1 /*
2 RFCOMM implementation for Linux Bluetooth stack (BlueZ).
3 Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com>
4 Copyright (C) 2002 Marcel Holtmann <marcel@holtmann.org>
5
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License version 2 as
8 published by the Free Software Foundation;
9
10 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
11 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
12 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
13 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
14 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
15 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
17 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18
19 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
20 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
21 SOFTWARE IS DISCLAIMED.
22 */
23
24 /*
25 * RFCOMM TTY.
26 *
27 * $Id: tty.c,v 1.26 2002/10/18 20:12:12 maxk Exp $
28 */
29
30 #include <linux/config.h>
31 #include <linux/module.h>
32
33 #include <linux/tty.h>
34 #include <linux/tty_driver.h>
35 #include <linux/tty_flip.h>
36
37 #include <linux/slab.h>
38 #include <linux/skbuff.h>
39
40 #include <net/bluetooth/bluetooth.h>
41 #include <net/bluetooth/rfcomm.h>
42
43 #ifndef CONFIG_BLUEZ_RFCOMM_DEBUG
44 #undef BT_DBG
45 #define BT_DBG(D...)
46 #endif
47
48 #define RFCOMM_TTY_MAGIC 0x6d02 /* magic number for rfcomm struct */
49 #define RFCOMM_TTY_PORTS RFCOMM_MAX_DEV /* whole lotta rfcomm devices */
50 #define RFCOMM_TTY_MAJOR 216 /* device node major id of the usb/bluetooth.c driver */
51 #define RFCOMM_TTY_MINOR 0
52
53 struct rfcomm_dev {
54 struct list_head list;
55 atomic_t refcnt;
56
57 char name[12];
58 int id;
59 unsigned long flags;
60 int opened;
61 int err;
62
63 bdaddr_t src;
64 bdaddr_t dst;
65 u8 channel;
66
67 uint modem_status;
68
69 struct rfcomm_dlc *dlc;
70 struct tty_struct *tty;
71 wait_queue_head_t wait;
72 struct tasklet_struct wakeup_task;
73
74 atomic_t wmem_alloc;
75 };
76
77 static LIST_HEAD(rfcomm_dev_list);
78 static rwlock_t rfcomm_dev_lock = RW_LOCK_UNLOCKED;
79
80 static void rfcomm_dev_data_ready(struct rfcomm_dlc *dlc, struct sk_buff *skb);
81 static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err);
82 static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig);
83
84 static void rfcomm_tty_wakeup(unsigned long arg);
85
86 /* ---- Device functions ---- */
rfcomm_dev_destruct(struct rfcomm_dev * dev)87 static void rfcomm_dev_destruct(struct rfcomm_dev *dev)
88 {
89 struct rfcomm_dlc *dlc = dev->dlc;
90
91 BT_DBG("dev %p dlc %p", dev, dlc);
92
93 rfcomm_dlc_lock(dlc);
94 /* Detach DLC if it's owned by this dev */
95 if (dlc->owner == dev)
96 dlc->owner = NULL;
97 rfcomm_dlc_unlock(dlc);
98
99 rfcomm_dlc_put(dlc);
100 kfree(dev);
101
102 MOD_DEC_USE_COUNT;
103 }
104
rfcomm_dev_hold(struct rfcomm_dev * dev)105 static inline void rfcomm_dev_hold(struct rfcomm_dev *dev)
106 {
107 atomic_inc(&dev->refcnt);
108 }
109
rfcomm_dev_put(struct rfcomm_dev * dev)110 static inline void rfcomm_dev_put(struct rfcomm_dev *dev)
111 {
112 /* The reason this isn't actually a race, as you no
113 doubt have a little voice screaming at you in your
114 head, is that the refcount should never actually
115 reach zero unless the device has already been taken
116 off the list, in rfcomm_dev_del(). And if that's not
117 true, we'll hit the BUG() in rfcomm_dev_destruct()
118 anyway. */
119 if (atomic_dec_and_test(&dev->refcnt))
120 rfcomm_dev_destruct(dev);
121 }
122
__rfcomm_dev_get(int id)123 static struct rfcomm_dev *__rfcomm_dev_get(int id)
124 {
125 struct rfcomm_dev *dev;
126 struct list_head *p;
127
128 list_for_each(p, &rfcomm_dev_list) {
129 dev = list_entry(p, struct rfcomm_dev, list);
130 if (dev->id == id)
131 return dev;
132 }
133
134 return NULL;
135 }
136
rfcomm_dev_get(int id)137 static inline struct rfcomm_dev *rfcomm_dev_get(int id)
138 {
139 struct rfcomm_dev *dev;
140
141 read_lock(&rfcomm_dev_lock);
142
143 dev = __rfcomm_dev_get(id);
144 if (dev)
145 rfcomm_dev_hold(dev);
146
147 read_unlock(&rfcomm_dev_lock);
148
149 return dev;
150 }
151
rfcomm_dev_add(struct rfcomm_dev_req * req,struct rfcomm_dlc * dlc)152 static int rfcomm_dev_add(struct rfcomm_dev_req *req, struct rfcomm_dlc *dlc)
153 {
154 struct rfcomm_dev *dev;
155 struct list_head *head = &rfcomm_dev_list, *p;
156 int err = 0;
157
158 BT_DBG("id %d channel %d", req->dev_id, req->channel);
159
160 dev = kmalloc(sizeof(struct rfcomm_dev), GFP_KERNEL);
161 if (!dev)
162 return -ENOMEM;
163 memset(dev, 0, sizeof(struct rfcomm_dev));
164
165 write_lock_bh(&rfcomm_dev_lock);
166
167 if (req->dev_id < 0) {
168 dev->id = 0;
169
170 list_for_each(p, &rfcomm_dev_list) {
171 if (list_entry(p, struct rfcomm_dev, list)->id != dev->id)
172 break;
173
174 dev->id++;
175 head = p;
176 }
177 } else {
178 dev->id = req->dev_id;
179
180 list_for_each(p, &rfcomm_dev_list) {
181 struct rfcomm_dev *entry = list_entry(p, struct rfcomm_dev, list);
182
183 if (entry->id == dev->id) {
184 err = -EADDRINUSE;
185 goto out;
186 }
187
188 if (entry->id > dev->id - 1)
189 break;
190
191 head = p;
192 }
193 }
194
195 if ((dev->id < 0) || (dev->id > RFCOMM_MAX_DEV - 1)) {
196 err = -ENFILE;
197 goto out;
198 }
199
200 sprintf(dev->name, "rfcomm%d", dev->id);
201
202 list_add(&dev->list, head);
203 atomic_set(&dev->refcnt, 1);
204
205 bacpy(&dev->src, &req->src);
206 bacpy(&dev->dst, &req->dst);
207 dev->channel = req->channel;
208
209 dev->flags = req->flags &
210 ((1 << RFCOMM_RELEASE_ONHUP) | (1 << RFCOMM_REUSE_DLC));
211
212 init_waitqueue_head(&dev->wait);
213 tasklet_init(&dev->wakeup_task, rfcomm_tty_wakeup, (unsigned long) dev);
214
215 rfcomm_dlc_lock(dlc);
216 dlc->data_ready = rfcomm_dev_data_ready;
217 dlc->state_change = rfcomm_dev_state_change;
218 dlc->modem_status = rfcomm_dev_modem_status;
219
220 dlc->owner = dev;
221 dev->dlc = dlc;
222 rfcomm_dlc_unlock(dlc);
223
224 MOD_INC_USE_COUNT;
225
226 out:
227 write_unlock_bh(&rfcomm_dev_lock);
228
229 if (err) {
230 kfree(dev);
231 return err;
232 } else
233 return dev->id;
234 }
235
rfcomm_dev_del(struct rfcomm_dev * dev)236 static void rfcomm_dev_del(struct rfcomm_dev *dev)
237 {
238 BT_DBG("dev %p", dev);
239
240 write_lock_bh(&rfcomm_dev_lock);
241 list_del_init(&dev->list);
242 write_unlock_bh(&rfcomm_dev_lock);
243
244 rfcomm_dev_put(dev);
245 }
246
247 /* ---- Send buffer ---- */
248
rfcomm_room(struct rfcomm_dlc * dlc)249 static inline unsigned int rfcomm_room(struct rfcomm_dlc *dlc)
250 {
251 /* We can't let it be zero, because we don't get a callback
252 when tx_credits becomes nonzero, hence we'd never wake up */
253 return dlc->mtu * (dlc->tx_credits?:1);
254 }
255
rfcomm_wfree(struct sk_buff * skb)256 static void rfcomm_wfree(struct sk_buff *skb)
257 {
258 struct rfcomm_dev *dev = (void *) skb->sk;
259 atomic_sub(skb->truesize, &dev->wmem_alloc);
260 if (test_bit(RFCOMM_TTY_ATTACHED, &dev->flags))
261 tasklet_schedule(&dev->wakeup_task);
262 rfcomm_dev_put(dev);
263 }
264
rfcomm_set_owner_w(struct sk_buff * skb,struct rfcomm_dev * dev)265 static inline void rfcomm_set_owner_w(struct sk_buff *skb, struct rfcomm_dev *dev)
266 {
267 rfcomm_dev_hold(dev);
268 atomic_add(skb->truesize, &dev->wmem_alloc);
269 skb->sk = (void *) dev;
270 skb->destructor = rfcomm_wfree;
271 }
272
rfcomm_wmalloc(struct rfcomm_dev * dev,unsigned long size,int force,int priority)273 static struct sk_buff *rfcomm_wmalloc(struct rfcomm_dev *dev, unsigned long size, int force, int priority)
274 {
275 if (force || atomic_read(&dev->wmem_alloc) < rfcomm_room(dev->dlc)) {
276 struct sk_buff *skb = alloc_skb(size, priority);
277 if (skb) {
278 rfcomm_set_owner_w(skb, dev);
279 return skb;
280 }
281 }
282 return NULL;
283 }
284
285 /* ---- Device IOCTLs ---- */
286
287 #define NOCAP_FLAGS ((1 << RFCOMM_REUSE_DLC) | (1 << RFCOMM_RELEASE_ONHUP))
288
rfcomm_create_dev(struct sock * sk,unsigned long arg)289 static int rfcomm_create_dev(struct sock *sk, unsigned long arg)
290 {
291 struct rfcomm_dev_req req;
292 struct rfcomm_dlc *dlc;
293 int id;
294
295 if (copy_from_user(&req, (void *) arg, sizeof(req)))
296 return -EFAULT;
297
298 BT_DBG("sk %p dev_id %id flags 0x%x", sk, req.dev_id, req.flags);
299
300 if (req.flags != NOCAP_FLAGS && !capable(CAP_NET_ADMIN))
301 return -EPERM;
302
303 if (req.flags & (1 << RFCOMM_REUSE_DLC)) {
304 /* Socket must be connected */
305 if (sk->state != BT_CONNECTED)
306 return -EBADFD;
307
308 dlc = rfcomm_pi(sk)->dlc;
309 rfcomm_dlc_hold(dlc);
310 } else {
311 dlc = rfcomm_dlc_alloc(GFP_KERNEL);
312 if (!dlc)
313 return -ENOMEM;
314 }
315
316 id = rfcomm_dev_add(&req, dlc);
317 if (id < 0) {
318 rfcomm_dlc_put(dlc);
319 return id;
320 }
321
322 if (req.flags & (1 << RFCOMM_REUSE_DLC)) {
323 /* DLC is now used by device.
324 * Socket must be disconnected */
325 sk->state = BT_CLOSED;
326 }
327
328 return id;
329 }
330
rfcomm_release_dev(unsigned long arg)331 static int rfcomm_release_dev(unsigned long arg)
332 {
333 struct rfcomm_dev_req req;
334 struct rfcomm_dev *dev;
335
336 if (copy_from_user(&req, (void *) arg, sizeof(req)))
337 return -EFAULT;
338
339 BT_DBG("dev_id %id flags 0x%x", req.dev_id, req.flags);
340
341 if (!(dev = rfcomm_dev_get(req.dev_id)))
342 return -ENODEV;
343
344 if (dev->flags != NOCAP_FLAGS && !capable(CAP_NET_ADMIN)) {
345 rfcomm_dev_put(dev);
346 return -EPERM;
347 }
348
349 if (req.flags & (1 << RFCOMM_HANGUP_NOW))
350 rfcomm_dlc_close(dev->dlc, 0);
351
352 rfcomm_dev_del(dev);
353 rfcomm_dev_put(dev);
354 return 0;
355 }
356
rfcomm_get_dev_list(unsigned long arg)357 static int rfcomm_get_dev_list(unsigned long arg)
358 {
359 struct rfcomm_dev_list_req *dl;
360 struct rfcomm_dev_info *di;
361 struct list_head *p;
362 int n = 0, size, err;
363 u16 dev_num;
364
365 BT_DBG("");
366
367 if (get_user(dev_num, (u16 *) arg))
368 return -EFAULT;
369
370 if (!dev_num || dev_num > (PAGE_SIZE * 4) / sizeof(*di))
371 return -EINVAL;
372
373 size = sizeof(*dl) + dev_num * sizeof(*di);
374
375 if (!(dl = kmalloc(size, GFP_KERNEL)))
376 return -ENOMEM;
377
378 di = dl->dev_info;
379
380 read_lock_bh(&rfcomm_dev_lock);
381
382 list_for_each(p, &rfcomm_dev_list) {
383 struct rfcomm_dev *dev = list_entry(p, struct rfcomm_dev, list);
384 (di + n)->id = dev->id;
385 (di + n)->flags = dev->flags;
386 (di + n)->state = dev->dlc->state;
387 (di + n)->channel = dev->channel;
388 bacpy(&(di + n)->src, &dev->src);
389 bacpy(&(di + n)->dst, &dev->dst);
390 if (++n >= dev_num)
391 break;
392 }
393
394 read_unlock_bh(&rfcomm_dev_lock);
395
396 dl->dev_num = n;
397 size = sizeof(*dl) + n * sizeof(*di);
398
399 err = copy_to_user((void *) arg, dl, size);
400 kfree(dl);
401
402 return err ? -EFAULT : 0;
403 }
404
rfcomm_get_dev_info(unsigned long arg)405 static int rfcomm_get_dev_info(unsigned long arg)
406 {
407 struct rfcomm_dev *dev;
408 struct rfcomm_dev_info di;
409 int err = 0;
410
411 BT_DBG("");
412
413 if (copy_from_user(&di, (void *)arg, sizeof(di)))
414 return -EFAULT;
415
416 if (!(dev = rfcomm_dev_get(di.id)))
417 return -ENODEV;
418
419 di.flags = dev->flags;
420 di.channel = dev->channel;
421 di.state = dev->dlc->state;
422 bacpy(&di.src, &dev->src);
423 bacpy(&di.dst, &dev->dst);
424
425 if (copy_to_user((void *)arg, &di, sizeof(di)))
426 err = -EFAULT;
427
428 rfcomm_dev_put(dev);
429 return err;
430 }
431
rfcomm_dev_ioctl(struct sock * sk,unsigned int cmd,unsigned long arg)432 int rfcomm_dev_ioctl(struct sock *sk, unsigned int cmd, unsigned long arg)
433 {
434 BT_DBG("cmd %d arg %ld", cmd, arg);
435
436 switch (cmd) {
437 case RFCOMMCREATEDEV:
438 return rfcomm_create_dev(sk, arg);
439
440 case RFCOMMRELEASEDEV:
441 return rfcomm_release_dev(arg);
442
443 case RFCOMMGETDEVLIST:
444 return rfcomm_get_dev_list(arg);
445
446 case RFCOMMGETDEVINFO:
447 return rfcomm_get_dev_info(arg);
448 }
449
450 return -EINVAL;
451 }
452
453 /* ---- DLC callbacks ---- */
rfcomm_dev_data_ready(struct rfcomm_dlc * dlc,struct sk_buff * skb)454 static void rfcomm_dev_data_ready(struct rfcomm_dlc *dlc, struct sk_buff *skb)
455 {
456 struct rfcomm_dev *dev = dlc->owner;
457 struct tty_struct *tty;
458
459 if (!dev || !(tty = dev->tty)) {
460 kfree_skb(skb);
461 return;
462 }
463
464 BT_DBG("dlc %p tty %p len %d", dlc, tty, skb->len);
465
466 if (test_bit(TTY_DONT_FLIP, &tty->flags)) {
467 register int i;
468 for (i = 0; i < skb->len; i++) {
469 if (tty->flip.count >= TTY_FLIPBUF_SIZE)
470 tty_flip_buffer_push(tty);
471
472 tty_insert_flip_char(tty, skb->data[i], 0);
473 }
474 tty_flip_buffer_push(tty);
475 } else
476 tty->ldisc.receive_buf(tty, skb->data, NULL, skb->len);
477
478 kfree_skb(skb);
479 }
480
rfcomm_dev_state_change(struct rfcomm_dlc * dlc,int err)481 static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err)
482 {
483 struct rfcomm_dev *dev = dlc->owner;
484 if (!dev)
485 return;
486
487 BT_DBG("dlc %p dev %p err %d", dlc, dev, err);
488
489 dev->err = err;
490 wake_up_interruptible(&dev->wait);
491
492 if (dlc->state == BT_CLOSED) {
493 if (!dev->tty) {
494 if (test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags)) {
495 rfcomm_dev_hold(dev);
496 rfcomm_dev_del(dev);
497
498 /* We have to drop DLC lock here, otherwise
499 rfcomm_dev_put() will dead lock if it's
500 the last reference. */
501 rfcomm_dlc_unlock(dlc);
502 rfcomm_dev_put(dev);
503 rfcomm_dlc_lock(dlc);
504 }
505 } else
506 tty_hangup(dev->tty);
507 }
508 }
509
rfcomm_dev_modem_status(struct rfcomm_dlc * dlc,u8 v24_sig)510 static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig)
511 {
512 struct rfcomm_dev *dev = dlc->owner;
513 if (!dev)
514 return;
515
516 BT_DBG("dlc %p dev %p v24_sig 0x%02x", dlc, dev, v24_sig);
517
518 dev->modem_status =
519 ((v24_sig & RFCOMM_V24_RTC) ? (TIOCM_DSR | TIOCM_DTR) : 0) |
520 ((v24_sig & RFCOMM_V24_RTR) ? (TIOCM_RTS | TIOCM_CTS) : 0) |
521 ((v24_sig & RFCOMM_V24_IC) ? TIOCM_RI : 0) |
522 ((v24_sig & RFCOMM_V24_DV) ? TIOCM_CD : 0);
523 }
524
525 /* ---- TTY functions ---- */
rfcomm_tty_wakeup(unsigned long arg)526 static void rfcomm_tty_wakeup(unsigned long arg)
527 {
528 struct rfcomm_dev *dev = (void *) arg;
529 struct tty_struct *tty = dev->tty;
530 if (!tty)
531 return;
532
533 BT_DBG("dev %p tty %p", dev, tty);
534
535 tty_wakeup(tty);
536
537 #ifdef SERIAL_HAVE_POLL_WAIT
538 wake_up_interruptible(&tty->poll_wait);
539 #endif
540 }
541
rfcomm_tty_open(struct tty_struct * tty,struct file * filp)542 static int rfcomm_tty_open(struct tty_struct *tty, struct file *filp)
543 {
544 DECLARE_WAITQUEUE(wait, current);
545 struct rfcomm_dev *dev;
546 struct rfcomm_dlc *dlc;
547 int err, id;
548
549 id = MINOR(tty->device) - tty->driver.minor_start;
550
551 BT_DBG("tty %p id %d", tty, id);
552
553 /* We don't leak this refcount. For reasons which are not entirely
554 clear, the TTY layer will call our ->close() method even if the
555 open fails. We decrease the refcount there, and decreasing it
556 here too would cause breakage. */
557 dev = rfcomm_dev_get(id);
558 if (!dev)
559 return -ENODEV;
560
561 BT_DBG("dev %p dst %s channel %d opened %d", dev, batostr(&dev->dst), dev->channel, dev->opened);
562
563 if (dev->opened++ != 0)
564 return 0;
565
566 dlc = dev->dlc;
567
568 /* Attach TTY and open DLC */
569
570 rfcomm_dlc_lock(dlc);
571 tty->driver_data = dev;
572 dev->tty = tty;
573 rfcomm_dlc_unlock(dlc);
574 set_bit(RFCOMM_TTY_ATTACHED, &dev->flags);
575
576 err = rfcomm_dlc_open(dlc, &dev->src, &dev->dst, dev->channel);
577 if (err < 0)
578 return err;
579
580 /* Wait for DLC to connect */
581 add_wait_queue(&dev->wait, &wait);
582 while (1) {
583 set_current_state(TASK_INTERRUPTIBLE);
584
585 if (dlc->state == BT_CLOSED) {
586 err = -dev->err;
587 break;
588 }
589
590 if (dlc->state == BT_CONNECTED)
591 break;
592
593 if (signal_pending(current)) {
594 err = -EINTR;
595 break;
596 }
597
598 schedule();
599 }
600 set_current_state(TASK_RUNNING);
601 remove_wait_queue(&dev->wait, &wait);
602
603 return err;
604 }
605
rfcomm_tty_close(struct tty_struct * tty,struct file * filp)606 static void rfcomm_tty_close(struct tty_struct *tty, struct file *filp)
607 {
608 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
609 if (!dev)
610 return;
611
612 BT_DBG("tty %p dev %p dlc %p opened %d", tty, dev, dev->dlc, dev->opened);
613
614 if (--dev->opened == 0) {
615 /* Close DLC and dettach TTY */
616 rfcomm_dlc_close(dev->dlc, 0);
617
618 clear_bit(RFCOMM_TTY_ATTACHED, &dev->flags);
619 tasklet_kill(&dev->wakeup_task);
620
621 rfcomm_dlc_lock(dev->dlc);
622 tty->driver_data = NULL;
623 dev->tty = NULL;
624 rfcomm_dlc_unlock(dev->dlc);
625 }
626
627 rfcomm_dev_put(dev);
628 }
629
rfcomm_tty_write(struct tty_struct * tty,int from_user,const unsigned char * buf,int count)630 static int rfcomm_tty_write(struct tty_struct *tty, int from_user, const unsigned char *buf, int count)
631 {
632 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
633 struct rfcomm_dlc *dlc = dev->dlc;
634 struct sk_buff *skb;
635 int err = 0, sent = 0, size;
636
637 BT_DBG("tty %p from_user %d count %d", tty, from_user, count);
638
639 while (count) {
640 size = min_t(uint, count, dlc->mtu);
641
642 if (from_user)
643 skb = rfcomm_wmalloc(dev, size + RFCOMM_SKB_RESERVE, 0, GFP_KERNEL);
644 else
645 skb = rfcomm_wmalloc(dev, size + RFCOMM_SKB_RESERVE, 0, GFP_ATOMIC);
646
647 if (!skb)
648 break;
649
650 skb_reserve(skb, RFCOMM_SKB_HEAD_RESERVE);
651
652 if (from_user)
653 copy_from_user(skb_put(skb, size), buf + sent, size);
654 else
655 memcpy(skb_put(skb, size), buf + sent, size);
656
657 if ((err = rfcomm_dlc_send(dlc, skb)) < 0) {
658 kfree_skb(skb);
659 break;
660 }
661
662 sent += size;
663 count -= size;
664 }
665
666 return sent ? sent : err;
667 }
668
rfcomm_tty_put_char(struct tty_struct * tty,unsigned char ch)669 static void rfcomm_tty_put_char(struct tty_struct *tty, unsigned char ch)
670 {
671 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
672 struct rfcomm_dlc *dlc = dev->dlc;
673 struct sk_buff *skb;
674
675 BT_DBG("tty %p char %x", tty, ch);
676
677 skb = rfcomm_wmalloc(dev, 1 + RFCOMM_SKB_RESERVE, 1, GFP_ATOMIC);
678
679 if (!skb)
680 return;
681
682 skb_reserve(skb, RFCOMM_SKB_HEAD_RESERVE);
683
684 *(char *)skb_put(skb, 1) = ch;
685
686 if ((rfcomm_dlc_send(dlc, skb)) < 0)
687 kfree_skb(skb);
688 }
689
rfcomm_tty_write_room(struct tty_struct * tty)690 static int rfcomm_tty_write_room(struct tty_struct *tty)
691 {
692 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
693 int room;
694
695 BT_DBG("tty %p", tty);
696
697 room = rfcomm_room(dev->dlc) - atomic_read(&dev->wmem_alloc);
698 if (room < 0)
699 room = 0;
700
701 return room;
702 }
703
rfcomm_tty_set_modem_status(uint cmd,struct rfcomm_dlc * dlc,uint status)704 static int rfcomm_tty_set_modem_status(uint cmd, struct rfcomm_dlc *dlc, uint status)
705 {
706 u8 v24_sig, mask;
707
708 BT_DBG("dlc %p cmd 0x%02x", dlc, cmd);
709
710 if (cmd == TIOCMSET)
711 v24_sig = 0;
712 else
713 rfcomm_dlc_get_modem_status(dlc, &v24_sig);
714
715 mask = ((status & TIOCM_DSR) ? RFCOMM_V24_RTC : 0) |
716 ((status & TIOCM_DTR) ? RFCOMM_V24_RTC : 0) |
717 ((status & TIOCM_RTS) ? RFCOMM_V24_RTR : 0) |
718 ((status & TIOCM_CTS) ? RFCOMM_V24_RTR : 0) |
719 ((status & TIOCM_RI) ? RFCOMM_V24_IC : 0) |
720 ((status & TIOCM_CD) ? RFCOMM_V24_DV : 0);
721
722 if (cmd == TIOCMBIC)
723 v24_sig &= ~mask;
724 else
725 v24_sig |= mask;
726
727 rfcomm_dlc_set_modem_status(dlc, v24_sig);
728 return 0;
729 }
730
rfcomm_tty_ioctl(struct tty_struct * tty,struct file * filp,unsigned int cmd,unsigned long arg)731 static int rfcomm_tty_ioctl(struct tty_struct *tty, struct file *filp, unsigned int cmd, unsigned long arg)
732 {
733 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
734 struct rfcomm_dlc *dlc = dev->dlc;
735 uint status;
736 int err;
737
738 BT_DBG("tty %p cmd 0x%02x", tty, cmd);
739
740 switch (cmd) {
741 case TCGETS:
742 BT_DBG("TCGETS is not supported");
743 return -ENOIOCTLCMD;
744
745 case TCSETS:
746 BT_DBG("TCSETS is not supported");
747 return -ENOIOCTLCMD;
748
749 case TIOCMGET:
750 BT_DBG("TIOCMGET");
751
752 return put_user(dev->modem_status, (unsigned int *)arg);
753
754 case TIOCMSET: /* Turns on and off the lines as specified by the mask */
755 case TIOCMBIS: /* Turns on the lines as specified by the mask */
756 case TIOCMBIC: /* Turns off the lines as specified by the mask */
757 if ((err = get_user(status, (unsigned int *)arg)))
758 return err;
759 return rfcomm_tty_set_modem_status(cmd, dlc, status);
760
761 case TIOCMIWAIT:
762 BT_DBG("TIOCMIWAIT");
763 break;
764
765 case TIOCGICOUNT:
766 BT_DBG("TIOCGICOUNT");
767 break;
768
769 case TIOCGSERIAL:
770 BT_ERR("TIOCGSERIAL is not supported");
771 return -ENOIOCTLCMD;
772
773 case TIOCSSERIAL:
774 BT_ERR("TIOCSSERIAL is not supported");
775 return -ENOIOCTLCMD;
776
777 case TIOCSERGSTRUCT:
778 BT_ERR("TIOCSERGSTRUCT is not supported");
779 return -ENOIOCTLCMD;
780
781 case TIOCSERGETLSR:
782 BT_ERR("TIOCSERGETLSR is not supported");
783 return -ENOIOCTLCMD;
784
785 case TIOCSERCONFIG:
786 BT_ERR("TIOCSERCONFIG is not supported");
787 return -ENOIOCTLCMD;
788
789 default:
790 return -ENOIOCTLCMD; /* ioctls which we must ignore */
791
792 }
793
794 return -ENOIOCTLCMD;
795 }
796
797 #define RELEVANT_IFLAG(iflag) (iflag & (IGNBRK|BRKINT|IGNPAR|PARMRK|INPCK))
798
rfcomm_tty_set_termios(struct tty_struct * tty,struct termios * old)799 static void rfcomm_tty_set_termios(struct tty_struct *tty, struct termios *old)
800 {
801 BT_DBG("tty %p", tty);
802
803 if ((tty->termios->c_cflag == old->c_cflag) &&
804 (RELEVANT_IFLAG(tty->termios->c_iflag) == RELEVANT_IFLAG(old->c_iflag)))
805 return;
806
807 /* handle turning off CRTSCTS */
808 if ((old->c_cflag & CRTSCTS) && !(tty->termios->c_cflag & CRTSCTS)) {
809 BT_DBG("turning off CRTSCTS");
810 }
811 }
812
rfcomm_tty_throttle(struct tty_struct * tty)813 static void rfcomm_tty_throttle(struct tty_struct *tty)
814 {
815 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
816
817 BT_DBG("tty %p dev %p", tty, dev);
818
819 rfcomm_dlc_throttle(dev->dlc);
820 }
821
rfcomm_tty_unthrottle(struct tty_struct * tty)822 static void rfcomm_tty_unthrottle(struct tty_struct *tty)
823 {
824 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
825
826 BT_DBG("tty %p dev %p", tty, dev);
827
828 rfcomm_dlc_unthrottle(dev->dlc);
829 }
830
rfcomm_tty_chars_in_buffer(struct tty_struct * tty)831 static int rfcomm_tty_chars_in_buffer(struct tty_struct *tty)
832 {
833 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
834 struct rfcomm_dlc *dlc = dev->dlc;
835
836 BT_DBG("tty %p dev %p", tty, dev);
837
838 if (skb_queue_len(&dlc->tx_queue))
839 return dlc->mtu;
840
841 return 0;
842 }
843
rfcomm_tty_flush_buffer(struct tty_struct * tty)844 static void rfcomm_tty_flush_buffer(struct tty_struct *tty)
845 {
846 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
847 if (!dev)
848 return;
849
850 BT_DBG("tty %p dev %p", tty, dev);
851
852 skb_queue_purge(&dev->dlc->tx_queue);
853
854 tty_wakeup(tty);
855 }
856
rfcomm_tty_send_xchar(struct tty_struct * tty,char ch)857 static void rfcomm_tty_send_xchar(struct tty_struct *tty, char ch)
858 {
859 BT_DBG("tty %p ch %c", tty, ch);
860 }
861
rfcomm_tty_wait_until_sent(struct tty_struct * tty,int timeout)862 static void rfcomm_tty_wait_until_sent(struct tty_struct *tty, int timeout)
863 {
864 BT_DBG("tty %p timeout %d", tty, timeout);
865 }
866
rfcomm_tty_hangup(struct tty_struct * tty)867 static void rfcomm_tty_hangup(struct tty_struct *tty)
868 {
869 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
870 if (!dev)
871 return;
872
873 BT_DBG("tty %p dev %p", tty, dev);
874
875 rfcomm_tty_flush_buffer(tty);
876
877 if (test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags))
878 rfcomm_dev_del(dev);
879 }
880
rfcomm_tty_read_proc(char * buf,char ** start,off_t offset,int len,int * eof,void * unused)881 static int rfcomm_tty_read_proc(char *buf, char **start, off_t offset, int len, int *eof, void *unused)
882 {
883 return 0;
884 }
885
886 /* ---- TTY structure ---- */
887 static int rfcomm_tty_refcount; /* If we manage several devices */
888
889 static struct tty_struct *rfcomm_tty_table[RFCOMM_TTY_PORTS];
890 static struct termios *rfcomm_tty_termios[RFCOMM_TTY_PORTS];
891 static struct termios *rfcomm_tty_termios_locked[RFCOMM_TTY_PORTS];
892
893 static struct tty_driver rfcomm_tty_driver = {
894 magic: TTY_DRIVER_MAGIC,
895 driver_name: "rfcomm",
896 #ifdef CONFIG_DEVFS_FS
897 name: "bluetooth/rfcomm/%d",
898 #else
899 name: "rfcomm",
900 #endif
901 major: RFCOMM_TTY_MAJOR,
902 minor_start: RFCOMM_TTY_MINOR,
903 num: RFCOMM_TTY_PORTS,
904 type: TTY_DRIVER_TYPE_SERIAL,
905 subtype: SERIAL_TYPE_NORMAL,
906 flags: TTY_DRIVER_REAL_RAW,
907
908 refcount: &rfcomm_tty_refcount,
909 table: rfcomm_tty_table,
910 termios: rfcomm_tty_termios,
911 termios_locked: rfcomm_tty_termios_locked,
912
913 open: rfcomm_tty_open,
914 close: rfcomm_tty_close,
915 put_char: rfcomm_tty_put_char,
916 write: rfcomm_tty_write,
917 write_room: rfcomm_tty_write_room,
918 chars_in_buffer: rfcomm_tty_chars_in_buffer,
919 flush_buffer: rfcomm_tty_flush_buffer,
920 ioctl: rfcomm_tty_ioctl,
921 throttle: rfcomm_tty_throttle,
922 unthrottle: rfcomm_tty_unthrottle,
923 set_termios: rfcomm_tty_set_termios,
924 send_xchar: rfcomm_tty_send_xchar,
925 stop: NULL,
926 start: NULL,
927 hangup: rfcomm_tty_hangup,
928 wait_until_sent: rfcomm_tty_wait_until_sent,
929 read_proc: rfcomm_tty_read_proc,
930 };
931
rfcomm_init_ttys(void)932 int rfcomm_init_ttys(void)
933 {
934 int i;
935
936 /* Initalize our global data */
937 for (i = 0; i < RFCOMM_TTY_PORTS; i++)
938 rfcomm_tty_table[i] = NULL;
939
940 /* Register the TTY driver */
941 rfcomm_tty_driver.init_termios = tty_std_termios;
942 rfcomm_tty_driver.init_termios.c_cflag = B9600 | CS8 | CREAD | HUPCL | CLOCAL;
943 rfcomm_tty_driver.flags = TTY_DRIVER_REAL_RAW;
944
945 if (tty_register_driver(&rfcomm_tty_driver)) {
946 BT_ERR("Can't register RFCOMM TTY driver");
947 return -1;
948 }
949
950 return 0;
951 }
952
rfcomm_cleanup_ttys(void)953 void rfcomm_cleanup_ttys(void)
954 {
955 tty_unregister_driver(&rfcomm_tty_driver);
956 return;
957 }
958