Doug / smarc-fsl-linux-kernel

Download as
Browse Code ยป

Commit 5bcb80944dffe68055c1745dc919d22ee1e276a5

Authored by Syam Sidhardhan
Committed by Gustavo Padovan
1 parent d8aece2af3
Exists in smarc-l5.0.0_1.0.0-ga and in 5 other branches imx_3.10.17_1.0.1_ga, imx_3.10.53_1.1.0_ga, imx_3.14.28_1.0.0_ga, smarc-imx_3.10.53_1.1.0_ga, smarc-imx_3.14.28_1.0.0_ga

Bluetooth: Use __constant modifier for RFCOMM PSM 

Since the RFCOMM_PSM is constant, __constant_cpu_to_le16() is
the right go here.

Signed-off-by: Syam Sidhardhan <s.syam@samsung.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>

Showing 1 changed file with 2 additions and 2 deletions Inline Diff

net/bluetooth/rfcomm/core.c
Diff comments   View file @ 5bcb809
1 /* 1 /*
2 RFCOMM implementation for Linux Bluetooth stack (BlueZ). 2 RFCOMM implementation for Linux Bluetooth stack (BlueZ).
3 Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com> 3 Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com>
4 Copyright (C) 2002 Marcel Holtmann <marcel@holtmann.org> 4 Copyright (C) 2002 Marcel Holtmann <marcel@holtmann.org>
5 5
6 This program is free software; you can redistribute it and/or modify 6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License version 2 as 7 it under the terms of the GNU General Public License version 2 as
8 published by the Free Software Foundation; 8 published by the Free Software Foundation;
9 9
10 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS 10 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
11 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 11 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
12 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. 12 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
13 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY 13 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
14 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES 14 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
15 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 15 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 16 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
17 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 17 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 18
19 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, 19 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
20 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS 20 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
21 SOFTWARE IS DISCLAIMED. 21 SOFTWARE IS DISCLAIMED.
22 */ 22 */
23 23
24 /* 24 /*
25 * Bluetooth RFCOMM core. 25 * Bluetooth RFCOMM core.
26 */ 26 */
27 27
28 #include <linux/module.h> 28 #include <linux/module.h>
29 #include <linux/debugfs.h> 29 #include <linux/debugfs.h>
30 #include <linux/kthread.h> 30 #include <linux/kthread.h>
31 #include <asm/unaligned.h> 31 #include <asm/unaligned.h>
32 32
33 #include <net/bluetooth/bluetooth.h> 33 #include <net/bluetooth/bluetooth.h>
34 #include <net/bluetooth/hci_core.h> 34 #include <net/bluetooth/hci_core.h>
35 #include <net/bluetooth/l2cap.h> 35 #include <net/bluetooth/l2cap.h>
36 #include <net/bluetooth/rfcomm.h> 36 #include <net/bluetooth/rfcomm.h>
37 37
38 #define VERSION "1.11" 38 #define VERSION "1.11"
39 39
40 static bool disable_cfc; 40 static bool disable_cfc;
41 static bool l2cap_ertm; 41 static bool l2cap_ertm;
42 static int channel_mtu = -1; 42 static int channel_mtu = -1;
43 static unsigned int l2cap_mtu = RFCOMM_MAX_L2CAP_MTU; 43 static unsigned int l2cap_mtu = RFCOMM_MAX_L2CAP_MTU;
44 44
45 static struct task_struct *rfcomm_thread; 45 static struct task_struct *rfcomm_thread;
46 46
47 static DEFINE_MUTEX(rfcomm_mutex); 47 static DEFINE_MUTEX(rfcomm_mutex);
48 #define rfcomm_lock() mutex_lock(&rfcomm_mutex) 48 #define rfcomm_lock() mutex_lock(&rfcomm_mutex)
49 #define rfcomm_unlock() mutex_unlock(&rfcomm_mutex) 49 #define rfcomm_unlock() mutex_unlock(&rfcomm_mutex)
50 50
51 51
52 static LIST_HEAD(session_list); 52 static LIST_HEAD(session_list);
53 53
54 static int rfcomm_send_frame(struct rfcomm_session *s, u8 *data, int len); 54 static int rfcomm_send_frame(struct rfcomm_session *s, u8 *data, int len);
55 static int rfcomm_send_sabm(struct rfcomm_session *s, u8 dlci); 55 static int rfcomm_send_sabm(struct rfcomm_session *s, u8 dlci);
56 static int rfcomm_send_disc(struct rfcomm_session *s, u8 dlci); 56 static int rfcomm_send_disc(struct rfcomm_session *s, u8 dlci);
57 static int rfcomm_queue_disc(struct rfcomm_dlc *d); 57 static int rfcomm_queue_disc(struct rfcomm_dlc *d);
58 static int rfcomm_send_nsc(struct rfcomm_session *s, int cr, u8 type); 58 static int rfcomm_send_nsc(struct rfcomm_session *s, int cr, u8 type);
59 static int rfcomm_send_pn(struct rfcomm_session *s, int cr, struct rfcomm_dlc *d); 59 static int rfcomm_send_pn(struct rfcomm_session *s, int cr, struct rfcomm_dlc *d);
60 static int rfcomm_send_msc(struct rfcomm_session *s, int cr, u8 dlci, u8 v24_sig); 60 static int rfcomm_send_msc(struct rfcomm_session *s, int cr, u8 dlci, u8 v24_sig);
61 static int rfcomm_send_test(struct rfcomm_session *s, int cr, u8 *pattern, int len); 61 static int rfcomm_send_test(struct rfcomm_session *s, int cr, u8 *pattern, int len);
62 static int rfcomm_send_credits(struct rfcomm_session *s, u8 addr, u8 credits); 62 static int rfcomm_send_credits(struct rfcomm_session *s, u8 addr, u8 credits);
63 static void rfcomm_make_uih(struct sk_buff *skb, u8 addr); 63 static void rfcomm_make_uih(struct sk_buff *skb, u8 addr);
64 64
65 static void rfcomm_process_connect(struct rfcomm_session *s); 65 static void rfcomm_process_connect(struct rfcomm_session *s);
66 66
67 static struct rfcomm_session *rfcomm_session_create(bdaddr_t *src, 67 static struct rfcomm_session *rfcomm_session_create(bdaddr_t *src,
68 bdaddr_t *dst, 68 bdaddr_t *dst,
69 u8 sec_level, 69 u8 sec_level,
70 int *err); 70 int *err);
71 static struct rfcomm_session *rfcomm_session_get(bdaddr_t *src, bdaddr_t *dst); 71 static struct rfcomm_session *rfcomm_session_get(bdaddr_t *src, bdaddr_t *dst);
72 static void rfcomm_session_del(struct rfcomm_session *s); 72 static void rfcomm_session_del(struct rfcomm_session *s);
73 73
74 /* ---- RFCOMM frame parsing macros ---- */ 74 /* ---- RFCOMM frame parsing macros ---- */
75 #define __get_dlci(b) ((b & 0xfc) >> 2) 75 #define __get_dlci(b) ((b & 0xfc) >> 2)
76 #define __get_channel(b) ((b & 0xf8) >> 3) 76 #define __get_channel(b) ((b & 0xf8) >> 3)
77 #define __get_dir(b) ((b & 0x04) >> 2) 77 #define __get_dir(b) ((b & 0x04) >> 2)
78 #define __get_type(b) ((b & 0xef)) 78 #define __get_type(b) ((b & 0xef))
79 79
80 #define __test_ea(b) ((b & 0x01)) 80 #define __test_ea(b) ((b & 0x01))
81 #define __test_cr(b) ((b & 0x02)) 81 #define __test_cr(b) ((b & 0x02))
82 #define __test_pf(b) ((b & 0x10)) 82 #define __test_pf(b) ((b & 0x10))
83 83
84 #define __addr(cr, dlci) (((dlci & 0x3f) << 2) | (cr << 1) | 0x01) 84 #define __addr(cr, dlci) (((dlci & 0x3f) << 2) | (cr << 1) | 0x01)
85 #define __ctrl(type, pf) (((type & 0xef) | (pf << 4))) 85 #define __ctrl(type, pf) (((type & 0xef) | (pf << 4)))
86 #define __dlci(dir, chn) (((chn & 0x1f) << 1) | dir) 86 #define __dlci(dir, chn) (((chn & 0x1f) << 1) | dir)
87 #define __srv_channel(dlci) (dlci >> 1) 87 #define __srv_channel(dlci) (dlci >> 1)
88 #define __dir(dlci) (dlci & 0x01) 88 #define __dir(dlci) (dlci & 0x01)
89 89
90 #define __len8(len) (((len) << 1) | 1) 90 #define __len8(len) (((len) << 1) | 1)
91 #define __len16(len) ((len) << 1) 91 #define __len16(len) ((len) << 1)
92 92
93 /* MCC macros */ 93 /* MCC macros */
94 #define __mcc_type(cr, type) (((type << 2) | (cr << 1) | 0x01)) 94 #define __mcc_type(cr, type) (((type << 2) | (cr << 1) | 0x01))
95 #define __get_mcc_type(b) ((b & 0xfc) >> 2) 95 #define __get_mcc_type(b) ((b & 0xfc) >> 2)
96 #define __get_mcc_len(b) ((b & 0xfe) >> 1) 96 #define __get_mcc_len(b) ((b & 0xfe) >> 1)
97 97
98 /* RPN macros */ 98 /* RPN macros */
99 #define __rpn_line_settings(data, stop, parity) ((data & 0x3) | ((stop & 0x1) << 2) | ((parity & 0x7) << 3)) 99 #define __rpn_line_settings(data, stop, parity) ((data & 0x3) | ((stop & 0x1) << 2) | ((parity & 0x7) << 3))
100 #define __get_rpn_data_bits(line) ((line) & 0x3) 100 #define __get_rpn_data_bits(line) ((line) & 0x3)
101 #define __get_rpn_stop_bits(line) (((line) >> 2) & 0x1) 101 #define __get_rpn_stop_bits(line) (((line) >> 2) & 0x1)
102 #define __get_rpn_parity(line) (((line) >> 3) & 0x7) 102 #define __get_rpn_parity(line) (((line) >> 3) & 0x7)
103 103
104 static void rfcomm_schedule(void) 104 static void rfcomm_schedule(void)
105 { 105 {
106 if (!rfcomm_thread) 106 if (!rfcomm_thread)
107 return; 107 return;
108 wake_up_process(rfcomm_thread); 108 wake_up_process(rfcomm_thread);
109 } 109 }
110 110
111 static void rfcomm_session_put(struct rfcomm_session *s) 111 static void rfcomm_session_put(struct rfcomm_session *s)
112 { 112 {
113 if (atomic_dec_and_test(&s->refcnt)) 113 if (atomic_dec_and_test(&s->refcnt))
114 rfcomm_session_del(s); 114 rfcomm_session_del(s);
115 } 115 }
116 116
117 /* ---- RFCOMM FCS computation ---- */ 117 /* ---- RFCOMM FCS computation ---- */
118 118
119 /* reversed, 8-bit, poly=0x07 */ 119 /* reversed, 8-bit, poly=0x07 */
120 static unsigned char rfcomm_crc_table[256] = { 120 static unsigned char rfcomm_crc_table[256] = {
121 0x00, 0x91, 0xe3, 0x72, 0x07, 0x96, 0xe4, 0x75, 121 0x00, 0x91, 0xe3, 0x72, 0x07, 0x96, 0xe4, 0x75,
122 0x0e, 0x9f, 0xed, 0x7c, 0x09, 0x98, 0xea, 0x7b, 122 0x0e, 0x9f, 0xed, 0x7c, 0x09, 0x98, 0xea, 0x7b,
123 0x1c, 0x8d, 0xff, 0x6e, 0x1b, 0x8a, 0xf8, 0x69, 123 0x1c, 0x8d, 0xff, 0x6e, 0x1b, 0x8a, 0xf8, 0x69,
124 0x12, 0x83, 0xf1, 0x60, 0x15, 0x84, 0xf6, 0x67, 124 0x12, 0x83, 0xf1, 0x60, 0x15, 0x84, 0xf6, 0x67,
125 125
126 0x38, 0xa9, 0xdb, 0x4a, 0x3f, 0xae, 0xdc, 0x4d, 126 0x38, 0xa9, 0xdb, 0x4a, 0x3f, 0xae, 0xdc, 0x4d,
127 0x36, 0xa7, 0xd5, 0x44, 0x31, 0xa0, 0xd2, 0x43, 127 0x36, 0xa7, 0xd5, 0x44, 0x31, 0xa0, 0xd2, 0x43,
128 0x24, 0xb5, 0xc7, 0x56, 0x23, 0xb2, 0xc0, 0x51, 128 0x24, 0xb5, 0xc7, 0x56, 0x23, 0xb2, 0xc0, 0x51,
129 0x2a, 0xbb, 0xc9, 0x58, 0x2d, 0xbc, 0xce, 0x5f, 129 0x2a, 0xbb, 0xc9, 0x58, 0x2d, 0xbc, 0xce, 0x5f,
130 130
131 0x70, 0xe1, 0x93, 0x02, 0x77, 0xe6, 0x94, 0x05, 131 0x70, 0xe1, 0x93, 0x02, 0x77, 0xe6, 0x94, 0x05,
132 0x7e, 0xef, 0x9d, 0x0c, 0x79, 0xe8, 0x9a, 0x0b, 132 0x7e, 0xef, 0x9d, 0x0c, 0x79, 0xe8, 0x9a, 0x0b,
133 0x6c, 0xfd, 0x8f, 0x1e, 0x6b, 0xfa, 0x88, 0x19, 133 0x6c, 0xfd, 0x8f, 0x1e, 0x6b, 0xfa, 0x88, 0x19,
134 0x62, 0xf3, 0x81, 0x10, 0x65, 0xf4, 0x86, 0x17, 134 0x62, 0xf3, 0x81, 0x10, 0x65, 0xf4, 0x86, 0x17,
135 135
136 0x48, 0xd9, 0xab, 0x3a, 0x4f, 0xde, 0xac, 0x3d, 136 0x48, 0xd9, 0xab, 0x3a, 0x4f, 0xde, 0xac, 0x3d,
137 0x46, 0xd7, 0xa5, 0x34, 0x41, 0xd0, 0xa2, 0x33, 137 0x46, 0xd7, 0xa5, 0x34, 0x41, 0xd0, 0xa2, 0x33,
138 0x54, 0xc5, 0xb7, 0x26, 0x53, 0xc2, 0xb0, 0x21, 138 0x54, 0xc5, 0xb7, 0x26, 0x53, 0xc2, 0xb0, 0x21,
139 0x5a, 0xcb, 0xb9, 0x28, 0x5d, 0xcc, 0xbe, 0x2f, 139 0x5a, 0xcb, 0xb9, 0x28, 0x5d, 0xcc, 0xbe, 0x2f,
140 140
141 0xe0, 0x71, 0x03, 0x92, 0xe7, 0x76, 0x04, 0x95, 141 0xe0, 0x71, 0x03, 0x92, 0xe7, 0x76, 0x04, 0x95,
142 0xee, 0x7f, 0x0d, 0x9c, 0xe9, 0x78, 0x0a, 0x9b, 142 0xee, 0x7f, 0x0d, 0x9c, 0xe9, 0x78, 0x0a, 0x9b,
143 0xfc, 0x6d, 0x1f, 0x8e, 0xfb, 0x6a, 0x18, 0x89, 143 0xfc, 0x6d, 0x1f, 0x8e, 0xfb, 0x6a, 0x18, 0x89,
144 0xf2, 0x63, 0x11, 0x80, 0xf5, 0x64, 0x16, 0x87, 144 0xf2, 0x63, 0x11, 0x80, 0xf5, 0x64, 0x16, 0x87,
145 145
146 0xd8, 0x49, 0x3b, 0xaa, 0xdf, 0x4e, 0x3c, 0xad, 146 0xd8, 0x49, 0x3b, 0xaa, 0xdf, 0x4e, 0x3c, 0xad,
147 0xd6, 0x47, 0x35, 0xa4, 0xd1, 0x40, 0x32, 0xa3, 147 0xd6, 0x47, 0x35, 0xa4, 0xd1, 0x40, 0x32, 0xa3,
148 0xc4, 0x55, 0x27, 0xb6, 0xc3, 0x52, 0x20, 0xb1, 148 0xc4, 0x55, 0x27, 0xb6, 0xc3, 0x52, 0x20, 0xb1,
149 0xca, 0x5b, 0x29, 0xb8, 0xcd, 0x5c, 0x2e, 0xbf, 149 0xca, 0x5b, 0x29, 0xb8, 0xcd, 0x5c, 0x2e, 0xbf,
150 150
151 0x90, 0x01, 0x73, 0xe2, 0x97, 0x06, 0x74, 0xe5, 151 0x90, 0x01, 0x73, 0xe2, 0x97, 0x06, 0x74, 0xe5,
152 0x9e, 0x0f, 0x7d, 0xec, 0x99, 0x08, 0x7a, 0xeb, 152 0x9e, 0x0f, 0x7d, 0xec, 0x99, 0x08, 0x7a, 0xeb,
153 0x8c, 0x1d, 0x6f, 0xfe, 0x8b, 0x1a, 0x68, 0xf9, 153 0x8c, 0x1d, 0x6f, 0xfe, 0x8b, 0x1a, 0x68, 0xf9,
154 0x82, 0x13, 0x61, 0xf0, 0x85, 0x14, 0x66, 0xf7, 154 0x82, 0x13, 0x61, 0xf0, 0x85, 0x14, 0x66, 0xf7,
155 155
156 0xa8, 0x39, 0x4b, 0xda, 0xaf, 0x3e, 0x4c, 0xdd, 156 0xa8, 0x39, 0x4b, 0xda, 0xaf, 0x3e, 0x4c, 0xdd,
157 0xa6, 0x37, 0x45, 0xd4, 0xa1, 0x30, 0x42, 0xd3, 157 0xa6, 0x37, 0x45, 0xd4, 0xa1, 0x30, 0x42, 0xd3,
158 0xb4, 0x25, 0x57, 0xc6, 0xb3, 0x22, 0x50, 0xc1, 158 0xb4, 0x25, 0x57, 0xc6, 0xb3, 0x22, 0x50, 0xc1,
159 0xba, 0x2b, 0x59, 0xc8, 0xbd, 0x2c, 0x5e, 0xcf 159 0xba, 0x2b, 0x59, 0xc8, 0xbd, 0x2c, 0x5e, 0xcf
160 }; 160 };
161 161
162 /* CRC on 2 bytes */ 162 /* CRC on 2 bytes */
163 #define __crc(data) (rfcomm_crc_table[rfcomm_crc_table[0xff ^ data[0]] ^ data[1]]) 163 #define __crc(data) (rfcomm_crc_table[rfcomm_crc_table[0xff ^ data[0]] ^ data[1]])
164 164
165 /* FCS on 2 bytes */ 165 /* FCS on 2 bytes */
166 static inline u8 __fcs(u8 *data) 166 static inline u8 __fcs(u8 *data)
167 { 167 {
168 return 0xff - __crc(data); 168 return 0xff - __crc(data);
169 } 169 }
170 170
171 /* FCS on 3 bytes */ 171 /* FCS on 3 bytes */
172 static inline u8 __fcs2(u8 *data) 172 static inline u8 __fcs2(u8 *data)
173 { 173 {
174 return 0xff - rfcomm_crc_table[__crc(data) ^ data[2]]; 174 return 0xff - rfcomm_crc_table[__crc(data) ^ data[2]];
175 } 175 }
176 176
177 /* Check FCS */ 177 /* Check FCS */
178 static inline int __check_fcs(u8 *data, int type, u8 fcs) 178 static inline int __check_fcs(u8 *data, int type, u8 fcs)
179 { 179 {
180 u8 f = __crc(data); 180 u8 f = __crc(data);
181 181
182 if (type != RFCOMM_UIH) 182 if (type != RFCOMM_UIH)
183 f = rfcomm_crc_table[f ^ data[2]]; 183 f = rfcomm_crc_table[f ^ data[2]];
184 184
185 return rfcomm_crc_table[f ^ fcs] != 0xcf; 185 return rfcomm_crc_table[f ^ fcs] != 0xcf;
186 } 186 }
187 187
188 /* ---- L2CAP callbacks ---- */ 188 /* ---- L2CAP callbacks ---- */
189 static void rfcomm_l2state_change(struct sock *sk) 189 static void rfcomm_l2state_change(struct sock *sk)
190 { 190 {
191 BT_DBG("%p state %d", sk, sk->sk_state); 191 BT_DBG("%p state %d", sk, sk->sk_state);
192 rfcomm_schedule(); 192 rfcomm_schedule();
193 } 193 }
194 194
195 static void rfcomm_l2data_ready(struct sock *sk, int bytes) 195 static void rfcomm_l2data_ready(struct sock *sk, int bytes)
196 { 196 {
197 BT_DBG("%p bytes %d", sk, bytes); 197 BT_DBG("%p bytes %d", sk, bytes);
198 rfcomm_schedule(); 198 rfcomm_schedule();
199 } 199 }
200 200
201 static int rfcomm_l2sock_create(struct socket **sock) 201 static int rfcomm_l2sock_create(struct socket **sock)
202 { 202 {
203 int err; 203 int err;
204 204
205 BT_DBG(""); 205 BT_DBG("");
206 206
207 err = sock_create_kern(PF_BLUETOOTH, SOCK_SEQPACKET, BTPROTO_L2CAP, sock); 207 err = sock_create_kern(PF_BLUETOOTH, SOCK_SEQPACKET, BTPROTO_L2CAP, sock);
208 if (!err) { 208 if (!err) {
209 struct sock *sk = (*sock)->sk; 209 struct sock *sk = (*sock)->sk;
210 sk->sk_data_ready = rfcomm_l2data_ready; 210 sk->sk_data_ready = rfcomm_l2data_ready;
211 sk->sk_state_change = rfcomm_l2state_change; 211 sk->sk_state_change = rfcomm_l2state_change;
212 } 212 }
213 return err; 213 return err;
214 } 214 }
215 215
216 static int rfcomm_check_security(struct rfcomm_dlc *d) 216 static int rfcomm_check_security(struct rfcomm_dlc *d)
217 { 217 {
218 struct sock *sk = d->session->sock->sk; 218 struct sock *sk = d->session->sock->sk;
219 struct l2cap_conn *conn = l2cap_pi(sk)->chan->conn; 219 struct l2cap_conn *conn = l2cap_pi(sk)->chan->conn;
220 220
221 __u8 auth_type; 221 __u8 auth_type;
222 222
223 switch (d->sec_level) { 223 switch (d->sec_level) {
224 case BT_SECURITY_HIGH: 224 case BT_SECURITY_HIGH:
225 auth_type = HCI_AT_GENERAL_BONDING_MITM; 225 auth_type = HCI_AT_GENERAL_BONDING_MITM;
226 break; 226 break;
227 case BT_SECURITY_MEDIUM: 227 case BT_SECURITY_MEDIUM:
228 auth_type = HCI_AT_GENERAL_BONDING; 228 auth_type = HCI_AT_GENERAL_BONDING;
229 break; 229 break;
230 default: 230 default:
231 auth_type = HCI_AT_NO_BONDING; 231 auth_type = HCI_AT_NO_BONDING;
232 break; 232 break;
233 } 233 }
234 234
235 return hci_conn_security(conn->hcon, d->sec_level, auth_type); 235 return hci_conn_security(conn->hcon, d->sec_level, auth_type);
236 } 236 }
237 237
238 static void rfcomm_session_timeout(unsigned long arg) 238 static void rfcomm_session_timeout(unsigned long arg)
239 { 239 {
240 struct rfcomm_session *s = (void *) arg; 240 struct rfcomm_session *s = (void *) arg;
241 241
242 BT_DBG("session %p state %ld", s, s->state); 242 BT_DBG("session %p state %ld", s, s->state);
243 243
244 set_bit(RFCOMM_TIMED_OUT, &s->flags); 244 set_bit(RFCOMM_TIMED_OUT, &s->flags);
245 rfcomm_schedule(); 245 rfcomm_schedule();
246 } 246 }
247 247
248 static void rfcomm_session_set_timer(struct rfcomm_session *s, long timeout) 248 static void rfcomm_session_set_timer(struct rfcomm_session *s, long timeout)
249 { 249 {
250 BT_DBG("session %p state %ld timeout %ld", s, s->state, timeout); 250 BT_DBG("session %p state %ld timeout %ld", s, s->state, timeout);
251 251
252 if (!mod_timer(&s->timer, jiffies + timeout)) 252 if (!mod_timer(&s->timer, jiffies + timeout))
253 rfcomm_session_hold(s); 253 rfcomm_session_hold(s);
254 } 254 }
255 255
256 static void rfcomm_session_clear_timer(struct rfcomm_session *s) 256 static void rfcomm_session_clear_timer(struct rfcomm_session *s)
257 { 257 {
258 BT_DBG("session %p state %ld", s, s->state); 258 BT_DBG("session %p state %ld", s, s->state);
259 259
260 if (timer_pending(&s->timer) && del_timer(&s->timer)) 260 if (timer_pending(&s->timer) && del_timer(&s->timer))
261 rfcomm_session_put(s); 261 rfcomm_session_put(s);
262 } 262 }
263 263
264 /* ---- RFCOMM DLCs ---- */ 264 /* ---- RFCOMM DLCs ---- */
265 static void rfcomm_dlc_timeout(unsigned long arg) 265 static void rfcomm_dlc_timeout(unsigned long arg)
266 { 266 {
267 struct rfcomm_dlc *d = (void *) arg; 267 struct rfcomm_dlc *d = (void *) arg;
268 268
269 BT_DBG("dlc %p state %ld", d, d->state); 269 BT_DBG("dlc %p state %ld", d, d->state);
270 270
271 set_bit(RFCOMM_TIMED_OUT, &d->flags); 271 set_bit(RFCOMM_TIMED_OUT, &d->flags);
272 rfcomm_dlc_put(d); 272 rfcomm_dlc_put(d);
273 rfcomm_schedule(); 273 rfcomm_schedule();
274 } 274 }
275 275
276 static void rfcomm_dlc_set_timer(struct rfcomm_dlc *d, long timeout) 276 static void rfcomm_dlc_set_timer(struct rfcomm_dlc *d, long timeout)
277 { 277 {
278 BT_DBG("dlc %p state %ld timeout %ld", d, d->state, timeout); 278 BT_DBG("dlc %p state %ld timeout %ld", d, d->state, timeout);
279 279
280 if (!mod_timer(&d->timer, jiffies + timeout)) 280 if (!mod_timer(&d->timer, jiffies + timeout))
281 rfcomm_dlc_hold(d); 281 rfcomm_dlc_hold(d);
282 } 282 }
283 283
284 static void rfcomm_dlc_clear_timer(struct rfcomm_dlc *d) 284 static void rfcomm_dlc_clear_timer(struct rfcomm_dlc *d)
285 { 285 {
286 BT_DBG("dlc %p state %ld", d, d->state); 286 BT_DBG("dlc %p state %ld", d, d->state);
287 287
288 if (timer_pending(&d->timer) && del_timer(&d->timer)) 288 if (timer_pending(&d->timer) && del_timer(&d->timer))
289 rfcomm_dlc_put(d); 289 rfcomm_dlc_put(d);
290 } 290 }
291 291
292 static void rfcomm_dlc_clear_state(struct rfcomm_dlc *d) 292 static void rfcomm_dlc_clear_state(struct rfcomm_dlc *d)
293 { 293 {
294 BT_DBG("%p", d); 294 BT_DBG("%p", d);
295 295
296 d->state = BT_OPEN; 296 d->state = BT_OPEN;
297 d->flags = 0; 297 d->flags = 0;
298 d->mscex = 0; 298 d->mscex = 0;
299 d->sec_level = BT_SECURITY_LOW; 299 d->sec_level = BT_SECURITY_LOW;
300 d->mtu = RFCOMM_DEFAULT_MTU; 300 d->mtu = RFCOMM_DEFAULT_MTU;
301 d->v24_sig = RFCOMM_V24_RTC | RFCOMM_V24_RTR | RFCOMM_V24_DV; 301 d->v24_sig = RFCOMM_V24_RTC | RFCOMM_V24_RTR | RFCOMM_V24_DV;
302 302
303 d->cfc = RFCOMM_CFC_DISABLED; 303 d->cfc = RFCOMM_CFC_DISABLED;
304 d->rx_credits = RFCOMM_DEFAULT_CREDITS; 304 d->rx_credits = RFCOMM_DEFAULT_CREDITS;
305 } 305 }
306 306
307 struct rfcomm_dlc *rfcomm_dlc_alloc(gfp_t prio) 307 struct rfcomm_dlc *rfcomm_dlc_alloc(gfp_t prio)
308 { 308 {
309 struct rfcomm_dlc *d = kzalloc(sizeof(*d), prio); 309 struct rfcomm_dlc *d = kzalloc(sizeof(*d), prio);
310 310
311 if (!d) 311 if (!d)
312 return NULL; 312 return NULL;
313 313
314 setup_timer(&d->timer, rfcomm_dlc_timeout, (unsigned long)d); 314 setup_timer(&d->timer, rfcomm_dlc_timeout, (unsigned long)d);
315 315
316 skb_queue_head_init(&d->tx_queue); 316 skb_queue_head_init(&d->tx_queue);
317 spin_lock_init(&d->lock); 317 spin_lock_init(&d->lock);
318 atomic_set(&d->refcnt, 1); 318 atomic_set(&d->refcnt, 1);
319 319
320 rfcomm_dlc_clear_state(d); 320 rfcomm_dlc_clear_state(d);
321 321
322 BT_DBG("%p", d); 322 BT_DBG("%p", d);
323 323
324 return d; 324 return d;
325 } 325 }
326 326
327 void rfcomm_dlc_free(struct rfcomm_dlc *d) 327 void rfcomm_dlc_free(struct rfcomm_dlc *d)
328 { 328 {
329 BT_DBG("%p", d); 329 BT_DBG("%p", d);
330 330
331 skb_queue_purge(&d->tx_queue); 331 skb_queue_purge(&d->tx_queue);
332 kfree(d); 332 kfree(d);
333 } 333 }
334 334
335 static void rfcomm_dlc_link(struct rfcomm_session *s, struct rfcomm_dlc *d) 335 static void rfcomm_dlc_link(struct rfcomm_session *s, struct rfcomm_dlc *d)
336 { 336 {
337 BT_DBG("dlc %p session %p", d, s); 337 BT_DBG("dlc %p session %p", d, s);
338 338
339 rfcomm_session_hold(s); 339 rfcomm_session_hold(s);
340 340
341 rfcomm_session_clear_timer(s); 341 rfcomm_session_clear_timer(s);
342 rfcomm_dlc_hold(d); 342 rfcomm_dlc_hold(d);
343 list_add(&d->list, &s->dlcs); 343 list_add(&d->list, &s->dlcs);
344 d->session = s; 344 d->session = s;
345 } 345 }
346 346
347 static void rfcomm_dlc_unlink(struct rfcomm_dlc *d) 347 static void rfcomm_dlc_unlink(struct rfcomm_dlc *d)
348 { 348 {
349 struct rfcomm_session *s = d->session; 349 struct rfcomm_session *s = d->session;
350 350
351 BT_DBG("dlc %p refcnt %d session %p", d, atomic_read(&d->refcnt), s); 351 BT_DBG("dlc %p refcnt %d session %p", d, atomic_read(&d->refcnt), s);
352 352
353 list_del(&d->list); 353 list_del(&d->list);
354 d->session = NULL; 354 d->session = NULL;
355 rfcomm_dlc_put(d); 355 rfcomm_dlc_put(d);
356 356
357 if (list_empty(&s->dlcs)) 357 if (list_empty(&s->dlcs))
358 rfcomm_session_set_timer(s, RFCOMM_IDLE_TIMEOUT); 358 rfcomm_session_set_timer(s, RFCOMM_IDLE_TIMEOUT);
359 359
360 rfcomm_session_put(s); 360 rfcomm_session_put(s);
361 } 361 }
362 362
363 static struct rfcomm_dlc *rfcomm_dlc_get(struct rfcomm_session *s, u8 dlci) 363 static struct rfcomm_dlc *rfcomm_dlc_get(struct rfcomm_session *s, u8 dlci)
364 { 364 {
365 struct rfcomm_dlc *d; 365 struct rfcomm_dlc *d;
366 366
367 list_for_each_entry(d, &s->dlcs, list) 367 list_for_each_entry(d, &s->dlcs, list)
368 if (d->dlci == dlci) 368 if (d->dlci == dlci)
369 return d; 369 return d;
370 370
371 return NULL; 371 return NULL;
372 } 372 }
373 373
374 static int __rfcomm_dlc_open(struct rfcomm_dlc *d, bdaddr_t *src, bdaddr_t *dst, u8 channel) 374 static int __rfcomm_dlc_open(struct rfcomm_dlc *d, bdaddr_t *src, bdaddr_t *dst, u8 channel)
375 { 375 {
376 struct rfcomm_session *s; 376 struct rfcomm_session *s;
377 int err = 0; 377 int err = 0;
378 u8 dlci; 378 u8 dlci;
379 379
380 BT_DBG("dlc %p state %ld %pMR -> %pMR channel %d", 380 BT_DBG("dlc %p state %ld %pMR -> %pMR channel %d",
381 d, d->state, src, dst, channel); 381 d, d->state, src, dst, channel);
382 382
383 if (channel < 1 || channel > 30) 383 if (channel < 1 || channel > 30)
384 return -EINVAL; 384 return -EINVAL;
385 385
386 if (d->state != BT_OPEN && d->state != BT_CLOSED) 386 if (d->state != BT_OPEN && d->state != BT_CLOSED)
387 return 0; 387 return 0;
388 388
389 s = rfcomm_session_get(src, dst); 389 s = rfcomm_session_get(src, dst);
390 if (!s) { 390 if (!s) {
391 s = rfcomm_session_create(src, dst, d->sec_level, &err); 391 s = rfcomm_session_create(src, dst, d->sec_level, &err);
392 if (!s) 392 if (!s)
393 return err; 393 return err;
394 } 394 }
395 395
396 dlci = __dlci(!s->initiator, channel); 396 dlci = __dlci(!s->initiator, channel);
397 397
398 /* Check if DLCI already exists */ 398 /* Check if DLCI already exists */
399 if (rfcomm_dlc_get(s, dlci)) 399 if (rfcomm_dlc_get(s, dlci))
400 return -EBUSY; 400 return -EBUSY;
401 401
402 rfcomm_dlc_clear_state(d); 402 rfcomm_dlc_clear_state(d);
403 403
404 d->dlci = dlci; 404 d->dlci = dlci;
405 d->addr = __addr(s->initiator, dlci); 405 d->addr = __addr(s->initiator, dlci);
406 d->priority = 7; 406 d->priority = 7;
407 407
408 d->state = BT_CONFIG; 408 d->state = BT_CONFIG;
409 rfcomm_dlc_link(s, d); 409 rfcomm_dlc_link(s, d);
410 410
411 d->out = 1; 411 d->out = 1;
412 412
413 d->mtu = s->mtu; 413 d->mtu = s->mtu;
414 d->cfc = (s->cfc == RFCOMM_CFC_UNKNOWN) ? 0 : s->cfc; 414 d->cfc = (s->cfc == RFCOMM_CFC_UNKNOWN) ? 0 : s->cfc;
415 415
416 if (s->state == BT_CONNECTED) { 416 if (s->state == BT_CONNECTED) {
417 if (rfcomm_check_security(d)) 417 if (rfcomm_check_security(d))
418 rfcomm_send_pn(s, 1, d); 418 rfcomm_send_pn(s, 1, d);
419 else 419 else
420 set_bit(RFCOMM_AUTH_PENDING, &d->flags); 420 set_bit(RFCOMM_AUTH_PENDING, &d->flags);
421 } 421 }
422 422
423 rfcomm_dlc_set_timer(d, RFCOMM_CONN_TIMEOUT); 423 rfcomm_dlc_set_timer(d, RFCOMM_CONN_TIMEOUT);
424 424
425 return 0; 425 return 0;
426 } 426 }
427 427
428 int rfcomm_dlc_open(struct rfcomm_dlc *d, bdaddr_t *src, bdaddr_t *dst, u8 channel) 428 int rfcomm_dlc_open(struct rfcomm_dlc *d, bdaddr_t *src, bdaddr_t *dst, u8 channel)
429 { 429 {
430 int r; 430 int r;
431 431
432 rfcomm_lock(); 432 rfcomm_lock();
433 433
434 r = __rfcomm_dlc_open(d, src, dst, channel); 434 r = __rfcomm_dlc_open(d, src, dst, channel);
435 435
436 rfcomm_unlock(); 436 rfcomm_unlock();
437 return r; 437 return r;
438 } 438 }
439 439
440 static int __rfcomm_dlc_close(struct rfcomm_dlc *d, int err) 440 static int __rfcomm_dlc_close(struct rfcomm_dlc *d, int err)
441 { 441 {
442 struct rfcomm_session *s = d->session; 442 struct rfcomm_session *s = d->session;
443 if (!s) 443 if (!s)
444 return 0; 444 return 0;
445 445
446 BT_DBG("dlc %p state %ld dlci %d err %d session %p", 446 BT_DBG("dlc %p state %ld dlci %d err %d session %p",
447 d, d->state, d->dlci, err, s); 447 d, d->state, d->dlci, err, s);
448 448
449 switch (d->state) { 449 switch (d->state) {
450 case BT_CONNECT: 450 case BT_CONNECT:
451 case BT_CONFIG: 451 case BT_CONFIG:
452 if (test_and_clear_bit(RFCOMM_DEFER_SETUP, &d->flags)) { 452 if (test_and_clear_bit(RFCOMM_DEFER_SETUP, &d->flags)) {
453 set_bit(RFCOMM_AUTH_REJECT, &d->flags); 453 set_bit(RFCOMM_AUTH_REJECT, &d->flags);
454 rfcomm_schedule(); 454 rfcomm_schedule();
455 break; 455 break;
456 } 456 }
457 /* Fall through */ 457 /* Fall through */
458 458
459 case BT_CONNECTED: 459 case BT_CONNECTED:
460 d->state = BT_DISCONN; 460 d->state = BT_DISCONN;
461 if (skb_queue_empty(&d->tx_queue)) { 461 if (skb_queue_empty(&d->tx_queue)) {
462 rfcomm_send_disc(s, d->dlci); 462 rfcomm_send_disc(s, d->dlci);
463 rfcomm_dlc_set_timer(d, RFCOMM_DISC_TIMEOUT); 463 rfcomm_dlc_set_timer(d, RFCOMM_DISC_TIMEOUT);
464 } else { 464 } else {
465 rfcomm_queue_disc(d); 465 rfcomm_queue_disc(d);
466 rfcomm_dlc_set_timer(d, RFCOMM_DISC_TIMEOUT * 2); 466 rfcomm_dlc_set_timer(d, RFCOMM_DISC_TIMEOUT * 2);
467 } 467 }
468 break; 468 break;
469 469
470 case BT_OPEN: 470 case BT_OPEN:
471 case BT_CONNECT2: 471 case BT_CONNECT2:
472 if (test_and_clear_bit(RFCOMM_DEFER_SETUP, &d->flags)) { 472 if (test_and_clear_bit(RFCOMM_DEFER_SETUP, &d->flags)) {
473 set_bit(RFCOMM_AUTH_REJECT, &d->flags); 473 set_bit(RFCOMM_AUTH_REJECT, &d->flags);
474 rfcomm_schedule(); 474 rfcomm_schedule();
475 break; 475 break;
476 } 476 }
477 /* Fall through */ 477 /* Fall through */
478 478
479 default: 479 default:
480 rfcomm_dlc_clear_timer(d); 480 rfcomm_dlc_clear_timer(d);
481 481
482 rfcomm_dlc_lock(d); 482 rfcomm_dlc_lock(d);
483 d->state = BT_CLOSED; 483 d->state = BT_CLOSED;
484 d->state_change(d, err); 484 d->state_change(d, err);
485 rfcomm_dlc_unlock(d); 485 rfcomm_dlc_unlock(d);
486 486
487 skb_queue_purge(&d->tx_queue); 487 skb_queue_purge(&d->tx_queue);
488 rfcomm_dlc_unlink(d); 488 rfcomm_dlc_unlink(d);
489 } 489 }
490 490
491 return 0; 491 return 0;
492 } 492 }
493 493
494 int rfcomm_dlc_close(struct rfcomm_dlc *d, int err) 494 int rfcomm_dlc_close(struct rfcomm_dlc *d, int err)
495 { 495 {
496 int r; 496 int r;
497 497
498 rfcomm_lock(); 498 rfcomm_lock();
499 499
500 r = __rfcomm_dlc_close(d, err); 500 r = __rfcomm_dlc_close(d, err);
501 501
502 rfcomm_unlock(); 502 rfcomm_unlock();
503 return r; 503 return r;
504 } 504 }
505 505
506 int rfcomm_dlc_send(struct rfcomm_dlc *d, struct sk_buff *skb) 506 int rfcomm_dlc_send(struct rfcomm_dlc *d, struct sk_buff *skb)
507 { 507 {
508 int len = skb->len; 508 int len = skb->len;
509 509
510 if (d->state != BT_CONNECTED) 510 if (d->state != BT_CONNECTED)
511 return -ENOTCONN; 511 return -ENOTCONN;
512 512
513 BT_DBG("dlc %p mtu %d len %d", d, d->mtu, len); 513 BT_DBG("dlc %p mtu %d len %d", d, d->mtu, len);
514 514
515 if (len > d->mtu) 515 if (len > d->mtu)
516 return -EINVAL; 516 return -EINVAL;
517 517
518 rfcomm_make_uih(skb, d->addr); 518 rfcomm_make_uih(skb, d->addr);
519 skb_queue_tail(&d->tx_queue, skb); 519 skb_queue_tail(&d->tx_queue, skb);
520 520
521 if (!test_bit(RFCOMM_TX_THROTTLED, &d->flags)) 521 if (!test_bit(RFCOMM_TX_THROTTLED, &d->flags))
522 rfcomm_schedule(); 522 rfcomm_schedule();
523 return len; 523 return len;
524 } 524 }
525 525
526 void __rfcomm_dlc_throttle(struct rfcomm_dlc *d) 526 void __rfcomm_dlc_throttle(struct rfcomm_dlc *d)
527 { 527 {
528 BT_DBG("dlc %p state %ld", d, d->state); 528 BT_DBG("dlc %p state %ld", d, d->state);
529 529
530 if (!d->cfc) { 530 if (!d->cfc) {
531 d->v24_sig |= RFCOMM_V24_FC; 531 d->v24_sig |= RFCOMM_V24_FC;
532 set_bit(RFCOMM_MSC_PENDING, &d->flags); 532 set_bit(RFCOMM_MSC_PENDING, &d->flags);
533 } 533 }
534 rfcomm_schedule(); 534 rfcomm_schedule();
535 } 535 }
536 536
537 void __rfcomm_dlc_unthrottle(struct rfcomm_dlc *d) 537 void __rfcomm_dlc_unthrottle(struct rfcomm_dlc *d)
538 { 538 {
539 BT_DBG("dlc %p state %ld", d, d->state); 539 BT_DBG("dlc %p state %ld", d, d->state);
540 540
541 if (!d->cfc) { 541 if (!d->cfc) {
542 d->v24_sig &= ~RFCOMM_V24_FC; 542 d->v24_sig &= ~RFCOMM_V24_FC;
543 set_bit(RFCOMM_MSC_PENDING, &d->flags); 543 set_bit(RFCOMM_MSC_PENDING, &d->flags);
544 } 544 }
545 rfcomm_schedule(); 545 rfcomm_schedule();
546 } 546 }
547 547
548 /* 548 /*
549 Set/get modem status functions use _local_ status i.e. what we report 549 Set/get modem status functions use _local_ status i.e. what we report
550 to the other side. 550 to the other side.
551 Remote status is provided by dlc->modem_status() callback. 551 Remote status is provided by dlc->modem_status() callback.
552 */ 552 */
553 int rfcomm_dlc_set_modem_status(struct rfcomm_dlc *d, u8 v24_sig) 553 int rfcomm_dlc_set_modem_status(struct rfcomm_dlc *d, u8 v24_sig)
554 { 554 {
555 BT_DBG("dlc %p state %ld v24_sig 0x%x", 555 BT_DBG("dlc %p state %ld v24_sig 0x%x",
556 d, d->state, v24_sig); 556 d, d->state, v24_sig);
557 557
558 if (test_bit(RFCOMM_RX_THROTTLED, &d->flags)) 558 if (test_bit(RFCOMM_RX_THROTTLED, &d->flags))
559 v24_sig |= RFCOMM_V24_FC; 559 v24_sig |= RFCOMM_V24_FC;
560 else 560 else
561 v24_sig &= ~RFCOMM_V24_FC; 561 v24_sig &= ~RFCOMM_V24_FC;
562 562
563 d->v24_sig = v24_sig; 563 d->v24_sig = v24_sig;
564 564
565 if (!test_and_set_bit(RFCOMM_MSC_PENDING, &d->flags)) 565 if (!test_and_set_bit(RFCOMM_MSC_PENDING, &d->flags))
566 rfcomm_schedule(); 566 rfcomm_schedule();
567 567
568 return 0; 568 return 0;
569 } 569 }
570 570
571 int rfcomm_dlc_get_modem_status(struct rfcomm_dlc *d, u8 *v24_sig) 571 int rfcomm_dlc_get_modem_status(struct rfcomm_dlc *d, u8 *v24_sig)
572 { 572 {
573 BT_DBG("dlc %p state %ld v24_sig 0x%x", 573 BT_DBG("dlc %p state %ld v24_sig 0x%x",
574 d, d->state, d->v24_sig); 574 d, d->state, d->v24_sig);
575 575
576 *v24_sig = d->v24_sig; 576 *v24_sig = d->v24_sig;
577 return 0; 577 return 0;
578 } 578 }
579 579
580 /* ---- RFCOMM sessions ---- */ 580 /* ---- RFCOMM sessions ---- */
581 static struct rfcomm_session *rfcomm_session_add(struct socket *sock, int state) 581 static struct rfcomm_session *rfcomm_session_add(struct socket *sock, int state)
582 { 582 {
583 struct rfcomm_session *s = kzalloc(sizeof(*s), GFP_KERNEL); 583 struct rfcomm_session *s = kzalloc(sizeof(*s), GFP_KERNEL);
584 584
585 if (!s) 585 if (!s)
586 return NULL; 586 return NULL;
587 587
588 BT_DBG("session %p sock %p", s, sock); 588 BT_DBG("session %p sock %p", s, sock);
589 589
590 setup_timer(&s->timer, rfcomm_session_timeout, (unsigned long) s); 590 setup_timer(&s->timer, rfcomm_session_timeout, (unsigned long) s);
591 591
592 INIT_LIST_HEAD(&s->dlcs); 592 INIT_LIST_HEAD(&s->dlcs);
593 s->state = state; 593 s->state = state;
594 s->sock = sock; 594 s->sock = sock;
595 595
596 s->mtu = RFCOMM_DEFAULT_MTU; 596 s->mtu = RFCOMM_DEFAULT_MTU;
597 s->cfc = disable_cfc ? RFCOMM_CFC_DISABLED : RFCOMM_CFC_UNKNOWN; 597 s->cfc = disable_cfc ? RFCOMM_CFC_DISABLED : RFCOMM_CFC_UNKNOWN;
598 598
599 /* Do not increment module usage count for listening sessions. 599 /* Do not increment module usage count for listening sessions.
600 * Otherwise we won't be able to unload the module. */ 600 * Otherwise we won't be able to unload the module. */
601 if (state != BT_LISTEN) 601 if (state != BT_LISTEN)
602 if (!try_module_get(THIS_MODULE)) { 602 if (!try_module_get(THIS_MODULE)) {
603 kfree(s); 603 kfree(s);
604 return NULL; 604 return NULL;
605 } 605 }
606 606
607 list_add(&s->list, &session_list); 607 list_add(&s->list, &session_list);
608 608
609 return s; 609 return s;
610 } 610 }
611 611
612 static void rfcomm_session_del(struct rfcomm_session *s) 612 static void rfcomm_session_del(struct rfcomm_session *s)
613 { 613 {
614 int state = s->state; 614 int state = s->state;
615 615
616 BT_DBG("session %p state %ld", s, s->state); 616 BT_DBG("session %p state %ld", s, s->state);
617 617
618 list_del(&s->list); 618 list_del(&s->list);
619 619
620 if (state == BT_CONNECTED) 620 if (state == BT_CONNECTED)
621 rfcomm_send_disc(s, 0); 621 rfcomm_send_disc(s, 0);
622 622
623 rfcomm_session_clear_timer(s); 623 rfcomm_session_clear_timer(s);
624 sock_release(s->sock); 624 sock_release(s->sock);
625 kfree(s); 625 kfree(s);
626 626
627 if (state != BT_LISTEN) 627 if (state != BT_LISTEN)
628 module_put(THIS_MODULE); 628 module_put(THIS_MODULE);
629 } 629 }
630 630
631 static struct rfcomm_session *rfcomm_session_get(bdaddr_t *src, bdaddr_t *dst) 631 static struct rfcomm_session *rfcomm_session_get(bdaddr_t *src, bdaddr_t *dst)
632 { 632 {
633 struct rfcomm_session *s; 633 struct rfcomm_session *s;
634 struct list_head *p, *n; 634 struct list_head *p, *n;
635 struct bt_sock *sk; 635 struct bt_sock *sk;
636 list_for_each_safe(p, n, &session_list) { 636 list_for_each_safe(p, n, &session_list) {
637 s = list_entry(p, struct rfcomm_session, list); 637 s = list_entry(p, struct rfcomm_session, list);
638 sk = bt_sk(s->sock->sk); 638 sk = bt_sk(s->sock->sk);
639 639
640 if ((!bacmp(src, BDADDR_ANY) || !bacmp(&sk->src, src)) && 640 if ((!bacmp(src, BDADDR_ANY) || !bacmp(&sk->src, src)) &&
641 !bacmp(&sk->dst, dst)) 641 !bacmp(&sk->dst, dst))
642 return s; 642 return s;
643 } 643 }
644 return NULL; 644 return NULL;
645 } 645 }
646 646
647 static void rfcomm_session_close(struct rfcomm_session *s, int err) 647 static void rfcomm_session_close(struct rfcomm_session *s, int err)
648 { 648 {
649 struct rfcomm_dlc *d; 649 struct rfcomm_dlc *d;
650 struct list_head *p, *n; 650 struct list_head *p, *n;
651 651
652 BT_DBG("session %p state %ld err %d", s, s->state, err); 652 BT_DBG("session %p state %ld err %d", s, s->state, err);
653 653
654 rfcomm_session_hold(s); 654 rfcomm_session_hold(s);
655 655
656 s->state = BT_CLOSED; 656 s->state = BT_CLOSED;
657 657
658 /* Close all dlcs */ 658 /* Close all dlcs */
659 list_for_each_safe(p, n, &s->dlcs) { 659 list_for_each_safe(p, n, &s->dlcs) {
660 d = list_entry(p, struct rfcomm_dlc, list); 660 d = list_entry(p, struct rfcomm_dlc, list);
661 d->state = BT_CLOSED; 661 d->state = BT_CLOSED;
662 __rfcomm_dlc_close(d, err); 662 __rfcomm_dlc_close(d, err);
663 } 663 }
664 664
665 rfcomm_session_clear_timer(s); 665 rfcomm_session_clear_timer(s);
666 rfcomm_session_put(s); 666 rfcomm_session_put(s);
667 } 667 }
668 668
669 static struct rfcomm_session *rfcomm_session_create(bdaddr_t *src, 669 static struct rfcomm_session *rfcomm_session_create(bdaddr_t *src,
670 bdaddr_t *dst, 670 bdaddr_t *dst,
671 u8 sec_level, 671 u8 sec_level,
672 int *err) 672 int *err)
673 { 673 {
674 struct rfcomm_session *s = NULL; 674 struct rfcomm_session *s = NULL;
675 struct sockaddr_l2 addr; 675 struct sockaddr_l2 addr;
676 struct socket *sock; 676 struct socket *sock;
677 struct sock *sk; 677 struct sock *sk;
678 678
679 BT_DBG("%pMR -> %pMR", src, dst); 679 BT_DBG("%pMR -> %pMR", src, dst);
680 680
681 *err = rfcomm_l2sock_create(&sock); 681 *err = rfcomm_l2sock_create(&sock);
682 if (*err < 0) 682 if (*err < 0)
683 return NULL; 683 return NULL;
684 684
685 bacpy(&addr.l2_bdaddr, src); 685 bacpy(&addr.l2_bdaddr, src);
686 addr.l2_family = AF_BLUETOOTH; 686 addr.l2_family = AF_BLUETOOTH;
687 addr.l2_psm = 0; 687 addr.l2_psm = 0;
688 addr.l2_cid = 0; 688 addr.l2_cid = 0;
689 *err = kernel_bind(sock, (struct sockaddr *) &addr, sizeof(addr)); 689 *err = kernel_bind(sock, (struct sockaddr *) &addr, sizeof(addr));
690 if (*err < 0) 690 if (*err < 0)
691 goto failed; 691 goto failed;
692 692
693 /* Set L2CAP options */ 693 /* Set L2CAP options */
694 sk = sock->sk; 694 sk = sock->sk;
695 lock_sock(sk); 695 lock_sock(sk);
696 l2cap_pi(sk)->chan->imtu = l2cap_mtu; 696 l2cap_pi(sk)->chan->imtu = l2cap_mtu;
697 l2cap_pi(sk)->chan->sec_level = sec_level; 697 l2cap_pi(sk)->chan->sec_level = sec_level;
698 if (l2cap_ertm) 698 if (l2cap_ertm)
699 l2cap_pi(sk)->chan->mode = L2CAP_MODE_ERTM; 699 l2cap_pi(sk)->chan->mode = L2CAP_MODE_ERTM;
700 release_sock(sk); 700 release_sock(sk);
701 701
702 s = rfcomm_session_add(sock, BT_BOUND); 702 s = rfcomm_session_add(sock, BT_BOUND);
703 if (!s) { 703 if (!s) {
704 *err = -ENOMEM; 704 *err = -ENOMEM;
705 goto failed; 705 goto failed;
706 } 706 }
707 707
708 s->initiator = 1; 708 s->initiator = 1;
709 709
710 bacpy(&addr.l2_bdaddr, dst); 710 bacpy(&addr.l2_bdaddr, dst);
711 addr.l2_family = AF_BLUETOOTH; 711 addr.l2_family = AF_BLUETOOTH;
712 addr.l2_psm = cpu_to_le16(RFCOMM_PSM); 712 addr.l2_psm = __constant_cpu_to_le16(RFCOMM_PSM);
713 addr.l2_cid = 0; 713 addr.l2_cid = 0;
714 *err = kernel_connect(sock, (struct sockaddr *) &addr, sizeof(addr), O_NONBLOCK); 714 *err = kernel_connect(sock, (struct sockaddr *) &addr, sizeof(addr), O_NONBLOCK);
715 if (*err == 0 || *err == -EINPROGRESS) 715 if (*err == 0 || *err == -EINPROGRESS)
716 return s; 716 return s;
717 717
718 rfcomm_session_del(s); 718 rfcomm_session_del(s);
719 return NULL; 719 return NULL;
720 720
721 failed: 721 failed:
722 sock_release(sock); 722 sock_release(sock);
723 return NULL; 723 return NULL;
724 } 724 }
725 725
726 void rfcomm_session_getaddr(struct rfcomm_session *s, bdaddr_t *src, bdaddr_t *dst) 726 void rfcomm_session_getaddr(struct rfcomm_session *s, bdaddr_t *src, bdaddr_t *dst)
727 { 727 {
728 struct sock *sk = s->sock->sk; 728 struct sock *sk = s->sock->sk;
729 if (src) 729 if (src)
730 bacpy(src, &bt_sk(sk)->src); 730 bacpy(src, &bt_sk(sk)->src);
731 if (dst) 731 if (dst)
732 bacpy(dst, &bt_sk(sk)->dst); 732 bacpy(dst, &bt_sk(sk)->dst);
733 } 733 }
734 734
735 /* ---- RFCOMM frame sending ---- */ 735 /* ---- RFCOMM frame sending ---- */
736 static int rfcomm_send_frame(struct rfcomm_session *s, u8 *data, int len) 736 static int rfcomm_send_frame(struct rfcomm_session *s, u8 *data, int len)
737 { 737 {
738 struct kvec iv = { data, len }; 738 struct kvec iv = { data, len };
739 struct msghdr msg; 739 struct msghdr msg;
740 740
741 BT_DBG("session %p len %d", s, len); 741 BT_DBG("session %p len %d", s, len);
742 742
743 memset(&msg, 0, sizeof(msg)); 743 memset(&msg, 0, sizeof(msg));
744 744
745 return kernel_sendmsg(s->sock, &msg, &iv, 1, len); 745 return kernel_sendmsg(s->sock, &msg, &iv, 1, len);
746 } 746 }
747 747
748 static int rfcomm_send_cmd(struct rfcomm_session *s, struct rfcomm_cmd *cmd) 748 static int rfcomm_send_cmd(struct rfcomm_session *s, struct rfcomm_cmd *cmd)
749 { 749 {
750 BT_DBG("%p cmd %u", s, cmd->ctrl); 750 BT_DBG("%p cmd %u", s, cmd->ctrl);
751 751
752 return rfcomm_send_frame(s, (void *) cmd, sizeof(*cmd)); 752 return rfcomm_send_frame(s, (void *) cmd, sizeof(*cmd));
753 } 753 }
754 754
755 static int rfcomm_send_sabm(struct rfcomm_session *s, u8 dlci) 755 static int rfcomm_send_sabm(struct rfcomm_session *s, u8 dlci)
756 { 756 {
757 struct rfcomm_cmd cmd; 757 struct rfcomm_cmd cmd;
758 758
759 BT_DBG("%p dlci %d", s, dlci); 759 BT_DBG("%p dlci %d", s, dlci);
760 760
761 cmd.addr = __addr(s->initiator, dlci); 761 cmd.addr = __addr(s->initiator, dlci);
762 cmd.ctrl = __ctrl(RFCOMM_SABM, 1); 762 cmd.ctrl = __ctrl(RFCOMM_SABM, 1);
763 cmd.len = __len8(0); 763 cmd.len = __len8(0);
764 cmd.fcs = __fcs2((u8 *) &cmd); 764 cmd.fcs = __fcs2((u8 *) &cmd);
765 765
766 return rfcomm_send_cmd(s, &cmd); 766 return rfcomm_send_cmd(s, &cmd);
767 } 767 }
768 768
769 static int rfcomm_send_ua(struct rfcomm_session *s, u8 dlci) 769 static int rfcomm_send_ua(struct rfcomm_session *s, u8 dlci)
770 { 770 {
771 struct rfcomm_cmd cmd; 771 struct rfcomm_cmd cmd;
772 772
773 BT_DBG("%p dlci %d", s, dlci); 773 BT_DBG("%p dlci %d", s, dlci);
774 774
775 cmd.addr = __addr(!s->initiator, dlci); 775 cmd.addr = __addr(!s->initiator, dlci);
776 cmd.ctrl = __ctrl(RFCOMM_UA, 1); 776 cmd.ctrl = __ctrl(RFCOMM_UA, 1);
777 cmd.len = __len8(0); 777 cmd.len = __len8(0);
778 cmd.fcs = __fcs2((u8 *) &cmd); 778 cmd.fcs = __fcs2((u8 *) &cmd);
779 779
780 return rfcomm_send_cmd(s, &cmd); 780 return rfcomm_send_cmd(s, &cmd);
781 } 781 }
782 782
783 static int rfcomm_send_disc(struct rfcomm_session *s, u8 dlci) 783 static int rfcomm_send_disc(struct rfcomm_session *s, u8 dlci)
784 { 784 {
785 struct rfcomm_cmd cmd; 785 struct rfcomm_cmd cmd;
786 786
787 BT_DBG("%p dlci %d", s, dlci); 787 BT_DBG("%p dlci %d", s, dlci);
788 788
789 cmd.addr = __addr(s->initiator, dlci); 789 cmd.addr = __addr(s->initiator, dlci);
790 cmd.ctrl = __ctrl(RFCOMM_DISC, 1); 790 cmd.ctrl = __ctrl(RFCOMM_DISC, 1);
791 cmd.len = __len8(0); 791 cmd.len = __len8(0);
792 cmd.fcs = __fcs2((u8 *) &cmd); 792 cmd.fcs = __fcs2((u8 *) &cmd);
793 793
794 return rfcomm_send_cmd(s, &cmd); 794 return rfcomm_send_cmd(s, &cmd);
795 } 795 }
796 796
797 static int rfcomm_queue_disc(struct rfcomm_dlc *d) 797 static int rfcomm_queue_disc(struct rfcomm_dlc *d)
798 { 798 {
799 struct rfcomm_cmd *cmd; 799 struct rfcomm_cmd *cmd;
800 struct sk_buff *skb; 800 struct sk_buff *skb;
801 801
802 BT_DBG("dlc %p dlci %d", d, d->dlci); 802 BT_DBG("dlc %p dlci %d", d, d->dlci);
803 803
804 skb = alloc_skb(sizeof(*cmd), GFP_KERNEL); 804 skb = alloc_skb(sizeof(*cmd), GFP_KERNEL);
805 if (!skb) 805 if (!skb)
806 return -ENOMEM; 806 return -ENOMEM;
807 807
808 cmd = (void *) __skb_put(skb, sizeof(*cmd)); 808 cmd = (void *) __skb_put(skb, sizeof(*cmd));
809 cmd->addr = d->addr; 809 cmd->addr = d->addr;
810 cmd->ctrl = __ctrl(RFCOMM_DISC, 1); 810 cmd->ctrl = __ctrl(RFCOMM_DISC, 1);
811 cmd->len = __len8(0); 811 cmd->len = __len8(0);
812 cmd->fcs = __fcs2((u8 *) cmd); 812 cmd->fcs = __fcs2((u8 *) cmd);
813 813
814 skb_queue_tail(&d->tx_queue, skb); 814 skb_queue_tail(&d->tx_queue, skb);
815 rfcomm_schedule(); 815 rfcomm_schedule();
816 return 0; 816 return 0;
817 } 817 }
818 818
819 static int rfcomm_send_dm(struct rfcomm_session *s, u8 dlci) 819 static int rfcomm_send_dm(struct rfcomm_session *s, u8 dlci)
820 { 820 {
821 struct rfcomm_cmd cmd; 821 struct rfcomm_cmd cmd;
822 822
823 BT_DBG("%p dlci %d", s, dlci); 823 BT_DBG("%p dlci %d", s, dlci);
824 824
825 cmd.addr = __addr(!s->initiator, dlci); 825 cmd.addr = __addr(!s->initiator, dlci);
826 cmd.ctrl = __ctrl(RFCOMM_DM, 1); 826 cmd.ctrl = __ctrl(RFCOMM_DM, 1);
827 cmd.len = __len8(0); 827 cmd.len = __len8(0);
828 cmd.fcs = __fcs2((u8 *) &cmd); 828 cmd.fcs = __fcs2((u8 *) &cmd);
829 829
830 return rfcomm_send_cmd(s, &cmd); 830 return rfcomm_send_cmd(s, &cmd);
831 } 831 }
832 832
833 static int rfcomm_send_nsc(struct rfcomm_session *s, int cr, u8 type) 833 static int rfcomm_send_nsc(struct rfcomm_session *s, int cr, u8 type)
834 { 834 {
835 struct rfcomm_hdr *hdr; 835 struct rfcomm_hdr *hdr;
836 struct rfcomm_mcc *mcc; 836 struct rfcomm_mcc *mcc;
837 u8 buf[16], *ptr = buf; 837 u8 buf[16], *ptr = buf;
838 838
839 BT_DBG("%p cr %d type %d", s, cr, type); 839 BT_DBG("%p cr %d type %d", s, cr, type);
840 840
841 hdr = (void *) ptr; ptr += sizeof(*hdr); 841 hdr = (void *) ptr; ptr += sizeof(*hdr);
842 hdr->addr = __addr(s->initiator, 0); 842 hdr->addr = __addr(s->initiator, 0);
843 hdr->ctrl = __ctrl(RFCOMM_UIH, 0); 843 hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
844 hdr->len = __len8(sizeof(*mcc) + 1); 844 hdr->len = __len8(sizeof(*mcc) + 1);
845 845
846 mcc = (void *) ptr; ptr += sizeof(*mcc); 846 mcc = (void *) ptr; ptr += sizeof(*mcc);
847 mcc->type = __mcc_type(cr, RFCOMM_NSC); 847 mcc->type = __mcc_type(cr, RFCOMM_NSC);
848 mcc->len = __len8(1); 848 mcc->len = __len8(1);
849 849
850 /* Type that we didn't like */ 850 /* Type that we didn't like */
851 *ptr = __mcc_type(cr, type); ptr++; 851 *ptr = __mcc_type(cr, type); ptr++;
852 852
853 *ptr = __fcs(buf); ptr++; 853 *ptr = __fcs(buf); ptr++;
854 854
855 return rfcomm_send_frame(s, buf, ptr - buf); 855 return rfcomm_send_frame(s, buf, ptr - buf);
856 } 856 }
857 857
858 static int rfcomm_send_pn(struct rfcomm_session *s, int cr, struct rfcomm_dlc *d) 858 static int rfcomm_send_pn(struct rfcomm_session *s, int cr, struct rfcomm_dlc *d)
859 { 859 {
860 struct rfcomm_hdr *hdr; 860 struct rfcomm_hdr *hdr;
861 struct rfcomm_mcc *mcc; 861 struct rfcomm_mcc *mcc;
862 struct rfcomm_pn *pn; 862 struct rfcomm_pn *pn;
863 u8 buf[16], *ptr = buf; 863 u8 buf[16], *ptr = buf;
864 864
865 BT_DBG("%p cr %d dlci %d mtu %d", s, cr, d->dlci, d->mtu); 865 BT_DBG("%p cr %d dlci %d mtu %d", s, cr, d->dlci, d->mtu);
866 866
867 hdr = (void *) ptr; ptr += sizeof(*hdr); 867 hdr = (void *) ptr; ptr += sizeof(*hdr);
868 hdr->addr = __addr(s->initiator, 0); 868 hdr->addr = __addr(s->initiator, 0);
869 hdr->ctrl = __ctrl(RFCOMM_UIH, 0); 869 hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
870 hdr->len = __len8(sizeof(*mcc) + sizeof(*pn)); 870 hdr->len = __len8(sizeof(*mcc) + sizeof(*pn));
871 871
872 mcc = (void *) ptr; ptr += sizeof(*mcc); 872 mcc = (void *) ptr; ptr += sizeof(*mcc);
873 mcc->type = __mcc_type(cr, RFCOMM_PN); 873 mcc->type = __mcc_type(cr, RFCOMM_PN);
874 mcc->len = __len8(sizeof(*pn)); 874 mcc->len = __len8(sizeof(*pn));
875 875
876 pn = (void *) ptr; ptr += sizeof(*pn); 876 pn = (void *) ptr; ptr += sizeof(*pn);
877 pn->dlci = d->dlci; 877 pn->dlci = d->dlci;
878 pn->priority = d->priority; 878 pn->priority = d->priority;
879 pn->ack_timer = 0; 879 pn->ack_timer = 0;
880 pn->max_retrans = 0; 880 pn->max_retrans = 0;
881 881
882 if (s->cfc) { 882 if (s->cfc) {
883 pn->flow_ctrl = cr ? 0xf0 : 0xe0; 883 pn->flow_ctrl = cr ? 0xf0 : 0xe0;
884 pn->credits = RFCOMM_DEFAULT_CREDITS; 884 pn->credits = RFCOMM_DEFAULT_CREDITS;
885 } else { 885 } else {
886 pn->flow_ctrl = 0; 886 pn->flow_ctrl = 0;
887 pn->credits = 0; 887 pn->credits = 0;
888 } 888 }
889 889
890 if (cr && channel_mtu >= 0) 890 if (cr && channel_mtu >= 0)
891 pn->mtu = cpu_to_le16(channel_mtu); 891 pn->mtu = cpu_to_le16(channel_mtu);
892 else 892 else
893 pn->mtu = cpu_to_le16(d->mtu); 893 pn->mtu = cpu_to_le16(d->mtu);
894 894
895 *ptr = __fcs(buf); ptr++; 895 *ptr = __fcs(buf); ptr++;
896 896
897 return rfcomm_send_frame(s, buf, ptr - buf); 897 return rfcomm_send_frame(s, buf, ptr - buf);
898 } 898 }
899 899
900 int rfcomm_send_rpn(struct rfcomm_session *s, int cr, u8 dlci, 900 int rfcomm_send_rpn(struct rfcomm_session *s, int cr, u8 dlci,
901 u8 bit_rate, u8 data_bits, u8 stop_bits, 901 u8 bit_rate, u8 data_bits, u8 stop_bits,
902 u8 parity, u8 flow_ctrl_settings, 902 u8 parity, u8 flow_ctrl_settings,
903 u8 xon_char, u8 xoff_char, u16 param_mask) 903 u8 xon_char, u8 xoff_char, u16 param_mask)
904 { 904 {
905 struct rfcomm_hdr *hdr; 905 struct rfcomm_hdr *hdr;
906 struct rfcomm_mcc *mcc; 906 struct rfcomm_mcc *mcc;
907 struct rfcomm_rpn *rpn; 907 struct rfcomm_rpn *rpn;
908 u8 buf[16], *ptr = buf; 908 u8 buf[16], *ptr = buf;
909 909
910 BT_DBG("%p cr %d dlci %d bit_r 0x%x data_b 0x%x stop_b 0x%x parity 0x%x" 910 BT_DBG("%p cr %d dlci %d bit_r 0x%x data_b 0x%x stop_b 0x%x parity 0x%x"
911 " flwc_s 0x%x xon_c 0x%x xoff_c 0x%x p_mask 0x%x", 911 " flwc_s 0x%x xon_c 0x%x xoff_c 0x%x p_mask 0x%x",
912 s, cr, dlci, bit_rate, data_bits, stop_bits, parity, 912 s, cr, dlci, bit_rate, data_bits, stop_bits, parity,
913 flow_ctrl_settings, xon_char, xoff_char, param_mask); 913 flow_ctrl_settings, xon_char, xoff_char, param_mask);
914 914
915 hdr = (void *) ptr; ptr += sizeof(*hdr); 915 hdr = (void *) ptr; ptr += sizeof(*hdr);
916 hdr->addr = __addr(s->initiator, 0); 916 hdr->addr = __addr(s->initiator, 0);
917 hdr->ctrl = __ctrl(RFCOMM_UIH, 0); 917 hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
918 hdr->len = __len8(sizeof(*mcc) + sizeof(*rpn)); 918 hdr->len = __len8(sizeof(*mcc) + sizeof(*rpn));
919 919
920 mcc = (void *) ptr; ptr += sizeof(*mcc); 920 mcc = (void *) ptr; ptr += sizeof(*mcc);
921 mcc->type = __mcc_type(cr, RFCOMM_RPN); 921 mcc->type = __mcc_type(cr, RFCOMM_RPN);
922 mcc->len = __len8(sizeof(*rpn)); 922 mcc->len = __len8(sizeof(*rpn));
923 923
924 rpn = (void *) ptr; ptr += sizeof(*rpn); 924 rpn = (void *) ptr; ptr += sizeof(*rpn);
925 rpn->dlci = __addr(1, dlci); 925 rpn->dlci = __addr(1, dlci);
926 rpn->bit_rate = bit_rate; 926 rpn->bit_rate = bit_rate;
927 rpn->line_settings = __rpn_line_settings(data_bits, stop_bits, parity); 927 rpn->line_settings = __rpn_line_settings(data_bits, stop_bits, parity);
928 rpn->flow_ctrl = flow_ctrl_settings; 928 rpn->flow_ctrl = flow_ctrl_settings;
929 rpn->xon_char = xon_char; 929 rpn->xon_char = xon_char;
930 rpn->xoff_char = xoff_char; 930 rpn->xoff_char = xoff_char;
931 rpn->param_mask = cpu_to_le16(param_mask); 931 rpn->param_mask = cpu_to_le16(param_mask);
932 932
933 *ptr = __fcs(buf); ptr++; 933 *ptr = __fcs(buf); ptr++;
934 934
935 return rfcomm_send_frame(s, buf, ptr - buf); 935 return rfcomm_send_frame(s, buf, ptr - buf);
936 } 936 }
937 937
938 static int rfcomm_send_rls(struct rfcomm_session *s, int cr, u8 dlci, u8 status) 938 static int rfcomm_send_rls(struct rfcomm_session *s, int cr, u8 dlci, u8 status)
939 { 939 {
940 struct rfcomm_hdr *hdr; 940 struct rfcomm_hdr *hdr;
941 struct rfcomm_mcc *mcc; 941 struct rfcomm_mcc *mcc;
942 struct rfcomm_rls *rls; 942 struct rfcomm_rls *rls;
943 u8 buf[16], *ptr = buf; 943 u8 buf[16], *ptr = buf;
944 944
945 BT_DBG("%p cr %d status 0x%x", s, cr, status); 945 BT_DBG("%p cr %d status 0x%x", s, cr, status);
946 946
947 hdr = (void *) ptr; ptr += sizeof(*hdr); 947 hdr = (void *) ptr; ptr += sizeof(*hdr);
948 hdr->addr = __addr(s->initiator, 0); 948 hdr->addr = __addr(s->initiator, 0);
949 hdr->ctrl = __ctrl(RFCOMM_UIH, 0); 949 hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
950 hdr->len = __len8(sizeof(*mcc) + sizeof(*rls)); 950 hdr->len = __len8(sizeof(*mcc) + sizeof(*rls));
951 951
952 mcc = (void *) ptr; ptr += sizeof(*mcc); 952 mcc = (void *) ptr; ptr += sizeof(*mcc);
953 mcc->type = __mcc_type(cr, RFCOMM_RLS); 953 mcc->type = __mcc_type(cr, RFCOMM_RLS);
954 mcc->len = __len8(sizeof(*rls)); 954 mcc->len = __len8(sizeof(*rls));
955 955
956 rls = (void *) ptr; ptr += sizeof(*rls); 956 rls = (void *) ptr; ptr += sizeof(*rls);
957 rls->dlci = __addr(1, dlci); 957 rls->dlci = __addr(1, dlci);
958 rls->status = status; 958 rls->status = status;
959 959
960 *ptr = __fcs(buf); ptr++; 960 *ptr = __fcs(buf); ptr++;
961 961
962 return rfcomm_send_frame(s, buf, ptr - buf); 962 return rfcomm_send_frame(s, buf, ptr - buf);
963 } 963 }
964 964
965 static int rfcomm_send_msc(struct rfcomm_session *s, int cr, u8 dlci, u8 v24_sig) 965 static int rfcomm_send_msc(struct rfcomm_session *s, int cr, u8 dlci, u8 v24_sig)
966 { 966 {
967 struct rfcomm_hdr *hdr; 967 struct rfcomm_hdr *hdr;
968 struct rfcomm_mcc *mcc; 968 struct rfcomm_mcc *mcc;
969 struct rfcomm_msc *msc; 969 struct rfcomm_msc *msc;
970 u8 buf[16], *ptr = buf; 970 u8 buf[16], *ptr = buf;
971 971
972 BT_DBG("%p cr %d v24 0x%x", s, cr, v24_sig); 972 BT_DBG("%p cr %d v24 0x%x", s, cr, v24_sig);
973 973
974 hdr = (void *) ptr; ptr += sizeof(*hdr); 974 hdr = (void *) ptr; ptr += sizeof(*hdr);
975 hdr->addr = __addr(s->initiator, 0); 975 hdr->addr = __addr(s->initiator, 0);
976 hdr->ctrl = __ctrl(RFCOMM_UIH, 0); 976 hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
977 hdr->len = __len8(sizeof(*mcc) + sizeof(*msc)); 977 hdr->len = __len8(sizeof(*mcc) + sizeof(*msc));
978 978
979 mcc = (void *) ptr; ptr += sizeof(*mcc); 979 mcc = (void *) ptr; ptr += sizeof(*mcc);
980 mcc->type = __mcc_type(cr, RFCOMM_MSC); 980 mcc->type = __mcc_type(cr, RFCOMM_MSC);
981 mcc->len = __len8(sizeof(*msc)); 981 mcc->len = __len8(sizeof(*msc));
982 982
983 msc = (void *) ptr; ptr += sizeof(*msc); 983 msc = (void *) ptr; ptr += sizeof(*msc);
984 msc->dlci = __addr(1, dlci); 984 msc->dlci = __addr(1, dlci);
985 msc->v24_sig = v24_sig | 0x01; 985 msc->v24_sig = v24_sig | 0x01;
986 986
987 *ptr = __fcs(buf); ptr++; 987 *ptr = __fcs(buf); ptr++;
988 988
989 return rfcomm_send_frame(s, buf, ptr - buf); 989 return rfcomm_send_frame(s, buf, ptr - buf);
990 } 990 }
991 991
992 static int rfcomm_send_fcoff(struct rfcomm_session *s, int cr) 992 static int rfcomm_send_fcoff(struct rfcomm_session *s, int cr)
993 { 993 {
994 struct rfcomm_hdr *hdr; 994 struct rfcomm_hdr *hdr;
995 struct rfcomm_mcc *mcc; 995 struct rfcomm_mcc *mcc;
996 u8 buf[16], *ptr = buf; 996 u8 buf[16], *ptr = buf;
997 997
998 BT_DBG("%p cr %d", s, cr); 998 BT_DBG("%p cr %d", s, cr);
999 999
1000 hdr = (void *) ptr; ptr += sizeof(*hdr); 1000 hdr = (void *) ptr; ptr += sizeof(*hdr);
1001 hdr->addr = __addr(s->initiator, 0); 1001 hdr->addr = __addr(s->initiator, 0);
1002 hdr->ctrl = __ctrl(RFCOMM_UIH, 0); 1002 hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
1003 hdr->len = __len8(sizeof(*mcc)); 1003 hdr->len = __len8(sizeof(*mcc));
1004 1004
1005 mcc = (void *) ptr; ptr += sizeof(*mcc); 1005 mcc = (void *) ptr; ptr += sizeof(*mcc);
1006 mcc->type = __mcc_type(cr, RFCOMM_FCOFF); 1006 mcc->type = __mcc_type(cr, RFCOMM_FCOFF);
1007 mcc->len = __len8(0); 1007 mcc->len = __len8(0);
1008 1008
1009 *ptr = __fcs(buf); ptr++; 1009 *ptr = __fcs(buf); ptr++;
1010 1010
1011 return rfcomm_send_frame(s, buf, ptr - buf); 1011 return rfcomm_send_frame(s, buf, ptr - buf);
1012 } 1012 }
1013 1013
1014 static int rfcomm_send_fcon(struct rfcomm_session *s, int cr) 1014 static int rfcomm_send_fcon(struct rfcomm_session *s, int cr)
1015 { 1015 {
1016 struct rfcomm_hdr *hdr; 1016 struct rfcomm_hdr *hdr;
1017 struct rfcomm_mcc *mcc; 1017 struct rfcomm_mcc *mcc;
1018 u8 buf[16], *ptr = buf; 1018 u8 buf[16], *ptr = buf;
1019 1019
1020 BT_DBG("%p cr %d", s, cr); 1020 BT_DBG("%p cr %d", s, cr);
1021 1021
1022 hdr = (void *) ptr; ptr += sizeof(*hdr); 1022 hdr = (void *) ptr; ptr += sizeof(*hdr);
1023 hdr->addr = __addr(s->initiator, 0); 1023 hdr->addr = __addr(s->initiator, 0);
1024 hdr->ctrl = __ctrl(RFCOMM_UIH, 0); 1024 hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
1025 hdr->len = __len8(sizeof(*mcc)); 1025 hdr->len = __len8(sizeof(*mcc));
1026 1026
1027 mcc = (void *) ptr; ptr += sizeof(*mcc); 1027 mcc = (void *) ptr; ptr += sizeof(*mcc);
1028 mcc->type = __mcc_type(cr, RFCOMM_FCON); 1028 mcc->type = __mcc_type(cr, RFCOMM_FCON);
1029 mcc->len = __len8(0); 1029 mcc->len = __len8(0);
1030 1030
1031 *ptr = __fcs(buf); ptr++; 1031 *ptr = __fcs(buf); ptr++;
1032 1032
1033 return rfcomm_send_frame(s, buf, ptr - buf); 1033 return rfcomm_send_frame(s, buf, ptr - buf);
1034 } 1034 }
1035 1035
1036 static int rfcomm_send_test(struct rfcomm_session *s, int cr, u8 *pattern, int len) 1036 static int rfcomm_send_test(struct rfcomm_session *s, int cr, u8 *pattern, int len)
1037 { 1037 {
1038 struct socket *sock = s->sock; 1038 struct socket *sock = s->sock;
1039 struct kvec iv[3]; 1039 struct kvec iv[3];
1040 struct msghdr msg; 1040 struct msghdr msg;
1041 unsigned char hdr[5], crc[1]; 1041 unsigned char hdr[5], crc[1];
1042 1042
1043 if (len > 125) 1043 if (len > 125)
1044 return -EINVAL; 1044 return -EINVAL;
1045 1045
1046 BT_DBG("%p cr %d", s, cr); 1046 BT_DBG("%p cr %d", s, cr);
1047 1047
1048 hdr[0] = __addr(s->initiator, 0); 1048 hdr[0] = __addr(s->initiator, 0);
1049 hdr[1] = __ctrl(RFCOMM_UIH, 0); 1049 hdr[1] = __ctrl(RFCOMM_UIH, 0);
1050 hdr[2] = 0x01 | ((len + 2) << 1); 1050 hdr[2] = 0x01 | ((len + 2) << 1);
1051 hdr[3] = 0x01 | ((cr & 0x01) << 1) | (RFCOMM_TEST << 2); 1051 hdr[3] = 0x01 | ((cr & 0x01) << 1) | (RFCOMM_TEST << 2);
1052 hdr[4] = 0x01 | (len << 1); 1052 hdr[4] = 0x01 | (len << 1);
1053 1053
1054 crc[0] = __fcs(hdr); 1054 crc[0] = __fcs(hdr);
1055 1055
1056 iv[0].iov_base = hdr; 1056 iv[0].iov_base = hdr;
1057 iv[0].iov_len = 5; 1057 iv[0].iov_len = 5;
1058 iv[1].iov_base = pattern; 1058 iv[1].iov_base = pattern;
1059 iv[1].iov_len = len; 1059 iv[1].iov_len = len;
1060 iv[2].iov_base = crc; 1060 iv[2].iov_base = crc;
1061 iv[2].iov_len = 1; 1061 iv[2].iov_len = 1;
1062 1062
1063 memset(&msg, 0, sizeof(msg)); 1063 memset(&msg, 0, sizeof(msg));
1064 1064
1065 return kernel_sendmsg(sock, &msg, iv, 3, 6 + len); 1065 return kernel_sendmsg(sock, &msg, iv, 3, 6 + len);
1066 } 1066 }
1067 1067
1068 static int rfcomm_send_credits(struct rfcomm_session *s, u8 addr, u8 credits) 1068 static int rfcomm_send_credits(struct rfcomm_session *s, u8 addr, u8 credits)
1069 { 1069 {
1070 struct rfcomm_hdr *hdr; 1070 struct rfcomm_hdr *hdr;
1071 u8 buf[16], *ptr = buf; 1071 u8 buf[16], *ptr = buf;
1072 1072
1073 BT_DBG("%p addr %d credits %d", s, addr, credits); 1073 BT_DBG("%p addr %d credits %d", s, addr, credits);
1074 1074
1075 hdr = (void *) ptr; ptr += sizeof(*hdr); 1075 hdr = (void *) ptr; ptr += sizeof(*hdr);
1076 hdr->addr = addr; 1076 hdr->addr = addr;
1077 hdr->ctrl = __ctrl(RFCOMM_UIH, 1); 1077 hdr->ctrl = __ctrl(RFCOMM_UIH, 1);
1078 hdr->len = __len8(0); 1078 hdr->len = __len8(0);
1079 1079
1080 *ptr = credits; ptr++; 1080 *ptr = credits; ptr++;
1081 1081
1082 *ptr = __fcs(buf); ptr++; 1082 *ptr = __fcs(buf); ptr++;
1083 1083
1084 return rfcomm_send_frame(s, buf, ptr - buf); 1084 return rfcomm_send_frame(s, buf, ptr - buf);
1085 } 1085 }
1086 1086
1087 static void rfcomm_make_uih(struct sk_buff *skb, u8 addr) 1087 static void rfcomm_make_uih(struct sk_buff *skb, u8 addr)
1088 { 1088 {
1089 struct rfcomm_hdr *hdr; 1089 struct rfcomm_hdr *hdr;
1090 int len = skb->len; 1090 int len = skb->len;
1091 u8 *crc; 1091 u8 *crc;
1092 1092
1093 if (len > 127) { 1093 if (len > 127) {
1094 hdr = (void *) skb_push(skb, 4); 1094 hdr = (void *) skb_push(skb, 4);
1095 put_unaligned(cpu_to_le16(__len16(len)), (__le16 *) &hdr->len); 1095 put_unaligned(cpu_to_le16(__len16(len)), (__le16 *) &hdr->len);
1096 } else { 1096 } else {
1097 hdr = (void *) skb_push(skb, 3); 1097 hdr = (void *) skb_push(skb, 3);
1098 hdr->len = __len8(len); 1098 hdr->len = __len8(len);
1099 } 1099 }
1100 hdr->addr = addr; 1100 hdr->addr = addr;
1101 hdr->ctrl = __ctrl(RFCOMM_UIH, 0); 1101 hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
1102 1102
1103 crc = skb_put(skb, 1); 1103 crc = skb_put(skb, 1);
1104 *crc = __fcs((void *) hdr); 1104 *crc = __fcs((void *) hdr);
1105 } 1105 }
1106 1106
1107 /* ---- RFCOMM frame reception ---- */ 1107 /* ---- RFCOMM frame reception ---- */
1108 static int rfcomm_recv_ua(struct rfcomm_session *s, u8 dlci) 1108 static int rfcomm_recv_ua(struct rfcomm_session *s, u8 dlci)
1109 { 1109 {
1110 BT_DBG("session %p state %ld dlci %d", s, s->state, dlci); 1110 BT_DBG("session %p state %ld dlci %d", s, s->state, dlci);
1111 1111
1112 if (dlci) { 1112 if (dlci) {
1113 /* Data channel */ 1113 /* Data channel */
1114 struct rfcomm_dlc *d = rfcomm_dlc_get(s, dlci); 1114 struct rfcomm_dlc *d = rfcomm_dlc_get(s, dlci);
1115 if (!d) { 1115 if (!d) {
1116 rfcomm_send_dm(s, dlci); 1116 rfcomm_send_dm(s, dlci);
1117 return 0; 1117 return 0;
1118 } 1118 }
1119 1119
1120 switch (d->state) { 1120 switch (d->state) {
1121 case BT_CONNECT: 1121 case BT_CONNECT:
1122 rfcomm_dlc_clear_timer(d); 1122 rfcomm_dlc_clear_timer(d);
1123 1123
1124 rfcomm_dlc_lock(d); 1124 rfcomm_dlc_lock(d);
1125 d->state = BT_CONNECTED; 1125 d->state = BT_CONNECTED;
1126 d->state_change(d, 0); 1126 d->state_change(d, 0);
1127 rfcomm_dlc_unlock(d); 1127 rfcomm_dlc_unlock(d);
1128 1128
1129 rfcomm_send_msc(s, 1, dlci, d->v24_sig); 1129 rfcomm_send_msc(s, 1, dlci, d->v24_sig);
1130 break; 1130 break;
1131 1131
1132 case BT_DISCONN: 1132 case BT_DISCONN:
1133 d->state = BT_CLOSED; 1133 d->state = BT_CLOSED;
1134 __rfcomm_dlc_close(d, 0); 1134 __rfcomm_dlc_close(d, 0);
1135 1135
1136 if (list_empty(&s->dlcs)) { 1136 if (list_empty(&s->dlcs)) {
1137 s->state = BT_DISCONN; 1137 s->state = BT_DISCONN;
1138 rfcomm_send_disc(s, 0); 1138 rfcomm_send_disc(s, 0);
1139 rfcomm_session_clear_timer(s); 1139 rfcomm_session_clear_timer(s);
1140 } 1140 }
1141 1141
1142 break; 1142 break;
1143 } 1143 }
1144 } else { 1144 } else {
1145 /* Control channel */ 1145 /* Control channel */
1146 switch (s->state) { 1146 switch (s->state) {
1147 case BT_CONNECT: 1147 case BT_CONNECT:
1148 s->state = BT_CONNECTED; 1148 s->state = BT_CONNECTED;
1149 rfcomm_process_connect(s); 1149 rfcomm_process_connect(s);
1150 break; 1150 break;
1151 1151
1152 case BT_DISCONN: 1152 case BT_DISCONN:
1153 /* rfcomm_session_put is called later so don't do 1153 /* rfcomm_session_put is called later so don't do
1154 * anything here otherwise we will mess up the session 1154 * anything here otherwise we will mess up the session
1155 * reference counter: 1155 * reference counter:
1156 * 1156 *
1157 * (a) when we are the initiator dlc_unlink will drive 1157 * (a) when we are the initiator dlc_unlink will drive
1158 * the reference counter to 0 (there is no initial put 1158 * the reference counter to 0 (there is no initial put
1159 * after session_add) 1159 * after session_add)
1160 * 1160 *
1161 * (b) when we are not the initiator rfcomm_rx_process 1161 * (b) when we are not the initiator rfcomm_rx_process
1162 * will explicitly call put to balance the initial hold 1162 * will explicitly call put to balance the initial hold
1163 * done after session add. 1163 * done after session add.
1164 */ 1164 */
1165 break; 1165 break;
1166 } 1166 }
1167 } 1167 }
1168 return 0; 1168 return 0;
1169 } 1169 }
1170 1170
1171 static int rfcomm_recv_dm(struct rfcomm_session *s, u8 dlci) 1171 static int rfcomm_recv_dm(struct rfcomm_session *s, u8 dlci)
1172 { 1172 {
1173 int err = 0; 1173 int err = 0;
1174 1174
1175 BT_DBG("session %p state %ld dlci %d", s, s->state, dlci); 1175 BT_DBG("session %p state %ld dlci %d", s, s->state, dlci);
1176 1176
1177 if (dlci) { 1177 if (dlci) {
1178 /* Data DLC */ 1178 /* Data DLC */
1179 struct rfcomm_dlc *d = rfcomm_dlc_get(s, dlci); 1179 struct rfcomm_dlc *d = rfcomm_dlc_get(s, dlci);
1180 if (d) { 1180 if (d) {
1181 if (d->state == BT_CONNECT || d->state == BT_CONFIG) 1181 if (d->state == BT_CONNECT || d->state == BT_CONFIG)
1182 err = ECONNREFUSED; 1182 err = ECONNREFUSED;
1183 else 1183 else
1184 err = ECONNRESET; 1184 err = ECONNRESET;
1185 1185
1186 d->state = BT_CLOSED; 1186 d->state = BT_CLOSED;
1187 __rfcomm_dlc_close(d, err); 1187 __rfcomm_dlc_close(d, err);
1188 } 1188 }
1189 } else { 1189 } else {
1190 if (s->state == BT_CONNECT) 1190 if (s->state == BT_CONNECT)
1191 err = ECONNREFUSED; 1191 err = ECONNREFUSED;
1192 else 1192 else
1193 err = ECONNRESET; 1193 err = ECONNRESET;
1194 1194
1195 s->state = BT_CLOSED; 1195 s->state = BT_CLOSED;
1196 rfcomm_session_close(s, err); 1196 rfcomm_session_close(s, err);
1197 } 1197 }
1198 return 0; 1198 return 0;
1199 } 1199 }
1200 1200
1201 static int rfcomm_recv_disc(struct rfcomm_session *s, u8 dlci) 1201 static int rfcomm_recv_disc(struct rfcomm_session *s, u8 dlci)
1202 { 1202 {
1203 int err = 0; 1203 int err = 0;
1204 1204
1205 BT_DBG("session %p state %ld dlci %d", s, s->state, dlci); 1205 BT_DBG("session %p state %ld dlci %d", s, s->state, dlci);
1206 1206
1207 if (dlci) { 1207 if (dlci) {
1208 struct rfcomm_dlc *d = rfcomm_dlc_get(s, dlci); 1208 struct rfcomm_dlc *d = rfcomm_dlc_get(s, dlci);
1209 if (d) { 1209 if (d) {
1210 rfcomm_send_ua(s, dlci); 1210 rfcomm_send_ua(s, dlci);
1211 1211
1212 if (d->state == BT_CONNECT || d->state == BT_CONFIG) 1212 if (d->state == BT_CONNECT || d->state == BT_CONFIG)
1213 err = ECONNREFUSED; 1213 err = ECONNREFUSED;
1214 else 1214 else
1215 err = ECONNRESET; 1215 err = ECONNRESET;
1216 1216
1217 d->state = BT_CLOSED; 1217 d->state = BT_CLOSED;
1218 __rfcomm_dlc_close(d, err); 1218 __rfcomm_dlc_close(d, err);
1219 } else 1219 } else
1220 rfcomm_send_dm(s, dlci); 1220 rfcomm_send_dm(s, dlci);
1221 1221
1222 } else { 1222 } else {
1223 rfcomm_send_ua(s, 0); 1223 rfcomm_send_ua(s, 0);
1224 1224
1225 if (s->state == BT_CONNECT) 1225 if (s->state == BT_CONNECT)
1226 err = ECONNREFUSED; 1226 err = ECONNREFUSED;
1227 else 1227 else
1228 err = ECONNRESET; 1228 err = ECONNRESET;
1229 1229
1230 s->state = BT_CLOSED; 1230 s->state = BT_CLOSED;
1231 rfcomm_session_close(s, err); 1231 rfcomm_session_close(s, err);
1232 } 1232 }
1233 1233
1234 return 0; 1234 return 0;
1235 } 1235 }
1236 1236
1237 void rfcomm_dlc_accept(struct rfcomm_dlc *d) 1237 void rfcomm_dlc_accept(struct rfcomm_dlc *d)
1238 { 1238 {
1239 struct sock *sk = d->session->sock->sk; 1239 struct sock *sk = d->session->sock->sk;
1240 struct l2cap_conn *conn = l2cap_pi(sk)->chan->conn; 1240 struct l2cap_conn *conn = l2cap_pi(sk)->chan->conn;
1241 1241
1242 BT_DBG("dlc %p", d); 1242 BT_DBG("dlc %p", d);
1243 1243
1244 rfcomm_send_ua(d->session, d->dlci); 1244 rfcomm_send_ua(d->session, d->dlci);
1245 1245
1246 rfcomm_dlc_clear_timer(d); 1246 rfcomm_dlc_clear_timer(d);
1247 1247
1248 rfcomm_dlc_lock(d); 1248 rfcomm_dlc_lock(d);
1249 d->state = BT_CONNECTED; 1249 d->state = BT_CONNECTED;
1250 d->state_change(d, 0); 1250 d->state_change(d, 0);
1251 rfcomm_dlc_unlock(d); 1251 rfcomm_dlc_unlock(d);
1252 1252
1253 if (d->role_switch) 1253 if (d->role_switch)
1254 hci_conn_switch_role(conn->hcon, 0x00); 1254 hci_conn_switch_role(conn->hcon, 0x00);
1255 1255
1256 rfcomm_send_msc(d->session, 1, d->dlci, d->v24_sig); 1256 rfcomm_send_msc(d->session, 1, d->dlci, d->v24_sig);
1257 } 1257 }
1258 1258
1259 static void rfcomm_check_accept(struct rfcomm_dlc *d) 1259 static void rfcomm_check_accept(struct rfcomm_dlc *d)
1260 { 1260 {
1261 if (rfcomm_check_security(d)) { 1261 if (rfcomm_check_security(d)) {
1262 if (d->defer_setup) { 1262 if (d->defer_setup) {
1263 set_bit(RFCOMM_DEFER_SETUP, &d->flags); 1263 set_bit(RFCOMM_DEFER_SETUP, &d->flags);
1264 rfcomm_dlc_set_timer(d, RFCOMM_AUTH_TIMEOUT); 1264 rfcomm_dlc_set_timer(d, RFCOMM_AUTH_TIMEOUT);
1265 1265
1266 rfcomm_dlc_lock(d); 1266 rfcomm_dlc_lock(d);
1267 d->state = BT_CONNECT2; 1267 d->state = BT_CONNECT2;
1268 d->state_change(d, 0); 1268 d->state_change(d, 0);
1269 rfcomm_dlc_unlock(d); 1269 rfcomm_dlc_unlock(d);
1270 } else 1270 } else
1271 rfcomm_dlc_accept(d); 1271 rfcomm_dlc_accept(d);
1272 } else { 1272 } else {
1273 set_bit(RFCOMM_AUTH_PENDING, &d->flags); 1273 set_bit(RFCOMM_AUTH_PENDING, &d->flags);
1274 rfcomm_dlc_set_timer(d, RFCOMM_AUTH_TIMEOUT); 1274 rfcomm_dlc_set_timer(d, RFCOMM_AUTH_TIMEOUT);
1275 } 1275 }
1276 } 1276 }
1277 1277
1278 static int rfcomm_recv_sabm(struct rfcomm_session *s, u8 dlci) 1278 static int rfcomm_recv_sabm(struct rfcomm_session *s, u8 dlci)
1279 { 1279 {
1280 struct rfcomm_dlc *d; 1280 struct rfcomm_dlc *d;
1281 u8 channel; 1281 u8 channel;
1282 1282
1283 BT_DBG("session %p state %ld dlci %d", s, s->state, dlci); 1283 BT_DBG("session %p state %ld dlci %d", s, s->state, dlci);
1284 1284
1285 if (!dlci) { 1285 if (!dlci) {
1286 rfcomm_send_ua(s, 0); 1286 rfcomm_send_ua(s, 0);
1287 1287
1288 if (s->state == BT_OPEN) { 1288 if (s->state == BT_OPEN) {
1289 s->state = BT_CONNECTED; 1289 s->state = BT_CONNECTED;
1290 rfcomm_process_connect(s); 1290 rfcomm_process_connect(s);
1291 } 1291 }
1292 return 0; 1292 return 0;
1293 } 1293 }
1294 1294
1295 /* Check if DLC exists */ 1295 /* Check if DLC exists */
1296 d = rfcomm_dlc_get(s, dlci); 1296 d = rfcomm_dlc_get(s, dlci);
1297 if (d) { 1297 if (d) {
1298 if (d->state == BT_OPEN) { 1298 if (d->state == BT_OPEN) {
1299 /* DLC was previously opened by PN request */ 1299 /* DLC was previously opened by PN request */
1300 rfcomm_check_accept(d); 1300 rfcomm_check_accept(d);
1301 } 1301 }
1302 return 0; 1302 return 0;
1303 } 1303 }
1304 1304
1305 /* Notify socket layer about incoming connection */ 1305 /* Notify socket layer about incoming connection */
1306 channel = __srv_channel(dlci); 1306 channel = __srv_channel(dlci);
1307 if (rfcomm_connect_ind(s, channel, &d)) { 1307 if (rfcomm_connect_ind(s, channel, &d)) {
1308 d->dlci = dlci; 1308 d->dlci = dlci;
1309 d->addr = __addr(s->initiator, dlci); 1309 d->addr = __addr(s->initiator, dlci);
1310 rfcomm_dlc_link(s, d); 1310 rfcomm_dlc_link(s, d);
1311 1311
1312 rfcomm_check_accept(d); 1312 rfcomm_check_accept(d);
1313 } else { 1313 } else {
1314 rfcomm_send_dm(s, dlci); 1314 rfcomm_send_dm(s, dlci);
1315 } 1315 }
1316 1316
1317 return 0; 1317 return 0;
1318 } 1318 }
1319 1319
1320 static int rfcomm_apply_pn(struct rfcomm_dlc *d, int cr, struct rfcomm_pn *pn) 1320 static int rfcomm_apply_pn(struct rfcomm_dlc *d, int cr, struct rfcomm_pn *pn)
1321 { 1321 {
1322 struct rfcomm_session *s = d->session; 1322 struct rfcomm_session *s = d->session;
1323 1323
1324 BT_DBG("dlc %p state %ld dlci %d mtu %d fc 0x%x credits %d", 1324 BT_DBG("dlc %p state %ld dlci %d mtu %d fc 0x%x credits %d",
1325 d, d->state, d->dlci, pn->mtu, pn->flow_ctrl, pn->credits); 1325 d, d->state, d->dlci, pn->mtu, pn->flow_ctrl, pn->credits);
1326 1326
1327 if ((pn->flow_ctrl == 0xf0 && s->cfc != RFCOMM_CFC_DISABLED) || 1327 if ((pn->flow_ctrl == 0xf0 && s->cfc != RFCOMM_CFC_DISABLED) ||
1328 pn->flow_ctrl == 0xe0) { 1328 pn->flow_ctrl == 0xe0) {
1329 d->cfc = RFCOMM_CFC_ENABLED; 1329 d->cfc = RFCOMM_CFC_ENABLED;
1330 d->tx_credits = pn->credits; 1330 d->tx_credits = pn->credits;
1331 } else { 1331 } else {
1332 d->cfc = RFCOMM_CFC_DISABLED; 1332 d->cfc = RFCOMM_CFC_DISABLED;
1333 set_bit(RFCOMM_TX_THROTTLED, &d->flags); 1333 set_bit(RFCOMM_TX_THROTTLED, &d->flags);
1334 } 1334 }
1335 1335
1336 if (s->cfc == RFCOMM_CFC_UNKNOWN) 1336 if (s->cfc == RFCOMM_CFC_UNKNOWN)
1337 s->cfc = d->cfc; 1337 s->cfc = d->cfc;
1338 1338
1339 d->priority = pn->priority; 1339 d->priority = pn->priority;
1340 1340
1341 d->mtu = __le16_to_cpu(pn->mtu); 1341 d->mtu = __le16_to_cpu(pn->mtu);
1342 1342
1343 if (cr && d->mtu > s->mtu) 1343 if (cr && d->mtu > s->mtu)
1344 d->mtu = s->mtu; 1344 d->mtu = s->mtu;
1345 1345
1346 return 0; 1346 return 0;
1347 } 1347 }
1348 1348
1349 static int rfcomm_recv_pn(struct rfcomm_session *s, int cr, struct sk_buff *skb) 1349 static int rfcomm_recv_pn(struct rfcomm_session *s, int cr, struct sk_buff *skb)
1350 { 1350 {
1351 struct rfcomm_pn *pn = (void *) skb->data; 1351 struct rfcomm_pn *pn = (void *) skb->data;
1352 struct rfcomm_dlc *d; 1352 struct rfcomm_dlc *d;
1353 u8 dlci = pn->dlci; 1353 u8 dlci = pn->dlci;
1354 1354
1355 BT_DBG("session %p state %ld dlci %d", s, s->state, dlci); 1355 BT_DBG("session %p state %ld dlci %d", s, s->state, dlci);
1356 1356
1357 if (!dlci) 1357 if (!dlci)
1358 return 0; 1358 return 0;
1359 1359
1360 d = rfcomm_dlc_get(s, dlci); 1360 d = rfcomm_dlc_get(s, dlci);
1361 if (d) { 1361 if (d) {
1362 if (cr) { 1362 if (cr) {
1363 /* PN request */ 1363 /* PN request */
1364 rfcomm_apply_pn(d, cr, pn); 1364 rfcomm_apply_pn(d, cr, pn);
1365 rfcomm_send_pn(s, 0, d); 1365 rfcomm_send_pn(s, 0, d);
1366 } else { 1366 } else {
1367 /* PN response */ 1367 /* PN response */
1368 switch (d->state) { 1368 switch (d->state) {
1369 case BT_CONFIG: 1369 case BT_CONFIG:
1370 rfcomm_apply_pn(d, cr, pn); 1370 rfcomm_apply_pn(d, cr, pn);
1371 1371
1372 d->state = BT_CONNECT; 1372 d->state = BT_CONNECT;
1373 rfcomm_send_sabm(s, d->dlci); 1373 rfcomm_send_sabm(s, d->dlci);
1374 break; 1374 break;
1375 } 1375 }
1376 } 1376 }
1377 } else { 1377 } else {
1378 u8 channel = __srv_channel(dlci); 1378 u8 channel = __srv_channel(dlci);
1379 1379
1380 if (!cr) 1380 if (!cr)
1381 return 0; 1381 return 0;
1382 1382
1383 /* PN request for non existing DLC. 1383 /* PN request for non existing DLC.
1384 * Assume incoming connection. */ 1384 * Assume incoming connection. */
1385 if (rfcomm_connect_ind(s, channel, &d)) { 1385 if (rfcomm_connect_ind(s, channel, &d)) {
1386 d->dlci = dlci; 1386 d->dlci = dlci;
1387 d->addr = __addr(s->initiator, dlci); 1387 d->addr = __addr(s->initiator, dlci);
1388 rfcomm_dlc_link(s, d); 1388 rfcomm_dlc_link(s, d);
1389 1389
1390 rfcomm_apply_pn(d, cr, pn); 1390 rfcomm_apply_pn(d, cr, pn);
1391 1391
1392 d->state = BT_OPEN; 1392 d->state = BT_OPEN;
1393 rfcomm_send_pn(s, 0, d); 1393 rfcomm_send_pn(s, 0, d);
1394 } else { 1394 } else {
1395 rfcomm_send_dm(s, dlci); 1395 rfcomm_send_dm(s, dlci);
1396 } 1396 }
1397 } 1397 }
1398 return 0; 1398 return 0;
1399 } 1399 }
1400 1400
1401 static int rfcomm_recv_rpn(struct rfcomm_session *s, int cr, int len, struct sk_buff *skb) 1401 static int rfcomm_recv_rpn(struct rfcomm_session *s, int cr, int len, struct sk_buff *skb)
1402 { 1402 {
1403 struct rfcomm_rpn *rpn = (void *) skb->data; 1403 struct rfcomm_rpn *rpn = (void *) skb->data;
1404 u8 dlci = __get_dlci(rpn->dlci); 1404 u8 dlci = __get_dlci(rpn->dlci);
1405 1405
1406 u8 bit_rate = 0; 1406 u8 bit_rate = 0;
1407 u8 data_bits = 0; 1407 u8 data_bits = 0;
1408 u8 stop_bits = 0; 1408 u8 stop_bits = 0;
1409 u8 parity = 0; 1409 u8 parity = 0;
1410 u8 flow_ctrl = 0; 1410 u8 flow_ctrl = 0;
1411 u8 xon_char = 0; 1411 u8 xon_char = 0;
1412 u8 xoff_char = 0; 1412 u8 xoff_char = 0;
1413 u16 rpn_mask = RFCOMM_RPN_PM_ALL; 1413 u16 rpn_mask = RFCOMM_RPN_PM_ALL;
1414 1414
1415 BT_DBG("dlci %d cr %d len 0x%x bitr 0x%x line 0x%x flow 0x%x xonc 0x%x xoffc 0x%x pm 0x%x", 1415 BT_DBG("dlci %d cr %d len 0x%x bitr 0x%x line 0x%x flow 0x%x xonc 0x%x xoffc 0x%x pm 0x%x",
1416 dlci, cr, len, rpn->bit_rate, rpn->line_settings, rpn->flow_ctrl, 1416 dlci, cr, len, rpn->bit_rate, rpn->line_settings, rpn->flow_ctrl,
1417 rpn->xon_char, rpn->xoff_char, rpn->param_mask); 1417 rpn->xon_char, rpn->xoff_char, rpn->param_mask);
1418 1418
1419 if (!cr) 1419 if (!cr)
1420 return 0; 1420 return 0;
1421 1421
1422 if (len == 1) { 1422 if (len == 1) {
1423 /* This is a request, return default (according to ETSI TS 07.10) settings */ 1423 /* This is a request, return default (according to ETSI TS 07.10) settings */
1424 bit_rate = RFCOMM_RPN_BR_9600; 1424 bit_rate = RFCOMM_RPN_BR_9600;
1425 data_bits = RFCOMM_RPN_DATA_8; 1425 data_bits = RFCOMM_RPN_DATA_8;
1426 stop_bits = RFCOMM_RPN_STOP_1; 1426 stop_bits = RFCOMM_RPN_STOP_1;
1427 parity = RFCOMM_RPN_PARITY_NONE; 1427 parity = RFCOMM_RPN_PARITY_NONE;
1428 flow_ctrl = RFCOMM_RPN_FLOW_NONE; 1428 flow_ctrl = RFCOMM_RPN_FLOW_NONE;
1429 xon_char = RFCOMM_RPN_XON_CHAR; 1429 xon_char = RFCOMM_RPN_XON_CHAR;
1430 xoff_char = RFCOMM_RPN_XOFF_CHAR; 1430 xoff_char = RFCOMM_RPN_XOFF_CHAR;
1431 goto rpn_out; 1431 goto rpn_out;
1432 } 1432 }
1433 1433
1434 /* Check for sane values, ignore/accept bit_rate, 8 bits, 1 stop bit, 1434 /* Check for sane values, ignore/accept bit_rate, 8 bits, 1 stop bit,
1435 * no parity, no flow control lines, normal XON/XOFF chars */ 1435 * no parity, no flow control lines, normal XON/XOFF chars */
1436 1436
1437 if (rpn->param_mask & cpu_to_le16(RFCOMM_RPN_PM_BITRATE)) { 1437 if (rpn->param_mask & cpu_to_le16(RFCOMM_RPN_PM_BITRATE)) {
1438 bit_rate = rpn->bit_rate; 1438 bit_rate = rpn->bit_rate;
1439 if (bit_rate > RFCOMM_RPN_BR_230400) { 1439 if (bit_rate > RFCOMM_RPN_BR_230400) {
1440 BT_DBG("RPN bit rate mismatch 0x%x", bit_rate); 1440 BT_DBG("RPN bit rate mismatch 0x%x", bit_rate);
1441 bit_rate = RFCOMM_RPN_BR_9600; 1441 bit_rate = RFCOMM_RPN_BR_9600;
1442 rpn_mask ^= RFCOMM_RPN_PM_BITRATE; 1442 rpn_mask ^= RFCOMM_RPN_PM_BITRATE;
1443 } 1443 }
1444 } 1444 }
1445 1445
1446 if (rpn->param_mask & cpu_to_le16(RFCOMM_RPN_PM_DATA)) { 1446 if (rpn->param_mask & cpu_to_le16(RFCOMM_RPN_PM_DATA)) {
1447 data_bits = __get_rpn_data_bits(rpn->line_settings); 1447 data_bits = __get_rpn_data_bits(rpn->line_settings);
1448 if (data_bits != RFCOMM_RPN_DATA_8) { 1448 if (data_bits != RFCOMM_RPN_DATA_8) {
1449 BT_DBG("RPN data bits mismatch 0x%x", data_bits); 1449 BT_DBG("RPN data bits mismatch 0x%x", data_bits);
1450 data_bits = RFCOMM_RPN_DATA_8; 1450 data_bits = RFCOMM_RPN_DATA_8;
1451 rpn_mask ^= RFCOMM_RPN_PM_DATA; 1451 rpn_mask ^= RFCOMM_RPN_PM_DATA;
1452 } 1452 }
1453 } 1453 }
1454 1454
1455 if (rpn->param_mask & cpu_to_le16(RFCOMM_RPN_PM_STOP)) { 1455 if (rpn->param_mask & cpu_to_le16(RFCOMM_RPN_PM_STOP)) {
1456 stop_bits = __get_rpn_stop_bits(rpn->line_settings); 1456 stop_bits = __get_rpn_stop_bits(rpn->line_settings);
1457 if (stop_bits != RFCOMM_RPN_STOP_1) { 1457 if (stop_bits != RFCOMM_RPN_STOP_1) {
1458 BT_DBG("RPN stop bits mismatch 0x%x", stop_bits); 1458 BT_DBG("RPN stop bits mismatch 0x%x", stop_bits);
1459 stop_bits = RFCOMM_RPN_STOP_1; 1459 stop_bits = RFCOMM_RPN_STOP_1;
1460 rpn_mask ^= RFCOMM_RPN_PM_STOP; 1460 rpn_mask ^= RFCOMM_RPN_PM_STOP;
1461 } 1461 }
1462 } 1462 }
1463 1463
1464 if (rpn->param_mask & cpu_to_le16(RFCOMM_RPN_PM_PARITY)) { 1464 if (rpn->param_mask & cpu_to_le16(RFCOMM_RPN_PM_PARITY)) {
1465 parity = __get_rpn_parity(rpn->line_settings); 1465 parity = __get_rpn_parity(rpn->line_settings);
1466 if (parity != RFCOMM_RPN_PARITY_NONE) { 1466 if (parity != RFCOMM_RPN_PARITY_NONE) {
1467 BT_DBG("RPN parity mismatch 0x%x", parity); 1467 BT_DBG("RPN parity mismatch 0x%x", parity);
1468 parity = RFCOMM_RPN_PARITY_NONE; 1468 parity = RFCOMM_RPN_PARITY_NONE;
1469 rpn_mask ^= RFCOMM_RPN_PM_PARITY; 1469 rpn_mask ^= RFCOMM_RPN_PM_PARITY;
1470 } 1470 }
1471 } 1471 }
1472 1472
1473 if (rpn->param_mask & cpu_to_le16(RFCOMM_RPN_PM_FLOW)) { 1473 if (rpn->param_mask & cpu_to_le16(RFCOMM_RPN_PM_FLOW)) {
1474 flow_ctrl = rpn->flow_ctrl; 1474 flow_ctrl = rpn->flow_ctrl;
1475 if (flow_ctrl != RFCOMM_RPN_FLOW_NONE) { 1475 if (flow_ctrl != RFCOMM_RPN_FLOW_NONE) {
1476 BT_DBG("RPN flow ctrl mismatch 0x%x", flow_ctrl); 1476 BT_DBG("RPN flow ctrl mismatch 0x%x", flow_ctrl);
1477 flow_ctrl = RFCOMM_RPN_FLOW_NONE; 1477 flow_ctrl = RFCOMM_RPN_FLOW_NONE;
1478 rpn_mask ^= RFCOMM_RPN_PM_FLOW; 1478 rpn_mask ^= RFCOMM_RPN_PM_FLOW;
1479 } 1479 }
1480 } 1480 }
1481 1481
1482 if (rpn->param_mask & cpu_to_le16(RFCOMM_RPN_PM_XON)) { 1482 if (rpn->param_mask & cpu_to_le16(RFCOMM_RPN_PM_XON)) {
1483 xon_char = rpn->xon_char; 1483 xon_char = rpn->xon_char;
1484 if (xon_char != RFCOMM_RPN_XON_CHAR) { 1484 if (xon_char != RFCOMM_RPN_XON_CHAR) {
1485 BT_DBG("RPN XON char mismatch 0x%x", xon_char); 1485 BT_DBG("RPN XON char mismatch 0x%x", xon_char);
1486 xon_char = RFCOMM_RPN_XON_CHAR; 1486 xon_char = RFCOMM_RPN_XON_CHAR;
1487 rpn_mask ^= RFCOMM_RPN_PM_XON; 1487 rpn_mask ^= RFCOMM_RPN_PM_XON;
1488 } 1488 }
1489 } 1489 }
1490 1490
1491 if (rpn->param_mask & cpu_to_le16(RFCOMM_RPN_PM_XOFF)) { 1491 if (rpn->param_mask & cpu_to_le16(RFCOMM_RPN_PM_XOFF)) {
1492 xoff_char = rpn->xoff_char; 1492 xoff_char = rpn->xoff_char;
1493 if (xoff_char != RFCOMM_RPN_XOFF_CHAR) { 1493 if (xoff_char != RFCOMM_RPN_XOFF_CHAR) {
1494 BT_DBG("RPN XOFF char mismatch 0x%x", xoff_char); 1494 BT_DBG("RPN XOFF char mismatch 0x%x", xoff_char);
1495 xoff_char = RFCOMM_RPN_XOFF_CHAR; 1495 xoff_char = RFCOMM_RPN_XOFF_CHAR;
1496 rpn_mask ^= RFCOMM_RPN_PM_XOFF; 1496 rpn_mask ^= RFCOMM_RPN_PM_XOFF;
1497 } 1497 }
1498 } 1498 }
1499 1499
1500 rpn_out: 1500 rpn_out:
1501 rfcomm_send_rpn(s, 0, dlci, bit_rate, data_bits, stop_bits, 1501 rfcomm_send_rpn(s, 0, dlci, bit_rate, data_bits, stop_bits,
1502 parity, flow_ctrl, xon_char, xoff_char, rpn_mask); 1502 parity, flow_ctrl, xon_char, xoff_char, rpn_mask);
1503 1503
1504 return 0; 1504 return 0;
1505 } 1505 }
1506 1506
1507 static int rfcomm_recv_rls(struct rfcomm_session *s, int cr, struct sk_buff *skb) 1507 static int rfcomm_recv_rls(struct rfcomm_session *s, int cr, struct sk_buff *skb)
1508 { 1508 {
1509 struct rfcomm_rls *rls = (void *) skb->data; 1509 struct rfcomm_rls *rls = (void *) skb->data;
1510 u8 dlci = __get_dlci(rls->dlci); 1510 u8 dlci = __get_dlci(rls->dlci);
1511 1511
1512 BT_DBG("dlci %d cr %d status 0x%x", dlci, cr, rls->status); 1512 BT_DBG("dlci %d cr %d status 0x%x", dlci, cr, rls->status);
1513 1513
1514 if (!cr) 1514 if (!cr)
1515 return 0; 1515 return 0;
1516 1516
1517 /* We should probably do something with this information here. But 1517 /* We should probably do something with this information here. But
1518 * for now it's sufficient just to reply -- Bluetooth 1.1 says it's 1518 * for now it's sufficient just to reply -- Bluetooth 1.1 says it's
1519 * mandatory to recognise and respond to RLS */ 1519 * mandatory to recognise and respond to RLS */
1520 1520
1521 rfcomm_send_rls(s, 0, dlci, rls->status); 1521 rfcomm_send_rls(s, 0, dlci, rls->status);
1522 1522
1523 return 0; 1523 return 0;
1524 } 1524 }
1525 1525
1526 static int rfcomm_recv_msc(struct rfcomm_session *s, int cr, struct sk_buff *skb) 1526 static int rfcomm_recv_msc(struct rfcomm_session *s, int cr, struct sk_buff *skb)
1527 { 1527 {
1528 struct rfcomm_msc *msc = (void *) skb->data; 1528 struct rfcomm_msc *msc = (void *) skb->data;
1529 struct rfcomm_dlc *d; 1529 struct rfcomm_dlc *d;
1530 u8 dlci = __get_dlci(msc->dlci); 1530 u8 dlci = __get_dlci(msc->dlci);
1531 1531
1532 BT_DBG("dlci %d cr %d v24 0x%x", dlci, cr, msc->v24_sig); 1532 BT_DBG("dlci %d cr %d v24 0x%x", dlci, cr, msc->v24_sig);
1533 1533
1534 d = rfcomm_dlc_get(s, dlci); 1534 d = rfcomm_dlc_get(s, dlci);
1535 if (!d) 1535 if (!d)
1536 return 0; 1536 return 0;
1537 1537
1538 if (cr) { 1538 if (cr) {
1539 if (msc->v24_sig & RFCOMM_V24_FC && !d->cfc) 1539 if (msc->v24_sig & RFCOMM_V24_FC && !d->cfc)
1540 set_bit(RFCOMM_TX_THROTTLED, &d->flags); 1540 set_bit(RFCOMM_TX_THROTTLED, &d->flags);
1541 else 1541 else
1542 clear_bit(RFCOMM_TX_THROTTLED, &d->flags); 1542 clear_bit(RFCOMM_TX_THROTTLED, &d->flags);
1543 1543
1544 rfcomm_dlc_lock(d); 1544 rfcomm_dlc_lock(d);
1545 1545
1546 d->remote_v24_sig = msc->v24_sig; 1546 d->remote_v24_sig = msc->v24_sig;
1547 1547
1548 if (d->modem_status) 1548 if (d->modem_status)
1549 d->modem_status(d, msc->v24_sig); 1549 d->modem_status(d, msc->v24_sig);
1550 1550
1551 rfcomm_dlc_unlock(d); 1551 rfcomm_dlc_unlock(d);
1552 1552
1553 rfcomm_send_msc(s, 0, dlci, msc->v24_sig); 1553 rfcomm_send_msc(s, 0, dlci, msc->v24_sig);
1554 1554
1555 d->mscex |= RFCOMM_MSCEX_RX; 1555 d->mscex |= RFCOMM_MSCEX_RX;
1556 } else 1556 } else
1557 d->mscex |= RFCOMM_MSCEX_TX; 1557 d->mscex |= RFCOMM_MSCEX_TX;
1558 1558
1559 return 0; 1559 return 0;
1560 } 1560 }
1561 1561
1562 static int rfcomm_recv_mcc(struct rfcomm_session *s, struct sk_buff *skb) 1562 static int rfcomm_recv_mcc(struct rfcomm_session *s, struct sk_buff *skb)
1563 { 1563 {
1564 struct rfcomm_mcc *mcc = (void *) skb->data; 1564 struct rfcomm_mcc *mcc = (void *) skb->data;
1565 u8 type, cr, len; 1565 u8 type, cr, len;
1566 1566
1567 cr = __test_cr(mcc->type); 1567 cr = __test_cr(mcc->type);
1568 type = __get_mcc_type(mcc->type); 1568 type = __get_mcc_type(mcc->type);
1569 len = __get_mcc_len(mcc->len); 1569 len = __get_mcc_len(mcc->len);
1570 1570
1571 BT_DBG("%p type 0x%x cr %d", s, type, cr); 1571 BT_DBG("%p type 0x%x cr %d", s, type, cr);
1572 1572
1573 skb_pull(skb, 2); 1573 skb_pull(skb, 2);
1574 1574
1575 switch (type) { 1575 switch (type) {
1576 case RFCOMM_PN: 1576 case RFCOMM_PN:
1577 rfcomm_recv_pn(s, cr, skb); 1577 rfcomm_recv_pn(s, cr, skb);
1578 break; 1578 break;
1579 1579
1580 case RFCOMM_RPN: 1580 case RFCOMM_RPN:
1581 rfcomm_recv_rpn(s, cr, len, skb); 1581 rfcomm_recv_rpn(s, cr, len, skb);
1582 break; 1582 break;
1583 1583
1584 case RFCOMM_RLS: 1584 case RFCOMM_RLS:
1585 rfcomm_recv_rls(s, cr, skb); 1585 rfcomm_recv_rls(s, cr, skb);
1586 break; 1586 break;
1587 1587
1588 case RFCOMM_MSC: 1588 case RFCOMM_MSC:
1589 rfcomm_recv_msc(s, cr, skb); 1589 rfcomm_recv_msc(s, cr, skb);
1590 break; 1590 break;
1591 1591
1592 case RFCOMM_FCOFF: 1592 case RFCOMM_FCOFF:
1593 if (cr) { 1593 if (cr) {
1594 set_bit(RFCOMM_TX_THROTTLED, &s->flags); 1594 set_bit(RFCOMM_TX_THROTTLED, &s->flags);
1595 rfcomm_send_fcoff(s, 0); 1595 rfcomm_send_fcoff(s, 0);
1596 } 1596 }
1597 break; 1597 break;
1598 1598
1599 case RFCOMM_FCON: 1599 case RFCOMM_FCON:
1600 if (cr) { 1600 if (cr) {
1601 clear_bit(RFCOMM_TX_THROTTLED, &s->flags); 1601 clear_bit(RFCOMM_TX_THROTTLED, &s->flags);
1602 rfcomm_send_fcon(s, 0); 1602 rfcomm_send_fcon(s, 0);
1603 } 1603 }
1604 break; 1604 break;
1605 1605
1606 case RFCOMM_TEST: 1606 case RFCOMM_TEST:
1607 if (cr) 1607 if (cr)
1608 rfcomm_send_test(s, 0, skb->data, skb->len); 1608 rfcomm_send_test(s, 0, skb->data, skb->len);
1609 break; 1609 break;
1610 1610
1611 case RFCOMM_NSC: 1611 case RFCOMM_NSC:
1612 break; 1612 break;
1613 1613
1614 default: 1614 default:
1615 BT_ERR("Unknown control type 0x%02x", type); 1615 BT_ERR("Unknown control type 0x%02x", type);
1616 rfcomm_send_nsc(s, cr, type); 1616 rfcomm_send_nsc(s, cr, type);
1617 break; 1617 break;
1618 } 1618 }
1619 return 0; 1619 return 0;
1620 } 1620 }
1621 1621
1622 static int rfcomm_recv_data(struct rfcomm_session *s, u8 dlci, int pf, struct sk_buff *skb) 1622 static int rfcomm_recv_data(struct rfcomm_session *s, u8 dlci, int pf, struct sk_buff *skb)
1623 { 1623 {
1624 struct rfcomm_dlc *d; 1624 struct rfcomm_dlc *d;
1625 1625
1626 BT_DBG("session %p state %ld dlci %d pf %d", s, s->state, dlci, pf); 1626 BT_DBG("session %p state %ld dlci %d pf %d", s, s->state, dlci, pf);
1627 1627
1628 d = rfcomm_dlc_get(s, dlci); 1628 d = rfcomm_dlc_get(s, dlci);
1629 if (!d) { 1629 if (!d) {
1630 rfcomm_send_dm(s, dlci); 1630 rfcomm_send_dm(s, dlci);
1631 goto drop; 1631 goto drop;
1632 } 1632 }
1633 1633
1634 if (pf && d->cfc) { 1634 if (pf && d->cfc) {
1635 u8 credits = *(u8 *) skb->data; skb_pull(skb, 1); 1635 u8 credits = *(u8 *) skb->data; skb_pull(skb, 1);
1636 1636
1637 d->tx_credits += credits; 1637 d->tx_credits += credits;
1638 if (d->tx_credits) 1638 if (d->tx_credits)
1639 clear_bit(RFCOMM_TX_THROTTLED, &d->flags); 1639 clear_bit(RFCOMM_TX_THROTTLED, &d->flags);
1640 } 1640 }
1641 1641
1642 if (skb->len && d->state == BT_CONNECTED) { 1642 if (skb->len && d->state == BT_CONNECTED) {
1643 rfcomm_dlc_lock(d); 1643 rfcomm_dlc_lock(d);
1644 d->rx_credits--; 1644 d->rx_credits--;
1645 d->data_ready(d, skb); 1645 d->data_ready(d, skb);
1646 rfcomm_dlc_unlock(d); 1646 rfcomm_dlc_unlock(d);
1647 return 0; 1647 return 0;
1648 } 1648 }
1649 1649
1650 drop: 1650 drop:
1651 kfree_skb(skb); 1651 kfree_skb(skb);
1652 return 0; 1652 return 0;
1653 } 1653 }
1654 1654
1655 static int rfcomm_recv_frame(struct rfcomm_session *s, struct sk_buff *skb) 1655 static int rfcomm_recv_frame(struct rfcomm_session *s, struct sk_buff *skb)
1656 { 1656 {
1657 struct rfcomm_hdr *hdr = (void *) skb->data; 1657 struct rfcomm_hdr *hdr = (void *) skb->data;
1658 u8 type, dlci, fcs; 1658 u8 type, dlci, fcs;
1659 1659
1660 dlci = __get_dlci(hdr->addr); 1660 dlci = __get_dlci(hdr->addr);
1661 type = __get_type(hdr->ctrl); 1661 type = __get_type(hdr->ctrl);
1662 1662
1663 /* Trim FCS */ 1663 /* Trim FCS */
1664 skb->len--; skb->tail--; 1664 skb->len--; skb->tail--;
1665 fcs = *(u8 *)skb_tail_pointer(skb); 1665 fcs = *(u8 *)skb_tail_pointer(skb);
1666 1666
1667 if (__check_fcs(skb->data, type, fcs)) { 1667 if (__check_fcs(skb->data, type, fcs)) {
1668 BT_ERR("bad checksum in packet"); 1668 BT_ERR("bad checksum in packet");
1669 kfree_skb(skb); 1669 kfree_skb(skb);
1670 return -EILSEQ; 1670 return -EILSEQ;
1671 } 1671 }
1672 1672
1673 if (__test_ea(hdr->len)) 1673 if (__test_ea(hdr->len))
1674 skb_pull(skb, 3); 1674 skb_pull(skb, 3);
1675 else 1675 else
1676 skb_pull(skb, 4); 1676 skb_pull(skb, 4);
1677 1677
1678 switch (type) { 1678 switch (type) {
1679 case RFCOMM_SABM: 1679 case RFCOMM_SABM:
1680 if (__test_pf(hdr->ctrl)) 1680 if (__test_pf(hdr->ctrl))
1681 rfcomm_recv_sabm(s, dlci); 1681 rfcomm_recv_sabm(s, dlci);
1682 break; 1682 break;
1683 1683
1684 case RFCOMM_DISC: 1684 case RFCOMM_DISC:
1685 if (__test_pf(hdr->ctrl)) 1685 if (__test_pf(hdr->ctrl))
1686 rfcomm_recv_disc(s, dlci); 1686 rfcomm_recv_disc(s, dlci);
1687 break; 1687 break;
1688 1688
1689 case RFCOMM_UA: 1689 case RFCOMM_UA:
1690 if (__test_pf(hdr->ctrl)) 1690 if (__test_pf(hdr->ctrl))
1691 rfcomm_recv_ua(s, dlci); 1691 rfcomm_recv_ua(s, dlci);
1692 break; 1692 break;
1693 1693
1694 case RFCOMM_DM: 1694 case RFCOMM_DM:
1695 rfcomm_recv_dm(s, dlci); 1695 rfcomm_recv_dm(s, dlci);
1696 break; 1696 break;
1697 1697
1698 case RFCOMM_UIH: 1698 case RFCOMM_UIH:
1699 if (dlci) 1699 if (dlci)
1700 return rfcomm_recv_data(s, dlci, __test_pf(hdr->ctrl), skb); 1700 return rfcomm_recv_data(s, dlci, __test_pf(hdr->ctrl), skb);
1701 1701
1702 rfcomm_recv_mcc(s, skb); 1702 rfcomm_recv_mcc(s, skb);
1703 break; 1703 break;
1704 1704
1705 default: 1705 default:
1706 BT_ERR("Unknown packet type 0x%02x", type); 1706 BT_ERR("Unknown packet type 0x%02x", type);
1707 break; 1707 break;
1708 } 1708 }
1709 kfree_skb(skb); 1709 kfree_skb(skb);
1710 return 0; 1710 return 0;
1711 } 1711 }
1712 1712
1713 /* ---- Connection and data processing ---- */ 1713 /* ---- Connection and data processing ---- */
1714 1714
1715 static void rfcomm_process_connect(struct rfcomm_session *s) 1715 static void rfcomm_process_connect(struct rfcomm_session *s)
1716 { 1716 {
1717 struct rfcomm_dlc *d; 1717 struct rfcomm_dlc *d;
1718 struct list_head *p, *n; 1718 struct list_head *p, *n;
1719 1719
1720 BT_DBG("session %p state %ld", s, s->state); 1720 BT_DBG("session %p state %ld", s, s->state);
1721 1721
1722 list_for_each_safe(p, n, &s->dlcs) { 1722 list_for_each_safe(p, n, &s->dlcs) {
1723 d = list_entry(p, struct rfcomm_dlc, list); 1723 d = list_entry(p, struct rfcomm_dlc, list);
1724 if (d->state == BT_CONFIG) { 1724 if (d->state == BT_CONFIG) {
1725 d->mtu = s->mtu; 1725 d->mtu = s->mtu;
1726 if (rfcomm_check_security(d)) { 1726 if (rfcomm_check_security(d)) {
1727 rfcomm_send_pn(s, 1, d); 1727 rfcomm_send_pn(s, 1, d);
1728 } else { 1728 } else {
1729 set_bit(RFCOMM_AUTH_PENDING, &d->flags); 1729 set_bit(RFCOMM_AUTH_PENDING, &d->flags);
1730 rfcomm_dlc_set_timer(d, RFCOMM_AUTH_TIMEOUT); 1730 rfcomm_dlc_set_timer(d, RFCOMM_AUTH_TIMEOUT);
1731 } 1731 }
1732 } 1732 }
1733 } 1733 }
1734 } 1734 }
1735 1735
1736 /* Send data queued for the DLC. 1736 /* Send data queued for the DLC.
1737 * Return number of frames left in the queue. 1737 * Return number of frames left in the queue.
1738 */ 1738 */
1739 static int rfcomm_process_tx(struct rfcomm_dlc *d) 1739 static int rfcomm_process_tx(struct rfcomm_dlc *d)
1740 { 1740 {
1741 struct sk_buff *skb; 1741 struct sk_buff *skb;
1742 int err; 1742 int err;
1743 1743
1744 BT_DBG("dlc %p state %ld cfc %d rx_credits %d tx_credits %d", 1744 BT_DBG("dlc %p state %ld cfc %d rx_credits %d tx_credits %d",
1745 d, d->state, d->cfc, d->rx_credits, d->tx_credits); 1745 d, d->state, d->cfc, d->rx_credits, d->tx_credits);
1746 1746
1747 /* Send pending MSC */ 1747 /* Send pending MSC */
1748 if (test_and_clear_bit(RFCOMM_MSC_PENDING, &d->flags)) 1748 if (test_and_clear_bit(RFCOMM_MSC_PENDING, &d->flags))
1749 rfcomm_send_msc(d->session, 1, d->dlci, d->v24_sig); 1749 rfcomm_send_msc(d->session, 1, d->dlci, d->v24_sig);
1750 1750
1751 if (d->cfc) { 1751 if (d->cfc) {
1752 /* CFC enabled. 1752 /* CFC enabled.
1753 * Give them some credits */ 1753 * Give them some credits */
1754 if (!test_bit(RFCOMM_RX_THROTTLED, &d->flags) && 1754 if (!test_bit(RFCOMM_RX_THROTTLED, &d->flags) &&
1755 d->rx_credits <= (d->cfc >> 2)) { 1755 d->rx_credits <= (d->cfc >> 2)) {
1756 rfcomm_send_credits(d->session, d->addr, d->cfc - d->rx_credits); 1756 rfcomm_send_credits(d->session, d->addr, d->cfc - d->rx_credits);
1757 d->rx_credits = d->cfc; 1757 d->rx_credits = d->cfc;
1758 } 1758 }
1759 } else { 1759 } else {
1760 /* CFC disabled. 1760 /* CFC disabled.
1761 * Give ourselves some credits */ 1761 * Give ourselves some credits */
1762 d->tx_credits = 5; 1762 d->tx_credits = 5;
1763 } 1763 }
1764 1764
1765 if (test_bit(RFCOMM_TX_THROTTLED, &d->flags)) 1765 if (test_bit(RFCOMM_TX_THROTTLED, &d->flags))
1766 return skb_queue_len(&d->tx_queue); 1766 return skb_queue_len(&d->tx_queue);
1767 1767
1768 while (d->tx_credits && (skb = skb_dequeue(&d->tx_queue))) { 1768 while (d->tx_credits && (skb = skb_dequeue(&d->tx_queue))) {
1769 err = rfcomm_send_frame(d->session, skb->data, skb->len); 1769 err = rfcomm_send_frame(d->session, skb->data, skb->len);
1770 if (err < 0) { 1770 if (err < 0) {
1771 skb_queue_head(&d->tx_queue, skb); 1771 skb_queue_head(&d->tx_queue, skb);
1772 break; 1772 break;
1773 } 1773 }
1774 kfree_skb(skb); 1774 kfree_skb(skb);
1775 d->tx_credits--; 1775 d->tx_credits--;
1776 } 1776 }
1777 1777
1778 if (d->cfc && !d->tx_credits) { 1778 if (d->cfc && !d->tx_credits) {
1779 /* We're out of TX credits. 1779 /* We're out of TX credits.
1780 * Set TX_THROTTLED flag to avoid unnesary wakeups by dlc_send. */ 1780 * Set TX_THROTTLED flag to avoid unnesary wakeups by dlc_send. */
1781 set_bit(RFCOMM_TX_THROTTLED, &d->flags); 1781 set_bit(RFCOMM_TX_THROTTLED, &d->flags);
1782 } 1782 }
1783 1783
1784 return skb_queue_len(&d->tx_queue); 1784 return skb_queue_len(&d->tx_queue);
1785 } 1785 }
1786 1786
1787 static void rfcomm_process_dlcs(struct rfcomm_session *s) 1787 static void rfcomm_process_dlcs(struct rfcomm_session *s)
1788 { 1788 {
1789 struct rfcomm_dlc *d; 1789 struct rfcomm_dlc *d;
1790 struct list_head *p, *n; 1790 struct list_head *p, *n;
1791 1791
1792 BT_DBG("session %p state %ld", s, s->state); 1792 BT_DBG("session %p state %ld", s, s->state);
1793 1793
1794 list_for_each_safe(p, n, &s->dlcs) { 1794 list_for_each_safe(p, n, &s->dlcs) {
1795 d = list_entry(p, struct rfcomm_dlc, list); 1795 d = list_entry(p, struct rfcomm_dlc, list);
1796 1796
1797 if (test_bit(RFCOMM_TIMED_OUT, &d->flags)) { 1797 if (test_bit(RFCOMM_TIMED_OUT, &d->flags)) {
1798 __rfcomm_dlc_close(d, ETIMEDOUT); 1798 __rfcomm_dlc_close(d, ETIMEDOUT);
1799 continue; 1799 continue;
1800 } 1800 }
1801 1801
1802 if (test_bit(RFCOMM_ENC_DROP, &d->flags)) { 1802 if (test_bit(RFCOMM_ENC_DROP, &d->flags)) {
1803 __rfcomm_dlc_close(d, ECONNREFUSED); 1803 __rfcomm_dlc_close(d, ECONNREFUSED);
1804 continue; 1804 continue;
1805 } 1805 }
1806 1806
1807 if (test_and_clear_bit(RFCOMM_AUTH_ACCEPT, &d->flags)) { 1807 if (test_and_clear_bit(RFCOMM_AUTH_ACCEPT, &d->flags)) {
1808 rfcomm_dlc_clear_timer(d); 1808 rfcomm_dlc_clear_timer(d);
1809 if (d->out) { 1809 if (d->out) {
1810 rfcomm_send_pn(s, 1, d); 1810 rfcomm_send_pn(s, 1, d);
1811 rfcomm_dlc_set_timer(d, RFCOMM_CONN_TIMEOUT); 1811 rfcomm_dlc_set_timer(d, RFCOMM_CONN_TIMEOUT);
1812 } else { 1812 } else {
1813 if (d->defer_setup) { 1813 if (d->defer_setup) {
1814 set_bit(RFCOMM_DEFER_SETUP, &d->flags); 1814 set_bit(RFCOMM_DEFER_SETUP, &d->flags);
1815 rfcomm_dlc_set_timer(d, RFCOMM_AUTH_TIMEOUT); 1815 rfcomm_dlc_set_timer(d, RFCOMM_AUTH_TIMEOUT);
1816 1816
1817 rfcomm_dlc_lock(d); 1817 rfcomm_dlc_lock(d);
1818 d->state = BT_CONNECT2; 1818 d->state = BT_CONNECT2;
1819 d->state_change(d, 0); 1819 d->state_change(d, 0);
1820 rfcomm_dlc_unlock(d); 1820 rfcomm_dlc_unlock(d);
1821 } else 1821 } else
1822 rfcomm_dlc_accept(d); 1822 rfcomm_dlc_accept(d);
1823 } 1823 }
1824 continue; 1824 continue;
1825 } else if (test_and_clear_bit(RFCOMM_AUTH_REJECT, &d->flags)) { 1825 } else if (test_and_clear_bit(RFCOMM_AUTH_REJECT, &d->flags)) {
1826 rfcomm_dlc_clear_timer(d); 1826 rfcomm_dlc_clear_timer(d);
1827 if (!d->out) 1827 if (!d->out)
1828 rfcomm_send_dm(s, d->dlci); 1828 rfcomm_send_dm(s, d->dlci);
1829 else 1829 else
1830 d->state = BT_CLOSED; 1830 d->state = BT_CLOSED;
1831 __rfcomm_dlc_close(d, ECONNREFUSED); 1831 __rfcomm_dlc_close(d, ECONNREFUSED);
1832 continue; 1832 continue;
1833 } 1833 }
1834 1834
1835 if (test_bit(RFCOMM_SEC_PENDING, &d->flags)) 1835 if (test_bit(RFCOMM_SEC_PENDING, &d->flags))
1836 continue; 1836 continue;
1837 1837
1838 if (test_bit(RFCOMM_TX_THROTTLED, &s->flags)) 1838 if (test_bit(RFCOMM_TX_THROTTLED, &s->flags))
1839 continue; 1839 continue;
1840 1840
1841 if ((d->state == BT_CONNECTED || d->state == BT_DISCONN) && 1841 if ((d->state == BT_CONNECTED || d->state == BT_DISCONN) &&
1842 d->mscex == RFCOMM_MSCEX_OK) 1842 d->mscex == RFCOMM_MSCEX_OK)
1843 rfcomm_process_tx(d); 1843 rfcomm_process_tx(d);
1844 } 1844 }
1845 } 1845 }
1846 1846
1847 static void rfcomm_process_rx(struct rfcomm_session *s) 1847 static void rfcomm_process_rx(struct rfcomm_session *s)
1848 { 1848 {
1849 struct socket *sock = s->sock; 1849 struct socket *sock = s->sock;
1850 struct sock *sk = sock->sk; 1850 struct sock *sk = sock->sk;
1851 struct sk_buff *skb; 1851 struct sk_buff *skb;
1852 1852
1853 BT_DBG("session %p state %ld qlen %d", s, s->state, skb_queue_len(&sk->sk_receive_queue)); 1853 BT_DBG("session %p state %ld qlen %d", s, s->state, skb_queue_len(&sk->sk_receive_queue));
1854 1854
1855 /* Get data directly from socket receive queue without copying it. */ 1855 /* Get data directly from socket receive queue without copying it. */
1856 while ((skb = skb_dequeue(&sk->sk_receive_queue))) { 1856 while ((skb = skb_dequeue(&sk->sk_receive_queue))) {
1857 skb_orphan(skb); 1857 skb_orphan(skb);
1858 if (!skb_linearize(skb)) 1858 if (!skb_linearize(skb))
1859 rfcomm_recv_frame(s, skb); 1859 rfcomm_recv_frame(s, skb);
1860 else 1860 else
1861 kfree_skb(skb); 1861 kfree_skb(skb);
1862 } 1862 }
1863 1863
1864 if (sk->sk_state == BT_CLOSED) { 1864 if (sk->sk_state == BT_CLOSED) {
1865 if (!s->initiator) 1865 if (!s->initiator)
1866 rfcomm_session_put(s); 1866 rfcomm_session_put(s);
1867 1867
1868 rfcomm_session_close(s, sk->sk_err); 1868 rfcomm_session_close(s, sk->sk_err);
1869 } 1869 }
1870 } 1870 }
1871 1871
1872 static void rfcomm_accept_connection(struct rfcomm_session *s) 1872 static void rfcomm_accept_connection(struct rfcomm_session *s)
1873 { 1873 {
1874 struct socket *sock = s->sock, *nsock; 1874 struct socket *sock = s->sock, *nsock;
1875 int err; 1875 int err;
1876 1876
1877 /* Fast check for a new connection. 1877 /* Fast check for a new connection.
1878 * Avoids unnesesary socket allocations. */ 1878 * Avoids unnesesary socket allocations. */
1879 if (list_empty(&bt_sk(sock->sk)->accept_q)) 1879 if (list_empty(&bt_sk(sock->sk)->accept_q))
1880 return; 1880 return;
1881 1881
1882 BT_DBG("session %p", s); 1882 BT_DBG("session %p", s);
1883 1883
1884 err = kernel_accept(sock, &nsock, O_NONBLOCK); 1884 err = kernel_accept(sock, &nsock, O_NONBLOCK);
1885 if (err < 0) 1885 if (err < 0)
1886 return; 1886 return;
1887 1887
1888 /* Set our callbacks */ 1888 /* Set our callbacks */
1889 nsock->sk->sk_data_ready = rfcomm_l2data_ready; 1889 nsock->sk->sk_data_ready = rfcomm_l2data_ready;
1890 nsock->sk->sk_state_change = rfcomm_l2state_change; 1890 nsock->sk->sk_state_change = rfcomm_l2state_change;
1891 1891
1892 s = rfcomm_session_add(nsock, BT_OPEN); 1892 s = rfcomm_session_add(nsock, BT_OPEN);
1893 if (s) { 1893 if (s) {
1894 rfcomm_session_hold(s); 1894 rfcomm_session_hold(s);
1895 1895
1896 /* We should adjust MTU on incoming sessions. 1896 /* We should adjust MTU on incoming sessions.
1897 * L2CAP MTU minus UIH header and FCS. */ 1897 * L2CAP MTU minus UIH header and FCS. */
1898 s->mtu = min(l2cap_pi(nsock->sk)->chan->omtu, 1898 s->mtu = min(l2cap_pi(nsock->sk)->chan->omtu,
1899 l2cap_pi(nsock->sk)->chan->imtu) - 5; 1899 l2cap_pi(nsock->sk)->chan->imtu) - 5;
1900 1900
1901 rfcomm_schedule(); 1901 rfcomm_schedule();
1902 } else 1902 } else
1903 sock_release(nsock); 1903 sock_release(nsock);
1904 } 1904 }
1905 1905
1906 static void rfcomm_check_connection(struct rfcomm_session *s) 1906 static void rfcomm_check_connection(struct rfcomm_session *s)
1907 { 1907 {
1908 struct sock *sk = s->sock->sk; 1908 struct sock *sk = s->sock->sk;
1909 1909
1910 BT_DBG("%p state %ld", s, s->state); 1910 BT_DBG("%p state %ld", s, s->state);
1911 1911
1912 switch (sk->sk_state) { 1912 switch (sk->sk_state) {
1913 case BT_CONNECTED: 1913 case BT_CONNECTED:
1914 s->state = BT_CONNECT; 1914 s->state = BT_CONNECT;
1915 1915
1916 /* We can adjust MTU on outgoing sessions. 1916 /* We can adjust MTU on outgoing sessions.
1917 * L2CAP MTU minus UIH header and FCS. */ 1917 * L2CAP MTU minus UIH header and FCS. */
1918 s->mtu = min(l2cap_pi(sk)->chan->omtu, l2cap_pi(sk)->chan->imtu) - 5; 1918 s->mtu = min(l2cap_pi(sk)->chan->omtu, l2cap_pi(sk)->chan->imtu) - 5;
1919 1919
1920 rfcomm_send_sabm(s, 0); 1920 rfcomm_send_sabm(s, 0);
1921 break; 1921 break;
1922 1922
1923 case BT_CLOSED: 1923 case BT_CLOSED:
1924 s->state = BT_CLOSED; 1924 s->state = BT_CLOSED;
1925 rfcomm_session_close(s, sk->sk_err); 1925 rfcomm_session_close(s, sk->sk_err);
1926 break; 1926 break;
1927 } 1927 }
1928 } 1928 }
1929 1929
1930 static void rfcomm_process_sessions(void) 1930 static void rfcomm_process_sessions(void)
1931 { 1931 {
1932 struct list_head *p, *n; 1932 struct list_head *p, *n;
1933 1933
1934 rfcomm_lock(); 1934 rfcomm_lock();
1935 1935
1936 list_for_each_safe(p, n, &session_list) { 1936 list_for_each_safe(p, n, &session_list) {
1937 struct rfcomm_session *s; 1937 struct rfcomm_session *s;
1938 s = list_entry(p, struct rfcomm_session, list); 1938 s = list_entry(p, struct rfcomm_session, list);
1939 1939
1940 if (test_and_clear_bit(RFCOMM_TIMED_OUT, &s->flags)) { 1940 if (test_and_clear_bit(RFCOMM_TIMED_OUT, &s->flags)) {
1941 s->state = BT_DISCONN; 1941 s->state = BT_DISCONN;
1942 rfcomm_send_disc(s, 0); 1942 rfcomm_send_disc(s, 0);
1943 rfcomm_session_put(s); 1943 rfcomm_session_put(s);
1944 continue; 1944 continue;
1945 } 1945 }
1946 1946
1947 if (s->state == BT_LISTEN) { 1947 if (s->state == BT_LISTEN) {
1948 rfcomm_accept_connection(s); 1948 rfcomm_accept_connection(s);
1949 continue; 1949 continue;
1950 } 1950 }
1951 1951
1952 rfcomm_session_hold(s); 1952 rfcomm_session_hold(s);
1953 1953
1954 switch (s->state) { 1954 switch (s->state) {
1955 case BT_BOUND: 1955 case BT_BOUND:
1956 rfcomm_check_connection(s); 1956 rfcomm_check_connection(s);
1957 break; 1957 break;
1958 1958
1959 default: 1959 default:
1960 rfcomm_process_rx(s); 1960 rfcomm_process_rx(s);
1961 break; 1961 break;
1962 } 1962 }
1963 1963
1964 rfcomm_process_dlcs(s); 1964 rfcomm_process_dlcs(s);
1965 1965
1966 rfcomm_session_put(s); 1966 rfcomm_session_put(s);
1967 } 1967 }
1968 1968
1969 rfcomm_unlock(); 1969 rfcomm_unlock();
1970 } 1970 }
1971 1971
1972 static int rfcomm_add_listener(bdaddr_t *ba) 1972 static int rfcomm_add_listener(bdaddr_t *ba)
1973 { 1973 {
1974 struct sockaddr_l2 addr; 1974 struct sockaddr_l2 addr;
1975 struct socket *sock; 1975 struct socket *sock;
1976 struct sock *sk; 1976 struct sock *sk;
1977 struct rfcomm_session *s; 1977 struct rfcomm_session *s;
1978 int err = 0; 1978 int err = 0;
1979 1979
1980 /* Create socket */ 1980 /* Create socket */
1981 err = rfcomm_l2sock_create(&sock); 1981 err = rfcomm_l2sock_create(&sock);
1982 if (err < 0) { 1982 if (err < 0) {
1983 BT_ERR("Create socket failed %d", err); 1983 BT_ERR("Create socket failed %d", err);
1984 return err; 1984 return err;
1985 } 1985 }
1986 1986
1987 /* Bind socket */ 1987 /* Bind socket */
1988 bacpy(&addr.l2_bdaddr, ba); 1988 bacpy(&addr.l2_bdaddr, ba);
1989 addr.l2_family = AF_BLUETOOTH; 1989 addr.l2_family = AF_BLUETOOTH;
1990 addr.l2_psm = cpu_to_le16(RFCOMM_PSM); 1990 addr.l2_psm = __constant_cpu_to_le16(RFCOMM_PSM);
1991 addr.l2_cid = 0; 1991 addr.l2_cid = 0;
1992 err = kernel_bind(sock, (struct sockaddr *) &addr, sizeof(addr)); 1992 err = kernel_bind(sock, (struct sockaddr *) &addr, sizeof(addr));
1993 if (err < 0) { 1993 if (err < 0) {
1994 BT_ERR("Bind failed %d", err); 1994 BT_ERR("Bind failed %d", err);
1995 goto failed; 1995 goto failed;
1996 } 1996 }
1997 1997
1998 /* Set L2CAP options */ 1998 /* Set L2CAP options */
1999 sk = sock->sk; 1999 sk = sock->sk;
2000 lock_sock(sk); 2000 lock_sock(sk);
2001 l2cap_pi(sk)->chan->imtu = l2cap_mtu; 2001 l2cap_pi(sk)->chan->imtu = l2cap_mtu;
2002 release_sock(sk); 2002 release_sock(sk);
2003 2003
2004 /* Start listening on the socket */ 2004 /* Start listening on the socket */
2005 err = kernel_listen(sock, 10); 2005 err = kernel_listen(sock, 10);
2006 if (err) { 2006 if (err) {
2007 BT_ERR("Listen failed %d", err); 2007 BT_ERR("Listen failed %d", err);
2008 goto failed; 2008 goto failed;
2009 } 2009 }
2010 2010
2011 /* Add listening session */ 2011 /* Add listening session */
2012 s = rfcomm_session_add(sock, BT_LISTEN); 2012 s = rfcomm_session_add(sock, BT_LISTEN);
2013 if (!s) 2013 if (!s)
2014 goto failed; 2014 goto failed;
2015 2015
2016 rfcomm_session_hold(s); 2016 rfcomm_session_hold(s);
2017 return 0; 2017 return 0;
2018 failed: 2018 failed:
2019 sock_release(sock); 2019 sock_release(sock);
2020 return err; 2020 return err;
2021 } 2021 }
2022 2022
2023 static void rfcomm_kill_listener(void) 2023 static void rfcomm_kill_listener(void)
2024 { 2024 {
2025 struct rfcomm_session *s; 2025 struct rfcomm_session *s;
2026 struct list_head *p, *n; 2026 struct list_head *p, *n;
2027 2027
2028 BT_DBG(""); 2028 BT_DBG("");
2029 2029
2030 list_for_each_safe(p, n, &session_list) { 2030 list_for_each_safe(p, n, &session_list) {
2031 s = list_entry(p, struct rfcomm_session, list); 2031 s = list_entry(p, struct rfcomm_session, list);
2032 rfcomm_session_del(s); 2032 rfcomm_session_del(s);
2033 } 2033 }
2034 } 2034 }
2035 2035
2036 static int rfcomm_run(void *unused) 2036 static int rfcomm_run(void *unused)
2037 { 2037 {
2038 BT_DBG(""); 2038 BT_DBG("");
2039 2039
2040 set_user_nice(current, -10); 2040 set_user_nice(current, -10);
2041 2041
2042 rfcomm_add_listener(BDADDR_ANY); 2042 rfcomm_add_listener(BDADDR_ANY);
2043 2043
2044 while (1) { 2044 while (1) {
2045 set_current_state(TASK_INTERRUPTIBLE); 2045 set_current_state(TASK_INTERRUPTIBLE);
2046 2046
2047 if (kthread_should_stop()) 2047 if (kthread_should_stop())
2048 break; 2048 break;
2049 2049
2050 /* Process stuff */ 2050 /* Process stuff */
2051 rfcomm_process_sessions(); 2051 rfcomm_process_sessions();
2052 2052
2053 schedule(); 2053 schedule();
2054 } 2054 }
2055 __set_current_state(TASK_RUNNING); 2055 __set_current_state(TASK_RUNNING);
2056 2056
2057 rfcomm_kill_listener(); 2057 rfcomm_kill_listener();
2058 2058
2059 return 0; 2059 return 0;
2060 } 2060 }
2061 2061
2062 static void rfcomm_security_cfm(struct hci_conn *conn, u8 status, u8 encrypt) 2062 static void rfcomm_security_cfm(struct hci_conn *conn, u8 status, u8 encrypt)
2063 { 2063 {
2064 struct rfcomm_session *s; 2064 struct rfcomm_session *s;
2065 struct rfcomm_dlc *d; 2065 struct rfcomm_dlc *d;
2066 struct list_head *p, *n; 2066 struct list_head *p, *n;
2067 2067
2068 BT_DBG("conn %p status 0x%02x encrypt 0x%02x", conn, status, encrypt); 2068 BT_DBG("conn %p status 0x%02x encrypt 0x%02x", conn, status, encrypt);
2069 2069
2070 s = rfcomm_session_get(&conn->hdev->bdaddr, &conn->dst); 2070 s = rfcomm_session_get(&conn->hdev->bdaddr, &conn->dst);
2071 if (!s) 2071 if (!s)
2072 return; 2072 return;
2073 2073
2074 rfcomm_session_hold(s); 2074 rfcomm_session_hold(s);
2075 2075
2076 list_for_each_safe(p, n, &s->dlcs) { 2076 list_for_each_safe(p, n, &s->dlcs) {
2077 d = list_entry(p, struct rfcomm_dlc, list); 2077 d = list_entry(p, struct rfcomm_dlc, list);
2078 2078
2079 if (test_and_clear_bit(RFCOMM_SEC_PENDING, &d->flags)) { 2079 if (test_and_clear_bit(RFCOMM_SEC_PENDING, &d->flags)) {
2080 rfcomm_dlc_clear_timer(d); 2080 rfcomm_dlc_clear_timer(d);
2081 if (status || encrypt == 0x00) { 2081 if (status || encrypt == 0x00) {
2082 set_bit(RFCOMM_ENC_DROP, &d->flags); 2082 set_bit(RFCOMM_ENC_DROP, &d->flags);
2083 continue; 2083 continue;
2084 } 2084 }
2085 } 2085 }
2086 2086
2087 if (d->state == BT_CONNECTED && !status && encrypt == 0x00) { 2087 if (d->state == BT_CONNECTED && !status && encrypt == 0x00) {
2088 if (d->sec_level == BT_SECURITY_MEDIUM) { 2088 if (d->sec_level == BT_SECURITY_MEDIUM) {
2089 set_bit(RFCOMM_SEC_PENDING, &d->flags); 2089 set_bit(RFCOMM_SEC_PENDING, &d->flags);
2090 rfcomm_dlc_set_timer(d, RFCOMM_AUTH_TIMEOUT); 2090 rfcomm_dlc_set_timer(d, RFCOMM_AUTH_TIMEOUT);
2091 continue; 2091 continue;
2092 } else if (d->sec_level == BT_SECURITY_HIGH) { 2092 } else if (d->sec_level == BT_SECURITY_HIGH) {
2093 set_bit(RFCOMM_ENC_DROP, &d->flags); 2093 set_bit(RFCOMM_ENC_DROP, &d->flags);
2094 continue; 2094 continue;
2095 } 2095 }
2096 } 2096 }
2097 2097
2098 if (!test_and_clear_bit(RFCOMM_AUTH_PENDING, &d->flags)) 2098 if (!test_and_clear_bit(RFCOMM_AUTH_PENDING, &d->flags))
2099 continue; 2099 continue;
2100 2100
2101 if (!status && hci_conn_check_secure(conn, d->sec_level)) 2101 if (!status && hci_conn_check_secure(conn, d->sec_level))
2102 set_bit(RFCOMM_AUTH_ACCEPT, &d->flags); 2102 set_bit(RFCOMM_AUTH_ACCEPT, &d->flags);
2103 else 2103 else
2104 set_bit(RFCOMM_AUTH_REJECT, &d->flags); 2104 set_bit(RFCOMM_AUTH_REJECT, &d->flags);
2105 } 2105 }
2106 2106
2107 rfcomm_session_put(s); 2107 rfcomm_session_put(s);
2108 2108
2109 rfcomm_schedule(); 2109 rfcomm_schedule();
2110 } 2110 }
2111 2111
2112 static struct hci_cb rfcomm_cb = { 2112 static struct hci_cb rfcomm_cb = {
2113 .name = "RFCOMM", 2113 .name = "RFCOMM",
2114 .security_cfm = rfcomm_security_cfm 2114 .security_cfm = rfcomm_security_cfm
2115 }; 2115 };
2116 2116
2117 static int rfcomm_dlc_debugfs_show(struct seq_file *f, void *x) 2117 static int rfcomm_dlc_debugfs_show(struct seq_file *f, void *x)
2118 { 2118 {
2119 struct rfcomm_session *s; 2119 struct rfcomm_session *s;
2120 2120
2121 rfcomm_lock(); 2121 rfcomm_lock();
2122 2122
2123 list_for_each_entry(s, &session_list, list) { 2123 list_for_each_entry(s, &session_list, list) {
2124 struct rfcomm_dlc *d; 2124 struct rfcomm_dlc *d;
2125 list_for_each_entry(d, &s->dlcs, list) { 2125 list_for_each_entry(d, &s->dlcs, list) {
2126 struct sock *sk = s->sock->sk; 2126 struct sock *sk = s->sock->sk;
2127 2127
2128 seq_printf(f, "%pMR %pMR %ld %d %d %d %d\n", 2128 seq_printf(f, "%pMR %pMR %ld %d %d %d %d\n",
2129 &bt_sk(sk)->src, &bt_sk(sk)->dst, 2129 &bt_sk(sk)->src, &bt_sk(sk)->dst,
2130 d->state, d->dlci, d->mtu, 2130 d->state, d->dlci, d->mtu,
2131 d->rx_credits, d->tx_credits); 2131 d->rx_credits, d->tx_credits);
2132 } 2132 }
2133 } 2133 }
2134 2134
2135 rfcomm_unlock(); 2135 rfcomm_unlock();
2136 2136
2137 return 0; 2137 return 0;
2138 } 2138 }
2139 2139
2140 static int rfcomm_dlc_debugfs_open(struct inode *inode, struct file *file) 2140 static int rfcomm_dlc_debugfs_open(struct inode *inode, struct file *file)
2141 { 2141 {
2142 return single_open(file, rfcomm_dlc_debugfs_show, inode->i_private); 2142 return single_open(file, rfcomm_dlc_debugfs_show, inode->i_private);
2143 } 2143 }
2144 2144
2145 static const struct file_operations rfcomm_dlc_debugfs_fops = { 2145 static const struct file_operations rfcomm_dlc_debugfs_fops = {
2146 .open = rfcomm_dlc_debugfs_open, 2146 .open = rfcomm_dlc_debugfs_open,
2147 .read = seq_read, 2147 .read = seq_read,
2148 .llseek = seq_lseek, 2148 .llseek = seq_lseek,
2149 .release = single_release, 2149 .release = single_release,
2150 }; 2150 };
2151 2151
2152 static struct dentry *rfcomm_dlc_debugfs; 2152 static struct dentry *rfcomm_dlc_debugfs;
2153 2153
2154 /* ---- Initialization ---- */ 2154 /* ---- Initialization ---- */
2155 static int __init rfcomm_init(void) 2155 static int __init rfcomm_init(void)
2156 { 2156 {
2157 int err; 2157 int err;
2158 2158
2159 hci_register_cb(&rfcomm_cb); 2159 hci_register_cb(&rfcomm_cb);
2160 2160
2161 rfcomm_thread = kthread_run(rfcomm_run, NULL, "krfcommd"); 2161 rfcomm_thread = kthread_run(rfcomm_run, NULL, "krfcommd");
2162 if (IS_ERR(rfcomm_thread)) { 2162 if (IS_ERR(rfcomm_thread)) {
2163 err = PTR_ERR(rfcomm_thread); 2163 err = PTR_ERR(rfcomm_thread);
2164 goto unregister; 2164 goto unregister;
2165 } 2165 }
2166 2166
2167 if (bt_debugfs) { 2167 if (bt_debugfs) {
2168 rfcomm_dlc_debugfs = debugfs_create_file("rfcomm_dlc", 0444, 2168 rfcomm_dlc_debugfs = debugfs_create_file("rfcomm_dlc", 0444,
2169 bt_debugfs, NULL, &rfcomm_dlc_debugfs_fops); 2169 bt_debugfs, NULL, &rfcomm_dlc_debugfs_fops);
2170 if (!rfcomm_dlc_debugfs) 2170 if (!rfcomm_dlc_debugfs)
2171 BT_ERR("Failed to create RFCOMM debug file"); 2171 BT_ERR("Failed to create RFCOMM debug file");
2172 } 2172 }
2173 2173
2174 err = rfcomm_init_ttys(); 2174 err = rfcomm_init_ttys();
2175 if (err < 0) 2175 if (err < 0)
2176 goto stop; 2176 goto stop;
2177 2177
2178 err = rfcomm_init_sockets(); 2178 err = rfcomm_init_sockets();
2179 if (err < 0) 2179 if (err < 0)
2180 goto cleanup; 2180 goto cleanup;
2181 2181
2182 BT_INFO("RFCOMM ver %s", VERSION); 2182 BT_INFO("RFCOMM ver %s", VERSION);
2183 2183
2184 return 0; 2184 return 0;
2185 2185
2186 cleanup: 2186 cleanup:
2187 rfcomm_cleanup_ttys(); 2187 rfcomm_cleanup_ttys();
2188 2188
2189 stop: 2189 stop:
2190 kthread_stop(rfcomm_thread); 2190 kthread_stop(rfcomm_thread);
2191 2191
2192 unregister: 2192 unregister:
2193 hci_unregister_cb(&rfcomm_cb); 2193 hci_unregister_cb(&rfcomm_cb);
2194 2194
2195 return err; 2195 return err;
2196 } 2196 }
2197 2197
2198 static void __exit rfcomm_exit(void) 2198 static void __exit rfcomm_exit(void)
2199 { 2199 {
2200 debugfs_remove(rfcomm_dlc_debugfs); 2200 debugfs_remove(rfcomm_dlc_debugfs);
2201 2201
2202 hci_unregister_cb(&rfcomm_cb); 2202 hci_unregister_cb(&rfcomm_cb);
2203 2203
2204 kthread_stop(rfcomm_thread); 2204 kthread_stop(rfcomm_thread);
2205 2205
2206 rfcomm_cleanup_ttys(); 2206 rfcomm_cleanup_ttys();
2207 2207
2208 rfcomm_cleanup_sockets(); 2208 rfcomm_cleanup_sockets();
2209 } 2209 }
2210 2210
2211 module_init(rfcomm_init); 2211 module_init(rfcomm_init);
2212 module_exit(rfcomm_exit); 2212 module_exit(rfcomm_exit);
2213 2213
2214 module_param(disable_cfc, bool, 0644); 2214 module_param(disable_cfc, bool, 0644);
2215 MODULE_PARM_DESC(disable_cfc, "Disable credit based flow control"); 2215 MODULE_PARM_DESC(disable_cfc, "Disable credit based flow control");
2216 2216
2217 module_param(channel_mtu, int, 0644); 2217 module_param(channel_mtu, int, 0644);
2218 MODULE_PARM_DESC(channel_mtu, "Default MTU for the RFCOMM channel"); 2218 MODULE_PARM_DESC(channel_mtu, "Default MTU for the RFCOMM channel");
2219 2219
2220 module_param(l2cap_mtu, uint, 0644); 2220 module_param(l2cap_mtu, uint, 0644);
2221 MODULE_PARM_DESC(l2cap_mtu, "Default MTU for the L2CAP connection"); 2221 MODULE_PARM_DESC(l2cap_mtu, "Default MTU for the L2CAP connection");
2222 2222
2223 module_param(l2cap_ertm, bool, 0644); 2223 module_param(l2cap_ertm, bool, 0644);
2224 MODULE_PARM_DESC(l2cap_ertm, "Use L2CAP ERTM mode for connection"); 2224 MODULE_PARM_DESC(l2cap_ertm, "Use L2CAP ERTM mode for connection");
2225 2225
2226 MODULE_AUTHOR("Marcel Holtmann <marcel@holtmann.org>"); 2226 MODULE_AUTHOR("Marcel Holtmann <marcel@holtmann.org>");
2227 MODULE_DESCRIPTION("Bluetooth RFCOMM ver " VERSION); 2227 MODULE_DESCRIPTION("Bluetooth RFCOMM ver " VERSION);
2228 MODULE_VERSION(VERSION); 2228 MODULE_VERSION(VERSION);
2229 MODULE_LICENSE("GPL"); 2229 MODULE_LICENSE("GPL");
2230 MODULE_ALIAS("bt-proto-3"); 2230 MODULE_ALIAS("bt-proto-3");
2231 2231