1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28#include <linux/module.h>
29
30#include <linux/tty.h>
31#include <linux/tty_driver.h>
32#include <linux/tty_flip.h>
33
34#include <linux/capability.h>
35#include <linux/slab.h>
36#include <linux/skbuff.h>
37#include <linux/workqueue.h>
38
39#include <net/bluetooth/bluetooth.h>
40#include <net/bluetooth/hci_core.h>
41#include <net/bluetooth/rfcomm.h>
42
43#define RFCOMM_TTY_MAGIC 0x6d02
44#define RFCOMM_TTY_PORTS RFCOMM_MAX_DEV
45#define RFCOMM_TTY_MAJOR 216
46#define RFCOMM_TTY_MINOR 0
47
48static struct tty_driver *rfcomm_tty_driver;
49
50struct rfcomm_dev {
51 struct tty_port port;
52 struct list_head list;
53
54 char name[12];
55 int id;
56 unsigned long flags;
57 int err;
58
59 bdaddr_t src;
60 bdaddr_t dst;
61 u8 channel;
62
63 uint modem_status;
64
65 struct rfcomm_dlc *dlc;
66 wait_queue_head_t wait;
67
68 struct device *tty_dev;
69
70 atomic_t wmem_alloc;
71
72 struct sk_buff_head pending;
73};
74
75static LIST_HEAD(rfcomm_dev_list);
76static DEFINE_SPINLOCK(rfcomm_dev_lock);
77
78static void rfcomm_dev_data_ready(struct rfcomm_dlc *dlc, struct sk_buff *skb);
79static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err);
80static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig);
81
82
83
84
85
86
87
88
89
90
91static void rfcomm_dev_destruct(struct tty_port *port)
92{
93 struct rfcomm_dev *dev = container_of(port, struct rfcomm_dev, port);
94 struct rfcomm_dlc *dlc = dev->dlc;
95
96 BT_DBG("dev %p dlc %p", dev, dlc);
97
98
99
100
101 BUG_ON(!list_empty(&dev->list));
102
103 rfcomm_dlc_lock(dlc);
104
105 if (dlc->owner == dev)
106 dlc->owner = NULL;
107 rfcomm_dlc_unlock(dlc);
108
109 rfcomm_dlc_put(dlc);
110
111 tty_unregister_device(rfcomm_tty_driver, dev->id);
112
113 kfree(dev);
114
115
116
117 module_put(THIS_MODULE);
118}
119
120static const struct tty_port_operations rfcomm_port_ops = {
121 .destruct = rfcomm_dev_destruct,
122};
123
124static struct rfcomm_dev *__rfcomm_dev_get(int id)
125{
126 struct rfcomm_dev *dev;
127
128 list_for_each_entry(dev, &rfcomm_dev_list, list)
129 if (dev->id == id)
130 return dev;
131
132 return NULL;
133}
134
135static inline struct rfcomm_dev *rfcomm_dev_get(int id)
136{
137 struct rfcomm_dev *dev;
138
139 spin_lock(&rfcomm_dev_lock);
140
141 dev = __rfcomm_dev_get(id);
142
143 if (dev) {
144 if (test_bit(RFCOMM_TTY_RELEASED, &dev->flags))
145 dev = NULL;
146 else
147 tty_port_get(&dev->port);
148 }
149
150 spin_unlock(&rfcomm_dev_lock);
151
152 return dev;
153}
154
155static struct device *rfcomm_get_device(struct rfcomm_dev *dev)
156{
157 struct hci_dev *hdev;
158 struct hci_conn *conn;
159
160 hdev = hci_get_route(&dev->dst, &dev->src);
161 if (!hdev)
162 return NULL;
163
164 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &dev->dst);
165
166 hci_dev_put(hdev);
167
168 return conn ? &conn->dev : NULL;
169}
170
171static ssize_t show_address(struct device *tty_dev, struct device_attribute *attr, char *buf)
172{
173 struct rfcomm_dev *dev = dev_get_drvdata(tty_dev);
174 return sprintf(buf, "%s\n", batostr(&dev->dst));
175}
176
177static ssize_t show_channel(struct device *tty_dev, struct device_attribute *attr, char *buf)
178{
179 struct rfcomm_dev *dev = dev_get_drvdata(tty_dev);
180 return sprintf(buf, "%d\n", dev->channel);
181}
182
183static DEVICE_ATTR(address, S_IRUGO, show_address, NULL);
184static DEVICE_ATTR(channel, S_IRUGO, show_channel, NULL);
185
186static int rfcomm_dev_add(struct rfcomm_dev_req *req, struct rfcomm_dlc *dlc)
187{
188 struct rfcomm_dev *dev, *entry;
189 struct list_head *head = &rfcomm_dev_list;
190 int err = 0;
191
192 BT_DBG("id %d channel %d", req->dev_id, req->channel);
193
194 dev = kzalloc(sizeof(struct rfcomm_dev), GFP_KERNEL);
195 if (!dev)
196 return -ENOMEM;
197
198 spin_lock(&rfcomm_dev_lock);
199
200 if (req->dev_id < 0) {
201 dev->id = 0;
202
203 list_for_each_entry(entry, &rfcomm_dev_list, list) {
204 if (entry->id != dev->id)
205 break;
206
207 dev->id++;
208 head = &entry->list;
209 }
210 } else {
211 dev->id = req->dev_id;
212
213 list_for_each_entry(entry, &rfcomm_dev_list, list) {
214 if (entry->id == dev->id) {
215 err = -EADDRINUSE;
216 goto out;
217 }
218
219 if (entry->id > dev->id - 1)
220 break;
221
222 head = &entry->list;
223 }
224 }
225
226 if ((dev->id < 0) || (dev->id > RFCOMM_MAX_DEV - 1)) {
227 err = -ENFILE;
228 goto out;
229 }
230
231 sprintf(dev->name, "rfcomm%d", dev->id);
232
233 list_add(&dev->list, head);
234
235 bacpy(&dev->src, &req->src);
236 bacpy(&dev->dst, &req->dst);
237 dev->channel = req->channel;
238
239 dev->flags = req->flags &
240 ((1 << RFCOMM_RELEASE_ONHUP) | (1 << RFCOMM_REUSE_DLC));
241
242 tty_port_init(&dev->port);
243 dev->port.ops = &rfcomm_port_ops;
244 init_waitqueue_head(&dev->wait);
245
246 skb_queue_head_init(&dev->pending);
247
248 rfcomm_dlc_lock(dlc);
249
250 if (req->flags & (1 << RFCOMM_REUSE_DLC)) {
251 struct sock *sk = dlc->owner;
252 struct sk_buff *skb;
253
254 BUG_ON(!sk);
255
256 rfcomm_dlc_throttle(dlc);
257
258 while ((skb = skb_dequeue(&sk->sk_receive_queue))) {
259 skb_orphan(skb);
260 skb_queue_tail(&dev->pending, skb);
261 atomic_sub(skb->len, &sk->sk_rmem_alloc);
262 }
263 }
264
265 dlc->data_ready = rfcomm_dev_data_ready;
266 dlc->state_change = rfcomm_dev_state_change;
267 dlc->modem_status = rfcomm_dev_modem_status;
268
269 dlc->owner = dev;
270 dev->dlc = dlc;
271
272 rfcomm_dev_modem_status(dlc, dlc->remote_v24_sig);
273
274 rfcomm_dlc_unlock(dlc);
275
276
277
278 __module_get(THIS_MODULE);
279
280out:
281 spin_unlock(&rfcomm_dev_lock);
282
283 if (err < 0)
284 goto free;
285
286 dev->tty_dev = tty_register_device(rfcomm_tty_driver, dev->id, NULL);
287
288 if (IS_ERR(dev->tty_dev)) {
289 err = PTR_ERR(dev->tty_dev);
290 list_del(&dev->list);
291 goto free;
292 }
293
294 dev_set_drvdata(dev->tty_dev, dev);
295
296 if (device_create_file(dev->tty_dev, &dev_attr_address) < 0)
297 BT_ERR("Failed to create address attribute");
298
299 if (device_create_file(dev->tty_dev, &dev_attr_channel) < 0)
300 BT_ERR("Failed to create channel attribute");
301
302 return dev->id;
303
304free:
305 kfree(dev);
306 return err;
307}
308
309static void rfcomm_dev_del(struct rfcomm_dev *dev)
310{
311 unsigned long flags;
312 BT_DBG("dev %p", dev);
313
314 BUG_ON(test_and_set_bit(RFCOMM_TTY_RELEASED, &dev->flags));
315
316 spin_lock_irqsave(&dev->port.lock, flags);
317 if (dev->port.count > 0) {
318 spin_unlock_irqrestore(&dev->port.lock, flags);
319 return;
320 }
321 spin_unlock_irqrestore(&dev->port.lock, flags);
322
323 spin_lock(&rfcomm_dev_lock);
324 list_del_init(&dev->list);
325 spin_unlock(&rfcomm_dev_lock);
326
327 tty_port_put(&dev->port);
328}
329
330
331static inline unsigned int rfcomm_room(struct rfcomm_dlc *dlc)
332{
333
334
335 return dlc->mtu * (dlc->tx_credits?:1);
336}
337
338static void rfcomm_wfree(struct sk_buff *skb)
339{
340 struct rfcomm_dev *dev = (void *) skb->sk;
341 struct tty_struct *tty = dev->port.tty;
342 atomic_sub(skb->truesize, &dev->wmem_alloc);
343 if (test_bit(RFCOMM_TTY_ATTACHED, &dev->flags) && tty)
344 tty_wakeup(tty);
345 tty_port_put(&dev->port);
346}
347
348static inline void rfcomm_set_owner_w(struct sk_buff *skb, struct rfcomm_dev *dev)
349{
350 tty_port_get(&dev->port);
351 atomic_add(skb->truesize, &dev->wmem_alloc);
352 skb->sk = (void *) dev;
353 skb->destructor = rfcomm_wfree;
354}
355
356static struct sk_buff *rfcomm_wmalloc(struct rfcomm_dev *dev, unsigned long size, gfp_t priority)
357{
358 if (atomic_read(&dev->wmem_alloc) < rfcomm_room(dev->dlc)) {
359 struct sk_buff *skb = alloc_skb(size, priority);
360 if (skb) {
361 rfcomm_set_owner_w(skb, dev);
362 return skb;
363 }
364 }
365 return NULL;
366}
367
368
369
370#define NOCAP_FLAGS ((1 << RFCOMM_REUSE_DLC) | (1 << RFCOMM_RELEASE_ONHUP))
371
372static int rfcomm_create_dev(struct sock *sk, void __user *arg)
373{
374 struct rfcomm_dev_req req;
375 struct rfcomm_dlc *dlc;
376 int id;
377
378 if (copy_from_user(&req, arg, sizeof(req)))
379 return -EFAULT;
380
381 BT_DBG("sk %p dev_id %d flags 0x%x", sk, req.dev_id, req.flags);
382
383 if (req.flags != NOCAP_FLAGS && !capable(CAP_NET_ADMIN))
384 return -EPERM;
385
386 if (req.flags & (1 << RFCOMM_REUSE_DLC)) {
387
388 if (sk->sk_state != BT_CONNECTED)
389 return -EBADFD;
390
391 dlc = rfcomm_pi(sk)->dlc;
392 rfcomm_dlc_hold(dlc);
393 } else {
394 dlc = rfcomm_dlc_alloc(GFP_KERNEL);
395 if (!dlc)
396 return -ENOMEM;
397 }
398
399 id = rfcomm_dev_add(&req, dlc);
400 if (id < 0) {
401 rfcomm_dlc_put(dlc);
402 return id;
403 }
404
405 if (req.flags & (1 << RFCOMM_REUSE_DLC)) {
406
407
408 sk->sk_state = BT_CLOSED;
409 }
410
411 return id;
412}
413
414static int rfcomm_release_dev(void __user *arg)
415{
416 struct rfcomm_dev_req req;
417 struct rfcomm_dev *dev;
418
419 if (copy_from_user(&req, arg, sizeof(req)))
420 return -EFAULT;
421
422 BT_DBG("dev_id %d flags 0x%x", req.dev_id, req.flags);
423
424 dev = rfcomm_dev_get(req.dev_id);
425 if (!dev)
426 return -ENODEV;
427
428 if (dev->flags != NOCAP_FLAGS && !capable(CAP_NET_ADMIN)) {
429 tty_port_put(&dev->port);
430 return -EPERM;
431 }
432
433 if (req.flags & (1 << RFCOMM_HANGUP_NOW))
434 rfcomm_dlc_close(dev->dlc, 0);
435
436
437 if (dev->port.tty)
438 tty_vhangup(dev->port.tty);
439
440 if (!test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags))
441 rfcomm_dev_del(dev);
442 tty_port_put(&dev->port);
443 return 0;
444}
445
446static int rfcomm_get_dev_list(void __user *arg)
447{
448 struct rfcomm_dev *dev;
449 struct rfcomm_dev_list_req *dl;
450 struct rfcomm_dev_info *di;
451 int n = 0, size, err;
452 u16 dev_num;
453
454 BT_DBG("");
455
456 if (get_user(dev_num, (u16 __user *) arg))
457 return -EFAULT;
458
459 if (!dev_num || dev_num > (PAGE_SIZE * 4) / sizeof(*di))
460 return -EINVAL;
461
462 size = sizeof(*dl) + dev_num * sizeof(*di);
463
464 dl = kmalloc(size, GFP_KERNEL);
465 if (!dl)
466 return -ENOMEM;
467
468 di = dl->dev_info;
469
470 spin_lock(&rfcomm_dev_lock);
471
472 list_for_each_entry(dev, &rfcomm_dev_list, list) {
473 if (test_bit(RFCOMM_TTY_RELEASED, &dev->flags))
474 continue;
475 (di + n)->id = dev->id;
476 (di + n)->flags = dev->flags;
477 (di + n)->state = dev->dlc->state;
478 (di + n)->channel = dev->channel;
479 bacpy(&(di + n)->src, &dev->src);
480 bacpy(&(di + n)->dst, &dev->dst);
481 if (++n >= dev_num)
482 break;
483 }
484
485 spin_unlock(&rfcomm_dev_lock);
486
487 dl->dev_num = n;
488 size = sizeof(*dl) + n * sizeof(*di);
489
490 err = copy_to_user(arg, dl, size);
491 kfree(dl);
492
493 return err ? -EFAULT : 0;
494}
495
496static int rfcomm_get_dev_info(void __user *arg)
497{
498 struct rfcomm_dev *dev;
499 struct rfcomm_dev_info di;
500 int err = 0;
501
502 BT_DBG("");
503
504 if (copy_from_user(&di, arg, sizeof(di)))
505 return -EFAULT;
506
507 dev = rfcomm_dev_get(di.id);
508 if (!dev)
509 return -ENODEV;
510
511 di.flags = dev->flags;
512 di.channel = dev->channel;
513 di.state = dev->dlc->state;
514 bacpy(&di.src, &dev->src);
515 bacpy(&di.dst, &dev->dst);
516
517 if (copy_to_user(arg, &di, sizeof(di)))
518 err = -EFAULT;
519
520 tty_port_put(&dev->port);
521 return err;
522}
523
524int rfcomm_dev_ioctl(struct sock *sk, unsigned int cmd, void __user *arg)
525{
526 BT_DBG("cmd %d arg %p", cmd, arg);
527
528 switch (cmd) {
529 case RFCOMMCREATEDEV:
530 return rfcomm_create_dev(sk, arg);
531
532 case RFCOMMRELEASEDEV:
533 return rfcomm_release_dev(arg);
534
535 case RFCOMMGETDEVLIST:
536 return rfcomm_get_dev_list(arg);
537
538 case RFCOMMGETDEVINFO:
539 return rfcomm_get_dev_info(arg);
540 }
541
542 return -EINVAL;
543}
544
545
546static void rfcomm_dev_data_ready(struct rfcomm_dlc *dlc, struct sk_buff *skb)
547{
548 struct rfcomm_dev *dev = dlc->owner;
549 struct tty_struct *tty;
550
551 if (!dev) {
552 kfree_skb(skb);
553 return;
554 }
555
556 tty = dev->port.tty;
557 if (!tty || !skb_queue_empty(&dev->pending)) {
558 skb_queue_tail(&dev->pending, skb);
559 return;
560 }
561
562 BT_DBG("dlc %p tty %p len %d", dlc, tty, skb->len);
563
564 tty_insert_flip_string(tty, skb->data, skb->len);
565 tty_flip_buffer_push(tty);
566
567 kfree_skb(skb);
568}
569
570static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err)
571{
572 struct rfcomm_dev *dev = dlc->owner;
573 if (!dev)
574 return;
575
576 BT_DBG("dlc %p dev %p err %d", dlc, dev, err);
577
578 dev->err = err;
579 wake_up_interruptible(&dev->wait);
580
581 if (dlc->state == BT_CLOSED) {
582 if (!dev->port.tty) {
583 if (test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags)) {
584
585
586
587
588
589
590
591 rfcomm_dlc_unlock(dlc);
592 if (rfcomm_dev_get(dev->id) == NULL) {
593 rfcomm_dlc_lock(dlc);
594 return;
595 }
596
597 rfcomm_dev_del(dev);
598 tty_port_put(&dev->port);
599 rfcomm_dlc_lock(dlc);
600 }
601 } else
602 tty_hangup(dev->port.tty);
603 }
604}
605
606static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig)
607{
608 struct rfcomm_dev *dev = dlc->owner;
609 if (!dev)
610 return;
611
612 BT_DBG("dlc %p dev %p v24_sig 0x%02x", dlc, dev, v24_sig);
613
614 if ((dev->modem_status & TIOCM_CD) && !(v24_sig & RFCOMM_V24_DV)) {
615 if (dev->port.tty && !C_CLOCAL(dev->port.tty))
616 tty_hangup(dev->port.tty);
617 }
618
619 dev->modem_status =
620 ((v24_sig & RFCOMM_V24_RTC) ? (TIOCM_DSR | TIOCM_DTR) : 0) |
621 ((v24_sig & RFCOMM_V24_RTR) ? (TIOCM_RTS | TIOCM_CTS) : 0) |
622 ((v24_sig & RFCOMM_V24_IC) ? TIOCM_RI : 0) |
623 ((v24_sig & RFCOMM_V24_DV) ? TIOCM_CD : 0);
624}
625
626
627static void rfcomm_tty_copy_pending(struct rfcomm_dev *dev)
628{
629 struct tty_struct *tty = dev->port.tty;
630 struct sk_buff *skb;
631 int inserted = 0;
632
633 if (!tty)
634 return;
635
636 BT_DBG("dev %p tty %p", dev, tty);
637
638 rfcomm_dlc_lock(dev->dlc);
639
640 while ((skb = skb_dequeue(&dev->pending))) {
641 inserted += tty_insert_flip_string(tty, skb->data, skb->len);
642 kfree_skb(skb);
643 }
644
645 rfcomm_dlc_unlock(dev->dlc);
646
647 if (inserted > 0)
648 tty_flip_buffer_push(tty);
649}
650
651static int rfcomm_tty_open(struct tty_struct *tty, struct file *filp)
652{
653 DECLARE_WAITQUEUE(wait, current);
654 struct rfcomm_dev *dev;
655 struct rfcomm_dlc *dlc;
656 unsigned long flags;
657 int err, id;
658
659 id = tty->index;
660
661 BT_DBG("tty %p id %d", tty, id);
662
663
664
665
666
667 dev = rfcomm_dev_get(id);
668 if (!dev)
669 return -ENODEV;
670
671 BT_DBG("dev %p dst %s channel %d opened %d", dev, batostr(&dev->dst),
672 dev->channel, dev->port.count);
673
674 spin_lock_irqsave(&dev->port.lock, flags);
675 if (++dev->port.count > 1) {
676 spin_unlock_irqrestore(&dev->port.lock, flags);
677 return 0;
678 }
679 spin_unlock_irqrestore(&dev->port.lock, flags);
680
681 dlc = dev->dlc;
682
683
684
685 rfcomm_dlc_lock(dlc);
686 tty->driver_data = dev;
687 dev->port.tty = tty;
688 rfcomm_dlc_unlock(dlc);
689 set_bit(RFCOMM_TTY_ATTACHED, &dev->flags);
690
691 err = rfcomm_dlc_open(dlc, &dev->src, &dev->dst, dev->channel);
692 if (err < 0)
693 return err;
694
695
696 add_wait_queue(&dev->wait, &wait);
697 while (1) {
698 set_current_state(TASK_INTERRUPTIBLE);
699
700 if (dlc->state == BT_CLOSED) {
701 err = -dev->err;
702 break;
703 }
704
705 if (dlc->state == BT_CONNECTED)
706 break;
707
708 if (signal_pending(current)) {
709 err = -EINTR;
710 break;
711 }
712
713 tty_unlock();
714 schedule();
715 tty_lock();
716 }
717 set_current_state(TASK_RUNNING);
718 remove_wait_queue(&dev->wait, &wait);
719
720 if (err == 0)
721 device_move(dev->tty_dev, rfcomm_get_device(dev),
722 DPM_ORDER_DEV_AFTER_PARENT);
723
724 rfcomm_tty_copy_pending(dev);
725
726 rfcomm_dlc_unthrottle(dev->dlc);
727
728 return err;
729}
730
731static void rfcomm_tty_close(struct tty_struct *tty, struct file *filp)
732{
733 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
734 unsigned long flags;
735
736 if (!dev)
737 return;
738
739 BT_DBG("tty %p dev %p dlc %p opened %d", tty, dev, dev->dlc,
740 dev->port.count);
741
742 spin_lock_irqsave(&dev->port.lock, flags);
743 if (!--dev->port.count) {
744 spin_unlock_irqrestore(&dev->port.lock, flags);
745 if (dev->tty_dev->parent)
746 device_move(dev->tty_dev, NULL, DPM_ORDER_DEV_LAST);
747
748
749 rfcomm_dlc_close(dev->dlc, 0);
750
751 clear_bit(RFCOMM_TTY_ATTACHED, &dev->flags);
752
753 rfcomm_dlc_lock(dev->dlc);
754 tty->driver_data = NULL;
755 dev->port.tty = NULL;
756 rfcomm_dlc_unlock(dev->dlc);
757
758 if (test_bit(RFCOMM_TTY_RELEASED, &dev->flags)) {
759 spin_lock(&rfcomm_dev_lock);
760 list_del_init(&dev->list);
761 spin_unlock(&rfcomm_dev_lock);
762
763 tty_port_put(&dev->port);
764 }
765 } else
766 spin_unlock_irqrestore(&dev->port.lock, flags);
767
768 tty_port_put(&dev->port);
769}
770
771static int rfcomm_tty_write(struct tty_struct *tty, const unsigned char *buf, int count)
772{
773 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
774 struct rfcomm_dlc *dlc = dev->dlc;
775 struct sk_buff *skb;
776 int err = 0, sent = 0, size;
777
778 BT_DBG("tty %p count %d", tty, count);
779
780 while (count) {
781 size = min_t(uint, count, dlc->mtu);
782
783 skb = rfcomm_wmalloc(dev, size + RFCOMM_SKB_RESERVE, GFP_ATOMIC);
784
785 if (!skb)
786 break;
787
788 skb_reserve(skb, RFCOMM_SKB_HEAD_RESERVE);
789
790 memcpy(skb_put(skb, size), buf + sent, size);
791
792 err = rfcomm_dlc_send(dlc, skb);
793 if (err < 0) {
794 kfree_skb(skb);
795 break;
796 }
797
798 sent += size;
799 count -= size;
800 }
801
802 return sent ? sent : err;
803}
804
805static int rfcomm_tty_write_room(struct tty_struct *tty)
806{
807 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
808 int room;
809
810 BT_DBG("tty %p", tty);
811
812 if (!dev || !dev->dlc)
813 return 0;
814
815 room = rfcomm_room(dev->dlc) - atomic_read(&dev->wmem_alloc);
816 if (room < 0)
817 room = 0;
818
819 return room;
820}
821
822static int rfcomm_tty_ioctl(struct tty_struct *tty, unsigned int cmd, unsigned long arg)
823{
824 BT_DBG("tty %p cmd 0x%02x", tty, cmd);
825
826 switch (cmd) {
827 case TCGETS:
828 BT_DBG("TCGETS is not supported");
829 return -ENOIOCTLCMD;
830
831 case TCSETS:
832 BT_DBG("TCSETS is not supported");
833 return -ENOIOCTLCMD;
834
835 case TIOCMIWAIT:
836 BT_DBG("TIOCMIWAIT");
837 break;
838
839 case TIOCGSERIAL:
840 BT_ERR("TIOCGSERIAL is not supported");
841 return -ENOIOCTLCMD;
842
843 case TIOCSSERIAL:
844 BT_ERR("TIOCSSERIAL is not supported");
845 return -ENOIOCTLCMD;
846
847 case TIOCSERGSTRUCT:
848 BT_ERR("TIOCSERGSTRUCT is not supported");
849 return -ENOIOCTLCMD;
850
851 case TIOCSERGETLSR:
852 BT_ERR("TIOCSERGETLSR is not supported");
853 return -ENOIOCTLCMD;
854
855 case TIOCSERCONFIG:
856 BT_ERR("TIOCSERCONFIG is not supported");
857 return -ENOIOCTLCMD;
858
859 default:
860 return -ENOIOCTLCMD;
861
862 }
863
864 return -ENOIOCTLCMD;
865}
866
867static void rfcomm_tty_set_termios(struct tty_struct *tty, struct ktermios *old)
868{
869 struct ktermios *new = tty->termios;
870 int old_baud_rate = tty_termios_baud_rate(old);
871 int new_baud_rate = tty_termios_baud_rate(new);
872
873 u8 baud, data_bits, stop_bits, parity, x_on, x_off;
874 u16 changes = 0;
875
876 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
877
878 BT_DBG("tty %p termios %p", tty, old);
879
880 if (!dev || !dev->dlc || !dev->dlc->session)
881 return;
882
883
884 if ((old->c_cflag & CRTSCTS) && !(new->c_cflag & CRTSCTS))
885 BT_DBG("Turning off CRTSCTS unsupported");
886
887
888 if (((old->c_cflag & PARENB) != (new->c_cflag & PARENB)) ||
889 ((old->c_cflag & PARODD) != (new->c_cflag & PARODD))) {
890 changes |= RFCOMM_RPN_PM_PARITY;
891 BT_DBG("Parity change detected.");
892 }
893
894
895 if (new->c_cflag & PARENB) {
896 if (new->c_cflag & PARODD) {
897 BT_DBG("Parity is ODD");
898 parity = RFCOMM_RPN_PARITY_ODD;
899 } else {
900 BT_DBG("Parity is EVEN");
901 parity = RFCOMM_RPN_PARITY_EVEN;
902 }
903 } else {
904 BT_DBG("Parity is OFF");
905 parity = RFCOMM_RPN_PARITY_NONE;
906 }
907
908
909 if (old->c_cc[VSTOP] != new->c_cc[VSTOP]) {
910 BT_DBG("XOFF custom");
911 x_on = new->c_cc[VSTOP];
912 changes |= RFCOMM_RPN_PM_XON;
913 } else {
914 BT_DBG("XOFF default");
915 x_on = RFCOMM_RPN_XON_CHAR;
916 }
917
918 if (old->c_cc[VSTART] != new->c_cc[VSTART]) {
919 BT_DBG("XON custom");
920 x_off = new->c_cc[VSTART];
921 changes |= RFCOMM_RPN_PM_XOFF;
922 } else {
923 BT_DBG("XON default");
924 x_off = RFCOMM_RPN_XOFF_CHAR;
925 }
926
927
928 if ((old->c_cflag & CSTOPB) != (new->c_cflag & CSTOPB))
929 changes |= RFCOMM_RPN_PM_STOP;
930
931
932
933
934 if (new->c_cflag & CSTOPB)
935 stop_bits = RFCOMM_RPN_STOP_15;
936 else
937 stop_bits = RFCOMM_RPN_STOP_1;
938
939
940 if ((old->c_cflag & CSIZE) != (new->c_cflag & CSIZE))
941 changes |= RFCOMM_RPN_PM_DATA;
942
943 switch (new->c_cflag & CSIZE) {
944 case CS5:
945 data_bits = RFCOMM_RPN_DATA_5;
946 break;
947 case CS6:
948 data_bits = RFCOMM_RPN_DATA_6;
949 break;
950 case CS7:
951 data_bits = RFCOMM_RPN_DATA_7;
952 break;
953 case CS8:
954 data_bits = RFCOMM_RPN_DATA_8;
955 break;
956 default:
957 data_bits = RFCOMM_RPN_DATA_8;
958 break;
959 }
960
961
962 if (old_baud_rate != new_baud_rate)
963 changes |= RFCOMM_RPN_PM_BITRATE;
964
965 switch (new_baud_rate) {
966 case 2400:
967 baud = RFCOMM_RPN_BR_2400;
968 break;
969 case 4800:
970 baud = RFCOMM_RPN_BR_4800;
971 break;
972 case 7200:
973 baud = RFCOMM_RPN_BR_7200;
974 break;
975 case 9600:
976 baud = RFCOMM_RPN_BR_9600;
977 break;
978 case 19200:
979 baud = RFCOMM_RPN_BR_19200;
980 break;
981 case 38400:
982 baud = RFCOMM_RPN_BR_38400;
983 break;
984 case 57600:
985 baud = RFCOMM_RPN_BR_57600;
986 break;
987 case 115200:
988 baud = RFCOMM_RPN_BR_115200;
989 break;
990 case 230400:
991 baud = RFCOMM_RPN_BR_230400;
992 break;
993 default:
994
995 baud = RFCOMM_RPN_BR_9600;
996 break;
997
998 }
999
1000 if (changes)
1001 rfcomm_send_rpn(dev->dlc->session, 1, dev->dlc->dlci, baud,
1002 data_bits, stop_bits, parity,
1003 RFCOMM_RPN_FLOW_NONE, x_on, x_off, changes);
1004}
1005
1006static void rfcomm_tty_throttle(struct tty_struct *tty)
1007{
1008 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1009
1010 BT_DBG("tty %p dev %p", tty, dev);
1011
1012 rfcomm_dlc_throttle(dev->dlc);
1013}
1014
1015static void rfcomm_tty_unthrottle(struct tty_struct *tty)
1016{
1017 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1018
1019 BT_DBG("tty %p dev %p", tty, dev);
1020
1021 rfcomm_dlc_unthrottle(dev->dlc);
1022}
1023
1024static int rfcomm_tty_chars_in_buffer(struct tty_struct *tty)
1025{
1026 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1027
1028 BT_DBG("tty %p dev %p", tty, dev);
1029
1030 if (!dev || !dev->dlc)
1031 return 0;
1032
1033 if (!skb_queue_empty(&dev->dlc->tx_queue))
1034 return dev->dlc->mtu;
1035
1036 return 0;
1037}
1038
1039static void rfcomm_tty_flush_buffer(struct tty_struct *tty)
1040{
1041 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1042
1043 BT_DBG("tty %p dev %p", tty, dev);
1044
1045 if (!dev || !dev->dlc)
1046 return;
1047
1048 skb_queue_purge(&dev->dlc->tx_queue);
1049 tty_wakeup(tty);
1050}
1051
1052static void rfcomm_tty_send_xchar(struct tty_struct *tty, char ch)
1053{
1054 BT_DBG("tty %p ch %c", tty, ch);
1055}
1056
1057static void rfcomm_tty_wait_until_sent(struct tty_struct *tty, int timeout)
1058{
1059 BT_DBG("tty %p timeout %d", tty, timeout);
1060}
1061
1062static void rfcomm_tty_hangup(struct tty_struct *tty)
1063{
1064 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1065
1066 BT_DBG("tty %p dev %p", tty, dev);
1067
1068 if (!dev)
1069 return;
1070
1071 rfcomm_tty_flush_buffer(tty);
1072
1073 if (test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags)) {
1074 if (rfcomm_dev_get(dev->id) == NULL)
1075 return;
1076 rfcomm_dev_del(dev);
1077 tty_port_put(&dev->port);
1078 }
1079}
1080
1081static int rfcomm_tty_tiocmget(struct tty_struct *tty)
1082{
1083 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1084
1085 BT_DBG("tty %p dev %p", tty, dev);
1086
1087 return dev->modem_status;
1088}
1089
1090static int rfcomm_tty_tiocmset(struct tty_struct *tty, unsigned int set, unsigned int clear)
1091{
1092 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1093 struct rfcomm_dlc *dlc = dev->dlc;
1094 u8 v24_sig;
1095
1096 BT_DBG("tty %p dev %p set 0x%02x clear 0x%02x", tty, dev, set, clear);
1097
1098 rfcomm_dlc_get_modem_status(dlc, &v24_sig);
1099
1100 if (set & TIOCM_DSR || set & TIOCM_DTR)
1101 v24_sig |= RFCOMM_V24_RTC;
1102 if (set & TIOCM_RTS || set & TIOCM_CTS)
1103 v24_sig |= RFCOMM_V24_RTR;
1104 if (set & TIOCM_RI)
1105 v24_sig |= RFCOMM_V24_IC;
1106 if (set & TIOCM_CD)
1107 v24_sig |= RFCOMM_V24_DV;
1108
1109 if (clear & TIOCM_DSR || clear & TIOCM_DTR)
1110 v24_sig &= ~RFCOMM_V24_RTC;
1111 if (clear & TIOCM_RTS || clear & TIOCM_CTS)
1112 v24_sig &= ~RFCOMM_V24_RTR;
1113 if (clear & TIOCM_RI)
1114 v24_sig &= ~RFCOMM_V24_IC;
1115 if (clear & TIOCM_CD)
1116 v24_sig &= ~RFCOMM_V24_DV;
1117
1118 rfcomm_dlc_set_modem_status(dlc, v24_sig);
1119
1120 return 0;
1121}
1122
1123
1124
1125static const struct tty_operations rfcomm_ops = {
1126 .open = rfcomm_tty_open,
1127 .close = rfcomm_tty_close,
1128 .write = rfcomm_tty_write,
1129 .write_room = rfcomm_tty_write_room,
1130 .chars_in_buffer = rfcomm_tty_chars_in_buffer,
1131 .flush_buffer = rfcomm_tty_flush_buffer,
1132 .ioctl = rfcomm_tty_ioctl,
1133 .throttle = rfcomm_tty_throttle,
1134 .unthrottle = rfcomm_tty_unthrottle,
1135 .set_termios = rfcomm_tty_set_termios,
1136 .send_xchar = rfcomm_tty_send_xchar,
1137 .hangup = rfcomm_tty_hangup,
1138 .wait_until_sent = rfcomm_tty_wait_until_sent,
1139 .tiocmget = rfcomm_tty_tiocmget,
1140 .tiocmset = rfcomm_tty_tiocmset,
1141};
1142
1143int __init rfcomm_init_ttys(void)
1144{
1145 int error;
1146
1147 rfcomm_tty_driver = alloc_tty_driver(RFCOMM_TTY_PORTS);
1148 if (!rfcomm_tty_driver)
1149 return -ENOMEM;
1150
1151 rfcomm_tty_driver->driver_name = "rfcomm";
1152 rfcomm_tty_driver->name = "rfcomm";
1153 rfcomm_tty_driver->major = RFCOMM_TTY_MAJOR;
1154 rfcomm_tty_driver->minor_start = RFCOMM_TTY_MINOR;
1155 rfcomm_tty_driver->type = TTY_DRIVER_TYPE_SERIAL;
1156 rfcomm_tty_driver->subtype = SERIAL_TYPE_NORMAL;
1157 rfcomm_tty_driver->flags = TTY_DRIVER_REAL_RAW | TTY_DRIVER_DYNAMIC_DEV;
1158 rfcomm_tty_driver->init_termios = tty_std_termios;
1159 rfcomm_tty_driver->init_termios.c_cflag = B9600 | CS8 | CREAD | HUPCL | CLOCAL;
1160 rfcomm_tty_driver->init_termios.c_lflag &= ~ICANON;
1161 tty_set_operations(rfcomm_tty_driver, &rfcomm_ops);
1162
1163 error = tty_register_driver(rfcomm_tty_driver);
1164 if (error) {
1165 BT_ERR("Can't register RFCOMM TTY driver");
1166 put_tty_driver(rfcomm_tty_driver);
1167 return error;
1168 }
1169
1170 BT_INFO("RFCOMM TTY layer initialized");
1171
1172 return 0;
1173}
1174
1175void rfcomm_cleanup_ttys(void)
1176{
1177 tty_unregister_driver(rfcomm_tty_driver);
1178 put_tty_driver(rfcomm_tty_driver);
1179}
1180
