1 /* 2 RFCOMM implementation for Linux Bluetooth stack (BlueZ). 3 Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com> 4 Copyright (C) 2002 Marcel Holtmann <marcel@holtmann.org> 5 6 This program is free software; you can redistribute it and/or modify 7 it under the terms of the GNU General Public License version 2 as 8 published by the Free Software Foundation; 9 10 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS 11 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 12 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. 13 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY 14 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES 15 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 19 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, 20 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS 21 SOFTWARE IS DISCLAIMED. 22 */ 23 24 /* 25 * RFCOMM TTY. 26 * 27 * $Id: tty.c,v 1.24 2002/10/03 01:54:38 holtmann Exp $ 28 */ 29 30 #include <linux/config.h> 31 #include <linux/module.h> 32 33 #include <linux/tty.h> 34 #include <linux/tty_driver.h> 35 #include <linux/tty_flip.h> 36 37 #include <linux/capability.h> 38 #include <linux/slab.h> 39 #include <linux/skbuff.h> 40 41 #include <net/bluetooth/bluetooth.h> 42 #include <net/bluetooth/rfcomm.h> 43 44 #ifndef CONFIG_BT_RFCOMM_DEBUG 45 #undef BT_DBG 46 #define BT_DBG(D...) 47 #endif 48 49 #define RFCOMM_TTY_MAGIC 0x6d02 /* magic number for rfcomm struct */ 50 #define RFCOMM_TTY_PORTS RFCOMM_MAX_DEV /* whole lotta rfcomm devices */ 51 #define RFCOMM_TTY_MAJOR 216 /* device node major id of the usb/bluetooth.c driver */ 52 #define RFCOMM_TTY_MINOR 0 53 54 static struct tty_driver *rfcomm_tty_driver; 55 56 struct rfcomm_dev { 57 struct list_head list; 58 atomic_t refcnt; 59 60 char name[12]; 61 int id; 62 unsigned long flags; 63 int opened; 64 int err; 65 66 bdaddr_t src; 67 bdaddr_t dst; 68 u8 channel; 69 70 uint modem_status; 71 72 struct rfcomm_dlc *dlc; 73 struct tty_struct *tty; 74 wait_queue_head_t wait; 75 struct tasklet_struct wakeup_task; 76 77 atomic_t wmem_alloc; 78 }; 79 80 static LIST_HEAD(rfcomm_dev_list); 81 static DEFINE_RWLOCK(rfcomm_dev_lock); 82 83 static void rfcomm_dev_data_ready(struct rfcomm_dlc *dlc, struct sk_buff *skb); 84 static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err); 85 static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig); 86 87 static void rfcomm_tty_wakeup(unsigned long arg); 88 89 /* ---- Device functions ---- */ 90 static void rfcomm_dev_destruct(struct rfcomm_dev *dev) 91 { 92 struct rfcomm_dlc *dlc = dev->dlc; 93 94 BT_DBG("dev %p dlc %p", dev, dlc); 95 96 rfcomm_dlc_lock(dlc); 97 /* Detach DLC if it's owned by this dev */ 98 if (dlc->owner == dev) 99 dlc->owner = NULL; 100 rfcomm_dlc_unlock(dlc); 101 102 rfcomm_dlc_put(dlc); 103 104 tty_unregister_device(rfcomm_tty_driver, dev->id); 105 106 /* Refcount should only hit zero when called from rfcomm_dev_del() 107 which will have taken us off the list. Everything else are 108 refcounting bugs. */ 109 BUG_ON(!list_empty(&dev->list)); 110 111 kfree(dev); 112 113 /* It's safe to call module_put() here because socket still 114 holds reference to this module. */ 115 module_put(THIS_MODULE); 116 } 117 118 static inline void rfcomm_dev_hold(struct rfcomm_dev *dev) 119 { 120 atomic_inc(&dev->refcnt); 121 } 122 123 static inline void rfcomm_dev_put(struct rfcomm_dev *dev) 124 { 125 /* The reason this isn't actually a race, as you no 126 doubt have a little voice screaming at you in your 127 head, is that the refcount should never actually 128 reach zero unless the device has already been taken 129 off the list, in rfcomm_dev_del(). And if that's not 130 true, we'll hit the BUG() in rfcomm_dev_destruct() 131 anyway. */ 132 if (atomic_dec_and_test(&dev->refcnt)) 133 rfcomm_dev_destruct(dev); 134 } 135 136 static struct rfcomm_dev *__rfcomm_dev_get(int id) 137 { 138 struct rfcomm_dev *dev; 139 struct list_head *p; 140 141 list_for_each(p, &rfcomm_dev_list) { 142 dev = list_entry(p, struct rfcomm_dev, list); 143 if (dev->id == id) 144 return dev; 145 } 146 147 return NULL; 148 } 149 150 static inline struct rfcomm_dev *rfcomm_dev_get(int id) 151 { 152 struct rfcomm_dev *dev; 153 154 read_lock(&rfcomm_dev_lock); 155 156 dev = __rfcomm_dev_get(id); 157 if (dev) 158 rfcomm_dev_hold(dev); 159 160 read_unlock(&rfcomm_dev_lock); 161 162 return dev; 163 } 164 165 static int rfcomm_dev_add(struct rfcomm_dev_req *req, struct rfcomm_dlc *dlc) 166 { 167 struct rfcomm_dev *dev; 168 struct list_head *head = &rfcomm_dev_list, *p; 169 int err = 0; 170 171 BT_DBG("id %d channel %d", req->dev_id, req->channel); 172 173 dev = kmalloc(sizeof(struct rfcomm_dev), GFP_KERNEL); 174 if (!dev) 175 return -ENOMEM; 176 memset(dev, 0, sizeof(struct rfcomm_dev)); 177 178 write_lock_bh(&rfcomm_dev_lock); 179 180 if (req->dev_id < 0) { 181 dev->id = 0; 182 183 list_for_each(p, &rfcomm_dev_list) { 184 if (list_entry(p, struct rfcomm_dev, list)->id != dev->id) 185 break; 186 187 dev->id++; 188 head = p; 189 } 190 } else { 191 dev->id = req->dev_id; 192 193 list_for_each(p, &rfcomm_dev_list) { 194 struct rfcomm_dev *entry = list_entry(p, struct rfcomm_dev, list); 195 196 if (entry->id == dev->id) { 197 err = -EADDRINUSE; 198 goto out; 199 } 200 201 if (entry->id > dev->id - 1) 202 break; 203 204 head = p; 205 } 206 } 207 208 if ((dev->id < 0) || (dev->id > RFCOMM_MAX_DEV - 1)) { 209 err = -ENFILE; 210 goto out; 211 } 212 213 sprintf(dev->name, "rfcomm%d", dev->id); 214 215 list_add(&dev->list, head); 216 atomic_set(&dev->refcnt, 1); 217 218 bacpy(&dev->src, &req->src); 219 bacpy(&dev->dst, &req->dst); 220 dev->channel = req->channel; 221 222 dev->flags = req->flags & 223 ((1 << RFCOMM_RELEASE_ONHUP) | (1 << RFCOMM_REUSE_DLC)); 224 225 init_waitqueue_head(&dev->wait); 226 tasklet_init(&dev->wakeup_task, rfcomm_tty_wakeup, (unsigned long) dev); 227 228 rfcomm_dlc_lock(dlc); 229 dlc->data_ready = rfcomm_dev_data_ready; 230 dlc->state_change = rfcomm_dev_state_change; 231 dlc->modem_status = rfcomm_dev_modem_status; 232 233 dlc->owner = dev; 234 dev->dlc = dlc; 235 rfcomm_dlc_unlock(dlc); 236 237 /* It's safe to call __module_get() here because socket already 238 holds reference to this module. */ 239 __module_get(THIS_MODULE); 240 241 out: 242 write_unlock_bh(&rfcomm_dev_lock); 243 244 if (err) { 245 kfree(dev); 246 return err; 247 } 248 249 tty_register_device(rfcomm_tty_driver, dev->id, NULL); 250 251 return dev->id; 252 } 253 254 static void rfcomm_dev_del(struct rfcomm_dev *dev) 255 { 256 BT_DBG("dev %p", dev); 257 258 write_lock_bh(&rfcomm_dev_lock); 259 list_del_init(&dev->list); 260 write_unlock_bh(&rfcomm_dev_lock); 261 262 rfcomm_dev_put(dev); 263 } 264 265 /* ---- Send buffer ---- */ 266 static inline unsigned int rfcomm_room(struct rfcomm_dlc *dlc) 267 { 268 /* We can't let it be zero, because we don't get a callback 269 when tx_credits becomes nonzero, hence we'd never wake up */ 270 return dlc->mtu * (dlc->tx_credits?:1); 271 } 272 273 static void rfcomm_wfree(struct sk_buff *skb) 274 { 275 struct rfcomm_dev *dev = (void *) skb->sk; 276 atomic_sub(skb->truesize, &dev->wmem_alloc); 277 if (test_bit(RFCOMM_TTY_ATTACHED, &dev->flags)) 278 tasklet_schedule(&dev->wakeup_task); 279 rfcomm_dev_put(dev); 280 } 281 282 static inline void rfcomm_set_owner_w(struct sk_buff *skb, struct rfcomm_dev *dev) 283 { 284 rfcomm_dev_hold(dev); 285 atomic_add(skb->truesize, &dev->wmem_alloc); 286 skb->sk = (void *) dev; 287 skb->destructor = rfcomm_wfree; 288 } 289 290 static struct sk_buff *rfcomm_wmalloc(struct rfcomm_dev *dev, unsigned long size, gfp_t priority) 291 { 292 if (atomic_read(&dev->wmem_alloc) < rfcomm_room(dev->dlc)) { 293 struct sk_buff *skb = alloc_skb(size, priority); 294 if (skb) { 295 rfcomm_set_owner_w(skb, dev); 296 return skb; 297 } 298 } 299 return NULL; 300 } 301 302 /* ---- Device IOCTLs ---- */ 303 304 #define NOCAP_FLAGS ((1 << RFCOMM_REUSE_DLC) | (1 << RFCOMM_RELEASE_ONHUP)) 305 306 static int rfcomm_create_dev(struct sock *sk, void __user *arg) 307 { 308 struct rfcomm_dev_req req; 309 struct rfcomm_dlc *dlc; 310 int id; 311 312 if (copy_from_user(&req, arg, sizeof(req))) 313 return -EFAULT; 314 315 BT_DBG("sk %p dev_id %id flags 0x%x", sk, req.dev_id, req.flags); 316 317 if (req.flags != NOCAP_FLAGS && !capable(CAP_NET_ADMIN)) 318 return -EPERM; 319 320 if (req.flags & (1 << RFCOMM_REUSE_DLC)) { 321 /* Socket must be connected */ 322 if (sk->sk_state != BT_CONNECTED) 323 return -EBADFD; 324 325 dlc = rfcomm_pi(sk)->dlc; 326 rfcomm_dlc_hold(dlc); 327 } else { 328 dlc = rfcomm_dlc_alloc(GFP_KERNEL); 329 if (!dlc) 330 return -ENOMEM; 331 } 332 333 id = rfcomm_dev_add(&req, dlc); 334 if (id < 0) { 335 rfcomm_dlc_put(dlc); 336 return id; 337 } 338 339 if (req.flags & (1 << RFCOMM_REUSE_DLC)) { 340 /* DLC is now used by device. 341 * Socket must be disconnected */ 342 sk->sk_state = BT_CLOSED; 343 } 344 345 return id; 346 } 347 348 static int rfcomm_release_dev(void __user *arg) 349 { 350 struct rfcomm_dev_req req; 351 struct rfcomm_dev *dev; 352 353 if (copy_from_user(&req, arg, sizeof(req))) 354 return -EFAULT; 355 356 BT_DBG("dev_id %id flags 0x%x", req.dev_id, req.flags); 357 358 if (!(dev = rfcomm_dev_get(req.dev_id))) 359 return -ENODEV; 360 361 if (dev->flags != NOCAP_FLAGS && !capable(CAP_NET_ADMIN)) { 362 rfcomm_dev_put(dev); 363 return -EPERM; 364 } 365 366 if (req.flags & (1 << RFCOMM_HANGUP_NOW)) 367 rfcomm_dlc_close(dev->dlc, 0); 368 369 rfcomm_dev_del(dev); 370 rfcomm_dev_put(dev); 371 return 0; 372 } 373 374 static int rfcomm_get_dev_list(void __user *arg) 375 { 376 struct rfcomm_dev_list_req *dl; 377 struct rfcomm_dev_info *di; 378 struct list_head *p; 379 int n = 0, size, err; 380 u16 dev_num; 381 382 BT_DBG(""); 383 384 if (get_user(dev_num, (u16 __user *) arg)) 385 return -EFAULT; 386 387 if (!dev_num || dev_num > (PAGE_SIZE * 4) / sizeof(*di)) 388 return -EINVAL; 389 390 size = sizeof(*dl) + dev_num * sizeof(*di); 391 392 if (!(dl = kmalloc(size, GFP_KERNEL))) 393 return -ENOMEM; 394 395 di = dl->dev_info; 396 397 read_lock_bh(&rfcomm_dev_lock); 398 399 list_for_each(p, &rfcomm_dev_list) { 400 struct rfcomm_dev *dev = list_entry(p, struct rfcomm_dev, list); 401 (di + n)->id = dev->id; 402 (di + n)->flags = dev->flags; 403 (di + n)->state = dev->dlc->state; 404 (di + n)->channel = dev->channel; 405 bacpy(&(di + n)->src, &dev->src); 406 bacpy(&(di + n)->dst, &dev->dst); 407 if (++n >= dev_num) 408 break; 409 } 410 411 read_unlock_bh(&rfcomm_dev_lock); 412 413 dl->dev_num = n; 414 size = sizeof(*dl) + n * sizeof(*di); 415 416 err = copy_to_user(arg, dl, size); 417 kfree(dl); 418 419 return err ? -EFAULT : 0; 420 } 421 422 static int rfcomm_get_dev_info(void __user *arg) 423 { 424 struct rfcomm_dev *dev; 425 struct rfcomm_dev_info di; 426 int err = 0; 427 428 BT_DBG(""); 429 430 if (copy_from_user(&di, arg, sizeof(di))) 431 return -EFAULT; 432 433 if (!(dev = rfcomm_dev_get(di.id))) 434 return -ENODEV; 435 436 di.flags = dev->flags; 437 di.channel = dev->channel; 438 di.state = dev->dlc->state; 439 bacpy(&di.src, &dev->src); 440 bacpy(&di.dst, &dev->dst); 441 442 if (copy_to_user(arg, &di, sizeof(di))) 443 err = -EFAULT; 444 445 rfcomm_dev_put(dev); 446 return err; 447 } 448 449 int rfcomm_dev_ioctl(struct sock *sk, unsigned int cmd, void __user *arg) 450 { 451 BT_DBG("cmd %d arg %p", cmd, arg); 452 453 switch (cmd) { 454 case RFCOMMCREATEDEV: 455 return rfcomm_create_dev(sk, arg); 456 457 case RFCOMMRELEASEDEV: 458 return rfcomm_release_dev(arg); 459 460 case RFCOMMGETDEVLIST: 461 return rfcomm_get_dev_list(arg); 462 463 case RFCOMMGETDEVINFO: 464 return rfcomm_get_dev_info(arg); 465 } 466 467 return -EINVAL; 468 } 469 470 /* ---- DLC callbacks ---- */ 471 static void rfcomm_dev_data_ready(struct rfcomm_dlc *dlc, struct sk_buff *skb) 472 { 473 struct rfcomm_dev *dev = dlc->owner; 474 struct tty_struct *tty; 475 476 if (!dev || !(tty = dev->tty)) { 477 kfree_skb(skb); 478 return; 479 } 480 481 BT_DBG("dlc %p tty %p len %d", dlc, tty, skb->len); 482 483 if (test_bit(TTY_DONT_FLIP, &tty->flags)) { 484 tty_buffer_request_room(tty, skb->len); 485 tty_insert_flip_string(tty, skb->data, skb->len); 486 tty_flip_buffer_push(tty); 487 } else 488 tty->ldisc.receive_buf(tty, skb->data, NULL, skb->len); 489 490 kfree_skb(skb); 491 } 492 493 static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err) 494 { 495 struct rfcomm_dev *dev = dlc->owner; 496 if (!dev) 497 return; 498 499 BT_DBG("dlc %p dev %p err %d", dlc, dev, err); 500 501 dev->err = err; 502 wake_up_interruptible(&dev->wait); 503 504 if (dlc->state == BT_CLOSED) { 505 if (!dev->tty) { 506 if (test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags)) { 507 rfcomm_dev_hold(dev); 508 rfcomm_dev_del(dev); 509 510 /* We have to drop DLC lock here, otherwise 511 rfcomm_dev_put() will dead lock if it's 512 the last reference. */ 513 rfcomm_dlc_unlock(dlc); 514 rfcomm_dev_put(dev); 515 rfcomm_dlc_lock(dlc); 516 } 517 } else 518 tty_hangup(dev->tty); 519 } 520 } 521 522 static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig) 523 { 524 struct rfcomm_dev *dev = dlc->owner; 525 if (!dev) 526 return; 527 528 BT_DBG("dlc %p dev %p v24_sig 0x%02x", dlc, dev, v24_sig); 529 530 if ((dev->modem_status & TIOCM_CD) && !(v24_sig & RFCOMM_V24_DV)) { 531 if (dev->tty && !C_CLOCAL(dev->tty)) 532 tty_hangup(dev->tty); 533 } 534 535 dev->modem_status = 536 ((v24_sig & RFCOMM_V24_RTC) ? (TIOCM_DSR | TIOCM_DTR) : 0) | 537 ((v24_sig & RFCOMM_V24_RTR) ? (TIOCM_RTS | TIOCM_CTS) : 0) | 538 ((v24_sig & RFCOMM_V24_IC) ? TIOCM_RI : 0) | 539 ((v24_sig & RFCOMM_V24_DV) ? TIOCM_CD : 0); 540 } 541 542 /* ---- TTY functions ---- */ 543 static void rfcomm_tty_wakeup(unsigned long arg) 544 { 545 struct rfcomm_dev *dev = (void *) arg; 546 struct tty_struct *tty = dev->tty; 547 if (!tty) 548 return; 549 550 BT_DBG("dev %p tty %p", dev, tty); 551 552 if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags) && tty->ldisc.write_wakeup) 553 (tty->ldisc.write_wakeup)(tty); 554 555 wake_up_interruptible(&tty->write_wait); 556 #ifdef SERIAL_HAVE_POLL_WAIT 557 wake_up_interruptible(&tty->poll_wait); 558 #endif 559 } 560 561 static int rfcomm_tty_open(struct tty_struct *tty, struct file *filp) 562 { 563 DECLARE_WAITQUEUE(wait, current); 564 struct rfcomm_dev *dev; 565 struct rfcomm_dlc *dlc; 566 int err, id; 567 568 id = tty->index; 569 570 BT_DBG("tty %p id %d", tty, id); 571 572 /* We don't leak this refcount. For reasons which are not entirely 573 clear, the TTY layer will call our ->close() method even if the 574 open fails. We decrease the refcount there, and decreasing it 575 here too would cause breakage. */ 576 dev = rfcomm_dev_get(id); 577 if (!dev) 578 return -ENODEV; 579 580 BT_DBG("dev %p dst %s channel %d opened %d", dev, batostr(&dev->dst), dev->channel, dev->opened); 581 582 if (dev->opened++ != 0) 583 return 0; 584 585 dlc = dev->dlc; 586 587 /* Attach TTY and open DLC */ 588 589 rfcomm_dlc_lock(dlc); 590 tty->driver_data = dev; 591 dev->tty = tty; 592 rfcomm_dlc_unlock(dlc); 593 set_bit(RFCOMM_TTY_ATTACHED, &dev->flags); 594 595 err = rfcomm_dlc_open(dlc, &dev->src, &dev->dst, dev->channel); 596 if (err < 0) 597 return err; 598 599 /* Wait for DLC to connect */ 600 add_wait_queue(&dev->wait, &wait); 601 while (1) { 602 set_current_state(TASK_INTERRUPTIBLE); 603 604 if (dlc->state == BT_CLOSED) { 605 err = -dev->err; 606 break; 607 } 608 609 if (dlc->state == BT_CONNECTED) 610 break; 611 612 if (signal_pending(current)) { 613 err = -EINTR; 614 break; 615 } 616 617 schedule(); 618 } 619 set_current_state(TASK_RUNNING); 620 remove_wait_queue(&dev->wait, &wait); 621 622 return err; 623 } 624 625 static void rfcomm_tty_close(struct tty_struct *tty, struct file *filp) 626 { 627 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 628 if (!dev) 629 return; 630 631 BT_DBG("tty %p dev %p dlc %p opened %d", tty, dev, dev->dlc, dev->opened); 632 633 if (--dev->opened == 0) { 634 /* Close DLC and dettach TTY */ 635 rfcomm_dlc_close(dev->dlc, 0); 636 637 clear_bit(RFCOMM_TTY_ATTACHED, &dev->flags); 638 tasklet_kill(&dev->wakeup_task); 639 640 rfcomm_dlc_lock(dev->dlc); 641 tty->driver_data = NULL; 642 dev->tty = NULL; 643 rfcomm_dlc_unlock(dev->dlc); 644 } 645 646 rfcomm_dev_put(dev); 647 } 648 649 static int rfcomm_tty_write(struct tty_struct *tty, const unsigned char *buf, int count) 650 { 651 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 652 struct rfcomm_dlc *dlc = dev->dlc; 653 struct sk_buff *skb; 654 int err = 0, sent = 0, size; 655 656 BT_DBG("tty %p count %d", tty, count); 657 658 while (count) { 659 size = min_t(uint, count, dlc->mtu); 660 661 skb = rfcomm_wmalloc(dev, size + RFCOMM_SKB_RESERVE, GFP_ATOMIC); 662 663 if (!skb) 664 break; 665 666 skb_reserve(skb, RFCOMM_SKB_HEAD_RESERVE); 667 668 memcpy(skb_put(skb, size), buf + sent, size); 669 670 if ((err = rfcomm_dlc_send(dlc, skb)) < 0) { 671 kfree_skb(skb); 672 break; 673 } 674 675 sent += size; 676 count -= size; 677 } 678 679 return sent ? sent : err; 680 } 681 682 static int rfcomm_tty_write_room(struct tty_struct *tty) 683 { 684 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 685 int room; 686 687 BT_DBG("tty %p", tty); 688 689 room = rfcomm_room(dev->dlc) - atomic_read(&dev->wmem_alloc); 690 if (room < 0) 691 room = 0; 692 return room; 693 } 694 695 static int rfcomm_tty_ioctl(struct tty_struct *tty, struct file *filp, unsigned int cmd, unsigned long arg) 696 { 697 BT_DBG("tty %p cmd 0x%02x", tty, cmd); 698 699 switch (cmd) { 700 case TCGETS: 701 BT_DBG("TCGETS is not supported"); 702 return -ENOIOCTLCMD; 703 704 case TCSETS: 705 BT_DBG("TCSETS is not supported"); 706 return -ENOIOCTLCMD; 707 708 case TIOCMIWAIT: 709 BT_DBG("TIOCMIWAIT"); 710 break; 711 712 case TIOCGICOUNT: 713 BT_DBG("TIOCGICOUNT"); 714 break; 715 716 case TIOCGSERIAL: 717 BT_ERR("TIOCGSERIAL is not supported"); 718 return -ENOIOCTLCMD; 719 720 case TIOCSSERIAL: 721 BT_ERR("TIOCSSERIAL is not supported"); 722 return -ENOIOCTLCMD; 723 724 case TIOCSERGSTRUCT: 725 BT_ERR("TIOCSERGSTRUCT is not supported"); 726 return -ENOIOCTLCMD; 727 728 case TIOCSERGETLSR: 729 BT_ERR("TIOCSERGETLSR is not supported"); 730 return -ENOIOCTLCMD; 731 732 case TIOCSERCONFIG: 733 BT_ERR("TIOCSERCONFIG is not supported"); 734 return -ENOIOCTLCMD; 735 736 default: 737 return -ENOIOCTLCMD; /* ioctls which we must ignore */ 738 739 } 740 741 return -ENOIOCTLCMD; 742 } 743 744 static void rfcomm_tty_set_termios(struct tty_struct *tty, struct termios *old) 745 { 746 struct termios *new = (struct termios *) tty->termios; 747 int old_baud_rate = tty_termios_baud_rate(old); 748 int new_baud_rate = tty_termios_baud_rate(new); 749 750 u8 baud, data_bits, stop_bits, parity, x_on, x_off; 751 u16 changes = 0; 752 753 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 754 755 BT_DBG("tty %p termios %p", tty, old); 756 757 /* Handle turning off CRTSCTS */ 758 if ((old->c_cflag & CRTSCTS) && !(new->c_cflag & CRTSCTS)) 759 BT_DBG("Turning off CRTSCTS unsupported"); 760 761 /* Parity on/off and when on, odd/even */ 762 if (((old->c_cflag & PARENB) != (new->c_cflag & PARENB)) || 763 ((old->c_cflag & PARODD) != (new->c_cflag & PARODD)) ) { 764 changes |= RFCOMM_RPN_PM_PARITY; 765 BT_DBG("Parity change detected."); 766 } 767 768 /* Mark and space parity are not supported! */ 769 if (new->c_cflag & PARENB) { 770 if (new->c_cflag & PARODD) { 771 BT_DBG("Parity is ODD"); 772 parity = RFCOMM_RPN_PARITY_ODD; 773 } else { 774 BT_DBG("Parity is EVEN"); 775 parity = RFCOMM_RPN_PARITY_EVEN; 776 } 777 } else { 778 BT_DBG("Parity is OFF"); 779 parity = RFCOMM_RPN_PARITY_NONE; 780 } 781 782 /* Setting the x_on / x_off characters */ 783 if (old->c_cc[VSTOP] != new->c_cc[VSTOP]) { 784 BT_DBG("XOFF custom"); 785 x_on = new->c_cc[VSTOP]; 786 changes |= RFCOMM_RPN_PM_XON; 787 } else { 788 BT_DBG("XOFF default"); 789 x_on = RFCOMM_RPN_XON_CHAR; 790 } 791 792 if (old->c_cc[VSTART] != new->c_cc[VSTART]) { 793 BT_DBG("XON custom"); 794 x_off = new->c_cc[VSTART]; 795 changes |= RFCOMM_RPN_PM_XOFF; 796 } else { 797 BT_DBG("XON default"); 798 x_off = RFCOMM_RPN_XOFF_CHAR; 799 } 800 801 /* Handle setting of stop bits */ 802 if ((old->c_cflag & CSTOPB) != (new->c_cflag & CSTOPB)) 803 changes |= RFCOMM_RPN_PM_STOP; 804 805 /* POSIX does not support 1.5 stop bits and RFCOMM does not 806 * support 2 stop bits. So a request for 2 stop bits gets 807 * translated to 1.5 stop bits */ 808 if (new->c_cflag & CSTOPB) { 809 stop_bits = RFCOMM_RPN_STOP_15; 810 } else { 811 stop_bits = RFCOMM_RPN_STOP_1; 812 } 813 814 /* Handle number of data bits [5-8] */ 815 if ((old->c_cflag & CSIZE) != (new->c_cflag & CSIZE)) 816 changes |= RFCOMM_RPN_PM_DATA; 817 818 switch (new->c_cflag & CSIZE) { 819 case CS5: 820 data_bits = RFCOMM_RPN_DATA_5; 821 break; 822 case CS6: 823 data_bits = RFCOMM_RPN_DATA_6; 824 break; 825 case CS7: 826 data_bits = RFCOMM_RPN_DATA_7; 827 break; 828 case CS8: 829 data_bits = RFCOMM_RPN_DATA_8; 830 break; 831 default: 832 data_bits = RFCOMM_RPN_DATA_8; 833 break; 834 } 835 836 /* Handle baudrate settings */ 837 if (old_baud_rate != new_baud_rate) 838 changes |= RFCOMM_RPN_PM_BITRATE; 839 840 switch (new_baud_rate) { 841 case 2400: 842 baud = RFCOMM_RPN_BR_2400; 843 break; 844 case 4800: 845 baud = RFCOMM_RPN_BR_4800; 846 break; 847 case 7200: 848 baud = RFCOMM_RPN_BR_7200; 849 break; 850 case 9600: 851 baud = RFCOMM_RPN_BR_9600; 852 break; 853 case 19200: 854 baud = RFCOMM_RPN_BR_19200; 855 break; 856 case 38400: 857 baud = RFCOMM_RPN_BR_38400; 858 break; 859 case 57600: 860 baud = RFCOMM_RPN_BR_57600; 861 break; 862 case 115200: 863 baud = RFCOMM_RPN_BR_115200; 864 break; 865 case 230400: 866 baud = RFCOMM_RPN_BR_230400; 867 break; 868 default: 869 /* 9600 is standard accordinag to the RFCOMM specification */ 870 baud = RFCOMM_RPN_BR_9600; 871 break; 872 873 } 874 875 if (changes) 876 rfcomm_send_rpn(dev->dlc->session, 1, dev->dlc->dlci, baud, 877 data_bits, stop_bits, parity, 878 RFCOMM_RPN_FLOW_NONE, x_on, x_off, changes); 879 880 return; 881 } 882 883 static void rfcomm_tty_throttle(struct tty_struct *tty) 884 { 885 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 886 887 BT_DBG("tty %p dev %p", tty, dev); 888 889 rfcomm_dlc_throttle(dev->dlc); 890 } 891 892 static void rfcomm_tty_unthrottle(struct tty_struct *tty) 893 { 894 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 895 896 BT_DBG("tty %p dev %p", tty, dev); 897 898 rfcomm_dlc_unthrottle(dev->dlc); 899 } 900 901 static int rfcomm_tty_chars_in_buffer(struct tty_struct *tty) 902 { 903 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 904 struct rfcomm_dlc *dlc = dev->dlc; 905 906 BT_DBG("tty %p dev %p", tty, dev); 907 908 if (!skb_queue_empty(&dlc->tx_queue)) 909 return dlc->mtu; 910 911 return 0; 912 } 913 914 static void rfcomm_tty_flush_buffer(struct tty_struct *tty) 915 { 916 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 917 if (!dev) 918 return; 919 920 BT_DBG("tty %p dev %p", tty, dev); 921 922 skb_queue_purge(&dev->dlc->tx_queue); 923 924 if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags) && tty->ldisc.write_wakeup) 925 tty->ldisc.write_wakeup(tty); 926 } 927 928 static void rfcomm_tty_send_xchar(struct tty_struct *tty, char ch) 929 { 930 BT_DBG("tty %p ch %c", tty, ch); 931 } 932 933 static void rfcomm_tty_wait_until_sent(struct tty_struct *tty, int timeout) 934 { 935 BT_DBG("tty %p timeout %d", tty, timeout); 936 } 937 938 static void rfcomm_tty_hangup(struct tty_struct *tty) 939 { 940 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 941 if (!dev) 942 return; 943 944 BT_DBG("tty %p dev %p", tty, dev); 945 946 rfcomm_tty_flush_buffer(tty); 947 948 if (test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags)) 949 rfcomm_dev_del(dev); 950 } 951 952 static int rfcomm_tty_read_proc(char *buf, char **start, off_t offset, int len, int *eof, void *unused) 953 { 954 return 0; 955 } 956 957 static int rfcomm_tty_tiocmget(struct tty_struct *tty, struct file *filp) 958 { 959 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 960 961 BT_DBG("tty %p dev %p", tty, dev); 962 963 return dev->modem_status; 964 } 965 966 static int rfcomm_tty_tiocmset(struct tty_struct *tty, struct file *filp, unsigned int set, unsigned int clear) 967 { 968 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 969 struct rfcomm_dlc *dlc = dev->dlc; 970 u8 v24_sig; 971 972 BT_DBG("tty %p dev %p set 0x%02x clear 0x%02x", tty, dev, set, clear); 973 974 rfcomm_dlc_get_modem_status(dlc, &v24_sig); 975 976 if (set & TIOCM_DSR || set & TIOCM_DTR) 977 v24_sig |= RFCOMM_V24_RTC; 978 if (set & TIOCM_RTS || set & TIOCM_CTS) 979 v24_sig |= RFCOMM_V24_RTR; 980 if (set & TIOCM_RI) 981 v24_sig |= RFCOMM_V24_IC; 982 if (set & TIOCM_CD) 983 v24_sig |= RFCOMM_V24_DV; 984 985 if (clear & TIOCM_DSR || clear & TIOCM_DTR) 986 v24_sig &= ~RFCOMM_V24_RTC; 987 if (clear & TIOCM_RTS || clear & TIOCM_CTS) 988 v24_sig &= ~RFCOMM_V24_RTR; 989 if (clear & TIOCM_RI) 990 v24_sig &= ~RFCOMM_V24_IC; 991 if (clear & TIOCM_CD) 992 v24_sig &= ~RFCOMM_V24_DV; 993 994 rfcomm_dlc_set_modem_status(dlc, v24_sig); 995 996 return 0; 997 } 998 999 /* ---- TTY structure ---- */ 1000 1001 static struct tty_operations rfcomm_ops = { 1002 .open = rfcomm_tty_open, 1003 .close = rfcomm_tty_close, 1004 .write = rfcomm_tty_write, 1005 .write_room = rfcomm_tty_write_room, 1006 .chars_in_buffer = rfcomm_tty_chars_in_buffer, 1007 .flush_buffer = rfcomm_tty_flush_buffer, 1008 .ioctl = rfcomm_tty_ioctl, 1009 .throttle = rfcomm_tty_throttle, 1010 .unthrottle = rfcomm_tty_unthrottle, 1011 .set_termios = rfcomm_tty_set_termios, 1012 .send_xchar = rfcomm_tty_send_xchar, 1013 .hangup = rfcomm_tty_hangup, 1014 .wait_until_sent = rfcomm_tty_wait_until_sent, 1015 .read_proc = rfcomm_tty_read_proc, 1016 .tiocmget = rfcomm_tty_tiocmget, 1017 .tiocmset = rfcomm_tty_tiocmset, 1018 }; 1019 1020 int rfcomm_init_ttys(void) 1021 { 1022 rfcomm_tty_driver = alloc_tty_driver(RFCOMM_TTY_PORTS); 1023 if (!rfcomm_tty_driver) 1024 return -1; 1025 1026 rfcomm_tty_driver->owner = THIS_MODULE; 1027 rfcomm_tty_driver->driver_name = "rfcomm"; 1028 rfcomm_tty_driver->devfs_name = "bluetooth/rfcomm/"; 1029 rfcomm_tty_driver->name = "rfcomm"; 1030 rfcomm_tty_driver->major = RFCOMM_TTY_MAJOR; 1031 rfcomm_tty_driver->minor_start = RFCOMM_TTY_MINOR; 1032 rfcomm_tty_driver->type = TTY_DRIVER_TYPE_SERIAL; 1033 rfcomm_tty_driver->subtype = SERIAL_TYPE_NORMAL; 1034 rfcomm_tty_driver->flags = TTY_DRIVER_REAL_RAW | TTY_DRIVER_NO_DEVFS; 1035 rfcomm_tty_driver->init_termios = tty_std_termios; 1036 rfcomm_tty_driver->init_termios.c_cflag = B9600 | CS8 | CREAD | HUPCL | CLOCAL; 1037 tty_set_operations(rfcomm_tty_driver, &rfcomm_ops); 1038 1039 if (tty_register_driver(rfcomm_tty_driver)) { 1040 BT_ERR("Can't register RFCOMM TTY driver"); 1041 put_tty_driver(rfcomm_tty_driver); 1042 return -1; 1043 } 1044 1045 BT_INFO("RFCOMM TTY layer initialized"); 1046 1047 return 0; 1048 } 1049 1050 void rfcomm_cleanup_ttys(void) 1051 { 1052 tty_unregister_driver(rfcomm_tty_driver); 1053 put_tty_driver(rfcomm_tty_driver); 1054 } 1055