Commit Graph

2193 Commits

Author SHA1 Message Date
Andrei Emeltchenko 12d5978165 Bluetooth: Allow to set flush timeout
Enable setting of flush timeout via setsockopt

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-10-11 14:29:02 +08:00
Syam Sidhardhan 5bcb80944d Bluetooth: Use __constant modifier for RFCOMM PSM
Since the RFCOMM_PSM is constant, __constant_cpu_to_le16() is
the right go here.

Signed-off-by: Syam Sidhardhan <s.syam@samsung.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-10-11 14:26:28 +08:00
Syam Sidhardhan d8aece2af3 Bluetooth: Use __constant modifier for L2CAP SMP CID
Since the L2CAP_CID_SMP is constant, __constant_cpu_to_le16() is
the right go here.

Signed-off-by: Syam Sidhardhan <s.syam@samsung.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-10-11 14:25:58 +08:00
Sasha Levin 23d3a86948 Bluetooth: don't attempt to free a channel that wasn't created
We may currently attempt to free a channel which wasn't created due to
an error in the initialization path, this would cause a NULL ptr deref.

This would cause the following oops:

[   12.919073] BUG: unable to handle kernel NULL pointer dereference at 0000000000000010
[   12.919131] IP: [<ffffffff836645c4>] l2cap_chan_put+0x34/0x50
[   12.919135] PGD 0
[   12.919138] Oops: 0002 [#1] PREEMPT SMP DEBUG_PAGEALLOC
[   12.919193] Dumping ftrace buffer:
[   12.919242]    (ftrace buffer empty)
[   12.919314] Modules linked in:
[   12.919318] CPU 1
[   12.919319] Pid: 6210, comm: krfcommd Tainted: G        W    3.6.0-next-20121004-sasha-00005-gb010653-dirty #30
[   12.919374] RIP: 0010:[<ffffffff836645c4>]  [<ffffffff836645c4>] l2cap_chan_put+0x34/0x50
[   12.919377] RSP: 0000:ffff880066933c38  EFLAGS: 00010246
[   12.919378] RAX: ffffffff8366c780 RBX: 0000000000000000 RCX: 6666666666666667
[   12.919379] RDX: 0000000000000fa0 RSI: ffffffff84d3f79e RDI: 0000000000000010
[   12.919381] RBP: ffff880066933c48 R08: ffffffff859989f8 R09: 0000000000000001
[   12.919382] R10: 0000000000000000 R11: 7fffffffffffffff R12: 0000000000000000
[   12.919383] R13: ffff88009b00a200 R14: ffff88009b00a200 R15: 0000000000000001
[   12.919385] FS:  0000000000000000(0000) GS:ffff880033600000(0000) knlGS:0000000000000000
[   12.919437] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   12.919440] CR2: 0000000000000010 CR3: 0000000005026000 CR4: 00000000000406e0
[   12.919446] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   12.919451] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[   12.919504] Process krfcommd (pid: 6210, threadinfo ffff880066932000, task ffff880065c4b000)
[   12.919506] Stack:
[   12.919510]  ffff88009b00a200 ffff880032084000 ffff880066933c68 ffffffff8366c7bc
[   12.919513]  7fffffffffffffff ffff880032084000 ffff880066933c98 ffffffff833ae0ae
[   12.919516]  ffff880066933ca8 0000000000000000 0000000000000000 ffff88009b00a200
[   12.919517] Call Trace:
[   12.919522]  [<ffffffff8366c7bc>] l2cap_sock_destruct+0x3c/0x80
[   12.919527]  [<ffffffff833ae0ae>] __sk_free+0x1e/0x1f0
[   12.919530]  [<ffffffff833ae2f7>] sk_free+0x17/0x20
[   12.919585]  [<ffffffff8366ca4e>] l2cap_sock_alloc.constprop.5+0x9e/0xd0
[   12.919591]  [<ffffffff8366cb9e>] l2cap_sock_create+0x7e/0x100
[   12.919652]  [<ffffffff83a4f32a>] ? _raw_read_lock+0x6a/0x80
[   12.919658]  [<ffffffff836402c4>] ? bt_sock_create+0x74/0x110
[   12.919660]  [<ffffffff83640308>] bt_sock_create+0xb8/0x110
[   12.919664]  [<ffffffff833aa232>] __sock_create+0x282/0x3b0
[   12.919720]  [<ffffffff833aa0b0>] ? __sock_create+0x100/0x3b0
[   12.919725]  [<ffffffff836785b0>] ? rfcomm_process_sessions+0x17e0/0x17e0
[   12.919779]  [<ffffffff833aa37f>] sock_create_kern+0x1f/0x30
[   12.919784]  [<ffffffff83675714>] rfcomm_l2sock_create+0x44/0x70
[   12.919787]  [<ffffffff836785b0>] ? rfcomm_process_sessions+0x17e0/0x17e0
[   12.919790]  [<ffffffff836785fe>] rfcomm_run+0x4e/0x1f0
[   12.919846]  [<ffffffff836785b0>] ? rfcomm_process_sessions+0x17e0/0x17e0
[   12.919852]  [<ffffffff81138ee3>] kthread+0xe3/0xf0
[   12.919908]  [<ffffffff8117b12e>] ? put_lock_stats.isra.14+0xe/0x40
[   12.919914]  [<ffffffff81138e00>] ? flush_kthread_work+0x1f0/0x1f0
[   12.919968]  [<ffffffff83a5077c>] ret_from_fork+0x7c/0x90
[   12.919973]  [<ffffffff81138e00>] ? flush_kthread_work+0x1f0/0x1f0
[   12.920161] Code: 83 ec 08 f6 05 ff 58 44 02 04 74 1b 8b 4f 10 48 89 fa 48 c7 c6 d9 d7 d4 84 48 c7 c7 80 9e aa 85 31 c0 e8 80
ac 3a fe 48 8d 7b 10 <f0> 83 6b 10 01 0f 94 c0 84 c0 74 05 e8 8b e0 ff ff 48 83 c4 08
[   12.920165] RIP  [<ffffffff836645c4>] l2cap_chan_put+0x34/0x50
[   12.920166]  RSP <ffff880066933c38>
[   12.920167] CR2: 0000000000000010
[   12.920417] ---[ end trace 5a9114e8a158ab84 ]---

Introduced in commit 61d6ef3e ("Bluetooth: Make better use of l2cap_chan
reference counting").

Signed-off-by: Sasha Levin <sasha.levin@oracle.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-10-09 16:54:57 +08:00
Andrei Emeltchenko 8936fa6d1c Bluetooth: L2CAP: Fix using default Flush Timeout for EFS
There are two Flush Timeouts: one is old Flush Timeot Option
which is 2 octets and the second is Flush Timeout inside EFS
which is 4 octets long.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-10-08 20:40:12 +08:00
Andrei Emeltchenko dcc042d56f Bluetooth: AMP: Use block_mtu for AMP controller
Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-10-08 06:22:23 +08:00
Andrei Emeltchenko a0c234fe89 Bluetooth: AMP: Factor out phylink_add
Add direction parameter to phylink_add since it is anyway set later.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-10-08 06:21:51 +08:00
Andrei Emeltchenko fa4ebc66c4 Bluetooth: AMP: Factor out amp_ctrl_add
Add ctrl_id parameter to amp_ctrl_add since we always set it
after function ctrl is created.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-10-08 06:19:04 +08:00
Andrei Emeltchenko 85e34368de Bluetooth: Fix dereference after NULL check
Move code dereferencing possible NULL pointer to the check branch.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-10-08 06:15:11 +08:00
Andrei Emeltchenko 079db0c6e3 Bluetooth: AMP: Fix possible NULL dereference
Check that link key exist before accessing.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-10-08 06:14:30 +08:00
Linus Torvalds aecdc33e11 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next
Pull networking changes from David Miller:

 1) GRE now works over ipv6, from Dmitry Kozlov.

 2) Make SCTP more network namespace aware, from Eric Biederman.

 3) TEAM driver now works with non-ethernet devices, from Jiri Pirko.

 4) Make openvswitch network namespace aware, from Pravin B Shelar.

 5) IPV6 NAT implementation, from Patrick McHardy.

 6) Server side support for TCP Fast Open, from Jerry Chu and others.

 7) Packet BPF filter supports MOD and XOR, from Eric Dumazet and Daniel
    Borkmann.

 8) Increate the loopback default MTU to 64K, from Eric Dumazet.

 9) Use a per-task rather than per-socket page fragment allocator for
    outgoing networking traffic.  This benefits processes that have very
    many mostly idle sockets, which is quite common.

    From Eric Dumazet.

10) Use up to 32K for page fragment allocations, with fallbacks to
    smaller sizes when higher order page allocations fail.  Benefits are
    a) less segments for driver to process b) less calls to page
    allocator c) less waste of space.

    From Eric Dumazet.

11) Allow GRO to be used on GRE tunnels, from Eric Dumazet.

12) VXLAN device driver, one way to handle VLAN issues such as the
    limitation of 4096 VLAN IDs yet still have some level of isolation.
    From Stephen Hemminger.

13) As usual there is a large boatload of driver changes, with the scale
    perhaps tilted towards the wireless side this time around.

Fix up various fairly trivial conflicts, mostly caused by the user
namespace changes.

* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next: (1012 commits)
  hyperv: Add buffer for extended info after the RNDIS response message.
  hyperv: Report actual status in receive completion packet
  hyperv: Remove extra allocated space for recv_pkt_list elements
  hyperv: Fix page buffer handling in rndis_filter_send_request()
  hyperv: Fix the missing return value in rndis_filter_set_packet_filter()
  hyperv: Fix the max_xfer_size in RNDIS initialization
  vxlan: put UDP socket in correct namespace
  vxlan: Depend on CONFIG_INET
  sfc: Fix the reported priorities of different filter types
  sfc: Remove EFX_FILTER_FLAG_RX_OVERRIDE_IP
  sfc: Fix loopback self-test with separate_tx_channels=1
  sfc: Fix MCDI structure field lookup
  sfc: Add parentheses around use of bitfield macro arguments
  sfc: Fix null function pointer in efx_sriov_channel_type
  vxlan: virtual extensible lan
  igmp: export symbol ip_mc_leave_group
  netlink: add attributes to fdb interface
  tg3: unconditionally select HWMON support when tg3 is enabled.
  Revert "net: ti cpsw ethernet: allow reading phy interface mode from DT"
  gre: fix sparse warning
  ...
2012-10-02 13:38:27 -07:00
Linus Torvalds 3498d13b80 TTY merge for 3.7-rc1
As we skipped the merge window for 3.6-rc1 for the tty tree, everything
 is now settled down and working properly, so we are ready for 3.7-rc1.
 Here's the patchset, it's big, but the large changes are removing a
 firmware file and adding a staging tty driver (it depended on the tty
 core changes, so it's going through this tree instead of the staging
 tree.)
 
 All of these patches have been in the linux-next tree for a while.
 
 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.19 (GNU/Linux)
 
 iEYEABECAAYFAlBp36oACgkQMUfUDdst+yk4WgCdEy13hot8fI2Lqnc7W0LKu7GX
 4p8AoLTjzrXhLosxdijskDQ9X1OtjrxU
 =S5Ng
 -----END PGP SIGNATURE-----

Merge tag 'tty-3.6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty

Pull TTY changes from Greg Kroah-Hartman:
 "As we skipped the merge window for 3.6-rc1 for the tty tree,
  everything is now settled down and working properly, so we are ready
  for 3.7-rc1.  Here's the patchset, it's big, but the large changes are
  removing a firmware file and adding a staging tty driver (it depended
  on the tty core changes, so it's going through this tree instead of
  the staging tree.)

  All of these patches have been in the linux-next tree for a while.

  Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>"

Fix up more-or-less trivial conflicts in
 - drivers/char/pcmcia/synclink_cs.c:
    tty NULL dereference fix vs tty_port_cts_enabled() helper function
 - drivers/staging/{Kconfig,Makefile}:
    add-add conflict (dgrp driver added close to other staging drivers)
 - drivers/staging/ipack/devices/ipoctal.c:
    "split ipoctal_channel from iopctal" vs "TTY: use tty_port_register_device"

* tag 'tty-3.6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty: (235 commits)
  tty/serial: Add kgdb_nmi driver
  tty/serial/amba-pl011: Quiesce interrupts in poll_get_char
  tty/serial/amba-pl011: Implement poll_init callback
  tty/serial/core: Introduce poll_init callback
  kdb: Turn KGDB_KDB=n stubs into static inlines
  kdb: Implement disable_nmi command
  kernel/debug: Mask KGDB NMI upon entry
  serial: pl011: handle corruption at high clock speeds
  serial: sccnxp: Make 'default' choice in switch last
  serial: sccnxp: Remove mask termios caps for SW flow control
  serial: sccnxp: Report actual baudrate back to core
  serial: samsung: Add poll_get_char & poll_put_char
  Powerpc 8xx CPM_UART setting MAXIDL register proportionaly to baud rate
  Powerpc 8xx CPM_UART maxidl should not depend on fifo size
  Powerpc 8xx CPM_UART too many interrupts
  Powerpc 8xx CPM_UART desynchronisation
  serial: set correct baud_base for EXSYS EX-41092 Dual 16950
  serial: omap: fix the reciever line error case
  8250: blacklist Winbond CIR port
  8250_pnp: do pnp probe before legacy probe
  ...
2012-10-01 12:26:52 -07:00
Andrei Emeltchenko bc8dce4f7b Bluetooth: A2MP: Fix potential NULL dereference
Return INVALID_CTRL_ID for unknown AMP controller and for BR/EDR
controller and fixes dereference possible NULL pointer.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-10-01 12:02:12 -03:00
David S. Miller a248afdc1b Merge branch 'for-davem' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next
John W. Linville says:

====================
Here is another batch of updates intended for 3.7...

Highlights include an hci_connect re-write in Bluetooth, HCI/LLC
layer separation in NFC, removal of the raw pn544 NFC driver, NFC LLCP
raw sockets support, improved IBSS auth frame handling in mac80211,
full-MAC AP mode notification support in mac80211, a lot of attention
paid to brcmfmac, and the usual level of updates to iwlwifi, ath9k,
mwifiex, and rt2x00, and various other updates.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-30 02:30:16 -04:00
David S. Miller 6a06e5e1bb Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
Conflicts:
	drivers/net/team/team.c
	drivers/net/usb/qmi_wwan.c
	net/batman-adv/bat_iv_ogm.c
	net/ipv4/fib_frontend.c
	net/ipv4/route.c
	net/l2tp/l2tp_netlink.c

The team, fib_frontend, route, and l2tp_netlink conflicts were simply
overlapping changes.

qmi_wwan and bat_iv_ogm were of the "use HEAD" variety.

With help from Antonio Quartulli.

Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-28 14:40:49 -04:00
Andrei Emeltchenko 13465c0aeb Bluetooth: A2MP: Correct assoc_len size
Correct assoc_len and fix warning for x86-64 by using %zu specifier.

Reported-by: Fengguang Wu <fengguang.wu@intel.com>
Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-09-28 12:18:49 -03:00
Andrei Emeltchenko 2e430be386 Bluetooth: Use %zu print specifier for size_t type
Correct warnings

Reported-by: Fengguang Wu <fengguang.wu@intel.com>
Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-09-28 12:18:22 -03:00
John W. Linville c487606f83 Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next into for-davem
Conflicts:
	net/nfc/netlink.c

Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-09-28 11:11:16 -04:00
Andrei Emeltchenko 29d8a5909b Bluetooth: Factor out Create Configuration Response
Use function to factor out similar code. For BR/EDR send EFS
Configuration Response immediately, for HS response will be sent
after receiving HCI Logical Link Complete event in the following
patches.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-09-27 18:13:38 -03:00
Andrei Emeltchenko ee22be7ef4 Bluetooth: Factor out hci_queue_acl
Use hci_chan as parameter instead of hci_conn as we need logical
handle from hci_chan for AMP link.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-09-27 18:13:04 -03:00
Andrei Emeltchenko d945df256a bluetooth: Remove unneeded batostr function
batostr is not needed anymore since for printing Bluetooth
addresses we use %pMR specifier.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-09-27 18:10:43 -03:00
Andrei Emeltchenko 7028a8860f Bluetooth: Use %pMR instead of baswap in seq_show
Use new bluetooth address print specifier %pMR for printing
bluetooth addresses instead of dedicated variable and baswap.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-09-27 18:10:30 -03:00
Andrei Emeltchenko fcb73338ed Bluetooth: Use %pMR in sprintf/seq_printf instead of batostr
Instead of old unsafe batostr function use %pMR print specifier
for printing Bluetooth addresses in sprintf and seq_printf
statements.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-09-27 18:10:15 -03:00
Andrei Emeltchenko 6ed93dc642 Bluetooth: Use %pMR in debug instead of batostr
Instead of old unsafe batostr function use %pMR print specifier
for printing Bluetooth addresses in debug and error statements.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-09-27 18:10:00 -03:00
Jefferson Delfes 36a75f1b3e Bluetooth: Force the process of unpair command if disconnect failed
The unpair process tries to disconnect any connection pending with
remote. If there are some connection in connecting state, disconnect
command will fail and unpair mgmt command will stay pending.

That pending mgmt command can cause strange behavior like automatic
unpair after a lost connection.

Signed-off-by: Jefferson Delfes <jefferson.delfes@openbossa.org>
Acked-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-09-27 18:08:01 -03:00
Gustavo Padovan 392f44d3e7 Bluetooth: Fix two warnings in BT_DBG
We just need to use the right modifiers

Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-09-27 17:43:39 -03:00
Andrei Emeltchenko 0b26ab9dce Bluetooth: AMP: Handle Accept phylink command status evt
When receiving HCI Command Status event for Accept Physical Link
execute HCI Write Remote AMP Assoc with data saved from A2MP Create
Physical Link Request.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-09-27 17:35:09 -03:00
Andrei Emeltchenko dffa387110 Bluetooth: AMP: Accept Physical Link
When receiving A2MP Create Physical Link message execute HCI
Accept Physical Link command to AMP controller.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-09-27 17:34:38 -03:00
Andrei Emeltchenko 9495b2ee75 Bluetooth: AMP: Process Chan Selected event
Channel Selected event indicates that link information data is available.
Read it with Read Local AMP Assoc command. The data shall be sent in the
A2MP Create Physical Link Request.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-09-27 17:34:06 -03:00
Andrei Emeltchenko 2766be48a7 Bluetooth: A2MP: Add fallback to normal l2cap init sequence
When there is no remote AMP controller found fallback to normal
L2CAP sequence.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-09-27 17:31:52 -03:00
Andrei Emeltchenko 93c284ee90 Bluetooth: AMP: Write remote AMP Assoc
When receiving HCI Command Status after HCI Create Physical Link
execute HCI Write Remote AMP Assoc command to AMP controller.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-09-27 17:31:18 -03:00
Andrei Emeltchenko a02226d6ff Bluetooth: AMP: Create Physical Link
When receiving A2MP Get AMP Assoc Response execute HCI Create Physical
Link to AMP controller. Define function which will run when receiving
HCI Command Status.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-09-27 17:30:40 -03:00
Andrei Emeltchenko 5a34918669 Bluetooth: AMP: Add AMP key calculation
Function calculates AMP keys using hmac_sha256 helper. Calculated keys
are Generic AMP Link Key (gamp) and Dedicated AMP Link Key with
keyID "802b" for 802.11 PAL.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-09-27 17:30:22 -03:00
Dmitry Kasatkin ba221bbaba Bluetooth: Add function to derive AMP key using hmac
hmac(sha256) will be used for AMP key generation.

Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-09-27 17:18:40 -03:00
Andrei Emeltchenko 93c3e8f5c9 Bluetooth: Choose connection based on capabilities
Choose which L2CAP connection to establish by checking support
for HS and remote side supported features.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-09-27 17:18:36 -03:00
Andrei Emeltchenko 9a5e94dbb4 Bluetooth: A2MP: Process A2MP Get AMP Assoc Rsp
When receiving A2MP Get AMP Assoc Response save assoc data to remote
AMP controller list and prepare for creating physical link.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-09-27 17:14:03 -03:00
Andrei Emeltchenko 0d868de9d8 Bluetooth: A2MP: Process A2MP Getinfo Rsp
Process A2MP Getinfo Response, send Get AMP Assoc Req.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-09-27 17:13:54 -03:00
Andrei Emeltchenko cb8488c0b6 Bluetooth: AMP: Handle create / disc phylink req
Use hci_conn structure to keep track about AMP physical connections.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-09-27 17:13:04 -03:00
Andrei Emeltchenko 52c0d6e56b Bluetooth: AMP: Remote AMP ctrl definitions
Create remote AMP controllers structure. It is used to keep information
about discovered remote AMP controllers by A2MP protocol.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-09-27 17:12:46 -03:00
Andrei Emeltchenko 3161ae1c72 Bluetooth: AMP: Physical link struct and helpers
Define physical link structures. Physical links are represented by
hci_conn structure. For BR/EDR we use type ACL_LINK and for AMP
we use AMP_LINK.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-09-27 17:11:52 -03:00
Andrei Emeltchenko aa09537d80 Bluetooth: A2MP: Process Discover Response
When receiving A2MP Discover Response send A2MP Get Info Request
for each AMP controller in the discovery list.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-09-27 17:11:12 -03:00
Andrei Emeltchenko 903e454110 Bluetooth: AMP: Use HCI cmd to Read Loc AMP Assoc
When receiving A2MP Get AMP Assoc Request execute Read Local AMP Assoc
HCI command to AMP controller. If the AMP Assoc data is larger than it
can fit to HCI event only fragment is read. When all fragments are read
send A2MP Get AMP Assoc Response.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-09-27 17:10:32 -03:00
Andrei Emeltchenko 8e2a0d92c5 Bluetooth: AMP: Use HCI cmd to Read AMP Info
When receiving A2MP Get Info Request execute Read Local AMP Info HCI
command to AMP controller with function to be executed upon receiving
command complete event. Function will handle A2MP Get Info Response.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-09-27 17:10:18 -03:00
Andrei Emeltchenko f97268fccd Bluetooth: A2MP: Create amp_mgr global list
Create amp_mgr_list global list which will be used by different
hci devices to find amp_mgr.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-09-27 17:10:03 -03:00
John W. Linville 791ef39cd1 Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next 2012-09-24 14:39:16 -04:00
John W. Linville 1199992df2 Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless into for-davem 2012-09-22 12:19:22 -04:00
Zhao Hongjiang bf5b30b8a4 net: change return values from -EACCES to -EPERM
Change return value from -EACCES to -EPERM when the permission check fails.

Signed-off-by: Zhao Hongjiang <zhaohongjiang@huawei.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-21 13:58:08 -04:00
Johan Hedberg 23b3b1330a Bluetooth: Update management interface revision
For each kernel release where commands or events are added to the
management interface, the revision field should be increment by one.

The increment should only happen once per kernel release and not
for every command/event that gets added. The revision value is for
informational purposes only, but this simple policy would make any
future debugging a lot simple.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Cc: stable@vger.kernel.org
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-09-18 22:27:30 -03:00
Johan Hedberg 92a25256f1 Bluetooth: mgmt: Implement support for passkey notification
This patch adds support for Secure Simple Pairing with devices that have
KeyboardOnly as their IO capability. Such devices will cause a passkey
notification on our side and optionally also keypress notifications.
Without this patch some keyboards cannot be paired using the mgmt
interface.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Cc: stable@vger.kernel.org
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-09-18 22:27:29 -03:00
Vinicius Costa Gomes 78c04c0bf5 Bluetooth: Fix not removing power_off delayed work
For example, when a usb reset is received (I could reproduce it
running something very similar to this[1] in a loop) it could be
that the device is unregistered while the power_off delayed work
is still scheduled to run.

Backtrace:

WARNING: at lib/debugobjects.c:261 debug_print_object+0x7c/0x8d()
Hardware name: To Be Filled By O.E.M.
ODEBUG: free active (active state 0) object type: timer_list hint: delayed_work_timer_fn+0x0/0x26
Modules linked in: nouveau mxm_wmi btusb wmi bluetooth ttm coretemp drm_kms_helper
Pid: 2114, comm: usb-reset Not tainted 3.5.0bt-next #2
Call Trace:
 [<ffffffff8124cc00>] ? free_obj_work+0x57/0x91
 [<ffffffff81058f88>] warn_slowpath_common+0x7e/0x97
 [<ffffffff81059035>] warn_slowpath_fmt+0x41/0x43
 [<ffffffff8124ccb6>] debug_print_object+0x7c/0x8d
 [<ffffffff8106e3ec>] ? __queue_work+0x259/0x259
 [<ffffffff8124d63e>] ? debug_check_no_obj_freed+0x6f/0x1b5
 [<ffffffff8124d667>] debug_check_no_obj_freed+0x98/0x1b5
 [<ffffffffa00aa031>] ? bt_host_release+0x10/0x1e [bluetooth]
 [<ffffffff810fc035>] kfree+0x90/0xe6
 [<ffffffffa00aa031>] bt_host_release+0x10/0x1e [bluetooth]
 [<ffffffff812ec2f9>] device_release+0x4a/0x7e
 [<ffffffff8123ef57>] kobject_release+0x11d/0x154
 [<ffffffff8123ed98>] kobject_put+0x4a/0x4f
 [<ffffffff812ec0d9>] put_device+0x12/0x14
 [<ffffffffa009472b>] hci_free_dev+0x22/0x26 [bluetooth]
 [<ffffffffa0280dd0>] btusb_disconnect+0x96/0x9f [btusb]
 [<ffffffff813581b4>] usb_unbind_interface+0x57/0x106
 [<ffffffff812ef988>] __device_release_driver+0x83/0xd6
 [<ffffffff812ef9fb>] device_release_driver+0x20/0x2d
 [<ffffffff813582a7>] usb_driver_release_interface+0x44/0x7b
 [<ffffffff81358795>] usb_forced_unbind_intf+0x45/0x4e
 [<ffffffff8134f959>] usb_reset_device+0xa6/0x12e
 [<ffffffff8135df86>] usbdev_do_ioctl+0x319/0xe20
 [<ffffffff81203244>] ? avc_has_perm_flags+0xc9/0x12e
 [<ffffffff812031a0>] ? avc_has_perm_flags+0x25/0x12e
 [<ffffffff81050101>] ? do_page_fault+0x31e/0x3a1
 [<ffffffff8135eaa6>] usbdev_ioctl+0x9/0xd
 [<ffffffff811126b1>] vfs_ioctl+0x21/0x34
 [<ffffffff81112f7b>] do_vfs_ioctl+0x408/0x44b
 [<ffffffff81208d45>] ? file_has_perm+0x76/0x81
 [<ffffffff8111300f>] sys_ioctl+0x51/0x76
 [<ffffffff8158db22>] system_call_fastpath+0x16/0x1b

[1] http://cpansearch.perl.org/src/DPAVLIN/Biblio-RFID-0.03/examples/usbreset.c

Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Cc: stable@vger.kernel.org
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-09-18 20:13:02 -03:00
Andrei Emeltchenko aad3d0e343 Bluetooth: Fix freeing uninitialized delayed works
When releasing L2CAP socket which is in BT_CONFIG state l2cap_chan_close
invokes l2cap_send_disconn_req which cancel delayed works which are only
set in BT_CONNECTED state with l2cap_ertm_init. Add state check before
cancelling those works.

...
[ 9668.574372] [21085] l2cap_sock_release: sock cd065200, sk f073e800
[ 9668.574399] [21085] l2cap_sock_shutdown: sock cd065200, sk f073e800
[ 9668.574411] [21085] l2cap_chan_close: chan f073ec00 state BT_CONFIG sk f073e800
[ 9668.574421] [21085] l2cap_send_disconn_req: chan f073ec00 conn ecc16600
[ 9668.574441] INFO: trying to register non-static key.
[ 9668.574443] the code is fine but needs lockdep annotation.
[ 9668.574446] turning off the locking correctness validator.
[ 9668.574450] Pid: 21085, comm: obex-client Tainted: G           O 3.5.0+ #57
[ 9668.574452] Call Trace:
[ 9668.574463]  [<c10a64b3>] __lock_acquire+0x12e3/0x1700
[ 9668.574468]  [<c10a44fb>] ? trace_hardirqs_on+0xb/0x10
[ 9668.574476]  [<c15e4f60>] ? printk+0x4d/0x4f
[ 9668.574479]  [<c10a6e38>] lock_acquire+0x88/0x130
[ 9668.574487]  [<c1059740>] ? try_to_del_timer_sync+0x60/0x60
[ 9668.574491]  [<c1059790>] del_timer_sync+0x50/0xc0
[ 9668.574495]  [<c1059740>] ? try_to_del_timer_sync+0x60/0x60
[ 9668.574515]  [<f8aa1c23>] l2cap_send_disconn_req+0xe3/0x160 [bluetooth]
...

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-09-18 20:07:04 -03:00
Andrzej Kaczmarek 562fcc246e Bluetooth: mgmt: Fix enabling LE while powered off
When new BT USB adapter is plugged in it's configured while still being powered
off (HCI_AUTO_OFF flag is set), thus Set LE will only set dev_flags but won't
write changes to controller. As a result it's not possible to start device
discovery session on LE controller as it uses interleaved discovery which
requires LE Supported Host flag in extended features.

This patch ensures HCI Write LE Host Supported is sent when Set Powered is
called to power on controller and clear HCI_AUTO_OFF flag.

Signed-off-by: Andrzej Kaczmarek <andrzej.kaczmarek@tieto.com>
Cc: stable@vger.kernel.org
Acked-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-09-18 20:07:03 -03:00
Andrzej Kaczmarek 3d1cbdd6ae Bluetooth: mgmt: Fix enabling SSP while powered off
When new BT USB adapter is plugged in it's configured while still being powered
off (HCI_AUTO_OFF flag is set), thus Set SSP will only set dev_flags but won't
write changes to controller. As a result remote devices won't use Secure Simple
Pairing with our device due to SSP Host Support flag disabled in extended
features and may also reject SSP attempt from our side (with possible fallback
to legacy pairing).

This patch ensures HCI Write Simple Pairing Mode is sent when Set Powered is
called to power on controller and clear HCI_AUTO_OFF flag.

Signed-off-by: Andrzej Kaczmarek <andrzej.kaczmarek@tieto.com>
Cc: stable@vger.kernel.org
Acked-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-09-18 20:07:03 -03:00
Greg Kroah-Hartman 7ac3c93e5d Merge 3.6-rc6 into tty-next
This pulls in the fixes in 3.6-rc6

Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2012-09-16 17:31:36 -07:00
David S. Miller b48b63a1f6 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
Conflicts:
	net/netfilter/nfnetlink_log.c
	net/netfilter/xt_LOG.c

Rather easy conflict resolution, the 'net' tree had bug fixes to make
sure we checked if a socket is a time-wait one or not and elide the
logging code if so.

Whereas on the 'net-next' side we are calculating the UID and GID from
the creds using different interfaces due to the user namespace changes
from Eric Biederman.

Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-15 11:43:53 -04:00
Andrei Emeltchenko e71dfabab0 Bluetooth: AMP: Add Read Data Block Size to amp_init
Add Read Data Block Size HCI cmd to AMP initialization, then it
makes possible to send data.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-09-08 18:14:11 -03:00
Andrei Emeltchenko 93f71941c6 Bluetooth: trivial: Remove empty line
Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-09-08 17:27:27 -03:00
Andrei Emeltchenko 9472007c62 Bluetooth: trivial: Make hci_chan_del return void
Return code is not needed in hci_chan_del

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-09-08 17:27:18 -03:00
Andrei Emeltchenko 6b536b5e5e Bluetooth: Remove unneeded zero init
hdev is allocated with kzalloc so zero initialization is not needed.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-09-08 16:53:48 -03:00
John W. Linville fac805f8c1 Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless 2012-09-07 15:07:55 -04:00
John W. Linville 777bf135b7 Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless into for-davem
John W. Linville says:

====================
Please pull these fixes intended for 3.6.  There are more commits
here than I would like -- I got a bit behind while I was stalking
Steven Rostedt in San Diego last week...  I'll slow it down after this!

There are a couple of pulls here.  One is from Johannes:

"Please pull (according to the below information) to get a few fixes.

 * a fix to properly disconnect in the driver when authentication or
   association fails
 * a fix to prevent invalid information about mesh paths being reported
   to userspace
 * a memory leak fix in an nl80211 error path"

The other comes via Gustavo:

"A few updates for the 3.6 kernel. There are two btusb patches to add
more supported devices through the new USB_VENDOR_AND_INTEFACE_INFO()
macro and another one that add a new device id for a Sony Vaio laptop,
one fix for a user-after-free and, finally, two patches from Vinicius
to fix a issue in SMP pairing."

Along with those...

Arend van Spriel provides a fix for a use-after-free bug in brcmfmac.

Daniel Drake avoids a hang by not trying to touch the libertas hardware
duing suspend if it is already powered-down.

Felix Fietkau provides a batch of ath9k fixes that adress some
potential problems with power settings, as well as a fix to avoid a
potential interrupt storm.

Gertjan van Wingerde provides a register-width fix for rt2x00, and
a rt2x00 fix to prevent incorrectly detecting the rfkill status.
He also provides a device ID patch.

Hante Meuleman gives us three brcmfmac fixes, one that properly
initializes a command structure, one that fixes a race condition that
could lose usb requests, and one that removes some log spam.

Marc Kleine-Budde offers an rt2x00 fix for a voltage setting on some
specific devices.

Mohammed Shafi Shajakhan sent an ath9k fix to avoid a crash related to
using timers that aren't allocated when 2 wire bluetooth coexistence
hardware is in use.

Sergei Poselenov changes rt2800usb to do some validity checking for
received packets, avoiding crashes on an ARM Soc.

Stone Piao gives us an mwifiex fix for an incorrectly set skb length
value for a command buffer.

All of these are localized to their specific drivers, and relatively
small.  The power-related patches from Felix are bigger than I would
like, but I merged them in consideration of their isolation to ath9k
and the sensitive nature of power settings in wireless devices.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-07 14:38:50 -04:00
Vinicius Costa Gomes d8343f1257 Bluetooth: Fix sending a HCI Authorization Request over LE links
In the case that the link is already in the connected state and a
Pairing request arrives from the mgmt interface, hci_conn_security()
would be called but it was not considering LE links.

Reported-by: João Paulo Rechi Vita <jprvita@openbossa.org>
Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-27 08:11:51 -07:00
Vinicius Costa Gomes cc110922da Bluetooth: Change signature of smp_conn_security()
To make it clear that it may be called from contexts that may not have
any knowledge of L2CAP, we change the connection parameter, to receive
a hci_conn.

This also makes it clear that it is checking the security of the link.

Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-27 08:07:18 -07:00
Greg Kroah-Hartman e372dc6c62 Merge 3.6-rc3 into tty-next
This picks up all of the different fixes in Linus's tree that we also need here.

Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2012-08-27 07:13:33 -07:00
David S. Miller 1304a7343b Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2012-08-22 14:21:38 -07:00
Vinicius Costa Gomes f91c8468df Bluetooth: Fix establishing ESCO links
Commit 4cd2d98340 "Bluetooth: Simplify
the connection type handling" broke the creation of ESCO links.

This patch adds a type parameter to hci_connect_sco() so it creates
the connection of the right kind.

Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-21 14:54:42 -03:00
Syam Sidhardhan 144ad33020 Bluetooth: Use kref for l2cap channel reference counting
This patch changes the struct l2cap_chan and associated code to use
kref api for object refcounting and freeing.

Suggested-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Jaganath Kanakkassery <jaganath.k@samsung.com>
Signed-off-by: Syam Sidhardhan <s.syam@samsung.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-21 14:54:41 -03:00
Syam Sidhardhan ab19516a50 Bluetooth: debug: Correct the PSM printing
Earlier we were printing chan->psm before assigning any value.

Signed-off-by: Syam Sidhardhan <s.syam@samsung.com>
Acked-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-21 14:54:41 -03:00
Mikel Astiz f0d6a0ea33 Bluetooth: mgmt: Add device disconnect reason
MGMT_EV_DEVICE_DISCONNECTED will now expose the disconnection reason to
userland, distinguishing four possible values:

	0x00	Reason not known or unspecified
	0x01	Connection timeout
	0x02	Connection terminated by local host
	0x03	Connection terminated by remote host

Note that the local/remote distinction just determines which side
terminated the low-level connection, regardless of the disconnection of
the higher-level profiles.

This can sometimes be misleading and thus must be used with care. For
example, some hardware combinations would report a locally initiated
disconnection even if the user turned Bluetooth off in the remote side.

Signed-off-by: Mikel Astiz <mikel.astiz@bmw-carit.de>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-21 14:54:40 -03:00
Mikel Astiz fa1bd91809 Bluetooth: Fix minor coding style in hci_event.c
Replace the status checks with the short form of the boolean expression.

Signed-off-by: Mikel Astiz <mikel.astiz@bmw-carit.de>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-21 14:54:40 -03:00
Andrei Emeltchenko 31f470738b Bluetooth: trivial: Use preferred method for NULL check
Use standard bluetooth way to check NULL pointer !var instead of
var == NULL.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-21 14:54:39 -03:00
Mathias Krause 792039c73c Bluetooth: L2CAP - Fix info leak via getsockname()
The L2CAP code fails to initialize the l2_bdaddr_type member of struct
sockaddr_l2 and the padding byte added for alignment. It that for leaks
two bytes kernel stack via the getsockname() syscall. Add an explicit
memset(0) before filling the structure to avoid the info leak.

Signed-off-by: Mathias Krause <minipli@googlemail.com>
Cc: Marcel Holtmann <marcel@holtmann.org>
Cc: Gustavo Padovan <gustavo@padovan.org>
Cc: Johan Hedberg <johan.hedberg@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-08-15 21:36:31 -07:00
Mathias Krause 9344a97296 Bluetooth: RFCOMM - Fix info leak via getsockname()
The RFCOMM code fails to initialize the trailing padding byte of struct
sockaddr_rc added for alignment. It that for leaks one byte kernel stack
via the getsockname() syscall. Add an explicit memset(0) before filling
the structure to avoid the info leak.

Signed-off-by: Mathias Krause <minipli@googlemail.com>
Cc: Marcel Holtmann <marcel@holtmann.org>
Cc: Gustavo Padovan <gustavo@padovan.org>
Cc: Johan Hedberg <johan.hedberg@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-08-15 21:36:31 -07:00
Mathias Krause f9432c5ec8 Bluetooth: RFCOMM - Fix info leak in ioctl(RFCOMMGETDEVLIST)
The RFCOMM code fails to initialize the two padding bytes of struct
rfcomm_dev_list_req inserted for alignment before copying it to
userland. Additionally there are two padding bytes in each instance of
struct rfcomm_dev_info. The ioctl() that for disclosures two bytes plus
dev_num times two bytes uninitialized kernel heap memory.

Allocate the memory using kzalloc() to fix this issue.

Signed-off-by: Mathias Krause <minipli@googlemail.com>
Cc: Marcel Holtmann <marcel@holtmann.org>
Cc: Gustavo Padovan <gustavo@padovan.org>
Cc: Johan Hedberg <johan.hedberg@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-08-15 21:36:30 -07:00
Mathias Krause 9ad2de43f1 Bluetooth: RFCOMM - Fix info leak in getsockopt(BT_SECURITY)
The RFCOMM code fails to initialize the key_size member of struct
bt_security before copying it to userland -- that for leaking one
byte kernel stack. Initialize key_size with 0 to avoid the info
leak.

Signed-off-by: Mathias Krause <minipli@googlemail.com>
Cc: Marcel Holtmann <marcel@holtmann.org>
Cc: Gustavo Padovan <gustavo@padovan.org>
Cc: Johan Hedberg <johan.hedberg@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-08-15 21:36:30 -07:00
Mathias Krause 3f68ba07b1 Bluetooth: HCI - Fix info leak via getsockname()
The HCI code fails to initialize the hci_channel member of struct
sockaddr_hci and that for leaks two bytes kernel stack via the
getsockname() syscall. Initialize hci_channel with 0 to avoid the
info leak.

Signed-off-by: Mathias Krause <minipli@googlemail.com>
Cc: Marcel Holtmann <marcel@holtmann.org>
Cc: Gustavo Padovan <gustavo@padovan.org>
Cc: Johan Hedberg <johan.hedberg@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-08-15 21:36:30 -07:00
Mathias Krause e15ca9a0ef Bluetooth: HCI - Fix info leak in getsockopt(HCI_FILTER)
The HCI code fails to initialize the two padding bytes of struct
hci_ufilter before copying it to userland -- that for leaking two
bytes kernel stack. Add an explicit memset(0) before filling the
structure to avoid the info leak.

Signed-off-by: Mathias Krause <minipli@googlemail.com>
Cc: Marcel Holtmann <marcel@holtmann.org>
Cc: Gustavo Padovan <gustavo@padovan.org>
Cc: Johan Hedberg <johan.hedberg@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-08-15 21:36:30 -07:00
Andrei Emeltchenko 09d5d4aa64 Bluetooth: trivial: Shorten variable scope
Make code more clear by moving sk and bt vars to the place where
they are actually used.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-15 01:14:53 -03:00
Andre Guedes 61a0cfb008 Bluetooth: Fix use-after-free bug in SMP
If SMP fails, we should always cancel security_timer delayed work.
Otherwise, security_timer function may run after l2cap_conn object
has been freed.

This patch fixes the following warning reported by ODEBUG:

WARNING: at lib/debugobjects.c:261 debug_print_object+0x7c/0x8d()
Hardware name: Bochs
ODEBUG: free active (active state 0) object type: timer_list hint: delayed_work_timer_fn+0x0/0x27
Modules linked in: btusb bluetooth
Pid: 440, comm: kworker/u:2 Not tainted 3.5.0-rc1+ #4
Call Trace:
 [<ffffffff81174600>] ? free_obj_work+0x4a/0x7f
 [<ffffffff81023eb8>] warn_slowpath_common+0x7e/0x97
 [<ffffffff81023f65>] warn_slowpath_fmt+0x41/0x43
 [<ffffffff811746b1>] debug_print_object+0x7c/0x8d
 [<ffffffff810394f0>] ? __queue_work+0x241/0x241
 [<ffffffff81174fdd>] debug_check_no_obj_freed+0x92/0x159
 [<ffffffff810ac08e>] slab_free_hook+0x6f/0x77
 [<ffffffffa0019145>] ? l2cap_conn_del+0x148/0x157 [bluetooth]
 [<ffffffff810ae408>] kfree+0x59/0xac
 [<ffffffffa0019145>] l2cap_conn_del+0x148/0x157 [bluetooth]
 [<ffffffffa001b9a2>] l2cap_recv_frame+0xa77/0xfa4 [bluetooth]
 [<ffffffff810592f9>] ? trace_hardirqs_on_caller+0x112/0x1ad
 [<ffffffffa001c86c>] l2cap_recv_acldata+0xe2/0x264 [bluetooth]
 [<ffffffffa0002b2f>] hci_rx_work+0x235/0x33c [bluetooth]
 [<ffffffff81038dc3>] ? process_one_work+0x126/0x2fe
 [<ffffffff81038e22>] process_one_work+0x185/0x2fe
 [<ffffffff81038dc3>] ? process_one_work+0x126/0x2fe
 [<ffffffff81059f2e>] ? lock_acquired+0x1b5/0x1cf
 [<ffffffffa00028fa>] ? le_scan_work+0x11d/0x11d [bluetooth]
 [<ffffffff81036fb6>] ? spin_lock_irq+0x9/0xb
 [<ffffffff81039209>] worker_thread+0xcf/0x175
 [<ffffffff8103913a>] ? rescuer_thread+0x175/0x175
 [<ffffffff8103cfe0>] kthread+0x95/0x9d
 [<ffffffff812c5054>] kernel_threadi_helper+0x4/0x10
 [<ffffffff812c36b0>] ? retint_restore_args+0x13/0x13
 [<ffffffff8103cf4b>] ? flush_kthread_worker+0xdb/0xdb
 [<ffffffff812c5050>] ? gs_change+0x13/0x13

This bug can be reproduced using hctool lecc or l2test tools and
bluetoothd not running.

Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-15 01:06:23 -03:00
Vinicius Costa Gomes e6dd548b9a Bluetooth: Add type information to the hci_connect() debug statement
Now that we have a "connect" function for each link type, we should be
able to indentify which function is going to be called.

Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-15 00:53:21 -03:00
Vinicius Costa Gomes 4cd2d98340 Bluetooth: Simplify a the connection type handling
Now that we have separate ways of doing connections for each link type,
we can do better than an "if" statement to handle each link type.

Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-15 00:53:19 -03:00
Vinicius Costa Gomes b7d839bfff Bluetooth: Refactor SCO connection into its own function
We can do the same that we did for the other link types, for SCO
connections. The only thing that's worth noting is that as SCO
links need an ACL link, this functions uses the function that adds
an ACL link.

Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-15 00:53:17 -03:00
Vinicius Costa Gomes db4742756a Bluetooth: Refactor ACL connection into its own function
The hci_connect() function was starting to get too complicated to be
quickly understood. We can separate the creation of a new ACL
connection into its own function.

Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-15 00:53:16 -03:00
Vinicius Costa Gomes d04aef4ccc Bluetooth: Refactor LE connection into its own function
The code that handles LE connection is already quite separated from
the rest of the connection procedure, so we can easily put it into
its own.

Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-15 00:53:14 -03:00
Vinicius Costa Gomes 1aef866968 Bluetooth: Rename LE and ACL connection functions
These names were causing much confusion, so we rename these functions
that send HCI commands to be more similar in naming to the actual HCI
commands that will be sent.

Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-15 00:53:12 -03:00
Vinicius Costa Gomes 57f5d0d1d9 Bluetooth: Remove some functions from being exported
Some connection related functions are only used inside hci_conn.c
so no need to have them exported.

Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-15 00:53:11 -03:00
Jiri Slaby 734cc17838 TTY: use tty_port_register_device
Currently we have no way to assign tty->port while performing tty
installation. There are two ways to provide the link tty_struct =>
tty_port. Either by calling tty_port_install from tty->ops->install or
tty_port_register_device called instead of tty_register_device when
the device is being set up after connected.

In this patch we modify most of the drivers to do the latter. When the
drivers use tty_register_device and we have tty_port already, we
switch to tty_port_register_device. So we have the tty_struct =>
tty_port link for free for those.

Signed-off-by: Jiri Slaby <jslaby@suse.cz>
Acked-by: Alan Cox <alan@linux.intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2012-08-13 16:50:19 -07:00
Alan Cox 89c8d91e31 tty: localise the lock
The termios and other changes mean the other protections needed on the driver
tty arrays should be adequate. Turn it all back on.

This contains pieces folded in from the fixes made to the original patches

| From: Geert Uytterhoeven <geert@linux-m68k.org>	(fix m68k)
| From: Paul Gortmaker <paul.gortmaker@windriver.com>	(fix cris)
| From: Jiri Kosina <jkosina@suze.cz>			(lockdep)
| From: Eric Dumazet <eric.dumazet@gmail.com>		(lockdep)

Signed-off-by: Alan Cox <alan@linux.intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2012-08-10 12:55:47 -07:00
Jaganath Kanakkassery 49dfbb9129 Bluetooth: Fix socket not getting freed if l2cap channel create fails
If l2cap_chan_create() fails then it will return from l2cap_sock_kill
since zapped flag of sk is reset.

Signed-off-by: Jaganath Kanakkassery <jaganath.k@samsung.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-06 15:19:37 -03:00
Andrei Emeltchenko d08fd0e712 Bluetooth: smp: Fix possible NULL dereference
smp_chan_create might return NULL so we need to check before
dereferencing smp.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-06 15:19:37 -03:00
Ram Malovany c3e7c0d90b Bluetooth: Set name_state to unknown when entry name is empty
When the name of the given entry is empty , the state needs to be
updated accordingly.

Cc: stable@vger.kernel.org
Signed-off-by: Ram Malovany <ramm@ti.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-06 15:19:36 -03:00
Ram Malovany 7cc8380eb1 Bluetooth: Fix using a NULL inquiry cache entry
If the device was not found in a list of found devices names of which
are pending.This may happen in a case when HCI Remote Name Request
was sent as a part of incoming connection establishment procedure.
Hence there is no need to continue resolving a next name as it will
be done upon receiving another Remote Name Request Complete Event.
This will fix a kernel crash when trying to use this entry to resolve
the next name.

Cc: stable@vger.kernel.org
Signed-off-by: Ram Malovany <ramm@ti.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-06 15:19:36 -03:00
Ram Malovany c810089c27 Bluetooth: Fix using NULL inquiry entry
If entry wasn't found in the hci_inquiry_cache_lookup_resolve do not
resolve the name.This will fix a kernel crash when trying to use NULL
pointer.

Cc: stable@vger.kernel.org
Signed-off-by: Ram Malovany <ramm@ti.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-06 15:19:36 -03:00
Szymon Janc a9ea3ed9b7 Bluetooth: Fix legacy pairing with some devices
Some devices e.g. some Android based phones don't do SDP search before
pairing and cancel legacy pairing when ACL is disconnected.

PIN Code Request event which changes ACL timeout to HCI_PAIRING_TIMEOUT
is only received after remote user entered PIN.

In that case no L2CAP is connected so default HCI_DISCONN_TIMEOUT
(2 seconds) is being used to timeout ACL connection. This results in
problems with legacy pairing as remote user has only few seconds to
enter PIN before ACL is disconnected.

Increase disconnect timeout for incomming connection to
HCI_PAIRING_TIMEOUT if SSP is disabled and no linkey exists.

To avoid keeping ACL alive for too long after SDP search set ACL
timeout back to HCI_DISCONN_TIMEOUT when L2CAP is connected.

2012-07-19 13:24:43.413521 < HCI Command: Create Connection (0x01|0x0005) plen 13
    bdaddr 00:02:72:D6:6A:3F ptype 0xcc18 rswitch 0x01 clkoffset 0x0000
    Packet type: DM1 DM3 DM5 DH1 DH3 DH5
2012-07-19 13:24:43.425224 > HCI Event: Command Status (0x0f) plen 4
    Create Connection (0x01|0x0005) status 0x00 ncmd 1
2012-07-19 13:24:43.885222 > HCI Event: Role Change (0x12) plen 8
    status 0x00 bdaddr 00:02:72:D6:6A:3F role 0x01
    Role: Slave
2012-07-19 13:24:44.054221 > HCI Event: Connect Complete (0x03) plen 11
    status 0x00 handle 42 bdaddr 00:02:72:D6:6A:3F type ACL encrypt 0x00
2012-07-19 13:24:44.054313 < HCI Command: Read Remote Supported Features (0x01|0x001b) plen 2
    handle 42
2012-07-19 13:24:44.055176 > HCI Event: Page Scan Repetition Mode Change (0x20) plen 7
    bdaddr 00:02:72:D6:6A:3F mode 0
2012-07-19 13:24:44.056217 > HCI Event: Max Slots Change (0x1b) plen 3
    handle 42 slots 5
2012-07-19 13:24:44.059218 > HCI Event: Command Status (0x0f) plen 4
    Read Remote Supported Features (0x01|0x001b) status 0x00 ncmd 0
2012-07-19 13:24:44.062192 > HCI Event: Command Status (0x0f) plen 4
    Unknown (0x00|0x0000) status 0x00 ncmd 1
2012-07-19 13:24:44.067219 > HCI Event: Read Remote Supported Features (0x0b) plen 11
    status 0x00 handle 42
    Features: 0xbf 0xfe 0xcf 0xfe 0xdb 0xff 0x7b 0x87
2012-07-19 13:24:44.067248 < HCI Command: Read Remote Extended Features (0x01|0x001c) plen 3
    handle 42 page 1
2012-07-19 13:24:44.071217 > HCI Event: Command Status (0x0f) plen 4
    Read Remote Extended Features (0x01|0x001c) status 0x00 ncmd 1
2012-07-19 13:24:44.076218 > HCI Event: Read Remote Extended Features (0x23) plen 13
    status 0x00 handle 42 page 1 max 1
    Features: 0x01 0x00 0x00 0x00 0x00 0x00 0x00 0x00
2012-07-19 13:24:44.076249 < HCI Command: Remote Name Request (0x01|0x0019) plen 10
    bdaddr 00:02:72:D6:6A:3F mode 2 clkoffset 0x0000
2012-07-19 13:24:44.081218 > HCI Event: Command Status (0x0f) plen 4
    Remote Name Request (0x01|0x0019) status 0x00 ncmd 1
2012-07-19 13:24:44.105214 > HCI Event: Remote Name Req Complete (0x07) plen 255
    status 0x00 bdaddr 00:02:72:D6:6A:3F name 'uw000951-0'
2012-07-19 13:24:44.105284 < HCI Command: Authentication Requested (0x01|0x0011) plen 2
    handle 42
2012-07-19 13:24:44.111207 > HCI Event: Command Status (0x0f) plen 4
    Authentication Requested (0x01|0x0011) status 0x00 ncmd 1
2012-07-19 13:24:44.112220 > HCI Event: Link Key Request (0x17) plen 6
    bdaddr 00:02:72:D6:6A:3F
2012-07-19 13:24:44.112249 < HCI Command: Link Key Request Negative Reply (0x01|0x000c) plen 6
    bdaddr 00:02:72:D6:6A:3F
2012-07-19 13:24:44.115215 > HCI Event: Command Complete (0x0e) plen 10
    Link Key Request Negative Reply (0x01|0x000c) ncmd 1
    status 0x00 bdaddr 00:02:72:D6:6A:3F
2012-07-19 13:24:44.116215 > HCI Event: PIN Code Request (0x16) plen 6
    bdaddr 00:02:72:D6:6A:3F
2012-07-19 13:24:48.099184 > HCI Event: Auth Complete (0x06) plen 3
    status 0x13 handle 42
    Error: Remote User Terminated Connection
2012-07-19 13:24:48.179182 > HCI Event: Disconn Complete (0x05) plen 4
    status 0x00 handle 42 reason 0x13
    Reason: Remote User Terminated Connection

Cc: stable@vger.kernel.org
Signed-off-by: Szymon Janc <szymon.janc@tieto.com>
Acked-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-06 15:19:36 -03:00
Gustavo Padovan 269c4845d5 Bluetooth: Fix possible deadlock in SCO code
sco_chan_del() only has conn != NULL when called from sco_conn_del() so
just move the code from it that deal with conn to sco_conn_del().

[  120.765529]
[  120.765529] ======================================================
[  120.766529] [ INFO: possible circular locking dependency detected ]
[  120.766529] 3.5.0-rc1-10292-g3701f94-dirty #70 Tainted: G        W
[  120.766529] -------------------------------------------------------
[  120.766529] kworker/u:3/1497 is trying to acquire lock:
[  120.766529]  (&(&conn->lock)->rlock#2){+.+...}, at:
[<ffffffffa00b7ecc>] sco_chan_del+0x4c/0x170 [bluetooth]
[  120.766529]
[  120.766529] but task is already holding lock:
[  120.766529]  (slock-AF_BLUETOOTH-BTPROTO_SCO){+.+...}, at:
[<ffffffffa00b8401>] sco_conn_del+0x61/0xe0 [bluetooth]
[  120.766529]
[  120.766529] which lock already depends on the new lock.
[  120.766529]
[  120.766529]
[  120.766529] the existing dependency chain (in reverse order) is:
[  120.766529]
[  120.766529] -> #1 (slock-AF_BLUETOOTH-BTPROTO_SCO){+.+...}:
[  120.766529]        [<ffffffff8107980e>] lock_acquire+0x8e/0xb0
[  120.766529]        [<ffffffff813c19e0>] _raw_spin_lock+0x40/0x80
[  120.766529]        [<ffffffffa00b85e9>] sco_connect_cfm+0x79/0x300
[bluetooth]
[  120.766529]        [<ffffffffa0094b13>]
hci_sync_conn_complete_evt.isra.90+0x343/0x400 [bluetooth]
[  120.766529]        [<ffffffffa009d447>] hci_event_packet+0x317/0xfb0
[bluetooth]
[  120.766529]        [<ffffffffa008aa68>] hci_rx_work+0x2c8/0x890
[bluetooth]
[  120.766529]        [<ffffffff81047db7>] process_one_work+0x197/0x460
[  120.766529]        [<ffffffff810489d6>] worker_thread+0x126/0x2d0
[  120.766529]        [<ffffffff8104ee4d>] kthread+0x9d/0xb0
[  120.766529]        [<ffffffff813c4294>] kernel_thread_helper+0x4/0x10
[  120.766529]
[  120.766529] -> #0 (&(&conn->lock)->rlock#2){+.+...}:
[  120.766529]        [<ffffffff81078a8a>] __lock_acquire+0x154a/0x1d30
[  120.766529]        [<ffffffff8107980e>] lock_acquire+0x8e/0xb0
[  120.766529]        [<ffffffff813c19e0>] _raw_spin_lock+0x40/0x80
[  120.766529]        [<ffffffffa00b7ecc>] sco_chan_del+0x4c/0x170
[bluetooth]
[  120.766529]        [<ffffffffa00b8414>] sco_conn_del+0x74/0xe0
[bluetooth]
[  120.766529]        [<ffffffffa00b88a2>] sco_disconn_cfm+0x32/0x60
[bluetooth]
[  120.766529]        [<ffffffffa0093a82>]
hci_disconn_complete_evt.isra.53+0x242/0x390 [bluetooth]
[  120.766529]        [<ffffffffa009d747>] hci_event_packet+0x617/0xfb0
[bluetooth]
[  120.766529]        [<ffffffffa008aa68>] hci_rx_work+0x2c8/0x890
[bluetooth]
[  120.766529]        [<ffffffff81047db7>] process_one_work+0x197/0x460
[  120.766529]        [<ffffffff810489d6>] worker_thread+0x126/0x2d0
[  120.766529]        [<ffffffff8104ee4d>] kthread+0x9d/0xb0
[  120.766529]        [<ffffffff813c4294>] kernel_thread_helper+0x4/0x10
[  120.766529]
[  120.766529] other info that might help us debug this:
[  120.766529]
[  120.766529]  Possible unsafe locking scenario:
[  120.766529]
[  120.766529]        CPU0                    CPU1
[  120.766529]        ----                    ----
[  120.766529]   lock(slock-AF_BLUETOOTH-BTPROTO_SCO);
[  120.766529]
lock(&(&conn->lock)->rlock#2);
[  120.766529]
lock(slock-AF_BLUETOOTH-BTPROTO_SCO);
[  120.766529]   lock(&(&conn->lock)->rlock#2);
[  120.766529]
[  120.766529]  *** DEADLOCK ***

Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-06 15:19:36 -03:00
Andre Guedes cd17decbd9 Bluetooth: Refactor in hci_le_conn_complete_evt
This patch moves the hci_conn check to begining of hci_le_conn_
complete_evt in order to improve code's readability and better
error handling.

Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-06 15:08:41 -03:00
Andre Guedes b47a09b33a Bluetooth: Lookup hci_conn in hci_le_conn_complete_evt
This patch does a trivial code refactoring in hci_conn lookup in
hci_le_conn_complete_evt. It performs the hci_conn lookup at the
begining of the function since it is used by both flows (error
and success).

Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-06 15:08:10 -03:00
Andre Guedes 0c95ab78be Bluetooth: Find hci_conn by BT_CONNECT state
This patch changes hci_cs_le_create_conn to perform hci_conn lookup
by state instead of bdaddr.

Since we can have only one LE connection in BT_CONNECT state, we can
perform LE hci_conn lookup by state. This way, we don't rely on
hci_sent_cmd_data helper to find the hci_conn object.

Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-06 15:07:49 -03:00
Andre Guedes f00a06ac14 Bluetooth: Refactor hci_cs_le_create_conn
This patch does some code refactoring in hci_cs_le_create_conn
function. The hci_conn object is only needed in case of failure,
therefore hdev locking and hci_conn lookup were moved to
if-statement scope.

Also, the conn->state check was removed since we should always
close the connection if it fails.

Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-06 15:07:05 -03:00
Andre Guedes 847012c5e0 Bluetooth: Remove unneeded code
This patch removes some unneeded code from hci_cs_le_create_conn.

If the hci_conn is not found, it means this LE connection attempt
was triggered by a thrid-party tool (e.g. hcitool). We should not
create this new hci_conn in LE Create Connection command status
event since it is already properly handled in LE Connection
Complete event.

Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-06 15:05:51 -03:00
Andre Guedes b9b343d254 Bluetooth: Fix hci_le_conn_complete_evt
We need to check the 'Role' parameter from the LE Connection
Complete Event in order to properly set 'out' and 'link_mode'
fields from hci_conn structure.

Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-06 15:05:10 -03:00
Andre Guedes 230fd16a23 Bluetooth: Trivial refactoring
This patch replaces the unlock-and-return statements by the goto
statement.

Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-06 15:04:39 -03:00
Masatake YAMATO de9b9212c7 Bluetooth: Added /proc/net/sco via bt_procfs_init()
Added /proc/net/sco via bt_procfs_init().

Signed-off-by: Masatake YAMATO <yamato@redhat.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-06 15:03:00 -03:00
Masatake YAMATO c6f5df16a2 Bluetooth: Added /proc/net/rfcomm via bt_procfs_init()
Added /proc/net/rfcomm via bt_procfs_init().

Signed-off-by: Masatake YAMATO <yamato@redhat.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-06 15:03:00 -03:00
Masatake YAMATO 5b28d95c13 Bluetooth: Added /proc/net/l2cap via bt_procfs_init()
Added /proc/net/l2cap via bt_procfs_init().

Signed-off-by: Masatake YAMATO <yamato@redhat.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-06 15:02:59 -03:00
Masatake YAMATO 5c6ad8eee0 Bluetooth: Added /proc/net/hidp via bt_procfs_init()
Added /proc/net/hidp via bt_procfs_init().

Signed-off-by: Masatake YAMATO <yamato@redhat.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-06 15:02:59 -03:00
Masatake YAMATO f7c8663789 Bluetooth: Added /proc/net/hci via bt_procfs_init()
Added /proc/net/hci via bt_procfs_init().

Signed-off-by: Masatake YAMATO <yamato@redhat.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-06 15:02:59 -03:00
Masatake YAMATO 8c8de589ce Bluetooth: Added /proc/net/cmtp via bt_procfs_init()
Added /proc/net/cmtp via bt_procfs_init().

Signed-off-by: Masatake YAMATO <yamato@redhat.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-06 15:02:59 -03:00
Masatake YAMATO 77cf5585a3 Bluetooth: Added /proc/net/bnep via bt_procfs_init()
Added /proc/net/bnep via bt_procfs_init().

Signed-off-by: Masatake YAMATO <yamato@redhat.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-06 15:02:59 -03:00
Masatake YAMATO 256a06c8a8 Bluetooth: /proc/net/ entries for bluetooth protocols
lsof command can tell the type of socket processes are using.
Internal lsof uses inode numbers on socket fs to resolve the type of
sockets. Files under /proc/net/, such as tcp, udp, unix, etc provides
such inode information.

Unfortunately bluetooth related protocols don't provide such inode
information. This patch series introduces /proc/net files for the protocols.

This patch against af_bluetooth.c provides facility to the implementation
of protocols. This patch extends bt_sock_list and introduces two exported
function bt_procfs_init, bt_procfs_cleanup.

The type bt_sock_list is already used in some of implementation of
protocols. bt_procfs_init prepare seq_operations which converts
protocol own bt_sock_list data to protocol own proc entry when the
entry is accessed.

What I, lsof user, need is just inode number of bluetooth
socket. However, people may want more information. The bt_procfs_init
takes a function pointer for customizing the show handler of
seq_operations.

In v4 patch, __acquires and __releases attributes are added to suppress
sparse warning. Suggested by Andrei Emeltchenko.

In v5 patch, linux/proc_fs.h is included to use PDE. Build error is
reported by Fengguang Wu.

Signed-off-by: Masatake YAMATO <yamato@redhat.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-06 15:02:58 -03:00
Jaganath Kanakkassery 4af66c691f Bluetooth: Free the l2cap channel list only when refcount is zero
Move the l2cap channel list chan->global_l under the refcnt
protection and free it based on the refcnt.

Signed-off-by: Jaganath Kanakkassery <jaganath.k@samsung.com>
Signed-off-by: Syam Sidhardhan <s.syam@samsung.com>
Reviewed-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-06 15:02:58 -03:00
Jaganath Kanakkassery 3064837289 Bluetooth: Move l2cap_chan_hold/put to l2cap_core.c
Refactor the code in order to use the l2cap_chan_destroy()
from l2cap_chan_put() under the refcnt protection.

Signed-off-by: Jaganath Kanakkassery <jaganath.k@samsung.com>
Signed-off-by: Syam Sidhardhan <s.syam@samsung.com>
Reviewed-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-06 15:02:58 -03:00
Andre Guedes ee72d150ad Bluetooth: Remove locking in hci_user_passkey_request_evt
This patch removes hdev locking in hci_user_passkey_request_evt
since it is not needed. mgmt_user_passkey_request simply calls
mgmt_event which does not require hdev locking at all.

Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-06 15:02:58 -03:00
Andrei Emeltchenko 9e66463127 Bluetooth: Make connect / disconnect cfm functions return void
Return values are never used because callers hci_proto_connect_cfm
and hci_proto_disconn_cfm return void.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-06 15:02:58 -03:00
Andre Guedes c58e810eb0 Bluetooth: Use lmp_no_flush_capable where applicable
This patch replaces all LMP_NO_FLUSH bit checking by the helper
macro lmp_no_flush_capable.

Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-06 15:02:57 -03:00
Andre Guedes 999dcd10a8 Bluetooth: Use lmp_sniffsubr_capable where applicable
This patch replaces all LMP_SNIFF_SUBR bit checking by the helper
macro lmp_sniffsubr_capable.

Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-06 15:02:57 -03:00
Andre Guedes 6eded1004a Bluetooth: Use lmp_sniff_capable where applicable
This patch replaces all LMP_SNIFF bit checking by the helper macro
lmp_sniff_capable.

Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-06 15:02:57 -03:00
Andre Guedes 9f92ebf6c7 Bluetooth: Use lmp_rswitch_capable where applicable
This patch replaces all LMP_RSWITCH bit checking by the helper macro
lmp_rswitch_capable.

Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-06 15:02:57 -03:00
Andre Guedes 45db810fb7 Bluetooth: Use lmp_esco_capable where applicable
This patch replaces all LMP_ESCO bit checking by the helper macro
lmp_esco_capable.

Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-06 15:02:57 -03:00
Andre Guedes 9a1a1996d5 Bluetooth: Use lmp_ssp_capable where applicable
This patch replaces all LMP_SIMPLE_PAIR bit checking by the helper
macro lmp_ssp_capable.

Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-06 15:02:56 -03:00
Andre Guedes c383ddc481 Bluetooth: Use lmp_le_capable where applicable
This patch replaces all LMP_LE bit checking by the helper macro
lmp_le_capable.

Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-06 15:02:56 -03:00
Andre Guedes ed3fa31f35 Bluetooth: Use lmp_bredr_capable where applicable
This patch replaces all LMP_NO_BREDR bit checking by the helper
macro lmp_bredr_capable.

Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-06 15:02:56 -03:00
Andrei Emeltchenko 78eb2f985c Bluetooth: Fix processing A2MP chan in security_cfm
Do not process A2MP channel in l2cap_security_cfm

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-06 15:02:56 -03:00
Andrei Emeltchenko d9fc1d54f6 Bluetooth: Do not shadow hdr variable
Fix compile warnings below:

...
net/bluetooth/a2mp.c:505:33: warning: symbol 'hdr' shadows an earlier one
net/bluetooth/a2mp.c:498:25: originally declared here
...

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-06 15:02:55 -03:00
Andrei Emeltchenko 8e8c7e36fb Bluetooth: debug: Fix printing A2MP cmd code format
Print A2MP code format according to Bluetooth style.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-06 15:02:54 -03:00
Andrei Emeltchenko bb4b2a9ae3 Bluetooth: mgmt: Managing only BR/EDR HCI controllers
Add check that HCI controller is BR/EDR. AMP controller shall not be
managed by mgmt interface and consequently user space.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Acked-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-08-06 15:02:54 -03:00
Greg Kroah-Hartman c87985a3ce Merge tty-next into 3.6-rc1
This handles the merge issue in:
	arch/um/drivers/line.c
	arch/um/drivers/line.h
And resolves the duplicate patches that were in both trees do to the
tty-next branch not getting merged into 3.6-rc1.

Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2012-08-06 09:48:31 -07:00
John W. Linville 90b90f60c4 Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next into for-davem 2012-07-20 12:30:48 -04:00
Alan Cox adc8d746ca tty: move the termios object into the tty
This will let us sort out a whole pile of tty related races. The
alternative would be to keep points and refcount the termios objects.
However
1. They are tiny anyway
2. Many devices don't use the stored copies
3. We can remove a pty special case

Signed-off-by: Alan Cox <alan@linux.intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2012-07-16 13:00:41 -07:00
Alan Cox 6d31a88cb2 tty: revert incorrectly applied lock patch
I sent GregKH this after the pre-requisites. He dropped the pre-requesites
for good reason and unfortunately then applied this patch. Without this
reverted you get random kernel memory corruption which will make bisecting
anything between it and the properly applied patches a complete sod.

Signed-off-by: Alan Cox <alan@linux.intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2012-07-16 12:58:12 -07:00
Greg Kroah-Hartman 467a3ca5ca Merge branch 'v3.6-rc7' into tty-next
This is to sync up on Linus's branch to get the other tty and core changes.

Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2012-07-16 12:32:42 -07:00
Johan Hedberg 83ce9a06b5 Bluetooth: Change page scan interval in fast connectable mode
This patch is based on a user space (hciops) patch which never made it
upstream but does make sense to include in the mgmt part of the kernel.

(User space) commit message from Dmitriy Paliy:
"
Page scan interval in fast connectable mode is changed from 22.5 msec to
160 msec to perform less aggressive page scanning. This is done
accordingly to controller vendor recommendation.

Primary concern is that current parameters 22.5 interval, 11.25 window,
and interleaved scanning occupy whole radio bandwidth. Changing interval
to 160 msec should be sufficient for both speeding up connection
establishment and leaving space for other activities, like inquiry scan,
e.g.
"

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-07-16 10:50:11 -03:00
Mat Martineau c20f8e35ca Bluetooth: Use tx window from config response for ack timing
This change addresses an L2CAP ERTM throughput problem when a remote
device does not fully utilize the available transmit window.

The L2CAP ERTM transmit window size determines the maximum number of
unacked frames that may be outstanding at any time. It is configured
separately for each direction of an ERTM connection. Each side sends a
configuration request with a tx_win field indicating how many unacked
frames it is capable of receiving before sending an ack. The
configuration response's tx_win field shows how many frames the
transmitter will actually send before waiting for an ack.

It's important to trace both the actual transmit window (to check for
validity of incoming frames) and the number of frames that the
transmitter will send before waiting (to send acks at the appropriate
time). Now there are separate tx_win and ack_win values. ack_win is
updated based on configuration responses, and is used to determine
when acks are sent.

Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-07-15 12:18:29 -03:00
Andrei Emeltchenko a0dfe0ab6b Bluetooth: debug: Print amp_mgr refcnt
Improve debug output.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-07-11 10:09:37 -03:00
Andrei Emeltchenko 9f1db00cdc Bluetooth: debug: Use standard hex object specifiers in hci_event
To help debugging printed hex object use standard bluetooth
specifiers in hci_event. The patch changes format from 0x%04x to 0x%4.4x;
print manufacturer id and handle in hex instead of int; print opcode
always in 0x%4.4x format; status in 0x%2.2x.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-07-11 09:56:03 -03:00
Andrei Emeltchenko 89d8b40789 Bluetooth: debug: Add debug to l2cap_security_cfm
Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-07-10 15:42:07 -03:00
Andrei Emeltchenko ad0ac6ca5f Bluetooth: debug: Print CID and PSM in hex format
Correct places where CID and PSM were printed as int. For CID: 0x%4.4x
is used and for PSM: 0x%2.2x.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-07-10 15:41:50 -03:00
Andrei Emeltchenko b44006728d Bluetooth: debug: Correct types specifiers for L2CAP
Avoid unneeded type conversion by correcting type specifiers in debug
statements for L2CAP.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-07-10 15:40:50 -03:00
Andrei Emeltchenko 2104786b42 Bluetooth: debug: Add printing num of cmds queued
Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-07-10 15:35:27 -03:00
Jaganath Kanakkassery afeb019d0a Bluetooth: Refactor PIN code rejection to use user_pairing_resp()
Reuse user_pairing_resp() to send PIN code negative reply

Signed-off-by: Jaganath Kanakkassery <jaganath.k@samsung.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-07-10 15:26:21 -03:00
Alan Cox f5e3bcc504 tty: localise the lock
The termios and other changes mean the other protections needed on the driver
tty arrays should be adequate. Turn it all back on.

This contains pieces folded in from the fixes made to the original patches

| From: Geert Uytterhoeven <geert@linux-m68k.org>	(fix m68k)
| From: Paul Gortmaker <paul.gortmaker@windriver.com>	(fix cris)
| From: Jiri Kosina <jkosina@suze.cz>			(lockdep)
| From: Eric Dumazet <eric.dumazet@gmail.com>		(lockdep)

Signed-off-by: Alan Cox <alan@linux.intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2012-07-06 14:24:52 -07:00
Andrei Emeltchenko ce2be9acff Bluetooth: Do not auto off AMP controller
Since AMP controller is not managed by user space do not shut it down.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-30 12:35:49 -03:00
Andrei Emeltchenko d300fa9b14 Bluetooth: Route traffic only through BR/EDR controller
If AMP controller is first in the list then Bluetooth traffic might
be routed through it (if source is not specified). The patch
prevents this case and also checks that source is BR/EDR.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-30 12:15:32 -03:00
Andrei Emeltchenko 38b3fef173 Bluetooth: Improve debugging messages for hci_conn
Improve debugging of hci_conn objects by: adding print to hci_conn
refcounting, adding object spcifier when missing, change conn to hcon
since conn is heavily used for l2cap_conn objects and this is misleading.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-30 11:41:24 -03:00
David S. Miller b26d344c6b Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
Conflicts:
	drivers/net/caif/caif_hsi.c
	drivers/net/usb/qmi_wwan.c

The qmi_wwan merge was trivial.

The caif_hsi.c, on the other hand, was not.  It's a conflict between
1c385f1fdf ("caif-hsi: Replace platform
device with ops structure.") in the net-next tree and commit
39abbaef19 ("caif-hsi: Postpone init of
HIS until open()") in the net tree.

I did my best with that one and will ask Sjur to check it out.

Signed-off-by: David S. Miller <davem@davemloft.net>
2012-06-28 17:37:00 -07:00
Linus Torvalds f3747e2f2c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
Pull networking update from David Miller:

 1) Pairing and deadlock fixes in bluetooth from Johan Hedberg.

 2) Add device IDs for AR3011 and AR3012 bluetooth chips.  From
    Giancarlo Formicuccia and Marek Vasut.

 3) Fix wireless regulatory deadlock, from Eliad Peller.

 4) Fix full TX ring panic in bnx2x driver, from Eric Dumazet.

 5) Revert the two commits that added skb_orphan_try(), it causes
    erratic bonding behavior with UDP clients and the gains it used to
    give are mostly no longer happening due to how BQL works.  From Eric
    Dumazet.

 6) It took two tries, but Thomas Graf fixed a problem wherein we
    registered ipv6 routing procfs files before their backend data were
    initialized properly.

 7) Fix max GSO size setting in be2net, from Sarveshwar Bandi.

 8) PHY device id mask is wrong for KSZ9021 and KS8001 chips, fix from
    Jason Wang.

 9) Fix use of stale SKB data pointer after skb_linearize() call in
    batman-adv, from Antonio Quartulli.

10) Fix memory leak in IXGBE due to missing __GFP_COMP, from Alexander
    Duyck.

11) Fix probing of Gobi devices in qmi_wwan usbnet driver, from Bjørn
    Mork.

12) Fix suspend/resume and open failure handling in usbnet from Ming
    Lei.

13) Attempt to fix device r8169 hangs for certain chips, from Francois
    Romieu.

14) Fix advancement of RX dirty pointer in some situations in sh_eth
    driver, from Yoshihiro Shimoda.

15) Attempt to fix restart of IPV6 routing table dumps when there is an
    intervening table update.  From Eric Dumazet.

16) Respect security_inet_conn_request() return value in ipv6 TCP.  From
    Neal Cardwell.

17) Add another iPAD device ID to ipheth driver, from Davide Gerhard.

18) Fix access to freed SKB in l2tp_eth_dev_xmit(), and fix l2tp lockdep
    splats, from Eric Dumazet.

19) Make sure all bridge devices, regardless of whether they were
    created via netlink or ioctls, have their rtnetlink ops hooked up.
    From Thomas Graf and Stephen Hemminger.

* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (81 commits)
  9p: fix min_t() casting in p9pdu_vwritef()
  can: flexcan: use be32_to_cpup to handle the value of dt entry
  xen/netfront: teardown the device before unregistering it.
  bridge: Assign rtnl_link_ops to bridge devices created via ioctl (v2)
  vhost: use USER_DS in vhost_worker thread
  ixgbe: Do not pad FCoE frames as this can cause issues with FCoE DDP
  net: l2tp_eth: use LLTX to avoid LOCKDEP splats
  mac802154: add missed braces
  net: l2tp_eth: fix l2tp_eth_dev_xmit race
  net/mlx4_en: Release QP range in free_resources
  net/mlx4: Use single completion vector after NOP failure
  net/mlx4_en: Set correct port parameters during device initialization
  ipheth: add support for iPad
  caif-hsi: Add missing return in error path
  caif-hsi: Bugfix - Piggyback'ed embedded CAIF frame lost
  caif: Clear shutdown mask to zero at reconnect.
  tcp: heed result of security_inet_conn_request() in tcp_v6_conn_request()
  ipv6: fib: fix fib dump restart
  batman-adv: fix race condition in TT full-table replacement
  batman-adv: only drop packets of known wifi clients
  ...
2012-06-28 11:20:31 -07:00
Linus Torvalds 60d2c25251 Merge branch 'upstream-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid
Pull HID fixes from Jiri Kosina:
 "The most important one is a purification of Kconfig for CONFIG_HID;
  the inclusion of HID groups and autoloading didn't leave the Kconfig
  in a really consistent state.  Henrik's patch fixes that.  In addition
  to that, there are two small fixes for logitech and magicmouse
  drivers."

* 'upstream-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid:
  HID: Fix the generic Kconfig options
  HID: magicmouse: Correct report range of major / minor axes
  HID: logitech: don't use stack based dj_report structures
2012-06-26 11:23:41 -07:00
Gustavo Padovan b82c29d81d Merge branch 'for-upstream' of git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth 2012-06-26 08:36:30 -07:00
David S. Miller e486463e82 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
Conflicts:
	drivers/net/usb/qmi_wwan.c
	net/batman-adv/translation-table.c
	net/ipv6/route.c

qmi_wwan.c resolution provided by Bjørn Mork.

batman-adv conflict is dealing merely with the changes
of global function names to have a proper subsystem
prefix.

ipv6's route.c conflict is merely two side-by-side additions
of network namespace methods.

Signed-off-by: David S. Miller <davem@davemloft.net>
2012-06-25 15:50:32 -07:00
Henrik Rydberg 1f41a6a994 HID: Fix the generic Kconfig options
The generic HID driver is obviously not a special driver, so move it
outside of the special drivers menu. Explain the usage and make the
default follow the HID setting. This should simplify migration from
older kernels. While at it, remove the redundant HID_SUPPORT option
and modify the HID and USB_HID entries to better explain the bus
structure.

Reported-by: Jan Beulich <jbeulich@suse.com>
Signed-off-by: Henrik Rydberg <rydberg@euromail.se>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
2012-06-25 17:25:00 +02:00
Andre Guedes 790eff4429 Bluetooth: Use GFP_KERNEL in mgmt events functions
cmd_status, cmd_complete and mgmt_event functions are executed in
process context and they are not called inside atomic sections. Thus,
they should use GFP_KERNEL for memory allocation instead of GFP_ATOMIC.

Signed-off-by: Andre Guedes <aguedespe@gmail.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-19 00:53:38 -03:00
Andre Guedes 12b9456502 Bluetooth: Use GFP_KERNEL in mgmt_pending_add
We are allowed to sleep in mgmt_pending_add, so we should use
GFP_KERNEL for memory allocations instead of GFP_ATOMIC.

Signed-off-by: Andre Guedes <aguedespe@gmail.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-19 00:53:37 -03:00
Andre Guedes 92c4c20497 Bluetooth: Use GFP_KERNEL in mgmt_handlers
add_uuid and get_connections mgmt_handlers are executed by user
threads running in kernel-mode.

Signed-off-by: Andre Guedes <aguedespe@gmail.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-19 00:53:37 -03:00
Andrei Emeltchenko 9345d40c58 Bluetooth: Use AUTO_OFF constant in jiffies
Move AUTO_OFF_TIMEOUT to other constants changing name to
HCI_AUTO_OFF_TIMEOUT and convert to jiffies.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-19 00:12:37 -03:00
Andrei Emeltchenko 33cef264cd Bluetooth: Fix compile warnings in mgmt
Commit af7985bf85 introduced regression
resulting in complie warnings:

...
net/bluetooth/mgmt.c:3568:27: warning: invalid assignment: |=
net/bluetooth/mgmt.c:3568:27:    left side has type restricted __le32
net/bluetooth/mgmt.c:3568:27:    right side has type int
net/bluetooth/mgmt.c:3570:27: warning: invalid assignment: |=
net/bluetooth/mgmt.c:3570:27:    left side has type restricted __le32
net/bluetooth/mgmt.c:3570:27:    right side has type int
net/bluetooth/mgmt.c:3580:21: warning: cast from restricted __le32
...

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-18 23:55:59 -03:00
Vishal Agarwal f960727e6c Bluetooth: Fix sending HCI_Disconnect only when connected
HCI_Disconnect should only be sent after connection is established.
If connection is not yet established and HCI_Disconnect is called
then disconnection complete will be received with a handle which
does not exist and hence this event will be ignored.
But as mgmt.c will not receive this event, its variable for pending
command is not cleared.This will result in future Disconnect commands
for that BD Address to be blocked with error busy.

Signed-off-by: Vishal Agarwal <vishal.agarwal@stericsson.com>
Acked-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-14 12:19:39 -03:00
John W. Linville 211c17aaee Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless
Conflicts:
	drivers/net/wireless/ath/ath9k/main.c
	net/bluetooth/hci_event.c
2012-06-13 15:35:35 -04:00
Andre Guedes 3701f94451 Bluetooth: Remove magic value in disconnect mgmt handler
This patch replaces the magic value of variable 'reason' by the
proper macro.

Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-12 23:26:03 -03:00
Jefferson Delfes af7985bf85 Bluetooth: Fix flags of mgmt_device_found event
Change flags field to matches userspace structure.
This field needs to be converted to little endian before forward it.

Signed-off-by: Jefferson Delfes <jefferson.delfes@openbossa.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-12 23:19:21 -03:00
Andrei Emeltchenko 11778716ed Bluetooth: Fix not setting HCI_RESET flag for AMP
Move reset function to common initialization section fixing
not setting HCI_RESET flag for amp_init.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-12 00:10:31 -03:00
Andrei Emeltchenko f0e0951007 Bluetooth: Correct debug print specifier for u16 objects
Some functions print u16 objects as "0xc03" others as "0x0c03". Patch
ensures that opcodes printed are the in the same format and consistent
with bluetooth code.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-12 00:08:54 -03:00
Andrei Emeltchenko bda4f23a5c Bluetooth: Add opcode to error message
Sometimes HCI command sending timeouts and gives error message without
specifying which command causes error. Patch makes sure that opcode
is printed to help debugging.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-12 00:07:45 -03:00
Andrei Emeltchenko 5f246e8905 Bluetooth: Update HCI timeouts constants to use msecs_to_jiffies
The HCI constants are always used in form of jiffies. So just
include the conversion from msecs in the define itself. This has the
advantage of making the code where the timeout is used more readable
and avoiding unnecessary conversions.

The patch is similar to commit ba13ccd9 doing the same job for L2CAP

Reported-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-12 00:07:05 -03:00
Andrei Emeltchenko 975b91bb17 Bluetooth: Use standard HCI cmd timeout for RESET
Remove magic and use standard HCI cmd timeout

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-12 00:06:19 -03:00
Szymon Janc 8f321f853e Bluetooth: Fix using uninitialized option in RFCMode
If remote device sends bogus RFC option with invalid length,
undefined options values are used. Fix this by using defaults when
remote misbehaves.

This also fixes the following warning reported by gcc 4.7.0:

net/bluetooth/l2cap_core.c: In function 'l2cap_config_rsp':
net/bluetooth/l2cap_core.c:3302:13: warning: 'rfc.max_pdu_size' may be used uninitialized in this function [-Wmaybe-uninitialized]
net/bluetooth/l2cap_core.c:3266:24: note: 'rfc.max_pdu_size' was declared here
net/bluetooth/l2cap_core.c:3298:25: warning: 'rfc.monitor_timeout' may be used uninitialized in this function [-Wmaybe-uninitialized]
net/bluetooth/l2cap_core.c:3266:24: note: 'rfc.monitor_timeout' was declared here
net/bluetooth/l2cap_core.c:3297:25: warning: 'rfc.retrans_timeout' may be used uninitialized in this function [-Wmaybe-uninitialized]
net/bluetooth/l2cap_core.c:3266:24: note: 'rfc.retrans_timeout' was declared here
net/bluetooth/l2cap_core.c:3295:2: warning: 'rfc.mode' may be used uninitialized in this function [-Wmaybe-uninitialized]
net/bluetooth/l2cap_core.c:3266:24: note: 'rfc.mode' was declared here

Signed-off-by: Szymon Janc <szymon.janc@tieto.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-11 23:50:28 -03:00
Gustavo Padovan cbe461c526 Merge branch 'for-upstream' of git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth
Conflicts:
	net/bluetooth/hci_event.c
2012-06-11 22:36:42 -03:00
Gustavo Padovan 1d0c4da8f7 Bluetooth: Fix style in hidp code
Follow the net rules.

Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-09 19:22:42 -03:00
Johan Hedberg 1c2e004183 Bluetooth: Add support for encryption key refresh
With LE/SMP the completion of a security level elavation from medium to
high is indicated by a HCI Encryption Key Refresh Complete event. The
necessary behavior upon receiving this event is a mix of what's done for
auth_complete and encryption_change, which is also where most of the
event handling code has been copied from.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-08 21:00:40 -03:00
Johan Hedberg 4dab786482 Bluetooth: Fix SMP security elevation from medium to high
If we have an unauthenticated key it is not sufficient to acheive high
security. Therefore, when deciding whether to encrypt the link or
request pairing, it is essential to in addition to checking the
existence of a key to also check whether it is authenticated or not.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-08 03:58:34 -03:00
Johan Hedberg d06cc416f5 Bluetooth: Fix deadlock and crash when SMP pairing times out
The l2cap_conn_del function tries to cancel_sync the security timer, but
when it's called from the timeout function itself a deadlock occurs.
Subsequently the "hcon->l2cap_data = NULL" that's supposed to protect
multiple calls to l2cap_conn_del never gets cleared and when the
connection finally drops we double free's etc which will crash the
kernel.

This patch fixes the issue by using the HCI_CONN_LE_SMP_PEND for
protecting against this. The same flag is also used for the same purpose
in other places in the SMP code.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-08 03:23:56 -03:00
Vishal Agarwal 4c47d73964 Bluetooth: Fix LE pairing completion on connection failure
For BR/EDR pairing is assumed to be finished when connection is
done. For LE if connection is successful it did not necessarily
mean that pairing is also done but if the connection is unsuccessful
it should be assumed that pairing procedure is also finished.
This patch registers a new function with connect_cfm_cb callback for
LE link which sends the pairing complete signal to user space if
connection is unsuccessful.

Signed-off-by: Vishal Agarwal <vishal.agarwal@stericsson.com>
Acked-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-08 02:50:57 -03:00
Johan Hedberg 476585ecf0 Bluetooth: Fix SMP pairing method selection
The tk_request function takes the local IO capability as the second last
parameter and the remote IO capability as the last parameter. They were
previously swapped: when we receive a pairing response
req->io_capability contains the local one and rsp->io_capability the
remote one.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-08 01:50:15 -03:00
Andrei Emeltchenko 7490c6c201 Bluetooth: Remove magic disconnect reason
The macro gives a better idea of the what the error really is.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:16 +03:00
Vinicius Costa Gomes d060991f3b Bluetooth: Fix checking the wrong flag when accepting a socket
Most probably a typo, the check should have been for BT_SK_DEFER_SETUP
instead of BT_DEFER_SETUP (which right now only represents a socket
option).

Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Acked-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:16 +03:00
Andre Guedes 0431a43ca5 Bluetooth: Filter duplicated reports in LE scan
This patch enables filtering duplicated advertising reports during
LE scan.

Some LE devices advertise using very small intervals generating lots
of equal advertising report events to the host. Each event generates
a mgmt_device_found event which is copied to userspace.

Enabling this feature, duplicated advertising reports are filtered
at controller's link layer. This way, the controller doesn't wake up
the host to report duplicated advertising reports and, consequently,
less data is copied to userspace.

Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:16 +03:00
Gustavo Padovan 7e1af8a3a5 Bluetooth: Create empty l2cap ops function
A2MP doesn't use part of the L2CAP chan ops API so we just create general
empty function instead of the A2MP specific one.

Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
2012-06-05 06:34:16 +03:00
Andre Guedes 8c3a4f004e Bluetooth: Rename L2CAP_LE_DEFAULT_MTU
This patch renames L2CAP_LE_DEFAULT_MTU macro to L2CAP_LE_MIN_MTU
since it represents the minimum MTU value, not the default MTU
value for LE.

Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:16 +03:00
Andre Guedes 682877c31f Bluetooth: Check MTU value in l2cap_sock_setsockopt_old
If user tries to set an invalid MTU value, l2cap_sock_setsockopt_old
should return -EINVAL.

Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:15 +03:00
Andre Guedes 6fcb06a28d Bluetooth: Change default MTU for L2CAP ATT channel
This patch changes the default MTU value for L2CAP ATT fixed channel
to L2CAP_DEFAULT_MTU (672 octets).

Differently from others L2CAP channels, in L2CAP ATT fixed channel
there is no MTU negotiation. The MTU value for that channel is up to
the L2CAP implementation. The only restriction in L2CAP spec is the
MTU value must not be less than 23 octets.

At ATT protocol level (on top of L2CAP), we have the ATT_MTU which
defines the maximum size of any ATT message sent between client and
server. GATT profile defines ATT_MTU default value to 23 octets. If
a GATT based profile wants to use ATT_MTU greater than 23 octets
(e.g. HID over GATT profile), it should negotiate a new value by
executing the GATT Exchange MTU sub-procedure.

Thus, in order to support any value of ATT_MTU negotiated at ATT
protocol level, our L2CAP implementation should have L2CAP ATT
fixed channel MTU equal or greater than ATT_MAX_MTU (512 octets).

Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:15 +03:00
Andrzej Kaczmarek 4f72b3291c Bluetooth: Fix not removing hci_conn for failed LE connection
This patch changes way LE Connection Complete event with error status are
handled. BDADDR returned in such event packet do not need to be valid and
should not be used to search for existing hci_conn. Instead, any hci_conn
with BT_CONNECT state should be matched since there can be only one
pending LE outgoing connection at any time.

If not handled properly, appriopriate hci_conn will not be removed and
subsequent connection to given peer will try to reuse it without making
actual connection attempt.

2012-05-07 11:21:39.133378 < HCI Command: LE Create Connection (0x08|0x000d) plen 25
    bdaddr 00:22:D0:10:13:EE type 1
2012-05-07 11:21:39.138774 > HCI Event: Command Status (0x0f) plen 4
    LE Create Connection (0x08|0x000d) status 0x00 ncmd 1
2012-05-07 11:21:44.752854 < HCI Command: LE Create Connection Cancel (0x08|0x000e) plen 0
2012-05-07 11:21:44.759475 > HCI Event: Command Complete (0x0e) plen 4
    LE Create Connection Cancel (0x08|0x000e) ncmd 1
2012-05-07 11:21:44.764479 > HCI Event: LE Meta Event (0x3e) plen 19
    LE Connection Complete
      status 0x02 handle 0, role master
      bdaddr 00:00:00:00:00:00 (Public)

[14898.739425] [6603] hci_connect: hci0 dst 00:22:D0:10:13:EE
[14898.739429] [6603] hci_conn_add: hci0 dst 00:22:D0:10:13:EE
[14898.739434] [6603] hci_conn_init_sysfs: conn ffff880079f03000
[14898.739440] [6603] hci_send_cmd: hci0 opcode 0x200d plen 25
[14898.739443] [6603] hci_send_cmd: skb len 28
[14898.739487] [6603] hci_chan_create: hci0 conn ffff880079f03000
...
[14938.860231] [55] hci_send_cmd: hci0 opcode 0x200e plen 0
...
[14938.876427] [55] hci_le_conn_complete_evt: hci0 status 2
[14938.876433] [55] hci_conn_add: hci0 dst 00:00:00:00:00:00
[14938.876439] [55] hci_conn_init_sysfs: conn ffff88007aeff800
[14938.876454] [55] hci_send_to_control: len 14
[14938.876470] [55] l2cap_connect_cfm: hcon ffff88007aeff800 bdaddr 00:00:00:00:00:00 status 2
[14938.876474] [55] hci_conn_del: hci0 conn ffff88007aeff800 handle 0

Signed-off-by: Andrzej Kaczmarek <andrzej.kaczmarek@tieto.com>
Acked-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:15 +03:00
Andrzej Kaczmarek 489dc48e75 Bluetooth: Return proper mgmt state when LE pairing connection failed
MGMT_STATUS_BUSY should be returned when LE pairing cannot be started due
to another outgoing connection attempt is ongoing.

Signed-off-by: Andrzej Kaczmarek <andrzej.kaczmarek@tieto.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:15 +03:00
Andrzej Kaczmarek dfc94dbdb9 Bluetooth: Allow only one LE connection attempt
Only one outgoing LE connection attempt should be possible.
hci_connect() will now return -EBUSY in case there's another pending
outgoing connection.

Signed-off-by: Andrzej Kaczmarek <andrzej.kaczmarek@tieto.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:15 +03:00
Gustavo Padovan f0f6279976 Bluetooth: Remove unused err var from l2cap_segment_sdu()
Trivial fix, let the code cleaner.

Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
Reviewed-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
2012-06-05 06:34:15 +03:00
Gustavo Padovan ba7aa64fe2 Bluetooth: Create function to return the ERTM header size
Simplify the handling of different ERTM header size. We were the same
check in some places of the code, and more is expected to come, so just
replace them with a function.

Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
Acked-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
2012-06-05 06:34:15 +03:00
Andrei Emeltchenko 6810fca724 Bluetooth: Make l2cap_att_channel return void
l2cap_att_channel always returns 0 which is not used.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:14 +03:00
Andrei Emeltchenko 84104b241d Bluetooth: Make l2cap_conless_channel return void
l2cap_conless_channel always return 0 which is not used.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:14 +03:00
Andrei Emeltchenko 13ca56e053 Bluetooth: Make l2cap_data_channel return void
l2cap_data_channel always return 0 which is not used anywhere,
make it void function.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:14 +03:00
Andrei Emeltchenko 3cabbfdad3 Bluetooth: A2MP: Do not reference hci_conn
Make A2MP channel special channel which do not reference hci_conn.
This prevents from keeping ACL connection open when all L2CAP
channels got closed.

hci_conn_hold and hci_conn_put are not reference counts on the
hci_conn structure in the typical way.  They are reference counts for
the ACL.  When you do the last hci_conn_put, the ACL is disconnected
after a timeout.

Reported-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:14 +03:00
Andrei Emeltchenko fd83e2c27c Bluetooth: Do not check func ready existence
Functions will be always defined and in case not implemented as
dummy __no_func.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:14 +03:00
Andrei Emeltchenko 97e8e89d2d Bluetooth: A2MP: Manage incoming connections
Handle incoming A2MP connection by creating AMP manager and
processing A2MP messages.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:14 +03:00
Andrei Emeltchenko 416fa7527d Bluetooth: A2MP: Handling fixed channels
A2MP fixed channel do not have sk

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:13 +03:00
Andrei Emeltchenko f6410a849b Bluetooth: A2MP: Process A2MP Command Responses
Process A2MP responses, print cmd code and ident for now.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:13 +03:00
Andrei Emeltchenko 6113f84fc1 Bluetooth: A2MP: Process A2MP Disc Physlink Request
Placeholder for A2MP Disconnect Physlink Request.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:13 +03:00
Andrei Emeltchenko e072f5dab2 Bluetooth: A2MP: Process A2MP Create Physlink Request
Placeholder for A2MP Create Physlink Request.
Handles requests with invalid controler id as shown below:

...
> ACL data: handle 11 flags 0x02 dlen 50
    A2MP: Create Physical Link req: local id 1 remote id 85
      Assoc data:
        <skipped>
< ACL data: handle 11 flags 0x00 dlen 15
    A2MP: Create Physical Link rsp: local id 85 remote id 1 status 1
      Invalid Controller ID
...

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:13 +03:00
Andrei Emeltchenko a28381dc9c Bluetooth: A2MP: Process A2MP Get AMP Assoc Request
Example trace when receiving AMP Assoc Request with wrong AMP id.
...
> ACL data: handle 11 flags 0x02 dlen 13
    A2MP: Get AMP Assoc req: id 238
< ACL data: handle 11 flags 0x00 dlen 14
    A2MP: Get AMP Assoc rsp: id 238 status (1) Invalid Controller ID
      assoc data:
...

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:13 +03:00
Andrei Emeltchenko 47f2d97d38 Bluetooth: A2MP: Process A2MP Get Info Request
Process A2MP Get Info Request.
Example of trace log for invalid controller id is shown below:

...
> ACL data: handle 11 flags 0x02 dlen 13
    A2MP: Get Info req: id 238
< ACL data: handle 11 flags 0x00 dlen 30
    A2MP: Get Info rsp: id 238 status (1) Invalid Controller ID
...

Note that If the Status field is set to Invalid Controller ID all subsequent
fields in the AMP Get Info Response shall be ignored by the receiver.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:13 +03:00
Andrei Emeltchenko 329d81af29 Bluetooth: A2MP: Process A2MP Change Notify
Placeholder for A2MP Change Notify handler.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:13 +03:00
Andrei Emeltchenko 8598d064cb Bluetooth: A2MP: Process A2MP Discover Request
Adds helper functions to count HCI devs and process A2MP Discover
Request, code makes sure that first controller in the list is
BREDR one. Trace is shown below:

...
> ACL data: handle 11 flags 0x02 dlen 16
    A2MP: Discover req: mtu/mps 670 mask: 0x0000
< ACL data: handle 11 flags 0x00 dlen 22
    A2MP: Discover rsp: mtu/mps 670 mask: 0x0000
      Controller list:
        id 0 type 0 (BR-EDR) status 0x01 (Bluetooth only)
        id 1 type 1 (802.11 AMP) status 0x01 (Bluetooth only)
...

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:12 +03:00
Andrei Emeltchenko 21dbd2ce35 Bluetooth: A2MP: Process A2MP Command Reject
Placeholder for future A2MP Command Reject handler.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:12 +03:00
Andrei Emeltchenko 6b44d9b8d9 Bluetooth: A2MP: Process A2MP messages
Implement basic processing for AMP Manager Protocol (A2MP).

Example below shows processing unrecognized command.
...
> ACL data: handle 11 flags 0x02 dlen 12
    A2MP: code 0x00 ident 3 len 0
< ACL data: handle 11 flags 0x00 dlen 14
    A2MP: Command Reject: reason (0) - Command not recognized
...

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:12 +03:00
Andrei Emeltchenko 46d5c9088f Bluetooth: A2MP: Add chan callbacks
Add L2CAP chan ops callbacks.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:12 +03:00
Andrei Emeltchenko f6d3c6e783 Bluetooth: A2MP: Build and Send msg helpers
Helper function to build and send A2MP messages.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:12 +03:00
Andrei Emeltchenko 9740e49d17 Bluetooth: A2MP: AMP Manager basic functions
Define AMP Manager and some basic functions.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:11 +03:00
Andrei Emeltchenko 466f8004f3 Bluetooth: A2MP: Create A2MP channel
Create and initialize fixed A2MP channel

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:11 +03:00
Andrei Emeltchenko 0181a70f54 Bluetooth: trivial: Use defined PSMLEN instead of magic
Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:11 +03:00
Gustavo Padovan 2dfa1003cc Bluetooth: check for already existent channel before create new one
Move this check to before the channel time creation simplifies the code
and avoid memory allocation if the channel already exist.

Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
Acked-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-06-05 06:34:11 +03:00
Gustavo Padovan 538266929e Bluetooth: Move check for backlog size to l2cap_sock.c
Remove socket specific code from l2cap_core.c

Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
Acked-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-06-05 06:34:11 +03:00
Gustavo Padovan 0797e01d87 Bluetooth: Use chan->state instead of sk->sk_state
These vars are kept in sync so we can use chan->state here.

Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-06-05 06:34:11 +03:00
Andrei Emeltchenko 54a59aa2b5 Bluetooth: Add l2cap_chan->ops->ready()
This move socket specific code to l2cap_sock.c.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-06-05 06:34:11 +03:00
Andrei Emeltchenko c0df7f6e06 Bluetooth: Move clean up code and set of SOCK_ZAPPED to l2cap_sock.c
This remove a bit more of socket code from l2cap core, this calls set the
SOCK_ZAPPED and do some clean up depending on the socket state.

Reported-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-06-05 06:34:10 +03:00
Gustavo Padovan 80b9802795 Bluetooth: Use chan as parameters for l2cap chan ops
Use chan instead of void * makes more sense here.

Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-06-05 06:34:10 +03:00
Sasha Levin 3df92b31b2 Bluetooth: Really fix registering hci with duplicate name
Commit fc50744 ("Bluetooth: Fix registering hci with duplicate name") didn't
fully fix the duplicate naming issue with devices, and duplicate device names
could still be created:

[  142.484097] device: 'hci1': device_add
[...]
[  150.545263] device: 'hci1': device_add
[  150.550128] kobject: 'hci1' (ffff880014cc4e58): kobject_add_internal: parent: 'bluetooth', set: 'devices'
[  150.558979] ------------[ cut here ]------------
[  150.561438] WARNING: at fs/sysfs/dir.c:529 sysfs_add_one+0xb0/0xd0()
[  150.572974] Hardware name: Bochs
[  150.580502] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1'
[  150.584444] Pid: 7563, comm: trinity-child1 Tainted: G        W    3.4.0-next-20120524-sasha #296
[...]

Instead of the weird logic and the attempt at keeping the device list sorted,
just use an IDA.

Signed-off-by: Sasha Levin <levinsasha928@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-06-05 06:34:10 +03:00
Gustavo Padovan 6754e0df13 Bluetooth: Use l2cap_chan_ready() in LE path
This replace code in l2cap_le_conn_ready() by a similar code in
l2cap_chan_ready().

Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-06-05 06:34:10 +03:00
Gustavo Padovan 2f84a2e6a6 Bluetooth: Remove extra l2cap_state_change(BT_CONNECTED)
This is already performed inside l2cap_chan_ready(), so we don't need it
here again.

Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
Acked-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-06-05 06:34:10 +03:00
Gustavo Padovan 35d401df3d Bluetooth: Get a more accurate L2CAP PDU len
Both FCS and Extended header might be or might not be present in a ERTM
channel.

Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
Reviewed-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-06-05 06:34:09 +03:00
Andrei Emeltchenko 82781e634f Bluetooth: Use __constant modifier in HCI code
Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-06-05 06:34:09 +03:00
Andrei Emeltchenko ac73498cbb Bluetooth: Use __constant when dealing with constants
__constant_cpu_to_le16() is the right go here.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:09 +03:00
Andrei Emeltchenko 2983fd6824 Bluetooth: Define and use PSM identifiers
Define assigned Protocol and Service Multiplexor (PSM) identifiers
and use them instead of magic numbers.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:09 +03:00
Gustavo Padovan 6d3c730f03 Bluetooth: Use lmp_ssp_capable() macro
Make the check more user friendly.

Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-06-05 06:34:09 +03:00
Mat Martineau 2d369359f1 Bluetooth: Send a configuration request after security confirmation
Sometimes an ACL link must be raised to a higher security level after
an L2CAP connection is requested, but before a connection response is
sent.  In this case, a connection response sent by L2CAP was not
immediately followed by a configuration request.  Other code paths do
send this configuration request right away.  It was possible for the
connection to stall while L2CAP waited for the remote device (like
PTS) to trigger the configuration process.

Here is an abbreviated hcidump of the failure case with PTS:

1337806446.051982 > ACL data: handle 43 flags 0x02 dlen 10
    L2CAP(s): Info req: type 2
1337806446.052050 < ACL data: handle 43 flags 0x00 dlen 16
    L2CAP(s): Info rsp: type 2 result 0
      Extended feature mask 0x000000b8
1337806446.595320 > ACL data: handle 43 flags 0x02 dlen 12
    L2CAP(s): Connect req: psm 4097 scid 0x0041
1337806446.595673 < ACL data: handle 43 flags 0x00 dlen 16
    L2CAP(s): Connect rsp: dcid 0x0040 scid 0x0041 result 1 status 0
1337806446.595679 < ACL data: handle 43 flags 0x00 dlen 10
    L2CAP(s): Info req: type 2
1337806446.669835 > ACL data: handle 43 flags 0x02 dlen 16
    L2CAP(s): Info rsp: type 2 result 0
      Extended feature mask 0x00000028
1337806446.669899 < HCI Command: Authentication Requested (0x01|0x0011) plen 2
1337806446.669906 < ACL data: handle 43 flags 0x00 dlen 16
    L2CAP(s): Connect rsp: dcid 0x0040 scid 0x0041 result 1 status 1
<security setup here>
1337806446.769888 < ACL data: handle 43 flags 0x00 dlen 16
    L2CAP(s): Connect rsp: dcid 0x0040 scid 0x0041 result 0 status 0

At this point, the connection stalls and no further messages are sent
on the L2CAP signaling channel.  No data is received either.

If we immediately send a configuration request after a successful connect
response, the connection completes:

1337724090.041162 > ACL data: handle 43 flags 0x02 dlen 10
    L2CAP(s): Info req: type 2
1337724090.041236 < ACL data: handle 43 flags 0x00 dlen 16
    L2CAP(s): Info rsp: type 2 result 0
      Extended feature mask 0x000000b8
1337724090.597128 > ACL data: handle 43 flags 0x02 dlen 12
    L2CAP(s): Connect req: psm 4097 scid 0x0041
1337724090.597236 < ACL data: handle 43 flags 0x00 dlen 16
    L2CAP(s): Connect rsp: dcid 0x0040 scid 0x0041 result 1 status 0
1337724090.597244 < ACL data: handle 43 flags 0x00 dlen 10
    L2CAP(s): Info req: type 2
1337724090.660842 > ACL data: handle 43 flags 0x02 dlen 16
    L2CAP(s): Info rsp: type 2 result 0
      Extended feature mask 0x00000028
1337724090.660926 < HCI Command: Authentication Requested (0x01|0x0011) plen 2
1337724090.660934 < ACL data: handle 43 flags 0x00 dlen 16
    L2CAP(s): Connect rsp: dcid 0x0040 scid 0x0041 result 1 status 1
<security setup here>
1337724090.755162 < ACL data: handle 43 flags 0x00 dlen 16
    L2CAP(s): Connect rsp: dcid 0x0040 scid 0x0041 result 0 status 0
1337724090.755171 < ACL data: handle 43 flags 0x00 dlen 23
    L2CAP(s): Config req: dcid 0x0041 flags 0x00 clen 11
1337724091.361847 > ACL data: handle 43 flags 0x02 dlen 29
    L2CAP(s): Config rsp: scid 0x0040 flags 0x00 result 0 clen 15
1337724091.863808 > ACL data: handle 43 flags 0x02 dlen 23
    L2CAP(s): Config req: dcid 0x0040 flags 0x00 clen 11
1337724091.863882 < ACL data: handle 43 flags 0x00 dlen 29
    L2CAP(s): Config rsp: scid 0x0041 flags 0x00 result 0 clen 15
1337724092.683745 > ACL data: handle 43 flags 0x02 dlen 12
    L2CAP(d): cid 0x0040 len 8 [psm 4097]
      0000: 00 00 11 22 33 44 34 2f                           ..."3D4/

Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-06-05 06:34:08 +03:00
Andrei Emeltchenko 59e54bd15d Bluetooth: Define L2CAP conf continuation flag
Define Continuation flag which the only flag used from Flags field
in L2CAP Configuration Request and Response.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-06-05 06:34:08 +03:00
Gustavo Padovan 8449e381a8 Bluetooth: Remove unneeded EXPORT_SYMBOL
After l2cap, sco and bluetooth modules merge some symbols doesn't need to
be exported anymore.

Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-06-05 06:34:08 +03:00
Gustavo Padovan 8c520a5992 Bluetooth: Remove unnecessary headers include
Most of the include were unnecessary or already included by some other
header.
Replace module.h by export.h where possible.

Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-06-05 06:34:08 +03:00
Gustavo Padovan 8fc9ced398 Bluetooth: Fix coding style in the subsystem
This is some leftover from the last patches that fixed style. It is mostly
line over 80 characters fixes reported by checkpatch.pl.
checkpatch.pl is clean for these files now.

Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-06-05 06:34:08 +03:00
Gustavo Padovan fc5fef615a Bluetooth: Remove 'register' usage from the subsystem
Let the compiler chooses what is best.

Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-06-05 06:34:07 +03:00
Gustavo Padovan 6039aa73a1 Bluetooth: Remove most of the inline usage
Only obvious cases were left as inline, mostly oneline functions.

Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-06-05 06:34:07 +03:00
Andrei Emeltchenko 4f42a8cd49 Bluetooth: trivial: Remove empty line
Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-06-05 06:34:07 +03:00
Andrei Emeltchenko 5325e5bb86 Bluetooth: Preserve L2CAP flags values
Previous callers of l2cap_build_conf_rsp in l2cap_config_req use
flags instead of continuation flag hardcoded value. It does not change
logic and preserve future possible flags.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-06-05 06:34:07 +03:00
Andrei Emeltchenko 9b3b44604a Bluetooth: Use defined link key size
Remove magic number with defined link key size.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-06-05 06:34:06 +03:00
Szymon Janc a6c511c636 Bluetooth: Rename HCI_QUIRK_NO_RESET to HCI_QUIRK_RESET_ON_CLOSE
HCI_QUIRK_NO_RESET name is misleading - purpose of this quirk is to
reset device on close instead of init, not to not reset at all.
Rename it to HCI_QUIRK_RESET_ON_CLOSE to avoid confusion.

Signed-off-by: Szymon Janc <szymon.janc@tieto.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-06-05 06:34:06 +03:00
Gustavo Padovan d660366d53 Bluetooth: Remove dead int returns
These functions were returning always 0, we just make then void.

Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
Reviewed-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-06-05 06:34:06 +03:00
Gustavo Padovan be4aad05af Bluetooth: Remove double check for BT_CONNECTED
The same check is done just before call l2cap_streaming_send()

Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
Reviewed-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-06-05 06:34:06 +03:00
Andrei Emeltchenko 401bb1f768 Bluetooth: Silent sparse warnings
Silence warnings below:

net/bluetooth/l2cap_core.c:1662:24: warning: Using plain integer
as NULL pointer
net/bluetooth/l2cap_core.c:1662:27: warning: Using plain integer
as NULL pointer
net/bluetooth/l2cap_core.c:1683:24: warning: Using plain integer
as NULL pointer
net/bluetooth/l2cap_core.c:1683:27: warning: Using plain integer
as NULL pointer
net/bluetooth/l2cap_core.c:2260:46: warning: Using plain integer
as NULL pointer
net/bluetooth/l2cap_core.c:2574:33: warning: Using plain integer
as NULL pointer
net/bluetooth/l2cap_core.c:2581:33: warning: Using plain integer
as NULL pointer
net/bluetooth/l2cap_core.c:4556:24: warning: Using plain integer
as NULL pointer
net/bluetooth/l2cap_core.c:4556:27: warning: Using plain integer
as NULL pointer

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:06 +03:00
Gustavo Padovan ee556f662c Bluetooth: Do not purge queue in Basic Mode
chan->tx_q is only initialized if we use ERTM or Streaming mode.

Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-06-05 06:34:05 +03:00
Mat Martineau d1de6d46dc Bluetooth: Enable ERTM by default
This enables the new receive and transmit state machines.

Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:05 +03:00
Mat Martineau 273759e2c3 Bluetooth: Set txwin values for streaming mode
The transmit window values must be configured for streaming mode, even
though streaming mode does not have a window.  This enables use of
extended headers when the transmit window socket option is set to 64
or larger.

Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:05 +03:00
Mat Martineau 6ea0048575 Bluetooth: Remove unneccesary inline
Let the compiler decide if inlining is appropriate.

Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:05 +03:00
Mat Martineau 0362520bf9 Bluetooth: Simplify the ERTM ack timeout
Since l2cap_send_ack can trigger extra actions like sending iframes,
don't call it.  Just send an RR or RNR frame if an ack needs sending.

Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:05 +03:00
Mat Martineau 80909e04de Bluetooth: Use the ERTM transmit state machine from timeout handlers
Different states have different actions for retransmit and monitor
timeouts, so remove the logic for those actions from the timer handlers.

Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:04 +03:00
Mat Martineau 4239d16f36 Bluetooth: Check rules when setting retransmit or monitor timers
The ERTM specification requires the retransmit timer to be cancelled
when the monitor timer is set.  The retransmit timer cannot be set
again while the monitor timer is pending.

Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:04 +03:00
Mat Martineau c9e3d5e004 Bluetooth: Use new header structures in l2cap_send_rr_or_rnr
struct l2cap_ctrl is now used, and the sframe is now sent directly
rather than depending on a separate call.

Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:04 +03:00
Mat Martineau fcd289df88 Bluetooth: Handle incoming REJ frames
REJ frames are sent by the remote device to request that all frames
after a given sequence number be retransmitted.  These are also an
implicit indication that the remote device is not in a busy state and
can receive new iframes.

Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:04 +03:00
Mat Martineau f80842a83e Bluetooth: Handle SREJ requests to resend unacked frames
When a remote device sends an SREJ, retransmit the frame with the
corresponding sequence number (subject to special cases with poll and
final flags).  An SREJ is also an implicit indication the the remote
device is not in a busy state.

Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:04 +03:00
Mat Martineau 63838725c6 Bluetooth: Reassemble all available data when retransmissions succeed.
As retransmitted packets arrive, attempt to reassemble SDUs.  If all
requested retransmissions have been received, acknowledge them and
transition back to the RECV state.

Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:04 +03:00
Mat Martineau bed68bde7e Bluetooth: Send SREJ frames when packets go missing
The ERTM specification lays out three scenarios for sending SREJ
frames to request retransmission of specific frames.  l2cap_send_srej
requests all frames up to a given txseq that are not already queued
for reassembly.  l2cap_send_srej_tail only requests the most recent
missing frame.  l2cap_send_srej_list resends SREJ frames for data that
was requested for resend but never received.

Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:04 +03:00
Mat Martineau e1fbd4c19a Bluetooth: Add implementation for retransmitting all unacked frames
This adds l2cap_ertm_resend to retransmit frames based on the sequence
numbers in chan->retrans_list.  If the retransmit limit is reached for
any individual frame is reached, the connection is dropped.  skbs that
are cloned already are copied to avoid modifying shared data (this is
uncommon).  To retransmit all frames, l2cap_retransmit_all now builds
a list of all unacked sequence numbers and then calls
l2cap_ertm_resend.

Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:03 +03:00
Mat Martineau d2a7ac5d5d Bluetooth: Add the ERTM receive state machine
This adds a top-level state machine with handlers for two receive
states defined in the ERTM spec, RECV and SREJ_SENT.  The reqseq value
of the incoming frame is also validated at the top level and a
disconnection is forced if it is invalid.  The actions for the RECV
and SREJ_SENT states are implemented according to the state tables in
the ERTM specification.

Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:03 +03:00
Mat Martineau e31f763372 Bluetooth: Update l2cap_send_i_or_rr_or_rnr to fit the spec better
This action now exactly matches what is defined in the ERTM
specification, including clearing the remote busy flag and setting the
retransmit timer rather than retransmitting frames directly.  The spec
does not retransmit frames as part of this action, since
retransmission is only triggered by REJ, SREJ, or an RR with the final
bit set.  struct l2cap_ctrl is also used to set up header values.

Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:03 +03:00
Mat Martineau 61aa4f5b9f Bluetooth: Use the transmit state machine for busy state changes
This lets the transmit state machine handle local busy state changes,
since different actions are taken in the different transmit states.

Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:03 +03:00
Mat Martineau 0a0aba42b8 Bluetooth: Refactor l2cap_send_ack
The function now encapsulates more of the logic to either immediately
send an ack if the transmit window is over 75% full, or wait for the
ack timer to expire if the transmit window is not full enough.  It is
also able to push out waiting iframes that can carry an
acknowledgement.

Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:03 +03:00
Mat Martineau f5dbb0772d Bluetooth: Remove receive code that has been superceded
This deletes the receive code that had handlers for each frame type at
the top level, and then had logic to determine the receive state
within each handler.

Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:03 +03:00
Mat Martineau 4b51dae967 Bluetooth: Add streaming mode receive and incoming packet classifier
Streaming mode reception is fairly simple, with in-sequence frames
being reassembled as they arrive.  Out-of-sequence frames are dropped,
and also clear any partially-assembled SDUs that may exist.

The packet classifier determines if the txseq value of the incoming
packet is expected, invalid (resulting in a disconnection), invalid
(ignorable), duplicate, or having to do with an SREJ request that was
previously sent.  The rules for each classification are defined in the
ERTM specification, and consolidating these rules in one place helps
clarify the receive state machine.

Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:03 +03:00
Mat Martineau cec8ab6e20 Bluetooth: Consolidate common receive code for ERTM and streaming mode
Creates a new l2cap_data_rcv function that combines previous code from
l2cap_ertm_data_rcv and l2cap_data_channel.  This reduces duplicate
code for streaming mode, and sets up a framework for the ERTM receive
state machine.

Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:03 +03:00
Mat Martineau a67d7f6fca Bluetooth: Refactor l2cap_send_sframe
The new implementation uses struct l2cap_ctrl to set up the sframe
fields, and also reduces duplicate acks by canceling the ack timer
whenever an RR or RNR frame is sent.  sframe PDU generation is also
split in to a separate function to separate it from the logic related
to the connection state and sframe type.

Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:02 +03:00
Mat Martineau 18a48e7664 Bluetooth: Refactor l2cap_ertm_send
The new implementation is aware of the new transmit state machine, and
uses struct l2cap_ctrl to compose ERTM headers.  It also has improved
error handling for allocation failures, and does not send the packet
until after all skb and channel data structures are updated.

Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:02 +03:00
Mat Martineau 3733937d96 Bluetooth: Refactor l2cap_streaming_send
This new implementation uses struct l2cap_ctrl to compose the
streaming mode headers.

Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:02 +03:00
Mat Martineau 608bcc6d70 Bluetooth: Add a new L2CAP ERTM transmit state machine.
This implements a top-level transmit state machine with handlers for
the two ERTM states defined in the specification: XMIT and WAIT_F.

The state machine accepts an event and, optionally, a list of skbs to
transmit.  In addition to data transmission, the local busy state can
be modified, acks are processed, and monitor and retransmit timeouts
are handled.  This mirrors the structure of the state tables in the
spec.

Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:02 +03:00
Mat Martineau b191e031b7 Bluetooth: Change default state of ERTM disable flag
This is to allow for ERTM state machine replacement in the patches
that follow.

Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:34:02 +03:00
Mat Martineau 2827011f66 Bluetooth: Fix early return from l2cap_chan_del
This fixes a regression from commit
2ead70b839 that is present in all
kernels starting at v3.0.

When L2CAP information was moved to struct l2cap_chan, a check was
added to l2cap_chan_del to avoid certain cleanup operations when ERTM
or streaming mode had not yet been initialized.  The logic in the
check did not take in to account that chan->conf_state is set to 0 in
l2cap_chan_ready, so l2cap_chan_del failed to cancel timers and leaked
memory any time the ERTM queues or lists were not empty.

This change makes sure that l2cap_chan_del only returns early if
ERTM initialization was not performed.

Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-06-05 06:34:02 +03:00
Mat Martineau 9dc9affcb7 Bluetooth: Free allocated ERTM SREJ list if init fails
If the ERTM SREJ list is properly allocated but the retransmit list
allocation fails, the SREJ list must be freed before returning from
l2cap_ertm_init.  l2cap_chan_del will not clean up the SREJ list
if l2cap_ertm_init returns a failure code.

Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-06-05 06:34:02 +03:00
Gustavo Padovan a8c5fb1afe Bluetooth: Fix coding style in hci_core.c
Follow net subsystem rules.

Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-06-05 06:34:01 +03:00
Gustavo Padovan 5974e4c469 Bluetooth: Fix coding style in hci_conn.c
Follow net subsystem rules.

Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-06-05 06:34:01 +03:00
Gustavo Padovan 807deac275 Bluetooth: Fix coding style in hci_event.c
Follow the net subsystem rules.

Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-06-05 06:34:01 +03:00
Gustavo Padovan b80f021f70 Bluetooth: Fix coding style in hci_sysfs.c
Follow the net subsystem rules.

Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-06-05 06:34:01 +03:00
Gustavo Padovan 3bb3c7551c Bluetooth: Fix coding style in hci_sock.c
Follow the net subsystem rules.

Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-06-05 06:34:01 +03:00
Gustavo Padovan be7c2b99e9 Bluetooth: Fix coding style in sco.c
Follow the net subsystem rules.

Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-06-05 06:34:01 +03:00
Gustavo Padovan 8ce8e2b56f Bluetooth: Fix coding style in mgmt.c
Follow the coding style of the net subsystem.

Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-06-05 06:34:01 +03:00
Vinicius Costa Gomes ddcd0f4147 Bluetooth: Fix checking the wrong flag when accepting a socket
Most probably a typo, the check should have been for BT_SK_DEFER_SETUP
instead of BT_DEFER_SETUP (which right now only represents a socket
option).

Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Acked-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-05 06:26:26 +03:00
Linus Torvalds f309532bf3 tty: Revert the tty locking series, it needs more work
This reverts the tty layer change to use per-tty locking, because it's
not correct yet, and fixing it will require some more deep surgery.

The main revert is d29f3ef39b ("tty_lock: Localise the lock"), but
there are several smaller commits that built upon it, they also get
reverted here. The list of reverted commits is:

  fde86d3108 - tty: add lockdep annotations
  8f6576ad47 - tty: fix ldisc lock inversion trace
  d3ca8b64b9 - pty: Fix lock inversion
  b1d679afd7 - tty: drop the pty lock during hangup
  abcefe5fc3 - tty/amiserial: Add missing argument for tty_unlock()
  fd11b42e35 - cris: fix missing tty arg in wait_event_interruptible_tty call
  d29f3ef39b - tty_lock: Localise the lock

The revert had a trivial conflict in the 68360serial.c staging driver
that got removed in the meantime.

Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2012-06-02 15:21:43 -07:00
Linus Torvalds 28f3d71761 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
Pull more networking updates from David Miller:
 "Ok, everything from here on out will be bug fixes."

1) One final sync of wireless and bluetooth stuff from John Linville.
   These changes have all been in his tree for more than a week, and
   therefore have had the necessary -next exposure.  John was just away
   on a trip and didn't have a change to send the pull request until a
   day or two ago.

2) Put back some defines in user exposed header file areas that were
   removed during the tokenring purge.  From Stephen Hemminger and Paul
   Gortmaker.

3) A bug fix for UDP hash table allocation got lost in the pile due to
   one of those "you got it..  no I've got it.." situations.  :-)

   From Tim Bird.

4) SKB coalescing in TCP needs to have stricter checks, otherwise we'll
   try to coalesce overlapping frags and crash.  Fix from Eric Dumazet.

5) RCU routing table lookups can race with free_fib_info(), causing
   crashes when we deref the device pointers in the route.  Fix by
   releasing the net device in the RCU callback.  From Yanmin Zhang.

* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (293 commits)
  tcp: take care of overlaps in tcp_try_coalesce()
  ipv4: fix the rcu race between free_fib_info and ip_route_output_slow
  mm: add a low limit to alloc_large_system_hash
  ipx: restore token ring define to include/linux/ipx.h
  if: restore token ring ARP type to header
  xen: do not disable netfront in dom0
  phy/micrel: Fix ID of KSZ9021
  mISDN: Add X-Tensions USB ISDN TA XC-525
  gianfar:don't add FCB length to hard_header_len
  Bluetooth: Report proper error number in disconnection
  Bluetooth: Create flags for bt_sk()
  Bluetooth: report the right security level in getsockopt
  Bluetooth: Lock the L2CAP channel when sending
  Bluetooth: Restore locking semantics when looking up L2CAP channels
  Bluetooth: Fix a redundant and problematic incoming MTU check
  Bluetooth: Add support for Foxconn/Hon Hai AR5BBU22 0489:E03C
  Bluetooth: Fix EIR data generation for mgmt_device_found
  Bluetooth: Fix Inquiry with RSSI event mask
  Bluetooth: improve readability of l2cap_seq_list code
  Bluetooth: Fix skb length calculation
  ...
2012-05-24 11:54:29 -07:00
Linus Torvalds 3c2c4b73aa Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid
Pull HID subsystem updates from Jiri Kosina:
 "Apart from various driver updates and added support for a number of
  new devices (mostly multitouch ones, but not limited to), there is one
  change that is worth pointing out explicitly: creation of HID device
  groups and proper autoloading of hid-multitouch, implemented by Henrik
  Rydberg."

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid: (50 commits)
  HID: wacom: fix build breakage without CONFIG_LEDS_CLASS
  HID: waltop: Extend barrel button fix
  HID: hyperv: Set the hid drvdata correctly
  HID: wacom: Unify speed setting
  HID: wacom: Add speed setting for Intuos4 WL
  HID: wacom: Move Graphire raport header check.
  HID: uclogic: Add support for UC-Logic TWHL850
  HID: explain the signed/unsigned handling in hid_add_field()
  HID: handle logical min/max signedness properly in parser
  HID: logitech: read all 32 bits of report type bitfield
  HID: wacom: Add LED selector control for Wacom Intuos4 WL
  HID: hid-multitouch: fix wrong protocol detection
  HID: wiimote: Fix IR data parser
  HID: wacom: Add tilt reporting for Intuos4 WL
  HID: multitouch: MT interface matching for Baanto
  HID: hid-multitouch: Only match MT interfaces
  HID: Create a common generic driver
  HID: hid-multitouch: Switch to device groups
  HID: Create a generic device group
  HID: Allow bus wildcard matching
  ...
2012-05-22 19:21:48 -07:00
Linus Torvalds 94b5aff4c6 TTY pull request for 3.5-rc1
Here's the big TTY/serial driver pull request for the 3.5-rc1 merge window.
 
 Nothing major in here, just lots of incremental changes from Alan and
 Jiri reworking some tty core things to behave better and to get a more
 solid grasp on some of the nasty tty locking issues.
 
 There are a few tty and serial driver updates in here as well.
 
 All of this has been in the linux-next releases for a while with no problems.
 
 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.18 (GNU/Linux)
 
 iEYEABECAAYFAk+7rBoACgkQMUfUDdst+ykXsgCfeDKx6ZgLidYy3H40Y2Pt3XEO
 TicAn1fcdGwOmMR/mowa+kTA68D/J6i2
 =S7tG
 -----END PGP SIGNATURE-----

Merge tag 'tty-3.5-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty

Pull TTY updates from Greg Kroah-Hartman:
 "Here's the big TTY/serial driver pull request for the 3.5-rc1 merge
  window.

  Nothing major in here, just lots of incremental changes from Alan and
  Jiri reworking some tty core things to behave better and to get a more
  solid grasp on some of the nasty tty locking issues.

  There are a few tty and serial driver updates in here as well.

  All of this has been in the linux-next releases for a while with no
  problems.

  Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>"

* tag 'tty-3.5-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty: (115 commits)
  serial: bfin_uart: Make MMR access compatible with 32 bits bf609 style controller.
  serial: bfin_uart: RTS and CTS MMRs can be either 16-bit width or 32-bit width.
  serial: bfin_uart: narrow the reboot condition in DMA tx interrupt
  serial: bfin_uart: Adapt bf5xx serial driver to bf60x serial4 controller.
  Revert "serial_core: Update buffer overrun statistics."
  tty: hvc_xen: NULL dereference on allocation failure
  tty: Fix LED error return
  tty: Allow uart_register/unregister/register
  tty: move global ldisc idle waitqueue to the individual ldisc
  serial8250-em: Add DT support
  serial8250-em: clk_get() IS_ERR() error handling fix
  serial_core: Update buffer overrun statistics.
  tty: drop the pty lock during hangup
  cris: fix missing tty arg in wait_event_interruptible_tty call
  tty/amiserial: Add missing argument for tty_unlock()
  tty_lock: Localise the lock
  pty: Lock the devpts bits privately
  tty_lock: undo the old tty_lock use on the ctty
  serial8250-em: Emma Mobile UART driver V2
  Add missing call to uart_update_timeout()
  ...
2012-05-22 16:12:24 -07:00
John W. Linville a0d0d1685f Merge git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next 2012-05-22 15:18:06 -04:00
David S. Miller 028940342a Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2012-05-16 22:17:37 -04:00
Gustavo Padovan d839c81372 Bluetooth: Report proper error number in disconnection
If encryption change fails we should disconnect with auth failure error
code.

Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
2012-05-16 16:14:24 -03:00
Gustavo Padovan c5daa683f2 Bluetooth: Create flags for bt_sk()
defer_setup and suspended are now flags into bt_sk().

Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
2012-05-16 16:14:17 -03:00
Gustavo Padovan c6585a4da0 Bluetooth: report the right security level in getsockopt
During a security level elevation we need to keep track of the current
security level of a connection until the new one is not confirmed.

Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
2012-05-16 16:14:09 -03:00
Mat Martineau a6a5568c03 Bluetooth: Lock the L2CAP channel when sending
The ERTM and streaming mode transmit queue must only be accessed while
the L2CAP channel lock is held.  Locking the channel before calling
l2cap_chan_send ensures that multiple threads cannot simultaneously
manipulate the queue when sending and receiving concurrently.

L2CAP channel locking had previously moved to the l2cap_chan struct
instead of the associated socket, so some of the old socket locking
can also be removed in this patch.

Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
2012-05-16 16:14:02 -03:00
Mat Martineau ef191aded5 Bluetooth: Restore locking semantics when looking up L2CAP channels
As the comment for l2cap_get_chan_by_scid indicated, the function used
to return a locked socket.  The lock for the socket was acquired while
the channel list was also locked.

When locking was moved over to the l2cap_chan structure, the channel
lock was no longer acquired with the channel list still locked.  This
made it possible for the l2cap_chan to be deleted after
conn->chan_lock was released but before l2cap_chan_lock was called.
Making the call to l2cap_chan_lock before releasing conn->chan_lock
makes it impossible for the l2cap_chan to be deleted at the wrong
time.

Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Reviewed-by: Ulisses Furquim <ulisses@profusion.mobi>
Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
2012-05-16 16:13:51 -03:00
Mat Martineau 35c84d76ee Bluetooth: Fix a redundant and problematic incoming MTU check
The L2CAP MTU for incoming data is verified differently depending on
the L2CAP mode, so the check is best performed in a mode-specific
context.  Checking the incoming MTU before HCI fragment reassembly is
a layer violation and assumes all bytes after the standard L2CAP
header are L2CAP data.

This approach causes issues with unsegmented ERTM or streaming mode
frames, where there are additional enhanced or extended headers before
the data payload and possible FCS bytes after the data payload.  A
valid frame could be as many as 10 bytes larger than the MTU.

Removing this code is the best fix, because the MTU is checked later
on for all L2CAP data frames (connectionless, basic, ERTM, and
streaming).  This also gets rid of outdated locking (socket instead of
l2cap_chan) and an extra lookup of the channel ID.

Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Reviewed-by: Ulisses Furquim <ulisses@profusion.mobi>
Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
2012-05-16 16:13:37 -03:00
Vishal Agarwal 9d939d9484 Bluetooth: Fix EIR data generation for mgmt_device_found
The mgmt_device_found function expects to receive only the significant
part of the EIR data so it needs to be removed before calling the
function. This patch adds a new eir_get_length() helper function to
calculate the length of the significant part.

Signed-off-by: Vishal Agarwal <vishal.agarwal@stericsson.com>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
2012-05-16 16:13:19 -03:00
Johan Hedberg a24299e6c8 Bluetooth: Fix Inquiry with RSSI event mask
The right bit for "Inquiry with RSSI" is 0x02 and not 0x04 (which means
"Read Remote Extended Features Complete").

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-05-16 16:13:14 -03:00
Gustavo Padovan f522ae363d Bluetooth: improve readability of l2cap_seq_list code
Removes one indentation level.

Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
2012-05-16 16:13:06 -03:00
Gustavo Padovan 2d0ed3d587 Bluetooth: Fix skb length calculation
When we add a fragment to a skb, len and data_len fields need to be
updated.

Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
2012-05-16 16:12:56 -03:00
Gustavo Padovan 087bfd99f7 Bluetooth: Fix packet size provided to the controller
When building fragmented skb's skb->len keeps track of the size of head
plus all fragments combined, however when queueing the skb for sending we
need to report the head size instead of the total size, so we just set
skb->len to skb_headlen().

This bug appeared when implementing MSG_MORE support for L2CAP sockets, it
never showed up before because l2cap_skbuff_fromiovec() never accounted skb
size correctly. A following patch will fix this.

Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
Reviewed-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
2012-05-16 16:12:49 -03:00
Gustavo Padovan fbe0070092 Bluetooth: Fix wrong set of skb fragments
If alloc() fails we let the frags linked list with garbage value (the
err ptr value) in its last element.

Reported-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
2012-05-16 16:12:32 -03:00
Gustavo Padovan 08e6d907fe Merge git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth 2012-05-16 16:11:44 -03:00
Mat Martineau d34c34fb25 Bluetooth: Initialize the transmit queue for L2CAP streaming mode
Commit 105bdf9ec1 introduced a
regression in L2CAP streaming mode due to rearranged initialization
code that is shared between ERTM and streaming mode.  This change
makes sure the transmit queue is initialized in both modes.

Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Acked-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
2012-05-15 20:28:16 -03:00
Mat Martineau 577cfaeb86 Bluetooth: Update tx_send_head when sending ERTM data
Commit 94122bbe9c introduced a problem
where tx_send_head was not set to point to the first skb in the ERTM
transmit queue, which stalled data transmission.  This change sets
that pointer when transmission is not already in progress.

Reported-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
2012-05-14 16:32:11 -03:00
Johan Hedberg 671267bf3a Bluetooth: mgmt: Fix device_connected sending order
The mgmt_ev_device_connected signal must be sent before any event
indications happen for sockets associated with the connection. Otherwise
e.g. device authorization for the sockets will fail with ENOTCONN as
user space things that there is no baseband link.

This patch fixes the issue by ensuring that the device_connected event
if sent (if it hasn't been so already) as soon as the first ACL data
packet arrives from the remote device.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-05-14 13:56:15 -04:00
Gustavo Padovan a7d7723ae7 Bluetooth: notify userspace of security level change
It fixes L2CAP socket based security level elevation during a
connection. The HID profile needs this (for keyboards) and it is the only
way to achieve the security level elevation when using the management
interface to talk to the kernel (hence the management enabling patch
being the one that exposes this issue).

It enables the userspace a security level change when the socket is
already connected and create a way to notify the socket the result of the
request. At the moment of the request the socket is made non writable, if
the request fails the connections closes, otherwise the socket is made
writable again, POLL_OUT is emmited.

Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-05-14 13:51:25 -04:00
Joe Perches c47fc9814c bluetooth: Convert compare_ether_addr to ether_addr_equal
Use the new bool function ether_addr_equal to add
some clarity and reduce the likelihood for misuse
of compare_ether_addr for sorting.

Done via cocci script:

$ cat compare_ether_addr.cocci
@@
expression a,b;
@@
-	!compare_ether_addr(a, b)
+	ether_addr_equal(a, b)

@@
expression a,b;
@@
-	compare_ether_addr(a, b)
+	!ether_addr_equal(a, b)

@@
expression a,b;
@@
-	!ether_addr_equal(a, b) == 0
+	ether_addr_equal(a, b)

@@
expression a,b;
@@
-	!ether_addr_equal(a, b) != 0
+	!ether_addr_equal(a, b)

@@
expression a,b;
@@
-	ether_addr_equal(a, b) == 0
+	!ether_addr_equal(a, b)

@@
expression a,b;
@@
-	ether_addr_equal(a, b) != 0
+	ether_addr_equal(a, b)

@@
expression a,b;
@@
-	!!ether_addr_equal(a, b)
+	ether_addr_equal(a, b)

Signed-off-by: Joe Perches <joe@perches.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-05-09 20:49:18 -04:00
Cristian Chilipirea 53168e5b3b Bluetooth: Fixed checkpatch warnings
Fixed some checkpatch warnings in mgmt.c.

Signed-off-by: Cristian Chilipirea <cristian.chilipirea@gmail.com>
Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
2012-05-09 03:06:09 -03:00
Eldad Zack 000092b0b4 Bluetooth: bnep: use constant for ethertype
The dot1q ethertype number (0x8100) is embedded in the code, although
it is already defined in included headers.

Signed-off-by: Eldad Zack <eldad@fogrefinery.com>
Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
2012-05-09 01:40:54 -03:00
Mat Martineau 94122bbe9c Bluetooth: Refactor L2CAP ERTM and streaming transmit segmentation
Use more common code for ERTM and streaming mode segmentation and
transmission, and begin using skb control block data for delaying
extended or enhanced header generation until just before the packet is
transmitted.  This code is also better suited for resegmentation,
which is needed when L2CAP links are reconfigured after an AMP channel
move.

Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Reviewed-by: Ulisses Furquim <ulisses@profusion.mobi>
Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
2012-05-09 01:40:53 -03:00
Andrei Emeltchenko daf6a78c16 Bluetooth: Remove unneeded calculation and magic number
Remove magic number unneeded calculation since
hlen = L2CAP_HDR_SIZE + L2CAP_PSMLEN_SIZE

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
2012-05-09 01:40:53 -03:00
Gustavo Padovan f2ba7fae04 Bluetooth: Remove hlen variable
hlen has a fixed size of L2CAP_HDR_SIZE, use this instead.

Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
2012-05-09 01:40:52 -03:00
Marcel Holtmann 9d42820f37 Bluetooth: Enable Low Energy support by default
The Bluetooth Low Energy support so far was disabled by default via
a module parameter. With this change the module parameter will be removed
and Low Energy is enabled by default.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
2012-05-09 01:40:52 -03:00
Syam Sidhardhan 2ee8ce35b1 Bluetooth: Remove unused hci_le_ltk_neg_reply()
No one is using hci_le_ltk_neg_reply() in bluetooth subsystem.

Signed-off-by: Syam Sidhardhan <s.syam@samsung.com>
Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
2012-05-09 01:40:51 -03:00
Gustavo Padovan 6ff9b5ef5e Bluetooth: Remove unneeded elements from size calculation
hlen - L2CAP_HDR_SIZE = 0, so we don't need to add them in the
calculation.

Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
2012-05-09 01:40:50 -03:00
Syam Sidhardhan e10b9969f2 Bluetooth: Remove unused hci_le_ltk_reply()
In this API, we were using sizeof operator for an array
given as function argument, which is invalid.
However this API is not used anywhere.

Signed-off-by: Syam Sidhardhan <s.syam@samsung.com>
Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
2012-05-09 01:40:50 -03:00
Mat Martineau 422e925b5b Bluetooth: Add Code Aurora Forum copyright
Adding Code Aurora Forum copyright information due to significant
additions of code.

Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
2012-05-09 01:40:49 -03:00
Mat Martineau 61d6ef3e34 Bluetooth: Make better use of l2cap_chan reference counting
L2CAP sockets contain a pointer to l2cap_chan that needs to be
reference counted in order to prevent a possible dangling pointer when
the channel is freed.

There were a few other cases where an l2cap_chan pointer on the stack
was dereferenced after a call to l2cap_chan_del. Those pointers are
also now reference counted.

Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
2012-05-09 01:40:49 -03:00
Mat Martineau dbd89fddc1 Bluetooth: Remove unused function
l2cap_get_chan_by_ident was not used, but didn't generate a compiler
warning because it was an inline function.

Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
2012-05-09 01:40:48 -03:00
Mat Martineau 105bdf9ec1 Bluetooth: Initialize new l2cap_chan structure members
Structure members used by ERTM or streaming mode need to be
initialized when an ERTM or streaming mode link is configured.  Some
duplicate code is also eliminated by moving in to the ERTM init
function.

Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
2012-05-09 01:40:48 -03:00
Mat Martineau b5c6aaed18 Bluetooth: Move recently-added ERTM header packing functions
Moving these functions simplifies future patches by eliminating
forward declarations, makes future patches easier to review, and
better preserves 'git blame' information.

Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
2012-05-09 01:40:47 -03:00
Mat Martineau 3ce3514f5d Bluetooth: Remove duplicate structure members from bt_skb_cb
These values are now in the nested l2cap_ctrl struct.

Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
2012-05-09 01:40:47 -03:00
Andre Guedes 479453d5fe Bluetooth: Remove advertising cache
User-space pass the remote device address type to kernel through
struct sockaddr_l2 what makes the advertising useless. This patch
removes all advertising cache code.

Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Acked-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-05-09 01:40:46 -03:00
Andre Guedes 8e9f98921c Bluetooth: Use address type info from user-space
In order to establish a LE connection we need the address type
information. User-space already pass this information to kernel
through struct sockaddr_l2.

This patch adds the dst_type parameter to l2cap_chan_connect so we
are able to pass the address type info from user-space down to
hci_conn layer.

Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Acked-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-05-09 01:40:45 -03:00
Andre Guedes b12f62cfd9 Bluetooth: Add dst_type parameter to hci_connect
This patch adds the dst_type parameter to hci_connect function.
Instead of searching the address type in advertising cache, we
use the dst_type parameter to establish LE connections.

The dst_type is ignored for BR/EDR connection establishment.

Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Acked-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-05-09 01:40:45 -03:00
Andre Guedes 31f7956c66 Bluetooth: Move bdaddr_to_le to hci_core
This patch moves the helper function bdaddr_to_le to hci_core, so it
can be used in mgmt.c and hci_conn.c.

Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Acked-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-05-09 01:40:44 -03:00
Andre Guedes 378b5b7e84 Bluetooth: Rename mgmt_to_le to bdaddr_to_le
Since address type macros are not only related to Management
Interface anymore, it makes sense to rename the helper function
mgmt_to_le to bdaddr_to_le.

Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Acked-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-05-09 01:40:44 -03:00
Andre Guedes 57c1477c2c Bluetooth: Rename link_to_mgmt to link_to_bdaddr
Since address type macros are not only related to Management
Interface anymore, it makes sense to rename the helper function
link_to_mgmt to link_to_bdaddr.

Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Acked-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-05-09 01:40:43 -03:00
Andre Guedes 591f47f31b Bluetooth: Move address type macros to bluetooth.h
This patch moves address type macros to bluetooth.h since they will be
used by management interface and Bluetooth socket interface. It also
replaces the macro prefix MGMT_ADDR_ by BDADDR_.

Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Acked-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-05-09 01:40:42 -03:00
Andre Guedes b29050448a Bluetooth: Remove useless code in hci_connect
This patch removes unneeded variable assignments in hci_connect.
'sec_level' is already assigned to BT_SECURITY_LOW in hci_le_connect
and 'pending_sec_level' and 'auth_type' are assigned right after
if statement.

Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-05-09 01:40:42 -03:00
Vinicius Costa Gomes 9f0caeb1de Bluetooth: Add support for reusing the same hci_conn for LE links
As most LE devices leave advertising mode when they enter the connected
state, we may want to "pass" that connection to other users.

The first user will be the pairing procedure, the connection is
established without an associated socket, after the pairing is
complete, userspace may want to discover via GATT what services the
newly bonded device has.

If userspace establishes the connection while the timeout still
hasn't expired, the connection will be re-used.

Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Tested-by: João Paulo Rechi Vita <jprvita@openbossa.org>
Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
2012-05-09 01:40:41 -03:00
Ido Yariv c22876814e Bluetooth: Search global l2cap channels by src/dst addresses
The cid or psm and the source address might not be enough to uniquely
identify a global channel, especially when the source address is our
own.

For instance, when trying to communicate with two LE devices in master
mode, data received from the both devices is sent to the same socket.

Fix this by taking the destination address into account when choosing
the socket.

Signed-off-by: Ido Yariv <ido@wizery.com>
Signed-off-by: Arik Nemtsov <arik@wizery.com>
Tested-by: João Paulo Rechi Vita <jprvita@openbossa.org>
Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
2012-05-09 01:40:41 -03:00
David Herrmann d8ce939525 Bluetooth: Remove unneeded initialization in hci_alloc_dev()
We allocate memory with kzalloc() so there is no need to call
memset(..., 0, ...) or similar.

Signed-off-by: David Herrmann <dh.herrmann@googlemail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-05-09 01:40:40 -03:00
David Herrmann b1b813d477 Bluetooth: Move device initialization to hci_alloc_dev()
We currently initialize locks, lists, works, etc. in hci_register_dev()
(hci_alloc_dev() was added later) which is bogus because an hdev is in an
invalid state if it is not registered.
This patch moves all memory initialization to hci_alloc_dev(). Device
registering and registration of sub-modules is still left in
hci_register_dev() as it belongs there.

The benefit is (despite cleaning up the code-base) we can now always be
sure that an hdev is a valid object and can be locked and worked on even
though it may not be registered.

This patch also reorders the initialization to be easier to understand.
First the memory is initialized, then all generic structures and as last
step the sub-init functions are called. This guarantees that all
dependencies are initialized in the right order and makes it also easier
to find a specific line. We previously initialized it in the same order as
the "struct hci_dev" is declared which seems pretty random.

Signed-off-by: David Herrmann <dh.herrmann@googlemail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-05-09 01:40:40 -03:00
David Herrmann 9be0dab793 Bluetooth: Move hci_alloc/free_dev close to hci_register/unregister_dev
alloc() and register() (and free() and unregister()) are closely related
so move them more closely together. This will also allow to move
functionality from register() to alloc() without needing
forward-declarations.

Signed-off-by: David Herrmann <dh.herrmann@googlemail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-05-09 01:40:39 -03:00
Marcel Holtmann fb3340594b Bluetooth: Restrict to one SCO listening socket
The SCO sockets are only identified by its address. So only allow one
SCO socket in listening state per address or BDADDR_ANY.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
2012-05-09 01:40:39 -03:00
Marcel Holtmann 8ed21f7eec Bluetooth: Don't check source address in SCO bind function
Checking the source address in SCO bind function will prevent from
having an incoming and outgoing SCO socket. However that might be
needed in case of multiple SCO connections on a single device.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
2012-05-09 01:40:38 -03:00
Ulisses Furquim fc50744c1e Bluetooth: Fix registering hci with duplicate name
When adding HCI devices hci_register_dev assigns the same name
hci1 for subsequently added AMP devices.

...
[ 6958.381886] sysfs: cannot create duplicate filename
       '/devices/virtual/bluetooth/hci1
...

We assume id starts with the number we'll try to add the new device
and keep iterating until we find the proper place. The only difference
is we start with 0 for BR/EDR device and 1 for AMP devices (thus AMP
devices will never receive register as index 0). Then every hdev->id in
the _ordered_ list <= to the id we want we increment id and move the
variable head. In the end we'll have id as the first available one and
head is where you need to add hdev after to keep the list ordered.

Reported-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Ulisses Furquim <ulisses@profusion.mobi>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-05-09 01:40:38 -03:00
Lukasz Rymanowski 519e42b38e Bluetooth: Remove not needed status parameter
Sco_conn_add is called from two places and always with status = 0.

Signed-off-by: Lukasz Rymanowski <lukasz.rymanowski@tieto.com>
Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
2012-05-09 01:40:37 -03:00
Marcel Holtmann 7d5d775a55 Bluetooth: Split error handling for SCO listen sockets
Split the checks for sk->sk_state and sk->sk_type for SCO listen
sockets. This makes the code more readable.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
2012-05-09 01:40:37 -03:00
Marcel Holtmann 6b3af7334b Bluetooth: Split error handling for L2CAP listen sockets
Split the checks for sk->sk_state and sk->sk_type for L2CAP listen
sockets. This makes the code more readable.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
2012-05-09 01:40:37 -03:00
Hemant Gupta 35d4adcca1 Bluetooth: Don't distribute keys in case of Encryption Failure
SMP Keys should only be distributeed when encryption is successful.

Signed-off-by: Hemant Gupta <hemant.gupta@stericsson.com>
Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
2012-05-09 01:40:36 -03:00
Andrei Emeltchenko 2d8b3a1162 Bluetooth: Fix debug printing unallocated name
It does make sense to print hdev name after allocation.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-05-09 01:40:35 -03:00
Hemant Gupta 4596fde540 Bluetooth: mgmt: Fix address type while loading Long Term Key
This patch fixes the address type while loading long term keys when BT is
switched on. Without this fix pairing is reinitated even though LTK
exists for remote device because of mismatch of address type.

Signed-off-by: Hemant Gupta <hemant.gupta@stericsson.com>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
2012-05-09 01:40:33 -03:00
Syam Sidhardhan 0c01bc486a Bluetooth: mgmt: Remove unwanted goto statements
Remove goto statements that do nothing else than jump to the next line
of code.

Signed-off-by: Syam Sidhardhan <s.syam@samsung.com>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
2012-05-09 01:40:33 -03:00
Gustavo Padovan 5c94f379c1 Bluetooth: remove unneeded declaration of sco_conn_del()
By some reason this is not needed anymore.

Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
2012-05-09 01:40:32 -03:00
Mikel Astiz 088ce088ec Bluetooth: Remove unnecessary check
The function already fails if the given size is greater than the MTU, so
there is no need to consider that case afterwards.

Signed-off-by: Mikel Astiz <mikel.astiz.oss@gmail.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
2012-05-09 01:40:32 -03:00
Mikel Astiz abc5de8f4e Bluetooth: Use unsigned int instead of signed int
The involved values are all unsigned and thus unsigned int should be
used instead of signed int. Assigning ~0 to a signed int results in -1,
which is confusing and error-prone, while the code is trying to set the
maximum value possible.

The code still works because the C standard defines that unsigned
comparison will be performed in these cases, when comparing an unsigned
int and a signed int.

Signed-off-by: Mikel Astiz <mikel.astiz.oss@gmail.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
2012-05-09 01:40:31 -03:00
Mat Martineau b76bbd6657 Bluetooth: Functions for handling ERTM control fields
These functions encode or decode ERTM control fields (extended or
enhanced) to or from the new l2cap_ctrl structure.

Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Acked-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-05-09 01:40:31 -03:00
Mat Martineau 3c588192b5 Bluetooth: Add the l2cap_seq_list structure for tracking frames
A sequence list is a data structure used to track frames that need to
be retransmitted, and frames that have been requested for
retransmission by the remote device.  It can compactly represent a
list of sequence numbers within the ERTM transmit window.  Memory for
the list is allocated once at connection time, and common operations
in ERTM are O(1).

Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-05-09 01:40:30 -03:00
Gustavo Padovan 9033894722 Bluetooth: Remove err parameter from alloc_skb()
Use ERR_PTR maginc instead.

Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
2012-05-09 01:40:26 -03:00
Andrei Emeltchenko bd4b165312 Bluetooth: Adds set_default function in L2CAP setup
Some parameters in L2CAP chan are set to default similar way in
socket based channels and A2MP channels. Adds common function which
sets all defaults.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
2012-05-09 00:41:39 -03:00
Andrei Emeltchenko 6bcbc4893f Bluetooth: Add Read Local AMP Info to init
AMP Info will be used in Discovery Response.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
2012-05-09 00:41:39 -03:00
Hemant Gupta 328c9248bf Bluetooth: mgmt: Fix missing connect failed event for LE
This patch adds management connect failed event when LE Create Connection
Command fails to inform user space that LE Connection failed to get
established.

Signed-off-by: Hemant Gupta <hemant.gupta@stericsson.com>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
2012-05-09 00:41:38 -03:00
Hemant Gupta b24c62471c Bluetooth: Fix clearing discovery type when stopping discovery
This patch prevents resetting of discovery type while stopping
discovery, since otherwise the wrong type might be send in case of
discovery failure. It also doesn't matter that we are "lazy" with
updating the type since it is anyway reset when starting discovery again
and it's not needed to know the current discovery state.

Signed-off-by: Hemant Gupta <hemant.gupta@stericsson.com>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
2012-05-09 00:41:37 -03:00
Andre Guedes 0ed09148fa Bluetooth: Remove MGMT_ADDR_INVALID macro
This patch removes the MGMT_ADDR_INVALID macro. If the address type
isn't LE, we consider it is BR/EDR type.

Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
2012-05-09 00:41:37 -03:00
Hemant Gupta eb19aaacb3 Bluetooth: Send correct address type for LTK
This patch updates the address type sent from kernel to management
interface of BlueZ while sending the Long Term Key.

Signed-off-by: Hemant Gupta <hemant.gupta@stericsson.com>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
2012-05-09 00:41:37 -03:00
Andrei Emeltchenko 3a602a00a4 Bluetooth: Remove unneeded zero initialization
Remove zero initialization since channel is allocated with kzalloc
in l2cap_chan_create.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
2012-05-09 00:41:36 -03:00
Marcel Holtmann 053262dce5 Bluetooth: Update management interface revision
For each kernel release where commands or events are added to the
management interface, the revision field should be increment by one.

The increment should only happen once per kernel release and not
for every command/event that gets added. The revision value is for
informational purposes only, but this simple policy would make any
future debugging a lot simple.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
2012-05-09 00:41:36 -03:00
Gustavo Padovan eef1d9b668 Bluetooth: Remove sk parameter from l2cap_chan_create()
Following the separation if core and sock code this change avoid
manipulation of sk inside l2cap_chan_create().

Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
2012-05-09 00:41:36 -03:00
Andrei Emeltchenko 14a2849184 Bluetooth: Make L2CAP chan_add functions static
Remove sparse warnings below:

...
net/bluetooth/l2cap_core.c:302:6: warning: symbol '__l2cap_chan_add' was
not declared. Should it be static?
net/bluetooth/l2cap_core.c:351:6: warning: symbol 'l2cap_chan_add' was
not declared. Should it be static?
...

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
2012-05-09 00:41:36 -03:00
Andrei Emeltchenko bcd11ff7c2 Bluetooth: Remove unneeded timer clear
set_chan_timer clears timer itself

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
2012-05-09 00:41:35 -03:00
Andre Guedes 1519cc177a Bluetooth: Ignore inquiry results from periodic inquiry
This patch changes inquiry result function handlers so they ignore
inquiry result events if periodic inquiry is enabled.

Signed-off-by: Andre Guedes <aguedespe@gmail.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
2012-05-09 00:41:34 -03:00
Andre Guedes 642be6c768 Bluetooth: Check HCI_PERIODIC_INQ in start_discovery
This patch adds a HCI_PERIODIC_INQ check to start_discovery.
If periodic inquiry is enabled, we fail MGMT Start Discovery
command with MGMT_STATUS_BUSY code.

Signed-off-by: Andre Guedes <aguedespe@gmail.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
2012-05-09 00:41:34 -03:00
Andre Guedes ae854a70df Bluetooth: Add HCI_PERIODIC_INQ to dev_flags
This patch adds the HCI_PERIODIC_INQ flag to dev_flags. This flag
tracks if periodic inquiry is enabled or not.

Signed-off-by: Andre Guedes <aguedespe@gmail.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
2012-05-09 00:41:34 -03:00