Lines Matching +full:super +full:- +full:frames
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
4 Copyright (C) 2009-2010 Gustavo F. Padovan <gustavo@padovan.org>
80 return bdaddr_type(hcon->type, hcon->src_type); in bdaddr_src_type()
85 return bdaddr_type(hcon->type, hcon->dst_type); in bdaddr_dst_type()
88 /* ---- L2CAP channels ---- */
95 list_for_each_entry(c, &conn->chan_l, list) { in __l2cap_get_chan_by_dcid()
96 if (c->dcid == cid) in __l2cap_get_chan_by_dcid()
107 list_for_each_entry(c, &conn->chan_l, list) { in __l2cap_get_chan_by_scid()
108 if (c->scid == cid) in __l2cap_get_chan_by_scid()
157 list_for_each_entry(c, &conn->chan_l, list) { in __l2cap_get_chan_by_ident()
158 if (c->ident == ident) in __l2cap_get_chan_by_ident()
170 if (src_type == BDADDR_BREDR && c->src_type != BDADDR_BREDR) in __l2cap_global_chan_by_addr()
173 if (src_type != BDADDR_BREDR && c->src_type == BDADDR_BREDR) in __l2cap_global_chan_by_addr()
176 if (c->sport == psm && !bacmp(&c->src, src)) in __l2cap_global_chan_by_addr()
188 if (psm && __l2cap_global_chan_by_addr(psm, src, chan->src_type)) { in l2cap_add_psm()
189 err = -EADDRINUSE; in l2cap_add_psm()
194 chan->psm = psm; in l2cap_add_psm()
195 chan->sport = psm; in l2cap_add_psm()
200 if (chan->src_type == BDADDR_BREDR) { in l2cap_add_psm()
210 err = -EINVAL; in l2cap_add_psm()
213 chan->src_type)) { in l2cap_add_psm()
214 chan->psm = cpu_to_le16(p); in l2cap_add_psm()
215 chan->sport = cpu_to_le16(p); in l2cap_add_psm()
231 /* Override the defaults (which are for conn-oriented) */ in l2cap_add_scid()
232 chan->omtu = L2CAP_DEFAULT_MTU; in l2cap_add_scid()
233 chan->chan_type = L2CAP_CHAN_FIXED; in l2cap_add_scid()
235 chan->scid = scid; in l2cap_add_scid()
246 if (conn->hcon->type == LE_LINK) in l2cap_alloc_cid()
261 BT_DBG("chan %p %s -> %s", chan, state_to_string(chan->state), in l2cap_state_change()
264 chan->state = state; in l2cap_state_change()
265 chan->ops->state_change(chan, state, 0); in l2cap_state_change()
271 chan->state = state; in l2cap_state_change_and_error()
272 chan->ops->state_change(chan, chan->state, err); in l2cap_state_change_and_error()
277 chan->ops->state_change(chan, chan->state, err); in l2cap_chan_set_err()
282 if (!delayed_work_pending(&chan->monitor_timer) && in __set_retrans_timer()
283 chan->retrans_timeout) { in __set_retrans_timer()
284 l2cap_set_timer(chan, &chan->retrans_timer, in __set_retrans_timer()
285 secs_to_jiffies(chan->retrans_timeout)); in __set_retrans_timer()
292 if (chan->monitor_timeout) { in __set_monitor_timer()
293 l2cap_set_timer(chan, &chan->monitor_timer, in __set_monitor_timer()
294 secs_to_jiffies(chan->monitor_timeout)); in __set_monitor_timer()
304 if (bt_cb(skb)->l2cap.txseq == seq) in l2cap_ertm_seq_in_queue()
311 /* ---- L2CAP sequence number lists ---- */
314 * SREJ requests that are received and for frames that are to be
315 * retransmitted. These seq_list functions implement a singly-linked
332 seq_list->list = kmalloc_array(alloc_size, sizeof(u16), GFP_KERNEL); in l2cap_seq_list_init()
333 if (!seq_list->list) in l2cap_seq_list_init()
334 return -ENOMEM; in l2cap_seq_list_init()
336 seq_list->mask = alloc_size - 1; in l2cap_seq_list_init()
337 seq_list->head = L2CAP_SEQ_LIST_CLEAR; in l2cap_seq_list_init()
338 seq_list->tail = L2CAP_SEQ_LIST_CLEAR; in l2cap_seq_list_init()
340 seq_list->list[i] = L2CAP_SEQ_LIST_CLEAR; in l2cap_seq_list_init()
347 kfree(seq_list->list); in l2cap_seq_list_free()
353 /* Constant-time check for list membership */ in l2cap_seq_list_contains()
354 return seq_list->list[seq & seq_list->mask] != L2CAP_SEQ_LIST_CLEAR; in l2cap_seq_list_contains()
359 u16 seq = seq_list->head; in l2cap_seq_list_pop()
360 u16 mask = seq_list->mask; in l2cap_seq_list_pop()
362 seq_list->head = seq_list->list[seq & mask]; in l2cap_seq_list_pop()
363 seq_list->list[seq & mask] = L2CAP_SEQ_LIST_CLEAR; in l2cap_seq_list_pop()
365 if (seq_list->head == L2CAP_SEQ_LIST_TAIL) { in l2cap_seq_list_pop()
366 seq_list->head = L2CAP_SEQ_LIST_CLEAR; in l2cap_seq_list_pop()
367 seq_list->tail = L2CAP_SEQ_LIST_CLEAR; in l2cap_seq_list_pop()
377 if (seq_list->head == L2CAP_SEQ_LIST_CLEAR) in l2cap_seq_list_clear()
380 for (i = 0; i <= seq_list->mask; i++) in l2cap_seq_list_clear()
381 seq_list->list[i] = L2CAP_SEQ_LIST_CLEAR; in l2cap_seq_list_clear()
383 seq_list->head = L2CAP_SEQ_LIST_CLEAR; in l2cap_seq_list_clear()
384 seq_list->tail = L2CAP_SEQ_LIST_CLEAR; in l2cap_seq_list_clear()
389 u16 mask = seq_list->mask; in l2cap_seq_list_append()
393 if (seq_list->list[seq & mask] != L2CAP_SEQ_LIST_CLEAR) in l2cap_seq_list_append()
396 if (seq_list->tail == L2CAP_SEQ_LIST_CLEAR) in l2cap_seq_list_append()
397 seq_list->head = seq; in l2cap_seq_list_append()
399 seq_list->list[seq_list->tail & mask] = seq; in l2cap_seq_list_append()
401 seq_list->tail = seq; in l2cap_seq_list_append()
402 seq_list->list[seq & mask] = L2CAP_SEQ_LIST_TAIL; in l2cap_seq_list_append()
409 struct l2cap_conn *conn = chan->conn; in l2cap_chan_timeout()
412 BT_DBG("chan %p state %s", chan, state_to_string(chan->state)); in l2cap_chan_timeout()
417 mutex_lock(&conn->lock); in l2cap_chan_timeout()
423 if (chan->state == BT_CONNECTED || chan->state == BT_CONFIG) in l2cap_chan_timeout()
425 else if (chan->state == BT_CONNECT && in l2cap_chan_timeout()
426 chan->sec_level != BT_SECURITY_SDP) in l2cap_chan_timeout()
433 chan->ops->close(chan); in l2cap_chan_timeout()
438 mutex_unlock(&conn->lock); in l2cap_chan_timeout()
449 skb_queue_head_init(&chan->tx_q); in l2cap_chan_create()
450 skb_queue_head_init(&chan->srej_q); in l2cap_chan_create()
451 mutex_init(&chan->lock); in l2cap_chan_create()
454 atomic_set(&chan->nesting, L2CAP_NESTING_NORMAL); in l2cap_chan_create()
457 chan->rx_avail = -1; in l2cap_chan_create()
460 list_add(&chan->global_l, &chan_list); in l2cap_chan_create()
463 INIT_DELAYED_WORK(&chan->chan_timer, l2cap_chan_timeout); in l2cap_chan_create()
464 INIT_DELAYED_WORK(&chan->retrans_timer, l2cap_retrans_timeout); in l2cap_chan_create()
465 INIT_DELAYED_WORK(&chan->monitor_timer, l2cap_monitor_timeout); in l2cap_chan_create()
466 INIT_DELAYED_WORK(&chan->ack_timer, l2cap_ack_timeout); in l2cap_chan_create()
468 chan->state = BT_OPEN; in l2cap_chan_create()
470 kref_init(&chan->kref); in l2cap_chan_create()
473 set_bit(CONF_NOT_COMPLETE, &chan->conf_state); in l2cap_chan_create()
488 list_del(&chan->global_l); in l2cap_chan_destroy()
496 BT_DBG("chan %p orig refcnt %u", c, kref_read(&c->kref)); in l2cap_chan_hold()
498 kref_get(&c->kref); in l2cap_chan_hold()
503 BT_DBG("chan %p orig refcnt %u", c, kref_read(&c->kref)); in l2cap_chan_hold_unless_zero()
505 if (!kref_get_unless_zero(&c->kref)) in l2cap_chan_hold_unless_zero()
513 BT_DBG("chan %p orig refcnt %u", c, kref_read(&c->kref)); in l2cap_chan_put()
515 kref_put(&c->kref, l2cap_chan_destroy); in l2cap_chan_put()
521 chan->fcs = L2CAP_FCS_CRC16; in l2cap_chan_set_defaults()
522 chan->max_tx = L2CAP_DEFAULT_MAX_TX; in l2cap_chan_set_defaults()
523 chan->tx_win = L2CAP_DEFAULT_TX_WINDOW; in l2cap_chan_set_defaults()
524 chan->tx_win_max = L2CAP_DEFAULT_TX_WINDOW; in l2cap_chan_set_defaults()
525 chan->remote_max_tx = chan->max_tx; in l2cap_chan_set_defaults()
526 chan->remote_tx_win = chan->tx_win; in l2cap_chan_set_defaults()
527 chan->ack_win = L2CAP_DEFAULT_TX_WINDOW; in l2cap_chan_set_defaults()
528 chan->sec_level = BT_SECURITY_LOW; in l2cap_chan_set_defaults()
529 chan->flush_to = L2CAP_DEFAULT_FLUSH_TO; in l2cap_chan_set_defaults()
530 chan->retrans_timeout = L2CAP_DEFAULT_RETRANS_TO; in l2cap_chan_set_defaults()
531 chan->monitor_timeout = L2CAP_DEFAULT_MONITOR_TO; in l2cap_chan_set_defaults()
533 chan->conf_state = 0; in l2cap_chan_set_defaults()
534 set_bit(CONF_NOT_COMPLETE, &chan->conf_state); in l2cap_chan_set_defaults()
536 set_bit(FLAG_FORCE_ACTIVE, &chan->flags); in l2cap_chan_set_defaults()
542 size_t sdu_len = chan->sdu ? chan->sdu->len : 0; in l2cap_le_rx_credits()
544 if (chan->mps == 0) in l2cap_le_rx_credits()
550 if (chan->rx_avail == -1) in l2cap_le_rx_credits()
551 return (chan->imtu / chan->mps) + 1; in l2cap_le_rx_credits()
556 if (chan->rx_avail <= sdu_len) in l2cap_le_rx_credits()
559 return DIV_ROUND_UP(chan->rx_avail - sdu_len, chan->mps); in l2cap_le_rx_credits()
564 chan->sdu = NULL; in l2cap_le_flowctl_init()
565 chan->sdu_last_frag = NULL; in l2cap_le_flowctl_init()
566 chan->sdu_len = 0; in l2cap_le_flowctl_init()
567 chan->tx_credits = tx_credits; in l2cap_le_flowctl_init()
569 chan->mps = min_t(u16, chan->imtu, chan->conn->mtu - L2CAP_HDR_SIZE); in l2cap_le_flowctl_init()
570 chan->rx_credits = l2cap_le_rx_credits(chan); in l2cap_le_flowctl_init()
572 skb_queue_head_init(&chan->tx_q); in l2cap_le_flowctl_init()
580 if (chan->mps < L2CAP_ECRED_MIN_MPS) { in l2cap_ecred_init()
581 chan->mps = L2CAP_ECRED_MIN_MPS; in l2cap_ecred_init()
582 chan->rx_credits = l2cap_le_rx_credits(chan); in l2cap_ecred_init()
589 __le16_to_cpu(chan->psm), chan->dcid); in __l2cap_chan_add()
591 conn->disc_reason = HCI_ERROR_REMOTE_USER_TERM; in __l2cap_chan_add()
593 chan->conn = conn; in __l2cap_chan_add()
595 switch (chan->chan_type) { in __l2cap_chan_add()
597 /* Alloc CID for connection-oriented socket */ in __l2cap_chan_add()
598 chan->scid = l2cap_alloc_cid(conn); in __l2cap_chan_add()
599 if (conn->hcon->type == ACL_LINK) in __l2cap_chan_add()
600 chan->omtu = L2CAP_DEFAULT_MTU; in __l2cap_chan_add()
605 chan->scid = L2CAP_CID_CONN_LESS; in __l2cap_chan_add()
606 chan->dcid = L2CAP_CID_CONN_LESS; in __l2cap_chan_add()
607 chan->omtu = L2CAP_DEFAULT_MTU; in __l2cap_chan_add()
616 chan->scid = L2CAP_CID_SIGNALING; in __l2cap_chan_add()
617 chan->dcid = L2CAP_CID_SIGNALING; in __l2cap_chan_add()
618 chan->omtu = L2CAP_DEFAULT_MTU; in __l2cap_chan_add()
621 chan->local_id = L2CAP_BESTEFFORT_ID; in __l2cap_chan_add()
622 chan->local_stype = L2CAP_SERV_BESTEFFORT; in __l2cap_chan_add()
623 chan->local_msdu = L2CAP_DEFAULT_MAX_SDU_SIZE; in __l2cap_chan_add()
624 chan->local_sdu_itime = L2CAP_DEFAULT_SDU_ITIME; in __l2cap_chan_add()
625 chan->local_acc_lat = L2CAP_DEFAULT_ACC_LAT; in __l2cap_chan_add()
626 chan->local_flush_to = L2CAP_EFS_DEFAULT_FLUSH_TO; in __l2cap_chan_add()
631 if (chan->chan_type != L2CAP_CHAN_FIXED || in __l2cap_chan_add()
632 test_bit(FLAG_HOLD_HCI_CONN, &chan->flags)) in __l2cap_chan_add()
633 hci_conn_hold(conn->hcon); in __l2cap_chan_add()
636 list_add_tail(&chan->list, &conn->chan_l); in __l2cap_chan_add()
641 mutex_lock(&conn->lock); in l2cap_chan_add()
643 mutex_unlock(&conn->lock); in l2cap_chan_add()
648 struct l2cap_conn *conn = chan->conn; in l2cap_chan_del()
653 state_to_string(chan->state)); in l2cap_chan_del()
655 chan->ops->teardown(chan, err); in l2cap_chan_del()
659 list_del(&chan->list); in l2cap_chan_del()
663 chan->conn = NULL; in l2cap_chan_del()
665 /* Reference was only held for non-fixed channels or in l2cap_chan_del()
669 if (chan->chan_type != L2CAP_CHAN_FIXED || in l2cap_chan_del()
670 test_bit(FLAG_HOLD_HCI_CONN, &chan->flags)) in l2cap_chan_del()
671 hci_conn_drop(conn->hcon); in l2cap_chan_del()
674 if (test_bit(CONF_NOT_COMPLETE, &chan->conf_state)) in l2cap_chan_del()
677 switch (chan->mode) { in l2cap_chan_del()
683 skb_queue_purge(&chan->tx_q); in l2cap_chan_del()
691 skb_queue_purge(&chan->srej_q); in l2cap_chan_del()
693 l2cap_seq_list_free(&chan->srej_list); in l2cap_chan_del()
694 l2cap_seq_list_free(&chan->retrans_list); in l2cap_chan_del()
698 skb_queue_purge(&chan->tx_q); in l2cap_chan_del()
709 list_for_each_entry_safe(chan, l, &conn->chan_l, list) { in __l2cap_chan_list_id()
710 if (chan->ident == id) in __l2cap_chan_list_id()
720 list_for_each_entry(chan, &conn->chan_l, list) { in __l2cap_chan_list()
731 mutex_lock(&conn->lock); in l2cap_chan_list()
733 mutex_unlock(&conn->lock); in l2cap_chan_list()
742 struct hci_conn *hcon = conn->hcon; in l2cap_conn_update_id_addr()
745 mutex_lock(&conn->lock); in l2cap_conn_update_id_addr()
747 list_for_each_entry(chan, &conn->chan_l, list) { in l2cap_conn_update_id_addr()
749 bacpy(&chan->dst, &hcon->dst); in l2cap_conn_update_id_addr()
750 chan->dst_type = bdaddr_dst_type(hcon); in l2cap_conn_update_id_addr()
754 mutex_unlock(&conn->lock); in l2cap_conn_update_id_addr()
759 struct l2cap_conn *conn = chan->conn; in l2cap_chan_le_connect_reject()
763 if (test_bit(FLAG_DEFER_SETUP, &chan->flags)) in l2cap_chan_le_connect_reject()
770 rsp.dcid = cpu_to_le16(chan->scid); in l2cap_chan_le_connect_reject()
771 rsp.mtu = cpu_to_le16(chan->imtu); in l2cap_chan_le_connect_reject()
772 rsp.mps = cpu_to_le16(chan->mps); in l2cap_chan_le_connect_reject()
773 rsp.credits = cpu_to_le16(chan->rx_credits); in l2cap_chan_le_connect_reject()
776 l2cap_send_cmd(conn, chan->ident, L2CAP_LE_CONN_RSP, sizeof(rsp), in l2cap_chan_le_connect_reject()
789 struct l2cap_conn *conn = chan->conn; in l2cap_chan_connect_reject()
793 if (test_bit(FLAG_DEFER_SETUP, &chan->flags)) in l2cap_chan_connect_reject()
800 rsp.scid = cpu_to_le16(chan->dcid); in l2cap_chan_connect_reject()
801 rsp.dcid = cpu_to_le16(chan->scid); in l2cap_chan_connect_reject()
805 l2cap_send_cmd(conn, chan->ident, L2CAP_CONN_RSP, sizeof(rsp), &rsp); in l2cap_chan_connect_reject()
810 struct l2cap_conn *conn = chan->conn; in l2cap_chan_close()
812 BT_DBG("chan %p state %s", chan, state_to_string(chan->state)); in l2cap_chan_close()
814 switch (chan->state) { in l2cap_chan_close()
816 chan->ops->teardown(chan, 0); in l2cap_chan_close()
821 if (chan->chan_type == L2CAP_CHAN_CONN_ORIENTED) { in l2cap_chan_close()
822 __set_chan_timer(chan, chan->ops->get_sndtimeo(chan)); in l2cap_chan_close()
829 if (chan->chan_type == L2CAP_CHAN_CONN_ORIENTED) { in l2cap_chan_close()
830 if (conn->hcon->type == ACL_LINK) in l2cap_chan_close()
832 else if (conn->hcon->type == LE_LINK) { in l2cap_chan_close()
833 switch (chan->mode) { in l2cap_chan_close()
853 chan->ops->teardown(chan, 0); in l2cap_chan_close()
861 switch (chan->chan_type) { in l2cap_get_auth_type()
863 switch (chan->sec_level) { in l2cap_get_auth_type()
874 if (chan->psm == cpu_to_le16(L2CAP_PSM_3DSP)) { in l2cap_get_auth_type()
875 if (chan->sec_level == BT_SECURITY_LOW) in l2cap_get_auth_type()
876 chan->sec_level = BT_SECURITY_SDP; in l2cap_get_auth_type()
878 if (chan->sec_level == BT_SECURITY_HIGH || in l2cap_get_auth_type()
879 chan->sec_level == BT_SECURITY_FIPS) in l2cap_get_auth_type()
885 if (chan->psm == cpu_to_le16(L2CAP_PSM_SDP)) { in l2cap_get_auth_type()
886 if (chan->sec_level == BT_SECURITY_LOW) in l2cap_get_auth_type()
887 chan->sec_level = BT_SECURITY_SDP; in l2cap_get_auth_type()
889 if (chan->sec_level == BT_SECURITY_HIGH || in l2cap_get_auth_type()
890 chan->sec_level == BT_SECURITY_FIPS) in l2cap_get_auth_type()
898 switch (chan->sec_level) { in l2cap_get_auth_type()
914 struct l2cap_conn *conn = chan->conn; in l2cap_chan_check_security()
917 if (conn->hcon->type == LE_LINK) in l2cap_chan_check_security()
918 return smp_conn_security(conn->hcon, chan->sec_level); in l2cap_chan_check_security()
922 return hci_conn_security(conn->hcon, chan->sec_level, auth_type, in l2cap_chan_check_security()
931 * 1 - 128 are used by kernel. in l2cap_get_ident()
932 * 129 - 199 are reserved. in l2cap_get_ident()
933 * 200 - 254 are used by utilities like l2ping, etc. in l2cap_get_ident()
936 mutex_lock(&conn->ident_lock); in l2cap_get_ident()
938 if (++conn->tx_ident > 128) in l2cap_get_ident()
939 conn->tx_ident = 1; in l2cap_get_ident()
941 id = conn->tx_ident; in l2cap_get_ident()
943 mutex_unlock(&conn->ident_lock); in l2cap_get_ident()
952 if (hci_conn_valid(conn->hcon->hdev, conn->hcon)) in l2cap_send_acl()
953 hci_send_acl(conn->hchan, skb, flags); in l2cap_send_acl()
970 * not support auto-flushing packets) */ in l2cap_send_cmd()
971 if (lmp_no_flush_capable(conn->hcon->hdev) || in l2cap_send_cmd()
972 conn->hcon->type == LE_LINK) in l2cap_send_cmd()
977 bt_cb(skb)->force_active = BT_POWER_FORCE_ACTIVE_ON; in l2cap_send_cmd()
978 skb->priority = HCI_PRIO_MAX; in l2cap_send_cmd()
985 struct hci_conn *hcon = chan->conn->hcon; in l2cap_do_send()
988 BT_DBG("chan %p, skb %p len %d priority %u", chan, skb, skb->len, in l2cap_do_send()
989 skb->priority); in l2cap_do_send()
995 if (hcon->type == LE_LINK || in l2cap_do_send()
996 (!test_bit(FLAG_FLUSHABLE, &chan->flags) && in l2cap_do_send()
997 lmp_no_flush_capable(hcon->hdev))) in l2cap_do_send()
1002 bt_cb(skb)->force_active = test_bit(FLAG_FORCE_ACTIVE, &chan->flags); in l2cap_do_send()
1003 hci_send_acl(chan->conn->hchan, skb, flags); in l2cap_do_send()
1008 control->reqseq = (enh & L2CAP_CTRL_REQSEQ) >> L2CAP_CTRL_REQSEQ_SHIFT; in __unpack_enhanced_control()
1009 control->final = (enh & L2CAP_CTRL_FINAL) >> L2CAP_CTRL_FINAL_SHIFT; in __unpack_enhanced_control()
1012 /* S-Frame */ in __unpack_enhanced_control()
1013 control->sframe = 1; in __unpack_enhanced_control()
1014 control->poll = (enh & L2CAP_CTRL_POLL) >> L2CAP_CTRL_POLL_SHIFT; in __unpack_enhanced_control()
1015 control->super = (enh & L2CAP_CTRL_SUPERVISE) >> L2CAP_CTRL_SUPER_SHIFT; in __unpack_enhanced_control()
1017 control->sar = 0; in __unpack_enhanced_control()
1018 control->txseq = 0; in __unpack_enhanced_control()
1020 /* I-Frame */ in __unpack_enhanced_control()
1021 control->sframe = 0; in __unpack_enhanced_control()
1022 control->sar = (enh & L2CAP_CTRL_SAR) >> L2CAP_CTRL_SAR_SHIFT; in __unpack_enhanced_control()
1023 control->txseq = (enh & L2CAP_CTRL_TXSEQ) >> L2CAP_CTRL_TXSEQ_SHIFT; in __unpack_enhanced_control()
1025 control->poll = 0; in __unpack_enhanced_control()
1026 control->super = 0; in __unpack_enhanced_control()
1032 control->reqseq = (ext & L2CAP_EXT_CTRL_REQSEQ) >> L2CAP_EXT_CTRL_REQSEQ_SHIFT; in __unpack_extended_control()
1033 control->final = (ext & L2CAP_EXT_CTRL_FINAL) >> L2CAP_EXT_CTRL_FINAL_SHIFT; in __unpack_extended_control()
1036 /* S-Frame */ in __unpack_extended_control()
1037 control->sframe = 1; in __unpack_extended_control()
1038 control->poll = (ext & L2CAP_EXT_CTRL_POLL) >> L2CAP_EXT_CTRL_POLL_SHIFT; in __unpack_extended_control()
1039 control->super = (ext & L2CAP_EXT_CTRL_SUPERVISE) >> L2CAP_EXT_CTRL_SUPER_SHIFT; in __unpack_extended_control()
1041 control->sar = 0; in __unpack_extended_control()
1042 control->txseq = 0; in __unpack_extended_control()
1044 /* I-Frame */ in __unpack_extended_control()
1045 control->sframe = 0; in __unpack_extended_control()
1046 control->sar = (ext & L2CAP_EXT_CTRL_SAR) >> L2CAP_EXT_CTRL_SAR_SHIFT; in __unpack_extended_control()
1047 control->txseq = (ext & L2CAP_EXT_CTRL_TXSEQ) >> L2CAP_EXT_CTRL_TXSEQ_SHIFT; in __unpack_extended_control()
1049 control->poll = 0; in __unpack_extended_control()
1050 control->super = 0; in __unpack_extended_control()
1057 if (test_bit(FLAG_EXT_CTRL, &chan->flags)) { in __unpack_control()
1058 __unpack_extended_control(get_unaligned_le32(skb->data), in __unpack_control()
1059 &bt_cb(skb)->l2cap); in __unpack_control()
1062 __unpack_enhanced_control(get_unaligned_le16(skb->data), in __unpack_control()
1063 &bt_cb(skb)->l2cap); in __unpack_control()
1072 packed = control->reqseq << L2CAP_EXT_CTRL_REQSEQ_SHIFT; in __pack_extended_control()
1073 packed |= control->final << L2CAP_EXT_CTRL_FINAL_SHIFT; in __pack_extended_control()
1075 if (control->sframe) { in __pack_extended_control()
1076 packed |= control->poll << L2CAP_EXT_CTRL_POLL_SHIFT; in __pack_extended_control()
1077 packed |= control->super << L2CAP_EXT_CTRL_SUPER_SHIFT; in __pack_extended_control()
1080 packed |= control->sar << L2CAP_EXT_CTRL_SAR_SHIFT; in __pack_extended_control()
1081 packed |= control->txseq << L2CAP_EXT_CTRL_TXSEQ_SHIFT; in __pack_extended_control()
1091 packed = control->reqseq << L2CAP_CTRL_REQSEQ_SHIFT; in __pack_enhanced_control()
1092 packed |= control->final << L2CAP_CTRL_FINAL_SHIFT; in __pack_enhanced_control()
1094 if (control->sframe) { in __pack_enhanced_control()
1095 packed |= control->poll << L2CAP_CTRL_POLL_SHIFT; in __pack_enhanced_control()
1096 packed |= control->super << L2CAP_CTRL_SUPER_SHIFT; in __pack_enhanced_control()
1099 packed |= control->sar << L2CAP_CTRL_SAR_SHIFT; in __pack_enhanced_control()
1100 packed |= control->txseq << L2CAP_CTRL_TXSEQ_SHIFT; in __pack_enhanced_control()
1110 if (test_bit(FLAG_EXT_CTRL, &chan->flags)) { in __pack_control()
1112 skb->data + L2CAP_HDR_SIZE); in __pack_control()
1115 skb->data + L2CAP_HDR_SIZE); in __pack_control()
1121 if (test_bit(FLAG_EXT_CTRL, &chan->flags)) in __ertm_hdr_size()
1134 if (chan->fcs == L2CAP_FCS_CRC16) in l2cap_create_sframe_pdu()
1140 return ERR_PTR(-ENOMEM); in l2cap_create_sframe_pdu()
1143 lh->len = cpu_to_le16(hlen - L2CAP_HDR_SIZE); in l2cap_create_sframe_pdu()
1144 lh->cid = cpu_to_le16(chan->dcid); in l2cap_create_sframe_pdu()
1146 if (test_bit(FLAG_EXT_CTRL, &chan->flags)) in l2cap_create_sframe_pdu()
1151 if (chan->fcs == L2CAP_FCS_CRC16) { in l2cap_create_sframe_pdu()
1152 u16 fcs = crc16(0, (u8 *)skb->data, skb->len); in l2cap_create_sframe_pdu()
1156 skb->priority = HCI_PRIO_MAX; in l2cap_create_sframe_pdu()
1168 if (!control->sframe) in l2cap_send_sframe()
1171 if (test_and_clear_bit(CONN_SEND_FBIT, &chan->conn_state) && in l2cap_send_sframe()
1172 !control->poll) in l2cap_send_sframe()
1173 control->final = 1; in l2cap_send_sframe()
1175 if (control->super == L2CAP_SUPER_RR) in l2cap_send_sframe()
1176 clear_bit(CONN_RNR_SENT, &chan->conn_state); in l2cap_send_sframe()
1177 else if (control->super == L2CAP_SUPER_RNR) in l2cap_send_sframe()
1178 set_bit(CONN_RNR_SENT, &chan->conn_state); in l2cap_send_sframe()
1180 if (control->super != L2CAP_SUPER_SREJ) { in l2cap_send_sframe()
1181 chan->last_acked_seq = control->reqseq; in l2cap_send_sframe()
1185 BT_DBG("reqseq %d, final %d, poll %d, super %d", control->reqseq, in l2cap_send_sframe()
1186 control->final, control->poll, control->super); in l2cap_send_sframe()
1188 if (test_bit(FLAG_EXT_CTRL, &chan->flags)) in l2cap_send_sframe()
1208 if (test_bit(CONN_LOCAL_BUSY, &chan->conn_state)) in l2cap_send_rr_or_rnr()
1209 control.super = L2CAP_SUPER_RNR; in l2cap_send_rr_or_rnr()
1211 control.super = L2CAP_SUPER_RR; in l2cap_send_rr_or_rnr()
1213 control.reqseq = chan->buffer_seq; in l2cap_send_rr_or_rnr()
1219 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED) in __l2cap_no_conn_pending()
1222 return !test_bit(CONF_CONNECT_PEND, &chan->conf_state); in __l2cap_no_conn_pending()
1227 struct l2cap_conn *conn = chan->conn; in l2cap_send_conn_req()
1230 req.scid = cpu_to_le16(chan->scid); in l2cap_send_conn_req()
1231 req.psm = chan->psm; in l2cap_send_conn_req()
1233 chan->ident = l2cap_get_ident(conn); in l2cap_send_conn_req()
1235 set_bit(CONF_CONNECT_PEND, &chan->conf_state); in l2cap_send_conn_req()
1237 l2cap_send_cmd(conn, chan->ident, L2CAP_CONN_REQ, sizeof(req), &req); in l2cap_send_conn_req()
1246 if (chan->state == BT_CONNECTED) in l2cap_chan_ready()
1250 chan->conf_state = 0; in l2cap_chan_ready()
1253 switch (chan->mode) { in l2cap_chan_ready()
1256 if (!chan->tx_credits) in l2cap_chan_ready()
1257 chan->ops->suspend(chan); in l2cap_chan_ready()
1261 chan->state = BT_CONNECTED; in l2cap_chan_ready()
1263 chan->ops->ready(chan); in l2cap_chan_ready()
1268 struct l2cap_conn *conn = chan->conn; in l2cap_le_connect()
1271 if (test_and_set_bit(FLAG_LE_CONN_REQ_SENT, &chan->flags)) in l2cap_le_connect()
1274 if (!chan->imtu) in l2cap_le_connect()
1275 chan->imtu = chan->conn->mtu; in l2cap_le_connect()
1280 req.psm = chan->psm; in l2cap_le_connect()
1281 req.scid = cpu_to_le16(chan->scid); in l2cap_le_connect()
1282 req.mtu = cpu_to_le16(chan->imtu); in l2cap_le_connect()
1283 req.mps = cpu_to_le16(chan->mps); in l2cap_le_connect()
1284 req.credits = cpu_to_le16(chan->rx_credits); in l2cap_le_connect()
1286 chan->ident = l2cap_get_ident(conn); in l2cap_le_connect()
1288 l2cap_send_cmd(conn, chan->ident, L2CAP_LE_CONN_REQ, in l2cap_le_connect()
1307 if (chan == conn->chan) in l2cap_ecred_defer_connect()
1310 if (!test_and_clear_bit(FLAG_DEFER_SETUP, &chan->flags)) in l2cap_ecred_defer_connect()
1313 pid = chan->ops->get_peer_pid(chan); in l2cap_ecred_defer_connect()
1316 if (conn->pid != pid || chan->psm != conn->chan->psm || chan->ident || in l2cap_ecred_defer_connect()
1317 chan->mode != L2CAP_MODE_EXT_FLOWCTL || chan->state != BT_CONNECT) in l2cap_ecred_defer_connect()
1320 if (test_and_set_bit(FLAG_ECRED_CONN_REQ_SENT, &chan->flags)) in l2cap_ecred_defer_connect()
1326 chan->ident = conn->chan->ident; in l2cap_ecred_defer_connect()
1329 conn->pdu.scid[conn->count] = cpu_to_le16(chan->scid); in l2cap_ecred_defer_connect()
1331 conn->count++; in l2cap_ecred_defer_connect()
1336 struct l2cap_conn *conn = chan->conn; in l2cap_ecred_connect()
1339 if (test_bit(FLAG_DEFER_SETUP, &chan->flags)) in l2cap_ecred_connect()
1342 if (test_and_set_bit(FLAG_ECRED_CONN_REQ_SENT, &chan->flags)) in l2cap_ecred_connect()
1348 data.pdu.req.psm = chan->psm; in l2cap_ecred_connect()
1349 data.pdu.req.mtu = cpu_to_le16(chan->imtu); in l2cap_ecred_connect()
1350 data.pdu.req.mps = cpu_to_le16(chan->mps); in l2cap_ecred_connect()
1351 data.pdu.req.credits = cpu_to_le16(chan->rx_credits); in l2cap_ecred_connect()
1352 data.pdu.scid[0] = cpu_to_le16(chan->scid); in l2cap_ecred_connect()
1354 chan->ident = l2cap_get_ident(conn); in l2cap_ecred_connect()
1358 data.pid = chan->ops->get_peer_pid(chan); in l2cap_ecred_connect()
1362 l2cap_send_cmd(conn, chan->ident, L2CAP_ECRED_CONN_REQ, in l2cap_ecred_connect()
1369 struct l2cap_conn *conn = chan->conn; in l2cap_le_start()
1371 if (!smp_conn_security(conn->hcon, chan->sec_level)) in l2cap_le_start()
1374 if (!chan->psm) { in l2cap_le_start()
1379 if (chan->state == BT_CONNECT) { in l2cap_le_start()
1380 if (chan->mode == L2CAP_MODE_EXT_FLOWCTL) in l2cap_le_start()
1389 if (chan->conn->hcon->type == LE_LINK) { in l2cap_start_connection()
1400 if (conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_SENT) in l2cap_request_info()
1405 conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_SENT; in l2cap_request_info()
1406 conn->info_ident = l2cap_get_ident(conn); in l2cap_request_info()
1408 schedule_delayed_work(&conn->info_timer, L2CAP_INFO_TIMEOUT); in l2cap_request_info()
1410 l2cap_send_cmd(conn, conn->info_ident, L2CAP_INFO_REQ, in l2cap_request_info()
1426 int min_key_size = hcon->hdev->min_enc_key_size; in l2cap_check_enc_key_size()
1429 if (chan->sec_level == BT_SECURITY_FIPS) in l2cap_check_enc_key_size()
1432 return (!test_bit(HCI_CONN_ENCRYPT, &hcon->flags) || in l2cap_check_enc_key_size()
1433 hcon->enc_key_size >= min_key_size); in l2cap_check_enc_key_size()
1438 struct l2cap_conn *conn = chan->conn; in l2cap_do_start()
1440 if (conn->hcon->type == LE_LINK) { in l2cap_do_start()
1445 if (!(conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_SENT)) { in l2cap_do_start()
1450 if (!(conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_DONE)) in l2cap_do_start()
1457 if (l2cap_check_enc_key_size(conn->hcon, chan)) in l2cap_do_start()
1481 struct l2cap_conn *conn = chan->conn; in l2cap_send_disconn_req()
1487 if (chan->mode == L2CAP_MODE_ERTM && chan->state == BT_CONNECTED) { in l2cap_send_disconn_req()
1493 req.dcid = cpu_to_le16(chan->dcid); in l2cap_send_disconn_req()
1494 req.scid = cpu_to_le16(chan->scid); in l2cap_send_disconn_req()
1501 /* ---- L2CAP connections ---- */
1508 list_for_each_entry_safe(chan, tmp, &conn->chan_l, list) { in l2cap_conn_start()
1511 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED) { in l2cap_conn_start()
1517 if (chan->state == BT_CONNECT) { in l2cap_conn_start()
1524 if (!l2cap_mode_supported(chan->mode, conn->feat_mask) in l2cap_conn_start()
1526 &chan->conf_state)) { in l2cap_conn_start()
1532 if (l2cap_check_enc_key_size(conn->hcon, chan)) in l2cap_conn_start()
1537 } else if (chan->state == BT_CONNECT2) { in l2cap_conn_start()
1540 rsp.scid = cpu_to_le16(chan->dcid); in l2cap_conn_start()
1541 rsp.dcid = cpu_to_le16(chan->scid); in l2cap_conn_start()
1544 if (test_bit(FLAG_DEFER_SETUP, &chan->flags)) { in l2cap_conn_start()
1547 chan->ops->defer(chan); in l2cap_conn_start()
1559 l2cap_send_cmd(conn, chan->ident, L2CAP_CONN_RSP, in l2cap_conn_start()
1562 if (test_bit(CONF_REQ_SENT, &chan->conf_state) || in l2cap_conn_start()
1568 set_bit(CONF_REQ_SENT, &chan->conf_state); in l2cap_conn_start()
1571 chan->num_conf_req++; in l2cap_conn_start()
1580 struct hci_conn *hcon = conn->hcon; in l2cap_le_conn_ready()
1581 struct hci_dev *hdev = hcon->hdev; in l2cap_le_conn_ready()
1583 BT_DBG("%s conn %p", hdev->name, conn); in l2cap_le_conn_ready()
1588 if (hcon->out) in l2cap_le_conn_ready()
1589 smp_conn_security(hcon, hcon->pending_sec_level); in l2cap_le_conn_ready()
1596 if (hcon->role == HCI_ROLE_SLAVE && in l2cap_le_conn_ready()
1597 (hcon->le_conn_interval < hcon->le_conn_min_interval || in l2cap_le_conn_ready()
1598 hcon->le_conn_interval > hcon->le_conn_max_interval)) { in l2cap_le_conn_ready()
1601 req.min = cpu_to_le16(hcon->le_conn_min_interval); in l2cap_le_conn_ready()
1602 req.max = cpu_to_le16(hcon->le_conn_max_interval); in l2cap_le_conn_ready()
1603 req.latency = cpu_to_le16(hcon->le_conn_latency); in l2cap_le_conn_ready()
1604 req.to_multiplier = cpu_to_le16(hcon->le_supv_timeout); in l2cap_le_conn_ready()
1614 struct hci_conn *hcon = conn->hcon; in l2cap_conn_ready()
1618 if (hcon->type == ACL_LINK) in l2cap_conn_ready()
1621 mutex_lock(&conn->lock); in l2cap_conn_ready()
1623 list_for_each_entry(chan, &conn->chan_l, list) { in l2cap_conn_ready()
1627 if (hcon->type == LE_LINK) { in l2cap_conn_ready()
1629 } else if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED) { in l2cap_conn_ready()
1630 if (conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_DONE) in l2cap_conn_ready()
1632 } else if (chan->state == BT_CONNECT) { in l2cap_conn_ready()
1639 mutex_unlock(&conn->lock); in l2cap_conn_ready()
1641 if (hcon->type == LE_LINK) in l2cap_conn_ready()
1644 queue_work(hcon->hdev->workqueue, &conn->pending_rx_work); in l2cap_conn_ready()
1654 list_for_each_entry(chan, &conn->chan_l, list) { in l2cap_conn_unreliable()
1655 if (test_bit(FLAG_FORCE_RELIABLE, &chan->flags)) in l2cap_conn_unreliable()
1665 conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_DONE; in l2cap_info_timeout()
1666 conn->info_ident = 0; in l2cap_info_timeout()
1668 mutex_lock(&conn->lock); in l2cap_info_timeout()
1670 mutex_unlock(&conn->lock); in l2cap_info_timeout()
1675 * External modules can register l2cap_user objects on l2cap_conn. The ->probe
1676 * callback is called during registration. The ->remove callback is called
1679 * underlying l2cap_conn object is deleted. This guarantees that l2cap->hcon,
1680 * l2cap->hchan, .. are valid as long as the remove callback hasn't been called.
1688 struct hci_dev *hdev = conn->hcon->hdev; in l2cap_register_user()
1700 if (!list_empty(&user->list)) { in l2cap_register_user()
1701 ret = -EINVAL; in l2cap_register_user()
1705 /* conn->hchan is NULL after l2cap_conn_del() was called */ in l2cap_register_user()
1706 if (!conn->hchan) { in l2cap_register_user()
1707 ret = -ENODEV; in l2cap_register_user()
1711 ret = user->probe(conn, user); in l2cap_register_user()
1715 list_add(&user->list, &conn->users); in l2cap_register_user()
1726 struct hci_dev *hdev = conn->hcon->hdev; in l2cap_unregister_user()
1730 if (list_empty(&user->list)) in l2cap_unregister_user()
1733 list_del_init(&user->list); in l2cap_unregister_user()
1734 user->remove(conn, user); in l2cap_unregister_user()
1745 while (!list_empty(&conn->users)) { in l2cap_unregister_all_users()
1746 user = list_first_entry(&conn->users, struct l2cap_user, list); in l2cap_unregister_all_users()
1747 list_del_init(&user->list); in l2cap_unregister_all_users()
1748 user->remove(conn, user); in l2cap_unregister_all_users()
1754 struct l2cap_conn *conn = hcon->l2cap_data; in l2cap_conn_del()
1762 mutex_lock(&conn->lock); in l2cap_conn_del()
1764 kfree_skb(conn->rx_skb); in l2cap_conn_del()
1766 skb_queue_purge(&conn->pending_rx); in l2cap_conn_del()
1768 /* We can not call flush_work(&conn->pending_rx_work) here since we in l2cap_conn_del()
1772 if (work_pending(&conn->pending_rx_work)) in l2cap_conn_del()
1773 cancel_work_sync(&conn->pending_rx_work); in l2cap_conn_del()
1775 cancel_delayed_work_sync(&conn->id_addr_timer); in l2cap_conn_del()
1780 hcon->disc_timeout = 0; in l2cap_conn_del()
1783 list_for_each_entry_safe(chan, l, &conn->chan_l, list) { in l2cap_conn_del()
1789 chan->ops->close(chan); in l2cap_conn_del()
1795 if (conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_SENT) in l2cap_conn_del()
1796 cancel_delayed_work_sync(&conn->info_timer); in l2cap_conn_del()
1798 hci_chan_del(conn->hchan); in l2cap_conn_del()
1799 conn->hchan = NULL; in l2cap_conn_del()
1801 hcon->l2cap_data = NULL; in l2cap_conn_del()
1802 mutex_unlock(&conn->lock); in l2cap_conn_del()
1810 hci_conn_put(conn->hcon); in l2cap_conn_free()
1816 kref_get(&conn->ref); in l2cap_conn_get()
1823 kref_put(&conn->ref, l2cap_conn_free); in l2cap_conn_put()
1827 /* ---- Socket interface ---- */
1842 if (state && c->state != state) in l2cap_global_chan_by_psm()
1845 if (link_type == ACL_LINK && c->src_type != BDADDR_BREDR) in l2cap_global_chan_by_psm()
1848 if (link_type == LE_LINK && c->src_type == BDADDR_BREDR) in l2cap_global_chan_by_psm()
1851 if (c->chan_type != L2CAP_CHAN_FIXED && c->psm == psm) { in l2cap_global_chan_by_psm()
1856 src_match = !bacmp(&c->src, src); in l2cap_global_chan_by_psm()
1857 dst_match = !bacmp(&c->dst, dst); in l2cap_global_chan_by_psm()
1867 src_any = !bacmp(&c->src, BDADDR_ANY); in l2cap_global_chan_by_psm()
1868 dst_any = !bacmp(&c->dst, BDADDR_ANY); in l2cap_global_chan_by_psm()
1892 if (!chan->conn) { in l2cap_monitor_timeout()
1913 if (!chan->conn) { in l2cap_retrans_timeout()
1932 skb_queue_splice_tail_init(skbs, &chan->tx_q); in l2cap_streaming_send()
1934 while (!skb_queue_empty(&chan->tx_q)) { in l2cap_streaming_send()
1936 skb = skb_dequeue(&chan->tx_q); in l2cap_streaming_send()
1938 bt_cb(skb)->l2cap.retries = 1; in l2cap_streaming_send()
1939 control = &bt_cb(skb)->l2cap; in l2cap_streaming_send()
1941 control->reqseq = 0; in l2cap_streaming_send()
1942 control->txseq = chan->next_tx_seq; in l2cap_streaming_send()
1946 if (chan->fcs == L2CAP_FCS_CRC16) { in l2cap_streaming_send()
1947 u16 fcs = crc16(0, (u8 *) skb->data, skb->len); in l2cap_streaming_send()
1953 BT_DBG("Sent txseq %u", control->txseq); in l2cap_streaming_send()
1955 chan->next_tx_seq = __next_seq(chan, chan->next_tx_seq); in l2cap_streaming_send()
1956 chan->frames_sent++; in l2cap_streaming_send()
1968 if (chan->state != BT_CONNECTED) in l2cap_ertm_send()
1969 return -ENOTCONN; in l2cap_ertm_send()
1971 if (test_bit(CONN_REMOTE_BUSY, &chan->conn_state)) in l2cap_ertm_send()
1974 while (chan->tx_send_head && in l2cap_ertm_send()
1975 chan->unacked_frames < chan->remote_tx_win && in l2cap_ertm_send()
1976 chan->tx_state == L2CAP_TX_STATE_XMIT) { in l2cap_ertm_send()
1978 skb = chan->tx_send_head; in l2cap_ertm_send()
1980 bt_cb(skb)->l2cap.retries = 1; in l2cap_ertm_send()
1981 control = &bt_cb(skb)->l2cap; in l2cap_ertm_send()
1983 if (test_and_clear_bit(CONN_SEND_FBIT, &chan->conn_state)) in l2cap_ertm_send()
1984 control->final = 1; in l2cap_ertm_send()
1986 control->reqseq = chan->buffer_seq; in l2cap_ertm_send()
1987 chan->last_acked_seq = chan->buffer_seq; in l2cap_ertm_send()
1988 control->txseq = chan->next_tx_seq; in l2cap_ertm_send()
1992 if (chan->fcs == L2CAP_FCS_CRC16) { in l2cap_ertm_send()
1993 u16 fcs = crc16(0, (u8 *) skb->data, skb->len); in l2cap_ertm_send()
1998 read-only (for locking purposes) on cloned sk_buffs. in l2cap_ertm_send()
2007 chan->next_tx_seq = __next_seq(chan, chan->next_tx_seq); in l2cap_ertm_send()
2008 chan->unacked_frames++; in l2cap_ertm_send()
2009 chan->frames_sent++; in l2cap_ertm_send()
2012 if (skb_queue_is_last(&chan->tx_q, skb)) in l2cap_ertm_send()
2013 chan->tx_send_head = NULL; in l2cap_ertm_send()
2015 chan->tx_send_head = skb_queue_next(&chan->tx_q, skb); in l2cap_ertm_send()
2018 BT_DBG("Sent txseq %u", control->txseq); in l2cap_ertm_send()
2022 chan->unacked_frames, skb_queue_len(&chan->tx_q)); in l2cap_ertm_send()
2036 if (test_bit(CONN_REMOTE_BUSY, &chan->conn_state)) in l2cap_ertm_resend()
2039 while (chan->retrans_list.head != L2CAP_SEQ_LIST_CLEAR) { in l2cap_ertm_resend()
2040 seq = l2cap_seq_list_pop(&chan->retrans_list); in l2cap_ertm_resend()
2042 skb = l2cap_ertm_seq_in_queue(&chan->tx_q, seq); in l2cap_ertm_resend()
2049 bt_cb(skb)->l2cap.retries++; in l2cap_ertm_resend()
2050 control = bt_cb(skb)->l2cap; in l2cap_ertm_resend()
2052 if (chan->max_tx != 0 && in l2cap_ertm_resend()
2053 bt_cb(skb)->l2cap.retries > chan->max_tx) { in l2cap_ertm_resend()
2054 BT_DBG("Retry limit exceeded (%d)", chan->max_tx); in l2cap_ertm_resend()
2056 l2cap_seq_list_clear(&chan->retrans_list); in l2cap_ertm_resend()
2060 control.reqseq = chan->buffer_seq; in l2cap_ertm_resend()
2061 if (test_and_clear_bit(CONN_SEND_FBIT, &chan->conn_state)) in l2cap_ertm_resend()
2067 /* Cloned sk_buffs are read-only, so we need a in l2cap_ertm_resend()
2076 l2cap_seq_list_clear(&chan->retrans_list); in l2cap_ertm_resend()
2081 if (test_bit(FLAG_EXT_CTRL, &chan->flags)) { in l2cap_ertm_resend()
2083 tx_skb->data + L2CAP_HDR_SIZE); in l2cap_ertm_resend()
2086 tx_skb->data + L2CAP_HDR_SIZE); in l2cap_ertm_resend()
2090 if (chan->fcs == L2CAP_FCS_CRC16) { in l2cap_ertm_resend()
2091 u16 fcs = crc16(0, (u8 *) tx_skb->data, in l2cap_ertm_resend()
2092 tx_skb->len - L2CAP_FCS_SIZE); in l2cap_ertm_resend()
2093 put_unaligned_le16(fcs, skb_tail_pointer(tx_skb) - in l2cap_ertm_resend()
2101 chan->last_acked_seq = chan->buffer_seq; in l2cap_ertm_resend()
2110 l2cap_seq_list_append(&chan->retrans_list, control->reqseq); in l2cap_retransmit()
2121 if (control->poll) in l2cap_retransmit_all()
2122 set_bit(CONN_SEND_FBIT, &chan->conn_state); in l2cap_retransmit_all()
2124 l2cap_seq_list_clear(&chan->retrans_list); in l2cap_retransmit_all()
2126 if (test_bit(CONN_REMOTE_BUSY, &chan->conn_state)) in l2cap_retransmit_all()
2129 if (chan->unacked_frames) { in l2cap_retransmit_all()
2130 skb_queue_walk(&chan->tx_q, skb) { in l2cap_retransmit_all()
2131 if (bt_cb(skb)->l2cap.txseq == control->reqseq || in l2cap_retransmit_all()
2132 skb == chan->tx_send_head) in l2cap_retransmit_all()
2136 skb_queue_walk_from(&chan->tx_q, skb) { in l2cap_retransmit_all()
2137 if (skb == chan->tx_send_head) in l2cap_retransmit_all()
2140 l2cap_seq_list_append(&chan->retrans_list, in l2cap_retransmit_all()
2141 bt_cb(skb)->l2cap.txseq); in l2cap_retransmit_all()
2151 u16 frames_to_ack = __seq_offset(chan, chan->buffer_seq, in l2cap_send_ack()
2152 chan->last_acked_seq); in l2cap_send_ack()
2156 chan, chan->last_acked_seq, chan->buffer_seq); in l2cap_send_ack()
2161 if (test_bit(CONN_LOCAL_BUSY, &chan->conn_state) && in l2cap_send_ack()
2162 chan->rx_state == L2CAP_RX_STATE_RECV) { in l2cap_send_ack()
2164 control.super = L2CAP_SUPER_RNR; in l2cap_send_ack()
2165 control.reqseq = chan->buffer_seq; in l2cap_send_ack()
2168 if (!test_bit(CONN_REMOTE_BUSY, &chan->conn_state)) { in l2cap_send_ack()
2170 /* If any i-frames were sent, they included an ack */ in l2cap_send_ack()
2171 if (chan->buffer_seq == chan->last_acked_seq) in l2cap_send_ack()
2178 threshold = chan->ack_win; in l2cap_send_ack()
2187 control.super = L2CAP_SUPER_RR; in l2cap_send_ack()
2188 control.reqseq = chan->buffer_seq; in l2cap_send_ack()
2202 struct l2cap_conn *conn = chan->conn; in l2cap_skbuff_fromiovec()
2206 if (!copy_from_iter_full(skb_put(skb, count), count, &msg->msg_iter)) in l2cap_skbuff_fromiovec()
2207 return -EFAULT; in l2cap_skbuff_fromiovec()
2210 len -= count; in l2cap_skbuff_fromiovec()
2213 frag = &skb_shinfo(skb)->frag_list; in l2cap_skbuff_fromiovec()
2217 count = min_t(unsigned int, conn->mtu, len); in l2cap_skbuff_fromiovec()
2219 tmp = chan->ops->alloc_skb(chan, 0, count, in l2cap_skbuff_fromiovec()
2220 msg->msg_flags & MSG_DONTWAIT); in l2cap_skbuff_fromiovec()
2227 &msg->msg_iter)) in l2cap_skbuff_fromiovec()
2228 return -EFAULT; in l2cap_skbuff_fromiovec()
2231 len -= count; in l2cap_skbuff_fromiovec()
2233 skb->len += (*frag)->len; in l2cap_skbuff_fromiovec()
2234 skb->data_len += (*frag)->len; in l2cap_skbuff_fromiovec()
2236 frag = &(*frag)->next; in l2cap_skbuff_fromiovec()
2245 struct l2cap_conn *conn = chan->conn; in l2cap_create_connless_pdu()
2251 __le16_to_cpu(chan->psm), len); in l2cap_create_connless_pdu()
2253 count = min_t(unsigned int, (conn->mtu - hlen), len); in l2cap_create_connless_pdu()
2255 skb = chan->ops->alloc_skb(chan, hlen, count, in l2cap_create_connless_pdu()
2256 msg->msg_flags & MSG_DONTWAIT); in l2cap_create_connless_pdu()
2262 lh->cid = cpu_to_le16(chan->dcid); in l2cap_create_connless_pdu()
2263 lh->len = cpu_to_le16(len + L2CAP_PSMLEN_SIZE); in l2cap_create_connless_pdu()
2264 put_unaligned(chan->psm, (__le16 *) skb_put(skb, L2CAP_PSMLEN_SIZE)); in l2cap_create_connless_pdu()
2277 struct l2cap_conn *conn = chan->conn; in l2cap_create_basic_pdu()
2284 count = min_t(unsigned int, (conn->mtu - L2CAP_HDR_SIZE), len); in l2cap_create_basic_pdu()
2286 skb = chan->ops->alloc_skb(chan, L2CAP_HDR_SIZE, count, in l2cap_create_basic_pdu()
2287 msg->msg_flags & MSG_DONTWAIT); in l2cap_create_basic_pdu()
2293 lh->cid = cpu_to_le16(chan->dcid); in l2cap_create_basic_pdu()
2294 lh->len = cpu_to_le16(len); in l2cap_create_basic_pdu()
2308 struct l2cap_conn *conn = chan->conn; in l2cap_create_iframe_pdu()
2316 return ERR_PTR(-ENOTCONN); in l2cap_create_iframe_pdu()
2323 if (chan->fcs == L2CAP_FCS_CRC16) in l2cap_create_iframe_pdu()
2326 count = min_t(unsigned int, (conn->mtu - hlen), len); in l2cap_create_iframe_pdu()
2328 skb = chan->ops->alloc_skb(chan, hlen, count, in l2cap_create_iframe_pdu()
2329 msg->msg_flags & MSG_DONTWAIT); in l2cap_create_iframe_pdu()
2335 lh->cid = cpu_to_le16(chan->dcid); in l2cap_create_iframe_pdu()
2336 lh->len = cpu_to_le16(len + (hlen - L2CAP_HDR_SIZE)); in l2cap_create_iframe_pdu()
2339 if (test_bit(FLAG_EXT_CTRL, &chan->flags)) in l2cap_create_iframe_pdu()
2353 bt_cb(skb)->l2cap.fcs = chan->fcs; in l2cap_create_iframe_pdu()
2354 bt_cb(skb)->l2cap.retries = 0; in l2cap_create_iframe_pdu()
2375 pdu_len = chan->conn->mtu; in l2cap_segment_sdu()
2381 if (chan->fcs) in l2cap_segment_sdu()
2382 pdu_len -= L2CAP_FCS_SIZE; in l2cap_segment_sdu()
2384 pdu_len -= __ertm_hdr_size(chan); in l2cap_segment_sdu()
2387 pdu_len = min_t(size_t, pdu_len, chan->remote_mps); in l2cap_segment_sdu()
2406 bt_cb(skb)->l2cap.sar = sar; in l2cap_segment_sdu()
2409 len -= pdu_len; in l2cap_segment_sdu()
2428 struct l2cap_conn *conn = chan->conn; in l2cap_create_le_flowctl_pdu()
2436 return ERR_PTR(-ENOTCONN); in l2cap_create_le_flowctl_pdu()
2443 count = min_t(unsigned int, (conn->mtu - hlen), len); in l2cap_create_le_flowctl_pdu()
2445 skb = chan->ops->alloc_skb(chan, hlen, count, in l2cap_create_le_flowctl_pdu()
2446 msg->msg_flags & MSG_DONTWAIT); in l2cap_create_le_flowctl_pdu()
2452 lh->cid = cpu_to_le16(chan->dcid); in l2cap_create_le_flowctl_pdu()
2453 lh->len = cpu_to_le16(len + (hlen - L2CAP_HDR_SIZE)); in l2cap_create_le_flowctl_pdu()
2478 pdu_len = chan->remote_mps - L2CAP_SDULEN_SIZE; in l2cap_segment_le_sdu()
2492 len -= pdu_len; in l2cap_segment_le_sdu()
2509 while (chan->tx_credits && !skb_queue_empty(&chan->tx_q)) { in l2cap_le_flowctl_send()
2510 l2cap_do_send(chan, skb_dequeue(&chan->tx_q)); in l2cap_le_flowctl_send()
2511 chan->tx_credits--; in l2cap_le_flowctl_send()
2515 BT_DBG("Sent %d credits %u queued %u", sent, chan->tx_credits, in l2cap_le_flowctl_send()
2516 skb_queue_len(&chan->tx_q)); in l2cap_le_flowctl_send()
2523 struct sock *sk = skb ? skb->sk : NULL; in l2cap_tx_timestamp()
2525 if (sk && sk->sk_type == SOCK_STREAM) in l2cap_tx_timestamp()
2536 struct sock *sk = skb ? skb->sk : NULL; in l2cap_tx_timestamp_seg()
2538 if (sk && sk->sk_type == SOCK_STREAM) in l2cap_tx_timestamp_seg()
2551 if (!chan->conn) in l2cap_chan_send()
2552 return -ENOTCONN; in l2cap_chan_send()
2555 if (chan->chan_type == L2CAP_CHAN_CONN_LESS) { in l2cap_chan_send()
2566 switch (chan->mode) { in l2cap_chan_send()
2570 if (len > chan->omtu) in l2cap_chan_send()
2571 return -EMSGSIZE; in l2cap_chan_send()
2577 if (chan->state != BT_CONNECTED) { in l2cap_chan_send()
2579 err = -ENOTCONN; in l2cap_chan_send()
2587 skb_queue_splice_tail_init(&seg_queue, &chan->tx_q); in l2cap_chan_send()
2591 if (!chan->tx_credits) in l2cap_chan_send()
2592 chan->ops->suspend(chan); in l2cap_chan_send()
2600 if (len > chan->omtu) in l2cap_chan_send()
2601 return -EMSGSIZE; in l2cap_chan_send()
2617 if (len > chan->omtu) { in l2cap_chan_send()
2618 err = -EMSGSIZE; in l2cap_chan_send()
2633 if (chan->mode == L2CAP_MODE_ERTM) { in l2cap_chan_send()
2650 BT_DBG("bad state %1.1x", chan->mode); in l2cap_chan_send()
2651 err = -EBADFD; in l2cap_chan_send()
2667 control.super = L2CAP_SUPER_SREJ; in l2cap_send_srej()
2669 for (seq = chan->expected_tx_seq; seq != txseq; in l2cap_send_srej()
2671 if (!l2cap_ertm_seq_in_queue(&chan->srej_q, seq)) { in l2cap_send_srej()
2674 l2cap_seq_list_append(&chan->srej_list, seq); in l2cap_send_srej()
2678 chan->expected_tx_seq = __next_seq(chan, txseq); in l2cap_send_srej()
2687 if (chan->srej_list.tail == L2CAP_SEQ_LIST_CLEAR) in l2cap_send_srej_tail()
2692 control.super = L2CAP_SUPER_SREJ; in l2cap_send_srej_tail()
2693 control.reqseq = chan->srej_list.tail; in l2cap_send_srej_tail()
2707 control.super = L2CAP_SUPER_SREJ; in l2cap_send_srej_list()
2710 initial_head = chan->srej_list.head; in l2cap_send_srej_list()
2713 seq = l2cap_seq_list_pop(&chan->srej_list); in l2cap_send_srej_list()
2719 l2cap_seq_list_append(&chan->srej_list, seq); in l2cap_send_srej_list()
2720 } while (chan->srej_list.head != initial_head); in l2cap_send_srej_list()
2730 if (chan->unacked_frames == 0 || reqseq == chan->expected_ack_seq) in l2cap_process_reqseq()
2734 chan->expected_ack_seq, chan->unacked_frames); in l2cap_process_reqseq()
2736 for (ackseq = chan->expected_ack_seq; ackseq != reqseq; in l2cap_process_reqseq()
2739 acked_skb = l2cap_ertm_seq_in_queue(&chan->tx_q, ackseq); in l2cap_process_reqseq()
2741 skb_unlink(acked_skb, &chan->tx_q); in l2cap_process_reqseq()
2743 chan->unacked_frames--; in l2cap_process_reqseq()
2747 chan->expected_ack_seq = reqseq; in l2cap_process_reqseq()
2749 if (chan->unacked_frames == 0) in l2cap_process_reqseq()
2752 BT_DBG("unacked_frames %u", chan->unacked_frames); in l2cap_process_reqseq()
2759 chan->expected_tx_seq = chan->buffer_seq; in l2cap_abort_rx_srej_sent()
2760 l2cap_seq_list_clear(&chan->srej_list); in l2cap_abort_rx_srej_sent()
2761 skb_queue_purge(&chan->srej_q); in l2cap_abort_rx_srej_sent()
2762 chan->rx_state = L2CAP_RX_STATE_RECV; in l2cap_abort_rx_srej_sent()
2774 if (chan->tx_send_head == NULL) in l2cap_tx_state_xmit()
2775 chan->tx_send_head = skb_peek(skbs); in l2cap_tx_state_xmit()
2777 skb_queue_splice_tail_init(skbs, &chan->tx_q); in l2cap_tx_state_xmit()
2782 set_bit(CONN_LOCAL_BUSY, &chan->conn_state); in l2cap_tx_state_xmit()
2784 if (chan->rx_state == L2CAP_RX_STATE_SREJ_SENT) { in l2cap_tx_state_xmit()
2796 clear_bit(CONN_LOCAL_BUSY, &chan->conn_state); in l2cap_tx_state_xmit()
2798 if (test_bit(CONN_RNR_SENT, &chan->conn_state)) { in l2cap_tx_state_xmit()
2803 local_control.super = L2CAP_SUPER_RR; in l2cap_tx_state_xmit()
2805 local_control.reqseq = chan->buffer_seq; in l2cap_tx_state_xmit()
2808 chan->retry_count = 1; in l2cap_tx_state_xmit()
2810 chan->tx_state = L2CAP_TX_STATE_WAIT_F; in l2cap_tx_state_xmit()
2814 l2cap_process_reqseq(chan, control->reqseq); in l2cap_tx_state_xmit()
2818 chan->retry_count = 1; in l2cap_tx_state_xmit()
2821 chan->tx_state = L2CAP_TX_STATE_WAIT_F; in l2cap_tx_state_xmit()
2825 chan->retry_count = 1; in l2cap_tx_state_xmit()
2827 chan->tx_state = L2CAP_TX_STATE_WAIT_F; in l2cap_tx_state_xmit()
2846 if (chan->tx_send_head == NULL) in l2cap_tx_state_wait_f()
2847 chan->tx_send_head = skb_peek(skbs); in l2cap_tx_state_wait_f()
2849 skb_queue_splice_tail_init(skbs, &chan->tx_q); in l2cap_tx_state_wait_f()
2853 set_bit(CONN_LOCAL_BUSY, &chan->conn_state); in l2cap_tx_state_wait_f()
2855 if (chan->rx_state == L2CAP_RX_STATE_SREJ_SENT) { in l2cap_tx_state_wait_f()
2867 clear_bit(CONN_LOCAL_BUSY, &chan->conn_state); in l2cap_tx_state_wait_f()
2869 if (test_bit(CONN_RNR_SENT, &chan->conn_state)) { in l2cap_tx_state_wait_f()
2873 local_control.super = L2CAP_SUPER_RR; in l2cap_tx_state_wait_f()
2875 local_control.reqseq = chan->buffer_seq; in l2cap_tx_state_wait_f()
2878 chan->retry_count = 1; in l2cap_tx_state_wait_f()
2880 chan->tx_state = L2CAP_TX_STATE_WAIT_F; in l2cap_tx_state_wait_f()
2884 l2cap_process_reqseq(chan, control->reqseq); in l2cap_tx_state_wait_f()
2888 if (control && control->final) { in l2cap_tx_state_wait_f()
2890 if (chan->unacked_frames > 0) in l2cap_tx_state_wait_f()
2892 chan->retry_count = 0; in l2cap_tx_state_wait_f()
2893 chan->tx_state = L2CAP_TX_STATE_XMIT; in l2cap_tx_state_wait_f()
2894 BT_DBG("recv fbit tx_state 0x2.2%x", chan->tx_state); in l2cap_tx_state_wait_f()
2901 if (chan->max_tx == 0 || chan->retry_count < chan->max_tx) { in l2cap_tx_state_wait_f()
2904 chan->retry_count++; in l2cap_tx_state_wait_f()
2918 chan, control, skbs, event, chan->tx_state); in l2cap_tx()
2920 switch (chan->tx_state) { in l2cap_tx()
2955 list_for_each_entry(chan, &conn->chan_l, list) { in l2cap_raw_recv()
2956 if (chan->chan_type != L2CAP_CHAN_RAW) in l2cap_raw_recv()
2960 if (bt_cb(skb)->l2cap.chan == chan) in l2cap_raw_recv()
2966 if (chan->ops->recv(chan, nskb)) in l2cap_raw_recv()
2971 /* ---- L2CAP signalling commands ---- */
2983 if (conn->mtu < L2CAP_HDR_SIZE + L2CAP_CMD_HDR_SIZE) in l2cap_build_cmd()
2987 count = min_t(unsigned int, conn->mtu, len); in l2cap_build_cmd()
2994 lh->len = cpu_to_le16(L2CAP_CMD_HDR_SIZE + dlen); in l2cap_build_cmd()
2996 if (conn->hcon->type == LE_LINK) in l2cap_build_cmd()
2997 lh->cid = cpu_to_le16(L2CAP_CID_LE_SIGNALING); in l2cap_build_cmd()
2999 lh->cid = cpu_to_le16(L2CAP_CID_SIGNALING); in l2cap_build_cmd()
3002 cmd->code = code; in l2cap_build_cmd()
3003 cmd->ident = ident; in l2cap_build_cmd()
3004 cmd->len = cpu_to_le16(dlen); in l2cap_build_cmd()
3007 count -= L2CAP_HDR_SIZE + L2CAP_CMD_HDR_SIZE; in l2cap_build_cmd()
3012 len -= skb->len; in l2cap_build_cmd()
3015 frag = &skb_shinfo(skb)->frag_list; in l2cap_build_cmd()
3017 count = min_t(unsigned int, conn->mtu, len); in l2cap_build_cmd()
3025 len -= count; in l2cap_build_cmd()
3028 frag = &(*frag)->next; in l2cap_build_cmd()
3044 len = L2CAP_CONF_OPT_SIZE + opt->len; in l2cap_get_conf_opt()
3047 *type = opt->type; in l2cap_get_conf_opt()
3048 *olen = opt->len; in l2cap_get_conf_opt()
3050 switch (opt->len) { in l2cap_get_conf_opt()
3052 *val = *((u8 *) opt->val); in l2cap_get_conf_opt()
3056 *val = get_unaligned_le16(opt->val); in l2cap_get_conf_opt()
3060 *val = get_unaligned_le32(opt->val); in l2cap_get_conf_opt()
3064 *val = (unsigned long) opt->val; in l2cap_get_conf_opt()
3068 BT_DBG("type 0x%2.2x len %u val 0x%lx", *type, opt->len, *val); in l2cap_get_conf_opt()
3081 opt->type = type; in l2cap_add_conf_opt()
3082 opt->len = len; in l2cap_add_conf_opt()
3086 *((u8 *) opt->val) = val; in l2cap_add_conf_opt()
3090 put_unaligned_le16(val, opt->val); in l2cap_add_conf_opt()
3094 put_unaligned_le32(val, opt->val); in l2cap_add_conf_opt()
3098 memcpy(opt->val, (void *) val, len); in l2cap_add_conf_opt()
3109 switch (chan->mode) { in l2cap_add_opt_efs()
3111 efs.id = chan->local_id; in l2cap_add_opt_efs()
3112 efs.stype = chan->local_stype; in l2cap_add_opt_efs()
3113 efs.msdu = cpu_to_le16(chan->local_msdu); in l2cap_add_opt_efs()
3114 efs.sdu_itime = cpu_to_le32(chan->local_sdu_itime); in l2cap_add_opt_efs()
3122 efs.msdu = cpu_to_le16(chan->local_msdu); in l2cap_add_opt_efs()
3123 efs.sdu_itime = cpu_to_le32(chan->local_sdu_itime); in l2cap_add_opt_efs()
3146 frames_to_ack = __seq_offset(chan, chan->buffer_seq, in l2cap_ack_timeout()
3147 chan->last_acked_seq); in l2cap_ack_timeout()
3160 chan->next_tx_seq = 0; in l2cap_ertm_init()
3161 chan->expected_tx_seq = 0; in l2cap_ertm_init()
3162 chan->expected_ack_seq = 0; in l2cap_ertm_init()
3163 chan->unacked_frames = 0; in l2cap_ertm_init()
3164 chan->buffer_seq = 0; in l2cap_ertm_init()
3165 chan->frames_sent = 0; in l2cap_ertm_init()
3166 chan->last_acked_seq = 0; in l2cap_ertm_init()
3167 chan->sdu = NULL; in l2cap_ertm_init()
3168 chan->sdu_last_frag = NULL; in l2cap_ertm_init()
3169 chan->sdu_len = 0; in l2cap_ertm_init()
3171 skb_queue_head_init(&chan->tx_q); in l2cap_ertm_init()
3173 if (chan->mode != L2CAP_MODE_ERTM) in l2cap_ertm_init()
3176 chan->rx_state = L2CAP_RX_STATE_RECV; in l2cap_ertm_init()
3177 chan->tx_state = L2CAP_TX_STATE_XMIT; in l2cap_ertm_init()
3179 skb_queue_head_init(&chan->srej_q); in l2cap_ertm_init()
3181 err = l2cap_seq_list_init(&chan->srej_list, chan->tx_win); in l2cap_ertm_init()
3185 err = l2cap_seq_list_init(&chan->retrans_list, chan->remote_tx_win); in l2cap_ertm_init()
3187 l2cap_seq_list_free(&chan->srej_list); in l2cap_ertm_init()
3207 return (conn->feat_mask & L2CAP_FEAT_EXT_WINDOW); in __l2cap_ews_supported()
3212 return (conn->feat_mask & L2CAP_FEAT_EXT_FLOW); in __l2cap_efs_supported()
3218 rfc->retrans_timeout = cpu_to_le16(L2CAP_DEFAULT_RETRANS_TO); in __l2cap_set_ertm_timeouts()
3219 rfc->monitor_timeout = cpu_to_le16(L2CAP_DEFAULT_MONITOR_TO); in __l2cap_set_ertm_timeouts()
3224 if (chan->tx_win > L2CAP_DEFAULT_TX_WINDOW && in l2cap_txwin_setup()
3225 __l2cap_ews_supported(chan->conn)) { in l2cap_txwin_setup()
3227 set_bit(FLAG_EXT_CTRL, &chan->flags); in l2cap_txwin_setup()
3228 chan->tx_win_max = L2CAP_DEFAULT_EXT_WINDOW; in l2cap_txwin_setup()
3230 chan->tx_win = min_t(u16, chan->tx_win, in l2cap_txwin_setup()
3232 chan->tx_win_max = L2CAP_DEFAULT_TX_WINDOW; in l2cap_txwin_setup()
3234 chan->ack_win = chan->tx_win; in l2cap_txwin_setup()
3239 struct hci_conn *conn = chan->conn->hcon; in l2cap_mtu_auto()
3241 chan->imtu = L2CAP_DEFAULT_MIN_MTU; in l2cap_mtu_auto()
3243 /* The 2-DH1 packet has between 2 and 56 information bytes in l2cap_mtu_auto()
3244 * (including the 2-byte payload header) in l2cap_mtu_auto()
3246 if (!(conn->pkt_type & HCI_2DH1)) in l2cap_mtu_auto()
3247 chan->imtu = 54; in l2cap_mtu_auto()
3249 /* The 3-DH1 packet has between 2 and 85 information bytes in l2cap_mtu_auto()
3250 * (including the 2-byte payload header) in l2cap_mtu_auto()
3252 if (!(conn->pkt_type & HCI_3DH1)) in l2cap_mtu_auto()
3253 chan->imtu = 83; in l2cap_mtu_auto()
3255 /* The 2-DH3 packet has between 2 and 369 information bytes in l2cap_mtu_auto()
3256 * (including the 2-byte payload header) in l2cap_mtu_auto()
3258 if (!(conn->pkt_type & HCI_2DH3)) in l2cap_mtu_auto()
3259 chan->imtu = 367; in l2cap_mtu_auto()
3261 /* The 3-DH3 packet has between 2 and 554 information bytes in l2cap_mtu_auto()
3262 * (including the 2-byte payload header) in l2cap_mtu_auto()
3264 if (!(conn->pkt_type & HCI_3DH3)) in l2cap_mtu_auto()
3265 chan->imtu = 552; in l2cap_mtu_auto()
3267 /* The 2-DH5 packet has between 2 and 681 information bytes in l2cap_mtu_auto()
3268 * (including the 2-byte payload header) in l2cap_mtu_auto()
3270 if (!(conn->pkt_type & HCI_2DH5)) in l2cap_mtu_auto()
3271 chan->imtu = 679; in l2cap_mtu_auto()
3273 /* The 3-DH5 packet has between 2 and 1023 information bytes in l2cap_mtu_auto()
3274 * (including the 2-byte payload header) in l2cap_mtu_auto()
3276 if (!(conn->pkt_type & HCI_3DH5)) in l2cap_mtu_auto()
3277 chan->imtu = 1021; in l2cap_mtu_auto()
3283 struct l2cap_conf_rfc rfc = { .mode = chan->mode }; in l2cap_build_conf_req()
3284 void *ptr = req->data; in l2cap_build_conf_req()
3290 if (chan->num_conf_req || chan->num_conf_rsp) in l2cap_build_conf_req()
3293 switch (chan->mode) { in l2cap_build_conf_req()
3296 if (test_bit(CONF_STATE2_DEVICE, &chan->conf_state)) in l2cap_build_conf_req()
3299 if (__l2cap_efs_supported(chan->conn)) in l2cap_build_conf_req()
3300 set_bit(FLAG_EFS_ENABLE, &chan->flags); in l2cap_build_conf_req()
3304 chan->mode = l2cap_select_mode(rfc.mode, chan->conn->feat_mask); in l2cap_build_conf_req()
3309 if (chan->imtu != L2CAP_DEFAULT_MTU) { in l2cap_build_conf_req()
3310 if (!chan->imtu) in l2cap_build_conf_req()
3312 l2cap_add_conf_opt(&ptr, L2CAP_CONF_MTU, 2, chan->imtu, in l2cap_build_conf_req()
3313 endptr - ptr); in l2cap_build_conf_req()
3316 switch (chan->mode) { in l2cap_build_conf_req()
3321 if (!(chan->conn->feat_mask & L2CAP_FEAT_ERTM) && in l2cap_build_conf_req()
3322 !(chan->conn->feat_mask & L2CAP_FEAT_STREAMING)) in l2cap_build_conf_req()
3333 (unsigned long) &rfc, endptr - ptr); in l2cap_build_conf_req()
3338 rfc.max_transmit = chan->max_tx; in l2cap_build_conf_req()
3342 size = min_t(u16, L2CAP_DEFAULT_MAX_PDU_SIZE, chan->conn->mtu - in l2cap_build_conf_req()
3343 L2CAP_EXT_HDR_SIZE - L2CAP_SDULEN_SIZE - in l2cap_build_conf_req()
3349 rfc.txwin_size = min_t(u16, chan->tx_win, in l2cap_build_conf_req()
3353 (unsigned long) &rfc, endptr - ptr); in l2cap_build_conf_req()
3355 if (test_bit(FLAG_EFS_ENABLE, &chan->flags)) in l2cap_build_conf_req()
3356 l2cap_add_opt_efs(&ptr, chan, endptr - ptr); in l2cap_build_conf_req()
3358 if (test_bit(FLAG_EXT_CTRL, &chan->flags)) in l2cap_build_conf_req()
3360 chan->tx_win, endptr - ptr); in l2cap_build_conf_req()
3362 if (chan->conn->feat_mask & L2CAP_FEAT_FCS) in l2cap_build_conf_req()
3363 if (chan->fcs == L2CAP_FCS_NONE || in l2cap_build_conf_req()
3364 test_bit(CONF_RECV_NO_FCS, &chan->conf_state)) { in l2cap_build_conf_req()
3365 chan->fcs = L2CAP_FCS_NONE; in l2cap_build_conf_req()
3367 chan->fcs, endptr - ptr); in l2cap_build_conf_req()
3379 size = min_t(u16, L2CAP_DEFAULT_MAX_PDU_SIZE, chan->conn->mtu - in l2cap_build_conf_req()
3380 L2CAP_EXT_HDR_SIZE - L2CAP_SDULEN_SIZE - in l2cap_build_conf_req()
3385 (unsigned long) &rfc, endptr - ptr); in l2cap_build_conf_req()
3387 if (test_bit(FLAG_EFS_ENABLE, &chan->flags)) in l2cap_build_conf_req()
3388 l2cap_add_opt_efs(&ptr, chan, endptr - ptr); in l2cap_build_conf_req()
3390 if (chan->conn->feat_mask & L2CAP_FEAT_FCS) in l2cap_build_conf_req()
3391 if (chan->fcs == L2CAP_FCS_NONE || in l2cap_build_conf_req()
3392 test_bit(CONF_RECV_NO_FCS, &chan->conf_state)) { in l2cap_build_conf_req()
3393 chan->fcs = L2CAP_FCS_NONE; in l2cap_build_conf_req()
3395 chan->fcs, endptr - ptr); in l2cap_build_conf_req()
3400 req->dcid = cpu_to_le16(chan->dcid); in l2cap_build_conf_req()
3401 req->flags = cpu_to_le16(0); in l2cap_build_conf_req()
3403 return ptr - data; in l2cap_build_conf_req()
3409 void *ptr = rsp->data; in l2cap_parse_conf_req()
3411 void *req = chan->conf_req; in l2cap_parse_conf_req()
3412 int len = chan->conf_len; in l2cap_parse_conf_req()
3425 len -= l2cap_get_conf_opt(&req, &type, &olen, &val); in l2cap_parse_conf_req()
3442 chan->flush_to = val; in l2cap_parse_conf_req()
3458 set_bit(CONF_RECV_NO_FCS, &chan->conf_state); in l2cap_parse_conf_req()
3471 return -ECONNREFUSED; in l2cap_parse_conf_req()
3477 l2cap_add_conf_opt(&ptr, (u8)type, sizeof(u8), type, endptr - ptr); in l2cap_parse_conf_req()
3482 if (chan->num_conf_rsp || chan->num_conf_req > 1) in l2cap_parse_conf_req()
3485 switch (chan->mode) { in l2cap_parse_conf_req()
3488 if (!test_bit(CONF_STATE2_DEVICE, &chan->conf_state)) { in l2cap_parse_conf_req()
3489 chan->mode = l2cap_select_mode(rfc.mode, in l2cap_parse_conf_req()
3490 chan->conn->feat_mask); in l2cap_parse_conf_req()
3495 if (__l2cap_efs_supported(chan->conn)) in l2cap_parse_conf_req()
3496 set_bit(FLAG_EFS_ENABLE, &chan->flags); in l2cap_parse_conf_req()
3498 return -ECONNREFUSED; in l2cap_parse_conf_req()
3501 if (chan->mode != rfc.mode) in l2cap_parse_conf_req()
3502 return -ECONNREFUSED; in l2cap_parse_conf_req()
3508 if (chan->mode != rfc.mode) { in l2cap_parse_conf_req()
3510 rfc.mode = chan->mode; in l2cap_parse_conf_req()
3512 if (chan->num_conf_rsp == 1) in l2cap_parse_conf_req()
3513 return -ECONNREFUSED; in l2cap_parse_conf_req()
3516 (unsigned long) &rfc, endptr - ptr); in l2cap_parse_conf_req()
3539 if (chan->mode == L2CAP_MODE_ERTM && in l2cap_parse_conf_req()
3540 chan->omtu && chan->omtu != L2CAP_DEFAULT_MTU) in l2cap_parse_conf_req()
3541 mtu = chan->omtu; in l2cap_parse_conf_req()
3549 chan->omtu = mtu; in l2cap_parse_conf_req()
3550 set_bit(CONF_MTU_DONE, &chan->conf_state); in l2cap_parse_conf_req()
3552 l2cap_add_conf_opt(&ptr, L2CAP_CONF_MTU, 2, chan->omtu, endptr - ptr); in l2cap_parse_conf_req()
3555 if (chan->local_stype != L2CAP_SERV_NOTRAFIC && in l2cap_parse_conf_req()
3557 efs.stype != chan->local_stype) { in l2cap_parse_conf_req()
3561 if (chan->num_conf_req >= 1) in l2cap_parse_conf_req()
3562 return -ECONNREFUSED; in l2cap_parse_conf_req()
3566 (unsigned long) &efs, endptr - ptr); in l2cap_parse_conf_req()
3570 set_bit(CONF_LOC_CONF_PEND, &chan->conf_state); in l2cap_parse_conf_req()
3576 chan->fcs = L2CAP_FCS_NONE; in l2cap_parse_conf_req()
3577 set_bit(CONF_MODE_DONE, &chan->conf_state); in l2cap_parse_conf_req()
3581 if (!test_bit(CONF_EWS_RECV, &chan->conf_state)) in l2cap_parse_conf_req()
3582 chan->remote_tx_win = rfc.txwin_size; in l2cap_parse_conf_req()
3586 chan->remote_max_tx = rfc.max_transmit; in l2cap_parse_conf_req()
3589 chan->conn->mtu - L2CAP_EXT_HDR_SIZE - in l2cap_parse_conf_req()
3590 L2CAP_SDULEN_SIZE - L2CAP_FCS_SIZE); in l2cap_parse_conf_req()
3592 chan->remote_mps = size; in l2cap_parse_conf_req()
3596 set_bit(CONF_MODE_DONE, &chan->conf_state); in l2cap_parse_conf_req()
3599 sizeof(rfc), (unsigned long) &rfc, endptr - ptr); in l2cap_parse_conf_req()
3602 test_bit(FLAG_EFS_ENABLE, &chan->flags)) { in l2cap_parse_conf_req()
3603 chan->remote_id = efs.id; in l2cap_parse_conf_req()
3604 chan->remote_stype = efs.stype; in l2cap_parse_conf_req()
3605 chan->remote_msdu = le16_to_cpu(efs.msdu); in l2cap_parse_conf_req()
3606 chan->remote_flush_to = in l2cap_parse_conf_req()
3608 chan->remote_acc_lat = in l2cap_parse_conf_req()
3610 chan->remote_sdu_itime = in l2cap_parse_conf_req()
3614 (unsigned long) &efs, endptr - ptr); in l2cap_parse_conf_req()
3620 chan->conn->mtu - L2CAP_EXT_HDR_SIZE - in l2cap_parse_conf_req()
3621 L2CAP_SDULEN_SIZE - L2CAP_FCS_SIZE); in l2cap_parse_conf_req()
3623 chan->remote_mps = size; in l2cap_parse_conf_req()
3625 set_bit(CONF_MODE_DONE, &chan->conf_state); in l2cap_parse_conf_req()
3628 (unsigned long) &rfc, endptr - ptr); in l2cap_parse_conf_req()
3636 rfc.mode = chan->mode; in l2cap_parse_conf_req()
3640 set_bit(CONF_OUTPUT_DONE, &chan->conf_state); in l2cap_parse_conf_req()
3642 rsp->scid = cpu_to_le16(chan->dcid); in l2cap_parse_conf_req()
3643 rsp->result = cpu_to_le16(result); in l2cap_parse_conf_req()
3644 rsp->flags = cpu_to_le16(0); in l2cap_parse_conf_req()
3646 return ptr - data; in l2cap_parse_conf_req()
3653 void *ptr = req->data; in l2cap_parse_conf_rsp()
3663 len -= l2cap_get_conf_opt(&rsp, &type, &olen, &val); in l2cap_parse_conf_rsp()
3673 chan->imtu = L2CAP_DEFAULT_MIN_MTU; in l2cap_parse_conf_rsp()
3675 chan->imtu = val; in l2cap_parse_conf_rsp()
3676 l2cap_add_conf_opt(&ptr, L2CAP_CONF_MTU, 2, chan->imtu, in l2cap_parse_conf_rsp()
3677 endptr - ptr); in l2cap_parse_conf_rsp()
3683 chan->flush_to = val; in l2cap_parse_conf_rsp()
3685 chan->flush_to, endptr - ptr); in l2cap_parse_conf_rsp()
3692 if (test_bit(CONF_STATE2_DEVICE, &chan->conf_state) && in l2cap_parse_conf_rsp()
3693 rfc.mode != chan->mode) in l2cap_parse_conf_rsp()
3694 return -ECONNREFUSED; in l2cap_parse_conf_rsp()
3695 chan->fcs = 0; in l2cap_parse_conf_rsp()
3697 (unsigned long) &rfc, endptr - ptr); in l2cap_parse_conf_rsp()
3703 chan->ack_win = min_t(u16, val, chan->ack_win); in l2cap_parse_conf_rsp()
3705 chan->tx_win, endptr - ptr); in l2cap_parse_conf_rsp()
3712 if (chan->local_stype != L2CAP_SERV_NOTRAFIC && in l2cap_parse_conf_rsp()
3714 efs.stype != chan->local_stype) in l2cap_parse_conf_rsp()
3715 return -ECONNREFUSED; in l2cap_parse_conf_rsp()
3717 (unsigned long) &efs, endptr - ptr); in l2cap_parse_conf_rsp()
3726 &chan->conf_state); in l2cap_parse_conf_rsp()
3731 if (chan->mode == L2CAP_MODE_BASIC && chan->mode != rfc.mode) in l2cap_parse_conf_rsp()
3732 return -ECONNREFUSED; in l2cap_parse_conf_rsp()
3734 chan->mode = rfc.mode; in l2cap_parse_conf_rsp()
3739 chan->retrans_timeout = le16_to_cpu(rfc.retrans_timeout); in l2cap_parse_conf_rsp()
3740 chan->monitor_timeout = le16_to_cpu(rfc.monitor_timeout); in l2cap_parse_conf_rsp()
3741 chan->mps = le16_to_cpu(rfc.max_pdu_size); in l2cap_parse_conf_rsp()
3742 if (!test_bit(FLAG_EXT_CTRL, &chan->flags)) in l2cap_parse_conf_rsp()
3743 chan->ack_win = min_t(u16, chan->ack_win, in l2cap_parse_conf_rsp()
3746 if (test_bit(FLAG_EFS_ENABLE, &chan->flags)) { in l2cap_parse_conf_rsp()
3747 chan->local_msdu = le16_to_cpu(efs.msdu); in l2cap_parse_conf_rsp()
3748 chan->local_sdu_itime = in l2cap_parse_conf_rsp()
3750 chan->local_acc_lat = le32_to_cpu(efs.acc_lat); in l2cap_parse_conf_rsp()
3751 chan->local_flush_to = in l2cap_parse_conf_rsp()
3757 chan->mps = le16_to_cpu(rfc.max_pdu_size); in l2cap_parse_conf_rsp()
3761 req->dcid = cpu_to_le16(chan->dcid); in l2cap_parse_conf_rsp()
3762 req->flags = cpu_to_le16(0); in l2cap_parse_conf_rsp()
3764 return ptr - data; in l2cap_parse_conf_rsp()
3771 void *ptr = rsp->data; in l2cap_build_conf_rsp()
3775 rsp->scid = cpu_to_le16(chan->dcid); in l2cap_build_conf_rsp()
3776 rsp->result = cpu_to_le16(result); in l2cap_build_conf_rsp()
3777 rsp->flags = cpu_to_le16(flags); in l2cap_build_conf_rsp()
3779 return ptr - data; in l2cap_build_conf_rsp()
3785 struct l2cap_conn *conn = chan->conn; in __l2cap_le_connect_rsp_defer()
3789 rsp.dcid = cpu_to_le16(chan->scid); in __l2cap_le_connect_rsp_defer()
3790 rsp.mtu = cpu_to_le16(chan->imtu); in __l2cap_le_connect_rsp_defer()
3791 rsp.mps = cpu_to_le16(chan->mps); in __l2cap_le_connect_rsp_defer()
3792 rsp.credits = cpu_to_le16(chan->rx_credits); in __l2cap_le_connect_rsp_defer()
3795 l2cap_send_cmd(conn, chan->ident, L2CAP_LE_CONN_RSP, sizeof(rsp), in __l2cap_le_connect_rsp_defer()
3803 if (*result || test_bit(FLAG_ECRED_CONN_REQ_SENT, &chan->flags)) in l2cap_ecred_list_defer()
3806 switch (chan->state) { in l2cap_ecred_list_defer()
3815 *result = -ECONNREFUSED; in l2cap_ecred_list_defer()
3832 container_of(&rsp->pdu.rsp, struct l2cap_ecred_conn_rsp, hdr); in l2cap_ecred_rsp_defer()
3837 if (test_bit(FLAG_ECRED_CONN_REQ_SENT, &chan->flags) || in l2cap_ecred_rsp_defer()
3838 !test_and_clear_bit(FLAG_DEFER_SETUP, &chan->flags)) in l2cap_ecred_rsp_defer()
3842 chan->ident = 0; in l2cap_ecred_rsp_defer()
3845 if (!rsp->pdu.rsp.result) in l2cap_ecred_rsp_defer()
3846 rsp_flex->dcid[rsp->count++] = cpu_to_le16(chan->scid); in l2cap_ecred_rsp_defer()
3853 struct l2cap_conn *conn = chan->conn; in __l2cap_ecred_conn_rsp_defer()
3855 u16 id = chan->ident; in __l2cap_ecred_conn_rsp_defer()
3865 data.pdu.rsp.mtu = cpu_to_le16(chan->imtu); in __l2cap_ecred_conn_rsp_defer()
3866 data.pdu.rsp.mps = cpu_to_le16(chan->mps); in __l2cap_ecred_conn_rsp_defer()
3867 data.pdu.rsp.credits = cpu_to_le16(chan->rx_credits); in __l2cap_ecred_conn_rsp_defer()
3890 struct l2cap_conn *conn = chan->conn; in __l2cap_connect_rsp_defer()
3894 rsp.scid = cpu_to_le16(chan->dcid); in __l2cap_connect_rsp_defer()
3895 rsp.dcid = cpu_to_le16(chan->scid); in __l2cap_connect_rsp_defer()
3902 l2cap_send_cmd(conn, chan->ident, rsp_code, sizeof(rsp), &rsp); in __l2cap_connect_rsp_defer()
3904 if (test_and_set_bit(CONF_REQ_SENT, &chan->conf_state)) in __l2cap_connect_rsp_defer()
3909 chan->num_conf_req++; in __l2cap_connect_rsp_defer()
3919 u16 txwin_ext = chan->ack_win; in l2cap_conf_rfc_get()
3921 .mode = chan->mode, in l2cap_conf_rfc_get()
3924 .max_pdu_size = cpu_to_le16(chan->imtu), in l2cap_conf_rfc_get()
3925 .txwin_size = min_t(u16, chan->ack_win, L2CAP_DEFAULT_TX_WINDOW), in l2cap_conf_rfc_get()
3930 if ((chan->mode != L2CAP_MODE_ERTM) && (chan->mode != L2CAP_MODE_STREAMING)) in l2cap_conf_rfc_get()
3934 len -= l2cap_get_conf_opt(&rsp, &type, &olen, &val); in l2cap_conf_rfc_get()
3954 chan->retrans_timeout = le16_to_cpu(rfc.retrans_timeout); in l2cap_conf_rfc_get()
3955 chan->monitor_timeout = le16_to_cpu(rfc.monitor_timeout); in l2cap_conf_rfc_get()
3956 chan->mps = le16_to_cpu(rfc.max_pdu_size); in l2cap_conf_rfc_get()
3957 if (test_bit(FLAG_EXT_CTRL, &chan->flags)) in l2cap_conf_rfc_get()
3958 chan->ack_win = min_t(u16, chan->ack_win, txwin_ext); in l2cap_conf_rfc_get()
3960 chan->ack_win = min_t(u16, chan->ack_win, in l2cap_conf_rfc_get()
3964 chan->mps = le16_to_cpu(rfc.max_pdu_size); in l2cap_conf_rfc_get()
3975 return -EPROTO; in l2cap_command_rej()
3977 if (rej->reason != L2CAP_REJ_NOT_UNDERSTOOD) in l2cap_command_rej()
3980 if ((conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_SENT) && in l2cap_command_rej()
3981 cmd->ident == conn->info_ident) { in l2cap_command_rej()
3982 cancel_delayed_work(&conn->info_timer); in l2cap_command_rej()
3984 conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_DONE; in l2cap_command_rej()
3985 conn->info_ident = 0; in l2cap_command_rej()
4001 u16 dcid = 0, scid = __le16_to_cpu(req->scid); in l2cap_connect()
4002 __le16 psm = req->psm; in l2cap_connect()
4007 pchan = l2cap_global_chan_by_psm(BT_LISTEN, psm, &conn->hcon->src, in l2cap_connect()
4008 &conn->hcon->dst, ACL_LINK); in l2cap_connect()
4018 (!hci_conn_check_link_mode(conn->hcon) || in l2cap_connect()
4019 !l2cap_check_enc_key_size(conn->hcon, pchan))) { in l2cap_connect()
4020 conn->disc_reason = HCI_ERROR_AUTH_FAILURE; in l2cap_connect()
4039 chan = pchan->ops->new_connection(pchan); in l2cap_connect()
4048 conn->hcon->disc_timeout = HCI_DISCONN_TIMEOUT; in l2cap_connect()
4050 bacpy(&chan->src, &conn->hcon->src); in l2cap_connect()
4051 bacpy(&chan->dst, &conn->hcon->dst); in l2cap_connect()
4052 chan->src_type = bdaddr_src_type(conn->hcon); in l2cap_connect()
4053 chan->dst_type = bdaddr_dst_type(conn->hcon); in l2cap_connect()
4054 chan->psm = psm; in l2cap_connect()
4055 chan->dcid = scid; in l2cap_connect()
4059 dcid = chan->scid; in l2cap_connect()
4061 __set_chan_timer(chan, chan->ops->get_sndtimeo(chan)); in l2cap_connect()
4063 chan->ident = cmd->ident; in l2cap_connect()
4065 if (conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_DONE) { in l2cap_connect()
4067 if (test_bit(FLAG_DEFER_SETUP, &chan->flags)) { in l2cap_connect()
4071 chan->ops->defer(chan); in l2cap_connect()
4093 l2cap_send_cmd(conn, cmd->ident, rsp_code, sizeof(rsp), &rsp); in l2cap_connect()
4102 conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_SENT; in l2cap_connect()
4103 conn->info_ident = l2cap_get_ident(conn); in l2cap_connect()
4105 schedule_delayed_work(&conn->info_timer, L2CAP_INFO_TIMEOUT); in l2cap_connect()
4107 l2cap_send_cmd(conn, conn->info_ident, L2CAP_INFO_REQ, in l2cap_connect()
4111 if (chan && !test_bit(CONF_REQ_SENT, &chan->conf_state) && in l2cap_connect()
4114 set_bit(CONF_REQ_SENT, &chan->conf_state); in l2cap_connect()
4117 chan->num_conf_req++; in l2cap_connect()
4128 return -EPROTO; in l2cap_connect_req()
4145 return -EPROTO; in l2cap_connect_create_rsp()
4147 scid = __le16_to_cpu(rsp->scid); in l2cap_connect_create_rsp()
4148 dcid = __le16_to_cpu(rsp->dcid); in l2cap_connect_create_rsp()
4149 result = __le16_to_cpu(rsp->result); in l2cap_connect_create_rsp()
4150 status = __le16_to_cpu(rsp->status); in l2cap_connect_create_rsp()
4154 return -EPROTO; in l2cap_connect_create_rsp()
4162 return -EBADSLT; in l2cap_connect_create_rsp()
4164 chan = __l2cap_get_chan_by_ident(conn, cmd->ident); in l2cap_connect_create_rsp()
4166 return -EBADSLT; in l2cap_connect_create_rsp()
4171 return -EBADSLT; in l2cap_connect_create_rsp()
4180 err = -EBADSLT; in l2cap_connect_create_rsp()
4185 chan->ident = 0; in l2cap_connect_create_rsp()
4186 chan->dcid = dcid; in l2cap_connect_create_rsp()
4187 clear_bit(CONF_CONNECT_PEND, &chan->conf_state); in l2cap_connect_create_rsp()
4189 if (test_and_set_bit(CONF_REQ_SENT, &chan->conf_state)) in l2cap_connect_create_rsp()
4194 chan->num_conf_req++; in l2cap_connect_create_rsp()
4198 set_bit(CONF_CONNECT_PEND, &chan->conf_state); in l2cap_connect_create_rsp()
4217 if (chan->mode != L2CAP_MODE_ERTM && chan->mode != L2CAP_MODE_STREAMING) in set_default_fcs()
4218 chan->fcs = L2CAP_FCS_NONE; in set_default_fcs()
4219 else if (!test_bit(CONF_RECV_NO_FCS, &chan->conf_state)) in set_default_fcs()
4220 chan->fcs = L2CAP_FCS_CRC16; in set_default_fcs()
4226 struct l2cap_conn *conn = chan->conn; in l2cap_send_efs_conf_rsp()
4231 clear_bit(CONF_LOC_CONF_PEND, &chan->conf_state); in l2cap_send_efs_conf_rsp()
4232 set_bit(CONF_OUTPUT_DONE, &chan->conf_state); in l2cap_send_efs_conf_rsp()
4262 return -EPROTO; in l2cap_config_req()
4264 dcid = __le16_to_cpu(req->dcid); in l2cap_config_req()
4265 flags = __le16_to_cpu(req->flags); in l2cap_config_req()
4271 cmd_reject_invalid_cid(conn, cmd->ident, dcid, 0); in l2cap_config_req()
4275 if (chan->state != BT_CONFIG && chan->state != BT_CONNECT2 && in l2cap_config_req()
4276 chan->state != BT_CONNECTED) { in l2cap_config_req()
4277 cmd_reject_invalid_cid(conn, cmd->ident, chan->scid, in l2cap_config_req()
4278 chan->dcid); in l2cap_config_req()
4283 len = cmd_len - sizeof(*req); in l2cap_config_req()
4284 if (chan->conf_len + len > sizeof(chan->conf_req)) { in l2cap_config_req()
4285 l2cap_send_cmd(conn, cmd->ident, L2CAP_CONF_RSP, in l2cap_config_req()
4292 memcpy(chan->conf_req + chan->conf_len, req->data, len); in l2cap_config_req()
4293 chan->conf_len += len; in l2cap_config_req()
4297 l2cap_send_cmd(conn, cmd->ident, L2CAP_CONF_RSP, in l2cap_config_req()
4310 chan->ident = cmd->ident; in l2cap_config_req()
4311 l2cap_send_cmd(conn, cmd->ident, L2CAP_CONF_RSP, len, rsp); in l2cap_config_req()
4312 if (chan->num_conf_rsp < L2CAP_CONF_MAX_CONF_RSP) in l2cap_config_req()
4313 chan->num_conf_rsp++; in l2cap_config_req()
4316 chan->conf_len = 0; in l2cap_config_req()
4318 if (!test_bit(CONF_OUTPUT_DONE, &chan->conf_state)) in l2cap_config_req()
4321 if (test_bit(CONF_INPUT_DONE, &chan->conf_state)) { in l2cap_config_req()
4324 if (chan->mode == L2CAP_MODE_ERTM || in l2cap_config_req()
4325 chan->mode == L2CAP_MODE_STREAMING) in l2cap_config_req()
4329 l2cap_send_disconn_req(chan, -err); in l2cap_config_req()
4336 if (!test_and_set_bit(CONF_REQ_SENT, &chan->conf_state)) { in l2cap_config_req()
4340 chan->num_conf_req++; in l2cap_config_req()
4345 if (test_bit(CONF_REM_CONF_PEND, &chan->conf_state) && in l2cap_config_req()
4346 test_bit(CONF_LOC_CONF_PEND, &chan->conf_state)) { in l2cap_config_req()
4351 l2cap_send_efs_conf_rsp(chan, rsp, cmd->ident, flags); in l2cap_config_req()
4367 int len = cmd_len - sizeof(*rsp); in l2cap_config_rsp()
4371 return -EPROTO; in l2cap_config_rsp()
4373 scid = __le16_to_cpu(rsp->scid); in l2cap_config_rsp()
4374 flags = __le16_to_cpu(rsp->flags); in l2cap_config_rsp()
4375 result = __le16_to_cpu(rsp->result); in l2cap_config_rsp()
4386 l2cap_conf_rfc_get(chan, rsp->data, len); in l2cap_config_rsp()
4387 clear_bit(CONF_REM_CONF_PEND, &chan->conf_state); in l2cap_config_rsp()
4391 set_bit(CONF_REM_CONF_PEND, &chan->conf_state); in l2cap_config_rsp()
4393 if (test_bit(CONF_LOC_CONF_PEND, &chan->conf_state)) { in l2cap_config_rsp()
4396 len = l2cap_parse_conf_rsp(chan, rsp->data, len, in l2cap_config_rsp()
4403 l2cap_send_efs_conf_rsp(chan, buf, cmd->ident, 0); in l2cap_config_rsp()
4409 if (chan->num_conf_rsp <= L2CAP_CONF_MAX_CONF_RSP) { in l2cap_config_rsp()
4412 if (len > sizeof(req) - sizeof(struct l2cap_conf_req)) { in l2cap_config_rsp()
4419 len = l2cap_parse_conf_rsp(chan, rsp->data, len, in l2cap_config_rsp()
4428 chan->num_conf_req++; in l2cap_config_rsp()
4446 set_bit(CONF_INPUT_DONE, &chan->conf_state); in l2cap_config_rsp()
4448 if (test_bit(CONF_OUTPUT_DONE, &chan->conf_state)) { in l2cap_config_rsp()
4451 if (chan->mode == L2CAP_MODE_ERTM || in l2cap_config_rsp()
4452 chan->mode == L2CAP_MODE_STREAMING) in l2cap_config_rsp()
4456 l2cap_send_disconn_req(chan, -err); in l2cap_config_rsp()
4477 return -EPROTO; in l2cap_disconnect_req()
4479 scid = __le16_to_cpu(req->scid); in l2cap_disconnect_req()
4480 dcid = __le16_to_cpu(req->dcid); in l2cap_disconnect_req()
4486 cmd_reject_invalid_cid(conn, cmd->ident, dcid, scid); in l2cap_disconnect_req()
4490 rsp.dcid = cpu_to_le16(chan->scid); in l2cap_disconnect_req()
4491 rsp.scid = cpu_to_le16(chan->dcid); in l2cap_disconnect_req()
4492 l2cap_send_cmd(conn, cmd->ident, L2CAP_DISCONN_RSP, sizeof(rsp), &rsp); in l2cap_disconnect_req()
4494 chan->ops->set_shutdown(chan); in l2cap_disconnect_req()
4498 chan->ops->close(chan); in l2cap_disconnect_req()
4515 return -EPROTO; in l2cap_disconnect_rsp()
4517 scid = __le16_to_cpu(rsp->scid); in l2cap_disconnect_rsp()
4518 dcid = __le16_to_cpu(rsp->dcid); in l2cap_disconnect_rsp()
4527 if (chan->state != BT_DISCONN) { in l2cap_disconnect_rsp()
4535 chan->ops->close(chan); in l2cap_disconnect_rsp()
4551 return -EPROTO; in l2cap_information_req()
4553 type = __le16_to_cpu(req->type); in l2cap_information_req()
4561 rsp->type = cpu_to_le16(L2CAP_IT_FEAT_MASK); in l2cap_information_req()
4562 rsp->result = cpu_to_le16(L2CAP_IR_SUCCESS); in l2cap_information_req()
4567 put_unaligned_le32(feat_mask, rsp->data); in l2cap_information_req()
4568 l2cap_send_cmd(conn, cmd->ident, L2CAP_INFO_RSP, sizeof(buf), in l2cap_information_req()
4574 rsp->type = cpu_to_le16(L2CAP_IT_FIXED_CHAN); in l2cap_information_req()
4575 rsp->result = cpu_to_le16(L2CAP_IR_SUCCESS); in l2cap_information_req()
4576 rsp->data[0] = conn->local_fixed_chan; in l2cap_information_req()
4577 memset(rsp->data + 1, 0, 7); in l2cap_information_req()
4578 l2cap_send_cmd(conn, cmd->ident, L2CAP_INFO_RSP, sizeof(buf), in l2cap_information_req()
4584 l2cap_send_cmd(conn, cmd->ident, L2CAP_INFO_RSP, sizeof(rsp), in l2cap_information_req()
4599 return -EPROTO; in l2cap_information_rsp()
4601 type = __le16_to_cpu(rsp->type); in l2cap_information_rsp()
4602 result = __le16_to_cpu(rsp->result); in l2cap_information_rsp()
4607 if (cmd->ident != conn->info_ident || in l2cap_information_rsp()
4608 conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_DONE) in l2cap_information_rsp()
4611 cancel_delayed_work(&conn->info_timer); in l2cap_information_rsp()
4614 conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_DONE; in l2cap_information_rsp()
4615 conn->info_ident = 0; in l2cap_information_rsp()
4624 conn->feat_mask = get_unaligned_le32(rsp->data); in l2cap_information_rsp()
4626 if (conn->feat_mask & L2CAP_FEAT_FIXED_CHAN) { in l2cap_information_rsp()
4630 conn->info_ident = l2cap_get_ident(conn); in l2cap_information_rsp()
4632 l2cap_send_cmd(conn, conn->info_ident, in l2cap_information_rsp()
4635 conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_DONE; in l2cap_information_rsp()
4636 conn->info_ident = 0; in l2cap_information_rsp()
4643 conn->remote_fixed_chan = rsp->data[0]; in l2cap_information_rsp()
4644 conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_DONE; in l2cap_information_rsp()
4645 conn->info_ident = 0; in l2cap_information_rsp()
4658 struct hci_conn *hcon = conn->hcon; in l2cap_conn_param_update_req()
4664 if (hcon->role != HCI_ROLE_MASTER) in l2cap_conn_param_update_req()
4665 return -EINVAL; in l2cap_conn_param_update_req()
4668 return -EPROTO; in l2cap_conn_param_update_req()
4671 min = __le16_to_cpu(req->min); in l2cap_conn_param_update_req()
4672 max = __le16_to_cpu(req->max); in l2cap_conn_param_update_req()
4673 latency = __le16_to_cpu(req->latency); in l2cap_conn_param_update_req()
4674 to_multiplier = __le16_to_cpu(req->to_multiplier); in l2cap_conn_param_update_req()
4687 l2cap_send_cmd(conn, cmd->ident, L2CAP_CONN_PARAM_UPDATE_RSP, in l2cap_conn_param_update_req()
4695 mgmt_new_conn_param(hcon->hdev, &hcon->dst, hcon->dst_type, in l2cap_conn_param_update_req()
4709 struct hci_conn *hcon = conn->hcon; in l2cap_le_connect_rsp()
4715 return -EPROTO; in l2cap_le_connect_rsp()
4717 dcid = __le16_to_cpu(rsp->dcid); in l2cap_le_connect_rsp()
4718 mtu = __le16_to_cpu(rsp->mtu); in l2cap_le_connect_rsp()
4719 mps = __le16_to_cpu(rsp->mps); in l2cap_le_connect_rsp()
4720 credits = __le16_to_cpu(rsp->credits); in l2cap_le_connect_rsp()
4721 result = __le16_to_cpu(rsp->result); in l2cap_le_connect_rsp()
4726 return -EPROTO; in l2cap_le_connect_rsp()
4731 chan = __l2cap_get_chan_by_ident(conn, cmd->ident); in l2cap_le_connect_rsp()
4733 return -EBADSLT; in l2cap_le_connect_rsp()
4742 err = -EBADSLT; in l2cap_le_connect_rsp()
4746 chan->ident = 0; in l2cap_le_connect_rsp()
4747 chan->dcid = dcid; in l2cap_le_connect_rsp()
4748 chan->omtu = mtu; in l2cap_le_connect_rsp()
4749 chan->remote_mps = mps; in l2cap_le_connect_rsp()
4750 chan->tx_credits = credits; in l2cap_le_connect_rsp()
4759 if (hcon->sec_level > BT_SECURITY_MEDIUM) { in l2cap_le_connect_rsp()
4764 sec_level = hcon->sec_level + 1; in l2cap_le_connect_rsp()
4765 if (chan->sec_level < sec_level) in l2cap_le_connect_rsp()
4766 chan->sec_level = sec_level; in l2cap_le_connect_rsp()
4769 clear_bit(FLAG_LE_CONN_REQ_SENT, &chan->flags); in l2cap_le_connect_rsp()
4771 smp_conn_security(hcon, chan->sec_level); in l2cap_le_connect_rsp()
4790 switch (cmd->code) { in l2cap_bredr_sig_cmd()
4820 l2cap_send_cmd(conn, cmd->ident, L2CAP_ECHO_RSP, cmd_len, data); in l2cap_bredr_sig_cmd()
4835 BT_ERR("Unknown BR/EDR signaling command 0x%2.2x", cmd->code); in l2cap_bredr_sig_cmd()
4836 err = -EINVAL; in l2cap_bredr_sig_cmd()
4855 return -EPROTO; in l2cap_le_connect_req()
4857 scid = __le16_to_cpu(req->scid); in l2cap_le_connect_req()
4858 mtu = __le16_to_cpu(req->mtu); in l2cap_le_connect_req()
4859 mps = __le16_to_cpu(req->mps); in l2cap_le_connect_req()
4860 psm = req->psm; in l2cap_le_connect_req()
4865 return -EPROTO; in l2cap_le_connect_req()
4873 * Valid range: 0x0001-0x00ff in l2cap_le_connect_req()
4884 pchan = l2cap_global_chan_by_psm(BT_LISTEN, psm, &conn->hcon->src, in l2cap_le_connect_req()
4885 &conn->hcon->dst, LE_LINK); in l2cap_le_connect_req()
4894 if (!smp_sufficient_security(conn->hcon, pchan->sec_level, in l2cap_le_connect_req()
4896 result = pchan->sec_level == BT_SECURITY_MEDIUM ? in l2cap_le_connect_req()
4916 chan = pchan->ops->new_connection(pchan); in l2cap_le_connect_req()
4922 bacpy(&chan->src, &conn->hcon->src); in l2cap_le_connect_req()
4923 bacpy(&chan->dst, &conn->hcon->dst); in l2cap_le_connect_req()
4924 chan->src_type = bdaddr_src_type(conn->hcon); in l2cap_le_connect_req()
4925 chan->dst_type = bdaddr_dst_type(conn->hcon); in l2cap_le_connect_req()
4926 chan->psm = psm; in l2cap_le_connect_req()
4927 chan->dcid = scid; in l2cap_le_connect_req()
4928 chan->omtu = mtu; in l2cap_le_connect_req()
4929 chan->remote_mps = mps; in l2cap_le_connect_req()
4933 l2cap_le_flowctl_init(chan, __le16_to_cpu(req->credits)); in l2cap_le_connect_req()
4935 dcid = chan->scid; in l2cap_le_connect_req()
4936 credits = chan->rx_credits; in l2cap_le_connect_req()
4938 __set_chan_timer(chan, chan->ops->get_sndtimeo(chan)); in l2cap_le_connect_req()
4940 chan->ident = cmd->ident; in l2cap_le_connect_req()
4942 if (test_bit(FLAG_DEFER_SETUP, &chan->flags)) { in l2cap_le_connect_req()
4950 chan->ops->defer(chan); in l2cap_le_connect_req()
4965 rsp.mtu = cpu_to_le16(chan->imtu); in l2cap_le_connect_req()
4966 rsp.mps = cpu_to_le16(chan->mps); in l2cap_le_connect_req()
4976 l2cap_send_cmd(conn, cmd->ident, L2CAP_LE_CONN_RSP, sizeof(rsp), &rsp); in l2cap_le_connect_req()
4990 return -EPROTO; in l2cap_le_credits()
4993 cid = __le16_to_cpu(pkt->cid); in l2cap_le_credits()
4994 credits = __le16_to_cpu(pkt->credits); in l2cap_le_credits()
5000 return -EBADSLT; in l2cap_le_credits()
5002 max_credits = LE_FLOWCTL_MAX_CREDITS - chan->tx_credits; in l2cap_le_credits()
5013 chan->tx_credits += credits; in l2cap_le_credits()
5018 if (chan->tx_credits) in l2cap_le_credits()
5019 chan->ops->resume(chan); in l2cap_le_credits()
5042 return -EINVAL; in l2cap_ecred_conn_req()
5044 if (cmd_len < sizeof(*req) || (cmd_len - sizeof(*req)) % sizeof(u16)) { in l2cap_ecred_conn_req()
5049 cmd_len -= sizeof(*req); in l2cap_ecred_conn_req()
5057 mtu = __le16_to_cpu(req->mtu); in l2cap_ecred_conn_req()
5058 mps = __le16_to_cpu(req->mps); in l2cap_ecred_conn_req()
5065 psm = req->psm; in l2cap_ecred_conn_req()
5070 * Valid range: 0x0001-0x00ff in l2cap_ecred_conn_req()
5084 pchan = l2cap_global_chan_by_psm(BT_LISTEN, psm, &conn->hcon->src, in l2cap_ecred_conn_req()
5085 &conn->hcon->dst, LE_LINK); in l2cap_ecred_conn_req()
5093 if (!smp_sufficient_security(conn->hcon, pchan->sec_level, in l2cap_ecred_conn_req()
5102 u16 scid = __le16_to_cpu(req->scid[i]); in l2cap_ecred_conn_req()
5106 pdu->dcid[i] = 0x0000; in l2cap_ecred_conn_req()
5107 len += sizeof(*pdu->dcid); in l2cap_ecred_conn_req()
5121 chan = pchan->ops->new_connection(pchan); in l2cap_ecred_conn_req()
5127 bacpy(&chan->src, &conn->hcon->src); in l2cap_ecred_conn_req()
5128 bacpy(&chan->dst, &conn->hcon->dst); in l2cap_ecred_conn_req()
5129 chan->src_type = bdaddr_src_type(conn->hcon); in l2cap_ecred_conn_req()
5130 chan->dst_type = bdaddr_dst_type(conn->hcon); in l2cap_ecred_conn_req()
5131 chan->psm = psm; in l2cap_ecred_conn_req()
5132 chan->dcid = scid; in l2cap_ecred_conn_req()
5133 chan->omtu = mtu; in l2cap_ecred_conn_req()
5134 chan->remote_mps = mps; in l2cap_ecred_conn_req()
5138 l2cap_ecred_init(chan, __le16_to_cpu(req->credits)); in l2cap_ecred_conn_req()
5141 if (!pdu->credits) { in l2cap_ecred_conn_req()
5142 pdu->mtu = cpu_to_le16(chan->imtu); in l2cap_ecred_conn_req()
5143 pdu->mps = cpu_to_le16(chan->mps); in l2cap_ecred_conn_req()
5144 pdu->credits = cpu_to_le16(chan->rx_credits); in l2cap_ecred_conn_req()
5147 pdu->dcid[i] = cpu_to_le16(chan->scid); in l2cap_ecred_conn_req()
5149 __set_chan_timer(chan, chan->ops->get_sndtimeo(chan)); in l2cap_ecred_conn_req()
5151 chan->ident = cmd->ident; in l2cap_ecred_conn_req()
5152 chan->mode = L2CAP_MODE_EXT_FLOWCTL; in l2cap_ecred_conn_req()
5154 if (test_bit(FLAG_DEFER_SETUP, &chan->flags)) { in l2cap_ecred_conn_req()
5157 chan->ops->defer(chan); in l2cap_ecred_conn_req()
5168 pdu->result = cpu_to_le16(result); in l2cap_ecred_conn_req()
5173 l2cap_send_cmd(conn, cmd->ident, L2CAP_ECRED_CONN_RSP, in l2cap_ecred_conn_req()
5184 struct hci_conn *hcon = conn->hcon; in l2cap_ecred_conn_rsp()
5191 return -EPROTO; in l2cap_ecred_conn_rsp()
5193 mtu = __le16_to_cpu(rsp->mtu); in l2cap_ecred_conn_rsp()
5194 mps = __le16_to_cpu(rsp->mps); in l2cap_ecred_conn_rsp()
5195 credits = __le16_to_cpu(rsp->credits); in l2cap_ecred_conn_rsp()
5196 result = __le16_to_cpu(rsp->result); in l2cap_ecred_conn_rsp()
5201 cmd_len -= sizeof(*rsp); in l2cap_ecred_conn_rsp()
5203 list_for_each_entry_safe(chan, tmp, &conn->chan_l, list) { in l2cap_ecred_conn_rsp()
5206 if (chan->ident != cmd->ident || in l2cap_ecred_conn_rsp()
5207 chan->mode != L2CAP_MODE_EXT_FLOWCTL || in l2cap_ecred_conn_rsp()
5208 chan->state == BT_CONNECTED) in l2cap_ecred_conn_rsp()
5220 dcid = __le16_to_cpu(rsp->dcid[i++]); in l2cap_ecred_conn_rsp()
5221 cmd_len -= sizeof(u16); in l2cap_ecred_conn_rsp()
5229 * already-assigned Destination CID, then both the in l2cap_ecred_conn_rsp()
5248 if (hcon->sec_level > BT_SECURITY_MEDIUM) { in l2cap_ecred_conn_rsp()
5253 sec_level = hcon->sec_level + 1; in l2cap_ecred_conn_rsp()
5254 if (chan->sec_level < sec_level) in l2cap_ecred_conn_rsp()
5255 chan->sec_level = sec_level; in l2cap_ecred_conn_rsp()
5258 clear_bit(FLAG_ECRED_CONN_REQ_SENT, &chan->flags); in l2cap_ecred_conn_rsp()
5260 smp_conn_security(hcon, chan->sec_level); in l2cap_ecred_conn_rsp()
5274 chan->ident = 0; in l2cap_ecred_conn_rsp()
5275 chan->dcid = dcid; in l2cap_ecred_conn_rsp()
5276 chan->omtu = mtu; in l2cap_ecred_conn_rsp()
5277 chan->remote_mps = mps; in l2cap_ecred_conn_rsp()
5278 chan->tx_credits = credits; in l2cap_ecred_conn_rsp()
5300 return -EINVAL; in l2cap_ecred_reconf_req()
5302 if (cmd_len < sizeof(*req) || cmd_len - sizeof(*req) % sizeof(u16)) { in l2cap_ecred_reconf_req()
5307 mtu = __le16_to_cpu(req->mtu); in l2cap_ecred_reconf_req()
5308 mps = __le16_to_cpu(req->mps); in l2cap_ecred_reconf_req()
5322 cmd_len -= sizeof(*req); in l2cap_ecred_reconf_req()
5329 scid = __le16_to_cpu(req->scid[i]); in l2cap_ecred_reconf_req()
5331 return -EPROTO; in l2cap_ecred_reconf_req()
5341 if (chan->omtu > mtu) { in l2cap_ecred_reconf_req()
5342 BT_ERR("chan %p decreased MTU %u -> %u", chan, in l2cap_ecred_reconf_req()
5343 chan->omtu, mtu); in l2cap_ecred_reconf_req()
5347 chan->omtu = mtu; in l2cap_ecred_reconf_req()
5348 chan->remote_mps = mps; in l2cap_ecred_reconf_req()
5354 l2cap_send_cmd(conn, cmd->ident, L2CAP_ECRED_RECONF_RSP, sizeof(rsp), in l2cap_ecred_reconf_req()
5369 return -EPROTO; in l2cap_ecred_reconf_rsp()
5371 result = __le16_to_cpu(rsp->result); in l2cap_ecred_reconf_rsp()
5373 BT_DBG("result 0x%4.4x", rsp->result); in l2cap_ecred_reconf_rsp()
5378 list_for_each_entry_safe(chan, tmp, &conn->chan_l, list) { in l2cap_ecred_reconf_rsp()
5379 if (chan->ident != cmd->ident) in l2cap_ecred_reconf_rsp()
5396 return -EPROTO; in l2cap_le_command_rej()
5398 chan = __l2cap_get_chan_by_ident(conn, cmd->ident); in l2cap_le_command_rej()
5421 switch (cmd->code) { in l2cap_le_sig_cmd()
5470 BT_ERR("Unknown LE signaling command 0x%2.2x", cmd->code); in l2cap_le_sig_cmd()
5471 err = -EINVAL; in l2cap_le_sig_cmd()
5481 struct hci_conn *hcon = conn->hcon; in l2cap_le_sig_channel()
5486 if (hcon->type != LE_LINK) in l2cap_le_sig_channel()
5489 if (skb->len < L2CAP_CMD_HDR_SIZE) in l2cap_le_sig_channel()
5492 cmd = (void *) skb->data; in l2cap_le_sig_channel()
5495 len = le16_to_cpu(cmd->len); in l2cap_le_sig_channel()
5497 BT_DBG("code 0x%2.2x len %d id 0x%2.2x", cmd->code, len, cmd->ident); in l2cap_le_sig_channel()
5499 if (len != skb->len || !cmd->ident) { in l2cap_le_sig_channel()
5504 err = l2cap_le_sig_cmd(conn, cmd, len, skb->data); in l2cap_le_sig_channel()
5511 l2cap_send_cmd(conn, cmd->ident, L2CAP_COMMAND_REJ, in l2cap_le_sig_channel()
5530 struct hci_conn *hcon = conn->hcon; in l2cap_sig_channel()
5536 if (hcon->type != ACL_LINK) in l2cap_sig_channel()
5539 while (skb->len >= L2CAP_CMD_HDR_SIZE) { in l2cap_sig_channel()
5542 cmd = (void *) skb->data; in l2cap_sig_channel()
5545 len = le16_to_cpu(cmd->len); in l2cap_sig_channel()
5547 BT_DBG("code 0x%2.2x len %d id 0x%2.2x", cmd->code, len, in l2cap_sig_channel()
5548 cmd->ident); in l2cap_sig_channel()
5550 if (len > skb->len || !cmd->ident) { in l2cap_sig_channel()
5552 l2cap_sig_send_rej(conn, cmd->ident); in l2cap_sig_channel()
5553 skb_pull(skb, len > skb->len ? skb->len : len); in l2cap_sig_channel()
5557 err = l2cap_bredr_sig_cmd(conn, cmd, len, skb->data); in l2cap_sig_channel()
5560 l2cap_sig_send_rej(conn, cmd->ident); in l2cap_sig_channel()
5566 if (skb->len > 0) { in l2cap_sig_channel()
5580 if (test_bit(FLAG_EXT_CTRL, &chan->flags)) in l2cap_check_fcs()
5585 if (chan->fcs == L2CAP_FCS_CRC16) { in l2cap_check_fcs()
5586 skb_trim(skb, skb->len - L2CAP_FCS_SIZE); in l2cap_check_fcs()
5587 rcv_fcs = get_unaligned_le16(skb->data + skb->len); in l2cap_check_fcs()
5588 our_fcs = crc16(0, skb->data - hdr_size, skb->len + hdr_size); in l2cap_check_fcs()
5591 return -EBADMSG; in l2cap_check_fcs()
5605 control.reqseq = chan->buffer_seq; in l2cap_send_i_or_rr_or_rnr()
5606 set_bit(CONN_SEND_FBIT, &chan->conn_state); in l2cap_send_i_or_rr_or_rnr()
5608 if (test_bit(CONN_LOCAL_BUSY, &chan->conn_state)) { in l2cap_send_i_or_rr_or_rnr()
5609 control.super = L2CAP_SUPER_RNR; in l2cap_send_i_or_rr_or_rnr()
5613 if (test_and_clear_bit(CONN_REMOTE_BUSY, &chan->conn_state) && in l2cap_send_i_or_rr_or_rnr()
5614 chan->unacked_frames > 0) in l2cap_send_i_or_rr_or_rnr()
5620 if (!test_bit(CONN_LOCAL_BUSY, &chan->conn_state) && in l2cap_send_i_or_rr_or_rnr()
5621 test_bit(CONN_SEND_FBIT, &chan->conn_state)) { in l2cap_send_i_or_rr_or_rnr()
5622 /* F-bit wasn't sent in an s-frame or i-frame yet, so in l2cap_send_i_or_rr_or_rnr()
5625 control.super = L2CAP_SUPER_RR; in l2cap_send_i_or_rr_or_rnr()
5633 /* skb->len reflects data in skb as well as all fragments in append_skb_frag()
5634 * skb->data_len reflects only data in fragments in append_skb_frag()
5637 skb_shinfo(skb)->frag_list = new_frag; in append_skb_frag()
5639 new_frag->next = NULL; in append_skb_frag()
5641 (*last_frag)->next = new_frag; in append_skb_frag()
5644 skb->len += new_frag->len; in append_skb_frag()
5645 skb->data_len += new_frag->len; in append_skb_frag()
5646 skb->truesize += new_frag->truesize; in append_skb_frag()
5652 int err = -EINVAL; in l2cap_reassemble_sdu()
5654 switch (control->sar) { in l2cap_reassemble_sdu()
5656 if (chan->sdu) in l2cap_reassemble_sdu()
5659 err = chan->ops->recv(chan, skb); in l2cap_reassemble_sdu()
5663 if (chan->sdu) in l2cap_reassemble_sdu()
5669 chan->sdu_len = get_unaligned_le16(skb->data); in l2cap_reassemble_sdu()
5672 if (chan->sdu_len > chan->imtu) { in l2cap_reassemble_sdu()
5673 err = -EMSGSIZE; in l2cap_reassemble_sdu()
5677 if (skb->len >= chan->sdu_len) in l2cap_reassemble_sdu()
5680 chan->sdu = skb; in l2cap_reassemble_sdu()
5681 chan->sdu_last_frag = skb; in l2cap_reassemble_sdu()
5688 if (!chan->sdu) in l2cap_reassemble_sdu()
5691 append_skb_frag(chan->sdu, skb, in l2cap_reassemble_sdu()
5692 &chan->sdu_last_frag); in l2cap_reassemble_sdu()
5695 if (chan->sdu->len >= chan->sdu_len) in l2cap_reassemble_sdu()
5702 if (!chan->sdu) in l2cap_reassemble_sdu()
5705 append_skb_frag(chan->sdu, skb, in l2cap_reassemble_sdu()
5706 &chan->sdu_last_frag); in l2cap_reassemble_sdu()
5709 if (chan->sdu->len != chan->sdu_len) in l2cap_reassemble_sdu()
5712 err = chan->ops->recv(chan, chan->sdu); in l2cap_reassemble_sdu()
5716 chan->sdu = NULL; in l2cap_reassemble_sdu()
5717 chan->sdu_last_frag = NULL; in l2cap_reassemble_sdu()
5718 chan->sdu_len = 0; in l2cap_reassemble_sdu()
5725 kfree_skb(chan->sdu); in l2cap_reassemble_sdu()
5726 chan->sdu = NULL; in l2cap_reassemble_sdu()
5727 chan->sdu_last_frag = NULL; in l2cap_reassemble_sdu()
5728 chan->sdu_len = 0; in l2cap_reassemble_sdu()
5744 if (chan->mode != L2CAP_MODE_ERTM) in l2cap_chan_busy()
5754 /* Pass sequential frames to l2cap_reassemble_sdu() in l2cap_rx_queued_iframes()
5760 while (!test_bit(CONN_LOCAL_BUSY, &chan->conn_state)) { in l2cap_rx_queued_iframes()
5763 chan->buffer_seq, skb_queue_len(&chan->srej_q)); in l2cap_rx_queued_iframes()
5765 skb = l2cap_ertm_seq_in_queue(&chan->srej_q, chan->buffer_seq); in l2cap_rx_queued_iframes()
5770 skb_unlink(skb, &chan->srej_q); in l2cap_rx_queued_iframes()
5771 chan->buffer_seq = __next_seq(chan, chan->buffer_seq); in l2cap_rx_queued_iframes()
5772 err = l2cap_reassemble_sdu(chan, skb, &bt_cb(skb)->l2cap); in l2cap_rx_queued_iframes()
5777 if (skb_queue_empty(&chan->srej_q)) { in l2cap_rx_queued_iframes()
5778 chan->rx_state = L2CAP_RX_STATE_RECV; in l2cap_rx_queued_iframes()
5792 if (control->reqseq == chan->next_tx_seq) { in l2cap_handle_srej()
5793 BT_DBG("Invalid reqseq %d, disconnecting", control->reqseq); in l2cap_handle_srej()
5798 skb = l2cap_ertm_seq_in_queue(&chan->tx_q, control->reqseq); in l2cap_handle_srej()
5802 control->reqseq); in l2cap_handle_srej()
5806 if (chan->max_tx != 0 && bt_cb(skb)->l2cap.retries >= chan->max_tx) { in l2cap_handle_srej()
5807 BT_DBG("Retry limit exceeded (%d)", chan->max_tx); in l2cap_handle_srej()
5812 clear_bit(CONN_REMOTE_BUSY, &chan->conn_state); in l2cap_handle_srej()
5814 if (control->poll) { in l2cap_handle_srej()
5817 set_bit(CONN_SEND_FBIT, &chan->conn_state); in l2cap_handle_srej()
5821 if (chan->tx_state == L2CAP_TX_STATE_WAIT_F) { in l2cap_handle_srej()
5822 set_bit(CONN_SREJ_ACT, &chan->conn_state); in l2cap_handle_srej()
5823 chan->srej_save_reqseq = control->reqseq; in l2cap_handle_srej()
5828 if (control->final) { in l2cap_handle_srej()
5829 if (chan->srej_save_reqseq != control->reqseq || in l2cap_handle_srej()
5831 &chan->conn_state)) in l2cap_handle_srej()
5835 if (chan->tx_state == L2CAP_TX_STATE_WAIT_F) { in l2cap_handle_srej()
5836 set_bit(CONN_SREJ_ACT, &chan->conn_state); in l2cap_handle_srej()
5837 chan->srej_save_reqseq = control->reqseq; in l2cap_handle_srej()
5850 if (control->reqseq == chan->next_tx_seq) { in l2cap_handle_rej()
5851 BT_DBG("Invalid reqseq %d, disconnecting", control->reqseq); in l2cap_handle_rej()
5856 skb = l2cap_ertm_seq_in_queue(&chan->tx_q, control->reqseq); in l2cap_handle_rej()
5858 if (chan->max_tx && skb && in l2cap_handle_rej()
5859 bt_cb(skb)->l2cap.retries >= chan->max_tx) { in l2cap_handle_rej()
5860 BT_DBG("Retry limit exceeded (%d)", chan->max_tx); in l2cap_handle_rej()
5865 clear_bit(CONN_REMOTE_BUSY, &chan->conn_state); in l2cap_handle_rej()
5869 if (control->final) { in l2cap_handle_rej()
5870 if (!test_and_clear_bit(CONN_REJ_ACT, &chan->conn_state)) in l2cap_handle_rej()
5875 if (chan->tx_state == L2CAP_TX_STATE_WAIT_F) in l2cap_handle_rej()
5876 set_bit(CONN_REJ_ACT, &chan->conn_state); in l2cap_handle_rej()
5884 BT_DBG("last_acked_seq %d, expected_tx_seq %d", chan->last_acked_seq, in l2cap_classify_txseq()
5885 chan->expected_tx_seq); in l2cap_classify_txseq()
5887 if (chan->rx_state == L2CAP_RX_STATE_SREJ_SENT) { in l2cap_classify_txseq()
5888 if (__seq_offset(chan, txseq, chan->last_acked_seq) >= in l2cap_classify_txseq()
5889 chan->tx_win) { in l2cap_classify_txseq()
5893 if (chan->tx_win <= ((chan->tx_win_max + 1) >> 1)) { in l2cap_classify_txseq()
5894 BT_DBG("Invalid/Ignore - after SREJ"); in l2cap_classify_txseq()
5897 BT_DBG("Invalid - in window after SREJ sent"); in l2cap_classify_txseq()
5902 if (chan->srej_list.head == txseq) { in l2cap_classify_txseq()
5907 if (l2cap_ertm_seq_in_queue(&chan->srej_q, txseq)) { in l2cap_classify_txseq()
5908 BT_DBG("Duplicate SREJ - txseq already stored"); in l2cap_classify_txseq()
5912 if (l2cap_seq_list_contains(&chan->srej_list, txseq)) { in l2cap_classify_txseq()
5913 BT_DBG("Unexpected SREJ - not requested"); in l2cap_classify_txseq()
5918 if (chan->expected_tx_seq == txseq) { in l2cap_classify_txseq()
5919 if (__seq_offset(chan, txseq, chan->last_acked_seq) >= in l2cap_classify_txseq()
5920 chan->tx_win) { in l2cap_classify_txseq()
5921 BT_DBG("Invalid - txseq outside tx window"); in l2cap_classify_txseq()
5929 if (__seq_offset(chan, txseq, chan->last_acked_seq) < in l2cap_classify_txseq()
5930 __seq_offset(chan, chan->expected_tx_seq, chan->last_acked_seq)) { in l2cap_classify_txseq()
5931 BT_DBG("Duplicate - expected_tx_seq later than txseq"); in l2cap_classify_txseq()
5935 if (__seq_offset(chan, txseq, chan->last_acked_seq) >= chan->tx_win) { in l2cap_classify_txseq()
5946 * invalid frames to be safely ignored. in l2cap_classify_txseq()
5953 if (chan->tx_win <= ((chan->tx_win_max + 1) >> 1)) { in l2cap_classify_txseq()
5954 BT_DBG("Invalid/Ignore - txseq outside tx window"); in l2cap_classify_txseq()
5957 BT_DBG("Invalid - txseq outside tx window"); in l2cap_classify_txseq()
5961 BT_DBG("Unexpected - txseq indicates missing frames"); in l2cap_classify_txseq()
5979 switch (l2cap_classify_txseq(chan, control->txseq)) { in l2cap_rx_state_recv()
5983 if (test_bit(CONN_LOCAL_BUSY, &chan->conn_state)) { in l2cap_rx_state_recv()
5985 control->txseq); in l2cap_rx_state_recv()
5989 chan->expected_tx_seq = __next_seq(chan, in l2cap_rx_state_recv()
5990 control->txseq); in l2cap_rx_state_recv()
5992 chan->buffer_seq = chan->expected_tx_seq; in l2cap_rx_state_recv()
6002 * chan->ops->recv == l2cap_sock_recv_cb in l2cap_rx_state_recv()
6018 &chan->conn_state)) { in l2cap_rx_state_recv()
6025 if (!test_bit(CONN_LOCAL_BUSY, &chan->conn_state)) in l2cap_rx_state_recv()
6031 /* Can't issue SREJ frames in the local busy state. in l2cap_rx_state_recv()
6035 if (test_bit(CONN_LOCAL_BUSY, &chan->conn_state)) { in l2cap_rx_state_recv()
6037 control->txseq); in l2cap_rx_state_recv()
6045 skb_queue_tail(&chan->srej_q, skb); in l2cap_rx_state_recv()
6048 skb_queue_len(&chan->srej_q)); in l2cap_rx_state_recv()
6050 clear_bit(CONN_SREJ_ACT, &chan->conn_state); in l2cap_rx_state_recv()
6051 l2cap_seq_list_clear(&chan->srej_list); in l2cap_rx_state_recv()
6052 l2cap_send_srej(chan, control->txseq); in l2cap_rx_state_recv()
6054 chan->rx_state = L2CAP_RX_STATE_SREJ_SENT; in l2cap_rx_state_recv()
6069 if (control->final) { in l2cap_rx_state_recv()
6070 clear_bit(CONN_REMOTE_BUSY, &chan->conn_state); in l2cap_rx_state_recv()
6073 &chan->conn_state)) { in l2cap_rx_state_recv()
6074 control->final = 0; in l2cap_rx_state_recv()
6079 } else if (control->poll) { in l2cap_rx_state_recv()
6083 &chan->conn_state) && in l2cap_rx_state_recv()
6084 chan->unacked_frames) in l2cap_rx_state_recv()
6091 set_bit(CONN_REMOTE_BUSY, &chan->conn_state); in l2cap_rx_state_recv()
6093 if (control && control->poll) { in l2cap_rx_state_recv()
6094 set_bit(CONN_SEND_FBIT, &chan->conn_state); in l2cap_rx_state_recv()
6098 l2cap_seq_list_clear(&chan->retrans_list); in l2cap_rx_state_recv()
6123 u16 txseq = control->txseq; in l2cap_rx_state_srej_sent()
6135 skb_queue_tail(&chan->srej_q, skb); in l2cap_rx_state_srej_sent()
6138 skb_queue_len(&chan->srej_q)); in l2cap_rx_state_srej_sent()
6140 chan->expected_tx_seq = __next_seq(chan, txseq); in l2cap_rx_state_srej_sent()
6143 l2cap_seq_list_pop(&chan->srej_list); in l2cap_rx_state_srej_sent()
6146 skb_queue_tail(&chan->srej_q, skb); in l2cap_rx_state_srej_sent()
6149 skb_queue_len(&chan->srej_q)); in l2cap_rx_state_srej_sent()
6159 * the missing frames. in l2cap_rx_state_srej_sent()
6161 skb_queue_tail(&chan->srej_q, skb); in l2cap_rx_state_srej_sent()
6164 skb_queue_len(&chan->srej_q)); in l2cap_rx_state_srej_sent()
6167 l2cap_send_srej(chan, control->txseq); in l2cap_rx_state_srej_sent()
6171 * some expected retransmitted frames are in l2cap_rx_state_srej_sent()
6173 * SREJ'd frames. in l2cap_rx_state_srej_sent()
6175 skb_queue_tail(&chan->srej_q, skb); in l2cap_rx_state_srej_sent()
6178 skb_queue_len(&chan->srej_q)); in l2cap_rx_state_srej_sent()
6181 l2cap_send_srej_list(chan, control->txseq); in l2cap_rx_state_srej_sent()
6202 if (control->final) { in l2cap_rx_state_srej_sent()
6203 clear_bit(CONN_REMOTE_BUSY, &chan->conn_state); in l2cap_rx_state_srej_sent()
6206 &chan->conn_state)) { in l2cap_rx_state_srej_sent()
6207 control->final = 0; in l2cap_rx_state_srej_sent()
6212 } else if (control->poll) { in l2cap_rx_state_srej_sent()
6214 &chan->conn_state) && in l2cap_rx_state_srej_sent()
6215 chan->unacked_frames) { in l2cap_rx_state_srej_sent()
6219 set_bit(CONN_SEND_FBIT, &chan->conn_state); in l2cap_rx_state_srej_sent()
6223 &chan->conn_state) && in l2cap_rx_state_srej_sent()
6224 chan->unacked_frames) in l2cap_rx_state_srej_sent()
6231 set_bit(CONN_REMOTE_BUSY, &chan->conn_state); in l2cap_rx_state_srej_sent()
6233 if (control->poll) { in l2cap_rx_state_srej_sent()
6239 rr_control.super = L2CAP_SUPER_RR; in l2cap_rx_state_srej_sent()
6240 rr_control.reqseq = chan->buffer_seq; in l2cap_rx_state_srej_sent()
6265 chan->rx_state = L2CAP_RX_STATE_RECV; in l2cap_finish_move()
6266 chan->conn->mtu = chan->conn->hcon->mtu; in l2cap_finish_move()
6280 if (!control->poll) in l2cap_rx_state_wait_p()
6281 return -EPROTO; in l2cap_rx_state_wait_p()
6283 l2cap_process_reqseq(chan, control->reqseq); in l2cap_rx_state_wait_p()
6285 if (!skb_queue_empty(&chan->tx_q)) in l2cap_rx_state_wait_p()
6286 chan->tx_send_head = skb_peek(&chan->tx_q); in l2cap_rx_state_wait_p()
6288 chan->tx_send_head = NULL; in l2cap_rx_state_wait_p()
6293 chan->next_tx_seq = control->reqseq; in l2cap_rx_state_wait_p()
6294 chan->unacked_frames = 0; in l2cap_rx_state_wait_p()
6300 set_bit(CONN_SEND_FBIT, &chan->conn_state); in l2cap_rx_state_wait_p()
6304 return -EPROTO; in l2cap_rx_state_wait_p()
6315 if (!control->final) in l2cap_rx_state_wait_f()
6316 return -EPROTO; in l2cap_rx_state_wait_f()
6318 clear_bit(CONN_REMOTE_BUSY, &chan->conn_state); in l2cap_rx_state_wait_f()
6320 chan->rx_state = L2CAP_RX_STATE_RECV; in l2cap_rx_state_wait_f()
6321 l2cap_process_reqseq(chan, control->reqseq); in l2cap_rx_state_wait_f()
6323 if (!skb_queue_empty(&chan->tx_q)) in l2cap_rx_state_wait_f()
6324 chan->tx_send_head = skb_peek(&chan->tx_q); in l2cap_rx_state_wait_f()
6326 chan->tx_send_head = NULL; in l2cap_rx_state_wait_f()
6331 chan->next_tx_seq = control->reqseq; in l2cap_rx_state_wait_f()
6332 chan->unacked_frames = 0; in l2cap_rx_state_wait_f()
6333 chan->conn->mtu = chan->conn->hcon->mtu; in l2cap_rx_state_wait_f()
6348 unacked = __seq_offset(chan, chan->next_tx_seq, chan->expected_ack_seq); in __valid_reqseq()
6349 return __seq_offset(chan, chan->next_tx_seq, reqseq) <= unacked; in __valid_reqseq()
6358 control, skb, event, chan->rx_state); in l2cap_rx()
6360 if (__valid_reqseq(chan, control->reqseq)) { in l2cap_rx()
6361 switch (chan->rx_state) { in l2cap_rx()
6381 control->reqseq, chan->next_tx_seq, in l2cap_rx()
6382 chan->expected_ack_seq); in l2cap_rx()
6398 * chan->ops->recv == l2cap_sock_recv_cb in l2cap_stream_rx()
6407 u16 txseq = control->txseq; in l2cap_stream_rx()
6410 chan->rx_state); in l2cap_stream_rx()
6415 BT_DBG("buffer_seq %u->%u", chan->buffer_seq, in l2cap_stream_rx()
6416 __next_seq(chan, chan->buffer_seq)); in l2cap_stream_rx()
6418 chan->buffer_seq = __next_seq(chan, chan->buffer_seq); in l2cap_stream_rx()
6422 if (chan->sdu) { in l2cap_stream_rx()
6423 kfree_skb(chan->sdu); in l2cap_stream_rx()
6424 chan->sdu = NULL; in l2cap_stream_rx()
6426 chan->sdu_last_frag = NULL; in l2cap_stream_rx()
6427 chan->sdu_len = 0; in l2cap_stream_rx()
6435 chan->last_acked_seq = txseq; in l2cap_stream_rx()
6436 chan->expected_tx_seq = __next_seq(chan, txseq); in l2cap_stream_rx()
6443 struct l2cap_ctrl *control = &bt_cb(skb)->l2cap; in l2cap_data_rcv()
6449 len = skb->len; in l2cap_data_rcv()
6452 * We can just drop the corrupted I-frame here. in l2cap_data_rcv()
6459 if (!control->sframe && control->sar == L2CAP_SAR_START) in l2cap_data_rcv()
6460 len -= L2CAP_SDULEN_SIZE; in l2cap_data_rcv()
6462 if (chan->fcs == L2CAP_FCS_CRC16) in l2cap_data_rcv()
6463 len -= L2CAP_FCS_SIZE; in l2cap_data_rcv()
6465 if (len > chan->mps) { in l2cap_data_rcv()
6470 if (chan->ops->filter) { in l2cap_data_rcv()
6471 if (chan->ops->filter(chan, skb)) in l2cap_data_rcv()
6475 if (!control->sframe) { in l2cap_data_rcv()
6479 control->sar, control->reqseq, control->final, in l2cap_data_rcv()
6480 control->txseq); in l2cap_data_rcv()
6482 /* Validate F-bit - F=0 always valid, F=1 only in l2cap_data_rcv()
6485 if (control->final && chan->tx_state != L2CAP_TX_STATE_WAIT_F) in l2cap_data_rcv()
6488 if (chan->mode != L2CAP_MODE_STREAMING) { in l2cap_data_rcv()
6503 /* Only I-frames are expected in streaming mode */ in l2cap_data_rcv()
6504 if (chan->mode == L2CAP_MODE_STREAMING) in l2cap_data_rcv()
6507 BT_DBG("sframe reqseq %d, final %d, poll %d, super %d", in l2cap_data_rcv()
6508 control->reqseq, control->final, control->poll, in l2cap_data_rcv()
6509 control->super); in l2cap_data_rcv()
6518 if (control->final && (control->poll || in l2cap_data_rcv()
6519 chan->tx_state != L2CAP_TX_STATE_WAIT_F)) in l2cap_data_rcv()
6522 event = rx_func_to_event[control->super]; in l2cap_data_rcv()
6536 struct l2cap_conn *conn = chan->conn; in l2cap_chan_le_send_credits()
6540 if (chan->rx_credits >= return_credits) in l2cap_chan_le_send_credits()
6543 return_credits -= chan->rx_credits; in l2cap_chan_le_send_credits()
6547 chan->rx_credits += return_credits; in l2cap_chan_le_send_credits()
6549 pkt.cid = cpu_to_le16(chan->scid); in l2cap_chan_le_send_credits()
6552 chan->ident = l2cap_get_ident(conn); in l2cap_chan_le_send_credits()
6554 l2cap_send_cmd(conn, chan->ident, L2CAP_LE_CREDITS, sizeof(pkt), &pkt); in l2cap_chan_le_send_credits()
6559 if (chan->rx_avail == rx_avail) in l2cap_chan_rx_avail()
6564 chan->rx_avail = rx_avail; in l2cap_chan_rx_avail()
6566 if (chan->state == BT_CONNECTED) in l2cap_chan_rx_avail()
6574 BT_DBG("SDU reassemble complete: chan %p skb->len %u", chan, skb->len); in l2cap_ecred_recv()
6577 err = chan->ops->recv(chan, skb); in l2cap_ecred_recv()
6579 if (err < 0 && chan->rx_avail != -1) { in l2cap_ecred_recv()
6595 if (!chan->rx_credits) { in l2cap_ecred_data_rcv()
6598 return -ENOBUFS; in l2cap_ecred_data_rcv()
6601 if (chan->imtu < skb->len) { in l2cap_ecred_data_rcv()
6603 return -ENOBUFS; in l2cap_ecred_data_rcv()
6606 chan->rx_credits--; in l2cap_ecred_data_rcv()
6607 BT_DBG("chan %p: rx_credits %u -> %u", in l2cap_ecred_data_rcv()
6608 chan, chan->rx_credits + 1, chan->rx_credits); in l2cap_ecred_data_rcv()
6613 if (!chan->rx_credits) in l2cap_ecred_data_rcv()
6618 if (!chan->sdu) { in l2cap_ecred_data_rcv()
6621 sdu_len = get_unaligned_le16(skb->data); in l2cap_ecred_data_rcv()
6624 BT_DBG("Start of new SDU. sdu_len %u skb->len %u imtu %u", in l2cap_ecred_data_rcv()
6625 sdu_len, skb->len, chan->imtu); in l2cap_ecred_data_rcv()
6627 if (sdu_len > chan->imtu) { in l2cap_ecred_data_rcv()
6629 err = -EMSGSIZE; in l2cap_ecred_data_rcv()
6633 if (skb->len > sdu_len) { in l2cap_ecred_data_rcv()
6635 err = -EINVAL; in l2cap_ecred_data_rcv()
6639 if (skb->len == sdu_len) in l2cap_ecred_data_rcv()
6642 chan->sdu = skb; in l2cap_ecred_data_rcv()
6643 chan->sdu_len = sdu_len; in l2cap_ecred_data_rcv()
6644 chan->sdu_last_frag = skb; in l2cap_ecred_data_rcv()
6647 if (skb->len + L2CAP_SDULEN_SIZE < chan->mps) { in l2cap_ecred_data_rcv()
6648 u16 mps_len = skb->len + L2CAP_SDULEN_SIZE; in l2cap_ecred_data_rcv()
6651 BT_DBG("chan->mps %u -> %u", chan->mps, mps_len); in l2cap_ecred_data_rcv()
6652 chan->mps = mps_len; in l2cap_ecred_data_rcv()
6659 BT_DBG("SDU fragment. chan->sdu->len %u skb->len %u chan->sdu_len %u", in l2cap_ecred_data_rcv()
6660 chan->sdu->len, skb->len, chan->sdu_len); in l2cap_ecred_data_rcv()
6662 if (chan->sdu->len + skb->len > chan->sdu_len) { in l2cap_ecred_data_rcv()
6664 err = -EINVAL; in l2cap_ecred_data_rcv()
6668 append_skb_frag(chan->sdu, skb, &chan->sdu_last_frag); in l2cap_ecred_data_rcv()
6671 if (chan->sdu->len == chan->sdu_len) { in l2cap_ecred_data_rcv()
6672 err = l2cap_ecred_recv(chan, chan->sdu); in l2cap_ecred_data_rcv()
6674 chan->sdu = NULL; in l2cap_ecred_data_rcv()
6675 chan->sdu_last_frag = NULL; in l2cap_ecred_data_rcv()
6676 chan->sdu_len = 0; in l2cap_ecred_data_rcv()
6683 kfree_skb(chan->sdu); in l2cap_ecred_data_rcv()
6684 chan->sdu = NULL; in l2cap_ecred_data_rcv()
6685 chan->sdu_last_frag = NULL; in l2cap_ecred_data_rcv()
6686 chan->sdu_len = 0; in l2cap_ecred_data_rcv()
6691 * do a double-free of the skb. in l2cap_ecred_data_rcv()
6709 BT_DBG("chan %p, len %d", chan, skb->len); in l2cap_data_channel()
6715 if (chan->chan_type == L2CAP_CHAN_FIXED) in l2cap_data_channel()
6718 if (chan->state != BT_CONNECTED) in l2cap_data_channel()
6721 switch (chan->mode) { in l2cap_data_channel()
6735 if (chan->imtu < skb->len) { in l2cap_data_channel()
6740 if (!chan->ops->recv(chan, skb)) in l2cap_data_channel()
6750 BT_DBG("chan %p: bad mode 0x%2.2x", chan, chan->mode); in l2cap_data_channel()
6765 struct hci_conn *hcon = conn->hcon; in l2cap_conless_channel()
6768 if (hcon->type != ACL_LINK) in l2cap_conless_channel()
6771 chan = l2cap_global_chan_by_psm(0, psm, &hcon->src, &hcon->dst, in l2cap_conless_channel()
6776 BT_DBG("chan %p, len %d", chan, skb->len); in l2cap_conless_channel()
6780 if (chan->state != BT_BOUND && chan->state != BT_CONNECTED) in l2cap_conless_channel()
6783 if (chan->imtu < skb->len) in l2cap_conless_channel()
6787 bacpy(&bt_cb(skb)->l2cap.bdaddr, &hcon->dst); in l2cap_conless_channel()
6788 bt_cb(skb)->l2cap.psm = psm; in l2cap_conless_channel()
6790 if (!chan->ops->recv(chan, skb)) { in l2cap_conless_channel()
6805 struct l2cap_hdr *lh = (void *) skb->data; in l2cap_recv_frame()
6806 struct hci_conn *hcon = conn->hcon; in l2cap_recv_frame()
6810 if (hcon->state != BT_CONNECTED) { in l2cap_recv_frame()
6812 skb_queue_tail(&conn->pending_rx, skb); in l2cap_recv_frame()
6817 cid = __le16_to_cpu(lh->cid); in l2cap_recv_frame()
6818 len = __le16_to_cpu(lh->len); in l2cap_recv_frame()
6820 if (len != skb->len) { in l2cap_recv_frame()
6828 if (hcon->type == LE_LINK && in l2cap_recv_frame()
6829 hci_bdaddr_list_lookup(&hcon->hdev->reject_list, &hcon->dst, in l2cap_recv_frame()
6843 psm = get_unaligned((__le16 *) skb->data); in l2cap_recv_frame()
6866 mutex_lock(&conn->lock); in process_pending_rx()
6868 while ((skb = skb_dequeue(&conn->pending_rx))) in process_pending_rx()
6871 mutex_unlock(&conn->lock); in process_pending_rx()
6876 struct l2cap_conn *conn = hcon->l2cap_data; in l2cap_conn_add()
6892 kref_init(&conn->ref); in l2cap_conn_add()
6893 hcon->l2cap_data = conn; in l2cap_conn_add()
6894 conn->hcon = hci_conn_get(hcon); in l2cap_conn_add()
6895 conn->hchan = hchan; in l2cap_conn_add()
6899 conn->mtu = hcon->mtu; in l2cap_conn_add()
6900 conn->feat_mask = 0; in l2cap_conn_add()
6902 conn->local_fixed_chan = L2CAP_FC_SIG_BREDR | L2CAP_FC_CONNLESS; in l2cap_conn_add()
6904 if (hci_dev_test_flag(hcon->hdev, HCI_LE_ENABLED) && in l2cap_conn_add()
6905 (bredr_sc_enabled(hcon->hdev) || in l2cap_conn_add()
6906 hci_dev_test_flag(hcon->hdev, HCI_FORCE_BREDR_SMP))) in l2cap_conn_add()
6907 conn->local_fixed_chan |= L2CAP_FC_SMP_BREDR; in l2cap_conn_add()
6909 mutex_init(&conn->ident_lock); in l2cap_conn_add()
6910 mutex_init(&conn->lock); in l2cap_conn_add()
6912 INIT_LIST_HEAD(&conn->chan_l); in l2cap_conn_add()
6913 INIT_LIST_HEAD(&conn->users); in l2cap_conn_add()
6915 INIT_DELAYED_WORK(&conn->info_timer, l2cap_info_timeout); in l2cap_conn_add()
6917 skb_queue_head_init(&conn->pending_rx); in l2cap_conn_add()
6918 INIT_WORK(&conn->pending_rx_work, process_pending_rx); in l2cap_conn_add()
6919 INIT_DELAYED_WORK(&conn->id_addr_timer, l2cap_conn_update_id_addr); in l2cap_conn_add()
6921 conn->disc_reason = HCI_ERROR_REMOTE_USER_TERM; in l2cap_conn_add()
6949 if (chan == d->chan) in l2cap_chan_by_pid()
6952 if (!test_bit(FLAG_DEFER_SETUP, &chan->flags)) in l2cap_chan_by_pid()
6955 pid = chan->ops->get_peer_pid(chan); in l2cap_chan_by_pid()
6958 if (d->pid != pid || chan->psm != d->chan->psm || chan->ident || in l2cap_chan_by_pid()
6959 chan->mode != L2CAP_MODE_EXT_FLOWCTL || chan->state != BT_CONNECT) in l2cap_chan_by_pid()
6962 d->count++; in l2cap_chan_by_pid()
6973 BT_DBG("%pMR -> %pMR (type %u) psm 0x%4.4x mode 0x%2.2x", &chan->src, in l2cap_chan_connect()
6974 dst, dst_type, __le16_to_cpu(psm), chan->mode); in l2cap_chan_connect()
6976 hdev = hci_get_route(dst, &chan->src, chan->src_type); in l2cap_chan_connect()
6978 return -EHOSTUNREACH; in l2cap_chan_connect()
6983 chan->chan_type != L2CAP_CHAN_RAW) { in l2cap_chan_connect()
6984 err = -EINVAL; in l2cap_chan_connect()
6988 if (chan->chan_type == L2CAP_CHAN_CONN_ORIENTED && !psm) { in l2cap_chan_connect()
6989 err = -EINVAL; in l2cap_chan_connect()
6993 if (chan->chan_type == L2CAP_CHAN_FIXED && !cid) { in l2cap_chan_connect()
6994 err = -EINVAL; in l2cap_chan_connect()
6998 switch (chan->mode) { in l2cap_chan_connect()
7005 err = -EOPNOTSUPP; in l2cap_chan_connect()
7015 err = -EOPNOTSUPP; in l2cap_chan_connect()
7019 switch (chan->state) { in l2cap_chan_connect()
7029 err = -EISCONN; in l2cap_chan_connect()
7038 err = -EBADFD; in l2cap_chan_connect()
7043 bacpy(&chan->dst, dst); in l2cap_chan_connect()
7044 chan->dst_type = dst_type; in l2cap_chan_connect()
7046 chan->psm = psm; in l2cap_chan_connect()
7047 chan->dcid = cid; in l2cap_chan_connect()
7059 chan->sec_level, timeout, in l2cap_chan_connect()
7063 chan->sec_level, timeout, in l2cap_chan_connect()
7068 hcon = hci_connect_acl(hdev, dst, chan->sec_level, auth_type, in l2cap_chan_connect()
7080 err = -ENOMEM; in l2cap_chan_connect()
7084 if (chan->mode == L2CAP_MODE_EXT_FLOWCTL) { in l2cap_chan_connect()
7088 data.pid = chan->ops->get_peer_pid(chan); in l2cap_chan_connect()
7096 err = -EPROTO; in l2cap_chan_connect()
7101 mutex_lock(&conn->lock); in l2cap_chan_connect()
7106 err = -EBUSY; in l2cap_chan_connect()
7111 bacpy(&chan->src, &hcon->src); in l2cap_chan_connect()
7112 chan->src_type = bdaddr_src_type(hcon); in l2cap_chan_connect()
7120 __set_chan_timer(chan, chan->ops->get_sndtimeo(chan)); in l2cap_chan_connect()
7122 /* Release chan->sport so that it can be reused by other in l2cap_chan_connect()
7126 chan->sport = 0; in l2cap_chan_connect()
7129 if (hcon->state == BT_CONNECTED) { in l2cap_chan_connect()
7130 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED) { in l2cap_chan_connect()
7142 mutex_unlock(&conn->lock); in l2cap_chan_connect()
7152 struct l2cap_conn *conn = chan->conn; in l2cap_ecred_reconfigure()
7155 pdu->mtu = cpu_to_le16(chan->imtu); in l2cap_ecred_reconfigure()
7156 pdu->mps = cpu_to_le16(chan->mps); in l2cap_ecred_reconfigure()
7157 pdu->scid[0] = cpu_to_le16(chan->scid); in l2cap_ecred_reconfigure()
7159 chan->ident = l2cap_get_ident(conn); in l2cap_ecred_reconfigure()
7161 l2cap_send_cmd(conn, chan->ident, L2CAP_ECRED_RECONF_REQ, in l2cap_ecred_reconfigure()
7167 if (chan->imtu > mtu) in l2cap_chan_reconfigure()
7168 return -EINVAL; in l2cap_chan_reconfigure()
7172 chan->imtu = mtu; in l2cap_chan_reconfigure()
7179 /* ---- L2CAP interface with lower layer (HCI) ---- */
7186 BT_DBG("hdev %s, bdaddr %pMR", hdev->name, bdaddr); in l2cap_connect_ind()
7191 if (c->state != BT_LISTEN) in l2cap_connect_ind()
7194 if (!bacmp(&c->src, &hdev->bdaddr)) { in l2cap_connect_ind()
7196 if (test_bit(FLAG_ROLE_SWITCH, &c->flags)) in l2cap_connect_ind()
7199 } else if (!bacmp(&c->src, BDADDR_ANY)) { in l2cap_connect_ind()
7201 if (test_bit(FLAG_ROLE_SWITCH, &c->flags)) in l2cap_connect_ind()
7227 if (c->chan_type != L2CAP_CHAN_FIXED) in l2cap_global_fixed_chan()
7229 if (c->state != BT_LISTEN) in l2cap_global_fixed_chan()
7231 if (bacmp(&c->src, &hcon->src) && bacmp(&c->src, BDADDR_ANY)) in l2cap_global_fixed_chan()
7233 if (src_type != c->src_type) in l2cap_global_fixed_chan()
7248 struct hci_dev *hdev = hcon->hdev; in l2cap_connect_cfm()
7253 if (hcon->type != ACL_LINK && hcon->type != LE_LINK) in l2cap_connect_cfm()
7256 BT_DBG("hcon %p bdaddr %pMR status %d", hcon, &hcon->dst, status); in l2cap_connect_cfm()
7270 if (hci_bdaddr_list_lookup(&hdev->reject_list, &hcon->dst, dst_type)) in l2cap_connect_cfm()
7283 if (__l2cap_get_chan_by_dcid(conn, pchan->scid)) in l2cap_connect_cfm()
7287 chan = pchan->ops->new_connection(pchan); in l2cap_connect_cfm()
7289 bacpy(&chan->src, &hcon->src); in l2cap_connect_cfm()
7290 bacpy(&chan->dst, &hcon->dst); in l2cap_connect_cfm()
7291 chan->src_type = bdaddr_src_type(hcon); in l2cap_connect_cfm()
7292 chan->dst_type = dst_type; in l2cap_connect_cfm()
7309 struct l2cap_conn *conn = hcon->l2cap_data; in l2cap_disconn_ind()
7315 return conn->disc_reason; in l2cap_disconn_ind()
7320 if (hcon->type != ACL_LINK && hcon->type != LE_LINK) in l2cap_disconn_cfm()
7330 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED) in l2cap_check_encryption()
7334 if (chan->sec_level == BT_SECURITY_MEDIUM) { in l2cap_check_encryption()
7336 } else if (chan->sec_level == BT_SECURITY_HIGH || in l2cap_check_encryption()
7337 chan->sec_level == BT_SECURITY_FIPS) in l2cap_check_encryption()
7340 if (chan->sec_level == BT_SECURITY_MEDIUM) in l2cap_check_encryption()
7347 struct l2cap_conn *conn = hcon->l2cap_data; in l2cap_security_cfm()
7355 mutex_lock(&conn->lock); in l2cap_security_cfm()
7357 list_for_each_entry(chan, &conn->chan_l, list) { in l2cap_security_cfm()
7360 BT_DBG("chan %p scid 0x%4.4x state %s", chan, chan->scid, in l2cap_security_cfm()
7361 state_to_string(chan->state)); in l2cap_security_cfm()
7364 chan->sec_level = hcon->sec_level; in l2cap_security_cfm()
7371 if (!status && (chan->state == BT_CONNECTED || in l2cap_security_cfm()
7372 chan->state == BT_CONFIG)) { in l2cap_security_cfm()
7373 chan->ops->resume(chan); in l2cap_security_cfm()
7379 if (chan->state == BT_CONNECT) { in l2cap_security_cfm()
7384 } else if (chan->state == BT_CONNECT2 && in l2cap_security_cfm()
7385 !(chan->mode == L2CAP_MODE_EXT_FLOWCTL || in l2cap_security_cfm()
7386 chan->mode == L2CAP_MODE_LE_FLOWCTL)) { in l2cap_security_cfm()
7391 if (test_bit(FLAG_DEFER_SETUP, &chan->flags)) { in l2cap_security_cfm()
7394 chan->ops->defer(chan); in l2cap_security_cfm()
7407 rsp.scid = cpu_to_le16(chan->dcid); in l2cap_security_cfm()
7408 rsp.dcid = cpu_to_le16(chan->scid); in l2cap_security_cfm()
7411 l2cap_send_cmd(conn, chan->ident, L2CAP_CONN_RSP, in l2cap_security_cfm()
7414 if (!test_bit(CONF_REQ_SENT, &chan->conf_state) && in l2cap_security_cfm()
7417 set_bit(CONF_REQ_SENT, &chan->conf_state); in l2cap_security_cfm()
7422 chan->num_conf_req++; in l2cap_security_cfm()
7429 mutex_unlock(&conn->lock); in l2cap_security_cfm()
7436 if (!conn->rx_skb) { in l2cap_recv_frag()
7438 conn->rx_skb = bt_skb_alloc(len, GFP_KERNEL); in l2cap_recv_frag()
7439 if (!conn->rx_skb) in l2cap_recv_frag()
7440 return -ENOMEM; in l2cap_recv_frag()
7442 conn->rx_len = len; in l2cap_recv_frag()
7444 skb_set_delivery_time(conn->rx_skb, skb->tstamp, in l2cap_recv_frag()
7445 skb->tstamp_type); in l2cap_recv_frag()
7449 len = min_t(u16, len, skb->len); in l2cap_recv_frag()
7450 skb_copy_from_linear_data(skb, skb_put(conn->rx_skb, len), len); in l2cap_recv_frag()
7452 conn->rx_len -= len; in l2cap_recv_frag()
7463 len = l2cap_recv_frag(conn, skb, L2CAP_LEN_SIZE - conn->rx_skb->len); in l2cap_recv_len()
7466 if (len < 0 || conn->rx_skb->len < L2CAP_LEN_SIZE) in l2cap_recv_len()
7469 rx_skb = conn->rx_skb; in l2cap_recv_len()
7470 len = get_unaligned_le16(rx_skb->data); in l2cap_recv_len()
7473 if (len + (L2CAP_HDR_SIZE - L2CAP_LEN_SIZE) <= skb_tailroom(rx_skb)) { in l2cap_recv_len()
7475 conn->rx_len = len + (L2CAP_HDR_SIZE - L2CAP_LEN_SIZE); in l2cap_recv_len()
7479 /* Reset conn->rx_skb since it will need to be reallocated in order to in l2cap_recv_len()
7482 conn->rx_skb = NULL; in l2cap_recv_len()
7486 len + (L2CAP_HDR_SIZE - L2CAP_LEN_SIZE)); in l2cap_recv_len()
7494 kfree_skb(conn->rx_skb); in l2cap_recv_reset()
7495 conn->rx_skb = NULL; in l2cap_recv_reset()
7496 conn->rx_len = 0; in l2cap_recv_reset()
7504 BT_DBG("conn %p orig refcnt %u", c, kref_read(&c->ref)); in l2cap_conn_hold_unless_zero()
7506 if (!kref_get_unless_zero(&c->ref)) in l2cap_conn_hold_unless_zero()
7518 hci_dev_lock(hcon->hdev); in l2cap_recv_acldata()
7520 conn = hcon->l2cap_data; in l2cap_recv_acldata()
7527 hci_dev_unlock(hcon->hdev); in l2cap_recv_acldata()
7534 BT_DBG("conn %p len %u flags 0x%x", conn, skb->len, flags); in l2cap_recv_acldata()
7536 mutex_lock(&conn->lock); in l2cap_recv_acldata()
7542 if (conn->rx_skb) { in l2cap_recv_acldata()
7543 BT_ERR("Unexpected start frame (len %d)", skb->len); in l2cap_recv_acldata()
7549 * copy the initial byte when that happens and use conn->mtu as in l2cap_recv_acldata()
7552 if (skb->len < L2CAP_LEN_SIZE) { in l2cap_recv_acldata()
7553 l2cap_recv_frag(conn, skb, conn->mtu); in l2cap_recv_acldata()
7557 len = get_unaligned_le16(skb->data) + L2CAP_HDR_SIZE; in l2cap_recv_acldata()
7559 if (len == skb->len) { in l2cap_recv_acldata()
7565 BT_DBG("Start: total len %d, frag len %u", len, skb->len); in l2cap_recv_acldata()
7567 if (skb->len > len) { in l2cap_recv_acldata()
7569 skb->len, len); in l2cap_recv_acldata()
7570 /* PTS test cases L2CAP/COS/CED/BI-14-C and BI-15-C in l2cap_recv_acldata()
7572 * Truncated, BR/EDR) send a C-frame to the IUT with in l2cap_recv_acldata()
7584 skb->len = len; in l2cap_recv_acldata()
7597 BT_DBG("Cont: frag len %u (expecting %u)", skb->len, conn->rx_len); in l2cap_recv_acldata()
7599 if (!conn->rx_skb) { in l2cap_recv_acldata()
7600 BT_ERR("Unexpected continuation frame (len %d)", skb->len); in l2cap_recv_acldata()
7606 if (conn->rx_skb->len < L2CAP_LEN_SIZE) { in l2cap_recv_acldata()
7613 if (conn->rx_skb->len < L2CAP_LEN_SIZE) in l2cap_recv_acldata()
7617 if (skb->len > conn->rx_len) { in l2cap_recv_acldata()
7619 skb->len, conn->rx_len); in l2cap_recv_acldata()
7626 l2cap_recv_frag(conn, skb, skb->len); in l2cap_recv_acldata()
7628 if (!conn->rx_len) { in l2cap_recv_acldata()
7633 struct sk_buff *rx_skb = conn->rx_skb; in l2cap_recv_acldata()
7634 conn->rx_skb = NULL; in l2cap_recv_acldata()
7643 mutex_unlock(&conn->lock); in l2cap_recv_acldata()
7662 &c->src, c->src_type, &c->dst, c->dst_type, in l2cap_debugfs_show()
7663 c->state, __le16_to_cpu(c->psm), in l2cap_debugfs_show()
7664 c->scid, c->dcid, c->imtu, c->omtu, in l2cap_debugfs_show()
7665 c->sec_level, c->mode); in l2cap_debugfs_show()