]> git.proxmox.com Git - mirror_ubuntu-artful-kernel.git/blame - net/bluetooth/rfcomm/core.c
projects / mirror_ubuntu-artful-kernel.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
[PATCH] gfp flags annotations - part 1
[mirror_ubuntu-artful-kernel.git] / net / bluetooth / rfcomm / core.c
CommitLineData
1da177e4
LT		 1/*
2 RFCOMM implementation for Linux Bluetooth stack (BlueZ).
3 Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com>
4 Copyright (C) 2002 Marcel Holtmann <marcel@holtmann.org>
5
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License version 2 as
8 published by the Free Software Foundation;
9
10 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
11 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
12 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
13 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
14 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
15 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
17 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18
19 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
20 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
21 SOFTWARE IS DISCLAIMED.
22*/
23
1da177e4
LT		 24/*
25 * Bluetooth RFCOMM core.
26 *
27 * $Id: core.c,v 1.42 2002/10/01 23:26:25 maxk Exp $
28 */
29
30#include <linux/config.h>
31#include <linux/module.h>
32#include <linux/errno.h>
33#include <linux/kernel.h>
34#include <linux/sched.h>
35#include <linux/signal.h>
36#include <linux/init.h>
37#include <linux/wait.h>
38#include <linux/net.h>
39#include <linux/proc_fs.h>
40#include <linux/seq_file.h>
41#include <net/sock.h>
42#include <asm/uaccess.h>
43#include <asm/unaligned.h>
44
45#include <net/bluetooth/bluetooth.h>
46#include <net/bluetooth/hci_core.h>
47#include <net/bluetooth/l2cap.h>
48#include <net/bluetooth/rfcomm.h>
49
50#define VERSION "1.5"
51
52#ifndef CONFIG_BT_RFCOMM_DEBUG
53#undef BT_DBG
54#define BT_DBG(D...)
55#endif
56
57#ifdef CONFIG_PROC_FS
58struct proc_dir_entry *proc_bt_rfcomm;
59#endif
60
61static struct task_struct *rfcomm_thread;
62
63static DECLARE_MUTEX(rfcomm_sem);
64#define rfcomm_lock() down(&rfcomm_sem);
65#define rfcomm_unlock() up(&rfcomm_sem);
66
67static unsigned long rfcomm_event;
68
69static LIST_HEAD(session_list);
70static atomic_t terminate, running;
71
72static int rfcomm_send_frame(struct rfcomm_session *s, u8 *data, int len);
73static int rfcomm_send_sabm(struct rfcomm_session *s, u8 dlci);
74static int rfcomm_send_disc(struct rfcomm_session *s, u8 dlci);
75static int rfcomm_queue_disc(struct rfcomm_dlc *d);
76static int rfcomm_send_nsc(struct rfcomm_session *s, int cr, u8 type);
77static int rfcomm_send_pn(struct rfcomm_session *s, int cr, struct rfcomm_dlc *d);
78static int rfcomm_send_msc(struct rfcomm_session *s, int cr, u8 dlci, u8 v24_sig);
79static int rfcomm_send_test(struct rfcomm_session *s, int cr, u8 *pattern, int len);
80static int rfcomm_send_credits(struct rfcomm_session *s, u8 addr, u8 credits);
81static void rfcomm_make_uih(struct sk_buff *skb, u8 addr);
82
83static void rfcomm_process_connect(struct rfcomm_session *s);
84
85static struct rfcomm_session *rfcomm_session_create(bdaddr_t *src, bdaddr_t *dst, int *err);
86static struct rfcomm_session *rfcomm_session_get(bdaddr_t *src, bdaddr_t *dst);
87static void rfcomm_session_del(struct rfcomm_session *s);
88
89/* ---- RFCOMM frame parsing macros ---- */
90#define __get_dlci(b) ((b & 0xfc) >> 2)
91#define __get_channel(b) ((b & 0xf8) >> 3)
92#define __get_dir(b) ((b & 0x04) >> 2)
93#define __get_type(b) ((b & 0xef))
94
95#define __test_ea(b) ((b & 0x01))
96#define __test_cr(b) ((b & 0x02))
97#define __test_pf(b) ((b & 0x10))
98
99#define __addr(cr, dlci) (((dlci & 0x3f) << 2) | (cr << 1) | 0x01)
100#define __ctrl(type, pf) (((type & 0xef) | (pf << 4)))
101#define __dlci(dir, chn) (((chn & 0x1f) << 1) | dir)
102#define __srv_channel(dlci) (dlci >> 1)
103#define __dir(dlci) (dlci & 0x01)
104
105#define __len8(len) (((len) << 1) | 1)
106#define __len16(len) ((len) << 1)
107
108/* MCC macros */
109#define __mcc_type(cr, type) (((type << 2) | (cr << 1) | 0x01))
110#define __get_mcc_type(b) ((b & 0xfc) >> 2)
111#define __get_mcc_len(b) ((b & 0xfe) >> 1)
112
113/* RPN macros */
3a5e903c 114#define __rpn_line_settings(data, stop, parity) ((data & 0x3) | ((stop & 0x1) << 2) | ((parity & 0x7) << 3))
1da177e4
LT		 115#define __get_rpn_data_bits(line) ((line) & 0x3)
116#define __get_rpn_stop_bits(line) (((line) >> 2) & 0x1)
3a5e903c 117#define __get_rpn_parity(line) (((line) >> 3) & 0x7)
1da177e4
LT		 118
119static inline void rfcomm_schedule(uint event)
120{
121 if (!rfcomm_thread)
122 return;
123 //set_bit(event, &rfcomm_event);
124 set_bit(RFCOMM_SCHED_WAKEUP, &rfcomm_event);
125 wake_up_process(rfcomm_thread);
126}
127
128static inline void rfcomm_session_put(struct rfcomm_session *s)
129{
130 if (atomic_dec_and_test(&s->refcnt))
131 rfcomm_session_del(s);
132}
133
134/* ---- RFCOMM FCS computation ---- */
135
136/* CRC on 2 bytes */
137#define __crc(data) (rfcomm_crc_table[rfcomm_crc_table[0xff ^ data[0]] ^ data[1]])
138
139/* FCS on 2 bytes */
140static inline u8 __fcs(u8 *data)
141{
142 return (0xff - __crc(data));
143}
144
145/* FCS on 3 bytes */
146static inline u8 __fcs2(u8 *data)
147{
148 return (0xff - rfcomm_crc_table[__crc(data) ^ data[2]]);
149}
150
151/* Check FCS */
152static inline int __check_fcs(u8 *data, int type, u8 fcs)
153{
154 u8 f = __crc(data);
155
156 if (type != RFCOMM_UIH)
157 f = rfcomm_crc_table[f ^ data[2]];
158
159 return rfcomm_crc_table[f ^ fcs] != 0xcf;
160}
161
162/* ---- L2CAP callbacks ---- */
163static void rfcomm_l2state_change(struct sock *sk)
164{
165 BT_DBG("%p state %d", sk, sk->sk_state);
166 rfcomm_schedule(RFCOMM_SCHED_STATE);
167}
168
169static void rfcomm_l2data_ready(struct sock *sk, int bytes)
170{
171 BT_DBG("%p bytes %d", sk, bytes);
172 rfcomm_schedule(RFCOMM_SCHED_RX);
173}
174
175static int rfcomm_l2sock_create(struct socket **sock)
176{
177 int err;
178
179 BT_DBG("");
180
181 err = sock_create_kern(PF_BLUETOOTH, SOCK_SEQPACKET, BTPROTO_L2CAP, sock);
182 if (!err) {
183 struct sock *sk = (*sock)->sk;
184 sk->sk_data_ready = rfcomm_l2data_ready;
185 sk->sk_state_change = rfcomm_l2state_change;
186 }
187 return err;
188}
189
190/* ---- RFCOMM DLCs ---- */
191static void rfcomm_dlc_timeout(unsigned long arg)
192{
193 struct rfcomm_dlc *d = (void *) arg;
194
195 BT_DBG("dlc %p state %ld", d, d->state);
196
197 set_bit(RFCOMM_TIMED_OUT, &d->flags);
198 rfcomm_dlc_put(d);
199 rfcomm_schedule(RFCOMM_SCHED_TIMEO);
200}
201
202static void rfcomm_dlc_set_timer(struct rfcomm_dlc *d, long timeout)
203{
204 BT_DBG("dlc %p state %ld timeout %ld", d, d->state, timeout);
205
206 if (!mod_timer(&d->timer, jiffies + timeout))
207 rfcomm_dlc_hold(d);
208}
209
210static void rfcomm_dlc_clear_timer(struct rfcomm_dlc *d)
211{
212 BT_DBG("dlc %p state %ld", d, d->state);
213
214 if (timer_pending(&d->timer) && del_timer(&d->timer))
215 rfcomm_dlc_put(d);
216}
217
218static void rfcomm_dlc_clear_state(struct rfcomm_dlc *d)
219{
220 BT_DBG("%p", d);
221
222 d->state = BT_OPEN;
223 d->flags = 0;
224 d->mscex = 0;
225 d->mtu = RFCOMM_DEFAULT_MTU;
226 d->v24_sig = RFCOMM_V24_RTC | RFCOMM_V24_RTR | RFCOMM_V24_DV;
227
228 d->cfc = RFCOMM_CFC_DISABLED;
229 d->rx_credits = RFCOMM_DEFAULT_CREDITS;
230}
231
dd0fc66f 232struct rfcomm_dlc *rfcomm_dlc_alloc(gfp_t prio)
1da177e4
LT		 233{
234 struct rfcomm_dlc *d = kmalloc(sizeof(*d), prio);
235 if (!d)
236 return NULL;
237 memset(d, 0, sizeof(*d));
238
239 init_timer(&d->timer);
240 d->timer.function = rfcomm_dlc_timeout;
241 d->timer.data = (unsigned long) d;
242
243 skb_queue_head_init(&d->tx_queue);
244 spin_lock_init(&d->lock);
245 atomic_set(&d->refcnt, 1);
246
247 rfcomm_dlc_clear_state(d);
248
249 BT_DBG("%p", d);
250 return d;
251}
252
253void rfcomm_dlc_free(struct rfcomm_dlc *d)
254{
255 BT_DBG("%p", d);
256
257 skb_queue_purge(&d->tx_queue);
258 kfree(d);
259}
260
261static void rfcomm_dlc_link(struct rfcomm_session *s, struct rfcomm_dlc *d)
262{
263 BT_DBG("dlc %p session %p", d, s);
264
265 rfcomm_session_hold(s);
266
267 rfcomm_dlc_hold(d);
268 list_add(&d->list, &s->dlcs);
269 d->session = s;
270}
271
272static void rfcomm_dlc_unlink(struct rfcomm_dlc *d)
273{
274 struct rfcomm_session *s = d->session;
275
276 BT_DBG("dlc %p refcnt %d session %p", d, atomic_read(&d->refcnt), s);
277
278 list_del(&d->list);
279 d->session = NULL;
280 rfcomm_dlc_put(d);
281
282 rfcomm_session_put(s);
283}
284
285static struct rfcomm_dlc *rfcomm_dlc_get(struct rfcomm_session *s, u8 dlci)
286{
287 struct rfcomm_dlc *d;
288 struct list_head *p;
289
290 list_for_each(p, &s->dlcs) {
291 d = list_entry(p, struct rfcomm_dlc, list);
292 if (d->dlci == dlci)
293 return d;
294 }
295 return NULL;
296}
297
298static int __rfcomm_dlc_open(struct rfcomm_dlc *d, bdaddr_t *src, bdaddr_t *dst, u8 channel)
299{
300 struct rfcomm_session *s;
301 int err = 0;
302 u8 dlci;
303
304 BT_DBG("dlc %p state %ld %s %s channel %d",
305 d, d->state, batostr(src), batostr(dst), channel);
306
307 if (channel < 1 || channel > 30)
308 return -EINVAL;
309
310 if (d->state != BT_OPEN && d->state != BT_CLOSED)
311 return 0;
312
313 s = rfcomm_session_get(src, dst);
314 if (!s) {
315 s = rfcomm_session_create(src, dst, &err);
316 if (!s)
317 return err;
318 }
319
320 dlci = __dlci(!s->initiator, channel);
321
322 /* Check if DLCI already exists */
323 if (rfcomm_dlc_get(s, dlci))
324 return -EBUSY;
325
326 rfcomm_dlc_clear_state(d);
327
328 d->dlci = dlci;
329 d->addr = __addr(s->initiator, dlci);
330 d->priority = 7;
331
332 d->state = BT_CONFIG;
333 rfcomm_dlc_link(s, d);
334
335 d->mtu = s->mtu;
336 d->cfc = (s->cfc == RFCOMM_CFC_UNKNOWN) ? 0 : s->cfc;
337
338 if (s->state == BT_CONNECTED)
339 rfcomm_send_pn(s, 1, d);
340 rfcomm_dlc_set_timer(d, RFCOMM_CONN_TIMEOUT);
341 return 0;
342}
343
344int rfcomm_dlc_open(struct rfcomm_dlc *d, bdaddr_t *src, bdaddr_t *dst, u8 channel)
345{
346 int r;
347
348 rfcomm_lock();
349
350 r = __rfcomm_dlc_open(d, src, dst, channel);
351
352 rfcomm_unlock();
353 return r;
354}
355
356static int __rfcomm_dlc_close(struct rfcomm_dlc *d, int err)
357{
358 struct rfcomm_session *s = d->session;
359 if (!s)
360 return 0;
361
362 BT_DBG("dlc %p state %ld dlci %d err %d session %p",
363 d, d->state, d->dlci, err, s);
364
365 switch (d->state) {
366 case BT_CONNECTED:
367 case BT_CONFIG:
368 case BT_CONNECT:
369 d->state = BT_DISCONN;
370 if (skb_queue_empty(&d->tx_queue)) {
371 rfcomm_send_disc(s, d->dlci);
372 rfcomm_dlc_set_timer(d, RFCOMM_DISC_TIMEOUT);
373 } else {
374 rfcomm_queue_disc(d);
375 rfcomm_dlc_set_timer(d, RFCOMM_DISC_TIMEOUT * 2);
376 }
377 break;
378
379 default:
380 rfcomm_dlc_clear_timer(d);
381
382 rfcomm_dlc_lock(d);
383 d->state = BT_CLOSED;
384 d->state_change(d, err);
385 rfcomm_dlc_unlock(d);
386
387 skb_queue_purge(&d->tx_queue);
1da177e4
LT		 388 rfcomm_dlc_unlink(d);
389 }
390
391 return 0;
392}
393
394int rfcomm_dlc_close(struct rfcomm_dlc *d, int err)
395{
396 int r;
397
398 rfcomm_lock();
399
400 r = __rfcomm_dlc_close(d, err);
401
402 rfcomm_unlock();
403 return r;
404}
405
406int rfcomm_dlc_send(struct rfcomm_dlc *d, struct sk_buff *skb)
407{
408 int len = skb->len;
409
410 if (d->state != BT_CONNECTED)
411 return -ENOTCONN;
412
413 BT_DBG("dlc %p mtu %d len %d", d, d->mtu, len);
414
415 if (len > d->mtu)
416 return -EINVAL;
417
418 rfcomm_make_uih(skb, d->addr);
419 skb_queue_tail(&d->tx_queue, skb);
420
421 if (!test_bit(RFCOMM_TX_THROTTLED, &d->flags))
422 rfcomm_schedule(RFCOMM_SCHED_TX);
423 return len;
424}
425
426void fastcall __rfcomm_dlc_throttle(struct rfcomm_dlc *d)
427{
428 BT_DBG("dlc %p state %ld", d, d->state);
429
430 if (!d->cfc) {
431 d->v24_sig |= RFCOMM_V24_FC;
432 set_bit(RFCOMM_MSC_PENDING, &d->flags);
433 }
434 rfcomm_schedule(RFCOMM_SCHED_TX);
435}
436
437void fastcall __rfcomm_dlc_unthrottle(struct rfcomm_dlc *d)
438{
439 BT_DBG("dlc %p state %ld", d, d->state);
440
441 if (!d->cfc) {
442 d->v24_sig &= ~RFCOMM_V24_FC;
443 set_bit(RFCOMM_MSC_PENDING, &d->flags);
444 }
445 rfcomm_schedule(RFCOMM_SCHED_TX);
446}
447
448/*
449 Set/get modem status functions use _local_ status i.e. what we report
450 to the other side.
451 Remote status is provided by dlc->modem_status() callback.
452 */
453int rfcomm_dlc_set_modem_status(struct rfcomm_dlc *d, u8 v24_sig)
454{
455 BT_DBG("dlc %p state %ld v24_sig 0x%x",
456 d, d->state, v24_sig);
457
458 if (test_bit(RFCOMM_RX_THROTTLED, &d->flags))
459 v24_sig |= RFCOMM_V24_FC;
460 else
461 v24_sig &= ~RFCOMM_V24_FC;
462
463 d->v24_sig = v24_sig;
464
465 if (!test_and_set_bit(RFCOMM_MSC_PENDING, &d->flags))
466 rfcomm_schedule(RFCOMM_SCHED_TX);
467
468 return 0;
469}
470
471int rfcomm_dlc_get_modem_status(struct rfcomm_dlc *d, u8 *v24_sig)
472{
473 BT_DBG("dlc %p state %ld v24_sig 0x%x",
474 d, d->state, d->v24_sig);
475
476 *v24_sig = d->v24_sig;
477 return 0;
478}
479
480/* ---- RFCOMM sessions ---- */
481static struct rfcomm_session *rfcomm_session_add(struct socket *sock, int state)
482{
483 struct rfcomm_session *s = kmalloc(sizeof(*s), GFP_KERNEL);
484 if (!s)
485 return NULL;
486 memset(s, 0, sizeof(*s));
487
488 BT_DBG("session %p sock %p", s, sock);
489
490 INIT_LIST_HEAD(&s->dlcs);
491 s->state = state;
492 s->sock = sock;
493
494 s->mtu = RFCOMM_DEFAULT_MTU;
495 s->cfc = RFCOMM_CFC_UNKNOWN;
496
497 /* Do not increment module usage count for listening sessions.
498 * Otherwise we won't be able to unload the module. */
499 if (state != BT_LISTEN)
500 if (!try_module_get(THIS_MODULE)) {
501 kfree(s);
502 return NULL;
503 }
504
505 list_add(&s->list, &session_list);
506
507 return s;
508}
509
510static void rfcomm_session_del(struct rfcomm_session *s)
511{
512 int state = s->state;
513
514 BT_DBG("session %p state %ld", s, s->state);
515
516 list_del(&s->list);
517
518 if (state == BT_CONNECTED)
519 rfcomm_send_disc(s, 0);
520
521 sock_release(s->sock);
522 kfree(s);
523
524 if (state != BT_LISTEN)
525 module_put(THIS_MODULE);
526}
527
528static struct rfcomm_session *rfcomm_session_get(bdaddr_t *src, bdaddr_t *dst)
529{
530 struct rfcomm_session *s;
531 struct list_head *p, *n;
532 struct bt_sock *sk;
533 list_for_each_safe(p, n, &session_list) {
534 s = list_entry(p, struct rfcomm_session, list);
535 sk = bt_sk(s->sock->sk);
536
537 if ((!bacmp(src, BDADDR_ANY) || !bacmp(&sk->src, src)) &&
538 !bacmp(&sk->dst, dst))
539 return s;
540 }
541 return NULL;
542}
543
544static void rfcomm_session_close(struct rfcomm_session *s, int err)
545{
546 struct rfcomm_dlc *d;
547 struct list_head *p, *n;
548
549 BT_DBG("session %p state %ld err %d", s, s->state, err);
550
551 rfcomm_session_hold(s);
552
553 s->state = BT_CLOSED;
554
555 /* Close all dlcs */
556 list_for_each_safe(p, n, &s->dlcs) {
557 d = list_entry(p, struct rfcomm_dlc, list);
558 d->state = BT_CLOSED;
559 __rfcomm_dlc_close(d, err);
560 }
561
562 rfcomm_session_put(s);
563}
564
565static struct rfcomm_session *rfcomm_session_create(bdaddr_t *src, bdaddr_t *dst, int *err)
566{
567 struct rfcomm_session *s = NULL;
568 struct sockaddr_l2 addr;
569 struct socket *sock;
570 struct sock *sk;
571
572 BT_DBG("%s %s", batostr(src), batostr(dst));
573
574 *err = rfcomm_l2sock_create(&sock);
575 if (*err < 0)
576 return NULL;
577
578 bacpy(&addr.l2_bdaddr, src);
579 addr.l2_family = AF_BLUETOOTH;
580 addr.l2_psm = 0;
581 *err = sock->ops->bind(sock, (struct sockaddr *) &addr, sizeof(addr));
582 if (*err < 0)
583 goto failed;
584
585 /* Set L2CAP options */
586 sk = sock->sk;
587 lock_sock(sk);
588 l2cap_pi(sk)->imtu = RFCOMM_MAX_L2CAP_MTU;
589 release_sock(sk);
590
591 s = rfcomm_session_add(sock, BT_BOUND);
592 if (!s) {
593 *err = -ENOMEM;
594 goto failed;
595 }
596
1da177e4
LT		 597 s->initiator = 1;
598
599 bacpy(&addr.l2_bdaddr, dst);
600 addr.l2_family = AF_BLUETOOTH;
601 addr.l2_psm = htobs(RFCOMM_PSM);
602 *err = sock->ops->connect(sock, (struct sockaddr *) &addr, sizeof(addr), O_NONBLOCK);
603 if (*err == 0 || *err == -EAGAIN)
604 return s;
605
606 rfcomm_session_del(s);
607 return NULL;
608
609failed:
610 sock_release(sock);
611 return NULL;
612}
613
614void rfcomm_session_getaddr(struct rfcomm_session *s, bdaddr_t *src, bdaddr_t *dst)
615{
616 struct sock *sk = s->sock->sk;
617 if (src)
618 bacpy(src, &bt_sk(sk)->src);
619 if (dst)
620 bacpy(dst, &bt_sk(sk)->dst);
621}
622
623/* ---- RFCOMM frame sending ---- */
624static int rfcomm_send_frame(struct rfcomm_session *s, u8 *data, int len)
625{
626 struct socket *sock = s->sock;
627 struct kvec iv = { data, len };
628 struct msghdr msg;
629
630 BT_DBG("session %p len %d", s, len);
631
632 memset(&msg, 0, sizeof(msg));
633
634 return kernel_sendmsg(sock, &msg, &iv, 1, len);
635}
636
637static int rfcomm_send_sabm(struct rfcomm_session *s, u8 dlci)
638{
639 struct rfcomm_cmd cmd;
640
641 BT_DBG("%p dlci %d", s, dlci);
642
643 cmd.addr = __addr(s->initiator, dlci);
644 cmd.ctrl = __ctrl(RFCOMM_SABM, 1);
645 cmd.len = __len8(0);
646 cmd.fcs = __fcs2((u8 *) &cmd);
647
648 return rfcomm_send_frame(s, (void *) &cmd, sizeof(cmd));
649}
650
651static int rfcomm_send_ua(struct rfcomm_session *s, u8 dlci)
652{
653 struct rfcomm_cmd cmd;
654
655 BT_DBG("%p dlci %d", s, dlci);
656
657 cmd.addr = __addr(!s->initiator, dlci);
658 cmd.ctrl = __ctrl(RFCOMM_UA, 1);
659 cmd.len = __len8(0);
660 cmd.fcs = __fcs2((u8 *) &cmd);
661
662 return rfcomm_send_frame(s, (void *) &cmd, sizeof(cmd));
663}
664
665static int rfcomm_send_disc(struct rfcomm_session *s, u8 dlci)
666{
667 struct rfcomm_cmd cmd;
668
669 BT_DBG("%p dlci %d", s, dlci);
670
671 cmd.addr = __addr(s->initiator, dlci);
672 cmd.ctrl = __ctrl(RFCOMM_DISC, 1);
673 cmd.len = __len8(0);
674 cmd.fcs = __fcs2((u8 *) &cmd);
675
676 return rfcomm_send_frame(s, (void *) &cmd, sizeof(cmd));
677}
678
679static int rfcomm_queue_disc(struct rfcomm_dlc *d)
680{
681 struct rfcomm_cmd *cmd;
682 struct sk_buff *skb;
683
684 BT_DBG("dlc %p dlci %d", d, d->dlci);
685
686 skb = alloc_skb(sizeof(*cmd), GFP_KERNEL);
687 if (!skb)
688 return -ENOMEM;
689
690 cmd = (void *) __skb_put(skb, sizeof(*cmd));
691 cmd->addr = d->addr;
692 cmd->ctrl = __ctrl(RFCOMM_DISC, 1);
693 cmd->len = __len8(0);
694 cmd->fcs = __fcs2((u8 *) cmd);
695
696 skb_queue_tail(&d->tx_queue, skb);
697 rfcomm_schedule(RFCOMM_SCHED_TX);
698 return 0;
699}
700
701static int rfcomm_send_dm(struct rfcomm_session *s, u8 dlci)
702{
703 struct rfcomm_cmd cmd;
704
705 BT_DBG("%p dlci %d", s, dlci);
706
707 cmd.addr = __addr(!s->initiator, dlci);
708 cmd.ctrl = __ctrl(RFCOMM_DM, 1);
709 cmd.len = __len8(0);
710 cmd.fcs = __fcs2((u8 *) &cmd);
711
712 return rfcomm_send_frame(s, (void *) &cmd, sizeof(cmd));
713}
714
715static int rfcomm_send_nsc(struct rfcomm_session *s, int cr, u8 type)
716{
717 struct rfcomm_hdr *hdr;
718 struct rfcomm_mcc *mcc;
719 u8 buf[16], *ptr = buf;
720
721 BT_DBG("%p cr %d type %d", s, cr, type);
722
723 hdr = (void *) ptr; ptr += sizeof(*hdr);
724 hdr->addr = __addr(s->initiator, 0);
725 hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
726 hdr->len = __len8(sizeof(*mcc) + 1);
727
728 mcc = (void *) ptr; ptr += sizeof(*mcc);
729 mcc->type = __mcc_type(cr, RFCOMM_NSC);
730 mcc->len = __len8(1);
731
732 /* Type that we didn't like */
733 *ptr = __mcc_type(cr, type); ptr++;
734
735 *ptr = __fcs(buf); ptr++;
736
737 return rfcomm_send_frame(s, buf, ptr - buf);
738}
739
740static int rfcomm_send_pn(struct rfcomm_session *s, int cr, struct rfcomm_dlc *d)
741{
742 struct rfcomm_hdr *hdr;
743 struct rfcomm_mcc *mcc;
744 struct rfcomm_pn *pn;
745 u8 buf[16], *ptr = buf;
746
747 BT_DBG("%p cr %d dlci %d mtu %d", s, cr, d->dlci, d->mtu);
748
749 hdr = (void *) ptr; ptr += sizeof(*hdr);
750 hdr->addr = __addr(s->initiator, 0);
751 hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
752 hdr->len = __len8(sizeof(*mcc) + sizeof(*pn));
753
754 mcc = (void *) ptr; ptr += sizeof(*mcc);
755 mcc->type = __mcc_type(cr, RFCOMM_PN);
756 mcc->len = __len8(sizeof(*pn));
757
758 pn = (void *) ptr; ptr += sizeof(*pn);
759 pn->dlci = d->dlci;
760 pn->priority = d->priority;
761 pn->ack_timer = 0;
762 pn->max_retrans = 0;
763
764 if (s->cfc) {
765 pn->flow_ctrl = cr ? 0xf0 : 0xe0;
766 pn->credits = RFCOMM_DEFAULT_CREDITS;
767 } else {
768 pn->flow_ctrl = 0;
769 pn->credits = 0;
770 }
771
772 pn->mtu = htobs(d->mtu);
773
774 *ptr = __fcs(buf); ptr++;
775
776 return rfcomm_send_frame(s, buf, ptr - buf);
777}
778
3a5e903c
S		 779int rfcomm_send_rpn(struct rfcomm_session *s, int cr, u8 dlci,
780 u8 bit_rate, u8 data_bits, u8 stop_bits,
781 u8 parity, u8 flow_ctrl_settings,
782 u8 xon_char, u8 xoff_char, u16 param_mask)
1da177e4
LT		 783{
784 struct rfcomm_hdr *hdr;
785 struct rfcomm_mcc *mcc;
786 struct rfcomm_rpn *rpn;
787 u8 buf[16], *ptr = buf;
788
789 BT_DBG("%p cr %d dlci %d bit_r 0x%x data_b 0x%x stop_b 0x%x parity 0x%x"
3a5e903c
S		 790 " flwc_s 0x%x xon_c 0x%x xoff_c 0x%x p_mask 0x%x",
791 s, cr, dlci, bit_rate, data_bits, stop_bits, parity,
792 flow_ctrl_settings, xon_char, xoff_char, param_mask);
1da177e4
LT		 793
794 hdr = (void *) ptr; ptr += sizeof(*hdr);
795 hdr->addr = __addr(s->initiator, 0);
796 hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
797 hdr->len = __len8(sizeof(*mcc) + sizeof(*rpn));
798
799 mcc = (void *) ptr; ptr += sizeof(*mcc);
800 mcc->type = __mcc_type(cr, RFCOMM_RPN);
801 mcc->len = __len8(sizeof(*rpn));
802
803 rpn = (void *) ptr; ptr += sizeof(*rpn);
804 rpn->dlci = __addr(1, dlci);
805 rpn->bit_rate = bit_rate;
806 rpn->line_settings = __rpn_line_settings(data_bits, stop_bits, parity);
807 rpn->flow_ctrl = flow_ctrl_settings;
808 rpn->xon_char = xon_char;
809 rpn->xoff_char = xoff_char;
810 rpn->param_mask = param_mask;
811
812 *ptr = __fcs(buf); ptr++;
813
814 return rfcomm_send_frame(s, buf, ptr - buf);
815}
816
817static int rfcomm_send_rls(struct rfcomm_session *s, int cr, u8 dlci, u8 status)
818{
819 struct rfcomm_hdr *hdr;
820 struct rfcomm_mcc *mcc;
821 struct rfcomm_rls *rls;
822 u8 buf[16], *ptr = buf;
823
824 BT_DBG("%p cr %d status 0x%x", s, cr, status);
825
826 hdr = (void *) ptr; ptr += sizeof(*hdr);
827 hdr->addr = __addr(s->initiator, 0);
828 hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
829 hdr->len = __len8(sizeof(*mcc) + sizeof(*rls));
830
831 mcc = (void *) ptr; ptr += sizeof(*mcc);
832 mcc->type = __mcc_type(cr, RFCOMM_RLS);
833 mcc->len = __len8(sizeof(*rls));
834
835 rls = (void *) ptr; ptr += sizeof(*rls);
836 rls->dlci = __addr(1, dlci);
837 rls->status = status;
838
839 *ptr = __fcs(buf); ptr++;
840
841 return rfcomm_send_frame(s, buf, ptr - buf);
842}
843
844static int rfcomm_send_msc(struct rfcomm_session *s, int cr, u8 dlci, u8 v24_sig)
845{
846 struct rfcomm_hdr *hdr;
847 struct rfcomm_mcc *mcc;
848 struct rfcomm_msc *msc;
849 u8 buf[16], *ptr = buf;
850
851 BT_DBG("%p cr %d v24 0x%x", s, cr, v24_sig);
852
853 hdr = (void *) ptr; ptr += sizeof(*hdr);
854 hdr->addr = __addr(s->initiator, 0);
855 hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
856 hdr->len = __len8(sizeof(*mcc) + sizeof(*msc));
857
858 mcc = (void *) ptr; ptr += sizeof(*mcc);
859 mcc->type = __mcc_type(cr, RFCOMM_MSC);
860 mcc->len = __len8(sizeof(*msc));
861
862 msc = (void *) ptr; ptr += sizeof(*msc);
863 msc->dlci = __addr(1, dlci);
864 msc->v24_sig = v24_sig | 0x01;
865
866 *ptr = __fcs(buf); ptr++;
867
868 return rfcomm_send_frame(s, buf, ptr - buf);
869}
870
871static int rfcomm_send_fcoff(struct rfcomm_session *s, int cr)
872{
873 struct rfcomm_hdr *hdr;
874 struct rfcomm_mcc *mcc;
875 u8 buf[16], *ptr = buf;
876
877 BT_DBG("%p cr %d", s, cr);
878
879 hdr = (void *) ptr; ptr += sizeof(*hdr);
880 hdr->addr = __addr(s->initiator, 0);
881 hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
882 hdr->len = __len8(sizeof(*mcc));
883
884 mcc = (void *) ptr; ptr += sizeof(*mcc);
885 mcc->type = __mcc_type(cr, RFCOMM_FCOFF);
886 mcc->len = __len8(0);
887
888 *ptr = __fcs(buf); ptr++;
889
890 return rfcomm_send_frame(s, buf, ptr - buf);
891}
892
893static int rfcomm_send_fcon(struct rfcomm_session *s, int cr)
894{
895 struct rfcomm_hdr *hdr;
896 struct rfcomm_mcc *mcc;
897 u8 buf[16], *ptr = buf;
898
899 BT_DBG("%p cr %d", s, cr);
900
901 hdr = (void *) ptr; ptr += sizeof(*hdr);
902 hdr->addr = __addr(s->initiator, 0);
903 hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
904 hdr->len = __len8(sizeof(*mcc));
905
906 mcc = (void *) ptr; ptr += sizeof(*mcc);
907 mcc->type = __mcc_type(cr, RFCOMM_FCON);
908 mcc->len = __len8(0);
909
910 *ptr = __fcs(buf); ptr++;
911
912 return rfcomm_send_frame(s, buf, ptr - buf);
913}
914
915static int rfcomm_send_test(struct rfcomm_session *s, int cr, u8 *pattern, int len)
916{
917 struct socket *sock = s->sock;
918 struct kvec iv[3];
919 struct msghdr msg;
920 unsigned char hdr[5], crc[1];
921
922 if (len > 125)
923 return -EINVAL;
924
925 BT_DBG("%p cr %d", s, cr);
926
927 hdr[0] = __addr(s->initiator, 0);
928 hdr[1] = __ctrl(RFCOMM_UIH, 0);
929 hdr[2] = 0x01 | ((len + 2) << 1);
930 hdr[3] = 0x01 | ((cr & 0x01) << 1) | (RFCOMM_TEST << 2);
931 hdr[4] = 0x01 | (len << 1);
932
933 crc[0] = __fcs(hdr);
934
935 iv[0].iov_base = hdr;
936 iv[0].iov_len = 5;
937 iv[1].iov_base = pattern;
938 iv[1].iov_len = len;
939 iv[2].iov_base = crc;
940 iv[2].iov_len = 1;
941
942 memset(&msg, 0, sizeof(msg));
943
944 return kernel_sendmsg(sock, &msg, iv, 3, 6 + len);
945}
946
947static int rfcomm_send_credits(struct rfcomm_session *s, u8 addr, u8 credits)
948{
949 struct rfcomm_hdr *hdr;
950 u8 buf[16], *ptr = buf;
951
952 BT_DBG("%p addr %d credits %d", s, addr, credits);
953
954 hdr = (void *) ptr; ptr += sizeof(*hdr);
955 hdr->addr = addr;
956 hdr->ctrl = __ctrl(RFCOMM_UIH, 1);
957 hdr->len = __len8(0);
958
959 *ptr = credits; ptr++;
960
961 *ptr = __fcs(buf); ptr++;
962
963 return rfcomm_send_frame(s, buf, ptr - buf);
964}
965
966static void rfcomm_make_uih(struct sk_buff *skb, u8 addr)
967{
968 struct rfcomm_hdr *hdr;
969 int len = skb->len;
970 u8 *crc;
971
972 if (len > 127) {
973 hdr = (void *) skb_push(skb, 4);
974 put_unaligned(htobs(__len16(len)), (u16 *) &hdr->len);
975 } else {
976 hdr = (void *) skb_push(skb, 3);
977 hdr->len = __len8(len);
978 }
979 hdr->addr = addr;
980 hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
981
982 crc = skb_put(skb, 1);
983 *crc = __fcs((void *) hdr);
984}
985
986/* ---- RFCOMM frame reception ---- */
987static int rfcomm_recv_ua(struct rfcomm_session *s, u8 dlci)
988{
989 BT_DBG("session %p state %ld dlci %d", s, s->state, dlci);
990
991 if (dlci) {
992 /* Data channel */
993 struct rfcomm_dlc *d = rfcomm_dlc_get(s, dlci);
994 if (!d) {
995 rfcomm_send_dm(s, dlci);
996 return 0;
997 }
998
999 switch (d->state) {
1000 case BT_CONNECT:
1001 rfcomm_dlc_clear_timer(d);
1002
1003 rfcomm_dlc_lock(d);
1004 d->state = BT_CONNECTED;
1005 d->state_change(d, 0);
1006 rfcomm_dlc_unlock(d);
1007
1008 rfcomm_send_msc(s, 1, dlci, d->v24_sig);
1009 break;
1010
1011 case BT_DISCONN:
1012 d->state = BT_CLOSED;
1013 __rfcomm_dlc_close(d, 0);
1014 break;
1015 }
1016 } else {
1017 /* Control channel */
1018 switch (s->state) {
1019 case BT_CONNECT:
1020 s->state = BT_CONNECTED;
1021 rfcomm_process_connect(s);
1022 break;
1023 }
1024 }
1025 return 0;
1026}
1027
1028static int rfcomm_recv_dm(struct rfcomm_session *s, u8 dlci)
1029{
1030 int err = 0;
1031
1032 BT_DBG("session %p state %ld dlci %d", s, s->state, dlci);
1033
1034 if (dlci) {
1035 /* Data DLC */
1036 struct rfcomm_dlc *d = rfcomm_dlc_get(s, dlci);
1037 if (d) {
1038 if (d->state == BT_CONNECT || d->state == BT_CONFIG)
1039 err = ECONNREFUSED;
1040 else
1041 err = ECONNRESET;
1042
1043 d->state = BT_CLOSED;
1044 __rfcomm_dlc_close(d, err);
1045 }
1046 } else {
1047 if (s->state == BT_CONNECT)
1048 err = ECONNREFUSED;
1049 else
1050 err = ECONNRESET;
1051
1052 s->state = BT_CLOSED;
1053 rfcomm_session_close(s, err);
1054 }
1055 return 0;
1056}
1057
1058static int rfcomm_recv_disc(struct rfcomm_session *s, u8 dlci)
1059{
1060 int err = 0;
1061
1062 BT_DBG("session %p state %ld dlci %d", s, s->state, dlci);
1063
1064 if (dlci) {
1065 struct rfcomm_dlc *d = rfcomm_dlc_get(s, dlci);
1066 if (d) {
1067 rfcomm_send_ua(s, dlci);
1068
1069 if (d->state == BT_CONNECT || d->state == BT_CONFIG)
1070 err = ECONNREFUSED;
1071 else
1072 err = ECONNRESET;
1073
1074 d->state = BT_CLOSED;
1075 __rfcomm_dlc_close(d, err);
1076 } else
1077 rfcomm_send_dm(s, dlci);
1078
1079 } else {
1080 rfcomm_send_ua(s, 0);
1081
1082 if (s->state == BT_CONNECT)
1083 err = ECONNREFUSED;
1084 else
1085 err = ECONNRESET;
1086
1087 s->state = BT_CLOSED;
1088 rfcomm_session_close(s, err);
1089 }
1090
1091 return 0;
1092}
1093
1094static inline int rfcomm_check_link_mode(struct rfcomm_dlc *d)
1095{
1096 struct sock *sk = d->session->sock->sk;
1097
1098 if (d->link_mode & (RFCOMM_LM_ENCRYPT | RFCOMM_LM_SECURE)) {
1099 if (!hci_conn_encrypt(l2cap_pi(sk)->conn->hcon))
1100 return 1;
1101 } else if (d->link_mode & RFCOMM_LM_AUTH) {
1102 if (!hci_conn_auth(l2cap_pi(sk)->conn->hcon))
1103 return 1;
1104 }
1105
1106 return 0;
1107}
1108
1109static void rfcomm_dlc_accept(struct rfcomm_dlc *d)
1110{
1111 BT_DBG("dlc %p", d);
1112
1113 rfcomm_send_ua(d->session, d->dlci);
1114
1115 rfcomm_dlc_lock(d);
1116 d->state = BT_CONNECTED;
1117 d->state_change(d, 0);
1118 rfcomm_dlc_unlock(d);
1119
1120 rfcomm_send_msc(d->session, 1, d->dlci, d->v24_sig);
1121}
1122
1123static int rfcomm_recv_sabm(struct rfcomm_session *s, u8 dlci)
1124{
1125 struct rfcomm_dlc *d;
1126 u8 channel;
1127
1128 BT_DBG("session %p state %ld dlci %d", s, s->state, dlci);
1129
1130 if (!dlci) {
1131 rfcomm_send_ua(s, 0);
1132
1133 if (s->state == BT_OPEN) {
1134 s->state = BT_CONNECTED;
1135 rfcomm_process_connect(s);
1136 }
1137 return 0;
1138 }
1139
1140 /* Check if DLC exists */
1141 d = rfcomm_dlc_get(s, dlci);
1142 if (d) {
1143 if (d->state == BT_OPEN) {
1144 /* DLC was previously opened by PN request */
1145 if (rfcomm_check_link_mode(d)) {
1146 set_bit(RFCOMM_AUTH_PENDING, &d->flags);
1147 rfcomm_dlc_set_timer(d, RFCOMM_AUTH_TIMEOUT);
1148 return 0;
1149 }
1150
1151 rfcomm_dlc_accept(d);
1152 }
1153 return 0;
1154 }
1155
1156 /* Notify socket layer about incoming connection */
1157 channel = __srv_channel(dlci);
1158 if (rfcomm_connect_ind(s, channel, &d)) {
1159 d->dlci = dlci;
1160 d->addr = __addr(s->initiator, dlci);
1161 rfcomm_dlc_link(s, d);
1162
1163 if (rfcomm_check_link_mode(d)) {
1164 set_bit(RFCOMM_AUTH_PENDING, &d->flags);
1165 rfcomm_dlc_set_timer(d, RFCOMM_AUTH_TIMEOUT);
1166 return 0;
1167 }
1168
1169 rfcomm_dlc_accept(d);
1170 } else {
1171 rfcomm_send_dm(s, dlci);
1172 }
1173
1174 return 0;
1175}
1176
1177static int rfcomm_apply_pn(struct rfcomm_dlc *d, int cr, struct rfcomm_pn *pn)
1178{
1179 struct rfcomm_session *s = d->session;
1180
1181 BT_DBG("dlc %p state %ld dlci %d mtu %d fc 0x%x credits %d",
1182 d, d->state, d->dlci, pn->mtu, pn->flow_ctrl, pn->credits);
1183
1184 if (pn->flow_ctrl == 0xf0 || pn->flow_ctrl == 0xe0) {
1185 d->cfc = s->cfc = RFCOMM_CFC_ENABLED;
1186 d->tx_credits = pn->credits;
1187 } else {
1188 d->cfc = s->cfc = RFCOMM_CFC_DISABLED;
1189 set_bit(RFCOMM_TX_THROTTLED, &d->flags);
1190 }
1191
1192 d->priority = pn->priority;
1193
1194 d->mtu = s->mtu = btohs(pn->mtu);
1195
1196 return 0;
1197}
1198
1199static int rfcomm_recv_pn(struct rfcomm_session *s, int cr, struct sk_buff *skb)
1200{
1201 struct rfcomm_pn *pn = (void *) skb->data;
1202 struct rfcomm_dlc *d;
1203 u8 dlci = pn->dlci;
1204
1205 BT_DBG("session %p state %ld dlci %d", s, s->state, dlci);
1206
1207 if (!dlci)
1208 return 0;
1209
1210 d = rfcomm_dlc_get(s, dlci);
1211 if (d) {
1212 if (cr) {
1213 /* PN request */
1214 rfcomm_apply_pn(d, cr, pn);
1215 rfcomm_send_pn(s, 0, d);
1216 } else {
1217 /* PN response */
1218 switch (d->state) {
1219 case BT_CONFIG:
1220 rfcomm_apply_pn(d, cr, pn);
1221
1222 d->state = BT_CONNECT;
1223 rfcomm_send_sabm(s, d->dlci);
1224 break;
1225 }
1226 }
1227 } else {
1228 u8 channel = __srv_channel(dlci);
1229
1230 if (!cr)
1231 return 0;
1232
1233 /* PN request for non existing DLC.
1234 * Assume incoming connection. */
1235 if (rfcomm_connect_ind(s, channel, &d)) {
1236 d->dlci = dlci;
1237 d->addr = __addr(s->initiator, dlci);
1238 rfcomm_dlc_link(s, d);
1239
1240 rfcomm_apply_pn(d, cr, pn);
1241
1242 d->state = BT_OPEN;
1243 rfcomm_send_pn(s, 0, d);
1244 } else {
1245 rfcomm_send_dm(s, dlci);
1246 }
1247 }
1248 return 0;
1249}
1250
1251static int rfcomm_recv_rpn(struct rfcomm_session *s, int cr, int len, struct sk_buff *skb)
1252{
1253 struct rfcomm_rpn *rpn = (void *) skb->data;
1254 u8 dlci = __get_dlci(rpn->dlci);
1255
1256 u8 bit_rate = 0;
1257 u8 data_bits = 0;
1258 u8 stop_bits = 0;
1259 u8 parity = 0;
1260 u8 flow_ctrl = 0;
1261 u8 xon_char = 0;
1262 u8 xoff_char = 0;
1263 u16 rpn_mask = RFCOMM_RPN_PM_ALL;
3a5e903c
S		 1264
1265 BT_DBG("dlci %d cr %d len 0x%x bitr 0x%x line 0x%x flow 0x%x xonc 0x%x xoffc 0x%x pm 0x%x",
1266 dlci, cr, len, rpn->bit_rate, rpn->line_settings, rpn->flow_ctrl,
1267 rpn->xon_char, rpn->xoff_char, rpn->param_mask);
1268
1269 if (!cr)
1da177e4 1270 return 0;
3a5e903c 1271
1da177e4 1272 if (len == 1) {
3a5e903c 1273 /* This is a request, return default settings */
1da177e4
LT		 1274 bit_rate = RFCOMM_RPN_BR_115200;
1275 data_bits = RFCOMM_RPN_DATA_8;
1276 stop_bits = RFCOMM_RPN_STOP_1;
1277 parity = RFCOMM_RPN_PARITY_NONE;
1278 flow_ctrl = RFCOMM_RPN_FLOW_NONE;
1279 xon_char = RFCOMM_RPN_XON_CHAR;
1280 xoff_char = RFCOMM_RPN_XOFF_CHAR;
1da177e4
LT		 1281 goto rpn_out;
1282 }
3a5e903c
S		 1283
1284 /* Check for sane values, ignore/accept bit_rate, 8 bits, 1 stop bit,
1285 * no parity, no flow control lines, normal XON/XOFF chars */
1286
1da177e4
LT		 1287 if (rpn->param_mask & RFCOMM_RPN_PM_BITRATE) {
1288 bit_rate = rpn->bit_rate;
1289 if (bit_rate != RFCOMM_RPN_BR_115200) {
1290 BT_DBG("RPN bit rate mismatch 0x%x", bit_rate);
1291 bit_rate = RFCOMM_RPN_BR_115200;
1292 rpn_mask ^= RFCOMM_RPN_PM_BITRATE;
1293 }
1294 }
3a5e903c 1295
1da177e4
LT		 1296 if (rpn->param_mask & RFCOMM_RPN_PM_DATA) {
1297 data_bits = __get_rpn_data_bits(rpn->line_settings);
1298 if (data_bits != RFCOMM_RPN_DATA_8) {
1299 BT_DBG("RPN data bits mismatch 0x%x", data_bits);
1300 data_bits = RFCOMM_RPN_DATA_8;
1301 rpn_mask ^= RFCOMM_RPN_PM_DATA;
1302 }
1303 }
3a5e903c 1304
1da177e4
LT		 1305 if (rpn->param_mask & RFCOMM_RPN_PM_STOP) {
1306 stop_bits = __get_rpn_stop_bits(rpn->line_settings);
1307 if (stop_bits != RFCOMM_RPN_STOP_1) {
1308 BT_DBG("RPN stop bits mismatch 0x%x", stop_bits);
1309 stop_bits = RFCOMM_RPN_STOP_1;
1310 rpn_mask ^= RFCOMM_RPN_PM_STOP;
1311 }
1312 }
3a5e903c 1313
1da177e4
LT		 1314 if (rpn->param_mask & RFCOMM_RPN_PM_PARITY) {
1315 parity = __get_rpn_parity(rpn->line_settings);
1316 if (parity != RFCOMM_RPN_PARITY_NONE) {
1317 BT_DBG("RPN parity mismatch 0x%x", parity);
1318 parity = RFCOMM_RPN_PARITY_NONE;
1319 rpn_mask ^= RFCOMM_RPN_PM_PARITY;
1320 }
1321 }
3a5e903c 1322
1da177e4
LT		 1323 if (rpn->param_mask & RFCOMM_RPN_PM_FLOW) {
1324 flow_ctrl = rpn->flow_ctrl;
1325 if (flow_ctrl != RFCOMM_RPN_FLOW_NONE) {
1326 BT_DBG("RPN flow ctrl mismatch 0x%x", flow_ctrl);
1327 flow_ctrl = RFCOMM_RPN_FLOW_NONE;
1328 rpn_mask ^= RFCOMM_RPN_PM_FLOW;
1329 }
1330 }
3a5e903c 1331
1da177e4
LT		 1332 if (rpn->param_mask & RFCOMM_RPN_PM_XON) {
1333 xon_char = rpn->xon_char;
1334 if (xon_char != RFCOMM_RPN_XON_CHAR) {
1335 BT_DBG("RPN XON char mismatch 0x%x", xon_char);
1336 xon_char = RFCOMM_RPN_XON_CHAR;
1337 rpn_mask ^= RFCOMM_RPN_PM_XON;
1338 }
1339 }
3a5e903c 1340
1da177e4
LT		 1341 if (rpn->param_mask & RFCOMM_RPN_PM_XOFF) {
1342 xoff_char = rpn->xoff_char;
1343 if (xoff_char != RFCOMM_RPN_XOFF_CHAR) {
1344 BT_DBG("RPN XOFF char mismatch 0x%x", xoff_char);
1345 xoff_char = RFCOMM_RPN_XOFF_CHAR;
1346 rpn_mask ^= RFCOMM_RPN_PM_XOFF;
1347 }
1348 }
1349
1350rpn_out:
3a5e903c
S		 1351 rfcomm_send_rpn(s, 0, dlci, bit_rate, data_bits, stop_bits,
1352 parity, flow_ctrl, xon_char, xoff_char, rpn_mask);
1da177e4
LT		 1353
1354 return 0;
1355}
1356
1357static int rfcomm_recv_rls(struct rfcomm_session *s, int cr, struct sk_buff *skb)
1358{
1359 struct rfcomm_rls *rls = (void *) skb->data;
1360 u8 dlci = __get_dlci(rls->dlci);
1361
1362 BT_DBG("dlci %d cr %d status 0x%x", dlci, cr, rls->status);
3a5e903c 1363
1da177e4
LT		 1364 if (!cr)
1365 return 0;
1366
3a5e903c
S		 1367 /* We should probably do something with this information here. But
1368 * for now it's sufficient just to reply -- Bluetooth 1.1 says it's
1369 * mandatory to recognise and respond to RLS */
1da177e4
LT		 1370
1371 rfcomm_send_rls(s, 0, dlci, rls->status);
1372
1373 return 0;
1374}
1375
1376static int rfcomm_recv_msc(struct rfcomm_session *s, int cr, struct sk_buff *skb)
1377{
1378 struct rfcomm_msc *msc = (void *) skb->data;
1379 struct rfcomm_dlc *d;
1380 u8 dlci = __get_dlci(msc->dlci);
1381
1382 BT_DBG("dlci %d cr %d v24 0x%x", dlci, cr, msc->v24_sig);
1383
1384 d = rfcomm_dlc_get(s, dlci);
3a5e903c 1385 if (!d)
1da177e4
LT		 1386 return 0;
1387
1388 if (cr) {
1389 if (msc->v24_sig & RFCOMM_V24_FC && !d->cfc)
1390 set_bit(RFCOMM_TX_THROTTLED, &d->flags);
1391 else
1392 clear_bit(RFCOMM_TX_THROTTLED, &d->flags);
3a5e903c 1393
1da177e4
LT		 1394 rfcomm_dlc_lock(d);
1395 if (d->modem_status)
1396 d->modem_status(d, msc->v24_sig);
1397 rfcomm_dlc_unlock(d);
1398
1399 rfcomm_send_msc(s, 0, dlci, msc->v24_sig);
1400
1401 d->mscex |= RFCOMM_MSCEX_RX;
3a5e903c 1402 } else
1da177e4
LT		 1403 d->mscex |= RFCOMM_MSCEX_TX;
1404
1405 return 0;
1406}
1407
1408static int rfcomm_recv_mcc(struct rfcomm_session *s, struct sk_buff *skb)
1409{
1410 struct rfcomm_mcc *mcc = (void *) skb->data;
1411 u8 type, cr, len;
1412
1413 cr = __test_cr(mcc->type);
1414 type = __get_mcc_type(mcc->type);
1415 len = __get_mcc_len(mcc->len);
1416
1417 BT_DBG("%p type 0x%x cr %d", s, type, cr);
1418
1419 skb_pull(skb, 2);
1420
1421 switch (type) {
1422 case RFCOMM_PN:
1423 rfcomm_recv_pn(s, cr, skb);
1424 break;
1425
1426 case RFCOMM_RPN:
1427 rfcomm_recv_rpn(s, cr, len, skb);
1428 break;
1429
1430 case RFCOMM_RLS:
1431 rfcomm_recv_rls(s, cr, skb);
1432 break;
1433
1434 case RFCOMM_MSC:
1435 rfcomm_recv_msc(s, cr, skb);
1436 break;
1437
1438 case RFCOMM_FCOFF:
1439 if (cr) {
1440 set_bit(RFCOMM_TX_THROTTLED, &s->flags);
1441 rfcomm_send_fcoff(s, 0);
1442 }
1443 break;
1444
1445 case RFCOMM_FCON:
1446 if (cr) {
1447 clear_bit(RFCOMM_TX_THROTTLED, &s->flags);
1448 rfcomm_send_fcon(s, 0);
1449 }
1450 break;
1451
1452 case RFCOMM_TEST:
1453 if (cr)
1454 rfcomm_send_test(s, 0, skb->data, skb->len);
1455 break;
1456
1457 case RFCOMM_NSC:
1458 break;
1459
1460 default:
1461 BT_ERR("Unknown control type 0x%02x", type);
1462 rfcomm_send_nsc(s, cr, type);
1463 break;
1464 }
1465 return 0;
1466}
1467
1468static int rfcomm_recv_data(struct rfcomm_session *s, u8 dlci, int pf, struct sk_buff *skb)
1469{
1470 struct rfcomm_dlc *d;
1471
1472 BT_DBG("session %p state %ld dlci %d pf %d", s, s->state, dlci, pf);
1473
1474 d = rfcomm_dlc_get(s, dlci);
1475 if (!d) {
1476 rfcomm_send_dm(s, dlci);
1477 goto drop;
1478 }
1479
1480 if (pf && d->cfc) {
1481 u8 credits = *(u8 *) skb->data; skb_pull(skb, 1);
1482
1483 d->tx_credits += credits;
1484 if (d->tx_credits)
1485 clear_bit(RFCOMM_TX_THROTTLED, &d->flags);
1486 }
1487
1488 if (skb->len && d->state == BT_CONNECTED) {
1489 rfcomm_dlc_lock(d);
1490 d->rx_credits--;
1491 d->data_ready(d, skb);
1492 rfcomm_dlc_unlock(d);
1493 return 0;
1494 }
1495
1496drop:
1497 kfree_skb(skb);
1498 return 0;
1499}
1500
1501static int rfcomm_recv_frame(struct rfcomm_session *s, struct sk_buff *skb)
1502{
1503 struct rfcomm_hdr *hdr = (void *) skb->data;
1504 u8 type, dlci, fcs;
1505
1506 dlci = __get_dlci(hdr->addr);
1507 type = __get_type(hdr->ctrl);
1508
1509 /* Trim FCS */
1510 skb->len--; skb->tail--;
1511 fcs = *(u8 *) skb->tail;
1512
1513 if (__check_fcs(skb->data, type, fcs)) {
1514 BT_ERR("bad checksum in packet");
1515 kfree_skb(skb);
1516 return -EILSEQ;
1517 }
1518
1519 if (__test_ea(hdr->len))
1520 skb_pull(skb, 3);
1521 else
1522 skb_pull(skb, 4);
1523
1524 switch (type) {
1525 case RFCOMM_SABM:
1526 if (__test_pf(hdr->ctrl))
1527 rfcomm_recv_sabm(s, dlci);
1528 break;
1529
1530 case RFCOMM_DISC:
1531 if (__test_pf(hdr->ctrl))
1532 rfcomm_recv_disc(s, dlci);
1533 break;
1534
1535 case RFCOMM_UA:
1536 if (__test_pf(hdr->ctrl))
1537 rfcomm_recv_ua(s, dlci);
1538 break;
1539
1540 case RFCOMM_DM:
1541 rfcomm_recv_dm(s, dlci);
1542 break;
1543
1544 case RFCOMM_UIH:
1545 if (dlci)
1546 return rfcomm_recv_data(s, dlci, __test_pf(hdr->ctrl), skb);
1547
1548 rfcomm_recv_mcc(s, skb);
1549 break;
1550
1551 default:
1552 BT_ERR("Unknown packet type 0x%02x\n", type);
1553 break;
1554 }
1555 kfree_skb(skb);
1556 return 0;
1557}
1558
1559/* ---- Connection and data processing ---- */
1560
1561static void rfcomm_process_connect(struct rfcomm_session *s)
1562{
1563 struct rfcomm_dlc *d;
1564 struct list_head *p, *n;
1565
1566 BT_DBG("session %p state %ld", s, s->state);
1567
1568 list_for_each_safe(p, n, &s->dlcs) {
1569 d = list_entry(p, struct rfcomm_dlc, list);
1570 if (d->state == BT_CONFIG) {
1571 d->mtu = s->mtu;
1572 rfcomm_send_pn(s, 1, d);
1573 }
1574 }
1575}
1576
1577/* Send data queued for the DLC.
1578 * Return number of frames left in the queue.
1579 */
1580static inline int rfcomm_process_tx(struct rfcomm_dlc *d)
1581{
1582 struct sk_buff *skb;
1583 int err;
1584
1585 BT_DBG("dlc %p state %ld cfc %d rx_credits %d tx_credits %d",
1586 d, d->state, d->cfc, d->rx_credits, d->tx_credits);
1587
1588 /* Send pending MSC */
1589 if (test_and_clear_bit(RFCOMM_MSC_PENDING, &d->flags))
1590 rfcomm_send_msc(d->session, 1, d->dlci, d->v24_sig);
1591
1592 if (d->cfc) {
1593 /* CFC enabled.
1594 * Give them some credits */
1595 if (!test_bit(RFCOMM_RX_THROTTLED, &d->flags) &&
1596 d->rx_credits <= (d->cfc >> 2)) {
1597 rfcomm_send_credits(d->session, d->addr, d->cfc - d->rx_credits);
1598 d->rx_credits = d->cfc;
1599 }
1600 } else {
1601 /* CFC disabled.
1602 * Give ourselves some credits */
1603 d->tx_credits = 5;
1604 }
1605
1606 if (test_bit(RFCOMM_TX_THROTTLED, &d->flags))
1607 return skb_queue_len(&d->tx_queue);
1608
1609 while (d->tx_credits && (skb = skb_dequeue(&d->tx_queue))) {
1610 err = rfcomm_send_frame(d->session, skb->data, skb->len);
1611 if (err < 0) {
1612 skb_queue_head(&d->tx_queue, skb);
1613 break;
1614 }
1615 kfree_skb(skb);
1616 d->tx_credits--;
1617 }
1618
1619 if (d->cfc && !d->tx_credits) {
1620 /* We're out of TX credits.
1621 * Set TX_THROTTLED flag to avoid unnesary wakeups by dlc_send. */
1622 set_bit(RFCOMM_TX_THROTTLED, &d->flags);
1623 }
1624
1625 return skb_queue_len(&d->tx_queue);
1626}
1627
1628static inline void rfcomm_process_dlcs(struct rfcomm_session *s)
1629{
1630 struct rfcomm_dlc *d;
1631 struct list_head *p, *n;
1632
1633 BT_DBG("session %p state %ld", s, s->state);
1634
1635 list_for_each_safe(p, n, &s->dlcs) {
1636 d = list_entry(p, struct rfcomm_dlc, list);
1637
1638 if (test_bit(RFCOMM_TIMED_OUT, &d->flags)) {
1639 __rfcomm_dlc_close(d, ETIMEDOUT);
1640 continue;
1641 }
1642
1643 if (test_and_clear_bit(RFCOMM_AUTH_ACCEPT, &d->flags)) {
1644 rfcomm_dlc_clear_timer(d);
1645 rfcomm_dlc_accept(d);
1646 if (d->link_mode & RFCOMM_LM_SECURE) {
1647 struct sock *sk = s->sock->sk;
1648 hci_conn_change_link_key(l2cap_pi(sk)->conn->hcon);
1649 }
1650 continue;
1651 } else if (test_and_clear_bit(RFCOMM_AUTH_REJECT, &d->flags)) {
1652 rfcomm_dlc_clear_timer(d);
1653 rfcomm_send_dm(s, d->dlci);
1654 __rfcomm_dlc_close(d, ECONNREFUSED);
1655 continue;
1656 }
1657
1658 if (test_bit(RFCOMM_TX_THROTTLED, &s->flags))
1659 continue;
1660
1661 if ((d->state == BT_CONNECTED || d->state == BT_DISCONN) &&
1662 d->mscex == RFCOMM_MSCEX_OK)
1663 rfcomm_process_tx(d);
1664 }
1665}
1666
1667static inline void rfcomm_process_rx(struct rfcomm_session *s)
1668{
1669 struct socket *sock = s->sock;
1670 struct sock *sk = sock->sk;
1671 struct sk_buff *skb;
1672
1673 BT_DBG("session %p state %ld qlen %d", s, s->state, skb_queue_len(&sk->sk_receive_queue));
1674
1675 /* Get data directly from socket receive queue without copying it. */
1676 while ((skb = skb_dequeue(&sk->sk_receive_queue))) {
1677 skb_orphan(skb);
1678 rfcomm_recv_frame(s, skb);
1679 }
1680
1681 if (sk->sk_state == BT_CLOSED) {
1682 if (!s->initiator)
1683 rfcomm_session_put(s);
1684
1685 rfcomm_session_close(s, sk->sk_err);
1686 }
1687}
1688
1689static inline void rfcomm_accept_connection(struct rfcomm_session *s)
1690{
1691 struct socket *sock = s->sock, *nsock;
1692 int err;
1693
1694 /* Fast check for a new connection.
1695 * Avoids unnesesary socket allocations. */
1696 if (list_empty(&bt_sk(sock->sk)->accept_q))
1697 return;
1698
1699 BT_DBG("session %p", s);
1700
1701 if (sock_create_lite(PF_BLUETOOTH, sock->type, BTPROTO_L2CAP, &nsock))
1702 return;
1703
1704 nsock->ops = sock->ops;
1705
1706 __module_get(nsock->ops->owner);
1707
1708 err = sock->ops->accept(sock, nsock, O_NONBLOCK);
1709 if (err < 0) {
1710 sock_release(nsock);
1711 return;
1712 }
1713
1714 /* Set our callbacks */
1715 nsock->sk->sk_data_ready = rfcomm_l2data_ready;
1716 nsock->sk->sk_state_change = rfcomm_l2state_change;
1717
1718 s = rfcomm_session_add(nsock, BT_OPEN);
1719 if (s) {
1720 rfcomm_session_hold(s);
1721 rfcomm_schedule(RFCOMM_SCHED_RX);
1722 } else
1723 sock_release(nsock);
1724}
1725
1726static inline void rfcomm_check_connection(struct rfcomm_session *s)
1727{
1728 struct sock *sk = s->sock->sk;
1729
1730 BT_DBG("%p state %ld", s, s->state);
1731
1732 switch(sk->sk_state) {
1733 case BT_CONNECTED:
1734 s->state = BT_CONNECT;
1735
1736 /* We can adjust MTU on outgoing sessions.
1737 * L2CAP MTU minus UIH header and FCS. */
1738 s->mtu = min(l2cap_pi(sk)->omtu, l2cap_pi(sk)->imtu) - 5;
1739
1740 rfcomm_send_sabm(s, 0);
1741 break;
1742
1743 case BT_CLOSED:
1744 s->state = BT_CLOSED;
1745 rfcomm_session_close(s, sk->sk_err);
1746 break;
1747 }
1748}
1749
1750static inline void rfcomm_process_sessions(void)
1751{
1752 struct list_head *p, *n;
1753
1754 rfcomm_lock();
1755
1756 list_for_each_safe(p, n, &session_list) {
1757 struct rfcomm_session *s;
1758 s = list_entry(p, struct rfcomm_session, list);
1759
1760 if (s->state == BT_LISTEN) {
1761 rfcomm_accept_connection(s);
1762 continue;
1763 }
1764
1765 rfcomm_session_hold(s);
1766
1767 switch (s->state) {
1768 case BT_BOUND:
1769 rfcomm_check_connection(s);
1770 break;
1771
1772 default:
1773 rfcomm_process_rx(s);
1774 break;
1775 }
1776
1777 rfcomm_process_dlcs(s);
1778
1779 rfcomm_session_put(s);
1780 }
1781
1782 rfcomm_unlock();
1783}
1784
1785static void rfcomm_worker(void)
1786{
1787 BT_DBG("");
1788
1789 while (!atomic_read(&terminate)) {
1790 if (!test_bit(RFCOMM_SCHED_WAKEUP, &rfcomm_event)) {
1791 /* No pending events. Let's sleep.
1792 * Incoming connections and data will wake us up. */
1793 set_current_state(TASK_INTERRUPTIBLE);
1794 schedule();
1795 }
1796
1797 /* Process stuff */
1798 clear_bit(RFCOMM_SCHED_WAKEUP, &rfcomm_event);
1799 rfcomm_process_sessions();
1800 }
1801 set_current_state(TASK_RUNNING);
1802 return;
1803}
1804
1805static int rfcomm_add_listener(bdaddr_t *ba)
1806{
1807 struct sockaddr_l2 addr;
1808 struct socket *sock;
1809 struct sock *sk;
1810 struct rfcomm_session *s;
1811 int err = 0;
1812
1813 /* Create socket */
1814 err = rfcomm_l2sock_create(&sock);
1815 if (err < 0) {
1816 BT_ERR("Create socket failed %d", err);
1817 return err;
1818 }
1819
1820 /* Bind socket */
1821 bacpy(&addr.l2_bdaddr, ba);
1822 addr.l2_family = AF_BLUETOOTH;
1823 addr.l2_psm = htobs(RFCOMM_PSM);
1824 err = sock->ops->bind(sock, (struct sockaddr *) &addr, sizeof(addr));
1825 if (err < 0) {
1826 BT_ERR("Bind failed %d", err);
1827 goto failed;
1828 }
1829
1830 /* Set L2CAP options */
1831 sk = sock->sk;
1832 lock_sock(sk);
1833 l2cap_pi(sk)->imtu = RFCOMM_MAX_L2CAP_MTU;
1834 release_sock(sk);
1835
1836 /* Start listening on the socket */
1837 err = sock->ops->listen(sock, 10);
1838 if (err) {
1839 BT_ERR("Listen failed %d", err);
1840 goto failed;
1841 }
1842
1843 /* Add listening session */
1844 s = rfcomm_session_add(sock, BT_LISTEN);
1845 if (!s)
1846 goto failed;
1847
1848 rfcomm_session_hold(s);
1849 return 0;
1850failed:
1851 sock_release(sock);
1852 return err;
1853}
1854
1855static void rfcomm_kill_listener(void)
1856{
1857 struct rfcomm_session *s;
1858 struct list_head *p, *n;
1859
1860 BT_DBG("");
1861
1862 list_for_each_safe(p, n, &session_list) {
1863 s = list_entry(p, struct rfcomm_session, list);
1864 rfcomm_session_del(s);
1865 }
1866}
1867
1868static int rfcomm_run(void *unused)
1869{
1870 rfcomm_thread = current;
1871
1872 atomic_inc(&running);
1873
1874 daemonize("krfcommd");
1875 set_user_nice(current, -10);
1876 current->flags |= PF_NOFREEZE;
1877
1878 BT_DBG("");
1879
1880 rfcomm_add_listener(BDADDR_ANY);
1881
1882 rfcomm_worker();
1883
1884 rfcomm_kill_listener();
1885
1886 atomic_dec(&running);
1887 return 0;
1888}
1889
1890static void rfcomm_auth_cfm(struct hci_conn *conn, u8 status)
1891{
1892 struct rfcomm_session *s;
1893 struct rfcomm_dlc *d;
1894 struct list_head *p, *n;
1895
1896 BT_DBG("conn %p status 0x%02x", conn, status);
1897
1898 s = rfcomm_session_get(&conn->hdev->bdaddr, &conn->dst);
1899 if (!s)
1900 return;
1901
1902 rfcomm_session_hold(s);
1903
1904 list_for_each_safe(p, n, &s->dlcs) {
1905 d = list_entry(p, struct rfcomm_dlc, list);
1906
1907 if (d->link_mode & (RFCOMM_LM_ENCRYPT | RFCOMM_LM_SECURE))
1908 continue;
1909
1910 if (!test_and_clear_bit(RFCOMM_AUTH_PENDING, &d->flags))
1911 continue;
1912
1913 if (!status)
1914 set_bit(RFCOMM_AUTH_ACCEPT, &d->flags);
1915 else
1916 set_bit(RFCOMM_AUTH_REJECT, &d->flags);
1917 }
1918
1919 rfcomm_session_put(s);
1920
1921 rfcomm_schedule(RFCOMM_SCHED_AUTH);
1922}
1923
1924static void rfcomm_encrypt_cfm(struct hci_conn *conn, u8 status, u8 encrypt)
1925{
1926 struct rfcomm_session *s;
1927 struct rfcomm_dlc *d;
1928 struct list_head *p, *n;
1929
1930 BT_DBG("conn %p status 0x%02x encrypt 0x%02x", conn, status, encrypt);
1931
1932 s = rfcomm_session_get(&conn->hdev->bdaddr, &conn->dst);
1933 if (!s)
1934 return;
1935
1936 rfcomm_session_hold(s);
1937
1938 list_for_each_safe(p, n, &s->dlcs) {
1939 d = list_entry(p, struct rfcomm_dlc, list);
1940
1941 if (!test_and_clear_bit(RFCOMM_AUTH_PENDING, &d->flags))
1942 continue;
1943
1944 if (!status && encrypt)
1945 set_bit(RFCOMM_AUTH_ACCEPT, &d->flags);
1946 else
1947 set_bit(RFCOMM_AUTH_REJECT, &d->flags);
1948 }
1949
1950 rfcomm_session_put(s);
1951
1952 rfcomm_schedule(RFCOMM_SCHED_AUTH);
1953}
1954
1955static struct hci_cb rfcomm_cb = {
1956 .name = "RFCOMM",
1957 .auth_cfm = rfcomm_auth_cfm,
1958 .encrypt_cfm = rfcomm_encrypt_cfm
1959};
1960
1961/* ---- Proc fs support ---- */
1962#ifdef CONFIG_PROC_FS
1963static void *rfcomm_seq_start(struct seq_file *seq, loff_t *pos)
1964{
1965 struct rfcomm_session *s;
1966 struct list_head *pp, *p;
1967 loff_t l = *pos;
1968
1969 rfcomm_lock();
1970
1971 list_for_each(p, &session_list) {
1972 s = list_entry(p, struct rfcomm_session, list);
1973 list_for_each(pp, &s->dlcs)
1974 if (!l--) {
1975 seq->private = s;
1976 return pp;
1977 }
1978 }
1979 return NULL;
1980}
1981
1982static void *rfcomm_seq_next(struct seq_file *seq, void *e, loff_t *pos)
1983{
1984 struct rfcomm_session *s = seq->private;
1985 struct list_head *pp, *p = e;
1986 (*pos)++;
1987
1988 if (p->next != &s->dlcs)
1989 return p->next;
1990
1991 list_for_each(p, &session_list) {
1992 s = list_entry(p, struct rfcomm_session, list);
1993 __list_for_each(pp, &s->dlcs) {
1994 seq->private = s;
1995 return pp;
1996 }
1997 }
1998 return NULL;
1999}
2000
2001static void rfcomm_seq_stop(struct seq_file *seq, void *e)
2002{
2003 rfcomm_unlock();
2004}
2005
2006static int rfcomm_seq_show(struct seq_file *seq, void *e)
2007{
2008 struct rfcomm_session *s = seq->private;
2009 struct sock *sk = s->sock->sk;
2010 struct rfcomm_dlc *d = list_entry(e, struct rfcomm_dlc, list);
2011
2012 seq_printf(seq, "%s %s %ld %d %d %d %d\n",
2013 batostr(&bt_sk(sk)->src), batostr(&bt_sk(sk)->dst),
2014 d->state, d->dlci, d->mtu, d->rx_credits, d->tx_credits);
2015 return 0;
2016}
2017
2018static struct seq_operations rfcomm_seq_ops = {
2019 .start = rfcomm_seq_start,
2020 .next = rfcomm_seq_next,
2021 .stop = rfcomm_seq_stop,
2022 .show = rfcomm_seq_show
2023};
2024
2025static int rfcomm_seq_open(struct inode *inode, struct file *file)
2026{
2027 return seq_open(file, &rfcomm_seq_ops);
2028}
2029
2030static struct file_operations rfcomm_seq_fops = {
2031 .owner = THIS_MODULE,
2032 .open = rfcomm_seq_open,
2033 .read = seq_read,
2034 .llseek = seq_lseek,
2035 .release = seq_release,
2036};
2037
2038static int __init rfcomm_proc_init(void)
2039{
2040 struct proc_dir_entry *p;
2041
2042 proc_bt_rfcomm = proc_mkdir("rfcomm", proc_bt);
2043 if (proc_bt_rfcomm) {
2044 proc_bt_rfcomm->owner = THIS_MODULE;
2045
2046 p = create_proc_entry("dlc", S_IRUGO, proc_bt_rfcomm);
2047 if (p)
2048 p->proc_fops = &rfcomm_seq_fops;
2049 }
2050 return 0;
2051}
2052
2053static void __exit rfcomm_proc_cleanup(void)
2054{
2055 remove_proc_entry("dlc", proc_bt_rfcomm);
2056
2057 remove_proc_entry("rfcomm", proc_bt);
2058}
2059
2060#else /* CONFIG_PROC_FS */
2061
2062static int __init rfcomm_proc_init(void)
2063{
2064 return 0;
2065}
2066
2067static void __exit rfcomm_proc_cleanup(void)
2068{
2069 return;
2070}
2071#endif /* CONFIG_PROC_FS */
2072
2073/* ---- Initialization ---- */
2074static int __init rfcomm_init(void)
2075{
2076 l2cap_load();
2077
2078 hci_register_cb(&rfcomm_cb);
2079
2080 kernel_thread(rfcomm_run, NULL, CLONE_KERNEL);
2081
2082 BT_INFO("RFCOMM ver %s", VERSION);
2083
2084 rfcomm_proc_init();
2085
2086 rfcomm_init_sockets();
2087
2088#ifdef CONFIG_BT_RFCOMM_TTY
2089 rfcomm_init_ttys();
2090#endif
2091
2092 return 0;
2093}
2094
2095static void __exit rfcomm_exit(void)
2096{
2097 hci_unregister_cb(&rfcomm_cb);
2098
2099 /* Terminate working thread.
2100 * ie. Set terminate flag and wake it up */
2101 atomic_inc(&terminate);
2102 rfcomm_schedule(RFCOMM_SCHED_STATE);
2103
2104 /* Wait until thread is running */
2105 while (atomic_read(&running))
2106 schedule();
2107
2108#ifdef CONFIG_BT_RFCOMM_TTY
2109 rfcomm_cleanup_ttys();
2110#endif
2111
2112 rfcomm_cleanup_sockets();
2113
2114 rfcomm_proc_cleanup();
2115}
2116
2117module_init(rfcomm_init);
2118module_exit(rfcomm_exit);
2119
2120MODULE_AUTHOR("Maxim Krasnyansky <maxk@qualcomm.com>, Marcel Holtmann <marcel@holtmann.org>");
2121MODULE_DESCRIPTION("Bluetooth RFCOMM ver " VERSION);
2122MODULE_VERSION(VERSION);
2123MODULE_LICENSE("GPL");
2124MODULE_ALIAS("bt-proto-3");
Ubuntu Artful kernel mirror