1 /*
2 RFCOMM implementation for Linux Bluetooth stack (BlueZ).
3 Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com>
4 Copyright (C) 2002 Marcel Holtmann <marcel@holtmann.org>
5
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License version 2 as
8 published by the Free Software Foundation;
9
10 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
11 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
12 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
13 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
14 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
15 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
17 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18
19 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
20 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
21 SOFTWARE IS DISCLAIMED.
22 */
23
24 /*
25 RPN support - Dirk Husemann <hud@zurich.ibm.com>
26 */
27
28 /*
29 * RFCOMM core.
30 *
31 * $Id: core.c,v 1.46 2002/10/18 20:12:12 maxk Exp $
32 */
33
34 #define __KERNEL_SYSCALLS__
35
36 #include <linux/config.h>
37 #include <linux/module.h>
38 #include <linux/errno.h>
39 #include <linux/kernel.h>
40 #include <linux/sched.h>
41 #include <linux/signal.h>
42 #include <linux/init.h>
43 #include <linux/wait.h>
44 #include <linux/net.h>
45 #include <linux/proc_fs.h>
46 #include <net/sock.h>
47 #include <asm/uaccess.h>
48 #include <asm/unaligned.h>
49
50 #include <net/bluetooth/bluetooth.h>
51 #include <net/bluetooth/l2cap.h>
52 #include <net/bluetooth/rfcomm.h>
53
54 #define VERSION "1.1"
55
56 #ifndef CONFIG_BLUEZ_RFCOMM_DEBUG
57 #undef BT_DBG
58 #define BT_DBG(D...)
59 #endif
60
61 struct task_struct *rfcomm_thread;
62 DECLARE_MUTEX(rfcomm_sem);
63 unsigned long rfcomm_event;
64
65 static LIST_HEAD(session_list);
66 static atomic_t terminate, running;
67
68 static int rfcomm_send_frame(struct rfcomm_session *s, u8 *data, int len);
69 static int rfcomm_send_sabm(struct rfcomm_session *s, u8 dlci);
70 static int rfcomm_send_disc(struct rfcomm_session *s, u8 dlci);
71 static int rfcomm_queue_disc(struct rfcomm_dlc *d);
72 static int rfcomm_send_nsc(struct rfcomm_session *s, int cr, u8 type);
73 static int rfcomm_send_pn(struct rfcomm_session *s, int cr, struct rfcomm_dlc *d);
74 static int rfcomm_send_msc(struct rfcomm_session *s, int cr, u8 dlci, u8 v24_sig);
75 static int rfcomm_send_test(struct rfcomm_session *s, int cr, u8 *pattern, int len);
76 static int rfcomm_send_credits(struct rfcomm_session *s, u8 addr, u8 credits);
77 static void rfcomm_make_uih(struct sk_buff *skb, u8 addr);
78
79 static void rfcomm_process_connect(struct rfcomm_session *s);
80
81 /* ---- RFCOMM frame parsing macros ---- */
82 #define __get_dlci(b) ((b & 0xfc) >> 2)
83 #define __get_channel(b) ((b & 0xf8) >> 3)
84 #define __get_dir(b) ((b & 0x04) >> 2)
85 #define __get_type(b) ((b & 0xef))
86
87 #define __test_ea(b) ((b & 0x01))
88 #define __test_cr(b) ((b & 0x02))
89 #define __test_pf(b) ((b & 0x10))
90
91 #define __addr(cr, dlci) (((dlci & 0x3f) << 2) | (cr << 1) | 0x01)
92 #define __ctrl(type, pf) (((type & 0xef) | (pf << 4)))
93 #define __dlci(dir, chn) (((chn & 0x1f) << 1) | dir)
94 #define __srv_channel(dlci) (dlci >> 1)
95 #define __dir(dlci) (dlci & 0x01)
96
97 #define __len8(len) (((len) << 1) | 1)
98 #define __len16(len) ((len) << 1)
99
100 /* MCC macros */
101 #define __mcc_type(cr, type) (((type << 2) | (cr << 1) | 0x01))
102 #define __get_mcc_type(b) ((b & 0xfc) >> 2)
103 #define __get_mcc_len(b) ((b & 0xfe) >> 1)
104
105 /* RPN macros */
106 #define __rpn_line_settings(data, stop, parity) ((data & 0x3) | ((stop & 0x1) << 2) | ((parity & 0x3) << 3))
107 #define __get_rpn_data_bits(line) ((line) & 0x3)
108 #define __get_rpn_stop_bits(line) (((line) >> 2) & 0x1)
109 #define __get_rpn_parity(line) (((line) >> 3) & 0x3)
110
111 /* ---- RFCOMM FCS computation ---- */
112
113 /* CRC on 2 bytes */
114 #define __crc(data) (rfcomm_crc_table[rfcomm_crc_table[0xff ^ data[0]] ^ data[1]])
115
116 /* FCS on 2 bytes */
__fcs(u8 * data)117 static inline u8 __fcs(u8 *data)
118 {
119 return (0xff - __crc(data));
120 }
121
122 /* FCS on 3 bytes */
__fcs2(u8 * data)123 static inline u8 __fcs2(u8 *data)
124 {
125 return (0xff - rfcomm_crc_table[__crc(data) ^ data[2]]);
126 }
127
128 /* Check FCS */
__check_fcs(u8 * data,int type,u8 fcs)129 static inline int __check_fcs(u8 *data, int type, u8 fcs)
130 {
131 u8 f = __crc(data);
132
133 if (type != RFCOMM_UIH)
134 f = rfcomm_crc_table[f ^ data[2]];
135
136 return rfcomm_crc_table[f ^ fcs] != 0xcf;
137 }
138
139 /* ---- L2CAP callbacks ---- */
rfcomm_l2state_change(struct sock * sk)140 static void rfcomm_l2state_change(struct sock *sk)
141 {
142 BT_DBG("%p state %d", sk, sk->state);
143 rfcomm_schedule(RFCOMM_SCHED_STATE);
144 }
145
rfcomm_l2data_ready(struct sock * sk,int bytes)146 static void rfcomm_l2data_ready(struct sock *sk, int bytes)
147 {
148 BT_DBG("%p bytes %d", sk, bytes);
149 rfcomm_schedule(RFCOMM_SCHED_RX);
150 }
151
rfcomm_l2sock_create(struct socket ** sock)152 static int rfcomm_l2sock_create(struct socket **sock)
153 {
154 int err;
155
156 BT_DBG("");
157
158 err = sock_create(PF_BLUETOOTH, SOCK_SEQPACKET, BTPROTO_L2CAP, sock);
159 if (!err) {
160 struct sock *sk = (*sock)->sk;
161 sk->data_ready = rfcomm_l2data_ready;
162 sk->state_change = rfcomm_l2state_change;
163 }
164 return err;
165 }
166
167 /* ---- RFCOMM DLCs ---- */
rfcomm_dlc_timeout(unsigned long arg)168 static void rfcomm_dlc_timeout(unsigned long arg)
169 {
170 struct rfcomm_dlc *d = (void *) arg;
171
172 BT_DBG("dlc %p state %ld", d, d->state);
173
174 set_bit(RFCOMM_TIMED_OUT, &d->flags);
175 rfcomm_dlc_put(d);
176 rfcomm_schedule(RFCOMM_SCHED_TIMEO);
177 }
178
rfcomm_dlc_set_timer(struct rfcomm_dlc * d,long timeout)179 static void rfcomm_dlc_set_timer(struct rfcomm_dlc *d, long timeout)
180 {
181 BT_DBG("dlc %p state %ld timeout %ld", d, d->state, timeout);
182
183 if (!mod_timer(&d->timer, jiffies + timeout))
184 rfcomm_dlc_hold(d);
185 }
186
rfcomm_dlc_clear_timer(struct rfcomm_dlc * d)187 static void rfcomm_dlc_clear_timer(struct rfcomm_dlc *d)
188 {
189 BT_DBG("dlc %p state %ld", d, d->state);
190
191 if (timer_pending(&d->timer) && del_timer(&d->timer))
192 rfcomm_dlc_put(d);
193 }
194
rfcomm_dlc_clear_state(struct rfcomm_dlc * d)195 static void rfcomm_dlc_clear_state(struct rfcomm_dlc *d)
196 {
197 BT_DBG("%p", d);
198
199 d->state = BT_OPEN;
200 d->flags = 0;
201 d->mscex = 0;
202 d->mtu = RFCOMM_DEFAULT_MTU;
203 d->v24_sig = RFCOMM_V24_RTC | RFCOMM_V24_RTR | RFCOMM_V24_DV;
204
205 d->cfc = RFCOMM_CFC_DISABLED;
206 d->rx_credits = RFCOMM_DEFAULT_CREDITS;
207 }
208
rfcomm_dlc_alloc(int prio)209 struct rfcomm_dlc *rfcomm_dlc_alloc(int prio)
210 {
211 struct rfcomm_dlc *d = kmalloc(sizeof(*d), prio);
212 if (!d)
213 return NULL;
214 memset(d, 0, sizeof(*d));
215
216 init_timer(&d->timer);
217 d->timer.function = rfcomm_dlc_timeout;
218 d->timer.data = (unsigned long) d;
219
220 skb_queue_head_init(&d->tx_queue);
221 spin_lock_init(&d->lock);
222 atomic_set(&d->refcnt, 1);
223
224 rfcomm_dlc_clear_state(d);
225
226 BT_DBG("%p", d);
227 return d;
228 }
229
rfcomm_dlc_free(struct rfcomm_dlc * d)230 void rfcomm_dlc_free(struct rfcomm_dlc *d)
231 {
232 BT_DBG("%p", d);
233
234 skb_queue_purge(&d->tx_queue);
235 kfree(d);
236 }
237
rfcomm_dlc_link(struct rfcomm_session * s,struct rfcomm_dlc * d)238 static void rfcomm_dlc_link(struct rfcomm_session *s, struct rfcomm_dlc *d)
239 {
240 BT_DBG("dlc %p session %p", d, s);
241
242 rfcomm_session_hold(s);
243
244 rfcomm_dlc_hold(d);
245 list_add(&d->list, &s->dlcs);
246 d->session = s;
247 }
248
rfcomm_dlc_unlink(struct rfcomm_dlc * d)249 static void rfcomm_dlc_unlink(struct rfcomm_dlc *d)
250 {
251 struct rfcomm_session *s = d->session;
252
253 BT_DBG("dlc %p refcnt %d session %p", d, atomic_read(&d->refcnt), s);
254
255 list_del(&d->list);
256 d->session = NULL;
257 rfcomm_dlc_put(d);
258
259 rfcomm_session_put(s);
260 }
261
rfcomm_dlc_get(struct rfcomm_session * s,u8 dlci)262 static struct rfcomm_dlc *rfcomm_dlc_get(struct rfcomm_session *s, u8 dlci)
263 {
264 struct rfcomm_dlc *d;
265 struct list_head *p;
266
267 list_for_each(p, &s->dlcs) {
268 d = list_entry(p, struct rfcomm_dlc, list);
269 if (d->dlci == dlci)
270 return d;
271 }
272 return NULL;
273 }
274
__rfcomm_dlc_open(struct rfcomm_dlc * d,bdaddr_t * src,bdaddr_t * dst,u8 channel)275 static int __rfcomm_dlc_open(struct rfcomm_dlc *d, bdaddr_t *src, bdaddr_t *dst, u8 channel)
276 {
277 struct rfcomm_session *s;
278 int err = 0;
279 u8 dlci;
280
281 BT_DBG("dlc %p state %ld %s %s channel %d",
282 d, d->state, batostr(src), batostr(dst), channel);
283
284 if (channel < 1 || channel > 30)
285 return -EINVAL;
286
287 if (d->state != BT_OPEN && d->state != BT_CLOSED)
288 return 0;
289
290 s = rfcomm_session_get(src, dst);
291 if (!s) {
292 s = rfcomm_session_create(src, dst, &err);
293 if (!s)
294 return err;
295 }
296
297 dlci = __dlci(!s->initiator, channel);
298
299 /* Check if DLCI already exists */
300 if (rfcomm_dlc_get(s, dlci))
301 return -EBUSY;
302
303 rfcomm_dlc_clear_state(d);
304
305 d->dlci = dlci;
306 d->addr = __addr(s->initiator, dlci);
307 d->priority = 7;
308
309 d->state = BT_CONFIG;
310 rfcomm_dlc_link(s, d);
311
312 d->mtu = s->mtu;
313 d->cfc = (s->cfc == RFCOMM_CFC_UNKNOWN) ? 0 : s->cfc;
314
315 if (s->state == BT_CONNECTED)
316 rfcomm_send_pn(s, 1, d);
317 rfcomm_dlc_set_timer(d, RFCOMM_CONN_TIMEOUT);
318 return 0;
319 }
320
rfcomm_dlc_open(struct rfcomm_dlc * d,bdaddr_t * src,bdaddr_t * dst,u8 channel)321 int rfcomm_dlc_open(struct rfcomm_dlc *d, bdaddr_t *src, bdaddr_t *dst, u8 channel)
322 {
323 mm_segment_t fs;
324 int r;
325
326 rfcomm_lock();
327
328 fs = get_fs(); set_fs(KERNEL_DS);
329 r = __rfcomm_dlc_open(d, src, dst, channel);
330 set_fs(fs);
331
332 rfcomm_unlock();
333 return r;
334 }
335
__rfcomm_dlc_close(struct rfcomm_dlc * d,int err)336 static int __rfcomm_dlc_close(struct rfcomm_dlc *d, int err)
337 {
338 struct rfcomm_session *s = d->session;
339 if (!s)
340 return 0;
341
342 BT_DBG("dlc %p state %ld dlci %d err %d session %p",
343 d, d->state, d->dlci, err, s);
344
345 switch (d->state) {
346 case BT_CONNECTED:
347 case BT_CONFIG:
348 case BT_CONNECT:
349 d->state = BT_DISCONN;
350 if (skb_queue_empty(&d->tx_queue)) {
351 rfcomm_send_disc(s, d->dlci);
352 rfcomm_dlc_set_timer(d, RFCOMM_DISC_TIMEOUT);
353 } else {
354 rfcomm_queue_disc(d);
355 rfcomm_dlc_set_timer(d, RFCOMM_DISC_TIMEOUT * 2);
356 }
357 break;
358
359 default:
360 rfcomm_dlc_clear_timer(d);
361
362 rfcomm_dlc_lock(d);
363 d->state = BT_CLOSED;
364 d->state_change(d, err);
365 rfcomm_dlc_unlock(d);
366
367 skb_queue_purge(&d->tx_queue);
368 rfcomm_dlc_unlink(d);
369 }
370
371 return 0;
372 }
373
rfcomm_dlc_close(struct rfcomm_dlc * d,int err)374 int rfcomm_dlc_close(struct rfcomm_dlc *d, int err)
375 {
376 mm_segment_t fs;
377 int r;
378
379 rfcomm_lock();
380
381 fs = get_fs(); set_fs(KERNEL_DS);
382 r = __rfcomm_dlc_close(d, err);
383 set_fs(fs);
384
385 rfcomm_unlock();
386 return r;
387 }
388
rfcomm_dlc_send(struct rfcomm_dlc * d,struct sk_buff * skb)389 int rfcomm_dlc_send(struct rfcomm_dlc *d, struct sk_buff *skb)
390 {
391 int len = skb->len;
392
393 if (d->state != BT_CONNECTED)
394 return -ENOTCONN;
395
396 BT_DBG("dlc %p mtu %d len %d", d, d->mtu, len);
397
398 if (len > d->mtu)
399 return -EINVAL;
400
401 rfcomm_make_uih(skb, d->addr);
402 skb_queue_tail(&d->tx_queue, skb);
403
404 if (!test_bit(RFCOMM_TX_THROTTLED, &d->flags))
405 rfcomm_schedule(RFCOMM_SCHED_TX);
406 return len;
407 }
408
__rfcomm_dlc_throttle(struct rfcomm_dlc * d)409 void fastcall __rfcomm_dlc_throttle(struct rfcomm_dlc *d)
410 {
411 BT_DBG("dlc %p state %ld", d, d->state);
412
413 if (!d->cfc) {
414 d->v24_sig |= RFCOMM_V24_FC;
415 set_bit(RFCOMM_MSC_PENDING, &d->flags);
416 }
417 rfcomm_schedule(RFCOMM_SCHED_TX);
418 }
419
__rfcomm_dlc_unthrottle(struct rfcomm_dlc * d)420 void fastcall __rfcomm_dlc_unthrottle(struct rfcomm_dlc *d)
421 {
422 BT_DBG("dlc %p state %ld", d, d->state);
423
424 if (!d->cfc) {
425 d->v24_sig &= ~RFCOMM_V24_FC;
426 set_bit(RFCOMM_MSC_PENDING, &d->flags);
427 }
428 rfcomm_schedule(RFCOMM_SCHED_TX);
429 }
430
431 /*
432 Set/get modem status functions use _local_ status i.e. what we report
433 to the other side.
434 Remote status is provided by dlc->modem_status() callback.
435 */
rfcomm_dlc_set_modem_status(struct rfcomm_dlc * d,u8 v24_sig)436 int rfcomm_dlc_set_modem_status(struct rfcomm_dlc *d, u8 v24_sig)
437 {
438 BT_DBG("dlc %p state %ld v24_sig 0x%x",
439 d, d->state, v24_sig);
440
441 if (test_bit(RFCOMM_RX_THROTTLED, &d->flags))
442 v24_sig |= RFCOMM_V24_FC;
443 else
444 v24_sig &= ~RFCOMM_V24_FC;
445
446 d->v24_sig = v24_sig;
447
448 if (!test_and_set_bit(RFCOMM_MSC_PENDING, &d->flags))
449 rfcomm_schedule(RFCOMM_SCHED_TX);
450
451 return 0;
452 }
453
rfcomm_dlc_get_modem_status(struct rfcomm_dlc * d,u8 * v24_sig)454 int rfcomm_dlc_get_modem_status(struct rfcomm_dlc *d, u8 *v24_sig)
455 {
456 BT_DBG("dlc %p state %ld v24_sig 0x%x",
457 d, d->state, d->v24_sig);
458
459 *v24_sig = d->v24_sig;
460 return 0;
461 }
462
463 /* ---- RFCOMM sessions ---- */
rfcomm_session_add(struct socket * sock,int state)464 struct rfcomm_session *rfcomm_session_add(struct socket *sock, int state)
465 {
466 struct rfcomm_session *s = kmalloc(sizeof(*s), GFP_KERNEL);
467 if (!s)
468 return NULL;
469 memset(s, 0, sizeof(*s));
470
471 BT_DBG("session %p sock %p", s, sock);
472
473 INIT_LIST_HEAD(&s->dlcs);
474 s->state = state;
475 s->sock = sock;
476
477 s->mtu = RFCOMM_DEFAULT_MTU;
478 s->cfc = RFCOMM_CFC_UNKNOWN;
479
480 list_add(&s->list, &session_list);
481
482 /* Do not increment module usage count for listeting sessions.
483 * Otherwise we won't be able to unload the module. */
484 if (state != BT_LISTEN)
485 MOD_INC_USE_COUNT;
486 return s;
487 }
488
rfcomm_session_del(struct rfcomm_session * s)489 void rfcomm_session_del(struct rfcomm_session *s)
490 {
491 int state = s->state;
492
493 BT_DBG("session %p state %ld", s, s->state);
494
495 list_del(&s->list);
496
497 if (state == BT_CONNECTED)
498 rfcomm_send_disc(s, 0);
499
500 sock_release(s->sock);
501 kfree(s);
502
503 if (state != BT_LISTEN)
504 MOD_DEC_USE_COUNT;
505 }
506
rfcomm_session_get(bdaddr_t * src,bdaddr_t * dst)507 struct rfcomm_session *rfcomm_session_get(bdaddr_t *src, bdaddr_t *dst)
508 {
509 struct rfcomm_session *s;
510 struct list_head *p, *n;
511 struct bluez_pinfo *pi;
512 list_for_each_safe(p, n, &session_list) {
513 s = list_entry(p, struct rfcomm_session, list);
514 pi = bluez_pi(s->sock->sk);
515
516 if ((!bacmp(src, BDADDR_ANY) || !bacmp(&pi->src, src)) &&
517 !bacmp(&pi->dst, dst))
518 return s;
519 }
520 return NULL;
521 }
522
rfcomm_session_close(struct rfcomm_session * s,int err)523 void rfcomm_session_close(struct rfcomm_session *s, int err)
524 {
525 struct rfcomm_dlc *d;
526 struct list_head *p, *n;
527
528 BT_DBG("session %p state %ld err %d", s, s->state, err);
529
530 rfcomm_session_hold(s);
531
532 s->state = BT_CLOSED;
533
534 /* Close all dlcs */
535 list_for_each_safe(p, n, &s->dlcs) {
536 d = list_entry(p, struct rfcomm_dlc, list);
537 d->state = BT_CLOSED;
538 __rfcomm_dlc_close(d, err);
539 }
540
541 rfcomm_session_put(s);
542 }
543
rfcomm_session_create(bdaddr_t * src,bdaddr_t * dst,int * err)544 struct rfcomm_session *rfcomm_session_create(bdaddr_t *src, bdaddr_t *dst, int *err)
545 {
546 struct rfcomm_session *s = NULL;
547 struct sockaddr_l2 addr;
548 struct l2cap_options opts;
549 struct socket *sock;
550 int size;
551
552 BT_DBG("%s %s", batostr(src), batostr(dst));
553
554 *err = rfcomm_l2sock_create(&sock);
555 if (*err < 0)
556 return NULL;
557
558 bacpy(&addr.l2_bdaddr, src);
559 addr.l2_family = AF_BLUETOOTH;
560 addr.l2_psm = 0;
561 *err = sock->ops->bind(sock, (struct sockaddr *) &addr, sizeof(addr));
562 if (*err < 0)
563 goto failed;
564
565 /* Set L2CAP options */
566 size = sizeof(opts);
567 sock->ops->getsockopt(sock, SOL_L2CAP, L2CAP_OPTIONS, (void *)&opts, &size);
568
569 opts.imtu = RFCOMM_MAX_L2CAP_MTU;
570 sock->ops->setsockopt(sock, SOL_L2CAP, L2CAP_OPTIONS, (void *)&opts, size);
571
572 s = rfcomm_session_add(sock, BT_BOUND);
573 if (!s) {
574 *err = -ENOMEM;
575 goto failed;
576 }
577
578 s->initiator = 1;
579
580 bacpy(&addr.l2_bdaddr, dst);
581 addr.l2_family = AF_BLUETOOTH;
582 addr.l2_psm = htobs(RFCOMM_PSM);
583 *err = sock->ops->connect(sock, (struct sockaddr *) &addr, sizeof(addr), O_NONBLOCK);
584 if (*err == 0 || *err == -EAGAIN)
585 return s;
586
587 rfcomm_session_del(s);
588 return NULL;
589
590 failed:
591 sock_release(sock);
592 return NULL;
593 }
594
rfcomm_session_getaddr(struct rfcomm_session * s,bdaddr_t * src,bdaddr_t * dst)595 void rfcomm_session_getaddr(struct rfcomm_session *s, bdaddr_t *src, bdaddr_t *dst)
596 {
597 struct sock *sk = s->sock->sk;
598 if (src)
599 bacpy(src, &bluez_pi(sk)->src);
600 if (dst)
601 bacpy(dst, &bluez_pi(sk)->dst);
602 }
603
604 /* ---- RFCOMM frame sending ---- */
rfcomm_send_frame(struct rfcomm_session * s,u8 * data,int len)605 static int rfcomm_send_frame(struct rfcomm_session *s, u8 *data, int len)
606 {
607 struct socket *sock = s->sock;
608 struct iovec iv = { data, len };
609 struct msghdr msg;
610 int err;
611
612 BT_DBG("session %p len %d", s, len);
613
614 memset(&msg, 0, sizeof(msg));
615 msg.msg_iovlen = 1;
616 msg.msg_iov = &iv;
617
618 err = sock->ops->sendmsg(sock, &msg, len, 0);
619 return err;
620 }
621
rfcomm_send_sabm(struct rfcomm_session * s,u8 dlci)622 static int rfcomm_send_sabm(struct rfcomm_session *s, u8 dlci)
623 {
624 struct rfcomm_cmd cmd;
625
626 BT_DBG("%p dlci %d", s, dlci);
627
628 cmd.addr = __addr(s->initiator, dlci);
629 cmd.ctrl = __ctrl(RFCOMM_SABM, 1);
630 cmd.len = __len8(0);
631 cmd.fcs = __fcs2((u8 *) &cmd);
632
633 return rfcomm_send_frame(s, (void *) &cmd, sizeof(cmd));
634 }
635
rfcomm_send_ua(struct rfcomm_session * s,u8 dlci)636 static int rfcomm_send_ua(struct rfcomm_session *s, u8 dlci)
637 {
638 struct rfcomm_cmd cmd;
639
640 BT_DBG("%p dlci %d", s, dlci);
641
642 cmd.addr = __addr(!s->initiator, dlci);
643 cmd.ctrl = __ctrl(RFCOMM_UA, 1);
644 cmd.len = __len8(0);
645 cmd.fcs = __fcs2((u8 *) &cmd);
646
647 return rfcomm_send_frame(s, (void *) &cmd, sizeof(cmd));
648 }
649
rfcomm_send_disc(struct rfcomm_session * s,u8 dlci)650 static int rfcomm_send_disc(struct rfcomm_session *s, u8 dlci)
651 {
652 struct rfcomm_cmd cmd;
653
654 BT_DBG("%p dlci %d", s, dlci);
655
656 cmd.addr = __addr(s->initiator, dlci);
657 cmd.ctrl = __ctrl(RFCOMM_DISC, 1);
658 cmd.len = __len8(0);
659 cmd.fcs = __fcs2((u8 *) &cmd);
660
661 return rfcomm_send_frame(s, (void *) &cmd, sizeof(cmd));
662 }
663
rfcomm_queue_disc(struct rfcomm_dlc * d)664 static int rfcomm_queue_disc(struct rfcomm_dlc *d)
665 {
666 struct rfcomm_cmd *cmd;
667 struct sk_buff *skb;
668
669 BT_DBG("dlc %p dlci %d", d, d->dlci);
670
671 skb = alloc_skb(sizeof(*cmd), GFP_KERNEL);
672 if (!skb)
673 return -ENOMEM;
674
675 cmd = (void *) __skb_put(skb, sizeof(*cmd));
676 cmd->addr = d->addr;
677 cmd->ctrl = __ctrl(RFCOMM_DISC, 1);
678 cmd->len = __len8(0);
679 cmd->fcs = __fcs2((u8 *) cmd);
680
681 skb_queue_tail(&d->tx_queue, skb);
682 rfcomm_schedule(RFCOMM_SCHED_TX);
683 return 0;
684 }
685
rfcomm_send_dm(struct rfcomm_session * s,u8 dlci)686 static int rfcomm_send_dm(struct rfcomm_session *s, u8 dlci)
687 {
688 struct rfcomm_cmd cmd;
689
690 BT_DBG("%p dlci %d", s, dlci);
691
692 cmd.addr = __addr(!s->initiator, dlci);
693 cmd.ctrl = __ctrl(RFCOMM_DM, 1);
694 cmd.len = __len8(0);
695 cmd.fcs = __fcs2((u8 *) &cmd);
696
697 return rfcomm_send_frame(s, (void *) &cmd, sizeof(cmd));
698 }
699
rfcomm_send_nsc(struct rfcomm_session * s,int cr,u8 type)700 static int rfcomm_send_nsc(struct rfcomm_session *s, int cr, u8 type)
701 {
702 struct rfcomm_hdr *hdr;
703 struct rfcomm_mcc *mcc;
704 u8 buf[16], *ptr = buf;
705
706 BT_DBG("%p cr %d type %d", s, cr, type);
707
708 hdr = (void *) ptr; ptr += sizeof(*hdr);
709 hdr->addr = __addr(s->initiator, 0);
710 hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
711 hdr->len = __len8(sizeof(*mcc) + 1);
712
713 mcc = (void *) ptr; ptr += sizeof(*mcc);
714 mcc->type = __mcc_type(cr, RFCOMM_NSC);
715 mcc->len = __len8(1);
716
717 /* Type that we didn't like */
718 *ptr = __mcc_type(cr, type); ptr++;
719
720 *ptr = __fcs(buf); ptr++;
721
722 return rfcomm_send_frame(s, buf, ptr - buf);
723 }
724
rfcomm_send_pn(struct rfcomm_session * s,int cr,struct rfcomm_dlc * d)725 static int rfcomm_send_pn(struct rfcomm_session *s, int cr, struct rfcomm_dlc *d)
726 {
727 struct rfcomm_hdr *hdr;
728 struct rfcomm_mcc *mcc;
729 struct rfcomm_pn *pn;
730 u8 buf[16], *ptr = buf;
731
732 BT_DBG("%p cr %d dlci %d mtu %d", s, cr, d->dlci, d->mtu);
733
734 hdr = (void *) ptr; ptr += sizeof(*hdr);
735 hdr->addr = __addr(s->initiator, 0);
736 hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
737 hdr->len = __len8(sizeof(*mcc) + sizeof(*pn));
738
739 mcc = (void *) ptr; ptr += sizeof(*mcc);
740 mcc->type = __mcc_type(cr, RFCOMM_PN);
741 mcc->len = __len8(sizeof(*pn));
742
743 pn = (void *) ptr; ptr += sizeof(*pn);
744 pn->dlci = d->dlci;
745 pn->priority = d->priority;
746 pn->ack_timer = 0;
747 pn->max_retrans = 0;
748
749 if (s->cfc) {
750 pn->flow_ctrl = cr ? 0xf0 : 0xe0;
751 pn->credits = RFCOMM_DEFAULT_CREDITS;
752 } else {
753 pn->flow_ctrl = 0;
754 pn->credits = 0;
755 }
756
757 pn->mtu = htobs(d->mtu);
758
759 *ptr = __fcs(buf); ptr++;
760
761 return rfcomm_send_frame(s, buf, ptr - buf);
762 }
763
rfcomm_send_rpn(struct rfcomm_session * s,int cr,u8 dlci,u8 bit_rate,u8 data_bits,u8 stop_bits,u8 parity,u8 flow_ctrl_settings,u8 xon_char,u8 xoff_char,u16 param_mask)764 static int rfcomm_send_rpn(struct rfcomm_session *s, int cr, u8 dlci,
765 u8 bit_rate, u8 data_bits, u8 stop_bits,
766 u8 parity, u8 flow_ctrl_settings,
767 u8 xon_char, u8 xoff_char, u16 param_mask)
768 {
769 struct rfcomm_hdr *hdr;
770 struct rfcomm_mcc *mcc;
771 struct rfcomm_rpn *rpn;
772 u8 buf[16], *ptr = buf;
773
774 BT_DBG("%p cr %d dlci %d bit_r 0x%x data_b 0x%x stop_b 0x%x parity 0x%x"
775 "flwc_s 0x%x xon_c 0x%x xoff_c 0x%x p_mask 0x%x",
776 s, cr, dlci, bit_rate, data_bits, stop_bits, parity,
777 flow_ctrl_settings, xon_char, xoff_char, param_mask);
778
779 hdr = (void *) ptr; ptr += sizeof(*hdr);
780 hdr->addr = __addr(s->initiator, 0);
781 hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
782 hdr->len = __len8(sizeof(*mcc) + sizeof(*rpn));
783
784 mcc = (void *) ptr; ptr += sizeof(*mcc);
785 mcc->type = __mcc_type(cr, RFCOMM_RPN);
786 mcc->len = __len8(sizeof(*rpn));
787
788 rpn = (void *) ptr; ptr += sizeof(*rpn);
789 rpn->dlci = __addr(1, dlci);
790 rpn->bit_rate = bit_rate;
791 rpn->line_settings = __rpn_line_settings(data_bits, stop_bits, parity);
792 rpn->flow_ctrl = flow_ctrl_settings;
793 rpn->xon_char = xon_char;
794 rpn->xoff_char = xoff_char;
795 rpn->param_mask = param_mask;
796
797 *ptr = __fcs(buf); ptr++;
798
799 return rfcomm_send_frame(s, buf, ptr - buf);
800 }
801
rfcomm_send_rls(struct rfcomm_session * s,int cr,u8 dlci,u8 status)802 static int rfcomm_send_rls(struct rfcomm_session *s, int cr, u8 dlci, u8 status)
803 {
804 struct rfcomm_hdr *hdr;
805 struct rfcomm_mcc *mcc;
806 struct rfcomm_rls *rls;
807 u8 buf[16], *ptr = buf;
808
809 BT_DBG("%p cr %d status 0x%x", s, cr, status);
810
811 hdr = (void *) ptr; ptr += sizeof(*hdr);
812 hdr->addr = __addr(s->initiator, 0);
813 hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
814 hdr->len = __len8(sizeof(*mcc) + sizeof(*rls));
815
816 mcc = (void *) ptr; ptr += sizeof(*mcc);
817 mcc->type = __mcc_type(cr, RFCOMM_RLS);
818 mcc->len = __len8(sizeof(*rls));
819
820 rls = (void *) ptr; ptr += sizeof(*rls);
821 rls->dlci = __addr(1, dlci);
822 rls->status = status;
823
824 *ptr = __fcs(buf); ptr++;
825
826 return rfcomm_send_frame(s, buf, ptr - buf);
827 }
828
rfcomm_send_msc(struct rfcomm_session * s,int cr,u8 dlci,u8 v24_sig)829 static int rfcomm_send_msc(struct rfcomm_session *s, int cr, u8 dlci, u8 v24_sig)
830 {
831 struct rfcomm_hdr *hdr;
832 struct rfcomm_mcc *mcc;
833 struct rfcomm_msc *msc;
834 u8 buf[16], *ptr = buf;
835
836 BT_DBG("%p cr %d v24 0x%x", s, cr, v24_sig);
837
838 hdr = (void *) ptr; ptr += sizeof(*hdr);
839 hdr->addr = __addr(s->initiator, 0);
840 hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
841 hdr->len = __len8(sizeof(*mcc) + sizeof(*msc));
842
843 mcc = (void *) ptr; ptr += sizeof(*mcc);
844 mcc->type = __mcc_type(cr, RFCOMM_MSC);
845 mcc->len = __len8(sizeof(*msc));
846
847 msc = (void *) ptr; ptr += sizeof(*msc);
848 msc->dlci = __addr(1, dlci);
849 msc->v24_sig = v24_sig | 0x01;
850
851 *ptr = __fcs(buf); ptr++;
852
853 return rfcomm_send_frame(s, buf, ptr - buf);
854 }
855
rfcomm_send_fcoff(struct rfcomm_session * s,int cr)856 static int rfcomm_send_fcoff(struct rfcomm_session *s, int cr)
857 {
858 struct rfcomm_hdr *hdr;
859 struct rfcomm_mcc *mcc;
860 u8 buf[16], *ptr = buf;
861
862 BT_DBG("%p cr %d", s, cr);
863
864 hdr = (void *) ptr; ptr += sizeof(*hdr);
865 hdr->addr = __addr(s->initiator, 0);
866 hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
867 hdr->len = __len8(sizeof(*mcc));
868
869 mcc = (void *) ptr; ptr += sizeof(*mcc);
870 mcc->type = __mcc_type(cr, RFCOMM_FCOFF);
871 mcc->len = __len8(0);
872
873 *ptr = __fcs(buf); ptr++;
874
875 return rfcomm_send_frame(s, buf, ptr - buf);
876 }
877
rfcomm_send_fcon(struct rfcomm_session * s,int cr)878 static int rfcomm_send_fcon(struct rfcomm_session *s, int cr)
879 {
880 struct rfcomm_hdr *hdr;
881 struct rfcomm_mcc *mcc;
882 u8 buf[16], *ptr = buf;
883
884 BT_DBG("%p cr %d", s, cr);
885
886 hdr = (void *) ptr; ptr += sizeof(*hdr);
887 hdr->addr = __addr(s->initiator, 0);
888 hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
889 hdr->len = __len8(sizeof(*mcc));
890
891 mcc = (void *) ptr; ptr += sizeof(*mcc);
892 mcc->type = __mcc_type(cr, RFCOMM_FCON);
893 mcc->len = __len8(0);
894
895 *ptr = __fcs(buf); ptr++;
896
897 return rfcomm_send_frame(s, buf, ptr - buf);
898 }
899
rfcomm_send_test(struct rfcomm_session * s,int cr,u8 * pattern,int len)900 static int rfcomm_send_test(struct rfcomm_session *s, int cr, u8 *pattern, int len)
901 {
902 struct socket *sock = s->sock;
903 struct iovec iv[3];
904 struct msghdr msg;
905 unsigned char hdr[5], crc[1];
906
907 if (len > 125)
908 return -EINVAL;
909
910 BT_DBG("%p cr %d", s, cr);
911
912 hdr[0] = __addr(s->initiator, 0);
913 hdr[1] = __ctrl(RFCOMM_UIH, 0);
914 hdr[2] = 0x01 | ((len + 2) << 1);
915 hdr[3] = 0x01 | ((cr & 0x01) << 1) | (RFCOMM_TEST << 2);
916 hdr[4] = 0x01 | (len << 1);
917
918 crc[0] = __fcs(hdr);
919
920 iv[0].iov_base = hdr;
921 iv[0].iov_len = 5;
922 iv[1].iov_base = pattern;
923 iv[1].iov_len = len;
924 iv[2].iov_base = crc;
925 iv[2].iov_len = 1;
926
927 memset(&msg, 0, sizeof(msg));
928 msg.msg_iovlen = 3;
929 msg.msg_iov = iv;
930 return sock->ops->sendmsg(sock, &msg, 6 + len, 0);
931 }
932
rfcomm_send_credits(struct rfcomm_session * s,u8 addr,u8 credits)933 static int rfcomm_send_credits(struct rfcomm_session *s, u8 addr, u8 credits)
934 {
935 struct rfcomm_hdr *hdr;
936 u8 buf[16], *ptr = buf;
937
938 BT_DBG("%p addr %d credits %d", s, addr, credits);
939
940 hdr = (void *) ptr; ptr += sizeof(*hdr);
941 hdr->addr = addr;
942 hdr->ctrl = __ctrl(RFCOMM_UIH, 1);
943 hdr->len = __len8(0);
944
945 *ptr = credits; ptr++;
946
947 *ptr = __fcs(buf); ptr++;
948
949 return rfcomm_send_frame(s, buf, ptr - buf);
950 }
951
rfcomm_make_uih(struct sk_buff * skb,u8 addr)952 static void rfcomm_make_uih(struct sk_buff *skb, u8 addr)
953 {
954 struct rfcomm_hdr *hdr;
955 int len = skb->len;
956 u8 *crc;
957
958 if (len > 127) {
959 hdr = (void *) skb_push(skb, 4);
960 put_unaligned(htobs(__len16(len)), (u16 *) &hdr->len);
961 } else {
962 hdr = (void *) skb_push(skb, 3);
963 hdr->len = __len8(len);
964 }
965 hdr->addr = addr;
966 hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
967
968 crc = skb_put(skb, 1);
969 *crc = __fcs((void *) hdr);
970 }
971
972 /* ---- RFCOMM frame reception ---- */
rfcomm_recv_ua(struct rfcomm_session * s,u8 dlci)973 static int rfcomm_recv_ua(struct rfcomm_session *s, u8 dlci)
974 {
975 BT_DBG("session %p state %ld dlci %d", s, s->state, dlci);
976
977 if (dlci) {
978 /* Data channel */
979 struct rfcomm_dlc *d = rfcomm_dlc_get(s, dlci);
980 if (!d) {
981 rfcomm_send_dm(s, dlci);
982 return 0;
983 }
984
985 switch (d->state) {
986 case BT_CONNECT:
987 rfcomm_dlc_clear_timer(d);
988
989 rfcomm_dlc_lock(d);
990 d->state = BT_CONNECTED;
991 d->state_change(d, 0);
992 rfcomm_dlc_unlock(d);
993
994 rfcomm_send_msc(s, 1, dlci, d->v24_sig);
995 break;
996
997 case BT_DISCONN:
998 d->state = BT_CLOSED;
999 __rfcomm_dlc_close(d, 0);
1000 break;
1001 }
1002 } else {
1003 /* Control channel */
1004 switch (s->state) {
1005 case BT_CONNECT:
1006 s->state = BT_CONNECTED;
1007 rfcomm_process_connect(s);
1008 break;
1009 }
1010 }
1011 return 0;
1012 }
1013
rfcomm_recv_dm(struct rfcomm_session * s,u8 dlci)1014 static int rfcomm_recv_dm(struct rfcomm_session *s, u8 dlci)
1015 {
1016 int err = 0;
1017
1018 BT_DBG("session %p state %ld dlci %d", s, s->state, dlci);
1019
1020 if (dlci) {
1021 /* Data DLC */
1022 struct rfcomm_dlc *d = rfcomm_dlc_get(s, dlci);
1023 if (d) {
1024 if (d->state == BT_CONNECT || d->state == BT_CONFIG)
1025 err = ECONNREFUSED;
1026 else
1027 err = ECONNRESET;
1028
1029 d->state = BT_CLOSED;
1030 __rfcomm_dlc_close(d, err);
1031 }
1032 } else {
1033 if (s->state == BT_CONNECT)
1034 err = ECONNREFUSED;
1035 else
1036 err = ECONNRESET;
1037
1038 s->state = BT_CLOSED;
1039 rfcomm_session_close(s, err);
1040 }
1041 return 0;
1042 }
1043
rfcomm_recv_disc(struct rfcomm_session * s,u8 dlci)1044 static int rfcomm_recv_disc(struct rfcomm_session *s, u8 dlci)
1045 {
1046 int err = 0;
1047
1048 BT_DBG("session %p state %ld dlci %d", s, s->state, dlci);
1049
1050 if (dlci) {
1051 struct rfcomm_dlc *d = rfcomm_dlc_get(s, dlci);
1052 if (d) {
1053 rfcomm_send_ua(s, dlci);
1054
1055 if (d->state == BT_CONNECT || d->state == BT_CONFIG)
1056 err = ECONNREFUSED;
1057 else
1058 err = ECONNRESET;
1059
1060 d->state = BT_CLOSED;
1061 __rfcomm_dlc_close(d, err);
1062 } else
1063 rfcomm_send_dm(s, dlci);
1064
1065 } else {
1066 rfcomm_send_ua(s, 0);
1067
1068 if (s->state == BT_CONNECT)
1069 err = ECONNREFUSED;
1070 else
1071 err = ECONNRESET;
1072
1073 s->state = BT_CLOSED;
1074 rfcomm_session_close(s, err);
1075 }
1076
1077 return 0;
1078 }
1079
rfcomm_recv_sabm(struct rfcomm_session * s,u8 dlci)1080 static int rfcomm_recv_sabm(struct rfcomm_session *s, u8 dlci)
1081 {
1082 struct rfcomm_dlc *d;
1083 u8 channel;
1084
1085 BT_DBG("session %p state %ld dlci %d", s, s->state, dlci);
1086
1087 if (!dlci) {
1088 rfcomm_send_ua(s, 0);
1089
1090 if (s->state == BT_OPEN) {
1091 s->state = BT_CONNECTED;
1092 rfcomm_process_connect(s);
1093 }
1094 return 0;
1095 }
1096
1097 /* Check if DLC exists */
1098 d = rfcomm_dlc_get(s, dlci);
1099 if (d) {
1100 if (d->state == BT_OPEN) {
1101 /* DLC was previously opened by PN request */
1102 rfcomm_send_ua(s, dlci);
1103
1104 rfcomm_dlc_lock(d);
1105 d->state = BT_CONNECTED;
1106 d->state_change(d, 0);
1107 rfcomm_dlc_unlock(d);
1108
1109 rfcomm_send_msc(s, 1, dlci, d->v24_sig);
1110 }
1111 return 0;
1112 }
1113
1114 /* Notify socket layer about incomming connection */
1115 channel = __srv_channel(dlci);
1116 if (rfcomm_connect_ind(s, channel, &d)) {
1117 d->dlci = dlci;
1118 d->addr = __addr(s->initiator, dlci);
1119 rfcomm_dlc_link(s, d);
1120
1121 rfcomm_send_ua(s, dlci);
1122
1123 rfcomm_dlc_lock(d);
1124 d->state = BT_CONNECTED;
1125 d->state_change(d, 0);
1126 rfcomm_dlc_unlock(d);
1127
1128 rfcomm_send_msc(s, 1, dlci, d->v24_sig);
1129 } else {
1130 rfcomm_send_dm(s, dlci);
1131 }
1132
1133 return 0;
1134 }
1135
rfcomm_apply_pn(struct rfcomm_dlc * d,int cr,struct rfcomm_pn * pn)1136 static int rfcomm_apply_pn(struct rfcomm_dlc *d, int cr, struct rfcomm_pn *pn)
1137 {
1138 struct rfcomm_session *s = d->session;
1139
1140 BT_DBG("dlc %p state %ld dlci %d mtu %d fc 0x%x credits %d",
1141 d, d->state, d->dlci, pn->mtu, pn->flow_ctrl, pn->credits);
1142
1143 if (pn->flow_ctrl == 0xf0 || pn->flow_ctrl == 0xe0) {
1144 d->cfc = s->cfc = RFCOMM_CFC_ENABLED;
1145 d->tx_credits = pn->credits;
1146 } else {
1147 d->cfc = s->cfc = RFCOMM_CFC_DISABLED;
1148 set_bit(RFCOMM_TX_THROTTLED, &d->flags);
1149 }
1150
1151 d->priority = pn->priority;
1152
1153 d->mtu = s->mtu = btohs(pn->mtu);
1154
1155 return 0;
1156 }
1157
rfcomm_recv_pn(struct rfcomm_session * s,int cr,struct sk_buff * skb)1158 static int rfcomm_recv_pn(struct rfcomm_session *s, int cr, struct sk_buff *skb)
1159 {
1160 struct rfcomm_pn *pn = (void *) skb->data;
1161 struct rfcomm_dlc *d;
1162 u8 dlci = pn->dlci;
1163
1164 BT_DBG("session %p state %ld dlci %d", s, s->state, dlci);
1165
1166 if (!dlci)
1167 return 0;
1168
1169 d = rfcomm_dlc_get(s, dlci);
1170 if (d) {
1171 if (cr) {
1172 /* PN request */
1173 rfcomm_apply_pn(d, cr, pn);
1174 rfcomm_send_pn(s, 0, d);
1175 } else {
1176 /* PN response */
1177 switch (d->state) {
1178 case BT_CONFIG:
1179 rfcomm_apply_pn(d, cr, pn);
1180
1181 d->state = BT_CONNECT;
1182 rfcomm_send_sabm(s, d->dlci);
1183 break;
1184 }
1185 }
1186 } else {
1187 u8 channel = __srv_channel(dlci);
1188
1189 if (!cr)
1190 return 0;
1191
1192 /* PN request for non existing DLC.
1193 * Assume incomming connection. */
1194 if (rfcomm_connect_ind(s, channel, &d)) {
1195 d->dlci = dlci;
1196 d->addr = __addr(s->initiator, dlci);
1197 rfcomm_dlc_link(s, d);
1198
1199 rfcomm_apply_pn(d, cr, pn);
1200
1201 d->state = BT_OPEN;
1202 rfcomm_send_pn(s, 0, d);
1203 } else {
1204 rfcomm_send_dm(s, dlci);
1205 }
1206 }
1207 return 0;
1208 }
1209
rfcomm_recv_rpn(struct rfcomm_session * s,int cr,int len,struct sk_buff * skb)1210 static int rfcomm_recv_rpn(struct rfcomm_session *s, int cr, int len, struct sk_buff *skb)
1211 {
1212 struct rfcomm_rpn *rpn = (void *) skb->data;
1213 u8 dlci = __get_dlci(rpn->dlci);
1214
1215 u8 bit_rate = 0;
1216 u8 data_bits = 0;
1217 u8 stop_bits = 0;
1218 u8 parity = 0;
1219 u8 flow_ctrl = 0;
1220 u8 xon_char = 0;
1221 u8 xoff_char = 0;
1222 u16 rpn_mask = RFCOMM_RPN_PM_ALL;
1223
1224 BT_DBG("dlci %d cr %d len 0x%x bitr 0x%x line 0x%x flow 0x%x xonc 0x%x xoffc 0x%x pm 0x%x",
1225 dlci, cr, len, rpn->bit_rate, rpn->line_settings, rpn->flow_ctrl,
1226 rpn->xon_char, rpn->xoff_char, rpn->param_mask);
1227
1228 if (!cr)
1229 return 0;
1230
1231 if (len == 1) {
1232 /* request: return default setting */
1233 bit_rate = RFCOMM_RPN_BR_115200;
1234 data_bits = RFCOMM_RPN_DATA_8;
1235 stop_bits = RFCOMM_RPN_STOP_1;
1236 parity = RFCOMM_RPN_PARITY_NONE;
1237 flow_ctrl = RFCOMM_RPN_FLOW_NONE;
1238 xon_char = RFCOMM_RPN_XON_CHAR;
1239 xoff_char = RFCOMM_RPN_XOFF_CHAR;
1240
1241 goto rpn_out;
1242 }
1243 /* check for sane values: ignore/accept bit_rate, 8 bits, 1 stop bit, no parity,
1244 no flow control lines, normal XON/XOFF chars */
1245 if (rpn->param_mask & RFCOMM_RPN_PM_BITRATE) {
1246 bit_rate = rpn->bit_rate;
1247 if (bit_rate != RFCOMM_RPN_BR_115200) {
1248 BT_DBG("RPN bit rate mismatch 0x%x", bit_rate);
1249 bit_rate = RFCOMM_RPN_BR_115200;
1250 rpn_mask ^= RFCOMM_RPN_PM_BITRATE;
1251 }
1252 }
1253 if (rpn->param_mask & RFCOMM_RPN_PM_DATA) {
1254 data_bits = __get_rpn_data_bits(rpn->line_settings);
1255 if (data_bits != RFCOMM_RPN_DATA_8) {
1256 BT_DBG("RPN data bits mismatch 0x%x", data_bits);
1257 data_bits = RFCOMM_RPN_DATA_8;
1258 rpn_mask ^= RFCOMM_RPN_PM_DATA;
1259 }
1260 }
1261 if (rpn->param_mask & RFCOMM_RPN_PM_STOP) {
1262 stop_bits = __get_rpn_stop_bits(rpn->line_settings);
1263 if (stop_bits != RFCOMM_RPN_STOP_1) {
1264 BT_DBG("RPN stop bits mismatch 0x%x", stop_bits);
1265 stop_bits = RFCOMM_RPN_STOP_1;
1266 rpn_mask ^= RFCOMM_RPN_PM_STOP;
1267 }
1268 }
1269 if (rpn->param_mask & RFCOMM_RPN_PM_PARITY) {
1270 parity = __get_rpn_parity(rpn->line_settings);
1271 if (parity != RFCOMM_RPN_PARITY_NONE) {
1272 BT_DBG("RPN parity mismatch 0x%x", parity);
1273 parity = RFCOMM_RPN_PARITY_NONE;
1274 rpn_mask ^= RFCOMM_RPN_PM_PARITY;
1275 }
1276 }
1277 if (rpn->param_mask & RFCOMM_RPN_PM_FLOW) {
1278 flow_ctrl = rpn->flow_ctrl;
1279 if (flow_ctrl != RFCOMM_RPN_FLOW_NONE) {
1280 BT_DBG("RPN flow ctrl mismatch 0x%x", flow_ctrl);
1281 flow_ctrl = RFCOMM_RPN_FLOW_NONE;
1282 rpn_mask ^= RFCOMM_RPN_PM_FLOW;
1283 }
1284 }
1285 if (rpn->param_mask & RFCOMM_RPN_PM_XON) {
1286 xon_char = rpn->xon_char;
1287 if (xon_char != RFCOMM_RPN_XON_CHAR) {
1288 BT_DBG("RPN XON char mismatch 0x%x", xon_char);
1289 xon_char = RFCOMM_RPN_XON_CHAR;
1290 rpn_mask ^= RFCOMM_RPN_PM_XON;
1291 }
1292 }
1293 if (rpn->param_mask & RFCOMM_RPN_PM_XOFF) {
1294 xoff_char = rpn->xoff_char;
1295 if (xoff_char != RFCOMM_RPN_XOFF_CHAR) {
1296 BT_DBG("RPN XOFF char mismatch 0x%x", xoff_char);
1297 xoff_char = RFCOMM_RPN_XOFF_CHAR;
1298 rpn_mask ^= RFCOMM_RPN_PM_XOFF;
1299 }
1300 }
1301
1302 rpn_out:
1303 rfcomm_send_rpn(s, 0, dlci,
1304 bit_rate, data_bits, stop_bits, parity, flow_ctrl,
1305 xon_char, xoff_char, rpn_mask);
1306
1307 return 0;
1308 }
1309
rfcomm_recv_rls(struct rfcomm_session * s,int cr,struct sk_buff * skb)1310 static int rfcomm_recv_rls(struct rfcomm_session *s, int cr, struct sk_buff *skb)
1311 {
1312 struct rfcomm_rls *rls = (void *) skb->data;
1313 u8 dlci = __get_dlci(rls->dlci);
1314
1315 BT_DBG("dlci %d cr %d status 0x%x", dlci, cr, rls->status);
1316
1317 if (!cr)
1318 return 0;
1319
1320 /* FIXME: We should probably do something with this
1321 information here. But for now it's sufficient just
1322 to reply -- Bluetooth 1.1 says it's mandatory to
1323 recognise and respond to RLS */
1324
1325 rfcomm_send_rls(s, 0, dlci, rls->status);
1326
1327 return 0;
1328 }
1329
rfcomm_recv_msc(struct rfcomm_session * s,int cr,struct sk_buff * skb)1330 static int rfcomm_recv_msc(struct rfcomm_session *s, int cr, struct sk_buff *skb)
1331 {
1332 struct rfcomm_msc *msc = (void *) skb->data;
1333 struct rfcomm_dlc *d;
1334 u8 dlci = __get_dlci(msc->dlci);
1335
1336 BT_DBG("dlci %d cr %d v24 0x%x", dlci, cr, msc->v24_sig);
1337
1338 d = rfcomm_dlc_get(s, dlci);
1339 if (!d)
1340 return 0;
1341
1342 if (cr) {
1343 if (msc->v24_sig & RFCOMM_V24_FC && !d->cfc)
1344 set_bit(RFCOMM_TX_THROTTLED, &d->flags);
1345 else
1346 clear_bit(RFCOMM_TX_THROTTLED, &d->flags);
1347
1348 rfcomm_dlc_lock(d);
1349 if (d->modem_status)
1350 d->modem_status(d, msc->v24_sig);
1351 rfcomm_dlc_unlock(d);
1352
1353 rfcomm_send_msc(s, 0, dlci, msc->v24_sig);
1354
1355 d->mscex |= RFCOMM_MSCEX_RX;
1356 } else
1357 d->mscex |= RFCOMM_MSCEX_TX;
1358
1359 return 0;
1360 }
1361
rfcomm_recv_mcc(struct rfcomm_session * s,struct sk_buff * skb)1362 static int rfcomm_recv_mcc(struct rfcomm_session *s, struct sk_buff *skb)
1363 {
1364 struct rfcomm_mcc *mcc = (void *) skb->data;
1365 u8 type, cr, len;
1366
1367 cr = __test_cr(mcc->type);
1368 type = __get_mcc_type(mcc->type);
1369 len = __get_mcc_len(mcc->len);
1370
1371 BT_DBG("%p type 0x%x cr %d", s, type, cr);
1372
1373 skb_pull(skb, 2);
1374
1375 switch (type) {
1376 case RFCOMM_PN:
1377 rfcomm_recv_pn(s, cr, skb);
1378 break;
1379
1380 case RFCOMM_RPN:
1381 rfcomm_recv_rpn(s, cr, len, skb);
1382 break;
1383
1384 case RFCOMM_RLS:
1385 rfcomm_recv_rls(s, cr, skb);
1386 break;
1387
1388 case RFCOMM_MSC:
1389 rfcomm_recv_msc(s, cr, skb);
1390 break;
1391
1392 case RFCOMM_FCOFF:
1393 if (cr) {
1394 set_bit(RFCOMM_TX_THROTTLED, &s->flags);
1395 rfcomm_send_fcoff(s, 0);
1396 }
1397 break;
1398
1399 case RFCOMM_FCON:
1400 if (cr) {
1401 clear_bit(RFCOMM_TX_THROTTLED, &s->flags);
1402 rfcomm_send_fcon(s, 0);
1403 }
1404 break;
1405
1406 case RFCOMM_TEST:
1407 if (cr)
1408 rfcomm_send_test(s, 0, skb->data, skb->len);
1409 break;
1410
1411 case RFCOMM_NSC:
1412 break;
1413
1414 default:
1415 BT_ERR("Unknown control type 0x%02x", type);
1416 rfcomm_send_nsc(s, cr, type);
1417 break;
1418 }
1419 return 0;
1420 }
1421
rfcomm_recv_data(struct rfcomm_session * s,u8 dlci,int pf,struct sk_buff * skb)1422 static int rfcomm_recv_data(struct rfcomm_session *s, u8 dlci, int pf, struct sk_buff *skb)
1423 {
1424 struct rfcomm_dlc *d;
1425
1426 BT_DBG("session %p state %ld dlci %d pf %d", s, s->state, dlci, pf);
1427
1428 d = rfcomm_dlc_get(s, dlci);
1429 if (!d) {
1430 rfcomm_send_dm(s, dlci);
1431 goto drop;
1432 }
1433
1434 if (pf && d->cfc) {
1435 u8 credits = *(u8 *) skb->data; skb_pull(skb, 1);
1436
1437 d->tx_credits += credits;
1438 if (d->tx_credits)
1439 clear_bit(RFCOMM_TX_THROTTLED, &d->flags);
1440 }
1441
1442 if (skb->len && d->state == BT_CONNECTED) {
1443 rfcomm_dlc_lock(d);
1444 d->rx_credits--;
1445 d->data_ready(d, skb);
1446 rfcomm_dlc_unlock(d);
1447 return 0;
1448 }
1449
1450 drop:
1451 kfree_skb(skb);
1452 return 0;
1453 }
1454
rfcomm_recv_frame(struct rfcomm_session * s,struct sk_buff * skb)1455 static int rfcomm_recv_frame(struct rfcomm_session *s, struct sk_buff *skb)
1456 {
1457 struct rfcomm_hdr *hdr = (void *) skb->data;
1458 u8 type, dlci, fcs;
1459
1460 dlci = __get_dlci(hdr->addr);
1461 type = __get_type(hdr->ctrl);
1462
1463 /* Trim FCS */
1464 skb->len--; skb->tail--;
1465 fcs = *(u8 *) skb->tail;
1466
1467 if (__check_fcs(skb->data, type, fcs)) {
1468 BT_ERR("bad checksum in packet");
1469 kfree_skb(skb);
1470 return -EILSEQ;
1471 }
1472
1473 if (__test_ea(hdr->len))
1474 skb_pull(skb, 3);
1475 else
1476 skb_pull(skb, 4);
1477
1478 switch (type) {
1479 case RFCOMM_SABM:
1480 if (__test_pf(hdr->ctrl))
1481 rfcomm_recv_sabm(s, dlci);
1482 break;
1483
1484 case RFCOMM_DISC:
1485 if (__test_pf(hdr->ctrl))
1486 rfcomm_recv_disc(s, dlci);
1487 break;
1488
1489 case RFCOMM_UA:
1490 if (__test_pf(hdr->ctrl))
1491 rfcomm_recv_ua(s, dlci);
1492 break;
1493
1494 case RFCOMM_DM:
1495 rfcomm_recv_dm(s, dlci);
1496 break;
1497
1498 case RFCOMM_UIH:
1499 if (dlci)
1500 return rfcomm_recv_data(s, dlci, __test_pf(hdr->ctrl), skb);
1501
1502 rfcomm_recv_mcc(s, skb);
1503 break;
1504
1505 default:
1506 BT_ERR("Unknown packet type 0x%02x\n", type);
1507 break;
1508 }
1509 kfree_skb(skb);
1510 return 0;
1511 }
1512
1513 /* ---- Connection and data processing ---- */
1514
rfcomm_process_connect(struct rfcomm_session * s)1515 static void rfcomm_process_connect(struct rfcomm_session *s)
1516 {
1517 struct rfcomm_dlc *d;
1518 struct list_head *p, *n;
1519
1520 BT_DBG("session %p state %ld", s, s->state);
1521
1522 list_for_each_safe(p, n, &s->dlcs) {
1523 d = list_entry(p, struct rfcomm_dlc, list);
1524 if (d->state == BT_CONFIG) {
1525 d->mtu = s->mtu;
1526 rfcomm_send_pn(s, 1, d);
1527 }
1528 }
1529 }
1530
1531 /* Send data queued for the DLC.
1532 * Return number of frames left in the queue.
1533 */
rfcomm_process_tx(struct rfcomm_dlc * d)1534 static inline int rfcomm_process_tx(struct rfcomm_dlc *d)
1535 {
1536 struct sk_buff *skb;
1537 int err;
1538
1539 BT_DBG("dlc %p state %ld cfc %d rx_credits %d tx_credits %d",
1540 d, d->state, d->cfc, d->rx_credits, d->tx_credits);
1541
1542 /* Send pending MSC */
1543 if (test_and_clear_bit(RFCOMM_MSC_PENDING, &d->flags))
1544 rfcomm_send_msc(d->session, 1, d->dlci, d->v24_sig);
1545
1546 if (d->cfc) {
1547 /* CFC enabled.
1548 * Give them some credits */
1549 if (!test_bit(RFCOMM_RX_THROTTLED, &d->flags) &&
1550 d->rx_credits <= (d->cfc >> 2)) {
1551 rfcomm_send_credits(d->session, d->addr, d->cfc - d->rx_credits);
1552 d->rx_credits = d->cfc;
1553 }
1554 } else {
1555 /* CFC disabled.
1556 * Give ourselves some credits */
1557 d->tx_credits = 5;
1558 }
1559
1560 if (test_bit(RFCOMM_TX_THROTTLED, &d->flags))
1561 return skb_queue_len(&d->tx_queue);
1562
1563 while (d->tx_credits && (skb = skb_dequeue(&d->tx_queue))) {
1564 err = rfcomm_send_frame(d->session, skb->data, skb->len);
1565 if (err < 0) {
1566 skb_queue_head(&d->tx_queue, skb);
1567 break;
1568 }
1569 kfree_skb(skb);
1570 d->tx_credits--;
1571 }
1572
1573 if (d->cfc && !d->tx_credits) {
1574 /* We're out of TX credits.
1575 * Set TX_THROTTLED flag to avoid unnesary wakeups by dlc_send. */
1576 set_bit(RFCOMM_TX_THROTTLED, &d->flags);
1577 }
1578
1579 return skb_queue_len(&d->tx_queue);
1580 }
1581
rfcomm_process_dlcs(struct rfcomm_session * s)1582 static inline void rfcomm_process_dlcs(struct rfcomm_session *s)
1583 {
1584 struct rfcomm_dlc *d;
1585 struct list_head *p, *n;
1586
1587 BT_DBG("session %p state %ld", s, s->state);
1588
1589 list_for_each_safe(p, n, &s->dlcs) {
1590 d = list_entry(p, struct rfcomm_dlc, list);
1591 if (test_bit(RFCOMM_TIMED_OUT, &d->flags)) {
1592 __rfcomm_dlc_close(d, ETIMEDOUT);
1593 continue;
1594 }
1595
1596 if (test_bit(RFCOMM_TX_THROTTLED, &s->flags))
1597 continue;
1598
1599 if ((d->state == BT_CONNECTED || d->state == BT_DISCONN) &&
1600 d->mscex == RFCOMM_MSCEX_OK)
1601 rfcomm_process_tx(d);
1602 }
1603 }
1604
rfcomm_process_rx(struct rfcomm_session * s)1605 static inline void rfcomm_process_rx(struct rfcomm_session *s)
1606 {
1607 struct socket *sock = s->sock;
1608 struct sock *sk = sock->sk;
1609 struct sk_buff *skb;
1610
1611 BT_DBG("session %p state %ld qlen %d", s, s->state, skb_queue_len(&sk->receive_queue));
1612
1613 /* Get data directly from socket receive queue without copying it. */
1614 while ((skb = skb_dequeue(&sk->receive_queue))) {
1615 skb_orphan(skb);
1616 rfcomm_recv_frame(s, skb);
1617 }
1618
1619 if (sk->state == BT_CLOSED) {
1620 if (!s->initiator)
1621 rfcomm_session_put(s);
1622
1623 rfcomm_session_close(s, sk->err);
1624 }
1625 }
1626
rfcomm_accept_connection(struct rfcomm_session * s)1627 static inline void rfcomm_accept_connection(struct rfcomm_session *s)
1628 {
1629 struct socket *sock = s->sock, *nsock;
1630 int err;
1631
1632 /* Fast check for a new connection.
1633 * Avoids unnesesary socket allocations. */
1634 if (list_empty(&bluez_pi(sock->sk)->accept_q))
1635 return;
1636
1637 BT_DBG("session %p", s);
1638
1639 nsock = sock_alloc();
1640 if (!nsock)
1641 return;
1642
1643 nsock->type = sock->type;
1644 nsock->ops = sock->ops;
1645
1646 err = sock->ops->accept(sock, nsock, O_NONBLOCK);
1647 if (err < 0) {
1648 sock_release(nsock);
1649 return;
1650 }
1651
1652 /* Set our callbacks */
1653 nsock->sk->data_ready = rfcomm_l2data_ready;
1654 nsock->sk->state_change = rfcomm_l2state_change;
1655
1656 s = rfcomm_session_add(nsock, BT_OPEN);
1657 if (s) {
1658 rfcomm_session_hold(s);
1659 rfcomm_schedule(RFCOMM_SCHED_RX);
1660 } else
1661 sock_release(nsock);
1662 }
1663
rfcomm_check_connection(struct rfcomm_session * s)1664 static inline void rfcomm_check_connection(struct rfcomm_session *s)
1665 {
1666 struct sock *sk = s->sock->sk;
1667
1668 BT_DBG("%p state %ld", s, s->state);
1669
1670 switch(sk->state) {
1671 case BT_CONNECTED:
1672 s->state = BT_CONNECT;
1673
1674 /* We can adjust MTU on outgoing sessions.
1675 * L2CAP MTU minus UIH header and FCS. */
1676 s->mtu = min(l2cap_pi(sk)->omtu, l2cap_pi(sk)->imtu) - 5;
1677
1678 rfcomm_send_sabm(s, 0);
1679 break;
1680
1681 case BT_CLOSED:
1682 s->state = BT_CLOSED;
1683 rfcomm_session_close(s, sk->err);
1684 break;
1685 }
1686 }
1687
rfcomm_process_sessions(void)1688 static inline void rfcomm_process_sessions(void)
1689 {
1690 struct list_head *p, *n;
1691
1692 rfcomm_lock();
1693
1694 list_for_each_safe(p, n, &session_list) {
1695 struct rfcomm_session *s;
1696 s = list_entry(p, struct rfcomm_session, list);
1697
1698 if (s->state == BT_LISTEN) {
1699 rfcomm_accept_connection(s);
1700 continue;
1701 }
1702
1703 rfcomm_session_hold(s);
1704
1705 switch (s->state) {
1706 case BT_BOUND:
1707 rfcomm_check_connection(s);
1708 break;
1709
1710 default:
1711 rfcomm_process_rx(s);
1712 break;
1713 }
1714
1715 rfcomm_process_dlcs(s);
1716
1717 rfcomm_session_put(s);
1718 }
1719
1720 rfcomm_unlock();
1721 }
1722
rfcomm_worker(void)1723 static void rfcomm_worker(void)
1724 {
1725 BT_DBG("");
1726
1727 daemonize(); reparent_to_init();
1728 set_fs(KERNEL_DS);
1729
1730 while (!atomic_read(&terminate)) {
1731 BT_DBG("worker loop event 0x%lx", rfcomm_event);
1732
1733 if (!test_bit(RFCOMM_SCHED_WAKEUP, &rfcomm_event)) {
1734 /* No pending events. Let's sleep.
1735 * Incomming connections and data will wake us up. */
1736 set_current_state(TASK_INTERRUPTIBLE);
1737 schedule();
1738 }
1739
1740 /* Process stuff */
1741 clear_bit(RFCOMM_SCHED_WAKEUP, &rfcomm_event);
1742 rfcomm_process_sessions();
1743 }
1744 set_current_state(TASK_RUNNING);
1745 return;
1746 }
1747
rfcomm_add_listener(bdaddr_t * ba)1748 static int rfcomm_add_listener(bdaddr_t *ba)
1749 {
1750 struct sockaddr_l2 addr;
1751 struct l2cap_options opts;
1752 struct socket *sock;
1753 struct rfcomm_session *s;
1754 int size, err = 0;
1755
1756 /* Create socket */
1757 err = rfcomm_l2sock_create(&sock);
1758 if (err < 0) {
1759 BT_ERR("Create socket failed %d", err);
1760 return err;
1761 }
1762
1763 /* Bind socket */
1764 bacpy(&addr.l2_bdaddr, ba);
1765 addr.l2_family = AF_BLUETOOTH;
1766 addr.l2_psm = htobs(RFCOMM_PSM);
1767 err = sock->ops->bind(sock, (struct sockaddr *) &addr, sizeof(addr));
1768 if (err < 0) {
1769 BT_ERR("Bind failed %d", err);
1770 goto failed;
1771 }
1772
1773 /* Set L2CAP options */
1774 size = sizeof(opts);
1775 sock->ops->getsockopt(sock, SOL_L2CAP, L2CAP_OPTIONS, (void *)&opts, &size);
1776
1777 opts.imtu = RFCOMM_MAX_L2CAP_MTU;
1778 sock->ops->setsockopt(sock, SOL_L2CAP, L2CAP_OPTIONS, (void *)&opts, size);
1779
1780 /* Start listening on the socket */
1781 err = sock->ops->listen(sock, 10);
1782 if (err) {
1783 BT_ERR("Listen failed %d", err);
1784 goto failed;
1785 }
1786
1787 /* Add listening session */
1788 s = rfcomm_session_add(sock, BT_LISTEN);
1789 if (!s)
1790 goto failed;
1791
1792 rfcomm_session_hold(s);
1793 return 0;
1794 failed:
1795 sock_release(sock);
1796 return err;
1797 }
1798
rfcomm_kill_listener(void)1799 static void rfcomm_kill_listener(void)
1800 {
1801 struct rfcomm_session *s;
1802 struct list_head *p, *n;
1803
1804 BT_DBG("");
1805
1806 list_for_each_safe(p, n, &session_list) {
1807 s = list_entry(p, struct rfcomm_session, list);
1808 rfcomm_session_del(s);
1809 }
1810 }
1811
rfcomm_run(void * unused)1812 static int rfcomm_run(void *unused)
1813 {
1814 rfcomm_thread = current;
1815
1816 atomic_inc(&running);
1817
1818 daemonize(); reparent_to_init();
1819
1820 sigfillset(¤t->blocked);
1821 set_fs(KERNEL_DS);
1822
1823 sprintf(current->comm, "krfcommd");
1824
1825 BT_DBG("");
1826
1827 rfcomm_add_listener(BDADDR_ANY);
1828
1829 rfcomm_worker();
1830
1831 rfcomm_kill_listener();
1832
1833 atomic_dec(&running);
1834 return 0;
1835 }
1836
1837 /* ---- Proc fs support ---- */
rfcomm_dlc_dump(char * buf)1838 static int rfcomm_dlc_dump(char *buf)
1839 {
1840 struct rfcomm_session *s;
1841 struct sock *sk;
1842 struct list_head *p, *pp;
1843 char *ptr = buf;
1844
1845 rfcomm_lock();
1846
1847 list_for_each(p, &session_list) {
1848 s = list_entry(p, struct rfcomm_session, list);
1849 sk = s->sock->sk;
1850
1851 list_for_each(pp, &s->dlcs) {
1852 struct rfcomm_dlc *d;
1853 d = list_entry(pp, struct rfcomm_dlc, list);
1854
1855 ptr += sprintf(ptr, "dlc %s %s %ld %d %d %d %d\n",
1856 batostr(&bluez_pi(sk)->src), batostr(&bluez_pi(sk)->dst),
1857 d->state, d->dlci, d->mtu, d->rx_credits, d->tx_credits);
1858 }
1859 }
1860
1861 rfcomm_unlock();
1862
1863 return ptr - buf;
1864 }
1865
1866 extern int rfcomm_sock_dump(char *buf);
1867
rfcomm_read_proc(char * buf,char ** start,off_t offset,int count,int * eof,void * priv)1868 static int rfcomm_read_proc(char *buf, char **start, off_t offset, int count, int *eof, void *priv)
1869 {
1870 char *ptr = buf;
1871 int len;
1872
1873 BT_DBG("count %d, offset %ld", count, offset);
1874
1875 ptr += rfcomm_dlc_dump(ptr);
1876 ptr += rfcomm_sock_dump(ptr);
1877 len = ptr - buf;
1878
1879 if (len <= count + offset)
1880 *eof = 1;
1881
1882 *start = buf + offset;
1883 len -= offset;
1884
1885 if (len > count)
1886 len = count;
1887 if (len < 0)
1888 len = 0;
1889
1890 return len;
1891 }
1892
1893 /* ---- Initialization ---- */
rfcomm_init(void)1894 int __init rfcomm_init(void)
1895 {
1896 l2cap_load();
1897
1898 kernel_thread(rfcomm_run, NULL, CLONE_FS | CLONE_FILES | CLONE_SIGHAND);
1899
1900 rfcomm_init_sockets();
1901
1902 #ifdef CONFIG_BLUEZ_RFCOMM_TTY
1903 rfcomm_init_ttys();
1904 #endif
1905
1906 create_proc_read_entry("bluetooth/rfcomm", 0, 0, rfcomm_read_proc, NULL);
1907
1908 BT_INFO("BlueZ RFCOMM ver %s", VERSION);
1909 BT_INFO("Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com>");
1910 BT_INFO("Copyright (C) 2002 Marcel Holtmann <marcel@holtmann.org>");
1911 return 0;
1912 }
1913
rfcomm_cleanup(void)1914 void rfcomm_cleanup(void)
1915 {
1916 /* Terminate working thread.
1917 * ie. Set terminate flag and wake it up */
1918 atomic_inc(&terminate);
1919 rfcomm_schedule(RFCOMM_SCHED_STATE);
1920
1921 /* Wait until thread is running */
1922 while (atomic_read(&running))
1923 schedule();
1924
1925 remove_proc_entry("bluetooth/rfcomm", NULL);
1926
1927 #ifdef CONFIG_BLUEZ_RFCOMM_TTY
1928 rfcomm_cleanup_ttys();
1929 #endif
1930
1931 rfcomm_cleanup_sockets();
1932 return;
1933 }
1934
1935 module_init(rfcomm_init);
1936 module_exit(rfcomm_cleanup);
1937
1938 MODULE_AUTHOR("Maxim Krasnyansky <maxk@qualcomm.com>, Marcel Holtmann <marcel@holtmann.org>");
1939 MODULE_DESCRIPTION("BlueZ RFCOMM ver " VERSION);
1940 MODULE_LICENSE("GPL");
1941