Linaro Git Browser
Code Review Sign In
review.linaro.org / kernel / linux-linaro-stable.git / 39d5a3ee355fa903ef4609402c79f570eb9fc4d2 / . / net / bluetooth / l2cap_core.c
blob: 9580d6cd55daf17fc3225978db4e23137f3c5e5d [file] [log] [blame]
YOSHIFUJI Hideaki8e87d142007-02-09 23:24:33 +0900[diff] [blame]1/*
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
Gustavo F. Padovance5706b2010-07-13 11:57:11 -0300[diff] [blame]4 Copyright (C) 2009-2010 Gustavo F. Padovan <gustavo@padovan.org>
Gustavo F. Padovan5d8868f2010-07-16 16:18:39 -0300[diff] [blame]5 Copyright (C) 2010 Google Inc.
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]6
7 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
8
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License version 2 as
11 published by the Free Software Foundation;
12
13 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
14 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
15 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
16 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
YOSHIFUJI Hideaki8e87d142007-02-09 23:24:33 +0900[diff] [blame]17 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
18 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
19 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]20 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
21
YOSHIFUJI Hideaki8e87d142007-02-09 23:24:33 +0900[diff] [blame]22 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
23 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]24 SOFTWARE IS DISCLAIMED.
25*/
26
Gustavo F. Padovanbb58f742011-02-03 20:50:35 -0200[diff] [blame]27/* Bluetooth L2CAP core. */
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]28
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]29#include <linux/module.h>
30
31#include <linux/types.h>
Randy Dunlap4fc268d2006-01-11 12:17:47 -0800[diff] [blame]32#include <linux/capability.h>
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]33#include <linux/errno.h>
34#include <linux/kernel.h>
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]35#include <linux/sched.h>
36#include <linux/slab.h>
37#include <linux/poll.h>
38#include <linux/fcntl.h>
39#include <linux/init.h>
40#include <linux/interrupt.h>
41#include <linux/socket.h>
42#include <linux/skbuff.h>
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]43#include <linux/list.h>
Marcel Holtmannbe9d1222005-11-08 09:57:38 -0800[diff] [blame]44#include <linux/device.h>
Marcel Holtmannaef7d972010-03-21 05:27:45 +0100[diff] [blame]45#include <linux/debugfs.h>
46#include <linux/seq_file.h>
Gustavo F. Padovanaf05b30b2009-04-20 01:31:08 -0300[diff] [blame]47#include <linux/uaccess.h>
Gustavo F. Padovanfcc203c2009-08-20 22:26:02 -0300[diff] [blame]48#include <linux/crc16.h>
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]49#include <net/sock.h>
50
51#include <asm/system.h>
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]52#include <asm/unaligned.h>
53
54#include <net/bluetooth/bluetooth.h>
55#include <net/bluetooth/hci_core.h>
56#include <net/bluetooth/l2cap.h>
57
Gustavo F. Padovanbb58f742011-02-03 20:50:35 -0200[diff] [blame]58int disable_ertm;
Marcel Holtmannf0709e02007-10-20 13:38:51 +0200[diff] [blame]59
Marcel Holtmann47ec1dcd2009-05-02 18:57:55 -0700[diff] [blame]60static u32 l2cap_feat_mask = L2CAP_FEAT_FIXED_CHAN;
Marcel Holtmanne1027a72009-02-09 09:18:02 +0100[diff] [blame]61static u8 l2cap_fixed_chan[8] = { 0x02, };
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]62
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]63static struct workqueue_struct *_busy_wq;
64
Gustavo F. Padovanbb58f742011-02-03 20:50:35 -0200[diff] [blame]65struct bt_sock_list l2cap_sk_list = {
Robert P. J. Dayd5fb2962008-03-28 16:17:38 -0700[diff] [blame]66 .lock = __RW_LOCK_UNLOCKED(l2cap_sk_list.lock)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]67};
68
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]69static void l2cap_busy_work(struct work_struct *work);
70
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]71static struct sk_buff *l2cap_build_cmd(struct l2cap_conn *conn,
72 u8 code, u8 ident, u16 dlen, void *data);
Gustavo F. Padovan710f9b02011-03-25 14:30:37 -0300[diff] [blame]73static int l2cap_build_conf_req(struct l2cap_chan *chan, void *data);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]74
Gustavo F. Padovan218bb9d2010-06-21 18:53:22 -0300[diff] [blame]75static int l2cap_ertm_data_rcv(struct sock *sk, struct sk_buff *skb);
76
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]77/* ---- L2CAP channels ---- */
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]78static struct l2cap_chan *__l2cap_get_chan_by_dcid(struct l2cap_conn *conn, u16 cid)
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]79{
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]80 struct l2cap_chan *c;
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]81
82 list_for_each_entry(c, &conn->chan_l, list) {
83 struct sock *s = c->sk;
84 if (l2cap_pi(s)->dcid == cid)
85 return c;
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]86 }
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]87 return NULL;
88
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]89}
90
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]91static struct l2cap_chan *__l2cap_get_chan_by_scid(struct l2cap_conn *conn, u16 cid)
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]92{
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]93 struct l2cap_chan *c;
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]94
95 list_for_each_entry(c, &conn->chan_l, list) {
96 struct sock *s = c->sk;
97 if (l2cap_pi(s)->scid == cid)
98 return c;
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]99 }
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]100 return NULL;
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]101}
102
103/* Find channel with given SCID.
104 * Returns locked socket */
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]105static struct l2cap_chan *l2cap_get_chan_by_scid(struct l2cap_conn *conn, u16 cid)
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]106{
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]107 struct l2cap_chan *c;
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]108
109 read_lock(&conn->chan_lock);
110 c = __l2cap_get_chan_by_scid(conn, cid);
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]111 if (c)
112 bh_lock_sock(c->sk);
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]113 read_unlock(&conn->chan_lock);
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]114 return c;
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]115}
116
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]117static struct l2cap_chan *__l2cap_get_chan_by_ident(struct l2cap_conn *conn, u8 ident)
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]118{
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]119 struct l2cap_chan *c;
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]120
121 list_for_each_entry(c, &conn->chan_l, list) {
Gustavo F. Padovanfc7f8a72011-03-25 13:59:37 -0300[diff] [blame]122 if (c->ident == ident)
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]123 return c;
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]124 }
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]125 return NULL;
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]126}
127
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]128static inline struct l2cap_chan *l2cap_get_chan_by_ident(struct l2cap_conn *conn, u8 ident)
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]129{
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]130 struct l2cap_chan *c;
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]131
132 read_lock(&conn->chan_lock);
133 c = __l2cap_get_chan_by_ident(conn, ident);
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]134 if (c)
135 bh_lock_sock(c->sk);
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]136 read_unlock(&conn->chan_lock);
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]137 return c;
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]138}
139
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]140static u16 l2cap_alloc_cid(struct l2cap_conn *conn)
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]141{
Gustavo F. Padovan8db4dc42009-04-20 01:31:05 -0300[diff] [blame]142 u16 cid = L2CAP_CID_DYN_START;
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]143
Gustavo F. Padovan8db4dc42009-04-20 01:31:05 -0300[diff] [blame]144 for (; cid < L2CAP_CID_DYN_END; cid++) {
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]145 if (!__l2cap_get_chan_by_scid(conn, cid))
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]146 return cid;
147 }
148
149 return 0;
150}
151
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]152static struct l2cap_chan *l2cap_chan_alloc(struct sock *sk)
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]153{
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]154 struct l2cap_chan *chan;
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]155
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]156 chan = kzalloc(sizeof(*chan), GFP_ATOMIC);
157 if (!chan)
158 return NULL;
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]159
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]160 chan->sk = sk;
161
162 return chan;
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]163}
164
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]165static void __l2cap_chan_add(struct l2cap_conn *conn, struct l2cap_chan *chan)
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]166{
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]167 struct sock *sk = chan->sk;
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]168
Gustavo F. Padovanaf05b30b2009-04-20 01:31:08 -0300[diff] [blame]169 BT_DBG("conn %p, psm 0x%2.2x, dcid 0x%4.4x", conn,
170 l2cap_pi(sk)->psm, l2cap_pi(sk)->dcid);
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]171
Marcel Holtmann2950f212009-02-12 14:02:50 +0100[diff] [blame]172 conn->disc_reason = 0x13;
173
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]174 l2cap_pi(sk)->conn = conn;
175
Gustavo F. Padovanbd3c9e22010-05-01 16:15:42 -0300[diff] [blame]176 if (sk->sk_type == SOCK_SEQPACKET || sk->sk_type == SOCK_STREAM) {
Ville Tervob62f3282011-02-10 22:38:50 -0300[diff] [blame]177 if (conn->hcon->type == LE_LINK) {
178 /* LE connection */
179 l2cap_pi(sk)->omtu = L2CAP_LE_DEFAULT_MTU;
180 l2cap_pi(sk)->scid = L2CAP_CID_LE_DATA;
181 l2cap_pi(sk)->dcid = L2CAP_CID_LE_DATA;
182 } else {
183 /* Alloc CID for connection-oriented socket */
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]184 l2cap_pi(sk)->scid = l2cap_alloc_cid(conn);
Ville Tervob62f3282011-02-10 22:38:50 -0300[diff] [blame]185 l2cap_pi(sk)->omtu = L2CAP_DEFAULT_MTU;
186 }
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]187 } else if (sk->sk_type == SOCK_DGRAM) {
188 /* Connectionless socket */
Gustavo F. Padovan8db4dc42009-04-20 01:31:05 -0300[diff] [blame]189 l2cap_pi(sk)->scid = L2CAP_CID_CONN_LESS;
190 l2cap_pi(sk)->dcid = L2CAP_CID_CONN_LESS;
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]191 l2cap_pi(sk)->omtu = L2CAP_DEFAULT_MTU;
192 } else {
193 /* Raw socket can send/recv signalling messages only */
Gustavo F. Padovan8db4dc42009-04-20 01:31:05 -0300[diff] [blame]194 l2cap_pi(sk)->scid = L2CAP_CID_SIGNALING;
195 l2cap_pi(sk)->dcid = L2CAP_CID_SIGNALING;
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]196 l2cap_pi(sk)->omtu = L2CAP_DEFAULT_MTU;
197 }
198
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]199 sock_hold(sk);
200
201 list_add(&chan->list, &conn->chan_l);
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]202}
203
YOSHIFUJI Hideaki8e87d142007-02-09 23:24:33 +0900[diff] [blame]204/* Delete channel.
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]205 * Must be called on the locked socket. */
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]206void l2cap_chan_del(struct l2cap_chan *chan, int err)
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]207{
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]208 struct sock *sk = chan->sk;
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]209 struct l2cap_conn *conn = l2cap_pi(sk)->conn;
210 struct sock *parent = bt_sk(sk)->parent;
211
212 l2cap_sock_clear_timer(sk);
213
214 BT_DBG("sk %p, conn %p, err %d", sk, conn, err);
215
YOSHIFUJI Hideaki8e87d142007-02-09 23:24:33 +0900[diff] [blame]216 if (conn) {
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]217 /* Delete from channel list */
218 write_lock_bh(&conn->chan_lock);
219 list_del(&chan->list);
220 write_unlock_bh(&conn->chan_lock);
221 __sock_put(sk);
222
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]223 l2cap_pi(sk)->conn = NULL;
224 hci_conn_put(conn->hcon);
225 }
226
Marcel Holtmannb1235d72008-07-14 20:13:54 +0200[diff] [blame]227 sk->sk_state = BT_CLOSED;
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]228 sock_set_flag(sk, SOCK_ZAPPED);
229
230 if (err)
231 sk->sk_err = err;
232
233 if (parent) {
234 bt_accept_unlink(sk);
235 parent->sk_data_ready(parent, 0);
236 } else
237 sk->sk_state_change(sk);
Gustavo F. Padovanc13ffa62010-05-13 20:50:12 -0300[diff] [blame]238
Gustavo F. Padovan2ead70b2011-04-01 15:13:36 -0300[diff] [blame]239 if (!(l2cap_pi(sk)->conf_state & L2CAP_CONF_OUTPUT_DONE &&
240 l2cap_pi(sk)->conf_state & L2CAP_CONF_INPUT_DONE))
241 goto free;
242
Gustavo F. Padovanc13ffa62010-05-13 20:50:12 -0300[diff] [blame]243 skb_queue_purge(TX_QUEUE(sk));
244
245 if (l2cap_pi(sk)->mode == L2CAP_MODE_ERTM) {
246 struct srej_list *l, *tmp;
247
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]248 del_timer(&chan->retrans_timer);
249 del_timer(&chan->monitor_timer);
250 del_timer(&chan->ack_timer);
Gustavo F. Padovanc13ffa62010-05-13 20:50:12 -0300[diff] [blame]251
Gustavo F. Padovanf1c67752011-03-25 20:36:10 -0300[diff] [blame]252 skb_queue_purge(&chan->srej_q);
253 skb_queue_purge(&chan->busy_q);
Gustavo F. Padovanc13ffa62010-05-13 20:50:12 -0300[diff] [blame]254
Gustavo F. Padovan39d5a3e2011-04-04 15:40:12 -0300[diff] [blame^]255 list_for_each_entry_safe(l, tmp, &chan->srej_l, list) {
Gustavo F. Padovanc13ffa62010-05-13 20:50:12 -0300[diff] [blame]256 list_del(&l->list);
257 kfree(l);
258 }
259 }
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]260
Gustavo F. Padovan2ead70b2011-04-01 15:13:36 -0300[diff] [blame]261free:
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]262 kfree(chan);
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]263}
264
Johan Hedberg8556edd32011-01-19 12:06:50 +0530[diff] [blame]265static inline u8 l2cap_get_auth_type(struct sock *sk)
266{
267 if (sk->sk_type == SOCK_RAW) {
268 switch (l2cap_pi(sk)->sec_level) {
269 case BT_SECURITY_HIGH:
270 return HCI_AT_DEDICATED_BONDING_MITM;
271 case BT_SECURITY_MEDIUM:
272 return HCI_AT_DEDICATED_BONDING;
273 default:
274 return HCI_AT_NO_BONDING;
275 }
276 } else if (l2cap_pi(sk)->psm == cpu_to_le16(0x0001)) {
277 if (l2cap_pi(sk)->sec_level == BT_SECURITY_LOW)
278 l2cap_pi(sk)->sec_level = BT_SECURITY_SDP;
279
280 if (l2cap_pi(sk)->sec_level == BT_SECURITY_HIGH)
281 return HCI_AT_NO_BONDING_MITM;
282 else
283 return HCI_AT_NO_BONDING;
284 } else {
285 switch (l2cap_pi(sk)->sec_level) {
286 case BT_SECURITY_HIGH:
287 return HCI_AT_GENERAL_BONDING_MITM;
288 case BT_SECURITY_MEDIUM:
289 return HCI_AT_GENERAL_BONDING;
290 default:
291 return HCI_AT_NO_BONDING;
292 }
293 }
294}
295
Marcel Holtmann79d554a2008-07-14 20:13:44 +0200[diff] [blame]296/* Service level security */
Marcel Holtmann2af6b9d2009-01-15 21:58:38 +0100[diff] [blame]297static inline int l2cap_check_security(struct sock *sk)
Marcel Holtmann79d554a2008-07-14 20:13:44 +0200[diff] [blame]298{
299 struct l2cap_conn *conn = l2cap_pi(sk)->conn;
Marcel Holtmann0684e5f2009-02-09 02:48:38 +0100[diff] [blame]300 __u8 auth_type;
Marcel Holtmann79d554a2008-07-14 20:13:44 +0200[diff] [blame]301
Johan Hedberg8556edd32011-01-19 12:06:50 +0530[diff] [blame]302 auth_type = l2cap_get_auth_type(sk);
Marcel Holtmann0684e5f2009-02-09 02:48:38 +0100[diff] [blame]303
304 return hci_conn_security(conn->hcon, l2cap_pi(sk)->sec_level,
305 auth_type);
Marcel Holtmann79d554a2008-07-14 20:13:44 +0200[diff] [blame]306}
307
Gustavo F. Padovan68983252011-02-04 03:02:31 -0200[diff] [blame]308u8 l2cap_get_ident(struct l2cap_conn *conn)
Marcel Holtmann4e8402a2007-10-20 13:37:56 +0200[diff] [blame]309{
310 u8 id;
311
312 /* Get next available identificator.
313 * 1 - 128 are used by kernel.
314 * 129 - 199 are reserved.
315 * 200 - 254 are used by utilities like l2ping, etc.
316 */
317
318 spin_lock_bh(&conn->lock);
319
320 if (++conn->tx_ident > 128)
321 conn->tx_ident = 1;
322
323 id = conn->tx_ident;
324
325 spin_unlock_bh(&conn->lock);
326
327 return id;
328}
329
Gustavo F. Padovan68983252011-02-04 03:02:31 -0200[diff] [blame]330void l2cap_send_cmd(struct l2cap_conn *conn, u8 ident, u8 code, u16 len, void *data)
Marcel Holtmann4e8402a2007-10-20 13:37:56 +0200[diff] [blame]331{
332 struct sk_buff *skb = l2cap_build_cmd(conn, code, ident, len, data);
Andrei Emeltchenkoe7021122011-01-03 11:14:36 +0200[diff] [blame]333 u8 flags;
Marcel Holtmann4e8402a2007-10-20 13:37:56 +0200[diff] [blame]334
335 BT_DBG("code 0x%2.2x", code);
336
337 if (!skb)
Gustavo F. Padovan9a9c6a32010-05-01 16:15:43 -0300[diff] [blame]338 return;
Marcel Holtmann4e8402a2007-10-20 13:37:56 +0200[diff] [blame]339
Andrei Emeltchenkoe7021122011-01-03 11:14:36 +0200[diff] [blame]340 if (lmp_no_flush_capable(conn->hcon->hdev))
341 flags = ACL_START_NO_FLUSH;
342 else
343 flags = ACL_START;
344
345 hci_send_acl(conn->hcon, skb, flags);
Marcel Holtmann4e8402a2007-10-20 13:37:56 +0200[diff] [blame]346}
347
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]348static inline void l2cap_send_sframe(struct l2cap_chan *chan, u16 control)
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]349{
350 struct sk_buff *skb;
351 struct l2cap_hdr *lh;
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]352 struct l2cap_pinfo *pi = l2cap_pi(chan->sk);
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]353 struct l2cap_conn *conn = pi->conn;
Gustavo F. Padovanc13ffa62010-05-13 20:50:12 -0300[diff] [blame]354 struct sock *sk = (struct sock *)pi;
Gustavo F. Padovanfcc203c2009-08-20 22:26:02 -0300[diff] [blame]355 int count, hlen = L2CAP_HDR_SIZE + 2;
Andrei Emeltchenkoe7021122011-01-03 11:14:36 +0200[diff] [blame]356 u8 flags;
Gustavo F. Padovanfcc203c2009-08-20 22:26:02 -0300[diff] [blame]357
Gustavo F. Padovanc13ffa62010-05-13 20:50:12 -0300[diff] [blame]358 if (sk->sk_state != BT_CONNECTED)
359 return;
360
Gustavo F. Padovanfcc203c2009-08-20 22:26:02 -0300[diff] [blame]361 if (pi->fcs == L2CAP_FCS_CRC16)
362 hlen += 2;
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]363
364 BT_DBG("pi %p, control 0x%2.2x", pi, control);
365
Gustavo F. Padovanfcc203c2009-08-20 22:26:02 -0300[diff] [blame]366 count = min_t(unsigned int, conn->mtu, hlen);
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]367 control |= L2CAP_CTRL_FRAME_TYPE;
368
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]369 if (chan->conn_state & L2CAP_CONN_SEND_FBIT) {
Gustavo F. Padovan9e917af2010-05-01 16:15:37 -0300[diff] [blame]370 control |= L2CAP_CTRL_FINAL;
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]371 chan->conn_state &= ~L2CAP_CONN_SEND_FBIT;
Gustavo F. Padovan9e917af2010-05-01 16:15:37 -0300[diff] [blame]372 }
373
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]374 if (chan->conn_state & L2CAP_CONN_SEND_PBIT) {
Gustavo F. Padovanf0946cc2010-05-01 16:15:37 -0300[diff] [blame]375 control |= L2CAP_CTRL_POLL;
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]376 chan->conn_state &= ~L2CAP_CONN_SEND_PBIT;
Gustavo F. Padovanf0946cc2010-05-01 16:15:37 -0300[diff] [blame]377 }
378
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]379 skb = bt_skb_alloc(count, GFP_ATOMIC);
380 if (!skb)
Gustavo F. Padovan9a9c6a32010-05-01 16:15:43 -0300[diff] [blame]381 return;
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]382
383 lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE);
Gustavo F. Padovanfcc203c2009-08-20 22:26:02 -0300[diff] [blame]384 lh->len = cpu_to_le16(hlen - L2CAP_HDR_SIZE);
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]385 lh->cid = cpu_to_le16(pi->dcid);
386 put_unaligned_le16(control, skb_put(skb, 2));
387
Gustavo F. Padovanfcc203c2009-08-20 22:26:02 -0300[diff] [blame]388 if (pi->fcs == L2CAP_FCS_CRC16) {
389 u16 fcs = crc16(0, (u8 *)lh, count - 2);
390 put_unaligned_le16(fcs, skb_put(skb, 2));
391 }
392
Andrei Emeltchenkoe7021122011-01-03 11:14:36 +0200[diff] [blame]393 if (lmp_no_flush_capable(conn->hcon->hdev))
394 flags = ACL_START_NO_FLUSH;
395 else
396 flags = ACL_START;
397
398 hci_send_acl(pi->conn->hcon, skb, flags);
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]399}
400
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]401static inline void l2cap_send_rr_or_rnr(struct l2cap_chan *chan, u16 control)
Gustavo F. Padovan7e743092009-08-26 04:04:03 -0300[diff] [blame]402{
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]403 if (chan->conn_state & L2CAP_CONN_LOCAL_BUSY) {
Gustavo F. Padovan7e743092009-08-26 04:04:03 -0300[diff] [blame]404 control |= L2CAP_SUPER_RCV_NOT_READY;
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]405 chan->conn_state |= L2CAP_CONN_RNR_SENT;
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]406 } else
Gustavo F. Padovan7e743092009-08-26 04:04:03 -0300[diff] [blame]407 control |= L2CAP_SUPER_RCV_READY;
408
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]409 control |= chan->buffer_seq << L2CAP_CTRL_REQSEQ_SHIFT;
Gustavo F. Padovan2ab25cd2009-10-03 02:34:40 -0300[diff] [blame]410
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]411 l2cap_send_sframe(chan, control);
Gustavo F. Padovan7e743092009-08-26 04:04:03 -0300[diff] [blame]412}
413
Andrei Emeltchenkoe501d052010-07-08 12:14:41 +0300[diff] [blame]414static inline int __l2cap_no_conn_pending(struct sock *sk)
415{
416 return !(l2cap_pi(sk)->conf_state & L2CAP_CONF_CONNECT_PEND);
417}
418
Gustavo F. Padovanfc7f8a72011-03-25 13:59:37 -0300[diff] [blame]419static void l2cap_do_start(struct l2cap_chan *chan)
Marcel Holtmann79d554a2008-07-14 20:13:44 +0200[diff] [blame]420{
Gustavo F. Padovanfc7f8a72011-03-25 13:59:37 -0300[diff] [blame]421 struct sock *sk = chan->sk;
Marcel Holtmann79d554a2008-07-14 20:13:44 +0200[diff] [blame]422 struct l2cap_conn *conn = l2cap_pi(sk)->conn;
423
424 if (conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_SENT) {
Marcel Holtmann984947d2009-02-06 23:35:19 +0100[diff] [blame]425 if (!(conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_DONE))
426 return;
427
Andrei Emeltchenkoe501d052010-07-08 12:14:41 +0300[diff] [blame]428 if (l2cap_check_security(sk) && __l2cap_no_conn_pending(sk)) {
Marcel Holtmannb1235d72008-07-14 20:13:54 +0200[diff] [blame]429 struct l2cap_conn_req req;
430 req.scid = cpu_to_le16(l2cap_pi(sk)->scid);
431 req.psm = l2cap_pi(sk)->psm;
Marcel Holtmann79d554a2008-07-14 20:13:44 +0200[diff] [blame]432
Gustavo F. Padovanfc7f8a72011-03-25 13:59:37 -0300[diff] [blame]433 chan->ident = l2cap_get_ident(conn);
Andrei Emeltchenkoe501d052010-07-08 12:14:41 +0300[diff] [blame]434 l2cap_pi(sk)->conf_state |= L2CAP_CONF_CONNECT_PEND;
Marcel Holtmann79d554a2008-07-14 20:13:44 +0200[diff] [blame]435
Gustavo F. Padovanfc7f8a72011-03-25 13:59:37 -0300[diff] [blame]436 l2cap_send_cmd(conn, chan->ident, L2CAP_CONN_REQ,
437 sizeof(req), &req);
Marcel Holtmannb1235d72008-07-14 20:13:54 +0200[diff] [blame]438 }
Marcel Holtmann79d554a2008-07-14 20:13:44 +0200[diff] [blame]439 } else {
440 struct l2cap_info_req req;
441 req.type = cpu_to_le16(L2CAP_IT_FEAT_MASK);
442
443 conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_SENT;
444 conn->info_ident = l2cap_get_ident(conn);
445
446 mod_timer(&conn->info_timer, jiffies +
447 msecs_to_jiffies(L2CAP_INFO_TIMEOUT));
448
449 l2cap_send_cmd(conn, conn->info_ident,
450 L2CAP_INFO_REQ, sizeof(req), &req);
451 }
452}
453
Gustavo F. Padovancf6c2c02010-06-07 20:54:45 -0300[diff] [blame]454static inline int l2cap_mode_supported(__u8 mode, __u32 feat_mask)
455{
456 u32 local_feat_mask = l2cap_feat_mask;
Gustavo F. Padovand1c4a172010-07-18 16:25:54 -0300[diff] [blame]457 if (!disable_ertm)
Gustavo F. Padovancf6c2c02010-06-07 20:54:45 -0300[diff] [blame]458 local_feat_mask |= L2CAP_FEAT_ERTM | L2CAP_FEAT_STREAMING;
459
460 switch (mode) {
461 case L2CAP_MODE_ERTM:
462 return L2CAP_FEAT_ERTM & feat_mask & local_feat_mask;
463 case L2CAP_MODE_STREAMING:
464 return L2CAP_FEAT_STREAMING & feat_mask & local_feat_mask;
465 default:
466 return 0x00;
467 }
468}
469
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]470void l2cap_send_disconn_req(struct l2cap_conn *conn, struct l2cap_chan *chan, int err)
Gustavo F. Padovan22121fc2009-07-23 10:27:23 -0300[diff] [blame]471{
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]472 struct sock *sk;
Gustavo F. Padovan22121fc2009-07-23 10:27:23 -0300[diff] [blame]473 struct l2cap_disconn_req req;
474
Gustavo F. Padovanc13ffa62010-05-13 20:50:12 -0300[diff] [blame]475 if (!conn)
476 return;
477
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]478 sk = chan->sk;
479
Gustavo F. Padovanc13ffa62010-05-13 20:50:12 -0300[diff] [blame]480 skb_queue_purge(TX_QUEUE(sk));
481
482 if (l2cap_pi(sk)->mode == L2CAP_MODE_ERTM) {
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]483 del_timer(&chan->retrans_timer);
484 del_timer(&chan->monitor_timer);
485 del_timer(&chan->ack_timer);
Gustavo F. Padovanc13ffa62010-05-13 20:50:12 -0300[diff] [blame]486 }
487
Gustavo F. Padovan22121fc2009-07-23 10:27:23 -0300[diff] [blame]488 req.dcid = cpu_to_le16(l2cap_pi(sk)->dcid);
489 req.scid = cpu_to_le16(l2cap_pi(sk)->scid);
490 l2cap_send_cmd(conn, l2cap_get_ident(conn),
491 L2CAP_DISCONN_REQ, sizeof(req), &req);
Gustavo F. Padovanc13ffa62010-05-13 20:50:12 -0300[diff] [blame]492
493 sk->sk_state = BT_DISCONN;
Gustavo F. Padovan9b108fc2010-05-20 16:21:53 -0300[diff] [blame]494 sk->sk_err = err;
Gustavo F. Padovan22121fc2009-07-23 10:27:23 -0300[diff] [blame]495}
496
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]497/* ---- L2CAP connections ---- */
Marcel Holtmann4e8402a2007-10-20 13:37:56 +0200[diff] [blame]498static void l2cap_conn_start(struct l2cap_conn *conn)
499{
Gustavo F. Padovan820ffdb2011-04-01 00:35:21 -0300[diff] [blame]500 struct l2cap_chan *chan, *tmp;
Marcel Holtmann4e8402a2007-10-20 13:37:56 +0200[diff] [blame]501
502 BT_DBG("conn %p", conn);
503
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]504 read_lock(&conn->chan_lock);
Marcel Holtmann4e8402a2007-10-20 13:37:56 +0200[diff] [blame]505
Gustavo F. Padovan820ffdb2011-04-01 00:35:21 -0300[diff] [blame]506 list_for_each_entry_safe(chan, tmp, &conn->chan_l, list) {
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]507 struct sock *sk = chan->sk;
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]508
Marcel Holtmann4e8402a2007-10-20 13:37:56 +0200[diff] [blame]509 bh_lock_sock(sk);
510
Gustavo F. Padovanbd3c9e22010-05-01 16:15:42 -0300[diff] [blame]511 if (sk->sk_type != SOCK_SEQPACKET &&
512 sk->sk_type != SOCK_STREAM) {
Marcel Holtmann79d554a2008-07-14 20:13:44 +0200[diff] [blame]513 bh_unlock_sock(sk);
514 continue;
515 }
516
517 if (sk->sk_state == BT_CONNECT) {
Gustavo F. Padovan47731de2010-07-09 16:38:35 -0300[diff] [blame]518 struct l2cap_conn_req req;
Gustavo F. Padovancf6c2c02010-06-07 20:54:45 -0300[diff] [blame]519
Gustavo F. Padovan47731de2010-07-09 16:38:35 -0300[diff] [blame]520 if (!l2cap_check_security(sk) ||
521 !__l2cap_no_conn_pending(sk)) {
522 bh_unlock_sock(sk);
523 continue;
Marcel Holtmannb1235d72008-07-14 20:13:54 +0200[diff] [blame]524 }
Gustavo F. Padovan47731de2010-07-09 16:38:35 -0300[diff] [blame]525
526 if (!l2cap_mode_supported(l2cap_pi(sk)->mode,
527 conn->feat_mask)
528 && l2cap_pi(sk)->conf_state &
529 L2CAP_CONF_STATE2_DEVICE) {
Gustavo F. Padovan820ffdb2011-04-01 00:35:21 -0300[diff] [blame]530 /* __l2cap_sock_close() calls list_del(chan)
531 * so release the lock */
532 read_unlock_bh(&conn->chan_lock);
533 __l2cap_sock_close(sk, ECONNRESET);
534 read_lock_bh(&conn->chan_lock);
Gustavo F. Padovan47731de2010-07-09 16:38:35 -0300[diff] [blame]535 bh_unlock_sock(sk);
536 continue;
537 }
538
539 req.scid = cpu_to_le16(l2cap_pi(sk)->scid);
540 req.psm = l2cap_pi(sk)->psm;
541
Gustavo F. Padovanfc7f8a72011-03-25 13:59:37 -0300[diff] [blame]542 chan->ident = l2cap_get_ident(conn);
Gustavo F. Padovan47731de2010-07-09 16:38:35 -0300[diff] [blame]543 l2cap_pi(sk)->conf_state |= L2CAP_CONF_CONNECT_PEND;
544
Gustavo F. Padovanfc7f8a72011-03-25 13:59:37 -0300[diff] [blame]545 l2cap_send_cmd(conn, chan->ident, L2CAP_CONN_REQ,
546 sizeof(req), &req);
Gustavo F. Padovan47731de2010-07-09 16:38:35 -0300[diff] [blame]547
Marcel Holtmann79d554a2008-07-14 20:13:44 +0200[diff] [blame]548 } else if (sk->sk_state == BT_CONNECT2) {
549 struct l2cap_conn_rsp rsp;
Gustavo F. Padovane9aeb2d2010-07-08 20:08:18 -0300[diff] [blame]550 char buf[128];
Marcel Holtmann79d554a2008-07-14 20:13:44 +0200[diff] [blame]551 rsp.scid = cpu_to_le16(l2cap_pi(sk)->dcid);
552 rsp.dcid = cpu_to_le16(l2cap_pi(sk)->scid);
553
Marcel Holtmann2af6b9d2009-01-15 21:58:38 +0100[diff] [blame]554 if (l2cap_check_security(sk)) {
Marcel Holtmannf66dc812009-01-15 21:57:00 +0100[diff] [blame]555 if (bt_sk(sk)->defer_setup) {
556 struct sock *parent = bt_sk(sk)->parent;
557 rsp.result = cpu_to_le16(L2CAP_CR_PEND);
558 rsp.status = cpu_to_le16(L2CAP_CS_AUTHOR_PEND);
559 parent->sk_data_ready(parent, 0);
560
561 } else {
562 sk->sk_state = BT_CONFIG;
563 rsp.result = cpu_to_le16(L2CAP_CR_SUCCESS);
564 rsp.status = cpu_to_le16(L2CAP_CS_NO_INFO);
565 }
Marcel Holtmann79d554a2008-07-14 20:13:44 +0200[diff] [blame]566 } else {
567 rsp.result = cpu_to_le16(L2CAP_CR_PEND);
568 rsp.status = cpu_to_le16(L2CAP_CS_AUTHEN_PEND);
569 }
570
Gustavo F. Padovanfc7f8a72011-03-25 13:59:37 -0300[diff] [blame]571 l2cap_send_cmd(conn, chan->ident, L2CAP_CONN_RSP,
572 sizeof(rsp), &rsp);
Gustavo F. Padovane9aeb2d2010-07-08 20:08:18 -0300[diff] [blame]573
574 if (l2cap_pi(sk)->conf_state & L2CAP_CONF_REQ_SENT ||
575 rsp.result != L2CAP_CR_SUCCESS) {
576 bh_unlock_sock(sk);
577 continue;
578 }
579
580 l2cap_pi(sk)->conf_state |= L2CAP_CONF_REQ_SENT;
581 l2cap_send_cmd(conn, l2cap_get_ident(conn), L2CAP_CONF_REQ,
Gustavo F. Padovan73ffa902011-03-25 14:16:54 -0300[diff] [blame]582 l2cap_build_conf_req(chan, buf), buf);
583 chan->num_conf_req++;
Marcel Holtmann79d554a2008-07-14 20:13:44 +0200[diff] [blame]584 }
585
586 bh_unlock_sock(sk);
587 }
588
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]589 read_unlock(&conn->chan_lock);
Marcel Holtmann79d554a2008-07-14 20:13:44 +0200[diff] [blame]590}
591
Ville Tervob62f3282011-02-10 22:38:50 -0300[diff] [blame]592/* Find socket with cid and source bdaddr.
593 * Returns closest match, locked.
594 */
595static struct sock *l2cap_get_sock_by_scid(int state, __le16 cid, bdaddr_t *src)
596{
597 struct sock *s, *sk = NULL, *sk1 = NULL;
598 struct hlist_node *node;
599
600 read_lock(&l2cap_sk_list.lock);
601
602 sk_for_each(sk, node, &l2cap_sk_list.head) {
603 if (state && sk->sk_state != state)
604 continue;
605
606 if (l2cap_pi(sk)->scid == cid) {
607 /* Exact match. */
608 if (!bacmp(&bt_sk(sk)->src, src))
609 break;
610
611 /* Closest match */
612 if (!bacmp(&bt_sk(sk)->src, BDADDR_ANY))
613 sk1 = sk;
614 }
615 }
616 s = node ? sk : sk1;
617 if (s)
618 bh_lock_sock(s);
619 read_unlock(&l2cap_sk_list.lock);
620
621 return s;
622}
623
624static void l2cap_le_conn_ready(struct l2cap_conn *conn)
625{
Ville Tervob62f3282011-02-10 22:38:50 -0300[diff] [blame]626 struct sock *parent, *uninitialized_var(sk);
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]627 struct l2cap_chan *chan;
Ville Tervob62f3282011-02-10 22:38:50 -0300[diff] [blame]628
629 BT_DBG("");
630
631 /* Check if we have socket listening on cid */
632 parent = l2cap_get_sock_by_scid(BT_LISTEN, L2CAP_CID_LE_DATA,
633 conn->src);
634 if (!parent)
635 return;
636
637 /* Check for backlog size */
638 if (sk_acceptq_is_full(parent)) {
639 BT_DBG("backlog full %d", parent->sk_ack_backlog);
640 goto clean;
641 }
642
643 sk = l2cap_sock_alloc(sock_net(parent), NULL, BTPROTO_L2CAP, GFP_ATOMIC);
644 if (!sk)
645 goto clean;
646
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]647 chan = l2cap_chan_alloc(sk);
648 if (!chan) {
649 l2cap_sock_kill(sk);
650 goto clean;
651 }
652
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]653 write_lock_bh(&conn->chan_lock);
Ville Tervob62f3282011-02-10 22:38:50 -0300[diff] [blame]654
655 hci_conn_hold(conn->hcon);
656
657 l2cap_sock_init(sk, parent);
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]658
Ville Tervob62f3282011-02-10 22:38:50 -0300[diff] [blame]659 bacpy(&bt_sk(sk)->src, conn->src);
660 bacpy(&bt_sk(sk)->dst, conn->dst);
661
Gustavo F. Padovand1010242011-03-25 00:39:48 -0300[diff] [blame]662 bt_accept_enqueue(parent, sk);
663
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]664 __l2cap_chan_add(conn, chan);
665
666 l2cap_pi(sk)->chan = chan;
Ville Tervob62f3282011-02-10 22:38:50 -0300[diff] [blame]667
668 l2cap_sock_set_timer(sk, sk->sk_sndtimeo);
669
670 sk->sk_state = BT_CONNECTED;
671 parent->sk_data_ready(parent, 0);
672
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]673 write_unlock_bh(&conn->chan_lock);
Ville Tervob62f3282011-02-10 22:38:50 -0300[diff] [blame]674
675clean:
676 bh_unlock_sock(parent);
677}
678
Marcel Holtmann79d554a2008-07-14 20:13:44 +0200[diff] [blame]679static void l2cap_conn_ready(struct l2cap_conn *conn)
680{
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]681 struct l2cap_chan *chan;
Marcel Holtmann79d554a2008-07-14 20:13:44 +0200[diff] [blame]682
683 BT_DBG("conn %p", conn);
684
Ville Tervob62f3282011-02-10 22:38:50 -0300[diff] [blame]685 if (!conn->hcon->out && conn->hcon->type == LE_LINK)
686 l2cap_le_conn_ready(conn);
687
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]688 read_lock(&conn->chan_lock);
Marcel Holtmann79d554a2008-07-14 20:13:44 +0200[diff] [blame]689
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]690 list_for_each_entry(chan, &conn->chan_l, list) {
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]691 struct sock *sk = chan->sk;
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]692
Marcel Holtmann79d554a2008-07-14 20:13:44 +0200[diff] [blame]693 bh_lock_sock(sk);
694
Ville Tervoacd7d372011-02-10 22:38:49 -0300[diff] [blame]695 if (conn->hcon->type == LE_LINK) {
696 l2cap_sock_clear_timer(sk);
697 sk->sk_state = BT_CONNECTED;
698 sk->sk_state_change(sk);
699 }
700
Gustavo F. Padovanbd3c9e22010-05-01 16:15:42 -0300[diff] [blame]701 if (sk->sk_type != SOCK_SEQPACKET &&
702 sk->sk_type != SOCK_STREAM) {
Marcel Holtmann4e8402a2007-10-20 13:37:56 +0200[diff] [blame]703 l2cap_sock_clear_timer(sk);
704 sk->sk_state = BT_CONNECTED;
705 sk->sk_state_change(sk);
Marcel Holtmann79d554a2008-07-14 20:13:44 +0200[diff] [blame]706 } else if (sk->sk_state == BT_CONNECT)
Gustavo F. Padovanfc7f8a72011-03-25 13:59:37 -0300[diff] [blame]707 l2cap_do_start(chan);
Marcel Holtmann4e8402a2007-10-20 13:37:56 +0200[diff] [blame]708
709 bh_unlock_sock(sk);
710 }
711
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]712 read_unlock(&conn->chan_lock);
Marcel Holtmann4e8402a2007-10-20 13:37:56 +0200[diff] [blame]713}
714
Marcel Holtmann4e8402a2007-10-20 13:37:56 +0200[diff] [blame]715/* Notify sockets that we cannot guaranty reliability anymore */
716static void l2cap_conn_unreliable(struct l2cap_conn *conn, int err)
717{
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]718 struct l2cap_chan *chan;
Marcel Holtmann4e8402a2007-10-20 13:37:56 +0200[diff] [blame]719
720 BT_DBG("conn %p", conn);
721
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]722 read_lock(&conn->chan_lock);
Marcel Holtmann4e8402a2007-10-20 13:37:56 +0200[diff] [blame]723
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]724 list_for_each_entry(chan, &conn->chan_l, list) {
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]725 struct sock *sk = chan->sk;
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]726
Marcel Holtmann2af6b9d2009-01-15 21:58:38 +0100[diff] [blame]727 if (l2cap_pi(sk)->force_reliable)
Marcel Holtmann4e8402a2007-10-20 13:37:56 +0200[diff] [blame]728 sk->sk_err = err;
729 }
730
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]731 read_unlock(&conn->chan_lock);
Marcel Holtmann4e8402a2007-10-20 13:37:56 +0200[diff] [blame]732}
733
734static void l2cap_info_timeout(unsigned long arg)
735{
736 struct l2cap_conn *conn = (void *) arg;
737
Marcel Holtmann984947d2009-02-06 23:35:19 +0100[diff] [blame]738 conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_DONE;
Marcel Holtmanne1027a72009-02-09 09:18:02 +0100[diff] [blame]739 conn->info_ident = 0;
Marcel Holtmann984947d2009-02-06 23:35:19 +0100[diff] [blame]740
Marcel Holtmann4e8402a2007-10-20 13:37:56 +0200[diff] [blame]741 l2cap_conn_start(conn);
742}
743
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]744static struct l2cap_conn *l2cap_conn_add(struct hci_conn *hcon, u8 status)
745{
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]746 struct l2cap_conn *conn = hcon->l2cap_data;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]747
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]748 if (conn || status)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]749 return conn;
750
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]751 conn = kzalloc(sizeof(struct l2cap_conn), GFP_ATOMIC);
752 if (!conn)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]753 return NULL;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]754
755 hcon->l2cap_data = conn;
756 conn->hcon = hcon;
757
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]758 BT_DBG("hcon %p conn %p", hcon, conn);
759
Ville Tervoacd7d372011-02-10 22:38:49 -0300[diff] [blame]760 if (hcon->hdev->le_mtu && hcon->type == LE_LINK)
761 conn->mtu = hcon->hdev->le_mtu;
762 else
763 conn->mtu = hcon->hdev->acl_mtu;
764
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]765 conn->src = &hcon->hdev->bdaddr;
766 conn->dst = &hcon->dst;
767
Marcel Holtmann4e8402a2007-10-20 13:37:56 +0200[diff] [blame]768 conn->feat_mask = 0;
769
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]770 spin_lock_init(&conn->lock);
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]771 rwlock_init(&conn->chan_lock);
772
773 INIT_LIST_HEAD(&conn->chan_l);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]774
Ville Tervob62f3282011-02-10 22:38:50 -0300[diff] [blame]775 if (hcon->type != LE_LINK)
776 setup_timer(&conn->info_timer, l2cap_info_timeout,
Dave Young45054dc2009-10-18 20:28:30 +0000[diff] [blame]777 (unsigned long) conn);
778
Marcel Holtmann2950f212009-02-12 14:02:50 +0100[diff] [blame]779 conn->disc_reason = 0x13;
780
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]781 return conn;
782}
783
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]784static void l2cap_conn_del(struct hci_conn *hcon, int err)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]785{
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]786 struct l2cap_conn *conn = hcon->l2cap_data;
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]787 struct l2cap_chan *chan, *l;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]788 struct sock *sk;
789
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]790 if (!conn)
791 return;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]792
793 BT_DBG("hcon %p conn %p, err %d", hcon, conn, err);
794
Wei Yongjun7585b972009-02-25 18:29:52 +0800[diff] [blame]795 kfree_skb(conn->rx_skb);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]796
797 /* Kill channels */
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]798 list_for_each_entry_safe(chan, l, &conn->chan_l, list) {
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]799 sk = chan->sk;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]800 bh_lock_sock(sk);
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]801 l2cap_chan_del(chan, err);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]802 bh_unlock_sock(sk);
803 l2cap_sock_kill(sk);
804 }
805
Dave Young8e8440f2008-03-03 12:18:55 -0800[diff] [blame]806 if (conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_SENT)
807 del_timer_sync(&conn->info_timer);
Thomas Gleixner3ab22732008-02-26 17:42:56 -0800[diff] [blame]808
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]809 hcon->l2cap_data = NULL;
810 kfree(conn);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]811}
812
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]813static inline void l2cap_chan_add(struct l2cap_conn *conn, struct l2cap_chan *chan)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]814{
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]815 write_lock_bh(&conn->chan_lock);
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]816 __l2cap_chan_add(conn, chan);
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]817 write_unlock_bh(&conn->chan_lock);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]818}
819
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]820/* ---- Socket interface ---- */
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]821
822/* Find socket with psm and source bdaddr.
823 * Returns closest match.
824 */
Gustavo F. Padovane0f0cb52010-11-01 18:43:53 +0000[diff] [blame]825static struct sock *l2cap_get_sock_by_psm(int state, __le16 psm, bdaddr_t *src)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]826{
827 struct sock *sk = NULL, *sk1 = NULL;
828 struct hlist_node *node;
829
Gustavo F. Padovane0f0cb52010-11-01 18:43:53 +0000[diff] [blame]830 read_lock(&l2cap_sk_list.lock);
831
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]832 sk_for_each(sk, node, &l2cap_sk_list.head) {
833 if (state && sk->sk_state != state)
834 continue;
835
836 if (l2cap_pi(sk)->psm == psm) {
837 /* Exact match. */
838 if (!bacmp(&bt_sk(sk)->src, src))
839 break;
840
841 /* Closest match */
842 if (!bacmp(&bt_sk(sk)->src, BDADDR_ANY))
843 sk1 = sk;
844 }
845 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]846
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]847 read_unlock(&l2cap_sk_list.lock);
Gustavo F. Padovane0f0cb52010-11-01 18:43:53 +0000[diff] [blame]848
849 return node ? sk : sk1;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]850}
851
Gustavo F. Padovan4e34c502011-02-04 02:56:13 -0200[diff] [blame]852int l2cap_do_connect(struct sock *sk)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]853{
854 bdaddr_t *src = &bt_sk(sk)->src;
855 bdaddr_t *dst = &bt_sk(sk)->dst;
856 struct l2cap_conn *conn;
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]857 struct l2cap_chan *chan;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]858 struct hci_conn *hcon;
859 struct hci_dev *hdev;
Marcel Holtmann09ab6f42008-09-09 07:19:20 +0200[diff] [blame]860 __u8 auth_type;
Marcel Holtmann44d0e482009-04-20 07:09:16 +0200[diff] [blame]861 int err;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]862
Marcel Holtmannf29972d2009-02-12 05:07:45 +0100[diff] [blame]863 BT_DBG("%s -> %s psm 0x%2.2x", batostr(src), batostr(dst),
864 l2cap_pi(sk)->psm);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]865
Gustavo F. Padovanaf05b30b2009-04-20 01:31:08 -0300[diff] [blame]866 hdev = hci_get_route(dst, src);
867 if (!hdev)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]868 return -EHOSTUNREACH;
869
870 hci_dev_lock_bh(hdev);
871
Johan Hedberg8556edd32011-01-19 12:06:50 +0530[diff] [blame]872 auth_type = l2cap_get_auth_type(sk);
Marcel Holtmann09ab6f42008-09-09 07:19:20 +0200[diff] [blame]873
Ville Tervoacd7d372011-02-10 22:38:49 -0300[diff] [blame]874 if (l2cap_pi(sk)->dcid == L2CAP_CID_LE_DATA)
875 hcon = hci_connect(hdev, LE_LINK, dst,
Marcel Holtmann2af6b9d2009-01-15 21:58:38 +0100[diff] [blame]876 l2cap_pi(sk)->sec_level, auth_type);
Ville Tervoacd7d372011-02-10 22:38:49 -0300[diff] [blame]877 else
878 hcon = hci_connect(hdev, ACL_LINK, dst,
879 l2cap_pi(sk)->sec_level, auth_type);
880
Ville Tervo30e76272011-02-22 16:10:53 -0300[diff] [blame]881 if (IS_ERR(hcon)) {
882 err = PTR_ERR(hcon);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]883 goto done;
Ville Tervo30e76272011-02-22 16:10:53 -0300[diff] [blame]884 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]885
886 conn = l2cap_conn_add(hcon, 0);
887 if (!conn) {
888 hci_conn_put(hcon);
Ville Tervo30e76272011-02-22 16:10:53 -0300[diff] [blame]889 err = -ENOMEM;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]890 goto done;
891 }
892
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]893 chan = l2cap_chan_alloc(sk);
894 if (!chan) {
895 hci_conn_put(hcon);
896 err = -ENOMEM;
897 goto done;
898 }
899
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]900 /* Update source addr of the socket */
901 bacpy(src, conn->src);
902
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]903 l2cap_chan_add(conn, chan);
904
905 l2cap_pi(sk)->chan = chan;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]906
907 sk->sk_state = BT_CONNECT;
908 l2cap_sock_set_timer(sk, sk->sk_sndtimeo);
909
910 if (hcon->state == BT_CONNECTED) {
Gustavo F. Padovanbd3c9e22010-05-01 16:15:42 -0300[diff] [blame]911 if (sk->sk_type != SOCK_SEQPACKET &&
912 sk->sk_type != SOCK_STREAM) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]913 l2cap_sock_clear_timer(sk);
Johan Hedbergd00ef242011-01-19 12:06:51 +0530[diff] [blame]914 if (l2cap_check_security(sk))
915 sk->sk_state = BT_CONNECTED;
Marcel Holtmann79d554a2008-07-14 20:13:44 +0200[diff] [blame]916 } else
Gustavo F. Padovanfc7f8a72011-03-25 13:59:37 -0300[diff] [blame]917 l2cap_do_start(chan);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]918 }
919
Ville Tervo30e76272011-02-22 16:10:53 -0300[diff] [blame]920 err = 0;
921
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]922done:
923 hci_dev_unlock_bh(hdev);
924 hci_dev_put(hdev);
925 return err;
926}
927
Gustavo F. Padovandcba0db2011-02-04 03:08:36 -0200[diff] [blame]928int __l2cap_wait_ack(struct sock *sk)
Gustavo F. Padovan6161c032010-05-01 16:15:44 -0300[diff] [blame]929{
930 DECLARE_WAITQUEUE(wait, current);
931 int err = 0;
932 int timeo = HZ/5;
933
Marcel Holtmann2b0b05d2010-05-10 11:33:10 +0200[diff] [blame]934 add_wait_queue(sk_sleep(sk), &wait);
Gustavo F. Padovan6a026612011-04-01 00:38:50 -0300[diff] [blame]935 while ((l2cap_pi(sk)->chan->unacked_frames > 0 && l2cap_pi(sk)->conn)) {
Gustavo F. Padovan6161c032010-05-01 16:15:44 -0300[diff] [blame]936 set_current_state(TASK_INTERRUPTIBLE);
937
938 if (!timeo)
939 timeo = HZ/5;
940
941 if (signal_pending(current)) {
942 err = sock_intr_errno(timeo);
943 break;
944 }
945
946 release_sock(sk);
947 timeo = schedule_timeout(timeo);
948 lock_sock(sk);
949
950 err = sock_error(sk);
951 if (err)
952 break;
953 }
954 set_current_state(TASK_RUNNING);
Marcel Holtmann2b0b05d2010-05-10 11:33:10 +0200[diff] [blame]955 remove_wait_queue(sk_sleep(sk), &wait);
Gustavo F. Padovan6161c032010-05-01 16:15:44 -0300[diff] [blame]956 return err;
957}
958
Gustavo F. Padovane90bac02009-08-20 22:26:00 -0300[diff] [blame]959static void l2cap_monitor_timeout(unsigned long arg)
960{
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]961 struct l2cap_chan *chan = (void *) arg;
962 struct sock *sk = chan->sk;
Gustavo F. Padovane90bac02009-08-20 22:26:00 -0300[diff] [blame]963
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]964 BT_DBG("chan %p", chan);
Gustavo F. Padovan0e989582010-04-19 14:45:38 -0300[diff] [blame]965
Gustavo F. Padovane6862192009-08-24 00:45:19 -0300[diff] [blame]966 bh_lock_sock(sk);
Gustavo F. Padovan2c03a7a2011-03-25 20:15:28 -0300[diff] [blame]967 if (chan->retry_count >= chan->remote_max_tx) {
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]968 l2cap_send_disconn_req(l2cap_pi(sk)->conn, chan, ECONNABORTED);
Andrei Emeltchenkob13f5862009-12-15 11:38:04 +0200[diff] [blame]969 bh_unlock_sock(sk);
Gustavo F. Padovane90bac02009-08-20 22:26:00 -0300[diff] [blame]970 return;
971 }
972
Gustavo F. Padovan6a026612011-04-01 00:38:50 -0300[diff] [blame]973 chan->retry_count++;
Gustavo F. Padovane90bac02009-08-20 22:26:00 -0300[diff] [blame]974 __mod_monitor_timer();
975
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]976 l2cap_send_rr_or_rnr(chan, L2CAP_CTRL_POLL);
Gustavo F. Padovane6862192009-08-24 00:45:19 -0300[diff] [blame]977 bh_unlock_sock(sk);
Gustavo F. Padovane90bac02009-08-20 22:26:00 -0300[diff] [blame]978}
979
980static void l2cap_retrans_timeout(unsigned long arg)
981{
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]982 struct l2cap_chan *chan = (void *) arg;
983 struct sock *sk = chan->sk;
Gustavo F. Padovane90bac02009-08-20 22:26:00 -0300[diff] [blame]984
Gustavo F. Padovan0e989582010-04-19 14:45:38 -0300[diff] [blame]985 BT_DBG("sk %p", sk);
986
Gustavo F. Padovane6862192009-08-24 00:45:19 -0300[diff] [blame]987 bh_lock_sock(sk);
Gustavo F. Padovan6a026612011-04-01 00:38:50 -0300[diff] [blame]988 chan->retry_count = 1;
Gustavo F. Padovane90bac02009-08-20 22:26:00 -0300[diff] [blame]989 __mod_monitor_timer();
990
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]991 chan->conn_state |= L2CAP_CONN_WAIT_F;
Gustavo F. Padovane90bac02009-08-20 22:26:00 -0300[diff] [blame]992
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]993 l2cap_send_rr_or_rnr(chan, L2CAP_CTRL_POLL);
Gustavo F. Padovane6862192009-08-24 00:45:19 -0300[diff] [blame]994 bh_unlock_sock(sk);
Gustavo F. Padovane90bac02009-08-20 22:26:00 -0300[diff] [blame]995}
996
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]997static void l2cap_drop_acked_frames(struct l2cap_chan *chan)
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]998{
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]999 struct sock *sk = chan->sk;
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1000 struct sk_buff *skb;
1001
Gustavo F. Padovan812e7372010-05-01 16:15:42 -0300[diff] [blame]1002 while ((skb = skb_peek(TX_QUEUE(sk))) &&
Gustavo F. Padovan6a026612011-04-01 00:38:50 -0300[diff] [blame]1003 chan->unacked_frames) {
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]1004 if (bt_cb(skb)->tx_seq == chan->expected_ack_seq)
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1005 break;
1006
1007 skb = skb_dequeue(TX_QUEUE(sk));
1008 kfree_skb(skb);
1009
Gustavo F. Padovan6a026612011-04-01 00:38:50 -0300[diff] [blame]1010 chan->unacked_frames--;
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1011 }
1012
Gustavo F. Padovan6a026612011-04-01 00:38:50 -0300[diff] [blame]1013 if (!chan->unacked_frames)
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]1014 del_timer(&chan->retrans_timer);
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1015}
1016
Gustavo F. Padovanfd83ccd2011-02-04 03:20:52 -0200[diff] [blame]1017void l2cap_do_send(struct sock *sk, struct sk_buff *skb)
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1018{
1019 struct l2cap_pinfo *pi = l2cap_pi(sk);
Andrei Emeltchenkoe7021122011-01-03 11:14:36 +0200[diff] [blame]1020 struct hci_conn *hcon = pi->conn->hcon;
1021 u16 flags;
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1022
1023 BT_DBG("sk %p, skb %p len %d", sk, skb, skb->len);
1024
Andrei Emeltchenkoe7021122011-01-03 11:14:36 +0200[diff] [blame]1025 if (!pi->flushable && lmp_no_flush_capable(hcon->hdev))
1026 flags = ACL_START_NO_FLUSH;
1027 else
1028 flags = ACL_START;
1029
1030 hci_send_acl(hcon, skb, flags);
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1031}
1032
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]1033void l2cap_streaming_send(struct l2cap_chan *chan)
Gustavo F. Padovan6840ed02009-08-20 22:26:01 -0300[diff] [blame]1034{
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]1035 struct sock *sk = chan->sk;
Gustavo F. Padovanccbb84a2010-08-30 18:44:44 -0300[diff] [blame]1036 struct sk_buff *skb;
Gustavo F. Padovan6840ed02009-08-20 22:26:01 -0300[diff] [blame]1037 struct l2cap_pinfo *pi = l2cap_pi(sk);
Gustavo F. Padovanfcc203c2009-08-20 22:26:02 -0300[diff] [blame]1038 u16 control, fcs;
Gustavo F. Padovan6840ed02009-08-20 22:26:01 -0300[diff] [blame]1039
Gustavo F. Padovanccbb84a2010-08-30 18:44:44 -0300[diff] [blame]1040 while ((skb = skb_dequeue(TX_QUEUE(sk)))) {
1041 control = get_unaligned_le16(skb->data + L2CAP_HDR_SIZE);
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]1042 control |= chan->next_tx_seq << L2CAP_CTRL_TXSEQ_SHIFT;
Gustavo F. Padovanccbb84a2010-08-30 18:44:44 -0300[diff] [blame]1043 put_unaligned_le16(control, skb->data + L2CAP_HDR_SIZE);
Gustavo F. Padovan6840ed02009-08-20 22:26:01 -0300[diff] [blame]1044
Gustavo F. Padovane8235c62010-05-01 16:15:36 -0300[diff] [blame]1045 if (pi->fcs == L2CAP_FCS_CRC16) {
Gustavo F. Padovanccbb84a2010-08-30 18:44:44 -0300[diff] [blame]1046 fcs = crc16(0, (u8 *)skb->data, skb->len - 2);
1047 put_unaligned_le16(fcs, skb->data + skb->len - 2);
Gustavo F. Padovanfcc203c2009-08-20 22:26:02 -0300[diff] [blame]1048 }
1049
Gustavo F. Padovanccbb84a2010-08-30 18:44:44 -0300[diff] [blame]1050 l2cap_do_send(sk, skb);
Gustavo F. Padovan6840ed02009-08-20 22:26:01 -0300[diff] [blame]1051
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]1052 chan->next_tx_seq = (chan->next_tx_seq + 1) % 64;
Gustavo F. Padovan6840ed02009-08-20 22:26:01 -0300[diff] [blame]1053 }
Gustavo F. Padovan6840ed02009-08-20 22:26:01 -0300[diff] [blame]1054}
1055
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]1056static void l2cap_retransmit_one_frame(struct l2cap_chan *chan, u8 tx_seq)
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]1057{
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]1058 struct sock *sk = chan->sk;
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]1059 struct l2cap_pinfo *pi = l2cap_pi(sk);
1060 struct sk_buff *skb, *tx_skb;
1061 u16 control, fcs;
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]1062
1063 skb = skb_peek(TX_QUEUE(sk));
Gustavo F. Padovanf11d6762010-05-01 16:15:44 -0300[diff] [blame]1064 if (!skb)
1065 return;
1066
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]1067 do {
Gustavo F. Padovanf11d6762010-05-01 16:15:44 -0300[diff] [blame]1068 if (bt_cb(skb)->tx_seq == tx_seq)
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]1069 break;
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]1070
Gustavo F. Padovanf11d6762010-05-01 16:15:44 -0300[diff] [blame]1071 if (skb_queue_is_last(TX_QUEUE(sk), skb))
1072 return;
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]1073
Gustavo F. Padovanf11d6762010-05-01 16:15:44 -0300[diff] [blame]1074 } while ((skb = skb_queue_next(TX_QUEUE(sk), skb)));
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]1075
Gustavo F. Padovan2c03a7a2011-03-25 20:15:28 -0300[diff] [blame]1076 if (chan->remote_max_tx &&
1077 bt_cb(skb)->retries == chan->remote_max_tx) {
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]1078 l2cap_send_disconn_req(pi->conn, chan, ECONNABORTED);
Gustavo F. Padovanf11d6762010-05-01 16:15:44 -0300[diff] [blame]1079 return;
1080 }
1081
1082 tx_skb = skb_clone(skb, GFP_ATOMIC);
1083 bt_cb(skb)->retries++;
1084 control = get_unaligned_le16(tx_skb->data + L2CAP_HDR_SIZE);
Gustavo F. Padovan3cb123d2010-05-29 02:24:35 -0300[diff] [blame]1085
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]1086 if (chan->conn_state & L2CAP_CONN_SEND_FBIT) {
Gustavo F. Padovan3cb123d2010-05-29 02:24:35 -0300[diff] [blame]1087 control |= L2CAP_CTRL_FINAL;
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]1088 chan->conn_state &= ~L2CAP_CONN_SEND_FBIT;
Gustavo F. Padovan3cb123d2010-05-29 02:24:35 -0300[diff] [blame]1089 }
Gustavo F. Padovan95ffa972010-06-18 20:37:33 -0300[diff] [blame]1090
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]1091 control |= (chan->buffer_seq << L2CAP_CTRL_REQSEQ_SHIFT)
Gustavo F. Padovanf11d6762010-05-01 16:15:44 -0300[diff] [blame]1092 | (tx_seq << L2CAP_CTRL_TXSEQ_SHIFT);
Gustavo F. Padovan3cb123d2010-05-29 02:24:35 -0300[diff] [blame]1093
Gustavo F. Padovanf11d6762010-05-01 16:15:44 -0300[diff] [blame]1094 put_unaligned_le16(control, tx_skb->data + L2CAP_HDR_SIZE);
1095
1096 if (pi->fcs == L2CAP_FCS_CRC16) {
1097 fcs = crc16(0, (u8 *)tx_skb->data, tx_skb->len - 2);
1098 put_unaligned_le16(fcs, tx_skb->data + tx_skb->len - 2);
1099 }
1100
1101 l2cap_do_send(sk, tx_skb);
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]1102}
1103
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]1104int l2cap_ertm_send(struct l2cap_chan *chan)
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1105{
1106 struct sk_buff *skb, *tx_skb;
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]1107 struct sock *sk = chan->sk;
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1108 struct l2cap_pinfo *pi = l2cap_pi(sk);
Gustavo F. Padovanfcc203c2009-08-20 22:26:02 -0300[diff] [blame]1109 u16 control, fcs;
Gustavo F. Padovan9a9c6a32010-05-01 16:15:43 -0300[diff] [blame]1110 int nsent = 0;
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1111
Gustavo F. Padovanc13ffa62010-05-13 20:50:12 -0300[diff] [blame]1112 if (sk->sk_state != BT_CONNECTED)
1113 return -ENOTCONN;
Gustavo F. Padovane90bac02009-08-20 22:26:00 -0300[diff] [blame]1114
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]1115 while ((skb = sk->sk_send_head) && (!l2cap_tx_window_full(chan))) {
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1116
Gustavo F. Padovan2c03a7a2011-03-25 20:15:28 -0300[diff] [blame]1117 if (chan->remote_max_tx &&
1118 bt_cb(skb)->retries == chan->remote_max_tx) {
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]1119 l2cap_send_disconn_req(pi->conn, chan, ECONNABORTED);
Gustavo F. Padovane90bac02009-08-20 22:26:00 -0300[diff] [blame]1120 break;
1121 }
1122
Andrei Emeltchenkoe420aba2009-12-23 13:07:14 +0200[diff] [blame]1123 tx_skb = skb_clone(skb, GFP_ATOMIC);
1124
Gustavo F. Padovane90bac02009-08-20 22:26:00 -0300[diff] [blame]1125 bt_cb(skb)->retries++;
1126
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1127 control = get_unaligned_le16(tx_skb->data + L2CAP_HDR_SIZE);
Gustavo F. Padovan95ffa972010-06-18 20:37:33 -0300[diff] [blame]1128 control &= L2CAP_CTRL_SAR;
1129
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]1130 if (chan->conn_state & L2CAP_CONN_SEND_FBIT) {
Gustavo F. Padovand5392c82010-05-01 16:15:36 -0300[diff] [blame]1131 control |= L2CAP_CTRL_FINAL;
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]1132 chan->conn_state &= ~L2CAP_CONN_SEND_FBIT;
Gustavo F. Padovand5392c82010-05-01 16:15:36 -0300[diff] [blame]1133 }
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]1134 control |= (chan->buffer_seq << L2CAP_CTRL_REQSEQ_SHIFT)
1135 | (chan->next_tx_seq << L2CAP_CTRL_TXSEQ_SHIFT);
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1136 put_unaligned_le16(control, tx_skb->data + L2CAP_HDR_SIZE);
1137
Gustavo F. Padovane90bac02009-08-20 22:26:00 -0300[diff] [blame]1138
Gustavo F. Padovane8235c62010-05-01 16:15:36 -0300[diff] [blame]1139 if (pi->fcs == L2CAP_FCS_CRC16) {
Gustavo F. Padovanfcc203c2009-08-20 22:26:02 -0300[diff] [blame]1140 fcs = crc16(0, (u8 *)skb->data, tx_skb->len - 2);
1141 put_unaligned_le16(fcs, skb->data + tx_skb->len - 2);
1142 }
1143
Gustavo F. Padovan9a9c6a32010-05-01 16:15:43 -0300[diff] [blame]1144 l2cap_do_send(sk, tx_skb);
1145
Gustavo F. Padovane90bac02009-08-20 22:26:00 -0300[diff] [blame]1146 __mod_retrans_timer();
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1147
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]1148 bt_cb(skb)->tx_seq = chan->next_tx_seq;
1149 chan->next_tx_seq = (chan->next_tx_seq + 1) % 64;
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1150
Suraj Sumangala23e9fde2011-03-09 14:44:05 +0530[diff] [blame]1151 if (bt_cb(skb)->retries == 1)
Gustavo F. Padovan6a026612011-04-01 00:38:50 -0300[diff] [blame]1152 chan->unacked_frames++;
Suraj Sumangala23e9fde2011-03-09 14:44:05 +0530[diff] [blame]1153
Gustavo F. Padovan6a026612011-04-01 00:38:50 -0300[diff] [blame]1154 chan->frames_sent++;
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1155
1156 if (skb_queue_is_last(TX_QUEUE(sk), skb))
1157 sk->sk_send_head = NULL;
1158 else
1159 sk->sk_send_head = skb_queue_next(TX_QUEUE(sk), skb);
Gustavo F. Padovan9e917af2010-05-01 16:15:37 -0300[diff] [blame]1160
1161 nsent++;
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1162 }
1163
Gustavo F. Padovan9e917af2010-05-01 16:15:37 -0300[diff] [blame]1164 return nsent;
1165}
1166
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]1167static int l2cap_retransmit_frames(struct l2cap_chan *chan)
Gustavo F. Padovandfc909b2010-05-01 16:15:45 -0300[diff] [blame]1168{
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]1169 struct sock *sk = chan->sk;
Gustavo F. Padovandfc909b2010-05-01 16:15:45 -0300[diff] [blame]1170 int ret;
1171
Gustavo F. Padovandfc909b2010-05-01 16:15:45 -0300[diff] [blame]1172 if (!skb_queue_empty(TX_QUEUE(sk)))
1173 sk->sk_send_head = TX_QUEUE(sk)->next;
1174
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]1175 chan->next_tx_seq = chan->expected_ack_seq;
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]1176 ret = l2cap_ertm_send(chan);
Gustavo F. Padovandfc909b2010-05-01 16:15:45 -0300[diff] [blame]1177 return ret;
1178}
1179
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]1180static void l2cap_send_ack(struct l2cap_chan *chan)
Gustavo F. Padovan9e917af2010-05-01 16:15:37 -0300[diff] [blame]1181{
Gustavo F. Padovan9e917af2010-05-01 16:15:37 -0300[diff] [blame]1182 u16 control = 0;
1183
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]1184 control |= chan->buffer_seq << L2CAP_CTRL_REQSEQ_SHIFT;
Gustavo F. Padovan9e917af2010-05-01 16:15:37 -0300[diff] [blame]1185
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]1186 if (chan->conn_state & L2CAP_CONN_LOCAL_BUSY) {
Gustavo F. Padovan9e917af2010-05-01 16:15:37 -0300[diff] [blame]1187 control |= L2CAP_SUPER_RCV_NOT_READY;
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]1188 chan->conn_state |= L2CAP_CONN_RNR_SENT;
1189 l2cap_send_sframe(chan, control);
Gustavo F. Padovan9a9c6a32010-05-01 16:15:43 -0300[diff] [blame]1190 return;
Gustavo F. Padovan9e917af2010-05-01 16:15:37 -0300[diff] [blame]1191 }
Gustavo F. Padovandfc909b2010-05-01 16:15:45 -0300[diff] [blame]1192
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]1193 if (l2cap_ertm_send(chan) > 0)
Gustavo F. Padovandfc909b2010-05-01 16:15:45 -0300[diff] [blame]1194 return;
1195
1196 control |= L2CAP_SUPER_RCV_READY;
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]1197 l2cap_send_sframe(chan, control);
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1198}
1199
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]1200static void l2cap_send_srejtail(struct l2cap_chan *chan)
Gustavo F. Padovan99b0d4b2010-05-01 16:15:38 -0300[diff] [blame]1201{
1202 struct srej_list *tail;
1203 u16 control;
1204
1205 control = L2CAP_SUPER_SELECT_REJECT;
1206 control |= L2CAP_CTRL_FINAL;
1207
Gustavo F. Padovan39d5a3e2011-04-04 15:40:12 -0300[diff] [blame^]1208 tail = list_entry((&chan->srej_l)->prev, struct srej_list, list);
Gustavo F. Padovan99b0d4b2010-05-01 16:15:38 -0300[diff] [blame]1209 control |= tail->tx_seq << L2CAP_CTRL_REQSEQ_SHIFT;
1210
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]1211 l2cap_send_sframe(chan, control);
Gustavo F. Padovan99b0d4b2010-05-01 16:15:38 -0300[diff] [blame]1212}
1213
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1214static inline int l2cap_skbuff_fromiovec(struct sock *sk, struct msghdr *msg, int len, int count, struct sk_buff *skb)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1215{
1216 struct l2cap_conn *conn = l2cap_pi(sk)->conn;
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1217 struct sk_buff **frag;
1218 int err, sent = 0;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1219
Gustavo F. Padovan59203a22010-05-01 16:15:43 -0300[diff] [blame]1220 if (memcpy_fromiovec(skb_put(skb, count), msg->msg_iov, count))
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1221 return -EFAULT;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1222
1223 sent += count;
1224 len -= count;
1225
1226 /* Continuation fragments (no L2CAP header) */
1227 frag = &skb_shinfo(skb)->frag_list;
1228 while (len) {
1229 count = min_t(unsigned int, conn->mtu, len);
1230
1231 *frag = bt_skb_send_alloc(sk, count, msg->msg_flags & MSG_DONTWAIT, &err);
1232 if (!*frag)
Gustavo F. Padovan0175d622010-09-24 20:30:57 -0300[diff] [blame]1233 return err;
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1234 if (memcpy_fromiovec(skb_put(*frag, count), msg->msg_iov, count))
1235 return -EFAULT;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1236
1237 sent += count;
1238 len -= count;
1239
1240 frag = &(*frag)->next;
1241 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1242
1243 return sent;
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1244}
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1245
Gustavo F. Padovanfd83ccd2011-02-04 03:20:52 -0200[diff] [blame]1246struct sk_buff *l2cap_create_connless_pdu(struct sock *sk, struct msghdr *msg, size_t len)
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1247{
1248 struct l2cap_conn *conn = l2cap_pi(sk)->conn;
1249 struct sk_buff *skb;
1250 int err, count, hlen = L2CAP_HDR_SIZE + 2;
1251 struct l2cap_hdr *lh;
1252
1253 BT_DBG("sk %p len %d", sk, (int)len);
1254
1255 count = min_t(unsigned int, (conn->mtu - hlen), len);
1256 skb = bt_skb_send_alloc(sk, count + hlen,
1257 msg->msg_flags & MSG_DONTWAIT, &err);
1258 if (!skb)
Gustavo F. Padovan0175d622010-09-24 20:30:57 -0300[diff] [blame]1259 return ERR_PTR(err);
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1260
1261 /* Create L2CAP header */
1262 lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE);
1263 lh->cid = cpu_to_le16(l2cap_pi(sk)->dcid);
1264 lh->len = cpu_to_le16(len + (hlen - L2CAP_HDR_SIZE));
1265 put_unaligned_le16(l2cap_pi(sk)->psm, skb_put(skb, 2));
1266
1267 err = l2cap_skbuff_fromiovec(sk, msg, len, count, skb);
1268 if (unlikely(err < 0)) {
1269 kfree_skb(skb);
1270 return ERR_PTR(err);
1271 }
1272 return skb;
1273}
1274
Gustavo F. Padovanfd83ccd2011-02-04 03:20:52 -0200[diff] [blame]1275struct sk_buff *l2cap_create_basic_pdu(struct sock *sk, struct msghdr *msg, size_t len)
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1276{
1277 struct l2cap_conn *conn = l2cap_pi(sk)->conn;
1278 struct sk_buff *skb;
1279 int err, count, hlen = L2CAP_HDR_SIZE;
1280 struct l2cap_hdr *lh;
1281
1282 BT_DBG("sk %p len %d", sk, (int)len);
1283
1284 count = min_t(unsigned int, (conn->mtu - hlen), len);
1285 skb = bt_skb_send_alloc(sk, count + hlen,
1286 msg->msg_flags & MSG_DONTWAIT, &err);
1287 if (!skb)
Gustavo F. Padovan0175d622010-09-24 20:30:57 -0300[diff] [blame]1288 return ERR_PTR(err);
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1289
1290 /* Create L2CAP header */
1291 lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE);
1292 lh->cid = cpu_to_le16(l2cap_pi(sk)->dcid);
1293 lh->len = cpu_to_le16(len + (hlen - L2CAP_HDR_SIZE));
1294
1295 err = l2cap_skbuff_fromiovec(sk, msg, len, count, skb);
1296 if (unlikely(err < 0)) {
1297 kfree_skb(skb);
1298 return ERR_PTR(err);
1299 }
1300 return skb;
1301}
1302
Gustavo F. Padovanfd83ccd2011-02-04 03:20:52 -0200[diff] [blame]1303struct sk_buff *l2cap_create_iframe_pdu(struct sock *sk, struct msghdr *msg, size_t len, u16 control, u16 sdulen)
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1304{
1305 struct l2cap_conn *conn = l2cap_pi(sk)->conn;
1306 struct sk_buff *skb;
1307 int err, count, hlen = L2CAP_HDR_SIZE + 2;
1308 struct l2cap_hdr *lh;
1309
1310 BT_DBG("sk %p len %d", sk, (int)len);
1311
Gustavo F. Padovan0ee0d202010-05-01 16:15:41 -0300[diff] [blame]1312 if (!conn)
1313 return ERR_PTR(-ENOTCONN);
1314
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]1315 if (sdulen)
1316 hlen += 2;
1317
Gustavo F. Padovanfcc203c2009-08-20 22:26:02 -0300[diff] [blame]1318 if (l2cap_pi(sk)->fcs == L2CAP_FCS_CRC16)
1319 hlen += 2;
1320
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1321 count = min_t(unsigned int, (conn->mtu - hlen), len);
1322 skb = bt_skb_send_alloc(sk, count + hlen,
1323 msg->msg_flags & MSG_DONTWAIT, &err);
1324 if (!skb)
Gustavo F. Padovan0175d622010-09-24 20:30:57 -0300[diff] [blame]1325 return ERR_PTR(err);
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1326
1327 /* Create L2CAP header */
1328 lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE);
1329 lh->cid = cpu_to_le16(l2cap_pi(sk)->dcid);
1330 lh->len = cpu_to_le16(len + (hlen - L2CAP_HDR_SIZE));
1331 put_unaligned_le16(control, skb_put(skb, 2));
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]1332 if (sdulen)
1333 put_unaligned_le16(sdulen, skb_put(skb, 2));
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1334
1335 err = l2cap_skbuff_fromiovec(sk, msg, len, count, skb);
1336 if (unlikely(err < 0)) {
1337 kfree_skb(skb);
1338 return ERR_PTR(err);
1339 }
Gustavo F. Padovane90bac02009-08-20 22:26:00 -0300[diff] [blame]1340
Gustavo F. Padovanfcc203c2009-08-20 22:26:02 -0300[diff] [blame]1341 if (l2cap_pi(sk)->fcs == L2CAP_FCS_CRC16)
1342 put_unaligned_le16(0, skb_put(skb, 2));
1343
Gustavo F. Padovane90bac02009-08-20 22:26:00 -0300[diff] [blame]1344 bt_cb(skb)->retries = 0;
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1345 return skb;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1346}
1347
Gustavo F. Padovan2c03a7a2011-03-25 20:15:28 -0300[diff] [blame]1348int l2cap_sar_segment_sdu(struct l2cap_chan *chan, struct msghdr *msg, size_t len)
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]1349{
Gustavo F. Padovan2c03a7a2011-03-25 20:15:28 -0300[diff] [blame]1350 struct sock *sk = chan->sk;
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]1351 struct sk_buff *skb;
1352 struct sk_buff_head sar_queue;
1353 u16 control;
1354 size_t size = 0;
1355
Gustavo F. Padovanff12fd62010-05-05 22:09:15 -0300[diff] [blame]1356 skb_queue_head_init(&sar_queue);
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]1357 control = L2CAP_SDU_START;
Gustavo F. Padovan2c03a7a2011-03-25 20:15:28 -0300[diff] [blame]1358 skb = l2cap_create_iframe_pdu(sk, msg, chan->remote_mps, control, len);
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]1359 if (IS_ERR(skb))
1360 return PTR_ERR(skb);
1361
1362 __skb_queue_tail(&sar_queue, skb);
Gustavo F. Padovan2c03a7a2011-03-25 20:15:28 -0300[diff] [blame]1363 len -= chan->remote_mps;
1364 size += chan->remote_mps;
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]1365
1366 while (len > 0) {
1367 size_t buflen;
1368
Gustavo F. Padovan2c03a7a2011-03-25 20:15:28 -0300[diff] [blame]1369 if (len > chan->remote_mps) {
Gustavo F. Padovan44651b82010-05-01 16:15:43 -0300[diff] [blame]1370 control = L2CAP_SDU_CONTINUE;
Gustavo F. Padovan2c03a7a2011-03-25 20:15:28 -0300[diff] [blame]1371 buflen = chan->remote_mps;
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]1372 } else {
Gustavo F. Padovan44651b82010-05-01 16:15:43 -0300[diff] [blame]1373 control = L2CAP_SDU_END;
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]1374 buflen = len;
1375 }
1376
Gustavo F. Padovan6840ed02009-08-20 22:26:01 -0300[diff] [blame]1377 skb = l2cap_create_iframe_pdu(sk, msg, buflen, control, 0);
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]1378 if (IS_ERR(skb)) {
1379 skb_queue_purge(&sar_queue);
1380 return PTR_ERR(skb);
1381 }
1382
1383 __skb_queue_tail(&sar_queue, skb);
1384 len -= buflen;
1385 size += buflen;
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]1386 }
1387 skb_queue_splice_tail(&sar_queue, TX_QUEUE(sk));
1388 if (sk->sk_send_head == NULL)
1389 sk->sk_send_head = sar_queue.next;
1390
1391 return size;
1392}
1393
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1394static void l2cap_chan_ready(struct sock *sk)
1395{
1396 struct sock *parent = bt_sk(sk)->parent;
1397
1398 BT_DBG("sk %p, parent %p", sk, parent);
1399
1400 l2cap_pi(sk)->conf_state = 0;
1401 l2cap_sock_clear_timer(sk);
1402
1403 if (!parent) {
1404 /* Outgoing channel.
1405 * Wake up socket sleeping on connect.
1406 */
1407 sk->sk_state = BT_CONNECTED;
1408 sk->sk_state_change(sk);
1409 } else {
1410 /* Incoming channel.
1411 * Wake up socket sleeping on accept.
1412 */
1413 parent->sk_data_ready(parent, 0);
1414 }
1415}
1416
1417/* Copy frame to all raw sockets on that connection */
1418static void l2cap_raw_recv(struct l2cap_conn *conn, struct sk_buff *skb)
1419{
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1420 struct sk_buff *nskb;
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]1421 struct l2cap_chan *chan;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1422
1423 BT_DBG("conn %p", conn);
1424
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]1425 read_lock(&conn->chan_lock);
1426 list_for_each_entry(chan, &conn->chan_l, list) {
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]1427 struct sock *sk = chan->sk;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1428 if (sk->sk_type != SOCK_RAW)
1429 continue;
1430
1431 /* Don't send frame to the socket it came from */
1432 if (skb->sk == sk)
1433 continue;
Gustavo F. Padovanaf05b30b2009-04-20 01:31:08 -0300[diff] [blame]1434 nskb = skb_clone(skb, GFP_ATOMIC);
1435 if (!nskb)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1436 continue;
1437
1438 if (sock_queue_rcv_skb(sk, nskb))
1439 kfree_skb(nskb);
1440 }
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]1441 read_unlock(&conn->chan_lock);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1442}
1443
1444/* ---- L2CAP signalling commands ---- */
1445static struct sk_buff *l2cap_build_cmd(struct l2cap_conn *conn,
1446 u8 code, u8 ident, u16 dlen, void *data)
1447{
1448 struct sk_buff *skb, **frag;
1449 struct l2cap_cmd_hdr *cmd;
1450 struct l2cap_hdr *lh;
1451 int len, count;
1452
Gustavo F. Padovanaf05b30b2009-04-20 01:31:08 -0300[diff] [blame]1453 BT_DBG("conn %p, code 0x%2.2x, ident 0x%2.2x, len %d",
1454 conn, code, ident, dlen);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1455
1456 len = L2CAP_HDR_SIZE + L2CAP_CMD_HDR_SIZE + dlen;
1457 count = min_t(unsigned int, conn->mtu, len);
1458
1459 skb = bt_skb_alloc(count, GFP_ATOMIC);
1460 if (!skb)
1461 return NULL;
1462
1463 lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE);
YOSHIFUJI Hideakiaca31922007-03-25 20:12:50 -0700[diff] [blame]1464 lh->len = cpu_to_le16(L2CAP_CMD_HDR_SIZE + dlen);
Claudio Takahasi3300d9a2011-02-11 19:28:54 -0200[diff] [blame]1465
1466 if (conn->hcon->type == LE_LINK)
1467 lh->cid = cpu_to_le16(L2CAP_CID_LE_SIGNALING);
1468 else
1469 lh->cid = cpu_to_le16(L2CAP_CID_SIGNALING);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1470
1471 cmd = (struct l2cap_cmd_hdr *) skb_put(skb, L2CAP_CMD_HDR_SIZE);
1472 cmd->code = code;
1473 cmd->ident = ident;
YOSHIFUJI Hideakiaca31922007-03-25 20:12:50 -0700[diff] [blame]1474 cmd->len = cpu_to_le16(dlen);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1475
1476 if (dlen) {
1477 count -= L2CAP_HDR_SIZE + L2CAP_CMD_HDR_SIZE;
1478 memcpy(skb_put(skb, count), data, count);
1479 data += count;
1480 }
1481
1482 len -= skb->len;
1483
1484 /* Continuation fragments (no L2CAP header) */
1485 frag = &skb_shinfo(skb)->frag_list;
1486 while (len) {
1487 count = min_t(unsigned int, conn->mtu, len);
1488
1489 *frag = bt_skb_alloc(count, GFP_ATOMIC);
1490 if (!*frag)
1491 goto fail;
1492
1493 memcpy(skb_put(*frag, count), data, count);
1494
1495 len -= count;
1496 data += count;
1497
1498 frag = &(*frag)->next;
1499 }
1500
1501 return skb;
1502
1503fail:
1504 kfree_skb(skb);
1505 return NULL;
1506}
1507
1508static inline int l2cap_get_conf_opt(void **ptr, int *type, int *olen, unsigned long *val)
1509{
1510 struct l2cap_conf_opt *opt = *ptr;
1511 int len;
1512
1513 len = L2CAP_CONF_OPT_SIZE + opt->len;
1514 *ptr += len;
1515
1516 *type = opt->type;
1517 *olen = opt->len;
1518
1519 switch (opt->len) {
1520 case 1:
1521 *val = *((u8 *) opt->val);
1522 break;
1523
1524 case 2:
steven miaobfaaeb32010-10-16 18:29:47 -0400[diff] [blame]1525 *val = get_unaligned_le16(opt->val);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1526 break;
1527
1528 case 4:
steven miaobfaaeb32010-10-16 18:29:47 -0400[diff] [blame]1529 *val = get_unaligned_le32(opt->val);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1530 break;
1531
1532 default:
1533 *val = (unsigned long) opt->val;
1534 break;
1535 }
1536
1537 BT_DBG("type 0x%2.2x len %d val 0x%lx", *type, opt->len, *val);
1538 return len;
1539}
1540
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1541static void l2cap_add_conf_opt(void **ptr, u8 type, u8 len, unsigned long val)
1542{
1543 struct l2cap_conf_opt *opt = *ptr;
1544
1545 BT_DBG("type 0x%2.2x len %d val 0x%lx", type, len, val);
1546
1547 opt->type = type;
1548 opt->len = len;
1549
1550 switch (len) {
1551 case 1:
1552 *((u8 *) opt->val) = val;
1553 break;
1554
1555 case 2:
Gustavo F. Padovan4f8b6912010-10-18 14:25:53 -0200[diff] [blame]1556 put_unaligned_le16(val, opt->val);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1557 break;
1558
1559 case 4:
Gustavo F. Padovan4f8b6912010-10-18 14:25:53 -0200[diff] [blame]1560 put_unaligned_le32(val, opt->val);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1561 break;
1562
1563 default:
1564 memcpy(opt->val, (void *) val, len);
1565 break;
1566 }
1567
1568 *ptr += L2CAP_CONF_OPT_SIZE + len;
1569}
1570
Gustavo F. Padovanc1b4f432010-05-01 16:15:39 -0300[diff] [blame]1571static void l2cap_ack_timeout(unsigned long arg)
1572{
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]1573 struct l2cap_chan *chan = (void *) arg;
Gustavo F. Padovanc1b4f432010-05-01 16:15:39 -0300[diff] [blame]1574
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]1575 bh_lock_sock(chan->sk);
1576 l2cap_send_ack(chan);
1577 bh_unlock_sock(chan->sk);
Gustavo F. Padovanc1b4f432010-05-01 16:15:39 -0300[diff] [blame]1578}
1579
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]1580static inline void l2cap_ertm_init(struct l2cap_chan *chan)
Gustavo F. Padovan0565c1c2009-10-03 02:34:36 -0300[diff] [blame]1581{
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]1582 struct sock *sk = chan->sk;
1583
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]1584 chan->expected_ack_seq = 0;
Gustavo F. Padovan6a026612011-04-01 00:38:50 -0300[diff] [blame]1585 chan->unacked_frames = 0;
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]1586 chan->buffer_seq = 0;
Gustavo F. Padovan6a026612011-04-01 00:38:50 -0300[diff] [blame]1587 chan->num_acked = 0;
1588 chan->frames_sent = 0;
Gustavo F. Padovan0565c1c2009-10-03 02:34:36 -0300[diff] [blame]1589
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]1590 setup_timer(&chan->retrans_timer, l2cap_retrans_timeout,
1591 (unsigned long) chan);
1592 setup_timer(&chan->monitor_timer, l2cap_monitor_timeout,
1593 (unsigned long) chan);
1594 setup_timer(&chan->ack_timer, l2cap_ack_timeout, (unsigned long) chan);
Gustavo F. Padovan0565c1c2009-10-03 02:34:36 -0300[diff] [blame]1595
Gustavo F. Padovanf1c67752011-03-25 20:36:10 -0300[diff] [blame]1596 skb_queue_head_init(&chan->srej_q);
1597 skb_queue_head_init(&chan->busy_q);
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]1598
Gustavo F. Padovan39d5a3e2011-04-04 15:40:12 -0300[diff] [blame^]1599 INIT_LIST_HEAD(&chan->srej_l);
1600
Gustavo F. Padovan311bb892011-03-25 20:41:00 -0300[diff] [blame]1601 INIT_WORK(&chan->busy_work, l2cap_busy_work);
Gustavo F. Padovan218bb9d2010-06-21 18:53:22 -0300[diff] [blame]1602
1603 sk->sk_backlog_rcv = l2cap_ertm_data_rcv;
Gustavo F. Padovan0565c1c2009-10-03 02:34:36 -0300[diff] [blame]1604}
1605
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1606static inline __u8 l2cap_select_mode(__u8 mode, __u16 remote_feat_mask)
1607{
1608 switch (mode) {
1609 case L2CAP_MODE_STREAMING:
1610 case L2CAP_MODE_ERTM:
1611 if (l2cap_mode_supported(mode, remote_feat_mask))
1612 return mode;
1613 /* fall through */
1614 default:
1615 return L2CAP_MODE_BASIC;
1616 }
1617}
1618
Gustavo F. Padovan710f9b02011-03-25 14:30:37 -0300[diff] [blame]1619static int l2cap_build_conf_req(struct l2cap_chan *chan, void *data)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1620{
Gustavo F. Padovan73ffa902011-03-25 14:16:54 -0300[diff] [blame]1621 struct sock *sk = chan->sk;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1622 struct l2cap_pinfo *pi = l2cap_pi(sk);
1623 struct l2cap_conf_req *req = data;
Gustavo F. Padovanbd3c9e22010-05-01 16:15:42 -0300[diff] [blame]1624 struct l2cap_conf_rfc rfc = { .mode = pi->mode };
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1625 void *ptr = req->data;
1626
1627 BT_DBG("sk %p", sk);
1628
Gustavo F. Padovan73ffa902011-03-25 14:16:54 -0300[diff] [blame]1629 if (chan->num_conf_req || chan->num_conf_rsp)
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1630 goto done;
1631
1632 switch (pi->mode) {
1633 case L2CAP_MODE_STREAMING:
1634 case L2CAP_MODE_ERTM:
Gustavo F. Padovan2ba13ed2010-06-09 16:39:05 -0300[diff] [blame]1635 if (pi->conf_state & L2CAP_CONF_STATE2_DEVICE)
Gustavo F. Padovan85eb53c2010-06-03 18:43:28 -0300[diff] [blame]1636 break;
Gustavo F. Padovan85eb53c2010-06-03 18:43:28 -0300[diff] [blame]1637
Gustavo F. Padovan2ba13ed2010-06-09 16:39:05 -0300[diff] [blame]1638 /* fall through */
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1639 default:
1640 pi->mode = l2cap_select_mode(rfc.mode, pi->conn->feat_mask);
1641 break;
1642 }
1643
1644done:
Gustavo F. Padovan7990681c2011-01-24 16:01:43 -0200[diff] [blame]1645 if (pi->imtu != L2CAP_DEFAULT_MTU)
1646 l2cap_add_conf_opt(&ptr, L2CAP_CONF_MTU, 2, pi->imtu);
1647
Marcel Holtmann65c7c492009-05-02 23:07:53 -0700[diff] [blame]1648 switch (pi->mode) {
1649 case L2CAP_MODE_BASIC:
Gustavo F. Padovan63406502010-08-03 23:49:29 -0300[diff] [blame]1650 if (!(pi->conn->feat_mask & L2CAP_FEAT_ERTM) &&
1651 !(pi->conn->feat_mask & L2CAP_FEAT_STREAMING))
1652 break;
1653
Gustavo F. Padovan62547752010-06-08 20:05:31 -0300[diff] [blame]1654 rfc.mode = L2CAP_MODE_BASIC;
1655 rfc.txwin_size = 0;
1656 rfc.max_transmit = 0;
1657 rfc.retrans_timeout = 0;
1658 rfc.monitor_timeout = 0;
1659 rfc.max_pdu_size = 0;
1660
Gustavo F. Padovan63406502010-08-03 23:49:29 -0300[diff] [blame]1661 l2cap_add_conf_opt(&ptr, L2CAP_CONF_RFC, sizeof(rfc),
1662 (unsigned long) &rfc);
Marcel Holtmann65c7c492009-05-02 23:07:53 -0700[diff] [blame]1663 break;
1664
1665 case L2CAP_MODE_ERTM:
1666 rfc.mode = L2CAP_MODE_ERTM;
Gustavo F. Padovan14b5aa72010-05-01 16:15:40 -0300[diff] [blame]1667 rfc.txwin_size = pi->tx_win;
Gustavo F. Padovan68d7f0c2010-05-01 16:15:41 -0300[diff] [blame]1668 rfc.max_transmit = pi->max_tx;
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1669 rfc.retrans_timeout = 0;
1670 rfc.monitor_timeout = 0;
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]1671 rfc.max_pdu_size = cpu_to_le16(L2CAP_DEFAULT_MAX_PDU_SIZE);
Gustavo F. Padovand1daa092010-05-01 16:15:36 -0300[diff] [blame]1672 if (L2CAP_DEFAULT_MAX_PDU_SIZE > pi->conn->mtu - 10)
Gustavo F. Padovan1c762152010-05-01 16:15:40 -0300[diff] [blame]1673 rfc.max_pdu_size = cpu_to_le16(pi->conn->mtu - 10);
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1674
Gustavo F. Padovan63406502010-08-03 23:49:29 -0300[diff] [blame]1675 l2cap_add_conf_opt(&ptr, L2CAP_CONF_RFC, sizeof(rfc),
1676 (unsigned long) &rfc);
1677
Gustavo F. Padovanfcc203c2009-08-20 22:26:02 -0300[diff] [blame]1678 if (!(pi->conn->feat_mask & L2CAP_FEAT_FCS))
1679 break;
1680
1681 if (pi->fcs == L2CAP_FCS_NONE ||
1682 pi->conf_state & L2CAP_CONF_NO_FCS_RECV) {
1683 pi->fcs = L2CAP_FCS_NONE;
1684 l2cap_add_conf_opt(&ptr, L2CAP_CONF_FCS, 1, pi->fcs);
1685 }
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1686 break;
1687
1688 case L2CAP_MODE_STREAMING:
1689 rfc.mode = L2CAP_MODE_STREAMING;
1690 rfc.txwin_size = 0;
1691 rfc.max_transmit = 0;
1692 rfc.retrans_timeout = 0;
1693 rfc.monitor_timeout = 0;
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]1694 rfc.max_pdu_size = cpu_to_le16(L2CAP_DEFAULT_MAX_PDU_SIZE);
Gustavo F. Padovand1daa092010-05-01 16:15:36 -0300[diff] [blame]1695 if (L2CAP_DEFAULT_MAX_PDU_SIZE > pi->conn->mtu - 10)
Gustavo F. Padovan1c762152010-05-01 16:15:40 -0300[diff] [blame]1696 rfc.max_pdu_size = cpu_to_le16(pi->conn->mtu - 10);
Marcel Holtmann65c7c492009-05-02 23:07:53 -0700[diff] [blame]1697
Gustavo F. Padovan63406502010-08-03 23:49:29 -0300[diff] [blame]1698 l2cap_add_conf_opt(&ptr, L2CAP_CONF_RFC, sizeof(rfc),
1699 (unsigned long) &rfc);
1700
Gustavo F. Padovanfcc203c2009-08-20 22:26:02 -0300[diff] [blame]1701 if (!(pi->conn->feat_mask & L2CAP_FEAT_FCS))
1702 break;
1703
1704 if (pi->fcs == L2CAP_FCS_NONE ||
1705 pi->conf_state & L2CAP_CONF_NO_FCS_RECV) {
1706 pi->fcs = L2CAP_FCS_NONE;
1707 l2cap_add_conf_opt(&ptr, L2CAP_CONF_FCS, 1, pi->fcs);
1708 }
Marcel Holtmann65c7c492009-05-02 23:07:53 -0700[diff] [blame]1709 break;
1710 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1711
YOSHIFUJI Hideakiaca31922007-03-25 20:12:50 -0700[diff] [blame]1712 req->dcid = cpu_to_le16(pi->dcid);
1713 req->flags = cpu_to_le16(0);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1714
1715 return ptr - data;
1716}
1717
Gustavo F. Padovan73ffa902011-03-25 14:16:54 -0300[diff] [blame]1718static int l2cap_parse_conf_req(struct l2cap_chan *chan, void *data)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1719{
Gustavo F. Padovan73ffa902011-03-25 14:16:54 -0300[diff] [blame]1720 struct l2cap_pinfo *pi = l2cap_pi(chan->sk);
Marcel Holtmann5dee9e72007-05-24 14:27:19 +0200[diff] [blame]1721 struct l2cap_conf_rsp *rsp = data;
1722 void *ptr = rsp->data;
Gustavo F. Padovan73ffa902011-03-25 14:16:54 -0300[diff] [blame]1723 void *req = chan->conf_req;
1724 int len = chan->conf_len;
Marcel Holtmann5dee9e72007-05-24 14:27:19 +0200[diff] [blame]1725 int type, hint, olen;
1726 unsigned long val;
Marcel Holtmann6464f352007-10-20 13:39:51 +0200[diff] [blame]1727 struct l2cap_conf_rfc rfc = { .mode = L2CAP_MODE_BASIC };
Marcel Holtmann861d6882007-10-20 13:37:06 +0200[diff] [blame]1728 u16 mtu = L2CAP_DEFAULT_MTU;
Marcel Holtmann5dee9e72007-05-24 14:27:19 +0200[diff] [blame]1729 u16 result = L2CAP_CONF_SUCCESS;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1730
Gustavo F. Padovan73ffa902011-03-25 14:16:54 -0300[diff] [blame]1731 BT_DBG("chan %p", chan);
Marcel Holtmann820ae1b2006-11-18 22:15:00 +0100[diff] [blame]1732
Marcel Holtmann5dee9e72007-05-24 14:27:19 +0200[diff] [blame]1733 while (len >= L2CAP_CONF_OPT_SIZE) {
1734 len -= l2cap_get_conf_opt(&req, &type, &olen, &val);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1735
Gustavo F. Padovan589d2742009-04-20 01:31:07 -0300[diff] [blame]1736 hint = type & L2CAP_CONF_HINT;
Marcel Holtmann47ec1dcd2009-05-02 18:57:55 -0700[diff] [blame]1737 type &= L2CAP_CONF_MASK;
Marcel Holtmann5dee9e72007-05-24 14:27:19 +0200[diff] [blame]1738
1739 switch (type) {
1740 case L2CAP_CONF_MTU:
Marcel Holtmann861d6882007-10-20 13:37:06 +0200[diff] [blame]1741 mtu = val;
Marcel Holtmann5dee9e72007-05-24 14:27:19 +0200[diff] [blame]1742 break;
1743
1744 case L2CAP_CONF_FLUSH_TO:
1745 pi->flush_to = val;
1746 break;
1747
1748 case L2CAP_CONF_QOS:
1749 break;
1750
Marcel Holtmann6464f352007-10-20 13:39:51 +0200[diff] [blame]1751 case L2CAP_CONF_RFC:
1752 if (olen == sizeof(rfc))
1753 memcpy(&rfc, (void *) val, olen);
1754 break;
1755
Gustavo F. Padovanfcc203c2009-08-20 22:26:02 -0300[diff] [blame]1756 case L2CAP_CONF_FCS:
1757 if (val == L2CAP_FCS_NONE)
1758 pi->conf_state |= L2CAP_CONF_NO_FCS_RECV;
1759
1760 break;
1761
Marcel Holtmann5dee9e72007-05-24 14:27:19 +0200[diff] [blame]1762 default:
1763 if (hint)
1764 break;
1765
1766 result = L2CAP_CONF_UNKNOWN;
1767 *((u8 *) ptr++) = type;
1768 break;
1769 }
1770 }
1771
Gustavo F. Padovan73ffa902011-03-25 14:16:54 -0300[diff] [blame]1772 if (chan->num_conf_rsp || chan->num_conf_req > 1)
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1773 goto done;
1774
1775 switch (pi->mode) {
1776 case L2CAP_MODE_STREAMING:
1777 case L2CAP_MODE_ERTM:
Gustavo F. Padovan85eb53c2010-06-03 18:43:28 -0300[diff] [blame]1778 if (!(pi->conf_state & L2CAP_CONF_STATE2_DEVICE)) {
1779 pi->mode = l2cap_select_mode(rfc.mode,
1780 pi->conn->feat_mask);
1781 break;
1782 }
1783
Gustavo F. Padovan742e5192010-06-08 19:09:48 -0300[diff] [blame]1784 if (pi->mode != rfc.mode)
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1785 return -ECONNREFUSED;
Gustavo F. Padovan742e5192010-06-08 19:09:48 -0300[diff] [blame]1786
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1787 break;
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1788 }
1789
1790done:
1791 if (pi->mode != rfc.mode) {
1792 result = L2CAP_CONF_UNACCEPT;
1793 rfc.mode = pi->mode;
1794
Gustavo F. Padovan73ffa902011-03-25 14:16:54 -0300[diff] [blame]1795 if (chan->num_conf_rsp == 1)
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1796 return -ECONNREFUSED;
1797
1798 l2cap_add_conf_opt(&ptr, L2CAP_CONF_RFC,
1799 sizeof(rfc), (unsigned long) &rfc);
1800 }
1801
1802
Marcel Holtmann5dee9e72007-05-24 14:27:19 +0200[diff] [blame]1803 if (result == L2CAP_CONF_SUCCESS) {
1804 /* Configure output options and let the other side know
1805 * which ones we don't like. */
1806
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1807 if (mtu < L2CAP_DEFAULT_MIN_MTU)
1808 result = L2CAP_CONF_UNACCEPT;
1809 else {
1810 pi->omtu = mtu;
1811 pi->conf_state |= L2CAP_CONF_MTU_DONE;
1812 }
1813 l2cap_add_conf_opt(&ptr, L2CAP_CONF_MTU, 2, pi->omtu);
Marcel Holtmann5dee9e72007-05-24 14:27:19 +0200[diff] [blame]1814
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1815 switch (rfc.mode) {
1816 case L2CAP_MODE_BASIC:
1817 pi->fcs = L2CAP_FCS_NONE;
1818 pi->conf_state |= L2CAP_CONF_MODE_DONE;
1819 break;
1820
1821 case L2CAP_MODE_ERTM:
Gustavo F. Padovan2c03a7a2011-03-25 20:15:28 -0300[diff] [blame]1822 chan->remote_tx_win = rfc.txwin_size;
1823 chan->remote_max_tx = rfc.max_transmit;
Mat Martineau86b1b262010-08-05 15:54:22 -0700[diff] [blame]1824
1825 if (le16_to_cpu(rfc.max_pdu_size) > pi->conn->mtu - 10)
1826 rfc.max_pdu_size = cpu_to_le16(pi->conn->mtu - 10);
Gustavo F. Padovan1c762152010-05-01 16:15:40 -0300[diff] [blame]1827
Gustavo F. Padovan2c03a7a2011-03-25 20:15:28 -0300[diff] [blame]1828 chan->remote_mps = le16_to_cpu(rfc.max_pdu_size);
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1829
Gustavo F. Padovan10467e92010-05-01 16:15:40 -0300[diff] [blame]1830 rfc.retrans_timeout =
1831 le16_to_cpu(L2CAP_DEFAULT_RETRANS_TO);
1832 rfc.monitor_timeout =
1833 le16_to_cpu(L2CAP_DEFAULT_MONITOR_TO);
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1834
1835 pi->conf_state |= L2CAP_CONF_MODE_DONE;
Gustavo F. Padovan68ae6632009-10-17 21:41:01 -0300[diff] [blame]1836
1837 l2cap_add_conf_opt(&ptr, L2CAP_CONF_RFC,
1838 sizeof(rfc), (unsigned long) &rfc);
1839
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1840 break;
1841
1842 case L2CAP_MODE_STREAMING:
Mat Martineau86b1b262010-08-05 15:54:22 -0700[diff] [blame]1843 if (le16_to_cpu(rfc.max_pdu_size) > pi->conn->mtu - 10)
1844 rfc.max_pdu_size = cpu_to_le16(pi->conn->mtu - 10);
Gustavo F. Padovan1c762152010-05-01 16:15:40 -0300[diff] [blame]1845
Gustavo F. Padovan2c03a7a2011-03-25 20:15:28 -0300[diff] [blame]1846 chan->remote_mps = le16_to_cpu(rfc.max_pdu_size);
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1847
1848 pi->conf_state |= L2CAP_CONF_MODE_DONE;
Gustavo F. Padovan68ae6632009-10-17 21:41:01 -0300[diff] [blame]1849
1850 l2cap_add_conf_opt(&ptr, L2CAP_CONF_RFC,
1851 sizeof(rfc), (unsigned long) &rfc);
1852
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1853 break;
1854
1855 default:
Marcel Holtmann6464f352007-10-20 13:39:51 +0200[diff] [blame]1856 result = L2CAP_CONF_UNACCEPT;
1857
1858 memset(&rfc, 0, sizeof(rfc));
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1859 rfc.mode = pi->mode;
Marcel Holtmann6464f352007-10-20 13:39:51 +0200[diff] [blame]1860 }
Marcel Holtmann5dee9e72007-05-24 14:27:19 +0200[diff] [blame]1861
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1862 if (result == L2CAP_CONF_SUCCESS)
1863 pi->conf_state |= L2CAP_CONF_OUTPUT_DONE;
1864 }
Marcel Holtmann5dee9e72007-05-24 14:27:19 +0200[diff] [blame]1865 rsp->scid = cpu_to_le16(pi->dcid);
1866 rsp->result = cpu_to_le16(result);
1867 rsp->flags = cpu_to_le16(0x0000);
1868
1869 return ptr - data;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1870}
1871
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1872static int l2cap_parse_conf_rsp(struct sock *sk, void *rsp, int len, void *data, u16 *result)
1873{
1874 struct l2cap_pinfo *pi = l2cap_pi(sk);
1875 struct l2cap_conf_req *req = data;
1876 void *ptr = req->data;
1877 int type, olen;
1878 unsigned long val;
1879 struct l2cap_conf_rfc rfc;
1880
1881 BT_DBG("sk %p, rsp %p, len %d, req %p", sk, rsp, len, data);
1882
1883 while (len >= L2CAP_CONF_OPT_SIZE) {
1884 len -= l2cap_get_conf_opt(&rsp, &type, &olen, &val);
1885
1886 switch (type) {
1887 case L2CAP_CONF_MTU:
1888 if (val < L2CAP_DEFAULT_MIN_MTU) {
1889 *result = L2CAP_CONF_UNACCEPT;
Andrei Emeltchenko8183b772010-09-01 15:17:25 +0300[diff] [blame]1890 pi->imtu = L2CAP_DEFAULT_MIN_MTU;
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1891 } else
Andrei Emeltchenko8183b772010-09-01 15:17:25 +0300[diff] [blame]1892 pi->imtu = val;
1893 l2cap_add_conf_opt(&ptr, L2CAP_CONF_MTU, 2, pi->imtu);
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1894 break;
1895
1896 case L2CAP_CONF_FLUSH_TO:
1897 pi->flush_to = val;
1898 l2cap_add_conf_opt(&ptr, L2CAP_CONF_FLUSH_TO,
1899 2, pi->flush_to);
1900 break;
1901
1902 case L2CAP_CONF_RFC:
1903 if (olen == sizeof(rfc))
1904 memcpy(&rfc, (void *)val, olen);
1905
1906 if ((pi->conf_state & L2CAP_CONF_STATE2_DEVICE) &&
1907 rfc.mode != pi->mode)
1908 return -ECONNREFUSED;
1909
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1910 pi->fcs = 0;
1911
1912 l2cap_add_conf_opt(&ptr, L2CAP_CONF_RFC,
1913 sizeof(rfc), (unsigned long) &rfc);
1914 break;
1915 }
1916 }
1917
Gustavo F. Padovan6c2ea7a2010-06-08 20:08:49 -0300[diff] [blame]1918 if (pi->mode == L2CAP_MODE_BASIC && pi->mode != rfc.mode)
1919 return -ECONNREFUSED;
1920
1921 pi->mode = rfc.mode;
1922
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1923 if (*result == L2CAP_CONF_SUCCESS) {
1924 switch (rfc.mode) {
1925 case L2CAP_MODE_ERTM:
Gustavo F. Padovan10467e92010-05-01 16:15:40 -0300[diff] [blame]1926 pi->retrans_timeout = le16_to_cpu(rfc.retrans_timeout);
1927 pi->monitor_timeout = le16_to_cpu(rfc.monitor_timeout);
Gustavo F. Padovan1c762152010-05-01 16:15:40 -0300[diff] [blame]1928 pi->mps = le16_to_cpu(rfc.max_pdu_size);
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1929 break;
1930 case L2CAP_MODE_STREAMING:
Gustavo F. Padovan1c762152010-05-01 16:15:40 -0300[diff] [blame]1931 pi->mps = le16_to_cpu(rfc.max_pdu_size);
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1932 }
1933 }
1934
1935 req->dcid = cpu_to_le16(pi->dcid);
1936 req->flags = cpu_to_le16(0x0000);
1937
1938 return ptr - data;
1939}
1940
Marcel Holtmann5dee9e72007-05-24 14:27:19 +0200[diff] [blame]1941static int l2cap_build_conf_rsp(struct sock *sk, void *data, u16 result, u16 flags)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1942{
1943 struct l2cap_conf_rsp *rsp = data;
1944 void *ptr = rsp->data;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1945
Marcel Holtmann5dee9e72007-05-24 14:27:19 +0200[diff] [blame]1946 BT_DBG("sk %p", sk);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1947
YOSHIFUJI Hideakiaca31922007-03-25 20:12:50 -0700[diff] [blame]1948 rsp->scid = cpu_to_le16(l2cap_pi(sk)->dcid);
Marcel Holtmann5dee9e72007-05-24 14:27:19 +0200[diff] [blame]1949 rsp->result = cpu_to_le16(result);
YOSHIFUJI Hideakiaca31922007-03-25 20:12:50 -0700[diff] [blame]1950 rsp->flags = cpu_to_le16(flags);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1951
1952 return ptr - data;
1953}
1954
Gustavo F. Padovan710f9b02011-03-25 14:30:37 -0300[diff] [blame]1955void __l2cap_connect_rsp_defer(struct sock *sk)
1956{
1957 struct l2cap_conn_rsp rsp;
1958 struct l2cap_conn *conn = l2cap_pi(sk)->conn;
1959 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
1960 u8 buf[128];
1961
1962 sk->sk_state = BT_CONFIG;
1963
1964 rsp.scid = cpu_to_le16(l2cap_pi(sk)->dcid);
1965 rsp.dcid = cpu_to_le16(l2cap_pi(sk)->scid);
1966 rsp.result = cpu_to_le16(L2CAP_CR_SUCCESS);
1967 rsp.status = cpu_to_le16(L2CAP_CS_NO_INFO);
1968 l2cap_send_cmd(conn, chan->ident,
1969 L2CAP_CONN_RSP, sizeof(rsp), &rsp);
1970
1971 if (l2cap_pi(sk)->conf_state & L2CAP_CONF_REQ_SENT)
1972 return;
1973
1974 l2cap_pi(sk)->conf_state |= L2CAP_CONF_REQ_SENT;
1975 l2cap_send_cmd(conn, l2cap_get_ident(conn), L2CAP_CONF_REQ,
1976 l2cap_build_conf_req(chan, buf), buf);
1977 chan->num_conf_req++;
1978}
1979
Gustavo F. Padovan7b1c0042010-05-01 16:15:39 -0300[diff] [blame]1980static void l2cap_conf_rfc_get(struct sock *sk, void *rsp, int len)
1981{
1982 struct l2cap_pinfo *pi = l2cap_pi(sk);
1983 int type, olen;
1984 unsigned long val;
1985 struct l2cap_conf_rfc rfc;
1986
1987 BT_DBG("sk %p, rsp %p, len %d", sk, rsp, len);
1988
1989 if ((pi->mode != L2CAP_MODE_ERTM) && (pi->mode != L2CAP_MODE_STREAMING))
1990 return;
1991
1992 while (len >= L2CAP_CONF_OPT_SIZE) {
1993 len -= l2cap_get_conf_opt(&rsp, &type, &olen, &val);
1994
1995 switch (type) {
1996 case L2CAP_CONF_RFC:
1997 if (olen == sizeof(rfc))
1998 memcpy(&rfc, (void *)val, olen);
1999 goto done;
2000 }
2001 }
2002
2003done:
2004 switch (rfc.mode) {
2005 case L2CAP_MODE_ERTM:
Gustavo F. Padovan10467e92010-05-01 16:15:40 -0300[diff] [blame]2006 pi->retrans_timeout = le16_to_cpu(rfc.retrans_timeout);
2007 pi->monitor_timeout = le16_to_cpu(rfc.monitor_timeout);
Gustavo F. Padovan7b1c0042010-05-01 16:15:39 -0300[diff] [blame]2008 pi->mps = le16_to_cpu(rfc.max_pdu_size);
2009 break;
2010 case L2CAP_MODE_STREAMING:
2011 pi->mps = le16_to_cpu(rfc.max_pdu_size);
2012 }
2013}
2014
Marcel Holtmann4e8402a2007-10-20 13:37:56 +0200[diff] [blame]2015static inline int l2cap_command_rej(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u8 *data)
2016{
2017 struct l2cap_cmd_rej *rej = (struct l2cap_cmd_rej *) data;
2018
2019 if (rej->reason != 0x0000)
2020 return 0;
2021
2022 if ((conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_SENT) &&
2023 cmd->ident == conn->info_ident) {
Marcel Holtmann4e8402a2007-10-20 13:37:56 +0200[diff] [blame]2024 del_timer(&conn->info_timer);
Marcel Holtmann984947d2009-02-06 23:35:19 +0100[diff] [blame]2025
2026 conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_DONE;
Marcel Holtmanne1027a72009-02-09 09:18:02 +0100[diff] [blame]2027 conn->info_ident = 0;
Marcel Holtmann984947d2009-02-06 23:35:19 +0100[diff] [blame]2028
Marcel Holtmann4e8402a2007-10-20 13:37:56 +0200[diff] [blame]2029 l2cap_conn_start(conn);
2030 }
2031
2032 return 0;
2033}
2034
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2035static inline int l2cap_connect_req(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u8 *data)
2036{
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2037 struct l2cap_conn_req *req = (struct l2cap_conn_req *) data;
2038 struct l2cap_conn_rsp rsp;
Gustavo F. Padovan73ffa902011-03-25 14:16:54 -0300[diff] [blame]2039 struct l2cap_chan *chan = NULL;
Nathan Holsteind793fe82010-10-15 11:54:02 -0400[diff] [blame]2040 struct sock *parent, *sk = NULL;
Marcel Holtmanne7c29cb2008-09-09 07:19:20 +0200[diff] [blame]2041 int result, status = L2CAP_CS_NO_INFO;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2042
2043 u16 dcid = 0, scid = __le16_to_cpu(req->scid);
Marcel Holtmanne7c29cb2008-09-09 07:19:20 +0200[diff] [blame]2044 __le16 psm = req->psm;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2045
2046 BT_DBG("psm 0x%2.2x scid 0x%4.4x", psm, scid);
2047
2048 /* Check if we have socket listening on psm */
2049 parent = l2cap_get_sock_by_psm(BT_LISTEN, psm, conn->src);
2050 if (!parent) {
2051 result = L2CAP_CR_BAD_PSM;
2052 goto sendresp;
2053 }
2054
Gustavo F. Padovane0f0cb52010-11-01 18:43:53 +0000[diff] [blame]2055 bh_lock_sock(parent);
2056
Marcel Holtmanne7c29cb2008-09-09 07:19:20 +0200[diff] [blame]2057 /* Check if the ACL is secure enough (if not SDP) */
2058 if (psm != cpu_to_le16(0x0001) &&
2059 !hci_conn_check_link_mode(conn->hcon)) {
Marcel Holtmann2950f212009-02-12 14:02:50 +0100[diff] [blame]2060 conn->disc_reason = 0x05;
Marcel Holtmanne7c29cb2008-09-09 07:19:20 +0200[diff] [blame]2061 result = L2CAP_CR_SEC_BLOCK;
2062 goto response;
2063 }
2064
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2065 result = L2CAP_CR_NO_MEM;
2066
2067 /* Check for backlog size */
2068 if (sk_acceptq_is_full(parent)) {
YOSHIFUJI Hideaki8e87d142007-02-09 23:24:33 +0900[diff] [blame]2069 BT_DBG("backlog full %d", parent->sk_ack_backlog);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2070 goto response;
2071 }
2072
YOSHIFUJI Hideaki3b1e0a62008-03-26 02:26:21 +0900[diff] [blame]2073 sk = l2cap_sock_alloc(sock_net(parent), NULL, BTPROTO_L2CAP, GFP_ATOMIC);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2074 if (!sk)
2075 goto response;
2076
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]2077 chan = l2cap_chan_alloc(sk);
2078 if (!chan) {
2079 l2cap_sock_kill(sk);
2080 goto response;
2081 }
2082
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]2083 write_lock_bh(&conn->chan_lock);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2084
2085 /* Check if we already have channel with that dcid */
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]2086 if (__l2cap_get_chan_by_dcid(conn, scid)) {
2087 write_unlock_bh(&conn->chan_lock);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2088 sock_set_flag(sk, SOCK_ZAPPED);
2089 l2cap_sock_kill(sk);
2090 goto response;
2091 }
2092
2093 hci_conn_hold(conn->hcon);
2094
2095 l2cap_sock_init(sk, parent);
2096 bacpy(&bt_sk(sk)->src, conn->src);
2097 bacpy(&bt_sk(sk)->dst, conn->dst);
2098 l2cap_pi(sk)->psm = psm;
2099 l2cap_pi(sk)->dcid = scid;
2100
Gustavo F. Padovand1010242011-03-25 00:39:48 -0300[diff] [blame]2101 bt_accept_enqueue(parent, sk);
2102
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]2103 __l2cap_chan_add(conn, chan);
2104
2105 l2cap_pi(sk)->chan = chan;
2106
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2107 dcid = l2cap_pi(sk)->scid;
2108
2109 l2cap_sock_set_timer(sk, sk->sk_sndtimeo);
2110
Gustavo F. Padovanfc7f8a72011-03-25 13:59:37 -0300[diff] [blame]2111 chan->ident = cmd->ident;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2112
Marcel Holtmann984947d2009-02-06 23:35:19 +0100[diff] [blame]2113 if (conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_DONE) {
Marcel Holtmann2af6b9d2009-01-15 21:58:38 +0100[diff] [blame]2114 if (l2cap_check_security(sk)) {
Marcel Holtmannf66dc812009-01-15 21:57:00 +0100[diff] [blame]2115 if (bt_sk(sk)->defer_setup) {
2116 sk->sk_state = BT_CONNECT2;
2117 result = L2CAP_CR_PEND;
2118 status = L2CAP_CS_AUTHOR_PEND;
2119 parent->sk_data_ready(parent, 0);
2120 } else {
2121 sk->sk_state = BT_CONFIG;
2122 result = L2CAP_CR_SUCCESS;
2123 status = L2CAP_CS_NO_INFO;
2124 }
Marcel Holtmann79d554a2008-07-14 20:13:44 +0200[diff] [blame]2125 } else {
2126 sk->sk_state = BT_CONNECT2;
2127 result = L2CAP_CR_PEND;
2128 status = L2CAP_CS_AUTHEN_PEND;
2129 }
2130 } else {
2131 sk->sk_state = BT_CONNECT2;
2132 result = L2CAP_CR_PEND;
2133 status = L2CAP_CS_NO_INFO;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2134 }
2135
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]2136 write_unlock_bh(&conn->chan_lock);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2137
2138response:
2139 bh_unlock_sock(parent);
2140
2141sendresp:
YOSHIFUJI Hideakiaca31922007-03-25 20:12:50 -0700[diff] [blame]2142 rsp.scid = cpu_to_le16(scid);
2143 rsp.dcid = cpu_to_le16(dcid);
2144 rsp.result = cpu_to_le16(result);
2145 rsp.status = cpu_to_le16(status);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2146 l2cap_send_cmd(conn, cmd->ident, L2CAP_CONN_RSP, sizeof(rsp), &rsp);
Marcel Holtmann79d554a2008-07-14 20:13:44 +0200[diff] [blame]2147
2148 if (result == L2CAP_CR_PEND && status == L2CAP_CS_NO_INFO) {
2149 struct l2cap_info_req info;
2150 info.type = cpu_to_le16(L2CAP_IT_FEAT_MASK);
2151
2152 conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_SENT;
2153 conn->info_ident = l2cap_get_ident(conn);
2154
2155 mod_timer(&conn->info_timer, jiffies +
2156 msecs_to_jiffies(L2CAP_INFO_TIMEOUT));
2157
2158 l2cap_send_cmd(conn, conn->info_ident,
2159 L2CAP_INFO_REQ, sizeof(info), &info);
2160 }
2161
Gustavo F. Padovan73ffa902011-03-25 14:16:54 -0300[diff] [blame]2162 if (chan && !(l2cap_pi(sk)->conf_state & L2CAP_CONF_REQ_SENT) &&
Gustavo F. Padovane9aeb2d2010-07-08 20:08:18 -0300[diff] [blame]2163 result == L2CAP_CR_SUCCESS) {
2164 u8 buf[128];
2165 l2cap_pi(sk)->conf_state |= L2CAP_CONF_REQ_SENT;
2166 l2cap_send_cmd(conn, l2cap_get_ident(conn), L2CAP_CONF_REQ,
Gustavo F. Padovan73ffa902011-03-25 14:16:54 -0300[diff] [blame]2167 l2cap_build_conf_req(chan, buf), buf);
2168 chan->num_conf_req++;
Gustavo F. Padovane9aeb2d2010-07-08 20:08:18 -0300[diff] [blame]2169 }
2170
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2171 return 0;
2172}
2173
2174static inline int l2cap_connect_rsp(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u8 *data)
2175{
2176 struct l2cap_conn_rsp *rsp = (struct l2cap_conn_rsp *) data;
2177 u16 scid, dcid, result, status;
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]2178 struct l2cap_chan *chan;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2179 struct sock *sk;
2180 u8 req[128];
2181
2182 scid = __le16_to_cpu(rsp->scid);
2183 dcid = __le16_to_cpu(rsp->dcid);
2184 result = __le16_to_cpu(rsp->result);
2185 status = __le16_to_cpu(rsp->status);
2186
2187 BT_DBG("dcid 0x%4.4x scid 0x%4.4x result 0x%2.2x status 0x%2.2x", dcid, scid, result, status);
2188
2189 if (scid) {
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]2190 chan = l2cap_get_chan_by_scid(conn, scid);
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]2191 if (!chan)
João Paulo Rechi Vita57d3b222010-06-22 13:56:26 -0300[diff] [blame]2192 return -EFAULT;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2193 } else {
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]2194 chan = l2cap_get_chan_by_ident(conn, cmd->ident);
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]2195 if (!chan)
João Paulo Rechi Vita57d3b222010-06-22 13:56:26 -0300[diff] [blame]2196 return -EFAULT;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2197 }
2198
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]2199 sk = chan->sk;
2200
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2201 switch (result) {
2202 case L2CAP_CR_SUCCESS:
2203 sk->sk_state = BT_CONFIG;
Gustavo F. Padovanfc7f8a72011-03-25 13:59:37 -0300[diff] [blame]2204 chan->ident = 0;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2205 l2cap_pi(sk)->dcid = dcid;
Marcel Holtmann6a8d3012009-02-06 23:56:36 +0100[diff] [blame]2206 l2cap_pi(sk)->conf_state &= ~L2CAP_CONF_CONNECT_PEND;
2207
Gustavo F. Padovane9aeb2d2010-07-08 20:08:18 -0300[diff] [blame]2208 if (l2cap_pi(sk)->conf_state & L2CAP_CONF_REQ_SENT)
2209 break;
2210
2211 l2cap_pi(sk)->conf_state |= L2CAP_CONF_REQ_SENT;
2212
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2213 l2cap_send_cmd(conn, l2cap_get_ident(conn), L2CAP_CONF_REQ,
Gustavo F. Padovan73ffa902011-03-25 14:16:54 -0300[diff] [blame]2214 l2cap_build_conf_req(chan, req), req);
2215 chan->num_conf_req++;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2216 break;
2217
2218 case L2CAP_CR_PEND:
Marcel Holtmann6a8d3012009-02-06 23:56:36 +0100[diff] [blame]2219 l2cap_pi(sk)->conf_state |= L2CAP_CONF_CONNECT_PEND;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2220 break;
2221
2222 default:
Andrei Emeltchenkoa49184c2010-11-03 12:32:44 +0200[diff] [blame]2223 /* don't delete l2cap channel if sk is owned by user */
2224 if (sock_owned_by_user(sk)) {
2225 sk->sk_state = BT_DISCONN;
2226 l2cap_sock_clear_timer(sk);
2227 l2cap_sock_set_timer(sk, HZ / 5);
2228 break;
2229 }
2230
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]2231 l2cap_chan_del(chan, ECONNREFUSED);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2232 break;
2233 }
2234
2235 bh_unlock_sock(sk);
2236 return 0;
2237}
2238
Mat Martineau8c462b62010-08-24 15:35:42 -0700[diff] [blame]2239static inline void set_default_fcs(struct l2cap_pinfo *pi)
2240{
2241 /* FCS is enabled only in ERTM or streaming mode, if one or both
2242 * sides request it.
2243 */
2244 if (pi->mode != L2CAP_MODE_ERTM && pi->mode != L2CAP_MODE_STREAMING)
2245 pi->fcs = L2CAP_FCS_NONE;
2246 else if (!(pi->conf_state & L2CAP_CONF_NO_FCS_RECV))
2247 pi->fcs = L2CAP_FCS_CRC16;
2248}
2249
Al Viro88219a02007-07-29 00:17:25 -0700[diff] [blame]2250static inline int l2cap_config_req(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u16 cmd_len, u8 *data)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2251{
2252 struct l2cap_conf_req *req = (struct l2cap_conf_req *) data;
2253 u16 dcid, flags;
2254 u8 rsp[64];
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]2255 struct l2cap_chan *chan;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2256 struct sock *sk;
Marcel Holtmann5dee9e72007-05-24 14:27:19 +0200[diff] [blame]2257 int len;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2258
2259 dcid = __le16_to_cpu(req->dcid);
2260 flags = __le16_to_cpu(req->flags);
2261
2262 BT_DBG("dcid 0x%4.4x flags 0x%2.2x", dcid, flags);
2263
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]2264 chan = l2cap_get_chan_by_scid(conn, dcid);
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]2265 if (!chan)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2266 return -ENOENT;
2267
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]2268 sk = chan->sk;
2269
Gustavo F. Padovandf6bd742010-06-14 02:26:15 -0300[diff] [blame]2270 if (sk->sk_state != BT_CONFIG) {
2271 struct l2cap_cmd_rej rej;
2272
2273 rej.reason = cpu_to_le16(0x0002);
2274 l2cap_send_cmd(conn, cmd->ident, L2CAP_COMMAND_REJ,
2275 sizeof(rej), &rej);
Marcel Holtmann354f60a2006-11-18 22:15:20 +0100[diff] [blame]2276 goto unlock;
Gustavo F. Padovandf6bd742010-06-14 02:26:15 -0300[diff] [blame]2277 }
Marcel Holtmann354f60a2006-11-18 22:15:20 +0100[diff] [blame]2278
Marcel Holtmann5dee9e72007-05-24 14:27:19 +0200[diff] [blame]2279 /* Reject if config buffer is too small. */
Al Viro88219a02007-07-29 00:17:25 -0700[diff] [blame]2280 len = cmd_len - sizeof(*req);
Gustavo F. Padovan73ffa902011-03-25 14:16:54 -0300[diff] [blame]2281 if (chan->conf_len + len > sizeof(chan->conf_req)) {
Marcel Holtmann5dee9e72007-05-24 14:27:19 +0200[diff] [blame]2282 l2cap_send_cmd(conn, cmd->ident, L2CAP_CONF_RSP,
2283 l2cap_build_conf_rsp(sk, rsp,
2284 L2CAP_CONF_REJECT, flags), rsp);
2285 goto unlock;
2286 }
2287
2288 /* Store config. */
Gustavo F. Padovan73ffa902011-03-25 14:16:54 -0300[diff] [blame]2289 memcpy(chan->conf_req + chan->conf_len, req->data, len);
2290 chan->conf_len += len;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2291
2292 if (flags & 0x0001) {
2293 /* Incomplete config. Send empty response. */
2294 l2cap_send_cmd(conn, cmd->ident, L2CAP_CONF_RSP,
Marcel Holtmann5dee9e72007-05-24 14:27:19 +0200[diff] [blame]2295 l2cap_build_conf_rsp(sk, rsp,
2296 L2CAP_CONF_SUCCESS, 0x0001), rsp);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2297 goto unlock;
2298 }
2299
2300 /* Complete config. */
Gustavo F. Padovan73ffa902011-03-25 14:16:54 -0300[diff] [blame]2301 len = l2cap_parse_conf_req(chan, rsp);
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]2302 if (len < 0) {
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]2303 l2cap_send_disconn_req(conn, chan, ECONNRESET);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2304 goto unlock;
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]2305 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2306
Marcel Holtmann5dee9e72007-05-24 14:27:19 +0200[diff] [blame]2307 l2cap_send_cmd(conn, cmd->ident, L2CAP_CONF_RSP, len, rsp);
Gustavo F. Padovan73ffa902011-03-25 14:16:54 -0300[diff] [blame]2308 chan->num_conf_rsp++;
Marcel Holtmann5dee9e72007-05-24 14:27:19 +0200[diff] [blame]2309
Marcel Holtmann5dee9e72007-05-24 14:27:19 +0200[diff] [blame]2310 /* Reset config buffer. */
Gustavo F. Padovan73ffa902011-03-25 14:16:54 -0300[diff] [blame]2311 chan->conf_len = 0;
Marcel Holtmann5dee9e72007-05-24 14:27:19 +0200[diff] [blame]2312
Marcel Holtmann876d9482007-10-20 13:35:42 +0200[diff] [blame]2313 if (!(l2cap_pi(sk)->conf_state & L2CAP_CONF_OUTPUT_DONE))
2314 goto unlock;
2315
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2316 if (l2cap_pi(sk)->conf_state & L2CAP_CONF_INPUT_DONE) {
Mat Martineau8c462b62010-08-24 15:35:42 -0700[diff] [blame]2317 set_default_fcs(l2cap_pi(sk));
Gustavo F. Padovanfcc203c2009-08-20 22:26:02 -0300[diff] [blame]2318
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2319 sk->sk_state = BT_CONNECTED;
Gustavo F. Padovan0565c1c2009-10-03 02:34:36 -0300[diff] [blame]2320
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]2321 chan->next_tx_seq = 0;
2322 chan->expected_tx_seq = 0;
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]2323 __skb_queue_head_init(TX_QUEUE(sk));
Gustavo F. Padovan0565c1c2009-10-03 02:34:36 -0300[diff] [blame]2324 if (l2cap_pi(sk)->mode == L2CAP_MODE_ERTM)
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2325 l2cap_ertm_init(chan);
Gustavo F. Padovan0565c1c2009-10-03 02:34:36 -0300[diff] [blame]2326
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2327 l2cap_chan_ready(sk);
Marcel Holtmann876d9482007-10-20 13:35:42 +0200[diff] [blame]2328 goto unlock;
2329 }
2330
2331 if (!(l2cap_pi(sk)->conf_state & L2CAP_CONF_REQ_SENT)) {
Marcel Holtmann79d554a2008-07-14 20:13:44 +0200[diff] [blame]2332 u8 buf[64];
Haijun Liuab3e5712010-09-30 16:52:40 +0800[diff] [blame]2333 l2cap_pi(sk)->conf_state |= L2CAP_CONF_REQ_SENT;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2334 l2cap_send_cmd(conn, l2cap_get_ident(conn), L2CAP_CONF_REQ,
Gustavo F. Padovan73ffa902011-03-25 14:16:54 -0300[diff] [blame]2335 l2cap_build_conf_req(chan, buf), buf);
2336 chan->num_conf_req++;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2337 }
2338
2339unlock:
2340 bh_unlock_sock(sk);
2341 return 0;
2342}
2343
2344static inline int l2cap_config_rsp(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u8 *data)
2345{
2346 struct l2cap_conf_rsp *rsp = (struct l2cap_conf_rsp *)data;
2347 u16 scid, flags, result;
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]2348 struct l2cap_chan *chan;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2349 struct sock *sk;
Gustavo F. Padovan7b1c0042010-05-01 16:15:39 -0300[diff] [blame]2350 int len = cmd->len - sizeof(*rsp);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2351
2352 scid = __le16_to_cpu(rsp->scid);
2353 flags = __le16_to_cpu(rsp->flags);
2354 result = __le16_to_cpu(rsp->result);
2355
Gustavo F. Padovanaf05b30b2009-04-20 01:31:08 -0300[diff] [blame]2356 BT_DBG("scid 0x%4.4x flags 0x%2.2x result 0x%2.2x",
2357 scid, flags, result);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2358
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]2359 chan = l2cap_get_chan_by_scid(conn, scid);
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]2360 if (!chan)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2361 return 0;
2362
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]2363 sk = chan->sk;
2364
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2365 switch (result) {
2366 case L2CAP_CONF_SUCCESS:
Gustavo F. Padovan7b1c0042010-05-01 16:15:39 -0300[diff] [blame]2367 l2cap_conf_rfc_get(sk, rsp->data, len);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2368 break;
2369
2370 case L2CAP_CONF_UNACCEPT:
Gustavo F. Padovan73ffa902011-03-25 14:16:54 -0300[diff] [blame]2371 if (chan->num_conf_rsp <= L2CAP_CONF_MAX_CONF_RSP) {
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]2372 char req[64];
2373
Andrei Emeltchenkoc2c77ec2010-03-19 10:26:28 +0200[diff] [blame]2374 if (len > sizeof(req) - sizeof(struct l2cap_conf_req)) {
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]2375 l2cap_send_disconn_req(conn, chan, ECONNRESET);
Andrei Emeltchenkoc2c77ec2010-03-19 10:26:28 +0200[diff] [blame]2376 goto done;
2377 }
2378
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]2379 /* throw out any old stored conf requests */
2380 result = L2CAP_CONF_SUCCESS;
2381 len = l2cap_parse_conf_rsp(sk, rsp->data,
2382 len, req, &result);
2383 if (len < 0) {
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]2384 l2cap_send_disconn_req(conn, chan, ECONNRESET);
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]2385 goto done;
2386 }
2387
2388 l2cap_send_cmd(conn, l2cap_get_ident(conn),
2389 L2CAP_CONF_REQ, len, req);
Gustavo F. Padovan73ffa902011-03-25 14:16:54 -0300[diff] [blame]2390 chan->num_conf_req++;
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]2391 if (result != L2CAP_CONF_SUCCESS)
2392 goto done;
2393 break;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2394 }
2395
YOSHIFUJI Hideaki8e87d142007-02-09 23:24:33 +0900[diff] [blame]2396 default:
Marcel Holtmannb1235d72008-07-14 20:13:54 +0200[diff] [blame]2397 sk->sk_err = ECONNRESET;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2398 l2cap_sock_set_timer(sk, HZ * 5);
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]2399 l2cap_send_disconn_req(conn, chan, ECONNRESET);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2400 goto done;
2401 }
2402
2403 if (flags & 0x01)
2404 goto done;
2405
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2406 l2cap_pi(sk)->conf_state |= L2CAP_CONF_INPUT_DONE;
2407
2408 if (l2cap_pi(sk)->conf_state & L2CAP_CONF_OUTPUT_DONE) {
Mat Martineau8c462b62010-08-24 15:35:42 -0700[diff] [blame]2409 set_default_fcs(l2cap_pi(sk));
Gustavo F. Padovanfcc203c2009-08-20 22:26:02 -0300[diff] [blame]2410
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2411 sk->sk_state = BT_CONNECTED;
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]2412 chan->next_tx_seq = 0;
2413 chan->expected_tx_seq = 0;
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]2414 __skb_queue_head_init(TX_QUEUE(sk));
Gustavo F. Padovan0565c1c2009-10-03 02:34:36 -0300[diff] [blame]2415 if (l2cap_pi(sk)->mode == L2CAP_MODE_ERTM)
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2416 l2cap_ertm_init(chan);
Gustavo F. Padovan0565c1c2009-10-03 02:34:36 -0300[diff] [blame]2417
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2418 l2cap_chan_ready(sk);
2419 }
2420
2421done:
2422 bh_unlock_sock(sk);
2423 return 0;
2424}
2425
2426static inline int l2cap_disconnect_req(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u8 *data)
2427{
2428 struct l2cap_disconn_req *req = (struct l2cap_disconn_req *) data;
2429 struct l2cap_disconn_rsp rsp;
2430 u16 dcid, scid;
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]2431 struct l2cap_chan *chan;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2432 struct sock *sk;
2433
2434 scid = __le16_to_cpu(req->scid);
2435 dcid = __le16_to_cpu(req->dcid);
2436
2437 BT_DBG("scid 0x%4.4x dcid 0x%4.4x", scid, dcid);
2438
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]2439 chan = l2cap_get_chan_by_scid(conn, dcid);
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]2440 if (!chan)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2441 return 0;
2442
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]2443 sk = chan->sk;
2444
YOSHIFUJI Hideakiaca31922007-03-25 20:12:50 -0700[diff] [blame]2445 rsp.dcid = cpu_to_le16(l2cap_pi(sk)->scid);
2446 rsp.scid = cpu_to_le16(l2cap_pi(sk)->dcid);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2447 l2cap_send_cmd(conn, cmd->ident, L2CAP_DISCONN_RSP, sizeof(rsp), &rsp);
2448
2449 sk->sk_shutdown = SHUTDOWN_MASK;
2450
Andrei Emeltchenkoa49184c2010-11-03 12:32:44 +0200[diff] [blame]2451 /* don't delete l2cap channel if sk is owned by user */
2452 if (sock_owned_by_user(sk)) {
2453 sk->sk_state = BT_DISCONN;
2454 l2cap_sock_clear_timer(sk);
2455 l2cap_sock_set_timer(sk, HZ / 5);
2456 bh_unlock_sock(sk);
2457 return 0;
2458 }
2459
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]2460 l2cap_chan_del(chan, ECONNRESET);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2461 bh_unlock_sock(sk);
2462
2463 l2cap_sock_kill(sk);
2464 return 0;
2465}
2466
2467static inline int l2cap_disconnect_rsp(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u8 *data)
2468{
2469 struct l2cap_disconn_rsp *rsp = (struct l2cap_disconn_rsp *) data;
2470 u16 dcid, scid;
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]2471 struct l2cap_chan *chan;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2472 struct sock *sk;
2473
2474 scid = __le16_to_cpu(rsp->scid);
2475 dcid = __le16_to_cpu(rsp->dcid);
2476
2477 BT_DBG("dcid 0x%4.4x scid 0x%4.4x", dcid, scid);
2478
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]2479 chan = l2cap_get_chan_by_scid(conn, scid);
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]2480 if (!chan)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2481 return 0;
2482
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]2483 sk = chan->sk;
2484
Andrei Emeltchenkoa49184c2010-11-03 12:32:44 +0200[diff] [blame]2485 /* don't delete l2cap channel if sk is owned by user */
2486 if (sock_owned_by_user(sk)) {
2487 sk->sk_state = BT_DISCONN;
2488 l2cap_sock_clear_timer(sk);
2489 l2cap_sock_set_timer(sk, HZ / 5);
2490 bh_unlock_sock(sk);
2491 return 0;
2492 }
2493
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]2494 l2cap_chan_del(chan, 0);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2495 bh_unlock_sock(sk);
2496
2497 l2cap_sock_kill(sk);
2498 return 0;
2499}
2500
2501static inline int l2cap_information_req(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u8 *data)
2502{
2503 struct l2cap_info_req *req = (struct l2cap_info_req *) data;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2504 u16 type;
2505
2506 type = __le16_to_cpu(req->type);
2507
2508 BT_DBG("type 0x%4.4x", type);
2509
Marcel Holtmannf0709e02007-10-20 13:38:51 +0200[diff] [blame]2510 if (type == L2CAP_IT_FEAT_MASK) {
2511 u8 buf[8];
Marcel Holtmann44dd46d2009-05-02 19:09:01 -0700[diff] [blame]2512 u32 feat_mask = l2cap_feat_mask;
Marcel Holtmannf0709e02007-10-20 13:38:51 +0200[diff] [blame]2513 struct l2cap_info_rsp *rsp = (struct l2cap_info_rsp *) buf;
2514 rsp->type = cpu_to_le16(L2CAP_IT_FEAT_MASK);
2515 rsp->result = cpu_to_le16(L2CAP_IR_SUCCESS);
Gustavo F. Padovand1c4a172010-07-18 16:25:54 -0300[diff] [blame]2516 if (!disable_ertm)
Gustavo F. Padovanfcc203c2009-08-20 22:26:02 -0300[diff] [blame]2517 feat_mask |= L2CAP_FEAT_ERTM | L2CAP_FEAT_STREAMING
2518 | L2CAP_FEAT_FCS;
Gustavo F. Padovan1b7bf4e2009-08-24 00:45:20 -0300[diff] [blame]2519 put_unaligned_le32(feat_mask, rsp->data);
Marcel Holtmannf0709e02007-10-20 13:38:51 +0200[diff] [blame]2520 l2cap_send_cmd(conn, cmd->ident,
2521 L2CAP_INFO_RSP, sizeof(buf), buf);
Marcel Holtmanne1027a72009-02-09 09:18:02 +0100[diff] [blame]2522 } else if (type == L2CAP_IT_FIXED_CHAN) {
2523 u8 buf[12];
2524 struct l2cap_info_rsp *rsp = (struct l2cap_info_rsp *) buf;
2525 rsp->type = cpu_to_le16(L2CAP_IT_FIXED_CHAN);
2526 rsp->result = cpu_to_le16(L2CAP_IR_SUCCESS);
2527 memcpy(buf + 4, l2cap_fixed_chan, 8);
2528 l2cap_send_cmd(conn, cmd->ident,
2529 L2CAP_INFO_RSP, sizeof(buf), buf);
Marcel Holtmannf0709e02007-10-20 13:38:51 +0200[diff] [blame]2530 } else {
2531 struct l2cap_info_rsp rsp;
2532 rsp.type = cpu_to_le16(type);
2533 rsp.result = cpu_to_le16(L2CAP_IR_NOTSUPP);
2534 l2cap_send_cmd(conn, cmd->ident,
2535 L2CAP_INFO_RSP, sizeof(rsp), &rsp);
2536 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2537
2538 return 0;
2539}
2540
2541static inline int l2cap_information_rsp(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u8 *data)
2542{
2543 struct l2cap_info_rsp *rsp = (struct l2cap_info_rsp *) data;
2544 u16 type, result;
2545
2546 type = __le16_to_cpu(rsp->type);
2547 result = __le16_to_cpu(rsp->result);
2548
2549 BT_DBG("type 0x%4.4x result 0x%2.2x", type, result);
2550
Andrei Emeltchenkoe90165b2011-03-25 11:31:41 +0200[diff] [blame]2551 /* L2CAP Info req/rsp are unbound to channels, add extra checks */
2552 if (cmd->ident != conn->info_ident ||
2553 conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_DONE)
2554 return 0;
2555
Marcel Holtmann4e8402a2007-10-20 13:37:56 +0200[diff] [blame]2556 del_timer(&conn->info_timer);
2557
Ville Tervoadb08ed2010-08-04 09:43:33 +0300[diff] [blame]2558 if (result != L2CAP_IR_SUCCESS) {
2559 conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_DONE;
2560 conn->info_ident = 0;
2561
2562 l2cap_conn_start(conn);
2563
2564 return 0;
2565 }
2566
Marcel Holtmann984947d2009-02-06 23:35:19 +0100[diff] [blame]2567 if (type == L2CAP_IT_FEAT_MASK) {
Harvey Harrison83985312008-05-02 16:25:46 -0700[diff] [blame]2568 conn->feat_mask = get_unaligned_le32(rsp->data);
Marcel Holtmann4e8402a2007-10-20 13:37:56 +0200[diff] [blame]2569
Marcel Holtmann47ec1dcd2009-05-02 18:57:55 -0700[diff] [blame]2570 if (conn->feat_mask & L2CAP_FEAT_FIXED_CHAN) {
Marcel Holtmanne1027a72009-02-09 09:18:02 +0100[diff] [blame]2571 struct l2cap_info_req req;
2572 req.type = cpu_to_le16(L2CAP_IT_FIXED_CHAN);
2573
2574 conn->info_ident = l2cap_get_ident(conn);
2575
2576 l2cap_send_cmd(conn, conn->info_ident,
2577 L2CAP_INFO_REQ, sizeof(req), &req);
2578 } else {
2579 conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_DONE;
2580 conn->info_ident = 0;
2581
2582 l2cap_conn_start(conn);
2583 }
2584 } else if (type == L2CAP_IT_FIXED_CHAN) {
Marcel Holtmann984947d2009-02-06 23:35:19 +0100[diff] [blame]2585 conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_DONE;
Marcel Holtmanne1027a72009-02-09 09:18:02 +0100[diff] [blame]2586 conn->info_ident = 0;
Marcel Holtmann984947d2009-02-06 23:35:19 +0100[diff] [blame]2587
2588 l2cap_conn_start(conn);
2589 }
Marcel Holtmann4e8402a2007-10-20 13:37:56 +0200[diff] [blame]2590
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2591 return 0;
2592}
2593
Gustavo F. Padovane2174ca2011-02-17 19:16:55 -0300[diff] [blame]2594static inline int l2cap_check_conn_param(u16 min, u16 max, u16 latency,
Claudio Takahaside731152011-02-11 19:28:55 -0200[diff] [blame]2595 u16 to_multiplier)
2596{
2597 u16 max_latency;
2598
2599 if (min > max || min < 6 || max > 3200)
2600 return -EINVAL;
2601
2602 if (to_multiplier < 10 || to_multiplier > 3200)
2603 return -EINVAL;
2604
2605 if (max >= to_multiplier * 8)
2606 return -EINVAL;
2607
2608 max_latency = (to_multiplier * 8 / max) - 1;
2609 if (latency > 499 || latency > max_latency)
2610 return -EINVAL;
2611
2612 return 0;
2613}
2614
2615static inline int l2cap_conn_param_update_req(struct l2cap_conn *conn,
2616 struct l2cap_cmd_hdr *cmd, u8 *data)
2617{
2618 struct hci_conn *hcon = conn->hcon;
2619 struct l2cap_conn_param_update_req *req;
2620 struct l2cap_conn_param_update_rsp rsp;
2621 u16 min, max, latency, to_multiplier, cmd_len;
Claudio Takahasi2ce603e2011-02-16 20:44:53 -0200[diff] [blame]2622 int err;
Claudio Takahaside731152011-02-11 19:28:55 -0200[diff] [blame]2623
2624 if (!(hcon->link_mode & HCI_LM_MASTER))
2625 return -EINVAL;
2626
2627 cmd_len = __le16_to_cpu(cmd->len);
2628 if (cmd_len != sizeof(struct l2cap_conn_param_update_req))
2629 return -EPROTO;
2630
2631 req = (struct l2cap_conn_param_update_req *) data;
Gustavo F. Padovane2174ca2011-02-17 19:16:55 -0300[diff] [blame]2632 min = __le16_to_cpu(req->min);
2633 max = __le16_to_cpu(req->max);
Claudio Takahaside731152011-02-11 19:28:55 -0200[diff] [blame]2634 latency = __le16_to_cpu(req->latency);
2635 to_multiplier = __le16_to_cpu(req->to_multiplier);
2636
2637 BT_DBG("min 0x%4.4x max 0x%4.4x latency: 0x%4.4x Timeout: 0x%4.4x",
2638 min, max, latency, to_multiplier);
2639
2640 memset(&rsp, 0, sizeof(rsp));
Claudio Takahasi2ce603e2011-02-16 20:44:53 -0200[diff] [blame]2641
2642 err = l2cap_check_conn_param(min, max, latency, to_multiplier);
2643 if (err)
Claudio Takahaside731152011-02-11 19:28:55 -0200[diff] [blame]2644 rsp.result = cpu_to_le16(L2CAP_CONN_PARAM_REJECTED);
2645 else
2646 rsp.result = cpu_to_le16(L2CAP_CONN_PARAM_ACCEPTED);
2647
2648 l2cap_send_cmd(conn, cmd->ident, L2CAP_CONN_PARAM_UPDATE_RSP,
2649 sizeof(rsp), &rsp);
2650
Claudio Takahasi2ce603e2011-02-16 20:44:53 -0200[diff] [blame]2651 if (!err)
2652 hci_le_conn_update(hcon, min, max, latency, to_multiplier);
2653
Claudio Takahaside731152011-02-11 19:28:55 -0200[diff] [blame]2654 return 0;
2655}
2656
Claudio Takahasi3300d9a2011-02-11 19:28:54 -0200[diff] [blame]2657static inline int l2cap_bredr_sig_cmd(struct l2cap_conn *conn,
2658 struct l2cap_cmd_hdr *cmd, u16 cmd_len, u8 *data)
2659{
2660 int err = 0;
2661
2662 switch (cmd->code) {
2663 case L2CAP_COMMAND_REJ:
2664 l2cap_command_rej(conn, cmd, data);
2665 break;
2666
2667 case L2CAP_CONN_REQ:
2668 err = l2cap_connect_req(conn, cmd, data);
2669 break;
2670
2671 case L2CAP_CONN_RSP:
2672 err = l2cap_connect_rsp(conn, cmd, data);
2673 break;
2674
2675 case L2CAP_CONF_REQ:
2676 err = l2cap_config_req(conn, cmd, cmd_len, data);
2677 break;
2678
2679 case L2CAP_CONF_RSP:
2680 err = l2cap_config_rsp(conn, cmd, data);
2681 break;
2682
2683 case L2CAP_DISCONN_REQ:
2684 err = l2cap_disconnect_req(conn, cmd, data);
2685 break;
2686
2687 case L2CAP_DISCONN_RSP:
2688 err = l2cap_disconnect_rsp(conn, cmd, data);
2689 break;
2690
2691 case L2CAP_ECHO_REQ:
2692 l2cap_send_cmd(conn, cmd->ident, L2CAP_ECHO_RSP, cmd_len, data);
2693 break;
2694
2695 case L2CAP_ECHO_RSP:
2696 break;
2697
2698 case L2CAP_INFO_REQ:
2699 err = l2cap_information_req(conn, cmd, data);
2700 break;
2701
2702 case L2CAP_INFO_RSP:
2703 err = l2cap_information_rsp(conn, cmd, data);
2704 break;
2705
2706 default:
2707 BT_ERR("Unknown BR/EDR signaling command 0x%2.2x", cmd->code);
2708 err = -EINVAL;
2709 break;
2710 }
2711
2712 return err;
2713}
2714
2715static inline int l2cap_le_sig_cmd(struct l2cap_conn *conn,
2716 struct l2cap_cmd_hdr *cmd, u8 *data)
2717{
2718 switch (cmd->code) {
2719 case L2CAP_COMMAND_REJ:
2720 return 0;
2721
2722 case L2CAP_CONN_PARAM_UPDATE_REQ:
Claudio Takahaside731152011-02-11 19:28:55 -0200[diff] [blame]2723 return l2cap_conn_param_update_req(conn, cmd, data);
Claudio Takahasi3300d9a2011-02-11 19:28:54 -0200[diff] [blame]2724
2725 case L2CAP_CONN_PARAM_UPDATE_RSP:
2726 return 0;
2727
2728 default:
2729 BT_ERR("Unknown LE signaling command 0x%2.2x", cmd->code);
2730 return -EINVAL;
2731 }
2732}
2733
2734static inline void l2cap_sig_channel(struct l2cap_conn *conn,
2735 struct sk_buff *skb)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2736{
2737 u8 *data = skb->data;
2738 int len = skb->len;
2739 struct l2cap_cmd_hdr cmd;
Claudio Takahasi3300d9a2011-02-11 19:28:54 -0200[diff] [blame]2740 int err;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2741
2742 l2cap_raw_recv(conn, skb);
2743
2744 while (len >= L2CAP_CMD_HDR_SIZE) {
Al Viro88219a02007-07-29 00:17:25 -0700[diff] [blame]2745 u16 cmd_len;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2746 memcpy(&cmd, data, L2CAP_CMD_HDR_SIZE);
2747 data += L2CAP_CMD_HDR_SIZE;
2748 len -= L2CAP_CMD_HDR_SIZE;
2749
Al Viro88219a02007-07-29 00:17:25 -0700[diff] [blame]2750 cmd_len = le16_to_cpu(cmd.len);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2751
Al Viro88219a02007-07-29 00:17:25 -0700[diff] [blame]2752 BT_DBG("code 0x%2.2x len %d id 0x%2.2x", cmd.code, cmd_len, cmd.ident);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2753
Al Viro88219a02007-07-29 00:17:25 -0700[diff] [blame]2754 if (cmd_len > len || !cmd.ident) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2755 BT_DBG("corrupted command");
2756 break;
2757 }
2758
Claudio Takahasi3300d9a2011-02-11 19:28:54 -0200[diff] [blame]2759 if (conn->hcon->type == LE_LINK)
2760 err = l2cap_le_sig_cmd(conn, &cmd, data);
2761 else
2762 err = l2cap_bredr_sig_cmd(conn, &cmd, cmd_len, data);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2763
2764 if (err) {
2765 struct l2cap_cmd_rej rej;
Gustavo F. Padovan2c6d1a22011-03-23 14:38:32 -0300[diff] [blame]2766
2767 BT_ERR("Wrong link type (%d)", err);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2768
2769 /* FIXME: Map err to a valid reason */
YOSHIFUJI Hideakiaca31922007-03-25 20:12:50 -0700[diff] [blame]2770 rej.reason = cpu_to_le16(0);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2771 l2cap_send_cmd(conn, cmd.ident, L2CAP_COMMAND_REJ, sizeof(rej), &rej);
2772 }
2773
Al Viro88219a02007-07-29 00:17:25 -0700[diff] [blame]2774 data += cmd_len;
2775 len -= cmd_len;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2776 }
2777
2778 kfree_skb(skb);
2779}
2780
Gustavo F. Padovanfcc203c2009-08-20 22:26:02 -0300[diff] [blame]2781static int l2cap_check_fcs(struct l2cap_pinfo *pi, struct sk_buff *skb)
2782{
2783 u16 our_fcs, rcv_fcs;
2784 int hdr_size = L2CAP_HDR_SIZE + 2;
2785
2786 if (pi->fcs == L2CAP_FCS_CRC16) {
2787 skb_trim(skb, skb->len - 2);
2788 rcv_fcs = get_unaligned_le16(skb->data + skb->len);
2789 our_fcs = crc16(0, skb->data - hdr_size, skb->len + hdr_size);
2790
2791 if (our_fcs != rcv_fcs)
João Paulo Rechi Vita7a560e52010-06-22 13:56:27 -0300[diff] [blame]2792 return -EBADMSG;
Gustavo F. Padovanfcc203c2009-08-20 22:26:02 -0300[diff] [blame]2793 }
2794 return 0;
2795}
2796
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2797static inline void l2cap_send_i_or_rr_or_rnr(struct l2cap_chan *chan)
Gustavo F. Padovand5392c82010-05-01 16:15:36 -0300[diff] [blame]2798{
Gustavo F. Padovand5392c82010-05-01 16:15:36 -0300[diff] [blame]2799 u16 control = 0;
2800
Gustavo F. Padovan6a026612011-04-01 00:38:50 -0300[diff] [blame]2801 chan->frames_sent = 0;
Gustavo F. Padovand5392c82010-05-01 16:15:36 -0300[diff] [blame]2802
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]2803 control |= chan->buffer_seq << L2CAP_CTRL_REQSEQ_SHIFT;
Gustavo F. Padovand5392c82010-05-01 16:15:36 -0300[diff] [blame]2804
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2805 if (chan->conn_state & L2CAP_CONN_LOCAL_BUSY) {
Gustavo F. Padovan64988862010-05-10 14:54:14 -0300[diff] [blame]2806 control |= L2CAP_SUPER_RCV_NOT_READY;
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2807 l2cap_send_sframe(chan, control);
2808 chan->conn_state |= L2CAP_CONN_RNR_SENT;
Gustavo F. Padovand5392c82010-05-01 16:15:36 -0300[diff] [blame]2809 }
2810
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2811 if (chan->conn_state & L2CAP_CONN_REMOTE_BUSY)
2812 l2cap_retransmit_frames(chan);
Gustavo F. Padovand5392c82010-05-01 16:15:36 -0300[diff] [blame]2813
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2814 l2cap_ertm_send(chan);
Gustavo F. Padovand5392c82010-05-01 16:15:36 -0300[diff] [blame]2815
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2816 if (!(chan->conn_state & L2CAP_CONN_LOCAL_BUSY) &&
Gustavo F. Padovan6a026612011-04-01 00:38:50 -0300[diff] [blame]2817 chan->frames_sent == 0) {
Gustavo F. Padovand5392c82010-05-01 16:15:36 -0300[diff] [blame]2818 control |= L2CAP_SUPER_RCV_READY;
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2819 l2cap_send_sframe(chan, control);
Gustavo F. Padovand5392c82010-05-01 16:15:36 -0300[diff] [blame]2820 }
2821}
2822
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]2823static int l2cap_add_to_srej_queue(struct l2cap_chan *chan, struct sk_buff *skb, u8 tx_seq, u8 sar)
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]2824{
2825 struct sk_buff *next_skb;
João Paulo Rechi Vitabfbacc12010-05-31 18:35:44 -0300[diff] [blame]2826 int tx_seq_offset, next_tx_seq_offset;
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]2827
2828 bt_cb(skb)->tx_seq = tx_seq;
2829 bt_cb(skb)->sar = sar;
2830
Gustavo F. Padovanf1c67752011-03-25 20:36:10 -0300[diff] [blame]2831 next_skb = skb_peek(&chan->srej_q);
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]2832 if (!next_skb) {
Gustavo F. Padovanf1c67752011-03-25 20:36:10 -0300[diff] [blame]2833 __skb_queue_tail(&chan->srej_q, skb);
João Paulo Rechi Vita9b533502010-05-01 16:15:44 -0300[diff] [blame]2834 return 0;
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]2835 }
2836
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]2837 tx_seq_offset = (tx_seq - chan->buffer_seq) % 64;
João Paulo Rechi Vitabfbacc12010-05-31 18:35:44 -0300[diff] [blame]2838 if (tx_seq_offset < 0)
2839 tx_seq_offset += 64;
2840
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]2841 do {
João Paulo Rechi Vita9b533502010-05-01 16:15:44 -0300[diff] [blame]2842 if (bt_cb(next_skb)->tx_seq == tx_seq)
2843 return -EINVAL;
2844
João Paulo Rechi Vitabfbacc12010-05-31 18:35:44 -0300[diff] [blame]2845 next_tx_seq_offset = (bt_cb(next_skb)->tx_seq -
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]2846 chan->buffer_seq) % 64;
João Paulo Rechi Vitabfbacc12010-05-31 18:35:44 -0300[diff] [blame]2847 if (next_tx_seq_offset < 0)
2848 next_tx_seq_offset += 64;
2849
2850 if (next_tx_seq_offset > tx_seq_offset) {
Gustavo F. Padovanf1c67752011-03-25 20:36:10 -0300[diff] [blame]2851 __skb_queue_before(&chan->srej_q, next_skb, skb);
João Paulo Rechi Vita9b533502010-05-01 16:15:44 -0300[diff] [blame]2852 return 0;
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]2853 }
2854
Gustavo F. Padovanf1c67752011-03-25 20:36:10 -0300[diff] [blame]2855 if (skb_queue_is_last(&chan->srej_q, next_skb))
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]2856 break;
2857
Gustavo F. Padovanf1c67752011-03-25 20:36:10 -0300[diff] [blame]2858 } while ((next_skb = skb_queue_next(&chan->srej_q, next_skb)));
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]2859
Gustavo F. Padovanf1c67752011-03-25 20:36:10 -0300[diff] [blame]2860 __skb_queue_tail(&chan->srej_q, skb);
João Paulo Rechi Vita9b533502010-05-01 16:15:44 -0300[diff] [blame]2861
2862 return 0;
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]2863}
2864
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2865static int l2cap_ertm_reassembly_sdu(struct l2cap_chan *chan, struct sk_buff *skb, u16 control)
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2866{
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2867 struct l2cap_pinfo *pi = l2cap_pi(chan->sk);
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2868 struct sk_buff *_skb;
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]2869 int err;
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2870
2871 switch (control & L2CAP_CTRL_SAR) {
2872 case L2CAP_SDU_UNSEGMENTED:
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2873 if (chan->conn_state & L2CAP_CONN_SAR_SDU)
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2874 goto drop;
2875
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2876 err = sock_queue_rcv_skb(chan->sk, skb);
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2877 if (!err)
2878 return err;
2879
2880 break;
2881
2882 case L2CAP_SDU_START:
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2883 if (chan->conn_state & L2CAP_CONN_SAR_SDU)
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2884 goto drop;
2885
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]2886 chan->sdu_len = get_unaligned_le16(skb->data);
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2887
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]2888 if (chan->sdu_len > pi->imtu)
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2889 goto disconnect;
2890
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]2891 chan->sdu = bt_skb_alloc(chan->sdu_len, GFP_ATOMIC);
2892 if (!chan->sdu)
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]2893 return -ENOMEM;
2894
2895 /* pull sdu_len bytes only after alloc, because of Local Busy
2896 * condition we have to be sure that this will be executed
2897 * only once, i.e., when alloc does not fail */
2898 skb_pull(skb, 2);
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2899
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]2900 memcpy(skb_put(chan->sdu, skb->len), skb->data, skb->len);
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2901
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2902 chan->conn_state |= L2CAP_CONN_SAR_SDU;
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]2903 chan->partial_sdu_len = skb->len;
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2904 break;
2905
2906 case L2CAP_SDU_CONTINUE:
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2907 if (!(chan->conn_state & L2CAP_CONN_SAR_SDU))
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2908 goto disconnect;
2909
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]2910 if (!chan->sdu)
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2911 goto disconnect;
2912
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]2913 chan->partial_sdu_len += skb->len;
2914 if (chan->partial_sdu_len > chan->sdu_len)
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2915 goto drop;
2916
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]2917 memcpy(skb_put(chan->sdu, skb->len), skb->data, skb->len);
Gustavo F. Padovan4178ba42010-05-01 16:15:45 -0300[diff] [blame]2918
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2919 break;
2920
2921 case L2CAP_SDU_END:
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2922 if (!(chan->conn_state & L2CAP_CONN_SAR_SDU))
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2923 goto disconnect;
2924
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]2925 if (!chan->sdu)
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2926 goto disconnect;
2927
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2928 if (!(chan->conn_state & L2CAP_CONN_SAR_RETRY)) {
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]2929 chan->partial_sdu_len += skb->len;
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2930
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]2931 if (chan->partial_sdu_len > pi->imtu)
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]2932 goto drop;
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2933
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]2934 if (chan->partial_sdu_len != chan->sdu_len)
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]2935 goto drop;
Gustavo F. Padovan4178ba42010-05-01 16:15:45 -0300[diff] [blame]2936
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]2937 memcpy(skb_put(chan->sdu, skb->len), skb->data, skb->len);
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]2938 }
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2939
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]2940 _skb = skb_clone(chan->sdu, GFP_ATOMIC);
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]2941 if (!_skb) {
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2942 chan->conn_state |= L2CAP_CONN_SAR_RETRY;
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]2943 return -ENOMEM;
2944 }
2945
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2946 err = sock_queue_rcv_skb(chan->sk, _skb);
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]2947 if (err < 0) {
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2948 kfree_skb(_skb);
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2949 chan->conn_state |= L2CAP_CONN_SAR_RETRY;
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]2950 return err;
2951 }
2952
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2953 chan->conn_state &= ~L2CAP_CONN_SAR_RETRY;
2954 chan->conn_state &= ~L2CAP_CONN_SAR_SDU;
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2955
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]2956 kfree_skb(chan->sdu);
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2957 break;
2958 }
2959
2960 kfree_skb(skb);
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]2961 return 0;
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2962
2963drop:
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]2964 kfree_skb(chan->sdu);
2965 chan->sdu = NULL;
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2966
2967disconnect:
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]2968 l2cap_send_disconn_req(pi->conn, chan, ECONNRESET);
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2969 kfree_skb(skb);
2970 return 0;
2971}
2972
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2973static int l2cap_try_push_rx_skb(struct l2cap_chan *chan)
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]2974{
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2975 struct sock *sk = chan->sk;
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]2976 struct sk_buff *skb;
2977 u16 control;
Gustavo F. Padovan712132e2010-06-21 19:39:50 -0300[diff] [blame]2978 int err;
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]2979
Gustavo F. Padovanf1c67752011-03-25 20:36:10 -0300[diff] [blame]2980 while ((skb = skb_dequeue(&chan->busy_q))) {
Gustavo F. Padovan712132e2010-06-21 19:39:50 -0300[diff] [blame]2981 control = bt_cb(skb)->sar << L2CAP_CTRL_SAR_SHIFT;
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2982 err = l2cap_ertm_reassembly_sdu(chan, skb, control);
Gustavo F. Padovan712132e2010-06-21 19:39:50 -0300[diff] [blame]2983 if (err < 0) {
Gustavo F. Padovanf1c67752011-03-25 20:36:10 -0300[diff] [blame]2984 skb_queue_head(&chan->busy_q, skb);
Gustavo F. Padovan712132e2010-06-21 19:39:50 -0300[diff] [blame]2985 return -EBUSY;
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]2986 }
2987
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]2988 chan->buffer_seq = (chan->buffer_seq + 1) % 64;
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]2989 }
2990
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2991 if (!(chan->conn_state & L2CAP_CONN_RNR_SENT))
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]2992 goto done;
2993
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]2994 control = chan->buffer_seq << L2CAP_CTRL_REQSEQ_SHIFT;
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]2995 control |= L2CAP_SUPER_RCV_READY | L2CAP_CTRL_POLL;
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2996 l2cap_send_sframe(chan, control);
Gustavo F. Padovan6a026612011-04-01 00:38:50 -0300[diff] [blame]2997 chan->retry_count = 1;
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]2998
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]2999 del_timer(&chan->retrans_timer);
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]3000 __mod_monitor_timer();
3001
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3002 chan->conn_state |= L2CAP_CONN_WAIT_F;
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]3003
3004done:
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3005 chan->conn_state &= ~L2CAP_CONN_LOCAL_BUSY;
3006 chan->conn_state &= ~L2CAP_CONN_RNR_SENT;
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]3007
Gustavo F. Padovan0e989582010-04-19 14:45:38 -0300[diff] [blame]3008 BT_DBG("sk %p, Exit local busy", sk);
3009
Gustavo F. Padovan712132e2010-06-21 19:39:50 -0300[diff] [blame]3010 return 0;
3011}
3012
3013static void l2cap_busy_work(struct work_struct *work)
3014{
3015 DECLARE_WAITQUEUE(wait, current);
Gustavo F. Padovan311bb892011-03-25 20:41:00 -0300[diff] [blame]3016 struct l2cap_chan *chan =
3017 container_of(work, struct l2cap_chan, busy_work);
3018 struct sock *sk = chan->sk;
Gustavo F. Padovan712132e2010-06-21 19:39:50 -0300[diff] [blame]3019 int n_tries = 0, timeo = HZ/5, err;
3020 struct sk_buff *skb;
3021
3022 lock_sock(sk);
3023
3024 add_wait_queue(sk_sleep(sk), &wait);
Gustavo F. Padovan311bb892011-03-25 20:41:00 -0300[diff] [blame]3025 while ((skb = skb_peek(&chan->busy_q))) {
Gustavo F. Padovan712132e2010-06-21 19:39:50 -0300[diff] [blame]3026 set_current_state(TASK_INTERRUPTIBLE);
3027
3028 if (n_tries++ > L2CAP_LOCAL_BUSY_TRIES) {
3029 err = -EBUSY;
Gustavo F. Padovan311bb892011-03-25 20:41:00 -0300[diff] [blame]3030 l2cap_send_disconn_req(l2cap_pi(sk)->conn, chan, EBUSY);
Gustavo F. Padovan712132e2010-06-21 19:39:50 -0300[diff] [blame]3031 break;
3032 }
3033
3034 if (!timeo)
3035 timeo = HZ/5;
3036
3037 if (signal_pending(current)) {
3038 err = sock_intr_errno(timeo);
3039 break;
3040 }
3041
3042 release_sock(sk);
3043 timeo = schedule_timeout(timeo);
3044 lock_sock(sk);
3045
3046 err = sock_error(sk);
3047 if (err)
3048 break;
3049
Gustavo F. Padovan311bb892011-03-25 20:41:00 -0300[diff] [blame]3050 if (l2cap_try_push_rx_skb(chan) == 0)
Gustavo F. Padovan712132e2010-06-21 19:39:50 -0300[diff] [blame]3051 break;
3052 }
3053
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]3054 set_current_state(TASK_RUNNING);
Marcel Holtmann2b0b05d2010-05-10 11:33:10 +0200[diff] [blame]3055 remove_wait_queue(sk_sleep(sk), &wait);
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]3056
3057 release_sock(sk);
3058}
3059
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3060static int l2cap_push_rx_skb(struct l2cap_chan *chan, struct sk_buff *skb, u16 control)
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]3061{
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]3062 int sctrl, err;
3063
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3064 if (chan->conn_state & L2CAP_CONN_LOCAL_BUSY) {
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]3065 bt_cb(skb)->sar = control >> L2CAP_CTRL_SAR_SHIFT;
Gustavo F. Padovanf1c67752011-03-25 20:36:10 -0300[diff] [blame]3066 __skb_queue_tail(&chan->busy_q, skb);
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3067 return l2cap_try_push_rx_skb(chan);
Gustavo F. Padovan712132e2010-06-21 19:39:50 -0300[diff] [blame]3068
3069
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]3070 }
3071
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3072 err = l2cap_ertm_reassembly_sdu(chan, skb, control);
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]3073 if (err >= 0) {
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]3074 chan->buffer_seq = (chan->buffer_seq + 1) % 64;
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]3075 return err;
3076 }
3077
3078 /* Busy Condition */
Gustavo F. Padovan311bb892011-03-25 20:41:00 -0300[diff] [blame]3079 BT_DBG("chan %p, Enter local busy", chan);
Gustavo F. Padovan0e989582010-04-19 14:45:38 -0300[diff] [blame]3080
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3081 chan->conn_state |= L2CAP_CONN_LOCAL_BUSY;
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]3082 bt_cb(skb)->sar = control >> L2CAP_CTRL_SAR_SHIFT;
Gustavo F. Padovanf1c67752011-03-25 20:36:10 -0300[diff] [blame]3083 __skb_queue_tail(&chan->busy_q, skb);
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]3084
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]3085 sctrl = chan->buffer_seq << L2CAP_CTRL_REQSEQ_SHIFT;
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]3086 sctrl |= L2CAP_SUPER_RCV_NOT_READY;
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3087 l2cap_send_sframe(chan, sctrl);
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]3088
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3089 chan->conn_state |= L2CAP_CONN_RNR_SENT;
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]3090
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]3091 del_timer(&chan->ack_timer);
Gustavo F. Padovan7fe9b292010-05-12 18:32:04 -0300[diff] [blame]3092
Gustavo F. Padovan311bb892011-03-25 20:41:00 -0300[diff] [blame]3093 queue_work(_busy_wq, &chan->busy_work);
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]3094
3095 return err;
3096}
3097
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3098static int l2cap_streaming_reassembly_sdu(struct l2cap_chan *chan, struct sk_buff *skb, u16 control)
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]3099{
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3100 struct l2cap_pinfo *pi = l2cap_pi(chan->sk);
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]3101 struct sk_buff *_skb;
3102 int err = -EINVAL;
3103
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]3104 /*
3105 * TODO: We have to notify the userland if some data is lost with the
3106 * Streaming Mode.
3107 */
3108
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]3109 switch (control & L2CAP_CTRL_SAR) {
3110 case L2CAP_SDU_UNSEGMENTED:
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3111 if (chan->conn_state & L2CAP_CONN_SAR_SDU) {
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]3112 kfree_skb(chan->sdu);
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]3113 break;
3114 }
3115
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3116 err = sock_queue_rcv_skb(chan->sk, skb);
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]3117 if (!err)
3118 return 0;
3119
3120 break;
3121
3122 case L2CAP_SDU_START:
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3123 if (chan->conn_state & L2CAP_CONN_SAR_SDU) {
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]3124 kfree_skb(chan->sdu);
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]3125 break;
3126 }
3127
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]3128 chan->sdu_len = get_unaligned_le16(skb->data);
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]3129 skb_pull(skb, 2);
3130
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]3131 if (chan->sdu_len > pi->imtu) {
Gustavo F. Padovan052897c2010-05-01 16:15:40 -0300[diff] [blame]3132 err = -EMSGSIZE;
3133 break;
3134 }
3135
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]3136 chan->sdu = bt_skb_alloc(chan->sdu_len, GFP_ATOMIC);
3137 if (!chan->sdu) {
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]3138 err = -ENOMEM;
3139 break;
3140 }
3141
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]3142 memcpy(skb_put(chan->sdu, skb->len), skb->data, skb->len);
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]3143
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3144 chan->conn_state |= L2CAP_CONN_SAR_SDU;
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]3145 chan->partial_sdu_len = skb->len;
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]3146 err = 0;
3147 break;
3148
3149 case L2CAP_SDU_CONTINUE:
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3150 if (!(chan->conn_state & L2CAP_CONN_SAR_SDU))
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]3151 break;
3152
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]3153 memcpy(skb_put(chan->sdu, skb->len), skb->data, skb->len);
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]3154
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]3155 chan->partial_sdu_len += skb->len;
3156 if (chan->partial_sdu_len > chan->sdu_len)
3157 kfree_skb(chan->sdu);
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]3158 else
3159 err = 0;
3160
3161 break;
3162
3163 case L2CAP_SDU_END:
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3164 if (!(chan->conn_state & L2CAP_CONN_SAR_SDU))
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]3165 break;
3166
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]3167 memcpy(skb_put(chan->sdu, skb->len), skb->data, skb->len);
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]3168
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3169 chan->conn_state &= ~L2CAP_CONN_SAR_SDU;
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]3170 chan->partial_sdu_len += skb->len;
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]3171
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]3172 if (chan->partial_sdu_len > pi->imtu)
Gustavo F. Padovan36f2fd52010-05-01 16:15:37 -0300[diff] [blame]3173 goto drop;
3174
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]3175 if (chan->partial_sdu_len == chan->sdu_len) {
3176 _skb = skb_clone(chan->sdu, GFP_ATOMIC);
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3177 err = sock_queue_rcv_skb(chan->sk, _skb);
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]3178 if (err < 0)
3179 kfree_skb(_skb);
3180 }
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]3181 err = 0;
3182
Gustavo F. Padovan36f2fd52010-05-01 16:15:37 -0300[diff] [blame]3183drop:
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]3184 kfree_skb(chan->sdu);
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]3185 break;
3186 }
3187
3188 kfree_skb(skb);
3189 return err;
3190}
3191
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3192static void l2cap_check_srej_gap(struct l2cap_chan *chan, u8 tx_seq)
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3193{
3194 struct sk_buff *skb;
Gustavo F. Padovanafefdbc2010-05-01 16:15:43 -0300[diff] [blame]3195 u16 control;
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3196
Gustavo F. Padovanf1c67752011-03-25 20:36:10 -0300[diff] [blame]3197 while ((skb = skb_peek(&chan->srej_q))) {
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3198 if (bt_cb(skb)->tx_seq != tx_seq)
3199 break;
3200
Gustavo F. Padovanf1c67752011-03-25 20:36:10 -0300[diff] [blame]3201 skb = skb_dequeue(&chan->srej_q);
Gustavo F. Padovanafefdbc2010-05-01 16:15:43 -0300[diff] [blame]3202 control = bt_cb(skb)->sar << L2CAP_CTRL_SAR_SHIFT;
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3203 l2cap_ertm_reassembly_sdu(chan, skb, control);
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]3204 chan->buffer_seq_srej =
3205 (chan->buffer_seq_srej + 1) % 64;
Gustavo F. Padovan8ff50ec2010-05-10 19:34:11 -0300[diff] [blame]3206 tx_seq = (tx_seq + 1) % 64;
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3207 }
3208}
3209
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3210static void l2cap_resend_srejframe(struct l2cap_chan *chan, u8 tx_seq)
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3211{
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3212 struct srej_list *l, *tmp;
3213 u16 control;
3214
Gustavo F. Padovan39d5a3e2011-04-04 15:40:12 -0300[diff] [blame^]3215 list_for_each_entry_safe(l, tmp, &chan->srej_l, list) {
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3216 if (l->tx_seq == tx_seq) {
3217 list_del(&l->list);
3218 kfree(l);
3219 return;
3220 }
3221 control = L2CAP_SUPER_SELECT_REJECT;
3222 control |= l->tx_seq << L2CAP_CTRL_REQSEQ_SHIFT;
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3223 l2cap_send_sframe(chan, control);
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3224 list_del(&l->list);
Gustavo F. Padovan39d5a3e2011-04-04 15:40:12 -0300[diff] [blame^]3225 list_add_tail(&l->list, &chan->srej_l);
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3226 }
3227}
3228
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3229static void l2cap_send_srejframe(struct l2cap_chan *chan, u8 tx_seq)
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3230{
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3231 struct srej_list *new;
3232 u16 control;
3233
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]3234 while (tx_seq != chan->expected_tx_seq) {
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3235 control = L2CAP_SUPER_SELECT_REJECT;
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]3236 control |= chan->expected_tx_seq << L2CAP_CTRL_REQSEQ_SHIFT;
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3237 l2cap_send_sframe(chan, control);
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3238
3239 new = kzalloc(sizeof(struct srej_list), GFP_ATOMIC);
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]3240 new->tx_seq = chan->expected_tx_seq;
3241 chan->expected_tx_seq = (chan->expected_tx_seq + 1) % 64;
Gustavo F. Padovan39d5a3e2011-04-04 15:40:12 -0300[diff] [blame^]3242 list_add_tail(&new->list, &chan->srej_l);
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3243 }
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]3244 chan->expected_tx_seq = (chan->expected_tx_seq + 1) % 64;
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3245}
3246
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3247static inline int l2cap_data_channel_iframe(struct l2cap_chan *chan, u16 rx_control, struct sk_buff *skb)
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]3248{
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3249 struct sock *sk = chan->sk;
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]3250 struct l2cap_pinfo *pi = l2cap_pi(sk);
3251 u8 tx_seq = __get_txseq(rx_control);
Gustavo F. Padovan9f121a52009-10-03 02:34:38 -0300[diff] [blame]3252 u8 req_seq = __get_reqseq(rx_control);
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3253 u8 sar = rx_control >> L2CAP_CTRL_SAR_SHIFT;
Gustavo F. Padovanf6337c72010-05-10 18:32:04 -0300[diff] [blame]3254 int tx_seq_offset, expected_tx_seq_offset;
Gustavo F. Padovan803020c2010-05-01 16:15:41 -0300[diff] [blame]3255 int num_to_ack = (pi->tx_win/6) + 1;
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]3256 int err = 0;
3257
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3258 BT_DBG("chan %p len %d tx_seq %d rx_control 0x%4.4x", chan, skb->len,
3259 tx_seq, rx_control);
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]3260
Gustavo F. Padovan9b16dc62010-05-05 20:05:57 -0300[diff] [blame]3261 if (L2CAP_CTRL_FINAL & rx_control &&
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3262 chan->conn_state & L2CAP_CONN_WAIT_F) {
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]3263 del_timer(&chan->monitor_timer);
Gustavo F. Padovan6a026612011-04-01 00:38:50 -0300[diff] [blame]3264 if (chan->unacked_frames > 0)
Gustavo F. Padovan1d8f5d12010-05-01 16:15:37 -0300[diff] [blame]3265 __mod_retrans_timer();
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3266 chan->conn_state &= ~L2CAP_CONN_WAIT_F;
Gustavo F. Padovan1d8f5d12010-05-01 16:15:37 -0300[diff] [blame]3267 }
3268
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]3269 chan->expected_ack_seq = req_seq;
3270 l2cap_drop_acked_frames(chan);
Gustavo F. Padovan9f121a52009-10-03 02:34:38 -0300[diff] [blame]3271
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]3272 if (tx_seq == chan->expected_tx_seq)
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3273 goto expected;
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]3274
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]3275 tx_seq_offset = (tx_seq - chan->buffer_seq) % 64;
João Paulo Rechi Vita9b533502010-05-01 16:15:44 -0300[diff] [blame]3276 if (tx_seq_offset < 0)
3277 tx_seq_offset += 64;
3278
3279 /* invalid tx_seq */
3280 if (tx_seq_offset >= pi->tx_win) {
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]3281 l2cap_send_disconn_req(pi->conn, chan, ECONNRESET);
João Paulo Rechi Vita9b533502010-05-01 16:15:44 -0300[diff] [blame]3282 goto drop;
3283 }
3284
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3285 if (chan->conn_state == L2CAP_CONN_LOCAL_BUSY)
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]3286 goto drop;
3287
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3288 if (chan->conn_state & L2CAP_CONN_SREJ_SENT) {
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3289 struct srej_list *first;
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]3290
Gustavo F. Padovan39d5a3e2011-04-04 15:40:12 -0300[diff] [blame^]3291 first = list_first_entry(&chan->srej_l,
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3292 struct srej_list, list);
3293 if (tx_seq == first->tx_seq) {
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]3294 l2cap_add_to_srej_queue(chan, skb, tx_seq, sar);
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3295 l2cap_check_srej_gap(chan, tx_seq);
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3296
3297 list_del(&first->list);
3298 kfree(first);
3299
Gustavo F. Padovan39d5a3e2011-04-04 15:40:12 -0300[diff] [blame^]3300 if (list_empty(&chan->srej_l)) {
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]3301 chan->buffer_seq = chan->buffer_seq_srej;
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3302 chan->conn_state &= ~L2CAP_CONN_SREJ_SENT;
3303 l2cap_send_ack(chan);
Gustavo F. Padovan0e989582010-04-19 14:45:38 -0300[diff] [blame]3304 BT_DBG("sk %p, Exit SREJ_SENT", sk);
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3305 }
3306 } else {
3307 struct srej_list *l;
João Paulo Rechi Vita9b533502010-05-01 16:15:44 -0300[diff] [blame]3308
3309 /* duplicated tx_seq */
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]3310 if (l2cap_add_to_srej_queue(chan, skb, tx_seq, sar) < 0)
João Paulo Rechi Vita9b533502010-05-01 16:15:44 -0300[diff] [blame]3311 goto drop;
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3312
Gustavo F. Padovan39d5a3e2011-04-04 15:40:12 -0300[diff] [blame^]3313 list_for_each_entry(l, &chan->srej_l, list) {
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3314 if (l->tx_seq == tx_seq) {
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3315 l2cap_resend_srejframe(chan, tx_seq);
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3316 return 0;
3317 }
3318 }
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3319 l2cap_send_srejframe(chan, tx_seq);
Gustavo F. Padovan30afb5b2009-08-20 22:25:59 -0300[diff] [blame]3320 }
3321 } else {
João Paulo Rechi Vita9b533502010-05-01 16:15:44 -0300[diff] [blame]3322 expected_tx_seq_offset =
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]3323 (chan->expected_tx_seq - chan->buffer_seq) % 64;
João Paulo Rechi Vita9b533502010-05-01 16:15:44 -0300[diff] [blame]3324 if (expected_tx_seq_offset < 0)
3325 expected_tx_seq_offset += 64;
3326
3327 /* duplicated tx_seq */
3328 if (tx_seq_offset < expected_tx_seq_offset)
3329 goto drop;
3330
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3331 chan->conn_state |= L2CAP_CONN_SREJ_SENT;
Gustavo F. Padovan30afb5b2009-08-20 22:25:59 -0300[diff] [blame]3332
Gustavo F. Padovan0e989582010-04-19 14:45:38 -0300[diff] [blame]3333 BT_DBG("sk %p, Enter SREJ", sk);
3334
Gustavo F. Padovan39d5a3e2011-04-04 15:40:12 -0300[diff] [blame^]3335 INIT_LIST_HEAD(&chan->srej_l);
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]3336 chan->buffer_seq_srej = chan->buffer_seq;
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3337
Gustavo F. Padovanf1c67752011-03-25 20:36:10 -0300[diff] [blame]3338 __skb_queue_head_init(&chan->srej_q);
3339 __skb_queue_head_init(&chan->busy_q);
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]3340 l2cap_add_to_srej_queue(chan, skb, tx_seq, sar);
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3341
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3342 chan->conn_state |= L2CAP_CONN_SEND_PBIT;
Gustavo F. Padovanef54fd92009-08-20 22:26:04 -0300[diff] [blame]3343
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3344 l2cap_send_srejframe(chan, tx_seq);
Gustavo F. Padovan7fe9b292010-05-12 18:32:04 -0300[diff] [blame]3345
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]3346 del_timer(&chan->ack_timer);
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]3347 }
Gustavo F. Padovan30afb5b2009-08-20 22:25:59 -0300[diff] [blame]3348 return 0;
3349
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3350expected:
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]3351 chan->expected_tx_seq = (chan->expected_tx_seq + 1) % 64;
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3352
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3353 if (chan->conn_state & L2CAP_CONN_SREJ_SENT) {
Gustavo F. Padovan3b1a9f32010-05-01 16:15:42 -0300[diff] [blame]3354 bt_cb(skb)->tx_seq = tx_seq;
3355 bt_cb(skb)->sar = sar;
Gustavo F. Padovanf1c67752011-03-25 20:36:10 -0300[diff] [blame]3356 __skb_queue_tail(&chan->srej_q, skb);
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3357 return 0;
3358 }
3359
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3360 err = l2cap_push_rx_skb(chan, skb, rx_control);
Gustavo F. Padovan2ece3682010-06-16 17:21:44 -0300[diff] [blame]3361 if (err < 0)
3362 return 0;
3363
Gustavo F. Padovan4ec10d92009-10-03 02:34:39 -0300[diff] [blame]3364 if (rx_control & L2CAP_CTRL_FINAL) {
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3365 if (chan->conn_state & L2CAP_CONN_REJ_ACT)
3366 chan->conn_state &= ~L2CAP_CONN_REJ_ACT;
Gustavo F. Padovandfc909b2010-05-01 16:15:45 -0300[diff] [blame]3367 else
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3368 l2cap_retransmit_frames(chan);
Gustavo F. Padovan4ec10d92009-10-03 02:34:39 -0300[diff] [blame]3369 }
3370
Gustavo F. Padovanc1b4f432010-05-01 16:15:39 -0300[diff] [blame]3371 __mod_ack_timer();
3372
Gustavo F. Padovan6a026612011-04-01 00:38:50 -0300[diff] [blame]3373 chan->num_acked = (chan->num_acked + 1) % num_to_ack;
3374 if (chan->num_acked == num_to_ack - 1)
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3375 l2cap_send_ack(chan);
Gustavo F. Padovan9e917af2010-05-01 16:15:37 -0300[diff] [blame]3376
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3377 return 0;
João Paulo Rechi Vita9b533502010-05-01 16:15:44 -0300[diff] [blame]3378
3379drop:
3380 kfree_skb(skb);
3381 return 0;
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]3382}
3383
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3384static inline void l2cap_data_channel_rrframe(struct l2cap_chan *chan, u16 rx_control)
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]3385{
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3386 struct sock *sk = chan->sk;
Gustavo F. Padovan6e3a5982010-05-01 16:15:38 -0300[diff] [blame]3387
Gustavo F. Padovan0e989582010-04-19 14:45:38 -0300[diff] [blame]3388 BT_DBG("sk %p, req_seq %d ctrl 0x%4.4x", sk, __get_reqseq(rx_control),
3389 rx_control);
3390
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]3391 chan->expected_ack_seq = __get_reqseq(rx_control);
3392 l2cap_drop_acked_frames(chan);
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]3393
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3394 if (rx_control & L2CAP_CTRL_POLL) {
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3395 chan->conn_state |= L2CAP_CONN_SEND_FBIT;
3396 if (chan->conn_state & L2CAP_CONN_SREJ_SENT) {
3397 if ((chan->conn_state & L2CAP_CONN_REMOTE_BUSY) &&
Gustavo F. Padovan6a026612011-04-01 00:38:50 -0300[diff] [blame]3398 (chan->unacked_frames > 0))
Gustavo F. Padovan05fbd892010-05-01 16:15:39 -0300[diff] [blame]3399 __mod_retrans_timer();
3400
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3401 chan->conn_state &= ~L2CAP_CONN_REMOTE_BUSY;
3402 l2cap_send_srejtail(chan);
Gustavo F. Padovan05fbd892010-05-01 16:15:39 -0300[diff] [blame]3403 } else {
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3404 l2cap_send_i_or_rr_or_rnr(chan);
Gustavo F. Padovan05fbd892010-05-01 16:15:39 -0300[diff] [blame]3405 }
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3406
3407 } else if (rx_control & L2CAP_CTRL_FINAL) {
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3408 chan->conn_state &= ~L2CAP_CONN_REMOTE_BUSY;
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3409
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3410 if (chan->conn_state & L2CAP_CONN_REJ_ACT)
3411 chan->conn_state &= ~L2CAP_CONN_REJ_ACT;
Gustavo F. Padovandfc909b2010-05-01 16:15:45 -0300[diff] [blame]3412 else
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3413 l2cap_retransmit_frames(chan);
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3414
3415 } else {
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3416 if ((chan->conn_state & L2CAP_CONN_REMOTE_BUSY) &&
Gustavo F. Padovan6a026612011-04-01 00:38:50 -0300[diff] [blame]3417 (chan->unacked_frames > 0))
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3418 __mod_retrans_timer();
3419
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3420 chan->conn_state &= ~L2CAP_CONN_REMOTE_BUSY;
3421 if (chan->conn_state & L2CAP_CONN_SREJ_SENT)
3422 l2cap_send_ack(chan);
Andrei Emeltchenko894718a2010-12-01 16:58:24 +0200[diff] [blame]3423 else
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3424 l2cap_ertm_send(chan);
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3425 }
3426}
3427
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3428static inline void l2cap_data_channel_rejframe(struct l2cap_chan *chan, u16 rx_control)
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3429{
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3430 u8 tx_seq = __get_reqseq(rx_control);
3431
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3432 BT_DBG("chan %p, req_seq %d ctrl 0x%4.4x", chan, tx_seq, rx_control);
Gustavo F. Padovan0e989582010-04-19 14:45:38 -0300[diff] [blame]3433
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3434 chan->conn_state &= ~L2CAP_CONN_REMOTE_BUSY;
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3435
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]3436 chan->expected_ack_seq = tx_seq;
3437 l2cap_drop_acked_frames(chan);
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3438
3439 if (rx_control & L2CAP_CTRL_FINAL) {
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3440 if (chan->conn_state & L2CAP_CONN_REJ_ACT)
3441 chan->conn_state &= ~L2CAP_CONN_REJ_ACT;
Gustavo F. Padovandfc909b2010-05-01 16:15:45 -0300[diff] [blame]3442 else
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3443 l2cap_retransmit_frames(chan);
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3444 } else {
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3445 l2cap_retransmit_frames(chan);
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3446
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3447 if (chan->conn_state & L2CAP_CONN_WAIT_F)
3448 chan->conn_state |= L2CAP_CONN_REJ_ACT;
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3449 }
3450}
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3451static inline void l2cap_data_channel_srejframe(struct l2cap_chan *chan, u16 rx_control)
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3452{
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3453 u8 tx_seq = __get_reqseq(rx_control);
3454
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3455 BT_DBG("chan %p, req_seq %d ctrl 0x%4.4x", chan, tx_seq, rx_control);
Gustavo F. Padovan0e989582010-04-19 14:45:38 -0300[diff] [blame]3456
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3457 chan->conn_state &= ~L2CAP_CONN_REMOTE_BUSY;
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3458
3459 if (rx_control & L2CAP_CTRL_POLL) {
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]3460 chan->expected_ack_seq = tx_seq;
3461 l2cap_drop_acked_frames(chan);
Gustavo F. Padovan3cb123d2010-05-29 02:24:35 -0300[diff] [blame]3462
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3463 chan->conn_state |= L2CAP_CONN_SEND_FBIT;
3464 l2cap_retransmit_one_frame(chan, tx_seq);
Gustavo F. Padovandfc909b2010-05-01 16:15:45 -0300[diff] [blame]3465
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3466 l2cap_ertm_send(chan);
Gustavo F. Padovandfc909b2010-05-01 16:15:45 -0300[diff] [blame]3467
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3468 if (chan->conn_state & L2CAP_CONN_WAIT_F) {
Gustavo F. Padovan6a026612011-04-01 00:38:50 -0300[diff] [blame]3469 chan->srej_save_reqseq = tx_seq;
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3470 chan->conn_state |= L2CAP_CONN_SREJ_ACT;
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3471 }
3472 } else if (rx_control & L2CAP_CTRL_FINAL) {
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3473 if ((chan->conn_state & L2CAP_CONN_SREJ_ACT) &&
Gustavo F. Padovan6a026612011-04-01 00:38:50 -0300[diff] [blame]3474 chan->srej_save_reqseq == tx_seq)
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3475 chan->conn_state &= ~L2CAP_CONN_SREJ_ACT;
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3476 else
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3477 l2cap_retransmit_one_frame(chan, tx_seq);
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3478 } else {
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3479 l2cap_retransmit_one_frame(chan, tx_seq);
3480 if (chan->conn_state & L2CAP_CONN_WAIT_F) {
Gustavo F. Padovan6a026612011-04-01 00:38:50 -0300[diff] [blame]3481 chan->srej_save_reqseq = tx_seq;
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3482 chan->conn_state |= L2CAP_CONN_SREJ_ACT;
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3483 }
3484 }
3485}
3486
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3487static inline void l2cap_data_channel_rnrframe(struct l2cap_chan *chan, u16 rx_control)
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3488{
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3489 u8 tx_seq = __get_reqseq(rx_control);
3490
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3491 BT_DBG("chan %p, req_seq %d ctrl 0x%4.4x", chan, tx_seq, rx_control);
Gustavo F. Padovan0e989582010-04-19 14:45:38 -0300[diff] [blame]3492
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3493 chan->conn_state |= L2CAP_CONN_REMOTE_BUSY;
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]3494 chan->expected_ack_seq = tx_seq;
3495 l2cap_drop_acked_frames(chan);
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3496
Gustavo F. Padovan3cb123d2010-05-29 02:24:35 -0300[diff] [blame]3497 if (rx_control & L2CAP_CTRL_POLL)
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3498 chan->conn_state |= L2CAP_CONN_SEND_FBIT;
Gustavo F. Padovan3cb123d2010-05-29 02:24:35 -0300[diff] [blame]3499
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3500 if (!(chan->conn_state & L2CAP_CONN_SREJ_SENT)) {
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]3501 del_timer(&chan->retrans_timer);
Gustavo F. Padovana2e12a22010-05-05 19:58:27 -0300[diff] [blame]3502 if (rx_control & L2CAP_CTRL_POLL)
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3503 l2cap_send_rr_or_rnr(chan, L2CAP_CTRL_FINAL);
Gustavo F. Padovan99b0d4b2010-05-01 16:15:38 -0300[diff] [blame]3504 return;
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3505 }
Gustavo F. Padovan99b0d4b2010-05-01 16:15:38 -0300[diff] [blame]3506
3507 if (rx_control & L2CAP_CTRL_POLL)
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3508 l2cap_send_srejtail(chan);
Gustavo F. Padovan99b0d4b2010-05-01 16:15:38 -0300[diff] [blame]3509 else
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3510 l2cap_send_sframe(chan, L2CAP_SUPER_RCV_READY);
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3511}
3512
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3513static inline int l2cap_data_channel_sframe(struct l2cap_chan *chan, u16 rx_control, struct sk_buff *skb)
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3514{
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3515 BT_DBG("chan %p rx_control 0x%4.4x len %d", chan, rx_control, skb->len);
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]3516
Gustavo F. Padovan9b16dc62010-05-05 20:05:57 -0300[diff] [blame]3517 if (L2CAP_CTRL_FINAL & rx_control &&
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3518 chan->conn_state & L2CAP_CONN_WAIT_F) {
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]3519 del_timer(&chan->monitor_timer);
Gustavo F. Padovan6a026612011-04-01 00:38:50 -0300[diff] [blame]3520 if (chan->unacked_frames > 0)
Gustavo F. Padovan1d8f5d12010-05-01 16:15:37 -0300[diff] [blame]3521 __mod_retrans_timer();
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3522 chan->conn_state &= ~L2CAP_CONN_WAIT_F;
Gustavo F. Padovan1d8f5d12010-05-01 16:15:37 -0300[diff] [blame]3523 }
3524
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]3525 switch (rx_control & L2CAP_CTRL_SUPERVISE) {
3526 case L2CAP_SUPER_RCV_READY:
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3527 l2cap_data_channel_rrframe(chan, rx_control);
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]3528 break;
3529
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]3530 case L2CAP_SUPER_REJECT:
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3531 l2cap_data_channel_rejframe(chan, rx_control);
Gustavo F. Padovan30afb5b2009-08-20 22:25:59 -0300[diff] [blame]3532 break;
3533
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]3534 case L2CAP_SUPER_SELECT_REJECT:
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3535 l2cap_data_channel_srejframe(chan, rx_control);
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3536 break;
3537
3538 case L2CAP_SUPER_RCV_NOT_READY:
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3539 l2cap_data_channel_rnrframe(chan, rx_control);
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]3540 break;
3541 }
3542
Gustavo F. Padovanfaaebd12010-05-01 16:15:35 -0300[diff] [blame]3543 kfree_skb(skb);
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]3544 return 0;
3545}
3546
Gustavo F. Padovan218bb9d2010-06-21 18:53:22 -0300[diff] [blame]3547static int l2cap_ertm_data_rcv(struct sock *sk, struct sk_buff *skb)
3548{
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3549 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
Gustavo F. Padovan218bb9d2010-06-21 18:53:22 -0300[diff] [blame]3550 struct l2cap_pinfo *pi = l2cap_pi(sk);
3551 u16 control;
3552 u8 req_seq;
3553 int len, next_tx_seq_offset, req_seq_offset;
3554
3555 control = get_unaligned_le16(skb->data);
3556 skb_pull(skb, 2);
3557 len = skb->len;
3558
3559 /*
3560 * We can just drop the corrupted I-frame here.
3561 * Receiver will miss it and start proper recovery
3562 * procedures and ask retransmission.
3563 */
3564 if (l2cap_check_fcs(pi, skb))
3565 goto drop;
3566
3567 if (__is_sar_start(control) && __is_iframe(control))
3568 len -= 2;
3569
3570 if (pi->fcs == L2CAP_FCS_CRC16)
3571 len -= 2;
3572
3573 if (len > pi->mps) {
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]3574 l2cap_send_disconn_req(pi->conn, chan, ECONNRESET);
Gustavo F. Padovan218bb9d2010-06-21 18:53:22 -0300[diff] [blame]3575 goto drop;
3576 }
3577
3578 req_seq = __get_reqseq(control);
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]3579 req_seq_offset = (req_seq - chan->expected_ack_seq) % 64;
Gustavo F. Padovan218bb9d2010-06-21 18:53:22 -0300[diff] [blame]3580 if (req_seq_offset < 0)
3581 req_seq_offset += 64;
3582
3583 next_tx_seq_offset =
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]3584 (chan->next_tx_seq - chan->expected_ack_seq) % 64;
Gustavo F. Padovan218bb9d2010-06-21 18:53:22 -0300[diff] [blame]3585 if (next_tx_seq_offset < 0)
3586 next_tx_seq_offset += 64;
3587
3588 /* check for invalid req-seq */
3589 if (req_seq_offset > next_tx_seq_offset) {
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]3590 l2cap_send_disconn_req(pi->conn, chan, ECONNRESET);
Gustavo F. Padovan218bb9d2010-06-21 18:53:22 -0300[diff] [blame]3591 goto drop;
3592 }
3593
3594 if (__is_iframe(control)) {
3595 if (len < 0) {
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]3596 l2cap_send_disconn_req(pi->conn, chan, ECONNRESET);
Gustavo F. Padovan218bb9d2010-06-21 18:53:22 -0300[diff] [blame]3597 goto drop;
3598 }
3599
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3600 l2cap_data_channel_iframe(chan, control, skb);
Gustavo F. Padovan218bb9d2010-06-21 18:53:22 -0300[diff] [blame]3601 } else {
3602 if (len != 0) {
3603 BT_ERR("%d", len);
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]3604 l2cap_send_disconn_req(pi->conn, chan, ECONNRESET);
Gustavo F. Padovan218bb9d2010-06-21 18:53:22 -0300[diff] [blame]3605 goto drop;
3606 }
3607
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3608 l2cap_data_channel_sframe(chan, control, skb);
Gustavo F. Padovan218bb9d2010-06-21 18:53:22 -0300[diff] [blame]3609 }
3610
3611 return 0;
3612
3613drop:
3614 kfree_skb(skb);
3615 return 0;
3616}
3617
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3618static inline int l2cap_data_channel(struct l2cap_conn *conn, u16 cid, struct sk_buff *skb)
3619{
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]3620 struct l2cap_chan *chan;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3621 struct sock *sk;
Gustavo F. Padovan6840ed02009-08-20 22:26:01 -0300[diff] [blame]3622 struct l2cap_pinfo *pi;
Nathan Holstein51893f82010-06-09 15:46:25 -0400[diff] [blame]3623 u16 control;
Gustavo F. Padovan218bb9d2010-06-21 18:53:22 -0300[diff] [blame]3624 u8 tx_seq;
3625 int len;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3626
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]3627 chan = l2cap_get_chan_by_scid(conn, cid);
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]3628 if (!chan) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3629 BT_DBG("unknown cid 0x%4.4x", cid);
3630 goto drop;
3631 }
3632
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]3633 sk = chan->sk;
Gustavo F. Padovan6840ed02009-08-20 22:26:01 -0300[diff] [blame]3634 pi = l2cap_pi(sk);
3635
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3636 BT_DBG("sk %p, len %d", sk, skb->len);
3637
3638 if (sk->sk_state != BT_CONNECTED)
3639 goto drop;
3640
Gustavo F. Padovan6840ed02009-08-20 22:26:01 -0300[diff] [blame]3641 switch (pi->mode) {
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]3642 case L2CAP_MODE_BASIC:
3643 /* If socket recv buffers overflows we drop data here
3644 * which is *bad* because L2CAP has to be reliable.
3645 * But we don't have any other choice. L2CAP doesn't
3646 * provide flow control mechanism. */
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3647
Gustavo F. Padovan6840ed02009-08-20 22:26:01 -0300[diff] [blame]3648 if (pi->imtu < skb->len)
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]3649 goto drop;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3650
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]3651 if (!sock_queue_rcv_skb(sk, skb))
3652 goto done;
3653 break;
3654
3655 case L2CAP_MODE_ERTM:
Gustavo F. Padovan218bb9d2010-06-21 18:53:22 -0300[diff] [blame]3656 if (!sock_owned_by_user(sk)) {
3657 l2cap_ertm_data_rcv(sk, skb);
Gustavo F. Padovan277ffbe2010-05-01 16:15:37 -0300[diff] [blame]3658 } else {
Gustavo F. Padovan218bb9d2010-06-21 18:53:22 -0300[diff] [blame]3659 if (sk_add_backlog(sk, skb))
Gustavo F. Padovan277ffbe2010-05-01 16:15:37 -0300[diff] [blame]3660 goto drop;
Gustavo F. Padovan277ffbe2010-05-01 16:15:37 -0300[diff] [blame]3661 }
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]3662
Andrei Emeltchenkofcafde22009-12-22 15:58:08 +0200[diff] [blame]3663 goto done;
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]3664
Gustavo F. Padovan6840ed02009-08-20 22:26:01 -0300[diff] [blame]3665 case L2CAP_MODE_STREAMING:
3666 control = get_unaligned_le16(skb->data);
3667 skb_pull(skb, 2);
3668 len = skb->len;
3669
Gustavo F. Padovan26000082010-05-11 22:02:00 -0300[diff] [blame]3670 if (l2cap_check_fcs(pi, skb))
3671 goto drop;
3672
Gustavo F. Padovan6840ed02009-08-20 22:26:01 -0300[diff] [blame]3673 if (__is_sar_start(control))
3674 len -= 2;
3675
Gustavo F. Padovanfcc203c2009-08-20 22:26:02 -0300[diff] [blame]3676 if (pi->fcs == L2CAP_FCS_CRC16)
3677 len -= 2;
3678
Nathan Holstein51893f82010-06-09 15:46:25 -0400[diff] [blame]3679 if (len > pi->mps || len < 0 || __is_sframe(control))
Gustavo F. Padovan6840ed02009-08-20 22:26:01 -0300[diff] [blame]3680 goto drop;
3681
3682 tx_seq = __get_txseq(control);
3683
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]3684 if (chan->expected_tx_seq == tx_seq)
3685 chan->expected_tx_seq = (chan->expected_tx_seq + 1) % 64;
Gustavo F. Padovan6840ed02009-08-20 22:26:01 -0300[diff] [blame]3686 else
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]3687 chan->expected_tx_seq = (tx_seq + 1) % 64;
Gustavo F. Padovan6840ed02009-08-20 22:26:01 -0300[diff] [blame]3688
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3689 l2cap_streaming_reassembly_sdu(chan, skb, control);
Gustavo F. Padovan6840ed02009-08-20 22:26:01 -0300[diff] [blame]3690
3691 goto done;
3692
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]3693 default:
Gustavo F. Padovane8235c62010-05-01 16:15:36 -0300[diff] [blame]3694 BT_DBG("sk %p: bad mode 0x%2.2x", sk, pi->mode);
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]3695 break;
3696 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3697
3698drop:
3699 kfree_skb(skb);
3700
3701done:
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]3702 if (sk)
3703 bh_unlock_sock(sk);
3704
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3705 return 0;
3706}
3707
Al Viro8e036fc2007-07-29 00:16:36 -0700[diff] [blame]3708static inline int l2cap_conless_channel(struct l2cap_conn *conn, __le16 psm, struct sk_buff *skb)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3709{
3710 struct sock *sk;
3711
3712 sk = l2cap_get_sock_by_psm(0, psm, conn->src);
3713 if (!sk)
3714 goto drop;
3715
Gustavo F. Padovane0f0cb52010-11-01 18:43:53 +0000[diff] [blame]3716 bh_lock_sock(sk);
3717
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3718 BT_DBG("sk %p, len %d", sk, skb->len);
3719
3720 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_CONNECTED)
3721 goto drop;
3722
3723 if (l2cap_pi(sk)->imtu < skb->len)
3724 goto drop;
3725
3726 if (!sock_queue_rcv_skb(sk, skb))
3727 goto done;
3728
3729drop:
3730 kfree_skb(skb);
3731
3732done:
Gustavo F. Padovanaf05b30b2009-04-20 01:31:08 -0300[diff] [blame]3733 if (sk)
3734 bh_unlock_sock(sk);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3735 return 0;
3736}
3737
3738static void l2cap_recv_frame(struct l2cap_conn *conn, struct sk_buff *skb)
3739{
3740 struct l2cap_hdr *lh = (void *) skb->data;
Al Viro8e036fc2007-07-29 00:16:36 -0700[diff] [blame]3741 u16 cid, len;
3742 __le16 psm;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3743
3744 skb_pull(skb, L2CAP_HDR_SIZE);
3745 cid = __le16_to_cpu(lh->cid);
3746 len = __le16_to_cpu(lh->len);
3747
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]3748 if (len != skb->len) {
3749 kfree_skb(skb);
3750 return;
3751 }
3752
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3753 BT_DBG("len %d, cid 0x%4.4x", len, cid);
3754
3755 switch (cid) {
Claudio Takahasi3300d9a2011-02-11 19:28:54 -0200[diff] [blame]3756 case L2CAP_CID_LE_SIGNALING:
Gustavo F. Padovan8db4dc42009-04-20 01:31:05 -0300[diff] [blame]3757 case L2CAP_CID_SIGNALING:
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3758 l2cap_sig_channel(conn, skb);
3759 break;
3760
Gustavo F. Padovan8db4dc42009-04-20 01:31:05 -0300[diff] [blame]3761 case L2CAP_CID_CONN_LESS:
Gustavo F. Padovan1b7bf4e2009-08-24 00:45:20 -0300[diff] [blame]3762 psm = get_unaligned_le16(skb->data);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3763 skb_pull(skb, 2);
3764 l2cap_conless_channel(conn, psm, skb);
3765 break;
3766
3767 default:
3768 l2cap_data_channel(conn, cid, skb);
3769 break;
3770 }
3771}
3772
3773/* ---- L2CAP interface with lower layer (HCI) ---- */
3774
3775static int l2cap_connect_ind(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type)
3776{
3777 int exact = 0, lm1 = 0, lm2 = 0;
3778 register struct sock *sk;
3779 struct hlist_node *node;
3780
3781 if (type != ACL_LINK)
João Paulo Rechi Vita963cf682010-06-22 13:56:28 -0300[diff] [blame]3782 return -EINVAL;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3783
3784 BT_DBG("hdev %s, bdaddr %s", hdev->name, batostr(bdaddr));
3785
3786 /* Find listening sockets and check their link_mode */
3787 read_lock(&l2cap_sk_list.lock);
3788 sk_for_each(sk, node, &l2cap_sk_list.head) {
3789 if (sk->sk_state != BT_LISTEN)
3790 continue;
3791
3792 if (!bacmp(&bt_sk(sk)->src, &hdev->bdaddr)) {
Marcel Holtmann2af6b9d2009-01-15 21:58:38 +0100[diff] [blame]3793 lm1 |= HCI_LM_ACCEPT;
3794 if (l2cap_pi(sk)->role_switch)
3795 lm1 |= HCI_LM_MASTER;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3796 exact++;
Marcel Holtmann2af6b9d2009-01-15 21:58:38 +0100[diff] [blame]3797 } else if (!bacmp(&bt_sk(sk)->src, BDADDR_ANY)) {
3798 lm2 |= HCI_LM_ACCEPT;
3799 if (l2cap_pi(sk)->role_switch)
3800 lm2 |= HCI_LM_MASTER;
3801 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3802 }
3803 read_unlock(&l2cap_sk_list.lock);
3804
3805 return exact ? lm1 : lm2;
3806}
3807
3808static int l2cap_connect_cfm(struct hci_conn *hcon, u8 status)
3809{
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]3810 struct l2cap_conn *conn;
3811
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3812 BT_DBG("hcon %p bdaddr %s status %d", hcon, batostr(&hcon->dst), status);
3813
Ville Tervoacd7d372011-02-10 22:38:49 -0300[diff] [blame]3814 if (!(hcon->type == ACL_LINK || hcon->type == LE_LINK))
João Paulo Rechi Vita963cf682010-06-22 13:56:28 -0300[diff] [blame]3815 return -EINVAL;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3816
3817 if (!status) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3818 conn = l2cap_conn_add(hcon, status);
3819 if (conn)
3820 l2cap_conn_ready(conn);
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]3821 } else
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3822 l2cap_conn_del(hcon, bt_err(status));
3823
3824 return 0;
3825}
3826
Marcel Holtmann2950f212009-02-12 14:02:50 +0100[diff] [blame]3827static int l2cap_disconn_ind(struct hci_conn *hcon)
3828{
3829 struct l2cap_conn *conn = hcon->l2cap_data;
3830
3831 BT_DBG("hcon %p", hcon);
3832
3833 if (hcon->type != ACL_LINK || !conn)
3834 return 0x13;
3835
3836 return conn->disc_reason;
3837}
3838
3839static int l2cap_disconn_cfm(struct hci_conn *hcon, u8 reason)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3840{
3841 BT_DBG("hcon %p reason %d", hcon, reason);
3842
Ville Tervoacd7d372011-02-10 22:38:49 -0300[diff] [blame]3843 if (!(hcon->type == ACL_LINK || hcon->type == LE_LINK))
João Paulo Rechi Vita963cf682010-06-22 13:56:28 -0300[diff] [blame]3844 return -EINVAL;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3845
3846 l2cap_conn_del(hcon, bt_err(reason));
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]3847
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3848 return 0;
3849}
3850
Marcel Holtmannf62e4322009-01-15 21:58:44 +0100[diff] [blame]3851static inline void l2cap_check_encryption(struct sock *sk, u8 encrypt)
3852{
Gustavo F. Padovanbd3c9e22010-05-01 16:15:42 -0300[diff] [blame]3853 if (sk->sk_type != SOCK_SEQPACKET && sk->sk_type != SOCK_STREAM)
Marcel Holtmann255c7602009-02-04 21:07:19 +0100[diff] [blame]3854 return;
3855
Marcel Holtmannf62e4322009-01-15 21:58:44 +0100[diff] [blame]3856 if (encrypt == 0x00) {
3857 if (l2cap_pi(sk)->sec_level == BT_SECURITY_MEDIUM) {
3858 l2cap_sock_clear_timer(sk);
3859 l2cap_sock_set_timer(sk, HZ * 5);
3860 } else if (l2cap_pi(sk)->sec_level == BT_SECURITY_HIGH)
3861 __l2cap_sock_close(sk, ECONNREFUSED);
3862 } else {
3863 if (l2cap_pi(sk)->sec_level == BT_SECURITY_MEDIUM)
3864 l2cap_sock_clear_timer(sk);
3865 }
3866}
3867
Marcel Holtmann8c1b2352009-01-15 21:58:04 +0100[diff] [blame]3868static int l2cap_security_cfm(struct hci_conn *hcon, u8 status, u8 encrypt)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3869{
Marcel Holtmann40be4922008-07-14 20:13:50 +0200[diff] [blame]3870 struct l2cap_conn *conn = hcon->l2cap_data;
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]3871 struct l2cap_chan *chan;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3872
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]3873 if (!conn)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3874 return 0;
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]3875
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3876 BT_DBG("conn %p", conn);
3877
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]3878 read_lock(&conn->chan_lock);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3879
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]3880 list_for_each_entry(chan, &conn->chan_l, list) {
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]3881 struct sock *sk = chan->sk;
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]3882
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3883 bh_lock_sock(sk);
3884
Marcel Holtmann6a8d3012009-02-06 23:56:36 +0100[diff] [blame]3885 if (l2cap_pi(sk)->conf_state & L2CAP_CONF_CONNECT_PEND) {
3886 bh_unlock_sock(sk);
3887 continue;
3888 }
3889
Marcel Holtmannf62e4322009-01-15 21:58:44 +0100[diff] [blame]3890 if (!status && (sk->sk_state == BT_CONNECTED ||
Marcel Holtmann8c1b2352009-01-15 21:58:04 +0100[diff] [blame]3891 sk->sk_state == BT_CONFIG)) {
Marcel Holtmannf62e4322009-01-15 21:58:44 +0100[diff] [blame]3892 l2cap_check_encryption(sk, encrypt);
Marcel Holtmann9719f8a2008-07-14 20:13:45 +0200[diff] [blame]3893 bh_unlock_sock(sk);
3894 continue;
3895 }
3896
Marcel Holtmannb1235d72008-07-14 20:13:54 +0200[diff] [blame]3897 if (sk->sk_state == BT_CONNECT) {
3898 if (!status) {
3899 struct l2cap_conn_req req;
3900 req.scid = cpu_to_le16(l2cap_pi(sk)->scid);
3901 req.psm = l2cap_pi(sk)->psm;
3902
Gustavo F. Padovanfc7f8a72011-03-25 13:59:37 -0300[diff] [blame]3903 chan->ident = l2cap_get_ident(conn);
Andrei Emeltchenkoe501d052010-07-08 12:14:41 +0300[diff] [blame]3904 l2cap_pi(sk)->conf_state |= L2CAP_CONF_CONNECT_PEND;
Marcel Holtmannb1235d72008-07-14 20:13:54 +0200[diff] [blame]3905
Gustavo F. Padovanfc7f8a72011-03-25 13:59:37 -0300[diff] [blame]3906 l2cap_send_cmd(conn, chan->ident,
Marcel Holtmannb1235d72008-07-14 20:13:54 +0200[diff] [blame]3907 L2CAP_CONN_REQ, sizeof(req), &req);
3908 } else {
3909 l2cap_sock_clear_timer(sk);
3910 l2cap_sock_set_timer(sk, HZ / 10);
3911 }
3912 } else if (sk->sk_state == BT_CONNECT2) {
3913 struct l2cap_conn_rsp rsp;
3914 __u16 result;
3915
3916 if (!status) {
3917 sk->sk_state = BT_CONFIG;
3918 result = L2CAP_CR_SUCCESS;
3919 } else {
3920 sk->sk_state = BT_DISCONN;
3921 l2cap_sock_set_timer(sk, HZ / 10);
3922 result = L2CAP_CR_SEC_BLOCK;
3923 }
3924
3925 rsp.scid = cpu_to_le16(l2cap_pi(sk)->dcid);
3926 rsp.dcid = cpu_to_le16(l2cap_pi(sk)->scid);
3927 rsp.result = cpu_to_le16(result);
Marcel Holtmanne7c29cb2008-09-09 07:19:20 +0200[diff] [blame]3928 rsp.status = cpu_to_le16(L2CAP_CS_NO_INFO);
Gustavo F. Padovanfc7f8a72011-03-25 13:59:37 -0300[diff] [blame]3929 l2cap_send_cmd(conn, chan->ident, L2CAP_CONN_RSP,
3930 sizeof(rsp), &rsp);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3931 }
3932
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3933 bh_unlock_sock(sk);
3934 }
3935
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]3936 read_unlock(&conn->chan_lock);
Marcel Holtmannb1235d72008-07-14 20:13:54 +0200[diff] [blame]3937
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3938 return 0;
3939}
3940
3941static int l2cap_recv_acldata(struct hci_conn *hcon, struct sk_buff *skb, u16 flags)
3942{
3943 struct l2cap_conn *conn = hcon->l2cap_data;
3944
Andrei Emeltchenko5a08ecc2011-01-11 17:20:20 +0200[diff] [blame]3945 if (!conn)
3946 conn = l2cap_conn_add(hcon, 0);
3947
3948 if (!conn)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3949 goto drop;
3950
3951 BT_DBG("conn %p len %d flags 0x%x", conn, skb->len, flags);
3952
Andrei Emeltchenkoe7021122011-01-03 11:14:36 +0200[diff] [blame]3953 if (!(flags & ACL_CONT)) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3954 struct l2cap_hdr *hdr;
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]3955 struct l2cap_chan *chan;
Andrei Emeltchenko89794812010-09-15 14:28:44 +0300[diff] [blame]3956 u16 cid;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3957 int len;
3958
3959 if (conn->rx_len) {
3960 BT_ERR("Unexpected start frame (len %d)", skb->len);
3961 kfree_skb(conn->rx_skb);
3962 conn->rx_skb = NULL;
3963 conn->rx_len = 0;
3964 l2cap_conn_unreliable(conn, ECOMM);
3965 }
3966
Andrei Emeltchenkoaae7fe22010-09-15 14:28:43 +0300[diff] [blame]3967 /* Start fragment always begin with Basic L2CAP header */
3968 if (skb->len < L2CAP_HDR_SIZE) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3969 BT_ERR("Frame is too short (len %d)", skb->len);
3970 l2cap_conn_unreliable(conn, ECOMM);
3971 goto drop;
3972 }
3973
3974 hdr = (struct l2cap_hdr *) skb->data;
3975 len = __le16_to_cpu(hdr->len) + L2CAP_HDR_SIZE;
Andrei Emeltchenko89794812010-09-15 14:28:44 +0300[diff] [blame]3976 cid = __le16_to_cpu(hdr->cid);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3977
3978 if (len == skb->len) {
3979 /* Complete frame received */
3980 l2cap_recv_frame(conn, skb);
3981 return 0;
3982 }
3983
3984 BT_DBG("Start: total len %d, frag len %d", len, skb->len);
3985
3986 if (skb->len > len) {
3987 BT_ERR("Frame is too long (len %d, expected len %d)",
3988 skb->len, len);
3989 l2cap_conn_unreliable(conn, ECOMM);
3990 goto drop;
3991 }
3992
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]3993 chan = l2cap_get_chan_by_scid(conn, cid);
Andrei Emeltchenko89794812010-09-15 14:28:44 +0300[diff] [blame]3994
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]3995 if (chan && chan->sk) {
3996 struct sock *sk = chan->sk;
3997
3998 if (l2cap_pi(sk)->imtu < len - L2CAP_HDR_SIZE) {
3999 BT_ERR("Frame exceeding recv MTU (len %d, "
4000 "MTU %d)", len,
4001 l2cap_pi(sk)->imtu);
4002 bh_unlock_sock(sk);
4003 l2cap_conn_unreliable(conn, ECOMM);
4004 goto drop;
4005 }
Andrei Emeltchenko89794812010-09-15 14:28:44 +0300[diff] [blame]4006 bh_unlock_sock(sk);
Andrei Emeltchenko89794812010-09-15 14:28:44 +0300[diff] [blame]4007 }
4008
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]4009 /* Allocate skb for the complete frame (with header) */
Gustavo F. Padovanaf05b30b2009-04-20 01:31:08 -0300[diff] [blame]4010 conn->rx_skb = bt_skb_alloc(len, GFP_ATOMIC);
4011 if (!conn->rx_skb)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]4012 goto drop;
4013
Arnaldo Carvalho de Melod626f622007-03-27 18:55:52 -0300[diff] [blame]4014 skb_copy_from_linear_data(skb, skb_put(conn->rx_skb, skb->len),
Marcel Holtmanne1027a72009-02-09 09:18:02 +0100[diff] [blame]4015 skb->len);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]4016 conn->rx_len = len - skb->len;
4017 } else {
4018 BT_DBG("Cont: frag len %d (expecting %d)", skb->len, conn->rx_len);
4019
4020 if (!conn->rx_len) {
4021 BT_ERR("Unexpected continuation frame (len %d)", skb->len);
4022 l2cap_conn_unreliable(conn, ECOMM);
4023 goto drop;
4024 }
4025
4026 if (skb->len > conn->rx_len) {
4027 BT_ERR("Fragment is too long (len %d, expected %d)",
4028 skb->len, conn->rx_len);
4029 kfree_skb(conn->rx_skb);
4030 conn->rx_skb = NULL;
4031 conn->rx_len = 0;
4032 l2cap_conn_unreliable(conn, ECOMM);
4033 goto drop;
4034 }
4035
Arnaldo Carvalho de Melod626f622007-03-27 18:55:52 -0300[diff] [blame]4036 skb_copy_from_linear_data(skb, skb_put(conn->rx_skb, skb->len),
Marcel Holtmanne1027a72009-02-09 09:18:02 +0100[diff] [blame]4037 skb->len);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]4038 conn->rx_len -= skb->len;
4039
4040 if (!conn->rx_len) {
4041 /* Complete frame received */
4042 l2cap_recv_frame(conn, conn->rx_skb);
4043 conn->rx_skb = NULL;
4044 }
4045 }
4046
4047drop:
4048 kfree_skb(skb);
4049 return 0;
4050}
4051
Marcel Holtmannaef7d972010-03-21 05:27:45 +0100[diff] [blame]4052static int l2cap_debugfs_show(struct seq_file *f, void *p)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]4053{
4054 struct sock *sk;
4055 struct hlist_node *node;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]4056
4057 read_lock_bh(&l2cap_sk_list.lock);
4058
Marcel Holtmannbe9d1222005-11-08 09:57:38 -0800[diff] [blame]4059 sk_for_each(sk, node, &l2cap_sk_list.head) {
4060 struct l2cap_pinfo *pi = l2cap_pi(sk);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]4061
Gustavo F. Padovan903d3432011-02-10 14:16:06 -0200[diff] [blame]4062 seq_printf(f, "%s %s %d %d 0x%4.4x 0x%4.4x %d %d %d %d\n",
Marcel Holtmannaef7d972010-03-21 05:27:45 +0100[diff] [blame]4063 batostr(&bt_sk(sk)->src),
4064 batostr(&bt_sk(sk)->dst),
4065 sk->sk_state, __le16_to_cpu(pi->psm),
4066 pi->scid, pi->dcid,
Gustavo F. Padovan903d3432011-02-10 14:16:06 -0200[diff] [blame]4067 pi->imtu, pi->omtu, pi->sec_level,
4068 pi->mode);
Marcel Holtmannbe9d1222005-11-08 09:57:38 -0800[diff] [blame]4069 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]4070
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]4071 read_unlock_bh(&l2cap_sk_list.lock);
Marcel Holtmannbe9d1222005-11-08 09:57:38 -0800[diff] [blame]4072
Marcel Holtmannaef7d972010-03-21 05:27:45 +0100[diff] [blame]4073 return 0;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]4074}
4075
Marcel Holtmannaef7d972010-03-21 05:27:45 +0100[diff] [blame]4076static int l2cap_debugfs_open(struct inode *inode, struct file *file)
4077{
4078 return single_open(file, l2cap_debugfs_show, inode->i_private);
4079}
4080
4081static const struct file_operations l2cap_debugfs_fops = {
4082 .open = l2cap_debugfs_open,
4083 .read = seq_read,
4084 .llseek = seq_lseek,
4085 .release = single_release,
4086};
4087
4088static struct dentry *l2cap_debugfs;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]4089
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]4090static struct hci_proto l2cap_hci_proto = {
4091 .name = "L2CAP",
4092 .id = HCI_PROTO_L2CAP,
4093 .connect_ind = l2cap_connect_ind,
4094 .connect_cfm = l2cap_connect_cfm,
4095 .disconn_ind = l2cap_disconn_ind,
Marcel Holtmann2950f212009-02-12 14:02:50 +0100[diff] [blame]4096 .disconn_cfm = l2cap_disconn_cfm,
Marcel Holtmann8c1b2352009-01-15 21:58:04 +0100[diff] [blame]4097 .security_cfm = l2cap_security_cfm,
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]4098 .recv_acldata = l2cap_recv_acldata
4099};
4100
Gustavo F. Padovan64274512011-02-07 20:08:52 -0200[diff] [blame]4101int __init l2cap_init(void)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]4102{
4103 int err;
Marcel Holtmannbe9d1222005-11-08 09:57:38 -0800[diff] [blame]4104
Gustavo F. Padovanbb58f742011-02-03 20:50:35 -0200[diff] [blame]4105 err = l2cap_init_sockets();
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]4106 if (err < 0)
4107 return err;
4108
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]4109 _busy_wq = create_singlethread_workqueue("l2cap");
Anderson Lizardob78d7b4f2010-11-29 12:15:50 -0400[diff] [blame]4110 if (!_busy_wq) {
Gustavo F. Padovanbb58f742011-02-03 20:50:35 -0200[diff] [blame]4111 err = -ENOMEM;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]4112 goto error;
4113 }
4114
4115 err = hci_register_proto(&l2cap_hci_proto);
4116 if (err < 0) {
4117 BT_ERR("L2CAP protocol registration failed");
4118 bt_sock_unregister(BTPROTO_L2CAP);
4119 goto error;
4120 }
4121
Marcel Holtmannaef7d972010-03-21 05:27:45 +0100[diff] [blame]4122 if (bt_debugfs) {
4123 l2cap_debugfs = debugfs_create_file("l2cap", 0444,
4124 bt_debugfs, NULL, &l2cap_debugfs_fops);
4125 if (!l2cap_debugfs)
4126 BT_ERR("Failed to create L2CAP debug file");
4127 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]4128
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]4129 return 0;
4130
4131error:
Anderson Lizardob78d7b4f2010-11-29 12:15:50 -0400[diff] [blame]4132 destroy_workqueue(_busy_wq);
Gustavo F. Padovanbb58f742011-02-03 20:50:35 -0200[diff] [blame]4133 l2cap_cleanup_sockets();
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]4134 return err;
4135}
4136
Gustavo F. Padovan64274512011-02-07 20:08:52 -0200[diff] [blame]4137void l2cap_exit(void)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]4138{
Marcel Holtmannaef7d972010-03-21 05:27:45 +0100[diff] [blame]4139 debugfs_remove(l2cap_debugfs);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]4140
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]4141 flush_workqueue(_busy_wq);
4142 destroy_workqueue(_busy_wq);
4143
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]4144 if (hci_unregister_proto(&l2cap_hci_proto) < 0)
4145 BT_ERR("L2CAP protocol unregistration failed");
4146
Gustavo F. Padovanbb58f742011-02-03 20:50:35 -0200[diff] [blame]4147 l2cap_cleanup_sockets();
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]4148}
4149
Gustavo F. Padovand1c4a172010-07-18 16:25:54 -0300[diff] [blame]4150module_param(disable_ertm, bool, 0644);
4151MODULE_PARM_DESC(disable_ertm, "Disable enhanced retransmission mode");