889bc500eSGustavo F. Padovan { 23989bc500eSGustavo F. Padovan chan->state = state; 24089bc500eSGustavo F. Padovan chan->ops->state_change(chan->data, state); 24189bc500eSGustavo F. Padovan } 24289bc500eSGustavo F. Padovan 243ab07801dSGustavo F. Padovan static void l2cap_chan_timeout(unsigned long arg) 244ab07801dSGustavo F. Padovan { 245ab07801dSGustavo F. Padovan struct l2cap_chan *chan = (struct l2cap_chan *) arg; 246ab07801dSGustavo F. Padovan struct sock *sk = chan->sk; 247ab07801dSGustavo F. Padovan int reason; 248ab07801dSGustavo F. Padovan 24989bc500eSGustavo F. Padovan BT_DBG("chan %p state %d", chan, chan->state); 250ab07801dSGustavo F. Padovan 251ab07801dSGustavo F. Padovan bh_lock_sock(sk); 252ab07801dSGustavo F. Padovan 253ab07801dSGustavo F. Padovan if (sock_owned_by_user(sk)) { 254ab07801dSGustavo F. Padovan /* sk is owned by user. Try again later */ 255c9b66675SGustavo F. Padovan __set_chan_timer(chan, HZ / 5); 256ab07801dSGustavo F. Padovan bh_unlock_sock(sk); 25771ba0e56SGustavo F. Padovan chan_put(chan); 258ab07801dSGustavo F. Padovan return; 259ab07801dSGustavo F. Padovan } 260ab07801dSGustavo F. Padovan 26189bc500eSGustavo F. Padovan if (chan->state == BT_CONNECTED || chan->state == BT_CONFIG) 262ab07801dSGustavo F. Padovan reason = ECONNREFUSED; 26389bc500eSGustavo F. Padovan else if (chan->state == BT_CONNECT && 264ab07801dSGustavo F. Padovan chan->sec_level != BT_SECURITY_SDP) 265ab07801dSGustavo F. Padovan reason = ECONNREFUSED; 266ab07801dSGustavo F. Padovan else 267ab07801dSGustavo F. Padovan reason = ETIMEDOUT; 268ab07801dSGustavo F. Padovan 2690f852724SGustavo F. Padovan l2cap_chan_close(chan, reason); 270ab07801dSGustavo F. Padovan 271ab07801dSGustavo F. Padovan bh_unlock_sock(sk); 272ab07801dSGustavo F. Padovan 273ba3bd0eeSGustavo F. Padovan chan->ops->close(chan->data); 27471ba0e56SGustavo F. Padovan chan_put(chan); 275ab07801dSGustavo F. Padovan } 276ab07801dSGustavo F. Padovan 27723691d75SGustavo F. Padovan struct l2cap_chan *l2cap_chan_create(struct sock *sk) 2780a708f8fSGustavo F. Padovan { 27948454079SGustavo F. Padovan struct l2cap_chan *chan; 2800a708f8fSGustavo F. Padovan 28148454079SGustavo F. Padovan chan = kzalloc(sizeof(*chan), GFP_ATOMIC); 28248454079SGustavo F. Padovan if (!chan) 28348454079SGustavo F. Padovan return NULL; 2840a708f8fSGustavo F. Padovan 28548454079SGustavo F. Padovan chan->sk = sk; 28648454079SGustavo F. Padovan 28723691d75SGustavo F. Padovan write_lock_bh(&chan_list_lock); 28823691d75SGustavo F. Padovan list_add(&chan->global_l, &chan_list); 28923691d75SGustavo F. Padovan write_unlock_bh(&chan_list_lock); 29023691d75SGustavo F. Padovan 291ab07801dSGustavo F. Padovan setup_timer(&chan->chan_timer, l2cap_chan_timeout, (unsigned long) chan); 292ab07801dSGustavo F. Padovan 29389bc500eSGustavo F. Padovan chan->state = BT_OPEN; 29489bc500eSGustavo F. Padovan 29571ba0e56SGustavo F. Padovan atomic_set(&chan->refcnt, 1); 29671ba0e56SGustavo F. Padovan 297abc545b8SSzymon Janc BT_DBG("sk %p chan %p", sk, chan); 298abc545b8SSzymon Janc 29948454079SGustavo F. Padovan return chan; 3000a708f8fSGustavo F. Padovan } 3010a708f8fSGustavo F. Padovan 30223691d75SGustavo F. Padovan void l2cap_chan_destroy(struct l2cap_chan *chan) 3036ff5abbfSGustavo F. Padovan { 30423691d75SGustavo F. Padovan write_lock_bh(&chan_list_lock); 30523691d75SGustavo F. Padovan list_del(&chan->global_l); 30623691d75SGustavo F. Padovan write_unlock_bh(&chan_list_lock); 30723691d75SGustavo F. Padovan 30871ba0e56SGustavo F. Padovan chan_put(chan); 3096ff5abbfSGustavo F. Padovan } 3106ff5abbfSGustavo F. Padovan 31148454079SGustavo F. Padovan static void __l2cap_chan_add(struct l2cap_conn *conn, struct l2cap_chan *chan) 3120a708f8fSGustavo F. Padovan { 3130a708f8fSGustavo F. Padovan BT_DBG("conn %p, psm 0x%2.2x, dcid 0x%4.4x", conn, 314fe4128e0SGustavo F. Padovan chan->psm, chan->dcid); 3150a708f8fSGustavo F. Padovan 3169f5a0d7bSAndrei Emeltchenko conn->disc_reason = HCI_ERROR_REMOTE_USER_TERM; 3170a708f8fSGustavo F. Padovan 3188c1d787bSGustavo F. Padovan chan->conn = conn; 3190a708f8fSGustavo F. Padovan 320715ec005SGustavo F. Padovan if (chan->chan_type == L2CAP_CHAN_CONN_ORIENTED) { 321b62f328bSVille Tervo if (conn->hcon->type == LE_LINK) { 322b62f328bSVille Tervo /* LE connection */ 3230c1bc5c6SGustavo F. Padovan chan->omtu = L2CAP_LE_DEFAULT_MTU; 324fe4128e0SGustavo F. Padovan chan->scid = L2CAP_CID_LE_DATA; 325fe4128e0SGustavo F. Padovan chan->dcid = L2CAP_CID_LE_DATA; 326b62f328bSVille Tervo } else { 3270a708f8fSGustavo F. Padovan /* Alloc CID for connection-oriented socket */ 328fe4128e0SGustavo F. Padovan chan->scid = l2cap_alloc_cid(conn); 3290c1bc5c6SGustavo F. Padovan chan->omtu = L2CAP_DEFAULT_MTU; 330b62f328bSVille Tervo } 331715ec005SGustavo F. Padovan } else if (chan->chan_type == L2CAP_CHAN_CONN_LESS) { 3320a708f8fSGustavo F. Padovan /* Connectionless socket */ 333fe4128e0SGustavo F. Padovan chan->scid = L2CAP_CID_CONN_LESS; 334fe4128e0SGustavo F. Padovan chan->dcid = L2CAP_CID_CONN_LESS; 3350c1bc5c6SGustavo F. Padovan chan->omtu = L2CAP_DEFAULT_MTU; 3360a708f8fSGustavo F. Padovan } else { 3370a708f8fSGustavo F. Padovan /* Raw socket can send/recv signalling messages only */ 338fe4128e0SGustavo F. Padovan chan->scid = L2CAP_CID_SIGNALING; 339fe4128e0SGustavo F. Padovan chan->dcid = L2CAP_CID_SIGNALING; 3400c1bc5c6SGustavo F. Padovan chan->omtu = L2CAP_DEFAULT_MTU; 3410a708f8fSGustavo F. Padovan } 3420a708f8fSGustavo F. Padovan 3438f7975b1SAndrei Emeltchenko chan->local_id = L2CAP_BESTEFFORT_ID; 3448f7975b1SAndrei Emeltchenko chan->local_stype = L2CAP_SERV_BESTEFFORT; 3458f7975b1SAndrei Emeltchenko chan->local_msdu = L2CAP_DEFAULT_MAX_SDU_SIZE; 3468f7975b1SAndrei Emeltchenko chan->local_sdu_itime = L2CAP_DEFAULT_SDU_ITIME; 3478f7975b1SAndrei Emeltchenko chan->local_acc_lat = L2CAP_DEFAULT_ACC_LAT; 3488f7975b1SAndrei Emeltchenko chan->local_flush_to = L2CAP_DEFAULT_FLUSH_TO; 3498f7975b1SAndrei Emeltchenko 35071ba0e56SGustavo F. Padovan chan_hold(chan); 351baa7e1faSGustavo F. Padovan 352baa7e1faSGustavo F. Padovan list_add(&chan->list, &conn->chan_l); 3530a708f8fSGustavo F. Padovan } 3540a708f8fSGustavo F. Padovan 3550a708f8fSGustavo F. Padovan /* Delete channel. 3560a708f8fSGustavo F. Padovan * Must be called on the locked socket. */ 3574519de9aSGustavo F. Padovan static void l2cap_chan_del(struct l2cap_chan *chan, int err) 3580a708f8fSGustavo F. Padovan { 35948454079SGustavo F. Padovan struct sock *sk = chan->sk; 3608c1d787bSGustavo F. Padovan struct l2cap_conn *conn = chan->conn; 3610a708f8fSGustavo F. Padovan struct sock *parent = bt_sk(sk)->parent; 3620a708f8fSGustavo F. Padovan 363c9b66675SGustavo F. Padovan __clear_chan_timer(chan); 3640a708f8fSGustavo F. Padovan 36549208c9cSGustavo F. Padovan BT_DBG("chan %p, conn %p, err %d", chan, conn, err); 3660a708f8fSGustavo F. Padovan 3670a708f8fSGustavo F. Padovan if (conn) { 368baa7e1faSGustavo F. Padovan /* Delete from channel list */ 369baa7e1faSGustavo F. Padovan write_lock_bh(&conn->chan_lock); 370baa7e1faSGustavo F. Padovan list_del(&chan->list); 371baa7e1faSGustavo F. Padovan write_unlock_bh(&conn->chan_lock); 37271ba0e56SGustavo F. Padovan chan_put(chan); 373baa7e1faSGustavo F. Padovan 3748c1d787bSGustavo F. Padovan chan->conn = NULL; 3750a708f8fSGustavo F. Padovan hci_conn_put(conn->hcon); 3760a708f8fSGustavo F. Padovan } 3770a708f8fSGustavo F. Padovan 37889bc500eSGustavo F. Padovan l2cap_state_change(chan, BT_CLOSED); 3790a708f8fSGustavo F. Padovan sock_set_flag(sk, SOCK_ZAPPED); 3800a708f8fSGustavo F. Padovan 3810a708f8fSGustavo F. Padovan if (err) 3820a708f8fSGustavo F. Padovan sk->sk_err = err; 3830a708f8fSGustavo F. Padovan 3840a708f8fSGustavo F. Padovan if (parent) { 3850a708f8fSGustavo F. Padovan bt_accept_unlink(sk); 3860a708f8fSGustavo F. Padovan parent->sk_data_ready(parent, 0); 3870a708f8fSGustavo F. Padovan } else 3880a708f8fSGustavo F. Padovan sk->sk_state_change(sk); 3890a708f8fSGustavo F. Padovan 390c1360a1cSGustavo F. Padovan if (!(test_bit(CONF_OUTPUT_DONE, &chan->conf_state) && 391c1360a1cSGustavo F. Padovan test_bit(CONF_INPUT_DONE, &chan->conf_state))) 3926ff5abbfSGustavo F. Padovan return; 3932ead70b8SGustavo F. Padovan 39458d35f87SGustavo F. Padovan skb_queue_purge(&chan->tx_q); 3950a708f8fSGustavo F. Padovan 3960c1bc5c6SGustavo F. Padovan if (chan->mode == L2CAP_MODE_ERTM) { 3970a708f8fSGustavo F. Padovan struct srej_list *l, *tmp; 3980a708f8fSGustavo F. Padovan 3991a09bcb9SGustavo F. Padovan __clear_retrans_timer(chan); 4001a09bcb9SGustavo F. Padovan __clear_monitor_timer(chan); 4011a09bcb9SGustavo F. Padovan __clear_ack_timer(chan); 4020a708f8fSGustavo F. Padovan 403f1c6775bSGustavo F. Padovan skb_queue_purge(&chan->srej_q); 4040a708f8fSGustavo F. Padovan 40539d5a3eeSGustavo F. Padovan list_for_each_entry_safe(l, tmp, &chan->srej_l, list) { 4060a708f8fSGustavo F. Padovan list_del(&l->list); 4070a708f8fSGustavo F. Padovan kfree(l); 4080a708f8fSGustavo F. Padovan } 4090a708f8fSGustavo F. Padovan } 4100a708f8fSGustavo F. Padovan } 4110a708f8fSGustavo F. Padovan 4124519de9aSGustavo F. Padovan static void l2cap_chan_cleanup_listen(struct sock *parent) 4134519de9aSGustavo F. Padovan { 4144519de9aSGustavo F. Padovan struct sock *sk; 4154519de9aSGustavo F. Padovan 4164519de9aSGustavo F. Padovan BT_DBG("parent %p", parent); 4174519de9aSGustavo F. Padovan 4184519de9aSGustavo F. Padovan /* Close not yet accepted channels */ 4190f852724SGustavo F. Padovan while ((sk = bt_accept_dequeue(parent, NULL))) { 420ba3bd0eeSGustavo F. Padovan struct l2cap_chan *chan = l2cap_pi(sk)->chan; 421c9b66675SGustavo F. Padovan __clear_chan_timer(chan); 4220f852724SGustavo F. Padovan lock_sock(sk); 423ba3bd0eeSGustavo F. Padovan l2cap_chan_close(chan, ECONNRESET); 4240f852724SGustavo F. Padovan release_sock(sk); 425ba3bd0eeSGustavo F. Padovan chan->ops->close(chan->data); 4260f852724SGustavo F. Padovan } 4274519de9aSGustavo F. Padovan } 4284519de9aSGustavo F. Padovan 4290f852724SGustavo F. Padovan void l2cap_chan_close(struct l2cap_chan *chan, int reason) 4304519de9aSGustavo F. Padovan { 4314519de9aSGustavo F. Padovan struct l2cap_conn *conn = chan->conn; 4324519de9aSGustavo F. Padovan struct sock *sk = chan->sk; 4334519de9aSGustavo F. Padovan 43489bc500eSGustavo F. Padovan BT_DBG("chan %p state %d socket %p", chan, chan->state, sk->sk_socket); 4354519de9aSGustavo F. Padovan 43689bc500eSGustavo F. Padovan switch (chan->state) { 4374519de9aSGustavo F. Padovan case BT_LISTEN: 4384519de9aSGustavo F. Padovan l2cap_chan_cleanup_listen(sk); 43989bc500eSGustavo F. Padovan 44089bc500eSGustavo F. Padovan l2cap_state_change(chan, BT_CLOSED); 44189bc500eSGustavo F. Padovan sock_set_flag(sk, SOCK_ZAPPED); 4424519de9aSGustavo F. Padovan break; 4434519de9aSGustavo F. Padovan 4444519de9aSGustavo F. Padovan case BT_CONNECTED: 4454519de9aSGustavo F. Padovan case BT_CONFIG: 446715ec005SGustavo F. Padovan if (chan->chan_type == L2CAP_CHAN_CONN_ORIENTED && 4474519de9aSGustavo F. Padovan conn->hcon->type == ACL_LINK) { 448c9b66675SGustavo F. Padovan __clear_chan_timer(chan); 449c9b66675SGustavo F. Padovan __set_chan_timer(chan, sk->sk_sndtimeo); 4504519de9aSGustavo F. Padovan l2cap_send_disconn_req(conn, chan, reason); 4514519de9aSGustavo F. Padovan } else 4524519de9aSGustavo F. Padovan l2cap_chan_del(chan, reason); 4534519de9aSGustavo F. Padovan break; 4544519de9aSGustavo F. Padovan 4554519de9aSGustavo F. Padovan case BT_CONNECT2: 456715ec005SGustavo F. Padovan if (chan->chan_type == L2CAP_CHAN_CONN_ORIENTED && 4574519de9aSGustavo F. Padovan conn->hcon->type == ACL_LINK) { 4584519de9aSGustavo F. Padovan struct l2cap_conn_rsp rsp; 4594519de9aSGustavo F. Padovan __u16 result; 4604519de9aSGustavo F. Padovan 4614519de9aSGustavo F. Padovan if (bt_sk(sk)->defer_setup) 4624519de9aSGustavo F. Padovan result = L2CAP_CR_SEC_BLOCK; 4634519de9aSGustavo F. Padovan else 4644519de9aSGustavo F. Padovan result = L2CAP_CR_BAD_PSM; 46589bc500eSGustavo F. Padovan l2cap_state_change(chan, BT_DISCONN); 4664519de9aSGustavo F. Padovan 4674519de9aSGustavo F. Padovan rsp.scid = cpu_to_le16(chan->dcid); 4684519de9aSGustavo F. Padovan rsp.dcid = cpu_to_le16(chan->scid); 4694519de9aSGustavo F. Padovan rsp.result = cpu_to_le16(result); 4704519de9aSGustavo F. Padovan rsp.status = cpu_to_le16(L2CAP_CS_NO_INFO); 4714519de9aSGustavo F. Padovan l2cap_send_cmd(conn, chan->ident, L2CAP_CONN_RSP, 4724519de9aSGustavo F. Padovan sizeof(rsp), &rsp); 4734519de9aSGustavo F. Padovan } 4744519de9aSGustavo F. Padovan 4754519de9aSGustavo F. Padovan l2cap_chan_del(chan, reason); 4764519de9aSGustavo F. Padovan break; 4774519de9aSGustavo F. Padovan 4784519de9aSGustavo F. Padovan case BT_CONNECT: 4794519de9aSGustavo F. Padovan case BT_DISCONN: 4804519de9aSGustavo F. Padovan l2cap_chan_del(chan, reason); 4814519de9aSGustavo F. Padovan break; 4824519de9aSGustavo F. Padovan 4834519de9aSGustavo F. Padovan default: 4844519de9aSGustavo F. Padovan sock_set_flag(sk, SOCK_ZAPPED); 4854519de9aSGustavo F. Padovan break; 4864519de9aSGustavo F. Padovan } 4874519de9aSGustavo F. Padovan } 4884519de9aSGustavo F. Padovan 4894343478fSGustavo F. Padovan static inline u8 l2cap_get_auth_type(struct l2cap_chan *chan) 4900a708f8fSGustavo F. Padovan { 491715ec005SGustavo F. Padovan if (chan->chan_type == L2CAP_CHAN_RAW) { 4924343478fSGustavo F. Padovan switch (chan->sec_level) { 4930a708f8fSGustavo F. Padovan case BT_SECURITY_HIGH: 4940a708f8fSGustavo F. Padovan return HCI_AT_DEDICATED_BONDING_MITM; 4950a708f8fSGustavo F. Padovan case BT_SECURITY_MEDIUM: 4960a708f8fSGustavo F. Padovan return HCI_AT_DEDICATED_BONDING; 4970a708f8fSGustavo F. Padovan default: 4980a708f8fSGustavo F. Padovan return HCI_AT_NO_BONDING; 4990a708f8fSGustavo F. Padovan } 500fe4128e0SGustavo F. Padovan } else if (chan->psm == cpu_to_le16(0x0001)) { 5014343478fSGustavo F. Padovan if (chan->sec_level == BT_SECURITY_LOW) 5024343478fSGustavo F. Padovan chan->sec_level = BT_SECURITY_SDP; 5030a708f8fSGustavo F. Padovan 5044343478fSGustavo F. Padovan if (chan->sec_level == BT_SECURITY_HIGH) 5050a708f8fSGustavo F. Padovan return HCI_AT_NO_BONDING_MITM; 5060a708f8fSGustavo F. Padovan else 5070a708f8fSGustavo F. Padovan return HCI_AT_NO_BONDING; 5080a708f8fSGustavo F. Padovan } else { 5094343478fSGustavo F. Padovan switch (chan->sec_level) { 5100a708f8fSGustavo F. Padovan case BT_SECURITY_HIGH: 5110a708f8fSGustavo F. Padovan return HCI_AT_GENERAL_BONDING_MITM; 5120a708f8fSGustavo F. Padovan case BT_SECURITY_MEDIUM: 5130a708f8fSGustavo F. Padovan return HCI_AT_GENERAL_BONDING; 5140a708f8fSGustavo F. Padovan default: 5150a708f8fSGustavo F. Padovan return HCI_AT_NO_BONDING; 5160a708f8fSGustavo F. Padovan } 5170a708f8fSGustavo F. Padovan } 5180a708f8fSGustavo F. Padovan } 5190a708f8fSGustavo F. Padovan 5200a708f8fSGustavo F. Padovan /* Service level security */ 5214343478fSGustavo F. Padovan static inline int l2cap_check_security(struct l2cap_chan *chan) 5220a708f8fSGustavo F. Padovan { 5238c1d787bSGustavo F. Padovan struct l2cap_conn *conn = chan->conn; 5240a708f8fSGustavo F. Padovan __u8 auth_type; 5250a708f8fSGustavo F. Padovan 5264343478fSGustavo F. Padovan auth_type = l2cap_get_auth_type(chan); 5270a708f8fSGustavo F. Padovan 5284343478fSGustavo F. Padovan return hci_conn_security(conn->hcon, chan->sec_level, auth_type); 5290a708f8fSGustavo F. Padovan } 5300a708f8fSGustavo F. Padovan 531b5ad8b7fSJohannes Berg static u8 l2cap_get_ident(struct l2cap_conn *conn) 5320a708f8fSGustavo F. Padovan { 5330a708f8fSGustavo F. Padovan u8 id; 5340a708f8fSGustavo F. Padovan 5350a708f8fSGustavo F. Padovan /* Get next available identificator. 5360a708f8fSGustavo F. Padovan * 1 - 128 are used by kernel. 5370a708f8fSGustavo F. Padovan * 129 - 199 are reserved. 5380a708f8fSGustavo F. Padovan * 200 - 254 are used by utilities like l2ping, etc. 5390a708f8fSGustavo F. Padovan */ 5400a708f8fSGustavo F. Padovan 5410a708f8fSGustavo F. Padovan spin_lock_bh(&conn->lock); 5420a708f8fSGustavo F. Padovan 5430a708f8fSGustavo F. Padovan if (++conn->tx_ident > 128) 5440a708f8fSGustavo F. Padovan conn->tx_ident = 1; 5450a708f8fSGustavo F. Padovan 5460a708f8fSGustavo F. Padovan id = conn->tx_ident; 5470a708f8fSGustavo F. Padovan 5480a708f8fSGustavo F. Padovan spin_unlock_bh(&conn->lock); 5490a708f8fSGustavo F. Padovan 5500a708f8fSGustavo F. Padovan return id; 5510a708f8fSGustavo F. Padovan } 5520a708f8fSGustavo F. Padovan 5534519de9aSGustavo F. Padovan static void l2cap_send_cmd(struct l2cap_conn *conn, u8 ident, u8 code, u16 len, void *data) 5540a708f8fSGustavo F. Padovan { 5550a708f8fSGustavo F. Padovan struct sk_buff *skb = l2cap_build_cmd(conn, code, ident, len, data); 5560a708f8fSGustavo F. Padovan u8 flags; 5570a708f8fSGustavo F. Padovan 5580a708f8fSGustavo F. Padovan BT_DBG("code 0x%2.2x", code); 5590a708f8fSGustavo F. Padovan 5600a708f8fSGustavo F. Padovan if (!skb) 5610a708f8fSGustavo F. Padovan return; 5620a708f8fSGustavo F. Padovan 5630a708f8fSGustavo F. Padovan if (lmp_no_flush_capable(conn->hcon->hdev)) 5640a708f8fSGustavo F. Padovan flags = ACL_START_NO_FLUSH; 5650a708f8fSGustavo F. Padovan else 5660a708f8fSGustavo F. Padovan flags = ACL_START; 5670a708f8fSGustavo F. Padovan 56814b12d0bSJaikumar Ganesh bt_cb(skb)->force_active = BT_POWER_FORCE_ACTIVE_ON; 5695e59b791SLuiz Augusto von Dentz skb->priority = HCI_PRIO_MAX; 57014b12d0bSJaikumar Ganesh 57173d80debSLuiz Augusto von Dentz hci_send_acl(conn->hchan, skb, flags); 57273d80debSLuiz Augusto von Dentz } 57373d80debSLuiz Augusto von Dentz 57473d80debSLuiz Augusto von Dentz static void l2cap_do_send(struct l2cap_chan *chan, struct sk_buff *skb) 57573d80debSLuiz Augusto von Dentz { 57673d80debSLuiz Augusto von Dentz struct hci_conn *hcon = chan->conn->hcon; 57773d80debSLuiz Augusto von Dentz u16 flags; 57873d80debSLuiz Augusto von Dentz 57973d80debSLuiz Augusto von Dentz BT_DBG("chan %p, skb %p len %d priority %u", chan, skb, skb->len, 58073d80debSLuiz Augusto von Dentz skb->priority); 58173d80debSLuiz Augusto von Dentz 58273d80debSLuiz Augusto von Dentz if (!test_bit(FLAG_FLUSHABLE, &chan->flags) && 58373d80debSLuiz Augusto von Dentz lmp_no_flush_capable(hcon->hdev)) 58473d80debSLuiz Augusto von Dentz flags = ACL_START_NO_FLUSH; 58573d80debSLuiz Augusto von Dentz else 58673d80debSLuiz Augusto von Dentz flags = ACL_START; 58773d80debSLuiz Augusto von Dentz 58873d80debSLuiz Augusto von Dentz bt_cb(skb)->force_active = test_bit(FLAG_FORCE_ACTIVE, &chan->flags); 58973d80debSLuiz Augusto von Dentz hci_send_acl(chan->conn->hchan, skb, flags); 5900a708f8fSGustavo F. Padovan } 5910a708f8fSGustavo F. Padovan 59288843ab0SAndrei Emeltchenko static inline void l2cap_send_sframe(struct l2cap_chan *chan, u32 control) 5930a708f8fSGustavo F. Padovan { 5940a708f8fSGustavo F. Padovan struct sk_buff *skb; 5950a708f8fSGustavo F. Padovan struct l2cap_hdr *lh; 5968c1d787bSGustavo F. Padovan struct l2cap_conn *conn = chan->conn; 597e4ca6d98SAndrei Emeltchenko int count, hlen; 5980a708f8fSGustavo F. Padovan 59989bc500eSGustavo F. Padovan if (chan->state != BT_CONNECTED) 6000a708f8fSGustavo F. Padovan return; 6010a708f8fSGustavo F. Padovan 602e4ca6d98SAndrei Emeltchenko if (test_bit(FLAG_EXT_CTRL, &chan->flags)) 603e4ca6d98SAndrei Emeltchenko hlen = L2CAP_EXT_HDR_SIZE; 604e4ca6d98SAndrei Emeltchenko else 605e4ca6d98SAndrei Emeltchenko hlen = L2CAP_ENH_HDR_SIZE; 606e4ca6d98SAndrei Emeltchenko 60747d1ec61SGustavo F. Padovan if (chan->fcs == L2CAP_FCS_CRC16) 60803a51213SAndrei Emeltchenko hlen += L2CAP_FCS_SIZE; 6090a708f8fSGustavo F. Padovan 61088843ab0SAndrei Emeltchenko BT_DBG("chan %p, control 0x%8.8x", chan, control); 6110a708f8fSGustavo F. Padovan 6120a708f8fSGustavo F. Padovan count = min_t(unsigned int, conn->mtu, hlen); 613793c2f1cSAndrei Emeltchenko 614793c2f1cSAndrei Emeltchenko control |= __set_sframe(chan); 6150a708f8fSGustavo F. Padovan 616e2ab4353SGustavo F. Padovan if (test_and_clear_bit(CONN_SEND_FBIT, &chan->conn_state)) 61703f6715dSAndrei Emeltchenko control |= __set_ctrl_final(chan); 6180a708f8fSGustavo F. Padovan 619e2ab4353SGustavo F. Padovan if (test_and_clear_bit(CONN_SEND_PBIT, &chan->conn_state)) 620e3781735SAndrei Emeltchenko control |= __set_ctrl_poll(chan); 6210a708f8fSGustavo F. Padovan 6220a708f8fSGustavo F. Padovan skb = bt_skb_alloc(count, GFP_ATOMIC); 6230a708f8fSGustavo F. Padovan if (!skb) 6240a708f8fSGustavo F. Padovan return; 6250a708f8fSGustavo F. Padovan 6260a708f8fSGustavo F. Padovan lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE); 6270a708f8fSGustavo F. Padovan lh->len = cpu_to_le16(hlen - L2CAP_HDR_SIZE); 628fe4128e0SGustavo F. Padovan lh->cid = cpu_to_le16(chan->dcid); 62988843ab0SAndrei Emeltchenko 63088843ab0SAndrei Emeltchenko __put_control(chan, control, skb_put(skb, __ctrl_size(chan))); 6310a708f8fSGustavo F. Padovan 63247d1ec61SGustavo F. Padovan if (chan->fcs == L2CAP_FCS_CRC16) { 63303a51213SAndrei Emeltchenko u16 fcs = crc16(0, (u8 *)lh, count - L2CAP_FCS_SIZE); 63403a51213SAndrei Emeltchenko put_unaligned_le16(fcs, skb_put(skb, L2CAP_FCS_SIZE)); 6350a708f8fSGustavo F. Padovan } 6360a708f8fSGustavo F. Padovan 63773d80debSLuiz Augusto von Dentz skb->priority = HCI_PRIO_MAX; 63873d80debSLuiz Augusto von Dentz l2cap_do_send(chan, skb); 6390a708f8fSGustavo F. Padovan } 6400a708f8fSGustavo F. Padovan 64188843ab0SAndrei Emeltchenko static inline void l2cap_send_rr_or_rnr(struct l2cap_chan *chan, u32 control) 6420a708f8fSGustavo F. Padovan { 643e2ab4353SGustavo F. Padovan if (test_bit(CONN_LOCAL_BUSY, &chan->conn_state)) { 644ab784b73SAndrei Emeltchenko control |= __set_ctrl_super(chan, L2CAP_SUPER_RNR); 645e2ab4353SGustavo F. Padovan set_bit(CONN_RNR_SENT, &chan->conn_state); 6460a708f8fSGustavo F. Padovan } else 647ab784b73SAndrei Emeltchenko control |= __set_ctrl_super(chan, L2CAP_SUPER_RR); 6480a708f8fSGustavo F. Padovan 6490b209faeSAndrei Emeltchenko control |= __set_reqseq(chan, chan->buffer_seq); 6500a708f8fSGustavo F. Padovan 651525cd185SGustavo F. Padovan l2cap_send_sframe(chan, control); 6520a708f8fSGustavo F. Padovan } 6530a708f8fSGustavo F. Padovan 654b4450035SGustavo F. Padovan static inline int __l2cap_no_conn_pending(struct l2cap_chan *chan) 6550a708f8fSGustavo F. Padovan { 656c1360a1cSGustavo F. Padovan return !test_bit(CONF_CONNECT_PEND, &chan->conf_state); 6570a708f8fSGustavo F. Padovan } 6580a708f8fSGustavo F. Padovan 659fc7f8a7eSGustavo F. Padovan static void l2cap_do_start(struct l2cap_chan *chan) 6600a708f8fSGustavo F. Padovan { 6618c1d787bSGustavo F. Padovan struct l2cap_conn *conn = chan->conn; 6620a708f8fSGustavo F. Padovan 6630a708f8fSGustavo F. Padovan if (conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_SENT) { 6640a708f8fSGustavo F. Padovan if (!(conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_DONE)) 6650a708f8fSGustavo F. Padovan return; 6660a708f8fSGustavo F. Padovan 6674343478fSGustavo F. Padovan if (l2cap_check_security(chan) && 6684343478fSGustavo F. Padovan __l2cap_no_conn_pending(chan)) { 6690a708f8fSGustavo F. Padovan struct l2cap_conn_req req; 670fe4128e0SGustavo F. Padovan req.scid = cpu_to_le16(chan->scid); 671fe4128e0SGustavo F. Padovan req.psm = chan->psm; 6720a708f8fSGustavo F. Padovan 673fc7f8a7eSGustavo F. Padovan chan->ident = l2cap_get_ident(conn); 674c1360a1cSGustavo F. Padovan set_bit(CONF_CONNECT_PEND, &chan->conf_state); 6750a708f8fSGustavo F. Padovan 676fc7f8a7eSGustavo F. Padovan l2cap_send_cmd(conn, chan->ident, L2CAP_CONN_REQ, 677fc7f8a7eSGustavo F. Padovan sizeof(req), &req); 6780a708f8fSGustavo F. Padovan } 6790a708f8fSGustavo F. Padovan } else { 6800a708f8fSGustavo F. Padovan struct l2cap_info_req req; 6810a708f8fSGustavo F. Padovan req.type = cpu_to_le16(L2CAP_IT_FEAT_MASK); 6820a708f8fSGustavo F. Padovan 6830a708f8fSGustavo F. Padovan conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_SENT; 6840a708f8fSGustavo F. Padovan conn->info_ident = l2cap_get_ident(conn); 6850a708f8fSGustavo F. Padovan 6860a708f8fSGustavo F. Padovan mod_timer(&conn->info_timer, jiffies + 6870a708f8fSGustavo F. Padovan msecs_to_jiffies(L2CAP_INFO_TIMEOUT)); 6880a708f8fSGustavo F. Padovan 6890a708f8fSGustavo F. Padovan l2cap_send_cmd(conn, conn->info_ident, 6900a708f8fSGustavo F. Padovan L2CAP_INFO_REQ, sizeof(req), &req); 6910a708f8fSGustavo F. Padovan } 6920a708f8fSGustavo F. Padovan } 6930a708f8fSGustavo F. Padovan 6940a708f8fSGustavo F. Padovan static inline int l2cap_mode_supported(__u8 mode, __u32 feat_mask) 6950a708f8fSGustavo F. Padovan { 6960a708f8fSGustavo F. Padovan u32 local_feat_mask = l2cap_feat_mask; 6970a708f8fSGustavo F. Padovan if (!disable_ertm) 6980a708f8fSGustavo F. Padovan local_feat_mask |= L2CAP_FEAT_ERTM | L2CAP_FEAT_STREAMING; 6990a708f8fSGustavo F. Padovan 7000a708f8fSGustavo F. Padovan switch (mode) { 7010a708f8fSGustavo F. Padovan case L2CAP_MODE_ERTM: 7020a708f8fSGustavo F. Padovan return L2CAP_FEAT_ERTM & feat_mask & local_feat_mask; 7030a708f8fSGustavo F. Padovan case L2CAP_MODE_STREAMING: 7040a708f8fSGustavo F. Padovan return L2CAP_FEAT_STREAMING & feat_mask & local_feat_mask; 7050a708f8fSGustavo F. Padovan default: 7060a708f8fSGustavo F. Padovan return 0x00; 7070a708f8fSGustavo F. Padovan } 7080a708f8fSGustavo F. Padovan } 7090a708f8fSGustavo F. Padovan 7104519de9aSGustavo F. Padovan static void l2cap_send_disconn_req(struct l2cap_conn *conn, struct l2cap_chan *chan, int err) 7110a708f8fSGustavo F. Padovan { 712e92c8e70SGustavo F. Padovan struct sock *sk; 7130a708f8fSGustavo F. Padovan struct l2cap_disconn_req req; 7140a708f8fSGustavo F. Padovan 7150a708f8fSGustavo F. Padovan if (!conn) 7160a708f8fSGustavo F. Padovan return; 7170a708f8fSGustavo F. Padovan 718e92c8e70SGustavo F. Padovan sk = chan->sk; 719e92c8e70SGustavo F. Padovan 7200c1bc5c6SGustavo F. Padovan if (chan->mode == L2CAP_MODE_ERTM) { 7211a09bcb9SGustavo F. Padovan __clear_retrans_timer(chan); 7221a09bcb9SGustavo F. Padovan __clear_monitor_timer(chan); 7231a09bcb9SGustavo F. Padovan __clear_ack_timer(chan); 7240a708f8fSGustavo F. Padovan } 7250a708f8fSGustavo F. Padovan 726fe4128e0SGustavo F. Padovan req.dcid = cpu_to_le16(chan->dcid); 727fe4128e0SGustavo F. Padovan req.scid = cpu_to_le16(chan->scid); 7280a708f8fSGustavo F. Padovan l2cap_send_cmd(conn, l2cap_get_ident(conn), 7290a708f8fSGustavo F. Padovan L2CAP_DISCONN_REQ, sizeof(req), &req); 7300a708f8fSGustavo F. Padovan 73189bc500eSGustavo F. Padovan l2cap_state_change(chan, BT_DISCONN); 7320a708f8fSGustavo F. Padovan sk->sk_err = err; 7330a708f8fSGustavo F. Padovan } 7340a708f8fSGustavo F. Padovan 7350a708f8fSGustavo F. Padovan /* ---- L2CAP connections ---- */ 7360a708f8fSGustavo F. Padovan static void l2cap_conn_start(struct l2cap_conn *conn) 7370a708f8fSGustavo F. Padovan { 738820ffdb3SGustavo F. Padovan struct l2cap_chan *chan, *tmp; 7390a708f8fSGustavo F. Padovan 7400a708f8fSGustavo F. Padovan BT_DBG("conn %p", conn); 7410a708f8fSGustavo F. Padovan 742baa7e1faSGustavo F. Padovan read_lock(&conn->chan_lock); 7430a708f8fSGustavo F. Padovan 744820ffdb3SGustavo F. Padovan list_for_each_entry_safe(chan, tmp, &conn->chan_l, list) { 74548454079SGustavo F. Padovan struct sock *sk = chan->sk; 746baa7e1faSGustavo F. Padovan 7470a708f8fSGustavo F. Padovan bh_lock_sock(sk); 7480a708f8fSGustavo F. Padovan 749715ec005SGustavo F. Padovan if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED) { 7500a708f8fSGustavo F. Padovan bh_unlock_sock(sk); 7510a708f8fSGustavo F. Padovan continue; 7520a708f8fSGustavo F. Padovan } 7530a708f8fSGustavo F. Padovan 75489bc500eSGustavo F. Padovan if (chan->state == BT_CONNECT) { 7550a708f8fSGustavo F. Padovan struct l2cap_conn_req req; 7560a708f8fSGustavo F. Padovan 7574343478fSGustavo F. Padovan if (!l2cap_check_security(chan) || 758b4450035SGustavo F. Padovan !__l2cap_no_conn_pending(chan)) { 7590a708f8fSGustavo F. Padovan bh_unlock_sock(sk); 7600a708f8fSGustavo F. Padovan continue; 7610a708f8fSGustavo F. Padovan } 7620a708f8fSGustavo F. Padovan 763c1360a1cSGustavo F. Padovan if (!l2cap_mode_supported(chan->mode, conn->feat_mask) 764c1360a1cSGustavo F. Padovan && test_bit(CONF_STATE2_DEVICE, 765c1360a1cSGustavo F. Padovan &chan->conf_state)) { 7660f852724SGustavo F. Padovan /* l2cap_chan_close() calls list_del(chan) 767820ffdb3SGustavo F. Padovan * so release the lock */ 7682461daacSGustavo F. Padovan read_unlock(&conn->chan_lock); 7690f852724SGustavo F. Padovan l2cap_chan_close(chan, ECONNRESET); 7702461daacSGustavo F. Padovan read_lock(&conn->chan_lock); 7710a708f8fSGustavo F. Padovan bh_unlock_sock(sk); 7720a708f8fSGustavo F. Padovan continue; 7730a708f8fSGustavo F. Padovan } 7740a708f8fSGustavo F. Padovan 775fe4128e0SGustavo F. Padovan req.scid = cpu_to_le16(chan->scid); 776fe4128e0SGustavo F. Padovan req.psm = chan->psm; 7770a708f8fSGustavo F. Padovan 778fc7f8a7eSGustavo F. Padovan chan->ident = l2cap_get_ident(conn); 779c1360a1cSGustavo F. Padovan set_bit(CONF_CONNECT_PEND, &chan->conf_state); 7800a708f8fSGustavo F. Padovan 781fc7f8a7eSGustavo F. Padovan l2cap_send_cmd(conn, chan->ident, L2CAP_CONN_REQ, 782fc7f8a7eSGustavo F. Padovan sizeof(req), &req); 7830a708f8fSGustavo F. Padovan 78489bc500eSGustavo F. Padovan } else if (chan->state == BT_CONNECT2) { 7850a708f8fSGustavo F. Padovan struct l2cap_conn_rsp rsp; 7860a708f8fSGustavo F. Padovan char buf[128]; 787fe4128e0SGustavo F. Padovan rsp.scid = cpu_to_le16(chan->dcid); 788fe4128e0SGustavo F. Padovan rsp.dcid = cpu_to_le16(chan->scid); 7890a708f8fSGustavo F. Padovan 7904343478fSGustavo F. Padovan if (l2cap_check_security(chan)) { 7910a708f8fSGustavo F. Padovan if (bt_sk(sk)->defer_setup) { 7920a708f8fSGustavo F. Padovan struct sock *parent = bt_sk(sk)->parent; 7930a708f8fSGustavo F. Padovan rsp.result = cpu_to_le16(L2CAP_CR_PEND); 7940a708f8fSGustavo F. Padovan rsp.status = cpu_to_le16(L2CAP_CS_AUTHOR_PEND); 79505e9a2f6SIlia Kolomisnky if (parent) 7960a708f8fSGustavo F. Padovan parent->sk_data_ready(parent, 0); 7970a708f8fSGustavo F. Padovan 7980a708f8fSGustavo F. Padovan } else { 79989bc500eSGustavo F. Padovan l2cap_state_change(chan, BT_CONFIG); 8000a708f8fSGustavo F. Padovan rsp.result = cpu_to_le16(L2CAP_CR_SUCCESS); 8010a708f8fSGustavo F. Padovan rsp.status = cpu_to_le16(L2CAP_CS_NO_INFO); 8020a708f8fSGustavo F. Padovan } 8030a708f8fSGustavo F. Padovan } else { 8040a708f8fSGustavo F. Padovan rsp.result = cpu_to_le16(L2CAP_CR_PEND); 8050a708f8fSGustavo F. Padovan rsp.status = cpu_to_le16(L2CAP_CS_AUTHEN_PEND); 8060a708f8fSGustavo F. Padovan } 8070a708f8fSGustavo F. Padovan 808fc7f8a7eSGustavo F. Padovan l2cap_send_cmd(conn, chan->ident, L2CAP_CONN_RSP, 809fc7f8a7eSGustavo F. Padovan sizeof(rsp), &rsp); 8100a708f8fSGustavo F. Padovan 811c1360a1cSGustavo F. Padovan if (test_bit(CONF_REQ_SENT, &chan->conf_state) || 8120a708f8fSGustavo F. Padovan rsp.result != L2CAP_CR_SUCCESS) { 8130a708f8fSGustavo F. Padovan bh_unlock_sock(sk); 8140a708f8fSGustavo F. Padovan continue; 8150a708f8fSGustavo F. Padovan } 8160a708f8fSGustavo F. Padovan 817c1360a1cSGustavo F. Padovan set_bit(CONF_REQ_SENT, &chan->conf_state); 8180a708f8fSGustavo F. Padovan l2cap_send_cmd(conn, l2cap_get_ident(conn), L2CAP_CONF_REQ, 81973ffa904SGustavo F. Padovan l2cap_build_conf_req(chan, buf), buf); 82073ffa904SGustavo F. Padovan chan->num_conf_req++; 8210a708f8fSGustavo F. Padovan } 8220a708f8fSGustavo F. Padovan 8230a708f8fSGustavo F. Padovan bh_unlock_sock(sk); 8240a708f8fSGustavo F. Padovan } 8250a708f8fSGustavo F. Padovan 826baa7e1faSGustavo F. Padovan read_unlock(&conn->chan_lock); 8270a708f8fSGustavo F. Padovan } 8280a708f8fSGustavo F. Padovan 829b62f328bSVille Tervo /* Find socket with cid and source bdaddr. 830b62f328bSVille Tervo * Returns closest match, locked. 831b62f328bSVille Tervo */ 83223691d75SGustavo F. Padovan static struct l2cap_chan *l2cap_global_chan_by_scid(int state, __le16 cid, bdaddr_t *src) 833b62f328bSVille Tervo { 83423691d75SGustavo F. Padovan struct l2cap_chan *c, *c1 = NULL; 835b62f328bSVille Tervo 83623691d75SGustavo F. Padovan read_lock(&chan_list_lock); 837b62f328bSVille Tervo 83823691d75SGustavo F. Padovan list_for_each_entry(c, &chan_list, global_l) { 83923691d75SGustavo F. Padovan struct sock *sk = c->sk; 840fe4128e0SGustavo F. Padovan 84189bc500eSGustavo F. Padovan if (state && c->state != state) 842b62f328bSVille Tervo continue; 843b62f328bSVille Tervo 84423691d75SGustavo F. Padovan if (c->scid == cid) { 845b62f328bSVille Tervo /* Exact match. */ 84623691d75SGustavo F. Padovan if (!bacmp(&bt_sk(sk)->src, src)) { 84723691d75SGustavo F. Padovan read_unlock(&chan_list_lock); 84823691d75SGustavo F. Padovan return c; 84923691d75SGustavo F. Padovan } 850b62f328bSVille Tervo 851b62f328bSVille Tervo /* Closest match */ 852b62f328bSVille Tervo if (!bacmp(&bt_sk(sk)->src, BDADDR_ANY)) 85323691d75SGustavo F. Padovan c1 = c; 854b62f328bSVille Tervo } 855b62f328bSVille Tervo } 856280f294fSGustavo F. Padovan 85723691d75SGustavo F. Padovan read_unlock(&chan_list_lock); 858b62f328bSVille Tervo 85923691d75SGustavo F. Padovan return c1; 860b62f328bSVille Tervo } 861b62f328bSVille Tervo 862b62f328bSVille Tervo static void l2cap_le_conn_ready(struct l2cap_conn *conn) 863b62f328bSVille Tervo { 864c916fbe4SGustavo F. Padovan struct sock *parent, *sk; 86523691d75SGustavo F. Padovan struct l2cap_chan *chan, *pchan; 866b62f328bSVille Tervo 867b62f328bSVille Tervo BT_DBG(""); 868b62f328bSVille Tervo 869b62f328bSVille Tervo /* Check if we have socket listening on cid */ 87023691d75SGustavo F. Padovan pchan = l2cap_global_chan_by_scid(BT_LISTEN, L2CAP_CID_LE_DATA, 871b62f328bSVille Tervo conn->src); 87223691d75SGustavo F. Padovan if (!pchan) 873b62f328bSVille Tervo return; 874b62f328bSVille Tervo 87523691d75SGustavo F. Padovan parent = pchan->sk; 87623691d75SGustavo F. Padovan 87762f3a2cfSGustavo F. Padovan bh_lock_sock(parent); 87862f3a2cfSGustavo F. Padovan 879b62f328bSVille Tervo /* Check for backlog size */ 880b62f328bSVille Tervo if (sk_acceptq_is_full(parent)) { 881b62f328bSVille Tervo BT_DBG("backlog full %d", parent->sk_ack_backlog); 882b62f328bSVille Tervo goto clean; 883b62f328bSVille Tervo } 884b62f328bSVille Tervo 88580808e43SGustavo F. Padovan chan = pchan->ops->new_connection(pchan->data); 88680808e43SGustavo F. Padovan if (!chan) 887b62f328bSVille Tervo goto clean; 888b62f328bSVille Tervo 88980808e43SGustavo F. Padovan sk = chan->sk; 8905d41ce1dSGustavo F. Padovan 891baa7e1faSGustavo F. Padovan write_lock_bh(&conn->chan_lock); 892b62f328bSVille Tervo 893b62f328bSVille Tervo hci_conn_hold(conn->hcon); 894b62f328bSVille Tervo 895b62f328bSVille Tervo bacpy(&bt_sk(sk)->src, conn->src); 896b62f328bSVille Tervo bacpy(&bt_sk(sk)->dst, conn->dst); 897b62f328bSVille Tervo 898d1010240SGustavo F. Padovan bt_accept_enqueue(parent, sk); 899d1010240SGustavo F. Padovan 90048454079SGustavo F. Padovan __l2cap_chan_add(conn, chan); 90148454079SGustavo F. Padovan 902c9b66675SGustavo F. Padovan __set_chan_timer(chan, sk->sk_sndtimeo); 903b62f328bSVille Tervo 90489bc500eSGustavo F. Padovan l2cap_state_change(chan, BT_CONNECTED); 905b62f328bSVille Tervo parent->sk_data_ready(parent, 0); 906b62f328bSVille Tervo 907baa7e1faSGustavo F. Padovan write_unlock_bh(&conn->chan_lock); 908b62f328bSVille Tervo 909b62f328bSVille Tervo clean: 910b62f328bSVille Tervo bh_unlock_sock(parent); 911b62f328bSVille Tervo } 912b62f328bSVille Tervo 913f1cb9af5SVinicius Costa Gomes static void l2cap_chan_ready(struct sock *sk) 914f1cb9af5SVinicius Costa Gomes { 915f1cb9af5SVinicius Costa Gomes struct l2cap_chan *chan = l2cap_pi(sk)->chan; 916f1cb9af5SVinicius Costa Gomes struct sock *parent = bt_sk(sk)->parent; 917f1cb9af5SVinicius Costa Gomes 918f1cb9af5SVinicius Costa Gomes BT_DBG("sk %p, parent %p", sk, parent); 919f1cb9af5SVinicius Costa Gomes 920f1cb9af5SVinicius Costa Gomes chan->conf_state = 0; 921f1cb9af5SVinicius Costa Gomes __clear_chan_timer(chan); 922f1cb9af5SVinicius Costa Gomes 92343f3dc41SVinicius Costa Gomes l2cap_state_change(chan, BT_CONNECTED); 924f1cb9af5SVinicius Costa Gomes sk->sk_state_change(sk); 925f1cb9af5SVinicius Costa Gomes 926f1cb9af5SVinicius Costa Gomes if (parent) 927f1cb9af5SVinicius Costa Gomes parent->sk_data_ready(parent, 0); 928f1cb9af5SVinicius Costa Gomes } 929f1cb9af5SVinicius Costa Gomes 9300a708f8fSGustavo F. Padovan static void l2cap_conn_ready(struct l2cap_conn *conn) 9310a708f8fSGustavo F. Padovan { 93248454079SGustavo F. Padovan struct l2cap_chan *chan; 9330a708f8fSGustavo F. Padovan 9340a708f8fSGustavo F. Padovan BT_DBG("conn %p", conn); 9350a708f8fSGustavo F. Padovan 936b62f328bSVille Tervo if (!conn->hcon->out && conn->hcon->type == LE_LINK) 937b62f328bSVille Tervo l2cap_le_conn_ready(conn); 938b62f328bSVille Tervo 939160dc6acSVinicius Costa Gomes if (conn->hcon->out && conn->hcon->type == LE_LINK) 940160dc6acSVinicius Costa Gomes smp_conn_security(conn, conn->hcon->pending_sec_level); 941160dc6acSVinicius Costa Gomes 942baa7e1faSGustavo F. Padovan read_lock(&conn->chan_lock); 9430a708f8fSGustavo F. Padovan 944baa7e1faSGustavo F. Padovan list_for_each_entry(chan, &conn->chan_l, list) { 94548454079SGustavo F. Padovan struct sock *sk = chan->sk; 946baa7e1faSGustavo F. Padovan 9470a708f8fSGustavo F. Padovan bh_lock_sock(sk); 9480a708f8fSGustavo F. Padovan 94963128451SVinicius Costa Gomes if (conn->hcon->type == LE_LINK) { 950b501d6a1SAnderson Briglia if (smp_conn_security(conn, chan->sec_level)) 951f1cb9af5SVinicius Costa Gomes l2cap_chan_ready(sk); 952acd7d370SVille Tervo 95363128451SVinicius Costa Gomes } else if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED) { 954c9b66675SGustavo F. Padovan __clear_chan_timer(chan); 95589bc500eSGustavo F. Padovan l2cap_state_change(chan, BT_CONNECTED); 9560a708f8fSGustavo F. Padovan sk->sk_state_change(sk); 957b501d6a1SAnderson Briglia 95889bc500eSGustavo F. Padovan } else if (chan->state == BT_CONNECT) 959fc7f8a7eSGustavo F. Padovan l2cap_do_start(chan); 9600a708f8fSGustavo F. Padovan 9610a708f8fSGustavo F. Padovan bh_unlock_sock(sk); 9620a708f8fSGustavo F. Padovan } 9630a708f8fSGustavo F. Padovan 964baa7e1faSGustavo F. Padovan read_unlock(&conn->chan_lock); 9650a708f8fSGustavo F. Padovan } 9660a708f8fSGustavo F. Padovan 9670a708f8fSGustavo F. Padovan /* Notify sockets that we cannot guaranty reliability anymore */ 9680a708f8fSGustavo F. Padovan static void l2cap_conn_unreliable(struct l2cap_conn *conn, int err) 9690a708f8fSGustavo F. Padovan { 97048454079SGustavo F. Padovan struct l2cap_chan *chan; 9710a708f8fSGustavo F. Padovan 9720a708f8fSGustavo F. Padovan BT_DBG("conn %p", conn); 9730a708f8fSGustavo F. Padovan 974baa7e1faSGustavo F. Padovan read_lock(&conn->chan_lock); 9750a708f8fSGustavo F. Padovan 976baa7e1faSGustavo F. Padovan list_for_each_entry(chan, &conn->chan_l, list) { 97748454079SGustavo F. Padovan struct sock *sk = chan->sk; 978baa7e1faSGustavo F. Padovan 979ecf61bdbSAndrei Emeltchenko if (test_bit(FLAG_FORCE_RELIABLE, &chan->flags)) 9800a708f8fSGustavo F. Padovan sk->sk_err = err; 9810a708f8fSGustavo F. Padovan } 9820a708f8fSGustavo F. Padovan 983baa7e1faSGustavo F. Padovan read_unlock(&conn->chan_lock); 9840a708f8fSGustavo F. Padovan } 9850a708f8fSGustavo F. Padovan 9860a708f8fSGustavo F. Padovan static void l2cap_info_timeout(unsigned long arg) 9870a708f8fSGustavo F. Padovan { 9880a708f8fSGustavo F. Padovan struct l2cap_conn *conn = (void *) arg; 9890a708f8fSGustavo F. Padovan 9900a708f8fSGustavo F. Padovan conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_DONE; 9910a708f8fSGustavo F. Padovan conn->info_ident = 0; 9920a708f8fSGustavo F. Padovan 9930a708f8fSGustavo F. Padovan l2cap_conn_start(conn); 9940a708f8fSGustavo F. Padovan } 9950a708f8fSGustavo F. Padovan 9965d3de7dfSVinicius Costa Gomes static void l2cap_conn_del(struct hci_conn *hcon, int err) 9975d3de7dfSVinicius Costa Gomes { 9985d3de7dfSVinicius Costa Gomes struct l2cap_conn *conn = hcon->l2cap_data; 9995d3de7dfSVinicius Costa Gomes struct l2cap_chan *chan, *l; 10005d3de7dfSVinicius Costa Gomes struct sock *sk; 10015d3de7dfSVinicius Costa Gomes 10025d3de7dfSVinicius Costa Gomes if (!conn) 10035d3de7dfSVinicius Costa Gomes return; 10045d3de7dfSVinicius Costa Gomes 10055d3de7dfSVinicius Costa Gomes BT_DBG("hcon %p conn %p, err %d", hcon, conn, err); 10065d3de7dfSVinicius Costa Gomes 10075d3de7dfSVinicius Costa Gomes kfree_skb(conn->rx_skb); 10085d3de7dfSVinicius Costa Gomes 10095d3de7dfSVinicius Costa Gomes /* Kill channels */ 10105d3de7dfSVinicius Costa Gomes list_for_each_entry_safe(chan, l, &conn->chan_l, list) { 10115d3de7dfSVinicius Costa Gomes sk = chan->sk; 10125d3de7dfSVinicius Costa Gomes bh_lock_sock(sk); 10135d3de7dfSVinicius Costa Gomes l2cap_chan_del(chan, err); 10145d3de7dfSVinicius Costa Gomes bh_unlock_sock(sk); 10155d3de7dfSVinicius Costa Gomes chan->ops->close(chan->data); 10165d3de7dfSVinicius Costa Gomes } 10175d3de7dfSVinicius Costa Gomes 101873d80debSLuiz Augusto von Dentz hci_chan_del(conn->hchan); 101973d80debSLuiz Augusto von Dentz 10205d3de7dfSVinicius Costa Gomes if (conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_SENT) 10215d3de7dfSVinicius Costa Gomes del_timer_sync(&conn->info_timer); 10225d3de7dfSVinicius Costa Gomes 1023d26a2345SVinicius Costa Gomes if (test_and_clear_bit(HCI_CONN_LE_SMP_PEND, &hcon->pend)) { 10245d3de7dfSVinicius Costa Gomes del_timer(&conn->security_timer); 10258aab4757SVinicius Costa Gomes smp_chan_destroy(conn); 1026d26a2345SVinicius Costa Gomes } 10275d3de7dfSVinicius Costa Gomes 10285d3de7dfSVinicius Costa Gomes hcon->l2cap_data = NULL; 10295d3de7dfSVinicius Costa Gomes kfree(conn); 10305d3de7dfSVinicius Costa Gomes } 10315d3de7dfSVinicius Costa Gomes 10325d3de7dfSVinicius Costa Gomes static void security_timeout(unsigned long arg) 10335d3de7dfSVinicius Costa Gomes { 10345d3de7dfSVinicius Costa Gomes struct l2cap_conn *conn = (void *) arg; 10355d3de7dfSVinicius Costa Gomes 10365d3de7dfSVinicius Costa Gomes l2cap_conn_del(conn->hcon, ETIMEDOUT); 10375d3de7dfSVinicius Costa Gomes } 10385d3de7dfSVinicius Costa Gomes 10390a708f8fSGustavo F. Padovan static struct l2cap_conn *l2cap_conn_add(struct hci_conn *hcon, u8 status) 10400a708f8fSGustavo F. Padovan { 10410a708f8fSGustavo F. Padovan struct l2cap_conn *conn = hcon->l2cap_data; 104273d80debSLuiz Augusto von Dentz struct hci_chan *hchan; 10430a708f8fSGustavo F. Padovan 10440a708f8fSGustavo F. Padovan if (conn || status) 10450a708f8fSGustavo F. Padovan return conn; 10460a708f8fSGustavo F. Padovan 104773d80debSLuiz Augusto von Dentz hchan = hci_chan_create(hcon); 104873d80debSLuiz Augusto von Dentz if (!hchan) 10490a708f8fSGustavo F. Padovan return NULL; 10500a708f8fSGustavo F. Padovan 105173d80debSLuiz Augusto von Dentz conn = kzalloc(sizeof(struct l2cap_conn), GFP_ATOMIC); 105273d80debSLuiz Augusto von Dentz if (!conn) { 105373d80debSLuiz Augusto von Dentz hci_chan_del(hchan); 105473d80debSLuiz Augusto von Dentz return NULL; 105573d80debSLuiz Augusto von Dentz } 105673d80debSLuiz Augusto von Dentz 10570a708f8fSGustavo F. Padovan hcon->l2cap_data = conn; 10580a708f8fSGustavo F. Padovan conn->hcon = hcon; 105973d80debSLuiz Augusto von Dentz conn->hchan = hchan; 10600a708f8fSGustavo F. Padovan 106173d80debSLuiz Augusto von Dentz BT_DBG("hcon %p conn %p hchan %p", hcon, conn, hchan); 10620a708f8fSGustavo F. Padovan 1063acd7d370SVille Tervo if (hcon->hdev->le_mtu && hcon->type == LE_LINK) 1064acd7d370SVille Tervo conn->mtu = hcon->hdev->le_mtu; 1065acd7d370SVille Tervo else 10660a708f8fSGustavo F. Padovan conn->mtu = hcon->hdev->acl_mtu; 1067acd7d370SVille Tervo 10680a708f8fSGustavo F. Padovan conn->src = &hcon->hdev->bdaddr; 10690a708f8fSGustavo F. Padovan conn->dst = &hcon->dst; 10700a708f8fSGustavo F. Padovan 10710a708f8fSGustavo F. Padovan conn->feat_mask = 0; 10720a708f8fSGustavo F. Padovan 10730a708f8fSGustavo F. Padovan spin_lock_init(&conn->lock); 1074baa7e1faSGustavo F. Padovan rwlock_init(&conn->chan_lock); 1075baa7e1faSGustavo F. Padovan 1076baa7e1faSGustavo F. Padovan INIT_LIST_HEAD(&conn->chan_l); 10770a708f8fSGustavo F. Padovan 10785d3de7dfSVinicius Costa Gomes if (hcon->type == LE_LINK) 10795d3de7dfSVinicius Costa Gomes setup_timer(&conn->security_timer, security_timeout, 10805d3de7dfSVinicius Costa Gomes (unsigned long) conn); 10815d3de7dfSVinicius Costa Gomes else 10820a708f8fSGustavo F. Padovan setup_timer(&conn->info_timer, l2cap_info_timeout, 10830a708f8fSGustavo F. Padovan (unsigned long) conn); 10840a708f8fSGustavo F. Padovan 10859f5a0d7bSAndrei Emeltchenko conn->disc_reason = HCI_ERROR_REMOTE_USER_TERM; 10860a708f8fSGustavo F. Padovan 10870a708f8fSGustavo F. Padovan return conn; 10880a708f8fSGustavo F. Padovan } 10890a708f8fSGustavo F. Padovan 109048454079SGustavo F. Padovan static inline void l2cap_chan_add(struct l2cap_conn *conn, struct l2cap_chan *chan) 10910a708f8fSGustavo F. Padovan { 1092baa7e1faSGustavo F. Padovan write_lock_bh(&conn->chan_lock); 109348454079SGustavo F. Padovan __l2cap_chan_add(conn, chan); 1094baa7e1faSGustavo F. Padovan write_unlock_bh(&conn->chan_lock); 10950a708f8fSGustavo F. Padovan } 10960a708f8fSGustavo F. Padovan 10970a708f8fSGustavo F. Padovan /* ---- Socket interface ---- */ 10980a708f8fSGustavo F. Padovan 10990a708f8fSGustavo F. Padovan /* Find socket with psm and source bdaddr. 11000a708f8fSGustavo F. Padovan * Returns closest match. 11010a708f8fSGustavo F. Padovan */ 110223691d75SGustavo F. Padovan static struct l2cap_chan *l2cap_global_chan_by_psm(int state, __le16 psm, bdaddr_t *src) 11030a708f8fSGustavo F. Padovan { 110423691d75SGustavo F. Padovan struct l2cap_chan *c, *c1 = NULL; 11050a708f8fSGustavo F. Padovan 110623691d75SGustavo F. Padovan read_lock(&chan_list_lock); 11070a708f8fSGustavo F. Padovan 110823691d75SGustavo F. Padovan list_for_each_entry(c, &chan_list, global_l) { 110923691d75SGustavo F. Padovan struct sock *sk = c->sk; 1110fe4128e0SGustavo F. Padovan 111189bc500eSGustavo F. Padovan if (state && c->state != state) 11120a708f8fSGustavo F. Padovan continue; 11130a708f8fSGustavo F. Padovan 111423691d75SGustavo F. Padovan if (c->psm == psm) { 11150a708f8fSGustavo F. Padovan /* Exact match. */ 111623691d75SGustavo F. Padovan if (!bacmp(&bt_sk(sk)->src, src)) { 1117a7567b20SJohannes Berg read_unlock(&chan_list_lock); 111823691d75SGustavo F. Padovan return c; 111923691d75SGustavo F. Padovan } 11200a708f8fSGustavo F. Padovan 11210a708f8fSGustavo F. Padovan /* Closest match */ 11220a708f8fSGustavo F. Padovan if (!bacmp(&bt_sk(sk)->src, BDADDR_ANY)) 112323691d75SGustavo F. Padovan c1 = c; 11240a708f8fSGustavo F. Padovan } 11250a708f8fSGustavo F. Padovan } 11260a708f8fSGustavo F. Padovan 112723691d75SGustavo F. Padovan read_unlock(&chan_list_lock); 11280a708f8fSGustavo F. Padovan 112923691d75SGustavo F. Padovan return c1; 11300a708f8fSGustavo F. Padovan } 11310a708f8fSGustavo F. Padovan 113277a74c7eSGustavo F. Padovan int l2cap_chan_connect(struct l2cap_chan *chan) 11330a708f8fSGustavo F. Padovan { 11345d41ce1dSGustavo F. Padovan struct sock *sk = chan->sk; 11350a708f8fSGustavo F. Padovan bdaddr_t *src = &bt_sk(sk)->src; 11360a708f8fSGustavo F. Padovan bdaddr_t *dst = &bt_sk(sk)->dst; 11370a708f8fSGustavo F. Padovan struct l2cap_conn *conn; 11380a708f8fSGustavo F. Padovan struct hci_conn *hcon; 11390a708f8fSGustavo F. Padovan struct hci_dev *hdev; 11400a708f8fSGustavo F. Padovan __u8 auth_type; 11410a708f8fSGustavo F. Padovan int err; 11420a708f8fSGustavo F. Padovan 11430a708f8fSGustavo F. Padovan BT_DBG("%s -> %s psm 0x%2.2x", batostr(src), batostr(dst), 1144fe4128e0SGustavo F. Padovan chan->psm); 11450a708f8fSGustavo F. Padovan 11460a708f8fSGustavo F. Padovan hdev = hci_get_route(dst, src); 11470a708f8fSGustavo F. Padovan if (!hdev) 11480a708f8fSGustavo F. Padovan return -EHOSTUNREACH; 11490a708f8fSGustavo F. Padovan 11500a708f8fSGustavo F. Padovan hci_dev_lock_bh(hdev); 11510a708f8fSGustavo F. Padovan 11524343478fSGustavo F. Padovan auth_type = l2cap_get_auth_type(chan); 11530a708f8fSGustavo F. Padovan 1154fe4128e0SGustavo F. Padovan if (chan->dcid == L2CAP_CID_LE_DATA) 1155acd7d370SVille Tervo hcon = hci_connect(hdev, LE_LINK, dst, 11564343478fSGustavo F. Padovan chan->sec_level, auth_type); 1157acd7d370SVille Tervo else 11580a708f8fSGustavo F. Padovan hcon = hci_connect(hdev, ACL_LINK, dst, 11594343478fSGustavo F. Padovan chan->sec_level, auth_type); 1160acd7d370SVille Tervo 116130e76272SVille Tervo if (IS_ERR(hcon)) { 116230e76272SVille Tervo err = PTR_ERR(hcon); 11630a708f8fSGustavo F. Padovan goto done; 116430e76272SVille Tervo } 11650a708f8fSGustavo F. Padovan 11660a708f8fSGustavo F. Padovan conn = l2cap_conn_add(hcon, 0); 11670a708f8fSGustavo F. Padovan if (!conn) { 11680a708f8fSGustavo F. Padovan hci_conn_put(hcon); 116930e76272SVille Tervo err = -ENOMEM; 11700a708f8fSGustavo F. Padovan goto done; 11710a708f8fSGustavo F. Padovan } 11720a708f8fSGustavo F. Padovan 11730a708f8fSGustavo F. Padovan /* Update source addr of the socket */ 11740a708f8fSGustavo F. Padovan bacpy(src, conn->src); 11750a708f8fSGustavo F. Padovan 117648454079SGustavo F. Padovan l2cap_chan_add(conn, chan); 117748454079SGustavo F. Padovan 117889bc500eSGustavo F. Padovan l2cap_state_change(chan, BT_CONNECT); 1179c9b66675SGustavo F. Padovan __set_chan_timer(chan, sk->sk_sndtimeo); 11800a708f8fSGustavo F. Padovan 11810a708f8fSGustavo F. Padovan if (hcon->state == BT_CONNECTED) { 1182715ec005SGustavo F. Padovan if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED) { 1183c9b66675SGustavo F. Padovan __clear_chan_timer(chan); 11844343478fSGustavo F. Padovan if (l2cap_check_security(chan)) 118589bc500eSGustavo F. Padovan l2cap_state_change(chan, BT_CONNECTED); 11860a708f8fSGustavo F. Padovan } else 1187fc7f8a7eSGustavo F. Padovan l2cap_do_start(chan); 11880a708f8fSGustavo F. Padovan } 11890a708f8fSGustavo F. Padovan 119030e76272SVille Tervo err = 0; 119130e76272SVille Tervo 11920a708f8fSGustavo F. Padovan done: 11930a708f8fSGustavo F. Padovan hci_dev_unlock_bh(hdev); 11940a708f8fSGustavo F. Padovan hci_dev_put(hdev); 11950a708f8fSGustavo F. Padovan return err; 11960a708f8fSGustavo F. Padovan } 11970a708f8fSGustavo F. Padovan 1198dcba0dbaSGustavo F. Padovan int __l2cap_wait_ack(struct sock *sk) 11990a708f8fSGustavo F. Padovan { 12008c1d787bSGustavo F. Padovan struct l2cap_chan *chan = l2cap_pi(sk)->chan; 12010a708f8fSGustavo F. Padovan DECLARE_WAITQUEUE(wait, current); 12020a708f8fSGustavo F. Padovan int err = 0; 12030a708f8fSGustavo F. Padovan int timeo = HZ/5; 12040a708f8fSGustavo F. Padovan 12050a708f8fSGustavo F. Padovan add_wait_queue(sk_sleep(sk), &wait); 12060a708f8fSGustavo F. Padovan set_current_state(TASK_INTERRUPTIBLE); 1207a71a0cf4SPeter Hurley while (chan->unacked_frames > 0 && chan->conn) { 12080a708f8fSGustavo F. Padovan if (!timeo) 12090a708f8fSGustavo F. Padovan timeo = HZ/5; 12100a708f8fSGustavo F. Padovan 12110a708f8fSGustavo F. Padovan if (signal_pending(current)) { 12120a708f8fSGustavo F. Padovan err = sock_intr_errno(timeo); 12130a708f8fSGustavo F. Padovan break; 12140a708f8fSGustavo F. Padovan } 12150a708f8fSGustavo F. Padovan 12160a708f8fSGustavo F. Padovan release_sock(sk); 12170a708f8fSGustavo F. Padovan timeo = schedule_timeout(timeo); 12180a708f8fSGustavo F. Padovan lock_sock(sk); 1219a71a0cf4SPeter Hurley set_current_state(TASK_INTERRUPTIBLE); 12200a708f8fSGustavo F. Padovan 12210a708f8fSGustavo F. Padovan err = sock_error(sk); 12220a708f8fSGustavo F. Padovan if (err) 12230a708f8fSGustavo F. Padovan break; 12240a708f8fSGustavo F. Padovan } 12250a708f8fSGustavo F. Padovan set_current_state(TASK_RUNNING); 12260a708f8fSGustavo F. Padovan remove_wait_queue(sk_sleep(sk), &wait); 12270a708f8fSGustavo F. Padovan return err; 12280a708f8fSGustavo F. Padovan } 12290a708f8fSGustavo F. Padovan 12300a708f8fSGustavo F. Padovan static void l2cap_monitor_timeout(unsigned long arg) 12310a708f8fSGustavo F. Padovan { 1232525cd185SGustavo F. Padovan struct l2cap_chan *chan = (void *) arg; 1233525cd185SGustavo F. Padovan struct sock *sk = chan->sk; 12340a708f8fSGustavo F. Padovan 1235525cd185SGustavo F. Padovan BT_DBG("chan %p", chan); 12360a708f8fSGustavo F. Padovan 12370a708f8fSGustavo F. Padovan bh_lock_sock(sk); 12382c03a7a4SGustavo F. Padovan if (chan->retry_count >= chan->remote_max_tx) { 12398c1d787bSGustavo F. Padovan l2cap_send_disconn_req(chan->conn, chan, ECONNABORTED); 12400a708f8fSGustavo F. Padovan bh_unlock_sock(sk); 12410a708f8fSGustavo F. Padovan return; 12420a708f8fSGustavo F. Padovan } 12430a708f8fSGustavo F. Padovan 12446a026610SGustavo F. Padovan chan->retry_count++; 12451a09bcb9SGustavo F. Padovan __set_monitor_timer(chan); 12460a708f8fSGustavo F. Padovan 1247525cd185SGustavo F. Padovan l2cap_send_rr_or_rnr(chan, L2CAP_CTRL_POLL); 12480a708f8fSGustavo F. Padovan bh_unlock_sock(sk); 12490a708f8fSGustavo F. Padovan } 12500a708f8fSGustavo F. Padovan 12510a708f8fSGustavo F. Padovan static void l2cap_retrans_timeout(unsigned long arg) 12520a708f8fSGustavo F. Padovan { 1253525cd185SGustavo F. Padovan struct l2cap_chan *chan = (void *) arg; 1254525cd185SGustavo F. Padovan struct sock *sk = chan->sk; 12550a708f8fSGustavo F. Padovan 125649208c9cSGustavo F. Padovan BT_DBG("chan %p", chan); 12570a708f8fSGustavo F. Padovan 12580a708f8fSGustavo F. Padovan bh_lock_sock(sk); 12596a026610SGustavo F. Padovan chan->retry_count = 1; 12601a09bcb9SGustavo F. Padovan __set_monitor_timer(chan); 12610a708f8fSGustavo F. Padovan 1262e2ab4353SGustavo F. Padovan set_bit(CONN_WAIT_F, &chan->conn_state); 12630a708f8fSGustavo F. Padovan 1264525cd185SGustavo F. Padovan l2cap_send_rr_or_rnr(chan, L2CAP_CTRL_POLL); 12650a708f8fSGustavo F. Padovan bh_unlock_sock(sk); 12660a708f8fSGustavo F. Padovan } 12670a708f8fSGustavo F. Padovan 126842e5c802SGustavo F. Padovan static void l2cap_drop_acked_frames(struct l2cap_chan *chan) 12690a708f8fSGustavo F. Padovan { 12700a708f8fSGustavo F. Padovan struct sk_buff *skb; 12710a708f8fSGustavo F. Padovan 127258d35f87SGustavo F. Padovan while ((skb = skb_peek(&chan->tx_q)) && 12736a026610SGustavo F. Padovan chan->unacked_frames) { 127442e5c802SGustavo F. Padovan if (bt_cb(skb)->tx_seq == chan->expected_ack_seq) 12750a708f8fSGustavo F. Padovan break; 12760a708f8fSGustavo F. Padovan 127758d35f87SGustavo F. Padovan skb = skb_dequeue(&chan->tx_q); 12780a708f8fSGustavo F. Padovan kfree_skb(skb); 12790a708f8fSGustavo F. Padovan 12806a026610SGustavo F. Padovan chan->unacked_frames--; 12810a708f8fSGustavo F. Padovan } 12820a708f8fSGustavo F. Padovan 12836a026610SGustavo F. Padovan if (!chan->unacked_frames) 12841a09bcb9SGustavo F. Padovan __clear_retrans_timer(chan); 12850a708f8fSGustavo F. Padovan } 12860a708f8fSGustavo F. Padovan 128767c9e840SSzymon Janc static void l2cap_streaming_send(struct l2cap_chan *chan) 12880a708f8fSGustavo F. Padovan { 12890a708f8fSGustavo F. Padovan struct sk_buff *skb; 129088843ab0SAndrei Emeltchenko u32 control; 129188843ab0SAndrei Emeltchenko u16 fcs; 12920a708f8fSGustavo F. Padovan 129358d35f87SGustavo F. Padovan while ((skb = skb_dequeue(&chan->tx_q))) { 129488843ab0SAndrei Emeltchenko control = __get_control(chan, skb->data + L2CAP_HDR_SIZE); 1295fb45de7dSAndrei Emeltchenko control |= __set_txseq(chan, chan->next_tx_seq); 129688843ab0SAndrei Emeltchenko __put_control(chan, control, skb->data + L2CAP_HDR_SIZE); 12970a708f8fSGustavo F. Padovan 129847d1ec61SGustavo F. Padovan if (chan->fcs == L2CAP_FCS_CRC16) { 129903a51213SAndrei Emeltchenko fcs = crc16(0, (u8 *)skb->data, 130003a51213SAndrei Emeltchenko skb->len - L2CAP_FCS_SIZE); 130103a51213SAndrei Emeltchenko put_unaligned_le16(fcs, 130203a51213SAndrei Emeltchenko skb->data + skb->len - L2CAP_FCS_SIZE); 13030a708f8fSGustavo F. Padovan } 13040a708f8fSGustavo F. Padovan 13054343478fSGustavo F. Padovan l2cap_do_send(chan, skb); 13060a708f8fSGustavo F. Padovan 1307836be934SAndrei Emeltchenko chan->next_tx_seq = __next_seq(chan, chan->next_tx_seq); 13080a708f8fSGustavo F. Padovan } 13090a708f8fSGustavo F. Padovan } 13100a708f8fSGustavo F. Padovan 1311fb45de7dSAndrei Emeltchenko static void l2cap_retransmit_one_frame(struct l2cap_chan *chan, u16 tx_seq) 13120a708f8fSGustavo F. Padovan { 13130a708f8fSGustavo F. Padovan struct sk_buff *skb, *tx_skb; 131488843ab0SAndrei Emeltchenko u16 fcs; 131588843ab0SAndrei Emeltchenko u32 control; 13160a708f8fSGustavo F. Padovan 131758d35f87SGustavo F. Padovan skb = skb_peek(&chan->tx_q); 13180a708f8fSGustavo F. Padovan if (!skb) 13190a708f8fSGustavo F. Padovan return; 13200a708f8fSGustavo F. Padovan 13210a708f8fSGustavo F. Padovan do { 13220a708f8fSGustavo F. Padovan if (bt_cb(skb)->tx_seq == tx_seq) 13230a708f8fSGustavo F. Padovan break; 13240a708f8fSGustavo F. Padovan 132558d35f87SGustavo F. Padovan if (skb_queue_is_last(&chan->tx_q, skb)) 13260a708f8fSGustavo F. Padovan return; 13270a708f8fSGustavo F. Padovan 132858d35f87SGustavo F. Padovan } while ((skb = skb_queue_next(&chan->tx_q, skb))); 13290a708f8fSGustavo F. Padovan 13302c03a7a4SGustavo F. Padovan if (chan->remote_max_tx && 13312c03a7a4SGustavo F. Padovan bt_cb(skb)->retries == chan->remote_max_tx) { 13328c1d787bSGustavo F. Padovan l2cap_send_disconn_req(chan->conn, chan, ECONNABORTED); 13330a708f8fSGustavo F. Padovan return; 13340a708f8fSGustavo F. Padovan } 13350a708f8fSGustavo F. Padovan 13360a708f8fSGustavo F. Padovan tx_skb = skb_clone(skb, GFP_ATOMIC); 13370a708f8fSGustavo F. Padovan bt_cb(skb)->retries++; 133888843ab0SAndrei Emeltchenko 133988843ab0SAndrei Emeltchenko control = __get_control(chan, tx_skb->data + L2CAP_HDR_SIZE); 13407e0ef6eeSAndrei Emeltchenko control &= __get_sar_mask(chan); 13410a708f8fSGustavo F. Padovan 1342e2ab4353SGustavo F. Padovan if (test_and_clear_bit(CONN_SEND_FBIT, &chan->conn_state)) 134303f6715dSAndrei Emeltchenko control |= __set_ctrl_final(chan); 13440a708f8fSGustavo F. Padovan 13450b209faeSAndrei Emeltchenko control |= __set_reqseq(chan, chan->buffer_seq); 1346fb45de7dSAndrei Emeltchenko control |= __set_txseq(chan, tx_seq); 13470a708f8fSGustavo F. Padovan 134888843ab0SAndrei Emeltchenko __put_control(chan, control, tx_skb->data + L2CAP_HDR_SIZE); 13490a708f8fSGustavo F. Padovan 135047d1ec61SGustavo F. Padovan if (chan->fcs == L2CAP_FCS_CRC16) { 135103a51213SAndrei Emeltchenko fcs = crc16(0, (u8 *)tx_skb->data, 135203a51213SAndrei Emeltchenko tx_skb->len - L2CAP_FCS_SIZE); 135303a51213SAndrei Emeltchenko put_unaligned_le16(fcs, 135403a51213SAndrei Emeltchenko tx_skb->data + tx_skb->len - L2CAP_FCS_SIZE); 13550a708f8fSGustavo F. Padovan } 13560a708f8fSGustavo F. Padovan 13574343478fSGustavo F. Padovan l2cap_do_send(chan, tx_skb); 13580a708f8fSGustavo F. Padovan } 13590a708f8fSGustavo F. Padovan 136067c9e840SSzymon Janc static int l2cap_ertm_send(struct l2cap_chan *chan) 13610a708f8fSGustavo F. Padovan { 13620a708f8fSGustavo F. Padovan struct sk_buff *skb, *tx_skb; 136388843ab0SAndrei Emeltchenko u16 fcs; 136488843ab0SAndrei Emeltchenko u32 control; 13650a708f8fSGustavo F. Padovan int nsent = 0; 13660a708f8fSGustavo F. Padovan 136789bc500eSGustavo F. Padovan if (chan->state != BT_CONNECTED) 13680a708f8fSGustavo F. Padovan return -ENOTCONN; 13690a708f8fSGustavo F. Padovan 137058d35f87SGustavo F. Padovan while ((skb = chan->tx_send_head) && (!l2cap_tx_window_full(chan))) { 13710a708f8fSGustavo F. Padovan 13722c03a7a4SGustavo F. Padovan if (chan->remote_max_tx && 13732c03a7a4SGustavo F. Padovan bt_cb(skb)->retries == chan->remote_max_tx) { 13748c1d787bSGustavo F. Padovan l2cap_send_disconn_req(chan->conn, chan, ECONNABORTED); 13750a708f8fSGustavo F. Padovan break; 13760a708f8fSGustavo F. Padovan } 13770a708f8fSGustavo F. Padovan 13780a708f8fSGustavo F. Padovan tx_skb = skb_clone(skb, GFP_ATOMIC); 13790a708f8fSGustavo F. Padovan 13800a708f8fSGustavo F. Padovan bt_cb(skb)->retries++; 13810a708f8fSGustavo F. Padovan 138288843ab0SAndrei Emeltchenko control = __get_control(chan, tx_skb->data + L2CAP_HDR_SIZE); 13837e0ef6eeSAndrei Emeltchenko control &= __get_sar_mask(chan); 13840a708f8fSGustavo F. Padovan 1385e2ab4353SGustavo F. Padovan if (test_and_clear_bit(CONN_SEND_FBIT, &chan->conn_state)) 138603f6715dSAndrei Emeltchenko control |= __set_ctrl_final(chan); 1387e2ab4353SGustavo F. Padovan 13880b209faeSAndrei Emeltchenko control |= __set_reqseq(chan, chan->buffer_seq); 1389fb45de7dSAndrei Emeltchenko control |= __set_txseq(chan, chan->next_tx_seq); 13900a708f8fSGustavo F. Padovan 139188843ab0SAndrei Emeltchenko __put_control(chan, control, tx_skb->data + L2CAP_HDR_SIZE); 13920a708f8fSGustavo F. Padovan 139347d1ec61SGustavo F. Padovan if (chan->fcs == L2CAP_FCS_CRC16) { 139403a51213SAndrei Emeltchenko fcs = crc16(0, (u8 *)skb->data, 139503a51213SAndrei Emeltchenko tx_skb->len - L2CAP_FCS_SIZE); 139603a51213SAndrei Emeltchenko put_unaligned_le16(fcs, skb->data + 139703a51213SAndrei Emeltchenko tx_skb->len - L2CAP_FCS_SIZE); 13980a708f8fSGustavo F. Padovan } 13990a708f8fSGustavo F. Padovan 14004343478fSGustavo F. Padovan l2cap_do_send(chan, tx_skb); 14010a708f8fSGustavo F. Padovan 14021a09bcb9SGustavo F. Padovan __set_retrans_timer(chan); 14030a708f8fSGustavo F. Padovan 140442e5c802SGustavo F. Padovan bt_cb(skb)->tx_seq = chan->next_tx_seq; 1405836be934SAndrei Emeltchenko 1406836be934SAndrei Emeltchenko chan->next_tx_seq = __next_seq(chan, chan->next_tx_seq); 14070a708f8fSGustavo F. Padovan 140823e9fde2SSuraj Sumangala if (bt_cb(skb)->retries == 1) 14096a026610SGustavo F. Padovan chan->unacked_frames++; 141023e9fde2SSuraj Sumangala 14116a026610SGustavo F. Padovan chan->frames_sent++; 14120a708f8fSGustavo F. Padovan 141358d35f87SGustavo F. Padovan if (skb_queue_is_last(&chan->tx_q, skb)) 141458d35f87SGustavo F. Padovan chan->tx_send_head = NULL; 14150a708f8fSGustavo F. Padovan else 141658d35f87SGustavo F. Padovan chan->tx_send_head = skb_queue_next(&chan->tx_q, skb); 14170a708f8fSGustavo F. Padovan 14180a708f8fSGustavo F. Padovan nsent++; 14190a708f8fSGustavo F. Padovan } 14200a708f8fSGustavo F. Padovan 14210a708f8fSGustavo F. Padovan return nsent; 14220a708f8fSGustavo F. Padovan } 14230a708f8fSGustavo F. Padovan 1424525cd185SGustavo F. Padovan static int l2cap_retransmit_frames(struct l2cap_chan *chan) 14250a708f8fSGustavo F. Padovan { 14260a708f8fSGustavo F. Padovan int ret; 14270a708f8fSGustavo F. Padovan 142858d35f87SGustavo F. Padovan if (!skb_queue_empty(&chan->tx_q)) 142958d35f87SGustavo F. Padovan chan->tx_send_head = chan->tx_q.next; 14300a708f8fSGustavo F. Padovan 143142e5c802SGustavo F. Padovan chan->next_tx_seq = chan->expected_ack_seq; 1432525cd185SGustavo F. Padovan ret = l2cap_ertm_send(chan); 14330a708f8fSGustavo F. Padovan return ret; 14340a708f8fSGustavo F. Padovan } 14350a708f8fSGustavo F. Padovan 1436525cd185SGustavo F. Padovan static void l2cap_send_ack(struct l2cap_chan *chan) 14370a708f8fSGustavo F. Padovan { 143888843ab0SAndrei Emeltchenko u32 control = 0; 14390a708f8fSGustavo F. Padovan 14400b209faeSAndrei Emeltchenko control |= __set_reqseq(chan, chan->buffer_seq); 14410a708f8fSGustavo F. Padovan 1442e2ab4353SGustavo F. Padovan if (test_bit(CONN_LOCAL_BUSY, &chan->conn_state)) { 1443ab784b73SAndrei Emeltchenko control |= __set_ctrl_super(chan, L2CAP_SUPER_RNR); 1444e2ab4353SGustavo F. Padovan set_bit(CONN_RNR_SENT, &chan->conn_state); 1445525cd185SGustavo F. Padovan l2cap_send_sframe(chan, control); 14460a708f8fSGustavo F. Padovan return; 14470a708f8fSGustavo F. Padovan } 14480a708f8fSGustavo F. Padovan 1449525cd185SGustavo F. Padovan if (l2cap_ertm_send(chan) > 0) 14500a708f8fSGustavo F. Padovan return; 14510a708f8fSGustavo F. Padovan 1452ab784b73SAndrei Emeltchenko control |= __set_ctrl_super(chan, L2CAP_SUPER_RR); 1453525cd185SGustavo F. Padovan l2cap_send_sframe(chan, control); 14540a708f8fSGustavo F. Padovan } 14550a708f8fSGustavo F. Padovan 1456525cd185SGustavo F. Padovan static void l2cap_send_srejtail(struct l2cap_chan *chan) 14570a708f8fSGustavo F. Padovan { 14580a708f8fSGustavo F. Padovan struct srej_list *tail; 145988843ab0SAndrei Emeltchenko u32 control; 14600a708f8fSGustavo F. Padovan 1461ab784b73SAndrei Emeltchenko control = __set_ctrl_super(chan, L2CAP_SUPER_SREJ); 146203f6715dSAndrei Emeltchenko control |= __set_ctrl_final(chan); 14630a708f8fSGustavo F. Padovan 146439d5a3eeSGustavo F. Padovan tail = list_entry((&chan->srej_l)->prev, struct srej_list, list); 14650b209faeSAndrei Emeltchenko control |= __set_reqseq(chan, tail->tx_seq); 14660a708f8fSGustavo F. Padovan 1467525cd185SGustavo F. Padovan l2cap_send_sframe(chan, control); 14680a708f8fSGustavo F. Padovan } 14690a708f8fSGustavo F. Padovan 14700a708f8fSGustavo F. Padovan static inline int l2cap_skbuff_fromiovec(struct sock *sk, struct msghdr *msg, int len, int count, struct sk_buff *skb) 14710a708f8fSGustavo F. Padovan { 14728c1d787bSGustavo F. Padovan struct l2cap_conn *conn = l2cap_pi(sk)->chan->conn; 14730a708f8fSGustavo F. Padovan struct sk_buff **frag; 14740a708f8fSGustavo F. Padovan int err, sent = 0; 14750a708f8fSGustavo F. Padovan 14760a708f8fSGustavo F. Padovan if (memcpy_fromiovec(skb_put(skb, count), msg->msg_iov, count)) 14770a708f8fSGustavo F. Padovan return -EFAULT; 14780a708f8fSGustavo F. Padovan 14790a708f8fSGustavo F. Padovan sent += count; 14800a708f8fSGustavo F. Padovan len -= count; 14810a708f8fSGustavo F. Padovan 14820a708f8fSGustavo F. Padovan /* Continuation fragments (no L2CAP header) */ 14830a708f8fSGustavo F. Padovan frag = &skb_shinfo(skb)->frag_list; 14840a708f8fSGustavo F. Padovan while (len) { 14850a708f8fSGustavo F. Padovan count = min_t(unsigned int, conn->mtu, len); 14860a708f8fSGustavo F. Padovan 14870a708f8fSGustavo F. Padovan *frag = bt_skb_send_alloc(sk, count, msg->msg_flags & MSG_DONTWAIT, &err); 14880a708f8fSGustavo F. Padovan if (!*frag) 14890a708f8fSGustavo F. Padovan return err; 14900a708f8fSGustavo F. Padovan if (memcpy_fromiovec(skb_put(*frag, count), msg->msg_iov, count)) 14910a708f8fSGustavo F. Padovan return -EFAULT; 14920a708f8fSGustavo F. Padovan 14935e59b791SLuiz Augusto von Dentz (*frag)->priority = skb->priority; 14945e59b791SLuiz Augusto von Dentz 14950a708f8fSGustavo F. Padovan sent += count; 14960a708f8fSGustavo F. Padovan len -= count; 14970a708f8fSGustavo F. Padovan 14980a708f8fSGustavo F. Padovan frag = &(*frag)->next; 14990a708f8fSGustavo F. Padovan } 15000a708f8fSGustavo F. Padovan 15010a708f8fSGustavo F. Padovan return sent; 15020a708f8fSGustavo F. Padovan } 15030a708f8fSGustavo F. Padovan 15045e59b791SLuiz Augusto von Dentz static struct sk_buff *l2cap_create_connless_pdu(struct l2cap_chan *chan, 15055e59b791SLuiz Augusto von Dentz struct msghdr *msg, size_t len, 15065e59b791SLuiz Augusto von Dentz u32 priority) 15070a708f8fSGustavo F. Padovan { 1508fe4128e0SGustavo F. Padovan struct sock *sk = chan->sk; 15098c1d787bSGustavo F. Padovan struct l2cap_conn *conn = chan->conn; 15100a708f8fSGustavo F. Padovan struct sk_buff *skb; 151103a51213SAndrei Emeltchenko int err, count, hlen = L2CAP_HDR_SIZE + L2CAP_PSMLEN_SIZE; 15120a708f8fSGustavo F. Padovan struct l2cap_hdr *lh; 15130a708f8fSGustavo F. Padovan 15145e59b791SLuiz Augusto von Dentz BT_DBG("sk %p len %d priority %u", sk, (int)len, priority); 15150a708f8fSGustavo F. Padovan 15160a708f8fSGustavo F. Padovan count = min_t(unsigned int, (conn->mtu - hlen), len); 15170a708f8fSGustavo F. Padovan skb = bt_skb_send_alloc(sk, count + hlen, 15180a708f8fSGustavo F. Padovan msg->msg_flags & MSG_DONTWAIT, &err); 15190a708f8fSGustavo F. Padovan if (!skb) 15200a708f8fSGustavo F. Padovan return ERR_PTR(err); 15210a708f8fSGustavo F. Padovan 15225e59b791SLuiz Augusto von Dentz skb->priority = priority; 15235e59b791SLuiz Augusto von Dentz 15240a708f8fSGustavo F. Padovan /* Create L2CAP header */ 15250a708f8fSGustavo F. Padovan lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE); 1526fe4128e0SGustavo F. Padovan lh->cid = cpu_to_le16(chan->dcid); 15270a708f8fSGustavo F. Padovan lh->len = cpu_to_le16(len + (hlen - L2CAP_HDR_SIZE)); 1528fe4128e0SGustavo F. Padovan put_unaligned_le16(chan->psm, skb_put(skb, 2)); 15290a708f8fSGustavo F. Padovan 15300a708f8fSGustavo F. Padovan err = l2cap_skbuff_fromiovec(sk, msg, len, count, skb); 15310a708f8fSGustavo F. Padovan if (unlikely(err < 0)) { 15320a708f8fSGustavo F. Padovan kfree_skb(skb); 15330a708f8fSGustavo F. Padovan return ERR_PTR(err); 15340a708f8fSGustavo F. Padovan } 15350a708f8fSGustavo F. Padovan return skb; 15360a708f8fSGustavo F. Padovan } 15370a708f8fSGustavo F. Padovan 15385e59b791SLuiz Augusto von Dentz static struct sk_buff *l2cap_create_basic_pdu(struct l2cap_chan *chan, 15395e59b791SLuiz Augusto von Dentz struct msghdr *msg, size_t len, 15405e59b791SLuiz Augusto von Dentz u32 priority) 15410a708f8fSGustavo F. Padovan { 1542fe4128e0SGustavo F. Padovan struct sock *sk = chan->sk; 15438c1d787bSGustavo F. Padovan struct l2cap_conn *conn = chan->conn; 15440a708f8fSGustavo F. Padovan struct sk_buff *skb; 15450a708f8fSGustavo F. Padovan int err, count, hlen = L2CAP_HDR_SIZE; 15460a708f8fSGustavo F. Padovan struct l2cap_hdr *lh; 15470a708f8fSGustavo F. Padovan 15480a708f8fSGustavo F. Padovan BT_DBG("sk %p len %d", sk, (int)len); 15490a708f8fSGustavo F. Padovan 15500a708f8fSGustavo F. Padovan count = min_t(unsigned int, (conn->mtu - hlen), len); 15510a708f8fSGustavo F. Padovan skb = bt_skb_send_alloc(sk, count + hlen, 15520a708f8fSGustavo F. Padovan msg->msg_flags & MSG_DONTWAIT, &err); 15530a708f8fSGustavo F. Padovan if (!skb) 15540a708f8fSGustavo F. Padovan return ERR_PTR(err); 15550a708f8fSGustavo F. Padovan 15565e59b791SLuiz Augusto von Dentz skb->priority = priority; 15575e59b791SLuiz Augusto von Dentz 15580a708f8fSGustavo F. Padovan /* Create L2CAP header */ 15590a708f8fSGustavo F. Padovan lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE); 1560fe4128e0SGustavo F. Padovan lh->cid = cpu_to_le16(chan->dcid); 15610a708f8fSGustavo F. Padovan lh->len = cpu_to_le16(len + (hlen - L2CAP_HDR_SIZE)); 15620a708f8fSGustavo F. Padovan 15630a708f8fSGustavo F. Padovan err = l2cap_skbuff_fromiovec(sk, msg, len, count, skb); 15640a708f8fSGustavo F. Padovan if (unlikely(err < 0)) { 15650a708f8fSGustavo F. Padovan kfree_skb(skb); 15660a708f8fSGustavo F. Padovan return ERR_PTR(err); 15670a708f8fSGustavo F. Padovan } 15680a708f8fSGustavo F. Padovan return skb; 15690a708f8fSGustavo F. Padovan } 15700a708f8fSGustavo F. Padovan 1571ab0ff76dSLuiz Augusto von Dentz static struct sk_buff *l2cap_create_iframe_pdu(struct l2cap_chan *chan, 1572ab0ff76dSLuiz Augusto von Dentz struct msghdr *msg, size_t len, 157388843ab0SAndrei Emeltchenko u32 control, u16 sdulen) 15740a708f8fSGustavo F. Padovan { 157547d1ec61SGustavo F. Padovan struct sock *sk = chan->sk; 15768c1d787bSGustavo F. Padovan struct l2cap_conn *conn = chan->conn; 15770a708f8fSGustavo F. Padovan struct sk_buff *skb; 1578e4ca6d98SAndrei Emeltchenko int err, count, hlen; 15790a708f8fSGustavo F. Padovan struct l2cap_hdr *lh; 15800a708f8fSGustavo F. Padovan 15810a708f8fSGustavo F. Padovan BT_DBG("sk %p len %d", sk, (int)len); 15820a708f8fSGustavo F. Padovan 15830a708f8fSGustavo F. Padovan if (!conn) 15840a708f8fSGustavo F. Padovan return ERR_PTR(-ENOTCONN); 15850a708f8fSGustavo F. Padovan 1586e4ca6d98SAndrei Emeltchenko if (test_bit(FLAG_EXT_CTRL, &chan->flags)) 1587e4ca6d98SAndrei Emeltchenko hlen = L2CAP_EXT_HDR_SIZE; 1588e4ca6d98SAndrei Emeltchenko else 1589e4ca6d98SAndrei Emeltchenko hlen = L2CAP_ENH_HDR_SIZE; 1590e4ca6d98SAndrei Emeltchenko 15910a708f8fSGustavo F. Padovan if (sdulen) 159203a51213SAndrei Emeltchenko hlen += L2CAP_SDULEN_SIZE; 15930a708f8fSGustavo F. Padovan 159447d1ec61SGustavo F. Padovan if (chan->fcs == L2CAP_FCS_CRC16) 159503a51213SAndrei Emeltchenko hlen += L2CAP_FCS_SIZE; 15960a708f8fSGustavo F. Padovan 15970a708f8fSGustavo F. Padovan count = min_t(unsigned int, (conn->mtu - hlen), len); 15980a708f8fSGustavo F. Padovan skb = bt_skb_send_alloc(sk, count + hlen, 15990a708f8fSGustavo F. Padovan msg->msg_flags & MSG_DONTWAIT, &err); 16000a708f8fSGustavo F. Padovan if (!skb) 16010a708f8fSGustavo F. Padovan return ERR_PTR(err); 16020a708f8fSGustavo F. Padovan 16030a708f8fSGustavo F. Padovan /* Create L2CAP header */ 16040a708f8fSGustavo F. Padovan lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE); 1605fe4128e0SGustavo F. Padovan lh->cid = cpu_to_le16(chan->dcid); 16060a708f8fSGustavo F. Padovan lh->len = cpu_to_le16(len + (hlen - L2CAP_HDR_SIZE)); 160788843ab0SAndrei Emeltchenko 160888843ab0SAndrei Emeltchenko __put_control(chan, control, skb_put(skb, __ctrl_size(chan))); 160988843ab0SAndrei Emeltchenko 16100a708f8fSGustavo F. Padovan if (sdulen) 161103a51213SAndrei Emeltchenko put_unaligned_le16(sdulen, skb_put(skb, L2CAP_SDULEN_SIZE)); 16120a708f8fSGustavo F. Padovan 16130a708f8fSGustavo F. Padovan err = l2cap_skbuff_fromiovec(sk, msg, len, count, skb); 16140a708f8fSGustavo F. Padovan if (unlikely(err < 0)) { 16150a708f8fSGustavo F. Padovan kfree_skb(skb); 16160a708f8fSGustavo F. Padovan return ERR_PTR(err); 16170a708f8fSGustavo F. Padovan } 16180a708f8fSGustavo F. Padovan 161947d1ec61SGustavo F. Padovan if (chan->fcs == L2CAP_FCS_CRC16) 162003a51213SAndrei Emeltchenko put_unaligned_le16(0, skb_put(skb, L2CAP_FCS_SIZE)); 16210a708f8fSGustavo F. Padovan 16220a708f8fSGustavo F. Padovan bt_cb(skb)->retries = 0; 16230a708f8fSGustavo F. Padovan return skb; 16240a708f8fSGustavo F. Padovan } 16250a708f8fSGustavo F. Padovan 162667c9e840SSzymon Janc static int l2cap_sar_segment_sdu(struct l2cap_chan *chan, struct msghdr *msg, size_t len) 16270a708f8fSGustavo F. Padovan { 16280a708f8fSGustavo F. Padovan struct sk_buff *skb; 16290a708f8fSGustavo F. Padovan struct sk_buff_head sar_queue; 163088843ab0SAndrei Emeltchenko u32 control; 16310a708f8fSGustavo F. Padovan size_t size = 0; 16320a708f8fSGustavo F. Padovan 16330a708f8fSGustavo F. Padovan skb_queue_head_init(&sar_queue); 16347e0ef6eeSAndrei Emeltchenko control = __set_ctrl_sar(chan, L2CAP_SAR_START); 163547d1ec61SGustavo F. Padovan skb = l2cap_create_iframe_pdu(chan, msg, chan->remote_mps, control, len); 16360a708f8fSGustavo F. Padovan if (IS_ERR(skb)) 16370a708f8fSGustavo F. Padovan return PTR_ERR(skb); 16380a708f8fSGustavo F. Padovan 16390a708f8fSGustavo F. Padovan __skb_queue_tail(&sar_queue, skb); 16402c03a7a4SGustavo F. Padovan len -= chan->remote_mps; 16412c03a7a4SGustavo F. Padovan size += chan->remote_mps; 16420a708f8fSGustavo F. Padovan 16430a708f8fSGustavo F. Padovan while (len > 0) { 16440a708f8fSGustavo F. Padovan size_t buflen; 16450a708f8fSGustavo F. Padovan 16462c03a7a4SGustavo F. Padovan if (len > chan->remote_mps) { 16477e0ef6eeSAndrei Emeltchenko control = __set_ctrl_sar(chan, L2CAP_SAR_CONTINUE); 16482c03a7a4SGustavo F. Padovan buflen = chan->remote_mps; 16490a708f8fSGustavo F. Padovan } else { 16507e0ef6eeSAndrei Emeltchenko control = __set_ctrl_sar(chan, L2CAP_SAR_END); 16510a708f8fSGustavo F. Padovan buflen = len; 16520a708f8fSGustavo F. Padovan } 16530a708f8fSGustavo F. Padovan 165447d1ec61SGustavo F. Padovan skb = l2cap_create_iframe_pdu(chan, msg, buflen, control, 0); 16550a708f8fSGustavo F. Padovan if (IS_ERR(skb)) { 16560a708f8fSGustavo F. Padovan skb_queue_purge(&sar_queue); 16570a708f8fSGustavo F. Padovan return PTR_ERR(skb); 16580a708f8fSGustavo F. Padovan } 16590a708f8fSGustavo F. Padovan 16600a708f8fSGustavo F. Padovan __skb_queue_tail(&sar_queue, skb); 16610a708f8fSGustavo F. Padovan len -= buflen; 16620a708f8fSGustavo F. Padovan size += buflen; 16630a708f8fSGustavo F. Padovan } 166458d35f87SGustavo F. Padovan skb_queue_splice_tail(&sar_queue, &chan->tx_q); 166558d35f87SGustavo F. Padovan if (chan->tx_send_head == NULL) 166658d35f87SGustavo F. Padovan chan->tx_send_head = sar_queue.next; 16670a708f8fSGustavo F. Padovan 16680a708f8fSGustavo F. Padovan return size; 16690a708f8fSGustavo F. Padovan } 16700a708f8fSGustavo F. Padovan 16715e59b791SLuiz Augusto von Dentz int l2cap_chan_send(struct l2cap_chan *chan, struct msghdr *msg, size_t len, 16725e59b791SLuiz Augusto von Dentz u32 priority) 16739a91a04aSGustavo F. Padovan { 16749a91a04aSGustavo F. Padovan struct sk_buff *skb; 167588843ab0SAndrei Emeltchenko u32 control; 16769a91a04aSGustavo F. Padovan int err; 16779a91a04aSGustavo F. Padovan 16789a91a04aSGustavo F. Padovan /* Connectionless channel */ 1679715ec005SGustavo F. Padovan if (chan->chan_type == L2CAP_CHAN_CONN_LESS) { 16805e59b791SLuiz Augusto von Dentz skb = l2cap_create_connless_pdu(chan, msg, len, priority); 16819a91a04aSGustavo F. Padovan if (IS_ERR(skb)) 16829a91a04aSGustavo F. Padovan return PTR_ERR(skb); 16839a91a04aSGustavo F. Padovan 16849a91a04aSGustavo F. Padovan l2cap_do_send(chan, skb); 16859a91a04aSGustavo F. Padovan return len; 16869a91a04aSGustavo F. Padovan } 16879a91a04aSGustavo F. Padovan 16889a91a04aSGustavo F. Padovan switch (chan->mode) { 16899a91a04aSGustavo F. Padovan case L2CAP_MODE_BASIC: 16909a91a04aSGustavo F. Padovan /* Check outgoing MTU */ 16919a91a04aSGustavo F. Padovan if (len > chan->omtu) 16929a91a04aSGustavo F. Padovan return -EMSGSIZE; 16939a91a04aSGustavo F. Padovan 16949a91a04aSGustavo F. Padovan /* Create a basic PDU */ 16955e59b791SLuiz Augusto von Dentz skb = l2cap_create_basic_pdu(chan, msg, len, priority); 16969a91a04aSGustavo F. Padovan if (IS_ERR(skb)) 16979a91a04aSGustavo F. Padovan return PTR_ERR(skb); 16989a91a04aSGustavo F. Padovan 16999a91a04aSGustavo F. Padovan l2cap_do_send(chan, skb); 17009a91a04aSGustavo F. Padovan err = len; 17019a91a04aSGustavo F. Padovan break; 17029a91a04aSGustavo F. Padovan 17039a91a04aSGustavo F. Padovan case L2CAP_MODE_ERTM: 17049a91a04aSGustavo F. Padovan case L2CAP_MODE_STREAMING: 17059a91a04aSGustavo F. Padovan /* Entire SDU fits into one PDU */ 17069a91a04aSGustavo F. Padovan if (len <= chan->remote_mps) { 17077e0ef6eeSAndrei Emeltchenko control = __set_ctrl_sar(chan, L2CAP_SAR_UNSEGMENTED); 17089a91a04aSGustavo F. Padovan skb = l2cap_create_iframe_pdu(chan, msg, len, control, 17099a91a04aSGustavo F. Padovan 0); 17109a91a04aSGustavo F. Padovan if (IS_ERR(skb)) 17119a91a04aSGustavo F. Padovan return PTR_ERR(skb); 17129a91a04aSGustavo F. Padovan 17139a91a04aSGustavo F. Padovan __skb_queue_tail(&chan->tx_q, skb); 17149a91a04aSGustavo F. Padovan 17159a91a04aSGustavo F. Padovan if (chan->tx_send_head == NULL) 17169a91a04aSGustavo F. Padovan chan->tx_send_head = skb; 17179a91a04aSGustavo F. Padovan 17189a91a04aSGustavo F. Padovan } else { 17199a91a04aSGustavo F. Padovan /* Segment SDU into multiples PDUs */ 17209a91a04aSGustavo F. Padovan err = l2cap_sar_segment_sdu(chan, msg, len); 17219a91a04aSGustavo F. Padovan if (err < 0) 17229a91a04aSGustavo F. Padovan return err; 17239a91a04aSGustavo F. Padovan } 17249a91a04aSGustavo F. Padovan 17259a91a04aSGustavo F. Padovan if (chan->mode == L2CAP_MODE_STREAMING) { 17269a91a04aSGustavo F. Padovan l2cap_streaming_send(chan); 17279a91a04aSGustavo F. Padovan err = len; 17289a91a04aSGustavo F. Padovan break; 17299a91a04aSGustavo F. Padovan } 17309a91a04aSGustavo F. Padovan 1731e2ab4353SGustavo F. Padovan if (test_bit(CONN_REMOTE_BUSY, &chan->conn_state) && 1732e2ab4353SGustavo F. Padovan test_bit(CONN_WAIT_F, &chan->conn_state)) { 17339a91a04aSGustavo F. Padovan err = len; 17349a91a04aSGustavo F. Padovan break; 17359a91a04aSGustavo F. Padovan } 17369a91a04aSGustavo F. Padovan 17379a91a04aSGustavo F. Padovan err = l2cap_ertm_send(chan); 17389a91a04aSGustavo F. Padovan if (err >= 0) 17399a91a04aSGustavo F. Padovan err = len; 17409a91a04aSGustavo F. Padovan 17419a91a04aSGustavo F. Padovan break; 17429a91a04aSGustavo F. Padovan 17439a91a04aSGustavo F. Padovan default: 17449a91a04aSGustavo F. Padovan BT_DBG("bad state %1.1x", chan->mode); 17459a91a04aSGustavo F. Padovan err = -EBADFD; 17469a91a04aSGustavo F. Padovan } 17479a91a04aSGustavo F. Padovan 17489a91a04aSGustavo F. Padovan return err; 17499a91a04aSGustavo F. Padovan } 17509a91a04aSGustavo F. Padovan 17510a708f8fSGustavo F. Padovan /* Copy frame to all raw sockets on that connection */ 17520a708f8fSGustavo F. Padovan static void l2cap_raw_recv(struct l2cap_conn *conn, struct sk_buff *skb) 17530a708f8fSGustavo F. Padovan { 17540a708f8fSGustavo F. Padovan struct sk_buff *nskb; 175548454079SGustavo F. Padovan struct l2cap_chan *chan; 17560a708f8fSGustavo F. Padovan 17570a708f8fSGustavo F. Padovan BT_DBG("conn %p", conn); 17580a708f8fSGustavo F. Padovan 1759baa7e1faSGustavo F. Padovan read_lock(&conn->chan_lock); 1760baa7e1faSGustavo F. Padovan list_for_each_entry(chan, &conn->chan_l, list) { 176148454079SGustavo F. Padovan struct sock *sk = chan->sk; 1762715ec005SGustavo F. Padovan if (chan->chan_type != L2CAP_CHAN_RAW) 17630a708f8fSGustavo F. Padovan continue; 17640a708f8fSGustavo F. Padovan 17650a708f8fSGustavo F. Padovan /* Don't send frame to the socket it came from */ 17660a708f8fSGustavo F. Padovan if (skb->sk == sk) 17670a708f8fSGustavo F. Padovan continue; 17680a708f8fSGustavo F. Padovan nskb = skb_clone(skb, GFP_ATOMIC); 17690a708f8fSGustavo F. Padovan if (!nskb) 17700a708f8fSGustavo F. Padovan continue; 17710a708f8fSGustavo F. Padovan 177223070494SGustavo F. Padovan if (chan->ops->recv(chan->data, nskb)) 17730a708f8fSGustavo F. Padovan kfree_skb(nskb); 17740a708f8fSGustavo F. Padovan } 1775baa7e1faSGustavo F. Padovan read_unlock(&conn->chan_lock); 17760a708f8fSGustavo F. Padovan } 17770a708f8fSGustavo F. Padovan 17780a708f8fSGustavo F. Padovan /* ---- L2CAP signalling commands ---- */ 17790a708f8fSGustavo F. Padovan static struct sk_buff *l2cap_build_cmd(struct l2cap_conn *conn, 17800a708f8fSGustavo F. Padovan u8 code, u8 ident, u16 dlen, void *data) 17810a708f8fSGustavo F. Padovan { 17820a708f8fSGustavo F. Padovan struct sk_buff *skb, **frag; 17830a708f8fSGustavo F. Padovan struct l2cap_cmd_hdr *cmd; 17840a708f8fSGustavo F. Padovan struct l2cap_hdr *lh; 17850a708f8fSGustavo F. Padovan int len, count; 17860a708f8fSGustavo F. Padovan 17870a708f8fSGustavo F. Padovan BT_DBG("conn %p, code 0x%2.2x, ident 0x%2.2x, len %d", 17880a708f8fSGustavo F. Padovan conn, code, ident, dlen); 17890a708f8fSGustavo F. Padovan 17900a708f8fSGustavo F. Padovan len = L2CAP_HDR_SIZE + L2CAP_CMD_HDR_SIZE + dlen; 17910a708f8fSGustavo F. Padovan count = min_t(unsigned int, conn->mtu, len); 17920a708f8fSGustavo F. Padovan 17930a708f8fSGustavo F. Padovan skb = bt_skb_alloc(count, GFP_ATOMIC); 17940a708f8fSGustavo F. Padovan if (!skb) 17950a708f8fSGustavo F. Padovan return NULL; 17960a708f8fSGustavo F. Padovan 17970a708f8fSGustavo F. Padovan lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE); 17980a708f8fSGustavo F. Padovan lh->len = cpu_to_le16(L2CAP_CMD_HDR_SIZE + dlen); 17993300d9a9SClaudio Takahasi 18003300d9a9SClaudio Takahasi if (conn->hcon->type == LE_LINK) 18013300d9a9SClaudio Takahasi lh->cid = cpu_to_le16(L2CAP_CID_LE_SIGNALING); 18023300d9a9SClaudio Takahasi else 18030a708f8fSGustavo F. Padovan lh->cid = cpu_to_le16(L2CAP_CID_SIGNALING); 18040a708f8fSGustavo F. Padovan 18050a708f8fSGustavo F. Padovan cmd = (struct l2cap_cmd_hdr *) skb_put(skb, L2CAP_CMD_HDR_SIZE); 18060a708f8fSGustavo F. Padovan cmd->code = code; 18070a708f8fSGustavo F. Padovan cmd->ident = ident; 18080a708f8fSGustavo F. Padovan cmd->len = cpu_to_le16(dlen); 18090a708f8fSGustavo F. Padovan 18100a708f8fSGustavo F. Padovan if (dlen) { 18110a708f8fSGustavo F. Padovan count -= L2CAP_HDR_SIZE + L2CAP_CMD_HDR_SIZE; 18120a708f8fSGustavo F. Padovan memcpy(skb_put(skb, count), data, count); 18130a708f8fSGustavo F. Padovan data += count; 18140a708f8fSGustavo F. Padovan } 18150a708f8fSGustavo F. Padovan 18160a708f8fSGustavo F. Padovan len -= skb->len; 18170a708f8fSGustavo F. Padovan 18180a708f8fSGustavo F. Padovan /* Continuation fragments (no L2CAP header) */ 18190a708f8fSGustavo F. Padovan frag = &skb_shinfo(skb)->frag_list; 18200a708f8fSGustavo F. Padovan while (len) { 18210a708f8fSGustavo F. Padovan count = min_t(unsigned int, conn->mtu, len); 18220a708f8fSGustavo F. Padovan 18230a708f8fSGustavo F. Padovan *frag = bt_skb_alloc(count, GFP_ATOMIC); 18240a708f8fSGustavo F. Padovan if (!*frag) 18250a708f8fSGustavo F. Padovan goto fail; 18260a708f8fSGustavo F. Padovan 18270a708f8fSGustavo F. Padovan memcpy(skb_put(*frag, count), data, count); 18280a708f8fSGustavo F. Padovan 18290a708f8fSGustavo F. Padovan len -= count; 18300a708f8fSGustavo F. Padovan data += count; 18310a708f8fSGustavo F. Padovan 18320a708f8fSGustavo F. Padovan frag = &(*frag)->next; 18330a708f8fSGustavo F. Padovan } 18340a708f8fSGustavo F. Padovan 18350a708f8fSGustavo F. Padovan return skb; 18360a708f8fSGustavo F. Padovan 18370a708f8fSGustavo F. Padovan fail: 18380a708f8fSGustavo F. Padovan kfree_skb(skb); 18390a708f8fSGustavo F. Padovan return NULL; 18400a708f8fSGustavo F. Padovan } 18410a708f8fSGustavo F. Padovan 18420a708f8fSGustavo F. Padovan static inline int l2cap_get_conf_opt(void **ptr, int *type, int *olen, unsigned long *val) 18430a708f8fSGustavo F. Padovan { 18440a708f8fSGustavo F. Padovan struct l2cap_conf_opt *opt = *ptr; 18450a708f8fSGustavo F. Padovan int len; 18460a708f8fSGustavo F. Padovan 18470a708f8fSGustavo F. Padovan len = L2CAP_CONF_OPT_SIZE + opt->len; 18480a708f8fSGustavo F. Padovan *ptr += len; 18490a708f8fSGustavo F. Padovan 18500a708f8fSGustavo F. Padovan *type = opt->type; 18510a708f8fSGustavo F. Padovan *olen = opt->len; 18520a708f8fSGustavo F. Padovan 18530a708f8fSGustavo F. Padovan switch (opt->len) { 18540a708f8fSGustavo F. Padovan case 1: 18550a708f8fSGustavo F. Padovan *val = *((u8 *) opt->val); 18560a708f8fSGustavo F. Padovan break; 18570a708f8fSGustavo F. Padovan 18580a708f8fSGustavo F. Padovan case 2: 18590a708f8fSGustavo F. Padovan *val = get_unaligned_le16(opt->val); 18600a708f8fSGustavo F. Padovan break; 18610a708f8fSGustavo F. Padovan 18620a708f8fSGustavo F. Padovan case 4: 18630a708f8fSGustavo F. Padovan *val = get_unaligned_le32(opt->val); 18640a708f8fSGustavo F. Padovan break; 18650a708f8fSGustavo F. Padovan 18660a708f8fSGustavo F. Padovan default: 18670a708f8fSGustavo F. Padovan *val = (unsigned long) opt->val; 18680a708f8fSGustavo F. Padovan break; 18690a708f8fSGustavo F. Padovan } 18700a708f8fSGustavo F. Padovan 18710a708f8fSGustavo F. Padovan BT_DBG("type 0x%2.2x len %d val 0x%lx", *type, opt->len, *val); 18720a708f8fSGustavo F. Padovan return len; 18730a708f8fSGustavo F. Padovan } 18740a708f8fSGustavo F. Padovan 18750a708f8fSGustavo F. Padovan static void l2cap_add_conf_opt(void **ptr, u8 type, u8 len, unsigned long val) 18760a708f8fSGustavo F. Padovan { 18770a708f8fSGustavo F. Padovan struct l2cap_conf_opt *opt = *ptr; 18780a708f8fSGustavo F. Padovan 18790a708f8fSGustavo F. Padovan BT_DBG("type 0x%2.2x len %d val 0x%lx", type, len, val); 18800a708f8fSGustavo F. Padovan 18810a708f8fSGustavo F. Padovan opt->type = type; 18820a708f8fSGustavo F. Padovan opt->len = len; 18830a708f8fSGustavo F. Padovan 18840a708f8fSGustavo F. Padovan switch (len) { 18850a708f8fSGustavo F. Padovan case 1: 18860a708f8fSGustavo F. Padovan *((u8 *) opt->val) = val; 18870a708f8fSGustavo F. Padovan break; 18880a708f8fSGustavo F. Padovan 18890a708f8fSGustavo F. Padovan case 2: 18900a708f8fSGustavo F. Padovan put_unaligned_le16(val, opt->val); 18910a708f8fSGustavo F. Padovan break; 18920a708f8fSGustavo F. Padovan 18930a708f8fSGustavo F. Padovan case 4: 18940a708f8fSGustavo F. Padovan put_unaligned_le32(val, opt->val); 18950a708f8fSGustavo F. Padovan break; 18960a708f8fSGustavo F. Padovan 18970a708f8fSGustavo F. Padovan default: 18980a708f8fSGustavo F. Padovan memcpy(opt->val, (void *) val, len); 18990a708f8fSGustavo F. Padovan break; 19000a708f8fSGustavo F. Padovan } 19010a708f8fSGustavo F. Padovan 19020a708f8fSGustavo F. Padovan *ptr += L2CAP_CONF_OPT_SIZE + len; 19030a708f8fSGustavo F. Padovan } 19040a708f8fSGustavo F. Padovan 1905f89cef09SAndrei Emeltchenko static void l2cap_add_opt_efs(void **ptr, struct l2cap_chan *chan) 1906f89cef09SAndrei Emeltchenko { 1907f89cef09SAndrei Emeltchenko struct l2cap_conf_efs efs; 1908f89cef09SAndrei Emeltchenko 1909f89cef09SAndrei Emeltchenko switch(chan->mode) { 1910f89cef09SAndrei Emeltchenko case L2CAP_MODE_ERTM: 1911f89cef09SAndrei Emeltchenko efs.id = chan->local_id; 1912f89cef09SAndrei Emeltchenko efs.stype = chan->local_stype; 1913f89cef09SAndrei Emeltchenko efs.msdu = cpu_to_le16(chan->local_msdu); 1914f89cef09SAndrei Emeltchenko efs.sdu_itime = cpu_to_le32(chan->local_sdu_itime); 1915f89cef09SAndrei Emeltchenko efs.acc_lat = cpu_to_le32(L2CAP_DEFAULT_ACC_LAT); 1916f89cef09SAndrei Emeltchenko efs.flush_to = cpu_to_le32(L2CAP_DEFAULT_FLUSH_TO); 1917f89cef09SAndrei Emeltchenko break; 1918f89cef09SAndrei Emeltchenko 1919f89cef09SAndrei Emeltchenko case L2CAP_MODE_STREAMING: 1920f89cef09SAndrei Emeltchenko efs.id = 1; 1921f89cef09SAndrei Emeltchenko efs.stype = L2CAP_SERV_BESTEFFORT; 1922f89cef09SAndrei Emeltchenko efs.msdu = cpu_to_le16(chan->local_msdu); 1923f89cef09SAndrei Emeltchenko efs.sdu_itime = cpu_to_le32(chan->local_sdu_itime); 1924f89cef09SAndrei Emeltchenko efs.acc_lat = 0; 1925f89cef09SAndrei Emeltchenko efs.flush_to = 0; 1926f89cef09SAndrei Emeltchenko break; 1927f89cef09SAndrei Emeltchenko 1928f89cef09SAndrei Emeltchenko default: 1929f89cef09SAndrei Emeltchenko return; 1930f89cef09SAndrei Emeltchenko } 1931f89cef09SAndrei Emeltchenko 1932f89cef09SAndrei Emeltchenko l2cap_add_conf_opt(ptr, L2CAP_CONF_EFS, sizeof(efs), 1933f89cef09SAndrei Emeltchenko (unsigned long) &efs); 1934f89cef09SAndrei Emeltchenko } 1935f89cef09SAndrei Emeltchenko 19360a708f8fSGustavo F. Padovan static void l2cap_ack_timeout(unsigned long arg) 19370a708f8fSGustavo F. Padovan { 1938525cd185SGustavo F. Padovan struct l2cap_chan *chan = (void *) arg; 19390a708f8fSGustavo F. Padovan 1940525cd185SGustavo F. Padovan bh_lock_sock(chan->sk); 1941525cd185SGustavo F. Padovan l2cap_send_ack(chan); 1942525cd185SGustavo F. Padovan bh_unlock_sock(chan->sk); 19430a708f8fSGustavo F. Padovan } 19440a708f8fSGustavo F. Padovan 1945525cd185SGustavo F. Padovan static inline void l2cap_ertm_init(struct l2cap_chan *chan) 19460a708f8fSGustavo F. Padovan { 1947525cd185SGustavo F. Padovan struct sock *sk = chan->sk; 1948525cd185SGustavo F. Padovan 194942e5c802SGustavo F. Padovan chan->expected_ack_seq = 0; 19506a026610SGustavo F. Padovan chan->unacked_frames = 0; 195142e5c802SGustavo F. Padovan chan->buffer_seq = 0; 19526a026610SGustavo F. Padovan chan->num_acked = 0; 19536a026610SGustavo F. Padovan chan->frames_sent = 0; 19540a708f8fSGustavo F. Padovan 1955e92c8e70SGustavo F. Padovan setup_timer(&chan->retrans_timer, l2cap_retrans_timeout, 1956e92c8e70SGustavo F. Padovan (unsigned long) chan); 1957e92c8e70SGustavo F. Padovan setup_timer(&chan->monitor_timer, l2cap_monitor_timeout, 1958e92c8e70SGustavo F. Padovan (unsigned long) chan); 1959e92c8e70SGustavo F. Padovan setup_timer(&chan->ack_timer, l2cap_ack_timeout, (unsigned long) chan); 19600a708f8fSGustavo F. Padovan 1961f1c6775bSGustavo F. Padovan skb_queue_head_init(&chan->srej_q); 19620a708f8fSGustavo F. Padovan 196339d5a3eeSGustavo F. Padovan INIT_LIST_HEAD(&chan->srej_l); 196439d5a3eeSGustavo F. Padovan 19650a708f8fSGustavo F. Padovan 19660a708f8fSGustavo F. Padovan sk->sk_backlog_rcv = l2cap_ertm_data_rcv; 19670a708f8fSGustavo F. Padovan } 19680a708f8fSGustavo F. Padovan 19690a708f8fSGustavo F. Padovan static inline __u8 l2cap_select_mode(__u8 mode, __u16 remote_feat_mask) 19700a708f8fSGustavo F. Padovan { 19710a708f8fSGustavo F. Padovan switch (mode) { 19720a708f8fSGustavo F. Padovan case L2CAP_MODE_STREAMING: 19730a708f8fSGustavo F. Padovan case L2CAP_MODE_ERTM: 19740a708f8fSGustavo F. Padovan if (l2cap_mode_supported(mode, remote_feat_mask)) 19750a708f8fSGustavo F. Padovan return mode; 19760a708f8fSGustavo F. Padovan /* fall through */ 19770a708f8fSGustavo F. Padovan default: 19780a708f8fSGustavo F. Padovan return L2CAP_MODE_BASIC; 19790a708f8fSGustavo F. Padovan } 19800a708f8fSGustavo F. Padovan } 19810a708f8fSGustavo F. Padovan 19826327eb98SAndrei Emeltchenko static inline bool __l2cap_ews_supported(struct l2cap_chan *chan) 19836327eb98SAndrei Emeltchenko { 19846327eb98SAndrei Emeltchenko return enable_hs && chan->conn->feat_mask & L2CAP_FEAT_EXT_WINDOW; 19856327eb98SAndrei Emeltchenko } 19866327eb98SAndrei Emeltchenko 1987f89cef09SAndrei Emeltchenko static inline bool __l2cap_efs_supported(struct l2cap_chan *chan) 1988f89cef09SAndrei Emeltchenko { 1989f89cef09SAndrei Emeltchenko return enable_hs && chan->conn->feat_mask & L2CAP_FEAT_EXT_FLOW; 1990f89cef09SAndrei Emeltchenko } 1991f89cef09SAndrei Emeltchenko 19926327eb98SAndrei Emeltchenko static inline void l2cap_txwin_setup(struct l2cap_chan *chan) 19936327eb98SAndrei Emeltchenko { 19946327eb98SAndrei Emeltchenko if (chan->tx_win > L2CAP_DEFAULT_TX_WINDOW && 1995836be934SAndrei Emeltchenko __l2cap_ews_supported(chan)) { 19966327eb98SAndrei Emeltchenko /* use extended control field */ 19976327eb98SAndrei Emeltchenko set_bit(FLAG_EXT_CTRL, &chan->flags); 1998836be934SAndrei Emeltchenko chan->tx_win_max = L2CAP_DEFAULT_EXT_WINDOW; 1999836be934SAndrei Emeltchenko } else { 20006327eb98SAndrei Emeltchenko chan->tx_win = min_t(u16, chan->tx_win, 20016327eb98SAndrei Emeltchenko L2CAP_DEFAULT_TX_WINDOW); 2002836be934SAndrei Emeltchenko chan->tx_win_max = L2CAP_DEFAULT_TX_WINDOW; 2003836be934SAndrei Emeltchenko } 20046327eb98SAndrei Emeltchenko } 20056327eb98SAndrei Emeltchenko 2006710f9b0aSGustavo F. Padovan static int l2cap_build_conf_req(struct l2cap_chan *chan, void *data) 20070a708f8fSGustavo F. Padovan { 20080a708f8fSGustavo F. Padovan struct l2cap_conf_req *req = data; 20090c1bc5c6SGustavo F. Padovan struct l2cap_conf_rfc rfc = { .mode = chan->mode }; 20100a708f8fSGustavo F. Padovan void *ptr = req->data; 2011c8f79162SAndrei Emeltchenko u16 size; 20120a708f8fSGustavo F. Padovan 201349208c9cSGustavo F. Padovan BT_DBG("chan %p", chan); 20140a708f8fSGustavo F. Padovan 201573ffa904SGustavo F. Padovan if (chan->num_conf_req || chan->num_conf_rsp) 20160a708f8fSGustavo F. Padovan goto done; 20170a708f8fSGustavo F. Padovan 20180c1bc5c6SGustavo F. Padovan switch (chan->mode) { 20190a708f8fSGustavo F. Padovan case L2CAP_MODE_STREAMING: 20200a708f8fSGustavo F. Padovan case L2CAP_MODE_ERTM: 2021c1360a1cSGustavo F. Padovan if (test_bit(CONF_STATE2_DEVICE, &chan->conf_state)) 20220a708f8fSGustavo F. Padovan break; 20230a708f8fSGustavo F. Padovan 2024f89cef09SAndrei Emeltchenko if (__l2cap_efs_supported(chan)) 2025f89cef09SAndrei Emeltchenko set_bit(FLAG_EFS_ENABLE, &chan->flags); 2026f89cef09SAndrei Emeltchenko 20270a708f8fSGustavo F. Padovan /* fall through */ 20280a708f8fSGustavo F. Padovan default: 20298c1d787bSGustavo F. Padovan chan->mode = l2cap_select_mode(rfc.mode, chan->conn->feat_mask); 20300a708f8fSGustavo F. Padovan break; 20310a708f8fSGustavo F. Padovan } 20320a708f8fSGustavo F. Padovan 20330a708f8fSGustavo F. Padovan done: 20340c1bc5c6SGustavo F. Padovan if (chan->imtu != L2CAP_DEFAULT_MTU) 20350c1bc5c6SGustavo F. Padovan l2cap_add_conf_opt(&ptr, L2CAP_CONF_MTU, 2, chan->imtu); 20360a708f8fSGustavo F. Padovan 20370c1bc5c6SGustavo F. Padovan switch (chan->mode) { 20380a708f8fSGustavo F. Padovan case L2CAP_MODE_BASIC: 20398c1d787bSGustavo F. Padovan if (!(chan->conn->feat_mask & L2CAP_FEAT_ERTM) && 20408c1d787bSGustavo F. Padovan !(chan->conn->feat_mask & L2CAP_FEAT_STREAMING)) 20410a708f8fSGustavo F. Padovan break; 20420a708f8fSGustavo F. Padovan 20430a708f8fSGustavo F. Padovan rfc.mode = L2CAP_MODE_BASIC; 20440a708f8fSGustavo F. Padovan rfc.txwin_size = 0; 20450a708f8fSGustavo F. Padovan rfc.max_transmit = 0; 20460a708f8fSGustavo F. Padovan rfc.retrans_timeout = 0; 20470a708f8fSGustavo F. Padovan rfc.monitor_timeout = 0; 20480a708f8fSGustavo F. Padovan rfc.max_pdu_size = 0; 20490a708f8fSGustavo F. Padovan 20500a708f8fSGustavo F. Padovan l2cap_add_conf_opt(&ptr, L2CAP_CONF_RFC, sizeof(rfc), 20510a708f8fSGustavo F. Padovan (unsigned long) &rfc); 20520a708f8fSGustavo F. Padovan break; 20530a708f8fSGustavo F. Padovan 20540a708f8fSGustavo F. Padovan case L2CAP_MODE_ERTM: 20550a708f8fSGustavo F. Padovan rfc.mode = L2CAP_MODE_ERTM; 205647d1ec61SGustavo F. Padovan rfc.max_transmit = chan->max_tx; 20570a708f8fSGustavo F. Padovan rfc.retrans_timeout = 0; 20580a708f8fSGustavo F. Padovan rfc.monitor_timeout = 0; 2059c8f79162SAndrei Emeltchenko 2060c8f79162SAndrei Emeltchenko size = min_t(u16, L2CAP_DEFAULT_MAX_PDU_SIZE, chan->conn->mtu - 2061c8f79162SAndrei Emeltchenko L2CAP_EXT_HDR_SIZE - 2062c8f79162SAndrei Emeltchenko L2CAP_SDULEN_SIZE - 2063c8f79162SAndrei Emeltchenko L2CAP_FCS_SIZE); 2064c8f79162SAndrei Emeltchenko rfc.max_pdu_size = cpu_to_le16(size); 20650a708f8fSGustavo F. Padovan 20666327eb98SAndrei Emeltchenko l2cap_txwin_setup(chan); 20676327eb98SAndrei Emeltchenko 20686327eb98SAndrei Emeltchenko rfc.txwin_size = min_t(u16, chan->tx_win, 20696327eb98SAndrei Emeltchenko L2CAP_DEFAULT_TX_WINDOW); 20706327eb98SAndrei Emeltchenko 20710a708f8fSGustavo F. Padovan l2cap_add_conf_opt(&ptr, L2CAP_CONF_RFC, sizeof(rfc), 20720a708f8fSGustavo F. Padovan (unsigned long) &rfc); 20730a708f8fSGustavo F. Padovan 2074f89cef09SAndrei Emeltchenko if (test_bit(FLAG_EFS_ENABLE, &chan->flags)) 2075f89cef09SAndrei Emeltchenko l2cap_add_opt_efs(&ptr, chan); 2076f89cef09SAndrei Emeltchenko 20778c1d787bSGustavo F. Padovan if (!(chan->conn->feat_mask & L2CAP_FEAT_FCS)) 20780a708f8fSGustavo F. Padovan break; 20790a708f8fSGustavo F. Padovan 208047d1ec61SGustavo F. Padovan if (chan->fcs == L2CAP_FCS_NONE || 2081c1360a1cSGustavo F. Padovan test_bit(CONF_NO_FCS_RECV, &chan->conf_state)) { 208247d1ec61SGustavo F. Padovan chan->fcs = L2CAP_FCS_NONE; 208347d1ec61SGustavo F. Padovan l2cap_add_conf_opt(&ptr, L2CAP_CONF_FCS, 1, chan->fcs); 20840a708f8fSGustavo F. Padovan } 20856327eb98SAndrei Emeltchenko 20866327eb98SAndrei Emeltchenko if (test_bit(FLAG_EXT_CTRL, &chan->flags)) 20876327eb98SAndrei Emeltchenko l2cap_add_conf_opt(&ptr, L2CAP_CONF_EWS, 2, 20886327eb98SAndrei Emeltchenko chan->tx_win); 20890a708f8fSGustavo F. Padovan break; 20900a708f8fSGustavo F. Padovan 20910a708f8fSGustavo F. Padovan case L2CAP_MODE_STREAMING: 20920a708f8fSGustavo F. Padovan rfc.mode = L2CAP_MODE_STREAMING; 20930a708f8fSGustavo F. Padovan rfc.txwin_size = 0; 20940a708f8fSGustavo F. Padovan rfc.max_transmit = 0; 20950a708f8fSGustavo F. Padovan rfc.retrans_timeout = 0; 20960a708f8fSGustavo F. Padovan rfc.monitor_timeout = 0; 2097c8f79162SAndrei Emeltchenko 2098c8f79162SAndrei Emeltchenko size = min_t(u16, L2CAP_DEFAULT_MAX_PDU_SIZE, chan->conn->mtu - 2099c8f79162SAndrei Emeltchenko L2CAP_EXT_HDR_SIZE - 2100c8f79162SAndrei Emeltchenko L2CAP_SDULEN_SIZE - 2101c8f79162SAndrei Emeltchenko L2CAP_FCS_SIZE); 2102c8f79162SAndrei Emeltchenko rfc.max_pdu_size = cpu_to_le16(size); 21030a708f8fSGustavo F. Padovan 21040a708f8fSGustavo F. Padovan l2cap_add_conf_opt(&ptr, L2CAP_CONF_RFC, sizeof(rfc), 21050a708f8fSGustavo F. Padovan (unsigned long) &rfc); 21060a708f8fSGustavo F. Padovan 2107f89cef09SAndrei Emeltchenko if (test_bit(FLAG_EFS_ENABLE, &chan->flags)) 2108f89cef09SAndrei Emeltchenko l2cap_add_opt_efs(&ptr, chan); 2109f89cef09SAndrei Emeltchenko 21108c1d787bSGustavo F. Padovan if (!(chan->conn->feat_mask & L2CAP_FEAT_FCS)) 21110a708f8fSGustavo F. Padovan break; 21120a708f8fSGustavo F. Padovan 211347d1ec61SGustavo F. Padovan if (chan->fcs == L2CAP_FCS_NONE || 2114c1360a1cSGustavo F. Padovan test_bit(CONF_NO_FCS_RECV, &chan->conf_state)) { 211547d1ec61SGustavo F. Padovan chan->fcs = L2CAP_FCS_NONE; 211647d1ec61SGustavo F. Padovan l2cap_add_conf_opt(&ptr, L2CAP_CONF_FCS, 1, chan->fcs); 21170a708f8fSGustavo F. Padovan } 21180a708f8fSGustavo F. Padovan break; 21190a708f8fSGustavo F. Padovan } 21200a708f8fSGustavo F. Padovan 2121fe4128e0SGustavo F. Padovan req->dcid = cpu_to_le16(chan->dcid); 21220a708f8fSGustavo F. Padovan req->flags = cpu_to_le16(0); 21230a708f8fSGustavo F. Padovan 21240a708f8fSGustavo F. Padovan return ptr - data; 21250a708f8fSGustavo F. Padovan } 21260a708f8fSGustavo F. Padovan 212773ffa904SGustavo F. Padovan static int l2cap_parse_conf_req(struct l2cap_chan *chan, void *data) 21280a708f8fSGustavo F. Padovan { 21290a708f8fSGustavo F. Padovan struct l2cap_conf_rsp *rsp = data; 21300a708f8fSGustavo F. Padovan void *ptr = rsp->data; 213173ffa904SGustavo F. Padovan void *req = chan->conf_req; 213273ffa904SGustavo F. Padovan int len = chan->conf_len; 21330a708f8fSGustavo F. Padovan int type, hint, olen; 21340a708f8fSGustavo F. Padovan unsigned long val; 21350a708f8fSGustavo F. Padovan struct l2cap_conf_rfc rfc = { .mode = L2CAP_MODE_BASIC }; 213642dceae2SAndrei Emeltchenko struct l2cap_conf_efs efs; 213742dceae2SAndrei Emeltchenko u8 remote_efs = 0; 21380a708f8fSGustavo F. Padovan u16 mtu = L2CAP_DEFAULT_MTU; 21390a708f8fSGustavo F. Padovan u16 result = L2CAP_CONF_SUCCESS; 2140c8f79162SAndrei Emeltchenko u16 size; 21410a708f8fSGustavo F. Padovan 214273ffa904SGustavo F. Padovan BT_DBG("chan %p", chan); 21430a708f8fSGustavo F. Padovan 21440a708f8fSGustavo F. Padovan while (len >= L2CAP_CONF_OPT_SIZE) { 21450a708f8fSGustavo F. Padovan len -= l2cap_get_conf_opt(&req, &type, &olen, &val); 21460a708f8fSGustavo F. Padovan 21470a708f8fSGustavo F. Padovan hint = type & L2CAP_CONF_HINT; 21480a708f8fSGustavo F. Padovan type &= L2CAP_CONF_MASK; 21490a708f8fSGustavo F. Padovan 21500a708f8fSGustavo F. Padovan switch (type) { 21510a708f8fSGustavo F. Padovan case L2CAP_CONF_MTU: 21520a708f8fSGustavo F. Padovan mtu = val; 21530a708f8fSGustavo F. Padovan break; 21540a708f8fSGustavo F. Padovan 21550a708f8fSGustavo F. Padovan case L2CAP_CONF_FLUSH_TO: 21560c1bc5c6SGustavo F. Padovan chan->flush_to = val; 21570a708f8fSGustavo F. Padovan break; 21580a708f8fSGustavo F. Padovan 21590a708f8fSGustavo F. Padovan case L2CAP_CONF_QOS: 21600a708f8fSGustavo F. Padovan break; 21610a708f8fSGustavo F. Padovan 21620a708f8fSGustavo F. Padovan case L2CAP_CONF_RFC: 21630a708f8fSGustavo F. Padovan if (olen == sizeof(rfc)) 21640a708f8fSGustavo F. Padovan memcpy(&rfc, (void *) val, olen); 21650a708f8fSGustavo F. Padovan break; 21660a708f8fSGustavo F. Padovan 21670a708f8fSGustavo F. Padovan case L2CAP_CONF_FCS: 21680a708f8fSGustavo F. Padovan if (val == L2CAP_FCS_NONE) 2169c1360a1cSGustavo F. Padovan set_bit(CONF_NO_FCS_RECV, &chan->conf_state); 217042dceae2SAndrei Emeltchenko break; 21710a708f8fSGustavo F. Padovan 217242dceae2SAndrei Emeltchenko case L2CAP_CONF_EFS: 217342dceae2SAndrei Emeltchenko remote_efs = 1; 217442dceae2SAndrei Emeltchenko if (olen == sizeof(efs)) 217542dceae2SAndrei Emeltchenko memcpy(&efs, (void *) val, olen); 21760a708f8fSGustavo F. Padovan break; 21770a708f8fSGustavo F. Padovan 21786327eb98SAndrei Emeltchenko case L2CAP_CONF_EWS: 21796327eb98SAndrei Emeltchenko if (!enable_hs) 21806327eb98SAndrei Emeltchenko return -ECONNREFUSED; 21816327eb98SAndrei Emeltchenko 21826327eb98SAndrei Emeltchenko set_bit(FLAG_EXT_CTRL, &chan->flags); 21836327eb98SAndrei Emeltchenko set_bit(CONF_EWS_RECV, &chan->conf_state); 2184836be934SAndrei Emeltchenko chan->tx_win_max = L2CAP_DEFAULT_EXT_WINDOW; 21856327eb98SAndrei Emeltchenko chan->remote_tx_win = val; 21866327eb98SAndrei Emeltchenko break; 21876327eb98SAndrei Emeltchenko 21880a708f8fSGustavo F. Padovan default: 21890a708f8fSGustavo F. Padovan if (hint) 21900a708f8fSGustavo F. Padovan break; 21910a708f8fSGustavo F. Padovan 21920a708f8fSGustavo F. Padovan result = L2CAP_CONF_UNKNOWN; 21930a708f8fSGustavo F. Padovan *((u8 *) ptr++) = type; 21940a708f8fSGustavo F. Padovan break; 21950a708f8fSGustavo F. Padovan } 21960a708f8fSGustavo F. Padovan } 21970a708f8fSGustavo F. Padovan 219873ffa904SGustavo F. Padovan if (chan->num_conf_rsp || chan->num_conf_req > 1) 21990a708f8fSGustavo F. Padovan goto done; 22000a708f8fSGustavo F. Padovan 22010c1bc5c6SGustavo F. Padovan switch (chan->mode) { 22020a708f8fSGustavo F. Padovan case L2CAP_MODE_STREAMING: 22030a708f8fSGustavo F. Padovan case L2CAP_MODE_ERTM: 2204c1360a1cSGustavo F. Padovan if (!test_bit(CONF_STATE2_DEVICE, &chan->conf_state)) { 22050c1bc5c6SGustavo F. Padovan chan->mode = l2cap_select_mode(rfc.mode, 22068c1d787bSGustavo F. Padovan chan->conn->feat_mask); 22070a708f8fSGustavo F. Padovan break; 22080a708f8fSGustavo F. Padovan } 22090a708f8fSGustavo F. Padovan 221042dceae2SAndrei Emeltchenko if (remote_efs) { 221142dceae2SAndrei Emeltchenko if (__l2cap_efs_supported(chan)) 221242dceae2SAndrei Emeltchenko set_bit(FLAG_EFS_ENABLE, &chan->flags); 221342dceae2SAndrei Emeltchenko else 221442dceae2SAndrei Emeltchenko return -ECONNREFUSED; 221542dceae2SAndrei Emeltchenko } 221642dceae2SAndrei Emeltchenko 22170c1bc5c6SGustavo F. Padovan if (chan->mode != rfc.mode) 22180a708f8fSGustavo F. Padovan return -ECONNREFUSED; 22190a708f8fSGustavo F. Padovan 22200a708f8fSGustavo F. Padovan break; 22210a708f8fSGustavo F. Padovan } 22220a708f8fSGustavo F. Padovan 22230a708f8fSGustavo F. Padovan done: 22240c1bc5c6SGustavo F. Padovan if (chan->mode != rfc.mode) { 22250a708f8fSGustavo F. Padovan result = L2CAP_CONF_UNACCEPT; 22260c1bc5c6SGustavo F. Padovan rfc.mode = chan->mode; 22270a708f8fSGustavo F. Padovan 222873ffa904SGustavo F. Padovan if (chan->num_conf_rsp == 1) 22290a708f8fSGustavo F. Padovan return -ECONNREFUSED; 22300a708f8fSGustavo F. Padovan 22310a708f8fSGustavo F. Padovan l2cap_add_conf_opt(&ptr, L2CAP_CONF_RFC, 22320a708f8fSGustavo F. Padovan sizeof(rfc), (unsigned long) &rfc); 22330a708f8fSGustavo F. Padovan } 22340a708f8fSGustavo F. Padovan 22350a708f8fSGustavo F. Padovan if (result == L2CAP_CONF_SUCCESS) { 22360a708f8fSGustavo F. Padovan /* Configure output options and let the other side know 22370a708f8fSGustavo F. Padovan * which ones we don't like. */ 22380a708f8fSGustavo F. Padovan 22390a708f8fSGustavo F. Padovan if (mtu < L2CAP_DEFAULT_MIN_MTU) 22400a708f8fSGustavo F. Padovan result = L2CAP_CONF_UNACCEPT; 22410a708f8fSGustavo F. Padovan else { 22420c1bc5c6SGustavo F. Padovan chan->omtu = mtu; 2243c1360a1cSGustavo F. Padovan set_bit(CONF_MTU_DONE, &chan->conf_state); 22440a708f8fSGustavo F. Padovan } 22450c1bc5c6SGustavo F. Padovan l2cap_add_conf_opt(&ptr, L2CAP_CONF_MTU, 2, chan->omtu); 22460a708f8fSGustavo F. Padovan 224742dceae2SAndrei Emeltchenko if (remote_efs) { 224842dceae2SAndrei Emeltchenko if (chan->local_stype != L2CAP_SERV_NOTRAFIC && 224942dceae2SAndrei Emeltchenko efs.stype != L2CAP_SERV_NOTRAFIC && 225042dceae2SAndrei Emeltchenko efs.stype != chan->local_stype) { 225142dceae2SAndrei Emeltchenko 225242dceae2SAndrei Emeltchenko result = L2CAP_CONF_UNACCEPT; 225342dceae2SAndrei Emeltchenko 225442dceae2SAndrei Emeltchenko if (chan->num_conf_req >= 1) 225542dceae2SAndrei Emeltchenko return -ECONNREFUSED; 225642dceae2SAndrei Emeltchenko 225742dceae2SAndrei Emeltchenko l2cap_add_conf_opt(&ptr, L2CAP_CONF_EFS, 225842dceae2SAndrei Emeltchenko sizeof(efs), 225942dceae2SAndrei Emeltchenko (unsigned long) &efs); 22600e8b207eSAndrei Emeltchenko } else { 22613e6b3b95SGustavo F. Padovan /* Send PENDING Conf Rsp */ 22620e8b207eSAndrei Emeltchenko result = L2CAP_CONF_PENDING; 22630e8b207eSAndrei Emeltchenko set_bit(CONF_LOC_CONF_PEND, &chan->conf_state); 226442dceae2SAndrei Emeltchenko } 226542dceae2SAndrei Emeltchenko } 226642dceae2SAndrei Emeltchenko 22670a708f8fSGustavo F. Padovan switch (rfc.mode) { 22680a708f8fSGustavo F. Padovan case L2CAP_MODE_BASIC: 226947d1ec61SGustavo F. Padovan chan->fcs = L2CAP_FCS_NONE; 2270c1360a1cSGustavo F. Padovan set_bit(CONF_MODE_DONE, &chan->conf_state); 22710a708f8fSGustavo F. Padovan break; 22720a708f8fSGustavo F. Padovan 22730a708f8fSGustavo F. Padovan case L2CAP_MODE_ERTM: 22746327eb98SAndrei Emeltchenko if (!test_bit(CONF_EWS_RECV, &chan->conf_state)) 22752c03a7a4SGustavo F. Padovan chan->remote_tx_win = rfc.txwin_size; 22766327eb98SAndrei Emeltchenko else 22776327eb98SAndrei Emeltchenko rfc.txwin_size = L2CAP_DEFAULT_TX_WINDOW; 22786327eb98SAndrei Emeltchenko 22792c03a7a4SGustavo F. Padovan chan->remote_max_tx = rfc.max_transmit; 22800a708f8fSGustavo F. Padovan 2281c8f79162SAndrei Emeltchenko size = min_t(u16, le16_to_cpu(rfc.max_pdu_size), 2282c8f79162SAndrei Emeltchenko chan->conn->mtu - 2283c8f79162SAndrei Emeltchenko L2CAP_EXT_HDR_SIZE - 2284c8f79162SAndrei Emeltchenko L2CAP_SDULEN_SIZE - 2285c8f79162SAndrei Emeltchenko L2CAP_FCS_SIZE); 2286c8f79162SAndrei Emeltchenko rfc.max_pdu_size = cpu_to_le16(size); 2287c8f79162SAndrei Emeltchenko chan->remote_mps = size; 22880a708f8fSGustavo F. Padovan 22890a708f8fSGustavo F. Padovan rfc.retrans_timeout = 22900a708f8fSGustavo F. Padovan le16_to_cpu(L2CAP_DEFAULT_RETRANS_TO); 22910a708f8fSGustavo F. Padovan rfc.monitor_timeout = 22920a708f8fSGustavo F. Padovan le16_to_cpu(L2CAP_DEFAULT_MONITOR_TO); 22930a708f8fSGustavo F. Padovan 2294c1360a1cSGustavo F. Padovan set_bit(CONF_MODE_DONE, &chan->conf_state); 22950a708f8fSGustavo F. Padovan 22960a708f8fSGustavo F. Padovan l2cap_add_conf_opt(&ptr, L2CAP_CONF_RFC, 22970a708f8fSGustavo F. Padovan sizeof(rfc), (unsigned long) &rfc); 22980a708f8fSGustavo F. Padovan 229942dceae2SAndrei Emeltchenko if (test_bit(FLAG_EFS_ENABLE, &chan->flags)) { 230042dceae2SAndrei Emeltchenko chan->remote_id = efs.id; 230142dceae2SAndrei Emeltchenko chan->remote_stype = efs.stype; 230242dceae2SAndrei Emeltchenko chan->remote_msdu = le16_to_cpu(efs.msdu); 230342dceae2SAndrei Emeltchenko chan->remote_flush_to = 230442dceae2SAndrei Emeltchenko le32_to_cpu(efs.flush_to); 230542dceae2SAndrei Emeltchenko chan->remote_acc_lat = 230642dceae2SAndrei Emeltchenko le32_to_cpu(efs.acc_lat); 230742dceae2SAndrei Emeltchenko chan->remote_sdu_itime = 230842dceae2SAndrei Emeltchenko le32_to_cpu(efs.sdu_itime); 230942dceae2SAndrei Emeltchenko l2cap_add_conf_opt(&ptr, L2CAP_CONF_EFS, 231042dceae2SAndrei Emeltchenko sizeof(efs), (unsigned long) &efs); 231142dceae2SAndrei Emeltchenko } 23120a708f8fSGustavo F. Padovan break; 23130a708f8fSGustavo F. Padovan 23140a708f8fSGustavo F. Padovan case L2CAP_MODE_STREAMING: 2315c8f79162SAndrei Emeltchenko size = min_t(u16, le16_to_cpu(rfc.max_pdu_size), 2316c8f79162SAndrei Emeltchenko chan->conn->mtu - 2317c8f79162SAndrei Emeltchenko L2CAP_EXT_HDR_SIZE - 2318c8f79162SAndrei Emeltchenko L2CAP_SDULEN_SIZE - 2319c8f79162SAndrei Emeltchenko L2CAP_FCS_SIZE); 2320c8f79162SAndrei Emeltchenko rfc.max_pdu_size = cpu_to_le16(size); 2321c8f79162SAndrei Emeltchenko chan->remote_mps = size; 23220a708f8fSGustavo F. Padovan 2323c1360a1cSGustavo F. Padovan set_bit(CONF_MODE_DONE, &chan->conf_state); 23240a708f8fSGustavo F. Padovan 23250a708f8fSGustavo F. Padovan l2cap_add_conf_opt(&ptr, L2CAP_CONF_RFC, 23260a708f8fSGustavo F. Padovan sizeof(rfc), (unsigned long) &rfc); 23270a708f8fSGustavo F. Padovan 23280a708f8fSGustavo F. Padovan break; 23290a708f8fSGustavo F. Padovan 23300a708f8fSGustavo F. Padovan default: 23310a708f8fSGustavo F. Padovan result = L2CAP_CONF_UNACCEPT; 23320a708f8fSGustavo F. Padovan 23330a708f8fSGustavo F. Padovan memset(&rfc, 0, sizeof(rfc)); 23340c1bc5c6SGustavo F. Padovan rfc.mode = chan->mode; 23350a708f8fSGustavo F. Padovan } 23360a708f8fSGustavo F. Padovan 23370a708f8fSGustavo F. Padovan if (result == L2CAP_CONF_SUCCESS) 2338c1360a1cSGustavo F. Padovan set_bit(CONF_OUTPUT_DONE, &chan->conf_state); 23390a708f8fSGustavo F. Padovan } 2340fe4128e0SGustavo F. Padovan rsp->scid = cpu_to_le16(chan->dcid); 23410a708f8fSGustavo F. Padovan rsp->result = cpu_to_le16(result); 23420a708f8fSGustavo F. Padovan rsp->flags = cpu_to_le16(0x0000); 23430a708f8fSGustavo F. Padovan 23440a708f8fSGustavo F. Padovan return ptr - data; 23450a708f8fSGustavo F. Padovan } 23460a708f8fSGustavo F. Padovan 2347b4450035SGustavo F. Padovan static int l2cap_parse_conf_rsp(struct l2cap_chan *chan, void *rsp, int len, void *data, u16 *result) 23480a708f8fSGustavo F. Padovan { 23490a708f8fSGustavo F. Padovan struct l2cap_conf_req *req = data; 23500a708f8fSGustavo F. Padovan void *ptr = req->data; 23510a708f8fSGustavo F. Padovan int type, olen; 23520a708f8fSGustavo F. Padovan unsigned long val; 23530a708f8fSGustavo F. Padovan struct l2cap_conf_rfc rfc; 235466af7aafSAndrei Emeltchenko struct l2cap_conf_efs efs; 23550a708f8fSGustavo F. Padovan 2356fe4128e0SGustavo F. Padovan BT_DBG("chan %p, rsp %p, len %d, req %p", chan, rsp, len, data); 23570a708f8fSGustavo F. Padovan 23580a708f8fSGustavo F. Padovan while (len >= L2CAP_CONF_OPT_SIZE) { 23590a708f8fSGustavo F. Padovan len -= l2cap_get_conf_opt(&rsp, &type, &olen, &val); 23600a708f8fSGustavo F. Padovan 23610a708f8fSGustavo F. Padovan switch (type) { 23620a708f8fSGustavo F. Padovan case L2CAP_CONF_MTU: 23630a708f8fSGustavo F. Padovan if (val < L2CAP_DEFAULT_MIN_MTU) { 23640a708f8fSGustavo F. Padovan *result = L2CAP_CONF_UNACCEPT; 23650c1bc5c6SGustavo F. Padovan chan->imtu = L2CAP_DEFAULT_MIN_MTU; 23660a708f8fSGustavo F. Padovan } else 23670c1bc5c6SGustavo F. Padovan chan->imtu = val; 23680c1bc5c6SGustavo F. Padovan l2cap_add_conf_opt(&ptr, L2CAP_CONF_MTU, 2, chan->imtu); 23690a708f8fSGustavo F. Padovan break; 23700a708f8fSGustavo F. Padovan 23710a708f8fSGustavo F. Padovan case L2CAP_CONF_FLUSH_TO: 23720c1bc5c6SGustavo F. Padovan chan->flush_to = val; 23730a708f8fSGustavo F. Padovan l2cap_add_conf_opt(&ptr, L2CAP_CONF_FLUSH_TO, 23740c1bc5c6SGustavo F. Padovan 2, chan->flush_to); 23750a708f8fSGustavo F. Padovan break; 23760a708f8fSGustavo F. Padovan 23770a708f8fSGustavo F. Padovan case L2CAP_CONF_RFC: 23780a708f8fSGustavo F. Padovan if (olen == sizeof(rfc)) 23790a708f8fSGustavo F. Padovan memcpy(&rfc, (void *)val, olen); 23800a708f8fSGustavo F. Padovan 2381c1360a1cSGustavo F. Padovan if (test_bit(CONF_STATE2_DEVICE, &chan->conf_state) && 23820c1bc5c6SGustavo F. Padovan rfc.mode != chan->mode) 23830a708f8fSGustavo F. Padovan return -ECONNREFUSED; 23840a708f8fSGustavo F. Padovan 238547d1ec61SGustavo F. Padovan chan->fcs = 0; 23860a708f8fSGustavo F. Padovan 23870a708f8fSGustavo F. Padovan l2cap_add_conf_opt(&ptr, L2CAP_CONF_RFC, 23880a708f8fSGustavo F. Padovan sizeof(rfc), (unsigned long) &rfc); 23890a708f8fSGustavo F. Padovan break; 23906327eb98SAndrei Emeltchenko 23916327eb98SAndrei Emeltchenko case L2CAP_CONF_EWS: 23926327eb98SAndrei Emeltchenko chan->tx_win = min_t(u16, val, 23936327eb98SAndrei Emeltchenko L2CAP_DEFAULT_EXT_WINDOW); 23943e6b3b95SGustavo F. Padovan l2cap_add_conf_opt(&ptr, L2CAP_CONF_EWS, 2, 23953e6b3b95SGustavo F. Padovan chan->tx_win); 23966327eb98SAndrei Emeltchenko break; 239766af7aafSAndrei Emeltchenko 239866af7aafSAndrei Emeltchenko case L2CAP_CONF_EFS: 239966af7aafSAndrei Emeltchenko if (olen == sizeof(efs)) 240066af7aafSAndrei Emeltchenko memcpy(&efs, (void *)val, olen); 240166af7aafSAndrei Emeltchenko 240266af7aafSAndrei Emeltchenko if (chan->local_stype != L2CAP_SERV_NOTRAFIC && 240366af7aafSAndrei Emeltchenko efs.stype != L2CAP_SERV_NOTRAFIC && 240466af7aafSAndrei Emeltchenko efs.stype != chan->local_stype) 240566af7aafSAndrei Emeltchenko return -ECONNREFUSED; 240666af7aafSAndrei Emeltchenko 240766af7aafSAndrei Emeltchenko l2cap_add_conf_opt(&ptr, L2CAP_CONF_EFS, 240866af7aafSAndrei Emeltchenko sizeof(efs), (unsigned long) &efs); 240966af7aafSAndrei Emeltchenko break; 24100a708f8fSGustavo F. Padovan } 24110a708f8fSGustavo F. Padovan } 24120a708f8fSGustavo F. Padovan 24130c1bc5c6SGustavo F. Padovan if (chan->mode == L2CAP_MODE_BASIC && chan->mode != rfc.mode) 24140a708f8fSGustavo F. Padovan return -ECONNREFUSED; 24150a708f8fSGustavo F. Padovan 24160c1bc5c6SGustavo F. Padovan chan->mode = rfc.mode; 24170a708f8fSGustavo F. Padovan 24180e8b207eSAndrei Emeltchenko if (*result == L2CAP_CONF_SUCCESS || *result == L2CAP_CONF_PENDING) { 24190a708f8fSGustavo F. Padovan switch (rfc.mode) { 24200a708f8fSGustavo F. Padovan case L2CAP_MODE_ERTM: 242147d1ec61SGustavo F. Padovan chan->retrans_timeout = le16_to_cpu(rfc.retrans_timeout); 242247d1ec61SGustavo F. Padovan chan->monitor_timeout = le16_to_cpu(rfc.monitor_timeout); 242347d1ec61SGustavo F. Padovan chan->mps = le16_to_cpu(rfc.max_pdu_size); 242466af7aafSAndrei Emeltchenko 242566af7aafSAndrei Emeltchenko if (test_bit(FLAG_EFS_ENABLE, &chan->flags)) { 242666af7aafSAndrei Emeltchenko chan->local_msdu = le16_to_cpu(efs.msdu); 242766af7aafSAndrei Emeltchenko chan->local_sdu_itime = 242866af7aafSAndrei Emeltchenko le32_to_cpu(efs.sdu_itime); 242966af7aafSAndrei Emeltchenko chan->local_acc_lat = le32_to_cpu(efs.acc_lat); 243066af7aafSAndrei Emeltchenko chan->local_flush_to = 243166af7aafSAndrei Emeltchenko le32_to_cpu(efs.flush_to); 243266af7aafSAndrei Emeltchenko } 24330a708f8fSGustavo F. Padovan break; 243466af7aafSAndrei Emeltchenko 24350a708f8fSGustavo F. Padovan case L2CAP_MODE_STREAMING: 243647d1ec61SGustavo F. Padovan chan->mps = le16_to_cpu(rfc.max_pdu_size); 24370a708f8fSGustavo F. Padovan } 24380a708f8fSGustavo F. Padovan } 24390a708f8fSGustavo F. Padovan 2440fe4128e0SGustavo F. Padovan req->dcid = cpu_to_le16(chan->dcid); 24410a708f8fSGustavo F. Padovan req->flags = cpu_to_le16(0x0000); 24420a708f8fSGustavo F. Padovan 24430a708f8fSGustavo F. Padovan return ptr - data; 24440a708f8fSGustavo F. Padovan } 24450a708f8fSGustavo F. Padovan 2446fe4128e0SGustavo F. Padovan static int l2cap_build_conf_rsp(struct l2cap_chan *chan, void *data, u16 result, u16 flags) 24470a708f8fSGustavo F. Padovan { 24480a708f8fSGustavo F. Padovan struct l2cap_conf_rsp *rsp = data; 24490a708f8fSGustavo F. Padovan void *ptr = rsp->data; 24500a708f8fSGustavo F. Padovan 2451fe4128e0SGustavo F. Padovan BT_DBG("chan %p", chan); 24520a708f8fSGustavo F. Padovan 2453fe4128e0SGustavo F. Padovan rsp->scid = cpu_to_le16(chan->dcid); 24540a708f8fSGustavo F. Padovan rsp->result = cpu_to_le16(result); 24550a708f8fSGustavo F. Padovan rsp->flags = cpu_to_le16(flags); 24560a708f8fSGustavo F. Padovan 24570a708f8fSGustavo F. Padovan return ptr - data; 24580a708f8fSGustavo F. Padovan } 24590a708f8fSGustavo F. Padovan 24608c1d787bSGustavo F. Padovan void __l2cap_connect_rsp_defer(struct l2cap_chan *chan) 2461710f9b0aSGustavo F. Padovan { 2462710f9b0aSGustavo F. Padovan struct l2cap_conn_rsp rsp; 24638c1d787bSGustavo F. Padovan struct l2cap_conn *conn = chan->conn; 2464710f9b0aSGustavo F. Padovan u8 buf[128]; 2465710f9b0aSGustavo F. Padovan 2466fe4128e0SGustavo F. Padovan rsp.scid = cpu_to_le16(chan->dcid); 2467fe4128e0SGustavo F. Padovan rsp.dcid = cpu_to_le16(chan->scid); 2468710f9b0aSGustavo F. Padovan rsp.result = cpu_to_le16(L2CAP_CR_SUCCESS); 2469710f9b0aSGustavo F. Padovan rsp.status = cpu_to_le16(L2CAP_CS_NO_INFO); 2470710f9b0aSGustavo F. Padovan l2cap_send_cmd(conn, chan->ident, 2471710f9b0aSGustavo F. Padovan L2CAP_CONN_RSP, sizeof(rsp), &rsp); 2472710f9b0aSGustavo F. Padovan 2473c1360a1cSGustavo F. Padovan if (test_and_set_bit(CONF_REQ_SENT, &chan->conf_state)) 2474710f9b0aSGustavo F. Padovan return; 2475710f9b0aSGustavo F. Padovan 2476710f9b0aSGustavo F. Padovan l2cap_send_cmd(conn, l2cap_get_ident(conn), L2CAP_CONF_REQ, 2477710f9b0aSGustavo F. Padovan l2cap_build_conf_req(chan, buf), buf); 2478710f9b0aSGustavo F. Padovan chan->num_conf_req++; 2479710f9b0aSGustavo F. Padovan } 2480710f9b0aSGustavo F. Padovan 248147d1ec61SGustavo F. Padovan static void l2cap_conf_rfc_get(struct l2cap_chan *chan, void *rsp, int len) 24820a708f8fSGustavo F. Padovan { 24830a708f8fSGustavo F. Padovan int type, olen; 24840a708f8fSGustavo F. Padovan unsigned long val; 24850a708f8fSGustavo F. Padovan struct l2cap_conf_rfc rfc; 24860a708f8fSGustavo F. Padovan 248747d1ec61SGustavo F. Padovan BT_DBG("chan %p, rsp %p, len %d", chan, rsp, len); 24880a708f8fSGustavo F. Padovan 24890c1bc5c6SGustavo F. Padovan if ((chan->mode != L2CAP_MODE_ERTM) && (chan->mode != L2CAP_MODE_STREAMING)) 24900a708f8fSGustavo F. Padovan return; 24910a708f8fSGustavo F. Padovan 24920a708f8fSGustavo F. Padovan while (len >= L2CAP_CONF_OPT_SIZE) { 24930a708f8fSGustavo F. Padovan len -= l2cap_get_conf_opt(&rsp, &type, &olen, &val); 24940a708f8fSGustavo F. Padovan 24950a708f8fSGustavo F. Padovan switch (type) { 24960a708f8fSGustavo F. Padovan case L2CAP_CONF_RFC: 24970a708f8fSGustavo F. Padovan if (olen == sizeof(rfc)) 24980a708f8fSGustavo F. Padovan memcpy(&rfc, (void *)val, olen); 24990a708f8fSGustavo F. Padovan goto done; 25000a708f8fSGustavo F. Padovan } 25010a708f8fSGustavo F. Padovan } 25020a708f8fSGustavo F. Padovan 25030a708f8fSGustavo F. Padovan done: 25040a708f8fSGustavo F. Padovan switch (rfc.mode) { 25050a708f8fSGustavo F. Padovan case L2CAP_MODE_ERTM: 250647d1ec61SGustavo F. Padovan chan->retrans_timeout = le16_to_cpu(rfc.retrans_timeout); 250747d1ec61SGustavo F. Padovan chan->monitor_timeout = le16_to_cpu(rfc.monitor_timeout); 250847d1ec61SGustavo F. Padovan chan->mps = le16_to_cpu(rfc.max_pdu_size); 25090a708f8fSGustavo F. Padovan break; 25100a708f8fSGustavo F. Padovan case L2CAP_MODE_STREAMING: 251147d1ec61SGustavo F. Padovan chan->mps = le16_to_cpu(rfc.max_pdu_size); 25120a708f8fSGustavo F. Padovan } 25130a708f8fSGustavo F. Padovan } 25140a708f8fSGustavo F. Padovan 25150a708f8fSGustavo F. Padovan static inline int l2cap_command_rej(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u8 *data) 25160a708f8fSGustavo F. Padovan { 2517e2fd318eSIlia Kolomisnky struct l2cap_cmd_rej_unk *rej = (struct l2cap_cmd_rej_unk *) data; 25180a708f8fSGustavo F. Padovan 2519e2fd318eSIlia Kolomisnky if (rej->reason != L2CAP_REJ_NOT_UNDERSTOOD) 25200a708f8fSGustavo F. Padovan return 0; 25210a708f8fSGustavo F. Padovan 25220a708f8fSGustavo F. Padovan if ((conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_SENT) && 25230a708f8fSGustavo F. Padovan cmd->ident == conn->info_ident) { 25240a708f8fSGustavo F. Padovan del_timer(&conn->info_timer); 25250a708f8fSGustavo F. Padovan 25260a708f8fSGustavo F. Padovan conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_DONE; 25270a708f8fSGustavo F. Padovan conn->info_ident = 0; 25280a708f8fSGustavo F. Padovan 25290a708f8fSGustavo F. Padovan l2cap_conn_start(conn); 25300a708f8fSGustavo F. Padovan } 25310a708f8fSGustavo F. Padovan 25320a708f8fSGustavo F. Padovan return 0; 25330a708f8fSGustavo F. Padovan } 25340a708f8fSGustavo F. Padovan 25350a708f8fSGustavo F. Padovan static inline int l2cap_connect_req(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u8 *data) 25360a708f8fSGustavo F. Padovan { 25370a708f8fSGustavo F. Padovan struct l2cap_conn_req *req = (struct l2cap_conn_req *) data; 25380a708f8fSGustavo F. Padovan struct l2cap_conn_rsp rsp; 253923691d75SGustavo F. Padovan struct l2cap_chan *chan = NULL, *pchan; 25400a708f8fSGustavo F. Padovan struct sock *parent, *sk = NULL; 25410a708f8fSGustavo F. Padovan int result, status = L2CAP_CS_NO_INFO; 25420a708f8fSGustavo F. Padovan 25430a708f8fSGustavo F. Padovan u16 dcid = 0, scid = __le16_to_cpu(req->scid); 25440a708f8fSGustavo F. Padovan __le16 psm = req->psm; 25450a708f8fSGustavo F. Padovan 25460a708f8fSGustavo F. Padovan BT_DBG("psm 0x%2.2x scid 0x%4.4x", psm, scid); 25470a708f8fSGustavo F. Padovan 25480a708f8fSGustavo F. Padovan /* Check if we have socket listening on psm */ 254923691d75SGustavo F. Padovan pchan = l2cap_global_chan_by_psm(BT_LISTEN, psm, conn->src); 255023691d75SGustavo F. Padovan if (!pchan) { 25510a708f8fSGustavo F. Padovan result = L2CAP_CR_BAD_PSM; 25520a708f8fSGustavo F. Padovan goto sendresp; 25530a708f8fSGustavo F. Padovan } 25540a708f8fSGustavo F. Padovan 255523691d75SGustavo F. Padovan parent = pchan->sk; 255623691d75SGustavo F. Padovan 25570a708f8fSGustavo F. Padovan bh_lock_sock(parent); 25580a708f8fSGustavo F. Padovan 25590a708f8fSGustavo F. Padovan /* Check if the ACL is secure enough (if not SDP) */ 25600a708f8fSGustavo F. Padovan if (psm != cpu_to_le16(0x0001) && 25610a708f8fSGustavo F. Padovan !hci_conn_check_link_mode(conn->hcon)) { 25629f5a0d7bSAndrei Emeltchenko conn->disc_reason = HCI_ERROR_AUTH_FAILURE; 25630a708f8fSGustavo F. Padovan result = L2CAP_CR_SEC_BLOCK; 25640a708f8fSGustavo F. Padovan goto response; 25650a708f8fSGustavo F. Padovan } 25660a708f8fSGustavo F. Padovan 25670a708f8fSGustavo F. Padovan result = L2CAP_CR_NO_MEM; 25680a708f8fSGustavo F. Padovan 25690a708f8fSGustavo F. Padovan /* Check for backlog size */ 25700a708f8fSGustavo F. Padovan if (sk_acceptq_is_full(parent)) { 25710a708f8fSGustavo F. Padovan BT_DBG("backlog full %d", parent->sk_ack_backlog); 25720a708f8fSGustavo F. Padovan goto response; 25730a708f8fSGustavo F. Padovan } 25740a708f8fSGustavo F. Padovan 257580808e43SGustavo F. Padovan chan = pchan->ops->new_connection(pchan->data); 257680808e43SGustavo F. Padovan if (!chan) 25770a708f8fSGustavo F. Padovan goto response; 25780a708f8fSGustavo F. Padovan 257980808e43SGustavo F. Padovan sk = chan->sk; 258080808e43SGustavo F. Padovan 2581baa7e1faSGustavo F. Padovan write_lock_bh(&conn->chan_lock); 25820a708f8fSGustavo F. Padovan 25830a708f8fSGustavo F. Padovan /* Check if we already have channel with that dcid */ 2584baa7e1faSGustavo F. Padovan if (__l2cap_get_chan_by_dcid(conn, scid)) { 2585baa7e1faSGustavo F. Padovan write_unlock_bh(&conn->chan_lock); 25860a708f8fSGustavo F. Padovan sock_set_flag(sk, SOCK_ZAPPED); 2587ba3bd0eeSGustavo F. Padovan chan->ops->close(chan->data); 25880a708f8fSGustavo F. Padovan goto response; 25890a708f8fSGustavo F. Padovan } 25900a708f8fSGustavo F. Padovan 25910a708f8fSGustavo F. Padovan hci_conn_hold(conn->hcon); 25920a708f8fSGustavo F. Padovan 25930a708f8fSGustavo F. Padovan bacpy(&bt_sk(sk)->src, conn->src); 25940a708f8fSGustavo F. Padovan bacpy(&bt_sk(sk)->dst, conn->dst); 2595fe4128e0SGustavo F. Padovan chan->psm = psm; 2596fe4128e0SGustavo F. Padovan chan->dcid = scid; 25970a708f8fSGustavo F. Padovan 2598d1010240SGustavo F. Padovan bt_accept_enqueue(parent, sk); 2599d1010240SGustavo F. Padovan 260048454079SGustavo F. Padovan __l2cap_chan_add(conn, chan); 260148454079SGustavo F. Padovan 2602fe4128e0SGustavo F. Padovan dcid = chan->scid; 26030a708f8fSGustavo F. Padovan 2604c9b66675SGustavo F. Padovan __set_chan_timer(chan, sk->sk_sndtimeo); 26050a708f8fSGustavo F. Padovan 2606fc7f8a7eSGustavo F. Padovan chan->ident = cmd->ident; 26070a708f8fSGustavo F. Padovan 26080a708f8fSGustavo F. Padovan if (conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_DONE) { 26094343478fSGustavo F. Padovan if (l2cap_check_security(chan)) { 26100a708f8fSGustavo F. Padovan if (bt_sk(sk)->defer_setup) { 261189bc500eSGustavo F. Padovan l2cap_state_change(chan, BT_CONNECT2); 26120a708f8fSGustavo F. Padovan result = L2CAP_CR_PEND; 26130a708f8fSGustavo F. Padovan status = L2CAP_CS_AUTHOR_PEND; 26140a708f8fSGustavo F. Padovan parent->sk_data_ready(parent, 0); 26150a708f8fSGustavo F. Padovan } else { 261689bc500eSGustavo F. Padovan l2cap_state_change(chan, BT_CONFIG); 26170a708f8fSGustavo F. Padovan result = L2CAP_CR_SUCCESS; 26180a708f8fSGustavo F. Padovan status = L2CAP_CS_NO_INFO; 26190a708f8fSGustavo F. Padovan } 26200a708f8fSGustavo F. Padovan } else { 262189bc500eSGustavo F. Padovan l2cap_state_change(chan, BT_CONNECT2); 26220a708f8fSGustavo F. Padovan result = L2CAP_CR_PEND; 26230a708f8fSGustavo F. Padovan status = L2CAP_CS_AUTHEN_PEND; 26240a708f8fSGustavo F. Padovan } 26250a708f8fSGustavo F. Padovan } else { 262689bc500eSGustavo F. Padovan l2cap_state_change(chan, BT_CONNECT2); 26270a708f8fSGustavo F. Padovan result = L2CAP_CR_PEND; 26280a708f8fSGustavo F. Padovan status = L2CAP_CS_NO_INFO; 26290a708f8fSGustavo F. Padovan } 26300a708f8fSGustavo F. Padovan 2631baa7e1faSGustavo F. Padovan write_unlock_bh(&conn->chan_lock); 26320a708f8fSGustavo F. Padovan 26330a708f8fSGustavo F. Padovan response: 26340a708f8fSGustavo F. Padovan bh_unlock_sock(parent); 26350a708f8fSGustavo F. Padovan 26360a708f8fSGustavo F. Padovan sendresp: 26370a708f8fSGustavo F. Padovan rsp.scid = cpu_to_le16(scid); 26380a708f8fSGustavo F. Padovan rsp.dcid = cpu_to_le16(dcid); 26390a708f8fSGustavo F. Padovan rsp.result = cpu_to_le16(result); 26400a708f8fSGustavo F. Padovan rsp.status = cpu_to_le16(status); 26410a708f8fSGustavo F. Padovan l2cap_send_cmd(conn, cmd->ident, L2CAP_CONN_RSP, sizeof(rsp), &rsp); 26420a708f8fSGustavo F. Padovan 26430a708f8fSGustavo F. Padovan if (result == L2CAP_CR_PEND && status == L2CAP_CS_NO_INFO) { 26440a708f8fSGustavo F. Padovan struct l2cap_info_req info; 26450a708f8fSGustavo F. Padovan info.type = cpu_to_le16(L2CAP_IT_FEAT_MASK); 26460a708f8fSGustavo F. Padovan 26470a708f8fSGustavo F. Padovan conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_SENT; 26480a708f8fSGustavo F. Padovan conn->info_ident = l2cap_get_ident(conn); 26490a708f8fSGustavo F. Padovan 26500a708f8fSGustavo F. Padovan mod_timer(&conn->info_timer, jiffies + 26510a708f8fSGustavo F. Padovan msecs_to_jiffies(L2CAP_INFO_TIMEOUT)); 26520a708f8fSGustavo F. Padovan 26530a708f8fSGustavo F. Padovan l2cap_send_cmd(conn, conn->info_ident, 26540a708f8fSGustavo F. Padovan L2CAP_INFO_REQ, sizeof(info), &info); 26550a708f8fSGustavo F. Padovan } 26560a708f8fSGustavo F. Padovan 2657c1360a1cSGustavo F. Padovan if (chan && !test_bit(CONF_REQ_SENT, &chan->conf_state) && 26580a708f8fSGustavo F. Padovan result == L2CAP_CR_SUCCESS) { 26590a708f8fSGustavo F. Padovan u8 buf[128]; 2660c1360a1cSGustavo F. Padovan set_bit(CONF_REQ_SENT, &chan->conf_state); 26610a708f8fSGustavo F. Padovan l2cap_send_cmd(conn, l2cap_get_ident(conn), L2CAP_CONF_REQ, 266273ffa904SGustavo F. Padovan l2cap_build_conf_req(chan, buf), buf); 266373ffa904SGustavo F. Padovan chan->num_conf_req++; 26640a708f8fSGustavo F. Padovan } 26650a708f8fSGustavo F. Padovan 26660a708f8fSGustavo F. Padovan return 0; 26670a708f8fSGustavo F. Padovan } 26680a708f8fSGustavo F. Padovan 26690a708f8fSGustavo F. Padovan static inline int l2cap_connect_rsp(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u8 *data) 26700a708f8fSGustavo F. Padovan { 26710a708f8fSGustavo F. Padovan struct l2cap_conn_rsp *rsp = (struct l2cap_conn_rsp *) data; 26720a708f8fSGustavo F. Padovan u16 scid, dcid, result, status; 267348454079SGustavo F. Padovan struct l2cap_chan *chan; 26740a708f8fSGustavo F. Padovan struct sock *sk; 26750a708f8fSGustavo F. Padovan u8 req[128]; 26760a708f8fSGustavo F. Padovan 26770a708f8fSGustavo F. Padovan scid = __le16_to_cpu(rsp->scid); 26780a708f8fSGustavo F. Padovan dcid = __le16_to_cpu(rsp->dcid); 26790a708f8fSGustavo F. Padovan result = __le16_to_cpu(rsp->result); 26800a708f8fSGustavo F. Padovan status = __le16_to_cpu(rsp->status); 26810a708f8fSGustavo F. Padovan 26820a708f8fSGustavo F. Padovan BT_DBG("dcid 0x%4.4x scid 0x%4.4x result 0x%2.2x status 0x%2.2x", dcid, scid, result, status); 26830a708f8fSGustavo F. Padovan 26840a708f8fSGustavo F. Padovan if (scid) { 2685baa7e1faSGustavo F. Padovan chan = l2cap_get_chan_by_scid(conn, scid); 268648454079SGustavo F. Padovan if (!chan) 26870a708f8fSGustavo F. Padovan return -EFAULT; 26880a708f8fSGustavo F. Padovan } else { 2689baa7e1faSGustavo F. Padovan chan = l2cap_get_chan_by_ident(conn, cmd->ident); 269048454079SGustavo F. Padovan if (!chan) 26910a708f8fSGustavo F. Padovan return -EFAULT; 26920a708f8fSGustavo F. Padovan } 26930a708f8fSGustavo F. Padovan 269448454079SGustavo F. Padovan sk = chan->sk; 269548454079SGustavo F. Padovan 26960a708f8fSGustavo F. Padovan switch (result) { 26970a708f8fSGustavo F. Padovan case L2CAP_CR_SUCCESS: 269889bc500eSGustavo F. Padovan l2cap_state_change(chan, BT_CONFIG); 2699fc7f8a7eSGustavo F. Padovan chan->ident = 0; 2700fe4128e0SGustavo F. Padovan chan->dcid = dcid; 2701c1360a1cSGustavo F. Padovan clear_bit(CONF_CONNECT_PEND, &chan->conf_state); 27020a708f8fSGustavo F. Padovan 2703c1360a1cSGustavo F. Padovan if (test_and_set_bit(CONF_REQ_SENT, &chan->conf_state)) 27040a708f8fSGustavo F. Padovan break; 27050a708f8fSGustavo F. Padovan 27060a708f8fSGustavo F. Padovan l2cap_send_cmd(conn, l2cap_get_ident(conn), L2CAP_CONF_REQ, 270773ffa904SGustavo F. Padovan l2cap_build_conf_req(chan, req), req); 270873ffa904SGustavo F. Padovan chan->num_conf_req++; 27090a708f8fSGustavo F. Padovan break; 27100a708f8fSGustavo F. Padovan 27110a708f8fSGustavo F. Padovan case L2CAP_CR_PEND: 2712c1360a1cSGustavo F. Padovan set_bit(CONF_CONNECT_PEND, &chan->conf_state); 27130a708f8fSGustavo F. Padovan break; 27140a708f8fSGustavo F. Padovan 27150a708f8fSGustavo F. Padovan default: 27160a708f8fSGustavo F. Padovan /* don't delete l2cap channel if sk is owned by user */ 27170a708f8fSGustavo F. Padovan if (sock_owned_by_user(sk)) { 271889bc500eSGustavo F. Padovan l2cap_state_change(chan, BT_DISCONN); 2719c9b66675SGustavo F. Padovan __clear_chan_timer(chan); 2720c9b66675SGustavo F. Padovan __set_chan_timer(chan, HZ / 5); 27210a708f8fSGustavo F. Padovan break; 27220a708f8fSGustavo F. Padovan } 27230a708f8fSGustavo F. Padovan 272448454079SGustavo F. Padovan l2cap_chan_del(chan, ECONNREFUSED); 27250a708f8fSGustavo F. Padovan break; 27260a708f8fSGustavo F. Padovan } 27270a708f8fSGustavo F. Padovan 27280a708f8fSGustavo F. Padovan bh_unlock_sock(sk); 27290a708f8fSGustavo F. Padovan return 0; 27300a708f8fSGustavo F. Padovan } 27310a708f8fSGustavo F. Padovan 273247d1ec61SGustavo F. Padovan static inline void set_default_fcs(struct l2cap_chan *chan) 27330a708f8fSGustavo F. Padovan { 27340a708f8fSGustavo F. Padovan /* FCS is enabled only in ERTM or streaming mode, if one or both 27350a708f8fSGustavo F. Padovan * sides request it. 27360a708f8fSGustavo F. Padovan */ 27370c1bc5c6SGustavo F. Padovan if (chan->mode != L2CAP_MODE_ERTM && chan->mode != L2CAP_MODE_STREAMING) 273847d1ec61SGustavo F. Padovan chan->fcs = L2CAP_FCS_NONE; 2739c1360a1cSGustavo F. Padovan else if (!test_bit(CONF_NO_FCS_RECV, &chan->conf_state)) 274047d1ec61SGustavo F. Padovan chan->fcs = L2CAP_FCS_CRC16; 27410a708f8fSGustavo F. Padovan } 27420a708f8fSGustavo F. Padovan 27430a708f8fSGustavo F. Padovan static inline int l2cap_config_req(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u16 cmd_len, u8 *data) 27440a708f8fSGustavo F. Padovan { 27450a708f8fSGustavo F. Padovan struct l2cap_conf_req *req = (struct l2cap_conf_req *) data; 27460a708f8fSGustavo F. Padovan u16 dcid, flags; 27470a708f8fSGustavo F. Padovan u8 rsp[64]; 274848454079SGustavo F. Padovan struct l2cap_chan *chan; 27490a708f8fSGustavo F. Padovan struct sock *sk; 27500a708f8fSGustavo F. Padovan int len; 27510a708f8fSGustavo F. Padovan 27520a708f8fSGustavo F. Padovan dcid = __le16_to_cpu(req->dcid); 27530a708f8fSGustavo F. Padovan flags = __le16_to_cpu(req->flags); 27540a708f8fSGustavo F. Padovan 27550a708f8fSGustavo F. Padovan BT_DBG("dcid 0x%4.4x flags 0x%2.2x", dcid, flags); 27560a708f8fSGustavo F. Padovan 2757baa7e1faSGustavo F. Padovan chan = l2cap_get_chan_by_scid(conn, dcid); 275848454079SGustavo F. Padovan if (!chan) 27590a708f8fSGustavo F. Padovan return -ENOENT; 27600a708f8fSGustavo F. Padovan 276148454079SGustavo F. Padovan sk = chan->sk; 276248454079SGustavo F. Padovan 2763033b1142SDavid S. Miller if (chan->state != BT_CONFIG && chan->state != BT_CONNECT2) { 2764e2fd318eSIlia Kolomisnky struct l2cap_cmd_rej_cid rej; 27650a708f8fSGustavo F. Padovan 2766e2fd318eSIlia Kolomisnky rej.reason = cpu_to_le16(L2CAP_REJ_INVALID_CID); 2767e2fd318eSIlia Kolomisnky rej.scid = cpu_to_le16(chan->scid); 2768e2fd318eSIlia Kolomisnky rej.dcid = cpu_to_le16(chan->dcid); 2769e2fd318eSIlia Kolomisnky 27700a708f8fSGustavo F. Padovan l2cap_send_cmd(conn, cmd->ident, L2CAP_COMMAND_REJ, 27710a708f8fSGustavo F. Padovan sizeof(rej), &rej); 27720a708f8fSGustavo F. Padovan goto unlock; 27730a708f8fSGustavo F. Padovan } 27740a708f8fSGustavo F. Padovan 27750a708f8fSGustavo F. Padovan /* Reject if config buffer is too small. */ 27760a708f8fSGustavo F. Padovan len = cmd_len - sizeof(*req); 27777ac28817SDan Rosenberg if (len < 0 || chan->conf_len + len > sizeof(chan->conf_req)) { 27780a708f8fSGustavo F. Padovan l2cap_send_cmd(conn, cmd->ident, L2CAP_CONF_RSP, 2779fe4128e0SGustavo F. Padovan l2cap_build_conf_rsp(chan, rsp, 27800a708f8fSGustavo F. Padovan L2CAP_CONF_REJECT, flags), rsp); 27810a708f8fSGustavo F. Padovan goto unlock; 27820a708f8fSGustavo F. Padovan } 27830a708f8fSGustavo F. Padovan 27840a708f8fSGustavo F. Padovan /* Store config. */ 278573ffa904SGustavo F. Padovan memcpy(chan->conf_req + chan->conf_len, req->data, len); 278673ffa904SGustavo F. Padovan chan->conf_len += len; 27870a708f8fSGustavo F. Padovan 27880a708f8fSGustavo F. Padovan if (flags & 0x0001) { 27890a708f8fSGustavo F. Padovan /* Incomplete config. Send empty response. */ 27900a708f8fSGustavo F. Padovan l2cap_send_cmd(conn, cmd->ident, L2CAP_CONF_RSP, 2791fe4128e0SGustavo F. Padovan l2cap_build_conf_rsp(chan, rsp, 27920a708f8fSGustavo F. Padovan L2CAP_CONF_SUCCESS, 0x0001), rsp); 27930a708f8fSGustavo F. Padovan goto unlock; 27940a708f8fSGustavo F. Padovan } 27950a708f8fSGustavo F. Padovan 27960a708f8fSGustavo F. Padovan /* Complete config. */ 279773ffa904SGustavo F. Padovan len = l2cap_parse_conf_req(chan, rsp); 27980a708f8fSGustavo F. Padovan if (len < 0) { 2799e92c8e70SGustavo F. Padovan l2cap_send_disconn_req(conn, chan, ECONNRESET); 28000a708f8fSGustavo F. Padovan goto unlock; 28010a708f8fSGustavo F. Padovan } 28020a708f8fSGustavo F. Padovan 28030a708f8fSGustavo F. Padovan l2cap_send_cmd(conn, cmd->ident, L2CAP_CONF_RSP, len, rsp); 280473ffa904SGustavo F. Padovan chan->num_conf_rsp++; 28050a708f8fSGustavo F. Padovan 28060a708f8fSGustavo F. Padovan /* Reset config buffer. */ 280773ffa904SGustavo F. Padovan chan->conf_len = 0; 28080a708f8fSGustavo F. Padovan 2809c1360a1cSGustavo F. Padovan if (!test_bit(CONF_OUTPUT_DONE, &chan->conf_state)) 28100a708f8fSGustavo F. Padovan goto unlock; 28110a708f8fSGustavo F. Padovan 2812c1360a1cSGustavo F. Padovan if (test_bit(CONF_INPUT_DONE, &chan->conf_state)) { 281347d1ec61SGustavo F. Padovan set_default_fcs(chan); 28140a708f8fSGustavo F. Padovan 281589bc500eSGustavo F. Padovan l2cap_state_change(chan, BT_CONNECTED); 28160a708f8fSGustavo F. Padovan 281742e5c802SGustavo F. Padovan chan->next_tx_seq = 0; 281842e5c802SGustavo F. Padovan chan->expected_tx_seq = 0; 281958d35f87SGustavo F. Padovan skb_queue_head_init(&chan->tx_q); 28200c1bc5c6SGustavo F. Padovan if (chan->mode == L2CAP_MODE_ERTM) 2821525cd185SGustavo F. Padovan l2cap_ertm_init(chan); 28220a708f8fSGustavo F. Padovan 28230a708f8fSGustavo F. Padovan l2cap_chan_ready(sk); 28240a708f8fSGustavo F. Padovan goto unlock; 28250a708f8fSGustavo F. Padovan } 28260a708f8fSGustavo F. Padovan 2827c1360a1cSGustavo F. Padovan if (!test_and_set_bit(CONF_REQ_SENT, &chan->conf_state)) { 28280a708f8fSGustavo F. Padovan u8 buf[64]; 28290a708f8fSGustavo F. Padovan l2cap_send_cmd(conn, l2cap_get_ident(conn), L2CAP_CONF_REQ, 283073ffa904SGustavo F. Padovan l2cap_build_conf_req(chan, buf), buf); 283173ffa904SGustavo F. Padovan chan->num_conf_req++; 28320a708f8fSGustavo F. Padovan } 28330a708f8fSGustavo F. Padovan 28340e8b207eSAndrei Emeltchenko /* Got Conf Rsp PENDING from remote side and asume we sent 28350e8b207eSAndrei Emeltchenko Conf Rsp PENDING in the code above */ 28360e8b207eSAndrei Emeltchenko if (test_bit(CONF_REM_CONF_PEND, &chan->conf_state) && 28370e8b207eSAndrei Emeltchenko test_bit(CONF_LOC_CONF_PEND, &chan->conf_state)) { 28380e8b207eSAndrei Emeltchenko 28390e8b207eSAndrei Emeltchenko /* check compatibility */ 28400e8b207eSAndrei Emeltchenko 28410e8b207eSAndrei Emeltchenko clear_bit(CONF_LOC_CONF_PEND, &chan->conf_state); 28420e8b207eSAndrei Emeltchenko set_bit(CONF_OUTPUT_DONE, &chan->conf_state); 28430e8b207eSAndrei Emeltchenko 28440e8b207eSAndrei Emeltchenko l2cap_send_cmd(conn, cmd->ident, L2CAP_CONF_RSP, 28450e8b207eSAndrei Emeltchenko l2cap_build_conf_rsp(chan, rsp, 28460e8b207eSAndrei Emeltchenko L2CAP_CONF_SUCCESS, 0x0000), rsp); 28470e8b207eSAndrei Emeltchenko } 28480e8b207eSAndrei Emeltchenko 28490a708f8fSGustavo F. Padovan unlock: 28500a708f8fSGustavo F. Padovan bh_unlock_sock(sk); 28510a708f8fSGustavo F. Padovan return 0; 28520a708f8fSGustavo F. Padovan } 28530a708f8fSGustavo F. Padovan 28540a708f8fSGustavo F. Padovan static inline int l2cap_config_rsp(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u8 *data) 28550a708f8fSGustavo F. Padovan { 28560a708f8fSGustavo F. Padovan struct l2cap_conf_rsp *rsp = (struct l2cap_conf_rsp *)data; 28570a708f8fSGustavo F. Padovan u16 scid, flags, result; 285848454079SGustavo F. Padovan struct l2cap_chan *chan; 28590a708f8fSGustavo F. Padovan struct sock *sk; 28600a708f8fSGustavo F. Padovan int len = cmd->len - sizeof(*rsp); 28610a708f8fSGustavo F. Padovan 28620a708f8fSGustavo F. Padovan scid = __le16_to_cpu(rsp->scid); 28630a708f8fSGustavo F. Padovan flags = __le16_to_cpu(rsp->flags); 28640a708f8fSGustavo F. Padovan result = __le16_to_cpu(rsp->result); 28650a708f8fSGustavo F. Padovan 28660a708f8fSGustavo F. Padovan BT_DBG("scid 0x%4.4x flags 0x%2.2x result 0x%2.2x", 28670a708f8fSGustavo F. Padovan scid, flags, result); 28680a708f8fSGustavo F. Padovan 2869baa7e1faSGustavo F. Padovan chan = l2cap_get_chan_by_scid(conn, scid); 287048454079SGustavo F. Padovan if (!chan) 28710a708f8fSGustavo F. Padovan return 0; 28720a708f8fSGustavo F. Padovan 287348454079SGustavo F. Padovan sk = chan->sk; 287448454079SGustavo F. Padovan 28750a708f8fSGustavo F. Padovan switch (result) { 28760a708f8fSGustavo F. Padovan case L2CAP_CONF_SUCCESS: 287747d1ec61SGustavo F. Padovan l2cap_conf_rfc_get(chan, rsp->data, len); 28780e8b207eSAndrei Emeltchenko clear_bit(CONF_REM_CONF_PEND, &chan->conf_state); 28790a708f8fSGustavo F. Padovan break; 28800a708f8fSGustavo F. Padovan 28810e8b207eSAndrei Emeltchenko case L2CAP_CONF_PENDING: 28820e8b207eSAndrei Emeltchenko set_bit(CONF_REM_CONF_PEND, &chan->conf_state); 28830e8b207eSAndrei Emeltchenko 28840e8b207eSAndrei Emeltchenko if (test_bit(CONF_LOC_CONF_PEND, &chan->conf_state)) { 28850e8b207eSAndrei Emeltchenko char buf[64]; 28860e8b207eSAndrei Emeltchenko 28870e8b207eSAndrei Emeltchenko len = l2cap_parse_conf_rsp(chan, rsp->data, len, 28880e8b207eSAndrei Emeltchenko buf, &result); 28890e8b207eSAndrei Emeltchenko if (len < 0) { 28900e8b207eSAndrei Emeltchenko l2cap_send_disconn_req(conn, chan, ECONNRESET); 28910e8b207eSAndrei Emeltchenko goto done; 28920e8b207eSAndrei Emeltchenko } 28930e8b207eSAndrei Emeltchenko 28940e8b207eSAndrei Emeltchenko /* check compatibility */ 28950e8b207eSAndrei Emeltchenko 28960e8b207eSAndrei Emeltchenko clear_bit(CONF_LOC_CONF_PEND, &chan->conf_state); 28970e8b207eSAndrei Emeltchenko set_bit(CONF_OUTPUT_DONE, &chan->conf_state); 28980e8b207eSAndrei Emeltchenko 28990e8b207eSAndrei Emeltchenko l2cap_send_cmd(conn, cmd->ident, L2CAP_CONF_RSP, 29000e8b207eSAndrei Emeltchenko l2cap_build_conf_rsp(chan, buf, 29010e8b207eSAndrei Emeltchenko L2CAP_CONF_SUCCESS, 0x0000), buf); 29020e8b207eSAndrei Emeltchenko } 29030e8b207eSAndrei Emeltchenko goto done; 29040e8b207eSAndrei Emeltchenko 29050a708f8fSGustavo F. Padovan case L2CAP_CONF_UNACCEPT: 290673ffa904SGustavo F. Padovan if (chan->num_conf_rsp <= L2CAP_CONF_MAX_CONF_RSP) { 29070a708f8fSGustavo F. Padovan char req[64]; 29080a708f8fSGustavo F. Padovan 29090a708f8fSGustavo F. Padovan if (len > sizeof(req) - sizeof(struct l2cap_conf_req)) { 2910e92c8e70SGustavo F. Padovan l2cap_send_disconn_req(conn, chan, ECONNRESET); 29110a708f8fSGustavo F. Padovan goto done; 29120a708f8fSGustavo F. Padovan } 29130a708f8fSGustavo F. Padovan 29140a708f8fSGustavo F. Padovan /* throw out any old stored conf requests */ 29150a708f8fSGustavo F. Padovan result = L2CAP_CONF_SUCCESS; 2916b4450035SGustavo F. Padovan len = l2cap_parse_conf_rsp(chan, rsp->data, len, 2917b4450035SGustavo F. Padovan req, &result); 29180a708f8fSGustavo F. Padovan if (len < 0) { 2919e92c8e70SGustavo F. Padovan l2cap_send_disconn_req(conn, chan, ECONNRESET); 29200a708f8fSGustavo F. Padovan goto done; 29210a708f8fSGustavo F. Padovan } 29220a708f8fSGustavo F. Padovan 29230a708f8fSGustavo F. Padovan l2cap_send_cmd(conn, l2cap_get_ident(conn), 29240a708f8fSGustavo F. Padovan L2CAP_CONF_REQ, len, req); 292573ffa904SGustavo F. Padovan chan->num_conf_req++; 29260a708f8fSGustavo F. Padovan if (result != L2CAP_CONF_SUCCESS) 29270a708f8fSGustavo F. Padovan goto done; 29280a708f8fSGustavo F. Padovan break; 29290a708f8fSGustavo F. Padovan } 29300a708f8fSGustavo F. Padovan 29310a708f8fSGustavo F. Padovan default: 29320a708f8fSGustavo F. Padovan sk->sk_err = ECONNRESET; 2933c9b66675SGustavo F. Padovan __set_chan_timer(chan, HZ * 5); 2934e92c8e70SGustavo F. Padovan l2cap_send_disconn_req(conn, chan, ECONNRESET); 29350a708f8fSGustavo F. Padovan goto done; 29360a708f8fSGustavo F. Padovan } 29370a708f8fSGustavo F. Padovan 29380a708f8fSGustavo F. Padovan if (flags & 0x01) 29390a708f8fSGustavo F. Padovan goto done; 29400a708f8fSGustavo F. Padovan 2941c1360a1cSGustavo F. Padovan set_bit(CONF_INPUT_DONE, &chan->conf_state); 29420a708f8fSGustavo F. Padovan 2943c1360a1cSGustavo F. Padovan if (test_bit(CONF_OUTPUT_DONE, &chan->conf_state)) { 294447d1ec61SGustavo F. Padovan set_default_fcs(chan); 29450a708f8fSGustavo F. Padovan 294689bc500eSGustavo F. Padovan l2cap_state_change(chan, BT_CONNECTED); 294742e5c802SGustavo F. Padovan chan->next_tx_seq = 0; 294842e5c802SGustavo F. Padovan chan->expected_tx_seq = 0; 294958d35f87SGustavo F. Padovan skb_queue_head_init(&chan->tx_q); 29500c1bc5c6SGustavo F. Padovan if (chan->mode == L2CAP_MODE_ERTM) 2951525cd185SGustavo F. Padovan l2cap_ertm_init(chan); 29520a708f8fSGustavo F. Padovan 29530a708f8fSGustavo F. Padovan l2cap_chan_ready(sk); 29540a708f8fSGustavo F. Padovan } 29550a708f8fSGustavo F. Padovan 29560a708f8fSGustavo F. Padovan done: 29570a708f8fSGustavo F. Padovan bh_unlock_sock(sk); 29580a708f8fSGustavo F. Padovan return 0; 29590a708f8fSGustavo F. Padovan } 29600a708f8fSGustavo F. Padovan 29610a708f8fSGustavo F. Padovan static inline int l2cap_disconnect_req(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u8 *data) 29620a708f8fSGustavo F. Padovan { 29630a708f8fSGustavo F. Padovan struct l2cap_disconn_req *req = (struct l2cap_disconn_req *) data; 29640a708f8fSGustavo F. Padovan struct l2cap_disconn_rsp rsp; 29650a708f8fSGustavo F. Padovan u16 dcid, scid; 296648454079SGustavo F. Padovan struct l2cap_chan *chan; 29670a708f8fSGustavo F. Padovan struct sock *sk; 29680a708f8fSGustavo F. Padovan 29690a708f8fSGustavo F. Padovan scid = __le16_to_cpu(req->scid); 29700a708f8fSGustavo F. Padovan dcid = __le16_to_cpu(req->dcid); 29710a708f8fSGustavo F. Padovan 29720a708f8fSGustavo F. Padovan BT_DBG("scid 0x%4.4x dcid 0x%4.4x", scid, dcid); 29730a708f8fSGustavo F. Padovan 2974baa7e1faSGustavo F. Padovan chan = l2cap_get_chan_by_scid(conn, dcid); 297548454079SGustavo F. Padovan if (!chan) 29760a708f8fSGustavo F. Padovan return 0; 29770a708f8fSGustavo F. Padovan 297848454079SGustavo F. Padovan sk = chan->sk; 297948454079SGustavo F. Padovan 2980fe4128e0SGustavo F. Padovan rsp.dcid = cpu_to_le16(chan->scid); 2981fe4128e0SGustavo F. Padovan rsp.scid = cpu_to_le16(chan->dcid); 29820a708f8fSGustavo F. Padovan l2cap_send_cmd(conn, cmd->ident, L2CAP_DISCONN_RSP, sizeof(rsp), &rsp); 29830a708f8fSGustavo F. Padovan 29840a708f8fSGustavo F. Padovan sk->sk_shutdown = SHUTDOWN_MASK; 29850a708f8fSGustavo F. Padovan 29860a708f8fSGustavo F. Padovan /* don't delete l2cap channel if sk is owned by user */ 29870a708f8fSGustavo F. Padovan if (sock_owned_by_user(sk)) { 298889bc500eSGustavo F. Padovan l2cap_state_change(chan, BT_DISCONN); 2989c9b66675SGustavo F. Padovan __clear_chan_timer(chan); 2990c9b66675SGustavo F. Padovan __set_chan_timer(chan, HZ / 5); 29910a708f8fSGustavo F. Padovan bh_unlock_sock(sk); 29920a708f8fSGustavo F. Padovan return 0; 29930a708f8fSGustavo F. Padovan } 29940a708f8fSGustavo F. Padovan 299548454079SGustavo F. Padovan l2cap_chan_del(chan, ECONNRESET); 29960a708f8fSGustavo F. Padovan bh_unlock_sock(sk); 29970a708f8fSGustavo F. Padovan 2998ba3bd0eeSGustavo F. Padovan chan->ops->close(chan->data); 29990a708f8fSGustavo F. Padovan return 0; 30000a708f8fSGustavo F. Padovan } 30010a708f8fSGustavo F. Padovan 30020a708f8fSGustavo F. Padovan static inline int l2cap_disconnect_rsp(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u8 *data) 30030a708f8fSGustavo F. Padovan { 30040a708f8fSGustavo F. Padovan struct l2cap_disconn_rsp *rsp = (struct l2cap_disconn_rsp *) data; 30050a708f8fSGustavo F. Padovan u16 dcid, scid; 300648454079SGustavo F. Padovan struct l2cap_chan *chan; 30070a708f8fSGustavo F. Padovan struct sock *sk; 30080a708f8fSGustavo F. Padovan 30090a708f8fSGustavo F. Padovan scid = __le16_to_cpu(rsp->scid); 30100a708f8fSGustavo F. Padovan dcid = __le16_to_cpu(rsp->dcid); 30110a708f8fSGustavo F. Padovan 30120a708f8fSGustavo F. Padovan BT_DBG("dcid 0x%4.4x scid 0x%4.4x", dcid, scid); 30130a708f8fSGustavo F. Padovan 3014baa7e1faSGustavo F. Padovan chan = l2cap_get_chan_by_scid(conn, scid); 301548454079SGustavo F. Padovan if (!chan) 30160a708f8fSGustavo F. Padovan return 0; 30170a708f8fSGustavo F. Padovan 301848454079SGustavo F. Padovan sk = chan->sk; 301948454079SGustavo F. Padovan 30200a708f8fSGustavo F. Padovan /* don't delete l2cap channel if sk is owned by user */ 30210a708f8fSGustavo F. Padovan if (sock_owned_by_user(sk)) { 302289bc500eSGustavo F. Padovan l2cap_state_change(chan,BT_DISCONN); 3023c9b66675SGustavo F. Padovan __clear_chan_timer(chan); 3024c9b66675SGustavo F. Padovan __set_chan_timer(chan, HZ / 5); 30250a708f8fSGustavo F. Padovan bh_unlock_sock(sk); 30260a708f8fSGustavo F. Padovan return 0; 30270a708f8fSGustavo F. Padovan } 30280a708f8fSGustavo F. Padovan 302948454079SGustavo F. Padovan l2cap_chan_del(chan, 0); 30300a708f8fSGustavo F. Padovan bh_unlock_sock(sk); 30310a708f8fSGustavo F. Padovan 3032ba3bd0eeSGustavo F. Padovan chan->ops->close(chan->data); 30330a708f8fSGustavo F. Padovan return 0; 30340a708f8fSGustavo F. Padovan } 30350a708f8fSGustavo F. Padovan 30360a708f8fSGustavo F. Padovan static inline int l2cap_information_req(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u8 *data) 30370a708f8fSGustavo F. Padovan { 30380a708f8fSGustavo F. Padovan struct l2cap_info_req *req = (struct l2cap_info_req *) data; 30390a708f8fSGustavo F. Padovan u16 type; 30400a708f8fSGustavo F. Padovan 30410a708f8fSGustavo F. Padovan type = __le16_to_cpu(req->type); 30420a708f8fSGustavo F. Padovan 30430a708f8fSGustavo F. Padovan BT_DBG("type 0x%4.4x", type); 30440a708f8fSGustavo F. Padovan 30450a708f8fSGustavo F. Padovan if (type == L2CAP_IT_FEAT_MASK) { 30460a708f8fSGustavo F. Padovan u8 buf[8]; 30470a708f8fSGustavo F. Padovan u32 feat_mask = l2cap_feat_mask; 30480a708f8fSGustavo F. Padovan struct l2cap_info_rsp *rsp = (struct l2cap_info_rsp *) buf; 30490a708f8fSGustavo F. Padovan rsp->type = cpu_to_le16(L2CAP_IT_FEAT_MASK); 30500a708f8fSGustavo F. Padovan rsp->result = cpu_to_le16(L2CAP_IR_SUCCESS); 30510a708f8fSGustavo F. Padovan if (!disable_ertm) 30520a708f8fSGustavo F. Padovan feat_mask |= L2CAP_FEAT_ERTM | L2CAP_FEAT_STREAMING 30530a708f8fSGustavo F. Padovan | L2CAP_FEAT_FCS; 3054a5fd6f30SAndrei Emeltchenko if (enable_hs) 30556327eb98SAndrei Emeltchenko feat_mask |= L2CAP_FEAT_EXT_FLOW 30566327eb98SAndrei Emeltchenko | L2CAP_FEAT_EXT_WINDOW; 3057a5fd6f30SAndrei Emeltchenko 30580a708f8fSGustavo F. Padovan put_unaligned_le32(feat_mask, rsp->data); 30590a708f8fSGustavo F. Padovan l2cap_send_cmd(conn, cmd->ident, 30600a708f8fSGustavo F. Padovan L2CAP_INFO_RSP, sizeof(buf), buf); 30610a708f8fSGustavo F. Padovan } else if (type == L2CAP_IT_FIXED_CHAN) { 30620a708f8fSGustavo F. Padovan u8 buf[12]; 30630a708f8fSGustavo F. Padovan struct l2cap_info_rsp *rsp = (struct l2cap_info_rsp *) buf; 306450a147cdSMat Martineau 306550a147cdSMat Martineau if (enable_hs) 306650a147cdSMat Martineau l2cap_fixed_chan[0] |= L2CAP_FC_A2MP; 306750a147cdSMat Martineau else 306850a147cdSMat Martineau l2cap_fixed_chan[0] &= ~L2CAP_FC_A2MP; 306950a147cdSMat Martineau 30700a708f8fSGustavo F. Padovan rsp->type = cpu_to_le16(L2CAP_IT_FIXED_CHAN); 30710a708f8fSGustavo F. Padovan rsp->result = cpu_to_le16(L2CAP_IR_SUCCESS); 3072c6337ea6SAndrei Emeltchenko memcpy(rsp->data, l2cap_fixed_chan, sizeof(l2cap_fixed_chan)); 30730a708f8fSGustavo F. Padovan l2cap_send_cmd(conn, cmd->ident, 30740a708f8fSGustavo F. Padovan L2CAP_INFO_RSP, sizeof(buf), buf); 30750a708f8fSGustavo F. Padovan } else { 30760a708f8fSGustavo F. Padovan struct l2cap_info_rsp rsp; 30770a708f8fSGustavo F. Padovan rsp.type = cpu_to_le16(type); 30780a708f8fSGustavo F. Padovan rsp.result = cpu_to_le16(L2CAP_IR_NOTSUPP); 30790a708f8fSGustavo F. Padovan l2cap_send_cmd(conn, cmd->ident, 30800a708f8fSGustavo F. Padovan L2CAP_INFO_RSP, sizeof(rsp), &rsp); 30810a708f8fSGustavo F. Padovan } 30820a708f8fSGustavo F. Padovan 30830a708f8fSGustavo F. Padovan return 0; 30840a708f8fSGustavo F. Padovan } 30850a708f8fSGustavo F. Padovan 30860a708f8fSGustavo F. Padovan static inline int l2cap_information_rsp(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u8 *data) 30870a708f8fSGustavo F. Padovan { 30880a708f8fSGustavo F. Padovan struct l2cap_info_rsp *rsp = (struct l2cap_info_rsp *) data; 30890a708f8fSGustavo F. Padovan u16 type, result; 30900a708f8fSGustavo F. Padovan 30910a708f8fSGustavo F. Padovan type = __le16_to_cpu(rsp->type); 30920a708f8fSGustavo F. Padovan result = __le16_to_cpu(rsp->result); 30930a708f8fSGustavo F. Padovan 30940a708f8fSGustavo F. Padovan BT_DBG("type 0x%4.4x result 0x%2.2x", type, result); 30950a708f8fSGustavo F. Padovan 3096e90165beSAndrei Emeltchenko /* L2CAP Info req/rsp are unbound to channels, add extra checks */ 3097e90165beSAndrei Emeltchenko if (cmd->ident != conn->info_ident || 3098e90165beSAndrei Emeltchenko conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_DONE) 3099e90165beSAndrei Emeltchenko return 0; 3100e90165beSAndrei Emeltchenko 31010a708f8fSGustavo F. Padovan del_timer(&conn->info_timer); 31020a708f8fSGustavo F. Padovan 31030a708f8fSGustavo F. Padovan if (result != L2CAP_IR_SUCCESS) { 31040a708f8fSGustavo F. Padovan conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_DONE; 31050a708f8fSGustavo F. Padovan conn->info_ident = 0; 31060a708f8fSGustavo F. Padovan 31070a708f8fSGustavo F. Padovan l2cap_conn_start(conn); 31080a708f8fSGustavo F. Padovan 31090a708f8fSGustavo F. Padovan return 0; 31100a708f8fSGustavo F. Padovan } 31110a708f8fSGustavo F. Padovan 31120a708f8fSGustavo F. Padovan if (type == L2CAP_IT_FEAT_MASK) { 31130a708f8fSGustavo F. Padovan conn->feat_mask = get_unaligned_le32(rsp->data); 31140a708f8fSGustavo F. Padovan 31150a708f8fSGustavo F. Padovan if (conn->feat_mask & L2CAP_FEAT_FIXED_CHAN) { 31160a708f8fSGustavo F. Padovan struct l2cap_info_req req; 31170a708f8fSGustavo F. Padovan req.type = cpu_to_le16(L2CAP_IT_FIXED_CHAN); 31180a708f8fSGustavo F. Padovan 31190a708f8fSGustavo F. Padovan conn->info_ident = l2cap_get_ident(conn); 31200a708f8fSGustavo F. Padovan 31210a708f8fSGustavo F. Padovan l2cap_send_cmd(conn, conn->info_ident, 31220a708f8fSGustavo F. Padovan L2CAP_INFO_REQ, sizeof(req), &req); 31230a708f8fSGustavo F. Padovan } else { 31240a708f8fSGustavo F. Padovan conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_DONE; 31250a708f8fSGustavo F. Padovan conn->info_ident = 0; 31260a708f8fSGustavo F. Padovan 31270a708f8fSGustavo F. Padovan l2cap_conn_start(conn); 31280a708f8fSGustavo F. Padovan } 31290a708f8fSGustavo F. Padovan } else if (type == L2CAP_IT_FIXED_CHAN) { 31300a708f8fSGustavo F. Padovan conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_DONE; 31310a708f8fSGustavo F. Padovan conn->info_ident = 0; 31320a708f8fSGustavo F. Padovan 31330a708f8fSGustavo F. Padovan l2cap_conn_start(conn); 31340a708f8fSGustavo F. Padovan } 31350a708f8fSGustavo F. Padovan 31360a708f8fSGustavo F. Padovan return 0; 31370a708f8fSGustavo F. Padovan } 31380a708f8fSGustavo F. Padovan 3139f94ff6ffSMat Martineau static inline int l2cap_create_channel_req(struct l2cap_conn *conn, 3140f94ff6ffSMat Martineau struct l2cap_cmd_hdr *cmd, u16 cmd_len, 3141f94ff6ffSMat Martineau void *data) 3142f94ff6ffSMat Martineau { 3143f94ff6ffSMat Martineau struct l2cap_create_chan_req *req = data; 3144f94ff6ffSMat Martineau struct l2cap_create_chan_rsp rsp; 3145f94ff6ffSMat Martineau u16 psm, scid; 3146f94ff6ffSMat Martineau 3147f94ff6ffSMat Martineau if (cmd_len != sizeof(*req)) 3148f94ff6ffSMat Martineau return -EPROTO; 3149f94ff6ffSMat Martineau 3150f94ff6ffSMat Martineau if (!enable_hs) 3151f94ff6ffSMat Martineau return -EINVAL; 3152f94ff6ffSMat Martineau 3153f94ff6ffSMat Martineau psm = le16_to_cpu(req->psm); 3154f94ff6ffSMat Martineau scid = le16_to_cpu(req->scid); 3155f94ff6ffSMat Martineau 3156f94ff6ffSMat Martineau BT_DBG("psm %d, scid %d, amp_id %d", psm, scid, req->amp_id); 3157f94ff6ffSMat Martineau 3158f94ff6ffSMat Martineau /* Placeholder: Always reject */ 3159f94ff6ffSMat Martineau rsp.dcid = 0; 3160f94ff6ffSMat Martineau rsp.scid = cpu_to_le16(scid); 3161f94ff6ffSMat Martineau rsp.result = L2CAP_CR_NO_MEM; 3162f94ff6ffSMat Martineau rsp.status = L2CAP_CS_NO_INFO; 3163f94ff6ffSMat Martineau 3164f94ff6ffSMat Martineau l2cap_send_cmd(conn, cmd->ident, L2CAP_CREATE_CHAN_RSP, 3165f94ff6ffSMat Martineau sizeof(rsp), &rsp); 3166f94ff6ffSMat Martineau 3167f94ff6ffSMat Martineau return 0; 3168f94ff6ffSMat Martineau } 3169f94ff6ffSMat Martineau 3170f94ff6ffSMat Martineau static inline int l2cap_create_channel_rsp(struct l2cap_conn *conn, 3171f94ff6ffSMat Martineau struct l2cap_cmd_hdr *cmd, void *data) 3172f94ff6ffSMat Martineau { 3173f94ff6ffSMat Martineau BT_DBG("conn %p", conn); 3174f94ff6ffSMat Martineau 3175f94ff6ffSMat Martineau return l2cap_connect_rsp(conn, cmd, data); 3176f94ff6ffSMat Martineau } 3177f94ff6ffSMat Martineau 31788d5a04a1SMat Martineau static void l2cap_send_move_chan_rsp(struct l2cap_conn *conn, u8 ident, 31798d5a04a1SMat Martineau u16 icid, u16 result) 31808d5a04a1SMat Martineau { 31818d5a04a1SMat Martineau struct l2cap_move_chan_rsp rsp; 31828d5a04a1SMat Martineau 31838d5a04a1SMat Martineau BT_DBG("icid %d, result %d", icid, result); 31848d5a04a1SMat Martineau 31858d5a04a1SMat Martineau rsp.icid = cpu_to_le16(icid); 31868d5a04a1SMat Martineau rsp.result = cpu_to_le16(result); 31878d5a04a1SMat Martineau 31888d5a04a1SMat Martineau l2cap_send_cmd(conn, ident, L2CAP_MOVE_CHAN_RSP, sizeof(rsp), &rsp); 31898d5a04a1SMat Martineau } 31908d5a04a1SMat Martineau 31918d5a04a1SMat Martineau static void l2cap_send_move_chan_cfm(struct l2cap_conn *conn, 31928d5a04a1SMat Martineau struct l2cap_chan *chan, u16 icid, u16 result) 31938d5a04a1SMat Martineau { 31948d5a04a1SMat Martineau struct l2cap_move_chan_cfm cfm; 31958d5a04a1SMat Martineau u8 ident; 31968d5a04a1SMat Martineau 31978d5a04a1SMat Martineau BT_DBG("icid %d, result %d", icid, result); 31988d5a04a1SMat Martineau 31998d5a04a1SMat Martineau ident = l2cap_get_ident(conn); 32008d5a04a1SMat Martineau if (chan) 32018d5a04a1SMat Martineau chan->ident = ident; 32028d5a04a1SMat Martineau 32038d5a04a1SMat Martineau cfm.icid = cpu_to_le16(icid); 32048d5a04a1SMat Martineau cfm.result = cpu_to_le16(result); 32058d5a04a1SMat Martineau 32068d5a04a1SMat Martineau l2cap_send_cmd(conn, ident, L2CAP_MOVE_CHAN_CFM, sizeof(cfm), &cfm); 32078d5a04a1SMat Martineau } 32088d5a04a1SMat Martineau 32098d5a04a1SMat Martineau static void l2cap_send_move_chan_cfm_rsp(struct l2cap_conn *conn, u8 ident, 32108d5a04a1SMat Martineau u16 icid) 32118d5a04a1SMat Martineau { 32128d5a04a1SMat Martineau struct l2cap_move_chan_cfm_rsp rsp; 32138d5a04a1SMat Martineau 32148d5a04a1SMat Martineau BT_DBG("icid %d", icid); 32158d5a04a1SMat Martineau 32168d5a04a1SMat Martineau rsp.icid = cpu_to_le16(icid); 32178d5a04a1SMat Martineau l2cap_send_cmd(conn, ident, L2CAP_MOVE_CHAN_CFM_RSP, sizeof(rsp), &rsp); 32188d5a04a1SMat Martineau } 32198d5a04a1SMat Martineau 32208d5a04a1SMat Martineau static inline int l2cap_move_channel_req(struct l2cap_conn *conn, 32218d5a04a1SMat Martineau struct l2cap_cmd_hdr *cmd, u16 cmd_len, void *data) 32228d5a04a1SMat Martineau { 32238d5a04a1SMat Martineau struct l2cap_move_chan_req *req = data; 32248d5a04a1SMat Martineau u16 icid = 0; 32258d5a04a1SMat Martineau u16 result = L2CAP_MR_NOT_ALLOWED; 32268d5a04a1SMat Martineau 32278d5a04a1SMat Martineau if (cmd_len != sizeof(*req)) 32288d5a04a1SMat Martineau return -EPROTO; 32298d5a04a1SMat Martineau 32308d5a04a1SMat Martineau icid = le16_to_cpu(req->icid); 32318d5a04a1SMat Martineau 32328d5a04a1SMat Martineau BT_DBG("icid %d, dest_amp_id %d", icid, req->dest_amp_id); 32338d5a04a1SMat Martineau 32348d5a04a1SMat Martineau if (!enable_hs) 32358d5a04a1SMat Martineau return -EINVAL; 32368d5a04a1SMat Martineau 32378d5a04a1SMat Martineau /* Placeholder: Always refuse */ 32388d5a04a1SMat Martineau l2cap_send_move_chan_rsp(conn, cmd->ident, icid, result); 32398d5a04a1SMat Martineau 32408d5a04a1SMat Martineau return 0; 32418d5a04a1SMat Martineau } 32428d5a04a1SMat Martineau 32438d5a04a1SMat Martineau static inline int l2cap_move_channel_rsp(struct l2cap_conn *conn, 32448d5a04a1SMat Martineau struct l2cap_cmd_hdr *cmd, u16 cmd_len, void *data) 32458d5a04a1SMat Martineau { 32468d5a04a1SMat Martineau struct l2cap_move_chan_rsp *rsp = data; 32478d5a04a1SMat Martineau u16 icid, result; 32488d5a04a1SMat Martineau 32498d5a04a1SMat Martineau if (cmd_len != sizeof(*rsp)) 32508d5a04a1SMat Martineau return -EPROTO; 32518d5a04a1SMat Martineau 32528d5a04a1SMat Martineau icid = le16_to_cpu(rsp->icid); 32538d5a04a1SMat Martineau result = le16_to_cpu(rsp->result); 32548d5a04a1SMat Martineau 32558d5a04a1SMat Martineau BT_DBG("icid %d, result %d", icid, result); 32568d5a04a1SMat Martineau 32578d5a04a1SMat Martineau /* Placeholder: Always unconfirmed */ 32588d5a04a1SMat Martineau l2cap_send_move_chan_cfm(conn, NULL, icid, L2CAP_MC_UNCONFIRMED); 32598d5a04a1SMat Martineau 32608d5a04a1SMat Martineau return 0; 32618d5a04a1SMat Martineau } 32628d5a04a1SMat Martineau 32638d5a04a1SMat Martineau static inline int l2cap_move_channel_confirm(struct l2cap_conn *conn, 32648d5a04a1SMat Martineau struct l2cap_cmd_hdr *cmd, u16 cmd_len, void *data) 32658d5a04a1SMat Martineau { 32668d5a04a1SMat Martineau struct l2cap_move_chan_cfm *cfm = data; 32678d5a04a1SMat Martineau u16 icid, result; 32688d5a04a1SMat Martineau 32698d5a04a1SMat Martineau if (cmd_len != sizeof(*cfm)) 32708d5a04a1SMat Martineau return -EPROTO; 32718d5a04a1SMat Martineau 32728d5a04a1SMat Martineau icid = le16_to_cpu(cfm->icid); 32738d5a04a1SMat Martineau result = le16_to_cpu(cfm->result); 32748d5a04a1SMat Martineau 32758d5a04a1SMat Martineau BT_DBG("icid %d, result %d", icid, result); 32768d5a04a1SMat Martineau 32778d5a04a1SMat Martineau l2cap_send_move_chan_cfm_rsp(conn, cmd->ident, icid); 32788d5a04a1SMat Martineau 32798d5a04a1SMat Martineau return 0; 32808d5a04a1SMat Martineau } 32818d5a04a1SMat Martineau 32828d5a04a1SMat Martineau static inline int l2cap_move_channel_confirm_rsp(struct l2cap_conn *conn, 32838d5a04a1SMat Martineau struct l2cap_cmd_hdr *cmd, u16 cmd_len, void *data) 32848d5a04a1SMat Martineau { 32858d5a04a1SMat Martineau struct l2cap_move_chan_cfm_rsp *rsp = data; 32868d5a04a1SMat Martineau u16 icid; 32878d5a04a1SMat Martineau 32888d5a04a1SMat Martineau if (cmd_len != sizeof(*rsp)) 32898d5a04a1SMat Martineau return -EPROTO; 32908d5a04a1SMat Martineau 32918d5a04a1SMat Martineau icid = le16_to_cpu(rsp->icid); 32928d5a04a1SMat Martineau 32938d5a04a1SMat Martineau BT_DBG("icid %d", icid); 32948d5a04a1SMat Martineau 32958d5a04a1SMat Martineau return 0; 32968d5a04a1SMat Martineau } 32978d5a04a1SMat Martineau 3298e2174ca4SGustavo F. Padovan static inline int l2cap_check_conn_param(u16 min, u16 max, u16 latency, 3299de73115aSClaudio Takahasi u16 to_multiplier) 3300de73115aSClaudio Takahasi { 3301de73115aSClaudio Takahasi u16 max_latency; 3302de73115aSClaudio Takahasi 3303de73115aSClaudio Takahasi if (min > max || min < 6 || max > 3200) 3304de73115aSClaudio Takahasi return -EINVAL; 3305de73115aSClaudio Takahasi 3306de73115aSClaudio Takahasi if (to_multiplier < 10 || to_multiplier > 3200) 3307de73115aSClaudio Takahasi return -EINVAL; 3308de73115aSClaudio Takahasi 3309de73115aSClaudio Takahasi if (max >= to_multiplier * 8) 3310de73115aSClaudio Takahasi return -EINVAL; 3311de73115aSClaudio Takahasi 3312de73115aSClaudio Takahasi max_latency = (to_multiplier * 8 / max) - 1; 3313de73115aSClaudio Takahasi if (latency > 499 || latency > max_latency) 3314de73115aSClaudio Takahasi return -EINVAL; 3315de73115aSClaudio Takahasi 3316de73115aSClaudio Takahasi return 0; 3317de73115aSClaudio Takahasi } 3318de73115aSClaudio Takahasi 3319de73115aSClaudio Takahasi static inline int l2cap_conn_param_update_req(struct l2cap_conn *conn, 3320de73115aSClaudio Takahasi struct l2cap_cmd_hdr *cmd, u8 *data) 3321de73115aSClaudio Takahasi { 3322de73115aSClaudio Takahasi struct hci_conn *hcon = conn->hcon; 3323de73115aSClaudio Takahasi struct l2cap_conn_param_update_req *req; 3324de73115aSClaudio Takahasi struct l2cap_conn_param_update_rsp rsp; 3325de73115aSClaudio Takahasi u16 min, max, latency, to_multiplier, cmd_len; 33262ce603ebSClaudio Takahasi int err; 3327de73115aSClaudio Takahasi 3328de73115aSClaudio Takahasi if (!(hcon->link_mode & HCI_LM_MASTER)) 3329de73115aSClaudio Takahasi return -EINVAL; 3330de73115aSClaudio Takahasi 3331de73115aSClaudio Takahasi cmd_len = __le16_to_cpu(cmd->len); 3332de73115aSClaudio Takahasi if (cmd_len != sizeof(struct l2cap_conn_param_update_req)) 3333de73115aSClaudio Takahasi return -EPROTO; 3334de73115aSClaudio Takahasi 3335de73115aSClaudio Takahasi req = (struct l2cap_conn_param_update_req *) data; 3336de73115aSClaudio Takahasi min = __le16_to_cpu(req->min); 3337de73115aSClaudio Takahasi max = __le16_to_cpu(req->max); 3338de73115aSClaudio Takahasi latency = __le16_to_cpu(req->latency); 3339de73115aSClaudio Takahasi to_multiplier = __le16_to_cpu(req->to_multiplier); 3340de73115aSClaudio Takahasi 3341de73115aSClaudio Takahasi BT_DBG("min 0x%4.4x max 0x%4.4x latency: 0x%4.4x Timeout: 0x%4.4x", 3342de73115aSClaudio Takahasi min, max, latency, to_multiplier); 3343de73115aSClaudio Takahasi 3344de73115aSClaudio Takahasi memset(&rsp, 0, sizeof(rsp)); 33452ce603ebSClaudio Takahasi 33462ce603ebSClaudio Takahasi err = l2cap_check_conn_param(min, max, latency, to_multiplier); 33472ce603ebSClaudio Takahasi if (err) 3348de73115aSClaudio Takahasi rsp.result = cpu_to_le16(L2CAP_CONN_PARAM_REJECTED); 3349de73115aSClaudio Takahasi else 3350de73115aSClaudio Takahasi rsp.result = cpu_to_le16(L2CAP_CONN_PARAM_ACCEPTED); 3351de73115aSClaudio Takahasi 3352de73115aSClaudio Takahasi l2cap_send_cmd(conn, cmd->ident, L2CAP_CONN_PARAM_UPDATE_RSP, 3353de73115aSClaudio Takahasi sizeof(rsp), &rsp); 3354de73115aSClaudio Takahasi 33552ce603ebSClaudio Takahasi if (!err) 33562ce603ebSClaudio Takahasi hci_le_conn_update(hcon, min, max, latency, to_multiplier); 33572ce603ebSClaudio Takahasi 3358de73115aSClaudio Takahasi return 0; 3359de73115aSClaudio Takahasi } 3360de73115aSClaudio Takahasi 33613300d9a9SClaudio Takahasi static inline int l2cap_bredr_sig_cmd(struct l2cap_conn *conn, 33623300d9a9SClaudio Takahasi struct l2cap_cmd_hdr *cmd, u16 cmd_len, u8 *data) 33633300d9a9SClaudio Takahasi { 33643300d9a9SClaudio Takahasi int err = 0; 33653300d9a9SClaudio Takahasi 33663300d9a9SClaudio Takahasi switch (cmd->code) { 33673300d9a9SClaudio Takahasi case L2CAP_COMMAND_REJ: 33683300d9a9SClaudio Takahasi l2cap_command_rej(conn, cmd, data); 33693300d9a9SClaudio Takahasi break; 33703300d9a9SClaudio Takahasi 33713300d9a9SClaudio Takahasi case L2CAP_CONN_REQ: 33723300d9a9SClaudio Takahasi err = l2cap_connect_req(conn, cmd, data); 33733300d9a9SClaudio Takahasi break; 33743300d9a9SClaudio Takahasi 33753300d9a9SClaudio Takahasi case L2CAP_CONN_RSP: 33763300d9a9SClaudio Takahasi err = l2cap_connect_rsp(conn, cmd, data); 33773300d9a9SClaudio Takahasi break; 33783300d9a9SClaudio Takahasi 33793300d9a9SClaudio Takahasi case L2CAP_CONF_REQ: 33803300d9a9SClaudio Takahasi err = l2cap_config_req(conn, cmd, cmd_len, data); 33813300d9a9SClaudio Takahasi break; 33823300d9a9SClaudio Takahasi 33833300d9a9SClaudio Takahasi case L2CAP_CONF_RSP: 33843300d9a9SClaudio Takahasi err = l2cap_config_rsp(conn, cmd, data); 33853300d9a9SClaudio Takahasi break; 33863300d9a9SClaudio Takahasi 33873300d9a9SClaudio Takahasi case L2CAP_DISCONN_REQ: 33883300d9a9SClaudio Takahasi err = l2cap_disconnect_req(conn, cmd, data); 33893300d9a9SClaudio Takahasi break; 33903300d9a9SClaudio Takahasi 33913300d9a9SClaudio Takahasi case L2CAP_DISCONN_RSP: 33923300d9a9SClaudio Takahasi err = l2cap_disconnect_rsp(conn, cmd, data); 33933300d9a9SClaudio Takahasi break; 33943300d9a9SClaudio Takahasi 33953300d9a9SClaudio Takahasi case L2CAP_ECHO_REQ: 33963300d9a9SClaudio Takahasi l2cap_send_cmd(conn, cmd->ident, L2CAP_ECHO_RSP, cmd_len, data); 33973300d9a9SClaudio Takahasi break; 33983300d9a9SClaudio Takahasi 33993300d9a9SClaudio Takahasi case L2CAP_ECHO_RSP: 34003300d9a9SClaudio Takahasi break; 34013300d9a9SClaudio Takahasi 34023300d9a9SClaudio Takahasi case L2CAP_INFO_REQ: 34033300d9a9SClaudio Takahasi err = l2cap_information_req(conn, cmd, data); 34043300d9a9SClaudio Takahasi break; 34053300d9a9SClaudio Takahasi 34063300d9a9SClaudio Takahasi case L2CAP_INFO_RSP: 34073300d9a9SClaudio Takahasi err = l2cap_information_rsp(conn, cmd, data); 34083300d9a9SClaudio Takahasi break; 34093300d9a9SClaudio Takahasi 3410f94ff6ffSMat Martineau case L2CAP_CREATE_CHAN_REQ: 3411f94ff6ffSMat Martineau err = l2cap_create_channel_req(conn, cmd, cmd_len, data); 3412f94ff6ffSMat Martineau break; 3413f94ff6ffSMat Martineau 3414f94ff6ffSMat Martineau case L2CAP_CREATE_CHAN_RSP: 3415f94ff6ffSMat Martineau err = l2cap_create_channel_rsp(conn, cmd, data); 3416f94ff6ffSMat Martineau break; 3417f94ff6ffSMat Martineau 34188d5a04a1SMat Martineau case L2CAP_MOVE_CHAN_REQ: 34198d5a04a1SMat Martineau err = l2cap_move_channel_req(conn, cmd, cmd_len, data); 34208d5a04a1SMat Martineau break; 34218d5a04a1SMat Martineau 34228d5a04a1SMat Martineau case L2CAP_MOVE_CHAN_RSP: 34238d5a04a1SMat Martineau err = l2cap_move_channel_rsp(conn, cmd, cmd_len, data); 34248d5a04a1SMat Martineau break; 34258d5a04a1SMat Martineau 34268d5a04a1SMat Martineau case L2CAP_MOVE_CHAN_CFM: 34278d5a04a1SMat Martineau err = l2cap_move_channel_confirm(conn, cmd, cmd_len, data); 34288d5a04a1SMat Martineau break; 34298d5a04a1SMat Martineau 34308d5a04a1SMat Martineau case L2CAP_MOVE_CHAN_CFM_RSP: 34318d5a04a1SMat Martineau err = l2cap_move_channel_confirm_rsp(conn, cmd, cmd_len, data); 34328d5a04a1SMat Martineau break; 34338d5a04a1SMat Martineau 34343300d9a9SClaudio Takahasi default: 34353300d9a9SClaudio Takahasi BT_ERR("Unknown BR/EDR signaling command 0x%2.2x", cmd->code); 34363300d9a9SClaudio Takahasi err = -EINVAL; 34373300d9a9SClaudio Takahasi break; 34383300d9a9SClaudio Takahasi } 34393300d9a9SClaudio Takahasi 34403300d9a9SClaudio Takahasi return err; 34413300d9a9SClaudio Takahasi } 34423300d9a9SClaudio Takahasi 34433300d9a9SClaudio Takahasi static inline int l2cap_le_sig_cmd(struct l2cap_conn *conn, 34443300d9a9SClaudio Takahasi struct l2cap_cmd_hdr *cmd, u8 *data) 34453300d9a9SClaudio Takahasi { 34463300d9a9SClaudio Takahasi switch (cmd->code) { 34473300d9a9SClaudio Takahasi case L2CAP_COMMAND_REJ: 34483300d9a9SClaudio Takahasi return 0; 34493300d9a9SClaudio Takahasi 34503300d9a9SClaudio Takahasi case L2CAP_CONN_PARAM_UPDATE_REQ: 3451de73115aSClaudio Takahasi return l2cap_conn_param_update_req(conn, cmd, data); 34523300d9a9SClaudio Takahasi 34533300d9a9SClaudio Takahasi case L2CAP_CONN_PARAM_UPDATE_RSP: 34543300d9a9SClaudio Takahasi return 0; 34553300d9a9SClaudio Takahasi 34563300d9a9SClaudio Takahasi default: 34573300d9a9SClaudio Takahasi BT_ERR("Unknown LE signaling command 0x%2.2x", cmd->code); 34583300d9a9SClaudio Takahasi return -EINVAL; 34593300d9a9SClaudio Takahasi } 34603300d9a9SClaudio Takahasi } 34613300d9a9SClaudio Takahasi 34623300d9a9SClaudio Takahasi static inline void l2cap_sig_channel(struct l2cap_conn *conn, 34633300d9a9SClaudio Takahasi struct sk_buff *skb) 34640a708f8fSGustavo F. Padovan { 34650a708f8fSGustavo F. Padovan u8 *data = skb->data; 34660a708f8fSGustavo F. Padovan int len = skb->len; 34670a708f8fSGustavo F. Padovan struct l2cap_cmd_hdr cmd; 34683300d9a9SClaudio Takahasi int err; 34690a708f8fSGustavo F. Padovan 34700a708f8fSGustavo F. Padovan l2cap_raw_recv(conn, skb); 34710a708f8fSGustavo F. Padovan 34720a708f8fSGustavo F. Padovan while (len >= L2CAP_CMD_HDR_SIZE) { 34730a708f8fSGustavo F. Padovan u16 cmd_len; 34740a708f8fSGustavo F. Padovan memcpy(&cmd, data, L2CAP_CMD_HDR_SIZE); 34750a708f8fSGustavo F. Padovan data += L2CAP_CMD_HDR_SIZE; 34760a708f8fSGustavo F. Padovan len -= L2CAP_CMD_HDR_SIZE; 34770a708f8fSGustavo F. Padovan 34780a708f8fSGustavo F. Padovan cmd_len = le16_to_cpu(cmd.len); 34790a708f8fSGustavo F. Padovan 34800a708f8fSGustavo F. Padovan BT_DBG("code 0x%2.2x len %d id 0x%2.2x", cmd.code, cmd_len, cmd.ident); 34810a708f8fSGustavo F. Padovan 34820a708f8fSGustavo F. Padovan if (cmd_len > len || !cmd.ident) { 34830a708f8fSGustavo F. Padovan BT_DBG("corrupted command"); 34840a708f8fSGustavo F. Padovan break; 34850a708f8fSGustavo F. Padovan } 34860a708f8fSGustavo F. Padovan 34873300d9a9SClaudio Takahasi if (conn->hcon->type == LE_LINK) 34883300d9a9SClaudio Takahasi err = l2cap_le_sig_cmd(conn, &cmd, data); 34893300d9a9SClaudio Takahasi else 34903300d9a9SClaudio Takahasi err = l2cap_bredr_sig_cmd(conn, &cmd, cmd_len, data); 34910a708f8fSGustavo F. Padovan 34920a708f8fSGustavo F. Padovan if (err) { 3493e2fd318eSIlia Kolomisnky struct l2cap_cmd_rej_unk rej; 34942c6d1a2eSGustavo F. Padovan 34952c6d1a2eSGustavo F. Padovan BT_ERR("Wrong link type (%d)", err); 34960a708f8fSGustavo F. Padovan 34970a708f8fSGustavo F. Padovan /* FIXME: Map err to a valid reason */ 3498e2fd318eSIlia Kolomisnky rej.reason = cpu_to_le16(L2CAP_REJ_NOT_UNDERSTOOD); 34990a708f8fSGustavo F. Padovan l2cap_send_cmd(conn, cmd.ident, L2CAP_COMMAND_REJ, sizeof(rej), &rej); 35000a708f8fSGustavo F. Padovan } 35010a708f8fSGustavo F. Padovan 35020a708f8fSGustavo F. Padovan data += cmd_len; 35030a708f8fSGustavo F. Padovan len -= cmd_len; 35040a708f8fSGustavo F. Padovan } 35050a708f8fSGustavo F. Padovan 35060a708f8fSGustavo F. Padovan kfree_skb(skb); 35070a708f8fSGustavo F. Padovan } 35080a708f8fSGustavo F. Padovan 350947d1ec61SGustavo F. Padovan static int l2cap_check_fcs(struct l2cap_chan *chan, struct sk_buff *skb) 35100a708f8fSGustavo F. Padovan { 35110a708f8fSGustavo F. Padovan u16 our_fcs, rcv_fcs; 3512e4ca6d98SAndrei Emeltchenko int hdr_size; 3513e4ca6d98SAndrei Emeltchenko 3514e4ca6d98SAndrei Emeltchenko if (test_bit(FLAG_EXT_CTRL, &chan->flags)) 3515e4ca6d98SAndrei Emeltchenko hdr_size = L2CAP_EXT_HDR_SIZE; 3516e4ca6d98SAndrei Emeltchenko else 3517e4ca6d98SAndrei Emeltchenko hdr_size = L2CAP_ENH_HDR_SIZE; 35180a708f8fSGustavo F. Padovan 351947d1ec61SGustavo F. Padovan if (chan->fcs == L2CAP_FCS_CRC16) { 352003a51213SAndrei Emeltchenko skb_trim(skb, skb->len - L2CAP_FCS_SIZE); 35210a708f8fSGustavo F. Padovan rcv_fcs = get_unaligned_le16(skb->data + skb->len); 35220a708f8fSGustavo F. Padovan our_fcs = crc16(0, skb->data - hdr_size, skb->len + hdr_size); 35230a708f8fSGustavo F. Padovan 35240a708f8fSGustavo F. Padovan if (our_fcs != rcv_fcs) 35250a708f8fSGustavo F. Padovan return -EBADMSG; 35260a708f8fSGustavo F. Padovan } 35270a708f8fSGustavo F. Padovan return 0; 35280a708f8fSGustavo F. Padovan } 35290a708f8fSGustavo F. Padovan 3530525cd185SGustavo F. Padovan static inline void l2cap_send_i_or_rr_or_rnr(struct l2cap_chan *chan) 35310a708f8fSGustavo F. Padovan { 353288843ab0SAndrei Emeltchenko u32 control = 0; 35330a708f8fSGustavo F. Padovan 35346a026610SGustavo F. Padovan chan->frames_sent = 0; 35350a708f8fSGustavo F. Padovan 35360b209faeSAndrei Emeltchenko control |= __set_reqseq(chan, chan->buffer_seq); 35370a708f8fSGustavo F. Padovan 3538e2ab4353SGustavo F. Padovan if (test_bit(CONN_LOCAL_BUSY, &chan->conn_state)) { 3539ab784b73SAndrei Emeltchenko control |= __set_ctrl_super(chan, L2CAP_SUPER_RNR); 3540525cd185SGustavo F. Padovan l2cap_send_sframe(chan, control); 3541e2ab4353SGustavo F. Padovan set_bit(CONN_RNR_SENT, &chan->conn_state); 35420a708f8fSGustavo F. Padovan } 35430a708f8fSGustavo F. Padovan 3544e2ab4353SGustavo F. Padovan if (test_bit(CONN_REMOTE_BUSY, &chan->conn_state)) 3545525cd185SGustavo F. Padovan l2cap_retransmit_frames(chan); 35460a708f8fSGustavo F. Padovan 3547525cd185SGustavo F. Padovan l2cap_ertm_send(chan); 35480a708f8fSGustavo F. Padovan 3549e2ab4353SGustavo F. Padovan if (!test_bit(CONN_LOCAL_BUSY, &chan->conn_state) && 35506a026610SGustavo F. Padovan chan->frames_sent == 0) { 3551ab784b73SAndrei Emeltchenko control |= __set_ctrl_super(chan, L2CAP_SUPER_RR); 3552525cd185SGustavo F. Padovan l2cap_send_sframe(chan, control); 35530a708f8fSGustavo F. Padovan } 35540a708f8fSGustavo F. Padovan } 35550a708f8fSGustavo F. Padovan 3556fb45de7dSAndrei Emeltchenko static int l2cap_add_to_srej_queue(struct l2cap_chan *chan, struct sk_buff *skb, u16 tx_seq, u8 sar) 35570a708f8fSGustavo F. Padovan { 35580a708f8fSGustavo F. Padovan struct sk_buff *next_skb; 35590a708f8fSGustavo F. Padovan int tx_seq_offset, next_tx_seq_offset; 35600a708f8fSGustavo F. Padovan 35610a708f8fSGustavo F. Padovan bt_cb(skb)->tx_seq = tx_seq; 35620a708f8fSGustavo F. Padovan bt_cb(skb)->sar = sar; 35630a708f8fSGustavo F. Padovan 3564f1c6775bSGustavo F. Padovan next_skb = skb_peek(&chan->srej_q); 35650a708f8fSGustavo F. Padovan if (!next_skb) { 3566f1c6775bSGustavo F. Padovan __skb_queue_tail(&chan->srej_q, skb); 35670a708f8fSGustavo F. Padovan return 0; 35680a708f8fSGustavo F. Padovan } 35690a708f8fSGustavo F. Padovan 3570836be934SAndrei Emeltchenko tx_seq_offset = __seq_offset(chan, tx_seq, chan->buffer_seq); 35710a708f8fSGustavo F. Padovan 35720a708f8fSGustavo F. Padovan do { 35730a708f8fSGustavo F. Padovan if (bt_cb(next_skb)->tx_seq == tx_seq) 35740a708f8fSGustavo F. Padovan return -EINVAL; 35750a708f8fSGustavo F. Padovan 3576836be934SAndrei Emeltchenko next_tx_seq_offset = __seq_offset(chan, 3577836be934SAndrei Emeltchenko bt_cb(next_skb)->tx_seq, chan->buffer_seq); 35780a708f8fSGustavo F. Padovan 35790a708f8fSGustavo F. Padovan if (next_tx_seq_offset > tx_seq_offset) { 3580f1c6775bSGustavo F. Padovan __skb_queue_before(&chan->srej_q, next_skb, skb); 35810a708f8fSGustavo F. Padovan return 0; 35820a708f8fSGustavo F. Padovan } 35830a708f8fSGustavo F. Padovan 3584f1c6775bSGustavo F. Padovan if (skb_queue_is_last(&chan->srej_q, next_skb)) 35850a708f8fSGustavo F. Padovan break; 35860a708f8fSGustavo F. Padovan 3587f1c6775bSGustavo F. Padovan } while ((next_skb = skb_queue_next(&chan->srej_q, next_skb))); 35880a708f8fSGustavo F. Padovan 3589f1c6775bSGustavo F. Padovan __skb_queue_tail(&chan->srej_q, skb); 35900a708f8fSGustavo F. Padovan 35910a708f8fSGustavo F. Padovan return 0; 35920a708f8fSGustavo F. Padovan } 35930a708f8fSGustavo F. Padovan 359484084a31SMat Martineau static void append_skb_frag(struct sk_buff *skb, 359584084a31SMat Martineau struct sk_buff *new_frag, struct sk_buff **last_frag) 35960a708f8fSGustavo F. Padovan { 359784084a31SMat Martineau /* skb->len reflects data in skb as well as all fragments 359884084a31SMat Martineau * skb->data_len reflects only data in fragments 359984084a31SMat Martineau */ 360084084a31SMat Martineau if (!skb_has_frag_list(skb)) 360184084a31SMat Martineau skb_shinfo(skb)->frag_list = new_frag; 360284084a31SMat Martineau 360384084a31SMat Martineau new_frag->next = NULL; 360484084a31SMat Martineau 360584084a31SMat Martineau (*last_frag)->next = new_frag; 360684084a31SMat Martineau *last_frag = new_frag; 360784084a31SMat Martineau 360884084a31SMat Martineau skb->len += new_frag->len; 360984084a31SMat Martineau skb->data_len += new_frag->len; 361084084a31SMat Martineau skb->truesize += new_frag->truesize; 361184084a31SMat Martineau } 361284084a31SMat Martineau 361388843ab0SAndrei Emeltchenko static int l2cap_reassemble_sdu(struct l2cap_chan *chan, struct sk_buff *skb, u32 control) 361484084a31SMat Martineau { 361584084a31SMat Martineau int err = -EINVAL; 36160a708f8fSGustavo F. Padovan 36177e0ef6eeSAndrei Emeltchenko switch (__get_ctrl_sar(chan, control)) { 36187e0ef6eeSAndrei Emeltchenko case L2CAP_SAR_UNSEGMENTED: 361984084a31SMat Martineau if (chan->sdu) 362084084a31SMat Martineau break; 36210a708f8fSGustavo F. Padovan 362284084a31SMat Martineau err = chan->ops->recv(chan->data, skb); 362384084a31SMat Martineau break; 36240a708f8fSGustavo F. Padovan 36257e0ef6eeSAndrei Emeltchenko case L2CAP_SAR_START: 362684084a31SMat Martineau if (chan->sdu) 362784084a31SMat Martineau break; 36280a708f8fSGustavo F. Padovan 36296f61fd47SGustavo F. Padovan chan->sdu_len = get_unaligned_le16(skb->data); 363003a51213SAndrei Emeltchenko skb_pull(skb, L2CAP_SDULEN_SIZE); 36310a708f8fSGustavo F. Padovan 363284084a31SMat Martineau if (chan->sdu_len > chan->imtu) { 363384084a31SMat Martineau err = -EMSGSIZE; 363484084a31SMat Martineau break; 363584084a31SMat Martineau } 36360a708f8fSGustavo F. Padovan 363784084a31SMat Martineau if (skb->len >= chan->sdu_len) 363884084a31SMat Martineau break; 363984084a31SMat Martineau 364084084a31SMat Martineau chan->sdu = skb; 364184084a31SMat Martineau chan->sdu_last_frag = skb; 364284084a31SMat Martineau 364384084a31SMat Martineau skb = NULL; 364484084a31SMat Martineau err = 0; 36450a708f8fSGustavo F. Padovan break; 36460a708f8fSGustavo F. Padovan 36477e0ef6eeSAndrei Emeltchenko case L2CAP_SAR_CONTINUE: 36486f61fd47SGustavo F. Padovan if (!chan->sdu) 364984084a31SMat Martineau break; 36500a708f8fSGustavo F. Padovan 365184084a31SMat Martineau append_skb_frag(chan->sdu, skb, 365284084a31SMat Martineau &chan->sdu_last_frag); 365384084a31SMat Martineau skb = NULL; 36540a708f8fSGustavo F. Padovan 365584084a31SMat Martineau if (chan->sdu->len >= chan->sdu_len) 365684084a31SMat Martineau break; 36570a708f8fSGustavo F. Padovan 365884084a31SMat Martineau err = 0; 36590a708f8fSGustavo F. Padovan break; 36600a708f8fSGustavo F. Padovan 36617e0ef6eeSAndrei Emeltchenko case L2CAP_SAR_END: 36626f61fd47SGustavo F. Padovan if (!chan->sdu) 366384084a31SMat Martineau break; 36640a708f8fSGustavo F. Padovan 366584084a31SMat Martineau append_skb_frag(chan->sdu, skb, 366684084a31SMat Martineau &chan->sdu_last_frag); 366784084a31SMat Martineau skb = NULL; 36680a708f8fSGustavo F. Padovan 366984084a31SMat Martineau if (chan->sdu->len != chan->sdu_len) 367084084a31SMat Martineau break; 36710a708f8fSGustavo F. Padovan 367284084a31SMat Martineau err = chan->ops->recv(chan->data, chan->sdu); 36730a708f8fSGustavo F. Padovan 367484084a31SMat Martineau if (!err) { 367584084a31SMat Martineau /* Reassembly complete */ 367684084a31SMat Martineau chan->sdu = NULL; 367784084a31SMat Martineau chan->sdu_last_frag = NULL; 367884084a31SMat Martineau chan->sdu_len = 0; 36790a708f8fSGustavo F. Padovan } 36800a708f8fSGustavo F. Padovan break; 36810a708f8fSGustavo F. Padovan } 36820a708f8fSGustavo F. Padovan 368384084a31SMat Martineau if (err) { 36840a708f8fSGustavo F. Padovan kfree_skb(skb); 36856f61fd47SGustavo F. Padovan kfree_skb(chan->sdu); 36866f61fd47SGustavo F. Padovan chan->sdu = NULL; 368784084a31SMat Martineau chan->sdu_last_frag = NULL; 368884084a31SMat Martineau chan->sdu_len = 0; 368984084a31SMat Martineau } 36900a708f8fSGustavo F. Padovan 369184084a31SMat Martineau return err; 36920a708f8fSGustavo F. Padovan } 36930a708f8fSGustavo F. Padovan 369426f880d2SMat Martineau static void l2cap_ertm_enter_local_busy(struct l2cap_chan *chan) 36950a708f8fSGustavo F. Padovan { 369688843ab0SAndrei Emeltchenko u32 control; 36970a708f8fSGustavo F. Padovan 369826f880d2SMat Martineau BT_DBG("chan %p, Enter local busy", chan); 369926f880d2SMat Martineau 370026f880d2SMat Martineau set_bit(CONN_LOCAL_BUSY, &chan->conn_state); 370126f880d2SMat Martineau 37020b209faeSAndrei Emeltchenko control = __set_reqseq(chan, chan->buffer_seq); 3703ab784b73SAndrei Emeltchenko control |= __set_ctrl_super(chan, L2CAP_SUPER_RNR); 370426f880d2SMat Martineau l2cap_send_sframe(chan, control); 370526f880d2SMat Martineau 370626f880d2SMat Martineau set_bit(CONN_RNR_SENT, &chan->conn_state); 370726f880d2SMat Martineau 370826f880d2SMat Martineau __clear_ack_timer(chan); 37090a708f8fSGustavo F. Padovan } 37100a708f8fSGustavo F. Padovan 371126f880d2SMat Martineau static void l2cap_ertm_exit_local_busy(struct l2cap_chan *chan) 371226f880d2SMat Martineau { 371388843ab0SAndrei Emeltchenko u32 control; 37140a708f8fSGustavo F. Padovan 3715e2ab4353SGustavo F. Padovan if (!test_bit(CONN_RNR_SENT, &chan->conn_state)) 37160a708f8fSGustavo F. Padovan goto done; 37170a708f8fSGustavo F. Padovan 37180b209faeSAndrei Emeltchenko control = __set_reqseq(chan, chan->buffer_seq); 3719e3781735SAndrei Emeltchenko control |= __set_ctrl_poll(chan); 3720ab784b73SAndrei Emeltchenko control |= __set_ctrl_super(chan, L2CAP_SUPER_RR); 3721525cd185SGustavo F. Padovan l2cap_send_sframe(chan, control); 37226a026610SGustavo F. Padovan chan->retry_count = 1; 37230a708f8fSGustavo F. Padovan 37241a09bcb9SGustavo F. Padovan __clear_retrans_timer(chan); 37251a09bcb9SGustavo F. Padovan __set_monitor_timer(chan); 37260a708f8fSGustavo F. Padovan 3727e2ab4353SGustavo F. Padovan set_bit(CONN_WAIT_F, &chan->conn_state); 37280a708f8fSGustavo F. Padovan 37290a708f8fSGustavo F. Padovan done: 3730e2ab4353SGustavo F. Padovan clear_bit(CONN_LOCAL_BUSY, &chan->conn_state); 3731e2ab4353SGustavo F. Padovan clear_bit(CONN_RNR_SENT, &chan->conn_state); 37320a708f8fSGustavo F. Padovan 373349208c9cSGustavo F. Padovan BT_DBG("chan %p, Exit local busy", chan); 37340a708f8fSGustavo F. Padovan } 37350a708f8fSGustavo F. Padovan 3736e328140fSMat Martineau void l2cap_chan_busy(struct l2cap_chan *chan, int busy) 37370a708f8fSGustavo F. Padovan { 3738e328140fSMat Martineau if (chan->mode == L2CAP_MODE_ERTM) { 3739e328140fSMat Martineau if (busy) 374026f880d2SMat Martineau l2cap_ertm_enter_local_busy(chan); 3741e328140fSMat Martineau else 3742e328140fSMat Martineau l2cap_ertm_exit_local_busy(chan); 37430a708f8fSGustavo F. Padovan } 37440a708f8fSGustavo F. Padovan } 37450a708f8fSGustavo F. Padovan 3746fb45de7dSAndrei Emeltchenko static void l2cap_check_srej_gap(struct l2cap_chan *chan, u16 tx_seq) 37470a708f8fSGustavo F. Padovan { 37480a708f8fSGustavo F. Padovan struct sk_buff *skb; 374988843ab0SAndrei Emeltchenko u32 control; 37500a708f8fSGustavo F. Padovan 3751e328140fSMat Martineau while ((skb = skb_peek(&chan->srej_q)) && 3752e328140fSMat Martineau !test_bit(CONN_LOCAL_BUSY, &chan->conn_state)) { 3753e328140fSMat Martineau int err; 3754e328140fSMat Martineau 37550a708f8fSGustavo F. Padovan if (bt_cb(skb)->tx_seq != tx_seq) 37560a708f8fSGustavo F. Padovan break; 37570a708f8fSGustavo F. Padovan 3758f1c6775bSGustavo F. Padovan skb = skb_dequeue(&chan->srej_q); 37597e0ef6eeSAndrei Emeltchenko control = __set_ctrl_sar(chan, bt_cb(skb)->sar); 376084084a31SMat Martineau err = l2cap_reassemble_sdu(chan, skb, control); 3761e328140fSMat Martineau 3762e328140fSMat Martineau if (err < 0) { 3763e328140fSMat Martineau l2cap_send_disconn_req(chan->conn, chan, ECONNRESET); 3764e328140fSMat Martineau break; 3765e328140fSMat Martineau } 3766e328140fSMat Martineau 3767836be934SAndrei Emeltchenko chan->buffer_seq_srej = __next_seq(chan, chan->buffer_seq_srej); 3768836be934SAndrei Emeltchenko tx_seq = __next_seq(chan, tx_seq); 37690a708f8fSGustavo F. Padovan } 37700a708f8fSGustavo F. Padovan } 37710a708f8fSGustavo F. Padovan 3772fb45de7dSAndrei Emeltchenko static void l2cap_resend_srejframe(struct l2cap_chan *chan, u16 tx_seq) 37730a708f8fSGustavo F. Padovan { 37740a708f8fSGustavo F. Padovan struct srej_list *l, *tmp; 377588843ab0SAndrei Emeltchenko u32 control; 37760a708f8fSGustavo F. Padovan 377739d5a3eeSGustavo F. Padovan list_for_each_entry_safe(l, tmp, &chan->srej_l, list) { 37780a708f8fSGustavo F. Padovan if (l->tx_seq == tx_seq) { 37790a708f8fSGustavo F. Padovan list_del(&l->list); 37800a708f8fSGustavo F. Padovan kfree(l); 37810a708f8fSGustavo F. Padovan return; 37820a708f8fSGustavo F. Padovan } 3783ab784b73SAndrei Emeltchenko control = __set_ctrl_super(chan, L2CAP_SUPER_SREJ); 37840b209faeSAndrei Emeltchenko control |= __set_reqseq(chan, l->tx_seq); 3785525cd185SGustavo F. Padovan l2cap_send_sframe(chan, control); 37860a708f8fSGustavo F. Padovan list_del(&l->list); 378739d5a3eeSGustavo F. Padovan list_add_tail(&l->list, &chan->srej_l); 37880a708f8fSGustavo F. Padovan } 37890a708f8fSGustavo F. Padovan } 37900a708f8fSGustavo F. Padovan 3791fb45de7dSAndrei Emeltchenko static void l2cap_send_srejframe(struct l2cap_chan *chan, u16 tx_seq) 37920a708f8fSGustavo F. Padovan { 37930a708f8fSGustavo F. Padovan struct srej_list *new; 379488843ab0SAndrei Emeltchenko u32 control; 37950a708f8fSGustavo F. Padovan 379642e5c802SGustavo F. Padovan while (tx_seq != chan->expected_tx_seq) { 3797ab784b73SAndrei Emeltchenko control = __set_ctrl_super(chan, L2CAP_SUPER_SREJ); 37980b209faeSAndrei Emeltchenko control |= __set_reqseq(chan, chan->expected_tx_seq); 3799525cd185SGustavo F. Padovan l2cap_send_sframe(chan, control); 38000a708f8fSGustavo F. Padovan 38010a708f8fSGustavo F. Padovan new = kzalloc(sizeof(struct srej_list), GFP_ATOMIC); 380242e5c802SGustavo F. Padovan new->tx_seq = chan->expected_tx_seq; 3803836be934SAndrei Emeltchenko 3804836be934SAndrei Emeltchenko chan->expected_tx_seq = __next_seq(chan, chan->expected_tx_seq); 3805836be934SAndrei Emeltchenko 380639d5a3eeSGustavo F. Padovan list_add_tail(&new->list, &chan->srej_l); 38070a708f8fSGustavo F. Padovan } 3808836be934SAndrei Emeltchenko 3809836be934SAndrei Emeltchenko chan->expected_tx_seq = __next_seq(chan, chan->expected_tx_seq); 38100a708f8fSGustavo F. Padovan } 38110a708f8fSGustavo F. Padovan 381288843ab0SAndrei Emeltchenko static inline int l2cap_data_channel_iframe(struct l2cap_chan *chan, u32 rx_control, struct sk_buff *skb) 38130a708f8fSGustavo F. Padovan { 3814fb45de7dSAndrei Emeltchenko u16 tx_seq = __get_txseq(chan, rx_control); 38150b209faeSAndrei Emeltchenko u16 req_seq = __get_reqseq(chan, rx_control); 38167e0ef6eeSAndrei Emeltchenko u8 sar = __get_ctrl_sar(chan, rx_control); 38170a708f8fSGustavo F. Padovan int tx_seq_offset, expected_tx_seq_offset; 381847d1ec61SGustavo F. Padovan int num_to_ack = (chan->tx_win/6) + 1; 38190a708f8fSGustavo F. Padovan int err = 0; 38200a708f8fSGustavo F. Padovan 382188843ab0SAndrei Emeltchenko BT_DBG("chan %p len %d tx_seq %d rx_control 0x%8.8x", chan, skb->len, 3822525cd185SGustavo F. Padovan tx_seq, rx_control); 38230a708f8fSGustavo F. Padovan 382403f6715dSAndrei Emeltchenko if (__is_ctrl_final(chan, rx_control) && 3825e2ab4353SGustavo F. Padovan test_bit(CONN_WAIT_F, &chan->conn_state)) { 38261a09bcb9SGustavo F. Padovan __clear_monitor_timer(chan); 38276a026610SGustavo F. Padovan if (chan->unacked_frames > 0) 38281a09bcb9SGustavo F. Padovan __set_retrans_timer(chan); 3829e2ab4353SGustavo F. Padovan clear_bit(CONN_WAIT_F, &chan->conn_state); 38300a708f8fSGustavo F. Padovan } 38310a708f8fSGustavo F. Padovan 383242e5c802SGustavo F. Padovan chan->expected_ack_seq = req_seq; 383342e5c802SGustavo F. Padovan l2cap_drop_acked_frames(chan); 38340a708f8fSGustavo F. Padovan 3835836be934SAndrei Emeltchenko tx_seq_offset = __seq_offset(chan, tx_seq, chan->buffer_seq); 38360a708f8fSGustavo F. Padovan 38370a708f8fSGustavo F. Padovan /* invalid tx_seq */ 383847d1ec61SGustavo F. Padovan if (tx_seq_offset >= chan->tx_win) { 38398c1d787bSGustavo F. Padovan l2cap_send_disconn_req(chan->conn, chan, ECONNRESET); 38400a708f8fSGustavo F. Padovan goto drop; 38410a708f8fSGustavo F. Padovan } 38420a708f8fSGustavo F. Padovan 3843e2ab4353SGustavo F. Padovan if (test_bit(CONN_LOCAL_BUSY, &chan->conn_state)) 38440a708f8fSGustavo F. Padovan goto drop; 38450a708f8fSGustavo F. Padovan 384602f1b641SMat Martineau if (tx_seq == chan->expected_tx_seq) 384702f1b641SMat Martineau goto expected; 384802f1b641SMat Martineau 3849e2ab4353SGustavo F. Padovan if (test_bit(CONN_SREJ_SENT, &chan->conn_state)) { 38500a708f8fSGustavo F. Padovan struct srej_list *first; 38510a708f8fSGustavo F. Padovan 385239d5a3eeSGustavo F. Padovan first = list_first_entry(&chan->srej_l, 38530a708f8fSGustavo F. Padovan struct srej_list, list); 38540a708f8fSGustavo F. Padovan if (tx_seq == first->tx_seq) { 385542e5c802SGustavo F. Padovan l2cap_add_to_srej_queue(chan, skb, tx_seq, sar); 3856525cd185SGustavo F. Padovan l2cap_check_srej_gap(chan, tx_seq); 38570a708f8fSGustavo F. Padovan 38580a708f8fSGustavo F. Padovan list_del(&first->list); 38590a708f8fSGustavo F. Padovan kfree(first); 38600a708f8fSGustavo F. Padovan 386139d5a3eeSGustavo F. Padovan if (list_empty(&chan->srej_l)) { 386242e5c802SGustavo F. Padovan chan->buffer_seq = chan->buffer_seq_srej; 3863e2ab4353SGustavo F. Padovan clear_bit(CONN_SREJ_SENT, &chan->conn_state); 3864525cd185SGustavo F. Padovan l2cap_send_ack(chan); 386549208c9cSGustavo F. Padovan BT_DBG("chan %p, Exit SREJ_SENT", chan); 38660a708f8fSGustavo F. Padovan } 38670a708f8fSGustavo F. Padovan } else { 38680a708f8fSGustavo F. Padovan struct srej_list *l; 38690a708f8fSGustavo F. Padovan 38700a708f8fSGustavo F. Padovan /* duplicated tx_seq */ 387142e5c802SGustavo F. Padovan if (l2cap_add_to_srej_queue(chan, skb, tx_seq, sar) < 0) 38720a708f8fSGustavo F. Padovan goto drop; 38730a708f8fSGustavo F. Padovan 387439d5a3eeSGustavo F. Padovan list_for_each_entry(l, &chan->srej_l, list) { 38750a708f8fSGustavo F. Padovan if (l->tx_seq == tx_seq) { 3876525cd185SGustavo F. Padovan l2cap_resend_srejframe(chan, tx_seq); 38770a708f8fSGustavo F. Padovan return 0; 38780a708f8fSGustavo F. Padovan } 38790a708f8fSGustavo F. Padovan } 3880525cd185SGustavo F. Padovan l2cap_send_srejframe(chan, tx_seq); 38810a708f8fSGustavo F. Padovan } 38820a708f8fSGustavo F. Padovan } else { 3883836be934SAndrei Emeltchenko expected_tx_seq_offset = __seq_offset(chan, 3884836be934SAndrei Emeltchenko chan->expected_tx_seq, chan->buffer_seq); 38850a708f8fSGustavo F. Padovan 38860a708f8fSGustavo F. Padovan /* duplicated tx_seq */ 38870a708f8fSGustavo F. Padovan if (tx_seq_offset < expected_tx_seq_offset) 38880a708f8fSGustavo F. Padovan goto drop; 38890a708f8fSGustavo F. Padovan 3890e2ab4353SGustavo F. Padovan set_bit(CONN_SREJ_SENT, &chan->conn_state); 38910a708f8fSGustavo F. Padovan 389249208c9cSGustavo F. Padovan BT_DBG("chan %p, Enter SREJ", chan); 38930a708f8fSGustavo F. Padovan 389439d5a3eeSGustavo F. Padovan INIT_LIST_HEAD(&chan->srej_l); 389542e5c802SGustavo F. Padovan chan->buffer_seq_srej = chan->buffer_seq; 38960a708f8fSGustavo F. Padovan 3897f1c6775bSGustavo F. Padovan __skb_queue_head_init(&chan->srej_q); 389842e5c802SGustavo F. Padovan l2cap_add_to_srej_queue(chan, skb, tx_seq, sar); 38990a708f8fSGustavo F. Padovan 3900e2ab4353SGustavo F. Padovan set_bit(CONN_SEND_PBIT, &chan->conn_state); 39010a708f8fSGustavo F. Padovan 3902525cd185SGustavo F. Padovan l2cap_send_srejframe(chan, tx_seq); 39030a708f8fSGustavo F. Padovan 39041a09bcb9SGustavo F. Padovan __clear_ack_timer(chan); 39050a708f8fSGustavo F. Padovan } 39060a708f8fSGustavo F. Padovan return 0; 39070a708f8fSGustavo F. Padovan 39080a708f8fSGustavo F. Padovan expected: 3909836be934SAndrei Emeltchenko chan->expected_tx_seq = __next_seq(chan, chan->expected_tx_seq); 39100a708f8fSGustavo F. Padovan 3911e2ab4353SGustavo F. Padovan if (test_bit(CONN_SREJ_SENT, &chan->conn_state)) { 39120a708f8fSGustavo F. Padovan bt_cb(skb)->tx_seq = tx_seq; 39130a708f8fSGustavo F. Padovan bt_cb(skb)->sar = sar; 3914f1c6775bSGustavo F. Padovan __skb_queue_tail(&chan->srej_q, skb); 39150a708f8fSGustavo F. Padovan return 0; 39160a708f8fSGustavo F. Padovan } 39170a708f8fSGustavo F. Padovan 391884084a31SMat Martineau err = l2cap_reassemble_sdu(chan, skb, rx_control); 3919836be934SAndrei Emeltchenko chan->buffer_seq = __next_seq(chan, chan->buffer_seq); 3920836be934SAndrei Emeltchenko 3921e328140fSMat Martineau if (err < 0) { 3922e328140fSMat Martineau l2cap_send_disconn_req(chan->conn, chan, ECONNRESET); 3923e328140fSMat Martineau return err; 3924e328140fSMat Martineau } 39250a708f8fSGustavo F. Padovan 392603f6715dSAndrei Emeltchenko if (__is_ctrl_final(chan, rx_control)) { 3927e2ab4353SGustavo F. Padovan if (!test_and_clear_bit(CONN_REJ_ACT, &chan->conn_state)) 3928525cd185SGustavo F. Padovan l2cap_retransmit_frames(chan); 39290a708f8fSGustavo F. Padovan } 39300a708f8fSGustavo F. Padovan 39311a09bcb9SGustavo F. Padovan __set_ack_timer(chan); 39320a708f8fSGustavo F. Padovan 39336a026610SGustavo F. Padovan chan->num_acked = (chan->num_acked + 1) % num_to_ack; 39346a026610SGustavo F. Padovan if (chan->num_acked == num_to_ack - 1) 3935525cd185SGustavo F. Padovan l2cap_send_ack(chan); 39360a708f8fSGustavo F. Padovan 39370a708f8fSGustavo F. Padovan return 0; 39380a708f8fSGustavo F. Padovan 39390a708f8fSGustavo F. Padovan drop: 39400a708f8fSGustavo F. Padovan kfree_skb(skb); 39410a708f8fSGustavo F. Padovan return 0; 39420a708f8fSGustavo F. Padovan } 39430a708f8fSGustavo F. Padovan 394488843ab0SAndrei Emeltchenko static inline void l2cap_data_channel_rrframe(struct l2cap_chan *chan, u32 rx_control) 39450a708f8fSGustavo F. Padovan { 394688843ab0SAndrei Emeltchenko BT_DBG("chan %p, req_seq %d ctrl 0x%8.8x", chan, 39470b209faeSAndrei Emeltchenko __get_reqseq(chan, rx_control), rx_control); 39480a708f8fSGustavo F. Padovan 39490b209faeSAndrei Emeltchenko chan->expected_ack_seq = __get_reqseq(chan, rx_control); 395042e5c802SGustavo F. Padovan l2cap_drop_acked_frames(chan); 39510a708f8fSGustavo F. Padovan 3952e3781735SAndrei Emeltchenko if (__is_ctrl_poll(chan, rx_control)) { 3953e2ab4353SGustavo F. Padovan set_bit(CONN_SEND_FBIT, &chan->conn_state); 3954e2ab4353SGustavo F. Padovan if (test_bit(CONN_SREJ_SENT, &chan->conn_state)) { 3955e2ab4353SGustavo F. Padovan if (test_bit(CONN_REMOTE_BUSY, &chan->conn_state) && 39566a026610SGustavo F. Padovan (chan->unacked_frames > 0)) 39571a09bcb9SGustavo F. Padovan __set_retrans_timer(chan); 39580a708f8fSGustavo F. Padovan 3959e2ab4353SGustavo F. Padovan clear_bit(CONN_REMOTE_BUSY, &chan->conn_state); 3960525cd185SGustavo F. Padovan l2cap_send_srejtail(chan); 39610a708f8fSGustavo F. Padovan } else { 3962525cd185SGustavo F. Padovan l2cap_send_i_or_rr_or_rnr(chan); 39630a708f8fSGustavo F. Padovan } 39640a708f8fSGustavo F. Padovan 396503f6715dSAndrei Emeltchenko } else if (__is_ctrl_final(chan, rx_control)) { 3966e2ab4353SGustavo F. Padovan clear_bit(CONN_REMOTE_BUSY, &chan->conn_state); 39670a708f8fSGustavo F. Padovan 3968e2ab4353SGustavo F. Padovan if (!test_and_clear_bit(CONN_REJ_ACT, &chan->conn_state)) 3969525cd185SGustavo F. Padovan l2cap_retransmit_frames(chan); 39700a708f8fSGustavo F. Padovan 39710a708f8fSGustavo F. Padovan } else { 3972e2ab4353SGustavo F. Padovan if (test_bit(CONN_REMOTE_BUSY, &chan->conn_state) && 39736a026610SGustavo F. Padovan (chan->unacked_frames > 0)) 39741a09bcb9SGustavo F. Padovan __set_retrans_timer(chan); 39750a708f8fSGustavo F. Padovan 3976e2ab4353SGustavo F. Padovan clear_bit(CONN_REMOTE_BUSY, &chan->conn_state); 3977e2ab4353SGustavo F. Padovan if (test_bit(CONN_SREJ_SENT, &chan->conn_state)) 3978525cd185SGustavo F. Padovan l2cap_send_ack(chan); 39790a708f8fSGustavo F. Padovan else 3980525cd185SGustavo F. Padovan l2cap_ertm_send(chan); 39810a708f8fSGustavo F. Padovan } 39820a708f8fSGustavo F. Padovan } 39830a708f8fSGustavo F. Padovan 398488843ab0SAndrei Emeltchenko static inline void l2cap_data_channel_rejframe(struct l2cap_chan *chan, u32 rx_control) 39850a708f8fSGustavo F. Padovan { 39860b209faeSAndrei Emeltchenko u16 tx_seq = __get_reqseq(chan, rx_control); 39870a708f8fSGustavo F. Padovan 398888843ab0SAndrei Emeltchenko BT_DBG("chan %p, req_seq %d ctrl 0x%8.8x", chan, tx_seq, rx_control); 39890a708f8fSGustavo F. Padovan 3990e2ab4353SGustavo F. Padovan clear_bit(CONN_REMOTE_BUSY, &chan->conn_state); 39910a708f8fSGustavo F. Padovan 399242e5c802SGustavo F. Padovan chan->expected_ack_seq = tx_seq; 399342e5c802SGustavo F. Padovan l2cap_drop_acked_frames(chan); 39940a708f8fSGustavo F. Padovan 399503f6715dSAndrei Emeltchenko if (__is_ctrl_final(chan, rx_control)) { 3996e2ab4353SGustavo F. Padovan if (!test_and_clear_bit(CONN_REJ_ACT, &chan->conn_state)) 3997525cd185SGustavo F. Padovan l2cap_retransmit_frames(chan); 39980a708f8fSGustavo F. Padovan } else { 3999525cd185SGustavo F. Padovan l2cap_retransmit_frames(chan); 40000a708f8fSGustavo F. Padovan 4001e2ab4353SGustavo F. Padovan if (test_bit(CONN_WAIT_F, &chan->conn_state)) 4002e2ab4353SGustavo F. Padovan set_bit(CONN_REJ_ACT, &chan->conn_state); 40030a708f8fSGustavo F. Padovan } 40040a708f8fSGustavo F. Padovan } 400588843ab0SAndrei Emeltchenko static inline void l2cap_data_channel_srejframe(struct l2cap_chan *chan, u32 rx_control) 40060a708f8fSGustavo F. Padovan { 40070b209faeSAndrei Emeltchenko u16 tx_seq = __get_reqseq(chan, rx_control); 40080a708f8fSGustavo F. Padovan 400988843ab0SAndrei Emeltchenko BT_DBG("chan %p, req_seq %d ctrl 0x%8.8x", chan, tx_seq, rx_control); 40100a708f8fSGustavo F. Padovan 4011e2ab4353SGustavo F. Padovan clear_bit(CONN_REMOTE_BUSY, &chan->conn_state); 40120a708f8fSGustavo F. Padovan 4013e3781735SAndrei Emeltchenko if (__is_ctrl_poll(chan, rx_control)) { 401442e5c802SGustavo F. Padovan chan->expected_ack_seq = tx_seq; 401542e5c802SGustavo F. Padovan l2cap_drop_acked_frames(chan); 40160a708f8fSGustavo F. Padovan 4017e2ab4353SGustavo F. Padovan set_bit(CONN_SEND_FBIT, &chan->conn_state); 4018525cd185SGustavo F. Padovan l2cap_retransmit_one_frame(chan, tx_seq); 40190a708f8fSGustavo F. Padovan 4020525cd185SGustavo F. Padovan l2cap_ertm_send(chan); 40210a708f8fSGustavo F. Padovan 4022e2ab4353SGustavo F. Padovan if (test_bit(CONN_WAIT_F, &chan->conn_state)) { 40236a026610SGustavo F. Padovan chan->srej_save_reqseq = tx_seq; 4024e2ab4353SGustavo F. Padovan set_bit(CONN_SREJ_ACT, &chan->conn_state); 40250a708f8fSGustavo F. Padovan } 402603f6715dSAndrei Emeltchenko } else if (__is_ctrl_final(chan, rx_control)) { 4027e2ab4353SGustavo F. Padovan if (test_bit(CONN_SREJ_ACT, &chan->conn_state) && 40286a026610SGustavo F. Padovan chan->srej_save_reqseq == tx_seq) 4029e2ab4353SGustavo F. Padovan clear_bit(CONN_SREJ_ACT, &chan->conn_state); 40300a708f8fSGustavo F. Padovan else 4031525cd185SGustavo F. Padovan l2cap_retransmit_one_frame(chan, tx_seq); 40320a708f8fSGustavo F. Padovan } else { 4033525cd185SGustavo F. Padovan l2cap_retransmit_one_frame(chan, tx_seq); 4034e2ab4353SGustavo F. Padovan if (test_bit(CONN_WAIT_F, &chan->conn_state)) { 40356a026610SGustavo F. Padovan chan->srej_save_reqseq = tx_seq; 4036e2ab4353SGustavo F. Padovan set_bit(CONN_SREJ_ACT, &chan->conn_state); 40370a708f8fSGustavo F. Padovan } 40380a708f8fSGustavo F. Padovan } 40390a708f8fSGustavo F. Padovan } 40400a708f8fSGustavo F. Padovan 404188843ab0SAndrei Emeltchenko static inline void l2cap_data_channel_rnrframe(struct l2cap_chan *chan, u32 rx_control) 40420a708f8fSGustavo F. Padovan { 40430b209faeSAndrei Emeltchenko u16 tx_seq = __get_reqseq(chan, rx_control); 40440a708f8fSGustavo F. Padovan 404588843ab0SAndrei Emeltchenko BT_DBG("chan %p, req_seq %d ctrl 0x%8.8x", chan, tx_seq, rx_control); 40460a708f8fSGustavo F. Padovan 4047e2ab4353SGustavo F. Padovan set_bit(CONN_REMOTE_BUSY, &chan->conn_state); 404842e5c802SGustavo F. Padovan chan->expected_ack_seq = tx_seq; 404942e5c802SGustavo F. Padovan l2cap_drop_acked_frames(chan); 40500a708f8fSGustavo F. Padovan 4051e3781735SAndrei Emeltchenko if (__is_ctrl_poll(chan, rx_control)) 4052e2ab4353SGustavo F. Padovan set_bit(CONN_SEND_FBIT, &chan->conn_state); 40530a708f8fSGustavo F. Padovan 4054e2ab4353SGustavo F. Padovan if (!test_bit(CONN_SREJ_SENT, &chan->conn_state)) { 40551a09bcb9SGustavo F. Padovan __clear_retrans_timer(chan); 4056e3781735SAndrei Emeltchenko if (__is_ctrl_poll(chan, rx_control)) 4057525cd185SGustavo F. Padovan l2cap_send_rr_or_rnr(chan, L2CAP_CTRL_FINAL); 40580a708f8fSGustavo F. Padovan return; 40590a708f8fSGustavo F. Padovan } 40600a708f8fSGustavo F. Padovan 4061e3781735SAndrei Emeltchenko if (__is_ctrl_poll(chan, rx_control)) { 4062525cd185SGustavo F. Padovan l2cap_send_srejtail(chan); 4063ab784b73SAndrei Emeltchenko } else { 4064ab784b73SAndrei Emeltchenko rx_control = __set_ctrl_super(chan, L2CAP_SUPER_RR); 4065ab784b73SAndrei Emeltchenko l2cap_send_sframe(chan, rx_control); 4066ab784b73SAndrei Emeltchenko } 40670a708f8fSGustavo F. Padovan } 40680a708f8fSGustavo F. Padovan 406988843ab0SAndrei Emeltchenko static inline int l2cap_data_channel_sframe(struct l2cap_chan *chan, u32 rx_control, struct sk_buff *skb) 40700a708f8fSGustavo F. Padovan { 407188843ab0SAndrei Emeltchenko BT_DBG("chan %p rx_control 0x%8.8x len %d", chan, rx_control, skb->len); 40720a708f8fSGustavo F. Padovan 407303f6715dSAndrei Emeltchenko if (__is_ctrl_final(chan, rx_control) && 4074e2ab4353SGustavo F. Padovan test_bit(CONN_WAIT_F, &chan->conn_state)) { 40751a09bcb9SGustavo F. Padovan __clear_monitor_timer(chan); 40766a026610SGustavo F. Padovan if (chan->unacked_frames > 0) 40771a09bcb9SGustavo F. Padovan __set_retrans_timer(chan); 4078e2ab4353SGustavo F. Padovan clear_bit(CONN_WAIT_F, &chan->conn_state); 40790a708f8fSGustavo F. Padovan } 40800a708f8fSGustavo F. Padovan 4081ab784b73SAndrei Emeltchenko switch (__get_ctrl_super(chan, rx_control)) { 4082ab784b73SAndrei Emeltchenko case L2CAP_SUPER_RR: 4083525cd185SGustavo F. Padovan l2cap_data_channel_rrframe(chan, rx_control); 40840a708f8fSGustavo F. Padovan break; 40850a708f8fSGustavo F. Padovan 4086ab784b73SAndrei Emeltchenko case L2CAP_SUPER_REJ: 4087525cd185SGustavo F. Padovan l2cap_data_channel_rejframe(chan, rx_control); 40880a708f8fSGustavo F. Padovan break; 40890a708f8fSGustavo F. Padovan 4090ab784b73SAndrei Emeltchenko case L2CAP_SUPER_SREJ: 4091525cd185SGustavo F. Padovan l2cap_data_channel_srejframe(chan, rx_control); 40920a708f8fSGustavo F. Padovan break; 40930a708f8fSGustavo F. Padovan 4094ab784b73SAndrei Emeltchenko case L2CAP_SUPER_RNR: 4095525cd185SGustavo F. Padovan l2cap_data_channel_rnrframe(chan, rx_control); 40960a708f8fSGustavo F. Padovan break; 40970a708f8fSGustavo F. Padovan } 40980a708f8fSGustavo F. Padovan 40990a708f8fSGustavo F. Padovan kfree_skb(skb); 41000a708f8fSGustavo F. Padovan return 0; 41010a708f8fSGustavo F. Padovan } 41020a708f8fSGustavo F. Padovan 41030a708f8fSGustavo F. Padovan static int l2cap_ertm_data_rcv(struct sock *sk, struct sk_buff *skb) 41040a708f8fSGustavo F. Padovan { 4105525cd185SGustavo F. Padovan struct l2cap_chan *chan = l2cap_pi(sk)->chan; 410688843ab0SAndrei Emeltchenko u32 control; 41070b209faeSAndrei Emeltchenko u16 req_seq; 41080a708f8fSGustavo F. Padovan int len, next_tx_seq_offset, req_seq_offset; 41090a708f8fSGustavo F. Padovan 411088843ab0SAndrei Emeltchenko control = __get_control(chan, skb->data); 411188843ab0SAndrei Emeltchenko skb_pull(skb, __ctrl_size(chan)); 41120a708f8fSGustavo F. Padovan len = skb->len; 41130a708f8fSGustavo F. Padovan 41140a708f8fSGustavo F. Padovan /* 41150a708f8fSGustavo F. Padovan * We can just drop the corrupted I-frame here. 41160a708f8fSGustavo F. Padovan * Receiver will miss it and start proper recovery 41170a708f8fSGustavo F. Padovan * procedures and ask retransmission. 41180a708f8fSGustavo F. Padovan */ 411947d1ec61SGustavo F. Padovan if (l2cap_check_fcs(chan, skb)) 41200a708f8fSGustavo F. Padovan goto drop; 41210a708f8fSGustavo F. Padovan 4122793c2f1cSAndrei Emeltchenko if (__is_sar_start(chan, control) && !__is_sframe(chan, control)) 412303a51213SAndrei Emeltchenko len -= L2CAP_SDULEN_SIZE; 41240a708f8fSGustavo F. Padovan 412547d1ec61SGustavo F. Padovan if (chan->fcs == L2CAP_FCS_CRC16) 412603a51213SAndrei Emeltchenko len -= L2CAP_FCS_SIZE; 41270a708f8fSGustavo F. Padovan 412847d1ec61SGustavo F. Padovan if (len > chan->mps) { 41298c1d787bSGustavo F. Padovan l2cap_send_disconn_req(chan->conn, chan, ECONNRESET); 41300a708f8fSGustavo F. Padovan goto drop; 41310a708f8fSGustavo F. Padovan } 41320a708f8fSGustavo F. Padovan 41330b209faeSAndrei Emeltchenko req_seq = __get_reqseq(chan, control); 41340a708f8fSGustavo F. Padovan 4135836be934SAndrei Emeltchenko req_seq_offset = __seq_offset(chan, req_seq, chan->expected_ack_seq); 4136836be934SAndrei Emeltchenko 4137836be934SAndrei Emeltchenko next_tx_seq_offset = __seq_offset(chan, chan->next_tx_seq, 4138836be934SAndrei Emeltchenko chan->expected_ack_seq); 41390a708f8fSGustavo F. Padovan 41400a708f8fSGustavo F. Padovan /* check for invalid req-seq */ 41410a708f8fSGustavo F. Padovan if (req_seq_offset > next_tx_seq_offset) { 41428c1d787bSGustavo F. Padovan l2cap_send_disconn_req(chan->conn, chan, ECONNRESET); 41430a708f8fSGustavo F. Padovan goto drop; 41440a708f8fSGustavo F. Padovan } 41450a708f8fSGustavo F. Padovan 4146793c2f1cSAndrei Emeltchenko if (!__is_sframe(chan, control)) { 41470a708f8fSGustavo F. Padovan if (len < 0) { 41488c1d787bSGustavo F. Padovan l2cap_send_disconn_req(chan->conn, chan, ECONNRESET); 41490a708f8fSGustavo F. Padovan goto drop; 41500a708f8fSGustavo F. Padovan } 41510a708f8fSGustavo F. Padovan 4152525cd185SGustavo F. Padovan l2cap_data_channel_iframe(chan, control, skb); 41530a708f8fSGustavo F. Padovan } else { 41540a708f8fSGustavo F. Padovan if (len != 0) { 41550a708f8fSGustavo F. Padovan BT_ERR("%d", len); 41568c1d787bSGustavo F. Padovan l2cap_send_disconn_req(chan->conn, chan, ECONNRESET); 41570a708f8fSGustavo F. Padovan goto drop; 41580a708f8fSGustavo F. Padovan } 41590a708f8fSGustavo F. Padovan 4160525cd185SGustavo F. Padovan l2cap_data_channel_sframe(chan, control, skb); 41610a708f8fSGustavo F. Padovan } 41620a708f8fSGustavo F. Padovan 41630a708f8fSGustavo F. Padovan return 0; 41640a708f8fSGustavo F. Padovan 41650a708f8fSGustavo F. Padovan drop: 41660a708f8fSGustavo F. Padovan kfree_skb(skb); 41670a708f8fSGustavo F. Padovan return 0; 41680a708f8fSGustavo F. Padovan } 41690a708f8fSGustavo F. Padovan 41700a708f8fSGustavo F. Padovan static inline int l2cap_data_channel(struct l2cap_conn *conn, u16 cid, struct sk_buff *skb) 41710a708f8fSGustavo F. Padovan { 417248454079SGustavo F. Padovan struct l2cap_chan *chan; 4173bf734843SDavid S. Miller struct sock *sk = NULL; 417488843ab0SAndrei Emeltchenko u32 control; 4175fb45de7dSAndrei Emeltchenko u16 tx_seq; 41760a708f8fSGustavo F. Padovan int len; 41770a708f8fSGustavo F. Padovan 4178baa7e1faSGustavo F. Padovan chan = l2cap_get_chan_by_scid(conn, cid); 417948454079SGustavo F. Padovan if (!chan) { 41800a708f8fSGustavo F. Padovan BT_DBG("unknown cid 0x%4.4x", cid); 41810a708f8fSGustavo F. Padovan goto drop; 41820a708f8fSGustavo F. Padovan } 41830a708f8fSGustavo F. Padovan 418448454079SGustavo F. Padovan sk = chan->sk; 41850a708f8fSGustavo F. Padovan 418649208c9cSGustavo F. Padovan BT_DBG("chan %p, len %d", chan, skb->len); 41870a708f8fSGustavo F. Padovan 418889bc500eSGustavo F. Padovan if (chan->state != BT_CONNECTED) 41890a708f8fSGustavo F. Padovan goto drop; 41900a708f8fSGustavo F. Padovan 41910c1bc5c6SGustavo F. Padovan switch (chan->mode) { 41920a708f8fSGustavo F. Padovan case L2CAP_MODE_BASIC: 41930a708f8fSGustavo F. Padovan /* If socket recv buffers overflows we drop data here 41940a708f8fSGustavo F. Padovan * which is *bad* because L2CAP has to be reliable. 41950a708f8fSGustavo F. Padovan * But we don't have any other choice. L2CAP doesn't 41960a708f8fSGustavo F. Padovan * provide flow control mechanism. */ 41970a708f8fSGustavo F. Padovan 41980c1bc5c6SGustavo F. Padovan if (chan->imtu < skb->len) 41990a708f8fSGustavo F. Padovan goto drop; 42000a708f8fSGustavo F. Padovan 420123070494SGustavo F. Padovan if (!chan->ops->recv(chan->data, skb)) 42020a708f8fSGustavo F. Padovan goto done; 42030a708f8fSGustavo F. Padovan break; 42040a708f8fSGustavo F. Padovan 42050a708f8fSGustavo F. Padovan case L2CAP_MODE_ERTM: 42060a708f8fSGustavo F. Padovan if (!sock_owned_by_user(sk)) { 42070a708f8fSGustavo F. Padovan l2cap_ertm_data_rcv(sk, skb); 42080a708f8fSGustavo F. Padovan } else { 42090a708f8fSGustavo F. Padovan if (sk_add_backlog(sk, skb)) 42100a708f8fSGustavo F. Padovan goto drop; 42110a708f8fSGustavo F. Padovan } 42120a708f8fSGustavo F. Padovan 42130a708f8fSGustavo F. Padovan goto done; 42140a708f8fSGustavo F. Padovan 42150a708f8fSGustavo F. Padovan case L2CAP_MODE_STREAMING: 421688843ab0SAndrei Emeltchenko control = __get_control(chan, skb->data); 421788843ab0SAndrei Emeltchenko skb_pull(skb, __ctrl_size(chan)); 42180a708f8fSGustavo F. Padovan len = skb->len; 42190a708f8fSGustavo F. Padovan 422047d1ec61SGustavo F. Padovan if (l2cap_check_fcs(chan, skb)) 42210a708f8fSGustavo F. Padovan goto drop; 42220a708f8fSGustavo F. Padovan 42237e0ef6eeSAndrei Emeltchenko if (__is_sar_start(chan, control)) 422403a51213SAndrei Emeltchenko len -= L2CAP_SDULEN_SIZE; 42250a708f8fSGustavo F. Padovan 422647d1ec61SGustavo F. Padovan if (chan->fcs == L2CAP_FCS_CRC16) 422703a51213SAndrei Emeltchenko len -= L2CAP_FCS_SIZE; 42280a708f8fSGustavo F. Padovan 4229793c2f1cSAndrei Emeltchenko if (len > chan->mps || len < 0 || __is_sframe(chan, control)) 42300a708f8fSGustavo F. Padovan goto drop; 42310a708f8fSGustavo F. Padovan 4232fb45de7dSAndrei Emeltchenko tx_seq = __get_txseq(chan, control); 42330a708f8fSGustavo F. Padovan 423484084a31SMat Martineau if (chan->expected_tx_seq != tx_seq) { 423584084a31SMat Martineau /* Frame(s) missing - must discard partial SDU */ 423684084a31SMat Martineau kfree_skb(chan->sdu); 423784084a31SMat Martineau chan->sdu = NULL; 423884084a31SMat Martineau chan->sdu_last_frag = NULL; 423984084a31SMat Martineau chan->sdu_len = 0; 424084084a31SMat Martineau 424184084a31SMat Martineau /* TODO: Notify userland of missing data */ 424284084a31SMat Martineau } 424384084a31SMat Martineau 4244836be934SAndrei Emeltchenko chan->expected_tx_seq = __next_seq(chan, tx_seq); 42450a708f8fSGustavo F. Padovan 424684084a31SMat Martineau if (l2cap_reassemble_sdu(chan, skb, control) == -EMSGSIZE) 424784084a31SMat Martineau l2cap_send_disconn_req(chan->conn, chan, ECONNRESET); 42480a708f8fSGustavo F. Padovan 42490a708f8fSGustavo F. Padovan goto done; 42500a708f8fSGustavo F. Padovan 42510a708f8fSGustavo F. Padovan default: 42520c1bc5c6SGustavo F. Padovan BT_DBG("chan %p: bad mode 0x%2.2x", chan, chan->mode); 42530a708f8fSGustavo F. Padovan break; 42540a708f8fSGustavo F. Padovan } 42550a708f8fSGustavo F. Padovan 42560a708f8fSGustavo F. Padovan drop: 42570a708f8fSGustavo F. Padovan kfree_skb(skb); 42580a708f8fSGustavo F. Padovan 42590a708f8fSGustavo F. Padovan done: 42600a708f8fSGustavo F. Padovan if (sk) 42610a708f8fSGustavo F. Padovan bh_unlock_sock(sk); 42620a708f8fSGustavo F. Padovan 42630a708f8fSGustavo F. Padovan return 0; 42640a708f8fSGustavo F. Padovan } 42650a708f8fSGustavo F. Padovan 42660a708f8fSGustavo F. Padovan static inline int l2cap_conless_channel(struct l2cap_conn *conn, __le16 psm, struct sk_buff *skb) 42670a708f8fSGustavo F. Padovan { 42686dcae1eaSDavid S. Miller struct sock *sk = NULL; 426923691d75SGustavo F. Padovan struct l2cap_chan *chan; 42700a708f8fSGustavo F. Padovan 427123691d75SGustavo F. Padovan chan = l2cap_global_chan_by_psm(0, psm, conn->src); 427223691d75SGustavo F. Padovan if (!chan) 42730a708f8fSGustavo F. Padovan goto drop; 42740a708f8fSGustavo F. Padovan 427523691d75SGustavo F. Padovan sk = chan->sk; 427623691d75SGustavo F. Padovan 42770a708f8fSGustavo F. Padovan bh_lock_sock(sk); 42780a708f8fSGustavo F. Padovan 42790a708f8fSGustavo F. Padovan BT_DBG("sk %p, len %d", sk, skb->len); 42800a708f8fSGustavo F. Padovan 428189bc500eSGustavo F. Padovan if (chan->state != BT_BOUND && chan->state != BT_CONNECTED) 42820a708f8fSGustavo F. Padovan goto drop; 42830a708f8fSGustavo F. Padovan 4284e13e21dcSVinicius Costa Gomes if (chan->imtu < skb->len) 42850a708f8fSGustavo F. Padovan goto drop; 42860a708f8fSGustavo F. Padovan 428723070494SGustavo F. Padovan if (!chan->ops->recv(chan->data, skb)) 42880a708f8fSGustavo F. Padovan goto done; 42890a708f8fSGustavo F. Padovan 42900a708f8fSGustavo F. Padovan drop: 42910a708f8fSGustavo F. Padovan kfree_skb(skb); 42920a708f8fSGustavo F. Padovan 42930a708f8fSGustavo F. Padovan done: 42940a708f8fSGustavo F. Padovan if (sk) 42950a708f8fSGustavo F. Padovan bh_unlock_sock(sk); 42960a708f8fSGustavo F. Padovan return 0; 42970a708f8fSGustavo F. Padovan } 42980a708f8fSGustavo F. Padovan 42999f69bda6SGustavo F. Padovan static inline int l2cap_att_channel(struct l2cap_conn *conn, __le16 cid, struct sk_buff *skb) 43009f69bda6SGustavo F. Padovan { 43016dcae1eaSDavid S. Miller struct sock *sk = NULL; 430223691d75SGustavo F. Padovan struct l2cap_chan *chan; 43039f69bda6SGustavo F. Padovan 430423691d75SGustavo F. Padovan chan = l2cap_global_chan_by_scid(0, cid, conn->src); 430523691d75SGustavo F. Padovan if (!chan) 43069f69bda6SGustavo F. Padovan goto drop; 43079f69bda6SGustavo F. Padovan 430823691d75SGustavo F. Padovan sk = chan->sk; 430923691d75SGustavo F. Padovan 43109f69bda6SGustavo F. Padovan bh_lock_sock(sk); 43119f69bda6SGustavo F. Padovan 43129f69bda6SGustavo F. Padovan BT_DBG("sk %p, len %d", sk, skb->len); 43139f69bda6SGustavo F. Padovan 431489bc500eSGustavo F. Padovan if (chan->state != BT_BOUND && chan->state != BT_CONNECTED) 43159f69bda6SGustavo F. Padovan goto drop; 43169f69bda6SGustavo F. Padovan 4317e13e21dcSVinicius Costa Gomes if (chan->imtu < skb->len) 43189f69bda6SGustavo F. Padovan goto drop; 43199f69bda6SGustavo F. Padovan 432023070494SGustavo F. Padovan if (!chan->ops->recv(chan->data, skb)) 43219f69bda6SGustavo F. Padovan goto done; 43229f69bda6SGustavo F. Padovan 43239f69bda6SGustavo F. Padovan drop: 43249f69bda6SGustavo F. Padovan kfree_skb(skb); 43259f69bda6SGustavo F. Padovan 43269f69bda6SGustavo F. Padovan done: 43279f69bda6SGustavo F. Padovan if (sk) 43289f69bda6SGustavo F. Padovan bh_unlock_sock(sk); 43299f69bda6SGustavo F. Padovan return 0; 43309f69bda6SGustavo F. Padovan } 43319f69bda6SGustavo F. Padovan 43320a708f8fSGustavo F. Padovan static void l2cap_recv_frame(struct l2cap_conn *conn, struct sk_buff *skb) 43330a708f8fSGustavo F. Padovan { 43340a708f8fSGustavo F. Padovan struct l2cap_hdr *lh = (void *) skb->data; 43350a708f8fSGustavo F. Padovan u16 cid, len; 43360a708f8fSGustavo F. Padovan __le16 psm; 43370a708f8fSGustavo F. Padovan 43380a708f8fSGustavo F. Padovan skb_pull(skb, L2CAP_HDR_SIZE); 43390a708f8fSGustavo F. Padovan cid = __le16_to_cpu(lh->cid); 43400a708f8fSGustavo F. Padovan len = __le16_to_cpu(lh->len); 43410a708f8fSGustavo F. Padovan 43420a708f8fSGustavo F. Padovan if (len != skb->len) { 43430a708f8fSGustavo F. Padovan kfree_skb(skb); 43440a708f8fSGustavo F. Padovan return; 43450a708f8fSGustavo F. Padovan } 43460a708f8fSGustavo F. Padovan 43470a708f8fSGustavo F. Padovan BT_DBG("len %d, cid 0x%4.4x", len, cid); 43480a708f8fSGustavo F. Padovan 43490a708f8fSGustavo F. Padovan switch (cid) { 43503300d9a9SClaudio Takahasi case L2CAP_CID_LE_SIGNALING: 43510a708f8fSGustavo F. Padovan case L2CAP_CID_SIGNALING: 43520a708f8fSGustavo F. Padovan l2cap_sig_channel(conn, skb); 43530a708f8fSGustavo F. Padovan break; 43540a708f8fSGustavo F. Padovan 43550a708f8fSGustavo F. Padovan case L2CAP_CID_CONN_LESS: 43560a708f8fSGustavo F. Padovan psm = get_unaligned_le16(skb->data); 43570a708f8fSGustavo F. Padovan skb_pull(skb, 2); 43580a708f8fSGustavo F. Padovan l2cap_conless_channel(conn, psm, skb); 43590a708f8fSGustavo F. Padovan break; 43600a708f8fSGustavo F. Padovan 43619f69bda6SGustavo F. Padovan case L2CAP_CID_LE_DATA: 43629f69bda6SGustavo F. Padovan l2cap_att_channel(conn, cid, skb); 43639f69bda6SGustavo F. Padovan break; 43649f69bda6SGustavo F. Padovan 4365b501d6a1SAnderson Briglia case L2CAP_CID_SMP: 4366b501d6a1SAnderson Briglia if (smp_sig_channel(conn, skb)) 4367b501d6a1SAnderson Briglia l2cap_conn_del(conn->hcon, EACCES); 4368b501d6a1SAnderson Briglia break; 4369b501d6a1SAnderson Briglia 43700a708f8fSGustavo F. Padovan default: 43710a708f8fSGustavo F. Padovan l2cap_data_channel(conn, cid, skb); 43720a708f8fSGustavo F. Padovan break; 43730a708f8fSGustavo F. Padovan } 43740a708f8fSGustavo F. Padovan } 43750a708f8fSGustavo F. Padovan 43760a708f8fSGustavo F. Padovan /* ---- L2CAP interface with lower layer (HCI) ---- */ 43770a708f8fSGustavo F. Padovan 43780a708f8fSGustavo F. Padovan static int l2cap_connect_ind(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type) 43790a708f8fSGustavo F. Padovan { 43800a708f8fSGustavo F. Padovan int exact = 0, lm1 = 0, lm2 = 0; 438123691d75SGustavo F. Padovan struct l2cap_chan *c; 43820a708f8fSGustavo F. Padovan 43830a708f8fSGustavo F. Padovan if (type != ACL_LINK) 43840a708f8fSGustavo F. Padovan return -EINVAL; 43850a708f8fSGustavo F. Padovan 43860a708f8fSGustavo F. Padovan BT_DBG("hdev %s, bdaddr %s", hdev->name, batostr(bdaddr)); 43870a708f8fSGustavo F. Padovan 43880a708f8fSGustavo F. Padovan /* Find listening sockets and check their link_mode */ 438923691d75SGustavo F. Padovan read_lock(&chan_list_lock); 439023691d75SGustavo F. Padovan list_for_each_entry(c, &chan_list, global_l) { 439123691d75SGustavo F. Padovan struct sock *sk = c->sk; 43924343478fSGustavo F. Padovan 439389bc500eSGustavo F. Padovan if (c->state != BT_LISTEN) 43940a708f8fSGustavo F. Padovan continue; 43950a708f8fSGustavo F. Padovan 43960a708f8fSGustavo F. Padovan if (!bacmp(&bt_sk(sk)->src, &hdev->bdaddr)) { 43970a708f8fSGustavo F. Padovan lm1 |= HCI_LM_ACCEPT; 439843bd0f32SAndrei Emeltchenko if (test_bit(FLAG_ROLE_SWITCH, &c->flags)) 43990a708f8fSGustavo F. Padovan lm1 |= HCI_LM_MASTER; 44000a708f8fSGustavo F. Padovan exact++; 44010a708f8fSGustavo F. Padovan } else if (!bacmp(&bt_sk(sk)->src, BDADDR_ANY)) { 44020a708f8fSGustavo F. Padovan lm2 |= HCI_LM_ACCEPT; 440343bd0f32SAndrei Emeltchenko if (test_bit(FLAG_ROLE_SWITCH, &c->flags)) 44040a708f8fSGustavo F. Padovan lm2 |= HCI_LM_MASTER; 44050a708f8fSGustavo F. Padovan } 44060a708f8fSGustavo F. Padovan } 440723691d75SGustavo F. Padovan read_unlock(&chan_list_lock); 44080a708f8fSGustavo F. Padovan 44090a708f8fSGustavo F. Padovan return exact ? lm1 : lm2; 44100a708f8fSGustavo F. Padovan } 44110a708f8fSGustavo F. Padovan 44120a708f8fSGustavo F. Padovan static int l2cap_connect_cfm(struct hci_conn *hcon, u8 status) 44130a708f8fSGustavo F. Padovan { 44140a708f8fSGustavo F. Padovan struct l2cap_conn *conn; 44150a708f8fSGustavo F. Padovan 44160a708f8fSGustavo F. Padovan BT_DBG("hcon %p bdaddr %s status %d", hcon, batostr(&hcon->dst), status); 44170a708f8fSGustavo F. Padovan 4418acd7d370SVille Tervo if (!(hcon->type == ACL_LINK || hcon->type == LE_LINK)) 44190a708f8fSGustavo F. Padovan return -EINVAL; 44200a708f8fSGustavo F. Padovan 44210a708f8fSGustavo F. Padovan if (!status) { 44220a708f8fSGustavo F. Padovan conn = l2cap_conn_add(hcon, status); 44230a708f8fSGustavo F. Padovan if (conn) 44240a708f8fSGustavo F. Padovan l2cap_conn_ready(conn); 44250a708f8fSGustavo F. Padovan } else 4426e175072fSJoe Perches l2cap_conn_del(hcon, bt_to_errno(status)); 44270a708f8fSGustavo F. Padovan 44280a708f8fSGustavo F. Padovan return 0; 44290a708f8fSGustavo F. Padovan } 44300a708f8fSGustavo F. Padovan 44310a708f8fSGustavo F. Padovan static int l2cap_disconn_ind(struct hci_conn *hcon) 44320a708f8fSGustavo F. Padovan { 44330a708f8fSGustavo F. Padovan struct l2cap_conn *conn = hcon->l2cap_data; 44340a708f8fSGustavo F. Padovan 44350a708f8fSGustavo F. Padovan BT_DBG("hcon %p", hcon); 44360a708f8fSGustavo F. Padovan 4437b5694506SGustavo F. Padovan if ((hcon->type != ACL_LINK && hcon->type != LE_LINK) || !conn) 44389f5a0d7bSAndrei Emeltchenko return HCI_ERROR_REMOTE_USER_TERM; 44390a708f8fSGustavo F. Padovan 44400a708f8fSGustavo F. Padovan return conn->disc_reason; 44410a708f8fSGustavo F. Padovan } 44420a708f8fSGustavo F. Padovan 44430a708f8fSGustavo F. Padovan static int l2cap_disconn_cfm(struct hci_conn *hcon, u8 reason) 44440a708f8fSGustavo F. Padovan { 44450a708f8fSGustavo F. Padovan BT_DBG("hcon %p reason %d", hcon, reason); 44460a708f8fSGustavo F. Padovan 4447acd7d370SVille Tervo if (!(hcon->type == ACL_LINK || hcon->type == LE_LINK)) 44480a708f8fSGustavo F. Padovan return -EINVAL; 44490a708f8fSGustavo F. Padovan 4450e175072fSJoe Perches l2cap_conn_del(hcon, bt_to_errno(reason)); 44510a708f8fSGustavo F. Padovan 44520a708f8fSGustavo F. Padovan return 0; 44530a708f8fSGustavo F. Padovan } 44540a708f8fSGustavo F. Padovan 44554343478fSGustavo F. Padovan static inline void l2cap_check_encryption(struct l2cap_chan *chan, u8 encrypt) 44560a708f8fSGustavo F. Padovan { 4457715ec005SGustavo F. Padovan if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED) 44580a708f8fSGustavo F. Padovan return; 44590a708f8fSGustavo F. Padovan 44600a708f8fSGustavo F. Padovan if (encrypt == 0x00) { 44614343478fSGustavo F. Padovan if (chan->sec_level == BT_SECURITY_MEDIUM) { 4462c9b66675SGustavo F. Padovan __clear_chan_timer(chan); 4463c9b66675SGustavo F. Padovan __set_chan_timer(chan, HZ * 5); 44644343478fSGustavo F. Padovan } else if (chan->sec_level == BT_SECURITY_HIGH) 44650f852724SGustavo F. Padovan l2cap_chan_close(chan, ECONNREFUSED); 44660a708f8fSGustavo F. Padovan } else { 44674343478fSGustavo F. Padovan if (chan->sec_level == BT_SECURITY_MEDIUM) 4468c9b66675SGustavo F. Padovan __clear_chan_timer(chan); 44690a708f8fSGustavo F. Padovan } 44700a708f8fSGustavo F. Padovan } 44710a708f8fSGustavo F. Padovan 44720a708f8fSGustavo F. Padovan static int l2cap_security_cfm(struct hci_conn *hcon, u8 status, u8 encrypt) 44730a708f8fSGustavo F. Padovan { 44740a708f8fSGustavo F. Padovan struct l2cap_conn *conn = hcon->l2cap_data; 447548454079SGustavo F. Padovan struct l2cap_chan *chan; 44760a708f8fSGustavo F. Padovan 44770a708f8fSGustavo F. Padovan if (!conn) 44780a708f8fSGustavo F. Padovan return 0; 44790a708f8fSGustavo F. Padovan 44800a708f8fSGustavo F. Padovan BT_DBG("conn %p", conn); 44810a708f8fSGustavo F. Padovan 4482160dc6acSVinicius Costa Gomes if (hcon->type == LE_LINK) { 4483160dc6acSVinicius Costa Gomes smp_distribute_keys(conn, 0); 4484160dc6acSVinicius Costa Gomes del_timer(&conn->security_timer); 4485160dc6acSVinicius Costa Gomes } 4486160dc6acSVinicius Costa Gomes 4487baa7e1faSGustavo F. Padovan read_lock(&conn->chan_lock); 44880a708f8fSGustavo F. Padovan 4489baa7e1faSGustavo F. Padovan list_for_each_entry(chan, &conn->chan_l, list) { 449048454079SGustavo F. Padovan struct sock *sk = chan->sk; 4491baa7e1faSGustavo F. Padovan 44920a708f8fSGustavo F. Padovan bh_lock_sock(sk); 44930a708f8fSGustavo F. Padovan 4494f1cb9af5SVinicius Costa Gomes BT_DBG("chan->scid %d", chan->scid); 4495f1cb9af5SVinicius Costa Gomes 4496f1cb9af5SVinicius Costa Gomes if (chan->scid == L2CAP_CID_LE_DATA) { 4497f1cb9af5SVinicius Costa Gomes if (!status && encrypt) { 4498f1cb9af5SVinicius Costa Gomes chan->sec_level = hcon->sec_level; 4499f1cb9af5SVinicius Costa Gomes l2cap_chan_ready(sk); 4500f1cb9af5SVinicius Costa Gomes } 4501f1cb9af5SVinicius Costa Gomes 4502f1cb9af5SVinicius Costa Gomes bh_unlock_sock(sk); 4503f1cb9af5SVinicius Costa Gomes continue; 4504f1cb9af5SVinicius Costa Gomes } 4505f1cb9af5SVinicius Costa Gomes 4506c1360a1cSGustavo F. Padovan if (test_bit(CONF_CONNECT_PEND, &chan->conf_state)) { 45070a708f8fSGustavo F. Padovan bh_unlock_sock(sk); 45080a708f8fSGustavo F. Padovan continue; 45090a708f8fSGustavo F. Padovan } 45100a708f8fSGustavo F. Padovan 451189bc500eSGustavo F. Padovan if (!status && (chan->state == BT_CONNECTED || 451289bc500eSGustavo F. Padovan chan->state == BT_CONFIG)) { 45134343478fSGustavo F. Padovan l2cap_check_encryption(chan, encrypt); 45140a708f8fSGustavo F. Padovan bh_unlock_sock(sk); 45150a708f8fSGustavo F. Padovan continue; 45160a708f8fSGustavo F. Padovan } 45170a708f8fSGustavo F. Padovan 451889bc500eSGustavo F. Padovan if (chan->state == BT_CONNECT) { 45190a708f8fSGustavo F. Padovan if (!status) { 45200a708f8fSGustavo F. Padovan struct l2cap_conn_req req; 4521fe4128e0SGustavo F. Padovan req.scid = cpu_to_le16(chan->scid); 4522fe4128e0SGustavo F. Padovan req.psm = chan->psm; 45230a708f8fSGustavo F. Padovan 4524fc7f8a7eSGustavo F. Padovan chan->ident = l2cap_get_ident(conn); 4525c1360a1cSGustavo F. Padovan set_bit(CONF_CONNECT_PEND, &chan->conf_state); 45260a708f8fSGustavo F. Padovan 4527fc7f8a7eSGustavo F. Padovan l2cap_send_cmd(conn, chan->ident, 45280a708f8fSGustavo F. Padovan L2CAP_CONN_REQ, sizeof(req), &req); 45290a708f8fSGustavo F. Padovan } else { 4530c9b66675SGustavo F. Padovan __clear_chan_timer(chan); 4531c9b66675SGustavo F. Padovan __set_chan_timer(chan, HZ / 10); 45320a708f8fSGustavo F. Padovan } 453389bc500eSGustavo F. Padovan } else if (chan->state == BT_CONNECT2) { 45340a708f8fSGustavo F. Padovan struct l2cap_conn_rsp rsp; 4535df3c3931SJohan Hedberg __u16 res, stat; 45360a708f8fSGustavo F. Padovan 45370a708f8fSGustavo F. Padovan if (!status) { 4538df3c3931SJohan Hedberg if (bt_sk(sk)->defer_setup) { 4539df3c3931SJohan Hedberg struct sock *parent = bt_sk(sk)->parent; 4540df3c3931SJohan Hedberg res = L2CAP_CR_PEND; 4541df3c3931SJohan Hedberg stat = L2CAP_CS_AUTHOR_PEND; 454205e9a2f6SIlia Kolomisnky if (parent) 4543df3c3931SJohan Hedberg parent->sk_data_ready(parent, 0); 4544df3c3931SJohan Hedberg } else { 454589bc500eSGustavo F. Padovan l2cap_state_change(chan, BT_CONFIG); 4546df3c3931SJohan Hedberg res = L2CAP_CR_SUCCESS; 4547df3c3931SJohan Hedberg stat = L2CAP_CS_NO_INFO; 4548df3c3931SJohan Hedberg } 45490a708f8fSGustavo F. Padovan } else { 455089bc500eSGustavo F. Padovan l2cap_state_change(chan, BT_DISCONN); 4551c9b66675SGustavo F. Padovan __set_chan_timer(chan, HZ / 10); 4552df3c3931SJohan Hedberg res = L2CAP_CR_SEC_BLOCK; 4553df3c3931SJohan Hedberg stat = L2CAP_CS_NO_INFO; 45540a708f8fSGustavo F. Padovan } 45550a708f8fSGustavo F. Padovan 4556fe4128e0SGustavo F. Padovan rsp.scid = cpu_to_le16(chan->dcid); 4557fe4128e0SGustavo F. Padovan rsp.dcid = cpu_to_le16(chan->scid); 4558df3c3931SJohan Hedberg rsp.result = cpu_to_le16(res); 4559df3c3931SJohan Hedberg rsp.status = cpu_to_le16(stat); 4560fc7f8a7eSGustavo F. Padovan l2cap_send_cmd(conn, chan->ident, L2CAP_CONN_RSP, 4561fc7f8a7eSGustavo F. Padovan sizeof(rsp), &rsp); 45620a708f8fSGustavo F. Padovan } 45630a708f8fSGustavo F. Padovan 45640a708f8fSGustavo F. Padovan bh_unlock_sock(sk); 45650a708f8fSGustavo F. Padovan } 45660a708f8fSGustavo F. Padovan 4567baa7e1faSGustavo F. Padovan read_unlock(&conn->chan_lock); 45680a708f8fSGustavo F. Padovan 45690a708f8fSGustavo F. Padovan return 0; 45700a708f8fSGustavo F. Padovan } 45710a708f8fSGustavo F. Padovan 45720a708f8fSGustavo F. Padovan static int l2cap_recv_acldata(struct hci_conn *hcon, struct sk_buff *skb, u16 flags) 45730a708f8fSGustavo F. Padovan { 45740a708f8fSGustavo F. Padovan struct l2cap_conn *conn = hcon->l2cap_data; 45750a708f8fSGustavo F. Padovan 45760a708f8fSGustavo F. Padovan if (!conn) 45770a708f8fSGustavo F. Padovan conn = l2cap_conn_add(hcon, 0); 45780a708f8fSGustavo F. Padovan 45790a708f8fSGustavo F. Padovan if (!conn) 45800a708f8fSGustavo F. Padovan goto drop; 45810a708f8fSGustavo F. Padovan 45820a708f8fSGustavo F. Padovan BT_DBG("conn %p len %d flags 0x%x", conn, skb->len, flags); 45830a708f8fSGustavo F. Padovan 45840a708f8fSGustavo F. Padovan if (!(flags & ACL_CONT)) { 45850a708f8fSGustavo F. Padovan struct l2cap_hdr *hdr; 458648454079SGustavo F. Padovan struct l2cap_chan *chan; 45870a708f8fSGustavo F. Padovan u16 cid; 45880a708f8fSGustavo F. Padovan int len; 45890a708f8fSGustavo F. Padovan 45900a708f8fSGustavo F. Padovan if (conn->rx_len) { 45910a708f8fSGustavo F. Padovan BT_ERR("Unexpected start frame (len %d)", skb->len); 45920a708f8fSGustavo F. Padovan kfree_skb(conn->rx_skb); 45930a708f8fSGustavo F. Padovan conn->rx_skb = NULL; 45940a708f8fSGustavo F. Padovan conn->rx_len = 0; 45950a708f8fSGustavo F. Padovan l2cap_conn_unreliable(conn, ECOMM); 45960a708f8fSGustavo F. Padovan } 45970a708f8fSGustavo F. Padovan 45980a708f8fSGustavo F. Padovan /* Start fragment always begin with Basic L2CAP header */ 45990a708f8fSGustavo F. Padovan if (skb->len < L2CAP_HDR_SIZE) { 46000a708f8fSGustavo F. Padovan BT_ERR("Frame is too short (len %d)", skb->len); 46010a708f8fSGustavo F. Padovan l2cap_conn_unreliable(conn, ECOMM); 46020a708f8fSGustavo F. Padovan goto drop; 46030a708f8fSGustavo F. Padovan } 46040a708f8fSGustavo F. Padovan 46050a708f8fSGustavo F. Padovan hdr = (struct l2cap_hdr *) skb->data; 46060a708f8fSGustavo F. Padovan len = __le16_to_cpu(hdr->len) + L2CAP_HDR_SIZE; 46070a708f8fSGustavo F. Padovan cid = __le16_to_cpu(hdr->cid); 46080a708f8fSGustavo F. Padovan 46090a708f8fSGustavo F. Padovan if (len == skb->len) { 46100a708f8fSGustavo F. Padovan /* Complete frame received */ 46110a708f8fSGustavo F. Padovan l2cap_recv_frame(conn, skb); 46120a708f8fSGustavo F. Padovan return 0; 46130a708f8fSGustavo F. Padovan } 46140a708f8fSGustavo F. Padovan 46150a708f8fSGustavo F. Padovan BT_DBG("Start: total len %d, frag len %d", len, skb->len); 46160a708f8fSGustavo F. Padovan 46170a708f8fSGustavo F. Padovan if (skb->len > len) { 46180a708f8fSGustavo F. Padovan BT_ERR("Frame is too long (len %d, expected len %d)", 46190a708f8fSGustavo F. Padovan skb->len, len); 46200a708f8fSGustavo F. Padovan l2cap_conn_unreliable(conn, ECOMM); 46210a708f8fSGustavo F. Padovan goto drop; 46220a708f8fSGustavo F. Padovan } 46230a708f8fSGustavo F. Padovan 4624baa7e1faSGustavo F. Padovan chan = l2cap_get_chan_by_scid(conn, cid); 46250a708f8fSGustavo F. Padovan 462648454079SGustavo F. Padovan if (chan && chan->sk) { 462748454079SGustavo F. Padovan struct sock *sk = chan->sk; 462848454079SGustavo F. Padovan 46290c1bc5c6SGustavo F. Padovan if (chan->imtu < len - L2CAP_HDR_SIZE) { 463048454079SGustavo F. Padovan BT_ERR("Frame exceeding recv MTU (len %d, " 463148454079SGustavo F. Padovan "MTU %d)", len, 46320c1bc5c6SGustavo F. Padovan chan->imtu); 46330a708f8fSGustavo F. Padovan bh_unlock_sock(sk); 46340a708f8fSGustavo F. Padovan l2cap_conn_unreliable(conn, ECOMM); 46350a708f8fSGustavo F. Padovan goto drop; 46360a708f8fSGustavo F. Padovan } 46370a708f8fSGustavo F. Padovan bh_unlock_sock(sk); 463848454079SGustavo F. Padovan } 46390a708f8fSGustavo F. Padovan 46400a708f8fSGustavo F. Padovan /* Allocate skb for the complete frame (with header) */ 46410a708f8fSGustavo F. Padovan conn->rx_skb = bt_skb_alloc(len, GFP_ATOMIC); 46420a708f8fSGustavo F. Padovan if (!conn->rx_skb) 46430a708f8fSGustavo F. Padovan goto drop; 46440a708f8fSGustavo F. Padovan 46450a708f8fSGustavo F. Padovan skb_copy_from_linear_data(skb, skb_put(conn->rx_skb, skb->len), 46460a708f8fSGustavo F. Padovan skb->len); 46470a708f8fSGustavo F. Padovan conn->rx_len = len - skb->len; 46480a708f8fSGustavo F. Padovan } else { 46490a708f8fSGustavo F. Padovan BT_DBG("Cont: frag len %d (expecting %d)", skb->len, conn->rx_len); 46500a708f8fSGustavo F. Padovan 46510a708f8fSGustavo F. Padovan if (!conn->rx_len) { 46520a708f8fSGustavo F. Padovan BT_ERR("Unexpected continuation frame (len %d)", skb->len); 46530a708f8fSGustavo F. Padovan l2cap_conn_unreliable(conn, ECOMM); 46540a708f8fSGustavo F. Padovan goto drop; 46550a708f8fSGustavo F. Padovan } 46560a708f8fSGustavo F. Padovan 46570a708f8fSGustavo F. Padovan if (skb->len > conn->rx_len) { 46580a708f8fSGustavo F. Padovan BT_ERR("Fragment is too long (len %d, expected %d)", 46590a708f8fSGustavo F. Padovan skb->len, conn->rx_len); 46600a708f8fSGustavo F. Padovan kfree_skb(conn->rx_skb); 46610a708f8fSGustavo F. Padovan conn->rx_skb = NULL; 46620a708f8fSGustavo F. Padovan conn->rx_len = 0; 46630a708f8fSGustavo F. Padovan l2cap_conn_unreliable(conn, ECOMM); 46640a708f8fSGustavo F. Padovan goto drop; 46650a708f8fSGustavo F. Padovan } 46660a708f8fSGustavo F. Padovan 46670a708f8fSGustavo F. Padovan skb_copy_from_linear_data(skb, skb_put(conn->rx_skb, skb->len), 46680a708f8fSGustavo F. Padovan skb->len); 46690a708f8fSGustavo F. Padovan conn->rx_len -= skb->len; 46700a708f8fSGustavo F. Padovan 46710a708f8fSGustavo F. Padovan if (!conn->rx_len) { 46720a708f8fSGustavo F. Padovan /* Complete frame received */ 46730a708f8fSGustavo F. Padovan l2cap_recv_frame(conn, conn->rx_skb); 46740a708f8fSGustavo F. Padovan conn->rx_skb = NULL; 46750a708f8fSGustavo F. Padovan } 46760a708f8fSGustavo F. Padovan } 46770a708f8fSGustavo F. Padovan 46780a708f8fSGustavo F. Padovan drop: 46790a708f8fSGustavo F. Padovan kfree_skb(skb); 46800a708f8fSGustavo F. Padovan return 0; 46810a708f8fSGustavo F. Padovan } 46820a708f8fSGustavo F. Padovan 46830a708f8fSGustavo F. Padovan static int l2cap_debugfs_show(struct seq_file *f, void *p) 46840a708f8fSGustavo F. Padovan { 468523691d75SGustavo F. Padovan struct l2cap_chan *c; 46860a708f8fSGustavo F. Padovan 468723691d75SGustavo F. Padovan read_lock_bh(&chan_list_lock); 46880a708f8fSGustavo F. Padovan 468923691d75SGustavo F. Padovan list_for_each_entry(c, &chan_list, global_l) { 469023691d75SGustavo F. Padovan struct sock *sk = c->sk; 46910a708f8fSGustavo F. Padovan 4692903d343eSGustavo F. Padovan seq_printf(f, "%s %s %d %d 0x%4.4x 0x%4.4x %d %d %d %d\n", 46930a708f8fSGustavo F. Padovan batostr(&bt_sk(sk)->src), 46940a708f8fSGustavo F. Padovan batostr(&bt_sk(sk)->dst), 469589bc500eSGustavo F. Padovan c->state, __le16_to_cpu(c->psm), 469623691d75SGustavo F. Padovan c->scid, c->dcid, c->imtu, c->omtu, 469723691d75SGustavo F. Padovan c->sec_level, c->mode); 46980a708f8fSGustavo F. Padovan } 46990a708f8fSGustavo F. Padovan 470023691d75SGustavo F. Padovan read_unlock_bh(&chan_list_lock); 47010a708f8fSGustavo F. Padovan 47020a708f8fSGustavo F. Padovan return 0; 47030a708f8fSGustavo F. Padovan } 47040a708f8fSGustavo F. Padovan 47050a708f8fSGustavo F. Padovan static int l2cap_debugfs_open(struct inode *inode, struct file *file) 47060a708f8fSGustavo F. Padovan { 47070a708f8fSGustavo F. Padovan return single_open(file, l2cap_debugfs_show, inode->i_private); 47080a708f8fSGustavo F. Padovan } 47090a708f8fSGustavo F. Padovan 47100a708f8fSGustavo F. Padovan static const struct file_operations l2cap_debugfs_fops = { 47110a708f8fSGustavo F. Padovan .open = l2cap_debugfs_open, 47120a708f8fSGustavo F. Padovan .read = seq_read, 47130a708f8fSGustavo F. Padovan .llseek = seq_lseek, 47140a708f8fSGustavo F. Padovan .release = single_release, 47150a708f8fSGustavo F. Padovan }; 47160a708f8fSGustavo F. Padovan 47170a708f8fSGustavo F. Padovan static struct dentry *l2cap_debugfs; 47180a708f8fSGustavo F. Padovan 47190a708f8fSGustavo F. Padovan static struct hci_proto l2cap_hci_proto = { 47200a708f8fSGustavo F. Padovan .name = "L2CAP", 47210a708f8fSGustavo F. Padovan .id = HCI_PROTO_L2CAP, 47220a708f8fSGustavo F. Padovan .connect_ind = l2cap_connect_ind, 47230a708f8fSGustavo F. Padovan .connect_cfm = l2cap_connect_cfm, 47240a708f8fSGustavo F. Padovan .disconn_ind = l2cap_disconn_ind, 47250a708f8fSGustavo F. Padovan .disconn_cfm = l2cap_disconn_cfm, 47260a708f8fSGustavo F. Padovan .security_cfm = l2cap_security_cfm, 47270a708f8fSGustavo F. Padovan .recv_acldata = l2cap_recv_acldata 47280a708f8fSGustavo F. Padovan }; 47290a708f8fSGustavo F. Padovan 473064274518SGustavo F. Padovan int __init l2cap_init(void) 47310a708f8fSGustavo F. Padovan { 47320a708f8fSGustavo F. Padovan int err; 47330a708f8fSGustavo F. Padovan 4734bb58f747SGustavo F. Padovan err = l2cap_init_sockets(); 47350a708f8fSGustavo F. Padovan if (err < 0) 47360a708f8fSGustavo F. Padovan return err; 47370a708f8fSGustavo F. Padovan 47380a708f8fSGustavo F. Padovan err = hci_register_proto(&l2cap_hci_proto); 47390a708f8fSGustavo F. Padovan if (err < 0) { 47400a708f8fSGustavo F. Padovan BT_ERR("L2CAP protocol registration failed"); 47410a708f8fSGustavo F. Padovan bt_sock_unregister(BTPROTO_L2CAP); 47420a708f8fSGustavo F. Padovan goto error; 47430a708f8fSGustavo F. Padovan } 47440a708f8fSGustavo F. Padovan 47450a708f8fSGustavo F. Padovan if (bt_debugfs) { 47460a708f8fSGustavo F. Padovan l2cap_debugfs = debugfs_create_file("l2cap", 0444, 47470a708f8fSGustavo F. Padovan bt_debugfs, NULL, &l2cap_debugfs_fops); 47480a708f8fSGustavo F. Padovan if (!l2cap_debugfs) 47490a708f8fSGustavo F. Padovan BT_ERR("Failed to create L2CAP debug file"); 47500a708f8fSGustavo F. Padovan } 47510a708f8fSGustavo F. Padovan 47520a708f8fSGustavo F. Padovan return 0; 47530a708f8fSGustavo F. Padovan 47540a708f8fSGustavo F. Padovan error: 4755bb58f747SGustavo F. Padovan l2cap_cleanup_sockets(); 47560a708f8fSGustavo F. Padovan return err; 47570a708f8fSGustavo F. Padovan } 47580a708f8fSGustavo F. Padovan 475964274518SGustavo F. Padovan void l2cap_exit(void) 47600a708f8fSGustavo F. Padovan { 47610a708f8fSGustavo F. Padovan debugfs_remove(l2cap_debugfs); 47620a708f8fSGustavo F. Padovan 47630a708f8fSGustavo F. Padovan if (hci_unregister_proto(&l2cap_hci_proto) < 0) 47640a708f8fSGustavo F. Padovan BT_ERR("L2CAP protocol unregistration failed"); 47650a708f8fSGustavo F. Padovan 4766bb58f747SGustavo F. Padovan l2cap_cleanup_sockets(); 47670a708f8fSGustavo F. Padovan } 47680a708f8fSGustavo F. Padovan 47690a708f8fSGustavo F. Padovan module_param(disable_ertm, bool, 0644); 47700a708f8fSGustavo F. Padovan MODULE_PARM_DESC(disable_ertm, "Disable enhanced retransmission mode"); 4771a5fd6f30SAndrei Emeltchenko 4772a5fd6f30SAndrei Emeltchenko module_param(enable_hs, bool, 0644); 4773a5fd6f30SAndrei Emeltchenko MODULE_PARM_DESC(enable_hs, "Enable High Speed"); 4774