Commit | Line | Data |
---|---|---|
8e87d142 | 1 | /* |
1da177e4 LT |
2 | RFCOMM implementation for Linux Bluetooth stack (BlueZ). |
3 | Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com> | |
4 | Copyright (C) 2002 Marcel Holtmann <marcel@holtmann.org> | |
5 | ||
6 | This program is free software; you can redistribute it and/or modify | |
7 | it under the terms of the GNU General Public License version 2 as | |
8 | published by the Free Software Foundation; | |
9 | ||
10 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS | |
11 | OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | |
12 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. | |
13 | IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY | |
8e87d142 YH |
14 | CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES |
15 | WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | |
16 | ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | |
1da177e4 LT |
17 | OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
18 | ||
8e87d142 YH |
19 | ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, |
20 | COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS | |
1da177e4 LT |
21 | SOFTWARE IS DISCLAIMED. |
22 | */ | |
23 | ||
24 | /* | |
25 | * RFCOMM TTY. | |
1da177e4 LT |
26 | */ |
27 | ||
1da177e4 LT |
28 | #include <linux/module.h> |
29 | ||
30 | #include <linux/tty.h> | |
31 | #include <linux/tty_driver.h> | |
32 | #include <linux/tty_flip.h> | |
33 | ||
1da177e4 | 34 | #include <net/bluetooth/bluetooth.h> |
0a85b964 | 35 | #include <net/bluetooth/hci_core.h> |
1da177e4 LT |
36 | #include <net/bluetooth/rfcomm.h> |
37 | ||
1da177e4 LT |
38 | #define RFCOMM_TTY_MAGIC 0x6d02 /* magic number for rfcomm struct */ |
39 | #define RFCOMM_TTY_PORTS RFCOMM_MAX_DEV /* whole lotta rfcomm devices */ | |
40 | #define RFCOMM_TTY_MAJOR 216 /* device node major id of the usb/bluetooth.c driver */ | |
41 | #define RFCOMM_TTY_MINOR 0 | |
42 | ||
43 | static struct tty_driver *rfcomm_tty_driver; | |
44 | ||
45 | struct rfcomm_dev { | |
f60db8c4 | 46 | struct tty_port port; |
1da177e4 | 47 | struct list_head list; |
1da177e4 LT |
48 | |
49 | char name[12]; | |
50 | int id; | |
51 | unsigned long flags; | |
1da177e4 LT |
52 | int err; |
53 | ||
1c64834e PH |
54 | unsigned long status; /* don't export to userspace */ |
55 | ||
1da177e4 LT |
56 | bdaddr_t src; |
57 | bdaddr_t dst; | |
285b4e90 | 58 | u8 channel; |
1da177e4 | 59 | |
285b4e90 | 60 | uint modem_status; |
1da177e4 LT |
61 | |
62 | struct rfcomm_dlc *dlc; | |
1da177e4 | 63 | |
c1a33136 MH |
64 | struct device *tty_dev; |
65 | ||
285b4e90 | 66 | atomic_t wmem_alloc; |
a0c22f22 MH |
67 | |
68 | struct sk_buff_head pending; | |
1da177e4 LT |
69 | }; |
70 | ||
71 | static LIST_HEAD(rfcomm_dev_list); | |
393432cd | 72 | static DEFINE_SPINLOCK(rfcomm_dev_lock); |
1da177e4 LT |
73 | |
74 | static void rfcomm_dev_data_ready(struct rfcomm_dlc *dlc, struct sk_buff *skb); | |
75 | static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err); | |
76 | static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig); | |
77 | ||
1da177e4 | 78 | /* ---- Device functions ---- */ |
67054019 | 79 | |
67054019 | 80 | static void rfcomm_dev_destruct(struct tty_port *port) |
1da177e4 | 81 | { |
67054019 | 82 | struct rfcomm_dev *dev = container_of(port, struct rfcomm_dev, port); |
1da177e4 LT |
83 | struct rfcomm_dlc *dlc = dev->dlc; |
84 | ||
85 | BT_DBG("dev %p dlc %p", dev, dlc); | |
86 | ||
ebe937f7 GA |
87 | spin_lock(&rfcomm_dev_lock); |
88 | list_del(&dev->list); | |
89 | spin_unlock(&rfcomm_dev_lock); | |
8de0a154 | 90 | |
1da177e4 LT |
91 | rfcomm_dlc_lock(dlc); |
92 | /* Detach DLC if it's owned by this dev */ | |
93 | if (dlc->owner == dev) | |
94 | dlc->owner = NULL; | |
95 | rfcomm_dlc_unlock(dlc); | |
96 | ||
97 | rfcomm_dlc_put(dlc); | |
98 | ||
99 | tty_unregister_device(rfcomm_tty_driver, dev->id); | |
100 | ||
1da177e4 LT |
101 | kfree(dev); |
102 | ||
8e87d142 | 103 | /* It's safe to call module_put() here because socket still |
1da177e4 LT |
104 | holds reference to this module. */ |
105 | module_put(THIS_MODULE); | |
106 | } | |
107 | ||
cad348a1 GA |
108 | /* device-specific initialization: open the dlc */ |
109 | static int rfcomm_dev_activate(struct tty_port *port, struct tty_struct *tty) | |
110 | { | |
111 | struct rfcomm_dev *dev = container_of(port, struct rfcomm_dev, port); | |
112 | ||
136c373b | 113 | return rfcomm_dlc_open(dev->dlc, &dev->src, &dev->dst, dev->channel); |
cad348a1 GA |
114 | } |
115 | ||
7f717b91 PH |
116 | /* we block the open until the dlc->state becomes BT_CONNECTED */ |
117 | static int rfcomm_dev_carrier_raised(struct tty_port *port) | |
118 | { | |
119 | struct rfcomm_dev *dev = container_of(port, struct rfcomm_dev, port); | |
120 | ||
121 | return (dev->dlc->state == BT_CONNECTED); | |
122 | } | |
123 | ||
cad348a1 GA |
124 | /* device-specific cleanup: close the dlc */ |
125 | static void rfcomm_dev_shutdown(struct tty_port *port) | |
126 | { | |
127 | struct rfcomm_dev *dev = container_of(port, struct rfcomm_dev, port); | |
128 | ||
129 | if (dev->tty_dev->parent) | |
130 | device_move(dev->tty_dev, NULL, DPM_ORDER_DEV_LAST); | |
131 | ||
132 | /* close the dlc */ | |
133 | rfcomm_dlc_close(dev->dlc, 0); | |
134 | } | |
135 | ||
67054019 JS |
136 | static const struct tty_port_operations rfcomm_port_ops = { |
137 | .destruct = rfcomm_dev_destruct, | |
cad348a1 GA |
138 | .activate = rfcomm_dev_activate, |
139 | .shutdown = rfcomm_dev_shutdown, | |
136c373b | 140 | .carrier_raised = rfcomm_dev_carrier_raised, |
67054019 | 141 | }; |
1da177e4 LT |
142 | |
143 | static struct rfcomm_dev *__rfcomm_dev_get(int id) | |
144 | { | |
145 | struct rfcomm_dev *dev; | |
1da177e4 | 146 | |
8035ded4 | 147 | list_for_each_entry(dev, &rfcomm_dev_list, list) |
1da177e4 LT |
148 | if (dev->id == id) |
149 | return dev; | |
1da177e4 LT |
150 | |
151 | return NULL; | |
152 | } | |
153 | ||
6039aa73 | 154 | static struct rfcomm_dev *rfcomm_dev_get(int id) |
1da177e4 LT |
155 | { |
156 | struct rfcomm_dev *dev; | |
157 | ||
393432cd | 158 | spin_lock(&rfcomm_dev_lock); |
1da177e4 LT |
159 | |
160 | dev = __rfcomm_dev_get(id); | |
8de0a154 | 161 | |
082a1532 PH |
162 | if (dev && !tty_port_get(&dev->port)) |
163 | dev = NULL; | |
1da177e4 | 164 | |
393432cd | 165 | spin_unlock(&rfcomm_dev_lock); |
1da177e4 LT |
166 | |
167 | return dev; | |
168 | } | |
169 | ||
f87c24e7 PH |
170 | static struct device *rfcomm_get_device(struct rfcomm_dev *dev) |
171 | { | |
172 | struct hci_dev *hdev; | |
173 | struct hci_conn *conn; | |
174 | ||
175 | hdev = hci_get_route(&dev->dst, &dev->src); | |
176 | if (!hdev) | |
177 | return NULL; | |
178 | ||
179 | conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &dev->dst); | |
180 | ||
181 | hci_dev_put(hdev); | |
182 | ||
183 | return conn ? &conn->dev : NULL; | |
184 | } | |
185 | ||
dae6a0f6 MH |
186 | static ssize_t show_address(struct device *tty_dev, struct device_attribute *attr, char *buf) |
187 | { | |
188 | struct rfcomm_dev *dev = dev_get_drvdata(tty_dev); | |
fcb73338 | 189 | return sprintf(buf, "%pMR\n", &dev->dst); |
dae6a0f6 MH |
190 | } |
191 | ||
192 | static ssize_t show_channel(struct device *tty_dev, struct device_attribute *attr, char *buf) | |
193 | { | |
194 | struct rfcomm_dev *dev = dev_get_drvdata(tty_dev); | |
195 | return sprintf(buf, "%d\n", dev->channel); | |
196 | } | |
197 | ||
198 | static DEVICE_ATTR(address, S_IRUGO, show_address, NULL); | |
199 | static DEVICE_ATTR(channel, S_IRUGO, show_channel, NULL); | |
200 | ||
1da177e4 LT |
201 | static int rfcomm_dev_add(struct rfcomm_dev_req *req, struct rfcomm_dlc *dlc) |
202 | { | |
8035ded4 | 203 | struct rfcomm_dev *dev, *entry; |
e57d758a | 204 | struct list_head *head = &rfcomm_dev_list; |
1da177e4 LT |
205 | int err = 0; |
206 | ||
207 | BT_DBG("id %d channel %d", req->dev_id, req->channel); | |
8e87d142 | 208 | |
25ea6db0 | 209 | dev = kzalloc(sizeof(struct rfcomm_dev), GFP_KERNEL); |
1da177e4 LT |
210 | if (!dev) |
211 | return -ENOMEM; | |
1da177e4 | 212 | |
393432cd | 213 | spin_lock(&rfcomm_dev_lock); |
1da177e4 LT |
214 | |
215 | if (req->dev_id < 0) { | |
216 | dev->id = 0; | |
217 | ||
8035ded4 LAD |
218 | list_for_each_entry(entry, &rfcomm_dev_list, list) { |
219 | if (entry->id != dev->id) | |
1da177e4 LT |
220 | break; |
221 | ||
222 | dev->id++; | |
e57d758a | 223 | head = &entry->list; |
1da177e4 LT |
224 | } |
225 | } else { | |
226 | dev->id = req->dev_id; | |
227 | ||
8035ded4 | 228 | list_for_each_entry(entry, &rfcomm_dev_list, list) { |
1da177e4 LT |
229 | if (entry->id == dev->id) { |
230 | err = -EADDRINUSE; | |
231 | goto out; | |
232 | } | |
233 | ||
234 | if (entry->id > dev->id - 1) | |
235 | break; | |
236 | ||
e57d758a | 237 | head = &entry->list; |
1da177e4 LT |
238 | } |
239 | } | |
240 | ||
241 | if ((dev->id < 0) || (dev->id > RFCOMM_MAX_DEV - 1)) { | |
242 | err = -ENFILE; | |
243 | goto out; | |
244 | } | |
245 | ||
246 | sprintf(dev->name, "rfcomm%d", dev->id); | |
247 | ||
248 | list_add(&dev->list, head); | |
1da177e4 LT |
249 | |
250 | bacpy(&dev->src, &req->src); | |
251 | bacpy(&dev->dst, &req->dst); | |
252 | dev->channel = req->channel; | |
253 | ||
8e87d142 | 254 | dev->flags = req->flags & |
1da177e4 LT |
255 | ((1 << RFCOMM_RELEASE_ONHUP) | (1 << RFCOMM_REUSE_DLC)); |
256 | ||
f60db8c4 | 257 | tty_port_init(&dev->port); |
67054019 | 258 | dev->port.ops = &rfcomm_port_ops; |
1da177e4 | 259 | |
a0c22f22 MH |
260 | skb_queue_head_init(&dev->pending); |
261 | ||
1da177e4 | 262 | rfcomm_dlc_lock(dlc); |
a0c22f22 MH |
263 | |
264 | if (req->flags & (1 << RFCOMM_REUSE_DLC)) { | |
265 | struct sock *sk = dlc->owner; | |
266 | struct sk_buff *skb; | |
267 | ||
268 | BUG_ON(!sk); | |
269 | ||
270 | rfcomm_dlc_throttle(dlc); | |
271 | ||
272 | while ((skb = skb_dequeue(&sk->sk_receive_queue))) { | |
273 | skb_orphan(skb); | |
274 | skb_queue_tail(&dev->pending, skb); | |
275 | atomic_sub(skb->len, &sk->sk_rmem_alloc); | |
276 | } | |
277 | } | |
278 | ||
1da177e4 LT |
279 | dlc->data_ready = rfcomm_dev_data_ready; |
280 | dlc->state_change = rfcomm_dev_state_change; | |
281 | dlc->modem_status = rfcomm_dev_modem_status; | |
282 | ||
283 | dlc->owner = dev; | |
284 | dev->dlc = dlc; | |
8b6b3da7 MH |
285 | |
286 | rfcomm_dev_modem_status(dlc, dlc->remote_v24_sig); | |
287 | ||
1da177e4 LT |
288 | rfcomm_dlc_unlock(dlc); |
289 | ||
8e87d142 | 290 | /* It's safe to call __module_get() here because socket already |
1da177e4 LT |
291 | holds reference to this module. */ |
292 | __module_get(THIS_MODULE); | |
293 | ||
294 | out: | |
393432cd | 295 | spin_unlock(&rfcomm_dev_lock); |
1da177e4 | 296 | |
037322ab IJ |
297 | if (err < 0) |
298 | goto free; | |
1da177e4 | 299 | |
734cc178 JS |
300 | dev->tty_dev = tty_port_register_device(&dev->port, rfcomm_tty_driver, |
301 | dev->id, NULL); | |
8de0a154 | 302 | if (IS_ERR(dev->tty_dev)) { |
09c7d829 | 303 | err = PTR_ERR(dev->tty_dev); |
ebe937f7 | 304 | spin_lock(&rfcomm_dev_lock); |
8de0a154 | 305 | list_del(&dev->list); |
ebe937f7 | 306 | spin_unlock(&rfcomm_dev_lock); |
037322ab | 307 | goto free; |
8de0a154 VT |
308 | } |
309 | ||
dae6a0f6 MH |
310 | dev_set_drvdata(dev->tty_dev, dev); |
311 | ||
312 | if (device_create_file(dev->tty_dev, &dev_attr_address) < 0) | |
313 | BT_ERR("Failed to create address attribute"); | |
314 | ||
315 | if (device_create_file(dev->tty_dev, &dev_attr_channel) < 0) | |
316 | BT_ERR("Failed to create channel attribute"); | |
317 | ||
1da177e4 | 318 | return dev->id; |
037322ab IJ |
319 | |
320 | free: | |
321 | kfree(dev); | |
322 | return err; | |
1da177e4 LT |
323 | } |
324 | ||
1da177e4 LT |
325 | /* ---- Send buffer ---- */ |
326 | static inline unsigned int rfcomm_room(struct rfcomm_dlc *dlc) | |
327 | { | |
328 | /* We can't let it be zero, because we don't get a callback | |
329 | when tx_credits becomes nonzero, hence we'd never wake up */ | |
330 | return dlc->mtu * (dlc->tx_credits?:1); | |
331 | } | |
332 | ||
333 | static void rfcomm_wfree(struct sk_buff *skb) | |
334 | { | |
335 | struct rfcomm_dev *dev = (void *) skb->sk; | |
336 | atomic_sub(skb->truesize, &dev->wmem_alloc); | |
396dc223 GA |
337 | if (test_bit(RFCOMM_TTY_ATTACHED, &dev->flags)) |
338 | tty_port_tty_wakeup(&dev->port); | |
67054019 | 339 | tty_port_put(&dev->port); |
1da177e4 LT |
340 | } |
341 | ||
6039aa73 | 342 | static void rfcomm_set_owner_w(struct sk_buff *skb, struct rfcomm_dev *dev) |
1da177e4 | 343 | { |
67054019 | 344 | tty_port_get(&dev->port); |
1da177e4 LT |
345 | atomic_add(skb->truesize, &dev->wmem_alloc); |
346 | skb->sk = (void *) dev; | |
347 | skb->destructor = rfcomm_wfree; | |
348 | } | |
349 | ||
dd0fc66f | 350 | static struct sk_buff *rfcomm_wmalloc(struct rfcomm_dev *dev, unsigned long size, gfp_t priority) |
1da177e4 LT |
351 | { |
352 | if (atomic_read(&dev->wmem_alloc) < rfcomm_room(dev->dlc)) { | |
353 | struct sk_buff *skb = alloc_skb(size, priority); | |
354 | if (skb) { | |
355 | rfcomm_set_owner_w(skb, dev); | |
356 | return skb; | |
357 | } | |
358 | } | |
359 | return NULL; | |
360 | } | |
361 | ||
362 | /* ---- Device IOCTLs ---- */ | |
363 | ||
364 | #define NOCAP_FLAGS ((1 << RFCOMM_REUSE_DLC) | (1 << RFCOMM_RELEASE_ONHUP)) | |
365 | ||
366 | static int rfcomm_create_dev(struct sock *sk, void __user *arg) | |
367 | { | |
368 | struct rfcomm_dev_req req; | |
369 | struct rfcomm_dlc *dlc; | |
370 | int id; | |
371 | ||
372 | if (copy_from_user(&req, arg, sizeof(req))) | |
373 | return -EFAULT; | |
374 | ||
8de0a154 | 375 | BT_DBG("sk %p dev_id %d flags 0x%x", sk, req.dev_id, req.flags); |
1da177e4 LT |
376 | |
377 | if (req.flags != NOCAP_FLAGS && !capable(CAP_NET_ADMIN)) | |
378 | return -EPERM; | |
379 | ||
380 | if (req.flags & (1 << RFCOMM_REUSE_DLC)) { | |
381 | /* Socket must be connected */ | |
382 | if (sk->sk_state != BT_CONNECTED) | |
383 | return -EBADFD; | |
384 | ||
385 | dlc = rfcomm_pi(sk)->dlc; | |
386 | rfcomm_dlc_hold(dlc); | |
387 | } else { | |
388 | dlc = rfcomm_dlc_alloc(GFP_KERNEL); | |
389 | if (!dlc) | |
390 | return -ENOMEM; | |
391 | } | |
392 | ||
393 | id = rfcomm_dev_add(&req, dlc); | |
394 | if (id < 0) { | |
395 | rfcomm_dlc_put(dlc); | |
396 | return id; | |
397 | } | |
398 | ||
399 | if (req.flags & (1 << RFCOMM_REUSE_DLC)) { | |
400 | /* DLC is now used by device. | |
401 | * Socket must be disconnected */ | |
402 | sk->sk_state = BT_CLOSED; | |
403 | } | |
404 | ||
405 | return id; | |
406 | } | |
407 | ||
408 | static int rfcomm_release_dev(void __user *arg) | |
409 | { | |
410 | struct rfcomm_dev_req req; | |
411 | struct rfcomm_dev *dev; | |
396dc223 | 412 | struct tty_struct *tty; |
1da177e4 LT |
413 | |
414 | if (copy_from_user(&req, arg, sizeof(req))) | |
415 | return -EFAULT; | |
416 | ||
8de0a154 | 417 | BT_DBG("dev_id %d flags 0x%x", req.dev_id, req.flags); |
1da177e4 | 418 | |
285b4e90 AE |
419 | dev = rfcomm_dev_get(req.dev_id); |
420 | if (!dev) | |
1da177e4 LT |
421 | return -ENODEV; |
422 | ||
423 | if (dev->flags != NOCAP_FLAGS && !capable(CAP_NET_ADMIN)) { | |
67054019 | 424 | tty_port_put(&dev->port); |
1da177e4 LT |
425 | return -EPERM; |
426 | } | |
427 | ||
1c64834e PH |
428 | /* only release once */ |
429 | if (test_and_set_bit(RFCOMM_DEV_RELEASED, &dev->status)) { | |
430 | tty_port_put(&dev->port); | |
431 | return -EALREADY; | |
432 | } | |
433 | ||
1da177e4 LT |
434 | if (req.flags & (1 << RFCOMM_HANGUP_NOW)) |
435 | rfcomm_dlc_close(dev->dlc, 0); | |
436 | ||
84950cf0 | 437 | /* Shut down TTY synchronously before freeing rfcomm_dev */ |
396dc223 GA |
438 | tty = tty_port_tty_get(&dev->port); |
439 | if (tty) { | |
440 | tty_vhangup(tty); | |
441 | tty_kref_put(tty); | |
442 | } | |
84950cf0 | 443 | |
1c64834e | 444 | if (!test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags)) |
ece3150d GA |
445 | tty_port_put(&dev->port); |
446 | ||
67054019 | 447 | tty_port_put(&dev->port); |
1da177e4 LT |
448 | return 0; |
449 | } | |
450 | ||
451 | static int rfcomm_get_dev_list(void __user *arg) | |
452 | { | |
8035ded4 | 453 | struct rfcomm_dev *dev; |
1da177e4 LT |
454 | struct rfcomm_dev_list_req *dl; |
455 | struct rfcomm_dev_info *di; | |
1da177e4 LT |
456 | int n = 0, size, err; |
457 | u16 dev_num; | |
458 | ||
459 | BT_DBG(""); | |
460 | ||
461 | if (get_user(dev_num, (u16 __user *) arg)) | |
462 | return -EFAULT; | |
463 | ||
464 | if (!dev_num || dev_num > (PAGE_SIZE * 4) / sizeof(*di)) | |
465 | return -EINVAL; | |
466 | ||
467 | size = sizeof(*dl) + dev_num * sizeof(*di); | |
468 | ||
f9432c5e | 469 | dl = kzalloc(size, GFP_KERNEL); |
285b4e90 | 470 | if (!dl) |
1da177e4 LT |
471 | return -ENOMEM; |
472 | ||
473 | di = dl->dev_info; | |
474 | ||
393432cd | 475 | spin_lock(&rfcomm_dev_lock); |
1da177e4 | 476 | |
8035ded4 | 477 | list_for_each_entry(dev, &rfcomm_dev_list, list) { |
960603a5 | 478 | if (!tty_port_get(&dev->port)) |
8de0a154 | 479 | continue; |
1da177e4 LT |
480 | (di + n)->id = dev->id; |
481 | (di + n)->flags = dev->flags; | |
482 | (di + n)->state = dev->dlc->state; | |
483 | (di + n)->channel = dev->channel; | |
484 | bacpy(&(di + n)->src, &dev->src); | |
485 | bacpy(&(di + n)->dst, &dev->dst); | |
960603a5 | 486 | tty_port_put(&dev->port); |
1da177e4 LT |
487 | if (++n >= dev_num) |
488 | break; | |
489 | } | |
490 | ||
393432cd | 491 | spin_unlock(&rfcomm_dev_lock); |
1da177e4 LT |
492 | |
493 | dl->dev_num = n; | |
494 | size = sizeof(*dl) + n * sizeof(*di); | |
495 | ||
496 | err = copy_to_user(arg, dl, size); | |
497 | kfree(dl); | |
498 | ||
499 | return err ? -EFAULT : 0; | |
500 | } | |
501 | ||
502 | static int rfcomm_get_dev_info(void __user *arg) | |
503 | { | |
504 | struct rfcomm_dev *dev; | |
505 | struct rfcomm_dev_info di; | |
506 | int err = 0; | |
507 | ||
508 | BT_DBG(""); | |
509 | ||
510 | if (copy_from_user(&di, arg, sizeof(di))) | |
511 | return -EFAULT; | |
512 | ||
285b4e90 AE |
513 | dev = rfcomm_dev_get(di.id); |
514 | if (!dev) | |
1da177e4 LT |
515 | return -ENODEV; |
516 | ||
517 | di.flags = dev->flags; | |
518 | di.channel = dev->channel; | |
519 | di.state = dev->dlc->state; | |
520 | bacpy(&di.src, &dev->src); | |
521 | bacpy(&di.dst, &dev->dst); | |
522 | ||
523 | if (copy_to_user(arg, &di, sizeof(di))) | |
524 | err = -EFAULT; | |
525 | ||
67054019 | 526 | tty_port_put(&dev->port); |
1da177e4 LT |
527 | return err; |
528 | } | |
529 | ||
530 | int rfcomm_dev_ioctl(struct sock *sk, unsigned int cmd, void __user *arg) | |
531 | { | |
532 | BT_DBG("cmd %d arg %p", cmd, arg); | |
533 | ||
534 | switch (cmd) { | |
535 | case RFCOMMCREATEDEV: | |
536 | return rfcomm_create_dev(sk, arg); | |
537 | ||
538 | case RFCOMMRELEASEDEV: | |
539 | return rfcomm_release_dev(arg); | |
540 | ||
541 | case RFCOMMGETDEVLIST: | |
542 | return rfcomm_get_dev_list(arg); | |
543 | ||
544 | case RFCOMMGETDEVINFO: | |
545 | return rfcomm_get_dev_info(arg); | |
546 | } | |
547 | ||
548 | return -EINVAL; | |
549 | } | |
550 | ||
551 | /* ---- DLC callbacks ---- */ | |
552 | static void rfcomm_dev_data_ready(struct rfcomm_dlc *dlc, struct sk_buff *skb) | |
553 | { | |
554 | struct rfcomm_dev *dev = dlc->owner; | |
8e87d142 | 555 | |
a0c22f22 | 556 | if (!dev) { |
1da177e4 LT |
557 | kfree_skb(skb); |
558 | return; | |
559 | } | |
560 | ||
2e124b4a | 561 | if (!skb_queue_empty(&dev->pending)) { |
a0c22f22 MH |
562 | skb_queue_tail(&dev->pending, skb); |
563 | return; | |
564 | } | |
565 | ||
2e124b4a | 566 | BT_DBG("dlc %p len %d", dlc, skb->len); |
1da177e4 | 567 | |
05c7cd39 | 568 | tty_insert_flip_string(&dev->port, skb->data, skb->len); |
2e124b4a | 569 | tty_flip_buffer_push(&dev->port); |
1da177e4 LT |
570 | |
571 | kfree_skb(skb); | |
572 | } | |
573 | ||
574 | static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err) | |
575 | { | |
576 | struct rfcomm_dev *dev = dlc->owner; | |
577 | if (!dev) | |
578 | return; | |
8e87d142 | 579 | |
1da177e4 LT |
580 | BT_DBG("dlc %p dev %p err %d", dlc, dev, err); |
581 | ||
582 | dev->err = err; | |
136c373b PH |
583 | if (dlc->state == BT_CONNECTED) { |
584 | device_move(dev->tty_dev, rfcomm_get_device(dev), | |
585 | DPM_ORDER_DEV_AFTER_PARENT); | |
1da177e4 | 586 | |
136c373b PH |
587 | wake_up_interruptible(&dev->port.open_wait); |
588 | } else if (dlc->state == BT_CLOSED) | |
29cd718b | 589 | tty_port_tty_hangup(&dev->port, false); |
1da177e4 LT |
590 | } |
591 | ||
592 | static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig) | |
593 | { | |
594 | struct rfcomm_dev *dev = dlc->owner; | |
595 | if (!dev) | |
596 | return; | |