Commit | Line | Data |
---|---|---|
1da177e4 LT |
1 | /* |
2 | RFCOMM implementation for Linux Bluetooth stack (BlueZ). | |
3 | Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com> | |
4 | Copyright (C) 2002 Marcel Holtmann <marcel@holtmann.org> | |
5 | ||
6 | This program is free software; you can redistribute it and/or modify | |
7 | it under the terms of the GNU General Public License version 2 as | |
8 | published by the Free Software Foundation; | |
9 | ||
10 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS | |
11 | OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | |
12 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. | |
13 | IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY | |
14 | CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES | |
15 | WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | |
16 | ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | |
17 | OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | |
18 | ||
19 | ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, | |
20 | COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS | |
21 | SOFTWARE IS DISCLAIMED. | |
22 | */ | |
23 | ||
24 | /* | |
25 | * RFCOMM TTY. | |
26 | * | |
27 | * $Id: tty.c,v 1.24 2002/10/03 01:54:38 holtmann Exp $ | |
28 | */ | |
29 | ||
30 | #include <linux/config.h> | |
31 | #include <linux/module.h> | |
32 | ||
33 | #include <linux/tty.h> | |
34 | #include <linux/tty_driver.h> | |
35 | #include <linux/tty_flip.h> | |
36 | ||
37 | #include <linux/slab.h> | |
38 | #include <linux/skbuff.h> | |
39 | ||
40 | #include <net/bluetooth/bluetooth.h> | |
41 | #include <net/bluetooth/rfcomm.h> | |
42 | ||
43 | #ifndef CONFIG_BT_RFCOMM_DEBUG | |
44 | #undef BT_DBG | |
45 | #define BT_DBG(D...) | |
46 | #endif | |
47 | ||
48 | #define RFCOMM_TTY_MAGIC 0x6d02 /* magic number for rfcomm struct */ | |
49 | #define RFCOMM_TTY_PORTS RFCOMM_MAX_DEV /* whole lotta rfcomm devices */ | |
50 | #define RFCOMM_TTY_MAJOR 216 /* device node major id of the usb/bluetooth.c driver */ | |
51 | #define RFCOMM_TTY_MINOR 0 | |
52 | ||
53 | static struct tty_driver *rfcomm_tty_driver; | |
54 | ||
55 | struct rfcomm_dev { | |
56 | struct list_head list; | |
57 | atomic_t refcnt; | |
58 | ||
59 | char name[12]; | |
60 | int id; | |
61 | unsigned long flags; | |
62 | int opened; | |
63 | int err; | |
64 | ||
65 | bdaddr_t src; | |
66 | bdaddr_t dst; | |
67 | u8 channel; | |
68 | ||
69 | uint modem_status; | |
70 | ||
71 | struct rfcomm_dlc *dlc; | |
72 | struct tty_struct *tty; | |
73 | wait_queue_head_t wait; | |
74 | struct tasklet_struct wakeup_task; | |
75 | ||
76 | atomic_t wmem_alloc; | |
77 | }; | |
78 | ||
79 | static LIST_HEAD(rfcomm_dev_list); | |
80 | static DEFINE_RWLOCK(rfcomm_dev_lock); | |
81 | ||
82 | static void rfcomm_dev_data_ready(struct rfcomm_dlc *dlc, struct sk_buff *skb); | |
83 | static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err); | |
84 | static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig); | |
85 | ||
86 | static void rfcomm_tty_wakeup(unsigned long arg); | |
87 | ||
88 | /* ---- Device functions ---- */ | |
89 | static void rfcomm_dev_destruct(struct rfcomm_dev *dev) | |
90 | { | |
91 | struct rfcomm_dlc *dlc = dev->dlc; | |
92 | ||
93 | BT_DBG("dev %p dlc %p", dev, dlc); | |
94 | ||
95 | rfcomm_dlc_lock(dlc); | |
96 | /* Detach DLC if it's owned by this dev */ | |
97 | if (dlc->owner == dev) | |
98 | dlc->owner = NULL; | |
99 | rfcomm_dlc_unlock(dlc); | |
100 | ||
101 | rfcomm_dlc_put(dlc); | |
102 | ||
103 | tty_unregister_device(rfcomm_tty_driver, dev->id); | |
104 | ||
105 | /* Refcount should only hit zero when called from rfcomm_dev_del() | |
106 | which will have taken us off the list. Everything else are | |
107 | refcounting bugs. */ | |
108 | BUG_ON(!list_empty(&dev->list)); | |
109 | ||
110 | kfree(dev); | |
111 | ||
112 | /* It's safe to call module_put() here because socket still | |
113 | holds reference to this module. */ | |
114 | module_put(THIS_MODULE); | |
115 | } | |
116 | ||
117 | static inline void rfcomm_dev_hold(struct rfcomm_dev *dev) | |
118 | { | |
119 | atomic_inc(&dev->refcnt); | |
120 | } | |
121 | ||
122 | static inline void rfcomm_dev_put(struct rfcomm_dev *dev) | |
123 | { | |
124 | /* The reason this isn't actually a race, as you no | |
125 | doubt have a little voice screaming at you in your | |
126 | head, is that the refcount should never actually | |
127 | reach zero unless the device has already been taken | |
128 | off the list, in rfcomm_dev_del(). And if that's not | |
129 | true, we'll hit the BUG() in rfcomm_dev_destruct() | |
130 | anyway. */ | |
131 | if (atomic_dec_and_test(&dev->refcnt)) | |
132 | rfcomm_dev_destruct(dev); | |
133 | } | |
134 | ||
135 | static struct rfcomm_dev *__rfcomm_dev_get(int id) | |
136 | { | |
137 | struct rfcomm_dev *dev; | |
138 | struct list_head *p; | |
139 | ||
140 | list_for_each(p, &rfcomm_dev_list) { | |
141 | dev = list_entry(p, struct rfcomm_dev, list); | |
142 | if (dev->id == id) | |
143 | return dev; | |
144 | } | |
145 | ||
146 | return NULL; | |
147 | } | |
148 | ||
149 | static inline struct rfcomm_dev *rfcomm_dev_get(int id) | |
150 | { | |
151 | struct rfcomm_dev *dev; | |
152 | ||
153 | read_lock(&rfcomm_dev_lock); | |
154 | ||
155 | dev = __rfcomm_dev_get(id); | |
156 | if (dev) | |
157 | rfcomm_dev_hold(dev); | |
158 | ||
159 | read_unlock(&rfcomm_dev_lock); | |
160 | ||
161 | return dev; | |
162 | } | |
163 | ||
164 | static int rfcomm_dev_add(struct rfcomm_dev_req *req, struct rfcomm_dlc *dlc) | |
165 | { | |
166 | struct rfcomm_dev *dev; | |
167 | struct list_head *head = &rfcomm_dev_list, *p; | |
168 | int err = 0; | |
169 | ||
170 | BT_DBG("id %d channel %d", req->dev_id, req->channel); | |
171 | ||
172 | dev = kmalloc(sizeof(struct rfcomm_dev), GFP_KERNEL); | |
173 | if (!dev) | |
174 | return -ENOMEM; | |
175 | memset(dev, 0, sizeof(struct rfcomm_dev)); | |
176 | ||
177 | write_lock_bh(&rfcomm_dev_lock); | |
178 | ||
179 | if (req->dev_id < 0) { | |
180 | dev->id = 0; | |
181 | ||
182 | list_for_each(p, &rfcomm_dev_list) { | |
183 | if (list_entry(p, struct rfcomm_dev, list)->id != dev->id) | |
184 | break; | |
185 | ||
186 | dev->id++; | |
187 | head = p; | |
188 | } | |
189 | } else { | |
190 | dev->id = req->dev_id; | |
191 | ||
192 | list_for_each(p, &rfcomm_dev_list) { | |
193 | struct rfcomm_dev *entry = list_entry(p, struct rfcomm_dev, list); | |
194 | ||
195 | if (entry->id == dev->id) { | |
196 | err = -EADDRINUSE; | |
197 | goto out; | |
198 | } | |
199 | ||
200 | if (entry->id > dev->id - 1) | |
201 | break; | |
202 | ||
203 | head = p; | |
204 | } | |
205 | } | |
206 | ||
207 | if ((dev->id < 0) || (dev->id > RFCOMM_MAX_DEV - 1)) { | |
208 | err = -ENFILE; | |
209 | goto out; | |
210 | } | |
211 | ||
212 | sprintf(dev->name, "rfcomm%d", dev->id); | |
213 | ||
214 | list_add(&dev->list, head); | |
215 | atomic_set(&dev->refcnt, 1); | |
216 | ||
217 | bacpy(&dev->src, &req->src); | |
218 | bacpy(&dev->dst, &req->dst); | |
219 | dev->channel = req->channel; | |
220 | ||
221 | dev->flags = req->flags & | |
222 | ((1 << RFCOMM_RELEASE_ONHUP) | (1 << RFCOMM_REUSE_DLC)); | |
223 | ||
224 | init_waitqueue_head(&dev->wait); | |
225 | tasklet_init(&dev->wakeup_task, rfcomm_tty_wakeup, (unsigned long) dev); | |
226 | ||
227 | rfcomm_dlc_lock(dlc); | |
228 | dlc->data_ready = rfcomm_dev_data_ready; | |
229 | dlc->state_change = rfcomm_dev_state_change; | |
230 | dlc->modem_status = rfcomm_dev_modem_status; | |
231 | ||
232 | dlc->owner = dev; | |
233 | dev->dlc = dlc; | |
234 | rfcomm_dlc_unlock(dlc); | |
235 | ||
236 | /* It's safe to call __module_get() here because socket already | |
237 | holds reference to this module. */ | |
238 | __module_get(THIS_MODULE); | |
239 | ||
240 | out: | |
241 | write_unlock_bh(&rfcomm_dev_lock); | |
242 | ||
243 | if (err) { | |
244 | kfree(dev); | |
245 | return err; | |
246 | } | |
247 | ||
248 | tty_register_device(rfcomm_tty_driver, dev->id, NULL); | |
249 | ||
250 | return dev->id; | |
251 | } | |
252 | ||
253 | static void rfcomm_dev_del(struct rfcomm_dev *dev) | |
254 | { | |
255 | BT_DBG("dev %p", dev); | |
256 | ||
257 | write_lock_bh(&rfcomm_dev_lock); | |
258 | list_del_init(&dev->list); | |
259 | write_unlock_bh(&rfcomm_dev_lock); | |
260 | ||
261 | rfcomm_dev_put(dev); | |
262 | } | |
263 | ||
264 | /* ---- Send buffer ---- */ | |
265 | static inline unsigned int rfcomm_room(struct rfcomm_dlc *dlc) | |
266 | { | |
267 | /* We can't let it be zero, because we don't get a callback | |
268 | when tx_credits becomes nonzero, hence we'd never wake up */ | |
269 | return dlc->mtu * (dlc->tx_credits?:1); | |
270 | } | |
271 | ||
272 | static void rfcomm_wfree(struct sk_buff *skb) | |
273 | { | |
274 | struct rfcomm_dev *dev = (void *) skb->sk; | |
275 | atomic_sub(skb->truesize, &dev->wmem_alloc); | |
276 | if (test_bit(RFCOMM_TTY_ATTACHED, &dev->flags)) | |
277 | tasklet_schedule(&dev->wakeup_task); | |
278 | rfcomm_dev_put(dev); | |
279 | } | |
280 | ||
281 | static inline void rfcomm_set_owner_w(struct sk_buff *skb, struct rfcomm_dev *dev) | |
282 | { | |
283 | rfcomm_dev_hold(dev); | |
284 | atomic_add(skb->truesize, &dev->wmem_alloc); | |
285 | skb->sk = (void *) dev; | |
286 | skb->destructor = rfcomm_wfree; | |
287 | } | |
288 | ||
289 | static struct sk_buff *rfcomm_wmalloc(struct rfcomm_dev *dev, unsigned long size, int priority) | |
290 | { | |
291 | if (atomic_read(&dev->wmem_alloc) < rfcomm_room(dev->dlc)) { | |
292 | struct sk_buff *skb = alloc_skb(size, priority); | |
293 | if (skb) { | |
294 | rfcomm_set_owner_w(skb, dev); | |
295 | return skb; | |
296 | } | |
297 | } | |
298 | return NULL; | |
299 | } | |
300 | ||
301 | /* ---- Device IOCTLs ---- */ | |
302 | ||
303 | #define NOCAP_FLAGS ((1 << RFCOMM_REUSE_DLC) | (1 << RFCOMM_RELEASE_ONHUP)) | |
304 | ||
305 | static int rfcomm_create_dev(struct sock *sk, void __user *arg) | |
306 | { | |
307 | struct rfcomm_dev_req req; | |
308 | struct rfcomm_dlc *dlc; | |
309 | int id; | |
310 | ||
311 | if (copy_from_user(&req, arg, sizeof(req))) | |
312 | return -EFAULT; | |
313 | ||
314 | BT_DBG("sk %p dev_id %id flags 0x%x", sk, req.dev_id, req.flags); | |
315 | ||
316 | if (req.flags != NOCAP_FLAGS && !capable(CAP_NET_ADMIN)) | |
317 | return -EPERM; | |
318 | ||
319 | if (req.flags & (1 << RFCOMM_REUSE_DLC)) { | |
320 | /* Socket must be connected */ | |
321 | if (sk->sk_state != BT_CONNECTED) | |
322 | return -EBADFD; | |
323 | ||
324 | dlc = rfcomm_pi(sk)->dlc; | |
325 | rfcomm_dlc_hold(dlc); | |
326 | } else { | |
327 | dlc = rfcomm_dlc_alloc(GFP_KERNEL); | |
328 | if (!dlc) | |
329 | return -ENOMEM; | |
330 | } | |
331 | ||
332 | id = rfcomm_dev_add(&req, dlc); | |
333 | if (id < 0) { | |
334 | rfcomm_dlc_put(dlc); | |
335 | return id; | |
336 | } | |
337 | ||
338 | if (req.flags & (1 << RFCOMM_REUSE_DLC)) { | |
339 | /* DLC is now used by device. | |
340 | * Socket must be disconnected */ | |
341 | sk->sk_state = BT_CLOSED; | |
342 | } | |
343 | ||
344 | return id; | |
345 | } | |
346 | ||
347 | static int rfcomm_release_dev(void __user *arg) | |
348 | { | |
349 | struct rfcomm_dev_req req; | |
350 | struct rfcomm_dev *dev; | |
351 | ||
352 | if (copy_from_user(&req, arg, sizeof(req))) | |
353 | return -EFAULT; | |
354 | ||
355 | BT_DBG("dev_id %id flags 0x%x", req.dev_id, req.flags); | |
356 | ||
357 | if (!(dev = rfcomm_dev_get(req.dev_id))) | |
358 | return -ENODEV; | |
359 | ||
360 | if (dev->flags != NOCAP_FLAGS && !capable(CAP_NET_ADMIN)) { | |
361 | rfcomm_dev_put(dev); | |
362 | return -EPERM; | |
363 | } | |
364 | ||
365 | if (req.flags & (1 << RFCOMM_HANGUP_NOW)) | |
366 | rfcomm_dlc_close(dev->dlc, 0); | |
367 | ||
368 | rfcomm_dev_del(dev); | |
369 | rfcomm_dev_put(dev); | |
370 | return 0; | |
371 | } | |
372 | ||
373 | static int rfcomm_get_dev_list(void __user *arg) | |
374 | { | |
375 | struct rfcomm_dev_list_req *dl; | |
376 | struct rfcomm_dev_info *di; | |
377 | struct list_head *p; | |
378 | int n = 0, size, err; | |
379 | u16 dev_num; | |
380 | ||
381 | BT_DBG(""); | |
382 | ||
383 | if (get_user(dev_num, (u16 __user *) arg)) | |
384 | return -EFAULT; | |
385 | ||
386 | if (!dev_num || dev_num > (PAGE_SIZE * 4) / sizeof(*di)) | |
387 | return -EINVAL; | |
388 | ||
389 | size = sizeof(*dl) + dev_num * sizeof(*di); | |
390 | ||
391 | if (!(dl = kmalloc(size, GFP_KERNEL))) | |
392 | return -ENOMEM; | |
393 | ||
394 | di = dl->dev_info; | |
395 | ||
396 | read_lock_bh(&rfcomm_dev_lock); | |
397 | ||
398 | list_for_each(p, &rfcomm_dev_list) { | |
399 | struct rfcomm_dev *dev = list_entry(p, struct rfcomm_dev, list); | |
400 | (di + n)->id = dev->id; | |
401 | (di + n)->flags = dev->flags; | |
402 | (di + n)->state = dev->dlc->state; | |
403 | (di + n)->channel = dev->channel; | |
404 | bacpy(&(di + n)->src, &dev->src); | |
405 | bacpy(&(di + n)->dst, &dev->dst); | |
406 | if (++n >= dev_num) | |
407 | break; | |
408 | } | |
409 | ||
410 | read_unlock_bh(&rfcomm_dev_lock); | |
411 | ||
412 | dl->dev_num = n; | |
413 | size = sizeof(*dl) + n * sizeof(*di); | |
414 | ||
415 | err = copy_to_user(arg, dl, size); | |
416 | kfree(dl); | |
417 | ||
418 | return err ? -EFAULT : 0; | |
419 | } | |
420 | ||
421 | static int rfcomm_get_dev_info(void __user *arg) | |
422 | { | |
423 | struct rfcomm_dev *dev; | |
424 | struct rfcomm_dev_info di; | |
425 | int err = 0; | |
426 | ||
427 | BT_DBG(""); | |
428 | ||
429 | if (copy_from_user(&di, arg, sizeof(di))) | |
430 | return -EFAULT; | |
431 | ||
432 | if (!(dev = rfcomm_dev_get(di.id))) | |
433 | return -ENODEV; | |
434 | ||
435 | di.flags = dev->flags; | |
436 | di.channel = dev->channel; | |
437 | di.state = dev->dlc->state; | |
438 | bacpy(&di.src, &dev->src); | |
439 | bacpy(&di.dst, &dev->dst); | |
440 | ||
441 | if (copy_to_user(arg, &di, sizeof(di))) | |
442 | err = -EFAULT; | |
443 | ||
444 | rfcomm_dev_put(dev); | |
445 | return err; | |
446 | } | |
447 | ||
448 | int rfcomm_dev_ioctl(struct sock *sk, unsigned int cmd, void __user *arg) | |
449 | { | |
450 | BT_DBG("cmd %d arg %p", cmd, arg); | |
451 | ||
452 | switch (cmd) { | |
453 | case RFCOMMCREATEDEV: | |
454 | return rfcomm_create_dev(sk, arg); | |
455 | ||
456 | case RFCOMMRELEASEDEV: | |
457 | return rfcomm_release_dev(arg); | |
458 | ||
459 | case RFCOMMGETDEVLIST: | |
460 | return rfcomm_get_dev_list(arg); | |
461 | ||
462 | case RFCOMMGETDEVINFO: | |
463 | return rfcomm_get_dev_info(arg); | |
464 | } | |
465 | ||
466 | return -EINVAL; | |
467 | } | |
468 | ||
469 | /* ---- DLC callbacks ---- */ | |
470 | static void rfcomm_dev_data_ready(struct rfcomm_dlc *dlc, struct sk_buff *skb) | |
471 | { | |
472 | struct rfcomm_dev *dev = dlc->owner; | |
473 | struct tty_struct *tty; | |
474 | ||
475 | if (!dev || !(tty = dev->tty)) { | |
476 | kfree_skb(skb); | |
477 | return; | |
478 | } | |
479 | ||
480 | BT_DBG("dlc %p tty %p len %d", dlc, tty, skb->len); | |
481 | ||
482 | if (test_bit(TTY_DONT_FLIP, &tty->flags)) { | |
483 | register int i; | |
484 | for (i = 0; i < skb->len; i++) { | |
485 | if (tty->flip.count >= TTY_FLIPBUF_SIZE) | |
486 | tty_flip_buffer_push(tty); | |
487 | ||
488 | tty_insert_flip_char(tty, skb->data[i], 0); | |
489 | } | |
490 | tty_flip_buffer_push(tty); | |
491 | } else | |
492 | tty->ldisc.receive_buf(tty, skb->data, NULL, skb->len); | |
493 | ||
494 | kfree_skb(skb); | |
495 | } | |
496 | ||
497 | static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err) | |
498 | { | |
499 | struct rfcomm_dev *dev = dlc->owner; | |
500 | if (!dev) | |
501 | return; | |
502 | ||
503 | BT_DBG("dlc %p dev %p err %d", dlc, dev, err); | |
504 | ||
505 | dev->err = err; | |
506 | wake_up_interruptible(&dev->wait); | |
507 | ||
508 | if (dlc->state == BT_CLOSED) { | |
509 | if (!dev->tty) { | |
510 | if (test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags)) { | |
511 | rfcomm_dev_hold(dev); | |
512 | rfcomm_dev_del(dev); | |
513 | ||
514 | /* We have to drop DLC lock here, otherwise | |
515 | rfcomm_dev_put() will dead lock if it's | |
516 | the last reference. */ | |
517 | rfcomm_dlc_unlock(dlc); | |
518 | rfcomm_dev_put(dev); | |
519 | rfcomm_dlc_lock(dlc); | |
520 | } | |
521 | } else | |
522 | tty_hangup(dev->tty); | |
523 | } | |
524 | } | |
525 | ||
526 | static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig) | |
527 | { | |
528 | struct rfcomm_dev *dev = dlc->owner; | |
529 | if (!dev) | |
530 | return; | |
531 | ||
532 | BT_DBG("dlc %p dev %p v24_sig 0x%02x", dlc, dev, v24_sig); | |
533 | ||
534 | dev->modem_status = | |
535 | ((v24_sig & RFCOMM_V24_RTC) ? (TIOCM_DSR | TIOCM_DTR) : 0) | | |
536 | ((v24_sig & RFCOMM_V24_RTR) ? (TIOCM_RTS | TIOCM_CTS) : 0) | | |
537 | ((v24_sig & RFCOMM_V24_IC) ? TIOCM_RI : 0) | | |
538 | ((v24_sig & RFCOMM_V24_DV) ? TIOCM_CD : 0); | |
539 | } | |
540 | ||
541 | /* ---- TTY functions ---- */ | |
542 | static void rfcomm_tty_wakeup(unsigned long arg) | |
543 | { | |
544 | struct rfcomm_dev *dev = (void *) arg; | |
545 | struct tty_struct *tty = dev->tty; | |
546 | if (!tty) | |
547 | return; | |
548 | ||
549 | BT_DBG("dev %p tty %p", dev, tty); | |
550 | ||
551 | if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags) && tty->ldisc.write_wakeup) | |
552 | (tty->ldisc.write_wakeup)(tty); | |
553 | ||
554 | wake_up_interruptible(&tty->write_wait); | |
555 | #ifdef SERIAL_HAVE_POLL_WAIT | |
556 | wake_up_interruptible(&tty->poll_wait); | |
557 | #endif | |
558 | } | |
559 | ||
560 | static int rfcomm_tty_open(struct tty_struct *tty, struct file *filp) | |
561 | { | |
562 | DECLARE_WAITQUEUE(wait, current); | |
563 | struct rfcomm_dev *dev; | |
564 | struct rfcomm_dlc *dlc; | |
565 | int err, id; | |
566 | ||
567 | id = tty->index; | |
568 | ||
569 | BT_DBG("tty %p id %d", tty, id); | |
570 | ||
571 | /* We don't leak this refcount. For reasons which are not entirely | |
572 | clear, the TTY layer will call our ->close() method even if the | |
573 | open fails. We decrease the refcount there, and decreasing it | |
574 | here too would cause breakage. */ | |
575 | dev = rfcomm_dev_get(id); | |
576 | if (!dev) | |
577 | return -ENODEV; | |
578 | ||
579 | BT_DBG("dev %p dst %s channel %d opened %d", dev, batostr(&dev->dst), dev->channel, dev->opened); | |
580 | ||
581 | if (dev->opened++ != 0) | |
582 | return 0; | |
583 | ||
584 | dlc = dev->dlc; | |
585 | ||
586 | /* Attach TTY and open DLC */ | |
587 | ||
588 | rfcomm_dlc_lock(dlc); | |
589 | tty->driver_data = dev; | |
590 | dev->tty = tty; | |
591 | rfcomm_dlc_unlock(dlc); | |
592 | set_bit(RFCOMM_TTY_ATTACHED, &dev->flags); | |
593 | ||
594 | err = rfcomm_dlc_open(dlc, &dev->src, &dev->dst, dev->channel); | |
595 | if (err < 0) | |
596 | return err; | |
597 | ||
598 | /* Wait for DLC to connect */ | |
599 | add_wait_queue(&dev->wait, &wait); | |
600 | while (1) { | |
601 | set_current_state(TASK_INTERRUPTIBLE); | |
602 | ||
603 | if (dlc->state == BT_CLOSED) { | |
604 | err = -dev->err; | |
605 | break; | |
606 | } | |
607 | ||
608 | if (dlc->state == BT_CONNECTED) | |
609 | break; | |
610 | ||
611 | if (signal_pending(current)) { | |
612 | err = -EINTR; | |
613 | break; | |
614 | } | |
615 | ||
616 | schedule(); | |
617 | } | |
618 | set_current_state(TASK_RUNNING); | |
619 | remove_wait_queue(&dev->wait, &wait); | |
620 | ||
621 | return err; | |
622 | } | |
623 | ||
624 | static void rfcomm_tty_close(struct tty_struct *tty, struct file *filp) | |
625 | { | |
626 | struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; | |
627 | if (!dev) | |
628 | return; | |
629 | ||
630 | BT_DBG("tty %p dev %p dlc %p opened %d", tty, dev, dev->dlc, dev->opened); | |
631 | ||
632 | if (--dev->opened == 0) { | |
633 | /* Close DLC and dettach TTY */ | |
634 | rfcomm_dlc_close(dev->dlc, 0); | |
635 | ||
636 | clear_bit(RFCOMM_TTY_ATTACHED, &dev->flags); | |
637 | tasklet_kill(&dev->wakeup_task); | |
638 | ||
639 | rfcomm_dlc_lock(dev->dlc); | |
640 | tty->driver_data = NULL; | |
641 | dev->tty = NULL; | |
642 | rfcomm_dlc_unlock(dev->dlc); | |
643 | } | |
644 | ||
645 | rfcomm_dev_put(dev); | |
646 | } | |
647 | ||
648 | static int rfcomm_tty_write(struct tty_struct *tty, const unsigned char *buf, int count) | |
649 | { | |
650 | struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; | |
651 | struct rfcomm_dlc *dlc = dev->dlc; | |
652 | struct sk_buff *skb; | |
653 | int err = 0, sent = 0, size; | |
654 | ||
655 | BT_DBG("tty %p count %d", tty, count); | |
656 | ||
657 | while (count) { | |
658 | size = min_t(uint, count, dlc->mtu); | |
659 | ||
660 | skb = rfcomm_wmalloc(dev, size + RFCOMM_SKB_RESERVE, GFP_ATOMIC); | |
661 | ||
662 | if (!skb) | |
663 | break; | |
664 | ||
665 | skb_reserve(skb, RFCOMM_SKB_HEAD_RESERVE); | |
666 | ||
667 | memcpy(skb_put(skb, size), buf + sent, size); | |
668 | ||
669 | if ((err = rfcomm_dlc_send(dlc, skb)) < 0) { | |
670 | kfree_skb(skb); | |
671 | break; | |
672 | } | |
673 | ||
674 | sent += size; | |
675 | count -= size; | |
676 | } | |
677 | ||
678 | return sent ? sent : err; | |
679 | } | |
680 | ||
681 | static int rfcomm_tty_write_room(struct tty_struct *tty) | |
682 | { | |
683 | struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; | |
684 | int room; | |
685 | ||
686 | BT_DBG("tty %p", tty); | |
687 | ||
688 | room = rfcomm_room(dev->dlc) - atomic_read(&dev->wmem_alloc); | |
689 | if (room < 0) | |
690 | room = 0; | |
691 | return room; | |
692 | } | |
693 | ||
694 | static int rfcomm_tty_ioctl(struct tty_struct *tty, struct file *filp, unsigned int cmd, unsigned long arg) | |
695 | { | |
696 | BT_DBG("tty %p cmd 0x%02x", tty, cmd); | |
697 | ||
698 | switch (cmd) { | |
699 | case TCGETS: | |
700 | BT_DBG("TCGETS is not supported"); | |
701 | return -ENOIOCTLCMD; | |
702 | ||
703 | case TCSETS: | |
704 | BT_DBG("TCSETS is not supported"); | |
705 | return -ENOIOCTLCMD; | |
706 | ||
707 | case TIOCMIWAIT: | |
708 | BT_DBG("TIOCMIWAIT"); | |
709 | break; | |
710 | ||
711 | case TIOCGICOUNT: | |
712 | BT_DBG("TIOCGICOUNT"); | |
713 | break; | |
714 | ||
715 | case TIOCGSERIAL: | |
716 | BT_ERR("TIOCGSERIAL is not supported"); | |
717 | return -ENOIOCTLCMD; | |
718 | ||
719 | case TIOCSSERIAL: | |
720 | BT_ERR("TIOCSSERIAL is not supported"); | |
721 | return -ENOIOCTLCMD; | |
722 | ||
723 | case TIOCSERGSTRUCT: | |
724 | BT_ERR("TIOCSERGSTRUCT is not supported"); | |
725 | return -ENOIOCTLCMD; | |
726 | ||
727 | case TIOCSERGETLSR: | |
728 | BT_ERR("TIOCSERGETLSR is not supported"); | |
729 | return -ENOIOCTLCMD; | |
730 | ||
731 | case TIOCSERCONFIG: | |
732 | BT_ERR("TIOCSERCONFIG is not supported"); | |
733 | return -ENOIOCTLCMD; | |
734 | ||
735 | default: | |
736 | return -ENOIOCTLCMD; /* ioctls which we must ignore */ | |
737 | ||
738 | } | |
739 | ||
740 | return -ENOIOCTLCMD; | |
741 | } | |
742 | ||
743 | #define RELEVANT_IFLAG(iflag) (iflag & (IGNBRK|BRKINT|IGNPAR|PARMRK|INPCK)) | |
744 | ||
745 | static void rfcomm_tty_set_termios(struct tty_struct *tty, struct termios *old) | |
746 | { | |
747 | BT_DBG("tty %p", tty); | |
748 | ||
749 | if ((tty->termios->c_cflag == old->c_cflag) && | |
750 | (RELEVANT_IFLAG(tty->termios->c_iflag) == RELEVANT_IFLAG(old->c_iflag))) | |
751 | return; | |
752 | ||
753 | /* handle turning off CRTSCTS */ | |
754 | if ((old->c_cflag & CRTSCTS) && !(tty->termios->c_cflag & CRTSCTS)) { | |
755 | BT_DBG("turning off CRTSCTS"); | |
756 | } | |
757 | } | |
758 | ||
759 | static void rfcomm_tty_throttle(struct tty_struct *tty) | |
760 | { | |
761 | struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; | |
762 | ||
763 | BT_DBG("tty %p dev %p", tty, dev); | |
764 | ||
765 | rfcomm_dlc_throttle(dev->dlc); | |
766 | } | |
767 | ||
768 | static void rfcomm_tty_unthrottle(struct tty_struct *tty) | |
769 | { | |
770 | struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; | |
771 | ||
772 | BT_DBG("tty %p dev %p", tty, dev); | |
773 | ||
774 | rfcomm_dlc_unthrottle(dev->dlc); | |
775 | } | |
776 | ||
777 | static int rfcomm_tty_chars_in_buffer(struct tty_struct *tty) | |
778 | { | |
779 | struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; | |
780 | struct rfcomm_dlc *dlc = dev->dlc; | |
781 | ||
782 | BT_DBG("tty %p dev %p", tty, dev); | |
783 | ||
784 | if (skb_queue_len(&dlc->tx_queue)) | |
785 | return dlc->mtu; | |
786 | ||
787 | return 0; | |
788 | } | |
789 | ||
790 | static void rfcomm_tty_flush_buffer(struct tty_struct *tty) | |
791 | { | |
792 | struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; | |
793 | if (!dev) | |
794 | return; | |
795 | ||
796 | BT_DBG("tty %p dev %p", tty, dev); | |
797 | ||
798 | skb_queue_purge(&dev->dlc->tx_queue); | |
799 | ||
800 | if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags) && tty->ldisc.write_wakeup) | |
801 | tty->ldisc.write_wakeup(tty); | |
802 | } | |
803 | ||
804 | static void rfcomm_tty_send_xchar(struct tty_struct *tty, char ch) | |
805 | { | |
806 | BT_DBG("tty %p ch %c", tty, ch); | |
807 | } | |
808 | ||
809 | static void rfcomm_tty_wait_until_sent(struct tty_struct *tty, int timeout) | |
810 | { | |
811 | BT_DBG("tty %p timeout %d", tty, timeout); | |
812 | } | |
813 | ||
814 | static void rfcomm_tty_hangup(struct tty_struct *tty) | |
815 | { | |
816 | struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; | |
817 | if (!dev) | |
818 | return; | |
819 | ||
820 | BT_DBG("tty %p dev %p", tty, dev); | |
821 | ||
822 | rfcomm_tty_flush_buffer(tty); | |
823 | ||
824 | if (test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags)) | |
825 | rfcomm_dev_del(dev); | |
826 | } | |
827 | ||
828 | static int rfcomm_tty_read_proc(char *buf, char **start, off_t offset, int len, int *eof, void *unused) | |
829 | { | |
830 | return 0; | |
831 | } | |
832 | ||
833 | static int rfcomm_tty_tiocmget(struct tty_struct *tty, struct file *filp) | |
834 | { | |
835 | struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; | |
836 | ||
837 | BT_DBG("tty %p dev %p", tty, dev); | |
838 | ||
839 | return dev->modem_status; | |
840 | } | |
841 | ||
842 | static int rfcomm_tty_tiocmset(struct tty_struct *tty, struct file *filp, unsigned int set, unsigned int clear) | |
843 | { | |
844 | struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; | |
845 | struct rfcomm_dlc *dlc = dev->dlc; | |
846 | u8 v24_sig; | |
847 | ||
848 | BT_DBG("tty %p dev %p set 0x%02x clear 0x%02x", tty, dev, set, clear); | |
849 | ||
850 | rfcomm_dlc_get_modem_status(dlc, &v24_sig); | |
851 | ||
852 | if (set & TIOCM_DSR || set & TIOCM_DTR) | |
853 | v24_sig |= RFCOMM_V24_RTC; | |
854 | if (set & TIOCM_RTS || set & TIOCM_CTS) | |
855 | v24_sig |= RFCOMM_V24_RTR; | |
856 | if (set & TIOCM_RI) | |
857 | v24_sig |= RFCOMM_V24_IC; | |
858 | if (set & TIOCM_CD) | |
859 | v24_sig |= RFCOMM_V24_DV; | |
860 | ||
861 | if (clear & TIOCM_DSR || clear & TIOCM_DTR) | |
862 | v24_sig &= ~RFCOMM_V24_RTC; | |
863 | if (clear & TIOCM_RTS || clear & TIOCM_CTS) | |
864 | v24_sig &= ~RFCOMM_V24_RTR; | |
865 | if (clear & TIOCM_RI) | |
866 | v24_sig &= ~RFCOMM_V24_IC; | |
867 | if (clear & TIOCM_CD) | |
868 | v24_sig &= ~RFCOMM_V24_DV; | |
869 | ||
870 | rfcomm_dlc_set_modem_status(dlc, v24_sig); | |
871 | ||
872 | return 0; | |
873 | } | |
874 | ||
875 | /* ---- TTY structure ---- */ | |
876 | ||
877 | static struct tty_operations rfcomm_ops = { | |
878 | .open = rfcomm_tty_open, | |
879 | .close = rfcomm_tty_close, | |
880 | .write = rfcomm_tty_write, | |
881 | .write_room = rfcomm_tty_write_room, | |
882 | .chars_in_buffer = rfcomm_tty_chars_in_buffer, | |
883 | .flush_buffer = rfcomm_tty_flush_buffer, | |
884 | .ioctl = rfcomm_tty_ioctl, | |
885 | .throttle = rfcomm_tty_throttle, | |
886 | .unthrottle = rfcomm_tty_unthrottle, | |
887 | .set_termios = rfcomm_tty_set_termios, | |
888 | .send_xchar = rfcomm_tty_send_xchar, | |
889 | .hangup = rfcomm_tty_hangup, | |
890 | .wait_until_sent = rfcomm_tty_wait_until_sent, | |
891 | .read_proc = rfcomm_tty_read_proc, | |
892 | .tiocmget = rfcomm_tty_tiocmget, | |
893 | .tiocmset = rfcomm_tty_tiocmset, | |
894 | }; | |
895 | ||
896 | int rfcomm_init_ttys(void) | |
897 | { | |
898 | rfcomm_tty_driver = alloc_tty_driver(RFCOMM_TTY_PORTS); | |
899 | if (!rfcomm_tty_driver) | |
900 | return -1; | |
901 | ||
902 | rfcomm_tty_driver->owner = THIS_MODULE; | |
903 | rfcomm_tty_driver->driver_name = "rfcomm"; | |
904 | rfcomm_tty_driver->devfs_name = "bluetooth/rfcomm/"; | |
905 | rfcomm_tty_driver->name = "rfcomm"; | |
906 | rfcomm_tty_driver->major = RFCOMM_TTY_MAJOR; | |
907 | rfcomm_tty_driver->minor_start = RFCOMM_TTY_MINOR; | |
908 | rfcomm_tty_driver->type = TTY_DRIVER_TYPE_SERIAL; | |
909 | rfcomm_tty_driver->subtype = SERIAL_TYPE_NORMAL; | |
910 | rfcomm_tty_driver->flags = TTY_DRIVER_REAL_RAW | TTY_DRIVER_NO_DEVFS; | |
911 | rfcomm_tty_driver->init_termios = tty_std_termios; | |
912 | rfcomm_tty_driver->init_termios.c_cflag = B9600 | CS8 | CREAD | HUPCL | CLOCAL; | |
913 | tty_set_operations(rfcomm_tty_driver, &rfcomm_ops); | |
914 | ||
915 | if (tty_register_driver(rfcomm_tty_driver)) { | |
916 | BT_ERR("Can't register RFCOMM TTY driver"); | |
917 | put_tty_driver(rfcomm_tty_driver); | |
918 | return -1; | |
919 | } | |
920 | ||
921 | BT_INFO("RFCOMM TTY layer initialized"); | |
922 | ||
923 | return 0; | |
924 | } | |
925 | ||
926 | void rfcomm_cleanup_ttys(void) | |
927 | { | |
928 | tty_unregister_driver(rfcomm_tty_driver); | |
929 | put_tty_driver(rfcomm_tty_driver); | |
930 | } |