Merge git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth

author Gustavo Padovan <gustavo.padovan@collabora.co.uk>

Fri, 27 Sep 2013 14:56:14 +0000 (11:56 -0300)

committer Gustavo Padovan <gustavo.padovan@collabora.co.uk>

Fri, 27 Sep 2013 14:56:14 +0000 (11:56 -0300)
author Gustavo Padovan <gustavo.padovan@collabora.co.uk>
Fri, 27 Sep 2013 14:56:14 +0000 (11:56 -0300)
committer Gustavo Padovan <gustavo.padovan@collabora.co.uk>
Fri, 27 Sep 2013 14:56:14 +0000 (11:56 -0300)
diff --git a/drivers/bluetooth/hci_vhci.c b/drivers/bluetooth/hci_vhci.c

index d8b7aed..c04a3e6 100644 (file)
--- a/drivers/bluetooth/hci_vhci.c
+++ b/drivers/bluetooth/hci_vhci.c
@@ -24,6 +24,7 @@
   */
  
  #include <linux/module.h>
+#include <asm/unaligned.h>
  
  #include <linux/kernel.h>
  #include <linux/init.h>
@@ -39,17 +40,17 @@
  #include <net/bluetooth/bluetooth.h>
  #include <net/bluetooth/hci_core.h>
  
-#define VERSION "1.3"
+#define VERSION "1.4"
  
  static bool amp;
  
  struct vhci_data {
         struct hci_dev *hdev;
  
-       unsigned long flags;
-
         wait_queue_head_t read_wait;
         struct sk_buff_head readq;
+
+       struct delayed_work open_timeout;
  };
  
  static int vhci_open_dev(struct hci_dev *hdev)
@@ -99,16 +100,62 @@ static int vhci_send_frame(struct sk_buff *skb)
         skb_queue_tail(&data->readq, skb);
  
         wake_up_interruptible(&data->read_wait);
+       return 0;
+}
+
+static int vhci_create_device(struct vhci_data *data, __u8 dev_type)
+{
+       struct hci_dev *hdev;
+       struct sk_buff *skb;
+
+       skb = bt_skb_alloc(4, GFP_KERNEL);
+       if (!skb)
+               return -ENOMEM;
+
+       hdev = hci_alloc_dev();
+       if (!hdev) {
+               kfree_skb(skb);
+               return -ENOMEM;
+       }
+
+       data->hdev = hdev;
+
+       hdev->bus = HCI_VIRTUAL;
+       hdev->dev_type = dev_type;
+       hci_set_drvdata(hdev, data);
+
+       hdev->open  = vhci_open_dev;
+       hdev->close = vhci_close_dev;
+       hdev->flush = vhci_flush;
+       hdev->send  = vhci_send_frame;
  
+       if (hci_register_dev(hdev) < 0) {
+               BT_ERR("Can't register HCI device");
+               hci_free_dev(hdev);
+               data->hdev = NULL;
+               kfree_skb(skb);
+               return -EBUSY;
+       }
+
+       bt_cb(skb)->pkt_type = HCI_VENDOR_PKT;
+
+       *skb_put(skb, 1) = 0xff;
+       *skb_put(skb, 1) = dev_type;
+       put_unaligned_le16(hdev->id, skb_put(skb, 2));
+       skb_queue_tail(&data->readq, skb);
+
+       wake_up_interruptible(&data->read_wait);
         return 0;
  }
  
  static inline ssize_t vhci_get_user(struct vhci_data *data,
-                                       const char __user *buf, size_t count)
+                                   const char __user *buf, size_t count)
  {
         struct sk_buff *skb;
+       __u8 pkt_type, dev_type;
+       int ret;
  
-       if (count > HCI_MAX_FRAME_SIZE)
+       if (count < 2 || count > HCI_MAX_FRAME_SIZE)
                 return -EINVAL;
  
         skb = bt_skb_alloc(count, GFP_KERNEL);
@@ -120,27 +167,70 @@ static inline ssize_t vhci_get_user(struct vhci_data *data,
                 return -EFAULT;
         }
  
-       skb->dev = (void *) data->hdev;
-       bt_cb(skb)->pkt_type = *((__u8 *) skb->data);
+       pkt_type = *((__u8 *) skb->data);
         skb_pull(skb, 1);
  
-       hci_recv_frame(skb);
+       switch (pkt_type) {
+       case HCI_EVENT_PKT:
+       case HCI_ACLDATA_PKT:
+       case HCI_SCODATA_PKT:
+               if (!data->hdev) {
+                       kfree_skb(skb);
+                       return -ENODEV;
+               }
+
+               skb->dev = (void *) data->hdev;
+               bt_cb(skb)->pkt_type = pkt_type;
+
+               ret = hci_recv_frame(skb);
+               break;
+
+       case HCI_VENDOR_PKT:
+               if (data->hdev) {
+                       kfree_skb(skb);
+                       return -EBADFD;
+               }
  
-       return count;
+               cancel_delayed_work_sync(&data->open_timeout);
+
+               dev_type = *((__u8 *) skb->data);
+               skb_pull(skb, 1);
+
+               if (skb->len > 0) {
+                       kfree_skb(skb);
+                       return -EINVAL;
+               }
+
+               kfree_skb(skb);
+
+               if (dev_type != HCI_BREDR && dev_type != HCI_AMP)
+                       return -EINVAL;
+
+               ret = vhci_create_device(data, dev_type);
+               break;
+
+       default:
+               kfree_skb(skb);
+               return -EINVAL;
+       }
+
+       return (ret < 0) ? ret : count;
  }
  
  static inline ssize_t vhci_put_user(struct vhci_data *data,
-                       struct sk_buff *skb, char __user *buf, int count)
+                                   struct sk_buff *skb,
+                                   char __user *buf, int count)
  {
         char __user *ptr = buf;
-       int len, total = 0;
+       int len;
  
         len = min_t(unsigned int, skb->len, count);
  
         if (copy_to_user(ptr, skb->data, len))
                 return -EFAULT;
  
-       total += len;
+       if (!data->hdev)
+               return len;
  
         data->hdev->stat.byte_tx += len;
  
@@ -148,21 +238,19 @@ static inline ssize_t vhci_put_user(struct vhci_data *data,
         case HCI_COMMAND_PKT:
                 data->hdev->stat.cmd_tx++;
                 break;
-
         case HCI_ACLDATA_PKT:
                 data->hdev->stat.acl_tx++;
                 break;
-
         case HCI_SCODATA_PKT:
                 data->hdev->stat.sco_tx++;
                 break;
         }
  
-       return total;
+       return len;
  }
  
  static ssize_t vhci_read(struct file *file,
-                               char __user *buf, size_t count, loff_t *pos)
+                        char __user *buf, size_t count, loff_t *pos)
  {
         struct vhci_data *data = file->private_data;
         struct sk_buff *skb;
@@ -185,7 +273,7 @@ static ssize_t vhci_read(struct file *file,
                 }
  
                 ret = wait_event_interruptible(data->read_wait,
-                                       !skb_queue_empty(&data->readq));
+                                              !skb_queue_empty(&data->readq));
                 if (ret < 0)
                         break;
         }
@@ -194,7 +282,7 @@ static ssize_t vhci_read(struct file *file,
  }
  
  static ssize_t vhci_write(struct file *file,
-                       const char __user *buf, size_t count, loff_t *pos)
+                         const char __user *buf, size_t count, loff_t *pos)
  {
         struct vhci_data *data = file->private_data;
  
@@ -213,10 +301,17 @@ static unsigned int vhci_poll(struct file *file, poll_table *wait)
         return POLLOUT | POLLWRNORM;
  }
  
+static void vhci_open_timeout(struct work_struct *work)
+{
+       struct vhci_data *data = container_of(work, struct vhci_data,
+                                             open_timeout.work);
+
+       vhci_create_device(data, amp ? HCI_AMP : HCI_BREDR);
+}
+
  static int vhci_open(struct inode *inode, struct file *file)
  {
         struct vhci_data *data;
-       struct hci_dev *hdev;
  
         data = kzalloc(sizeof(struct vhci_data), GFP_KERNEL);
         if (!data)
@@ -225,35 +320,13 @@ static int vhci_open(struct inode *inode, struct file *file)
         skb_queue_head_init(&data->readq);
         init_waitqueue_head(&data->read_wait);
  
-       hdev = hci_alloc_dev();
-       if (!hdev) {
-               kfree(data);
-               return -ENOMEM;
-       }
-
-       data->hdev = hdev;
-
-       hdev->bus = HCI_VIRTUAL;
-       hci_set_drvdata(hdev, data);
-
-       if (amp)
-               hdev->dev_type = HCI_AMP;
-
-       hdev->open     = vhci_open_dev;
-       hdev->close    = vhci_close_dev;
-       hdev->flush    = vhci_flush;
-       hdev->send     = vhci_send_frame;
-
-       if (hci_register_dev(hdev) < 0) {
-               BT_ERR("Can't register HCI device");
-               kfree(data);
-               hci_free_dev(hdev);
-               return -EBUSY;
-       }
+       INIT_DELAYED_WORK(&data->open_timeout, vhci_open_timeout);
  
         file->private_data = data;
         nonseekable_open(inode, file);
  
+       schedule_delayed_work(&data->open_timeout, msecs_to_jiffies(1000));
+
         return 0;
  }
  
@@ -262,8 +335,12 @@ static int vhci_release(struct inode *inode, struct file *file)
         struct vhci_data *data = file->private_data;
         struct hci_dev *hdev = data->hdev;
  
-       hci_unregister_dev(hdev);
-       hci_free_dev(hdev);
+       cancel_delayed_work_sync(&data->open_timeout);
+
+       if (hdev) {
+               hci_unregister_dev(hdev);
+               hci_free_dev(hdev);
+       }
  
         file->private_data = NULL;
         kfree(data);
@@ -309,3 +386,4 @@ MODULE_AUTHOR("Marcel Holtmann <marcel@holtmann.org>");
  MODULE_DESCRIPTION("Bluetooth virtual HCI driver ver " VERSION);
  MODULE_VERSION(VERSION);
  MODULE_LICENSE("GPL");
+MODULE_ALIAS("devname:vhci");
diff --git a/include/net/bluetooth/bluetooth.h b/include/net/bluetooth/bluetooth.h

index 10d43d8..afbc711 100644 (file)
--- a/include/net/bluetooth/bluetooth.h
+++ b/include/net/bluetooth/bluetooth.h
@@ -249,6 +249,7 @@ int  bt_sock_stream_recvmsg(struct kiocb *iocb, struct socket *sock,
  uint bt_sock_poll(struct file *file, struct socket *sock, poll_table *wait);
  int  bt_sock_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg);
  int  bt_sock_wait_state(struct sock *sk, int state, unsigned long timeo);
+int  bt_sock_wait_ready(struct sock *sk, unsigned long flags);
  
  void bt_accept_enqueue(struct sock *parent, struct sock *sk);
  void bt_accept_unlink(struct sock *sk);
diff --git a/include/net/bluetooth/hci.h b/include/net/bluetooth/hci.h

index 15f1084..7ede266 100644 (file)
--- a/include/net/bluetooth/hci.h
+++ b/include/net/bluetooth/hci.h
@@ -110,6 +110,7 @@ enum {
         HCI_SERVICE_CACHE,
         HCI_DEBUG_KEYS,
         HCI_UNREGISTER,
+       HCI_USER_CHANNEL,
  
         HCI_LE_SCAN,
         HCI_SSP_ENABLED,
@@ -694,9 +695,6 @@ struct hci_cp_sniff_subrate {
  } __packed;
  
  #define HCI_OP_SET_EVENT_MASK          0x0c01
-struct hci_cp_set_event_mask {
-       __u8     mask[8];
-} __packed;
  
  #define HCI_OP_RESET                   0x0c03
  
@@ -826,6 +824,8 @@ struct hci_rp_read_inq_rsp_tx_power {
         __s8     tx_power;
  } __packed;
  
+#define HCI_OP_SET_EVENT_MASK_PAGE_2   0x0c63
+
  #define HCI_OP_READ_FLOW_CONTROL_MODE  0x0c66
  struct hci_rp_read_flow_control_mode {
         __u8     status;
@@ -838,6 +838,8 @@ struct hci_cp_write_le_host_supported {
         __u8    simul;
  } __packed;
  
+#define HCI_OP_READ_SYNC_TRAIN_PARAMS  0x0c77
+
  #define HCI_OP_READ_LOCAL_VERSION      0x1001
  struct hci_rp_read_local_version {
         __u8     status;
@@ -1571,6 +1573,7 @@ struct sockaddr_hci {
  #define HCI_DEV_NONE   0xffff
  
  #define HCI_CHANNEL_RAW                0
+#define HCI_CHANNEL_USER       1
  #define HCI_CHANNEL_MONITOR    2
  #define HCI_CHANNEL_CONTROL    3
  
diff --git a/include/net/bluetooth/hci_core.h b/include/net/bluetooth/hci_core.h

index 3ede820..26cc9f7 100644 (file)
--- a/include/net/bluetooth/hci_core.h
+++ b/include/net/bluetooth/hci_core.h
@@ -1168,7 +1168,6 @@ int mgmt_set_class_of_dev_complete(struct hci_dev *hdev, u8 *dev_class,
  int mgmt_set_local_name_complete(struct hci_dev *hdev, u8 *name, u8 status);
  int mgmt_read_local_oob_data_reply_complete(struct hci_dev *hdev, u8 *hash,
                                             u8 *randomizer, u8 status);
-int mgmt_le_enable_complete(struct hci_dev *hdev, u8 enable, u8 status);
  int mgmt_device_found(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
                       u8 addr_type, u8 *dev_class, s8 rssi, u8 cfm_name,
                       u8 ssp, u8 *eir, u16 eir_len);
diff --git a/include/net/bluetooth/mgmt.h b/include/net/bluetooth/mgmt.h

index 9944c3e..421d763 100644 (file)
--- a/include/net/bluetooth/mgmt.h
+++ b/include/net/bluetooth/mgmt.h
@@ -93,6 +93,7 @@ struct mgmt_rp_read_index_list {
  #define MGMT_SETTING_BREDR             0x00000080
  #define MGMT_SETTING_HS                        0x00000100
  #define MGMT_SETTING_LE                        0x00000200
+#define MGMT_SETTING_ADVERTISING       0x00000400
  
  #define MGMT_OP_READ_INFO              0x0004
  #define MGMT_READ_INFO_SIZE            0
@@ -351,6 +352,8 @@ struct mgmt_cp_set_device_id {
  } __packed;
  #define MGMT_SET_DEVICE_ID_SIZE                8
  
+#define MGMT_OP_SET_ADVERTISING                0x0029
+
  #define MGMT_EV_CMD_COMPLETE           0x0001
  struct mgmt_ev_cmd_complete {
         __le16  opcode;
diff --git a/net/bluetooth/af_bluetooth.c b/net/bluetooth/af_bluetooth.c

index 9096137..e6e1278 100644 (file)
--- a/net/bluetooth/af_bluetooth.c
+++ b/net/bluetooth/af_bluetooth.c
@@ -490,6 +490,7 @@ int bt_sock_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
  }
  EXPORT_SYMBOL(bt_sock_ioctl);
  
+/* This function expects the sk lock to be held when called */
  int bt_sock_wait_state(struct sock *sk, int state, unsigned long timeo)
  {
         DECLARE_WAITQUEUE(wait, current);
@@ -525,6 +526,46 @@ int bt_sock_wait_state(struct sock *sk, int state, unsigned long timeo)
  }
  EXPORT_SYMBOL(bt_sock_wait_state);
  
+/* This function expects the sk lock to be held when called */
+int bt_sock_wait_ready(struct sock *sk, unsigned long flags)
+{
+       DECLARE_WAITQUEUE(wait, current);
+       unsigned long timeo;
+       int err = 0;
+
+       BT_DBG("sk %p", sk);
+
+       timeo = sock_sndtimeo(sk, flags & O_NONBLOCK);
+
+       add_wait_queue(sk_sleep(sk), &wait);
+       set_current_state(TASK_INTERRUPTIBLE);
+       while (test_bit(BT_SK_SUSPEND, &bt_sk(sk)->flags)) {
+               if (!timeo) {
+                       err = -EAGAIN;
+                       break;
+               }
+
+               if (signal_pending(current)) {
+                       err = sock_intr_errno(timeo);
+                       break;
+               }
+
+               release_sock(sk);
+               timeo = schedule_timeout(timeo);
+               lock_sock(sk);
+               set_current_state(TASK_INTERRUPTIBLE);
+
+               err = sock_error(sk);
+               if (err)
+                       break;
+       }
+       __set_current_state(TASK_RUNNING);
+       remove_wait_queue(sk_sleep(sk), &wait);
+
+       return err;
+}
+EXPORT_SYMBOL(bt_sock_wait_ready);
+
  #ifdef CONFIG_PROC_FS
  struct bt_seq_state {
         struct bt_sock_list *l;
diff --git a/net/bluetooth/hci_conn.c b/net/bluetooth/hci_conn.c

index f081712..d2380e0 100644 (file)
--- a/net/bluetooth/hci_conn.c
+++ b/net/bluetooth/hci_conn.c
@@ -518,6 +518,7 @@ struct hci_dev *hci_get_route(bdaddr_t *dst, bdaddr_t *src)
         list_for_each_entry(d, &hci_dev_list, list) {
                 if (!test_bit(HCI_UP, &d->flags) ||
                     test_bit(HCI_RAW, &d->flags) ||
+                   test_bit(HCI_USER_CHANNEL, &d->dev_flags) ||
                     d->dev_type != HCI_BREDR)
                         continue;
  
diff --git a/net/bluetooth/hci_core.c b/net/bluetooth/hci_core.c

index 1b66547..4549b5c 100644 (file)
--- a/net/bluetooth/hci_core.c
+++ b/net/bluetooth/hci_core.c
@@ -607,6 +607,34 @@ static void hci_set_le_support(struct hci_request *req)
                             &cp);
  }
  
+static void hci_set_event_mask_page_2(struct hci_request *req)
+{
+       struct hci_dev *hdev = req->hdev;
+       u8 events[8] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
+
+       /* If Connectionless Slave Broadcast master role is supported
+        * enable all necessary events for it.
+        */
+       if (hdev->features[2][0] & 0x01) {
+               events[1] |= 0x40;      /* Triggered Clock Capture */
+               events[1] |= 0x80;      /* Synchronization Train Complete */
+               events[2] |= 0x10;      /* Slave Page Response Timeout */
+               events[2] |= 0x20;      /* CSB Channel Map Change */
+       }
+
+       /* If Connectionless Slave Broadcast slave role is supported
+        * enable all necessary events for it.
+        */
+       if (hdev->features[2][0] & 0x02) {
+               events[2] |= 0x01;      /* Synchronization Train Received */
+               events[2] |= 0x02;      /* CSB Receive */
+               events[2] |= 0x04;      /* CSB Timeout */
+               events[2] |= 0x08;      /* Truncated Page Complete */
+       }
+
+       hci_req_add(req, HCI_OP_SET_EVENT_MASK_PAGE_2, sizeof(events), events);
+}
+
  static void hci_init3_req(struct hci_request *req, unsigned long opt)
  {
         struct hci_dev *hdev = req->hdev;
@@ -648,6 +676,19 @@ static void hci_init3_req(struct hci_request *req, unsigned long opt)
         }
  }
  
+static void hci_init4_req(struct hci_request *req, unsigned long opt)
+{
+       struct hci_dev *hdev = req->hdev;
+
+       /* Set event mask page 2 if the HCI command for it is supported */
+       if (hdev->commands[22] & 0x04)
+               hci_set_event_mask_page_2(req);
+
+       /* Check for Synchronization Train support */
+       if (hdev->features[2][0] & 0x04)
+               hci_req_add(req, HCI_OP_READ_SYNC_TRAIN_PARAMS, 0, NULL);
+}
+
  static int __hci_init(struct hci_dev *hdev)
  {
         int err;
@@ -667,7 +708,11 @@ static int __hci_init(struct hci_dev *hdev)
         if (err < 0)
                 return err;
  
-       return __hci_req_sync(hdev, hci_init3_req, 0, HCI_INIT_TIMEOUT);
+       err = __hci_req_sync(hdev, hci_init3_req, 0, HCI_INIT_TIMEOUT);
+       if (err < 0)
+               return err;
+
+       return __hci_req_sync(hdev, hci_init4_req, 0, HCI_INIT_TIMEOUT);
  }
  
  static void hci_scan_req(struct hci_request *req, unsigned long opt)
@@ -984,6 +1029,11 @@ int hci_inquiry(void __user *arg)
         if (!hdev)
                 return -ENODEV;
  
+       if (test_bit(HCI_USER_CHANNEL, &hdev->dev_flags)) {
+               err = -EBUSY;
+               goto done;
+       }
+
         hci_dev_lock(hdev);
         if (inquiry_cache_age(hdev) > INQUIRY_CACHE_AGE_MAX ||
             inquiry_cache_empty(hdev) || ir.flags & IREQ_CACHE_FLUSH) {
@@ -1181,7 +1231,8 @@ int hci_dev_open(__u16 dev)
                 if (test_bit(HCI_QUIRK_RAW_DEVICE, &hdev->quirks))
                         set_bit(HCI_RAW, &hdev->flags);
  
-               if (!test_bit(HCI_RAW, &hdev->flags))
+               if (!test_bit(HCI_RAW, &hdev->flags) &&
+                   !test_bit(HCI_USER_CHANNEL, &hdev->dev_flags))
                         ret = __hci_init(hdev);
         }
  
@@ -1192,6 +1243,7 @@ int hci_dev_open(__u16 dev)
                 set_bit(HCI_UP, &hdev->flags);
                 hci_notify(hdev, HCI_DEV_UP);
                 if (!test_bit(HCI_SETUP, &hdev->dev_flags) &&
+                   !test_bit(HCI_USER_CHANNEL, &hdev->dev_flags) &&
                     mgmt_valid_hdev(hdev)) {
                         hci_dev_lock(hdev);
                         mgmt_powered(hdev, 1);
@@ -1328,11 +1380,17 @@ int hci_dev_close(__u16 dev)
         if (!hdev)
                 return -ENODEV;
  
+       if (test_bit(HCI_USER_CHANNEL, &hdev->dev_flags)) {
+               err = -EBUSY;
+               goto done;
+       }
+
         if (test_and_clear_bit(HCI_AUTO_OFF, &hdev->dev_flags))
                 cancel_delayed_work(&hdev->power_off);
  
         err = hci_dev_do_close(hdev);
  
+done:
         hci_dev_put(hdev);
         return err;
  }
@@ -1348,8 +1406,15 @@ int hci_dev_reset(__u16 dev)
  
         hci_req_lock(hdev);
  
-       if (!test_bit(HCI_UP, &hdev->flags))
+       if (!test_bit(HCI_UP, &hdev->flags)) {
+               ret = -ENETDOWN;
+               goto done;
+       }
+
+       if (test_bit(HCI_USER_CHANNEL, &hdev->dev_flags)) {
+               ret = -EBUSY;
                 goto done;
+       }
  
         /* Drop queues */
         skb_queue_purge(&hdev->rx_q);
@@ -1384,10 +1449,15 @@ int hci_dev_reset_stat(__u16 dev)
         if (!hdev)
                 return -ENODEV;
  
+       if (test_bit(HCI_USER_CHANNEL, &hdev->dev_flags)) {
+               ret = -EBUSY;
+               goto done;
+       }
+
         memset(&hdev->stat, 0, sizeof(struct hci_dev_stats));
  
+done:
         hci_dev_put(hdev);
-
         return ret;
  }
  
@@ -1404,6 +1474,11 @@ int hci_dev_cmd(unsigned int cmd, void __user *arg)
         if (!hdev)
                 return -ENODEV;
  
+       if (test_bit(HCI_USER_CHANNEL, &hdev->dev_flags)) {
+               err = -EBUSY;
+               goto done;
+       }
+
         switch (cmd) {
         case HCISETAUTH:
                 err = hci_req_sync(hdev, hci_auth_req, dr.dev_opt,
@@ -1462,6 +1537,7 @@ int hci_dev_cmd(unsigned int cmd, void __user *arg)
                 break;
         }
  
+done:
         hci_dev_put(hdev);
         return err;
  }
@@ -1570,13 +1646,16 @@ static int hci_rfkill_set_block(void *data, bool blocked)
  
         BT_DBG("%p name %s blocked %d", hdev, hdev->name, blocked);
  
+       if (test_bit(HCI_USER_CHANNEL, &hdev->dev_flags))
+               return -EBUSY;
+
         if (blocked) {
                 set_bit(HCI_RFKILLED, &hdev->dev_flags);
                 if (!test_bit(HCI_SETUP, &hdev->dev_flags))
                         hci_dev_do_close(hdev);
         } else {
                 clear_bit(HCI_RFKILLED, &hdev->dev_flags);
-}
+       }
  
         return 0;
  }
@@ -3272,15 +3351,13 @@ static void hci_tx_work(struct work_struct *work)
         BT_DBG("%s acl %d sco %d le %d", hdev->name, hdev->acl_cnt,
                hdev->sco_cnt, hdev->le_cnt);
  
-       /* Schedule queues and send stuff to HCI driver */
-
-       hci_sched_acl(hdev);
-
-       hci_sched_sco(hdev);
-
-       hci_sched_esco(hdev);
-
-       hci_sched_le(hdev);
+       if (!test_bit(HCI_USER_CHANNEL, &hdev->dev_flags)) {
+               /* Schedule queues and send stuff to HCI driver */
+               hci_sched_acl(hdev);
+               hci_sched_sco(hdev);
+               hci_sched_esco(hdev);
+               hci_sched_le(hdev);
+       }
  
         /* Send next queued raw (unknown type) packet */
         while ((skb = skb_dequeue(&hdev->raw_q)))
@@ -3471,7 +3548,8 @@ static void hci_rx_work(struct work_struct *work)
                         hci_send_to_sock(hdev, skb);
                 }
  
-               if (test_bit(HCI_RAW, &hdev->flags)) {
+               if (test_bit(HCI_RAW, &hdev->flags) ||
+                   test_bit(HCI_USER_CHANNEL, &hdev->dev_flags)) {
                         kfree_skb(skb);
                         continue;
                 }
@@ -3526,7 +3604,7 @@ static void hci_cmd_work(struct work_struct *work)
  
                 kfree_skb(hdev->sent_cmd);
  
-               hdev->sent_cmd = skb_clone(skb, GFP_ATOMIC);
+               hdev->sent_cmd = skb_clone(skb, GFP_KERNEL);
                 if (hdev->sent_cmd) {
                         atomic_dec(&hdev->cmd_cnt);
                         hci_send_frame(skb);
diff --git a/net/bluetooth/hci_event.c b/net/bluetooth/hci_event.c

index 8db3e89..d171c04 100644 (file)
--- a/net/bluetooth/hci_event.c
+++ b/net/bluetooth/hci_event.c
@@ -994,20 +994,20 @@ static void hci_cc_write_le_host_supported(struct hci_dev *hdev,
                 return;
  
         if (!status) {
-               if (sent->le)
+               if (sent->le) {
                         hdev->features[1][0] |= LMP_HOST_LE;
-               else
+                       set_bit(HCI_LE_ENABLED, &hdev->dev_flags);
+               } else {
                         hdev->features[1][0] &= ~LMP_HOST_LE;
+                       clear_bit(HCI_LE_ENABLED, &hdev->dev_flags);
+                       clear_bit(HCI_LE_PERIPHERAL, &hdev->dev_flags);
+               }
  
                 if (sent->simul)
                         hdev->features[1][0] |= LMP_HOST_LE_BREDR;
                 else
                         hdev->features[1][0] &= ~LMP_HOST_LE_BREDR;
         }
-
-       if (test_bit(HCI_MGMT, &hdev->dev_flags) &&
-           !test_bit(HCI_INIT, &hdev->flags))
-               mgmt_le_enable_complete(hdev, sent->le, status);
  }
  
  static void hci_cc_write_remote_amp_assoc(struct hci_dev *hdev,
diff --git a/net/bluetooth/hci_sock.c b/net/bluetooth/hci_sock.c

index 9bd7d95..c09e976 100644 (file)
--- a/net/bluetooth/hci_sock.c
+++ b/net/bluetooth/hci_sock.c
@@ -66,6 +66,46 @@ static struct bt_sock_list hci_sk_list = {
         .lock = __RW_LOCK_UNLOCKED(hci_sk_list.lock)
  };
  
+static bool is_filtered_packet(struct sock *sk, struct sk_buff *skb)
+{
+       struct hci_filter *flt;
+       int flt_type, flt_event;
+
+       /* Apply filter */
+       flt = &hci_pi(sk)->filter;
+
+       if (bt_cb(skb)->pkt_type == HCI_VENDOR_PKT)
+               flt_type = 0;
+       else
+               flt_type = bt_cb(skb)->pkt_type & HCI_FLT_TYPE_BITS;
+
+       if (!test_bit(flt_type, &flt->type_mask))
+               return true;
+
+       /* Extra filter for event packets only */
+       if (bt_cb(skb)->pkt_type != HCI_EVENT_PKT)
+               return false;
+
+       flt_event = (*(__u8 *)skb->data & HCI_FLT_EVENT_BITS);
+
+       if (!hci_test_bit(flt_event, &flt->event_mask))
+               return true;
+
+       /* Check filter only when opcode is set */
+       if (!flt->opcode)
+               return false;
+
+       if (flt_event == HCI_EV_CMD_COMPLETE &&
+           flt->opcode != get_unaligned((__le16 *)(skb->data + 3)))
+               return true;
+
+       if (flt_event == HCI_EV_CMD_STATUS &&
+           flt->opcode != get_unaligned((__le16 *)(skb->data + 4)))
+               return true;
+
+       return false;
+}
+
  /* Send frame to RAW socket */
  void hci_send_to_sock(struct hci_dev *hdev, struct sk_buff *skb)
  {
@@ -77,7 +117,6 @@ void hci_send_to_sock(struct hci_dev *hdev, struct sk_buff *skb)
         read_lock(&hci_sk_list.lock);
  
         sk_for_each(sk, &hci_sk_list.head) {
-               struct hci_filter *flt;
                 struct sk_buff *nskb;
  
                 if (sk->sk_state != BT_BOUND || hci_pi(sk)->hdev != hdev)
@@ -87,31 +126,19 @@ void hci_send_to_sock(struct hci_dev *hdev, struct sk_buff *skb)
                 if (skb->sk == sk)
                         continue;
  
-               if (hci_pi(sk)->channel != HCI_CHANNEL_RAW)
-                       continue;
-
-               /* Apply filter */
-               flt = &hci_pi(sk)->filter;
-
-               if (!test_bit((bt_cb(skb)->pkt_type == HCI_VENDOR_PKT) ?
-                             0 : (bt_cb(skb)->pkt_type & HCI_FLT_TYPE_BITS),
-                             &flt->type_mask))
-                       continue;
-
-               if (bt_cb(skb)->pkt_type == HCI_EVENT_PKT) {
-                       int evt = (*(__u8 *)skb->data & HCI_FLT_EVENT_BITS);
-
-                       if (!hci_test_bit(evt, &flt->event_mask))
+               if (hci_pi(sk)->channel == HCI_CHANNEL_RAW) {
+                       if (is_filtered_packet(sk, skb))
                                 continue;
-
-                       if (flt->opcode &&
-                           ((evt == HCI_EV_CMD_COMPLETE &&
-                             flt->opcode !=
-                             get_unaligned((__le16 *)(skb->data + 3))) ||
-                            (evt == HCI_EV_CMD_STATUS &&
-                             flt->opcode !=
-                             get_unaligned((__le16 *)(skb->data + 4)))))
+               } else if (hci_pi(sk)->channel == HCI_CHANNEL_USER) {
+                       if (!bt_cb(skb)->incoming)
+                               continue;
+                       if (bt_cb(skb)->pkt_type != HCI_EVENT_PKT &&
+                           bt_cb(skb)->pkt_type != HCI_ACLDATA_PKT &&
+                           bt_cb(skb)->pkt_type != HCI_SCODATA_PKT)
                                 continue;
+               } else {
+                       /* Don't send frame to other channel types */
+                       continue;
                 }
  
                 if (!skb_copy) {
@@ -426,6 +453,12 @@ static int hci_sock_release(struct socket *sock)
         bt_sock_unlink(&hci_sk_list, sk);
  
         if (hdev) {
+               if (hci_pi(sk)->channel == HCI_CHANNEL_USER) {
+                       mgmt_index_added(hdev);
+                       clear_bit(HCI_USER_CHANNEL, &hdev->dev_flags);
+                       hci_dev_close(hdev->id);
+               }
+
                 atomic_dec(&hdev->promisc);
                 hci_dev_put(hdev);
         }
@@ -482,6 +515,9 @@ static int hci_sock_bound_ioctl(struct sock *sk, unsigned int cmd,
         if (!hdev)
                 return -EBADFD;
  
+       if (test_bit(HCI_USER_CHANNEL, &hdev->dev_flags))
+               return -EBUSY;
+
         switch (cmd) {
         case HCISETRAW:
                 if (!capable(CAP_NET_ADMIN))
@@ -512,23 +548,32 @@ static int hci_sock_bound_ioctl(struct sock *sk, unsigned int cmd,
                 if (!capable(CAP_NET_ADMIN))
                         return -EPERM;
                 return hci_sock_blacklist_del(hdev, (void __user *) arg);
-
-       default:
-               if (hdev->ioctl)
-                       return hdev->ioctl(hdev, cmd, arg);
-               return -EINVAL;
         }
+
+       if (hdev->ioctl)
+               return hdev->ioctl(hdev, cmd, arg);
+
+       return -EINVAL;
  }
  
  static int hci_sock_ioctl(struct socket *sock, unsigned int cmd,
                           unsigned long arg)
  {
-       struct sock *sk = sock->sk;
         void __user *argp = (void __user *) arg;
+       struct sock *sk = sock->sk;
         int err;
  
         BT_DBG("cmd %x arg %lx", cmd, arg);
  
+       lock_sock(sk);
+
+       if (hci_pi(sk)->channel != HCI_CHANNEL_RAW) {
+               err = -EBADFD;
+               goto done;
+       }
+
+       release_sock(sk);
+
         switch (cmd) {
         case HCIGETDEVLIST:
                 return hci_get_dev_list(argp);
@@ -573,13 +618,15 @@ static int hci_sock_ioctl(struct socket *sock, unsigned int cmd,
  
         case HCIINQUIRY:
                 return hci_inquiry(argp);
-
-       default:
-               lock_sock(sk);
-               err = hci_sock_bound_ioctl(sk, cmd, arg);
-               release_sock(sk);
-               return err;
         }
+
+       lock_sock(sk);
+
+       err = hci_sock_bound_ioctl(sk, cmd, arg);
+
+done:
+       release_sock(sk);
+       return err;
  }
  
  static int hci_sock_bind(struct socket *sock, struct sockaddr *addr,
@@ -629,6 +676,56 @@ static int hci_sock_bind(struct socket *sock, struct sockaddr *addr,
                 hci_pi(sk)->hdev = hdev;
                 break;
  
+       case HCI_CHANNEL_USER:
+               if (hci_pi(sk)->hdev) {
+                       err = -EALREADY;
+                       goto done;
+               }
+
+               if (haddr.hci_dev == HCI_DEV_NONE) {
+                       err = -EINVAL;
+                       goto done;
+               }
+
+               if (!capable(CAP_NET_RAW)) {
+                       err = -EPERM;
+                       goto done;
+               }
+
+               hdev = hci_dev_get(haddr.hci_dev);
+               if (!hdev) {
+                       err = -ENODEV;
+                       goto done;
+               }
+
+               if (test_bit(HCI_UP, &hdev->flags) ||
+                   test_bit(HCI_INIT, &hdev->flags) ||
+                   test_bit(HCI_SETUP, &hdev->dev_flags)) {
+                       err = -EBUSY;
+                       hci_dev_put(hdev);
+                       goto done;
+               }
+
+               if (test_and_set_bit(HCI_USER_CHANNEL, &hdev->dev_flags)) {
+                       err = -EUSERS;
+                       hci_dev_put(hdev);
+                       goto done;
+               }
+
+               mgmt_index_removed(hdev);
+
+               err = hci_dev_open(hdev->id);
+               if (err) {
+                       clear_bit(HCI_USER_CHANNEL, &hdev->dev_flags);
+                       hci_dev_put(hdev);
+                       goto done;
+               }
+
+               atomic_inc(&hdev->promisc);
+
+               hci_pi(sk)->hdev = hdev;
+               break;
+
         case HCI_CHANNEL_CONTROL:
                 if (haddr.hci_dev != HCI_DEV_NONE) {
                         err = -EINVAL;
@@ -677,22 +774,30 @@ static int hci_sock_getname(struct socket *sock, struct sockaddr *addr,
  {
         struct sockaddr_hci *haddr = (struct sockaddr_hci *) addr;
         struct sock *sk = sock->sk;
-       struct hci_dev *hdev = hci_pi(sk)->hdev;
+       struct hci_dev *hdev;
+       int err = 0;
  
         BT_DBG("sock %p sk %p", sock, sk);
  
-       if (!hdev)
-               return -EBADFD;
+       if (peer)
+               return -EOPNOTSUPP;
  
         lock_sock(sk);
  
+       hdev = hci_pi(sk)->hdev;
+       if (!hdev) {
+               err = -EBADFD;
+               goto done;
+       }
+
         *addr_len = sizeof(*haddr);
         haddr->hci_family = AF_BLUETOOTH;
         haddr->hci_dev    = hdev->id;
-       haddr->hci_channel= 0;
+       haddr->hci_channel= hci_pi(sk)->channel;
  
+done:
         release_sock(sk);
-       return 0;
+       return err;
  }
  
  static void hci_sock_cmsg(struct sock *sk, struct msghdr *msg,
@@ -767,6 +872,7 @@ static int hci_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
         case HCI_CHANNEL_RAW:
                 hci_sock_cmsg(sk, msg, skb);
                 break;
+       case HCI_CHANNEL_USER:
         case HCI_CHANNEL_CONTROL:
         case HCI_CHANNEL_MONITOR:
                 sock_recv_timestamp(msg, sk, skb);
@@ -801,6 +907,7 @@ static int hci_sock_sendmsg(struct kiocb *iocb, struct socket *sock,
  
         switch (hci_pi(sk)->channel) {
         case HCI_CHANNEL_RAW:
+       case HCI_CHANNEL_USER:
                 break;
         case HCI_CHANNEL_CONTROL:
                 err = mgmt_control(sk, msg, len);
@@ -837,7 +944,8 @@ static int hci_sock_sendmsg(struct kiocb *iocb, struct socket *sock,
         skb_pull(skb, 1);
         skb->dev = (void *) hdev;
  
-       if (bt_cb(skb)->pkt_type == HCI_COMMAND_PKT) {
+       if (hci_pi(sk)->channel == HCI_CHANNEL_RAW &&
+           bt_cb(skb)->pkt_type == HCI_COMMAND_PKT) {
                 u16 opcode = get_unaligned_le16(skb->data);
                 u16 ogf = hci_opcode_ogf(opcode);
                 u16 ocf = hci_opcode_ocf(opcode);
@@ -868,6 +976,14 @@ static int hci_sock_sendmsg(struct kiocb *iocb, struct socket *sock,
                         goto drop;
                 }
  
+               if (hci_pi(sk)->channel == HCI_CHANNEL_USER &&
+                   bt_cb(skb)->pkt_type != HCI_COMMAND_PKT &&
+                   bt_cb(skb)->pkt_type != HCI_ACLDATA_PKT &&
+                   bt_cb(skb)->pkt_type != HCI_SCODATA_PKT) {
+                       err = -EINVAL;
+                       goto drop;
+               }
+
                 skb_queue_tail(&hdev->raw_q, skb);
                 queue_work(hdev->workqueue, &hdev->tx_work);
         }
@@ -895,7 +1011,7 @@ static int hci_sock_setsockopt(struct socket *sock, int level, int optname,
         lock_sock(sk);
  
         if (hci_pi(sk)->channel != HCI_CHANNEL_RAW) {
-               err = -EINVAL;
+               err = -EBADFD;
                 goto done;
         }
  
@@ -981,7 +1097,7 @@ static int hci_sock_getsockopt(struct socket *sock, int level, int optname,
         lock_sock(sk);
  
         if (hci_pi(sk)->channel != HCI_CHANNEL_RAW) {
-               err = -EINVAL;
+               err = -EBADFD;
                 goto done;
         }
  
diff --git a/net/bluetooth/l2cap_core.c b/net/bluetooth/l2cap_core.c

index 63fa111..d1f1e78 100644 (file)
--- a/net/bluetooth/l2cap_core.c
+++ b/net/bluetooth/l2cap_core.c
@@ -3891,13 +3891,13 @@ static int l2cap_connect_create_rsp(struct l2cap_conn *conn,
         if (scid) {
                 chan = __l2cap_get_chan_by_scid(conn, scid);
                 if (!chan) {
-                       err = -EFAULT;
+                       err = -EBADSLT;
                         goto unlock;
                 }
         } else {
                 chan = __l2cap_get_chan_by_ident(conn, cmd->ident);
                 if (!chan) {
-                       err = -EFAULT;
+                       err = -EBADSLT;
                         goto unlock;
                 }
         }
@@ -3985,7 +3985,7 @@ static inline int l2cap_config_req(struct l2cap_conn *conn,
  
         chan = l2cap_get_chan_by_scid(conn, dcid);
         if (!chan)
-               return -ENOENT;
+               return -EBADSLT;
  
         if (chan->state != BT_CONFIG && chan->state != BT_CONNECT2) {
                 struct l2cap_cmd_rej_cid rej;
@@ -4213,7 +4213,7 @@ static inline int l2cap_disconnect_req(struct l2cap_conn *conn,
         chan = __l2cap_get_chan_by_scid(conn, dcid);
         if (!chan) {
                 mutex_unlock(&conn->chan_lock);
-               return 0;
+               return -EBADSLT;
         }
  
         l2cap_chan_lock(chan);
@@ -4445,7 +4445,7 @@ static int l2cap_create_channel_req(struct l2cap_conn *conn,
                 hs_hcon = hci_conn_hash_lookup_ba(hdev, AMP_LINK, conn->dst);
                 if (!hs_hcon) {
                         hci_dev_put(hdev);
-                       return -EFAULT;
+                       return -EBADSLT;
                 }
  
                 BT_DBG("mgr %p bredr_chan %p hs_hcon %p", mgr, chan, hs_hcon);
@@ -4469,7 +4469,7 @@ error:
         l2cap_send_cmd(conn, cmd->ident, L2CAP_CREATE_CHAN_RSP,
                        sizeof(rsp), &rsp);
  
-       return -EFAULT;
+       return 0;
  }
  
  static void l2cap_send_move_chan_req(struct l2cap_chan *chan, u8 dest_amp_id)
@@ -5219,7 +5219,7 @@ static inline int l2cap_bredr_sig_cmd(struct l2cap_conn *conn,
  
         case L2CAP_CONN_RSP:
         case L2CAP_CREATE_CHAN_RSP:
-               err = l2cap_connect_create_rsp(conn, cmd, cmd_len, data);
+               l2cap_connect_create_rsp(conn, cmd, cmd_len, data);
                 break;
  
         case L2CAP_CONF_REQ:
@@ -5227,7 +5227,7 @@ static inline int l2cap_bredr_sig_cmd(struct l2cap_conn *conn,
                 break;
  
         case L2CAP_CONF_RSP:
-               err = l2cap_config_rsp(conn, cmd, cmd_len, data);
+               l2cap_config_rsp(conn, cmd, cmd_len, data);
                 break;
  
         case L2CAP_DISCONN_REQ:
@@ -5235,7 +5235,7 @@ static inline int l2cap_bredr_sig_cmd(struct l2cap_conn *conn,
                 break;
  
         case L2CAP_DISCONN_RSP:
-               err = l2cap_disconnect_rsp(conn, cmd, cmd_len, data);
+               l2cap_disconnect_rsp(conn, cmd, cmd_len, data);
                 break;
  
         case L2CAP_ECHO_REQ:
@@ -5250,7 +5250,7 @@ static inline int l2cap_bredr_sig_cmd(struct l2cap_conn *conn,
                 break;
  
         case L2CAP_INFO_RSP:
-               err = l2cap_information_rsp(conn, cmd, cmd_len, data);
+               l2cap_information_rsp(conn, cmd, cmd_len, data);
                 break;
  
         case L2CAP_CREATE_CHAN_REQ:
@@ -5262,7 +5262,7 @@ static inline int l2cap_bredr_sig_cmd(struct l2cap_conn *conn,
                 break;
  
         case L2CAP_MOVE_CHAN_RSP:
-               err = l2cap_move_channel_rsp(conn, cmd, cmd_len, data);
+               l2cap_move_channel_rsp(conn, cmd, cmd_len, data);
                 break;
  
         case L2CAP_MOVE_CHAN_CFM:
@@ -5270,7 +5270,7 @@ static inline int l2cap_bredr_sig_cmd(struct l2cap_conn *conn,
                 break;
  
         case L2CAP_MOVE_CHAN_CFM_RSP:
-               err = l2cap_move_channel_confirm_rsp(conn, cmd, cmd_len, data);
+               l2cap_move_channel_confirm_rsp(conn, cmd, cmd_len, data);
                 break;
  
         default:
@@ -5301,9 +5301,24 @@ static inline int l2cap_le_sig_cmd(struct l2cap_conn *conn,
         }
  }
  
+static __le16 l2cap_err_to_reason(int err)
+{
+       switch (err) {
+       case -EBADSLT:
+               return __constant_cpu_to_le16(L2CAP_REJ_INVALID_CID);
+       case -EMSGSIZE:
+               return __constant_cpu_to_le16(L2CAP_REJ_MTU_EXCEEDED);
+       case -EINVAL:
+       case -EPROTO:
+       default:
+               return __constant_cpu_to_le16(L2CAP_REJ_NOT_UNDERSTOOD);
+       }
+}
+
  static inline void l2cap_le_sig_channel(struct l2cap_conn *conn,
                                         struct sk_buff *skb)
  {
+       struct hci_conn *hcon = conn->hcon;
         u8 *data = skb->data;
         int len = skb->len;
         struct l2cap_cmd_hdr cmd;
@@ -5311,6 +5326,9 @@ static inline void l2cap_le_sig_channel(struct l2cap_conn *conn,
  
         l2cap_raw_recv(conn, skb);
  
+       if (hcon->type != LE_LINK)
+               return;
+
         while (len >= L2CAP_CMD_HDR_SIZE) {
                 u16 cmd_len;
                 memcpy(&cmd, data, L2CAP_CMD_HDR_SIZE);
@@ -5333,8 +5351,7 @@ static inline void l2cap_le_sig_channel(struct l2cap_conn *conn,
  
                         BT_ERR("Wrong link type (%d)", err);
  
-                       /* FIXME: Map err to a valid reason */
-                       rej.reason = __constant_cpu_to_le16(L2CAP_REJ_NOT_UNDERSTOOD);
+                       rej.reason = l2cap_err_to_reason(err);
                         l2cap_send_cmd(conn, cmd.ident, L2CAP_COMMAND_REJ,
                                        sizeof(rej), &rej);
                 }
@@ -5349,6 +5366,7 @@ static inline void l2cap_le_sig_channel(struct l2cap_conn *conn,
  static inline void l2cap_sig_channel(struct l2cap_conn *conn,
                                      struct sk_buff *skb)
  {
+       struct hci_conn *hcon = conn->hcon;
         u8 *data = skb->data;
         int len = skb->len;
         struct l2cap_cmd_hdr cmd;
@@ -5356,6 +5374,9 @@ static inline void l2cap_sig_channel(struct l2cap_conn *conn,
  
         l2cap_raw_recv(conn, skb);
  
+       if (hcon->type != ACL_LINK)
+               return;
+
         while (len >= L2CAP_CMD_HDR_SIZE) {
                 u16 cmd_len;
                 memcpy(&cmd, data, L2CAP_CMD_HDR_SIZE);
@@ -5378,8 +5399,7 @@ static inline void l2cap_sig_channel(struct l2cap_conn *conn,
  
                         BT_ERR("Wrong link type (%d)", err);
  
-                       /* FIXME: Map err to a valid reason */
-                       rej.reason = __constant_cpu_to_le16(L2CAP_REJ_NOT_UNDERSTOOD);
+                       rej.reason = l2cap_err_to_reason(err);
                         l2cap_send_cmd(conn, cmd.ident, L2CAP_COMMAND_REJ,
                                        sizeof(rej), &rej);
                 }
@@ -5784,7 +5804,7 @@ static int l2cap_rx_state_recv(struct l2cap_chan *chan,
                                struct sk_buff *skb, u8 event)
  {
         int err = 0;
-       bool skb_in_use = 0;
+       bool skb_in_use = false;
  
         BT_DBG("chan %p, control %p, skb %p, event %d", chan, control, skb,
                event);
@@ -5805,7 +5825,7 @@ static int l2cap_rx_state_recv(struct l2cap_chan *chan,
                                                            control->txseq);
  
                         chan->buffer_seq = chan->expected_tx_seq;
-                       skb_in_use = 1;
+                       skb_in_use = true;
  
                         err = l2cap_reassemble_sdu(chan, skb, control);
                         if (err)
@@ -5841,7 +5861,7 @@ static int l2cap_rx_state_recv(struct l2cap_chan *chan,
                          * current frame is stored for later use.
                          */
                         skb_queue_tail(&chan->srej_q, skb);
-                       skb_in_use = 1;
+                       skb_in_use = true;
                         BT_DBG("Queued %p (queue len %d)", skb,
                                skb_queue_len(&chan->srej_q));
  
@@ -5919,7 +5939,7 @@ static int l2cap_rx_state_srej_sent(struct l2cap_chan *chan,
  {
         int err = 0;
         u16 txseq = control->txseq;
-       bool skb_in_use = 0;
+       bool skb_in_use = false;
  
         BT_DBG("chan %p, control %p, skb %p, event %d", chan, control, skb,
                event);
@@ -5931,7 +5951,7 @@ static int l2cap_rx_state_srej_sent(struct l2cap_chan *chan,
                         /* Keep frame for reassembly later */
                         l2cap_pass_to_tx(chan, control);
                         skb_queue_tail(&chan->srej_q, skb);
-                       skb_in_use = 1;
+                       skb_in_use = true;
                         BT_DBG("Queued %p (queue len %d)", skb,
                                skb_queue_len(&chan->srej_q));
  
@@ -5942,7 +5962,7 @@ static int l2cap_rx_state_srej_sent(struct l2cap_chan *chan,
  
                         l2cap_pass_to_tx(chan, control);
                         skb_queue_tail(&chan->srej_q, skb);
-                       skb_in_use = 1;
+                       skb_in_use = true;
                         BT_DBG("Queued %p (queue len %d)", skb,
                                skb_queue_len(&chan->srej_q));
  
@@ -5957,7 +5977,7 @@ static int l2cap_rx_state_srej_sent(struct l2cap_chan *chan,
                          * the missing frames.
                          */
                         skb_queue_tail(&chan->srej_q, skb);
-                       skb_in_use = 1;
+                       skb_in_use = true;
                         BT_DBG("Queued %p (queue len %d)", skb,
                                skb_queue_len(&chan->srej_q));
  
@@ -5971,7 +5991,7 @@ static int l2cap_rx_state_srej_sent(struct l2cap_chan *chan,
                          * SREJ'd frames.
                          */
                         skb_queue_tail(&chan->srej_q, skb);
-                       skb_in_use = 1;
+                       skb_in_use = true;
                         BT_DBG("Queued %p (queue len %d)", skb,
                                skb_queue_len(&chan->srej_q));
  
diff --git a/net/bluetooth/l2cap_sock.c b/net/bluetooth/l2cap_sock.c

index 0098af8..c85537c 100644 (file)
--- a/net/bluetooth/l2cap_sock.c
+++ b/net/bluetooth/l2cap_sock.c
@@ -777,6 +777,12 @@ static int l2cap_sock_sendmsg(struct kiocb *iocb, struct socket *sock,
         if (sk->sk_state != BT_CONNECTED)
                 return -ENOTCONN;
  
+       lock_sock(sk);
+       err = bt_sock_wait_ready(sk, msg->msg_flags);
+       release_sock(sk);
+       if (err)
+               return err;
+
         l2cap_chan_lock(chan);
         err = l2cap_chan_send(chan, msg, len, sk->sk_priority);
         l2cap_chan_unlock(chan);
@@ -799,8 +805,8 @@ static int l2cap_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
                 pi->chan->state = BT_CONFIG;
  
                 __l2cap_connect_rsp_defer(pi->chan);
-               release_sock(sk);
-               return 0;
+               err = 0;
+               goto done;
         }
  
         release_sock(sk);
diff --git a/net/bluetooth/mgmt.c b/net/bluetooth/mgmt.c

index fedc539..1b5b10f 100644 (file)
--- a/net/bluetooth/mgmt.c
+++ b/net/bluetooth/mgmt.c
@@ -76,6 +76,7 @@ static const u16 mgmt_commands[] = {
         MGMT_OP_BLOCK_DEVICE,
         MGMT_OP_UNBLOCK_DEVICE,
         MGMT_OP_SET_DEVICE_ID,
+       MGMT_OP_SET_ADVERTISING,
  };
  
  static const u16 mgmt_events[] = {
@@ -339,6 +340,9 @@ static int read_index_list(struct sock *sk, struct hci_dev *hdev, void *data,
                 if (test_bit(HCI_SETUP, &d->dev_flags))
                         continue;
  
+               if (test_bit(HCI_USER_CHANNEL, &d->dev_flags))
+                       continue;
+
                 if (!mgmt_valid_hdev(d))
                         continue;
  
@@ -381,8 +385,10 @@ static u32 get_supported_settings(struct hci_dev *hdev)
         if (enable_hs)
                 settings |= MGMT_SETTING_HS;
  
-       if (lmp_le_capable(hdev))
+       if (lmp_le_capable(hdev)) {
                 settings |= MGMT_SETTING_LE;
+               settings |= MGMT_SETTING_ADVERTISING;
+       }
  
         return settings;
  }
@@ -421,6 +427,9 @@ static u32 get_current_settings(struct hci_dev *hdev)
         if (test_bit(HCI_HS_ENABLED, &hdev->dev_flags))
                 settings |= MGMT_SETTING_HS;
  
+       if (test_bit(HCI_LE_PERIPHERAL, &hdev->dev_flags))
+               settings |= MGMT_SETTING_ADVERTISING;
+
         return settings;
  }
  
@@ -804,6 +813,12 @@ static int set_powered(struct sock *sk, struct hci_dev *hdev, void *data,
  
         hci_dev_lock(hdev);
  
+       if (mgmt_pending_find(MGMT_OP_SET_POWERED, hdev)) {
+               err = cmd_status(sk, hdev->id, MGMT_OP_SET_POWERED,
+                                MGMT_STATUS_BUSY);
+               goto failed;
+       }
+
         if (test_and_clear_bit(HCI_AUTO_OFF, &hdev->dev_flags)) {
                 cancel_delayed_work(&hdev->power_off);
  
@@ -820,12 +835,6 @@ static int set_powered(struct sock *sk, struct hci_dev *hdev, void *data,
                 goto failed;
         }
  
-       if (mgmt_pending_find(MGMT_OP_SET_POWERED, hdev)) {
-               err = cmd_status(sk, hdev->id, MGMT_OP_SET_POWERED,
-                                MGMT_STATUS_BUSY);
-               goto failed;
-       }
-
         cmd = mgmt_pending_add(sk, MGMT_OP_SET_POWERED, hdev, data, len);
         if (!cmd) {
                 err = -ENOMEM;
@@ -883,6 +892,36 @@ static int new_settings(struct hci_dev *hdev, struct sock *skip)
         return mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev), skip);
  }
  
+struct cmd_lookup {
+       struct sock *sk;
+       struct hci_dev *hdev;
+       u8 mgmt_status;
+};
+
+static void settings_rsp(struct pending_cmd *cmd, void *data)
+{
+       struct cmd_lookup *match = data;
+
+       send_settings_rsp(cmd->sk, cmd->opcode, match->hdev);
+
+       list_del(&cmd->list);
+
+       if (match->sk == NULL) {
+               match->sk = cmd->sk;
+               sock_hold(match->sk);
+       }
+
+       mgmt_pending_free(cmd);
+}
+
+static void cmd_status_rsp(struct pending_cmd *cmd, void *data)
+{
+       u8 *status = data;
+
+       cmd_status(cmd->sk, cmd->index, cmd->opcode, *status);
+       mgmt_pending_remove(cmd);
+}
+
  static int set_discoverable(struct sock *sk, struct hci_dev *hdev, void *data,
                             u16 len)
  {
@@ -1321,11 +1360,32 @@ static int set_hs(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
         return send_settings_rsp(sk, MGMT_OP_SET_HS, hdev);
  }
  
+static void le_enable_complete(struct hci_dev *hdev, u8 status)
+{
+       struct cmd_lookup match = { NULL, hdev };
+
+       if (status) {
+               u8 mgmt_err = mgmt_status(status);
+
+               mgmt_pending_foreach(MGMT_OP_SET_LE, hdev, cmd_status_rsp,
+                                    &mgmt_err);
+               return;
+       }
+
+       mgmt_pending_foreach(MGMT_OP_SET_LE, hdev, settings_rsp, &match);
+
+       new_settings(hdev, match.sk);
+
+       if (match.sk)
+               sock_put(match.sk);
+}
+
  static int set_le(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
  {
         struct mgmt_mode *cp = data;
         struct hci_cp_write_le_host_supported hci_cp;
         struct pending_cmd *cmd;
+       struct hci_request req;
         int err;
         u8 val, enabled;
  
@@ -1357,6 +1417,11 @@ static int set_le(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
                         changed = true;
                 }
  
+               if (!val && test_bit(HCI_LE_PERIPHERAL, &hdev->dev_flags)) {
+                       clear_bit(HCI_LE_PERIPHERAL, &hdev->dev_flags);
+                       changed = true;
+               }
+
                 err = send_settings_rsp(sk, MGMT_OP_SET_LE, hdev);
                 if (err < 0)
                         goto unlock;
@@ -1367,7 +1432,8 @@ static int set_le(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
                 goto unlock;
         }
  
-       if (mgmt_pending_find(MGMT_OP_SET_LE, hdev)) {
+       if (mgmt_pending_find(MGMT_OP_SET_LE, hdev) ||
+           mgmt_pending_find(MGMT_OP_SET_ADVERTISING, hdev)) {
                 err = cmd_status(sk, hdev->id, MGMT_OP_SET_LE,
                                  MGMT_STATUS_BUSY);
                 goto unlock;
@@ -1386,8 +1452,15 @@ static int set_le(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
                 hci_cp.simul = lmp_le_br_capable(hdev);
         }
  
-       err = hci_send_cmd(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, sizeof(hci_cp),
-                          &hci_cp);
+       hci_req_init(&req, hdev);
+
+       if (test_bit(HCI_LE_PERIPHERAL, &hdev->dev_flags) && !val)
+               hci_req_add(&req, HCI_OP_LE_SET_ADV_ENABLE, sizeof(val), &val);
+
+       hci_req_add(&req, HCI_OP_WRITE_LE_HOST_SUPPORTED, sizeof(hci_cp),
+                   &hci_cp);
+
+       err = hci_req_run(&req, le_enable_complete);
         if (err < 0)
                 mgmt_pending_remove(cmd);
  
@@ -3065,6 +3138,98 @@ static int set_device_id(struct sock *sk, struct hci_dev *hdev, void *data,
         return err;
  }
  
+static void set_advertising_complete(struct hci_dev *hdev, u8 status)
+{
+       struct cmd_lookup match = { NULL, hdev };
+
+       if (status) {
+               u8 mgmt_err = mgmt_status(status);
+
+               mgmt_pending_foreach(MGMT_OP_SET_ADVERTISING, hdev,
+                                    cmd_status_rsp, &mgmt_err);
+               return;
+       }
+
+       mgmt_pending_foreach(MGMT_OP_SET_ADVERTISING, hdev, settings_rsp,
+                            &match);
+
+       new_settings(hdev, match.sk);
+
+       if (match.sk)
+               sock_put(match.sk);
+}
+
+static int set_advertising(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
+{
+       struct mgmt_mode *cp = data;
+       struct pending_cmd *cmd;
+       struct hci_request req;
+       u8 val, enabled;
+       int err;
+
+       BT_DBG("request for %s", hdev->name);
+
+       if (!lmp_le_capable(hdev))
+               return cmd_status(sk, hdev->id, MGMT_OP_SET_ADVERTISING,
+                                 MGMT_STATUS_NOT_SUPPORTED);
+
+       if (!test_bit(HCI_LE_ENABLED, &hdev->dev_flags))
+               return cmd_status(sk, hdev->id, MGMT_OP_SET_ADVERTISING,
+                                 MGMT_STATUS_REJECTED);
+
+       if (cp->val != 0x00 && cp->val != 0x01)
+               return cmd_status(sk, hdev->id, MGMT_OP_SET_ADVERTISING,
+                                 MGMT_STATUS_INVALID_PARAMS);
+
+       hci_dev_lock(hdev);
+
+       val = !!cp->val;
+       enabled = test_bit(HCI_LE_PERIPHERAL, &hdev->dev_flags);
+
+       if (!hdev_is_powered(hdev) || val == enabled) {
+               bool changed = false;
+
+               if (val != test_bit(HCI_LE_PERIPHERAL, &hdev->dev_flags)) {
+                       change_bit(HCI_LE_PERIPHERAL, &hdev->dev_flags);
+                       changed = true;
+               }
+
+               err = send_settings_rsp(sk, MGMT_OP_SET_ADVERTISING, hdev);
+               if (err < 0)
+                       goto unlock;
+
+               if (changed)
+                       err = new_settings(hdev, sk);
+
+               goto unlock;
+       }
+
+       if (mgmt_pending_find(MGMT_OP_SET_ADVERTISING, hdev) ||
+           mgmt_pending_find(MGMT_OP_SET_LE, hdev)) {
+               err = cmd_status(sk, hdev->id, MGMT_OP_SET_ADVERTISING,
+                                MGMT_STATUS_BUSY);
+               goto unlock;
+       }
+
+       cmd = mgmt_pending_add(sk, MGMT_OP_SET_ADVERTISING, hdev, data, len);
+       if (!cmd) {
+               err = -ENOMEM;
+               goto unlock;
+       }
+
+       hci_req_init(&req, hdev);
+
+       hci_req_add(&req, HCI_OP_LE_SET_ADV_ENABLE, sizeof(val), &val);
+
+       err = hci_req_run(&req, set_advertising_complete);
+       if (err < 0)
+               mgmt_pending_remove(cmd);
+
+unlock:
+       hci_dev_unlock(hdev);
+       return err;
+}
+
  static void fast_connectable_complete(struct hci_dev *hdev, u8 status)
  {
         struct pending_cmd *cmd;
@@ -3276,6 +3441,7 @@ static const struct mgmt_handler {
         { block_device,           false, MGMT_BLOCK_DEVICE_SIZE },
         { unblock_device,         false, MGMT_UNBLOCK_DEVICE_SIZE },
         { set_device_id,          false, MGMT_SET_DEVICE_ID_SIZE },
+       { set_advertising,        false, MGMT_SETTING_SIZE },
  };
  
  
@@ -3320,6 +3486,12 @@ int mgmt_control(struct sock *sk, struct msghdr *msg, size_t msglen)
                                          MGMT_STATUS_INVALID_INDEX);
                         goto done;
                 }
+
+               if (test_bit(HCI_USER_CHANNEL, &hdev->dev_flags)) {
+                       err = cmd_status(sk, index, opcode,
+                                        MGMT_STATUS_INVALID_INDEX);
+                       goto done;
+               }
         }
  
         if (opcode >= ARRAY_SIZE(mgmt_handlers) ||
@@ -3365,14 +3537,6 @@ done:
         return err;
  }
  
-static void cmd_status_rsp(struct pending_cmd *cmd, void *data)
-{
-       u8 *status = data;
-
-       cmd_status(cmd->sk, cmd->index, cmd->opcode, *status);
-       mgmt_pending_remove(cmd);
-}
-
  int mgmt_index_added(struct hci_dev *hdev)
  {
         if (!mgmt_valid_hdev(hdev))
@@ -3393,28 +3557,6 @@ int mgmt_index_removed(struct hci_dev *hdev)
         return mgmt_event(MGMT_EV_INDEX_REMOVED, hdev, NULL, 0, NULL);
  }
  
-struct cmd_lookup {
-       struct sock *sk;
-       struct hci_dev *hdev;
-       u8 mgmt_status;
-};
-
-static void settings_rsp(struct pending_cmd *cmd, void *data)
-{
-       struct cmd_lookup *match = data;
-
-       send_settings_rsp(cmd->sk, cmd->opcode, match->hdev);
-
-       list_del(&cmd->list);
-
-       if (match->sk == NULL) {
-               match->sk = cmd->sk;
-               sock_hold(match->sk);
-       }
-
-       mgmt_pending_free(cmd);
-}
-
  static void set_bredr_scan(struct hci_request *req)
  {
         struct hci_dev *hdev = req->hdev;
@@ -3483,6 +3625,12 @@ static int powered_update_hci(struct hci_dev *hdev)
                                     sizeof(cp), &cp);
         }
  
+       if (test_bit(HCI_LE_PERIPHERAL, &hdev->dev_flags)) {
+               u8 adv = 0x01;
+
+               hci_req_add(&req, HCI_OP_LE_SET_ADV_ENABLE, sizeof(adv), &adv);
+       }
+
         link_sec = test_bit(HCI_LINK_SECURITY, &hdev->dev_flags);
         if (link_sec != test_bit(HCI_AUTH, &hdev->flags))
                 hci_req_add(&req, HCI_OP_WRITE_AUTH_ENABLE,
@@ -4132,44 +4280,6 @@ int mgmt_read_local_oob_data_reply_complete(struct hci_dev *hdev, u8 *hash,
         return err;
  }
  
-int mgmt_le_enable_complete(struct hci_dev *hdev, u8 enable, u8 status)
-{
-       struct cmd_lookup match = { NULL, hdev };
-       bool changed = false;
-       int err = 0;
-
-       if (status) {
-               u8 mgmt_err = mgmt_status(status);
-
-               if (enable && test_and_clear_bit(HCI_LE_ENABLED,
-                                                &hdev->dev_flags))
-                       err = new_settings(hdev, NULL);
-
-               mgmt_pending_foreach(MGMT_OP_SET_LE, hdev, cmd_status_rsp,
-                                    &mgmt_err);
-
-               return err;
-       }
-
-       if (enable) {
-               if (!test_and_set_bit(HCI_LE_ENABLED, &hdev->dev_flags))
-                       changed = true;
-       } else {
-               if (test_and_clear_bit(HCI_LE_ENABLED, &hdev->dev_flags))
-                       changed = true;
-       }
-
-       mgmt_pending_foreach(MGMT_OP_SET_LE, hdev, settings_rsp, &match);
-
-       if (changed)
-               err = new_settings(hdev, match.sk);
-
-       if (match.sk)
-               sock_put(match.sk);
-
-       return err;
-}
-
  int mgmt_device_found(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
                       u8 addr_type, u8 *dev_class, s8 rssi, u8 cfm_name, u8
                       ssp, u8 *eir, u16 eir_len)
diff --git a/net/bluetooth/rfcomm/sock.c b/net/bluetooth/rfcomm/sock.c

index 30b3721..072938d 100644 (file)
--- a/net/bluetooth/rfcomm/sock.c
+++ b/net/bluetooth/rfcomm/sock.c
@@ -544,7 +544,7 @@ static int rfcomm_sock_sendmsg(struct kiocb *iocb, struct socket *sock,
         struct sock *sk = sock->sk;
         struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc;
         struct sk_buff *skb;
-       int sent = 0;
+       int sent;
  
         if (test_bit(RFCOMM_DEFER_SETUP, &d->flags))
                 return -ENOTCONN;
@@ -559,6 +559,10 @@ static int rfcomm_sock_sendmsg(struct kiocb *iocb, struct socket *sock,
  
         lock_sock(sk);
  
+       sent = bt_sock_wait_ready(sk, msg->msg_flags);
+       if (sent)
+               goto done;
+
         while (len) {
                 size_t size = min_t(size_t, len, d->mtu);
                 int err;
@@ -594,6 +598,7 @@ static int rfcomm_sock_sendmsg(struct kiocb *iocb, struct socket *sock,
                 len  -= size;
         }
  
+done:
         release_sock(sk);
  
         return sent;
author	Gustavo Padovan <gustavo.padovan@collabora.co.uk>
	Fri, 27 Sep 2013 14:56:14 +0000 (11:56 -0300)
committer	Gustavo Padovan <gustavo.padovan@collabora.co.uk>
	Fri, 27 Sep 2013 14:56:14 +0000 (11:56 -0300)
drivers/bluetooth/hci_vhci.c		patch \| blob \| history
include/net/bluetooth/bluetooth.h		patch \| blob \| history
include/net/bluetooth/hci.h		patch \| blob \| history
include/net/bluetooth/hci_core.h		patch \| blob \| history
include/net/bluetooth/mgmt.h		patch \| blob \| history
net/bluetooth/af_bluetooth.c		patch \| blob \| history
net/bluetooth/hci_conn.c		patch \| blob \| history
net/bluetooth/hci_core.c		patch \| blob \| history
net/bluetooth/hci_event.c		patch \| blob \| history
net/bluetooth/hci_sock.c		patch \| blob \| history
net/bluetooth/l2cap_core.c		patch \| blob \| history
net/bluetooth/l2cap_sock.c		patch \| blob \| history
net/bluetooth/mgmt.c		patch \| blob \| history
net/bluetooth/rfcomm/sock.c		patch \| blob \| history