1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28#include <linux/module.h>
29
30#include <linux/tty.h>
31#include <linux/tty_driver.h>
32#include <linux/tty_flip.h>
33
34#include <net/bluetooth/bluetooth.h>
35#include <net/bluetooth/hci_core.h>
36#include <net/bluetooth/rfcomm.h>
37
38#define RFCOMM_TTY_MAGIC 0x6d02
39#define RFCOMM_TTY_PORTS RFCOMM_MAX_DEV
40#define RFCOMM_TTY_MAJOR 216
41#define RFCOMM_TTY_MINOR 0
42
43static DEFINE_MUTEX(rfcomm_ioctl_mutex);
44static struct tty_driver *rfcomm_tty_driver;
45
46struct rfcomm_dev {
47 struct tty_port port;
48 struct list_head list;
49
50 char name[12];
51 int id;
52 unsigned long flags;
53 int err;
54
55 unsigned long status;
56
57 bdaddr_t src;
58 bdaddr_t dst;
59 u8 channel;
60
61 uint modem_status;
62
63 struct rfcomm_dlc *dlc;
64
65 struct device *tty_dev;
66
67 atomic_t wmem_alloc;
68
69 struct sk_buff_head pending;
70};
71
72static LIST_HEAD(rfcomm_dev_list);
73static DEFINE_MUTEX(rfcomm_dev_lock);
74
75static void rfcomm_dev_data_ready(struct rfcomm_dlc *dlc, struct sk_buff *skb);
76static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err);
77static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig);
78
79
80
81static void rfcomm_dev_destruct(struct tty_port *port)
82{
83 struct rfcomm_dev *dev = container_of(port, struct rfcomm_dev, port);
84 struct rfcomm_dlc *dlc = dev->dlc;
85
86 BT_DBG("dev %p dlc %p", dev, dlc);
87
88 rfcomm_dlc_lock(dlc);
89
90 if (dlc->owner == dev)
91 dlc->owner = NULL;
92 rfcomm_dlc_unlock(dlc);
93
94 rfcomm_dlc_put(dlc);
95
96 if (dev->tty_dev)
97 tty_unregister_device(rfcomm_tty_driver, dev->id);
98
99 mutex_lock(&rfcomm_dev_lock);
100 list_del(&dev->list);
101 mutex_unlock(&rfcomm_dev_lock);
102
103 kfree(dev);
104
105
106
107 module_put(THIS_MODULE);
108}
109
110
111static int rfcomm_dev_activate(struct tty_port *port, struct tty_struct *tty)
112{
113 struct rfcomm_dev *dev = container_of(port, struct rfcomm_dev, port);
114 int err;
115
116 err = rfcomm_dlc_open(dev->dlc, &dev->src, &dev->dst, dev->channel);
117 if (err)
118 set_bit(TTY_IO_ERROR, &tty->flags);
119 return err;
120}
121
122
123static int rfcomm_dev_carrier_raised(struct tty_port *port)
124{
125 struct rfcomm_dev *dev = container_of(port, struct rfcomm_dev, port);
126
127 return (dev->dlc->state == BT_CONNECTED);
128}
129
130
131static void rfcomm_dev_shutdown(struct tty_port *port)
132{
133 struct rfcomm_dev *dev = container_of(port, struct rfcomm_dev, port);
134
135 if (dev->tty_dev->parent)
136 device_move(dev->tty_dev, NULL, DPM_ORDER_DEV_LAST);
137
138
139 rfcomm_dlc_close(dev->dlc, 0);
140}
141
142static const struct tty_port_operations rfcomm_port_ops = {
143 .destruct = rfcomm_dev_destruct,
144 .activate = rfcomm_dev_activate,
145 .shutdown = rfcomm_dev_shutdown,
146 .carrier_raised = rfcomm_dev_carrier_raised,
147};
148
149static struct rfcomm_dev *__rfcomm_dev_lookup(int id)
150{
151 struct rfcomm_dev *dev;
152
153 list_for_each_entry(dev, &rfcomm_dev_list, list)
154 if (dev->id == id)
155 return dev;
156
157 return NULL;
158}
159
160static struct rfcomm_dev *rfcomm_dev_get(int id)
161{
162 struct rfcomm_dev *dev;
163
164 mutex_lock(&rfcomm_dev_lock);
165
166 dev = __rfcomm_dev_lookup(id);
167
168 if (dev && !tty_port_get(&dev->port))
169 dev = NULL;
170
171 mutex_unlock(&rfcomm_dev_lock);
172
173 return dev;
174}
175
176static void rfcomm_reparent_device(struct rfcomm_dev *dev)
177{
178 struct hci_dev *hdev;
179 struct hci_conn *conn;
180
181 hdev = hci_get_route(&dev->dst, &dev->src, BDADDR_BREDR);
182 if (!hdev)
183 return;
184
185
186
187
188 hci_dev_lock(hdev);
189 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &dev->dst);
190
191
192
193
194 if (conn && device_is_registered(&conn->dev))
195 device_move(dev->tty_dev, &conn->dev, DPM_ORDER_DEV_AFTER_PARENT);
196
197 hci_dev_unlock(hdev);
198 hci_dev_put(hdev);
199}
200
201static ssize_t show_address(struct device *tty_dev, struct device_attribute *attr, char *buf)
202{
203 struct rfcomm_dev *dev = dev_get_drvdata(tty_dev);
204 return sprintf(buf, "%pMR\n", &dev->dst);
205}
206
207static ssize_t show_channel(struct device *tty_dev, struct device_attribute *attr, char *buf)
208{
209 struct rfcomm_dev *dev = dev_get_drvdata(tty_dev);
210 return sprintf(buf, "%d\n", dev->channel);
211}
212
213static DEVICE_ATTR(address, 0444, show_address, NULL);
214static DEVICE_ATTR(channel, 0444, show_channel, NULL);
215
216static struct rfcomm_dev *__rfcomm_dev_add(struct rfcomm_dev_req *req,
217 struct rfcomm_dlc *dlc)
218{
219 struct rfcomm_dev *dev, *entry;
220 struct list_head *head = &rfcomm_dev_list;
221 int err = 0;
222
223 dev = kzalloc(sizeof(struct rfcomm_dev), GFP_KERNEL);
224 if (!dev)
225 return ERR_PTR(-ENOMEM);
226
227 mutex_lock(&rfcomm_dev_lock);
228
229 if (req->dev_id < 0) {
230 dev->id = 0;
231
232 list_for_each_entry(entry, &rfcomm_dev_list, list) {
233 if (entry->id != dev->id)
234 break;
235
236 dev->id++;
237 head = &entry->list;
238 }
239 } else {
240 dev->id = req->dev_id;
241
242 list_for_each_entry(entry, &rfcomm_dev_list, list) {
243 if (entry->id == dev->id) {
244 err = -EADDRINUSE;
245 goto out;
246 }
247
248 if (entry->id > dev->id - 1)
249 break;
250
251 head = &entry->list;
252 }
253 }
254
255 if ((dev->id < 0) || (dev->id > RFCOMM_MAX_DEV - 1)) {
256 err = -ENFILE;
257 goto out;
258 }
259
260 sprintf(dev->name, "rfcomm%d", dev->id);
261
262 list_add(&dev->list, head);
263
264 bacpy(&dev->src, &req->src);
265 bacpy(&dev->dst, &req->dst);
266 dev->channel = req->channel;
267
268 dev->flags = req->flags &
269 ((1 << RFCOMM_RELEASE_ONHUP) | (1 << RFCOMM_REUSE_DLC));
270
271 tty_port_init(&dev->port);
272 dev->port.ops = &rfcomm_port_ops;
273
274 skb_queue_head_init(&dev->pending);
275
276 rfcomm_dlc_lock(dlc);
277
278 if (req->flags & (1 << RFCOMM_REUSE_DLC)) {
279 struct sock *sk = dlc->owner;
280 struct sk_buff *skb;
281
282 BUG_ON(!sk);
283
284 rfcomm_dlc_throttle(dlc);
285
286 while ((skb = skb_dequeue(&sk->sk_receive_queue))) {
287 skb_orphan(skb);
288 skb_queue_tail(&dev->pending, skb);
289 atomic_sub(skb->len, &sk->sk_rmem_alloc);
290 }
291 }
292
293 dlc->data_ready = rfcomm_dev_data_ready;
294 dlc->state_change = rfcomm_dev_state_change;
295 dlc->modem_status = rfcomm_dev_modem_status;
296
297 dlc->owner = dev;
298 dev->dlc = dlc;
299
300 rfcomm_dev_modem_status(dlc, dlc->remote_v24_sig);
301
302 rfcomm_dlc_unlock(dlc);
303
304
305
306 __module_get(THIS_MODULE);
307
308 mutex_unlock(&rfcomm_dev_lock);
309 return dev;
310
311out:
312 mutex_unlock(&rfcomm_dev_lock);
313 kfree(dev);
314 return ERR_PTR(err);
315}
316
317static int rfcomm_dev_add(struct rfcomm_dev_req *req, struct rfcomm_dlc *dlc)
318{
319 struct rfcomm_dev *dev;
320 struct device *tty;
321
322 BT_DBG("id %d channel %d", req->dev_id, req->channel);
323
324 dev = __rfcomm_dev_add(req, dlc);
325 if (IS_ERR(dev)) {
326 rfcomm_dlc_put(dlc);
327 return PTR_ERR(dev);
328 }
329
330 tty = tty_port_register_device(&dev->port, rfcomm_tty_driver,
331 dev->id, NULL);
332 if (IS_ERR(tty)) {
333 tty_port_put(&dev->port);
334 return PTR_ERR(tty);
335 }
336
337 dev->tty_dev = tty;
338 rfcomm_reparent_device(dev);
339 dev_set_drvdata(dev->tty_dev, dev);
340
341 if (device_create_file(dev->tty_dev, &dev_attr_address) < 0)
342 BT_ERR("Failed to create address attribute");
343
344 if (device_create_file(dev->tty_dev, &dev_attr_channel) < 0)
345 BT_ERR("Failed to create channel attribute");
346
347 return dev->id;
348}
349
350
351static inline unsigned int rfcomm_room(struct rfcomm_dev *dev)
352{
353 struct rfcomm_dlc *dlc = dev->dlc;
354
355
356 int pending = 40 - atomic_read(&dev->wmem_alloc);
357
358 return max(0, pending) * dlc->mtu;
359}
360
361static void rfcomm_wfree(struct sk_buff *skb)
362{
363 struct rfcomm_dev *dev = (void *) skb->sk;
364 atomic_dec(&dev->wmem_alloc);
365 if (test_bit(RFCOMM_TTY_ATTACHED, &dev->flags))
366 tty_port_tty_wakeup(&dev->port);
367 tty_port_put(&dev->port);
368}
369
370static void rfcomm_set_owner_w(struct sk_buff *skb, struct rfcomm_dev *dev)
371{
372 tty_port_get(&dev->port);
373 atomic_inc(&dev->wmem_alloc);
374 skb->sk = (void *) dev;
375 skb->destructor = rfcomm_wfree;
376}
377
378static struct sk_buff *rfcomm_wmalloc(struct rfcomm_dev *dev, unsigned long size, gfp_t priority)
379{
380 struct sk_buff *skb = alloc_skb(size, priority);
381 if (skb)
382 rfcomm_set_owner_w(skb, dev);
383 return skb;
384}
385
386
387
388#define NOCAP_FLAGS ((1 << RFCOMM_REUSE_DLC) | (1 << RFCOMM_RELEASE_ONHUP))
389
390static int __rfcomm_create_dev(struct sock *sk, void __user *arg)
391{
392 struct rfcomm_dev_req req;
393 struct rfcomm_dlc *dlc;
394 int id;
395
396 if (copy_from_user(&req, arg, sizeof(req)))
397 return -EFAULT;
398
399 BT_DBG("sk %p dev_id %d flags 0x%x", sk, req.dev_id, req.flags);
400
401 if (req.flags != NOCAP_FLAGS && !capable(CAP_NET_ADMIN))
402 return -EPERM;
403
404 if (req.flags & (1 << RFCOMM_REUSE_DLC)) {
405
406 if (sk->sk_state != BT_CONNECTED)
407 return -EBADFD;
408
409 dlc = rfcomm_pi(sk)->dlc;
410 rfcomm_dlc_hold(dlc);
411 } else {
412
413 dlc = rfcomm_dlc_exists(&req.src, &req.dst, req.channel);
414 if (IS_ERR(dlc))
415 return PTR_ERR(dlc);
416 if (dlc)
417 return -EBUSY;
418 dlc = rfcomm_dlc_alloc(GFP_KERNEL);
419 if (!dlc)
420 return -ENOMEM;
421 }
422
423 id = rfcomm_dev_add(&req, dlc);
424 if (id < 0)
425 return id;
426
427 if (req.flags & (1 << RFCOMM_REUSE_DLC)) {
428
429
430 sk->sk_state = BT_CLOSED;
431 }
432
433 return id;
434}
435
436static int __rfcomm_release_dev(void __user *arg)
437{
438 struct rfcomm_dev_req req;
439 struct rfcomm_dev *dev;
440 struct tty_struct *tty;
441
442 if (copy_from_user(&req, arg, sizeof(req)))
443 return -EFAULT;
444
445 BT_DBG("dev_id %d flags 0x%x", req.dev_id, req.flags);
446
447 dev = rfcomm_dev_get(req.dev_id);
448 if (!dev)
449 return -ENODEV;
450
451 if (dev->flags != NOCAP_FLAGS && !capable(CAP_NET_ADMIN)) {
452 tty_port_put(&dev->port);
453 return -EPERM;
454 }
455
456
457 if (test_and_set_bit(RFCOMM_DEV_RELEASED, &dev->status)) {
458 tty_port_put(&dev->port);
459 return -EALREADY;
460 }
461
462 if (req.flags & (1 << RFCOMM_HANGUP_NOW))
463 rfcomm_dlc_close(dev->dlc, 0);
464
465
466 tty = tty_port_tty_get(&dev->port);
467 if (tty) {
468 tty_vhangup(tty);
469 tty_kref_put(tty);
470 }
471
472 if (!test_bit(RFCOMM_TTY_OWNED, &dev->status))
473 tty_port_put(&dev->port);
474
475 tty_port_put(&dev->port);
476 return 0;
477}
478
479static int rfcomm_create_dev(struct sock *sk, void __user *arg)
480{
481 int ret;
482
483 mutex_lock(&rfcomm_ioctl_mutex);
484 ret = __rfcomm_create_dev(sk, arg);
485 mutex_unlock(&rfcomm_ioctl_mutex);
486
487 return ret;
488}
489
490static int rfcomm_release_dev(void __user *arg)
491{
492 int ret;
493
494 mutex_lock(&rfcomm_ioctl_mutex);
495 ret = __rfcomm_release_dev(arg);
496 mutex_unlock(&rfcomm_ioctl_mutex);
497
498 return ret;
499}
500
501static int rfcomm_get_dev_list(void __user *arg)
502{
503 struct rfcomm_dev *dev;
504 struct rfcomm_dev_list_req *dl;
505 struct rfcomm_dev_info *di;
506 int n = 0, size, err;
507 u16 dev_num;
508
509 BT_DBG("");
510
511 if (get_user(dev_num, (u16 __user *) arg))
512 return -EFAULT;
513
514 if (!dev_num || dev_num > (PAGE_SIZE * 4) / sizeof(*di))
515 return -EINVAL;
516
517 size = sizeof(*dl) + dev_num * sizeof(*di);
518
519 dl = kzalloc(size, GFP_KERNEL);
520 if (!dl)
521 return -ENOMEM;
522
523 di = dl->dev_info;
524
525 mutex_lock(&rfcomm_dev_lock);
526
527 list_for_each_entry(dev, &rfcomm_dev_list, list) {
528 if (!tty_port_get(&dev->port))
529 continue;
530 (di + n)->id = dev->id;
531 (di + n)->flags = dev->flags;
532 (di + n)->state = dev->dlc->state;
533 (di + n)->channel = dev->channel;
534 bacpy(&(di + n)->src, &dev->src);
535 bacpy(&(di + n)->dst, &dev->dst);
536 tty_port_put(&dev->port);
537 if (++n >= dev_num)
538 break;
539 }
540
541 mutex_unlock(&rfcomm_dev_lock);
542
543 dl->dev_num = n;
544 size = sizeof(*dl) + n * sizeof(*di);
545
546 err = copy_to_user(arg, dl, size);
547 kfree(dl);
548
549 return err ? -EFAULT : 0;
550}
551
552static int rfcomm_get_dev_info(void __user *arg)
553{
554 struct rfcomm_dev *dev;
555 struct rfcomm_dev_info di;
556 int err = 0;
557
558 BT_DBG("");
559
560 if (copy_from_user(&di, arg, sizeof(di)))
561 return -EFAULT;
562
563 dev = rfcomm_dev_get(di.id);
564 if (!dev)
565 return -ENODEV;
566
567 di.flags = dev->flags;
568 di.channel = dev->channel;
569 di.state = dev->dlc->state;
570 bacpy(&di.src, &dev->src);
571 bacpy(&di.dst, &dev->dst);
572
573 if (copy_to_user(arg, &di, sizeof(di)))
574 err = -EFAULT;
575
576 tty_port_put(&dev->port);
577 return err;
578}
579
580int rfcomm_dev_ioctl(struct sock *sk, unsigned int cmd, void __user *arg)
581{
582 BT_DBG("cmd %d arg %p", cmd, arg);
583
584 switch (cmd) {
585 case RFCOMMCREATEDEV:
586 return rfcomm_create_dev(sk, arg);
587
588 case RFCOMMRELEASEDEV:
589 return rfcomm_release_dev(arg);
590
591 case RFCOMMGETDEVLIST:
592 return rfcomm_get_dev_list(arg);
593
594 case RFCOMMGETDEVINFO:
595 return rfcomm_get_dev_info(arg);
596 }
597
598 return -EINVAL;
599}
600
601
602static void rfcomm_dev_data_ready(struct rfcomm_dlc *dlc, struct sk_buff *skb)
603{
604 struct rfcomm_dev *dev = dlc->owner;
605
606 if (!dev) {
607 kfree_skb(skb);
608 return;
609 }
610
611 if (!skb_queue_empty(&dev->pending)) {
612 skb_queue_tail(&dev->pending, skb);
613 return;
614 }
615
616 BT_DBG("dlc %p len %d", dlc, skb->len);
617
618 tty_insert_flip_string(&dev->port, skb->data, skb->len);
619 tty_flip_buffer_push(&dev->port);
620
621 kfree_skb(skb);
622}
623
624static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err)
625{
626 struct rfcomm_dev *dev = dlc->owner;
627 if (!dev)
628 return;
629
630 BT_DBG("dlc %p dev %p err %d", dlc, dev, err);
631
632 dev->err = err;
633 if (dlc->state == BT_CONNECTED) {
634 rfcomm_reparent_device(dev);
635
636 wake_up_interruptible(&dev->port.open_wait);
637 } else if (dlc->state == BT_CLOSED)
638 tty_port_tty_hangup(&dev->port, false);
639}
640
641static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig)
642{
643 struct rfcomm_dev *dev = dlc->owner;
644 if (!dev)
645 return;
646
647 BT_DBG("dlc %p dev %p v24_sig 0x%02x", dlc, dev, v24_sig);
648
649 if ((dev->modem_status & TIOCM_CD) && !(v24_sig & RFCOMM_V24_DV))
650 tty_port_tty_hangup(&dev->port, true);
651
652 dev->modem_status =
653 ((v24_sig & RFCOMM_V24_RTC) ? (TIOCM_DSR | TIOCM_DTR) : 0) |
654 ((v24_sig & RFCOMM_V24_RTR) ? (TIOCM_RTS | TIOCM_CTS) : 0) |
655 ((v24_sig & RFCOMM_V24_IC) ? TIOCM_RI : 0) |
656 ((v24_sig & RFCOMM_V24_DV) ? TIOCM_CD : 0);
657}
658
659
660static void rfcomm_tty_copy_pending(struct rfcomm_dev *dev)
661{
662 struct sk_buff *skb;
663 int inserted = 0;
664
665 BT_DBG("dev %p", dev);
666
667 rfcomm_dlc_lock(dev->dlc);
668
669 while ((skb = skb_dequeue(&dev->pending))) {
670 inserted += tty_insert_flip_string(&dev->port, skb->data,
671 skb->len);
672 kfree_skb(skb);
673 }
674
675 rfcomm_dlc_unlock(dev->dlc);
676
677 if (inserted > 0)
678 tty_flip_buffer_push(&dev->port);
679}
680
681
682
683
684static void rfcomm_tty_cleanup(struct tty_struct *tty)
685{
686 struct rfcomm_dev *dev = tty->driver_data;
687
688 clear_bit(RFCOMM_TTY_ATTACHED, &dev->flags);
689
690 rfcomm_dlc_lock(dev->dlc);
691 tty->driver_data = NULL;
692 rfcomm_dlc_unlock(dev->dlc);
693
694
695
696
697
698 skb_queue_purge(&dev->dlc->tx_queue);
699
700 tty_port_put(&dev->port);
701}
702
703
704
705
706
707static int rfcomm_tty_install(struct tty_driver *driver, struct tty_struct *tty)
708{
709 struct rfcomm_dev *dev;
710 struct rfcomm_dlc *dlc;
711 int err;
712
713 dev = rfcomm_dev_get(tty->index);
714 if (!dev)
715 return -ENODEV;
716
717 dlc = dev->dlc;
718
719
720 rfcomm_dlc_lock(dlc);
721 tty->driver_data = dev;
722 rfcomm_dlc_unlock(dlc);
723 set_bit(RFCOMM_TTY_ATTACHED, &dev->flags);
724
725
726 err = tty_port_install(&dev->port, driver, tty);
727 if (err) {
728 rfcomm_tty_cleanup(tty);
729 return err;
730 }
731
732
733
734
735
736
737 if (test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags)) {
738 set_bit(RFCOMM_TTY_OWNED, &dev->status);
739 tty_port_put(&dev->port);
740 }
741
742 return 0;
743}
744
745static int rfcomm_tty_open(struct tty_struct *tty, struct file *filp)
746{
747 struct rfcomm_dev *dev = tty->driver_data;
748 int err;
749
750 BT_DBG("tty %p id %d", tty, tty->index);
751
752 BT_DBG("dev %p dst %pMR channel %d opened %d", dev, &dev->dst,
753 dev->channel, dev->port.count);
754
755 err = tty_port_open(&dev->port, tty, filp);
756 if (err)
757 return err;
758
759
760
761
762
763
764 rfcomm_tty_copy_pending(dev);
765
766 rfcomm_dlc_unthrottle(dev->dlc);
767
768 return 0;
769}
770
771static void rfcomm_tty_close(struct tty_struct *tty, struct file *filp)
772{
773 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
774
775 BT_DBG("tty %p dev %p dlc %p opened %d", tty, dev, dev->dlc,
776 dev->port.count);
777
778 tty_port_close(&dev->port, tty, filp);
779}
780
781static int rfcomm_tty_write(struct tty_struct *tty, const unsigned char *buf, int count)
782{
783 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
784 struct rfcomm_dlc *dlc = dev->dlc;
785 struct sk_buff *skb;
786 int sent = 0, size;
787
788 BT_DBG("tty %p count %d", tty, count);
789
790 while (count) {
791 size = min_t(uint, count, dlc->mtu);
792
793 skb = rfcomm_wmalloc(dev, size + RFCOMM_SKB_RESERVE, GFP_ATOMIC);
794 if (!skb)
795 break;
796
797 skb_reserve(skb, RFCOMM_SKB_HEAD_RESERVE);
798
799 skb_put_data(skb, buf + sent, size);
800
801 rfcomm_dlc_send_noerror(dlc, skb);
802
803 sent += size;
804 count -= size;
805 }
806
807 return sent;
808}
809
810static int rfcomm_tty_write_room(struct tty_struct *tty)
811{
812 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
813 int room = 0;
814
815 if (dev && dev->dlc)
816 room = rfcomm_room(dev);
817
818 BT_DBG("tty %p room %d", tty, room);
819
820 return room;
821}
822
823static int rfcomm_tty_ioctl(struct tty_struct *tty, unsigned int cmd, unsigned long arg)
824{
825 BT_DBG("tty %p cmd 0x%02x", tty, cmd);
826
827 switch (cmd) {
828 case TCGETS:
829 BT_DBG("TCGETS is not supported");
830 return -ENOIOCTLCMD;
831
832 case TCSETS:
833 BT_DBG("TCSETS is not supported");
834 return -ENOIOCTLCMD;
835
836 case TIOCMIWAIT:
837 BT_DBG("TIOCMIWAIT");
838 break;
839
840 case TIOCSERGETLSR:
841 BT_ERR("TIOCSERGETLSR is not supported");
842 return -ENOIOCTLCMD;
843
844 case TIOCSERCONFIG:
845 BT_ERR("TIOCSERCONFIG is not supported");
846 return -ENOIOCTLCMD;
847
848 default:
849 return -ENOIOCTLCMD;
850
851 }
852
853 return -ENOIOCTLCMD;
854}
855
856static void rfcomm_tty_set_termios(struct tty_struct *tty, struct ktermios *old)
857{
858 struct ktermios *new = &tty->termios;
859 int old_baud_rate = tty_termios_baud_rate(old);
860 int new_baud_rate = tty_termios_baud_rate(new);
861
862 u8 baud, data_bits, stop_bits, parity, x_on, x_off;
863 u16 changes = 0;
864
865 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
866
867 BT_DBG("tty %p termios %p", tty, old);
868
869 if (!dev || !dev->dlc || !dev->dlc->session)
870 return;
871
872
873 if ((old->c_cflag & CRTSCTS) && !(new->c_cflag & CRTSCTS))
874 BT_DBG("Turning off CRTSCTS unsupported");
875
876
877 if (((old->c_cflag & PARENB) != (new->c_cflag & PARENB)) ||
878 ((old->c_cflag & PARODD) != (new->c_cflag & PARODD))) {
879 changes |= RFCOMM_RPN_PM_PARITY;
880 BT_DBG("Parity change detected.");
881 }
882
883
884 if (new->c_cflag & PARENB) {
885 if (new->c_cflag & PARODD) {
886 BT_DBG("Parity is ODD");
887 parity = RFCOMM_RPN_PARITY_ODD;
888 } else {
889 BT_DBG("Parity is EVEN");
890 parity = RFCOMM_RPN_PARITY_EVEN;
891 }
892 } else {
893 BT_DBG("Parity is OFF");
894 parity = RFCOMM_RPN_PARITY_NONE;
895 }
896
897
898 if (old->c_cc[VSTOP] != new->c_cc[VSTOP]) {
899 BT_DBG("XOFF custom");
900 x_on = new->c_cc[VSTOP];
901 changes |= RFCOMM_RPN_PM_XON;
902 } else {
903 BT_DBG("XOFF default");
904 x_on = RFCOMM_RPN_XON_CHAR;
905 }
906
907 if (old->c_cc[VSTART] != new->c_cc[VSTART]) {
908 BT_DBG("XON custom");
909 x_off = new->c_cc[VSTART];
910 changes |= RFCOMM_RPN_PM_XOFF;
911 } else {
912 BT_DBG("XON default");
913 x_off = RFCOMM_RPN_XOFF_CHAR;
914 }
915
916
917 if ((old->c_cflag & CSTOPB) != (new->c_cflag & CSTOPB))
918 changes |= RFCOMM_RPN_PM_STOP;
919
920
921
922
923 if (new->c_cflag & CSTOPB)
924 stop_bits = RFCOMM_RPN_STOP_15;
925 else
926 stop_bits = RFCOMM_RPN_STOP_1;
927
928
929 if ((old->c_cflag & CSIZE) != (new->c_cflag & CSIZE))
930 changes |= RFCOMM_RPN_PM_DATA;
931
932 switch (new->c_cflag & CSIZE) {
933 case CS5:
934 data_bits = RFCOMM_RPN_DATA_5;
935 break;
936 case CS6:
937 data_bits = RFCOMM_RPN_DATA_6;
938 break;
939 case CS7:
940 data_bits = RFCOMM_RPN_DATA_7;
941 break;
942 case CS8:
943 data_bits = RFCOMM_RPN_DATA_8;
944 break;
945 default:
946 data_bits = RFCOMM_RPN_DATA_8;
947 break;
948 }
949
950
951 if (old_baud_rate != new_baud_rate)
952 changes |= RFCOMM_RPN_PM_BITRATE;
953
954 switch (new_baud_rate) {
955 case 2400:
956 baud = RFCOMM_RPN_BR_2400;
957 break;
958 case 4800:
959 baud = RFCOMM_RPN_BR_4800;
960 break;
961 case 7200:
962 baud = RFCOMM_RPN_BR_7200;
963 break;
964 case 9600:
965 baud = RFCOMM_RPN_BR_9600;
966 break;
967 case 19200:
968 baud = RFCOMM_RPN_BR_19200;
969 break;
970 case 38400:
971 baud = RFCOMM_RPN_BR_38400;
972 break;
973 case 57600:
974 baud = RFCOMM_RPN_BR_57600;
975 break;
976 case 115200:
977 baud = RFCOMM_RPN_BR_115200;
978 break;
979 case 230400:
980 baud = RFCOMM_RPN_BR_230400;
981 break;
982 default:
983
984 baud = RFCOMM_RPN_BR_9600;
985 break;
986
987 }
988
989 if (changes)
990 rfcomm_send_rpn(dev->dlc->session, 1, dev->dlc->dlci, baud,
991 data_bits, stop_bits, parity,
992 RFCOMM_RPN_FLOW_NONE, x_on, x_off, changes);
993}
994
995static void rfcomm_tty_throttle(struct tty_struct *tty)
996{
997 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
998
999 BT_DBG("tty %p dev %p", tty, dev);
1000
1001 rfcomm_dlc_throttle(dev->dlc);
1002}
1003
1004static void rfcomm_tty_unthrottle(struct tty_struct *tty)
1005{
1006 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1007
1008 BT_DBG("tty %p dev %p", tty, dev);
1009
1010 rfcomm_dlc_unthrottle(dev->dlc);
1011}
1012
1013static int rfcomm_tty_chars_in_buffer(struct tty_struct *tty)
1014{
1015 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1016
1017 BT_DBG("tty %p dev %p", tty, dev);
1018
1019 if (!dev || !dev->dlc)
1020 return 0;
1021
1022 if (!skb_queue_empty(&dev->dlc->tx_queue))
1023 return dev->dlc->mtu;
1024
1025 return 0;
1026}
1027
1028static void rfcomm_tty_flush_buffer(struct tty_struct *tty)
1029{
1030 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1031
1032 BT_DBG("tty %p dev %p", tty, dev);
1033
1034 if (!dev || !dev->dlc)
1035 return;
1036
1037 skb_queue_purge(&dev->dlc->tx_queue);
1038 tty_wakeup(tty);
1039}
1040
1041static void rfcomm_tty_send_xchar(struct tty_struct *tty, char ch)
1042{
1043 BT_DBG("tty %p ch %c", tty, ch);
1044}
1045
1046static void rfcomm_tty_wait_until_sent(struct tty_struct *tty, int timeout)
1047{
1048 BT_DBG("tty %p timeout %d", tty, timeout);
1049}
1050
1051static void rfcomm_tty_hangup(struct tty_struct *tty)
1052{
1053 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1054
1055 BT_DBG("tty %p dev %p", tty, dev);
1056
1057 tty_port_hangup(&dev->port);
1058}
1059
1060static int rfcomm_tty_tiocmget(struct tty_struct *tty)
1061{
1062 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1063
1064 BT_DBG("tty %p dev %p", tty, dev);
1065
1066 return dev->modem_status;
1067}
1068
1069static int rfcomm_tty_tiocmset(struct tty_struct *tty, unsigned int set, unsigned int clear)
1070{
1071 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1072 struct rfcomm_dlc *dlc = dev->dlc;
1073 u8 v24_sig;
1074
1075 BT_DBG("tty %p dev %p set 0x%02x clear 0x%02x", tty, dev, set, clear);
1076
1077 rfcomm_dlc_get_modem_status(dlc, &v24_sig);
1078
1079 if (set & TIOCM_DSR || set & TIOCM_DTR)
1080 v24_sig |= RFCOMM_V24_RTC;
1081 if (set & TIOCM_RTS || set & TIOCM_CTS)
1082 v24_sig |= RFCOMM_V24_RTR;
1083 if (set & TIOCM_RI)
1084 v24_sig |= RFCOMM_V24_IC;
1085 if (set & TIOCM_CD)
1086 v24_sig |= RFCOMM_V24_DV;
1087
1088 if (clear & TIOCM_DSR || clear & TIOCM_DTR)
1089 v24_sig &= ~RFCOMM_V24_RTC;
1090 if (clear & TIOCM_RTS || clear & TIOCM_CTS)
1091 v24_sig &= ~RFCOMM_V24_RTR;
1092 if (clear & TIOCM_RI)
1093 v24_sig &= ~RFCOMM_V24_IC;
1094 if (clear & TIOCM_CD)
1095 v24_sig &= ~RFCOMM_V24_DV;
1096
1097 rfcomm_dlc_set_modem_status(dlc, v24_sig);
1098
1099 return 0;
1100}
1101
1102
1103
1104static const struct tty_operations rfcomm_ops = {
1105 .open = rfcomm_tty_open,
1106 .close = rfcomm_tty_close,
1107 .write = rfcomm_tty_write,
1108 .write_room = rfcomm_tty_write_room,
1109 .chars_in_buffer = rfcomm_tty_chars_in_buffer,
1110 .flush_buffer = rfcomm_tty_flush_buffer,
1111 .ioctl = rfcomm_tty_ioctl,
1112 .throttle = rfcomm_tty_throttle,
1113 .unthrottle = rfcomm_tty_unthrottle,
1114 .set_termios = rfcomm_tty_set_termios,
1115 .send_xchar = rfcomm_tty_send_xchar,
1116 .hangup = rfcomm_tty_hangup,
1117 .wait_until_sent = rfcomm_tty_wait_until_sent,
1118 .tiocmget = rfcomm_tty_tiocmget,
1119 .tiocmset = rfcomm_tty_tiocmset,
1120 .install = rfcomm_tty_install,
1121 .cleanup = rfcomm_tty_cleanup,
1122};
1123
1124int __init rfcomm_init_ttys(void)
1125{
1126 int error;
1127
1128 rfcomm_tty_driver = alloc_tty_driver(RFCOMM_TTY_PORTS);
1129 if (!rfcomm_tty_driver)
1130 return -ENOMEM;
1131
1132 rfcomm_tty_driver->driver_name = "rfcomm";
1133 rfcomm_tty_driver->name = "rfcomm";
1134 rfcomm_tty_driver->major = RFCOMM_TTY_MAJOR;
1135 rfcomm_tty_driver->minor_start = RFCOMM_TTY_MINOR;
1136 rfcomm_tty_driver->type = TTY_DRIVER_TYPE_SERIAL;
1137 rfcomm_tty_driver->subtype = SERIAL_TYPE_NORMAL;
1138 rfcomm_tty_driver->flags = TTY_DRIVER_REAL_RAW | TTY_DRIVER_DYNAMIC_DEV;
1139 rfcomm_tty_driver->init_termios = tty_std_termios;
1140 rfcomm_tty_driver->init_termios.c_cflag = B9600 | CS8 | CREAD | HUPCL;
1141 rfcomm_tty_driver->init_termios.c_lflag &= ~ICANON;
1142 tty_set_operations(rfcomm_tty_driver, &rfcomm_ops);
1143
1144 error = tty_register_driver(rfcomm_tty_driver);
1145 if (error) {
1146 BT_ERR("Can't register RFCOMM TTY driver");
1147 put_tty_driver(rfcomm_tty_driver);
1148 return error;
1149 }
1150
1151 BT_INFO("RFCOMM TTY layer initialized");
1152
1153 return 0;
1154}
1155
1156void rfcomm_cleanup_ttys(void)
1157{
1158 tty_unregister_driver(rfcomm_tty_driver);
1159 put_tty_driver(rfcomm_tty_driver);
1160}
1161