1 /* 2 RFCOMM implementation for Linux Bluetooth stack (BlueZ). 3 Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com> 4 Copyright (C) 2002 Marcel Holtmann <marcel@holtmann.org> 5 6 This program is free software; you can redistribute it and/or modify 7 it under the terms of the GNU General Public License version 2 as 8 published by the Free Software Foundation; 9 10 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS 11 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 12 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. 13 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY 14 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES 15 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 19 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, 20 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS 21 SOFTWARE IS DISCLAIMED. 22 */ 23 24 /* 25 * Bluetooth RFCOMM core. 26 * 27 * $Id: core.c,v 1.42 2002/10/01 23:26:25 maxk Exp $ 28 */ 29 30 #include <linux/config.h> 31 #include <linux/module.h> 32 #include <linux/errno.h> 33 #include <linux/kernel.h> 34 #include <linux/sched.h> 35 #include <linux/signal.h> 36 #include <linux/init.h> 37 #include <linux/wait.h> 38 #include <linux/net.h> 39 #include <linux/proc_fs.h> 40 #include <linux/seq_file.h> 41 #include <net/sock.h> 42 #include <asm/uaccess.h> 43 #include <asm/unaligned.h> 44 45 #include <net/bluetooth/bluetooth.h> 46 #include <net/bluetooth/hci_core.h> 47 #include <net/bluetooth/l2cap.h> 48 #include <net/bluetooth/rfcomm.h> 49 50 #define VERSION "1.5" 51 52 #ifndef CONFIG_BT_RFCOMM_DEBUG 53 #undef BT_DBG 54 #define BT_DBG(D...) 55 #endif 56 57 #ifdef CONFIG_PROC_FS 58 struct proc_dir_entry *proc_bt_rfcomm; 59 #endif 60 61 static struct task_struct *rfcomm_thread; 62 63 static DECLARE_MUTEX(rfcomm_sem); 64 #define rfcomm_lock() down(&rfcomm_sem); 65 #define rfcomm_unlock() up(&rfcomm_sem); 66 67 static unsigned long rfcomm_event; 68 69 static LIST_HEAD(session_list); 70 static atomic_t terminate, running; 71 72 static int rfcomm_send_frame(struct rfcomm_session *s, u8 *data, int len); 73 static int rfcomm_send_sabm(struct rfcomm_session *s, u8 dlci); 74 static int rfcomm_send_disc(struct rfcomm_session *s, u8 dlci); 75 static int rfcomm_queue_disc(struct rfcomm_dlc *d); 76 static int rfcomm_send_nsc(struct rfcomm_session *s, int cr, u8 type); 77 static int rfcomm_send_pn(struct rfcomm_session *s, int cr, struct rfcomm_dlc *d); 78 static int rfcomm_send_msc(struct rfcomm_session *s, int cr, u8 dlci, u8 v24_sig); 79 static int rfcomm_send_test(struct rfcomm_session *s, int cr, u8 *pattern, int len); 80 static int rfcomm_send_credits(struct rfcomm_session *s, u8 addr, u8 credits); 81 static void rfcomm_make_uih(struct sk_buff *skb, u8 addr); 82 83 static void rfcomm_process_connect(struct rfcomm_session *s); 84 85 static struct rfcomm_session *rfcomm_session_create(bdaddr_t *src, bdaddr_t *dst, int *err); 86 static struct rfcomm_session *rfcomm_session_get(bdaddr_t *src, bdaddr_t *dst); 87 static void rfcomm_session_del(struct rfcomm_session *s); 88 89 /* ---- RFCOMM frame parsing macros ---- */ 90 #define __get_dlci(b) ((b & 0xfc) >> 2) 91 #define __get_channel(b) ((b & 0xf8) >> 3) 92 #define __get_dir(b) ((b & 0x04) >> 2) 93 #define __get_type(b) ((b & 0xef)) 94 95 #define __test_ea(b) ((b & 0x01)) 96 #define __test_cr(b) ((b & 0x02)) 97 #define __test_pf(b) ((b & 0x10)) 98 99 #define __addr(cr, dlci) (((dlci & 0x3f) << 2) | (cr << 1) | 0x01) 100 #define __ctrl(type, pf) (((type & 0xef) | (pf << 4))) 101 #define __dlci(dir, chn) (((chn & 0x1f) << 1) | dir) 102 #define __srv_channel(dlci) (dlci >> 1) 103 #define __dir(dlci) (dlci & 0x01) 104 105 #define __len8(len) (((len) << 1) | 1) 106 #define __len16(len) ((len) << 1) 107 108 /* MCC macros */ 109 #define __mcc_type(cr, type) (((type << 2) | (cr << 1) | 0x01)) 110 #define __get_mcc_type(b) ((b & 0xfc) >> 2) 111 #define __get_mcc_len(b) ((b & 0xfe) >> 1) 112 113 /* RPN macros */ 114 #define __rpn_line_settings(data, stop, parity) ((data & 0x3) | ((stop & 0x1) << 2) | ((parity & 0x7) << 3)) 115 #define __get_rpn_data_bits(line) ((line) & 0x3) 116 #define __get_rpn_stop_bits(line) (((line) >> 2) & 0x1) 117 #define __get_rpn_parity(line) (((line) >> 3) & 0x7) 118 119 static inline void rfcomm_schedule(uint event) 120 { 121 if (!rfcomm_thread) 122 return; 123 //set_bit(event, &rfcomm_event); 124 set_bit(RFCOMM_SCHED_WAKEUP, &rfcomm_event); 125 wake_up_process(rfcomm_thread); 126 } 127 128 static inline void rfcomm_session_put(struct rfcomm_session *s) 129 { 130 if (atomic_dec_and_test(&s->refcnt)) 131 rfcomm_session_del(s); 132 } 133 134 /* ---- RFCOMM FCS computation ---- */ 135 136 /* CRC on 2 bytes */ 137 #define __crc(data) (rfcomm_crc_table[rfcomm_crc_table[0xff ^ data[0]] ^ data[1]]) 138 139 /* FCS on 2 bytes */ 140 static inline u8 __fcs(u8 *data) 141 { 142 return (0xff - __crc(data)); 143 } 144 145 /* FCS on 3 bytes */ 146 static inline u8 __fcs2(u8 *data) 147 { 148 return (0xff - rfcomm_crc_table[__crc(data) ^ data[2]]); 149 } 150 151 /* Check FCS */ 152 static inline int __check_fcs(u8 *data, int type, u8 fcs) 153 { 154 u8 f = __crc(data); 155 156 if (type != RFCOMM_UIH) 157 f = rfcomm_crc_table[f ^ data[2]]; 158 159 return rfcomm_crc_table[f ^ fcs] != 0xcf; 160 } 161 162 /* ---- L2CAP callbacks ---- */ 163 static void rfcomm_l2state_change(struct sock *sk) 164 { 165 BT_DBG("%p state %d", sk, sk->sk_state); 166 rfcomm_schedule(RFCOMM_SCHED_STATE); 167 } 168 169 static void rfcomm_l2data_ready(struct sock *sk, int bytes) 170 { 171 BT_DBG("%p bytes %d", sk, bytes); 172 rfcomm_schedule(RFCOMM_SCHED_RX); 173 } 174 175 static int rfcomm_l2sock_create(struct socket **sock) 176 { 177 int err; 178 179 BT_DBG(""); 180 181 err = sock_create_kern(PF_BLUETOOTH, SOCK_SEQPACKET, BTPROTO_L2CAP, sock); 182 if (!err) { 183 struct sock *sk = (*sock)->sk; 184 sk->sk_data_ready = rfcomm_l2data_ready; 185 sk->sk_state_change = rfcomm_l2state_change; 186 } 187 return err; 188 } 189 190 /* ---- RFCOMM DLCs ---- */ 191 static void rfcomm_dlc_timeout(unsigned long arg) 192 { 193 struct rfcomm_dlc *d = (void *) arg; 194 195 BT_DBG("dlc %p state %ld", d, d->state); 196 197 set_bit(RFCOMM_TIMED_OUT, &d->flags); 198 rfcomm_dlc_put(d); 199 rfcomm_schedule(RFCOMM_SCHED_TIMEO); 200 } 201 202 static void rfcomm_dlc_set_timer(struct rfcomm_dlc *d, long timeout) 203 { 204 BT_DBG("dlc %p state %ld timeout %ld", d, d->state, timeout); 205 206 if (!mod_timer(&d->timer, jiffies + timeout)) 207 rfcomm_dlc_hold(d); 208 } 209 210 static void rfcomm_dlc_clear_timer(struct rfcomm_dlc *d) 211 { 212 BT_DBG("dlc %p state %ld", d, d->state); 213 214 if (timer_pending(&d->timer) && del_timer(&d->timer)) 215 rfcomm_dlc_put(d); 216 } 217 218 static void rfcomm_dlc_clear_state(struct rfcomm_dlc *d) 219 { 220 BT_DBG("%p", d); 221 222 d->state = BT_OPEN; 223 d->flags = 0; 224 d->mscex = 0; 225 d->mtu = RFCOMM_DEFAULT_MTU; 226 d->v24_sig = RFCOMM_V24_RTC | RFCOMM_V24_RTR | RFCOMM_V24_DV; 227 228 d->cfc = RFCOMM_CFC_DISABLED; 229 d->rx_credits = RFCOMM_DEFAULT_CREDITS; 230 } 231 232 struct rfcomm_dlc *rfcomm_dlc_alloc(gfp_t prio) 233 { 234 struct rfcomm_dlc *d = kmalloc(sizeof(*d), prio); 235 if (!d) 236 return NULL; 237 memset(d, 0, sizeof(*d)); 238 239 init_timer(&d->timer); 240 d->timer.function = rfcomm_dlc_timeout; 241 d->timer.data = (unsigned long) d; 242 243 skb_queue_head_init(&d->tx_queue); 244 spin_lock_init(&d->lock); 245 atomic_set(&d->refcnt, 1); 246 247 rfcomm_dlc_clear_state(d); 248 249 BT_DBG("%p", d); 250 return d; 251 } 252 253 void rfcomm_dlc_free(struct rfcomm_dlc *d) 254 { 255 BT_DBG("%p", d); 256 257 skb_queue_purge(&d->tx_queue); 258 kfree(d); 259 } 260 261 static void rfcomm_dlc_link(struct rfcomm_session *s, struct rfcomm_dlc *d) 262 { 263 BT_DBG("dlc %p session %p", d, s); 264 265 rfcomm_session_hold(s); 266 267 rfcomm_dlc_hold(d); 268 list_add(&d->list, &s->dlcs); 269 d->session = s; 270 } 271 272 static void rfcomm_dlc_unlink(struct rfcomm_dlc *d) 273 { 274 struct rfcomm_session *s = d->session; 275 276 BT_DBG("dlc %p refcnt %d session %p", d, atomic_read(&d->refcnt), s); 277 278 list_del(&d->list); 279 d->session = NULL; 280 rfcomm_dlc_put(d); 281 282 rfcomm_session_put(s); 283 } 284 285 static struct rfcomm_dlc *rfcomm_dlc_get(struct rfcomm_session *s, u8 dlci) 286 { 287 struct rfcomm_dlc *d; 288 struct list_head *p; 289 290 list_for_each(p, &s->dlcs) { 291 d = list_entry(p, struct rfcomm_dlc, list); 292 if (d->dlci == dlci) 293 return d; 294 } 295 return NULL; 296 } 297 298 static int __rfcomm_dlc_open(struct rfcomm_dlc *d, bdaddr_t *src, bdaddr_t *dst, u8 channel) 299 { 300 struct rfcomm_session *s; 301 int err = 0; 302 u8 dlci; 303 304 BT_DBG("dlc %p state %ld %s %s channel %d", 305 d, d->state, batostr(src), batostr(dst), channel); 306 307 if (channel < 1 || channel > 30) 308 return -EINVAL; 309 310 if (d->state != BT_OPEN && d->state != BT_CLOSED) 311 return 0; 312 313 s = rfcomm_session_get(src, dst); 314 if (!s) { 315 s = rfcomm_session_create(src, dst, &err); 316 if (!s) 317 return err; 318 } 319 320 dlci = __dlci(!s->initiator, channel); 321 322 /* Check if DLCI already exists */ 323 if (rfcomm_dlc_get(s, dlci)) 324 return -EBUSY; 325 326 rfcomm_dlc_clear_state(d); 327 328 d->dlci = dlci; 329 d->addr = __addr(s->initiator, dlci); 330 d->priority = 7; 331 332 d->state = BT_CONFIG; 333 rfcomm_dlc_link(s, d); 334 335 d->mtu = s->mtu; 336 d->cfc = (s->cfc == RFCOMM_CFC_UNKNOWN) ? 0 : s->cfc; 337 338 if (s->state == BT_CONNECTED) 339 rfcomm_send_pn(s, 1, d); 340 rfcomm_dlc_set_timer(d, RFCOMM_CONN_TIMEOUT); 341 return 0; 342 } 343 344 int rfcomm_dlc_open(struct rfcomm_dlc *d, bdaddr_t *src, bdaddr_t *dst, u8 channel) 345 { 346 int r; 347 348 rfcomm_lock(); 349 350 r = __rfcomm_dlc_open(d, src, dst, channel); 351 352 rfcomm_unlock(); 353 return r; 354 } 355 356 static int __rfcomm_dlc_close(struct rfcomm_dlc *d, int err) 357 { 358 struct rfcomm_session *s = d->session; 359 if (!s) 360 return 0; 361 362 BT_DBG("dlc %p state %ld dlci %d err %d session %p", 363 d, d->state, d->dlci, err, s); 364 365 switch (d->state) { 366 case BT_CONNECTED: 367 case BT_CONFIG: 368 case BT_CONNECT: 369 d->state = BT_DISCONN; 370 if (skb_queue_empty(&d->tx_queue)) { 371 rfcomm_send_disc(s, d->dlci); 372 rfcomm_dlc_set_timer(d, RFCOMM_DISC_TIMEOUT); 373 } else { 374 rfcomm_queue_disc(d); 375 rfcomm_dlc_set_timer(d, RFCOMM_DISC_TIMEOUT * 2); 376 } 377 break; 378 379 default: 380 rfcomm_dlc_clear_timer(d); 381 382 rfcomm_dlc_lock(d); 383 d->state = BT_CLOSED; 384 d->state_change(d, err); 385 rfcomm_dlc_unlock(d); 386 387 skb_queue_purge(&d->tx_queue); 388 rfcomm_dlc_unlink(d); 389 } 390 391 return 0; 392 } 393 394 int rfcomm_dlc_close(struct rfcomm_dlc *d, int err) 395 { 396 int r; 397 398 rfcomm_lock(); 399 400 r = __rfcomm_dlc_close(d, err); 401 402 rfcomm_unlock(); 403 return r; 404 } 405 406 int rfcomm_dlc_send(struct rfcomm_dlc *d, struct sk_buff *skb) 407 { 408 int len = skb->len; 409 410 if (d->state != BT_CONNECTED) 411 return -ENOTCONN; 412 413 BT_DBG("dlc %p mtu %d len %d", d, d->mtu, len); 414 415 if (len > d->mtu) 416 return -EINVAL; 417 418 rfcomm_make_uih(skb, d->addr); 419 skb_queue_tail(&d->tx_queue, skb); 420 421 if (!test_bit(RFCOMM_TX_THROTTLED, &d->flags)) 422 rfcomm_schedule(RFCOMM_SCHED_TX); 423 return len; 424 } 425 426 void fastcall __rfcomm_dlc_throttle(struct rfcomm_dlc *d) 427 { 428 BT_DBG("dlc %p state %ld", d, d->state); 429 430 if (!d->cfc) { 431 d->v24_sig |= RFCOMM_V24_FC; 432 set_bit(RFCOMM_MSC_PENDING, &d->flags); 433 } 434 rfcomm_schedule(RFCOMM_SCHED_TX); 435 } 436 437 void fastcall __rfcomm_dlc_unthrottle(struct rfcomm_dlc *d) 438 { 439 BT_DBG("dlc %p state %ld", d, d->state); 440 441 if (!d->cfc) { 442 d->v24_sig &= ~RFCOMM_V24_FC; 443 set_bit(RFCOMM_MSC_PENDING, &d->flags); 444 } 445 rfcomm_schedule(RFCOMM_SCHED_TX); 446 } 447 448 /* 449 Set/get modem status functions use _local_ status i.e. what we report 450 to the other side. 451 Remote status is provided by dlc->modem_status() callback. 452 */ 453 int rfcomm_dlc_set_modem_status(struct rfcomm_dlc *d, u8 v24_sig) 454 { 455 BT_DBG("dlc %p state %ld v24_sig 0x%x", 456 d, d->state, v24_sig); 457 458 if (test_bit(RFCOMM_RX_THROTTLED, &d->flags)) 459 v24_sig |= RFCOMM_V24_FC; 460 else 461 v24_sig &= ~RFCOMM_V24_FC; 462 463 d->v24_sig = v24_sig; 464 465 if (!test_and_set_bit(RFCOMM_MSC_PENDING, &d->flags)) 466 rfcomm_schedule(RFCOMM_SCHED_TX); 467 468 return 0; 469 } 470 471 int rfcomm_dlc_get_modem_status(struct rfcomm_dlc *d, u8 *v24_sig) 472 { 473 BT_DBG("dlc %p state %ld v24_sig 0x%x", 474 d, d->state, d->v24_sig); 475 476 *v24_sig = d->v24_sig; 477 return 0; 478 } 479 480 /* ---- RFCOMM sessions ---- */ 481 static struct rfcomm_session *rfcomm_session_add(struct socket *sock, int state) 482 { 483 struct rfcomm_session *s = kmalloc(sizeof(*s), GFP_KERNEL); 484 if (!s) 485 return NULL; 486 memset(s, 0, sizeof(*s)); 487 488 BT_DBG("session %p sock %p", s, sock); 489 490 INIT_LIST_HEAD(&s->dlcs); 491 s->state = state; 492 s->sock = sock; 493 494 s->mtu = RFCOMM_DEFAULT_MTU; 495 s->cfc = RFCOMM_CFC_UNKNOWN; 496 497 /* Do not increment module usage count for listening sessions. 498 * Otherwise we won't be able to unload the module. */ 499 if (state != BT_LISTEN) 500 if (!try_module_get(THIS_MODULE)) { 501 kfree(s); 502 return NULL; 503 } 504 505 list_add(&s->list, &session_list); 506 507 return s; 508 } 509 510 static void rfcomm_session_del(struct rfcomm_session *s) 511 { 512 int state = s->state; 513 514 BT_DBG("session %p state %ld", s, s->state); 515 516 list_del(&s->list); 517 518 if (state == BT_CONNECTED) 519 rfcomm_send_disc(s, 0); 520 521 sock_release(s->sock); 522 kfree(s); 523 524 if (state != BT_LISTEN) 525 module_put(THIS_MODULE); 526 } 527 528 static struct rfcomm_session *rfcomm_session_get(bdaddr_t *src, bdaddr_t *dst) 529 { 530 struct rfcomm_session *s; 531 struct list_head *p, *n; 532 struct bt_sock *sk; 533 list_for_each_safe(p, n, &session_list) { 534 s = list_entry(p, struct rfcomm_session, list); 535 sk = bt_sk(s->sock->sk); 536 537 if ((!bacmp(src, BDADDR_ANY) || !bacmp(&sk->src, src)) && 538 !bacmp(&sk->dst, dst)) 539 return s; 540 } 541 return NULL; 542 } 543 544 static void rfcomm_session_close(struct rfcomm_session *s, int err) 545 { 546 struct rfcomm_dlc *d; 547 struct list_head *p, *n; 548 549 BT_DBG("session %p state %ld err %d", s, s->state, err); 550 551 rfcomm_session_hold(s); 552 553 s->state = BT_CLOSED; 554 555 /* Close all dlcs */ 556 list_for_each_safe(p, n, &s->dlcs) { 557 d = list_entry(p, struct rfcomm_dlc, list); 558 d->state = BT_CLOSED; 559 __rfcomm_dlc_close(d, err); 560 } 561 562 rfcomm_session_put(s); 563 } 564 565 static struct rfcomm_session *rfcomm_session_create(bdaddr_t *src, bdaddr_t *dst, int *err) 566 { 567 struct rfcomm_session *s = NULL; 568 struct sockaddr_l2 addr; 569 struct socket *sock; 570 struct sock *sk; 571 572 BT_DBG("%s %s", batostr(src), batostr(dst)); 573 574 *err = rfcomm_l2sock_create(&sock); 575 if (*err < 0) 576 return NULL; 577 578 bacpy(&addr.l2_bdaddr, src); 579 addr.l2_family = AF_BLUETOOTH; 580 addr.l2_psm = 0; 581 *err = sock->ops->bind(sock, (struct sockaddr *) &addr, sizeof(addr)); 582 if (*err < 0) 583 goto failed; 584 585 /* Set L2CAP options */ 586 sk = sock->sk; 587 lock_sock(sk); 588 l2cap_pi(sk)->imtu = RFCOMM_MAX_L2CAP_MTU; 589 release_sock(sk); 590 591 s = rfcomm_session_add(sock, BT_BOUND); 592 if (!s) { 593 *err = -ENOMEM; 594 goto failed; 595 } 596 597 s->initiator = 1; 598 599 bacpy(&addr.l2_bdaddr, dst); 600 addr.l2_family = AF_BLUETOOTH; 601 addr.l2_psm = htobs(RFCOMM_PSM); 602 *err = sock->ops->connect(sock, (struct sockaddr *) &addr, sizeof(addr), O_NONBLOCK); 603 if (*err == 0 || *err == -EAGAIN) 604 return s; 605 606 rfcomm_session_del(s); 607 return NULL; 608 609 failed: 610 sock_release(sock); 611 return NULL; 612 } 613 614 void rfcomm_session_getaddr(struct rfcomm_session *s, bdaddr_t *src, bdaddr_t *dst) 615 { 616 struct sock *sk = s->sock->sk; 617 if (src) 618 bacpy(src, &bt_sk(sk)->src); 619 if (dst) 620 bacpy(dst, &bt_sk(sk)->dst); 621 } 622 623 /* ---- RFCOMM frame sending ---- */ 624 static int rfcomm_send_frame(struct rfcomm_session *s, u8 *data, int len) 625 { 626 struct socket *sock = s->sock; 627 struct kvec iv = { data, len }; 628 struct msghdr msg; 629 630 BT_DBG("session %p len %d", s, len); 631 632 memset(&msg, 0, sizeof(msg)); 633 634 return kernel_sendmsg(sock, &msg, &iv, 1, len); 635 } 636 637 static int rfcomm_send_sabm(struct rfcomm_session *s, u8 dlci) 638 { 639 struct rfcomm_cmd cmd; 640 641 BT_DBG("%p dlci %d", s, dlci); 642 643 cmd.addr = __addr(s->initiator, dlci); 644 cmd.ctrl = __ctrl(RFCOMM_SABM, 1); 645 cmd.len = __len8(0); 646 cmd.fcs = __fcs2((u8 *) &cmd); 647 648 return rfcomm_send_frame(s, (void *) &cmd, sizeof(cmd)); 649 } 650 651 static int rfcomm_send_ua(struct rfcomm_session *s, u8 dlci) 652 { 653 struct rfcomm_cmd cmd; 654 655 BT_DBG("%p dlci %d", s, dlci); 656 657 cmd.addr = __addr(!s->initiator, dlci); 658 cmd.ctrl = __ctrl(RFCOMM_UA, 1); 659 cmd.len = __len8(0); 660 cmd.fcs = __fcs2((u8 *) &cmd); 661 662 return rfcomm_send_frame(s, (void *) &cmd, sizeof(cmd)); 663 } 664 665 static int rfcomm_send_disc(struct rfcomm_session *s, u8 dlci) 666 { 667 struct rfcomm_cmd cmd; 668 669 BT_DBG("%p dlci %d", s, dlci); 670 671 cmd.addr = __addr(s->initiator, dlci); 672 cmd.ctrl = __ctrl(RFCOMM_DISC, 1); 673 cmd.len = __len8(0); 674 cmd.fcs = __fcs2((u8 *) &cmd); 675 676 return rfcomm_send_frame(s, (void *) &cmd, sizeof(cmd)); 677 } 678 679 static int rfcomm_queue_disc(struct rfcomm_dlc *d) 680 { 681 struct rfcomm_cmd *cmd; 682 struct sk_buff *skb; 683 684 BT_DBG("dlc %p dlci %d", d, d->dlci); 685 686 skb = alloc_skb(sizeof(*cmd), GFP_KERNEL); 687 if (!skb) 688 return -ENOMEM; 689 690 cmd = (void *) __skb_put(skb, sizeof(*cmd)); 691 cmd->addr = d->addr; 692 cmd->ctrl = __ctrl(RFCOMM_DISC, 1); 693 cmd->len = __len8(0); 694 cmd->fcs = __fcs2((u8 *) cmd); 695 696 skb_queue_tail(&d->tx_queue, skb); 697 rfcomm_schedule(RFCOMM_SCHED_TX); 698 return 0; 699 } 700 701 static int rfcomm_send_dm(struct rfcomm_session *s, u8 dlci) 702 { 703 struct rfcomm_cmd cmd; 704 705 BT_DBG("%p dlci %d", s, dlci); 706 707 cmd.addr = __addr(!s->initiator, dlci); 708 cmd.ctrl = __ctrl(RFCOMM_DM, 1); 709 cmd.len = __len8(0); 710 cmd.fcs = __fcs2((u8 *) &cmd); 711 712 return rfcomm_send_frame(s, (void *) &cmd, sizeof(cmd)); 713 } 714 715 static int rfcomm_send_nsc(struct rfcomm_session *s, int cr, u8 type) 716 { 717 struct rfcomm_hdr *hdr; 718 struct rfcomm_mcc *mcc; 719 u8 buf[16], *ptr = buf; 720 721 BT_DBG("%p cr %d type %d", s, cr, type); 722 723 hdr = (void *) ptr; ptr += sizeof(*hdr); 724 hdr->addr = __addr(s->initiator, 0); 725 hdr->ctrl = __ctrl(RFCOMM_UIH, 0); 726 hdr->len = __len8(sizeof(*mcc) + 1); 727 728 mcc = (void *) ptr; ptr += sizeof(*mcc); 729 mcc->type = __mcc_type(cr, RFCOMM_NSC); 730 mcc->len = __len8(1); 731 732 /* Type that we didn't like */ 733 *ptr = __mcc_type(cr, type); ptr++; 734 735 *ptr = __fcs(buf); ptr++; 736 737 return rfcomm_send_frame(s, buf, ptr - buf); 738 } 739 740 static int rfcomm_send_pn(struct rfcomm_session *s, int cr, struct rfcomm_dlc *d) 741 { 742 struct rfcomm_hdr *hdr; 743 struct rfcomm_mcc *mcc; 744 struct rfcomm_pn *pn; 745 u8 buf[16], *ptr = buf; 746 747 BT_DBG("%p cr %d dlci %d mtu %d", s, cr, d->dlci, d->mtu); 748 749 hdr = (void *) ptr; ptr += sizeof(*hdr); 750 hdr->addr = __addr(s->initiator, 0); 751 hdr->ctrl = __ctrl(RFCOMM_UIH, 0); 752 hdr->len = __len8(sizeof(*mcc) + sizeof(*pn)); 753 754 mcc = (void *) ptr; ptr += sizeof(*mcc); 755 mcc->type = __mcc_type(cr, RFCOMM_PN); 756 mcc->len = __len8(sizeof(*pn)); 757 758 pn = (void *) ptr; ptr += sizeof(*pn); 759 pn->dlci = d->dlci; 760 pn->priority = d->priority; 761 pn->ack_timer = 0; 762 pn->max_retrans = 0; 763 764 if (s->cfc) { 765 pn->flow_ctrl = cr ? 0xf0 : 0xe0; 766 pn->credits = RFCOMM_DEFAULT_CREDITS; 767 } else { 768 pn->flow_ctrl = 0; 769 pn->credits = 0; 770 } 771 772 pn->mtu = htobs(d->mtu); 773 774 *ptr = __fcs(buf); ptr++; 775 776 return rfcomm_send_frame(s, buf, ptr - buf); 777 } 778 779 int rfcomm_send_rpn(struct rfcomm_session *s, int cr, u8 dlci, 780 u8 bit_rate, u8 data_bits, u8 stop_bits, 781 u8 parity, u8 flow_ctrl_settings, 782 u8 xon_char, u8 xoff_char, u16 param_mask) 783 { 784 struct rfcomm_hdr *hdr; 785 struct rfcomm_mcc *mcc; 786 struct rfcomm_rpn *rpn; 787 u8 buf[16], *ptr = buf; 788 789 BT_DBG("%p cr %d dlci %d bit_r 0x%x data_b 0x%x stop_b 0x%x parity 0x%x" 790 " flwc_s 0x%x xon_c 0x%x xoff_c 0x%x p_mask 0x%x", 791 s, cr, dlci, bit_rate, data_bits, stop_bits, parity, 792 flow_ctrl_settings, xon_char, xoff_char, param_mask); 793 794 hdr = (void *) ptr; ptr += sizeof(*hdr); 795 hdr->addr = __addr(s->initiator, 0); 796 hdr->ctrl = __ctrl(RFCOMM_UIH, 0); 797 hdr->len = __len8(sizeof(*mcc) + sizeof(*rpn)); 798 799 mcc = (void *) ptr; ptr += sizeof(*mcc); 800 mcc->type = __mcc_type(cr, RFCOMM_RPN); 801 mcc->len = __len8(sizeof(*rpn)); 802 803 rpn = (void *) ptr; ptr += sizeof(*rpn); 804 rpn->dlci = __addr(1, dlci); 805 rpn->bit_rate = bit_rate; 806 rpn->line_settings = __rpn_line_settings(data_bits, stop_bits, parity); 807 rpn->flow_ctrl = flow_ctrl_settings; 808 rpn->xon_char = xon_char; 809 rpn->xoff_char = xoff_char; 810 rpn->param_mask = param_mask; 811 812 *ptr = __fcs(buf); ptr++; 813 814 return rfcomm_send_frame(s, buf, ptr - buf); 815 } 816 817 static int rfcomm_send_rls(struct rfcomm_session *s, int cr, u8 dlci, u8 status) 818 { 819 struct rfcomm_hdr *hdr; 820 struct rfcomm_mcc *mcc; 821 struct rfcomm_rls *rls; 822 u8 buf[16], *ptr = buf; 823 824 BT_DBG("%p cr %d status 0x%x", s, cr, status); 825 826 hdr = (void *) ptr; ptr += sizeof(*hdr); 827 hdr->addr = __addr(s->initiator, 0); 828 hdr->ctrl = __ctrl(RFCOMM_UIH, 0); 829 hdr->len = __len8(sizeof(*mcc) + sizeof(*rls)); 830 831 mcc = (void *) ptr; ptr += sizeof(*mcc); 832 mcc->type = __mcc_type(cr, RFCOMM_RLS); 833 mcc->len = __len8(sizeof(*rls)); 834 835 rls = (void *) ptr; ptr += sizeof(*rls); 836 rls->dlci = __addr(1, dlci); 837 rls->status = status; 838 839 *ptr = __fcs(buf); ptr++; 840 841 return rfcomm_send_frame(s, buf, ptr - buf); 842 } 843 844 static int rfcomm_send_msc(struct rfcomm_session *s, int cr, u8 dlci, u8 v24_sig) 845 { 846 struct rfcomm_hdr *hdr; 847 struct rfcomm_mcc *mcc; 848 struct rfcomm_msc *msc; 849 u8 buf[16], *ptr = buf; 850 851 BT_DBG("%p cr %d v24 0x%x", s, cr, v24_sig); 852 853 hdr = (void *) ptr; ptr += sizeof(*hdr); 854 hdr->addr = __addr(s->initiator, 0); 855 hdr->ctrl = __ctrl(RFCOMM_UIH, 0); 856 hdr->len = __len8(sizeof(*mcc) + sizeof(*msc)); 857 858 mcc = (void *) ptr; ptr += sizeof(*mcc); 859 mcc->type = __mcc_type(cr, RFCOMM_MSC); 860 mcc->len = __len8(sizeof(*msc)); 861 862 msc = (void *) ptr; ptr += sizeof(*msc); 863 msc->dlci = __addr(1, dlci); 864 msc->v24_sig = v24_sig | 0x01; 865 866 *ptr = __fcs(buf); ptr++; 867 868 return rfcomm_send_frame(s, buf, ptr - buf); 869 } 870 871 static int rfcomm_send_fcoff(struct rfcomm_session *s, int cr) 872 { 873 struct rfcomm_hdr *hdr; 874 struct rfcomm_mcc *mcc; 875 u8 buf[16], *ptr = buf; 876 877 BT_DBG("%p cr %d", s, cr); 878 879 hdr = (void *) ptr; ptr += sizeof(*hdr); 880 hdr->addr = __addr(s->initiator, 0); 881 hdr->ctrl = __ctrl(RFCOMM_UIH, 0); 882 hdr->len = __len8(sizeof(*mcc)); 883 884 mcc = (void *) ptr; ptr += sizeof(*mcc); 885 mcc->type = __mcc_type(cr, RFCOMM_FCOFF); 886 mcc->len = __len8(0); 887 888 *ptr = __fcs(buf); ptr++; 889 890 return rfcomm_send_frame(s, buf, ptr - buf); 891 } 892 893 static int rfcomm_send_fcon(struct rfcomm_session *s, int cr) 894 { 895 struct rfcomm_hdr *hdr; 896 struct rfcomm_mcc *mcc; 897 u8 buf[16], *ptr = buf; 898 899 BT_DBG("%p cr %d", s, cr); 900 901 hdr = (void *) ptr; ptr += sizeof(*hdr); 902 hdr->addr = __addr(s->initiator, 0); 903 hdr->ctrl = __ctrl(RFCOMM_UIH, 0); 904 hdr->len = __len8(sizeof(*mcc)); 905 906 mcc = (void *) ptr; ptr += sizeof(*mcc); 907 mcc->type = __mcc_type(cr, RFCOMM_FCON); 908 mcc->len = __len8(0); 909 910 *ptr = __fcs(buf); ptr++; 911 912 return rfcomm_send_frame(s, buf, ptr - buf); 913 } 914 915 static int rfcomm_send_test(struct rfcomm_session *s, int cr, u8 *pattern, int len) 916 { 917 struct socket *sock = s->sock; 918 struct kvec iv[3]; 919 struct msghdr msg; 920 unsigned char hdr[5], crc[1]; 921 922 if (len > 125) 923 return -EINVAL; 924 925 BT_DBG("%p cr %d", s, cr); 926 927 hdr[0] = __addr(s->initiator, 0); 928 hdr[1] = __ctrl(RFCOMM_UIH, 0); 929 hdr[2] = 0x01 | ((len + 2) << 1); 930 hdr[3] = 0x01 | ((cr & 0x01) << 1) | (RFCOMM_TEST << 2); 931 hdr[4] = 0x01 | (len << 1); 932 933 crc[0] = __fcs(hdr); 934 935 iv[0].iov_base = hdr; 936 iv[0].iov_len = 5; 937 iv[1].iov_base = pattern; 938 iv[1].iov_len = len; 939 iv[2].iov_base = crc; 940 iv[2].iov_len = 1; 941 942 memset(&msg, 0, sizeof(msg)); 943 944 return kernel_sendmsg(sock, &msg, iv, 3, 6 + len); 945 } 946 947 static int rfcomm_send_credits(struct rfcomm_session *s, u8 addr, u8 credits) 948 { 949 struct rfcomm_hdr *hdr; 950 u8 buf[16], *ptr = buf; 951 952 BT_DBG("%p addr %d credits %d", s, addr, credits); 953 954 hdr = (void *) ptr; ptr += sizeof(*hdr); 955 hdr->addr = addr; 956 hdr->ctrl = __ctrl(RFCOMM_UIH, 1); 957 hdr->len = __len8(0); 958 959 *ptr = credits; ptr++; 960 961 *ptr = __fcs(buf); ptr++; 962 963 return rfcomm_send_frame(s, buf, ptr - buf); 964 } 965 966 static void rfcomm_make_uih(struct sk_buff *skb, u8 addr) 967 { 968 struct rfcomm_hdr *hdr; 969 int len = skb->len; 970 u8 *crc; 971 972 if (len > 127) { 973 hdr = (void *) skb_push(skb, 4); 974 put_unaligned(htobs(__len16(len)), (u16 *) &hdr->len); 975 } else { 976 hdr = (void *) skb_push(skb, 3); 977 hdr->len = __len8(len); 978 } 979 hdr->addr = addr; 980 hdr->ctrl = __ctrl(RFCOMM_UIH, 0); 981 982 crc = skb_put(skb, 1); 983 *crc = __fcs((void *) hdr); 984 } 985 986 /* ---- RFCOMM frame reception ---- */ 987 static int rfcomm_recv_ua(struct rfcomm_session *s, u8 dlci) 988 { 989 BT_DBG("session %p state %ld dlci %d", s, s->state, dlci); 990 991 if (dlci) { 992 /* Data channel */ 993 struct rfcomm_dlc *d = rfcomm_dlc_get(s, dlci); 994 if (!d) { 995 rfcomm_send_dm(s, dlci); 996 return 0; 997 } 998 999 switch (d->state) { 1000 case BT_CONNECT: 1001 rfcomm_dlc_clear_timer(d); 1002 1003 rfcomm_dlc_lock(d); 1004 d->state = BT_CONNECTED; 1005 d->state_change(d, 0); 1006 rfcomm_dlc_unlock(d); 1007 1008 rfcomm_send_msc(s, 1, dlci, d->v24_sig); 1009 break; 1010 1011 case BT_DISCONN: 1012 d->state = BT_CLOSED; 1013 __rfcomm_dlc_close(d, 0); 1014 break; 1015 } 1016 } else { 1017 /* Control channel */ 1018 switch (s->state) { 1019 case BT_CONNECT: 1020 s->state = BT_CONNECTED; 1021 rfcomm_process_connect(s); 1022 break; 1023 } 1024 } 1025 return 0; 1026 } 1027 1028 static int rfcomm_recv_dm(struct rfcomm_session *s, u8 dlci) 1029 { 1030 int err = 0; 1031 1032 BT_DBG("session %p state %ld dlci %d", s, s->state, dlci); 1033 1034 if (dlci) { 1035 /* Data DLC */ 1036 struct rfcomm_dlc *d = rfcomm_dlc_get(s, dlci); 1037 if (d) { 1038 if (d->state == BT_CONNECT || d->state == BT_CONFIG) 1039 err = ECONNREFUSED; 1040 else 1041 err = ECONNRESET; 1042 1043 d->state = BT_CLOSED; 1044 __rfcomm_dlc_close(d, err); 1045 } 1046 } else { 1047 if (s->state == BT_CONNECT) 1048 err = ECONNREFUSED; 1049 else 1050 err = ECONNRESET; 1051 1052 s->state = BT_CLOSED; 1053 rfcomm_session_close(s, err); 1054 } 1055 return 0; 1056 } 1057 1058 static int rfcomm_recv_disc(struct rfcomm_session *s, u8 dlci) 1059 { 1060 int err = 0; 1061 1062 BT_DBG("session %p state %ld dlci %d", s, s->state, dlci); 1063 1064 if (dlci) { 1065 struct rfcomm_dlc *d = rfcomm_dlc_get(s, dlci); 1066 if (d) { 1067 rfcomm_send_ua(s, dlci); 1068 1069 if (d->state == BT_CONNECT || d->state == BT_CONFIG) 1070 err = ECONNREFUSED; 1071 else 1072 err = ECONNRESET; 1073 1074 d->state = BT_CLOSED; 1075 __rfcomm_dlc_close(d, err); 1076 } else 1077 rfcomm_send_dm(s, dlci); 1078 1079 } else { 1080 rfcomm_send_ua(s, 0); 1081 1082 if (s->state == BT_CONNECT) 1083 err = ECONNREFUSED; 1084 else 1085 err = ECONNRESET; 1086 1087 s->state = BT_CLOSED; 1088 rfcomm_session_close(s, err); 1089 } 1090 1091 return 0; 1092 } 1093 1094 static inline int rfcomm_check_link_mode(struct rfcomm_dlc *d) 1095 { 1096 struct sock *sk = d->session->sock->sk; 1097 1098 if (d->link_mode & (RFCOMM_LM_ENCRYPT | RFCOMM_LM_SECURE)) { 1099 if (!hci_conn_encrypt(l2cap_pi(sk)->conn->hcon)) 1100 return 1; 1101 } else if (d->link_mode & RFCOMM_LM_AUTH) { 1102 if (!hci_conn_auth(l2cap_pi(sk)->conn->hcon)) 1103 return 1; 1104 } 1105 1106 return 0; 1107 } 1108 1109 static void rfcomm_dlc_accept(struct rfcomm_dlc *d) 1110 { 1111 BT_DBG("dlc %p", d); 1112 1113 rfcomm_send_ua(d->session, d->dlci); 1114 1115 rfcomm_dlc_lock(d); 1116 d->state = BT_CONNECTED; 1117 d->state_change(d, 0); 1118 rfcomm_dlc_unlock(d); 1119 1120 rfcomm_send_msc(d->session, 1, d->dlci, d->v24_sig); 1121 } 1122 1123 static int rfcomm_recv_sabm(struct rfcomm_session *s, u8 dlci) 1124 { 1125 struct rfcomm_dlc *d; 1126 u8 channel; 1127 1128 BT_DBG("session %p state %ld dlci %d", s, s->state, dlci); 1129 1130 if (!dlci) { 1131 rfcomm_send_ua(s, 0); 1132 1133 if (s->state == BT_OPEN) { 1134 s->state = BT_CONNECTED; 1135 rfcomm_process_connect(s); 1136 } 1137 return 0; 1138 } 1139 1140 /* Check if DLC exists */ 1141 d = rfcomm_dlc_get(s, dlci); 1142 if (d) { 1143 if (d->state == BT_OPEN) { 1144 /* DLC was previously opened by PN request */ 1145 if (rfcomm_check_link_mode(d)) { 1146 set_bit(RFCOMM_AUTH_PENDING, &d->flags); 1147 rfcomm_dlc_set_timer(d, RFCOMM_AUTH_TIMEOUT); 1148 return 0; 1149 } 1150 1151 rfcomm_dlc_accept(d); 1152 } 1153 return 0; 1154 } 1155 1156 /* Notify socket layer about incoming connection */ 1157 channel = __srv_channel(dlci); 1158 if (rfcomm_connect_ind(s, channel, &d)) { 1159 d->dlci = dlci; 1160 d->addr = __addr(s->initiator, dlci); 1161 rfcomm_dlc_link(s, d); 1162 1163 if (rfcomm_check_link_mode(d)) { 1164 set_bit(RFCOMM_AUTH_PENDING, &d->flags); 1165 rfcomm_dlc_set_timer(d, RFCOMM_AUTH_TIMEOUT); 1166 return 0; 1167 } 1168 1169 rfcomm_dlc_accept(d); 1170 } else { 1171 rfcomm_send_dm(s, dlci); 1172 } 1173 1174 return 0; 1175 } 1176 1177 static int rfcomm_apply_pn(struct rfcomm_dlc *d, int cr, struct rfcomm_pn *pn) 1178 { 1179 struct rfcomm_session *s = d->session; 1180 1181 BT_DBG("dlc %p state %ld dlci %d mtu %d fc 0x%x credits %d", 1182 d, d->state, d->dlci, pn->mtu, pn->flow_ctrl, pn->credits); 1183 1184 if (pn->flow_ctrl == 0xf0 || pn->flow_ctrl == 0xe0) { 1185 d->cfc = s->cfc = RFCOMM_CFC_ENABLED; 1186 d->tx_credits = pn->credits; 1187 } else { 1188 d->cfc = s->cfc = RFCOMM_CFC_DISABLED; 1189 set_bit(RFCOMM_TX_THROTTLED, &d->flags); 1190 } 1191 1192 d->priority = pn->priority; 1193 1194 d->mtu = s->mtu = btohs(pn->mtu); 1195 1196 return 0; 1197 } 1198 1199 static int rfcomm_recv_pn(struct rfcomm_session *s, int cr, struct sk_buff *skb) 1200 { 1201 struct rfcomm_pn *pn = (void *) skb->data; 1202 struct rfcomm_dlc *d; 1203 u8 dlci = pn->dlci; 1204 1205 BT_DBG("session %p state %ld dlci %d", s, s->state, dlci); 1206 1207 if (!dlci) 1208 return 0; 1209 1210 d = rfcomm_dlc_get(s, dlci); 1211 if (d) { 1212 if (cr) { 1213 /* PN request */ 1214 rfcomm_apply_pn(d, cr, pn); 1215 rfcomm_send_pn(s, 0, d); 1216 } else { 1217 /* PN response */ 1218 switch (d->state) { 1219 case BT_CONFIG: 1220 rfcomm_apply_pn(d, cr, pn); 1221 1222 d->state = BT_CONNECT; 1223 rfcomm_send_sabm(s, d->dlci); 1224 break; 1225 } 1226 } 1227 } else { 1228 u8 channel = __srv_channel(dlci); 1229 1230 if (!cr) 1231 return 0; 1232 1233 /* PN request for non existing DLC. 1234 * Assume incoming connection. */ 1235 if (rfcomm_connect_ind(s, channel, &d)) { 1236 d->dlci = dlci; 1237 d->addr = __addr(s->initiator, dlci); 1238 rfcomm_dlc_link(s, d); 1239 1240 rfcomm_apply_pn(d, cr, pn); 1241 1242 d->state = BT_OPEN; 1243 rfcomm_send_pn(s, 0, d); 1244 } else { 1245 rfcomm_send_dm(s, dlci); 1246 } 1247 } 1248 return 0; 1249 } 1250 1251 static int rfcomm_recv_rpn(struct rfcomm_session *s, int cr, int len, struct sk_buff *skb) 1252 { 1253 struct rfcomm_rpn *rpn = (void *) skb->data; 1254 u8 dlci = __get_dlci(rpn->dlci); 1255 1256 u8 bit_rate = 0; 1257 u8 data_bits = 0; 1258 u8 stop_bits = 0; 1259 u8 parity = 0; 1260 u8 flow_ctrl = 0; 1261 u8 xon_char = 0; 1262 u8 xoff_char = 0; 1263 u16 rpn_mask = RFCOMM_RPN_PM_ALL; 1264 1265 BT_DBG("dlci %d cr %d len 0x%x bitr 0x%x line 0x%x flow 0x%x xonc 0x%x xoffc 0x%x pm 0x%x", 1266 dlci, cr, len, rpn->bit_rate, rpn->line_settings, rpn->flow_ctrl, 1267 rpn->xon_char, rpn->xoff_char, rpn->param_mask); 1268 1269 if (!cr) 1270 return 0; 1271 1272 if (len == 1) { 1273 /* This is a request, return default settings */ 1274 bit_rate = RFCOMM_RPN_BR_115200; 1275 data_bits = RFCOMM_RPN_DATA_8; 1276 stop_bits = RFCOMM_RPN_STOP_1; 1277 parity = RFCOMM_RPN_PARITY_NONE; 1278 flow_ctrl = RFCOMM_RPN_FLOW_NONE; 1279 xon_char = RFCOMM_RPN_XON_CHAR; 1280 xoff_char = RFCOMM_RPN_XOFF_CHAR; 1281 goto rpn_out; 1282 } 1283 1284 /* Check for sane values, ignore/accept bit_rate, 8 bits, 1 stop bit, 1285 * no parity, no flow control lines, normal XON/XOFF chars */ 1286 1287 if (rpn->param_mask & RFCOMM_RPN_PM_BITRATE) { 1288 bit_rate = rpn->bit_rate; 1289 if (bit_rate != RFCOMM_RPN_BR_115200) { 1290 BT_DBG("RPN bit rate mismatch 0x%x", bit_rate); 1291 bit_rate = RFCOMM_RPN_BR_115200; 1292 rpn_mask ^= RFCOMM_RPN_PM_BITRATE; 1293 } 1294 } 1295 1296 if (rpn->param_mask & RFCOMM_RPN_PM_DATA) { 1297 data_bits = __get_rpn_data_bits(rpn->line_settings); 1298 if (data_bits != RFCOMM_RPN_DATA_8) { 1299 BT_DBG("RPN data bits mismatch 0x%x", data_bits); 1300 data_bits = RFCOMM_RPN_DATA_8; 1301 rpn_mask ^= RFCOMM_RPN_PM_DATA; 1302 } 1303 } 1304 1305 if (rpn->param_mask & RFCOMM_RPN_PM_STOP) { 1306 stop_bits = __get_rpn_stop_bits(rpn->line_settings); 1307 if (stop_bits != RFCOMM_RPN_STOP_1) { 1308 BT_DBG("RPN stop bits mismatch 0x%x", stop_bits); 1309 stop_bits = RFCOMM_RPN_STOP_1; 1310 rpn_mask ^= RFCOMM_RPN_PM_STOP; 1311 } 1312 } 1313 1314 if (rpn->param_mask & RFCOMM_RPN_PM_PARITY) { 1315 parity = __get_rpn_parity(rpn->line_settings); 1316 if (parity != RFCOMM_RPN_PARITY_NONE) { 1317 BT_DBG("RPN parity mismatch 0x%x", parity); 1318 parity = RFCOMM_RPN_PARITY_NONE; 1319 rpn_mask ^= RFCOMM_RPN_PM_PARITY; 1320 } 1321 } 1322 1323 if (rpn->param_mask & RFCOMM_RPN_PM_FLOW) { 1324 flow_ctrl = rpn->flow_ctrl; 1325 if (flow_ctrl != RFCOMM_RPN_FLOW_NONE) { 1326 BT_DBG("RPN flow ctrl mismatch 0x%x", flow_ctrl); 1327 flow_ctrl = RFCOMM_RPN_FLOW_NONE; 1328 rpn_mask ^= RFCOMM_RPN_PM_FLOW; 1329 } 1330 } 1331 1332 if (rpn->param_mask & RFCOMM_RPN_PM_XON) { 1333 xon_char = rpn->xon_char; 1334 if (xon_char != RFCOMM_RPN_XON_CHAR) { 1335 BT_DBG("RPN XON char mismatch 0x%x", xon_char); 1336 xon_char = RFCOMM_RPN_XON_CHAR; 1337 rpn_mask ^= RFCOMM_RPN_PM_XON; 1338 } 1339 } 1340 1341 if (rpn->param_mask & RFCOMM_RPN_PM_XOFF) { 1342 xoff_char = rpn->xoff_char; 1343 if (xoff_char != RFCOMM_RPN_XOFF_CHAR) { 1344 BT_DBG("RPN XOFF char mismatch 0x%x", xoff_char); 1345 xoff_char = RFCOMM_RPN_XOFF_CHAR; 1346 rpn_mask ^= RFCOMM_RPN_PM_XOFF; 1347 } 1348 } 1349 1350 rpn_out: 1351 rfcomm_send_rpn(s, 0, dlci, bit_rate, data_bits, stop_bits, 1352 parity, flow_ctrl, xon_char, xoff_char, rpn_mask); 1353 1354 return 0; 1355 } 1356 1357 static int rfcomm_recv_rls(struct rfcomm_session *s, int cr, struct sk_buff *skb) 1358 { 1359 struct rfcomm_rls *rls = (void *) skb->data; 1360 u8 dlci = __get_dlci(rls->dlci); 1361 1362 BT_DBG("dlci %d cr %d status 0x%x", dlci, cr, rls->status); 1363 1364 if (!cr) 1365 return 0; 1366 1367 /* We should probably do something with this information here. But 1368 * for now it's sufficient just to reply -- Bluetooth 1.1 says it's 1369 * mandatory to recognise and respond to RLS */ 1370 1371 rfcomm_send_rls(s, 0, dlci, rls->status); 1372 1373 return 0; 1374 } 1375 1376 static int rfcomm_recv_msc(struct rfcomm_session *s, int cr, struct sk_buff *skb) 1377 { 1378 struct rfcomm_msc *msc = (void *) skb->data; 1379 struct rfcomm_dlc *d; 1380 u8 dlci = __get_dlci(msc->dlci); 1381 1382 BT_DBG("dlci %d cr %d v24 0x%x", dlci, cr, msc->v24_sig); 1383 1384 d = rfcomm_dlc_get(s, dlci); 1385 if (!d) 1386 return 0; 1387 1388 if (cr) { 1389 if (msc->v24_sig & RFCOMM_V24_FC && !d->cfc) 1390 set_bit(RFCOMM_TX_THROTTLED, &d->flags); 1391 else 1392 clear_bit(RFCOMM_TX_THROTTLED, &d->flags); 1393 1394 rfcomm_dlc_lock(d); 1395 if (d->modem_status) 1396 d->modem_status(d, msc->v24_sig); 1397 rfcomm_dlc_unlock(d); 1398 1399 rfcomm_send_msc(s, 0, dlci, msc->v24_sig); 1400 1401 d->mscex |= RFCOMM_MSCEX_RX; 1402 } else 1403 d->mscex |= RFCOMM_MSCEX_TX; 1404 1405 return 0; 1406 } 1407 1408 static int rfcomm_recv_mcc(struct rfcomm_session *s, struct sk_buff *skb) 1409 { 1410 struct rfcomm_mcc *mcc = (void *) skb->data; 1411 u8 type, cr, len; 1412 1413 cr = __test_cr(mcc->type); 1414 type = __get_mcc_type(mcc->type); 1415 len = __get_mcc_len(mcc->len); 1416 1417 BT_DBG("%p type 0x%x cr %d", s, type, cr); 1418 1419 skb_pull(skb, 2); 1420 1421 switch (type) { 1422 case RFCOMM_PN: 1423 rfcomm_recv_pn(s, cr, skb); 1424 break; 1425 1426 case RFCOMM_RPN: 1427 rfcomm_recv_rpn(s, cr, len, skb); 1428 break; 1429 1430 case RFCOMM_RLS: 1431 rfcomm_recv_rls(s, cr, skb); 1432 break; 1433 1434 case RFCOMM_MSC: 1435 rfcomm_recv_msc(s, cr, skb); 1436 break; 1437 1438 case RFCOMM_FCOFF: 1439 if (cr) { 1440 set_bit(RFCOMM_TX_THROTTLED, &s->flags); 1441 rfcomm_send_fcoff(s, 0); 1442 } 1443 break; 1444 1445 case RFCOMM_FCON: 1446 if (cr) { 1447 clear_bit(RFCOMM_TX_THROTTLED, &s->flags); 1448 rfcomm_send_fcon(s, 0); 1449 } 1450 break; 1451 1452 case RFCOMM_TEST: 1453 if (cr) 1454 rfcomm_send_test(s, 0, skb->data, skb->len); 1455 break; 1456 1457 case RFCOMM_NSC: 1458 break; 1459 1460 default: 1461 BT_ERR("Unknown control type 0x%02x", type); 1462 rfcomm_send_nsc(s, cr, type); 1463 break; 1464 } 1465 return 0; 1466 } 1467 1468 static int rfcomm_recv_data(struct rfcomm_session *s, u8 dlci, int pf, struct sk_buff *skb) 1469 { 1470 struct rfcomm_dlc *d; 1471 1472 BT_DBG("session %p state %ld dlci %d pf %d", s, s->state, dlci, pf); 1473 1474 d = rfcomm_dlc_get(s, dlci); 1475 if (!d) { 1476 rfcomm_send_dm(s, dlci); 1477 goto drop; 1478 } 1479 1480 if (pf && d->cfc) { 1481 u8 credits = *(u8 *) skb->data; skb_pull(skb, 1); 1482 1483 d->tx_credits += credits; 1484 if (d->tx_credits) 1485 clear_bit(RFCOMM_TX_THROTTLED, &d->flags); 1486 } 1487 1488 if (skb->len && d->state == BT_CONNECTED) { 1489 rfcomm_dlc_lock(d); 1490 d->rx_credits--; 1491 d->data_ready(d, skb); 1492 rfcomm_dlc_unlock(d); 1493 return 0; 1494 } 1495 1496 drop: 1497 kfree_skb(skb); 1498 return 0; 1499 } 1500 1501 static int rfcomm_recv_frame(struct rfcomm_session *s, struct sk_buff *skb) 1502 { 1503 struct rfcomm_hdr *hdr = (void *) skb->data; 1504 u8 type, dlci, fcs; 1505 1506 dlci = __get_dlci(hdr->addr); 1507 type = __get_type(hdr->ctrl); 1508 1509 /* Trim FCS */ 1510 skb->len--; skb->tail--; 1511 fcs = *(u8 *) skb->tail; 1512 1513 if (__check_fcs(skb->data, type, fcs)) { 1514 BT_ERR("bad checksum in packet"); 1515 kfree_skb(skb); 1516 return -EILSEQ; 1517 } 1518 1519 if (__test_ea(hdr->len)) 1520 skb_pull(skb, 3); 1521 else 1522 skb_pull(skb, 4); 1523 1524 switch (type) { 1525 case RFCOMM_SABM: 1526 if (__test_pf(hdr->ctrl)) 1527 rfcomm_recv_sabm(s, dlci); 1528 break; 1529 1530 case RFCOMM_DISC: 1531 if (__test_pf(hdr->ctrl)) 1532 rfcomm_recv_disc(s, dlci); 1533 break; 1534 1535 case RFCOMM_UA: 1536 if (__test_pf(hdr->ctrl)) 1537 rfcomm_recv_ua(s, dlci); 1538 break; 1539 1540 case RFCOMM_DM: 1541 rfcomm_recv_dm(s, dlci); 1542 break; 1543 1544 case RFCOMM_UIH: 1545 if (dlci) 1546 return rfcomm_recv_data(s, dlci, __test_pf(hdr->ctrl), skb); 1547 1548 rfcomm_recv_mcc(s, skb); 1549 break; 1550 1551 default: 1552 BT_ERR("Unknown packet type 0x%02x\n", type); 1553 break; 1554 } 1555 kfree_skb(skb); 1556 return 0; 1557 } 1558 1559 /* ---- Connection and data processing ---- */ 1560 1561 static void rfcomm_process_connect(struct rfcomm_session *s) 1562 { 1563 struct rfcomm_dlc *d; 1564 struct list_head *p, *n; 1565 1566 BT_DBG("session %p state %ld", s, s->state); 1567 1568 list_for_each_safe(p, n, &s->dlcs) { 1569 d = list_entry(p, struct rfcomm_dlc, list); 1570 if (d->state == BT_CONFIG) { 1571 d->mtu = s->mtu; 1572 rfcomm_send_pn(s, 1, d); 1573 } 1574 } 1575 } 1576 1577 /* Send data queued for the DLC. 1578 * Return number of frames left in the queue. 1579 */ 1580 static inline int rfcomm_process_tx(struct rfcomm_dlc *d) 1581 { 1582 struct sk_buff *skb; 1583 int err; 1584 1585 BT_DBG("dlc %p state %ld cfc %d rx_credits %d tx_credits %d", 1586 d, d->state, d->cfc, d->rx_credits, d->tx_credits); 1587 1588 /* Send pending MSC */ 1589 if (test_and_clear_bit(RFCOMM_MSC_PENDING, &d->flags)) 1590 rfcomm_send_msc(d->session, 1, d->dlci, d->v24_sig); 1591 1592 if (d->cfc) { 1593 /* CFC enabled. 1594 * Give them some credits */ 1595 if (!test_bit(RFCOMM_RX_THROTTLED, &d->flags) && 1596 d->rx_credits <= (d->cfc >> 2)) { 1597 rfcomm_send_credits(d->session, d->addr, d->cfc - d->rx_credits); 1598 d->rx_credits = d->cfc; 1599 } 1600 } else { 1601 /* CFC disabled. 1602 * Give ourselves some credits */ 1603 d->tx_credits = 5; 1604 } 1605 1606 if (test_bit(RFCOMM_TX_THROTTLED, &d->flags)) 1607 return skb_queue_len(&d->tx_queue); 1608 1609 while (d->tx_credits && (skb = skb_dequeue(&d->tx_queue))) { 1610 err = rfcomm_send_frame(d->session, skb->data, skb->len); 1611 if (err < 0) { 1612 skb_queue_head(&d->tx_queue, skb); 1613 break; 1614 } 1615 kfree_skb(skb); 1616 d->tx_credits--; 1617 } 1618 1619 if (d->cfc && !d->tx_credits) { 1620 /* We're out of TX credits. 1621 * Set TX_THROTTLED flag to avoid unnesary wakeups by dlc_send. */ 1622 set_bit(RFCOMM_TX_THROTTLED, &d->flags); 1623 } 1624 1625 return skb_queue_len(&d->tx_queue); 1626 } 1627 1628 static inline void rfcomm_process_dlcs(struct rfcomm_session *s) 1629 { 1630 struct rfcomm_dlc *d; 1631 struct list_head *p, *n; 1632 1633 BT_DBG("session %p state %ld", s, s->state); 1634 1635 list_for_each_safe(p, n, &s->dlcs) { 1636 d = list_entry(p, struct rfcomm_dlc, list); 1637 1638 if (test_bit(RFCOMM_TIMED_OUT, &d->flags)) { 1639 __rfcomm_dlc_close(d, ETIMEDOUT); 1640 continue; 1641 } 1642 1643 if (test_and_clear_bit(RFCOMM_AUTH_ACCEPT, &d->flags)) { 1644 rfcomm_dlc_clear_timer(d); 1645 rfcomm_dlc_accept(d); 1646 if (d->link_mode & RFCOMM_LM_SECURE) { 1647 struct sock *sk = s->sock->sk; 1648 hci_conn_change_link_key(l2cap_pi(sk)->conn->hcon); 1649 } 1650 continue; 1651 } else if (test_and_clear_bit(RFCOMM_AUTH_REJECT, &d->flags)) { 1652 rfcomm_dlc_clear_timer(d); 1653 rfcomm_send_dm(s, d->dlci); 1654 __rfcomm_dlc_close(d, ECONNREFUSED); 1655 continue; 1656 } 1657 1658 if (test_bit(RFCOMM_TX_THROTTLED, &s->flags)) 1659 continue; 1660 1661 if ((d->state == BT_CONNECTED || d->state == BT_DISCONN) && 1662 d->mscex == RFCOMM_MSCEX_OK) 1663 rfcomm_process_tx(d); 1664 } 1665 } 1666 1667 static inline void rfcomm_process_rx(struct rfcomm_session *s) 1668 { 1669 struct socket *sock = s->sock; 1670 struct sock *sk = sock->sk; 1671 struct sk_buff *skb; 1672 1673 BT_DBG("session %p state %ld qlen %d", s, s->state, skb_queue_len(&sk->sk_receive_queue)); 1674 1675 /* Get data directly from socket receive queue without copying it. */ 1676 while ((skb = skb_dequeue(&sk->sk_receive_queue))) { 1677 skb_orphan(skb); 1678 rfcomm_recv_frame(s, skb); 1679 } 1680 1681 if (sk->sk_state == BT_CLOSED) { 1682 if (!s->initiator) 1683 rfcomm_session_put(s); 1684 1685 rfcomm_session_close(s, sk->sk_err); 1686 } 1687 } 1688 1689 static inline void rfcomm_accept_connection(struct rfcomm_session *s) 1690 { 1691 struct socket *sock = s->sock, *nsock; 1692 int err; 1693 1694 /* Fast check for a new connection. 1695 * Avoids unnesesary socket allocations. */ 1696 if (list_empty(&bt_sk(sock->sk)->accept_q)) 1697 return; 1698 1699 BT_DBG("session %p", s); 1700 1701 if (sock_create_lite(PF_BLUETOOTH, sock->type, BTPROTO_L2CAP, &nsock)) 1702 return; 1703 1704 nsock->ops = sock->ops; 1705 1706 __module_get(nsock->ops->owner); 1707 1708 err = sock->ops->accept(sock, nsock, O_NONBLOCK); 1709 if (err < 0) { 1710 sock_release(nsock); 1711 return; 1712 } 1713 1714 /* Set our callbacks */ 1715 nsock->sk->sk_data_ready = rfcomm_l2data_ready; 1716 nsock->sk->sk_state_change = rfcomm_l2state_change; 1717 1718 s = rfcomm_session_add(nsock, BT_OPEN); 1719 if (s) { 1720 rfcomm_session_hold(s); 1721 rfcomm_schedule(RFCOMM_SCHED_RX); 1722 } else 1723 sock_release(nsock); 1724 } 1725 1726 static inline void rfcomm_check_connection(struct rfcomm_session *s) 1727 { 1728 struct sock *sk = s->sock->sk; 1729 1730 BT_DBG("%p state %ld", s, s->state); 1731 1732 switch(sk->sk_state) { 1733 case BT_CONNECTED: 1734 s->state = BT_CONNECT; 1735 1736 /* We can adjust MTU on outgoing sessions. 1737 * L2CAP MTU minus UIH header and FCS. */ 1738 s->mtu = min(l2cap_pi(sk)->omtu, l2cap_pi(sk)->imtu) - 5; 1739 1740 rfcomm_send_sabm(s, 0); 1741 break; 1742 1743 case BT_CLOSED: 1744 s->state = BT_CLOSED; 1745 rfcomm_session_close(s, sk->sk_err); 1746 break; 1747 } 1748 } 1749 1750 static inline void rfcomm_process_sessions(void) 1751 { 1752 struct list_head *p, *n; 1753 1754 rfcomm_lock(); 1755 1756 list_for_each_safe(p, n, &session_list) { 1757 struct rfcomm_session *s; 1758 s = list_entry(p, struct rfcomm_session, list); 1759 1760 if (s->state == BT_LISTEN) { 1761 rfcomm_accept_connection(s); 1762 continue; 1763 } 1764 1765 rfcomm_session_hold(s); 1766 1767 switch (s->state) { 1768 case BT_BOUND: 1769 rfcomm_check_connection(s); 1770 break; 1771 1772 default: 1773 rfcomm_process_rx(s); 1774 break; 1775 } 1776 1777 rfcomm_process_dlcs(s); 1778 1779 rfcomm_session_put(s); 1780 } 1781 1782 rfcomm_unlock(); 1783 } 1784 1785 static void rfcomm_worker(void) 1786 { 1787 BT_DBG(""); 1788 1789 while (!atomic_read(&terminate)) { 1790 if (!test_bit(RFCOMM_SCHED_WAKEUP, &rfcomm_event)) { 1791 /* No pending events. Let's sleep. 1792 * Incoming connections and data will wake us up. */ 1793 set_current_state(TASK_INTERRUPTIBLE); 1794 schedule(); 1795 } 1796 1797 /* Process stuff */ 1798 clear_bit(RFCOMM_SCHED_WAKEUP, &rfcomm_event); 1799 rfcomm_process_sessions(); 1800 } 1801 set_current_state(TASK_RUNNING); 1802 return; 1803 } 1804 1805 static int rfcomm_add_listener(bdaddr_t *ba) 1806 { 1807 struct sockaddr_l2 addr; 1808 struct socket *sock; 1809 struct sock *sk; 1810 struct rfcomm_session *s; 1811 int err = 0; 1812 1813 /* Create socket */ 1814 err = rfcomm_l2sock_create(&sock); 1815 if (err < 0) { 1816 BT_ERR("Create socket failed %d", err); 1817 return err; 1818 } 1819 1820 /* Bind socket */ 1821 bacpy(&addr.l2_bdaddr, ba); 1822 addr.l2_family = AF_BLUETOOTH; 1823 addr.l2_psm = htobs(RFCOMM_PSM); 1824 err = sock->ops->bind(sock, (struct sockaddr *) &addr, sizeof(addr)); 1825 if (err < 0) { 1826 BT_ERR("Bind failed %d", err); 1827 goto failed; 1828 } 1829 1830 /* Set L2CAP options */ 1831 sk = sock->sk; 1832 lock_sock(sk); 1833 l2cap_pi(sk)->imtu = RFCOMM_MAX_L2CAP_MTU; 1834 release_sock(sk); 1835 1836 /* Start listening on the socket */ 1837 err = sock->ops->listen(sock, 10); 1838 if (err) { 1839 BT_ERR("Listen failed %d", err); 1840 goto failed; 1841 } 1842 1843 /* Add listening session */ 1844 s = rfcomm_session_add(sock, BT_LISTEN); 1845 if (!s) 1846 goto failed; 1847 1848 rfcomm_session_hold(s); 1849 return 0; 1850 failed: 1851 sock_release(sock); 1852 return err; 1853 } 1854 1855 static void rfcomm_kill_listener(void) 1856 { 1857 struct rfcomm_session *s; 1858 struct list_head *p, *n; 1859 1860 BT_DBG(""); 1861 1862 list_for_each_safe(p, n, &session_list) { 1863 s = list_entry(p, struct rfcomm_session, list); 1864 rfcomm_session_del(s); 1865 } 1866 } 1867 1868 static int rfcomm_run(void *unused) 1869 { 1870 rfcomm_thread = current; 1871 1872 atomic_inc(&running); 1873 1874 daemonize("krfcommd"); 1875 set_user_nice(current, -10); 1876 current->flags |= PF_NOFREEZE; 1877 1878 BT_DBG(""); 1879 1880 rfcomm_add_listener(BDADDR_ANY); 1881 1882 rfcomm_worker(); 1883 1884 rfcomm_kill_listener(); 1885 1886 atomic_dec(&running); 1887 return 0; 1888 } 1889 1890 static void rfcomm_auth_cfm(struct hci_conn *conn, u8 status) 1891 { 1892 struct rfcomm_session *s; 1893 struct rfcomm_dlc *d; 1894 struct list_head *p, *n; 1895 1896 BT_DBG("conn %p status 0x%02x", conn, status); 1897 1898 s = rfcomm_session_get(&conn->hdev->bdaddr, &conn->dst); 1899 if (!s) 1900 return; 1901 1902 rfcomm_session_hold(s); 1903 1904 list_for_each_safe(p, n, &s->dlcs) { 1905 d = list_entry(p, struct rfcomm_dlc, list); 1906 1907 if (d->link_mode & (RFCOMM_LM_ENCRYPT | RFCOMM_LM_SECURE)) 1908 continue; 1909 1910 if (!test_and_clear_bit(RFCOMM_AUTH_PENDING, &d->flags)) 1911 continue; 1912 1913 if (!status) 1914 set_bit(RFCOMM_AUTH_ACCEPT, &d->flags); 1915 else 1916 set_bit(RFCOMM_AUTH_REJECT, &d->flags); 1917 } 1918 1919 rfcomm_session_put(s); 1920 1921 rfcomm_schedule(RFCOMM_SCHED_AUTH); 1922 } 1923 1924 static void rfcomm_encrypt_cfm(struct hci_conn *conn, u8 status, u8 encrypt) 1925 { 1926 struct rfcomm_session *s; 1927 struct rfcomm_dlc *d; 1928 struct list_head *p, *n; 1929 1930 BT_DBG("conn %p status 0x%02x encrypt 0x%02x", conn, status, encrypt); 1931 1932 s = rfcomm_session_get(&conn->hdev->bdaddr, &conn->dst); 1933 if (!s) 1934 return; 1935 1936 rfcomm_session_hold(s); 1937 1938 list_for_each_safe(p, n, &s->dlcs) { 1939 d = list_entry(p, struct rfcomm_dlc, list); 1940 1941 if (!test_and_clear_bit(RFCOMM_AUTH_PENDING, &d->flags)) 1942 continue; 1943 1944 if (!status && encrypt) 1945 set_bit(RFCOMM_AUTH_ACCEPT, &d->flags); 1946 else 1947 set_bit(RFCOMM_AUTH_REJECT, &d->flags); 1948 } 1949 1950 rfcomm_session_put(s); 1951 1952 rfcomm_schedule(RFCOMM_SCHED_AUTH); 1953 } 1954 1955 static struct hci_cb rfcomm_cb = { 1956 .name = "RFCOMM", 1957 .auth_cfm = rfcomm_auth_cfm, 1958 .encrypt_cfm = rfcomm_encrypt_cfm 1959 }; 1960 1961 /* ---- Proc fs support ---- */ 1962 #ifdef CONFIG_PROC_FS 1963 static void *rfcomm_seq_start(struct seq_file *seq, loff_t *pos) 1964 { 1965 struct rfcomm_session *s; 1966 struct list_head *pp, *p; 1967 loff_t l = *pos; 1968 1969 rfcomm_lock(); 1970 1971 list_for_each(p, &session_list) { 1972 s = list_entry(p, struct rfcomm_session, list); 1973 list_for_each(pp, &s->dlcs) 1974 if (!l--) { 1975 seq->private = s; 1976 return pp; 1977 } 1978 } 1979 return NULL; 1980 } 1981 1982 static void *rfcomm_seq_next(struct seq_file *seq, void *e, loff_t *pos) 1983 { 1984 struct rfcomm_session *s = seq->private; 1985 struct list_head *pp, *p = e; 1986 (*pos)++; 1987 1988 if (p->next != &s->dlcs) 1989 return p->next; 1990 1991 list_for_each(p, &session_list) { 1992 s = list_entry(p, struct rfcomm_session, list); 1993 __list_for_each(pp, &s->dlcs) { 1994 seq->private = s; 1995 return pp; 1996 } 1997 } 1998 return NULL; 1999 } 2000 2001 static void rfcomm_seq_stop(struct seq_file *seq, void *e) 2002 { 2003 rfcomm_unlock(); 2004 } 2005 2006 static int rfcomm_seq_show(struct seq_file *seq, void *e) 2007 { 2008 struct rfcomm_session *s = seq->private; 2009 struct sock *sk = s->sock->sk; 2010 struct rfcomm_dlc *d = list_entry(e, struct rfcomm_dlc, list); 2011 2012 seq_printf(seq, "%s %s %ld %d %d %d %d\n", 2013 batostr(&bt_sk(sk)->src), batostr(&bt_sk(sk)->dst), 2014 d->state, d->dlci, d->mtu, d->rx_credits, d->tx_credits); 2015 return 0; 2016 } 2017 2018 static struct seq_operations rfcomm_seq_ops = { 2019 .start = rfcomm_seq_start, 2020 .next = rfcomm_seq_next, 2021 .stop = rfcomm_seq_stop, 2022 .show = rfcomm_seq_show 2023 }; 2024 2025 static int rfcomm_seq_open(struct inode *inode, struct file *file) 2026 { 2027 return seq_open(file, &rfcomm_seq_ops); 2028 } 2029 2030 static struct file_operations rfcomm_seq_fops = { 2031 .owner = THIS_MODULE, 2032 .open = rfcomm_seq_open, 2033 .read = seq_read, 2034 .llseek = seq_lseek, 2035 .release = seq_release, 2036 }; 2037 2038 static int __init rfcomm_proc_init(void) 2039 { 2040 struct proc_dir_entry *p; 2041 2042 proc_bt_rfcomm = proc_mkdir("rfcomm", proc_bt); 2043 if (proc_bt_rfcomm) { 2044 proc_bt_rfcomm->owner = THIS_MODULE; 2045 2046 p = create_proc_entry("dlc", S_IRUGO, proc_bt_rfcomm); 2047 if (p) 2048 p->proc_fops = &rfcomm_seq_fops; 2049 } 2050 return 0; 2051 } 2052 2053 static void __exit rfcomm_proc_cleanup(void) 2054 { 2055 remove_proc_entry("dlc", proc_bt_rfcomm); 2056 2057 remove_proc_entry("rfcomm", proc_bt); 2058 } 2059 2060 #else /* CONFIG_PROC_FS */ 2061 2062 static int __init rfcomm_proc_init(void) 2063 { 2064 return 0; 2065 } 2066 2067 static void __exit rfcomm_proc_cleanup(void) 2068 { 2069 return; 2070 } 2071 #endif /* CONFIG_PROC_FS */ 2072 2073 /* ---- Initialization ---- */ 2074 static int __init rfcomm_init(void) 2075 { 2076 l2cap_load(); 2077 2078 hci_register_cb(&rfcomm_cb); 2079 2080 kernel_thread(rfcomm_run, NULL, CLONE_KERNEL); 2081 2082 BT_INFO("RFCOMM ver %s", VERSION); 2083 2084 rfcomm_proc_init(); 2085 2086 rfcomm_init_sockets(); 2087 2088 #ifdef CONFIG_BT_RFCOMM_TTY 2089 rfcomm_init_ttys(); 2090 #endif 2091 2092 return 0; 2093 } 2094 2095 static void __exit rfcomm_exit(void) 2096 { 2097 hci_unregister_cb(&rfcomm_cb); 2098 2099 /* Terminate working thread. 2100 * ie. Set terminate flag and wake it up */ 2101 atomic_inc(&terminate); 2102 rfcomm_schedule(RFCOMM_SCHED_STATE); 2103 2104 /* Wait until thread is running */ 2105 while (atomic_read(&running)) 2106 schedule(); 2107 2108 #ifdef CONFIG_BT_RFCOMM_TTY 2109 rfcomm_cleanup_ttys(); 2110 #endif 2111 2112 rfcomm_cleanup_sockets(); 2113 2114 rfcomm_proc_cleanup(); 2115 } 2116 2117 module_init(rfcomm_init); 2118 module_exit(rfcomm_exit); 2119 2120 MODULE_AUTHOR("Maxim Krasnyansky <maxk@qualcomm.com>, Marcel Holtmann <marcel@holtmann.org>"); 2121 MODULE_DESCRIPTION("Bluetooth RFCOMM ver " VERSION); 2122 MODULE_VERSION(VERSION); 2123 MODULE_LICENSE("GPL"); 2124 MODULE_ALIAS("bt-proto-3"); 2125