Lines Matching +full:super +full:- +full:frames
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
4 Copyright (C) 2009-2010 Gustavo F. Padovan <gustavo@padovan.org>
80 return bdaddr_type(hcon->type, hcon->src_type); in bdaddr_src_type()
85 return bdaddr_type(hcon->type, hcon->dst_type); in bdaddr_dst_type()
88 /* ---- L2CAP channels ---- */
95 list_for_each_entry(c, &conn->chan_l, list) { in __l2cap_get_chan_by_dcid()
96 if (c->dcid == cid) in __l2cap_get_chan_by_dcid()
107 list_for_each_entry(c, &conn->chan_l, list) { in __l2cap_get_chan_by_scid()
108 if (c->scid == cid) in __l2cap_get_chan_by_scid()
157 list_for_each_entry(c, &conn->chan_l, list) { in __l2cap_get_chan_by_ident()
158 if (c->ident == ident) in __l2cap_get_chan_by_ident()
170 if (src_type == BDADDR_BREDR && c->src_type != BDADDR_BREDR) in __l2cap_global_chan_by_addr()
173 if (src_type != BDADDR_BREDR && c->src_type == BDADDR_BREDR) in __l2cap_global_chan_by_addr()
176 if (c->sport == psm && !bacmp(&c->src, src)) in __l2cap_global_chan_by_addr()
188 if (psm && __l2cap_global_chan_by_addr(psm, src, chan->src_type)) { in l2cap_add_psm()
189 err = -EADDRINUSE; in l2cap_add_psm()
194 chan->psm = psm; in l2cap_add_psm()
195 chan->sport = psm; in l2cap_add_psm()
200 if (chan->src_type == BDADDR_BREDR) { in l2cap_add_psm()
210 err = -EINVAL; in l2cap_add_psm()
213 chan->src_type)) { in l2cap_add_psm()
214 chan->psm = cpu_to_le16(p); in l2cap_add_psm()
215 chan->sport = cpu_to_le16(p); in l2cap_add_psm()
231 /* Override the defaults (which are for conn-oriented) */ in l2cap_add_scid()
232 chan->omtu = L2CAP_DEFAULT_MTU; in l2cap_add_scid()
233 chan->chan_type = L2CAP_CHAN_FIXED; in l2cap_add_scid()
235 chan->scid = scid; in l2cap_add_scid()
246 if (conn->hcon->type == LE_LINK) in l2cap_alloc_cid()
261 BT_DBG("chan %p %s -> %s", chan, state_to_string(chan->state), in l2cap_state_change()
264 chan->state = state; in l2cap_state_change()
265 chan->ops->state_change(chan, state, 0); in l2cap_state_change()
271 chan->state = state; in l2cap_state_change_and_error()
272 chan->ops->state_change(chan, chan->state, err); in l2cap_state_change_and_error()
277 chan->ops->state_change(chan, chan->state, err); in l2cap_chan_set_err()
282 if (!delayed_work_pending(&chan->monitor_timer) && in __set_retrans_timer()
283 chan->retrans_timeout) { in __set_retrans_timer()
284 l2cap_set_timer(chan, &chan->retrans_timer, in __set_retrans_timer()
285 secs_to_jiffies(chan->retrans_timeout)); in __set_retrans_timer()
292 if (chan->monitor_timeout) { in __set_monitor_timer()
293 l2cap_set_timer(chan, &chan->monitor_timer, in __set_monitor_timer()
294 secs_to_jiffies(chan->monitor_timeout)); in __set_monitor_timer()
304 if (bt_cb(skb)->l2cap.txseq == seq) in l2cap_ertm_seq_in_queue()
311 /* ---- L2CAP sequence number lists ---- */
314 * SREJ requests that are received and for frames that are to be
315 * retransmitted. These seq_list functions implement a singly-linked
332 seq_list->list = kmalloc_array(alloc_size, sizeof(u16), GFP_KERNEL); in l2cap_seq_list_init()
333 if (!seq_list->list) in l2cap_seq_list_init()
334 return -ENOMEM; in l2cap_seq_list_init()
336 seq_list->mask = alloc_size - 1; in l2cap_seq_list_init()
337 seq_list->head = L2CAP_SEQ_LIST_CLEAR; in l2cap_seq_list_init()
338 seq_list->tail = L2CAP_SEQ_LIST_CLEAR; in l2cap_seq_list_init()
340 seq_list->list[i] = L2CAP_SEQ_LIST_CLEAR; in l2cap_seq_list_init()
347 kfree(seq_list->list); in l2cap_seq_list_free()
353 /* Constant-time check for list membership */ in l2cap_seq_list_contains()
354 return seq_list->list[seq & seq_list->mask] != L2CAP_SEQ_LIST_CLEAR; in l2cap_seq_list_contains()
359 u16 seq = seq_list->head; in l2cap_seq_list_pop()
360 u16 mask = seq_list->mask; in l2cap_seq_list_pop()
362 seq_list->head = seq_list->list[seq & mask]; in l2cap_seq_list_pop()
363 seq_list->list[seq & mask] = L2CAP_SEQ_LIST_CLEAR; in l2cap_seq_list_pop()
365 if (seq_list->head == L2CAP_SEQ_LIST_TAIL) { in l2cap_seq_list_pop()
366 seq_list->head = L2CAP_SEQ_LIST_CLEAR; in l2cap_seq_list_pop()
367 seq_list->tail = L2CAP_SEQ_LIST_CLEAR; in l2cap_seq_list_pop()
377 if (seq_list->head == L2CAP_SEQ_LIST_CLEAR) in l2cap_seq_list_clear()
380 for (i = 0; i <= seq_list->mask; i++) in l2cap_seq_list_clear()
381 seq_list->list[i] = L2CAP_SEQ_LIST_CLEAR; in l2cap_seq_list_clear()
383 seq_list->head = L2CAP_SEQ_LIST_CLEAR; in l2cap_seq_list_clear()
384 seq_list->tail = L2CAP_SEQ_LIST_CLEAR; in l2cap_seq_list_clear()
389 u16 mask = seq_list->mask; in l2cap_seq_list_append()
393 if (seq_list->list[seq & mask] != L2CAP_SEQ_LIST_CLEAR) in l2cap_seq_list_append()
396 if (seq_list->tail == L2CAP_SEQ_LIST_CLEAR) in l2cap_seq_list_append()
397 seq_list->head = seq; in l2cap_seq_list_append()
399 seq_list->list[seq_list->tail & mask] = seq; in l2cap_seq_list_append()
401 seq_list->tail = seq; in l2cap_seq_list_append()
402 seq_list->list[seq & mask] = L2CAP_SEQ_LIST_TAIL; in l2cap_seq_list_append()
409 struct l2cap_conn *conn = chan->conn; in l2cap_chan_timeout()
412 BT_DBG("chan %p state %s", chan, state_to_string(chan->state)); in l2cap_chan_timeout()
417 mutex_lock(&conn->lock); in l2cap_chan_timeout()
423 if (chan->state == BT_CONNECTED || chan->state == BT_CONFIG) in l2cap_chan_timeout()
425 else if (chan->state == BT_CONNECT && in l2cap_chan_timeout()
426 chan->sec_level != BT_SECURITY_SDP) in l2cap_chan_timeout()
433 chan->ops->close(chan); in l2cap_chan_timeout()
438 mutex_unlock(&conn->lock); in l2cap_chan_timeout()
449 skb_queue_head_init(&chan->tx_q); in l2cap_chan_create()
450 skb_queue_head_init(&chan->srej_q); in l2cap_chan_create()
451 mutex_init(&chan->lock); in l2cap_chan_create()
454 atomic_set(&chan->nesting, L2CAP_NESTING_NORMAL); in l2cap_chan_create()
457 chan->rx_avail = -1; in l2cap_chan_create()
460 list_add(&chan->global_l, &chan_list); in l2cap_chan_create()
463 INIT_DELAYED_WORK(&chan->chan_timer, l2cap_chan_timeout); in l2cap_chan_create()
464 INIT_DELAYED_WORK(&chan->retrans_timer, l2cap_retrans_timeout); in l2cap_chan_create()
465 INIT_DELAYED_WORK(&chan->monitor_timer, l2cap_monitor_timeout); in l2cap_chan_create()
466 INIT_DELAYED_WORK(&chan->ack_timer, l2cap_ack_timeout); in l2cap_chan_create()
468 chan->state = BT_OPEN; in l2cap_chan_create()
470 kref_init(&chan->kref); in l2cap_chan_create()
473 set_bit(CONF_NOT_COMPLETE, &chan->conf_state); in l2cap_chan_create()
488 list_del(&chan->global_l); in l2cap_chan_destroy()
496 BT_DBG("chan %p orig refcnt %u", c, kref_read(&c->kref)); in l2cap_chan_hold()
498 kref_get(&c->kref); in l2cap_chan_hold()
503 BT_DBG("chan %p orig refcnt %u", c, kref_read(&c->kref)); in l2cap_chan_hold_unless_zero()
505 if (!kref_get_unless_zero(&c->kref)) in l2cap_chan_hold_unless_zero()
513 BT_DBG("chan %p orig refcnt %u", c, kref_read(&c->kref)); in l2cap_chan_put()
515 kref_put(&c->kref, l2cap_chan_destroy); in l2cap_chan_put()
521 chan->fcs = L2CAP_FCS_CRC16; in l2cap_chan_set_defaults()
522 chan->max_tx = L2CAP_DEFAULT_MAX_TX; in l2cap_chan_set_defaults()
523 chan->tx_win = L2CAP_DEFAULT_TX_WINDOW; in l2cap_chan_set_defaults()
524 chan->tx_win_max = L2CAP_DEFAULT_TX_WINDOW; in l2cap_chan_set_defaults()
525 chan->remote_max_tx = chan->max_tx; in l2cap_chan_set_defaults()
526 chan->remote_tx_win = chan->tx_win; in l2cap_chan_set_defaults()
527 chan->ack_win = L2CAP_DEFAULT_TX_WINDOW; in l2cap_chan_set_defaults()
528 chan->sec_level = BT_SECURITY_LOW; in l2cap_chan_set_defaults()
529 chan->flush_to = L2CAP_DEFAULT_FLUSH_TO; in l2cap_chan_set_defaults()
530 chan->retrans_timeout = L2CAP_DEFAULT_RETRANS_TO; in l2cap_chan_set_defaults()
531 chan->monitor_timeout = L2CAP_DEFAULT_MONITOR_TO; in l2cap_chan_set_defaults()
533 chan->conf_state = 0; in l2cap_chan_set_defaults()
534 set_bit(CONF_NOT_COMPLETE, &chan->conf_state); in l2cap_chan_set_defaults()
536 set_bit(FLAG_FORCE_ACTIVE, &chan->flags); in l2cap_chan_set_defaults()
542 size_t sdu_len = chan->sdu ? chan->sdu->len : 0; in l2cap_le_rx_credits()
544 if (chan->mps == 0) in l2cap_le_rx_credits()
550 if (chan->rx_avail == -1) in l2cap_le_rx_credits()
551 return (chan->imtu / chan->mps) + 1; in l2cap_le_rx_credits()
556 if (chan->rx_avail <= sdu_len) in l2cap_le_rx_credits()
559 return DIV_ROUND_UP(chan->rx_avail - sdu_len, chan->mps); in l2cap_le_rx_credits()
564 chan->sdu = NULL; in l2cap_le_flowctl_init()
565 chan->sdu_last_frag = NULL; in l2cap_le_flowctl_init()
566 chan->sdu_len = 0; in l2cap_le_flowctl_init()
567 chan->tx_credits = tx_credits; in l2cap_le_flowctl_init()
569 chan->mps = min_t(u16, chan->imtu, chan->conn->mtu - L2CAP_HDR_SIZE); in l2cap_le_flowctl_init()
570 chan->rx_credits = l2cap_le_rx_credits(chan); in l2cap_le_flowctl_init()
572 skb_queue_head_init(&chan->tx_q); in l2cap_le_flowctl_init()
580 if (chan->mps < L2CAP_ECRED_MIN_MPS) { in l2cap_ecred_init()
581 chan->mps = L2CAP_ECRED_MIN_MPS; in l2cap_ecred_init()
582 chan->rx_credits = l2cap_le_rx_credits(chan); in l2cap_ecred_init()
589 __le16_to_cpu(chan->psm), chan->dcid); in __l2cap_chan_add()
591 conn->disc_reason = HCI_ERROR_REMOTE_USER_TERM; in __l2cap_chan_add()
593 chan->conn = conn; in __l2cap_chan_add()
595 switch (chan->chan_type) { in __l2cap_chan_add()
597 /* Alloc CID for connection-oriented socket */ in __l2cap_chan_add()
598 chan->scid = l2cap_alloc_cid(conn); in __l2cap_chan_add()
599 if (conn->hcon->type == ACL_LINK) in __l2cap_chan_add()
600 chan->omtu = L2CAP_DEFAULT_MTU; in __l2cap_chan_add()
605 chan->scid = L2CAP_CID_CONN_LESS; in __l2cap_chan_add()
606 chan->dcid = L2CAP_CID_CONN_LESS; in __l2cap_chan_add()
607 chan->omtu = L2CAP_DEFAULT_MTU; in __l2cap_chan_add()
616 chan->scid = L2CAP_CID_SIGNALING; in __l2cap_chan_add()
617 chan->dcid = L2CAP_CID_SIGNALING; in __l2cap_chan_add()
618 chan->omtu = L2CAP_DEFAULT_MTU; in __l2cap_chan_add()
621 chan->local_id = L2CAP_BESTEFFORT_ID; in __l2cap_chan_add()
622 chan->local_stype = L2CAP_SERV_BESTEFFORT; in __l2cap_chan_add()
623 chan->local_msdu = L2CAP_DEFAULT_MAX_SDU_SIZE; in __l2cap_chan_add()
624 chan->local_sdu_itime = L2CAP_DEFAULT_SDU_ITIME; in __l2cap_chan_add()
625 chan->local_acc_lat = L2CAP_DEFAULT_ACC_LAT; in __l2cap_chan_add()
626 chan->local_flush_to = L2CAP_EFS_DEFAULT_FLUSH_TO; in __l2cap_chan_add()
631 if (chan->chan_type != L2CAP_CHAN_FIXED || in __l2cap_chan_add()
632 test_bit(FLAG_HOLD_HCI_CONN, &chan->flags)) in __l2cap_chan_add()
633 hci_conn_hold(conn->hcon); in __l2cap_chan_add()
636 list_add_tail(&chan->list, &conn->chan_l); in __l2cap_chan_add()
641 mutex_lock(&conn->lock); in l2cap_chan_add()
643 mutex_unlock(&conn->lock); in l2cap_chan_add()
648 struct l2cap_conn *conn = chan->conn; in l2cap_chan_del()
653 state_to_string(chan->state)); in l2cap_chan_del()
655 chan->ops->teardown(chan, err); in l2cap_chan_del()
659 list_del(&chan->list); in l2cap_chan_del()
663 chan->conn = NULL; in l2cap_chan_del()
665 /* Reference was only held for non-fixed channels or in l2cap_chan_del()
669 if (chan->chan_type != L2CAP_CHAN_FIXED || in l2cap_chan_del()
670 test_bit(FLAG_HOLD_HCI_CONN, &chan->flags)) in l2cap_chan_del()
671 hci_conn_drop(conn->hcon); in l2cap_chan_del()
674 if (test_bit(CONF_NOT_COMPLETE, &chan->conf_state)) in l2cap_chan_del()
677 switch (chan->mode) { in l2cap_chan_del()
683 skb_queue_purge(&chan->tx_q); in l2cap_chan_del()
691 skb_queue_purge(&chan->srej_q); in l2cap_chan_del()
693 l2cap_seq_list_free(&chan->srej_list); in l2cap_chan_del()
694 l2cap_seq_list_free(&chan->retrans_list); in l2cap_chan_del()
698 skb_queue_purge(&chan->tx_q); in l2cap_chan_del()
709 list_for_each_entry_safe(chan, l, &conn->chan_l, list) { in __l2cap_chan_list_id()
710 if (chan->ident == id) in __l2cap_chan_list_id()
720 list_for_each_entry(chan, &conn->chan_l, list) { in __l2cap_chan_list()
731 mutex_lock(&conn->lock); in l2cap_chan_list()
733 mutex_unlock(&conn->lock); in l2cap_chan_list()
742 struct hci_conn *hcon = conn->hcon; in l2cap_conn_update_id_addr()
745 mutex_lock(&conn->lock); in l2cap_conn_update_id_addr()
747 list_for_each_entry(chan, &conn->chan_l, list) { in l2cap_conn_update_id_addr()
749 bacpy(&chan->dst, &hcon->dst); in l2cap_conn_update_id_addr()
750 chan->dst_type = bdaddr_dst_type(hcon); in l2cap_conn_update_id_addr()
754 mutex_unlock(&conn->lock); in l2cap_conn_update_id_addr()
759 struct l2cap_conn *conn = chan->conn; in l2cap_chan_le_connect_reject()
763 if (test_bit(FLAG_DEFER_SETUP, &chan->flags)) in l2cap_chan_le_connect_reject()
770 rsp.dcid = cpu_to_le16(chan->scid); in l2cap_chan_le_connect_reject()
771 rsp.mtu = cpu_to_le16(chan->imtu); in l2cap_chan_le_connect_reject()
772 rsp.mps = cpu_to_le16(chan->mps); in l2cap_chan_le_connect_reject()
773 rsp.credits = cpu_to_le16(chan->rx_credits); in l2cap_chan_le_connect_reject()
776 l2cap_send_cmd(conn, chan->ident, L2CAP_LE_CONN_RSP, sizeof(rsp), in l2cap_chan_le_connect_reject()
789 struct l2cap_conn *conn = chan->conn; in l2cap_chan_connect_reject()
793 if (test_bit(FLAG_DEFER_SETUP, &chan->flags)) in l2cap_chan_connect_reject()
800 rsp.scid = cpu_to_le16(chan->dcid); in l2cap_chan_connect_reject()
801 rsp.dcid = cpu_to_le16(chan->scid); in l2cap_chan_connect_reject()
805 l2cap_send_cmd(conn, chan->ident, L2CAP_CONN_RSP, sizeof(rsp), &rsp); in l2cap_chan_connect_reject()
810 struct l2cap_conn *conn = chan->conn; in l2cap_chan_close()
812 BT_DBG("chan %p state %s", chan, state_to_string(chan->state)); in l2cap_chan_close()
814 switch (chan->state) { in l2cap_chan_close()
816 chan->ops->teardown(chan, 0); in l2cap_chan_close()
821 if (chan->chan_type == L2CAP_CHAN_CONN_ORIENTED) { in l2cap_chan_close()
822 __set_chan_timer(chan, chan->ops->get_sndtimeo(chan)); in l2cap_chan_close()
829 if (chan->chan_type == L2CAP_CHAN_CONN_ORIENTED) { in l2cap_chan_close()
830 if (conn->hcon->type == ACL_LINK) in l2cap_chan_close()
832 else if (conn->hcon->type == LE_LINK) { in l2cap_chan_close()
833 switch (chan->mode) { in l2cap_chan_close()
853 chan->ops->teardown(chan, 0); in l2cap_chan_close()
861 switch (chan->chan_type) { in l2cap_get_auth_type()
863 switch (chan->sec_level) { in l2cap_get_auth_type()
874 if (chan->psm == cpu_to_le16(L2CAP_PSM_3DSP)) { in l2cap_get_auth_type()
875 if (chan->sec_level == BT_SECURITY_LOW) in l2cap_get_auth_type()
876 chan->sec_level = BT_SECURITY_SDP; in l2cap_get_auth_type()
878 if (chan->sec_level == BT_SECURITY_HIGH || in l2cap_get_auth_type()
879 chan->sec_level == BT_SECURITY_FIPS) in l2cap_get_auth_type()
885 if (chan->psm == cpu_to_le16(L2CAP_PSM_SDP)) { in l2cap_get_auth_type()
886 if (chan->sec_level == BT_SECURITY_LOW) in l2cap_get_auth_type()
887 chan->sec_level = BT_SECURITY_SDP; in l2cap_get_auth_type()
889 if (chan->sec_level == BT_SECURITY_HIGH || in l2cap_get_auth_type()
890 chan->sec_level == BT_SECURITY_FIPS) in l2cap_get_auth_type()
898 switch (chan->sec_level) { in l2cap_get_auth_type()
914 struct l2cap_conn *conn = chan->conn; in l2cap_chan_check_security()
917 if (conn->hcon->type == LE_LINK) in l2cap_chan_check_security()
918 return smp_conn_security(conn->hcon, chan->sec_level); in l2cap_chan_check_security()
922 return hci_conn_security(conn->hcon, chan->sec_level, auth_type, in l2cap_chan_check_security()
931 * 1 - 128 are used by kernel. in l2cap_get_ident()
932 * 129 - 199 are reserved. in l2cap_get_ident()
933 * 200 - 254 are used by utilities like l2ping, etc. in l2cap_get_ident()
936 mutex_lock(&conn->ident_lock); in l2cap_get_ident()
938 if (++conn->tx_ident > 128) in l2cap_get_ident()
939 conn->tx_ident = 1; in l2cap_get_ident()
941 id = conn->tx_ident; in l2cap_get_ident()
943 mutex_unlock(&conn->ident_lock); in l2cap_get_ident()
952 if (hci_conn_valid(conn->hcon->hdev, conn->hcon)) in l2cap_send_acl()
953 hci_send_acl(conn->hchan, skb, flags); in l2cap_send_acl()
970 * not support auto-flushing packets) */ in l2cap_send_cmd()
971 if (lmp_no_flush_capable(conn->hcon->hdev) || in l2cap_send_cmd()
972 conn->hcon->type == LE_LINK) in l2cap_send_cmd()
977 bt_cb(skb)->force_active = BT_POWER_FORCE_ACTIVE_ON; in l2cap_send_cmd()
978 skb->priority = HCI_PRIO_MAX; in l2cap_send_cmd()
985 struct hci_conn *hcon = chan->conn->hcon; in l2cap_do_send()
988 BT_DBG("chan %p, skb %p len %d priority %u", chan, skb, skb->len, in l2cap_do_send()
989 skb->priority); in l2cap_do_send()
995 if (hcon->type == LE_LINK || in l2cap_do_send()
996 (!test_bit(FLAG_FLUSHABLE, &chan->flags) && in l2cap_do_send()
997 lmp_no_flush_capable(hcon->hdev))) in l2cap_do_send()
1002 bt_cb(skb)->force_active = test_bit(FLAG_FORCE_ACTIVE, &chan->flags); in l2cap_do_send()
1003 hci_send_acl(chan->conn->hchan, skb, flags); in l2cap_do_send()
1008 control->reqseq = (enh & L2CAP_CTRL_REQSEQ) >> L2CAP_CTRL_REQSEQ_SHIFT; in __unpack_enhanced_control()
1009 control->final = (enh & L2CAP_CTRL_FINAL) >> L2CAP_CTRL_FINAL_SHIFT; in __unpack_enhanced_control()
1012 /* S-Frame */ in __unpack_enhanced_control()
1013 control->sframe = 1; in __unpack_enhanced_control()
1014 control->poll = (enh & L2CAP_CTRL_POLL) >> L2CAP_CTRL_POLL_SHIFT; in __unpack_enhanced_control()
1015 control->super = (enh & L2CAP_CTRL_SUPERVISE) >> L2CAP_CTRL_SUPER_SHIFT; in __unpack_enhanced_control()
1017 control->sar = 0; in __unpack_enhanced_control()
1018 control->txseq = 0; in __unpack_enhanced_control()
1020 /* I-Frame */ in __unpack_enhanced_control()
1021 control->sframe = 0; in __unpack_enhanced_control()
1022 control->sar = (enh & L2CAP_CTRL_SAR) >> L2CAP_CTRL_SAR_SHIFT; in __unpack_enhanced_control()
1023 control->txseq = (enh & L2CAP_CTRL_TXSEQ) >> L2CAP_CTRL_TXSEQ_SHIFT; in __unpack_enhanced_control()
1025 control->poll = 0; in __unpack_enhanced_control()
1026 control->super = 0; in __unpack_enhanced_control()
1032 control->reqseq = (ext & L2CAP_EXT_CTRL_REQSEQ) >> L2CAP_EXT_CTRL_REQSEQ_SHIFT; in __unpack_extended_control()
1033 control->final = (ext & L2CAP_EXT_CTRL_FINAL) >> L2CAP_EXT_CTRL_FINAL_SHIFT; in __unpack_extended_control()
1036 /* S-Frame */ in __unpack_extended_control()
1037 control->sframe = 1; in __unpack_extended_control()
1038 control->poll = (ext & L2CAP_EXT_CTRL_POLL) >> L2CAP_EXT_CTRL_POLL_SHIFT; in __unpack_extended_control()
1039 control->super = (ext & L2CAP_EXT_CTRL_SUPERVISE) >> L2CAP_EXT_CTRL_SUPER_SHIFT; in __unpack_extended_control()
1041 control->sar = 0; in __unpack_extended_control()
1042 control->txseq = 0; in __unpack_extended_control()
1044 /* I-Frame */ in __unpack_extended_control()
1045 control->sframe = 0; in __unpack_extended_control()
1046 control->sar = (ext & L2CAP_EXT_CTRL_SAR) >> L2CAP_EXT_CTRL_SAR_SHIFT; in __unpack_extended_control()
1047 control->txseq = (ext & L2CAP_EXT_CTRL_TXSEQ) >> L2CAP_EXT_CTRL_TXSEQ_SHIFT; in __unpack_extended_control()
1049 control->poll = 0; in __unpack_extended_control()
1050 control->super = 0; in __unpack_extended_control()
1057 if (test_bit(FLAG_EXT_CTRL, &chan->flags)) { in __unpack_control()
1058 __unpack_extended_control(get_unaligned_le32(skb->data), in __unpack_control()
1059 &bt_cb(skb)->l2cap); in __unpack_control()
1062 __unpack_enhanced_control(get_unaligned_le16(skb->data), in __unpack_control()
1063 &bt_cb(skb)->l2cap); in __unpack_control()
1072 packed = control->reqseq << L2CAP_EXT_CTRL_REQSEQ_SHIFT; in __pack_extended_control()
1073 packed |= control->final << L2CAP_EXT_CTRL_FINAL_SHIFT; in __pack_extended_control()
1075 if (control->sframe) { in __pack_extended_control()
1076 packed |= control->poll << L2CAP_EXT_CTRL_POLL_SHIFT; in __pack_extended_control()
1077 packed |= control->super << L2CAP_EXT_CTRL_SUPER_SHIFT; in __pack_extended_control()
1080 packed |= control->sar << L2CAP_EXT_CTRL_SAR_SHIFT; in __pack_extended_control()
1081 packed |= control->txseq << L2CAP_EXT_CTRL_TXSEQ_SHIFT; in __pack_extended_control()
1091 packed = control->reqseq << L2CAP_CTRL_REQSEQ_SHIFT; in __pack_enhanced_control()
1092 packed |= control->final << L2CAP_CTRL_FINAL_SHIFT; in __pack_enhanced_control()
1094 if (control->sframe) { in __pack_enhanced_control()
1095 packed |= control->poll << L2CAP_CTRL_POLL_SHIFT; in __pack_enhanced_control()
1096 packed |= control->super << L2CAP_CTRL_SUPER_SHIFT; in __pack_enhanced_control()
1099 packed |= control->sar << L2CAP_CTRL_SAR_SHIFT; in __pack_enhanced_control()
1100 packed |= control->txseq << L2CAP_CTRL_TXSEQ_SHIFT; in __pack_enhanced_control()
1110 if (test_bit(FLAG_EXT_CTRL, &chan->flags)) { in __pack_control()
1112 skb->data + L2CAP_HDR_SIZE); in __pack_control()
1115 skb->data + L2CAP_HDR_SIZE); in __pack_control()
1121 if (test_bit(FLAG_EXT_CTRL, &chan->flags)) in __ertm_hdr_size()
1134 if (chan->fcs == L2CAP_FCS_CRC16) in l2cap_create_sframe_pdu()
1140 return ERR_PTR(-ENOMEM); in l2cap_create_sframe_pdu()
1143 lh->len = cpu_to_le16(hlen - L2CAP_HDR_SIZE); in l2cap_create_sframe_pdu()
1144 lh->cid = cpu_to_le16(chan->dcid); in l2cap_create_sframe_pdu()
1146 if (test_bit(FLAG_EXT_CTRL, &chan->flags)) in l2cap_create_sframe_pdu()
1151 if (chan->fcs == L2CAP_FCS_CRC16) { in l2cap_create_sframe_pdu()
1152 u16 fcs = crc16(0, (u8 *)skb->data, skb->len); in l2cap_create_sframe_pdu()
1156 skb->priority = HCI_PRIO_MAX; in l2cap_create_sframe_pdu()
1168 if (!control->sframe) in l2cap_send_sframe()
1171 if (test_and_clear_bit(CONN_SEND_FBIT, &chan->conn_state) && in l2cap_send_sframe()
1172 !control->poll) in l2cap_send_sframe()
1173 control->final = 1; in l2cap_send_sframe()
1175 if (control->super == L2CAP_SUPER_RR) in l2cap_send_sframe()
1176 clear_bit(CONN_RNR_SENT, &chan->conn_state); in l2cap_send_sframe()
1177 else if (control->super == L2CAP_SUPER_RNR) in l2cap_send_sframe()
1178 set_bit(CONN_RNR_SENT, &chan->conn_state); in l2cap_send_sframe()
1180 if (control->super != L2CAP_SUPER_SREJ) { in l2cap_send_sframe()
1181 chan->last_acked_seq = control->reqseq; in l2cap_send_sframe()
1185 BT_DBG("reqseq %d, final %d, poll %d, super %d", control->reqseq, in l2cap_send_sframe()
1186 control->final, control->poll, control->super); in l2cap_send_sframe()
1188 if (test_bit(FLAG_EXT_CTRL, &chan->flags)) in l2cap_send_sframe()
1208 if (test_bit(CONN_LOCAL_BUSY, &chan->conn_state)) in l2cap_send_rr_or_rnr()
1209 control.super = L2CAP_SUPER_RNR; in l2cap_send_rr_or_rnr()
1211 control.super = L2CAP_SUPER_RR; in l2cap_send_rr_or_rnr()
1213 control.reqseq = chan->buffer_seq; in l2cap_send_rr_or_rnr()
1219 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED) in __l2cap_no_conn_pending()
1222 return !test_bit(CONF_CONNECT_PEND, &chan->conf_state); in __l2cap_no_conn_pending()
1227 struct l2cap_conn *conn = chan->conn; in l2cap_send_conn_req()
1230 req.scid = cpu_to_le16(chan->scid); in l2cap_send_conn_req()
1231 req.psm = chan->psm; in l2cap_send_conn_req()
1233 chan->ident = l2cap_get_ident(conn); in l2cap_send_conn_req()
1235 set_bit(CONF_CONNECT_PEND, &chan->conf_state); in l2cap_send_conn_req()
1237 l2cap_send_cmd(conn, chan->ident, L2CAP_CONN_REQ, sizeof(req), &req); in l2cap_send_conn_req()
1246 if (chan->state == BT_CONNECTED) in l2cap_chan_ready()
1250 chan->conf_state = 0; in l2cap_chan_ready()
1253 switch (chan->mode) { in l2cap_chan_ready()
1256 if (!chan->tx_credits) in l2cap_chan_ready()
1257 chan->ops->suspend(chan); in l2cap_chan_ready()
1261 chan->state = BT_CONNECTED; in l2cap_chan_ready()
1263 chan->ops->ready(chan); in l2cap_chan_ready()
1268 struct l2cap_conn *conn = chan->conn; in l2cap_le_connect()
1271 if (test_and_set_bit(FLAG_LE_CONN_REQ_SENT, &chan->flags)) in l2cap_le_connect()
1274 if (!chan->imtu) in l2cap_le_connect()
1275 chan->imtu = chan->conn->mtu; in l2cap_le_connect()
1280 req.psm = chan->psm; in l2cap_le_connect()
1281 req.scid = cpu_to_le16(chan->scid); in l2cap_le_connect()
1282 req.mtu = cpu_to_le16(chan->imtu); in l2cap_le_connect()
1283 req.mps = cpu_to_le16(chan->mps); in l2cap_le_connect()
1284 req.credits = cpu_to_le16(chan->rx_credits); in l2cap_le_connect()
1286 chan->ident = l2cap_get_ident(conn); in l2cap_le_connect()
1288 l2cap_send_cmd(conn, chan->ident, L2CAP_LE_CONN_REQ, in l2cap_le_connect()
1307 if (chan == conn->chan) in l2cap_ecred_defer_connect()
1310 if (!test_and_clear_bit(FLAG_DEFER_SETUP, &chan->flags)) in l2cap_ecred_defer_connect()
1313 pid = chan->ops->get_peer_pid(chan); in l2cap_ecred_defer_connect()
1316 if (conn->pid != pid || chan->psm != conn->chan->psm || chan->ident || in l2cap_ecred_defer_connect()
1317 chan->mode != L2CAP_MODE_EXT_FLOWCTL || chan->state != BT_CONNECT) in l2cap_ecred_defer_connect()
1320 if (test_and_set_bit(FLAG_ECRED_CONN_REQ_SENT, &chan->flags)) in l2cap_ecred_defer_connect()
1326 chan->ident = conn->chan->ident; in l2cap_ecred_defer_connect()
1329 conn->pdu.scid[conn->count] = cpu_to_le16(chan->scid); in l2cap_ecred_defer_connect()
1331 conn->count++; in l2cap_ecred_defer_connect()
1336 struct l2cap_conn *conn = chan->conn; in l2cap_ecred_connect()
1339 if (test_bit(FLAG_DEFER_SETUP, &chan->flags)) in l2cap_ecred_connect()
1342 if (test_and_set_bit(FLAG_ECRED_CONN_REQ_SENT, &chan->flags)) in l2cap_ecred_connect()
1348 data.pdu.req.psm = chan->psm; in l2cap_ecred_connect()
1349 data.pdu.req.mtu = cpu_to_le16(chan->imtu); in l2cap_ecred_connect()
1350 data.pdu.req.mps = cpu_to_le16(chan->mps); in l2cap_ecred_connect()
1351 data.pdu.req.credits = cpu_to_le16(chan->rx_credits); in l2cap_ecred_connect()
1352 data.pdu.scid[0] = cpu_to_le16(chan->scid); in l2cap_ecred_connect()
1354 chan->ident = l2cap_get_ident(conn); in l2cap_ecred_connect()
1358 data.pid = chan->ops->get_peer_pid(chan); in l2cap_ecred_connect()
1362 l2cap_send_cmd(conn, chan->ident, L2CAP_ECRED_CONN_REQ, in l2cap_ecred_connect()
1369 struct l2cap_conn *conn = chan->conn; in l2cap_le_start()
1371 if (!smp_conn_security(conn->hcon, chan->sec_level)) in l2cap_le_start()
1374 if (!chan->psm) { in l2cap_le_start()
1379 if (chan->state == BT_CONNECT) { in l2cap_le_start()
1380 if (chan->mode == L2CAP_MODE_EXT_FLOWCTL) in l2cap_le_start()
1389 if (chan->conn->hcon->type == LE_LINK) { in l2cap_start_connection()
1400 if (conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_SENT) in l2cap_request_info()
1405 conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_SENT; in l2cap_request_info()
1406 conn->info_ident = l2cap_get_ident(conn); in l2cap_request_info()
1408 schedule_delayed_work(&conn->info_timer, L2CAP_INFO_TIMEOUT); in l2cap_request_info()
1410 l2cap_send_cmd(conn, conn->info_ident, L2CAP_INFO_REQ, in l2cap_request_info()
1426 int min_key_size = hcon->hdev->min_enc_key_size; in l2cap_check_enc_key_size()
1429 if (chan->sec_level == BT_SECURITY_FIPS) in l2cap_check_enc_key_size()
1432 return (!test_bit(HCI_CONN_ENCRYPT, &hcon->flags) || in l2cap_check_enc_key_size()
1433 hcon->enc_key_size >= min_key_size); in l2cap_check_enc_key_size()
1438 struct l2cap_conn *conn = chan->conn; in l2cap_do_start()
1440 if (conn->hcon->type == LE_LINK) { in l2cap_do_start()
1445 if (!(conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_SENT)) { in l2cap_do_start()
1450 if (!(conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_DONE)) in l2cap_do_start()
1457 if (l2cap_check_enc_key_size(conn->hcon, chan)) in l2cap_do_start()
1481 struct l2cap_conn *conn = chan->conn; in l2cap_send_disconn_req()
1487 if (chan->mode == L2CAP_MODE_ERTM && chan->state == BT_CONNECTED) { in l2cap_send_disconn_req()
1493 req.dcid = cpu_to_le16(chan->dcid); in l2cap_send_disconn_req()
1494 req.scid = cpu_to_le16(chan->scid); in l2cap_send_disconn_req()
1501 /* ---- L2CAP connections ---- */
1508 list_for_each_entry_safe(chan, tmp, &conn->chan_l, list) { in l2cap_conn_start()
1511 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED) { in l2cap_conn_start()
1517 if (chan->state == BT_CONNECT) { in l2cap_conn_start()
1524 if (!l2cap_mode_supported(chan->mode, conn->feat_mask) in l2cap_conn_start()
1526 &chan->conf_state)) { in l2cap_conn_start()
1532 if (l2cap_check_enc_key_size(conn->hcon, chan)) in l2cap_conn_start()
1537 } else if (chan->state == BT_CONNECT2) { in l2cap_conn_start()
1540 rsp.scid = cpu_to_le16(chan->dcid); in l2cap_conn_start()
1541 rsp.dcid = cpu_to_le16(chan->scid); in l2cap_conn_start()
1544 if (test_bit(FLAG_DEFER_SETUP, &chan->flags)) { in l2cap_conn_start()
1547 chan->ops->defer(chan); in l2cap_conn_start()
1559 l2cap_send_cmd(conn, chan->ident, L2CAP_CONN_RSP, in l2cap_conn_start()
1562 if (test_bit(CONF_REQ_SENT, &chan->conf_state) || in l2cap_conn_start()
1568 set_bit(CONF_REQ_SENT, &chan->conf_state); in l2cap_conn_start()
1571 chan->num_conf_req++; in l2cap_conn_start()
1580 struct hci_conn *hcon = conn->hcon; in l2cap_le_conn_ready()
1581 struct hci_dev *hdev = hcon->hdev; in l2cap_le_conn_ready()
1583 BT_DBG("%s conn %p", hdev->name, conn); in l2cap_le_conn_ready()
1588 if (hcon->out) in l2cap_le_conn_ready()
1589 smp_conn_security(hcon, hcon->pending_sec_level); in l2cap_le_conn_ready()
1596 if (hcon->role == HCI_ROLE_SLAVE && in l2cap_le_conn_ready()
1597 (hcon->le_conn_interval < hcon->le_conn_min_interval || in l2cap_le_conn_ready()
1598 hcon->le_conn_interval > hcon->le_conn_max_interval)) { in l2cap_le_conn_ready()
1601 req.min = cpu_to_le16(hcon->le_conn_min_interval); in l2cap_le_conn_ready()
1602 req.max = cpu_to_le16(hcon->le_conn_max_interval); in l2cap_le_conn_ready()
1603 req.latency = cpu_to_le16(hcon->le_conn_latency); in l2cap_le_conn_ready()
1604 req.to_multiplier = cpu_to_le16(hcon->le_supv_timeout); in l2cap_le_conn_ready()
1614 struct hci_conn *hcon = conn->hcon; in l2cap_conn_ready()
1618 if (hcon->type == ACL_LINK) in l2cap_conn_ready()
1621 mutex_lock(&conn->lock); in l2cap_conn_ready()
1623 list_for_each_entry(chan, &conn->chan_l, list) { in l2cap_conn_ready()
1627 if (hcon->type == LE_LINK) { in l2cap_conn_ready()
1629 } else if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED) { in l2cap_conn_ready()
1630 if (conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_DONE) in l2cap_conn_ready()
1632 } else if (chan->state == BT_CONNECT) { in l2cap_conn_ready()
1639 mutex_unlock(&conn->lock); in l2cap_conn_ready()
1641 if (hcon->type == LE_LINK) in l2cap_conn_ready()
1644 queue_work(hcon->hdev->workqueue, &conn->pending_rx_work); in l2cap_conn_ready()
1654 list_for_each_entry(chan, &conn->chan_l, list) { in l2cap_conn_unreliable()
1655 if (test_bit(FLAG_FORCE_RELIABLE, &chan->flags)) in l2cap_conn_unreliable()
1665 conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_DONE; in l2cap_info_timeout()
1666 conn->info_ident = 0; in l2cap_info_timeout()
1668 mutex_lock(&conn->lock); in l2cap_info_timeout()
1670 mutex_unlock(&conn->lock); in l2cap_info_timeout()
1675 * External modules can register l2cap_user objects on l2cap_conn. The ->probe
1676 * callback is called during registration. The ->remove callback is called
1679 * underlying l2cap_conn object is deleted. This guarantees that l2cap->hcon,
1680 * l2cap->hchan, .. are valid as long as the remove callback hasn't been called.
1688 struct hci_dev *hdev = conn->hcon->hdev; in l2cap_register_user()
1700 if (!list_empty(&user->list)) { in l2cap_register_user()
1701 ret = -EINVAL; in l2cap_register_user()
1705 /* conn->hchan is NULL after l2cap_conn_del() was called */ in l2cap_register_user()
1706 if (!conn->hchan) { in l2cap_register_user()
1707 ret = -ENODEV; in l2cap_register_user()
1711 ret = user->probe(conn, user); in l2cap_register_user()
1715 list_add(&user->list, &conn->users); in l2cap_register_user()
1726 struct hci_dev *hdev = conn->hcon->hdev; in l2cap_unregister_user()
1730 if (list_empty(&user->list)) in l2cap_unregister_user()
1733 list_del_init(&user->list); in l2cap_unregister_user()
1734 user->remove(conn, user); in l2cap_unregister_user()
1745 while (!list_empty(&conn->users)) { in l2cap_unregister_all_users()
1746 user = list_first_entry(&conn->users, struct l2cap_user, list); in l2cap_unregister_all_users()
1747 list_del_init(&user->list); in l2cap_unregister_all_users()
1748 user->remove(conn, user); in l2cap_unregister_all_users()
1754 struct l2cap_conn *conn = hcon->l2cap_data; in l2cap_conn_del()
1762 mutex_lock(&conn->lock); in l2cap_conn_del()
1764 kfree_skb(conn->rx_skb); in l2cap_conn_del()
1766 skb_queue_purge(&conn->pending_rx); in l2cap_conn_del()
1768 /* We can not call flush_work(&conn->pending_rx_work) here since we in l2cap_conn_del()
1772 if (work_pending(&conn->pending_rx_work)) in l2cap_conn_del()
1773 cancel_work_sync(&conn->pending_rx_work); in l2cap_conn_del()
1775 cancel_delayed_work_sync(&conn->id_addr_timer); in l2cap_conn_del()
1780 hcon->disc_timeout = 0; in l2cap_conn_del()
1783 list_for_each_entry_safe(chan, l, &conn->chan_l, list) { in l2cap_conn_del()
1789 chan->ops->close(chan); in l2cap_conn_del()
1795 if (conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_SENT) in l2cap_conn_del()
1796 cancel_delayed_work_sync(&conn->info_timer); in l2cap_conn_del()
1798 hci_chan_del(conn->hchan); in l2cap_conn_del()
1799 conn->hchan = NULL; in l2cap_conn_del()
1801 hcon->l2cap_data = NULL; in l2cap_conn_del()
1802 mutex_unlock(&conn->lock); in l2cap_conn_del()
1810 hci_conn_put(conn->hcon); in l2cap_conn_free()
1816 kref_get(&conn->ref); in l2cap_conn_get()
1823 kref_put(&conn->ref, l2cap_conn_free); in l2cap_conn_put()
1827 /* ---- Socket interface ---- */
1842 if (state && c->state != state) in l2cap_global_chan_by_psm()
1845 if (link_type == ACL_LINK && c->src_type != BDADDR_BREDR) in l2cap_global_chan_by_psm()
1848 if (link_type == LE_LINK && c->src_type == BDADDR_BREDR) in l2cap_global_chan_by_psm()
1851 if (c->chan_type != L2CAP_CHAN_FIXED && c->psm == psm) { in l2cap_global_chan_by_psm()
1856 src_match = !bacmp(&c->src, src); in l2cap_global_chan_by_psm()
1857 dst_match = !bacmp(&c->dst, dst); in l2cap_global_chan_by_psm()
1867 src_any = !bacmp(&c->src, BDADDR_ANY); in l2cap_global_chan_by_psm()
1868 dst_any = !bacmp(&c->dst, BDADDR_ANY); in l2cap_global_chan_by_psm()
1892 if (!chan->conn) { in l2cap_monitor_timeout()
1913 if (!chan->conn) { in l2cap_retrans_timeout()
1932 skb_queue_splice_tail_init(skbs, &chan->tx_q); in l2cap_streaming_send()
1934 while (!skb_queue_empty(&chan->tx_q)) { in l2cap_streaming_send()
1936 skb = skb_dequeue(&chan->tx_q); in l2cap_streaming_send()
1938 bt_cb(skb)->l2cap.retries = 1; in l2cap_streaming_send()
1939 control = &bt_cb(skb)->l2cap; in l2cap_streaming_send()
1941 control->reqseq = 0; in l2cap_streaming_send()
1942 control->txseq = chan->next_tx_seq; in l2cap_streaming_send()
1946 if (chan->fcs == L2CAP_FCS_CRC16) { in l2cap_streaming_send()
1947 u16 fcs = crc16(0, (u8 *) skb->data, skb->len); in l2cap_streaming_send()
1953 BT_DBG("Sent txseq %u", control->txseq); in l2cap_streaming_send()
1955 chan->next_tx_seq = __next_seq(chan, chan->next_tx_seq); in l2cap_streaming_send()
1956 chan->frames_sent++; in l2cap_streaming_send()
1968 if (chan->state != BT_CONNECTED) in l2cap_ertm_send()
1969 return -ENOTCONN; in l2cap_ertm_send()
1971 if (test_bit(CONN_REMOTE_BUSY, &chan->conn_state)) in l2cap_ertm_send()
1974 while (chan->tx_send_head && in l2cap_ertm_send()
1975 chan->unacked_frames < chan->remote_tx_win && in l2cap_ertm_send()
1976 chan->tx_state == L2CAP_TX_STATE_XMIT) { in l2cap_ertm_send()
1978 skb = chan->tx_send_head; in l2cap_ertm_send()
1980 bt_cb(skb)->l2cap.retries = 1; in l2cap_ertm_send()
1981 control = &bt_cb(skb)->l2cap; in l2cap_ertm_send()
1983 if (test_and_clear_bit(CONN_SEND_FBIT, &chan->conn_state)) in l2cap_ertm_send()
1984 control->final = 1; in l2cap_ertm_send()
1986 control->reqseq = chan->buffer_seq; in l2cap_ertm_send()
1987 chan->last_acked_seq = chan->buffer_seq; in l2cap_ertm_send()
1988 control->txseq = chan->next_tx_seq; in l2cap_ertm_send()
1992 if (chan->fcs == L2CAP_FCS_CRC16) { in l2cap_ertm_send()
1993 u16 fcs = crc16(0, (u8 *) skb->data, skb->len); in l2cap_ertm_send()
1998 read-only (for locking purposes) on cloned sk_buffs. in l2cap_ertm_send()
2007 chan->next_tx_seq = __next_seq(chan, chan->next_tx_seq); in l2cap_ertm_send()
2008 chan->unacked_frames++; in l2cap_ertm_send()
2009 chan->frames_sent++; in l2cap_ertm_send()
2012 if (skb_queue_is_last(&chan->tx_q, skb)) in l2cap_ertm_send()
2013 chan->tx_send_head = NULL; in l2cap_ertm_send()
2015 chan->tx_send_head = skb_queue_next(&chan->tx_q, skb); in l2cap_ertm_send()
2018 BT_DBG("Sent txseq %u", control->txseq); in l2cap_ertm_send()
2022 chan->unacked_frames, skb_queue_len(&chan->tx_q)); in l2cap_ertm_send()
2036 if (test_bit(CONN_REMOTE_BUSY, &chan->conn_state)) in l2cap_ertm_resend()
2039 while (chan->retrans_list.head != L2CAP_SEQ_LIST_CLEAR) { in l2cap_ertm_resend()
2040 seq = l2cap_seq_list_pop(&chan->retrans_list); in l2cap_ertm_resend()
2042 skb = l2cap_ertm_seq_in_queue(&chan->tx_q, seq); in l2cap_ertm_resend()
2049 bt_cb(skb)->l2cap.retries++; in l2cap_ertm_resend()
2050 control = bt_cb(skb)->l2cap; in l2cap_ertm_resend()
2052 if (chan->max_tx != 0 && in l2cap_ertm_resend()
2053 bt_cb(skb)->l2cap.retries > chan->max_tx) { in l2cap_ertm_resend()
2054 BT_DBG("Retry limit exceeded (%d)", chan->max_tx); in l2cap_ertm_resend()
2056 l2cap_seq_list_clear(&chan->retrans_list); in l2cap_ertm_resend()
2060 control.reqseq = chan->buffer_seq; in l2cap_ertm_resend()
2061 if (test_and_clear_bit(CONN_SEND_FBIT, &chan->conn_state)) in l2cap_ertm_resend()
2067 /* Cloned sk_buffs are read-only, so we need a in l2cap_ertm_resend()
2076 l2cap_seq_list_clear(&chan->retrans_list); in l2cap_ertm_resend()
2081 if (test_bit(FLAG_EXT_CTRL, &chan->flags)) { in l2cap_ertm_resend()
2083 tx_skb->data + L2CAP_HDR_SIZE); in l2cap_ertm_resend()
2086 tx_skb->data + L2CAP_HDR_SIZE); in l2cap_ertm_resend()
2090 if (chan->fcs == L2CAP_FCS_CRC16) { in l2cap_ertm_resend()
2091 u16 fcs = crc16(0, (u8 *) tx_skb->data, in l2cap_ertm_resend()
2092 tx_skb->len - L2CAP_FCS_SIZE); in l2cap_ertm_resend()
2093 put_unaligned_le16(fcs, skb_tail_pointer(tx_skb) - in l2cap_ertm_resend()
2101 chan->last_acked_seq = chan->buffer_seq; in l2cap_ertm_resend()
2110 l2cap_seq_list_append(&chan->retrans_list, control->reqseq); in l2cap_retransmit()
2121 if (control->poll) in l2cap_retransmit_all()
2122 set_bit(CONN_SEND_FBIT, &chan->conn_state); in l2cap_retransmit_all()
2124 l2cap_seq_list_clear(&chan->retrans_list); in l2cap_retransmit_all()
2126 if (test_bit(CONN_REMOTE_BUSY, &chan->conn_state)) in l2cap_retransmit_all()
2129 if (chan->unacked_frames) { in l2cap_retransmit_all()
2130 skb_queue_walk(&chan->tx_q, skb) { in l2cap_retransmit_all()
2131 if (bt_cb(skb)->l2cap.txseq == control->reqseq || in l2cap_retransmit_all()
2132 skb == chan->tx_send_head) in l2cap_retransmit_all()
2136 skb_queue_walk_from(&chan->tx_q, skb) { in l2cap_retransmit_all()
2137 if (skb == chan->tx_send_head) in l2cap_retransmit_all()
2140 l2cap_seq_list_append(&chan->retrans_list, in l2cap_retransmit_all()
2141 bt_cb(skb)->l2cap.txseq); in l2cap_retransmit_all()
2151 u16 frames_to_ack = __seq_offset(chan, chan->buffer_seq, in l2cap_send_ack()
2152 chan->last_acked_seq); in l2cap_send_ack()
2156 chan, chan->last_acked_seq, chan->buffer_seq); in l2cap_send_ack()
2161 if (test_bit(CONN_LOCAL_BUSY, &chan->conn_state) && in l2cap_send_ack()
2162 chan->rx_state == L2CAP_RX_STATE_RECV) { in l2cap_send_ack()
2164 control.super = L2CAP_SUPER_RNR; in l2cap_send_ack()
2165 control.reqseq = chan->buffer_seq; in l2cap_send_ack()
2168 if (!test_bit(CONN_REMOTE_BUSY, &chan->conn_state)) { in l2cap_send_ack()
2170 /* If any i-frames were sent, they included an ack */ in l2cap_send_ack()
2171 if (chan->buffer_seq == chan->last_acked_seq) in l2cap_send_ack()
2178 threshold = chan->ack_win; in l2cap_send_ack()
2187 control.super = L2CAP_SUPER_RR; in l2cap_send_ack()
2188 control.reqseq = chan->buffer_seq; in l2cap_send_ack()
2202 struct l2cap_conn *conn = chan->conn; in l2cap_skbuff_fromiovec()
2206 if (!copy_from_iter_full(skb_put(skb, count), count, &msg->msg_iter)) in l2cap_skbuff_fromiovec()
2207 return -EFAULT; in l2cap_skbuff_fromiovec()
2210 len -= count; in l2cap_skbuff_fromiovec()
2213 frag = &skb_shinfo(skb)->frag_list; in l2cap_skbuff_fromiovec()
2217 count = min_t(unsigned int, conn->mtu, len); in l2cap_skbuff_fromiovec()
2219 tmp = chan->ops->alloc_skb(chan, 0, count, in l2cap_skbuff_fromiovec()
2220 msg->msg_flags & MSG_DONTWAIT); in l2cap_skbuff_fromiovec()
2227 &msg->msg_iter)) in l2cap_skbuff_fromiovec()
2228 return -EFAULT; in l2cap_skbuff_fromiovec()
2231 len -= count; in l2cap_skbuff_fromiovec()
2233 skb->len += (*frag)->len; in l2cap_skbuff_fromiovec()
2234 skb->data_len += (*frag)->len; in l2cap_skbuff_fromiovec()
2236 frag = &(*frag)->next; in l2cap_skbuff_fromiovec()
2245 struct l2cap_conn *conn = chan->conn; in l2cap_create_connless_pdu()
2251 __le16_to_cpu(chan->psm), len); in l2cap_create_connless_pdu()
2253 count = min_t(unsigned int, (conn->mtu - hlen), len); in l2cap_create_connless_pdu()
2255 skb = chan->ops->alloc_skb(chan, hlen, count, in l2cap_create_connless_pdu()
2256 msg->msg_flags & MSG_DONTWAIT); in l2cap_create_connless_pdu()
2262 lh->cid = cpu_to_le16(chan->dcid); in l2cap_create_connless_pdu()
2263 lh->len = cpu_to_le16(len + L2CAP_PSMLEN_SIZE); in l2cap_create_connless_pdu()
2264 put_unaligned(chan->psm, (__le16 *) skb_put(skb, L2CAP_PSMLEN_SIZE)); in l2cap_create_connless_pdu()
2277 struct l2cap_conn *conn = chan->conn; in l2cap_create_basic_pdu()
2284 count = min_t(unsigned int, (conn->mtu - L2CAP_HDR_SIZE), len); in l2cap_create_basic_pdu()
2286 skb = chan->ops->alloc_skb(chan, L2CAP_HDR_SIZE, count, in l2cap_create_basic_pdu()
2287 msg->msg_flags & MSG_DONTWAIT); in l2cap_create_basic_pdu()
2293 lh->cid = cpu_to_le16(chan->dcid); in l2cap_create_basic_pdu()
2294 lh->len = cpu_to_le16(len); in l2cap_create_basic_pdu()
2308 struct l2cap_conn *conn = chan->conn; in l2cap_create_iframe_pdu()
2316 return ERR_PTR(-ENOTCONN); in l2cap_create_iframe_pdu()
2323 if (chan->fcs == L2CAP_FCS_CRC16) in l2cap_create_iframe_pdu()
2326 count = min_t(unsigned int, (conn->mtu - hlen), len); in l2cap_create_iframe_pdu()
2328 skb = chan->ops->alloc_skb(chan, hlen, count, in l2cap_create_iframe_pdu()
2329 msg->msg_flags & MSG_DONTWAIT); in l2cap_create_iframe_pdu()
2335 lh->cid = cpu_to_le16(chan->dcid); in l2cap_create_iframe_pdu()
2336 lh->len = cpu_to_le16(len + (hlen - L2CAP_HDR_SIZE)); in l2cap_create_iframe_pdu()
2339 if (test_bit(FLAG_EXT_CTRL, &chan->flags)) in l2cap_create_iframe_pdu()
2353 bt_cb(skb)->l2cap.fcs = chan->fcs; in l2cap_create_iframe_pdu()
2354 bt_cb(skb)->l2cap.retries = 0; in l2cap_create_iframe_pdu()
2375 pdu_len = chan->conn->mtu; in l2cap_segment_sdu()
2381 if (chan->fcs) in l2cap_segment_sdu()
2382 pdu_len -= L2CAP_FCS_SIZE; in l2cap_segment_sdu()
2384 pdu_len -= __ertm_hdr_size(chan); in l2cap_segment_sdu()
2387 pdu_len = min_t(size_t, pdu_len, chan->remote_mps); in l2cap_segment_sdu()
2406 bt_cb(skb)->l2cap.sar = sar; in l2cap_segment_sdu()
2409 len -= pdu_len; in l2cap_segment_sdu()
2428 struct l2cap_conn *conn = chan->conn; in l2cap_create_le_flowctl_pdu()
2436 return ERR_PTR(-ENOTCONN); in l2cap_create_le_flowctl_pdu()
2443 count = min_t(unsigned int, (conn->mtu - hlen), len); in l2cap_create_le_flowctl_pdu()
2445 skb = chan->ops->alloc_skb(chan, hlen, count, in l2cap_create_le_flowctl_pdu()
2446 msg->msg_flags & MSG_DONTWAIT); in l2cap_create_le_flowctl_pdu()
2452 lh->cid = cpu_to_le16(chan->dcid); in l2cap_create_le_flowctl_pdu()
2453 lh->len = cpu_to_le16(len + (hlen - L2CAP_HDR_SIZE)); in l2cap_create_le_flowctl_pdu()
2478 pdu_len = chan->remote_mps - L2CAP_SDULEN_SIZE; in l2cap_segment_le_sdu()
2492 len -= pdu_len; in l2cap_segment_le_sdu()
2509 while (chan->tx_credits && !skb_queue_empty(&chan->tx_q)) { in l2cap_le_flowctl_send()
2510 l2cap_do_send(chan, skb_dequeue(&chan->tx_q)); in l2cap_le_flowctl_send()
2511 chan->tx_credits--; in l2cap_le_flowctl_send()
2515 BT_DBG("Sent %d credits %u queued %u", sent, chan->tx_credits, in l2cap_le_flowctl_send()
2516 skb_queue_len(&chan->tx_q)); in l2cap_le_flowctl_send()
2523 struct sock *sk = skb ? skb->sk : NULL; in l2cap_tx_timestamp()
2525 if (sk && sk->sk_type == SOCK_STREAM) in l2cap_tx_timestamp()
2536 struct sock *sk = skb ? skb->sk : NULL; in l2cap_tx_timestamp_seg()
2538 if (sk && sk->sk_type == SOCK_STREAM) in l2cap_tx_timestamp_seg()
2551 if (!chan->conn) in l2cap_chan_send()
2552 return -ENOTCONN; in l2cap_chan_send()
2555 if (chan->chan_type == L2CAP_CHAN_CONN_LESS) { in l2cap_chan_send()
2566 switch (chan->mode) { in l2cap_chan_send()
2570 if (len > chan->omtu) in l2cap_chan_send()
2571 return -EMSGSIZE; in l2cap_chan_send()
2577 if (chan->state != BT_CONNECTED) { in l2cap_chan_send()
2579 err = -ENOTCONN; in l2cap_chan_send()
2587 skb_queue_splice_tail_init(&seg_queue, &chan->tx_q); in l2cap_chan_send()
2591 if (!chan->tx_credits) in l2cap_chan_send()
2592 chan->ops->suspend(chan); in l2cap_chan_send()
2600 if (len > chan->omtu) in l2cap_chan_send()
2601 return -EMSGSIZE; in l2cap_chan_send()
2617 if (len > chan->omtu) { in l2cap_chan_send()
2618 err = -EMSGSIZE; in l2cap_chan_send()
2633 if (chan->mode == L2CAP_MODE_ERTM) { in l2cap_chan_send()
2650 BT_DBG("bad state %1.1x", chan->mode); in l2cap_chan_send()
2651 err = -EBADFD; in l2cap_chan_send()
2667 control.super = L2CAP_SUPER_SREJ; in l2cap_send_srej()
2669 for (seq = chan->expected_tx_seq; seq != txseq; in l2cap_send_srej()
2671 if (!l2cap_ertm_seq_in_queue(&chan->srej_q, seq)) { in l2cap_send_srej()
2674 l2cap_seq_list_append(&chan->srej_list, seq); in l2cap_send_srej()
2678 chan->expected_tx_seq = __next_seq(chan, txseq); in l2cap_send_srej()
2687 if (chan->srej_list.tail == L2CAP_SEQ_LIST_CLEAR) in l2cap_send_srej_tail()
2692 control.super = L2CAP_SUPER_SREJ; in l2cap_send_srej_tail()
2693 control.reqseq = chan->srej_list.tail; in l2cap_send_srej_tail()
2707 control.super = L2CAP_SUPER_SREJ; in l2cap_send_srej_list()
2710 initial_head = chan->srej_list.head; in l2cap_send_srej_list()
2713 seq = l2cap_seq_list_pop(&chan->srej_list); in l2cap_send_srej_list()
2719 l2cap_seq_list_append(&chan->srej_list, seq); in l2cap_send_srej_list()
2720 } while (chan->srej_list.head != initial_head); in l2cap_send_srej_list()
2730 if (chan->unacked_frames == 0 || reqseq == chan->expected_ack_seq) in l2cap_process_reqseq()
2734 chan->expected_ack_seq, chan->unacked_frames); in l2cap_process_reqseq()
2736 for (ackseq = chan->expected_ack_seq; ackseq != reqseq; in l2cap_process_reqseq()
2739 acked_skb = l2cap_ertm_seq_in_queue(&chan->tx_q, ackseq); in l2cap_process_reqseq()
2741 skb_unlink(acked_skb, &chan->tx_q); in l2cap_process_reqseq()
2743 chan->unacked_frames--; in l2cap_process_reqseq()
2747 chan->expected_ack_seq = reqseq; in l2cap_process_reqseq()
2749 if (chan->unacked_frames == 0) in l2cap_process_reqseq()
2752 BT_DBG("unacked_frames %u", chan->unacked_frames); in l2cap_process_reqseq()
2759 chan->expected_tx_seq = chan->buffer_seq; in l2cap_abort_rx_srej_sent()
2760 l2cap_seq_list_clear(&chan->srej_list); in l2cap_abort_rx_srej_sent()
2761 skb_queue_purge(&chan->srej_q); in l2cap_abort_rx_srej_sent()
2762 chan->rx_state = L2CAP_RX_STATE_RECV; in l2cap_abort_rx_srej_sent()
2774 if (chan->tx_send_head == NULL) in l2cap_tx_state_xmit()
2775 chan->tx_send_head = skb_peek(skbs); in l2cap_tx_state_xmit()
2777 skb_queue_splice_tail_init(skbs, &chan->tx_q); in l2cap_tx_state_xmit()
2782 set_bit(CONN_LOCAL_BUSY, &chan->conn_state); in l2cap_tx_state_xmit()
2784 if (chan->rx_state == L2CAP_RX_STATE_SREJ_SENT) { in l2cap_tx_state_xmit()
2796 clear_bit(CONN_LOCAL_BUSY, &chan->conn_state); in l2cap_tx_state_xmit()
2798 if (test_bit(CONN_RNR_SENT, &chan->conn_state)) { in l2cap_tx_state_xmit()
2803 local_control.super = L2CAP_SUPER_RR; in l2cap_tx_state_xmit()
2805 local_control.reqseq = chan->buffer_seq; in l2cap_tx_state_xmit()
2808 chan->retry_count = 1; in l2cap_tx_state_xmit()
2810 chan->tx_state = L2CAP_TX_STATE_WAIT_F; in l2cap_tx_state_xmit()
2814 l2cap_process_reqseq(chan, control->reqseq); in l2cap_tx_state_xmit()
2818 chan->retry_count = 1; in l2cap_tx_state_xmit()
2821 chan->tx_state = L2CAP_TX_STATE_WAIT_F; in l2cap_tx_state_xmit()
2825 chan->retry_count = 1; in l2cap_tx_state_xmit()
2827 chan->tx_state = L2CAP_TX_STATE_WAIT_F; in l2cap_tx_state_xmit()
2846 if (chan->tx_send_head == NULL) in l2cap_tx_state_wait_f()
2847 chan->tx_send_head = skb_peek(skbs); in l2cap_tx_state_wait_f()
2849 skb_queue_splice_tail_init(skbs, &chan->tx_q); in l2cap_tx_state_wait_f()
2853 set_bit(CONN_LOCAL_BUSY, &chan->conn_state); in l2cap_tx_state_wait_f()
2855 if (chan->rx_state == L2CAP_RX_STATE_SREJ_SENT) { in l2cap_tx_state_wait_f()
2867 clear_bit(CONN_LOCAL_BUSY, &chan->conn_state); in l2cap_tx_state_wait_f()
2869 if (test_bit(CONN_RNR_SENT, &chan->conn_state)) { in l2cap_tx_state_wait_f()
2873 local_control.super = L2CAP_SUPER_RR; in l2cap_tx_state_wait_f()
2875 local_control.reqseq = chan->buffer_seq; in l2cap_tx_state_wait_f()
2878 chan->retry_count = 1; in l2cap_tx_state_wait_f()
2880 chan->tx_state = L2CAP_TX_STATE_WAIT_F; in l2cap_tx_state_wait_f()
2884 l2cap_process_reqseq(chan, control->reqseq); in l2cap_tx_state_wait_f()
2888 if (control && control->final) { in l2cap_tx_state_wait_f()
2890 if (chan->unacked_frames > 0) in l2cap_tx_state_wait_f()
2892 chan->retry_count = 0; in l2cap_tx_state_wait_f()
2893 chan->tx_state = L2CAP_TX_STATE_XMIT; in l2cap_tx_state_wait_f()
2894 BT_DBG("recv fbit tx_state 0x2.2%x", chan->tx_state); in l2cap_tx_state_wait_f()
2901 if (chan->max_tx == 0 || chan->retry_count < chan->max_tx) { in l2cap_tx_state_wait_f()
2904 chan->retry_count++; in l2cap_tx_state_wait_f()
2918 chan, control, skbs, event, chan->tx_state); in l2cap_tx()
2920 switch (chan->tx_state) { in l2cap_tx()
2955 list_for_each_entry(chan, &conn->chan_l, list) { in l2cap_raw_recv()
2956 if (chan->chan_type != L2CAP_CHAN_RAW) in l2cap_raw_recv()
2960 if (bt_cb(skb)->l2cap.chan == chan) in l2cap_raw_recv()
2966 if (chan->ops->recv(chan, nskb)) in l2cap_raw_recv()
2971 /* ---- L2CAP signalling commands ---- */
2983 if (conn->mtu < L2CAP_HDR_SIZE + L2CAP_CMD_HDR_SIZE) in l2cap_build_cmd()
2987 count = min_t(unsigned int, conn->mtu, len); in l2cap_build_cmd()
2994 lh->len = cpu_to_le16(L2CAP_CMD_HDR_SIZE + dlen); in l2cap_build_cmd()
2996 if (conn->hcon->type == LE_LINK) in l2cap_build_cmd()
2997 lh->cid = cpu_to_le16(L2CAP_CID_LE_SIGNALING); in l2cap_build_cmd()
2999 lh->cid = cpu_to_le16(L2CAP_CID_SIGNALING); in l2cap_build_cmd()
3002 cmd->code = code; in l2cap_build_cmd()
3003 cmd->ident = ident; in l2cap_build_cmd()
3004 cmd->len = cpu_to_le16(dlen); in l2cap_build_cmd()
3007 count -= L2CAP_HDR_SIZE + L2CAP_CMD_HDR_SIZE; in l2cap_build_cmd()
3012 len -= skb->len; in l2cap_build_cmd()
3015 frag = &skb_shinfo(skb)->frag_list; in l2cap_build_cmd()
3017 count = min_t(unsigned int, conn->mtu, len); in l2cap_build_cmd()
3025 len -= count; in l2cap_build_cmd()
3028 frag = &(*frag)->next; in l2cap_build_cmd()
3044 len = L2CAP_CONF_OPT_SIZE + opt->len; in l2cap_get_conf_opt()
3047 *type = opt->type; in l2cap_get_conf_opt()
3048 *olen = opt->len; in l2cap_get_conf_opt()
3050 switch (opt->len) { in l2cap_get_conf_opt()
3052 *val = *((u8 *) opt->val); in l2cap_get_conf_opt()
3056 *val = get_unaligned_le16(opt->val); in l2cap_get_conf_opt()
3060 *val = get_unaligned_le32(opt->val); in l2cap_get_conf_opt()
3064 *val = (unsigned long) opt->val; in l2cap_get_conf_opt()
3068 BT_DBG("type 0x%2.2x len %u val 0x%lx", *type, opt->len, *val); in l2cap_get_conf_opt()
3081 opt->type = type; in l2cap_add_conf_opt()
3082 opt->len = len; in l2cap_add_conf_opt()
3086 *((u8 *) opt->val) = val; in l2cap_add_conf_opt()
3090 put_unaligned_le16(val, opt->val); in l2cap_add_conf_opt()
3094 put_unaligned_le32(val, opt->val); in l2cap_add_conf_opt()
3098 memcpy(opt->val, (void *) val, len); in l2cap_add_conf_opt()
3109 switch (chan->mode) { in l2cap_add_opt_efs()
3111 efs.id = chan->local_id; in l2cap_add_opt_efs()
3112 efs.stype = chan->local_stype; in l2cap_add_opt_efs()
3113 efs.msdu = cpu_to_le16(chan->local_msdu); in l2cap_add_opt_efs()
3114 efs.sdu_itime = cpu_to_le32(chan->local_sdu_itime); in l2cap_add_opt_efs()
3122 efs.msdu = cpu_to_le16(chan->local_msdu); in l2cap_add_opt_efs()
3123 efs.sdu_itime = cpu_to_le32(chan->local_sdu_itime); in l2cap_add_opt_efs()
3146 frames_to_ack = __seq_offset(chan, chan->buffer_seq, in l2cap_ack_timeout()
3147 chan->last_acked_seq); in l2cap_ack_timeout()
3160 chan->next_tx_seq = 0; in l2cap_ertm_init()
3161 chan->expected_tx_seq = 0; in l2cap_ertm_init()
3162 chan->expected_ack_seq = 0; in l2cap_ertm_init()
3163 chan->unacked_frames = 0; in l2cap_ertm_init()
3164 chan->buffer_seq = 0; in l2cap_ertm_init()
3165 chan->frames_sent = 0; in l2cap_ertm_init()
3166 chan->last_acked_seq = 0; in l2cap_ertm_init()
3167 chan->sdu = NULL; in l2cap_ertm_init()
3168 chan->sdu_last_frag = NULL; in l2cap_ertm_init()
3169 chan->sdu_len = 0; in l2cap_ertm_init()
3171 skb_queue_head_init(&chan->tx_q); in l2cap_ertm_init()
3173 if (chan->mode != L2CAP_MODE_ERTM) in l2cap_ertm_init()
3176 chan->rx_state = L2CAP_RX_STATE_RECV; in l2cap_ertm_init()
3177 chan->tx_state = L2CAP_TX_STATE_XMIT; in l2cap_ertm_init()
3179 skb_queue_head_init(&chan->srej_q); in l2cap_ertm_init()
3181 err = l2cap_seq_list_init(&chan->srej_list, chan->tx_win); in l2cap_ertm_init()
3185 err = l2cap_seq_list_init(&chan->retrans_list, chan->remote_tx_win); in l2cap_ertm_init()
3187 l2cap_seq_list_free(&chan->srej_list); in l2cap_ertm_init()
3207 return (conn->feat_mask & L2CAP_FEAT_EXT_WINDOW); in __l2cap_ews_supported()
3212 return (conn->feat_mask & L2CAP_FEAT_EXT_FLOW); in __l2cap_efs_supported()
3218 rfc->retrans_timeout = cpu_to_le16(L2CAP_DEFAULT_RETRANS_TO); in __l2cap_set_ertm_timeouts()
3219 rfc->monitor_timeout = cpu_to_le16(L2CAP_DEFAULT_MONITOR_TO); in __l2cap_set_ertm_timeouts()
3224 if (chan->tx_win > L2CAP_DEFAULT_TX_WINDOW && in l2cap_txwin_setup()
3225 __l2cap_ews_supported(chan->conn)) { in l2cap_txwin_setup()
3227 set_bit(FLAG_EXT_CTRL, &chan->flags); in l2cap_txwin_setup()
3228 chan->tx_win_max = L2CAP_DEFAULT_EXT_WINDOW; in l2cap_txwin_setup()
3230 chan->tx_win = min_t(u16, chan->tx_win, in l2cap_txwin_setup()
3232 chan->tx_win_max = L2CAP_DEFAULT_TX_WINDOW; in l2cap_txwin_setup()
3234 chan->ack_win = chan->tx_win; in l2cap_txwin_setup()
3239 struct hci_conn *conn = chan->conn->hcon; in l2cap_mtu_auto()
3241 chan->imtu = L2CAP_DEFAULT_MIN_MTU; in l2cap_mtu_auto()
3243 /* The 2-DH1 packet has between 2 and 56 information bytes in l2cap_mtu_auto()
3244 * (including the 2-byte payload header) in l2cap_mtu_auto()
3246 if (!(conn->pkt_type & HCI_2DH1)) in l2cap_mtu_auto()
3247 chan->imtu = 54; in l2cap_mtu_auto()
3249 /* The 3-DH1 packet has between 2 and 85 information bytes in l2cap_mtu_auto()
3250 * (including the 2-byte payload header) in l2cap_mtu_auto()
3252 if (!(conn->pkt_type & HCI_3DH1)) in l2cap_mtu_auto()
3253 chan->imtu = 83; in l2cap_mtu_auto()
3255 /* The 2-DH3 packet has between 2 and 369 information bytes in l2cap_mtu_auto()
3256 * (including the 2-byte payload header) in l2cap_mtu_auto()
3258 if (!(conn->pkt_type & HCI_2DH3)) in l2cap_mtu_auto()
3259 chan->imtu = 367; in l2cap_mtu_auto()
3261 /* The 3-DH3 packet has between 2 and 554 information bytes in l2cap_mtu_auto()
3262 * (including the 2-byte payload header) in l2cap_mtu_auto()
3264 if (!(conn->pkt_type & HCI_3DH3)) in l2cap_mtu_auto()
3265 chan->imtu = 552; in l2cap_mtu_auto()
3267 /* The 2-DH5 packet has between 2 and 681 information bytes in l2cap_mtu_auto()
3268 * (including the 2-byte payload header) in l2cap_mtu_auto()
3270 if (!(conn->pkt_type & HCI_2DH5)) in l2cap_mtu_auto()
3271 chan->imtu = 679; in l2cap_mtu_auto()
3273 /* The 3-DH5 packet has between 2 and 1023 information bytes in l2cap_mtu_auto()
3274 * (including the 2-byte payload header) in l2cap_mtu_auto()
3276 if (!(conn->pkt_type & HCI_3DH5)) in l2cap_mtu_auto()
3277 chan->imtu = 1021; in l2cap_mtu_auto()
3283 struct l2cap_conf_rfc rfc = { .mode = chan->mode }; in l2cap_build_conf_req()
3284 void *ptr = req->data; in l2cap_build_conf_req()
3290 if (chan->num_conf_req || chan->num_conf_rsp) in l2cap_build_conf_req()
3293 switch (chan->mode) { in l2cap_build_conf_req()
3296 if (test_bit(CONF_STATE2_DEVICE, &chan->conf_state)) in l2cap_build_conf_req()
3299 if (__l2cap_efs_supported(chan->conn)) in l2cap_build_conf_req()
3300 set_bit(FLAG_EFS_ENABLE, &chan->flags); in l2cap_build_conf_req()
3304 chan->mode = l2cap_select_mode(rfc.mode, chan->conn->feat_mask); in l2cap_build_conf_req()
3309 if (chan->imtu != L2CAP_DEFAULT_MTU) { in l2cap_build_conf_req()
3310 if (!chan->imtu) in l2cap_build_conf_req()
3312 l2cap_add_conf_opt(&ptr, L2CAP_CONF_MTU, 2, chan->imtu, in l2cap_build_conf_req()
3313 endptr - ptr); in l2cap_build_conf_req()
3316 switch (chan->mode) { in l2cap_build_conf_req()
3321 if (!(chan->conn->feat_mask & L2CAP_FEAT_ERTM) && in l2cap_build_conf_req()
3322 !(chan->conn->feat_mask & L2CAP_FEAT_STREAMING)) in l2cap_build_conf_req()
3333 (unsigned long) &rfc, endptr - ptr); in l2cap_build_conf_req()
3338 rfc.max_transmit = chan->max_tx; in l2cap_build_conf_req()
3342 size = min_t(u16, L2CAP_DEFAULT_MAX_PDU_SIZE, chan->conn->mtu - in l2cap_build_conf_req()
3343 L2CAP_EXT_HDR_SIZE - L2CAP_SDULEN_SIZE - in l2cap_build_conf_req()
3349 rfc.txwin_size = min_t(u16, chan->tx_win, in l2cap_build_conf_req()
3353 (unsigned long) &rfc, endptr - ptr); in l2cap_build_conf_req()
3355 if (test_bit(FLAG_EFS_ENABLE, &chan->flags)) in l2cap_build_conf_req()
3356 l2cap_add_opt_efs(&ptr, chan, endptr - ptr); in l2cap_build_conf_req()
3358 if (test_bit(FLAG_EXT_CTRL, &chan->flags)) in l2cap_build_conf_req()
3360 chan->tx_win, endptr - ptr); in l2cap_build_conf_req()
3362 if (chan->conn->feat_mask & L2CAP_FEAT_FCS) in l2cap_build_conf_req()
3363 if (chan->fcs == L2CAP_FCS_NONE || in l2cap_build_conf_req()
3364 test_bit(CONF_RECV_NO_FCS, &chan->conf_state)) { in l2cap_build_conf_req()
3365 chan->fcs = L2CAP_FCS_NONE; in l2cap_build_conf_req()
3367 chan->fcs, endptr - ptr); in l2cap_build_conf_req()
3379 size = min_t(u16, L2CAP_DEFAULT_MAX_PDU_SIZE, chan->conn->mtu - in l2cap_build_conf_req()
3380 L2CAP_EXT_HDR_SIZE - L2CAP_SDULEN_SIZE - in l2cap_build_conf_req()
3385 (unsigned long) &rfc, endptr - ptr); in l2cap_build_conf_req()
3387 if (test_bit(FLAG_EFS_ENABLE, &chan->flags)) in l2cap_build_conf_req()
3388 l2cap_add_opt_efs(&ptr, chan, endptr - ptr); in l2cap_build_conf_req()
3390 if (chan->conn->feat_mask & L2CAP_FEAT_FCS) in l2cap_build_conf_req()
3391 if (chan->fcs == L2CAP_FCS_NONE || in l2cap_build_conf_req()
3392 test_bit(CONF_RECV_NO_FCS, &chan->conf_state)) { in l2cap_build_conf_req()
3393 chan->fcs = L2CAP_FCS_NONE; in l2cap_build_conf_req()
3395 chan->fcs, endptr - ptr); in l2cap_build_conf_req()
3400 req->dcid = cpu_to_le16(chan->dcid); in l2cap_build_conf_req()
3401 req->flags = cpu_to_le16(0); in l2cap_build_conf_req()
3403 return ptr - data; in l2cap_build_conf_req()
3409 void *ptr = rsp->data; in l2cap_parse_conf_req()
3411 void *req = chan->conf_req; in l2cap_parse_conf_req()
3412 int len = chan->conf_len; in l2cap_parse_conf_req()
3425 len -= l2cap_get_conf_opt(&req, &type, &olen, &val); in l2cap_parse_conf_req()
3442 chan->flush_to = val; in l2cap_parse_conf_req()
3458 set_bit(CONF_RECV_NO_FCS, &chan->conf_state); in l2cap_parse_conf_req()
3471 return -ECONNREFUSED; in l2cap_parse_conf_req()
3477 l2cap_add_conf_opt(&ptr, (u8)type, sizeof(u8), type, endptr - ptr); in l2cap_parse_conf_req()
3482 if (chan->num_conf_rsp || chan->num_conf_req > 1) in l2cap_parse_conf_req()
3485 switch (chan->mode) { in l2cap_parse_conf_req()
3488 if (!test_bit(CONF_STATE2_DEVICE, &chan->conf_state)) { in l2cap_parse_conf_req()
3489 chan->mode = l2cap_select_mode(rfc.mode, in l2cap_parse_conf_req()
3490 chan->conn->feat_mask); in l2cap_parse_conf_req()
3495 if (__l2cap_efs_supported(chan->conn)) in l2cap_parse_conf_req()
3496 set_bit(FLAG_EFS_ENABLE, &chan->flags); in l2cap_parse_conf_req()
3498 return -ECONNREFUSED; in l2cap_parse_conf_req()
3501 if (chan->mode != rfc.mode) in l2cap_parse_conf_req()
3502 return -ECONNREFUSED; in l2cap_parse_conf_req()
3508 if (chan->mode != rfc.mode) { in l2cap_parse_conf_req()
3510 rfc.mode = chan->mode; in l2cap_parse_conf_req()
3512 if (chan->num_conf_rsp == 1) in l2cap_parse_conf_req()
3513 return -ECONNREFUSED; in l2cap_parse_conf_req()
3516 (unsigned long) &rfc, endptr - ptr); in l2cap_parse_conf_req()
3526 chan->omtu = mtu; in l2cap_parse_conf_req()
3527 set_bit(CONF_MTU_DONE, &chan->conf_state); in l2cap_parse_conf_req()
3529 l2cap_add_conf_opt(&ptr, L2CAP_CONF_MTU, 2, chan->omtu, endptr - ptr); in l2cap_parse_conf_req()
3532 if (chan->local_stype != L2CAP_SERV_NOTRAFIC && in l2cap_parse_conf_req()
3534 efs.stype != chan->local_stype) { in l2cap_parse_conf_req()
3538 if (chan->num_conf_req >= 1) in l2cap_parse_conf_req()
3539 return -ECONNREFUSED; in l2cap_parse_conf_req()
3543 (unsigned long) &efs, endptr - ptr); in l2cap_parse_conf_req()
3547 set_bit(CONF_LOC_CONF_PEND, &chan->conf_state); in l2cap_parse_conf_req()
3553 chan->fcs = L2CAP_FCS_NONE; in l2cap_parse_conf_req()
3554 set_bit(CONF_MODE_DONE, &chan->conf_state); in l2cap_parse_conf_req()
3558 if (!test_bit(CONF_EWS_RECV, &chan->conf_state)) in l2cap_parse_conf_req()
3559 chan->remote_tx_win = rfc.txwin_size; in l2cap_parse_conf_req()
3563 chan->remote_max_tx = rfc.max_transmit; in l2cap_parse_conf_req()
3566 chan->conn->mtu - L2CAP_EXT_HDR_SIZE - in l2cap_parse_conf_req()
3567 L2CAP_SDULEN_SIZE - L2CAP_FCS_SIZE); in l2cap_parse_conf_req()
3569 chan->remote_mps = size; in l2cap_parse_conf_req()
3573 set_bit(CONF_MODE_DONE, &chan->conf_state); in l2cap_parse_conf_req()
3576 sizeof(rfc), (unsigned long) &rfc, endptr - ptr); in l2cap_parse_conf_req()
3579 test_bit(FLAG_EFS_ENABLE, &chan->flags)) { in l2cap_parse_conf_req()
3580 chan->remote_id = efs.id; in l2cap_parse_conf_req()
3581 chan->remote_stype = efs.stype; in l2cap_parse_conf_req()
3582 chan->remote_msdu = le16_to_cpu(efs.msdu); in l2cap_parse_conf_req()
3583 chan->remote_flush_to = in l2cap_parse_conf_req()
3585 chan->remote_acc_lat = in l2cap_parse_conf_req()
3587 chan->remote_sdu_itime = in l2cap_parse_conf_req()
3591 (unsigned long) &efs, endptr - ptr); in l2cap_parse_conf_req()
3597 chan->conn->mtu - L2CAP_EXT_HDR_SIZE - in l2cap_parse_conf_req()
3598 L2CAP_SDULEN_SIZE - L2CAP_FCS_SIZE); in l2cap_parse_conf_req()
3600 chan->remote_mps = size; in l2cap_parse_conf_req()
3602 set_bit(CONF_MODE_DONE, &chan->conf_state); in l2cap_parse_conf_req()
3605 (unsigned long) &rfc, endptr - ptr); in l2cap_parse_conf_req()
3613 rfc.mode = chan->mode; in l2cap_parse_conf_req()
3617 set_bit(CONF_OUTPUT_DONE, &chan->conf_state); in l2cap_parse_conf_req()
3619 rsp->scid = cpu_to_le16(chan->dcid); in l2cap_parse_conf_req()
3620 rsp->result = cpu_to_le16(result); in l2cap_parse_conf_req()
3621 rsp->flags = cpu_to_le16(0); in l2cap_parse_conf_req()
3623 return ptr - data; in l2cap_parse_conf_req()
3630 void *ptr = req->data; in l2cap_parse_conf_rsp()
3640 len -= l2cap_get_conf_opt(&rsp, &type, &olen, &val); in l2cap_parse_conf_rsp()
3650 chan->imtu = L2CAP_DEFAULT_MIN_MTU; in l2cap_parse_conf_rsp()
3652 chan->imtu = val; in l2cap_parse_conf_rsp()
3653 l2cap_add_conf_opt(&ptr, L2CAP_CONF_MTU, 2, chan->imtu, in l2cap_parse_conf_rsp()
3654 endptr - ptr); in l2cap_parse_conf_rsp()
3660 chan->flush_to = val; in l2cap_parse_conf_rsp()
3662 chan->flush_to, endptr - ptr); in l2cap_parse_conf_rsp()
3669 if (test_bit(CONF_STATE2_DEVICE, &chan->conf_state) && in l2cap_parse_conf_rsp()
3670 rfc.mode != chan->mode) in l2cap_parse_conf_rsp()
3671 return -ECONNREFUSED; in l2cap_parse_conf_rsp()
3672 chan->fcs = 0; in l2cap_parse_conf_rsp()
3674 (unsigned long) &rfc, endptr - ptr); in l2cap_parse_conf_rsp()
3680 chan->ack_win = min_t(u16, val, chan->ack_win); in l2cap_parse_conf_rsp()
3682 chan->tx_win, endptr - ptr); in l2cap_parse_conf_rsp()
3689 if (chan->local_stype != L2CAP_SERV_NOTRAFIC && in l2cap_parse_conf_rsp()
3691 efs.stype != chan->local_stype) in l2cap_parse_conf_rsp()
3692 return -ECONNREFUSED; in l2cap_parse_conf_rsp()
3694 (unsigned long) &efs, endptr - ptr); in l2cap_parse_conf_rsp()
3703 &chan->conf_state); in l2cap_parse_conf_rsp()
3708 if (chan->mode == L2CAP_MODE_BASIC && chan->mode != rfc.mode) in l2cap_parse_conf_rsp()
3709 return -ECONNREFUSED; in l2cap_parse_conf_rsp()
3711 chan->mode = rfc.mode; in l2cap_parse_conf_rsp()
3716 chan->retrans_timeout = le16_to_cpu(rfc.retrans_timeout); in l2cap_parse_conf_rsp()
3717 chan->monitor_timeout = le16_to_cpu(rfc.monitor_timeout); in l2cap_parse_conf_rsp()
3718 chan->mps = le16_to_cpu(rfc.max_pdu_size); in l2cap_parse_conf_rsp()
3719 if (!test_bit(FLAG_EXT_CTRL, &chan->flags)) in l2cap_parse_conf_rsp()
3720 chan->ack_win = min_t(u16, chan->ack_win, in l2cap_parse_conf_rsp()
3723 if (test_bit(FLAG_EFS_ENABLE, &chan->flags)) { in l2cap_parse_conf_rsp()
3724 chan->local_msdu = le16_to_cpu(efs.msdu); in l2cap_parse_conf_rsp()
3725 chan->local_sdu_itime = in l2cap_parse_conf_rsp()
3727 chan->local_acc_lat = le32_to_cpu(efs.acc_lat); in l2cap_parse_conf_rsp()
3728 chan->local_flush_to = in l2cap_parse_conf_rsp()
3734 chan->mps = le16_to_cpu(rfc.max_pdu_size); in l2cap_parse_conf_rsp()
3738 req->dcid = cpu_to_le16(chan->dcid); in l2cap_parse_conf_rsp()
3739 req->flags = cpu_to_le16(0); in l2cap_parse_conf_rsp()
3741 return ptr - data; in l2cap_parse_conf_rsp()
3748 void *ptr = rsp->data; in l2cap_build_conf_rsp()
3752 rsp->scid = cpu_to_le16(chan->dcid); in l2cap_build_conf_rsp()
3753 rsp->result = cpu_to_le16(result); in l2cap_build_conf_rsp()
3754 rsp->flags = cpu_to_le16(flags); in l2cap_build_conf_rsp()
3756 return ptr - data; in l2cap_build_conf_rsp()
3762 struct l2cap_conn *conn = chan->conn; in __l2cap_le_connect_rsp_defer()
3766 rsp.dcid = cpu_to_le16(chan->scid); in __l2cap_le_connect_rsp_defer()
3767 rsp.mtu = cpu_to_le16(chan->imtu); in __l2cap_le_connect_rsp_defer()
3768 rsp.mps = cpu_to_le16(chan->mps); in __l2cap_le_connect_rsp_defer()
3769 rsp.credits = cpu_to_le16(chan->rx_credits); in __l2cap_le_connect_rsp_defer()
3772 l2cap_send_cmd(conn, chan->ident, L2CAP_LE_CONN_RSP, sizeof(rsp), in __l2cap_le_connect_rsp_defer()
3780 if (*result || test_bit(FLAG_ECRED_CONN_REQ_SENT, &chan->flags)) in l2cap_ecred_list_defer()
3783 switch (chan->state) { in l2cap_ecred_list_defer()
3792 *result = -ECONNREFUSED; in l2cap_ecred_list_defer()
3809 container_of(&rsp->pdu.rsp, struct l2cap_ecred_conn_rsp, hdr); in l2cap_ecred_rsp_defer()
3814 if (test_bit(FLAG_ECRED_CONN_REQ_SENT, &chan->flags) || in l2cap_ecred_rsp_defer()
3815 !test_and_clear_bit(FLAG_DEFER_SETUP, &chan->flags)) in l2cap_ecred_rsp_defer()
3819 chan->ident = 0; in l2cap_ecred_rsp_defer()
3822 if (!rsp->pdu.rsp.result) in l2cap_ecred_rsp_defer()
3823 rsp_flex->dcid[rsp->count++] = cpu_to_le16(chan->scid); in l2cap_ecred_rsp_defer()
3830 struct l2cap_conn *conn = chan->conn; in __l2cap_ecred_conn_rsp_defer()
3832 u16 id = chan->ident; in __l2cap_ecred_conn_rsp_defer()
3842 data.pdu.rsp.mtu = cpu_to_le16(chan->imtu); in __l2cap_ecred_conn_rsp_defer()
3843 data.pdu.rsp.mps = cpu_to_le16(chan->mps); in __l2cap_ecred_conn_rsp_defer()
3844 data.pdu.rsp.credits = cpu_to_le16(chan->rx_credits); in __l2cap_ecred_conn_rsp_defer()
3867 struct l2cap_conn *conn = chan->conn; in __l2cap_connect_rsp_defer()
3871 rsp.scid = cpu_to_le16(chan->dcid); in __l2cap_connect_rsp_defer()
3872 rsp.dcid = cpu_to_le16(chan->scid); in __l2cap_connect_rsp_defer()
3879 l2cap_send_cmd(conn, chan->ident, rsp_code, sizeof(rsp), &rsp); in __l2cap_connect_rsp_defer()
3881 if (test_and_set_bit(CONF_REQ_SENT, &chan->conf_state)) in __l2cap_connect_rsp_defer()
3886 chan->num_conf_req++; in __l2cap_connect_rsp_defer()
3896 u16 txwin_ext = chan->ack_win; in l2cap_conf_rfc_get()
3898 .mode = chan->mode, in l2cap_conf_rfc_get()
3901 .max_pdu_size = cpu_to_le16(chan->imtu), in l2cap_conf_rfc_get()
3902 .txwin_size = min_t(u16, chan->ack_win, L2CAP_DEFAULT_TX_WINDOW), in l2cap_conf_rfc_get()
3907 if ((chan->mode != L2CAP_MODE_ERTM) && (chan->mode != L2CAP_MODE_STREAMING)) in l2cap_conf_rfc_get()
3911 len -= l2cap_get_conf_opt(&rsp, &type, &olen, &val); in l2cap_conf_rfc_get()
3931 chan->retrans_timeout = le16_to_cpu(rfc.retrans_timeout); in l2cap_conf_rfc_get()
3932 chan->monitor_timeout = le16_to_cpu(rfc.monitor_timeout); in l2cap_conf_rfc_get()
3933 chan->mps = le16_to_cpu(rfc.max_pdu_size); in l2cap_conf_rfc_get()
3934 if (test_bit(FLAG_EXT_CTRL, &chan->flags)) in l2cap_conf_rfc_get()
3935 chan->ack_win = min_t(u16, chan->ack_win, txwin_ext); in l2cap_conf_rfc_get()
3937 chan->ack_win = min_t(u16, chan->ack_win, in l2cap_conf_rfc_get()
3941 chan->mps = le16_to_cpu(rfc.max_pdu_size); in l2cap_conf_rfc_get()
3952 return -EPROTO; in l2cap_command_rej()
3954 if (rej->reason != L2CAP_REJ_NOT_UNDERSTOOD) in l2cap_command_rej()
3957 if ((conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_SENT) && in l2cap_command_rej()
3958 cmd->ident == conn->info_ident) { in l2cap_command_rej()
3959 cancel_delayed_work(&conn->info_timer); in l2cap_command_rej()
3961 conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_DONE; in l2cap_command_rej()
3962 conn->info_ident = 0; in l2cap_command_rej()
3978 u16 dcid = 0, scid = __le16_to_cpu(req->scid); in l2cap_connect()
3979 __le16 psm = req->psm; in l2cap_connect()
3984 pchan = l2cap_global_chan_by_psm(BT_LISTEN, psm, &conn->hcon->src, in l2cap_connect()
3985 &conn->hcon->dst, ACL_LINK); in l2cap_connect()
3995 (!hci_conn_check_link_mode(conn->hcon) || in l2cap_connect()
3996 !l2cap_check_enc_key_size(conn->hcon, pchan))) { in l2cap_connect()
3997 conn->disc_reason = HCI_ERROR_AUTH_FAILURE; in l2cap_connect()
4016 chan = pchan->ops->new_connection(pchan); in l2cap_connect()
4025 conn->hcon->disc_timeout = HCI_DISCONN_TIMEOUT; in l2cap_connect()
4027 bacpy(&chan->src, &conn->hcon->src); in l2cap_connect()
4028 bacpy(&chan->dst, &conn->hcon->dst); in l2cap_connect()
4029 chan->src_type = bdaddr_src_type(conn->hcon); in l2cap_connect()
4030 chan->dst_type = bdaddr_dst_type(conn->hcon); in l2cap_connect()
4031 chan->psm = psm; in l2cap_connect()
4032 chan->dcid = scid; in l2cap_connect()
4036 dcid = chan->scid; in l2cap_connect()
4038 __set_chan_timer(chan, chan->ops->get_sndtimeo(chan)); in l2cap_connect()
4040 chan->ident = cmd->ident; in l2cap_connect()
4042 if (conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_DONE) { in l2cap_connect()
4044 if (test_bit(FLAG_DEFER_SETUP, &chan->flags)) { in l2cap_connect()
4048 chan->ops->defer(chan); in l2cap_connect()
4070 l2cap_send_cmd(conn, cmd->ident, rsp_code, sizeof(rsp), &rsp); in l2cap_connect()
4079 conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_SENT; in l2cap_connect()
4080 conn->info_ident = l2cap_get_ident(conn); in l2cap_connect()
4082 schedule_delayed_work(&conn->info_timer, L2CAP_INFO_TIMEOUT); in l2cap_connect()
4084 l2cap_send_cmd(conn, conn->info_ident, L2CAP_INFO_REQ, in l2cap_connect()
4088 if (chan && !test_bit(CONF_REQ_SENT, &chan->conf_state) && in l2cap_connect()
4091 set_bit(CONF_REQ_SENT, &chan->conf_state); in l2cap_connect()
4094 chan->num_conf_req++; in l2cap_connect()
4105 return -EPROTO; in l2cap_connect_req()
4122 return -EPROTO; in l2cap_connect_create_rsp()
4124 scid = __le16_to_cpu(rsp->scid); in l2cap_connect_create_rsp()
4125 dcid = __le16_to_cpu(rsp->dcid); in l2cap_connect_create_rsp()
4126 result = __le16_to_cpu(rsp->result); in l2cap_connect_create_rsp()
4127 status = __le16_to_cpu(rsp->status); in l2cap_connect_create_rsp()
4131 return -EPROTO; in l2cap_connect_create_rsp()
4139 return -EBADSLT; in l2cap_connect_create_rsp()
4141 chan = __l2cap_get_chan_by_ident(conn, cmd->ident); in l2cap_connect_create_rsp()
4143 return -EBADSLT; in l2cap_connect_create_rsp()
4148 return -EBADSLT; in l2cap_connect_create_rsp()
4157 err = -EBADSLT; in l2cap_connect_create_rsp()
4162 chan->ident = 0; in l2cap_connect_create_rsp()
4163 chan->dcid = dcid; in l2cap_connect_create_rsp()
4164 clear_bit(CONF_CONNECT_PEND, &chan->conf_state); in l2cap_connect_create_rsp()
4166 if (test_and_set_bit(CONF_REQ_SENT, &chan->conf_state)) in l2cap_connect_create_rsp()
4171 chan->num_conf_req++; in l2cap_connect_create_rsp()
4175 set_bit(CONF_CONNECT_PEND, &chan->conf_state); in l2cap_connect_create_rsp()
4194 if (chan->mode != L2CAP_MODE_ERTM && chan->mode != L2CAP_MODE_STREAMING) in set_default_fcs()
4195 chan->fcs = L2CAP_FCS_NONE; in set_default_fcs()
4196 else if (!test_bit(CONF_RECV_NO_FCS, &chan->conf_state)) in set_default_fcs()
4197 chan->fcs = L2CAP_FCS_CRC16; in set_default_fcs()
4203 struct l2cap_conn *conn = chan->conn; in l2cap_send_efs_conf_rsp()
4208 clear_bit(CONF_LOC_CONF_PEND, &chan->conf_state); in l2cap_send_efs_conf_rsp()
4209 set_bit(CONF_OUTPUT_DONE, &chan->conf_state); in l2cap_send_efs_conf_rsp()
4239 return -EPROTO; in l2cap_config_req()
4241 dcid = __le16_to_cpu(req->dcid); in l2cap_config_req()
4242 flags = __le16_to_cpu(req->flags); in l2cap_config_req()
4248 cmd_reject_invalid_cid(conn, cmd->ident, dcid, 0); in l2cap_config_req()
4252 if (chan->state != BT_CONFIG && chan->state != BT_CONNECT2 && in l2cap_config_req()
4253 chan->state != BT_CONNECTED) { in l2cap_config_req()
4254 cmd_reject_invalid_cid(conn, cmd->ident, chan->scid, in l2cap_config_req()
4255 chan->dcid); in l2cap_config_req()
4260 len = cmd_len - sizeof(*req); in l2cap_config_req()
4261 if (chan->conf_len + len > sizeof(chan->conf_req)) { in l2cap_config_req()
4262 l2cap_send_cmd(conn, cmd->ident, L2CAP_CONF_RSP, in l2cap_config_req()
4269 memcpy(chan->conf_req + chan->conf_len, req->data, len); in l2cap_config_req()
4270 chan->conf_len += len; in l2cap_config_req()
4274 l2cap_send_cmd(conn, cmd->ident, L2CAP_CONF_RSP, in l2cap_config_req()
4287 chan->ident = cmd->ident; in l2cap_config_req()
4288 l2cap_send_cmd(conn, cmd->ident, L2CAP_CONF_RSP, len, rsp); in l2cap_config_req()
4289 if (chan->num_conf_rsp < L2CAP_CONF_MAX_CONF_RSP) in l2cap_config_req()
4290 chan->num_conf_rsp++; in l2cap_config_req()
4293 chan->conf_len = 0; in l2cap_config_req()
4295 if (!test_bit(CONF_OUTPUT_DONE, &chan->conf_state)) in l2cap_config_req()
4298 if (test_bit(CONF_INPUT_DONE, &chan->conf_state)) { in l2cap_config_req()
4301 if (chan->mode == L2CAP_MODE_ERTM || in l2cap_config_req()
4302 chan->mode == L2CAP_MODE_STREAMING) in l2cap_config_req()
4306 l2cap_send_disconn_req(chan, -err); in l2cap_config_req()
4313 if (!test_and_set_bit(CONF_REQ_SENT, &chan->conf_state)) { in l2cap_config_req()
4317 chan->num_conf_req++; in l2cap_config_req()
4322 if (test_bit(CONF_REM_CONF_PEND, &chan->conf_state) && in l2cap_config_req()
4323 test_bit(CONF_LOC_CONF_PEND, &chan->conf_state)) { in l2cap_config_req()
4328 l2cap_send_efs_conf_rsp(chan, rsp, cmd->ident, flags); in l2cap_config_req()
4344 int len = cmd_len - sizeof(*rsp); in l2cap_config_rsp()
4348 return -EPROTO; in l2cap_config_rsp()
4350 scid = __le16_to_cpu(rsp->scid); in l2cap_config_rsp()
4351 flags = __le16_to_cpu(rsp->flags); in l2cap_config_rsp()
4352 result = __le16_to_cpu(rsp->result); in l2cap_config_rsp()
4363 l2cap_conf_rfc_get(chan, rsp->data, len); in l2cap_config_rsp()
4364 clear_bit(CONF_REM_CONF_PEND, &chan->conf_state); in l2cap_config_rsp()
4368 set_bit(CONF_REM_CONF_PEND, &chan->conf_state); in l2cap_config_rsp()
4370 if (test_bit(CONF_LOC_CONF_PEND, &chan->conf_state)) { in l2cap_config_rsp()
4373 len = l2cap_parse_conf_rsp(chan, rsp->data, len, in l2cap_config_rsp()
4380 l2cap_send_efs_conf_rsp(chan, buf, cmd->ident, 0); in l2cap_config_rsp()
4386 if (chan->num_conf_rsp <= L2CAP_CONF_MAX_CONF_RSP) { in l2cap_config_rsp()
4389 if (len > sizeof(req) - sizeof(struct l2cap_conf_req)) { in l2cap_config_rsp()
4396 len = l2cap_parse_conf_rsp(chan, rsp->data, len, in l2cap_config_rsp()
4405 chan->num_conf_req++; in l2cap_config_rsp()
4423 set_bit(CONF_INPUT_DONE, &chan->conf_state); in l2cap_config_rsp()
4425 if (test_bit(CONF_OUTPUT_DONE, &chan->conf_state)) { in l2cap_config_rsp()
4428 if (chan->mode == L2CAP_MODE_ERTM || in l2cap_config_rsp()
4429 chan->mode == L2CAP_MODE_STREAMING) in l2cap_config_rsp()
4433 l2cap_send_disconn_req(chan, -err); in l2cap_config_rsp()
4454 return -EPROTO; in l2cap_disconnect_req()
4456 scid = __le16_to_cpu(req->scid); in l2cap_disconnect_req()
4457 dcid = __le16_to_cpu(req->dcid); in l2cap_disconnect_req()
4463 cmd_reject_invalid_cid(conn, cmd->ident, dcid, scid); in l2cap_disconnect_req()
4467 rsp.dcid = cpu_to_le16(chan->scid); in l2cap_disconnect_req()
4468 rsp.scid = cpu_to_le16(chan->dcid); in l2cap_disconnect_req()
4469 l2cap_send_cmd(conn, cmd->ident, L2CAP_DISCONN_RSP, sizeof(rsp), &rsp); in l2cap_disconnect_req()
4471 chan->ops->set_shutdown(chan); in l2cap_disconnect_req()
4475 chan->ops->close(chan); in l2cap_disconnect_req()
4492 return -EPROTO; in l2cap_disconnect_rsp()
4494 scid = __le16_to_cpu(rsp->scid); in l2cap_disconnect_rsp()
4495 dcid = __le16_to_cpu(rsp->dcid); in l2cap_disconnect_rsp()
4504 if (chan->state != BT_DISCONN) { in l2cap_disconnect_rsp()
4512 chan->ops->close(chan); in l2cap_disconnect_rsp()
4528 return -EPROTO; in l2cap_information_req()
4530 type = __le16_to_cpu(req->type); in l2cap_information_req()
4538 rsp->type = cpu_to_le16(L2CAP_IT_FEAT_MASK); in l2cap_information_req()
4539 rsp->result = cpu_to_le16(L2CAP_IR_SUCCESS); in l2cap_information_req()
4544 put_unaligned_le32(feat_mask, rsp->data); in l2cap_information_req()
4545 l2cap_send_cmd(conn, cmd->ident, L2CAP_INFO_RSP, sizeof(buf), in l2cap_information_req()
4551 rsp->type = cpu_to_le16(L2CAP_IT_FIXED_CHAN); in l2cap_information_req()
4552 rsp->result = cpu_to_le16(L2CAP_IR_SUCCESS); in l2cap_information_req()
4553 rsp->data[0] = conn->local_fixed_chan; in l2cap_information_req()
4554 memset(rsp->data + 1, 0, 7); in l2cap_information_req()
4555 l2cap_send_cmd(conn, cmd->ident, L2CAP_INFO_RSP, sizeof(buf), in l2cap_information_req()
4561 l2cap_send_cmd(conn, cmd->ident, L2CAP_INFO_RSP, sizeof(rsp), in l2cap_information_req()
4576 return -EPROTO; in l2cap_information_rsp()
4578 type = __le16_to_cpu(rsp->type); in l2cap_information_rsp()
4579 result = __le16_to_cpu(rsp->result); in l2cap_information_rsp()
4584 if (cmd->ident != conn->info_ident || in l2cap_information_rsp()
4585 conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_DONE) in l2cap_information_rsp()
4588 cancel_delayed_work(&conn->info_timer); in l2cap_information_rsp()
4591 conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_DONE; in l2cap_information_rsp()
4592 conn->info_ident = 0; in l2cap_information_rsp()
4601 conn->feat_mask = get_unaligned_le32(rsp->data); in l2cap_information_rsp()
4603 if (conn->feat_mask & L2CAP_FEAT_FIXED_CHAN) { in l2cap_information_rsp()
4607 conn->info_ident = l2cap_get_ident(conn); in l2cap_information_rsp()
4609 l2cap_send_cmd(conn, conn->info_ident, in l2cap_information_rsp()
4612 conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_DONE; in l2cap_information_rsp()
4613 conn->info_ident = 0; in l2cap_information_rsp()
4620 conn->remote_fixed_chan = rsp->data[0]; in l2cap_information_rsp()
4621 conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_DONE; in l2cap_information_rsp()
4622 conn->info_ident = 0; in l2cap_information_rsp()
4635 struct hci_conn *hcon = conn->hcon; in l2cap_conn_param_update_req()
4641 if (hcon->role != HCI_ROLE_MASTER) in l2cap_conn_param_update_req()
4642 return -EINVAL; in l2cap_conn_param_update_req()
4645 return -EPROTO; in l2cap_conn_param_update_req()
4648 min = __le16_to_cpu(req->min); in l2cap_conn_param_update_req()
4649 max = __le16_to_cpu(req->max); in l2cap_conn_param_update_req()
4650 latency = __le16_to_cpu(req->latency); in l2cap_conn_param_update_req()
4651 to_multiplier = __le16_to_cpu(req->to_multiplier); in l2cap_conn_param_update_req()
4664 l2cap_send_cmd(conn, cmd->ident, L2CAP_CONN_PARAM_UPDATE_RSP, in l2cap_conn_param_update_req()
4672 mgmt_new_conn_param(hcon->hdev, &hcon->dst, hcon->dst_type, in l2cap_conn_param_update_req()
4686 struct hci_conn *hcon = conn->hcon; in l2cap_le_connect_rsp()
4692 return -EPROTO; in l2cap_le_connect_rsp()
4694 dcid = __le16_to_cpu(rsp->dcid); in l2cap_le_connect_rsp()
4695 mtu = __le16_to_cpu(rsp->mtu); in l2cap_le_connect_rsp()
4696 mps = __le16_to_cpu(rsp->mps); in l2cap_le_connect_rsp()
4697 credits = __le16_to_cpu(rsp->credits); in l2cap_le_connect_rsp()
4698 result = __le16_to_cpu(rsp->result); in l2cap_le_connect_rsp()
4703 return -EPROTO; in l2cap_le_connect_rsp()
4708 chan = __l2cap_get_chan_by_ident(conn, cmd->ident); in l2cap_le_connect_rsp()
4710 return -EBADSLT; in l2cap_le_connect_rsp()
4719 err = -EBADSLT; in l2cap_le_connect_rsp()
4723 chan->ident = 0; in l2cap_le_connect_rsp()
4724 chan->dcid = dcid; in l2cap_le_connect_rsp()
4725 chan->omtu = mtu; in l2cap_le_connect_rsp()
4726 chan->remote_mps = mps; in l2cap_le_connect_rsp()
4727 chan->tx_credits = credits; in l2cap_le_connect_rsp()
4736 if (hcon->sec_level > BT_SECURITY_MEDIUM) { in l2cap_le_connect_rsp()
4741 sec_level = hcon->sec_level + 1; in l2cap_le_connect_rsp()
4742 if (chan->sec_level < sec_level) in l2cap_le_connect_rsp()
4743 chan->sec_level = sec_level; in l2cap_le_connect_rsp()
4746 clear_bit(FLAG_LE_CONN_REQ_SENT, &chan->flags); in l2cap_le_connect_rsp()
4748 smp_conn_security(hcon, chan->sec_level); in l2cap_le_connect_rsp()
4767 switch (cmd->code) { in l2cap_bredr_sig_cmd()
4797 l2cap_send_cmd(conn, cmd->ident, L2CAP_ECHO_RSP, cmd_len, data); in l2cap_bredr_sig_cmd()
4812 BT_ERR("Unknown BR/EDR signaling command 0x%2.2x", cmd->code); in l2cap_bredr_sig_cmd()
4813 err = -EINVAL; in l2cap_bredr_sig_cmd()
4832 return -EPROTO; in l2cap_le_connect_req()
4834 scid = __le16_to_cpu(req->scid); in l2cap_le_connect_req()
4835 mtu = __le16_to_cpu(req->mtu); in l2cap_le_connect_req()
4836 mps = __le16_to_cpu(req->mps); in l2cap_le_connect_req()
4837 psm = req->psm; in l2cap_le_connect_req()
4842 return -EPROTO; in l2cap_le_connect_req()
4850 * Valid range: 0x0001-0x00ff in l2cap_le_connect_req()
4861 pchan = l2cap_global_chan_by_psm(BT_LISTEN, psm, &conn->hcon->src, in l2cap_le_connect_req()
4862 &conn->hcon->dst, LE_LINK); in l2cap_le_connect_req()
4871 if (!smp_sufficient_security(conn->hcon, pchan->sec_level, in l2cap_le_connect_req()
4892 chan = pchan->ops->new_connection(pchan); in l2cap_le_connect_req()
4898 bacpy(&chan->src, &conn->hcon->src); in l2cap_le_connect_req()
4899 bacpy(&chan->dst, &conn->hcon->dst); in l2cap_le_connect_req()
4900 chan->src_type = bdaddr_src_type(conn->hcon); in l2cap_le_connect_req()
4901 chan->dst_type = bdaddr_dst_type(conn->hcon); in l2cap_le_connect_req()
4902 chan->psm = psm; in l2cap_le_connect_req()
4903 chan->dcid = scid; in l2cap_le_connect_req()
4904 chan->omtu = mtu; in l2cap_le_connect_req()
4905 chan->remote_mps = mps; in l2cap_le_connect_req()
4909 l2cap_le_flowctl_init(chan, __le16_to_cpu(req->credits)); in l2cap_le_connect_req()
4911 dcid = chan->scid; in l2cap_le_connect_req()
4912 credits = chan->rx_credits; in l2cap_le_connect_req()
4914 __set_chan_timer(chan, chan->ops->get_sndtimeo(chan)); in l2cap_le_connect_req()
4916 chan->ident = cmd->ident; in l2cap_le_connect_req()
4918 if (test_bit(FLAG_DEFER_SETUP, &chan->flags)) { in l2cap_le_connect_req()
4926 chan->ops->defer(chan); in l2cap_le_connect_req()
4941 rsp.mtu = cpu_to_le16(chan->imtu); in l2cap_le_connect_req()
4942 rsp.mps = cpu_to_le16(chan->mps); in l2cap_le_connect_req()
4952 l2cap_send_cmd(conn, cmd->ident, L2CAP_LE_CONN_RSP, sizeof(rsp), &rsp); in l2cap_le_connect_req()
4966 return -EPROTO; in l2cap_le_credits()
4969 cid = __le16_to_cpu(pkt->cid); in l2cap_le_credits()
4970 credits = __le16_to_cpu(pkt->credits); in l2cap_le_credits()
4976 return -EBADSLT; in l2cap_le_credits()
4978 max_credits = LE_FLOWCTL_MAX_CREDITS - chan->tx_credits; in l2cap_le_credits()
4989 chan->tx_credits += credits; in l2cap_le_credits()
4994 if (chan->tx_credits) in l2cap_le_credits()
4995 chan->ops->resume(chan); in l2cap_le_credits()
5018 return -EINVAL; in l2cap_ecred_conn_req()
5020 if (cmd_len < sizeof(*req) || (cmd_len - sizeof(*req)) % sizeof(u16)) { in l2cap_ecred_conn_req()
5025 cmd_len -= sizeof(*req); in l2cap_ecred_conn_req()
5033 mtu = __le16_to_cpu(req->mtu); in l2cap_ecred_conn_req()
5034 mps = __le16_to_cpu(req->mps); in l2cap_ecred_conn_req()
5041 psm = req->psm; in l2cap_ecred_conn_req()
5046 * Valid range: 0x0001-0x00ff in l2cap_ecred_conn_req()
5060 pchan = l2cap_global_chan_by_psm(BT_LISTEN, psm, &conn->hcon->src, in l2cap_ecred_conn_req()
5061 &conn->hcon->dst, LE_LINK); in l2cap_ecred_conn_req()
5069 if (!smp_sufficient_security(conn->hcon, pchan->sec_level, in l2cap_ecred_conn_req()
5078 u16 scid = __le16_to_cpu(req->scid[i]); in l2cap_ecred_conn_req()
5082 pdu->dcid[i] = 0x0000; in l2cap_ecred_conn_req()
5083 len += sizeof(*pdu->dcid); in l2cap_ecred_conn_req()
5097 chan = pchan->ops->new_connection(pchan); in l2cap_ecred_conn_req()
5103 bacpy(&chan->src, &conn->hcon->src); in l2cap_ecred_conn_req()
5104 bacpy(&chan->dst, &conn->hcon->dst); in l2cap_ecred_conn_req()
5105 chan->src_type = bdaddr_src_type(conn->hcon); in l2cap_ecred_conn_req()
5106 chan->dst_type = bdaddr_dst_type(conn->hcon); in l2cap_ecred_conn_req()
5107 chan->psm = psm; in l2cap_ecred_conn_req()
5108 chan->dcid = scid; in l2cap_ecred_conn_req()
5109 chan->omtu = mtu; in l2cap_ecred_conn_req()
5110 chan->remote_mps = mps; in l2cap_ecred_conn_req()
5114 l2cap_ecred_init(chan, __le16_to_cpu(req->credits)); in l2cap_ecred_conn_req()
5117 if (!pdu->credits) { in l2cap_ecred_conn_req()
5118 pdu->mtu = cpu_to_le16(chan->imtu); in l2cap_ecred_conn_req()
5119 pdu->mps = cpu_to_le16(chan->mps); in l2cap_ecred_conn_req()
5120 pdu->credits = cpu_to_le16(chan->rx_credits); in l2cap_ecred_conn_req()
5123 pdu->dcid[i] = cpu_to_le16(chan->scid); in l2cap_ecred_conn_req()
5125 __set_chan_timer(chan, chan->ops->get_sndtimeo(chan)); in l2cap_ecred_conn_req()
5127 chan->ident = cmd->ident; in l2cap_ecred_conn_req()
5128 chan->mode = L2CAP_MODE_EXT_FLOWCTL; in l2cap_ecred_conn_req()
5130 if (test_bit(FLAG_DEFER_SETUP, &chan->flags)) { in l2cap_ecred_conn_req()
5133 chan->ops->defer(chan); in l2cap_ecred_conn_req()
5144 pdu->result = cpu_to_le16(result); in l2cap_ecred_conn_req()
5149 l2cap_send_cmd(conn, cmd->ident, L2CAP_ECRED_CONN_RSP, in l2cap_ecred_conn_req()
5160 struct hci_conn *hcon = conn->hcon; in l2cap_ecred_conn_rsp()
5167 return -EPROTO; in l2cap_ecred_conn_rsp()
5169 mtu = __le16_to_cpu(rsp->mtu); in l2cap_ecred_conn_rsp()
5170 mps = __le16_to_cpu(rsp->mps); in l2cap_ecred_conn_rsp()
5171 credits = __le16_to_cpu(rsp->credits); in l2cap_ecred_conn_rsp()
5172 result = __le16_to_cpu(rsp->result); in l2cap_ecred_conn_rsp()
5177 cmd_len -= sizeof(*rsp); in l2cap_ecred_conn_rsp()
5179 list_for_each_entry_safe(chan, tmp, &conn->chan_l, list) { in l2cap_ecred_conn_rsp()
5182 if (chan->ident != cmd->ident || in l2cap_ecred_conn_rsp()
5183 chan->mode != L2CAP_MODE_EXT_FLOWCTL || in l2cap_ecred_conn_rsp()
5184 chan->state == BT_CONNECTED) in l2cap_ecred_conn_rsp()
5196 dcid = __le16_to_cpu(rsp->dcid[i++]); in l2cap_ecred_conn_rsp()
5197 cmd_len -= sizeof(u16); in l2cap_ecred_conn_rsp()
5205 * already-assigned Destination CID, then both the in l2cap_ecred_conn_rsp()
5224 if (hcon->sec_level > BT_SECURITY_MEDIUM) { in l2cap_ecred_conn_rsp()
5229 sec_level = hcon->sec_level + 1; in l2cap_ecred_conn_rsp()
5230 if (chan->sec_level < sec_level) in l2cap_ecred_conn_rsp()
5231 chan->sec_level = sec_level; in l2cap_ecred_conn_rsp()
5234 clear_bit(FLAG_ECRED_CONN_REQ_SENT, &chan->flags); in l2cap_ecred_conn_rsp()
5236 smp_conn_security(hcon, chan->sec_level); in l2cap_ecred_conn_rsp()
5250 chan->ident = 0; in l2cap_ecred_conn_rsp()
5251 chan->dcid = dcid; in l2cap_ecred_conn_rsp()
5252 chan->omtu = mtu; in l2cap_ecred_conn_rsp()
5253 chan->remote_mps = mps; in l2cap_ecred_conn_rsp()
5254 chan->tx_credits = credits; in l2cap_ecred_conn_rsp()
5276 return -EINVAL; in l2cap_ecred_reconf_req()
5278 if (cmd_len < sizeof(*req) || cmd_len - sizeof(*req) % sizeof(u16)) { in l2cap_ecred_reconf_req()
5283 mtu = __le16_to_cpu(req->mtu); in l2cap_ecred_reconf_req()
5284 mps = __le16_to_cpu(req->mps); in l2cap_ecred_reconf_req()
5298 cmd_len -= sizeof(*req); in l2cap_ecred_reconf_req()
5305 scid = __le16_to_cpu(req->scid[i]); in l2cap_ecred_reconf_req()
5307 return -EPROTO; in l2cap_ecred_reconf_req()
5317 if (chan->omtu > mtu) { in l2cap_ecred_reconf_req()
5318 BT_ERR("chan %p decreased MTU %u -> %u", chan, in l2cap_ecred_reconf_req()
5319 chan->omtu, mtu); in l2cap_ecred_reconf_req()
5323 chan->omtu = mtu; in l2cap_ecred_reconf_req()
5324 chan->remote_mps = mps; in l2cap_ecred_reconf_req()
5330 l2cap_send_cmd(conn, cmd->ident, L2CAP_ECRED_RECONF_RSP, sizeof(rsp), in l2cap_ecred_reconf_req()
5345 return -EPROTO; in l2cap_ecred_reconf_rsp()
5347 result = __le16_to_cpu(rsp->result); in l2cap_ecred_reconf_rsp()
5349 BT_DBG("result 0x%4.4x", rsp->result); in l2cap_ecred_reconf_rsp()
5354 list_for_each_entry_safe(chan, tmp, &conn->chan_l, list) { in l2cap_ecred_reconf_rsp()
5355 if (chan->ident != cmd->ident) in l2cap_ecred_reconf_rsp()
5372 return -EPROTO; in l2cap_le_command_rej()
5374 chan = __l2cap_get_chan_by_ident(conn, cmd->ident); in l2cap_le_command_rej()
5397 switch (cmd->code) { in l2cap_le_sig_cmd()
5446 BT_ERR("Unknown LE signaling command 0x%2.2x", cmd->code); in l2cap_le_sig_cmd()
5447 err = -EINVAL; in l2cap_le_sig_cmd()
5457 struct hci_conn *hcon = conn->hcon; in l2cap_le_sig_channel()
5462 if (hcon->type != LE_LINK) in l2cap_le_sig_channel()
5465 if (skb->len < L2CAP_CMD_HDR_SIZE) in l2cap_le_sig_channel()
5468 cmd = (void *) skb->data; in l2cap_le_sig_channel()
5471 len = le16_to_cpu(cmd->len); in l2cap_le_sig_channel()
5473 BT_DBG("code 0x%2.2x len %d id 0x%2.2x", cmd->code, len, cmd->ident); in l2cap_le_sig_channel()
5475 if (len != skb->len || !cmd->ident) { in l2cap_le_sig_channel()
5480 err = l2cap_le_sig_cmd(conn, cmd, len, skb->data); in l2cap_le_sig_channel()
5487 l2cap_send_cmd(conn, cmd->ident, L2CAP_COMMAND_REJ, in l2cap_le_sig_channel()
5506 struct hci_conn *hcon = conn->hcon; in l2cap_sig_channel()
5512 if (hcon->type != ACL_LINK) in l2cap_sig_channel()
5515 while (skb->len >= L2CAP_CMD_HDR_SIZE) { in l2cap_sig_channel()
5518 cmd = (void *) skb->data; in l2cap_sig_channel()
5521 len = le16_to_cpu(cmd->len); in l2cap_sig_channel()
5523 BT_DBG("code 0x%2.2x len %d id 0x%2.2x", cmd->code, len, in l2cap_sig_channel()
5524 cmd->ident); in l2cap_sig_channel()
5526 if (len > skb->len || !cmd->ident) { in l2cap_sig_channel()
5528 l2cap_sig_send_rej(conn, cmd->ident); in l2cap_sig_channel()
5529 skb_pull(skb, len > skb->len ? skb->len : len); in l2cap_sig_channel()
5533 err = l2cap_bredr_sig_cmd(conn, cmd, len, skb->data); in l2cap_sig_channel()
5536 l2cap_sig_send_rej(conn, cmd->ident); in l2cap_sig_channel()
5542 if (skb->len > 0) { in l2cap_sig_channel()
5556 if (test_bit(FLAG_EXT_CTRL, &chan->flags)) in l2cap_check_fcs()
5561 if (chan->fcs == L2CAP_FCS_CRC16) { in l2cap_check_fcs()
5562 skb_trim(skb, skb->len - L2CAP_FCS_SIZE); in l2cap_check_fcs()
5563 rcv_fcs = get_unaligned_le16(skb->data + skb->len); in l2cap_check_fcs()
5564 our_fcs = crc16(0, skb->data - hdr_size, skb->len + hdr_size); in l2cap_check_fcs()
5567 return -EBADMSG; in l2cap_check_fcs()
5581 control.reqseq = chan->buffer_seq; in l2cap_send_i_or_rr_or_rnr()
5582 set_bit(CONN_SEND_FBIT, &chan->conn_state); in l2cap_send_i_or_rr_or_rnr()
5584 if (test_bit(CONN_LOCAL_BUSY, &chan->conn_state)) { in l2cap_send_i_or_rr_or_rnr()
5585 control.super = L2CAP_SUPER_RNR; in l2cap_send_i_or_rr_or_rnr()
5589 if (test_and_clear_bit(CONN_REMOTE_BUSY, &chan->conn_state) && in l2cap_send_i_or_rr_or_rnr()
5590 chan->unacked_frames > 0) in l2cap_send_i_or_rr_or_rnr()
5596 if (!test_bit(CONN_LOCAL_BUSY, &chan->conn_state) && in l2cap_send_i_or_rr_or_rnr()
5597 test_bit(CONN_SEND_FBIT, &chan->conn_state)) { in l2cap_send_i_or_rr_or_rnr()
5598 /* F-bit wasn't sent in an s-frame or i-frame yet, so in l2cap_send_i_or_rr_or_rnr()
5601 control.super = L2CAP_SUPER_RR; in l2cap_send_i_or_rr_or_rnr()
5609 /* skb->len reflects data in skb as well as all fragments in append_skb_frag()
5610 * skb->data_len reflects only data in fragments in append_skb_frag()
5613 skb_shinfo(skb)->frag_list = new_frag; in append_skb_frag()
5615 new_frag->next = NULL; in append_skb_frag()
5617 (*last_frag)->next = new_frag; in append_skb_frag()
5620 skb->len += new_frag->len; in append_skb_frag()
5621 skb->data_len += new_frag->len; in append_skb_frag()
5622 skb->truesize += new_frag->truesize; in append_skb_frag()
5628 int err = -EINVAL; in l2cap_reassemble_sdu()
5630 switch (control->sar) { in l2cap_reassemble_sdu()
5632 if (chan->sdu) in l2cap_reassemble_sdu()
5635 err = chan->ops->recv(chan, skb); in l2cap_reassemble_sdu()
5639 if (chan->sdu) in l2cap_reassemble_sdu()
5645 chan->sdu_len = get_unaligned_le16(skb->data); in l2cap_reassemble_sdu()
5648 if (chan->sdu_len > chan->imtu) { in l2cap_reassemble_sdu()
5649 err = -EMSGSIZE; in l2cap_reassemble_sdu()
5653 if (skb->len >= chan->sdu_len) in l2cap_reassemble_sdu()
5656 chan->sdu = skb; in l2cap_reassemble_sdu()
5657 chan->sdu_last_frag = skb; in l2cap_reassemble_sdu()
5664 if (!chan->sdu) in l2cap_reassemble_sdu()
5667 append_skb_frag(chan->sdu, skb, in l2cap_reassemble_sdu()
5668 &chan->sdu_last_frag); in l2cap_reassemble_sdu()
5671 if (chan->sdu->len >= chan->sdu_len) in l2cap_reassemble_sdu()
5678 if (!chan->sdu) in l2cap_reassemble_sdu()
5681 append_skb_frag(chan->sdu, skb, in l2cap_reassemble_sdu()
5682 &chan->sdu_last_frag); in l2cap_reassemble_sdu()
5685 if (chan->sdu->len != chan->sdu_len) in l2cap_reassemble_sdu()
5688 err = chan->ops->recv(chan, chan->sdu); in l2cap_reassemble_sdu()
5692 chan->sdu = NULL; in l2cap_reassemble_sdu()
5693 chan->sdu_last_frag = NULL; in l2cap_reassemble_sdu()
5694 chan->sdu_len = 0; in l2cap_reassemble_sdu()
5701 kfree_skb(chan->sdu); in l2cap_reassemble_sdu()
5702 chan->sdu = NULL; in l2cap_reassemble_sdu()
5703 chan->sdu_last_frag = NULL; in l2cap_reassemble_sdu()
5704 chan->sdu_len = 0; in l2cap_reassemble_sdu()
5720 if (chan->mode != L2CAP_MODE_ERTM) in l2cap_chan_busy()
5730 /* Pass sequential frames to l2cap_reassemble_sdu() in l2cap_rx_queued_iframes()
5736 while (!test_bit(CONN_LOCAL_BUSY, &chan->conn_state)) { in l2cap_rx_queued_iframes()
5739 chan->buffer_seq, skb_queue_len(&chan->srej_q)); in l2cap_rx_queued_iframes()
5741 skb = l2cap_ertm_seq_in_queue(&chan->srej_q, chan->buffer_seq); in l2cap_rx_queued_iframes()
5746 skb_unlink(skb, &chan->srej_q); in l2cap_rx_queued_iframes()
5747 chan->buffer_seq = __next_seq(chan, chan->buffer_seq); in l2cap_rx_queued_iframes()
5748 err = l2cap_reassemble_sdu(chan, skb, &bt_cb(skb)->l2cap); in l2cap_rx_queued_iframes()
5753 if (skb_queue_empty(&chan->srej_q)) { in l2cap_rx_queued_iframes()
5754 chan->rx_state = L2CAP_RX_STATE_RECV; in l2cap_rx_queued_iframes()
5768 if (control->reqseq == chan->next_tx_seq) { in l2cap_handle_srej()
5769 BT_DBG("Invalid reqseq %d, disconnecting", control->reqseq); in l2cap_handle_srej()
5774 skb = l2cap_ertm_seq_in_queue(&chan->tx_q, control->reqseq); in l2cap_handle_srej()
5778 control->reqseq); in l2cap_handle_srej()
5782 if (chan->max_tx != 0 && bt_cb(skb)->l2cap.retries >= chan->max_tx) { in l2cap_handle_srej()
5783 BT_DBG("Retry limit exceeded (%d)", chan->max_tx); in l2cap_handle_srej()
5788 clear_bit(CONN_REMOTE_BUSY, &chan->conn_state); in l2cap_handle_srej()
5790 if (control->poll) { in l2cap_handle_srej()
5793 set_bit(CONN_SEND_FBIT, &chan->conn_state); in l2cap_handle_srej()
5797 if (chan->tx_state == L2CAP_TX_STATE_WAIT_F) { in l2cap_handle_srej()
5798 set_bit(CONN_SREJ_ACT, &chan->conn_state); in l2cap_handle_srej()
5799 chan->srej_save_reqseq = control->reqseq; in l2cap_handle_srej()
5804 if (control->final) { in l2cap_handle_srej()
5805 if (chan->srej_save_reqseq != control->reqseq || in l2cap_handle_srej()
5807 &chan->conn_state)) in l2cap_handle_srej()
5811 if (chan->tx_state == L2CAP_TX_STATE_WAIT_F) { in l2cap_handle_srej()
5812 set_bit(CONN_SREJ_ACT, &chan->conn_state); in l2cap_handle_srej()
5813 chan->srej_save_reqseq = control->reqseq; in l2cap_handle_srej()
5826 if (control->reqseq == chan->next_tx_seq) { in l2cap_handle_rej()
5827 BT_DBG("Invalid reqseq %d, disconnecting", control->reqseq); in l2cap_handle_rej()
5832 skb = l2cap_ertm_seq_in_queue(&chan->tx_q, control->reqseq); in l2cap_handle_rej()
5834 if (chan->max_tx && skb && in l2cap_handle_rej()
5835 bt_cb(skb)->l2cap.retries >= chan->max_tx) { in l2cap_handle_rej()
5836 BT_DBG("Retry limit exceeded (%d)", chan->max_tx); in l2cap_handle_rej()
5841 clear_bit(CONN_REMOTE_BUSY, &chan->conn_state); in l2cap_handle_rej()
5845 if (control->final) { in l2cap_handle_rej()
5846 if (!test_and_clear_bit(CONN_REJ_ACT, &chan->conn_state)) in l2cap_handle_rej()
5851 if (chan->tx_state == L2CAP_TX_STATE_WAIT_F) in l2cap_handle_rej()
5852 set_bit(CONN_REJ_ACT, &chan->conn_state); in l2cap_handle_rej()
5860 BT_DBG("last_acked_seq %d, expected_tx_seq %d", chan->last_acked_seq, in l2cap_classify_txseq()
5861 chan->expected_tx_seq); in l2cap_classify_txseq()
5863 if (chan->rx_state == L2CAP_RX_STATE_SREJ_SENT) { in l2cap_classify_txseq()
5864 if (__seq_offset(chan, txseq, chan->last_acked_seq) >= in l2cap_classify_txseq()
5865 chan->tx_win) { in l2cap_classify_txseq()
5869 if (chan->tx_win <= ((chan->tx_win_max + 1) >> 1)) { in l2cap_classify_txseq()
5870 BT_DBG("Invalid/Ignore - after SREJ"); in l2cap_classify_txseq()
5873 BT_DBG("Invalid - in window after SREJ sent"); in l2cap_classify_txseq()
5878 if (chan->srej_list.head == txseq) { in l2cap_classify_txseq()
5883 if (l2cap_ertm_seq_in_queue(&chan->srej_q, txseq)) { in l2cap_classify_txseq()
5884 BT_DBG("Duplicate SREJ - txseq already stored"); in l2cap_classify_txseq()
5888 if (l2cap_seq_list_contains(&chan->srej_list, txseq)) { in l2cap_classify_txseq()
5889 BT_DBG("Unexpected SREJ - not requested"); in l2cap_classify_txseq()
5894 if (chan->expected_tx_seq == txseq) { in l2cap_classify_txseq()
5895 if (__seq_offset(chan, txseq, chan->last_acked_seq) >= in l2cap_classify_txseq()
5896 chan->tx_win) { in l2cap_classify_txseq()
5897 BT_DBG("Invalid - txseq outside tx window"); in l2cap_classify_txseq()
5905 if (__seq_offset(chan, txseq, chan->last_acked_seq) < in l2cap_classify_txseq()
5906 __seq_offset(chan, chan->expected_tx_seq, chan->last_acked_seq)) { in l2cap_classify_txseq()
5907 BT_DBG("Duplicate - expected_tx_seq later than txseq"); in l2cap_classify_txseq()
5911 if (__seq_offset(chan, txseq, chan->last_acked_seq) >= chan->tx_win) { in l2cap_classify_txseq()
5922 * invalid frames to be safely ignored. in l2cap_classify_txseq()
5929 if (chan->tx_win <= ((chan->tx_win_max + 1) >> 1)) { in l2cap_classify_txseq()
5930 BT_DBG("Invalid/Ignore - txseq outside tx window"); in l2cap_classify_txseq()
5933 BT_DBG("Invalid - txseq outside tx window"); in l2cap_classify_txseq()
5937 BT_DBG("Unexpected - txseq indicates missing frames"); in l2cap_classify_txseq()
5955 switch (l2cap_classify_txseq(chan, control->txseq)) { in l2cap_rx_state_recv()
5959 if (test_bit(CONN_LOCAL_BUSY, &chan->conn_state)) { in l2cap_rx_state_recv()
5961 control->txseq); in l2cap_rx_state_recv()
5965 chan->expected_tx_seq = __next_seq(chan, in l2cap_rx_state_recv()
5966 control->txseq); in l2cap_rx_state_recv()
5968 chan->buffer_seq = chan->expected_tx_seq; in l2cap_rx_state_recv()
5978 * chan->ops->recv == l2cap_sock_recv_cb in l2cap_rx_state_recv()
5994 &chan->conn_state)) { in l2cap_rx_state_recv()
6001 if (!test_bit(CONN_LOCAL_BUSY, &chan->conn_state)) in l2cap_rx_state_recv()
6007 /* Can't issue SREJ frames in the local busy state. in l2cap_rx_state_recv()
6011 if (test_bit(CONN_LOCAL_BUSY, &chan->conn_state)) { in l2cap_rx_state_recv()
6013 control->txseq); in l2cap_rx_state_recv()
6021 skb_queue_tail(&chan->srej_q, skb); in l2cap_rx_state_recv()
6024 skb_queue_len(&chan->srej_q)); in l2cap_rx_state_recv()
6026 clear_bit(CONN_SREJ_ACT, &chan->conn_state); in l2cap_rx_state_recv()
6027 l2cap_seq_list_clear(&chan->srej_list); in l2cap_rx_state_recv()
6028 l2cap_send_srej(chan, control->txseq); in l2cap_rx_state_recv()
6030 chan->rx_state = L2CAP_RX_STATE_SREJ_SENT; in l2cap_rx_state_recv()
6045 if (control->final) { in l2cap_rx_state_recv()
6046 clear_bit(CONN_REMOTE_BUSY, &chan->conn_state); in l2cap_rx_state_recv()
6049 &chan->conn_state)) { in l2cap_rx_state_recv()
6050 control->final = 0; in l2cap_rx_state_recv()
6055 } else if (control->poll) { in l2cap_rx_state_recv()
6059 &chan->conn_state) && in l2cap_rx_state_recv()
6060 chan->unacked_frames) in l2cap_rx_state_recv()
6067 set_bit(CONN_REMOTE_BUSY, &chan->conn_state); in l2cap_rx_state_recv()
6069 if (control && control->poll) { in l2cap_rx_state_recv()
6070 set_bit(CONN_SEND_FBIT, &chan->conn_state); in l2cap_rx_state_recv()
6074 l2cap_seq_list_clear(&chan->retrans_list); in l2cap_rx_state_recv()
6099 u16 txseq = control->txseq; in l2cap_rx_state_srej_sent()
6111 skb_queue_tail(&chan->srej_q, skb); in l2cap_rx_state_srej_sent()
6114 skb_queue_len(&chan->srej_q)); in l2cap_rx_state_srej_sent()
6116 chan->expected_tx_seq = __next_seq(chan, txseq); in l2cap_rx_state_srej_sent()
6119 l2cap_seq_list_pop(&chan->srej_list); in l2cap_rx_state_srej_sent()
6122 skb_queue_tail(&chan->srej_q, skb); in l2cap_rx_state_srej_sent()
6125 skb_queue_len(&chan->srej_q)); in l2cap_rx_state_srej_sent()
6135 * the missing frames. in l2cap_rx_state_srej_sent()
6137 skb_queue_tail(&chan->srej_q, skb); in l2cap_rx_state_srej_sent()
6140 skb_queue_len(&chan->srej_q)); in l2cap_rx_state_srej_sent()
6143 l2cap_send_srej(chan, control->txseq); in l2cap_rx_state_srej_sent()
6147 * some expected retransmitted frames are in l2cap_rx_state_srej_sent()
6149 * SREJ'd frames. in l2cap_rx_state_srej_sent()
6151 skb_queue_tail(&chan->srej_q, skb); in l2cap_rx_state_srej_sent()
6154 skb_queue_len(&chan->srej_q)); in l2cap_rx_state_srej_sent()
6157 l2cap_send_srej_list(chan, control->txseq); in l2cap_rx_state_srej_sent()
6178 if (control->final) { in l2cap_rx_state_srej_sent()
6179 clear_bit(CONN_REMOTE_BUSY, &chan->conn_state); in l2cap_rx_state_srej_sent()
6182 &chan->conn_state)) { in l2cap_rx_state_srej_sent()
6183 control->final = 0; in l2cap_rx_state_srej_sent()
6188 } else if (control->poll) { in l2cap_rx_state_srej_sent()
6190 &chan->conn_state) && in l2cap_rx_state_srej_sent()
6191 chan->unacked_frames) { in l2cap_rx_state_srej_sent()
6195 set_bit(CONN_SEND_FBIT, &chan->conn_state); in l2cap_rx_state_srej_sent()
6199 &chan->conn_state) && in l2cap_rx_state_srej_sent()
6200 chan->unacked_frames) in l2cap_rx_state_srej_sent()
6207 set_bit(CONN_REMOTE_BUSY, &chan->conn_state); in l2cap_rx_state_srej_sent()
6209 if (control->poll) { in l2cap_rx_state_srej_sent()
6215 rr_control.super = L2CAP_SUPER_RR; in l2cap_rx_state_srej_sent()
6216 rr_control.reqseq = chan->buffer_seq; in l2cap_rx_state_srej_sent()
6241 chan->rx_state = L2CAP_RX_STATE_RECV; in l2cap_finish_move()
6242 chan->conn->mtu = chan->conn->hcon->mtu; in l2cap_finish_move()
6256 if (!control->poll) in l2cap_rx_state_wait_p()
6257 return -EPROTO; in l2cap_rx_state_wait_p()
6259 l2cap_process_reqseq(chan, control->reqseq); in l2cap_rx_state_wait_p()
6261 if (!skb_queue_empty(&chan->tx_q)) in l2cap_rx_state_wait_p()
6262 chan->tx_send_head = skb_peek(&chan->tx_q); in l2cap_rx_state_wait_p()
6264 chan->tx_send_head = NULL; in l2cap_rx_state_wait_p()
6269 chan->next_tx_seq = control->reqseq; in l2cap_rx_state_wait_p()
6270 chan->unacked_frames = 0; in l2cap_rx_state_wait_p()
6276 set_bit(CONN_SEND_FBIT, &chan->conn_state); in l2cap_rx_state_wait_p()
6280 return -EPROTO; in l2cap_rx_state_wait_p()
6291 if (!control->final) in l2cap_rx_state_wait_f()
6292 return -EPROTO; in l2cap_rx_state_wait_f()
6294 clear_bit(CONN_REMOTE_BUSY, &chan->conn_state); in l2cap_rx_state_wait_f()
6296 chan->rx_state = L2CAP_RX_STATE_RECV; in l2cap_rx_state_wait_f()
6297 l2cap_process_reqseq(chan, control->reqseq); in l2cap_rx_state_wait_f()
6299 if (!skb_queue_empty(&chan->tx_q)) in l2cap_rx_state_wait_f()
6300 chan->tx_send_head = skb_peek(&chan->tx_q); in l2cap_rx_state_wait_f()
6302 chan->tx_send_head = NULL; in l2cap_rx_state_wait_f()
6307 chan->next_tx_seq = control->reqseq; in l2cap_rx_state_wait_f()
6308 chan->unacked_frames = 0; in l2cap_rx_state_wait_f()
6309 chan->conn->mtu = chan->conn->hcon->mtu; in l2cap_rx_state_wait_f()
6324 unacked = __seq_offset(chan, chan->next_tx_seq, chan->expected_ack_seq); in __valid_reqseq()
6325 return __seq_offset(chan, chan->next_tx_seq, reqseq) <= unacked; in __valid_reqseq()
6334 control, skb, event, chan->rx_state); in l2cap_rx()
6336 if (__valid_reqseq(chan, control->reqseq)) { in l2cap_rx()
6337 switch (chan->rx_state) { in l2cap_rx()
6357 control->reqseq, chan->next_tx_seq, in l2cap_rx()
6358 chan->expected_ack_seq); in l2cap_rx()
6374 * chan->ops->recv == l2cap_sock_recv_cb in l2cap_stream_rx()
6383 u16 txseq = control->txseq; in l2cap_stream_rx()
6386 chan->rx_state); in l2cap_stream_rx()
6391 BT_DBG("buffer_seq %u->%u", chan->buffer_seq, in l2cap_stream_rx()
6392 __next_seq(chan, chan->buffer_seq)); in l2cap_stream_rx()
6394 chan->buffer_seq = __next_seq(chan, chan->buffer_seq); in l2cap_stream_rx()
6398 if (chan->sdu) { in l2cap_stream_rx()
6399 kfree_skb(chan->sdu); in l2cap_stream_rx()
6400 chan->sdu = NULL; in l2cap_stream_rx()
6402 chan->sdu_last_frag = NULL; in l2cap_stream_rx()
6403 chan->sdu_len = 0; in l2cap_stream_rx()
6411 chan->last_acked_seq = txseq; in l2cap_stream_rx()
6412 chan->expected_tx_seq = __next_seq(chan, txseq); in l2cap_stream_rx()
6419 struct l2cap_ctrl *control = &bt_cb(skb)->l2cap; in l2cap_data_rcv()
6425 len = skb->len; in l2cap_data_rcv()
6428 * We can just drop the corrupted I-frame here. in l2cap_data_rcv()
6435 if (!control->sframe && control->sar == L2CAP_SAR_START) in l2cap_data_rcv()
6436 len -= L2CAP_SDULEN_SIZE; in l2cap_data_rcv()
6438 if (chan->fcs == L2CAP_FCS_CRC16) in l2cap_data_rcv()
6439 len -= L2CAP_FCS_SIZE; in l2cap_data_rcv()
6441 if (len > chan->mps) { in l2cap_data_rcv()
6446 if (chan->ops->filter) { in l2cap_data_rcv()
6447 if (chan->ops->filter(chan, skb)) in l2cap_data_rcv()
6451 if (!control->sframe) { in l2cap_data_rcv()
6455 control->sar, control->reqseq, control->final, in l2cap_data_rcv()
6456 control->txseq); in l2cap_data_rcv()
6458 /* Validate F-bit - F=0 always valid, F=1 only in l2cap_data_rcv()
6461 if (control->final && chan->tx_state != L2CAP_TX_STATE_WAIT_F) in l2cap_data_rcv()
6464 if (chan->mode != L2CAP_MODE_STREAMING) { in l2cap_data_rcv()
6479 /* Only I-frames are expected in streaming mode */ in l2cap_data_rcv()
6480 if (chan->mode == L2CAP_MODE_STREAMING) in l2cap_data_rcv()
6483 BT_DBG("sframe reqseq %d, final %d, poll %d, super %d", in l2cap_data_rcv()
6484 control->reqseq, control->final, control->poll, in l2cap_data_rcv()
6485 control->super); in l2cap_data_rcv()
6494 if (control->final && (control->poll || in l2cap_data_rcv()
6495 chan->tx_state != L2CAP_TX_STATE_WAIT_F)) in l2cap_data_rcv()
6498 event = rx_func_to_event[control->super]; in l2cap_data_rcv()
6512 struct l2cap_conn *conn = chan->conn; in l2cap_chan_le_send_credits()
6516 if (chan->rx_credits >= return_credits) in l2cap_chan_le_send_credits()
6519 return_credits -= chan->rx_credits; in l2cap_chan_le_send_credits()
6523 chan->rx_credits += return_credits; in l2cap_chan_le_send_credits()
6525 pkt.cid = cpu_to_le16(chan->scid); in l2cap_chan_le_send_credits()
6528 chan->ident = l2cap_get_ident(conn); in l2cap_chan_le_send_credits()
6530 l2cap_send_cmd(conn, chan->ident, L2CAP_LE_CREDITS, sizeof(pkt), &pkt); in l2cap_chan_le_send_credits()
6535 if (chan->rx_avail == rx_avail) in l2cap_chan_rx_avail()
6540 chan->rx_avail = rx_avail; in l2cap_chan_rx_avail()
6542 if (chan->state == BT_CONNECTED) in l2cap_chan_rx_avail()
6550 BT_DBG("SDU reassemble complete: chan %p skb->len %u", chan, skb->len); in l2cap_ecred_recv()
6553 err = chan->ops->recv(chan, skb); in l2cap_ecred_recv()
6555 if (err < 0 && chan->rx_avail != -1) { in l2cap_ecred_recv()
6571 if (!chan->rx_credits) { in l2cap_ecred_data_rcv()
6574 return -ENOBUFS; in l2cap_ecred_data_rcv()
6577 if (chan->imtu < skb->len) { in l2cap_ecred_data_rcv()
6579 return -ENOBUFS; in l2cap_ecred_data_rcv()
6582 chan->rx_credits--; in l2cap_ecred_data_rcv()
6583 BT_DBG("chan %p: rx_credits %u -> %u", in l2cap_ecred_data_rcv()
6584 chan, chan->rx_credits + 1, chan->rx_credits); in l2cap_ecred_data_rcv()
6589 if (!chan->rx_credits) in l2cap_ecred_data_rcv()
6594 if (!chan->sdu) { in l2cap_ecred_data_rcv()
6597 sdu_len = get_unaligned_le16(skb->data); in l2cap_ecred_data_rcv()
6600 BT_DBG("Start of new SDU. sdu_len %u skb->len %u imtu %u", in l2cap_ecred_data_rcv()
6601 sdu_len, skb->len, chan->imtu); in l2cap_ecred_data_rcv()
6603 if (sdu_len > chan->imtu) { in l2cap_ecred_data_rcv()
6605 err = -EMSGSIZE; in l2cap_ecred_data_rcv()
6609 if (skb->len > sdu_len) { in l2cap_ecred_data_rcv()
6611 err = -EINVAL; in l2cap_ecred_data_rcv()
6615 if (skb->len == sdu_len) in l2cap_ecred_data_rcv()
6618 chan->sdu = skb; in l2cap_ecred_data_rcv()
6619 chan->sdu_len = sdu_len; in l2cap_ecred_data_rcv()
6620 chan->sdu_last_frag = skb; in l2cap_ecred_data_rcv()
6623 if (skb->len + L2CAP_SDULEN_SIZE < chan->mps) { in l2cap_ecred_data_rcv()
6624 u16 mps_len = skb->len + L2CAP_SDULEN_SIZE; in l2cap_ecred_data_rcv()
6627 BT_DBG("chan->mps %u -> %u", chan->mps, mps_len); in l2cap_ecred_data_rcv()
6628 chan->mps = mps_len; in l2cap_ecred_data_rcv()
6635 BT_DBG("SDU fragment. chan->sdu->len %u skb->len %u chan->sdu_len %u", in l2cap_ecred_data_rcv()
6636 chan->sdu->len, skb->len, chan->sdu_len); in l2cap_ecred_data_rcv()
6638 if (chan->sdu->len + skb->len > chan->sdu_len) { in l2cap_ecred_data_rcv()
6640 err = -EINVAL; in l2cap_ecred_data_rcv()
6644 append_skb_frag(chan->sdu, skb, &chan->sdu_last_frag); in l2cap_ecred_data_rcv()
6647 if (chan->sdu->len == chan->sdu_len) { in l2cap_ecred_data_rcv()
6648 err = l2cap_ecred_recv(chan, chan->sdu); in l2cap_ecred_data_rcv()
6650 chan->sdu = NULL; in l2cap_ecred_data_rcv()
6651 chan->sdu_last_frag = NULL; in l2cap_ecred_data_rcv()
6652 chan->sdu_len = 0; in l2cap_ecred_data_rcv()
6659 kfree_skb(chan->sdu); in l2cap_ecred_data_rcv()
6660 chan->sdu = NULL; in l2cap_ecred_data_rcv()
6661 chan->sdu_last_frag = NULL; in l2cap_ecred_data_rcv()
6662 chan->sdu_len = 0; in l2cap_ecred_data_rcv()
6667 * do a double-free of the skb. in l2cap_ecred_data_rcv()
6685 BT_DBG("chan %p, len %d", chan, skb->len); in l2cap_data_channel()
6691 if (chan->chan_type == L2CAP_CHAN_FIXED) in l2cap_data_channel()
6694 if (chan->state != BT_CONNECTED) in l2cap_data_channel()
6697 switch (chan->mode) { in l2cap_data_channel()
6711 if (chan->imtu < skb->len) { in l2cap_data_channel()
6716 if (!chan->ops->recv(chan, skb)) in l2cap_data_channel()
6726 BT_DBG("chan %p: bad mode 0x%2.2x", chan, chan->mode); in l2cap_data_channel()
6741 struct hci_conn *hcon = conn->hcon; in l2cap_conless_channel()
6744 if (hcon->type != ACL_LINK) in l2cap_conless_channel()
6747 chan = l2cap_global_chan_by_psm(0, psm, &hcon->src, &hcon->dst, in l2cap_conless_channel()
6752 BT_DBG("chan %p, len %d", chan, skb->len); in l2cap_conless_channel()
6756 if (chan->state != BT_BOUND && chan->state != BT_CONNECTED) in l2cap_conless_channel()
6759 if (chan->imtu < skb->len) in l2cap_conless_channel()
6763 bacpy(&bt_cb(skb)->l2cap.bdaddr, &hcon->dst); in l2cap_conless_channel()
6764 bt_cb(skb)->l2cap.psm = psm; in l2cap_conless_channel()
6766 if (!chan->ops->recv(chan, skb)) { in l2cap_conless_channel()
6781 struct l2cap_hdr *lh = (void *) skb->data; in l2cap_recv_frame()
6782 struct hci_conn *hcon = conn->hcon; in l2cap_recv_frame()
6786 if (hcon->state != BT_CONNECTED) { in l2cap_recv_frame()
6788 skb_queue_tail(&conn->pending_rx, skb); in l2cap_recv_frame()
6793 cid = __le16_to_cpu(lh->cid); in l2cap_recv_frame()
6794 len = __le16_to_cpu(lh->len); in l2cap_recv_frame()
6796 if (len != skb->len) { in l2cap_recv_frame()
6804 if (hcon->type == LE_LINK && in l2cap_recv_frame()
6805 hci_bdaddr_list_lookup(&hcon->hdev->reject_list, &hcon->dst, in l2cap_recv_frame()
6819 psm = get_unaligned((__le16 *) skb->data); in l2cap_recv_frame()
6842 mutex_lock(&conn->lock); in process_pending_rx()
6844 while ((skb = skb_dequeue(&conn->pending_rx))) in process_pending_rx()
6847 mutex_unlock(&conn->lock); in process_pending_rx()
6852 struct l2cap_conn *conn = hcon->l2cap_data; in l2cap_conn_add()
6868 kref_init(&conn->ref); in l2cap_conn_add()
6869 hcon->l2cap_data = conn; in l2cap_conn_add()
6870 conn->hcon = hci_conn_get(hcon); in l2cap_conn_add()
6871 conn->hchan = hchan; in l2cap_conn_add()
6875 conn->mtu = hcon->mtu; in l2cap_conn_add()
6876 conn->feat_mask = 0; in l2cap_conn_add()
6878 conn->local_fixed_chan = L2CAP_FC_SIG_BREDR | L2CAP_FC_CONNLESS; in l2cap_conn_add()
6880 if (hci_dev_test_flag(hcon->hdev, HCI_LE_ENABLED) && in l2cap_conn_add()
6881 (bredr_sc_enabled(hcon->hdev) || in l2cap_conn_add()
6882 hci_dev_test_flag(hcon->hdev, HCI_FORCE_BREDR_SMP))) in l2cap_conn_add()
6883 conn->local_fixed_chan |= L2CAP_FC_SMP_BREDR; in l2cap_conn_add()
6885 mutex_init(&conn->ident_lock); in l2cap_conn_add()
6886 mutex_init(&conn->lock); in l2cap_conn_add()
6888 INIT_LIST_HEAD(&conn->chan_l); in l2cap_conn_add()
6889 INIT_LIST_HEAD(&conn->users); in l2cap_conn_add()
6891 INIT_DELAYED_WORK(&conn->info_timer, l2cap_info_timeout); in l2cap_conn_add()
6893 skb_queue_head_init(&conn->pending_rx); in l2cap_conn_add()
6894 INIT_WORK(&conn->pending_rx_work, process_pending_rx); in l2cap_conn_add()
6895 INIT_DELAYED_WORK(&conn->id_addr_timer, l2cap_conn_update_id_addr); in l2cap_conn_add()
6897 conn->disc_reason = HCI_ERROR_REMOTE_USER_TERM; in l2cap_conn_add()
6925 if (chan == d->chan) in l2cap_chan_by_pid()
6928 if (!test_bit(FLAG_DEFER_SETUP, &chan->flags)) in l2cap_chan_by_pid()
6931 pid = chan->ops->get_peer_pid(chan); in l2cap_chan_by_pid()
6934 if (d->pid != pid || chan->psm != d->chan->psm || chan->ident || in l2cap_chan_by_pid()
6935 chan->mode != L2CAP_MODE_EXT_FLOWCTL || chan->state != BT_CONNECT) in l2cap_chan_by_pid()
6938 d->count++; in l2cap_chan_by_pid()
6949 BT_DBG("%pMR -> %pMR (type %u) psm 0x%4.4x mode 0x%2.2x", &chan->src, in l2cap_chan_connect()
6950 dst, dst_type, __le16_to_cpu(psm), chan->mode); in l2cap_chan_connect()
6952 hdev = hci_get_route(dst, &chan->src, chan->src_type); in l2cap_chan_connect()
6954 return -EHOSTUNREACH; in l2cap_chan_connect()
6959 chan->chan_type != L2CAP_CHAN_RAW) { in l2cap_chan_connect()
6960 err = -EINVAL; in l2cap_chan_connect()
6964 if (chan->chan_type == L2CAP_CHAN_CONN_ORIENTED && !psm) { in l2cap_chan_connect()
6965 err = -EINVAL; in l2cap_chan_connect()
6969 if (chan->chan_type == L2CAP_CHAN_FIXED && !cid) { in l2cap_chan_connect()
6970 err = -EINVAL; in l2cap_chan_connect()
6974 switch (chan->mode) { in l2cap_chan_connect()
6981 err = -EOPNOTSUPP; in l2cap_chan_connect()
6991 err = -EOPNOTSUPP; in l2cap_chan_connect()
6995 switch (chan->state) { in l2cap_chan_connect()
7005 err = -EISCONN; in l2cap_chan_connect()
7014 err = -EBADFD; in l2cap_chan_connect()
7019 bacpy(&chan->dst, dst); in l2cap_chan_connect()
7020 chan->dst_type = dst_type; in l2cap_chan_connect()
7022 chan->psm = psm; in l2cap_chan_connect()
7023 chan->dcid = cid; in l2cap_chan_connect()
7035 chan->sec_level, timeout, in l2cap_chan_connect()
7039 chan->sec_level, timeout, in l2cap_chan_connect()
7044 hcon = hci_connect_acl(hdev, dst, chan->sec_level, auth_type, in l2cap_chan_connect()
7056 err = -ENOMEM; in l2cap_chan_connect()
7060 if (chan->mode == L2CAP_MODE_EXT_FLOWCTL) { in l2cap_chan_connect()
7064 data.pid = chan->ops->get_peer_pid(chan); in l2cap_chan_connect()
7072 err = -EPROTO; in l2cap_chan_connect()
7077 mutex_lock(&conn->lock); in l2cap_chan_connect()
7082 err = -EBUSY; in l2cap_chan_connect()
7087 bacpy(&chan->src, &hcon->src); in l2cap_chan_connect()
7088 chan->src_type = bdaddr_src_type(hcon); in l2cap_chan_connect()
7096 __set_chan_timer(chan, chan->ops->get_sndtimeo(chan)); in l2cap_chan_connect()
7098 /* Release chan->sport so that it can be reused by other in l2cap_chan_connect()
7102 chan->sport = 0; in l2cap_chan_connect()
7105 if (hcon->state == BT_CONNECTED) { in l2cap_chan_connect()
7106 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED) { in l2cap_chan_connect()
7118 mutex_unlock(&conn->lock); in l2cap_chan_connect()
7128 struct l2cap_conn *conn = chan->conn; in l2cap_ecred_reconfigure()
7131 pdu->mtu = cpu_to_le16(chan->imtu); in l2cap_ecred_reconfigure()
7132 pdu->mps = cpu_to_le16(chan->mps); in l2cap_ecred_reconfigure()
7133 pdu->scid[0] = cpu_to_le16(chan->scid); in l2cap_ecred_reconfigure()
7135 chan->ident = l2cap_get_ident(conn); in l2cap_ecred_reconfigure()
7137 l2cap_send_cmd(conn, chan->ident, L2CAP_ECRED_RECONF_REQ, in l2cap_ecred_reconfigure()
7143 if (chan->imtu > mtu) in l2cap_chan_reconfigure()
7144 return -EINVAL; in l2cap_chan_reconfigure()
7148 chan->imtu = mtu; in l2cap_chan_reconfigure()
7155 /* ---- L2CAP interface with lower layer (HCI) ---- */
7162 BT_DBG("hdev %s, bdaddr %pMR", hdev->name, bdaddr); in l2cap_connect_ind()
7167 if (c->state != BT_LISTEN) in l2cap_connect_ind()
7170 if (!bacmp(&c->src, &hdev->bdaddr)) { in l2cap_connect_ind()
7172 if (test_bit(FLAG_ROLE_SWITCH, &c->flags)) in l2cap_connect_ind()
7175 } else if (!bacmp(&c->src, BDADDR_ANY)) { in l2cap_connect_ind()
7177 if (test_bit(FLAG_ROLE_SWITCH, &c->flags)) in l2cap_connect_ind()
7203 if (c->chan_type != L2CAP_CHAN_FIXED) in l2cap_global_fixed_chan()
7205 if (c->state != BT_LISTEN) in l2cap_global_fixed_chan()
7207 if (bacmp(&c->src, &hcon->src) && bacmp(&c->src, BDADDR_ANY)) in l2cap_global_fixed_chan()
7209 if (src_type != c->src_type) in l2cap_global_fixed_chan()
7224 struct hci_dev *hdev = hcon->hdev; in l2cap_connect_cfm()
7229 if (hcon->type != ACL_LINK && hcon->type != LE_LINK) in l2cap_connect_cfm()
7232 BT_DBG("hcon %p bdaddr %pMR status %d", hcon, &hcon->dst, status); in l2cap_connect_cfm()
7246 if (hci_bdaddr_list_lookup(&hdev->reject_list, &hcon->dst, dst_type)) in l2cap_connect_cfm()
7259 if (__l2cap_get_chan_by_dcid(conn, pchan->scid)) in l2cap_connect_cfm()
7263 chan = pchan->ops->new_connection(pchan); in l2cap_connect_cfm()
7265 bacpy(&chan->src, &hcon->src); in l2cap_connect_cfm()
7266 bacpy(&chan->dst, &hcon->dst); in l2cap_connect_cfm()
7267 chan->src_type = bdaddr_src_type(hcon); in l2cap_connect_cfm()
7268 chan->dst_type = dst_type; in l2cap_connect_cfm()
7285 struct l2cap_conn *conn = hcon->l2cap_data; in l2cap_disconn_ind()
7291 return conn->disc_reason; in l2cap_disconn_ind()
7296 if (hcon->type != ACL_LINK && hcon->type != LE_LINK) in l2cap_disconn_cfm()
7306 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED) in l2cap_check_encryption()
7310 if (chan->sec_level == BT_SECURITY_MEDIUM) { in l2cap_check_encryption()
7312 } else if (chan->sec_level == BT_SECURITY_HIGH || in l2cap_check_encryption()
7313 chan->sec_level == BT_SECURITY_FIPS) in l2cap_check_encryption()
7316 if (chan->sec_level == BT_SECURITY_MEDIUM) in l2cap_check_encryption()
7323 struct l2cap_conn *conn = hcon->l2cap_data; in l2cap_security_cfm()
7331 mutex_lock(&conn->lock); in l2cap_security_cfm()
7333 list_for_each_entry(chan, &conn->chan_l, list) { in l2cap_security_cfm()
7336 BT_DBG("chan %p scid 0x%4.4x state %s", chan, chan->scid, in l2cap_security_cfm()
7337 state_to_string(chan->state)); in l2cap_security_cfm()
7340 chan->sec_level = hcon->sec_level; in l2cap_security_cfm()
7347 if (!status && (chan->state == BT_CONNECTED || in l2cap_security_cfm()
7348 chan->state == BT_CONFIG)) { in l2cap_security_cfm()
7349 chan->ops->resume(chan); in l2cap_security_cfm()
7355 if (chan->state == BT_CONNECT) { in l2cap_security_cfm()
7360 } else if (chan->state == BT_CONNECT2 && in l2cap_security_cfm()
7361 !(chan->mode == L2CAP_MODE_EXT_FLOWCTL || in l2cap_security_cfm()
7362 chan->mode == L2CAP_MODE_LE_FLOWCTL)) { in l2cap_security_cfm()
7367 if (test_bit(FLAG_DEFER_SETUP, &chan->flags)) { in l2cap_security_cfm()
7370 chan->ops->defer(chan); in l2cap_security_cfm()
7383 rsp.scid = cpu_to_le16(chan->dcid); in l2cap_security_cfm()
7384 rsp.dcid = cpu_to_le16(chan->scid); in l2cap_security_cfm()
7387 l2cap_send_cmd(conn, chan->ident, L2CAP_CONN_RSP, in l2cap_security_cfm()
7390 if (!test_bit(CONF_REQ_SENT, &chan->conf_state) && in l2cap_security_cfm()
7393 set_bit(CONF_REQ_SENT, &chan->conf_state); in l2cap_security_cfm()
7398 chan->num_conf_req++; in l2cap_security_cfm()
7405 mutex_unlock(&conn->lock); in l2cap_security_cfm()
7412 if (!conn->rx_skb) { in l2cap_recv_frag()
7414 conn->rx_skb = bt_skb_alloc(len, GFP_KERNEL); in l2cap_recv_frag()
7415 if (!conn->rx_skb) in l2cap_recv_frag()
7416 return -ENOMEM; in l2cap_recv_frag()
7418 conn->rx_len = len; in l2cap_recv_frag()
7420 skb_set_delivery_time(conn->rx_skb, skb->tstamp, in l2cap_recv_frag()
7421 skb->tstamp_type); in l2cap_recv_frag()
7425 len = min_t(u16, len, skb->len); in l2cap_recv_frag()
7426 skb_copy_from_linear_data(skb, skb_put(conn->rx_skb, len), len); in l2cap_recv_frag()
7428 conn->rx_len -= len; in l2cap_recv_frag()
7439 len = l2cap_recv_frag(conn, skb, L2CAP_LEN_SIZE - conn->rx_skb->len); in l2cap_recv_len()
7442 if (len < 0 || conn->rx_skb->len < L2CAP_LEN_SIZE) in l2cap_recv_len()
7445 rx_skb = conn->rx_skb; in l2cap_recv_len()
7446 len = get_unaligned_le16(rx_skb->data); in l2cap_recv_len()
7449 if (len + (L2CAP_HDR_SIZE - L2CAP_LEN_SIZE) <= skb_tailroom(rx_skb)) { in l2cap_recv_len()
7451 conn->rx_len = len + (L2CAP_HDR_SIZE - L2CAP_LEN_SIZE); in l2cap_recv_len()
7455 /* Reset conn->rx_skb since it will need to be reallocated in order to in l2cap_recv_len()
7458 conn->rx_skb = NULL; in l2cap_recv_len()
7462 len + (L2CAP_HDR_SIZE - L2CAP_LEN_SIZE)); in l2cap_recv_len()
7470 kfree_skb(conn->rx_skb); in l2cap_recv_reset()
7471 conn->rx_skb = NULL; in l2cap_recv_reset()
7472 conn->rx_len = 0; in l2cap_recv_reset()
7480 BT_DBG("conn %p orig refcnt %u", c, kref_read(&c->ref)); in l2cap_conn_hold_unless_zero()
7482 if (!kref_get_unless_zero(&c->ref)) in l2cap_conn_hold_unless_zero()
7494 hci_dev_lock(hcon->hdev); in l2cap_recv_acldata()
7496 conn = hcon->l2cap_data; in l2cap_recv_acldata()
7503 hci_dev_unlock(hcon->hdev); in l2cap_recv_acldata()
7510 BT_DBG("conn %p len %u flags 0x%x", conn, skb->len, flags); in l2cap_recv_acldata()
7512 mutex_lock(&conn->lock); in l2cap_recv_acldata()
7518 if (conn->rx_skb) { in l2cap_recv_acldata()
7519 BT_ERR("Unexpected start frame (len %d)", skb->len); in l2cap_recv_acldata()
7525 * copy the initial byte when that happens and use conn->mtu as in l2cap_recv_acldata()
7528 if (skb->len < L2CAP_LEN_SIZE) { in l2cap_recv_acldata()
7529 l2cap_recv_frag(conn, skb, conn->mtu); in l2cap_recv_acldata()
7533 len = get_unaligned_le16(skb->data) + L2CAP_HDR_SIZE; in l2cap_recv_acldata()
7535 if (len == skb->len) { in l2cap_recv_acldata()
7541 BT_DBG("Start: total len %d, frag len %u", len, skb->len); in l2cap_recv_acldata()
7543 if (skb->len > len) { in l2cap_recv_acldata()
7545 skb->len, len); in l2cap_recv_acldata()
7546 /* PTS test cases L2CAP/COS/CED/BI-14-C and BI-15-C in l2cap_recv_acldata()
7548 * Truncated, BR/EDR) send a C-frame to the IUT with in l2cap_recv_acldata()
7560 skb->len = len; in l2cap_recv_acldata()
7573 BT_DBG("Cont: frag len %u (expecting %u)", skb->len, conn->rx_len); in l2cap_recv_acldata()
7575 if (!conn->rx_skb) { in l2cap_recv_acldata()
7576 BT_ERR("Unexpected continuation frame (len %d)", skb->len); in l2cap_recv_acldata()
7582 if (conn->rx_skb->len < L2CAP_LEN_SIZE) { in l2cap_recv_acldata()
7589 if (conn->rx_skb->len < L2CAP_LEN_SIZE) in l2cap_recv_acldata()
7593 if (skb->len > conn->rx_len) { in l2cap_recv_acldata()
7595 skb->len, conn->rx_len); in l2cap_recv_acldata()
7602 l2cap_recv_frag(conn, skb, skb->len); in l2cap_recv_acldata()
7604 if (!conn->rx_len) { in l2cap_recv_acldata()
7609 struct sk_buff *rx_skb = conn->rx_skb; in l2cap_recv_acldata()
7610 conn->rx_skb = NULL; in l2cap_recv_acldata()
7619 mutex_unlock(&conn->lock); in l2cap_recv_acldata()
7638 &c->src, c->src_type, &c->dst, c->dst_type, in l2cap_debugfs_show()
7639 c->state, __le16_to_cpu(c->psm), in l2cap_debugfs_show()
7640 c->scid, c->dcid, c->imtu, c->omtu, in l2cap_debugfs_show()
7641 c->sec_level, c->mode); in l2cap_debugfs_show()