fix a kmap leak in virtio_console
[linux/fpc-iii.git] / net / bluetooth / rfcomm / tty.c
blobf9c0980abeeac9eaf1d94d70f3e001fd6e1f0870
1 /*
2 RFCOMM implementation for Linux Bluetooth stack (BlueZ).
3 Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com>
4 Copyright (C) 2002 Marcel Holtmann <marcel@holtmann.org>
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License version 2 as
8 published by the Free Software Foundation;
10 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
11 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
12 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
13 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
14 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
15 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
17 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
20 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
21 SOFTWARE IS DISCLAIMED.
25 * RFCOMM TTY.
28 #include <linux/module.h>
30 #include <linux/tty.h>
31 #include <linux/tty_driver.h>
32 #include <linux/tty_flip.h>
34 #include <net/bluetooth/bluetooth.h>
35 #include <net/bluetooth/hci_core.h>
36 #include <net/bluetooth/rfcomm.h>
38 #define RFCOMM_TTY_MAGIC 0x6d02 /* magic number for rfcomm struct */
39 #define RFCOMM_TTY_PORTS RFCOMM_MAX_DEV /* whole lotta rfcomm devices */
40 #define RFCOMM_TTY_MAJOR 216 /* device node major id of the usb/bluetooth.c driver */
41 #define RFCOMM_TTY_MINOR 0
43 static struct tty_driver *rfcomm_tty_driver;
45 struct rfcomm_dev {
46 struct tty_port port;
47 struct list_head list;
49 char name[12];
50 int id;
51 unsigned long flags;
52 int err;
54 bdaddr_t src;
55 bdaddr_t dst;
56 u8 channel;
58 uint modem_status;
60 struct rfcomm_dlc *dlc;
61 wait_queue_head_t conn_wait;
63 struct device *tty_dev;
65 atomic_t wmem_alloc;
67 struct sk_buff_head pending;
70 static LIST_HEAD(rfcomm_dev_list);
71 static DEFINE_SPINLOCK(rfcomm_dev_lock);
73 static void rfcomm_dev_data_ready(struct rfcomm_dlc *dlc, struct sk_buff *skb);
74 static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err);
75 static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig);
77 /* ---- Device functions ---- */
79 static void rfcomm_dev_destruct(struct tty_port *port)
81 struct rfcomm_dev *dev = container_of(port, struct rfcomm_dev, port);
82 struct rfcomm_dlc *dlc = dev->dlc;
84 BT_DBG("dev %p dlc %p", dev, dlc);
86 spin_lock(&rfcomm_dev_lock);
87 list_del(&dev->list);
88 spin_unlock(&rfcomm_dev_lock);
90 rfcomm_dlc_lock(dlc);
91 /* Detach DLC if it's owned by this dev */
92 if (dlc->owner == dev)
93 dlc->owner = NULL;
94 rfcomm_dlc_unlock(dlc);
96 rfcomm_dlc_put(dlc);
98 tty_unregister_device(rfcomm_tty_driver, dev->id);
100 kfree(dev);
102 /* It's safe to call module_put() here because socket still
103 holds reference to this module. */
104 module_put(THIS_MODULE);
107 static struct device *rfcomm_get_device(struct rfcomm_dev *dev)
109 struct hci_dev *hdev;
110 struct hci_conn *conn;
112 hdev = hci_get_route(&dev->dst, &dev->src);
113 if (!hdev)
114 return NULL;
116 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &dev->dst);
118 hci_dev_put(hdev);
120 return conn ? &conn->dev : NULL;
123 /* device-specific initialization: open the dlc */
124 static int rfcomm_dev_activate(struct tty_port *port, struct tty_struct *tty)
126 struct rfcomm_dev *dev = container_of(port, struct rfcomm_dev, port);
127 DEFINE_WAIT(wait);
128 int err;
130 err = rfcomm_dlc_open(dev->dlc, &dev->src, &dev->dst, dev->channel);
131 if (err)
132 return err;
134 while (1) {
135 prepare_to_wait(&dev->conn_wait, &wait, TASK_INTERRUPTIBLE);
137 if (dev->dlc->state == BT_CLOSED) {
138 err = -dev->err;
139 break;
142 if (dev->dlc->state == BT_CONNECTED)
143 break;
145 if (signal_pending(current)) {
146 err = -ERESTARTSYS;
147 break;
150 tty_unlock(tty);
151 schedule();
152 tty_lock(tty);
154 finish_wait(&dev->conn_wait, &wait);
156 if (!err)
157 device_move(dev->tty_dev, rfcomm_get_device(dev),
158 DPM_ORDER_DEV_AFTER_PARENT);
160 return err;
163 /* device-specific cleanup: close the dlc */
164 static void rfcomm_dev_shutdown(struct tty_port *port)
166 struct rfcomm_dev *dev = container_of(port, struct rfcomm_dev, port);
168 if (dev->tty_dev->parent)
169 device_move(dev->tty_dev, NULL, DPM_ORDER_DEV_LAST);
171 /* close the dlc */
172 rfcomm_dlc_close(dev->dlc, 0);
175 static const struct tty_port_operations rfcomm_port_ops = {
176 .destruct = rfcomm_dev_destruct,
177 .activate = rfcomm_dev_activate,
178 .shutdown = rfcomm_dev_shutdown,
181 static struct rfcomm_dev *__rfcomm_dev_get(int id)
183 struct rfcomm_dev *dev;
185 list_for_each_entry(dev, &rfcomm_dev_list, list)
186 if (dev->id == id)
187 return dev;
189 return NULL;
192 static struct rfcomm_dev *rfcomm_dev_get(int id)
194 struct rfcomm_dev *dev;
196 spin_lock(&rfcomm_dev_lock);
198 dev = __rfcomm_dev_get(id);
200 if (dev) {
201 if (test_bit(RFCOMM_TTY_RELEASED, &dev->flags))
202 dev = NULL;
203 else
204 tty_port_get(&dev->port);
207 spin_unlock(&rfcomm_dev_lock);
209 return dev;
212 static ssize_t show_address(struct device *tty_dev, struct device_attribute *attr, char *buf)
214 struct rfcomm_dev *dev = dev_get_drvdata(tty_dev);
215 return sprintf(buf, "%pMR\n", &dev->dst);
218 static ssize_t show_channel(struct device *tty_dev, struct device_attribute *attr, char *buf)
220 struct rfcomm_dev *dev = dev_get_drvdata(tty_dev);
221 return sprintf(buf, "%d\n", dev->channel);
224 static DEVICE_ATTR(address, S_IRUGO, show_address, NULL);
225 static DEVICE_ATTR(channel, S_IRUGO, show_channel, NULL);
227 static int rfcomm_dev_add(struct rfcomm_dev_req *req, struct rfcomm_dlc *dlc)
229 struct rfcomm_dev *dev, *entry;
230 struct list_head *head = &rfcomm_dev_list;
231 int err = 0;
233 BT_DBG("id %d channel %d", req->dev_id, req->channel);
235 dev = kzalloc(sizeof(struct rfcomm_dev), GFP_KERNEL);
236 if (!dev)
237 return -ENOMEM;
239 spin_lock(&rfcomm_dev_lock);
241 if (req->dev_id < 0) {
242 dev->id = 0;
244 list_for_each_entry(entry, &rfcomm_dev_list, list) {
245 if (entry->id != dev->id)
246 break;
248 dev->id++;
249 head = &entry->list;
251 } else {
252 dev->id = req->dev_id;
254 list_for_each_entry(entry, &rfcomm_dev_list, list) {
255 if (entry->id == dev->id) {
256 err = -EADDRINUSE;
257 goto out;
260 if (entry->id > dev->id - 1)
261 break;
263 head = &entry->list;
267 if ((dev->id < 0) || (dev->id > RFCOMM_MAX_DEV - 1)) {
268 err = -ENFILE;
269 goto out;
272 sprintf(dev->name, "rfcomm%d", dev->id);
274 list_add(&dev->list, head);
276 bacpy(&dev->src, &req->src);
277 bacpy(&dev->dst, &req->dst);
278 dev->channel = req->channel;
280 dev->flags = req->flags &
281 ((1 << RFCOMM_RELEASE_ONHUP) | (1 << RFCOMM_REUSE_DLC));
283 tty_port_init(&dev->port);
284 dev->port.ops = &rfcomm_port_ops;
285 init_waitqueue_head(&dev->conn_wait);
287 skb_queue_head_init(&dev->pending);
289 rfcomm_dlc_lock(dlc);
291 if (req->flags & (1 << RFCOMM_REUSE_DLC)) {
292 struct sock *sk = dlc->owner;
293 struct sk_buff *skb;
295 BUG_ON(!sk);
297 rfcomm_dlc_throttle(dlc);
299 while ((skb = skb_dequeue(&sk->sk_receive_queue))) {
300 skb_orphan(skb);
301 skb_queue_tail(&dev->pending, skb);
302 atomic_sub(skb->len, &sk->sk_rmem_alloc);
306 dlc->data_ready = rfcomm_dev_data_ready;
307 dlc->state_change = rfcomm_dev_state_change;
308 dlc->modem_status = rfcomm_dev_modem_status;
310 dlc->owner = dev;
311 dev->dlc = dlc;
313 rfcomm_dev_modem_status(dlc, dlc->remote_v24_sig);
315 rfcomm_dlc_unlock(dlc);
317 /* It's safe to call __module_get() here because socket already
318 holds reference to this module. */
319 __module_get(THIS_MODULE);
321 out:
322 spin_unlock(&rfcomm_dev_lock);
324 if (err < 0)
325 goto free;
327 dev->tty_dev = tty_port_register_device(&dev->port, rfcomm_tty_driver,
328 dev->id, NULL);
329 if (IS_ERR(dev->tty_dev)) {
330 err = PTR_ERR(dev->tty_dev);
331 spin_lock(&rfcomm_dev_lock);
332 list_del(&dev->list);
333 spin_unlock(&rfcomm_dev_lock);
334 goto free;
337 dev_set_drvdata(dev->tty_dev, dev);
339 if (device_create_file(dev->tty_dev, &dev_attr_address) < 0)
340 BT_ERR("Failed to create address attribute");
342 if (device_create_file(dev->tty_dev, &dev_attr_channel) < 0)
343 BT_ERR("Failed to create channel attribute");
345 return dev->id;
347 free:
348 kfree(dev);
349 return err;
352 /* ---- Send buffer ---- */
353 static inline unsigned int rfcomm_room(struct rfcomm_dlc *dlc)
355 /* We can't let it be zero, because we don't get a callback
356 when tx_credits becomes nonzero, hence we'd never wake up */
357 return dlc->mtu * (dlc->tx_credits?:1);
360 static void rfcomm_wfree(struct sk_buff *skb)
362 struct rfcomm_dev *dev = (void *) skb->sk;
363 atomic_sub(skb->truesize, &dev->wmem_alloc);
364 if (test_bit(RFCOMM_TTY_ATTACHED, &dev->flags))
365 tty_port_tty_wakeup(&dev->port);
366 tty_port_put(&dev->port);
369 static void rfcomm_set_owner_w(struct sk_buff *skb, struct rfcomm_dev *dev)
371 tty_port_get(&dev->port);
372 atomic_add(skb->truesize, &dev->wmem_alloc);
373 skb->sk = (void *) dev;
374 skb->destructor = rfcomm_wfree;
377 static struct sk_buff *rfcomm_wmalloc(struct rfcomm_dev *dev, unsigned long size, gfp_t priority)
379 if (atomic_read(&dev->wmem_alloc) < rfcomm_room(dev->dlc)) {
380 struct sk_buff *skb = alloc_skb(size, priority);
381 if (skb) {
382 rfcomm_set_owner_w(skb, dev);
383 return skb;
386 return NULL;
389 /* ---- Device IOCTLs ---- */
391 #define NOCAP_FLAGS ((1 << RFCOMM_REUSE_DLC) | (1 << RFCOMM_RELEASE_ONHUP))
393 static int rfcomm_create_dev(struct sock *sk, void __user *arg)
395 struct rfcomm_dev_req req;
396 struct rfcomm_dlc *dlc;
397 int id;
399 if (copy_from_user(&req, arg, sizeof(req)))
400 return -EFAULT;
402 BT_DBG("sk %p dev_id %d flags 0x%x", sk, req.dev_id, req.flags);
404 if (req.flags != NOCAP_FLAGS && !capable(CAP_NET_ADMIN))
405 return -EPERM;
407 if (req.flags & (1 << RFCOMM_REUSE_DLC)) {
408 /* Socket must be connected */
409 if (sk->sk_state != BT_CONNECTED)
410 return -EBADFD;
412 dlc = rfcomm_pi(sk)->dlc;
413 rfcomm_dlc_hold(dlc);
414 } else {
415 dlc = rfcomm_dlc_alloc(GFP_KERNEL);
416 if (!dlc)
417 return -ENOMEM;
420 id = rfcomm_dev_add(&req, dlc);
421 if (id < 0) {
422 rfcomm_dlc_put(dlc);
423 return id;
426 if (req.flags & (1 << RFCOMM_REUSE_DLC)) {
427 /* DLC is now used by device.
428 * Socket must be disconnected */
429 sk->sk_state = BT_CLOSED;
432 return id;
435 static int rfcomm_release_dev(void __user *arg)
437 struct rfcomm_dev_req req;
438 struct rfcomm_dev *dev;
439 struct tty_struct *tty;
441 if (copy_from_user(&req, arg, sizeof(req)))
442 return -EFAULT;
444 BT_DBG("dev_id %d flags 0x%x", req.dev_id, req.flags);
446 dev = rfcomm_dev_get(req.dev_id);
447 if (!dev)
448 return -ENODEV;
450 if (dev->flags != NOCAP_FLAGS && !capable(CAP_NET_ADMIN)) {
451 tty_port_put(&dev->port);
452 return -EPERM;
455 if (req.flags & (1 << RFCOMM_HANGUP_NOW))
456 rfcomm_dlc_close(dev->dlc, 0);
458 /* Shut down TTY synchronously before freeing rfcomm_dev */
459 tty = tty_port_tty_get(&dev->port);
460 if (tty) {
461 tty_vhangup(tty);
462 tty_kref_put(tty);
465 if (!test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags) &&
466 !test_and_set_bit(RFCOMM_TTY_RELEASED, &dev->flags))
467 tty_port_put(&dev->port);
469 tty_port_put(&dev->port);
470 return 0;
473 static int rfcomm_get_dev_list(void __user *arg)
475 struct rfcomm_dev *dev;
476 struct rfcomm_dev_list_req *dl;
477 struct rfcomm_dev_info *di;
478 int n = 0, size, err;
479 u16 dev_num;
481 BT_DBG("");
483 if (get_user(dev_num, (u16 __user *) arg))
484 return -EFAULT;
486 if (!dev_num || dev_num > (PAGE_SIZE * 4) / sizeof(*di))
487 return -EINVAL;
489 size = sizeof(*dl) + dev_num * sizeof(*di);
491 dl = kzalloc(size, GFP_KERNEL);
492 if (!dl)
493 return -ENOMEM;
495 di = dl->dev_info;
497 spin_lock(&rfcomm_dev_lock);
499 list_for_each_entry(dev, &rfcomm_dev_list, list) {
500 if (test_bit(RFCOMM_TTY_RELEASED, &dev->flags))
501 continue;
502 (di + n)->id = dev->id;
503 (di + n)->flags = dev->flags;
504 (di + n)->state = dev->dlc->state;
505 (di + n)->channel = dev->channel;
506 bacpy(&(di + n)->src, &dev->src);
507 bacpy(&(di + n)->dst, &dev->dst);
508 if (++n >= dev_num)
509 break;
512 spin_unlock(&rfcomm_dev_lock);
514 dl->dev_num = n;
515 size = sizeof(*dl) + n * sizeof(*di);
517 err = copy_to_user(arg, dl, size);
518 kfree(dl);
520 return err ? -EFAULT : 0;
523 static int rfcomm_get_dev_info(void __user *arg)
525 struct rfcomm_dev *dev;
526 struct rfcomm_dev_info di;
527 int err = 0;
529 BT_DBG("");
531 if (copy_from_user(&di, arg, sizeof(di)))
532 return -EFAULT;
534 dev = rfcomm_dev_get(di.id);
535 if (!dev)
536 return -ENODEV;
538 di.flags = dev->flags;
539 di.channel = dev->channel;
540 di.state = dev->dlc->state;
541 bacpy(&di.src, &dev->src);
542 bacpy(&di.dst, &dev->dst);
544 if (copy_to_user(arg, &di, sizeof(di)))
545 err = -EFAULT;
547 tty_port_put(&dev->port);
548 return err;
551 int rfcomm_dev_ioctl(struct sock *sk, unsigned int cmd, void __user *arg)
553 BT_DBG("cmd %d arg %p", cmd, arg);
555 switch (cmd) {
556 case RFCOMMCREATEDEV:
557 return rfcomm_create_dev(sk, arg);
559 case RFCOMMRELEASEDEV:
560 return rfcomm_release_dev(arg);
562 case RFCOMMGETDEVLIST:
563 return rfcomm_get_dev_list(arg);
565 case RFCOMMGETDEVINFO:
566 return rfcomm_get_dev_info(arg);
569 return -EINVAL;
572 /* ---- DLC callbacks ---- */
573 static void rfcomm_dev_data_ready(struct rfcomm_dlc *dlc, struct sk_buff *skb)
575 struct rfcomm_dev *dev = dlc->owner;
577 if (!dev) {
578 kfree_skb(skb);
579 return;
582 if (!skb_queue_empty(&dev->pending)) {
583 skb_queue_tail(&dev->pending, skb);
584 return;
587 BT_DBG("dlc %p len %d", dlc, skb->len);
589 tty_insert_flip_string(&dev->port, skb->data, skb->len);
590 tty_flip_buffer_push(&dev->port);
592 kfree_skb(skb);
595 static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err)
597 struct rfcomm_dev *dev = dlc->owner;
598 if (!dev)
599 return;
601 BT_DBG("dlc %p dev %p err %d", dlc, dev, err);
603 dev->err = err;
604 wake_up_interruptible(&dev->conn_wait);
606 if (dlc->state == BT_CLOSED)
607 tty_port_tty_hangup(&dev->port, false);
610 static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig)
612 struct rfcomm_dev *dev = dlc->owner;
613 if (!dev)
614 return;
616 BT_DBG("dlc %p dev %p v24_sig 0x%02x", dlc, dev, v24_sig);
618 if ((dev->modem_status & TIOCM_CD) && !(v24_sig & RFCOMM_V24_DV))
619 tty_port_tty_hangup(&dev->port, true);
621 dev->modem_status =
622 ((v24_sig & RFCOMM_V24_RTC) ? (TIOCM_DSR | TIOCM_DTR) : 0) |
623 ((v24_sig & RFCOMM_V24_RTR) ? (TIOCM_RTS | TIOCM_CTS) : 0) |
624 ((v24_sig & RFCOMM_V24_IC) ? TIOCM_RI : 0) |
625 ((v24_sig & RFCOMM_V24_DV) ? TIOCM_CD : 0);
628 /* ---- TTY functions ---- */
629 static void rfcomm_tty_copy_pending(struct rfcomm_dev *dev)
631 struct sk_buff *skb;
632 int inserted = 0;
634 BT_DBG("dev %p", dev);
636 rfcomm_dlc_lock(dev->dlc);
638 while ((skb = skb_dequeue(&dev->pending))) {
639 inserted += tty_insert_flip_string(&dev->port, skb->data,
640 skb->len);
641 kfree_skb(skb);
644 rfcomm_dlc_unlock(dev->dlc);
646 if (inserted > 0)
647 tty_flip_buffer_push(&dev->port);
650 /* do the reverse of install, clearing the tty fields and releasing the
651 * reference to tty_port
653 static void rfcomm_tty_cleanup(struct tty_struct *tty)
655 struct rfcomm_dev *dev = tty->driver_data;
657 clear_bit(RFCOMM_TTY_ATTACHED, &dev->flags);
659 rfcomm_dlc_lock(dev->dlc);
660 tty->driver_data = NULL;
661 rfcomm_dlc_unlock(dev->dlc);
664 * purge the dlc->tx_queue to avoid circular dependencies
665 * between dev and dlc
667 skb_queue_purge(&dev->dlc->tx_queue);
669 tty_port_put(&dev->port);
672 /* we acquire the tty_port reference since it's here the tty is first used
673 * by setting the termios. We also populate the driver_data field and install
674 * the tty port
676 static int rfcomm_tty_install(struct tty_driver *driver, struct tty_struct *tty)
678 struct rfcomm_dev *dev;
679 struct rfcomm_dlc *dlc;
680 int err;
682 dev = rfcomm_dev_get(tty->index);
683 if (!dev)
684 return -ENODEV;
686 dlc = dev->dlc;
688 /* Attach TTY and open DLC */
689 rfcomm_dlc_lock(dlc);
690 tty->driver_data = dev;
691 rfcomm_dlc_unlock(dlc);
692 set_bit(RFCOMM_TTY_ATTACHED, &dev->flags);
694 /* install the tty_port */
695 err = tty_port_install(&dev->port, driver, tty);
696 if (err) {
697 rfcomm_tty_cleanup(tty);
698 return err;
701 /* take over the tty_port reference if the port was created with the
702 * flag RFCOMM_RELEASE_ONHUP. This will force the release of the port
703 * when the last process closes the tty. The behaviour is expected by
704 * userspace.
706 if (test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags))
707 tty_port_put(&dev->port);
709 return 0;
712 static int rfcomm_tty_open(struct tty_struct *tty, struct file *filp)
714 struct rfcomm_dev *dev = tty->driver_data;
715 int err;
717 BT_DBG("tty %p id %d", tty, tty->index);
719 BT_DBG("dev %p dst %pMR channel %d opened %d", dev, &dev->dst,
720 dev->channel, dev->port.count);
722 err = tty_port_open(&dev->port, tty, filp);
723 if (err)
724 return err;
727 * FIXME: rfcomm should use proper flow control for
728 * received data. This hack will be unnecessary and can
729 * be removed when that's implemented
731 rfcomm_tty_copy_pending(dev);
733 rfcomm_dlc_unthrottle(dev->dlc);
735 return 0;
738 static void rfcomm_tty_close(struct tty_struct *tty, struct file *filp)
740 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
742 BT_DBG("tty %p dev %p dlc %p opened %d", tty, dev, dev->dlc,
743 dev->port.count);
745 tty_port_close(&dev->port, tty, filp);
748 static int rfcomm_tty_write(struct tty_struct *tty, const unsigned char *buf, int count)
750 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
751 struct rfcomm_dlc *dlc = dev->dlc;
752 struct sk_buff *skb;
753 int err = 0, sent = 0, size;
755 BT_DBG("tty %p count %d", tty, count);
757 while (count) {
758 size = min_t(uint, count, dlc->mtu);
760 skb = rfcomm_wmalloc(dev, size + RFCOMM_SKB_RESERVE, GFP_ATOMIC);
762 if (!skb)
763 break;
765 skb_reserve(skb, RFCOMM_SKB_HEAD_RESERVE);
767 memcpy(skb_put(skb, size), buf + sent, size);
769 err = rfcomm_dlc_send(dlc, skb);
770 if (err < 0) {
771 kfree_skb(skb);
772 break;
775 sent += size;
776 count -= size;
779 return sent ? sent : err;
782 static int rfcomm_tty_write_room(struct tty_struct *tty)
784 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
785 int room;
787 BT_DBG("tty %p", tty);
789 if (!dev || !dev->dlc)
790 return 0;
792 room = rfcomm_room(dev->dlc) - atomic_read(&dev->wmem_alloc);
793 if (room < 0)
794 room = 0;
796 return room;
799 static int rfcomm_tty_ioctl(struct tty_struct *tty, unsigned int cmd, unsigned long arg)
801 BT_DBG("tty %p cmd 0x%02x", tty, cmd);
803 switch (cmd) {
804 case TCGETS:
805 BT_DBG("TCGETS is not supported");
806 return -ENOIOCTLCMD;
808 case TCSETS:
809 BT_DBG("TCSETS is not supported");
810 return -ENOIOCTLCMD;
812 case TIOCMIWAIT:
813 BT_DBG("TIOCMIWAIT");
814 break;
816 case TIOCGSERIAL:
817 BT_ERR("TIOCGSERIAL is not supported");
818 return -ENOIOCTLCMD;
820 case TIOCSSERIAL:
821 BT_ERR("TIOCSSERIAL is not supported");
822 return -ENOIOCTLCMD;
824 case TIOCSERGSTRUCT:
825 BT_ERR("TIOCSERGSTRUCT is not supported");
826 return -ENOIOCTLCMD;
828 case TIOCSERGETLSR:
829 BT_ERR("TIOCSERGETLSR is not supported");
830 return -ENOIOCTLCMD;
832 case TIOCSERCONFIG:
833 BT_ERR("TIOCSERCONFIG is not supported");
834 return -ENOIOCTLCMD;
836 default:
837 return -ENOIOCTLCMD; /* ioctls which we must ignore */
841 return -ENOIOCTLCMD;
844 static void rfcomm_tty_set_termios(struct tty_struct *tty, struct ktermios *old)
846 struct ktermios *new = &tty->termios;
847 int old_baud_rate = tty_termios_baud_rate(old);
848 int new_baud_rate = tty_termios_baud_rate(new);
850 u8 baud, data_bits, stop_bits, parity, x_on, x_off;
851 u16 changes = 0;
853 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
855 BT_DBG("tty %p termios %p", tty, old);
857 if (!dev || !dev->dlc || !dev->dlc->session)
858 return;
860 /* Handle turning off CRTSCTS */
861 if ((old->c_cflag & CRTSCTS) && !(new->c_cflag & CRTSCTS))
862 BT_DBG("Turning off CRTSCTS unsupported");
864 /* Parity on/off and when on, odd/even */
865 if (((old->c_cflag & PARENB) != (new->c_cflag & PARENB)) ||
866 ((old->c_cflag & PARODD) != (new->c_cflag & PARODD))) {
867 changes |= RFCOMM_RPN_PM_PARITY;
868 BT_DBG("Parity change detected.");
871 /* Mark and space parity are not supported! */
872 if (new->c_cflag & PARENB) {
873 if (new->c_cflag & PARODD) {
874 BT_DBG("Parity is ODD");
875 parity = RFCOMM_RPN_PARITY_ODD;
876 } else {
877 BT_DBG("Parity is EVEN");
878 parity = RFCOMM_RPN_PARITY_EVEN;
880 } else {
881 BT_DBG("Parity is OFF");
882 parity = RFCOMM_RPN_PARITY_NONE;
885 /* Setting the x_on / x_off characters */
886 if (old->c_cc[VSTOP] != new->c_cc[VSTOP]) {
887 BT_DBG("XOFF custom");
888 x_on = new->c_cc[VSTOP];
889 changes |= RFCOMM_RPN_PM_XON;
890 } else {
891 BT_DBG("XOFF default");
892 x_on = RFCOMM_RPN_XON_CHAR;
895 if (old->c_cc[VSTART] != new->c_cc[VSTART]) {
896 BT_DBG("XON custom");
897 x_off = new->c_cc[VSTART];
898 changes |= RFCOMM_RPN_PM_XOFF;
899 } else {
900 BT_DBG("XON default");
901 x_off = RFCOMM_RPN_XOFF_CHAR;
904 /* Handle setting of stop bits */
905 if ((old->c_cflag & CSTOPB) != (new->c_cflag & CSTOPB))
906 changes |= RFCOMM_RPN_PM_STOP;
908 /* POSIX does not support 1.5 stop bits and RFCOMM does not
909 * support 2 stop bits. So a request for 2 stop bits gets
910 * translated to 1.5 stop bits */
911 if (new->c_cflag & CSTOPB)
912 stop_bits = RFCOMM_RPN_STOP_15;
913 else
914 stop_bits = RFCOMM_RPN_STOP_1;
916 /* Handle number of data bits [5-8] */
917 if ((old->c_cflag & CSIZE) != (new->c_cflag & CSIZE))
918 changes |= RFCOMM_RPN_PM_DATA;
920 switch (new->c_cflag & CSIZE) {
921 case CS5:
922 data_bits = RFCOMM_RPN_DATA_5;
923 break;
924 case CS6:
925 data_bits = RFCOMM_RPN_DATA_6;
926 break;
927 case CS7:
928 data_bits = RFCOMM_RPN_DATA_7;
929 break;
930 case CS8:
931 data_bits = RFCOMM_RPN_DATA_8;
932 break;
933 default:
934 data_bits = RFCOMM_RPN_DATA_8;
935 break;
938 /* Handle baudrate settings */
939 if (old_baud_rate != new_baud_rate)
940 changes |= RFCOMM_RPN_PM_BITRATE;
942 switch (new_baud_rate) {
943 case 2400:
944 baud = RFCOMM_RPN_BR_2400;
945 break;
946 case 4800:
947 baud = RFCOMM_RPN_BR_4800;
948 break;
949 case 7200:
950 baud = RFCOMM_RPN_BR_7200;
951 break;
952 case 9600:
953 baud = RFCOMM_RPN_BR_9600;
954 break;
955 case 19200:
956 baud = RFCOMM_RPN_BR_19200;
957 break;
958 case 38400:
959 baud = RFCOMM_RPN_BR_38400;
960 break;
961 case 57600:
962 baud = RFCOMM_RPN_BR_57600;
963 break;
964 case 115200:
965 baud = RFCOMM_RPN_BR_115200;
966 break;
967 case 230400:
968 baud = RFCOMM_RPN_BR_230400;
969 break;
970 default:
971 /* 9600 is standard accordinag to the RFCOMM specification */
972 baud = RFCOMM_RPN_BR_9600;
973 break;
977 if (changes)
978 rfcomm_send_rpn(dev->dlc->session, 1, dev->dlc->dlci, baud,
979 data_bits, stop_bits, parity,
980 RFCOMM_RPN_FLOW_NONE, x_on, x_off, changes);
983 static void rfcomm_tty_throttle(struct tty_struct *tty)
985 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
987 BT_DBG("tty %p dev %p", tty, dev);
989 rfcomm_dlc_throttle(dev->dlc);
992 static void rfcomm_tty_unthrottle(struct tty_struct *tty)
994 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
996 BT_DBG("tty %p dev %p", tty, dev);
998 rfcomm_dlc_unthrottle(dev->dlc);
1001 static int rfcomm_tty_chars_in_buffer(struct tty_struct *tty)
1003 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1005 BT_DBG("tty %p dev %p", tty, dev);
1007 if (!dev || !dev->dlc)
1008 return 0;
1010 if (!skb_queue_empty(&dev->dlc->tx_queue))
1011 return dev->dlc->mtu;
1013 return 0;
1016 static void rfcomm_tty_flush_buffer(struct tty_struct *tty)
1018 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1020 BT_DBG("tty %p dev %p", tty, dev);
1022 if (!dev || !dev->dlc)
1023 return;
1025 skb_queue_purge(&dev->dlc->tx_queue);
1026 tty_wakeup(tty);
1029 static void rfcomm_tty_send_xchar(struct tty_struct *tty, char ch)
1031 BT_DBG("tty %p ch %c", tty, ch);
1034 static void rfcomm_tty_wait_until_sent(struct tty_struct *tty, int timeout)
1036 BT_DBG("tty %p timeout %d", tty, timeout);
1039 static void rfcomm_tty_hangup(struct tty_struct *tty)
1041 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1043 BT_DBG("tty %p dev %p", tty, dev);
1045 tty_port_hangup(&dev->port);
1048 static int rfcomm_tty_tiocmget(struct tty_struct *tty)
1050 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1052 BT_DBG("tty %p dev %p", tty, dev);
1054 return dev->modem_status;
1057 static int rfcomm_tty_tiocmset(struct tty_struct *tty, unsigned int set, unsigned int clear)
1059 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
1060 struct rfcomm_dlc *dlc = dev->dlc;
1061 u8 v24_sig;
1063 BT_DBG("tty %p dev %p set 0x%02x clear 0x%02x", tty, dev, set, clear);
1065 rfcomm_dlc_get_modem_status(dlc, &v24_sig);
1067 if (set & TIOCM_DSR || set & TIOCM_DTR)
1068 v24_sig |= RFCOMM_V24_RTC;
1069 if (set & TIOCM_RTS || set & TIOCM_CTS)
1070 v24_sig |= RFCOMM_V24_RTR;
1071 if (set & TIOCM_RI)
1072 v24_sig |= RFCOMM_V24_IC;
1073 if (set & TIOCM_CD)
1074 v24_sig |= RFCOMM_V24_DV;
1076 if (clear & TIOCM_DSR || clear & TIOCM_DTR)
1077 v24_sig &= ~RFCOMM_V24_RTC;
1078 if (clear & TIOCM_RTS || clear & TIOCM_CTS)
1079 v24_sig &= ~RFCOMM_V24_RTR;
1080 if (clear & TIOCM_RI)
1081 v24_sig &= ~RFCOMM_V24_IC;
1082 if (clear & TIOCM_CD)
1083 v24_sig &= ~RFCOMM_V24_DV;
1085 rfcomm_dlc_set_modem_status(dlc, v24_sig);
1087 return 0;
1090 /* ---- TTY structure ---- */
1092 static const struct tty_operations rfcomm_ops = {
1093 .open = rfcomm_tty_open,
1094 .close = rfcomm_tty_close,
1095 .write = rfcomm_tty_write,
1096 .write_room = rfcomm_tty_write_room,
1097 .chars_in_buffer = rfcomm_tty_chars_in_buffer,
1098 .flush_buffer = rfcomm_tty_flush_buffer,
1099 .ioctl = rfcomm_tty_ioctl,
1100 .throttle = rfcomm_tty_throttle,
1101 .unthrottle = rfcomm_tty_unthrottle,
1102 .set_termios = rfcomm_tty_set_termios,
1103 .send_xchar = rfcomm_tty_send_xchar,
1104 .hangup = rfcomm_tty_hangup,
1105 .wait_until_sent = rfcomm_tty_wait_until_sent,
1106 .tiocmget = rfcomm_tty_tiocmget,
1107 .tiocmset = rfcomm_tty_tiocmset,
1108 .install = rfcomm_tty_install,
1109 .cleanup = rfcomm_tty_cleanup,
1112 int __init rfcomm_init_ttys(void)
1114 int error;
1116 rfcomm_tty_driver = alloc_tty_driver(RFCOMM_TTY_PORTS);
1117 if (!rfcomm_tty_driver)
1118 return -ENOMEM;
1120 rfcomm_tty_driver->driver_name = "rfcomm";
1121 rfcomm_tty_driver->name = "rfcomm";
1122 rfcomm_tty_driver->major = RFCOMM_TTY_MAJOR;
1123 rfcomm_tty_driver->minor_start = RFCOMM_TTY_MINOR;
1124 rfcomm_tty_driver->type = TTY_DRIVER_TYPE_SERIAL;
1125 rfcomm_tty_driver->subtype = SERIAL_TYPE_NORMAL;
1126 rfcomm_tty_driver->flags = TTY_DRIVER_REAL_RAW | TTY_DRIVER_DYNAMIC_DEV;
1127 rfcomm_tty_driver->init_termios = tty_std_termios;
1128 rfcomm_tty_driver->init_termios.c_cflag = B9600 | CS8 | CREAD | HUPCL | CLOCAL;
1129 rfcomm_tty_driver->init_termios.c_lflag &= ~ICANON;
1130 tty_set_operations(rfcomm_tty_driver, &rfcomm_ops);
1132 error = tty_register_driver(rfcomm_tty_driver);
1133 if (error) {
1134 BT_ERR("Can't register RFCOMM TTY driver");
1135 put_tty_driver(rfcomm_tty_driver);
1136 return error;
1139 BT_INFO("RFCOMM TTY layer initialized");
1141 return 0;
1144 void rfcomm_cleanup_ttys(void)
1146 tty_unregister_driver(rfcomm_tty_driver);
1147 put_tty_driver(rfcomm_tty_driver);