2    RFCOMM implementation for Linux Bluetooth stack (BlueZ).
 
   3    Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com>
 
   4    Copyright (C) 2002 Marcel Holtmann <marcel@holtmann.org>
 
   6    This program is free software; you can redistribute it and/or modify
 
   7    it under the terms of the GNU General Public License version 2 as
 
   8    published by the Free Software Foundation;
 
  10    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
 
  11    OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 
  12    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
 
  13    IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
 
  14    CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES 
 
  15    WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 
 
  16    ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 
 
  17    OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 
  19    ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, 
 
  20    COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS 
 
  21    SOFTWARE IS DISCLAIMED.
 
  27  * $Id: tty.c,v 1.24 2002/10/03 01:54:38 holtmann Exp $
 
  30 #include <linux/module.h>
 
  32 #include <linux/tty.h>
 
  33 #include <linux/tty_driver.h>
 
  34 #include <linux/tty_flip.h>
 
  36 #include <linux/capability.h>
 
  37 #include <linux/slab.h>
 
  38 #include <linux/skbuff.h>
 
  40 #include <net/bluetooth/bluetooth.h>
 
  41 #include <net/bluetooth/rfcomm.h>
 
  43 #ifndef CONFIG_BT_RFCOMM_DEBUG
 
  48 #define RFCOMM_TTY_MAGIC 0x6d02         /* magic number for rfcomm struct */
 
  49 #define RFCOMM_TTY_PORTS RFCOMM_MAX_DEV /* whole lotta rfcomm devices */
 
  50 #define RFCOMM_TTY_MAJOR 216            /* device node major id of the usb/bluetooth.c driver */
 
  51 #define RFCOMM_TTY_MINOR 0
 
  53 static struct tty_driver *rfcomm_tty_driver;
 
  56         struct list_head        list;
 
  71         struct rfcomm_dlc       *dlc;
 
  72         struct tty_struct       *tty;
 
  73         wait_queue_head_t       wait;
 
  74         struct tasklet_struct   wakeup_task;
 
  79 static LIST_HEAD(rfcomm_dev_list);
 
  80 static DEFINE_RWLOCK(rfcomm_dev_lock);
 
  82 static void rfcomm_dev_data_ready(struct rfcomm_dlc *dlc, struct sk_buff *skb);
 
  83 static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err);
 
  84 static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig);
 
  86 static void rfcomm_tty_wakeup(unsigned long arg);
 
  88 /* ---- Device functions ---- */
 
  89 static void rfcomm_dev_destruct(struct rfcomm_dev *dev)
 
  91         struct rfcomm_dlc *dlc = dev->dlc;
 
  93         BT_DBG("dev %p dlc %p", dev, dlc);
 
  96         /* Detach DLC if it's owned by this dev */
 
  97         if (dlc->owner == dev)
 
  99         rfcomm_dlc_unlock(dlc);
 
 103         tty_unregister_device(rfcomm_tty_driver, dev->id);
 
 105         /* Refcount should only hit zero when called from rfcomm_dev_del()
 
 106            which will have taken us off the list. Everything else are
 
 108         BUG_ON(!list_empty(&dev->list));
 
 112         /* It's safe to call module_put() here because socket still 
 
 113            holds reference to this module. */
 
 114         module_put(THIS_MODULE);
 
 117 static inline void rfcomm_dev_hold(struct rfcomm_dev *dev)
 
 119         atomic_inc(&dev->refcnt);
 
 122 static inline void rfcomm_dev_put(struct rfcomm_dev *dev)
 
 124         /* The reason this isn't actually a race, as you no
 
 125            doubt have a little voice screaming at you in your
 
 126            head, is that the refcount should never actually
 
 127            reach zero unless the device has already been taken
 
 128            off the list, in rfcomm_dev_del(). And if that's not
 
 129            true, we'll hit the BUG() in rfcomm_dev_destruct()
 
 131         if (atomic_dec_and_test(&dev->refcnt))
 
 132                 rfcomm_dev_destruct(dev);
 
 135 static struct rfcomm_dev *__rfcomm_dev_get(int id)
 
 137         struct rfcomm_dev *dev;
 
 140         list_for_each(p, &rfcomm_dev_list) {
 
 141                 dev = list_entry(p, struct rfcomm_dev, list);
 
 149 static inline struct rfcomm_dev *rfcomm_dev_get(int id)
 
 151         struct rfcomm_dev *dev;
 
 153         read_lock(&rfcomm_dev_lock);
 
 155         dev = __rfcomm_dev_get(id);
 
 157                 rfcomm_dev_hold(dev);
 
 159         read_unlock(&rfcomm_dev_lock);
 
 164 static int rfcomm_dev_add(struct rfcomm_dev_req *req, struct rfcomm_dlc *dlc)
 
 166         struct rfcomm_dev *dev;
 
 167         struct list_head *head = &rfcomm_dev_list, *p;
 
 170         BT_DBG("id %d channel %d", req->dev_id, req->channel);
 
 172         dev = kzalloc(sizeof(struct rfcomm_dev), GFP_KERNEL);
 
 176         write_lock_bh(&rfcomm_dev_lock);
 
 178         if (req->dev_id < 0) {
 
 181                 list_for_each(p, &rfcomm_dev_list) {
 
 182                         if (list_entry(p, struct rfcomm_dev, list)->id != dev->id)
 
 189                 dev->id = req->dev_id;
 
 191                 list_for_each(p, &rfcomm_dev_list) {
 
 192                         struct rfcomm_dev *entry = list_entry(p, struct rfcomm_dev, list);
 
 194                         if (entry->id == dev->id) {
 
 199                         if (entry->id > dev->id - 1)
 
 206         if ((dev->id < 0) || (dev->id > RFCOMM_MAX_DEV - 1)) {
 
 211         sprintf(dev->name, "rfcomm%d", dev->id);
 
 213         list_add(&dev->list, head);
 
 214         atomic_set(&dev->refcnt, 1);
 
 216         bacpy(&dev->src, &req->src);
 
 217         bacpy(&dev->dst, &req->dst);
 
 218         dev->channel = req->channel;
 
 220         dev->flags = req->flags & 
 
 221                 ((1 << RFCOMM_RELEASE_ONHUP) | (1 << RFCOMM_REUSE_DLC));
 
 223         init_waitqueue_head(&dev->wait);
 
 224         tasklet_init(&dev->wakeup_task, rfcomm_tty_wakeup, (unsigned long) dev);
 
 226         rfcomm_dlc_lock(dlc);
 
 227         dlc->data_ready   = rfcomm_dev_data_ready;
 
 228         dlc->state_change = rfcomm_dev_state_change;
 
 229         dlc->modem_status = rfcomm_dev_modem_status;
 
 233         rfcomm_dlc_unlock(dlc);
 
 235         /* It's safe to call __module_get() here because socket already 
 
 236            holds reference to this module. */
 
 237         __module_get(THIS_MODULE);
 
 240         write_unlock_bh(&rfcomm_dev_lock);
 
 247         tty_register_device(rfcomm_tty_driver, dev->id, NULL);
 
 252 static void rfcomm_dev_del(struct rfcomm_dev *dev)
 
 254         BT_DBG("dev %p", dev);
 
 256         write_lock_bh(&rfcomm_dev_lock);
 
 257         list_del_init(&dev->list);
 
 258         write_unlock_bh(&rfcomm_dev_lock);
 
 263 /* ---- Send buffer ---- */
 
 264 static inline unsigned int rfcomm_room(struct rfcomm_dlc *dlc)
 
 266         /* We can't let it be zero, because we don't get a callback
 
 267            when tx_credits becomes nonzero, hence we'd never wake up */
 
 268         return dlc->mtu * (dlc->tx_credits?:1);
 
 271 static void rfcomm_wfree(struct sk_buff *skb)
 
 273         struct rfcomm_dev *dev = (void *) skb->sk;
 
 274         atomic_sub(skb->truesize, &dev->wmem_alloc);
 
 275         if (test_bit(RFCOMM_TTY_ATTACHED, &dev->flags))
 
 276                 tasklet_schedule(&dev->wakeup_task);
 
 280 static inline void rfcomm_set_owner_w(struct sk_buff *skb, struct rfcomm_dev *dev)
 
 282         rfcomm_dev_hold(dev);
 
 283         atomic_add(skb->truesize, &dev->wmem_alloc);
 
 284         skb->sk = (void *) dev;
 
 285         skb->destructor = rfcomm_wfree;
 
 288 static struct sk_buff *rfcomm_wmalloc(struct rfcomm_dev *dev, unsigned long size, gfp_t priority)
 
 290         if (atomic_read(&dev->wmem_alloc) < rfcomm_room(dev->dlc)) {
 
 291                 struct sk_buff *skb = alloc_skb(size, priority);
 
 293                         rfcomm_set_owner_w(skb, dev);
 
 300 /* ---- Device IOCTLs ---- */
 
 302 #define NOCAP_FLAGS ((1 << RFCOMM_REUSE_DLC) | (1 << RFCOMM_RELEASE_ONHUP))
 
 304 static int rfcomm_create_dev(struct sock *sk, void __user *arg)
 
 306         struct rfcomm_dev_req req;
 
 307         struct rfcomm_dlc *dlc;
 
 310         if (copy_from_user(&req, arg, sizeof(req)))
 
 313         BT_DBG("sk %p dev_id %id flags 0x%x", sk, req.dev_id, req.flags);
 
 315         if (req.flags != NOCAP_FLAGS && !capable(CAP_NET_ADMIN))
 
 318         if (req.flags & (1 << RFCOMM_REUSE_DLC)) {
 
 319                 /* Socket must be connected */
 
 320                 if (sk->sk_state != BT_CONNECTED)
 
 323                 dlc = rfcomm_pi(sk)->dlc;
 
 324                 rfcomm_dlc_hold(dlc);
 
 326                 dlc = rfcomm_dlc_alloc(GFP_KERNEL);
 
 331         id = rfcomm_dev_add(&req, dlc);
 
 337         if (req.flags & (1 << RFCOMM_REUSE_DLC)) {
 
 338                 /* DLC is now used by device.
 
 339                  * Socket must be disconnected */
 
 340                 sk->sk_state = BT_CLOSED;
 
 346 static int rfcomm_release_dev(void __user *arg)
 
 348         struct rfcomm_dev_req req;
 
 349         struct rfcomm_dev *dev;
 
 351         if (copy_from_user(&req, arg, sizeof(req)))
 
 354         BT_DBG("dev_id %id flags 0x%x", req.dev_id, req.flags);
 
 356         if (!(dev = rfcomm_dev_get(req.dev_id)))
 
 359         if (dev->flags != NOCAP_FLAGS && !capable(CAP_NET_ADMIN)) {
 
 364         if (req.flags & (1 << RFCOMM_HANGUP_NOW))
 
 365                 rfcomm_dlc_close(dev->dlc, 0);
 
 372 static int rfcomm_get_dev_list(void __user *arg)
 
 374         struct rfcomm_dev_list_req *dl;
 
 375         struct rfcomm_dev_info *di;
 
 377         int n = 0, size, err;
 
 382         if (get_user(dev_num, (u16 __user *) arg))
 
 385         if (!dev_num || dev_num > (PAGE_SIZE * 4) / sizeof(*di))
 
 388         size = sizeof(*dl) + dev_num * sizeof(*di);
 
 390         if (!(dl = kmalloc(size, GFP_KERNEL)))
 
 395         read_lock_bh(&rfcomm_dev_lock);
 
 397         list_for_each(p, &rfcomm_dev_list) {
 
 398                 struct rfcomm_dev *dev = list_entry(p, struct rfcomm_dev, list);
 
 399                 (di + n)->id      = dev->id;
 
 400                 (di + n)->flags   = dev->flags;
 
 401                 (di + n)->state   = dev->dlc->state;
 
 402                 (di + n)->channel = dev->channel;
 
 403                 bacpy(&(di + n)->src, &dev->src);
 
 404                 bacpy(&(di + n)->dst, &dev->dst);
 
 409         read_unlock_bh(&rfcomm_dev_lock);
 
 412         size = sizeof(*dl) + n * sizeof(*di);
 
 414         err = copy_to_user(arg, dl, size);
 
 417         return err ? -EFAULT : 0;
 
 420 static int rfcomm_get_dev_info(void __user *arg)
 
 422         struct rfcomm_dev *dev;
 
 423         struct rfcomm_dev_info di;
 
 428         if (copy_from_user(&di, arg, sizeof(di)))
 
 431         if (!(dev = rfcomm_dev_get(di.id)))
 
 434         di.flags   = dev->flags;
 
 435         di.channel = dev->channel;
 
 436         di.state   = dev->dlc->state;
 
 437         bacpy(&di.src, &dev->src);
 
 438         bacpy(&di.dst, &dev->dst);
 
 440         if (copy_to_user(arg, &di, sizeof(di)))
 
 447 int rfcomm_dev_ioctl(struct sock *sk, unsigned int cmd, void __user *arg)
 
 449         BT_DBG("cmd %d arg %p", cmd, arg);
 
 452         case RFCOMMCREATEDEV:
 
 453                 return rfcomm_create_dev(sk, arg);
 
 455         case RFCOMMRELEASEDEV:
 
 456                 return rfcomm_release_dev(arg);
 
 458         case RFCOMMGETDEVLIST:
 
 459                 return rfcomm_get_dev_list(arg);
 
 461         case RFCOMMGETDEVINFO:
 
 462                 return rfcomm_get_dev_info(arg);
 
 468 /* ---- DLC callbacks ---- */
 
 469 static void rfcomm_dev_data_ready(struct rfcomm_dlc *dlc, struct sk_buff *skb)
 
 471         struct rfcomm_dev *dev = dlc->owner;
 
 472         struct tty_struct *tty;
 
 474         if (!dev || !(tty = dev->tty)) {
 
 479         BT_DBG("dlc %p tty %p len %d", dlc, tty, skb->len);
 
 481         tty_insert_flip_string(tty, skb->data, skb->len);
 
 482         tty_flip_buffer_push(tty);
 
 487 static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err)
 
 489         struct rfcomm_dev *dev = dlc->owner;
 
 493         BT_DBG("dlc %p dev %p err %d", dlc, dev, err);
 
 496         wake_up_interruptible(&dev->wait);
 
 498         if (dlc->state == BT_CLOSED) {
 
 500                         if (test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags)) {
 
 501                                 rfcomm_dev_hold(dev);
 
 504                                 /* We have to drop DLC lock here, otherwise
 
 505                                    rfcomm_dev_put() will dead lock if it's
 
 506                                    the last reference. */
 
 507                                 rfcomm_dlc_unlock(dlc);
 
 509                                 rfcomm_dlc_lock(dlc);
 
 512                         tty_hangup(dev->tty);
 
 516 static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig)
 
 518         struct rfcomm_dev *dev = dlc->owner;
 
 522         BT_DBG("dlc %p dev %p v24_sig 0x%02x", dlc, dev, v24_sig);
 
 524         if ((dev->modem_status & TIOCM_CD) && !(v24_sig & RFCOMM_V24_DV)) {
 
 525                 if (dev->tty && !C_CLOCAL(dev->tty))
 
 526                         tty_hangup(dev->tty);
 
 530                 ((v24_sig & RFCOMM_V24_RTC) ? (TIOCM_DSR | TIOCM_DTR) : 0) |
 
 531                 ((v24_sig & RFCOMM_V24_RTR) ? (TIOCM_RTS | TIOCM_CTS) : 0) |
 
 532                 ((v24_sig & RFCOMM_V24_IC)  ? TIOCM_RI : 0) |
 
 533                 ((v24_sig & RFCOMM_V24_DV)  ? TIOCM_CD : 0);
 
 536 /* ---- TTY functions ---- */
 
 537 static void rfcomm_tty_wakeup(unsigned long arg)
 
 539         struct rfcomm_dev *dev = (void *) arg;
 
 540         struct tty_struct *tty = dev->tty;
 
 544         BT_DBG("dev %p tty %p", dev, tty);
 
 546         if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags) && tty->ldisc.write_wakeup)
 
 547                 (tty->ldisc.write_wakeup)(tty);
 
 549         wake_up_interruptible(&tty->write_wait);
 
 550 #ifdef SERIAL_HAVE_POLL_WAIT
 
 551         wake_up_interruptible(&tty->poll_wait);
 
 555 static int rfcomm_tty_open(struct tty_struct *tty, struct file *filp)
 
 557         DECLARE_WAITQUEUE(wait, current);
 
 558         struct rfcomm_dev *dev;
 
 559         struct rfcomm_dlc *dlc;
 
 564         BT_DBG("tty %p id %d", tty, id);
 
 566         /* We don't leak this refcount. For reasons which are not entirely
 
 567            clear, the TTY layer will call our ->close() method even if the
 
 568            open fails. We decrease the refcount there, and decreasing it
 
 569            here too would cause breakage. */
 
 570         dev = rfcomm_dev_get(id);
 
 574         BT_DBG("dev %p dst %s channel %d opened %d", dev, batostr(&dev->dst), dev->channel, dev->opened);
 
 576         if (dev->opened++ != 0)
 
 581         /* Attach TTY and open DLC */
 
 583         rfcomm_dlc_lock(dlc);
 
 584         tty->driver_data = dev;
 
 586         rfcomm_dlc_unlock(dlc);
 
 587         set_bit(RFCOMM_TTY_ATTACHED, &dev->flags);
 
 589         err = rfcomm_dlc_open(dlc, &dev->src, &dev->dst, dev->channel);
 
 593         /* Wait for DLC to connect */
 
 594         add_wait_queue(&dev->wait, &wait);
 
 596                 set_current_state(TASK_INTERRUPTIBLE);
 
 598                 if (dlc->state == BT_CLOSED) {
 
 603                 if (dlc->state == BT_CONNECTED)
 
 606                 if (signal_pending(current)) {
 
 613         set_current_state(TASK_RUNNING);
 
 614         remove_wait_queue(&dev->wait, &wait);
 
 619 static void rfcomm_tty_close(struct tty_struct *tty, struct file *filp)
 
 621         struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
 
 625         BT_DBG("tty %p dev %p dlc %p opened %d", tty, dev, dev->dlc, dev->opened);
 
 627         if (--dev->opened == 0) {
 
 628                 /* Close DLC and dettach TTY */
 
 629                 rfcomm_dlc_close(dev->dlc, 0);
 
 631                 clear_bit(RFCOMM_TTY_ATTACHED, &dev->flags);
 
 632                 tasklet_kill(&dev->wakeup_task);
 
 634                 rfcomm_dlc_lock(dev->dlc);
 
 635                 tty->driver_data = NULL;
 
 637                 rfcomm_dlc_unlock(dev->dlc);
 
 643 static int rfcomm_tty_write(struct tty_struct *tty, const unsigned char *buf, int count)
 
 645         struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
 
 646         struct rfcomm_dlc *dlc = dev->dlc;
 
 648         int err = 0, sent = 0, size;
 
 650         BT_DBG("tty %p count %d", tty, count);
 
 653                 size = min_t(uint, count, dlc->mtu);
 
 655                 skb = rfcomm_wmalloc(dev, size + RFCOMM_SKB_RESERVE, GFP_ATOMIC);
 
 660                 skb_reserve(skb, RFCOMM_SKB_HEAD_RESERVE);
 
 662                 memcpy(skb_put(skb, size), buf + sent, size);
 
 664                 if ((err = rfcomm_dlc_send(dlc, skb)) < 0) {
 
 673         return sent ? sent : err;
 
 676 static int rfcomm_tty_write_room(struct tty_struct *tty)
 
 678         struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
 
 681         BT_DBG("tty %p", tty);
 
 683         room = rfcomm_room(dev->dlc) - atomic_read(&dev->wmem_alloc);
 
 689 static int rfcomm_tty_ioctl(struct tty_struct *tty, struct file *filp, unsigned int cmd, unsigned long arg)
 
 691         BT_DBG("tty %p cmd 0x%02x", tty, cmd);
 
 695                 BT_DBG("TCGETS is not supported");
 
 699                 BT_DBG("TCSETS is not supported");
 
 703                 BT_DBG("TIOCMIWAIT");
 
 707                 BT_DBG("TIOCGICOUNT");
 
 711                 BT_ERR("TIOCGSERIAL is not supported");
 
 715                 BT_ERR("TIOCSSERIAL is not supported");
 
 719                 BT_ERR("TIOCSERGSTRUCT is not supported");
 
 723                 BT_ERR("TIOCSERGETLSR is not supported");
 
 727                 BT_ERR("TIOCSERCONFIG is not supported");
 
 731                 return -ENOIOCTLCMD;    /* ioctls which we must ignore */
 
 738 static void rfcomm_tty_set_termios(struct tty_struct *tty, struct termios *old)
 
 740         struct termios *new = (struct termios *) tty->termios;
 
 741         int old_baud_rate = tty_termios_baud_rate(old);
 
 742         int new_baud_rate = tty_termios_baud_rate(new);
 
 744         u8 baud, data_bits, stop_bits, parity, x_on, x_off;
 
 747         struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
 
 749         BT_DBG("tty %p termios %p", tty, old);
 
 751         /* Handle turning off CRTSCTS */
 
 752         if ((old->c_cflag & CRTSCTS) && !(new->c_cflag & CRTSCTS)) 
 
 753                 BT_DBG("Turning off CRTSCTS unsupported");
 
 755         /* Parity on/off and when on, odd/even */
 
 756         if (((old->c_cflag & PARENB) != (new->c_cflag & PARENB)) ||
 
 757                         ((old->c_cflag & PARODD) != (new->c_cflag & PARODD)) ) {
 
 758                 changes |= RFCOMM_RPN_PM_PARITY;
 
 759                 BT_DBG("Parity change detected.");
 
 762         /* Mark and space parity are not supported! */
 
 763         if (new->c_cflag & PARENB) {
 
 764                 if (new->c_cflag & PARODD) {
 
 765                         BT_DBG("Parity is ODD");
 
 766                         parity = RFCOMM_RPN_PARITY_ODD;
 
 768                         BT_DBG("Parity is EVEN");
 
 769                         parity = RFCOMM_RPN_PARITY_EVEN;
 
 772                 BT_DBG("Parity is OFF");
 
 773                 parity = RFCOMM_RPN_PARITY_NONE;
 
 776         /* Setting the x_on / x_off characters */
 
 777         if (old->c_cc[VSTOP] != new->c_cc[VSTOP]) {
 
 778                 BT_DBG("XOFF custom");
 
 779                 x_on = new->c_cc[VSTOP];
 
 780                 changes |= RFCOMM_RPN_PM_XON;
 
 782                 BT_DBG("XOFF default");
 
 783                 x_on = RFCOMM_RPN_XON_CHAR;
 
 786         if (old->c_cc[VSTART] != new->c_cc[VSTART]) {
 
 787                 BT_DBG("XON custom");
 
 788                 x_off = new->c_cc[VSTART];
 
 789                 changes |= RFCOMM_RPN_PM_XOFF;
 
 791                 BT_DBG("XON default");
 
 792                 x_off = RFCOMM_RPN_XOFF_CHAR;
 
 795         /* Handle setting of stop bits */
 
 796         if ((old->c_cflag & CSTOPB) != (new->c_cflag & CSTOPB))
 
 797                 changes |= RFCOMM_RPN_PM_STOP;
 
 799         /* POSIX does not support 1.5 stop bits and RFCOMM does not
 
 800          * support 2 stop bits. So a request for 2 stop bits gets
 
 801          * translated to 1.5 stop bits */
 
 802         if (new->c_cflag & CSTOPB) {
 
 803                 stop_bits = RFCOMM_RPN_STOP_15;
 
 805                 stop_bits = RFCOMM_RPN_STOP_1;
 
 808         /* Handle number of data bits [5-8] */
 
 809         if ((old->c_cflag & CSIZE) != (new->c_cflag & CSIZE)) 
 
 810                 changes |= RFCOMM_RPN_PM_DATA;
 
 812         switch (new->c_cflag & CSIZE) {
 
 814                 data_bits = RFCOMM_RPN_DATA_5;
 
 817                 data_bits = RFCOMM_RPN_DATA_6;
 
 820                 data_bits = RFCOMM_RPN_DATA_7;
 
 823                 data_bits = RFCOMM_RPN_DATA_8;
 
 826                 data_bits = RFCOMM_RPN_DATA_8;
 
 830         /* Handle baudrate settings */
 
 831         if (old_baud_rate != new_baud_rate)
 
 832                 changes |= RFCOMM_RPN_PM_BITRATE;
 
 834         switch (new_baud_rate) {
 
 836                 baud = RFCOMM_RPN_BR_2400;
 
 839                 baud = RFCOMM_RPN_BR_4800;
 
 842                 baud = RFCOMM_RPN_BR_7200;
 
 845                 baud = RFCOMM_RPN_BR_9600;
 
 848                 baud = RFCOMM_RPN_BR_19200;
 
 851                 baud = RFCOMM_RPN_BR_38400;
 
 854                 baud = RFCOMM_RPN_BR_57600;
 
 857                 baud = RFCOMM_RPN_BR_115200;
 
 860                 baud = RFCOMM_RPN_BR_230400;
 
 863                 /* 9600 is standard accordinag to the RFCOMM specification */
 
 864                 baud = RFCOMM_RPN_BR_9600;
 
 870                 rfcomm_send_rpn(dev->dlc->session, 1, dev->dlc->dlci, baud,
 
 871                                 data_bits, stop_bits, parity,
 
 872                                 RFCOMM_RPN_FLOW_NONE, x_on, x_off, changes);
 
 877 static void rfcomm_tty_throttle(struct tty_struct *tty)
 
 879         struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
 
 881         BT_DBG("tty %p dev %p", tty, dev);
 
 883         rfcomm_dlc_throttle(dev->dlc);
 
 886 static void rfcomm_tty_unthrottle(struct tty_struct *tty)
 
 888         struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
 
 890         BT_DBG("tty %p dev %p", tty, dev);
 
 892         rfcomm_dlc_unthrottle(dev->dlc);
 
 895 static int rfcomm_tty_chars_in_buffer(struct tty_struct *tty)
 
 897         struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
 
 898         struct rfcomm_dlc *dlc = dev->dlc;
 
 900         BT_DBG("tty %p dev %p", tty, dev);
 
 902         if (!skb_queue_empty(&dlc->tx_queue))
 
 908 static void rfcomm_tty_flush_buffer(struct tty_struct *tty)
 
 910         struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
 
 914         BT_DBG("tty %p dev %p", tty, dev);
 
 916         skb_queue_purge(&dev->dlc->tx_queue);
 
 918         if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags) && tty->ldisc.write_wakeup)
 
 919                 tty->ldisc.write_wakeup(tty);
 
 922 static void rfcomm_tty_send_xchar(struct tty_struct *tty, char ch)
 
 924         BT_DBG("tty %p ch %c", tty, ch);
 
 927 static void rfcomm_tty_wait_until_sent(struct tty_struct *tty, int timeout)
 
 929         BT_DBG("tty %p timeout %d", tty, timeout);
 
 932 static void rfcomm_tty_hangup(struct tty_struct *tty)
 
 934         struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
 
 938         BT_DBG("tty %p dev %p", tty, dev);
 
 940         rfcomm_tty_flush_buffer(tty);
 
 942         if (test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags))
 
 946 static int rfcomm_tty_read_proc(char *buf, char **start, off_t offset, int len, int *eof, void *unused)
 
 951 static int rfcomm_tty_tiocmget(struct tty_struct *tty, struct file *filp)
 
 953         struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
 
 955         BT_DBG("tty %p dev %p", tty, dev);
 
 957         return dev->modem_status;
 
 960 static int rfcomm_tty_tiocmset(struct tty_struct *tty, struct file *filp, unsigned int set, unsigned int clear)
 
 962         struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
 
 963         struct rfcomm_dlc *dlc = dev->dlc;
 
 966         BT_DBG("tty %p dev %p set 0x%02x clear 0x%02x", tty, dev, set, clear);
 
 968         rfcomm_dlc_get_modem_status(dlc, &v24_sig);
 
 970         if (set & TIOCM_DSR || set & TIOCM_DTR)
 
 971                 v24_sig |= RFCOMM_V24_RTC;
 
 972         if (set & TIOCM_RTS || set & TIOCM_CTS)
 
 973                 v24_sig |= RFCOMM_V24_RTR;
 
 975                 v24_sig |= RFCOMM_V24_IC;
 
 977                 v24_sig |= RFCOMM_V24_DV;
 
 979         if (clear & TIOCM_DSR || clear & TIOCM_DTR)
 
 980                 v24_sig &= ~RFCOMM_V24_RTC;
 
 981         if (clear & TIOCM_RTS || clear & TIOCM_CTS)
 
 982                 v24_sig &= ~RFCOMM_V24_RTR;
 
 983         if (clear & TIOCM_RI)
 
 984                 v24_sig &= ~RFCOMM_V24_IC;
 
 985         if (clear & TIOCM_CD)
 
 986                 v24_sig &= ~RFCOMM_V24_DV;
 
 988         rfcomm_dlc_set_modem_status(dlc, v24_sig);
 
 993 /* ---- TTY structure ---- */
 
 995 static struct tty_operations rfcomm_ops = {
 
 996         .open                   = rfcomm_tty_open,
 
 997         .close                  = rfcomm_tty_close,
 
 998         .write                  = rfcomm_tty_write,
 
 999         .write_room             = rfcomm_tty_write_room,
 
1000         .chars_in_buffer        = rfcomm_tty_chars_in_buffer,
 
1001         .flush_buffer           = rfcomm_tty_flush_buffer,
 
1002         .ioctl                  = rfcomm_tty_ioctl,
 
1003         .throttle               = rfcomm_tty_throttle,
 
1004         .unthrottle             = rfcomm_tty_unthrottle,
 
1005         .set_termios            = rfcomm_tty_set_termios,
 
1006         .send_xchar             = rfcomm_tty_send_xchar,
 
1007         .hangup                 = rfcomm_tty_hangup,
 
1008         .wait_until_sent        = rfcomm_tty_wait_until_sent,
 
1009         .read_proc              = rfcomm_tty_read_proc,
 
1010         .tiocmget               = rfcomm_tty_tiocmget,
 
1011         .tiocmset               = rfcomm_tty_tiocmset,
 
1014 int rfcomm_init_ttys(void)
 
1016         rfcomm_tty_driver = alloc_tty_driver(RFCOMM_TTY_PORTS);
 
1017         if (!rfcomm_tty_driver)
 
1020         rfcomm_tty_driver->owner        = THIS_MODULE;
 
1021         rfcomm_tty_driver->driver_name  = "rfcomm";
 
1022         rfcomm_tty_driver->name         = "rfcomm";
 
1023         rfcomm_tty_driver->major        = RFCOMM_TTY_MAJOR;
 
1024         rfcomm_tty_driver->minor_start  = RFCOMM_TTY_MINOR;
 
1025         rfcomm_tty_driver->type         = TTY_DRIVER_TYPE_SERIAL;
 
1026         rfcomm_tty_driver->subtype      = SERIAL_TYPE_NORMAL;
 
1027         rfcomm_tty_driver->flags        = TTY_DRIVER_REAL_RAW | TTY_DRIVER_DYNAMIC_DEV;
 
1028         rfcomm_tty_driver->init_termios = tty_std_termios;
 
1029         rfcomm_tty_driver->init_termios.c_cflag = B9600 | CS8 | CREAD | HUPCL | CLOCAL;
 
1030         tty_set_operations(rfcomm_tty_driver, &rfcomm_ops);
 
1032         if (tty_register_driver(rfcomm_tty_driver)) {
 
1033                 BT_ERR("Can't register RFCOMM TTY driver");
 
1034                 put_tty_driver(rfcomm_tty_driver);
 
1038         BT_INFO("RFCOMM TTY layer initialized");
 
1043 void rfcomm_cleanup_ttys(void)
 
1045         tty_unregister_driver(rfcomm_tty_driver);
 
1046         put_tty_driver(rfcomm_tty_driver);