~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/net/bluetooth/rfcomm/tty.c

Version: ~ [ linux-5.2-rc6 ] ~ [ linux-5.1.15 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.56 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.130 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.183 ] ~ [ linux-4.8.17 ] ~ [ linux-4.7.10 ] ~ [ linux-4.6.7 ] ~ [ linux-4.5.7 ] ~ [ linux-4.4.183 ] ~ [ linux-4.3.6 ] ~ [ linux-4.2.8 ] ~ [ linux-4.1.52 ] ~ [ linux-4.0.9 ] ~ [ linux-3.19.8 ] ~ [ linux-3.18.140 ] ~ [ linux-3.17.8 ] ~ [ linux-3.16.69 ] ~ [ linux-3.15.10 ] ~ [ linux-3.14.79 ] ~ [ linux-3.13.11 ] ~ [ linux-3.12.74 ] ~ [ linux-3.11.10 ] ~ [ linux-3.10.108 ] ~ [ linux-3.9.11 ] ~ [ linux-3.8.13 ] ~ [ linux-3.7.10 ] ~ [ linux-3.6.11 ] ~ [ linux-3.5.7 ] ~ [ linux-3.4.113 ] ~ [ linux-3.3.8 ] ~ [ linux-3.2.102 ] ~ [ linux-3.1.10 ] ~ [ linux-3.0.101 ] ~ [ linux-2.6.39.4 ] ~ [ linux-2.6.38.8 ] ~ [ linux-2.6.37.6 ] ~ [ linux-2.6.36.4 ] ~ [ linux-2.6.35.14 ] ~ [ linux-2.6.34.15 ] ~ [ linux-2.6.33.20 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.5 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

  1 /*
  2    RFCOMM implementation for Linux Bluetooth stack (BlueZ).
  3    Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com>
  4    Copyright (C) 2002 Marcel Holtmann <marcel@holtmann.org>
  5 
  6    This program is free software; you can redistribute it and/or modify
  7    it under the terms of the GNU General Public License version 2 as
  8    published by the Free Software Foundation;
  9 
 10    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
 11    OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 12    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
 13    IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
 14    CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
 15    WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
 16    ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 17    OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 18 
 19    ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
 20    COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
 21    SOFTWARE IS DISCLAIMED.
 22 */
 23 
 24 /*
 25  * RFCOMM TTY.
 26  */
 27 
 28 #include <linux/module.h>
 29 
 30 #include <linux/tty.h>
 31 #include <linux/tty_driver.h>
 32 #include <linux/tty_flip.h>
 33 
 34 #include <net/bluetooth/bluetooth.h>
 35 #include <net/bluetooth/hci_core.h>
 36 #include <net/bluetooth/rfcomm.h>
 37 
 38 #define RFCOMM_TTY_MAGIC 0x6d02         /* magic number for rfcomm struct */
 39 #define RFCOMM_TTY_PORTS RFCOMM_MAX_DEV /* whole lotta rfcomm devices */
 40 #define RFCOMM_TTY_MAJOR 216            /* device node major id of the usb/bluetooth.c driver */
 41 #define RFCOMM_TTY_MINOR 0
 42 
 43 static DEFINE_MUTEX(rfcomm_ioctl_mutex);
 44 static struct tty_driver *rfcomm_tty_driver;
 45 
 46 struct rfcomm_dev {
 47         struct tty_port         port;
 48         struct list_head        list;
 49 
 50         char                    name[12];
 51         int                     id;
 52         unsigned long           flags;
 53         int                     err;
 54 
 55         unsigned long           status;         /* don't export to userspace */
 56 
 57         bdaddr_t                src;
 58         bdaddr_t                dst;
 59         u8                      channel;
 60 
 61         uint                    modem_status;
 62 
 63         struct rfcomm_dlc       *dlc;
 64 
 65         struct device           *tty_dev;
 66 
 67         atomic_t                wmem_alloc;
 68 
 69         struct sk_buff_head     pending;
 70 };
 71 
 72 static LIST_HEAD(rfcomm_dev_list);
 73 static DEFINE_MUTEX(rfcomm_dev_lock);
 74 
 75 static void rfcomm_dev_data_ready(struct rfcomm_dlc *dlc, struct sk_buff *skb);
 76 static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err);
 77 static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig);
 78 
 79 /* ---- Device functions ---- */
 80 
 81 static void rfcomm_dev_destruct(struct tty_port *port)
 82 {
 83         struct rfcomm_dev *dev = container_of(port, struct rfcomm_dev, port);
 84         struct rfcomm_dlc *dlc = dev->dlc;
 85 
 86         BT_DBG("dev %p dlc %p", dev, dlc);
 87 
 88         rfcomm_dlc_lock(dlc);
 89         /* Detach DLC if it's owned by this dev */
 90         if (dlc->owner == dev)
 91                 dlc->owner = NULL;
 92         rfcomm_dlc_unlock(dlc);
 93 
 94         rfcomm_dlc_put(dlc);
 95 
 96         if (dev->tty_dev)
 97                 tty_unregister_device(rfcomm_tty_driver, dev->id);
 98 
 99         mutex_lock(&rfcomm_dev_lock);
100         list_del(&dev->list);
101         mutex_unlock(&rfcomm_dev_lock);
102 
103         kfree(dev);
104 
105         /* It's safe to call module_put() here because socket still
106            holds reference to this module. */
107         module_put(THIS_MODULE);
108 }
109 
110 /* device-specific initialization: open the dlc */
111 static int rfcomm_dev_activate(struct tty_port *port, struct tty_struct *tty)
112 {
113         struct rfcomm_dev *dev = container_of(port, struct rfcomm_dev, port);
114         int err;
115 
116         err = rfcomm_dlc_open(dev->dlc, &dev->src, &dev->dst, dev->channel);
117         if (err)
118                 set_bit(TTY_IO_ERROR, &tty->flags);
119         return err;
120 }
121 
122 /* we block the open until the dlc->state becomes BT_CONNECTED */
123 static int rfcomm_dev_carrier_raised(struct tty_port *port)
124 {
125         struct rfcomm_dev *dev = container_of(port, struct rfcomm_dev, port);
126 
127         return (dev->dlc->state == BT_CONNECTED);
128 }
129 
130 /* device-specific cleanup: close the dlc */
131 static void rfcomm_dev_shutdown(struct tty_port *port)
132 {
133         struct rfcomm_dev *dev = container_of(port, struct rfcomm_dev, port);
134 
135         if (dev->tty_dev->parent)
136                 device_move(dev->tty_dev, NULL, DPM_ORDER_DEV_LAST);
137 
138         /* close the dlc */
139         rfcomm_dlc_close(dev->dlc, 0);
140 }
141 
142 static const struct tty_port_operations rfcomm_port_ops = {
143         .destruct = rfcomm_dev_destruct,
144         .activate = rfcomm_dev_activate,
145         .shutdown = rfcomm_dev_shutdown,
146         .carrier_raised = rfcomm_dev_carrier_raised,
147 };
148 
149 static struct rfcomm_dev *__rfcomm_dev_lookup(int id)
150 {
151         struct rfcomm_dev *dev;
152 
153         list_for_each_entry(dev, &rfcomm_dev_list, list)
154                 if (dev->id == id)
155                         return dev;
156 
157         return NULL;
158 }
159 
160 static struct rfcomm_dev *rfcomm_dev_get(int id)
161 {
162         struct rfcomm_dev *dev;
163 
164         mutex_lock(&rfcomm_dev_lock);
165 
166         dev = __rfcomm_dev_lookup(id);
167 
168         if (dev && !tty_port_get(&dev->port))
169                 dev = NULL;
170 
171         mutex_unlock(&rfcomm_dev_lock);
172 
173         return dev;
174 }
175 
176 static void rfcomm_reparent_device(struct rfcomm_dev *dev)
177 {
178         struct hci_dev *hdev;
179         struct hci_conn *conn;
180 
181         hdev = hci_get_route(&dev->dst, &dev->src, BDADDR_BREDR);
182         if (!hdev)
183                 return;
184 
185         /* The lookup results are unsafe to access without the
186          * hci device lock (FIXME: why is this not documented?)
187          */
188         hci_dev_lock(hdev);
189         conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &dev->dst);
190 
191         /* Just because the acl link is in the hash table is no
192          * guarantee the sysfs device has been added ...
193          */
194         if (conn && device_is_registered(&conn->dev))
195                 device_move(dev->tty_dev, &conn->dev, DPM_ORDER_DEV_AFTER_PARENT);
196 
197         hci_dev_unlock(hdev);
198         hci_dev_put(hdev);
199 }
200 
201 static ssize_t show_address(struct device *tty_dev, struct device_attribute *attr, char *buf)
202 {
203         struct rfcomm_dev *dev = dev_get_drvdata(tty_dev);
204         return sprintf(buf, "%pMR\n", &dev->dst);
205 }
206 
207 static ssize_t show_channel(struct device *tty_dev, struct device_attribute *attr, char *buf)
208 {
209         struct rfcomm_dev *dev = dev_get_drvdata(tty_dev);
210         return sprintf(buf, "%d\n", dev->channel);
211 }
212 
213 static DEVICE_ATTR(address, S_IRUGO, show_address, NULL);
214 static DEVICE_ATTR(channel, S_IRUGO, show_channel, NULL);
215 
216 static struct rfcomm_dev *__rfcomm_dev_add(struct rfcomm_dev_req *req,
217                                            struct rfcomm_dlc *dlc)
218 {
219         struct rfcomm_dev *dev, *entry;
220         struct list_head *head = &rfcomm_dev_list;
221         int err = 0;
222 
223         dev = kzalloc(sizeof(struct rfcomm_dev), GFP_KERNEL);
224         if (!dev)
225                 return ERR_PTR(-ENOMEM);
226 
227         mutex_lock(&rfcomm_dev_lock);
228 
229         if (req->dev_id < 0) {
230                 dev->id = 0;
231 
232                 list_for_each_entry(entry, &rfcomm_dev_list, list) {
233                         if (entry->id != dev->id)
234                                 break;
235 
236                         dev->id++;
237                         head = &entry->list;
238                 }
239         } else {
240                 dev->id = req->dev_id;
241 
242                 list_for_each_entry(entry, &rfcomm_dev_list, list) {
243                         if (entry->id == dev->id) {
244                                 err = -EADDRINUSE;
245                                 goto out;
246                         }
247 
248                         if (entry->id > dev->id - 1)
249                                 break;
250 
251                         head = &entry->list;
252                 }
253         }
254 
255         if ((dev->id < 0) || (dev->id > RFCOMM_MAX_DEV - 1)) {
256                 err = -ENFILE;
257                 goto out;
258         }
259 
260         sprintf(dev->name, "rfcomm%d", dev->id);
261 
262         list_add(&dev->list, head);
263 
264         bacpy(&dev->src, &req->src);
265         bacpy(&dev->dst, &req->dst);
266         dev->channel = req->channel;
267 
268         dev->flags = req->flags &
269                 ((1 << RFCOMM_RELEASE_ONHUP) | (1 << RFCOMM_REUSE_DLC));
270 
271         tty_port_init(&dev->port);
272         dev->port.ops = &rfcomm_port_ops;
273 
274         skb_queue_head_init(&dev->pending);
275 
276         rfcomm_dlc_lock(dlc);
277 
278         if (req->flags & (1 << RFCOMM_REUSE_DLC)) {
279                 struct sock *sk = dlc->owner;
280                 struct sk_buff *skb;
281 
282                 BUG_ON(!sk);
283 
284                 rfcomm_dlc_throttle(dlc);
285 
286                 while ((skb = skb_dequeue(&sk->sk_receive_queue))) {
287                         skb_orphan(skb);
288                         skb_queue_tail(&dev->pending, skb);
289                         atomic_sub(skb->len, &sk->sk_rmem_alloc);
290                 }
291         }
292 
293         dlc->data_ready   = rfcomm_dev_data_ready;
294         dlc->state_change = rfcomm_dev_state_change;
295         dlc->modem_status = rfcomm_dev_modem_status;
296 
297         dlc->owner = dev;
298         dev->dlc   = dlc;
299 
300         rfcomm_dev_modem_status(dlc, dlc->remote_v24_sig);
301 
302         rfcomm_dlc_unlock(dlc);
303 
304         /* It's safe to call __module_get() here because socket already
305            holds reference to this module. */
306         __module_get(THIS_MODULE);
307 
308         mutex_unlock(&rfcomm_dev_lock);
309         return dev;
310 
311 out:
312         mutex_unlock(&rfcomm_dev_lock);
313         kfree(dev);
314         return ERR_PTR(err);
315 }
316 
317 static int rfcomm_dev_add(struct rfcomm_dev_req *req, struct rfcomm_dlc *dlc)
318 {
319         struct rfcomm_dev *dev;
320         struct device *tty;
321 
322         BT_DBG("id %d channel %d", req->dev_id, req->channel);
323 
324         dev = __rfcomm_dev_add(req, dlc);
325         if (IS_ERR(dev)) {
326                 rfcomm_dlc_put(dlc);
327                 return PTR_ERR(dev);
328         }
329 
330         tty = tty_port_register_device(&dev->port, rfcomm_tty_driver,
331                         dev->id, NULL);
332         if (IS_ERR(tty)) {
333                 tty_port_put(&dev->port);
334                 return PTR_ERR(tty);
335         }
336 
337         dev->tty_dev = tty;
338         rfcomm_reparent_device(dev);
339         dev_set_drvdata(dev->tty_dev, dev);
340 
341         if (device_create_file(dev->tty_dev, &dev_attr_address) < 0)
342                 BT_ERR("Failed to create address attribute");
343 
344         if (device_create_file(dev->tty_dev, &dev_attr_channel) < 0)
345                 BT_ERR("Failed to create channel attribute");
346 
347         return dev->id;
348 }
349 
350 /* ---- Send buffer ---- */
351 static inline unsigned int rfcomm_room(struct rfcomm_dev *dev)
352 {
353         struct rfcomm_dlc *dlc = dev->dlc;
354 
355         /* Limit the outstanding number of packets not yet sent to 40 */
356         int pending = 40 - atomic_read(&dev->wmem_alloc);
357 
358         return max(0, pending) * dlc->mtu;
359 }
360 
361 static void rfcomm_wfree(struct sk_buff *skb)
362 {
363         struct rfcomm_dev *dev = (void *) skb->sk;
364         atomic_dec(&dev->wmem_alloc);
365         if (test_bit(RFCOMM_TTY_ATTACHED, &dev->flags))
366                 tty_port_tty_wakeup(&dev->port);
367         tty_port_put(&dev->port);
368 }
369 
370 static void rfcomm_set_owner_w(struct sk_buff *skb, struct rfcomm_dev *dev)
371 {
372         tty_port_get(&dev->port);
373         atomic_inc(&dev->wmem_alloc);
374         skb->sk = (void *) dev;
375         skb->destructor = rfcomm_wfree;
376 }
377 
378 static struct sk_buff *rfcomm_wmalloc(struct rfcomm_dev *dev, unsigned long size, gfp_t priority)
379 {
380         struct sk_buff *skb = alloc_skb(size, priority);
381         if (skb)
382                 rfcomm_set_owner_w(skb, dev);
383         return skb;
384 }
385 
386 /* ---- Device IOCTLs ---- */
387 
388 #define NOCAP_FLAGS ((1 << RFCOMM_REUSE_DLC) | (1 << RFCOMM_RELEASE_ONHUP))
389 
390 static int __rfcomm_create_dev(struct sock *sk, void __user *arg)
391 {
392         struct rfcomm_dev_req req;
393         struct rfcomm_dlc *dlc;
394         int id;
395 
396         if (copy_from_user(&req, arg, sizeof(req)))
397                 return -EFAULT;
398 
399         BT_DBG("sk %p dev_id %d flags 0x%x", sk, req.dev_id, req.flags);
400 
401         if (req.flags != NOCAP_FLAGS && !capable(CAP_NET_ADMIN))
402                 return -EPERM;
403 
404         if (req.flags & (1 << RFCOMM_REUSE_DLC)) {
405                 /* Socket must be connected */
406                 if (sk->sk_state != BT_CONNECTED)
407                         return -EBADFD;
408 
409                 dlc = rfcomm_pi(sk)->dlc;
410                 rfcomm_dlc_hold(dlc);
411         } else {
412                 /* Validate the channel is unused */
413                 dlc = rfcomm_dlc_exists(&req.src, &req.dst, req.channel);
414                 if (IS_ERR(dlc))
415                         return PTR_ERR(dlc);
416                 else if (dlc) {
417                         rfcomm_dlc_put(dlc);
418                         return -EBUSY;
419                 }
420                 dlc = rfcomm_dlc_alloc(GFP_KERNEL);
421                 if (!dlc)
422                         return -ENOMEM;
423         }
424 
425         id = rfcomm_dev_add(&req, dlc);
426         if (id < 0)
427                 return id;
428 
429         if (req.flags & (1 << RFCOMM_REUSE_DLC)) {
430                 /* DLC is now used by device.
431                  * Socket must be disconnected */
432                 sk->sk_state = BT_CLOSED;
433         }
434 
435         return id;
436 }
437 
438 static int __rfcomm_release_dev(void __user *arg)
439 {
440         struct rfcomm_dev_req req;
441         struct rfcomm_dev *dev;
442         struct tty_struct *tty;
443 
444         if (copy_from_user(&req, arg, sizeof(req)))
445                 return -EFAULT;
446 
447         BT_DBG("dev_id %d flags 0x%x", req.dev_id, req.flags);
448 
449         dev = rfcomm_dev_get(req.dev_id);
450         if (!dev)
451                 return -ENODEV;
452 
453         if (dev->flags != NOCAP_FLAGS && !capable(CAP_NET_ADMIN)) {
454                 tty_port_put(&dev->port);
455                 return -EPERM;
456         }
457 
458         /* only release once */
459         if (test_and_set_bit(RFCOMM_DEV_RELEASED, &dev->status)) {
460                 tty_port_put(&dev->port);
461                 return -EALREADY;
462         }
463 
464         if (req.flags & (1 << RFCOMM_HANGUP_NOW))
465                 rfcomm_dlc_close(dev->dlc, 0);
466 
467         /* Shut down TTY synchronously before freeing rfcomm_dev */
468         tty = tty_port_tty_get(&dev->port);
469         if (tty) {
470                 tty_vhangup(tty);
471                 tty_kref_put(tty);
472         }
473 
474         if (!test_bit(RFCOMM_TTY_OWNED, &dev->status))
475                 tty_port_put(&dev->port);
476 
477         tty_port_put(&dev->port);
478         return 0;
479 }
480 
481 static int rfcomm_create_dev(struct sock *sk, void __user *arg)
482 {
483         int ret;
484 
485         mutex_lock(&rfcomm_ioctl_mutex);
486         ret = __rfcomm_create_dev(sk, arg);
487         mutex_unlock(&rfcomm_ioctl_mutex);
488 
489         return ret;
490 }
491 
492 static int rfcomm_release_dev(void __user *arg)
493 {
494         int ret;
495 
496         mutex_lock(&rfcomm_ioctl_mutex);
497         ret = __rfcomm_release_dev(arg);
498         mutex_unlock(&rfcomm_ioctl_mutex);
499 
500         return ret;
501 }
502 
503 static int rfcomm_get_dev_list(void __user *arg)
504 {
505         struct rfcomm_dev *dev;
506         struct rfcomm_dev_list_req *dl;
507         struct rfcomm_dev_info *di;
508         int n = 0, size, err;
509         u16 dev_num;
510 
511         BT_DBG("");
512 
513         if (get_user(dev_num, (u16 __user *) arg))
514                 return -EFAULT;
515 
516         if (!dev_num || dev_num > (PAGE_SIZE * 4) / sizeof(*di))
517                 return -EINVAL;
518 
519         size = sizeof(*dl) + dev_num * sizeof(*di);
520 
521         dl = kzalloc(size, GFP_KERNEL);
522         if (!dl)
523                 return -ENOMEM;
524 
525         di = dl->dev_info;
526 
527         mutex_lock(&rfcomm_dev_lock);
528 
529         list_for_each_entry(dev, &rfcomm_dev_list, list) {
530                 if (!tty_port_get(&dev->port))
531                         continue;
532                 (di + n)->id      = dev->id;
533                 (di + n)->flags   = dev->flags;
534                 (di + n)->state   = dev->dlc->state;
535                 (di + n)->channel = dev->channel;
536                 bacpy(&(di + n)->src, &dev->src);
537                 bacpy(&(di + n)->dst, &dev->dst);
538                 tty_port_put(&dev->port);
539                 if (++n >= dev_num)
540                         break;
541         }
542 
543         mutex_unlock(&rfcomm_dev_lock);
544 
545         dl->dev_num = n;
546         size = sizeof(*dl) + n * sizeof(*di);
547 
548         err = copy_to_user(arg, dl, size);
549         kfree(dl);
550 
551         return err ? -EFAULT : 0;
552 }
553 
554 static int rfcomm_get_dev_info(void __user *arg)
555 {
556         struct rfcomm_dev *dev;
557         struct rfcomm_dev_info di;
558         int err = 0;
559 
560         BT_DBG("");
561 
562         if (copy_from_user(&di, arg, sizeof(di)))
563                 return -EFAULT;
564 
565         dev = rfcomm_dev_get(di.id);
566         if (!dev)
567                 return -ENODEV;
568 
569         di.flags   = dev->flags;
570         di.channel = dev->channel;
571         di.state   = dev->dlc->state;
572         bacpy(&di.src, &dev->src);
573         bacpy(&di.dst, &dev->dst);
574 
575         if (copy_to_user(arg, &di, sizeof(di)))
576                 err = -EFAULT;
577 
578         tty_port_put(&dev->port);
579         return err;
580 }
581 
582 int rfcomm_dev_ioctl(struct sock *sk, unsigned int cmd, void __user *arg)
583 {
584         BT_DBG("cmd %d arg %p", cmd, arg);
585 
586         switch (cmd) {
587         case RFCOMMCREATEDEV:
588                 return rfcomm_create_dev(sk, arg);
589 
590         case RFCOMMRELEASEDEV:
591                 return rfcomm_release_dev(arg);
592 
593         case RFCOMMGETDEVLIST:
594                 return rfcomm_get_dev_list(arg);
595 
596         case RFCOMMGETDEVINFO:
597                 return rfcomm_get_dev_info(arg);
598         }
599 
600         return -EINVAL;
601 }
602 
603 /* ---- DLC callbacks ---- */
604 static void rfcomm_dev_data_ready(struct rfcomm_dlc *dlc, struct sk_buff *skb)
605 {
606         struct rfcomm_dev *dev = dlc->owner;
607 
608         if (!dev) {
609                 kfree_skb(skb);
610                 return;
611         }
612 
613         if (!skb_queue_empty(&dev->pending)) {
614                 skb_queue_tail(&dev->pending, skb);
615                 return;
616         }
617 
618         BT_DBG("dlc %p len %d", dlc, skb->len);
619 
620         tty_insert_flip_string(&dev->port, skb->data, skb->len);
621         tty_flip_buffer_push(&dev->port);
622 
623         kfree_skb(skb);
624 }
625 
626 static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err)
627 {
628         struct rfcomm_dev *dev = dlc->owner;
629         if (!dev)
630                 return;
631 
632         BT_DBG("dlc %p dev %p err %d", dlc, dev, err);
633 
634         dev->err = err;
635         if (dlc->state == BT_CONNECTED) {
636                 rfcomm_reparent_device(dev);
637 
638                 wake_up_interruptible(&dev->port.open_wait);
639         } else if (dlc->state == BT_CLOSED)
640                 tty_port_tty_hangup(&dev->port, false);
641 }
642 
643 static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig)
644 {
645         struct rfcomm_dev *dev = dlc->owner;
646         if (!dev)
647                 return;
648 
649         BT_DBG("dlc %p dev %p v24_sig 0x%02x", dlc, dev, v24_sig);
650 
651         if ((dev->modem_status & TIOCM_CD) && !(v24_sig & RFCOMM_V24_DV))
652                 tty_port_tty_hangup(&dev->port, true);
653 
654         dev->modem_status =
655                 ((v24_sig & RFCOMM_V24_RTC) ? (TIOCM_DSR | TIOCM_DTR) : 0) |
656                 ((v24_sig & RFCOMM_V24_RTR) ? (TIOCM_RTS | TIOCM_CTS) : 0) |
657                 ((v24_sig & RFCOMM_V24_IC)  ? TIOCM_RI : 0) |
658                 ((v24_sig & RFCOMM_V24_DV)  ? TIOCM_CD : 0);
659 }
660 
661 /* ---- TTY functions ---- */
662 static void rfcomm_tty_copy_pending(struct rfcomm_dev *dev)
663 {
664         struct sk_buff *skb;
665         int inserted = 0;
666 
667         BT_DBG("dev %p", dev);
668 
669         rfcomm_dlc_lock(dev->dlc);
670 
671         while ((skb = skb_dequeue(&dev->pending))) {
672                 inserted += tty_insert_flip_string(&dev->port, skb->data,
673                                 skb->len);
674                 kfree_skb(skb);
675         }
676 
677         rfcomm_dlc_unlock(dev->dlc);
678 
679         if (inserted > 0)
680                 tty_flip_buffer_push(&dev->port);
681 }
682 
683 /* do the reverse of install, clearing the tty fields and releasing the
684  * reference to tty_port
685  */
686 static void rfcomm_tty_cleanup(struct tty_struct *tty)
687 {
688         struct rfcomm_dev *dev = tty->driver_data;
689 
690         clear_bit(RFCOMM_TTY_ATTACHED, &dev->flags);
691 
692         rfcomm_dlc_lock(dev->dlc);
693         tty->driver_data = NULL;
694         rfcomm_dlc_unlock(dev->dlc);
695 
696         /*
697          * purge the dlc->tx_queue to avoid circular dependencies
698          * between dev and dlc
699          */
700         skb_queue_purge(&dev->dlc->tx_queue);
701 
702         tty_port_put(&dev->port);
703 }
704 
705 /* we acquire the tty_port reference since it's here the tty is first used
706  * by setting the termios. We also populate the driver_data field and install
707  * the tty port
708  */
709 static int rfcomm_tty_install(struct tty_driver *driver, struct tty_struct *tty)
710 {
711         struct rfcomm_dev *dev;
712         struct rfcomm_dlc *dlc;
713         int err;
714 
715         dev = rfcomm_dev_get(tty->index);
716         if (!dev)
717                 return -ENODEV;
718 
719         dlc = dev->dlc;
720 
721         /* Attach TTY and open DLC */
722         rfcomm_dlc_lock(dlc);
723         tty->driver_data = dev;
724         rfcomm_dlc_unlock(dlc);
725         set_bit(RFCOMM_TTY_ATTACHED, &dev->flags);
726 
727         /* install the tty_port */
728         err = tty_port_install(&dev->port, driver, tty);
729         if (err) {
730                 rfcomm_tty_cleanup(tty);
731                 return err;
732         }
733 
734         /* take over the tty_port reference if the port was created with the
735          * flag RFCOMM_RELEASE_ONHUP. This will force the release of the port
736          * when the last process closes the tty. The behaviour is expected by
737          * userspace.
738          */
739         if (test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags)) {
740                 set_bit(RFCOMM_TTY_OWNED, &dev->status);
741                 tty_port_put(&dev->port);
742         }
743 
744         return 0;
745 }
746 
747 static int rfcomm_tty_open(struct tty_struct *tty, struct file *filp)
748 {
749         struct rfcomm_dev *dev = tty->driver_data;
750         int err;
751 
752         BT_DBG("tty %p id %d", tty, tty->index);
753 
754         BT_DBG("dev %p dst %pMR channel %d opened %d", dev, &dev->dst,
755                dev->channel, dev->port.count);
756 
757         err = tty_port_open(&dev->port, tty, filp);
758         if (err)
759                 return err;
760 
761         /*
762          * FIXME: rfcomm should use proper flow control for
763          * received data. This hack will be unnecessary and can
764          * be removed when that's implemented
765          */
766         rfcomm_tty_copy_pending(dev);
767 
768         rfcomm_dlc_unthrottle(dev->dlc);
769 
770         return 0;
771 }
772 
773 static void rfcomm_tty_close(struct tty_struct *tty, struct file *filp)
774 {
775         struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
776 
777         BT_DBG("tty %p dev %p dlc %p opened %d", tty, dev, dev->dlc,
778                                                 dev->port.count);
779 
780         tty_port_close(&dev->port, tty, filp);
781 }
782 
783 static int rfcomm_tty_write(struct tty_struct *tty, const unsigned char *buf, int count)
784 {
785         struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
786         struct rfcomm_dlc *dlc = dev->dlc;
787         struct sk_buff *skb;
788         int sent = 0, size;
789 
790         BT_DBG("tty %p count %d", tty, count);
791 
792         while (count) {
793                 size = min_t(uint, count, dlc->mtu);
794 
795                 skb = rfcomm_wmalloc(dev, size + RFCOMM_SKB_RESERVE, GFP_ATOMIC);
796                 if (!skb)
797                         break;
798 
799                 skb_reserve(skb, RFCOMM_SKB_HEAD_RESERVE);
800 
801                 memcpy(skb_put(skb, size), buf + sent, size);
802 
803                 rfcomm_dlc_send_noerror(dlc, skb);
804 
805                 sent  += size;
806                 count -= size;
807         }
808 
809         return sent;
810 }
811 
812 static int rfcomm_tty_write_room(struct tty_struct *tty)
813 {
814         struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
815         int room = 0;
816 
817         if (dev && dev->dlc)
818                 room = rfcomm_room(dev);
819 
820         BT_DBG("tty %p room %d", tty, room);
821 
822         return room;
823 }
824 
825 static int rfcomm_tty_ioctl(struct tty_struct *tty, unsigned int cmd, unsigned long arg)
826 {
827         BT_DBG("tty %p cmd 0x%02x", tty, cmd);
828 
829         switch (cmd) {
830         case TCGETS:
831                 BT_DBG("TCGETS is not supported");
832                 return -ENOIOCTLCMD;
833 
834         case TCSETS:
835                 BT_DBG("TCSETS is not supported");
836                 return -ENOIOCTLCMD;
837 
838         case TIOCMIWAIT:
839                 BT_DBG("TIOCMIWAIT");
840                 break;
841 
842         case TIOCGSERIAL:
843                 BT_ERR("TIOCGSERIAL is not supported");
844                 return -ENOIOCTLCMD;
845 
846         case TIOCSSERIAL:
847                 BT_ERR("TIOCSSERIAL is not supported");
848                 return -ENOIOCTLCMD;
849 
850         case TIOCSERGSTRUCT:
851                 BT_ERR("TIOCSERGSTRUCT is not supported");
852                 return -ENOIOCTLCMD;
853 
854         case TIOCSERGETLSR:
855                 BT_ERR("TIOCSERGETLSR is not supported");
856                 return -ENOIOCTLCMD;
857 
858         case TIOCSERCONFIG:
859                 BT_ERR("TIOCSERCONFIG is not supported");
860                 return -ENOIOCTLCMD;
861 
862         default:
863                 return -ENOIOCTLCMD;    /* ioctls which we must ignore */
864 
865         }
866 
867         return -ENOIOCTLCMD;
868 }
869 
870 static void rfcomm_tty_set_termios(struct tty_struct *tty, struct ktermios *old)
871 {
872         struct ktermios *new = &tty->termios;
873         int old_baud_rate = tty_termios_baud_rate(old);
874         int new_baud_rate = tty_termios_baud_rate(new);
875 
876         u8 baud, data_bits, stop_bits, parity, x_on, x_off;
877         u16 changes = 0;
878 
879         struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
880 
881         BT_DBG("tty %p termios %p", tty, old);
882 
883         if (!dev || !dev->dlc || !dev->dlc->session)
884                 return;
885 
886         /* Handle turning off CRTSCTS */
887         if ((old->c_cflag & CRTSCTS) && !(new->c_cflag & CRTSCTS))
888                 BT_DBG("Turning off CRTSCTS unsupported");
889 
890         /* Parity on/off and when on, odd/even */
891         if (((old->c_cflag & PARENB) != (new->c_cflag & PARENB)) ||
892                         ((old->c_cflag & PARODD) != (new->c_cflag & PARODD))) {
893                 changes |= RFCOMM_RPN_PM_PARITY;
894                 BT_DBG("Parity change detected.");
895         }
896 
897         /* Mark and space parity are not supported! */
898         if (new->c_cflag & PARENB) {
899                 if (new->c_cflag & PARODD) {
900                         BT_DBG("Parity is ODD");
901                         parity = RFCOMM_RPN_PARITY_ODD;
902                 } else {
903                         BT_DBG("Parity is EVEN");
904                         parity = RFCOMM_RPN_PARITY_EVEN;
905                 }
906         } else {
907                 BT_DBG("Parity is OFF");
908                 parity = RFCOMM_RPN_PARITY_NONE;
909         }
910 
911         /* Setting the x_on / x_off characters */
912         if (old->c_cc[VSTOP] != new->c_cc[VSTOP]) {
913                 BT_DBG("XOFF custom");
914                 x_on = new->c_cc[VSTOP];
915                 changes |= RFCOMM_RPN_PM_XON;
916         } else {
917                 BT_DBG("XOFF default");
918                 x_on = RFCOMM_RPN_XON_CHAR;
919         }
920 
921         if (old->c_cc[VSTART] != new->c_cc[VSTART]) {
922                 BT_DBG("XON custom");
923                 x_off = new->c_cc[VSTART];
924                 changes |= RFCOMM_RPN_PM_XOFF;
925         } else {
926                 BT_DBG("XON default");
927                 x_off = RFCOMM_RPN_XOFF_CHAR;
928         }
929 
930         /* Handle setting of stop bits */
931         if ((old->c_cflag & CSTOPB) != (new->c_cflag & CSTOPB))
932                 changes |= RFCOMM_RPN_PM_STOP;
933 
934         /* POSIX does not support 1.5 stop bits and RFCOMM does not
935          * support 2 stop bits. So a request for 2 stop bits gets
936          * translated to 1.5 stop bits */
937         if (new->c_cflag & CSTOPB)
938                 stop_bits = RFCOMM_RPN_STOP_15;
939         else
940                 stop_bits = RFCOMM_RPN_STOP_1;
941 
942         /* Handle number of data bits [5-8] */
943         if ((old->c_cflag & CSIZE) != (new->c_cflag & CSIZE))
944                 changes |= RFCOMM_RPN_PM_DATA;
945 
946         switch (new->c_cflag & CSIZE) {
947         case CS5:
948                 data_bits = RFCOMM_RPN_DATA_5;
949                 break;
950         case CS6:
951                 data_bits = RFCOMM_RPN_DATA_6;
952                 break;
953         case CS7:
954                 data_bits = RFCOMM_RPN_DATA_7;
955                 break;
956         case CS8:
957                 data_bits = RFCOMM_RPN_DATA_8;
958                 break;
959         default:
960                 data_bits = RFCOMM_RPN_DATA_8;
961                 break;
962         }
963 
964         /* Handle baudrate settings */
965         if (old_baud_rate != new_baud_rate)
966                 changes |= RFCOMM_RPN_PM_BITRATE;
967 
968         switch (new_baud_rate) {
969         case 2400:
970                 baud = RFCOMM_RPN_BR_2400;
971                 break;
972         case 4800:
973                 baud = RFCOMM_RPN_BR_4800;
974                 break;
975         case 7200:
976                 baud = RFCOMM_RPN_BR_7200;
977                 break;
978         case 9600:
979                 baud = RFCOMM_RPN_BR_9600;
980                 break;
981         case 19200:
982                 baud = RFCOMM_RPN_BR_19200;
983                 break;
984         case 38400:
985                 baud = RFCOMM_RPN_BR_38400;
986                 break;
987         case 57600:
988                 baud = RFCOMM_RPN_BR_57600;
989                 break;
990         case 115200:
991                 baud = RFCOMM_RPN_BR_115200;
992                 break;
993         case 230400:
994                 baud = RFCOMM_RPN_BR_230400;
995                 break;
996         default:
997                 /* 9600 is standard accordinag to the RFCOMM specification */
998                 baud = RFCOMM_RPN_BR_9600;
999                 break;
1000 
1001         }
1002 
1003         if (changes)
1004                 rfcomm_send_rpn(dev->dlc->session, 1, dev->dlc->dlci, baud,
1005                                 data_bits, stop_bits, parity,
1006                                 RFCOMM_RPN_FLOW_NONE, x_on, x_off, changes);
1007 }
1008 
1009 static void rfcomm_tty_throttle(struct tty_struct *tty)
1010 {
1011         struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1012 
1013         BT_DBG("tty %p dev %p", tty, dev);
1014 
1015         rfcomm_dlc_throttle(dev->dlc);
1016 }
1017 
1018 static void rfcomm_tty_unthrottle(struct tty_struct *tty)
1019 {
1020         struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1021 
1022         BT_DBG("tty %p dev %p", tty, dev);
1023 
1024         rfcomm_dlc_unthrottle(dev->dlc);
1025 }
1026 
1027 static int rfcomm_tty_chars_in_buffer(struct tty_struct *tty)
1028 {
1029         struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1030 
1031         BT_DBG("tty %p dev %p", tty, dev);
1032 
1033         if (!dev || !dev->dlc)
1034                 return 0;
1035 
1036         if (!skb_queue_empty(&dev->dlc->tx_queue))
1037                 return dev->dlc->mtu;
1038 
1039         return 0;
1040 }
1041 
1042 static void rfcomm_tty_flush_buffer(struct tty_struct *tty)
1043 {
1044         struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1045 
1046         BT_DBG("tty %p dev %p", tty, dev);
1047 
1048         if (!dev || !dev->dlc)
1049                 return;
1050 
1051         skb_queue_purge(&dev->dlc->tx_queue);
1052         tty_wakeup(tty);
1053 }
1054 
1055 static void rfcomm_tty_send_xchar(struct tty_struct *tty, char ch)
1056 {
1057         BT_DBG("tty %p ch %c", tty, ch);
1058 }
1059 
1060 static void rfcomm_tty_wait_until_sent(struct tty_struct *tty, int timeout)
1061 {
1062         BT_DBG("tty %p timeout %d", tty, timeout);
1063 }
1064 
1065 static void rfcomm_tty_hangup(struct tty_struct *tty)
1066 {
1067         struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1068 
1069         BT_DBG("tty %p dev %p", tty, dev);
1070 
1071         tty_port_hangup(&dev->port);
1072 }
1073 
1074 static int rfcomm_tty_tiocmget(struct tty_struct *tty)
1075 {
1076         struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1077 
1078         BT_DBG("tty %p dev %p", tty, dev);
1079 
1080         return dev->modem_status;
1081 }
1082 
1083 static int rfcomm_tty_tiocmset(struct tty_struct *tty, unsigned int set, unsigned int clear)
1084 {
1085         struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1086         struct rfcomm_dlc *dlc = dev->dlc;
1087         u8 v24_sig;
1088 
1089         BT_DBG("tty %p dev %p set 0x%02x clear 0x%02x", tty, dev, set, clear);
1090 
1091         rfcomm_dlc_get_modem_status(dlc, &v24_sig);
1092 
1093         if (set & TIOCM_DSR || set & TIOCM_DTR)
1094                 v24_sig |= RFCOMM_V24_RTC;
1095         if (set & TIOCM_RTS || set & TIOCM_CTS)
1096                 v24_sig |= RFCOMM_V24_RTR;
1097         if (set & TIOCM_RI)
1098                 v24_sig |= RFCOMM_V24_IC;
1099         if (set & TIOCM_CD)
1100                 v24_sig |= RFCOMM_V24_DV;
1101 
1102         if (clear & TIOCM_DSR || clear & TIOCM_DTR)
1103                 v24_sig &= ~RFCOMM_V24_RTC;
1104         if (clear & TIOCM_RTS || clear & TIOCM_CTS)
1105                 v24_sig &= ~RFCOMM_V24_RTR;
1106         if (clear & TIOCM_RI)
1107                 v24_sig &= ~RFCOMM_V24_IC;
1108         if (clear & TIOCM_CD)
1109                 v24_sig &= ~RFCOMM_V24_DV;
1110 
1111         rfcomm_dlc_set_modem_status(dlc, v24_sig);
1112 
1113         return 0;
1114 }
1115 
1116 /* ---- TTY structure ---- */
1117 
1118 static const struct tty_operations rfcomm_ops = {
1119         .open                   = rfcomm_tty_open,
1120         .close                  = rfcomm_tty_close,
1121         .write                  = rfcomm_tty_write,
1122         .write_room             = rfcomm_tty_write_room,
1123         .chars_in_buffer        = rfcomm_tty_chars_in_buffer,
1124         .flush_buffer           = rfcomm_tty_flush_buffer,
1125         .ioctl                  = rfcomm_tty_ioctl,
1126         .throttle               = rfcomm_tty_throttle,
1127         .unthrottle             = rfcomm_tty_unthrottle,
1128         .set_termios            = rfcomm_tty_set_termios,
1129         .send_xchar             = rfcomm_tty_send_xchar,
1130         .hangup                 = rfcomm_tty_hangup,
1131         .wait_until_sent        = rfcomm_tty_wait_until_sent,
1132         .tiocmget               = rfcomm_tty_tiocmget,
1133         .tiocmset               = rfcomm_tty_tiocmset,
1134         .install                = rfcomm_tty_install,
1135         .cleanup                = rfcomm_tty_cleanup,
1136 };
1137 
1138 int __init rfcomm_init_ttys(void)
1139 {
1140         int error;
1141 
1142         rfcomm_tty_driver = alloc_tty_driver(RFCOMM_TTY_PORTS);
1143         if (!rfcomm_tty_driver)
1144                 return -ENOMEM;
1145 
1146         rfcomm_tty_driver->driver_name  = "rfcomm";
1147         rfcomm_tty_driver->name         = "rfcomm";
1148         rfcomm_tty_driver->major        = RFCOMM_TTY_MAJOR;
1149         rfcomm_tty_driver->minor_start  = RFCOMM_TTY_MINOR;
1150         rfcomm_tty_driver->type         = TTY_DRIVER_TYPE_SERIAL;
1151         rfcomm_tty_driver->subtype      = SERIAL_TYPE_NORMAL;
1152         rfcomm_tty_driver->flags        = TTY_DRIVER_REAL_RAW | TTY_DRIVER_DYNAMIC_DEV;
1153         rfcomm_tty_driver->init_termios = tty_std_termios;
1154         rfcomm_tty_driver->init_termios.c_cflag = B9600 | CS8 | CREAD | HUPCL;
1155         rfcomm_tty_driver->init_termios.c_lflag &= ~ICANON;
1156         tty_set_operations(rfcomm_tty_driver, &rfcomm_ops);
1157 
1158         error = tty_register_driver(rfcomm_tty_driver);
1159         if (error) {
1160                 BT_ERR("Can't register RFCOMM TTY driver");
1161                 put_tty_driver(rfcomm_tty_driver);
1162                 return error;
1163         }
1164 
1165         BT_INFO("RFCOMM TTY layer initialized");
1166 
1167         return 0;
1168 }
1169 
1170 void rfcomm_cleanup_ttys(void)
1171 {
1172         tty_unregister_driver(rfcomm_tty_driver);
1173         put_tty_driver(rfcomm_tty_driver);
1174 }
1175 

~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

kernel.org | git.kernel.org | LWN.net | Project Home | Wiki (Japanese) | Wiki (English) | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

osdn.jp