1 /* 2 RFCOMM implementation for Linux Bluetooth stack (BlueZ). 3 Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com> 4 Copyright (C) 2002 Marcel Holtmann <marcel@holtmann.org> 5 6 This program is free software; you can redistribute it and/or modify 7 it under the terms of the GNU General Public License version 2 as 8 published by the Free Software Foundation; 9 10 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS 11 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 12 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. 13 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY 14 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES 15 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 19 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, 20 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS 21 SOFTWARE IS DISCLAIMED. 22 */ 23 24 /* 25 * RFCOMM TTY. 26 */ 27 28 #include <linux/module.h> 29 30 #include <linux/tty.h> 31 #include <linux/tty_driver.h> 32 #include <linux/tty_flip.h> 33 34 #include <net/bluetooth/bluetooth.h> 35 #include <net/bluetooth/hci_core.h> 36 #include <net/bluetooth/rfcomm.h> 37 38 #define RFCOMM_TTY_MAGIC 0x6d02 /* magic number for rfcomm struct */ 39 #define RFCOMM_TTY_PORTS RFCOMM_MAX_DEV /* whole lotta rfcomm devices */ 40 #define RFCOMM_TTY_MAJOR 216 /* device node major id of the usb/bluetooth.c driver */ 41 #define RFCOMM_TTY_MINOR 0 42 43 static struct tty_driver *rfcomm_tty_driver; 44 45 struct rfcomm_dev { 46 struct tty_port port; 47 struct list_head list; 48 49 char name[12]; 50 int id; 51 unsigned long flags; 52 int err; 53 54 bdaddr_t src; 55 bdaddr_t dst; 56 u8 channel; 57 58 uint modem_status; 59 60 struct rfcomm_dlc *dlc; 61 wait_queue_head_t conn_wait; 62 63 struct device *tty_dev; 64 65 atomic_t wmem_alloc; 66 67 struct sk_buff_head pending; 68 }; 69 70 static LIST_HEAD(rfcomm_dev_list); 71 static DEFINE_SPINLOCK(rfcomm_dev_lock); 72 73 static void rfcomm_dev_data_ready(struct rfcomm_dlc *dlc, struct sk_buff *skb); 74 static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err); 75 static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig); 76 77 /* ---- Device functions ---- */ 78 79 static void rfcomm_dev_destruct(struct tty_port *port) 80 { 81 struct rfcomm_dev *dev = container_of(port, struct rfcomm_dev, port); 82 struct rfcomm_dlc *dlc = dev->dlc; 83 84 BT_DBG("dev %p dlc %p", dev, dlc); 85 86 spin_lock(&rfcomm_dev_lock); 87 list_del(&dev->list); 88 spin_unlock(&rfcomm_dev_lock); 89 90 rfcomm_dlc_lock(dlc); 91 /* Detach DLC if it's owned by this dev */ 92 if (dlc->owner == dev) 93 dlc->owner = NULL; 94 rfcomm_dlc_unlock(dlc); 95 96 rfcomm_dlc_put(dlc); 97 98 tty_unregister_device(rfcomm_tty_driver, dev->id); 99 100 kfree(dev); 101 102 /* It's safe to call module_put() here because socket still 103 holds reference to this module. */ 104 module_put(THIS_MODULE); 105 } 106 107 static struct device *rfcomm_get_device(struct rfcomm_dev *dev) 108 { 109 struct hci_dev *hdev; 110 struct hci_conn *conn; 111 112 hdev = hci_get_route(&dev->dst, &dev->src); 113 if (!hdev) 114 return NULL; 115 116 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &dev->dst); 117 118 hci_dev_put(hdev); 119 120 return conn ? &conn->dev : NULL; 121 } 122 123 /* device-specific initialization: open the dlc */ 124 static int rfcomm_dev_activate(struct tty_port *port, struct tty_struct *tty) 125 { 126 struct rfcomm_dev *dev = container_of(port, struct rfcomm_dev, port); 127 DEFINE_WAIT(wait); 128 int err; 129 130 err = rfcomm_dlc_open(dev->dlc, &dev->src, &dev->dst, dev->channel); 131 if (err) 132 return err; 133 134 while (1) { 135 prepare_to_wait(&dev->conn_wait, &wait, TASK_INTERRUPTIBLE); 136 137 if (dev->dlc->state == BT_CLOSED) { 138 err = -dev->err; 139 break; 140 } 141 142 if (dev->dlc->state == BT_CONNECTED) 143 break; 144 145 if (signal_pending(current)) { 146 err = -ERESTARTSYS; 147 break; 148 } 149 150 tty_unlock(tty); 151 schedule(); 152 tty_lock(tty); 153 } 154 finish_wait(&dev->conn_wait, &wait); 155 156 if (!err) 157 device_move(dev->tty_dev, rfcomm_get_device(dev), 158 DPM_ORDER_DEV_AFTER_PARENT); 159 160 return err; 161 } 162 163 /* device-specific cleanup: close the dlc */ 164 static void rfcomm_dev_shutdown(struct tty_port *port) 165 { 166 struct rfcomm_dev *dev = container_of(port, struct rfcomm_dev, port); 167 168 if (dev->tty_dev->parent) 169 device_move(dev->tty_dev, NULL, DPM_ORDER_DEV_LAST); 170 171 /* close the dlc */ 172 rfcomm_dlc_close(dev->dlc, 0); 173 } 174 175 static const struct tty_port_operations rfcomm_port_ops = { 176 .destruct = rfcomm_dev_destruct, 177 .activate = rfcomm_dev_activate, 178 .shutdown = rfcomm_dev_shutdown, 179 }; 180 181 static struct rfcomm_dev *__rfcomm_dev_get(int id) 182 { 183 struct rfcomm_dev *dev; 184 185 list_for_each_entry(dev, &rfcomm_dev_list, list) 186 if (dev->id == id) 187 return dev; 188 189 return NULL; 190 } 191 192 static struct rfcomm_dev *rfcomm_dev_get(int id) 193 { 194 struct rfcomm_dev *dev; 195 196 spin_lock(&rfcomm_dev_lock); 197 198 dev = __rfcomm_dev_get(id); 199 200 if (dev) { 201 if (test_bit(RFCOMM_TTY_RELEASED, &dev->flags)) 202 dev = NULL; 203 else 204 tty_port_get(&dev->port); 205 } 206 207 spin_unlock(&rfcomm_dev_lock); 208 209 return dev; 210 } 211 212 static ssize_t show_address(struct device *tty_dev, struct device_attribute *attr, char *buf) 213 { 214 struct rfcomm_dev *dev = dev_get_drvdata(tty_dev); 215 return sprintf(buf, "%pMR\n", &dev->dst); 216 } 217 218 static ssize_t show_channel(struct device *tty_dev, struct device_attribute *attr, char *buf) 219 { 220 struct rfcomm_dev *dev = dev_get_drvdata(tty_dev); 221 return sprintf(buf, "%d\n", dev->channel); 222 } 223 224 static DEVICE_ATTR(address, S_IRUGO, show_address, NULL); 225 static DEVICE_ATTR(channel, S_IRUGO, show_channel, NULL); 226 227 static int rfcomm_dev_add(struct rfcomm_dev_req *req, struct rfcomm_dlc *dlc) 228 { 229 struct rfcomm_dev *dev, *entry; 230 struct list_head *head = &rfcomm_dev_list; 231 int err = 0; 232 233 BT_DBG("id %d channel %d", req->dev_id, req->channel); 234 235 dev = kzalloc(sizeof(struct rfcomm_dev), GFP_KERNEL); 236 if (!dev) 237 return -ENOMEM; 238 239 spin_lock(&rfcomm_dev_lock); 240 241 if (req->dev_id < 0) { 242 dev->id = 0; 243 244 list_for_each_entry(entry, &rfcomm_dev_list, list) { 245 if (entry->id != dev->id) 246 break; 247 248 dev->id++; 249 head = &entry->list; 250 } 251 } else { 252 dev->id = req->dev_id; 253 254 list_for_each_entry(entry, &rfcomm_dev_list, list) { 255 if (entry->id == dev->id) { 256 err = -EADDRINUSE; 257 goto out; 258 } 259 260 if (entry->id > dev->id - 1) 261 break; 262 263 head = &entry->list; 264 } 265 } 266 267 if ((dev->id < 0) || (dev->id > RFCOMM_MAX_DEV - 1)) { 268 err = -ENFILE; 269 goto out; 270 } 271 272 sprintf(dev->name, "rfcomm%d", dev->id); 273 274 list_add(&dev->list, head); 275 276 bacpy(&dev->src, &req->src); 277 bacpy(&dev->dst, &req->dst); 278 dev->channel = req->channel; 279 280 dev->flags = req->flags & 281 ((1 << RFCOMM_RELEASE_ONHUP) | (1 << RFCOMM_REUSE_DLC)); 282 283 tty_port_init(&dev->port); 284 dev->port.ops = &rfcomm_port_ops; 285 init_waitqueue_head(&dev->conn_wait); 286 287 skb_queue_head_init(&dev->pending); 288 289 rfcomm_dlc_lock(dlc); 290 291 if (req->flags & (1 << RFCOMM_REUSE_DLC)) { 292 struct sock *sk = dlc->owner; 293 struct sk_buff *skb; 294 295 BUG_ON(!sk); 296 297 rfcomm_dlc_throttle(dlc); 298 299 while ((skb = skb_dequeue(&sk->sk_receive_queue))) { 300 skb_orphan(skb); 301 skb_queue_tail(&dev->pending, skb); 302 atomic_sub(skb->len, &sk->sk_rmem_alloc); 303 } 304 } 305 306 dlc->data_ready = rfcomm_dev_data_ready; 307 dlc->state_change = rfcomm_dev_state_change; 308 dlc->modem_status = rfcomm_dev_modem_status; 309 310 dlc->owner = dev; 311 dev->dlc = dlc; 312 313 rfcomm_dev_modem_status(dlc, dlc->remote_v24_sig); 314 315 rfcomm_dlc_unlock(dlc); 316 317 /* It's safe to call __module_get() here because socket already 318 holds reference to this module. */ 319 __module_get(THIS_MODULE); 320 321 out: 322 spin_unlock(&rfcomm_dev_lock); 323 324 if (err < 0) 325 goto free; 326 327 dev->tty_dev = tty_port_register_device(&dev->port, rfcomm_tty_driver, 328 dev->id, NULL); 329 if (IS_ERR(dev->tty_dev)) { 330 err = PTR_ERR(dev->tty_dev); 331 spin_lock(&rfcomm_dev_lock); 332 list_del(&dev->list); 333 spin_unlock(&rfcomm_dev_lock); 334 goto free; 335 } 336 337 dev_set_drvdata(dev->tty_dev, dev); 338 339 if (device_create_file(dev->tty_dev, &dev_attr_address) < 0) 340 BT_ERR("Failed to create address attribute"); 341 342 if (device_create_file(dev->tty_dev, &dev_attr_channel) < 0) 343 BT_ERR("Failed to create channel attribute"); 344 345 return dev->id; 346 347 free: 348 kfree(dev); 349 return err; 350 } 351 352 /* ---- Send buffer ---- */ 353 static inline unsigned int rfcomm_room(struct rfcomm_dlc *dlc) 354 { 355 /* We can't let it be zero, because we don't get a callback 356 when tx_credits becomes nonzero, hence we'd never wake up */ 357 return dlc->mtu * (dlc->tx_credits?:1); 358 } 359 360 static void rfcomm_wfree(struct sk_buff *skb) 361 { 362 struct rfcomm_dev *dev = (void *) skb->sk; 363 atomic_sub(skb->truesize, &dev->wmem_alloc); 364 if (test_bit(RFCOMM_TTY_ATTACHED, &dev->flags)) 365 tty_port_tty_wakeup(&dev->port); 366 tty_port_put(&dev->port); 367 } 368 369 static void rfcomm_set_owner_w(struct sk_buff *skb, struct rfcomm_dev *dev) 370 { 371 tty_port_get(&dev->port); 372 atomic_add(skb->truesize, &dev->wmem_alloc); 373 skb->sk = (void *) dev; 374 skb->destructor = rfcomm_wfree; 375 } 376 377 static struct sk_buff *rfcomm_wmalloc(struct rfcomm_dev *dev, unsigned long size, gfp_t priority) 378 { 379 if (atomic_read(&dev->wmem_alloc) < rfcomm_room(dev->dlc)) { 380 struct sk_buff *skb = alloc_skb(size, priority); 381 if (skb) { 382 rfcomm_set_owner_w(skb, dev); 383 return skb; 384 } 385 } 386 return NULL; 387 } 388 389 /* ---- Device IOCTLs ---- */ 390 391 #define NOCAP_FLAGS ((1 << RFCOMM_REUSE_DLC) | (1 << RFCOMM_RELEASE_ONHUP)) 392 393 static int rfcomm_create_dev(struct sock *sk, void __user *arg) 394 { 395 struct rfcomm_dev_req req; 396 struct rfcomm_dlc *dlc; 397 int id; 398 399 if (copy_from_user(&req, arg, sizeof(req))) 400 return -EFAULT; 401 402 BT_DBG("sk %p dev_id %d flags 0x%x", sk, req.dev_id, req.flags); 403 404 if (req.flags != NOCAP_FLAGS && !capable(CAP_NET_ADMIN)) 405 return -EPERM; 406 407 if (req.flags & (1 << RFCOMM_REUSE_DLC)) { 408 /* Socket must be connected */ 409 if (sk->sk_state != BT_CONNECTED) 410 return -EBADFD; 411 412 dlc = rfcomm_pi(sk)->dlc; 413 rfcomm_dlc_hold(dlc); 414 } else { 415 dlc = rfcomm_dlc_alloc(GFP_KERNEL); 416 if (!dlc) 417 return -ENOMEM; 418 } 419 420 id = rfcomm_dev_add(&req, dlc); 421 if (id < 0) { 422 rfcomm_dlc_put(dlc); 423 return id; 424 } 425 426 if (req.flags & (1 << RFCOMM_REUSE_DLC)) { 427 /* DLC is now used by device. 428 * Socket must be disconnected */ 429 sk->sk_state = BT_CLOSED; 430 } 431 432 return id; 433 } 434 435 static int rfcomm_release_dev(void __user *arg) 436 { 437 struct rfcomm_dev_req req; 438 struct rfcomm_dev *dev; 439 struct tty_struct *tty; 440 441 if (copy_from_user(&req, arg, sizeof(req))) 442 return -EFAULT; 443 444 BT_DBG("dev_id %d flags 0x%x", req.dev_id, req.flags); 445 446 dev = rfcomm_dev_get(req.dev_id); 447 if (!dev) 448 return -ENODEV; 449 450 if (dev->flags != NOCAP_FLAGS && !capable(CAP_NET_ADMIN)) { 451 tty_port_put(&dev->port); 452 return -EPERM; 453 } 454 455 if (req.flags & (1 << RFCOMM_HANGUP_NOW)) 456 rfcomm_dlc_close(dev->dlc, 0); 457 458 /* Shut down TTY synchronously before freeing rfcomm_dev */ 459 tty = tty_port_tty_get(&dev->port); 460 if (tty) { 461 tty_vhangup(tty); 462 tty_kref_put(tty); 463 } 464 465 if (!test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags) && 466 !test_and_set_bit(RFCOMM_TTY_RELEASED, &dev->flags)) 467 tty_port_put(&dev->port); 468 469 tty_port_put(&dev->port); 470 return 0; 471 } 472 473 static int rfcomm_get_dev_list(void __user *arg) 474 { 475 struct rfcomm_dev *dev; 476 struct rfcomm_dev_list_req *dl; 477 struct rfcomm_dev_info *di; 478 int n = 0, size, err; 479 u16 dev_num; 480 481 BT_DBG(""); 482 483 if (get_user(dev_num, (u16 __user *) arg)) 484 return -EFAULT; 485 486 if (!dev_num || dev_num > (PAGE_SIZE * 4) / sizeof(*di)) 487 return -EINVAL; 488 489 size = sizeof(*dl) + dev_num * sizeof(*di); 490 491 dl = kzalloc(size, GFP_KERNEL); 492 if (!dl) 493 return -ENOMEM; 494 495 di = dl->dev_info; 496 497 spin_lock(&rfcomm_dev_lock); 498 499 list_for_each_entry(dev, &rfcomm_dev_list, list) { 500 if (test_bit(RFCOMM_TTY_RELEASED, &dev->flags)) 501 continue; 502 (di + n)->id = dev->id; 503 (di + n)->flags = dev->flags; 504 (di + n)->state = dev->dlc->state; 505 (di + n)->channel = dev->channel; 506 bacpy(&(di + n)->src, &dev->src); 507 bacpy(&(di + n)->dst, &dev->dst); 508 if (++n >= dev_num) 509 break; 510 } 511 512 spin_unlock(&rfcomm_dev_lock); 513 514 dl->dev_num = n; 515 size = sizeof(*dl) + n * sizeof(*di); 516 517 err = copy_to_user(arg, dl, size); 518 kfree(dl); 519 520 return err ? -EFAULT : 0; 521 } 522 523 static int rfcomm_get_dev_info(void __user *arg) 524 { 525 struct rfcomm_dev *dev; 526 struct rfcomm_dev_info di; 527 int err = 0; 528 529 BT_DBG(""); 530 531 if (copy_from_user(&di, arg, sizeof(di))) 532 return -EFAULT; 533 534 dev = rfcomm_dev_get(di.id); 535 if (!dev) 536 return -ENODEV; 537 538 di.flags = dev->flags; 539 di.channel = dev->channel; 540 di.state = dev->dlc->state; 541 bacpy(&di.src, &dev->src); 542 bacpy(&di.dst, &dev->dst); 543 544 if (copy_to_user(arg, &di, sizeof(di))) 545 err = -EFAULT; 546 547 tty_port_put(&dev->port); 548 return err; 549 } 550 551 int rfcomm_dev_ioctl(struct sock *sk, unsigned int cmd, void __user *arg) 552 { 553 BT_DBG("cmd %d arg %p", cmd, arg); 554 555 switch (cmd) { 556 case RFCOMMCREATEDEV: 557 return rfcomm_create_dev(sk, arg); 558 559 case RFCOMMRELEASEDEV: 560 return rfcomm_release_dev(arg); 561 562 case RFCOMMGETDEVLIST: 563 return rfcomm_get_dev_list(arg); 564 565 case RFCOMMGETDEVINFO: 566 return rfcomm_get_dev_info(arg); 567 } 568 569 return -EINVAL; 570 } 571 572 /* ---- DLC callbacks ---- */ 573 static void rfcomm_dev_data_ready(struct rfcomm_dlc *dlc, struct sk_buff *skb) 574 { 575 struct rfcomm_dev *dev = dlc->owner; 576 577 if (!dev) { 578 kfree_skb(skb); 579 return; 580 } 581 582 if (!skb_queue_empty(&dev->pending)) { 583 skb_queue_tail(&dev->pending, skb); 584 return; 585 } 586 587 BT_DBG("dlc %p len %d", dlc, skb->len); 588 589 tty_insert_flip_string(&dev->port, skb->data, skb->len); 590 tty_flip_buffer_push(&dev->port); 591 592 kfree_skb(skb); 593 } 594 595 static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err) 596 { 597 struct rfcomm_dev *dev = dlc->owner; 598 if (!dev) 599 return; 600 601 BT_DBG("dlc %p dev %p err %d", dlc, dev, err); 602 603 dev->err = err; 604 wake_up_interruptible(&dev->conn_wait); 605 606 if (dlc->state == BT_CLOSED) 607 tty_port_tty_hangup(&dev->port, false); 608 } 609 610 static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig) 611 { 612 struct rfcomm_dev *dev = dlc->owner; 613 if (!dev) 614 return; 615 616 BT_DBG("dlc %p dev %p v24_sig 0x%02x", dlc, dev, v24_sig); 617 618 if ((dev->modem_status & TIOCM_CD) && !(v24_sig & RFCOMM_V24_DV)) 619 tty_port_tty_hangup(&dev->port, true); 620 621 dev->modem_status = 622 ((v24_sig & RFCOMM_V24_RTC) ? (TIOCM_DSR | TIOCM_DTR) : 0) | 623 ((v24_sig & RFCOMM_V24_RTR) ? (TIOCM_RTS | TIOCM_CTS) : 0) | 624 ((v24_sig & RFCOMM_V24_IC) ? TIOCM_RI : 0) | 625 ((v24_sig & RFCOMM_V24_DV) ? TIOCM_CD : 0); 626 } 627 628 /* ---- TTY functions ---- */ 629 static void rfcomm_tty_copy_pending(struct rfcomm_dev *dev) 630 { 631 struct sk_buff *skb; 632 int inserted = 0; 633 634 BT_DBG("dev %p", dev); 635 636 rfcomm_dlc_lock(dev->dlc); 637 638 while ((skb = skb_dequeue(&dev->pending))) { 639 inserted += tty_insert_flip_string(&dev->port, skb->data, 640 skb->len); 641 kfree_skb(skb); 642 } 643 644 rfcomm_dlc_unlock(dev->dlc); 645 646 if (inserted > 0) 647 tty_flip_buffer_push(&dev->port); 648 } 649 650 /* do the reverse of install, clearing the tty fields and releasing the 651 * reference to tty_port 652 */ 653 static void rfcomm_tty_cleanup(struct tty_struct *tty) 654 { 655 struct rfcomm_dev *dev = tty->driver_data; 656 657 clear_bit(RFCOMM_TTY_ATTACHED, &dev->flags); 658 659 rfcomm_dlc_lock(dev->dlc); 660 tty->driver_data = NULL; 661 rfcomm_dlc_unlock(dev->dlc); 662 663 /* 664 * purge the dlc->tx_queue to avoid circular dependencies 665 * between dev and dlc 666 */ 667 skb_queue_purge(&dev->dlc->tx_queue); 668 669 tty_port_put(&dev->port); 670 } 671 672 /* we acquire the tty_port reference since it's here the tty is first used 673 * by setting the termios. We also populate the driver_data field and install 674 * the tty port 675 */ 676 static int rfcomm_tty_install(struct tty_driver *driver, struct tty_struct *tty) 677 { 678 struct rfcomm_dev *dev; 679 struct rfcomm_dlc *dlc; 680 int err; 681 682 dev = rfcomm_dev_get(tty->index); 683 if (!dev) 684 return -ENODEV; 685 686 dlc = dev->dlc; 687 688 /* Attach TTY and open DLC */ 689 rfcomm_dlc_lock(dlc); 690 tty->driver_data = dev; 691 rfcomm_dlc_unlock(dlc); 692 set_bit(RFCOMM_TTY_ATTACHED, &dev->flags); 693 694 /* install the tty_port */ 695 err = tty_port_install(&dev->port, driver, tty); 696 if (err) { 697 rfcomm_tty_cleanup(tty); 698 return err; 699 } 700 701 /* take over the tty_port reference if the port was created with the 702 * flag RFCOMM_RELEASE_ONHUP. This will force the release of the port 703 * when the last process closes the tty. The behaviour is expected by 704 * userspace. 705 */ 706 if (test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags)) 707 tty_port_put(&dev->port); 708 709 return 0; 710 } 711 712 static int rfcomm_tty_open(struct tty_struct *tty, struct file *filp) 713 { 714 struct rfcomm_dev *dev = tty->driver_data; 715 int err; 716 717 BT_DBG("tty %p id %d", tty, tty->index); 718 719 BT_DBG("dev %p dst %pMR channel %d opened %d", dev, &dev->dst, 720 dev->channel, dev->port.count); 721 722 err = tty_port_open(&dev->port, tty, filp); 723 if (err) 724 return err; 725 726 /* 727 * FIXME: rfcomm should use proper flow control for 728 * received data. This hack will be unnecessary and can 729 * be removed when that's implemented 730 */ 731 rfcomm_tty_copy_pending(dev); 732 733 rfcomm_dlc_unthrottle(dev->dlc); 734 735 return 0; 736 } 737 738 static void rfcomm_tty_close(struct tty_struct *tty, struct file *filp) 739 { 740 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 741 742 BT_DBG("tty %p dev %p dlc %p opened %d", tty, dev, dev->dlc, 743 dev->port.count); 744 745 tty_port_close(&dev->port, tty, filp); 746 } 747 748 static int rfcomm_tty_write(struct tty_struct *tty, const unsigned char *buf, int count) 749 { 750 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 751 struct rfcomm_dlc *dlc = dev->dlc; 752 struct sk_buff *skb; 753 int err = 0, sent = 0, size; 754 755 BT_DBG("tty %p count %d", tty, count); 756 757 while (count) { 758 size = min_t(uint, count, dlc->mtu); 759 760 skb = rfcomm_wmalloc(dev, size + RFCOMM_SKB_RESERVE, GFP_ATOMIC); 761 762 if (!skb) 763 break; 764 765 skb_reserve(skb, RFCOMM_SKB_HEAD_RESERVE); 766 767 memcpy(skb_put(skb, size), buf + sent, size); 768 769 err = rfcomm_dlc_send(dlc, skb); 770 if (err < 0) { 771 kfree_skb(skb); 772 break; 773 } 774 775 sent += size; 776 count -= size; 777 } 778 779 return sent ? sent : err; 780 } 781 782 static int rfcomm_tty_write_room(struct tty_struct *tty) 783 { 784 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 785 int room; 786 787 BT_DBG("tty %p", tty); 788 789 if (!dev || !dev->dlc) 790 return 0; 791 792 room = rfcomm_room(dev->dlc) - atomic_read(&dev->wmem_alloc); 793 if (room < 0) 794 room = 0; 795 796 return room; 797 } 798 799 static int rfcomm_tty_ioctl(struct tty_struct *tty, unsigned int cmd, unsigned long arg) 800 { 801 BT_DBG("tty %p cmd 0x%02x", tty, cmd); 802 803 switch (cmd) { 804 case TCGETS: 805 BT_DBG("TCGETS is not supported"); 806 return -ENOIOCTLCMD; 807 808 case TCSETS: 809 BT_DBG("TCSETS is not supported"); 810 return -ENOIOCTLCMD; 811 812 case TIOCMIWAIT: 813 BT_DBG("TIOCMIWAIT"); 814 break; 815 816 case TIOCGSERIAL: 817 BT_ERR("TIOCGSERIAL is not supported"); 818 return -ENOIOCTLCMD; 819 820 case TIOCSSERIAL: 821 BT_ERR("TIOCSSERIAL is not supported"); 822 return -ENOIOCTLCMD; 823 824 case TIOCSERGSTRUCT: 825 BT_ERR("TIOCSERGSTRUCT is not supported"); 826 return -ENOIOCTLCMD; 827 828 case TIOCSERGETLSR: 829 BT_ERR("TIOCSERGETLSR is not supported"); 830 return -ENOIOCTLCMD; 831 832 case TIOCSERCONFIG: 833 BT_ERR("TIOCSERCONFIG is not supported"); 834 return -ENOIOCTLCMD; 835 836 default: 837 return -ENOIOCTLCMD; /* ioctls which we must ignore */ 838 839 } 840 841 return -ENOIOCTLCMD; 842 } 843 844 static void rfcomm_tty_set_termios(struct tty_struct *tty, struct ktermios *old) 845 { 846 struct ktermios *new = &tty->termios; 847 int old_baud_rate = tty_termios_baud_rate(old); 848 int new_baud_rate = tty_termios_baud_rate(new); 849 850 u8 baud, data_bits, stop_bits, parity, x_on, x_off; 851 u16 changes = 0; 852 853 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 854 855 BT_DBG("tty %p termios %p", tty, old); 856 857 if (!dev || !dev->dlc || !dev->dlc->session) 858 return; 859 860 /* Handle turning off CRTSCTS */ 861 if ((old->c_cflag & CRTSCTS) && !(new->c_cflag & CRTSCTS)) 862 BT_DBG("Turning off CRTSCTS unsupported"); 863 864 /* Parity on/off and when on, odd/even */ 865 if (((old->c_cflag & PARENB) != (new->c_cflag & PARENB)) || 866 ((old->c_cflag & PARODD) != (new->c_cflag & PARODD))) { 867 changes |= RFCOMM_RPN_PM_PARITY; 868 BT_DBG("Parity change detected."); 869 } 870 871 /* Mark and space parity are not supported! */ 872 if (new->c_cflag & PARENB) { 873 if (new->c_cflag & PARODD) { 874 BT_DBG("Parity is ODD"); 875 parity = RFCOMM_RPN_PARITY_ODD; 876 } else { 877 BT_DBG("Parity is EVEN"); 878 parity = RFCOMM_RPN_PARITY_EVEN; 879 } 880 } else { 881 BT_DBG("Parity is OFF"); 882 parity = RFCOMM_RPN_PARITY_NONE; 883 } 884 885 /* Setting the x_on / x_off characters */ 886 if (old->c_cc[VSTOP] != new->c_cc[VSTOP]) { 887 BT_DBG("XOFF custom"); 888 x_on = new->c_cc[VSTOP]; 889 changes |= RFCOMM_RPN_PM_XON; 890 } else { 891 BT_DBG("XOFF default"); 892 x_on = RFCOMM_RPN_XON_CHAR; 893 } 894 895 if (old->c_cc[VSTART] != new->c_cc[VSTART]) { 896 BT_DBG("XON custom"); 897 x_off = new->c_cc[VSTART]; 898 changes |= RFCOMM_RPN_PM_XOFF; 899 } else { 900 BT_DBG("XON default"); 901 x_off = RFCOMM_RPN_XOFF_CHAR; 902 } 903 904 /* Handle setting of stop bits */ 905 if ((old->c_cflag & CSTOPB) != (new->c_cflag & CSTOPB)) 906 changes |= RFCOMM_RPN_PM_STOP; 907 908 /* POSIX does not support 1.5 stop bits and RFCOMM does not 909 * support 2 stop bits. So a request for 2 stop bits gets 910 * translated to 1.5 stop bits */ 911 if (new->c_cflag & CSTOPB) 912 stop_bits = RFCOMM_RPN_STOP_15; 913 else 914 stop_bits = RFCOMM_RPN_STOP_1; 915 916 /* Handle number of data bits [5-8] */ 917 if ((old->c_cflag & CSIZE) != (new->c_cflag & CSIZE)) 918 changes |= RFCOMM_RPN_PM_DATA; 919 920 switch (new->c_cflag & CSIZE) { 921 case CS5: 922 data_bits = RFCOMM_RPN_DATA_5; 923 break; 924 case CS6: 925 data_bits = RFCOMM_RPN_DATA_6; 926 break; 927 case CS7: 928 data_bits = RFCOMM_RPN_DATA_7; 929 break; 930 case CS8: 931 data_bits = RFCOMM_RPN_DATA_8; 932 break; 933 default: 934 data_bits = RFCOMM_RPN_DATA_8; 935 break; 936 } 937 938 /* Handle baudrate settings */ 939 if (old_baud_rate != new_baud_rate) 940 changes |= RFCOMM_RPN_PM_BITRATE; 941 942 switch (new_baud_rate) { 943 case 2400: 944 baud = RFCOMM_RPN_BR_2400; 945 break; 946 case 4800: 947 baud = RFCOMM_RPN_BR_4800; 948 break; 949 case 7200: 950 baud = RFCOMM_RPN_BR_7200; 951 break; 952 case 9600: 953 baud = RFCOMM_RPN_BR_9600; 954 break; 955 case 19200: 956 baud = RFCOMM_RPN_BR_19200; 957 break; 958 case 38400: 959 baud = RFCOMM_RPN_BR_38400; 960 break; 961 case 57600: 962 baud = RFCOMM_RPN_BR_57600; 963 break; 964 case 115200: 965 baud = RFCOMM_RPN_BR_115200; 966 break; 967 case 230400: 968 baud = RFCOMM_RPN_BR_230400; 969 break; 970 default: 971 /* 9600 is standard accordinag to the RFCOMM specification */ 972 baud = RFCOMM_RPN_BR_9600; 973 break; 974 975 } 976 977 if (changes) 978 rfcomm_send_rpn(dev->dlc->session, 1, dev->dlc->dlci, baud, 979 data_bits, stop_bits, parity, 980 RFCOMM_RPN_FLOW_NONE, x_on, x_off, changes); 981 } 982 983 static void rfcomm_tty_throttle(struct tty_struct *tty) 984 { 985 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 986 987 BT_DBG("tty %p dev %p", tty, dev); 988 989 rfcomm_dlc_throttle(dev->dlc); 990 } 991 992 static void rfcomm_tty_unthrottle(struct tty_struct *tty) 993 { 994 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 995 996 BT_DBG("tty %p dev %p", tty, dev); 997 998 rfcomm_dlc_unthrottle(dev->dlc); 999 } 1000 1001 static int rfcomm_tty_chars_in_buffer(struct tty_struct *tty) 1002 { 1003 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 1004 1005 BT_DBG("tty %p dev %p", tty, dev); 1006 1007 if (!dev || !dev->dlc) 1008 return 0; 1009 1010 if (!skb_queue_empty(&dev->dlc->tx_queue)) 1011 return dev->dlc->mtu; 1012 1013 return 0; 1014 } 1015 1016 static void rfcomm_tty_flush_buffer(struct tty_struct *tty) 1017 { 1018 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 1019 1020 BT_DBG("tty %p dev %p", tty, dev); 1021 1022 if (!dev || !dev->dlc) 1023 return; 1024 1025 skb_queue_purge(&dev->dlc->tx_queue); 1026 tty_wakeup(tty); 1027 } 1028 1029 static void rfcomm_tty_send_xchar(struct tty_struct *tty, char ch) 1030 { 1031 BT_DBG("tty %p ch %c", tty, ch); 1032 } 1033 1034 static void rfcomm_tty_wait_until_sent(struct tty_struct *tty, int timeout) 1035 { 1036 BT_DBG("tty %p timeout %d", tty, timeout); 1037 } 1038 1039 static void rfcomm_tty_hangup(struct tty_struct *tty) 1040 { 1041 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 1042 1043 BT_DBG("tty %p dev %p", tty, dev); 1044 1045 tty_port_hangup(&dev->port); 1046 } 1047 1048 static int rfcomm_tty_tiocmget(struct tty_struct *tty) 1049 { 1050 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 1051 1052 BT_DBG("tty %p dev %p", tty, dev); 1053 1054 return dev->modem_status; 1055 } 1056 1057 static int rfcomm_tty_tiocmset(struct tty_struct *tty, unsigned int set, unsigned int clear) 1058 { 1059 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 1060 struct rfcomm_dlc *dlc = dev->dlc; 1061 u8 v24_sig; 1062 1063 BT_DBG("tty %p dev %p set 0x%02x clear 0x%02x", tty, dev, set, clear); 1064 1065 rfcomm_dlc_get_modem_status(dlc, &v24_sig); 1066 1067 if (set & TIOCM_DSR || set & TIOCM_DTR) 1068 v24_sig |= RFCOMM_V24_RTC; 1069 if (set & TIOCM_RTS || set & TIOCM_CTS) 1070 v24_sig |= RFCOMM_V24_RTR; 1071 if (set & TIOCM_RI) 1072 v24_sig |= RFCOMM_V24_IC; 1073 if (set & TIOCM_CD) 1074 v24_sig |= RFCOMM_V24_DV; 1075 1076 if (clear & TIOCM_DSR || clear & TIOCM_DTR) 1077 v24_sig &= ~RFCOMM_V24_RTC; 1078 if (clear & TIOCM_RTS || clear & TIOCM_CTS) 1079 v24_sig &= ~RFCOMM_V24_RTR; 1080 if (clear & TIOCM_RI) 1081 v24_sig &= ~RFCOMM_V24_IC; 1082 if (clear & TIOCM_CD) 1083 v24_sig &= ~RFCOMM_V24_DV; 1084 1085 rfcomm_dlc_set_modem_status(dlc, v24_sig); 1086 1087 return 0; 1088 } 1089 1090 /* ---- TTY structure ---- */ 1091 1092 static const struct tty_operations rfcomm_ops = { 1093 .open = rfcomm_tty_open, 1094 .close = rfcomm_tty_close, 1095 .write = rfcomm_tty_write, 1096 .write_room = rfcomm_tty_write_room, 1097 .chars_in_buffer = rfcomm_tty_chars_in_buffer, 1098 .flush_buffer = rfcomm_tty_flush_buffer, 1099 .ioctl = rfcomm_tty_ioctl, 1100 .throttle = rfcomm_tty_throttle, 1101 .unthrottle = rfcomm_tty_unthrottle, 1102 .set_termios = rfcomm_tty_set_termios, 1103 .send_xchar = rfcomm_tty_send_xchar, 1104 .hangup = rfcomm_tty_hangup, 1105 .wait_until_sent = rfcomm_tty_wait_until_sent, 1106 .tiocmget = rfcomm_tty_tiocmget, 1107 .tiocmset = rfcomm_tty_tiocmset, 1108 .install = rfcomm_tty_install, 1109 .cleanup = rfcomm_tty_cleanup, 1110 }; 1111 1112 int __init rfcomm_init_ttys(void) 1113 { 1114 int error; 1115 1116 rfcomm_tty_driver = alloc_tty_driver(RFCOMM_TTY_PORTS); 1117 if (!rfcomm_tty_driver) 1118 return -ENOMEM; 1119 1120 rfcomm_tty_driver->driver_name = "rfcomm"; 1121 rfcomm_tty_driver->name = "rfcomm"; 1122 rfcomm_tty_driver->major = RFCOMM_TTY_MAJOR; 1123 rfcomm_tty_driver->minor_start = RFCOMM_TTY_MINOR; 1124 rfcomm_tty_driver->type = TTY_DRIVER_TYPE_SERIAL; 1125 rfcomm_tty_driver->subtype = SERIAL_TYPE_NORMAL; 1126 rfcomm_tty_driver->flags = TTY_DRIVER_REAL_RAW | TTY_DRIVER_DYNAMIC_DEV; 1127 rfcomm_tty_driver->init_termios = tty_std_termios; 1128 rfcomm_tty_driver->init_termios.c_cflag = B9600 | CS8 | CREAD | HUPCL | CLOCAL; 1129 rfcomm_tty_driver->init_termios.c_lflag &= ~ICANON; 1130 tty_set_operations(rfcomm_tty_driver, &rfcomm_ops); 1131 1132 error = tty_register_driver(rfcomm_tty_driver); 1133 if (error) { 1134 BT_ERR("Can't register RFCOMM TTY driver"); 1135 put_tty_driver(rfcomm_tty_driver); 1136 return error; 1137 } 1138 1139 BT_INFO("RFCOMM TTY layer initialized"); 1140 1141 return 0; 1142 } 1143 1144 void rfcomm_cleanup_ttys(void) 1145 { 1146 tty_unregister_driver(rfcomm_tty_driver); 1147 put_tty_driver(rfcomm_tty_driver); 1148 } 1149