Doug / smarc-fsl-linux-kernel | Embedian Git Server

Commit 8c3a4f004e706fd7e681c68c6de4946c8c76b976

Authored by Andre Guedes 2012-06-01 04:01:35 +0800

Committed by Johan Hedberg 2012-06-05 11:34:16 +0800

Exists in smarc-l5.0.0_1.0.0-ga and in 5 other branches

Bluetooth: Rename L2CAP_LE_DEFAULT_MTU

This patch renames L2CAP_LE_DEFAULT_MTU macro to L2CAP_LE_MIN_MTU
since it represents the minimum MTU value, not the default MTU
value for LE.

Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>

Showing 2 changed files with 2 additions and 2 deletions Inline Diff

include/net/bluetooth/l2cap.h
net/bluetooth/l2cap_sock.c

include/net/bluetooth/l2cap.h

Diff comments View file @ 8c3a4f0

 /*
    BlueZ - Bluetooth protocol stack for Linux
    Copyright (C) 2000-2001 Qualcomm Incorporated
    Copyright (C) 2009-2010 Gustavo F. Padovan <gustavo@padovan.org>
    Copyright (C) 2010 Google Inc.
    Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License version 2 as
    published by the Free Software Foundation;
    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
    OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
    IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
    CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
    WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
    ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
    OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
    ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
    COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
    SOFTWARE IS DISCLAIMED.
 */
 #ifndef __L2CAP_H
 #define __L2CAP_H
 #include <asm/unaligned.h>
 /* L2CAP defaults */
 #define L2CAP_DEFAULT_MTU		672
 #define L2CAP_DEFAULT_MIN_MTU		48
 #define L2CAP_DEFAULT_FLUSH_TO		0xffff
 #define L2CAP_DEFAULT_TX_WINDOW		63
 #define L2CAP_DEFAULT_EXT_WINDOW	0x3FFF
 #define L2CAP_DEFAULT_MAX_TX		3
 #define L2CAP_DEFAULT_RETRANS_TO	2000    /* 2 seconds */
 #define L2CAP_DEFAULT_MONITOR_TO	12000   /* 12 seconds */
 #define L2CAP_DEFAULT_MAX_PDU_SIZE	1009    /* Sized for 3-DH5 packet */
 #define L2CAP_DEFAULT_ACK_TO		200
-#define L2CAP_LE_DEFAULT_MTU		23
 #define L2CAP_DEFAULT_MAX_SDU_SIZE	0xFFFF
 #define L2CAP_DEFAULT_SDU_ITIME		0xFFFFFFFF
 #define L2CAP_DEFAULT_ACC_LAT		0xFFFFFFFF
 #define L2CAP_BREDR_MAX_PAYLOAD		1019    /* 3-DH5 packet */
+#define L2CAP_LE_MIN_MTU		23
 #define L2CAP_DISC_TIMEOUT		msecs_to_jiffies(100)
 #define L2CAP_DISC_REJ_TIMEOUT		msecs_to_jiffies(5000)
 #define L2CAP_ENC_TIMEOUT		msecs_to_jiffies(5000)
 #define L2CAP_CONN_TIMEOUT		msecs_to_jiffies(40000)
 #define L2CAP_INFO_TIMEOUT		msecs_to_jiffies(4000)
 #define L2CAP_A2MP_DEFAULT_MTU		670
 /* L2CAP socket address */
 struct sockaddr_l2 {
 	sa_family_t	l2_family;
 	__le16		l2_psm;
 	bdaddr_t	l2_bdaddr;
 	__le16		l2_cid;
 	__u8		l2_bdaddr_type;
 };
 /* L2CAP socket options */
 #define L2CAP_OPTIONS	0x01
 struct l2cap_options {
 	__u16 omtu;
 	__u16 imtu;
 	__u16 flush_to;
 	__u8  mode;
 	__u8  fcs;
 	__u8  max_tx;
 	__u16 txwin_size;
 };
 #define L2CAP_CONNINFO	0x02
 struct l2cap_conninfo {
 	__u16 hci_handle;
 	__u8  dev_class[3];
 };
 #define L2CAP_LM	0x03
 #define L2CAP_LM_MASTER		0x0001
 #define L2CAP_LM_AUTH		0x0002
 #define L2CAP_LM_ENCRYPT	0x0004
 #define L2CAP_LM_TRUSTED	0x0008
 #define L2CAP_LM_RELIABLE	0x0010
 #define L2CAP_LM_SECURE		0x0020
 /* L2CAP command codes */
 #define L2CAP_COMMAND_REJ	0x01
 #define L2CAP_CONN_REQ		0x02
 #define L2CAP_CONN_RSP		0x03
 #define L2CAP_CONF_REQ		0x04
 #define L2CAP_CONF_RSP		0x05
 #define L2CAP_DISCONN_REQ	0x06
 #define L2CAP_DISCONN_RSP	0x07
 #define L2CAP_ECHO_REQ		0x08
 #define L2CAP_ECHO_RSP		0x09
 #define L2CAP_INFO_REQ		0x0a
 #define L2CAP_INFO_RSP		0x0b
 #define L2CAP_CREATE_CHAN_REQ	0x0c
 #define L2CAP_CREATE_CHAN_RSP	0x0d
 #define L2CAP_MOVE_CHAN_REQ	0x0e
 #define L2CAP_MOVE_CHAN_RSP	0x0f
 #define L2CAP_MOVE_CHAN_CFM	0x10
 #define L2CAP_MOVE_CHAN_CFM_RSP	0x11
 #define L2CAP_CONN_PARAM_UPDATE_REQ	0x12
 #define L2CAP_CONN_PARAM_UPDATE_RSP	0x13
 /* L2CAP extended feature mask */
 #define L2CAP_FEAT_FLOWCTL	0x00000001
 #define L2CAP_FEAT_RETRANS	0x00000002
 #define L2CAP_FEAT_BIDIR_QOS	0x00000004
 #define L2CAP_FEAT_ERTM		0x00000008
 #define L2CAP_FEAT_STREAMING	0x00000010
 #define L2CAP_FEAT_FCS		0x00000020
 #define L2CAP_FEAT_EXT_FLOW	0x00000040
 #define L2CAP_FEAT_FIXED_CHAN	0x00000080
 #define L2CAP_FEAT_EXT_WINDOW	0x00000100
 #define L2CAP_FEAT_UCD		0x00000200
 /* L2CAP checksum option */
 #define L2CAP_FCS_NONE		0x00
 #define L2CAP_FCS_CRC16		0x01
 /* L2CAP fixed channels */
 #define L2CAP_FC_L2CAP		0x02
 #define L2CAP_FC_A2MP		0x08
 /* L2CAP Control Field bit masks */
 #define L2CAP_CTRL_SAR			0xC000
 #define L2CAP_CTRL_REQSEQ		0x3F00
 #define L2CAP_CTRL_TXSEQ		0x007E
 #define L2CAP_CTRL_SUPERVISE		0x000C
 #define L2CAP_CTRL_RETRANS		0x0080
 #define L2CAP_CTRL_FINAL		0x0080
 #define L2CAP_CTRL_POLL			0x0010
 #define L2CAP_CTRL_FRAME_TYPE		0x0001 /* I- or S-Frame */
 #define L2CAP_CTRL_TXSEQ_SHIFT		1
 #define L2CAP_CTRL_SUPER_SHIFT		2
 #define L2CAP_CTRL_POLL_SHIFT		4
 #define L2CAP_CTRL_FINAL_SHIFT		7
 #define L2CAP_CTRL_REQSEQ_SHIFT		8
 #define L2CAP_CTRL_SAR_SHIFT		14
 /* L2CAP Extended Control Field bit mask */
 #define L2CAP_EXT_CTRL_TXSEQ		0xFFFC0000
 #define L2CAP_EXT_CTRL_SAR		0x00030000
 #define L2CAP_EXT_CTRL_SUPERVISE	0x00030000
 #define L2CAP_EXT_CTRL_REQSEQ		0x0000FFFC
 #define L2CAP_EXT_CTRL_POLL		0x00040000
 #define L2CAP_EXT_CTRL_FINAL		0x00000002
 #define L2CAP_EXT_CTRL_FRAME_TYPE	0x00000001 /* I- or S-Frame */
 #define L2CAP_EXT_CTRL_FINAL_SHIFT	1
 #define L2CAP_EXT_CTRL_REQSEQ_SHIFT	2
 #define L2CAP_EXT_CTRL_SAR_SHIFT	16
 #define L2CAP_EXT_CTRL_SUPER_SHIFT	16
 #define L2CAP_EXT_CTRL_POLL_SHIFT	18
 #define L2CAP_EXT_CTRL_TXSEQ_SHIFT	18
 /* L2CAP Supervisory Function */
 #define L2CAP_SUPER_RR		0x00
 #define L2CAP_SUPER_REJ		0x01
 #define L2CAP_SUPER_RNR		0x02
 #define L2CAP_SUPER_SREJ	0x03
 /* L2CAP Segmentation and Reassembly */
 #define L2CAP_SAR_UNSEGMENTED	0x00
 #define L2CAP_SAR_START		0x01
 #define L2CAP_SAR_END		0x02
 #define L2CAP_SAR_CONTINUE	0x03
 /* L2CAP Command rej. reasons */
 #define L2CAP_REJ_NOT_UNDERSTOOD	0x0000
 #define L2CAP_REJ_MTU_EXCEEDED		0x0001
 #define L2CAP_REJ_INVALID_CID		0x0002
 /* L2CAP structures */
 struct l2cap_hdr {
 	__le16     len;
 	__le16     cid;
 } __packed;
 #define L2CAP_HDR_SIZE		4
 #define L2CAP_ENH_HDR_SIZE	6
 #define L2CAP_EXT_HDR_SIZE	8
 #define L2CAP_FCS_SIZE		2
 #define L2CAP_SDULEN_SIZE	2
 #define L2CAP_PSMLEN_SIZE	2
 #define L2CAP_ENH_CTRL_SIZE	2
 #define L2CAP_EXT_CTRL_SIZE	4
 struct l2cap_cmd_hdr {
 	__u8       code;
 	__u8       ident;
 	__le16     len;
 } __packed;
 #define L2CAP_CMD_HDR_SIZE	4
 struct l2cap_cmd_rej_unk {
 	__le16     reason;
 } __packed;
 struct l2cap_cmd_rej_mtu {
 	__le16     reason;
 	__le16     max_mtu;
 } __packed;
 struct l2cap_cmd_rej_cid {
 	__le16     reason;
 	__le16     scid;
 	__le16     dcid;
 } __packed;
 struct l2cap_conn_req {
 	__le16     psm;
 	__le16     scid;
 } __packed;
 struct l2cap_conn_rsp {
 	__le16     dcid;
 	__le16     scid;
 	__le16     result;
 	__le16     status;
 } __packed;
 /* protocol/service multiplexer (PSM) */
 #define L2CAP_PSM_SDP		0x0001
 #define L2CAP_PSM_RFCOMM	0x0003
 /* channel indentifier */
 #define L2CAP_CID_SIGNALING	0x0001
 #define L2CAP_CID_CONN_LESS	0x0002
 #define L2CAP_CID_A2MP		0x0003
 #define L2CAP_CID_LE_DATA	0x0004
 #define L2CAP_CID_LE_SIGNALING	0x0005
 #define L2CAP_CID_SMP		0x0006
 #define L2CAP_CID_DYN_START	0x0040
 #define L2CAP_CID_DYN_END	0xffff
 /* connect/create channel results */
 #define L2CAP_CR_SUCCESS	0x0000
 #define L2CAP_CR_PEND		0x0001
 #define L2CAP_CR_BAD_PSM	0x0002
 #define L2CAP_CR_SEC_BLOCK	0x0003
 #define L2CAP_CR_NO_MEM		0x0004
 #define L2CAP_CR_BAD_AMP	0x0005
 /* connect/create channel status */
 #define L2CAP_CS_NO_INFO	0x0000
 #define L2CAP_CS_AUTHEN_PEND	0x0001
 #define L2CAP_CS_AUTHOR_PEND	0x0002
 struct l2cap_conf_req {
 	__le16     dcid;
 	__le16     flags;
 	__u8       data[0];
 } __packed;
 struct l2cap_conf_rsp {
 	__le16     scid;
 	__le16     flags;
 	__le16     result;
 	__u8       data[0];
 } __packed;
 #define L2CAP_CONF_SUCCESS	0x0000
 #define L2CAP_CONF_UNACCEPT	0x0001
 #define L2CAP_CONF_REJECT	0x0002
 #define L2CAP_CONF_UNKNOWN	0x0003
 #define L2CAP_CONF_PENDING	0x0004
 #define L2CAP_CONF_EFS_REJECT	0x0005
 /* configuration req/rsp continuation flag */
 #define L2CAP_CONF_FLAG_CONTINUATION	0x0001
 struct l2cap_conf_opt {
 	__u8       type;
 	__u8       len;
 	__u8       val[0];
 } __packed;
 #define L2CAP_CONF_OPT_SIZE	2
 #define L2CAP_CONF_HINT		0x80
 #define L2CAP_CONF_MASK		0x7f
 #define L2CAP_CONF_MTU		0x01
 #define L2CAP_CONF_FLUSH_TO	0x02
 #define L2CAP_CONF_QOS		0x03
 #define L2CAP_CONF_RFC		0x04
 #define L2CAP_CONF_FCS		0x05
 #define L2CAP_CONF_EFS		0x06
 #define L2CAP_CONF_EWS		0x07
 #define L2CAP_CONF_MAX_SIZE	22
 struct l2cap_conf_rfc {
 	__u8       mode;
 	__u8       txwin_size;
 	__u8       max_transmit;
 	__le16     retrans_timeout;
 	__le16     monitor_timeout;
 	__le16     max_pdu_size;
 } __packed;
 #define L2CAP_MODE_BASIC	0x00
 #define L2CAP_MODE_RETRANS	0x01
 #define L2CAP_MODE_FLOWCTL	0x02
 #define L2CAP_MODE_ERTM		0x03
 #define L2CAP_MODE_STREAMING	0x04
 struct l2cap_conf_efs {
 	__u8	id;
 	__u8	stype;
 	__le16	msdu;
 	__le32	sdu_itime;
 	__le32	acc_lat;
 	__le32	flush_to;
 } __packed;
 #define L2CAP_SERV_NOTRAFIC	0x00
 #define L2CAP_SERV_BESTEFFORT	0x01
 #define L2CAP_SERV_GUARANTEED	0x02
 #define L2CAP_BESTEFFORT_ID	0x01
 struct l2cap_disconn_req {
 	__le16     dcid;
 	__le16     scid;
 } __packed;
 struct l2cap_disconn_rsp {
 	__le16     dcid;
 	__le16     scid;
 } __packed;
 struct l2cap_info_req {
 	__le16      type;
 } __packed;
 struct l2cap_info_rsp {
 	__le16      type;
 	__le16      result;
 	__u8        data[0];
 } __packed;
 struct l2cap_create_chan_req {
 	__le16      psm;
 	__le16      scid;
 	__u8        amp_id;
 } __packed;
 struct l2cap_create_chan_rsp {
 	__le16      dcid;
 	__le16      scid;
 	__le16      result;
 	__le16      status;
 } __packed;
 struct l2cap_move_chan_req {
 	__le16      icid;
 	__u8        dest_amp_id;
 } __packed;
 struct l2cap_move_chan_rsp {
 	__le16      icid;
 	__le16      result;
 } __packed;
 #define L2CAP_MR_SUCCESS	0x0000
 #define L2CAP_MR_PEND		0x0001
 #define L2CAP_MR_BAD_ID		0x0002
 #define L2CAP_MR_SAME_ID	0x0003
 #define L2CAP_MR_NOT_SUPP	0x0004
 #define L2CAP_MR_COLLISION	0x0005
 #define L2CAP_MR_NOT_ALLOWED	0x0006
 struct l2cap_move_chan_cfm {
 	__le16      icid;
 	__le16      result;
 } __packed;
 #define L2CAP_MC_CONFIRMED	0x0000
 #define L2CAP_MC_UNCONFIRMED	0x0001
 struct l2cap_move_chan_cfm_rsp {
 	__le16      icid;
 } __packed;
 /* info type */
 #define L2CAP_IT_CL_MTU		0x0001
 #define L2CAP_IT_FEAT_MASK	0x0002
 #define L2CAP_IT_FIXED_CHAN	0x0003
 /* info result */
 #define L2CAP_IR_SUCCESS	0x0000
 #define L2CAP_IR_NOTSUPP	0x0001
 struct l2cap_conn_param_update_req {
 	__le16      min;
 	__le16      max;
 	__le16      latency;
 	__le16      to_multiplier;
 } __packed;
 struct l2cap_conn_param_update_rsp {
 	__le16      result;
 } __packed;
 /* Connection Parameters result */
 #define L2CAP_CONN_PARAM_ACCEPTED	0x0000
 #define L2CAP_CONN_PARAM_REJECTED	0x0001
 /* ----- L2CAP channels and connections ----- */
 struct l2cap_seq_list {
 	__u16	head;
 	__u16	tail;
 	__u16	mask;
 	__u16	*list;
 };
 #define L2CAP_SEQ_LIST_CLEAR	0xFFFF
 #define L2CAP_SEQ_LIST_TAIL	0x8000
 struct l2cap_chan {
 	struct sock *sk;
 	struct l2cap_conn	*conn;
 	__u8		state;
 	atomic_t	refcnt;
 	__le16		psm;
 	__u16		dcid;
 	__u16		scid;
 	__u16		imtu;
 	__u16		omtu;
 	__u16		flush_to;
 	__u8		mode;
 	__u8		chan_type;
 	__u8		chan_policy;
 	__le16		sport;
 	__u8		sec_level;
 	__u8		ident;
 	__u8		conf_req[64];
 	__u8		conf_len;
 	__u8		num_conf_req;
 	__u8		num_conf_rsp;
 	__u8		fcs;
 	__u16		tx_win;
 	__u16		tx_win_max;
 	__u8		max_tx;
 	__u16		retrans_timeout;
 	__u16		monitor_timeout;
 	__u16		mps;
 	__u8		tx_state;
 	__u8		rx_state;
 	unsigned long	conf_state;
 	unsigned long	conn_state;
 	unsigned long	flags;
 	__u16		next_tx_seq;
 	__u16		expected_ack_seq;
 	__u16		expected_tx_seq;
 	__u16		buffer_seq;
 	__u16		srej_save_reqseq;
 	__u16		last_acked_seq;
 	__u16		frames_sent;
 	__u16		unacked_frames;
 	__u8		retry_count;
 	__u16		srej_queue_next;
 	__u16		sdu_len;
 	struct sk_buff	*sdu;
 	struct sk_buff	*sdu_last_frag;
 	__u16		remote_tx_win;
 	__u8		remote_max_tx;
 	__u16		remote_mps;
 	__u8		local_id;
 	__u8		local_stype;
 	__u16		local_msdu;
 	__u32		local_sdu_itime;
 	__u32		local_acc_lat;
 	__u32		local_flush_to;
 	__u8		remote_id;
 	__u8		remote_stype;
 	__u16		remote_msdu;
 	__u32		remote_sdu_itime;
 	__u32		remote_acc_lat;
 	__u32		remote_flush_to;
 	struct delayed_work	chan_timer;
 	struct delayed_work	retrans_timer;
 	struct delayed_work	monitor_timer;
 	struct delayed_work	ack_timer;
 	struct sk_buff		*tx_send_head;
 	struct sk_buff_head	tx_q;
 	struct sk_buff_head	srej_q;
 	struct l2cap_seq_list	srej_list;
 	struct l2cap_seq_list	retrans_list;
 	struct list_head	list;
 	struct list_head	global_l;
 	void			*data;
 	struct l2cap_ops	*ops;
 	struct mutex		lock;
 };
 struct l2cap_ops {
 	char			*name;
 	struct l2cap_chan	*(*new_connection) (struct l2cap_chan *chan);
 	int			(*recv) (struct l2cap_chan * chan,
 					 struct sk_buff *skb);
 	void			(*teardown) (struct l2cap_chan *chan, int err);
 	void			(*close) (struct l2cap_chan *chan);
 	void			(*state_change) (struct l2cap_chan *chan,
 						 int state);
 	void			(*ready) (struct l2cap_chan *chan);
 	struct sk_buff		*(*alloc_skb) (struct l2cap_chan *chan,
 					       unsigned long len, int nb);
 };
 struct l2cap_conn {
 	struct hci_conn		*hcon;
 	struct hci_chan		*hchan;
 	bdaddr_t		*dst;
 	bdaddr_t		*src;
 	unsigned int		mtu;
 	__u32			feat_mask;
 	__u8			fixed_chan_mask;
 	__u8			info_state;
 	__u8			info_ident;
 	struct delayed_work	info_timer;
 	spinlock_t		lock;
 	struct sk_buff		*rx_skb;
 	__u32			rx_len;
 	__u8			tx_ident;
 	__u8			disc_reason;
 	struct delayed_work	security_timer;
 	struct smp_chan		*smp_chan;
 	struct list_head	chan_l;
 	struct mutex		chan_lock;
 };
 #define L2CAP_INFO_CL_MTU_REQ_SENT	0x01
 #define L2CAP_INFO_FEAT_MASK_REQ_SENT	0x04
 #define L2CAP_INFO_FEAT_MASK_REQ_DONE	0x08
 #define L2CAP_CHAN_RAW			1
 #define L2CAP_CHAN_CONN_LESS		2
 #define L2CAP_CHAN_CONN_ORIENTED	3
 #define L2CAP_CHAN_CONN_FIX_A2MP	4
 /* ----- L2CAP socket info ----- */
 #define l2cap_pi(sk) ((struct l2cap_pinfo *) sk)
 struct l2cap_pinfo {
 	struct bt_sock		bt;
 	struct l2cap_chan	*chan;
 	struct sk_buff		*rx_busy_skb;
 };
 enum {
 	CONF_REQ_SENT,
 	CONF_INPUT_DONE,
 	CONF_OUTPUT_DONE,
 	CONF_MTU_DONE,
 	CONF_MODE_DONE,
 	CONF_CONNECT_PEND,
 	CONF_NO_FCS_RECV,
 	CONF_STATE2_DEVICE,
 	CONF_EWS_RECV,
 	CONF_LOC_CONF_PEND,
 	CONF_REM_CONF_PEND,
 	CONF_NOT_COMPLETE,
 };
 #define L2CAP_CONF_MAX_CONF_REQ 2
 #define L2CAP_CONF_MAX_CONF_RSP 2
 enum {
 	CONN_SREJ_SENT,
 	CONN_WAIT_F,
 	CONN_SREJ_ACT,
 	CONN_SEND_PBIT,
 	CONN_REMOTE_BUSY,
 	CONN_LOCAL_BUSY,
 	CONN_REJ_ACT,
 	CONN_SEND_FBIT,
 	CONN_RNR_SENT,
 };
 /* Definitions for flags in l2cap_chan */
 enum {
 	FLAG_ROLE_SWITCH,
 	FLAG_FORCE_ACTIVE,
 	FLAG_FORCE_RELIABLE,
 	FLAG_FLUSHABLE,
 	FLAG_EXT_CTRL,
 	FLAG_EFS_ENABLE,
 };
 enum {
 	L2CAP_TX_STATE_XMIT,
 	L2CAP_TX_STATE_WAIT_F,
 };
 enum {
 	L2CAP_RX_STATE_RECV,
 	L2CAP_RX_STATE_SREJ_SENT,
 };
 enum {
 	L2CAP_TXSEQ_EXPECTED,
 	L2CAP_TXSEQ_EXPECTED_SREJ,
 	L2CAP_TXSEQ_UNEXPECTED,
 	L2CAP_TXSEQ_UNEXPECTED_SREJ,
 	L2CAP_TXSEQ_DUPLICATE,
 	L2CAP_TXSEQ_DUPLICATE_SREJ,
 	L2CAP_TXSEQ_INVALID,
 	L2CAP_TXSEQ_INVALID_IGNORE,
 };
 enum {
 	L2CAP_EV_DATA_REQUEST,
 	L2CAP_EV_LOCAL_BUSY_DETECTED,
 	L2CAP_EV_LOCAL_BUSY_CLEAR,
 	L2CAP_EV_RECV_REQSEQ_AND_FBIT,
 	L2CAP_EV_RECV_FBIT,
 	L2CAP_EV_RETRANS_TO,
 	L2CAP_EV_MONITOR_TO,
 	L2CAP_EV_EXPLICIT_POLL,
 	L2CAP_EV_RECV_IFRAME,
 	L2CAP_EV_RECV_RR,
 	L2CAP_EV_RECV_REJ,
 	L2CAP_EV_RECV_RNR,
 	L2CAP_EV_RECV_SREJ,
 	L2CAP_EV_RECV_FRAME,
 };
 static inline void l2cap_chan_hold(struct l2cap_chan *c)
 {
 	atomic_inc(&c->refcnt);
 }
 static inline void l2cap_chan_put(struct l2cap_chan *c)
 {
 	if (atomic_dec_and_test(&c->refcnt))
 		kfree(c);
 }
 static inline void l2cap_chan_lock(struct l2cap_chan *chan)
 {
 	mutex_lock(&chan->lock);
 }
 static inline void l2cap_chan_unlock(struct l2cap_chan *chan)
 {
 	mutex_unlock(&chan->lock);
 }
 static inline void l2cap_set_timer(struct l2cap_chan *chan,
 				   struct delayed_work *work, long timeout)
 {
 	BT_DBG("chan %p state %s timeout %ld", chan,
 	       state_to_string(chan->state), timeout);
 	/* If delayed work cancelled do not hold(chan)
 	   since it is already done with previous set_timer */
 	if (!cancel_delayed_work(work))
 		l2cap_chan_hold(chan);
 	schedule_delayed_work(work, timeout);
 }
 static inline bool l2cap_clear_timer(struct l2cap_chan *chan,
 				     struct delayed_work *work)
 {
 	bool ret;
 	/* put(chan) if delayed work cancelled otherwise it
 	   is done in delayed work function */
 	ret = cancel_delayed_work(work);
 	if (ret)
 		l2cap_chan_put(chan);
 	return ret;
 }
 #define __set_chan_timer(c, t) l2cap_set_timer(c, &c->chan_timer, (t))
 #define __clear_chan_timer(c) l2cap_clear_timer(c, &c->chan_timer)
 #define __clear_retrans_timer(c) l2cap_clear_timer(c, &c->retrans_timer)
 #define __clear_monitor_timer(c) l2cap_clear_timer(c, &c->monitor_timer)
 #define __set_ack_timer(c) l2cap_set_timer(c, &chan->ack_timer, \
 		msecs_to_jiffies(L2CAP_DEFAULT_ACK_TO));
 #define __clear_ack_timer(c) l2cap_clear_timer(c, &c->ack_timer)
 static inline int __seq_offset(struct l2cap_chan *chan, __u16 seq1, __u16 seq2)
 {
 	if (seq1 >= seq2)
 		return seq1 - seq2;
 	else
 		return chan->tx_win_max + 1 - seq2 + seq1;
 }
 static inline __u16 __next_seq(struct l2cap_chan *chan, __u16 seq)
 {
 	return (seq + 1) % (chan->tx_win_max + 1);
 }
 extern bool disable_ertm;
 int l2cap_init_sockets(void);
 void l2cap_cleanup_sockets(void);
 void __l2cap_connect_rsp_defer(struct l2cap_chan *chan);
 int __l2cap_wait_ack(struct sock *sk);
 int l2cap_add_psm(struct l2cap_chan *chan, bdaddr_t *src, __le16 psm);
 int l2cap_add_scid(struct l2cap_chan *chan,  __u16 scid);
 struct l2cap_chan *l2cap_chan_create(void);
 void l2cap_chan_close(struct l2cap_chan *chan, int reason);
 void l2cap_chan_destroy(struct l2cap_chan *chan);
 int l2cap_chan_connect(struct l2cap_chan *chan, __le16 psm, u16 cid,
 		       bdaddr_t *dst, u8 dst_type);
 int l2cap_chan_send(struct l2cap_chan *chan, struct msghdr *msg, size_t len,
 								u32 priority);
 void l2cap_chan_busy(struct l2cap_chan *chan, int busy);
 int l2cap_chan_check_security(struct l2cap_chan *chan);
 void l2cap_chan_set_defaults(struct l2cap_chan *chan);
 int l2cap_ertm_init(struct l2cap_chan *chan);
 void l2cap_chan_add(struct l2cap_conn *conn, struct l2cap_chan *chan);
 void l2cap_chan_del(struct l2cap_chan *chan, int err);
 #endif /* __L2CAP_H */

net/bluetooth/l2cap_sock.c

Diff comments View file @ 8c3a4f0

1	/*	1	/*
2	BlueZ - Bluetooth protocol stack for Linux	2	BlueZ - Bluetooth protocol stack for Linux
3	Copyright (C) 2000-2001 Qualcomm Incorporated	3	Copyright (C) 2000-2001 Qualcomm Incorporated
4	Copyright (C) 2009-2010 Gustavo F. Padovan <gustavo@padovan.org>	4	Copyright (C) 2009-2010 Gustavo F. Padovan <gustavo@padovan.org>
5	Copyright (C) 2010 Google Inc.	5	Copyright (C) 2010 Google Inc.
6	Copyright (C) 2011 ProFUSION Embedded Systems	6	Copyright (C) 2011 ProFUSION Embedded Systems
7		7
8	Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>	8	Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
9		9
10	This program is free software; you can redistribute it and/or modify	10	This program is free software; you can redistribute it and/or modify
11	it under the terms of the GNU General Public License version 2 as	11	it under the terms of the GNU General Public License version 2 as
12	published by the Free Software Foundation;	12	published by the Free Software Foundation;
13		13
14	THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS	14	THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
15	OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,	15	OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16	FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.	16	FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
17	IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY	17	IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
18	CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES	18	CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
19	WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN	19	WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
20	ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF	20	ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
21	OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.	21	OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
22		22
23	ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,	23	ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
24	COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS	24	COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
25	SOFTWARE IS DISCLAIMED.	25	SOFTWARE IS DISCLAIMED.
26	*/	26	*/
27		27
28	/* Bluetooth L2CAP sockets. */	28	/* Bluetooth L2CAP sockets. */
29		29
30	#include <linux/export.h>	30	#include <linux/export.h>
31		31
32	#include <net/bluetooth/bluetooth.h>	32	#include <net/bluetooth/bluetooth.h>
33	#include <net/bluetooth/hci_core.h>	33	#include <net/bluetooth/hci_core.h>
34	#include <net/bluetooth/l2cap.h>	34	#include <net/bluetooth/l2cap.h>
35	#include <net/bluetooth/smp.h>	35	#include <net/bluetooth/smp.h>
36		36
37	static const struct proto_ops l2cap_sock_ops;	37	static const struct proto_ops l2cap_sock_ops;
38	static void l2cap_sock_init(struct sock sk, struct sock parent);	38	static void l2cap_sock_init(struct sock sk, struct sock parent);
39	static struct sock l2cap_sock_alloc(struct net net, struct socket *sock, int proto, gfp_t prio);	39	static struct sock l2cap_sock_alloc(struct net net, struct socket *sock, int proto, gfp_t prio);
40		40
41	static int l2cap_sock_bind(struct socket sock, struct sockaddr addr, int alen)	41	static int l2cap_sock_bind(struct socket sock, struct sockaddr addr, int alen)
42	{	42	{
43	struct sock *sk = sock->sk;	43	struct sock *sk = sock->sk;
44	struct l2cap_chan *chan = l2cap_pi(sk)->chan;	44	struct l2cap_chan *chan = l2cap_pi(sk)->chan;
45	struct sockaddr_l2 la;	45	struct sockaddr_l2 la;
46	int len, err = 0;	46	int len, err = 0;
47		47
48	BT_DBG("sk %p", sk);	48	BT_DBG("sk %p", sk);
49		49
50	if (!addr \|\| addr->sa_family != AF_BLUETOOTH)	50	if (!addr \|\| addr->sa_family != AF_BLUETOOTH)
51	return -EINVAL;	51	return -EINVAL;
52		52
53	memset(&la, 0, sizeof(la));	53	memset(&la, 0, sizeof(la));
54	len = min_t(unsigned int, sizeof(la), alen);	54	len = min_t(unsigned int, sizeof(la), alen);
55	memcpy(&la, addr, len);	55	memcpy(&la, addr, len);
56		56
57	if (la.l2_cid && la.l2_psm)	57	if (la.l2_cid && la.l2_psm)
58	return -EINVAL;	58	return -EINVAL;
59		59
60	lock_sock(sk);	60	lock_sock(sk);
61		61
62	if (sk->sk_state != BT_OPEN) {	62	if (sk->sk_state != BT_OPEN) {
63	err = -EBADFD;	63	err = -EBADFD;
64	goto done;	64	goto done;
65	}	65	}
66		66
67	if (la.l2_psm) {	67	if (la.l2_psm) {
68	__u16 psm = __le16_to_cpu(la.l2_psm);	68	__u16 psm = __le16_to_cpu(la.l2_psm);
69		69
70	/* PSM must be odd and lsb of upper byte must be 0 */	70	/* PSM must be odd and lsb of upper byte must be 0 */
71	if ((psm & 0x0101) != 0x0001) {	71	if ((psm & 0x0101) != 0x0001) {
72	err = -EINVAL;	72	err = -EINVAL;
73	goto done;	73	goto done;
74	}	74	}
75		75
76	/* Restrict usage of well-known PSMs */	76	/* Restrict usage of well-known PSMs */
77	if (psm < 0x1001 && !capable(CAP_NET_BIND_SERVICE)) {	77	if (psm < 0x1001 && !capable(CAP_NET_BIND_SERVICE)) {
78	err = -EACCES;	78	err = -EACCES;
79	goto done;	79	goto done;
80	}	80	}
81	}	81	}
82		82
83	if (la.l2_cid)	83	if (la.l2_cid)
84	err = l2cap_add_scid(chan, __le16_to_cpu(la.l2_cid));	84	err = l2cap_add_scid(chan, __le16_to_cpu(la.l2_cid));
85	else	85	else
86	err = l2cap_add_psm(chan, &la.l2_bdaddr, la.l2_psm);	86	err = l2cap_add_psm(chan, &la.l2_bdaddr, la.l2_psm);
87		87
88	if (err < 0)	88	if (err < 0)
89	goto done;	89	goto done;
90		90
91	if (__le16_to_cpu(la.l2_psm) == L2CAP_PSM_SDP \|\|	91	if (__le16_to_cpu(la.l2_psm) == L2CAP_PSM_SDP \|\|
92	__le16_to_cpu(la.l2_psm) == L2CAP_PSM_RFCOMM)	92	__le16_to_cpu(la.l2_psm) == L2CAP_PSM_RFCOMM)
93	chan->sec_level = BT_SECURITY_SDP;	93	chan->sec_level = BT_SECURITY_SDP;
94		94
95	bacpy(&bt_sk(sk)->src, &la.l2_bdaddr);	95	bacpy(&bt_sk(sk)->src, &la.l2_bdaddr);
96		96
97	chan->state = BT_BOUND;	97	chan->state = BT_BOUND;
98	sk->sk_state = BT_BOUND;	98	sk->sk_state = BT_BOUND;
99		99
100	done:	100	done:
101	release_sock(sk);	101	release_sock(sk);
102	return err;	102	return err;
103	}	103	}
104		104
105	static int l2cap_sock_connect(struct socket sock, struct sockaddr addr, int alen, int flags)	105	static int l2cap_sock_connect(struct socket sock, struct sockaddr addr, int alen, int flags)
106	{	106	{
107	struct sock *sk = sock->sk;	107	struct sock *sk = sock->sk;
108	struct l2cap_chan *chan = l2cap_pi(sk)->chan;	108	struct l2cap_chan *chan = l2cap_pi(sk)->chan;
109	struct sockaddr_l2 la;	109	struct sockaddr_l2 la;
110	int len, err = 0;	110	int len, err = 0;
111		111
112	BT_DBG("sk %p", sk);	112	BT_DBG("sk %p", sk);
113		113
114	if (!addr \|\| alen < sizeof(addr->sa_family) \|\|	114	if (!addr \|\| alen < sizeof(addr->sa_family) \|\|
115	addr->sa_family != AF_BLUETOOTH)	115	addr->sa_family != AF_BLUETOOTH)
116	return -EINVAL;	116	return -EINVAL;
117		117
118	memset(&la, 0, sizeof(la));	118	memset(&la, 0, sizeof(la));
119	len = min_t(unsigned int, sizeof(la), alen);	119	len = min_t(unsigned int, sizeof(la), alen);
120	memcpy(&la, addr, len);	120	memcpy(&la, addr, len);
121		121
122	if (la.l2_cid && la.l2_psm)	122	if (la.l2_cid && la.l2_psm)
123	return -EINVAL;	123	return -EINVAL;
124		124
125	err = l2cap_chan_connect(chan, la.l2_psm, __le16_to_cpu(la.l2_cid),	125	err = l2cap_chan_connect(chan, la.l2_psm, __le16_to_cpu(la.l2_cid),
126	&la.l2_bdaddr, la.l2_bdaddr_type);	126	&la.l2_bdaddr, la.l2_bdaddr_type);
127	if (err)	127	if (err)
128	return err;	128	return err;
129		129
130	lock_sock(sk);	130	lock_sock(sk);
131		131
132	err = bt_sock_wait_state(sk, BT_CONNECTED,	132	err = bt_sock_wait_state(sk, BT_CONNECTED,
133	sock_sndtimeo(sk, flags & O_NONBLOCK));	133	sock_sndtimeo(sk, flags & O_NONBLOCK));
134		134
135	release_sock(sk);	135	release_sock(sk);
136		136
137	return err;	137	return err;
138	}	138	}
139		139
140	static int l2cap_sock_listen(struct socket *sock, int backlog)	140	static int l2cap_sock_listen(struct socket *sock, int backlog)
141	{	141	{
142	struct sock *sk = sock->sk;	142	struct sock *sk = sock->sk;
143	struct l2cap_chan *chan = l2cap_pi(sk)->chan;	143	struct l2cap_chan *chan = l2cap_pi(sk)->chan;
144	int err = 0;	144	int err = 0;
145		145
146	BT_DBG("sk %p backlog %d", sk, backlog);	146	BT_DBG("sk %p backlog %d", sk, backlog);
147		147
148	lock_sock(sk);	148	lock_sock(sk);
149		149
150	if (sk->sk_state != BT_BOUND) {	150	if (sk->sk_state != BT_BOUND) {
151	err = -EBADFD;	151	err = -EBADFD;
152	goto done;	152	goto done;
153	}	153	}
154		154
155	if (sk->sk_type != SOCK_SEQPACKET && sk->sk_type != SOCK_STREAM) {	155	if (sk->sk_type != SOCK_SEQPACKET && sk->sk_type != SOCK_STREAM) {
156	err = -EINVAL;	156	err = -EINVAL;
157	goto done;	157	goto done;
158	}	158	}
159		159
160	switch (chan->mode) {	160	switch (chan->mode) {
161	case L2CAP_MODE_BASIC:	161	case L2CAP_MODE_BASIC:
162	break;	162	break;
163	case L2CAP_MODE_ERTM:	163	case L2CAP_MODE_ERTM:
164	case L2CAP_MODE_STREAMING:	164	case L2CAP_MODE_STREAMING:
165	if (!disable_ertm)	165	if (!disable_ertm)
166	break;	166	break;
167	/* fall through */	167	/* fall through */
168	default:	168	default:
169	err = -ENOTSUPP;	169	err = -ENOTSUPP;
170	goto done;	170	goto done;
171	}	171	}
172		172
173	sk->sk_max_ack_backlog = backlog;	173	sk->sk_max_ack_backlog = backlog;
174	sk->sk_ack_backlog = 0;	174	sk->sk_ack_backlog = 0;
175		175
176	chan->state = BT_LISTEN;	176	chan->state = BT_LISTEN;
177	sk->sk_state = BT_LISTEN;	177	sk->sk_state = BT_LISTEN;
178		178
179	done:	179	done:
180	release_sock(sk);	180	release_sock(sk);
181	return err;	181	return err;
182	}	182	}
183		183
184	static int l2cap_sock_accept(struct socket sock, struct socket newsock, int flags)	184	static int l2cap_sock_accept(struct socket sock, struct socket newsock, int flags)
185	{	185	{
186	DECLARE_WAITQUEUE(wait, current);	186	DECLARE_WAITQUEUE(wait, current);
187	struct sock sk = sock->sk, nsk;	187	struct sock sk = sock->sk, nsk;
188	long timeo;	188	long timeo;
189	int err = 0;	189	int err = 0;
190		190
191	lock_sock_nested(sk, SINGLE_DEPTH_NESTING);	191	lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
192		192
193	timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK);	193	timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK);
194		194
195	BT_DBG("sk %p timeo %ld", sk, timeo);	195	BT_DBG("sk %p timeo %ld", sk, timeo);
196		196
197	/* Wait for an incoming connection. (wake-one). */	197	/* Wait for an incoming connection. (wake-one). */
198	add_wait_queue_exclusive(sk_sleep(sk), &wait);	198	add_wait_queue_exclusive(sk_sleep(sk), &wait);
199	while (1) {	199	while (1) {
200	set_current_state(TASK_INTERRUPTIBLE);	200	set_current_state(TASK_INTERRUPTIBLE);
201		201
202	if (sk->sk_state != BT_LISTEN) {	202	if (sk->sk_state != BT_LISTEN) {
203	err = -EBADFD;	203	err = -EBADFD;
204	break;	204	break;
205	}	205	}
206		206
207	nsk = bt_accept_dequeue(sk, newsock);	207	nsk = bt_accept_dequeue(sk, newsock);
208	if (nsk)	208	if (nsk)
209	break;	209	break;
210		210
211	if (!timeo) {	211	if (!timeo) {
212	err = -EAGAIN;	212	err = -EAGAIN;
213	break;	213	break;
214	}	214	}
215		215
216	if (signal_pending(current)) {	216	if (signal_pending(current)) {
217	err = sock_intr_errno(timeo);	217	err = sock_intr_errno(timeo);
218	break;	218	break;
219	}	219	}
220		220
221	release_sock(sk);	221	release_sock(sk);
222	timeo = schedule_timeout(timeo);	222	timeo = schedule_timeout(timeo);
223	lock_sock_nested(sk, SINGLE_DEPTH_NESTING);	223	lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
224	}	224	}
225	__set_current_state(TASK_RUNNING);	225	__set_current_state(TASK_RUNNING);
226	remove_wait_queue(sk_sleep(sk), &wait);	226	remove_wait_queue(sk_sleep(sk), &wait);
227		227
228	if (err)	228	if (err)
229	goto done;	229	goto done;
230		230
231	newsock->state = SS_CONNECTED;	231	newsock->state = SS_CONNECTED;
232		232
233	BT_DBG("new socket %p", nsk);	233	BT_DBG("new socket %p", nsk);
234		234
235	done:	235	done:
236	release_sock(sk);	236	release_sock(sk);
237	return err;	237	return err;
238	}	238	}
239		239
240	static int l2cap_sock_getname(struct socket sock, struct sockaddr addr, int *len, int peer)	240	static int l2cap_sock_getname(struct socket sock, struct sockaddr addr, int *len, int peer)
241	{	241	{
242	struct sockaddr_l2 la = (struct sockaddr_l2 ) addr;	242	struct sockaddr_l2 la = (struct sockaddr_l2 ) addr;
243	struct sock *sk = sock->sk;	243	struct sock *sk = sock->sk;
244	struct l2cap_chan *chan = l2cap_pi(sk)->chan;	244	struct l2cap_chan *chan = l2cap_pi(sk)->chan;
245		245
246	BT_DBG("sock %p, sk %p", sock, sk);	246	BT_DBG("sock %p, sk %p", sock, sk);
247		247
248	addr->sa_family = AF_BLUETOOTH;	248	addr->sa_family = AF_BLUETOOTH;
249	*len = sizeof(struct sockaddr_l2);	249	*len = sizeof(struct sockaddr_l2);
250		250
251	if (peer) {	251	if (peer) {
252	la->l2_psm = chan->psm;	252	la->l2_psm = chan->psm;
253	bacpy(&la->l2_bdaddr, &bt_sk(sk)->dst);	253	bacpy(&la->l2_bdaddr, &bt_sk(sk)->dst);
254	la->l2_cid = cpu_to_le16(chan->dcid);	254	la->l2_cid = cpu_to_le16(chan->dcid);
255	} else {	255	} else {
256	la->l2_psm = chan->sport;	256	la->l2_psm = chan->sport;
257	bacpy(&la->l2_bdaddr, &bt_sk(sk)->src);	257	bacpy(&la->l2_bdaddr, &bt_sk(sk)->src);
258	la->l2_cid = cpu_to_le16(chan->scid);	258	la->l2_cid = cpu_to_le16(chan->scid);
259	}	259	}
260		260
261	return 0;	261	return 0;
262	}	262	}
263		263
264	static int l2cap_sock_getsockopt_old(struct socket sock, int optname, char __user optval, int __user *optlen)	264	static int l2cap_sock_getsockopt_old(struct socket sock, int optname, char __user optval, int __user *optlen)
265	{	265	{
266	struct sock *sk = sock->sk;	266	struct sock *sk = sock->sk;
267	struct l2cap_chan *chan = l2cap_pi(sk)->chan;	267	struct l2cap_chan *chan = l2cap_pi(sk)->chan;
268	struct l2cap_options opts;	268	struct l2cap_options opts;
269	struct l2cap_conninfo cinfo;	269	struct l2cap_conninfo cinfo;
270	int len, err = 0;	270	int len, err = 0;
271	u32 opt;	271	u32 opt;
272		272
273	BT_DBG("sk %p", sk);	273	BT_DBG("sk %p", sk);
274		274
275	if (get_user(len, optlen))	275	if (get_user(len, optlen))
276	return -EFAULT;	276	return -EFAULT;
277		277
278	lock_sock(sk);	278	lock_sock(sk);
279		279
280	switch (optname) {	280	switch (optname) {
281	case L2CAP_OPTIONS:	281	case L2CAP_OPTIONS:
282	memset(&opts, 0, sizeof(opts));	282	memset(&opts, 0, sizeof(opts));
283	opts.imtu = chan->imtu;	283	opts.imtu = chan->imtu;
284	opts.omtu = chan->omtu;	284	opts.omtu = chan->omtu;
285	opts.flush_to = chan->flush_to;	285	opts.flush_to = chan->flush_to;
286	opts.mode = chan->mode;	286	opts.mode = chan->mode;
287	opts.fcs = chan->fcs;	287	opts.fcs = chan->fcs;
288	opts.max_tx = chan->max_tx;	288	opts.max_tx = chan->max_tx;
289	opts.txwin_size = chan->tx_win;	289	opts.txwin_size = chan->tx_win;
290		290
291	len = min_t(unsigned int, len, sizeof(opts));	291	len = min_t(unsigned int, len, sizeof(opts));
292	if (copy_to_user(optval, (char *) &opts, len))	292	if (copy_to_user(optval, (char *) &opts, len))
293	err = -EFAULT;	293	err = -EFAULT;
294		294
295	break;	295	break;
296		296
297	case L2CAP_LM:	297	case L2CAP_LM:
298	switch (chan->sec_level) {	298	switch (chan->sec_level) {
299	case BT_SECURITY_LOW:	299	case BT_SECURITY_LOW:
300	opt = L2CAP_LM_AUTH;	300	opt = L2CAP_LM_AUTH;
301	break;	301	break;
302	case BT_SECURITY_MEDIUM:	302	case BT_SECURITY_MEDIUM:
303	opt = L2CAP_LM_AUTH \| L2CAP_LM_ENCRYPT;	303	opt = L2CAP_LM_AUTH \| L2CAP_LM_ENCRYPT;
304	break;	304	break;
305	case BT_SECURITY_HIGH:	305	case BT_SECURITY_HIGH:
306	opt = L2CAP_LM_AUTH \| L2CAP_LM_ENCRYPT \|	306	opt = L2CAP_LM_AUTH \| L2CAP_LM_ENCRYPT \|
307	L2CAP_LM_SECURE;	307	L2CAP_LM_SECURE;
308	break;	308	break;
309	default:	309	default:
310	opt = 0;	310	opt = 0;
311	break;	311	break;
312	}	312	}
313		313
314	if (test_bit(FLAG_ROLE_SWITCH, &chan->flags))	314	if (test_bit(FLAG_ROLE_SWITCH, &chan->flags))
315	opt \|= L2CAP_LM_MASTER;	315	opt \|= L2CAP_LM_MASTER;
316		316
317	if (test_bit(FLAG_FORCE_RELIABLE, &chan->flags))	317	if (test_bit(FLAG_FORCE_RELIABLE, &chan->flags))
318	opt \|= L2CAP_LM_RELIABLE;	318	opt \|= L2CAP_LM_RELIABLE;
319		319
320	if (put_user(opt, (u32 __user *) optval))	320	if (put_user(opt, (u32 __user *) optval))
321	err = -EFAULT;	321	err = -EFAULT;
322	break;	322	break;
323		323
324	case L2CAP_CONNINFO:	324	case L2CAP_CONNINFO:
325	if (sk->sk_state != BT_CONNECTED &&	325	if (sk->sk_state != BT_CONNECTED &&
326	!(sk->sk_state == BT_CONNECT2 &&	326	!(sk->sk_state == BT_CONNECT2 &&
327	test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags))) {	327	test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags))) {
328	err = -ENOTCONN;	328	err = -ENOTCONN;
329	break;	329	break;
330	}	330	}
331		331
332	memset(&cinfo, 0, sizeof(cinfo));	332	memset(&cinfo, 0, sizeof(cinfo));
333	cinfo.hci_handle = chan->conn->hcon->handle;	333	cinfo.hci_handle = chan->conn->hcon->handle;
334	memcpy(cinfo.dev_class, chan->conn->hcon->dev_class, 3);	334	memcpy(cinfo.dev_class, chan->conn->hcon->dev_class, 3);
335		335
336	len = min_t(unsigned int, len, sizeof(cinfo));	336	len = min_t(unsigned int, len, sizeof(cinfo));
337	if (copy_to_user(optval, (char *) &cinfo, len))	337	if (copy_to_user(optval, (char *) &cinfo, len))
338	err = -EFAULT;	338	err = -EFAULT;
339		339
340	break;	340	break;
341		341
342	default:	342	default:
343	err = -ENOPROTOOPT;	343	err = -ENOPROTOOPT;
344	break;	344	break;
345	}	345	}
346		346
347	release_sock(sk);	347	release_sock(sk);
348	return err;	348	return err;
349	}	349	}
350		350
351	static int l2cap_sock_getsockopt(struct socket sock, int level, int optname, char __user optval, int __user *optlen)	351	static int l2cap_sock_getsockopt(struct socket sock, int level, int optname, char __user optval, int __user *optlen)
352	{	352	{
353	struct sock *sk = sock->sk;	353	struct sock *sk = sock->sk;
354	struct l2cap_chan *chan = l2cap_pi(sk)->chan;	354	struct l2cap_chan *chan = l2cap_pi(sk)->chan;
355	struct bt_security sec;	355	struct bt_security sec;
356	struct bt_power pwr;	356	struct bt_power pwr;
357	int len, err = 0;	357	int len, err = 0;
358		358
359	BT_DBG("sk %p", sk);	359	BT_DBG("sk %p", sk);
360		360
361	if (level == SOL_L2CAP)	361	if (level == SOL_L2CAP)
362	return l2cap_sock_getsockopt_old(sock, optname, optval, optlen);	362	return l2cap_sock_getsockopt_old(sock, optname, optval, optlen);
363		363
364	if (level != SOL_BLUETOOTH)	364	if (level != SOL_BLUETOOTH)
365	return -ENOPROTOOPT;	365	return -ENOPROTOOPT;
366		366
367	if (get_user(len, optlen))	367	if (get_user(len, optlen))
368	return -EFAULT;	368	return -EFAULT;
369		369
370	lock_sock(sk);	370	lock_sock(sk);
371		371
372	switch (optname) {	372	switch (optname) {
373	case BT_SECURITY:	373	case BT_SECURITY:
374	if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&	374	if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
375	chan->chan_type != L2CAP_CHAN_RAW) {	375	chan->chan_type != L2CAP_CHAN_RAW) {
376	err = -EINVAL;	376	err = -EINVAL;
377	break;	377	break;
378	}	378	}
379		379
380	memset(&sec, 0, sizeof(sec));	380	memset(&sec, 0, sizeof(sec));
381	if (chan->conn)	381	if (chan->conn)
382	sec.level = chan->conn->hcon->sec_level;	382	sec.level = chan->conn->hcon->sec_level;
383	else	383	else
384	sec.level = chan->sec_level;	384	sec.level = chan->sec_level;
385		385
386	if (sk->sk_state == BT_CONNECTED)	386	if (sk->sk_state == BT_CONNECTED)
387	sec.key_size = chan->conn->hcon->enc_key_size;	387	sec.key_size = chan->conn->hcon->enc_key_size;
388		388
389	len = min_t(unsigned int, len, sizeof(sec));	389	len = min_t(unsigned int, len, sizeof(sec));
390	if (copy_to_user(optval, (char *) &sec, len))	390	if (copy_to_user(optval, (char *) &sec, len))
391	err = -EFAULT;	391	err = -EFAULT;
392		392
393	break;	393	break;
394		394
395	case BT_DEFER_SETUP:	395	case BT_DEFER_SETUP:
396	if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {	396	if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
397	err = -EINVAL;	397	err = -EINVAL;
398	break;	398	break;
399	}	399	}
400		400
401	if (put_user(test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags),	401	if (put_user(test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags),
402	(u32 __user *) optval))	402	(u32 __user *) optval))
403	err = -EFAULT;	403	err = -EFAULT;
404		404
405	break;	405	break;
406		406
407	case BT_FLUSHABLE:	407	case BT_FLUSHABLE:
408	if (put_user(test_bit(FLAG_FLUSHABLE, &chan->flags),	408	if (put_user(test_bit(FLAG_FLUSHABLE, &chan->flags),
409	(u32 __user *) optval))	409	(u32 __user *) optval))
410	err = -EFAULT;	410	err = -EFAULT;
411		411
412	break;	412	break;
413		413
414	case BT_POWER:	414	case BT_POWER:
415	if (sk->sk_type != SOCK_SEQPACKET && sk->sk_type != SOCK_STREAM	415	if (sk->sk_type != SOCK_SEQPACKET && sk->sk_type != SOCK_STREAM
416	&& sk->sk_type != SOCK_RAW) {	416	&& sk->sk_type != SOCK_RAW) {
417	err = -EINVAL;	417	err = -EINVAL;
418	break;	418	break;
419	}	419	}
420		420
421	pwr.force_active = test_bit(FLAG_FORCE_ACTIVE, &chan->flags);	421	pwr.force_active = test_bit(FLAG_FORCE_ACTIVE, &chan->flags);
422		422
423	len = min_t(unsigned int, len, sizeof(pwr));	423	len = min_t(unsigned int, len, sizeof(pwr));
424	if (copy_to_user(optval, (char *) &pwr, len))	424	if (copy_to_user(optval, (char *) &pwr, len))
425	err = -EFAULT;	425	err = -EFAULT;
426		426
427	break;	427	break;
428		428
429	case BT_CHANNEL_POLICY:	429	case BT_CHANNEL_POLICY:
430	if (!enable_hs) {	430	if (!enable_hs) {
431	err = -ENOPROTOOPT;	431	err = -ENOPROTOOPT;
432	break;	432	break;
433	}	433	}
434		434
435	if (put_user(chan->chan_policy, (u32 __user *) optval))	435	if (put_user(chan->chan_policy, (u32 __user *) optval))
436	err = -EFAULT;	436	err = -EFAULT;
437	break;	437	break;
438		438
439	default:	439	default:
440	err = -ENOPROTOOPT;	440	err = -ENOPROTOOPT;
441	break;	441	break;
442	}	442	}
443		443
444	release_sock(sk);	444	release_sock(sk);
445	return err;	445	return err;
446	}	446	}
447		447
448	static bool l2cap_valid_mtu(struct l2cap_chan *chan, u16 mtu)	448	static bool l2cap_valid_mtu(struct l2cap_chan *chan, u16 mtu)
449	{	449	{
450	switch (chan->scid) {	450	switch (chan->scid) {
451	case L2CAP_CID_LE_DATA:	451	case L2CAP_CID_LE_DATA:
452	if (mtu < L2CAP_LE_DEFAULT_MTU)	452	if (mtu < L2CAP_LE_MIN_MTU)
453	return false;	453	return false;
454	break;	454	break;
455		455
456	default:	456	default:
457	if (mtu < L2CAP_DEFAULT_MIN_MTU)	457	if (mtu < L2CAP_DEFAULT_MIN_MTU)
458	return false;	458	return false;
459	}	459	}
460		460
461	return true;	461	return true;
462	}	462	}
463		463
464	static int l2cap_sock_setsockopt_old(struct socket sock, int optname, char __user optval, unsigned int optlen)	464	static int l2cap_sock_setsockopt_old(struct socket sock, int optname, char __user optval, unsigned int optlen)
465	{	465	{
466	struct sock *sk = sock->sk;	466	struct sock *sk = sock->sk;
467	struct l2cap_chan *chan = l2cap_pi(sk)->chan;	467	struct l2cap_chan *chan = l2cap_pi(sk)->chan;
468	struct l2cap_options opts;	468	struct l2cap_options opts;
469	int len, err = 0;	469	int len, err = 0;
470	u32 opt;	470	u32 opt;
471		471
472	BT_DBG("sk %p", sk);	472	BT_DBG("sk %p", sk);
473		473
474	lock_sock(sk);	474	lock_sock(sk);
475		475
476	switch (optname) {	476	switch (optname) {
477	case L2CAP_OPTIONS:	477	case L2CAP_OPTIONS:
478	if (sk->sk_state == BT_CONNECTED) {	478	if (sk->sk_state == BT_CONNECTED) {
479	err = -EINVAL;	479	err = -EINVAL;
480	break;	480	break;
481	}	481	}
482		482
483	opts.imtu = chan->imtu;	483	opts.imtu = chan->imtu;
484	opts.omtu = chan->omtu;	484	opts.omtu = chan->omtu;
485	opts.flush_to = chan->flush_to;	485	opts.flush_to = chan->flush_to;
486	opts.mode = chan->mode;	486	opts.mode = chan->mode;
487	opts.fcs = chan->fcs;	487	opts.fcs = chan->fcs;
488	opts.max_tx = chan->max_tx;	488	opts.max_tx = chan->max_tx;
489	opts.txwin_size = chan->tx_win;	489	opts.txwin_size = chan->tx_win;
490		490
491	len = min_t(unsigned int, sizeof(opts), optlen);	491	len = min_t(unsigned int, sizeof(opts), optlen);
492	if (copy_from_user((char *) &opts, optval, len)) {	492	if (copy_from_user((char *) &opts, optval, len)) {
493	err = -EFAULT;	493	err = -EFAULT;
494	break;	494	break;
495	}	495	}
496		496
497	if (opts.txwin_size > L2CAP_DEFAULT_EXT_WINDOW) {	497	if (opts.txwin_size > L2CAP_DEFAULT_EXT_WINDOW) {
498	err = -EINVAL;	498	err = -EINVAL;
499	break;	499	break;
500	}	500	}
501		501
502	if (!l2cap_valid_mtu(chan, opts.imtu)) {	502	if (!l2cap_valid_mtu(chan, opts.imtu)) {
503	err = -EINVAL;	503	err = -EINVAL;
504	break;	504	break;
505	}	505	}
506		506
507	chan->mode = opts.mode;	507	chan->mode = opts.mode;
508	switch (chan->mode) {	508	switch (chan->mode) {
509	case L2CAP_MODE_BASIC:	509	case L2CAP_MODE_BASIC:
510	clear_bit(CONF_STATE2_DEVICE, &chan->conf_state);	510	clear_bit(CONF_STATE2_DEVICE, &chan->conf_state);
511	break;	511	break;
512	case L2CAP_MODE_ERTM:	512	case L2CAP_MODE_ERTM:
513	case L2CAP_MODE_STREAMING:	513	case L2CAP_MODE_STREAMING:
514	if (!disable_ertm)	514	if (!disable_ertm)
515	break;	515	break;
516	/* fall through */	516	/* fall through */
517	default:	517	default:
518	err = -EINVAL;	518	err = -EINVAL;
519	break;	519	break;
520	}	520	}
521		521
522	chan->imtu = opts.imtu;	522	chan->imtu = opts.imtu;
523	chan->omtu = opts.omtu;	523	chan->omtu = opts.omtu;
524	chan->fcs = opts.fcs;	524	chan->fcs = opts.fcs;
525	chan->max_tx = opts.max_tx;	525	chan->max_tx = opts.max_tx;
526	chan->tx_win = opts.txwin_size;	526	chan->tx_win = opts.txwin_size;
527	break;	527	break;
528		528
529	case L2CAP_LM:	529	case L2CAP_LM:
530	if (get_user(opt, (u32 __user *) optval)) {	530	if (get_user(opt, (u32 __user *) optval)) {
531	err = -EFAULT;	531	err = -EFAULT;
532	break;	532	break;
533	}	533	}
534		534
535	if (opt & L2CAP_LM_AUTH)	535	if (opt & L2CAP_LM_AUTH)
536	chan->sec_level = BT_SECURITY_LOW;	536	chan->sec_level = BT_SECURITY_LOW;
537	if (opt & L2CAP_LM_ENCRYPT)	537	if (opt & L2CAP_LM_ENCRYPT)
538	chan->sec_level = BT_SECURITY_MEDIUM;	538	chan->sec_level = BT_SECURITY_MEDIUM;
539	if (opt & L2CAP_LM_SECURE)	539	if (opt & L2CAP_LM_SECURE)
540	chan->sec_level = BT_SECURITY_HIGH;	540	chan->sec_level = BT_SECURITY_HIGH;
541		541
542	if (opt & L2CAP_LM_MASTER)	542	if (opt & L2CAP_LM_MASTER)
543	set_bit(FLAG_ROLE_SWITCH, &chan->flags);	543	set_bit(FLAG_ROLE_SWITCH, &chan->flags);
544	else	544	else
545	clear_bit(FLAG_ROLE_SWITCH, &chan->flags);	545	clear_bit(FLAG_ROLE_SWITCH, &chan->flags);
546		546
547	if (opt & L2CAP_LM_RELIABLE)	547	if (opt & L2CAP_LM_RELIABLE)
548	set_bit(FLAG_FORCE_RELIABLE, &chan->flags);	548	set_bit(FLAG_FORCE_RELIABLE, &chan->flags);
549	else	549	else
550	clear_bit(FLAG_FORCE_RELIABLE, &chan->flags);	550	clear_bit(FLAG_FORCE_RELIABLE, &chan->flags);
551	break;	551	break;
552		552
553	default:	553	default:
554	err = -ENOPROTOOPT;	554	err = -ENOPROTOOPT;
555	break;	555	break;
556	}	556	}
557		557
558	release_sock(sk);	558	release_sock(sk);
559	return err;	559	return err;
560	}	560	}
561		561
562	static int l2cap_sock_setsockopt(struct socket sock, int level, int optname, char __user optval, unsigned int optlen)	562	static int l2cap_sock_setsockopt(struct socket sock, int level, int optname, char __user optval, unsigned int optlen)
563	{	563	{
564	struct sock *sk = sock->sk;	564	struct sock *sk = sock->sk;
565	struct l2cap_chan *chan = l2cap_pi(sk)->chan;	565	struct l2cap_chan *chan = l2cap_pi(sk)->chan;
566	struct bt_security sec;	566	struct bt_security sec;
567	struct bt_power pwr;	567	struct bt_power pwr;
568	struct l2cap_conn *conn;	568	struct l2cap_conn *conn;
569	int len, err = 0;	569	int len, err = 0;
570	u32 opt;	570	u32 opt;
571		571
572	BT_DBG("sk %p", sk);	572	BT_DBG("sk %p", sk);
573		573
574	if (level == SOL_L2CAP)	574	if (level == SOL_L2CAP)
575	return l2cap_sock_setsockopt_old(sock, optname, optval, optlen);	575	return l2cap_sock_setsockopt_old(sock, optname, optval, optlen);
576		576
577	if (level != SOL_BLUETOOTH)	577	if (level != SOL_BLUETOOTH)
578	return -ENOPROTOOPT;	578	return -ENOPROTOOPT;
579		579
580	lock_sock(sk);	580	lock_sock(sk);
581		581
582	switch (optname) {	582	switch (optname) {
583	case BT_SECURITY:	583	case BT_SECURITY:
584	if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&	584	if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
585	chan->chan_type != L2CAP_CHAN_RAW) {	585	chan->chan_type != L2CAP_CHAN_RAW) {
586	err = -EINVAL;	586	err = -EINVAL;
587	break;	587	break;
588	}	588	}
589		589
590	sec.level = BT_SECURITY_LOW;	590	sec.level = BT_SECURITY_LOW;
591		591
592	len = min_t(unsigned int, sizeof(sec), optlen);	592	len = min_t(unsigned int, sizeof(sec), optlen);
593	if (copy_from_user((char *) &sec, optval, len)) {	593	if (copy_from_user((char *) &sec, optval, len)) {
594	err = -EFAULT;	594	err = -EFAULT;
595	break;	595	break;
596	}	596	}
597		597
598	if (sec.level < BT_SECURITY_LOW \|\|	598	if (sec.level < BT_SECURITY_LOW \|\|
599	sec.level > BT_SECURITY_HIGH) {	599	sec.level > BT_SECURITY_HIGH) {
600	err = -EINVAL;	600	err = -EINVAL;
601	break;	601	break;
602	}	602	}
603		603
604	chan->sec_level = sec.level;	604	chan->sec_level = sec.level;
605		605
606	if (!chan->conn)	606	if (!chan->conn)
607	break;	607	break;
608		608
609	conn = chan->conn;	609	conn = chan->conn;
610		610
611	/change security for LE channels /	611	/change security for LE channels /
612	if (chan->scid == L2CAP_CID_LE_DATA) {	612	if (chan->scid == L2CAP_CID_LE_DATA) {
613	if (!conn->hcon->out) {	613	if (!conn->hcon->out) {
614	err = -EINVAL;	614	err = -EINVAL;
615	break;	615	break;
616	}	616	}
617		617
618	if (smp_conn_security(conn, sec.level))	618	if (smp_conn_security(conn, sec.level))
619	break;	619	break;
620	sk->sk_state = BT_CONFIG;	620	sk->sk_state = BT_CONFIG;
621	chan->state = BT_CONFIG;	621	chan->state = BT_CONFIG;
622		622
623	/* or for ACL link */	623	/* or for ACL link */
624	} else if ((sk->sk_state == BT_CONNECT2 &&	624	} else if ((sk->sk_state == BT_CONNECT2 &&
625	test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) \|\|	625	test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) \|\|
626	sk->sk_state == BT_CONNECTED) {	626	sk->sk_state == BT_CONNECTED) {
627	if (!l2cap_chan_check_security(chan))	627	if (!l2cap_chan_check_security(chan))
628	set_bit(BT_SK_SUSPEND, &bt_sk(sk)->flags);	628	set_bit(BT_SK_SUSPEND, &bt_sk(sk)->flags);
629	else	629	else
630	sk->sk_state_change(sk);	630	sk->sk_state_change(sk);
631	} else {	631	} else {
632	err = -EINVAL;	632	err = -EINVAL;
633	}	633	}
634	break;	634	break;
635		635
636	case BT_DEFER_SETUP:	636	case BT_DEFER_SETUP:
637	if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {	637	if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
638	err = -EINVAL;	638	err = -EINVAL;
639	break;	639	break;
640	}	640	}
641		641
642	if (get_user(opt, (u32 __user *) optval)) {	642	if (get_user(opt, (u32 __user *) optval)) {
643	err = -EFAULT;	643	err = -EFAULT;
644	break;	644	break;
645	}	645	}
646		646
647	if (opt)	647	if (opt)
648	set_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);	648	set_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
649	else	649	else
650	clear_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);	650	clear_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
651	break;	651	break;
652		652
653	case BT_FLUSHABLE:	653	case BT_FLUSHABLE:
654	if (get_user(opt, (u32 __user *) optval)) {	654	if (get_user(opt, (u32 __user *) optval)) {
655	err = -EFAULT;	655	err = -EFAULT;
656	break;	656	break;
657	}	657	}
658		658
659	if (opt > BT_FLUSHABLE_ON) {	659	if (opt > BT_FLUSHABLE_ON) {
660	err = -EINVAL;	660	err = -EINVAL;
661	break;	661	break;
662	}	662	}
663		663
664	if (opt == BT_FLUSHABLE_OFF) {	664	if (opt == BT_FLUSHABLE_OFF) {
665	struct l2cap_conn *conn = chan->conn;	665	struct l2cap_conn *conn = chan->conn;
666	/* proceed further only when we have l2cap_conn and	666	/* proceed further only when we have l2cap_conn and
667	No Flush support in the LM */	667	No Flush support in the LM */
668	if (!conn \|\| !lmp_no_flush_capable(conn->hcon->hdev)) {	668	if (!conn \|\| !lmp_no_flush_capable(conn->hcon->hdev)) {
669	err = -EINVAL;	669	err = -EINVAL;
670	break;	670	break;
671	}	671	}
672	}	672	}
673		673
674	if (opt)	674	if (opt)
675	set_bit(FLAG_FLUSHABLE, &chan->flags);	675	set_bit(FLAG_FLUSHABLE, &chan->flags);
676	else	676	else
677	clear_bit(FLAG_FLUSHABLE, &chan->flags);	677	clear_bit(FLAG_FLUSHABLE, &chan->flags);
678	break;	678	break;
679		679
680	case BT_POWER:	680	case BT_POWER:
681	if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&	681	if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
682	chan->chan_type != L2CAP_CHAN_RAW) {	682	chan->chan_type != L2CAP_CHAN_RAW) {
683	err = -EINVAL;	683	err = -EINVAL;
684	break;	684	break;
685	}	685	}
686		686
687	pwr.force_active = BT_POWER_FORCE_ACTIVE_ON;	687	pwr.force_active = BT_POWER_FORCE_ACTIVE_ON;
688		688
689	len = min_t(unsigned int, sizeof(pwr), optlen);	689	len = min_t(unsigned int, sizeof(pwr), optlen);
690	if (copy_from_user((char *) &pwr, optval, len)) {	690	if (copy_from_user((char *) &pwr, optval, len)) {
691	err = -EFAULT;	691	err = -EFAULT;
692	break;	692	break;
693	}	693	}
694		694
695	if (pwr.force_active)	695	if (pwr.force_active)
696	set_bit(FLAG_FORCE_ACTIVE, &chan->flags);	696	set_bit(FLAG_FORCE_ACTIVE, &chan->flags);
697	else	697	else
698	clear_bit(FLAG_FORCE_ACTIVE, &chan->flags);	698	clear_bit(FLAG_FORCE_ACTIVE, &chan->flags);
699	break;	699	break;
700		700
701	case BT_CHANNEL_POLICY:	701	case BT_CHANNEL_POLICY:
702	if (!enable_hs) {	702	if (!enable_hs) {
703	err = -ENOPROTOOPT;	703	err = -ENOPROTOOPT;
704	break;	704	break;
705	}	705	}
706		706
707	if (get_user(opt, (u32 __user *) optval)) {	707	if (get_user(opt, (u32 __user *) optval)) {
708	err = -EFAULT;	708	err = -EFAULT;
709	break;	709	break;
710	}	710	}
711		711
712	if (opt > BT_CHANNEL_POLICY_AMP_PREFERRED) {	712	if (opt > BT_CHANNEL_POLICY_AMP_PREFERRED) {
713	err = -EINVAL;	713	err = -EINVAL;
714	break;	714	break;
715	}	715	}
716		716
717	if (chan->mode != L2CAP_MODE_ERTM &&	717	if (chan->mode != L2CAP_MODE_ERTM &&
718	chan->mode != L2CAP_MODE_STREAMING) {	718	chan->mode != L2CAP_MODE_STREAMING) {
719	err = -EOPNOTSUPP;	719	err = -EOPNOTSUPP;
720	break;	720	break;
721	}	721	}
722		722
723	chan->chan_policy = (u8) opt;	723	chan->chan_policy = (u8) opt;
724	break;	724	break;
725		725
726	default:	726	default:
727	err = -ENOPROTOOPT;	727	err = -ENOPROTOOPT;
728	break;	728	break;
729	}	729	}
730		730
731	release_sock(sk);	731	release_sock(sk);
732	return err;	732	return err;
733	}	733	}
734		734
735	static int l2cap_sock_sendmsg(struct kiocb iocb, struct socket sock, struct msghdr *msg, size_t len)	735	static int l2cap_sock_sendmsg(struct kiocb iocb, struct socket sock, struct msghdr *msg, size_t len)
736	{	736	{
737	struct sock *sk = sock->sk;	737	struct sock *sk = sock->sk;
738	struct l2cap_chan *chan = l2cap_pi(sk)->chan;	738	struct l2cap_chan *chan = l2cap_pi(sk)->chan;
739	int err;	739	int err;
740		740
741	BT_DBG("sock %p, sk %p", sock, sk);	741	BT_DBG("sock %p, sk %p", sock, sk);
742		742
743	err = sock_error(sk);	743	err = sock_error(sk);
744	if (err)	744	if (err)
745	return err;	745	return err;
746		746
747	if (msg->msg_flags & MSG_OOB)	747	if (msg->msg_flags & MSG_OOB)
748	return -EOPNOTSUPP;	748	return -EOPNOTSUPP;
749		749
750	if (sk->sk_state != BT_CONNECTED)	750	if (sk->sk_state != BT_CONNECTED)
751	return -ENOTCONN;	751	return -ENOTCONN;
752		752
753	l2cap_chan_lock(chan);	753	l2cap_chan_lock(chan);
754	err = l2cap_chan_send(chan, msg, len, sk->sk_priority);	754	err = l2cap_chan_send(chan, msg, len, sk->sk_priority);
755	l2cap_chan_unlock(chan);	755	l2cap_chan_unlock(chan);
756		756
757	return err;	757	return err;
758	}	758	}
759		759
760	static int l2cap_sock_recvmsg(struct kiocb iocb, struct socket sock, struct msghdr *msg, size_t len, int flags)	760	static int l2cap_sock_recvmsg(struct kiocb iocb, struct socket sock, struct msghdr *msg, size_t len, int flags)
761	{	761	{
762	struct sock *sk = sock->sk;	762	struct sock *sk = sock->sk;
763	struct l2cap_pinfo *pi = l2cap_pi(sk);	763	struct l2cap_pinfo *pi = l2cap_pi(sk);
764	int err;	764	int err;
765		765
766	lock_sock(sk);	766	lock_sock(sk);
767		767
768	if (sk->sk_state == BT_CONNECT2 && test_bit(BT_SK_DEFER_SETUP,	768	if (sk->sk_state == BT_CONNECT2 && test_bit(BT_SK_DEFER_SETUP,
769	&bt_sk(sk)->flags)) {	769	&bt_sk(sk)->flags)) {
770	sk->sk_state = BT_CONFIG;	770	sk->sk_state = BT_CONFIG;
771	pi->chan->state = BT_CONFIG;	771	pi->chan->state = BT_CONFIG;
772		772
773	__l2cap_connect_rsp_defer(pi->chan);	773	__l2cap_connect_rsp_defer(pi->chan);
774	release_sock(sk);	774	release_sock(sk);
775	return 0;	775	return 0;
776	}	776	}
777		777
778	release_sock(sk);	778	release_sock(sk);
779		779
780	if (sock->type == SOCK_STREAM)	780	if (sock->type == SOCK_STREAM)
781	err = bt_sock_stream_recvmsg(iocb, sock, msg, len, flags);	781	err = bt_sock_stream_recvmsg(iocb, sock, msg, len, flags);
782	else	782	else
783	err = bt_sock_recvmsg(iocb, sock, msg, len, flags);	783	err = bt_sock_recvmsg(iocb, sock, msg, len, flags);
784		784
785	if (pi->chan->mode != L2CAP_MODE_ERTM)	785	if (pi->chan->mode != L2CAP_MODE_ERTM)
786	return err;	786	return err;
787		787
788	/* Attempt to put pending rx data in the socket buffer */	788	/* Attempt to put pending rx data in the socket buffer */
789		789
790	lock_sock(sk);	790	lock_sock(sk);
791		791
792	if (!test_bit(CONN_LOCAL_BUSY, &pi->chan->conn_state))	792	if (!test_bit(CONN_LOCAL_BUSY, &pi->chan->conn_state))
793	goto done;	793	goto done;
794		794
795	if (pi->rx_busy_skb) {	795	if (pi->rx_busy_skb) {
796	if (!sock_queue_rcv_skb(sk, pi->rx_busy_skb))	796	if (!sock_queue_rcv_skb(sk, pi->rx_busy_skb))
797	pi->rx_busy_skb = NULL;	797	pi->rx_busy_skb = NULL;
798	else	798	else
799	goto done;	799	goto done;
800	}	800	}
801		801
802	/* Restore data flow when half of the receive buffer is	802	/* Restore data flow when half of the receive buffer is
803	* available. This avoids resending large numbers of	803	* available. This avoids resending large numbers of
804	* frames.	804	* frames.
805	*/	805	*/
806	if (atomic_read(&sk->sk_rmem_alloc) <= sk->sk_rcvbuf >> 1)	806	if (atomic_read(&sk->sk_rmem_alloc) <= sk->sk_rcvbuf >> 1)
807	l2cap_chan_busy(pi->chan, 0);	807	l2cap_chan_busy(pi->chan, 0);
808		808
809	done:	809	done:
810	release_sock(sk);	810	release_sock(sk);
811	return err;	811	return err;
812	}	812	}
813		813
814	/* Kill socket (only if zapped and orphan)	814	/* Kill socket (only if zapped and orphan)
815	* Must be called on unlocked socket.	815	* Must be called on unlocked socket.
816	*/	816	*/
817	static void l2cap_sock_kill(struct sock *sk)	817	static void l2cap_sock_kill(struct sock *sk)
818	{	818	{
819	if (!sock_flag(sk, SOCK_ZAPPED) \|\| sk->sk_socket)	819	if (!sock_flag(sk, SOCK_ZAPPED) \|\| sk->sk_socket)
820	return;	820	return;
821		821
822	BT_DBG("sk %p state %s", sk, state_to_string(sk->sk_state));	822	BT_DBG("sk %p state %s", sk, state_to_string(sk->sk_state));
823		823
824	/* Kill poor orphan */	824	/* Kill poor orphan */
825		825
826	l2cap_chan_destroy(l2cap_pi(sk)->chan);	826	l2cap_chan_destroy(l2cap_pi(sk)->chan);
827	sock_set_flag(sk, SOCK_DEAD);	827	sock_set_flag(sk, SOCK_DEAD);
828	sock_put(sk);	828	sock_put(sk);
829	}	829	}
830		830
831	static int l2cap_sock_shutdown(struct socket *sock, int how)	831	static int l2cap_sock_shutdown(struct socket *sock, int how)
832	{	832	{
833	struct sock *sk = sock->sk;	833	struct sock *sk = sock->sk;
834	struct l2cap_chan *chan;	834	struct l2cap_chan *chan;
835	struct l2cap_conn *conn;	835	struct l2cap_conn *conn;
836	int err = 0;	836	int err = 0;
837		837
838	BT_DBG("sock %p, sk %p", sock, sk);	838	BT_DBG("sock %p, sk %p", sock, sk);
839		839
840	if (!sk)	840	if (!sk)
841	return 0;	841	return 0;
842		842
843	chan = l2cap_pi(sk)->chan;	843	chan = l2cap_pi(sk)->chan;
844	conn = chan->conn;	844	conn = chan->conn;
845		845
846	if (conn)	846	if (conn)
847	mutex_lock(&conn->chan_lock);	847	mutex_lock(&conn->chan_lock);
848		848
849	l2cap_chan_lock(chan);	849	l2cap_chan_lock(chan);
850	lock_sock(sk);	850	lock_sock(sk);
851		851
852	if (!sk->sk_shutdown) {	852	if (!sk->sk_shutdown) {
853	if (chan->mode == L2CAP_MODE_ERTM)	853	if (chan->mode == L2CAP_MODE_ERTM)
854	err = __l2cap_wait_ack(sk);	854	err = __l2cap_wait_ack(sk);
855		855
856	sk->sk_shutdown = SHUTDOWN_MASK;	856	sk->sk_shutdown = SHUTDOWN_MASK;
857		857
858	release_sock(sk);	858	release_sock(sk);
859	l2cap_chan_close(chan, 0);	859	l2cap_chan_close(chan, 0);
860	lock_sock(sk);	860	lock_sock(sk);
861		861
862	if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime)	862	if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime)
863	err = bt_sock_wait_state(sk, BT_CLOSED,	863	err = bt_sock_wait_state(sk, BT_CLOSED,
864	sk->sk_lingertime);	864	sk->sk_lingertime);
865	}	865	}
866		866
867	if (!err && sk->sk_err)	867	if (!err && sk->sk_err)
868	err = -sk->sk_err;	868	err = -sk->sk_err;
869		869
870	release_sock(sk);	870	release_sock(sk);
871	l2cap_chan_unlock(chan);	871	l2cap_chan_unlock(chan);
872		872
873	if (conn)	873	if (conn)
874	mutex_unlock(&conn->chan_lock);	874	mutex_unlock(&conn->chan_lock);
875		875
876	return err;	876	return err;
877	}	877	}
878		878
879	static int l2cap_sock_release(struct socket *sock)	879	static int l2cap_sock_release(struct socket *sock)
880	{	880	{
881	struct sock *sk = sock->sk;	881	struct sock *sk = sock->sk;
882	int err;	882	int err;
883		883
884	BT_DBG("sock %p, sk %p", sock, sk);	884	BT_DBG("sock %p, sk %p", sock, sk);
885		885
886	if (!sk)	886	if (!sk)
887	return 0;	887	return 0;
888		888
889	err = l2cap_sock_shutdown(sock, 2);	889	err = l2cap_sock_shutdown(sock, 2);
890		890
891	sock_orphan(sk);	891	sock_orphan(sk);
892	l2cap_sock_kill(sk);	892	l2cap_sock_kill(sk);
893	return err;	893	return err;
894	}	894	}
895		895
896	static void l2cap_sock_cleanup_listen(struct sock *parent)	896	static void l2cap_sock_cleanup_listen(struct sock *parent)
897	{	897	{
898	struct sock *sk;	898	struct sock *sk;
899		899
900	BT_DBG("parent %p", parent);	900	BT_DBG("parent %p", parent);
901		901
902	/* Close not yet accepted channels */	902	/* Close not yet accepted channels */
903	while ((sk = bt_accept_dequeue(parent, NULL))) {	903	while ((sk = bt_accept_dequeue(parent, NULL))) {
904	struct l2cap_chan *chan = l2cap_pi(sk)->chan;	904	struct l2cap_chan *chan = l2cap_pi(sk)->chan;
905		905
906	l2cap_chan_lock(chan);	906	l2cap_chan_lock(chan);
907	__clear_chan_timer(chan);	907	__clear_chan_timer(chan);
908	l2cap_chan_close(chan, ECONNRESET);	908	l2cap_chan_close(chan, ECONNRESET);
909	l2cap_chan_unlock(chan);	909	l2cap_chan_unlock(chan);
910		910
911	l2cap_sock_kill(sk);	911	l2cap_sock_kill(sk);
912	}	912	}
913	}	913	}
914		914
915	static struct l2cap_chan l2cap_sock_new_connection_cb(struct l2cap_chan chan)	915	static struct l2cap_chan l2cap_sock_new_connection_cb(struct l2cap_chan chan)
916	{	916	{
917	struct sock sk, parent = chan->data;	917	struct sock sk, parent = chan->data;
918		918
919	/* Check for backlog size */	919	/* Check for backlog size */
920	if (sk_acceptq_is_full(parent)) {	920	if (sk_acceptq_is_full(parent)) {
921	BT_DBG("backlog full %d", parent->sk_ack_backlog);	921	BT_DBG("backlog full %d", parent->sk_ack_backlog);
922	return NULL;	922	return NULL;
923	}	923	}
924		924
925	sk = l2cap_sock_alloc(sock_net(parent), NULL, BTPROTO_L2CAP,	925	sk = l2cap_sock_alloc(sock_net(parent), NULL, BTPROTO_L2CAP,
926	GFP_ATOMIC);	926	GFP_ATOMIC);
927	if (!sk)	927	if (!sk)
928	return NULL;	928	return NULL;
929		929
930	bt_sock_reclassify_lock(sk, BTPROTO_L2CAP);	930	bt_sock_reclassify_lock(sk, BTPROTO_L2CAP);
931		931
932	l2cap_sock_init(sk, parent);	932	l2cap_sock_init(sk, parent);
933		933
934	return l2cap_pi(sk)->chan;	934	return l2cap_pi(sk)->chan;
935	}	935	}
936		936
937	static int l2cap_sock_recv_cb(struct l2cap_chan chan, struct sk_buff skb)	937	static int l2cap_sock_recv_cb(struct l2cap_chan chan, struct sk_buff skb)
938	{	938	{
939	int err;	939	int err;
940	struct sock *sk = chan->data;	940	struct sock *sk = chan->data;
941	struct l2cap_pinfo *pi = l2cap_pi(sk);	941	struct l2cap_pinfo *pi = l2cap_pi(sk);
942		942
943	lock_sock(sk);	943	lock_sock(sk);
944		944
945	if (pi->rx_busy_skb) {	945	if (pi->rx_busy_skb) {
946	err = -ENOMEM;	946	err = -ENOMEM;
947	goto done;	947	goto done;
948	}	948	}
949		949
950	err = sock_queue_rcv_skb(sk, skb);	950	err = sock_queue_rcv_skb(sk, skb);
951		951
952	/* For ERTM, handle one skb that doesn't fit into the recv	952	/* For ERTM, handle one skb that doesn't fit into the recv
953	* buffer. This is important to do because the data frames	953	* buffer. This is important to do because the data frames
954	* have already been acked, so the skb cannot be discarded.	954	* have already been acked, so the skb cannot be discarded.
955	*	955	*
956	* Notify the l2cap core that the buffer is full, so the	956	* Notify the l2cap core that the buffer is full, so the
957	* LOCAL_BUSY state is entered and no more frames are	957	* LOCAL_BUSY state is entered and no more frames are
958	* acked and reassembled until there is buffer space	958	* acked and reassembled until there is buffer space
959	* available.	959	* available.
960	*/	960	*/
961	if (err < 0 && pi->chan->mode == L2CAP_MODE_ERTM) {	961	if (err < 0 && pi->chan->mode == L2CAP_MODE_ERTM) {
962	pi->rx_busy_skb = skb;	962	pi->rx_busy_skb = skb;
963	l2cap_chan_busy(pi->chan, 1);	963	l2cap_chan_busy(pi->chan, 1);
964	err = 0;	964	err = 0;
965	}	965	}
966		966
967	done:	967	done:
968	release_sock(sk);	968	release_sock(sk);
969		969
970	return err;	970	return err;
971	}	971	}
972		972
973	static void l2cap_sock_close_cb(struct l2cap_chan *chan)	973	static void l2cap_sock_close_cb(struct l2cap_chan *chan)
974	{	974	{
975	struct sock *sk = chan->data;	975	struct sock *sk = chan->data;
976		976
977	l2cap_sock_kill(sk);	977	l2cap_sock_kill(sk);
978	}	978	}
979		979
980	static void l2cap_sock_teardown_cb(struct l2cap_chan *chan, int err)	980	static void l2cap_sock_teardown_cb(struct l2cap_chan *chan, int err)
981	{	981	{
982	struct sock *sk = chan->data;	982	struct sock *sk = chan->data;
983	struct sock *parent;	983	struct sock *parent;
984		984
985	lock_sock(sk);	985	lock_sock(sk);
986		986
987	parent = bt_sk(sk)->parent;	987	parent = bt_sk(sk)->parent;
988		988
989	sock_set_flag(sk, SOCK_ZAPPED);	989	sock_set_flag(sk, SOCK_ZAPPED);
990		990
991	switch (chan->state) {	991	switch (chan->state) {
992	case BT_OPEN:	992	case BT_OPEN:
993	case BT_BOUND:	993	case BT_BOUND:
994	case BT_CLOSED:	994	case BT_CLOSED:
995	break;	995	break;
996	case BT_LISTEN:	996	case BT_LISTEN:
997	l2cap_sock_cleanup_listen(sk);	997	l2cap_sock_cleanup_listen(sk);
998	sk->sk_state = BT_CLOSED;	998	sk->sk_state = BT_CLOSED;
999	chan->state = BT_CLOSED;	999	chan->state = BT_CLOSED;
1000		1000
1001	break;	1001	break;
1002	default:	1002	default:
1003	sk->sk_state = BT_CLOSED;	1003	sk->sk_state = BT_CLOSED;
1004	chan->state = BT_CLOSED;	1004	chan->state = BT_CLOSED;
1005		1005
1006	sk->sk_err = err;	1006	sk->sk_err = err;
1007		1007
1008	if (parent) {	1008	if (parent) {
1009	bt_accept_unlink(sk);	1009	bt_accept_unlink(sk);
1010	parent->sk_data_ready(parent, 0);	1010	parent->sk_data_ready(parent, 0);
1011	} else {	1011	} else {
1012	sk->sk_state_change(sk);	1012	sk->sk_state_change(sk);
1013	}	1013	}
1014		1014
1015	break;	1015	break;
1016	}	1016	}
1017		1017
1018	release_sock(sk);	1018	release_sock(sk);
1019	}	1019	}
1020		1020
1021	static void l2cap_sock_state_change_cb(struct l2cap_chan *chan, int state)	1021	static void l2cap_sock_state_change_cb(struct l2cap_chan *chan, int state)
1022	{	1022	{
1023	struct sock *sk = chan->data;	1023	struct sock *sk = chan->data;
1024		1024
1025	sk->sk_state = state;	1025	sk->sk_state = state;
1026	}	1026	}
1027		1027
1028	static struct sk_buff l2cap_sock_alloc_skb_cb(struct l2cap_chan chan,	1028	static struct sk_buff l2cap_sock_alloc_skb_cb(struct l2cap_chan chan,
1029	unsigned long len, int nb)	1029	unsigned long len, int nb)
1030	{	1030	{
1031	struct sk_buff *skb;	1031	struct sk_buff *skb;
1032	int err;	1032	int err;
1033		1033
1034	l2cap_chan_unlock(chan);	1034	l2cap_chan_unlock(chan);
1035	skb = bt_skb_send_alloc(chan->sk, len, nb, &err);	1035	skb = bt_skb_send_alloc(chan->sk, len, nb, &err);
1036	l2cap_chan_lock(chan);	1036	l2cap_chan_lock(chan);
1037		1037
1038	if (!skb)	1038	if (!skb)
1039	return ERR_PTR(err);	1039	return ERR_PTR(err);
1040		1040
1041	return skb;	1041	return skb;
1042	}	1042	}
1043		1043
1044	static void l2cap_sock_ready_cb(struct l2cap_chan *chan)	1044	static void l2cap_sock_ready_cb(struct l2cap_chan *chan)
1045	{	1045	{
1046	struct sock *sk = chan->data;	1046	struct sock *sk = chan->data;
1047	struct sock *parent;	1047	struct sock *parent;
1048		1048
1049	lock_sock(sk);	1049	lock_sock(sk);
1050		1050
1051	parent = bt_sk(sk)->parent;	1051	parent = bt_sk(sk)->parent;
1052		1052
1053	BT_DBG("sk %p, parent %p", sk, parent);	1053	BT_DBG("sk %p, parent %p", sk, parent);
1054		1054
1055	sk->sk_state = BT_CONNECTED;	1055	sk->sk_state = BT_CONNECTED;
1056	sk->sk_state_change(sk);	1056	sk->sk_state_change(sk);
1057		1057
1058	if (parent)	1058	if (parent)
1059	parent->sk_data_ready(parent, 0);	1059	parent->sk_data_ready(parent, 0);
1060		1060
1061	release_sock(sk);	1061	release_sock(sk);
1062	}	1062	}
1063		1063
1064	static struct l2cap_ops l2cap_chan_ops = {	1064	static struct l2cap_ops l2cap_chan_ops = {
1065	.name = "L2CAP Socket Interface",	1065	.name = "L2CAP Socket Interface",
1066	.new_connection = l2cap_sock_new_connection_cb,	1066	.new_connection = l2cap_sock_new_connection_cb,
1067	.recv = l2cap_sock_recv_cb,	1067	.recv = l2cap_sock_recv_cb,
1068	.close = l2cap_sock_close_cb,	1068	.close = l2cap_sock_close_cb,
1069	.teardown = l2cap_sock_teardown_cb,	1069	.teardown = l2cap_sock_teardown_cb,
1070	.state_change = l2cap_sock_state_change_cb,	1070	.state_change = l2cap_sock_state_change_cb,
1071	.ready = l2cap_sock_ready_cb,	1071	.ready = l2cap_sock_ready_cb,
1072	.alloc_skb = l2cap_sock_alloc_skb_cb,	1072	.alloc_skb = l2cap_sock_alloc_skb_cb,
1073	};	1073	};
1074		1074
1075	static void l2cap_sock_destruct(struct sock *sk)	1075	static void l2cap_sock_destruct(struct sock *sk)
1076	{	1076	{
1077	BT_DBG("sk %p", sk);	1077	BT_DBG("sk %p", sk);
1078		1078
1079	l2cap_chan_put(l2cap_pi(sk)->chan);	1079	l2cap_chan_put(l2cap_pi(sk)->chan);
1080	if (l2cap_pi(sk)->rx_busy_skb) {	1080	if (l2cap_pi(sk)->rx_busy_skb) {
1081	kfree_skb(l2cap_pi(sk)->rx_busy_skb);	1081	kfree_skb(l2cap_pi(sk)->rx_busy_skb);
1082	l2cap_pi(sk)->rx_busy_skb = NULL;	1082	l2cap_pi(sk)->rx_busy_skb = NULL;
1083	}	1083	}
1084		1084
1085	skb_queue_purge(&sk->sk_receive_queue);	1085	skb_queue_purge(&sk->sk_receive_queue);
1086	skb_queue_purge(&sk->sk_write_queue);	1086	skb_queue_purge(&sk->sk_write_queue);
1087	}	1087	}
1088		1088
1089	static void l2cap_sock_init(struct sock sk, struct sock parent)	1089	static void l2cap_sock_init(struct sock sk, struct sock parent)
1090	{	1090	{
1091	struct l2cap_pinfo *pi = l2cap_pi(sk);	1091	struct l2cap_pinfo *pi = l2cap_pi(sk);
1092	struct l2cap_chan *chan = pi->chan;	1092	struct l2cap_chan *chan = pi->chan;
1093		1093
1094	BT_DBG("sk %p", sk);	1094	BT_DBG("sk %p", sk);
1095		1095
1096	if (parent) {	1096	if (parent) {
1097	struct l2cap_chan *pchan = l2cap_pi(parent)->chan;	1097	struct l2cap_chan *pchan = l2cap_pi(parent)->chan;
1098		1098
1099	sk->sk_type = parent->sk_type;	1099	sk->sk_type = parent->sk_type;
1100	bt_sk(sk)->flags = bt_sk(parent)->flags;	1100	bt_sk(sk)->flags = bt_sk(parent)->flags;
1101		1101
1102	chan->chan_type = pchan->chan_type;	1102	chan->chan_type = pchan->chan_type;
1103	chan->imtu = pchan->imtu;	1103	chan->imtu = pchan->imtu;
1104	chan->omtu = pchan->omtu;	1104	chan->omtu = pchan->omtu;
1105	chan->conf_state = pchan->conf_state;	1105	chan->conf_state = pchan->conf_state;
1106	chan->mode = pchan->mode;	1106	chan->mode = pchan->mode;
1107	chan->fcs = pchan->fcs;	1107	chan->fcs = pchan->fcs;
1108	chan->max_tx = pchan->max_tx;	1108	chan->max_tx = pchan->max_tx;
1109	chan->tx_win = pchan->tx_win;	1109	chan->tx_win = pchan->tx_win;
1110	chan->tx_win_max = pchan->tx_win_max;	1110	chan->tx_win_max = pchan->tx_win_max;
1111	chan->sec_level = pchan->sec_level;	1111	chan->sec_level = pchan->sec_level;
1112	chan->flags = pchan->flags;	1112	chan->flags = pchan->flags;
1113		1113
1114	security_sk_clone(parent, sk);	1114	security_sk_clone(parent, sk);
1115	} else {	1115	} else {
1116		1116
1117	switch (sk->sk_type) {	1117	switch (sk->sk_type) {
1118	case SOCK_RAW:	1118	case SOCK_RAW:
1119	chan->chan_type = L2CAP_CHAN_RAW;	1119	chan->chan_type = L2CAP_CHAN_RAW;
1120	break;	1120	break;
1121	case SOCK_DGRAM:	1121	case SOCK_DGRAM:
1122	chan->chan_type = L2CAP_CHAN_CONN_LESS;	1122	chan->chan_type = L2CAP_CHAN_CONN_LESS;
1123	break;	1123	break;
1124	case SOCK_SEQPACKET:	1124	case SOCK_SEQPACKET:
1125	case SOCK_STREAM:	1125	case SOCK_STREAM:
1126	chan->chan_type = L2CAP_CHAN_CONN_ORIENTED;	1126	chan->chan_type = L2CAP_CHAN_CONN_ORIENTED;
1127	break;	1127	break;
1128	}	1128	}
1129		1129
1130	chan->imtu = L2CAP_DEFAULT_MTU;	1130	chan->imtu = L2CAP_DEFAULT_MTU;
1131	chan->omtu = 0;	1131	chan->omtu = 0;
1132	if (!disable_ertm && sk->sk_type == SOCK_STREAM) {	1132	if (!disable_ertm && sk->sk_type == SOCK_STREAM) {
1133	chan->mode = L2CAP_MODE_ERTM;	1133	chan->mode = L2CAP_MODE_ERTM;
1134	set_bit(CONF_STATE2_DEVICE, &chan->conf_state);	1134	set_bit(CONF_STATE2_DEVICE, &chan->conf_state);
1135	} else {	1135	} else {
1136	chan->mode = L2CAP_MODE_BASIC;	1136	chan->mode = L2CAP_MODE_BASIC;
1137	}	1137	}
1138		1138
1139	l2cap_chan_set_defaults(chan);	1139	l2cap_chan_set_defaults(chan);
1140	}	1140	}
1141		1141
1142	/* Default config options */	1142	/* Default config options */
1143	chan->flush_to = L2CAP_DEFAULT_FLUSH_TO;	1143	chan->flush_to = L2CAP_DEFAULT_FLUSH_TO;
1144		1144
1145	chan->data = sk;	1145	chan->data = sk;
1146	chan->ops = &l2cap_chan_ops;	1146	chan->ops = &l2cap_chan_ops;
1147	}	1147	}
1148		1148
1149	static struct proto l2cap_proto = {	1149	static struct proto l2cap_proto = {
1150	.name = "L2CAP",	1150	.name = "L2CAP",
1151	.owner = THIS_MODULE,	1151	.owner = THIS_MODULE,
1152	.obj_size = sizeof(struct l2cap_pinfo)	1152	.obj_size = sizeof(struct l2cap_pinfo)
1153	};	1153	};
1154		1154
1155	static struct sock l2cap_sock_alloc(struct net net, struct socket *sock, int proto, gfp_t prio)	1155	static struct sock l2cap_sock_alloc(struct net net, struct socket *sock, int proto, gfp_t prio)
1156	{	1156	{
1157	struct sock *sk;	1157	struct sock *sk;
1158	struct l2cap_chan *chan;	1158	struct l2cap_chan *chan;
1159		1159
1160	sk = sk_alloc(net, PF_BLUETOOTH, prio, &l2cap_proto);	1160	sk = sk_alloc(net, PF_BLUETOOTH, prio, &l2cap_proto);
1161	if (!sk)	1161	if (!sk)
1162	return NULL;	1162	return NULL;
1163		1163
1164	sock_init_data(sock, sk);	1164	sock_init_data(sock, sk);
1165	INIT_LIST_HEAD(&bt_sk(sk)->accept_q);	1165	INIT_LIST_HEAD(&bt_sk(sk)->accept_q);
1166		1166
1167	sk->sk_destruct = l2cap_sock_destruct;	1167	sk->sk_destruct = l2cap_sock_destruct;
1168	sk->sk_sndtimeo = L2CAP_CONN_TIMEOUT;	1168	sk->sk_sndtimeo = L2CAP_CONN_TIMEOUT;
1169		1169
1170	sock_reset_flag(sk, SOCK_ZAPPED);	1170	sock_reset_flag(sk, SOCK_ZAPPED);
1171		1171
1172	sk->sk_protocol = proto;	1172	sk->sk_protocol = proto;
1173	sk->sk_state = BT_OPEN;	1173	sk->sk_state = BT_OPEN;
1174		1174
1175	chan = l2cap_chan_create();	1175	chan = l2cap_chan_create();
1176	if (!chan) {	1176	if (!chan) {
1177	l2cap_sock_kill(sk);	1177	l2cap_sock_kill(sk);
1178	return NULL;	1178	return NULL;
1179	}	1179	}
1180		1180
1181	l2cap_chan_hold(chan);	1181	l2cap_chan_hold(chan);
1182		1182
1183	chan->sk = sk;	1183	chan->sk = sk;
1184		1184
1185	l2cap_pi(sk)->chan = chan;	1185	l2cap_pi(sk)->chan = chan;
1186		1186
1187	return sk;	1187	return sk;
1188	}	1188	}
1189		1189
1190	static int l2cap_sock_create(struct net net, struct socket sock, int protocol,	1190	static int l2cap_sock_create(struct net net, struct socket sock, int protocol,
1191	int kern)	1191	int kern)
1192	{	1192	{
1193	struct sock *sk;	1193	struct sock *sk;
1194		1194
1195	BT_DBG("sock %p", sock);	1195	BT_DBG("sock %p", sock);
1196		1196
1197	sock->state = SS_UNCONNECTED;	1197	sock->state = SS_UNCONNECTED;
1198		1198
1199	if (sock->type != SOCK_SEQPACKET && sock->type != SOCK_STREAM &&	1199	if (sock->type != SOCK_SEQPACKET && sock->type != SOCK_STREAM &&
1200	sock->type != SOCK_DGRAM && sock->type != SOCK_RAW)	1200	sock->type != SOCK_DGRAM && sock->type != SOCK_RAW)
1201	return -ESOCKTNOSUPPORT;	1201	return -ESOCKTNOSUPPORT;
1202		1202
1203	if (sock->type == SOCK_RAW && !kern && !capable(CAP_NET_RAW))	1203	if (sock->type == SOCK_RAW && !kern && !capable(CAP_NET_RAW))
1204	return -EPERM;	1204	return -EPERM;
1205		1205
1206	sock->ops = &l2cap_sock_ops;	1206	sock->ops = &l2cap_sock_ops;
1207		1207
1208	sk = l2cap_sock_alloc(net, sock, protocol, GFP_ATOMIC);	1208	sk = l2cap_sock_alloc(net, sock, protocol, GFP_ATOMIC);
1209	if (!sk)	1209	if (!sk)
1210	return -ENOMEM;	1210	return -ENOMEM;
1211		1211
1212	l2cap_sock_init(sk, NULL);	1212	l2cap_sock_init(sk, NULL);
1213	return 0;	1213	return 0;
1214	}	1214	}
1215		1215
1216	static const struct proto_ops l2cap_sock_ops = {	1216	static const struct proto_ops l2cap_sock_ops = {
1217	.family = PF_BLUETOOTH,	1217	.family = PF_BLUETOOTH,
1218	.owner = THIS_MODULE,	1218	.owner = THIS_MODULE,
1219	.release = l2cap_sock_release,	1219	.release = l2cap_sock_release,
1220	.bind = l2cap_sock_bind,	1220	.bind = l2cap_sock_bind,
1221	.connect = l2cap_sock_connect,	1221	.connect = l2cap_sock_connect,
1222	.listen = l2cap_sock_listen,	1222	.listen = l2cap_sock_listen,
1223	.accept = l2cap_sock_accept,	1223	.accept = l2cap_sock_accept,
1224	.getname = l2cap_sock_getname,	1224	.getname = l2cap_sock_getname,
1225	.sendmsg = l2cap_sock_sendmsg,	1225	.sendmsg = l2cap_sock_sendmsg,
1226	.recvmsg = l2cap_sock_recvmsg,	1226	.recvmsg = l2cap_sock_recvmsg,
1227	.poll = bt_sock_poll,	1227	.poll = bt_sock_poll,
1228	.ioctl = bt_sock_ioctl,	1228	.ioctl = bt_sock_ioctl,
1229	.mmap = sock_no_mmap,	1229	.mmap = sock_no_mmap,
1230	.socketpair = sock_no_socketpair,	1230	.socketpair = sock_no_socketpair,
1231	.shutdown = l2cap_sock_shutdown,	1231	.shutdown = l2cap_sock_shutdown,
1232	.setsockopt = l2cap_sock_setsockopt,	1232	.setsockopt = l2cap_sock_setsockopt,
1233	.getsockopt = l2cap_sock_getsockopt	1233	.getsockopt = l2cap_sock_getsockopt
1234	};	1234	};
1235		1235
1236	static const struct net_proto_family l2cap_sock_family_ops = {	1236	static const struct net_proto_family l2cap_sock_family_ops = {
1237	.family = PF_BLUETOOTH,	1237	.family = PF_BLUETOOTH,
1238	.owner = THIS_MODULE,	1238	.owner = THIS_MODULE,
1239	.create = l2cap_sock_create,	1239	.create = l2cap_sock_create,
1240	};	1240	};
1241		1241
1242	int __init l2cap_init_sockets(void)	1242	int __init l2cap_init_sockets(void)
1243	{	1243	{
1244	int err;	1244	int err;
1245		1245
1246	err = proto_register(&l2cap_proto, 0);	1246	err = proto_register(&l2cap_proto, 0);
1247	if (err < 0)	1247	if (err < 0)
1248	return err;	1248	return err;
1249		1249
1250	err = bt_sock_register(BTPROTO_L2CAP, &l2cap_sock_family_ops);	1250	err = bt_sock_register(BTPROTO_L2CAP, &l2cap_sock_family_ops);
1251	if (err < 0)	1251	if (err < 0)
1252	goto error;	1252	goto error;
1253		1253
1254	BT_INFO("L2CAP socket layer initialized");	1254	BT_INFO("L2CAP socket layer initialized");
1255		1255
1256	return 0;	1256	return 0;
1257		1257
1258	error:	1258	error:
1259	BT_ERR("L2CAP socket registration failed");	1259	BT_ERR("L2CAP socket registration failed");
1260	proto_unregister(&l2cap_proto);	1260	proto_unregister(&l2cap_proto);
1261	return err;	1261	return err;
1262	}	1262	}
1263		1263
1264	void l2cap_cleanup_sockets(void)	1264	void l2cap_cleanup_sockets(void)
1265	{	1265	{
1266	if (bt_sock_unregister(BTPROTO_L2CAP) < 0)	1266	if (bt_sock_unregister(BTPROTO_L2CAP) < 0)
1267	BT_ERR("L2CAP socket unregistration failed");	1267	BT_ERR("L2CAP socket unregistration failed");
1268		1268
1269	proto_unregister(&l2cap_proto);	1269	proto_unregister(&l2cap_proto);
1270	}	1270	}
1271		1271