Bluetooth: Move more channel info to struct l2cap_chan

struct l2cap_chan {

	struct sock *sk;

	__u16		imtu;

	__u16		omtu;

	__u16		flush_to;

	__u8		mode;

	__le16		sport;

	__u8		sec_level;

	__u8		role_switch;

	__u8		force_reliable;

	__u16		dcid;

	__u16		scid;

	__u16		imtu;

	__u16		omtu;

	__u16		flush_to;

	__u8		mode;

	__le16		sport;

	struct l2cap_conn	*conn;

	struct l2cap_chan	*chan;

};

	bacpy(&session->bdaddr, &bt_sk(sock->sk)->dst);

	session->mtu = min_t(uint, l2cap_pi(sock->sk)->omtu, l2cap_pi(sock->sk)->imtu);

	session->mtu = min_t(uint, l2cap_pi(sock->sk)->chan->omtu,

					l2cap_pi(sock->sk)->chan->imtu);

	BT_DBG("mtu %d", session->mtu);

	bacpy(&session->bdaddr, &bt_sk(ctrl_sock->sk)->dst);

	session->ctrl_mtu = min_t(uint, l2cap_pi(ctrl_sock->sk)->omtu, l2cap_pi(ctrl_sock->sk)->imtu);

	session->intr_mtu = min_t(uint, l2cap_pi(intr_sock->sk)->omtu, l2cap_pi(intr_sock->sk)->imtu);

	session->ctrl_mtu = min_t(uint, l2cap_pi(ctrl_sock->sk)->chan->omtu,

					l2cap_pi(ctrl_sock->sk)->chan->imtu);

	session->intr_mtu = min_t(uint, l2cap_pi(intr_sock->sk)->chan->omtu,

					l2cap_pi(intr_sock->sk)->chan->imtu);

	BT_DBG("ctrl mtu %d intr mtu %d", session->ctrl_mtu, session->intr_mtu);

	if (sk->sk_type == SOCK_SEQPACKET || sk->sk_type == SOCK_STREAM) {

		if (conn->hcon->type == LE_LINK) {

			/* LE connection */

			l2cap_pi(sk)->omtu = L2CAP_LE_DEFAULT_MTU;

			chan->omtu = L2CAP_LE_DEFAULT_MTU;

			l2cap_pi(sk)->scid = L2CAP_CID_LE_DATA;

			l2cap_pi(sk)->dcid = L2CAP_CID_LE_DATA;

		} else {

			/* Alloc CID for connection-oriented socket */

			l2cap_pi(sk)->scid = l2cap_alloc_cid(conn);

			l2cap_pi(sk)->omtu = L2CAP_DEFAULT_MTU;

			chan->omtu = L2CAP_DEFAULT_MTU;

		}

	} else if (sk->sk_type == SOCK_DGRAM) {

		/* Connectionless socket */

		l2cap_pi(sk)->scid = L2CAP_CID_CONN_LESS;

		l2cap_pi(sk)->dcid = L2CAP_CID_CONN_LESS;

		l2cap_pi(sk)->omtu = L2CAP_DEFAULT_MTU;

		chan->omtu = L2CAP_DEFAULT_MTU;

	} else {

		/* Raw socket can send/recv signalling messages only */

		l2cap_pi(sk)->scid = L2CAP_CID_SIGNALING;

		l2cap_pi(sk)->dcid = L2CAP_CID_SIGNALING;

		l2cap_pi(sk)->omtu = L2CAP_DEFAULT_MTU;

		chan->omtu = L2CAP_DEFAULT_MTU;

	}

	sock_hold(sk);

	skb_queue_purge(&chan->tx_q);

	if (l2cap_pi(sk)->mode == L2CAP_MODE_ERTM) {

	if (chan->mode == L2CAP_MODE_ERTM) {

		struct srej_list *l, *tmp;

		del_timer(&chan->retrans_timer);

	sk = chan->sk;

	if (l2cap_pi(sk)->mode == L2CAP_MODE_ERTM) {

	if (chan->mode == L2CAP_MODE_ERTM) {

		del_timer(&chan->retrans_timer);

		del_timer(&chan->monitor_timer);

		del_timer(&chan->ack_timer);

				continue;

			}

			if (!l2cap_mode_supported(l2cap_pi(sk)->mode,

			if (!l2cap_mode_supported(chan->mode,

					conn->feat_mask)

					&& chan->conf_state &

					L2CAP_CONF_STATE2_DEVICE) {

{

	struct l2cap_pinfo *pi = l2cap_pi(chan->sk);

	struct l2cap_conf_req *req = data;

	struct l2cap_conf_rfc rfc = { .mode = pi->mode };

	struct l2cap_conf_rfc rfc = { .mode = chan->mode };

	void *ptr = req->data;

	BT_DBG("chan %p", chan);

	if (chan->num_conf_req || chan->num_conf_rsp)

		goto done;

	switch (pi->mode) {

	switch (chan->mode) {

	case L2CAP_MODE_STREAMING:

	case L2CAP_MODE_ERTM:

		if (chan->conf_state & L2CAP_CONF_STATE2_DEVICE)

		/* fall through */

	default:

		pi->mode = l2cap_select_mode(rfc.mode, pi->conn->feat_mask);

		chan->mode = l2cap_select_mode(rfc.mode, pi->conn->feat_mask);

		break;

	}

done:

	if (pi->imtu != L2CAP_DEFAULT_MTU)

		l2cap_add_conf_opt(&ptr, L2CAP_CONF_MTU, 2, pi->imtu);

	if (chan->imtu != L2CAP_DEFAULT_MTU)

		l2cap_add_conf_opt(&ptr, L2CAP_CONF_MTU, 2, chan->imtu);

	switch (pi->mode) {

	switch (chan->mode) {

	case L2CAP_MODE_BASIC:

		if (!(pi->conn->feat_mask & L2CAP_FEAT_ERTM) &&

				!(pi->conn->feat_mask & L2CAP_FEAT_STREAMING))

			break;

		case L2CAP_CONF_FLUSH_TO:

			pi->flush_to = val;

			chan->flush_to = val;

			break;

		case L2CAP_CONF_QOS:

	if (chan->num_conf_rsp || chan->num_conf_req > 1)

		goto done;

	switch (pi->mode) {

	switch (chan->mode) {

	case L2CAP_MODE_STREAMING:

	case L2CAP_MODE_ERTM:

		if (!(chan->conf_state & L2CAP_CONF_STATE2_DEVICE)) {

			pi->mode = l2cap_select_mode(rfc.mode,

			chan->mode = l2cap_select_mode(rfc.mode,

					pi->conn->feat_mask);

			break;

		}

		if (pi->mode != rfc.mode)

		if (chan->mode != rfc.mode)

			return -ECONNREFUSED;

		break;

	}

done:

	if (pi->mode != rfc.mode) {

	if (chan->mode != rfc.mode) {

		result = L2CAP_CONF_UNACCEPT;

		rfc.mode = pi->mode;

		rfc.mode = chan->mode;

		if (chan->num_conf_rsp == 1)

			return -ECONNREFUSED;

		if (mtu < L2CAP_DEFAULT_MIN_MTU)

			result = L2CAP_CONF_UNACCEPT;

		else {

			pi->omtu = mtu;

			chan->omtu = mtu;

			chan->conf_state |= L2CAP_CONF_MTU_DONE;

		}

		l2cap_add_conf_opt(&ptr, L2CAP_CONF_MTU, 2, pi->omtu);

		l2cap_add_conf_opt(&ptr, L2CAP_CONF_MTU, 2, chan->omtu);

		switch (rfc.mode) {

		case L2CAP_MODE_BASIC:

			result = L2CAP_CONF_UNACCEPT;

			memset(&rfc, 0, sizeof(rfc));

			rfc.mode = pi->mode;

			rfc.mode = chan->mode;

		}

		if (result == L2CAP_CONF_SUCCESS)

		case L2CAP_CONF_MTU:

			if (val < L2CAP_DEFAULT_MIN_MTU) {

				*result = L2CAP_CONF_UNACCEPT;

				pi->imtu = L2CAP_DEFAULT_MIN_MTU;

				chan->imtu = L2CAP_DEFAULT_MIN_MTU;

			} else

				pi->imtu = val;

			l2cap_add_conf_opt(&ptr, L2CAP_CONF_MTU, 2, pi->imtu);

				chan->imtu = val;

			l2cap_add_conf_opt(&ptr, L2CAP_CONF_MTU, 2, chan->imtu);

			break;

		case L2CAP_CONF_FLUSH_TO:

			pi->flush_to = val;

			chan->flush_to = val;

			l2cap_add_conf_opt(&ptr, L2CAP_CONF_FLUSH_TO,

							2, pi->flush_to);

							2, chan->flush_to);

			break;

		case L2CAP_CONF_RFC:

				memcpy(&rfc, (void *)val, olen);

			if ((chan->conf_state & L2CAP_CONF_STATE2_DEVICE) &&

							rfc.mode != pi->mode)

							rfc.mode != chan->mode)

				return -ECONNREFUSED;

			chan->fcs = 0;

		}

	}

	if (pi->mode == L2CAP_MODE_BASIC && pi->mode != rfc.mode)

	if (chan->mode == L2CAP_MODE_BASIC && chan->mode != rfc.mode)

		return -ECONNREFUSED;

	pi->mode = rfc.mode;

	chan->mode = rfc.mode;

	if (*result == L2CAP_CONF_SUCCESS) {

		switch (rfc.mode) {

static void l2cap_conf_rfc_get(struct l2cap_chan *chan, void *rsp, int len)

{

	struct l2cap_pinfo *pi = l2cap_pi(chan->sk);

	int type, olen;

	unsigned long val;

	struct l2cap_conf_rfc rfc;

	BT_DBG("chan %p, rsp %p, len %d", chan, rsp, len);

	if ((pi->mode != L2CAP_MODE_ERTM) && (pi->mode != L2CAP_MODE_STREAMING))

	if ((chan->mode != L2CAP_MODE_ERTM) && (chan->mode != L2CAP_MODE_STREAMING))

		return;

	while (len >= L2CAP_CONF_OPT_SIZE) {

	/* FCS is enabled only in ERTM or streaming mode, if one or both

	 * sides request it.

	 */

	if (pi->mode != L2CAP_MODE_ERTM && pi->mode != L2CAP_MODE_STREAMING)

	if (chan->mode != L2CAP_MODE_ERTM && chan->mode != L2CAP_MODE_STREAMING)

		chan->fcs = L2CAP_FCS_NONE;

	else if (!(pi->chan->conf_state & L2CAP_CONF_NO_FCS_RECV))

		chan->fcs = L2CAP_FCS_CRC16;

		chan->next_tx_seq = 0;

		chan->expected_tx_seq = 0;

		skb_queue_head_init(&chan->tx_q);

		if (l2cap_pi(sk)->mode == L2CAP_MODE_ERTM)

		if (chan->mode == L2CAP_MODE_ERTM)

			l2cap_ertm_init(chan);

		l2cap_chan_ready(sk);

		chan->next_tx_seq = 0;

		chan->expected_tx_seq = 0;

		skb_queue_head_init(&chan->tx_q);

		if (l2cap_pi(sk)->mode ==  L2CAP_MODE_ERTM)

		if (chan->mode ==  L2CAP_MODE_ERTM)

			l2cap_ertm_init(chan);

		l2cap_chan_ready(sk);

		chan->sdu_len = get_unaligned_le16(skb->data);

		if (chan->sdu_len > pi->imtu)

		if (chan->sdu_len > chan->imtu)

			goto disconnect;

		chan->sdu = bt_skb_alloc(chan->sdu_len, GFP_ATOMIC);

		if (!(chan->conn_state & L2CAP_CONN_SAR_RETRY)) {

			chan->partial_sdu_len += skb->len;

			if (chan->partial_sdu_len > pi->imtu)

			if (chan->partial_sdu_len > chan->imtu)

				goto drop;

			if (chan->partial_sdu_len != chan->sdu_len)

static int l2cap_streaming_reassembly_sdu(struct l2cap_chan *chan, struct sk_buff *skb, u16 control)

{

	struct l2cap_pinfo *pi = l2cap_pi(chan->sk);

	struct sk_buff *_skb;

	int err = -EINVAL;

		chan->sdu_len = get_unaligned_le16(skb->data);

		skb_pull(skb, 2);

		if (chan->sdu_len > pi->imtu) {

		if (chan->sdu_len > chan->imtu) {

			err = -EMSGSIZE;

			break;

		}

		chan->conn_state &= ~L2CAP_CONN_SAR_SDU;

		chan->partial_sdu_len += skb->len;

		if (chan->partial_sdu_len > pi->imtu)

		if (chan->partial_sdu_len > chan->imtu)

			goto drop;

		if (chan->partial_sdu_len == chan->sdu_len) {

	if (sk->sk_state != BT_CONNECTED)

		goto drop;

	switch (pi->mode) {

	switch (chan->mode) {

	case L2CAP_MODE_BASIC:

		/* If socket recv buffers overflows we drop data here

		 * which is *bad* because L2CAP has to be reliable.

		 * But we don't have any other choice. L2CAP doesn't

		 * provide flow control mechanism. */

		if (pi->imtu < skb->len)

		if (chan->imtu < skb->len)

			goto drop;

		if (!sock_queue_rcv_skb(sk, skb))

		goto done;

	default:

		BT_DBG("chan %p: bad mode 0x%2.2x", chan, pi->mode);

		BT_DBG("chan %p: bad mode 0x%2.2x", chan, chan->mode);

		break;

	}

	if (sk->sk_state != BT_BOUND && sk->sk_state != BT_CONNECTED)

		goto drop;

	if (l2cap_pi(sk)->imtu < skb->len)

	if (l2cap_pi(sk)->chan->imtu < skb->len)

		goto drop;

	if (!sock_queue_rcv_skb(sk, skb))

	if (sk->sk_state != BT_BOUND && sk->sk_state != BT_CONNECTED)

		goto drop;

	if (l2cap_pi(sk)->imtu < skb->len)

	if (l2cap_pi(sk)->chan->imtu < skb->len)

		goto drop;

	if (!sock_queue_rcv_skb(sk, skb))

		if (chan && chan->sk) {

			struct sock *sk = chan->sk;

			if (l2cap_pi(sk)->imtu < len - L2CAP_HDR_SIZE) {

			if (chan->imtu < len - L2CAP_HDR_SIZE) {

				BT_ERR("Frame exceeding recv MTU (len %d, "

							"MTU %d)", len,

							l2cap_pi(sk)->imtu);

							chan->imtu);

				bh_unlock_sock(sk);

				l2cap_conn_unreliable(conn, ECOMM);

				goto drop;

	sk_for_each(sk, node, &l2cap_sk_list.head) {

		struct l2cap_pinfo *pi = l2cap_pi(sk);

		struct l2cap_chan *chan = pi->chan;

		seq_printf(f, "%s %s %d %d 0x%4.4x 0x%4.4x %d %d %d %d\n",

					batostr(&bt_sk(sk)->src),

					batostr(&bt_sk(sk)->dst),

					sk->sk_state, __le16_to_cpu(pi->psm),

					pi->scid, pi->dcid,

					pi->imtu, pi->omtu, pi->chan->sec_level,

					pi->mode);

					chan->imtu, chan->omtu, chan->sec_level,

					chan->mode);

	}

	read_unlock_bh(&l2cap_sk_list.lock);

{

	struct sock *sk;

	struct hlist_node *node;

	sk_for_each(sk, node, &l2cap_sk_list.head)

		if (l2cap_pi(sk)->sport == psm && !bacmp(&bt_sk(sk)->src, src))

	sk_for_each(sk, node, &l2cap_sk_list.head) {

		struct l2cap_chan *chan = l2cap_pi(sk)->chan;

		if (chan->sport == psm && !bacmp(&bt_sk(sk)->src, src))

			goto found;

	}

	sk = NULL;

found:

	return sk;

		/* Save source address */

		bacpy(&bt_sk(sk)->src, &la.l2_bdaddr);

		l2cap_pi(sk)->psm   = la.l2_psm;

		l2cap_pi(sk)->sport = la.l2_psm;

		chan->sport = la.l2_psm;

		sk->sk_state = BT_BOUND;

		if (__le16_to_cpu(la.l2_psm) == 0x0001 ||

static int l2cap_sock_connect(struct socket *sock, struct sockaddr *addr, int alen, int flags)

{

	struct sock *sk = sock->sk;

	struct l2cap_chan *chan = l2cap_pi(sk)->chan;

	struct sockaddr_l2 la;

	int len, err = 0;

		goto done;

	}

	switch (l2cap_pi(sk)->mode) {

	switch (chan->mode) {

	case L2CAP_MODE_BASIC:

		break;

	case L2CAP_MODE_ERTM:

static int l2cap_sock_listen(struct socket *sock, int backlog)

{

	struct sock *sk = sock->sk;

	struct l2cap_chan *chan = l2cap_pi(sk)->chan;

	int err = 0;

	BT_DBG("sk %p backlog %d", sk, backlog);

		goto done;

	}

	switch (l2cap_pi(sk)->mode) {

	switch (chan->mode) {

	case L2CAP_MODE_BASIC:

		break;

	case L2CAP_MODE_ERTM:

		for (psm = 0x1001; psm < 0x1100; psm += 2)

			if (!__l2cap_get_sock_by_addr(cpu_to_le16(psm), src)) {

				l2cap_pi(sk)->psm   = cpu_to_le16(psm);

				l2cap_pi(sk)->sport = cpu_to_le16(psm);

				chan->sport = cpu_to_le16(psm);

				err = 0;

				break;

			}

{

	struct sockaddr_l2 *la = (struct sockaddr_l2 *) addr;

	struct sock *sk = sock->sk;

	struct l2cap_chan *chan = l2cap_pi(sk)->chan;

	BT_DBG("sock %p, sk %p", sock, sk);

		bacpy(&la->l2_bdaddr, &bt_sk(sk)->dst);

		la->l2_cid = cpu_to_le16(l2cap_pi(sk)->dcid);

	} else {

		la->l2_psm = l2cap_pi(sk)->sport;

		la->l2_psm = chan->sport;

		bacpy(&la->l2_bdaddr, &bt_sk(sk)->src);

		la->l2_cid = cpu_to_le16(l2cap_pi(sk)->scid);

	}

	switch (optname) {

	case L2CAP_OPTIONS:

		memset(&opts, 0, sizeof(opts));

		opts.imtu     = l2cap_pi(sk)->imtu;

		opts.omtu     = l2cap_pi(sk)->omtu;

		opts.flush_to = l2cap_pi(sk)->flush_to;

		opts.mode     = l2cap_pi(sk)->mode;

		opts.imtu     = chan->imtu;

		opts.omtu     = chan->omtu;

		opts.flush_to = chan->flush_to;

		opts.mode     = chan->mode;

		opts.fcs      = chan->fcs;

		opts.max_tx   = chan->max_tx;

		opts.txwin_size = (__u16)chan->tx_win;

			break;

		}

		opts.imtu     = l2cap_pi(sk)->imtu;

		opts.omtu     = l2cap_pi(sk)->omtu;

		opts.flush_to = l2cap_pi(sk)->flush_to;

		opts.mode     = l2cap_pi(sk)->mode;

		opts.imtu     = chan->imtu;

		opts.omtu     = chan->omtu;

		opts.flush_to = chan->flush_to;

		opts.mode     = chan->mode;

		opts.fcs      = chan->fcs;

		opts.max_tx   = chan->max_tx;

		opts.txwin_size = (__u16)chan->tx_win;

			break;

		}

		l2cap_pi(sk)->mode = opts.mode;

		switch (l2cap_pi(sk)->mode) {