1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28#include <linux/module.h>
29
30#include <linux/tty.h>
31#include <linux/tty_driver.h>
32#include <linux/tty_flip.h>
33
34#include <net/bluetooth/bluetooth.h>
35#include <net/bluetooth/hci_core.h>
36#include <net/bluetooth/rfcomm.h>
37
38#define RFCOMM_TTY_MAGIC 0x6d02
39#define RFCOMM_TTY_PORTS RFCOMM_MAX_DEV
40#define RFCOMM_TTY_MAJOR 216
41#define RFCOMM_TTY_MINOR 0
42
43static DEFINE_MUTEX(rfcomm_ioctl_mutex);
44static struct tty_driver *rfcomm_tty_driver;
45
46struct rfcomm_dev {
47 struct tty_port port;
48 struct list_head list;
49
50 char name[12];
51 int id;
52 unsigned long flags;
53 int err;
54
55 unsigned long status;
56
57 bdaddr_t src;
58 bdaddr_t dst;
59 u8 channel;
60
61 uint modem_status;
62
63 struct rfcomm_dlc *dlc;
64
65 struct device *tty_dev;
66
67 atomic_t wmem_alloc;
68
69 struct sk_buff_head pending;
70};
71
72static LIST_HEAD(rfcomm_dev_list);
73static DEFINE_MUTEX(rfcomm_dev_lock);
74
75static void rfcomm_dev_data_ready(struct rfcomm_dlc *dlc, struct sk_buff *skb);
76static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err);
77static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig);
78
79
80
81static void rfcomm_dev_destruct(struct tty_port *port)
82{
83 struct rfcomm_dev *dev = container_of(port, struct rfcomm_dev, port);
84 struct rfcomm_dlc *dlc = dev->dlc;
85
86 BT_DBG("dev %p dlc %p", dev, dlc);
87
88 rfcomm_dlc_lock(dlc);
89
90 if (dlc->owner == dev)
91 dlc->owner = NULL;
92 rfcomm_dlc_unlock(dlc);
93
94 rfcomm_dlc_put(dlc);
95
96 if (dev->tty_dev)
97 tty_unregister_device(rfcomm_tty_driver, dev->id);
98
99 mutex_lock(&rfcomm_dev_lock);
100 list_del(&dev->list);
101 mutex_unlock(&rfcomm_dev_lock);
102
103 kfree(dev);
104
105
106
107 module_put(THIS_MODULE);
108}
109
110
111static int rfcomm_dev_activate(struct tty_port *port, struct tty_struct *tty)
112{
113 struct rfcomm_dev *dev = container_of(port, struct rfcomm_dev, port);
114 int err;
115
116 err = rfcomm_dlc_open(dev->dlc, &dev->src, &dev->dst, dev->channel);
117 if (err)
118 set_bit(TTY_IO_ERROR, &tty->flags);
119 return err;
120}
121
122
123static int rfcomm_dev_carrier_raised(struct tty_port *port)
124{
125 struct rfcomm_dev *dev = container_of(port, struct rfcomm_dev, port);
126
127 return (dev->dlc->state == BT_CONNECTED);
128}
129
130
131static void rfcomm_dev_shutdown(struct tty_port *port)
132{
133 struct rfcomm_dev *dev = container_of(port, struct rfcomm_dev, port);
134
135 if (dev->tty_dev->parent)
136 device_move(dev->tty_dev, NULL, DPM_ORDER_DEV_LAST);
137
138
139 rfcomm_dlc_close(dev->dlc, 0);
140}
141
142static const struct tty_port_operations rfcomm_port_ops = {
143 .destruct = rfcomm_dev_destruct,
144 .activate = rfcomm_dev_activate,
145 .shutdown = rfcomm_dev_shutdown,
146 .carrier_raised = rfcomm_dev_carrier_raised,
147};
148
149static struct rfcomm_dev *__rfcomm_dev_lookup(int id)
150{
151 struct rfcomm_dev *dev;
152
153 list_for_each_entry(dev, &rfcomm_dev_list, list)
154 if (dev->id == id)
155 return dev;
156
157 return NULL;
158}
159
160static struct rfcomm_dev *rfcomm_dev_get(int id)
161{
162 struct rfcomm_dev *dev;
163
164 mutex_lock(&rfcomm_dev_lock);
165
166 dev = __rfcomm_dev_lookup(id);
167
168 if (dev && !tty_port_get(&dev->port))
169 dev = NULL;
170
171 mutex_unlock(&rfcomm_dev_lock);
172
173 return dev;
174}
175
176static void rfcomm_reparent_device(struct rfcomm_dev *dev)
177{
178 struct hci_dev *hdev;
179 struct hci_conn *conn;
180
181 hdev = hci_get_route(&dev->dst, &dev->src, BDADDR_BREDR);
182 if (!hdev)
183 return;
184
185
186
187
188 hci_dev_lock(hdev);
189 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &dev->dst);
190
191
192
193
194 if (conn && device_is_registered(&conn->dev))
195 device_move(dev->tty_dev, &conn->dev, DPM_ORDER_DEV_AFTER_PARENT);
196
197 hci_dev_unlock(hdev);
198 hci_dev_put(hdev);
199}
200
201static ssize_t address_show(struct device *tty_dev,
202 struct device_attribute *attr, char *buf)
203{
204 struct rfcomm_dev *dev = dev_get_drvdata(tty_dev);
205 return sprintf(buf, "%pMR\n", &dev->dst);
206}
207
208static ssize_t channel_show(struct device *tty_dev,
209 struct device_attribute *attr, char *buf)
210{
211 struct rfcomm_dev *dev = dev_get_drvdata(tty_dev);
212 return sprintf(buf, "%d\n", dev->channel);
213}
214
215static DEVICE_ATTR_RO(address);
216static DEVICE_ATTR_RO(channel);
217
218static struct rfcomm_dev *__rfcomm_dev_add(struct rfcomm_dev_req *req,
219 struct rfcomm_dlc *dlc)
220{
221 struct rfcomm_dev *dev, *entry;
222 struct list_head *head = &rfcomm_dev_list;
223 int err = 0;
224
225 dev = kzalloc(sizeof(struct rfcomm_dev), GFP_KERNEL);
226 if (!dev)
227 return ERR_PTR(-ENOMEM);
228
229 mutex_lock(&rfcomm_dev_lock);
230
231 if (req->dev_id < 0) {
232 dev->id = 0;
233
234 list_for_each_entry(entry, &rfcomm_dev_list, list) {
235 if (entry->id != dev->id)
236 break;
237
238 dev->id++;
239 head = &entry->list;
240 }
241 } else {
242 dev->id = req->dev_id;
243
244 list_for_each_entry(entry, &rfcomm_dev_list, list) {
245 if (entry->id == dev->id) {
246 err = -EADDRINUSE;
247 goto out;
248 }
249
250 if (entry->id > dev->id - 1)
251 break;
252
253 head = &entry->list;
254 }
255 }
256
257 if ((dev->id < 0) || (dev->id > RFCOMM_MAX_DEV - 1)) {
258 err = -ENFILE;
259 goto out;
260 }
261
262 sprintf(dev->name, "rfcomm%d", dev->id);
263
264 list_add(&dev->list, head);
265
266 bacpy(&dev->src, &req->src);
267 bacpy(&dev->dst, &req->dst);
268 dev->channel = req->channel;
269
270 dev->flags = req->flags &
271 ((1 << RFCOMM_RELEASE_ONHUP) | (1 << RFCOMM_REUSE_DLC));
272
273 tty_port_init(&dev->port);
274 dev->port.ops = &rfcomm_port_ops;
275
276 skb_queue_head_init(&dev->pending);
277
278 rfcomm_dlc_lock(dlc);
279
280 if (req->flags & (1 << RFCOMM_REUSE_DLC)) {
281 struct sock *sk = dlc->owner;
282 struct sk_buff *skb;
283
284 BUG_ON(!sk);
285
286 rfcomm_dlc_throttle(dlc);
287
288 while ((skb = skb_dequeue(&sk->sk_receive_queue))) {
289 skb_orphan(skb);
290 skb_queue_tail(&dev->pending, skb);
291 atomic_sub(skb->len, &sk->sk_rmem_alloc);
292 }
293 }
294
295 dlc->data_ready = rfcomm_dev_data_ready;
296 dlc->state_change = rfcomm_dev_state_change;
297 dlc->modem_status = rfcomm_dev_modem_status;
298
299 dlc->owner = dev;
300 dev->dlc = dlc;
301
302 rfcomm_dev_modem_status(dlc, dlc->remote_v24_sig);
303
304 rfcomm_dlc_unlock(dlc);
305
306
307
308 __module_get(THIS_MODULE);
309
310 mutex_unlock(&rfcomm_dev_lock);
311 return dev;
312
313out:
314 mutex_unlock(&rfcomm_dev_lock);
315 kfree(dev);
316 return ERR_PTR(err);
317}
318
319static int rfcomm_dev_add(struct rfcomm_dev_req *req, struct rfcomm_dlc *dlc)
320{
321 struct rfcomm_dev *dev;
322 struct device *tty;
323
324 BT_DBG("id %d channel %d", req->dev_id, req->channel);
325
326 dev = __rfcomm_dev_add(req, dlc);
327 if (IS_ERR(dev)) {
328 rfcomm_dlc_put(dlc);
329 return PTR_ERR(dev);
330 }
331
332 tty = tty_port_register_device(&dev->port, rfcomm_tty_driver,
333 dev->id, NULL);
334 if (IS_ERR(tty)) {
335 tty_port_put(&dev->port);
336 return PTR_ERR(tty);
337 }
338
339 dev->tty_dev = tty;
340 rfcomm_reparent_device(dev);
341 dev_set_drvdata(dev->tty_dev, dev);
342
343 if (device_create_file(dev->tty_dev, &dev_attr_address) < 0)
344 BT_ERR("Failed to create address attribute");
345
346 if (device_create_file(dev->tty_dev, &dev_attr_channel) < 0)
347 BT_ERR("Failed to create channel attribute");
348
349 return dev->id;
350}
351
352
353static inline unsigned int rfcomm_room(struct rfcomm_dev *dev)
354{
355 struct rfcomm_dlc *dlc = dev->dlc;
356
357
358 int pending = 40 - atomic_read(&dev->wmem_alloc);
359
360 return max(0, pending) * dlc->mtu;
361}
362
363static void rfcomm_wfree(struct sk_buff *skb)
364{
365 struct rfcomm_dev *dev = (void *) skb->sk;
366 atomic_dec(&dev->wmem_alloc);
367 if (test_bit(RFCOMM_TTY_ATTACHED, &dev->flags))
368 tty_port_tty_wakeup(&dev->port);
369 tty_port_put(&dev->port);
370}
371
372static void rfcomm_set_owner_w(struct sk_buff *skb, struct rfcomm_dev *dev)
373{
374 tty_port_get(&dev->port);
375 atomic_inc(&dev->wmem_alloc);
376 skb->sk = (void *) dev;
377 skb->destructor = rfcomm_wfree;
378}
379
380static struct sk_buff *rfcomm_wmalloc(struct rfcomm_dev *dev, unsigned long size, gfp_t priority)
381{
382 struct sk_buff *skb = alloc_skb(size, priority);
383 if (skb)
384 rfcomm_set_owner_w(skb, dev);
385 return skb;
386}
387
388
389
390#define NOCAP_FLAGS ((1 << RFCOMM_REUSE_DLC) | (1 << RFCOMM_RELEASE_ONHUP))
391
392static int __rfcomm_create_dev(struct sock *sk, void __user *arg)
393{
394 struct rfcomm_dev_req req;
395 struct rfcomm_dlc *dlc;
396 int id;
397
398 if (copy_from_user(&req, arg, sizeof(req)))
399 return -EFAULT;
400
401 BT_DBG("sk %p dev_id %d flags 0x%x", sk, req.dev_id, req.flags);
402
403 if (req.flags != NOCAP_FLAGS && !capable(CAP_NET_ADMIN))
404 return -EPERM;
405
406 if (req.flags & (1 << RFCOMM_REUSE_DLC)) {
407
408 if (sk->sk_state != BT_CONNECTED)
409 return -EBADFD;
410
411 dlc = rfcomm_pi(sk)->dlc;
412 rfcomm_dlc_hold(dlc);
413 } else {
414
415 dlc = rfcomm_dlc_exists(&req.src, &req.dst, req.channel);
416 if (IS_ERR(dlc))
417 return PTR_ERR(dlc);
418 if (dlc)
419 return -EBUSY;
420 dlc = rfcomm_dlc_alloc(GFP_KERNEL);
421 if (!dlc)
422 return -ENOMEM;
423 }
424
425 id = rfcomm_dev_add(&req, dlc);
426 if (id < 0)
427 return id;
428
429 if (req.flags & (1 << RFCOMM_REUSE_DLC)) {
430
431
432 sk->sk_state = BT_CLOSED;
433 }
434
435 return id;
436}
437
438static int __rfcomm_release_dev(void __user *arg)
439{
440 struct rfcomm_dev_req req;
441 struct rfcomm_dev *dev;
442 struct tty_struct *tty;
443
444 if (copy_from_user(&req, arg, sizeof(req)))
445 return -EFAULT;
446
447 BT_DBG("dev_id %d flags 0x%x", req.dev_id, req.flags);
448
449 dev = rfcomm_dev_get(req.dev_id);
450 if (!dev)
451 return -ENODEV;
452
453 if (dev->flags != NOCAP_FLAGS && !capable(CAP_NET_ADMIN)) {
454 tty_port_put(&dev->port);
455 return -EPERM;
456 }
457
458
459 if (test_and_set_bit(RFCOMM_DEV_RELEASED, &dev->status)) {
460 tty_port_put(&dev->port);
461 return -EALREADY;
462 }
463
464 if (req.flags & (1 << RFCOMM_HANGUP_NOW))
465 rfcomm_dlc_close(dev->dlc, 0);
466
467
468 tty = tty_port_tty_get(&dev->port);
469 if (tty) {
470 tty_vhangup(tty);
471 tty_kref_put(tty);
472 }
473
474 if (!test_bit(RFCOMM_TTY_OWNED, &dev->status))
475 tty_port_put(&dev->port);
476
477 tty_port_put(&dev->port);
478 return 0;
479}
480
481static int rfcomm_create_dev(struct sock *sk, void __user *arg)
482{
483 int ret;
484
485 mutex_lock(&rfcomm_ioctl_mutex);
486 ret = __rfcomm_create_dev(sk, arg);
487 mutex_unlock(&rfcomm_ioctl_mutex);
488
489 return ret;
490}
491
492static int rfcomm_release_dev(void __user *arg)
493{
494 int ret;
495
496 mutex_lock(&rfcomm_ioctl_mutex);
497 ret = __rfcomm_release_dev(arg);
498 mutex_unlock(&rfcomm_ioctl_mutex);
499
500 return ret;
501}
502
503static int rfcomm_get_dev_list(void __user *arg)
504{
505 struct rfcomm_dev *dev;
506 struct rfcomm_dev_list_req *dl;
507 struct rfcomm_dev_info *di;
508 int n = 0, size, err;
509 u16 dev_num;
510
511 BT_DBG("");
512
513 if (get_user(dev_num, (u16 __user *) arg))
514 return -EFAULT;
515
516 if (!dev_num || dev_num > (PAGE_SIZE * 4) / sizeof(*di))
517 return -EINVAL;
518
519 size = sizeof(*dl) + dev_num * sizeof(*di);
520
521 dl = kzalloc(size, GFP_KERNEL);
522 if (!dl)
523 return -ENOMEM;
524
525 di = dl->dev_info;
526
527 mutex_lock(&rfcomm_dev_lock);
528
529 list_for_each_entry(dev, &rfcomm_dev_list, list) {
530 if (!tty_port_get(&dev->port))
531 continue;
532 (di + n)->id = dev->id;
533 (di + n)->flags = dev->flags;
534 (di + n)->state = dev->dlc->state;
535 (di + n)->channel = dev->channel;
536 bacpy(&(di + n)->src, &dev->src);
537 bacpy(&(di + n)->dst, &dev->dst);
538 tty_port_put(&dev->port);
539 if (++n >= dev_num)
540 break;
541 }
542
543 mutex_unlock(&rfcomm_dev_lock);
544
545 dl->dev_num = n;
546 size = sizeof(*dl) + n * sizeof(*di);
547
548 err = copy_to_user(arg, dl, size);
549 kfree(dl);
550
551 return err ? -EFAULT : 0;
552}
553
554static int rfcomm_get_dev_info(void __user *arg)
555{
556 struct rfcomm_dev *dev;
557 struct rfcomm_dev_info di;
558 int err = 0;
559
560 BT_DBG("");
561
562 if (copy_from_user(&di, arg, sizeof(di)))
563 return -EFAULT;
564
565 dev = rfcomm_dev_get(di.id);
566 if (!dev)
567 return -ENODEV;
568
569 di.flags = dev->flags;
570 di.channel = dev->channel;
571 di.state = dev->dlc->state;
572 bacpy(&di.src, &dev->src);
573 bacpy(&di.dst, &dev->dst);
574
575 if (copy_to_user(arg, &di, sizeof(di)))
576 err = -EFAULT;
577
578 tty_port_put(&dev->port);
579 return err;
580}
581
582int rfcomm_dev_ioctl(struct sock *sk, unsigned int cmd, void __user *arg)
583{
584 BT_DBG("cmd %d arg %p", cmd, arg);
585
586 switch (cmd) {
587 case RFCOMMCREATEDEV:
588 return rfcomm_create_dev(sk, arg);
589
590 case RFCOMMRELEASEDEV:
591 return rfcomm_release_dev(arg);
592
593 case RFCOMMGETDEVLIST:
594 return rfcomm_get_dev_list(arg);
595
596 case RFCOMMGETDEVINFO:
597 return rfcomm_get_dev_info(arg);
598 }
599
600 return -EINVAL;
601}
602
603
604static void rfcomm_dev_data_ready(struct rfcomm_dlc *dlc, struct sk_buff *skb)
605{
606 struct rfcomm_dev *dev = dlc->owner;
607
608 if (!dev) {
609 kfree_skb(skb);
610 return;
611 }
612
613 if (!skb_queue_empty(&dev->pending)) {
614 skb_queue_tail(&dev->pending, skb);
615 return;
616 }
617
618 BT_DBG("dlc %p len %d", dlc, skb->len);
619
620 tty_insert_flip_string(&dev->port, skb->data, skb->len);
621 tty_flip_buffer_push(&dev->port);
622
623 kfree_skb(skb);
624}
625
626static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err)
627{
628 struct rfcomm_dev *dev = dlc->owner;
629 if (!dev)
630 return;
631
632 BT_DBG("dlc %p dev %p err %d", dlc, dev, err);
633
634 dev->err = err;
635 if (dlc->state == BT_CONNECTED) {
636 rfcomm_reparent_device(dev);
637
638 wake_up_interruptible(&dev->port.open_wait);
639 } else if (dlc->state == BT_CLOSED)
640 tty_port_tty_hangup(&dev->port, false);
641}
642
643static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig)
644{
645 struct rfcomm_dev *dev = dlc->owner;
646 if (!dev)
647 return;
648
649 BT_DBG("dlc %p dev %p v24_sig 0x%02x", dlc, dev, v24_sig);
650
651 if ((dev->modem_status & TIOCM_CD) && !(v24_sig & RFCOMM_V24_DV))
652 tty_port_tty_hangup(&dev->port, true);
653
654 dev->modem_status =
655 ((v24_sig & RFCOMM_V24_RTC) ? (TIOCM_DSR | TIOCM_DTR) : 0) |
656 ((v24_sig & RFCOMM_V24_RTR) ? (TIOCM_RTS | TIOCM_CTS) : 0) |
657 ((v24_sig & RFCOMM_V24_IC) ? TIOCM_RI : 0) |
658 ((v24_sig & RFCOMM_V24_DV) ? TIOCM_CD : 0);
659}
660
661
662static void rfcomm_tty_copy_pending(struct rfcomm_dev *dev)
663{
664 struct sk_buff *skb;
665 int inserted = 0;
666
667 BT_DBG("dev %p", dev);
668
669 rfcomm_dlc_lock(dev->dlc);
670
671 while ((skb = skb_dequeue(&dev->pending))) {
672 inserted += tty_insert_flip_string(&dev->port, skb->data,
673 skb->len);
674 kfree_skb(skb);
675 }
676
677 rfcomm_dlc_unlock(dev->dlc);
678
679 if (inserted > 0)
680 tty_flip_buffer_push(&dev->port);
681}
682
683
684
685
686static void rfcomm_tty_cleanup(struct tty_struct *tty)
687{
688 struct rfcomm_dev *dev = tty->driver_data;
689
690 clear_bit(RFCOMM_TTY_ATTACHED, &dev->flags);
691
692 rfcomm_dlc_lock(dev->dlc);
693 tty->driver_data = NULL;
694 rfcomm_dlc_unlock(dev->dlc);
695
696
697
698
699
700 skb_queue_purge(&dev->dlc->tx_queue);
701
702 tty_port_put(&dev->port);
703}
704
705
706
707
708
709static int rfcomm_tty_install(struct tty_driver *driver, struct tty_struct *tty)
710{
711 struct rfcomm_dev *dev;
712 struct rfcomm_dlc *dlc;
713 int err;
714
715 dev = rfcomm_dev_get(tty->index);
716 if (!dev)
717 return -ENODEV;
718
719 dlc = dev->dlc;
720
721
722 rfcomm_dlc_lock(dlc);
723 tty->driver_data = dev;
724 rfcomm_dlc_unlock(dlc);
725 set_bit(RFCOMM_TTY_ATTACHED, &dev->flags);
726
727
728 err = tty_port_install(&dev->port, driver, tty);
729 if (err) {
730 rfcomm_tty_cleanup(tty);
731 return err;
732 }
733
734
735
736
737
738
739 if (test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags)) {
740 set_bit(RFCOMM_TTY_OWNED, &dev->status);
741 tty_port_put(&dev->port);
742 }
743
744 return 0;
745}
746
747static int rfcomm_tty_open(struct tty_struct *tty, struct file *filp)
748{
749 struct rfcomm_dev *dev = tty->driver_data;
750 int err;
751
752 BT_DBG("tty %p id %d", tty, tty->index);
753
754 BT_DBG("dev %p dst %pMR channel %d opened %d", dev, &dev->dst,
755 dev->channel, dev->port.count);
756
757 err = tty_port_open(&dev->port, tty, filp);
758 if (err)
759 return err;
760
761
762
763
764
765
766 rfcomm_tty_copy_pending(dev);
767
768 rfcomm_dlc_unthrottle(dev->dlc);
769
770 return 0;
771}
772
773static void rfcomm_tty_close(struct tty_struct *tty, struct file *filp)
774{
775 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
776
777 BT_DBG("tty %p dev %p dlc %p opened %d", tty, dev, dev->dlc,
778 dev->port.count);
779
780 tty_port_close(&dev->port, tty, filp);
781}
782
783static int rfcomm_tty_write(struct tty_struct *tty, const unsigned char *buf, int count)
784{
785 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
786 struct rfcomm_dlc *dlc = dev->dlc;
787 struct sk_buff *skb;
788 int sent = 0, size;
789
790 BT_DBG("tty %p count %d", tty, count);
791
792 while (count) {
793 size = min_t(uint, count, dlc->mtu);
794
795 skb = rfcomm_wmalloc(dev, size + RFCOMM_SKB_RESERVE, GFP_ATOMIC);
796 if (!skb)
797 break;
798
799 skb_reserve(skb, RFCOMM_SKB_HEAD_RESERVE);
800
801 skb_put_data(skb, buf + sent, size);
802
803 rfcomm_dlc_send_noerror(dlc, skb);
804
805 sent += size;
806 count -= size;
807 }
808
809 return sent;
810}
811
812static unsigned int rfcomm_tty_write_room(struct tty_struct *tty)
813{
814 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
815 int room = 0;
816
817 if (dev && dev->dlc)
818 room = rfcomm_room(dev);
819
820 BT_DBG("tty %p room %d", tty, room);
821
822 return room;
823}
824
825static int rfcomm_tty_ioctl(struct tty_struct *tty, unsigned int cmd, unsigned long arg)
826{
827 BT_DBG("tty %p cmd 0x%02x", tty, cmd);
828
829 switch (cmd) {
830 case TCGETS:
831 BT_DBG("TCGETS is not supported");
832 return -ENOIOCTLCMD;
833
834 case TCSETS:
835 BT_DBG("TCSETS is not supported");
836 return -ENOIOCTLCMD;
837
838 case TIOCMIWAIT:
839 BT_DBG("TIOCMIWAIT");
840 break;
841
842 case TIOCSERGETLSR:
843 BT_ERR("TIOCSERGETLSR is not supported");
844 return -ENOIOCTLCMD;
845
846 case TIOCSERCONFIG:
847 BT_ERR("TIOCSERCONFIG is not supported");
848 return -ENOIOCTLCMD;
849
850 default:
851 return -ENOIOCTLCMD;
852
853 }
854
855 return -ENOIOCTLCMD;
856}
857
858static void rfcomm_tty_set_termios(struct tty_struct *tty, struct ktermios *old)
859{
860 struct ktermios *new = &tty->termios;
861 int old_baud_rate = tty_termios_baud_rate(old);
862 int new_baud_rate = tty_termios_baud_rate(new);
863
864 u8 baud, data_bits, stop_bits, parity, x_on, x_off;
865 u16 changes = 0;
866
867 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
868
869 BT_DBG("tty %p termios %p", tty, old);
870
871 if (!dev || !dev->dlc || !dev->dlc->session)
872 return;
873
874
875 if ((old->c_cflag & CRTSCTS) && !(new->c_cflag & CRTSCTS))
876 BT_DBG("Turning off CRTSCTS unsupported");
877
878
879 if (((old->c_cflag & PARENB) != (new->c_cflag & PARENB)) ||
880 ((old->c_cflag & PARODD) != (new->c_cflag & PARODD))) {
881 changes |= RFCOMM_RPN_PM_PARITY;
882 BT_DBG("Parity change detected.");
883 }
884
885
886 if (new->c_cflag & PARENB) {
887 if (new->c_cflag & PARODD) {
888 BT_DBG("Parity is ODD");
889 parity = RFCOMM_RPN_PARITY_ODD;
890 } else {
891 BT_DBG("Parity is EVEN");
892 parity = RFCOMM_RPN_PARITY_EVEN;
893 }
894 } else {
895 BT_DBG("Parity is OFF");
896 parity = RFCOMM_RPN_PARITY_NONE;
897 }
898
899
900 if (old->c_cc[VSTOP] != new->c_cc[VSTOP]) {
901 BT_DBG("XOFF custom");
902 x_on = new->c_cc[VSTOP];
903 changes |= RFCOMM_RPN_PM_XON;
904 } else {
905 BT_DBG("XOFF default");
906 x_on = RFCOMM_RPN_XON_CHAR;
907 }
908
909 if (old->c_cc[VSTART] != new->c_cc[VSTART]) {
910 BT_DBG("XON custom");
911 x_off = new->c_cc[VSTART];
912 changes |= RFCOMM_RPN_PM_XOFF;
913 } else {
914 BT_DBG("XON default");
915 x_off = RFCOMM_RPN_XOFF_CHAR;
916 }
917
918
919 if ((old->c_cflag & CSTOPB) != (new->c_cflag & CSTOPB))
920 changes |= RFCOMM_RPN_PM_STOP;
921
922
923
924
925 if (new->c_cflag & CSTOPB)
926 stop_bits = RFCOMM_RPN_STOP_15;
927 else
928 stop_bits = RFCOMM_RPN_STOP_1;
929
930
931 if ((old->c_cflag & CSIZE) != (new->c_cflag & CSIZE))
932 changes |= RFCOMM_RPN_PM_DATA;
933
934 switch (new->c_cflag & CSIZE) {
935 case CS5:
936 data_bits = RFCOMM_RPN_DATA_5;
937 break;
938 case CS6:
939 data_bits = RFCOMM_RPN_DATA_6;
940 break;
941 case CS7:
942 data_bits = RFCOMM_RPN_DATA_7;
943 break;
944 case CS8:
945 data_bits = RFCOMM_RPN_DATA_8;
946 break;
947 default:
948 data_bits = RFCOMM_RPN_DATA_8;
949 break;
950 }
951
952
953 if (old_baud_rate != new_baud_rate)
954 changes |= RFCOMM_RPN_PM_BITRATE;
955
956 switch (new_baud_rate) {
957 case 2400:
958 baud = RFCOMM_RPN_BR_2400;
959 break;
960 case 4800:
961 baud = RFCOMM_RPN_BR_4800;
962 break;
963 case 7200:
964 baud = RFCOMM_RPN_BR_7200;
965 break;
966 case 9600:
967 baud = RFCOMM_RPN_BR_9600;
968 break;
969 case 19200:
970 baud = RFCOMM_RPN_BR_19200;
971 break;
972 case 38400:
973 baud = RFCOMM_RPN_BR_38400;
974 break;
975 case 57600:
976 baud = RFCOMM_RPN_BR_57600;
977 break;
978 case 115200:
979 baud = RFCOMM_RPN_BR_115200;
980 break;
981 case 230400:
982 baud = RFCOMM_RPN_BR_230400;
983 break;
984 default:
985
986 baud = RFCOMM_RPN_BR_9600;
987 break;
988
989 }
990
991 if (changes)
992 rfcomm_send_rpn(dev->dlc->session, 1, dev->dlc->dlci, baud,
993 data_bits, stop_bits, parity,
994 RFCOMM_RPN_FLOW_NONE, x_on, x_off, changes);
995}
996
997static void rfcomm_tty_throttle(struct tty_struct *tty)
998{
999 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1000
1001 BT_DBG("tty %p dev %p", tty, dev);
1002
1003 rfcomm_dlc_throttle(dev->dlc);
1004}
1005
1006static void rfcomm_tty_unthrottle(struct tty_struct *tty)
1007{
1008 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1009
1010 BT_DBG("tty %p dev %p", tty, dev);
1011
1012 rfcomm_dlc_unthrottle(dev->dlc);
1013}
1014
1015static unsigned int rfcomm_tty_chars_in_buffer(struct tty_struct *tty)
1016{
1017 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1018
1019 BT_DBG("tty %p dev %p", tty, dev);
1020
1021 if (!dev || !dev->dlc)
1022 return 0;
1023
1024 if (!skb_queue_empty(&dev->dlc->tx_queue))
1025 return dev->dlc->mtu;
1026
1027 return 0;
1028}
1029
1030static void rfcomm_tty_flush_buffer(struct tty_struct *tty)
1031{
1032 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1033
1034 BT_DBG("tty %p dev %p", tty, dev);
1035
1036 if (!dev || !dev->dlc)
1037 return;
1038
1039 skb_queue_purge(&dev->dlc->tx_queue);
1040 tty_wakeup(tty);
1041}
1042
1043static void rfcomm_tty_send_xchar(struct tty_struct *tty, char ch)
1044{
1045 BT_DBG("tty %p ch %c", tty, ch);
1046}
1047
1048static void rfcomm_tty_wait_until_sent(struct tty_struct *tty, int timeout)
1049{
1050 BT_DBG("tty %p timeout %d", tty, timeout);
1051}
1052
1053static void rfcomm_tty_hangup(struct tty_struct *tty)
1054{
1055 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1056
1057 BT_DBG("tty %p dev %p", tty, dev);
1058
1059 tty_port_hangup(&dev->port);
1060}
1061
1062static int rfcomm_tty_tiocmget(struct tty_struct *tty)
1063{
1064 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1065
1066 BT_DBG("tty %p dev %p", tty, dev);
1067
1068 return dev->modem_status;
1069}
1070
1071static int rfcomm_tty_tiocmset(struct tty_struct *tty, unsigned int set, unsigned int clear)
1072{
1073 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1074 struct rfcomm_dlc *dlc = dev->dlc;
1075 u8 v24_sig;
1076
1077 BT_DBG("tty %p dev %p set 0x%02x clear 0x%02x", tty, dev, set, clear);
1078
1079 rfcomm_dlc_get_modem_status(dlc, &v24_sig);
1080
1081 if (set & TIOCM_DSR || set & TIOCM_DTR)
1082 v24_sig |= RFCOMM_V24_RTC;
1083 if (set & TIOCM_RTS || set & TIOCM_CTS)
1084 v24_sig |= RFCOMM_V24_RTR;
1085 if (set & TIOCM_RI)
1086 v24_sig |= RFCOMM_V24_IC;
1087 if (set & TIOCM_CD)
1088 v24_sig |= RFCOMM_V24_DV;
1089
1090 if (clear & TIOCM_DSR || clear & TIOCM_DTR)
1091 v24_sig &= ~RFCOMM_V24_RTC;
1092 if (clear & TIOCM_RTS || clear & TIOCM_CTS)
1093 v24_sig &= ~RFCOMM_V24_RTR;
1094 if (clear & TIOCM_RI)
1095 v24_sig &= ~RFCOMM_V24_IC;
1096 if (clear & TIOCM_CD)
1097 v24_sig &= ~RFCOMM_V24_DV;
1098
1099 rfcomm_dlc_set_modem_status(dlc, v24_sig);
1100
1101 return 0;
1102}
1103
1104
1105
1106static const struct tty_operations rfcomm_ops = {
1107 .open = rfcomm_tty_open,
1108 .close = rfcomm_tty_close,
1109 .write = rfcomm_tty_write,
1110 .write_room = rfcomm_tty_write_room,
1111 .chars_in_buffer = rfcomm_tty_chars_in_buffer,
1112 .flush_buffer = rfcomm_tty_flush_buffer,
1113 .ioctl = rfcomm_tty_ioctl,
1114 .throttle = rfcomm_tty_throttle,
1115 .unthrottle = rfcomm_tty_unthrottle,
1116 .set_termios = rfcomm_tty_set_termios,
1117 .send_xchar = rfcomm_tty_send_xchar,
1118 .hangup = rfcomm_tty_hangup,
1119 .wait_until_sent = rfcomm_tty_wait_until_sent,
1120 .tiocmget = rfcomm_tty_tiocmget,
1121 .tiocmset = rfcomm_tty_tiocmset,
1122 .install = rfcomm_tty_install,
1123 .cleanup = rfcomm_tty_cleanup,
1124};
1125
1126int __init rfcomm_init_ttys(void)
1127{
1128 int error;
1129
1130 rfcomm_tty_driver = tty_alloc_driver(RFCOMM_TTY_PORTS,
1131 TTY_DRIVER_REAL_RAW | TTY_DRIVER_DYNAMIC_DEV);
1132 if (IS_ERR(rfcomm_tty_driver))
1133 return PTR_ERR(rfcomm_tty_driver);
1134
1135 rfcomm_tty_driver->driver_name = "rfcomm";
1136 rfcomm_tty_driver->name = "rfcomm";
1137 rfcomm_tty_driver->major = RFCOMM_TTY_MAJOR;
1138 rfcomm_tty_driver->minor_start = RFCOMM_TTY_MINOR;
1139 rfcomm_tty_driver->type = TTY_DRIVER_TYPE_SERIAL;
1140 rfcomm_tty_driver->subtype = SERIAL_TYPE_NORMAL;
1141 rfcomm_tty_driver->init_termios = tty_std_termios;
1142 rfcomm_tty_driver->init_termios.c_cflag = B9600 | CS8 | CREAD | HUPCL;
1143 rfcomm_tty_driver->init_termios.c_lflag &= ~ICANON;
1144 tty_set_operations(rfcomm_tty_driver, &rfcomm_ops);
1145
1146 error = tty_register_driver(rfcomm_tty_driver);
1147 if (error) {
1148 BT_ERR("Can't register RFCOMM TTY driver");
1149 tty_driver_kref_put(rfcomm_tty_driver);
1150 return error;
1151 }
1152
1153 BT_INFO("RFCOMM TTY layer initialized");
1154
1155 return 0;
1156}
1157
1158void rfcomm_cleanup_ttys(void)
1159{
1160 tty_unregister_driver(rfcomm_tty_driver);
1161 tty_driver_kref_put(rfcomm_tty_driver);
1162}
1163
