1 /* 2 RFCOMM implementation for Linux Bluetooth stack (BlueZ). 3 Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com> 4 Copyright (C) 2002 Marcel Holtmann <marcel@holtmann.org> 5 6 This program is free software; you can redistribute it and/or modify 7 it under the terms of the GNU General Public License version 2 as 8 published by the Free Software Foundation; 9 10 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS 11 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 12 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. 13 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY 14 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES 15 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 19 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, 20 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS 21 SOFTWARE IS DISCLAIMED. 22 */ 23 24 /* 25 * RFCOMM TTY. 26 * 27 * $Id: tty.c,v 1.24 2002/10/03 01:54:38 holtmann Exp $ 28 */ 29 30 #include <linux/config.h> 31 #include <linux/module.h> 32 33 #include <linux/tty.h> 34 #include <linux/tty_driver.h> 35 #include <linux/tty_flip.h> 36 37 #include <linux/slab.h> 38 #include <linux/skbuff.h> 39 40 #include <net/bluetooth/bluetooth.h> 41 #include <net/bluetooth/rfcomm.h> 42 43 #ifndef CONFIG_BT_RFCOMM_DEBUG 44 #undef BT_DBG 45 #define BT_DBG(D...) 46 #endif 47 48 #define RFCOMM_TTY_MAGIC 0x6d02 /* magic number for rfcomm struct */ 49 #define RFCOMM_TTY_PORTS RFCOMM_MAX_DEV /* whole lotta rfcomm devices */ 50 #define RFCOMM_TTY_MAJOR 216 /* device node major id of the usb/bluetooth.c driver */ 51 #define RFCOMM_TTY_MINOR 0 52 53 static struct tty_driver *rfcomm_tty_driver; 54 55 struct rfcomm_dev { 56 struct list_head list; 57 atomic_t refcnt; 58 59 char name[12]; 60 int id; 61 unsigned long flags; 62 int opened; 63 int err; 64 65 bdaddr_t src; 66 bdaddr_t dst; 67 u8 channel; 68 69 uint modem_status; 70 71 struct rfcomm_dlc *dlc; 72 struct tty_struct *tty; 73 wait_queue_head_t wait; 74 struct tasklet_struct wakeup_task; 75 76 atomic_t wmem_alloc; 77 }; 78 79 static LIST_HEAD(rfcomm_dev_list); 80 static DEFINE_RWLOCK(rfcomm_dev_lock); 81 82 static void rfcomm_dev_data_ready(struct rfcomm_dlc *dlc, struct sk_buff *skb); 83 static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err); 84 static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig); 85 86 static void rfcomm_tty_wakeup(unsigned long arg); 87 88 /* ---- Device functions ---- */ 89 static void rfcomm_dev_destruct(struct rfcomm_dev *dev) 90 { 91 struct rfcomm_dlc *dlc = dev->dlc; 92 93 BT_DBG("dev %p dlc %p", dev, dlc); 94 95 rfcomm_dlc_lock(dlc); 96 /* Detach DLC if it's owned by this dev */ 97 if (dlc->owner == dev) 98 dlc->owner = NULL; 99 rfcomm_dlc_unlock(dlc); 100 101 rfcomm_dlc_put(dlc); 102 103 tty_unregister_device(rfcomm_tty_driver, dev->id); 104 105 /* Refcount should only hit zero when called from rfcomm_dev_del() 106 which will have taken us off the list. Everything else are 107 refcounting bugs. */ 108 BUG_ON(!list_empty(&dev->list)); 109 110 kfree(dev); 111 112 /* It's safe to call module_put() here because socket still 113 holds reference to this module. */ 114 module_put(THIS_MODULE); 115 } 116 117 static inline void rfcomm_dev_hold(struct rfcomm_dev *dev) 118 { 119 atomic_inc(&dev->refcnt); 120 } 121 122 static inline void rfcomm_dev_put(struct rfcomm_dev *dev) 123 { 124 /* The reason this isn't actually a race, as you no 125 doubt have a little voice screaming at you in your 126 head, is that the refcount should never actually 127 reach zero unless the device has already been taken 128 off the list, in rfcomm_dev_del(). And if that's not 129 true, we'll hit the BUG() in rfcomm_dev_destruct() 130 anyway. */ 131 if (atomic_dec_and_test(&dev->refcnt)) 132 rfcomm_dev_destruct(dev); 133 } 134 135 static struct rfcomm_dev *__rfcomm_dev_get(int id) 136 { 137 struct rfcomm_dev *dev; 138 struct list_head *p; 139 140 list_for_each(p, &rfcomm_dev_list) { 141 dev = list_entry(p, struct rfcomm_dev, list); 142 if (dev->id == id) 143 return dev; 144 } 145 146 return NULL; 147 } 148 149 static inline struct rfcomm_dev *rfcomm_dev_get(int id) 150 { 151 struct rfcomm_dev *dev; 152 153 read_lock(&rfcomm_dev_lock); 154 155 dev = __rfcomm_dev_get(id); 156 if (dev) 157 rfcomm_dev_hold(dev); 158 159 read_unlock(&rfcomm_dev_lock); 160 161 return dev; 162 } 163 164 static int rfcomm_dev_add(struct rfcomm_dev_req *req, struct rfcomm_dlc *dlc) 165 { 166 struct rfcomm_dev *dev; 167 struct list_head *head = &rfcomm_dev_list, *p; 168 int err = 0; 169 170 BT_DBG("id %d channel %d", req->dev_id, req->channel); 171 172 dev = kmalloc(sizeof(struct rfcomm_dev), GFP_KERNEL); 173 if (!dev) 174 return -ENOMEM; 175 memset(dev, 0, sizeof(struct rfcomm_dev)); 176 177 write_lock_bh(&rfcomm_dev_lock); 178 179 if (req->dev_id < 0) { 180 dev->id = 0; 181 182 list_for_each(p, &rfcomm_dev_list) { 183 if (list_entry(p, struct rfcomm_dev, list)->id != dev->id) 184 break; 185 186 dev->id++; 187 head = p; 188 } 189 } else { 190 dev->id = req->dev_id; 191 192 list_for_each(p, &rfcomm_dev_list) { 193 struct rfcomm_dev *entry = list_entry(p, struct rfcomm_dev, list); 194 195 if (entry->id == dev->id) { 196 err = -EADDRINUSE; 197 goto out; 198 } 199 200 if (entry->id > dev->id - 1) 201 break; 202 203 head = p; 204 } 205 } 206 207 if ((dev->id < 0) || (dev->id > RFCOMM_MAX_DEV - 1)) { 208 err = -ENFILE; 209 goto out; 210 } 211 212 sprintf(dev->name, "rfcomm%d", dev->id); 213 214 list_add(&dev->list, head); 215 atomic_set(&dev->refcnt, 1); 216 217 bacpy(&dev->src, &req->src); 218 bacpy(&dev->dst, &req->dst); 219 dev->channel = req->channel; 220 221 dev->flags = req->flags & 222 ((1 << RFCOMM_RELEASE_ONHUP) | (1 << RFCOMM_REUSE_DLC)); 223 224 init_waitqueue_head(&dev->wait); 225 tasklet_init(&dev->wakeup_task, rfcomm_tty_wakeup, (unsigned long) dev); 226 227 rfcomm_dlc_lock(dlc); 228 dlc->data_ready = rfcomm_dev_data_ready; 229 dlc->state_change = rfcomm_dev_state_change; 230 dlc->modem_status = rfcomm_dev_modem_status; 231 232 dlc->owner = dev; 233 dev->dlc = dlc; 234 rfcomm_dlc_unlock(dlc); 235 236 /* It's safe to call __module_get() here because socket already 237 holds reference to this module. */ 238 __module_get(THIS_MODULE); 239 240 out: 241 write_unlock_bh(&rfcomm_dev_lock); 242 243 if (err) { 244 kfree(dev); 245 return err; 246 } 247 248 tty_register_device(rfcomm_tty_driver, dev->id, NULL); 249 250 return dev->id; 251 } 252 253 static void rfcomm_dev_del(struct rfcomm_dev *dev) 254 { 255 BT_DBG("dev %p", dev); 256 257 write_lock_bh(&rfcomm_dev_lock); 258 list_del_init(&dev->list); 259 write_unlock_bh(&rfcomm_dev_lock); 260 261 rfcomm_dev_put(dev); 262 } 263 264 /* ---- Send buffer ---- */ 265 static inline unsigned int rfcomm_room(struct rfcomm_dlc *dlc) 266 { 267 /* We can't let it be zero, because we don't get a callback 268 when tx_credits becomes nonzero, hence we'd never wake up */ 269 return dlc->mtu * (dlc->tx_credits?:1); 270 } 271 272 static void rfcomm_wfree(struct sk_buff *skb) 273 { 274 struct rfcomm_dev *dev = (void *) skb->sk; 275 atomic_sub(skb->truesize, &dev->wmem_alloc); 276 if (test_bit(RFCOMM_TTY_ATTACHED, &dev->flags)) 277 tasklet_schedule(&dev->wakeup_task); 278 rfcomm_dev_put(dev); 279 } 280 281 static inline void rfcomm_set_owner_w(struct sk_buff *skb, struct rfcomm_dev *dev) 282 { 283 rfcomm_dev_hold(dev); 284 atomic_add(skb->truesize, &dev->wmem_alloc); 285 skb->sk = (void *) dev; 286 skb->destructor = rfcomm_wfree; 287 } 288 289 static struct sk_buff *rfcomm_wmalloc(struct rfcomm_dev *dev, unsigned long size, gfp_t priority) 290 { 291 if (atomic_read(&dev->wmem_alloc) < rfcomm_room(dev->dlc)) { 292 struct sk_buff *skb = alloc_skb(size, priority); 293 if (skb) { 294 rfcomm_set_owner_w(skb, dev); 295 return skb; 296 } 297 } 298 return NULL; 299 } 300 301 /* ---- Device IOCTLs ---- */ 302 303 #define NOCAP_FLAGS ((1 << RFCOMM_REUSE_DLC) | (1 << RFCOMM_RELEASE_ONHUP)) 304 305 static int rfcomm_create_dev(struct sock *sk, void __user *arg) 306 { 307 struct rfcomm_dev_req req; 308 struct rfcomm_dlc *dlc; 309 int id; 310 311 if (copy_from_user(&req, arg, sizeof(req))) 312 return -EFAULT; 313 314 BT_DBG("sk %p dev_id %id flags 0x%x", sk, req.dev_id, req.flags); 315 316 if (req.flags != NOCAP_FLAGS && !capable(CAP_NET_ADMIN)) 317 return -EPERM; 318 319 if (req.flags & (1 << RFCOMM_REUSE_DLC)) { 320 /* Socket must be connected */ 321 if (sk->sk_state != BT_CONNECTED) 322 return -EBADFD; 323 324 dlc = rfcomm_pi(sk)->dlc; 325 rfcomm_dlc_hold(dlc); 326 } else { 327 dlc = rfcomm_dlc_alloc(GFP_KERNEL); 328 if (!dlc) 329 return -ENOMEM; 330 } 331 332 id = rfcomm_dev_add(&req, dlc); 333 if (id < 0) { 334 rfcomm_dlc_put(dlc); 335 return id; 336 } 337 338 if (req.flags & (1 << RFCOMM_REUSE_DLC)) { 339 /* DLC is now used by device. 340 * Socket must be disconnected */ 341 sk->sk_state = BT_CLOSED; 342 } 343 344 return id; 345 } 346 347 static int rfcomm_release_dev(void __user *arg) 348 { 349 struct rfcomm_dev_req req; 350 struct rfcomm_dev *dev; 351 352 if (copy_from_user(&req, arg, sizeof(req))) 353 return -EFAULT; 354 355 BT_DBG("dev_id %id flags 0x%x", req.dev_id, req.flags); 356 357 if (!(dev = rfcomm_dev_get(req.dev_id))) 358 return -ENODEV; 359 360 if (dev->flags != NOCAP_FLAGS && !capable(CAP_NET_ADMIN)) { 361 rfcomm_dev_put(dev); 362 return -EPERM; 363 } 364 365 if (req.flags & (1 << RFCOMM_HANGUP_NOW)) 366 rfcomm_dlc_close(dev->dlc, 0); 367 368 rfcomm_dev_del(dev); 369 rfcomm_dev_put(dev); 370 return 0; 371 } 372 373 static int rfcomm_get_dev_list(void __user *arg) 374 { 375 struct rfcomm_dev_list_req *dl; 376 struct rfcomm_dev_info *di; 377 struct list_head *p; 378 int n = 0, size, err; 379 u16 dev_num; 380 381 BT_DBG(""); 382 383 if (get_user(dev_num, (u16 __user *) arg)) 384 return -EFAULT; 385 386 if (!dev_num || dev_num > (PAGE_SIZE * 4) / sizeof(*di)) 387 return -EINVAL; 388 389 size = sizeof(*dl) + dev_num * sizeof(*di); 390 391 if (!(dl = kmalloc(size, GFP_KERNEL))) 392 return -ENOMEM; 393 394 di = dl->dev_info; 395 396 read_lock_bh(&rfcomm_dev_lock); 397 398 list_for_each(p, &rfcomm_dev_list) { 399 struct rfcomm_dev *dev = list_entry(p, struct rfcomm_dev, list); 400 (di + n)->id = dev->id; 401 (di + n)->flags = dev->flags; 402 (di + n)->state = dev->dlc->state; 403 (di + n)->channel = dev->channel; 404 bacpy(&(di + n)->src, &dev->src); 405 bacpy(&(di + n)->dst, &dev->dst); 406 if (++n >= dev_num) 407 break; 408 } 409 410 read_unlock_bh(&rfcomm_dev_lock); 411 412 dl->dev_num = n; 413 size = sizeof(*dl) + n * sizeof(*di); 414 415 err = copy_to_user(arg, dl, size); 416 kfree(dl); 417 418 return err ? -EFAULT : 0; 419 } 420 421 static int rfcomm_get_dev_info(void __user *arg) 422 { 423 struct rfcomm_dev *dev; 424 struct rfcomm_dev_info di; 425 int err = 0; 426 427 BT_DBG(""); 428 429 if (copy_from_user(&di, arg, sizeof(di))) 430 return -EFAULT; 431 432 if (!(dev = rfcomm_dev_get(di.id))) 433 return -ENODEV; 434 435 di.flags = dev->flags; 436 di.channel = dev->channel; 437 di.state = dev->dlc->state; 438 bacpy(&di.src, &dev->src); 439 bacpy(&di.dst, &dev->dst); 440 441 if (copy_to_user(arg, &di, sizeof(di))) 442 err = -EFAULT; 443 444 rfcomm_dev_put(dev); 445 return err; 446 } 447 448 int rfcomm_dev_ioctl(struct sock *sk, unsigned int cmd, void __user *arg) 449 { 450 BT_DBG("cmd %d arg %p", cmd, arg); 451 452 switch (cmd) { 453 case RFCOMMCREATEDEV: 454 return rfcomm_create_dev(sk, arg); 455 456 case RFCOMMRELEASEDEV: 457 return rfcomm_release_dev(arg); 458 459 case RFCOMMGETDEVLIST: 460 return rfcomm_get_dev_list(arg); 461 462 case RFCOMMGETDEVINFO: 463 return rfcomm_get_dev_info(arg); 464 } 465 466 return -EINVAL; 467 } 468 469 /* ---- DLC callbacks ---- */ 470 static void rfcomm_dev_data_ready(struct rfcomm_dlc *dlc, struct sk_buff *skb) 471 { 472 struct rfcomm_dev *dev = dlc->owner; 473 struct tty_struct *tty; 474 475 if (!dev || !(tty = dev->tty)) { 476 kfree_skb(skb); 477 return; 478 } 479 480 BT_DBG("dlc %p tty %p len %d", dlc, tty, skb->len); 481 482 if (test_bit(TTY_DONT_FLIP, &tty->flags)) { 483 register int i; 484 for (i = 0; i < skb->len; i++) { 485 if (tty->flip.count >= TTY_FLIPBUF_SIZE) 486 tty_flip_buffer_push(tty); 487 488 tty_insert_flip_char(tty, skb->data[i], 0); 489 } 490 tty_flip_buffer_push(tty); 491 } else 492 tty->ldisc.receive_buf(tty, skb->data, NULL, skb->len); 493 494 kfree_skb(skb); 495 } 496 497 static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err) 498 { 499 struct rfcomm_dev *dev = dlc->owner; 500 if (!dev) 501 return; 502 503 BT_DBG("dlc %p dev %p err %d", dlc, dev, err); 504 505 dev->err = err; 506 wake_up_interruptible(&dev->wait); 507 508 if (dlc->state == BT_CLOSED) { 509 if (!dev->tty) { 510 if (test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags)) { 511 rfcomm_dev_hold(dev); 512 rfcomm_dev_del(dev); 513 514 /* We have to drop DLC lock here, otherwise 515 rfcomm_dev_put() will dead lock if it's 516 the last reference. */ 517 rfcomm_dlc_unlock(dlc); 518 rfcomm_dev_put(dev); 519 rfcomm_dlc_lock(dlc); 520 } 521 } else 522 tty_hangup(dev->tty); 523 } 524 } 525 526 static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig) 527 { 528 struct rfcomm_dev *dev = dlc->owner; 529 if (!dev) 530 return; 531 532 BT_DBG("dlc %p dev %p v24_sig 0x%02x", dlc, dev, v24_sig); 533 534 if ((dev->modem_status & TIOCM_CD) && !(v24_sig & RFCOMM_V24_DV)) { 535 if (dev->tty && !C_CLOCAL(dev->tty)) 536 tty_hangup(dev->tty); 537 } 538 539 dev->modem_status = 540 ((v24_sig & RFCOMM_V24_RTC) ? (TIOCM_DSR | TIOCM_DTR) : 0) | 541 ((v24_sig & RFCOMM_V24_RTR) ? (TIOCM_RTS | TIOCM_CTS) : 0) | 542 ((v24_sig & RFCOMM_V24_IC) ? TIOCM_RI : 0) | 543 ((v24_sig & RFCOMM_V24_DV) ? TIOCM_CD : 0); 544 } 545 546 /* ---- TTY functions ---- */ 547 static void rfcomm_tty_wakeup(unsigned long arg) 548 { 549 struct rfcomm_dev *dev = (void *) arg; 550 struct tty_struct *tty = dev->tty; 551 if (!tty) 552 return; 553 554 BT_DBG("dev %p tty %p", dev, tty); 555 556 if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags) && tty->ldisc.write_wakeup) 557 (tty->ldisc.write_wakeup)(tty); 558 559 wake_up_interruptible(&tty->write_wait); 560 #ifdef SERIAL_HAVE_POLL_WAIT 561 wake_up_interruptible(&tty->poll_wait); 562 #endif 563 } 564 565 static int rfcomm_tty_open(struct tty_struct *tty, struct file *filp) 566 { 567 DECLARE_WAITQUEUE(wait, current); 568 struct rfcomm_dev *dev; 569 struct rfcomm_dlc *dlc; 570 int err, id; 571 572 id = tty->index; 573 574 BT_DBG("tty %p id %d", tty, id); 575 576 /* We don't leak this refcount. For reasons which are not entirely 577 clear, the TTY layer will call our ->close() method even if the 578 open fails. We decrease the refcount there, and decreasing it 579 here too would cause breakage. */ 580 dev = rfcomm_dev_get(id); 581 if (!dev) 582 return -ENODEV; 583 584 BT_DBG("dev %p dst %s channel %d opened %d", dev, batostr(&dev->dst), dev->channel, dev->opened); 585 586 if (dev->opened++ != 0) 587 return 0; 588 589 dlc = dev->dlc; 590 591 /* Attach TTY and open DLC */ 592 593 rfcomm_dlc_lock(dlc); 594 tty->driver_data = dev; 595 dev->tty = tty; 596 rfcomm_dlc_unlock(dlc); 597 set_bit(RFCOMM_TTY_ATTACHED, &dev->flags); 598 599 err = rfcomm_dlc_open(dlc, &dev->src, &dev->dst, dev->channel); 600 if (err < 0) 601 return err; 602 603 /* Wait for DLC to connect */ 604 add_wait_queue(&dev->wait, &wait); 605 while (1) { 606 set_current_state(TASK_INTERRUPTIBLE); 607 608 if (dlc->state == BT_CLOSED) { 609 err = -dev->err; 610 break; 611 } 612 613 if (dlc->state == BT_CONNECTED) 614 break; 615 616 if (signal_pending(current)) { 617 err = -EINTR; 618 break; 619 } 620 621 schedule(); 622 } 623 set_current_state(TASK_RUNNING); 624 remove_wait_queue(&dev->wait, &wait); 625 626 return err; 627 } 628 629 static void rfcomm_tty_close(struct tty_struct *tty, struct file *filp) 630 { 631 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 632 if (!dev) 633 return; 634 635 BT_DBG("tty %p dev %p dlc %p opened %d", tty, dev, dev->dlc, dev->opened); 636 637 if (--dev->opened == 0) { 638 /* Close DLC and dettach TTY */ 639 rfcomm_dlc_close(dev->dlc, 0); 640 641 clear_bit(RFCOMM_TTY_ATTACHED, &dev->flags); 642 tasklet_kill(&dev->wakeup_task); 643 644 rfcomm_dlc_lock(dev->dlc); 645 tty->driver_data = NULL; 646 dev->tty = NULL; 647 rfcomm_dlc_unlock(dev->dlc); 648 } 649 650 rfcomm_dev_put(dev); 651 } 652 653 static int rfcomm_tty_write(struct tty_struct *tty, const unsigned char *buf, int count) 654 { 655 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 656 struct rfcomm_dlc *dlc = dev->dlc; 657 struct sk_buff *skb; 658 int err = 0, sent = 0, size; 659 660 BT_DBG("tty %p count %d", tty, count); 661 662 while (count) { 663 size = min_t(uint, count, dlc->mtu); 664 665 skb = rfcomm_wmalloc(dev, size + RFCOMM_SKB_RESERVE, GFP_ATOMIC); 666 667 if (!skb) 668 break; 669 670 skb_reserve(skb, RFCOMM_SKB_HEAD_RESERVE); 671 672 memcpy(skb_put(skb, size), buf + sent, size); 673 674 if ((err = rfcomm_dlc_send(dlc, skb)) < 0) { 675 kfree_skb(skb); 676 break; 677 } 678 679 sent += size; 680 count -= size; 681 } 682 683 return sent ? sent : err; 684 } 685 686 static int rfcomm_tty_write_room(struct tty_struct *tty) 687 { 688 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 689 int room; 690 691 BT_DBG("tty %p", tty); 692 693 room = rfcomm_room(dev->dlc) - atomic_read(&dev->wmem_alloc); 694 if (room < 0) 695 room = 0; 696 return room; 697 } 698 699 static int rfcomm_tty_ioctl(struct tty_struct *tty, struct file *filp, unsigned int cmd, unsigned long arg) 700 { 701 BT_DBG("tty %p cmd 0x%02x", tty, cmd); 702 703 switch (cmd) { 704 case TCGETS: 705 BT_DBG("TCGETS is not supported"); 706 return -ENOIOCTLCMD; 707 708 case TCSETS: 709 BT_DBG("TCSETS is not supported"); 710 return -ENOIOCTLCMD; 711 712 case TIOCMIWAIT: 713 BT_DBG("TIOCMIWAIT"); 714 break; 715 716 case TIOCGICOUNT: 717 BT_DBG("TIOCGICOUNT"); 718 break; 719 720 case TIOCGSERIAL: 721 BT_ERR("TIOCGSERIAL is not supported"); 722 return -ENOIOCTLCMD; 723 724 case TIOCSSERIAL: 725 BT_ERR("TIOCSSERIAL is not supported"); 726 return -ENOIOCTLCMD; 727 728 case TIOCSERGSTRUCT: 729 BT_ERR("TIOCSERGSTRUCT is not supported"); 730 return -ENOIOCTLCMD; 731 732 case TIOCSERGETLSR: 733 BT_ERR("TIOCSERGETLSR is not supported"); 734 return -ENOIOCTLCMD; 735 736 case TIOCSERCONFIG: 737 BT_ERR("TIOCSERCONFIG is not supported"); 738 return -ENOIOCTLCMD; 739 740 default: 741 return -ENOIOCTLCMD; /* ioctls which we must ignore */ 742 743 } 744 745 return -ENOIOCTLCMD; 746 } 747 748 static void rfcomm_tty_set_termios(struct tty_struct *tty, struct termios *old) 749 { 750 struct termios *new = (struct termios *) tty->termios; 751 int old_baud_rate = tty_termios_baud_rate(old); 752 int new_baud_rate = tty_termios_baud_rate(new); 753 754 u8 baud, data_bits, stop_bits, parity, x_on, x_off; 755 u16 changes = 0; 756 757 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 758 759 BT_DBG("tty %p termios %p", tty, old); 760 761 /* Handle turning off CRTSCTS */ 762 if ((old->c_cflag & CRTSCTS) && !(new->c_cflag & CRTSCTS)) 763 BT_DBG("Turning off CRTSCTS unsupported"); 764 765 /* Parity on/off and when on, odd/even */ 766 if (((old->c_cflag & PARENB) != (new->c_cflag & PARENB)) || 767 ((old->c_cflag & PARODD) != (new->c_cflag & PARODD)) ) { 768 changes |= RFCOMM_RPN_PM_PARITY; 769 BT_DBG("Parity change detected."); 770 } 771 772 /* Mark and space parity are not supported! */ 773 if (new->c_cflag & PARENB) { 774 if (new->c_cflag & PARODD) { 775 BT_DBG("Parity is ODD"); 776 parity = RFCOMM_RPN_PARITY_ODD; 777 } else { 778 BT_DBG("Parity is EVEN"); 779 parity = RFCOMM_RPN_PARITY_EVEN; 780 } 781 } else { 782 BT_DBG("Parity is OFF"); 783 parity = RFCOMM_RPN_PARITY_NONE; 784 } 785 786 /* Setting the x_on / x_off characters */ 787 if (old->c_cc[VSTOP] != new->c_cc[VSTOP]) { 788 BT_DBG("XOFF custom"); 789 x_on = new->c_cc[VSTOP]; 790 changes |= RFCOMM_RPN_PM_XON; 791 } else { 792 BT_DBG("XOFF default"); 793 x_on = RFCOMM_RPN_XON_CHAR; 794 } 795 796 if (old->c_cc[VSTART] != new->c_cc[VSTART]) { 797 BT_DBG("XON custom"); 798 x_off = new->c_cc[VSTART]; 799 changes |= RFCOMM_RPN_PM_XOFF; 800 } else { 801 BT_DBG("XON default"); 802 x_off = RFCOMM_RPN_XOFF_CHAR; 803 } 804 805 /* Handle setting of stop bits */ 806 if ((old->c_cflag & CSTOPB) != (new->c_cflag & CSTOPB)) 807 changes |= RFCOMM_RPN_PM_STOP; 808 809 /* POSIX does not support 1.5 stop bits and RFCOMM does not 810 * support 2 stop bits. So a request for 2 stop bits gets 811 * translated to 1.5 stop bits */ 812 if (new->c_cflag & CSTOPB) { 813 stop_bits = RFCOMM_RPN_STOP_15; 814 } else { 815 stop_bits = RFCOMM_RPN_STOP_1; 816 } 817 818 /* Handle number of data bits [5-8] */ 819 if ((old->c_cflag & CSIZE) != (new->c_cflag & CSIZE)) 820 changes |= RFCOMM_RPN_PM_DATA; 821 822 switch (new->c_cflag & CSIZE) { 823 case CS5: 824 data_bits = RFCOMM_RPN_DATA_5; 825 break; 826 case CS6: 827 data_bits = RFCOMM_RPN_DATA_6; 828 break; 829 case CS7: 830 data_bits = RFCOMM_RPN_DATA_7; 831 break; 832 case CS8: 833 data_bits = RFCOMM_RPN_DATA_8; 834 break; 835 default: 836 data_bits = RFCOMM_RPN_DATA_8; 837 break; 838 } 839 840 /* Handle baudrate settings */ 841 if (old_baud_rate != new_baud_rate) 842 changes |= RFCOMM_RPN_PM_BITRATE; 843 844 switch (new_baud_rate) { 845 case 2400: 846 baud = RFCOMM_RPN_BR_2400; 847 break; 848 case 4800: 849 baud = RFCOMM_RPN_BR_4800; 850 break; 851 case 7200: 852 baud = RFCOMM_RPN_BR_7200; 853 break; 854 case 9600: 855 baud = RFCOMM_RPN_BR_9600; 856 break; 857 case 19200: 858 baud = RFCOMM_RPN_BR_19200; 859 break; 860 case 38400: 861 baud = RFCOMM_RPN_BR_38400; 862 break; 863 case 57600: 864 baud = RFCOMM_RPN_BR_57600; 865 break; 866 case 115200: 867 baud = RFCOMM_RPN_BR_115200; 868 break; 869 case 230400: 870 baud = RFCOMM_RPN_BR_230400; 871 break; 872 default: 873 /* 9600 is standard accordinag to the RFCOMM specification */ 874 baud = RFCOMM_RPN_BR_9600; 875 break; 876 877 } 878 879 if (changes) 880 rfcomm_send_rpn(dev->dlc->session, 1, dev->dlc->dlci, baud, 881 data_bits, stop_bits, parity, 882 RFCOMM_RPN_FLOW_NONE, x_on, x_off, changes); 883 884 return; 885 } 886 887 static void rfcomm_tty_throttle(struct tty_struct *tty) 888 { 889 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 890 891 BT_DBG("tty %p dev %p", tty, dev); 892 893 rfcomm_dlc_throttle(dev->dlc); 894 } 895 896 static void rfcomm_tty_unthrottle(struct tty_struct *tty) 897 { 898 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 899 900 BT_DBG("tty %p dev %p", tty, dev); 901 902 rfcomm_dlc_unthrottle(dev->dlc); 903 } 904 905 static int rfcomm_tty_chars_in_buffer(struct tty_struct *tty) 906 { 907 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 908 struct rfcomm_dlc *dlc = dev->dlc; 909 910 BT_DBG("tty %p dev %p", tty, dev); 911 912 if (!skb_queue_empty(&dlc->tx_queue)) 913 return dlc->mtu; 914 915 return 0; 916 } 917 918 static void rfcomm_tty_flush_buffer(struct tty_struct *tty) 919 { 920 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 921 if (!dev) 922 return; 923 924 BT_DBG("tty %p dev %p", tty, dev); 925 926 skb_queue_purge(&dev->dlc->tx_queue); 927 928 if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags) && tty->ldisc.write_wakeup) 929 tty->ldisc.write_wakeup(tty); 930 } 931 932 static void rfcomm_tty_send_xchar(struct tty_struct *tty, char ch) 933 { 934 BT_DBG("tty %p ch %c", tty, ch); 935 } 936 937 static void rfcomm_tty_wait_until_sent(struct tty_struct *tty, int timeout) 938 { 939 BT_DBG("tty %p timeout %d", tty, timeout); 940 } 941 942 static void rfcomm_tty_hangup(struct tty_struct *tty) 943 { 944 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 945 if (!dev) 946 return; 947 948 BT_DBG("tty %p dev %p", tty, dev); 949 950 rfcomm_tty_flush_buffer(tty); 951 952 if (test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags)) 953 rfcomm_dev_del(dev); 954 } 955 956 static int rfcomm_tty_read_proc(char *buf, char **start, off_t offset, int len, int *eof, void *unused) 957 { 958 return 0; 959 } 960 961 static int rfcomm_tty_tiocmget(struct tty_struct *tty, struct file *filp) 962 { 963 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 964 965 BT_DBG("tty %p dev %p", tty, dev); 966 967 return dev->modem_status; 968 } 969 970 static int rfcomm_tty_tiocmset(struct tty_struct *tty, struct file *filp, unsigned int set, unsigned int clear) 971 { 972 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 973 struct rfcomm_dlc *dlc = dev->dlc; 974 u8 v24_sig; 975 976 BT_DBG("tty %p dev %p set 0x%02x clear 0x%02x", tty, dev, set, clear); 977 978 rfcomm_dlc_get_modem_status(dlc, &v24_sig); 979 980 if (set & TIOCM_DSR || set & TIOCM_DTR) 981 v24_sig |= RFCOMM_V24_RTC; 982 if (set & TIOCM_RTS || set & TIOCM_CTS) 983 v24_sig |= RFCOMM_V24_RTR; 984 if (set & TIOCM_RI) 985 v24_sig |= RFCOMM_V24_IC; 986 if (set & TIOCM_CD) 987 v24_sig |= RFCOMM_V24_DV; 988 989 if (clear & TIOCM_DSR || clear & TIOCM_DTR) 990 v24_sig &= ~RFCOMM_V24_RTC; 991 if (clear & TIOCM_RTS || clear & TIOCM_CTS) 992 v24_sig &= ~RFCOMM_V24_RTR; 993 if (clear & TIOCM_RI) 994 v24_sig &= ~RFCOMM_V24_IC; 995 if (clear & TIOCM_CD) 996 v24_sig &= ~RFCOMM_V24_DV; 997 998 rfcomm_dlc_set_modem_status(dlc, v24_sig); 999 1000 return 0; 1001 } 1002 1003 /* ---- TTY structure ---- */ 1004 1005 static struct tty_operations rfcomm_ops = { 1006 .open = rfcomm_tty_open, 1007 .close = rfcomm_tty_close, 1008 .write = rfcomm_tty_write, 1009 .write_room = rfcomm_tty_write_room, 1010 .chars_in_buffer = rfcomm_tty_chars_in_buffer, 1011 .flush_buffer = rfcomm_tty_flush_buffer, 1012 .ioctl = rfcomm_tty_ioctl, 1013 .throttle = rfcomm_tty_throttle, 1014 .unthrottle = rfcomm_tty_unthrottle, 1015 .set_termios = rfcomm_tty_set_termios, 1016 .send_xchar = rfcomm_tty_send_xchar, 1017 .hangup = rfcomm_tty_hangup, 1018 .wait_until_sent = rfcomm_tty_wait_until_sent, 1019 .read_proc = rfcomm_tty_read_proc, 1020 .tiocmget = rfcomm_tty_tiocmget, 1021 .tiocmset = rfcomm_tty_tiocmset, 1022 }; 1023 1024 int rfcomm_init_ttys(void) 1025 { 1026 rfcomm_tty_driver = alloc_tty_driver(RFCOMM_TTY_PORTS); 1027 if (!rfcomm_tty_driver) 1028 return -1; 1029 1030 rfcomm_tty_driver->owner = THIS_MODULE; 1031 rfcomm_tty_driver->driver_name = "rfcomm"; 1032 rfcomm_tty_driver->devfs_name = "bluetooth/rfcomm/"; 1033 rfcomm_tty_driver->name = "rfcomm"; 1034 rfcomm_tty_driver->major = RFCOMM_TTY_MAJOR; 1035 rfcomm_tty_driver->minor_start = RFCOMM_TTY_MINOR; 1036 rfcomm_tty_driver->type = TTY_DRIVER_TYPE_SERIAL; 1037 rfcomm_tty_driver->subtype = SERIAL_TYPE_NORMAL; 1038 rfcomm_tty_driver->flags = TTY_DRIVER_REAL_RAW | TTY_DRIVER_NO_DEVFS; 1039 rfcomm_tty_driver->init_termios = tty_std_termios; 1040 rfcomm_tty_driver->init_termios.c_cflag = B9600 | CS8 | CREAD | HUPCL | CLOCAL; 1041 tty_set_operations(rfcomm_tty_driver, &rfcomm_ops); 1042 1043 if (tty_register_driver(rfcomm_tty_driver)) { 1044 BT_ERR("Can't register RFCOMM TTY driver"); 1045 put_tty_driver(rfcomm_tty_driver); 1046 return -1; 1047 } 1048 1049 BT_INFO("RFCOMM TTY layer initialized"); 1050 1051 return 0; 1052 } 1053 1054 void rfcomm_cleanup_ttys(void) 1055 { 1056 tty_unregister_driver(rfcomm_tty_driver); 1057 put_tty_driver(rfcomm_tty_driver); 1058 } 1059