1 /*
2 RFCOMM implementation for Linux Bluetooth stack (BlueZ).
3 Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com>
4 Copyright (C) 2002 Marcel Holtmann <marcel@holtmann.org>
5
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License version 2 as
8 published by the Free Software Foundation;
9
10 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
11 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
12 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
13 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
14 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
15 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
17 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18
19 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
20 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
21 SOFTWARE IS DISCLAIMED.
22 */
23
24 /*
25 * RFCOMM TTY.
26 *
27 * $Id: tty.c,v 1.24 2002/10/03 01:54:38 holtmann Exp $
28 */
29
30 #include <linux/module.h>
31
32 #include <linux/tty.h>
33 #include <linux/tty_driver.h>
34 #include <linux/tty_flip.h>
35
36 #include <linux/capability.h>
37 #include <linux/slab.h>
38 #include <linux/skbuff.h>
39
40 #include <net/bluetooth/bluetooth.h>
41 #include <net/bluetooth/hci_core.h>
42 #include <net/bluetooth/rfcomm.h>
43
44 #ifndef CONFIG_BT_RFCOMM_DEBUG
45 #undef BT_DBG
46 #define BT_DBG(D...)
47 #endif
48
49 #define RFCOMM_TTY_MAGIC 0x6d02 /* magic number for rfcomm struct */
50 #define RFCOMM_TTY_PORTS RFCOMM_MAX_DEV /* whole lotta rfcomm devices */
51 #define RFCOMM_TTY_MAJOR 216 /* device node major id of the usb/bluetooth.c driver */
52 #define RFCOMM_TTY_MINOR 0
53
54 static struct tty_driver *rfcomm_tty_driver;
55
56 struct rfcomm_dev {
57 struct list_head list;
58 atomic_t refcnt;
59
60 char name[12];
61 int id;
62 unsigned long flags;
63 int opened;
64 int err;
65
66 bdaddr_t src;
67 bdaddr_t dst;
68 u8 channel;
69
70 uint modem_status;
71
72 struct rfcomm_dlc *dlc;
73 struct tty_struct *tty;
74 wait_queue_head_t wait;
75 struct tasklet_struct wakeup_task;
76
77 struct device *tty_dev;
78
79 atomic_t wmem_alloc;
80 };
81
82 static LIST_HEAD(rfcomm_dev_list);
83 static DEFINE_RWLOCK(rfcomm_dev_lock);
84
85 static void rfcomm_dev_data_ready(struct rfcomm_dlc *dlc, struct sk_buff *skb);
86 static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err);
87 static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig);
88
89 static void rfcomm_tty_wakeup(unsigned long arg);
90
91 /* ---- Device functions ---- */
92 static void rfcomm_dev_destruct(struct rfcomm_dev *dev)
93 {
94 struct rfcomm_dlc *dlc = dev->dlc;
95
96 BT_DBG("dev %p dlc %p", dev, dlc);
97
98 /* Refcount should only hit zero when called from rfcomm_dev_del()
99 which will have taken us off the list. Everything else are
100 refcounting bugs. */
101 BUG_ON(!list_empty(&dev->list));
102
103 rfcomm_dlc_lock(dlc);
104 /* Detach DLC if it's owned by this dev */
105 if (dlc->owner == dev)
106 dlc->owner = NULL;
107 rfcomm_dlc_unlock(dlc);
108
109 rfcomm_dlc_put(dlc);
110
111 tty_unregister_device(rfcomm_tty_driver, dev->id);
112
113 kfree(dev);
114
115 /* It's safe to call module_put() here because socket still
116 holds reference to this module. */
117 module_put(THIS_MODULE);
118 }
119
120 static inline void rfcomm_dev_hold(struct rfcomm_dev *dev)
121 {
122 atomic_inc(&dev->refcnt);
123 }
124
125 static inline void rfcomm_dev_put(struct rfcomm_dev *dev)
126 {
127 /* The reason this isn't actually a race, as you no
128 doubt have a little voice screaming at you in your
129 head, is that the refcount should never actually
130 reach zero unless the device has already been taken
131 off the list, in rfcomm_dev_del(). And if that's not
132 true, we'll hit the BUG() in rfcomm_dev_destruct()
133 anyway. */
134 if (atomic_dec_and_test(&dev->refcnt))
135 rfcomm_dev_destruct(dev);
136 }
137
138 static struct rfcomm_dev *__rfcomm_dev_get(int id)
139 {
140 struct rfcomm_dev *dev;
141 struct list_head *p;
142
143 list_for_each(p, &rfcomm_dev_list) {
144 dev = list_entry(p, struct rfcomm_dev, list);
145 if (dev->id == id)
146 return dev;
147 }
148
149 return NULL;
150 }
151
152 static inline struct rfcomm_dev *rfcomm_dev_get(int id)
153 {
154 struct rfcomm_dev *dev;
155
156 read_lock(&rfcomm_dev_lock);
157
158 dev = __rfcomm_dev_get(id);
159
160 if (dev) {
161 if (test_bit(RFCOMM_TTY_RELEASED, &dev->flags))
162 dev = NULL;
163 else
164 rfcomm_dev_hold(dev);
165 }
166
167 read_unlock(&rfcomm_dev_lock);
168
169 return dev;
170 }
171
172 static struct device *rfcomm_get_device(struct rfcomm_dev *dev)
173 {
174 struct hci_dev *hdev;
175 struct hci_conn *conn;
176
177 hdev = hci_get_route(&dev->dst, &dev->src);
178 if (!hdev)
179 return NULL;
180
181 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &dev->dst);
182
183 hci_dev_put(hdev);
184
185 return conn ? &conn->dev : NULL;
186 }
187
188 static ssize_t show_address(struct device *tty_dev, struct device_attribute *attr, char *buf)
189 {
190 struct rfcomm_dev *dev = dev_get_drvdata(tty_dev);
191 bdaddr_t bdaddr;
192 baswap(&bdaddr, &dev->dst);
193 return sprintf(buf, "%s\n", batostr(&bdaddr));
194 }
195
196 static ssize_t show_channel(struct device *tty_dev, struct device_attribute *attr, char *buf)
197 {
198 struct rfcomm_dev *dev = dev_get_drvdata(tty_dev);
199 return sprintf(buf, "%d\n", dev->channel);
200 }
201
202 static DEVICE_ATTR(address, S_IRUGO, show_address, NULL);
203 static DEVICE_ATTR(channel, S_IRUGO, show_channel, NULL);
204
205 static int rfcomm_dev_add(struct rfcomm_dev_req *req, struct rfcomm_dlc *dlc)
206 {
207 struct rfcomm_dev *dev;
208 struct list_head *head = &rfcomm_dev_list, *p;
209 int err = 0;
210
211 BT_DBG("id %d channel %d", req->dev_id, req->channel);
212
213 dev = kzalloc(sizeof(struct rfcomm_dev), GFP_KERNEL);
214 if (!dev)
215 return -ENOMEM;
216
217 write_lock_bh(&rfcomm_dev_lock);
218
219 if (req->dev_id < 0) {
220 dev->id = 0;
221
222 list_for_each(p, &rfcomm_dev_list) {
223 if (list_entry(p, struct rfcomm_dev, list)->id != dev->id)
224 break;
225
226 dev->id++;
227 head = p;
228 }
229 } else {
230 dev->id = req->dev_id;
231
232 list_for_each(p, &rfcomm_dev_list) {
233 struct rfcomm_dev *entry = list_entry(p, struct rfcomm_dev, list);
234
235 if (entry->id == dev->id) {
236 err = -EADDRINUSE;
237 goto out;
238 }
239
240 if (entry->id > dev->id - 1)
241 break;
242
243 head = p;
244 }
245 }
246
247 if ((dev->id < 0) || (dev->id > RFCOMM_MAX_DEV - 1)) {
248 err = -ENFILE;
249 goto out;
250 }
251
252 sprintf(dev->name, "rfcomm%d", dev->id);
253
254 list_add(&dev->list, head);
255 atomic_set(&dev->refcnt, 1);
256
257 bacpy(&dev->src, &req->src);
258 bacpy(&dev->dst, &req->dst);
259 dev->channel = req->channel;
260
261 dev->flags = req->flags &
262 ((1 << RFCOMM_RELEASE_ONHUP) | (1 << RFCOMM_REUSE_DLC));
263
264 init_waitqueue_head(&dev->wait);
265 tasklet_init(&dev->wakeup_task, rfcomm_tty_wakeup, (unsigned long) dev);
266
267 rfcomm_dlc_lock(dlc);
268 dlc->data_ready = rfcomm_dev_data_ready;
269 dlc->state_change = rfcomm_dev_state_change;
270 dlc->modem_status = rfcomm_dev_modem_status;
271
272 dlc->owner = dev;
273 dev->dlc = dlc;
274 rfcomm_dlc_unlock(dlc);
275
276 /* It's safe to call __module_get() here because socket already
277 holds reference to this module. */
278 __module_get(THIS_MODULE);
279
280 out:
281 write_unlock_bh(&rfcomm_dev_lock);
282
283 if (err < 0) {
284 kfree(dev);
285 return err;
286 }
287
288 dev->tty_dev = tty_register_device(rfcomm_tty_driver, dev->id, NULL);
289
290 if (IS_ERR(dev->tty_dev)) {
291 err = PTR_ERR(dev->tty_dev);
292 list_del(&dev->list);
293 kfree(dev);
294 return err;
295 }
296
297 dev_set_drvdata(dev->tty_dev, dev);
298
299 if (device_create_file(dev->tty_dev, &dev_attr_address) < 0)
300 BT_ERR("Failed to create address attribute");
301
302 if (device_create_file(dev->tty_dev, &dev_attr_channel) < 0)
303 BT_ERR("Failed to create channel attribute");
304
305 return dev->id;
306 }
307
308 static void rfcomm_dev_del(struct rfcomm_dev *dev)
309 {
310 BT_DBG("dev %p", dev);
311
312 if (test_bit(RFCOMM_TTY_RELEASED, &dev->flags))
313 BUG_ON(1);
314 else
315 set_bit(RFCOMM_TTY_RELEASED, &dev->flags);
316
317 write_lock_bh(&rfcomm_dev_lock);
318 list_del_init(&dev->list);
319 write_unlock_bh(&rfcomm_dev_lock);
320
321 rfcomm_dev_put(dev);
322 }
323
324 /* ---- Send buffer ---- */
325 static inline unsigned int rfcomm_room(struct rfcomm_dlc *dlc)
326 {
327 /* We can't let it be zero, because we don't get a callback
328 when tx_credits becomes nonzero, hence we'd never wake up */
329 return dlc->mtu * (dlc->tx_credits?:1);
330 }
331
332 static void rfcomm_wfree(struct sk_buff *skb)
333 {
334 struct rfcomm_dev *dev = (void *) skb->sk;
335 atomic_sub(skb->truesize, &dev->wmem_alloc);
336 if (test_bit(RFCOMM_TTY_ATTACHED, &dev->flags))
337 tasklet_schedule(&dev->wakeup_task);
338 rfcomm_dev_put(dev);
339 }
340
341 static inline void rfcomm_set_owner_w(struct sk_buff *skb, struct rfcomm_dev *dev)
342 {
343 rfcomm_dev_hold(dev);
344 atomic_add(skb->truesize, &dev->wmem_alloc);
345 skb->sk = (void *) dev;
346 skb->destructor = rfcomm_wfree;
347 }
348
349 static struct sk_buff *rfcomm_wmalloc(struct rfcomm_dev *dev, unsigned long size, gfp_t priority)
350 {
351 if (atomic_read(&dev->wmem_alloc) < rfcomm_room(dev->dlc)) {
352 struct sk_buff *skb = alloc_skb(size, priority);
353 if (skb) {
354 rfcomm_set_owner_w(skb, dev);
355 return skb;
356 }
357 }
358 return NULL;
359 }
360
361 /* ---- Device IOCTLs ---- */
362
363 #define NOCAP_FLAGS ((1 << RFCOMM_REUSE_DLC) | (1 << RFCOMM_RELEASE_ONHUP))
364
365 static int rfcomm_create_dev(struct sock *sk, void __user *arg)
366 {
367 struct rfcomm_dev_req req;
368 struct rfcomm_dlc *dlc;
369 int id;
370
371 if (copy_from_user(&req, arg, sizeof(req)))
372 return -EFAULT;
373
374 BT_DBG("sk %p dev_id %d flags 0x%x", sk, req.dev_id, req.flags);
375
376 if (req.flags != NOCAP_FLAGS && !capable(CAP_NET_ADMIN))
377 return -EPERM;
378
379 if (req.flags & (1 << RFCOMM_REUSE_DLC)) {
380 /* Socket must be connected */
381 if (sk->sk_state != BT_CONNECTED)
382 return -EBADFD;
383
384 dlc = rfcomm_pi(sk)->dlc;
385 rfcomm_dlc_hold(dlc);
386 } else {
387 dlc = rfcomm_dlc_alloc(GFP_KERNEL);
388 if (!dlc)
389 return -ENOMEM;
390 }
391
392 id = rfcomm_dev_add(&req, dlc);
393 if (id < 0) {
394 rfcomm_dlc_put(dlc);
395 return id;
396 }
397
398 if (req.flags & (1 << RFCOMM_REUSE_DLC)) {
399 /* DLC is now used by device.
400 * Socket must be disconnected */
401 sk->sk_state = BT_CLOSED;
402 }
403
404 return id;
405 }
406
407 static int rfcomm_release_dev(void __user *arg)
408 {
409 struct rfcomm_dev_req req;
410 struct rfcomm_dev *dev;
411
412 if (copy_from_user(&req, arg, sizeof(req)))
413 return -EFAULT;
414
415 BT_DBG("dev_id %d flags 0x%x", req.dev_id, req.flags);
416
417 if (!(dev = rfcomm_dev_get(req.dev_id)))
418 return -ENODEV;
419
420 if (dev->flags != NOCAP_FLAGS && !capable(CAP_NET_ADMIN)) {
421 rfcomm_dev_put(dev);
422 return -EPERM;
423 }
424
425 if (req.flags & (1 << RFCOMM_HANGUP_NOW))
426 rfcomm_dlc_close(dev->dlc, 0);
427
428 /* Shut down TTY synchronously before freeing rfcomm_dev */
429 if (dev->tty)
430 tty_vhangup(dev->tty);
431
432 if (!test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags))
433 rfcomm_dev_del(dev);
434 rfcomm_dev_put(dev);
435 return 0;
436 }
437
438 static int rfcomm_get_dev_list(void __user *arg)
439 {
440 struct rfcomm_dev_list_req *dl;
441 struct rfcomm_dev_info *di;
442 struct list_head *p;
443 int n = 0, size, err;
444 u16 dev_num;
445
446 BT_DBG("");
447
448 if (get_user(dev_num, (u16 __user *) arg))
449 return -EFAULT;
450
451 if (!dev_num || dev_num > (PAGE_SIZE * 4) / sizeof(*di))
452 return -EINVAL;
453
454 size = sizeof(*dl) + dev_num * sizeof(*di);
455
456 if (!(dl = kmalloc(size, GFP_KERNEL)))
457 return -ENOMEM;
458
459 di = dl->dev_info;
460
461 read_lock_bh(&rfcomm_dev_lock);
462
463 list_for_each(p, &rfcomm_dev_list) {
464 struct rfcomm_dev *dev = list_entry(p, struct rfcomm_dev, list);
465 if (test_bit(RFCOMM_TTY_RELEASED, &dev->flags))
466 continue;
467 (di + n)->id = dev->id;
468 (di + n)->flags = dev->flags;
469 (di + n)->state = dev->dlc->state;
470 (di + n)->channel = dev->channel;
471 bacpy(&(di + n)->src, &dev->src);
472 bacpy(&(di + n)->dst, &dev->dst);
473 if (++n >= dev_num)
474 break;
475 }
476
477 read_unlock_bh(&rfcomm_dev_lock);
478
479 dl->dev_num = n;
480 size = sizeof(*dl) + n * sizeof(*di);
481
482 err = copy_to_user(arg, dl, size);
483 kfree(dl);
484
485 return err ? -EFAULT : 0;
486 }
487
488 static int rfcomm_get_dev_info(void __user *arg)
489 {
490 struct rfcomm_dev *dev;
491 struct rfcomm_dev_info di;
492 int err = 0;
493
494 BT_DBG("");
495
496 if (copy_from_user(&di, arg, sizeof(di)))
497 return -EFAULT;
498
499 if (!(dev = rfcomm_dev_get(di.id)))
500 return -ENODEV;
501
502 di.flags = dev->flags;
503 di.channel = dev->channel;
504 di.state = dev->dlc->state;
505 bacpy(&di.src, &dev->src);
506 bacpy(&di.dst, &dev->dst);
507
508 if (copy_to_user(arg, &di, sizeof(di)))
509 err = -EFAULT;
510
511 rfcomm_dev_put(dev);
512 return err;
513 }
514
515 int rfcomm_dev_ioctl(struct sock *sk, unsigned int cmd, void __user *arg)
516 {
517 BT_DBG("cmd %d arg %p", cmd, arg);
518
519 switch (cmd) {
520 case RFCOMMCREATEDEV:
521 return rfcomm_create_dev(sk, arg);
522
523 case RFCOMMRELEASEDEV:
524 return rfcomm_release_dev(arg);
525
526 case RFCOMMGETDEVLIST:
527 return rfcomm_get_dev_list(arg);
528
529 case RFCOMMGETDEVINFO:
530 return rfcomm_get_dev_info(arg);
531 }
532
533 return -EINVAL;
534 }
535
536 /* ---- DLC callbacks ---- */
537 static void rfcomm_dev_data_ready(struct rfcomm_dlc *dlc, struct sk_buff *skb)
538 {
539 struct rfcomm_dev *dev = dlc->owner;
540 struct tty_struct *tty;
541
542 if (!dev || !(tty = dev->tty)) {
543 kfree_skb(skb);
544 return;
545 }
546
547 BT_DBG("dlc %p tty %p len %d", dlc, tty, skb->len);
548
549 tty_insert_flip_string(tty, skb->data, skb->len);
550 tty_flip_buffer_push(tty);
551
552 kfree_skb(skb);
553 }
554
555 static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err)
556 {
557 struct rfcomm_dev *dev = dlc->owner;
558 if (!dev)
559 return;
560
561 BT_DBG("dlc %p dev %p err %d", dlc, dev, err);
562
563 dev->err = err;
564 wake_up_interruptible(&dev->wait);
565
566 if (dlc->state == BT_CLOSED) {
567 if (!dev->tty) {
568 if (test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags)) {
569 /* Drop DLC lock here to avoid deadlock
570 * 1. rfcomm_dev_get will take rfcomm_dev_lock
571 * but in rfcomm_dev_add there's lock order:
572 * rfcomm_dev_lock -> dlc lock
573 * 2. rfcomm_dev_put will deadlock if it's
574 * the last reference
575 */
576 rfcomm_dlc_unlock(dlc);
577 if (rfcomm_dev_get(dev->id) == NULL) {
578 rfcomm_dlc_lock(dlc);
579 return;
580 }
581
582 rfcomm_dev_del(dev);
583 rfcomm_dev_put(dev);
584 rfcomm_dlc_lock(dlc);
585 }
586 } else
587 tty_hangup(dev->tty);
588 }
589 }
590
591 static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig)
592 {
593 struct rfcomm_dev *dev = dlc->owner;
594 if (!dev)
595 return;
596
597 BT_DBG("dlc %p dev %p v24_sig 0x%02x", dlc, dev, v24_sig);
598
599 if ((dev->modem_status & TIOCM_CD) && !(v24_sig & RFCOMM_V24_DV)) {
600 if (dev->tty && !C_CLOCAL(dev->tty))
601 tty_hangup(dev->tty);
602 }
603
604 dev->modem_status =
605 ((v24_sig & RFCOMM_V24_RTC) ? (TIOCM_DSR | TIOCM_DTR) : 0) |
606 ((v24_sig & RFCOMM_V24_RTR) ? (TIOCM_RTS | TIOCM_CTS) : 0) |
607 ((v24_sig & RFCOMM_V24_IC) ? TIOCM_RI : 0) |
608 ((v24_sig & RFCOMM_V24_DV) ? TIOCM_CD : 0);
609 }
610
611 /* ---- TTY functions ---- */
612 static void rfcomm_tty_wakeup(unsigned long arg)
613 {
614 struct rfcomm_dev *dev = (void *) arg;
615 struct tty_struct *tty = dev->tty;
616 if (!tty)
617 return;
618
619 BT_DBG("dev %p tty %p", dev, tty);
620
621 if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags) && tty->ldisc.write_wakeup)
622 (tty->ldisc.write_wakeup)(tty);
623
624 wake_up_interruptible(&tty->write_wait);
625 #ifdef SERIAL_HAVE_POLL_WAIT
626 wake_up_interruptible(&tty->poll_wait);
627 #endif
628 }
629
630 static int rfcomm_tty_open(struct tty_struct *tty, struct file *filp)
631 {
632 DECLARE_WAITQUEUE(wait, current);
633 struct rfcomm_dev *dev;
634 struct rfcomm_dlc *dlc;
635 int err, id;
636
637 id = tty->index;
638
639 BT_DBG("tty %p id %d", tty, id);
640
641 /* We don't leak this refcount. For reasons which are not entirely
642 clear, the TTY layer will call our ->close() method even if the
643 open fails. We decrease the refcount there, and decreasing it
644 here too would cause breakage. */
645 dev = rfcomm_dev_get(id);
646 if (!dev)
647 return -ENODEV;
648
649 BT_DBG("dev %p dst %s channel %d opened %d", dev, batostr(&dev->dst), dev->channel, dev->opened);
650
651 if (dev->opened++ != 0)
652 return 0;
653
654 dlc = dev->dlc;
655
656 /* Attach TTY and open DLC */
657
658 rfcomm_dlc_lock(dlc);
659 tty->driver_data = dev;
660 dev->tty = tty;
661 rfcomm_dlc_unlock(dlc);
662 set_bit(RFCOMM_TTY_ATTACHED, &dev->flags);
663
664 err = rfcomm_dlc_open(dlc, &dev->src, &dev->dst, dev->channel);
665 if (err < 0)
666 return err;
667
668 /* Wait for DLC to connect */
669 add_wait_queue(&dev->wait, &wait);
670 while (1) {
671 set_current_state(TASK_INTERRUPTIBLE);
672
673 if (dlc->state == BT_CLOSED) {
674 err = -dev->err;
675 break;
676 }
677
678 if (dlc->state == BT_CONNECTED)
679 break;
680
681 if (signal_pending(current)) {
682 err = -EINTR;
683 break;
684 }
685
686 schedule();
687 }
688 set_current_state(TASK_RUNNING);
689 remove_wait_queue(&dev->wait, &wait);
690
691 if (err == 0)
692 device_move(dev->tty_dev, rfcomm_get_device(dev));
693
694 return err;
695 }
696
697 static void rfcomm_tty_close(struct tty_struct *tty, struct file *filp)
698 {
699 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
700 if (!dev)
701 return;
702
703 BT_DBG("tty %p dev %p dlc %p opened %d", tty, dev, dev->dlc, dev->opened);
704
705 if (--dev->opened == 0) {
706 if (dev->tty_dev->parent)
707 device_move(dev->tty_dev, NULL);
708
709 /* Close DLC and dettach TTY */
710 rfcomm_dlc_close(dev->dlc, 0);
711
712 clear_bit(RFCOMM_TTY_ATTACHED, &dev->flags);
713 tasklet_kill(&dev->wakeup_task);
714
715 rfcomm_dlc_lock(dev->dlc);
716 tty->driver_data = NULL;
717 dev->tty = NULL;
718 rfcomm_dlc_unlock(dev->dlc);
719 }
720
721 rfcomm_dev_put(dev);
722 }
723
724 static int rfcomm_tty_write(struct tty_struct *tty, const unsigned char *buf, int count)
725 {
726 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
727 struct rfcomm_dlc *dlc = dev->dlc;
728 struct sk_buff *skb;
729 int err = 0, sent = 0, size;
730
731 BT_DBG("tty %p count %d", tty, count);
732
733 while (count) {
734 size = min_t(uint, count, dlc->mtu);
735
736 skb = rfcomm_wmalloc(dev, size + RFCOMM_SKB_RESERVE, GFP_ATOMIC);
737
738 if (!skb)
739 break;
740
741 skb_reserve(skb, RFCOMM_SKB_HEAD_RESERVE);
742
743 memcpy(skb_put(skb, size), buf + sent, size);
744
745 if ((err = rfcomm_dlc_send(dlc, skb)) < 0) {
746 kfree_skb(skb);
747 break;
748 }
749
750 sent += size;
751 count -= size;
752 }
753
754 return sent ? sent : err;
755 }
756
757 static int rfcomm_tty_write_room(struct tty_struct *tty)
758 {
759 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
760 int room;
761
762 BT_DBG("tty %p", tty);
763
764 if (!dev || !dev->dlc)
765 return 0;
766
767 room = rfcomm_room(dev->dlc) - atomic_read(&dev->wmem_alloc);
768 if (room < 0)
769 room = 0;
770
771 return room;
772 }
773
774 static int rfcomm_tty_ioctl(struct tty_struct *tty, struct file *filp, unsigned int cmd, unsigned long arg)
775 {
776 BT_DBG("tty %p cmd 0x%02x", tty, cmd);
777
778 switch (cmd) {
779 case TCGETS:
780 BT_DBG("TCGETS is not supported");
781 return -ENOIOCTLCMD;
782
783 case TCSETS:
784 BT_DBG("TCSETS is not supported");
785 return -ENOIOCTLCMD;
786
787 case TIOCMIWAIT:
788 BT_DBG("TIOCMIWAIT");
789 break;
790
791 case TIOCGICOUNT:
792 BT_DBG("TIOCGICOUNT");
793 break;
794
795 case TIOCGSERIAL:
796 BT_ERR("TIOCGSERIAL is not supported");
797 return -ENOIOCTLCMD;
798
799 case TIOCSSERIAL:
800 BT_ERR("TIOCSSERIAL is not supported");
801 return -ENOIOCTLCMD;
802
803 case TIOCSERGSTRUCT:
804 BT_ERR("TIOCSERGSTRUCT is not supported");
805 return -ENOIOCTLCMD;
806
807 case TIOCSERGETLSR:
808 BT_ERR("TIOCSERGETLSR is not supported");
809 return -ENOIOCTLCMD;
810
811 case TIOCSERCONFIG:
812 BT_ERR("TIOCSERCONFIG is not supported");
813 return -ENOIOCTLCMD;
814
815 default:
816 return -ENOIOCTLCMD; /* ioctls which we must ignore */
817
818 }
819
820 return -ENOIOCTLCMD;
821 }
822
823 static void rfcomm_tty_set_termios(struct tty_struct *tty, struct ktermios *old)
824 {
825 struct ktermios *new = tty->termios;
826 int old_baud_rate = tty_termios_baud_rate(old);
827 int new_baud_rate = tty_termios_baud_rate(new);
828
829 u8 baud, data_bits, stop_bits, parity, x_on, x_off;
830 u16 changes = 0;
831
832 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
833
834 BT_DBG("tty %p termios %p", tty, old);
835
836 if (!dev || !dev->dlc || !dev->dlc->session)
837 return;
838
839 /* Handle turning off CRTSCTS */
840 if ((old->c_cflag & CRTSCTS) && !(new->c_cflag & CRTSCTS))
841 BT_DBG("Turning off CRTSCTS unsupported");
842
843 /* Parity on/off and when on, odd/even */
844 if (((old->c_cflag & PARENB) != (new->c_cflag & PARENB)) ||
845 ((old->c_cflag & PARODD) != (new->c_cflag & PARODD)) ) {
846 changes |= RFCOMM_RPN_PM_PARITY;
847 BT_DBG("Parity change detected.");
848 }
849
850 /* Mark and space parity are not supported! */
851 if (new->c_cflag & PARENB) {
852 if (new->c_cflag & PARODD) {
853 BT_DBG("Parity is ODD");
854 parity = RFCOMM_RPN_PARITY_ODD;
855 } else {
856 BT_DBG("Parity is EVEN");
857 parity = RFCOMM_RPN_PARITY_EVEN;
858 }
859 } else {
860 BT_DBG("Parity is OFF");
861 parity = RFCOMM_RPN_PARITY_NONE;
862 }
863
864 /* Setting the x_on / x_off characters */
865 if (old->c_cc[VSTOP] != new->c_cc[VSTOP]) {
866 BT_DBG("XOFF custom");
867 x_on = new->c_cc[VSTOP];
868 changes |= RFCOMM_RPN_PM_XON;
869 } else {
870 BT_DBG("XOFF default");
871 x_on = RFCOMM_RPN_XON_CHAR;
872 }
873
874 if (old->c_cc[VSTART] != new->c_cc[VSTART]) {
875 BT_DBG("XON custom");
876 x_off = new->c_cc[VSTART];
877 changes |= RFCOMM_RPN_PM_XOFF;
878 } else {
879 BT_DBG("XON default");
880 x_off = RFCOMM_RPN_XOFF_CHAR;
881 }
882
883 /* Handle setting of stop bits */
884 if ((old->c_cflag & CSTOPB) != (new->c_cflag & CSTOPB))
885 changes |= RFCOMM_RPN_PM_STOP;
886
887 /* POSIX does not support 1.5 stop bits and RFCOMM does not
888 * support 2 stop bits. So a request for 2 stop bits gets
889 * translated to 1.5 stop bits */
890 if (new->c_cflag & CSTOPB) {
891 stop_bits = RFCOMM_RPN_STOP_15;
892 } else {
893 stop_bits = RFCOMM_RPN_STOP_1;
894 }
895
896 /* Handle number of data bits [5-8] */
897 if ((old->c_cflag & CSIZE) != (new->c_cflag & CSIZE))
898 changes |= RFCOMM_RPN_PM_DATA;
899
900 switch (new->c_cflag & CSIZE) {
901 case CS5:
902 data_bits = RFCOMM_RPN_DATA_5;
903 break;
904 case CS6:
905 data_bits = RFCOMM_RPN_DATA_6;
906 break;
907 case CS7:
908 data_bits = RFCOMM_RPN_DATA_7;
909 break;
910 case CS8:
911 data_bits = RFCOMM_RPN_DATA_8;
912 break;
913 default:
914 data_bits = RFCOMM_RPN_DATA_8;
915 break;
916 }
917
918 /* Handle baudrate settings */
919 if (old_baud_rate != new_baud_rate)
920 changes |= RFCOMM_RPN_PM_BITRATE;
921
922 switch (new_baud_rate) {
923 case 2400:
924 baud = RFCOMM_RPN_BR_2400;
925 break;
926 case 4800:
927 baud = RFCOMM_RPN_BR_4800;
928 break;
929 case 7200:
930 baud = RFCOMM_RPN_BR_7200;
931 break;
932 case 9600:
933 baud = RFCOMM_RPN_BR_9600;
934 break;
935 case 19200:
936 baud = RFCOMM_RPN_BR_19200;
937 break;
938 case 38400:
939 baud = RFCOMM_RPN_BR_38400;
940 break;
941 case 57600:
942 baud = RFCOMM_RPN_BR_57600;
943 break;
944 case 115200:
945 baud = RFCOMM_RPN_BR_115200;
946 break;
947 case 230400:
948 baud = RFCOMM_RPN_BR_230400;
949 break;
950 default:
951 /* 9600 is standard accordinag to the RFCOMM specification */
952 baud = RFCOMM_RPN_BR_9600;
953 break;
954
955 }
956
957 if (changes)
958 rfcomm_send_rpn(dev->dlc->session, 1, dev->dlc->dlci, baud,
959 data_bits, stop_bits, parity,
960 RFCOMM_RPN_FLOW_NONE, x_on, x_off, changes);
961
962 return;
963 }
964
965 static void rfcomm_tty_throttle(struct tty_struct *tty)
966 {
967 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
968
969 BT_DBG("tty %p dev %p", tty, dev);
970
971 rfcomm_dlc_throttle(dev->dlc);
972 }
973
974 static void rfcomm_tty_unthrottle(struct tty_struct *tty)
975 {
976 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
977
978 BT_DBG("tty %p dev %p", tty, dev);
979
980 rfcomm_dlc_unthrottle(dev->dlc);
981 }
982
983 static int rfcomm_tty_chars_in_buffer(struct tty_struct *tty)
984 {
985 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
986
987 BT_DBG("tty %p dev %p", tty, dev);
988
989 if (!dev || !dev->dlc)
990 return 0;
991
992 if (!skb_queue_empty(&dev->dlc->tx_queue))
993 return dev->dlc->mtu;
994
995 return 0;
996 }
997
998 static void rfcomm_tty_flush_buffer(struct tty_struct *tty)
999 {
1000 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1001
1002 BT_DBG("tty %p dev %p", tty, dev);
1003
1004 if (!dev || !dev->dlc)
1005 return;
1006
1007 skb_queue_purge(&dev->dlc->tx_queue);
1008
1009 if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags) && tty->ldisc.write_wakeup)
1010 tty->ldisc.write_wakeup(tty);
1011 }
1012
1013 static void rfcomm_tty_send_xchar(struct tty_struct *tty, char ch)
1014 {
1015 BT_DBG("tty %p ch %c", tty, ch);
1016 }
1017
1018 static void rfcomm_tty_wait_until_sent(struct tty_struct *tty, int timeout)
1019 {
1020 BT_DBG("tty %p timeout %d", tty, timeout);
1021 }
1022
1023 static void rfcomm_tty_hangup(struct tty_struct *tty)
1024 {
1025 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1026
1027 BT_DBG("tty %p dev %p", tty, dev);
1028
1029 if (!dev)
1030 return;
1031
1032 rfcomm_tty_flush_buffer(tty);
1033
1034 if (test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags)) {
1035 if (rfcomm_dev_get(dev->id) == NULL)
1036 return;
1037 rfcomm_dev_del(dev);
1038 rfcomm_dev_put(dev);
1039 }
1040 }
1041
1042 static int rfcomm_tty_read_proc(char *buf, char **start, off_t offset, int len, int *eof, void *unused)
1043 {
1044 return 0;
1045 }
1046
1047 static int rfcomm_tty_tiocmget(struct tty_struct *tty, struct file *filp)
1048 {
1049 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1050
1051 BT_DBG("tty %p dev %p", tty, dev);
1052
1053 return dev->modem_status;
1054 }
1055
1056 static int rfcomm_tty_tiocmset(struct tty_struct *tty, struct file *filp, unsigned int set, unsigned int clear)
1057 {
1058 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1059 struct rfcomm_dlc *dlc = dev->dlc;
1060 u8 v24_sig;
1061
1062 BT_DBG("tty %p dev %p set 0x%02x clear 0x%02x", tty, dev, set, clear);
1063
1064 rfcomm_dlc_get_modem_status(dlc, &v24_sig);
1065
1066 if (set & TIOCM_DSR || set & TIOCM_DTR)
1067 v24_sig |= RFCOMM_V24_RTC;
1068 if (set & TIOCM_RTS || set & TIOCM_CTS)
1069 v24_sig |= RFCOMM_V24_RTR;
1070 if (set & TIOCM_RI)
1071 v24_sig |= RFCOMM_V24_IC;
1072 if (set & TIOCM_CD)
1073 v24_sig |= RFCOMM_V24_DV;
1074
1075 if (clear & TIOCM_DSR || clear & TIOCM_DTR)
1076 v24_sig &= ~RFCOMM_V24_RTC;
1077 if (clear & TIOCM_RTS || clear & TIOCM_CTS)
1078 v24_sig &= ~RFCOMM_V24_RTR;
1079 if (clear & TIOCM_RI)
1080 v24_sig &= ~RFCOMM_V24_IC;
1081 if (clear & TIOCM_CD)
1082 v24_sig &= ~RFCOMM_V24_DV;
1083
1084 rfcomm_dlc_set_modem_status(dlc, v24_sig);
1085
1086 return 0;
1087 }
1088
1089 /* ---- TTY structure ---- */
1090
1091 static const struct tty_operations rfcomm_ops = {
1092 .open = rfcomm_tty_open,
1093 .close = rfcomm_tty_close,
1094 .write = rfcomm_tty_write,
1095 .write_room = rfcomm_tty_write_room,
1096 .chars_in_buffer = rfcomm_tty_chars_in_buffer,
1097 .flush_buffer = rfcomm_tty_flush_buffer,
1098 .ioctl = rfcomm_tty_ioctl,
1099 .throttle = rfcomm_tty_throttle,
1100 .unthrottle = rfcomm_tty_unthrottle,
1101 .set_termios = rfcomm_tty_set_termios,
1102 .send_xchar = rfcomm_tty_send_xchar,
1103 .hangup = rfcomm_tty_hangup,
1104 .wait_until_sent = rfcomm_tty_wait_until_sent,
1105 .read_proc = rfcomm_tty_read_proc,
1106 .tiocmget = rfcomm_tty_tiocmget,
1107 .tiocmset = rfcomm_tty_tiocmset,
1108 };
1109
1110 int rfcomm_init_ttys(void)
1111 {
1112 rfcomm_tty_driver = alloc_tty_driver(RFCOMM_TTY_PORTS);
1113 if (!rfcomm_tty_driver)
1114 return -1;
1115
1116 rfcomm_tty_driver->owner = THIS_MODULE;
1117 rfcomm_tty_driver->driver_name = "rfcomm";
1118 rfcomm_tty_driver->name = "rfcomm";
1119 rfcomm_tty_driver->major = RFCOMM_TTY_MAJOR;
1120 rfcomm_tty_driver->minor_start = RFCOMM_TTY_MINOR;
1121 rfcomm_tty_driver->type = TTY_DRIVER_TYPE_SERIAL;
1122 rfcomm_tty_driver->subtype = SERIAL_TYPE_NORMAL;
1123 rfcomm_tty_driver->flags = TTY_DRIVER_REAL_RAW | TTY_DRIVER_DYNAMIC_DEV;
1124 rfcomm_tty_driver->init_termios = tty_std_termios;
1125 rfcomm_tty_driver->init_termios.c_cflag = B9600 | CS8 | CREAD | HUPCL | CLOCAL;
1126 tty_set_operations(rfcomm_tty_driver, &rfcomm_ops);
1127
1128 if (tty_register_driver(rfcomm_tty_driver)) {
1129 BT_ERR("Can't register RFCOMM TTY driver");
1130 put_tty_driver(rfcomm_tty_driver);
1131 return -1;
1132 }
1133
1134 BT_INFO("RFCOMM TTY layer initialized");
1135
1136 return 0;
1137 }
1138
1139 void rfcomm_cleanup_ttys(void)
1140 {
1141 tty_unregister_driver(rfcomm_tty_driver);
1142 put_tty_driver(rfcomm_tty_driver);
1143 }
1144
|
This page was automatically generated by the
LXR engine.
|