1 /*
2 RFCOMM implementation for Linux Bluetooth stack (BlueZ).
3 Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com>
4 Copyright (C) 2002 Marcel Holtmann <marcel@holtmann.org>
5
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License version 2 as
8 published by the Free Software Foundation;
9
10 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
11 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
12 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
13 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
14 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
15 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
17 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18
19 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
20 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
21 SOFTWARE IS DISCLAIMED.
22 */
23
24 /*
25 RPN support - Dirk Husemann <hud@zurich.ibm.com>
26 */
27
28 /*
29 * Bluetooth RFCOMM core.
30 *
31 * $Id: core.c,v 1.42 2002/10/01 23:26:25 maxk Exp $
32 */
33
34 #include <linux/config.h>
35 #include <linux/module.h>
36 #include <linux/errno.h>
37 #include <linux/kernel.h>
38 #include <linux/sched.h>
39 #include <linux/signal.h>
40 #include <linux/init.h>
41 #include <linux/wait.h>
42 #include <linux/net.h>
43 #include <linux/proc_fs.h>
44 #include <linux/seq_file.h>
45 #include <net/sock.h>
46 #include <asm/uaccess.h>
47 #include <asm/unaligned.h>
48
49 #include <net/bluetooth/bluetooth.h>
50 #include <net/bluetooth/hci_core.h>
51 #include <net/bluetooth/l2cap.h>
52 #include <net/bluetooth/rfcomm.h>
53
54 #define VERSION "1.5"
55
56 #ifndef CONFIG_BT_RFCOMM_DEBUG
57 #undef BT_DBG
58 #define BT_DBG(D...)
59 #endif
60
61 #ifdef CONFIG_PROC_FS
62 struct proc_dir_entry *proc_bt_rfcomm;
63 #endif
64
65 static struct task_struct *rfcomm_thread;
66
67 static DECLARE_MUTEX(rfcomm_sem);
68 #define rfcomm_lock() down(&rfcomm_sem);
69 #define rfcomm_unlock() up(&rfcomm_sem);
70
71 unsigned long rfcomm_event;
72
73 static LIST_HEAD(session_list);
74 static atomic_t terminate, running;
75
76 static int rfcomm_send_frame(struct rfcomm_session *s, u8 *data, int len);
77 static int rfcomm_send_sabm(struct rfcomm_session *s, u8 dlci);
78 static int rfcomm_send_disc(struct rfcomm_session *s, u8 dlci);
79 static int rfcomm_queue_disc(struct rfcomm_dlc *d);
80 static int rfcomm_send_nsc(struct rfcomm_session *s, int cr, u8 type);
81 static int rfcomm_send_pn(struct rfcomm_session *s, int cr, struct rfcomm_dlc *d);
82 static int rfcomm_send_msc(struct rfcomm_session *s, int cr, u8 dlci, u8 v24_sig);
83 static int rfcomm_send_test(struct rfcomm_session *s, int cr, u8 *pattern, int len);
84 static int rfcomm_send_credits(struct rfcomm_session *s, u8 addr, u8 credits);
85 static void rfcomm_make_uih(struct sk_buff *skb, u8 addr);
86
87 static void rfcomm_process_connect(struct rfcomm_session *s);
88
89 static struct rfcomm_session *rfcomm_session_create(bdaddr_t *src, bdaddr_t *dst, int *err);
90 static struct rfcomm_session *rfcomm_session_get(bdaddr_t *src, bdaddr_t *dst);
91 static void rfcomm_session_del(struct rfcomm_session *s);
92
93 /* ---- RFCOMM frame parsing macros ---- */
94 #define __get_dlci(b) ((b & 0xfc) >> 2)
95 #define __get_channel(b) ((b & 0xf8) >> 3)
96 #define __get_dir(b) ((b & 0x04) >> 2)
97 #define __get_type(b) ((b & 0xef))
98
99 #define __test_ea(b) ((b & 0x01))
100 #define __test_cr(b) ((b & 0x02))
101 #define __test_pf(b) ((b & 0x10))
102
103 #define __addr(cr, dlci) (((dlci & 0x3f) << 2) | (cr << 1) | 0x01)
104 #define __ctrl(type, pf) (((type & 0xef) | (pf << 4)))
105 #define __dlci(dir, chn) (((chn & 0x1f) << 1) | dir)
106 #define __srv_channel(dlci) (dlci >> 1)
107 #define __dir(dlci) (dlci & 0x01)
108
109 #define __len8(len) (((len) << 1) | 1)
110 #define __len16(len) ((len) << 1)
111
112 /* MCC macros */
113 #define __mcc_type(cr, type) (((type << 2) | (cr << 1) | 0x01))
114 #define __get_mcc_type(b) ((b & 0xfc) >> 2)
115 #define __get_mcc_len(b) ((b & 0xfe) >> 1)
116
117 /* RPN macros */
118 #define __rpn_line_settings(data, stop, parity) ((data & 0x3) | ((stop & 0x1) << 2) | ((parity & 0x3) << 3))
119 #define __get_rpn_data_bits(line) ((line) & 0x3)
120 #define __get_rpn_stop_bits(line) (((line) >> 2) & 0x1)
121 #define __get_rpn_parity(line) (((line) >> 3) & 0x3)
122
123 static inline void rfcomm_schedule(uint event)
124 {
125 if (!rfcomm_thread)
126 return;
127 //set_bit(event, &rfcomm_event);
128 set_bit(RFCOMM_SCHED_WAKEUP, &rfcomm_event);
129 wake_up_process(rfcomm_thread);
130 }
131
132 static inline void rfcomm_session_put(struct rfcomm_session *s)
133 {
134 if (atomic_dec_and_test(&s->refcnt))
135 rfcomm_session_del(s);
136 }
137
138 /* ---- RFCOMM FCS computation ---- */
139
140 /* CRC on 2 bytes */
141 #define __crc(data) (rfcomm_crc_table[rfcomm_crc_table[0xff ^ data[0]] ^ data[1]])
142
143 /* FCS on 2 bytes */
144 static inline u8 __fcs(u8 *data)
145 {
146 return (0xff - __crc(data));
147 }
148
149 /* FCS on 3 bytes */
150 static inline u8 __fcs2(u8 *data)
151 {
152 return (0xff - rfcomm_crc_table[__crc(data) ^ data[2]]);
153 }
154
155 /* Check FCS */
156 static inline int __check_fcs(u8 *data, int type, u8 fcs)
157 {
158 u8 f = __crc(data);
159
160 if (type != RFCOMM_UIH)
161 f = rfcomm_crc_table[f ^ data[2]];
162
163 return rfcomm_crc_table[f ^ fcs] != 0xcf;
164 }
165
166 /* ---- L2CAP callbacks ---- */
167 static void rfcomm_l2state_change(struct sock *sk)
168 {
169 BT_DBG("%p state %d", sk, sk->sk_state);
170 rfcomm_schedule(RFCOMM_SCHED_STATE);
171 }
172
173 static void rfcomm_l2data_ready(struct sock *sk, int bytes)
174 {
175 BT_DBG("%p bytes %d", sk, bytes);
176 rfcomm_schedule(RFCOMM_SCHED_RX);
177 }
178
179 static int rfcomm_l2sock_create(struct socket **sock)
180 {
181 int err;
182
183 BT_DBG("");
184
185 err = sock_create_kern(PF_BLUETOOTH, SOCK_SEQPACKET, BTPROTO_L2CAP, sock);
186 if (!err) {
187 struct sock *sk = (*sock)->sk;
188 sk->sk_data_ready = rfcomm_l2data_ready;
189 sk->sk_state_change = rfcomm_l2state_change;
190 }
191 return err;
192 }
193
194 /* ---- RFCOMM DLCs ---- */
195 static void rfcomm_dlc_timeout(unsigned long arg)
196 {
197 struct rfcomm_dlc *d = (void *) arg;
198
199 BT_DBG("dlc %p state %ld", d, d->state);
200
201 set_bit(RFCOMM_TIMED_OUT, &d->flags);
202 rfcomm_dlc_put(d);
203 rfcomm_schedule(RFCOMM_SCHED_TIMEO);
204 }
205
206 static void rfcomm_dlc_set_timer(struct rfcomm_dlc *d, long timeout)
207 {
208 BT_DBG("dlc %p state %ld timeout %ld", d, d->state, timeout);
209
210 if (!mod_timer(&d->timer, jiffies + timeout))
211 rfcomm_dlc_hold(d);
212 }
213
214 static void rfcomm_dlc_clear_timer(struct rfcomm_dlc *d)
215 {
216 BT_DBG("dlc %p state %ld", d, d->state);
217
218 if (timer_pending(&d->timer) && del_timer(&d->timer))
219 rfcomm_dlc_put(d);
220 }
221
222 static void rfcomm_dlc_clear_state(struct rfcomm_dlc *d)
223 {
224 BT_DBG("%p", d);
225
226 d->state = BT_OPEN;
227 d->flags = 0;
228 d->mscex = 0;
229 d->mtu = RFCOMM_DEFAULT_MTU;
230 d->v24_sig = RFCOMM_V24_RTC | RFCOMM_V24_RTR | RFCOMM_V24_DV;
231
232 d->cfc = RFCOMM_CFC_DISABLED;
233 d->rx_credits = RFCOMM_DEFAULT_CREDITS;
234 }
235
236 struct rfcomm_dlc *rfcomm_dlc_alloc(int prio)
237 {
238 struct rfcomm_dlc *d = kmalloc(sizeof(*d), prio);
239 if (!d)
240 return NULL;
241 memset(d, 0, sizeof(*d));
242
243 init_timer(&d->timer);
244 d->timer.function = rfcomm_dlc_timeout;
245 d->timer.data = (unsigned long) d;
246
247 skb_queue_head_init(&d->tx_queue);
248 spin_lock_init(&d->lock);
249 atomic_set(&d->refcnt, 1);
250
251 rfcomm_dlc_clear_state(d);
252
253 BT_DBG("%p", d);
254 return d;
255 }
256
257 void rfcomm_dlc_free(struct rfcomm_dlc *d)
258 {
259 BT_DBG("%p", d);
260
261 skb_queue_purge(&d->tx_queue);
262 kfree(d);
263 }
264
265 static void rfcomm_dlc_link(struct rfcomm_session *s, struct rfcomm_dlc *d)
266 {
267 BT_DBG("dlc %p session %p", d, s);
268
269 rfcomm_session_hold(s);
270
271 rfcomm_dlc_hold(d);
272 list_add(&d->list, &s->dlcs);
273 d->session = s;
274 }
275
276 static void rfcomm_dlc_unlink(struct rfcomm_dlc *d)
277 {
278 struct rfcomm_session *s = d->session;
279
280 BT_DBG("dlc %p refcnt %d session %p", d, atomic_read(&d->refcnt), s);
281
282 list_del(&d->list);
283 d->session = NULL;
284 rfcomm_dlc_put(d);
285
286 rfcomm_session_put(s);
287 }
288
289 static struct rfcomm_dlc *rfcomm_dlc_get(struct rfcomm_session *s, u8 dlci)
290 {
291 struct rfcomm_dlc *d;
292 struct list_head *p;
293
294 list_for_each(p, &s->dlcs) {
295 d = list_entry(p, struct rfcomm_dlc, list);
296 if (d->dlci == dlci)
297 return d;
298 }
299 return NULL;
300 }
301
302 static int __rfcomm_dlc_open(struct rfcomm_dlc *d, bdaddr_t *src, bdaddr_t *dst, u8 channel)
303 {
304 struct rfcomm_session *s;
305 int err = 0;
306 u8 dlci;
307
308 BT_DBG("dlc %p state %ld %s %s channel %d",
309 d, d->state, batostr(src), batostr(dst), channel);
310
311 if (channel < 1 || channel > 30)
312 return -EINVAL;
313
314 if (d->state != BT_OPEN && d->state != BT_CLOSED)
315 return 0;
316
317 s = rfcomm_session_get(src, dst);
318 if (!s) {
319 s = rfcomm_session_create(src, dst, &err);
320 if (!s)
321 return err;
322 }
323
324 dlci = __dlci(!s->initiator, channel);
325
326 /* Check if DLCI already exists */
327 if (rfcomm_dlc_get(s, dlci))
328 return -EBUSY;
329
330 rfcomm_dlc_clear_state(d);
331
332 d->dlci = dlci;
333 d->addr = __addr(s->initiator, dlci);
334 d->priority = 7;
335
336 d->state = BT_CONFIG;
337 rfcomm_dlc_link(s, d);
338
339 d->mtu = s->mtu;
340 d->cfc = (s->cfc == RFCOMM_CFC_UNKNOWN) ? 0 : s->cfc;
341
342 if (s->state == BT_CONNECTED)
343 rfcomm_send_pn(s, 1, d);
344 rfcomm_dlc_set_timer(d, RFCOMM_CONN_TIMEOUT);
345 return 0;
346 }
347
348 int rfcomm_dlc_open(struct rfcomm_dlc *d, bdaddr_t *src, bdaddr_t *dst, u8 channel)
349 {
350 int r;
351
352 rfcomm_lock();
353
354 r = __rfcomm_dlc_open(d, src, dst, channel);
355
356 rfcomm_unlock();
357 return r;
358 }
359
360 static int __rfcomm_dlc_close(struct rfcomm_dlc *d, int err)
361 {
362 struct rfcomm_session *s = d->session;
363 if (!s)
364 return 0;
365
366 BT_DBG("dlc %p state %ld dlci %d err %d session %p",
367 d, d->state, d->dlci, err, s);
368
369 switch (d->state) {
370 case BT_CONNECTED:
371 case BT_CONFIG:
372 case BT_CONNECT:
373 d->state = BT_DISCONN;
374 if (skb_queue_empty(&d->tx_queue)) {
375 rfcomm_send_disc(s, d->dlci);
376 rfcomm_dlc_set_timer(d, RFCOMM_DISC_TIMEOUT);
377 } else {
378 rfcomm_queue_disc(d);
379 rfcomm_dlc_set_timer(d, RFCOMM_DISC_TIMEOUT * 2);
380 }
381 break;
382
383 default:
384 rfcomm_dlc_clear_timer(d);
385
386 rfcomm_dlc_lock(d);
387 d->state = BT_CLOSED;
388 d->state_change(d, err);
389 rfcomm_dlc_unlock(d);
390
391 skb_queue_purge(&d->tx_queue);
392 rfcomm_dlc_unlink(d);
393 }
394
395 return 0;
396 }
397
398 int rfcomm_dlc_close(struct rfcomm_dlc *d, int err)
399 {
400 int r;
401
402 rfcomm_lock();
403
404 r = __rfcomm_dlc_close(d, err);
405
406 rfcomm_unlock();
407 return r;
408 }
409
410 int rfcomm_dlc_send(struct rfcomm_dlc *d, struct sk_buff *skb)
411 {
412 int len = skb->len;
413
414 if (d->state != BT_CONNECTED)
415 return -ENOTCONN;
416
417 BT_DBG("dlc %p mtu %d len %d", d, d->mtu, len);
418
419 if (len > d->mtu)
420 return -EINVAL;
421
422 rfcomm_make_uih(skb, d->addr);
423 skb_queue_tail(&d->tx_queue, skb);
424
425 if (!test_bit(RFCOMM_TX_THROTTLED, &d->flags))
426 rfcomm_schedule(RFCOMM_SCHED_TX);
427 return len;
428 }
429
430 void fastcall __rfcomm_dlc_throttle(struct rfcomm_dlc *d)
431 {
432 BT_DBG("dlc %p state %ld", d, d->state);
433
434 if (!d->cfc) {
435 d->v24_sig |= RFCOMM_V24_FC;
436 set_bit(RFCOMM_MSC_PENDING, &d->flags);
437 }
438 rfcomm_schedule(RFCOMM_SCHED_TX);
439 }
440
441 void fastcall __rfcomm_dlc_unthrottle(struct rfcomm_dlc *d)
442 {
443 BT_DBG("dlc %p state %ld", d, d->state);
444
445 if (!d->cfc) {
446 d->v24_sig &= ~RFCOMM_V24_FC;
447 set_bit(RFCOMM_MSC_PENDING, &d->flags);
448 }
449 rfcomm_schedule(RFCOMM_SCHED_TX);
450 }
451
452 /*
453 Set/get modem status functions use _local_ status i.e. what we report
454 to the other side.
455 Remote status is provided by dlc->modem_status() callback.
456 */
457 int rfcomm_dlc_set_modem_status(struct rfcomm_dlc *d, u8 v24_sig)
458 {
459 BT_DBG("dlc %p state %ld v24_sig 0x%x",
460 d, d->state, v24_sig);
461
462 if (test_bit(RFCOMM_RX_THROTTLED, &d->flags))
463 v24_sig |= RFCOMM_V24_FC;
464 else
465 v24_sig &= ~RFCOMM_V24_FC;
466
467 d->v24_sig = v24_sig;
468
469 if (!test_and_set_bit(RFCOMM_MSC_PENDING, &d->flags))
470 rfcomm_schedule(RFCOMM_SCHED_TX);
471
472 return 0;
473 }
474
475 int rfcomm_dlc_get_modem_status(struct rfcomm_dlc *d, u8 *v24_sig)
476 {
477 BT_DBG("dlc %p state %ld v24_sig 0x%x",
478 d, d->state, d->v24_sig);
479
480 *v24_sig = d->v24_sig;
481 return 0;
482 }
483
484 /* ---- RFCOMM sessions ---- */
485 static struct rfcomm_session *rfcomm_session_add(struct socket *sock, int state)
486 {
487 struct rfcomm_session *s = kmalloc(sizeof(*s), GFP_KERNEL);
488 if (!s)
489 return NULL;
490 memset(s, 0, sizeof(*s));
491
492 BT_DBG("session %p sock %p", s, sock);
493
494 INIT_LIST_HEAD(&s->dlcs);
495 s->state = state;
496 s->sock = sock;
497
498 s->mtu = RFCOMM_DEFAULT_MTU;
499 s->cfc = RFCOMM_CFC_UNKNOWN;
500
501 /* Do not increment module usage count for listening sessions.
502 * Otherwise we won't be able to unload the module. */
503 if (state != BT_LISTEN)
504 if (!try_module_get(THIS_MODULE)) {
505 kfree(s);
506 return NULL;
507 }
508
509 list_add(&s->list, &session_list);
510
511 return s;
512 }
513
514 static void rfcomm_session_del(struct rfcomm_session *s)
515 {
516 int state = s->state;
517
518 BT_DBG("session %p state %ld", s, s->state);
519
520 list_del(&s->list);
521
522 if (state == BT_CONNECTED)
523 rfcomm_send_disc(s, 0);
524
525 sock_release(s->sock);
526 kfree(s);
527
528 if (state != BT_LISTEN)
529 module_put(THIS_MODULE);
530 }
531
532 static struct rfcomm_session *rfcomm_session_get(bdaddr_t *src, bdaddr_t *dst)
533 {
534 struct rfcomm_session *s;
535 struct list_head *p, *n;
536 struct bt_sock *sk;
537 list_for_each_safe(p, n, &session_list) {
538 s = list_entry(p, struct rfcomm_session, list);
539 sk = bt_sk(s->sock->sk);
540
541 if ((!bacmp(src, BDADDR_ANY) || !bacmp(&sk->src, src)) &&
542 !bacmp(&sk->dst, dst))
543 return s;
544 }
545 return NULL;
546 }
547
548 static void rfcomm_session_close(struct rfcomm_session *s, int err)
549 {
550 struct rfcomm_dlc *d;
551 struct list_head *p, *n;
552
553 BT_DBG("session %p state %ld err %d", s, s->state, err);
554
555 rfcomm_session_hold(s);
556
557 s->state = BT_CLOSED;
558
559 /* Close all dlcs */
560 list_for_each_safe(p, n, &s->dlcs) {
561 d = list_entry(p, struct rfcomm_dlc, list);
562 d->state = BT_CLOSED;
563 __rfcomm_dlc_close(d, err);
564 }
565
566 rfcomm_session_put(s);
567 }
568
569 static struct rfcomm_session *rfcomm_session_create(bdaddr_t *src, bdaddr_t *dst, int *err)
570 {
571 struct rfcomm_session *s = NULL;
572 struct sockaddr_l2 addr;
573 struct socket *sock;
574 struct sock *sk;
575
576 BT_DBG("%s %s", batostr(src), batostr(dst));
577
578 *err = rfcomm_l2sock_create(&sock);
579 if (*err < 0)
580 return NULL;
581
582 bacpy(&addr.l2_bdaddr, src);
583 addr.l2_family = AF_BLUETOOTH;
584 addr.l2_psm = 0;
585 *err = sock->ops->bind(sock, (struct sockaddr *) &addr, sizeof(addr));
586 if (*err < 0)
587 goto failed;
588
589 /* Set L2CAP options */
590 sk = sock->sk;
591 lock_sock(sk);
592 l2cap_pi(sk)->imtu = RFCOMM_MAX_L2CAP_MTU;
593 release_sock(sk);
594
595 s = rfcomm_session_add(sock, BT_BOUND);
596 if (!s) {
597 *err = -ENOMEM;
598 goto failed;
599 }
600
601 s->initiator = 1;
602
603 bacpy(&addr.l2_bdaddr, dst);
604 addr.l2_family = AF_BLUETOOTH;
605 addr.l2_psm = htobs(RFCOMM_PSM);
606 *err = sock->ops->connect(sock, (struct sockaddr *) &addr, sizeof(addr), O_NONBLOCK);
607 if (*err == 0 || *err == -EAGAIN)
608 return s;
609
610 rfcomm_session_del(s);
611 return NULL;
612
613 failed:
614 sock_release(sock);
615 return NULL;
616 }
617
618 void rfcomm_session_getaddr(struct rfcomm_session *s, bdaddr_t *src, bdaddr_t *dst)
619 {
620 struct sock *sk = s->sock->sk;
621 if (src)
622 bacpy(src, &bt_sk(sk)->src);
623 if (dst)
624 bacpy(dst, &bt_sk(sk)->dst);
625 }
626
627 /* ---- RFCOMM frame sending ---- */
628 static int rfcomm_send_frame(struct rfcomm_session *s, u8 *data, int len)
629 {
630 struct socket *sock = s->sock;
631 struct kvec iv = { data, len };
632 struct msghdr msg;
633
634 BT_DBG("session %p len %d", s, len);
635
636 memset(&msg, 0, sizeof(msg));
637
638 return kernel_sendmsg(sock, &msg, &iv, 1, len);
639 }
640
641 static int rfcomm_send_sabm(struct rfcomm_session *s, u8 dlci)
642 {
643 struct rfcomm_cmd cmd;
644
645 BT_DBG("%p dlci %d", s, dlci);
646
647 cmd.addr = __addr(s->initiator, dlci);
648 cmd.ctrl = __ctrl(RFCOMM_SABM, 1);
649 cmd.len = __len8(0);
650 cmd.fcs = __fcs2((u8 *) &cmd);
651
652 return rfcomm_send_frame(s, (void *) &cmd, sizeof(cmd));
653 }
654
655 static int rfcomm_send_ua(struct rfcomm_session *s, u8 dlci)
656 {
657 struct rfcomm_cmd cmd;
658
659 BT_DBG("%p dlci %d", s, dlci);
660
661 cmd.addr = __addr(!s->initiator, dlci);
662 cmd.ctrl = __ctrl(RFCOMM_UA, 1);
663 cmd.len = __len8(0);
664 cmd.fcs = __fcs2((u8 *) &cmd);
665
666 return rfcomm_send_frame(s, (void *) &cmd, sizeof(cmd));
667 }
668
669 static int rfcomm_send_disc(struct rfcomm_session *s, u8 dlci)
670 {
671 struct rfcomm_cmd cmd;
672
673 BT_DBG("%p dlci %d", s, dlci);
674
675 cmd.addr = __addr(s->initiator, dlci);
676 cmd.ctrl = __ctrl(RFCOMM_DISC, 1);
677 cmd.len = __len8(0);
678 cmd.fcs = __fcs2((u8 *) &cmd);
679
680 return rfcomm_send_frame(s, (void *) &cmd, sizeof(cmd));
681 }
682
683 static int rfcomm_queue_disc(struct rfcomm_dlc *d)
684 {
685 struct rfcomm_cmd *cmd;
686 struct sk_buff *skb;
687
688 BT_DBG("dlc %p dlci %d", d, d->dlci);
689
690 skb = alloc_skb(sizeof(*cmd), GFP_KERNEL);
691 if (!skb)
692 return -ENOMEM;
693
694 cmd = (void *) __skb_put(skb, sizeof(*cmd));
695 cmd->addr = d->addr;
696 cmd->ctrl = __ctrl(RFCOMM_DISC, 1);
697 cmd->len = __len8(0);
698 cmd->fcs = __fcs2((u8 *) cmd);
699
700 skb_queue_tail(&d->tx_queue, skb);
701 rfcomm_schedule(RFCOMM_SCHED_TX);
702 return 0;
703 }
704
705 static int rfcomm_send_dm(struct rfcomm_session *s, u8 dlci)
706 {
707 struct rfcomm_cmd cmd;
708
709 BT_DBG("%p dlci %d", s, dlci);
710
711 cmd.addr = __addr(!s->initiator, dlci);
712 cmd.ctrl = __ctrl(RFCOMM_DM, 1);
713 cmd.len = __len8(0);
714 cmd.fcs = __fcs2((u8 *) &cmd);
715
716 return rfcomm_send_frame(s, (void *) &cmd, sizeof(cmd));
717 }
718
719 static int rfcomm_send_nsc(struct rfcomm_session *s, int cr, u8 type)
720 {
721 struct rfcomm_hdr *hdr;
722 struct rfcomm_mcc *mcc;
723 u8 buf[16], *ptr = buf;
724
725 BT_DBG("%p cr %d type %d", s, cr, type);
726
727 hdr = (void *) ptr; ptr += sizeof(*hdr);
728 hdr->addr = __addr(s->initiator, 0);
729 hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
730 hdr->len = __len8(sizeof(*mcc) + 1);
731
732 mcc = (void *) ptr; ptr += sizeof(*mcc);
733 mcc->type = __mcc_type(cr, RFCOMM_NSC);
734 mcc->len = __len8(1);
735
736 /* Type that we didn't like */
737 *ptr = __mcc_type(cr, type); ptr++;
738
739 *ptr = __fcs(buf); ptr++;
740
741 return rfcomm_send_frame(s, buf, ptr - buf);
742 }
743
744 static int rfcomm_send_pn(struct rfcomm_session *s, int cr, struct rfcomm_dlc *d)
745 {
746 struct rfcomm_hdr *hdr;
747 struct rfcomm_mcc *mcc;
748 struct rfcomm_pn *pn;
749 u8 buf[16], *ptr = buf;
750
751 BT_DBG("%p cr %d dlci %d mtu %d", s, cr, d->dlci, d->mtu);
752
753 hdr = (void *) ptr; ptr += sizeof(*hdr);
754 hdr->addr = __addr(s->initiator, 0);
755 hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
756 hdr->len = __len8(sizeof(*mcc) + sizeof(*pn));
757
758 mcc = (void *) ptr; ptr += sizeof(*mcc);
759 mcc->type = __mcc_type(cr, RFCOMM_PN);
760 mcc->len = __len8(sizeof(*pn));
761
762 pn = (void *) ptr; ptr += sizeof(*pn);
763 pn->dlci = d->dlci;
764 pn->priority = d->priority;
765 pn->ack_timer = 0;
766 pn->max_retrans = 0;
767
768 if (s->cfc) {
769 pn->flow_ctrl = cr ? 0xf0 : 0xe0;
770 pn->credits = RFCOMM_DEFAULT_CREDITS;
771 } else {
772 pn->flow_ctrl = 0;
773 pn->credits = 0;
774 }
775
776 pn->mtu = htobs(d->mtu);
777
778 *ptr = __fcs(buf); ptr++;
779
780 return rfcomm_send_frame(s, buf, ptr - buf);
781 }
782
783 static int rfcomm_send_rpn(struct rfcomm_session *s, int cr, u8 dlci,
784 u8 bit_rate, u8 data_bits, u8 stop_bits,
785 u8 parity, u8 flow_ctrl_settings,
786 u8 xon_char, u8 xoff_char, u16 param_mask)
787 {
788 struct rfcomm_hdr *hdr;
789 struct rfcomm_mcc *mcc;
790 struct rfcomm_rpn *rpn;
791 u8 buf[16], *ptr = buf;
792
793 BT_DBG("%p cr %d dlci %d bit_r 0x%x data_b 0x%x stop_b 0x%x parity 0x%x"
794 "flwc_s 0x%x xon_c 0x%x xoff_c 0x%x p_mask 0x%x",
795 s, cr, dlci, bit_rate, data_bits, stop_bits, parity,
796 flow_ctrl_settings, xon_char, xoff_char, param_mask);
797
798 hdr = (void *) ptr; ptr += sizeof(*hdr);
799 hdr->addr = __addr(s->initiator, 0);
800 hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
801 hdr->len = __len8(sizeof(*mcc) + sizeof(*rpn));
802
803 mcc = (void *) ptr; ptr += sizeof(*mcc);
804 mcc->type = __mcc_type(cr, RFCOMM_RPN);
805 mcc->len = __len8(sizeof(*rpn));
806
807 rpn = (void *) ptr; ptr += sizeof(*rpn);
808 rpn->dlci = __addr(1, dlci);
809 rpn->bit_rate = bit_rate;
810 rpn->line_settings = __rpn_line_settings(data_bits, stop_bits, parity);
811 rpn->flow_ctrl = flow_ctrl_settings;
812 rpn->xon_char = xon_char;
813 rpn->xoff_char = xoff_char;
814 rpn->param_mask = param_mask;
815
816 *ptr = __fcs(buf); ptr++;
817
818 return rfcomm_send_frame(s, buf, ptr - buf);
819 }
820
821 static int rfcomm_send_rls(struct rfcomm_session *s, int cr, u8 dlci, u8 status)
822 {
823 struct rfcomm_hdr *hdr;
824 struct rfcomm_mcc *mcc;
825 struct rfcomm_rls *rls;
826 u8 buf[16], *ptr = buf;
827
828 BT_DBG("%p cr %d status 0x%x", s, cr, status);
829
830 hdr = (void *) ptr; ptr += sizeof(*hdr);
831 hdr->addr = __addr(s->initiator, 0);
832 hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
833 hdr->len = __len8(sizeof(*mcc) + sizeof(*rls));
834
835 mcc = (void *) ptr; ptr += sizeof(*mcc);
836 mcc->type = __mcc_type(cr, RFCOMM_RLS);
837 mcc->len = __len8(sizeof(*rls));
838
839 rls = (void *) ptr; ptr += sizeof(*rls);
840 rls->dlci = __addr(1, dlci);
841 rls->status = status;
842
843 *ptr = __fcs(buf); ptr++;
844
845 return rfcomm_send_frame(s, buf, ptr - buf);
846 }
847
848 static int rfcomm_send_msc(struct rfcomm_session *s, int cr, u8 dlci, u8 v24_sig)
849 {
850 struct rfcomm_hdr *hdr;
851 struct rfcomm_mcc *mcc;
852 struct rfcomm_msc *msc;
853 u8 buf[16], *ptr = buf;
854
855 BT_DBG("%p cr %d v24 0x%x", s, cr, v24_sig);
856
857 hdr = (void *) ptr; ptr += sizeof(*hdr);
858 hdr->addr = __addr(s->initiator, 0);
859 hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
860 hdr->len = __len8(sizeof(*mcc) + sizeof(*msc));
861
862 mcc = (void *) ptr; ptr += sizeof(*mcc);
863 mcc->type = __mcc_type(cr, RFCOMM_MSC);
864 mcc->len = __len8(sizeof(*msc));
865
866 msc = (void *) ptr; ptr += sizeof(*msc);
867 msc->dlci = __addr(1, dlci);
868 msc->v24_sig = v24_sig | 0x01;
869
870 *ptr = __fcs(buf); ptr++;
871
872 return rfcomm_send_frame(s, buf, ptr - buf);
873 }
874
875 static int rfcomm_send_fcoff(struct rfcomm_session *s, int cr)
876 {
877 struct rfcomm_hdr *hdr;
878 struct rfcomm_mcc *mcc;
879 u8 buf[16], *ptr = buf;
880
881 BT_DBG("%p cr %d", s, cr);
882
883 hdr = (void *) ptr; ptr += sizeof(*hdr);
884 hdr->addr = __addr(s->initiator, 0);
885 hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
886 hdr->len = __len8(sizeof(*mcc));
887
888 mcc = (void *) ptr; ptr += sizeof(*mcc);
889 mcc->type = __mcc_type(cr, RFCOMM_FCOFF);
890 mcc->len = __len8(0);
891
892 *ptr = __fcs(buf); ptr++;
893
894 return rfcomm_send_frame(s, buf, ptr - buf);
895 }
896
897 static int rfcomm_send_fcon(struct rfcomm_session *s, int cr)
898 {
899 struct rfcomm_hdr *hdr;
900 struct rfcomm_mcc *mcc;
901 u8 buf[16], *ptr = buf;
902
903 BT_DBG("%p cr %d", s, cr);
904
905 hdr = (void *) ptr; ptr += sizeof(*hdr);
906 hdr->addr = __addr(s->initiator, 0);
907 hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
908 hdr->len = __len8(sizeof(*mcc));
909
910 mcc = (void *) ptr; ptr += sizeof(*mcc);
911 mcc->type = __mcc_type(cr, RFCOMM_FCON);
912 mcc->len = __len8(0);
913
914 *ptr = __fcs(buf); ptr++;
915
916 return rfcomm_send_frame(s, buf, ptr - buf);
917 }
918
919 static int rfcomm_send_test(struct rfcomm_session *s, int cr, u8 *pattern, int len)
920 {
921 struct socket *sock = s->sock;
922 struct kvec iv[3];
923 struct msghdr msg;
924 unsigned char hdr[5], crc[1];
925
926 if (len > 125)
927 return -EINVAL;
928
929 BT_DBG("%p cr %d", s, cr);
930
931 hdr[0] = __addr(s->initiator, 0);
932 hdr[1] = __ctrl(RFCOMM_UIH, 0);
933 hdr[2] = 0x01 | ((len + 2) << 1);
934 hdr[3] = 0x01 | ((cr & 0x01) << 1) | (RFCOMM_TEST << 2);
935 hdr[4] = 0x01 | (len << 1);
936
937 crc[0] = __fcs(hdr);
938
939 iv[0].iov_base = hdr;
940 iv[0].iov_len = 5;
941 iv[1].iov_base = pattern;
942 iv[1].iov_len = len;
943 iv[2].iov_base = crc;
944 iv[2].iov_len = 1;
945
946 memset(&msg, 0, sizeof(msg));
947
948 return kernel_sendmsg(sock, &msg, iv, 3, 6 + len);
949 }
950
951 static int rfcomm_send_credits(struct rfcomm_session *s, u8 addr, u8 credits)
952 {
953 struct rfcomm_hdr *hdr;
954 u8 buf[16], *ptr = buf;
955
956 BT_DBG("%p addr %d credits %d", s, addr, credits);
957
958 hdr = (void *) ptr; ptr += sizeof(*hdr);
959 hdr->addr = addr;
960 hdr->ctrl = __ctrl(RFCOMM_UIH, 1);
961 hdr->len = __len8(0);
962
963 *ptr = credits; ptr++;
964
965 *ptr = __fcs(buf); ptr++;
966
967 return rfcomm_send_frame(s, buf, ptr - buf);
968 }
969
970 static void rfcomm_make_uih(struct sk_buff *skb, u8 addr)
971 {
972 struct rfcomm_hdr *hdr;
973 int len = skb->len;
974 u8 *crc;
975
976 if (len > 127) {
977 hdr = (void *) skb_push(skb, 4);
978 put_unaligned(htobs(__len16(len)), (u16 *) &hdr->len);
979 } else {
980 hdr = (void *) skb_push(skb, 3);
981 hdr->len = __len8(len);
982 }
983 hdr->addr = addr;
984 hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
985
986 crc = skb_put(skb, 1);
987 *crc = __fcs((void *) hdr);
988 }
989
990 /* ---- RFCOMM frame reception ---- */
991 static int rfcomm_recv_ua(struct rfcomm_session *s, u8 dlci)
992 {
993 BT_DBG("session %p state %ld dlci %d", s, s->state, dlci);
994
995 if (dlci) {
996 /* Data channel */
997 struct rfcomm_dlc *d = rfcomm_dlc_get(s, dlci);
998 if (!d) {
999 rfcomm_send_dm(s, dlci);
1000 return 0;
1001 }
1002
1003 switch (d->state) {
1004 case BT_CONNECT:
1005 rfcomm_dlc_clear_timer(d);
1006
1007 rfcomm_dlc_lock(d);
1008 d->state = BT_CONNECTED;
1009 d->state_change(d, 0);
1010 rfcomm_dlc_unlock(d);
1011
1012 rfcomm_send_msc(s, 1, dlci, d->v24_sig);
1013 break;
1014
1015 case BT_DISCONN:
1016 d->state = BT_CLOSED;
1017 __rfcomm_dlc_close(d, 0);
1018 break;
1019 }
1020 } else {
1021 /* Control channel */
1022 switch (s->state) {
1023 case BT_CONNECT:
1024 s->state = BT_CONNECTED;
1025 rfcomm_process_connect(s);
1026 break;
1027 }
1028 }
1029 return 0;
1030 }
1031
1032 static int rfcomm_recv_dm(struct rfcomm_session *s, u8 dlci)
1033 {
1034 int err = 0;
1035
1036 BT_DBG("session %p state %ld dlci %d", s, s->state, dlci);
1037
1038 if (dlci) {
1039 /* Data DLC */
1040 struct rfcomm_dlc *d = rfcomm_dlc_get(s, dlci);
1041 if (d) {
1042 if (d->state == BT_CONNECT || d->state == BT_CONFIG)
1043 err = ECONNREFUSED;
1044 else
1045 err = ECONNRESET;
1046
1047 d->state = BT_CLOSED;
1048 __rfcomm_dlc_close(d, err);
1049 }
1050 } else {
1051 if (s->state == BT_CONNECT)
1052 err = ECONNREFUSED;
1053 else
1054 err = ECONNRESET;
1055
1056 s->state = BT_CLOSED;
1057 rfcomm_session_close(s, err);
1058 }
1059 return 0;
1060 }
1061
1062 static int rfcomm_recv_disc(struct rfcomm_session *s, u8 dlci)
1063 {
1064 int err = 0;
1065
1066 BT_DBG("session %p state %ld dlci %d", s, s->state, dlci);
1067
1068 if (dlci) {
1069 struct rfcomm_dlc *d = rfcomm_dlc_get(s, dlci);
1070 if (d) {
1071 rfcomm_send_ua(s, dlci);
1072
1073 if (d->state == BT_CONNECT || d->state == BT_CONFIG)
1074 err = ECONNREFUSED;
1075 else
1076 err = ECONNRESET;
1077
1078 d->state = BT_CLOSED;
1079 __rfcomm_dlc_close(d, err);
1080 } else
1081 rfcomm_send_dm(s, dlci);
1082
1083 } else {
1084 rfcomm_send_ua(s, 0);
1085
1086 if (s->state == BT_CONNECT)
1087 err = ECONNREFUSED;
1088 else
1089 err = ECONNRESET;
1090
1091 s->state = BT_CLOSED;
1092 rfcomm_session_close(s, err);
1093 }
1094
1095 return 0;
1096 }
1097
1098 static inline int rfcomm_check_link_mode(struct rfcomm_dlc *d)
1099 {
1100 struct sock *sk = d->session->sock->sk;
1101
1102 if (d->link_mode & (RFCOMM_LM_ENCRYPT | RFCOMM_LM_SECURE)) {
1103 if (!hci_conn_encrypt(l2cap_pi(sk)->conn->hcon))
1104 return 1;
1105 } else if (d->link_mode & RFCOMM_LM_AUTH) {
1106 if (!hci_conn_auth(l2cap_pi(sk)->conn->hcon))
1107 return 1;
1108 }
1109
1110 return 0;
1111 }
1112
1113 static void rfcomm_dlc_accept(struct rfcomm_dlc *d)
1114 {
1115 BT_DBG("dlc %p", d);
1116
1117 rfcomm_send_ua(d->session, d->dlci);
1118
1119 rfcomm_dlc_lock(d);
1120 d->state = BT_CONNECTED;
1121 d->state_change(d, 0);
1122 rfcomm_dlc_unlock(d);
1123
1124 rfcomm_send_msc(d->session, 1, d->dlci, d->v24_sig);
1125 }
1126
1127 static int rfcomm_recv_sabm(struct rfcomm_session *s, u8 dlci)
1128 {
1129 struct rfcomm_dlc *d;
1130 u8 channel;
1131
1132 BT_DBG("session %p state %ld dlci %d", s, s->state, dlci);
1133
1134 if (!dlci) {
1135 rfcomm_send_ua(s, 0);
1136
1137 if (s->state == BT_OPEN) {
1138 s->state = BT_CONNECTED;
1139 rfcomm_process_connect(s);
1140 }
1141 return 0;
1142 }
1143
1144 /* Check if DLC exists */
1145 d = rfcomm_dlc_get(s, dlci);
1146 if (d) {
1147 if (d->state == BT_OPEN) {
1148 /* DLC was previously opened by PN request */
1149 if (rfcomm_check_link_mode(d)) {
1150 set_bit(RFCOMM_AUTH_PENDING, &d->flags);
1151 rfcomm_dlc_set_timer(d, RFCOMM_AUTH_TIMEOUT);
1152 return 0;
1153 }
1154
1155 rfcomm_dlc_accept(d);
1156 }
1157 return 0;
1158 }
1159
1160 /* Notify socket layer about incoming connection */
1161 channel = __srv_channel(dlci);
1162 if (rfcomm_connect_ind(s, channel, &d)) {
1163 d->dlci = dlci;
1164 d->addr = __addr(s->initiator, dlci);
1165 rfcomm_dlc_link(s, d);
1166
1167 if (rfcomm_check_link_mode(d)) {
1168 set_bit(RFCOMM_AUTH_PENDING, &d->flags);
1169 rfcomm_dlc_set_timer(d, RFCOMM_AUTH_TIMEOUT);
1170 return 0;
1171 }
1172
1173 rfcomm_dlc_accept(d);
1174 } else {
1175 rfcomm_send_dm(s, dlci);
1176 }
1177
1178 return 0;
1179 }
1180
1181 static int rfcomm_apply_pn(struct rfcomm_dlc *d, int cr, struct rfcomm_pn *pn)
1182 {
1183 struct rfcomm_session *s = d->session;
1184
1185 BT_DBG("dlc %p state %ld dlci %d mtu %d fc 0x%x credits %d",
1186 d, d->state, d->dlci, pn->mtu, pn->flow_ctrl, pn->credits);
1187
1188 if (pn->flow_ctrl == 0xf0 || pn->flow_ctrl == 0xe0) {
1189 d->cfc = s->cfc = RFCOMM_CFC_ENABLED;
1190 d->tx_credits = pn->credits;
1191 } else {
1192 d->cfc = s->cfc = RFCOMM_CFC_DISABLED;
1193 set_bit(RFCOMM_TX_THROTTLED, &d->flags);
1194 }
1195
1196 d->priority = pn->priority;
1197
1198 d->mtu = s->mtu = btohs(pn->mtu);
1199
1200 return 0;
1201 }
1202
1203 static int rfcomm_recv_pn(struct rfcomm_session *s, int cr, struct sk_buff *skb)
1204 {
1205 struct rfcomm_pn *pn = (void *) skb->data;
1206 struct rfcomm_dlc *d;
1207 u8 dlci = pn->dlci;
1208
1209 BT_DBG("session %p state %ld dlci %d", s, s->state, dlci);
1210
1211 if (!dlci)
1212 return 0;
1213
1214 d = rfcomm_dlc_get(s, dlci);
1215 if (d) {
1216 if (cr) {
1217 /* PN request */
1218 rfcomm_apply_pn(d, cr, pn);
1219 rfcomm_send_pn(s, 0, d);
1220 } else {
1221 /* PN response */
1222 switch (d->state) {
1223 case BT_CONFIG:
1224 rfcomm_apply_pn(d, cr, pn);
1225
1226 d->state = BT_CONNECT;
1227 rfcomm_send_sabm(s, d->dlci);
1228 break;
1229 }
1230 }
1231 } else {
1232 u8 channel = __srv_channel(dlci);
1233
1234 if (!cr)
1235 return 0;
1236
1237 /* PN request for non existing DLC.
1238 * Assume incoming connection. */
1239 if (rfcomm_connect_ind(s, channel, &d)) {
1240 d->dlci = dlci;
1241 d->addr = __addr(s->initiator, dlci);
1242 rfcomm_dlc_link(s, d);
1243
1244 rfcomm_apply_pn(d, cr, pn);
1245
1246 d->state = BT_OPEN;
1247 rfcomm_send_pn(s, 0, d);
1248 } else {
1249 rfcomm_send_dm(s, dlci);
1250 }
1251 }
1252 return 0;
1253 }
1254
1255 static int rfcomm_recv_rpn(struct rfcomm_session *s, int cr, int len, struct sk_buff *skb)
1256 {
1257 struct rfcomm_rpn *rpn = (void *) skb->data;
1258 u8 dlci = __get_dlci(rpn->dlci);
1259
1260 u8 bit_rate = 0;
1261 u8 data_bits = 0;
1262 u8 stop_bits = 0;
1263 u8 parity = 0;
1264 u8 flow_ctrl = 0;
1265 u8 xon_char = 0;
1266 u8 xoff_char = 0;
1267 u16 rpn_mask = RFCOMM_RPN_PM_ALL;
1268
1269 BT_DBG("dlci %d cr %d len 0x%x bitr 0x%x line 0x%x flow 0x%x xonc 0x%x xoffc 0x%x pm 0x%x",
1270 dlci, cr, len, rpn->bit_rate, rpn->line_settings, rpn->flow_ctrl,
1271 rpn->xon_char, rpn->xoff_char, rpn->param_mask);
1272
1273 if (!cr)
1274 return 0;
1275
1276 if (len == 1) {
1277 /* request: return default setting */
1278 bit_rate = RFCOMM_RPN_BR_115200;
1279 data_bits = RFCOMM_RPN_DATA_8;
1280 stop_bits = RFCOMM_RPN_STOP_1;
1281 parity = RFCOMM_RPN_PARITY_NONE;
1282 flow_ctrl = RFCOMM_RPN_FLOW_NONE;
1283 xon_char = RFCOMM_RPN_XON_CHAR;
1284 xoff_char = RFCOMM_RPN_XOFF_CHAR;
1285
1286 goto rpn_out;
1287 }
1288 /* check for sane values: ignore/accept bit_rate, 8 bits, 1 stop bit, no parity,
1289 no flow control lines, normal XON/XOFF chars */
1290 if (rpn->param_mask & RFCOMM_RPN_PM_BITRATE) {
1291 bit_rate = rpn->bit_rate;
1292 if (bit_rate != RFCOMM_RPN_BR_115200) {
1293 BT_DBG("RPN bit rate mismatch 0x%x", bit_rate);
1294 bit_rate = RFCOMM_RPN_BR_115200;
1295 rpn_mask ^= RFCOMM_RPN_PM_BITRATE;
1296 }
1297 }
1298 if (rpn->param_mask & RFCOMM_RPN_PM_DATA) {
1299 data_bits = __get_rpn_data_bits(rpn->line_settings);
1300 if (data_bits != RFCOMM_RPN_DATA_8) {
1301 BT_DBG("RPN data bits mismatch 0x%x", data_bits);
1302 data_bits = RFCOMM_RPN_DATA_8;
1303 rpn_mask ^= RFCOMM_RPN_PM_DATA;
1304 }
1305 }
1306 if (rpn->param_mask & RFCOMM_RPN_PM_STOP) {
1307 stop_bits = __get_rpn_stop_bits(rpn->line_settings);
1308 if (stop_bits != RFCOMM_RPN_STOP_1) {
1309 BT_DBG("RPN stop bits mismatch 0x%x", stop_bits);
1310 stop_bits = RFCOMM_RPN_STOP_1;
1311 rpn_mask ^= RFCOMM_RPN_PM_STOP;
1312 }
1313 }
1314 if (rpn->param_mask & RFCOMM_RPN_PM_PARITY) {
1315 parity = __get_rpn_parity(rpn->line_settings);
1316 if (parity != RFCOMM_RPN_PARITY_NONE) {
1317 BT_DBG("RPN parity mismatch 0x%x", parity);
1318 parity = RFCOMM_RPN_PARITY_NONE;
1319 rpn_mask ^= RFCOMM_RPN_PM_PARITY;
1320 }
1321 }
1322 if (rpn->param_mask & RFCOMM_RPN_PM_FLOW) {
1323 flow_ctrl = rpn->flow_ctrl;
1324 if (flow_ctrl != RFCOMM_RPN_FLOW_NONE) {
1325 BT_DBG("RPN flow ctrl mismatch 0x%x", flow_ctrl);
1326 flow_ctrl = RFCOMM_RPN_FLOW_NONE;
1327 rpn_mask ^= RFCOMM_RPN_PM_FLOW;
1328 }
1329 }
1330 if (rpn->param_mask & RFCOMM_RPN_PM_XON) {
1331 xon_char = rpn->xon_char;
1332 if (xon_char != RFCOMM_RPN_XON_CHAR) {
1333 BT_DBG("RPN XON char mismatch 0x%x", xon_char);
1334 xon_char = RFCOMM_RPN_XON_CHAR;
1335 rpn_mask ^= RFCOMM_RPN_PM_XON;
1336 }
1337 }
1338 if (rpn->param_mask & RFCOMM_RPN_PM_XOFF) {
1339 xoff_char = rpn->xoff_char;
1340 if (xoff_char != RFCOMM_RPN_XOFF_CHAR) {
1341 BT_DBG("RPN XOFF char mismatch 0x%x", xoff_char);
1342 xoff_char = RFCOMM_RPN_XOFF_CHAR;
1343 rpn_mask ^= RFCOMM_RPN_PM_XOFF;
1344 }
1345 }
1346
1347 rpn_out:
1348 rfcomm_send_rpn(s, 0, dlci,
1349 bit_rate, data_bits, stop_bits, parity, flow_ctrl,
1350 xon_char, xoff_char, rpn_mask);
1351
1352 return 0;
1353 }
1354
1355 static int rfcomm_recv_rls(struct rfcomm_session *s, int cr, struct sk_buff *skb)
1356 {
1357 struct rfcomm_rls *rls = (void *) skb->data;
1358 u8 dlci = __get_dlci(rls->dlci);
1359
1360 BT_DBG("dlci %d cr %d status 0x%x", dlci, cr, rls->status);
1361
1362 if (!cr)
1363 return 0;
1364
1365 /* FIXME: We should probably do something with this
1366 information here. But for now it's sufficient just
1367 to reply -- Bluetooth 1.1 says it's mandatory to
1368 recognise and respond to RLS */
1369
1370 rfcomm_send_rls(s, 0, dlci, rls->status);
1371
1372 return 0;
1373 }
1374
1375 static int rfcomm_recv_msc(struct rfcomm_session *s, int cr, struct sk_buff *skb)
1376 {
1377 struct rfcomm_msc *msc = (void *) skb->data;
1378 struct rfcomm_dlc *d;
1379 u8 dlci = __get_dlci(msc->dlci);
1380
1381 BT_DBG("dlci %d cr %d v24 0x%x", dlci, cr, msc->v24_sig);
1382
1383 d = rfcomm_dlc_get(s, dlci);
1384 if (!d)
1385 return 0;
1386
1387 if (cr) {
1388 if (msc->v24_sig & RFCOMM_V24_FC && !d->cfc)
1389 set_bit(RFCOMM_TX_THROTTLED, &d->flags);
1390 else
1391 clear_bit(RFCOMM_TX_THROTTLED, &d->flags);
1392
1393 rfcomm_dlc_lock(d);
1394 if (d->modem_status)
1395 d->modem_status(d, msc->v24_sig);
1396 rfcomm_dlc_unlock(d);
1397
1398 rfcomm_send_msc(s, 0, dlci, msc->v24_sig);
1399
1400 d->mscex |= RFCOMM_MSCEX_RX;
1401 } else
1402 d->mscex |= RFCOMM_MSCEX_TX;
1403
1404 return 0;
1405 }
1406
1407 static int rfcomm_recv_mcc(struct rfcomm_session *s, struct sk_buff *skb)
1408 {
1409 struct rfcomm_mcc *mcc = (void *) skb->data;
1410 u8 type, cr, len;
1411
1412 cr = __test_cr(mcc->type);
1413 type = __get_mcc_type(mcc->type);
1414 len = __get_mcc_len(mcc->len);
1415
1416 BT_DBG("%p type 0x%x cr %d", s, type, cr);
1417
1418 skb_pull(skb, 2);
1419
1420 switch (type) {
1421 case RFCOMM_PN:
1422 rfcomm_recv_pn(s, cr, skb);
1423 break;
1424
1425 case RFCOMM_RPN:
1426 rfcomm_recv_rpn(s, cr, len, skb);
1427 break;
1428
1429 case RFCOMM_RLS:
1430 rfcomm_recv_rls(s, cr, skb);
1431 break;
1432
1433 case RFCOMM_MSC:
1434 rfcomm_recv_msc(s, cr, skb);
1435 break;
1436
1437 case RFCOMM_FCOFF:
1438 if (cr) {
1439 set_bit(RFCOMM_TX_THROTTLED, &s->flags);
1440 rfcomm_send_fcoff(s, 0);
1441 }
1442 break;
1443
1444 case RFCOMM_FCON:
1445 if (cr) {
1446 clear_bit(RFCOMM_TX_THROTTLED, &s->flags);
1447 rfcomm_send_fcon(s, 0);
1448 }
1449 break;
1450
1451 case RFCOMM_TEST:
1452 if (cr)
1453 rfcomm_send_test(s, 0, skb->data, skb->len);
1454 break;
1455
1456 case RFCOMM_NSC:
1457 break;
1458
1459 default:
1460 BT_ERR("Unknown control type 0x%02x", type);
1461 rfcomm_send_nsc(s, cr, type);
1462 break;
1463 }
1464 return 0;
1465 }
1466
1467 static int rfcomm_recv_data(struct rfcomm_session *s, u8 dlci, int pf, struct sk_buff *skb)
1468 {
1469 struct rfcomm_dlc *d;
1470
1471 BT_DBG("session %p state %ld dlci %d pf %d", s, s->state, dlci, pf);
1472
1473 d = rfcomm_dlc_get(s, dlci);
1474 if (!d) {
1475 rfcomm_send_dm(s, dlci);
1476 goto drop;
1477 }
1478
1479 if (pf && d->cfc) {
1480 u8 credits = *(u8 *) skb->data; skb_pull(skb, 1);
1481
1482 d->tx_credits += credits;
1483 if (d->tx_credits)
1484 clear_bit(RFCOMM_TX_THROTTLED, &d->flags);
1485 }
1486
1487 if (skb->len && d->state == BT_CONNECTED) {
1488 rfcomm_dlc_lock(d);
1489 d->rx_credits--;
1490 d->data_ready(d, skb);
1491 rfcomm_dlc_unlock(d);
1492 return 0;
1493 }
1494
1495 drop:
1496 kfree_skb(skb);
1497 return 0;
1498 }
1499
1500 static int rfcomm_recv_frame(struct rfcomm_session *s, struct sk_buff *skb)
1501 {
1502 struct rfcomm_hdr *hdr = (void *) skb->data;
1503 u8 type, dlci, fcs;
1504
1505 dlci = __get_dlci(hdr->addr);
1506 type = __get_type(hdr->ctrl);
1507
1508 /* Trim FCS */
1509 skb->len--; skb->tail--;
1510 fcs = *(u8 *) skb->tail;
1511
1512 if (__check_fcs(skb->data, type, fcs)) {
1513 BT_ERR("bad checksum in packet");
1514 kfree_skb(skb);
1515 return -EILSEQ;
1516 }
1517
1518 if (__test_ea(hdr->len))
1519 skb_pull(skb, 3);
1520 else
1521 skb_pull(skb, 4);
1522
1523 switch (type) {
1524 case RFCOMM_SABM:
1525 if (__test_pf(hdr->ctrl))
1526 rfcomm_recv_sabm(s, dlci);
1527 break;
1528
1529 case RFCOMM_DISC:
1530 if (__test_pf(hdr->ctrl))
1531 rfcomm_recv_disc(s, dlci);
1532 break;
1533
1534 case RFCOMM_UA:
1535 if (__test_pf(hdr->ctrl))
1536 rfcomm_recv_ua(s, dlci);
1537 break;
1538
1539 case RFCOMM_DM:
1540 rfcomm_recv_dm(s, dlci);
1541 break;
1542
1543 case RFCOMM_UIH:
1544 if (dlci)
1545 return rfcomm_recv_data(s, dlci, __test_pf(hdr->ctrl), skb);
1546
1547 rfcomm_recv_mcc(s, skb);
1548 break;
1549
1550 default:
1551 BT_ERR("Unknown packet type 0x%02x\n", type);
1552 break;
1553 }
1554 kfree_skb(skb);
1555 return 0;
1556 }
1557
1558 /* ---- Connection and data processing ---- */
1559
1560 static void rfcomm_process_connect(struct rfcomm_session *s)
1561 {
1562 struct rfcomm_dlc *d;
1563 struct list_head *p, *n;
1564
1565 BT_DBG("session %p state %ld", s, s->state);
1566
1567 list_for_each_safe(p, n, &s->dlcs) {
1568 d = list_entry(p, struct rfcomm_dlc, list);
1569 if (d->state == BT_CONFIG) {
1570 d->mtu = s->mtu;
1571 rfcomm_send_pn(s, 1, d);
1572 }
1573 }
1574 }
1575
1576 /* Send data queued for the DLC.
1577 * Return number of frames left in the queue.
1578 */
1579 static inline int rfcomm_process_tx(struct rfcomm_dlc *d)
1580 {
1581 struct sk_buff *skb;
1582 int err;
1583
1584 BT_DBG("dlc %p state %ld cfc %d rx_credits %d tx_credits %d",
1585 d, d->state, d->cfc, d->rx_credits, d->tx_credits);
1586
1587 /* Send pending MSC */
1588 if (test_and_clear_bit(RFCOMM_MSC_PENDING, &d->flags))
1589 rfcomm_send_msc(d->session, 1, d->dlci, d->v24_sig);
1590
1591 if (d->cfc) {
1592 /* CFC enabled.
1593 * Give them some credits */
1594 if (!test_bit(RFCOMM_RX_THROTTLED, &d->flags) &&
1595 d->rx_credits <= (d->cfc >> 2)) {
1596 rfcomm_send_credits(d->session, d->addr, d->cfc - d->rx_credits);
1597 d->rx_credits = d->cfc;
1598 }
1599 } else {
1600 /* CFC disabled.
1601 * Give ourselves some credits */
1602 d->tx_credits = 5;
1603 }
1604
1605 if (test_bit(RFCOMM_TX_THROTTLED, &d->flags))
1606 return skb_queue_len(&d->tx_queue);
1607
1608 while (d->tx_credits && (skb = skb_dequeue(&d->tx_queue))) {
1609 err = rfcomm_send_frame(d->session, skb->data, skb->len);
1610 if (err < 0) {
1611 skb_queue_head(&d->tx_queue, skb);
1612 break;
1613 }
1614 kfree_skb(skb);
1615 d->tx_credits--;
1616 }
1617
1618 if (d->cfc && !d->tx_credits) {
1619 /* We're out of TX credits.
1620 * Set TX_THROTTLED flag to avoid unnesary wakeups by dlc_send. */
1621 set_bit(RFCOMM_TX_THROTTLED, &d->flags);
1622 }
1623
1624 return skb_queue_len(&d->tx_queue);
1625 }
1626
1627 static inline void rfcomm_process_dlcs(struct rfcomm_session *s)
1628 {
1629 struct rfcomm_dlc *d;
1630 struct list_head *p, *n;
1631
1632 BT_DBG("session %p state %ld", s, s->state);
1633
1634 list_for_each_safe(p, n, &s->dlcs) {
1635 d = list_entry(p, struct rfcomm_dlc, list);
1636
1637 if (test_bit(RFCOMM_TIMED_OUT, &d->flags)) {
1638 __rfcomm_dlc_close(d, ETIMEDOUT);
1639 continue;
1640 }
1641
1642 if (test_and_clear_bit(RFCOMM_AUTH_ACCEPT, &d->flags)) {
1643 rfcomm_dlc_clear_timer(d);
1644 rfcomm_dlc_accept(d);
1645 if (d->link_mode & RFCOMM_LM_SECURE) {
1646 struct sock *sk = s->sock->sk;
1647 hci_conn_change_link_key(l2cap_pi(sk)->conn->hcon);
1648 }
1649 continue;
1650 } else if (test_and_clear_bit(RFCOMM_AUTH_REJECT, &d->flags)) {
1651 rfcomm_dlc_clear_timer(d);
1652 rfcomm_send_dm(s, d->dlci);
1653 __rfcomm_dlc_close(d, ECONNREFUSED);
1654 continue;
1655 }
1656
1657 if (test_bit(RFCOMM_TX_THROTTLED, &s->flags))
1658 continue;
1659
1660 if ((d->state == BT_CONNECTED || d->state == BT_DISCONN) &&
1661 d->mscex == RFCOMM_MSCEX_OK)
1662 rfcomm_process_tx(d);
1663 }
1664 }
1665
1666 static inline void rfcomm_process_rx(struct rfcomm_session *s)
1667 {
1668 struct socket *sock = s->sock;
1669 struct sock *sk = sock->sk;
1670 struct sk_buff *skb;
1671
1672 BT_DBG("session %p state %ld qlen %d", s, s->state, skb_queue_len(&sk->sk_receive_queue));
1673
1674 /* Get data directly from socket receive queue without copying it. */
1675 while ((skb = skb_dequeue(&sk->sk_receive_queue))) {
1676 skb_orphan(skb);
1677 rfcomm_recv_frame(s, skb);
1678 }
1679
1680 if (sk->sk_state == BT_CLOSED) {
1681 if (!s->initiator)
1682 rfcomm_session_put(s);
1683
1684 rfcomm_session_close(s, sk->sk_err);
1685 }
1686 }
1687
1688 static inline void rfcomm_accept_connection(struct rfcomm_session *s)
1689 {
1690 struct socket *sock = s->sock, *nsock;
1691 int err;
1692
1693 /* Fast check for a new connection.
1694 * Avoids unnesesary socket allocations. */
1695 if (list_empty(&bt_sk(sock->sk)->accept_q))
1696 return;
1697
1698 BT_DBG("session %p", s);
1699
1700 if (sock_create_lite(PF_BLUETOOTH, sock->type, BTPROTO_L2CAP, &nsock))
1701 return;
1702
1703 nsock->ops = sock->ops;
1704
1705 __module_get(nsock->ops->owner);
1706
1707 err = sock->ops->accept(sock, nsock, O_NONBLOCK);
1708 if (err < 0) {
1709 sock_release(nsock);
1710 return;
1711 }
1712
1713 /* Set our callbacks */
1714 nsock->sk->sk_data_ready = rfcomm_l2data_ready;
1715 nsock->sk->sk_state_change = rfcomm_l2state_change;
1716
1717 s = rfcomm_session_add(nsock, BT_OPEN);
1718 if (s) {
1719 rfcomm_session_hold(s);
1720 rfcomm_schedule(RFCOMM_SCHED_RX);
1721 } else
1722 sock_release(nsock);
1723 }
1724
1725 static inline void rfcomm_check_connection(struct rfcomm_session *s)
1726 {
1727 struct sock *sk = s->sock->sk;
1728
1729 BT_DBG("%p state %ld", s, s->state);
1730
1731 switch(sk->sk_state) {
1732 case BT_CONNECTED:
1733 s->state = BT_CONNECT;
1734
1735 /* We can adjust MTU on outgoing sessions.
1736 * L2CAP MTU minus UIH header and FCS. */
1737 s->mtu = min(l2cap_pi(sk)->omtu, l2cap_pi(sk)->imtu) - 5;
1738
1739 rfcomm_send_sabm(s, 0);
1740 break;
1741
1742 case BT_CLOSED:
1743 s->state = BT_CLOSED;
1744 rfcomm_session_close(s, sk->sk_err);
1745 break;
1746 }
1747 }
1748
1749 static inline void rfcomm_process_sessions(void)
1750 {
1751 struct list_head *p, *n;
1752
1753 rfcomm_lock();
1754
1755 list_for_each_safe(p, n, &session_list) {
1756 struct rfcomm_session *s;
1757 s = list_entry(p, struct rfcomm_session, list);
1758
1759 if (s->state == BT_LISTEN) {
1760 rfcomm_accept_connection(s);
1761 continue;
1762 }
1763
1764 rfcomm_session_hold(s);
1765
1766 switch (s->state) {
1767 case BT_BOUND:
1768 rfcomm_check_connection(s);
1769 break;
1770
1771 default:
1772 rfcomm_process_rx(s);
1773 break;
1774 }
1775
1776 rfcomm_process_dlcs(s);
1777
1778 rfcomm_session_put(s);
1779 }
1780
1781 rfcomm_unlock();
1782 }
1783
1784 static void rfcomm_worker(void)
1785 {
1786 BT_DBG("");
1787
1788 while (!atomic_read(&terminate)) {
1789 if (!test_bit(RFCOMM_SCHED_WAKEUP, &rfcomm_event)) {
1790 /* No pending events. Let's sleep.
1791 * Incoming connections and data will wake us up. */
1792 set_current_state(TASK_INTERRUPTIBLE);
1793 schedule();
1794 }
1795
1796 /* Process stuff */
1797 clear_bit(RFCOMM_SCHED_WAKEUP, &rfcomm_event);
1798 rfcomm_process_sessions();
1799 }
1800 set_current_state(TASK_RUNNING);
1801 return;
1802 }
1803
1804 static int rfcomm_add_listener(bdaddr_t *ba)
1805 {
1806 struct sockaddr_l2 addr;
1807 struct socket *sock;
1808 struct sock *sk;
1809 struct rfcomm_session *s;
1810 int err = 0;
1811
1812 /* Create socket */
1813 err = rfcomm_l2sock_create(&sock);
1814 if (err < 0) {
1815 BT_ERR("Create socket failed %d", err);
1816 return err;
1817 }
1818
1819 /* Bind socket */
1820 bacpy(&addr.l2_bdaddr, ba);
1821 addr.l2_family = AF_BLUETOOTH;
1822 addr.l2_psm = htobs(RFCOMM_PSM);
1823 err = sock->ops->bind(sock, (struct sockaddr *) &addr, sizeof(addr));
1824 if (err < 0) {
1825 BT_ERR("Bind failed %d", err);
1826 goto failed;
1827 }
1828
1829 /* Set L2CAP options */
1830 sk = sock->sk;
1831 lock_sock(sk);
1832 l2cap_pi(sk)->imtu = RFCOMM_MAX_L2CAP_MTU;
1833 release_sock(sk);
1834
1835 /* Start listening on the socket */
1836 err = sock->ops->listen(sock, 10);
1837 if (err) {
1838 BT_ERR("Listen failed %d", err);
1839 goto failed;
1840 }
1841
1842 /* Add listening session */
1843 s = rfcomm_session_add(sock, BT_LISTEN);
1844 if (!s)
1845 goto failed;
1846
1847 rfcomm_session_hold(s);
1848 return 0;
1849 failed:
1850 sock_release(sock);
1851 return err;
1852 }
1853
1854 static void rfcomm_kill_listener(void)
1855 {
1856 struct rfcomm_session *s;
1857 struct list_head *p, *n;
1858
1859 BT_DBG("");
1860
1861 list_for_each_safe(p, n, &session_list) {
1862 s = list_entry(p, struct rfcomm_session, list);
1863 rfcomm_session_del(s);
1864 }
1865 }
1866
1867 static int rfcomm_run(void *unused)
1868 {
1869 rfcomm_thread = current;
1870
1871 atomic_inc(&running);
1872
1873 daemonize("krfcommd");
1874 set_user_nice(current, -10);
1875 current->flags |= PF_NOFREEZE;
1876
1877 BT_DBG("");
1878
1879 rfcomm_add_listener(BDADDR_ANY);
1880
1881 rfcomm_worker();
1882
1883 rfcomm_kill_listener();
1884
1885 atomic_dec(&running);
1886 return 0;
1887 }
1888
1889 static void rfcomm_auth_cfm(struct hci_conn *conn, u8 status)
1890 {
1891 struct rfcomm_session *s;
1892 struct rfcomm_dlc *d;
1893 struct list_head *p, *n;
1894
1895 BT_DBG("conn %p status 0x%02x", conn, status);
1896
1897 s = rfcomm_session_get(&conn->hdev->bdaddr, &conn->dst);
1898 if (!s)
1899 return;
1900
1901 rfcomm_session_hold(s);
1902
1903 list_for_each_safe(p, n, &s->dlcs) {
1904 d = list_entry(p, struct rfcomm_dlc, list);
1905
1906 if (d->link_mode & (RFCOMM_LM_ENCRYPT | RFCOMM_LM_SECURE))
1907 continue;
1908
1909 if (!test_and_clear_bit(RFCOMM_AUTH_PENDING, &d->flags))
1910 continue;
1911
1912 if (!status)
1913 set_bit(RFCOMM_AUTH_ACCEPT, &d->flags);
1914 else
1915 set_bit(RFCOMM_AUTH_REJECT, &d->flags);
1916 }
1917
1918 rfcomm_session_put(s);
1919
1920 rfcomm_schedule(RFCOMM_SCHED_AUTH);
1921 }
1922
1923 static void rfcomm_encrypt_cfm(struct hci_conn *conn, u8 status, u8 encrypt)
1924 {
1925 struct rfcomm_session *s;
1926 struct rfcomm_dlc *d;
1927 struct list_head *p, *n;
1928
1929 BT_DBG("conn %p status 0x%02x encrypt 0x%02x", conn, status, encrypt);
1930
1931 s = rfcomm_session_get(&conn->hdev->bdaddr, &conn->dst);
1932 if (!s)
1933 return;
1934
1935 rfcomm_session_hold(s);
1936
1937 list_for_each_safe(p, n, &s->dlcs) {
1938 d = list_entry(p, struct rfcomm_dlc, list);
1939
1940 if (!test_and_clear_bit(RFCOMM_AUTH_PENDING, &d->flags))
1941 continue;
1942
1943 if (!status && encrypt)
1944 set_bit(RFCOMM_AUTH_ACCEPT, &d->flags);
1945 else
1946 set_bit(RFCOMM_AUTH_REJECT, &d->flags);
1947 }
1948
1949 rfcomm_session_put(s);
1950
1951 rfcomm_schedule(RFCOMM_SCHED_AUTH);
1952 }
1953
1954 static struct hci_cb rfcomm_cb = {
1955 .name = "RFCOMM",
1956 .auth_cfm = rfcomm_auth_cfm,
1957 .encrypt_cfm = rfcomm_encrypt_cfm
1958 };
1959
1960 /* ---- Proc fs support ---- */
1961 #ifdef CONFIG_PROC_FS
1962 static void *rfcomm_seq_start(struct seq_file *seq, loff_t *pos)
1963 {
1964 struct rfcomm_session *s;
1965 struct list_head *pp, *p;
1966 loff_t l = *pos;
1967
1968 rfcomm_lock();
1969
1970 list_for_each(p, &session_list) {
1971 s = list_entry(p, struct rfcomm_session, list);
1972 list_for_each(pp, &s->dlcs)
1973 if (!l--) {
1974 seq->private = s;
1975 return pp;
1976 }
1977 }
1978 return NULL;
1979 }
1980
1981 static void *rfcomm_seq_next(struct seq_file *seq, void *e, loff_t *pos)
1982 {
1983 struct rfcomm_session *s = seq->private;
1984 struct list_head *pp, *p = e;
1985 (*pos)++;
1986
1987 if (p->next != &s->dlcs)
1988 return p->next;
1989
1990 list_for_each(p, &session_list) {
1991 s = list_entry(p, struct rfcomm_session, list);
1992 __list_for_each(pp, &s->dlcs) {
1993 seq->private = s;
1994 return pp;
1995 }
1996 }
1997 return NULL;
1998 }
1999
2000 static void rfcomm_seq_stop(struct seq_file *seq, void *e)
2001 {
2002 rfcomm_unlock();
2003 }
2004
2005 static int rfcomm_seq_show(struct seq_file *seq, void *e)
2006 {
2007 struct rfcomm_session *s = seq->private;
2008 struct sock *sk = s->sock->sk;
2009 struct rfcomm_dlc *d = list_entry(e, struct rfcomm_dlc, list);
2010
2011 seq_printf(seq, "%s %s %ld %d %d %d %d\n",
2012 batostr(&bt_sk(sk)->src), batostr(&bt_sk(sk)->dst),
2013 d->state, d->dlci, d->mtu, d->rx_credits, d->tx_credits);
2014 return 0;
2015 }
2016
2017 static struct seq_operations rfcomm_seq_ops = {
2018 .start = rfcomm_seq_start,
2019 .next = rfcomm_seq_next,
2020 .stop = rfcomm_seq_stop,
2021 .show = rfcomm_seq_show
2022 };
2023
2024 static int rfcomm_seq_open(struct inode *inode, struct file *file)
2025 {
2026 return seq_open(file, &rfcomm_seq_ops);
2027 }
2028
2029 static struct file_operations rfcomm_seq_fops = {
2030 .owner = THIS_MODULE,
2031 .open = rfcomm_seq_open,
2032 .read = seq_read,
2033 .llseek = seq_lseek,
2034 .release = seq_release,
2035 };
2036
2037 static int __init rfcomm_proc_init(void)
2038 {
2039 struct proc_dir_entry *p;
2040
2041 proc_bt_rfcomm = proc_mkdir("rfcomm", proc_bt);
2042 if (proc_bt_rfcomm) {
2043 proc_bt_rfcomm->owner = THIS_MODULE;
2044
2045 p = create_proc_entry("dlc", S_IRUGO, proc_bt_rfcomm);
2046 if (p)
2047 p->proc_fops = &rfcomm_seq_fops;
2048 }
2049 return 0;
2050 }
2051
2052 static void __exit rfcomm_proc_cleanup(void)
2053 {
2054 remove_proc_entry("dlc", proc_bt_rfcomm);
2055
2056 remove_proc_entry("rfcomm", proc_bt);
2057 }
2058
2059 #else /* CONFIG_PROC_FS */
2060
2061 static int __init rfcomm_proc_init(void)
2062 {
2063 return 0;
2064 }
2065
2066 static void __exit rfcomm_proc_cleanup(void)
2067 {
2068 return;
2069 }
2070 #endif /* CONFIG_PROC_FS */
2071
2072 /* ---- Initialization ---- */
2073 static int __init rfcomm_init(void)
2074 {
2075 l2cap_load();
2076
2077 hci_register_cb(&rfcomm_cb);
2078
2079 kernel_thread(rfcomm_run, NULL, CLONE_KERNEL);
2080
2081 BT_INFO("RFCOMM ver %s", VERSION);
2082
2083 rfcomm_proc_init();
2084
2085 rfcomm_init_sockets();
2086
2087 #ifdef CONFIG_BT_RFCOMM_TTY
2088 rfcomm_init_ttys();
2089 #endif
2090
2091 return 0;
2092 }
2093
2094 static void __exit rfcomm_exit(void)
2095 {
2096 hci_unregister_cb(&rfcomm_cb);
2097
2098 /* Terminate working thread.
2099 * ie. Set terminate flag and wake it up */
2100 atomic_inc(&terminate);
2101 rfcomm_schedule(RFCOMM_SCHED_STATE);
2102
2103 /* Wait until thread is running */
2104 while (atomic_read(&running))
2105 schedule();
2106
2107 #ifdef CONFIG_BT_RFCOMM_TTY
2108 rfcomm_cleanup_ttys();
2109 #endif
2110
2111 rfcomm_cleanup_sockets();
2112
2113 rfcomm_proc_cleanup();
2114 }
2115
2116 module_init(rfcomm_init);
2117 module_exit(rfcomm_exit);
2118
2119 MODULE_AUTHOR("Maxim Krasnyansky <maxk@qualcomm.com>, Marcel Holtmann <marcel@holtmann.org>");
2120 MODULE_DESCRIPTION("Bluetooth RFCOMM ver " VERSION);
2121 MODULE_VERSION(VERSION);
2122 MODULE_LICENSE("GPL");
2123 MODULE_ALIAS("bt-proto-3");
2124
|
This page was automatically generated by the
LXR engine.
|