--- e3596795c31915dbaaeb8fffb48a8a5904acb486 +++ 8d1c4a93eee9a0b225361e6555a09e40abd2c524 @@ -325,19 +325,13 @@ static inline u8 l2cap_get_ident(struct static inline int l2cap_send_cmd(struct l2cap_conn *conn, u8 ident, u8 code, u16 len, void *data) { struct sk_buff *skb = l2cap_build_cmd(conn, code, ident, len, data); - u8 flags; BT_DBG("code 0x%2.2x", code); if (!skb) return -ENOMEM; - if (lmp_no_flush_capable(conn->hcon->hdev)) - flags = ACL_START_NO_FLUSH; - else - flags = ACL_START; - - return hci_send_acl(conn->hcon, skb, flags); + return hci_send_acl(conn->hcon, skb, 0); } static inline int l2cap_send_sframe(struct l2cap_pinfo *pi, u16 control) @@ -464,8 +458,7 @@ static void l2cap_conn_start(struct l2ca struct sock *parent = bt_sk(sk)->parent; rsp.result = cpu_to_le16(L2CAP_CR_PEND); rsp.status = cpu_to_le16(L2CAP_CS_AUTHOR_PEND); - if (parent) - parent->sk_data_ready(parent, 0); + parent->sk_data_ready(parent, 0); } else { sk->sk_state = BT_CONFIG; @@ -777,7 +770,6 @@ static void l2cap_sock_init(struct sock pi->sec_level = l2cap_pi(parent)->sec_level; pi->role_switch = l2cap_pi(parent)->role_switch; pi->force_reliable = l2cap_pi(parent)->force_reliable; - pi->flushable = l2cap_pi(parent)->flushable; } else { pi->imtu = L2CAP_DEFAULT_MTU; pi->omtu = 0; @@ -786,7 +778,6 @@ static void l2cap_sock_init(struct sock pi->sec_level = BT_SECURITY_LOW; pi->role_switch = 0; pi->force_reliable = 0; - pi->flushable = 0; } /* Default config options */ @@ -962,7 +953,7 @@ static int l2cap_do_connect(struct sock } } - hcon = hci_connect(hdev, ACL_LINK, 0, dst, + hcon = hci_connect(hdev, ACL_LINK, dst, l2cap_pi(sk)->sec_level, auth_type); if (!hcon) goto done; @@ -1267,18 +1258,11 @@ static void l2cap_drop_acked_frames(stru static inline int l2cap_do_send(struct sock *sk, struct sk_buff *skb) { struct l2cap_pinfo *pi = l2cap_pi(sk); - struct hci_conn *hcon = pi->conn->hcon; int err; - u16 flags; BT_DBG("sk %p, skb %p len %d", sk, skb, skb->len); - if (lmp_no_flush_capable(hcon->hdev) && !l2cap_pi(sk)->flushable) - flags = ACL_START_NO_FLUSH; - else - flags = ACL_START; - - err = hci_send_acl(hcon, skb, flags); + err = hci_send_acl(pi->conn->hcon, skb, 0); if (err < 0) kfree_skb(skb); @@ -1763,7 +1747,6 @@ static int l2cap_sock_setsockopt_old(str l2cap_pi(sk)->role_switch = (opt & L2CAP_LM_MASTER); l2cap_pi(sk)->force_reliable = (opt & L2CAP_LM_RELIABLE); - l2cap_pi(sk)->flushable = (opt & L2CAP_LM_FLUSHABLE); break; default: @@ -1891,9 +1874,6 @@ static int l2cap_sock_getsockopt_old(str if (l2cap_pi(sk)->force_reliable) opt |= L2CAP_LM_RELIABLE; - if (l2cap_pi(sk)->flushable) - opt |= L2CAP_LM_FLUSHABLE; - if (put_user(opt, (u32 __user *) optval)) err = -EFAULT; break; @@ -2833,6 +2813,11 @@ static inline int l2cap_config_rsp(struc int len = cmd->len - sizeof(*rsp); char req[64]; + if (len > sizeof(req) - sizeof(struct l2cap_conf_req)) { + l2cap_send_disconn_req(conn, sk); + goto done; + } + /* throw out any old stored conf requests */ result = L2CAP_CONF_SUCCESS; len = l2cap_parse_conf_rsp(sk, rsp->data, @@ -3469,7 +3454,7 @@ static inline int l2cap_data_channel_sfr } break; } - kfree_skb(skb); + return 0; } @@ -3821,7 +3806,7 @@ static int l2cap_recv_acldata(struct hci BT_DBG("conn %p len %d flags 0x%x", conn, skb->len, flags); - if (!(flags & ACL_CONT)) { + if (flags & ACL_START) { struct l2cap_hdr *hdr; int len; @@ -3905,16 +3890,24 @@ static ssize_t l2cap_sysfs_show(struct c struct sock *sk; struct hlist_node *node; char *str = buf; + int size = PAGE_SIZE; read_lock_bh(&l2cap_sk_list.lock); sk_for_each(sk, node, &l2cap_sk_list.head) { struct l2cap_pinfo *pi = l2cap_pi(sk); + int len; - str += sprintf(str, "%s %s %d %d 0x%4.4x 0x%4.4x %d %d %d\n", + len = snprintf(str, size, "%s %s %d %d 0x%4.4x 0x%4.4x %d %d %d\n", batostr(&bt_sk(sk)->src), batostr(&bt_sk(sk)->dst), sk->sk_state, __le16_to_cpu(pi->psm), pi->scid, pi->dcid, pi->imtu, pi->omtu, pi->sec_level); + + size -= len; + if (size <= 0) + break; + + str += len; } read_unlock_bh(&l2cap_sk_list.lock);