1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28#include <linux/module.h>
29
30#include <linux/tty.h>
31#include <linux/tty_driver.h>
32#include <linux/tty_flip.h>
33
34#include <net/bluetooth/bluetooth.h>
35#include <net/bluetooth/hci_core.h>
36#include <net/bluetooth/rfcomm.h>
37
38#define RFCOMM_TTY_MAGIC 0x6d02
39#define RFCOMM_TTY_PORTS RFCOMM_MAX_DEV
40#define RFCOMM_TTY_MAJOR 216
41#define RFCOMM_TTY_MINOR 0
42
43static DEFINE_MUTEX(rfcomm_ioctl_mutex);
44static struct tty_driver *rfcomm_tty_driver;
45
46struct rfcomm_dev {
47 struct tty_port port;
48 struct list_head list;
49
50 char name[12];
51 int id;
52 unsigned long flags;
53 int err;
54
55 unsigned long status;
56
57 bdaddr_t src;
58 bdaddr_t dst;
59 u8 channel;
60
61 uint modem_status;
62
63 struct rfcomm_dlc *dlc;
64
65 struct device *tty_dev;
66
67 atomic_t wmem_alloc;
68
69 struct sk_buff_head pending;
70};
71
72static LIST_HEAD(rfcomm_dev_list);
73static DEFINE_MUTEX(rfcomm_dev_lock);
74
75static void rfcomm_dev_data_ready(struct rfcomm_dlc *dlc, struct sk_buff *skb);
76static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err);
77static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig);
78
79
80
81static void rfcomm_dev_destruct(struct tty_port *port)
82{
83 struct rfcomm_dev *dev = container_of(port, struct rfcomm_dev, port);
84 struct rfcomm_dlc *dlc = dev->dlc;
85
86 BT_DBG("dev %p dlc %p", dev, dlc);
87
88 rfcomm_dlc_lock(dlc);
89
90 if (dlc->owner == dev)
91 dlc->owner = NULL;
92 rfcomm_dlc_unlock(dlc);
93
94 rfcomm_dlc_put(dlc);
95
96 if (dev->tty_dev)
97 tty_unregister_device(rfcomm_tty_driver, dev->id);
98
99 mutex_lock(&rfcomm_dev_lock);
100 list_del(&dev->list);
101 mutex_unlock(&rfcomm_dev_lock);
102
103 kfree(dev);
104
105
106
107 module_put(THIS_MODULE);
108}
109
110
111static int rfcomm_dev_activate(struct tty_port *port, struct tty_struct *tty)
112{
113 struct rfcomm_dev *dev = container_of(port, struct rfcomm_dev, port);
114 int err;
115
116 err = rfcomm_dlc_open(dev->dlc, &dev->src, &dev->dst, dev->channel);
117 if (err)
118 set_bit(TTY_IO_ERROR, &tty->flags);
119 return err;
120}
121
122
123static int rfcomm_dev_carrier_raised(struct tty_port *port)
124{
125 struct rfcomm_dev *dev = container_of(port, struct rfcomm_dev, port);
126
127 return (dev->dlc->state == BT_CONNECTED);
128}
129
130
131static void rfcomm_dev_shutdown(struct tty_port *port)
132{
133 struct rfcomm_dev *dev = container_of(port, struct rfcomm_dev, port);
134
135 if (dev->tty_dev->parent)
136 device_move(dev->tty_dev, NULL, DPM_ORDER_DEV_LAST);
137
138
139 rfcomm_dlc_close(dev->dlc, 0);
140}
141
142static const struct tty_port_operations rfcomm_port_ops = {
143 .destruct = rfcomm_dev_destruct,
144 .activate = rfcomm_dev_activate,
145 .shutdown = rfcomm_dev_shutdown,
146 .carrier_raised = rfcomm_dev_carrier_raised,
147};
148
149static struct rfcomm_dev *__rfcomm_dev_lookup(int id)
150{
151 struct rfcomm_dev *dev;
152
153 list_for_each_entry(dev, &rfcomm_dev_list, list)
154 if (dev->id == id)
155 return dev;
156
157 return NULL;
158}
159
160static struct rfcomm_dev *rfcomm_dev_get(int id)
161{
162 struct rfcomm_dev *dev;
163
164 mutex_lock(&rfcomm_dev_lock);
165
166 dev = __rfcomm_dev_lookup(id);
167
168 if (dev && !tty_port_get(&dev->port))
169 dev = NULL;
170
171 mutex_unlock(&rfcomm_dev_lock);
172
173 return dev;
174}
175
176static void rfcomm_reparent_device(struct rfcomm_dev *dev)
177{
178 struct hci_dev *hdev;
179 struct hci_conn *conn;
180
181 hdev = hci_get_route(&dev->dst, &dev->src);
182 if (!hdev)
183 return;
184
185
186
187
188 hci_dev_lock(hdev);
189 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &dev->dst);
190
191
192
193
194 if (conn && device_is_registered(&conn->dev))
195 device_move(dev->tty_dev, &conn->dev, DPM_ORDER_DEV_AFTER_PARENT);
196
197 hci_dev_unlock(hdev);
198 hci_dev_put(hdev);
199}
200
201static ssize_t show_address(struct device *tty_dev, struct device_attribute *attr, char *buf)
202{
203 struct rfcomm_dev *dev = dev_get_drvdata(tty_dev);
204 return sprintf(buf, "%pMR\n", &dev->dst);
205}
206
207static ssize_t show_channel(struct device *tty_dev, struct device_attribute *attr, char *buf)
208{
209 struct rfcomm_dev *dev = dev_get_drvdata(tty_dev);
210 return sprintf(buf, "%d\n", dev->channel);
211}
212
213static DEVICE_ATTR(address, S_IRUGO, show_address, NULL);
214static DEVICE_ATTR(channel, S_IRUGO, show_channel, NULL);
215
216static struct rfcomm_dev *__rfcomm_dev_add(struct rfcomm_dev_req *req,
217 struct rfcomm_dlc *dlc)
218{
219 struct rfcomm_dev *dev, *entry;
220 struct list_head *head = &rfcomm_dev_list;
221 int err = 0;
222
223 dev = kzalloc(sizeof(struct rfcomm_dev), GFP_KERNEL);
224 if (!dev)
225 return ERR_PTR(-ENOMEM);
226
227 mutex_lock(&rfcomm_dev_lock);
228
229 if (req->dev_id < 0) {
230 dev->id = 0;
231
232 list_for_each_entry(entry, &rfcomm_dev_list, list) {
233 if (entry->id != dev->id)
234 break;
235
236 dev->id++;
237 head = &entry->list;
238 }
239 } else {
240 dev->id = req->dev_id;
241
242 list_for_each_entry(entry, &rfcomm_dev_list, list) {
243 if (entry->id == dev->id) {
244 err = -EADDRINUSE;
245 goto out;
246 }
247
248 if (entry->id > dev->id - 1)
249 break;
250
251 head = &entry->list;
252 }
253 }
254
255 if ((dev->id < 0) || (dev->id > RFCOMM_MAX_DEV - 1)) {
256 err = -ENFILE;
257 goto out;
258 }
259
260 sprintf(dev->name, "rfcomm%d", dev->id);
261
262 list_add(&dev->list, head);
263
264 bacpy(&dev->src, &req->src);
265 bacpy(&dev->dst, &req->dst);
266 dev->channel = req->channel;
267
268 dev->flags = req->flags &
269 ((1 << RFCOMM_RELEASE_ONHUP) | (1 << RFCOMM_REUSE_DLC));
270
271 tty_port_init(&dev->port);
272 dev->port.ops = &rfcomm_port_ops;
273
274 skb_queue_head_init(&dev->pending);
275
276 rfcomm_dlc_lock(dlc);
277
278 if (req->flags & (1 << RFCOMM_REUSE_DLC)) {
279 struct sock *sk = dlc->owner;
280 struct sk_buff *skb;
281
282 BUG_ON(!sk);
283
284 rfcomm_dlc_throttle(dlc);
285
286 while ((skb = skb_dequeue(&sk->sk_receive_queue))) {
287 skb_orphan(skb);
288 skb_queue_tail(&dev->pending, skb);
289 atomic_sub(skb->len, &sk->sk_rmem_alloc);
290 }
291 }
292
293 dlc->data_ready = rfcomm_dev_data_ready;
294 dlc->state_change = rfcomm_dev_state_change;
295 dlc->modem_status = rfcomm_dev_modem_status;
296
297 dlc->owner = dev;
298 dev->dlc = dlc;
299
300 rfcomm_dev_modem_status(dlc, dlc->remote_v24_sig);
301
302 rfcomm_dlc_unlock(dlc);
303
304
305
306 __module_get(THIS_MODULE);
307
308 mutex_unlock(&rfcomm_dev_lock);
309 return dev;
310
311out:
312 mutex_unlock(&rfcomm_dev_lock);
313 kfree(dev);
314 return ERR_PTR(err);
315}
316
317static int rfcomm_dev_add(struct rfcomm_dev_req *req, struct rfcomm_dlc *dlc)
318{
319 struct rfcomm_dev *dev;
320 struct device *tty;
321
322 BT_DBG("id %d channel %d", req->dev_id, req->channel);
323
324 dev = __rfcomm_dev_add(req, dlc);
325 if (IS_ERR(dev)) {
326 rfcomm_dlc_put(dlc);
327 return PTR_ERR(dev);
328 }
329
330 tty = tty_port_register_device(&dev->port, rfcomm_tty_driver,
331 dev->id, NULL);
332 if (IS_ERR(tty)) {
333 tty_port_put(&dev->port);
334 return PTR_ERR(tty);
335 }
336
337 dev->tty_dev = tty;
338 rfcomm_reparent_device(dev);
339 dev_set_drvdata(dev->tty_dev, dev);
340
341 if (device_create_file(dev->tty_dev, &dev_attr_address) < 0)
342 BT_ERR("Failed to create address attribute");
343
344 if (device_create_file(dev->tty_dev, &dev_attr_channel) < 0)
345 BT_ERR("Failed to create channel attribute");
346
347 return dev->id;
348}
349
350
351static inline unsigned int rfcomm_room(struct rfcomm_dev *dev)
352{
353 struct rfcomm_dlc *dlc = dev->dlc;
354
355
356 int pending = 40 - atomic_read(&dev->wmem_alloc);
357
358 return max(0, pending) * dlc->mtu;
359}
360
361static void rfcomm_wfree(struct sk_buff *skb)
362{
363 struct rfcomm_dev *dev = (void *) skb->sk;
364 atomic_dec(&dev->wmem_alloc);
365 if (test_bit(RFCOMM_TTY_ATTACHED, &dev->flags))
366 tty_port_tty_wakeup(&dev->port);
367 tty_port_put(&dev->port);
368}
369
370static void rfcomm_set_owner_w(struct sk_buff *skb, struct rfcomm_dev *dev)
371{
372 tty_port_get(&dev->port);
373 atomic_inc(&dev->wmem_alloc);
374 skb->sk = (void *) dev;
375 skb->destructor = rfcomm_wfree;
376}
377
378static struct sk_buff *rfcomm_wmalloc(struct rfcomm_dev *dev, unsigned long size, gfp_t priority)
379{
380 struct sk_buff *skb = alloc_skb(size, priority);
381 if (skb)
382 rfcomm_set_owner_w(skb, dev);
383 return skb;
384}
385
386
387
388#define NOCAP_FLAGS ((1 << RFCOMM_REUSE_DLC) | (1 << RFCOMM_RELEASE_ONHUP))
389
390static int __rfcomm_create_dev(struct sock *sk, void __user *arg)
391{
392 struct rfcomm_dev_req req;
393 struct rfcomm_dlc *dlc;
394 int id;
395
396 if (copy_from_user(&req, arg, sizeof(req)))
397 return -EFAULT;
398
399 BT_DBG("sk %p dev_id %d flags 0x%x", sk, req.dev_id, req.flags);
400
401 if (req.flags != NOCAP_FLAGS && !capable(CAP_NET_ADMIN))
402 return -EPERM;
403
404 if (req.flags & (1 << RFCOMM_REUSE_DLC)) {
405
406 if (sk->sk_state != BT_CONNECTED)
407 return -EBADFD;
408
409 dlc = rfcomm_pi(sk)->dlc;
410 rfcomm_dlc_hold(dlc);
411 } else {
412
413 dlc = rfcomm_dlc_exists(&req.src, &req.dst, req.channel);
414 if (IS_ERR(dlc))
415 return PTR_ERR(dlc);
416 else if (dlc) {
417 rfcomm_dlc_put(dlc);
418 return -EBUSY;
419 }
420 dlc = rfcomm_dlc_alloc(GFP_KERNEL);
421 if (!dlc)
422 return -ENOMEM;
423 }
424
425 id = rfcomm_dev_add(&req, dlc);
426 if (id < 0)
427 return id;
428
429 if (req.flags & (1 << RFCOMM_REUSE_DLC)) {
430
431
432 sk->sk_state = BT_CLOSED;
433 }
434
435 return id;
436}
437
438static int __rfcomm_release_dev(void __user *arg)
439{
440 struct rfcomm_dev_req req;
441 struct rfcomm_dev *dev;
442 struct tty_struct *tty;
443
444 if (copy_from_user(&req, arg, sizeof(req)))
445 return -EFAULT;
446
447 BT_DBG("dev_id %d flags 0x%x", req.dev_id, req.flags);
448
449 dev = rfcomm_dev_get(req.dev_id);
450 if (!dev)
451 return -ENODEV;
452
453 if (dev->flags != NOCAP_FLAGS && !capable(CAP_NET_ADMIN)) {
454 tty_port_put(&dev->port);
455 return -EPERM;
456 }
457
458
459 if (test_and_set_bit(RFCOMM_DEV_RELEASED, &dev->status)) {
460 tty_port_put(&dev->port);
461 return -EALREADY;
462 }
463
464 if (req.flags & (1 << RFCOMM_HANGUP_NOW))
465 rfcomm_dlc_close(dev->dlc, 0);
466
467
468 tty = tty_port_tty_get(&dev->port);
469 if (tty) {
470 tty_vhangup(tty);
471 tty_kref_put(tty);
472 }
473
474 if (!test_bit(RFCOMM_TTY_OWNED, &dev->status))
475 tty_port_put(&dev->port);
476
477 tty_port_put(&dev->port);
478 return 0;
479}
480
481static int rfcomm_create_dev(struct sock *sk, void __user *arg)
482{
483 int ret;
484
485 mutex_lock(&rfcomm_ioctl_mutex);
486 ret = __rfcomm_create_dev(sk, arg);
487 mutex_unlock(&rfcomm_ioctl_mutex);
488
489 return ret;
490}
491
492static int rfcomm_release_dev(void __user *arg)
493{
494 int ret;
495
496 mutex_lock(&rfcomm_ioctl_mutex);
497 ret = __rfcomm_release_dev(arg);
498 mutex_unlock(&rfcomm_ioctl_mutex);
499
500 return ret;
501}
502
503static int rfcomm_get_dev_list(void __user *arg)
504{
505 struct rfcomm_dev *dev;
506 struct rfcomm_dev_list_req *dl;
507 struct rfcomm_dev_info *di;
508 int n = 0, size, err;
509 u16 dev_num;
510
511 BT_DBG("");
512
513 if (get_user(dev_num, (u16 __user *) arg))
514 return -EFAULT;
515
516 if (!dev_num || dev_num > (PAGE_SIZE * 4) / sizeof(*di))
517 return -EINVAL;
518
519 size = sizeof(*dl) + dev_num * sizeof(*di);
520
521 dl = kzalloc(size, GFP_KERNEL);
522 if (!dl)
523 return -ENOMEM;
524
525 di = dl->dev_info;
526
527 mutex_lock(&rfcomm_dev_lock);
528
529 list_for_each_entry(dev, &rfcomm_dev_list, list) {
530 if (!tty_port_get(&dev->port))
531 continue;
532 (di + n)->id = dev->id;
533 (di + n)->flags = dev->flags;
534 (di + n)->state = dev->dlc->state;
535 (di + n)->channel = dev->channel;
536 bacpy(&(di + n)->src, &dev->src);
537 bacpy(&(di + n)->dst, &dev->dst);
538 tty_port_put(&dev->port);
539 if (++n >= dev_num)
540 break;
541 }
542
543 mutex_unlock(&rfcomm_dev_lock);
544
545 dl->dev_num = n;
546 size = sizeof(*dl) + n * sizeof(*di);
547
548 err = copy_to_user(arg, dl, size);
549 kfree(dl);
550
551 return err ? -EFAULT : 0;
552}
553
554static int rfcomm_get_dev_info(void __user *arg)
555{
556 struct rfcomm_dev *dev;
557 struct rfcomm_dev_info di;
558 int err = 0;
559
560 BT_DBG("");
561
562 if (copy_from_user(&di, arg, sizeof(di)))
563 return -EFAULT;
564
565 dev = rfcomm_dev_get(di.id);
566 if (!dev)
567 return -ENODEV;
568
569 di.flags = dev->flags;
570 di.channel = dev->channel;
571 di.state = dev->dlc->state;
572 bacpy(&di.src, &dev->src);
573 bacpy(&di.dst, &dev->dst);
574
575 if (copy_to_user(arg, &di, sizeof(di)))
576 err = -EFAULT;
577
578 tty_port_put(&dev->port);
579 return err;
580}
581
582int rfcomm_dev_ioctl(struct sock *sk, unsigned int cmd, void __user *arg)
583{
584 BT_DBG("cmd %d arg %p", cmd, arg);
585
586 switch (cmd) {
587 case RFCOMMCREATEDEV:
588 return rfcomm_create_dev(sk, arg);
589
590 case RFCOMMRELEASEDEV:
591 return rfcomm_release_dev(arg);
592
593 case RFCOMMGETDEVLIST:
594 return rfcomm_get_dev_list(arg);
595
596 case RFCOMMGETDEVINFO:
597 return rfcomm_get_dev_info(arg);
598 }
599
600 return -EINVAL;
601}
602
603
604static void rfcomm_dev_data_ready(struct rfcomm_dlc *dlc, struct sk_buff *skb)
605{
606 struct rfcomm_dev *dev = dlc->owner;
607
608 if (!dev) {
609 kfree_skb(skb);
610 return;
611 }
612
613 if (!skb_queue_empty(&dev->pending)) {
614 skb_queue_tail(&dev->pending, skb);
615 return;
616 }
617
618 BT_DBG("dlc %p len %d", dlc, skb->len);
619
620 tty_insert_flip_string(&dev->port, skb->data, skb->len);
621 tty_flip_buffer_push(&dev->port);
622
623 kfree_skb(skb);
624}
625
626static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err)
627{
628 struct rfcomm_dev *dev = dlc->owner;
629 if (!dev)
630 return;
631
632 BT_DBG("dlc %p dev %p err %d", dlc, dev, err);
633
634 dev->err = err;
635 if (dlc->state == BT_CONNECTED) {
636 rfcomm_reparent_device(dev);
637
638 wake_up_interruptible(&dev->port.open_wait);
639 } else if (dlc->state == BT_CLOSED)
640 tty_port_tty_hangup(&dev->port, false);
641}
642
643static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig)
644{
645 struct rfcomm_dev *dev = dlc->owner;
646 if (!dev)
647 return;
648
649 BT_DBG("dlc %p dev %p v24_sig 0x%02x", dlc, dev, v24_sig);
650
651 if ((dev->modem_status & TIOCM_CD) && !(v24_sig & RFCOMM_V24_DV))
652 tty_port_tty_hangup(&dev->port, true);
653
654 dev->modem_status =
655 ((v24_sig & RFCOMM_V24_RTC) ? (TIOCM_DSR | TIOCM_DTR) : 0) |
656 ((v24_sig & RFCOMM_V24_RTR) ? (TIOCM_RTS | TIOCM_CTS) : 0) |
657 ((v24_sig & RFCOMM_V24_IC) ? TIOCM_RI : 0) |
658 ((v24_sig & RFCOMM_V24_DV) ? TIOCM_CD : 0);
659}
660
661
662static void rfcomm_tty_copy_pending(struct rfcomm_dev *dev)
663{
664 struct sk_buff *skb;
665 int inserted = 0;
666
667 BT_DBG("dev %p", dev);
668
669 rfcomm_dlc_lock(dev->dlc);
670
671 while ((skb = skb_dequeue(&dev->pending))) {
672 inserted += tty_insert_flip_string(&dev->port, skb->data,
673 skb->len);
674 kfree_skb(skb);
675 }
676
677 rfcomm_dlc_unlock(dev->dlc);
678
679 if (inserted > 0)
680 tty_flip_buffer_push(&dev->port);
681}
682
683
684
685
686static void rfcomm_tty_cleanup(struct tty_struct *tty)
687{
688 struct rfcomm_dev *dev = tty->driver_data;
689
690 clear_bit(RFCOMM_TTY_ATTACHED, &dev->flags);
691
692 rfcomm_dlc_lock(dev->dlc);
693 tty->driver_data = NULL;
694 rfcomm_dlc_unlock(dev->dlc);
695
696
697
698
699
700 skb_queue_purge(&dev->dlc->tx_queue);
701
702 tty_port_put(&dev->port);
703}
704
705
706
707
708
709static int rfcomm_tty_install(struct tty_driver *driver, struct tty_struct *tty)
710{
711 struct rfcomm_dev *dev;
712 struct rfcomm_dlc *dlc;
713 int err;
714
715 dev = rfcomm_dev_get(tty->index);
716 if (!dev)
717 return -ENODEV;
718
719 dlc = dev->dlc;
720
721
722 rfcomm_dlc_lock(dlc);
723 tty->driver_data = dev;
724 rfcomm_dlc_unlock(dlc);
725 set_bit(RFCOMM_TTY_ATTACHED, &dev->flags);
726
727
728 err = tty_port_install(&dev->port, driver, tty);
729 if (err) {
730 rfcomm_tty_cleanup(tty);
731 return err;
732 }
733
734
735
736
737
738
739 if (test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags)) {
740 set_bit(RFCOMM_TTY_OWNED, &dev->status);
741 tty_port_put(&dev->port);
742 }
743
744 return 0;
745}
746
747static int rfcomm_tty_open(struct tty_struct *tty, struct file *filp)
748{
749 struct rfcomm_dev *dev = tty->driver_data;
750 int err;
751
752 BT_DBG("tty %p id %d", tty, tty->index);
753
754 BT_DBG("dev %p dst %pMR channel %d opened %d", dev, &dev->dst,
755 dev->channel, dev->port.count);
756
757 err = tty_port_open(&dev->port, tty, filp);
758 if (err)
759 return err;
760
761
762
763
764
765
766 rfcomm_tty_copy_pending(dev);
767
768 rfcomm_dlc_unthrottle(dev->dlc);
769
770 return 0;
771}
772
773static void rfcomm_tty_close(struct tty_struct *tty, struct file *filp)
774{
775 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
776
777 BT_DBG("tty %p dev %p dlc %p opened %d", tty, dev, dev->dlc,
778 dev->port.count);
779
780 tty_port_close(&dev->port, tty, filp);
781}
782
783static int rfcomm_tty_write(struct tty_struct *tty, const unsigned char *buf, int count)
784{
785 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
786 struct rfcomm_dlc *dlc = dev->dlc;
787 struct sk_buff *skb;
788 int sent = 0, size;
789
790 BT_DBG("tty %p count %d", tty, count);
791
792 while (count) {
793 size = min_t(uint, count, dlc->mtu);
794
795 skb = rfcomm_wmalloc(dev, size + RFCOMM_SKB_RESERVE, GFP_ATOMIC);
796 if (!skb)
797 break;
798
799 skb_reserve(skb, RFCOMM_SKB_HEAD_RESERVE);
800
801 memcpy(skb_put(skb, size), buf + sent, size);
802
803 rfcomm_dlc_send_noerror(dlc, skb);
804
805 sent += size;
806 count -= size;
807 }
808
809 return sent;
810}
811
812static int rfcomm_tty_write_room(struct tty_struct *tty)
813{
814 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
815 int room = 0;
816
817 if (dev && dev->dlc)
818 room = rfcomm_room(dev);
819
820 BT_DBG("tty %p room %d", tty, room);
821
822 return room;
823}
824
825static int rfcomm_tty_ioctl(struct tty_struct *tty, unsigned int cmd, unsigned long arg)
826{
827 BT_DBG("tty %p cmd 0x%02x", tty, cmd);
828
829 switch (cmd) {
830 case TCGETS:
831 BT_DBG("TCGETS is not supported");
832 return -ENOIOCTLCMD;
833
834 case TCSETS:
835 BT_DBG("TCSETS is not supported");
836 return -ENOIOCTLCMD;
837
838 case TIOCMIWAIT:
839 BT_DBG("TIOCMIWAIT");
840 break;
841
842 case TIOCGSERIAL:
843 BT_ERR("TIOCGSERIAL is not supported");
844 return -ENOIOCTLCMD;
845
846 case TIOCSSERIAL:
847 BT_ERR("TIOCSSERIAL is not supported");
848 return -ENOIOCTLCMD;
849
850 case TIOCSERGSTRUCT:
851 BT_ERR("TIOCSERGSTRUCT is not supported");
852 return -ENOIOCTLCMD;
853
854 case TIOCSERGETLSR:
855 BT_ERR("TIOCSERGETLSR is not supported");
856 return -ENOIOCTLCMD;
857
858 case TIOCSERCONFIG:
859 BT_ERR("TIOCSERCONFIG is not supported");
860 return -ENOIOCTLCMD;
861
862 default:
863 return -ENOIOCTLCMD;
864
865 }
866
867 return -ENOIOCTLCMD;
868}
869
870static void rfcomm_tty_set_termios(struct tty_struct *tty, struct ktermios *old)
871{
872 struct ktermios *new = &tty->termios;
873 int old_baud_rate = tty_termios_baud_rate(old);
874 int new_baud_rate = tty_termios_baud_rate(new);
875
876 u8 baud, data_bits, stop_bits, parity, x_on, x_off;
877 u16 changes = 0;
878
879 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
880
881 BT_DBG("tty %p termios %p", tty, old);
882
883 if (!dev || !dev->dlc || !dev->dlc->session)
884 return;
885
886
887 if ((old->c_cflag & CRTSCTS) && !(new->c_cflag & CRTSCTS))
888 BT_DBG("Turning off CRTSCTS unsupported");
889
890
891 if (((old->c_cflag & PARENB) != (new->c_cflag & PARENB)) ||
892 ((old->c_cflag & PARODD) != (new->c_cflag & PARODD))) {
893 changes |= RFCOMM_RPN_PM_PARITY;
894 BT_DBG("Parity change detected.");
895 }
896
897
898 if (new->c_cflag & PARENB) {
899 if (new->c_cflag & PARODD) {
900 BT_DBG("Parity is ODD");
901 parity = RFCOMM_RPN_PARITY_ODD;
902 } else {
903 BT_DBG("Parity is EVEN");
904 parity = RFCOMM_RPN_PARITY_EVEN;
905 }
906 } else {
907 BT_DBG("Parity is OFF");
908 parity = RFCOMM_RPN_PARITY_NONE;
909 }
910
911
912 if (old->c_cc[VSTOP] != new->c_cc[VSTOP]) {
913 BT_DBG("XOFF custom");
914 x_on = new->c_cc[VSTOP];
915 changes |= RFCOMM_RPN_PM_XON;
916 } else {
917 BT_DBG("XOFF default");
918 x_on = RFCOMM_RPN_XON_CHAR;
919 }
920
921 if (old->c_cc[VSTART] != new->c_cc[VSTART]) {
922 BT_DBG("XON custom");
923 x_off = new->c_cc[VSTART];
924 changes |= RFCOMM_RPN_PM_XOFF;
925 } else {
926 BT_DBG("XON default");
927 x_off = RFCOMM_RPN_XOFF_CHAR;
928 }
929
930
931 if ((old->c_cflag & CSTOPB) != (new->c_cflag & CSTOPB))
932 changes |= RFCOMM_RPN_PM_STOP;
933
934
935
936
937 if (new->c_cflag & CSTOPB)
938 stop_bits = RFCOMM_RPN_STOP_15;
939 else
940 stop_bits = RFCOMM_RPN_STOP_1;
941
942
943 if ((old->c_cflag & CSIZE) != (new->c_cflag & CSIZE))
944 changes |= RFCOMM_RPN_PM_DATA;
945
946 switch (new->c_cflag & CSIZE) {
947 case CS5:
948 data_bits = RFCOMM_RPN_DATA_5;
949 break;
950 case CS6:
951 data_bits = RFCOMM_RPN_DATA_6;
952 break;
953 case CS7:
954 data_bits = RFCOMM_RPN_DATA_7;
955 break;
956 case CS8:
957 data_bits = RFCOMM_RPN_DATA_8;
958 break;
959 default:
960 data_bits = RFCOMM_RPN_DATA_8;
961 break;
962 }
963
964
965 if (old_baud_rate != new_baud_rate)
966 changes |= RFCOMM_RPN_PM_BITRATE;
967
968 switch (new_baud_rate) {
969 case 2400:
970 baud = RFCOMM_RPN_BR_2400;
971 break;
972 case 4800:
973 baud = RFCOMM_RPN_BR_4800;
974 break;
975 case 7200:
976 baud = RFCOMM_RPN_BR_7200;
977 break;
978 case 9600:
979 baud = RFCOMM_RPN_BR_9600;
980 break;
981 case 19200:
982 baud = RFCOMM_RPN_BR_19200;
983 break;
984 case 38400:
985 baud = RFCOMM_RPN_BR_38400;
986 break;
987 case 57600:
988 baud = RFCOMM_RPN_BR_57600;
989 break;
990 case 115200:
991 baud = RFCOMM_RPN_BR_115200;
992 break;
993 case 230400:
994 baud = RFCOMM_RPN_BR_230400;
995 break;
996 default:
997
998 baud = RFCOMM_RPN_BR_9600;
999 break;
1000
1001 }
1002
1003 if (changes)
1004 rfcomm_send_rpn(dev->dlc->session, 1, dev->dlc->dlci, baud,
1005 data_bits, stop_bits, parity,
1006 RFCOMM_RPN_FLOW_NONE, x_on, x_off, changes);
1007}
1008
1009static void rfcomm_tty_throttle(struct tty_struct *tty)
1010{
1011 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1012
1013 BT_DBG("tty %p dev %p", tty, dev);
1014
1015 rfcomm_dlc_throttle(dev->dlc);
1016}
1017
1018static void rfcomm_tty_unthrottle(struct tty_struct *tty)
1019{
1020 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1021
1022 BT_DBG("tty %p dev %p", tty, dev);
1023
1024 rfcomm_dlc_unthrottle(dev->dlc);
1025}
1026
1027static int rfcomm_tty_chars_in_buffer(struct tty_struct *tty)
1028{
1029 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1030
1031 BT_DBG("tty %p dev %p", tty, dev);
1032
1033 if (!dev || !dev->dlc)
1034 return 0;
1035
1036 if (!skb_queue_empty(&dev->dlc->tx_queue))
1037 return dev->dlc->mtu;
1038
1039 return 0;
1040}
1041
1042static void rfcomm_tty_flush_buffer(struct tty_struct *tty)
1043{
1044 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1045
1046 BT_DBG("tty %p dev %p", tty, dev);
1047
1048 if (!dev || !dev->dlc)
1049 return;
1050
1051 skb_queue_purge(&dev->dlc->tx_queue);
1052 tty_wakeup(tty);
1053}
1054
1055static void rfcomm_tty_send_xchar(struct tty_struct *tty, char ch)
1056{
1057 BT_DBG("tty %p ch %c", tty, ch);
1058}
1059
1060static void rfcomm_tty_wait_until_sent(struct tty_struct *tty, int timeout)
1061{
1062 BT_DBG("tty %p timeout %d", tty, timeout);
1063}
1064
1065static void rfcomm_tty_hangup(struct tty_struct *tty)
1066{
1067 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1068
1069 BT_DBG("tty %p dev %p", tty, dev);
1070
1071 tty_port_hangup(&dev->port);
1072}
1073
1074static int rfcomm_tty_tiocmget(struct tty_struct *tty)
1075{
1076 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1077
1078 BT_DBG("tty %p dev %p", tty, dev);
1079
1080 return dev->modem_status;
1081}
1082
1083static int rfcomm_tty_tiocmset(struct tty_struct *tty, unsigned int set, unsigned int clear)
1084{
1085 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1086 struct rfcomm_dlc *dlc = dev->dlc;
1087 u8 v24_sig;
1088
1089 BT_DBG("tty %p dev %p set 0x%02x clear 0x%02x", tty, dev, set, clear);
1090
1091 rfcomm_dlc_get_modem_status(dlc, &v24_sig);
1092
1093 if (set & TIOCM_DSR || set & TIOCM_DTR)
1094 v24_sig |= RFCOMM_V24_RTC;
1095 if (set & TIOCM_RTS || set & TIOCM_CTS)
1096 v24_sig |= RFCOMM_V24_RTR;
1097 if (set & TIOCM_RI)
1098 v24_sig |= RFCOMM_V24_IC;
1099 if (set & TIOCM_CD)
1100 v24_sig |= RFCOMM_V24_DV;
1101
1102 if (clear & TIOCM_DSR || clear & TIOCM_DTR)
1103 v24_sig &= ~RFCOMM_V24_RTC;
1104 if (clear & TIOCM_RTS || clear & TIOCM_CTS)
1105 v24_sig &= ~RFCOMM_V24_RTR;
1106 if (clear & TIOCM_RI)
1107 v24_sig &= ~RFCOMM_V24_IC;
1108 if (clear & TIOCM_CD)
1109 v24_sig &= ~RFCOMM_V24_DV;
1110
1111 rfcomm_dlc_set_modem_status(dlc, v24_sig);
1112
1113 return 0;
1114}
1115
1116
1117
1118static const struct tty_operations rfcomm_ops = {
1119 .open = rfcomm_tty_open,
1120 .close = rfcomm_tty_close,
1121 .write = rfcomm_tty_write,
1122 .write_room = rfcomm_tty_write_room,
1123 .chars_in_buffer = rfcomm_tty_chars_in_buffer,
1124 .flush_buffer = rfcomm_tty_flush_buffer,
1125 .ioctl = rfcomm_tty_ioctl,
1126 .throttle = rfcomm_tty_throttle,
1127 .unthrottle = rfcomm_tty_unthrottle,
1128 .set_termios = rfcomm_tty_set_termios,
1129 .send_xchar = rfcomm_tty_send_xchar,
1130 .hangup = rfcomm_tty_hangup,
1131 .wait_until_sent = rfcomm_tty_wait_until_sent,
1132 .tiocmget = rfcomm_tty_tiocmget,
1133 .tiocmset = rfcomm_tty_tiocmset,
1134 .install = rfcomm_tty_install,
1135 .cleanup = rfcomm_tty_cleanup,
1136};
1137
1138int __init rfcomm_init_ttys(void)
1139{
1140 int error;
1141
1142 rfcomm_tty_driver = alloc_tty_driver(RFCOMM_TTY_PORTS);
1143 if (!rfcomm_tty_driver)
1144 return -ENOMEM;
1145
1146 rfcomm_tty_driver->driver_name = "rfcomm";
1147 rfcomm_tty_driver->name = "rfcomm";
1148 rfcomm_tty_driver->major = RFCOMM_TTY_MAJOR;
1149 rfcomm_tty_driver->minor_start = RFCOMM_TTY_MINOR;
1150 rfcomm_tty_driver->type = TTY_DRIVER_TYPE_SERIAL;
1151 rfcomm_tty_driver->subtype = SERIAL_TYPE_NORMAL;
1152 rfcomm_tty_driver->flags = TTY_DRIVER_REAL_RAW | TTY_DRIVER_DYNAMIC_DEV;
1153 rfcomm_tty_driver->init_termios = tty_std_termios;
1154 rfcomm_tty_driver->init_termios.c_cflag = B9600 | CS8 | CREAD | HUPCL;
1155 rfcomm_tty_driver->init_termios.c_lflag &= ~ICANON;
1156 tty_set_operations(rfcomm_tty_driver, &rfcomm_ops);
1157
1158 error = tty_register_driver(rfcomm_tty_driver);
1159 if (error) {
1160 BT_ERR("Can't register RFCOMM TTY driver");
1161 put_tty_driver(rfcomm_tty_driver);
1162 return error;
1163 }
1164
1165 BT_INFO("RFCOMM TTY layer initialized");
1166
1167 return 0;
1168}
1169
1170void rfcomm_cleanup_ttys(void)
1171{
1172 tty_unregister_driver(rfcomm_tty_driver);
1173 put_tty_driver(rfcomm_tty_driver);
1174}
1175
