search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
RT-AC66 3.0.0.4.374.130 core
[tomato.git] / release / src-rt-6.x / linux / linux-2.6 / net / bluetooth / rfcomm / tty.c
blob23ba61a13bdd7a2260889b191ced54c0a658a452
1 /*
2 RFCOMM implementation for Linux Bluetooth stack (BlueZ).
3 Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com>
4 Copyright (C) 2002 Marcel Holtmann <marcel@holtmann.org>
5
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License version 2 as
8 published by the Free Software Foundation;
9
10 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
11 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
12 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
13 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
14 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
15 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
17 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18
19 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
20 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
21 SOFTWARE IS DISCLAIMED.
22 */
23
24 /*
25 * RFCOMM TTY.
26 *
27 * $Id: tty.c,v 1.24 2002/10/03 01:54:38 holtmann Exp $
28 */
29
30 #include <linux/module.h>
31
32 #include <linux/tty.h>
33 #include <linux/tty_driver.h>
34 #include <linux/tty_flip.h>
35
36 #include <linux/capability.h>
37 #include <linux/slab.h>
38 #include <linux/skbuff.h>
39
40 #include <net/bluetooth/bluetooth.h>
41 #include <net/bluetooth/hci_core.h>
42 #include <net/bluetooth/rfcomm.h>
43
44 #ifndef CONFIG_BT_RFCOMM_DEBUG
45 #undef BT_DBG
46 #define BT_DBG(D...)
47 #endif
48
49 #define RFCOMM_TTY_MAGIC 0x6d02 /* magic number for rfcomm struct */
50 #define RFCOMM_TTY_PORTS RFCOMM_MAX_DEV /* whole lotta rfcomm devices */
51 #define RFCOMM_TTY_MAJOR 216 /* device node major id of the usb/bluetooth.c driver */
52 #define RFCOMM_TTY_MINOR 0
53
54 static struct tty_driver *rfcomm_tty_driver;
55
56 struct rfcomm_dev {
57 struct list_head list;
58 atomic_t refcnt;
59
60 char name[12];
61 int id;
62 unsigned long flags;
63 int opened;
64 int err;
65
66 bdaddr_t src;
67 bdaddr_t dst;
68 u8 channel;
69
70 uint modem_status;
71
72 struct rfcomm_dlc *dlc;
73 struct tty_struct *tty;
74 wait_queue_head_t wait;
75 struct tasklet_struct wakeup_task;
76
77 struct device *tty_dev;
78
79 atomic_t wmem_alloc;
80 };
81
82 static LIST_HEAD(rfcomm_dev_list);
83 static DEFINE_RWLOCK(rfcomm_dev_lock);
84
85 static void rfcomm_dev_data_ready(struct rfcomm_dlc *dlc, struct sk_buff *skb);
86 static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err);
87 static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig);
88
89 static void rfcomm_tty_wakeup(unsigned long arg);
90
91 /* ---- Device functions ---- */
92 static void rfcomm_dev_destruct(struct rfcomm_dev *dev)
93 {
94 struct rfcomm_dlc *dlc = dev->dlc;
95
96 BT_DBG("dev %p dlc %p", dev, dlc);
97
98 write_lock_bh(&rfcomm_dev_lock);
99 list_del_init(&dev->list);
100 write_unlock_bh(&rfcomm_dev_lock);
101
102 rfcomm_dlc_lock(dlc);
103 /* Detach DLC if it's owned by this dev */
104 if (dlc->owner == dev)
105 dlc->owner = NULL;
106 rfcomm_dlc_unlock(dlc);
107
108 rfcomm_dlc_put(dlc);
109
110 tty_unregister_device(rfcomm_tty_driver, dev->id);
111
112 /* Refcount should only hit zero when called from rfcomm_dev_del()
113 which will have taken us off the list. Everything else are
114 refcounting bugs. */
115 BUG_ON(!list_empty(&dev->list));
116
117 kfree(dev);
118
119 /* It's safe to call module_put() here because socket still
120 holds reference to this module. */
121 module_put(THIS_MODULE);
122 }
123
124 static inline void rfcomm_dev_hold(struct rfcomm_dev *dev)
125 {
126 atomic_inc(&dev->refcnt);
127 }
128
129 static inline void rfcomm_dev_put(struct rfcomm_dev *dev)
130 {
131 /* The reason this isn't actually a race, as you no
132 doubt have a little voice screaming at you in your
133 head, is that the refcount should never actually
134 reach zero unless the device has already been taken
135 off the list, in rfcomm_dev_del(). And if that's not
136 true, we'll hit the BUG() in rfcomm_dev_destruct()
137 anyway. */
138 if (atomic_dec_and_test(&dev->refcnt))
139 rfcomm_dev_destruct(dev);
140 }
141
142 static struct rfcomm_dev *__rfcomm_dev_get(int id)
143 {
144 struct rfcomm_dev *dev;
145 struct list_head *p;
146
147 list_for_each(p, &rfcomm_dev_list) {
148 dev = list_entry(p, struct rfcomm_dev, list);
149 if (dev->id == id)
150 return dev;
151 }
152
153 return NULL;
154 }
155
156 static inline struct rfcomm_dev *rfcomm_dev_get(int id)
157 {
158 struct rfcomm_dev *dev;
159
160 read_lock(&rfcomm_dev_lock);
161
162 dev = __rfcomm_dev_get(id);
163
164 if (dev) {
165 if (test_bit(RFCOMM_TTY_RELEASED, &dev->flags))
166 dev = NULL;
167 else
168 rfcomm_dev_hold(dev);
169 }
170
171 read_unlock(&rfcomm_dev_lock);
172
173 return dev;
174 }
175
176 static struct device *rfcomm_get_device(struct rfcomm_dev *dev)
177 {
178 struct hci_dev *hdev;
179 struct hci_conn *conn;
180
181 hdev = hci_get_route(&dev->dst, &dev->src);
182 if (!hdev)
183 return NULL;
184
185 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &dev->dst);
186
187 hci_dev_put(hdev);
188
189 return conn ? &conn->dev : NULL;
190 }
191
192 static int rfcomm_dev_add(struct rfcomm_dev_req *req, struct rfcomm_dlc *dlc)
193 {
194 struct rfcomm_dev *dev;
195 struct list_head *head = &rfcomm_dev_list, *p;
196 int err = 0;
197
198 BT_DBG("id %d channel %d", req->dev_id, req->channel);
199
200 dev = kzalloc(sizeof(struct rfcomm_dev), GFP_KERNEL);
201 if (!dev)
202 return -ENOMEM;
203
204 write_lock_bh(&rfcomm_dev_lock);
205
206 if (req->dev_id < 0) {
207 dev->id = 0;
208
209 list_for_each(p, &rfcomm_dev_list) {
210 if (list_entry(p, struct rfcomm_dev, list)->id != dev->id)
211 break;
212
213 dev->id++;
214 head = p;
215 }
216 } else {
217 dev->id = req->dev_id;
218
219 list_for_each(p, &rfcomm_dev_list) {
220 struct rfcomm_dev *entry = list_entry(p, struct rfcomm_dev, list);
221
222 if (entry->id == dev->id) {
223 err = -EADDRINUSE;
224 goto out;
225 }
226
227 if (entry->id > dev->id - 1)
228 break;
229
230 head = p;
231 }
232 }
233
234 if ((dev->id < 0) || (dev->id > RFCOMM_MAX_DEV - 1)) {
235 err = -ENFILE;
236 goto out;
237 }
238
239 sprintf(dev->name, "rfcomm%d", dev->id);
240
241 list_add(&dev->list, head);
242 atomic_set(&dev->refcnt, 1);
243
244 bacpy(&dev->src, &req->src);
245 bacpy(&dev->dst, &req->dst);
246 dev->channel = req->channel;
247
248 dev->flags = req->flags &
249 ((1 << RFCOMM_RELEASE_ONHUP) | (1 << RFCOMM_REUSE_DLC));
250
251 init_waitqueue_head(&dev->wait);
252 tasklet_init(&dev->wakeup_task, rfcomm_tty_wakeup, (unsigned long) dev);
253
254 rfcomm_dlc_lock(dlc);
255 dlc->data_ready = rfcomm_dev_data_ready;
256 dlc->state_change = rfcomm_dev_state_change;
257 dlc->modem_status = rfcomm_dev_modem_status;
258
259 dlc->owner = dev;
260 dev->dlc = dlc;
261 rfcomm_dlc_unlock(dlc);
262
263 /* It's safe to call __module_get() here because socket already
264 holds reference to this module. */
265 __module_get(THIS_MODULE);
266
267 out:
268 write_unlock_bh(&rfcomm_dev_lock);
269
270 if (err) {
271 kfree(dev);
272 return err;
273 }
274
275 dev->tty_dev = tty_register_device(rfcomm_tty_driver, dev->id, NULL);
276
277 if (IS_ERR(dev->tty_dev)) {
278 list_del(&dev->list);
279 kfree(dev);
280 return PTR_ERR(dev->tty_dev);
281 }
282
283 return dev->id;
284 }
285
286 static void rfcomm_dev_del(struct rfcomm_dev *dev)
287 {
288 BT_DBG("dev %p", dev);
289
290 set_bit(RFCOMM_TTY_RELEASED, &dev->flags);
291 rfcomm_dev_put(dev);
292 }
293
294 /* ---- Send buffer ---- */
295 static inline unsigned int rfcomm_room(struct rfcomm_dlc *dlc)
296 {
297 /* We can't let it be zero, because we don't get a callback
298 when tx_credits becomes nonzero, hence we'd never wake up */
299 return dlc->mtu * (dlc->tx_credits?:1);
300 }
301
302 static void rfcomm_wfree(struct sk_buff *skb)
303 {
304 struct rfcomm_dev *dev = (void *) skb->sk;
305 atomic_sub(skb->truesize, &dev->wmem_alloc);
306 if (test_bit(RFCOMM_TTY_ATTACHED, &dev->flags))
307 tasklet_schedule(&dev->wakeup_task);
308 rfcomm_dev_put(dev);
309 }
310
311 static inline void rfcomm_set_owner_w(struct sk_buff *skb, struct rfcomm_dev *dev)
312 {
313 rfcomm_dev_hold(dev);
314 atomic_add(skb->truesize, &dev->wmem_alloc);
315 skb->sk = (void *) dev;
316 skb->destructor = rfcomm_wfree;
317 }
318
319 static struct sk_buff *rfcomm_wmalloc(struct rfcomm_dev *dev, unsigned long size, gfp_t priority)
320 {
321 if (atomic_read(&dev->wmem_alloc) < rfcomm_room(dev->dlc)) {
322 struct sk_buff *skb = alloc_skb(size, priority);
323 if (skb) {
324 rfcomm_set_owner_w(skb, dev);
325 return skb;
326 }
327 }
328 return NULL;
329 }
330
331 /* ---- Device IOCTLs ---- */
332
333 #define NOCAP_FLAGS ((1 << RFCOMM_REUSE_DLC) | (1 << RFCOMM_RELEASE_ONHUP))
334
335 static int rfcomm_create_dev(struct sock *sk, void __user *arg)
336 {
337 struct rfcomm_dev_req req;
338 struct rfcomm_dlc *dlc;
339 int id;
340
341 if (copy_from_user(&req, arg, sizeof(req)))
342 return -EFAULT;
343
344 BT_DBG("sk %p dev_id %d flags 0x%x", sk, req.dev_id, req.flags);
345
346 if (req.flags != NOCAP_FLAGS && !capable(CAP_NET_ADMIN))
347 return -EPERM;
348
349 if (req.flags & (1 << RFCOMM_REUSE_DLC)) {
350 /* Socket must be connected */
351 if (sk->sk_state != BT_CONNECTED)
352 return -EBADFD;
353
354 dlc = rfcomm_pi(sk)->dlc;
355 rfcomm_dlc_hold(dlc);
356 } else {
357 dlc = rfcomm_dlc_alloc(GFP_KERNEL);
358 if (!dlc)
359 return -ENOMEM;
360 }
361
362 id = rfcomm_dev_add(&req, dlc);
363 if (id < 0) {
364 rfcomm_dlc_put(dlc);
365 return id;
366 }
367
368 if (req.flags & (1 << RFCOMM_REUSE_DLC)) {
369 /* DLC is now used by device.
370 * Socket must be disconnected */
371 sk->sk_state = BT_CLOSED;
372 }
373
374 return id;
375 }
376
377 static int rfcomm_release_dev(void __user *arg)
378 {
379 struct rfcomm_dev_req req;
380 struct rfcomm_dev *dev;
381
382 if (copy_from_user(&req, arg, sizeof(req)))
383 return -EFAULT;
384
385 BT_DBG("dev_id %d flags 0x%x", req.dev_id, req.flags);
386
387 if (!(dev = rfcomm_dev_get(req.dev_id)))
388 return -ENODEV;
389
390 if (dev->flags != NOCAP_FLAGS && !capable(CAP_NET_ADMIN)) {
391 rfcomm_dev_put(dev);
392 return -EPERM;
393 }
394
395 if (req.flags & (1 << RFCOMM_HANGUP_NOW))
396 rfcomm_dlc_close(dev->dlc, 0);
397
398 /* Shut down TTY synchronously before freeing rfcomm_dev */
399 if (dev->tty)
400 tty_vhangup(dev->tty);
401
402 rfcomm_dev_del(dev);
403 rfcomm_dev_put(dev);
404 return 0;
405 }
406
407 static int rfcomm_get_dev_list(void __user *arg)
408 {
409 struct rfcomm_dev_list_req *dl;
410 struct rfcomm_dev_info *di;
411 struct list_head *p;
412 int n = 0, size, err;
413 u16 dev_num;
414
415 BT_DBG("");
416
417 if (get_user(dev_num, (u16 __user *) arg))
418 return -EFAULT;
419
420 if (!dev_num || dev_num > (PAGE_SIZE * 4) / sizeof(*di))
421 return -EINVAL;
422
423 size = sizeof(*dl) + dev_num * sizeof(*di);
424
425 if (!(dl = kmalloc(size, GFP_KERNEL)))
426 return -ENOMEM;
427
428 di = dl->dev_info;
429
430 read_lock_bh(&rfcomm_dev_lock);
431
432 list_for_each(p, &rfcomm_dev_list) {
433 struct rfcomm_dev *dev = list_entry(p, struct rfcomm_dev, list);
434 if (test_bit(RFCOMM_TTY_RELEASED, &dev->flags))
435 continue;
436 (di + n)->id = dev->id;
437 (di + n)->flags = dev->flags;
438 (di + n)->state = dev->dlc->state;
439 (di + n)->channel = dev->channel;
440 bacpy(&(di + n)->src, &dev->src);
441 bacpy(&(di + n)->dst, &dev->dst);
442 if (++n >= dev_num)
443 break;
444 }
445
446 read_unlock_bh(&rfcomm_dev_lock);
447
448 dl->dev_num = n;
449 size = sizeof(*dl) + n * sizeof(*di);
450
451 err = copy_to_user(arg, dl, size);
452 kfree(dl);
453
454 return err ? -EFAULT : 0;
455 }
456
457 static int rfcomm_get_dev_info(void __user *arg)
458 {
459 struct rfcomm_dev *dev;
460 struct rfcomm_dev_info di;
461 int err = 0;
462
463 BT_DBG("");
464
465 if (copy_from_user(&di, arg, sizeof(di)))
466 return -EFAULT;
467
468 if (!(dev = rfcomm_dev_get(di.id)))
469 return -ENODEV;
470
471 di.flags = dev->flags;
472 di.channel = dev->channel;
473 di.state = dev->dlc->state;
474 bacpy(&di.src, &dev->src);
475 bacpy(&di.dst, &dev->dst);
476
477 if (copy_to_user(arg, &di, sizeof(di)))
478 err = -EFAULT;
479
480 rfcomm_dev_put(dev);
481 return err;
482 }
483
484 int rfcomm_dev_ioctl(struct sock *sk, unsigned int cmd, void __user *arg)
485 {
486 BT_DBG("cmd %d arg %p", cmd, arg);
487
488 switch (cmd) {
489 case RFCOMMCREATEDEV:
490 return rfcomm_create_dev(sk, arg);
491
492 case RFCOMMRELEASEDEV:
493 return rfcomm_release_dev(arg);
494
495 case RFCOMMGETDEVLIST:
496 return rfcomm_get_dev_list(arg);
497
498 case RFCOMMGETDEVINFO:
499 return rfcomm_get_dev_info(arg);
500 }
501
502 return -EINVAL;
503 }
504
505 /* ---- DLC callbacks ---- */
506 static void rfcomm_dev_data_ready(struct rfcomm_dlc *dlc, struct sk_buff *skb)
507 {
508 struct rfcomm_dev *dev = dlc->owner;
509 struct tty_struct *tty;
510
511 if (!dev || !(tty = dev->tty)) {
512 kfree_skb(skb);
513 return;
514 }
515
516 BT_DBG("dlc %p tty %p len %d", dlc, tty, skb->len);
517
518 tty_insert_flip_string(tty, skb->data, skb->len);
519 tty_flip_buffer_push(tty);
520
521 kfree_skb(skb);
522 }
523
524 static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err)
525 {
526 struct rfcomm_dev *dev = dlc->owner;
527 if (!dev)
528 return;
529
530 BT_DBG("dlc %p dev %p err %d", dlc, dev, err);
531
532 dev->err = err;
533 wake_up_interruptible(&dev->wait);
534
535 if (dlc->state == BT_CLOSED) {
536 if (!dev->tty) {
537 if (test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags)) {
538 if (rfcomm_dev_get(dev->id) == NULL)
539 return;
540
541 rfcomm_dev_del(dev);
542 /* We have to drop DLC lock here, otherwise
543 rfcomm_dev_put() will dead lock if it's
544 the last reference. */
545 rfcomm_dlc_unlock(dlc);
546 rfcomm_dev_put(dev);
547 rfcomm_dlc_lock(dlc);
548 }
549 } else
550 tty_hangup(dev->tty);
551 }
552 }
553
554 static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig)
555 {
556 struct rfcomm_dev *dev = dlc->owner;
557 if (!dev)
558 return;
559
560 BT_DBG("dlc %p dev %p v24_sig 0x%02x", dlc, dev, v24_sig);
561
562 if ((dev->modem_status & TIOCM_CD) && !(v24_sig & RFCOMM_V24_DV)) {
563 if (dev->tty && !C_CLOCAL(dev->tty))
564 tty_hangup(dev->tty);
565 }
566
567 dev->modem_status =
568 ((v24_sig & RFCOMM_V24_RTC) ? (TIOCM_DSR | TIOCM_DTR) : 0) |
569 ((v24_sig & RFCOMM_V24_RTR) ? (TIOCM_RTS | TIOCM_CTS) : 0) |
570 ((v24_sig & RFCOMM_V24_IC) ? TIOCM_RI : 0) |
571 ((v24_sig & RFCOMM_V24_DV) ? TIOCM_CD : 0);
572 }
573
574 /* ---- TTY functions ---- */
575 static void rfcomm_tty_wakeup(unsigned long arg)
576 {
577 struct rfcomm_dev *dev = (void *) arg;
578 struct tty_struct *tty = dev->tty;
579 if (!tty)
580 return;
581
582 BT_DBG("dev %p tty %p", dev, tty);
583
584 if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags) && tty->ldisc.write_wakeup)
585 (tty->ldisc.write_wakeup)(tty);
586
587 wake_up_interruptible(&tty->write_wait);
588 #ifdef SERIAL_HAVE_POLL_WAIT
589 wake_up_interruptible(&tty->poll_wait);
590 #endif
591 }
592
593 static int rfcomm_tty_open(struct tty_struct *tty, struct file *filp)
594 {
595 DECLARE_WAITQUEUE(wait, current);
596 struct rfcomm_dev *dev;
597 struct rfcomm_dlc *dlc;
598 int err, id;
599
600 id = tty->index;
601
602 BT_DBG("tty %p id %d", tty, id);
603
604 /* We don't leak this refcount. For reasons which are not entirely
605 clear, the TTY layer will call our ->close() method even if the
606 open fails. We decrease the refcount there, and decreasing it
607 here too would cause breakage. */
608 dev = rfcomm_dev_get(id);
609 if (!dev)
610 return -ENODEV;
611
612 BT_DBG("dev %p dst %s channel %d opened %d", dev, batostr(&dev->dst), dev->channel, dev->opened);
613
614 if (dev->opened++ != 0)
615 return 0;
616
617 dlc = dev->dlc;
618
619 /* Attach TTY and open DLC */
620
621 rfcomm_dlc_lock(dlc);
622 tty->driver_data = dev;
623 dev->tty = tty;
624 rfcomm_dlc_unlock(dlc);
625 set_bit(RFCOMM_TTY_ATTACHED, &dev->flags);
626
627 err = rfcomm_dlc_open(dlc, &dev->src, &dev->dst, dev->channel);
628 if (err < 0)
629 return err;
630
631 /* Wait for DLC to connect */
632 add_wait_queue(&dev->wait, &wait);
633 while (1) {
634 set_current_state(TASK_INTERRUPTIBLE);
635
636 if (dlc->state == BT_CLOSED) {
637 err = -dev->err;
638 break;
639 }
640
641 if (dlc->state == BT_CONNECTED)
642 break;
643
644 if (signal_pending(current)) {
645 err = -EINTR;
646 break;
647 }
648
649 schedule();
650 }
651 set_current_state(TASK_RUNNING);
652 remove_wait_queue(&dev->wait, &wait);
653
654 if (err == 0)
655 device_move(dev->tty_dev, rfcomm_get_device(dev));
656
657 return err;
658 }
659
660 static void rfcomm_tty_close(struct tty_struct *tty, struct file *filp)
661 {
662 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
663 if (!dev)
664 return;
665
666 BT_DBG("tty %p dev %p dlc %p opened %d", tty, dev, dev->dlc, dev->opened);
667
668 if (--dev->opened == 0) {
669 device_move(dev->tty_dev, NULL);
670
671 /* Close DLC and dettach TTY */
672 rfcomm_dlc_close(dev->dlc, 0);
673
674 clear_bit(RFCOMM_TTY_ATTACHED, &dev->flags);
675 tasklet_kill(&dev->wakeup_task);
676
677 rfcomm_dlc_lock(dev->dlc);
678 tty->driver_data = NULL;
679 dev->tty = NULL;
680 rfcomm_dlc_unlock(dev->dlc);
681 }
682
683 rfcomm_dev_put(dev);
684 }
685
686 static int rfcomm_tty_write(struct tty_struct *tty, const unsigned char *buf, int count)
687 {
688 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
689 struct rfcomm_dlc *dlc = dev->dlc;
690 struct sk_buff *skb;
691 int err = 0, sent = 0, size;
692
693 BT_DBG("tty %p count %d", tty, count);
694
695 while (count) {
696 size = min_t(uint, count, dlc->mtu);
697
698 skb = rfcomm_wmalloc(dev, size + RFCOMM_SKB_RESERVE, GFP_ATOMIC);
699
700 if (!skb)
701 break;
702
703 skb_reserve(skb, RFCOMM_SKB_HEAD_RESERVE);
704
705 memcpy(skb_put(skb, size), buf + sent, size);
706
707 if ((err = rfcomm_dlc_send(dlc, skb)) < 0) {
708 kfree_skb(skb);
709 break;
710 }
711
712 sent += size;
713 count -= size;
714 }
715
716 return sent ? sent : err;
717 }
718
719 static int rfcomm_tty_write_room(struct tty_struct *tty)
720 {
721 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
722 int room;
723
724 BT_DBG("tty %p", tty);
725
726 if (!dev || !dev->dlc)
727 return 0;
728
729 room = rfcomm_room(dev->dlc) - atomic_read(&dev->wmem_alloc);
730 if (room < 0)
731 room = 0;
732
733 return room;
734 }
735
736 static int rfcomm_tty_ioctl(struct tty_struct *tty, struct file *filp, unsigned int cmd, unsigned long arg)
737 {
738 BT_DBG("tty %p cmd 0x%02x", tty, cmd);
739
740 switch (cmd) {
741 case TCGETS:
742 BT_DBG("TCGETS is not supported");
743 return -ENOIOCTLCMD;
744
745 case TCSETS:
746 BT_DBG("TCSETS is not supported");
747 return -ENOIOCTLCMD;
748
749 case TIOCMIWAIT:
750 BT_DBG("TIOCMIWAIT");
751 break;
752
753 case TIOCGICOUNT:
754 BT_DBG("TIOCGICOUNT");
755 break;
756
757 case TIOCGSERIAL:
758 BT_ERR("TIOCGSERIAL is not supported");
759 return -ENOIOCTLCMD;
760
761 case TIOCSSERIAL:
762 BT_ERR("TIOCSSERIAL is not supported");
763 return -ENOIOCTLCMD;
764
765 case TIOCSERGSTRUCT:
766 BT_ERR("TIOCSERGSTRUCT is not supported");
767 return -ENOIOCTLCMD;
768
769 case TIOCSERGETLSR:
770 BT_ERR("TIOCSERGETLSR is not supported");
771 return -ENOIOCTLCMD;
772
773 case TIOCSERCONFIG:
774 BT_ERR("TIOCSERCONFIG is not supported");
775 return -ENOIOCTLCMD;
776
777 default:
778 return -ENOIOCTLCMD; /* ioctls which we must ignore */
779
780 }
781
782 return -ENOIOCTLCMD;
783 }
784
785 static void rfcomm_tty_set_termios(struct tty_struct *tty, struct ktermios *old)
786 {
787 struct ktermios *new = tty->termios;
788 int old_baud_rate = tty_termios_baud_rate(old);
789 int new_baud_rate = tty_termios_baud_rate(new);
790
791 u8 baud, data_bits, stop_bits, parity, x_on, x_off;
792 u16 changes = 0;
793
794 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
795
796 BT_DBG("tty %p termios %p", tty, old);
797
798 if (!dev || !dev->dlc || !dev->dlc->session)
799 return;
800
801 /* Handle turning off CRTSCTS */
802 if ((old->c_cflag & CRTSCTS) && !(new->c_cflag & CRTSCTS))
803 BT_DBG("Turning off CRTSCTS unsupported");
804
805 /* Parity on/off and when on, odd/even */
806 if (((old->c_cflag & PARENB) != (new->c_cflag & PARENB)) ||
807 ((old->c_cflag & PARODD) != (new->c_cflag & PARODD)) ) {
808 changes |= RFCOMM_RPN_PM_PARITY;
809 BT_DBG("Parity change detected.");
810 }
811
812 /* Mark and space parity are not supported! */
813 if (new->c_cflag & PARENB) {
814 if (new->c_cflag & PARODD) {
815 BT_DBG("Parity is ODD");
816 parity = RFCOMM_RPN_PARITY_ODD;
817 } else {
818 BT_DBG("Parity is EVEN");
819 parity = RFCOMM_RPN_PARITY_EVEN;
820 }
821 } else {
822 BT_DBG("Parity is OFF");
823 parity = RFCOMM_RPN_PARITY_NONE;
824 }
825
826 /* Setting the x_on / x_off characters */
827 if (old->c_cc[VSTOP] != new->c_cc[VSTOP]) {
828 BT_DBG("XOFF custom");
829 x_on = new->c_cc[VSTOP];
830 changes |= RFCOMM_RPN_PM_XON;
831 } else {
832 BT_DBG("XOFF default");
833 x_on = RFCOMM_RPN_XON_CHAR;
834 }
835
836 if (old->c_cc[VSTART] != new->c_cc[VSTART]) {
837 BT_DBG("XON custom");
838 x_off = new->c_cc[VSTART];
839 changes |= RFCOMM_RPN_PM_XOFF;
840 } else {
841 BT_DBG("XON default");
842 x_off = RFCOMM_RPN_XOFF_CHAR;
843 }
844
845 /* Handle setting of stop bits */
846 if ((old->c_cflag & CSTOPB) != (new->c_cflag & CSTOPB))
847 changes |= RFCOMM_RPN_PM_STOP;
848
849 /* POSIX does not support 1.5 stop bits and RFCOMM does not
850 * support 2 stop bits. So a request for 2 stop bits gets
851 * translated to 1.5 stop bits */
852 if (new->c_cflag & CSTOPB) {
853 stop_bits = RFCOMM_RPN_STOP_15;
854 } else {
855 stop_bits = RFCOMM_RPN_STOP_1;
856 }
857
858 /* Handle number of data bits [5-8] */
859 if ((old->c_cflag & CSIZE) != (new->c_cflag & CSIZE))
860 changes |= RFCOMM_RPN_PM_DATA;
861
862 switch (new->c_cflag & CSIZE) {
863 case CS5:
864 data_bits = RFCOMM_RPN_DATA_5;
865 break;
866 case CS6:
867 data_bits = RFCOMM_RPN_DATA_6;
868 break;
869 case CS7:
870 data_bits = RFCOMM_RPN_DATA_7;
871 break;
872 case CS8:
873 data_bits = RFCOMM_RPN_DATA_8;
874 break;
875 default:
876 data_bits = RFCOMM_RPN_DATA_8;
877 break;
878 }
879
880 /* Handle baudrate settings */
881 if (old_baud_rate != new_baud_rate)
882 changes |= RFCOMM_RPN_PM_BITRATE;
883
884 switch (new_baud_rate) {
885 case 2400:
886 baud = RFCOMM_RPN_BR_2400;
887 break;
888 case 4800:
889 baud = RFCOMM_RPN_BR_4800;
890 break;
891 case 7200:
892 baud = RFCOMM_RPN_BR_7200;
893 break;
894 case 9600:
895 baud = RFCOMM_RPN_BR_9600;
896 break;
897 case 19200:
898 baud = RFCOMM_RPN_BR_19200;
899 break;
900 case 38400:
901 baud = RFCOMM_RPN_BR_38400;
902 break;
903 case 57600:
904 baud = RFCOMM_RPN_BR_57600;
905 break;
906 case 115200:
907 baud = RFCOMM_RPN_BR_115200;
908 break;
909 case 230400:
910 baud = RFCOMM_RPN_BR_230400;
911 break;
912 default:
913 /* 9600 is standard accordinag to the RFCOMM specification */
914 baud = RFCOMM_RPN_BR_9600;
915 break;
916
917 }
918
919 if (changes)
920 rfcomm_send_rpn(dev->dlc->session, 1, dev->dlc->dlci, baud,
921 data_bits, stop_bits, parity,
922 RFCOMM_RPN_FLOW_NONE, x_on, x_off, changes);
923
924 return;
925 }
926
927 static void rfcomm_tty_throttle(struct tty_struct *tty)
928 {
929 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
930
931 BT_DBG("tty %p dev %p", tty, dev);
932
933 rfcomm_dlc_throttle(dev->dlc);
934 }
935
936 static void rfcomm_tty_unthrottle(struct tty_struct *tty)
937 {
938 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
939
940 BT_DBG("tty %p dev %p", tty, dev);
941
942 rfcomm_dlc_unthrottle(dev->dlc);
943 }
944
945 static int rfcomm_tty_chars_in_buffer(struct tty_struct *tty)
946 {
947 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
948
949 BT_DBG("tty %p dev %p", tty, dev);
950
951 if (!dev || !dev->dlc)
952 return 0;
953
954 if (!skb_queue_empty(&dev->dlc->tx_queue))
955 return dev->dlc->mtu;
956
957 return 0;
958 }
959
960 static void rfcomm_tty_flush_buffer(struct tty_struct *tty)
961 {
962 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
963
964 BT_DBG("tty %p dev %p", tty, dev);
965
966 if (!dev || !dev->dlc)
967 return;
968
969 skb_queue_purge(&dev->dlc->tx_queue);
970
971 if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags) && tty->ldisc.write_wakeup)
972 tty->ldisc.write_wakeup(tty);
973 }
974
975 static void rfcomm_tty_send_xchar(struct tty_struct *tty, char ch)
976 {
977 BT_DBG("tty %p ch %c", tty, ch);
978 }
979
980 static void rfcomm_tty_wait_until_sent(struct tty_struct *tty, int timeout)
981 {
982 BT_DBG("tty %p timeout %d", tty, timeout);
983 }
984
985 static void rfcomm_tty_hangup(struct tty_struct *tty)
986 {
987 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
988
989 BT_DBG("tty %p dev %p", tty, dev);
990
991 if (!dev)
992 return;
993
994 rfcomm_tty_flush_buffer(tty);
995
996 if (test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags)) {
997 if (rfcomm_dev_get(dev->id) == NULL)
998 return;
999 rfcomm_dev_del(dev);
1000 rfcomm_dev_put(dev);
1001 }
1002 }
1003
1004 static int rfcomm_tty_read_proc(char *buf, char **start, off_t offset, int len, int *eof, void *unused)
1005 {
1006 return 0;
1007 }
1008
1009 static int rfcomm_tty_tiocmget(struct tty_struct *tty, struct file *filp)
1010 {
1011 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1012
1013 BT_DBG("tty %p dev %p", tty, dev);
1014
1015 return dev->modem_status;
1016 }
1017
1018 static int rfcomm_tty_tiocmset(struct tty_struct *tty, struct file *filp, unsigned int set, unsigned int clear)
1019 {
1020 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1021 struct rfcomm_dlc *dlc = dev->dlc;
1022 u8 v24_sig;
1023
1024 BT_DBG("tty %p dev %p set 0x%02x clear 0x%02x", tty, dev, set, clear);
1025
1026 rfcomm_dlc_get_modem_status(dlc, &v24_sig);
1027
1028 if (set & TIOCM_DSR || set & TIOCM_DTR)
1029 v24_sig |= RFCOMM_V24_RTC;
1030 if (set & TIOCM_RTS || set & TIOCM_CTS)
1031 v24_sig |= RFCOMM_V24_RTR;
1032 if (set & TIOCM_RI)
1033 v24_sig |= RFCOMM_V24_IC;
1034 if (set & TIOCM_CD)
1035 v24_sig |= RFCOMM_V24_DV;
1036
1037 if (clear & TIOCM_DSR || clear & TIOCM_DTR)
1038 v24_sig &= ~RFCOMM_V24_RTC;
1039 if (clear & TIOCM_RTS || clear & TIOCM_CTS)
1040 v24_sig &= ~RFCOMM_V24_RTR;
1041 if (clear & TIOCM_RI)
1042 v24_sig &= ~RFCOMM_V24_IC;
1043 if (clear & TIOCM_CD)
1044 v24_sig &= ~RFCOMM_V24_DV;
1045
1046 rfcomm_dlc_set_modem_status(dlc, v24_sig);
1047
1048 return 0;
1049 }
1050
1051 /* ---- TTY structure ---- */
1052
1053 static const struct tty_operations rfcomm_ops = {
1054 .open = rfcomm_tty_open,
1055 .close = rfcomm_tty_close,
1056 .write = rfcomm_tty_write,
1057 .write_room = rfcomm_tty_write_room,
1058 .chars_in_buffer = rfcomm_tty_chars_in_buffer,
1059 .flush_buffer = rfcomm_tty_flush_buffer,
1060 .ioctl = rfcomm_tty_ioctl,
1061 .throttle = rfcomm_tty_throttle,
1062 .unthrottle = rfcomm_tty_unthrottle,
1063 .set_termios = rfcomm_tty_set_termios,
1064 .send_xchar = rfcomm_tty_send_xchar,
1065 .hangup = rfcomm_tty_hangup,
1066 .wait_until_sent = rfcomm_tty_wait_until_sent,
1067 .read_proc = rfcomm_tty_read_proc,
1068 .tiocmget = rfcomm_tty_tiocmget,
1069 .tiocmset = rfcomm_tty_tiocmset,
1070 };
1071
1072 int rfcomm_init_ttys(void)
1073 {
1074 rfcomm_tty_driver = alloc_tty_driver(RFCOMM_TTY_PORTS);
1075 if (!rfcomm_tty_driver)
1076 return -1;
1077
1078 rfcomm_tty_driver->owner = THIS_MODULE;
1079 rfcomm_tty_driver->driver_name = "rfcomm";
1080 rfcomm_tty_driver->name = "rfcomm";
1081 rfcomm_tty_driver->major = RFCOMM_TTY_MAJOR;
1082 rfcomm_tty_driver->minor_start = RFCOMM_TTY_MINOR;
1083 rfcomm_tty_driver->type = TTY_DRIVER_TYPE_SERIAL;
1084 rfcomm_tty_driver->subtype = SERIAL_TYPE_NORMAL;
1085 rfcomm_tty_driver->flags = TTY_DRIVER_REAL_RAW | TTY_DRIVER_DYNAMIC_DEV;
1086 rfcomm_tty_driver->init_termios = tty_std_termios;
1087 rfcomm_tty_driver->init_termios.c_cflag = B9600 | CS8 | CREAD | HUPCL | CLOCAL;
1088 tty_set_operations(rfcomm_tty_driver, &rfcomm_ops);
1089
1090 if (tty_register_driver(rfcomm_tty_driver)) {
1091 BT_ERR("Can't register RFCOMM TTY driver");
1092 put_tty_driver(rfcomm_tty_driver);
1093 return -1;
1094 }
1095
1096 BT_INFO("RFCOMM TTY layer initialized");
1097
1098 return 0;
1099 }
1100
1101 void rfcomm_cleanup_ttys(void)
1102 {
1103 tty_unregister_driver(rfcomm_tty_driver);
1104 put_tty_driver(rfcomm_tty_driver);
1105 }
Tomato firmware and modifications.