blob: 1958ad1b8541e57be7f32bb70b2b19a242884dce [file] [log] [blame]
Linus Torvalds1da177e2005-04-16 15:20:36 -07001/*
2 RFCOMM implementation for Linux Bluetooth stack (BlueZ).
3 Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com>
4 Copyright (C) 2002 Marcel Holtmann <marcel@holtmann.org>
5
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License version 2 as
8 published by the Free Software Foundation;
9
10 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
11 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
12 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
13 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
14 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
15 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
17 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18
19 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
20 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
21 SOFTWARE IS DISCLAIMED.
22*/
23
24/*
25 * RFCOMM TTY.
26 *
27 * $Id: tty.c,v 1.24 2002/10/03 01:54:38 holtmann Exp $
28 */
29
Linus Torvalds1da177e2005-04-16 15:20:36 -070030#include <linux/module.h>
31
32#include <linux/tty.h>
33#include <linux/tty_driver.h>
34#include <linux/tty_flip.h>
35
Randy Dunlap4fc268d2006-01-11 12:17:47 -080036#include <linux/capability.h>
Linus Torvalds1da177e2005-04-16 15:20:36 -070037#include <linux/slab.h>
38#include <linux/skbuff.h>
39
40#include <net/bluetooth/bluetooth.h>
Marcel Holtmann0a85b962006-07-06 13:09:02 +020041#include <net/bluetooth/hci_core.h>
Linus Torvalds1da177e2005-04-16 15:20:36 -070042#include <net/bluetooth/rfcomm.h>
43
44#ifndef CONFIG_BT_RFCOMM_DEBUG
45#undef BT_DBG
46#define BT_DBG(D...)
47#endif
48
49#define RFCOMM_TTY_MAGIC 0x6d02 /* magic number for rfcomm struct */
50#define RFCOMM_TTY_PORTS RFCOMM_MAX_DEV /* whole lotta rfcomm devices */
51#define RFCOMM_TTY_MAJOR 216 /* device node major id of the usb/bluetooth.c driver */
52#define RFCOMM_TTY_MINOR 0
53
54static struct tty_driver *rfcomm_tty_driver;
55
56struct rfcomm_dev {
57 struct list_head list;
58 atomic_t refcnt;
59
60 char name[12];
61 int id;
62 unsigned long flags;
63 int opened;
64 int err;
65
66 bdaddr_t src;
67 bdaddr_t dst;
68 u8 channel;
69
70 uint modem_status;
71
72 struct rfcomm_dlc *dlc;
73 struct tty_struct *tty;
74 wait_queue_head_t wait;
75 struct tasklet_struct wakeup_task;
76
77 atomic_t wmem_alloc;
78};
79
80static LIST_HEAD(rfcomm_dev_list);
81static DEFINE_RWLOCK(rfcomm_dev_lock);
82
83static void rfcomm_dev_data_ready(struct rfcomm_dlc *dlc, struct sk_buff *skb);
84static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err);
85static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig);
86
87static void rfcomm_tty_wakeup(unsigned long arg);
88
89/* ---- Device functions ---- */
90static void rfcomm_dev_destruct(struct rfcomm_dev *dev)
91{
92 struct rfcomm_dlc *dlc = dev->dlc;
93
94 BT_DBG("dev %p dlc %p", dev, dlc);
95
96 rfcomm_dlc_lock(dlc);
97 /* Detach DLC if it's owned by this dev */
98 if (dlc->owner == dev)
99 dlc->owner = NULL;
100 rfcomm_dlc_unlock(dlc);
101
102 rfcomm_dlc_put(dlc);
103
104 tty_unregister_device(rfcomm_tty_driver, dev->id);
105
106 /* Refcount should only hit zero when called from rfcomm_dev_del()
107 which will have taken us off the list. Everything else are
108 refcounting bugs. */
109 BUG_ON(!list_empty(&dev->list));
110
111 kfree(dev);
112
113 /* It's safe to call module_put() here because socket still
114 holds reference to this module. */
115 module_put(THIS_MODULE);
116}
117
118static inline void rfcomm_dev_hold(struct rfcomm_dev *dev)
119{
120 atomic_inc(&dev->refcnt);
121}
122
123static inline void rfcomm_dev_put(struct rfcomm_dev *dev)
124{
125 /* The reason this isn't actually a race, as you no
126 doubt have a little voice screaming at you in your
127 head, is that the refcount should never actually
128 reach zero unless the device has already been taken
129 off the list, in rfcomm_dev_del(). And if that's not
130 true, we'll hit the BUG() in rfcomm_dev_destruct()
131 anyway. */
132 if (atomic_dec_and_test(&dev->refcnt))
133 rfcomm_dev_destruct(dev);
134}
135
136static struct rfcomm_dev *__rfcomm_dev_get(int id)
137{
138 struct rfcomm_dev *dev;
139 struct list_head *p;
140
141 list_for_each(p, &rfcomm_dev_list) {
142 dev = list_entry(p, struct rfcomm_dev, list);
143 if (dev->id == id)
144 return dev;
145 }
146
147 return NULL;
148}
149
150static inline struct rfcomm_dev *rfcomm_dev_get(int id)
151{
152 struct rfcomm_dev *dev;
153
154 read_lock(&rfcomm_dev_lock);
155
156 dev = __rfcomm_dev_get(id);
157 if (dev)
158 rfcomm_dev_hold(dev);
159
160 read_unlock(&rfcomm_dev_lock);
161
162 return dev;
163}
164
Marcel Holtmann0a85b962006-07-06 13:09:02 +0200165static struct device *rfcomm_get_device(struct rfcomm_dev *dev)
166{
167 struct hci_dev *hdev;
168 struct hci_conn *conn;
169
170 hdev = hci_get_route(&dev->dst, &dev->src);
171 if (!hdev)
172 return NULL;
173
174 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &dev->dst);
175 if (!conn)
176 return NULL;
177
178 hci_dev_put(hdev);
179
180 return &conn->dev;
181}
182
Linus Torvalds1da177e2005-04-16 15:20:36 -0700183static int rfcomm_dev_add(struct rfcomm_dev_req *req, struct rfcomm_dlc *dlc)
184{
185 struct rfcomm_dev *dev;
186 struct list_head *head = &rfcomm_dev_list, *p;
187 int err = 0;
188
189 BT_DBG("id %d channel %d", req->dev_id, req->channel);
190
Marcel Holtmann25ea6db2006-07-06 15:40:09 +0200191 dev = kzalloc(sizeof(struct rfcomm_dev), GFP_KERNEL);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700192 if (!dev)
193 return -ENOMEM;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700194
195 write_lock_bh(&rfcomm_dev_lock);
196
197 if (req->dev_id < 0) {
198 dev->id = 0;
199
200 list_for_each(p, &rfcomm_dev_list) {
201 if (list_entry(p, struct rfcomm_dev, list)->id != dev->id)
202 break;
203
204 dev->id++;
205 head = p;
206 }
207 } else {
208 dev->id = req->dev_id;
209
210 list_for_each(p, &rfcomm_dev_list) {
211 struct rfcomm_dev *entry = list_entry(p, struct rfcomm_dev, list);
212
213 if (entry->id == dev->id) {
214 err = -EADDRINUSE;
215 goto out;
216 }
217
218 if (entry->id > dev->id - 1)
219 break;
220
221 head = p;
222 }
223 }
224
225 if ((dev->id < 0) || (dev->id > RFCOMM_MAX_DEV - 1)) {
226 err = -ENFILE;
227 goto out;
228 }
229
230 sprintf(dev->name, "rfcomm%d", dev->id);
231
232 list_add(&dev->list, head);
233 atomic_set(&dev->refcnt, 1);
234
235 bacpy(&dev->src, &req->src);
236 bacpy(&dev->dst, &req->dst);
237 dev->channel = req->channel;
238
239 dev->flags = req->flags &
240 ((1 << RFCOMM_RELEASE_ONHUP) | (1 << RFCOMM_REUSE_DLC));
241
242 init_waitqueue_head(&dev->wait);
243 tasklet_init(&dev->wakeup_task, rfcomm_tty_wakeup, (unsigned long) dev);
244
245 rfcomm_dlc_lock(dlc);
246 dlc->data_ready = rfcomm_dev_data_ready;
247 dlc->state_change = rfcomm_dev_state_change;
248 dlc->modem_status = rfcomm_dev_modem_status;
249
250 dlc->owner = dev;
251 dev->dlc = dlc;
252 rfcomm_dlc_unlock(dlc);
253
254 /* It's safe to call __module_get() here because socket already
255 holds reference to this module. */
256 __module_get(THIS_MODULE);
257
258out:
259 write_unlock_bh(&rfcomm_dev_lock);
260
261 if (err) {
262 kfree(dev);
263 return err;
264 }
265
Marcel Holtmann0a85b962006-07-06 13:09:02 +0200266 tty_register_device(rfcomm_tty_driver, dev->id, rfcomm_get_device(dev));
Linus Torvalds1da177e2005-04-16 15:20:36 -0700267
268 return dev->id;
269}
270
271static void rfcomm_dev_del(struct rfcomm_dev *dev)
272{
273 BT_DBG("dev %p", dev);
274
275 write_lock_bh(&rfcomm_dev_lock);
276 list_del_init(&dev->list);
277 write_unlock_bh(&rfcomm_dev_lock);
278
279 rfcomm_dev_put(dev);
280}
281
282/* ---- Send buffer ---- */
283static inline unsigned int rfcomm_room(struct rfcomm_dlc *dlc)
284{
285 /* We can't let it be zero, because we don't get a callback
286 when tx_credits becomes nonzero, hence we'd never wake up */
287 return dlc->mtu * (dlc->tx_credits?:1);
288}
289
290static void rfcomm_wfree(struct sk_buff *skb)
291{
292 struct rfcomm_dev *dev = (void *) skb->sk;
293 atomic_sub(skb->truesize, &dev->wmem_alloc);
294 if (test_bit(RFCOMM_TTY_ATTACHED, &dev->flags))
295 tasklet_schedule(&dev->wakeup_task);
296 rfcomm_dev_put(dev);
297}
298
299static inline void rfcomm_set_owner_w(struct sk_buff *skb, struct rfcomm_dev *dev)
300{
301 rfcomm_dev_hold(dev);
302 atomic_add(skb->truesize, &dev->wmem_alloc);
303 skb->sk = (void *) dev;
304 skb->destructor = rfcomm_wfree;
305}
306
Al Virodd0fc662005-10-07 07:46:04 +0100307static struct sk_buff *rfcomm_wmalloc(struct rfcomm_dev *dev, unsigned long size, gfp_t priority)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700308{
309 if (atomic_read(&dev->wmem_alloc) < rfcomm_room(dev->dlc)) {
310 struct sk_buff *skb = alloc_skb(size, priority);
311 if (skb) {
312 rfcomm_set_owner_w(skb, dev);
313 return skb;
314 }
315 }
316 return NULL;
317}
318
319/* ---- Device IOCTLs ---- */
320
321#define NOCAP_FLAGS ((1 << RFCOMM_REUSE_DLC) | (1 << RFCOMM_RELEASE_ONHUP))
322
323static int rfcomm_create_dev(struct sock *sk, void __user *arg)
324{
325 struct rfcomm_dev_req req;
326 struct rfcomm_dlc *dlc;
327 int id;
328
329 if (copy_from_user(&req, arg, sizeof(req)))
330 return -EFAULT;
331
332 BT_DBG("sk %p dev_id %id flags 0x%x", sk, req.dev_id, req.flags);
333
334 if (req.flags != NOCAP_FLAGS && !capable(CAP_NET_ADMIN))
335 return -EPERM;
336
337 if (req.flags & (1 << RFCOMM_REUSE_DLC)) {
338 /* Socket must be connected */
339 if (sk->sk_state != BT_CONNECTED)
340 return -EBADFD;
341
342 dlc = rfcomm_pi(sk)->dlc;
343 rfcomm_dlc_hold(dlc);
344 } else {
345 dlc = rfcomm_dlc_alloc(GFP_KERNEL);
346 if (!dlc)
347 return -ENOMEM;
348 }
349
350 id = rfcomm_dev_add(&req, dlc);
351 if (id < 0) {
352 rfcomm_dlc_put(dlc);
353 return id;
354 }
355
356 if (req.flags & (1 << RFCOMM_REUSE_DLC)) {
357 /* DLC is now used by device.
358 * Socket must be disconnected */
359 sk->sk_state = BT_CLOSED;
360 }
361
362 return id;
363}
364
365static int rfcomm_release_dev(void __user *arg)
366{
367 struct rfcomm_dev_req req;
368 struct rfcomm_dev *dev;
369
370 if (copy_from_user(&req, arg, sizeof(req)))
371 return -EFAULT;
372
373 BT_DBG("dev_id %id flags 0x%x", req.dev_id, req.flags);
374
375 if (!(dev = rfcomm_dev_get(req.dev_id)))
376 return -ENODEV;
377
378 if (dev->flags != NOCAP_FLAGS && !capable(CAP_NET_ADMIN)) {
379 rfcomm_dev_put(dev);
380 return -EPERM;
381 }
382
383 if (req.flags & (1 << RFCOMM_HANGUP_NOW))
384 rfcomm_dlc_close(dev->dlc, 0);
385
386 rfcomm_dev_del(dev);
387 rfcomm_dev_put(dev);
388 return 0;
389}
390
391static int rfcomm_get_dev_list(void __user *arg)
392{
393 struct rfcomm_dev_list_req *dl;
394 struct rfcomm_dev_info *di;
395 struct list_head *p;
396 int n = 0, size, err;
397 u16 dev_num;
398
399 BT_DBG("");
400
401 if (get_user(dev_num, (u16 __user *) arg))
402 return -EFAULT;
403
404 if (!dev_num || dev_num > (PAGE_SIZE * 4) / sizeof(*di))
405 return -EINVAL;
406
407 size = sizeof(*dl) + dev_num * sizeof(*di);
408
409 if (!(dl = kmalloc(size, GFP_KERNEL)))
410 return -ENOMEM;
411
412 di = dl->dev_info;
413
414 read_lock_bh(&rfcomm_dev_lock);
415
416 list_for_each(p, &rfcomm_dev_list) {
417 struct rfcomm_dev *dev = list_entry(p, struct rfcomm_dev, list);
418 (di + n)->id = dev->id;
419 (di + n)->flags = dev->flags;
420 (di + n)->state = dev->dlc->state;
421 (di + n)->channel = dev->channel;
422 bacpy(&(di + n)->src, &dev->src);
423 bacpy(&(di + n)->dst, &dev->dst);
424 if (++n >= dev_num)
425 break;
426 }
427
428 read_unlock_bh(&rfcomm_dev_lock);
429
430 dl->dev_num = n;
431 size = sizeof(*dl) + n * sizeof(*di);
432
433 err = copy_to_user(arg, dl, size);
434 kfree(dl);
435
436 return err ? -EFAULT : 0;
437}
438
439static int rfcomm_get_dev_info(void __user *arg)
440{
441 struct rfcomm_dev *dev;
442 struct rfcomm_dev_info di;
443 int err = 0;
444
445 BT_DBG("");
446
447 if (copy_from_user(&di, arg, sizeof(di)))
448 return -EFAULT;
449
450 if (!(dev = rfcomm_dev_get(di.id)))
451 return -ENODEV;
452
453 di.flags = dev->flags;
454 di.channel = dev->channel;
455 di.state = dev->dlc->state;
456 bacpy(&di.src, &dev->src);
457 bacpy(&di.dst, &dev->dst);
458
459 if (copy_to_user(arg, &di, sizeof(di)))
460 err = -EFAULT;
461
462 rfcomm_dev_put(dev);
463 return err;
464}
465
466int rfcomm_dev_ioctl(struct sock *sk, unsigned int cmd, void __user *arg)
467{
468 BT_DBG("cmd %d arg %p", cmd, arg);
469
470 switch (cmd) {
471 case RFCOMMCREATEDEV:
472 return rfcomm_create_dev(sk, arg);
473
474 case RFCOMMRELEASEDEV:
475 return rfcomm_release_dev(arg);
476
477 case RFCOMMGETDEVLIST:
478 return rfcomm_get_dev_list(arg);
479
480 case RFCOMMGETDEVINFO:
481 return rfcomm_get_dev_info(arg);
482 }
483
484 return -EINVAL;
485}
486
487/* ---- DLC callbacks ---- */
488static void rfcomm_dev_data_ready(struct rfcomm_dlc *dlc, struct sk_buff *skb)
489{
490 struct rfcomm_dev *dev = dlc->owner;
491 struct tty_struct *tty;
492
493 if (!dev || !(tty = dev->tty)) {
494 kfree_skb(skb);
495 return;
496 }
497
498 BT_DBG("dlc %p tty %p len %d", dlc, tty, skb->len);
499
Paul Fulghum817d6d32006-06-28 04:26:47 -0700500 tty_insert_flip_string(tty, skb->data, skb->len);
501 tty_flip_buffer_push(tty);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700502
503 kfree_skb(skb);
504}
505
506static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err)
507{
508 struct rfcomm_dev *dev = dlc->owner;
509 if (!dev)
510 return;
511
512 BT_DBG("dlc %p dev %p err %d", dlc, dev, err);
513
514 dev->err = err;
515 wake_up_interruptible(&dev->wait);
516
517 if (dlc->state == BT_CLOSED) {
518 if (!dev->tty) {
519 if (test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags)) {
520 rfcomm_dev_hold(dev);
521 rfcomm_dev_del(dev);
522
523 /* We have to drop DLC lock here, otherwise
524 rfcomm_dev_put() will dead lock if it's
525 the last reference. */
526 rfcomm_dlc_unlock(dlc);
527 rfcomm_dev_put(dev);
528 rfcomm_dlc_lock(dlc);
529 }
530 } else
531 tty_hangup(dev->tty);
532 }
533}
534
535static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig)
536{
537 struct rfcomm_dev *dev = dlc->owner;
538 if (!dev)
539 return;
Timo Teräs7b9eb9e2005-08-09 20:28:21 -0700540
Linus Torvalds1da177e2005-04-16 15:20:36 -0700541 BT_DBG("dlc %p dev %p v24_sig 0x%02x", dlc, dev, v24_sig);
542
Timo Teräs7b9eb9e2005-08-09 20:28:21 -0700543 if ((dev->modem_status & TIOCM_CD) && !(v24_sig & RFCOMM_V24_DV)) {
544 if (dev->tty && !C_CLOCAL(dev->tty))
545 tty_hangup(dev->tty);
546 }
547
Linus Torvalds1da177e2005-04-16 15:20:36 -0700548 dev->modem_status =
549 ((v24_sig & RFCOMM_V24_RTC) ? (TIOCM_DSR | TIOCM_DTR) : 0) |
550 ((v24_sig & RFCOMM_V24_RTR) ? (TIOCM_RTS | TIOCM_CTS) : 0) |
551 ((v24_sig & RFCOMM_V24_IC) ? TIOCM_RI : 0) |
552 ((v24_sig & RFCOMM_V24_DV) ? TIOCM_CD : 0);
553}
554
555/* ---- TTY functions ---- */
556static void rfcomm_tty_wakeup(unsigned long arg)
557{
558 struct rfcomm_dev *dev = (void *) arg;
559 struct tty_struct *tty = dev->tty;
560 if (!tty)
561 return;
562
563 BT_DBG("dev %p tty %p", dev, tty);
564
565 if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags) && tty->ldisc.write_wakeup)
566 (tty->ldisc.write_wakeup)(tty);
567
568 wake_up_interruptible(&tty->write_wait);
569#ifdef SERIAL_HAVE_POLL_WAIT
570 wake_up_interruptible(&tty->poll_wait);
571#endif
572}
573
574static int rfcomm_tty_open(struct tty_struct *tty, struct file *filp)
575{
576 DECLARE_WAITQUEUE(wait, current);
577 struct rfcomm_dev *dev;
578 struct rfcomm_dlc *dlc;
579 int err, id;
580
581 id = tty->index;
582
583 BT_DBG("tty %p id %d", tty, id);
584
585 /* We don't leak this refcount. For reasons which are not entirely
586 clear, the TTY layer will call our ->close() method even if the
587 open fails. We decrease the refcount there, and decreasing it
588 here too would cause breakage. */
589 dev = rfcomm_dev_get(id);
590 if (!dev)
591 return -ENODEV;
592
593 BT_DBG("dev %p dst %s channel %d opened %d", dev, batostr(&dev->dst), dev->channel, dev->opened);
594
595 if (dev->opened++ != 0)
596 return 0;
597
598 dlc = dev->dlc;
599
600 /* Attach TTY and open DLC */
601
602 rfcomm_dlc_lock(dlc);
603 tty->driver_data = dev;
604 dev->tty = tty;
605 rfcomm_dlc_unlock(dlc);
606 set_bit(RFCOMM_TTY_ATTACHED, &dev->flags);
607
608 err = rfcomm_dlc_open(dlc, &dev->src, &dev->dst, dev->channel);
609 if (err < 0)
610 return err;
611
612 /* Wait for DLC to connect */
613 add_wait_queue(&dev->wait, &wait);
614 while (1) {
615 set_current_state(TASK_INTERRUPTIBLE);
616
617 if (dlc->state == BT_CLOSED) {
618 err = -dev->err;
619 break;
620 }
621
622 if (dlc->state == BT_CONNECTED)
623 break;
624
625 if (signal_pending(current)) {
626 err = -EINTR;
627 break;
628 }
629
630 schedule();
631 }
632 set_current_state(TASK_RUNNING);
633 remove_wait_queue(&dev->wait, &wait);
634
635 return err;
636}
637
638static void rfcomm_tty_close(struct tty_struct *tty, struct file *filp)
639{
640 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
641 if (!dev)
642 return;
643
644 BT_DBG("tty %p dev %p dlc %p opened %d", tty, dev, dev->dlc, dev->opened);
645
646 if (--dev->opened == 0) {
647 /* Close DLC and dettach TTY */
648 rfcomm_dlc_close(dev->dlc, 0);
649
650 clear_bit(RFCOMM_TTY_ATTACHED, &dev->flags);
651 tasklet_kill(&dev->wakeup_task);
652
653 rfcomm_dlc_lock(dev->dlc);
654 tty->driver_data = NULL;
655 dev->tty = NULL;
656 rfcomm_dlc_unlock(dev->dlc);
657 }
658
659 rfcomm_dev_put(dev);
660}
661
662static int rfcomm_tty_write(struct tty_struct *tty, const unsigned char *buf, int count)
663{
664 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
665 struct rfcomm_dlc *dlc = dev->dlc;
666 struct sk_buff *skb;
667 int err = 0, sent = 0, size;
668
669 BT_DBG("tty %p count %d", tty, count);
670
671 while (count) {
672 size = min_t(uint, count, dlc->mtu);
673
674 skb = rfcomm_wmalloc(dev, size + RFCOMM_SKB_RESERVE, GFP_ATOMIC);
675
676 if (!skb)
677 break;
678
679 skb_reserve(skb, RFCOMM_SKB_HEAD_RESERVE);
680
681 memcpy(skb_put(skb, size), buf + sent, size);
682
683 if ((err = rfcomm_dlc_send(dlc, skb)) < 0) {
684 kfree_skb(skb);
685 break;
686 }
687
688 sent += size;
689 count -= size;
690 }
691
692 return sent ? sent : err;
693}
694
695static int rfcomm_tty_write_room(struct tty_struct *tty)
696{
697 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
698 int room;
699
700 BT_DBG("tty %p", tty);
701
702 room = rfcomm_room(dev->dlc) - atomic_read(&dev->wmem_alloc);
703 if (room < 0)
704 room = 0;
705 return room;
706}
707
708static int rfcomm_tty_ioctl(struct tty_struct *tty, struct file *filp, unsigned int cmd, unsigned long arg)
709{
710 BT_DBG("tty %p cmd 0x%02x", tty, cmd);
711
712 switch (cmd) {
713 case TCGETS:
714 BT_DBG("TCGETS is not supported");
715 return -ENOIOCTLCMD;
716
717 case TCSETS:
718 BT_DBG("TCSETS is not supported");
719 return -ENOIOCTLCMD;
720
721 case TIOCMIWAIT:
722 BT_DBG("TIOCMIWAIT");
723 break;
724
725 case TIOCGICOUNT:
726 BT_DBG("TIOCGICOUNT");
727 break;
728
729 case TIOCGSERIAL:
730 BT_ERR("TIOCGSERIAL is not supported");
731 return -ENOIOCTLCMD;
732
733 case TIOCSSERIAL:
734 BT_ERR("TIOCSSERIAL is not supported");
735 return -ENOIOCTLCMD;
736
737 case TIOCSERGSTRUCT:
738 BT_ERR("TIOCSERGSTRUCT is not supported");
739 return -ENOIOCTLCMD;
740
741 case TIOCSERGETLSR:
742 BT_ERR("TIOCSERGETLSR is not supported");
743 return -ENOIOCTLCMD;
744
745 case TIOCSERCONFIG:
746 BT_ERR("TIOCSERCONFIG is not supported");
747 return -ENOIOCTLCMD;
748
749 default:
750 return -ENOIOCTLCMD; /* ioctls which we must ignore */
751
752 }
753
754 return -ENOIOCTLCMD;
755}
756
Linus Torvalds1da177e2005-04-16 15:20:36 -0700757static void rfcomm_tty_set_termios(struct tty_struct *tty, struct termios *old)
758{
J. Suter3a5e9032005-08-09 20:28:46 -0700759 struct termios *new = (struct termios *) tty->termios;
760 int old_baud_rate = tty_termios_baud_rate(old);
761 int new_baud_rate = tty_termios_baud_rate(new);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700762
J. Suter3a5e9032005-08-09 20:28:46 -0700763 u8 baud, data_bits, stop_bits, parity, x_on, x_off;
764 u16 changes = 0;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700765
J. Suter3a5e9032005-08-09 20:28:46 -0700766 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
767
768 BT_DBG("tty %p termios %p", tty, old);
769
770 /* Handle turning off CRTSCTS */
771 if ((old->c_cflag & CRTSCTS) && !(new->c_cflag & CRTSCTS))
772 BT_DBG("Turning off CRTSCTS unsupported");
773
774 /* Parity on/off and when on, odd/even */
775 if (((old->c_cflag & PARENB) != (new->c_cflag & PARENB)) ||
776 ((old->c_cflag & PARODD) != (new->c_cflag & PARODD)) ) {
777 changes |= RFCOMM_RPN_PM_PARITY;
778 BT_DBG("Parity change detected.");
Linus Torvalds1da177e2005-04-16 15:20:36 -0700779 }
J. Suter3a5e9032005-08-09 20:28:46 -0700780
781 /* Mark and space parity are not supported! */
782 if (new->c_cflag & PARENB) {
783 if (new->c_cflag & PARODD) {
784 BT_DBG("Parity is ODD");
785 parity = RFCOMM_RPN_PARITY_ODD;
786 } else {
787 BT_DBG("Parity is EVEN");
788 parity = RFCOMM_RPN_PARITY_EVEN;
789 }
790 } else {
791 BT_DBG("Parity is OFF");
792 parity = RFCOMM_RPN_PARITY_NONE;
793 }
794
795 /* Setting the x_on / x_off characters */
796 if (old->c_cc[VSTOP] != new->c_cc[VSTOP]) {
797 BT_DBG("XOFF custom");
798 x_on = new->c_cc[VSTOP];
799 changes |= RFCOMM_RPN_PM_XON;
800 } else {
801 BT_DBG("XOFF default");
802 x_on = RFCOMM_RPN_XON_CHAR;
803 }
804
805 if (old->c_cc[VSTART] != new->c_cc[VSTART]) {
806 BT_DBG("XON custom");
807 x_off = new->c_cc[VSTART];
808 changes |= RFCOMM_RPN_PM_XOFF;
809 } else {
810 BT_DBG("XON default");
811 x_off = RFCOMM_RPN_XOFF_CHAR;
812 }
813
814 /* Handle setting of stop bits */
815 if ((old->c_cflag & CSTOPB) != (new->c_cflag & CSTOPB))
816 changes |= RFCOMM_RPN_PM_STOP;
817
818 /* POSIX does not support 1.5 stop bits and RFCOMM does not
819 * support 2 stop bits. So a request for 2 stop bits gets
820 * translated to 1.5 stop bits */
821 if (new->c_cflag & CSTOPB) {
822 stop_bits = RFCOMM_RPN_STOP_15;
823 } else {
824 stop_bits = RFCOMM_RPN_STOP_1;
825 }
826
827 /* Handle number of data bits [5-8] */
828 if ((old->c_cflag & CSIZE) != (new->c_cflag & CSIZE))
829 changes |= RFCOMM_RPN_PM_DATA;
830
831 switch (new->c_cflag & CSIZE) {
832 case CS5:
833 data_bits = RFCOMM_RPN_DATA_5;
834 break;
835 case CS6:
836 data_bits = RFCOMM_RPN_DATA_6;
837 break;
838 case CS7:
839 data_bits = RFCOMM_RPN_DATA_7;
840 break;
841 case CS8:
842 data_bits = RFCOMM_RPN_DATA_8;
843 break;
844 default:
845 data_bits = RFCOMM_RPN_DATA_8;
846 break;
847 }
848
849 /* Handle baudrate settings */
850 if (old_baud_rate != new_baud_rate)
851 changes |= RFCOMM_RPN_PM_BITRATE;
852
853 switch (new_baud_rate) {
854 case 2400:
855 baud = RFCOMM_RPN_BR_2400;
856 break;
857 case 4800:
858 baud = RFCOMM_RPN_BR_4800;
859 break;
860 case 7200:
861 baud = RFCOMM_RPN_BR_7200;
862 break;
863 case 9600:
864 baud = RFCOMM_RPN_BR_9600;
865 break;
866 case 19200:
867 baud = RFCOMM_RPN_BR_19200;
868 break;
869 case 38400:
870 baud = RFCOMM_RPN_BR_38400;
871 break;
872 case 57600:
873 baud = RFCOMM_RPN_BR_57600;
874 break;
875 case 115200:
876 baud = RFCOMM_RPN_BR_115200;
877 break;
878 case 230400:
879 baud = RFCOMM_RPN_BR_230400;
880 break;
881 default:
882 /* 9600 is standard accordinag to the RFCOMM specification */
883 baud = RFCOMM_RPN_BR_9600;
884 break;
885
886 }
887
888 if (changes)
889 rfcomm_send_rpn(dev->dlc->session, 1, dev->dlc->dlci, baud,
890 data_bits, stop_bits, parity,
891 RFCOMM_RPN_FLOW_NONE, x_on, x_off, changes);
892
893 return;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700894}
895
896static void rfcomm_tty_throttle(struct tty_struct *tty)
897{
898 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
899
900 BT_DBG("tty %p dev %p", tty, dev);
J. Suter3a5e9032005-08-09 20:28:46 -0700901
Linus Torvalds1da177e2005-04-16 15:20:36 -0700902 rfcomm_dlc_throttle(dev->dlc);
903}
904
905static void rfcomm_tty_unthrottle(struct tty_struct *tty)
906{
907 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
908
909 BT_DBG("tty %p dev %p", tty, dev);
J. Suter3a5e9032005-08-09 20:28:46 -0700910
Linus Torvalds1da177e2005-04-16 15:20:36 -0700911 rfcomm_dlc_unthrottle(dev->dlc);
912}
913
914static int rfcomm_tty_chars_in_buffer(struct tty_struct *tty)
915{
916 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
917 struct rfcomm_dlc *dlc = dev->dlc;
918
919 BT_DBG("tty %p dev %p", tty, dev);
920
David S. Millerb03efcf2005-07-08 14:57:23 -0700921 if (!skb_queue_empty(&dlc->tx_queue))
Linus Torvalds1da177e2005-04-16 15:20:36 -0700922 return dlc->mtu;
923
924 return 0;
925}
926
927static void rfcomm_tty_flush_buffer(struct tty_struct *tty)
928{
929 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
930 if (!dev)
931 return;
932
933 BT_DBG("tty %p dev %p", tty, dev);
934
935 skb_queue_purge(&dev->dlc->tx_queue);
936
937 if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags) && tty->ldisc.write_wakeup)
938 tty->ldisc.write_wakeup(tty);
939}
940
941static void rfcomm_tty_send_xchar(struct tty_struct *tty, char ch)
942{
943 BT_DBG("tty %p ch %c", tty, ch);
944}
945
946static void rfcomm_tty_wait_until_sent(struct tty_struct *tty, int timeout)
947{
948 BT_DBG("tty %p timeout %d", tty, timeout);
949}
950
951static void rfcomm_tty_hangup(struct tty_struct *tty)
952{
953 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
954 if (!dev)
955 return;
956
957 BT_DBG("tty %p dev %p", tty, dev);
958
959 rfcomm_tty_flush_buffer(tty);
960
961 if (test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags))
962 rfcomm_dev_del(dev);
963}
964
965static int rfcomm_tty_read_proc(char *buf, char **start, off_t offset, int len, int *eof, void *unused)
966{
967 return 0;
968}
969
970static int rfcomm_tty_tiocmget(struct tty_struct *tty, struct file *filp)
971{
972 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
973
974 BT_DBG("tty %p dev %p", tty, dev);
975
976 return dev->modem_status;
977}
978
979static int rfcomm_tty_tiocmset(struct tty_struct *tty, struct file *filp, unsigned int set, unsigned int clear)
980{
J. Suter3a5e9032005-08-09 20:28:46 -0700981 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
982 struct rfcomm_dlc *dlc = dev->dlc;
983 u8 v24_sig;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700984
985 BT_DBG("tty %p dev %p set 0x%02x clear 0x%02x", tty, dev, set, clear);
986
J. Suter3a5e9032005-08-09 20:28:46 -0700987 rfcomm_dlc_get_modem_status(dlc, &v24_sig);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700988
J. Suter3a5e9032005-08-09 20:28:46 -0700989 if (set & TIOCM_DSR || set & TIOCM_DTR)
990 v24_sig |= RFCOMM_V24_RTC;
991 if (set & TIOCM_RTS || set & TIOCM_CTS)
992 v24_sig |= RFCOMM_V24_RTR;
993 if (set & TIOCM_RI)
994 v24_sig |= RFCOMM_V24_IC;
995 if (set & TIOCM_CD)
996 v24_sig |= RFCOMM_V24_DV;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700997
J. Suter3a5e9032005-08-09 20:28:46 -0700998 if (clear & TIOCM_DSR || clear & TIOCM_DTR)
999 v24_sig &= ~RFCOMM_V24_RTC;
1000 if (clear & TIOCM_RTS || clear & TIOCM_CTS)
1001 v24_sig &= ~RFCOMM_V24_RTR;
1002 if (clear & TIOCM_RI)
1003 v24_sig &= ~RFCOMM_V24_IC;
1004 if (clear & TIOCM_CD)
1005 v24_sig &= ~RFCOMM_V24_DV;
Linus Torvalds1da177e2005-04-16 15:20:36 -07001006
J. Suter3a5e9032005-08-09 20:28:46 -07001007 rfcomm_dlc_set_modem_status(dlc, v24_sig);
Linus Torvalds1da177e2005-04-16 15:20:36 -07001008
J. Suter3a5e9032005-08-09 20:28:46 -07001009 return 0;
Linus Torvalds1da177e2005-04-16 15:20:36 -07001010}
1011
1012/* ---- TTY structure ---- */
1013
Jeff Dikeb68e31d2006-10-02 02:17:18 -07001014static const struct tty_operations rfcomm_ops = {
Linus Torvalds1da177e2005-04-16 15:20:36 -07001015 .open = rfcomm_tty_open,
1016 .close = rfcomm_tty_close,
1017 .write = rfcomm_tty_write,
1018 .write_room = rfcomm_tty_write_room,
1019 .chars_in_buffer = rfcomm_tty_chars_in_buffer,
1020 .flush_buffer = rfcomm_tty_flush_buffer,
1021 .ioctl = rfcomm_tty_ioctl,
1022 .throttle = rfcomm_tty_throttle,
1023 .unthrottle = rfcomm_tty_unthrottle,
1024 .set_termios = rfcomm_tty_set_termios,
1025 .send_xchar = rfcomm_tty_send_xchar,
1026 .hangup = rfcomm_tty_hangup,
1027 .wait_until_sent = rfcomm_tty_wait_until_sent,
1028 .read_proc = rfcomm_tty_read_proc,
1029 .tiocmget = rfcomm_tty_tiocmget,
1030 .tiocmset = rfcomm_tty_tiocmset,
1031};
1032
1033int rfcomm_init_ttys(void)
1034{
1035 rfcomm_tty_driver = alloc_tty_driver(RFCOMM_TTY_PORTS);
1036 if (!rfcomm_tty_driver)
1037 return -1;
1038
1039 rfcomm_tty_driver->owner = THIS_MODULE;
1040 rfcomm_tty_driver->driver_name = "rfcomm";
Linus Torvalds1da177e2005-04-16 15:20:36 -07001041 rfcomm_tty_driver->name = "rfcomm";
1042 rfcomm_tty_driver->major = RFCOMM_TTY_MAJOR;
1043 rfcomm_tty_driver->minor_start = RFCOMM_TTY_MINOR;
1044 rfcomm_tty_driver->type = TTY_DRIVER_TYPE_SERIAL;
1045 rfcomm_tty_driver->subtype = SERIAL_TYPE_NORMAL;
Greg Kroah-Hartman331b8312005-06-20 21:15:16 -07001046 rfcomm_tty_driver->flags = TTY_DRIVER_REAL_RAW | TTY_DRIVER_DYNAMIC_DEV;
Linus Torvalds1da177e2005-04-16 15:20:36 -07001047 rfcomm_tty_driver->init_termios = tty_std_termios;
1048 rfcomm_tty_driver->init_termios.c_cflag = B9600 | CS8 | CREAD | HUPCL | CLOCAL;
1049 tty_set_operations(rfcomm_tty_driver, &rfcomm_ops);
1050
1051 if (tty_register_driver(rfcomm_tty_driver)) {
1052 BT_ERR("Can't register RFCOMM TTY driver");
1053 put_tty_driver(rfcomm_tty_driver);
1054 return -1;
1055 }
1056
1057 BT_INFO("RFCOMM TTY layer initialized");
1058
1059 return 0;
1060}
1061
1062void rfcomm_cleanup_ttys(void)
1063{
1064 tty_unregister_driver(rfcomm_tty_driver);
1065 put_tty_driver(rfcomm_tty_driver);
1066}