1 /* 2 RFCOMM implementation for Linux Bluetooth stack (BlueZ). 3 Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com> 4 Copyright (C) 2002 Marcel Holtmann <marcel@holtmann.org> 5 6 This program is free software; you can redistribute it and/or modify 7 it under the terms of the GNU General Public License version 2 as 8 published by the Free Software Foundation; 9 10 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS 11 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 12 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. 13 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY 14 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES 15 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 19 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, 20 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS 21 SOFTWARE IS DISCLAIMED. 22 */ 23 24 /* 25 * RFCOMM TTY. 26 * 27 * $Id: tty.c,v 1.24 2002/10/03 01:54:38 holtmann Exp $ 28 */ 29 30 #include <linux/module.h> 31 32 #include <linux/tty.h> 33 #include <linux/tty_driver.h> 34 #include <linux/tty_flip.h> 35 36 #include <linux/capability.h> 37 #include <linux/slab.h> 38 #include <linux/skbuff.h> 39 40 #include <net/bluetooth/bluetooth.h> 41 #include <net/bluetooth/hci_core.h> 42 #include <net/bluetooth/rfcomm.h> 43 44 #ifndef CONFIG_BT_RFCOMM_DEBUG 45 #undef BT_DBG 46 #define BT_DBG(D...) 47 #endif 48 49 #define RFCOMM_TTY_MAGIC 0x6d02 /* magic number for rfcomm struct */ 50 #define RFCOMM_TTY_PORTS RFCOMM_MAX_DEV /* whole lotta rfcomm devices */ 51 #define RFCOMM_TTY_MAJOR 216 /* device node major id of the usb/bluetooth.c driver */ 52 #define RFCOMM_TTY_MINOR 0 53 54 static struct tty_driver *rfcomm_tty_driver; 55 56 struct rfcomm_dev { 57 struct list_head list; 58 atomic_t refcnt; 59 60 char name[12]; 61 int id; 62 unsigned long flags; 63 int opened; 64 int err; 65 66 bdaddr_t src; 67 bdaddr_t dst; 68 u8 channel; 69 70 uint modem_status; 71 72 struct rfcomm_dlc *dlc; 73 struct tty_struct *tty; 74 wait_queue_head_t wait; 75 struct tasklet_struct wakeup_task; 76 77 atomic_t wmem_alloc; 78 }; 79 80 static LIST_HEAD(rfcomm_dev_list); 81 static DEFINE_RWLOCK(rfcomm_dev_lock); 82 83 static void rfcomm_dev_data_ready(struct rfcomm_dlc *dlc, struct sk_buff *skb); 84 static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err); 85 static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig); 86 87 static void rfcomm_tty_wakeup(unsigned long arg); 88 89 /* ---- Device functions ---- */ 90 static void rfcomm_dev_destruct(struct rfcomm_dev *dev) 91 { 92 struct rfcomm_dlc *dlc = dev->dlc; 93 94 BT_DBG("dev %p dlc %p", dev, dlc); 95 96 rfcomm_dlc_lock(dlc); 97 /* Detach DLC if it's owned by this dev */ 98 if (dlc->owner == dev) 99 dlc->owner = NULL; 100 rfcomm_dlc_unlock(dlc); 101 102 rfcomm_dlc_put(dlc); 103 104 tty_unregister_device(rfcomm_tty_driver, dev->id); 105 106 /* Refcount should only hit zero when called from rfcomm_dev_del() 107 which will have taken us off the list. Everything else are 108 refcounting bugs. */ 109 BUG_ON(!list_empty(&dev->list)); 110 111 kfree(dev); 112 113 /* It's safe to call module_put() here because socket still 114 holds reference to this module. */ 115 module_put(THIS_MODULE); 116 } 117 118 static inline void rfcomm_dev_hold(struct rfcomm_dev *dev) 119 { 120 atomic_inc(&dev->refcnt); 121 } 122 123 static inline void rfcomm_dev_put(struct rfcomm_dev *dev) 124 { 125 /* The reason this isn't actually a race, as you no 126 doubt have a little voice screaming at you in your 127 head, is that the refcount should never actually 128 reach zero unless the device has already been taken 129 off the list, in rfcomm_dev_del(). And if that's not 130 true, we'll hit the BUG() in rfcomm_dev_destruct() 131 anyway. */ 132 if (atomic_dec_and_test(&dev->refcnt)) 133 rfcomm_dev_destruct(dev); 134 } 135 136 static struct rfcomm_dev *__rfcomm_dev_get(int id) 137 { 138 struct rfcomm_dev *dev; 139 struct list_head *p; 140 141 list_for_each(p, &rfcomm_dev_list) { 142 dev = list_entry(p, struct rfcomm_dev, list); 143 if (dev->id == id) 144 return dev; 145 } 146 147 return NULL; 148 } 149 150 static inline struct rfcomm_dev *rfcomm_dev_get(int id) 151 { 152 struct rfcomm_dev *dev; 153 154 read_lock(&rfcomm_dev_lock); 155 156 dev = __rfcomm_dev_get(id); 157 if (dev) 158 rfcomm_dev_hold(dev); 159 160 read_unlock(&rfcomm_dev_lock); 161 162 return dev; 163 } 164 165 static struct device *rfcomm_get_device(struct rfcomm_dev *dev) 166 { 167 struct hci_dev *hdev; 168 struct hci_conn *conn; 169 170 hdev = hci_get_route(&dev->dst, &dev->src); 171 if (!hdev) 172 return NULL; 173 174 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &dev->dst); 175 176 hci_dev_put(hdev); 177 178 return conn ? &conn->dev : NULL; 179 } 180 181 static int rfcomm_dev_add(struct rfcomm_dev_req *req, struct rfcomm_dlc *dlc) 182 { 183 struct rfcomm_dev *dev; 184 struct list_head *head = &rfcomm_dev_list, *p; 185 int err = 0; 186 187 BT_DBG("id %d channel %d", req->dev_id, req->channel); 188 189 dev = kzalloc(sizeof(struct rfcomm_dev), GFP_KERNEL); 190 if (!dev) 191 return -ENOMEM; 192 193 write_lock_bh(&rfcomm_dev_lock); 194 195 if (req->dev_id < 0) { 196 dev->id = 0; 197 198 list_for_each(p, &rfcomm_dev_list) { 199 if (list_entry(p, struct rfcomm_dev, list)->id != dev->id) 200 break; 201 202 dev->id++; 203 head = p; 204 } 205 } else { 206 dev->id = req->dev_id; 207 208 list_for_each(p, &rfcomm_dev_list) { 209 struct rfcomm_dev *entry = list_entry(p, struct rfcomm_dev, list); 210 211 if (entry->id == dev->id) { 212 err = -EADDRINUSE; 213 goto out; 214 } 215 216 if (entry->id > dev->id - 1) 217 break; 218 219 head = p; 220 } 221 } 222 223 if ((dev->id < 0) || (dev->id > RFCOMM_MAX_DEV - 1)) { 224 err = -ENFILE; 225 goto out; 226 } 227 228 sprintf(dev->name, "rfcomm%d", dev->id); 229 230 list_add(&dev->list, head); 231 atomic_set(&dev->refcnt, 1); 232 233 bacpy(&dev->src, &req->src); 234 bacpy(&dev->dst, &req->dst); 235 dev->channel = req->channel; 236 237 dev->flags = req->flags & 238 ((1 << RFCOMM_RELEASE_ONHUP) | (1 << RFCOMM_REUSE_DLC)); 239 240 init_waitqueue_head(&dev->wait); 241 tasklet_init(&dev->wakeup_task, rfcomm_tty_wakeup, (unsigned long) dev); 242 243 rfcomm_dlc_lock(dlc); 244 dlc->data_ready = rfcomm_dev_data_ready; 245 dlc->state_change = rfcomm_dev_state_change; 246 dlc->modem_status = rfcomm_dev_modem_status; 247 248 dlc->owner = dev; 249 dev->dlc = dlc; 250 rfcomm_dlc_unlock(dlc); 251 252 /* It's safe to call __module_get() here because socket already 253 holds reference to this module. */ 254 __module_get(THIS_MODULE); 255 256 out: 257 write_unlock_bh(&rfcomm_dev_lock); 258 259 if (err) { 260 kfree(dev); 261 return err; 262 } 263 264 tty_register_device(rfcomm_tty_driver, dev->id, rfcomm_get_device(dev)); 265 266 return dev->id; 267 } 268 269 static void rfcomm_dev_del(struct rfcomm_dev *dev) 270 { 271 BT_DBG("dev %p", dev); 272 273 write_lock_bh(&rfcomm_dev_lock); 274 list_del_init(&dev->list); 275 write_unlock_bh(&rfcomm_dev_lock); 276 277 rfcomm_dev_put(dev); 278 } 279 280 /* ---- Send buffer ---- */ 281 static inline unsigned int rfcomm_room(struct rfcomm_dlc *dlc) 282 { 283 /* We can't let it be zero, because we don't get a callback 284 when tx_credits becomes nonzero, hence we'd never wake up */ 285 return dlc->mtu * (dlc->tx_credits?:1); 286 } 287 288 static void rfcomm_wfree(struct sk_buff *skb) 289 { 290 struct rfcomm_dev *dev = (void *) skb->sk; 291 atomic_sub(skb->truesize, &dev->wmem_alloc); 292 if (test_bit(RFCOMM_TTY_ATTACHED, &dev->flags)) 293 tasklet_schedule(&dev->wakeup_task); 294 rfcomm_dev_put(dev); 295 } 296 297 static inline void rfcomm_set_owner_w(struct sk_buff *skb, struct rfcomm_dev *dev) 298 { 299 rfcomm_dev_hold(dev); 300 atomic_add(skb->truesize, &dev->wmem_alloc); 301 skb->sk = (void *) dev; 302 skb->destructor = rfcomm_wfree; 303 } 304 305 static struct sk_buff *rfcomm_wmalloc(struct rfcomm_dev *dev, unsigned long size, gfp_t priority) 306 { 307 if (atomic_read(&dev->wmem_alloc) < rfcomm_room(dev->dlc)) { 308 struct sk_buff *skb = alloc_skb(size, priority); 309 if (skb) { 310 rfcomm_set_owner_w(skb, dev); 311 return skb; 312 } 313 } 314 return NULL; 315 } 316 317 /* ---- Device IOCTLs ---- */ 318 319 #define NOCAP_FLAGS ((1 << RFCOMM_REUSE_DLC) | (1 << RFCOMM_RELEASE_ONHUP)) 320 321 static int rfcomm_create_dev(struct sock *sk, void __user *arg) 322 { 323 struct rfcomm_dev_req req; 324 struct rfcomm_dlc *dlc; 325 int id; 326 327 if (copy_from_user(&req, arg, sizeof(req))) 328 return -EFAULT; 329 330 BT_DBG("sk %p dev_id %id flags 0x%x", sk, req.dev_id, req.flags); 331 332 if (req.flags != NOCAP_FLAGS && !capable(CAP_NET_ADMIN)) 333 return -EPERM; 334 335 if (req.flags & (1 << RFCOMM_REUSE_DLC)) { 336 /* Socket must be connected */ 337 if (sk->sk_state != BT_CONNECTED) 338 return -EBADFD; 339 340 dlc = rfcomm_pi(sk)->dlc; 341 rfcomm_dlc_hold(dlc); 342 } else { 343 dlc = rfcomm_dlc_alloc(GFP_KERNEL); 344 if (!dlc) 345 return -ENOMEM; 346 } 347 348 id = rfcomm_dev_add(&req, dlc); 349 if (id < 0) { 350 rfcomm_dlc_put(dlc); 351 return id; 352 } 353 354 if (req.flags & (1 << RFCOMM_REUSE_DLC)) { 355 /* DLC is now used by device. 356 * Socket must be disconnected */ 357 sk->sk_state = BT_CLOSED; 358 } 359 360 return id; 361 } 362 363 static int rfcomm_release_dev(void __user *arg) 364 { 365 struct rfcomm_dev_req req; 366 struct rfcomm_dev *dev; 367 368 if (copy_from_user(&req, arg, sizeof(req))) 369 return -EFAULT; 370 371 BT_DBG("dev_id %id flags 0x%x", req.dev_id, req.flags); 372 373 if (!(dev = rfcomm_dev_get(req.dev_id))) 374 return -ENODEV; 375 376 if (dev->flags != NOCAP_FLAGS && !capable(CAP_NET_ADMIN)) { 377 rfcomm_dev_put(dev); 378 return -EPERM; 379 } 380 381 if (req.flags & (1 << RFCOMM_HANGUP_NOW)) 382 rfcomm_dlc_close(dev->dlc, 0); 383 384 rfcomm_dev_del(dev); 385 rfcomm_dev_put(dev); 386 return 0; 387 } 388 389 static int rfcomm_get_dev_list(void __user *arg) 390 { 391 struct rfcomm_dev_list_req *dl; 392 struct rfcomm_dev_info *di; 393 struct list_head *p; 394 int n = 0, size, err; 395 u16 dev_num; 396 397 BT_DBG(""); 398 399 if (get_user(dev_num, (u16 __user *) arg)) 400 return -EFAULT; 401 402 if (!dev_num || dev_num > (PAGE_SIZE * 4) / sizeof(*di)) 403 return -EINVAL; 404 405 size = sizeof(*dl) + dev_num * sizeof(*di); 406 407 if (!(dl = kmalloc(size, GFP_KERNEL))) 408 return -ENOMEM; 409 410 di = dl->dev_info; 411 412 read_lock_bh(&rfcomm_dev_lock); 413 414 list_for_each(p, &rfcomm_dev_list) { 415 struct rfcomm_dev *dev = list_entry(p, struct rfcomm_dev, list); 416 (di + n)->id = dev->id; 417 (di + n)->flags = dev->flags; 418 (di + n)->state = dev->dlc->state; 419 (di + n)->channel = dev->channel; 420 bacpy(&(di + n)->src, &dev->src); 421 bacpy(&(di + n)->dst, &dev->dst); 422 if (++n >= dev_num) 423 break; 424 } 425 426 read_unlock_bh(&rfcomm_dev_lock); 427 428 dl->dev_num = n; 429 size = sizeof(*dl) + n * sizeof(*di); 430 431 err = copy_to_user(arg, dl, size); 432 kfree(dl); 433 434 return err ? -EFAULT : 0; 435 } 436 437 static int rfcomm_get_dev_info(void __user *arg) 438 { 439 struct rfcomm_dev *dev; 440 struct rfcomm_dev_info di; 441 int err = 0; 442 443 BT_DBG(""); 444 445 if (copy_from_user(&di, arg, sizeof(di))) 446 return -EFAULT; 447 448 if (!(dev = rfcomm_dev_get(di.id))) 449 return -ENODEV; 450 451 di.flags = dev->flags; 452 di.channel = dev->channel; 453 di.state = dev->dlc->state; 454 bacpy(&di.src, &dev->src); 455 bacpy(&di.dst, &dev->dst); 456 457 if (copy_to_user(arg, &di, sizeof(di))) 458 err = -EFAULT; 459 460 rfcomm_dev_put(dev); 461 return err; 462 } 463 464 int rfcomm_dev_ioctl(struct sock *sk, unsigned int cmd, void __user *arg) 465 { 466 BT_DBG("cmd %d arg %p", cmd, arg); 467 468 switch (cmd) { 469 case RFCOMMCREATEDEV: 470 return rfcomm_create_dev(sk, arg); 471 472 case RFCOMMRELEASEDEV: 473 return rfcomm_release_dev(arg); 474 475 case RFCOMMGETDEVLIST: 476 return rfcomm_get_dev_list(arg); 477 478 case RFCOMMGETDEVINFO: 479 return rfcomm_get_dev_info(arg); 480 } 481 482 return -EINVAL; 483 } 484 485 /* ---- DLC callbacks ---- */ 486 static void rfcomm_dev_data_ready(struct rfcomm_dlc *dlc, struct sk_buff *skb) 487 { 488 struct rfcomm_dev *dev = dlc->owner; 489 struct tty_struct *tty; 490 491 if (!dev || !(tty = dev->tty)) { 492 kfree_skb(skb); 493 return; 494 } 495 496 BT_DBG("dlc %p tty %p len %d", dlc, tty, skb->len); 497 498 tty_insert_flip_string(tty, skb->data, skb->len); 499 tty_flip_buffer_push(tty); 500 501 kfree_skb(skb); 502 } 503 504 static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err) 505 { 506 struct rfcomm_dev *dev = dlc->owner; 507 if (!dev) 508 return; 509 510 BT_DBG("dlc %p dev %p err %d", dlc, dev, err); 511 512 dev->err = err; 513 wake_up_interruptible(&dev->wait); 514 515 if (dlc->state == BT_CLOSED) { 516 if (!dev->tty) { 517 if (test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags)) { 518 rfcomm_dev_hold(dev); 519 rfcomm_dev_del(dev); 520 521 /* We have to drop DLC lock here, otherwise 522 rfcomm_dev_put() will dead lock if it's 523 the last reference. */ 524 rfcomm_dlc_unlock(dlc); 525 rfcomm_dev_put(dev); 526 rfcomm_dlc_lock(dlc); 527 } 528 } else 529 tty_hangup(dev->tty); 530 } 531 } 532 533 static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig) 534 { 535 struct rfcomm_dev *dev = dlc->owner; 536 if (!dev) 537 return; 538 539 BT_DBG("dlc %p dev %p v24_sig 0x%02x", dlc, dev, v24_sig); 540 541 if ((dev->modem_status & TIOCM_CD) && !(v24_sig & RFCOMM_V24_DV)) { 542 if (dev->tty && !C_CLOCAL(dev->tty)) 543 tty_hangup(dev->tty); 544 } 545 546 dev->modem_status = 547 ((v24_sig & RFCOMM_V24_RTC) ? (TIOCM_DSR | TIOCM_DTR) : 0) | 548 ((v24_sig & RFCOMM_V24_RTR) ? (TIOCM_RTS | TIOCM_CTS) : 0) | 549 ((v24_sig & RFCOMM_V24_IC) ? TIOCM_RI : 0) | 550 ((v24_sig & RFCOMM_V24_DV) ? TIOCM_CD : 0); 551 } 552 553 /* ---- TTY functions ---- */ 554 static void rfcomm_tty_wakeup(unsigned long arg) 555 { 556 struct rfcomm_dev *dev = (void *) arg; 557 struct tty_struct *tty = dev->tty; 558 if (!tty) 559 return; 560 561 BT_DBG("dev %p tty %p", dev, tty); 562 563 if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags) && tty->ldisc.write_wakeup) 564 (tty->ldisc.write_wakeup)(tty); 565 566 wake_up_interruptible(&tty->write_wait); 567 #ifdef SERIAL_HAVE_POLL_WAIT 568 wake_up_interruptible(&tty->poll_wait); 569 #endif 570 } 571 572 static int rfcomm_tty_open(struct tty_struct *tty, struct file *filp) 573 { 574 DECLARE_WAITQUEUE(wait, current); 575 struct rfcomm_dev *dev; 576 struct rfcomm_dlc *dlc; 577 int err, id; 578 579 id = tty->index; 580 581 BT_DBG("tty %p id %d", tty, id); 582 583 /* We don't leak this refcount. For reasons which are not entirely 584 clear, the TTY layer will call our ->close() method even if the 585 open fails. We decrease the refcount there, and decreasing it 586 here too would cause breakage. */ 587 dev = rfcomm_dev_get(id); 588 if (!dev) 589 return -ENODEV; 590 591 BT_DBG("dev %p dst %s channel %d opened %d", dev, batostr(&dev->dst), dev->channel, dev->opened); 592 593 if (dev->opened++ != 0) 594 return 0; 595 596 dlc = dev->dlc; 597 598 /* Attach TTY and open DLC */ 599 600 rfcomm_dlc_lock(dlc); 601 tty->driver_data = dev; 602 dev->tty = tty; 603 rfcomm_dlc_unlock(dlc); 604 set_bit(RFCOMM_TTY_ATTACHED, &dev->flags); 605 606 err = rfcomm_dlc_open(dlc, &dev->src, &dev->dst, dev->channel); 607 if (err < 0) 608 return err; 609 610 /* Wait for DLC to connect */ 611 add_wait_queue(&dev->wait, &wait); 612 while (1) { 613 set_current_state(TASK_INTERRUPTIBLE); 614 615 if (dlc->state == BT_CLOSED) { 616 err = -dev->err; 617 break; 618 } 619 620 if (dlc->state == BT_CONNECTED) 621 break; 622 623 if (signal_pending(current)) { 624 err = -EINTR; 625 break; 626 } 627 628 schedule(); 629 } 630 set_current_state(TASK_RUNNING); 631 remove_wait_queue(&dev->wait, &wait); 632 633 return err; 634 } 635 636 static void rfcomm_tty_close(struct tty_struct *tty, struct file *filp) 637 { 638 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 639 if (!dev) 640 return; 641 642 BT_DBG("tty %p dev %p dlc %p opened %d", tty, dev, dev->dlc, dev->opened); 643 644 if (--dev->opened == 0) { 645 /* Close DLC and dettach TTY */ 646 rfcomm_dlc_close(dev->dlc, 0); 647 648 clear_bit(RFCOMM_TTY_ATTACHED, &dev->flags); 649 tasklet_kill(&dev->wakeup_task); 650 651 rfcomm_dlc_lock(dev->dlc); 652 tty->driver_data = NULL; 653 dev->tty = NULL; 654 rfcomm_dlc_unlock(dev->dlc); 655 } 656 657 rfcomm_dev_put(dev); 658 } 659 660 static int rfcomm_tty_write(struct tty_struct *tty, const unsigned char *buf, int count) 661 { 662 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 663 struct rfcomm_dlc *dlc = dev->dlc; 664 struct sk_buff *skb; 665 int err = 0, sent = 0, size; 666 667 BT_DBG("tty %p count %d", tty, count); 668 669 while (count) { 670 size = min_t(uint, count, dlc->mtu); 671 672 skb = rfcomm_wmalloc(dev, size + RFCOMM_SKB_RESERVE, GFP_ATOMIC); 673 674 if (!skb) 675 break; 676 677 skb_reserve(skb, RFCOMM_SKB_HEAD_RESERVE); 678 679 memcpy(skb_put(skb, size), buf + sent, size); 680 681 if ((err = rfcomm_dlc_send(dlc, skb)) < 0) { 682 kfree_skb(skb); 683 break; 684 } 685 686 sent += size; 687 count -= size; 688 } 689 690 return sent ? sent : err; 691 } 692 693 static int rfcomm_tty_write_room(struct tty_struct *tty) 694 { 695 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 696 int room; 697 698 BT_DBG("tty %p", tty); 699 700 if (!dev || !dev->dlc) 701 return 0; 702 703 room = rfcomm_room(dev->dlc) - atomic_read(&dev->wmem_alloc); 704 if (room < 0) 705 room = 0; 706 707 return room; 708 } 709 710 static int rfcomm_tty_ioctl(struct tty_struct *tty, struct file *filp, unsigned int cmd, unsigned long arg) 711 { 712 BT_DBG("tty %p cmd 0x%02x", tty, cmd); 713 714 switch (cmd) { 715 case TCGETS: 716 BT_DBG("TCGETS is not supported"); 717 return -ENOIOCTLCMD; 718 719 case TCSETS: 720 BT_DBG("TCSETS is not supported"); 721 return -ENOIOCTLCMD; 722 723 case TIOCMIWAIT: 724 BT_DBG("TIOCMIWAIT"); 725 break; 726 727 case TIOCGICOUNT: 728 BT_DBG("TIOCGICOUNT"); 729 break; 730 731 case TIOCGSERIAL: 732 BT_ERR("TIOCGSERIAL is not supported"); 733 return -ENOIOCTLCMD; 734 735 case TIOCSSERIAL: 736 BT_ERR("TIOCSSERIAL is not supported"); 737 return -ENOIOCTLCMD; 738 739 case TIOCSERGSTRUCT: 740 BT_ERR("TIOCSERGSTRUCT is not supported"); 741 return -ENOIOCTLCMD; 742 743 case TIOCSERGETLSR: 744 BT_ERR("TIOCSERGETLSR is not supported"); 745 return -ENOIOCTLCMD; 746 747 case TIOCSERCONFIG: 748 BT_ERR("TIOCSERCONFIG is not supported"); 749 return -ENOIOCTLCMD; 750 751 default: 752 return -ENOIOCTLCMD; /* ioctls which we must ignore */ 753 754 } 755 756 return -ENOIOCTLCMD; 757 } 758 759 static void rfcomm_tty_set_termios(struct tty_struct *tty, struct ktermios *old) 760 { 761 struct ktermios *new = tty->termios; 762 int old_baud_rate = tty_termios_baud_rate(old); 763 int new_baud_rate = tty_termios_baud_rate(new); 764 765 u8 baud, data_bits, stop_bits, parity, x_on, x_off; 766 u16 changes = 0; 767 768 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 769 770 BT_DBG("tty %p termios %p", tty, old); 771 772 if (!dev || !dev->dlc || !dev->dlc->session) 773 return; 774 775 /* Handle turning off CRTSCTS */ 776 if ((old->c_cflag & CRTSCTS) && !(new->c_cflag & CRTSCTS)) 777 BT_DBG("Turning off CRTSCTS unsupported"); 778 779 /* Parity on/off and when on, odd/even */ 780 if (((old->c_cflag & PARENB) != (new->c_cflag & PARENB)) || 781 ((old->c_cflag & PARODD) != (new->c_cflag & PARODD)) ) { 782 changes |= RFCOMM_RPN_PM_PARITY; 783 BT_DBG("Parity change detected."); 784 } 785 786 /* Mark and space parity are not supported! */ 787 if (new->c_cflag & PARENB) { 788 if (new->c_cflag & PARODD) { 789 BT_DBG("Parity is ODD"); 790 parity = RFCOMM_RPN_PARITY_ODD; 791 } else { 792 BT_DBG("Parity is EVEN"); 793 parity = RFCOMM_RPN_PARITY_EVEN; 794 } 795 } else { 796 BT_DBG("Parity is OFF"); 797 parity = RFCOMM_RPN_PARITY_NONE; 798 } 799 800 /* Setting the x_on / x_off characters */ 801 if (old->c_cc[VSTOP] != new->c_cc[VSTOP]) { 802 BT_DBG("XOFF custom"); 803 x_on = new->c_cc[VSTOP]; 804 changes |= RFCOMM_RPN_PM_XON; 805 } else { 806 BT_DBG("XOFF default"); 807 x_on = RFCOMM_RPN_XON_CHAR; 808 } 809 810 if (old->c_cc[VSTART] != new->c_cc[VSTART]) { 811 BT_DBG("XON custom"); 812 x_off = new->c_cc[VSTART]; 813 changes |= RFCOMM_RPN_PM_XOFF; 814 } else { 815 BT_DBG("XON default"); 816 x_off = RFCOMM_RPN_XOFF_CHAR; 817 } 818 819 /* Handle setting of stop bits */ 820 if ((old->c_cflag & CSTOPB) != (new->c_cflag & CSTOPB)) 821 changes |= RFCOMM_RPN_PM_STOP; 822 823 /* POSIX does not support 1.5 stop bits and RFCOMM does not 824 * support 2 stop bits. So a request for 2 stop bits gets 825 * translated to 1.5 stop bits */ 826 if (new->c_cflag & CSTOPB) { 827 stop_bits = RFCOMM_RPN_STOP_15; 828 } else { 829 stop_bits = RFCOMM_RPN_STOP_1; 830 } 831 832 /* Handle number of data bits [5-8] */ 833 if ((old->c_cflag & CSIZE) != (new->c_cflag & CSIZE)) 834 changes |= RFCOMM_RPN_PM_DATA; 835 836 switch (new->c_cflag & CSIZE) { 837 case CS5: 838 data_bits = RFCOMM_RPN_DATA_5; 839 break; 840 case CS6: 841 data_bits = RFCOMM_RPN_DATA_6; 842 break; 843 case CS7: 844 data_bits = RFCOMM_RPN_DATA_7; 845 break; 846 case CS8: 847 data_bits = RFCOMM_RPN_DATA_8; 848 break; 849 default: 850 data_bits = RFCOMM_RPN_DATA_8; 851 break; 852 } 853 854 /* Handle baudrate settings */ 855 if (old_baud_rate != new_baud_rate) 856 changes |= RFCOMM_RPN_PM_BITRATE; 857 858 switch (new_baud_rate) { 859 case 2400: 860 baud = RFCOMM_RPN_BR_2400; 861 break; 862 case 4800: 863 baud = RFCOMM_RPN_BR_4800; 864 break; 865 case 7200: 866 baud = RFCOMM_RPN_BR_7200; 867 break; 868 case 9600: 869 baud = RFCOMM_RPN_BR_9600; 870 break; 871 case 19200: 872 baud = RFCOMM_RPN_BR_19200; 873 break; 874 case 38400: 875 baud = RFCOMM_RPN_BR_38400; 876 break; 877 case 57600: 878 baud = RFCOMM_RPN_BR_57600; 879 break; 880 case 115200: 881 baud = RFCOMM_RPN_BR_115200; 882 break; 883 case 230400: 884 baud = RFCOMM_RPN_BR_230400; 885 break; 886 default: 887 /* 9600 is standard accordinag to the RFCOMM specification */ 888 baud = RFCOMM_RPN_BR_9600; 889 break; 890 891 } 892 893 if (changes) 894 rfcomm_send_rpn(dev->dlc->session, 1, dev->dlc->dlci, baud, 895 data_bits, stop_bits, parity, 896 RFCOMM_RPN_FLOW_NONE, x_on, x_off, changes); 897 898 return; 899 } 900 901 static void rfcomm_tty_throttle(struct tty_struct *tty) 902 { 903 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 904 905 BT_DBG("tty %p dev %p", tty, dev); 906 907 rfcomm_dlc_throttle(dev->dlc); 908 } 909 910 static void rfcomm_tty_unthrottle(struct tty_struct *tty) 911 { 912 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 913 914 BT_DBG("tty %p dev %p", tty, dev); 915 916 rfcomm_dlc_unthrottle(dev->dlc); 917 } 918 919 static int rfcomm_tty_chars_in_buffer(struct tty_struct *tty) 920 { 921 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 922 923 BT_DBG("tty %p dev %p", tty, dev); 924 925 if (!dev || !dev->dlc) 926 return 0; 927 928 if (!skb_queue_empty(&dev->dlc->tx_queue)) 929 return dev->dlc->mtu; 930 931 return 0; 932 } 933 934 static void rfcomm_tty_flush_buffer(struct tty_struct *tty) 935 { 936 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 937 938 BT_DBG("tty %p dev %p", tty, dev); 939 940 if (!dev || !dev->dlc) 941 return; 942 943 skb_queue_purge(&dev->dlc->tx_queue); 944 945 if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags) && tty->ldisc.write_wakeup) 946 tty->ldisc.write_wakeup(tty); 947 } 948 949 static void rfcomm_tty_send_xchar(struct tty_struct *tty, char ch) 950 { 951 BT_DBG("tty %p ch %c", tty, ch); 952 } 953 954 static void rfcomm_tty_wait_until_sent(struct tty_struct *tty, int timeout) 955 { 956 BT_DBG("tty %p timeout %d", tty, timeout); 957 } 958 959 static void rfcomm_tty_hangup(struct tty_struct *tty) 960 { 961 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 962 963 BT_DBG("tty %p dev %p", tty, dev); 964 965 if (!dev) 966 return; 967 968 rfcomm_tty_flush_buffer(tty); 969 970 if (test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags)) 971 rfcomm_dev_del(dev); 972 } 973 974 static int rfcomm_tty_read_proc(char *buf, char **start, off_t offset, int len, int *eof, void *unused) 975 { 976 return 0; 977 } 978 979 static int rfcomm_tty_tiocmget(struct tty_struct *tty, struct file *filp) 980 { 981 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 982 983 BT_DBG("tty %p dev %p", tty, dev); 984 985 return dev->modem_status; 986 } 987 988 static int rfcomm_tty_tiocmset(struct tty_struct *tty, struct file *filp, unsigned int set, unsigned int clear) 989 { 990 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 991 struct rfcomm_dlc *dlc = dev->dlc; 992 u8 v24_sig; 993 994 BT_DBG("tty %p dev %p set 0x%02x clear 0x%02x", tty, dev, set, clear); 995 996 rfcomm_dlc_get_modem_status(dlc, &v24_sig); 997 998 if (set & TIOCM_DSR || set & TIOCM_DTR) 999 v24_sig |= RFCOMM_V24_RTC; 1000 if (set & TIOCM_RTS || set & TIOCM_CTS) 1001 v24_sig |= RFCOMM_V24_RTR; 1002 if (set & TIOCM_RI) 1003 v24_sig |= RFCOMM_V24_IC; 1004 if (set & TIOCM_CD) 1005 v24_sig |= RFCOMM_V24_DV; 1006 1007 if (clear & TIOCM_DSR || clear & TIOCM_DTR) 1008 v24_sig &= ~RFCOMM_V24_RTC; 1009 if (clear & TIOCM_RTS || clear & TIOCM_CTS) 1010 v24_sig &= ~RFCOMM_V24_RTR; 1011 if (clear & TIOCM_RI) 1012 v24_sig &= ~RFCOMM_V24_IC; 1013 if (clear & TIOCM_CD) 1014 v24_sig &= ~RFCOMM_V24_DV; 1015 1016 rfcomm_dlc_set_modem_status(dlc, v24_sig); 1017 1018 return 0; 1019 } 1020 1021 /* ---- TTY structure ---- */ 1022 1023 static const struct tty_operations rfcomm_ops = { 1024 .open = rfcomm_tty_open, 1025 .close = rfcomm_tty_close, 1026 .write = rfcomm_tty_write, 1027 .write_room = rfcomm_tty_write_room, 1028 .chars_in_buffer = rfcomm_tty_chars_in_buffer, 1029 .flush_buffer = rfcomm_tty_flush_buffer, 1030 .ioctl = rfcomm_tty_ioctl, 1031 .throttle = rfcomm_tty_throttle, 1032 .unthrottle = rfcomm_tty_unthrottle, 1033 .set_termios = rfcomm_tty_set_termios, 1034 .send_xchar = rfcomm_tty_send_xchar, 1035 .hangup = rfcomm_tty_hangup, 1036 .wait_until_sent = rfcomm_tty_wait_until_sent, 1037 .read_proc = rfcomm_tty_read_proc, 1038 .tiocmget = rfcomm_tty_tiocmget, 1039 .tiocmset = rfcomm_tty_tiocmset, 1040 }; 1041 1042 int rfcomm_init_ttys(void) 1043 { 1044 rfcomm_tty_driver = alloc_tty_driver(RFCOMM_TTY_PORTS); 1045 if (!rfcomm_tty_driver) 1046 return -1; 1047 1048 rfcomm_tty_driver->owner = THIS_MODULE; 1049 rfcomm_tty_driver->driver_name = "rfcomm"; 1050 rfcomm_tty_driver->name = "rfcomm"; 1051 rfcomm_tty_driver->major = RFCOMM_TTY_MAJOR; 1052 rfcomm_tty_driver->minor_start = RFCOMM_TTY_MINOR; 1053 rfcomm_tty_driver->type = TTY_DRIVER_TYPE_SERIAL; 1054 rfcomm_tty_driver->subtype = SERIAL_TYPE_NORMAL; 1055 rfcomm_tty_driver->flags = TTY_DRIVER_REAL_RAW | TTY_DRIVER_DYNAMIC_DEV; 1056 rfcomm_tty_driver->init_termios = tty_std_termios; 1057 rfcomm_tty_driver->init_termios.c_cflag = B9600 | CS8 | CREAD | HUPCL | CLOCAL; 1058 tty_set_operations(rfcomm_tty_driver, &rfcomm_ops); 1059 1060 if (tty_register_driver(rfcomm_tty_driver)) { 1061 BT_ERR("Can't register RFCOMM TTY driver"); 1062 put_tty_driver(rfcomm_tty_driver); 1063 return -1; 1064 } 1065 1066 BT_INFO("RFCOMM TTY layer initialized"); 1067 1068 return 0; 1069 } 1070 1071 void rfcomm_cleanup_ttys(void) 1072 { 1073 tty_unregister_driver(rfcomm_tty_driver); 1074 put_tty_driver(rfcomm_tty_driver); 1075 } 1076