aboutsummaryrefslogtreecommitdiffstats
path: root/net/bluetooth/l2cap_core.c
Commit message (Collapse)AuthorAgeFilesLines
* merged 3.0.101 tagWolfgang Wiedmeyer2015-10-221-0/+3
|
* merge opensource jb u5codeworkx2012-09-221-0/+32
| | | | Change-Id: I1aaec157aa196f3448eff8636134fce89a814cf2
* samsung update 1codeworkx2012-06-021-458/+670
|
* Bluetooth: Fix crash with incoming L2CAP connectionsIlia Kolomisnky2011-07-161-2/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Another regression fix considering incomming l2cap connections with defer_setup enabled. In situations when incomming connection is extracted with l2cap_sock_accept, it's bt_sock info will have 'parent' member zerroed, but 'parent' may be used unconditionally in l2cap_conn_start() and l2cap_security_cfm() when defer_setup is enabled. Backtrace: [<bf02d5ac>] (l2cap_security_cfm+0x0/0x2ac [bluetooth]) from [<bf01f01c>] (hci_event_pac ket+0xc2c/0x4aa4 [bluetooth]) [<bf01e3f0>] (hci_event_packet+0x0/0x4aa4 [bluetooth]) from [<bf01a844>] (hci_rx_task+0x cc/0x27c [bluetooth]) [<bf01a778>] (hci_rx_task+0x0/0x27c [bluetooth]) from [<c008eee4>] (tasklet_action+0xa0/ 0x15c) [<c008ee44>] (tasklet_action+0x0/0x15c) from [<c008f38c>] (__do_softirq+0x98/0x130) r7:00000101 r6:00000018 r5:00000001 r4:efc46000 [<c008f2f4>] (__do_softirq+0x0/0x130) from [<c008f524>] (do_softirq+0x4c/0x58) [<c008f4d8>] (do_softirq+0x0/0x58) from [<c008f5e0>] (run_ksoftirqd+0xb0/0x1b4) r4:efc46000 r3:00000001 [<c008f530>] (run_ksoftirqd+0x0/0x1b4) from [<c009f2a8>] (kthread+0x84/0x8c) r7:00000000 r6:c008f530 r5:efc47fc4 r4:efc41f08 [<c009f224>] (kthread+0x0/0x8c) from [<c008cc84>] (do_exit+0x0/0x5f0) Signed-off-by: Ilia Kolomisnky <iliak@ti.com> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi> Signed-off-by: David S. Miller <davem@davemloft.net>
* Bluetooth: Fix regression in L2CAP connection procedureGustavo F. Padovan2011-07-161-2/+1
| | | | | | | | | | | | | | | | | | | | | Caused by the following commit, partially revert it. commit 9fa7e4f76f3658ba1f44fbdb95c77e7df3f53f95 Author: Gustavo F. Padovan <padovan@profusion.mobi> Date: Thu Jun 30 16:11:30 2011 -0300 Bluetooth: Fix regression with incoming L2CAP connections PTS test A2DP/SRC/SRC_SET/TC_SRC_SET_BV_02_I revealed that ( probably after the df3c3931e commit ) the l2cap connection could not be established in case when the "Auth Complete" HCI event does not arive before the initiator send "Configuration request", in which case l2cap replies with "Command rejected" since the channel is still in BT_CONNECT2 state. Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi> Signed-off-by: David S. Miller <davem@davemloft.net>
* Bluetooth: Fix regression with incoming L2CAP connectionsGustavo F. Padovan2011-06-301-1/+2
| | | | | | | | | | | | | PTS test A2DP/SRC/SRC_SET/TC_SRC_SET_BV_02_I revealed that ( probably after the df3c3931e commit ) the l2cap connection could not be established in case when the "Auth Complete" HCI event does not arive before the initiator send "Configuration request", in which case l2cap replies with "Command rejected" since the channel is still in BT_CONNECT2 state. Based on patch from: Ilia Kolomisnky <iliak@ti.com> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: Prevent buffer overflow in l2cap config requestDan Rosenberg2011-06-281-1/+1
| | | | | | | | | | | | A remote user can provide a small value for the command size field in the command header of an l2cap configuration request, resulting in an integer underflow when subtracting the size of the configuration request header. This results in copying a very large amount of data via memcpy() and destroying the kernel heap. Check for underflow. Signed-off-by: Dan Rosenberg <drosenberg@vsecurity.com> Cc: stable <stable@kernel.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: Fix accepting connect requests for defer_setupJohan Hedberg2011-06-141-6/+15
| | | | | | | | | | | | When authentication completes we shouldn't blindly accept any pending L2CAP connect requests. If the socket has the defer_setup feature enabled it should still wait for user space acceptance of the connect request. The issue only happens for non-SSP connections since with SSP the L2CAP Connect request may not be sent for non-SDP PSMs before authentication has completed successfully. Signed-off-by: Johan Hedberg <johan.hedberg@intel.com> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* bluetooth l2cap: fix locking in l2cap_global_chan_by_psmJohannes Berg2011-06-011-1/+1
| | | | | | | | | | | | | | read_lock() ... read_unlock_bh() is clearly bogus. This was broken by commit 23691d75cdc69c3b285211b4d77746aa20a17d18 Author: Gustavo F. Padovan <padovan@profusion.mobi> Date: Wed Apr 27 18:26:32 2011 -0300 Bluetooth: Remove l2cap_sk_list Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* bluetooth: Fix warnings in l2cap_core.cDavid S. Miller2011-05-161-2/+2
| | | | | | | | | | net/bluetooth/l2cap_core.c: In function ‘l2cap_recv_frame’: net/bluetooth/l2cap_core.c:3758:15: warning: ‘sk’ may be used uninitialized in this function net/bluetooth/l2cap_core.c:3758:15: note: ‘sk’ was declared here net/bluetooth/l2cap_core.c:3791:15: warning: ‘sk’ may be used uninitialized in this function net/bluetooth/l2cap_core.c:3791:15: note: ‘sk’ was declared here Signed-off-by: David S. Miller <davem@davemloft.net>
* Merge branch 'master' of ↵John W. Linville2011-05-161-60/+133
|\ | | | | | | | | | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next-2.6 into for-davem Conflicts: drivers/net/wireless/iwlwifi/iwl-agn-tx.c net/mac80211/sta_info.h
| * Bluetooth: Remove leftover debug messagesGustavo F. Padovan2011-05-121-3/+1
| | | | | | | | | | | | They were added by me while testing and I forgot to remove. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
| * Bluetooth: Remove l2cap_sk_listGustavo F. Padovan2011-05-051-75/+90
| | | | | | | | | | | | | | | | | | | | A new list was added to replace the socket based one. This new list doesn't depent on sock and then fits better inside l2cap_core.c code. It also rename l2cap_chan_alloc() to l2cap_chan_create() and l2cap_chan_free() to l2cap_chan_destroy) Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
| * Bluetooth: Handle psm == 0 case inside l2cap_add_psm()Gustavo F. Padovan2011-05-051-8/+24
| | | | | | | | | | | | | | When the user doesn't specify a psm we have the choose one for the channel. Now we do this inside l2cap_add_psm(). Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
| * Bluetooth: Add l2cap_add_psm() and l2cap_add_scid()Gustavo F. Padovan2011-05-051-0/+44
| | | | | | | | | | | | | | | | The intention is to get rid of the l2cap_sk_list usage inside l2cap_core.c. l2cap_sk_list will soon be replaced by a list that does not depend on socket usage. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* | Merge branch 'master' of ↵John W. Linville2011-05-051-299/+289
|\ \ | |/ | | | | | | | | | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next-2.6 into for-davem Conflicts: drivers/net/wireless/libertas/if_cs.c drivers/net/wireless/rtlwifi/pci.c net/bluetooth/l2cap_sock.c
| * Bluetooth: Fix memory leak with L2CAP channelsGustavo F. Padovan2011-04-281-4/+6
| | | | | | | | | | | | A new l2cap_chan_free() is added to free the channels. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
| * Bluetooth: Move conn to struct l2cap_chanGustavo F. Padovan2011-04-281-52/+40
| | | | | | | | | | | | | | There is no need to the socket deal directly with the channel, most of the time it cares about the channel only. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
| * Bluetooth: Move more vars to struct l2cap_chanGustavo F. Padovan2011-04-281-57/+59
| | | | | | | | | | | | In this commit, psm, scid and dcid. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
| * Bluetooth: Move more channel info to struct l2cap_chanGustavo F. Padovan2011-04-281-49/+48
| | | | | | | | | | | | | | In this commit, omtu, imtu, flush_to, mode and sport. It also remove the pi var from l2cap_sock_sendmsg(). Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
| * Bluetooth: Move more vars to struct l2cap_chanGustavo F. Padovan2011-04-271-50/+50
| | | | | | | | | | | | In this commit all ERTM and Streaming Mode specific vars. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
| * Bluetooth: Move some more elements to struct l2cap_chanGustavo F. Padovan2011-04-271-36/+42
| | | | | | | | | | | | In this commit sec_level, force_reliable, role_switch and flushable. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
| * Bluetooth: Rename l2cap_do_connect() to l2cap_chan_connect()Gustavo F. Padovan2011-04-271-1/+1
| | | | | | | | | | | | | | | | l2cap_chan_connect() is a much better name and reflects what this functions is doing (or will do once socket dependence is removed from the core). Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
| * Bluetooth: Move conf_state to struct l2cap_chanGustavo F. Padovan2011-04-271-43/+45
| | | | | | | | | | | | First move of elements depending on user data. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
| * Bluetooth: Refactor L2CAP channel allocationGustavo F. Padovan2011-04-271-16/+7
| | | | | | | | | | | | | | | | If the allocation happens at l2cap_sock_create() will be able to use the struct l2cap_chan to store channel info that comes from the user via setsockopt. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
| * Merge master.kernel.org:/pub/scm/linux/kernel/git/padovan/bluetooth-2.6Gustavo F. Padovan2011-04-201-0/+1
| |\ | | | | | | | | | | | | | | | | | | Conflicts: net/bluetooth/l2cap_core.c net/bluetooth/l2cap_sock.c net/bluetooth/mgmt.c
* | \ Merge branch 'master' of ↵David S. Miller2011-04-261-0/+1
|\ \ \ | | |/ | |/| | | | | | | | | | | | | | | | | | | master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 Resolved logic conflicts causing a build failure due to drivers/net/r8169.c changes using a patch from Stephen Rothwell. Signed-off-by: David S. Miller <davem@davemloft.net>
| * | Bluetooth: Only keeping SAR bits when retransmitting one frame.Ruiyi Zhang2011-04-181-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | When retrasmitting one frame, only SAR bits in control field should be kept. Signed-off-by: Ruiyi Zhang <Ruiyi.zhang@atheros.com> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
| * | Bluetooth: Increment unacked_frames count only the first transmitSuraj Sumangala2011-03-241-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch lets 'l2cap_pinfo.unacked_frames' be incremented only the first time a frame is transmitted. Previously it was being incremented for retransmitted packets too resulting the value to cross the transmit window size. Signed-off-by: Suraj Sumangala <suraj@atheros.com> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* | | bluetooth: Fix use-before-initiailized var.David S. Miller2011-04-251-1/+1
| |/ |/| | | | | | | | | | | | | | | | | | | | | | | net/bluetooth/l2cap_core.c: In function ‘l2cap_recv_frame’: net/bluetooth/l2cap_core.c:3612:15: warning: ‘sk’ may be used uninitialized in this function net/bluetooth/l2cap_core.c:3612:15: note: ‘sk’ was declared here Actually the problem is in the inline function l2cap_data_channel(), we branch to the label 'done' which tests 'sk' before we set it to anything. Initialize it to NULL to fix this. Signed-off-by: David S. Miller <davem@davemloft.net>
* | Bluetooth: Fix lockdep warning in L2CAPGustavo F. Padovan2011-04-141-2/+0
| | | | | | | | | | | | | | | | Fix a regression from the L2CAP "rewrite" patches. Purge the tx_q already happens on l2cap_chan_del() so we don't need it at l2cap_disconnect_req(). Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* | Bluetooth: Fix another locking unbalanceGustavo F. Padovan2011-04-141-0/+2
| | | | | | | | | | | | | | l2cap_get_sock_by_scid was changed to not lock the socket anymore, but I forgot to change all the users of this function. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* | Bluetooth: Don't lock sock inside l2cap_get_sock_by_scid()Gustavo F. Padovan2011-04-131-5/+3
| | | | | | | | | | | | | | | | Fix an locking issue with the new l2cap_att_channel(). l2cap_att_channel() was trying to lock a locked socket. Reported-by: Anderson Lizardo <anderson.lizardo@openbossa.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* | Bluetooth: Add proper handling of received LE dataGustavo F. Padovan2011-04-131-0/+34
| | | | | | | | | | | | | | Despite it works, handling through l2cap_data_channel() is wrongs. That function should handle only connection oriented data. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* | Bluetooth: Move tx queue to struct l2cap_chanGustavo F. Padovan2011-04-131-21/+19
| | | | | | | | | | | | tx_q is the queue used by ERTM mode. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* | Bluetooth: Remove unneeded uninitialized_vars()Gustavo F. Padovan2011-04-131-1/+1
| | | | | | | | | | | | That was unnecessary use of it. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* | Bluetooth: Remove some sk references from l2cap_core.cGustavo F. Padovan2011-04-131-17/+12
| | | | | | | | | | | | | | Change some BT_DBG messages and consequently remove some struct sock declarations. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* | Bluetooth: Move SREJ list to struct l2cap_chanGustavo F. Padovan2011-04-131-11/+11
| | | | | | | | | | | | As part of moving all the Channel related operation to struct l2cap_chan. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* | Bluetooth: Fix lockdep warning with skb list lockGustavo F. Padovan2011-04-071-0/+5
| | | | | | | | | | | | | | This is a regression acctually, caused by the first patch series for creating a formal strcut l2cap_chan. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* | Bluetooth: Move busy workqueue to struct l2cap_chanGustavo F. Padovan2011-04-071-11/+9
| | | | | | | | | | | | As part of the moving channel stuff to l2cap_chan. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* | Bluetooth: Move srej and busy queues to struct l2cap_chanGustavo F. Padovan2011-04-071-22/+20
| | | | | | | | | | | | As part of the moving channel stuff to l2cap_chan. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* | Bluetooth: Move ERTM timers to struct l2cap_chanGustavo F. Padovan2011-04-071-38/+36
| | | | | | | | | | | | This also triggered a change in l2cap_send_disconn_req() parameters. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* | Bluetooth: Move remote info to struct l2cap_chanGustavo F. Padovan2011-04-071-16/+16
| | | | | | | | | | | | As part of the moving channel stuff to l2cap_chan. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* | Bluetooth: Move SDU related vars to struct l2cap_chanGustavo F. Padovan2011-04-071-37/+37
| | | | | | | | | | | | As part of the moving channel stuff to l2cap_chan. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* | Bluetooth: Move more ERTM stuff to struct l2cap_chanGustavo F. Padovan2011-04-071-27/+24
| | | | | | | | | | | | As part of the moving channel stuff to l2cap_chan. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* | Bluetooth: Move of ERTM *_seq vars to struct l2cap_chanGustavo F. Padovan2011-04-071-66/+62
| | | | | | | | | | | | As part of the moving channel to stuff to struct l2cap_chan. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* | Bluetooth: Move conn_state to struct l2cap_chanGustavo F. Padovan2011-04-071-186/+205
| | | | | | | | | | | | | | | | This is part of "moving things to l2cap_chan". As one the first move it triggered a big number of changes in the funcions parameters, basically changing the struct sock param to struct l2cap_chan. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* | Bluetooth: clean up l2cap_sock_recvmsg()Gustavo F. Padovan2011-04-071-1/+27
| | | | | | | | | | | | | | Move some channel specific stuff to l2cap_core.c, this will make things more clear. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* | Bluetooth: Move conf_{req,rsp} stuff to struct l2cap_chanGustavo F. Padovan2011-04-071-27/+28
| | | | | | | | | | | | They are also l2cap_chan specific. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* | Bluetooth: Move ident to struct l2cap_chanGustavo F. Padovan2011-04-071-19/+19
| | | | | | | | | | | | ident is chan property, no need to reside on socket. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
generated by cgit v1.1 at 2024-05-15 19:59:34 +0000