Lines Matching +full:sar +full:- +full:threshold
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
4 Copyright (C) 2009-2010 Gustavo F. Padovan <gustavo@padovan.org>
80 return bdaddr_type(hcon->type, hcon->src_type); in bdaddr_src_type()
85 return bdaddr_type(hcon->type, hcon->dst_type); in bdaddr_dst_type()
88 /* ---- L2CAP channels ---- */
95 list_for_each_entry(c, &conn->chan_l, list) { in __l2cap_get_chan_by_dcid()
96 if (c->dcid == cid) in __l2cap_get_chan_by_dcid()
107 list_for_each_entry(c, &conn->chan_l, list) { in __l2cap_get_chan_by_scid()
108 if (c->scid == cid) in __l2cap_get_chan_by_scid()
122 mutex_lock(&conn->chan_lock); in l2cap_get_chan_by_scid()
130 mutex_unlock(&conn->chan_lock); in l2cap_get_chan_by_scid()
143 mutex_lock(&conn->chan_lock); in l2cap_get_chan_by_dcid()
151 mutex_unlock(&conn->chan_lock); in l2cap_get_chan_by_dcid()
161 list_for_each_entry(c, &conn->chan_l, list) { in __l2cap_get_chan_by_ident()
162 if (c->ident == ident) in __l2cap_get_chan_by_ident()
174 if (src_type == BDADDR_BREDR && c->src_type != BDADDR_BREDR) in __l2cap_global_chan_by_addr()
177 if (src_type != BDADDR_BREDR && c->src_type == BDADDR_BREDR) in __l2cap_global_chan_by_addr()
180 if (c->sport == psm && !bacmp(&c->src, src)) in __l2cap_global_chan_by_addr()
192 if (psm && __l2cap_global_chan_by_addr(psm, src, chan->src_type)) { in l2cap_add_psm()
193 err = -EADDRINUSE; in l2cap_add_psm()
198 chan->psm = psm; in l2cap_add_psm()
199 chan->sport = psm; in l2cap_add_psm()
204 if (chan->src_type == BDADDR_BREDR) { in l2cap_add_psm()
214 err = -EINVAL; in l2cap_add_psm()
217 chan->src_type)) { in l2cap_add_psm()
218 chan->psm = cpu_to_le16(p); in l2cap_add_psm()
219 chan->sport = cpu_to_le16(p); in l2cap_add_psm()
235 /* Override the defaults (which are for conn-oriented) */ in l2cap_add_scid()
236 chan->omtu = L2CAP_DEFAULT_MTU; in l2cap_add_scid()
237 chan->chan_type = L2CAP_CHAN_FIXED; in l2cap_add_scid()
239 chan->scid = scid; in l2cap_add_scid()
250 if (conn->hcon->type == LE_LINK) in l2cap_alloc_cid()
265 BT_DBG("chan %p %s -> %s", chan, state_to_string(chan->state), in l2cap_state_change()
268 chan->state = state; in l2cap_state_change()
269 chan->ops->state_change(chan, state, 0); in l2cap_state_change()
275 chan->state = state; in l2cap_state_change_and_error()
276 chan->ops->state_change(chan, chan->state, err); in l2cap_state_change_and_error()
281 chan->ops->state_change(chan, chan->state, err); in l2cap_chan_set_err()
286 if (!delayed_work_pending(&chan->monitor_timer) && in __set_retrans_timer()
287 chan->retrans_timeout) { in __set_retrans_timer()
288 l2cap_set_timer(chan, &chan->retrans_timer, in __set_retrans_timer()
289 msecs_to_jiffies(chan->retrans_timeout)); in __set_retrans_timer()
296 if (chan->monitor_timeout) { in __set_monitor_timer()
297 l2cap_set_timer(chan, &chan->monitor_timer, in __set_monitor_timer()
298 msecs_to_jiffies(chan->monitor_timeout)); in __set_monitor_timer()
308 if (bt_cb(skb)->l2cap.txseq == seq) in l2cap_ertm_seq_in_queue()
315 /* ---- L2CAP sequence number lists ---- */
319 * retransmitted. These seq_list functions implement a singly-linked
336 seq_list->list = kmalloc_array(alloc_size, sizeof(u16), GFP_KERNEL); in l2cap_seq_list_init()
337 if (!seq_list->list) in l2cap_seq_list_init()
338 return -ENOMEM; in l2cap_seq_list_init()
340 seq_list->mask = alloc_size - 1; in l2cap_seq_list_init()
341 seq_list->head = L2CAP_SEQ_LIST_CLEAR; in l2cap_seq_list_init()
342 seq_list->tail = L2CAP_SEQ_LIST_CLEAR; in l2cap_seq_list_init()
344 seq_list->list[i] = L2CAP_SEQ_LIST_CLEAR; in l2cap_seq_list_init()
351 kfree(seq_list->list); in l2cap_seq_list_free()
357 /* Constant-time check for list membership */ in l2cap_seq_list_contains()
358 return seq_list->list[seq & seq_list->mask] != L2CAP_SEQ_LIST_CLEAR; in l2cap_seq_list_contains()
363 u16 seq = seq_list->head; in l2cap_seq_list_pop()
364 u16 mask = seq_list->mask; in l2cap_seq_list_pop()
366 seq_list->head = seq_list->list[seq & mask]; in l2cap_seq_list_pop()
367 seq_list->list[seq & mask] = L2CAP_SEQ_LIST_CLEAR; in l2cap_seq_list_pop()
369 if (seq_list->head == L2CAP_SEQ_LIST_TAIL) { in l2cap_seq_list_pop()
370 seq_list->head = L2CAP_SEQ_LIST_CLEAR; in l2cap_seq_list_pop()
371 seq_list->tail = L2CAP_SEQ_LIST_CLEAR; in l2cap_seq_list_pop()
381 if (seq_list->head == L2CAP_SEQ_LIST_CLEAR) in l2cap_seq_list_clear()
384 for (i = 0; i <= seq_list->mask; i++) in l2cap_seq_list_clear()
385 seq_list->list[i] = L2CAP_SEQ_LIST_CLEAR; in l2cap_seq_list_clear()
387 seq_list->head = L2CAP_SEQ_LIST_CLEAR; in l2cap_seq_list_clear()
388 seq_list->tail = L2CAP_SEQ_LIST_CLEAR; in l2cap_seq_list_clear()
393 u16 mask = seq_list->mask; in l2cap_seq_list_append()
397 if (seq_list->list[seq & mask] != L2CAP_SEQ_LIST_CLEAR) in l2cap_seq_list_append()
400 if (seq_list->tail == L2CAP_SEQ_LIST_CLEAR) in l2cap_seq_list_append()
401 seq_list->head = seq; in l2cap_seq_list_append()
403 seq_list->list[seq_list->tail & mask] = seq; in l2cap_seq_list_append()
405 seq_list->tail = seq; in l2cap_seq_list_append()
406 seq_list->list[seq & mask] = L2CAP_SEQ_LIST_TAIL; in l2cap_seq_list_append()
413 struct l2cap_conn *conn = chan->conn; in l2cap_chan_timeout()
416 BT_DBG("chan %p state %s", chan, state_to_string(chan->state)); in l2cap_chan_timeout()
421 mutex_lock(&conn->chan_lock); in l2cap_chan_timeout()
427 if (chan->state == BT_CONNECTED || chan->state == BT_CONFIG) in l2cap_chan_timeout()
429 else if (chan->state == BT_CONNECT && in l2cap_chan_timeout()
430 chan->sec_level != BT_SECURITY_SDP) in l2cap_chan_timeout()
437 chan->ops->close(chan); in l2cap_chan_timeout()
442 mutex_unlock(&conn->chan_lock); in l2cap_chan_timeout()
453 skb_queue_head_init(&chan->tx_q); in l2cap_chan_create()
454 skb_queue_head_init(&chan->srej_q); in l2cap_chan_create()
455 mutex_init(&chan->lock); in l2cap_chan_create()
458 atomic_set(&chan->nesting, L2CAP_NESTING_NORMAL); in l2cap_chan_create()
461 chan->rx_avail = -1; in l2cap_chan_create()
464 list_add(&chan->global_l, &chan_list); in l2cap_chan_create()
467 INIT_DELAYED_WORK(&chan->chan_timer, l2cap_chan_timeout); in l2cap_chan_create()
468 INIT_DELAYED_WORK(&chan->retrans_timer, l2cap_retrans_timeout); in l2cap_chan_create()
469 INIT_DELAYED_WORK(&chan->monitor_timer, l2cap_monitor_timeout); in l2cap_chan_create()
470 INIT_DELAYED_WORK(&chan->ack_timer, l2cap_ack_timeout); in l2cap_chan_create()
472 chan->state = BT_OPEN; in l2cap_chan_create()
474 kref_init(&chan->kref); in l2cap_chan_create()
477 set_bit(CONF_NOT_COMPLETE, &chan->conf_state); in l2cap_chan_create()
492 list_del(&chan->global_l); in l2cap_chan_destroy()
500 BT_DBG("chan %p orig refcnt %u", c, kref_read(&c->kref)); in l2cap_chan_hold()
502 kref_get(&c->kref); in l2cap_chan_hold()
507 BT_DBG("chan %p orig refcnt %u", c, kref_read(&c->kref)); in l2cap_chan_hold_unless_zero()
509 if (!kref_get_unless_zero(&c->kref)) in l2cap_chan_hold_unless_zero()
517 BT_DBG("chan %p orig refcnt %u", c, kref_read(&c->kref)); in l2cap_chan_put()
519 kref_put(&c->kref, l2cap_chan_destroy); in l2cap_chan_put()
525 chan->fcs = L2CAP_FCS_CRC16; in l2cap_chan_set_defaults()
526 chan->max_tx = L2CAP_DEFAULT_MAX_TX; in l2cap_chan_set_defaults()
527 chan->tx_win = L2CAP_DEFAULT_TX_WINDOW; in l2cap_chan_set_defaults()
528 chan->tx_win_max = L2CAP_DEFAULT_TX_WINDOW; in l2cap_chan_set_defaults()
529 chan->remote_max_tx = chan->max_tx; in l2cap_chan_set_defaults()
530 chan->remote_tx_win = chan->tx_win; in l2cap_chan_set_defaults()
531 chan->ack_win = L2CAP_DEFAULT_TX_WINDOW; in l2cap_chan_set_defaults()
532 chan->sec_level = BT_SECURITY_LOW; in l2cap_chan_set_defaults()
533 chan->flush_to = L2CAP_DEFAULT_FLUSH_TO; in l2cap_chan_set_defaults()
534 chan->retrans_timeout = L2CAP_DEFAULT_RETRANS_TO; in l2cap_chan_set_defaults()
535 chan->monitor_timeout = L2CAP_DEFAULT_MONITOR_TO; in l2cap_chan_set_defaults()
537 chan->conf_state = 0; in l2cap_chan_set_defaults()
538 set_bit(CONF_NOT_COMPLETE, &chan->conf_state); in l2cap_chan_set_defaults()
540 set_bit(FLAG_FORCE_ACTIVE, &chan->flags); in l2cap_chan_set_defaults()
546 size_t sdu_len = chan->sdu ? chan->sdu->len : 0; in l2cap_le_rx_credits()
548 if (chan->mps == 0) in l2cap_le_rx_credits()
554 if (chan->rx_avail == -1) in l2cap_le_rx_credits()
555 return (chan->imtu / chan->mps) + 1; in l2cap_le_rx_credits()
560 if (chan->rx_avail <= sdu_len) in l2cap_le_rx_credits()
563 return DIV_ROUND_UP(chan->rx_avail - sdu_len, chan->mps); in l2cap_le_rx_credits()
568 chan->sdu = NULL; in l2cap_le_flowctl_init()
569 chan->sdu_last_frag = NULL; in l2cap_le_flowctl_init()
570 chan->sdu_len = 0; in l2cap_le_flowctl_init()
571 chan->tx_credits = tx_credits; in l2cap_le_flowctl_init()
573 chan->mps = min_t(u16, chan->imtu, chan->conn->mtu - L2CAP_HDR_SIZE); in l2cap_le_flowctl_init()
574 chan->rx_credits = l2cap_le_rx_credits(chan); in l2cap_le_flowctl_init()
576 skb_queue_head_init(&chan->tx_q); in l2cap_le_flowctl_init()
584 if (chan->mps < L2CAP_ECRED_MIN_MPS) { in l2cap_ecred_init()
585 chan->mps = L2CAP_ECRED_MIN_MPS; in l2cap_ecred_init()
586 chan->rx_credits = l2cap_le_rx_credits(chan); in l2cap_ecred_init()
593 __le16_to_cpu(chan->psm), chan->dcid); in __l2cap_chan_add()
595 conn->disc_reason = HCI_ERROR_REMOTE_USER_TERM; in __l2cap_chan_add()
597 chan->conn = conn; in __l2cap_chan_add()
599 switch (chan->chan_type) { in __l2cap_chan_add()
601 /* Alloc CID for connection-oriented socket */ in __l2cap_chan_add()
602 chan->scid = l2cap_alloc_cid(conn); in __l2cap_chan_add()
603 if (conn->hcon->type == ACL_LINK) in __l2cap_chan_add()
604 chan->omtu = L2CAP_DEFAULT_MTU; in __l2cap_chan_add()
609 chan->scid = L2CAP_CID_CONN_LESS; in __l2cap_chan_add()
610 chan->dcid = L2CAP_CID_CONN_LESS; in __l2cap_chan_add()
611 chan->omtu = L2CAP_DEFAULT_MTU; in __l2cap_chan_add()
620 chan->scid = L2CAP_CID_SIGNALING; in __l2cap_chan_add()
621 chan->dcid = L2CAP_CID_SIGNALING; in __l2cap_chan_add()
622 chan->omtu = L2CAP_DEFAULT_MTU; in __l2cap_chan_add()
625 chan->local_id = L2CAP_BESTEFFORT_ID; in __l2cap_chan_add()
626 chan->local_stype = L2CAP_SERV_BESTEFFORT; in __l2cap_chan_add()
627 chan->local_msdu = L2CAP_DEFAULT_MAX_SDU_SIZE; in __l2cap_chan_add()
628 chan->local_sdu_itime = L2CAP_DEFAULT_SDU_ITIME; in __l2cap_chan_add()
629 chan->local_acc_lat = L2CAP_DEFAULT_ACC_LAT; in __l2cap_chan_add()
630 chan->local_flush_to = L2CAP_EFS_DEFAULT_FLUSH_TO; in __l2cap_chan_add()
635 if (chan->chan_type != L2CAP_CHAN_FIXED || in __l2cap_chan_add()
636 test_bit(FLAG_HOLD_HCI_CONN, &chan->flags)) in __l2cap_chan_add()
637 hci_conn_hold(conn->hcon); in __l2cap_chan_add()
639 list_add(&chan->list, &conn->chan_l); in __l2cap_chan_add()
644 mutex_lock(&conn->chan_lock); in l2cap_chan_add()
646 mutex_unlock(&conn->chan_lock); in l2cap_chan_add()
651 struct l2cap_conn *conn = chan->conn; in l2cap_chan_del()
656 state_to_string(chan->state)); in l2cap_chan_del()
658 chan->ops->teardown(chan, err); in l2cap_chan_del()
662 list_del(&chan->list); in l2cap_chan_del()
666 chan->conn = NULL; in l2cap_chan_del()
668 /* Reference was only held for non-fixed channels or in l2cap_chan_del()
672 if (chan->chan_type != L2CAP_CHAN_FIXED || in l2cap_chan_del()
673 test_bit(FLAG_HOLD_HCI_CONN, &chan->flags)) in l2cap_chan_del()
674 hci_conn_drop(conn->hcon); in l2cap_chan_del()
677 if (test_bit(CONF_NOT_COMPLETE, &chan->conf_state)) in l2cap_chan_del()
680 switch (chan->mode) { in l2cap_chan_del()
686 skb_queue_purge(&chan->tx_q); in l2cap_chan_del()
694 skb_queue_purge(&chan->srej_q); in l2cap_chan_del()
696 l2cap_seq_list_free(&chan->srej_list); in l2cap_chan_del()
697 l2cap_seq_list_free(&chan->retrans_list); in l2cap_chan_del()
701 skb_queue_purge(&chan->tx_q); in l2cap_chan_del()
712 list_for_each_entry_safe(chan, l, &conn->chan_l, list) { in __l2cap_chan_list_id()
713 if (chan->ident == id) in __l2cap_chan_list_id()
723 list_for_each_entry(chan, &conn->chan_l, list) { in __l2cap_chan_list()
734 mutex_lock(&conn->chan_lock); in l2cap_chan_list()
736 mutex_unlock(&conn->chan_lock); in l2cap_chan_list()
745 struct hci_conn *hcon = conn->hcon; in l2cap_conn_update_id_addr()
748 mutex_lock(&conn->chan_lock); in l2cap_conn_update_id_addr()
750 list_for_each_entry(chan, &conn->chan_l, list) { in l2cap_conn_update_id_addr()
752 bacpy(&chan->dst, &hcon->dst); in l2cap_conn_update_id_addr()
753 chan->dst_type = bdaddr_dst_type(hcon); in l2cap_conn_update_id_addr()
757 mutex_unlock(&conn->chan_lock); in l2cap_conn_update_id_addr()
762 struct l2cap_conn *conn = chan->conn; in l2cap_chan_le_connect_reject()
766 if (test_bit(FLAG_DEFER_SETUP, &chan->flags)) in l2cap_chan_le_connect_reject()
773 rsp.dcid = cpu_to_le16(chan->scid); in l2cap_chan_le_connect_reject()
774 rsp.mtu = cpu_to_le16(chan->imtu); in l2cap_chan_le_connect_reject()
775 rsp.mps = cpu_to_le16(chan->mps); in l2cap_chan_le_connect_reject()
776 rsp.credits = cpu_to_le16(chan->rx_credits); in l2cap_chan_le_connect_reject()
779 l2cap_send_cmd(conn, chan->ident, L2CAP_LE_CONN_RSP, sizeof(rsp), in l2cap_chan_le_connect_reject()
792 struct l2cap_conn *conn = chan->conn; in l2cap_chan_connect_reject()
796 if (test_bit(FLAG_DEFER_SETUP, &chan->flags)) in l2cap_chan_connect_reject()
803 rsp.scid = cpu_to_le16(chan->dcid); in l2cap_chan_connect_reject()
804 rsp.dcid = cpu_to_le16(chan->scid); in l2cap_chan_connect_reject()
808 l2cap_send_cmd(conn, chan->ident, L2CAP_CONN_RSP, sizeof(rsp), &rsp); in l2cap_chan_connect_reject()
813 struct l2cap_conn *conn = chan->conn; in l2cap_chan_close()
815 BT_DBG("chan %p state %s", chan, state_to_string(chan->state)); in l2cap_chan_close()
817 switch (chan->state) { in l2cap_chan_close()
819 chan->ops->teardown(chan, 0); in l2cap_chan_close()
824 if (chan->chan_type == L2CAP_CHAN_CONN_ORIENTED) { in l2cap_chan_close()
825 __set_chan_timer(chan, chan->ops->get_sndtimeo(chan)); in l2cap_chan_close()
832 if (chan->chan_type == L2CAP_CHAN_CONN_ORIENTED) { in l2cap_chan_close()
833 if (conn->hcon->type == ACL_LINK) in l2cap_chan_close()
835 else if (conn->hcon->type == LE_LINK) { in l2cap_chan_close()
836 switch (chan->mode) { in l2cap_chan_close()
856 chan->ops->teardown(chan, 0); in l2cap_chan_close()
864 switch (chan->chan_type) { in l2cap_get_auth_type()
866 switch (chan->sec_level) { in l2cap_get_auth_type()
877 if (chan->psm == cpu_to_le16(L2CAP_PSM_3DSP)) { in l2cap_get_auth_type()
878 if (chan->sec_level == BT_SECURITY_LOW) in l2cap_get_auth_type()
879 chan->sec_level = BT_SECURITY_SDP; in l2cap_get_auth_type()
881 if (chan->sec_level == BT_SECURITY_HIGH || in l2cap_get_auth_type()
882 chan->sec_level == BT_SECURITY_FIPS) in l2cap_get_auth_type()
888 if (chan->psm == cpu_to_le16(L2CAP_PSM_SDP)) { in l2cap_get_auth_type()
889 if (chan->sec_level == BT_SECURITY_LOW) in l2cap_get_auth_type()
890 chan->sec_level = BT_SECURITY_SDP; in l2cap_get_auth_type()
892 if (chan->sec_level == BT_SECURITY_HIGH || in l2cap_get_auth_type()
893 chan->sec_level == BT_SECURITY_FIPS) in l2cap_get_auth_type()
901 switch (chan->sec_level) { in l2cap_get_auth_type()
917 struct l2cap_conn *conn = chan->conn; in l2cap_chan_check_security()
920 if (conn->hcon->type == LE_LINK) in l2cap_chan_check_security()
921 return smp_conn_security(conn->hcon, chan->sec_level); in l2cap_chan_check_security()
925 return hci_conn_security(conn->hcon, chan->sec_level, auth_type, in l2cap_chan_check_security()
934 * 1 - 128 are used by kernel. in l2cap_get_ident()
935 * 129 - 199 are reserved. in l2cap_get_ident()
936 * 200 - 254 are used by utilities like l2ping, etc. in l2cap_get_ident()
939 mutex_lock(&conn->ident_lock); in l2cap_get_ident()
941 if (++conn->tx_ident > 128) in l2cap_get_ident()
942 conn->tx_ident = 1; in l2cap_get_ident()
944 id = conn->tx_ident; in l2cap_get_ident()
946 mutex_unlock(&conn->ident_lock); in l2cap_get_ident()
963 * not support auto-flushing packets) */ in l2cap_send_cmd()
964 if (lmp_no_flush_capable(conn->hcon->hdev) || in l2cap_send_cmd()
965 conn->hcon->type == LE_LINK) in l2cap_send_cmd()
970 bt_cb(skb)->force_active = BT_POWER_FORCE_ACTIVE_ON; in l2cap_send_cmd()
971 skb->priority = HCI_PRIO_MAX; in l2cap_send_cmd()
973 hci_send_acl(conn->hchan, skb, flags); in l2cap_send_cmd()
978 struct hci_conn *hcon = chan->conn->hcon; in l2cap_do_send()
981 BT_DBG("chan %p, skb %p len %d priority %u", chan, skb, skb->len, in l2cap_do_send()
982 skb->priority); in l2cap_do_send()
988 if (hcon->type == LE_LINK || in l2cap_do_send()
989 (!test_bit(FLAG_FLUSHABLE, &chan->flags) && in l2cap_do_send()
990 lmp_no_flush_capable(hcon->hdev))) in l2cap_do_send()
995 bt_cb(skb)->force_active = test_bit(FLAG_FORCE_ACTIVE, &chan->flags); in l2cap_do_send()
996 hci_send_acl(chan->conn->hchan, skb, flags); in l2cap_do_send()
1001 control->reqseq = (enh & L2CAP_CTRL_REQSEQ) >> L2CAP_CTRL_REQSEQ_SHIFT; in __unpack_enhanced_control()
1002 control->final = (enh & L2CAP_CTRL_FINAL) >> L2CAP_CTRL_FINAL_SHIFT; in __unpack_enhanced_control()
1005 /* S-Frame */ in __unpack_enhanced_control()
1006 control->sframe = 1; in __unpack_enhanced_control()
1007 control->poll = (enh & L2CAP_CTRL_POLL) >> L2CAP_CTRL_POLL_SHIFT; in __unpack_enhanced_control()
1008 control->super = (enh & L2CAP_CTRL_SUPERVISE) >> L2CAP_CTRL_SUPER_SHIFT; in __unpack_enhanced_control()
1010 control->sar = 0; in __unpack_enhanced_control()
1011 control->txseq = 0; in __unpack_enhanced_control()
1013 /* I-Frame */ in __unpack_enhanced_control()
1014 control->sframe = 0; in __unpack_enhanced_control()
1015 control->sar = (enh & L2CAP_CTRL_SAR) >> L2CAP_CTRL_SAR_SHIFT; in __unpack_enhanced_control()
1016 control->txseq = (enh & L2CAP_CTRL_TXSEQ) >> L2CAP_CTRL_TXSEQ_SHIFT; in __unpack_enhanced_control()
1018 control->poll = 0; in __unpack_enhanced_control()
1019 control->super = 0; in __unpack_enhanced_control()
1025 control->reqseq = (ext & L2CAP_EXT_CTRL_REQSEQ) >> L2CAP_EXT_CTRL_REQSEQ_SHIFT; in __unpack_extended_control()
1026 control->final = (ext & L2CAP_EXT_CTRL_FINAL) >> L2CAP_EXT_CTRL_FINAL_SHIFT; in __unpack_extended_control()
1029 /* S-Frame */ in __unpack_extended_control()
1030 control->sframe = 1; in __unpack_extended_control()
1031 control->poll = (ext & L2CAP_EXT_CTRL_POLL) >> L2CAP_EXT_CTRL_POLL_SHIFT; in __unpack_extended_control()
1032 control->super = (ext & L2CAP_EXT_CTRL_SUPERVISE) >> L2CAP_EXT_CTRL_SUPER_SHIFT; in __unpack_extended_control()
1034 control->sar = 0; in __unpack_extended_control()
1035 control->txseq = 0; in __unpack_extended_control()
1037 /* I-Frame */ in __unpack_extended_control()
1038 control->sframe = 0; in __unpack_extended_control()
1039 control->sar = (ext & L2CAP_EXT_CTRL_SAR) >> L2CAP_EXT_CTRL_SAR_SHIFT; in __unpack_extended_control()
1040 control->txseq = (ext & L2CAP_EXT_CTRL_TXSEQ) >> L2CAP_EXT_CTRL_TXSEQ_SHIFT; in __unpack_extended_control()
1042 control->poll = 0; in __unpack_extended_control()
1043 control->super = 0; in __unpack_extended_control()
1050 if (test_bit(FLAG_EXT_CTRL, &chan->flags)) { in __unpack_control()
1051 __unpack_extended_control(get_unaligned_le32(skb->data), in __unpack_control()
1052 &bt_cb(skb)->l2cap); in __unpack_control()
1055 __unpack_enhanced_control(get_unaligned_le16(skb->data), in __unpack_control()
1056 &bt_cb(skb)->l2cap); in __unpack_control()
1065 packed = control->reqseq << L2CAP_EXT_CTRL_REQSEQ_SHIFT; in __pack_extended_control()
1066 packed |= control->final << L2CAP_EXT_CTRL_FINAL_SHIFT; in __pack_extended_control()
1068 if (control->sframe) { in __pack_extended_control()
1069 packed |= control->poll << L2CAP_EXT_CTRL_POLL_SHIFT; in __pack_extended_control()
1070 packed |= control->super << L2CAP_EXT_CTRL_SUPER_SHIFT; in __pack_extended_control()
1073 packed |= control->sar << L2CAP_EXT_CTRL_SAR_SHIFT; in __pack_extended_control()
1074 packed |= control->txseq << L2CAP_EXT_CTRL_TXSEQ_SHIFT; in __pack_extended_control()
1084 packed = control->reqseq << L2CAP_CTRL_REQSEQ_SHIFT; in __pack_enhanced_control()
1085 packed |= control->final << L2CAP_CTRL_FINAL_SHIFT; in __pack_enhanced_control()
1087 if (control->sframe) { in __pack_enhanced_control()
1088 packed |= control->poll << L2CAP_CTRL_POLL_SHIFT; in __pack_enhanced_control()
1089 packed |= control->super << L2CAP_CTRL_SUPER_SHIFT; in __pack_enhanced_control()
1092 packed |= control->sar << L2CAP_CTRL_SAR_SHIFT; in __pack_enhanced_control()
1093 packed |= control->txseq << L2CAP_CTRL_TXSEQ_SHIFT; in __pack_enhanced_control()
1103 if (test_bit(FLAG_EXT_CTRL, &chan->flags)) { in __pack_control()
1105 skb->data + L2CAP_HDR_SIZE); in __pack_control()
1108 skb->data + L2CAP_HDR_SIZE); in __pack_control()
1114 if (test_bit(FLAG_EXT_CTRL, &chan->flags)) in __ertm_hdr_size()
1127 if (chan->fcs == L2CAP_FCS_CRC16) in l2cap_create_sframe_pdu()
1133 return ERR_PTR(-ENOMEM); in l2cap_create_sframe_pdu()
1136 lh->len = cpu_to_le16(hlen - L2CAP_HDR_SIZE); in l2cap_create_sframe_pdu()
1137 lh->cid = cpu_to_le16(chan->dcid); in l2cap_create_sframe_pdu()
1139 if (test_bit(FLAG_EXT_CTRL, &chan->flags)) in l2cap_create_sframe_pdu()
1144 if (chan->fcs == L2CAP_FCS_CRC16) { in l2cap_create_sframe_pdu()
1145 u16 fcs = crc16(0, (u8 *)skb->data, skb->len); in l2cap_create_sframe_pdu()
1149 skb->priority = HCI_PRIO_MAX; in l2cap_create_sframe_pdu()
1161 if (!control->sframe) in l2cap_send_sframe()
1164 if (test_and_clear_bit(CONN_SEND_FBIT, &chan->conn_state) && in l2cap_send_sframe()
1165 !control->poll) in l2cap_send_sframe()
1166 control->final = 1; in l2cap_send_sframe()
1168 if (control->super == L2CAP_SUPER_RR) in l2cap_send_sframe()
1169 clear_bit(CONN_RNR_SENT, &chan->conn_state); in l2cap_send_sframe()
1170 else if (control->super == L2CAP_SUPER_RNR) in l2cap_send_sframe()
1171 set_bit(CONN_RNR_SENT, &chan->conn_state); in l2cap_send_sframe()
1173 if (control->super != L2CAP_SUPER_SREJ) { in l2cap_send_sframe()
1174 chan->last_acked_seq = control->reqseq; in l2cap_send_sframe()
1178 BT_DBG("reqseq %d, final %d, poll %d, super %d", control->reqseq, in l2cap_send_sframe()
1179 control->final, control->poll, control->super); in l2cap_send_sframe()
1181 if (test_bit(FLAG_EXT_CTRL, &chan->flags)) in l2cap_send_sframe()
1201 if (test_bit(CONN_LOCAL_BUSY, &chan->conn_state)) in l2cap_send_rr_or_rnr()
1206 control.reqseq = chan->buffer_seq; in l2cap_send_rr_or_rnr()
1212 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED) in __l2cap_no_conn_pending()
1215 return !test_bit(CONF_CONNECT_PEND, &chan->conf_state); in __l2cap_no_conn_pending()
1220 struct l2cap_conn *conn = chan->conn; in l2cap_send_conn_req()
1223 req.scid = cpu_to_le16(chan->scid); in l2cap_send_conn_req()
1224 req.psm = chan->psm; in l2cap_send_conn_req()
1226 chan->ident = l2cap_get_ident(conn); in l2cap_send_conn_req()
1228 set_bit(CONF_CONNECT_PEND, &chan->conf_state); in l2cap_send_conn_req()
1230 l2cap_send_cmd(conn, chan->ident, L2CAP_CONN_REQ, sizeof(req), &req); in l2cap_send_conn_req()
1239 if (chan->state == BT_CONNECTED) in l2cap_chan_ready()
1243 chan->conf_state = 0; in l2cap_chan_ready()
1246 switch (chan->mode) { in l2cap_chan_ready()
1249 if (!chan->tx_credits) in l2cap_chan_ready()
1250 chan->ops->suspend(chan); in l2cap_chan_ready()
1254 chan->state = BT_CONNECTED; in l2cap_chan_ready()
1256 chan->ops->ready(chan); in l2cap_chan_ready()
1261 struct l2cap_conn *conn = chan->conn; in l2cap_le_connect()
1264 if (test_and_set_bit(FLAG_LE_CONN_REQ_SENT, &chan->flags)) in l2cap_le_connect()
1267 if (!chan->imtu) in l2cap_le_connect()
1268 chan->imtu = chan->conn->mtu; in l2cap_le_connect()
1273 req.psm = chan->psm; in l2cap_le_connect()
1274 req.scid = cpu_to_le16(chan->scid); in l2cap_le_connect()
1275 req.mtu = cpu_to_le16(chan->imtu); in l2cap_le_connect()
1276 req.mps = cpu_to_le16(chan->mps); in l2cap_le_connect()
1277 req.credits = cpu_to_le16(chan->rx_credits); in l2cap_le_connect()
1279 chan->ident = l2cap_get_ident(conn); in l2cap_le_connect()
1281 l2cap_send_cmd(conn, chan->ident, L2CAP_LE_CONN_REQ, in l2cap_le_connect()
1300 if (chan == conn->chan) in l2cap_ecred_defer_connect()
1303 if (!test_and_clear_bit(FLAG_DEFER_SETUP, &chan->flags)) in l2cap_ecred_defer_connect()
1306 pid = chan->ops->get_peer_pid(chan); in l2cap_ecred_defer_connect()
1309 if (conn->pid != pid || chan->psm != conn->chan->psm || chan->ident || in l2cap_ecred_defer_connect()
1310 chan->mode != L2CAP_MODE_EXT_FLOWCTL || chan->state != BT_CONNECT) in l2cap_ecred_defer_connect()
1313 if (test_and_set_bit(FLAG_ECRED_CONN_REQ_SENT, &chan->flags)) in l2cap_ecred_defer_connect()
1319 chan->ident = conn->chan->ident; in l2cap_ecred_defer_connect()
1322 conn->pdu.scid[conn->count] = cpu_to_le16(chan->scid); in l2cap_ecred_defer_connect()
1324 conn->count++; in l2cap_ecred_defer_connect()
1329 struct l2cap_conn *conn = chan->conn; in l2cap_ecred_connect()
1332 if (test_bit(FLAG_DEFER_SETUP, &chan->flags)) in l2cap_ecred_connect()
1335 if (test_and_set_bit(FLAG_ECRED_CONN_REQ_SENT, &chan->flags)) in l2cap_ecred_connect()
1341 data.pdu.req.psm = chan->psm; in l2cap_ecred_connect()
1342 data.pdu.req.mtu = cpu_to_le16(chan->imtu); in l2cap_ecred_connect()
1343 data.pdu.req.mps = cpu_to_le16(chan->mps); in l2cap_ecred_connect()
1344 data.pdu.req.credits = cpu_to_le16(chan->rx_credits); in l2cap_ecred_connect()
1345 data.pdu.scid[0] = cpu_to_le16(chan->scid); in l2cap_ecred_connect()
1347 chan->ident = l2cap_get_ident(conn); in l2cap_ecred_connect()
1351 data.pid = chan->ops->get_peer_pid(chan); in l2cap_ecred_connect()
1355 l2cap_send_cmd(conn, chan->ident, L2CAP_ECRED_CONN_REQ, in l2cap_ecred_connect()
1362 struct l2cap_conn *conn = chan->conn; in l2cap_le_start()
1364 if (!smp_conn_security(conn->hcon, chan->sec_level)) in l2cap_le_start()
1367 if (!chan->psm) { in l2cap_le_start()
1372 if (chan->state == BT_CONNECT) { in l2cap_le_start()
1373 if (chan->mode == L2CAP_MODE_EXT_FLOWCTL) in l2cap_le_start()
1382 if (chan->conn->hcon->type == LE_LINK) { in l2cap_start_connection()
1393 if (conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_SENT) in l2cap_request_info()
1398 conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_SENT; in l2cap_request_info()
1399 conn->info_ident = l2cap_get_ident(conn); in l2cap_request_info()
1401 schedule_delayed_work(&conn->info_timer, L2CAP_INFO_TIMEOUT); in l2cap_request_info()
1403 l2cap_send_cmd(conn, conn->info_ident, L2CAP_INFO_REQ, in l2cap_request_info()
1418 int min_key_size = hcon->hdev->min_enc_key_size; in l2cap_check_enc_key_size()
1421 if (hcon->sec_level == BT_SECURITY_FIPS) in l2cap_check_enc_key_size()
1424 return (!test_bit(HCI_CONN_ENCRYPT, &hcon->flags) || in l2cap_check_enc_key_size()
1425 hcon->enc_key_size >= min_key_size); in l2cap_check_enc_key_size()
1430 struct l2cap_conn *conn = chan->conn; in l2cap_do_start()
1432 if (conn->hcon->type == LE_LINK) { in l2cap_do_start()
1437 if (!(conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_SENT)) { in l2cap_do_start()
1442 if (!(conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_DONE)) in l2cap_do_start()
1449 if (l2cap_check_enc_key_size(conn->hcon)) in l2cap_do_start()
1473 struct l2cap_conn *conn = chan->conn; in l2cap_send_disconn_req()
1479 if (chan->mode == L2CAP_MODE_ERTM && chan->state == BT_CONNECTED) { in l2cap_send_disconn_req()
1485 req.dcid = cpu_to_le16(chan->dcid); in l2cap_send_disconn_req()
1486 req.scid = cpu_to_le16(chan->scid); in l2cap_send_disconn_req()
1493 /* ---- L2CAP connections ---- */
1500 mutex_lock(&conn->chan_lock); in l2cap_conn_start()
1502 list_for_each_entry_safe(chan, tmp, &conn->chan_l, list) { in l2cap_conn_start()
1505 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED) { in l2cap_conn_start()
1511 if (chan->state == BT_CONNECT) { in l2cap_conn_start()
1518 if (!l2cap_mode_supported(chan->mode, conn->feat_mask) in l2cap_conn_start()
1520 &chan->conf_state)) { in l2cap_conn_start()
1526 if (l2cap_check_enc_key_size(conn->hcon)) in l2cap_conn_start()
1531 } else if (chan->state == BT_CONNECT2) { in l2cap_conn_start()
1534 rsp.scid = cpu_to_le16(chan->dcid); in l2cap_conn_start()
1535 rsp.dcid = cpu_to_le16(chan->scid); in l2cap_conn_start()
1538 if (test_bit(FLAG_DEFER_SETUP, &chan->flags)) { in l2cap_conn_start()
1541 chan->ops->defer(chan); in l2cap_conn_start()
1553 l2cap_send_cmd(conn, chan->ident, L2CAP_CONN_RSP, in l2cap_conn_start()
1556 if (test_bit(CONF_REQ_SENT, &chan->conf_state) || in l2cap_conn_start()
1562 set_bit(CONF_REQ_SENT, &chan->conf_state); in l2cap_conn_start()
1565 chan->num_conf_req++; in l2cap_conn_start()
1571 mutex_unlock(&conn->chan_lock); in l2cap_conn_start()
1576 struct hci_conn *hcon = conn->hcon; in l2cap_le_conn_ready()
1577 struct hci_dev *hdev = hcon->hdev; in l2cap_le_conn_ready()
1579 BT_DBG("%s conn %p", hdev->name, conn); in l2cap_le_conn_ready()
1584 if (hcon->out) in l2cap_le_conn_ready()
1585 smp_conn_security(hcon, hcon->pending_sec_level); in l2cap_le_conn_ready()
1592 if (hcon->role == HCI_ROLE_SLAVE && in l2cap_le_conn_ready()
1593 (hcon->le_conn_interval < hcon->le_conn_min_interval || in l2cap_le_conn_ready()
1594 hcon->le_conn_interval > hcon->le_conn_max_interval)) { in l2cap_le_conn_ready()
1597 req.min = cpu_to_le16(hcon->le_conn_min_interval); in l2cap_le_conn_ready()
1598 req.max = cpu_to_le16(hcon->le_conn_max_interval); in l2cap_le_conn_ready()
1599 req.latency = cpu_to_le16(hcon->le_conn_latency); in l2cap_le_conn_ready()
1600 req.to_multiplier = cpu_to_le16(hcon->le_supv_timeout); in l2cap_le_conn_ready()
1610 struct hci_conn *hcon = conn->hcon; in l2cap_conn_ready()
1614 if (hcon->type == ACL_LINK) in l2cap_conn_ready()
1617 mutex_lock(&conn->chan_lock); in l2cap_conn_ready()
1619 list_for_each_entry(chan, &conn->chan_l, list) { in l2cap_conn_ready()
1623 if (hcon->type == LE_LINK) { in l2cap_conn_ready()
1625 } else if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED) { in l2cap_conn_ready()
1626 if (conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_DONE) in l2cap_conn_ready()
1628 } else if (chan->state == BT_CONNECT) { in l2cap_conn_ready()
1635 mutex_unlock(&conn->chan_lock); in l2cap_conn_ready()
1637 if (hcon->type == LE_LINK) in l2cap_conn_ready()
1640 queue_work(hcon->hdev->workqueue, &conn->pending_rx_work); in l2cap_conn_ready()
1650 mutex_lock(&conn->chan_lock); in l2cap_conn_unreliable()
1652 list_for_each_entry(chan, &conn->chan_l, list) { in l2cap_conn_unreliable()
1653 if (test_bit(FLAG_FORCE_RELIABLE, &chan->flags)) in l2cap_conn_unreliable()
1657 mutex_unlock(&conn->chan_lock); in l2cap_conn_unreliable()
1665 conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_DONE; in l2cap_info_timeout()
1666 conn->info_ident = 0; in l2cap_info_timeout()
1673 * External modules can register l2cap_user objects on l2cap_conn. The ->probe
1674 * callback is called during registration. The ->remove callback is called
1677 * underlying l2cap_conn object is deleted. This guarantees that l2cap->hcon,
1678 * l2cap->hchan, .. are valid as long as the remove callback hasn't been called.
1686 struct hci_dev *hdev = conn->hcon->hdev; in l2cap_register_user()
1698 if (!list_empty(&user->list)) { in l2cap_register_user()
1699 ret = -EINVAL; in l2cap_register_user()
1703 /* conn->hchan is NULL after l2cap_conn_del() was called */ in l2cap_register_user()
1704 if (!conn->hchan) { in l2cap_register_user()
1705 ret = -ENODEV; in l2cap_register_user()
1709 ret = user->probe(conn, user); in l2cap_register_user()
1713 list_add(&user->list, &conn->users); in l2cap_register_user()
1724 struct hci_dev *hdev = conn->hcon->hdev; in l2cap_unregister_user()
1728 if (list_empty(&user->list)) in l2cap_unregister_user()
1731 list_del_init(&user->list); in l2cap_unregister_user()
1732 user->remove(conn, user); in l2cap_unregister_user()
1743 while (!list_empty(&conn->users)) { in l2cap_unregister_all_users()
1744 user = list_first_entry(&conn->users, struct l2cap_user, list); in l2cap_unregister_all_users()
1745 list_del_init(&user->list); in l2cap_unregister_all_users()
1746 user->remove(conn, user); in l2cap_unregister_all_users()
1752 struct l2cap_conn *conn = hcon->l2cap_data; in l2cap_conn_del()
1760 kfree_skb(conn->rx_skb); in l2cap_conn_del()
1762 skb_queue_purge(&conn->pending_rx); in l2cap_conn_del()
1764 /* We can not call flush_work(&conn->pending_rx_work) here since we in l2cap_conn_del()
1768 if (work_pending(&conn->pending_rx_work)) in l2cap_conn_del()
1769 cancel_work_sync(&conn->pending_rx_work); in l2cap_conn_del()
1771 cancel_delayed_work_sync(&conn->id_addr_timer); in l2cap_conn_del()
1776 hcon->disc_timeout = 0; in l2cap_conn_del()
1778 mutex_lock(&conn->chan_lock); in l2cap_conn_del()
1781 list_for_each_entry_safe(chan, l, &conn->chan_l, list) { in l2cap_conn_del()
1787 chan->ops->close(chan); in l2cap_conn_del()
1793 mutex_unlock(&conn->chan_lock); in l2cap_conn_del()
1795 hci_chan_del(conn->hchan); in l2cap_conn_del()
1797 if (conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_SENT) in l2cap_conn_del()
1798 cancel_delayed_work_sync(&conn->info_timer); in l2cap_conn_del()
1800 hcon->l2cap_data = NULL; in l2cap_conn_del()
1801 conn->hchan = NULL; in l2cap_conn_del()
1809 hci_conn_put(conn->hcon); in l2cap_conn_free()
1815 kref_get(&conn->ref); in l2cap_conn_get()
1822 kref_put(&conn->ref, l2cap_conn_free); in l2cap_conn_put()
1826 /* ---- Socket interface ---- */
1841 if (state && c->state != state) in l2cap_global_chan_by_psm()
1844 if (link_type == ACL_LINK && c->src_type != BDADDR_BREDR) in l2cap_global_chan_by_psm()
1847 if (link_type == LE_LINK && c->src_type == BDADDR_BREDR) in l2cap_global_chan_by_psm()
1850 if (c->chan_type != L2CAP_CHAN_FIXED && c->psm == psm) { in l2cap_global_chan_by_psm()
1855 src_match = !bacmp(&c->src, src); in l2cap_global_chan_by_psm()
1856 dst_match = !bacmp(&c->dst, dst); in l2cap_global_chan_by_psm()
1866 src_any = !bacmp(&c->src, BDADDR_ANY); in l2cap_global_chan_by_psm()
1867 dst_any = !bacmp(&c->dst, BDADDR_ANY); in l2cap_global_chan_by_psm()
1891 if (!chan->conn) { in l2cap_monitor_timeout()
1912 if (!chan->conn) { in l2cap_retrans_timeout()
1931 skb_queue_splice_tail_init(skbs, &chan->tx_q); in l2cap_streaming_send()
1933 while (!skb_queue_empty(&chan->tx_q)) { in l2cap_streaming_send()
1935 skb = skb_dequeue(&chan->tx_q); in l2cap_streaming_send()
1937 bt_cb(skb)->l2cap.retries = 1; in l2cap_streaming_send()
1938 control = &bt_cb(skb)->l2cap; in l2cap_streaming_send()
1940 control->reqseq = 0; in l2cap_streaming_send()
1941 control->txseq = chan->next_tx_seq; in l2cap_streaming_send()
1945 if (chan->fcs == L2CAP_FCS_CRC16) { in l2cap_streaming_send()
1946 u16 fcs = crc16(0, (u8 *) skb->data, skb->len); in l2cap_streaming_send()
1952 BT_DBG("Sent txseq %u", control->txseq); in l2cap_streaming_send()
1954 chan->next_tx_seq = __next_seq(chan, chan->next_tx_seq); in l2cap_streaming_send()
1955 chan->frames_sent++; in l2cap_streaming_send()
1967 if (chan->state != BT_CONNECTED) in l2cap_ertm_send()
1968 return -ENOTCONN; in l2cap_ertm_send()
1970 if (test_bit(CONN_REMOTE_BUSY, &chan->conn_state)) in l2cap_ertm_send()
1973 while (chan->tx_send_head && in l2cap_ertm_send()
1974 chan->unacked_frames < chan->remote_tx_win && in l2cap_ertm_send()
1975 chan->tx_state == L2CAP_TX_STATE_XMIT) { in l2cap_ertm_send()
1977 skb = chan->tx_send_head; in l2cap_ertm_send()
1979 bt_cb(skb)->l2cap.retries = 1; in l2cap_ertm_send()
1980 control = &bt_cb(skb)->l2cap; in l2cap_ertm_send()
1982 if (test_and_clear_bit(CONN_SEND_FBIT, &chan->conn_state)) in l2cap_ertm_send()
1983 control->final = 1; in l2cap_ertm_send()
1985 control->reqseq = chan->buffer_seq; in l2cap_ertm_send()
1986 chan->last_acked_seq = chan->buffer_seq; in l2cap_ertm_send()
1987 control->txseq = chan->next_tx_seq; in l2cap_ertm_send()
1991 if (chan->fcs == L2CAP_FCS_CRC16) { in l2cap_ertm_send()
1992 u16 fcs = crc16(0, (u8 *) skb->data, skb->len); in l2cap_ertm_send()
1997 read-only (for locking purposes) on cloned sk_buffs. in l2cap_ertm_send()
2006 chan->next_tx_seq = __next_seq(chan, chan->next_tx_seq); in l2cap_ertm_send()
2007 chan->unacked_frames++; in l2cap_ertm_send()
2008 chan->frames_sent++; in l2cap_ertm_send()
2011 if (skb_queue_is_last(&chan->tx_q, skb)) in l2cap_ertm_send()
2012 chan->tx_send_head = NULL; in l2cap_ertm_send()
2014 chan->tx_send_head = skb_queue_next(&chan->tx_q, skb); in l2cap_ertm_send()
2017 BT_DBG("Sent txseq %u", control->txseq); in l2cap_ertm_send()
2021 chan->unacked_frames, skb_queue_len(&chan->tx_q)); in l2cap_ertm_send()
2035 if (test_bit(CONN_REMOTE_BUSY, &chan->conn_state)) in l2cap_ertm_resend()
2038 while (chan->retrans_list.head != L2CAP_SEQ_LIST_CLEAR) { in l2cap_ertm_resend()
2039 seq = l2cap_seq_list_pop(&chan->retrans_list); in l2cap_ertm_resend()
2041 skb = l2cap_ertm_seq_in_queue(&chan->tx_q, seq); in l2cap_ertm_resend()
2048 bt_cb(skb)->l2cap.retries++; in l2cap_ertm_resend()
2049 control = bt_cb(skb)->l2cap; in l2cap_ertm_resend()
2051 if (chan->max_tx != 0 && in l2cap_ertm_resend()
2052 bt_cb(skb)->l2cap.retries > chan->max_tx) { in l2cap_ertm_resend()
2053 BT_DBG("Retry limit exceeded (%d)", chan->max_tx); in l2cap_ertm_resend()
2055 l2cap_seq_list_clear(&chan->retrans_list); in l2cap_ertm_resend()
2059 control.reqseq = chan->buffer_seq; in l2cap_ertm_resend()
2060 if (test_and_clear_bit(CONN_SEND_FBIT, &chan->conn_state)) in l2cap_ertm_resend()
2066 /* Cloned sk_buffs are read-only, so we need a in l2cap_ertm_resend()
2075 l2cap_seq_list_clear(&chan->retrans_list); in l2cap_ertm_resend()
2080 if (test_bit(FLAG_EXT_CTRL, &chan->flags)) { in l2cap_ertm_resend()
2082 tx_skb->data + L2CAP_HDR_SIZE); in l2cap_ertm_resend()
2085 tx_skb->data + L2CAP_HDR_SIZE); in l2cap_ertm_resend()
2089 if (chan->fcs == L2CAP_FCS_CRC16) { in l2cap_ertm_resend()
2090 u16 fcs = crc16(0, (u8 *) tx_skb->data, in l2cap_ertm_resend()
2091 tx_skb->len - L2CAP_FCS_SIZE); in l2cap_ertm_resend()
2092 put_unaligned_le16(fcs, skb_tail_pointer(tx_skb) - in l2cap_ertm_resend()
2100 chan->last_acked_seq = chan->buffer_seq; in l2cap_ertm_resend()
2109 l2cap_seq_list_append(&chan->retrans_list, control->reqseq); in l2cap_retransmit()
2120 if (control->poll) in l2cap_retransmit_all()
2121 set_bit(CONN_SEND_FBIT, &chan->conn_state); in l2cap_retransmit_all()
2123 l2cap_seq_list_clear(&chan->retrans_list); in l2cap_retransmit_all()
2125 if (test_bit(CONN_REMOTE_BUSY, &chan->conn_state)) in l2cap_retransmit_all()
2128 if (chan->unacked_frames) { in l2cap_retransmit_all()
2129 skb_queue_walk(&chan->tx_q, skb) { in l2cap_retransmit_all()
2130 if (bt_cb(skb)->l2cap.txseq == control->reqseq || in l2cap_retransmit_all()
2131 skb == chan->tx_send_head) in l2cap_retransmit_all()
2135 skb_queue_walk_from(&chan->tx_q, skb) { in l2cap_retransmit_all()
2136 if (skb == chan->tx_send_head) in l2cap_retransmit_all()
2139 l2cap_seq_list_append(&chan->retrans_list, in l2cap_retransmit_all()
2140 bt_cb(skb)->l2cap.txseq); in l2cap_retransmit_all()
2150 u16 frames_to_ack = __seq_offset(chan, chan->buffer_seq, in l2cap_send_ack()
2151 chan->last_acked_seq); in l2cap_send_ack()
2152 int threshold; in l2cap_send_ack() local
2155 chan, chan->last_acked_seq, chan->buffer_seq); in l2cap_send_ack()
2160 if (test_bit(CONN_LOCAL_BUSY, &chan->conn_state) && in l2cap_send_ack()
2161 chan->rx_state == L2CAP_RX_STATE_RECV) { in l2cap_send_ack()
2164 control.reqseq = chan->buffer_seq; in l2cap_send_ack()
2167 if (!test_bit(CONN_REMOTE_BUSY, &chan->conn_state)) { in l2cap_send_ack()
2169 /* If any i-frames were sent, they included an ack */ in l2cap_send_ack()
2170 if (chan->buffer_seq == chan->last_acked_seq) in l2cap_send_ack()
2177 threshold = chan->ack_win; in l2cap_send_ack()
2178 threshold += threshold << 1; in l2cap_send_ack()
2179 threshold >>= 2; in l2cap_send_ack()
2181 BT_DBG("frames_to_ack %u, threshold %d", frames_to_ack, in l2cap_send_ack()
2182 threshold); in l2cap_send_ack()
2184 if (frames_to_ack >= threshold) { in l2cap_send_ack()
2187 control.reqseq = chan->buffer_seq; in l2cap_send_ack()
2201 struct l2cap_conn *conn = chan->conn; in l2cap_skbuff_fromiovec()
2205 if (!copy_from_iter_full(skb_put(skb, count), count, &msg->msg_iter)) in l2cap_skbuff_fromiovec()
2206 return -EFAULT; in l2cap_skbuff_fromiovec()
2209 len -= count; in l2cap_skbuff_fromiovec()
2212 frag = &skb_shinfo(skb)->frag_list; in l2cap_skbuff_fromiovec()
2216 count = min_t(unsigned int, conn->mtu, len); in l2cap_skbuff_fromiovec()
2218 tmp = chan->ops->alloc_skb(chan, 0, count, in l2cap_skbuff_fromiovec()
2219 msg->msg_flags & MSG_DONTWAIT); in l2cap_skbuff_fromiovec()
2226 &msg->msg_iter)) in l2cap_skbuff_fromiovec()
2227 return -EFAULT; in l2cap_skbuff_fromiovec()
2230 len -= count; in l2cap_skbuff_fromiovec()
2232 skb->len += (*frag)->len; in l2cap_skbuff_fromiovec()
2233 skb->data_len += (*frag)->len; in l2cap_skbuff_fromiovec()
2235 frag = &(*frag)->next; in l2cap_skbuff_fromiovec()
2244 struct l2cap_conn *conn = chan->conn; in l2cap_create_connless_pdu()
2250 __le16_to_cpu(chan->psm), len); in l2cap_create_connless_pdu()
2252 count = min_t(unsigned int, (conn->mtu - hlen), len); in l2cap_create_connless_pdu()
2254 skb = chan->ops->alloc_skb(chan, hlen, count, in l2cap_create_connless_pdu()
2255 msg->msg_flags & MSG_DONTWAIT); in l2cap_create_connless_pdu()
2261 lh->cid = cpu_to_le16(chan->dcid); in l2cap_create_connless_pdu()
2262 lh->len = cpu_to_le16(len + L2CAP_PSMLEN_SIZE); in l2cap_create_connless_pdu()
2263 put_unaligned(chan->psm, (__le16 *) skb_put(skb, L2CAP_PSMLEN_SIZE)); in l2cap_create_connless_pdu()
2276 struct l2cap_conn *conn = chan->conn; in l2cap_create_basic_pdu()
2283 count = min_t(unsigned int, (conn->mtu - L2CAP_HDR_SIZE), len); in l2cap_create_basic_pdu()
2285 skb = chan->ops->alloc_skb(chan, L2CAP_HDR_SIZE, count, in l2cap_create_basic_pdu()
2286 msg->msg_flags & MSG_DONTWAIT); in l2cap_create_basic_pdu()
2292 lh->cid = cpu_to_le16(chan->dcid); in l2cap_create_basic_pdu()
2293 lh->len = cpu_to_le16(len); in l2cap_create_basic_pdu()
2307 struct l2cap_conn *conn = chan->conn; in l2cap_create_iframe_pdu()
2315 return ERR_PTR(-ENOTCONN); in l2cap_create_iframe_pdu()
2322 if (chan->fcs == L2CAP_FCS_CRC16) in l2cap_create_iframe_pdu()
2325 count = min_t(unsigned int, (conn->mtu - hlen), len); in l2cap_create_iframe_pdu()
2327 skb = chan->ops->alloc_skb(chan, hlen, count, in l2cap_create_iframe_pdu()
2328 msg->msg_flags & MSG_DONTWAIT); in l2cap_create_iframe_pdu()
2334 lh->cid = cpu_to_le16(chan->dcid); in l2cap_create_iframe_pdu()
2335 lh->len = cpu_to_le16(len + (hlen - L2CAP_HDR_SIZE)); in l2cap_create_iframe_pdu()
2338 if (test_bit(FLAG_EXT_CTRL, &chan->flags)) in l2cap_create_iframe_pdu()
2352 bt_cb(skb)->l2cap.fcs = chan->fcs; in l2cap_create_iframe_pdu()
2353 bt_cb(skb)->l2cap.retries = 0; in l2cap_create_iframe_pdu()
2364 u8 sar; in l2cap_segment_sdu() local
2374 pdu_len = chan->conn->mtu; in l2cap_segment_sdu()
2380 if (chan->fcs) in l2cap_segment_sdu()
2381 pdu_len -= L2CAP_FCS_SIZE; in l2cap_segment_sdu()
2383 pdu_len -= __ertm_hdr_size(chan); in l2cap_segment_sdu()
2386 pdu_len = min_t(size_t, pdu_len, chan->remote_mps); in l2cap_segment_sdu()
2389 sar = L2CAP_SAR_UNSEGMENTED; in l2cap_segment_sdu()
2393 sar = L2CAP_SAR_START; in l2cap_segment_sdu()
2405 bt_cb(skb)->l2cap.sar = sar; in l2cap_segment_sdu()
2408 len -= pdu_len; in l2cap_segment_sdu()
2413 sar = L2CAP_SAR_END; in l2cap_segment_sdu()
2416 sar = L2CAP_SAR_CONTINUE; in l2cap_segment_sdu()
2427 struct l2cap_conn *conn = chan->conn; in l2cap_create_le_flowctl_pdu()
2435 return ERR_PTR(-ENOTCONN); in l2cap_create_le_flowctl_pdu()
2442 count = min_t(unsigned int, (conn->mtu - hlen), len); in l2cap_create_le_flowctl_pdu()
2444 skb = chan->ops->alloc_skb(chan, hlen, count, in l2cap_create_le_flowctl_pdu()
2445 msg->msg_flags & MSG_DONTWAIT); in l2cap_create_le_flowctl_pdu()
2451 lh->cid = cpu_to_le16(chan->dcid); in l2cap_create_le_flowctl_pdu()
2452 lh->len = cpu_to_le16(len + (hlen - L2CAP_HDR_SIZE)); in l2cap_create_le_flowctl_pdu()
2477 pdu_len = chan->remote_mps - L2CAP_SDULEN_SIZE; in l2cap_segment_le_sdu()
2491 len -= pdu_len; in l2cap_segment_le_sdu()
2508 while (chan->tx_credits && !skb_queue_empty(&chan->tx_q)) { in l2cap_le_flowctl_send()
2509 l2cap_do_send(chan, skb_dequeue(&chan->tx_q)); in l2cap_le_flowctl_send()
2510 chan->tx_credits--; in l2cap_le_flowctl_send()
2514 BT_DBG("Sent %d credits %u queued %u", sent, chan->tx_credits, in l2cap_le_flowctl_send()
2515 skb_queue_len(&chan->tx_q)); in l2cap_le_flowctl_send()
2524 if (!chan->conn) in l2cap_chan_send()
2525 return -ENOTCONN; in l2cap_chan_send()
2528 if (chan->chan_type == L2CAP_CHAN_CONN_LESS) { in l2cap_chan_send()
2537 switch (chan->mode) { in l2cap_chan_send()
2541 if (len > chan->omtu) in l2cap_chan_send()
2542 return -EMSGSIZE; in l2cap_chan_send()
2548 if (chan->state != BT_CONNECTED) { in l2cap_chan_send()
2550 err = -ENOTCONN; in l2cap_chan_send()
2556 skb_queue_splice_tail_init(&seg_queue, &chan->tx_q); in l2cap_chan_send()
2560 if (!chan->tx_credits) in l2cap_chan_send()
2561 chan->ops->suspend(chan); in l2cap_chan_send()
2569 if (len > chan->omtu) in l2cap_chan_send()
2570 return -EMSGSIZE; in l2cap_chan_send()
2584 if (len > chan->omtu) { in l2cap_chan_send()
2585 err = -EMSGSIZE; in l2cap_chan_send()
2600 if (chan->mode == L2CAP_MODE_ERTM) in l2cap_chan_send()
2614 BT_DBG("bad state %1.1x", chan->mode); in l2cap_chan_send()
2615 err = -EBADFD; in l2cap_chan_send()
2633 for (seq = chan->expected_tx_seq; seq != txseq; in l2cap_send_srej()
2635 if (!l2cap_ertm_seq_in_queue(&chan->srej_q, seq)) { in l2cap_send_srej()
2638 l2cap_seq_list_append(&chan->srej_list, seq); in l2cap_send_srej()
2642 chan->expected_tx_seq = __next_seq(chan, txseq); in l2cap_send_srej()
2651 if (chan->srej_list.tail == L2CAP_SEQ_LIST_CLEAR) in l2cap_send_srej_tail()
2657 control.reqseq = chan->srej_list.tail; in l2cap_send_srej_tail()
2674 initial_head = chan->srej_list.head; in l2cap_send_srej_list()
2677 seq = l2cap_seq_list_pop(&chan->srej_list); in l2cap_send_srej_list()
2683 l2cap_seq_list_append(&chan->srej_list, seq); in l2cap_send_srej_list()
2684 } while (chan->srej_list.head != initial_head); in l2cap_send_srej_list()
2694 if (chan->unacked_frames == 0 || reqseq == chan->expected_ack_seq) in l2cap_process_reqseq()
2698 chan->expected_ack_seq, chan->unacked_frames); in l2cap_process_reqseq()
2700 for (ackseq = chan->expected_ack_seq; ackseq != reqseq; in l2cap_process_reqseq()
2703 acked_skb = l2cap_ertm_seq_in_queue(&chan->tx_q, ackseq); in l2cap_process_reqseq()
2705 skb_unlink(acked_skb, &chan->tx_q); in l2cap_process_reqseq()
2707 chan->unacked_frames--; in l2cap_process_reqseq()
2711 chan->expected_ack_seq = reqseq; in l2cap_process_reqseq()
2713 if (chan->unacked_frames == 0) in l2cap_process_reqseq()
2716 BT_DBG("unacked_frames %u", chan->unacked_frames); in l2cap_process_reqseq()
2723 chan->expected_tx_seq = chan->buffer_seq; in l2cap_abort_rx_srej_sent()
2724 l2cap_seq_list_clear(&chan->srej_list); in l2cap_abort_rx_srej_sent()
2725 skb_queue_purge(&chan->srej_q); in l2cap_abort_rx_srej_sent()
2726 chan->rx_state = L2CAP_RX_STATE_RECV; in l2cap_abort_rx_srej_sent()
2738 if (chan->tx_send_head == NULL) in l2cap_tx_state_xmit()
2739 chan->tx_send_head = skb_peek(skbs); in l2cap_tx_state_xmit()
2741 skb_queue_splice_tail_init(skbs, &chan->tx_q); in l2cap_tx_state_xmit()
2746 set_bit(CONN_LOCAL_BUSY, &chan->conn_state); in l2cap_tx_state_xmit()
2748 if (chan->rx_state == L2CAP_RX_STATE_SREJ_SENT) { in l2cap_tx_state_xmit()
2760 clear_bit(CONN_LOCAL_BUSY, &chan->conn_state); in l2cap_tx_state_xmit()
2762 if (test_bit(CONN_RNR_SENT, &chan->conn_state)) { in l2cap_tx_state_xmit()
2769 local_control.reqseq = chan->buffer_seq; in l2cap_tx_state_xmit()
2772 chan->retry_count = 1; in l2cap_tx_state_xmit()
2774 chan->tx_state = L2CAP_TX_STATE_WAIT_F; in l2cap_tx_state_xmit()
2778 l2cap_process_reqseq(chan, control->reqseq); in l2cap_tx_state_xmit()
2782 chan->retry_count = 1; in l2cap_tx_state_xmit()
2785 chan->tx_state = L2CAP_TX_STATE_WAIT_F; in l2cap_tx_state_xmit()
2789 chan->retry_count = 1; in l2cap_tx_state_xmit()
2791 chan->tx_state = L2CAP_TX_STATE_WAIT_F; in l2cap_tx_state_xmit()
2810 if (chan->tx_send_head == NULL) in l2cap_tx_state_wait_f()
2811 chan->tx_send_head = skb_peek(skbs); in l2cap_tx_state_wait_f()
2813 skb_queue_splice_tail_init(skbs, &chan->tx_q); in l2cap_tx_state_wait_f()
2817 set_bit(CONN_LOCAL_BUSY, &chan->conn_state); in l2cap_tx_state_wait_f()
2819 if (chan->rx_state == L2CAP_RX_STATE_SREJ_SENT) { in l2cap_tx_state_wait_f()
2831 clear_bit(CONN_LOCAL_BUSY, &chan->conn_state); in l2cap_tx_state_wait_f()
2833 if (test_bit(CONN_RNR_SENT, &chan->conn_state)) { in l2cap_tx_state_wait_f()
2839 local_control.reqseq = chan->buffer_seq; in l2cap_tx_state_wait_f()
2842 chan->retry_count = 1; in l2cap_tx_state_wait_f()
2844 chan->tx_state = L2CAP_TX_STATE_WAIT_F; in l2cap_tx_state_wait_f()
2848 l2cap_process_reqseq(chan, control->reqseq); in l2cap_tx_state_wait_f()
2852 if (control && control->final) { in l2cap_tx_state_wait_f()
2854 if (chan->unacked_frames > 0) in l2cap_tx_state_wait_f()
2856 chan->retry_count = 0; in l2cap_tx_state_wait_f()
2857 chan->tx_state = L2CAP_TX_STATE_XMIT; in l2cap_tx_state_wait_f()
2858 BT_DBG("recv fbit tx_state 0x2.2%x", chan->tx_state); in l2cap_tx_state_wait_f()
2865 if (chan->max_tx == 0 || chan->retry_count < chan->max_tx) { in l2cap_tx_state_wait_f()
2868 chan->retry_count++; in l2cap_tx_state_wait_f()
2882 chan, control, skbs, event, chan->tx_state); in l2cap_tx()
2884 switch (chan->tx_state) { in l2cap_tx()
2919 mutex_lock(&conn->chan_lock); in l2cap_raw_recv()
2921 list_for_each_entry(chan, &conn->chan_l, list) { in l2cap_raw_recv()
2922 if (chan->chan_type != L2CAP_CHAN_RAW) in l2cap_raw_recv()
2926 if (bt_cb(skb)->l2cap.chan == chan) in l2cap_raw_recv()
2932 if (chan->ops->recv(chan, nskb)) in l2cap_raw_recv()
2936 mutex_unlock(&conn->chan_lock); in l2cap_raw_recv()
2939 /* ---- L2CAP signalling commands ---- */
2951 if (conn->mtu < L2CAP_HDR_SIZE + L2CAP_CMD_HDR_SIZE) in l2cap_build_cmd()
2955 count = min_t(unsigned int, conn->mtu, len); in l2cap_build_cmd()
2962 lh->len = cpu_to_le16(L2CAP_CMD_HDR_SIZE + dlen); in l2cap_build_cmd()
2964 if (conn->hcon->type == LE_LINK) in l2cap_build_cmd()
2965 lh->cid = cpu_to_le16(L2CAP_CID_LE_SIGNALING); in l2cap_build_cmd()
2967 lh->cid = cpu_to_le16(L2CAP_CID_SIGNALING); in l2cap_build_cmd()
2970 cmd->code = code; in l2cap_build_cmd()
2971 cmd->ident = ident; in l2cap_build_cmd()
2972 cmd->len = cpu_to_le16(dlen); in l2cap_build_cmd()
2975 count -= L2CAP_HDR_SIZE + L2CAP_CMD_HDR_SIZE; in l2cap_build_cmd()
2980 len -= skb->len; in l2cap_build_cmd()
2983 frag = &skb_shinfo(skb)->frag_list; in l2cap_build_cmd()
2985 count = min_t(unsigned int, conn->mtu, len); in l2cap_build_cmd()
2993 len -= count; in l2cap_build_cmd()
2996 frag = &(*frag)->next; in l2cap_build_cmd()
3012 len = L2CAP_CONF_OPT_SIZE + opt->len; in l2cap_get_conf_opt()
3015 *type = opt->type; in l2cap_get_conf_opt()
3016 *olen = opt->len; in l2cap_get_conf_opt()
3018 switch (opt->len) { in l2cap_get_conf_opt()
3020 *val = *((u8 *) opt->val); in l2cap_get_conf_opt()
3024 *val = get_unaligned_le16(opt->val); in l2cap_get_conf_opt()
3028 *val = get_unaligned_le32(opt->val); in l2cap_get_conf_opt()
3032 *val = (unsigned long) opt->val; in l2cap_get_conf_opt()
3036 BT_DBG("type 0x%2.2x len %u val 0x%lx", *type, opt->len, *val); in l2cap_get_conf_opt()
3049 opt->type = type; in l2cap_add_conf_opt()
3050 opt->len = len; in l2cap_add_conf_opt()
3054 *((u8 *) opt->val) = val; in l2cap_add_conf_opt()
3058 put_unaligned_le16(val, opt->val); in l2cap_add_conf_opt()
3062 put_unaligned_le32(val, opt->val); in l2cap_add_conf_opt()
3066 memcpy(opt->val, (void *) val, len); in l2cap_add_conf_opt()
3077 switch (chan->mode) { in l2cap_add_opt_efs()
3079 efs.id = chan->local_id; in l2cap_add_opt_efs()
3080 efs.stype = chan->local_stype; in l2cap_add_opt_efs()
3081 efs.msdu = cpu_to_le16(chan->local_msdu); in l2cap_add_opt_efs()
3082 efs.sdu_itime = cpu_to_le32(chan->local_sdu_itime); in l2cap_add_opt_efs()
3090 efs.msdu = cpu_to_le16(chan->local_msdu); in l2cap_add_opt_efs()
3091 efs.sdu_itime = cpu_to_le32(chan->local_sdu_itime); in l2cap_add_opt_efs()
3114 frames_to_ack = __seq_offset(chan, chan->buffer_seq, in l2cap_ack_timeout()
3115 chan->last_acked_seq); in l2cap_ack_timeout()
3128 chan->next_tx_seq = 0; in l2cap_ertm_init()
3129 chan->expected_tx_seq = 0; in l2cap_ertm_init()
3130 chan->expected_ack_seq = 0; in l2cap_ertm_init()
3131 chan->unacked_frames = 0; in l2cap_ertm_init()
3132 chan->buffer_seq = 0; in l2cap_ertm_init()
3133 chan->frames_sent = 0; in l2cap_ertm_init()
3134 chan->last_acked_seq = 0; in l2cap_ertm_init()
3135 chan->sdu = NULL; in l2cap_ertm_init()
3136 chan->sdu_last_frag = NULL; in l2cap_ertm_init()
3137 chan->sdu_len = 0; in l2cap_ertm_init()
3139 skb_queue_head_init(&chan->tx_q); in l2cap_ertm_init()
3141 if (chan->mode != L2CAP_MODE_ERTM) in l2cap_ertm_init()
3144 chan->rx_state = L2CAP_RX_STATE_RECV; in l2cap_ertm_init()
3145 chan->tx_state = L2CAP_TX_STATE_XMIT; in l2cap_ertm_init()
3147 skb_queue_head_init(&chan->srej_q); in l2cap_ertm_init()
3149 err = l2cap_seq_list_init(&chan->srej_list, chan->tx_win); in l2cap_ertm_init()
3153 err = l2cap_seq_list_init(&chan->retrans_list, chan->remote_tx_win); in l2cap_ertm_init()
3155 l2cap_seq_list_free(&chan->srej_list); in l2cap_ertm_init()
3175 return (conn->feat_mask & L2CAP_FEAT_EXT_WINDOW); in __l2cap_ews_supported()
3180 return (conn->feat_mask & L2CAP_FEAT_EXT_FLOW); in __l2cap_efs_supported()
3186 rfc->retrans_timeout = cpu_to_le16(L2CAP_DEFAULT_RETRANS_TO); in __l2cap_set_ertm_timeouts()
3187 rfc->monitor_timeout = cpu_to_le16(L2CAP_DEFAULT_MONITOR_TO); in __l2cap_set_ertm_timeouts()
3192 if (chan->tx_win > L2CAP_DEFAULT_TX_WINDOW && in l2cap_txwin_setup()
3193 __l2cap_ews_supported(chan->conn)) { in l2cap_txwin_setup()
3195 set_bit(FLAG_EXT_CTRL, &chan->flags); in l2cap_txwin_setup()
3196 chan->tx_win_max = L2CAP_DEFAULT_EXT_WINDOW; in l2cap_txwin_setup()
3198 chan->tx_win = min_t(u16, chan->tx_win, in l2cap_txwin_setup()
3200 chan->tx_win_max = L2CAP_DEFAULT_TX_WINDOW; in l2cap_txwin_setup()
3202 chan->ack_win = chan->tx_win; in l2cap_txwin_setup()
3207 struct hci_conn *conn = chan->conn->hcon; in l2cap_mtu_auto()
3209 chan->imtu = L2CAP_DEFAULT_MIN_MTU; in l2cap_mtu_auto()
3211 /* The 2-DH1 packet has between 2 and 56 information bytes in l2cap_mtu_auto()
3212 * (including the 2-byte payload header) in l2cap_mtu_auto()
3214 if (!(conn->pkt_type & HCI_2DH1)) in l2cap_mtu_auto()
3215 chan->imtu = 54; in l2cap_mtu_auto()
3217 /* The 3-DH1 packet has between 2 and 85 information bytes in l2cap_mtu_auto()
3218 * (including the 2-byte payload header) in l2cap_mtu_auto()
3220 if (!(conn->pkt_type & HCI_3DH1)) in l2cap_mtu_auto()
3221 chan->imtu = 83; in l2cap_mtu_auto()
3223 /* The 2-DH3 packet has between 2 and 369 information bytes in l2cap_mtu_auto()
3224 * (including the 2-byte payload header) in l2cap_mtu_auto()
3226 if (!(conn->pkt_type & HCI_2DH3)) in l2cap_mtu_auto()
3227 chan->imtu = 367; in l2cap_mtu_auto()
3229 /* The 3-DH3 packet has between 2 and 554 information bytes in l2cap_mtu_auto()
3230 * (including the 2-byte payload header) in l2cap_mtu_auto()
3232 if (!(conn->pkt_type & HCI_3DH3)) in l2cap_mtu_auto()
3233 chan->imtu = 552; in l2cap_mtu_auto()
3235 /* The 2-DH5 packet has between 2 and 681 information bytes in l2cap_mtu_auto()
3236 * (including the 2-byte payload header) in l2cap_mtu_auto()
3238 if (!(conn->pkt_type & HCI_2DH5)) in l2cap_mtu_auto()
3239 chan->imtu = 679; in l2cap_mtu_auto()
3241 /* The 3-DH5 packet has between 2 and 1023 information bytes in l2cap_mtu_auto()
3242 * (including the 2-byte payload header) in l2cap_mtu_auto()
3244 if (!(conn->pkt_type & HCI_3DH5)) in l2cap_mtu_auto()
3245 chan->imtu = 1021; in l2cap_mtu_auto()
3251 struct l2cap_conf_rfc rfc = { .mode = chan->mode }; in l2cap_build_conf_req()
3252 void *ptr = req->data; in l2cap_build_conf_req()
3258 if (chan->num_conf_req || chan->num_conf_rsp) in l2cap_build_conf_req()
3261 switch (chan->mode) { in l2cap_build_conf_req()
3264 if (test_bit(CONF_STATE2_DEVICE, &chan->conf_state)) in l2cap_build_conf_req()
3267 if (__l2cap_efs_supported(chan->conn)) in l2cap_build_conf_req()
3268 set_bit(FLAG_EFS_ENABLE, &chan->flags); in l2cap_build_conf_req()
3272 chan->mode = l2cap_select_mode(rfc.mode, chan->conn->feat_mask); in l2cap_build_conf_req()
3277 if (chan->imtu != L2CAP_DEFAULT_MTU) { in l2cap_build_conf_req()
3278 if (!chan->imtu) in l2cap_build_conf_req()
3280 l2cap_add_conf_opt(&ptr, L2CAP_CONF_MTU, 2, chan->imtu, in l2cap_build_conf_req()
3281 endptr - ptr); in l2cap_build_conf_req()
3284 switch (chan->mode) { in l2cap_build_conf_req()
3289 if (!(chan->conn->feat_mask & L2CAP_FEAT_ERTM) && in l2cap_build_conf_req()
3290 !(chan->conn->feat_mask & L2CAP_FEAT_STREAMING)) in l2cap_build_conf_req()
3301 (unsigned long) &rfc, endptr - ptr); in l2cap_build_conf_req()
3306 rfc.max_transmit = chan->max_tx; in l2cap_build_conf_req()
3310 size = min_t(u16, L2CAP_DEFAULT_MAX_PDU_SIZE, chan->conn->mtu - in l2cap_build_conf_req()
3311 L2CAP_EXT_HDR_SIZE - L2CAP_SDULEN_SIZE - in l2cap_build_conf_req()
3317 rfc.txwin_size = min_t(u16, chan->tx_win, in l2cap_build_conf_req()
3321 (unsigned long) &rfc, endptr - ptr); in l2cap_build_conf_req()
3323 if (test_bit(FLAG_EFS_ENABLE, &chan->flags)) in l2cap_build_conf_req()
3324 l2cap_add_opt_efs(&ptr, chan, endptr - ptr); in l2cap_build_conf_req()
3326 if (test_bit(FLAG_EXT_CTRL, &chan->flags)) in l2cap_build_conf_req()
3328 chan->tx_win, endptr - ptr); in l2cap_build_conf_req()
3330 if (chan->conn->feat_mask & L2CAP_FEAT_FCS) in l2cap_build_conf_req()
3331 if (chan->fcs == L2CAP_FCS_NONE || in l2cap_build_conf_req()
3332 test_bit(CONF_RECV_NO_FCS, &chan->conf_state)) { in l2cap_build_conf_req()
3333 chan->fcs = L2CAP_FCS_NONE; in l2cap_build_conf_req()
3335 chan->fcs, endptr - ptr); in l2cap_build_conf_req()
3347 size = min_t(u16, L2CAP_DEFAULT_MAX_PDU_SIZE, chan->conn->mtu - in l2cap_build_conf_req()
3348 L2CAP_EXT_HDR_SIZE - L2CAP_SDULEN_SIZE - in l2cap_build_conf_req()
3353 (unsigned long) &rfc, endptr - ptr); in l2cap_build_conf_req()
3355 if (test_bit(FLAG_EFS_ENABLE, &chan->flags)) in l2cap_build_conf_req()
3356 l2cap_add_opt_efs(&ptr, chan, endptr - ptr); in l2cap_build_conf_req()
3358 if (chan->conn->feat_mask & L2CAP_FEAT_FCS) in l2cap_build_conf_req()
3359 if (chan->fcs == L2CAP_FCS_NONE || in l2cap_build_conf_req()
3360 test_bit(CONF_RECV_NO_FCS, &chan->conf_state)) { in l2cap_build_conf_req()
3361 chan->fcs = L2CAP_FCS_NONE; in l2cap_build_conf_req()
3363 chan->fcs, endptr - ptr); in l2cap_build_conf_req()
3368 req->dcid = cpu_to_le16(chan->dcid); in l2cap_build_conf_req()
3369 req->flags = cpu_to_le16(0); in l2cap_build_conf_req()
3371 return ptr - data; in l2cap_build_conf_req()
3377 void *ptr = rsp->data; in l2cap_parse_conf_req()
3379 void *req = chan->conf_req; in l2cap_parse_conf_req()
3380 int len = chan->conf_len; in l2cap_parse_conf_req()
3393 len -= l2cap_get_conf_opt(&req, &type, &olen, &val); in l2cap_parse_conf_req()
3410 chan->flush_to = val; in l2cap_parse_conf_req()
3426 set_bit(CONF_RECV_NO_FCS, &chan->conf_state); in l2cap_parse_conf_req()
3439 return -ECONNREFUSED; in l2cap_parse_conf_req()
3445 l2cap_add_conf_opt(&ptr, (u8)type, sizeof(u8), type, endptr - ptr); in l2cap_parse_conf_req()
3450 if (chan->num_conf_rsp || chan->num_conf_req > 1) in l2cap_parse_conf_req()
3453 switch (chan->mode) { in l2cap_parse_conf_req()
3456 if (!test_bit(CONF_STATE2_DEVICE, &chan->conf_state)) { in l2cap_parse_conf_req()
3457 chan->mode = l2cap_select_mode(rfc.mode, in l2cap_parse_conf_req()
3458 chan->conn->feat_mask); in l2cap_parse_conf_req()
3463 if (__l2cap_efs_supported(chan->conn)) in l2cap_parse_conf_req()
3464 set_bit(FLAG_EFS_ENABLE, &chan->flags); in l2cap_parse_conf_req()
3466 return -ECONNREFUSED; in l2cap_parse_conf_req()
3469 if (chan->mode != rfc.mode) in l2cap_parse_conf_req()
3470 return -ECONNREFUSED; in l2cap_parse_conf_req()
3476 if (chan->mode != rfc.mode) { in l2cap_parse_conf_req()
3478 rfc.mode = chan->mode; in l2cap_parse_conf_req()
3480 if (chan->num_conf_rsp == 1) in l2cap_parse_conf_req()
3481 return -ECONNREFUSED; in l2cap_parse_conf_req()
3484 (unsigned long) &rfc, endptr - ptr); in l2cap_parse_conf_req()
3494 chan->omtu = mtu; in l2cap_parse_conf_req()
3495 set_bit(CONF_MTU_DONE, &chan->conf_state); in l2cap_parse_conf_req()
3497 l2cap_add_conf_opt(&ptr, L2CAP_CONF_MTU, 2, chan->omtu, endptr - ptr); in l2cap_parse_conf_req()
3500 if (chan->local_stype != L2CAP_SERV_NOTRAFIC && in l2cap_parse_conf_req()
3502 efs.stype != chan->local_stype) { in l2cap_parse_conf_req()
3506 if (chan->num_conf_req >= 1) in l2cap_parse_conf_req()
3507 return -ECONNREFUSED; in l2cap_parse_conf_req()
3511 (unsigned long) &efs, endptr - ptr); in l2cap_parse_conf_req()
3515 set_bit(CONF_LOC_CONF_PEND, &chan->conf_state); in l2cap_parse_conf_req()
3521 chan->fcs = L2CAP_FCS_NONE; in l2cap_parse_conf_req()
3522 set_bit(CONF_MODE_DONE, &chan->conf_state); in l2cap_parse_conf_req()
3526 if (!test_bit(CONF_EWS_RECV, &chan->conf_state)) in l2cap_parse_conf_req()
3527 chan->remote_tx_win = rfc.txwin_size; in l2cap_parse_conf_req()
3531 chan->remote_max_tx = rfc.max_transmit; in l2cap_parse_conf_req()
3534 chan->conn->mtu - L2CAP_EXT_HDR_SIZE - in l2cap_parse_conf_req()
3535 L2CAP_SDULEN_SIZE - L2CAP_FCS_SIZE); in l2cap_parse_conf_req()
3537 chan->remote_mps = size; in l2cap_parse_conf_req()
3541 set_bit(CONF_MODE_DONE, &chan->conf_state); in l2cap_parse_conf_req()
3544 sizeof(rfc), (unsigned long) &rfc, endptr - ptr); in l2cap_parse_conf_req()
3547 test_bit(FLAG_EFS_ENABLE, &chan->flags)) { in l2cap_parse_conf_req()
3548 chan->remote_id = efs.id; in l2cap_parse_conf_req()
3549 chan->remote_stype = efs.stype; in l2cap_parse_conf_req()
3550 chan->remote_msdu = le16_to_cpu(efs.msdu); in l2cap_parse_conf_req()
3551 chan->remote_flush_to = in l2cap_parse_conf_req()
3553 chan->remote_acc_lat = in l2cap_parse_conf_req()
3555 chan->remote_sdu_itime = in l2cap_parse_conf_req()
3559 (unsigned long) &efs, endptr - ptr); in l2cap_parse_conf_req()
3565 chan->conn->mtu - L2CAP_EXT_HDR_SIZE - in l2cap_parse_conf_req()
3566 L2CAP_SDULEN_SIZE - L2CAP_FCS_SIZE); in l2cap_parse_conf_req()
3568 chan->remote_mps = size; in l2cap_parse_conf_req()
3570 set_bit(CONF_MODE_DONE, &chan->conf_state); in l2cap_parse_conf_req()
3573 (unsigned long) &rfc, endptr - ptr); in l2cap_parse_conf_req()
3581 rfc.mode = chan->mode; in l2cap_parse_conf_req()
3585 set_bit(CONF_OUTPUT_DONE, &chan->conf_state); in l2cap_parse_conf_req()
3587 rsp->scid = cpu_to_le16(chan->dcid); in l2cap_parse_conf_req()
3588 rsp->result = cpu_to_le16(result); in l2cap_parse_conf_req()
3589 rsp->flags = cpu_to_le16(0); in l2cap_parse_conf_req()
3591 return ptr - data; in l2cap_parse_conf_req()
3598 void *ptr = req->data; in l2cap_parse_conf_rsp()
3608 len -= l2cap_get_conf_opt(&rsp, &type, &olen, &val); in l2cap_parse_conf_rsp()
3618 chan->imtu = L2CAP_DEFAULT_MIN_MTU; in l2cap_parse_conf_rsp()
3620 chan->imtu = val; in l2cap_parse_conf_rsp()
3621 l2cap_add_conf_opt(&ptr, L2CAP_CONF_MTU, 2, chan->imtu, in l2cap_parse_conf_rsp()
3622 endptr - ptr); in l2cap_parse_conf_rsp()
3628 chan->flush_to = val; in l2cap_parse_conf_rsp()
3630 chan->flush_to, endptr - ptr); in l2cap_parse_conf_rsp()
3637 if (test_bit(CONF_STATE2_DEVICE, &chan->conf_state) && in l2cap_parse_conf_rsp()
3638 rfc.mode != chan->mode) in l2cap_parse_conf_rsp()
3639 return -ECONNREFUSED; in l2cap_parse_conf_rsp()
3640 chan->fcs = 0; in l2cap_parse_conf_rsp()
3642 (unsigned long) &rfc, endptr - ptr); in l2cap_parse_conf_rsp()
3648 chan->ack_win = min_t(u16, val, chan->ack_win); in l2cap_parse_conf_rsp()
3650 chan->tx_win, endptr - ptr); in l2cap_parse_conf_rsp()
3657 if (chan->local_stype != L2CAP_SERV_NOTRAFIC && in l2cap_parse_conf_rsp()
3659 efs.stype != chan->local_stype) in l2cap_parse_conf_rsp()
3660 return -ECONNREFUSED; in l2cap_parse_conf_rsp()
3662 (unsigned long) &efs, endptr - ptr); in l2cap_parse_conf_rsp()
3671 &chan->conf_state); in l2cap_parse_conf_rsp()
3676 if (chan->mode == L2CAP_MODE_BASIC && chan->mode != rfc.mode) in l2cap_parse_conf_rsp()
3677 return -ECONNREFUSED; in l2cap_parse_conf_rsp()
3679 chan->mode = rfc.mode; in l2cap_parse_conf_rsp()
3684 chan->retrans_timeout = le16_to_cpu(rfc.retrans_timeout); in l2cap_parse_conf_rsp()
3685 chan->monitor_timeout = le16_to_cpu(rfc.monitor_timeout); in l2cap_parse_conf_rsp()
3686 chan->mps = le16_to_cpu(rfc.max_pdu_size); in l2cap_parse_conf_rsp()
3687 if (!test_bit(FLAG_EXT_CTRL, &chan->flags)) in l2cap_parse_conf_rsp()
3688 chan->ack_win = min_t(u16, chan->ack_win, in l2cap_parse_conf_rsp()
3691 if (test_bit(FLAG_EFS_ENABLE, &chan->flags)) { in l2cap_parse_conf_rsp()
3692 chan->local_msdu = le16_to_cpu(efs.msdu); in l2cap_parse_conf_rsp()
3693 chan->local_sdu_itime = in l2cap_parse_conf_rsp()
3695 chan->local_acc_lat = le32_to_cpu(efs.acc_lat); in l2cap_parse_conf_rsp()
3696 chan->local_flush_to = in l2cap_parse_conf_rsp()
3702 chan->mps = le16_to_cpu(rfc.max_pdu_size); in l2cap_parse_conf_rsp()
3706 req->dcid = cpu_to_le16(chan->dcid); in l2cap_parse_conf_rsp()
3707 req->flags = cpu_to_le16(0); in l2cap_parse_conf_rsp()
3709 return ptr - data; in l2cap_parse_conf_rsp()
3716 void *ptr = rsp->data; in l2cap_build_conf_rsp()
3720 rsp->scid = cpu_to_le16(chan->dcid); in l2cap_build_conf_rsp()
3721 rsp->result = cpu_to_le16(result); in l2cap_build_conf_rsp()
3722 rsp->flags = cpu_to_le16(flags); in l2cap_build_conf_rsp()
3724 return ptr - data; in l2cap_build_conf_rsp()
3730 struct l2cap_conn *conn = chan->conn; in __l2cap_le_connect_rsp_defer()
3734 rsp.dcid = cpu_to_le16(chan->scid); in __l2cap_le_connect_rsp_defer()
3735 rsp.mtu = cpu_to_le16(chan->imtu); in __l2cap_le_connect_rsp_defer()
3736 rsp.mps = cpu_to_le16(chan->mps); in __l2cap_le_connect_rsp_defer()
3737 rsp.credits = cpu_to_le16(chan->rx_credits); in __l2cap_le_connect_rsp_defer()
3740 l2cap_send_cmd(conn, chan->ident, L2CAP_LE_CONN_RSP, sizeof(rsp), in __l2cap_le_connect_rsp_defer()
3748 if (*result || test_bit(FLAG_ECRED_CONN_REQ_SENT, &chan->flags)) in l2cap_ecred_list_defer()
3751 switch (chan->state) { in l2cap_ecred_list_defer()
3760 *result = -ECONNREFUSED; in l2cap_ecred_list_defer()
3777 container_of(&rsp->pdu.rsp, struct l2cap_ecred_conn_rsp, hdr); in l2cap_ecred_rsp_defer()
3779 if (test_bit(FLAG_ECRED_CONN_REQ_SENT, &chan->flags)) in l2cap_ecred_rsp_defer()
3783 chan->ident = 0; in l2cap_ecred_rsp_defer()
3786 if (!rsp->pdu.rsp.result) in l2cap_ecred_rsp_defer()
3787 rsp_flex->dcid[rsp->count++] = cpu_to_le16(chan->scid); in l2cap_ecred_rsp_defer()
3794 struct l2cap_conn *conn = chan->conn; in __l2cap_ecred_conn_rsp_defer()
3796 u16 id = chan->ident; in __l2cap_ecred_conn_rsp_defer()
3806 data.pdu.rsp.mtu = cpu_to_le16(chan->imtu); in __l2cap_ecred_conn_rsp_defer()
3807 data.pdu.rsp.mps = cpu_to_le16(chan->mps); in __l2cap_ecred_conn_rsp_defer()
3808 data.pdu.rsp.credits = cpu_to_le16(chan->rx_credits); in __l2cap_ecred_conn_rsp_defer()
3831 struct l2cap_conn *conn = chan->conn; in __l2cap_connect_rsp_defer()
3835 rsp.scid = cpu_to_le16(chan->dcid); in __l2cap_connect_rsp_defer()
3836 rsp.dcid = cpu_to_le16(chan->scid); in __l2cap_connect_rsp_defer()
3843 l2cap_send_cmd(conn, chan->ident, rsp_code, sizeof(rsp), &rsp); in __l2cap_connect_rsp_defer()
3845 if (test_and_set_bit(CONF_REQ_SENT, &chan->conf_state)) in __l2cap_connect_rsp_defer()
3850 chan->num_conf_req++; in __l2cap_connect_rsp_defer()
3860 u16 txwin_ext = chan->ack_win; in l2cap_conf_rfc_get()
3862 .mode = chan->mode, in l2cap_conf_rfc_get()
3865 .max_pdu_size = cpu_to_le16(chan->imtu), in l2cap_conf_rfc_get()
3866 .txwin_size = min_t(u16, chan->ack_win, L2CAP_DEFAULT_TX_WINDOW), in l2cap_conf_rfc_get()
3871 if ((chan->mode != L2CAP_MODE_ERTM) && (chan->mode != L2CAP_MODE_STREAMING)) in l2cap_conf_rfc_get()
3875 len -= l2cap_get_conf_opt(&rsp, &type, &olen, &val); in l2cap_conf_rfc_get()
3895 chan->retrans_timeout = le16_to_cpu(rfc.retrans_timeout); in l2cap_conf_rfc_get()
3896 chan->monitor_timeout = le16_to_cpu(rfc.monitor_timeout); in l2cap_conf_rfc_get()
3897 chan->mps = le16_to_cpu(rfc.max_pdu_size); in l2cap_conf_rfc_get()
3898 if (test_bit(FLAG_EXT_CTRL, &chan->flags)) in l2cap_conf_rfc_get()
3899 chan->ack_win = min_t(u16, chan->ack_win, txwin_ext); in l2cap_conf_rfc_get()
3901 chan->ack_win = min_t(u16, chan->ack_win, in l2cap_conf_rfc_get()
3905 chan->mps = le16_to_cpu(rfc.max_pdu_size); in l2cap_conf_rfc_get()
3916 return -EPROTO; in l2cap_command_rej()
3918 if (rej->reason != L2CAP_REJ_NOT_UNDERSTOOD) in l2cap_command_rej()
3921 if ((conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_SENT) && in l2cap_command_rej()
3922 cmd->ident == conn->info_ident) { in l2cap_command_rej()
3923 cancel_delayed_work(&conn->info_timer); in l2cap_command_rej()
3925 conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_DONE; in l2cap_command_rej()
3926 conn->info_ident = 0; in l2cap_command_rej()
3942 u16 dcid = 0, scid = __le16_to_cpu(req->scid); in l2cap_connect()
3943 __le16 psm = req->psm; in l2cap_connect()
3948 pchan = l2cap_global_chan_by_psm(BT_LISTEN, psm, &conn->hcon->src, in l2cap_connect()
3949 &conn->hcon->dst, ACL_LINK); in l2cap_connect()
3955 mutex_lock(&conn->chan_lock); in l2cap_connect()
3960 !hci_conn_check_link_mode(conn->hcon)) { in l2cap_connect()
3961 conn->disc_reason = HCI_ERROR_AUTH_FAILURE; in l2cap_connect()
3980 chan = pchan->ops->new_connection(pchan); in l2cap_connect()
3989 conn->hcon->disc_timeout = HCI_DISCONN_TIMEOUT; in l2cap_connect()
3991 bacpy(&chan->src, &conn->hcon->src); in l2cap_connect()
3992 bacpy(&chan->dst, &conn->hcon->dst); in l2cap_connect()
3993 chan->src_type = bdaddr_src_type(conn->hcon); in l2cap_connect()
3994 chan->dst_type = bdaddr_dst_type(conn->hcon); in l2cap_connect()
3995 chan->psm = psm; in l2cap_connect()
3996 chan->dcid = scid; in l2cap_connect()
4000 dcid = chan->scid; in l2cap_connect()
4002 __set_chan_timer(chan, chan->ops->get_sndtimeo(chan)); in l2cap_connect()
4004 chan->ident = cmd->ident; in l2cap_connect()
4006 if (conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_DONE) { in l2cap_connect()
4008 if (test_bit(FLAG_DEFER_SETUP, &chan->flags)) { in l2cap_connect()
4012 chan->ops->defer(chan); in l2cap_connect()
4034 l2cap_send_cmd(conn, cmd->ident, rsp_code, sizeof(rsp), &rsp); in l2cap_connect()
4043 conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_SENT; in l2cap_connect()
4044 conn->info_ident = l2cap_get_ident(conn); in l2cap_connect()
4046 schedule_delayed_work(&conn->info_timer, L2CAP_INFO_TIMEOUT); in l2cap_connect()
4048 l2cap_send_cmd(conn, conn->info_ident, L2CAP_INFO_REQ, in l2cap_connect()
4052 if (chan && !test_bit(CONF_REQ_SENT, &chan->conf_state) && in l2cap_connect()
4055 set_bit(CONF_REQ_SENT, &chan->conf_state); in l2cap_connect()
4058 chan->num_conf_req++; in l2cap_connect()
4062 mutex_unlock(&conn->chan_lock); in l2cap_connect()
4070 return -EPROTO; in l2cap_connect_req()
4087 return -EPROTO; in l2cap_connect_create_rsp()
4089 scid = __le16_to_cpu(rsp->scid); in l2cap_connect_create_rsp()
4090 dcid = __le16_to_cpu(rsp->dcid); in l2cap_connect_create_rsp()
4091 result = __le16_to_cpu(rsp->result); in l2cap_connect_create_rsp()
4092 status = __le16_to_cpu(rsp->status); in l2cap_connect_create_rsp()
4096 return -EPROTO; in l2cap_connect_create_rsp()
4101 mutex_lock(&conn->chan_lock); in l2cap_connect_create_rsp()
4106 err = -EBADSLT; in l2cap_connect_create_rsp()
4110 chan = __l2cap_get_chan_by_ident(conn, cmd->ident); in l2cap_connect_create_rsp()
4112 err = -EBADSLT; in l2cap_connect_create_rsp()
4119 err = -EBADSLT; in l2cap_connect_create_rsp()
4130 err = -EBADSLT; in l2cap_connect_create_rsp()
4135 chan->ident = 0; in l2cap_connect_create_rsp()
4136 chan->dcid = dcid; in l2cap_connect_create_rsp()
4137 clear_bit(CONF_CONNECT_PEND, &chan->conf_state); in l2cap_connect_create_rsp()
4139 if (test_and_set_bit(CONF_REQ_SENT, &chan->conf_state)) in l2cap_connect_create_rsp()
4144 chan->num_conf_req++; in l2cap_connect_create_rsp()
4148 set_bit(CONF_CONNECT_PEND, &chan->conf_state); in l2cap_connect_create_rsp()
4160 mutex_unlock(&conn->chan_lock); in l2cap_connect_create_rsp()
4170 if (chan->mode != L2CAP_MODE_ERTM && chan->mode != L2CAP_MODE_STREAMING) in set_default_fcs()
4171 chan->fcs = L2CAP_FCS_NONE; in set_default_fcs()
4172 else if (!test_bit(CONF_RECV_NO_FCS, &chan->conf_state)) in set_default_fcs()
4173 chan->fcs = L2CAP_FCS_CRC16; in set_default_fcs()
4179 struct l2cap_conn *conn = chan->conn; in l2cap_send_efs_conf_rsp()
4184 clear_bit(CONF_LOC_CONF_PEND, &chan->conf_state); in l2cap_send_efs_conf_rsp()
4185 set_bit(CONF_OUTPUT_DONE, &chan->conf_state); in l2cap_send_efs_conf_rsp()
4215 return -EPROTO; in l2cap_config_req()
4217 dcid = __le16_to_cpu(req->dcid); in l2cap_config_req()
4218 flags = __le16_to_cpu(req->flags); in l2cap_config_req()
4224 cmd_reject_invalid_cid(conn, cmd->ident, dcid, 0); in l2cap_config_req()
4228 if (chan->state != BT_CONFIG && chan->state != BT_CONNECT2 && in l2cap_config_req()
4229 chan->state != BT_CONNECTED) { in l2cap_config_req()
4230 cmd_reject_invalid_cid(conn, cmd->ident, chan->scid, in l2cap_config_req()
4231 chan->dcid); in l2cap_config_req()
4236 len = cmd_len - sizeof(*req); in l2cap_config_req()
4237 if (chan->conf_len + len > sizeof(chan->conf_req)) { in l2cap_config_req()
4238 l2cap_send_cmd(conn, cmd->ident, L2CAP_CONF_RSP, in l2cap_config_req()
4245 memcpy(chan->conf_req + chan->conf_len, req->data, len); in l2cap_config_req()
4246 chan->conf_len += len; in l2cap_config_req()
4250 l2cap_send_cmd(conn, cmd->ident, L2CAP_CONF_RSP, in l2cap_config_req()
4263 chan->ident = cmd->ident; in l2cap_config_req()
4264 l2cap_send_cmd(conn, cmd->ident, L2CAP_CONF_RSP, len, rsp); in l2cap_config_req()
4265 if (chan->num_conf_rsp < L2CAP_CONF_MAX_CONF_RSP) in l2cap_config_req()
4266 chan->num_conf_rsp++; in l2cap_config_req()
4269 chan->conf_len = 0; in l2cap_config_req()
4271 if (!test_bit(CONF_OUTPUT_DONE, &chan->conf_state)) in l2cap_config_req()
4274 if (test_bit(CONF_INPUT_DONE, &chan->conf_state)) { in l2cap_config_req()
4277 if (chan->mode == L2CAP_MODE_ERTM || in l2cap_config_req()
4278 chan->mode == L2CAP_MODE_STREAMING) in l2cap_config_req()
4282 l2cap_send_disconn_req(chan, -err); in l2cap_config_req()
4289 if (!test_and_set_bit(CONF_REQ_SENT, &chan->conf_state)) { in l2cap_config_req()
4293 chan->num_conf_req++; in l2cap_config_req()
4298 if (test_bit(CONF_REM_CONF_PEND, &chan->conf_state) && in l2cap_config_req()
4299 test_bit(CONF_LOC_CONF_PEND, &chan->conf_state)) { in l2cap_config_req()
4304 l2cap_send_efs_conf_rsp(chan, rsp, cmd->ident, flags); in l2cap_config_req()
4320 int len = cmd_len - sizeof(*rsp); in l2cap_config_rsp()
4324 return -EPROTO; in l2cap_config_rsp()
4326 scid = __le16_to_cpu(rsp->scid); in l2cap_config_rsp()
4327 flags = __le16_to_cpu(rsp->flags); in l2cap_config_rsp()
4328 result = __le16_to_cpu(rsp->result); in l2cap_config_rsp()
4339 l2cap_conf_rfc_get(chan, rsp->data, len); in l2cap_config_rsp()
4340 clear_bit(CONF_REM_CONF_PEND, &chan->conf_state); in l2cap_config_rsp()
4344 set_bit(CONF_REM_CONF_PEND, &chan->conf_state); in l2cap_config_rsp()
4346 if (test_bit(CONF_LOC_CONF_PEND, &chan->conf_state)) { in l2cap_config_rsp()
4349 len = l2cap_parse_conf_rsp(chan, rsp->data, len, in l2cap_config_rsp()
4356 l2cap_send_efs_conf_rsp(chan, buf, cmd->ident, 0); in l2cap_config_rsp()
4362 if (chan->num_conf_rsp <= L2CAP_CONF_MAX_CONF_RSP) { in l2cap_config_rsp()
4365 if (len > sizeof(req) - sizeof(struct l2cap_conf_req)) { in l2cap_config_rsp()
4372 len = l2cap_parse_conf_rsp(chan, rsp->data, len, in l2cap_config_rsp()
4381 chan->num_conf_req++; in l2cap_config_rsp()
4399 set_bit(CONF_INPUT_DONE, &chan->conf_state); in l2cap_config_rsp()
4401 if (test_bit(CONF_OUTPUT_DONE, &chan->conf_state)) { in l2cap_config_rsp()
4404 if (chan->mode == L2CAP_MODE_ERTM || in l2cap_config_rsp()
4405 chan->mode == L2CAP_MODE_STREAMING) in l2cap_config_rsp()
4409 l2cap_send_disconn_req(chan, -err); in l2cap_config_rsp()
4430 return -EPROTO; in l2cap_disconnect_req()
4432 scid = __le16_to_cpu(req->scid); in l2cap_disconnect_req()
4433 dcid = __le16_to_cpu(req->dcid); in l2cap_disconnect_req()
4439 cmd_reject_invalid_cid(conn, cmd->ident, dcid, scid); in l2cap_disconnect_req()
4443 rsp.dcid = cpu_to_le16(chan->scid); in l2cap_disconnect_req()
4444 rsp.scid = cpu_to_le16(chan->dcid); in l2cap_disconnect_req()
4445 l2cap_send_cmd(conn, cmd->ident, L2CAP_DISCONN_RSP, sizeof(rsp), &rsp); in l2cap_disconnect_req()
4447 chan->ops->set_shutdown(chan); in l2cap_disconnect_req()
4450 mutex_lock(&conn->chan_lock); in l2cap_disconnect_req()
4453 mutex_unlock(&conn->chan_lock); in l2cap_disconnect_req()
4455 chan->ops->close(chan); in l2cap_disconnect_req()
4472 return -EPROTO; in l2cap_disconnect_rsp()
4474 scid = __le16_to_cpu(rsp->scid); in l2cap_disconnect_rsp()
4475 dcid = __le16_to_cpu(rsp->dcid); in l2cap_disconnect_rsp()
4484 if (chan->state != BT_DISCONN) { in l2cap_disconnect_rsp()
4491 mutex_lock(&conn->chan_lock); in l2cap_disconnect_rsp()
4494 mutex_unlock(&conn->chan_lock); in l2cap_disconnect_rsp()
4496 chan->ops->close(chan); in l2cap_disconnect_rsp()
4512 return -EPROTO; in l2cap_information_req()
4514 type = __le16_to_cpu(req->type); in l2cap_information_req()
4522 rsp->type = cpu_to_le16(L2CAP_IT_FEAT_MASK); in l2cap_information_req()
4523 rsp->result = cpu_to_le16(L2CAP_IR_SUCCESS); in l2cap_information_req()
4528 put_unaligned_le32(feat_mask, rsp->data); in l2cap_information_req()
4529 l2cap_send_cmd(conn, cmd->ident, L2CAP_INFO_RSP, sizeof(buf), in l2cap_information_req()
4535 rsp->type = cpu_to_le16(L2CAP_IT_FIXED_CHAN); in l2cap_information_req()
4536 rsp->result = cpu_to_le16(L2CAP_IR_SUCCESS); in l2cap_information_req()
4537 rsp->data[0] = conn->local_fixed_chan; in l2cap_information_req()
4538 memset(rsp->data + 1, 0, 7); in l2cap_information_req()
4539 l2cap_send_cmd(conn, cmd->ident, L2CAP_INFO_RSP, sizeof(buf), in l2cap_information_req()
4545 l2cap_send_cmd(conn, cmd->ident, L2CAP_INFO_RSP, sizeof(rsp), in l2cap_information_req()
4560 return -EPROTO; in l2cap_information_rsp()
4562 type = __le16_to_cpu(rsp->type); in l2cap_information_rsp()
4563 result = __le16_to_cpu(rsp->result); in l2cap_information_rsp()
4568 if (cmd->ident != conn->info_ident || in l2cap_information_rsp()
4569 conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_DONE) in l2cap_information_rsp()
4572 cancel_delayed_work(&conn->info_timer); in l2cap_information_rsp()
4575 conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_DONE; in l2cap_information_rsp()
4576 conn->info_ident = 0; in l2cap_information_rsp()
4585 conn->feat_mask = get_unaligned_le32(rsp->data); in l2cap_information_rsp()
4587 if (conn->feat_mask & L2CAP_FEAT_FIXED_CHAN) { in l2cap_information_rsp()
4591 conn->info_ident = l2cap_get_ident(conn); in l2cap_information_rsp()
4593 l2cap_send_cmd(conn, conn->info_ident, in l2cap_information_rsp()
4596 conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_DONE; in l2cap_information_rsp()
4597 conn->info_ident = 0; in l2cap_information_rsp()
4604 conn->remote_fixed_chan = rsp->data[0]; in l2cap_information_rsp()
4605 conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_DONE; in l2cap_information_rsp()
4606 conn->info_ident = 0; in l2cap_information_rsp()
4619 struct hci_conn *hcon = conn->hcon; in l2cap_conn_param_update_req()
4625 if (hcon->role != HCI_ROLE_MASTER) in l2cap_conn_param_update_req()
4626 return -EINVAL; in l2cap_conn_param_update_req()
4629 return -EPROTO; in l2cap_conn_param_update_req()
4632 min = __le16_to_cpu(req->min); in l2cap_conn_param_update_req()
4633 max = __le16_to_cpu(req->max); in l2cap_conn_param_update_req()
4634 latency = __le16_to_cpu(req->latency); in l2cap_conn_param_update_req()
4635 to_multiplier = __le16_to_cpu(req->to_multiplier); in l2cap_conn_param_update_req()
4648 l2cap_send_cmd(conn, cmd->ident, L2CAP_CONN_PARAM_UPDATE_RSP, in l2cap_conn_param_update_req()
4656 mgmt_new_conn_param(hcon->hdev, &hcon->dst, hcon->dst_type, in l2cap_conn_param_update_req()
4670 struct hci_conn *hcon = conn->hcon; in l2cap_le_connect_rsp()
4676 return -EPROTO; in l2cap_le_connect_rsp()
4678 dcid = __le16_to_cpu(rsp->dcid); in l2cap_le_connect_rsp()
4679 mtu = __le16_to_cpu(rsp->mtu); in l2cap_le_connect_rsp()
4680 mps = __le16_to_cpu(rsp->mps); in l2cap_le_connect_rsp()
4681 credits = __le16_to_cpu(rsp->credits); in l2cap_le_connect_rsp()
4682 result = __le16_to_cpu(rsp->result); in l2cap_le_connect_rsp()
4687 return -EPROTO; in l2cap_le_connect_rsp()
4692 mutex_lock(&conn->chan_lock); in l2cap_le_connect_rsp()
4694 chan = __l2cap_get_chan_by_ident(conn, cmd->ident); in l2cap_le_connect_rsp()
4696 err = -EBADSLT; in l2cap_le_connect_rsp()
4707 err = -EBADSLT; in l2cap_le_connect_rsp()
4711 chan->ident = 0; in l2cap_le_connect_rsp()
4712 chan->dcid = dcid; in l2cap_le_connect_rsp()
4713 chan->omtu = mtu; in l2cap_le_connect_rsp()
4714 chan->remote_mps = mps; in l2cap_le_connect_rsp()
4715 chan->tx_credits = credits; in l2cap_le_connect_rsp()
4724 if (hcon->sec_level > BT_SECURITY_MEDIUM) { in l2cap_le_connect_rsp()
4729 sec_level = hcon->sec_level + 1; in l2cap_le_connect_rsp()
4730 if (chan->sec_level < sec_level) in l2cap_le_connect_rsp()
4731 chan->sec_level = sec_level; in l2cap_le_connect_rsp()
4734 clear_bit(FLAG_LE_CONN_REQ_SENT, &chan->flags); in l2cap_le_connect_rsp()
4736 smp_conn_security(hcon, chan->sec_level); in l2cap_le_connect_rsp()
4747 mutex_unlock(&conn->chan_lock); in l2cap_le_connect_rsp()
4758 switch (cmd->code) { in l2cap_bredr_sig_cmd()
4788 l2cap_send_cmd(conn, cmd->ident, L2CAP_ECHO_RSP, cmd_len, data); in l2cap_bredr_sig_cmd()
4803 BT_ERR("Unknown BR/EDR signaling command 0x%2.2x", cmd->code); in l2cap_bredr_sig_cmd()
4804 err = -EINVAL; in l2cap_bredr_sig_cmd()
4823 return -EPROTO; in l2cap_le_connect_req()
4825 scid = __le16_to_cpu(req->scid); in l2cap_le_connect_req()
4826 mtu = __le16_to_cpu(req->mtu); in l2cap_le_connect_req()
4827 mps = __le16_to_cpu(req->mps); in l2cap_le_connect_req()
4828 psm = req->psm; in l2cap_le_connect_req()
4833 return -EPROTO; in l2cap_le_connect_req()
4841 * Valid range: 0x0001-0x00ff in l2cap_le_connect_req()
4852 pchan = l2cap_global_chan_by_psm(BT_LISTEN, psm, &conn->hcon->src, in l2cap_le_connect_req()
4853 &conn->hcon->dst, LE_LINK); in l2cap_le_connect_req()
4860 mutex_lock(&conn->chan_lock); in l2cap_le_connect_req()
4863 if (!smp_sufficient_security(conn->hcon, pchan->sec_level, in l2cap_le_connect_req()
4884 chan = pchan->ops->new_connection(pchan); in l2cap_le_connect_req()
4890 bacpy(&chan->src, &conn->hcon->src); in l2cap_le_connect_req()
4891 bacpy(&chan->dst, &conn->hcon->dst); in l2cap_le_connect_req()
4892 chan->src_type = bdaddr_src_type(conn->hcon); in l2cap_le_connect_req()
4893 chan->dst_type = bdaddr_dst_type(conn->hcon); in l2cap_le_connect_req()
4894 chan->psm = psm; in l2cap_le_connect_req()
4895 chan->dcid = scid; in l2cap_le_connect_req()
4896 chan->omtu = mtu; in l2cap_le_connect_req()
4897 chan->remote_mps = mps; in l2cap_le_connect_req()
4901 l2cap_le_flowctl_init(chan, __le16_to_cpu(req->credits)); in l2cap_le_connect_req()
4903 dcid = chan->scid; in l2cap_le_connect_req()
4904 credits = chan->rx_credits; in l2cap_le_connect_req()
4906 __set_chan_timer(chan, chan->ops->get_sndtimeo(chan)); in l2cap_le_connect_req()
4908 chan->ident = cmd->ident; in l2cap_le_connect_req()
4910 if (test_bit(FLAG_DEFER_SETUP, &chan->flags)) { in l2cap_le_connect_req()
4918 chan->ops->defer(chan); in l2cap_le_connect_req()
4926 mutex_unlock(&conn->chan_lock); in l2cap_le_connect_req()
4934 rsp.mtu = cpu_to_le16(chan->imtu); in l2cap_le_connect_req()
4935 rsp.mps = cpu_to_le16(chan->mps); in l2cap_le_connect_req()
4945 l2cap_send_cmd(conn, cmd->ident, L2CAP_LE_CONN_RSP, sizeof(rsp), &rsp); in l2cap_le_connect_req()
4959 return -EPROTO; in l2cap_le_credits()
4962 cid = __le16_to_cpu(pkt->cid); in l2cap_le_credits()
4963 credits = __le16_to_cpu(pkt->credits); in l2cap_le_credits()
4969 return -EBADSLT; in l2cap_le_credits()
4971 max_credits = LE_FLOWCTL_MAX_CREDITS - chan->tx_credits; in l2cap_le_credits()
4982 chan->tx_credits += credits; in l2cap_le_credits()
4987 if (chan->tx_credits) in l2cap_le_credits()
4988 chan->ops->resume(chan); in l2cap_le_credits()
5011 return -EINVAL; in l2cap_ecred_conn_req()
5013 if (cmd_len < sizeof(*req) || (cmd_len - sizeof(*req)) % sizeof(u16)) { in l2cap_ecred_conn_req()
5018 cmd_len -= sizeof(*req); in l2cap_ecred_conn_req()
5026 mtu = __le16_to_cpu(req->mtu); in l2cap_ecred_conn_req()
5027 mps = __le16_to_cpu(req->mps); in l2cap_ecred_conn_req()
5034 psm = req->psm; in l2cap_ecred_conn_req()
5039 * Valid range: 0x0001-0x00ff in l2cap_ecred_conn_req()
5053 pchan = l2cap_global_chan_by_psm(BT_LISTEN, psm, &conn->hcon->src, in l2cap_ecred_conn_req()
5054 &conn->hcon->dst, LE_LINK); in l2cap_ecred_conn_req()
5060 mutex_lock(&conn->chan_lock); in l2cap_ecred_conn_req()
5063 if (!smp_sufficient_security(conn->hcon, pchan->sec_level, in l2cap_ecred_conn_req()
5072 u16 scid = __le16_to_cpu(req->scid[i]); in l2cap_ecred_conn_req()
5076 pdu->dcid[i] = 0x0000; in l2cap_ecred_conn_req()
5077 len += sizeof(*pdu->dcid); in l2cap_ecred_conn_req()
5091 chan = pchan->ops->new_connection(pchan); in l2cap_ecred_conn_req()
5097 bacpy(&chan->src, &conn->hcon->src); in l2cap_ecred_conn_req()
5098 bacpy(&chan->dst, &conn->hcon->dst); in l2cap_ecred_conn_req()
5099 chan->src_type = bdaddr_src_type(conn->hcon); in l2cap_ecred_conn_req()
5100 chan->dst_type = bdaddr_dst_type(conn->hcon); in l2cap_ecred_conn_req()
5101 chan->psm = psm; in l2cap_ecred_conn_req()
5102 chan->dcid = scid; in l2cap_ecred_conn_req()
5103 chan->omtu = mtu; in l2cap_ecred_conn_req()
5104 chan->remote_mps = mps; in l2cap_ecred_conn_req()
5108 l2cap_ecred_init(chan, __le16_to_cpu(req->credits)); in l2cap_ecred_conn_req()
5111 if (!pdu->credits) { in l2cap_ecred_conn_req()
5112 pdu->mtu = cpu_to_le16(chan->imtu); in l2cap_ecred_conn_req()
5113 pdu->mps = cpu_to_le16(chan->mps); in l2cap_ecred_conn_req()
5114 pdu->credits = cpu_to_le16(chan->rx_credits); in l2cap_ecred_conn_req()
5117 pdu->dcid[i] = cpu_to_le16(chan->scid); in l2cap_ecred_conn_req()
5119 __set_chan_timer(chan, chan->ops->get_sndtimeo(chan)); in l2cap_ecred_conn_req()
5121 chan->ident = cmd->ident; in l2cap_ecred_conn_req()
5122 chan->mode = L2CAP_MODE_EXT_FLOWCTL; in l2cap_ecred_conn_req()
5124 if (test_bit(FLAG_DEFER_SETUP, &chan->flags)) { in l2cap_ecred_conn_req()
5127 chan->ops->defer(chan); in l2cap_ecred_conn_req()
5135 mutex_unlock(&conn->chan_lock); in l2cap_ecred_conn_req()
5139 pdu->result = cpu_to_le16(result); in l2cap_ecred_conn_req()
5144 l2cap_send_cmd(conn, cmd->ident, L2CAP_ECRED_CONN_RSP, in l2cap_ecred_conn_req()
5155 struct hci_conn *hcon = conn->hcon; in l2cap_ecred_conn_rsp()
5162 return -EPROTO; in l2cap_ecred_conn_rsp()
5164 mtu = __le16_to_cpu(rsp->mtu); in l2cap_ecred_conn_rsp()
5165 mps = __le16_to_cpu(rsp->mps); in l2cap_ecred_conn_rsp()
5166 credits = __le16_to_cpu(rsp->credits); in l2cap_ecred_conn_rsp()
5167 result = __le16_to_cpu(rsp->result); in l2cap_ecred_conn_rsp()
5172 mutex_lock(&conn->chan_lock); in l2cap_ecred_conn_rsp()
5174 cmd_len -= sizeof(*rsp); in l2cap_ecred_conn_rsp()
5176 list_for_each_entry_safe(chan, tmp, &conn->chan_l, list) { in l2cap_ecred_conn_rsp()
5179 if (chan->ident != cmd->ident || in l2cap_ecred_conn_rsp()
5180 chan->mode != L2CAP_MODE_EXT_FLOWCTL || in l2cap_ecred_conn_rsp()
5181 chan->state == BT_CONNECTED) in l2cap_ecred_conn_rsp()
5193 dcid = __le16_to_cpu(rsp->dcid[i++]); in l2cap_ecred_conn_rsp()
5194 cmd_len -= sizeof(u16); in l2cap_ecred_conn_rsp()
5202 * already-assigned Destination CID, then both the in l2cap_ecred_conn_rsp()
5221 if (hcon->sec_level > BT_SECURITY_MEDIUM) { in l2cap_ecred_conn_rsp()
5226 sec_level = hcon->sec_level + 1; in l2cap_ecred_conn_rsp()
5227 if (chan->sec_level < sec_level) in l2cap_ecred_conn_rsp()
5228 chan->sec_level = sec_level; in l2cap_ecred_conn_rsp()
5231 clear_bit(FLAG_ECRED_CONN_REQ_SENT, &chan->flags); in l2cap_ecred_conn_rsp()
5233 smp_conn_security(hcon, chan->sec_level); in l2cap_ecred_conn_rsp()
5247 chan->ident = 0; in l2cap_ecred_conn_rsp()
5248 chan->dcid = dcid; in l2cap_ecred_conn_rsp()
5249 chan->omtu = mtu; in l2cap_ecred_conn_rsp()
5250 chan->remote_mps = mps; in l2cap_ecred_conn_rsp()
5251 chan->tx_credits = credits; in l2cap_ecred_conn_rsp()
5259 mutex_unlock(&conn->chan_lock); in l2cap_ecred_conn_rsp()
5275 return -EINVAL; in l2cap_ecred_reconf_req()
5277 if (cmd_len < sizeof(*req) || cmd_len - sizeof(*req) % sizeof(u16)) { in l2cap_ecred_reconf_req()
5282 mtu = __le16_to_cpu(req->mtu); in l2cap_ecred_reconf_req()
5283 mps = __le16_to_cpu(req->mps); in l2cap_ecred_reconf_req()
5297 cmd_len -= sizeof(*req); in l2cap_ecred_reconf_req()
5304 scid = __le16_to_cpu(req->scid[i]); in l2cap_ecred_reconf_req()
5306 return -EPROTO; in l2cap_ecred_reconf_req()
5316 if (chan->omtu > mtu) { in l2cap_ecred_reconf_req()
5317 BT_ERR("chan %p decreased MTU %u -> %u", chan, in l2cap_ecred_reconf_req()
5318 chan->omtu, mtu); in l2cap_ecred_reconf_req()
5322 chan->omtu = mtu; in l2cap_ecred_reconf_req()
5323 chan->remote_mps = mps; in l2cap_ecred_reconf_req()
5329 l2cap_send_cmd(conn, cmd->ident, L2CAP_ECRED_RECONF_RSP, sizeof(rsp), in l2cap_ecred_reconf_req()
5344 return -EPROTO; in l2cap_ecred_reconf_rsp()
5346 result = __le16_to_cpu(rsp->result); in l2cap_ecred_reconf_rsp()
5348 BT_DBG("result 0x%4.4x", rsp->result); in l2cap_ecred_reconf_rsp()
5353 list_for_each_entry_safe(chan, tmp, &conn->chan_l, list) { in l2cap_ecred_reconf_rsp()
5354 if (chan->ident != cmd->ident) in l2cap_ecred_reconf_rsp()
5371 return -EPROTO; in l2cap_le_command_rej()
5373 mutex_lock(&conn->chan_lock); in l2cap_le_command_rej()
5375 chan = __l2cap_get_chan_by_ident(conn, cmd->ident); in l2cap_le_command_rej()
5389 mutex_unlock(&conn->chan_lock); in l2cap_le_command_rej()
5399 switch (cmd->code) { in l2cap_le_sig_cmd()
5448 BT_ERR("Unknown LE signaling command 0x%2.2x", cmd->code); in l2cap_le_sig_cmd()
5449 err = -EINVAL; in l2cap_le_sig_cmd()
5459 struct hci_conn *hcon = conn->hcon; in l2cap_le_sig_channel()
5464 if (hcon->type != LE_LINK) in l2cap_le_sig_channel()
5467 if (skb->len < L2CAP_CMD_HDR_SIZE) in l2cap_le_sig_channel()
5470 cmd = (void *) skb->data; in l2cap_le_sig_channel()
5473 len = le16_to_cpu(cmd->len); in l2cap_le_sig_channel()
5475 BT_DBG("code 0x%2.2x len %d id 0x%2.2x", cmd->code, len, cmd->ident); in l2cap_le_sig_channel()
5477 if (len != skb->len || !cmd->ident) { in l2cap_le_sig_channel()
5482 err = l2cap_le_sig_cmd(conn, cmd, len, skb->data); in l2cap_le_sig_channel()
5489 l2cap_send_cmd(conn, cmd->ident, L2CAP_COMMAND_REJ, in l2cap_le_sig_channel()
5508 struct hci_conn *hcon = conn->hcon; in l2cap_sig_channel()
5514 if (hcon->type != ACL_LINK) in l2cap_sig_channel()
5517 while (skb->len >= L2CAP_CMD_HDR_SIZE) { in l2cap_sig_channel()
5520 cmd = (void *) skb->data; in l2cap_sig_channel()
5523 len = le16_to_cpu(cmd->len); in l2cap_sig_channel()
5525 BT_DBG("code 0x%2.2x len %d id 0x%2.2x", cmd->code, len, in l2cap_sig_channel()
5526 cmd->ident); in l2cap_sig_channel()
5528 if (len > skb->len || !cmd->ident) { in l2cap_sig_channel()
5530 l2cap_sig_send_rej(conn, cmd->ident); in l2cap_sig_channel()
5531 skb_pull(skb, len > skb->len ? skb->len : len); in l2cap_sig_channel()
5535 err = l2cap_bredr_sig_cmd(conn, cmd, len, skb->data); in l2cap_sig_channel()
5538 l2cap_sig_send_rej(conn, cmd->ident); in l2cap_sig_channel()
5544 if (skb->len > 0) { in l2cap_sig_channel()
5558 if (test_bit(FLAG_EXT_CTRL, &chan->flags)) in l2cap_check_fcs()
5563 if (chan->fcs == L2CAP_FCS_CRC16) { in l2cap_check_fcs()
5564 skb_trim(skb, skb->len - L2CAP_FCS_SIZE); in l2cap_check_fcs()
5565 rcv_fcs = get_unaligned_le16(skb->data + skb->len); in l2cap_check_fcs()
5566 our_fcs = crc16(0, skb->data - hdr_size, skb->len + hdr_size); in l2cap_check_fcs()
5569 return -EBADMSG; in l2cap_check_fcs()
5583 control.reqseq = chan->buffer_seq; in l2cap_send_i_or_rr_or_rnr()
5584 set_bit(CONN_SEND_FBIT, &chan->conn_state); in l2cap_send_i_or_rr_or_rnr()
5586 if (test_bit(CONN_LOCAL_BUSY, &chan->conn_state)) { in l2cap_send_i_or_rr_or_rnr()
5591 if (test_and_clear_bit(CONN_REMOTE_BUSY, &chan->conn_state) && in l2cap_send_i_or_rr_or_rnr()
5592 chan->unacked_frames > 0) in l2cap_send_i_or_rr_or_rnr()
5598 if (!test_bit(CONN_LOCAL_BUSY, &chan->conn_state) && in l2cap_send_i_or_rr_or_rnr()
5599 test_bit(CONN_SEND_FBIT, &chan->conn_state)) { in l2cap_send_i_or_rr_or_rnr()
5600 /* F-bit wasn't sent in an s-frame or i-frame yet, so in l2cap_send_i_or_rr_or_rnr()
5611 /* skb->len reflects data in skb as well as all fragments in append_skb_frag()
5612 * skb->data_len reflects only data in fragments in append_skb_frag()
5615 skb_shinfo(skb)->frag_list = new_frag; in append_skb_frag()
5617 new_frag->next = NULL; in append_skb_frag()
5619 (*last_frag)->next = new_frag; in append_skb_frag()
5622 skb->len += new_frag->len; in append_skb_frag()
5623 skb->data_len += new_frag->len; in append_skb_frag()
5624 skb->truesize += new_frag->truesize; in append_skb_frag()
5630 int err = -EINVAL; in l2cap_reassemble_sdu()
5632 switch (control->sar) { in l2cap_reassemble_sdu()
5634 if (chan->sdu) in l2cap_reassemble_sdu()
5637 err = chan->ops->recv(chan, skb); in l2cap_reassemble_sdu()
5641 if (chan->sdu) in l2cap_reassemble_sdu()
5647 chan->sdu_len = get_unaligned_le16(skb->data); in l2cap_reassemble_sdu()
5650 if (chan->sdu_len > chan->imtu) { in l2cap_reassemble_sdu()
5651 err = -EMSGSIZE; in l2cap_reassemble_sdu()
5655 if (skb->len >= chan->sdu_len) in l2cap_reassemble_sdu()
5658 chan->sdu = skb; in l2cap_reassemble_sdu()
5659 chan->sdu_last_frag = skb; in l2cap_reassemble_sdu()
5666 if (!chan->sdu) in l2cap_reassemble_sdu()
5669 append_skb_frag(chan->sdu, skb, in l2cap_reassemble_sdu()
5670 &chan->sdu_last_frag); in l2cap_reassemble_sdu()
5673 if (chan->sdu->len >= chan->sdu_len) in l2cap_reassemble_sdu()
5680 if (!chan->sdu) in l2cap_reassemble_sdu()
5683 append_skb_frag(chan->sdu, skb, in l2cap_reassemble_sdu()
5684 &chan->sdu_last_frag); in l2cap_reassemble_sdu()
5687 if (chan->sdu->len != chan->sdu_len) in l2cap_reassemble_sdu()
5690 err = chan->ops->recv(chan, chan->sdu); in l2cap_reassemble_sdu()
5694 chan->sdu = NULL; in l2cap_reassemble_sdu()
5695 chan->sdu_last_frag = NULL; in l2cap_reassemble_sdu()
5696 chan->sdu_len = 0; in l2cap_reassemble_sdu()
5703 kfree_skb(chan->sdu); in l2cap_reassemble_sdu()
5704 chan->sdu = NULL; in l2cap_reassemble_sdu()
5705 chan->sdu_last_frag = NULL; in l2cap_reassemble_sdu()
5706 chan->sdu_len = 0; in l2cap_reassemble_sdu()
5722 if (chan->mode != L2CAP_MODE_ERTM) in l2cap_chan_busy()
5738 while (!test_bit(CONN_LOCAL_BUSY, &chan->conn_state)) { in l2cap_rx_queued_iframes()
5741 chan->buffer_seq, skb_queue_len(&chan->srej_q)); in l2cap_rx_queued_iframes()
5743 skb = l2cap_ertm_seq_in_queue(&chan->srej_q, chan->buffer_seq); in l2cap_rx_queued_iframes()
5748 skb_unlink(skb, &chan->srej_q); in l2cap_rx_queued_iframes()
5749 chan->buffer_seq = __next_seq(chan, chan->buffer_seq); in l2cap_rx_queued_iframes()
5750 err = l2cap_reassemble_sdu(chan, skb, &bt_cb(skb)->l2cap); in l2cap_rx_queued_iframes()
5755 if (skb_queue_empty(&chan->srej_q)) { in l2cap_rx_queued_iframes()
5756 chan->rx_state = L2CAP_RX_STATE_RECV; in l2cap_rx_queued_iframes()
5770 if (control->reqseq == chan->next_tx_seq) { in l2cap_handle_srej()
5771 BT_DBG("Invalid reqseq %d, disconnecting", control->reqseq); in l2cap_handle_srej()
5776 skb = l2cap_ertm_seq_in_queue(&chan->tx_q, control->reqseq); in l2cap_handle_srej()
5780 control->reqseq); in l2cap_handle_srej()
5784 if (chan->max_tx != 0 && bt_cb(skb)->l2cap.retries >= chan->max_tx) { in l2cap_handle_srej()
5785 BT_DBG("Retry limit exceeded (%d)", chan->max_tx); in l2cap_handle_srej()
5790 clear_bit(CONN_REMOTE_BUSY, &chan->conn_state); in l2cap_handle_srej()
5792 if (control->poll) { in l2cap_handle_srej()
5795 set_bit(CONN_SEND_FBIT, &chan->conn_state); in l2cap_handle_srej()
5799 if (chan->tx_state == L2CAP_TX_STATE_WAIT_F) { in l2cap_handle_srej()
5800 set_bit(CONN_SREJ_ACT, &chan->conn_state); in l2cap_handle_srej()
5801 chan->srej_save_reqseq = control->reqseq; in l2cap_handle_srej()
5806 if (control->final) { in l2cap_handle_srej()
5807 if (chan->srej_save_reqseq != control->reqseq || in l2cap_handle_srej()
5809 &chan->conn_state)) in l2cap_handle_srej()
5813 if (chan->tx_state == L2CAP_TX_STATE_WAIT_F) { in l2cap_handle_srej()
5814 set_bit(CONN_SREJ_ACT, &chan->conn_state); in l2cap_handle_srej()
5815 chan->srej_save_reqseq = control->reqseq; in l2cap_handle_srej()
5828 if (control->reqseq == chan->next_tx_seq) { in l2cap_handle_rej()
5829 BT_DBG("Invalid reqseq %d, disconnecting", control->reqseq); in l2cap_handle_rej()
5834 skb = l2cap_ertm_seq_in_queue(&chan->tx_q, control->reqseq); in l2cap_handle_rej()
5836 if (chan->max_tx && skb && in l2cap_handle_rej()
5837 bt_cb(skb)->l2cap.retries >= chan->max_tx) { in l2cap_handle_rej()
5838 BT_DBG("Retry limit exceeded (%d)", chan->max_tx); in l2cap_handle_rej()
5843 clear_bit(CONN_REMOTE_BUSY, &chan->conn_state); in l2cap_handle_rej()
5847 if (control->final) { in l2cap_handle_rej()
5848 if (!test_and_clear_bit(CONN_REJ_ACT, &chan->conn_state)) in l2cap_handle_rej()
5853 if (chan->tx_state == L2CAP_TX_STATE_WAIT_F) in l2cap_handle_rej()
5854 set_bit(CONN_REJ_ACT, &chan->conn_state); in l2cap_handle_rej()
5862 BT_DBG("last_acked_seq %d, expected_tx_seq %d", chan->last_acked_seq, in l2cap_classify_txseq()
5863 chan->expected_tx_seq); in l2cap_classify_txseq()
5865 if (chan->rx_state == L2CAP_RX_STATE_SREJ_SENT) { in l2cap_classify_txseq()
5866 if (__seq_offset(chan, txseq, chan->last_acked_seq) >= in l2cap_classify_txseq()
5867 chan->tx_win) { in l2cap_classify_txseq()
5871 if (chan->tx_win <= ((chan->tx_win_max + 1) >> 1)) { in l2cap_classify_txseq()
5872 BT_DBG("Invalid/Ignore - after SREJ"); in l2cap_classify_txseq()
5875 BT_DBG("Invalid - in window after SREJ sent"); in l2cap_classify_txseq()
5880 if (chan->srej_list.head == txseq) { in l2cap_classify_txseq()
5885 if (l2cap_ertm_seq_in_queue(&chan->srej_q, txseq)) { in l2cap_classify_txseq()
5886 BT_DBG("Duplicate SREJ - txseq already stored"); in l2cap_classify_txseq()
5890 if (l2cap_seq_list_contains(&chan->srej_list, txseq)) { in l2cap_classify_txseq()
5891 BT_DBG("Unexpected SREJ - not requested"); in l2cap_classify_txseq()
5896 if (chan->expected_tx_seq == txseq) { in l2cap_classify_txseq()
5897 if (__seq_offset(chan, txseq, chan->last_acked_seq) >= in l2cap_classify_txseq()
5898 chan->tx_win) { in l2cap_classify_txseq()
5899 BT_DBG("Invalid - txseq outside tx window"); in l2cap_classify_txseq()
5907 if (__seq_offset(chan, txseq, chan->last_acked_seq) < in l2cap_classify_txseq()
5908 __seq_offset(chan, chan->expected_tx_seq, chan->last_acked_seq)) { in l2cap_classify_txseq()
5909 BT_DBG("Duplicate - expected_tx_seq later than txseq"); in l2cap_classify_txseq()
5913 if (__seq_offset(chan, txseq, chan->last_acked_seq) >= chan->tx_win) { in l2cap_classify_txseq()
5931 if (chan->tx_win <= ((chan->tx_win_max + 1) >> 1)) { in l2cap_classify_txseq()
5932 BT_DBG("Invalid/Ignore - txseq outside tx window"); in l2cap_classify_txseq()
5935 BT_DBG("Invalid - txseq outside tx window"); in l2cap_classify_txseq()
5939 BT_DBG("Unexpected - txseq indicates missing frames"); in l2cap_classify_txseq()
5957 switch (l2cap_classify_txseq(chan, control->txseq)) { in l2cap_rx_state_recv()
5961 if (test_bit(CONN_LOCAL_BUSY, &chan->conn_state)) { in l2cap_rx_state_recv()
5963 control->txseq); in l2cap_rx_state_recv()
5967 chan->expected_tx_seq = __next_seq(chan, in l2cap_rx_state_recv()
5968 control->txseq); in l2cap_rx_state_recv()
5970 chan->buffer_seq = chan->expected_tx_seq; in l2cap_rx_state_recv()
5980 * chan->ops->recv == l2cap_sock_recv_cb in l2cap_rx_state_recv()
5996 &chan->conn_state)) { in l2cap_rx_state_recv()
6003 if (!test_bit(CONN_LOCAL_BUSY, &chan->conn_state)) in l2cap_rx_state_recv()
6013 if (test_bit(CONN_LOCAL_BUSY, &chan->conn_state)) { in l2cap_rx_state_recv()
6015 control->txseq); in l2cap_rx_state_recv()
6023 skb_queue_tail(&chan->srej_q, skb); in l2cap_rx_state_recv()
6026 skb_queue_len(&chan->srej_q)); in l2cap_rx_state_recv()
6028 clear_bit(CONN_SREJ_ACT, &chan->conn_state); in l2cap_rx_state_recv()
6029 l2cap_seq_list_clear(&chan->srej_list); in l2cap_rx_state_recv()
6030 l2cap_send_srej(chan, control->txseq); in l2cap_rx_state_recv()
6032 chan->rx_state = L2CAP_RX_STATE_SREJ_SENT; in l2cap_rx_state_recv()
6047 if (control->final) { in l2cap_rx_state_recv()
6048 clear_bit(CONN_REMOTE_BUSY, &chan->conn_state); in l2cap_rx_state_recv()
6051 &chan->conn_state)) { in l2cap_rx_state_recv()
6052 control->final = 0; in l2cap_rx_state_recv()
6057 } else if (control->poll) { in l2cap_rx_state_recv()
6061 &chan->conn_state) && in l2cap_rx_state_recv()
6062 chan->unacked_frames) in l2cap_rx_state_recv()
6069 set_bit(CONN_REMOTE_BUSY, &chan->conn_state); in l2cap_rx_state_recv()
6071 if (control && control->poll) { in l2cap_rx_state_recv()
6072 set_bit(CONN_SEND_FBIT, &chan->conn_state); in l2cap_rx_state_recv()
6076 l2cap_seq_list_clear(&chan->retrans_list); in l2cap_rx_state_recv()
6101 u16 txseq = control->txseq; in l2cap_rx_state_srej_sent()
6113 skb_queue_tail(&chan->srej_q, skb); in l2cap_rx_state_srej_sent()
6116 skb_queue_len(&chan->srej_q)); in l2cap_rx_state_srej_sent()
6118 chan->expected_tx_seq = __next_seq(chan, txseq); in l2cap_rx_state_srej_sent()
6121 l2cap_seq_list_pop(&chan->srej_list); in l2cap_rx_state_srej_sent()
6124 skb_queue_tail(&chan->srej_q, skb); in l2cap_rx_state_srej_sent()
6127 skb_queue_len(&chan->srej_q)); in l2cap_rx_state_srej_sent()
6139 skb_queue_tail(&chan->srej_q, skb); in l2cap_rx_state_srej_sent()
6142 skb_queue_len(&chan->srej_q)); in l2cap_rx_state_srej_sent()
6145 l2cap_send_srej(chan, control->txseq); in l2cap_rx_state_srej_sent()
6153 skb_queue_tail(&chan->srej_q, skb); in l2cap_rx_state_srej_sent()
6156 skb_queue_len(&chan->srej_q)); in l2cap_rx_state_srej_sent()
6159 l2cap_send_srej_list(chan, control->txseq); in l2cap_rx_state_srej_sent()
6180 if (control->final) { in l2cap_rx_state_srej_sent()
6181 clear_bit(CONN_REMOTE_BUSY, &chan->conn_state); in l2cap_rx_state_srej_sent()
6184 &chan->conn_state)) { in l2cap_rx_state_srej_sent()
6185 control->final = 0; in l2cap_rx_state_srej_sent()
6190 } else if (control->poll) { in l2cap_rx_state_srej_sent()
6192 &chan->conn_state) && in l2cap_rx_state_srej_sent()
6193 chan->unacked_frames) { in l2cap_rx_state_srej_sent()
6197 set_bit(CONN_SEND_FBIT, &chan->conn_state); in l2cap_rx_state_srej_sent()
6201 &chan->conn_state) && in l2cap_rx_state_srej_sent()
6202 chan->unacked_frames) in l2cap_rx_state_srej_sent()
6209 set_bit(CONN_REMOTE_BUSY, &chan->conn_state); in l2cap_rx_state_srej_sent()
6211 if (control->poll) { in l2cap_rx_state_srej_sent()
6218 rr_control.reqseq = chan->buffer_seq; in l2cap_rx_state_srej_sent()
6243 chan->rx_state = L2CAP_RX_STATE_RECV; in l2cap_finish_move()
6244 chan->conn->mtu = chan->conn->hcon->mtu; in l2cap_finish_move()
6258 if (!control->poll) in l2cap_rx_state_wait_p()
6259 return -EPROTO; in l2cap_rx_state_wait_p()
6261 l2cap_process_reqseq(chan, control->reqseq); in l2cap_rx_state_wait_p()
6263 if (!skb_queue_empty(&chan->tx_q)) in l2cap_rx_state_wait_p()
6264 chan->tx_send_head = skb_peek(&chan->tx_q); in l2cap_rx_state_wait_p()
6266 chan->tx_send_head = NULL; in l2cap_rx_state_wait_p()
6271 chan->next_tx_seq = control->reqseq; in l2cap_rx_state_wait_p()
6272 chan->unacked_frames = 0; in l2cap_rx_state_wait_p()
6278 set_bit(CONN_SEND_FBIT, &chan->conn_state); in l2cap_rx_state_wait_p()
6282 return -EPROTO; in l2cap_rx_state_wait_p()
6293 if (!control->final) in l2cap_rx_state_wait_f()
6294 return -EPROTO; in l2cap_rx_state_wait_f()
6296 clear_bit(CONN_REMOTE_BUSY, &chan->conn_state); in l2cap_rx_state_wait_f()
6298 chan->rx_state = L2CAP_RX_STATE_RECV; in l2cap_rx_state_wait_f()
6299 l2cap_process_reqseq(chan, control->reqseq); in l2cap_rx_state_wait_f()
6301 if (!skb_queue_empty(&chan->tx_q)) in l2cap_rx_state_wait_f()
6302 chan->tx_send_head = skb_peek(&chan->tx_q); in l2cap_rx_state_wait_f()
6304 chan->tx_send_head = NULL; in l2cap_rx_state_wait_f()
6309 chan->next_tx_seq = control->reqseq; in l2cap_rx_state_wait_f()
6310 chan->unacked_frames = 0; in l2cap_rx_state_wait_f()
6311 chan->conn->mtu = chan->conn->hcon->mtu; in l2cap_rx_state_wait_f()
6326 unacked = __seq_offset(chan, chan->next_tx_seq, chan->expected_ack_seq); in __valid_reqseq()
6327 return __seq_offset(chan, chan->next_tx_seq, reqseq) <= unacked; in __valid_reqseq()
6336 control, skb, event, chan->rx_state); in l2cap_rx()
6338 if (__valid_reqseq(chan, control->reqseq)) { in l2cap_rx()
6339 switch (chan->rx_state) { in l2cap_rx()
6359 control->reqseq, chan->next_tx_seq, in l2cap_rx()
6360 chan->expected_ack_seq); in l2cap_rx()
6376 * chan->ops->recv == l2cap_sock_recv_cb in l2cap_stream_rx()
6385 u16 txseq = control->txseq; in l2cap_stream_rx()
6388 chan->rx_state); in l2cap_stream_rx()
6393 BT_DBG("buffer_seq %u->%u", chan->buffer_seq, in l2cap_stream_rx()
6394 __next_seq(chan, chan->buffer_seq)); in l2cap_stream_rx()
6396 chan->buffer_seq = __next_seq(chan, chan->buffer_seq); in l2cap_stream_rx()
6400 if (chan->sdu) { in l2cap_stream_rx()
6401 kfree_skb(chan->sdu); in l2cap_stream_rx()
6402 chan->sdu = NULL; in l2cap_stream_rx()
6404 chan->sdu_last_frag = NULL; in l2cap_stream_rx()
6405 chan->sdu_len = 0; in l2cap_stream_rx()
6413 chan->last_acked_seq = txseq; in l2cap_stream_rx()
6414 chan->expected_tx_seq = __next_seq(chan, txseq); in l2cap_stream_rx()
6421 struct l2cap_ctrl *control = &bt_cb(skb)->l2cap; in l2cap_data_rcv()
6427 len = skb->len; in l2cap_data_rcv()
6430 * We can just drop the corrupted I-frame here. in l2cap_data_rcv()
6437 if (!control->sframe && control->sar == L2CAP_SAR_START) in l2cap_data_rcv()
6438 len -= L2CAP_SDULEN_SIZE; in l2cap_data_rcv()
6440 if (chan->fcs == L2CAP_FCS_CRC16) in l2cap_data_rcv()
6441 len -= L2CAP_FCS_SIZE; in l2cap_data_rcv()
6443 if (len > chan->mps) { in l2cap_data_rcv()
6448 if (chan->ops->filter) { in l2cap_data_rcv()
6449 if (chan->ops->filter(chan, skb)) in l2cap_data_rcv()
6453 if (!control->sframe) { in l2cap_data_rcv()
6456 BT_DBG("iframe sar %d, reqseq %d, final %d, txseq %d", in l2cap_data_rcv()
6457 control->sar, control->reqseq, control->final, in l2cap_data_rcv()
6458 control->txseq); in l2cap_data_rcv()
6460 /* Validate F-bit - F=0 always valid, F=1 only in l2cap_data_rcv()
6463 if (control->final && chan->tx_state != L2CAP_TX_STATE_WAIT_F) in l2cap_data_rcv()
6466 if (chan->mode != L2CAP_MODE_STREAMING) { in l2cap_data_rcv()
6481 /* Only I-frames are expected in streaming mode */ in l2cap_data_rcv()
6482 if (chan->mode == L2CAP_MODE_STREAMING) in l2cap_data_rcv()
6486 control->reqseq, control->final, control->poll, in l2cap_data_rcv()
6487 control->super); in l2cap_data_rcv()
6496 if (control->final && (control->poll || in l2cap_data_rcv()
6497 chan->tx_state != L2CAP_TX_STATE_WAIT_F)) in l2cap_data_rcv()
6500 event = rx_func_to_event[control->super]; in l2cap_data_rcv()
6514 struct l2cap_conn *conn = chan->conn; in l2cap_chan_le_send_credits()
6518 if (chan->rx_credits >= return_credits) in l2cap_chan_le_send_credits()
6521 return_credits -= chan->rx_credits; in l2cap_chan_le_send_credits()
6525 chan->rx_credits += return_credits; in l2cap_chan_le_send_credits()
6527 pkt.cid = cpu_to_le16(chan->scid); in l2cap_chan_le_send_credits()
6530 chan->ident = l2cap_get_ident(conn); in l2cap_chan_le_send_credits()
6532 l2cap_send_cmd(conn, chan->ident, L2CAP_LE_CREDITS, sizeof(pkt), &pkt); in l2cap_chan_le_send_credits()
6537 if (chan->rx_avail == rx_avail) in l2cap_chan_rx_avail()
6542 chan->rx_avail = rx_avail; in l2cap_chan_rx_avail()
6544 if (chan->state == BT_CONNECTED) in l2cap_chan_rx_avail()
6552 BT_DBG("SDU reassemble complete: chan %p skb->len %u", chan, skb->len); in l2cap_ecred_recv()
6555 err = chan->ops->recv(chan, skb); in l2cap_ecred_recv()
6557 if (err < 0 && chan->rx_avail != -1) { in l2cap_ecred_recv()
6573 if (!chan->rx_credits) { in l2cap_ecred_data_rcv()
6576 return -ENOBUFS; in l2cap_ecred_data_rcv()
6579 if (chan->imtu < skb->len) { in l2cap_ecred_data_rcv()
6581 return -ENOBUFS; in l2cap_ecred_data_rcv()
6584 chan->rx_credits--; in l2cap_ecred_data_rcv()
6585 BT_DBG("chan %p: rx_credits %u -> %u", in l2cap_ecred_data_rcv()
6586 chan, chan->rx_credits + 1, chan->rx_credits); in l2cap_ecred_data_rcv()
6591 if (!chan->rx_credits) in l2cap_ecred_data_rcv()
6596 if (!chan->sdu) { in l2cap_ecred_data_rcv()
6599 sdu_len = get_unaligned_le16(skb->data); in l2cap_ecred_data_rcv()
6602 BT_DBG("Start of new SDU. sdu_len %u skb->len %u imtu %u", in l2cap_ecred_data_rcv()
6603 sdu_len, skb->len, chan->imtu); in l2cap_ecred_data_rcv()
6605 if (sdu_len > chan->imtu) { in l2cap_ecred_data_rcv()
6607 err = -EMSGSIZE; in l2cap_ecred_data_rcv()
6611 if (skb->len > sdu_len) { in l2cap_ecred_data_rcv()
6613 err = -EINVAL; in l2cap_ecred_data_rcv()
6617 if (skb->len == sdu_len) in l2cap_ecred_data_rcv()
6620 chan->sdu = skb; in l2cap_ecred_data_rcv()
6621 chan->sdu_len = sdu_len; in l2cap_ecred_data_rcv()
6622 chan->sdu_last_frag = skb; in l2cap_ecred_data_rcv()
6625 if (skb->len + L2CAP_SDULEN_SIZE < chan->mps) { in l2cap_ecred_data_rcv()
6626 u16 mps_len = skb->len + L2CAP_SDULEN_SIZE; in l2cap_ecred_data_rcv()
6629 BT_DBG("chan->mps %u -> %u", chan->mps, mps_len); in l2cap_ecred_data_rcv()
6630 chan->mps = mps_len; in l2cap_ecred_data_rcv()
6637 BT_DBG("SDU fragment. chan->sdu->len %u skb->len %u chan->sdu_len %u", in l2cap_ecred_data_rcv()
6638 chan->sdu->len, skb->len, chan->sdu_len); in l2cap_ecred_data_rcv()
6640 if (chan->sdu->len + skb->len > chan->sdu_len) { in l2cap_ecred_data_rcv()
6642 err = -EINVAL; in l2cap_ecred_data_rcv()
6646 append_skb_frag(chan->sdu, skb, &chan->sdu_last_frag); in l2cap_ecred_data_rcv()
6649 if (chan->sdu->len == chan->sdu_len) { in l2cap_ecred_data_rcv()
6650 err = l2cap_ecred_recv(chan, chan->sdu); in l2cap_ecred_data_rcv()
6652 chan->sdu = NULL; in l2cap_ecred_data_rcv()
6653 chan->sdu_last_frag = NULL; in l2cap_ecred_data_rcv()
6654 chan->sdu_len = 0; in l2cap_ecred_data_rcv()
6661 kfree_skb(chan->sdu); in l2cap_ecred_data_rcv()
6662 chan->sdu = NULL; in l2cap_ecred_data_rcv()
6663 chan->sdu_last_frag = NULL; in l2cap_ecred_data_rcv()
6664 chan->sdu_len = 0; in l2cap_ecred_data_rcv()
6669 * do a double-free of the skb. in l2cap_ecred_data_rcv()
6687 BT_DBG("chan %p, len %d", chan, skb->len); in l2cap_data_channel()
6693 if (chan->chan_type == L2CAP_CHAN_FIXED) in l2cap_data_channel()
6696 if (chan->state != BT_CONNECTED) in l2cap_data_channel()
6699 switch (chan->mode) { in l2cap_data_channel()
6713 if (chan->imtu < skb->len) { in l2cap_data_channel()
6718 if (!chan->ops->recv(chan, skb)) in l2cap_data_channel()
6728 BT_DBG("chan %p: bad mode 0x%2.2x", chan, chan->mode); in l2cap_data_channel()
6743 struct hci_conn *hcon = conn->hcon; in l2cap_conless_channel()
6746 if (hcon->type != ACL_LINK) in l2cap_conless_channel()
6749 chan = l2cap_global_chan_by_psm(0, psm, &hcon->src, &hcon->dst, in l2cap_conless_channel()
6754 BT_DBG("chan %p, len %d", chan, skb->len); in l2cap_conless_channel()
6758 if (chan->state != BT_BOUND && chan->state != BT_CONNECTED) in l2cap_conless_channel()
6761 if (chan->imtu < skb->len) in l2cap_conless_channel()
6765 bacpy(&bt_cb(skb)->l2cap.bdaddr, &hcon->dst); in l2cap_conless_channel()
6766 bt_cb(skb)->l2cap.psm = psm; in l2cap_conless_channel()
6768 if (!chan->ops->recv(chan, skb)) { in l2cap_conless_channel()
6783 struct l2cap_hdr *lh = (void *) skb->data; in l2cap_recv_frame()
6784 struct hci_conn *hcon = conn->hcon; in l2cap_recv_frame()
6788 if (hcon->state != BT_CONNECTED) { in l2cap_recv_frame()
6790 skb_queue_tail(&conn->pending_rx, skb); in l2cap_recv_frame()
6795 cid = __le16_to_cpu(lh->cid); in l2cap_recv_frame()
6796 len = __le16_to_cpu(lh->len); in l2cap_recv_frame()
6798 if (len != skb->len) { in l2cap_recv_frame()
6806 if (hcon->type == LE_LINK && in l2cap_recv_frame()
6807 hci_bdaddr_list_lookup(&hcon->hdev->reject_list, &hcon->dst, in l2cap_recv_frame()
6821 psm = get_unaligned((__le16 *) skb->data); in l2cap_recv_frame()
6844 while ((skb = skb_dequeue(&conn->pending_rx))) in process_pending_rx()
6850 struct l2cap_conn *conn = hcon->l2cap_data; in l2cap_conn_add()
6866 kref_init(&conn->ref); in l2cap_conn_add()
6867 hcon->l2cap_data = conn; in l2cap_conn_add()
6868 conn->hcon = hci_conn_get(hcon); in l2cap_conn_add()
6869 conn->hchan = hchan; in l2cap_conn_add()
6873 conn->mtu = hcon->mtu; in l2cap_conn_add()
6874 conn->feat_mask = 0; in l2cap_conn_add()
6876 conn->local_fixed_chan = L2CAP_FC_SIG_BREDR | L2CAP_FC_CONNLESS; in l2cap_conn_add()
6878 if (hci_dev_test_flag(hcon->hdev, HCI_LE_ENABLED) && in l2cap_conn_add()
6879 (bredr_sc_enabled(hcon->hdev) || in l2cap_conn_add()
6880 hci_dev_test_flag(hcon->hdev, HCI_FORCE_BREDR_SMP))) in l2cap_conn_add()
6881 conn->local_fixed_chan |= L2CAP_FC_SMP_BREDR; in l2cap_conn_add()
6883 mutex_init(&conn->ident_lock); in l2cap_conn_add()
6884 mutex_init(&conn->chan_lock); in l2cap_conn_add()
6886 INIT_LIST_HEAD(&conn->chan_l); in l2cap_conn_add()
6887 INIT_LIST_HEAD(&conn->users); in l2cap_conn_add()
6889 INIT_DELAYED_WORK(&conn->info_timer, l2cap_info_timeout); in l2cap_conn_add()
6891 skb_queue_head_init(&conn->pending_rx); in l2cap_conn_add()
6892 INIT_WORK(&conn->pending_rx_work, process_pending_rx); in l2cap_conn_add()
6893 INIT_DELAYED_WORK(&conn->id_addr_timer, l2cap_conn_update_id_addr); in l2cap_conn_add()
6895 conn->disc_reason = HCI_ERROR_REMOTE_USER_TERM; in l2cap_conn_add()
6923 if (chan == d->chan) in l2cap_chan_by_pid()
6926 if (!test_bit(FLAG_DEFER_SETUP, &chan->flags)) in l2cap_chan_by_pid()
6929 pid = chan->ops->get_peer_pid(chan); in l2cap_chan_by_pid()
6932 if (d->pid != pid || chan->psm != d->chan->psm || chan->ident || in l2cap_chan_by_pid()
6933 chan->mode != L2CAP_MODE_EXT_FLOWCTL || chan->state != BT_CONNECT) in l2cap_chan_by_pid()
6936 d->count++; in l2cap_chan_by_pid()
6947 BT_DBG("%pMR -> %pMR (type %u) psm 0x%4.4x mode 0x%2.2x", &chan->src, in l2cap_chan_connect()
6948 dst, dst_type, __le16_to_cpu(psm), chan->mode); in l2cap_chan_connect()
6950 hdev = hci_get_route(dst, &chan->src, chan->src_type); in l2cap_chan_connect()
6952 return -EHOSTUNREACH; in l2cap_chan_connect()
6957 chan->chan_type != L2CAP_CHAN_RAW) { in l2cap_chan_connect()
6958 err = -EINVAL; in l2cap_chan_connect()
6962 if (chan->chan_type == L2CAP_CHAN_CONN_ORIENTED && !psm) { in l2cap_chan_connect()
6963 err = -EINVAL; in l2cap_chan_connect()
6967 if (chan->chan_type == L2CAP_CHAN_FIXED && !cid) { in l2cap_chan_connect()
6968 err = -EINVAL; in l2cap_chan_connect()
6972 switch (chan->mode) { in l2cap_chan_connect()
6979 err = -EOPNOTSUPP; in l2cap_chan_connect()
6989 err = -EOPNOTSUPP; in l2cap_chan_connect()
6993 switch (chan->state) { in l2cap_chan_connect()
7003 err = -EISCONN; in l2cap_chan_connect()
7012 err = -EBADFD; in l2cap_chan_connect()
7017 bacpy(&chan->dst, dst); in l2cap_chan_connect()
7018 chan->dst_type = dst_type; in l2cap_chan_connect()
7020 chan->psm = psm; in l2cap_chan_connect()
7021 chan->dcid = cid; in l2cap_chan_connect()
7033 chan->sec_level, timeout, in l2cap_chan_connect()
7037 chan->sec_level, timeout, in l2cap_chan_connect()
7042 hcon = hci_connect_acl(hdev, dst, chan->sec_level, auth_type, in l2cap_chan_connect()
7054 err = -ENOMEM; in l2cap_chan_connect()
7058 if (chan->mode == L2CAP_MODE_EXT_FLOWCTL) { in l2cap_chan_connect()
7062 data.pid = chan->ops->get_peer_pid(chan); in l2cap_chan_connect()
7070 err = -EPROTO; in l2cap_chan_connect()
7075 mutex_lock(&conn->chan_lock); in l2cap_chan_connect()
7080 err = -EBUSY; in l2cap_chan_connect()
7085 bacpy(&chan->src, &hcon->src); in l2cap_chan_connect()
7086 chan->src_type = bdaddr_src_type(hcon); in l2cap_chan_connect()
7094 __set_chan_timer(chan, chan->ops->get_sndtimeo(chan)); in l2cap_chan_connect()
7096 /* Release chan->sport so that it can be reused by other in l2cap_chan_connect()
7100 chan->sport = 0; in l2cap_chan_connect()
7103 if (hcon->state == BT_CONNECTED) { in l2cap_chan_connect()
7104 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED) { in l2cap_chan_connect()
7116 mutex_unlock(&conn->chan_lock); in l2cap_chan_connect()
7126 struct l2cap_conn *conn = chan->conn; in l2cap_ecred_reconfigure()
7129 pdu->mtu = cpu_to_le16(chan->imtu); in l2cap_ecred_reconfigure()
7130 pdu->mps = cpu_to_le16(chan->mps); in l2cap_ecred_reconfigure()
7131 pdu->scid[0] = cpu_to_le16(chan->scid); in l2cap_ecred_reconfigure()
7133 chan->ident = l2cap_get_ident(conn); in l2cap_ecred_reconfigure()
7135 l2cap_send_cmd(conn, chan->ident, L2CAP_ECRED_RECONF_REQ, in l2cap_ecred_reconfigure()
7141 if (chan->imtu > mtu) in l2cap_chan_reconfigure()
7142 return -EINVAL; in l2cap_chan_reconfigure()
7146 chan->imtu = mtu; in l2cap_chan_reconfigure()
7153 /* ---- L2CAP interface with lower layer (HCI) ---- */
7160 BT_DBG("hdev %s, bdaddr %pMR", hdev->name, bdaddr); in l2cap_connect_ind()
7165 if (c->state != BT_LISTEN) in l2cap_connect_ind()
7168 if (!bacmp(&c->src, &hdev->bdaddr)) { in l2cap_connect_ind()
7170 if (test_bit(FLAG_ROLE_SWITCH, &c->flags)) in l2cap_connect_ind()
7173 } else if (!bacmp(&c->src, BDADDR_ANY)) { in l2cap_connect_ind()
7175 if (test_bit(FLAG_ROLE_SWITCH, &c->flags)) in l2cap_connect_ind()
7201 if (c->chan_type != L2CAP_CHAN_FIXED) in l2cap_global_fixed_chan()
7203 if (c->state != BT_LISTEN) in l2cap_global_fixed_chan()
7205 if (bacmp(&c->src, &hcon->src) && bacmp(&c->src, BDADDR_ANY)) in l2cap_global_fixed_chan()
7207 if (src_type != c->src_type) in l2cap_global_fixed_chan()
7222 struct hci_dev *hdev = hcon->hdev; in l2cap_connect_cfm()
7227 if (hcon->type != ACL_LINK && hcon->type != LE_LINK) in l2cap_connect_cfm()
7230 BT_DBG("hcon %p bdaddr %pMR status %d", hcon, &hcon->dst, status); in l2cap_connect_cfm()
7244 if (hci_bdaddr_list_lookup(&hdev->reject_list, &hcon->dst, dst_type)) in l2cap_connect_cfm()
7257 if (__l2cap_get_chan_by_dcid(conn, pchan->scid)) in l2cap_connect_cfm()
7261 chan = pchan->ops->new_connection(pchan); in l2cap_connect_cfm()
7263 bacpy(&chan->src, &hcon->src); in l2cap_connect_cfm()
7264 bacpy(&chan->dst, &hcon->dst); in l2cap_connect_cfm()
7265 chan->src_type = bdaddr_src_type(hcon); in l2cap_connect_cfm()
7266 chan->dst_type = dst_type; in l2cap_connect_cfm()
7283 struct l2cap_conn *conn = hcon->l2cap_data; in l2cap_disconn_ind()
7289 return conn->disc_reason; in l2cap_disconn_ind()
7294 if (hcon->type != ACL_LINK && hcon->type != LE_LINK) in l2cap_disconn_cfm()
7304 if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED) in l2cap_check_encryption()
7308 if (chan->sec_level == BT_SECURITY_MEDIUM) { in l2cap_check_encryption()
7310 } else if (chan->sec_level == BT_SECURITY_HIGH || in l2cap_check_encryption()
7311 chan->sec_level == BT_SECURITY_FIPS) in l2cap_check_encryption()
7314 if (chan->sec_level == BT_SECURITY_MEDIUM) in l2cap_check_encryption()
7321 struct l2cap_conn *conn = hcon->l2cap_data; in l2cap_security_cfm()
7329 mutex_lock(&conn->chan_lock); in l2cap_security_cfm()
7331 list_for_each_entry(chan, &conn->chan_l, list) { in l2cap_security_cfm()
7334 BT_DBG("chan %p scid 0x%4.4x state %s", chan, chan->scid, in l2cap_security_cfm()
7335 state_to_string(chan->state)); in l2cap_security_cfm()
7338 chan->sec_level = hcon->sec_level; in l2cap_security_cfm()
7345 if (!status && (chan->state == BT_CONNECTED || in l2cap_security_cfm()
7346 chan->state == BT_CONFIG)) { in l2cap_security_cfm()
7347 chan->ops->resume(chan); in l2cap_security_cfm()
7353 if (chan->state == BT_CONNECT) { in l2cap_security_cfm()
7358 } else if (chan->state == BT_CONNECT2 && in l2cap_security_cfm()
7359 !(chan->mode == L2CAP_MODE_EXT_FLOWCTL || in l2cap_security_cfm()
7360 chan->mode == L2CAP_MODE_LE_FLOWCTL)) { in l2cap_security_cfm()
7365 if (test_bit(FLAG_DEFER_SETUP, &chan->flags)) { in l2cap_security_cfm()
7368 chan->ops->defer(chan); in l2cap_security_cfm()
7381 rsp.scid = cpu_to_le16(chan->dcid); in l2cap_security_cfm()
7382 rsp.dcid = cpu_to_le16(chan->scid); in l2cap_security_cfm()
7385 l2cap_send_cmd(conn, chan->ident, L2CAP_CONN_RSP, in l2cap_security_cfm()
7388 if (!test_bit(CONF_REQ_SENT, &chan->conf_state) && in l2cap_security_cfm()
7391 set_bit(CONF_REQ_SENT, &chan->conf_state); in l2cap_security_cfm()
7396 chan->num_conf_req++; in l2cap_security_cfm()
7403 mutex_unlock(&conn->chan_lock); in l2cap_security_cfm()
7410 if (!conn->rx_skb) { in l2cap_recv_frag()
7412 conn->rx_skb = bt_skb_alloc(len, GFP_KERNEL); in l2cap_recv_frag()
7413 if (!conn->rx_skb) in l2cap_recv_frag()
7414 return -ENOMEM; in l2cap_recv_frag()
7416 conn->rx_len = len; in l2cap_recv_frag()
7420 len = min_t(u16, len, skb->len); in l2cap_recv_frag()
7421 skb_copy_from_linear_data(skb, skb_put(conn->rx_skb, len), len); in l2cap_recv_frag()
7423 conn->rx_len -= len; in l2cap_recv_frag()
7434 len = l2cap_recv_frag(conn, skb, L2CAP_LEN_SIZE - conn->rx_skb->len); in l2cap_recv_len()
7437 if (len < 0 || conn->rx_skb->len < L2CAP_LEN_SIZE) in l2cap_recv_len()
7440 rx_skb = conn->rx_skb; in l2cap_recv_len()
7441 len = get_unaligned_le16(rx_skb->data); in l2cap_recv_len()
7444 if (len + (L2CAP_HDR_SIZE - L2CAP_LEN_SIZE) <= skb_tailroom(rx_skb)) { in l2cap_recv_len()
7446 conn->rx_len = len + (L2CAP_HDR_SIZE - L2CAP_LEN_SIZE); in l2cap_recv_len()
7450 /* Reset conn->rx_skb since it will need to be reallocated in order to in l2cap_recv_len()
7453 conn->rx_skb = NULL; in l2cap_recv_len()
7457 len + (L2CAP_HDR_SIZE - L2CAP_LEN_SIZE)); in l2cap_recv_len()
7465 kfree_skb(conn->rx_skb); in l2cap_recv_reset()
7466 conn->rx_skb = NULL; in l2cap_recv_reset()
7467 conn->rx_len = 0; in l2cap_recv_reset()
7472 struct l2cap_conn *conn = hcon->l2cap_data; in l2cap_recv_acldata()
7481 BT_DBG("conn %p len %u flags 0x%x", conn, skb->len, flags); in l2cap_recv_acldata()
7487 if (conn->rx_skb) { in l2cap_recv_acldata()
7488 BT_ERR("Unexpected start frame (len %d)", skb->len); in l2cap_recv_acldata()
7494 * copy the initial byte when that happens and use conn->mtu as in l2cap_recv_acldata()
7497 if (skb->len < L2CAP_LEN_SIZE) { in l2cap_recv_acldata()
7498 l2cap_recv_frag(conn, skb, conn->mtu); in l2cap_recv_acldata()
7502 len = get_unaligned_le16(skb->data) + L2CAP_HDR_SIZE; in l2cap_recv_acldata()
7504 if (len == skb->len) { in l2cap_recv_acldata()
7510 BT_DBG("Start: total len %d, frag len %u", len, skb->len); in l2cap_recv_acldata()
7512 if (skb->len > len) { in l2cap_recv_acldata()
7514 skb->len, len); in l2cap_recv_acldata()
7526 BT_DBG("Cont: frag len %u (expecting %u)", skb->len, conn->rx_len); in l2cap_recv_acldata()
7528 if (!conn->rx_skb) { in l2cap_recv_acldata()
7529 BT_ERR("Unexpected continuation frame (len %d)", skb->len); in l2cap_recv_acldata()
7535 if (conn->rx_skb->len < L2CAP_LEN_SIZE) { in l2cap_recv_acldata()
7542 if (conn->rx_skb->len < L2CAP_LEN_SIZE) in l2cap_recv_acldata()
7546 if (skb->len > conn->rx_len) { in l2cap_recv_acldata()
7548 skb->len, conn->rx_len); in l2cap_recv_acldata()
7555 l2cap_recv_frag(conn, skb, skb->len); in l2cap_recv_acldata()
7557 if (!conn->rx_len) { in l2cap_recv_acldata()
7562 struct sk_buff *rx_skb = conn->rx_skb; in l2cap_recv_acldata()
7563 conn->rx_skb = NULL; in l2cap_recv_acldata()
7588 &c->src, c->src_type, &c->dst, c->dst_type, in l2cap_debugfs_show()
7589 c->state, __le16_to_cpu(c->psm), in l2cap_debugfs_show()
7590 c->scid, c->dcid, c->imtu, c->omtu, in l2cap_debugfs_show()
7591 c->sec_level, c->mode); in l2cap_debugfs_show()