1 /* 2 RFCOMM implementation for Linux Bluetooth stack (BlueZ). 3 Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com> 4 Copyright (C) 2002 Marcel Holtmann <marcel@holtmann.org> 5 6 This program is free software; you can redistribute it and/or modify 7 it under the terms of the GNU General Public License version 2 as 8 published by the Free Software Foundation; 9 10 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS 11 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 12 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. 13 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY 14 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES 15 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 19 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, 20 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS 21 SOFTWARE IS DISCLAIMED. 22 */ 23 24 /* 25 * RFCOMM TTY. 26 * 27 * $Id: tty.c,v 1.24 2002/10/03 01:54:38 holtmann Exp $ 28 */ 29 30 #include <linux/module.h> 31 32 #include <linux/tty.h> 33 #include <linux/tty_driver.h> 34 #include <linux/tty_flip.h> 35 36 #include <linux/capability.h> 37 #include <linux/slab.h> 38 #include <linux/skbuff.h> 39 40 #include <net/bluetooth/bluetooth.h> 41 #include <net/bluetooth/rfcomm.h> 42 43 #ifndef CONFIG_BT_RFCOMM_DEBUG 44 #undef BT_DBG 45 #define BT_DBG(D...) 46 #endif 47 48 #define RFCOMM_TTY_MAGIC 0x6d02 /* magic number for rfcomm struct */ 49 #define RFCOMM_TTY_PORTS RFCOMM_MAX_DEV /* whole lotta rfcomm devices */ 50 #define RFCOMM_TTY_MAJOR 216 /* device node major id of the usb/bluetooth.c driver */ 51 #define RFCOMM_TTY_MINOR 0 52 53 static struct tty_driver *rfcomm_tty_driver; 54 55 struct rfcomm_dev { 56 struct list_head list; 57 atomic_t refcnt; 58 59 char name[12]; 60 int id; 61 unsigned long flags; 62 int opened; 63 int err; 64 65 bdaddr_t src; 66 bdaddr_t dst; 67 u8 channel; 68 69 uint modem_status; 70 71 struct rfcomm_dlc *dlc; 72 struct tty_struct *tty; 73 wait_queue_head_t wait; 74 struct tasklet_struct wakeup_task; 75 76 atomic_t wmem_alloc; 77 }; 78 79 static LIST_HEAD(rfcomm_dev_list); 80 static DEFINE_RWLOCK(rfcomm_dev_lock); 81 82 static void rfcomm_dev_data_ready(struct rfcomm_dlc *dlc, struct sk_buff *skb); 83 static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err); 84 static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig); 85 86 static void rfcomm_tty_wakeup(unsigned long arg); 87 88 /* ---- Device functions ---- */ 89 static void rfcomm_dev_destruct(struct rfcomm_dev *dev) 90 { 91 struct rfcomm_dlc *dlc = dev->dlc; 92 93 BT_DBG("dev %p dlc %p", dev, dlc); 94 95 rfcomm_dlc_lock(dlc); 96 /* Detach DLC if it's owned by this dev */ 97 if (dlc->owner == dev) 98 dlc->owner = NULL; 99 rfcomm_dlc_unlock(dlc); 100 101 rfcomm_dlc_put(dlc); 102 103 tty_unregister_device(rfcomm_tty_driver, dev->id); 104 105 /* Refcount should only hit zero when called from rfcomm_dev_del() 106 which will have taken us off the list. Everything else are 107 refcounting bugs. */ 108 BUG_ON(!list_empty(&dev->list)); 109 110 kfree(dev); 111 112 /* It's safe to call module_put() here because socket still 113 holds reference to this module. */ 114 module_put(THIS_MODULE); 115 } 116 117 static inline void rfcomm_dev_hold(struct rfcomm_dev *dev) 118 { 119 atomic_inc(&dev->refcnt); 120 } 121 122 static inline void rfcomm_dev_put(struct rfcomm_dev *dev) 123 { 124 /* The reason this isn't actually a race, as you no 125 doubt have a little voice screaming at you in your 126 head, is that the refcount should never actually 127 reach zero unless the device has already been taken 128 off the list, in rfcomm_dev_del(). And if that's not 129 true, we'll hit the BUG() in rfcomm_dev_destruct() 130 anyway. */ 131 if (atomic_dec_and_test(&dev->refcnt)) 132 rfcomm_dev_destruct(dev); 133 } 134 135 static struct rfcomm_dev *__rfcomm_dev_get(int id) 136 { 137 struct rfcomm_dev *dev; 138 struct list_head *p; 139 140 list_for_each(p, &rfcomm_dev_list) { 141 dev = list_entry(p, struct rfcomm_dev, list); 142 if (dev->id == id) 143 return dev; 144 } 145 146 return NULL; 147 } 148 149 static inline struct rfcomm_dev *rfcomm_dev_get(int id) 150 { 151 struct rfcomm_dev *dev; 152 153 read_lock(&rfcomm_dev_lock); 154 155 dev = __rfcomm_dev_get(id); 156 if (dev) 157 rfcomm_dev_hold(dev); 158 159 read_unlock(&rfcomm_dev_lock); 160 161 return dev; 162 } 163 164 static int rfcomm_dev_add(struct rfcomm_dev_req *req, struct rfcomm_dlc *dlc) 165 { 166 struct rfcomm_dev *dev; 167 struct list_head *head = &rfcomm_dev_list, *p; 168 int err = 0; 169 170 BT_DBG("id %d channel %d", req->dev_id, req->channel); 171 172 dev = kzalloc(sizeof(struct rfcomm_dev), GFP_KERNEL); 173 if (!dev) 174 return -ENOMEM; 175 176 write_lock_bh(&rfcomm_dev_lock); 177 178 if (req->dev_id < 0) { 179 dev->id = 0; 180 181 list_for_each(p, &rfcomm_dev_list) { 182 if (list_entry(p, struct rfcomm_dev, list)->id != dev->id) 183 break; 184 185 dev->id++; 186 head = p; 187 } 188 } else { 189 dev->id = req->dev_id; 190 191 list_for_each(p, &rfcomm_dev_list) { 192 struct rfcomm_dev *entry = list_entry(p, struct rfcomm_dev, list); 193 194 if (entry->id == dev->id) { 195 err = -EADDRINUSE; 196 goto out; 197 } 198 199 if (entry->id > dev->id - 1) 200 break; 201 202 head = p; 203 } 204 } 205 206 if ((dev->id < 0) || (dev->id > RFCOMM_MAX_DEV - 1)) { 207 err = -ENFILE; 208 goto out; 209 } 210 211 sprintf(dev->name, "rfcomm%d", dev->id); 212 213 list_add(&dev->list, head); 214 atomic_set(&dev->refcnt, 1); 215 216 bacpy(&dev->src, &req->src); 217 bacpy(&dev->dst, &req->dst); 218 dev->channel = req->channel; 219 220 dev->flags = req->flags & 221 ((1 << RFCOMM_RELEASE_ONHUP) | (1 << RFCOMM_REUSE_DLC)); 222 223 init_waitqueue_head(&dev->wait); 224 tasklet_init(&dev->wakeup_task, rfcomm_tty_wakeup, (unsigned long) dev); 225 226 rfcomm_dlc_lock(dlc); 227 dlc->data_ready = rfcomm_dev_data_ready; 228 dlc->state_change = rfcomm_dev_state_change; 229 dlc->modem_status = rfcomm_dev_modem_status; 230 231 dlc->owner = dev; 232 dev->dlc = dlc; 233 rfcomm_dlc_unlock(dlc); 234 235 /* It's safe to call __module_get() here because socket already 236 holds reference to this module. */ 237 __module_get(THIS_MODULE); 238 239 out: 240 write_unlock_bh(&rfcomm_dev_lock); 241 242 if (err) { 243 kfree(dev); 244 return err; 245 } 246 247 tty_register_device(rfcomm_tty_driver, dev->id, NULL); 248 249 return dev->id; 250 } 251 252 static void rfcomm_dev_del(struct rfcomm_dev *dev) 253 { 254 BT_DBG("dev %p", dev); 255 256 write_lock_bh(&rfcomm_dev_lock); 257 list_del_init(&dev->list); 258 write_unlock_bh(&rfcomm_dev_lock); 259 260 rfcomm_dev_put(dev); 261 } 262 263 /* ---- Send buffer ---- */ 264 static inline unsigned int rfcomm_room(struct rfcomm_dlc *dlc) 265 { 266 /* We can't let it be zero, because we don't get a callback 267 when tx_credits becomes nonzero, hence we'd never wake up */ 268 return dlc->mtu * (dlc->tx_credits?:1); 269 } 270 271 static void rfcomm_wfree(struct sk_buff *skb) 272 { 273 struct rfcomm_dev *dev = (void *) skb->sk; 274 atomic_sub(skb->truesize, &dev->wmem_alloc); 275 if (test_bit(RFCOMM_TTY_ATTACHED, &dev->flags)) 276 tasklet_schedule(&dev->wakeup_task); 277 rfcomm_dev_put(dev); 278 } 279 280 static inline void rfcomm_set_owner_w(struct sk_buff *skb, struct rfcomm_dev *dev) 281 { 282 rfcomm_dev_hold(dev); 283 atomic_add(skb->truesize, &dev->wmem_alloc); 284 skb->sk = (void *) dev; 285 skb->destructor = rfcomm_wfree; 286 } 287 288 static struct sk_buff *rfcomm_wmalloc(struct rfcomm_dev *dev, unsigned long size, gfp_t priority) 289 { 290 if (atomic_read(&dev->wmem_alloc) < rfcomm_room(dev->dlc)) { 291 struct sk_buff *skb = alloc_skb(size, priority); 292 if (skb) { 293 rfcomm_set_owner_w(skb, dev); 294 return skb; 295 } 296 } 297 return NULL; 298 } 299 300 /* ---- Device IOCTLs ---- */ 301 302 #define NOCAP_FLAGS ((1 << RFCOMM_REUSE_DLC) | (1 << RFCOMM_RELEASE_ONHUP)) 303 304 static int rfcomm_create_dev(struct sock *sk, void __user *arg) 305 { 306 struct rfcomm_dev_req req; 307 struct rfcomm_dlc *dlc; 308 int id; 309 310 if (copy_from_user(&req, arg, sizeof(req))) 311 return -EFAULT; 312 313 BT_DBG("sk %p dev_id %id flags 0x%x", sk, req.dev_id, req.flags); 314 315 if (req.flags != NOCAP_FLAGS && !capable(CAP_NET_ADMIN)) 316 return -EPERM; 317 318 if (req.flags & (1 << RFCOMM_REUSE_DLC)) { 319 /* Socket must be connected */ 320 if (sk->sk_state != BT_CONNECTED) 321 return -EBADFD; 322 323 dlc = rfcomm_pi(sk)->dlc; 324 rfcomm_dlc_hold(dlc); 325 } else { 326 dlc = rfcomm_dlc_alloc(GFP_KERNEL); 327 if (!dlc) 328 return -ENOMEM; 329 } 330 331 id = rfcomm_dev_add(&req, dlc); 332 if (id < 0) { 333 rfcomm_dlc_put(dlc); 334 return id; 335 } 336 337 if (req.flags & (1 << RFCOMM_REUSE_DLC)) { 338 /* DLC is now used by device. 339 * Socket must be disconnected */ 340 sk->sk_state = BT_CLOSED; 341 } 342 343 return id; 344 } 345 346 static int rfcomm_release_dev(void __user *arg) 347 { 348 struct rfcomm_dev_req req; 349 struct rfcomm_dev *dev; 350 351 if (copy_from_user(&req, arg, sizeof(req))) 352 return -EFAULT; 353 354 BT_DBG("dev_id %id flags 0x%x", req.dev_id, req.flags); 355 356 if (!(dev = rfcomm_dev_get(req.dev_id))) 357 return -ENODEV; 358 359 if (dev->flags != NOCAP_FLAGS && !capable(CAP_NET_ADMIN)) { 360 rfcomm_dev_put(dev); 361 return -EPERM; 362 } 363 364 if (req.flags & (1 << RFCOMM_HANGUP_NOW)) 365 rfcomm_dlc_close(dev->dlc, 0); 366 367 rfcomm_dev_del(dev); 368 rfcomm_dev_put(dev); 369 return 0; 370 } 371 372 static int rfcomm_get_dev_list(void __user *arg) 373 { 374 struct rfcomm_dev_list_req *dl; 375 struct rfcomm_dev_info *di; 376 struct list_head *p; 377 int n = 0, size, err; 378 u16 dev_num; 379 380 BT_DBG(""); 381 382 if (get_user(dev_num, (u16 __user *) arg)) 383 return -EFAULT; 384 385 if (!dev_num || dev_num > (PAGE_SIZE * 4) / sizeof(*di)) 386 return -EINVAL; 387 388 size = sizeof(*dl) + dev_num * sizeof(*di); 389 390 if (!(dl = kmalloc(size, GFP_KERNEL))) 391 return -ENOMEM; 392 393 di = dl->dev_info; 394 395 read_lock_bh(&rfcomm_dev_lock); 396 397 list_for_each(p, &rfcomm_dev_list) { 398 struct rfcomm_dev *dev = list_entry(p, struct rfcomm_dev, list); 399 (di + n)->id = dev->id; 400 (di + n)->flags = dev->flags; 401 (di + n)->state = dev->dlc->state; 402 (di + n)->channel = dev->channel; 403 bacpy(&(di + n)->src, &dev->src); 404 bacpy(&(di + n)->dst, &dev->dst); 405 if (++n >= dev_num) 406 break; 407 } 408 409 read_unlock_bh(&rfcomm_dev_lock); 410 411 dl->dev_num = n; 412 size = sizeof(*dl) + n * sizeof(*di); 413 414 err = copy_to_user(arg, dl, size); 415 kfree(dl); 416 417 return err ? -EFAULT : 0; 418 } 419 420 static int rfcomm_get_dev_info(void __user *arg) 421 { 422 struct rfcomm_dev *dev; 423 struct rfcomm_dev_info di; 424 int err = 0; 425 426 BT_DBG(""); 427 428 if (copy_from_user(&di, arg, sizeof(di))) 429 return -EFAULT; 430 431 if (!(dev = rfcomm_dev_get(di.id))) 432 return -ENODEV; 433 434 di.flags = dev->flags; 435 di.channel = dev->channel; 436 di.state = dev->dlc->state; 437 bacpy(&di.src, &dev->src); 438 bacpy(&di.dst, &dev->dst); 439 440 if (copy_to_user(arg, &di, sizeof(di))) 441 err = -EFAULT; 442 443 rfcomm_dev_put(dev); 444 return err; 445 } 446 447 int rfcomm_dev_ioctl(struct sock *sk, unsigned int cmd, void __user *arg) 448 { 449 BT_DBG("cmd %d arg %p", cmd, arg); 450 451 switch (cmd) { 452 case RFCOMMCREATEDEV: 453 return rfcomm_create_dev(sk, arg); 454 455 case RFCOMMRELEASEDEV: 456 return rfcomm_release_dev(arg); 457 458 case RFCOMMGETDEVLIST: 459 return rfcomm_get_dev_list(arg); 460 461 case RFCOMMGETDEVINFO: 462 return rfcomm_get_dev_info(arg); 463 } 464 465 return -EINVAL; 466 } 467 468 /* ---- DLC callbacks ---- */ 469 static void rfcomm_dev_data_ready(struct rfcomm_dlc *dlc, struct sk_buff *skb) 470 { 471 struct rfcomm_dev *dev = dlc->owner; 472 struct tty_struct *tty; 473 474 if (!dev || !(tty = dev->tty)) { 475 kfree_skb(skb); 476 return; 477 } 478 479 BT_DBG("dlc %p tty %p len %d", dlc, tty, skb->len); 480 481 tty_insert_flip_string(tty, skb->data, skb->len); 482 tty_flip_buffer_push(tty); 483 484 kfree_skb(skb); 485 } 486 487 static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err) 488 { 489 struct rfcomm_dev *dev = dlc->owner; 490 if (!dev) 491 return; 492 493 BT_DBG("dlc %p dev %p err %d", dlc, dev, err); 494 495 dev->err = err; 496 wake_up_interruptible(&dev->wait); 497 498 if (dlc->state == BT_CLOSED) { 499 if (!dev->tty) { 500 if (test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags)) { 501 rfcomm_dev_hold(dev); 502 rfcomm_dev_del(dev); 503 504 /* We have to drop DLC lock here, otherwise 505 rfcomm_dev_put() will dead lock if it's 506 the last reference. */ 507 rfcomm_dlc_unlock(dlc); 508 rfcomm_dev_put(dev); 509 rfcomm_dlc_lock(dlc); 510 } 511 } else 512 tty_hangup(dev->tty); 513 } 514 } 515 516 static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig) 517 { 518 struct rfcomm_dev *dev = dlc->owner; 519 if (!dev) 520 return; 521 522 BT_DBG("dlc %p dev %p v24_sig 0x%02x", dlc, dev, v24_sig); 523 524 if ((dev->modem_status & TIOCM_CD) && !(v24_sig & RFCOMM_V24_DV)) { 525 if (dev->tty && !C_CLOCAL(dev->tty)) 526 tty_hangup(dev->tty); 527 } 528 529 dev->modem_status = 530 ((v24_sig & RFCOMM_V24_RTC) ? (TIOCM_DSR | TIOCM_DTR) : 0) | 531 ((v24_sig & RFCOMM_V24_RTR) ? (TIOCM_RTS | TIOCM_CTS) : 0) | 532 ((v24_sig & RFCOMM_V24_IC) ? TIOCM_RI : 0) | 533 ((v24_sig & RFCOMM_V24_DV) ? TIOCM_CD : 0); 534 } 535 536 /* ---- TTY functions ---- */ 537 static void rfcomm_tty_wakeup(unsigned long arg) 538 { 539 struct rfcomm_dev *dev = (void *) arg; 540 struct tty_struct *tty = dev->tty; 541 if (!tty) 542 return; 543 544 BT_DBG("dev %p tty %p", dev, tty); 545 546 if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags) && tty->ldisc.write_wakeup) 547 (tty->ldisc.write_wakeup)(tty); 548 549 wake_up_interruptible(&tty->write_wait); 550 #ifdef SERIAL_HAVE_POLL_WAIT 551 wake_up_interruptible(&tty->poll_wait); 552 #endif 553 } 554 555 static int rfcomm_tty_open(struct tty_struct *tty, struct file *filp) 556 { 557 DECLARE_WAITQUEUE(wait, current); 558 struct rfcomm_dev *dev; 559 struct rfcomm_dlc *dlc; 560 int err, id; 561 562 id = tty->index; 563 564 BT_DBG("tty %p id %d", tty, id); 565 566 /* We don't leak this refcount. For reasons which are not entirely 567 clear, the TTY layer will call our ->close() method even if the 568 open fails. We decrease the refcount there, and decreasing it 569 here too would cause breakage. */ 570 dev = rfcomm_dev_get(id); 571 if (!dev) 572 return -ENODEV; 573 574 BT_DBG("dev %p dst %s channel %d opened %d", dev, batostr(&dev->dst), dev->channel, dev->opened); 575 576 if (dev->opened++ != 0) 577 return 0; 578 579 dlc = dev->dlc; 580 581 /* Attach TTY and open DLC */ 582 583 rfcomm_dlc_lock(dlc); 584 tty->driver_data = dev; 585 dev->tty = tty; 586 rfcomm_dlc_unlock(dlc); 587 set_bit(RFCOMM_TTY_ATTACHED, &dev->flags); 588 589 err = rfcomm_dlc_open(dlc, &dev->src, &dev->dst, dev->channel); 590 if (err < 0) 591 return err; 592 593 /* Wait for DLC to connect */ 594 add_wait_queue(&dev->wait, &wait); 595 while (1) { 596 set_current_state(TASK_INTERRUPTIBLE); 597 598 if (dlc->state == BT_CLOSED) { 599 err = -dev->err; 600 break; 601 } 602 603 if (dlc->state == BT_CONNECTED) 604 break; 605 606 if (signal_pending(current)) { 607 err = -EINTR; 608 break; 609 } 610 611 schedule(); 612 } 613 set_current_state(TASK_RUNNING); 614 remove_wait_queue(&dev->wait, &wait); 615 616 return err; 617 } 618 619 static void rfcomm_tty_close(struct tty_struct *tty, struct file *filp) 620 { 621 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 622 if (!dev) 623 return; 624 625 BT_DBG("tty %p dev %p dlc %p opened %d", tty, dev, dev->dlc, dev->opened); 626 627 if (--dev->opened == 0) { 628 /* Close DLC and dettach TTY */ 629 rfcomm_dlc_close(dev->dlc, 0); 630 631 clear_bit(RFCOMM_TTY_ATTACHED, &dev->flags); 632 tasklet_kill(&dev->wakeup_task); 633 634 rfcomm_dlc_lock(dev->dlc); 635 tty->driver_data = NULL; 636 dev->tty = NULL; 637 rfcomm_dlc_unlock(dev->dlc); 638 } 639 640 rfcomm_dev_put(dev); 641 } 642 643 static int rfcomm_tty_write(struct tty_struct *tty, const unsigned char *buf, int count) 644 { 645 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 646 struct rfcomm_dlc *dlc = dev->dlc; 647 struct sk_buff *skb; 648 int err = 0, sent = 0, size; 649 650 BT_DBG("tty %p count %d", tty, count); 651 652 while (count) { 653 size = min_t(uint, count, dlc->mtu); 654 655 skb = rfcomm_wmalloc(dev, size + RFCOMM_SKB_RESERVE, GFP_ATOMIC); 656 657 if (!skb) 658 break; 659 660 skb_reserve(skb, RFCOMM_SKB_HEAD_RESERVE); 661 662 memcpy(skb_put(skb, size), buf + sent, size); 663 664 if ((err = rfcomm_dlc_send(dlc, skb)) < 0) { 665 kfree_skb(skb); 666 break; 667 } 668 669 sent += size; 670 count -= size; 671 } 672 673 return sent ? sent : err; 674 } 675 676 static int rfcomm_tty_write_room(struct tty_struct *tty) 677 { 678 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 679 int room; 680 681 BT_DBG("tty %p", tty); 682 683 room = rfcomm_room(dev->dlc) - atomic_read(&dev->wmem_alloc); 684 if (room < 0) 685 room = 0; 686 return room; 687 } 688 689 static int rfcomm_tty_ioctl(struct tty_struct *tty, struct file *filp, unsigned int cmd, unsigned long arg) 690 { 691 BT_DBG("tty %p cmd 0x%02x", tty, cmd); 692 693 switch (cmd) { 694 case TCGETS: 695 BT_DBG("TCGETS is not supported"); 696 return -ENOIOCTLCMD; 697 698 case TCSETS: 699 BT_DBG("TCSETS is not supported"); 700 return -ENOIOCTLCMD; 701 702 case TIOCMIWAIT: 703 BT_DBG("TIOCMIWAIT"); 704 break; 705 706 case TIOCGICOUNT: 707 BT_DBG("TIOCGICOUNT"); 708 break; 709 710 case TIOCGSERIAL: 711 BT_ERR("TIOCGSERIAL is not supported"); 712 return -ENOIOCTLCMD; 713 714 case TIOCSSERIAL: 715 BT_ERR("TIOCSSERIAL is not supported"); 716 return -ENOIOCTLCMD; 717 718 case TIOCSERGSTRUCT: 719 BT_ERR("TIOCSERGSTRUCT is not supported"); 720 return -ENOIOCTLCMD; 721 722 case TIOCSERGETLSR: 723 BT_ERR("TIOCSERGETLSR is not supported"); 724 return -ENOIOCTLCMD; 725 726 case TIOCSERCONFIG: 727 BT_ERR("TIOCSERCONFIG is not supported"); 728 return -ENOIOCTLCMD; 729 730 default: 731 return -ENOIOCTLCMD; /* ioctls which we must ignore */ 732 733 } 734 735 return -ENOIOCTLCMD; 736 } 737 738 static void rfcomm_tty_set_termios(struct tty_struct *tty, struct termios *old) 739 { 740 struct termios *new = (struct termios *) tty->termios; 741 int old_baud_rate = tty_termios_baud_rate(old); 742 int new_baud_rate = tty_termios_baud_rate(new); 743 744 u8 baud, data_bits, stop_bits, parity, x_on, x_off; 745 u16 changes = 0; 746 747 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 748 749 BT_DBG("tty %p termios %p", tty, old); 750 751 /* Handle turning off CRTSCTS */ 752 if ((old->c_cflag & CRTSCTS) && !(new->c_cflag & CRTSCTS)) 753 BT_DBG("Turning off CRTSCTS unsupported"); 754 755 /* Parity on/off and when on, odd/even */ 756 if (((old->c_cflag & PARENB) != (new->c_cflag & PARENB)) || 757 ((old->c_cflag & PARODD) != (new->c_cflag & PARODD)) ) { 758 changes |= RFCOMM_RPN_PM_PARITY; 759 BT_DBG("Parity change detected."); 760 } 761 762 /* Mark and space parity are not supported! */ 763 if (new->c_cflag & PARENB) { 764 if (new->c_cflag & PARODD) { 765 BT_DBG("Parity is ODD"); 766 parity = RFCOMM_RPN_PARITY_ODD; 767 } else { 768 BT_DBG("Parity is EVEN"); 769 parity = RFCOMM_RPN_PARITY_EVEN; 770 } 771 } else { 772 BT_DBG("Parity is OFF"); 773 parity = RFCOMM_RPN_PARITY_NONE; 774 } 775 776 /* Setting the x_on / x_off characters */ 777 if (old->c_cc[VSTOP] != new->c_cc[VSTOP]) { 778 BT_DBG("XOFF custom"); 779 x_on = new->c_cc[VSTOP]; 780 changes |= RFCOMM_RPN_PM_XON; 781 } else { 782 BT_DBG("XOFF default"); 783 x_on = RFCOMM_RPN_XON_CHAR; 784 } 785 786 if (old->c_cc[VSTART] != new->c_cc[VSTART]) { 787 BT_DBG("XON custom"); 788 x_off = new->c_cc[VSTART]; 789 changes |= RFCOMM_RPN_PM_XOFF; 790 } else { 791 BT_DBG("XON default"); 792 x_off = RFCOMM_RPN_XOFF_CHAR; 793 } 794 795 /* Handle setting of stop bits */ 796 if ((old->c_cflag & CSTOPB) != (new->c_cflag & CSTOPB)) 797 changes |= RFCOMM_RPN_PM_STOP; 798 799 /* POSIX does not support 1.5 stop bits and RFCOMM does not 800 * support 2 stop bits. So a request for 2 stop bits gets 801 * translated to 1.5 stop bits */ 802 if (new->c_cflag & CSTOPB) { 803 stop_bits = RFCOMM_RPN_STOP_15; 804 } else { 805 stop_bits = RFCOMM_RPN_STOP_1; 806 } 807 808 /* Handle number of data bits [5-8] */ 809 if ((old->c_cflag & CSIZE) != (new->c_cflag & CSIZE)) 810 changes |= RFCOMM_RPN_PM_DATA; 811 812 switch (new->c_cflag & CSIZE) { 813 case CS5: 814 data_bits = RFCOMM_RPN_DATA_5; 815 break; 816 case CS6: 817 data_bits = RFCOMM_RPN_DATA_6; 818 break; 819 case CS7: 820 data_bits = RFCOMM_RPN_DATA_7; 821 break; 822 case CS8: 823 data_bits = RFCOMM_RPN_DATA_8; 824 break; 825 default: 826 data_bits = RFCOMM_RPN_DATA_8; 827 break; 828 } 829 830 /* Handle baudrate settings */ 831 if (old_baud_rate != new_baud_rate) 832 changes |= RFCOMM_RPN_PM_BITRATE; 833 834 switch (new_baud_rate) { 835 case 2400: 836 baud = RFCOMM_RPN_BR_2400; 837 break; 838 case 4800: 839 baud = RFCOMM_RPN_BR_4800; 840 break; 841 case 7200: 842 baud = RFCOMM_RPN_BR_7200; 843 break; 844 case 9600: 845 baud = RFCOMM_RPN_BR_9600; 846 break; 847 case 19200: 848 baud = RFCOMM_RPN_BR_19200; 849 break; 850 case 38400: 851 baud = RFCOMM_RPN_BR_38400; 852 break; 853 case 57600: 854 baud = RFCOMM_RPN_BR_57600; 855 break; 856 case 115200: 857 baud = RFCOMM_RPN_BR_115200; 858 break; 859 case 230400: 860 baud = RFCOMM_RPN_BR_230400; 861 break; 862 default: 863 /* 9600 is standard accordinag to the RFCOMM specification */ 864 baud = RFCOMM_RPN_BR_9600; 865 break; 866 867 } 868 869 if (changes) 870 rfcomm_send_rpn(dev->dlc->session, 1, dev->dlc->dlci, baud, 871 data_bits, stop_bits, parity, 872 RFCOMM_RPN_FLOW_NONE, x_on, x_off, changes); 873 874 return; 875 } 876 877 static void rfcomm_tty_throttle(struct tty_struct *tty) 878 { 879 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 880 881 BT_DBG("tty %p dev %p", tty, dev); 882 883 rfcomm_dlc_throttle(dev->dlc); 884 } 885 886 static void rfcomm_tty_unthrottle(struct tty_struct *tty) 887 { 888 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 889 890 BT_DBG("tty %p dev %p", tty, dev); 891 892 rfcomm_dlc_unthrottle(dev->dlc); 893 } 894 895 static int rfcomm_tty_chars_in_buffer(struct tty_struct *tty) 896 { 897 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 898 struct rfcomm_dlc *dlc = dev->dlc; 899 900 BT_DBG("tty %p dev %p", tty, dev); 901 902 if (!skb_queue_empty(&dlc->tx_queue)) 903 return dlc->mtu; 904 905 return 0; 906 } 907 908 static void rfcomm_tty_flush_buffer(struct tty_struct *tty) 909 { 910 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 911 if (!dev) 912 return; 913 914 BT_DBG("tty %p dev %p", tty, dev); 915 916 skb_queue_purge(&dev->dlc->tx_queue); 917 918 if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags) && tty->ldisc.write_wakeup) 919 tty->ldisc.write_wakeup(tty); 920 } 921 922 static void rfcomm_tty_send_xchar(struct tty_struct *tty, char ch) 923 { 924 BT_DBG("tty %p ch %c", tty, ch); 925 } 926 927 static void rfcomm_tty_wait_until_sent(struct tty_struct *tty, int timeout) 928 { 929 BT_DBG("tty %p timeout %d", tty, timeout); 930 } 931 932 static void rfcomm_tty_hangup(struct tty_struct *tty) 933 { 934 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 935 if (!dev) 936 return; 937 938 BT_DBG("tty %p dev %p", tty, dev); 939 940 rfcomm_tty_flush_buffer(tty); 941 942 if (test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags)) 943 rfcomm_dev_del(dev); 944 } 945 946 static int rfcomm_tty_read_proc(char *buf, char **start, off_t offset, int len, int *eof, void *unused) 947 { 948 return 0; 949 } 950 951 static int rfcomm_tty_tiocmget(struct tty_struct *tty, struct file *filp) 952 { 953 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 954 955 BT_DBG("tty %p dev %p", tty, dev); 956 957 return dev->modem_status; 958 } 959 960 static int rfcomm_tty_tiocmset(struct tty_struct *tty, struct file *filp, unsigned int set, unsigned int clear) 961 { 962 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 963 struct rfcomm_dlc *dlc = dev->dlc; 964 u8 v24_sig; 965 966 BT_DBG("tty %p dev %p set 0x%02x clear 0x%02x", tty, dev, set, clear); 967 968 rfcomm_dlc_get_modem_status(dlc, &v24_sig); 969 970 if (set & TIOCM_DSR || set & TIOCM_DTR) 971 v24_sig |= RFCOMM_V24_RTC; 972 if (set & TIOCM_RTS || set & TIOCM_CTS) 973 v24_sig |= RFCOMM_V24_RTR; 974 if (set & TIOCM_RI) 975 v24_sig |= RFCOMM_V24_IC; 976 if (set & TIOCM_CD) 977 v24_sig |= RFCOMM_V24_DV; 978 979 if (clear & TIOCM_DSR || clear & TIOCM_DTR) 980 v24_sig &= ~RFCOMM_V24_RTC; 981 if (clear & TIOCM_RTS || clear & TIOCM_CTS) 982 v24_sig &= ~RFCOMM_V24_RTR; 983 if (clear & TIOCM_RI) 984 v24_sig &= ~RFCOMM_V24_IC; 985 if (clear & TIOCM_CD) 986 v24_sig &= ~RFCOMM_V24_DV; 987 988 rfcomm_dlc_set_modem_status(dlc, v24_sig); 989 990 return 0; 991 } 992 993 /* ---- TTY structure ---- */ 994 995 static struct tty_operations rfcomm_ops = { 996 .open = rfcomm_tty_open, 997 .close = rfcomm_tty_close, 998 .write = rfcomm_tty_write, 999 .write_room = rfcomm_tty_write_room, 1000 .chars_in_buffer = rfcomm_tty_chars_in_buffer, 1001 .flush_buffer = rfcomm_tty_flush_buffer, 1002 .ioctl = rfcomm_tty_ioctl, 1003 .throttle = rfcomm_tty_throttle, 1004 .unthrottle = rfcomm_tty_unthrottle, 1005 .set_termios = rfcomm_tty_set_termios, 1006 .send_xchar = rfcomm_tty_send_xchar, 1007 .hangup = rfcomm_tty_hangup, 1008 .wait_until_sent = rfcomm_tty_wait_until_sent, 1009 .read_proc = rfcomm_tty_read_proc, 1010 .tiocmget = rfcomm_tty_tiocmget, 1011 .tiocmset = rfcomm_tty_tiocmset, 1012 }; 1013 1014 int rfcomm_init_ttys(void) 1015 { 1016 rfcomm_tty_driver = alloc_tty_driver(RFCOMM_TTY_PORTS); 1017 if (!rfcomm_tty_driver) 1018 return -1; 1019 1020 rfcomm_tty_driver->owner = THIS_MODULE; 1021 rfcomm_tty_driver->driver_name = "rfcomm"; 1022 rfcomm_tty_driver->name = "rfcomm"; 1023 rfcomm_tty_driver->major = RFCOMM_TTY_MAJOR; 1024 rfcomm_tty_driver->minor_start = RFCOMM_TTY_MINOR; 1025 rfcomm_tty_driver->type = TTY_DRIVER_TYPE_SERIAL; 1026 rfcomm_tty_driver->subtype = SERIAL_TYPE_NORMAL; 1027 rfcomm_tty_driver->flags = TTY_DRIVER_REAL_RAW | TTY_DRIVER_DYNAMIC_DEV; 1028 rfcomm_tty_driver->init_termios = tty_std_termios; 1029 rfcomm_tty_driver->init_termios.c_cflag = B9600 | CS8 | CREAD | HUPCL | CLOCAL; 1030 tty_set_operations(rfcomm_tty_driver, &rfcomm_ops); 1031 1032 if (tty_register_driver(rfcomm_tty_driver)) { 1033 BT_ERR("Can't register RFCOMM TTY driver"); 1034 put_tty_driver(rfcomm_tty_driver); 1035 return -1; 1036 } 1037 1038 BT_INFO("RFCOMM TTY layer initialized"); 1039 1040 return 0; 1041 } 1042 1043 void rfcomm_cleanup_ttys(void) 1044 { 1045 tty_unregister_driver(rfcomm_tty_driver); 1046 put_tty_driver(rfcomm_tty_driver); 1047 } 1048