1 /* 2 RFCOMM implementation for Linux Bluetooth stack (BlueZ). 3 Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com> 4 Copyright (C) 2002 Marcel Holtmann <marcel@holtmann.org> 5 6 This program is free software; you can redistribute it and/or modify 7 it under the terms of the GNU General Public License version 2 as 8 published by the Free Software Foundation; 9 10 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS 11 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 12 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. 13 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY 14 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES 15 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 19 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, 20 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS 21 SOFTWARE IS DISCLAIMED. 22 */ 23 24 /* 25 * RFCOMM TTY. 26 * 27 * $Id: tty.c,v 1.24 2002/10/03 01:54:38 holtmann Exp $ 28 */ 29 30 #include <linux/config.h> 31 #include <linux/module.h> 32 33 #include <linux/tty.h> 34 #include <linux/tty_driver.h> 35 #include <linux/tty_flip.h> 36 37 #include <linux/capability.h> 38 #include <linux/slab.h> 39 #include <linux/skbuff.h> 40 41 #include <net/bluetooth/bluetooth.h> 42 #include <net/bluetooth/rfcomm.h> 43 44 #ifndef CONFIG_BT_RFCOMM_DEBUG 45 #undef BT_DBG 46 #define BT_DBG(D...) 47 #endif 48 49 #define RFCOMM_TTY_MAGIC 0x6d02 /* magic number for rfcomm struct */ 50 #define RFCOMM_TTY_PORTS RFCOMM_MAX_DEV /* whole lotta rfcomm devices */ 51 #define RFCOMM_TTY_MAJOR 216 /* device node major id of the usb/bluetooth.c driver */ 52 #define RFCOMM_TTY_MINOR 0 53 54 static struct tty_driver *rfcomm_tty_driver; 55 56 struct rfcomm_dev { 57 struct list_head list; 58 atomic_t refcnt; 59 60 char name[12]; 61 int id; 62 unsigned long flags; 63 int opened; 64 int err; 65 66 bdaddr_t src; 67 bdaddr_t dst; 68 u8 channel; 69 70 uint modem_status; 71 72 struct rfcomm_dlc *dlc; 73 struct tty_struct *tty; 74 wait_queue_head_t wait; 75 struct tasklet_struct wakeup_task; 76 77 atomic_t wmem_alloc; 78 }; 79 80 static LIST_HEAD(rfcomm_dev_list); 81 static DEFINE_RWLOCK(rfcomm_dev_lock); 82 83 static void rfcomm_dev_data_ready(struct rfcomm_dlc *dlc, struct sk_buff *skb); 84 static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err); 85 static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig); 86 87 static void rfcomm_tty_wakeup(unsigned long arg); 88 89 /* ---- Device functions ---- */ 90 static void rfcomm_dev_destruct(struct rfcomm_dev *dev) 91 { 92 struct rfcomm_dlc *dlc = dev->dlc; 93 94 BT_DBG("dev %p dlc %p", dev, dlc); 95 96 rfcomm_dlc_lock(dlc); 97 /* Detach DLC if it's owned by this dev */ 98 if (dlc->owner == dev) 99 dlc->owner = NULL; 100 rfcomm_dlc_unlock(dlc); 101 102 rfcomm_dlc_put(dlc); 103 104 tty_unregister_device(rfcomm_tty_driver, dev->id); 105 106 /* Refcount should only hit zero when called from rfcomm_dev_del() 107 which will have taken us off the list. Everything else are 108 refcounting bugs. */ 109 BUG_ON(!list_empty(&dev->list)); 110 111 kfree(dev); 112 113 /* It's safe to call module_put() here because socket still 114 holds reference to this module. */ 115 module_put(THIS_MODULE); 116 } 117 118 static inline void rfcomm_dev_hold(struct rfcomm_dev *dev) 119 { 120 atomic_inc(&dev->refcnt); 121 } 122 123 static inline void rfcomm_dev_put(struct rfcomm_dev *dev) 124 { 125 /* The reason this isn't actually a race, as you no 126 doubt have a little voice screaming at you in your 127 head, is that the refcount should never actually 128 reach zero unless the device has already been taken 129 off the list, in rfcomm_dev_del(). And if that's not 130 true, we'll hit the BUG() in rfcomm_dev_destruct() 131 anyway. */ 132 if (atomic_dec_and_test(&dev->refcnt)) 133 rfcomm_dev_destruct(dev); 134 } 135 136 static struct rfcomm_dev *__rfcomm_dev_get(int id) 137 { 138 struct rfcomm_dev *dev; 139 struct list_head *p; 140 141 list_for_each(p, &rfcomm_dev_list) { 142 dev = list_entry(p, struct rfcomm_dev, list); 143 if (dev->id == id) 144 return dev; 145 } 146 147 return NULL; 148 } 149 150 static inline struct rfcomm_dev *rfcomm_dev_get(int id) 151 { 152 struct rfcomm_dev *dev; 153 154 read_lock(&rfcomm_dev_lock); 155 156 dev = __rfcomm_dev_get(id); 157 if (dev) 158 rfcomm_dev_hold(dev); 159 160 read_unlock(&rfcomm_dev_lock); 161 162 return dev; 163 } 164 165 static int rfcomm_dev_add(struct rfcomm_dev_req *req, struct rfcomm_dlc *dlc) 166 { 167 struct rfcomm_dev *dev; 168 struct list_head *head = &rfcomm_dev_list, *p; 169 int err = 0; 170 171 BT_DBG("id %d channel %d", req->dev_id, req->channel); 172 173 dev = kmalloc(sizeof(struct rfcomm_dev), GFP_KERNEL); 174 if (!dev) 175 return -ENOMEM; 176 memset(dev, 0, sizeof(struct rfcomm_dev)); 177 178 write_lock_bh(&rfcomm_dev_lock); 179 180 if (req->dev_id < 0) { 181 dev->id = 0; 182 183 list_for_each(p, &rfcomm_dev_list) { 184 if (list_entry(p, struct rfcomm_dev, list)->id != dev->id) 185 break; 186 187 dev->id++; 188 head = p; 189 } 190 } else { 191 dev->id = req->dev_id; 192 193 list_for_each(p, &rfcomm_dev_list) { 194 struct rfcomm_dev *entry = list_entry(p, struct rfcomm_dev, list); 195 196 if (entry->id == dev->id) { 197 err = -EADDRINUSE; 198 goto out; 199 } 200 201 if (entry->id > dev->id - 1) 202 break; 203 204 head = p; 205 } 206 } 207 208 if ((dev->id < 0) || (dev->id > RFCOMM_MAX_DEV - 1)) { 209 err = -ENFILE; 210 goto out; 211 } 212 213 sprintf(dev->name, "rfcomm%d", dev->id); 214 215 list_add(&dev->list, head); 216 atomic_set(&dev->refcnt, 1); 217 218 bacpy(&dev->src, &req->src); 219 bacpy(&dev->dst, &req->dst); 220 dev->channel = req->channel; 221 222 dev->flags = req->flags & 223 ((1 << RFCOMM_RELEASE_ONHUP) | (1 << RFCOMM_REUSE_DLC)); 224 225 init_waitqueue_head(&dev->wait); 226 tasklet_init(&dev->wakeup_task, rfcomm_tty_wakeup, (unsigned long) dev); 227 228 rfcomm_dlc_lock(dlc); 229 dlc->data_ready = rfcomm_dev_data_ready; 230 dlc->state_change = rfcomm_dev_state_change; 231 dlc->modem_status = rfcomm_dev_modem_status; 232 233 dlc->owner = dev; 234 dev->dlc = dlc; 235 rfcomm_dlc_unlock(dlc); 236 237 /* It's safe to call __module_get() here because socket already 238 holds reference to this module. */ 239 __module_get(THIS_MODULE); 240 241 out: 242 write_unlock_bh(&rfcomm_dev_lock); 243 244 if (err) { 245 kfree(dev); 246 return err; 247 } 248 249 tty_register_device(rfcomm_tty_driver, dev->id, NULL); 250 251 return dev->id; 252 } 253 254 static void rfcomm_dev_del(struct rfcomm_dev *dev) 255 { 256 BT_DBG("dev %p", dev); 257 258 write_lock_bh(&rfcomm_dev_lock); 259 list_del_init(&dev->list); 260 write_unlock_bh(&rfcomm_dev_lock); 261 262 rfcomm_dev_put(dev); 263 } 264 265 /* ---- Send buffer ---- */ 266 static inline unsigned int rfcomm_room(struct rfcomm_dlc *dlc) 267 { 268 /* We can't let it be zero, because we don't get a callback 269 when tx_credits becomes nonzero, hence we'd never wake up */ 270 return dlc->mtu * (dlc->tx_credits?:1); 271 } 272 273 static void rfcomm_wfree(struct sk_buff *skb) 274 { 275 struct rfcomm_dev *dev = (void *) skb->sk; 276 atomic_sub(skb->truesize, &dev->wmem_alloc); 277 if (test_bit(RFCOMM_TTY_ATTACHED, &dev->flags)) 278 tasklet_schedule(&dev->wakeup_task); 279 rfcomm_dev_put(dev); 280 } 281 282 static inline void rfcomm_set_owner_w(struct sk_buff *skb, struct rfcomm_dev *dev) 283 { 284 rfcomm_dev_hold(dev); 285 atomic_add(skb->truesize, &dev->wmem_alloc); 286 skb->sk = (void *) dev; 287 skb->destructor = rfcomm_wfree; 288 } 289 290 static struct sk_buff *rfcomm_wmalloc(struct rfcomm_dev *dev, unsigned long size, gfp_t priority) 291 { 292 if (atomic_read(&dev->wmem_alloc) < rfcomm_room(dev->dlc)) { 293 struct sk_buff *skb = alloc_skb(size, priority); 294 if (skb) { 295 rfcomm_set_owner_w(skb, dev); 296 return skb; 297 } 298 } 299 return NULL; 300 } 301 302 /* ---- Device IOCTLs ---- */ 303 304 #define NOCAP_FLAGS ((1 << RFCOMM_REUSE_DLC) | (1 << RFCOMM_RELEASE_ONHUP)) 305 306 static int rfcomm_create_dev(struct sock *sk, void __user *arg) 307 { 308 struct rfcomm_dev_req req; 309 struct rfcomm_dlc *dlc; 310 int id; 311 312 if (copy_from_user(&req, arg, sizeof(req))) 313 return -EFAULT; 314 315 BT_DBG("sk %p dev_id %id flags 0x%x", sk, req.dev_id, req.flags); 316 317 if (req.flags != NOCAP_FLAGS && !capable(CAP_NET_ADMIN)) 318 return -EPERM; 319 320 if (req.flags & (1 << RFCOMM_REUSE_DLC)) { 321 /* Socket must be connected */ 322 if (sk->sk_state != BT_CONNECTED) 323 return -EBADFD; 324 325 dlc = rfcomm_pi(sk)->dlc; 326 rfcomm_dlc_hold(dlc); 327 } else { 328 dlc = rfcomm_dlc_alloc(GFP_KERNEL); 329 if (!dlc) 330 return -ENOMEM; 331 } 332 333 id = rfcomm_dev_add(&req, dlc); 334 if (id < 0) { 335 rfcomm_dlc_put(dlc); 336 return id; 337 } 338 339 if (req.flags & (1 << RFCOMM_REUSE_DLC)) { 340 /* DLC is now used by device. 341 * Socket must be disconnected */ 342 sk->sk_state = BT_CLOSED; 343 } 344 345 return id; 346 } 347 348 static int rfcomm_release_dev(void __user *arg) 349 { 350 struct rfcomm_dev_req req; 351 struct rfcomm_dev *dev; 352 353 if (copy_from_user(&req, arg, sizeof(req))) 354 return -EFAULT; 355 356 BT_DBG("dev_id %id flags 0x%x", req.dev_id, req.flags); 357 358 if (!(dev = rfcomm_dev_get(req.dev_id))) 359 return -ENODEV; 360 361 if (dev->flags != NOCAP_FLAGS && !capable(CAP_NET_ADMIN)) { 362 rfcomm_dev_put(dev); 363 return -EPERM; 364 } 365 366 if (req.flags & (1 << RFCOMM_HANGUP_NOW)) 367 rfcomm_dlc_close(dev->dlc, 0); 368 369 rfcomm_dev_del(dev); 370 rfcomm_dev_put(dev); 371 return 0; 372 } 373 374 static int rfcomm_get_dev_list(void __user *arg) 375 { 376 struct rfcomm_dev_list_req *dl; 377 struct rfcomm_dev_info *di; 378 struct list_head *p; 379 int n = 0, size, err; 380 u16 dev_num; 381 382 BT_DBG(""); 383 384 if (get_user(dev_num, (u16 __user *) arg)) 385 return -EFAULT; 386 387 if (!dev_num || dev_num > (PAGE_SIZE * 4) / sizeof(*di)) 388 return -EINVAL; 389 390 size = sizeof(*dl) + dev_num * sizeof(*di); 391 392 if (!(dl = kmalloc(size, GFP_KERNEL))) 393 return -ENOMEM; 394 395 di = dl->dev_info; 396 397 read_lock_bh(&rfcomm_dev_lock); 398 399 list_for_each(p, &rfcomm_dev_list) { 400 struct rfcomm_dev *dev = list_entry(p, struct rfcomm_dev, list); 401 (di + n)->id = dev->id; 402 (di + n)->flags = dev->flags; 403 (di + n)->state = dev->dlc->state; 404 (di + n)->channel = dev->channel; 405 bacpy(&(di + n)->src, &dev->src); 406 bacpy(&(di + n)->dst, &dev->dst); 407 if (++n >= dev_num) 408 break; 409 } 410 411 read_unlock_bh(&rfcomm_dev_lock); 412 413 dl->dev_num = n; 414 size = sizeof(*dl) + n * sizeof(*di); 415 416 err = copy_to_user(arg, dl, size); 417 kfree(dl); 418 419 return err ? -EFAULT : 0; 420 } 421 422 static int rfcomm_get_dev_info(void __user *arg) 423 { 424 struct rfcomm_dev *dev; 425 struct rfcomm_dev_info di; 426 int err = 0; 427 428 BT_DBG(""); 429 430 if (copy_from_user(&di, arg, sizeof(di))) 431 return -EFAULT; 432 433 if (!(dev = rfcomm_dev_get(di.id))) 434 return -ENODEV; 435 436 di.flags = dev->flags; 437 di.channel = dev->channel; 438 di.state = dev->dlc->state; 439 bacpy(&di.src, &dev->src); 440 bacpy(&di.dst, &dev->dst); 441 442 if (copy_to_user(arg, &di, sizeof(di))) 443 err = -EFAULT; 444 445 rfcomm_dev_put(dev); 446 return err; 447 } 448 449 int rfcomm_dev_ioctl(struct sock *sk, unsigned int cmd, void __user *arg) 450 { 451 BT_DBG("cmd %d arg %p", cmd, arg); 452 453 switch (cmd) { 454 case RFCOMMCREATEDEV: 455 return rfcomm_create_dev(sk, arg); 456 457 case RFCOMMRELEASEDEV: 458 return rfcomm_release_dev(arg); 459 460 case RFCOMMGETDEVLIST: 461 return rfcomm_get_dev_list(arg); 462 463 case RFCOMMGETDEVINFO: 464 return rfcomm_get_dev_info(arg); 465 } 466 467 return -EINVAL; 468 } 469 470 /* ---- DLC callbacks ---- */ 471 static void rfcomm_dev_data_ready(struct rfcomm_dlc *dlc, struct sk_buff *skb) 472 { 473 struct rfcomm_dev *dev = dlc->owner; 474 struct tty_struct *tty; 475 476 if (!dev || !(tty = dev->tty)) { 477 kfree_skb(skb); 478 return; 479 } 480 481 BT_DBG("dlc %p tty %p len %d", dlc, tty, skb->len); 482 483 tty_insert_flip_string(tty, skb->data, skb->len); 484 tty_flip_buffer_push(tty); 485 486 kfree_skb(skb); 487 } 488 489 static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err) 490 { 491 struct rfcomm_dev *dev = dlc->owner; 492 if (!dev) 493 return; 494 495 BT_DBG("dlc %p dev %p err %d", dlc, dev, err); 496 497 dev->err = err; 498 wake_up_interruptible(&dev->wait); 499 500 if (dlc->state == BT_CLOSED) { 501 if (!dev->tty) { 502 if (test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags)) { 503 rfcomm_dev_hold(dev); 504 rfcomm_dev_del(dev); 505 506 /* We have to drop DLC lock here, otherwise 507 rfcomm_dev_put() will dead lock if it's 508 the last reference. */ 509 rfcomm_dlc_unlock(dlc); 510 rfcomm_dev_put(dev); 511 rfcomm_dlc_lock(dlc); 512 } 513 } else 514 tty_hangup(dev->tty); 515 } 516 } 517 518 static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig) 519 { 520 struct rfcomm_dev *dev = dlc->owner; 521 if (!dev) 522 return; 523 524 BT_DBG("dlc %p dev %p v24_sig 0x%02x", dlc, dev, v24_sig); 525 526 if ((dev->modem_status & TIOCM_CD) && !(v24_sig & RFCOMM_V24_DV)) { 527 if (dev->tty && !C_CLOCAL(dev->tty)) 528 tty_hangup(dev->tty); 529 } 530 531 dev->modem_status = 532 ((v24_sig & RFCOMM_V24_RTC) ? (TIOCM_DSR | TIOCM_DTR) : 0) | 533 ((v24_sig & RFCOMM_V24_RTR) ? (TIOCM_RTS | TIOCM_CTS) : 0) | 534 ((v24_sig & RFCOMM_V24_IC) ? TIOCM_RI : 0) | 535 ((v24_sig & RFCOMM_V24_DV) ? TIOCM_CD : 0); 536 } 537 538 /* ---- TTY functions ---- */ 539 static void rfcomm_tty_wakeup(unsigned long arg) 540 { 541 struct rfcomm_dev *dev = (void *) arg; 542 struct tty_struct *tty = dev->tty; 543 if (!tty) 544 return; 545 546 BT_DBG("dev %p tty %p", dev, tty); 547 548 if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags) && tty->ldisc.write_wakeup) 549 (tty->ldisc.write_wakeup)(tty); 550 551 wake_up_interruptible(&tty->write_wait); 552 #ifdef SERIAL_HAVE_POLL_WAIT 553 wake_up_interruptible(&tty->poll_wait); 554 #endif 555 } 556 557 static int rfcomm_tty_open(struct tty_struct *tty, struct file *filp) 558 { 559 DECLARE_WAITQUEUE(wait, current); 560 struct rfcomm_dev *dev; 561 struct rfcomm_dlc *dlc; 562 int err, id; 563 564 id = tty->index; 565 566 BT_DBG("tty %p id %d", tty, id); 567 568 /* We don't leak this refcount. For reasons which are not entirely 569 clear, the TTY layer will call our ->close() method even if the 570 open fails. We decrease the refcount there, and decreasing it 571 here too would cause breakage. */ 572 dev = rfcomm_dev_get(id); 573 if (!dev) 574 return -ENODEV; 575 576 BT_DBG("dev %p dst %s channel %d opened %d", dev, batostr(&dev->dst), dev->channel, dev->opened); 577 578 if (dev->opened++ != 0) 579 return 0; 580 581 dlc = dev->dlc; 582 583 /* Attach TTY and open DLC */ 584 585 rfcomm_dlc_lock(dlc); 586 tty->driver_data = dev; 587 dev->tty = tty; 588 rfcomm_dlc_unlock(dlc); 589 set_bit(RFCOMM_TTY_ATTACHED, &dev->flags); 590 591 err = rfcomm_dlc_open(dlc, &dev->src, &dev->dst, dev->channel); 592 if (err < 0) 593 return err; 594 595 /* Wait for DLC to connect */ 596 add_wait_queue(&dev->wait, &wait); 597 while (1) { 598 set_current_state(TASK_INTERRUPTIBLE); 599 600 if (dlc->state == BT_CLOSED) { 601 err = -dev->err; 602 break; 603 } 604 605 if (dlc->state == BT_CONNECTED) 606 break; 607 608 if (signal_pending(current)) { 609 err = -EINTR; 610 break; 611 } 612 613 schedule(); 614 } 615 set_current_state(TASK_RUNNING); 616 remove_wait_queue(&dev->wait, &wait); 617 618 return err; 619 } 620 621 static void rfcomm_tty_close(struct tty_struct *tty, struct file *filp) 622 { 623 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 624 if (!dev) 625 return; 626 627 BT_DBG("tty %p dev %p dlc %p opened %d", tty, dev, dev->dlc, dev->opened); 628 629 if (--dev->opened == 0) { 630 /* Close DLC and dettach TTY */ 631 rfcomm_dlc_close(dev->dlc, 0); 632 633 clear_bit(RFCOMM_TTY_ATTACHED, &dev->flags); 634 tasklet_kill(&dev->wakeup_task); 635 636 rfcomm_dlc_lock(dev->dlc); 637 tty->driver_data = NULL; 638 dev->tty = NULL; 639 rfcomm_dlc_unlock(dev->dlc); 640 } 641 642 rfcomm_dev_put(dev); 643 } 644 645 static int rfcomm_tty_write(struct tty_struct *tty, const unsigned char *buf, int count) 646 { 647 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 648 struct rfcomm_dlc *dlc = dev->dlc; 649 struct sk_buff *skb; 650 int err = 0, sent = 0, size; 651 652 BT_DBG("tty %p count %d", tty, count); 653 654 while (count) { 655 size = min_t(uint, count, dlc->mtu); 656 657 skb = rfcomm_wmalloc(dev, size + RFCOMM_SKB_RESERVE, GFP_ATOMIC); 658 659 if (!skb) 660 break; 661 662 skb_reserve(skb, RFCOMM_SKB_HEAD_RESERVE); 663 664 memcpy(skb_put(skb, size), buf + sent, size); 665 666 if ((err = rfcomm_dlc_send(dlc, skb)) < 0) { 667 kfree_skb(skb); 668 break; 669 } 670 671 sent += size; 672 count -= size; 673 } 674 675 return sent ? sent : err; 676 } 677 678 static int rfcomm_tty_write_room(struct tty_struct *tty) 679 { 680 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 681 int room; 682 683 BT_DBG("tty %p", tty); 684 685 room = rfcomm_room(dev->dlc) - atomic_read(&dev->wmem_alloc); 686 if (room < 0) 687 room = 0; 688 return room; 689 } 690 691 static int rfcomm_tty_ioctl(struct tty_struct *tty, struct file *filp, unsigned int cmd, unsigned long arg) 692 { 693 BT_DBG("tty %p cmd 0x%02x", tty, cmd); 694 695 switch (cmd) { 696 case TCGETS: 697 BT_DBG("TCGETS is not supported"); 698 return -ENOIOCTLCMD; 699 700 case TCSETS: 701 BT_DBG("TCSETS is not supported"); 702 return -ENOIOCTLCMD; 703 704 case TIOCMIWAIT: 705 BT_DBG("TIOCMIWAIT"); 706 break; 707 708 case TIOCGICOUNT: 709 BT_DBG("TIOCGICOUNT"); 710 break; 711 712 case TIOCGSERIAL: 713 BT_ERR("TIOCGSERIAL is not supported"); 714 return -ENOIOCTLCMD; 715 716 case TIOCSSERIAL: 717 BT_ERR("TIOCSSERIAL is not supported"); 718 return -ENOIOCTLCMD; 719 720 case TIOCSERGSTRUCT: 721 BT_ERR("TIOCSERGSTRUCT is not supported"); 722 return -ENOIOCTLCMD; 723 724 case TIOCSERGETLSR: 725 BT_ERR("TIOCSERGETLSR is not supported"); 726 return -ENOIOCTLCMD; 727 728 case TIOCSERCONFIG: 729 BT_ERR("TIOCSERCONFIG is not supported"); 730 return -ENOIOCTLCMD; 731 732 default: 733 return -ENOIOCTLCMD; /* ioctls which we must ignore */ 734 735 } 736 737 return -ENOIOCTLCMD; 738 } 739 740 static void rfcomm_tty_set_termios(struct tty_struct *tty, struct termios *old) 741 { 742 struct termios *new = (struct termios *) tty->termios; 743 int old_baud_rate = tty_termios_baud_rate(old); 744 int new_baud_rate = tty_termios_baud_rate(new); 745 746 u8 baud, data_bits, stop_bits, parity, x_on, x_off; 747 u16 changes = 0; 748 749 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 750 751 BT_DBG("tty %p termios %p", tty, old); 752 753 /* Handle turning off CRTSCTS */ 754 if ((old->c_cflag & CRTSCTS) && !(new->c_cflag & CRTSCTS)) 755 BT_DBG("Turning off CRTSCTS unsupported"); 756 757 /* Parity on/off and when on, odd/even */ 758 if (((old->c_cflag & PARENB) != (new->c_cflag & PARENB)) || 759 ((old->c_cflag & PARODD) != (new->c_cflag & PARODD)) ) { 760 changes |= RFCOMM_RPN_PM_PARITY; 761 BT_DBG("Parity change detected."); 762 } 763 764 /* Mark and space parity are not supported! */ 765 if (new->c_cflag & PARENB) { 766 if (new->c_cflag & PARODD) { 767 BT_DBG("Parity is ODD"); 768 parity = RFCOMM_RPN_PARITY_ODD; 769 } else { 770 BT_DBG("Parity is EVEN"); 771 parity = RFCOMM_RPN_PARITY_EVEN; 772 } 773 } else { 774 BT_DBG("Parity is OFF"); 775 parity = RFCOMM_RPN_PARITY_NONE; 776 } 777 778 /* Setting the x_on / x_off characters */ 779 if (old->c_cc[VSTOP] != new->c_cc[VSTOP]) { 780 BT_DBG("XOFF custom"); 781 x_on = new->c_cc[VSTOP]; 782 changes |= RFCOMM_RPN_PM_XON; 783 } else { 784 BT_DBG("XOFF default"); 785 x_on = RFCOMM_RPN_XON_CHAR; 786 } 787 788 if (old->c_cc[VSTART] != new->c_cc[VSTART]) { 789 BT_DBG("XON custom"); 790 x_off = new->c_cc[VSTART]; 791 changes |= RFCOMM_RPN_PM_XOFF; 792 } else { 793 BT_DBG("XON default"); 794 x_off = RFCOMM_RPN_XOFF_CHAR; 795 } 796 797 /* Handle setting of stop bits */ 798 if ((old->c_cflag & CSTOPB) != (new->c_cflag & CSTOPB)) 799 changes |= RFCOMM_RPN_PM_STOP; 800 801 /* POSIX does not support 1.5 stop bits and RFCOMM does not 802 * support 2 stop bits. So a request for 2 stop bits gets 803 * translated to 1.5 stop bits */ 804 if (new->c_cflag & CSTOPB) { 805 stop_bits = RFCOMM_RPN_STOP_15; 806 } else { 807 stop_bits = RFCOMM_RPN_STOP_1; 808 } 809 810 /* Handle number of data bits [5-8] */ 811 if ((old->c_cflag & CSIZE) != (new->c_cflag & CSIZE)) 812 changes |= RFCOMM_RPN_PM_DATA; 813 814 switch (new->c_cflag & CSIZE) { 815 case CS5: 816 data_bits = RFCOMM_RPN_DATA_5; 817 break; 818 case CS6: 819 data_bits = RFCOMM_RPN_DATA_6; 820 break; 821 case CS7: 822 data_bits = RFCOMM_RPN_DATA_7; 823 break; 824 case CS8: 825 data_bits = RFCOMM_RPN_DATA_8; 826 break; 827 default: 828 data_bits = RFCOMM_RPN_DATA_8; 829 break; 830 } 831 832 /* Handle baudrate settings */ 833 if (old_baud_rate != new_baud_rate) 834 changes |= RFCOMM_RPN_PM_BITRATE; 835 836 switch (new_baud_rate) { 837 case 2400: 838 baud = RFCOMM_RPN_BR_2400; 839 break; 840 case 4800: 841 baud = RFCOMM_RPN_BR_4800; 842 break; 843 case 7200: 844 baud = RFCOMM_RPN_BR_7200; 845 break; 846 case 9600: 847 baud = RFCOMM_RPN_BR_9600; 848 break; 849 case 19200: 850 baud = RFCOMM_RPN_BR_19200; 851 break; 852 case 38400: 853 baud = RFCOMM_RPN_BR_38400; 854 break; 855 case 57600: 856 baud = RFCOMM_RPN_BR_57600; 857 break; 858 case 115200: 859 baud = RFCOMM_RPN_BR_115200; 860 break; 861 case 230400: 862 baud = RFCOMM_RPN_BR_230400; 863 break; 864 default: 865 /* 9600 is standard accordinag to the RFCOMM specification */ 866 baud = RFCOMM_RPN_BR_9600; 867 break; 868 869 } 870 871 if (changes) 872 rfcomm_send_rpn(dev->dlc->session, 1, dev->dlc->dlci, baud, 873 data_bits, stop_bits, parity, 874 RFCOMM_RPN_FLOW_NONE, x_on, x_off, changes); 875 876 return; 877 } 878 879 static void rfcomm_tty_throttle(struct tty_struct *tty) 880 { 881 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 882 883 BT_DBG("tty %p dev %p", tty, dev); 884 885 rfcomm_dlc_throttle(dev->dlc); 886 } 887 888 static void rfcomm_tty_unthrottle(struct tty_struct *tty) 889 { 890 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 891 892 BT_DBG("tty %p dev %p", tty, dev); 893 894 rfcomm_dlc_unthrottle(dev->dlc); 895 } 896 897 static int rfcomm_tty_chars_in_buffer(struct tty_struct *tty) 898 { 899 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 900 struct rfcomm_dlc *dlc = dev->dlc; 901 902 BT_DBG("tty %p dev %p", tty, dev); 903 904 if (!skb_queue_empty(&dlc->tx_queue)) 905 return dlc->mtu; 906 907 return 0; 908 } 909 910 static void rfcomm_tty_flush_buffer(struct tty_struct *tty) 911 { 912 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 913 if (!dev) 914 return; 915 916 BT_DBG("tty %p dev %p", tty, dev); 917 918 skb_queue_purge(&dev->dlc->tx_queue); 919 920 if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags) && tty->ldisc.write_wakeup) 921 tty->ldisc.write_wakeup(tty); 922 } 923 924 static void rfcomm_tty_send_xchar(struct tty_struct *tty, char ch) 925 { 926 BT_DBG("tty %p ch %c", tty, ch); 927 } 928 929 static void rfcomm_tty_wait_until_sent(struct tty_struct *tty, int timeout) 930 { 931 BT_DBG("tty %p timeout %d", tty, timeout); 932 } 933 934 static void rfcomm_tty_hangup(struct tty_struct *tty) 935 { 936 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 937 if (!dev) 938 return; 939 940 BT_DBG("tty %p dev %p", tty, dev); 941 942 rfcomm_tty_flush_buffer(tty); 943 944 if (test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags)) 945 rfcomm_dev_del(dev); 946 } 947 948 static int rfcomm_tty_read_proc(char *buf, char **start, off_t offset, int len, int *eof, void *unused) 949 { 950 return 0; 951 } 952 953 static int rfcomm_tty_tiocmget(struct tty_struct *tty, struct file *filp) 954 { 955 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 956 957 BT_DBG("tty %p dev %p", tty, dev); 958 959 return dev->modem_status; 960 } 961 962 static int rfcomm_tty_tiocmset(struct tty_struct *tty, struct file *filp, unsigned int set, unsigned int clear) 963 { 964 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 965 struct rfcomm_dlc *dlc = dev->dlc; 966 u8 v24_sig; 967 968 BT_DBG("tty %p dev %p set 0x%02x clear 0x%02x", tty, dev, set, clear); 969 970 rfcomm_dlc_get_modem_status(dlc, &v24_sig); 971 972 if (set & TIOCM_DSR || set & TIOCM_DTR) 973 v24_sig |= RFCOMM_V24_RTC; 974 if (set & TIOCM_RTS || set & TIOCM_CTS) 975 v24_sig |= RFCOMM_V24_RTR; 976 if (set & TIOCM_RI) 977 v24_sig |= RFCOMM_V24_IC; 978 if (set & TIOCM_CD) 979 v24_sig |= RFCOMM_V24_DV; 980 981 if (clear & TIOCM_DSR || clear & TIOCM_DTR) 982 v24_sig &= ~RFCOMM_V24_RTC; 983 if (clear & TIOCM_RTS || clear & TIOCM_CTS) 984 v24_sig &= ~RFCOMM_V24_RTR; 985 if (clear & TIOCM_RI) 986 v24_sig &= ~RFCOMM_V24_IC; 987 if (clear & TIOCM_CD) 988 v24_sig &= ~RFCOMM_V24_DV; 989 990 rfcomm_dlc_set_modem_status(dlc, v24_sig); 991 992 return 0; 993 } 994 995 /* ---- TTY structure ---- */ 996 997 static struct tty_operations rfcomm_ops = { 998 .open = rfcomm_tty_open, 999 .close = rfcomm_tty_close, 1000 .write = rfcomm_tty_write, 1001 .write_room = rfcomm_tty_write_room, 1002 .chars_in_buffer = rfcomm_tty_chars_in_buffer, 1003 .flush_buffer = rfcomm_tty_flush_buffer, 1004 .ioctl = rfcomm_tty_ioctl, 1005 .throttle = rfcomm_tty_throttle, 1006 .unthrottle = rfcomm_tty_unthrottle, 1007 .set_termios = rfcomm_tty_set_termios, 1008 .send_xchar = rfcomm_tty_send_xchar, 1009 .hangup = rfcomm_tty_hangup, 1010 .wait_until_sent = rfcomm_tty_wait_until_sent, 1011 .read_proc = rfcomm_tty_read_proc, 1012 .tiocmget = rfcomm_tty_tiocmget, 1013 .tiocmset = rfcomm_tty_tiocmset, 1014 }; 1015 1016 int rfcomm_init_ttys(void) 1017 { 1018 rfcomm_tty_driver = alloc_tty_driver(RFCOMM_TTY_PORTS); 1019 if (!rfcomm_tty_driver) 1020 return -1; 1021 1022 rfcomm_tty_driver->owner = THIS_MODULE; 1023 rfcomm_tty_driver->driver_name = "rfcomm"; 1024 rfcomm_tty_driver->name = "rfcomm"; 1025 rfcomm_tty_driver->major = RFCOMM_TTY_MAJOR; 1026 rfcomm_tty_driver->minor_start = RFCOMM_TTY_MINOR; 1027 rfcomm_tty_driver->type = TTY_DRIVER_TYPE_SERIAL; 1028 rfcomm_tty_driver->subtype = SERIAL_TYPE_NORMAL; 1029 rfcomm_tty_driver->flags = TTY_DRIVER_REAL_RAW | TTY_DRIVER_DYNAMIC_DEV; 1030 rfcomm_tty_driver->init_termios = tty_std_termios; 1031 rfcomm_tty_driver->init_termios.c_cflag = B9600 | CS8 | CREAD | HUPCL | CLOCAL; 1032 tty_set_operations(rfcomm_tty_driver, &rfcomm_ops); 1033 1034 if (tty_register_driver(rfcomm_tty_driver)) { 1035 BT_ERR("Can't register RFCOMM TTY driver"); 1036 put_tty_driver(rfcomm_tty_driver); 1037 return -1; 1038 } 1039 1040 BT_INFO("RFCOMM TTY layer initialized"); 1041 1042 return 0; 1043 } 1044 1045 void rfcomm_cleanup_ttys(void) 1046 { 1047 tty_unregister_driver(rfcomm_tty_driver); 1048 put_tty_driver(rfcomm_tty_driver); 1049 } 1050