Kernel

Kernel Git Source Tree

Root/net/bluetooth/l2cap_sock.c

1	/*
2	BlueZ - Bluetooth protocol stack for Linux
3	Copyright (C) 2000-2001 Qualcomm Incorporated
4	Copyright (C) 2009-2010 Gustavo F. Padovan <gustavo@padovan.org>
5	Copyright (C) 2010 Google Inc.
6	Copyright (C) 2011 ProFUSION Embedded Systems
7
8	Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
9
10	This program is free software; you can redistribute it and/or modify
11	it under the terms of the GNU General Public License version 2 as
12	published by the Free Software Foundation;
13
14	THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
15	OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16	FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
17	IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
18	CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
19	WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
20	ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
21	OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
22
23	ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
24	COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
25	SOFTWARE IS DISCLAIMED.
26	*/
27
28	/* Bluetooth L2CAP sockets. */
29
30	#include <linux/export.h>
31
32	#include <net/bluetooth/bluetooth.h>
33	#include <net/bluetooth/hci_core.h>
34	#include <net/bluetooth/l2cap.h>
35
36	#include "smp.h"
37
38	static struct bt_sock_list l2cap_sk_list = {
39	.lock = __RW_LOCK_UNLOCKED(l2cap_sk_list.lock)
40	};
41
42	static const struct proto_ops l2cap_sock_ops;
43	static void l2cap_sock_init(struct sock sk, struct sock parent);
44	static struct sock l2cap_sock_alloc(struct net net, struct socket *sock,
45	int proto, gfp_t prio);
46
47	bool l2cap_is_socket(struct socket *sock)
48	{
49	return sock && sock->ops == &l2cap_sock_ops;
50	}
51	EXPORT_SYMBOL(l2cap_is_socket);
52
53	static int l2cap_sock_bind(struct socket sock, struct sockaddr addr, int alen)
54	{
55	struct sock *sk = sock->sk;
56	struct l2cap_chan *chan = l2cap_pi(sk)->chan;
57	struct sockaddr_l2 la;
58	int len, err = 0;
59
60	BT_DBG("sk %p", sk);
61
62	if (!addr \|\| addr->sa_family != AF_BLUETOOTH)
63	return -EINVAL;
64
65	memset(&la, 0, sizeof(la));
66	len = min_t(unsigned int, sizeof(la), alen);
67	memcpy(&la, addr, len);
68
69	if (la.l2_cid && la.l2_psm)
70	return -EINVAL;
71
72	if (!bdaddr_type_is_valid(la.l2_bdaddr_type))
73	return -EINVAL;
74
75	if (bdaddr_type_is_le(la.l2_bdaddr_type)) {
76	/* Connection oriented channels are not supported on LE */
77	if (la.l2_psm)
78	return -EINVAL;
79	/* We only allow ATT user space socket */
80	if (la.l2_cid != __constant_cpu_to_le16(L2CAP_CID_ATT))
81	return -EINVAL;
82	}
83
84	lock_sock(sk);
85
86	if (sk->sk_state != BT_OPEN) {
87	err = -EBADFD;
88	goto done;
89	}
90
91	if (la.l2_psm) {
92	__u16 psm = __le16_to_cpu(la.l2_psm);
93
94	/* PSM must be odd and lsb of upper byte must be 0 */
95	if ((psm & 0x0101) != 0x0001) {
96	err = -EINVAL;
97	goto done;
98	}
99
100	/* Restrict usage of well-known PSMs */
101	if (psm < 0x1001 && !capable(CAP_NET_BIND_SERVICE)) {
102	err = -EACCES;
103	goto done;
104	}
105	}
106
107	if (la.l2_cid)
108	err = l2cap_add_scid(chan, __le16_to_cpu(la.l2_cid));
109	else
110	err = l2cap_add_psm(chan, &la.l2_bdaddr, la.l2_psm);
111
112	if (err < 0)
113	goto done;
114
115	switch (chan->chan_type) {
116	case L2CAP_CHAN_CONN_LESS:
117	if (__le16_to_cpu(la.l2_psm) == L2CAP_PSM_3DSP)
118	chan->sec_level = BT_SECURITY_SDP;
119	break;
120	case L2CAP_CHAN_CONN_ORIENTED:
121	if (__le16_to_cpu(la.l2_psm) == L2CAP_PSM_SDP \|\|
122	__le16_to_cpu(la.l2_psm) == L2CAP_PSM_RFCOMM)
123	chan->sec_level = BT_SECURITY_SDP;
124	break;
125	}
126
127	bacpy(&chan->src, &la.l2_bdaddr);
128	chan->src_type = la.l2_bdaddr_type;
129
130	chan->state = BT_BOUND;
131	sk->sk_state = BT_BOUND;
132
133	done:
134	release_sock(sk);
135	return err;
136	}
137
138	static int l2cap_sock_connect(struct socket sock, struct sockaddr addr,
139	int alen, int flags)
140	{
141	struct sock *sk = sock->sk;
142	struct l2cap_chan *chan = l2cap_pi(sk)->chan;
143	struct sockaddr_l2 la;
144	int len, err = 0;
145
146	BT_DBG("sk %p", sk);
147
148	if (!addr \|\| alen < sizeof(addr->sa_family) \|\|
149	addr->sa_family != AF_BLUETOOTH)
150	return -EINVAL;
151
152	memset(&la, 0, sizeof(la));
153	len = min_t(unsigned int, sizeof(la), alen);
154	memcpy(&la, addr, len);
155
156	if (la.l2_cid && la.l2_psm)
157	return -EINVAL;
158
159	if (!bdaddr_type_is_valid(la.l2_bdaddr_type))
160	return -EINVAL;
161
162	/* Check that the socket wasn't bound to something that
163	* conflicts with the address given to connect(). If chan->src
164	* is BDADDR_ANY it means bind() was never used, in which case
165	* chan->src_type and la.l2_bdaddr_type do not need to match.
166	*/
167	if (chan->src_type == BDADDR_BREDR && bacmp(&chan->src, BDADDR_ANY) &&
168	bdaddr_type_is_le(la.l2_bdaddr_type)) {
169	/* Old user space versions will try to incorrectly bind
170	* the ATT socket using BDADDR_BREDR. We need to accept
171	* this and fix up the source address type only when
172	* both the source CID and destination CID indicate
173	* ATT. Anything else is an invalid combination.
174	*/
175	if (chan->scid != L2CAP_CID_ATT \|\|
176	la.l2_cid != __constant_cpu_to_le16(L2CAP_CID_ATT))
177	return -EINVAL;
178
179	/* We don't have the hdev available here to make a
180	* better decision on random vs public, but since all
181	* user space versions that exhibit this issue anyway do
182	* not support random local addresses assuming public
183	* here is good enough.
184	*/
185	chan->src_type = BDADDR_LE_PUBLIC;
186	}
187
188	if (chan->src_type != BDADDR_BREDR && la.l2_bdaddr_type == BDADDR_BREDR)
189	return -EINVAL;
190
191	if (bdaddr_type_is_le(la.l2_bdaddr_type)) {
192	/* Connection oriented channels are not supported on LE */
193	if (la.l2_psm)
194	return -EINVAL;
195	/* We only allow ATT user space socket */
196	if (la.l2_cid != __constant_cpu_to_le16(L2CAP_CID_ATT))
197	return -EINVAL;
198	}
199
200	err = l2cap_chan_connect(chan, la.l2_psm, __le16_to_cpu(la.l2_cid),
201	&la.l2_bdaddr, la.l2_bdaddr_type);
202	if (err)
203	return err;
204
205	lock_sock(sk);
206
207	err = bt_sock_wait_state(sk, BT_CONNECTED,
208	sock_sndtimeo(sk, flags & O_NONBLOCK));
209
210	release_sock(sk);
211
212	return err;
213	}
214
215	static int l2cap_sock_listen(struct socket *sock, int backlog)
216	{
217	struct sock *sk = sock->sk;
218	struct l2cap_chan *chan = l2cap_pi(sk)->chan;
219	int err = 0;
220
221	BT_DBG("sk %p backlog %d", sk, backlog);
222
223	lock_sock(sk);
224
225	if (sk->sk_state != BT_BOUND) {
226	err = -EBADFD;
227	goto done;
228	}
229
230	if (sk->sk_type != SOCK_SEQPACKET && sk->sk_type != SOCK_STREAM) {
231	err = -EINVAL;
232	goto done;
233	}
234
235	switch (chan->mode) {
236	case L2CAP_MODE_BASIC:
237	break;
238	case L2CAP_MODE_ERTM:
239	case L2CAP_MODE_STREAMING:
240	if (!disable_ertm)
241	break;
242	/* fall through */
243	default:
244	err = -ENOTSUPP;
245	goto done;
246	}
247
248	sk->sk_max_ack_backlog = backlog;
249	sk->sk_ack_backlog = 0;
250
251	chan->state = BT_LISTEN;
252	sk->sk_state = BT_LISTEN;
253
254	done:
255	release_sock(sk);
256	return err;
257	}
258
259	static int l2cap_sock_accept(struct socket sock, struct socket newsock,
260	int flags)
261	{
262	DECLARE_WAITQUEUE(wait, current);
263	struct sock sk = sock->sk, nsk;
264	long timeo;
265	int err = 0;
266
267	lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
268
269	timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK);
270
271	BT_DBG("sk %p timeo %ld", sk, timeo);
272
273	/* Wait for an incoming connection. (wake-one). */
274	add_wait_queue_exclusive(sk_sleep(sk), &wait);
275	while (1) {
276	set_current_state(TASK_INTERRUPTIBLE);
277
278	if (sk->sk_state != BT_LISTEN) {
279	err = -EBADFD;
280	break;
281	}
282
283	nsk = bt_accept_dequeue(sk, newsock);
284	if (nsk)
285	break;
286
287	if (!timeo) {
288	err = -EAGAIN;
289	break;
290	}
291
292	if (signal_pending(current)) {
293	err = sock_intr_errno(timeo);
294	break;
295	}
296
297	release_sock(sk);
298	timeo = schedule_timeout(timeo);
299	lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
300	}
301	__set_current_state(TASK_RUNNING);
302	remove_wait_queue(sk_sleep(sk), &wait);
303
304	if (err)
305	goto done;
306
307	newsock->state = SS_CONNECTED;
308
309	BT_DBG("new socket %p", nsk);
310
311	done:
312	release_sock(sk);
313	return err;
314	}
315
316	static int l2cap_sock_getname(struct socket sock, struct sockaddr addr,
317	int *len, int peer)
318	{
319	struct sockaddr_l2 la = (struct sockaddr_l2 ) addr;
320	struct sock *sk = sock->sk;
321	struct l2cap_chan *chan = l2cap_pi(sk)->chan;
322
323	BT_DBG("sock %p, sk %p", sock, sk);
324
325	memset(la, 0, sizeof(struct sockaddr_l2));
326	addr->sa_family = AF_BLUETOOTH;
327	*len = sizeof(struct sockaddr_l2);
328
329	if (peer) {
330	la->l2_psm = chan->psm;
331	bacpy(&la->l2_bdaddr, &chan->dst);
332	la->l2_cid = cpu_to_le16(chan->dcid);
333	la->l2_bdaddr_type = chan->dst_type;
334	} else {
335	la->l2_psm = chan->sport;
336	bacpy(&la->l2_bdaddr, &chan->src);
337	la->l2_cid = cpu_to_le16(chan->scid);
338	la->l2_bdaddr_type = chan->src_type;
339	}
340
341	return 0;
342	}
343
344	static int l2cap_sock_getsockopt_old(struct socket *sock, int optname,
345	char __user optval, int __user optlen)
346	{
347	struct sock *sk = sock->sk;
348	struct l2cap_chan *chan = l2cap_pi(sk)->chan;
349	struct l2cap_options opts;
350	struct l2cap_conninfo cinfo;
351	int len, err = 0;
352	u32 opt;
353
354	BT_DBG("sk %p", sk);
355
356	if (get_user(len, optlen))
357	return -EFAULT;
358
359	lock_sock(sk);
360
361	switch (optname) {
362	case L2CAP_OPTIONS:
363	memset(&opts, 0, sizeof(opts));
364	opts.imtu = chan->imtu;
365	opts.omtu = chan->omtu;
366	opts.flush_to = chan->flush_to;
367	opts.mode = chan->mode;
368	opts.fcs = chan->fcs;
369	opts.max_tx = chan->max_tx;
370	opts.txwin_size = chan->tx_win;
371
372	len = min_t(unsigned int, len, sizeof(opts));
373	if (copy_to_user(optval, (char *) &opts, len))
374	err = -EFAULT;
375
376	break;
377
378	case L2CAP_LM:
379	switch (chan->sec_level) {
380	case BT_SECURITY_LOW:
381	opt = L2CAP_LM_AUTH;
382	break;
383	case BT_SECURITY_MEDIUM:
384	opt = L2CAP_LM_AUTH \| L2CAP_LM_ENCRYPT;
385	break;
386	case BT_SECURITY_HIGH:
387	opt = L2CAP_LM_AUTH \| L2CAP_LM_ENCRYPT \|
388	L2CAP_LM_SECURE;
389	break;
390	default:
391	opt = 0;
392	break;
393	}
394
395	if (test_bit(FLAG_ROLE_SWITCH, &chan->flags))
396	opt \|= L2CAP_LM_MASTER;
397
398	if (test_bit(FLAG_FORCE_RELIABLE, &chan->flags))
399	opt \|= L2CAP_LM_RELIABLE;
400
401	if (put_user(opt, (u32 __user *) optval))
402	err = -EFAULT;
403	break;
404
405	case L2CAP_CONNINFO:
406	if (sk->sk_state != BT_CONNECTED &&
407	!(sk->sk_state == BT_CONNECT2 &&
408	test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags))) {
409	err = -ENOTCONN;
410	break;
411	}
412
413	memset(&cinfo, 0, sizeof(cinfo));
414	cinfo.hci_handle = chan->conn->hcon->handle;
415	memcpy(cinfo.dev_class, chan->conn->hcon->dev_class, 3);
416
417	len = min_t(unsigned int, len, sizeof(cinfo));
418	if (copy_to_user(optval, (char *) &cinfo, len))
419	err = -EFAULT;
420
421	break;
422
423	default:
424	err = -ENOPROTOOPT;
425	break;
426	}
427
428	release_sock(sk);
429	return err;
430	}
431
432	static int l2cap_sock_getsockopt(struct socket *sock, int level, int optname,
433	char __user optval, int __user optlen)
434	{
435	struct sock *sk = sock->sk;
436	struct l2cap_chan *chan = l2cap_pi(sk)->chan;
437	struct bt_security sec;
438	struct bt_power pwr;
439	int len, err = 0;
440
441	BT_DBG("sk %p", sk);
442
443	if (level == SOL_L2CAP)
444	return l2cap_sock_getsockopt_old(sock, optname, optval, optlen);
445
446	if (level != SOL_BLUETOOTH)
447	return -ENOPROTOOPT;
448
449	if (get_user(len, optlen))
450	return -EFAULT;
451
452	lock_sock(sk);
453
454	switch (optname) {
455	case BT_SECURITY:
456	if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
457	chan->chan_type != L2CAP_CHAN_RAW) {
458	err = -EINVAL;
459	break;
460	}
461
462	memset(&sec, 0, sizeof(sec));
463	if (chan->conn) {
464	sec.level = chan->conn->hcon->sec_level;
465
466	if (sk->sk_state == BT_CONNECTED)
467	sec.key_size = chan->conn->hcon->enc_key_size;
468	} else {
469	sec.level = chan->sec_level;
470	}
471
472	len = min_t(unsigned int, len, sizeof(sec));
473	if (copy_to_user(optval, (char *) &sec, len))
474	err = -EFAULT;
475
476	break;
477
478	case BT_DEFER_SETUP:
479	if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
480	err = -EINVAL;
481	break;
482	}
483
484	if (put_user(test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags),
485	(u32 __user *) optval))
486	err = -EFAULT;
487
488	break;
489
490	case BT_FLUSHABLE:
491	if (put_user(test_bit(FLAG_FLUSHABLE, &chan->flags),
492	(u32 __user *) optval))
493	err = -EFAULT;
494
495	break;
496
497	case BT_POWER:
498	if (sk->sk_type != SOCK_SEQPACKET && sk->sk_type != SOCK_STREAM
499	&& sk->sk_type != SOCK_RAW) {
500	err = -EINVAL;
501	break;
502	}
503
504	pwr.force_active = test_bit(FLAG_FORCE_ACTIVE, &chan->flags);
505
506	len = min_t(unsigned int, len, sizeof(pwr));
507	if (copy_to_user(optval, (char *) &pwr, len))
508	err = -EFAULT;
509
510	break;
511
512	case BT_CHANNEL_POLICY:
513	if (put_user(chan->chan_policy, (u32 __user *) optval))
514	err = -EFAULT;
515	break;
516
517	default:
518	err = -ENOPROTOOPT;
519	break;
520	}
521
522	release_sock(sk);
523	return err;
524	}
525
526	static bool l2cap_valid_mtu(struct l2cap_chan *chan, u16 mtu)
527	{
528	switch (chan->scid) {
529	case L2CAP_CID_ATT:
530	if (mtu < L2CAP_LE_MIN_MTU)
531	return false;
532	break;
533
534	default:
535	if (mtu < L2CAP_DEFAULT_MIN_MTU)
536	return false;
537	}
538
539	return true;
540	}
541
542	static int l2cap_sock_setsockopt_old(struct socket *sock, int optname,
543	char __user *optval, unsigned int optlen)
544	{
545	struct sock *sk = sock->sk;
546	struct l2cap_chan *chan = l2cap_pi(sk)->chan;
547	struct l2cap_options opts;
548	int len, err = 0;
549	u32 opt;
550
551	BT_DBG("sk %p", sk);
552
553	lock_sock(sk);
554
555	switch (optname) {
556	case L2CAP_OPTIONS:
557	if (sk->sk_state == BT_CONNECTED) {
558	err = -EINVAL;
559	break;
560	}
561
562	opts.imtu = chan->imtu;
563	opts.omtu = chan->omtu;
564	opts.flush_to = chan->flush_to;
565	opts.mode = chan->mode;
566	opts.fcs = chan->fcs;
567	opts.max_tx = chan->max_tx;
568	opts.txwin_size = chan->tx_win;
569
570	len = min_t(unsigned int, sizeof(opts), optlen);
571	if (copy_from_user((char *) &opts, optval, len)) {
572	err = -EFAULT;
573	break;
574	}
575
576	if (opts.txwin_size > L2CAP_DEFAULT_EXT_WINDOW) {
577	err = -EINVAL;
578	break;
579	}
580
581	if (!l2cap_valid_mtu(chan, opts.imtu)) {
582	err = -EINVAL;
583	break;
584	}
585
586	chan->mode = opts.mode;
587	switch (chan->mode) {
588	case L2CAP_MODE_BASIC:
589	clear_bit(CONF_STATE2_DEVICE, &chan->conf_state);
590	break;
591	case L2CAP_MODE_ERTM:
592	case L2CAP_MODE_STREAMING:
593	if (!disable_ertm)
594	break;
595	/* fall through */
596	default:
597	err = -EINVAL;
598	break;
599	}
600
601	chan->imtu = opts.imtu;
602	chan->omtu = opts.omtu;
603	chan->fcs = opts.fcs;
604	chan->max_tx = opts.max_tx;
605	chan->tx_win = opts.txwin_size;
606	chan->flush_to = opts.flush_to;
607	break;
608
609	case L2CAP_LM:
610	if (get_user(opt, (u32 __user *) optval)) {
611	err = -EFAULT;
612	break;
613	}
614
615	if (opt & L2CAP_LM_AUTH)
616	chan->sec_level = BT_SECURITY_LOW;
617	if (opt & L2CAP_LM_ENCRYPT)
618	chan->sec_level = BT_SECURITY_MEDIUM;
619	if (opt & L2CAP_LM_SECURE)
620	chan->sec_level = BT_SECURITY_HIGH;
621
622	if (opt & L2CAP_LM_MASTER)
623	set_bit(FLAG_ROLE_SWITCH, &chan->flags);
624	else
625	clear_bit(FLAG_ROLE_SWITCH, &chan->flags);
626
627	if (opt & L2CAP_LM_RELIABLE)
628	set_bit(FLAG_FORCE_RELIABLE, &chan->flags);
629	else
630	clear_bit(FLAG_FORCE_RELIABLE, &chan->flags);
631	break;
632
633	default:
634	err = -ENOPROTOOPT;
635	break;
636	}
637
638	release_sock(sk);
639	return err;
640	}
641
642	static int l2cap_sock_setsockopt(struct socket *sock, int level, int optname,
643	char __user *optval, unsigned int optlen)
644	{
645	struct sock *sk = sock->sk;
646	struct l2cap_chan *chan = l2cap_pi(sk)->chan;
647	struct bt_security sec;
648	struct bt_power pwr;
649	struct l2cap_conn *conn;
650	int len, err = 0;
651	u32 opt;
652
653	BT_DBG("sk %p", sk);
654
655	if (level == SOL_L2CAP)
656	return l2cap_sock_setsockopt_old(sock, optname, optval, optlen);
657
658	if (level != SOL_BLUETOOTH)
659	return -ENOPROTOOPT;
660
661	lock_sock(sk);
662
663	switch (optname) {
664	case BT_SECURITY:
665	if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
666	chan->chan_type != L2CAP_CHAN_RAW) {
667	err = -EINVAL;
668	break;
669	}
670
671	sec.level = BT_SECURITY_LOW;
672
673	len = min_t(unsigned int, sizeof(sec), optlen);
674	if (copy_from_user((char *) &sec, optval, len)) {
675	err = -EFAULT;
676	break;
677	}
678
679	if (sec.level < BT_SECURITY_LOW \|\|
680	sec.level > BT_SECURITY_HIGH) {
681	err = -EINVAL;
682	break;
683	}
684
685	chan->sec_level = sec.level;
686
687	if (!chan->conn)
688	break;
689
690	conn = chan->conn;
691
692	/change security for LE channels /
693	if (chan->scid == L2CAP_CID_ATT) {
694	if (!conn->hcon->out) {
695	err = -EINVAL;
696	break;
697	}
698
699	if (smp_conn_security(conn->hcon, sec.level))
700	break;
701	sk->sk_state = BT_CONFIG;
702	chan->state = BT_CONFIG;
703
704	/* or for ACL link */
705	} else if ((sk->sk_state == BT_CONNECT2 &&
706	test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) \|\|
707	sk->sk_state == BT_CONNECTED) {
708	if (!l2cap_chan_check_security(chan))
709	set_bit(BT_SK_SUSPEND, &bt_sk(sk)->flags);
710	else
711	sk->sk_state_change(sk);
712	} else {
713	err = -EINVAL;
714	}
715	break;
716
717	case BT_DEFER_SETUP:
718	if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
719	err = -EINVAL;
720	break;
721	}
722
723	if (get_user(opt, (u32 __user *) optval)) {
724	err = -EFAULT;
725	break;
726	}
727
728	if (opt) {
729	set_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
730	set_bit(FLAG_DEFER_SETUP, &chan->flags);
731	} else {
732	clear_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
733	clear_bit(FLAG_DEFER_SETUP, &chan->flags);
734	}
735	break;
736
737	case BT_FLUSHABLE:
738	if (get_user(opt, (u32 __user *) optval)) {
739	err = -EFAULT;
740	break;
741	}
742
743	if (opt > BT_FLUSHABLE_ON) {
744	err = -EINVAL;
745	break;
746	}
747
748	if (opt == BT_FLUSHABLE_OFF) {
749	conn = chan->conn;
750	/* proceed further only when we have l2cap_conn and
751	No Flush support in the LM */
752	if (!conn \|\| !lmp_no_flush_capable(conn->hcon->hdev)) {
753	err = -EINVAL;
754	break;
755	}
756	}
757
758	if (opt)
759	set_bit(FLAG_FLUSHABLE, &chan->flags);
760	else
761	clear_bit(FLAG_FLUSHABLE, &chan->flags);
762	break;
763
764	case BT_POWER:
765	if (chan->chan_type != L2CAP_CHAN_CONN_ORIENTED &&
766	chan->chan_type != L2CAP_CHAN_RAW) {
767	err = -EINVAL;
768	break;
769	}
770
771	pwr.force_active = BT_POWER_FORCE_ACTIVE_ON;
772
773	len = min_t(unsigned int, sizeof(pwr), optlen);
774	if (copy_from_user((char *) &pwr, optval, len)) {
775	err = -EFAULT;
776	break;
777	}
778
779	if (pwr.force_active)
780	set_bit(FLAG_FORCE_ACTIVE, &chan->flags);
781	else
782	clear_bit(FLAG_FORCE_ACTIVE, &chan->flags);
783	break;
784
785	case BT_CHANNEL_POLICY:
786	if (get_user(opt, (u32 __user *) optval)) {
787	err = -EFAULT;
788	break;
789	}
790
791	if (opt > BT_CHANNEL_POLICY_AMP_PREFERRED) {
792	err = -EINVAL;
793	break;
794	}
795
796	if (chan->mode != L2CAP_MODE_ERTM &&
797	chan->mode != L2CAP_MODE_STREAMING) {
798	err = -EOPNOTSUPP;
799	break;
800	}
801
802	chan->chan_policy = (u8) opt;
803
804	if (sk->sk_state == BT_CONNECTED &&
805	chan->move_role == L2CAP_MOVE_ROLE_NONE)
806	l2cap_move_start(chan);
807
808	break;
809
810	default:
811	err = -ENOPROTOOPT;
812	break;
813	}
814
815	release_sock(sk);
816	return err;
817	}
818
819	static int l2cap_sock_sendmsg(struct kiocb iocb, struct socket sock,
820	struct msghdr *msg, size_t len)
821	{
822	struct sock *sk = sock->sk;
823	struct l2cap_chan *chan = l2cap_pi(sk)->chan;
824	int err;
825
826	BT_DBG("sock %p, sk %p", sock, sk);
827
828	err = sock_error(sk);
829	if (err)
830	return err;
831
832	if (msg->msg_flags & MSG_OOB)
833	return -EOPNOTSUPP;
834
835	if (sk->sk_state != BT_CONNECTED)
836	return -ENOTCONN;
837
838	lock_sock(sk);
839	err = bt_sock_wait_ready(sk, msg->msg_flags);
840	release_sock(sk);
841	if (err)
842	return err;
843
844	l2cap_chan_lock(chan);
845	err = l2cap_chan_send(chan, msg, len, sk->sk_priority);
846	l2cap_chan_unlock(chan);
847
848	return err;
849	}
850
851	static int l2cap_sock_recvmsg(struct kiocb iocb, struct socket sock,
852	struct msghdr *msg, size_t len, int flags)
853	{
854	struct sock *sk = sock->sk;
855	struct l2cap_pinfo *pi = l2cap_pi(sk);
856	int err;
857
858	lock_sock(sk);
859
860	if (sk->sk_state == BT_CONNECT2 && test_bit(BT_SK_DEFER_SETUP,
861	&bt_sk(sk)->flags)) {
862	sk->sk_state = BT_CONFIG;
863	pi->chan->state = BT_CONFIG;
864
865	__l2cap_connect_rsp_defer(pi->chan);
866	err = 0;
867	goto done;
868	}
869
870	release_sock(sk);
871
872	if (sock->type == SOCK_STREAM)
873	err = bt_sock_stream_recvmsg(iocb, sock, msg, len, flags);
874	else
875	err = bt_sock_recvmsg(iocb, sock, msg, len, flags);
876
877	if (pi->chan->mode != L2CAP_MODE_ERTM)
878	return err;
879
880	/* Attempt to put pending rx data in the socket buffer */
881
882	lock_sock(sk);
883
884	if (!test_bit(CONN_LOCAL_BUSY, &pi->chan->conn_state))
885	goto done;
886
887	if (pi->rx_busy_skb) {
888	if (!sock_queue_rcv_skb(sk, pi->rx_busy_skb))
889	pi->rx_busy_skb = NULL;
890	else
891	goto done;
892	}
893
894	/* Restore data flow when half of the receive buffer is
895	* available. This avoids resending large numbers of
896	* frames.
897	*/
898	if (atomic_read(&sk->sk_rmem_alloc) <= sk->sk_rcvbuf >> 1)
899	l2cap_chan_busy(pi->chan, 0);
900
901	done:
902	release_sock(sk);
903	return err;
904	}
905
906	/* Kill socket (only if zapped and orphan)
907	* Must be called on unlocked socket.
908	*/
909	static void l2cap_sock_kill(struct sock *sk)
910	{
911	if (!sock_flag(sk, SOCK_ZAPPED) \|\| sk->sk_socket)
912	return;
913
914	BT_DBG("sk %p state %s", sk, state_to_string(sk->sk_state));
915
916	/* Kill poor orphan */
917
918	l2cap_chan_put(l2cap_pi(sk)->chan);
919	sock_set_flag(sk, SOCK_DEAD);
920	sock_put(sk);
921	}
922
923	static int __l2cap_wait_ack(struct sock *sk)
924	{
925	struct l2cap_chan *chan = l2cap_pi(sk)->chan;
926	DECLARE_WAITQUEUE(wait, current);
927	int err = 0;
928	int timeo = HZ/5;
929
930	add_wait_queue(sk_sleep(sk), &wait);
931	set_current_state(TASK_INTERRUPTIBLE);
932	while (chan->unacked_frames > 0 && chan->conn) {
933	if (!timeo)
934	timeo = HZ/5;
935
936	if (signal_pending(current)) {
937	err = sock_intr_errno(timeo);
938	break;
939	}
940
941	release_sock(sk);
942	timeo = schedule_timeout(timeo);
943	lock_sock(sk);
944	set_current_state(TASK_INTERRUPTIBLE);
945
946	err = sock_error(sk);
947	if (err)
948	break;
949	}
950	set_current_state(TASK_RUNNING);
951	remove_wait_queue(sk_sleep(sk), &wait);
952	return err;
953	}
954
955	static int l2cap_sock_shutdown(struct socket *sock, int how)
956	{
957	struct sock *sk = sock->sk;
958	struct l2cap_chan *chan;
959	struct l2cap_conn *conn;
960	int err = 0;
961
962	BT_DBG("sock %p, sk %p", sock, sk);
963
964	if (!sk)
965	return 0;
966
967	chan = l2cap_pi(sk)->chan;
968	conn = chan->conn;
969
970	if (conn)
971	mutex_lock(&conn->chan_lock);
972
973	l2cap_chan_lock(chan);
974	lock_sock(sk);
975
976	if (!sk->sk_shutdown) {
977	if (chan->mode == L2CAP_MODE_ERTM)
978	err = __l2cap_wait_ack(sk);
979
980	sk->sk_shutdown = SHUTDOWN_MASK;
981
982	release_sock(sk);
983	l2cap_chan_close(chan, 0);
984	lock_sock(sk);
985
986	if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime)
987	err = bt_sock_wait_state(sk, BT_CLOSED,
988	sk->sk_lingertime);
989	}
990
991	if (!err && sk->sk_err)
992	err = -sk->sk_err;
993
994	release_sock(sk);
995	l2cap_chan_unlock(chan);
996
997	if (conn)
998	mutex_unlock(&conn->chan_lock);
999
1000	return err;
1001	}
1002
1003	static int l2cap_sock_release(struct socket *sock)
1004	{
1005	struct sock *sk = sock->sk;
1006	int err;
1007
1008	BT_DBG("sock %p, sk %p", sock, sk);
1009
1010	if (!sk)
1011	return 0;
1012
1013	bt_sock_unlink(&l2cap_sk_list, sk);
1014
1015	err = l2cap_sock_shutdown(sock, 2);
1016
1017	sock_orphan(sk);
1018	l2cap_sock_kill(sk);
1019	return err;
1020	}
1021
1022	static void l2cap_sock_cleanup_listen(struct sock *parent)
1023	{
1024	struct sock *sk;
1025
1026	BT_DBG("parent %p", parent);
1027
1028	/* Close not yet accepted channels */
1029	while ((sk = bt_accept_dequeue(parent, NULL))) {
1030	struct l2cap_chan *chan = l2cap_pi(sk)->chan;
1031
1032	l2cap_chan_lock(chan);
1033	__clear_chan_timer(chan);
1034	l2cap_chan_close(chan, ECONNRESET);
1035	l2cap_chan_unlock(chan);
1036
1037	l2cap_sock_kill(sk);
1038	}
1039	}
1040
1041	static struct l2cap_chan l2cap_sock_new_connection_cb(struct l2cap_chan chan)
1042	{
1043	struct sock sk, parent = chan->data;
1044
1045	lock_sock(parent);
1046
1047	/* Check for backlog size */
1048	if (sk_acceptq_is_full(parent)) {
1049	BT_DBG("backlog full %d", parent->sk_ack_backlog);
1050	return NULL;
1051	}
1052
1053	sk = l2cap_sock_alloc(sock_net(parent), NULL, BTPROTO_L2CAP,
1054	GFP_ATOMIC);
1055	if (!sk)
1056	return NULL;
1057
1058	bt_sock_reclassify_lock(sk, BTPROTO_L2CAP);
1059
1060	l2cap_sock_init(sk, parent);
1061
1062	bt_accept_enqueue(parent, sk);
1063
1064	release_sock(parent);
1065
1066	return l2cap_pi(sk)->chan;
1067	}
1068
1069	static int l2cap_sock_recv_cb(struct l2cap_chan chan, struct sk_buff skb)
1070	{
1071	struct sock *sk = chan->data;
1072	int err;
1073
1074	lock_sock(sk);
1075
1076	if (l2cap_pi(sk)->rx_busy_skb) {
1077	err = -ENOMEM;
1078	goto done;
1079	}
1080
1081	err = sock_queue_rcv_skb(sk, skb);
1082
1083	/* For ERTM, handle one skb that doesn't fit into the recv
1084	* buffer. This is important to do because the data frames
1085	* have already been acked, so the skb cannot be discarded.
1086	*
1087	* Notify the l2cap core that the buffer is full, so the
1088	* LOCAL_BUSY state is entered and no more frames are
1089	* acked and reassembled until there is buffer space
1090	* available.
1091	*/
1092	if (err < 0 && chan->mode == L2CAP_MODE_ERTM) {
1093	l2cap_pi(sk)->rx_busy_skb = skb;
1094	l2cap_chan_busy(chan, 1);
1095	err = 0;
1096	}
1097
1098	done:
1099	release_sock(sk);
1100
1101	return err;
1102	}
1103
1104	static void l2cap_sock_close_cb(struct l2cap_chan *chan)
1105	{
1106	struct sock *sk = chan->data;
1107
1108	l2cap_sock_kill(sk);
1109	}
1110
1111	static void l2cap_sock_teardown_cb(struct l2cap_chan *chan, int err)
1112	{
1113	struct sock *sk = chan->data;
1114	struct sock *parent;
1115
1116	lock_sock(sk);
1117
1118	parent = bt_sk(sk)->parent;
1119
1120	sock_set_flag(sk, SOCK_ZAPPED);
1121
1122	switch (chan->state) {
1123	case BT_OPEN:
1124	case BT_BOUND:
1125	case BT_CLOSED:
1126	break;
1127	case BT_LISTEN:
1128	l2cap_sock_cleanup_listen(sk);
1129	sk->sk_state = BT_CLOSED;
1130	chan->state = BT_CLOSED;
1131
1132	break;
1133	default:
1134	sk->sk_state = BT_CLOSED;
1135	chan->state = BT_CLOSED;
1136
1137	sk->sk_err = err;
1138
1139	if (parent) {
1140	bt_accept_unlink(sk);
1141	parent->sk_data_ready(parent, 0);
1142	} else {
1143	sk->sk_state_change(sk);
1144	}
1145
1146	break;
1147	}
1148
1149	release_sock(sk);
1150	}
1151
1152	static void l2cap_sock_state_change_cb(struct l2cap_chan *chan, int state,
1153	int err)
1154	{
1155	struct sock *sk = chan->data;
1156
1157	sk->sk_state = state;
1158
1159	if (err)
1160	sk->sk_err = err;
1161	}
1162
1163	static struct sk_buff l2cap_sock_alloc_skb_cb(struct l2cap_chan chan,
1164	unsigned long len, int nb)
1165	{
1166	struct sock *sk = chan->data;
1167	struct sk_buff *skb;
1168	int err;
1169
1170	l2cap_chan_unlock(chan);
1171	skb = bt_skb_send_alloc(sk, len, nb, &err);
1172	l2cap_chan_lock(chan);
1173
1174	if (!skb)
1175	return ERR_PTR(err);
1176
1177	bt_cb(skb)->chan = chan;
1178
1179	return skb;
1180	}
1181
1182	static void l2cap_sock_ready_cb(struct l2cap_chan *chan)
1183	{
1184	struct sock *sk = chan->data;
1185	struct sock *parent;
1186
1187	lock_sock(sk);
1188
1189	parent = bt_sk(sk)->parent;
1190
1191	BT_DBG("sk %p, parent %p", sk, parent);
1192
1193	sk->sk_state = BT_CONNECTED;
1194	sk->sk_state_change(sk);
1195
1196	if (parent)
1197	parent->sk_data_ready(parent, 0);
1198
1199	release_sock(sk);
1200	}
1201
1202	static void l2cap_sock_defer_cb(struct l2cap_chan *chan)
1203	{
1204	struct sock parent, sk = chan->data;
1205
1206	lock_sock(sk);
1207
1208	parent = bt_sk(sk)->parent;
1209	if (parent)
1210	parent->sk_data_ready(parent, 0);
1211
1212	release_sock(sk);
1213	}
1214
1215	static void l2cap_sock_resume_cb(struct l2cap_chan *chan)
1216	{
1217	struct sock *sk = chan->data;
1218
1219	clear_bit(BT_SK_SUSPEND, &bt_sk(sk)->flags);
1220	sk->sk_state_change(sk);
1221	}
1222
1223	static void l2cap_sock_set_shutdown_cb(struct l2cap_chan *chan)
1224	{
1225	struct sock *sk = chan->data;
1226
1227	lock_sock(sk);
1228	sk->sk_shutdown = SHUTDOWN_MASK;
1229	release_sock(sk);
1230	}
1231
1232	static long l2cap_sock_get_sndtimeo_cb(struct l2cap_chan *chan)
1233	{
1234	struct sock *sk = chan->data;
1235
1236	return sk->sk_sndtimeo;
1237	}
1238
1239	static struct l2cap_ops l2cap_chan_ops = {
1240	.name = "L2CAP Socket Interface",
1241	.new_connection = l2cap_sock_new_connection_cb,
1242	.recv = l2cap_sock_recv_cb,
1243	.close = l2cap_sock_close_cb,
1244	.teardown = l2cap_sock_teardown_cb,
1245	.state_change = l2cap_sock_state_change_cb,
1246	.ready = l2cap_sock_ready_cb,
1247	.defer = l2cap_sock_defer_cb,
1248	.resume = l2cap_sock_resume_cb,
1249	.set_shutdown = l2cap_sock_set_shutdown_cb,
1250	.get_sndtimeo = l2cap_sock_get_sndtimeo_cb,
1251	.alloc_skb = l2cap_sock_alloc_skb_cb,
1252	};
1253
1254	static void l2cap_sock_destruct(struct sock *sk)
1255	{
1256	BT_DBG("sk %p", sk);
1257
1258	if (l2cap_pi(sk)->chan)
1259	l2cap_chan_put(l2cap_pi(sk)->chan);
1260
1261	if (l2cap_pi(sk)->rx_busy_skb) {
1262	kfree_skb(l2cap_pi(sk)->rx_busy_skb);
1263	l2cap_pi(sk)->rx_busy_skb = NULL;
1264	}
1265
1266	skb_queue_purge(&sk->sk_receive_queue);
1267	skb_queue_purge(&sk->sk_write_queue);
1268	}
1269
1270	static void l2cap_skb_msg_name(struct sk_buff skb, void msg_name,
1271	int *msg_namelen)
1272	{
1273	struct sockaddr_l2 la = (struct sockaddr_l2 ) msg_name;
1274
1275	memset(la, 0, sizeof(struct sockaddr_l2));
1276	la->l2_family = AF_BLUETOOTH;
1277	la->l2_psm = bt_cb(skb)->psm;
1278	bacpy(&la->l2_bdaddr, &bt_cb(skb)->bdaddr);
1279
1280	*msg_namelen = sizeof(struct sockaddr_l2);
1281	}
1282
1283	static void l2cap_sock_init(struct sock sk, struct sock parent)
1284	{
1285	struct l2cap_chan *chan = l2cap_pi(sk)->chan;
1286
1287	BT_DBG("sk %p", sk);
1288
1289	if (parent) {
1290	struct l2cap_chan *pchan = l2cap_pi(parent)->chan;
1291
1292	sk->sk_type = parent->sk_type;
1293	bt_sk(sk)->flags = bt_sk(parent)->flags;
1294
1295	chan->chan_type = pchan->chan_type;
1296	chan->imtu = pchan->imtu;
1297	chan->omtu = pchan->omtu;
1298	chan->conf_state = pchan->conf_state;
1299	chan->mode = pchan->mode;
1300	chan->fcs = pchan->fcs;
1301	chan->max_tx = pchan->max_tx;
1302	chan->tx_win = pchan->tx_win;
1303	chan->tx_win_max = pchan->tx_win_max;
1304	chan->sec_level = pchan->sec_level;
1305	chan->flags = pchan->flags;
1306
1307	security_sk_clone(parent, sk);
1308	} else {
1309	switch (sk->sk_type) {
1310	case SOCK_RAW:
1311	chan->chan_type = L2CAP_CHAN_RAW;
1312	break;
1313	case SOCK_DGRAM:
1314	chan->chan_type = L2CAP_CHAN_CONN_LESS;
1315	bt_sk(sk)->skb_msg_name = l2cap_skb_msg_name;
1316	break;
1317	case SOCK_SEQPACKET:
1318	case SOCK_STREAM:
1319	chan->chan_type = L2CAP_CHAN_CONN_ORIENTED;
1320	break;
1321	}
1322
1323	chan->imtu = L2CAP_DEFAULT_MTU;
1324	chan->omtu = 0;
1325	if (!disable_ertm && sk->sk_type == SOCK_STREAM) {
1326	chan->mode = L2CAP_MODE_ERTM;
1327	set_bit(CONF_STATE2_DEVICE, &chan->conf_state);
1328	} else {
1329	chan->mode = L2CAP_MODE_BASIC;
1330	}
1331
1332	l2cap_chan_set_defaults(chan);
1333	}
1334
1335	/* Default config options */
1336	chan->flush_to = L2CAP_DEFAULT_FLUSH_TO;
1337
1338	chan->data = sk;
1339	chan->ops = &l2cap_chan_ops;
1340	}
1341
1342	static struct proto l2cap_proto = {
1343	.name = "L2CAP",
1344	.owner = THIS_MODULE,
1345	.obj_size = sizeof(struct l2cap_pinfo)
1346	};
1347
1348	static struct sock l2cap_sock_alloc(struct net net, struct socket *sock,
1349	int proto, gfp_t prio)
1350	{
1351	struct sock *sk;
1352	struct l2cap_chan *chan;
1353
1354	sk = sk_alloc(net, PF_BLUETOOTH, prio, &l2cap_proto);
1355	if (!sk)
1356	return NULL;
1357
1358	sock_init_data(sock, sk);
1359	INIT_LIST_HEAD(&bt_sk(sk)->accept_q);
1360
1361	sk->sk_destruct = l2cap_sock_destruct;
1362	sk->sk_sndtimeo = L2CAP_CONN_TIMEOUT;
1363
1364	sock_reset_flag(sk, SOCK_ZAPPED);
1365
1366	sk->sk_protocol = proto;
1367	sk->sk_state = BT_OPEN;
1368
1369	chan = l2cap_chan_create();
1370	if (!chan) {
1371	sk_free(sk);
1372	return NULL;
1373	}
1374
1375	l2cap_chan_hold(chan);
1376
1377	l2cap_pi(sk)->chan = chan;
1378
1379	return sk;
1380	}
1381
1382	static int l2cap_sock_create(struct net net, struct socket sock, int protocol,
1383	int kern)
1384	{
1385	struct sock *sk;
1386
1387	BT_DBG("sock %p", sock);
1388
1389	sock->state = SS_UNCONNECTED;
1390
1391	if (sock->type != SOCK_SEQPACKET && sock->type != SOCK_STREAM &&
1392	sock->type != SOCK_DGRAM && sock->type != SOCK_RAW)
1393	return -ESOCKTNOSUPPORT;
1394
1395	if (sock->type == SOCK_RAW && !kern && !capable(CAP_NET_RAW))
1396	return -EPERM;
1397
1398	sock->ops = &l2cap_sock_ops;
1399
1400	sk = l2cap_sock_alloc(net, sock, protocol, GFP_ATOMIC);
1401	if (!sk)
1402	return -ENOMEM;
1403
1404	l2cap_sock_init(sk, NULL);
1405	bt_sock_link(&l2cap_sk_list, sk);
1406	return 0;
1407	}
1408
1409	static const struct proto_ops l2cap_sock_ops = {
1410	.family = PF_BLUETOOTH,
1411	.owner = THIS_MODULE,
1412	.release = l2cap_sock_release,
1413	.bind = l2cap_sock_bind,
1414	.connect = l2cap_sock_connect,
1415	.listen = l2cap_sock_listen,
1416	.accept = l2cap_sock_accept,
1417	.getname = l2cap_sock_getname,
1418	.sendmsg = l2cap_sock_sendmsg,
1419	.recvmsg = l2cap_sock_recvmsg,
1420	.poll = bt_sock_poll,
1421	.ioctl = bt_sock_ioctl,
1422	.mmap = sock_no_mmap,
1423	.socketpair = sock_no_socketpair,
1424	.shutdown = l2cap_sock_shutdown,
1425	.setsockopt = l2cap_sock_setsockopt,
1426	.getsockopt = l2cap_sock_getsockopt
1427	};
1428
1429	static const struct net_proto_family l2cap_sock_family_ops = {
1430	.family = PF_BLUETOOTH,
1431	.owner = THIS_MODULE,
1432	.create = l2cap_sock_create,
1433	};
1434
1435	int __init l2cap_init_sockets(void)
1436	{
1437	int err;
1438
1439	err = proto_register(&l2cap_proto, 0);
1440	if (err < 0)
1441	return err;
1442
1443	err = bt_sock_register(BTPROTO_L2CAP, &l2cap_sock_family_ops);
1444	if (err < 0) {
1445	BT_ERR("L2CAP socket registration failed");
1446	goto error;
1447	}
1448
1449	err = bt_procfs_init(&init_net, "l2cap", &l2cap_sk_list,
1450	NULL);
1451	if (err < 0) {
1452	BT_ERR("Failed to create L2CAP proc file");
1453	bt_sock_unregister(BTPROTO_L2CAP);
1454	goto error;
1455	}
1456
1457	BT_INFO("L2CAP socket layer initialized");
1458
1459	return 0;
1460
1461	error:
1462	proto_unregister(&l2cap_proto);
1463	return err;
1464	}
1465
1466	void l2cap_cleanup_sockets(void)
1467	{
1468	bt_procfs_cleanup(&init_net, "l2cap");
1469	bt_sock_unregister(BTPROTO_L2CAP);
1470	proto_unregister(&l2cap_proto);
1471	}
1472

Download this file

Branches:
ben-wpan
ben-wpan-stefan
javiroman/ks7010
jz-2.6.34
jz-2.6.34-rc5
jz-2.6.34-rc6
jz-2.6.34-rc7
jz-2.6.35
jz-2.6.36
jz-2.6.37
jz-2.6.38
jz-2.6.39
jz-3.0
jz-3.1
jz-3.11
jz-3.12
jz-3.13
jz-3.15
jz-3.16
jz-3.18-dt
jz-3.2
jz-3.3
jz-3.4
jz-3.5
jz-3.6
jz-3.6-rc2-pwm
jz-3.9
jz-3.9-clk
jz-3.9-rc8
jz47xx
jz47xx-2.6.38
master

Tags:
od-2011-09-04
od-2011-09-18
v2.6.34-rc5
v2.6.34-rc6
v2.6.34-rc7
v3.9

Kernel

Kernel Git Source Tree

Root/net/bluetooth/l2cap_sock.c

interactive