]> git.proxmox.com Git - mirror_ubuntu-artful-kernel.git/blob - net/bluetooth/rfcomm/core.c
projects / mirror_ubuntu-artful-kernel.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Linux-2.6.12-rc2
[mirror_ubuntu-artful-kernel.git] / net / bluetooth / rfcomm / core.c
1 /*
2 RFCOMM implementation for Linux Bluetooth stack (BlueZ).
3 Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com>
4 Copyright (C) 2002 Marcel Holtmann <marcel@holtmann.org>
5
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License version 2 as
8 published by the Free Software Foundation;
9
10 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
11 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
12 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
13 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
14 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
15 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
17 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18
19 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
20 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
21 SOFTWARE IS DISCLAIMED.
22 */
23
24 /*
25 RPN support - Dirk Husemann <hud@zurich.ibm.com>
26 */
27
28 /*
29 * Bluetooth RFCOMM core.
30 *
31 * $Id: core.c,v 1.42 2002/10/01 23:26:25 maxk Exp $
32 */
33
34 #include <linux/config.h>
35 #include <linux/module.h>
36 #include <linux/errno.h>
37 #include <linux/kernel.h>
38 #include <linux/sched.h>
39 #include <linux/signal.h>
40 #include <linux/init.h>
41 #include <linux/wait.h>
42 #include <linux/net.h>
43 #include <linux/proc_fs.h>
44 #include <linux/seq_file.h>
45 #include <net/sock.h>
46 #include <asm/uaccess.h>
47 #include <asm/unaligned.h>
48
49 #include <net/bluetooth/bluetooth.h>
50 #include <net/bluetooth/hci_core.h>
51 #include <net/bluetooth/l2cap.h>
52 #include <net/bluetooth/rfcomm.h>
53
54 #define VERSION "1.5"
55
56 #ifndef CONFIG_BT_RFCOMM_DEBUG
57 #undef BT_DBG
58 #define BT_DBG(D...)
59 #endif
60
61 #ifdef CONFIG_PROC_FS
62 struct proc_dir_entry *proc_bt_rfcomm;
63 #endif
64
65 static struct task_struct *rfcomm_thread;
66
67 static DECLARE_MUTEX(rfcomm_sem);
68 #define rfcomm_lock() down(&rfcomm_sem);
69 #define rfcomm_unlock() up(&rfcomm_sem);
70
71 static unsigned long rfcomm_event;
72
73 static LIST_HEAD(session_list);
74 static atomic_t terminate, running;
75
76 static int rfcomm_send_frame(struct rfcomm_session *s, u8 *data, int len);
77 static int rfcomm_send_sabm(struct rfcomm_session *s, u8 dlci);
78 static int rfcomm_send_disc(struct rfcomm_session *s, u8 dlci);
79 static int rfcomm_queue_disc(struct rfcomm_dlc *d);
80 static int rfcomm_send_nsc(struct rfcomm_session *s, int cr, u8 type);
81 static int rfcomm_send_pn(struct rfcomm_session *s, int cr, struct rfcomm_dlc *d);
82 static int rfcomm_send_msc(struct rfcomm_session *s, int cr, u8 dlci, u8 v24_sig);
83 static int rfcomm_send_test(struct rfcomm_session *s, int cr, u8 *pattern, int len);
84 static int rfcomm_send_credits(struct rfcomm_session *s, u8 addr, u8 credits);
85 static void rfcomm_make_uih(struct sk_buff *skb, u8 addr);
86
87 static void rfcomm_process_connect(struct rfcomm_session *s);
88
89 static struct rfcomm_session *rfcomm_session_create(bdaddr_t *src, bdaddr_t *dst, int *err);
90 static struct rfcomm_session *rfcomm_session_get(bdaddr_t *src, bdaddr_t *dst);
91 static void rfcomm_session_del(struct rfcomm_session *s);
92
93 /* ---- RFCOMM frame parsing macros ---- */
94 #define __get_dlci(b) ((b & 0xfc) >> 2)
95 #define __get_channel(b) ((b & 0xf8) >> 3)
96 #define __get_dir(b) ((b & 0x04) >> 2)
97 #define __get_type(b) ((b & 0xef))
98
99 #define __test_ea(b) ((b & 0x01))
100 #define __test_cr(b) ((b & 0x02))
101 #define __test_pf(b) ((b & 0x10))
102
103 #define __addr(cr, dlci) (((dlci & 0x3f) << 2) | (cr << 1) | 0x01)
104 #define __ctrl(type, pf) (((type & 0xef) | (pf << 4)))
105 #define __dlci(dir, chn) (((chn & 0x1f) << 1) | dir)
106 #define __srv_channel(dlci) (dlci >> 1)
107 #define __dir(dlci) (dlci & 0x01)
108
109 #define __len8(len) (((len) << 1) | 1)
110 #define __len16(len) ((len) << 1)
111
112 /* MCC macros */
113 #define __mcc_type(cr, type) (((type << 2) | (cr << 1) | 0x01))
114 #define __get_mcc_type(b) ((b & 0xfc) >> 2)
115 #define __get_mcc_len(b) ((b & 0xfe) >> 1)
116
117 /* RPN macros */
118 #define __rpn_line_settings(data, stop, parity) ((data & 0x3) | ((stop & 0x1) << 2) | ((parity & 0x3) << 3))
119 #define __get_rpn_data_bits(line) ((line) & 0x3)
120 #define __get_rpn_stop_bits(line) (((line) >> 2) & 0x1)
121 #define __get_rpn_parity(line) (((line) >> 3) & 0x3)
122
123 static inline void rfcomm_schedule(uint event)
124 {
125 if (!rfcomm_thread)
126 return;
127 //set_bit(event, &rfcomm_event);
128 set_bit(RFCOMM_SCHED_WAKEUP, &rfcomm_event);
129 wake_up_process(rfcomm_thread);
130 }
131
132 static inline void rfcomm_session_put(struct rfcomm_session *s)
133 {
134 if (atomic_dec_and_test(&s->refcnt))
135 rfcomm_session_del(s);
136 }
137
138 /* ---- RFCOMM FCS computation ---- */
139
140 /* CRC on 2 bytes */
141 #define __crc(data) (rfcomm_crc_table[rfcomm_crc_table[0xff ^ data[0]] ^ data[1]])
142
143 /* FCS on 2 bytes */
144 static inline u8 __fcs(u8 *data)
145 {
146 return (0xff - __crc(data));
147 }
148
149 /* FCS on 3 bytes */
150 static inline u8 __fcs2(u8 *data)
151 {
152 return (0xff - rfcomm_crc_table[__crc(data) ^ data[2]]);
153 }
154
155 /* Check FCS */
156 static inline int __check_fcs(u8 *data, int type, u8 fcs)
157 {
158 u8 f = __crc(data);
159
160 if (type != RFCOMM_UIH)
161 f = rfcomm_crc_table[f ^ data[2]];
162
163 return rfcomm_crc_table[f ^ fcs] != 0xcf;
164 }
165
166 /* ---- L2CAP callbacks ---- */
167 static void rfcomm_l2state_change(struct sock *sk)
168 {
169 BT_DBG("%p state %d", sk, sk->sk_state);
170 rfcomm_schedule(RFCOMM_SCHED_STATE);
171 }
172
173 static void rfcomm_l2data_ready(struct sock *sk, int bytes)
174 {
175 BT_DBG("%p bytes %d", sk, bytes);
176 rfcomm_schedule(RFCOMM_SCHED_RX);
177 }
178
179 static int rfcomm_l2sock_create(struct socket **sock)
180 {
181 int err;
182
183 BT_DBG("");
184
185 err = sock_create_kern(PF_BLUETOOTH, SOCK_SEQPACKET, BTPROTO_L2CAP, sock);
186 if (!err) {
187 struct sock *sk = (*sock)->sk;
188 sk->sk_data_ready = rfcomm_l2data_ready;
189 sk->sk_state_change = rfcomm_l2state_change;
190 }
191 return err;
192 }
193
194 /* ---- RFCOMM DLCs ---- */
195 static void rfcomm_dlc_timeout(unsigned long arg)
196 {
197 struct rfcomm_dlc *d = (void *) arg;
198
199 BT_DBG("dlc %p state %ld", d, d->state);
200
201 set_bit(RFCOMM_TIMED_OUT, &d->flags);
202 rfcomm_dlc_put(d);
203 rfcomm_schedule(RFCOMM_SCHED_TIMEO);
204 }
205
206 static void rfcomm_dlc_set_timer(struct rfcomm_dlc *d, long timeout)
207 {
208 BT_DBG("dlc %p state %ld timeout %ld", d, d->state, timeout);
209
210 if (!mod_timer(&d->timer, jiffies + timeout))
211 rfcomm_dlc_hold(d);
212 }
213
214 static void rfcomm_dlc_clear_timer(struct rfcomm_dlc *d)
215 {
216 BT_DBG("dlc %p state %ld", d, d->state);
217
218 if (timer_pending(&d->timer) && del_timer(&d->timer))
219 rfcomm_dlc_put(d);
220 }
221
222 static void rfcomm_dlc_clear_state(struct rfcomm_dlc *d)
223 {
224 BT_DBG("%p", d);
225
226 d->state = BT_OPEN;
227 d->flags = 0;
228 d->mscex = 0;
229 d->mtu = RFCOMM_DEFAULT_MTU;
230 d->v24_sig = RFCOMM_V24_RTC | RFCOMM_V24_RTR | RFCOMM_V24_DV;
231
232 d->cfc = RFCOMM_CFC_DISABLED;
233 d->rx_credits = RFCOMM_DEFAULT_CREDITS;
234 }
235
236 struct rfcomm_dlc *rfcomm_dlc_alloc(int prio)
237 {
238 struct rfcomm_dlc *d = kmalloc(sizeof(*d), prio);
239 if (!d)
240 return NULL;
241 memset(d, 0, sizeof(*d));
242
243 init_timer(&d->timer);
244 d->timer.function = rfcomm_dlc_timeout;
245 d->timer.data = (unsigned long) d;
246
247 skb_queue_head_init(&d->tx_queue);
248 spin_lock_init(&d->lock);
249 atomic_set(&d->refcnt, 1);
250
251 rfcomm_dlc_clear_state(d);
252
253 BT_DBG("%p", d);
254 return d;
255 }
256
257 void rfcomm_dlc_free(struct rfcomm_dlc *d)
258 {
259 BT_DBG("%p", d);
260
261 skb_queue_purge(&d->tx_queue);
262 kfree(d);
263 }
264
265 static void rfcomm_dlc_link(struct rfcomm_session *s, struct rfcomm_dlc *d)
266 {
267 BT_DBG("dlc %p session %p", d, s);
268
269 rfcomm_session_hold(s);
270
271 rfcomm_dlc_hold(d);
272 list_add(&d->list, &s->dlcs);
273 d->session = s;
274 }
275
276 static void rfcomm_dlc_unlink(struct rfcomm_dlc *d)
277 {
278 struct rfcomm_session *s = d->session;
279
280 BT_DBG("dlc %p refcnt %d session %p", d, atomic_read(&d->refcnt), s);
281
282 list_del(&d->list);
283 d->session = NULL;
284 rfcomm_dlc_put(d);
285
286 rfcomm_session_put(s);
287 }
288
289 static struct rfcomm_dlc *rfcomm_dlc_get(struct rfcomm_session *s, u8 dlci)
290 {
291 struct rfcomm_dlc *d;
292 struct list_head *p;
293
294 list_for_each(p, &s->dlcs) {
295 d = list_entry(p, struct rfcomm_dlc, list);
296 if (d->dlci == dlci)
297 return d;
298 }
299 return NULL;
300 }
301
302 static int __rfcomm_dlc_open(struct rfcomm_dlc *d, bdaddr_t *src, bdaddr_t *dst, u8 channel)
303 {
304 struct rfcomm_session *s;
305 int err = 0;
306 u8 dlci;
307
308 BT_DBG("dlc %p state %ld %s %s channel %d",
309 d, d->state, batostr(src), batostr(dst), channel);
310
311 if (channel < 1 || channel > 30)
312 return -EINVAL;
313
314 if (d->state != BT_OPEN && d->state != BT_CLOSED)
315 return 0;
316
317 s = rfcomm_session_get(src, dst);
318 if (!s) {
319 s = rfcomm_session_create(src, dst, &err);
320 if (!s)
321 return err;
322 }
323
324 dlci = __dlci(!s->initiator, channel);
325
326 /* Check if DLCI already exists */
327 if (rfcomm_dlc_get(s, dlci))
328 return -EBUSY;
329
330 rfcomm_dlc_clear_state(d);
331
332 d->dlci = dlci;
333 d->addr = __addr(s->initiator, dlci);
334 d->priority = 7;
335
336 d->state = BT_CONFIG;
337 rfcomm_dlc_link(s, d);
338
339 d->mtu = s->mtu;
340 d->cfc = (s->cfc == RFCOMM_CFC_UNKNOWN) ? 0 : s->cfc;
341
342 if (s->state == BT_CONNECTED)
343 rfcomm_send_pn(s, 1, d);
344 rfcomm_dlc_set_timer(d, RFCOMM_CONN_TIMEOUT);
345 return 0;
346 }
347
348 int rfcomm_dlc_open(struct rfcomm_dlc *d, bdaddr_t *src, bdaddr_t *dst, u8 channel)
349 {
350 int r;
351
352 rfcomm_lock();
353
354 r = __rfcomm_dlc_open(d, src, dst, channel);
355
356 rfcomm_unlock();
357 return r;
358 }
359
360 static int __rfcomm_dlc_close(struct rfcomm_dlc *d, int err)
361 {
362 struct rfcomm_session *s = d->session;
363 if (!s)
364 return 0;
365
366 BT_DBG("dlc %p state %ld dlci %d err %d session %p",
367 d, d->state, d->dlci, err, s);
368
369 switch (d->state) {
370 case BT_CONNECTED:
371 case BT_CONFIG:
372 case BT_CONNECT:
373 d->state = BT_DISCONN;
374 if (skb_queue_empty(&d->tx_queue)) {
375 rfcomm_send_disc(s, d->dlci);
376 rfcomm_dlc_set_timer(d, RFCOMM_DISC_TIMEOUT);
377 } else {
378 rfcomm_queue_disc(d);
379 rfcomm_dlc_set_timer(d, RFCOMM_DISC_TIMEOUT * 2);
380 }
381 break;
382
383 default:
384 rfcomm_dlc_clear_timer(d);
385
386 rfcomm_dlc_lock(d);
387 d->state = BT_CLOSED;
388 d->state_change(d, err);
389 rfcomm_dlc_unlock(d);
390
391 skb_queue_purge(&d->tx_queue);
392 rfcomm_session_put(s);
393
394 rfcomm_dlc_unlink(d);
395 }
396
397 return 0;
398 }
399
400 int rfcomm_dlc_close(struct rfcomm_dlc *d, int err)
401 {
402 int r;
403
404 rfcomm_lock();
405
406 r = __rfcomm_dlc_close(d, err);
407
408 rfcomm_unlock();
409 return r;
410 }
411
412 int rfcomm_dlc_send(struct rfcomm_dlc *d, struct sk_buff *skb)
413 {
414 int len = skb->len;
415
416 if (d->state != BT_CONNECTED)
417 return -ENOTCONN;
418
419 BT_DBG("dlc %p mtu %d len %d", d, d->mtu, len);
420
421 if (len > d->mtu)
422 return -EINVAL;
423
424 rfcomm_make_uih(skb, d->addr);
425 skb_queue_tail(&d->tx_queue, skb);
426
427 if (!test_bit(RFCOMM_TX_THROTTLED, &d->flags))
428 rfcomm_schedule(RFCOMM_SCHED_TX);
429 return len;
430 }
431
432 void fastcall __rfcomm_dlc_throttle(struct rfcomm_dlc *d)
433 {
434 BT_DBG("dlc %p state %ld", d, d->state);
435
436 if (!d->cfc) {
437 d->v24_sig |= RFCOMM_V24_FC;
438 set_bit(RFCOMM_MSC_PENDING, &d->flags);
439 }
440 rfcomm_schedule(RFCOMM_SCHED_TX);
441 }
442
443 void fastcall __rfcomm_dlc_unthrottle(struct rfcomm_dlc *d)
444 {
445 BT_DBG("dlc %p state %ld", d, d->state);
446
447 if (!d->cfc) {
448 d->v24_sig &= ~RFCOMM_V24_FC;
449 set_bit(RFCOMM_MSC_PENDING, &d->flags);
450 }
451 rfcomm_schedule(RFCOMM_SCHED_TX);
452 }
453
454 /*
455 Set/get modem status functions use _local_ status i.e. what we report
456 to the other side.
457 Remote status is provided by dlc->modem_status() callback.
458 */
459 int rfcomm_dlc_set_modem_status(struct rfcomm_dlc *d, u8 v24_sig)
460 {
461 BT_DBG("dlc %p state %ld v24_sig 0x%x",
462 d, d->state, v24_sig);
463
464 if (test_bit(RFCOMM_RX_THROTTLED, &d->flags))
465 v24_sig |= RFCOMM_V24_FC;
466 else
467 v24_sig &= ~RFCOMM_V24_FC;
468
469 d->v24_sig = v24_sig;
470
471 if (!test_and_set_bit(RFCOMM_MSC_PENDING, &d->flags))
472 rfcomm_schedule(RFCOMM_SCHED_TX);
473
474 return 0;
475 }
476
477 int rfcomm_dlc_get_modem_status(struct rfcomm_dlc *d, u8 *v24_sig)
478 {
479 BT_DBG("dlc %p state %ld v24_sig 0x%x",
480 d, d->state, d->v24_sig);
481
482 *v24_sig = d->v24_sig;
483 return 0;
484 }
485
486 /* ---- RFCOMM sessions ---- */
487 static struct rfcomm_session *rfcomm_session_add(struct socket *sock, int state)
488 {
489 struct rfcomm_session *s = kmalloc(sizeof(*s), GFP_KERNEL);
490 if (!s)
491 return NULL;
492 memset(s, 0, sizeof(*s));
493
494 BT_DBG("session %p sock %p", s, sock);
495
496 INIT_LIST_HEAD(&s->dlcs);
497 s->state = state;
498 s->sock = sock;
499
500 s->mtu = RFCOMM_DEFAULT_MTU;
501 s->cfc = RFCOMM_CFC_UNKNOWN;
502
503 /* Do not increment module usage count for listening sessions.
504 * Otherwise we won't be able to unload the module. */
505 if (state != BT_LISTEN)
506 if (!try_module_get(THIS_MODULE)) {
507 kfree(s);
508 return NULL;
509 }
510
511 list_add(&s->list, &session_list);
512
513 return s;
514 }
515
516 static void rfcomm_session_del(struct rfcomm_session *s)
517 {
518 int state = s->state;
519
520 BT_DBG("session %p state %ld", s, s->state);
521
522 list_del(&s->list);
523
524 if (state == BT_CONNECTED)
525 rfcomm_send_disc(s, 0);
526
527 sock_release(s->sock);
528 kfree(s);
529
530 if (state != BT_LISTEN)
531 module_put(THIS_MODULE);
532 }
533
534 static struct rfcomm_session *rfcomm_session_get(bdaddr_t *src, bdaddr_t *dst)
535 {
536 struct rfcomm_session *s;
537 struct list_head *p, *n;
538 struct bt_sock *sk;
539 list_for_each_safe(p, n, &session_list) {
540 s = list_entry(p, struct rfcomm_session, list);
541 sk = bt_sk(s->sock->sk);
542
543 if ((!bacmp(src, BDADDR_ANY) || !bacmp(&sk->src, src)) &&
544 !bacmp(&sk->dst, dst))
545 return s;
546 }
547 return NULL;
548 }
549
550 static void rfcomm_session_close(struct rfcomm_session *s, int err)
551 {
552 struct rfcomm_dlc *d;
553 struct list_head *p, *n;
554
555 BT_DBG("session %p state %ld err %d", s, s->state, err);
556
557 rfcomm_session_hold(s);
558
559 s->state = BT_CLOSED;
560
561 /* Close all dlcs */
562 list_for_each_safe(p, n, &s->dlcs) {
563 d = list_entry(p, struct rfcomm_dlc, list);
564 d->state = BT_CLOSED;
565 __rfcomm_dlc_close(d, err);
566 }
567
568 rfcomm_session_put(s);
569 }
570
571 static struct rfcomm_session *rfcomm_session_create(bdaddr_t *src, bdaddr_t *dst, int *err)
572 {
573 struct rfcomm_session *s = NULL;
574 struct sockaddr_l2 addr;
575 struct socket *sock;
576 struct sock *sk;
577
578 BT_DBG("%s %s", batostr(src), batostr(dst));
579
580 *err = rfcomm_l2sock_create(&sock);
581 if (*err < 0)
582 return NULL;
583
584 bacpy(&addr.l2_bdaddr, src);
585 addr.l2_family = AF_BLUETOOTH;
586 addr.l2_psm = 0;
587 *err = sock->ops->bind(sock, (struct sockaddr *) &addr, sizeof(addr));
588 if (*err < 0)
589 goto failed;
590
591 /* Set L2CAP options */
592 sk = sock->sk;
593 lock_sock(sk);
594 l2cap_pi(sk)->imtu = RFCOMM_MAX_L2CAP_MTU;
595 release_sock(sk);
596
597 s = rfcomm_session_add(sock, BT_BOUND);
598 if (!s) {
599 *err = -ENOMEM;
600 goto failed;
601 }
602
603 rfcomm_session_hold(s);
604
605 s->initiator = 1;
606
607 bacpy(&addr.l2_bdaddr, dst);
608 addr.l2_family = AF_BLUETOOTH;
609 addr.l2_psm = htobs(RFCOMM_PSM);
610 *err = sock->ops->connect(sock, (struct sockaddr *) &addr, sizeof(addr), O_NONBLOCK);
611 if (*err == 0 || *err == -EAGAIN)
612 return s;
613
614 rfcomm_session_del(s);
615 return NULL;
616
617 failed:
618 sock_release(sock);
619 return NULL;
620 }
621
622 void rfcomm_session_getaddr(struct rfcomm_session *s, bdaddr_t *src, bdaddr_t *dst)
623 {
624 struct sock *sk = s->sock->sk;
625 if (src)
626 bacpy(src, &bt_sk(sk)->src);
627 if (dst)
628 bacpy(dst, &bt_sk(sk)->dst);
629 }
630
631 /* ---- RFCOMM frame sending ---- */
632 static int rfcomm_send_frame(struct rfcomm_session *s, u8 *data, int len)
633 {
634 struct socket *sock = s->sock;
635 struct kvec iv = { data, len };
636 struct msghdr msg;
637
638 BT_DBG("session %p len %d", s, len);
639
640 memset(&msg, 0, sizeof(msg));
641
642 return kernel_sendmsg(sock, &msg, &iv, 1, len);
643 }
644
645 static int rfcomm_send_sabm(struct rfcomm_session *s, u8 dlci)
646 {
647 struct rfcomm_cmd cmd;
648
649 BT_DBG("%p dlci %d", s, dlci);
650
651 cmd.addr = __addr(s->initiator, dlci);
652 cmd.ctrl = __ctrl(RFCOMM_SABM, 1);
653 cmd.len = __len8(0);
654 cmd.fcs = __fcs2((u8 *) &cmd);
655
656 return rfcomm_send_frame(s, (void *) &cmd, sizeof(cmd));
657 }
658
659 static int rfcomm_send_ua(struct rfcomm_session *s, u8 dlci)
660 {
661 struct rfcomm_cmd cmd;
662
663 BT_DBG("%p dlci %d", s, dlci);
664
665 cmd.addr = __addr(!s->initiator, dlci);
666 cmd.ctrl = __ctrl(RFCOMM_UA, 1);
667 cmd.len = __len8(0);
668 cmd.fcs = __fcs2((u8 *) &cmd);
669
670 return rfcomm_send_frame(s, (void *) &cmd, sizeof(cmd));
671 }
672
673 static int rfcomm_send_disc(struct rfcomm_session *s, u8 dlci)
674 {
675 struct rfcomm_cmd cmd;
676
677 BT_DBG("%p dlci %d", s, dlci);
678
679 cmd.addr = __addr(s->initiator, dlci);
680 cmd.ctrl = __ctrl(RFCOMM_DISC, 1);
681 cmd.len = __len8(0);
682 cmd.fcs = __fcs2((u8 *) &cmd);
683
684 return rfcomm_send_frame(s, (void *) &cmd, sizeof(cmd));
685 }
686
687 static int rfcomm_queue_disc(struct rfcomm_dlc *d)
688 {
689 struct rfcomm_cmd *cmd;
690 struct sk_buff *skb;
691
692 BT_DBG("dlc %p dlci %d", d, d->dlci);
693
694 skb = alloc_skb(sizeof(*cmd), GFP_KERNEL);
695 if (!skb)
696 return -ENOMEM;
697
698 cmd = (void *) __skb_put(skb, sizeof(*cmd));
699 cmd->addr = d->addr;
700 cmd->ctrl = __ctrl(RFCOMM_DISC, 1);
701 cmd->len = __len8(0);
702 cmd->fcs = __fcs2((u8 *) cmd);
703
704 skb_queue_tail(&d->tx_queue, skb);
705 rfcomm_schedule(RFCOMM_SCHED_TX);
706 return 0;
707 }
708
709 static int rfcomm_send_dm(struct rfcomm_session *s, u8 dlci)
710 {
711 struct rfcomm_cmd cmd;
712
713 BT_DBG("%p dlci %d", s, dlci);
714
715 cmd.addr = __addr(!s->initiator, dlci);
716 cmd.ctrl = __ctrl(RFCOMM_DM, 1);
717 cmd.len = __len8(0);
718 cmd.fcs = __fcs2((u8 *) &cmd);
719
720 return rfcomm_send_frame(s, (void *) &cmd, sizeof(cmd));
721 }
722
723 static int rfcomm_send_nsc(struct rfcomm_session *s, int cr, u8 type)
724 {
725 struct rfcomm_hdr *hdr;
726 struct rfcomm_mcc *mcc;
727 u8 buf[16], *ptr = buf;
728
729 BT_DBG("%p cr %d type %d", s, cr, type);
730
731 hdr = (void *) ptr; ptr += sizeof(*hdr);
732 hdr->addr = __addr(s->initiator, 0);
733 hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
734 hdr->len = __len8(sizeof(*mcc) + 1);
735
736 mcc = (void *) ptr; ptr += sizeof(*mcc);
737 mcc->type = __mcc_type(cr, RFCOMM_NSC);
738 mcc->len = __len8(1);
739
740 /* Type that we didn't like */
741 *ptr = __mcc_type(cr, type); ptr++;
742
743 *ptr = __fcs(buf); ptr++;
744
745 return rfcomm_send_frame(s, buf, ptr - buf);
746 }
747
748 static int rfcomm_send_pn(struct rfcomm_session *s, int cr, struct rfcomm_dlc *d)
749 {
750 struct rfcomm_hdr *hdr;
751 struct rfcomm_mcc *mcc;
752 struct rfcomm_pn *pn;
753 u8 buf[16], *ptr = buf;
754
755 BT_DBG("%p cr %d dlci %d mtu %d", s, cr, d->dlci, d->mtu);
756
757 hdr = (void *) ptr; ptr += sizeof(*hdr);
758 hdr->addr = __addr(s->initiator, 0);
759 hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
760 hdr->len = __len8(sizeof(*mcc) + sizeof(*pn));
761
762 mcc = (void *) ptr; ptr += sizeof(*mcc);
763 mcc->type = __mcc_type(cr, RFCOMM_PN);
764 mcc->len = __len8(sizeof(*pn));
765
766 pn = (void *) ptr; ptr += sizeof(*pn);
767 pn->dlci = d->dlci;
768 pn->priority = d->priority;
769 pn->ack_timer = 0;
770 pn->max_retrans = 0;
771
772 if (s->cfc) {
773 pn->flow_ctrl = cr ? 0xf0 : 0xe0;
774 pn->credits = RFCOMM_DEFAULT_CREDITS;
775 } else {
776 pn->flow_ctrl = 0;
777 pn->credits = 0;
778 }
779
780 pn->mtu = htobs(d->mtu);
781
782 *ptr = __fcs(buf); ptr++;
783
784 return rfcomm_send_frame(s, buf, ptr - buf);
785 }
786
787 static int rfcomm_send_rpn(struct rfcomm_session *s, int cr, u8 dlci,
788 u8 bit_rate, u8 data_bits, u8 stop_bits,
789 u8 parity, u8 flow_ctrl_settings,
790 u8 xon_char, u8 xoff_char, u16 param_mask)
791 {
792 struct rfcomm_hdr *hdr;
793 struct rfcomm_mcc *mcc;
794 struct rfcomm_rpn *rpn;
795 u8 buf[16], *ptr = buf;
796
797 BT_DBG("%p cr %d dlci %d bit_r 0x%x data_b 0x%x stop_b 0x%x parity 0x%x"
798 "flwc_s 0x%x xon_c 0x%x xoff_c 0x%x p_mask 0x%x",
799 s, cr, dlci, bit_rate, data_bits, stop_bits, parity,
800 flow_ctrl_settings, xon_char, xoff_char, param_mask);
801
802 hdr = (void *) ptr; ptr += sizeof(*hdr);
803 hdr->addr = __addr(s->initiator, 0);
804 hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
805 hdr->len = __len8(sizeof(*mcc) + sizeof(*rpn));
806
807 mcc = (void *) ptr; ptr += sizeof(*mcc);
808 mcc->type = __mcc_type(cr, RFCOMM_RPN);
809 mcc->len = __len8(sizeof(*rpn));
810
811 rpn = (void *) ptr; ptr += sizeof(*rpn);
812 rpn->dlci = __addr(1, dlci);
813 rpn->bit_rate = bit_rate;
814 rpn->line_settings = __rpn_line_settings(data_bits, stop_bits, parity);
815 rpn->flow_ctrl = flow_ctrl_settings;
816 rpn->xon_char = xon_char;
817 rpn->xoff_char = xoff_char;
818 rpn->param_mask = param_mask;
819
820 *ptr = __fcs(buf); ptr++;
821
822 return rfcomm_send_frame(s, buf, ptr - buf);
823 }
824
825 static int rfcomm_send_rls(struct rfcomm_session *s, int cr, u8 dlci, u8 status)
826 {
827 struct rfcomm_hdr *hdr;
828 struct rfcomm_mcc *mcc;
829 struct rfcomm_rls *rls;
830 u8 buf[16], *ptr = buf;
831
832 BT_DBG("%p cr %d status 0x%x", s, cr, status);
833
834 hdr = (void *) ptr; ptr += sizeof(*hdr);
835 hdr->addr = __addr(s->initiator, 0);
836 hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
837 hdr->len = __len8(sizeof(*mcc) + sizeof(*rls));
838
839 mcc = (void *) ptr; ptr += sizeof(*mcc);
840 mcc->type = __mcc_type(cr, RFCOMM_RLS);
841 mcc->len = __len8(sizeof(*rls));
842
843 rls = (void *) ptr; ptr += sizeof(*rls);
844 rls->dlci = __addr(1, dlci);
845 rls->status = status;
846
847 *ptr = __fcs(buf); ptr++;
848
849 return rfcomm_send_frame(s, buf, ptr - buf);
850 }
851
852 static int rfcomm_send_msc(struct rfcomm_session *s, int cr, u8 dlci, u8 v24_sig)
853 {
854 struct rfcomm_hdr *hdr;
855 struct rfcomm_mcc *mcc;
856 struct rfcomm_msc *msc;
857 u8 buf[16], *ptr = buf;
858
859 BT_DBG("%p cr %d v24 0x%x", s, cr, v24_sig);
860
861 hdr = (void *) ptr; ptr += sizeof(*hdr);
862 hdr->addr = __addr(s->initiator, 0);
863 hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
864 hdr->len = __len8(sizeof(*mcc) + sizeof(*msc));
865
866 mcc = (void *) ptr; ptr += sizeof(*mcc);
867 mcc->type = __mcc_type(cr, RFCOMM_MSC);
868 mcc->len = __len8(sizeof(*msc));
869
870 msc = (void *) ptr; ptr += sizeof(*msc);
871 msc->dlci = __addr(1, dlci);
872 msc->v24_sig = v24_sig | 0x01;
873
874 *ptr = __fcs(buf); ptr++;
875
876 return rfcomm_send_frame(s, buf, ptr - buf);
877 }
878
879 static int rfcomm_send_fcoff(struct rfcomm_session *s, int cr)
880 {
881 struct rfcomm_hdr *hdr;
882 struct rfcomm_mcc *mcc;
883 u8 buf[16], *ptr = buf;
884
885 BT_DBG("%p cr %d", s, cr);
886
887 hdr = (void *) ptr; ptr += sizeof(*hdr);
888 hdr->addr = __addr(s->initiator, 0);
889 hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
890 hdr->len = __len8(sizeof(*mcc));
891
892 mcc = (void *) ptr; ptr += sizeof(*mcc);
893 mcc->type = __mcc_type(cr, RFCOMM_FCOFF);
894 mcc->len = __len8(0);
895
896 *ptr = __fcs(buf); ptr++;
897
898 return rfcomm_send_frame(s, buf, ptr - buf);
899 }
900
901 static int rfcomm_send_fcon(struct rfcomm_session *s, int cr)
902 {
903 struct rfcomm_hdr *hdr;
904 struct rfcomm_mcc *mcc;
905 u8 buf[16], *ptr = buf;
906
907 BT_DBG("%p cr %d", s, cr);
908
909 hdr = (void *) ptr; ptr += sizeof(*hdr);
910 hdr->addr = __addr(s->initiator, 0);
911 hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
912 hdr->len = __len8(sizeof(*mcc));
913
914 mcc = (void *) ptr; ptr += sizeof(*mcc);
915 mcc->type = __mcc_type(cr, RFCOMM_FCON);
916 mcc->len = __len8(0);
917
918 *ptr = __fcs(buf); ptr++;
919
920 return rfcomm_send_frame(s, buf, ptr - buf);
921 }
922
923 static int rfcomm_send_test(struct rfcomm_session *s, int cr, u8 *pattern, int len)
924 {
925 struct socket *sock = s->sock;
926 struct kvec iv[3];
927 struct msghdr msg;
928 unsigned char hdr[5], crc[1];
929
930 if (len > 125)
931 return -EINVAL;
932
933 BT_DBG("%p cr %d", s, cr);
934
935 hdr[0] = __addr(s->initiator, 0);
936 hdr[1] = __ctrl(RFCOMM_UIH, 0);
937 hdr[2] = 0x01 | ((len + 2) << 1);
938 hdr[3] = 0x01 | ((cr & 0x01) << 1) | (RFCOMM_TEST << 2);
939 hdr[4] = 0x01 | (len << 1);
940
941 crc[0] = __fcs(hdr);
942
943 iv[0].iov_base = hdr;
944 iv[0].iov_len = 5;
945 iv[1].iov_base = pattern;
946 iv[1].iov_len = len;
947 iv[2].iov_base = crc;
948 iv[2].iov_len = 1;
949
950 memset(&msg, 0, sizeof(msg));
951
952 return kernel_sendmsg(sock, &msg, iv, 3, 6 + len);
953 }
954
955 static int rfcomm_send_credits(struct rfcomm_session *s, u8 addr, u8 credits)
956 {
957 struct rfcomm_hdr *hdr;
958 u8 buf[16], *ptr = buf;
959
960 BT_DBG("%p addr %d credits %d", s, addr, credits);
961
962 hdr = (void *) ptr; ptr += sizeof(*hdr);
963 hdr->addr = addr;
964 hdr->ctrl = __ctrl(RFCOMM_UIH, 1);
965 hdr->len = __len8(0);
966
967 *ptr = credits; ptr++;
968
969 *ptr = __fcs(buf); ptr++;
970
971 return rfcomm_send_frame(s, buf, ptr - buf);
972 }
973
974 static void rfcomm_make_uih(struct sk_buff *skb, u8 addr)
975 {
976 struct rfcomm_hdr *hdr;
977 int len = skb->len;
978 u8 *crc;
979
980 if (len > 127) {
981 hdr = (void *) skb_push(skb, 4);
982 put_unaligned(htobs(__len16(len)), (u16 *) &hdr->len);
983 } else {
984 hdr = (void *) skb_push(skb, 3);
985 hdr->len = __len8(len);
986 }
987 hdr->addr = addr;
988 hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
989
990 crc = skb_put(skb, 1);
991 *crc = __fcs((void *) hdr);
992 }
993
994 /* ---- RFCOMM frame reception ---- */
995 static int rfcomm_recv_ua(struct rfcomm_session *s, u8 dlci)
996 {
997 BT_DBG("session %p state %ld dlci %d", s, s->state, dlci);
998
999 if (dlci) {
1000 /* Data channel */
1001 struct rfcomm_dlc *d = rfcomm_dlc_get(s, dlci);
1002 if (!d) {
1003 rfcomm_send_dm(s, dlci);
1004 return 0;
1005 }
1006
1007 switch (d->state) {
1008 case BT_CONNECT:
1009 rfcomm_dlc_clear_timer(d);
1010
1011 rfcomm_dlc_lock(d);
1012 d->state = BT_CONNECTED;
1013 d->state_change(d, 0);
1014 rfcomm_dlc_unlock(d);
1015
1016 rfcomm_send_msc(s, 1, dlci, d->v24_sig);
1017 break;
1018
1019 case BT_DISCONN:
1020 d->state = BT_CLOSED;
1021 __rfcomm_dlc_close(d, 0);
1022 break;
1023 }
1024 } else {
1025 /* Control channel */
1026 switch (s->state) {
1027 case BT_CONNECT:
1028 s->state = BT_CONNECTED;
1029 rfcomm_process_connect(s);
1030 break;
1031 }
1032 }
1033 return 0;
1034 }
1035
1036 static int rfcomm_recv_dm(struct rfcomm_session *s, u8 dlci)
1037 {
1038 int err = 0;
1039
1040 BT_DBG("session %p state %ld dlci %d", s, s->state, dlci);
1041
1042 if (dlci) {
1043 /* Data DLC */
1044 struct rfcomm_dlc *d = rfcomm_dlc_get(s, dlci);
1045 if (d) {
1046 if (d->state == BT_CONNECT || d->state == BT_CONFIG)
1047 err = ECONNREFUSED;
1048 else
1049 err = ECONNRESET;
1050
1051 d->state = BT_CLOSED;
1052 __rfcomm_dlc_close(d, err);
1053 }
1054 } else {
1055 if (s->state == BT_CONNECT)
1056 err = ECONNREFUSED;
1057 else
1058 err = ECONNRESET;
1059
1060 s->state = BT_CLOSED;
1061 rfcomm_session_close(s, err);
1062 }
1063 return 0;
1064 }
1065
1066 static int rfcomm_recv_disc(struct rfcomm_session *s, u8 dlci)
1067 {
1068 int err = 0;
1069
1070 BT_DBG("session %p state %ld dlci %d", s, s->state, dlci);
1071
1072 if (dlci) {
1073 struct rfcomm_dlc *d = rfcomm_dlc_get(s, dlci);
1074 if (d) {
1075 rfcomm_send_ua(s, dlci);
1076
1077 if (d->state == BT_CONNECT || d->state == BT_CONFIG)
1078 err = ECONNREFUSED;
1079 else
1080 err = ECONNRESET;
1081
1082 d->state = BT_CLOSED;
1083 __rfcomm_dlc_close(d, err);
1084 } else
1085 rfcomm_send_dm(s, dlci);
1086
1087 } else {
1088 rfcomm_send_ua(s, 0);
1089
1090 if (s->state == BT_CONNECT)
1091 err = ECONNREFUSED;
1092 else
1093 err = ECONNRESET;
1094
1095 s->state = BT_CLOSED;
1096 rfcomm_session_close(s, err);
1097 }
1098
1099 return 0;
1100 }
1101
1102 static inline int rfcomm_check_link_mode(struct rfcomm_dlc *d)
1103 {
1104 struct sock *sk = d->session->sock->sk;
1105
1106 if (d->link_mode & (RFCOMM_LM_ENCRYPT | RFCOMM_LM_SECURE)) {
1107 if (!hci_conn_encrypt(l2cap_pi(sk)->conn->hcon))
1108 return 1;
1109 } else if (d->link_mode & RFCOMM_LM_AUTH) {
1110 if (!hci_conn_auth(l2cap_pi(sk)->conn->hcon))
1111 return 1;
1112 }
1113
1114 return 0;
1115 }
1116
1117 static void rfcomm_dlc_accept(struct rfcomm_dlc *d)
1118 {
1119 BT_DBG("dlc %p", d);
1120
1121 rfcomm_send_ua(d->session, d->dlci);
1122
1123 rfcomm_dlc_lock(d);
1124 d->state = BT_CONNECTED;
1125 d->state_change(d, 0);
1126 rfcomm_dlc_unlock(d);
1127
1128 rfcomm_send_msc(d->session, 1, d->dlci, d->v24_sig);
1129 }
1130
1131 static int rfcomm_recv_sabm(struct rfcomm_session *s, u8 dlci)
1132 {
1133 struct rfcomm_dlc *d;
1134 u8 channel;
1135
1136 BT_DBG("session %p state %ld dlci %d", s, s->state, dlci);
1137
1138 if (!dlci) {
1139 rfcomm_send_ua(s, 0);
1140
1141 if (s->state == BT_OPEN) {
1142 s->state = BT_CONNECTED;
1143 rfcomm_process_connect(s);
1144 }
1145 return 0;
1146 }
1147
1148 /* Check if DLC exists */
1149 d = rfcomm_dlc_get(s, dlci);
1150 if (d) {
1151 if (d->state == BT_OPEN) {
1152 /* DLC was previously opened by PN request */
1153 if (rfcomm_check_link_mode(d)) {
1154 set_bit(RFCOMM_AUTH_PENDING, &d->flags);
1155 rfcomm_dlc_set_timer(d, RFCOMM_AUTH_TIMEOUT);
1156 return 0;
1157 }
1158
1159 rfcomm_dlc_accept(d);
1160 }
1161 return 0;
1162 }
1163
1164 /* Notify socket layer about incoming connection */
1165 channel = __srv_channel(dlci);
1166 if (rfcomm_connect_ind(s, channel, &d)) {
1167 d->dlci = dlci;
1168 d->addr = __addr(s->initiator, dlci);
1169 rfcomm_dlc_link(s, d);
1170
1171 if (rfcomm_check_link_mode(d)) {
1172 set_bit(RFCOMM_AUTH_PENDING, &d->flags);
1173 rfcomm_dlc_set_timer(d, RFCOMM_AUTH_TIMEOUT);
1174 return 0;
1175 }
1176
1177 rfcomm_dlc_accept(d);
1178 } else {
1179 rfcomm_send_dm(s, dlci);
1180 }
1181
1182 return 0;
1183 }
1184
1185 static int rfcomm_apply_pn(struct rfcomm_dlc *d, int cr, struct rfcomm_pn *pn)
1186 {
1187 struct rfcomm_session *s = d->session;
1188
1189 BT_DBG("dlc %p state %ld dlci %d mtu %d fc 0x%x credits %d",
1190 d, d->state, d->dlci, pn->mtu, pn->flow_ctrl, pn->credits);
1191
1192 if (pn->flow_ctrl == 0xf0 || pn->flow_ctrl == 0xe0) {
1193 d->cfc = s->cfc = RFCOMM_CFC_ENABLED;
1194 d->tx_credits = pn->credits;
1195 } else {
1196 d->cfc = s->cfc = RFCOMM_CFC_DISABLED;
1197 set_bit(RFCOMM_TX_THROTTLED, &d->flags);
1198 }
1199
1200 d->priority = pn->priority;
1201
1202 d->mtu = s->mtu = btohs(pn->mtu);
1203
1204 return 0;
1205 }
1206
1207 static int rfcomm_recv_pn(struct rfcomm_session *s, int cr, struct sk_buff *skb)
1208 {
1209 struct rfcomm_pn *pn = (void *) skb->data;
1210 struct rfcomm_dlc *d;
1211 u8 dlci = pn->dlci;
1212
1213 BT_DBG("session %p state %ld dlci %d", s, s->state, dlci);
1214
1215 if (!dlci)
1216 return 0;
1217
1218 d = rfcomm_dlc_get(s, dlci);
1219 if (d) {
1220 if (cr) {
1221 /* PN request */
1222 rfcomm_apply_pn(d, cr, pn);
1223 rfcomm_send_pn(s, 0, d);
1224 } else {
1225 /* PN response */
1226 switch (d->state) {
1227 case BT_CONFIG:
1228 rfcomm_apply_pn(d, cr, pn);
1229
1230 d->state = BT_CONNECT;
1231 rfcomm_send_sabm(s, d->dlci);
1232 break;
1233 }
1234 }
1235 } else {
1236 u8 channel = __srv_channel(dlci);
1237
1238 if (!cr)
1239 return 0;
1240
1241 /* PN request for non existing DLC.
1242 * Assume incoming connection. */
1243 if (rfcomm_connect_ind(s, channel, &d)) {
1244 d->dlci = dlci;
1245 d->addr = __addr(s->initiator, dlci);
1246 rfcomm_dlc_link(s, d);
1247
1248 rfcomm_apply_pn(d, cr, pn);
1249
1250 d->state = BT_OPEN;
1251 rfcomm_send_pn(s, 0, d);
1252 } else {
1253 rfcomm_send_dm(s, dlci);
1254 }
1255 }
1256 return 0;
1257 }
1258
1259 static int rfcomm_recv_rpn(struct rfcomm_session *s, int cr, int len, struct sk_buff *skb)
1260 {
1261 struct rfcomm_rpn *rpn = (void *) skb->data;
1262 u8 dlci = __get_dlci(rpn->dlci);
1263
1264 u8 bit_rate = 0;
1265 u8 data_bits = 0;
1266 u8 stop_bits = 0;
1267 u8 parity = 0;
1268 u8 flow_ctrl = 0;
1269 u8 xon_char = 0;
1270 u8 xoff_char = 0;
1271 u16 rpn_mask = RFCOMM_RPN_PM_ALL;
1272
1273 BT_DBG("dlci %d cr %d len 0x%x bitr 0x%x line 0x%x flow 0x%x xonc 0x%x xoffc 0x%x pm 0x%x",
1274 dlci, cr, len, rpn->bit_rate, rpn->line_settings, rpn->flow_ctrl,
1275 rpn->xon_char, rpn->xoff_char, rpn->param_mask);
1276
1277 if (!cr)
1278 return 0;
1279
1280 if (len == 1) {
1281 /* request: return default setting */
1282 bit_rate = RFCOMM_RPN_BR_115200;
1283 data_bits = RFCOMM_RPN_DATA_8;
1284 stop_bits = RFCOMM_RPN_STOP_1;
1285 parity = RFCOMM_RPN_PARITY_NONE;
1286 flow_ctrl = RFCOMM_RPN_FLOW_NONE;
1287 xon_char = RFCOMM_RPN_XON_CHAR;
1288 xoff_char = RFCOMM_RPN_XOFF_CHAR;
1289
1290 goto rpn_out;
1291 }
1292 /* check for sane values: ignore/accept bit_rate, 8 bits, 1 stop bit, no parity,
1293 no flow control lines, normal XON/XOFF chars */
1294 if (rpn->param_mask & RFCOMM_RPN_PM_BITRATE) {
1295 bit_rate = rpn->bit_rate;
1296 if (bit_rate != RFCOMM_RPN_BR_115200) {
1297 BT_DBG("RPN bit rate mismatch 0x%x", bit_rate);
1298 bit_rate = RFCOMM_RPN_BR_115200;
1299 rpn_mask ^= RFCOMM_RPN_PM_BITRATE;
1300 }
1301 }
1302 if (rpn->param_mask & RFCOMM_RPN_PM_DATA) {
1303 data_bits = __get_rpn_data_bits(rpn->line_settings);
1304 if (data_bits != RFCOMM_RPN_DATA_8) {
1305 BT_DBG("RPN data bits mismatch 0x%x", data_bits);
1306 data_bits = RFCOMM_RPN_DATA_8;
1307 rpn_mask ^= RFCOMM_RPN_PM_DATA;
1308 }
1309 }
1310 if (rpn->param_mask & RFCOMM_RPN_PM_STOP) {
1311 stop_bits = __get_rpn_stop_bits(rpn->line_settings);
1312 if (stop_bits != RFCOMM_RPN_STOP_1) {
1313 BT_DBG("RPN stop bits mismatch 0x%x", stop_bits);
1314 stop_bits = RFCOMM_RPN_STOP_1;
1315 rpn_mask ^= RFCOMM_RPN_PM_STOP;
1316 }
1317 }
1318 if (rpn->param_mask & RFCOMM_RPN_PM_PARITY) {
1319 parity = __get_rpn_parity(rpn->line_settings);
1320 if (parity != RFCOMM_RPN_PARITY_NONE) {
1321 BT_DBG("RPN parity mismatch 0x%x", parity);
1322 parity = RFCOMM_RPN_PARITY_NONE;
1323 rpn_mask ^= RFCOMM_RPN_PM_PARITY;
1324 }
1325 }
1326 if (rpn->param_mask & RFCOMM_RPN_PM_FLOW) {
1327 flow_ctrl = rpn->flow_ctrl;
1328 if (flow_ctrl != RFCOMM_RPN_FLOW_NONE) {
1329 BT_DBG("RPN flow ctrl mismatch 0x%x", flow_ctrl);
1330 flow_ctrl = RFCOMM_RPN_FLOW_NONE;
1331 rpn_mask ^= RFCOMM_RPN_PM_FLOW;
1332 }
1333 }
1334 if (rpn->param_mask & RFCOMM_RPN_PM_XON) {
1335 xon_char = rpn->xon_char;
1336 if (xon_char != RFCOMM_RPN_XON_CHAR) {
1337 BT_DBG("RPN XON char mismatch 0x%x", xon_char);
1338 xon_char = RFCOMM_RPN_XON_CHAR;
1339 rpn_mask ^= RFCOMM_RPN_PM_XON;
1340 }
1341 }
1342 if (rpn->param_mask & RFCOMM_RPN_PM_XOFF) {
1343 xoff_char = rpn->xoff_char;
1344 if (xoff_char != RFCOMM_RPN_XOFF_CHAR) {
1345 BT_DBG("RPN XOFF char mismatch 0x%x", xoff_char);
1346 xoff_char = RFCOMM_RPN_XOFF_CHAR;
1347 rpn_mask ^= RFCOMM_RPN_PM_XOFF;
1348 }
1349 }
1350
1351 rpn_out:
1352 rfcomm_send_rpn(s, 0, dlci,
1353 bit_rate, data_bits, stop_bits, parity, flow_ctrl,
1354 xon_char, xoff_char, rpn_mask);
1355
1356 return 0;
1357 }
1358
1359 static int rfcomm_recv_rls(struct rfcomm_session *s, int cr, struct sk_buff *skb)
1360 {
1361 struct rfcomm_rls *rls = (void *) skb->data;
1362 u8 dlci = __get_dlci(rls->dlci);
1363
1364 BT_DBG("dlci %d cr %d status 0x%x", dlci, cr, rls->status);
1365
1366 if (!cr)
1367 return 0;
1368
1369 /* FIXME: We should probably do something with this
1370 information here. But for now it's sufficient just
1371 to reply -- Bluetooth 1.1 says it's mandatory to
1372 recognise and respond to RLS */
1373
1374 rfcomm_send_rls(s, 0, dlci, rls->status);
1375
1376 return 0;
1377 }
1378
1379 static int rfcomm_recv_msc(struct rfcomm_session *s, int cr, struct sk_buff *skb)
1380 {
1381 struct rfcomm_msc *msc = (void *) skb->data;
1382 struct rfcomm_dlc *d;
1383 u8 dlci = __get_dlci(msc->dlci);
1384
1385 BT_DBG("dlci %d cr %d v24 0x%x", dlci, cr, msc->v24_sig);
1386
1387 d = rfcomm_dlc_get(s, dlci);
1388 if (!d)
1389 return 0;
1390
1391 if (cr) {
1392 if (msc->v24_sig & RFCOMM_V24_FC && !d->cfc)
1393 set_bit(RFCOMM_TX_THROTTLED, &d->flags);
1394 else
1395 clear_bit(RFCOMM_TX_THROTTLED, &d->flags);
1396
1397 rfcomm_dlc_lock(d);
1398 if (d->modem_status)
1399 d->modem_status(d, msc->v24_sig);
1400 rfcomm_dlc_unlock(d);
1401
1402 rfcomm_send_msc(s, 0, dlci, msc->v24_sig);
1403
1404 d->mscex |= RFCOMM_MSCEX_RX;
1405 } else
1406 d->mscex |= RFCOMM_MSCEX_TX;
1407
1408 return 0;
1409 }
1410
1411 static int rfcomm_recv_mcc(struct rfcomm_session *s, struct sk_buff *skb)
1412 {
1413 struct rfcomm_mcc *mcc = (void *) skb->data;
1414 u8 type, cr, len;
1415
1416 cr = __test_cr(mcc->type);
1417 type = __get_mcc_type(mcc->type);
1418 len = __get_mcc_len(mcc->len);
1419
1420 BT_DBG("%p type 0x%x cr %d", s, type, cr);
1421
1422 skb_pull(skb, 2);
1423
1424 switch (type) {
1425 case RFCOMM_PN:
1426 rfcomm_recv_pn(s, cr, skb);
1427 break;
1428
1429 case RFCOMM_RPN:
1430 rfcomm_recv_rpn(s, cr, len, skb);
1431 break;
1432
1433 case RFCOMM_RLS:
1434 rfcomm_recv_rls(s, cr, skb);
1435 break;
1436
1437 case RFCOMM_MSC:
1438 rfcomm_recv_msc(s, cr, skb);
1439 break;
1440
1441 case RFCOMM_FCOFF:
1442 if (cr) {
1443 set_bit(RFCOMM_TX_THROTTLED, &s->flags);
1444 rfcomm_send_fcoff(s, 0);
1445 }
1446 break;
1447
1448 case RFCOMM_FCON:
1449 if (cr) {
1450 clear_bit(RFCOMM_TX_THROTTLED, &s->flags);
1451 rfcomm_send_fcon(s, 0);
1452 }
1453 break;
1454
1455 case RFCOMM_TEST:
1456 if (cr)
1457 rfcomm_send_test(s, 0, skb->data, skb->len);
1458 break;
1459
1460 case RFCOMM_NSC:
1461 break;
1462
1463 default:
1464 BT_ERR("Unknown control type 0x%02x", type);
1465 rfcomm_send_nsc(s, cr, type);
1466 break;
1467 }
1468 return 0;
1469 }
1470
1471 static int rfcomm_recv_data(struct rfcomm_session *s, u8 dlci, int pf, struct sk_buff *skb)
1472 {
1473 struct rfcomm_dlc *d;
1474
1475 BT_DBG("session %p state %ld dlci %d pf %d", s, s->state, dlci, pf);
1476
1477 d = rfcomm_dlc_get(s, dlci);
1478 if (!d) {
1479 rfcomm_send_dm(s, dlci);
1480 goto drop;
1481 }
1482
1483 if (pf && d->cfc) {
1484 u8 credits = *(u8 *) skb->data; skb_pull(skb, 1);
1485
1486 d->tx_credits += credits;
1487 if (d->tx_credits)
1488 clear_bit(RFCOMM_TX_THROTTLED, &d->flags);
1489 }
1490
1491 if (skb->len && d->state == BT_CONNECTED) {
1492 rfcomm_dlc_lock(d);
1493 d->rx_credits--;
1494 d->data_ready(d, skb);
1495 rfcomm_dlc_unlock(d);
1496 return 0;
1497 }
1498
1499 drop:
1500 kfree_skb(skb);
1501 return 0;
1502 }
1503
1504 static int rfcomm_recv_frame(struct rfcomm_session *s, struct sk_buff *skb)
1505 {
1506 struct rfcomm_hdr *hdr = (void *) skb->data;
1507 u8 type, dlci, fcs;
1508
1509 dlci = __get_dlci(hdr->addr);
1510 type = __get_type(hdr->ctrl);
1511
1512 /* Trim FCS */
1513 skb->len--; skb->tail--;
1514 fcs = *(u8 *) skb->tail;
1515
1516 if (__check_fcs(skb->data, type, fcs)) {
1517 BT_ERR("bad checksum in packet");
1518 kfree_skb(skb);
1519 return -EILSEQ;
1520 }
1521
1522 if (__test_ea(hdr->len))
1523 skb_pull(skb, 3);
1524 else
1525 skb_pull(skb, 4);
1526
1527 switch (type) {
1528 case RFCOMM_SABM:
1529 if (__test_pf(hdr->ctrl))
1530 rfcomm_recv_sabm(s, dlci);
1531 break;
1532
1533 case RFCOMM_DISC:
1534 if (__test_pf(hdr->ctrl))
1535 rfcomm_recv_disc(s, dlci);
1536 break;
1537
1538 case RFCOMM_UA:
1539 if (__test_pf(hdr->ctrl))
1540 rfcomm_recv_ua(s, dlci);
1541 break;
1542
1543 case RFCOMM_DM:
1544 rfcomm_recv_dm(s, dlci);
1545 break;
1546
1547 case RFCOMM_UIH:
1548 if (dlci)
1549 return rfcomm_recv_data(s, dlci, __test_pf(hdr->ctrl), skb);
1550
1551 rfcomm_recv_mcc(s, skb);
1552 break;
1553
1554 default:
1555 BT_ERR("Unknown packet type 0x%02x\n", type);
1556 break;
1557 }
1558 kfree_skb(skb);
1559 return 0;
1560 }
1561
1562 /* ---- Connection and data processing ---- */
1563
1564 static void rfcomm_process_connect(struct rfcomm_session *s)
1565 {
1566 struct rfcomm_dlc *d;
1567 struct list_head *p, *n;
1568
1569 BT_DBG("session %p state %ld", s, s->state);
1570
1571 list_for_each_safe(p, n, &s->dlcs) {
1572 d = list_entry(p, struct rfcomm_dlc, list);
1573 if (d->state == BT_CONFIG) {
1574 d->mtu = s->mtu;
1575 rfcomm_send_pn(s, 1, d);
1576 }
1577 }
1578 }
1579
1580 /* Send data queued for the DLC.
1581 * Return number of frames left in the queue.
1582 */
1583 static inline int rfcomm_process_tx(struct rfcomm_dlc *d)
1584 {
1585 struct sk_buff *skb;
1586 int err;
1587
1588 BT_DBG("dlc %p state %ld cfc %d rx_credits %d tx_credits %d",
1589 d, d->state, d->cfc, d->rx_credits, d->tx_credits);
1590
1591 /* Send pending MSC */
1592 if (test_and_clear_bit(RFCOMM_MSC_PENDING, &d->flags))
1593 rfcomm_send_msc(d->session, 1, d->dlci, d->v24_sig);
1594
1595 if (d->cfc) {
1596 /* CFC enabled.
1597 * Give them some credits */
1598 if (!test_bit(RFCOMM_RX_THROTTLED, &d->flags) &&
1599 d->rx_credits <= (d->cfc >> 2)) {
1600 rfcomm_send_credits(d->session, d->addr, d->cfc - d->rx_credits);
1601 d->rx_credits = d->cfc;
1602 }
1603 } else {
1604 /* CFC disabled.
1605 * Give ourselves some credits */
1606 d->tx_credits = 5;
1607 }
1608
1609 if (test_bit(RFCOMM_TX_THROTTLED, &d->flags))
1610 return skb_queue_len(&d->tx_queue);
1611
1612 while (d->tx_credits && (skb = skb_dequeue(&d->tx_queue))) {
1613 err = rfcomm_send_frame(d->session, skb->data, skb->len);
1614 if (err < 0) {
1615 skb_queue_head(&d->tx_queue, skb);
1616 break;
1617 }
1618 kfree_skb(skb);
1619 d->tx_credits--;
1620 }
1621
1622 if (d->cfc && !d->tx_credits) {
1623 /* We're out of TX credits.
1624 * Set TX_THROTTLED flag to avoid unnesary wakeups by dlc_send. */
1625 set_bit(RFCOMM_TX_THROTTLED, &d->flags);
1626 }
1627
1628 return skb_queue_len(&d->tx_queue);
1629 }
1630
1631 static inline void rfcomm_process_dlcs(struct rfcomm_session *s)
1632 {
1633 struct rfcomm_dlc *d;
1634 struct list_head *p, *n;
1635
1636 BT_DBG("session %p state %ld", s, s->state);
1637
1638 list_for_each_safe(p, n, &s->dlcs) {
1639 d = list_entry(p, struct rfcomm_dlc, list);
1640
1641 if (test_bit(RFCOMM_TIMED_OUT, &d->flags)) {
1642 __rfcomm_dlc_close(d, ETIMEDOUT);
1643 continue;
1644 }
1645
1646 if (test_and_clear_bit(RFCOMM_AUTH_ACCEPT, &d->flags)) {
1647 rfcomm_dlc_clear_timer(d);
1648 rfcomm_dlc_accept(d);
1649 if (d->link_mode & RFCOMM_LM_SECURE) {
1650 struct sock *sk = s->sock->sk;
1651 hci_conn_change_link_key(l2cap_pi(sk)->conn->hcon);
1652 }
1653 continue;
1654 } else if (test_and_clear_bit(RFCOMM_AUTH_REJECT, &d->flags)) {
1655 rfcomm_dlc_clear_timer(d);
1656 rfcomm_send_dm(s, d->dlci);
1657 __rfcomm_dlc_close(d, ECONNREFUSED);
1658 continue;
1659 }
1660
1661 if (test_bit(RFCOMM_TX_THROTTLED, &s->flags))
1662 continue;
1663
1664 if ((d->state == BT_CONNECTED || d->state == BT_DISCONN) &&
1665 d->mscex == RFCOMM_MSCEX_OK)
1666 rfcomm_process_tx(d);
1667 }
1668 }
1669
1670 static inline void rfcomm_process_rx(struct rfcomm_session *s)
1671 {
1672 struct socket *sock = s->sock;
1673 struct sock *sk = sock->sk;
1674 struct sk_buff *skb;
1675
1676 BT_DBG("session %p state %ld qlen %d", s, s->state, skb_queue_len(&sk->sk_receive_queue));
1677
1678 /* Get data directly from socket receive queue without copying it. */
1679 while ((skb = skb_dequeue(&sk->sk_receive_queue))) {
1680 skb_orphan(skb);
1681 rfcomm_recv_frame(s, skb);
1682 }
1683
1684 if (sk->sk_state == BT_CLOSED) {
1685 if (!s->initiator)
1686 rfcomm_session_put(s);
1687
1688 rfcomm_session_close(s, sk->sk_err);
1689 }
1690 }
1691
1692 static inline void rfcomm_accept_connection(struct rfcomm_session *s)
1693 {
1694 struct socket *sock = s->sock, *nsock;
1695 int err;
1696
1697 /* Fast check for a new connection.
1698 * Avoids unnesesary socket allocations. */
1699 if (list_empty(&bt_sk(sock->sk)->accept_q))
1700 return;
1701
1702 BT_DBG("session %p", s);
1703
1704 if (sock_create_lite(PF_BLUETOOTH, sock->type, BTPROTO_L2CAP, &nsock))
1705 return;
1706
1707 nsock->ops = sock->ops;
1708
1709 __module_get(nsock->ops->owner);
1710
1711 err = sock->ops->accept(sock, nsock, O_NONBLOCK);
1712 if (err < 0) {
1713 sock_release(nsock);
1714 return;
1715 }
1716
1717 /* Set our callbacks */
1718 nsock->sk->sk_data_ready = rfcomm_l2data_ready;
1719 nsock->sk->sk_state_change = rfcomm_l2state_change;
1720
1721 s = rfcomm_session_add(nsock, BT_OPEN);
1722 if (s) {
1723 rfcomm_session_hold(s);
1724 rfcomm_schedule(RFCOMM_SCHED_RX);
1725 } else
1726 sock_release(nsock);
1727 }
1728
1729 static inline void rfcomm_check_connection(struct rfcomm_session *s)
1730 {
1731 struct sock *sk = s->sock->sk;
1732
1733 BT_DBG("%p state %ld", s, s->state);
1734
1735 switch(sk->sk_state) {
1736 case BT_CONNECTED:
1737 s->state = BT_CONNECT;
1738
1739 /* We can adjust MTU on outgoing sessions.
1740 * L2CAP MTU minus UIH header and FCS. */
1741 s->mtu = min(l2cap_pi(sk)->omtu, l2cap_pi(sk)->imtu) - 5;
1742
1743 rfcomm_send_sabm(s, 0);
1744 break;
1745
1746 case BT_CLOSED:
1747 s->state = BT_CLOSED;
1748 rfcomm_session_close(s, sk->sk_err);
1749 break;
1750 }
1751 }
1752
1753 static inline void rfcomm_process_sessions(void)
1754 {
1755 struct list_head *p, *n;
1756
1757 rfcomm_lock();
1758
1759 list_for_each_safe(p, n, &session_list) {
1760 struct rfcomm_session *s;
1761 s = list_entry(p, struct rfcomm_session, list);
1762
1763 if (s->state == BT_LISTEN) {
1764 rfcomm_accept_connection(s);
1765 continue;
1766 }
1767
1768 rfcomm_session_hold(s);
1769
1770 switch (s->state) {
1771 case BT_BOUND:
1772 rfcomm_check_connection(s);
1773 break;
1774
1775 default:
1776 rfcomm_process_rx(s);
1777 break;
1778 }
1779
1780 rfcomm_process_dlcs(s);
1781
1782 rfcomm_session_put(s);
1783 }
1784
1785 rfcomm_unlock();
1786 }
1787
1788 static void rfcomm_worker(void)
1789 {
1790 BT_DBG("");
1791
1792 while (!atomic_read(&terminate)) {
1793 if (!test_bit(RFCOMM_SCHED_WAKEUP, &rfcomm_event)) {
1794 /* No pending events. Let's sleep.
1795 * Incoming connections and data will wake us up. */
1796 set_current_state(TASK_INTERRUPTIBLE);
1797 schedule();
1798 }
1799
1800 /* Process stuff */
1801 clear_bit(RFCOMM_SCHED_WAKEUP, &rfcomm_event);
1802 rfcomm_process_sessions();
1803 }
1804 set_current_state(TASK_RUNNING);
1805 return;
1806 }
1807
1808 static int rfcomm_add_listener(bdaddr_t *ba)
1809 {
1810 struct sockaddr_l2 addr;
1811 struct socket *sock;
1812 struct sock *sk;
1813 struct rfcomm_session *s;
1814 int err = 0;
1815
1816 /* Create socket */
1817 err = rfcomm_l2sock_create(&sock);
1818 if (err < 0) {
1819 BT_ERR("Create socket failed %d", err);
1820 return err;
1821 }
1822
1823 /* Bind socket */
1824 bacpy(&addr.l2_bdaddr, ba);
1825 addr.l2_family = AF_BLUETOOTH;
1826 addr.l2_psm = htobs(RFCOMM_PSM);
1827 err = sock->ops->bind(sock, (struct sockaddr *) &addr, sizeof(addr));
1828 if (err < 0) {
1829 BT_ERR("Bind failed %d", err);
1830 goto failed;
1831 }
1832
1833 /* Set L2CAP options */
1834 sk = sock->sk;
1835 lock_sock(sk);
1836 l2cap_pi(sk)->imtu = RFCOMM_MAX_L2CAP_MTU;
1837 release_sock(sk);
1838
1839 /* Start listening on the socket */
1840 err = sock->ops->listen(sock, 10);
1841 if (err) {
1842 BT_ERR("Listen failed %d", err);
1843 goto failed;
1844 }
1845
1846 /* Add listening session */
1847 s = rfcomm_session_add(sock, BT_LISTEN);
1848 if (!s)
1849 goto failed;
1850
1851 rfcomm_session_hold(s);
1852 return 0;
1853 failed:
1854 sock_release(sock);
1855 return err;
1856 }
1857
1858 static void rfcomm_kill_listener(void)
1859 {
1860 struct rfcomm_session *s;
1861 struct list_head *p, *n;
1862
1863 BT_DBG("");
1864
1865 list_for_each_safe(p, n, &session_list) {
1866 s = list_entry(p, struct rfcomm_session, list);
1867 rfcomm_session_del(s);
1868 }
1869 }
1870
1871 static int rfcomm_run(void *unused)
1872 {
1873 rfcomm_thread = current;
1874
1875 atomic_inc(&running);
1876
1877 daemonize("krfcommd");
1878 set_user_nice(current, -10);
1879 current->flags |= PF_NOFREEZE;
1880
1881 BT_DBG("");
1882
1883 rfcomm_add_listener(BDADDR_ANY);
1884
1885 rfcomm_worker();
1886
1887 rfcomm_kill_listener();
1888
1889 atomic_dec(&running);
1890 return 0;
1891 }
1892
1893 static void rfcomm_auth_cfm(struct hci_conn *conn, u8 status)
1894 {
1895 struct rfcomm_session *s;
1896 struct rfcomm_dlc *d;
1897 struct list_head *p, *n;
1898
1899 BT_DBG("conn %p status 0x%02x", conn, status);
1900
1901 s = rfcomm_session_get(&conn->hdev->bdaddr, &conn->dst);
1902 if (!s)
1903 return;
1904
1905 rfcomm_session_hold(s);
1906
1907 list_for_each_safe(p, n, &s->dlcs) {
1908 d = list_entry(p, struct rfcomm_dlc, list);
1909
1910 if (d->link_mode & (RFCOMM_LM_ENCRYPT | RFCOMM_LM_SECURE))
1911 continue;
1912
1913 if (!test_and_clear_bit(RFCOMM_AUTH_PENDING, &d->flags))
1914 continue;
1915
1916 if (!status)
1917 set_bit(RFCOMM_AUTH_ACCEPT, &d->flags);
1918 else
1919 set_bit(RFCOMM_AUTH_REJECT, &d->flags);
1920 }
1921
1922 rfcomm_session_put(s);
1923
1924 rfcomm_schedule(RFCOMM_SCHED_AUTH);
1925 }
1926
1927 static void rfcomm_encrypt_cfm(struct hci_conn *conn, u8 status, u8 encrypt)
1928 {
1929 struct rfcomm_session *s;
1930 struct rfcomm_dlc *d;
1931 struct list_head *p, *n;
1932
1933 BT_DBG("conn %p status 0x%02x encrypt 0x%02x", conn, status, encrypt);
1934
1935 s = rfcomm_session_get(&conn->hdev->bdaddr, &conn->dst);
1936 if (!s)
1937 return;
1938
1939 rfcomm_session_hold(s);
1940
1941 list_for_each_safe(p, n, &s->dlcs) {
1942 d = list_entry(p, struct rfcomm_dlc, list);
1943
1944 if (!test_and_clear_bit(RFCOMM_AUTH_PENDING, &d->flags))
1945 continue;
1946
1947 if (!status && encrypt)
1948 set_bit(RFCOMM_AUTH_ACCEPT, &d->flags);
1949 else
1950 set_bit(RFCOMM_AUTH_REJECT, &d->flags);
1951 }
1952
1953 rfcomm_session_put(s);
1954
1955 rfcomm_schedule(RFCOMM_SCHED_AUTH);
1956 }
1957
1958 static struct hci_cb rfcomm_cb = {
1959 .name = "RFCOMM",
1960 .auth_cfm = rfcomm_auth_cfm,
1961 .encrypt_cfm = rfcomm_encrypt_cfm
1962 };
1963
1964 /* ---- Proc fs support ---- */
1965 #ifdef CONFIG_PROC_FS
1966 static void *rfcomm_seq_start(struct seq_file *seq, loff_t *pos)
1967 {
1968 struct rfcomm_session *s;
1969 struct list_head *pp, *p;
1970 loff_t l = *pos;
1971
1972 rfcomm_lock();
1973
1974 list_for_each(p, &session_list) {
1975 s = list_entry(p, struct rfcomm_session, list);
1976 list_for_each(pp, &s->dlcs)
1977 if (!l--) {
1978 seq->private = s;
1979 return pp;
1980 }
1981 }
1982 return NULL;
1983 }
1984
1985 static void *rfcomm_seq_next(struct seq_file *seq, void *e, loff_t *pos)
1986 {
1987 struct rfcomm_session *s = seq->private;
1988 struct list_head *pp, *p = e;
1989 (*pos)++;
1990
1991 if (p->next != &s->dlcs)
1992 return p->next;
1993
1994 list_for_each(p, &session_list) {
1995 s = list_entry(p, struct rfcomm_session, list);
1996 __list_for_each(pp, &s->dlcs) {
1997 seq->private = s;
1998 return pp;
1999 }
2000 }
2001 return NULL;
2002 }
2003
2004 static void rfcomm_seq_stop(struct seq_file *seq, void *e)
2005 {
2006 rfcomm_unlock();
2007 }
2008
2009 static int rfcomm_seq_show(struct seq_file *seq, void *e)
2010 {
2011 struct rfcomm_session *s = seq->private;
2012 struct sock *sk = s->sock->sk;
2013 struct rfcomm_dlc *d = list_entry(e, struct rfcomm_dlc, list);
2014
2015 seq_printf(seq, "%s %s %ld %d %d %d %d\n",
2016 batostr(&bt_sk(sk)->src), batostr(&bt_sk(sk)->dst),
2017 d->state, d->dlci, d->mtu, d->rx_credits, d->tx_credits);
2018 return 0;
2019 }
2020
2021 static struct seq_operations rfcomm_seq_ops = {
2022 .start = rfcomm_seq_start,
2023 .next = rfcomm_seq_next,
2024 .stop = rfcomm_seq_stop,
2025 .show = rfcomm_seq_show
2026 };
2027
2028 static int rfcomm_seq_open(struct inode *inode, struct file *file)
2029 {
2030 return seq_open(file, &rfcomm_seq_ops);
2031 }
2032
2033 static struct file_operations rfcomm_seq_fops = {
2034 .owner = THIS_MODULE,
2035 .open = rfcomm_seq_open,
2036 .read = seq_read,
2037 .llseek = seq_lseek,
2038 .release = seq_release,
2039 };
2040
2041 static int __init rfcomm_proc_init(void)
2042 {
2043 struct proc_dir_entry *p;
2044
2045 proc_bt_rfcomm = proc_mkdir("rfcomm", proc_bt);
2046 if (proc_bt_rfcomm) {
2047 proc_bt_rfcomm->owner = THIS_MODULE;
2048
2049 p = create_proc_entry("dlc", S_IRUGO, proc_bt_rfcomm);
2050 if (p)
2051 p->proc_fops = &rfcomm_seq_fops;
2052 }
2053 return 0;
2054 }
2055
2056 static void __exit rfcomm_proc_cleanup(void)
2057 {
2058 remove_proc_entry("dlc", proc_bt_rfcomm);
2059
2060 remove_proc_entry("rfcomm", proc_bt);
2061 }
2062
2063 #else /* CONFIG_PROC_FS */
2064
2065 static int __init rfcomm_proc_init(void)
2066 {
2067 return 0;
2068 }
2069
2070 static void __exit rfcomm_proc_cleanup(void)
2071 {
2072 return;
2073 }
2074 #endif /* CONFIG_PROC_FS */
2075
2076 /* ---- Initialization ---- */
2077 static int __init rfcomm_init(void)
2078 {
2079 l2cap_load();
2080
2081 hci_register_cb(&rfcomm_cb);
2082
2083 kernel_thread(rfcomm_run, NULL, CLONE_KERNEL);
2084
2085 BT_INFO("RFCOMM ver %s", VERSION);
2086
2087 rfcomm_proc_init();
2088
2089 rfcomm_init_sockets();
2090
2091 #ifdef CONFIG_BT_RFCOMM_TTY
2092 rfcomm_init_ttys();
2093 #endif
2094
2095 return 0;
2096 }
2097
2098 static void __exit rfcomm_exit(void)
2099 {
2100 hci_unregister_cb(&rfcomm_cb);
2101
2102 /* Terminate working thread.
2103 * ie. Set terminate flag and wake it up */
2104 atomic_inc(&terminate);
2105 rfcomm_schedule(RFCOMM_SCHED_STATE);
2106
2107 /* Wait until thread is running */
2108 while (atomic_read(&running))
2109 schedule();
2110
2111 #ifdef CONFIG_BT_RFCOMM_TTY
2112 rfcomm_cleanup_ttys();
2113 #endif
2114
2115 rfcomm_cleanup_sockets();
2116
2117 rfcomm_proc_cleanup();
2118 }
2119
2120 module_init(rfcomm_init);
2121 module_exit(rfcomm_exit);
2122
2123 MODULE_AUTHOR("Maxim Krasnyansky <maxk@qualcomm.com>, Marcel Holtmann <marcel@holtmann.org>");
2124 MODULE_DESCRIPTION("Bluetooth RFCOMM ver " VERSION);
2125 MODULE_VERSION(VERSION);
2126 MODULE_LICENSE("GPL");
2127 MODULE_ALIAS("bt-proto-3");
Ubuntu Artful kernel mirror