projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: Enable per-module dynamic debug messages
[GitHub/mt8127/android_kernel_alcatel_ttab.git] / net / bluetooth / l2cap.c
CommitLineData
8e87d142 1/*
1da177e4
LT		 2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
4
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
8e87d142
YH		 15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
1da177e4
LT		 18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
8e87d142
YH		 20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
1da177e4
LT		 22 SOFTWARE IS DISCLAIMED.
23*/
24
25/* Bluetooth L2CAP core and sockets. */
26
1da177e4
LT		 27#include <linux/module.h>
28
29#include <linux/types.h>
4fc268d2 30#include <linux/capability.h>
1da177e4
LT		 31#include <linux/errno.h>
32#include <linux/kernel.h>
1da177e4
LT		 33#include <linux/sched.h>
34#include <linux/slab.h>
35#include <linux/poll.h>
36#include <linux/fcntl.h>
37#include <linux/init.h>
38#include <linux/interrupt.h>
39#include <linux/socket.h>
40#include <linux/skbuff.h>
1da177e4 41#include <linux/list.h>
be9d1227 42#include <linux/device.h>
1da177e4
LT		 43#include <net/sock.h>
44
45#include <asm/system.h>
46#include <asm/uaccess.h>
47#include <asm/unaligned.h>
48
49#include <net/bluetooth/bluetooth.h>
50#include <net/bluetooth/hci_core.h>
51#include <net/bluetooth/l2cap.h>
52
09ab6f4c 53#define VERSION "2.11"
f0709e03
MH		 54
55static u32 l2cap_feat_mask = 0x0000;
1da177e4 56
90ddc4f0 57static const struct proto_ops l2cap_sock_ops;
1da177e4
LT		 58
59static struct bt_sock_list l2cap_sk_list = {
d5fb2962 60 .lock = __RW_LOCK_UNLOCKED(l2cap_sk_list.lock)
1da177e4
LT		 61};
62
1da177e4
LT		 63static void __l2cap_sock_close(struct sock *sk, int reason);
64static void l2cap_sock_close(struct sock *sk);
65static void l2cap_sock_kill(struct sock *sk);
66
67static struct sk_buff *l2cap_build_cmd(struct l2cap_conn *conn,
68 u8 code, u8 ident, u16 dlen, void *data);
69
70/* ---- L2CAP timers ---- */
71static void l2cap_sock_timeout(unsigned long arg)
72{
73 struct sock *sk = (struct sock *) arg;
b1235d79 74 int reason;
1da177e4
LT		 75
76 BT_DBG("sock %p state %d", sk, sk->sk_state);
77
78 bh_lock_sock(sk);
b1235d79
MH		 79
80 if (sk->sk_state == BT_CONNECT &&
81 (l2cap_pi(sk)->link_mode & (L2CAP_LM_AUTH |
82 L2CAP_LM_ENCRYPT | L2CAP_LM_SECURE)))
83 reason = ECONNREFUSED;
84 else
85 reason = ETIMEDOUT;
86
87 __l2cap_sock_close(sk, reason);
88
1da177e4
LT		 89 bh_unlock_sock(sk);
90
91 l2cap_sock_kill(sk);
92 sock_put(sk);
93}
94
95static void l2cap_sock_set_timer(struct sock *sk, long timeout)
96{
97 BT_DBG("sk %p state %d timeout %ld", sk, sk->sk_state, timeout);
98 sk_reset_timer(sk, &sk->sk_timer, jiffies + timeout);
99}
100
101static void l2cap_sock_clear_timer(struct sock *sk)
102{
103 BT_DBG("sock %p state %d", sk, sk->sk_state);
104 sk_stop_timer(sk, &sk->sk_timer);
105}
106
0139418c
MH		 107/* ---- L2CAP channels ---- */
108static struct sock *__l2cap_get_chan_by_dcid(struct l2cap_chan_list *l, u16 cid)
109{
110 struct sock *s;
111 for (s = l->head; s; s = l2cap_pi(s)->next_c) {
112 if (l2cap_pi(s)->dcid == cid)
113 break;
114 }
115 return s;
116}
117
118static struct sock *__l2cap_get_chan_by_scid(struct l2cap_chan_list *l, u16 cid)
119{
120 struct sock *s;
121 for (s = l->head; s; s = l2cap_pi(s)->next_c) {
122 if (l2cap_pi(s)->scid == cid)
123 break;
124 }
125 return s;
126}
127
128/* Find channel with given SCID.
129 * Returns locked socket */
130static inline struct sock *l2cap_get_chan_by_scid(struct l2cap_chan_list *l, u16 cid)
131{
132 struct sock *s;
133 read_lock(&l->lock);
134 s = __l2cap_get_chan_by_scid(l, cid);
135 if (s) bh_lock_sock(s);
136 read_unlock(&l->lock);
137 return s;
138}
139
140static struct sock *__l2cap_get_chan_by_ident(struct l2cap_chan_list *l, u8 ident)
141{
142 struct sock *s;
143 for (s = l->head; s; s = l2cap_pi(s)->next_c) {
144 if (l2cap_pi(s)->ident == ident)
145 break;
146 }
147 return s;
148}
149
150static inline struct sock *l2cap_get_chan_by_ident(struct l2cap_chan_list *l, u8 ident)
151{
152 struct sock *s;
153 read_lock(&l->lock);
154 s = __l2cap_get_chan_by_ident(l, ident);
155 if (s) bh_lock_sock(s);
156 read_unlock(&l->lock);
157 return s;
158}
159
160static u16 l2cap_alloc_cid(struct l2cap_chan_list *l)
161{
162 u16 cid = 0x0040;
163
164 for (; cid < 0xffff; cid++) {
165 if(!__l2cap_get_chan_by_scid(l, cid))
166 return cid;
167 }
168
169 return 0;
170}
171
172static inline void __l2cap_chan_link(struct l2cap_chan_list *l, struct sock *sk)
173{
174 sock_hold(sk);
175
176 if (l->head)
177 l2cap_pi(l->head)->prev_c = sk;
178
179 l2cap_pi(sk)->next_c = l->head;
180 l2cap_pi(sk)->prev_c = NULL;
181 l->head = sk;
182}
183
184static inline void l2cap_chan_unlink(struct l2cap_chan_list *l, struct sock *sk)
185{
186 struct sock *next = l2cap_pi(sk)->next_c, *prev = l2cap_pi(sk)->prev_c;
187
fd1278d7 188 write_lock_bh(&l->lock);
0139418c
MH		 189 if (sk == l->head)
190 l->head = next;
191
192 if (next)
193 l2cap_pi(next)->prev_c = prev;
194 if (prev)
195 l2cap_pi(prev)->next_c = next;
fd1278d7 196 write_unlock_bh(&l->lock);
0139418c
MH		 197
198 __sock_put(sk);
199}
200
201static void __l2cap_chan_add(struct l2cap_conn *conn, struct sock *sk, struct sock *parent)
202{
203 struct l2cap_chan_list *l = &conn->chan_list;
204
205 BT_DBG("conn %p, psm 0x%2.2x, dcid 0x%4.4x", conn, l2cap_pi(sk)->psm, l2cap_pi(sk)->dcid);
206
207 l2cap_pi(sk)->conn = conn;
208
209 if (sk->sk_type == SOCK_SEQPACKET) {
210 /* Alloc CID for connection-oriented socket */
211 l2cap_pi(sk)->scid = l2cap_alloc_cid(l);
212 } else if (sk->sk_type == SOCK_DGRAM) {
213 /* Connectionless socket */
214 l2cap_pi(sk)->scid = 0x0002;
215 l2cap_pi(sk)->dcid = 0x0002;
216 l2cap_pi(sk)->omtu = L2CAP_DEFAULT_MTU;
217 } else {
218 /* Raw socket can send/recv signalling messages only */
219 l2cap_pi(sk)->scid = 0x0001;
220 l2cap_pi(sk)->dcid = 0x0001;
221 l2cap_pi(sk)->omtu = L2CAP_DEFAULT_MTU;
222 }
223
224 __l2cap_chan_link(l, sk);
225
226 if (parent)
227 bt_accept_enqueue(parent, sk);
228}
229
8e87d142 230/* Delete channel.
0139418c
MH		 231 * Must be called on the locked socket. */
232static void l2cap_chan_del(struct sock *sk, int err)
233{
234 struct l2cap_conn *conn = l2cap_pi(sk)->conn;
235 struct sock *parent = bt_sk(sk)->parent;
236
237 l2cap_sock_clear_timer(sk);
238
239 BT_DBG("sk %p, conn %p, err %d", sk, conn, err);
240
8e87d142 241 if (conn) {
0139418c
MH		 242 /* Unlink from channel list */
243 l2cap_chan_unlink(&conn->chan_list, sk);
244 l2cap_pi(sk)->conn = NULL;
245 hci_conn_put(conn->hcon);
246 }
247
b1235d79 248 sk->sk_state = BT_CLOSED;
0139418c
MH		 249 sock_set_flag(sk, SOCK_ZAPPED);
250
251 if (err)
252 sk->sk_err = err;
253
254 if (parent) {
255 bt_accept_unlink(sk);
256 parent->sk_data_ready(parent, 0);
257 } else
258 sk->sk_state_change(sk);
259}
260
79d554a6
MH		 261/* Service level security */
262static inline int l2cap_check_link_mode(struct sock *sk)
263{
264 struct l2cap_conn *conn = l2cap_pi(sk)->conn;
265
266 if ((l2cap_pi(sk)->link_mode & L2CAP_LM_ENCRYPT) ||
267 (l2cap_pi(sk)->link_mode & L2CAP_LM_SECURE))
268 return hci_conn_encrypt(conn->hcon);
269
270 if (l2cap_pi(sk)->link_mode & L2CAP_LM_AUTH)
271 return hci_conn_auth(conn->hcon);
272
273 return 1;
274}
275
4e8402a3
MH		 276static inline u8 l2cap_get_ident(struct l2cap_conn *conn)
277{
278 u8 id;
279
280 /* Get next available identificator.
281 * 1 - 128 are used by kernel.
282 * 129 - 199 are reserved.
283 * 200 - 254 are used by utilities like l2ping, etc.
284 */
285
286 spin_lock_bh(&conn->lock);
287
288 if (++conn->tx_ident > 128)
289 conn->tx_ident = 1;
290
291 id = conn->tx_ident;
292
293 spin_unlock_bh(&conn->lock);
294
295 return id;
296}
297
298static inline int l2cap_send_cmd(struct l2cap_conn *conn, u8 ident, u8 code, u16 len, void *data)
299{
300 struct sk_buff *skb = l2cap_build_cmd(conn, code, ident, len, data);
301
302 BT_DBG("code 0x%2.2x", code);
303
304 if (!skb)
305 return -ENOMEM;
306
307 return hci_send_acl(conn->hcon, skb, 0);
308}
309
79d554a6
MH		 310static void l2cap_do_start(struct sock *sk)
311{
312 struct l2cap_conn *conn = l2cap_pi(sk)->conn;
313
314 if (conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_SENT) {
b1235d79
MH		 315 if (l2cap_check_link_mode(sk)) {
316 struct l2cap_conn_req req;
317 req.scid = cpu_to_le16(l2cap_pi(sk)->scid);
318 req.psm = l2cap_pi(sk)->psm;
79d554a6 319
b1235d79 320 l2cap_pi(sk)->ident = l2cap_get_ident(conn);
79d554a6 321
b1235d79 322 l2cap_send_cmd(conn, l2cap_pi(sk)->ident,
79d554a6 323 L2CAP_CONN_REQ, sizeof(req), &req);
b1235d79 324 }
79d554a6
MH		 325 } else {
326 struct l2cap_info_req req;
327 req.type = cpu_to_le16(L2CAP_IT_FEAT_MASK);
328
329 conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_SENT;
330 conn->info_ident = l2cap_get_ident(conn);
331
332 mod_timer(&conn->info_timer, jiffies +
333 msecs_to_jiffies(L2CAP_INFO_TIMEOUT));
334
335 l2cap_send_cmd(conn, conn->info_ident,
336 L2CAP_INFO_REQ, sizeof(req), &req);
337 }
338}
339
1da177e4 340/* ---- L2CAP connections ---- */
4e8402a3
MH		 341static void l2cap_conn_start(struct l2cap_conn *conn)
342{
343 struct l2cap_chan_list *l = &conn->chan_list;
344 struct sock *sk;
345
346 BT_DBG("conn %p", conn);
347
348 read_lock(&l->lock);
349
350 for (sk = l->head; sk; sk = l2cap_pi(sk)->next_c) {
351 bh_lock_sock(sk);
352
353 if (sk->sk_type != SOCK_SEQPACKET) {
79d554a6
MH		 354 bh_unlock_sock(sk);
355 continue;
356 }
357
358 if (sk->sk_state == BT_CONNECT) {
b1235d79
MH		 359 if (l2cap_check_link_mode(sk)) {
360 struct l2cap_conn_req req;
361 req.scid = cpu_to_le16(l2cap_pi(sk)->scid);
362 req.psm = l2cap_pi(sk)->psm;
79d554a6 363
b1235d79 364 l2cap_pi(sk)->ident = l2cap_get_ident(conn);
79d554a6 365
b1235d79 366 l2cap_send_cmd(conn, l2cap_pi(sk)->ident,
4e8402a3 367 L2CAP_CONN_REQ, sizeof(req), &req);
b1235d79 368 }
79d554a6
MH		 369 } else if (sk->sk_state == BT_CONNECT2) {
370 struct l2cap_conn_rsp rsp;
371 rsp.scid = cpu_to_le16(l2cap_pi(sk)->dcid);
372 rsp.dcid = cpu_to_le16(l2cap_pi(sk)->scid);
373
374 if (l2cap_check_link_mode(sk)) {
375 sk->sk_state = BT_CONFIG;
376 rsp.result = cpu_to_le16(L2CAP_CR_SUCCESS);
377 rsp.status = cpu_to_le16(L2CAP_CS_NO_INFO);
378 } else {
379 rsp.result = cpu_to_le16(L2CAP_CR_PEND);
380 rsp.status = cpu_to_le16(L2CAP_CS_AUTHEN_PEND);
381 }
382
383 l2cap_send_cmd(conn, l2cap_pi(sk)->ident,
384 L2CAP_CONN_RSP, sizeof(rsp), &rsp);
4e8402a3
MH		 385 }
386
387 bh_unlock_sock(sk);
388 }
389
390 read_unlock(&l->lock);
391}
392
393static void l2cap_conn_ready(struct l2cap_conn *conn)
394{
79d554a6
MH		 395 struct l2cap_chan_list *l = &conn->chan_list;
396 struct sock *sk;
4e8402a3 397
79d554a6 398 BT_DBG("conn %p", conn);
4e8402a3 399
79d554a6 400 read_lock(&l->lock);
4e8402a3 401
79d554a6
MH		 402 for (sk = l->head; sk; sk = l2cap_pi(sk)->next_c) {
403 bh_lock_sock(sk);
4e8402a3 404
79d554a6
MH		 405 if (sk->sk_type != SOCK_SEQPACKET) {
406 l2cap_sock_clear_timer(sk);
407 sk->sk_state = BT_CONNECTED;
408 sk->sk_state_change(sk);
409 } else if (sk->sk_state == BT_CONNECT)
410 l2cap_do_start(sk);
4e8402a3 411
79d554a6 412 bh_unlock_sock(sk);
4e8402a3 413 }
79d554a6
MH		 414
415 read_unlock(&l->lock);
4e8402a3
MH		 416}
417
418/* Notify sockets that we cannot guaranty reliability anymore */
419static void l2cap_conn_unreliable(struct l2cap_conn *conn, int err)
420{
421 struct l2cap_chan_list *l = &conn->chan_list;
422 struct sock *sk;
423
424 BT_DBG("conn %p", conn);
425
426 read_lock(&l->lock);
427
428 for (sk = l->head; sk; sk = l2cap_pi(sk)->next_c) {
429 if (l2cap_pi(sk)->link_mode & L2CAP_LM_RELIABLE)
430 sk->sk_err = err;
431 }
432
433 read_unlock(&l->lock);
434}
435
436static void l2cap_info_timeout(unsigned long arg)
437{
438 struct l2cap_conn *conn = (void *) arg;
439
440 conn->info_ident = 0;
441
442 l2cap_conn_start(conn);
443}
444
1da177e4
LT		 445static struct l2cap_conn *l2cap_conn_add(struct hci_conn *hcon, u8 status)
446{
0139418c 447 struct l2cap_conn *conn = hcon->l2cap_data;
1da177e4 448
0139418c 449 if (conn || status)
1da177e4
LT		 450 return conn;
451
0139418c
MH		 452 conn = kzalloc(sizeof(struct l2cap_conn), GFP_ATOMIC);
453 if (!conn)
1da177e4 454 return NULL;
1da177e4
LT		 455
456 hcon->l2cap_data = conn;
457 conn->hcon = hcon;
458
0139418c
MH		 459 BT_DBG("hcon %p conn %p", hcon, conn);
460
1da177e4
LT		 461 conn->mtu = hcon->hdev->acl_mtu;
462 conn->src = &hcon->hdev->bdaddr;
463 conn->dst = &hcon->dst;
464
4e8402a3
MH		 465 conn->feat_mask = 0;
466
b1235d79
MH		 467 setup_timer(&conn->info_timer, l2cap_info_timeout,
468 (unsigned long) conn);
4e8402a3 469
1da177e4
LT		 470 spin_lock_init(&conn->lock);
471 rwlock_init(&conn->chan_list.lock);
472
1da177e4
LT		 473 return conn;
474}
475
0139418c 476static void l2cap_conn_del(struct hci_conn *hcon, int err)
1da177e4 477{
0139418c 478 struct l2cap_conn *conn = hcon->l2cap_data;
1da177e4
LT		 479 struct sock *sk;
480
0139418c
MH		 481 if (!conn)
482 return;
1da177e4
LT		 483
484 BT_DBG("hcon %p conn %p, err %d", hcon, conn, err);
485
486 if (conn->rx_skb)
487 kfree_skb(conn->rx_skb);
488
489 /* Kill channels */
490 while ((sk = conn->chan_list.head)) {
491 bh_lock_sock(sk);
492 l2cap_chan_del(sk, err);
493 bh_unlock_sock(sk);
494 l2cap_sock_kill(sk);
495 }
496
8e8440f5
DY		 497 if (conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_SENT)
498 del_timer_sync(&conn->info_timer);
3ab22731 499
1da177e4
LT		 500 hcon->l2cap_data = NULL;
501 kfree(conn);
1da177e4
LT		 502}
503
504static inline void l2cap_chan_add(struct l2cap_conn *conn, struct sock *sk, struct sock *parent)
505{
506 struct l2cap_chan_list *l = &conn->chan_list;
fd1278d7 507 write_lock_bh(&l->lock);
1da177e4 508 __l2cap_chan_add(conn, sk, parent);
fd1278d7 509 write_unlock_bh(&l->lock);
1da177e4
LT		 510}
511
1da177e4 512/* ---- Socket interface ---- */
8e036fc3 513static struct sock *__l2cap_get_sock_by_addr(__le16 psm, bdaddr_t *src)
1da177e4
LT		 514{
515 struct sock *sk;
516 struct hlist_node *node;
517 sk_for_each(sk, node, &l2cap_sk_list.head)
518 if (l2cap_pi(sk)->sport == psm && !bacmp(&bt_sk(sk)->src, src))
519 goto found;
520 sk = NULL;
521found:
522 return sk;
523}
524
525/* Find socket with psm and source bdaddr.
526 * Returns closest match.
527 */
8e036fc3 528static struct sock *__l2cap_get_sock_by_psm(int state, __le16 psm, bdaddr_t *src)
1da177e4
LT		 529{
530 struct sock *sk = NULL, *sk1 = NULL;
531 struct hlist_node *node;
532
533 sk_for_each(sk, node, &l2cap_sk_list.head) {
534 if (state && sk->sk_state != state)
535 continue;
536
537 if (l2cap_pi(sk)->psm == psm) {
538 /* Exact match. */
539 if (!bacmp(&bt_sk(sk)->src, src))
540 break;
541
542 /* Closest match */
543 if (!bacmp(&bt_sk(sk)->src, BDADDR_ANY))
544 sk1 = sk;
545 }
546 }
547 return node ? sk : sk1;
548}
549
550/* Find socket with given address (psm, src).
551 * Returns locked socket */
8e036fc3 552static inline struct sock *l2cap_get_sock_by_psm(int state, __le16 psm, bdaddr_t *src)
1da177e4
LT		 553{
554 struct sock *s;
555 read_lock(&l2cap_sk_list.lock);
556 s = __l2cap_get_sock_by_psm(state, psm, src);
557 if (s) bh_lock_sock(s);
558 read_unlock(&l2cap_sk_list.lock);
559 return s;
560}
561
562static void l2cap_sock_destruct(struct sock *sk)
563{
564 BT_DBG("sk %p", sk);
565
566 skb_queue_purge(&sk->sk_receive_queue);
567 skb_queue_purge(&sk->sk_write_queue);
568}
569
570static void l2cap_sock_cleanup_listen(struct sock *parent)
571{
572 struct sock *sk;
573
574 BT_DBG("parent %p", parent);
575
576 /* Close not yet accepted channels */
577 while ((sk = bt_accept_dequeue(parent, NULL)))
578 l2cap_sock_close(sk);
579
b1235d79 580 parent->sk_state = BT_CLOSED;
1da177e4
LT		 581 sock_set_flag(parent, SOCK_ZAPPED);
582}
583
584/* Kill socket (only if zapped and orphan)
585 * Must be called on unlocked socket.
586 */
587static void l2cap_sock_kill(struct sock *sk)
588{
589 if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket)
590 return;
591
592 BT_DBG("sk %p state %d", sk, sk->sk_state);
593
594 /* Kill poor orphan */
595 bt_sock_unlink(&l2cap_sk_list, sk);
596 sock_set_flag(sk, SOCK_DEAD);
597 sock_put(sk);
598}
599
600static void __l2cap_sock_close(struct sock *sk, int reason)
601{
602 BT_DBG("sk %p state %d socket %p", sk, sk->sk_state, sk->sk_socket);
603
604 switch (sk->sk_state) {
605 case BT_LISTEN:
606 l2cap_sock_cleanup_listen(sk);
607 break;
608
609 case BT_CONNECTED:
610 case BT_CONFIG:
611 case BT_CONNECT2:
612 if (sk->sk_type == SOCK_SEQPACKET) {
613 struct l2cap_conn *conn = l2cap_pi(sk)->conn;
614 struct l2cap_disconn_req req;
615
616 sk->sk_state = BT_DISCONN;
617 l2cap_sock_set_timer(sk, sk->sk_sndtimeo);
618
aca3192c
YH		 619 req.dcid = cpu_to_le16(l2cap_pi(sk)->dcid);
620 req.scid = cpu_to_le16(l2cap_pi(sk)->scid);
1da177e4
LT		 621 l2cap_send_cmd(conn, l2cap_get_ident(conn),
622 L2CAP_DISCONN_REQ, sizeof(req), &req);
b1235d79 623 } else
1da177e4 624 l2cap_chan_del(sk, reason);
1da177e4
LT		 625 break;
626
627 case BT_CONNECT:
628 case BT_DISCONN:
629 l2cap_chan_del(sk, reason);
630 break;
631
632 default:
633 sock_set_flag(sk, SOCK_ZAPPED);
634 break;
635 }
636}
637
638/* Must be called on unlocked socket. */
639static void l2cap_sock_close(struct sock *sk)
640{
641 l2cap_sock_clear_timer(sk);
642 lock_sock(sk);
643 __l2cap_sock_close(sk, ECONNRESET);
644 release_sock(sk);
645 l2cap_sock_kill(sk);
646}
647
648static void l2cap_sock_init(struct sock *sk, struct sock *parent)
649{
650 struct l2cap_pinfo *pi = l2cap_pi(sk);
651
652 BT_DBG("sk %p", sk);
653
654 if (parent) {
655 sk->sk_type = parent->sk_type;
656 pi->imtu = l2cap_pi(parent)->imtu;
657 pi->omtu = l2cap_pi(parent)->omtu;
658 pi->link_mode = l2cap_pi(parent)->link_mode;
659 } else {
660 pi->imtu = L2CAP_DEFAULT_MTU;
661 pi->omtu = 0;
662 pi->link_mode = 0;
663 }
664
665 /* Default config options */
5dee9e7c 666 pi->conf_len = 0;
1da177e4
LT		 667 pi->flush_to = L2CAP_DEFAULT_FLUSH_TO;
668}
669
670static struct proto l2cap_proto = {
671 .name = "L2CAP",
672 .owner = THIS_MODULE,
673 .obj_size = sizeof(struct l2cap_pinfo)
674};
675
1b8d7ae4 676static struct sock *l2cap_sock_alloc(struct net *net, struct socket *sock, int proto, gfp_t prio)
1da177e4
LT		 677{
678 struct sock *sk;
679
6257ff21 680 sk = sk_alloc(net, PF_BLUETOOTH, prio, &l2cap_proto);
1da177e4
LT		 681 if (!sk)
682 return NULL;
683
684 sock_init_data(sock, sk);
685 INIT_LIST_HEAD(&bt_sk(sk)->accept_q);
686
687 sk->sk_destruct = l2cap_sock_destruct;
4e8402a3 688 sk->sk_sndtimeo = msecs_to_jiffies(L2CAP_CONN_TIMEOUT);
1da177e4
LT		 689
690 sock_reset_flag(sk, SOCK_ZAPPED);
691
692 sk->sk_protocol = proto;
b1235d79 693 sk->sk_state = BT_OPEN;
1da177e4 694
b1235d79 695 setup_timer(&sk->sk_timer, l2cap_sock_timeout, (unsigned long) sk);
1da177e4
LT		 696
697 bt_sock_link(&l2cap_sk_list, sk);
698 return sk;
699}
700
1b8d7ae4 701static int l2cap_sock_create(struct net *net, struct socket *sock, int protocol)
1da177e4
LT		 702{
703 struct sock *sk;
704
705 BT_DBG("sock %p", sock);
706
707 sock->state = SS_UNCONNECTED;
708
709 if (sock->type != SOCK_SEQPACKET &&
710 sock->type != SOCK_DGRAM && sock->type != SOCK_RAW)
711 return -ESOCKTNOSUPPORT;
712
713 if (sock->type == SOCK_RAW && !capable(CAP_NET_RAW))
714 return -EPERM;
715
716 sock->ops = &l2cap_sock_ops;
717
1b8d7ae4 718 sk = l2cap_sock_alloc(net, sock, protocol, GFP_ATOMIC);
1da177e4
LT		 719 if (!sk)
720 return -ENOMEM;
721
722 l2cap_sock_init(sk, NULL);
723 return 0;
724}
725
726static int l2cap_sock_bind(struct socket *sock, struct sockaddr *addr, int addr_len)
727{
728 struct sockaddr_l2 *la = (struct sockaddr_l2 *) addr;
729 struct sock *sk = sock->sk;
730 int err = 0;
731
732 BT_DBG("sk %p, %s %d", sk, batostr(&la->l2_bdaddr), la->l2_psm);
733
734 if (!addr || addr->sa_family != AF_BLUETOOTH)
735 return -EINVAL;
736
737 lock_sock(sk);
738
739 if (sk->sk_state != BT_OPEN) {
740 err = -EBADFD;
741 goto done;
742 }
743
8e036fc3 744 if (la->l2_psm && btohs(la->l2_psm) < 0x1001 &&
847641d7
MH		 745 !capable(CAP_NET_BIND_SERVICE)) {
746 err = -EACCES;
747 goto done;
748 }
8e87d142 749
1da177e4
LT		 750 write_lock_bh(&l2cap_sk_list.lock);
751
752 if (la->l2_psm && __l2cap_get_sock_by_addr(la->l2_psm, &la->l2_bdaddr)) {
753 err = -EADDRINUSE;
754 } else {
755 /* Save source address */
756 bacpy(&bt_sk(sk)->src, &la->l2_bdaddr);
757 l2cap_pi(sk)->psm = la->l2_psm;
758 l2cap_pi(sk)->sport = la->l2_psm;
759 sk->sk_state = BT_BOUND;
760 }
761
762 write_unlock_bh(&l2cap_sk_list.lock);
763
764done:
765 release_sock(sk);
766 return err;
767}
768
769static int l2cap_do_connect(struct sock *sk)
770{
771 bdaddr_t *src = &bt_sk(sk)->src;
772 bdaddr_t *dst = &bt_sk(sk)->dst;
773 struct l2cap_conn *conn;
774 struct hci_conn *hcon;
775 struct hci_dev *hdev;
09ab6f4c 776 __u8 auth_type;
1da177e4
LT		 777 int err = 0;
778
779 BT_DBG("%s -> %s psm 0x%2.2x", batostr(src), batostr(dst), l2cap_pi(sk)->psm);
780
781 if (!(hdev = hci_get_route(dst, src)))
782 return -EHOSTUNREACH;
783
784 hci_dev_lock_bh(hdev);
785
786 err = -ENOMEM;
787
09ab6f4c
MH		 788 if (l2cap_pi(sk)->link_mode & L2CAP_LM_AUTH ||
789 l2cap_pi(sk)->link_mode & L2CAP_LM_ENCRYPT ||
790 l2cap_pi(sk)->link_mode & L2CAP_LM_SECURE) {
791 if (l2cap_pi(sk)->psm == cpu_to_le16(0x0001))
792 auth_type = HCI_AT_NO_BONDING_MITM;
793 else
794 auth_type = HCI_AT_GENERAL_BONDING_MITM;
795 } else {
796 if (l2cap_pi(sk)->psm == cpu_to_le16(0x0001))
797 auth_type = HCI_AT_NO_BONDING;
798 else
799 auth_type = HCI_AT_GENERAL_BONDING;
800 }
801
802 hcon = hci_connect(hdev, ACL_LINK, dst, auth_type);
1da177e4
LT		 803 if (!hcon)
804 goto done;
805
806 conn = l2cap_conn_add(hcon, 0);
807 if (!conn) {
808 hci_conn_put(hcon);
809 goto done;
810 }
811
812 err = 0;
813
814 /* Update source addr of the socket */
815 bacpy(src, conn->src);
816
817 l2cap_chan_add(conn, sk, NULL);
818
819 sk->sk_state = BT_CONNECT;
820 l2cap_sock_set_timer(sk, sk->sk_sndtimeo);
821
822 if (hcon->state == BT_CONNECTED) {
79d554a6 823 if (sk->sk_type != SOCK_SEQPACKET) {
1da177e4
LT		 824 l2cap_sock_clear_timer(sk);
825 sk->sk_state = BT_CONNECTED;
79d554a6
MH		 826 } else
827 l2cap_do_start(sk);
1da177e4
LT		 828 }
829
830done:
831 hci_dev_unlock_bh(hdev);
832 hci_dev_put(hdev);
833 return err;
834}
835
836static int l2cap_sock_connect(struct socket *sock, struct sockaddr *addr, int alen, int flags)
837{
838 struct sockaddr_l2 *la = (struct sockaddr_l2 *) addr;
839 struct sock *sk = sock->sk;
840 int err = 0;
841
842 lock_sock(sk);
843
844 BT_DBG("sk %p", sk);
845
846 if (addr->sa_family != AF_BLUETOOTH || alen < sizeof(struct sockaddr_l2)) {
847 err = -EINVAL;
848 goto done;
849 }
850
851 if (sk->sk_type == SOCK_SEQPACKET && !la->l2_psm) {
852 err = -EINVAL;
853 goto done;
854 }
855
856 switch(sk->sk_state) {
857 case BT_CONNECT:
858 case BT_CONNECT2:
859 case BT_CONFIG:
860 /* Already connecting */
861 goto wait;
862
863 case BT_CONNECTED:
864 /* Already connected */
865 goto done;
866
867 case BT_OPEN:
868 case BT_BOUND:
869 /* Can connect */
870 break;
871
872 default:
873 err = -EBADFD;
874 goto done;
875 }
876
877 /* Set destination address and psm */
878 bacpy(&bt_sk(sk)->dst, &la->l2_bdaddr);
879 l2cap_pi(sk)->psm = la->l2_psm;
880
881 if ((err = l2cap_do_connect(sk)))
882 goto done;
883
884wait:
885 err = bt_sock_wait_state(sk, BT_CONNECTED,
886 sock_sndtimeo(sk, flags & O_NONBLOCK));
887done:
888 release_sock(sk);
889 return err;
890}
891
892static int l2cap_sock_listen(struct socket *sock, int backlog)
893{
894 struct sock *sk = sock->sk;
895 int err = 0;
896
897 BT_DBG("sk %p backlog %d", sk, backlog);
898
899 lock_sock(sk);
900
901 if (sk->sk_state != BT_BOUND || sock->type != SOCK_SEQPACKET) {
902 err = -EBADFD;
903 goto done;
904 }
905
906 if (!l2cap_pi(sk)->psm) {
907 bdaddr_t *src = &bt_sk(sk)->src;
908 u16 psm;
909
910 err = -EINVAL;
911
912 write_lock_bh(&l2cap_sk_list.lock);
913
914 for (psm = 0x1001; psm < 0x1100; psm += 2)
6dc0c208 915 if (!__l2cap_get_sock_by_addr(htobs(psm), src)) {
1da177e4
LT		 916 l2cap_pi(sk)->psm = htobs(psm);
917 l2cap_pi(sk)->sport = htobs(psm);
918 err = 0;
919 break;
920 }
921
922 write_unlock_bh(&l2cap_sk_list.lock);
923
924 if (err < 0)
925 goto done;
926 }
927
928 sk->sk_max_ack_backlog = backlog;
929 sk->sk_ack_backlog = 0;
930 sk->sk_state = BT_LISTEN;
931
932done:
933 release_sock(sk);
934 return err;
935}
936
937static int l2cap_sock_accept(struct socket *sock, struct socket *newsock, int flags)
938{
939 DECLARE_WAITQUEUE(wait, current);
940 struct sock *sk = sock->sk, *nsk;
941 long timeo;
942 int err = 0;
943
fcc70d5f 944 lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
1da177e4
LT		 945
946 if (sk->sk_state != BT_LISTEN) {
947 err = -EBADFD;
948 goto done;
949 }
950
951 timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK);
952
953 BT_DBG("sk %p timeo %ld", sk, timeo);
954
955 /* Wait for an incoming connection. (wake-one). */
956 add_wait_queue_exclusive(sk->sk_sleep, &wait);
957 while (!(nsk = bt_accept_dequeue(sk, newsock))) {
958 set_current_state(TASK_INTERRUPTIBLE);
959 if (!timeo) {
960 err = -EAGAIN;
961 break;
962 }
963
964 release_sock(sk);
965 timeo = schedule_timeout(timeo);
fcc70d5f 966 lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
1da177e4
LT		 967
968 if (sk->sk_state != BT_LISTEN) {
969 err = -EBADFD;
970 break;
971 }
972
973 if (signal_pending(current)) {
974 err = sock_intr_errno(timeo);
975 break;
976 }
977 }
978 set_current_state(TASK_RUNNING);
979 remove_wait_queue(sk->sk_sleep, &wait);
980
981 if (err)
982 goto done;
983
984 newsock->state = SS_CONNECTED;
985
986 BT_DBG("new socket %p", nsk);
987
988done:
989 release_sock(sk);
990 return err;
991}
992
993static int l2cap_sock_getname(struct socket *sock, struct sockaddr *addr, int *len, int peer)
994{
995 struct sockaddr_l2 *la = (struct sockaddr_l2 *) addr;
996 struct sock *sk = sock->sk;
997
998 BT_DBG("sock %p, sk %p", sock, sk);
999
1000 addr->sa_family = AF_BLUETOOTH;
1001 *len = sizeof(struct sockaddr_l2);
1002
1003 if (peer)
1004 bacpy(&la->l2_bdaddr, &bt_sk(sk)->dst);
1005 else
1006 bacpy(&la->l2_bdaddr, &bt_sk(sk)->src);
1007
1008 la->l2_psm = l2cap_pi(sk)->psm;
1009 return 0;
1010}
1011
1012static inline int l2cap_do_send(struct sock *sk, struct msghdr *msg, int len)
1013{
1014 struct l2cap_conn *conn = l2cap_pi(sk)->conn;
1015 struct sk_buff *skb, **frag;
1016 int err, hlen, count, sent=0;
1017 struct l2cap_hdr *lh;
1018
1019 BT_DBG("sk %p len %d", sk, len);
1020
1021 /* First fragment (with L2CAP header) */
1022 if (sk->sk_type == SOCK_DGRAM)
1023 hlen = L2CAP_HDR_SIZE + 2;
1024 else
1025 hlen = L2CAP_HDR_SIZE;
1026
1027 count = min_t(unsigned int, (conn->mtu - hlen), len);
1028
1029 skb = bt_skb_send_alloc(sk, hlen + count,
1030 msg->msg_flags & MSG_DONTWAIT, &err);
1031 if (!skb)
1032 return err;
1033
1034 /* Create L2CAP header */
1035 lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE);
aca3192c
YH		 1036 lh->cid = cpu_to_le16(l2cap_pi(sk)->dcid);
1037 lh->len = cpu_to_le16(len + (hlen - L2CAP_HDR_SIZE));
1da177e4
LT		 1038
1039 if (sk->sk_type == SOCK_DGRAM)
8e036fc3 1040 put_unaligned(l2cap_pi(sk)->psm, (__le16 *) skb_put(skb, 2));
1da177e4
LT		 1041
1042 if (memcpy_fromiovec(skb_put(skb, count), msg->msg_iov, count)) {
1043 err = -EFAULT;
1044 goto fail;
1045 }
1046
1047 sent += count;
1048 len -= count;
1049
1050 /* Continuation fragments (no L2CAP header) */
1051 frag = &skb_shinfo(skb)->frag_list;
1052 while (len) {
1053 count = min_t(unsigned int, conn->mtu, len);
1054
1055 *frag = bt_skb_send_alloc(sk, count, msg->msg_flags & MSG_DONTWAIT, &err);
1056 if (!*frag)
1057 goto fail;
8e87d142 1058
1da177e4
LT		 1059 if (memcpy_fromiovec(skb_put(*frag, count), msg->msg_iov, count)) {
1060 err = -EFAULT;
1061 goto fail;
1062 }
1063
1064 sent += count;
1065 len -= count;
1066
1067 frag = &(*frag)->next;
1068 }
1069
1070 if ((err = hci_send_acl(conn->hcon, skb, 0)) < 0)
1071 goto fail;
1072
1073 return sent;
1074
1075fail:
1076 kfree_skb(skb);
1077 return err;
1078}
1079
1080static int l2cap_sock_sendmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *msg, size_t len)
1081{
1082 struct sock *sk = sock->sk;
1083 int err = 0;
1084
1085 BT_DBG("sock %p, sk %p", sock, sk);
1086
c1cbe4b7
BL		 1087 err = sock_error(sk);
1088 if (err)
1089 return err;
1da177e4
LT		 1090
1091 if (msg->msg_flags & MSG_OOB)
1092 return -EOPNOTSUPP;
1093
1094 /* Check outgoing MTU */
1095 if (sk->sk_type != SOCK_RAW && len > l2cap_pi(sk)->omtu)
1096 return -EINVAL;
1097
1098 lock_sock(sk);
1099
1100 if (sk->sk_state == BT_CONNECTED)
1101 err = l2cap_do_send(sk, msg, len);
1102 else
1103 err = -ENOTCONN;
1104
1105 release_sock(sk);
1106 return err;
1107}
1108
1109static int l2cap_sock_setsockopt(struct socket *sock, int level, int optname, char __user *optval, int optlen)
1110{
1111 struct sock *sk = sock->sk;
1112 struct l2cap_options opts;
1113 int err = 0, len;
1114 u32 opt;
1115
1116 BT_DBG("sk %p", sk);
1117
1118 lock_sock(sk);
1119
1120 switch (optname) {
1121 case L2CAP_OPTIONS:
0878b666
MH		 1122 opts.imtu = l2cap_pi(sk)->imtu;
1123 opts.omtu = l2cap_pi(sk)->omtu;
1124 opts.flush_to = l2cap_pi(sk)->flush_to;
6464f35f 1125 opts.mode = L2CAP_MODE_BASIC;
0878b666 1126
1da177e4
LT		 1127 len = min_t(unsigned int, sizeof(opts), optlen);
1128 if (copy_from_user((char *) &opts, optval, len)) {
1129 err = -EFAULT;
1130 break;
1131 }
0878b666 1132
1da177e4
LT		 1133 l2cap_pi(sk)->imtu = opts.imtu;
1134 l2cap_pi(sk)->omtu = opts.omtu;
1135 break;
1136
1137 case L2CAP_LM:
1138 if (get_user(opt, (u32 __user *) optval)) {
1139 err = -EFAULT;
1140 break;
1141 }
1142
1143 l2cap_pi(sk)->link_mode = opt;
1144 break;
1145
1146 default:
1147 err = -ENOPROTOOPT;
1148 break;
1149 }
1150
1151 release_sock(sk);
1152 return err;
1153}
1154
1155static int l2cap_sock_getsockopt(struct socket *sock, int level, int optname, char __user *optval, int __user *optlen)
1156{
1157 struct sock *sk = sock->sk;
1158 struct l2cap_options opts;
1159 struct l2cap_conninfo cinfo;
1160 int len, err = 0;
1161
1162 BT_DBG("sk %p", sk);
1163
1164 if (get_user(len, optlen))
1165 return -EFAULT;
1166
1167 lock_sock(sk);
1168
1169 switch (optname) {
1170 case L2CAP_OPTIONS:
1171 opts.imtu = l2cap_pi(sk)->imtu;
1172 opts.omtu = l2cap_pi(sk)->omtu;
1173 opts.flush_to = l2cap_pi(sk)->flush_to;
6464f35f 1174 opts.mode = L2CAP_MODE_BASIC;
1da177e4
LT		 1175
1176 len = min_t(unsigned int, len, sizeof(opts));
1177 if (copy_to_user(optval, (char *) &opts, len))
1178 err = -EFAULT;
1179
1180 break;
1181
1182 case L2CAP_LM:
1183 if (put_user(l2cap_pi(sk)->link_mode, (u32 __user *) optval))
1184 err = -EFAULT;
1185 break;
1186
1187 case L2CAP_CONNINFO:
1188 if (sk->sk_state != BT_CONNECTED) {
1189 err = -ENOTCONN;
1190 break;
1191 }
1192
1193 cinfo.hci_handle = l2cap_pi(sk)->conn->hcon->handle;
1194 memcpy(cinfo.dev_class, l2cap_pi(sk)->conn->hcon->dev_class, 3);
1195
1196 len = min_t(unsigned int, len, sizeof(cinfo));
1197 if (copy_to_user(optval, (char *) &cinfo, len))
1198 err = -EFAULT;
1199
1200 break;
1201
1202 default:
1203 err = -ENOPROTOOPT;
1204 break;
1205 }
1206
1207 release_sock(sk);
1208 return err;
1209}
1210
1211static int l2cap_sock_shutdown(struct socket *sock, int how)
1212{
1213 struct sock *sk = sock->sk;
1214 int err = 0;
1215
1216 BT_DBG("sock %p, sk %p", sock, sk);
1217
1218 if (!sk)
1219 return 0;
1220
1221 lock_sock(sk);
1222 if (!sk->sk_shutdown) {
1223 sk->sk_shutdown = SHUTDOWN_MASK;
1224 l2cap_sock_clear_timer(sk);
1225 __l2cap_sock_close(sk, 0);
1226
1227 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime)
b1235d79
MH		 1228 err = bt_sock_wait_state(sk, BT_CLOSED,
1229 sk->sk_lingertime);
1da177e4
LT		 1230 }
1231 release_sock(sk);
1232 return err;
1233}
1234
1235static int l2cap_sock_release(struct socket *sock)
1236{
1237 struct sock *sk = sock->sk;
1238 int err;
1239
1240 BT_DBG("sock %p, sk %p", sock, sk);
1241
1242 if (!sk)
1243 return 0;
1244
1245 err = l2cap_sock_shutdown(sock, 2);
1246
1247 sock_orphan(sk);
1248 l2cap_sock_kill(sk);
1249 return err;
1250}
1251
1da177e4
LT		 1252static void l2cap_chan_ready(struct sock *sk)
1253{
1254 struct sock *parent = bt_sk(sk)->parent;
1255
1256 BT_DBG("sk %p, parent %p", sk, parent);
1257
1258 l2cap_pi(sk)->conf_state = 0;
1259 l2cap_sock_clear_timer(sk);
1260
1261 if (!parent) {
1262 /* Outgoing channel.
1263 * Wake up socket sleeping on connect.
1264 */
1265 sk->sk_state = BT_CONNECTED;
1266 sk->sk_state_change(sk);
1267 } else {
1268 /* Incoming channel.
1269 * Wake up socket sleeping on accept.
1270 */
1271 parent->sk_data_ready(parent, 0);
1272 }
b1235d79
MH		 1273
1274 if (l2cap_pi(sk)->link_mode & L2CAP_LM_SECURE) {
1275 struct l2cap_conn *conn = l2cap_pi(sk)->conn;
1276 hci_conn_change_link_key(conn->hcon);
1277 }
1da177e4
LT		 1278}
1279
1280/* Copy frame to all raw sockets on that connection */
1281static void l2cap_raw_recv(struct l2cap_conn *conn, struct sk_buff *skb)
1282{
1283 struct l2cap_chan_list *l = &conn->chan_list;
1284 struct sk_buff *nskb;
1285 struct sock * sk;
1286
1287 BT_DBG("conn %p", conn);
1288
1289 read_lock(&l->lock);
1290 for (sk = l->head; sk; sk = l2cap_pi(sk)->next_c) {
1291 if (sk->sk_type != SOCK_RAW)
1292 continue;
1293
1294 /* Don't send frame to the socket it came from */
1295 if (skb->sk == sk)
1296 continue;
1297
1298 if (!(nskb = skb_clone(skb, GFP_ATOMIC)))
1299 continue;
1300
1301 if (sock_queue_rcv_skb(sk, nskb))
1302 kfree_skb(nskb);
1303 }
1304 read_unlock(&l->lock);
1305}
1306
1307/* ---- L2CAP signalling commands ---- */
1308static struct sk_buff *l2cap_build_cmd(struct l2cap_conn *conn,
1309 u8 code, u8 ident, u16 dlen, void *data)
1310{
1311 struct sk_buff *skb, **frag;
1312 struct l2cap_cmd_hdr *cmd;
1313 struct l2cap_hdr *lh;
1314 int len, count;
1315
1316 BT_DBG("conn %p, code 0x%2.2x, ident 0x%2.2x, len %d", conn, code, ident, dlen);
1317
1318 len = L2CAP_HDR_SIZE + L2CAP_CMD_HDR_SIZE + dlen;
1319 count = min_t(unsigned int, conn->mtu, len);
1320
1321 skb = bt_skb_alloc(count, GFP_ATOMIC);
1322 if (!skb)
1323 return NULL;
1324
1325 lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE);
aca3192c
YH		 1326 lh->len = cpu_to_le16(L2CAP_CMD_HDR_SIZE + dlen);
1327 lh->cid = cpu_to_le16(0x0001);
1da177e4
LT		 1328
1329 cmd = (struct l2cap_cmd_hdr *) skb_put(skb, L2CAP_CMD_HDR_SIZE);
1330 cmd->code = code;
1331 cmd->ident = ident;
aca3192c 1332 cmd->len = cpu_to_le16(dlen);
1da177e4
LT		 1333
1334 if (dlen) {
1335 count -= L2CAP_HDR_SIZE + L2CAP_CMD_HDR_SIZE;
1336 memcpy(skb_put(skb, count), data, count);
1337 data += count;
1338 }
1339
1340 len -= skb->len;
1341
1342 /* Continuation fragments (no L2CAP header) */
1343 frag = &skb_shinfo(skb)->frag_list;
1344 while (len) {
1345 count = min_t(unsigned int, conn->mtu, len);
1346
1347 *frag = bt_skb_alloc(count, GFP_ATOMIC);
1348 if (!*frag)
1349 goto fail;
1350
1351 memcpy(skb_put(*frag, count), data, count);
1352
1353 len -= count;
1354 data += count;
1355
1356 frag = &(*frag)->next;
1357 }
1358
1359 return skb;
1360
1361fail:
1362 kfree_skb(skb);
1363 return NULL;
1364}
1365
1366static inline int l2cap_get_conf_opt(void **ptr, int *type, int *olen, unsigned long *val)
1367{
1368 struct l2cap_conf_opt *opt = *ptr;
1369 int len;
1370
1371 len = L2CAP_CONF_OPT_SIZE + opt->len;
1372 *ptr += len;
1373
1374 *type = opt->type;
1375 *olen = opt->len;
1376
1377 switch (opt->len) {
1378 case 1:
1379 *val = *((u8 *) opt->val);
1380 break;
1381
1382 case 2:
861d6882 1383 *val = __le16_to_cpu(*((__le16 *) opt->val));
1da177e4
LT		 1384 break;
1385
1386 case 4:
861d6882 1387 *val = __le32_to_cpu(*((__le32 *) opt->val));
1da177e4
LT		 1388 break;
1389
1390 default:
1391 *val = (unsigned long) opt->val;
1392 break;
1393 }
1394
1395 BT_DBG("type 0x%2.2x len %d val 0x%lx", *type, opt->len, *val);
1396 return len;
1397}
1398
1da177e4
LT		 1399static void l2cap_add_conf_opt(void **ptr, u8 type, u8 len, unsigned long val)
1400{
1401 struct l2cap_conf_opt *opt = *ptr;
1402
1403 BT_DBG("type 0x%2.2x len %d val 0x%lx", type, len, val);
1404
1405 opt->type = type;
1406 opt->len = len;
1407
1408 switch (len) {
1409 case 1:
1410 *((u8 *) opt->val) = val;
1411 break;
1412
1413 case 2:
8e036fc3 1414 *((__le16 *) opt->val) = cpu_to_le16(val);
1da177e4
LT		 1415 break;
1416
1417 case 4:
8e036fc3 1418 *((__le32 *) opt->val) = cpu_to_le32(val);
1da177e4
LT		 1419 break;
1420
1421 default:
1422 memcpy(opt->val, (void *) val, len);
1423 break;
1424 }
1425
1426 *ptr += L2CAP_CONF_OPT_SIZE + len;
1427}
1428
1429static int l2cap_build_conf_req(struct sock *sk, void *data)
1430{
1431 struct l2cap_pinfo *pi = l2cap_pi(sk);
1432 struct l2cap_conf_req *req = data;
1433 void *ptr = req->data;
1434
1435 BT_DBG("sk %p", sk);
1436
1437 if (pi->imtu != L2CAP_DEFAULT_MTU)
1438 l2cap_add_conf_opt(&ptr, L2CAP_CONF_MTU, 2, pi->imtu);
1439
1440 /* FIXME: Need actual value of the flush timeout */
1441 //if (flush_to != L2CAP_DEFAULT_FLUSH_TO)
1442 // l2cap_add_conf_opt(&ptr, L2CAP_CONF_FLUSH_TO, 2, pi->flush_to);
1443
aca3192c
YH		 1444 req->dcid = cpu_to_le16(pi->dcid);
1445 req->flags = cpu_to_le16(0);
1da177e4
LT		 1446
1447 return ptr - data;
1448}
1449
5dee9e7c 1450static int l2cap_parse_conf_req(struct sock *sk, void *data)
1da177e4
LT		 1451{
1452 struct l2cap_pinfo *pi = l2cap_pi(sk);
5dee9e7c
MH		 1453 struct l2cap_conf_rsp *rsp = data;
1454 void *ptr = rsp->data;
1455 void *req = pi->conf_req;
1456 int len = pi->conf_len;
1457 int type, hint, olen;
1458 unsigned long val;
6464f35f 1459 struct l2cap_conf_rfc rfc = { .mode = L2CAP_MODE_BASIC };
861d6882 1460 u16 mtu = L2CAP_DEFAULT_MTU;
5dee9e7c 1461 u16 result = L2CAP_CONF_SUCCESS;
1da177e4 1462
5dee9e7c 1463 BT_DBG("sk %p", sk);
820ae1b8 1464
5dee9e7c
MH		 1465 while (len >= L2CAP_CONF_OPT_SIZE) {
1466 len -= l2cap_get_conf_opt(&req, &type, &olen, &val);
1da177e4 1467
5dee9e7c
MH		 1468 hint = type & 0x80;
1469 type &= 0x7f;
1470
1471 switch (type) {
1472 case L2CAP_CONF_MTU:
861d6882 1473 mtu = val;
5dee9e7c
MH		 1474 break;
1475
1476 case L2CAP_CONF_FLUSH_TO:
1477 pi->flush_to = val;
1478 break;
1479
1480 case L2CAP_CONF_QOS:
1481 break;
1482
6464f35f
MH		 1483 case L2CAP_CONF_RFC:
1484 if (olen == sizeof(rfc))
1485 memcpy(&rfc, (void *) val, olen);
1486 break;
1487
5dee9e7c
MH		 1488 default:
1489 if (hint)
1490 break;
1491
1492 result = L2CAP_CONF_UNKNOWN;
1493 *((u8 *) ptr++) = type;
1494 break;
1495 }
1496 }
1497
1498 if (result == L2CAP_CONF_SUCCESS) {
1499 /* Configure output options and let the other side know
1500 * which ones we don't like. */
1501
6464f35f
MH		 1502 if (rfc.mode == L2CAP_MODE_BASIC) {
1503 if (mtu < pi->omtu)
1504 result = L2CAP_CONF_UNACCEPT;
1505 else {
1506 pi->omtu = mtu;
1507 pi->conf_state |= L2CAP_CONF_OUTPUT_DONE;
1508 }
1509
1510 l2cap_add_conf_opt(&ptr, L2CAP_CONF_MTU, 2, pi->omtu);
1511 } else {
5dee9e7c 1512 result = L2CAP_CONF_UNACCEPT;
5dee9e7c 1513
6464f35f
MH		 1514 memset(&rfc, 0, sizeof(rfc));
1515 rfc.mode = L2CAP_MODE_BASIC;
1516
1517 l2cap_add_conf_opt(&ptr, L2CAP_CONF_RFC,
1518 sizeof(rfc), (unsigned long) &rfc);
1519 }
5dee9e7c
MH		 1520 }
1521
1522 rsp->scid = cpu_to_le16(pi->dcid);
1523 rsp->result = cpu_to_le16(result);
1524 rsp->flags = cpu_to_le16(0x0000);
1525
1526 return ptr - data;
1da177e4
LT		 1527}
1528
5dee9e7c 1529static int l2cap_build_conf_rsp(struct sock *sk, void *data, u16 result, u16 flags)
1da177e4
LT		 1530{
1531 struct l2cap_conf_rsp *rsp = data;
1532 void *ptr = rsp->data;
1da177e4 1533
5dee9e7c 1534 BT_DBG("sk %p", sk);
1da177e4 1535
aca3192c 1536 rsp->scid = cpu_to_le16(l2cap_pi(sk)->dcid);
5dee9e7c 1537 rsp->result = cpu_to_le16(result);
aca3192c 1538 rsp->flags = cpu_to_le16(flags);
1da177e4
LT		 1539
1540 return ptr - data;
1541}
1542
4e8402a3
MH		 1543static inline int l2cap_command_rej(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u8 *data)
1544{
1545 struct l2cap_cmd_rej *rej = (struct l2cap_cmd_rej *) data;
1546
1547 if (rej->reason != 0x0000)
1548 return 0;
1549
1550 if ((conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_SENT) &&
1551 cmd->ident == conn->info_ident) {
1552 conn->info_ident = 0;
1553 del_timer(&conn->info_timer);
1554 l2cap_conn_start(conn);
1555 }
1556
1557 return 0;
1558}
1559
1da177e4
LT		 1560static inline int l2cap_connect_req(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u8 *data)
1561{
1562 struct l2cap_chan_list *list = &conn->chan_list;
1563 struct l2cap_conn_req *req = (struct l2cap_conn_req *) data;
1564 struct l2cap_conn_rsp rsp;
1565 struct sock *sk, *parent;
e7c29cb1 1566 int result, status = L2CAP_CS_NO_INFO;
1da177e4
LT		 1567
1568 u16 dcid = 0, scid = __le16_to_cpu(req->scid);
e7c29cb1 1569 __le16 psm = req->psm;
1da177e4
LT		 1570
1571 BT_DBG("psm 0x%2.2x scid 0x%4.4x", psm, scid);
1572
1573 /* Check if we have socket listening on psm */
1574 parent = l2cap_get_sock_by_psm(BT_LISTEN, psm, conn->src);
1575 if (!parent) {
1576 result = L2CAP_CR_BAD_PSM;
1577 goto sendresp;
1578 }
1579
e7c29cb1
MH		 1580 /* Check if the ACL is secure enough (if not SDP) */
1581 if (psm != cpu_to_le16(0x0001) &&
1582 !hci_conn_check_link_mode(conn->hcon)) {
1583 result = L2CAP_CR_SEC_BLOCK;
1584 goto response;
1585 }
1586
1da177e4
LT		 1587 result = L2CAP_CR_NO_MEM;
1588
1589 /* Check for backlog size */
1590 if (sk_acceptq_is_full(parent)) {
8e87d142 1591 BT_DBG("backlog full %d", parent->sk_ack_backlog);
1da177e4
LT		 1592 goto response;
1593 }
1594
3b1e0a65 1595 sk = l2cap_sock_alloc(sock_net(parent), NULL, BTPROTO_L2CAP, GFP_ATOMIC);
1da177e4
LT		 1596 if (!sk)
1597 goto response;
1598
fd1278d7 1599 write_lock_bh(&list->lock);
1da177e4
LT		 1600
1601 /* Check if we already have channel with that dcid */
1602 if (__l2cap_get_chan_by_dcid(list, scid)) {
fd1278d7 1603 write_unlock_bh(&list->lock);
1da177e4
LT		 1604 sock_set_flag(sk, SOCK_ZAPPED);
1605 l2cap_sock_kill(sk);
1606 goto response;
1607 }
1608
1609 hci_conn_hold(conn->hcon);
1610
1611 l2cap_sock_init(sk, parent);
1612 bacpy(&bt_sk(sk)->src, conn->src);
1613 bacpy(&bt_sk(sk)->dst, conn->dst);
1614 l2cap_pi(sk)->psm = psm;
1615 l2cap_pi(sk)->dcid = scid;
1616
1617 __l2cap_chan_add(conn, sk, parent);
1618 dcid = l2cap_pi(sk)->scid;
1619
1620 l2cap_sock_set_timer(sk, sk->sk_sndtimeo);
1621
1da177e4
LT		 1622 l2cap_pi(sk)->ident = cmd->ident;
1623
79d554a6
MH		 1624 if (conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_SENT) {
1625 if (l2cap_check_link_mode(sk)) {
1626 sk->sk_state = BT_CONFIG;
1627 result = L2CAP_CR_SUCCESS;
1628 status = L2CAP_CS_NO_INFO;
1629 } else {
1630 sk->sk_state = BT_CONNECT2;
1631 result = L2CAP_CR_PEND;
1632 status = L2CAP_CS_AUTHEN_PEND;
1633 }
1634 } else {
1635 sk->sk_state = BT_CONNECT2;
1636 result = L2CAP_CR_PEND;
1637 status = L2CAP_CS_NO_INFO;
1da177e4
LT		 1638 }
1639
fd1278d7 1640 write_unlock_bh(&list->lock);
1da177e4
LT		 1641
1642response:
1643 bh_unlock_sock(parent);
1644
1645sendresp:
aca3192c
YH		 1646 rsp.scid = cpu_to_le16(scid);
1647 rsp.dcid = cpu_to_le16(dcid);
1648 rsp.result = cpu_to_le16(result);
1649 rsp.status = cpu_to_le16(status);
1da177e4 1650 l2cap_send_cmd(conn, cmd->ident, L2CAP_CONN_RSP, sizeof(rsp), &rsp);
79d554a6
MH		 1651
1652 if (result == L2CAP_CR_PEND && status == L2CAP_CS_NO_INFO) {
1653 struct l2cap_info_req info;
1654 info.type = cpu_to_le16(L2CAP_IT_FEAT_MASK);
1655
1656 conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_SENT;
1657 conn->info_ident = l2cap_get_ident(conn);
1658
1659 mod_timer(&conn->info_timer, jiffies +
1660 msecs_to_jiffies(L2CAP_INFO_TIMEOUT));
1661
1662 l2cap_send_cmd(conn, conn->info_ident,
1663 L2CAP_INFO_REQ, sizeof(info), &info);
1664 }
1665
1da177e4
LT		 1666 return 0;
1667}
1668
1669static inline int l2cap_connect_rsp(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u8 *data)
1670{
1671 struct l2cap_conn_rsp *rsp = (struct l2cap_conn_rsp *) data;
1672 u16 scid, dcid, result, status;
1673 struct sock *sk;
1674 u8 req[128];
1675
1676 scid = __le16_to_cpu(rsp->scid);
1677 dcid = __le16_to_cpu(rsp->dcid);
1678 result = __le16_to_cpu(rsp->result);
1679 status = __le16_to_cpu(rsp->status);
1680
1681 BT_DBG("dcid 0x%4.4x scid 0x%4.4x result 0x%2.2x status 0x%2.2x", dcid, scid, result, status);
1682
1683 if (scid) {
1684 if (!(sk = l2cap_get_chan_by_scid(&conn->chan_list, scid)))
1685 return 0;
1686 } else {
1687 if (!(sk = l2cap_get_chan_by_ident(&conn->chan_list, cmd->ident)))
1688 return 0;
1689 }
1690
1691 switch (result) {
1692 case L2CAP_CR_SUCCESS:
1693 sk->sk_state = BT_CONFIG;
1694 l2cap_pi(sk)->ident = 0;
1695 l2cap_pi(sk)->dcid = dcid;
1696 l2cap_pi(sk)->conf_state |= L2CAP_CONF_REQ_SENT;
1697
1698 l2cap_send_cmd(conn, l2cap_get_ident(conn), L2CAP_CONF_REQ,
1699 l2cap_build_conf_req(sk, req), req);
1700 break;
1701
1702 case L2CAP_CR_PEND:
1703 break;
1704
1705 default:
1706 l2cap_chan_del(sk, ECONNREFUSED);
1707 break;
1708 }
1709
1710 bh_unlock_sock(sk);
1711 return 0;
1712}
1713
88219a0f 1714static inline int l2cap_config_req(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u16 cmd_len, u8 *data)
1da177e4
LT		 1715{
1716 struct l2cap_conf_req *req = (struct l2cap_conf_req *) data;
1717 u16 dcid, flags;
1718 u8 rsp[64];
1719 struct sock *sk;
5dee9e7c 1720 int len;
1da177e4
LT		 1721
1722 dcid = __le16_to_cpu(req->dcid);
1723 flags = __le16_to_cpu(req->flags);
1724
1725 BT_DBG("dcid 0x%4.4x flags 0x%2.2x", dcid, flags);
1726
1727 if (!(sk = l2cap_get_chan_by_scid(&conn->chan_list, dcid)))
1728 return -ENOENT;
1729
354f60a9
MH		 1730 if (sk->sk_state == BT_DISCONN)
1731 goto unlock;
1732
5dee9e7c 1733 /* Reject if config buffer is too small. */
88219a0f 1734 len = cmd_len - sizeof(*req);
5dee9e7c
MH		 1735 if (l2cap_pi(sk)->conf_len + len > sizeof(l2cap_pi(sk)->conf_req)) {
1736 l2cap_send_cmd(conn, cmd->ident, L2CAP_CONF_RSP,
1737 l2cap_build_conf_rsp(sk, rsp,
1738 L2CAP_CONF_REJECT, flags), rsp);
1739 goto unlock;
1740 }
1741
1742 /* Store config. */
1743 memcpy(l2cap_pi(sk)->conf_req + l2cap_pi(sk)->conf_len, req->data, len);
1744 l2cap_pi(sk)->conf_len += len;
1da177e4
LT		 1745
1746 if (flags & 0x0001) {
1747 /* Incomplete config. Send empty response. */
1748 l2cap_send_cmd(conn, cmd->ident, L2CAP_CONF_RSP,
5dee9e7c
MH		 1749 l2cap_build_conf_rsp(sk, rsp,
1750 L2CAP_CONF_SUCCESS, 0x0001), rsp);
1da177e4
LT		 1751 goto unlock;
1752 }
1753
1754 /* Complete config. */
5dee9e7c
MH		 1755 len = l2cap_parse_conf_req(sk, rsp);
1756 if (len < 0)
1da177e4
LT		 1757 goto unlock;
1758
5dee9e7c
MH		 1759 l2cap_send_cmd(conn, cmd->ident, L2CAP_CONF_RSP, len, rsp);
1760
5dee9e7c
MH		 1761 /* Reset config buffer. */
1762 l2cap_pi(sk)->conf_len = 0;
1763
876d9484
MH		 1764 if (!(l2cap_pi(sk)->conf_state & L2CAP_CONF_OUTPUT_DONE))
1765 goto unlock;
1766
1da177e4
LT		 1767 if (l2cap_pi(sk)->conf_state & L2CAP_CONF_INPUT_DONE) {
1768 sk->sk_state = BT_CONNECTED;
1769 l2cap_chan_ready(sk);
876d9484
MH		 1770 goto unlock;
1771 }
1772
1773 if (!(l2cap_pi(sk)->conf_state & L2CAP_CONF_REQ_SENT)) {
79d554a6 1774 u8 buf[64];
1da177e4 1775 l2cap_send_cmd(conn, l2cap_get_ident(conn), L2CAP_CONF_REQ,
79d554a6 1776 l2cap_build_conf_req(sk, buf), buf);
1da177e4
LT		 1777 }
1778
1779unlock:
1780 bh_unlock_sock(sk);
1781 return 0;
1782}
1783
1784static inline int l2cap_config_rsp(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u8 *data)
1785{
1786 struct l2cap_conf_rsp *rsp = (struct l2cap_conf_rsp *)data;
1787 u16 scid, flags, result;
1788 struct sock *sk;
1789
1790 scid = __le16_to_cpu(rsp->scid);
1791 flags = __le16_to_cpu(rsp->flags);
1792 result = __le16_to_cpu(rsp->result);
1793
1794 BT_DBG("scid 0x%4.4x flags 0x%2.2x result 0x%2.2x", scid, flags, result);
1795
1796 if (!(sk = l2cap_get_chan_by_scid(&conn->chan_list, scid)))
1797 return 0;
1798
1799 switch (result) {
1800 case L2CAP_CONF_SUCCESS:
1801 break;
1802
1803 case L2CAP_CONF_UNACCEPT:
1804 if (++l2cap_pi(sk)->conf_retry < L2CAP_CONF_MAX_RETRIES) {
1805 char req[128];
1806 /* It does not make sense to adjust L2CAP parameters
1807 * that are currently defined in the spec. We simply
1808 * resend config request that we sent earlier. It is
1809 * stupid, but it helps qualification testing which
1810 * expects at least some response from us. */
1811 l2cap_send_cmd(conn, l2cap_get_ident(conn), L2CAP_CONF_REQ,
1812 l2cap_build_conf_req(sk, req), req);
1813 goto done;
1814 }
1815
8e87d142 1816 default:
1da177e4 1817 sk->sk_state = BT_DISCONN;
b1235d79 1818 sk->sk_err = ECONNRESET;
1da177e4
LT		 1819 l2cap_sock_set_timer(sk, HZ * 5);
1820 {
1821 struct l2cap_disconn_req req;
aca3192c
YH		 1822 req.dcid = cpu_to_le16(l2cap_pi(sk)->dcid);
1823 req.scid = cpu_to_le16(l2cap_pi(sk)->scid);
1da177e4
LT		 1824 l2cap_send_cmd(conn, l2cap_get_ident(conn),
1825 L2CAP_DISCONN_REQ, sizeof(req), &req);
1826 }
1827 goto done;
1828 }
1829
1830 if (flags & 0x01)
1831 goto done;
1832
1da177e4
LT		 1833 l2cap_pi(sk)->conf_state |= L2CAP_CONF_INPUT_DONE;
1834
1835 if (l2cap_pi(sk)->conf_state & L2CAP_CONF_OUTPUT_DONE) {
1836 sk->sk_state = BT_CONNECTED;
1837 l2cap_chan_ready(sk);
1838 }
1839
1840done:
1841 bh_unlock_sock(sk);
1842 return 0;
1843}
1844
1845static inline int l2cap_disconnect_req(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u8 *data)
1846{
1847 struct l2cap_disconn_req *req = (struct l2cap_disconn_req *) data;
1848 struct l2cap_disconn_rsp rsp;
1849 u16 dcid, scid;
1850 struct sock *sk;
1851
1852 scid = __le16_to_cpu(req->scid);
1853 dcid = __le16_to_cpu(req->dcid);
1854
1855 BT_DBG("scid 0x%4.4x dcid 0x%4.4x", scid, dcid);
1856
1857 if (!(sk = l2cap_get_chan_by_scid(&conn->chan_list, dcid)))
1858 return 0;
1859
aca3192c
YH		 1860 rsp.dcid = cpu_to_le16(l2cap_pi(sk)->scid);
1861 rsp.scid = cpu_to_le16(l2cap_pi(sk)->dcid);
1da177e4
LT		 1862 l2cap_send_cmd(conn, cmd->ident, L2CAP_DISCONN_RSP, sizeof(rsp), &rsp);
1863
1864 sk->sk_shutdown = SHUTDOWN_MASK;
1865
1866 l2cap_chan_del(sk, ECONNRESET);
1867 bh_unlock_sock(sk);
1868
1869 l2cap_sock_kill(sk);
1870 return 0;
1871}
1872
1873static inline int l2cap_disconnect_rsp(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u8 *data)
1874{
1875 struct l2cap_disconn_rsp *rsp = (struct l2cap_disconn_rsp *) data;
1876 u16 dcid, scid;
1877 struct sock *sk;
1878
1879 scid = __le16_to_cpu(rsp->scid);
1880 dcid = __le16_to_cpu(rsp->dcid);
1881
1882 BT_DBG("dcid 0x%4.4x scid 0x%4.4x", dcid, scid);
1883
1884 if (!(sk = l2cap_get_chan_by_scid(&conn->chan_list, scid)))
1885 return 0;
1886
1887 l2cap_chan_del(sk, 0);
1888 bh_unlock_sock(sk);
1889
1890 l2cap_sock_kill(sk);
1891 return 0;
1892}
1893
1894static inline int l2cap_information_req(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u8 *data)
1895{
1896 struct l2cap_info_req *req = (struct l2cap_info_req *) data;
1da177e4
LT		 1897 u16 type;
1898
1899 type = __le16_to_cpu(req->type);
1900
1901 BT_DBG("type 0x%4.4x", type);
1902
f0709e03
MH		 1903 if (type == L2CAP_IT_FEAT_MASK) {
1904 u8 buf[8];
1905 struct l2cap_info_rsp *rsp = (struct l2cap_info_rsp *) buf;
1906 rsp->type = cpu_to_le16(L2CAP_IT_FEAT_MASK);
1907 rsp->result = cpu_to_le16(L2CAP_IR_SUCCESS);
1908 put_unaligned(cpu_to_le32(l2cap_feat_mask), (__le32 *) rsp->data);
1909 l2cap_send_cmd(conn, cmd->ident,
1910 L2CAP_INFO_RSP, sizeof(buf), buf);
1911 } else {
1912 struct l2cap_info_rsp rsp;
1913 rsp.type = cpu_to_le16(type);
1914 rsp.result = cpu_to_le16(L2CAP_IR_NOTSUPP);
1915 l2cap_send_cmd(conn, cmd->ident,
1916 L2CAP_INFO_RSP, sizeof(rsp), &rsp);
1917 }
1da177e4
LT		 1918
1919 return 0;
1920}
1921
1922static inline int l2cap_information_rsp(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, u8 *data)
1923{
1924 struct l2cap_info_rsp *rsp = (struct l2cap_info_rsp *) data;
1925 u16 type, result;
1926
1927 type = __le16_to_cpu(rsp->type);
1928 result = __le16_to_cpu(rsp->result);
1929
1930 BT_DBG("type 0x%4.4x result 0x%2.2x", type, result);
1931
4e8402a3
MH		 1932 conn->info_ident = 0;
1933
1934 del_timer(&conn->info_timer);
1935
1936 if (type == L2CAP_IT_FEAT_MASK)
83985319 1937 conn->feat_mask = get_unaligned_le32(rsp->data);
4e8402a3
MH		 1938
1939 l2cap_conn_start(conn);
1940
1da177e4
LT		 1941 return 0;
1942}
1943
1944static inline void l2cap_sig_channel(struct l2cap_conn *conn, struct sk_buff *skb)
1945{
1946 u8 *data = skb->data;
1947 int len = skb->len;
1948 struct l2cap_cmd_hdr cmd;
1949 int err = 0;
1950
1951 l2cap_raw_recv(conn, skb);
1952
1953 while (len >= L2CAP_CMD_HDR_SIZE) {
88219a0f 1954 u16 cmd_len;
1da177e4
LT		 1955 memcpy(&cmd, data, L2CAP_CMD_HDR_SIZE);
1956 data += L2CAP_CMD_HDR_SIZE;
1957 len -= L2CAP_CMD_HDR_SIZE;
1958
88219a0f 1959 cmd_len = le16_to_cpu(cmd.len);
1da177e4 1960
88219a0f 1961 BT_DBG("code 0x%2.2x len %d id 0x%2.2x", cmd.code, cmd_len, cmd.ident);
1da177e4 1962
88219a0f 1963 if (cmd_len > len || !cmd.ident) {
1da177e4
LT		 1964 BT_DBG("corrupted command");
1965 break;
1966 }
1967
1968 switch (cmd.code) {
1969 case L2CAP_COMMAND_REJ:
4e8402a3 1970 l2cap_command_rej(conn, &cmd, data);
1da177e4
LT		 1971 break;
1972
1973 case L2CAP_CONN_REQ:
1974 err = l2cap_connect_req(conn, &cmd, data);
1975 break;
1976
1977 case L2CAP_CONN_RSP:
1978 err = l2cap_connect_rsp(conn, &cmd, data);
1979 break;
1980
1981 case L2CAP_CONF_REQ:
88219a0f 1982 err = l2cap_config_req(conn, &cmd, cmd_len, data);
1da177e4
LT		 1983 break;
1984
1985 case L2CAP_CONF_RSP:
1986 err = l2cap_config_rsp(conn, &cmd, data);
1987 break;
1988
1989 case L2CAP_DISCONN_REQ:
1990 err = l2cap_disconnect_req(conn, &cmd, data);
1991 break;
1992
1993 case L2CAP_DISCONN_RSP:
1994 err = l2cap_disconnect_rsp(conn, &cmd, data);
1995 break;
1996
1997 case L2CAP_ECHO_REQ:
88219a0f 1998 l2cap_send_cmd(conn, cmd.ident, L2CAP_ECHO_RSP, cmd_len, data);
1da177e4
LT		 1999 break;
2000
2001 case L2CAP_ECHO_RSP:
2002 break;
2003
2004 case L2CAP_INFO_REQ:
2005 err = l2cap_information_req(conn, &cmd, data);
2006 break;
2007
2008 case L2CAP_INFO_RSP:
2009 err = l2cap_information_rsp(conn, &cmd, data);
2010 break;
2011
2012 default:
2013 BT_ERR("Unknown signaling command 0x%2.2x", cmd.code);
2014 err = -EINVAL;
2015 break;
2016 }
2017
2018 if (err) {
2019 struct l2cap_cmd_rej rej;
2020 BT_DBG("error %d", err);
2021
2022 /* FIXME: Map err to a valid reason */
aca3192c 2023 rej.reason = cpu_to_le16(0);
1da177e4
LT		 2024 l2cap_send_cmd(conn, cmd.ident, L2CAP_COMMAND_REJ, sizeof(rej), &rej);
2025 }
2026
88219a0f
AV		 2027 data += cmd_len;
2028 len -= cmd_len;
1da177e4
LT		 2029 }
2030
2031 kfree_skb(skb);
2032}
2033
2034static inline int l2cap_data_channel(struct l2cap_conn *conn, u16 cid, struct sk_buff *skb)
2035{
2036 struct sock *sk;
2037
2038 sk = l2cap_get_chan_by_scid(&conn->chan_list, cid);
2039 if (!sk) {
2040 BT_DBG("unknown cid 0x%4.4x", cid);
2041 goto drop;
2042 }
2043
2044 BT_DBG("sk %p, len %d", sk, skb->len);
2045
2046 if (sk->sk_state != BT_CONNECTED)
2047 goto drop;
2048
2049 if (l2cap_pi(sk)->imtu < skb->len)
2050 goto drop;
2051
2052 /* If socket recv buffers overflows we drop data here
2053 * which is *bad* because L2CAP has to be reliable.
2054 * But we don't have any other choice. L2CAP doesn't
2055 * provide flow control mechanism. */
2056
2057 if (!sock_queue_rcv_skb(sk, skb))
2058 goto done;
2059
2060drop:
2061 kfree_skb(skb);
2062
2063done:
0139418c
MH		 2064 if (sk)
2065 bh_unlock_sock(sk);
2066
1da177e4
LT		 2067 return 0;
2068}
2069
8e036fc3 2070static inline int l2cap_conless_channel(struct l2cap_conn *conn, __le16 psm, struct sk_buff *skb)
1da177e4
LT		 2071{
2072 struct sock *sk;
2073
2074 sk = l2cap_get_sock_by_psm(0, psm, conn->src);
2075 if (!sk)
2076 goto drop;
2077
2078 BT_DBG("sk %p, len %d", sk, skb->len);
2079
2080 if (sk->sk_state != BT_BOUND && sk->sk_state != BT_CONNECTED)
2081 goto drop;
2082
2083 if (l2cap_pi(sk)->imtu < skb->len)
2084 goto drop;
2085
2086 if (!sock_queue_rcv_skb(sk, skb))
2087 goto done;
2088
2089drop:
2090 kfree_skb(skb);
2091
2092done:
2093 if (sk) bh_unlock_sock(sk);
2094 return 0;
2095}
2096
2097static void l2cap_recv_frame(struct l2cap_conn *conn, struct sk_buff *skb)
2098{
2099 struct l2cap_hdr *lh = (void *) skb->data;
8e036fc3
AV		 2100 u16 cid, len;
2101 __le16 psm;
1da177e4
LT		 2102
2103 skb_pull(skb, L2CAP_HDR_SIZE);
2104 cid = __le16_to_cpu(lh->cid);
2105 len = __le16_to_cpu(lh->len);
2106
2107 BT_DBG("len %d, cid 0x%4.4x", len, cid);
2108
2109 switch (cid) {
2110 case 0x0001:
2111 l2cap_sig_channel(conn, skb);
2112 break;
2113
2114 case 0x0002:
8e036fc3 2115 psm = get_unaligned((__le16 *) skb->data);
1da177e4
LT		 2116 skb_pull(skb, 2);
2117 l2cap_conless_channel(conn, psm, skb);
2118 break;
2119
2120 default:
2121 l2cap_data_channel(conn, cid, skb);
2122 break;
2123 }
2124}
2125
2126/* ---- L2CAP interface with lower layer (HCI) ---- */
2127
2128static int l2cap_connect_ind(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type)
2129{
2130 int exact = 0, lm1 = 0, lm2 = 0;
2131 register struct sock *sk;
2132 struct hlist_node *node;
2133
2134 if (type != ACL_LINK)
2135 return 0;
2136
2137 BT_DBG("hdev %s, bdaddr %s", hdev->name, batostr(bdaddr));
2138
2139 /* Find listening sockets and check their link_mode */
2140 read_lock(&l2cap_sk_list.lock);
2141 sk_for_each(sk, node, &l2cap_sk_list.head) {
2142 if (sk->sk_state != BT_LISTEN)
2143 continue;
2144
2145 if (!bacmp(&bt_sk(sk)->src, &hdev->bdaddr)) {
2146 lm1 |= (HCI_LM_ACCEPT | l2cap_pi(sk)->link_mode);
2147 exact++;
2148 } else if (!bacmp(&bt_sk(sk)->src, BDADDR_ANY))
2149 lm2 |= (HCI_LM_ACCEPT | l2cap_pi(sk)->link_mode);
2150 }
2151 read_unlock(&l2cap_sk_list.lock);
2152
2153 return exact ? lm1 : lm2;
2154}
2155
2156static int l2cap_connect_cfm(struct hci_conn *hcon, u8 status)
2157{
0139418c
MH		 2158 struct l2cap_conn *conn;
2159
1da177e4
LT		 2160 BT_DBG("hcon %p bdaddr %s status %d", hcon, batostr(&hcon->dst), status);
2161
2162 if (hcon->type != ACL_LINK)
2163 return 0;
2164
2165 if (!status) {
1da177e4
LT		 2166 conn = l2cap_conn_add(hcon, status);
2167 if (conn)
2168 l2cap_conn_ready(conn);
0139418c 2169 } else
1da177e4
LT		 2170 l2cap_conn_del(hcon, bt_err(status));
2171
2172 return 0;
2173}
2174
2175static int l2cap_disconn_ind(struct hci_conn *hcon, u8 reason)
2176{
2177 BT_DBG("hcon %p reason %d", hcon, reason);
2178
2179 if (hcon->type != ACL_LINK)
2180 return 0;
2181
2182 l2cap_conn_del(hcon, bt_err(reason));
0139418c 2183
1da177e4
LT		 2184 return 0;
2185}
2186
2187static int l2cap_auth_cfm(struct hci_conn *hcon, u8 status)
2188{
2189 struct l2cap_chan_list *l;
40be492f 2190 struct l2cap_conn *conn = hcon->l2cap_data;
1da177e4 2191 struct sock *sk;
1da177e4 2192
0139418c 2193 if (!conn)
1da177e4 2194 return 0;
0139418c 2195
1da177e4
LT		 2196 l = &conn->chan_list;
2197
2198 BT_DBG("conn %p", conn);
2199
2200 read_lock(&l->lock);
2201
2202 for (sk = l->head; sk; sk = l2cap_pi(sk)->next_c) {
40be492f
MH		 2203 struct l2cap_pinfo *pi = l2cap_pi(sk);
2204
1da177e4
LT		 2205 bh_lock_sock(sk);
2206
40be492f 2207 if ((pi->link_mode & (L2CAP_LM_ENCRYPT | L2CAP_LM_SECURE)) &&
b1235d79
MH		 2208 !(hcon->link_mode & HCI_LM_ENCRYPT) &&
2209 !status) {
1da177e4
LT		 2210 bh_unlock_sock(sk);
2211 continue;
2212 }
2213
b1235d79
MH		 2214 if (sk->sk_state == BT_CONNECT) {
2215 if (!status) {
2216 struct l2cap_conn_req req;
2217 req.scid = cpu_to_le16(l2cap_pi(sk)->scid);
2218 req.psm = l2cap_pi(sk)->psm;
2219
2220 l2cap_pi(sk)->ident = l2cap_get_ident(conn);
2221
2222 l2cap_send_cmd(conn, l2cap_pi(sk)->ident,
2223 L2CAP_CONN_REQ, sizeof(req), &req);
2224 } else {
2225 l2cap_sock_clear_timer(sk);
2226 l2cap_sock_set_timer(sk, HZ / 10);
2227 }
2228 } else if (sk->sk_state == BT_CONNECT2) {
2229 struct l2cap_conn_rsp rsp;
2230 __u16 result;
2231
2232 if (!status) {
2233 sk->sk_state = BT_CONFIG;
2234 result = L2CAP_CR_SUCCESS;
2235 } else {
2236 sk->sk_state = BT_DISCONN;
2237 l2cap_sock_set_timer(sk, HZ / 10);
2238 result = L2CAP_CR_SEC_BLOCK;
2239 }
1da177e4 2240
b1235d79
MH		 2241 rsp.scid = cpu_to_le16(l2cap_pi(sk)->dcid);
2242 rsp.dcid = cpu_to_le16(l2cap_pi(sk)->scid);
2243 rsp.result = cpu_to_le16(result);
e7c29cb1 2244 rsp.status = cpu_to_le16(L2CAP_CS_NO_INFO);
b1235d79
MH		 2245 l2cap_send_cmd(conn, l2cap_pi(sk)->ident,
2246 L2CAP_CONN_RSP, sizeof(rsp), &rsp);
2247 }
1da177e4
LT		 2248
2249 bh_unlock_sock(sk);
2250 }
2251
2252 read_unlock(&l->lock);
b1235d79 2253
1da177e4
LT		 2254 return 0;
2255}
2256
9719f8af 2257static int l2cap_encrypt_cfm(struct hci_conn *hcon, u8 status, u8 encrypt)
1da177e4
LT		 2258{
2259 struct l2cap_chan_list *l;
0139418c 2260 struct l2cap_conn *conn = hcon->l2cap_data;
1da177e4 2261 struct sock *sk;
1da177e4 2262
0139418c 2263 if (!conn)
1da177e4 2264 return 0;
0139418c 2265
1da177e4
LT		 2266 l = &conn->chan_list;
2267
2268 BT_DBG("conn %p", conn);
2269
2270 read_lock(&l->lock);
2271
2272 for (sk = l->head; sk; sk = l2cap_pi(sk)->next_c) {
9719f8af
MH		 2273 struct l2cap_pinfo *pi = l2cap_pi(sk);
2274
1da177e4
LT		 2275 bh_lock_sock(sk);
2276
9719f8af
MH		 2277 if ((pi->link_mode & (L2CAP_LM_ENCRYPT | L2CAP_LM_SECURE)) &&
2278 (sk->sk_state == BT_CONNECTED ||
2279 sk->sk_state == BT_CONFIG) &&
2280 !status && encrypt == 0x00) {
2281 __l2cap_sock_close(sk, ECONNREFUSED);
2282 bh_unlock_sock(sk);
2283 continue;
2284 }
2285
b1235d79
MH		 2286 if (sk->sk_state == BT_CONNECT) {
2287 if (!status) {
2288 struct l2cap_conn_req req;
2289 req.scid = cpu_to_le16(l2cap_pi(sk)->scid);
2290 req.psm = l2cap_pi(sk)->psm;
1da177e4 2291
b1235d79 2292 l2cap_pi(sk)->ident = l2cap_get_ident(conn);
1da177e4 2293
b1235d79
MH		 2294 l2cap_send_cmd(conn, l2cap_pi(sk)->ident,
2295 L2CAP_CONN_REQ, sizeof(req), &req);
2296 } else {
2297 l2cap_sock_clear_timer(sk);
2298 l2cap_sock_set_timer(sk, HZ / 10);
2299 }
2300 } else if (sk->sk_state == BT_CONNECT2) {
2301 struct l2cap_conn_rsp rsp;
2302 __u16 result;
1da177e4 2303
b1235d79
MH		 2304 if (!status) {
2305 sk->sk_state = BT_CONFIG;
2306 result = L2CAP_CR_SUCCESS;
2307 } else {
2308 sk->sk_state = BT_DISCONN;
2309 l2cap_sock_set_timer(sk, HZ / 10);
2310 result = L2CAP_CR_SEC_BLOCK;
2311 }
2312
2313 rsp.scid = cpu_to_le16(l2cap_pi(sk)->dcid);
2314 rsp.dcid = cpu_to_le16(l2cap_pi(sk)->scid);
2315 rsp.result = cpu_to_le16(result);
e7c29cb1 2316 rsp.status = cpu_to_le16(L2CAP_CS_NO_INFO);
b1235d79
MH		 2317 l2cap_send_cmd(conn, l2cap_pi(sk)->ident,
2318 L2CAP_CONN_RSP, sizeof(rsp), &rsp);
2319 }
1da177e4
LT		 2320
2321 bh_unlock_sock(sk);
2322 }
2323
2324 read_unlock(&l->lock);
b1235d79 2325
1da177e4
LT		 2326 return 0;
2327}
2328
2329static int l2cap_recv_acldata(struct hci_conn *hcon, struct sk_buff *skb, u16 flags)
2330{
2331 struct l2cap_conn *conn = hcon->l2cap_data;
2332
2333 if (!conn && !(conn = l2cap_conn_add(hcon, 0)))
2334 goto drop;
2335
2336 BT_DBG("conn %p len %d flags 0x%x", conn, skb->len, flags);
2337
2338 if (flags & ACL_START) {
2339 struct l2cap_hdr *hdr;
2340 int len;
2341
2342 if (conn->rx_len) {
2343 BT_ERR("Unexpected start frame (len %d)", skb->len);
2344 kfree_skb(conn->rx_skb);
2345 conn->rx_skb = NULL;
2346 conn->rx_len = 0;
2347 l2cap_conn_unreliable(conn, ECOMM);
2348 }
2349
2350 if (skb->len < 2) {
2351 BT_ERR("Frame is too short (len %d)", skb->len);
2352 l2cap_conn_unreliable(conn, ECOMM);
2353 goto drop;
2354 }
2355
2356 hdr = (struct l2cap_hdr *) skb->data;
2357 len = __le16_to_cpu(hdr->len) + L2CAP_HDR_SIZE;
2358
2359 if (len == skb->len) {
2360 /* Complete frame received */
2361 l2cap_recv_frame(conn, skb);
2362 return 0;
2363 }
2364
2365 BT_DBG("Start: total len %d, frag len %d", len, skb->len);
2366
2367 if (skb->len > len) {
2368 BT_ERR("Frame is too long (len %d, expected len %d)",
2369 skb->len, len);
2370 l2cap_conn_unreliable(conn, ECOMM);
2371 goto drop;
2372 }
2373
2374 /* Allocate skb for the complete frame (with header) */
2375 if (!(conn->rx_skb = bt_skb_alloc(len, GFP_ATOMIC)))
2376 goto drop;
2377
d626f62b
ACM		 2378 skb_copy_from_linear_data(skb, skb_put(conn->rx_skb, skb->len),
2379 skb->len);
1da177e4
LT		 2380 conn->rx_len = len - skb->len;
2381 } else {
2382 BT_DBG("Cont: frag len %d (expecting %d)", skb->len, conn->rx_len);
2383
2384 if (!conn->rx_len) {
2385 BT_ERR("Unexpected continuation frame (len %d)", skb->len);
2386 l2cap_conn_unreliable(conn, ECOMM);
2387 goto drop;
2388 }
2389
2390 if (skb->len > conn->rx_len) {
2391 BT_ERR("Fragment is too long (len %d, expected %d)",
2392 skb->len, conn->rx_len);
2393 kfree_skb(conn->rx_skb);
2394 conn->rx_skb = NULL;
2395 conn->rx_len = 0;
2396 l2cap_conn_unreliable(conn, ECOMM);
2397 goto drop;
2398 }
2399
d626f62b
ACM		 2400 skb_copy_from_linear_data(skb, skb_put(conn->rx_skb, skb->len),
2401 skb->len);
1da177e4
LT		 2402 conn->rx_len -= skb->len;
2403
2404 if (!conn->rx_len) {
2405 /* Complete frame received */
2406 l2cap_recv_frame(conn, conn->rx_skb);
2407 conn->rx_skb = NULL;
2408 }
2409 }
2410
2411drop:
2412 kfree_skb(skb);
2413 return 0;
2414}
2415
be9d1227 2416static ssize_t l2cap_sysfs_show(struct class *dev, char *buf)
1da177e4
LT		 2417{
2418 struct sock *sk;
2419 struct hlist_node *node;
be9d1227 2420 char *str = buf;
1da177e4
LT		 2421
2422 read_lock_bh(&l2cap_sk_list.lock);
2423
be9d1227
MH		 2424 sk_for_each(sk, node, &l2cap_sk_list.head) {
2425 struct l2cap_pinfo *pi = l2cap_pi(sk);
1da177e4 2426
be9d1227
MH		 2427 str += sprintf(str, "%s %s %d %d 0x%4.4x 0x%4.4x %d %d 0x%x\n",
2428 batostr(&bt_sk(sk)->src), batostr(&bt_sk(sk)->dst),
73863976
MH		 2429 sk->sk_state, btohs(pi->psm), pi->scid, pi->dcid,
2430 pi->imtu, pi->omtu, pi->link_mode);
be9d1227 2431 }
1da177e4 2432
1da177e4 2433 read_unlock_bh(&l2cap_sk_list.lock);
1da177e4 2434
be9d1227 2435 return (str - buf);
1da177e4
LT		 2436}
2437
be9d1227 2438static CLASS_ATTR(l2cap, S_IRUGO, l2cap_sysfs_show, NULL);
1da177e4 2439
90ddc4f0 2440static const struct proto_ops l2cap_sock_ops = {
1da177e4
LT		 2441 .family = PF_BLUETOOTH,
2442 .owner = THIS_MODULE,
2443 .release = l2cap_sock_release,
2444 .bind = l2cap_sock_bind,
2445 .connect = l2cap_sock_connect,
2446 .listen = l2cap_sock_listen,
2447 .accept = l2cap_sock_accept,
2448 .getname = l2cap_sock_getname,
2449 .sendmsg = l2cap_sock_sendmsg,
2450 .recvmsg = bt_sock_recvmsg,
2451 .poll = bt_sock_poll,
3241ad82 2452 .ioctl = bt_sock_ioctl,
1da177e4
LT		 2453 .mmap = sock_no_mmap,
2454 .socketpair = sock_no_socketpair,
1da177e4
LT		 2455 .shutdown = l2cap_sock_shutdown,
2456 .setsockopt = l2cap_sock_setsockopt,
2457 .getsockopt = l2cap_sock_getsockopt
2458};
2459
2460static struct net_proto_family l2cap_sock_family_ops = {
2461 .family = PF_BLUETOOTH,
2462 .owner = THIS_MODULE,
2463 .create = l2cap_sock_create,
2464};
2465
2466static struct hci_proto l2cap_hci_proto = {
2467 .name = "L2CAP",
2468 .id = HCI_PROTO_L2CAP,
2469 .connect_ind = l2cap_connect_ind,
2470 .connect_cfm = l2cap_connect_cfm,
2471 .disconn_ind = l2cap_disconn_ind,
2472 .auth_cfm = l2cap_auth_cfm,
2473 .encrypt_cfm = l2cap_encrypt_cfm,
2474 .recv_acldata = l2cap_recv_acldata
2475};
2476
2477static int __init l2cap_init(void)
2478{
2479 int err;
be9d1227 2480
1da177e4
LT		 2481 err = proto_register(&l2cap_proto, 0);
2482 if (err < 0)
2483 return err;
2484
2485 err = bt_sock_register(BTPROTO_L2CAP, &l2cap_sock_family_ops);
2486 if (err < 0) {
2487 BT_ERR("L2CAP socket registration failed");
2488 goto error;
2489 }
2490
2491 err = hci_register_proto(&l2cap_hci_proto);
2492 if (err < 0) {
2493 BT_ERR("L2CAP protocol registration failed");
2494 bt_sock_unregister(BTPROTO_L2CAP);
2495 goto error;
2496 }
2497
df5c37ea
MH		 2498 if (class_create_file(bt_class, &class_attr_l2cap) < 0)
2499 BT_ERR("Failed to create L2CAP info file");
1da177e4
LT		 2500
2501 BT_INFO("L2CAP ver %s", VERSION);
2502 BT_INFO("L2CAP socket layer initialized");
2503
2504 return 0;
2505
2506error:
2507 proto_unregister(&l2cap_proto);
2508 return err;
2509}
2510
2511static void __exit l2cap_exit(void)
2512{
a91f2e39 2513 class_remove_file(bt_class, &class_attr_l2cap);
1da177e4
LT		 2514
2515 if (bt_sock_unregister(BTPROTO_L2CAP) < 0)
2516 BT_ERR("L2CAP socket unregistration failed");
2517
2518 if (hci_unregister_proto(&l2cap_hci_proto) < 0)
2519 BT_ERR("L2CAP protocol unregistration failed");
2520
2521 proto_unregister(&l2cap_proto);
2522}
2523
2524void l2cap_load(void)
2525{
2526 /* Dummy function to trigger automatic L2CAP module loading by
2527 * other modules that use L2CAP sockets but don't use any other
2528 * symbols from it. */
2529 return;
2530}
2531EXPORT_SYMBOL(l2cap_load);
2532
2533module_init(l2cap_init);
2534module_exit(l2cap_exit);
2535
63fbd24e 2536MODULE_AUTHOR("Marcel Holtmann <marcel@holtmann.org>");
1da177e4
LT		 2537MODULE_DESCRIPTION("Bluetooth L2CAP ver " VERSION);
2538MODULE_VERSION(VERSION);
2539MODULE_LICENSE("GPL");
2540MODULE_ALIAS("bt-proto-0");
kernel source for telekom puls (alcatel/mediatek)