Linux Kernel  3.7.1
 All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
tty.c
Go to the documentation of this file.
1 /*
2  RFCOMM implementation for Linux Bluetooth stack (BlueZ).
3  Copyright (C) 2002 Maxim Krasnyansky <[email protected]>
4  Copyright (C) 2002 Marcel Holtmann <[email protected]>
5 
6  This program is free software; you can redistribute it and/or modify
7  it under the terms of the GNU General Public License version 2 as
8  published by the Free Software Foundation;
9 
10  THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
11  OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
12  FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
13  IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
14  CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
15  WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16  ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
17  OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 
19  ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
20  COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
21  SOFTWARE IS DISCLAIMED.
22 */
23 
24 /*
25  * RFCOMM TTY.
26  */
27 
28 #include <linux/module.h>
29 
30 #include <linux/tty.h>
31 #include <linux/tty_driver.h>
32 #include <linux/tty_flip.h>
33 
34 #include <net/bluetooth/bluetooth.h>
35 #include <net/bluetooth/hci_core.h>
36 #include <net/bluetooth/rfcomm.h>
37 
38 #define RFCOMM_TTY_MAGIC 0x6d02 /* magic number for rfcomm struct */
39 #define RFCOMM_TTY_PORTS RFCOMM_MAX_DEV /* whole lotta rfcomm devices */
40 #define RFCOMM_TTY_MAJOR 216 /* device node major id of the usb/bluetooth.c driver */
41 #define RFCOMM_TTY_MINOR 0
42 
43 static struct tty_driver *rfcomm_tty_driver;
44 
45 struct rfcomm_dev {
46  struct tty_port port;
47  struct list_head list;
48 
49  char name[12];
50  int id;
51  unsigned long flags;
52  int err;
53 
54  bdaddr_t src;
55  bdaddr_t dst;
56  u8 channel;
57 
58  uint modem_status;
59 
60  struct rfcomm_dlc *dlc;
61  wait_queue_head_t wait;
62 
63  struct device *tty_dev;
64 
65  atomic_t wmem_alloc;
66 
67  struct sk_buff_head pending;
68 };
69 
70 static LIST_HEAD(rfcomm_dev_list);
71 static DEFINE_SPINLOCK(rfcomm_dev_lock);
72 
73 static void rfcomm_dev_data_ready(struct rfcomm_dlc *dlc, struct sk_buff *skb);
74 static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err);
75 static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig);
76 
77 /* ---- Device functions ---- */
78 
79 /*
80  * The reason this isn't actually a race, as you no doubt have a little voice
81  * screaming at you in your head, is that the refcount should never actually
82  * reach zero unless the device has already been taken off the list, in
83  * rfcomm_dev_del(). And if that's not true, we'll hit the BUG() in
84  * rfcomm_dev_destruct() anyway.
85  */
86 static void rfcomm_dev_destruct(struct tty_port *port)
87 {
88  struct rfcomm_dev *dev = container_of(port, struct rfcomm_dev, port);
89  struct rfcomm_dlc *dlc = dev->dlc;
90 
91  BT_DBG("dev %p dlc %p", dev, dlc);
92 
93  /* Refcount should only hit zero when called from rfcomm_dev_del()
94  which will have taken us off the list. Everything else are
95  refcounting bugs. */
96  BUG_ON(!list_empty(&dev->list));
97 
98  rfcomm_dlc_lock(dlc);
99  /* Detach DLC if it's owned by this dev */
100  if (dlc->owner == dev)
101  dlc->owner = NULL;
102  rfcomm_dlc_unlock(dlc);
103 
104  rfcomm_dlc_put(dlc);
105 
106  tty_unregister_device(rfcomm_tty_driver, dev->id);
107 
108  kfree(dev);
109 
110  /* It's safe to call module_put() here because socket still
111  holds reference to this module. */
112  module_put(THIS_MODULE);
113 }
114 
115 static const struct tty_port_operations rfcomm_port_ops = {
116  .destruct = rfcomm_dev_destruct,
117 };
118 
119 static struct rfcomm_dev *__rfcomm_dev_get(int id)
120 {
121  struct rfcomm_dev *dev;
122 
123  list_for_each_entry(dev, &rfcomm_dev_list, list)
124  if (dev->id == id)
125  return dev;
126 
127  return NULL;
128 }
129 
130 static struct rfcomm_dev *rfcomm_dev_get(int id)
131 {
132  struct rfcomm_dev *dev;
133 
134  spin_lock(&rfcomm_dev_lock);
135 
136  dev = __rfcomm_dev_get(id);
137 
138  if (dev) {
139  if (test_bit(RFCOMM_TTY_RELEASED, &dev->flags))
140  dev = NULL;
141  else
142  tty_port_get(&dev->port);
143  }
144 
145  spin_unlock(&rfcomm_dev_lock);
146 
147  return dev;
148 }
149 
150 static struct device *rfcomm_get_device(struct rfcomm_dev *dev)
151 {
152  struct hci_dev *hdev;
153  struct hci_conn *conn;
154 
155  hdev = hci_get_route(&dev->dst, &dev->src);
156  if (!hdev)
157  return NULL;
158 
159  conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &dev->dst);
160 
161  hci_dev_put(hdev);
162 
163  return conn ? &conn->dev : NULL;
164 }
165 
166 static ssize_t show_address(struct device *tty_dev, struct device_attribute *attr, char *buf)
167 {
168  struct rfcomm_dev *dev = dev_get_drvdata(tty_dev);
169  return sprintf(buf, "%s\n", batostr(&dev->dst));
170 }
171 
172 static ssize_t show_channel(struct device *tty_dev, struct device_attribute *attr, char *buf)
173 {
174  struct rfcomm_dev *dev = dev_get_drvdata(tty_dev);
175  return sprintf(buf, "%d\n", dev->channel);
176 }
177 
178 static DEVICE_ATTR(address, S_IRUGO, show_address, NULL);
179 static DEVICE_ATTR(channel, S_IRUGO, show_channel, NULL);
180 
181 static int rfcomm_dev_add(struct rfcomm_dev_req *req, struct rfcomm_dlc *dlc)
182 {
183  struct rfcomm_dev *dev, *entry;
184  struct list_head *head = &rfcomm_dev_list;
185  int err = 0;
186 
187  BT_DBG("id %d channel %d", req->dev_id, req->channel);
188 
189  dev = kzalloc(sizeof(struct rfcomm_dev), GFP_KERNEL);
190  if (!dev)
191  return -ENOMEM;
192 
193  spin_lock(&rfcomm_dev_lock);
194 
195  if (req->dev_id < 0) {
196  dev->id = 0;
197 
198  list_for_each_entry(entry, &rfcomm_dev_list, list) {
199  if (entry->id != dev->id)
200  break;
201 
202  dev->id++;
203  head = &entry->list;
204  }
205  } else {
206  dev->id = req->dev_id;
207 
208  list_for_each_entry(entry, &rfcomm_dev_list, list) {
209  if (entry->id == dev->id) {
210  err = -EADDRINUSE;
211  goto out;
212  }
213 
214  if (entry->id > dev->id - 1)
215  break;
216 
217  head = &entry->list;
218  }
219  }
220 
221  if ((dev->id < 0) || (dev->id > RFCOMM_MAX_DEV - 1)) {
222  err = -ENFILE;
223  goto out;
224  }
225 
226  sprintf(dev->name, "rfcomm%d", dev->id);
227 
228  list_add(&dev->list, head);
229 
230  bacpy(&dev->src, &req->src);
231  bacpy(&dev->dst, &req->dst);
232  dev->channel = req->channel;
233 
234  dev->flags = req->flags &
235  ((1 << RFCOMM_RELEASE_ONHUP) | (1 << RFCOMM_REUSE_DLC));
236 
237  tty_port_init(&dev->port);
238  dev->port.ops = &rfcomm_port_ops;
239  init_waitqueue_head(&dev->wait);
240 
241  skb_queue_head_init(&dev->pending);
242 
243  rfcomm_dlc_lock(dlc);
244 
245  if (req->flags & (1 << RFCOMM_REUSE_DLC)) {
246  struct sock *sk = dlc->owner;
247  struct sk_buff *skb;
248 
249  BUG_ON(!sk);
250 
251  rfcomm_dlc_throttle(dlc);
252 
253  while ((skb = skb_dequeue(&sk->sk_receive_queue))) {
254  skb_orphan(skb);
255  skb_queue_tail(&dev->pending, skb);
256  atomic_sub(skb->len, &sk->sk_rmem_alloc);
257  }
258  }
259 
260  dlc->data_ready = rfcomm_dev_data_ready;
261  dlc->state_change = rfcomm_dev_state_change;
262  dlc->modem_status = rfcomm_dev_modem_status;
263 
264  dlc->owner = dev;
265  dev->dlc = dlc;
266 
267  rfcomm_dev_modem_status(dlc, dlc->remote_v24_sig);
268 
269  rfcomm_dlc_unlock(dlc);
270 
271  /* It's safe to call __module_get() here because socket already
272  holds reference to this module. */
273  __module_get(THIS_MODULE);
274 
275 out:
276  spin_unlock(&rfcomm_dev_lock);
277 
278  if (err < 0)
279  goto free;
280 
281  dev->tty_dev = tty_port_register_device(&dev->port, rfcomm_tty_driver,
282  dev->id, NULL);
283  if (IS_ERR(dev->tty_dev)) {
284  err = PTR_ERR(dev->tty_dev);
285  list_del(&dev->list);
286  goto free;
287  }
288 
289  dev_set_drvdata(dev->tty_dev, dev);
290 
291  if (device_create_file(dev->tty_dev, &dev_attr_address) < 0)
292  BT_ERR("Failed to create address attribute");
293 
294  if (device_create_file(dev->tty_dev, &dev_attr_channel) < 0)
295  BT_ERR("Failed to create channel attribute");
296 
297  return dev->id;
298 
299 free:
300  kfree(dev);
301  return err;
302 }
303 
304 static void rfcomm_dev_del(struct rfcomm_dev *dev)
305 {
306  unsigned long flags;
307  BT_DBG("dev %p", dev);
308 
309  BUG_ON(test_and_set_bit(RFCOMM_TTY_RELEASED, &dev->flags));
310 
311  spin_lock_irqsave(&dev->port.lock, flags);
312  if (dev->port.count > 0) {
313  spin_unlock_irqrestore(&dev->port.lock, flags);
314  return;
315  }
316  spin_unlock_irqrestore(&dev->port.lock, flags);
317 
318  spin_lock(&rfcomm_dev_lock);
319  list_del_init(&dev->list);
320  spin_unlock(&rfcomm_dev_lock);
321 
322  tty_port_put(&dev->port);
323 }
324 
325 /* ---- Send buffer ---- */
326 static inline unsigned int rfcomm_room(struct rfcomm_dlc *dlc)
327 {
328  /* We can't let it be zero, because we don't get a callback
329  when tx_credits becomes nonzero, hence we'd never wake up */
330  return dlc->mtu * (dlc->tx_credits?:1);
331 }
332 
333 static void rfcomm_wfree(struct sk_buff *skb)
334 {
335  struct rfcomm_dev *dev = (void *) skb->sk;
336  struct tty_struct *tty = dev->port.tty;
337  atomic_sub(skb->truesize, &dev->wmem_alloc);
338  if (test_bit(RFCOMM_TTY_ATTACHED, &dev->flags) && tty)
339  tty_wakeup(tty);
340  tty_port_put(&dev->port);
341 }
342 
343 static void rfcomm_set_owner_w(struct sk_buff *skb, struct rfcomm_dev *dev)
344 {
345  tty_port_get(&dev->port);
346  atomic_add(skb->truesize, &dev->wmem_alloc);
347  skb->sk = (void *) dev;
348  skb->destructor = rfcomm_wfree;
349 }
350 
351 static struct sk_buff *rfcomm_wmalloc(struct rfcomm_dev *dev, unsigned long size, gfp_t priority)
352 {
353  if (atomic_read(&dev->wmem_alloc) < rfcomm_room(dev->dlc)) {
354  struct sk_buff *skb = alloc_skb(size, priority);
355  if (skb) {
356  rfcomm_set_owner_w(skb, dev);
357  return skb;
358  }
359  }
360  return NULL;
361 }
362 
363 /* ---- Device IOCTLs ---- */
364 
365 #define NOCAP_FLAGS ((1 << RFCOMM_REUSE_DLC) | (1 << RFCOMM_RELEASE_ONHUP))
366 
367 static int rfcomm_create_dev(struct sock *sk, void __user *arg)
368 {
369  struct rfcomm_dev_req req;
370  struct rfcomm_dlc *dlc;
371  int id;
372 
373  if (copy_from_user(&req, arg, sizeof(req)))
374  return -EFAULT;
375 
376  BT_DBG("sk %p dev_id %d flags 0x%x", sk, req.dev_id, req.flags);
377 
378  if (req.flags != NOCAP_FLAGS && !capable(CAP_NET_ADMIN))
379  return -EPERM;
380 
381  if (req.flags & (1 << RFCOMM_REUSE_DLC)) {
382  /* Socket must be connected */
383  if (sk->sk_state != BT_CONNECTED)
384  return -EBADFD;
385 
386  dlc = rfcomm_pi(sk)->dlc;
387  rfcomm_dlc_hold(dlc);
388  } else {
389  dlc = rfcomm_dlc_alloc(GFP_KERNEL);
390  if (!dlc)
391  return -ENOMEM;
392  }
393 
394  id = rfcomm_dev_add(&req, dlc);
395  if (id < 0) {
396  rfcomm_dlc_put(dlc);
397  return id;
398  }
399 
400  if (req.flags & (1 << RFCOMM_REUSE_DLC)) {
401  /* DLC is now used by device.
402  * Socket must be disconnected */
403  sk->sk_state = BT_CLOSED;
404  }
405 
406  return id;
407 }
408 
409 static int rfcomm_release_dev(void __user *arg)
410 {
411  struct rfcomm_dev_req req;
412  struct rfcomm_dev *dev;
413 
414  if (copy_from_user(&req, arg, sizeof(req)))
415  return -EFAULT;
416 
417  BT_DBG("dev_id %d flags 0x%x", req.dev_id, req.flags);
418 
419  dev = rfcomm_dev_get(req.dev_id);
420  if (!dev)
421  return -ENODEV;
422 
423  if (dev->flags != NOCAP_FLAGS && !capable(CAP_NET_ADMIN)) {
424  tty_port_put(&dev->port);
425  return -EPERM;
426  }
427 
428  if (req.flags & (1 << RFCOMM_HANGUP_NOW))
429  rfcomm_dlc_close(dev->dlc, 0);
430 
431  /* Shut down TTY synchronously before freeing rfcomm_dev */
432  if (dev->port.tty)
433  tty_vhangup(dev->port.tty);
434 
435  if (!test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags))
436  rfcomm_dev_del(dev);
437  tty_port_put(&dev->port);
438  return 0;
439 }
440 
441 static int rfcomm_get_dev_list(void __user *arg)
442 {
443  struct rfcomm_dev *dev;
444  struct rfcomm_dev_list_req *dl;
445  struct rfcomm_dev_info *di;
446  int n = 0, size, err;
447  u16 dev_num;
448 
449  BT_DBG("");
450 
451  if (get_user(dev_num, (u16 __user *) arg))
452  return -EFAULT;
453 
454  if (!dev_num || dev_num > (PAGE_SIZE * 4) / sizeof(*di))
455  return -EINVAL;
456 
457  size = sizeof(*dl) + dev_num * sizeof(*di);
458 
459  dl = kzalloc(size, GFP_KERNEL);
460  if (!dl)
461  return -ENOMEM;
462 
463  di = dl->dev_info;
464 
465  spin_lock(&rfcomm_dev_lock);
466 
467  list_for_each_entry(dev, &rfcomm_dev_list, list) {
468  if (test_bit(RFCOMM_TTY_RELEASED, &dev->flags))
469  continue;
470  (di + n)->id = dev->id;
471  (di + n)->flags = dev->flags;
472  (di + n)->state = dev->dlc->state;
473  (di + n)->channel = dev->channel;
474  bacpy(&(di + n)->src, &dev->src);
475  bacpy(&(di + n)->dst, &dev->dst);
476  if (++n >= dev_num)
477  break;
478  }
479 
480  spin_unlock(&rfcomm_dev_lock);
481 
482  dl->dev_num = n;
483  size = sizeof(*dl) + n * sizeof(*di);
484 
485  err = copy_to_user(arg, dl, size);
486  kfree(dl);
487 
488  return err ? -EFAULT : 0;
489 }
490 
491 static int rfcomm_get_dev_info(void __user *arg)
492 {
493  struct rfcomm_dev *dev;
494  struct rfcomm_dev_info di;
495  int err = 0;
496 
497  BT_DBG("");
498 
499  if (copy_from_user(&di, arg, sizeof(di)))
500  return -EFAULT;
501 
502  dev = rfcomm_dev_get(di.id);
503  if (!dev)
504  return -ENODEV;
505 
506  di.flags = dev->flags;
507  di.channel = dev->channel;
508  di.state = dev->dlc->state;
509  bacpy(&di.src, &dev->src);
510  bacpy(&di.dst, &dev->dst);
511 
512  if (copy_to_user(arg, &di, sizeof(di)))
513  err = -EFAULT;
514 
515  tty_port_put(&dev->port);
516  return err;
517 }
518 
519 int rfcomm_dev_ioctl(struct sock *sk, unsigned int cmd, void __user *arg)
520 {
521  BT_DBG("cmd %d arg %p", cmd, arg);
522 
523  switch (cmd) {
524  case RFCOMMCREATEDEV:
525  return rfcomm_create_dev(sk, arg);
526 
527  case RFCOMMRELEASEDEV:
528  return rfcomm_release_dev(arg);
529 
530  case RFCOMMGETDEVLIST:
531  return rfcomm_get_dev_list(arg);
532 
533  case RFCOMMGETDEVINFO:
534  return rfcomm_get_dev_info(arg);
535  }
536 
537  return -EINVAL;
538 }
539 
540 /* ---- DLC callbacks ---- */
541 static void rfcomm_dev_data_ready(struct rfcomm_dlc *dlc, struct sk_buff *skb)
542 {
543  struct rfcomm_dev *dev = dlc->owner;
544  struct tty_struct *tty;
545 
546  if (!dev) {
547  kfree_skb(skb);
548  return;
549  }
550 
551  tty = dev->port.tty;
552  if (!tty || !skb_queue_empty(&dev->pending)) {
553  skb_queue_tail(&dev->pending, skb);
554  return;
555  }
556 
557  BT_DBG("dlc %p tty %p len %d", dlc, tty, skb->len);
558 
559  tty_insert_flip_string(tty, skb->data, skb->len);
560  tty_flip_buffer_push(tty);
561 
562  kfree_skb(skb);
563 }
564 
565 static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err)
566 {
567  struct rfcomm_dev *dev = dlc->owner;
568  if (!dev)
569  return;
570 
571  BT_DBG("dlc %p dev %p err %d", dlc, dev, err);
572 
573  dev->err = err;
574  wake_up_interruptible(&dev->wait);
575 
576  if (dlc->state == BT_CLOSED) {
577  if (!dev->port.tty) {
578  if (test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags)) {
579  /* Drop DLC lock here to avoid deadlock
580  * 1. rfcomm_dev_get will take rfcomm_dev_lock
581  * but in rfcomm_dev_add there's lock order:
582  * rfcomm_dev_lock -> dlc lock
583  * 2. tty_port_put will deadlock if it's
584  * the last reference
585  */
586  rfcomm_dlc_unlock(dlc);
587  if (rfcomm_dev_get(dev->id) == NULL) {
588  rfcomm_dlc_lock(dlc);
589  return;
590  }
591 
592  rfcomm_dev_del(dev);
593  tty_port_put(&dev->port);
594  rfcomm_dlc_lock(dlc);
595  }
596  } else
597  tty_hangup(dev->port.tty);
598  }
599 }
600 
601 static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig)
602 {
603  struct rfcomm_dev *dev = dlc->owner;
604  if (!dev)
605  return;
606 
607  BT_DBG("dlc %p dev %p v24_sig 0x%02x", dlc, dev, v24_sig);
608 
609  if ((dev->modem_status & TIOCM_CD) && !(v24_sig & RFCOMM_V24_DV)) {
610  if (dev->port.tty && !C_CLOCAL(dev->port.tty))
611  tty_hangup(dev->port.tty);
612  }
613 
614  dev->modem_status =
615  ((v24_sig & RFCOMM_V24_RTC) ? (TIOCM_DSR | TIOCM_DTR) : 0) |
616  ((v24_sig & RFCOMM_V24_RTR) ? (TIOCM_RTS | TIOCM_CTS) : 0) |
617  ((v24_sig & RFCOMM_V24_IC) ? TIOCM_RI : 0) |
618  ((v24_sig & RFCOMM_V24_DV) ? TIOCM_CD : 0);
619 }
620 
621 /* ---- TTY functions ---- */
622 static void rfcomm_tty_copy_pending(struct rfcomm_dev *dev)
623 {
624  struct tty_struct *tty = dev->port.tty;
625  struct sk_buff *skb;
626  int inserted = 0;
627 
628  if (!tty)
629  return;
630 
631  BT_DBG("dev %p tty %p", dev, tty);
632 
633  rfcomm_dlc_lock(dev->dlc);
634 
635  while ((skb = skb_dequeue(&dev->pending))) {
636  inserted += tty_insert_flip_string(tty, skb->data, skb->len);
637  kfree_skb(skb);
638  }
639 
640  rfcomm_dlc_unlock(dev->dlc);
641 
642  if (inserted > 0)
643  tty_flip_buffer_push(tty);
644 }
645 
646 static int rfcomm_tty_open(struct tty_struct *tty, struct file *filp)
647 {
648  DECLARE_WAITQUEUE(wait, current);
649  struct rfcomm_dev *dev;
650  struct rfcomm_dlc *dlc;
651  unsigned long flags;
652  int err, id;
653 
654  id = tty->index;
655 
656  BT_DBG("tty %p id %d", tty, id);
657 
658  /* We don't leak this refcount. For reasons which are not entirely
659  clear, the TTY layer will call our ->close() method even if the
660  open fails. We decrease the refcount there, and decreasing it
661  here too would cause breakage. */
662  dev = rfcomm_dev_get(id);
663  if (!dev)
664  return -ENODEV;
665 
666  BT_DBG("dev %p dst %s channel %d opened %d", dev, batostr(&dev->dst),
667  dev->channel, dev->port.count);
668 
669  spin_lock_irqsave(&dev->port.lock, flags);
670  if (++dev->port.count > 1) {
671  spin_unlock_irqrestore(&dev->port.lock, flags);
672  return 0;
673  }
674  spin_unlock_irqrestore(&dev->port.lock, flags);
675 
676  dlc = dev->dlc;
677 
678  /* Attach TTY and open DLC */
679 
680  rfcomm_dlc_lock(dlc);
681  tty->driver_data = dev;
682  dev->port.tty = tty;
683  rfcomm_dlc_unlock(dlc);
684  set_bit(RFCOMM_TTY_ATTACHED, &dev->flags);
685 
686  err = rfcomm_dlc_open(dlc, &dev->src, &dev->dst, dev->channel);
687  if (err < 0)
688  return err;
689 
690  /* Wait for DLC to connect */
691  add_wait_queue(&dev->wait, &wait);
692  while (1) {
693  set_current_state(TASK_INTERRUPTIBLE);
694 
695  if (dlc->state == BT_CLOSED) {
696  err = -dev->err;
697  break;
698  }
699 
700  if (dlc->state == BT_CONNECTED)
701  break;
702 
703  if (signal_pending(current)) {
704  err = -EINTR;
705  break;
706  }
707 
708  tty_unlock(tty);
709  schedule();
710  tty_lock(tty);
711  }
712  set_current_state(TASK_RUNNING);
713  remove_wait_queue(&dev->wait, &wait);
714 
715  if (err == 0)
716  device_move(dev->tty_dev, rfcomm_get_device(dev),
717  DPM_ORDER_DEV_AFTER_PARENT);
718 
719  rfcomm_tty_copy_pending(dev);
720 
721  rfcomm_dlc_unthrottle(dev->dlc);
722 
723  return err;
724 }
725 
726 static void rfcomm_tty_close(struct tty_struct *tty, struct file *filp)
727 {
728  struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
729  unsigned long flags;
730 
731  if (!dev)
732  return;
733 
734  BT_DBG("tty %p dev %p dlc %p opened %d", tty, dev, dev->dlc,
735  dev->port.count);
736 
737  spin_lock_irqsave(&dev->port.lock, flags);
738  if (!--dev->port.count) {
739  spin_unlock_irqrestore(&dev->port.lock, flags);
740  if (dev->tty_dev->parent)
741  device_move(dev->tty_dev, NULL, DPM_ORDER_DEV_LAST);
742 
743  /* Close DLC and dettach TTY */
744  rfcomm_dlc_close(dev->dlc, 0);
745 
746  clear_bit(RFCOMM_TTY_ATTACHED, &dev->flags);
747 
748  rfcomm_dlc_lock(dev->dlc);
749  tty->driver_data = NULL;
750  dev->port.tty = NULL;
751  rfcomm_dlc_unlock(dev->dlc);
752 
753  if (test_bit(RFCOMM_TTY_RELEASED, &dev->flags)) {
754  spin_lock(&rfcomm_dev_lock);
755  list_del_init(&dev->list);
756  spin_unlock(&rfcomm_dev_lock);
757 
758  tty_port_put(&dev->port);
759  }
760  } else
761  spin_unlock_irqrestore(&dev->port.lock, flags);
762 
763  tty_port_put(&dev->port);
764 }
765 
766 static int rfcomm_tty_write(struct tty_struct *tty, const unsigned char *buf, int count)
767 {
768  struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
769  struct rfcomm_dlc *dlc = dev->dlc;
770  struct sk_buff *skb;
771  int err = 0, sent = 0, size;
772 
773  BT_DBG("tty %p count %d", tty, count);
774 
775  while (count) {
776  size = min_t(uint, count, dlc->mtu);
777 
778  skb = rfcomm_wmalloc(dev, size + RFCOMM_SKB_RESERVE, GFP_ATOMIC);
779 
780  if (!skb)
781  break;
782 
783  skb_reserve(skb, RFCOMM_SKB_HEAD_RESERVE);
784 
785  memcpy(skb_put(skb, size), buf + sent, size);
786 
787  err = rfcomm_dlc_send(dlc, skb);
788  if (err < 0) {
789  kfree_skb(skb);
790  break;
791  }
792 
793  sent += size;
794  count -= size;
795  }
796 
797  return sent ? sent : err;
798 }
799 
800 static int rfcomm_tty_write_room(struct tty_struct *tty)
801 {
802  struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
803  int room;
804 
805  BT_DBG("tty %p", tty);
806 
807  if (!dev || !dev->dlc)
808  return 0;
809 
810  room = rfcomm_room(dev->dlc) - atomic_read(&dev->wmem_alloc);
811  if (room < 0)
812  room = 0;
813 
814  return room;
815 }
816 
817 static int rfcomm_tty_ioctl(struct tty_struct *tty, unsigned int cmd, unsigned long arg)
818 {
819  BT_DBG("tty %p cmd 0x%02x", tty, cmd);
820 
821  switch (cmd) {
822  case TCGETS:
823  BT_DBG("TCGETS is not supported");
824  return -ENOIOCTLCMD;
825 
826  case TCSETS:
827  BT_DBG("TCSETS is not supported");
828  return -ENOIOCTLCMD;
829 
830  case TIOCMIWAIT:
831  BT_DBG("TIOCMIWAIT");
832  break;
833 
834  case TIOCGSERIAL:
835  BT_ERR("TIOCGSERIAL is not supported");
836  return -ENOIOCTLCMD;
837 
838  case TIOCSSERIAL:
839  BT_ERR("TIOCSSERIAL is not supported");
840  return -ENOIOCTLCMD;
841 
842  case TIOCSERGSTRUCT:
843  BT_ERR("TIOCSERGSTRUCT is not supported");
844  return -ENOIOCTLCMD;
845 
846  case TIOCSERGETLSR:
847  BT_ERR("TIOCSERGETLSR is not supported");
848  return -ENOIOCTLCMD;
849 
850  case TIOCSERCONFIG:
851  BT_ERR("TIOCSERCONFIG is not supported");
852  return -ENOIOCTLCMD;
853 
854  default:
855  return -ENOIOCTLCMD; /* ioctls which we must ignore */
856 
857  }
858 
859  return -ENOIOCTLCMD;
860 }
861 
862 static void rfcomm_tty_set_termios(struct tty_struct *tty, struct ktermios *old)
863 {
864  struct ktermios *new = &tty->termios;
865  int old_baud_rate = tty_termios_baud_rate(old);
866  int new_baud_rate = tty_termios_baud_rate(new);
867 
868  u8 baud, data_bits, stop_bits, parity, x_on, x_off;
869  u16 changes = 0;
870 
871  struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
872 
873  BT_DBG("tty %p termios %p", tty, old);
874 
875  if (!dev || !dev->dlc || !dev->dlc->session)
876  return;
877 
878  /* Handle turning off CRTSCTS */
879  if ((old->c_cflag & CRTSCTS) && !(new->c_cflag & CRTSCTS))
880  BT_DBG("Turning off CRTSCTS unsupported");
881 
882  /* Parity on/off and when on, odd/even */
883  if (((old->c_cflag & PARENB) != (new->c_cflag & PARENB)) ||
884  ((old->c_cflag & PARODD) != (new->c_cflag & PARODD))) {
885  changes |= RFCOMM_RPN_PM_PARITY;
886  BT_DBG("Parity change detected.");
887  }
888 
889  /* Mark and space parity are not supported! */
890  if (new->c_cflag & PARENB) {
891  if (new->c_cflag & PARODD) {
892  BT_DBG("Parity is ODD");
893  parity = RFCOMM_RPN_PARITY_ODD;
894  } else {
895  BT_DBG("Parity is EVEN");
896  parity = RFCOMM_RPN_PARITY_EVEN;
897  }
898  } else {
899  BT_DBG("Parity is OFF");
900  parity = RFCOMM_RPN_PARITY_NONE;
901  }
902 
903  /* Setting the x_on / x_off characters */
904  if (old->c_cc[VSTOP] != new->c_cc[VSTOP]) {
905  BT_DBG("XOFF custom");
906  x_on = new->c_cc[VSTOP];
907  changes |= RFCOMM_RPN_PM_XON;
908  } else {
909  BT_DBG("XOFF default");
910  x_on = RFCOMM_RPN_XON_CHAR;
911  }
912 
913  if (old->c_cc[VSTART] != new->c_cc[VSTART]) {
914  BT_DBG("XON custom");
915  x_off = new->c_cc[VSTART];
916  changes |= RFCOMM_RPN_PM_XOFF;
917  } else {
918  BT_DBG("XON default");
919  x_off = RFCOMM_RPN_XOFF_CHAR;
920  }
921 
922  /* Handle setting of stop bits */
923  if ((old->c_cflag & CSTOPB) != (new->c_cflag & CSTOPB))
924  changes |= RFCOMM_RPN_PM_STOP;
925 
926  /* POSIX does not support 1.5 stop bits and RFCOMM does not
927  * support 2 stop bits. So a request for 2 stop bits gets
928  * translated to 1.5 stop bits */
929  if (new->c_cflag & CSTOPB)
930  stop_bits = RFCOMM_RPN_STOP_15;
931  else
932  stop_bits = RFCOMM_RPN_STOP_1;
933 
934  /* Handle number of data bits [5-8] */
935  if ((old->c_cflag & CSIZE) != (new->c_cflag & CSIZE))
936  changes |= RFCOMM_RPN_PM_DATA;
937 
938  switch (new->c_cflag & CSIZE) {
939  case CS5:
940  data_bits = RFCOMM_RPN_DATA_5;
941  break;
942  case CS6:
943  data_bits = RFCOMM_RPN_DATA_6;
944  break;
945  case CS7:
946  data_bits = RFCOMM_RPN_DATA_7;
947  break;
948  case CS8:
949  data_bits = RFCOMM_RPN_DATA_8;
950  break;
951  default:
952  data_bits = RFCOMM_RPN_DATA_8;
953  break;
954  }
955 
956  /* Handle baudrate settings */
957  if (old_baud_rate != new_baud_rate)
958  changes |= RFCOMM_RPN_PM_BITRATE;
959 
960  switch (new_baud_rate) {
961  case 2400:
962  baud = RFCOMM_RPN_BR_2400;
963  break;
964  case 4800:
965  baud = RFCOMM_RPN_BR_4800;
966  break;
967  case 7200:
968  baud = RFCOMM_RPN_BR_7200;
969  break;
970  case 9600:
971  baud = RFCOMM_RPN_BR_9600;
972  break;
973  case 19200:
974  baud = RFCOMM_RPN_BR_19200;
975  break;
976  case 38400:
977  baud = RFCOMM_RPN_BR_38400;
978  break;
979  case 57600:
980  baud = RFCOMM_RPN_BR_57600;
981  break;
982  case 115200:
983  baud = RFCOMM_RPN_BR_115200;
984  break;
985  case 230400:
986  baud = RFCOMM_RPN_BR_230400;
987  break;
988  default:
989  /* 9600 is standard accordinag to the RFCOMM specification */
990  baud = RFCOMM_RPN_BR_9600;
991  break;
992 
993  }
994 
995  if (changes)
996  rfcomm_send_rpn(dev->dlc->session, 1, dev->dlc->dlci, baud,
997  data_bits, stop_bits, parity,
998  RFCOMM_RPN_FLOW_NONE, x_on, x_off, changes);
999 }
1000 
1001 static void rfcomm_tty_throttle(struct tty_struct *tty)
1002 {
1003  struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1004 
1005  BT_DBG("tty %p dev %p", tty, dev);
1006 
1007  rfcomm_dlc_throttle(dev->dlc);
1008 }
1009 
1010 static void rfcomm_tty_unthrottle(struct tty_struct *tty)
1011 {
1012  struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1013 
1014  BT_DBG("tty %p dev %p", tty, dev);
1015 
1016  rfcomm_dlc_unthrottle(dev->dlc);
1017 }
1018 
1019 static int rfcomm_tty_chars_in_buffer(struct tty_struct *tty)
1020 {
1021  struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1022 
1023  BT_DBG("tty %p dev %p", tty, dev);
1024 
1025  if (!dev || !dev->dlc)
1026  return 0;
1027 
1028  if (!skb_queue_empty(&dev->dlc->tx_queue))
1029  return dev->dlc->mtu;
1030 
1031  return 0;
1032 }
1033 
1034 static void rfcomm_tty_flush_buffer(struct tty_struct *tty)
1035 {
1036  struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1037 
1038  BT_DBG("tty %p dev %p", tty, dev);
1039 
1040  if (!dev || !dev->dlc)
1041  return;
1042 
1043  skb_queue_purge(&dev->dlc->tx_queue);
1044  tty_wakeup(tty);
1045 }
1046 
1047 static void rfcomm_tty_send_xchar(struct tty_struct *tty, char ch)
1048 {
1049  BT_DBG("tty %p ch %c", tty, ch);
1050 }
1051 
1052 static void rfcomm_tty_wait_until_sent(struct tty_struct *tty, int timeout)
1053 {
1054  BT_DBG("tty %p timeout %d", tty, timeout);
1055 }
1056 
1057 static void rfcomm_tty_hangup(struct tty_struct *tty)
1058 {
1059  struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1060 
1061  BT_DBG("tty %p dev %p", tty, dev);
1062 
1063  if (!dev)
1064  return;
1065 
1066  rfcomm_tty_flush_buffer(tty);
1067 
1068  if (test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags)) {
1069  if (rfcomm_dev_get(dev->id) == NULL)
1070  return;
1071  rfcomm_dev_del(dev);
1072  tty_port_put(&dev->port);
1073  }
1074 }
1075 
1076 static int rfcomm_tty_tiocmget(struct tty_struct *tty)
1077 {
1078  struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1079 
1080  BT_DBG("tty %p dev %p", tty, dev);
1081 
1082  return dev->modem_status;
1083 }
1084 
1085 static int rfcomm_tty_tiocmset(struct tty_struct *tty, unsigned int set, unsigned int clear)
1086 {
1087  struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1088  struct rfcomm_dlc *dlc = dev->dlc;
1089  u8 v24_sig;
1090 
1091  BT_DBG("tty %p dev %p set 0x%02x clear 0x%02x", tty, dev, set, clear);
1092 
1093  rfcomm_dlc_get_modem_status(dlc, &v24_sig);
1094 
1095  if (set & TIOCM_DSR || set & TIOCM_DTR)
1096  v24_sig |= RFCOMM_V24_RTC;
1097  if (set & TIOCM_RTS || set & TIOCM_CTS)
1098  v24_sig |= RFCOMM_V24_RTR;
1099  if (set & TIOCM_RI)
1100  v24_sig |= RFCOMM_V24_IC;
1101  if (set & TIOCM_CD)
1102  v24_sig |= RFCOMM_V24_DV;
1103 
1104  if (clear & TIOCM_DSR || clear & TIOCM_DTR)
1105  v24_sig &= ~RFCOMM_V24_RTC;
1106  if (clear & TIOCM_RTS || clear & TIOCM_CTS)
1107  v24_sig &= ~RFCOMM_V24_RTR;
1108  if (clear & TIOCM_RI)
1109  v24_sig &= ~RFCOMM_V24_IC;
1110  if (clear & TIOCM_CD)
1111  v24_sig &= ~RFCOMM_V24_DV;
1112 
1113  rfcomm_dlc_set_modem_status(dlc, v24_sig);
1114 
1115  return 0;
1116 }
1117 
1118 /* ---- TTY structure ---- */
1119 
1120 static const struct tty_operations rfcomm_ops = {
1121  .open = rfcomm_tty_open,
1122  .close = rfcomm_tty_close,
1123  .write = rfcomm_tty_write,
1124  .write_room = rfcomm_tty_write_room,
1125  .chars_in_buffer = rfcomm_tty_chars_in_buffer,
1126  .flush_buffer = rfcomm_tty_flush_buffer,
1127  .ioctl = rfcomm_tty_ioctl,
1128  .throttle = rfcomm_tty_throttle,
1129  .unthrottle = rfcomm_tty_unthrottle,
1130  .set_termios = rfcomm_tty_set_termios,
1131  .send_xchar = rfcomm_tty_send_xchar,
1132  .hangup = rfcomm_tty_hangup,
1133  .wait_until_sent = rfcomm_tty_wait_until_sent,
1134  .tiocmget = rfcomm_tty_tiocmget,
1135  .tiocmset = rfcomm_tty_tiocmset,
1136 };
1137 
1138 int __init rfcomm_init_ttys(void)
1139 {
1140  int error;
1141 
1142  rfcomm_tty_driver = alloc_tty_driver(RFCOMM_TTY_PORTS);
1143  if (!rfcomm_tty_driver)
1144  return -ENOMEM;
1145 
1146  rfcomm_tty_driver->driver_name = "rfcomm";
1147  rfcomm_tty_driver->name = "rfcomm";
1148  rfcomm_tty_driver->major = RFCOMM_TTY_MAJOR;
1149  rfcomm_tty_driver->minor_start = RFCOMM_TTY_MINOR;
1150  rfcomm_tty_driver->type = TTY_DRIVER_TYPE_SERIAL;
1151  rfcomm_tty_driver->subtype = SERIAL_TYPE_NORMAL;
1152  rfcomm_tty_driver->flags = TTY_DRIVER_REAL_RAW | TTY_DRIVER_DYNAMIC_DEV;
1153  rfcomm_tty_driver->init_termios = tty_std_termios;
1154  rfcomm_tty_driver->init_termios.c_cflag = B9600 | CS8 | CREAD | HUPCL | CLOCAL;
1155  rfcomm_tty_driver->init_termios.c_lflag &= ~ICANON;
1156  tty_set_operations(rfcomm_tty_driver, &rfcomm_ops);
1157 
1158  error = tty_register_driver(rfcomm_tty_driver);
1159  if (error) {
1160  BT_ERR("Can't register RFCOMM TTY driver");
1161  put_tty_driver(rfcomm_tty_driver);
1162  return error;
1163  }
1164 
1165  BT_INFO("RFCOMM TTY layer initialized");
1166 
1167  return 0;
1168 }
1169 
1170 void rfcomm_cleanup_ttys(void)
1171 {
1172  tty_unregister_driver(rfcomm_tty_driver);
1173  put_tty_driver(rfcomm_tty_driver);
1174 }
Generated on Thu Jan 10 2013 13:19:27 for Linux Kernel by   doxygen 1.8.2