1 /* 2 RFCOMM implementation for Linux Bluetooth stack (BlueZ). 3 Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com> 4 Copyright (C) 2002 Marcel Holtmann <marcel@holtmann.org> 5 6 This program is free software; you can redistribute it and/or modify 7 it under the terms of the GNU General Public License version 2 as 8 published by the Free Software Foundation; 9 10 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS 11 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 12 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. 13 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY 14 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES 15 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 19 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, 20 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS 21 SOFTWARE IS DISCLAIMED. 22 */ 23 24 /* 25 * RFCOMM TTY. 26 * 27 * $Id: tty.c,v 1.24 2002/10/03 01:54:38 holtmann Exp $ 28 */ 29 30 #include <linux/module.h> 31 32 #include <linux/tty.h> 33 #include <linux/tty_driver.h> 34 #include <linux/tty_flip.h> 35 36 #include <linux/capability.h> 37 #include <linux/slab.h> 38 #include <linux/skbuff.h> 39 40 #include <net/bluetooth/bluetooth.h> 41 #include <net/bluetooth/rfcomm.h> 42 43 #ifndef CONFIG_BT_RFCOMM_DEBUG 44 #undef BT_DBG 45 #define BT_DBG(D...) 46 #endif 47 48 #define RFCOMM_TTY_MAGIC 0x6d02 /* magic number for rfcomm struct */ 49 #define RFCOMM_TTY_PORTS RFCOMM_MAX_DEV /* whole lotta rfcomm devices */ 50 #define RFCOMM_TTY_MAJOR 216 /* device node major id of the usb/bluetooth.c driver */ 51 #define RFCOMM_TTY_MINOR 0 52 53 static struct tty_driver *rfcomm_tty_driver; 54 55 struct rfcomm_dev { 56 struct list_head list; 57 atomic_t refcnt; 58 59 char name[12]; 60 int id; 61 unsigned long flags; 62 int opened; 63 int err; 64 65 bdaddr_t src; 66 bdaddr_t dst; 67 u8 channel; 68 69 uint modem_status; 70 71 struct rfcomm_dlc *dlc; 72 struct tty_struct *tty; 73 wait_queue_head_t wait; 74 struct tasklet_struct wakeup_task; 75 76 atomic_t wmem_alloc; 77 }; 78 79 static LIST_HEAD(rfcomm_dev_list); 80 static DEFINE_RWLOCK(rfcomm_dev_lock); 81 82 static void rfcomm_dev_data_ready(struct rfcomm_dlc *dlc, struct sk_buff *skb); 83 static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err); 84 static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig); 85 86 static void rfcomm_tty_wakeup(unsigned long arg); 87 88 /* ---- Device functions ---- */ 89 static void rfcomm_dev_destruct(struct rfcomm_dev *dev) 90 { 91 struct rfcomm_dlc *dlc = dev->dlc; 92 93 BT_DBG("dev %p dlc %p", dev, dlc); 94 95 rfcomm_dlc_lock(dlc); 96 /* Detach DLC if it's owned by this dev */ 97 if (dlc->owner == dev) 98 dlc->owner = NULL; 99 rfcomm_dlc_unlock(dlc); 100 101 rfcomm_dlc_put(dlc); 102 103 tty_unregister_device(rfcomm_tty_driver, dev->id); 104 105 /* Refcount should only hit zero when called from rfcomm_dev_del() 106 which will have taken us off the list. Everything else are 107 refcounting bugs. */ 108 BUG_ON(!list_empty(&dev->list)); 109 110 kfree(dev); 111 112 /* It's safe to call module_put() here because socket still 113 holds reference to this module. */ 114 module_put(THIS_MODULE); 115 } 116 117 static inline void rfcomm_dev_hold(struct rfcomm_dev *dev) 118 { 119 atomic_inc(&dev->refcnt); 120 } 121 122 static inline void rfcomm_dev_put(struct rfcomm_dev *dev) 123 { 124 /* The reason this isn't actually a race, as you no 125 doubt have a little voice screaming at you in your 126 head, is that the refcount should never actually 127 reach zero unless the device has already been taken 128 off the list, in rfcomm_dev_del(). And if that's not 129 true, we'll hit the BUG() in rfcomm_dev_destruct() 130 anyway. */ 131 if (atomic_dec_and_test(&dev->refcnt)) 132 rfcomm_dev_destruct(dev); 133 } 134 135 static struct rfcomm_dev *__rfcomm_dev_get(int id) 136 { 137 struct rfcomm_dev *dev; 138 struct list_head *p; 139 140 list_for_each(p, &rfcomm_dev_list) { 141 dev = list_entry(p, struct rfcomm_dev, list); 142 if (dev->id == id) 143 return dev; 144 } 145 146 return NULL; 147 } 148 149 static inline struct rfcomm_dev *rfcomm_dev_get(int id) 150 { 151 struct rfcomm_dev *dev; 152 153 read_lock(&rfcomm_dev_lock); 154 155 dev = __rfcomm_dev_get(id); 156 if (dev) 157 rfcomm_dev_hold(dev); 158 159 read_unlock(&rfcomm_dev_lock); 160 161 return dev; 162 } 163 164 static int rfcomm_dev_add(struct rfcomm_dev_req *req, struct rfcomm_dlc *dlc) 165 { 166 struct rfcomm_dev *dev; 167 struct list_head *head = &rfcomm_dev_list, *p; 168 int err = 0; 169 170 BT_DBG("id %d channel %d", req->dev_id, req->channel); 171 172 dev = kmalloc(sizeof(struct rfcomm_dev), GFP_KERNEL); 173 if (!dev) 174 return -ENOMEM; 175 memset(dev, 0, sizeof(struct rfcomm_dev)); 176 177 write_lock_bh(&rfcomm_dev_lock); 178 179 if (req->dev_id < 0) { 180 dev->id = 0; 181 182 list_for_each(p, &rfcomm_dev_list) { 183 if (list_entry(p, struct rfcomm_dev, list)->id != dev->id) 184 break; 185 186 dev->id++; 187 head = p; 188 } 189 } else { 190 dev->id = req->dev_id; 191 192 list_for_each(p, &rfcomm_dev_list) { 193 struct rfcomm_dev *entry = list_entry(p, struct rfcomm_dev, list); 194 195 if (entry->id == dev->id) { 196 err = -EADDRINUSE; 197 goto out; 198 } 199 200 if (entry->id > dev->id - 1) 201 break; 202 203 head = p; 204 } 205 } 206 207 if ((dev->id < 0) || (dev->id > RFCOMM_MAX_DEV - 1)) { 208 err = -ENFILE; 209 goto out; 210 } 211 212 sprintf(dev->name, "rfcomm%d", dev->id); 213 214 list_add(&dev->list, head); 215 atomic_set(&dev->refcnt, 1); 216 217 bacpy(&dev->src, &req->src); 218 bacpy(&dev->dst, &req->dst); 219 dev->channel = req->channel; 220 221 dev->flags = req->flags & 222 ((1 << RFCOMM_RELEASE_ONHUP) | (1 << RFCOMM_REUSE_DLC)); 223 224 init_waitqueue_head(&dev->wait); 225 tasklet_init(&dev->wakeup_task, rfcomm_tty_wakeup, (unsigned long) dev); 226 227 rfcomm_dlc_lock(dlc); 228 dlc->data_ready = rfcomm_dev_data_ready; 229 dlc->state_change = rfcomm_dev_state_change; 230 dlc->modem_status = rfcomm_dev_modem_status; 231 232 dlc->owner = dev; 233 dev->dlc = dlc; 234 rfcomm_dlc_unlock(dlc); 235 236 /* It's safe to call __module_get() here because socket already 237 holds reference to this module. */ 238 __module_get(THIS_MODULE); 239 240 out: 241 write_unlock_bh(&rfcomm_dev_lock); 242 243 if (err) { 244 kfree(dev); 245 return err; 246 } 247 248 tty_register_device(rfcomm_tty_driver, dev->id, NULL); 249 250 return dev->id; 251 } 252 253 static void rfcomm_dev_del(struct rfcomm_dev *dev) 254 { 255 BT_DBG("dev %p", dev); 256 257 write_lock_bh(&rfcomm_dev_lock); 258 list_del_init(&dev->list); 259 write_unlock_bh(&rfcomm_dev_lock); 260 261 rfcomm_dev_put(dev); 262 } 263 264 /* ---- Send buffer ---- */ 265 static inline unsigned int rfcomm_room(struct rfcomm_dlc *dlc) 266 { 267 /* We can't let it be zero, because we don't get a callback 268 when tx_credits becomes nonzero, hence we'd never wake up */ 269 return dlc->mtu * (dlc->tx_credits?:1); 270 } 271 272 static void rfcomm_wfree(struct sk_buff *skb) 273 { 274 struct rfcomm_dev *dev = (void *) skb->sk; 275 atomic_sub(skb->truesize, &dev->wmem_alloc); 276 if (test_bit(RFCOMM_TTY_ATTACHED, &dev->flags)) 277 tasklet_schedule(&dev->wakeup_task); 278 rfcomm_dev_put(dev); 279 } 280 281 static inline void rfcomm_set_owner_w(struct sk_buff *skb, struct rfcomm_dev *dev) 282 { 283 rfcomm_dev_hold(dev); 284 atomic_add(skb->truesize, &dev->wmem_alloc); 285 skb->sk = (void *) dev; 286 skb->destructor = rfcomm_wfree; 287 } 288 289 static struct sk_buff *rfcomm_wmalloc(struct rfcomm_dev *dev, unsigned long size, gfp_t priority) 290 { 291 if (atomic_read(&dev->wmem_alloc) < rfcomm_room(dev->dlc)) { 292 struct sk_buff *skb = alloc_skb(size, priority); 293 if (skb) { 294 rfcomm_set_owner_w(skb, dev); 295 return skb; 296 } 297 } 298 return NULL; 299 } 300 301 /* ---- Device IOCTLs ---- */ 302 303 #define NOCAP_FLAGS ((1 << RFCOMM_REUSE_DLC) | (1 << RFCOMM_RELEASE_ONHUP)) 304 305 static int rfcomm_create_dev(struct sock *sk, void __user *arg) 306 { 307 struct rfcomm_dev_req req; 308 struct rfcomm_dlc *dlc; 309 int id; 310 311 if (copy_from_user(&req, arg, sizeof(req))) 312 return -EFAULT; 313 314 BT_DBG("sk %p dev_id %id flags 0x%x", sk, req.dev_id, req.flags); 315 316 if (req.flags != NOCAP_FLAGS && !capable(CAP_NET_ADMIN)) 317 return -EPERM; 318 319 if (req.flags & (1 << RFCOMM_REUSE_DLC)) { 320 /* Socket must be connected */ 321 if (sk->sk_state != BT_CONNECTED) 322 return -EBADFD; 323 324 dlc = rfcomm_pi(sk)->dlc; 325 rfcomm_dlc_hold(dlc); 326 } else { 327 dlc = rfcomm_dlc_alloc(GFP_KERNEL); 328 if (!dlc) 329 return -ENOMEM; 330 } 331 332 id = rfcomm_dev_add(&req, dlc); 333 if (id < 0) { 334 rfcomm_dlc_put(dlc); 335 return id; 336 } 337 338 if (req.flags & (1 << RFCOMM_REUSE_DLC)) { 339 /* DLC is now used by device. 340 * Socket must be disconnected */ 341 sk->sk_state = BT_CLOSED; 342 } 343 344 return id; 345 } 346 347 static int rfcomm_release_dev(void __user *arg) 348 { 349 struct rfcomm_dev_req req; 350 struct rfcomm_dev *dev; 351 352 if (copy_from_user(&req, arg, sizeof(req))) 353 return -EFAULT; 354 355 BT_DBG("dev_id %id flags 0x%x", req.dev_id, req.flags); 356 357 if (!(dev = rfcomm_dev_get(req.dev_id))) 358 return -ENODEV; 359 360 if (dev->flags != NOCAP_FLAGS && !capable(CAP_NET_ADMIN)) { 361 rfcomm_dev_put(dev); 362 return -EPERM; 363 } 364 365 if (req.flags & (1 << RFCOMM_HANGUP_NOW)) 366 rfcomm_dlc_close(dev->dlc, 0); 367 368 rfcomm_dev_del(dev); 369 rfcomm_dev_put(dev); 370 return 0; 371 } 372 373 static int rfcomm_get_dev_list(void __user *arg) 374 { 375 struct rfcomm_dev_list_req *dl; 376 struct rfcomm_dev_info *di; 377 struct list_head *p; 378 int n = 0, size, err; 379 u16 dev_num; 380 381 BT_DBG(""); 382 383 if (get_user(dev_num, (u16 __user *) arg)) 384 return -EFAULT; 385 386 if (!dev_num || dev_num > (PAGE_SIZE * 4) / sizeof(*di)) 387 return -EINVAL; 388 389 size = sizeof(*dl) + dev_num * sizeof(*di); 390 391 if (!(dl = kmalloc(size, GFP_KERNEL))) 392 return -ENOMEM; 393 394 di = dl->dev_info; 395 396 read_lock_bh(&rfcomm_dev_lock); 397 398 list_for_each(p, &rfcomm_dev_list) { 399 struct rfcomm_dev *dev = list_entry(p, struct rfcomm_dev, list); 400 (di + n)->id = dev->id; 401 (di + n)->flags = dev->flags; 402 (di + n)->state = dev->dlc->state; 403 (di + n)->channel = dev->channel; 404 bacpy(&(di + n)->src, &dev->src); 405 bacpy(&(di + n)->dst, &dev->dst); 406 if (++n >= dev_num) 407 break; 408 } 409 410 read_unlock_bh(&rfcomm_dev_lock); 411 412 dl->dev_num = n; 413 size = sizeof(*dl) + n * sizeof(*di); 414 415 err = copy_to_user(arg, dl, size); 416 kfree(dl); 417 418 return err ? -EFAULT : 0; 419 } 420 421 static int rfcomm_get_dev_info(void __user *arg) 422 { 423 struct rfcomm_dev *dev; 424 struct rfcomm_dev_info di; 425 int err = 0; 426 427 BT_DBG(""); 428 429 if (copy_from_user(&di, arg, sizeof(di))) 430 return -EFAULT; 431 432 if (!(dev = rfcomm_dev_get(di.id))) 433 return -ENODEV; 434 435 di.flags = dev->flags; 436 di.channel = dev->channel; 437 di.state = dev->dlc->state; 438 bacpy(&di.src, &dev->src); 439 bacpy(&di.dst, &dev->dst); 440 441 if (copy_to_user(arg, &di, sizeof(di))) 442 err = -EFAULT; 443 444 rfcomm_dev_put(dev); 445 return err; 446 } 447 448 int rfcomm_dev_ioctl(struct sock *sk, unsigned int cmd, void __user *arg) 449 { 450 BT_DBG("cmd %d arg %p", cmd, arg); 451 452 switch (cmd) { 453 case RFCOMMCREATEDEV: 454 return rfcomm_create_dev(sk, arg); 455 456 case RFCOMMRELEASEDEV: 457 return rfcomm_release_dev(arg); 458 459 case RFCOMMGETDEVLIST: 460 return rfcomm_get_dev_list(arg); 461 462 case RFCOMMGETDEVINFO: 463 return rfcomm_get_dev_info(arg); 464 } 465 466 return -EINVAL; 467 } 468 469 /* ---- DLC callbacks ---- */ 470 static void rfcomm_dev_data_ready(struct rfcomm_dlc *dlc, struct sk_buff *skb) 471 { 472 struct rfcomm_dev *dev = dlc->owner; 473 struct tty_struct *tty; 474 475 if (!dev || !(tty = dev->tty)) { 476 kfree_skb(skb); 477 return; 478 } 479 480 BT_DBG("dlc %p tty %p len %d", dlc, tty, skb->len); 481 482 tty_insert_flip_string(tty, skb->data, skb->len); 483 tty_flip_buffer_push(tty); 484 485 kfree_skb(skb); 486 } 487 488 static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err) 489 { 490 struct rfcomm_dev *dev = dlc->owner; 491 if (!dev) 492 return; 493 494 BT_DBG("dlc %p dev %p err %d", dlc, dev, err); 495 496 dev->err = err; 497 wake_up_interruptible(&dev->wait); 498 499 if (dlc->state == BT_CLOSED) { 500 if (!dev->tty) { 501 if (test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags)) { 502 rfcomm_dev_hold(dev); 503 rfcomm_dev_del(dev); 504 505 /* We have to drop DLC lock here, otherwise 506 rfcomm_dev_put() will dead lock if it's 507 the last reference. */ 508 rfcomm_dlc_unlock(dlc); 509 rfcomm_dev_put(dev); 510 rfcomm_dlc_lock(dlc); 511 } 512 } else 513 tty_hangup(dev->tty); 514 } 515 } 516 517 static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig) 518 { 519 struct rfcomm_dev *dev = dlc->owner; 520 if (!dev) 521 return; 522 523 BT_DBG("dlc %p dev %p v24_sig 0x%02x", dlc, dev, v24_sig); 524 525 if ((dev->modem_status & TIOCM_CD) && !(v24_sig & RFCOMM_V24_DV)) { 526 if (dev->tty && !C_CLOCAL(dev->tty)) 527 tty_hangup(dev->tty); 528 } 529 530 dev->modem_status = 531 ((v24_sig & RFCOMM_V24_RTC) ? (TIOCM_DSR | TIOCM_DTR) : 0) | 532 ((v24_sig & RFCOMM_V24_RTR) ? (TIOCM_RTS | TIOCM_CTS) : 0) | 533 ((v24_sig & RFCOMM_V24_IC) ? TIOCM_RI : 0) | 534 ((v24_sig & RFCOMM_V24_DV) ? TIOCM_CD : 0); 535 } 536 537 /* ---- TTY functions ---- */ 538 static void rfcomm_tty_wakeup(unsigned long arg) 539 { 540 struct rfcomm_dev *dev = (void *) arg; 541 struct tty_struct *tty = dev->tty; 542 if (!tty) 543 return; 544 545 BT_DBG("dev %p tty %p", dev, tty); 546 547 if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags) && tty->ldisc.write_wakeup) 548 (tty->ldisc.write_wakeup)(tty); 549 550 wake_up_interruptible(&tty->write_wait); 551 #ifdef SERIAL_HAVE_POLL_WAIT 552 wake_up_interruptible(&tty->poll_wait); 553 #endif 554 } 555 556 static int rfcomm_tty_open(struct tty_struct *tty, struct file *filp) 557 { 558 DECLARE_WAITQUEUE(wait, current); 559 struct rfcomm_dev *dev; 560 struct rfcomm_dlc *dlc; 561 int err, id; 562 563 id = tty->index; 564 565 BT_DBG("tty %p id %d", tty, id); 566 567 /* We don't leak this refcount. For reasons which are not entirely 568 clear, the TTY layer will call our ->close() method even if the 569 open fails. We decrease the refcount there, and decreasing it 570 here too would cause breakage. */ 571 dev = rfcomm_dev_get(id); 572 if (!dev) 573 return -ENODEV; 574 575 BT_DBG("dev %p dst %s channel %d opened %d", dev, batostr(&dev->dst), dev->channel, dev->opened); 576 577 if (dev->opened++ != 0) 578 return 0; 579 580 dlc = dev->dlc; 581 582 /* Attach TTY and open DLC */ 583 584 rfcomm_dlc_lock(dlc); 585 tty->driver_data = dev; 586 dev->tty = tty; 587 rfcomm_dlc_unlock(dlc); 588 set_bit(RFCOMM_TTY_ATTACHED, &dev->flags); 589 590 err = rfcomm_dlc_open(dlc, &dev->src, &dev->dst, dev->channel); 591 if (err < 0) 592 return err; 593 594 /* Wait for DLC to connect */ 595 add_wait_queue(&dev->wait, &wait); 596 while (1) { 597 set_current_state(TASK_INTERRUPTIBLE); 598 599 if (dlc->state == BT_CLOSED) { 600 err = -dev->err; 601 break; 602 } 603 604 if (dlc->state == BT_CONNECTED) 605 break; 606 607 if (signal_pending(current)) { 608 err = -EINTR; 609 break; 610 } 611 612 schedule(); 613 } 614 set_current_state(TASK_RUNNING); 615 remove_wait_queue(&dev->wait, &wait); 616 617 return err; 618 } 619 620 static void rfcomm_tty_close(struct tty_struct *tty, struct file *filp) 621 { 622 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 623 if (!dev) 624 return; 625 626 BT_DBG("tty %p dev %p dlc %p opened %d", tty, dev, dev->dlc, dev->opened); 627 628 if (--dev->opened == 0) { 629 /* Close DLC and dettach TTY */ 630 rfcomm_dlc_close(dev->dlc, 0); 631 632 clear_bit(RFCOMM_TTY_ATTACHED, &dev->flags); 633 tasklet_kill(&dev->wakeup_task); 634 635 rfcomm_dlc_lock(dev->dlc); 636 tty->driver_data = NULL; 637 dev->tty = NULL; 638 rfcomm_dlc_unlock(dev->dlc); 639 } 640 641 rfcomm_dev_put(dev); 642 } 643 644 static int rfcomm_tty_write(struct tty_struct *tty, const unsigned char *buf, int count) 645 { 646 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 647 struct rfcomm_dlc *dlc = dev->dlc; 648 struct sk_buff *skb; 649 int err = 0, sent = 0, size; 650 651 BT_DBG("tty %p count %d", tty, count); 652 653 while (count) { 654 size = min_t(uint, count, dlc->mtu); 655 656 skb = rfcomm_wmalloc(dev, size + RFCOMM_SKB_RESERVE, GFP_ATOMIC); 657 658 if (!skb) 659 break; 660 661 skb_reserve(skb, RFCOMM_SKB_HEAD_RESERVE); 662 663 memcpy(skb_put(skb, size), buf + sent, size); 664 665 if ((err = rfcomm_dlc_send(dlc, skb)) < 0) { 666 kfree_skb(skb); 667 break; 668 } 669 670 sent += size; 671 count -= size; 672 } 673 674 return sent ? sent : err; 675 } 676 677 static int rfcomm_tty_write_room(struct tty_struct *tty) 678 { 679 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 680 int room; 681 682 BT_DBG("tty %p", tty); 683 684 room = rfcomm_room(dev->dlc) - atomic_read(&dev->wmem_alloc); 685 if (room < 0) 686 room = 0; 687 return room; 688 } 689 690 static int rfcomm_tty_ioctl(struct tty_struct *tty, struct file *filp, unsigned int cmd, unsigned long arg) 691 { 692 BT_DBG("tty %p cmd 0x%02x", tty, cmd); 693 694 switch (cmd) { 695 case TCGETS: 696 BT_DBG("TCGETS is not supported"); 697 return -ENOIOCTLCMD; 698 699 case TCSETS: 700 BT_DBG("TCSETS is not supported"); 701 return -ENOIOCTLCMD; 702 703 case TIOCMIWAIT: 704 BT_DBG("TIOCMIWAIT"); 705 break; 706 707 case TIOCGICOUNT: 708 BT_DBG("TIOCGICOUNT"); 709 break; 710 711 case TIOCGSERIAL: 712 BT_ERR("TIOCGSERIAL is not supported"); 713 return -ENOIOCTLCMD; 714 715 case TIOCSSERIAL: 716 BT_ERR("TIOCSSERIAL is not supported"); 717 return -ENOIOCTLCMD; 718 719 case TIOCSERGSTRUCT: 720 BT_ERR("TIOCSERGSTRUCT is not supported"); 721 return -ENOIOCTLCMD; 722 723 case TIOCSERGETLSR: 724 BT_ERR("TIOCSERGETLSR is not supported"); 725 return -ENOIOCTLCMD; 726 727 case TIOCSERCONFIG: 728 BT_ERR("TIOCSERCONFIG is not supported"); 729 return -ENOIOCTLCMD; 730 731 default: 732 return -ENOIOCTLCMD; /* ioctls which we must ignore */ 733 734 } 735 736 return -ENOIOCTLCMD; 737 } 738 739 static void rfcomm_tty_set_termios(struct tty_struct *tty, struct termios *old) 740 { 741 struct termios *new = (struct termios *) tty->termios; 742 int old_baud_rate = tty_termios_baud_rate(old); 743 int new_baud_rate = tty_termios_baud_rate(new); 744 745 u8 baud, data_bits, stop_bits, parity, x_on, x_off; 746 u16 changes = 0; 747 748 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 749 750 BT_DBG("tty %p termios %p", tty, old); 751 752 /* Handle turning off CRTSCTS */ 753 if ((old->c_cflag & CRTSCTS) && !(new->c_cflag & CRTSCTS)) 754 BT_DBG("Turning off CRTSCTS unsupported"); 755 756 /* Parity on/off and when on, odd/even */ 757 if (((old->c_cflag & PARENB) != (new->c_cflag & PARENB)) || 758 ((old->c_cflag & PARODD) != (new->c_cflag & PARODD)) ) { 759 changes |= RFCOMM_RPN_PM_PARITY; 760 BT_DBG("Parity change detected."); 761 } 762 763 /* Mark and space parity are not supported! */ 764 if (new->c_cflag & PARENB) { 765 if (new->c_cflag & PARODD) { 766 BT_DBG("Parity is ODD"); 767 parity = RFCOMM_RPN_PARITY_ODD; 768 } else { 769 BT_DBG("Parity is EVEN"); 770 parity = RFCOMM_RPN_PARITY_EVEN; 771 } 772 } else { 773 BT_DBG("Parity is OFF"); 774 parity = RFCOMM_RPN_PARITY_NONE; 775 } 776 777 /* Setting the x_on / x_off characters */ 778 if (old->c_cc[VSTOP] != new->c_cc[VSTOP]) { 779 BT_DBG("XOFF custom"); 780 x_on = new->c_cc[VSTOP]; 781 changes |= RFCOMM_RPN_PM_XON; 782 } else { 783 BT_DBG("XOFF default"); 784 x_on = RFCOMM_RPN_XON_CHAR; 785 } 786 787 if (old->c_cc[VSTART] != new->c_cc[VSTART]) { 788 BT_DBG("XON custom"); 789 x_off = new->c_cc[VSTART]; 790 changes |= RFCOMM_RPN_PM_XOFF; 791 } else { 792 BT_DBG("XON default"); 793 x_off = RFCOMM_RPN_XOFF_CHAR; 794 } 795 796 /* Handle setting of stop bits */ 797 if ((old->c_cflag & CSTOPB) != (new->c_cflag & CSTOPB)) 798 changes |= RFCOMM_RPN_PM_STOP; 799 800 /* POSIX does not support 1.5 stop bits and RFCOMM does not 801 * support 2 stop bits. So a request for 2 stop bits gets 802 * translated to 1.5 stop bits */ 803 if (new->c_cflag & CSTOPB) { 804 stop_bits = RFCOMM_RPN_STOP_15; 805 } else { 806 stop_bits = RFCOMM_RPN_STOP_1; 807 } 808 809 /* Handle number of data bits [5-8] */ 810 if ((old->c_cflag & CSIZE) != (new->c_cflag & CSIZE)) 811 changes |= RFCOMM_RPN_PM_DATA; 812 813 switch (new->c_cflag & CSIZE) { 814 case CS5: 815 data_bits = RFCOMM_RPN_DATA_5; 816 break; 817 case CS6: 818 data_bits = RFCOMM_RPN_DATA_6; 819 break; 820 case CS7: 821 data_bits = RFCOMM_RPN_DATA_7; 822 break; 823 case CS8: 824 data_bits = RFCOMM_RPN_DATA_8; 825 break; 826 default: 827 data_bits = RFCOMM_RPN_DATA_8; 828 break; 829 } 830 831 /* Handle baudrate settings */ 832 if (old_baud_rate != new_baud_rate) 833 changes |= RFCOMM_RPN_PM_BITRATE; 834 835 switch (new_baud_rate) { 836 case 2400: 837 baud = RFCOMM_RPN_BR_2400; 838 break; 839 case 4800: 840 baud = RFCOMM_RPN_BR_4800; 841 break; 842 case 7200: 843 baud = RFCOMM_RPN_BR_7200; 844 break; 845 case 9600: 846 baud = RFCOMM_RPN_BR_9600; 847 break; 848 case 19200: 849 baud = RFCOMM_RPN_BR_19200; 850 break; 851 case 38400: 852 baud = RFCOMM_RPN_BR_38400; 853 break; 854 case 57600: 855 baud = RFCOMM_RPN_BR_57600; 856 break; 857 case 115200: 858 baud = RFCOMM_RPN_BR_115200; 859 break; 860 case 230400: 861 baud = RFCOMM_RPN_BR_230400; 862 break; 863 default: 864 /* 9600 is standard accordinag to the RFCOMM specification */ 865 baud = RFCOMM_RPN_BR_9600; 866 break; 867 868 } 869 870 if (changes) 871 rfcomm_send_rpn(dev->dlc->session, 1, dev->dlc->dlci, baud, 872 data_bits, stop_bits, parity, 873 RFCOMM_RPN_FLOW_NONE, x_on, x_off, changes); 874 875 return; 876 } 877 878 static void rfcomm_tty_throttle(struct tty_struct *tty) 879 { 880 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 881 882 BT_DBG("tty %p dev %p", tty, dev); 883 884 rfcomm_dlc_throttle(dev->dlc); 885 } 886 887 static void rfcomm_tty_unthrottle(struct tty_struct *tty) 888 { 889 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 890 891 BT_DBG("tty %p dev %p", tty, dev); 892 893 rfcomm_dlc_unthrottle(dev->dlc); 894 } 895 896 static int rfcomm_tty_chars_in_buffer(struct tty_struct *tty) 897 { 898 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 899 struct rfcomm_dlc *dlc = dev->dlc; 900 901 BT_DBG("tty %p dev %p", tty, dev); 902 903 if (!skb_queue_empty(&dlc->tx_queue)) 904 return dlc->mtu; 905 906 return 0; 907 } 908 909 static void rfcomm_tty_flush_buffer(struct tty_struct *tty) 910 { 911 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 912 if (!dev) 913 return; 914 915 BT_DBG("tty %p dev %p", tty, dev); 916 917 skb_queue_purge(&dev->dlc->tx_queue); 918 919 if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags) && tty->ldisc.write_wakeup) 920 tty->ldisc.write_wakeup(tty); 921 } 922 923 static void rfcomm_tty_send_xchar(struct tty_struct *tty, char ch) 924 { 925 BT_DBG("tty %p ch %c", tty, ch); 926 } 927 928 static void rfcomm_tty_wait_until_sent(struct tty_struct *tty, int timeout) 929 { 930 BT_DBG("tty %p timeout %d", tty, timeout); 931 } 932 933 static void rfcomm_tty_hangup(struct tty_struct *tty) 934 { 935 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 936 if (!dev) 937 return; 938 939 BT_DBG("tty %p dev %p", tty, dev); 940 941 rfcomm_tty_flush_buffer(tty); 942 943 if (test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags)) 944 rfcomm_dev_del(dev); 945 } 946 947 static int rfcomm_tty_read_proc(char *buf, char **start, off_t offset, int len, int *eof, void *unused) 948 { 949 return 0; 950 } 951 952 static int rfcomm_tty_tiocmget(struct tty_struct *tty, struct file *filp) 953 { 954 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 955 956 BT_DBG("tty %p dev %p", tty, dev); 957 958 return dev->modem_status; 959 } 960 961 static int rfcomm_tty_tiocmset(struct tty_struct *tty, struct file *filp, unsigned int set, unsigned int clear) 962 { 963 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 964 struct rfcomm_dlc *dlc = dev->dlc; 965 u8 v24_sig; 966 967 BT_DBG("tty %p dev %p set 0x%02x clear 0x%02x", tty, dev, set, clear); 968 969 rfcomm_dlc_get_modem_status(dlc, &v24_sig); 970 971 if (set & TIOCM_DSR || set & TIOCM_DTR) 972 v24_sig |= RFCOMM_V24_RTC; 973 if (set & TIOCM_RTS || set & TIOCM_CTS) 974 v24_sig |= RFCOMM_V24_RTR; 975 if (set & TIOCM_RI) 976 v24_sig |= RFCOMM_V24_IC; 977 if (set & TIOCM_CD) 978 v24_sig |= RFCOMM_V24_DV; 979 980 if (clear & TIOCM_DSR || clear & TIOCM_DTR) 981 v24_sig &= ~RFCOMM_V24_RTC; 982 if (clear & TIOCM_RTS || clear & TIOCM_CTS) 983 v24_sig &= ~RFCOMM_V24_RTR; 984 if (clear & TIOCM_RI) 985 v24_sig &= ~RFCOMM_V24_IC; 986 if (clear & TIOCM_CD) 987 v24_sig &= ~RFCOMM_V24_DV; 988 989 rfcomm_dlc_set_modem_status(dlc, v24_sig); 990 991 return 0; 992 } 993 994 /* ---- TTY structure ---- */ 995 996 static struct tty_operations rfcomm_ops = { 997 .open = rfcomm_tty_open, 998 .close = rfcomm_tty_close, 999 .write = rfcomm_tty_write, 1000 .write_room = rfcomm_tty_write_room, 1001 .chars_in_buffer = rfcomm_tty_chars_in_buffer, 1002 .flush_buffer = rfcomm_tty_flush_buffer, 1003 .ioctl = rfcomm_tty_ioctl, 1004 .throttle = rfcomm_tty_throttle, 1005 .unthrottle = rfcomm_tty_unthrottle, 1006 .set_termios = rfcomm_tty_set_termios, 1007 .send_xchar = rfcomm_tty_send_xchar, 1008 .hangup = rfcomm_tty_hangup, 1009 .wait_until_sent = rfcomm_tty_wait_until_sent, 1010 .read_proc = rfcomm_tty_read_proc, 1011 .tiocmget = rfcomm_tty_tiocmget, 1012 .tiocmset = rfcomm_tty_tiocmset, 1013 }; 1014 1015 int rfcomm_init_ttys(void) 1016 { 1017 rfcomm_tty_driver = alloc_tty_driver(RFCOMM_TTY_PORTS); 1018 if (!rfcomm_tty_driver) 1019 return -1; 1020 1021 rfcomm_tty_driver->owner = THIS_MODULE; 1022 rfcomm_tty_driver->driver_name = "rfcomm"; 1023 rfcomm_tty_driver->name = "rfcomm"; 1024 rfcomm_tty_driver->major = RFCOMM_TTY_MAJOR; 1025 rfcomm_tty_driver->minor_start = RFCOMM_TTY_MINOR; 1026 rfcomm_tty_driver->type = TTY_DRIVER_TYPE_SERIAL; 1027 rfcomm_tty_driver->subtype = SERIAL_TYPE_NORMAL; 1028 rfcomm_tty_driver->flags = TTY_DRIVER_REAL_RAW | TTY_DRIVER_DYNAMIC_DEV; 1029 rfcomm_tty_driver->init_termios = tty_std_termios; 1030 rfcomm_tty_driver->init_termios.c_cflag = B9600 | CS8 | CREAD | HUPCL | CLOCAL; 1031 tty_set_operations(rfcomm_tty_driver, &rfcomm_ops); 1032 1033 if (tty_register_driver(rfcomm_tty_driver)) { 1034 BT_ERR("Can't register RFCOMM TTY driver"); 1035 put_tty_driver(rfcomm_tty_driver); 1036 return -1; 1037 } 1038 1039 BT_INFO("RFCOMM TTY layer initialized"); 1040 1041 return 0; 1042 } 1043 1044 void rfcomm_cleanup_ttys(void) 1045 { 1046 tty_unregister_driver(rfcomm_tty_driver); 1047 put_tty_driver(rfcomm_tty_driver); 1048 } 1049