1 /* 2 RFCOMM implementation for Linux Bluetooth stack (BlueZ). 3 Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com> 4 Copyright (C) 2002 Marcel Holtmann <marcel@holtmann.org> 5 6 This program is free software; you can redistribute it and/or modify 7 it under the terms of the GNU General Public License version 2 as 8 published by the Free Software Foundation; 9 10 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS 11 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 12 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. 13 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY 14 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES 15 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 19 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, 20 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS 21 SOFTWARE IS DISCLAIMED. 22 */ 23 24 /* 25 * RFCOMM TTY. 26 */ 27 28 #include <linux/module.h> 29 30 #include <linux/tty.h> 31 #include <linux/tty_driver.h> 32 #include <linux/tty_flip.h> 33 34 #include <net/bluetooth/bluetooth.h> 35 #include <net/bluetooth/hci_core.h> 36 #include <net/bluetooth/rfcomm.h> 37 38 #define RFCOMM_TTY_MAGIC 0x6d02 /* magic number for rfcomm struct */ 39 #define RFCOMM_TTY_PORTS RFCOMM_MAX_DEV /* whole lotta rfcomm devices */ 40 #define RFCOMM_TTY_MAJOR 216 /* device node major id of the usb/bluetooth.c driver */ 41 #define RFCOMM_TTY_MINOR 0 42 43 static struct tty_driver *rfcomm_tty_driver; 44 45 struct rfcomm_dev { 46 struct tty_port port; 47 struct list_head list; 48 49 char name[12]; 50 int id; 51 unsigned long flags; 52 int err; 53 54 unsigned long status; /* don't export to userspace */ 55 56 bdaddr_t src; 57 bdaddr_t dst; 58 u8 channel; 59 60 uint modem_status; 61 62 struct rfcomm_dlc *dlc; 63 64 struct device *tty_dev; 65 66 atomic_t wmem_alloc; 67 68 struct sk_buff_head pending; 69 }; 70 71 static LIST_HEAD(rfcomm_dev_list); 72 static DEFINE_SPINLOCK(rfcomm_dev_lock); 73 74 static void rfcomm_dev_data_ready(struct rfcomm_dlc *dlc, struct sk_buff *skb); 75 static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err); 76 static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig); 77 78 /* ---- Device functions ---- */ 79 80 static void rfcomm_dev_destruct(struct tty_port *port) 81 { 82 struct rfcomm_dev *dev = container_of(port, struct rfcomm_dev, port); 83 struct rfcomm_dlc *dlc = dev->dlc; 84 85 BT_DBG("dev %p dlc %p", dev, dlc); 86 87 spin_lock(&rfcomm_dev_lock); 88 list_del(&dev->list); 89 spin_unlock(&rfcomm_dev_lock); 90 91 rfcomm_dlc_lock(dlc); 92 /* Detach DLC if it's owned by this dev */ 93 if (dlc->owner == dev) 94 dlc->owner = NULL; 95 rfcomm_dlc_unlock(dlc); 96 97 rfcomm_dlc_put(dlc); 98 99 tty_unregister_device(rfcomm_tty_driver, dev->id); 100 101 kfree(dev); 102 103 /* It's safe to call module_put() here because socket still 104 holds reference to this module. */ 105 module_put(THIS_MODULE); 106 } 107 108 /* device-specific initialization: open the dlc */ 109 static int rfcomm_dev_activate(struct tty_port *port, struct tty_struct *tty) 110 { 111 struct rfcomm_dev *dev = container_of(port, struct rfcomm_dev, port); 112 113 return rfcomm_dlc_open(dev->dlc, &dev->src, &dev->dst, dev->channel); 114 } 115 116 /* we block the open until the dlc->state becomes BT_CONNECTED */ 117 static int rfcomm_dev_carrier_raised(struct tty_port *port) 118 { 119 struct rfcomm_dev *dev = container_of(port, struct rfcomm_dev, port); 120 121 return (dev->dlc->state == BT_CONNECTED); 122 } 123 124 /* device-specific cleanup: close the dlc */ 125 static void rfcomm_dev_shutdown(struct tty_port *port) 126 { 127 struct rfcomm_dev *dev = container_of(port, struct rfcomm_dev, port); 128 129 if (dev->tty_dev->parent) 130 device_move(dev->tty_dev, NULL, DPM_ORDER_DEV_LAST); 131 132 /* close the dlc */ 133 rfcomm_dlc_close(dev->dlc, 0); 134 } 135 136 static const struct tty_port_operations rfcomm_port_ops = { 137 .destruct = rfcomm_dev_destruct, 138 .activate = rfcomm_dev_activate, 139 .shutdown = rfcomm_dev_shutdown, 140 .carrier_raised = rfcomm_dev_carrier_raised, 141 }; 142 143 static struct rfcomm_dev *__rfcomm_dev_get(int id) 144 { 145 struct rfcomm_dev *dev; 146 147 list_for_each_entry(dev, &rfcomm_dev_list, list) 148 if (dev->id == id) 149 return dev; 150 151 return NULL; 152 } 153 154 static struct rfcomm_dev *rfcomm_dev_get(int id) 155 { 156 struct rfcomm_dev *dev; 157 158 spin_lock(&rfcomm_dev_lock); 159 160 dev = __rfcomm_dev_get(id); 161 162 if (dev && !tty_port_get(&dev->port)) 163 dev = NULL; 164 165 spin_unlock(&rfcomm_dev_lock); 166 167 return dev; 168 } 169 170 static struct device *rfcomm_get_device(struct rfcomm_dev *dev) 171 { 172 struct hci_dev *hdev; 173 struct hci_conn *conn; 174 175 hdev = hci_get_route(&dev->dst, &dev->src); 176 if (!hdev) 177 return NULL; 178 179 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &dev->dst); 180 181 hci_dev_put(hdev); 182 183 return conn ? &conn->dev : NULL; 184 } 185 186 static ssize_t show_address(struct device *tty_dev, struct device_attribute *attr, char *buf) 187 { 188 struct rfcomm_dev *dev = dev_get_drvdata(tty_dev); 189 return sprintf(buf, "%pMR\n", &dev->dst); 190 } 191 192 static ssize_t show_channel(struct device *tty_dev, struct device_attribute *attr, char *buf) 193 { 194 struct rfcomm_dev *dev = dev_get_drvdata(tty_dev); 195 return sprintf(buf, "%d\n", dev->channel); 196 } 197 198 static DEVICE_ATTR(address, S_IRUGO, show_address, NULL); 199 static DEVICE_ATTR(channel, S_IRUGO, show_channel, NULL); 200 201 static int rfcomm_dev_add(struct rfcomm_dev_req *req, struct rfcomm_dlc *dlc) 202 { 203 struct rfcomm_dev *dev, *entry; 204 struct list_head *head = &rfcomm_dev_list; 205 int err = 0; 206 207 BT_DBG("id %d channel %d", req->dev_id, req->channel); 208 209 dev = kzalloc(sizeof(struct rfcomm_dev), GFP_KERNEL); 210 if (!dev) 211 return -ENOMEM; 212 213 spin_lock(&rfcomm_dev_lock); 214 215 if (req->dev_id < 0) { 216 dev->id = 0; 217 218 list_for_each_entry(entry, &rfcomm_dev_list, list) { 219 if (entry->id != dev->id) 220 break; 221 222 dev->id++; 223 head = &entry->list; 224 } 225 } else { 226 dev->id = req->dev_id; 227 228 list_for_each_entry(entry, &rfcomm_dev_list, list) { 229 if (entry->id == dev->id) { 230 err = -EADDRINUSE; 231 goto out; 232 } 233 234 if (entry->id > dev->id - 1) 235 break; 236 237 head = &entry->list; 238 } 239 } 240 241 if ((dev->id < 0) || (dev->id > RFCOMM_MAX_DEV - 1)) { 242 err = -ENFILE; 243 goto out; 244 } 245 246 sprintf(dev->name, "rfcomm%d", dev->id); 247 248 list_add(&dev->list, head); 249 250 bacpy(&dev->src, &req->src); 251 bacpy(&dev->dst, &req->dst); 252 dev->channel = req->channel; 253 254 dev->flags = req->flags & 255 ((1 << RFCOMM_RELEASE_ONHUP) | (1 << RFCOMM_REUSE_DLC)); 256 257 tty_port_init(&dev->port); 258 dev->port.ops = &rfcomm_port_ops; 259 260 skb_queue_head_init(&dev->pending); 261 262 rfcomm_dlc_lock(dlc); 263 264 if (req->flags & (1 << RFCOMM_REUSE_DLC)) { 265 struct sock *sk = dlc->owner; 266 struct sk_buff *skb; 267 268 BUG_ON(!sk); 269 270 rfcomm_dlc_throttle(dlc); 271 272 while ((skb = skb_dequeue(&sk->sk_receive_queue))) { 273 skb_orphan(skb); 274 skb_queue_tail(&dev->pending, skb); 275 atomic_sub(skb->len, &sk->sk_rmem_alloc); 276 } 277 } 278 279 dlc->data_ready = rfcomm_dev_data_ready; 280 dlc->state_change = rfcomm_dev_state_change; 281 dlc->modem_status = rfcomm_dev_modem_status; 282 283 dlc->owner = dev; 284 dev->dlc = dlc; 285 286 rfcomm_dev_modem_status(dlc, dlc->remote_v24_sig); 287 288 rfcomm_dlc_unlock(dlc); 289 290 /* It's safe to call __module_get() here because socket already 291 holds reference to this module. */ 292 __module_get(THIS_MODULE); 293 294 out: 295 spin_unlock(&rfcomm_dev_lock); 296 297 if (err < 0) 298 goto free; 299 300 dev->tty_dev = tty_port_register_device(&dev->port, rfcomm_tty_driver, 301 dev->id, NULL); 302 if (IS_ERR(dev->tty_dev)) { 303 err = PTR_ERR(dev->tty_dev); 304 spin_lock(&rfcomm_dev_lock); 305 list_del(&dev->list); 306 spin_unlock(&rfcomm_dev_lock); 307 goto free; 308 } 309 310 dev_set_drvdata(dev->tty_dev, dev); 311 312 if (device_create_file(dev->tty_dev, &dev_attr_address) < 0) 313 BT_ERR("Failed to create address attribute"); 314 315 if (device_create_file(dev->tty_dev, &dev_attr_channel) < 0) 316 BT_ERR("Failed to create channel attribute"); 317 318 return dev->id; 319 320 free: 321 kfree(dev); 322 return err; 323 } 324 325 /* ---- Send buffer ---- */ 326 static inline unsigned int rfcomm_room(struct rfcomm_dlc *dlc) 327 { 328 /* We can't let it be zero, because we don't get a callback 329 when tx_credits becomes nonzero, hence we'd never wake up */ 330 return dlc->mtu * (dlc->tx_credits?:1); 331 } 332 333 static void rfcomm_wfree(struct sk_buff *skb) 334 { 335 struct rfcomm_dev *dev = (void *) skb->sk; 336 atomic_sub(skb->truesize, &dev->wmem_alloc); 337 if (test_bit(RFCOMM_TTY_ATTACHED, &dev->flags)) 338 tty_port_tty_wakeup(&dev->port); 339 tty_port_put(&dev->port); 340 } 341 342 static void rfcomm_set_owner_w(struct sk_buff *skb, struct rfcomm_dev *dev) 343 { 344 tty_port_get(&dev->port); 345 atomic_add(skb->truesize, &dev->wmem_alloc); 346 skb->sk = (void *) dev; 347 skb->destructor = rfcomm_wfree; 348 } 349 350 static struct sk_buff *rfcomm_wmalloc(struct rfcomm_dev *dev, unsigned long size, gfp_t priority) 351 { 352 if (atomic_read(&dev->wmem_alloc) < rfcomm_room(dev->dlc)) { 353 struct sk_buff *skb = alloc_skb(size, priority); 354 if (skb) { 355 rfcomm_set_owner_w(skb, dev); 356 return skb; 357 } 358 } 359 return NULL; 360 } 361 362 /* ---- Device IOCTLs ---- */ 363 364 #define NOCAP_FLAGS ((1 << RFCOMM_REUSE_DLC) | (1 << RFCOMM_RELEASE_ONHUP)) 365 366 static int rfcomm_create_dev(struct sock *sk, void __user *arg) 367 { 368 struct rfcomm_dev_req req; 369 struct rfcomm_dlc *dlc; 370 int id; 371 372 if (copy_from_user(&req, arg, sizeof(req))) 373 return -EFAULT; 374 375 BT_DBG("sk %p dev_id %d flags 0x%x", sk, req.dev_id, req.flags); 376 377 if (req.flags != NOCAP_FLAGS && !capable(CAP_NET_ADMIN)) 378 return -EPERM; 379 380 if (req.flags & (1 << RFCOMM_REUSE_DLC)) { 381 /* Socket must be connected */ 382 if (sk->sk_state != BT_CONNECTED) 383 return -EBADFD; 384 385 dlc = rfcomm_pi(sk)->dlc; 386 rfcomm_dlc_hold(dlc); 387 } else { 388 dlc = rfcomm_dlc_alloc(GFP_KERNEL); 389 if (!dlc) 390 return -ENOMEM; 391 } 392 393 id = rfcomm_dev_add(&req, dlc); 394 if (id < 0) { 395 rfcomm_dlc_put(dlc); 396 return id; 397 } 398 399 if (req.flags & (1 << RFCOMM_REUSE_DLC)) { 400 /* DLC is now used by device. 401 * Socket must be disconnected */ 402 sk->sk_state = BT_CLOSED; 403 } 404 405 return id; 406 } 407 408 static int rfcomm_release_dev(void __user *arg) 409 { 410 struct rfcomm_dev_req req; 411 struct rfcomm_dev *dev; 412 struct tty_struct *tty; 413 414 if (copy_from_user(&req, arg, sizeof(req))) 415 return -EFAULT; 416 417 BT_DBG("dev_id %d flags 0x%x", req.dev_id, req.flags); 418 419 dev = rfcomm_dev_get(req.dev_id); 420 if (!dev) 421 return -ENODEV; 422 423 if (dev->flags != NOCAP_FLAGS && !capable(CAP_NET_ADMIN)) { 424 tty_port_put(&dev->port); 425 return -EPERM; 426 } 427 428 /* only release once */ 429 if (test_and_set_bit(RFCOMM_DEV_RELEASED, &dev->status)) { 430 tty_port_put(&dev->port); 431 return -EALREADY; 432 } 433 434 if (req.flags & (1 << RFCOMM_HANGUP_NOW)) 435 rfcomm_dlc_close(dev->dlc, 0); 436 437 /* Shut down TTY synchronously before freeing rfcomm_dev */ 438 tty = tty_port_tty_get(&dev->port); 439 if (tty) { 440 tty_vhangup(tty); 441 tty_kref_put(tty); 442 } 443 444 if (!test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags)) 445 tty_port_put(&dev->port); 446 447 tty_port_put(&dev->port); 448 return 0; 449 } 450 451 static int rfcomm_get_dev_list(void __user *arg) 452 { 453 struct rfcomm_dev *dev; 454 struct rfcomm_dev_list_req *dl; 455 struct rfcomm_dev_info *di; 456 int n = 0, size, err; 457 u16 dev_num; 458 459 BT_DBG(""); 460 461 if (get_user(dev_num, (u16 __user *) arg)) 462 return -EFAULT; 463 464 if (!dev_num || dev_num > (PAGE_SIZE * 4) / sizeof(*di)) 465 return -EINVAL; 466 467 size = sizeof(*dl) + dev_num * sizeof(*di); 468 469 dl = kzalloc(size, GFP_KERNEL); 470 if (!dl) 471 return -ENOMEM; 472 473 di = dl->dev_info; 474 475 spin_lock(&rfcomm_dev_lock); 476 477 list_for_each_entry(dev, &rfcomm_dev_list, list) { 478 if (!tty_port_get(&dev->port)) 479 continue; 480 (di + n)->id = dev->id; 481 (di + n)->flags = dev->flags; 482 (di + n)->state = dev->dlc->state; 483 (di + n)->channel = dev->channel; 484 bacpy(&(di + n)->src, &dev->src); 485 bacpy(&(di + n)->dst, &dev->dst); 486 tty_port_put(&dev->port); 487 if (++n >= dev_num) 488 break; 489 } 490 491 spin_unlock(&rfcomm_dev_lock); 492 493 dl->dev_num = n; 494 size = sizeof(*dl) + n * sizeof(*di); 495 496 err = copy_to_user(arg, dl, size); 497 kfree(dl); 498 499 return err ? -EFAULT : 0; 500 } 501 502 static int rfcomm_get_dev_info(void __user *arg) 503 { 504 struct rfcomm_dev *dev; 505 struct rfcomm_dev_info di; 506 int err = 0; 507 508 BT_DBG(""); 509 510 if (copy_from_user(&di, arg, sizeof(di))) 511 return -EFAULT; 512 513 dev = rfcomm_dev_get(di.id); 514 if (!dev) 515 return -ENODEV; 516 517 di.flags = dev->flags; 518 di.channel = dev->channel; 519 di.state = dev->dlc->state; 520 bacpy(&di.src, &dev->src); 521 bacpy(&di.dst, &dev->dst); 522 523 if (copy_to_user(arg, &di, sizeof(di))) 524 err = -EFAULT; 525 526 tty_port_put(&dev->port); 527 return err; 528 } 529 530 int rfcomm_dev_ioctl(struct sock *sk, unsigned int cmd, void __user *arg) 531 { 532 BT_DBG("cmd %d arg %p", cmd, arg); 533 534 switch (cmd) { 535 case RFCOMMCREATEDEV: 536 return rfcomm_create_dev(sk, arg); 537 538 case RFCOMMRELEASEDEV: 539 return rfcomm_release_dev(arg); 540 541 case RFCOMMGETDEVLIST: 542 return rfcomm_get_dev_list(arg); 543 544 case RFCOMMGETDEVINFO: 545 return rfcomm_get_dev_info(arg); 546 } 547 548 return -EINVAL; 549 } 550 551 /* ---- DLC callbacks ---- */ 552 static void rfcomm_dev_data_ready(struct rfcomm_dlc *dlc, struct sk_buff *skb) 553 { 554 struct rfcomm_dev *dev = dlc->owner; 555 556 if (!dev) { 557 kfree_skb(skb); 558 return; 559 } 560 561 if (!skb_queue_empty(&dev->pending)) { 562 skb_queue_tail(&dev->pending, skb); 563 return; 564 } 565 566 BT_DBG("dlc %p len %d", dlc, skb->len); 567 568 tty_insert_flip_string(&dev->port, skb->data, skb->len); 569 tty_flip_buffer_push(&dev->port); 570 571 kfree_skb(skb); 572 } 573 574 static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err) 575 { 576 struct rfcomm_dev *dev = dlc->owner; 577 if (!dev) 578 return; 579 580 BT_DBG("dlc %p dev %p err %d", dlc, dev, err); 581 582 dev->err = err; 583 if (dlc->state == BT_CONNECTED) { 584 device_move(dev->tty_dev, rfcomm_get_device(dev), 585 DPM_ORDER_DEV_AFTER_PARENT); 586 587 wake_up_interruptible(&dev->port.open_wait); 588 } else if (dlc->state == BT_CLOSED) 589 tty_port_tty_hangup(&dev->port, false); 590 } 591 592 static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig) 593 { 594 struct rfcomm_dev *dev = dlc->owner; 595 if (!dev) 596 return; 597 598 BT_DBG("dlc %p dev %p v24_sig 0x%02x", dlc, dev, v24_sig); 599 600 if ((dev->modem_status & TIOCM_CD) && !(v24_sig & RFCOMM_V24_DV)) 601 tty_port_tty_hangup(&dev->port, true); 602 603 dev->modem_status = 604 ((v24_sig & RFCOMM_V24_RTC) ? (TIOCM_DSR | TIOCM_DTR) : 0) | 605 ((v24_sig & RFCOMM_V24_RTR) ? (TIOCM_RTS | TIOCM_CTS) : 0) | 606 ((v24_sig & RFCOMM_V24_IC) ? TIOCM_RI : 0) | 607 ((v24_sig & RFCOMM_V24_DV) ? TIOCM_CD : 0); 608 } 609 610 /* ---- TTY functions ---- */ 611 static void rfcomm_tty_copy_pending(struct rfcomm_dev *dev) 612 { 613 struct sk_buff *skb; 614 int inserted = 0; 615 616 BT_DBG("dev %p", dev); 617 618 rfcomm_dlc_lock(dev->dlc); 619 620 while ((skb = skb_dequeue(&dev->pending))) { 621 inserted += tty_insert_flip_string(&dev->port, skb->data, 622 skb->len); 623 kfree_skb(skb); 624 } 625 626 rfcomm_dlc_unlock(dev->dlc); 627 628 if (inserted > 0) 629 tty_flip_buffer_push(&dev->port); 630 } 631 632 /* do the reverse of install, clearing the tty fields and releasing the 633 * reference to tty_port 634 */ 635 static void rfcomm_tty_cleanup(struct tty_struct *tty) 636 { 637 struct rfcomm_dev *dev = tty->driver_data; 638 639 clear_bit(RFCOMM_TTY_ATTACHED, &dev->flags); 640 641 rfcomm_dlc_lock(dev->dlc); 642 tty->driver_data = NULL; 643 rfcomm_dlc_unlock(dev->dlc); 644 645 /* 646 * purge the dlc->tx_queue to avoid circular dependencies 647 * between dev and dlc 648 */ 649 skb_queue_purge(&dev->dlc->tx_queue); 650 651 tty_port_put(&dev->port); 652 } 653 654 /* we acquire the tty_port reference since it's here the tty is first used 655 * by setting the termios. We also populate the driver_data field and install 656 * the tty port 657 */ 658 static int rfcomm_tty_install(struct tty_driver *driver, struct tty_struct *tty) 659 { 660 struct rfcomm_dev *dev; 661 struct rfcomm_dlc *dlc; 662 int err; 663 664 dev = rfcomm_dev_get(tty->index); 665 if (!dev) 666 return -ENODEV; 667 668 dlc = dev->dlc; 669 670 /* Attach TTY and open DLC */ 671 rfcomm_dlc_lock(dlc); 672 tty->driver_data = dev; 673 rfcomm_dlc_unlock(dlc); 674 set_bit(RFCOMM_TTY_ATTACHED, &dev->flags); 675 676 /* install the tty_port */ 677 err = tty_port_install(&dev->port, driver, tty); 678 if (err) { 679 rfcomm_tty_cleanup(tty); 680 return err; 681 } 682 683 /* take over the tty_port reference if the port was created with the 684 * flag RFCOMM_RELEASE_ONHUP. This will force the release of the port 685 * when the last process closes the tty. The behaviour is expected by 686 * userspace. 687 */ 688 if (test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags)) 689 tty_port_put(&dev->port); 690 691 return 0; 692 } 693 694 static int rfcomm_tty_open(struct tty_struct *tty, struct file *filp) 695 { 696 struct rfcomm_dev *dev = tty->driver_data; 697 int err; 698 699 BT_DBG("tty %p id %d", tty, tty->index); 700 701 BT_DBG("dev %p dst %pMR channel %d opened %d", dev, &dev->dst, 702 dev->channel, dev->port.count); 703 704 err = tty_port_open(&dev->port, tty, filp); 705 if (err) 706 return err; 707 708 /* 709 * FIXME: rfcomm should use proper flow control for 710 * received data. This hack will be unnecessary and can 711 * be removed when that's implemented 712 */ 713 rfcomm_tty_copy_pending(dev); 714 715 rfcomm_dlc_unthrottle(dev->dlc); 716 717 return 0; 718 } 719 720 static void rfcomm_tty_close(struct tty_struct *tty, struct file *filp) 721 { 722 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 723 724 BT_DBG("tty %p dev %p dlc %p opened %d", tty, dev, dev->dlc, 725 dev->port.count); 726 727 tty_port_close(&dev->port, tty, filp); 728 } 729 730 static int rfcomm_tty_write(struct tty_struct *tty, const unsigned char *buf, int count) 731 { 732 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 733 struct rfcomm_dlc *dlc = dev->dlc; 734 struct sk_buff *skb; 735 int err = 0, sent = 0, size; 736 737 BT_DBG("tty %p count %d", tty, count); 738 739 while (count) { 740 size = min_t(uint, count, dlc->mtu); 741 742 skb = rfcomm_wmalloc(dev, size + RFCOMM_SKB_RESERVE, GFP_ATOMIC); 743 744 if (!skb) 745 break; 746 747 skb_reserve(skb, RFCOMM_SKB_HEAD_RESERVE); 748 749 memcpy(skb_put(skb, size), buf + sent, size); 750 751 err = rfcomm_dlc_send(dlc, skb); 752 if (err < 0) { 753 kfree_skb(skb); 754 break; 755 } 756 757 sent += size; 758 count -= size; 759 } 760 761 return sent ? sent : err; 762 } 763 764 static int rfcomm_tty_write_room(struct tty_struct *tty) 765 { 766 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 767 int room; 768 769 BT_DBG("tty %p", tty); 770 771 if (!dev || !dev->dlc) 772 return 0; 773 774 room = rfcomm_room(dev->dlc) - atomic_read(&dev->wmem_alloc); 775 if (room < 0) 776 room = 0; 777 778 return room; 779 } 780 781 static int rfcomm_tty_ioctl(struct tty_struct *tty, unsigned int cmd, unsigned long arg) 782 { 783 BT_DBG("tty %p cmd 0x%02x", tty, cmd); 784 785 switch (cmd) { 786 case TCGETS: 787 BT_DBG("TCGETS is not supported"); 788 return -ENOIOCTLCMD; 789 790 case TCSETS: 791 BT_DBG("TCSETS is not supported"); 792 return -ENOIOCTLCMD; 793 794 case TIOCMIWAIT: 795 BT_DBG("TIOCMIWAIT"); 796 break; 797 798 case TIOCGSERIAL: 799 BT_ERR("TIOCGSERIAL is not supported"); 800 return -ENOIOCTLCMD; 801 802 case TIOCSSERIAL: 803 BT_ERR("TIOCSSERIAL is not supported"); 804 return -ENOIOCTLCMD; 805 806 case TIOCSERGSTRUCT: 807 BT_ERR("TIOCSERGSTRUCT is not supported"); 808 return -ENOIOCTLCMD; 809 810 case TIOCSERGETLSR: 811 BT_ERR("TIOCSERGETLSR is not supported"); 812 return -ENOIOCTLCMD; 813 814 case TIOCSERCONFIG: 815 BT_ERR("TIOCSERCONFIG is not supported"); 816 return -ENOIOCTLCMD; 817 818 default: 819 return -ENOIOCTLCMD; /* ioctls which we must ignore */ 820 821 } 822 823 return -ENOIOCTLCMD; 824 } 825 826 static void rfcomm_tty_set_termios(struct tty_struct *tty, struct ktermios *old) 827 { 828 struct ktermios *new = &tty->termios; 829 int old_baud_rate = tty_termios_baud_rate(old); 830 int new_baud_rate = tty_termios_baud_rate(new); 831 832 u8 baud, data_bits, stop_bits, parity, x_on, x_off; 833 u16 changes = 0; 834 835 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 836 837 BT_DBG("tty %p termios %p", tty, old); 838 839 if (!dev || !dev->dlc || !dev->dlc->session) 840 return; 841 842 /* Handle turning off CRTSCTS */ 843 if ((old->c_cflag & CRTSCTS) && !(new->c_cflag & CRTSCTS)) 844 BT_DBG("Turning off CRTSCTS unsupported"); 845 846 /* Parity on/off and when on, odd/even */ 847 if (((old->c_cflag & PARENB) != (new->c_cflag & PARENB)) || 848 ((old->c_cflag & PARODD) != (new->c_cflag & PARODD))) { 849 changes |= RFCOMM_RPN_PM_PARITY; 850 BT_DBG("Parity change detected."); 851 } 852 853 /* Mark and space parity are not supported! */ 854 if (new->c_cflag & PARENB) { 855 if (new->c_cflag & PARODD) { 856 BT_DBG("Parity is ODD"); 857 parity = RFCOMM_RPN_PARITY_ODD; 858 } else { 859 BT_DBG("Parity is EVEN"); 860 parity = RFCOMM_RPN_PARITY_EVEN; 861 } 862 } else { 863 BT_DBG("Parity is OFF"); 864 parity = RFCOMM_RPN_PARITY_NONE; 865 } 866 867 /* Setting the x_on / x_off characters */ 868 if (old->c_cc[VSTOP] != new->c_cc[VSTOP]) { 869 BT_DBG("XOFF custom"); 870 x_on = new->c_cc[VSTOP]; 871 changes |= RFCOMM_RPN_PM_XON; 872 } else { 873 BT_DBG("XOFF default"); 874 x_on = RFCOMM_RPN_XON_CHAR; 875 } 876 877 if (old->c_cc[VSTART] != new->c_cc[VSTART]) { 878 BT_DBG("XON custom"); 879 x_off = new->c_cc[VSTART]; 880 changes |= RFCOMM_RPN_PM_XOFF; 881 } else { 882 BT_DBG("XON default"); 883 x_off = RFCOMM_RPN_XOFF_CHAR; 884 } 885 886 /* Handle setting of stop bits */ 887 if ((old->c_cflag & CSTOPB) != (new->c_cflag & CSTOPB)) 888 changes |= RFCOMM_RPN_PM_STOP; 889 890 /* POSIX does not support 1.5 stop bits and RFCOMM does not 891 * support 2 stop bits. So a request for 2 stop bits gets 892 * translated to 1.5 stop bits */ 893 if (new->c_cflag & CSTOPB) 894 stop_bits = RFCOMM_RPN_STOP_15; 895 else 896 stop_bits = RFCOMM_RPN_STOP_1; 897 898 /* Handle number of data bits [5-8] */ 899 if ((old->c_cflag & CSIZE) != (new->c_cflag & CSIZE)) 900 changes |= RFCOMM_RPN_PM_DATA; 901 902 switch (new->c_cflag & CSIZE) { 903 case CS5: 904 data_bits = RFCOMM_RPN_DATA_5; 905 break; 906 case CS6: 907 data_bits = RFCOMM_RPN_DATA_6; 908 break; 909 case CS7: 910 data_bits = RFCOMM_RPN_DATA_7; 911 break; 912 case CS8: 913 data_bits = RFCOMM_RPN_DATA_8; 914 break; 915 default: 916 data_bits = RFCOMM_RPN_DATA_8; 917 break; 918 } 919 920 /* Handle baudrate settings */ 921 if (old_baud_rate != new_baud_rate) 922 changes |= RFCOMM_RPN_PM_BITRATE; 923 924 switch (new_baud_rate) { 925 case 2400: 926 baud = RFCOMM_RPN_BR_2400; 927 break; 928 case 4800: 929 baud = RFCOMM_RPN_BR_4800; 930 break; 931 case 7200: 932 baud = RFCOMM_RPN_BR_7200; 933 break; 934 case 9600: 935 baud = RFCOMM_RPN_BR_9600; 936 break; 937 case 19200: 938 baud = RFCOMM_RPN_BR_19200; 939 break; 940 case 38400: 941 baud = RFCOMM_RPN_BR_38400; 942 break; 943 case 57600: 944 baud = RFCOMM_RPN_BR_57600; 945 break; 946 case 115200: 947 baud = RFCOMM_RPN_BR_115200; 948 break; 949 case 230400: 950 baud = RFCOMM_RPN_BR_230400; 951 break; 952 default: 953 /* 9600 is standard accordinag to the RFCOMM specification */ 954 baud = RFCOMM_RPN_BR_9600; 955 break; 956 957 } 958 959 if (changes) 960 rfcomm_send_rpn(dev->dlc->session, 1, dev->dlc->dlci, baud, 961 data_bits, stop_bits, parity, 962 RFCOMM_RPN_FLOW_NONE, x_on, x_off, changes); 963 } 964 965 static void rfcomm_tty_throttle(struct tty_struct *tty) 966 { 967 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 968 969 BT_DBG("tty %p dev %p", tty, dev); 970 971 rfcomm_dlc_throttle(dev->dlc); 972 } 973 974 static void rfcomm_tty_unthrottle(struct tty_struct *tty) 975 { 976 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 977 978 BT_DBG("tty %p dev %p", tty, dev); 979 980 rfcomm_dlc_unthrottle(dev->dlc); 981 } 982 983 static int rfcomm_tty_chars_in_buffer(struct tty_struct *tty) 984 { 985 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 986 987 BT_DBG("tty %p dev %p", tty, dev); 988 989 if (!dev || !dev->dlc) 990 return 0; 991 992 if (!skb_queue_empty(&dev->dlc->tx_queue)) 993 return dev->dlc->mtu; 994 995 return 0; 996 } 997 998 static void rfcomm_tty_flush_buffer(struct tty_struct *tty) 999 { 1000 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 1001 1002 BT_DBG("tty %p dev %p", tty, dev); 1003 1004 if (!dev || !dev->dlc) 1005 return; 1006 1007 skb_queue_purge(&dev->dlc->tx_queue); 1008 tty_wakeup(tty); 1009 } 1010 1011 static void rfcomm_tty_send_xchar(struct tty_struct *tty, char ch) 1012 { 1013 BT_DBG("tty %p ch %c", tty, ch); 1014 } 1015 1016 static void rfcomm_tty_wait_until_sent(struct tty_struct *tty, int timeout) 1017 { 1018 BT_DBG("tty %p timeout %d", tty, timeout); 1019 } 1020 1021 static void rfcomm_tty_hangup(struct tty_struct *tty) 1022 { 1023 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 1024 1025 BT_DBG("tty %p dev %p", tty, dev); 1026 1027 tty_port_hangup(&dev->port); 1028 } 1029 1030 static int rfcomm_tty_tiocmget(struct tty_struct *tty) 1031 { 1032 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 1033 1034 BT_DBG("tty %p dev %p", tty, dev); 1035 1036 return dev->modem_status; 1037 } 1038 1039 static int rfcomm_tty_tiocmset(struct tty_struct *tty, unsigned int set, unsigned int clear) 1040 { 1041 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 1042 struct rfcomm_dlc *dlc = dev->dlc; 1043 u8 v24_sig; 1044 1045 BT_DBG("tty %p dev %p set 0x%02x clear 0x%02x", tty, dev, set, clear); 1046 1047 rfcomm_dlc_get_modem_status(dlc, &v24_sig); 1048 1049 if (set & TIOCM_DSR || set & TIOCM_DTR) 1050 v24_sig |= RFCOMM_V24_RTC; 1051 if (set & TIOCM_RTS || set & TIOCM_CTS) 1052 v24_sig |= RFCOMM_V24_RTR; 1053 if (set & TIOCM_RI) 1054 v24_sig |= RFCOMM_V24_IC; 1055 if (set & TIOCM_CD) 1056 v24_sig |= RFCOMM_V24_DV; 1057 1058 if (clear & TIOCM_DSR || clear & TIOCM_DTR) 1059 v24_sig &= ~RFCOMM_V24_RTC; 1060 if (clear & TIOCM_RTS || clear & TIOCM_CTS) 1061 v24_sig &= ~RFCOMM_V24_RTR; 1062 if (clear & TIOCM_RI) 1063 v24_sig &= ~RFCOMM_V24_IC; 1064 if (clear & TIOCM_CD) 1065 v24_sig &= ~RFCOMM_V24_DV; 1066 1067 rfcomm_dlc_set_modem_status(dlc, v24_sig); 1068 1069 return 0; 1070 } 1071 1072 /* ---- TTY structure ---- */ 1073 1074 static const struct tty_operations rfcomm_ops = { 1075 .open = rfcomm_tty_open, 1076 .close = rfcomm_tty_close, 1077 .write = rfcomm_tty_write, 1078 .write_room = rfcomm_tty_write_room, 1079 .chars_in_buffer = rfcomm_tty_chars_in_buffer, 1080 .flush_buffer = rfcomm_tty_flush_buffer, 1081 .ioctl = rfcomm_tty_ioctl, 1082 .throttle = rfcomm_tty_throttle, 1083 .unthrottle = rfcomm_tty_unthrottle, 1084 .set_termios = rfcomm_tty_set_termios, 1085 .send_xchar = rfcomm_tty_send_xchar, 1086 .hangup = rfcomm_tty_hangup, 1087 .wait_until_sent = rfcomm_tty_wait_until_sent, 1088 .tiocmget = rfcomm_tty_tiocmget, 1089 .tiocmset = rfcomm_tty_tiocmset, 1090 .install = rfcomm_tty_install, 1091 .cleanup = rfcomm_tty_cleanup, 1092 }; 1093 1094 int __init rfcomm_init_ttys(void) 1095 { 1096 int error; 1097 1098 rfcomm_tty_driver = alloc_tty_driver(RFCOMM_TTY_PORTS); 1099 if (!rfcomm_tty_driver) 1100 return -ENOMEM; 1101 1102 rfcomm_tty_driver->driver_name = "rfcomm"; 1103 rfcomm_tty_driver->name = "rfcomm"; 1104 rfcomm_tty_driver->major = RFCOMM_TTY_MAJOR; 1105 rfcomm_tty_driver->minor_start = RFCOMM_TTY_MINOR; 1106 rfcomm_tty_driver->type = TTY_DRIVER_TYPE_SERIAL; 1107 rfcomm_tty_driver->subtype = SERIAL_TYPE_NORMAL; 1108 rfcomm_tty_driver->flags = TTY_DRIVER_REAL_RAW | TTY_DRIVER_DYNAMIC_DEV; 1109 rfcomm_tty_driver->init_termios = tty_std_termios; 1110 rfcomm_tty_driver->init_termios.c_cflag = B9600 | CS8 | CREAD | HUPCL; 1111 rfcomm_tty_driver->init_termios.c_lflag &= ~ICANON; 1112 tty_set_operations(rfcomm_tty_driver, &rfcomm_ops); 1113 1114 error = tty_register_driver(rfcomm_tty_driver); 1115 if (error) { 1116 BT_ERR("Can't register RFCOMM TTY driver"); 1117 put_tty_driver(rfcomm_tty_driver); 1118 return error; 1119 } 1120 1121 BT_INFO("RFCOMM TTY layer initialized"); 1122 1123 return 0; 1124 } 1125 1126 void rfcomm_cleanup_ttys(void) 1127 { 1128 tty_unregister_driver(rfcomm_tty_driver); 1129 put_tty_driver(rfcomm_tty_driver); 1130 } 1131