Linaro Git Browser
Code Review Sign In
review.linaro.org / kernel / linux-linaro-stable.git / f1c6775be6fc944e32e0150305d9753b9a846519 / . / net / bluetooth / l2cap_core.c
blob: 06c505b1476d8720a38dc398d59b7168b11776c5 [file] [log] [blame]
YOSHIFUJI Hideaki8e87d142007-02-09 23:24:33 +0900[diff] [blame]1/*
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
Gustavo F. Padovance5706b2010-07-13 11:57:11 -0300[diff] [blame]4 Copyright (C) 2009-2010 Gustavo F. Padovan <gustavo@padovan.org>
Gustavo F. Padovan5d8868f2010-07-16 16:18:39 -0300[diff] [blame]5 Copyright (C) 2010 Google Inc.
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]6
7 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
8
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License version 2 as
11 published by the Free Software Foundation;
12
13 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
14 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
15 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
16 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
YOSHIFUJI Hideaki8e87d142007-02-09 23:24:33 +0900[diff] [blame]17 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
18 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
19 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]20 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
21
YOSHIFUJI Hideaki8e87d142007-02-09 23:24:33 +0900[diff] [blame]22 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
23 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]24 SOFTWARE IS DISCLAIMED.
25*/
26
Gustavo F. Padovanbb58f742011-02-03 20:50:35 -0200[diff] [blame]27/* Bluetooth L2CAP core. */
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]28
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]29#include <linux/module.h>
30
31#include <linux/types.h>
Randy Dunlap4fc268d2006-01-11 12:17:47 -0800[diff] [blame]32#include <linux/capability.h>
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]33#include <linux/errno.h>
34#include <linux/kernel.h>
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]35#include <linux/sched.h>
36#include <linux/slab.h>
37#include <linux/poll.h>
38#include <linux/fcntl.h>
39#include <linux/init.h>
40#include <linux/interrupt.h>
41#include <linux/socket.h>
42#include <linux/skbuff.h>
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]43#include <linux/list.h>
Marcel Holtmannbe9d1222005-11-08 09:57:38 -0800[diff] [blame]44#include <linux/device.h>
Marcel Holtmannaef7d972010-03-21 05:27:45 +0100[diff] [blame]45#include <linux/debugfs.h>
46#include <linux/seq_file.h>
Gustavo F. Padovanaf05b30b2009-04-20 01:31:08 -0300[diff] [blame]47#include <linux/uaccess.h>
Gustavo F. Padovanfcc203c2009-08-20 22:26:02 -0300[diff] [blame]48#include <linux/crc16.h>
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]49#include <net/sock.h>
50
51#include <asm/system.h>
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]52#include <asm/unaligned.h>
53
54#include <net/bluetooth/bluetooth.h>
55#include <net/bluetooth/hci_core.h>
56#include <net/bluetooth/l2cap.h>
57
Gustavo F. Padovanbb58f742011-02-03 20:50:35 -0200[diff] [blame]58int disable_ertm;
Marcel Holtmannf0709e02007-10-20 13:38:51 +0200[diff] [blame]59
Marcel Holtmann47ec1dcd2009-05-02 18:57:55 -0700[diff] [blame]60static u32 l2cap_feat_mask = L2CAP_FEAT_FIXED_CHAN;
Marcel Holtmanne1027a72009-02-09 09:18:02 +0100[diff] [blame]61static u8 l2cap_fixed_chan[8] = { 0x02, };
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]62
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]63static struct workqueue_struct *_busy_wq;
64
Gustavo F. Padovanbb58f742011-02-03 20:50:35 -0200[diff] [blame]65struct bt_sock_list l2cap_sk_list = {
Robert P. J. Dayd5fb2962008-03-28 16:17:38 -0700[diff] [blame]66 .lock = __RW_LOCK_UNLOCKED(l2cap_sk_list.lock)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]67};
68
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]69static void l2cap_busy_work(struct work_struct *work);
70
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]71static struct sk_buff *l2cap_build_cmd(struct l2cap_conn *conn,
72 u8 code, u8 ident, u16 dlen, void *data);
Gustavo F. Padovan710f9b02011-03-25 14:30:37 -0300[diff] [blame]73static int l2cap_build_conf_req(struct l2cap_chan *chan, void *data);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]74
Gustavo F. Padovan218bb9d2010-06-21 18:53:22 -0300[diff] [blame]75static int l2cap_ertm_data_rcv(struct sock *sk, struct sk_buff *skb);
76
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]77/* ---- L2CAP channels ---- */
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]78static struct l2cap_chan *__l2cap_get_chan_by_dcid(struct l2cap_conn *conn, u16 cid)
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]79{
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]80 struct l2cap_chan *c;
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]81
82 list_for_each_entry(c, &conn->chan_l, list) {
83 struct sock *s = c->sk;
84 if (l2cap_pi(s)->dcid == cid)
85 return c;
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]86 }
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]87 return NULL;
88
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]89}
90
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]91static struct l2cap_chan *__l2cap_get_chan_by_scid(struct l2cap_conn *conn, u16 cid)
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]92{
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]93 struct l2cap_chan *c;
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]94
95 list_for_each_entry(c, &conn->chan_l, list) {
96 struct sock *s = c->sk;
97 if (l2cap_pi(s)->scid == cid)
98 return c;
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]99 }
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]100 return NULL;
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]101}
102
103/* Find channel with given SCID.
104 * Returns locked socket */
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]105static struct l2cap_chan *l2cap_get_chan_by_scid(struct l2cap_conn *conn, u16 cid)
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]106{
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]107 struct l2cap_chan *c;
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]108
109 read_lock(&conn->chan_lock);
110 c = __l2cap_get_chan_by_scid(conn, cid);
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]111 if (c)
112 bh_lock_sock(c->sk);
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]113 read_unlock(&conn->chan_lock);
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]114 return c;
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]115}
116
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]117static struct l2cap_chan *__l2cap_get_chan_by_ident(struct l2cap_conn *conn, u8 ident)
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]118{
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]119 struct l2cap_chan *c;
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]120
121 list_for_each_entry(c, &conn->chan_l, list) {
Gustavo F. Padovanfc7f8a72011-03-25 13:59:37 -0300[diff] [blame]122 if (c->ident == ident)
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]123 return c;
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]124 }
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]125 return NULL;
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]126}
127
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]128static inline struct l2cap_chan *l2cap_get_chan_by_ident(struct l2cap_conn *conn, u8 ident)
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]129{
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]130 struct l2cap_chan *c;
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]131
132 read_lock(&conn->chan_lock);
133 c = __l2cap_get_chan_by_ident(conn, ident);
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]134 if (c)
135 bh_lock_sock(c->sk);
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]136 read_unlock(&conn->chan_lock);
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]137 return c;
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]138}
139
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]140static u16 l2cap_alloc_cid(struct l2cap_conn *conn)
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]141{
Gustavo F. Padovan8db4dc42009-04-20 01:31:05 -0300[diff] [blame]142 u16 cid = L2CAP_CID_DYN_START;
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]143
Gustavo F. Padovan8db4dc42009-04-20 01:31:05 -0300[diff] [blame]144 for (; cid < L2CAP_CID_DYN_END; cid++) {
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]145 if (!__l2cap_get_chan_by_scid(conn, cid))
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]146 return cid;
147 }
148
149 return 0;
150}
151
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]152static struct l2cap_chan *l2cap_chan_alloc(struct sock *sk)
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]153{
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]154 struct l2cap_chan *chan;
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]155
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]156 chan = kzalloc(sizeof(*chan), GFP_ATOMIC);
157 if (!chan)
158 return NULL;
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]159
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]160 chan->sk = sk;
161
162 return chan;
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]163}
164
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]165static void __l2cap_chan_add(struct l2cap_conn *conn, struct l2cap_chan *chan)
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]166{
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]167 struct sock *sk = chan->sk;
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]168
Gustavo F. Padovanaf05b30b2009-04-20 01:31:08 -0300[diff] [blame]169 BT_DBG("conn %p, psm 0x%2.2x, dcid 0x%4.4x", conn,
170 l2cap_pi(sk)->psm, l2cap_pi(sk)->dcid);
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]171
Marcel Holtmann2950f212009-02-12 14:02:50 +0100[diff] [blame]172 conn->disc_reason = 0x13;
173
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]174 l2cap_pi(sk)->conn = conn;
175
Gustavo F. Padovanbd3c9e22010-05-01 16:15:42 -0300[diff] [blame]176 if (sk->sk_type == SOCK_SEQPACKET || sk->sk_type == SOCK_STREAM) {
Ville Tervob62f3282011-02-10 22:38:50 -0300[diff] [blame]177 if (conn->hcon->type == LE_LINK) {
178 /* LE connection */
179 l2cap_pi(sk)->omtu = L2CAP_LE_DEFAULT_MTU;
180 l2cap_pi(sk)->scid = L2CAP_CID_LE_DATA;
181 l2cap_pi(sk)->dcid = L2CAP_CID_LE_DATA;
182 } else {
183 /* Alloc CID for connection-oriented socket */
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]184 l2cap_pi(sk)->scid = l2cap_alloc_cid(conn);
Ville Tervob62f3282011-02-10 22:38:50 -0300[diff] [blame]185 l2cap_pi(sk)->omtu = L2CAP_DEFAULT_MTU;
186 }
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]187 } else if (sk->sk_type == SOCK_DGRAM) {
188 /* Connectionless socket */
Gustavo F. Padovan8db4dc42009-04-20 01:31:05 -0300[diff] [blame]189 l2cap_pi(sk)->scid = L2CAP_CID_CONN_LESS;
190 l2cap_pi(sk)->dcid = L2CAP_CID_CONN_LESS;
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]191 l2cap_pi(sk)->omtu = L2CAP_DEFAULT_MTU;
192 } else {
193 /* Raw socket can send/recv signalling messages only */
Gustavo F. Padovan8db4dc42009-04-20 01:31:05 -0300[diff] [blame]194 l2cap_pi(sk)->scid = L2CAP_CID_SIGNALING;
195 l2cap_pi(sk)->dcid = L2CAP_CID_SIGNALING;
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]196 l2cap_pi(sk)->omtu = L2CAP_DEFAULT_MTU;
197 }
198
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]199 sock_hold(sk);
200
201 list_add(&chan->list, &conn->chan_l);
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]202}
203
YOSHIFUJI Hideaki8e87d142007-02-09 23:24:33 +0900[diff] [blame]204/* Delete channel.
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]205 * Must be called on the locked socket. */
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]206void l2cap_chan_del(struct l2cap_chan *chan, int err)
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]207{
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]208 struct sock *sk = chan->sk;
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]209 struct l2cap_conn *conn = l2cap_pi(sk)->conn;
210 struct sock *parent = bt_sk(sk)->parent;
211
212 l2cap_sock_clear_timer(sk);
213
214 BT_DBG("sk %p, conn %p, err %d", sk, conn, err);
215
YOSHIFUJI Hideaki8e87d142007-02-09 23:24:33 +0900[diff] [blame]216 if (conn) {
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]217 /* Delete from channel list */
218 write_lock_bh(&conn->chan_lock);
219 list_del(&chan->list);
220 write_unlock_bh(&conn->chan_lock);
221 __sock_put(sk);
222
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]223 l2cap_pi(sk)->conn = NULL;
224 hci_conn_put(conn->hcon);
225 }
226
Marcel Holtmannb1235d72008-07-14 20:13:54 +0200[diff] [blame]227 sk->sk_state = BT_CLOSED;
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]228 sock_set_flag(sk, SOCK_ZAPPED);
229
230 if (err)
231 sk->sk_err = err;
232
233 if (parent) {
234 bt_accept_unlink(sk);
235 parent->sk_data_ready(parent, 0);
236 } else
237 sk->sk_state_change(sk);
Gustavo F. Padovanc13ffa62010-05-13 20:50:12 -0300[diff] [blame]238
239 skb_queue_purge(TX_QUEUE(sk));
240
241 if (l2cap_pi(sk)->mode == L2CAP_MODE_ERTM) {
242 struct srej_list *l, *tmp;
243
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]244 del_timer(&chan->retrans_timer);
245 del_timer(&chan->monitor_timer);
246 del_timer(&chan->ack_timer);
Gustavo F. Padovanc13ffa62010-05-13 20:50:12 -0300[diff] [blame]247
Gustavo F. Padovanf1c67752011-03-25 20:36:10 -0300[diff] [blame^]248 skb_queue_purge(&chan->srej_q);
249 skb_queue_purge(&chan->busy_q);
Gustavo F. Padovanc13ffa62010-05-13 20:50:12 -0300[diff] [blame]250
251 list_for_each_entry_safe(l, tmp, SREJ_LIST(sk), list) {
252 list_del(&l->list);
253 kfree(l);
254 }
255 }
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]256
257 kfree(chan);
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]258}
259
Johan Hedberg8556edd32011-01-19 12:06:50 +0530[diff] [blame]260static inline u8 l2cap_get_auth_type(struct sock *sk)
261{
262 if (sk->sk_type == SOCK_RAW) {
263 switch (l2cap_pi(sk)->sec_level) {
264 case BT_SECURITY_HIGH:
265 return HCI_AT_DEDICATED_BONDING_MITM;
266 case BT_SECURITY_MEDIUM:
267 return HCI_AT_DEDICATED_BONDING;
268 default:
269 return HCI_AT_NO_BONDING;
270 }
271 } else if (l2cap_pi(sk)->psm == cpu_to_le16(0x0001)) {
272 if (l2cap_pi(sk)->sec_level == BT_SECURITY_LOW)
273 l2cap_pi(sk)->sec_level = BT_SECURITY_SDP;
274
275 if (l2cap_pi(sk)->sec_level == BT_SECURITY_HIGH)
276 return HCI_AT_NO_BONDING_MITM;
277 else
278 return HCI_AT_NO_BONDING;
279 } else {
280 switch (l2cap_pi(sk)->sec_level) {
281 case BT_SECURITY_HIGH:
282 return HCI_AT_GENERAL_BONDING_MITM;
283 case BT_SECURITY_MEDIUM:
284 return HCI_AT_GENERAL_BONDING;
285 default:
286 return HCI_AT_NO_BONDING;
287 }
288 }
289}
290
Marcel Holtmann79d554a2008-07-14 20:13:44 +0200[diff] [blame]291/* Service level security */
Marcel Holtmann2af6b9d2009-01-15 21:58:38 +0100[diff] [blame]292static inline int l2cap_check_security(struct sock *sk)
Marcel Holtmann79d554a2008-07-14 20:13:44 +0200[diff] [blame]293{
294 struct l2cap_conn *conn = l2cap_pi(sk)->conn;
Marcel Holtmann0684e5f2009-02-09 02:48:38 +0100[diff] [blame]295 __u8 auth_type;
Marcel Holtmann79d554a2008-07-14 20:13:44 +0200[diff] [blame]296
Johan Hedberg8556edd32011-01-19 12:06:50 +0530[diff] [blame]297 auth_type = l2cap_get_auth_type(sk);
Marcel Holtmann0684e5f2009-02-09 02:48:38 +0100[diff] [blame]298
299 return hci_conn_security(conn->hcon, l2cap_pi(sk)->sec_level,
300 auth_type);
Marcel Holtmann79d554a2008-07-14 20:13:44 +0200[diff] [blame]301}
302
Gustavo F. Padovan68983252011-02-04 03:02:31 -0200[diff] [blame]303u8 l2cap_get_ident(struct l2cap_conn *conn)
Marcel Holtmann4e8402a2007-10-20 13:37:56 +0200[diff] [blame]304{
305 u8 id;
306
307 /* Get next available identificator.
308 * 1 - 128 are used by kernel.
309 * 129 - 199 are reserved.
310 * 200 - 254 are used by utilities like l2ping, etc.
311 */
312
313 spin_lock_bh(&conn->lock);
314
315 if (++conn->tx_ident > 128)
316 conn->tx_ident = 1;
317
318 id = conn->tx_ident;
319
320 spin_unlock_bh(&conn->lock);
321
322 return id;
323}
324
Gustavo F. Padovan68983252011-02-04 03:02:31 -0200[diff] [blame]325void l2cap_send_cmd(struct l2cap_conn *conn, u8 ident, u8 code, u16 len, void *data)
Marcel Holtmann4e8402a2007-10-20 13:37:56 +0200[diff] [blame]326{
327 struct sk_buff *skb = l2cap_build_cmd(conn, code, ident, len, data);
Andrei Emeltchenkoe7021122011-01-03 11:14:36 +0200[diff] [blame]328 u8 flags;
Marcel Holtmann4e8402a2007-10-20 13:37:56 +0200[diff] [blame]329
330 BT_DBG("code 0x%2.2x", code);
331
332 if (!skb)
Gustavo F. Padovan9a9c6a32010-05-01 16:15:43 -0300[diff] [blame]333 return;
Marcel Holtmann4e8402a2007-10-20 13:37:56 +0200[diff] [blame]334
Andrei Emeltchenkoe7021122011-01-03 11:14:36 +0200[diff] [blame]335 if (lmp_no_flush_capable(conn->hcon->hdev))
336 flags = ACL_START_NO_FLUSH;
337 else
338 flags = ACL_START;
339
340 hci_send_acl(conn->hcon, skb, flags);
Marcel Holtmann4e8402a2007-10-20 13:37:56 +0200[diff] [blame]341}
342
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]343static inline void l2cap_send_sframe(struct l2cap_chan *chan, u16 control)
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]344{
345 struct sk_buff *skb;
346 struct l2cap_hdr *lh;
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]347 struct l2cap_pinfo *pi = l2cap_pi(chan->sk);
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]348 struct l2cap_conn *conn = pi->conn;
Gustavo F. Padovanc13ffa62010-05-13 20:50:12 -0300[diff] [blame]349 struct sock *sk = (struct sock *)pi;
Gustavo F. Padovanfcc203c2009-08-20 22:26:02 -0300[diff] [blame]350 int count, hlen = L2CAP_HDR_SIZE + 2;
Andrei Emeltchenkoe7021122011-01-03 11:14:36 +0200[diff] [blame]351 u8 flags;
Gustavo F. Padovanfcc203c2009-08-20 22:26:02 -0300[diff] [blame]352
Gustavo F. Padovanc13ffa62010-05-13 20:50:12 -0300[diff] [blame]353 if (sk->sk_state != BT_CONNECTED)
354 return;
355
Gustavo F. Padovanfcc203c2009-08-20 22:26:02 -0300[diff] [blame]356 if (pi->fcs == L2CAP_FCS_CRC16)
357 hlen += 2;
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]358
359 BT_DBG("pi %p, control 0x%2.2x", pi, control);
360
Gustavo F. Padovanfcc203c2009-08-20 22:26:02 -0300[diff] [blame]361 count = min_t(unsigned int, conn->mtu, hlen);
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]362 control |= L2CAP_CTRL_FRAME_TYPE;
363
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]364 if (chan->conn_state & L2CAP_CONN_SEND_FBIT) {
Gustavo F. Padovan9e917af2010-05-01 16:15:37 -0300[diff] [blame]365 control |= L2CAP_CTRL_FINAL;
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]366 chan->conn_state &= ~L2CAP_CONN_SEND_FBIT;
Gustavo F. Padovan9e917af2010-05-01 16:15:37 -0300[diff] [blame]367 }
368
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]369 if (chan->conn_state & L2CAP_CONN_SEND_PBIT) {
Gustavo F. Padovanf0946cc2010-05-01 16:15:37 -0300[diff] [blame]370 control |= L2CAP_CTRL_POLL;
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]371 chan->conn_state &= ~L2CAP_CONN_SEND_PBIT;
Gustavo F. Padovanf0946cc2010-05-01 16:15:37 -0300[diff] [blame]372 }
373
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]374 skb = bt_skb_alloc(count, GFP_ATOMIC);
375 if (!skb)
Gustavo F. Padovan9a9c6a32010-05-01 16:15:43 -0300[diff] [blame]376 return;
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]377
378 lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE);
Gustavo F. Padovanfcc203c2009-08-20 22:26:02 -0300[diff] [blame]379 lh->len = cpu_to_le16(hlen - L2CAP_HDR_SIZE);
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]380 lh->cid = cpu_to_le16(pi->dcid);
381 put_unaligned_le16(control, skb_put(skb, 2));
382
Gustavo F. Padovanfcc203c2009-08-20 22:26:02 -0300[diff] [blame]383 if (pi->fcs == L2CAP_FCS_CRC16) {
384 u16 fcs = crc16(0, (u8 *)lh, count - 2);
385 put_unaligned_le16(fcs, skb_put(skb, 2));
386 }
387
Andrei Emeltchenkoe7021122011-01-03 11:14:36 +0200[diff] [blame]388 if (lmp_no_flush_capable(conn->hcon->hdev))
389 flags = ACL_START_NO_FLUSH;
390 else
391 flags = ACL_START;
392
393 hci_send_acl(pi->conn->hcon, skb, flags);
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]394}
395
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]396static inline void l2cap_send_rr_or_rnr(struct l2cap_chan *chan, u16 control)
Gustavo F. Padovan7e743092009-08-26 04:04:03 -0300[diff] [blame]397{
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]398 if (chan->conn_state & L2CAP_CONN_LOCAL_BUSY) {
Gustavo F. Padovan7e743092009-08-26 04:04:03 -0300[diff] [blame]399 control |= L2CAP_SUPER_RCV_NOT_READY;
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]400 chan->conn_state |= L2CAP_CONN_RNR_SENT;
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]401 } else
Gustavo F. Padovan7e743092009-08-26 04:04:03 -0300[diff] [blame]402 control |= L2CAP_SUPER_RCV_READY;
403
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]404 control |= chan->buffer_seq << L2CAP_CTRL_REQSEQ_SHIFT;
Gustavo F. Padovan2ab25cd2009-10-03 02:34:40 -0300[diff] [blame]405
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]406 l2cap_send_sframe(chan, control);
Gustavo F. Padovan7e743092009-08-26 04:04:03 -0300[diff] [blame]407}
408
Andrei Emeltchenkoe501d052010-07-08 12:14:41 +0300[diff] [blame]409static inline int __l2cap_no_conn_pending(struct sock *sk)
410{
411 return !(l2cap_pi(sk)->conf_state & L2CAP_CONF_CONNECT_PEND);
412}
413
Gustavo F. Padovanfc7f8a72011-03-25 13:59:37 -0300[diff] [blame]414static void l2cap_do_start(struct l2cap_chan *chan)
Marcel Holtmann79d554a2008-07-14 20:13:44 +0200[diff] [blame]415{
Gustavo F. Padovanfc7f8a72011-03-25 13:59:37 -0300[diff] [blame]416 struct sock *sk = chan->sk;
Marcel Holtmann79d554a2008-07-14 20:13:44 +0200[diff] [blame]417 struct l2cap_conn *conn = l2cap_pi(sk)->conn;
418
419 if (conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_SENT) {
Marcel Holtmann984947d2009-02-06 23:35:19 +0100[diff] [blame]420 if (!(conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_DONE))
421 return;
422
Andrei Emeltchenkoe501d052010-07-08 12:14:41 +0300[diff] [blame]423 if (l2cap_check_security(sk) && __l2cap_no_conn_pending(sk)) {
Marcel Holtmannb1235d72008-07-14 20:13:54 +0200[diff] [blame]424 struct l2cap_conn_req req;
425 req.scid = cpu_to_le16(l2cap_pi(sk)->scid);
426 req.psm = l2cap_pi(sk)->psm;
Marcel Holtmann79d554a2008-07-14 20:13:44 +0200[diff] [blame]427
Gustavo F. Padovanfc7f8a72011-03-25 13:59:37 -0300[diff] [blame]428 chan->ident = l2cap_get_ident(conn);
Andrei Emeltchenkoe501d052010-07-08 12:14:41 +0300[diff] [blame]429 l2cap_pi(sk)->conf_state |= L2CAP_CONF_CONNECT_PEND;
Marcel Holtmann79d554a2008-07-14 20:13:44 +0200[diff] [blame]430
Gustavo F. Padovanfc7f8a72011-03-25 13:59:37 -0300[diff] [blame]431 l2cap_send_cmd(conn, chan->ident, L2CAP_CONN_REQ,
432 sizeof(req), &req);
Marcel Holtmannb1235d72008-07-14 20:13:54 +0200[diff] [blame]433 }
Marcel Holtmann79d554a2008-07-14 20:13:44 +0200[diff] [blame]434 } else {
435 struct l2cap_info_req req;
436 req.type = cpu_to_le16(L2CAP_IT_FEAT_MASK);
437
438 conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_SENT;
439 conn->info_ident = l2cap_get_ident(conn);
440
441 mod_timer(&conn->info_timer, jiffies +
442 msecs_to_jiffies(L2CAP_INFO_TIMEOUT));
443
444 l2cap_send_cmd(conn, conn->info_ident,
445 L2CAP_INFO_REQ, sizeof(req), &req);
446 }
447}
448
Gustavo F. Padovancf6c2c02010-06-07 20:54:45 -0300[diff] [blame]449static inline int l2cap_mode_supported(__u8 mode, __u32 feat_mask)
450{
451 u32 local_feat_mask = l2cap_feat_mask;
Gustavo F. Padovand1c4a172010-07-18 16:25:54 -0300[diff] [blame]452 if (!disable_ertm)
Gustavo F. Padovancf6c2c02010-06-07 20:54:45 -0300[diff] [blame]453 local_feat_mask |= L2CAP_FEAT_ERTM | L2CAP_FEAT_STREAMING;
454
455 switch (mode) {
456 case L2CAP_MODE_ERTM:
457 return L2CAP_FEAT_ERTM & feat_mask & local_feat_mask;
458 case L2CAP_MODE_STREAMING:
459 return L2CAP_FEAT_STREAMING & feat_mask & local_feat_mask;
460 default:
461 return 0x00;
462 }
463}
464
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]465void l2cap_send_disconn_req(struct l2cap_conn *conn, struct l2cap_chan *chan, int err)
Gustavo F. Padovan22121fc2009-07-23 10:27:23 -0300[diff] [blame]466{
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]467 struct sock *sk;
Gustavo F. Padovan22121fc2009-07-23 10:27:23 -0300[diff] [blame]468 struct l2cap_disconn_req req;
469
Gustavo F. Padovanc13ffa62010-05-13 20:50:12 -0300[diff] [blame]470 if (!conn)
471 return;
472
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]473 sk = chan->sk;
474
Gustavo F. Padovanc13ffa62010-05-13 20:50:12 -0300[diff] [blame]475 skb_queue_purge(TX_QUEUE(sk));
476
477 if (l2cap_pi(sk)->mode == L2CAP_MODE_ERTM) {
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]478 del_timer(&chan->retrans_timer);
479 del_timer(&chan->monitor_timer);
480 del_timer(&chan->ack_timer);
Gustavo F. Padovanc13ffa62010-05-13 20:50:12 -0300[diff] [blame]481 }
482
Gustavo F. Padovan22121fc2009-07-23 10:27:23 -0300[diff] [blame]483 req.dcid = cpu_to_le16(l2cap_pi(sk)->dcid);
484 req.scid = cpu_to_le16(l2cap_pi(sk)->scid);
485 l2cap_send_cmd(conn, l2cap_get_ident(conn),
486 L2CAP_DISCONN_REQ, sizeof(req), &req);
Gustavo F. Padovanc13ffa62010-05-13 20:50:12 -0300[diff] [blame]487
488 sk->sk_state = BT_DISCONN;
Gustavo F. Padovan9b108fc2010-05-20 16:21:53 -0300[diff] [blame]489 sk->sk_err = err;
Gustavo F. Padovan22121fc2009-07-23 10:27:23 -0300[diff] [blame]490}
491
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]492/* ---- L2CAP connections ---- */
Marcel Holtmann4e8402a2007-10-20 13:37:56 +0200[diff] [blame]493static void l2cap_conn_start(struct l2cap_conn *conn)
494{
Gustavo F. Padovan820ffdb2011-04-01 00:35:21 -0300[diff] [blame]495 struct l2cap_chan *chan, *tmp;
Marcel Holtmann4e8402a2007-10-20 13:37:56 +0200[diff] [blame]496
497 BT_DBG("conn %p", conn);
498
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]499 read_lock(&conn->chan_lock);
Marcel Holtmann4e8402a2007-10-20 13:37:56 +0200[diff] [blame]500
Gustavo F. Padovan820ffdb2011-04-01 00:35:21 -0300[diff] [blame]501 list_for_each_entry_safe(chan, tmp, &conn->chan_l, list) {
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]502 struct sock *sk = chan->sk;
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]503
Marcel Holtmann4e8402a2007-10-20 13:37:56 +0200[diff] [blame]504 bh_lock_sock(sk);
505
Gustavo F. Padovanbd3c9e22010-05-01 16:15:42 -0300[diff] [blame]506 if (sk->sk_type != SOCK_SEQPACKET &&
507 sk->sk_type != SOCK_STREAM) {
Marcel Holtmann79d554a2008-07-14 20:13:44 +0200[diff] [blame]508 bh_unlock_sock(sk);
509 continue;
510 }
511
512 if (sk->sk_state == BT_CONNECT) {
Gustavo F. Padovan47731de2010-07-09 16:38:35 -0300[diff] [blame]513 struct l2cap_conn_req req;
Gustavo F. Padovancf6c2c02010-06-07 20:54:45 -0300[diff] [blame]514
Gustavo F. Padovan47731de2010-07-09 16:38:35 -0300[diff] [blame]515 if (!l2cap_check_security(sk) ||
516 !__l2cap_no_conn_pending(sk)) {
517 bh_unlock_sock(sk);
518 continue;
Marcel Holtmannb1235d72008-07-14 20:13:54 +0200[diff] [blame]519 }
Gustavo F. Padovan47731de2010-07-09 16:38:35 -0300[diff] [blame]520
521 if (!l2cap_mode_supported(l2cap_pi(sk)->mode,
522 conn->feat_mask)
523 && l2cap_pi(sk)->conf_state &
524 L2CAP_CONF_STATE2_DEVICE) {
Gustavo F. Padovan820ffdb2011-04-01 00:35:21 -0300[diff] [blame]525 /* __l2cap_sock_close() calls list_del(chan)
526 * so release the lock */
527 read_unlock_bh(&conn->chan_lock);
528 __l2cap_sock_close(sk, ECONNRESET);
529 read_lock_bh(&conn->chan_lock);
Gustavo F. Padovan47731de2010-07-09 16:38:35 -0300[diff] [blame]530 bh_unlock_sock(sk);
531 continue;
532 }
533
534 req.scid = cpu_to_le16(l2cap_pi(sk)->scid);
535 req.psm = l2cap_pi(sk)->psm;
536
Gustavo F. Padovanfc7f8a72011-03-25 13:59:37 -0300[diff] [blame]537 chan->ident = l2cap_get_ident(conn);
Gustavo F. Padovan47731de2010-07-09 16:38:35 -0300[diff] [blame]538 l2cap_pi(sk)->conf_state |= L2CAP_CONF_CONNECT_PEND;
539
Gustavo F. Padovanfc7f8a72011-03-25 13:59:37 -0300[diff] [blame]540 l2cap_send_cmd(conn, chan->ident, L2CAP_CONN_REQ,
541 sizeof(req), &req);
Gustavo F. Padovan47731de2010-07-09 16:38:35 -0300[diff] [blame]542
Marcel Holtmann79d554a2008-07-14 20:13:44 +0200[diff] [blame]543 } else if (sk->sk_state == BT_CONNECT2) {
544 struct l2cap_conn_rsp rsp;
Gustavo F. Padovane9aeb2d2010-07-08 20:08:18 -0300[diff] [blame]545 char buf[128];
Marcel Holtmann79d554a2008-07-14 20:13:44 +0200[diff] [blame]546 rsp.scid = cpu_to_le16(l2cap_pi(sk)->dcid);
547 rsp.dcid = cpu_to_le16(l2cap_pi(sk)->scid);
548
Marcel Holtmann2af6b9d2009-01-15 21:58:38 +0100[diff] [blame]549 if (l2cap_check_security(sk)) {
Marcel Holtmannf66dc812009-01-15 21:57:00 +0100[diff] [blame]550 if (bt_sk(sk)->defer_setup) {
551 struct sock *parent = bt_sk(sk)->parent;
552 rsp.result = cpu_to_le16(L2CAP_CR_PEND);
553 rsp.status = cpu_to_le16(L2CAP_CS_AUTHOR_PEND);
554 parent->sk_data_ready(parent, 0);
555
556 } else {
557 sk->sk_state = BT_CONFIG;
558 rsp.result = cpu_to_le16(L2CAP_CR_SUCCESS);
559 rsp.status = cpu_to_le16(L2CAP_CS_NO_INFO);
560 }
Marcel Holtmann79d554a2008-07-14 20:13:44 +0200[diff] [blame]561 } else {
562 rsp.result = cpu_to_le16(L2CAP_CR_PEND);
563 rsp.status = cpu_to_le16(L2CAP_CS_AUTHEN_PEND);
564 }
565
Gustavo F. Padovanfc7f8a72011-03-25 13:59:37 -0300[diff] [blame]566 l2cap_send_cmd(conn, chan->ident, L2CAP_CONN_RSP,
567 sizeof(rsp), &rsp);
Gustavo F. Padovane9aeb2d2010-07-08 20:08:18 -0300[diff] [blame]568
569 if (l2cap_pi(sk)->conf_state & L2CAP_CONF_REQ_SENT ||
570 rsp.result != L2CAP_CR_SUCCESS) {
571 bh_unlock_sock(sk);
572 continue;
573 }
574
575 l2cap_pi(sk)->conf_state |= L2CAP_CONF_REQ_SENT;
576 l2cap_send_cmd(conn, l2cap_get_ident(conn), L2CAP_CONF_REQ,
Gustavo F. Padovan73ffa902011-03-25 14:16:54 -0300[diff] [blame]577 l2cap_build_conf_req(chan, buf), buf);
578 chan->num_conf_req++;
Marcel Holtmann79d554a2008-07-14 20:13:44 +0200[diff] [blame]579 }
580
581 bh_unlock_sock(sk);
582 }
583
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]584 read_unlock(&conn->chan_lock);
Marcel Holtmann79d554a2008-07-14 20:13:44 +0200[diff] [blame]585}
586
Ville Tervob62f3282011-02-10 22:38:50 -0300[diff] [blame]587/* Find socket with cid and source bdaddr.
588 * Returns closest match, locked.
589 */
590static struct sock *l2cap_get_sock_by_scid(int state, __le16 cid, bdaddr_t *src)
591{
592 struct sock *s, *sk = NULL, *sk1 = NULL;
593 struct hlist_node *node;
594
595 read_lock(&l2cap_sk_list.lock);
596
597 sk_for_each(sk, node, &l2cap_sk_list.head) {
598 if (state && sk->sk_state != state)
599 continue;
600
601 if (l2cap_pi(sk)->scid == cid) {
602 /* Exact match. */
603 if (!bacmp(&bt_sk(sk)->src, src))
604 break;
605
606 /* Closest match */
607 if (!bacmp(&bt_sk(sk)->src, BDADDR_ANY))
608 sk1 = sk;
609 }
610 }
611 s = node ? sk : sk1;
612 if (s)
613 bh_lock_sock(s);
614 read_unlock(&l2cap_sk_list.lock);
615
616 return s;
617}
618
619static void l2cap_le_conn_ready(struct l2cap_conn *conn)
620{
Ville Tervob62f3282011-02-10 22:38:50 -0300[diff] [blame]621 struct sock *parent, *uninitialized_var(sk);
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]622 struct l2cap_chan *chan;
Ville Tervob62f3282011-02-10 22:38:50 -0300[diff] [blame]623
624 BT_DBG("");
625
626 /* Check if we have socket listening on cid */
627 parent = l2cap_get_sock_by_scid(BT_LISTEN, L2CAP_CID_LE_DATA,
628 conn->src);
629 if (!parent)
630 return;
631
632 /* Check for backlog size */
633 if (sk_acceptq_is_full(parent)) {
634 BT_DBG("backlog full %d", parent->sk_ack_backlog);
635 goto clean;
636 }
637
638 sk = l2cap_sock_alloc(sock_net(parent), NULL, BTPROTO_L2CAP, GFP_ATOMIC);
639 if (!sk)
640 goto clean;
641
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]642 chan = l2cap_chan_alloc(sk);
643 if (!chan) {
644 l2cap_sock_kill(sk);
645 goto clean;
646 }
647
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]648 write_lock_bh(&conn->chan_lock);
Ville Tervob62f3282011-02-10 22:38:50 -0300[diff] [blame]649
650 hci_conn_hold(conn->hcon);
651
652 l2cap_sock_init(sk, parent);
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]653
Ville Tervob62f3282011-02-10 22:38:50 -0300[diff] [blame]654 bacpy(&bt_sk(sk)->src, conn->src);
655 bacpy(&bt_sk(sk)->dst, conn->dst);
656
Gustavo F. Padovand1010242011-03-25 00:39:48 -0300[diff] [blame]657 bt_accept_enqueue(parent, sk);
658
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]659 __l2cap_chan_add(conn, chan);
660
661 l2cap_pi(sk)->chan = chan;
Ville Tervob62f3282011-02-10 22:38:50 -0300[diff] [blame]662
663 l2cap_sock_set_timer(sk, sk->sk_sndtimeo);
664
665 sk->sk_state = BT_CONNECTED;
666 parent->sk_data_ready(parent, 0);
667
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]668 write_unlock_bh(&conn->chan_lock);
Ville Tervob62f3282011-02-10 22:38:50 -0300[diff] [blame]669
670clean:
671 bh_unlock_sock(parent);
672}
673
Marcel Holtmann79d554a2008-07-14 20:13:44 +0200[diff] [blame]674static void l2cap_conn_ready(struct l2cap_conn *conn)
675{
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]676 struct l2cap_chan *chan;
Marcel Holtmann79d554a2008-07-14 20:13:44 +0200[diff] [blame]677
678 BT_DBG("conn %p", conn);
679
Ville Tervob62f3282011-02-10 22:38:50 -0300[diff] [blame]680 if (!conn->hcon->out && conn->hcon->type == LE_LINK)
681 l2cap_le_conn_ready(conn);
682
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]683 read_lock(&conn->chan_lock);
Marcel Holtmann79d554a2008-07-14 20:13:44 +0200[diff] [blame]684
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]685 list_for_each_entry(chan, &conn->chan_l, list) {
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]686 struct sock *sk = chan->sk;
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]687
Marcel Holtmann79d554a2008-07-14 20:13:44 +0200[diff] [blame]688 bh_lock_sock(sk);
689
Ville Tervoacd7d372011-02-10 22:38:49 -0300[diff] [blame]690 if (conn->hcon->type == LE_LINK) {
691 l2cap_sock_clear_timer(sk);
692 sk->sk_state = BT_CONNECTED;
693 sk->sk_state_change(sk);
694 }
695
Gustavo F. Padovanbd3c9e22010-05-01 16:15:42 -0300[diff] [blame]696 if (sk->sk_type != SOCK_SEQPACKET &&
697 sk->sk_type != SOCK_STREAM) {
Marcel Holtmann4e8402a2007-10-20 13:37:56 +0200[diff] [blame]698 l2cap_sock_clear_timer(sk);
699 sk->sk_state = BT_CONNECTED;
700 sk->sk_state_change(sk);
Marcel Holtmann79d554a2008-07-14 20:13:44 +0200[diff] [blame]701 } else if (sk->sk_state == BT_CONNECT)
Gustavo F. Padovanfc7f8a72011-03-25 13:59:37 -0300[diff] [blame]702 l2cap_do_start(chan);
Marcel Holtmann4e8402a2007-10-20 13:37:56 +0200[diff] [blame]703
704 bh_unlock_sock(sk);
705 }
706
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]707 read_unlock(&conn->chan_lock);
Marcel Holtmann4e8402a2007-10-20 13:37:56 +0200[diff] [blame]708}
709
Marcel Holtmann4e8402a2007-10-20 13:37:56 +0200[diff] [blame]710/* Notify sockets that we cannot guaranty reliability anymore */
711static void l2cap_conn_unreliable(struct l2cap_conn *conn, int err)
712{
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]713 struct l2cap_chan *chan;
Marcel Holtmann4e8402a2007-10-20 13:37:56 +0200[diff] [blame]714
715 BT_DBG("conn %p", conn);
716
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]717 read_lock(&conn->chan_lock);
Marcel Holtmann4e8402a2007-10-20 13:37:56 +0200[diff] [blame]718
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]719 list_for_each_entry(chan, &conn->chan_l, list) {
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]720 struct sock *sk = chan->sk;
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]721
Marcel Holtmann2af6b9d2009-01-15 21:58:38 +0100[diff] [blame]722 if (l2cap_pi(sk)->force_reliable)
Marcel Holtmann4e8402a2007-10-20 13:37:56 +0200[diff] [blame]723 sk->sk_err = err;
724 }
725
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]726 read_unlock(&conn->chan_lock);
Marcel Holtmann4e8402a2007-10-20 13:37:56 +0200[diff] [blame]727}
728
729static void l2cap_info_timeout(unsigned long arg)
730{
731 struct l2cap_conn *conn = (void *) arg;
732
Marcel Holtmann984947d2009-02-06 23:35:19 +0100[diff] [blame]733 conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_DONE;
Marcel Holtmanne1027a72009-02-09 09:18:02 +0100[diff] [blame]734 conn->info_ident = 0;
Marcel Holtmann984947d2009-02-06 23:35:19 +0100[diff] [blame]735
Marcel Holtmann4e8402a2007-10-20 13:37:56 +0200[diff] [blame]736 l2cap_conn_start(conn);
737}
738
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]739static struct l2cap_conn *l2cap_conn_add(struct hci_conn *hcon, u8 status)
740{
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]741 struct l2cap_conn *conn = hcon->l2cap_data;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]742
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]743 if (conn || status)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]744 return conn;
745
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]746 conn = kzalloc(sizeof(struct l2cap_conn), GFP_ATOMIC);
747 if (!conn)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]748 return NULL;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]749
750 hcon->l2cap_data = conn;
751 conn->hcon = hcon;
752
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]753 BT_DBG("hcon %p conn %p", hcon, conn);
754
Ville Tervoacd7d372011-02-10 22:38:49 -0300[diff] [blame]755 if (hcon->hdev->le_mtu && hcon->type == LE_LINK)
756 conn->mtu = hcon->hdev->le_mtu;
757 else
758 conn->mtu = hcon->hdev->acl_mtu;
759
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]760 conn->src = &hcon->hdev->bdaddr;
761 conn->dst = &hcon->dst;
762
Marcel Holtmann4e8402a2007-10-20 13:37:56 +0200[diff] [blame]763 conn->feat_mask = 0;
764
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]765 spin_lock_init(&conn->lock);
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]766 rwlock_init(&conn->chan_lock);
767
768 INIT_LIST_HEAD(&conn->chan_l);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]769
Ville Tervob62f3282011-02-10 22:38:50 -0300[diff] [blame]770 if (hcon->type != LE_LINK)
771 setup_timer(&conn->info_timer, l2cap_info_timeout,
Dave Young45054dc2009-10-18 20:28:30 +0000[diff] [blame]772 (unsigned long) conn);
773
Marcel Holtmann2950f212009-02-12 14:02:50 +0100[diff] [blame]774 conn->disc_reason = 0x13;
775
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]776 return conn;
777}
778
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]779static void l2cap_conn_del(struct hci_conn *hcon, int err)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]780{
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]781 struct l2cap_conn *conn = hcon->l2cap_data;
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]782 struct l2cap_chan *chan, *l;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]783 struct sock *sk;
784
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]785 if (!conn)
786 return;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]787
788 BT_DBG("hcon %p conn %p, err %d", hcon, conn, err);
789
Wei Yongjun7585b972009-02-25 18:29:52 +0800[diff] [blame]790 kfree_skb(conn->rx_skb);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]791
792 /* Kill channels */
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]793 list_for_each_entry_safe(chan, l, &conn->chan_l, list) {
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]794 sk = chan->sk;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]795 bh_lock_sock(sk);
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]796 l2cap_chan_del(chan, err);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]797 bh_unlock_sock(sk);
798 l2cap_sock_kill(sk);
799 }
800
Dave Young8e8440f2008-03-03 12:18:55 -0800[diff] [blame]801 if (conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_SENT)
802 del_timer_sync(&conn->info_timer);
Thomas Gleixner3ab22732008-02-26 17:42:56 -0800[diff] [blame]803
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]804 hcon->l2cap_data = NULL;
805 kfree(conn);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]806}
807
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]808static inline void l2cap_chan_add(struct l2cap_conn *conn, struct l2cap_chan *chan)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]809{
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]810 write_lock_bh(&conn->chan_lock);
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]811 __l2cap_chan_add(conn, chan);
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]812 write_unlock_bh(&conn->chan_lock);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]813}
814
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]815/* ---- Socket interface ---- */
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]816
817/* Find socket with psm and source bdaddr.
818 * Returns closest match.
819 */
Gustavo F. Padovane0f0cb52010-11-01 18:43:53 +0000[diff] [blame]820static struct sock *l2cap_get_sock_by_psm(int state, __le16 psm, bdaddr_t *src)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]821{
822 struct sock *sk = NULL, *sk1 = NULL;
823 struct hlist_node *node;
824
Gustavo F. Padovane0f0cb52010-11-01 18:43:53 +0000[diff] [blame]825 read_lock(&l2cap_sk_list.lock);
826
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]827 sk_for_each(sk, node, &l2cap_sk_list.head) {
828 if (state && sk->sk_state != state)
829 continue;
830
831 if (l2cap_pi(sk)->psm == psm) {
832 /* Exact match. */
833 if (!bacmp(&bt_sk(sk)->src, src))
834 break;
835
836 /* Closest match */
837 if (!bacmp(&bt_sk(sk)->src, BDADDR_ANY))
838 sk1 = sk;
839 }
840 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]841
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]842 read_unlock(&l2cap_sk_list.lock);
Gustavo F. Padovane0f0cb52010-11-01 18:43:53 +0000[diff] [blame]843
844 return node ? sk : sk1;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]845}
846
Gustavo F. Padovan4e34c502011-02-04 02:56:13 -0200[diff] [blame]847int l2cap_do_connect(struct sock *sk)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]848{
849 bdaddr_t *src = &bt_sk(sk)->src;
850 bdaddr_t *dst = &bt_sk(sk)->dst;
851 struct l2cap_conn *conn;
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]852 struct l2cap_chan *chan;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]853 struct hci_conn *hcon;
854 struct hci_dev *hdev;
Marcel Holtmann09ab6f42008-09-09 07:19:20 +0200[diff] [blame]855 __u8 auth_type;
Marcel Holtmann44d0e482009-04-20 07:09:16 +0200[diff] [blame]856 int err;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]857
Marcel Holtmannf29972d2009-02-12 05:07:45 +0100[diff] [blame]858 BT_DBG("%s -> %s psm 0x%2.2x", batostr(src), batostr(dst),
859 l2cap_pi(sk)->psm);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]860
Gustavo F. Padovanaf05b30b2009-04-20 01:31:08 -0300[diff] [blame]861 hdev = hci_get_route(dst, src);
862 if (!hdev)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]863 return -EHOSTUNREACH;
864
865 hci_dev_lock_bh(hdev);
866
Johan Hedberg8556edd32011-01-19 12:06:50 +0530[diff] [blame]867 auth_type = l2cap_get_auth_type(sk);
Marcel Holtmann09ab6f42008-09-09 07:19:20 +0200[diff] [blame]868
Ville Tervoacd7d372011-02-10 22:38:49 -0300[diff] [blame]869 if (l2cap_pi(sk)->dcid == L2CAP_CID_LE_DATA)
870 hcon = hci_connect(hdev, LE_LINK, dst,
Marcel Holtmann2af6b9d2009-01-15 21:58:38 +0100[diff] [blame]871 l2cap_pi(sk)->sec_level, auth_type);
Ville Tervoacd7d372011-02-10 22:38:49 -0300[diff] [blame]872 else
873 hcon = hci_connect(hdev, ACL_LINK, dst,
874 l2cap_pi(sk)->sec_level, auth_type);
875
Ville Tervo30e76272011-02-22 16:10:53 -0300[diff] [blame]876 if (IS_ERR(hcon)) {
877 err = PTR_ERR(hcon);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]878 goto done;
Ville Tervo30e76272011-02-22 16:10:53 -0300[diff] [blame]879 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]880
881 conn = l2cap_conn_add(hcon, 0);
882 if (!conn) {
883 hci_conn_put(hcon);
Ville Tervo30e76272011-02-22 16:10:53 -0300[diff] [blame]884 err = -ENOMEM;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]885 goto done;
886 }
887
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]888 chan = l2cap_chan_alloc(sk);
889 if (!chan) {
890 hci_conn_put(hcon);
891 err = -ENOMEM;
892 goto done;
893 }
894
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]895 /* Update source addr of the socket */
896 bacpy(src, conn->src);
897
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]898 l2cap_chan_add(conn, chan);
899
900 l2cap_pi(sk)->chan = chan;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]901
902 sk->sk_state = BT_CONNECT;
903 l2cap_sock_set_timer(sk, sk->sk_sndtimeo);
904
905 if (hcon->state == BT_CONNECTED) {
Gustavo F. Padovanbd3c9e22010-05-01 16:15:42 -0300[diff] [blame]906 if (sk->sk_type != SOCK_SEQPACKET &&
907 sk->sk_type != SOCK_STREAM) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]908 l2cap_sock_clear_timer(sk);
Johan Hedbergd00ef242011-01-19 12:06:51 +0530[diff] [blame]909 if (l2cap_check_security(sk))
910 sk->sk_state = BT_CONNECTED;
Marcel Holtmann79d554a2008-07-14 20:13:44 +0200[diff] [blame]911 } else
Gustavo F. Padovanfc7f8a72011-03-25 13:59:37 -0300[diff] [blame]912 l2cap_do_start(chan);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]913 }
914
Ville Tervo30e76272011-02-22 16:10:53 -0300[diff] [blame]915 err = 0;
916
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]917done:
918 hci_dev_unlock_bh(hdev);
919 hci_dev_put(hdev);
920 return err;
921}
922
Gustavo F. Padovandcba0db2011-02-04 03:08:36 -0200[diff] [blame]923int __l2cap_wait_ack(struct sock *sk)
Gustavo F. Padovan6161c032010-05-01 16:15:44 -0300[diff] [blame]924{
925 DECLARE_WAITQUEUE(wait, current);
926 int err = 0;
927 int timeo = HZ/5;
928
Marcel Holtmann2b0b05d2010-05-10 11:33:10 +0200[diff] [blame]929 add_wait_queue(sk_sleep(sk), &wait);
Gustavo F. Padovan6a026612011-04-01 00:38:50 -0300[diff] [blame]930 while ((l2cap_pi(sk)->chan->unacked_frames > 0 && l2cap_pi(sk)->conn)) {
Gustavo F. Padovan6161c032010-05-01 16:15:44 -0300[diff] [blame]931 set_current_state(TASK_INTERRUPTIBLE);
932
933 if (!timeo)
934 timeo = HZ/5;
935
936 if (signal_pending(current)) {
937 err = sock_intr_errno(timeo);
938 break;
939 }
940
941 release_sock(sk);
942 timeo = schedule_timeout(timeo);
943 lock_sock(sk);
944
945 err = sock_error(sk);
946 if (err)
947 break;
948 }
949 set_current_state(TASK_RUNNING);
Marcel Holtmann2b0b05d2010-05-10 11:33:10 +0200[diff] [blame]950 remove_wait_queue(sk_sleep(sk), &wait);
Gustavo F. Padovan6161c032010-05-01 16:15:44 -0300[diff] [blame]951 return err;
952}
953
Gustavo F. Padovane90bac02009-08-20 22:26:00 -0300[diff] [blame]954static void l2cap_monitor_timeout(unsigned long arg)
955{
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]956 struct l2cap_chan *chan = (void *) arg;
957 struct sock *sk = chan->sk;
Gustavo F. Padovane90bac02009-08-20 22:26:00 -0300[diff] [blame]958
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]959 BT_DBG("chan %p", chan);
Gustavo F. Padovan0e989582010-04-19 14:45:38 -0300[diff] [blame]960
Gustavo F. Padovane6862192009-08-24 00:45:19 -0300[diff] [blame]961 bh_lock_sock(sk);
Gustavo F. Padovan2c03a7a2011-03-25 20:15:28 -0300[diff] [blame]962 if (chan->retry_count >= chan->remote_max_tx) {
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]963 l2cap_send_disconn_req(l2cap_pi(sk)->conn, chan, ECONNABORTED);
Andrei Emeltchenkob13f5862009-12-15 11:38:04 +0200[diff] [blame]964 bh_unlock_sock(sk);
Gustavo F. Padovane90bac02009-08-20 22:26:00 -0300[diff] [blame]965 return;
966 }
967
Gustavo F. Padovan6a026612011-04-01 00:38:50 -0300[diff] [blame]968 chan->retry_count++;
Gustavo F. Padovane90bac02009-08-20 22:26:00 -0300[diff] [blame]969 __mod_monitor_timer();
970
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]971 l2cap_send_rr_or_rnr(chan, L2CAP_CTRL_POLL);
Gustavo F. Padovane6862192009-08-24 00:45:19 -0300[diff] [blame]972 bh_unlock_sock(sk);
Gustavo F. Padovane90bac02009-08-20 22:26:00 -0300[diff] [blame]973}
974
975static void l2cap_retrans_timeout(unsigned long arg)
976{
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]977 struct l2cap_chan *chan = (void *) arg;
978 struct sock *sk = chan->sk;
Gustavo F. Padovane90bac02009-08-20 22:26:00 -0300[diff] [blame]979
Gustavo F. Padovan0e989582010-04-19 14:45:38 -0300[diff] [blame]980 BT_DBG("sk %p", sk);
981
Gustavo F. Padovane6862192009-08-24 00:45:19 -0300[diff] [blame]982 bh_lock_sock(sk);
Gustavo F. Padovan6a026612011-04-01 00:38:50 -0300[diff] [blame]983 chan->retry_count = 1;
Gustavo F. Padovane90bac02009-08-20 22:26:00 -0300[diff] [blame]984 __mod_monitor_timer();
985
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]986 chan->conn_state |= L2CAP_CONN_WAIT_F;
Gustavo F. Padovane90bac02009-08-20 22:26:00 -0300[diff] [blame]987
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]988 l2cap_send_rr_or_rnr(chan, L2CAP_CTRL_POLL);
Gustavo F. Padovane6862192009-08-24 00:45:19 -0300[diff] [blame]989 bh_unlock_sock(sk);
Gustavo F. Padovane90bac02009-08-20 22:26:00 -0300[diff] [blame]990}
991
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]992static void l2cap_drop_acked_frames(struct l2cap_chan *chan)
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]993{
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]994 struct sock *sk = chan->sk;
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]995 struct sk_buff *skb;
996
Gustavo F. Padovan812e7372010-05-01 16:15:42 -0300[diff] [blame]997 while ((skb = skb_peek(TX_QUEUE(sk))) &&
Gustavo F. Padovan6a026612011-04-01 00:38:50 -0300[diff] [blame]998 chan->unacked_frames) {
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]999 if (bt_cb(skb)->tx_seq == chan->expected_ack_seq)
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1000 break;
1001
1002 skb = skb_dequeue(TX_QUEUE(sk));
1003 kfree_skb(skb);
1004
Gustavo F. Padovan6a026612011-04-01 00:38:50 -0300[diff] [blame]1005 chan->unacked_frames--;
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1006 }
1007
Gustavo F. Padovan6a026612011-04-01 00:38:50 -0300[diff] [blame]1008 if (!chan->unacked_frames)
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]1009 del_timer(&chan->retrans_timer);
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1010}
1011
Gustavo F. Padovanfd83ccd2011-02-04 03:20:52 -0200[diff] [blame]1012void l2cap_do_send(struct sock *sk, struct sk_buff *skb)
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1013{
1014 struct l2cap_pinfo *pi = l2cap_pi(sk);
Andrei Emeltchenkoe7021122011-01-03 11:14:36 +0200[diff] [blame]1015 struct hci_conn *hcon = pi->conn->hcon;
1016 u16 flags;
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1017
1018 BT_DBG("sk %p, skb %p len %d", sk, skb, skb->len);
1019
Andrei Emeltchenkoe7021122011-01-03 11:14:36 +0200[diff] [blame]1020 if (!pi->flushable && lmp_no_flush_capable(hcon->hdev))
1021 flags = ACL_START_NO_FLUSH;
1022 else
1023 flags = ACL_START;
1024
1025 hci_send_acl(hcon, skb, flags);
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1026}
1027
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]1028void l2cap_streaming_send(struct l2cap_chan *chan)
Gustavo F. Padovan6840ed02009-08-20 22:26:01 -0300[diff] [blame]1029{
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]1030 struct sock *sk = chan->sk;
Gustavo F. Padovanccbb84a2010-08-30 18:44:44 -0300[diff] [blame]1031 struct sk_buff *skb;
Gustavo F. Padovan6840ed02009-08-20 22:26:01 -0300[diff] [blame]1032 struct l2cap_pinfo *pi = l2cap_pi(sk);
Gustavo F. Padovanfcc203c2009-08-20 22:26:02 -0300[diff] [blame]1033 u16 control, fcs;
Gustavo F. Padovan6840ed02009-08-20 22:26:01 -0300[diff] [blame]1034
Gustavo F. Padovanccbb84a2010-08-30 18:44:44 -0300[diff] [blame]1035 while ((skb = skb_dequeue(TX_QUEUE(sk)))) {
1036 control = get_unaligned_le16(skb->data + L2CAP_HDR_SIZE);
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]1037 control |= chan->next_tx_seq << L2CAP_CTRL_TXSEQ_SHIFT;
Gustavo F. Padovanccbb84a2010-08-30 18:44:44 -0300[diff] [blame]1038 put_unaligned_le16(control, skb->data + L2CAP_HDR_SIZE);
Gustavo F. Padovan6840ed02009-08-20 22:26:01 -0300[diff] [blame]1039
Gustavo F. Padovane8235c62010-05-01 16:15:36 -0300[diff] [blame]1040 if (pi->fcs == L2CAP_FCS_CRC16) {
Gustavo F. Padovanccbb84a2010-08-30 18:44:44 -0300[diff] [blame]1041 fcs = crc16(0, (u8 *)skb->data, skb->len - 2);
1042 put_unaligned_le16(fcs, skb->data + skb->len - 2);
Gustavo F. Padovanfcc203c2009-08-20 22:26:02 -0300[diff] [blame]1043 }
1044
Gustavo F. Padovanccbb84a2010-08-30 18:44:44 -0300[diff] [blame]1045 l2cap_do_send(sk, skb);
Gustavo F. Padovan6840ed02009-08-20 22:26:01 -0300[diff] [blame]1046
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]1047 chan->next_tx_seq = (chan->next_tx_seq + 1) % 64;
Gustavo F. Padovan6840ed02009-08-20 22:26:01 -0300[diff] [blame]1048 }
Gustavo F. Padovan6840ed02009-08-20 22:26:01 -0300[diff] [blame]1049}
1050
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]1051static void l2cap_retransmit_one_frame(struct l2cap_chan *chan, u8 tx_seq)
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]1052{
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]1053 struct sock *sk = chan->sk;
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]1054 struct l2cap_pinfo *pi = l2cap_pi(sk);
1055 struct sk_buff *skb, *tx_skb;
1056 u16 control, fcs;
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]1057
1058 skb = skb_peek(TX_QUEUE(sk));
Gustavo F. Padovanf11d6762010-05-01 16:15:44 -0300[diff] [blame]1059 if (!skb)
1060 return;
1061
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]1062 do {
Gustavo F. Padovanf11d6762010-05-01 16:15:44 -0300[diff] [blame]1063 if (bt_cb(skb)->tx_seq == tx_seq)
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]1064 break;
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]1065
Gustavo F. Padovanf11d6762010-05-01 16:15:44 -0300[diff] [blame]1066 if (skb_queue_is_last(TX_QUEUE(sk), skb))
1067 return;
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]1068
Gustavo F. Padovanf11d6762010-05-01 16:15:44 -0300[diff] [blame]1069 } while ((skb = skb_queue_next(TX_QUEUE(sk), skb)));
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]1070
Gustavo F. Padovan2c03a7a2011-03-25 20:15:28 -0300[diff] [blame]1071 if (chan->remote_max_tx &&
1072 bt_cb(skb)->retries == chan->remote_max_tx) {
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]1073 l2cap_send_disconn_req(pi->conn, chan, ECONNABORTED);
Gustavo F. Padovanf11d6762010-05-01 16:15:44 -0300[diff] [blame]1074 return;
1075 }
1076
1077 tx_skb = skb_clone(skb, GFP_ATOMIC);
1078 bt_cb(skb)->retries++;
1079 control = get_unaligned_le16(tx_skb->data + L2CAP_HDR_SIZE);
Gustavo F. Padovan3cb123d2010-05-29 02:24:35 -0300[diff] [blame]1080
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]1081 if (chan->conn_state & L2CAP_CONN_SEND_FBIT) {
Gustavo F. Padovan3cb123d2010-05-29 02:24:35 -0300[diff] [blame]1082 control |= L2CAP_CTRL_FINAL;
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]1083 chan->conn_state &= ~L2CAP_CONN_SEND_FBIT;
Gustavo F. Padovan3cb123d2010-05-29 02:24:35 -0300[diff] [blame]1084 }
Gustavo F. Padovan95ffa972010-06-18 20:37:33 -0300[diff] [blame]1085
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]1086 control |= (chan->buffer_seq << L2CAP_CTRL_REQSEQ_SHIFT)
Gustavo F. Padovanf11d6762010-05-01 16:15:44 -0300[diff] [blame]1087 | (tx_seq << L2CAP_CTRL_TXSEQ_SHIFT);
Gustavo F. Padovan3cb123d2010-05-29 02:24:35 -0300[diff] [blame]1088
Gustavo F. Padovanf11d6762010-05-01 16:15:44 -0300[diff] [blame]1089 put_unaligned_le16(control, tx_skb->data + L2CAP_HDR_SIZE);
1090
1091 if (pi->fcs == L2CAP_FCS_CRC16) {
1092 fcs = crc16(0, (u8 *)tx_skb->data, tx_skb->len - 2);
1093 put_unaligned_le16(fcs, tx_skb->data + tx_skb->len - 2);
1094 }
1095
1096 l2cap_do_send(sk, tx_skb);
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]1097}
1098
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]1099int l2cap_ertm_send(struct l2cap_chan *chan)
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1100{
1101 struct sk_buff *skb, *tx_skb;
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]1102 struct sock *sk = chan->sk;
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1103 struct l2cap_pinfo *pi = l2cap_pi(sk);
Gustavo F. Padovanfcc203c2009-08-20 22:26:02 -0300[diff] [blame]1104 u16 control, fcs;
Gustavo F. Padovan9a9c6a32010-05-01 16:15:43 -0300[diff] [blame]1105 int nsent = 0;
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1106
Gustavo F. Padovanc13ffa62010-05-13 20:50:12 -0300[diff] [blame]1107 if (sk->sk_state != BT_CONNECTED)
1108 return -ENOTCONN;
Gustavo F. Padovane90bac02009-08-20 22:26:00 -0300[diff] [blame]1109
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]1110 while ((skb = sk->sk_send_head) && (!l2cap_tx_window_full(chan))) {
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1111
Gustavo F. Padovan2c03a7a2011-03-25 20:15:28 -0300[diff] [blame]1112 if (chan->remote_max_tx &&
1113 bt_cb(skb)->retries == chan->remote_max_tx) {
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]1114 l2cap_send_disconn_req(pi->conn, chan, ECONNABORTED);
Gustavo F. Padovane90bac02009-08-20 22:26:00 -0300[diff] [blame]1115 break;
1116 }
1117
Andrei Emeltchenkoe420aba2009-12-23 13:07:14 +0200[diff] [blame]1118 tx_skb = skb_clone(skb, GFP_ATOMIC);
1119
Gustavo F. Padovane90bac02009-08-20 22:26:00 -0300[diff] [blame]1120 bt_cb(skb)->retries++;
1121
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1122 control = get_unaligned_le16(tx_skb->data + L2CAP_HDR_SIZE);
Gustavo F. Padovan95ffa972010-06-18 20:37:33 -0300[diff] [blame]1123 control &= L2CAP_CTRL_SAR;
1124
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]1125 if (chan->conn_state & L2CAP_CONN_SEND_FBIT) {
Gustavo F. Padovand5392c82010-05-01 16:15:36 -0300[diff] [blame]1126 control |= L2CAP_CTRL_FINAL;
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]1127 chan->conn_state &= ~L2CAP_CONN_SEND_FBIT;
Gustavo F. Padovand5392c82010-05-01 16:15:36 -0300[diff] [blame]1128 }
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]1129 control |= (chan->buffer_seq << L2CAP_CTRL_REQSEQ_SHIFT)
1130 | (chan->next_tx_seq << L2CAP_CTRL_TXSEQ_SHIFT);
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1131 put_unaligned_le16(control, tx_skb->data + L2CAP_HDR_SIZE);
1132
Gustavo F. Padovane90bac02009-08-20 22:26:00 -0300[diff] [blame]1133
Gustavo F. Padovane8235c62010-05-01 16:15:36 -0300[diff] [blame]1134 if (pi->fcs == L2CAP_FCS_CRC16) {
Gustavo F. Padovanfcc203c2009-08-20 22:26:02 -0300[diff] [blame]1135 fcs = crc16(0, (u8 *)skb->data, tx_skb->len - 2);
1136 put_unaligned_le16(fcs, skb->data + tx_skb->len - 2);
1137 }
1138
Gustavo F. Padovan9a9c6a32010-05-01 16:15:43 -0300[diff] [blame]1139 l2cap_do_send(sk, tx_skb);
1140
Gustavo F. Padovane90bac02009-08-20 22:26:00 -0300[diff] [blame]1141 __mod_retrans_timer();
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1142
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]1143 bt_cb(skb)->tx_seq = chan->next_tx_seq;
1144 chan->next_tx_seq = (chan->next_tx_seq + 1) % 64;
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1145
Suraj Sumangala23e9fde2011-03-09 14:44:05 +0530[diff] [blame]1146 if (bt_cb(skb)->retries == 1)
Gustavo F. Padovan6a026612011-04-01 00:38:50 -0300[diff] [blame]1147 chan->unacked_frames++;
Suraj Sumangala23e9fde2011-03-09 14:44:05 +0530[diff] [blame]1148
Gustavo F. Padovan6a026612011-04-01 00:38:50 -0300[diff] [blame]1149 chan->frames_sent++;
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1150
1151 if (skb_queue_is_last(TX_QUEUE(sk), skb))
1152 sk->sk_send_head = NULL;
1153 else
1154 sk->sk_send_head = skb_queue_next(TX_QUEUE(sk), skb);
Gustavo F. Padovan9e917af2010-05-01 16:15:37 -0300[diff] [blame]1155
1156 nsent++;
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1157 }
1158
Gustavo F. Padovan9e917af2010-05-01 16:15:37 -0300[diff] [blame]1159 return nsent;
1160}
1161
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]1162static int l2cap_retransmit_frames(struct l2cap_chan *chan)
Gustavo F. Padovandfc909b2010-05-01 16:15:45 -0300[diff] [blame]1163{
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]1164 struct sock *sk = chan->sk;
Gustavo F. Padovandfc909b2010-05-01 16:15:45 -0300[diff] [blame]1165 int ret;
1166
Gustavo F. Padovandfc909b2010-05-01 16:15:45 -0300[diff] [blame]1167 if (!skb_queue_empty(TX_QUEUE(sk)))
1168 sk->sk_send_head = TX_QUEUE(sk)->next;
1169
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]1170 chan->next_tx_seq = chan->expected_ack_seq;
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]1171 ret = l2cap_ertm_send(chan);
Gustavo F. Padovandfc909b2010-05-01 16:15:45 -0300[diff] [blame]1172 return ret;
1173}
1174
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]1175static void l2cap_send_ack(struct l2cap_chan *chan)
Gustavo F. Padovan9e917af2010-05-01 16:15:37 -0300[diff] [blame]1176{
Gustavo F. Padovan9e917af2010-05-01 16:15:37 -0300[diff] [blame]1177 u16 control = 0;
1178
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]1179 control |= chan->buffer_seq << L2CAP_CTRL_REQSEQ_SHIFT;
Gustavo F. Padovan9e917af2010-05-01 16:15:37 -0300[diff] [blame]1180
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]1181 if (chan->conn_state & L2CAP_CONN_LOCAL_BUSY) {
Gustavo F. Padovan9e917af2010-05-01 16:15:37 -0300[diff] [blame]1182 control |= L2CAP_SUPER_RCV_NOT_READY;
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]1183 chan->conn_state |= L2CAP_CONN_RNR_SENT;
1184 l2cap_send_sframe(chan, control);
Gustavo F. Padovan9a9c6a32010-05-01 16:15:43 -0300[diff] [blame]1185 return;
Gustavo F. Padovan9e917af2010-05-01 16:15:37 -0300[diff] [blame]1186 }
Gustavo F. Padovandfc909b2010-05-01 16:15:45 -0300[diff] [blame]1187
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]1188 if (l2cap_ertm_send(chan) > 0)
Gustavo F. Padovandfc909b2010-05-01 16:15:45 -0300[diff] [blame]1189 return;
1190
1191 control |= L2CAP_SUPER_RCV_READY;
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]1192 l2cap_send_sframe(chan, control);
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1193}
1194
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]1195static void l2cap_send_srejtail(struct l2cap_chan *chan)
Gustavo F. Padovan99b0d4b2010-05-01 16:15:38 -0300[diff] [blame]1196{
1197 struct srej_list *tail;
1198 u16 control;
1199
1200 control = L2CAP_SUPER_SELECT_REJECT;
1201 control |= L2CAP_CTRL_FINAL;
1202
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]1203 tail = list_entry(SREJ_LIST(chan->sk)->prev, struct srej_list, list);
Gustavo F. Padovan99b0d4b2010-05-01 16:15:38 -0300[diff] [blame]1204 control |= tail->tx_seq << L2CAP_CTRL_REQSEQ_SHIFT;
1205
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]1206 l2cap_send_sframe(chan, control);
Gustavo F. Padovan99b0d4b2010-05-01 16:15:38 -0300[diff] [blame]1207}
1208
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1209static inline int l2cap_skbuff_fromiovec(struct sock *sk, struct msghdr *msg, int len, int count, struct sk_buff *skb)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1210{
1211 struct l2cap_conn *conn = l2cap_pi(sk)->conn;
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1212 struct sk_buff **frag;
1213 int err, sent = 0;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1214
Gustavo F. Padovan59203a22010-05-01 16:15:43 -0300[diff] [blame]1215 if (memcpy_fromiovec(skb_put(skb, count), msg->msg_iov, count))
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1216 return -EFAULT;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1217
1218 sent += count;
1219 len -= count;
1220
1221 /* Continuation fragments (no L2CAP header) */
1222 frag = &skb_shinfo(skb)->frag_list;
1223 while (len) {
1224 count = min_t(unsigned int, conn->mtu, len);
1225
1226 *frag = bt_skb_send_alloc(sk, count, msg->msg_flags & MSG_DONTWAIT, &err);
1227 if (!*frag)
Gustavo F. Padovan0175d622010-09-24 20:30:57 -0300[diff] [blame]1228 return err;
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1229 if (memcpy_fromiovec(skb_put(*frag, count), msg->msg_iov, count))
1230 return -EFAULT;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1231
1232 sent += count;
1233 len -= count;
1234
1235 frag = &(*frag)->next;
1236 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1237
1238 return sent;
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1239}
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1240
Gustavo F. Padovanfd83ccd2011-02-04 03:20:52 -0200[diff] [blame]1241struct sk_buff *l2cap_create_connless_pdu(struct sock *sk, struct msghdr *msg, size_t len)
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1242{
1243 struct l2cap_conn *conn = l2cap_pi(sk)->conn;
1244 struct sk_buff *skb;
1245 int err, count, hlen = L2CAP_HDR_SIZE + 2;
1246 struct l2cap_hdr *lh;
1247
1248 BT_DBG("sk %p len %d", sk, (int)len);
1249
1250 count = min_t(unsigned int, (conn->mtu - hlen), len);
1251 skb = bt_skb_send_alloc(sk, count + hlen,
1252 msg->msg_flags & MSG_DONTWAIT, &err);
1253 if (!skb)
Gustavo F. Padovan0175d622010-09-24 20:30:57 -0300[diff] [blame]1254 return ERR_PTR(err);
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1255
1256 /* Create L2CAP header */
1257 lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE);
1258 lh->cid = cpu_to_le16(l2cap_pi(sk)->dcid);
1259 lh->len = cpu_to_le16(len + (hlen - L2CAP_HDR_SIZE));
1260 put_unaligned_le16(l2cap_pi(sk)->psm, skb_put(skb, 2));
1261
1262 err = l2cap_skbuff_fromiovec(sk, msg, len, count, skb);
1263 if (unlikely(err < 0)) {
1264 kfree_skb(skb);
1265 return ERR_PTR(err);
1266 }
1267 return skb;
1268}
1269
Gustavo F. Padovanfd83ccd2011-02-04 03:20:52 -0200[diff] [blame]1270struct sk_buff *l2cap_create_basic_pdu(struct sock *sk, struct msghdr *msg, size_t len)
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1271{
1272 struct l2cap_conn *conn = l2cap_pi(sk)->conn;
1273 struct sk_buff *skb;
1274 int err, count, hlen = L2CAP_HDR_SIZE;
1275 struct l2cap_hdr *lh;
1276
1277 BT_DBG("sk %p len %d", sk, (int)len);
1278
1279 count = min_t(unsigned int, (conn->mtu - hlen), len);
1280 skb = bt_skb_send_alloc(sk, count + hlen,
1281 msg->msg_flags & MSG_DONTWAIT, &err);
1282 if (!skb)
Gustavo F. Padovan0175d622010-09-24 20:30:57 -0300[diff] [blame]1283 return ERR_PTR(err);
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1284
1285 /* Create L2CAP header */
1286 lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE);
1287 lh->cid = cpu_to_le16(l2cap_pi(sk)->dcid);
1288 lh->len = cpu_to_le16(len + (hlen - L2CAP_HDR_SIZE));
1289
1290 err = l2cap_skbuff_fromiovec(sk, msg, len, count, skb);
1291 if (unlikely(err < 0)) {
1292 kfree_skb(skb);
1293 return ERR_PTR(err);
1294 }
1295 return skb;
1296}
1297
Gustavo F. Padovanfd83ccd2011-02-04 03:20:52 -0200[diff] [blame]1298struct sk_buff *l2cap_create_iframe_pdu(struct sock *sk, struct msghdr *msg, size_t len, u16 control, u16 sdulen)
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1299{
1300 struct l2cap_conn *conn = l2cap_pi(sk)->conn;
1301 struct sk_buff *skb;
1302 int err, count, hlen = L2CAP_HDR_SIZE + 2;
1303 struct l2cap_hdr *lh;
1304
1305 BT_DBG("sk %p len %d", sk, (int)len);
1306
Gustavo F. Padovan0ee0d202010-05-01 16:15:41 -0300[diff] [blame]1307 if (!conn)
1308 return ERR_PTR(-ENOTCONN);
1309
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]1310 if (sdulen)
1311 hlen += 2;
1312
Gustavo F. Padovanfcc203c2009-08-20 22:26:02 -0300[diff] [blame]1313 if (l2cap_pi(sk)->fcs == L2CAP_FCS_CRC16)
1314 hlen += 2;
1315
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1316 count = min_t(unsigned int, (conn->mtu - hlen), len);
1317 skb = bt_skb_send_alloc(sk, count + hlen,
1318 msg->msg_flags & MSG_DONTWAIT, &err);
1319 if (!skb)
Gustavo F. Padovan0175d622010-09-24 20:30:57 -0300[diff] [blame]1320 return ERR_PTR(err);
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1321
1322 /* Create L2CAP header */
1323 lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE);
1324 lh->cid = cpu_to_le16(l2cap_pi(sk)->dcid);
1325 lh->len = cpu_to_le16(len + (hlen - L2CAP_HDR_SIZE));
1326 put_unaligned_le16(control, skb_put(skb, 2));
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]1327 if (sdulen)
1328 put_unaligned_le16(sdulen, skb_put(skb, 2));
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1329
1330 err = l2cap_skbuff_fromiovec(sk, msg, len, count, skb);
1331 if (unlikely(err < 0)) {
1332 kfree_skb(skb);
1333 return ERR_PTR(err);
1334 }
Gustavo F. Padovane90bac02009-08-20 22:26:00 -0300[diff] [blame]1335
Gustavo F. Padovanfcc203c2009-08-20 22:26:02 -0300[diff] [blame]1336 if (l2cap_pi(sk)->fcs == L2CAP_FCS_CRC16)
1337 put_unaligned_le16(0, skb_put(skb, 2));
1338
Gustavo F. Padovane90bac02009-08-20 22:26:00 -0300[diff] [blame]1339 bt_cb(skb)->retries = 0;
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]1340 return skb;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1341}
1342
Gustavo F. Padovan2c03a7a2011-03-25 20:15:28 -0300[diff] [blame]1343int l2cap_sar_segment_sdu(struct l2cap_chan *chan, struct msghdr *msg, size_t len)
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]1344{
Gustavo F. Padovan2c03a7a2011-03-25 20:15:28 -0300[diff] [blame]1345 struct sock *sk = chan->sk;
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]1346 struct sk_buff *skb;
1347 struct sk_buff_head sar_queue;
1348 u16 control;
1349 size_t size = 0;
1350
Gustavo F. Padovanff12fd62010-05-05 22:09:15 -0300[diff] [blame]1351 skb_queue_head_init(&sar_queue);
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]1352 control = L2CAP_SDU_START;
Gustavo F. Padovan2c03a7a2011-03-25 20:15:28 -0300[diff] [blame]1353 skb = l2cap_create_iframe_pdu(sk, msg, chan->remote_mps, control, len);
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]1354 if (IS_ERR(skb))
1355 return PTR_ERR(skb);
1356
1357 __skb_queue_tail(&sar_queue, skb);
Gustavo F. Padovan2c03a7a2011-03-25 20:15:28 -0300[diff] [blame]1358 len -= chan->remote_mps;
1359 size += chan->remote_mps;
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]1360
1361 while (len > 0) {
1362 size_t buflen;
1363
Gustavo F. Padovan2c03a7a2011-03-25 20:15:28 -0300[diff] [blame]1364 if (len > chan->remote_mps) {
Gustavo F. Padovan44651b82010-05-01 16:15:43 -0300[diff] [blame]1365 control = L2CAP_SDU_CONTINUE;
Gustavo F. Padovan2c03a7a2011-03-25 20:15:28 -0300[diff] [blame]1366 buflen = chan->remote_mps;
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]1367 } else {
Gustavo F. Padovan44651b82010-05-01 16:15:43 -0300[diff] [blame]1368 control = L2CAP_SDU_END;
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]1369 buflen = len;
1370 }
1371
Gustavo F. Padovan6840ed02009-08-20 22:26:01 -0300[diff] [blame]1372 skb = l2cap_create_iframe_pdu(sk, msg, buflen, control, 0);
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]1373 if (IS_ERR(skb)) {
1374 skb_queue_purge(&sar_queue);
1375 return PTR_ERR(skb);
1376 }
1377
1378 __skb_queue_tail(&sar_queue, skb);
1379 len -= buflen;
1380 size += buflen;
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]1381 }
1382 skb_queue_splice_tail(&sar_queue, TX_QUEUE(sk));
1383 if (sk->sk_send_head == NULL)
1384 sk->sk_send_head = sar_queue.next;
1385
1386 return size;
1387}
1388
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1389static void l2cap_chan_ready(struct sock *sk)
1390{
1391 struct sock *parent = bt_sk(sk)->parent;
1392
1393 BT_DBG("sk %p, parent %p", sk, parent);
1394
1395 l2cap_pi(sk)->conf_state = 0;
1396 l2cap_sock_clear_timer(sk);
1397
1398 if (!parent) {
1399 /* Outgoing channel.
1400 * Wake up socket sleeping on connect.
1401 */
1402 sk->sk_state = BT_CONNECTED;
1403 sk->sk_state_change(sk);
1404 } else {
1405 /* Incoming channel.
1406 * Wake up socket sleeping on accept.
1407 */
1408 parent->sk_data_ready(parent, 0);
1409 }
1410}
1411
1412/* Copy frame to all raw sockets on that connection */
1413static void l2cap_raw_recv(struct l2cap_conn *conn, struct sk_buff *skb)
1414{
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1415 struct sk_buff *nskb;
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]1416 struct l2cap_chan *chan;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1417
1418 BT_DBG("conn %p", conn);
1419
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]1420 read_lock(&conn->chan_lock);
1421 list_for_each_entry(chan, &conn->chan_l, list) {
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]1422 struct sock *sk = chan->sk;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1423 if (sk->sk_type != SOCK_RAW)
1424 continue;
1425
1426 /* Don't send frame to the socket it came from */
1427 if (skb->sk == sk)
1428 continue;
Gustavo F. Padovanaf05b30b2009-04-20 01:31:08 -0300[diff] [blame]1429 nskb = skb_clone(skb, GFP_ATOMIC);
1430 if (!nskb)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1431 continue;
1432
1433 if (sock_queue_rcv_skb(sk, nskb))
1434 kfree_skb(nskb);
1435 }
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]1436 read_unlock(&conn->chan_lock);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1437}
1438
1439/* ---- L2CAP signalling commands ---- */
1440static struct sk_buff *l2cap_build_cmd(struct l2cap_conn *conn,
1441 u8 code, u8 ident, u16 dlen, void *data)
1442{
1443 struct sk_buff *skb, **frag;
1444 struct l2cap_cmd_hdr *cmd;
1445 struct l2cap_hdr *lh;
1446 int len, count;
1447
Gustavo F. Padovanaf05b30b2009-04-20 01:31:08 -0300[diff] [blame]1448 BT_DBG("conn %p, code 0x%2.2x, ident 0x%2.2x, len %d",
1449 conn, code, ident, dlen);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1450
1451 len = L2CAP_HDR_SIZE + L2CAP_CMD_HDR_SIZE + dlen;
1452 count = min_t(unsigned int, conn->mtu, len);
1453
1454 skb = bt_skb_alloc(count, GFP_ATOMIC);
1455 if (!skb)
1456 return NULL;
1457
1458 lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE);
YOSHIFUJI Hideakiaca31922007-03-25 20:12:50 -0700[diff] [blame]1459 lh->len = cpu_to_le16(L2CAP_CMD_HDR_SIZE + dlen);
Claudio Takahasi3300d9a2011-02-11 19:28:54 -0200[diff] [blame]1460
1461 if (conn->hcon->type == LE_LINK)
1462 lh->cid = cpu_to_le16(L2CAP_CID_LE_SIGNALING);
1463 else
1464 lh->cid = cpu_to_le16(L2CAP_CID_SIGNALING);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1465
1466 cmd = (struct l2cap_cmd_hdr *) skb_put(skb, L2CAP_CMD_HDR_SIZE);
1467 cmd->code = code;
1468 cmd->ident = ident;
YOSHIFUJI Hideakiaca31922007-03-25 20:12:50 -0700[diff] [blame]1469 cmd->len = cpu_to_le16(dlen);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1470
1471 if (dlen) {
1472 count -= L2CAP_HDR_SIZE + L2CAP_CMD_HDR_SIZE;
1473 memcpy(skb_put(skb, count), data, count);
1474 data += count;
1475 }
1476
1477 len -= skb->len;
1478
1479 /* Continuation fragments (no L2CAP header) */
1480 frag = &skb_shinfo(skb)->frag_list;
1481 while (len) {
1482 count = min_t(unsigned int, conn->mtu, len);
1483
1484 *frag = bt_skb_alloc(count, GFP_ATOMIC);
1485 if (!*frag)
1486 goto fail;
1487
1488 memcpy(skb_put(*frag, count), data, count);
1489
1490 len -= count;
1491 data += count;
1492
1493 frag = &(*frag)->next;
1494 }
1495
1496 return skb;
1497
1498fail:
1499 kfree_skb(skb);
1500 return NULL;
1501}
1502
1503static inline int l2cap_get_conf_opt(void **ptr, int *type, int *olen, unsigned long *val)
1504{
1505 struct l2cap_conf_opt *opt = *ptr;
1506 int len;
1507
1508 len = L2CAP_CONF_OPT_SIZE + opt->len;
1509 *ptr += len;
1510
1511 *type = opt->type;
1512 *olen = opt->len;
1513
1514 switch (opt->len) {
1515 case 1:
1516 *val = *((u8 *) opt->val);
1517 break;
1518
1519 case 2:
steven miaobfaaeb32010-10-16 18:29:47 -0400[diff] [blame]1520 *val = get_unaligned_le16(opt->val);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1521 break;
1522
1523 case 4:
steven miaobfaaeb32010-10-16 18:29:47 -0400[diff] [blame]1524 *val = get_unaligned_le32(opt->val);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1525 break;
1526
1527 default:
1528 *val = (unsigned long) opt->val;
1529 break;
1530 }
1531
1532 BT_DBG("type 0x%2.2x len %d val 0x%lx", *type, opt->len, *val);
1533 return len;
1534}
1535
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1536static void l2cap_add_conf_opt(void **ptr, u8 type, u8 len, unsigned long val)
1537{
1538 struct l2cap_conf_opt *opt = *ptr;
1539
1540 BT_DBG("type 0x%2.2x len %d val 0x%lx", type, len, val);
1541
1542 opt->type = type;
1543 opt->len = len;
1544
1545 switch (len) {
1546 case 1:
1547 *((u8 *) opt->val) = val;
1548 break;
1549
1550 case 2:
Gustavo F. Padovan4f8b6912010-10-18 14:25:53 -0200[diff] [blame]1551 put_unaligned_le16(val, opt->val);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1552 break;
1553
1554 case 4:
Gustavo F. Padovan4f8b6912010-10-18 14:25:53 -0200[diff] [blame]1555 put_unaligned_le32(val, opt->val);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1556 break;
1557
1558 default:
1559 memcpy(opt->val, (void *) val, len);
1560 break;
1561 }
1562
1563 *ptr += L2CAP_CONF_OPT_SIZE + len;
1564}
1565
Gustavo F. Padovanc1b4f432010-05-01 16:15:39 -0300[diff] [blame]1566static void l2cap_ack_timeout(unsigned long arg)
1567{
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]1568 struct l2cap_chan *chan = (void *) arg;
Gustavo F. Padovanc1b4f432010-05-01 16:15:39 -0300[diff] [blame]1569
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]1570 bh_lock_sock(chan->sk);
1571 l2cap_send_ack(chan);
1572 bh_unlock_sock(chan->sk);
Gustavo F. Padovanc1b4f432010-05-01 16:15:39 -0300[diff] [blame]1573}
1574
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]1575static inline void l2cap_ertm_init(struct l2cap_chan *chan)
Gustavo F. Padovan0565c1c2009-10-03 02:34:36 -0300[diff] [blame]1576{
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]1577 struct sock *sk = chan->sk;
1578
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]1579 chan->expected_ack_seq = 0;
Gustavo F. Padovan6a026612011-04-01 00:38:50 -0300[diff] [blame]1580 chan->unacked_frames = 0;
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]1581 chan->buffer_seq = 0;
Gustavo F. Padovan6a026612011-04-01 00:38:50 -0300[diff] [blame]1582 chan->num_acked = 0;
1583 chan->frames_sent = 0;
Gustavo F. Padovan0565c1c2009-10-03 02:34:36 -0300[diff] [blame]1584
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]1585 setup_timer(&chan->retrans_timer, l2cap_retrans_timeout,
1586 (unsigned long) chan);
1587 setup_timer(&chan->monitor_timer, l2cap_monitor_timeout,
1588 (unsigned long) chan);
1589 setup_timer(&chan->ack_timer, l2cap_ack_timeout, (unsigned long) chan);
Gustavo F. Padovan0565c1c2009-10-03 02:34:36 -0300[diff] [blame]1590
Gustavo F. Padovanf1c67752011-03-25 20:36:10 -0300[diff] [blame^]1591 skb_queue_head_init(&chan->srej_q);
1592 skb_queue_head_init(&chan->busy_q);
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]1593
1594 INIT_WORK(&l2cap_pi(sk)->busy_work, l2cap_busy_work);
Gustavo F. Padovan218bb9d2010-06-21 18:53:22 -0300[diff] [blame]1595
1596 sk->sk_backlog_rcv = l2cap_ertm_data_rcv;
Gustavo F. Padovan0565c1c2009-10-03 02:34:36 -0300[diff] [blame]1597}
1598
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1599static inline __u8 l2cap_select_mode(__u8 mode, __u16 remote_feat_mask)
1600{
1601 switch (mode) {
1602 case L2CAP_MODE_STREAMING:
1603 case L2CAP_MODE_ERTM:
1604 if (l2cap_mode_supported(mode, remote_feat_mask))
1605 return mode;
1606 /* fall through */
1607 default:
1608 return L2CAP_MODE_BASIC;
1609 }
1610}
1611
Gustavo F. Padovan710f9b02011-03-25 14:30:37 -0300[diff] [blame]1612static int l2cap_build_conf_req(struct l2cap_chan *chan, void *data)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1613{
Gustavo F. Padovan73ffa902011-03-25 14:16:54 -0300[diff] [blame]1614 struct sock *sk = chan->sk;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1615 struct l2cap_pinfo *pi = l2cap_pi(sk);
1616 struct l2cap_conf_req *req = data;
Gustavo F. Padovanbd3c9e22010-05-01 16:15:42 -0300[diff] [blame]1617 struct l2cap_conf_rfc rfc = { .mode = pi->mode };
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1618 void *ptr = req->data;
1619
1620 BT_DBG("sk %p", sk);
1621
Gustavo F. Padovan73ffa902011-03-25 14:16:54 -0300[diff] [blame]1622 if (chan->num_conf_req || chan->num_conf_rsp)
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1623 goto done;
1624
1625 switch (pi->mode) {
1626 case L2CAP_MODE_STREAMING:
1627 case L2CAP_MODE_ERTM:
Gustavo F. Padovan2ba13ed2010-06-09 16:39:05 -0300[diff] [blame]1628 if (pi->conf_state & L2CAP_CONF_STATE2_DEVICE)
Gustavo F. Padovan85eb53c2010-06-03 18:43:28 -0300[diff] [blame]1629 break;
Gustavo F. Padovan85eb53c2010-06-03 18:43:28 -0300[diff] [blame]1630
Gustavo F. Padovan2ba13ed2010-06-09 16:39:05 -0300[diff] [blame]1631 /* fall through */
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1632 default:
1633 pi->mode = l2cap_select_mode(rfc.mode, pi->conn->feat_mask);
1634 break;
1635 }
1636
1637done:
Gustavo F. Padovan7990681c2011-01-24 16:01:43 -0200[diff] [blame]1638 if (pi->imtu != L2CAP_DEFAULT_MTU)
1639 l2cap_add_conf_opt(&ptr, L2CAP_CONF_MTU, 2, pi->imtu);
1640
Marcel Holtmann65c7c492009-05-02 23:07:53 -0700[diff] [blame]1641 switch (pi->mode) {
1642 case L2CAP_MODE_BASIC:
Gustavo F. Padovan63406502010-08-03 23:49:29 -0300[diff] [blame]1643 if (!(pi->conn->feat_mask & L2CAP_FEAT_ERTM) &&
1644 !(pi->conn->feat_mask & L2CAP_FEAT_STREAMING))
1645 break;
1646
Gustavo F. Padovan62547752010-06-08 20:05:31 -0300[diff] [blame]1647 rfc.mode = L2CAP_MODE_BASIC;
1648 rfc.txwin_size = 0;
1649 rfc.max_transmit = 0;
1650 rfc.retrans_timeout = 0;
1651 rfc.monitor_timeout = 0;
1652 rfc.max_pdu_size = 0;
1653
Gustavo F. Padovan63406502010-08-03 23:49:29 -0300[diff] [blame]1654 l2cap_add_conf_opt(&ptr, L2CAP_CONF_RFC, sizeof(rfc),
1655 (unsigned long) &rfc);
Marcel Holtmann65c7c492009-05-02 23:07:53 -0700[diff] [blame]1656 break;
1657
1658 case L2CAP_MODE_ERTM:
1659 rfc.mode = L2CAP_MODE_ERTM;
Gustavo F. Padovan14b5aa72010-05-01 16:15:40 -0300[diff] [blame]1660 rfc.txwin_size = pi->tx_win;
Gustavo F. Padovan68d7f0c2010-05-01 16:15:41 -0300[diff] [blame]1661 rfc.max_transmit = pi->max_tx;
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1662 rfc.retrans_timeout = 0;
1663 rfc.monitor_timeout = 0;
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]1664 rfc.max_pdu_size = cpu_to_le16(L2CAP_DEFAULT_MAX_PDU_SIZE);
Gustavo F. Padovand1daa092010-05-01 16:15:36 -0300[diff] [blame]1665 if (L2CAP_DEFAULT_MAX_PDU_SIZE > pi->conn->mtu - 10)
Gustavo F. Padovan1c762152010-05-01 16:15:40 -0300[diff] [blame]1666 rfc.max_pdu_size = cpu_to_le16(pi->conn->mtu - 10);
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1667
Gustavo F. Padovan63406502010-08-03 23:49:29 -0300[diff] [blame]1668 l2cap_add_conf_opt(&ptr, L2CAP_CONF_RFC, sizeof(rfc),
1669 (unsigned long) &rfc);
1670
Gustavo F. Padovanfcc203c2009-08-20 22:26:02 -0300[diff] [blame]1671 if (!(pi->conn->feat_mask & L2CAP_FEAT_FCS))
1672 break;
1673
1674 if (pi->fcs == L2CAP_FCS_NONE ||
1675 pi->conf_state & L2CAP_CONF_NO_FCS_RECV) {
1676 pi->fcs = L2CAP_FCS_NONE;
1677 l2cap_add_conf_opt(&ptr, L2CAP_CONF_FCS, 1, pi->fcs);
1678 }
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1679 break;
1680
1681 case L2CAP_MODE_STREAMING:
1682 rfc.mode = L2CAP_MODE_STREAMING;
1683 rfc.txwin_size = 0;
1684 rfc.max_transmit = 0;
1685 rfc.retrans_timeout = 0;
1686 rfc.monitor_timeout = 0;
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]1687 rfc.max_pdu_size = cpu_to_le16(L2CAP_DEFAULT_MAX_PDU_SIZE);
Gustavo F. Padovand1daa092010-05-01 16:15:36 -0300[diff] [blame]1688 if (L2CAP_DEFAULT_MAX_PDU_SIZE > pi->conn->mtu - 10)
Gustavo F. Padovan1c762152010-05-01 16:15:40 -0300[diff] [blame]1689 rfc.max_pdu_size = cpu_to_le16(pi->conn->mtu - 10);
Marcel Holtmann65c7c492009-05-02 23:07:53 -0700[diff] [blame]1690
Gustavo F. Padovan63406502010-08-03 23:49:29 -0300[diff] [blame]1691 l2cap_add_conf_opt(&ptr, L2CAP_CONF_RFC, sizeof(rfc),
1692 (unsigned long) &rfc);
1693
Gustavo F. Padovanfcc203c2009-08-20 22:26:02 -0300[diff] [blame]1694 if (!(pi->conn->feat_mask & L2CAP_FEAT_FCS))
1695 break;
1696
1697 if (pi->fcs == L2CAP_FCS_NONE ||
1698 pi->conf_state & L2CAP_CONF_NO_FCS_RECV) {
1699 pi->fcs = L2CAP_FCS_NONE;
1700 l2cap_add_conf_opt(&ptr, L2CAP_CONF_FCS, 1, pi->fcs);
1701 }
Marcel Holtmann65c7c492009-05-02 23:07:53 -0700[diff] [blame]1702 break;
1703 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1704
YOSHIFUJI Hideakiaca31922007-03-25 20:12:50 -0700[diff] [blame]1705 req->dcid = cpu_to_le16(pi->dcid);
1706 req->flags = cpu_to_le16(0);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1707
1708 return ptr - data;
1709}
1710
Gustavo F. Padovan73ffa902011-03-25 14:16:54 -0300[diff] [blame]1711static int l2cap_parse_conf_req(struct l2cap_chan *chan, void *data)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1712{
Gustavo F. Padovan73ffa902011-03-25 14:16:54 -0300[diff] [blame]1713 struct l2cap_pinfo *pi = l2cap_pi(chan->sk);
Marcel Holtmann5dee9e72007-05-24 14:27:19 +0200[diff] [blame]1714 struct l2cap_conf_rsp *rsp = data;
1715 void *ptr = rsp->data;
Gustavo F. Padovan73ffa902011-03-25 14:16:54 -0300[diff] [blame]1716 void *req = chan->conf_req;
1717 int len = chan->conf_len;
Marcel Holtmann5dee9e72007-05-24 14:27:19 +0200[diff] [blame]1718 int type, hint, olen;
1719 unsigned long val;
Marcel Holtmann6464f352007-10-20 13:39:51 +0200[diff] [blame]1720 struct l2cap_conf_rfc rfc = { .mode = L2CAP_MODE_BASIC };
Marcel Holtmann861d6882007-10-20 13:37:06 +0200[diff] [blame]1721 u16 mtu = L2CAP_DEFAULT_MTU;
Marcel Holtmann5dee9e72007-05-24 14:27:19 +0200[diff] [blame]1722 u16 result = L2CAP_CONF_SUCCESS;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1723
Gustavo F. Padovan73ffa902011-03-25 14:16:54 -0300[diff] [blame]1724 BT_DBG("chan %p", chan);
Marcel Holtmann820ae1b2006-11-18 22:15:00 +0100[diff] [blame]1725
Marcel Holtmann5dee9e72007-05-24 14:27:19 +0200[diff] [blame]1726 while (len >= L2CAP_CONF_OPT_SIZE) {
1727 len -= l2cap_get_conf_opt(&req, &type, &olen, &val);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1728
Gustavo F. Padovan589d2742009-04-20 01:31:07 -0300[diff] [blame]1729 hint = type & L2CAP_CONF_HINT;
Marcel Holtmann47ec1dcd2009-05-02 18:57:55 -0700[diff] [blame]1730 type &= L2CAP_CONF_MASK;
Marcel Holtmann5dee9e72007-05-24 14:27:19 +0200[diff] [blame]1731
1732 switch (type) {
1733 case L2CAP_CONF_MTU:
Marcel Holtmann861d6882007-10-20 13:37:06 +0200[diff] [blame]1734 mtu = val;
Marcel Holtmann5dee9e72007-05-24 14:27:19 +0200[diff] [blame]1735 break;
1736
1737 case L2CAP_CONF_FLUSH_TO:
1738 pi->flush_to = val;
1739 break;
1740
1741 case L2CAP_CONF_QOS:
1742 break;
1743
Marcel Holtmann6464f352007-10-20 13:39:51 +0200[diff] [blame]1744 case L2CAP_CONF_RFC:
1745 if (olen == sizeof(rfc))
1746 memcpy(&rfc, (void *) val, olen);
1747 break;
1748
Gustavo F. Padovanfcc203c2009-08-20 22:26:02 -0300[diff] [blame]1749 case L2CAP_CONF_FCS:
1750 if (val == L2CAP_FCS_NONE)
1751 pi->conf_state |= L2CAP_CONF_NO_FCS_RECV;
1752
1753 break;
1754
Marcel Holtmann5dee9e72007-05-24 14:27:19 +0200[diff] [blame]1755 default:
1756 if (hint)
1757 break;
1758
1759 result = L2CAP_CONF_UNKNOWN;
1760 *((u8 *) ptr++) = type;
1761 break;
1762 }
1763 }
1764
Gustavo F. Padovan73ffa902011-03-25 14:16:54 -0300[diff] [blame]1765 if (chan->num_conf_rsp || chan->num_conf_req > 1)
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1766 goto done;
1767
1768 switch (pi->mode) {
1769 case L2CAP_MODE_STREAMING:
1770 case L2CAP_MODE_ERTM:
Gustavo F. Padovan85eb53c2010-06-03 18:43:28 -0300[diff] [blame]1771 if (!(pi->conf_state & L2CAP_CONF_STATE2_DEVICE)) {
1772 pi->mode = l2cap_select_mode(rfc.mode,
1773 pi->conn->feat_mask);
1774 break;
1775 }
1776
Gustavo F. Padovan742e5192010-06-08 19:09:48 -0300[diff] [blame]1777 if (pi->mode != rfc.mode)
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1778 return -ECONNREFUSED;
Gustavo F. Padovan742e5192010-06-08 19:09:48 -0300[diff] [blame]1779
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1780 break;
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1781 }
1782
1783done:
1784 if (pi->mode != rfc.mode) {
1785 result = L2CAP_CONF_UNACCEPT;
1786 rfc.mode = pi->mode;
1787
Gustavo F. Padovan73ffa902011-03-25 14:16:54 -0300[diff] [blame]1788 if (chan->num_conf_rsp == 1)
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1789 return -ECONNREFUSED;
1790
1791 l2cap_add_conf_opt(&ptr, L2CAP_CONF_RFC,
1792 sizeof(rfc), (unsigned long) &rfc);
1793 }
1794
1795
Marcel Holtmann5dee9e72007-05-24 14:27:19 +0200[diff] [blame]1796 if (result == L2CAP_CONF_SUCCESS) {
1797 /* Configure output options and let the other side know
1798 * which ones we don't like. */
1799
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1800 if (mtu < L2CAP_DEFAULT_MIN_MTU)
1801 result = L2CAP_CONF_UNACCEPT;
1802 else {
1803 pi->omtu = mtu;
1804 pi->conf_state |= L2CAP_CONF_MTU_DONE;
1805 }
1806 l2cap_add_conf_opt(&ptr, L2CAP_CONF_MTU, 2, pi->omtu);
Marcel Holtmann5dee9e72007-05-24 14:27:19 +0200[diff] [blame]1807
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1808 switch (rfc.mode) {
1809 case L2CAP_MODE_BASIC:
1810 pi->fcs = L2CAP_FCS_NONE;
1811 pi->conf_state |= L2CAP_CONF_MODE_DONE;
1812 break;
1813
1814 case L2CAP_MODE_ERTM:
Gustavo F. Padovan2c03a7a2011-03-25 20:15:28 -0300[diff] [blame]1815 chan->remote_tx_win = rfc.txwin_size;
1816 chan->remote_max_tx = rfc.max_transmit;
Mat Martineau86b1b262010-08-05 15:54:22 -0700[diff] [blame]1817
1818 if (le16_to_cpu(rfc.max_pdu_size) > pi->conn->mtu - 10)
1819 rfc.max_pdu_size = cpu_to_le16(pi->conn->mtu - 10);
Gustavo F. Padovan1c762152010-05-01 16:15:40 -0300[diff] [blame]1820
Gustavo F. Padovan2c03a7a2011-03-25 20:15:28 -0300[diff] [blame]1821 chan->remote_mps = le16_to_cpu(rfc.max_pdu_size);
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1822
Gustavo F. Padovan10467e92010-05-01 16:15:40 -0300[diff] [blame]1823 rfc.retrans_timeout =
1824 le16_to_cpu(L2CAP_DEFAULT_RETRANS_TO);
1825 rfc.monitor_timeout =
1826 le16_to_cpu(L2CAP_DEFAULT_MONITOR_TO);
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1827
1828 pi->conf_state |= L2CAP_CONF_MODE_DONE;
Gustavo F. Padovan68ae6632009-10-17 21:41:01 -0300[diff] [blame]1829
1830 l2cap_add_conf_opt(&ptr, L2CAP_CONF_RFC,
1831 sizeof(rfc), (unsigned long) &rfc);
1832
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1833 break;
1834
1835 case L2CAP_MODE_STREAMING:
Mat Martineau86b1b262010-08-05 15:54:22 -0700[diff] [blame]1836 if (le16_to_cpu(rfc.max_pdu_size) > pi->conn->mtu - 10)
1837 rfc.max_pdu_size = cpu_to_le16(pi->conn->mtu - 10);
Gustavo F. Padovan1c762152010-05-01 16:15:40 -0300[diff] [blame]1838
Gustavo F. Padovan2c03a7a2011-03-25 20:15:28 -0300[diff] [blame]1839 chan->remote_mps = le16_to_cpu(rfc.max_pdu_size);
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1840
1841 pi->conf_state |= L2CAP_CONF_MODE_DONE;
Gustavo F. Padovan68ae6632009-10-17 21:41:01 -0300[diff] [blame]1842
1843 l2cap_add_conf_opt(&ptr, L2CAP_CONF_RFC,
1844 sizeof(rfc), (unsigned long) &rfc);
1845
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1846 break;
1847
1848 default:
Marcel Holtmann6464f352007-10-20 13:39:51 +0200[diff] [blame]1849 result = L2CAP_CONF_UNACCEPT;
1850
1851 memset(&rfc, 0, sizeof(rfc));
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1852 rfc.mode = pi->mode;
Marcel Holtmann6464f352007-10-20 13:39:51 +0200[diff] [blame]1853 }
Marcel Holtmann5dee9e72007-05-24 14:27:19 +0200[diff] [blame]1854
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1855 if (result == L2CAP_CONF_SUCCESS)
1856 pi->conf_state |= L2CAP_CONF_OUTPUT_DONE;
1857 }
Marcel Holtmann5dee9e72007-05-24 14:27:19 +0200[diff] [blame]1858 rsp->scid = cpu_to_le16(pi->dcid);
1859 rsp->result = cpu_to_le16(result);
1860 rsp->flags = cpu_to_le16(0x0000);
1861
1862 return ptr - data;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1863}
1864
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1865static int l2cap_parse_conf_rsp(struct sock *sk, void *rsp, int len, void *data, u16 *result)
1866{
1867 struct l2cap_pinfo *pi = l2cap_pi(sk);
1868 struct l2cap_conf_req *req = data;
1869 void *ptr = req->data;
1870 int type, olen;
1871 unsigned long val;
1872 struct l2cap_conf_rfc rfc;
1873
1874 BT_DBG("sk %p, rsp %p, len %d, req %p", sk, rsp, len, data);
1875
1876 while (len >= L2CAP_CONF_OPT_SIZE) {
1877 len -= l2cap_get_conf_opt(&rsp, &type, &olen, &val);
1878
1879 switch (type) {
1880 case L2CAP_CONF_MTU:
1881 if (val < L2CAP_DEFAULT_MIN_MTU) {
1882 *result = L2CAP_CONF_UNACCEPT;
Andrei Emeltchenko8183b772010-09-01 15:17:25 +0300[diff] [blame]1883 pi->imtu = L2CAP_DEFAULT_MIN_MTU;
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1884 } else
Andrei Emeltchenko8183b772010-09-01 15:17:25 +0300[diff] [blame]1885 pi->imtu = val;
1886 l2cap_add_conf_opt(&ptr, L2CAP_CONF_MTU, 2, pi->imtu);
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1887 break;
1888
1889 case L2CAP_CONF_FLUSH_TO:
1890 pi->flush_to = val;
1891 l2cap_add_conf_opt(&ptr, L2CAP_CONF_FLUSH_TO,
1892 2, pi->flush_to);
1893 break;
1894
1895 case L2CAP_CONF_RFC:
1896 if (olen == sizeof(rfc))
1897 memcpy(&rfc, (void *)val, olen);
1898
1899 if ((pi->conf_state & L2CAP_CONF_STATE2_DEVICE) &&
1900 rfc.mode != pi->mode)
1901 return -ECONNREFUSED;
1902
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1903 pi->fcs = 0;
1904
1905 l2cap_add_conf_opt(&ptr, L2CAP_CONF_RFC,
1906 sizeof(rfc), (unsigned long) &rfc);
1907 break;
1908 }
1909 }
1910
Gustavo F. Padovan6c2ea7a2010-06-08 20:08:49 -0300[diff] [blame]1911 if (pi->mode == L2CAP_MODE_BASIC && pi->mode != rfc.mode)
1912 return -ECONNREFUSED;
1913
1914 pi->mode = rfc.mode;
1915
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1916 if (*result == L2CAP_CONF_SUCCESS) {
1917 switch (rfc.mode) {
1918 case L2CAP_MODE_ERTM:
Gustavo F. Padovan10467e92010-05-01 16:15:40 -0300[diff] [blame]1919 pi->retrans_timeout = le16_to_cpu(rfc.retrans_timeout);
1920 pi->monitor_timeout = le16_to_cpu(rfc.monitor_timeout);
Gustavo F. Padovan1c762152010-05-01 16:15:40 -0300[diff] [blame]1921 pi->mps = le16_to_cpu(rfc.max_pdu_size);
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1922 break;
1923 case L2CAP_MODE_STREAMING:
Gustavo F. Padovan1c762152010-05-01 16:15:40 -0300[diff] [blame]1924 pi->mps = le16_to_cpu(rfc.max_pdu_size);
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]1925 }
1926 }
1927
1928 req->dcid = cpu_to_le16(pi->dcid);
1929 req->flags = cpu_to_le16(0x0000);
1930
1931 return ptr - data;
1932}
1933
Marcel Holtmann5dee9e72007-05-24 14:27:19 +0200[diff] [blame]1934static int l2cap_build_conf_rsp(struct sock *sk, void *data, u16 result, u16 flags)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1935{
1936 struct l2cap_conf_rsp *rsp = data;
1937 void *ptr = rsp->data;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1938
Marcel Holtmann5dee9e72007-05-24 14:27:19 +0200[diff] [blame]1939 BT_DBG("sk %p", sk);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1940
YOSHIFUJI Hideakiaca31922007-03-25 20:12:50 -0700[diff] [blame]1941 rsp->scid = cpu_to_le16(l2cap_pi(sk)->dcid);
Marcel Holtmann5dee9e72007-05-24 14:27:19 +0200[diff] [blame]1942 rsp->result = cpu_to_le16(result);
YOSHIFUJI Hideakiaca31922007-03-25 20:12:50 -0700[diff] [blame]1943 rsp->flags = cpu_to_le16(flags);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1944
1945 return ptr - data;
1946}
1947
Gustavo F. Padovan710f9b02011-03-25 14:30:37 -0300[diff] [blame]1948void __l2cap_connect_rsp_defer(struct sock *sk)
1949{
1950 struct l2cap_conn_rsp rsp;
1951 struct l2cap_conn *conn = l2cap_pi(sk)->conn;
1952 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
1953 u8 buf[128];
1954
1955 sk->sk_state = BT_CONFIG;
1956
1957 rsp.scid = cpu_to_le16(l2cap_pi(sk)->dcid);
1958 rsp.dcid = cpu_to_le16(l2cap_pi(sk)->scid);
1959 rsp.result = cpu_to_le16(L2CAP_CR_SUCCESS);
1960 rsp.status = cpu_to_le16(L2CAP_CS_NO_INFO);
1961 l2cap_send_cmd(conn, chan->ident,
1962 L2CAP_CONN_RSP, sizeof(rsp), &rsp);
1963
1964 if (l2cap_pi(sk)->conf_state & L2CAP_CONF_REQ_SENT)
1965 return;
1966
1967 l2cap_pi(sk)->conf_state |= L2CAP_CONF_REQ_SENT;
1968 l2cap_send_cmd(conn, l2cap_get_ident(conn), L2CAP_CONF_REQ,
1969 l2cap_build_conf_req(chan, buf), buf);
1970 chan->num_conf_req++;
1971}
1972
Gustavo F. Padovan7b1c0042010-05-01 16:15:39 -0300[diff] [blame]1973static void l2cap_conf_rfc_get(struct sock *sk, void *rsp, int len)
1974{
1975 struct l2cap_pinfo *pi = l2cap_pi(sk);
1976 int type, olen;
1977 unsigned long val;
1978 struct l2cap_conf_rfc rfc;
1979
1980 BT_DBG("sk %p, rsp %p, len %d", sk, rsp, len);
1981
1982 if ((pi->mode != L2CAP_MODE_ERTM) && (pi->mode != L2CAP_MODE_STREAMING))
1983 return;
1984
1985 while (len >= L2CAP_CONF_OPT_SIZE) {
1986 len -= l2cap_get_conf_opt(&rsp, &type, &olen, &val);
1987
1988 switch (type) {
1989 case L2CAP_CONF_RFC:
1990 if (olen == sizeof(rfc))
1991 memcpy(&rfc, (void *)val, olen);
1992 goto done;
1993 }
1994 }
1995
1996done:
1997 switch (rfc.mode) {
1998 case L2CAP_MODE_ERTM:
Gustavo F. Padovan10467e92010-05-01 16:15:40 -0300[diff] [blame]1999 pi->retrans_timeout = le16_to_cpu(rfc.retrans_timeout);
2000 pi->monitor_timeout = le16_to_cpu(rfc.monitor_timeout);
Gustavo F. Padovan7b1c0042010-05-01 16:15:39 -0300[diff] [blame]2001 pi->mps = le16_to_cpu(rfc.max_pdu_size);
2002 break;
2003 case L2CAP_MODE_STREAMING:
2004 pi->mps = le16_to_cpu(rfc.max_pdu_size);
2005 }
2006}
2007
Marcel Holtmann4e8402a2007-10-20 13:37:56 +0200[diff] [blame]2008static inline int l2cap_command_rej(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u8 *data)
2009{
2010 struct l2cap_cmd_rej *rej = (struct l2cap_cmd_rej *) data;
2011
2012 if (rej->reason != 0x0000)
2013 return 0;
2014
2015 if ((conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_SENT) &&
2016 cmd->ident == conn->info_ident) {
Marcel Holtmann4e8402a2007-10-20 13:37:56 +0200[diff] [blame]2017 del_timer(&conn->info_timer);
Marcel Holtmann984947d2009-02-06 23:35:19 +0100[diff] [blame]2018
2019 conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_DONE;
Marcel Holtmanne1027a72009-02-09 09:18:02 +0100[diff] [blame]2020 conn->info_ident = 0;
Marcel Holtmann984947d2009-02-06 23:35:19 +0100[diff] [blame]2021
Marcel Holtmann4e8402a2007-10-20 13:37:56 +0200[diff] [blame]2022 l2cap_conn_start(conn);
2023 }
2024
2025 return 0;
2026}
2027
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2028static inline int l2cap_connect_req(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u8 *data)
2029{
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2030 struct l2cap_conn_req *req = (struct l2cap_conn_req *) data;
2031 struct l2cap_conn_rsp rsp;
Gustavo F. Padovan73ffa902011-03-25 14:16:54 -0300[diff] [blame]2032 struct l2cap_chan *chan = NULL;
Nathan Holsteind793fe82010-10-15 11:54:02 -0400[diff] [blame]2033 struct sock *parent, *sk = NULL;
Marcel Holtmanne7c29cb2008-09-09 07:19:20 +0200[diff] [blame]2034 int result, status = L2CAP_CS_NO_INFO;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2035
2036 u16 dcid = 0, scid = __le16_to_cpu(req->scid);
Marcel Holtmanne7c29cb2008-09-09 07:19:20 +0200[diff] [blame]2037 __le16 psm = req->psm;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2038
2039 BT_DBG("psm 0x%2.2x scid 0x%4.4x", psm, scid);
2040
2041 /* Check if we have socket listening on psm */
2042 parent = l2cap_get_sock_by_psm(BT_LISTEN, psm, conn->src);
2043 if (!parent) {
2044 result = L2CAP_CR_BAD_PSM;
2045 goto sendresp;
2046 }
2047
Gustavo F. Padovane0f0cb52010-11-01 18:43:53 +0000[diff] [blame]2048 bh_lock_sock(parent);
2049
Marcel Holtmanne7c29cb2008-09-09 07:19:20 +0200[diff] [blame]2050 /* Check if the ACL is secure enough (if not SDP) */
2051 if (psm != cpu_to_le16(0x0001) &&
2052 !hci_conn_check_link_mode(conn->hcon)) {
Marcel Holtmann2950f212009-02-12 14:02:50 +0100[diff] [blame]2053 conn->disc_reason = 0x05;
Marcel Holtmanne7c29cb2008-09-09 07:19:20 +0200[diff] [blame]2054 result = L2CAP_CR_SEC_BLOCK;
2055 goto response;
2056 }
2057
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2058 result = L2CAP_CR_NO_MEM;
2059
2060 /* Check for backlog size */
2061 if (sk_acceptq_is_full(parent)) {
YOSHIFUJI Hideaki8e87d142007-02-09 23:24:33 +0900[diff] [blame]2062 BT_DBG("backlog full %d", parent->sk_ack_backlog);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2063 goto response;
2064 }
2065
YOSHIFUJI Hideaki3b1e0a62008-03-26 02:26:21 +0900[diff] [blame]2066 sk = l2cap_sock_alloc(sock_net(parent), NULL, BTPROTO_L2CAP, GFP_ATOMIC);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2067 if (!sk)
2068 goto response;
2069
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]2070 chan = l2cap_chan_alloc(sk);
2071 if (!chan) {
2072 l2cap_sock_kill(sk);
2073 goto response;
2074 }
2075
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]2076 write_lock_bh(&conn->chan_lock);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2077
2078 /* Check if we already have channel with that dcid */
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]2079 if (__l2cap_get_chan_by_dcid(conn, scid)) {
2080 write_unlock_bh(&conn->chan_lock);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2081 sock_set_flag(sk, SOCK_ZAPPED);
2082 l2cap_sock_kill(sk);
2083 goto response;
2084 }
2085
2086 hci_conn_hold(conn->hcon);
2087
2088 l2cap_sock_init(sk, parent);
2089 bacpy(&bt_sk(sk)->src, conn->src);
2090 bacpy(&bt_sk(sk)->dst, conn->dst);
2091 l2cap_pi(sk)->psm = psm;
2092 l2cap_pi(sk)->dcid = scid;
2093
Gustavo F. Padovand1010242011-03-25 00:39:48 -0300[diff] [blame]2094 bt_accept_enqueue(parent, sk);
2095
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]2096 __l2cap_chan_add(conn, chan);
2097
2098 l2cap_pi(sk)->chan = chan;
2099
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2100 dcid = l2cap_pi(sk)->scid;
2101
2102 l2cap_sock_set_timer(sk, sk->sk_sndtimeo);
2103
Gustavo F. Padovanfc7f8a72011-03-25 13:59:37 -0300[diff] [blame]2104 chan->ident = cmd->ident;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2105
Marcel Holtmann984947d2009-02-06 23:35:19 +0100[diff] [blame]2106 if (conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_DONE) {
Marcel Holtmann2af6b9d2009-01-15 21:58:38 +0100[diff] [blame]2107 if (l2cap_check_security(sk)) {
Marcel Holtmannf66dc812009-01-15 21:57:00 +0100[diff] [blame]2108 if (bt_sk(sk)->defer_setup) {
2109 sk->sk_state = BT_CONNECT2;
2110 result = L2CAP_CR_PEND;
2111 status = L2CAP_CS_AUTHOR_PEND;
2112 parent->sk_data_ready(parent, 0);
2113 } else {
2114 sk->sk_state = BT_CONFIG;
2115 result = L2CAP_CR_SUCCESS;
2116 status = L2CAP_CS_NO_INFO;
2117 }
Marcel Holtmann79d554a2008-07-14 20:13:44 +0200[diff] [blame]2118 } else {
2119 sk->sk_state = BT_CONNECT2;
2120 result = L2CAP_CR_PEND;
2121 status = L2CAP_CS_AUTHEN_PEND;
2122 }
2123 } else {
2124 sk->sk_state = BT_CONNECT2;
2125 result = L2CAP_CR_PEND;
2126 status = L2CAP_CS_NO_INFO;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2127 }
2128
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]2129 write_unlock_bh(&conn->chan_lock);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2130
2131response:
2132 bh_unlock_sock(parent);
2133
2134sendresp:
YOSHIFUJI Hideakiaca31922007-03-25 20:12:50 -0700[diff] [blame]2135 rsp.scid = cpu_to_le16(scid);
2136 rsp.dcid = cpu_to_le16(dcid);
2137 rsp.result = cpu_to_le16(result);
2138 rsp.status = cpu_to_le16(status);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2139 l2cap_send_cmd(conn, cmd->ident, L2CAP_CONN_RSP, sizeof(rsp), &rsp);
Marcel Holtmann79d554a2008-07-14 20:13:44 +0200[diff] [blame]2140
2141 if (result == L2CAP_CR_PEND && status == L2CAP_CS_NO_INFO) {
2142 struct l2cap_info_req info;
2143 info.type = cpu_to_le16(L2CAP_IT_FEAT_MASK);
2144
2145 conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_SENT;
2146 conn->info_ident = l2cap_get_ident(conn);
2147
2148 mod_timer(&conn->info_timer, jiffies +
2149 msecs_to_jiffies(L2CAP_INFO_TIMEOUT));
2150
2151 l2cap_send_cmd(conn, conn->info_ident,
2152 L2CAP_INFO_REQ, sizeof(info), &info);
2153 }
2154
Gustavo F. Padovan73ffa902011-03-25 14:16:54 -0300[diff] [blame]2155 if (chan && !(l2cap_pi(sk)->conf_state & L2CAP_CONF_REQ_SENT) &&
Gustavo F. Padovane9aeb2d2010-07-08 20:08:18 -0300[diff] [blame]2156 result == L2CAP_CR_SUCCESS) {
2157 u8 buf[128];
2158 l2cap_pi(sk)->conf_state |= L2CAP_CONF_REQ_SENT;
2159 l2cap_send_cmd(conn, l2cap_get_ident(conn), L2CAP_CONF_REQ,
Gustavo F. Padovan73ffa902011-03-25 14:16:54 -0300[diff] [blame]2160 l2cap_build_conf_req(chan, buf), buf);
2161 chan->num_conf_req++;
Gustavo F. Padovane9aeb2d2010-07-08 20:08:18 -0300[diff] [blame]2162 }
2163
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2164 return 0;
2165}
2166
2167static inline int l2cap_connect_rsp(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u8 *data)
2168{
2169 struct l2cap_conn_rsp *rsp = (struct l2cap_conn_rsp *) data;
2170 u16 scid, dcid, result, status;
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]2171 struct l2cap_chan *chan;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2172 struct sock *sk;
2173 u8 req[128];
2174
2175 scid = __le16_to_cpu(rsp->scid);
2176 dcid = __le16_to_cpu(rsp->dcid);
2177 result = __le16_to_cpu(rsp->result);
2178 status = __le16_to_cpu(rsp->status);
2179
2180 BT_DBG("dcid 0x%4.4x scid 0x%4.4x result 0x%2.2x status 0x%2.2x", dcid, scid, result, status);
2181
2182 if (scid) {
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]2183 chan = l2cap_get_chan_by_scid(conn, scid);
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]2184 if (!chan)
João Paulo Rechi Vita57d3b222010-06-22 13:56:26 -0300[diff] [blame]2185 return -EFAULT;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2186 } else {
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]2187 chan = l2cap_get_chan_by_ident(conn, cmd->ident);
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]2188 if (!chan)
João Paulo Rechi Vita57d3b222010-06-22 13:56:26 -0300[diff] [blame]2189 return -EFAULT;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2190 }
2191
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]2192 sk = chan->sk;
2193
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2194 switch (result) {
2195 case L2CAP_CR_SUCCESS:
2196 sk->sk_state = BT_CONFIG;
Gustavo F. Padovanfc7f8a72011-03-25 13:59:37 -0300[diff] [blame]2197 chan->ident = 0;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2198 l2cap_pi(sk)->dcid = dcid;
Marcel Holtmann6a8d3012009-02-06 23:56:36 +0100[diff] [blame]2199 l2cap_pi(sk)->conf_state &= ~L2CAP_CONF_CONNECT_PEND;
2200
Gustavo F. Padovane9aeb2d2010-07-08 20:08:18 -0300[diff] [blame]2201 if (l2cap_pi(sk)->conf_state & L2CAP_CONF_REQ_SENT)
2202 break;
2203
2204 l2cap_pi(sk)->conf_state |= L2CAP_CONF_REQ_SENT;
2205
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2206 l2cap_send_cmd(conn, l2cap_get_ident(conn), L2CAP_CONF_REQ,
Gustavo F. Padovan73ffa902011-03-25 14:16:54 -0300[diff] [blame]2207 l2cap_build_conf_req(chan, req), req);
2208 chan->num_conf_req++;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2209 break;
2210
2211 case L2CAP_CR_PEND:
Marcel Holtmann6a8d3012009-02-06 23:56:36 +0100[diff] [blame]2212 l2cap_pi(sk)->conf_state |= L2CAP_CONF_CONNECT_PEND;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2213 break;
2214
2215 default:
Andrei Emeltchenkoa49184c2010-11-03 12:32:44 +0200[diff] [blame]2216 /* don't delete l2cap channel if sk is owned by user */
2217 if (sock_owned_by_user(sk)) {
2218 sk->sk_state = BT_DISCONN;
2219 l2cap_sock_clear_timer(sk);
2220 l2cap_sock_set_timer(sk, HZ / 5);
2221 break;
2222 }
2223
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]2224 l2cap_chan_del(chan, ECONNREFUSED);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2225 break;
2226 }
2227
2228 bh_unlock_sock(sk);
2229 return 0;
2230}
2231
Mat Martineau8c462b62010-08-24 15:35:42 -0700[diff] [blame]2232static inline void set_default_fcs(struct l2cap_pinfo *pi)
2233{
2234 /* FCS is enabled only in ERTM or streaming mode, if one or both
2235 * sides request it.
2236 */
2237 if (pi->mode != L2CAP_MODE_ERTM && pi->mode != L2CAP_MODE_STREAMING)
2238 pi->fcs = L2CAP_FCS_NONE;
2239 else if (!(pi->conf_state & L2CAP_CONF_NO_FCS_RECV))
2240 pi->fcs = L2CAP_FCS_CRC16;
2241}
2242
Al Viro88219a02007-07-29 00:17:25 -0700[diff] [blame]2243static inline int l2cap_config_req(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u16 cmd_len, u8 *data)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2244{
2245 struct l2cap_conf_req *req = (struct l2cap_conf_req *) data;
2246 u16 dcid, flags;
2247 u8 rsp[64];
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]2248 struct l2cap_chan *chan;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2249 struct sock *sk;
Marcel Holtmann5dee9e72007-05-24 14:27:19 +0200[diff] [blame]2250 int len;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2251
2252 dcid = __le16_to_cpu(req->dcid);
2253 flags = __le16_to_cpu(req->flags);
2254
2255 BT_DBG("dcid 0x%4.4x flags 0x%2.2x", dcid, flags);
2256
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]2257 chan = l2cap_get_chan_by_scid(conn, dcid);
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]2258 if (!chan)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2259 return -ENOENT;
2260
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]2261 sk = chan->sk;
2262
Gustavo F. Padovandf6bd742010-06-14 02:26:15 -0300[diff] [blame]2263 if (sk->sk_state != BT_CONFIG) {
2264 struct l2cap_cmd_rej rej;
2265
2266 rej.reason = cpu_to_le16(0x0002);
2267 l2cap_send_cmd(conn, cmd->ident, L2CAP_COMMAND_REJ,
2268 sizeof(rej), &rej);
Marcel Holtmann354f60a2006-11-18 22:15:20 +0100[diff] [blame]2269 goto unlock;
Gustavo F. Padovandf6bd742010-06-14 02:26:15 -0300[diff] [blame]2270 }
Marcel Holtmann354f60a2006-11-18 22:15:20 +0100[diff] [blame]2271
Marcel Holtmann5dee9e72007-05-24 14:27:19 +0200[diff] [blame]2272 /* Reject if config buffer is too small. */
Al Viro88219a02007-07-29 00:17:25 -0700[diff] [blame]2273 len = cmd_len - sizeof(*req);
Gustavo F. Padovan73ffa902011-03-25 14:16:54 -0300[diff] [blame]2274 if (chan->conf_len + len > sizeof(chan->conf_req)) {
Marcel Holtmann5dee9e72007-05-24 14:27:19 +0200[diff] [blame]2275 l2cap_send_cmd(conn, cmd->ident, L2CAP_CONF_RSP,
2276 l2cap_build_conf_rsp(sk, rsp,
2277 L2CAP_CONF_REJECT, flags), rsp);
2278 goto unlock;
2279 }
2280
2281 /* Store config. */
Gustavo F. Padovan73ffa902011-03-25 14:16:54 -0300[diff] [blame]2282 memcpy(chan->conf_req + chan->conf_len, req->data, len);
2283 chan->conf_len += len;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2284
2285 if (flags & 0x0001) {
2286 /* Incomplete config. Send empty response. */
2287 l2cap_send_cmd(conn, cmd->ident, L2CAP_CONF_RSP,
Marcel Holtmann5dee9e72007-05-24 14:27:19 +0200[diff] [blame]2288 l2cap_build_conf_rsp(sk, rsp,
2289 L2CAP_CONF_SUCCESS, 0x0001), rsp);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2290 goto unlock;
2291 }
2292
2293 /* Complete config. */
Gustavo F. Padovan73ffa902011-03-25 14:16:54 -0300[diff] [blame]2294 len = l2cap_parse_conf_req(chan, rsp);
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]2295 if (len < 0) {
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]2296 l2cap_send_disconn_req(conn, chan, ECONNRESET);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2297 goto unlock;
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]2298 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2299
Marcel Holtmann5dee9e72007-05-24 14:27:19 +0200[diff] [blame]2300 l2cap_send_cmd(conn, cmd->ident, L2CAP_CONF_RSP, len, rsp);
Gustavo F. Padovan73ffa902011-03-25 14:16:54 -0300[diff] [blame]2301 chan->num_conf_rsp++;
Marcel Holtmann5dee9e72007-05-24 14:27:19 +0200[diff] [blame]2302
Marcel Holtmann5dee9e72007-05-24 14:27:19 +0200[diff] [blame]2303 /* Reset config buffer. */
Gustavo F. Padovan73ffa902011-03-25 14:16:54 -0300[diff] [blame]2304 chan->conf_len = 0;
Marcel Holtmann5dee9e72007-05-24 14:27:19 +0200[diff] [blame]2305
Marcel Holtmann876d9482007-10-20 13:35:42 +0200[diff] [blame]2306 if (!(l2cap_pi(sk)->conf_state & L2CAP_CONF_OUTPUT_DONE))
2307 goto unlock;
2308
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2309 if (l2cap_pi(sk)->conf_state & L2CAP_CONF_INPUT_DONE) {
Mat Martineau8c462b62010-08-24 15:35:42 -0700[diff] [blame]2310 set_default_fcs(l2cap_pi(sk));
Gustavo F. Padovanfcc203c2009-08-20 22:26:02 -0300[diff] [blame]2311
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2312 sk->sk_state = BT_CONNECTED;
Gustavo F. Padovan0565c1c2009-10-03 02:34:36 -0300[diff] [blame]2313
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]2314 chan->next_tx_seq = 0;
2315 chan->expected_tx_seq = 0;
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]2316 __skb_queue_head_init(TX_QUEUE(sk));
Gustavo F. Padovan0565c1c2009-10-03 02:34:36 -0300[diff] [blame]2317 if (l2cap_pi(sk)->mode == L2CAP_MODE_ERTM)
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2318 l2cap_ertm_init(chan);
Gustavo F. Padovan0565c1c2009-10-03 02:34:36 -0300[diff] [blame]2319
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2320 l2cap_chan_ready(sk);
Marcel Holtmann876d9482007-10-20 13:35:42 +0200[diff] [blame]2321 goto unlock;
2322 }
2323
2324 if (!(l2cap_pi(sk)->conf_state & L2CAP_CONF_REQ_SENT)) {
Marcel Holtmann79d554a2008-07-14 20:13:44 +0200[diff] [blame]2325 u8 buf[64];
Haijun Liuab3e5712010-09-30 16:52:40 +0800[diff] [blame]2326 l2cap_pi(sk)->conf_state |= L2CAP_CONF_REQ_SENT;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2327 l2cap_send_cmd(conn, l2cap_get_ident(conn), L2CAP_CONF_REQ,
Gustavo F. Padovan73ffa902011-03-25 14:16:54 -0300[diff] [blame]2328 l2cap_build_conf_req(chan, buf), buf);
2329 chan->num_conf_req++;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2330 }
2331
2332unlock:
2333 bh_unlock_sock(sk);
2334 return 0;
2335}
2336
2337static inline int l2cap_config_rsp(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u8 *data)
2338{
2339 struct l2cap_conf_rsp *rsp = (struct l2cap_conf_rsp *)data;
2340 u16 scid, flags, result;
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]2341 struct l2cap_chan *chan;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2342 struct sock *sk;
Gustavo F. Padovan7b1c0042010-05-01 16:15:39 -0300[diff] [blame]2343 int len = cmd->len - sizeof(*rsp);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2344
2345 scid = __le16_to_cpu(rsp->scid);
2346 flags = __le16_to_cpu(rsp->flags);
2347 result = __le16_to_cpu(rsp->result);
2348
Gustavo F. Padovanaf05b30b2009-04-20 01:31:08 -0300[diff] [blame]2349 BT_DBG("scid 0x%4.4x flags 0x%2.2x result 0x%2.2x",
2350 scid, flags, result);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2351
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]2352 chan = l2cap_get_chan_by_scid(conn, scid);
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]2353 if (!chan)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2354 return 0;
2355
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]2356 sk = chan->sk;
2357
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2358 switch (result) {
2359 case L2CAP_CONF_SUCCESS:
Gustavo F. Padovan7b1c0042010-05-01 16:15:39 -0300[diff] [blame]2360 l2cap_conf_rfc_get(sk, rsp->data, len);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2361 break;
2362
2363 case L2CAP_CONF_UNACCEPT:
Gustavo F. Padovan73ffa902011-03-25 14:16:54 -0300[diff] [blame]2364 if (chan->num_conf_rsp <= L2CAP_CONF_MAX_CONF_RSP) {
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]2365 char req[64];
2366
Andrei Emeltchenkoc2c77ec2010-03-19 10:26:28 +0200[diff] [blame]2367 if (len > sizeof(req) - sizeof(struct l2cap_conf_req)) {
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]2368 l2cap_send_disconn_req(conn, chan, ECONNRESET);
Andrei Emeltchenkoc2c77ec2010-03-19 10:26:28 +0200[diff] [blame]2369 goto done;
2370 }
2371
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]2372 /* throw out any old stored conf requests */
2373 result = L2CAP_CONF_SUCCESS;
2374 len = l2cap_parse_conf_rsp(sk, rsp->data,
2375 len, req, &result);
2376 if (len < 0) {
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]2377 l2cap_send_disconn_req(conn, chan, ECONNRESET);
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]2378 goto done;
2379 }
2380
2381 l2cap_send_cmd(conn, l2cap_get_ident(conn),
2382 L2CAP_CONF_REQ, len, req);
Gustavo F. Padovan73ffa902011-03-25 14:16:54 -0300[diff] [blame]2383 chan->num_conf_req++;
Gustavo F. Padovanf2fcfcd2009-07-04 15:06:24 -0300[diff] [blame]2384 if (result != L2CAP_CONF_SUCCESS)
2385 goto done;
2386 break;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2387 }
2388
YOSHIFUJI Hideaki8e87d142007-02-09 23:24:33 +0900[diff] [blame]2389 default:
Marcel Holtmannb1235d72008-07-14 20:13:54 +0200[diff] [blame]2390 sk->sk_err = ECONNRESET;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2391 l2cap_sock_set_timer(sk, HZ * 5);
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]2392 l2cap_send_disconn_req(conn, chan, ECONNRESET);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2393 goto done;
2394 }
2395
2396 if (flags & 0x01)
2397 goto done;
2398
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2399 l2cap_pi(sk)->conf_state |= L2CAP_CONF_INPUT_DONE;
2400
2401 if (l2cap_pi(sk)->conf_state & L2CAP_CONF_OUTPUT_DONE) {
Mat Martineau8c462b62010-08-24 15:35:42 -0700[diff] [blame]2402 set_default_fcs(l2cap_pi(sk));
Gustavo F. Padovanfcc203c2009-08-20 22:26:02 -0300[diff] [blame]2403
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2404 sk->sk_state = BT_CONNECTED;
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]2405 chan->next_tx_seq = 0;
2406 chan->expected_tx_seq = 0;
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]2407 __skb_queue_head_init(TX_QUEUE(sk));
Gustavo F. Padovan0565c1c2009-10-03 02:34:36 -0300[diff] [blame]2408 if (l2cap_pi(sk)->mode == L2CAP_MODE_ERTM)
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2409 l2cap_ertm_init(chan);
Gustavo F. Padovan0565c1c2009-10-03 02:34:36 -0300[diff] [blame]2410
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2411 l2cap_chan_ready(sk);
2412 }
2413
2414done:
2415 bh_unlock_sock(sk);
2416 return 0;
2417}
2418
2419static inline int l2cap_disconnect_req(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u8 *data)
2420{
2421 struct l2cap_disconn_req *req = (struct l2cap_disconn_req *) data;
2422 struct l2cap_disconn_rsp rsp;
2423 u16 dcid, scid;
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]2424 struct l2cap_chan *chan;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2425 struct sock *sk;
2426
2427 scid = __le16_to_cpu(req->scid);
2428 dcid = __le16_to_cpu(req->dcid);
2429
2430 BT_DBG("scid 0x%4.4x dcid 0x%4.4x", scid, dcid);
2431
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]2432 chan = l2cap_get_chan_by_scid(conn, dcid);
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]2433 if (!chan)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2434 return 0;
2435
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]2436 sk = chan->sk;
2437
YOSHIFUJI Hideakiaca31922007-03-25 20:12:50 -0700[diff] [blame]2438 rsp.dcid = cpu_to_le16(l2cap_pi(sk)->scid);
2439 rsp.scid = cpu_to_le16(l2cap_pi(sk)->dcid);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2440 l2cap_send_cmd(conn, cmd->ident, L2CAP_DISCONN_RSP, sizeof(rsp), &rsp);
2441
2442 sk->sk_shutdown = SHUTDOWN_MASK;
2443
Andrei Emeltchenkoa49184c2010-11-03 12:32:44 +0200[diff] [blame]2444 /* don't delete l2cap channel if sk is owned by user */
2445 if (sock_owned_by_user(sk)) {
2446 sk->sk_state = BT_DISCONN;
2447 l2cap_sock_clear_timer(sk);
2448 l2cap_sock_set_timer(sk, HZ / 5);
2449 bh_unlock_sock(sk);
2450 return 0;
2451 }
2452
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]2453 l2cap_chan_del(chan, ECONNRESET);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2454 bh_unlock_sock(sk);
2455
2456 l2cap_sock_kill(sk);
2457 return 0;
2458}
2459
2460static inline int l2cap_disconnect_rsp(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u8 *data)
2461{
2462 struct l2cap_disconn_rsp *rsp = (struct l2cap_disconn_rsp *) data;
2463 u16 dcid, scid;
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]2464 struct l2cap_chan *chan;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2465 struct sock *sk;
2466
2467 scid = __le16_to_cpu(rsp->scid);
2468 dcid = __le16_to_cpu(rsp->dcid);
2469
2470 BT_DBG("dcid 0x%4.4x scid 0x%4.4x", dcid, scid);
2471
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]2472 chan = l2cap_get_chan_by_scid(conn, scid);
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]2473 if (!chan)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2474 return 0;
2475
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]2476 sk = chan->sk;
2477
Andrei Emeltchenkoa49184c2010-11-03 12:32:44 +0200[diff] [blame]2478 /* don't delete l2cap channel if sk is owned by user */
2479 if (sock_owned_by_user(sk)) {
2480 sk->sk_state = BT_DISCONN;
2481 l2cap_sock_clear_timer(sk);
2482 l2cap_sock_set_timer(sk, HZ / 5);
2483 bh_unlock_sock(sk);
2484 return 0;
2485 }
2486
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]2487 l2cap_chan_del(chan, 0);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2488 bh_unlock_sock(sk);
2489
2490 l2cap_sock_kill(sk);
2491 return 0;
2492}
2493
2494static inline int l2cap_information_req(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u8 *data)
2495{
2496 struct l2cap_info_req *req = (struct l2cap_info_req *) data;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2497 u16 type;
2498
2499 type = __le16_to_cpu(req->type);
2500
2501 BT_DBG("type 0x%4.4x", type);
2502
Marcel Holtmannf0709e02007-10-20 13:38:51 +0200[diff] [blame]2503 if (type == L2CAP_IT_FEAT_MASK) {
2504 u8 buf[8];
Marcel Holtmann44dd46d2009-05-02 19:09:01 -0700[diff] [blame]2505 u32 feat_mask = l2cap_feat_mask;
Marcel Holtmannf0709e02007-10-20 13:38:51 +0200[diff] [blame]2506 struct l2cap_info_rsp *rsp = (struct l2cap_info_rsp *) buf;
2507 rsp->type = cpu_to_le16(L2CAP_IT_FEAT_MASK);
2508 rsp->result = cpu_to_le16(L2CAP_IR_SUCCESS);
Gustavo F. Padovand1c4a172010-07-18 16:25:54 -0300[diff] [blame]2509 if (!disable_ertm)
Gustavo F. Padovanfcc203c2009-08-20 22:26:02 -0300[diff] [blame]2510 feat_mask |= L2CAP_FEAT_ERTM | L2CAP_FEAT_STREAMING
2511 | L2CAP_FEAT_FCS;
Gustavo F. Padovan1b7bf4e2009-08-24 00:45:20 -0300[diff] [blame]2512 put_unaligned_le32(feat_mask, rsp->data);
Marcel Holtmannf0709e02007-10-20 13:38:51 +0200[diff] [blame]2513 l2cap_send_cmd(conn, cmd->ident,
2514 L2CAP_INFO_RSP, sizeof(buf), buf);
Marcel Holtmanne1027a72009-02-09 09:18:02 +0100[diff] [blame]2515 } else if (type == L2CAP_IT_FIXED_CHAN) {
2516 u8 buf[12];
2517 struct l2cap_info_rsp *rsp = (struct l2cap_info_rsp *) buf;
2518 rsp->type = cpu_to_le16(L2CAP_IT_FIXED_CHAN);
2519 rsp->result = cpu_to_le16(L2CAP_IR_SUCCESS);
2520 memcpy(buf + 4, l2cap_fixed_chan, 8);
2521 l2cap_send_cmd(conn, cmd->ident,
2522 L2CAP_INFO_RSP, sizeof(buf), buf);
Marcel Holtmannf0709e02007-10-20 13:38:51 +0200[diff] [blame]2523 } else {
2524 struct l2cap_info_rsp rsp;
2525 rsp.type = cpu_to_le16(type);
2526 rsp.result = cpu_to_le16(L2CAP_IR_NOTSUPP);
2527 l2cap_send_cmd(conn, cmd->ident,
2528 L2CAP_INFO_RSP, sizeof(rsp), &rsp);
2529 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2530
2531 return 0;
2532}
2533
2534static inline int l2cap_information_rsp(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u8 *data)
2535{
2536 struct l2cap_info_rsp *rsp = (struct l2cap_info_rsp *) data;
2537 u16 type, result;
2538
2539 type = __le16_to_cpu(rsp->type);
2540 result = __le16_to_cpu(rsp->result);
2541
2542 BT_DBG("type 0x%4.4x result 0x%2.2x", type, result);
2543
Andrei Emeltchenkoe90165b2011-03-25 11:31:41 +0200[diff] [blame]2544 /* L2CAP Info req/rsp are unbound to channels, add extra checks */
2545 if (cmd->ident != conn->info_ident ||
2546 conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_DONE)
2547 return 0;
2548
Marcel Holtmann4e8402a2007-10-20 13:37:56 +0200[diff] [blame]2549 del_timer(&conn->info_timer);
2550
Ville Tervoadb08ed2010-08-04 09:43:33 +0300[diff] [blame]2551 if (result != L2CAP_IR_SUCCESS) {
2552 conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_DONE;
2553 conn->info_ident = 0;
2554
2555 l2cap_conn_start(conn);
2556
2557 return 0;
2558 }
2559
Marcel Holtmann984947d2009-02-06 23:35:19 +0100[diff] [blame]2560 if (type == L2CAP_IT_FEAT_MASK) {
Harvey Harrison83985312008-05-02 16:25:46 -0700[diff] [blame]2561 conn->feat_mask = get_unaligned_le32(rsp->data);
Marcel Holtmann4e8402a2007-10-20 13:37:56 +0200[diff] [blame]2562
Marcel Holtmann47ec1dcd2009-05-02 18:57:55 -0700[diff] [blame]2563 if (conn->feat_mask & L2CAP_FEAT_FIXED_CHAN) {
Marcel Holtmanne1027a72009-02-09 09:18:02 +0100[diff] [blame]2564 struct l2cap_info_req req;
2565 req.type = cpu_to_le16(L2CAP_IT_FIXED_CHAN);
2566
2567 conn->info_ident = l2cap_get_ident(conn);
2568
2569 l2cap_send_cmd(conn, conn->info_ident,
2570 L2CAP_INFO_REQ, sizeof(req), &req);
2571 } else {
2572 conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_DONE;
2573 conn->info_ident = 0;
2574
2575 l2cap_conn_start(conn);
2576 }
2577 } else if (type == L2CAP_IT_FIXED_CHAN) {
Marcel Holtmann984947d2009-02-06 23:35:19 +0100[diff] [blame]2578 conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_DONE;
Marcel Holtmanne1027a72009-02-09 09:18:02 +0100[diff] [blame]2579 conn->info_ident = 0;
Marcel Holtmann984947d2009-02-06 23:35:19 +0100[diff] [blame]2580
2581 l2cap_conn_start(conn);
2582 }
Marcel Holtmann4e8402a2007-10-20 13:37:56 +0200[diff] [blame]2583
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2584 return 0;
2585}
2586
Gustavo F. Padovane2174ca2011-02-17 19:16:55 -0300[diff] [blame]2587static inline int l2cap_check_conn_param(u16 min, u16 max, u16 latency,
Claudio Takahaside731152011-02-11 19:28:55 -0200[diff] [blame]2588 u16 to_multiplier)
2589{
2590 u16 max_latency;
2591
2592 if (min > max || min < 6 || max > 3200)
2593 return -EINVAL;
2594
2595 if (to_multiplier < 10 || to_multiplier > 3200)
2596 return -EINVAL;
2597
2598 if (max >= to_multiplier * 8)
2599 return -EINVAL;
2600
2601 max_latency = (to_multiplier * 8 / max) - 1;
2602 if (latency > 499 || latency > max_latency)
2603 return -EINVAL;
2604
2605 return 0;
2606}
2607
2608static inline int l2cap_conn_param_update_req(struct l2cap_conn *conn,
2609 struct l2cap_cmd_hdr *cmd, u8 *data)
2610{
2611 struct hci_conn *hcon = conn->hcon;
2612 struct l2cap_conn_param_update_req *req;
2613 struct l2cap_conn_param_update_rsp rsp;
2614 u16 min, max, latency, to_multiplier, cmd_len;
Claudio Takahasi2ce603e2011-02-16 20:44:53 -0200[diff] [blame]2615 int err;
Claudio Takahaside731152011-02-11 19:28:55 -0200[diff] [blame]2616
2617 if (!(hcon->link_mode & HCI_LM_MASTER))
2618 return -EINVAL;
2619
2620 cmd_len = __le16_to_cpu(cmd->len);
2621 if (cmd_len != sizeof(struct l2cap_conn_param_update_req))
2622 return -EPROTO;
2623
2624 req = (struct l2cap_conn_param_update_req *) data;
Gustavo F. Padovane2174ca2011-02-17 19:16:55 -0300[diff] [blame]2625 min = __le16_to_cpu(req->min);
2626 max = __le16_to_cpu(req->max);
Claudio Takahaside731152011-02-11 19:28:55 -0200[diff] [blame]2627 latency = __le16_to_cpu(req->latency);
2628 to_multiplier = __le16_to_cpu(req->to_multiplier);
2629
2630 BT_DBG("min 0x%4.4x max 0x%4.4x latency: 0x%4.4x Timeout: 0x%4.4x",
2631 min, max, latency, to_multiplier);
2632
2633 memset(&rsp, 0, sizeof(rsp));
Claudio Takahasi2ce603e2011-02-16 20:44:53 -0200[diff] [blame]2634
2635 err = l2cap_check_conn_param(min, max, latency, to_multiplier);
2636 if (err)
Claudio Takahaside731152011-02-11 19:28:55 -0200[diff] [blame]2637 rsp.result = cpu_to_le16(L2CAP_CONN_PARAM_REJECTED);
2638 else
2639 rsp.result = cpu_to_le16(L2CAP_CONN_PARAM_ACCEPTED);
2640
2641 l2cap_send_cmd(conn, cmd->ident, L2CAP_CONN_PARAM_UPDATE_RSP,
2642 sizeof(rsp), &rsp);
2643
Claudio Takahasi2ce603e2011-02-16 20:44:53 -0200[diff] [blame]2644 if (!err)
2645 hci_le_conn_update(hcon, min, max, latency, to_multiplier);
2646
Claudio Takahaside731152011-02-11 19:28:55 -0200[diff] [blame]2647 return 0;
2648}
2649
Claudio Takahasi3300d9a2011-02-11 19:28:54 -0200[diff] [blame]2650static inline int l2cap_bredr_sig_cmd(struct l2cap_conn *conn,
2651 struct l2cap_cmd_hdr *cmd, u16 cmd_len, u8 *data)
2652{
2653 int err = 0;
2654
2655 switch (cmd->code) {
2656 case L2CAP_COMMAND_REJ:
2657 l2cap_command_rej(conn, cmd, data);
2658 break;
2659
2660 case L2CAP_CONN_REQ:
2661 err = l2cap_connect_req(conn, cmd, data);
2662 break;
2663
2664 case L2CAP_CONN_RSP:
2665 err = l2cap_connect_rsp(conn, cmd, data);
2666 break;
2667
2668 case L2CAP_CONF_REQ:
2669 err = l2cap_config_req(conn, cmd, cmd_len, data);
2670 break;
2671
2672 case L2CAP_CONF_RSP:
2673 err = l2cap_config_rsp(conn, cmd, data);
2674 break;
2675
2676 case L2CAP_DISCONN_REQ:
2677 err = l2cap_disconnect_req(conn, cmd, data);
2678 break;
2679
2680 case L2CAP_DISCONN_RSP:
2681 err = l2cap_disconnect_rsp(conn, cmd, data);
2682 break;
2683
2684 case L2CAP_ECHO_REQ:
2685 l2cap_send_cmd(conn, cmd->ident, L2CAP_ECHO_RSP, cmd_len, data);
2686 break;
2687
2688 case L2CAP_ECHO_RSP:
2689 break;
2690
2691 case L2CAP_INFO_REQ:
2692 err = l2cap_information_req(conn, cmd, data);
2693 break;
2694
2695 case L2CAP_INFO_RSP:
2696 err = l2cap_information_rsp(conn, cmd, data);
2697 break;
2698
2699 default:
2700 BT_ERR("Unknown BR/EDR signaling command 0x%2.2x", cmd->code);
2701 err = -EINVAL;
2702 break;
2703 }
2704
2705 return err;
2706}
2707
2708static inline int l2cap_le_sig_cmd(struct l2cap_conn *conn,
2709 struct l2cap_cmd_hdr *cmd, u8 *data)
2710{
2711 switch (cmd->code) {
2712 case L2CAP_COMMAND_REJ:
2713 return 0;
2714
2715 case L2CAP_CONN_PARAM_UPDATE_REQ:
Claudio Takahaside731152011-02-11 19:28:55 -0200[diff] [blame]2716 return l2cap_conn_param_update_req(conn, cmd, data);
Claudio Takahasi3300d9a2011-02-11 19:28:54 -0200[diff] [blame]2717
2718 case L2CAP_CONN_PARAM_UPDATE_RSP:
2719 return 0;
2720
2721 default:
2722 BT_ERR("Unknown LE signaling command 0x%2.2x", cmd->code);
2723 return -EINVAL;
2724 }
2725}
2726
2727static inline void l2cap_sig_channel(struct l2cap_conn *conn,
2728 struct sk_buff *skb)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2729{
2730 u8 *data = skb->data;
2731 int len = skb->len;
2732 struct l2cap_cmd_hdr cmd;
Claudio Takahasi3300d9a2011-02-11 19:28:54 -0200[diff] [blame]2733 int err;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2734
2735 l2cap_raw_recv(conn, skb);
2736
2737 while (len >= L2CAP_CMD_HDR_SIZE) {
Al Viro88219a02007-07-29 00:17:25 -0700[diff] [blame]2738 u16 cmd_len;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2739 memcpy(&cmd, data, L2CAP_CMD_HDR_SIZE);
2740 data += L2CAP_CMD_HDR_SIZE;
2741 len -= L2CAP_CMD_HDR_SIZE;
2742
Al Viro88219a02007-07-29 00:17:25 -0700[diff] [blame]2743 cmd_len = le16_to_cpu(cmd.len);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2744
Al Viro88219a02007-07-29 00:17:25 -0700[diff] [blame]2745 BT_DBG("code 0x%2.2x len %d id 0x%2.2x", cmd.code, cmd_len, cmd.ident);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2746
Al Viro88219a02007-07-29 00:17:25 -0700[diff] [blame]2747 if (cmd_len > len || !cmd.ident) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2748 BT_DBG("corrupted command");
2749 break;
2750 }
2751
Claudio Takahasi3300d9a2011-02-11 19:28:54 -0200[diff] [blame]2752 if (conn->hcon->type == LE_LINK)
2753 err = l2cap_le_sig_cmd(conn, &cmd, data);
2754 else
2755 err = l2cap_bredr_sig_cmd(conn, &cmd, cmd_len, data);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2756
2757 if (err) {
2758 struct l2cap_cmd_rej rej;
Gustavo F. Padovan2c6d1a22011-03-23 14:38:32 -0300[diff] [blame]2759
2760 BT_ERR("Wrong link type (%d)", err);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2761
2762 /* FIXME: Map err to a valid reason */
YOSHIFUJI Hideakiaca31922007-03-25 20:12:50 -0700[diff] [blame]2763 rej.reason = cpu_to_le16(0);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2764 l2cap_send_cmd(conn, cmd.ident, L2CAP_COMMAND_REJ, sizeof(rej), &rej);
2765 }
2766
Al Viro88219a02007-07-29 00:17:25 -0700[diff] [blame]2767 data += cmd_len;
2768 len -= cmd_len;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]2769 }
2770
2771 kfree_skb(skb);
2772}
2773
Gustavo F. Padovanfcc203c2009-08-20 22:26:02 -0300[diff] [blame]2774static int l2cap_check_fcs(struct l2cap_pinfo *pi, struct sk_buff *skb)
2775{
2776 u16 our_fcs, rcv_fcs;
2777 int hdr_size = L2CAP_HDR_SIZE + 2;
2778
2779 if (pi->fcs == L2CAP_FCS_CRC16) {
2780 skb_trim(skb, skb->len - 2);
2781 rcv_fcs = get_unaligned_le16(skb->data + skb->len);
2782 our_fcs = crc16(0, skb->data - hdr_size, skb->len + hdr_size);
2783
2784 if (our_fcs != rcv_fcs)
João Paulo Rechi Vita7a560e52010-06-22 13:56:27 -0300[diff] [blame]2785 return -EBADMSG;
Gustavo F. Padovanfcc203c2009-08-20 22:26:02 -0300[diff] [blame]2786 }
2787 return 0;
2788}
2789
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2790static inline void l2cap_send_i_or_rr_or_rnr(struct l2cap_chan *chan)
Gustavo F. Padovand5392c82010-05-01 16:15:36 -0300[diff] [blame]2791{
Gustavo F. Padovand5392c82010-05-01 16:15:36 -0300[diff] [blame]2792 u16 control = 0;
2793
Gustavo F. Padovan6a026612011-04-01 00:38:50 -0300[diff] [blame]2794 chan->frames_sent = 0;
Gustavo F. Padovand5392c82010-05-01 16:15:36 -0300[diff] [blame]2795
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]2796 control |= chan->buffer_seq << L2CAP_CTRL_REQSEQ_SHIFT;
Gustavo F. Padovand5392c82010-05-01 16:15:36 -0300[diff] [blame]2797
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2798 if (chan->conn_state & L2CAP_CONN_LOCAL_BUSY) {
Gustavo F. Padovan64988862010-05-10 14:54:14 -0300[diff] [blame]2799 control |= L2CAP_SUPER_RCV_NOT_READY;
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2800 l2cap_send_sframe(chan, control);
2801 chan->conn_state |= L2CAP_CONN_RNR_SENT;
Gustavo F. Padovand5392c82010-05-01 16:15:36 -0300[diff] [blame]2802 }
2803
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2804 if (chan->conn_state & L2CAP_CONN_REMOTE_BUSY)
2805 l2cap_retransmit_frames(chan);
Gustavo F. Padovand5392c82010-05-01 16:15:36 -0300[diff] [blame]2806
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2807 l2cap_ertm_send(chan);
Gustavo F. Padovand5392c82010-05-01 16:15:36 -0300[diff] [blame]2808
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2809 if (!(chan->conn_state & L2CAP_CONN_LOCAL_BUSY) &&
Gustavo F. Padovan6a026612011-04-01 00:38:50 -0300[diff] [blame]2810 chan->frames_sent == 0) {
Gustavo F. Padovand5392c82010-05-01 16:15:36 -0300[diff] [blame]2811 control |= L2CAP_SUPER_RCV_READY;
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2812 l2cap_send_sframe(chan, control);
Gustavo F. Padovand5392c82010-05-01 16:15:36 -0300[diff] [blame]2813 }
2814}
2815
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]2816static int l2cap_add_to_srej_queue(struct l2cap_chan *chan, struct sk_buff *skb, u8 tx_seq, u8 sar)
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]2817{
2818 struct sk_buff *next_skb;
João Paulo Rechi Vitabfbacc12010-05-31 18:35:44 -0300[diff] [blame]2819 int tx_seq_offset, next_tx_seq_offset;
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]2820
2821 bt_cb(skb)->tx_seq = tx_seq;
2822 bt_cb(skb)->sar = sar;
2823
Gustavo F. Padovanf1c67752011-03-25 20:36:10 -0300[diff] [blame^]2824 next_skb = skb_peek(&chan->srej_q);
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]2825 if (!next_skb) {
Gustavo F. Padovanf1c67752011-03-25 20:36:10 -0300[diff] [blame^]2826 __skb_queue_tail(&chan->srej_q, skb);
João Paulo Rechi Vita9b533502010-05-01 16:15:44 -0300[diff] [blame]2827 return 0;
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]2828 }
2829
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]2830 tx_seq_offset = (tx_seq - chan->buffer_seq) % 64;
João Paulo Rechi Vitabfbacc12010-05-31 18:35:44 -0300[diff] [blame]2831 if (tx_seq_offset < 0)
2832 tx_seq_offset += 64;
2833
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]2834 do {
João Paulo Rechi Vita9b533502010-05-01 16:15:44 -0300[diff] [blame]2835 if (bt_cb(next_skb)->tx_seq == tx_seq)
2836 return -EINVAL;
2837
João Paulo Rechi Vitabfbacc12010-05-31 18:35:44 -0300[diff] [blame]2838 next_tx_seq_offset = (bt_cb(next_skb)->tx_seq -
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]2839 chan->buffer_seq) % 64;
João Paulo Rechi Vitabfbacc12010-05-31 18:35:44 -0300[diff] [blame]2840 if (next_tx_seq_offset < 0)
2841 next_tx_seq_offset += 64;
2842
2843 if (next_tx_seq_offset > tx_seq_offset) {
Gustavo F. Padovanf1c67752011-03-25 20:36:10 -0300[diff] [blame^]2844 __skb_queue_before(&chan->srej_q, next_skb, skb);
João Paulo Rechi Vita9b533502010-05-01 16:15:44 -0300[diff] [blame]2845 return 0;
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]2846 }
2847
Gustavo F. Padovanf1c67752011-03-25 20:36:10 -0300[diff] [blame^]2848 if (skb_queue_is_last(&chan->srej_q, next_skb))
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]2849 break;
2850
Gustavo F. Padovanf1c67752011-03-25 20:36:10 -0300[diff] [blame^]2851 } while ((next_skb = skb_queue_next(&chan->srej_q, next_skb)));
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]2852
Gustavo F. Padovanf1c67752011-03-25 20:36:10 -0300[diff] [blame^]2853 __skb_queue_tail(&chan->srej_q, skb);
João Paulo Rechi Vita9b533502010-05-01 16:15:44 -0300[diff] [blame]2854
2855 return 0;
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]2856}
2857
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2858static int l2cap_ertm_reassembly_sdu(struct l2cap_chan *chan, struct sk_buff *skb, u16 control)
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2859{
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2860 struct l2cap_pinfo *pi = l2cap_pi(chan->sk);
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2861 struct sk_buff *_skb;
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]2862 int err;
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2863
2864 switch (control & L2CAP_CTRL_SAR) {
2865 case L2CAP_SDU_UNSEGMENTED:
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2866 if (chan->conn_state & L2CAP_CONN_SAR_SDU)
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2867 goto drop;
2868
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2869 err = sock_queue_rcv_skb(chan->sk, skb);
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2870 if (!err)
2871 return err;
2872
2873 break;
2874
2875 case L2CAP_SDU_START:
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2876 if (chan->conn_state & L2CAP_CONN_SAR_SDU)
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2877 goto drop;
2878
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]2879 chan->sdu_len = get_unaligned_le16(skb->data);
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2880
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]2881 if (chan->sdu_len > pi->imtu)
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2882 goto disconnect;
2883
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]2884 chan->sdu = bt_skb_alloc(chan->sdu_len, GFP_ATOMIC);
2885 if (!chan->sdu)
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]2886 return -ENOMEM;
2887
2888 /* pull sdu_len bytes only after alloc, because of Local Busy
2889 * condition we have to be sure that this will be executed
2890 * only once, i.e., when alloc does not fail */
2891 skb_pull(skb, 2);
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2892
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]2893 memcpy(skb_put(chan->sdu, skb->len), skb->data, skb->len);
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2894
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2895 chan->conn_state |= L2CAP_CONN_SAR_SDU;
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]2896 chan->partial_sdu_len = skb->len;
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2897 break;
2898
2899 case L2CAP_SDU_CONTINUE:
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2900 if (!(chan->conn_state & L2CAP_CONN_SAR_SDU))
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2901 goto disconnect;
2902
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]2903 if (!chan->sdu)
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2904 goto disconnect;
2905
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]2906 chan->partial_sdu_len += skb->len;
2907 if (chan->partial_sdu_len > chan->sdu_len)
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2908 goto drop;
2909
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]2910 memcpy(skb_put(chan->sdu, skb->len), skb->data, skb->len);
Gustavo F. Padovan4178ba42010-05-01 16:15:45 -0300[diff] [blame]2911
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2912 break;
2913
2914 case L2CAP_SDU_END:
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2915 if (!(chan->conn_state & L2CAP_CONN_SAR_SDU))
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2916 goto disconnect;
2917
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]2918 if (!chan->sdu)
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2919 goto disconnect;
2920
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2921 if (!(chan->conn_state & L2CAP_CONN_SAR_RETRY)) {
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]2922 chan->partial_sdu_len += skb->len;
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2923
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]2924 if (chan->partial_sdu_len > pi->imtu)
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]2925 goto drop;
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2926
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]2927 if (chan->partial_sdu_len != chan->sdu_len)
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]2928 goto drop;
Gustavo F. Padovan4178ba42010-05-01 16:15:45 -0300[diff] [blame]2929
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]2930 memcpy(skb_put(chan->sdu, skb->len), skb->data, skb->len);
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]2931 }
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2932
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]2933 _skb = skb_clone(chan->sdu, GFP_ATOMIC);
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]2934 if (!_skb) {
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2935 chan->conn_state |= L2CAP_CONN_SAR_RETRY;
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]2936 return -ENOMEM;
2937 }
2938
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2939 err = sock_queue_rcv_skb(chan->sk, _skb);
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]2940 if (err < 0) {
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2941 kfree_skb(_skb);
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2942 chan->conn_state |= L2CAP_CONN_SAR_RETRY;
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]2943 return err;
2944 }
2945
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2946 chan->conn_state &= ~L2CAP_CONN_SAR_RETRY;
2947 chan->conn_state &= ~L2CAP_CONN_SAR_SDU;
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2948
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]2949 kfree_skb(chan->sdu);
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2950 break;
2951 }
2952
2953 kfree_skb(skb);
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]2954 return 0;
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2955
2956drop:
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]2957 kfree_skb(chan->sdu);
2958 chan->sdu = NULL;
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2959
2960disconnect:
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]2961 l2cap_send_disconn_req(pi->conn, chan, ECONNRESET);
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]2962 kfree_skb(skb);
2963 return 0;
2964}
2965
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2966static int l2cap_try_push_rx_skb(struct l2cap_chan *chan)
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]2967{
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2968 struct sock *sk = chan->sk;
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]2969 struct sk_buff *skb;
2970 u16 control;
Gustavo F. Padovan712132e2010-06-21 19:39:50 -0300[diff] [blame]2971 int err;
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]2972
Gustavo F. Padovanf1c67752011-03-25 20:36:10 -0300[diff] [blame^]2973 while ((skb = skb_dequeue(&chan->busy_q))) {
Gustavo F. Padovan712132e2010-06-21 19:39:50 -0300[diff] [blame]2974 control = bt_cb(skb)->sar << L2CAP_CTRL_SAR_SHIFT;
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2975 err = l2cap_ertm_reassembly_sdu(chan, skb, control);
Gustavo F. Padovan712132e2010-06-21 19:39:50 -0300[diff] [blame]2976 if (err < 0) {
Gustavo F. Padovanf1c67752011-03-25 20:36:10 -0300[diff] [blame^]2977 skb_queue_head(&chan->busy_q, skb);
Gustavo F. Padovan712132e2010-06-21 19:39:50 -0300[diff] [blame]2978 return -EBUSY;
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]2979 }
2980
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]2981 chan->buffer_seq = (chan->buffer_seq + 1) % 64;
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]2982 }
2983
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2984 if (!(chan->conn_state & L2CAP_CONN_RNR_SENT))
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]2985 goto done;
2986
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]2987 control = chan->buffer_seq << L2CAP_CTRL_REQSEQ_SHIFT;
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]2988 control |= L2CAP_SUPER_RCV_READY | L2CAP_CTRL_POLL;
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2989 l2cap_send_sframe(chan, control);
Gustavo F. Padovan6a026612011-04-01 00:38:50 -0300[diff] [blame]2990 chan->retry_count = 1;
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]2991
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]2992 del_timer(&chan->retrans_timer);
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]2993 __mod_monitor_timer();
2994
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2995 chan->conn_state |= L2CAP_CONN_WAIT_F;
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]2996
2997done:
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]2998 chan->conn_state &= ~L2CAP_CONN_LOCAL_BUSY;
2999 chan->conn_state &= ~L2CAP_CONN_RNR_SENT;
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]3000
Gustavo F. Padovan0e989582010-04-19 14:45:38 -0300[diff] [blame]3001 BT_DBG("sk %p, Exit local busy", sk);
3002
Gustavo F. Padovan712132e2010-06-21 19:39:50 -0300[diff] [blame]3003 return 0;
3004}
3005
3006static void l2cap_busy_work(struct work_struct *work)
3007{
3008 DECLARE_WAITQUEUE(wait, current);
3009 struct l2cap_pinfo *pi =
3010 container_of(work, struct l2cap_pinfo, busy_work);
3011 struct sock *sk = (struct sock *)pi;
3012 int n_tries = 0, timeo = HZ/5, err;
3013 struct sk_buff *skb;
3014
3015 lock_sock(sk);
3016
3017 add_wait_queue(sk_sleep(sk), &wait);
Gustavo F. Padovanf1c67752011-03-25 20:36:10 -0300[diff] [blame^]3018 while ((skb = skb_peek(&pi->chan->busy_q))) {
Gustavo F. Padovan712132e2010-06-21 19:39:50 -0300[diff] [blame]3019 set_current_state(TASK_INTERRUPTIBLE);
3020
3021 if (n_tries++ > L2CAP_LOCAL_BUSY_TRIES) {
3022 err = -EBUSY;
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]3023 l2cap_send_disconn_req(pi->conn, pi->chan, EBUSY);
Gustavo F. Padovan712132e2010-06-21 19:39:50 -0300[diff] [blame]3024 break;
3025 }
3026
3027 if (!timeo)
3028 timeo = HZ/5;
3029
3030 if (signal_pending(current)) {
3031 err = sock_intr_errno(timeo);
3032 break;
3033 }
3034
3035 release_sock(sk);
3036 timeo = schedule_timeout(timeo);
3037 lock_sock(sk);
3038
3039 err = sock_error(sk);
3040 if (err)
3041 break;
3042
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3043 if (l2cap_try_push_rx_skb(l2cap_pi(sk)->chan) == 0)
Gustavo F. Padovan712132e2010-06-21 19:39:50 -0300[diff] [blame]3044 break;
3045 }
3046
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]3047 set_current_state(TASK_RUNNING);
Marcel Holtmann2b0b05d2010-05-10 11:33:10 +0200[diff] [blame]3048 remove_wait_queue(sk_sleep(sk), &wait);
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]3049
3050 release_sock(sk);
3051}
3052
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3053static int l2cap_push_rx_skb(struct l2cap_chan *chan, struct sk_buff *skb, u16 control)
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]3054{
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3055 struct sock *sk = chan->sk;
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]3056 struct l2cap_pinfo *pi = l2cap_pi(sk);
3057 int sctrl, err;
3058
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3059 if (chan->conn_state & L2CAP_CONN_LOCAL_BUSY) {
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]3060 bt_cb(skb)->sar = control >> L2CAP_CTRL_SAR_SHIFT;
Gustavo F. Padovanf1c67752011-03-25 20:36:10 -0300[diff] [blame^]3061 __skb_queue_tail(&chan->busy_q, skb);
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3062 return l2cap_try_push_rx_skb(chan);
Gustavo F. Padovan712132e2010-06-21 19:39:50 -0300[diff] [blame]3063
3064
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]3065 }
3066
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3067 err = l2cap_ertm_reassembly_sdu(chan, skb, control);
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]3068 if (err >= 0) {
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]3069 chan->buffer_seq = (chan->buffer_seq + 1) % 64;
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]3070 return err;
3071 }
3072
3073 /* Busy Condition */
Gustavo F. Padovan0e989582010-04-19 14:45:38 -0300[diff] [blame]3074 BT_DBG("sk %p, Enter local busy", sk);
3075
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3076 chan->conn_state |= L2CAP_CONN_LOCAL_BUSY;
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]3077 bt_cb(skb)->sar = control >> L2CAP_CTRL_SAR_SHIFT;
Gustavo F. Padovanf1c67752011-03-25 20:36:10 -0300[diff] [blame^]3078 __skb_queue_tail(&chan->busy_q, skb);
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]3079
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]3080 sctrl = chan->buffer_seq << L2CAP_CTRL_REQSEQ_SHIFT;
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]3081 sctrl |= L2CAP_SUPER_RCV_NOT_READY;
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3082 l2cap_send_sframe(chan, sctrl);
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]3083
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3084 chan->conn_state |= L2CAP_CONN_RNR_SENT;
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]3085
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]3086 del_timer(&chan->ack_timer);
Gustavo F. Padovan7fe9b292010-05-12 18:32:04 -0300[diff] [blame]3087
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]3088 queue_work(_busy_wq, &pi->busy_work);
3089
3090 return err;
3091}
3092
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3093static int l2cap_streaming_reassembly_sdu(struct l2cap_chan *chan, struct sk_buff *skb, u16 control)
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]3094{
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3095 struct l2cap_pinfo *pi = l2cap_pi(chan->sk);
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]3096 struct sk_buff *_skb;
3097 int err = -EINVAL;
3098
Gustavo F. Padovan18778a62010-05-01 16:15:44 -0300[diff] [blame]3099 /*
3100 * TODO: We have to notify the userland if some data is lost with the
3101 * Streaming Mode.
3102 */
3103
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]3104 switch (control & L2CAP_CTRL_SAR) {
3105 case L2CAP_SDU_UNSEGMENTED:
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3106 if (chan->conn_state & L2CAP_CONN_SAR_SDU) {
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]3107 kfree_skb(chan->sdu);
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]3108 break;
3109 }
3110
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3111 err = sock_queue_rcv_skb(chan->sk, skb);
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]3112 if (!err)
3113 return 0;
3114
3115 break;
3116
3117 case L2CAP_SDU_START:
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3118 if (chan->conn_state & L2CAP_CONN_SAR_SDU) {
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]3119 kfree_skb(chan->sdu);
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]3120 break;
3121 }
3122
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]3123 chan->sdu_len = get_unaligned_le16(skb->data);
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]3124 skb_pull(skb, 2);
3125
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]3126 if (chan->sdu_len > pi->imtu) {
Gustavo F. Padovan052897c2010-05-01 16:15:40 -0300[diff] [blame]3127 err = -EMSGSIZE;
3128 break;
3129 }
3130
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]3131 chan->sdu = bt_skb_alloc(chan->sdu_len, GFP_ATOMIC);
3132 if (!chan->sdu) {
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]3133 err = -ENOMEM;
3134 break;
3135 }
3136
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]3137 memcpy(skb_put(chan->sdu, skb->len), skb->data, skb->len);
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]3138
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3139 chan->conn_state |= L2CAP_CONN_SAR_SDU;
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]3140 chan->partial_sdu_len = skb->len;
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]3141 err = 0;
3142 break;
3143
3144 case L2CAP_SDU_CONTINUE:
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3145 if (!(chan->conn_state & L2CAP_CONN_SAR_SDU))
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]3146 break;
3147
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]3148 memcpy(skb_put(chan->sdu, skb->len), skb->data, skb->len);
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]3149
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]3150 chan->partial_sdu_len += skb->len;
3151 if (chan->partial_sdu_len > chan->sdu_len)
3152 kfree_skb(chan->sdu);
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]3153 else
3154 err = 0;
3155
3156 break;
3157
3158 case L2CAP_SDU_END:
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3159 if (!(chan->conn_state & L2CAP_CONN_SAR_SDU))
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]3160 break;
3161
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]3162 memcpy(skb_put(chan->sdu, skb->len), skb->data, skb->len);
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]3163
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3164 chan->conn_state &= ~L2CAP_CONN_SAR_SDU;
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]3165 chan->partial_sdu_len += skb->len;
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]3166
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]3167 if (chan->partial_sdu_len > pi->imtu)
Gustavo F. Padovan36f2fd52010-05-01 16:15:37 -0300[diff] [blame]3168 goto drop;
3169
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]3170 if (chan->partial_sdu_len == chan->sdu_len) {
3171 _skb = skb_clone(chan->sdu, GFP_ATOMIC);
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3172 err = sock_queue_rcv_skb(chan->sk, _skb);
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]3173 if (err < 0)
3174 kfree_skb(_skb);
3175 }
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]3176 err = 0;
3177
Gustavo F. Padovan36f2fd52010-05-01 16:15:37 -0300[diff] [blame]3178drop:
Gustavo F. Padovan6f61fd472011-03-25 20:09:37 -0300[diff] [blame]3179 kfree_skb(chan->sdu);
Gustavo F. Padovanc74e5602009-08-20 22:25:58 -0300[diff] [blame]3180 break;
3181 }
3182
3183 kfree_skb(skb);
3184 return err;
3185}
3186
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3187static void l2cap_check_srej_gap(struct l2cap_chan *chan, u8 tx_seq)
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3188{
3189 struct sk_buff *skb;
Gustavo F. Padovanafefdbc2010-05-01 16:15:43 -0300[diff] [blame]3190 u16 control;
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3191
Gustavo F. Padovanf1c67752011-03-25 20:36:10 -0300[diff] [blame^]3192 while ((skb = skb_peek(&chan->srej_q))) {
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3193 if (bt_cb(skb)->tx_seq != tx_seq)
3194 break;
3195
Gustavo F. Padovanf1c67752011-03-25 20:36:10 -0300[diff] [blame^]3196 skb = skb_dequeue(&chan->srej_q);
Gustavo F. Padovanafefdbc2010-05-01 16:15:43 -0300[diff] [blame]3197 control = bt_cb(skb)->sar << L2CAP_CTRL_SAR_SHIFT;
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3198 l2cap_ertm_reassembly_sdu(chan, skb, control);
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]3199 chan->buffer_seq_srej =
3200 (chan->buffer_seq_srej + 1) % 64;
Gustavo F. Padovan8ff50ec2010-05-10 19:34:11 -0300[diff] [blame]3201 tx_seq = (tx_seq + 1) % 64;
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3202 }
3203}
3204
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3205static void l2cap_resend_srejframe(struct l2cap_chan *chan, u8 tx_seq)
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3206{
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3207 struct sock *sk = chan->sk;
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3208 struct srej_list *l, *tmp;
3209 u16 control;
3210
Gustavo F. Padovan59203a22010-05-01 16:15:43 -0300[diff] [blame]3211 list_for_each_entry_safe(l, tmp, SREJ_LIST(sk), list) {
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3212 if (l->tx_seq == tx_seq) {
3213 list_del(&l->list);
3214 kfree(l);
3215 return;
3216 }
3217 control = L2CAP_SUPER_SELECT_REJECT;
3218 control |= l->tx_seq << L2CAP_CTRL_REQSEQ_SHIFT;
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3219 l2cap_send_sframe(chan, control);
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3220 list_del(&l->list);
3221 list_add_tail(&l->list, SREJ_LIST(sk));
3222 }
3223}
3224
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3225static void l2cap_send_srejframe(struct l2cap_chan *chan, u8 tx_seq)
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3226{
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3227 struct sock *sk = chan->sk;
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3228 struct srej_list *new;
3229 u16 control;
3230
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]3231 while (tx_seq != chan->expected_tx_seq) {
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3232 control = L2CAP_SUPER_SELECT_REJECT;
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]3233 control |= chan->expected_tx_seq << L2CAP_CTRL_REQSEQ_SHIFT;
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3234 l2cap_send_sframe(chan, control);
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3235
3236 new = kzalloc(sizeof(struct srej_list), GFP_ATOMIC);
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]3237 new->tx_seq = chan->expected_tx_seq;
3238 chan->expected_tx_seq = (chan->expected_tx_seq + 1) % 64;
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3239 list_add_tail(&new->list, SREJ_LIST(sk));
3240 }
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]3241 chan->expected_tx_seq = (chan->expected_tx_seq + 1) % 64;
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3242}
3243
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3244static inline int l2cap_data_channel_iframe(struct l2cap_chan *chan, u16 rx_control, struct sk_buff *skb)
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]3245{
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3246 struct sock *sk = chan->sk;
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]3247 struct l2cap_pinfo *pi = l2cap_pi(sk);
3248 u8 tx_seq = __get_txseq(rx_control);
Gustavo F. Padovan9f121a52009-10-03 02:34:38 -0300[diff] [blame]3249 u8 req_seq = __get_reqseq(rx_control);
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3250 u8 sar = rx_control >> L2CAP_CTRL_SAR_SHIFT;
Gustavo F. Padovanf6337c72010-05-10 18:32:04 -0300[diff] [blame]3251 int tx_seq_offset, expected_tx_seq_offset;
Gustavo F. Padovan803020c2010-05-01 16:15:41 -0300[diff] [blame]3252 int num_to_ack = (pi->tx_win/6) + 1;
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]3253 int err = 0;
3254
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3255 BT_DBG("chan %p len %d tx_seq %d rx_control 0x%4.4x", chan, skb->len,
3256 tx_seq, rx_control);
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]3257
Gustavo F. Padovan9b16dc62010-05-05 20:05:57 -0300[diff] [blame]3258 if (L2CAP_CTRL_FINAL & rx_control &&
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3259 chan->conn_state & L2CAP_CONN_WAIT_F) {
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]3260 del_timer(&chan->monitor_timer);
Gustavo F. Padovan6a026612011-04-01 00:38:50 -0300[diff] [blame]3261 if (chan->unacked_frames > 0)
Gustavo F. Padovan1d8f5d12010-05-01 16:15:37 -0300[diff] [blame]3262 __mod_retrans_timer();
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3263 chan->conn_state &= ~L2CAP_CONN_WAIT_F;
Gustavo F. Padovan1d8f5d12010-05-01 16:15:37 -0300[diff] [blame]3264 }
3265
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]3266 chan->expected_ack_seq = req_seq;
3267 l2cap_drop_acked_frames(chan);
Gustavo F. Padovan9f121a52009-10-03 02:34:38 -0300[diff] [blame]3268
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]3269 if (tx_seq == chan->expected_tx_seq)
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3270 goto expected;
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]3271
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]3272 tx_seq_offset = (tx_seq - chan->buffer_seq) % 64;
João Paulo Rechi Vita9b533502010-05-01 16:15:44 -0300[diff] [blame]3273 if (tx_seq_offset < 0)
3274 tx_seq_offset += 64;
3275
3276 /* invalid tx_seq */
3277 if (tx_seq_offset >= pi->tx_win) {
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]3278 l2cap_send_disconn_req(pi->conn, chan, ECONNRESET);
João Paulo Rechi Vita9b533502010-05-01 16:15:44 -0300[diff] [blame]3279 goto drop;
3280 }
3281
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3282 if (chan->conn_state == L2CAP_CONN_LOCAL_BUSY)
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]3283 goto drop;
3284
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3285 if (chan->conn_state & L2CAP_CONN_SREJ_SENT) {
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3286 struct srej_list *first;
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]3287
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3288 first = list_first_entry(SREJ_LIST(sk),
3289 struct srej_list, list);
3290 if (tx_seq == first->tx_seq) {
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]3291 l2cap_add_to_srej_queue(chan, skb, tx_seq, sar);
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3292 l2cap_check_srej_gap(chan, tx_seq);
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3293
3294 list_del(&first->list);
3295 kfree(first);
3296
3297 if (list_empty(SREJ_LIST(sk))) {
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]3298 chan->buffer_seq = chan->buffer_seq_srej;
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3299 chan->conn_state &= ~L2CAP_CONN_SREJ_SENT;
3300 l2cap_send_ack(chan);
Gustavo F. Padovan0e989582010-04-19 14:45:38 -0300[diff] [blame]3301 BT_DBG("sk %p, Exit SREJ_SENT", sk);
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3302 }
3303 } else {
3304 struct srej_list *l;
João Paulo Rechi Vita9b533502010-05-01 16:15:44 -0300[diff] [blame]3305
3306 /* duplicated tx_seq */
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]3307 if (l2cap_add_to_srej_queue(chan, skb, tx_seq, sar) < 0)
João Paulo Rechi Vita9b533502010-05-01 16:15:44 -0300[diff] [blame]3308 goto drop;
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3309
3310 list_for_each_entry(l, SREJ_LIST(sk), list) {
3311 if (l->tx_seq == tx_seq) {
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3312 l2cap_resend_srejframe(chan, tx_seq);
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3313 return 0;
3314 }
3315 }
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3316 l2cap_send_srejframe(chan, tx_seq);
Gustavo F. Padovan30afb5b2009-08-20 22:25:59 -0300[diff] [blame]3317 }
3318 } else {
João Paulo Rechi Vita9b533502010-05-01 16:15:44 -0300[diff] [blame]3319 expected_tx_seq_offset =
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]3320 (chan->expected_tx_seq - chan->buffer_seq) % 64;
João Paulo Rechi Vita9b533502010-05-01 16:15:44 -0300[diff] [blame]3321 if (expected_tx_seq_offset < 0)
3322 expected_tx_seq_offset += 64;
3323
3324 /* duplicated tx_seq */
3325 if (tx_seq_offset < expected_tx_seq_offset)
3326 goto drop;
3327
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3328 chan->conn_state |= L2CAP_CONN_SREJ_SENT;
Gustavo F. Padovan30afb5b2009-08-20 22:25:59 -0300[diff] [blame]3329
Gustavo F. Padovan0e989582010-04-19 14:45:38 -0300[diff] [blame]3330 BT_DBG("sk %p, Enter SREJ", sk);
3331
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3332 INIT_LIST_HEAD(SREJ_LIST(sk));
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]3333 chan->buffer_seq_srej = chan->buffer_seq;
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3334
Gustavo F. Padovanf1c67752011-03-25 20:36:10 -0300[diff] [blame^]3335 __skb_queue_head_init(&chan->srej_q);
3336 __skb_queue_head_init(&chan->busy_q);
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]3337 l2cap_add_to_srej_queue(chan, skb, tx_seq, sar);
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3338
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3339 chan->conn_state |= L2CAP_CONN_SEND_PBIT;
Gustavo F. Padovanef54fd92009-08-20 22:26:04 -0300[diff] [blame]3340
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3341 l2cap_send_srejframe(chan, tx_seq);
Gustavo F. Padovan7fe9b292010-05-12 18:32:04 -0300[diff] [blame]3342
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]3343 del_timer(&chan->ack_timer);
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]3344 }
Gustavo F. Padovan30afb5b2009-08-20 22:25:59 -0300[diff] [blame]3345 return 0;
3346
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3347expected:
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]3348 chan->expected_tx_seq = (chan->expected_tx_seq + 1) % 64;
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3349
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3350 if (chan->conn_state & L2CAP_CONN_SREJ_SENT) {
Gustavo F. Padovan3b1a9f32010-05-01 16:15:42 -0300[diff] [blame]3351 bt_cb(skb)->tx_seq = tx_seq;
3352 bt_cb(skb)->sar = sar;
Gustavo F. Padovanf1c67752011-03-25 20:36:10 -0300[diff] [blame^]3353 __skb_queue_tail(&chan->srej_q, skb);
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3354 return 0;
3355 }
3356
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3357 err = l2cap_push_rx_skb(chan, skb, rx_control);
Gustavo F. Padovan2ece3682010-06-16 17:21:44 -0300[diff] [blame]3358 if (err < 0)
3359 return 0;
3360
Gustavo F. Padovan4ec10d92009-10-03 02:34:39 -0300[diff] [blame]3361 if (rx_control & L2CAP_CTRL_FINAL) {
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3362 if (chan->conn_state & L2CAP_CONN_REJ_ACT)
3363 chan->conn_state &= ~L2CAP_CONN_REJ_ACT;
Gustavo F. Padovandfc909b2010-05-01 16:15:45 -0300[diff] [blame]3364 else
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3365 l2cap_retransmit_frames(chan);
Gustavo F. Padovan4ec10d92009-10-03 02:34:39 -0300[diff] [blame]3366 }
3367
Gustavo F. Padovanc1b4f432010-05-01 16:15:39 -0300[diff] [blame]3368 __mod_ack_timer();
3369
Gustavo F. Padovan6a026612011-04-01 00:38:50 -0300[diff] [blame]3370 chan->num_acked = (chan->num_acked + 1) % num_to_ack;
3371 if (chan->num_acked == num_to_ack - 1)
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3372 l2cap_send_ack(chan);
Gustavo F. Padovan9e917af2010-05-01 16:15:37 -0300[diff] [blame]3373
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3374 return 0;
João Paulo Rechi Vita9b533502010-05-01 16:15:44 -0300[diff] [blame]3375
3376drop:
3377 kfree_skb(skb);
3378 return 0;
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]3379}
3380
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3381static inline void l2cap_data_channel_rrframe(struct l2cap_chan *chan, u16 rx_control)
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]3382{
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3383 struct sock *sk = chan->sk;
Gustavo F. Padovan6e3a5982010-05-01 16:15:38 -0300[diff] [blame]3384
Gustavo F. Padovan0e989582010-04-19 14:45:38 -0300[diff] [blame]3385 BT_DBG("sk %p, req_seq %d ctrl 0x%4.4x", sk, __get_reqseq(rx_control),
3386 rx_control);
3387
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]3388 chan->expected_ack_seq = __get_reqseq(rx_control);
3389 l2cap_drop_acked_frames(chan);
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]3390
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3391 if (rx_control & L2CAP_CTRL_POLL) {
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3392 chan->conn_state |= L2CAP_CONN_SEND_FBIT;
3393 if (chan->conn_state & L2CAP_CONN_SREJ_SENT) {
3394 if ((chan->conn_state & L2CAP_CONN_REMOTE_BUSY) &&
Gustavo F. Padovan6a026612011-04-01 00:38:50 -0300[diff] [blame]3395 (chan->unacked_frames > 0))
Gustavo F. Padovan05fbd892010-05-01 16:15:39 -0300[diff] [blame]3396 __mod_retrans_timer();
3397
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3398 chan->conn_state &= ~L2CAP_CONN_REMOTE_BUSY;
3399 l2cap_send_srejtail(chan);
Gustavo F. Padovan05fbd892010-05-01 16:15:39 -0300[diff] [blame]3400 } else {
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3401 l2cap_send_i_or_rr_or_rnr(chan);
Gustavo F. Padovan05fbd892010-05-01 16:15:39 -0300[diff] [blame]3402 }
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3403
3404 } else if (rx_control & L2CAP_CTRL_FINAL) {
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3405 chan->conn_state &= ~L2CAP_CONN_REMOTE_BUSY;
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3406
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3407 if (chan->conn_state & L2CAP_CONN_REJ_ACT)
3408 chan->conn_state &= ~L2CAP_CONN_REJ_ACT;
Gustavo F. Padovandfc909b2010-05-01 16:15:45 -0300[diff] [blame]3409 else
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3410 l2cap_retransmit_frames(chan);
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3411
3412 } else {
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3413 if ((chan->conn_state & L2CAP_CONN_REMOTE_BUSY) &&
Gustavo F. Padovan6a026612011-04-01 00:38:50 -0300[diff] [blame]3414 (chan->unacked_frames > 0))
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3415 __mod_retrans_timer();
3416
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3417 chan->conn_state &= ~L2CAP_CONN_REMOTE_BUSY;
3418 if (chan->conn_state & L2CAP_CONN_SREJ_SENT)
3419 l2cap_send_ack(chan);
Andrei Emeltchenko894718a2010-12-01 16:58:24 +0200[diff] [blame]3420 else
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3421 l2cap_ertm_send(chan);
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3422 }
3423}
3424
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3425static inline void l2cap_data_channel_rejframe(struct l2cap_chan *chan, u16 rx_control)
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3426{
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3427 u8 tx_seq = __get_reqseq(rx_control);
3428
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3429 BT_DBG("chan %p, req_seq %d ctrl 0x%4.4x", chan, tx_seq, rx_control);
Gustavo F. Padovan0e989582010-04-19 14:45:38 -0300[diff] [blame]3430
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3431 chan->conn_state &= ~L2CAP_CONN_REMOTE_BUSY;
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3432
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]3433 chan->expected_ack_seq = tx_seq;
3434 l2cap_drop_acked_frames(chan);
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3435
3436 if (rx_control & L2CAP_CTRL_FINAL) {
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3437 if (chan->conn_state & L2CAP_CONN_REJ_ACT)
3438 chan->conn_state &= ~L2CAP_CONN_REJ_ACT;
Gustavo F. Padovandfc909b2010-05-01 16:15:45 -0300[diff] [blame]3439 else
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3440 l2cap_retransmit_frames(chan);
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3441 } else {
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3442 l2cap_retransmit_frames(chan);
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3443
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3444 if (chan->conn_state & L2CAP_CONN_WAIT_F)
3445 chan->conn_state |= L2CAP_CONN_REJ_ACT;
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3446 }
3447}
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3448static inline void l2cap_data_channel_srejframe(struct l2cap_chan *chan, u16 rx_control)
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3449{
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3450 u8 tx_seq = __get_reqseq(rx_control);
3451
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3452 BT_DBG("chan %p, req_seq %d ctrl 0x%4.4x", chan, tx_seq, rx_control);
Gustavo F. Padovan0e989582010-04-19 14:45:38 -0300[diff] [blame]3453
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3454 chan->conn_state &= ~L2CAP_CONN_REMOTE_BUSY;
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3455
3456 if (rx_control & L2CAP_CTRL_POLL) {
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]3457 chan->expected_ack_seq = tx_seq;
3458 l2cap_drop_acked_frames(chan);
Gustavo F. Padovan3cb123d2010-05-29 02:24:35 -0300[diff] [blame]3459
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3460 chan->conn_state |= L2CAP_CONN_SEND_FBIT;
3461 l2cap_retransmit_one_frame(chan, tx_seq);
Gustavo F. Padovandfc909b2010-05-01 16:15:45 -0300[diff] [blame]3462
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3463 l2cap_ertm_send(chan);
Gustavo F. Padovandfc909b2010-05-01 16:15:45 -0300[diff] [blame]3464
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3465 if (chan->conn_state & L2CAP_CONN_WAIT_F) {
Gustavo F. Padovan6a026612011-04-01 00:38:50 -0300[diff] [blame]3466 chan->srej_save_reqseq = tx_seq;
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3467 chan->conn_state |= L2CAP_CONN_SREJ_ACT;
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3468 }
3469 } else if (rx_control & L2CAP_CTRL_FINAL) {
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3470 if ((chan->conn_state & L2CAP_CONN_SREJ_ACT) &&
Gustavo F. Padovan6a026612011-04-01 00:38:50 -0300[diff] [blame]3471 chan->srej_save_reqseq == tx_seq)
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3472 chan->conn_state &= ~L2CAP_CONN_SREJ_ACT;
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3473 else
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3474 l2cap_retransmit_one_frame(chan, tx_seq);
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3475 } else {
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3476 l2cap_retransmit_one_frame(chan, tx_seq);
3477 if (chan->conn_state & L2CAP_CONN_WAIT_F) {
Gustavo F. Padovan6a026612011-04-01 00:38:50 -0300[diff] [blame]3478 chan->srej_save_reqseq = tx_seq;
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3479 chan->conn_state |= L2CAP_CONN_SREJ_ACT;
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3480 }
3481 }
3482}
3483
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3484static inline void l2cap_data_channel_rnrframe(struct l2cap_chan *chan, u16 rx_control)
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3485{
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3486 u8 tx_seq = __get_reqseq(rx_control);
3487
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3488 BT_DBG("chan %p, req_seq %d ctrl 0x%4.4x", chan, tx_seq, rx_control);
Gustavo F. Padovan0e989582010-04-19 14:45:38 -0300[diff] [blame]3489
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3490 chan->conn_state |= L2CAP_CONN_REMOTE_BUSY;
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]3491 chan->expected_ack_seq = tx_seq;
3492 l2cap_drop_acked_frames(chan);
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3493
Gustavo F. Padovan3cb123d2010-05-29 02:24:35 -0300[diff] [blame]3494 if (rx_control & L2CAP_CTRL_POLL)
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3495 chan->conn_state |= L2CAP_CONN_SEND_FBIT;
Gustavo F. Padovan3cb123d2010-05-29 02:24:35 -0300[diff] [blame]3496
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3497 if (!(chan->conn_state & L2CAP_CONN_SREJ_SENT)) {
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]3498 del_timer(&chan->retrans_timer);
Gustavo F. Padovana2e12a22010-05-05 19:58:27 -0300[diff] [blame]3499 if (rx_control & L2CAP_CTRL_POLL)
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3500 l2cap_send_rr_or_rnr(chan, L2CAP_CTRL_FINAL);
Gustavo F. Padovan99b0d4b2010-05-01 16:15:38 -0300[diff] [blame]3501 return;
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3502 }
Gustavo F. Padovan99b0d4b2010-05-01 16:15:38 -0300[diff] [blame]3503
3504 if (rx_control & L2CAP_CTRL_POLL)
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3505 l2cap_send_srejtail(chan);
Gustavo F. Padovan99b0d4b2010-05-01 16:15:38 -0300[diff] [blame]3506 else
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3507 l2cap_send_sframe(chan, L2CAP_SUPER_RCV_READY);
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3508}
3509
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3510static inline int l2cap_data_channel_sframe(struct l2cap_chan *chan, u16 rx_control, struct sk_buff *skb)
Gustavo F. Padovane0727452010-05-01 16:15:38 -0300[diff] [blame]3511{
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3512 BT_DBG("chan %p rx_control 0x%4.4x len %d", chan, rx_control, skb->len);
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]3513
Gustavo F. Padovan9b16dc62010-05-05 20:05:57 -0300[diff] [blame]3514 if (L2CAP_CTRL_FINAL & rx_control &&
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3515 chan->conn_state & L2CAP_CONN_WAIT_F) {
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]3516 del_timer(&chan->monitor_timer);
Gustavo F. Padovan6a026612011-04-01 00:38:50 -0300[diff] [blame]3517 if (chan->unacked_frames > 0)
Gustavo F. Padovan1d8f5d12010-05-01 16:15:37 -0300[diff] [blame]3518 __mod_retrans_timer();
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3519 chan->conn_state &= ~L2CAP_CONN_WAIT_F;
Gustavo F. Padovan1d8f5d12010-05-01 16:15:37 -0300[diff] [blame]3520 }
3521
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]3522 switch (rx_control & L2CAP_CTRL_SUPERVISE) {
3523 case L2CAP_SUPER_RCV_READY:
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3524 l2cap_data_channel_rrframe(chan, rx_control);
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]3525 break;
3526
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]3527 case L2CAP_SUPER_REJECT:
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3528 l2cap_data_channel_rejframe(chan, rx_control);
Gustavo F. Padovan30afb5b2009-08-20 22:25:59 -0300[diff] [blame]3529 break;
3530
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]3531 case L2CAP_SUPER_SELECT_REJECT:
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3532 l2cap_data_channel_srejframe(chan, rx_control);
Gustavo F. Padovan8f171542009-08-20 22:26:03 -0300[diff] [blame]3533 break;
3534
3535 case L2CAP_SUPER_RCV_NOT_READY:
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3536 l2cap_data_channel_rnrframe(chan, rx_control);
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]3537 break;
3538 }
3539
Gustavo F. Padovanfaaebd12010-05-01 16:15:35 -0300[diff] [blame]3540 kfree_skb(skb);
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]3541 return 0;
3542}
3543
Gustavo F. Padovan218bb9d2010-06-21 18:53:22 -0300[diff] [blame]3544static int l2cap_ertm_data_rcv(struct sock *sk, struct sk_buff *skb)
3545{
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3546 struct l2cap_chan *chan = l2cap_pi(sk)->chan;
Gustavo F. Padovan218bb9d2010-06-21 18:53:22 -0300[diff] [blame]3547 struct l2cap_pinfo *pi = l2cap_pi(sk);
3548 u16 control;
3549 u8 req_seq;
3550 int len, next_tx_seq_offset, req_seq_offset;
3551
3552 control = get_unaligned_le16(skb->data);
3553 skb_pull(skb, 2);
3554 len = skb->len;
3555
3556 /*
3557 * We can just drop the corrupted I-frame here.
3558 * Receiver will miss it and start proper recovery
3559 * procedures and ask retransmission.
3560 */
3561 if (l2cap_check_fcs(pi, skb))
3562 goto drop;
3563
3564 if (__is_sar_start(control) && __is_iframe(control))
3565 len -= 2;
3566
3567 if (pi->fcs == L2CAP_FCS_CRC16)
3568 len -= 2;
3569
3570 if (len > pi->mps) {
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]3571 l2cap_send_disconn_req(pi->conn, chan, ECONNRESET);
Gustavo F. Padovan218bb9d2010-06-21 18:53:22 -0300[diff] [blame]3572 goto drop;
3573 }
3574
3575 req_seq = __get_reqseq(control);
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]3576 req_seq_offset = (req_seq - chan->expected_ack_seq) % 64;
Gustavo F. Padovan218bb9d2010-06-21 18:53:22 -0300[diff] [blame]3577 if (req_seq_offset < 0)
3578 req_seq_offset += 64;
3579
3580 next_tx_seq_offset =
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]3581 (chan->next_tx_seq - chan->expected_ack_seq) % 64;
Gustavo F. Padovan218bb9d2010-06-21 18:53:22 -0300[diff] [blame]3582 if (next_tx_seq_offset < 0)
3583 next_tx_seq_offset += 64;
3584
3585 /* check for invalid req-seq */
3586 if (req_seq_offset > next_tx_seq_offset) {
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]3587 l2cap_send_disconn_req(pi->conn, chan, ECONNRESET);
Gustavo F. Padovan218bb9d2010-06-21 18:53:22 -0300[diff] [blame]3588 goto drop;
3589 }
3590
3591 if (__is_iframe(control)) {
3592 if (len < 0) {
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]3593 l2cap_send_disconn_req(pi->conn, chan, ECONNRESET);
Gustavo F. Padovan218bb9d2010-06-21 18:53:22 -0300[diff] [blame]3594 goto drop;
3595 }
3596
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3597 l2cap_data_channel_iframe(chan, control, skb);
Gustavo F. Padovan218bb9d2010-06-21 18:53:22 -0300[diff] [blame]3598 } else {
3599 if (len != 0) {
3600 BT_ERR("%d", len);
Gustavo F. Padovane92c8e72011-04-01 00:53:45 -0300[diff] [blame]3601 l2cap_send_disconn_req(pi->conn, chan, ECONNRESET);
Gustavo F. Padovan218bb9d2010-06-21 18:53:22 -0300[diff] [blame]3602 goto drop;
3603 }
3604
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3605 l2cap_data_channel_sframe(chan, control, skb);
Gustavo F. Padovan218bb9d2010-06-21 18:53:22 -0300[diff] [blame]3606 }
3607
3608 return 0;
3609
3610drop:
3611 kfree_skb(skb);
3612 return 0;
3613}
3614
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3615static inline int l2cap_data_channel(struct l2cap_conn *conn, u16 cid, struct sk_buff *skb)
3616{
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]3617 struct l2cap_chan *chan;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3618 struct sock *sk;
Gustavo F. Padovan6840ed02009-08-20 22:26:01 -0300[diff] [blame]3619 struct l2cap_pinfo *pi;
Nathan Holstein51893f82010-06-09 15:46:25 -0400[diff] [blame]3620 u16 control;
Gustavo F. Padovan218bb9d2010-06-21 18:53:22 -0300[diff] [blame]3621 u8 tx_seq;
3622 int len;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3623
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]3624 chan = l2cap_get_chan_by_scid(conn, cid);
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]3625 if (!chan) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3626 BT_DBG("unknown cid 0x%4.4x", cid);
3627 goto drop;
3628 }
3629
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]3630 sk = chan->sk;
Gustavo F. Padovan6840ed02009-08-20 22:26:01 -0300[diff] [blame]3631 pi = l2cap_pi(sk);
3632
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3633 BT_DBG("sk %p, len %d", sk, skb->len);
3634
3635 if (sk->sk_state != BT_CONNECTED)
3636 goto drop;
3637
Gustavo F. Padovan6840ed02009-08-20 22:26:01 -0300[diff] [blame]3638 switch (pi->mode) {
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]3639 case L2CAP_MODE_BASIC:
3640 /* If socket recv buffers overflows we drop data here
3641 * which is *bad* because L2CAP has to be reliable.
3642 * But we don't have any other choice. L2CAP doesn't
3643 * provide flow control mechanism. */
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3644
Gustavo F. Padovan6840ed02009-08-20 22:26:01 -0300[diff] [blame]3645 if (pi->imtu < skb->len)
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]3646 goto drop;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3647
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]3648 if (!sock_queue_rcv_skb(sk, skb))
3649 goto done;
3650 break;
3651
3652 case L2CAP_MODE_ERTM:
Gustavo F. Padovan218bb9d2010-06-21 18:53:22 -0300[diff] [blame]3653 if (!sock_owned_by_user(sk)) {
3654 l2cap_ertm_data_rcv(sk, skb);
Gustavo F. Padovan277ffbe2010-05-01 16:15:37 -0300[diff] [blame]3655 } else {
Gustavo F. Padovan218bb9d2010-06-21 18:53:22 -0300[diff] [blame]3656 if (sk_add_backlog(sk, skb))
Gustavo F. Padovan277ffbe2010-05-01 16:15:37 -0300[diff] [blame]3657 goto drop;
Gustavo F. Padovan277ffbe2010-05-01 16:15:37 -0300[diff] [blame]3658 }
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]3659
Andrei Emeltchenkofcafde22009-12-22 15:58:08 +0200[diff] [blame]3660 goto done;
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]3661
Gustavo F. Padovan6840ed02009-08-20 22:26:01 -0300[diff] [blame]3662 case L2CAP_MODE_STREAMING:
3663 control = get_unaligned_le16(skb->data);
3664 skb_pull(skb, 2);
3665 len = skb->len;
3666
Gustavo F. Padovan26000082010-05-11 22:02:00 -0300[diff] [blame]3667 if (l2cap_check_fcs(pi, skb))
3668 goto drop;
3669
Gustavo F. Padovan6840ed02009-08-20 22:26:01 -0300[diff] [blame]3670 if (__is_sar_start(control))
3671 len -= 2;
3672
Gustavo F. Padovanfcc203c2009-08-20 22:26:02 -0300[diff] [blame]3673 if (pi->fcs == L2CAP_FCS_CRC16)
3674 len -= 2;
3675
Nathan Holstein51893f82010-06-09 15:46:25 -0400[diff] [blame]3676 if (len > pi->mps || len < 0 || __is_sframe(control))
Gustavo F. Padovan6840ed02009-08-20 22:26:01 -0300[diff] [blame]3677 goto drop;
3678
3679 tx_seq = __get_txseq(control);
3680
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]3681 if (chan->expected_tx_seq == tx_seq)
3682 chan->expected_tx_seq = (chan->expected_tx_seq + 1) % 64;
Gustavo F. Padovan6840ed02009-08-20 22:26:01 -0300[diff] [blame]3683 else
Gustavo F. Padovan42e5c802011-03-25 19:58:34 -0300[diff] [blame]3684 chan->expected_tx_seq = (tx_seq + 1) % 64;
Gustavo F. Padovan6840ed02009-08-20 22:26:01 -0300[diff] [blame]3685
Gustavo F. Padovan525cd182011-03-25 19:43:39 -0300[diff] [blame]3686 l2cap_streaming_reassembly_sdu(chan, skb, control);
Gustavo F. Padovan6840ed02009-08-20 22:26:01 -0300[diff] [blame]3687
3688 goto done;
3689
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]3690 default:
Gustavo F. Padovane8235c62010-05-01 16:15:36 -0300[diff] [blame]3691 BT_DBG("sk %p: bad mode 0x%2.2x", sk, pi->mode);
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]3692 break;
3693 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3694
3695drop:
3696 kfree_skb(skb);
3697
3698done:
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]3699 if (sk)
3700 bh_unlock_sock(sk);
3701
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3702 return 0;
3703}
3704
Al Viro8e036fc2007-07-29 00:16:36 -0700[diff] [blame]3705static inline int l2cap_conless_channel(struct l2cap_conn *conn, __le16 psm, struct sk_buff *skb)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3706{
3707 struct sock *sk;
3708
3709 sk = l2cap_get_sock_by_psm(0, psm, conn->src);
3710 if (!sk)
3711 goto drop;
3712
Gustavo F. Padovane0f0cb52010-11-01 18:43:53 +0000[diff] [blame]3713 bh_lock_sock(sk);
3714
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3715 BT_DBG("sk %p, len %d", sk, skb->len);
3716
3717 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_CONNECTED)
3718 goto drop;
3719
3720 if (l2cap_pi(sk)->imtu < skb->len)
3721 goto drop;
3722
3723 if (!sock_queue_rcv_skb(sk, skb))
3724 goto done;
3725
3726drop:
3727 kfree_skb(skb);
3728
3729done:
Gustavo F. Padovanaf05b30b2009-04-20 01:31:08 -0300[diff] [blame]3730 if (sk)
3731 bh_unlock_sock(sk);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3732 return 0;
3733}
3734
3735static void l2cap_recv_frame(struct l2cap_conn *conn, struct sk_buff *skb)
3736{
3737 struct l2cap_hdr *lh = (void *) skb->data;
Al Viro8e036fc2007-07-29 00:16:36 -0700[diff] [blame]3738 u16 cid, len;
3739 __le16 psm;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3740
3741 skb_pull(skb, L2CAP_HDR_SIZE);
3742 cid = __le16_to_cpu(lh->cid);
3743 len = __le16_to_cpu(lh->len);
3744
Gustavo F. Padovan1c2acff2009-08-20 22:25:57 -0300[diff] [blame]3745 if (len != skb->len) {
3746 kfree_skb(skb);
3747 return;
3748 }
3749
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3750 BT_DBG("len %d, cid 0x%4.4x", len, cid);
3751
3752 switch (cid) {
Claudio Takahasi3300d9a2011-02-11 19:28:54 -0200[diff] [blame]3753 case L2CAP_CID_LE_SIGNALING:
Gustavo F. Padovan8db4dc42009-04-20 01:31:05 -0300[diff] [blame]3754 case L2CAP_CID_SIGNALING:
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3755 l2cap_sig_channel(conn, skb);
3756 break;
3757
Gustavo F. Padovan8db4dc42009-04-20 01:31:05 -0300[diff] [blame]3758 case L2CAP_CID_CONN_LESS:
Gustavo F. Padovan1b7bf4e2009-08-24 00:45:20 -0300[diff] [blame]3759 psm = get_unaligned_le16(skb->data);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3760 skb_pull(skb, 2);
3761 l2cap_conless_channel(conn, psm, skb);
3762 break;
3763
3764 default:
3765 l2cap_data_channel(conn, cid, skb);
3766 break;
3767 }
3768}
3769
3770/* ---- L2CAP interface with lower layer (HCI) ---- */
3771
3772static int l2cap_connect_ind(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type)
3773{
3774 int exact = 0, lm1 = 0, lm2 = 0;
3775 register struct sock *sk;
3776 struct hlist_node *node;
3777
3778 if (type != ACL_LINK)
João Paulo Rechi Vita963cf682010-06-22 13:56:28 -0300[diff] [blame]3779 return -EINVAL;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3780
3781 BT_DBG("hdev %s, bdaddr %s", hdev->name, batostr(bdaddr));
3782
3783 /* Find listening sockets and check their link_mode */
3784 read_lock(&l2cap_sk_list.lock);
3785 sk_for_each(sk, node, &l2cap_sk_list.head) {
3786 if (sk->sk_state != BT_LISTEN)
3787 continue;
3788
3789 if (!bacmp(&bt_sk(sk)->src, &hdev->bdaddr)) {
Marcel Holtmann2af6b9d2009-01-15 21:58:38 +0100[diff] [blame]3790 lm1 |= HCI_LM_ACCEPT;
3791 if (l2cap_pi(sk)->role_switch)
3792 lm1 |= HCI_LM_MASTER;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3793 exact++;
Marcel Holtmann2af6b9d2009-01-15 21:58:38 +0100[diff] [blame]3794 } else if (!bacmp(&bt_sk(sk)->src, BDADDR_ANY)) {
3795 lm2 |= HCI_LM_ACCEPT;
3796 if (l2cap_pi(sk)->role_switch)
3797 lm2 |= HCI_LM_MASTER;
3798 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3799 }
3800 read_unlock(&l2cap_sk_list.lock);
3801
3802 return exact ? lm1 : lm2;
3803}
3804
3805static int l2cap_connect_cfm(struct hci_conn *hcon, u8 status)
3806{
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]3807 struct l2cap_conn *conn;
3808
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3809 BT_DBG("hcon %p bdaddr %s status %d", hcon, batostr(&hcon->dst), status);
3810
Ville Tervoacd7d372011-02-10 22:38:49 -0300[diff] [blame]3811 if (!(hcon->type == ACL_LINK || hcon->type == LE_LINK))
João Paulo Rechi Vita963cf682010-06-22 13:56:28 -0300[diff] [blame]3812 return -EINVAL;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3813
3814 if (!status) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3815 conn = l2cap_conn_add(hcon, status);
3816 if (conn)
3817 l2cap_conn_ready(conn);
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]3818 } else
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3819 l2cap_conn_del(hcon, bt_err(status));
3820
3821 return 0;
3822}
3823
Marcel Holtmann2950f212009-02-12 14:02:50 +0100[diff] [blame]3824static int l2cap_disconn_ind(struct hci_conn *hcon)
3825{
3826 struct l2cap_conn *conn = hcon->l2cap_data;
3827
3828 BT_DBG("hcon %p", hcon);
3829
3830 if (hcon->type != ACL_LINK || !conn)
3831 return 0x13;
3832
3833 return conn->disc_reason;
3834}
3835
3836static int l2cap_disconn_cfm(struct hci_conn *hcon, u8 reason)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3837{
3838 BT_DBG("hcon %p reason %d", hcon, reason);
3839
Ville Tervoacd7d372011-02-10 22:38:49 -0300[diff] [blame]3840 if (!(hcon->type == ACL_LINK || hcon->type == LE_LINK))
João Paulo Rechi Vita963cf682010-06-22 13:56:28 -0300[diff] [blame]3841 return -EINVAL;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3842
3843 l2cap_conn_del(hcon, bt_err(reason));
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]3844
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3845 return 0;
3846}
3847
Marcel Holtmannf62e4322009-01-15 21:58:44 +0100[diff] [blame]3848static inline void l2cap_check_encryption(struct sock *sk, u8 encrypt)
3849{
Gustavo F. Padovanbd3c9e22010-05-01 16:15:42 -0300[diff] [blame]3850 if (sk->sk_type != SOCK_SEQPACKET && sk->sk_type != SOCK_STREAM)
Marcel Holtmann255c7602009-02-04 21:07:19 +0100[diff] [blame]3851 return;
3852
Marcel Holtmannf62e4322009-01-15 21:58:44 +0100[diff] [blame]3853 if (encrypt == 0x00) {
3854 if (l2cap_pi(sk)->sec_level == BT_SECURITY_MEDIUM) {
3855 l2cap_sock_clear_timer(sk);
3856 l2cap_sock_set_timer(sk, HZ * 5);
3857 } else if (l2cap_pi(sk)->sec_level == BT_SECURITY_HIGH)
3858 __l2cap_sock_close(sk, ECONNREFUSED);
3859 } else {
3860 if (l2cap_pi(sk)->sec_level == BT_SECURITY_MEDIUM)
3861 l2cap_sock_clear_timer(sk);
3862 }
3863}
3864
Marcel Holtmann8c1b2352009-01-15 21:58:04 +0100[diff] [blame]3865static int l2cap_security_cfm(struct hci_conn *hcon, u8 status, u8 encrypt)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3866{
Marcel Holtmann40be4922008-07-14 20:13:50 +0200[diff] [blame]3867 struct l2cap_conn *conn = hcon->l2cap_data;
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]3868 struct l2cap_chan *chan;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3869
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]3870 if (!conn)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3871 return 0;
Marcel Holtmann01394182006-07-03 10:02:46 +0200[diff] [blame]3872
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3873 BT_DBG("conn %p", conn);
3874
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]3875 read_lock(&conn->chan_lock);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3876
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]3877 list_for_each_entry(chan, &conn->chan_l, list) {
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]3878 struct sock *sk = chan->sk;
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]3879
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3880 bh_lock_sock(sk);
3881
Marcel Holtmann6a8d3012009-02-06 23:56:36 +0100[diff] [blame]3882 if (l2cap_pi(sk)->conf_state & L2CAP_CONF_CONNECT_PEND) {
3883 bh_unlock_sock(sk);
3884 continue;
3885 }
3886
Marcel Holtmannf62e4322009-01-15 21:58:44 +0100[diff] [blame]3887 if (!status && (sk->sk_state == BT_CONNECTED ||
Marcel Holtmann8c1b2352009-01-15 21:58:04 +0100[diff] [blame]3888 sk->sk_state == BT_CONFIG)) {
Marcel Holtmannf62e4322009-01-15 21:58:44 +0100[diff] [blame]3889 l2cap_check_encryption(sk, encrypt);
Marcel Holtmann9719f8a2008-07-14 20:13:45 +0200[diff] [blame]3890 bh_unlock_sock(sk);
3891 continue;
3892 }
3893
Marcel Holtmannb1235d72008-07-14 20:13:54 +0200[diff] [blame]3894 if (sk->sk_state == BT_CONNECT) {
3895 if (!status) {
3896 struct l2cap_conn_req req;
3897 req.scid = cpu_to_le16(l2cap_pi(sk)->scid);
3898 req.psm = l2cap_pi(sk)->psm;
3899
Gustavo F. Padovanfc7f8a72011-03-25 13:59:37 -0300[diff] [blame]3900 chan->ident = l2cap_get_ident(conn);
Andrei Emeltchenkoe501d052010-07-08 12:14:41 +0300[diff] [blame]3901 l2cap_pi(sk)->conf_state |= L2CAP_CONF_CONNECT_PEND;
Marcel Holtmannb1235d72008-07-14 20:13:54 +0200[diff] [blame]3902
Gustavo F. Padovanfc7f8a72011-03-25 13:59:37 -0300[diff] [blame]3903 l2cap_send_cmd(conn, chan->ident,
Marcel Holtmannb1235d72008-07-14 20:13:54 +0200[diff] [blame]3904 L2CAP_CONN_REQ, sizeof(req), &req);
3905 } else {
3906 l2cap_sock_clear_timer(sk);
3907 l2cap_sock_set_timer(sk, HZ / 10);
3908 }
3909 } else if (sk->sk_state == BT_CONNECT2) {
3910 struct l2cap_conn_rsp rsp;
3911 __u16 result;
3912
3913 if (!status) {
3914 sk->sk_state = BT_CONFIG;
3915 result = L2CAP_CR_SUCCESS;
3916 } else {
3917 sk->sk_state = BT_DISCONN;
3918 l2cap_sock_set_timer(sk, HZ / 10);
3919 result = L2CAP_CR_SEC_BLOCK;
3920 }
3921
3922 rsp.scid = cpu_to_le16(l2cap_pi(sk)->dcid);
3923 rsp.dcid = cpu_to_le16(l2cap_pi(sk)->scid);
3924 rsp.result = cpu_to_le16(result);
Marcel Holtmanne7c29cb2008-09-09 07:19:20 +0200[diff] [blame]3925 rsp.status = cpu_to_le16(L2CAP_CS_NO_INFO);
Gustavo F. Padovanfc7f8a72011-03-25 13:59:37 -0300[diff] [blame]3926 l2cap_send_cmd(conn, chan->ident, L2CAP_CONN_RSP,
3927 sizeof(rsp), &rsp);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3928 }
3929
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3930 bh_unlock_sock(sk);
3931 }
3932
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]3933 read_unlock(&conn->chan_lock);
Marcel Holtmannb1235d72008-07-14 20:13:54 +0200[diff] [blame]3934
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3935 return 0;
3936}
3937
3938static int l2cap_recv_acldata(struct hci_conn *hcon, struct sk_buff *skb, u16 flags)
3939{
3940 struct l2cap_conn *conn = hcon->l2cap_data;
3941
Andrei Emeltchenko5a08ecc2011-01-11 17:20:20 +0200[diff] [blame]3942 if (!conn)
3943 conn = l2cap_conn_add(hcon, 0);
3944
3945 if (!conn)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3946 goto drop;
3947
3948 BT_DBG("conn %p len %d flags 0x%x", conn, skb->len, flags);
3949
Andrei Emeltchenkoe7021122011-01-03 11:14:36 +0200[diff] [blame]3950 if (!(flags & ACL_CONT)) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3951 struct l2cap_hdr *hdr;
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]3952 struct l2cap_chan *chan;
Andrei Emeltchenko89794812010-09-15 14:28:44 +0300[diff] [blame]3953 u16 cid;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3954 int len;
3955
3956 if (conn->rx_len) {
3957 BT_ERR("Unexpected start frame (len %d)", skb->len);
3958 kfree_skb(conn->rx_skb);
3959 conn->rx_skb = NULL;
3960 conn->rx_len = 0;
3961 l2cap_conn_unreliable(conn, ECOMM);
3962 }
3963
Andrei Emeltchenkoaae7fe22010-09-15 14:28:43 +0300[diff] [blame]3964 /* Start fragment always begin with Basic L2CAP header */
3965 if (skb->len < L2CAP_HDR_SIZE) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3966 BT_ERR("Frame is too short (len %d)", skb->len);
3967 l2cap_conn_unreliable(conn, ECOMM);
3968 goto drop;
3969 }
3970
3971 hdr = (struct l2cap_hdr *) skb->data;
3972 len = __le16_to_cpu(hdr->len) + L2CAP_HDR_SIZE;
Andrei Emeltchenko89794812010-09-15 14:28:44 +0300[diff] [blame]3973 cid = __le16_to_cpu(hdr->cid);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3974
3975 if (len == skb->len) {
3976 /* Complete frame received */
3977 l2cap_recv_frame(conn, skb);
3978 return 0;
3979 }
3980
3981 BT_DBG("Start: total len %d, frag len %d", len, skb->len);
3982
3983 if (skb->len > len) {
3984 BT_ERR("Frame is too long (len %d, expected len %d)",
3985 skb->len, len);
3986 l2cap_conn_unreliable(conn, ECOMM);
3987 goto drop;
3988 }
3989
Gustavo F. Padovanbaa7e1f2011-03-31 16:17:41 -0300[diff] [blame]3990 chan = l2cap_get_chan_by_scid(conn, cid);
Andrei Emeltchenko89794812010-09-15 14:28:44 +0300[diff] [blame]3991
Gustavo F. Padovan48454072011-03-25 00:22:30 -0300[diff] [blame]3992 if (chan && chan->sk) {
3993 struct sock *sk = chan->sk;
3994
3995 if (l2cap_pi(sk)->imtu < len - L2CAP_HDR_SIZE) {
3996 BT_ERR("Frame exceeding recv MTU (len %d, "
3997 "MTU %d)", len,
3998 l2cap_pi(sk)->imtu);
3999 bh_unlock_sock(sk);
4000 l2cap_conn_unreliable(conn, ECOMM);
4001 goto drop;
4002 }
Andrei Emeltchenko89794812010-09-15 14:28:44 +0300[diff] [blame]4003 bh_unlock_sock(sk);
Andrei Emeltchenko89794812010-09-15 14:28:44 +0300[diff] [blame]4004 }
4005
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]4006 /* Allocate skb for the complete frame (with header) */
Gustavo F. Padovanaf05b30b2009-04-20 01:31:08 -0300[diff] [blame]4007 conn->rx_skb = bt_skb_alloc(len, GFP_ATOMIC);
4008 if (!conn->rx_skb)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]4009 goto drop;
4010
Arnaldo Carvalho de Melod626f622007-03-27 18:55:52 -0300[diff] [blame]4011 skb_copy_from_linear_data(skb, skb_put(conn->rx_skb, skb->len),
Marcel Holtmanne1027a72009-02-09 09:18:02 +0100[diff] [blame]4012 skb->len);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]4013 conn->rx_len = len - skb->len;
4014 } else {
4015 BT_DBG("Cont: frag len %d (expecting %d)", skb->len, conn->rx_len);
4016
4017 if (!conn->rx_len) {
4018 BT_ERR("Unexpected continuation frame (len %d)", skb->len);
4019 l2cap_conn_unreliable(conn, ECOMM);
4020 goto drop;
4021 }
4022
4023 if (skb->len > conn->rx_len) {
4024 BT_ERR("Fragment is too long (len %d, expected %d)",
4025 skb->len, conn->rx_len);
4026 kfree_skb(conn->rx_skb);
4027 conn->rx_skb = NULL;
4028 conn->rx_len = 0;
4029 l2cap_conn_unreliable(conn, ECOMM);
4030 goto drop;
4031 }
4032
Arnaldo Carvalho de Melod626f622007-03-27 18:55:52 -0300[diff] [blame]4033 skb_copy_from_linear_data(skb, skb_put(conn->rx_skb, skb->len),
Marcel Holtmanne1027a72009-02-09 09:18:02 +0100[diff] [blame]4034 skb->len);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]4035 conn->rx_len -= skb->len;
4036
4037 if (!conn->rx_len) {
4038 /* Complete frame received */
4039 l2cap_recv_frame(conn, conn->rx_skb);
4040 conn->rx_skb = NULL;
4041 }
4042 }
4043
4044drop:
4045 kfree_skb(skb);
4046 return 0;
4047}
4048
Marcel Holtmannaef7d972010-03-21 05:27:45 +0100[diff] [blame]4049static int l2cap_debugfs_show(struct seq_file *f, void *p)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]4050{
4051 struct sock *sk;
4052 struct hlist_node *node;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]4053
4054 read_lock_bh(&l2cap_sk_list.lock);
4055
Marcel Holtmannbe9d1222005-11-08 09:57:38 -0800[diff] [blame]4056 sk_for_each(sk, node, &l2cap_sk_list.head) {
4057 struct l2cap_pinfo *pi = l2cap_pi(sk);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]4058
Gustavo F. Padovan903d3432011-02-10 14:16:06 -0200[diff] [blame]4059 seq_printf(f, "%s %s %d %d 0x%4.4x 0x%4.4x %d %d %d %d\n",
Marcel Holtmannaef7d972010-03-21 05:27:45 +0100[diff] [blame]4060 batostr(&bt_sk(sk)->src),
4061 batostr(&bt_sk(sk)->dst),
4062 sk->sk_state, __le16_to_cpu(pi->psm),
4063 pi->scid, pi->dcid,
Gustavo F. Padovan903d3432011-02-10 14:16:06 -0200[diff] [blame]4064 pi->imtu, pi->omtu, pi->sec_level,
4065 pi->mode);
Marcel Holtmannbe9d1222005-11-08 09:57:38 -0800[diff] [blame]4066 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]4067
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]4068 read_unlock_bh(&l2cap_sk_list.lock);
Marcel Holtmannbe9d1222005-11-08 09:57:38 -0800[diff] [blame]4069
Marcel Holtmannaef7d972010-03-21 05:27:45 +0100[diff] [blame]4070 return 0;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]4071}
4072
Marcel Holtmannaef7d972010-03-21 05:27:45 +0100[diff] [blame]4073static int l2cap_debugfs_open(struct inode *inode, struct file *file)
4074{
4075 return single_open(file, l2cap_debugfs_show, inode->i_private);
4076}
4077
4078static const struct file_operations l2cap_debugfs_fops = {
4079 .open = l2cap_debugfs_open,
4080 .read = seq_read,
4081 .llseek = seq_lseek,
4082 .release = single_release,
4083};
4084
4085static struct dentry *l2cap_debugfs;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]4086
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]4087static struct hci_proto l2cap_hci_proto = {
4088 .name = "L2CAP",
4089 .id = HCI_PROTO_L2CAP,
4090 .connect_ind = l2cap_connect_ind,
4091 .connect_cfm = l2cap_connect_cfm,
4092 .disconn_ind = l2cap_disconn_ind,
Marcel Holtmann2950f212009-02-12 14:02:50 +0100[diff] [blame]4093 .disconn_cfm = l2cap_disconn_cfm,
Marcel Holtmann8c1b2352009-01-15 21:58:04 +0100[diff] [blame]4094 .security_cfm = l2cap_security_cfm,
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]4095 .recv_acldata = l2cap_recv_acldata
4096};
4097
Gustavo F. Padovan64274512011-02-07 20:08:52 -0200[diff] [blame]4098int __init l2cap_init(void)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]4099{
4100 int err;
Marcel Holtmannbe9d1222005-11-08 09:57:38 -0800[diff] [blame]4101
Gustavo F. Padovanbb58f742011-02-03 20:50:35 -0200[diff] [blame]4102 err = l2cap_init_sockets();
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]4103 if (err < 0)
4104 return err;
4105
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]4106 _busy_wq = create_singlethread_workqueue("l2cap");
Anderson Lizardob78d7b4f2010-11-29 12:15:50 -0400[diff] [blame]4107 if (!_busy_wq) {
Gustavo F. Padovanbb58f742011-02-03 20:50:35 -0200[diff] [blame]4108 err = -ENOMEM;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]4109 goto error;
4110 }
4111
4112 err = hci_register_proto(&l2cap_hci_proto);
4113 if (err < 0) {
4114 BT_ERR("L2CAP protocol registration failed");
4115 bt_sock_unregister(BTPROTO_L2CAP);
4116 goto error;
4117 }
4118
Marcel Holtmannaef7d972010-03-21 05:27:45 +0100[diff] [blame]4119 if (bt_debugfs) {
4120 l2cap_debugfs = debugfs_create_file("l2cap", 0444,
4121 bt_debugfs, NULL, &l2cap_debugfs_fops);
4122 if (!l2cap_debugfs)
4123 BT_ERR("Failed to create L2CAP debug file");
4124 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]4125
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]4126 return 0;
4127
4128error:
Anderson Lizardob78d7b4f2010-11-29 12:15:50 -0400[diff] [blame]4129 destroy_workqueue(_busy_wq);
Gustavo F. Padovanbb58f742011-02-03 20:50:35 -0200[diff] [blame]4130 l2cap_cleanup_sockets();
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]4131 return err;
4132}
4133
Gustavo F. Padovan64274512011-02-07 20:08:52 -0200[diff] [blame]4134void l2cap_exit(void)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]4135{
Marcel Holtmannaef7d972010-03-21 05:27:45 +0100[diff] [blame]4136 debugfs_remove(l2cap_debugfs);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]4137
Gustavo F. Padovan1890d362010-05-01 16:15:44 -0300[diff] [blame]4138 flush_workqueue(_busy_wq);
4139 destroy_workqueue(_busy_wq);
4140
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]4141 if (hci_unregister_proto(&l2cap_hci_proto) < 0)
4142 BT_ERR("L2CAP protocol unregistration failed");
4143
Gustavo F. Padovanbb58f742011-02-03 20:50:35 -0200[diff] [blame]4144 l2cap_cleanup_sockets();
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]4145}
4146
Gustavo F. Padovand1c4a172010-07-18 16:25:54 -0300[diff] [blame]4147module_param(disable_ertm, bool, 0644);
4148MODULE_PARM_DESC(disable_ertm, "Disable enhanced retransmission mode");