Bluetooth: Move more vars to struct l2cap_chan

struct l2cap_chan {

	struct sock *sk;

	__le16		psm;

	__u16		dcid;

	__u16		scid;

	__u16		imtu;

	__u16		omtu;

struct l2cap_pinfo {

	struct bt_sock	bt;

	__le16		psm;

	__u16		dcid;

	__u16		scid;

	struct l2cap_conn	*conn;

	struct l2cap_chan	*chan;

void __l2cap_connect_rsp_defer(struct sock *sk);

int __l2cap_wait_ack(struct sock *sk);

struct sk_buff *l2cap_create_connless_pdu(struct sock *sk, struct msghdr *msg, size_t len);

struct sk_buff *l2cap_create_basic_pdu(struct sock *sk, struct msghdr *msg, size_t len);

struct sk_buff *l2cap_create_connless_pdu(struct l2cap_chan *chan, struct msghdr *msg, size_t len);

struct sk_buff *l2cap_create_basic_pdu(struct l2cap_chan *chan, struct msghdr *msg, size_t len);

struct sk_buff *l2cap_create_iframe_pdu(struct l2cap_chan *chan, struct msghdr *msg, size_t len, u16 control, u16 sdulen);

int l2cap_sar_segment_sdu(struct l2cap_chan *chan, struct msghdr *msg, size_t len);

void l2cap_do_send(struct l2cap_chan *chan, struct sk_buff *skb);

	struct l2cap_chan *c;

	list_for_each_entry(c, &conn->chan_l, list) {

		struct sock *s = c->sk;

		if (l2cap_pi(s)->dcid == cid)

		if (c->dcid == cid)

			return c;

	}

	return NULL;

	struct l2cap_chan *c;

	list_for_each_entry(c, &conn->chan_l, list) {

		struct sock *s = c->sk;

		if (l2cap_pi(s)->scid == cid)

		if (c->scid == cid)

			return c;

	}

	return NULL;

	struct sock *sk = chan->sk;

	BT_DBG("conn %p, psm 0x%2.2x, dcid 0x%4.4x", conn,

			l2cap_pi(sk)->psm, l2cap_pi(sk)->dcid);

			chan->psm, chan->dcid);

	conn->disc_reason = 0x13;

		if (conn->hcon->type == LE_LINK) {

			/* LE connection */

			chan->omtu = L2CAP_LE_DEFAULT_MTU;

			l2cap_pi(sk)->scid = L2CAP_CID_LE_DATA;

			l2cap_pi(sk)->dcid = L2CAP_CID_LE_DATA;

			chan->scid = L2CAP_CID_LE_DATA;

			chan->dcid = L2CAP_CID_LE_DATA;

		} else {

			/* Alloc CID for connection-oriented socket */

			l2cap_pi(sk)->scid = l2cap_alloc_cid(conn);

			chan->scid = l2cap_alloc_cid(conn);

			chan->omtu = L2CAP_DEFAULT_MTU;

		}

	} else if (sk->sk_type == SOCK_DGRAM) {

		/* Connectionless socket */

		l2cap_pi(sk)->scid = L2CAP_CID_CONN_LESS;

		l2cap_pi(sk)->dcid = L2CAP_CID_CONN_LESS;

		chan->scid = L2CAP_CID_CONN_LESS;

		chan->dcid = L2CAP_CID_CONN_LESS;

		chan->omtu = L2CAP_DEFAULT_MTU;

	} else {

		/* Raw socket can send/recv signalling messages only */

		l2cap_pi(sk)->scid = L2CAP_CID_SIGNALING;

		l2cap_pi(sk)->dcid = L2CAP_CID_SIGNALING;

		chan->scid = L2CAP_CID_SIGNALING;

		chan->dcid = L2CAP_CID_SIGNALING;

		chan->omtu = L2CAP_DEFAULT_MTU;

	}

		default:

			return HCI_AT_NO_BONDING;

		}

	} else if (l2cap_pi(sk)->psm == cpu_to_le16(0x0001)) {

	} else if (chan->psm == cpu_to_le16(0x0001)) {

		if (chan->sec_level == BT_SECURITY_LOW)

			chan->sec_level = BT_SECURITY_SDP;

	lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE);

	lh->len = cpu_to_le16(hlen - L2CAP_HDR_SIZE);

	lh->cid = cpu_to_le16(pi->dcid);

	lh->cid = cpu_to_le16(chan->dcid);

	put_unaligned_le16(control, skb_put(skb, 2));

	if (chan->fcs == L2CAP_FCS_CRC16) {

		if (l2cap_check_security(chan) &&

				__l2cap_no_conn_pending(chan)) {

			struct l2cap_conn_req req;

			req.scid = cpu_to_le16(l2cap_pi(sk)->scid);

			req.psm  = l2cap_pi(sk)->psm;

			req.scid = cpu_to_le16(chan->scid);

			req.psm  = chan->psm;

			chan->ident = l2cap_get_ident(conn);

			chan->conf_state |= L2CAP_CONF_CONNECT_PEND;

		del_timer(&chan->ack_timer);

	}

	req.dcid = cpu_to_le16(l2cap_pi(sk)->dcid);

	req.scid = cpu_to_le16(l2cap_pi(sk)->scid);

	req.dcid = cpu_to_le16(chan->dcid);

	req.scid = cpu_to_le16(chan->scid);

	l2cap_send_cmd(conn, l2cap_get_ident(conn),

			L2CAP_DISCONN_REQ, sizeof(req), &req);

				continue;

			}

			req.scid = cpu_to_le16(l2cap_pi(sk)->scid);

			req.psm  = l2cap_pi(sk)->psm;

			req.scid = cpu_to_le16(chan->scid);

			req.psm  = chan->psm;

			chan->ident = l2cap_get_ident(conn);

			chan->conf_state |= L2CAP_CONF_CONNECT_PEND;

		} else if (sk->sk_state == BT_CONNECT2) {

			struct l2cap_conn_rsp rsp;

			char buf[128];

			rsp.scid = cpu_to_le16(l2cap_pi(sk)->dcid);

			rsp.dcid = cpu_to_le16(l2cap_pi(sk)->scid);

			rsp.scid = cpu_to_le16(chan->dcid);

			rsp.dcid = cpu_to_le16(chan->scid);

			if (l2cap_check_security(chan)) {

				if (bt_sk(sk)->defer_setup) {

	read_lock(&l2cap_sk_list.lock);

	sk_for_each(sk, node, &l2cap_sk_list.head) {

		struct l2cap_chan *chan = l2cap_pi(sk)->chan;

		if (state && sk->sk_state != state)

			continue;

		if (l2cap_pi(sk)->scid == cid) {

		if (chan->scid == cid) {

			/* Exact match. */

			if (!bacmp(&bt_sk(sk)->src, src))

				break;

	read_lock(&l2cap_sk_list.lock);

	sk_for_each(sk, node, &l2cap_sk_list.head) {

		struct l2cap_chan *chan = l2cap_pi(sk)->chan;

		if (state && sk->sk_state != state)

			continue;

		if (l2cap_pi(sk)->psm == psm) {

		if (chan->psm == psm) {

			/* Exact match. */

			if (!bacmp(&bt_sk(sk)->src, src))

				break;

	int err;

	BT_DBG("%s -> %s psm 0x%2.2x", batostr(src), batostr(dst),

							l2cap_pi(sk)->psm);

							chan->psm);

	hdev = hci_get_route(dst, src);

	if (!hdev)

	auth_type = l2cap_get_auth_type(chan);

	if (l2cap_pi(sk)->dcid == L2CAP_CID_LE_DATA)

	if (chan->dcid == L2CAP_CID_LE_DATA)

		hcon = hci_connect(hdev, LE_LINK, dst,

					chan->sec_level, auth_type);

	else

	return sent;

}

struct sk_buff *l2cap_create_connless_pdu(struct sock *sk, struct msghdr *msg, size_t len)

struct sk_buff *l2cap_create_connless_pdu(struct l2cap_chan *chan, struct msghdr *msg, size_t len)

{

	struct sock *sk = chan->sk;

	struct l2cap_conn *conn = l2cap_pi(sk)->conn;

	struct sk_buff *skb;

	int err, count, hlen = L2CAP_HDR_SIZE + 2;

	/* Create L2CAP header */

	lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE);

	lh->cid = cpu_to_le16(l2cap_pi(sk)->dcid);

	lh->cid = cpu_to_le16(chan->dcid);

	lh->len = cpu_to_le16(len + (hlen - L2CAP_HDR_SIZE));

	put_unaligned_le16(l2cap_pi(sk)->psm, skb_put(skb, 2));

	put_unaligned_le16(chan->psm, skb_put(skb, 2));

	err = l2cap_skbuff_fromiovec(sk, msg, len, count, skb);

	if (unlikely(err < 0)) {

	return skb;

}

struct sk_buff *l2cap_create_basic_pdu(struct sock *sk, struct msghdr *msg, size_t len)

struct sk_buff *l2cap_create_basic_pdu(struct l2cap_chan *chan, struct msghdr *msg, size_t len)

{

	struct sock *sk = chan->sk;

	struct l2cap_conn *conn = l2cap_pi(sk)->conn;

	struct sk_buff *skb;

	int err, count, hlen = L2CAP_HDR_SIZE;

	/* Create L2CAP header */

	lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE);

	lh->cid = cpu_to_le16(l2cap_pi(sk)->dcid);

	lh->cid = cpu_to_le16(chan->dcid);

	lh->len = cpu_to_le16(len + (hlen - L2CAP_HDR_SIZE));

	err = l2cap_skbuff_fromiovec(sk, msg, len, count, skb);

	/* Create L2CAP header */

	lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE);

	lh->cid = cpu_to_le16(l2cap_pi(sk)->dcid);

	lh->cid = cpu_to_le16(chan->dcid);

	lh->len = cpu_to_le16(len + (hlen - L2CAP_HDR_SIZE));

	put_unaligned_le16(control, skb_put(skb, 2));

	if (sdulen)

		break;

	}

	req->dcid  = cpu_to_le16(pi->dcid);

	req->dcid  = cpu_to_le16(chan->dcid);

	req->flags = cpu_to_le16(0);

	return ptr - data;

		if (result == L2CAP_CONF_SUCCESS)

			chan->conf_state |= L2CAP_CONF_OUTPUT_DONE;

	}

	rsp->scid   = cpu_to_le16(pi->dcid);

	rsp->scid   = cpu_to_le16(chan->dcid);

	rsp->result = cpu_to_le16(result);

	rsp->flags  = cpu_to_le16(0x0000);

static int l2cap_parse_conf_rsp(struct l2cap_chan *chan, void *rsp, int len, void *data, u16 *result)

{

	struct sock *sk = chan->sk;

	struct l2cap_pinfo *pi = l2cap_pi(sk);

	struct l2cap_conf_req *req = data;

	void *ptr = req->data;

	int type, olen;

	unsigned long val;

	struct l2cap_conf_rfc rfc;

	BT_DBG("sk %p, rsp %p, len %d, req %p", sk, rsp, len, data);

	BT_DBG("chan %p, rsp %p, len %d, req %p", chan, rsp, len, data);

	while (len >= L2CAP_CONF_OPT_SIZE) {

		len -= l2cap_get_conf_opt(&rsp, &type, &olen, &val);

		}

	}

	req->dcid   = cpu_to_le16(pi->dcid);

	req->dcid   = cpu_to_le16(chan->dcid);

	req->flags  = cpu_to_le16(0x0000);

	return ptr - data;

}

static int l2cap_build_conf_rsp(struct sock *sk, void *data, u16 result, u16 flags)

static int l2cap_build_conf_rsp(struct l2cap_chan *chan, void *data, u16 result, u16 flags)

{

	struct l2cap_conf_rsp *rsp = data;

	void *ptr = rsp->data;

	BT_DBG("sk %p", sk);

	BT_DBG("chan %p", chan);

	rsp->scid   = cpu_to_le16(l2cap_pi(sk)->dcid);

	rsp->scid   = cpu_to_le16(chan->dcid);

	rsp->result = cpu_to_le16(result);

	rsp->flags  = cpu_to_le16(flags);

	sk->sk_state = BT_CONFIG;

	rsp.scid   = cpu_to_le16(l2cap_pi(sk)->dcid);

	rsp.dcid   = cpu_to_le16(l2cap_pi(sk)->scid);

	rsp.scid   = cpu_to_le16(chan->dcid);

	rsp.dcid   = cpu_to_le16(chan->scid);

	rsp.result = cpu_to_le16(L2CAP_CR_SUCCESS);

	rsp.status = cpu_to_le16(L2CAP_CS_NO_INFO);

	l2cap_send_cmd(conn, chan->ident,

	l2cap_sock_init(sk, parent);

	bacpy(&bt_sk(sk)->src, conn->src);

	bacpy(&bt_sk(sk)->dst, conn->dst);

	l2cap_pi(sk)->psm  = psm;

	l2cap_pi(sk)->dcid = scid;

	chan->psm  = psm;

	chan->dcid = scid;

	bt_accept_enqueue(parent, sk);

	__l2cap_chan_add(conn, chan);

	dcid = l2cap_pi(sk)->scid;

	dcid = chan->scid;

	l2cap_sock_set_timer(sk, sk->sk_sndtimeo);

	case L2CAP_CR_SUCCESS:

		sk->sk_state = BT_CONFIG;

		chan->ident = 0;

		l2cap_pi(sk)->dcid = dcid;

		chan->dcid = dcid;

		chan->conf_state &= ~L2CAP_CONF_CONNECT_PEND;

		if (chan->conf_state & L2CAP_CONF_REQ_SENT)

	len = cmd_len - sizeof(*req);

	if (chan->conf_len + len > sizeof(chan->conf_req)) {

		l2cap_send_cmd(conn, cmd->ident, L2CAP_CONF_RSP,

				l2cap_build_conf_rsp(sk, rsp,

				l2cap_build_conf_rsp(chan, rsp,

					L2CAP_CONF_REJECT, flags), rsp);

		goto unlock;

	}

	if (flags & 0x0001) {

		/* Incomplete config. Send empty response. */

		l2cap_send_cmd(conn, cmd->ident, L2CAP_CONF_RSP,

				l2cap_build_conf_rsp(sk, rsp,

				l2cap_build_conf_rsp(chan, rsp,

					L2CAP_CONF_SUCCESS, 0x0001), rsp);

		goto unlock;

	}

	sk = chan->sk;

	rsp.dcid = cpu_to_le16(l2cap_pi(sk)->scid);

	rsp.scid = cpu_to_le16(l2cap_pi(sk)->dcid);

	rsp.dcid = cpu_to_le16(chan->scid);

	rsp.scid = cpu_to_le16(chan->dcid);

	l2cap_send_cmd(conn, cmd->ident, L2CAP_DISCONN_RSP, sizeof(rsp), &rsp);

	sk->sk_shutdown = SHUTDOWN_MASK;

		if (sk->sk_state == BT_CONNECT) {

			if (!status) {

				struct l2cap_conn_req req;

				req.scid = cpu_to_le16(l2cap_pi(sk)->scid);

				req.psm  = l2cap_pi(sk)->psm;

				req.scid = cpu_to_le16(chan->scid);

				req.psm  = chan->psm;

				chan->ident = l2cap_get_ident(conn);

				chan->conf_state |= L2CAP_CONF_CONNECT_PEND;

				result = L2CAP_CR_SEC_BLOCK;

			}

			rsp.scid   = cpu_to_le16(l2cap_pi(sk)->dcid);

			rsp.dcid   = cpu_to_le16(l2cap_pi(sk)->scid);

			rsp.scid   = cpu_to_le16(chan->dcid);

			rsp.dcid   = cpu_to_le16(chan->scid);

			rsp.result = cpu_to_le16(result);

			rsp.status = cpu_to_le16(L2CAP_CS_NO_INFO);

			l2cap_send_cmd(conn, chan->ident, L2CAP_CONN_RSP,

		seq_printf(f, "%s %s %d %d 0x%4.4x 0x%4.4x %d %d %d %d\n",

					batostr(&bt_sk(sk)->src),

					batostr(&bt_sk(sk)->dst),

					sk->sk_state, __le16_to_cpu(pi->psm),

					pi->scid, pi->dcid,

					sk->sk_state, __le16_to_cpu(chan->psm),

					chan->scid, chan->dcid,

					chan->imtu, chan->omtu, chan->sec_level,

					chan->mode);

	}

	} else {

		/* Save source address */

		bacpy(&bt_sk(sk)->src, &la.l2_bdaddr);

		l2cap_pi(sk)->psm   = la.l2_psm;

		chan->psm   = la.l2_psm;

		chan->sport = la.l2_psm;

		sk->sk_state = BT_BOUND;

	}

	if (la.l2_cid)

		l2cap_pi(sk)->scid = la.l2_cid;

		chan->scid = la.l2_cid;

	write_unlock_bh(&l2cap_sk_list.lock);

	/* Set destination address and psm */

	bacpy(&bt_sk(sk)->dst, &la.l2_bdaddr);

	l2cap_pi(sk)->psm = la.l2_psm;

	l2cap_pi(sk)->dcid = la.l2_cid;

	chan->psm = la.l2_psm;

	chan->dcid = la.l2_cid;

	err = l2cap_chan_connect(l2cap_pi(sk)->chan);

	if (err)

		goto done;

	}

	if (!l2cap_pi(sk)->psm && !l2cap_pi(sk)->scid) {

	if (!chan->psm && !chan->scid) {

		bdaddr_t *src = &bt_sk(sk)->src;

		u16 psm;

		for (psm = 0x1001; psm < 0x1100; psm += 2)

			if (!__l2cap_get_sock_by_addr(cpu_to_le16(psm), src)) {

				l2cap_pi(sk)->psm   = cpu_to_le16(psm);

				chan->psm   = cpu_to_le16(psm);

				chan->sport = cpu_to_le16(psm);

				err = 0;

				break;

	*len = sizeof(struct sockaddr_l2);

	if (peer) {

		la->l2_psm = l2cap_pi(sk)->psm;

		la->l2_psm = chan->psm;

		bacpy(&la->l2_bdaddr, &bt_sk(sk)->dst);

		la->l2_cid = cpu_to_le16(l2cap_pi(sk)->dcid);

		la->l2_cid = cpu_to_le16(chan->dcid);

	} else {

		la->l2_psm = chan->sport;

		bacpy(&la->l2_bdaddr, &bt_sk(sk)->src);

		la->l2_cid = cpu_to_le16(l2cap_pi(sk)->scid);

		la->l2_cid = cpu_to_le16(chan->scid);

	}

	return 0;

	/* Connectionless channel */

	if (sk->sk_type == SOCK_DGRAM) {

		skb = l2cap_create_connless_pdu(sk, msg, len);

		skb = l2cap_create_connless_pdu(chan, msg, len);

		if (IS_ERR(skb)) {

			err = PTR_ERR(skb);

		} else {

		}

		/* Create a basic PDU */

		skb = l2cap_create_basic_pdu(sk, msg, len);

		skb = l2cap_create_basic_pdu(chan, msg, len);

		if (IS_ERR(skb)) {

			err = PTR_ERR(skb);

			goto done;

			else

				result = L2CAP_CR_BAD_PSM;

			rsp.scid   = cpu_to_le16(l2cap_pi(sk)->dcid);

			rsp.dcid   = cpu_to_le16(l2cap_pi(sk)->scid);

			rsp.scid   = cpu_to_le16(chan->dcid);

			rsp.dcid   = cpu_to_le16(chan->scid);

			rsp.result = cpu_to_le16(result);

			rsp.status = cpu_to_le16(L2CAP_CS_NO_INFO);

			l2cap_send_cmd(conn, chan->ident, L2CAP_CONN_RSP,