2 RFCOMM implementation for Linux Bluetooth stack (BlueZ).
3 Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com>
4 Copyright (C) 2002 Marcel Holtmann <marcel@holtmann.org>
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License version 2 as
8 published by the Free Software Foundation;
10 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
11 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
12 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
13 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
14 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
15 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
17 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
20 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
21 SOFTWARE IS DISCLAIMED.
28 #include <linux/module.h>
30 #include <linux/tty.h>
31 #include <linux/tty_driver.h>
32 #include <linux/tty_flip.h>
34 #include <linux/capability.h>
35 #include <linux/slab.h>
36 #include <linux/skbuff.h>
38 #include <net/bluetooth/bluetooth.h>
39 #include <net/bluetooth/hci_core.h>
40 #include <net/bluetooth/rfcomm.h>
42 #ifndef CONFIG_BT_RFCOMM_DEBUG
47 #define RFCOMM_TTY_MAGIC 0x6d02 /* magic number for rfcomm struct */
48 #define RFCOMM_TTY_PORTS RFCOMM_MAX_DEV /* whole lotta rfcomm devices */
49 #define RFCOMM_TTY_MAJOR 216 /* device node major id of the usb/bluetooth.c driver */
50 #define RFCOMM_TTY_MINOR 0
52 static struct tty_driver *rfcomm_tty_driver;
55 struct list_head list;
70 struct rfcomm_dlc *dlc;
71 struct tty_struct *tty;
72 wait_queue_head_t wait;
73 struct tasklet_struct wakeup_task;
75 struct device *tty_dev;
80 static LIST_HEAD(rfcomm_dev_list);
81 static DEFINE_RWLOCK(rfcomm_dev_lock);
83 static void rfcomm_dev_data_ready(struct rfcomm_dlc *dlc, struct sk_buff *skb);
84 static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err);
85 static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig);
87 static void rfcomm_tty_wakeup(unsigned long arg);
89 /* ---- Device functions ---- */
90 static void rfcomm_dev_destruct(struct rfcomm_dev *dev)
92 struct rfcomm_dlc *dlc = dev->dlc;
94 BT_DBG("dev %p dlc %p", dev, dlc);
96 /* Refcount should only hit zero when called from rfcomm_dev_del()
97 which will have taken us off the list. Everything else are
99 BUG_ON(!list_empty(&dev->list));
101 rfcomm_dlc_lock(dlc);
102 /* Detach DLC if it's owned by this dev */
103 if (dlc->owner == dev)
105 rfcomm_dlc_unlock(dlc);
109 tty_unregister_device(rfcomm_tty_driver, dev->id);
113 /* It's safe to call module_put() here because socket still
114 holds reference to this module. */
115 module_put(THIS_MODULE);
118 static inline void rfcomm_dev_hold(struct rfcomm_dev *dev)
120 atomic_inc(&dev->refcnt);
123 static inline void rfcomm_dev_put(struct rfcomm_dev *dev)
125 /* The reason this isn't actually a race, as you no
126 doubt have a little voice screaming at you in your
127 head, is that the refcount should never actually
128 reach zero unless the device has already been taken
129 off the list, in rfcomm_dev_del(). And if that's not
130 true, we'll hit the BUG() in rfcomm_dev_destruct()
132 if (atomic_dec_and_test(&dev->refcnt))
133 rfcomm_dev_destruct(dev);
136 static struct rfcomm_dev *__rfcomm_dev_get(int id)
138 struct rfcomm_dev *dev;
141 list_for_each(p, &rfcomm_dev_list) {
142 dev = list_entry(p, struct rfcomm_dev, list);
150 static inline struct rfcomm_dev *rfcomm_dev_get(int id)
152 struct rfcomm_dev *dev;
154 read_lock(&rfcomm_dev_lock);
156 dev = __rfcomm_dev_get(id);
159 if (test_bit(RFCOMM_TTY_RELEASED, &dev->flags))
162 rfcomm_dev_hold(dev);
165 read_unlock(&rfcomm_dev_lock);
170 static struct device *rfcomm_get_device(struct rfcomm_dev *dev)
172 struct hci_dev *hdev;
173 struct hci_conn *conn;
175 hdev = hci_get_route(&dev->dst, &dev->src);
179 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &dev->dst);
183 return conn ? &conn->dev : NULL;
186 static ssize_t show_address(struct device *tty_dev, struct device_attribute *attr, char *buf)
188 struct rfcomm_dev *dev = dev_get_drvdata(tty_dev);
190 baswap(&bdaddr, &dev->dst);
191 return sprintf(buf, "%s\n", batostr(&bdaddr));
194 static ssize_t show_channel(struct device *tty_dev, struct device_attribute *attr, char *buf)
196 struct rfcomm_dev *dev = dev_get_drvdata(tty_dev);
197 return sprintf(buf, "%d\n", dev->channel);
200 static DEVICE_ATTR(address, S_IRUGO, show_address, NULL);
201 static DEVICE_ATTR(channel, S_IRUGO, show_channel, NULL);
203 static int rfcomm_dev_add(struct rfcomm_dev_req *req, struct rfcomm_dlc *dlc)
205 struct rfcomm_dev *dev;
206 struct list_head *head = &rfcomm_dev_list, *p;
209 BT_DBG("id %d channel %d", req->dev_id, req->channel);
211 dev = kzalloc(sizeof(struct rfcomm_dev), GFP_KERNEL);
215 write_lock_bh(&rfcomm_dev_lock);
217 if (req->dev_id < 0) {
220 list_for_each(p, &rfcomm_dev_list) {
221 if (list_entry(p, struct rfcomm_dev, list)->id != dev->id)
228 dev->id = req->dev_id;
230 list_for_each(p, &rfcomm_dev_list) {
231 struct rfcomm_dev *entry = list_entry(p, struct rfcomm_dev, list);
233 if (entry->id == dev->id) {
238 if (entry->id > dev->id - 1)
245 if ((dev->id < 0) || (dev->id > RFCOMM_MAX_DEV - 1)) {
250 sprintf(dev->name, "rfcomm%d", dev->id);
252 list_add(&dev->list, head);
253 atomic_set(&dev->refcnt, 1);
255 bacpy(&dev->src, &req->src);
256 bacpy(&dev->dst, &req->dst);
257 dev->channel = req->channel;
259 dev->flags = req->flags &
260 ((1 << RFCOMM_RELEASE_ONHUP) | (1 << RFCOMM_REUSE_DLC));
262 init_waitqueue_head(&dev->wait);
263 tasklet_init(&dev->wakeup_task, rfcomm_tty_wakeup, (unsigned long) dev);
265 rfcomm_dlc_lock(dlc);
266 dlc->data_ready = rfcomm_dev_data_ready;
267 dlc->state_change = rfcomm_dev_state_change;
268 dlc->modem_status = rfcomm_dev_modem_status;
272 rfcomm_dlc_unlock(dlc);
274 /* It's safe to call __module_get() here because socket already
275 holds reference to this module. */
276 __module_get(THIS_MODULE);
279 write_unlock_bh(&rfcomm_dev_lock);
286 dev->tty_dev = tty_register_device(rfcomm_tty_driver, dev->id, NULL);
288 if (IS_ERR(dev->tty_dev)) {
289 err = PTR_ERR(dev->tty_dev);
290 list_del(&dev->list);
295 dev_set_drvdata(dev->tty_dev, dev);
297 if (device_create_file(dev->tty_dev, &dev_attr_address) < 0)
298 BT_ERR("Failed to create address attribute");
300 if (device_create_file(dev->tty_dev, &dev_attr_channel) < 0)
301 BT_ERR("Failed to create channel attribute");
306 static void rfcomm_dev_del(struct rfcomm_dev *dev)
308 BT_DBG("dev %p", dev);
310 if (test_bit(RFCOMM_TTY_RELEASED, &dev->flags))
313 set_bit(RFCOMM_TTY_RELEASED, &dev->flags);
315 write_lock_bh(&rfcomm_dev_lock);
316 list_del_init(&dev->list);
317 write_unlock_bh(&rfcomm_dev_lock);
322 /* ---- Send buffer ---- */
323 static inline unsigned int rfcomm_room(struct rfcomm_dlc *dlc)
325 /* We can't let it be zero, because we don't get a callback
326 when tx_credits becomes nonzero, hence we'd never wake up */
327 return dlc->mtu * (dlc->tx_credits?:1);
330 static void rfcomm_wfree(struct sk_buff *skb)
332 struct rfcomm_dev *dev = (void *) skb->sk;
333 atomic_sub(skb->truesize, &dev->wmem_alloc);
334 if (test_bit(RFCOMM_TTY_ATTACHED, &dev->flags))
335 tasklet_schedule(&dev->wakeup_task);
339 static inline void rfcomm_set_owner_w(struct sk_buff *skb, struct rfcomm_dev *dev)
341 rfcomm_dev_hold(dev);
342 atomic_add(skb->truesize, &dev->wmem_alloc);
343 skb->sk = (void *) dev;
344 skb->destructor = rfcomm_wfree;
347 static struct sk_buff *rfcomm_wmalloc(struct rfcomm_dev *dev, unsigned long size, gfp_t priority)
349 if (atomic_read(&dev->wmem_alloc) < rfcomm_room(dev->dlc)) {
350 struct sk_buff *skb = alloc_skb(size, priority);
352 rfcomm_set_owner_w(skb, dev);
359 /* ---- Device IOCTLs ---- */
361 #define NOCAP_FLAGS ((1 << RFCOMM_REUSE_DLC) | (1 << RFCOMM_RELEASE_ONHUP))
363 static int rfcomm_create_dev(struct sock *sk, void __user *arg)
365 struct rfcomm_dev_req req;
366 struct rfcomm_dlc *dlc;
369 if (copy_from_user(&req, arg, sizeof(req)))
372 BT_DBG("sk %p dev_id %d flags 0x%x", sk, req.dev_id, req.flags);
374 if (req.flags != NOCAP_FLAGS && !capable(CAP_NET_ADMIN))
377 if (req.flags & (1 << RFCOMM_REUSE_DLC)) {
378 /* Socket must be connected */
379 if (sk->sk_state != BT_CONNECTED)
382 dlc = rfcomm_pi(sk)->dlc;
383 rfcomm_dlc_hold(dlc);
385 dlc = rfcomm_dlc_alloc(GFP_KERNEL);
390 id = rfcomm_dev_add(&req, dlc);
396 if (req.flags & (1 << RFCOMM_REUSE_DLC)) {
397 /* DLC is now used by device.
398 * Socket must be disconnected */
399 sk->sk_state = BT_CLOSED;
405 static int rfcomm_release_dev(void __user *arg)
407 struct rfcomm_dev_req req;
408 struct rfcomm_dev *dev;
410 if (copy_from_user(&req, arg, sizeof(req)))
413 BT_DBG("dev_id %d flags 0x%x", req.dev_id, req.flags);
415 if (!(dev = rfcomm_dev_get(req.dev_id)))
418 if (dev->flags != NOCAP_FLAGS && !capable(CAP_NET_ADMIN)) {
423 if (req.flags & (1 << RFCOMM_HANGUP_NOW))
424 rfcomm_dlc_close(dev->dlc, 0);
426 /* Shut down TTY synchronously before freeing rfcomm_dev */
428 tty_vhangup(dev->tty);
430 if (!test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags))
436 static int rfcomm_get_dev_list(void __user *arg)
438 struct rfcomm_dev_list_req *dl;
439 struct rfcomm_dev_info *di;
441 int n = 0, size, err;
446 if (get_user(dev_num, (u16 __user *) arg))
449 if (!dev_num || dev_num > (PAGE_SIZE * 4) / sizeof(*di))
452 size = sizeof(*dl) + dev_num * sizeof(*di);
454 if (!(dl = kmalloc(size, GFP_KERNEL)))
459 read_lock_bh(&rfcomm_dev_lock);
461 list_for_each(p, &rfcomm_dev_list) {
462 struct rfcomm_dev *dev = list_entry(p, struct rfcomm_dev, list);
463 if (test_bit(RFCOMM_TTY_RELEASED, &dev->flags))
465 (di + n)->id = dev->id;
466 (di + n)->flags = dev->flags;
467 (di + n)->state = dev->dlc->state;
468 (di + n)->channel = dev->channel;
469 bacpy(&(di + n)->src, &dev->src);
470 bacpy(&(di + n)->dst, &dev->dst);
475 read_unlock_bh(&rfcomm_dev_lock);
478 size = sizeof(*dl) + n * sizeof(*di);
480 err = copy_to_user(arg, dl, size);
483 return err ? -EFAULT : 0;
486 static int rfcomm_get_dev_info(void __user *arg)
488 struct rfcomm_dev *dev;
489 struct rfcomm_dev_info di;
494 if (copy_from_user(&di, arg, sizeof(di)))
497 if (!(dev = rfcomm_dev_get(di.id)))
500 di.flags = dev->flags;
501 di.channel = dev->channel;
502 di.state = dev->dlc->state;
503 bacpy(&di.src, &dev->src);
504 bacpy(&di.dst, &dev->dst);
506 if (copy_to_user(arg, &di, sizeof(di)))
513 int rfcomm_dev_ioctl(struct sock *sk, unsigned int cmd, void __user *arg)
515 BT_DBG("cmd %d arg %p", cmd, arg);
518 case RFCOMMCREATEDEV:
519 return rfcomm_create_dev(sk, arg);
521 case RFCOMMRELEASEDEV:
522 return rfcomm_release_dev(arg);
524 case RFCOMMGETDEVLIST:
525 return rfcomm_get_dev_list(arg);
527 case RFCOMMGETDEVINFO:
528 return rfcomm_get_dev_info(arg);
534 /* ---- DLC callbacks ---- */
535 static void rfcomm_dev_data_ready(struct rfcomm_dlc *dlc, struct sk_buff *skb)
537 struct rfcomm_dev *dev = dlc->owner;
538 struct tty_struct *tty;
540 if (!dev || !(tty = dev->tty)) {
545 BT_DBG("dlc %p tty %p len %d", dlc, tty, skb->len);
547 tty_insert_flip_string(tty, skb->data, skb->len);
548 tty_flip_buffer_push(tty);
553 static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err)
555 struct rfcomm_dev *dev = dlc->owner;
559 BT_DBG("dlc %p dev %p err %d", dlc, dev, err);
562 wake_up_interruptible(&dev->wait);
564 if (dlc->state == BT_CLOSED) {
566 if (test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags)) {
567 /* Drop DLC lock here to avoid deadlock
568 * 1. rfcomm_dev_get will take rfcomm_dev_lock
569 * but in rfcomm_dev_add there's lock order:
570 * rfcomm_dev_lock -> dlc lock
571 * 2. rfcomm_dev_put will deadlock if it's
574 rfcomm_dlc_unlock(dlc);
575 if (rfcomm_dev_get(dev->id) == NULL) {
576 rfcomm_dlc_lock(dlc);
582 rfcomm_dlc_lock(dlc);
585 tty_hangup(dev->tty);
589 static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig)
591 struct rfcomm_dev *dev = dlc->owner;
595 BT_DBG("dlc %p dev %p v24_sig 0x%02x", dlc, dev, v24_sig);
597 if ((dev->modem_status & TIOCM_CD) && !(v24_sig & RFCOMM_V24_DV)) {
598 if (dev->tty && !C_CLOCAL(dev->tty))
599 tty_hangup(dev->tty);
603 ((v24_sig & RFCOMM_V24_RTC) ? (TIOCM_DSR | TIOCM_DTR) : 0) |
604 ((v24_sig & RFCOMM_V24_RTR) ? (TIOCM_RTS | TIOCM_CTS) : 0) |
605 ((v24_sig & RFCOMM_V24_IC) ? TIOCM_RI : 0) |
606 ((v24_sig & RFCOMM_V24_DV) ? TIOCM_CD : 0);
609 /* ---- TTY functions ---- */
610 static void rfcomm_tty_wakeup(unsigned long arg)
612 struct rfcomm_dev *dev = (void *) arg;
613 struct tty_struct *tty = dev->tty;
617 BT_DBG("dev %p tty %p", dev, tty);
619 if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags) && tty->ldisc.write_wakeup)
620 (tty->ldisc.write_wakeup)(tty);
622 wake_up_interruptible(&tty->write_wait);
623 #ifdef SERIAL_HAVE_POLL_WAIT
624 wake_up_interruptible(&tty->poll_wait);
628 static int rfcomm_tty_open(struct tty_struct *tty, struct file *filp)
630 DECLARE_WAITQUEUE(wait, current);
631 struct rfcomm_dev *dev;
632 struct rfcomm_dlc *dlc;
637 BT_DBG("tty %p id %d", tty, id);
639 /* We don't leak this refcount. For reasons which are not entirely
640 clear, the TTY layer will call our ->close() method even if the
641 open fails. We decrease the refcount there, and decreasing it
642 here too would cause breakage. */
643 dev = rfcomm_dev_get(id);
647 BT_DBG("dev %p dst %s channel %d opened %d", dev, batostr(&dev->dst), dev->channel, dev->opened);
649 if (dev->opened++ != 0)
654 /* Attach TTY and open DLC */
656 rfcomm_dlc_lock(dlc);
657 tty->driver_data = dev;
659 rfcomm_dlc_unlock(dlc);
660 set_bit(RFCOMM_TTY_ATTACHED, &dev->flags);
662 err = rfcomm_dlc_open(dlc, &dev->src, &dev->dst, dev->channel);
666 /* Wait for DLC to connect */
667 add_wait_queue(&dev->wait, &wait);
669 set_current_state(TASK_INTERRUPTIBLE);
671 if (dlc->state == BT_CLOSED) {
676 if (dlc->state == BT_CONNECTED)
679 if (signal_pending(current)) {
686 set_current_state(TASK_RUNNING);
687 remove_wait_queue(&dev->wait, &wait);
690 device_move(dev->tty_dev, rfcomm_get_device(dev));
695 static void rfcomm_tty_close(struct tty_struct *tty, struct file *filp)
697 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
701 BT_DBG("tty %p dev %p dlc %p opened %d", tty, dev, dev->dlc, dev->opened);
703 if (--dev->opened == 0) {
704 if (dev->tty_dev->parent)
705 device_move(dev->tty_dev, NULL);
707 /* Close DLC and dettach TTY */
708 rfcomm_dlc_close(dev->dlc, 0);
710 clear_bit(RFCOMM_TTY_ATTACHED, &dev->flags);
711 tasklet_kill(&dev->wakeup_task);
713 rfcomm_dlc_lock(dev->dlc);
714 tty->driver_data = NULL;
716 rfcomm_dlc_unlock(dev->dlc);
722 static int rfcomm_tty_write(struct tty_struct *tty, const unsigned char *buf, int count)
724 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
725 struct rfcomm_dlc *dlc = dev->dlc;
727 int err = 0, sent = 0, size;
729 BT_DBG("tty %p count %d", tty, count);
732 size = min_t(uint, count, dlc->mtu);
734 skb = rfcomm_wmalloc(dev, size + RFCOMM_SKB_RESERVE, GFP_ATOMIC);
739 skb_reserve(skb, RFCOMM_SKB_HEAD_RESERVE);
741 memcpy(skb_put(skb, size), buf + sent, size);
743 if ((err = rfcomm_dlc_send(dlc, skb)) < 0) {
752 return sent ? sent : err;
755 static int rfcomm_tty_write_room(struct tty_struct *tty)
757 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
760 BT_DBG("tty %p", tty);
762 if (!dev || !dev->dlc)
765 room = rfcomm_room(dev->dlc) - atomic_read(&dev->wmem_alloc);
772 static int rfcomm_tty_ioctl(struct tty_struct *tty, struct file *filp, unsigned int cmd, unsigned long arg)
774 BT_DBG("tty %p cmd 0x%02x", tty, cmd);
778 BT_DBG("TCGETS is not supported");
782 BT_DBG("TCSETS is not supported");
786 BT_DBG("TIOCMIWAIT");
790 BT_DBG("TIOCGICOUNT");
794 BT_ERR("TIOCGSERIAL is not supported");
798 BT_ERR("TIOCSSERIAL is not supported");
802 BT_ERR("TIOCSERGSTRUCT is not supported");
806 BT_ERR("TIOCSERGETLSR is not supported");
810 BT_ERR("TIOCSERCONFIG is not supported");
814 return -ENOIOCTLCMD; /* ioctls which we must ignore */
821 static void rfcomm_tty_set_termios(struct tty_struct *tty, struct ktermios *old)
823 struct ktermios *new = tty->termios;
824 int old_baud_rate = tty_termios_baud_rate(old);
825 int new_baud_rate = tty_termios_baud_rate(new);
827 u8 baud, data_bits, stop_bits, parity, x_on, x_off;
830 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
832 BT_DBG("tty %p termios %p", tty, old);
834 if (!dev || !dev->dlc || !dev->dlc->session)
837 /* Handle turning off CRTSCTS */
838 if ((old->c_cflag & CRTSCTS) && !(new->c_cflag & CRTSCTS))
839 BT_DBG("Turning off CRTSCTS unsupported");
841 /* Parity on/off and when on, odd/even */
842 if (((old->c_cflag & PARENB) != (new->c_cflag & PARENB)) ||
843 ((old->c_cflag & PARODD) != (new->c_cflag & PARODD)) ) {
844 changes |= RFCOMM_RPN_PM_PARITY;
845 BT_DBG("Parity change detected.");
848 /* Mark and space parity are not supported! */
849 if (new->c_cflag & PARENB) {
850 if (new->c_cflag & PARODD) {
851 BT_DBG("Parity is ODD");
852 parity = RFCOMM_RPN_PARITY_ODD;
854 BT_DBG("Parity is EVEN");
855 parity = RFCOMM_RPN_PARITY_EVEN;
858 BT_DBG("Parity is OFF");
859 parity = RFCOMM_RPN_PARITY_NONE;
862 /* Setting the x_on / x_off characters */
863 if (old->c_cc[VSTOP] != new->c_cc[VSTOP]) {
864 BT_DBG("XOFF custom");
865 x_on = new->c_cc[VSTOP];
866 changes |= RFCOMM_RPN_PM_XON;
868 BT_DBG("XOFF default");
869 x_on = RFCOMM_RPN_XON_CHAR;
872 if (old->c_cc[VSTART] != new->c_cc[VSTART]) {
873 BT_DBG("XON custom");
874 x_off = new->c_cc[VSTART];
875 changes |= RFCOMM_RPN_PM_XOFF;
877 BT_DBG("XON default");
878 x_off = RFCOMM_RPN_XOFF_CHAR;
881 /* Handle setting of stop bits */
882 if ((old->c_cflag & CSTOPB) != (new->c_cflag & CSTOPB))
883 changes |= RFCOMM_RPN_PM_STOP;
885 /* POSIX does not support 1.5 stop bits and RFCOMM does not
886 * support 2 stop bits. So a request for 2 stop bits gets
887 * translated to 1.5 stop bits */
888 if (new->c_cflag & CSTOPB) {
889 stop_bits = RFCOMM_RPN_STOP_15;
891 stop_bits = RFCOMM_RPN_STOP_1;
894 /* Handle number of data bits [5-8] */
895 if ((old->c_cflag & CSIZE) != (new->c_cflag & CSIZE))
896 changes |= RFCOMM_RPN_PM_DATA;
898 switch (new->c_cflag & CSIZE) {
900 data_bits = RFCOMM_RPN_DATA_5;
903 data_bits = RFCOMM_RPN_DATA_6;
906 data_bits = RFCOMM_RPN_DATA_7;
909 data_bits = RFCOMM_RPN_DATA_8;
912 data_bits = RFCOMM_RPN_DATA_8;
916 /* Handle baudrate settings */
917 if (old_baud_rate != new_baud_rate)
918 changes |= RFCOMM_RPN_PM_BITRATE;
920 switch (new_baud_rate) {
922 baud = RFCOMM_RPN_BR_2400;
925 baud = RFCOMM_RPN_BR_4800;
928 baud = RFCOMM_RPN_BR_7200;
931 baud = RFCOMM_RPN_BR_9600;
934 baud = RFCOMM_RPN_BR_19200;
937 baud = RFCOMM_RPN_BR_38400;
940 baud = RFCOMM_RPN_BR_57600;
943 baud = RFCOMM_RPN_BR_115200;
946 baud = RFCOMM_RPN_BR_230400;
949 /* 9600 is standard accordinag to the RFCOMM specification */
950 baud = RFCOMM_RPN_BR_9600;
956 rfcomm_send_rpn(dev->dlc->session, 1, dev->dlc->dlci, baud,
957 data_bits, stop_bits, parity,
958 RFCOMM_RPN_FLOW_NONE, x_on, x_off, changes);
963 static void rfcomm_tty_throttle(struct tty_struct *tty)
965 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
967 BT_DBG("tty %p dev %p", tty, dev);
969 rfcomm_dlc_throttle(dev->dlc);
972 static void rfcomm_tty_unthrottle(struct tty_struct *tty)
974 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
976 BT_DBG("tty %p dev %p", tty, dev);
978 rfcomm_dlc_unthrottle(dev->dlc);
981 static int rfcomm_tty_chars_in_buffer(struct tty_struct *tty)
983 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
985 BT_DBG("tty %p dev %p", tty, dev);
987 if (!dev || !dev->dlc)
990 if (!skb_queue_empty(&dev->dlc->tx_queue))
991 return dev->dlc->mtu;
996 static void rfcomm_tty_flush_buffer(struct tty_struct *tty)
998 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1000 BT_DBG("tty %p dev %p", tty, dev);
1002 if (!dev || !dev->dlc)
1005 skb_queue_purge(&dev->dlc->tx_queue);
1007 if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags) && tty->ldisc.write_wakeup)
1008 tty->ldisc.write_wakeup(tty);
1011 static void rfcomm_tty_send_xchar(struct tty_struct *tty, char ch)
1013 BT_DBG("tty %p ch %c", tty, ch);
1016 static void rfcomm_tty_wait_until_sent(struct tty_struct *tty, int timeout)
1018 BT_DBG("tty %p timeout %d", tty, timeout);
1021 static void rfcomm_tty_hangup(struct tty_struct *tty)
1023 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1025 BT_DBG("tty %p dev %p", tty, dev);
1030 rfcomm_tty_flush_buffer(tty);
1032 if (test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags)) {
1033 if (rfcomm_dev_get(dev->id) == NULL)
1035 rfcomm_dev_del(dev);
1036 rfcomm_dev_put(dev);
1040 static int rfcomm_tty_read_proc(char *buf, char **start, off_t offset, int len, int *eof, void *unused)
1045 static int rfcomm_tty_tiocmget(struct tty_struct *tty, struct file *filp)
1047 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1049 BT_DBG("tty %p dev %p", tty, dev);
1051 return dev->modem_status;
1054 static int rfcomm_tty_tiocmset(struct tty_struct *tty, struct file *filp, unsigned int set, unsigned int clear)
1056 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1057 struct rfcomm_dlc *dlc = dev->dlc;
1060 BT_DBG("tty %p dev %p set 0x%02x clear 0x%02x", tty, dev, set, clear);
1062 rfcomm_dlc_get_modem_status(dlc, &v24_sig);
1064 if (set & TIOCM_DSR || set & TIOCM_DTR)
1065 v24_sig |= RFCOMM_V24_RTC;
1066 if (set & TIOCM_RTS || set & TIOCM_CTS)
1067 v24_sig |= RFCOMM_V24_RTR;
1069 v24_sig |= RFCOMM_V24_IC;
1071 v24_sig |= RFCOMM_V24_DV;
1073 if (clear & TIOCM_DSR || clear & TIOCM_DTR)
1074 v24_sig &= ~RFCOMM_V24_RTC;
1075 if (clear & TIOCM_RTS || clear & TIOCM_CTS)
1076 v24_sig &= ~RFCOMM_V24_RTR;
1077 if (clear & TIOCM_RI)
1078 v24_sig &= ~RFCOMM_V24_IC;
1079 if (clear & TIOCM_CD)
1080 v24_sig &= ~RFCOMM_V24_DV;
1082 rfcomm_dlc_set_modem_status(dlc, v24_sig);
1087 /* ---- TTY structure ---- */
1089 static const struct tty_operations rfcomm_ops = {
1090 .open = rfcomm_tty_open,
1091 .close = rfcomm_tty_close,
1092 .write = rfcomm_tty_write,
1093 .write_room = rfcomm_tty_write_room,
1094 .chars_in_buffer = rfcomm_tty_chars_in_buffer,
1095 .flush_buffer = rfcomm_tty_flush_buffer,
1096 .ioctl = rfcomm_tty_ioctl,
1097 .throttle = rfcomm_tty_throttle,
1098 .unthrottle = rfcomm_tty_unthrottle,
1099 .set_termios = rfcomm_tty_set_termios,
1100 .send_xchar = rfcomm_tty_send_xchar,
1101 .hangup = rfcomm_tty_hangup,
1102 .wait_until_sent = rfcomm_tty_wait_until_sent,
1103 .read_proc = rfcomm_tty_read_proc,
1104 .tiocmget = rfcomm_tty_tiocmget,
1105 .tiocmset = rfcomm_tty_tiocmset,
1108 int rfcomm_init_ttys(void)
1110 rfcomm_tty_driver = alloc_tty_driver(RFCOMM_TTY_PORTS);
1111 if (!rfcomm_tty_driver)
1114 rfcomm_tty_driver->owner = THIS_MODULE;
1115 rfcomm_tty_driver->driver_name = "rfcomm";
1116 rfcomm_tty_driver->name = "rfcomm";
1117 rfcomm_tty_driver->major = RFCOMM_TTY_MAJOR;
1118 rfcomm_tty_driver->minor_start = RFCOMM_TTY_MINOR;
1119 rfcomm_tty_driver->type = TTY_DRIVER_TYPE_SERIAL;
1120 rfcomm_tty_driver->subtype = SERIAL_TYPE_NORMAL;
1121 rfcomm_tty_driver->flags = TTY_DRIVER_REAL_RAW | TTY_DRIVER_DYNAMIC_DEV;
1122 rfcomm_tty_driver->init_termios = tty_std_termios;
1123 rfcomm_tty_driver->init_termios.c_cflag = B9600 | CS8 | CREAD | HUPCL | CLOCAL;
1124 tty_set_operations(rfcomm_tty_driver, &rfcomm_ops);
1126 if (tty_register_driver(rfcomm_tty_driver)) {
1127 BT_ERR("Can't register RFCOMM TTY driver");
1128 put_tty_driver(rfcomm_tty_driver);
1132 BT_INFO("RFCOMM TTY layer initialized");
1137 void rfcomm_cleanup_ttys(void)
1139 tty_unregister_driver(rfcomm_tty_driver);
1140 put_tty_driver(rfcomm_tty_driver);