2 RFCOMM implementation for Linux Bluetooth stack (BlueZ).
3 Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com>
4 Copyright (C) 2002 Marcel Holtmann <marcel@holtmann.org>
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License version 2 as
8 published by the Free Software Foundation;
10 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
11 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
12 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
13 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
14 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
15 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
17 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
20 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
21 SOFTWARE IS DISCLAIMED.
25 RPN support - Dirk Husemann <hud@zurich.ibm.com>
29 * Bluetooth RFCOMM core.
31 * $Id: core.c,v 1.42 2002/10/01 23:26:25 maxk Exp $
34 #include <linux/config.h>
35 #include <linux/module.h>
36 #include <linux/errno.h>
37 #include <linux/kernel.h>
38 #include <linux/sched.h>
39 #include <linux/signal.h>
40 #include <linux/init.h>
41 #include <linux/wait.h>
42 #include <linux/net.h>
43 #include <linux/proc_fs.h>
44 #include <linux/seq_file.h>
46 #include <asm/uaccess.h>
47 #include <asm/unaligned.h>
49 #include <net/bluetooth/bluetooth.h>
50 #include <net/bluetooth/l2cap.h>
51 #include <net/bluetooth/rfcomm.h>
55 #ifndef CONFIG_BT_RFCOMM_DEBUG
61 struct proc_dir_entry *proc_bt_rfcomm;
64 struct task_struct *rfcomm_thread;
65 DECLARE_MUTEX(rfcomm_sem);
66 unsigned long rfcomm_event;
68 static LIST_HEAD(session_list);
69 static atomic_t terminate, running;
71 static int rfcomm_send_frame(struct rfcomm_session *s, u8 *data, int len);
72 static int rfcomm_send_sabm(struct rfcomm_session *s, u8 dlci);
73 static int rfcomm_send_disc(struct rfcomm_session *s, u8 dlci);
74 static int rfcomm_queue_disc(struct rfcomm_dlc *d);
75 static int rfcomm_send_nsc(struct rfcomm_session *s, int cr, u8 type);
76 static int rfcomm_send_pn(struct rfcomm_session *s, int cr, struct rfcomm_dlc *d);
77 static int rfcomm_send_msc(struct rfcomm_session *s, int cr, u8 dlci, u8 v24_sig);
78 static int rfcomm_send_test(struct rfcomm_session *s, int cr, u8 *pattern, int len);
79 static int rfcomm_send_credits(struct rfcomm_session *s, u8 addr, u8 credits);
80 static void rfcomm_make_uih(struct sk_buff *skb, u8 addr);
82 static void rfcomm_process_connect(struct rfcomm_session *s);
84 /* ---- RFCOMM frame parsing macros ---- */
85 #define __get_dlci(b) ((b & 0xfc) >> 2)
86 #define __get_channel(b) ((b & 0xf8) >> 3)
87 #define __get_dir(b) ((b & 0x04) >> 2)
88 #define __get_type(b) ((b & 0xef))
90 #define __test_ea(b) ((b & 0x01))
91 #define __test_cr(b) ((b & 0x02))
92 #define __test_pf(b) ((b & 0x10))
94 #define __addr(cr, dlci) (((dlci & 0x3f) << 2) | (cr << 1) | 0x01)
95 #define __ctrl(type, pf) (((type & 0xef) | (pf << 4)))
96 #define __dlci(dir, chn) (((chn & 0x1f) << 1) | dir)
97 #define __srv_channel(dlci) (dlci >> 1)
98 #define __dir(dlci) (dlci & 0x01)
100 #define __len8(len) (((len) << 1) | 1)
101 #define __len16(len) ((len) << 1)
104 #define __mcc_type(cr, type) (((type << 2) | (cr << 1) | 0x01))
105 #define __get_mcc_type(b) ((b & 0xfc) >> 2)
106 #define __get_mcc_len(b) ((b & 0xfe) >> 1)
109 #define __rpn_line_settings(data, stop, parity) ((data & 0x3) | ((stop & 0x1) << 2) | ((parity & 0x3) << 3))
110 #define __get_rpn_data_bits(line) ((line) & 0x3)
111 #define __get_rpn_stop_bits(line) (((line) >> 2) & 0x1)
112 #define __get_rpn_parity(line) (((line) >> 3) & 0x3)
114 /* ---- RFCOMM FCS computation ---- */
117 #define __crc(data) (rfcomm_crc_table[rfcomm_crc_table[0xff ^ data[0]] ^ data[1]])
120 static inline u8 __fcs(u8 *data)
122 return (0xff - __crc(data));
126 static inline u8 __fcs2(u8 *data)
128 return (0xff - rfcomm_crc_table[__crc(data) ^ data[2]]);
132 static inline int __check_fcs(u8 *data, int type, u8 fcs)
136 if (type != RFCOMM_UIH)
137 f = rfcomm_crc_table[f ^ data[2]];
139 return rfcomm_crc_table[f ^ fcs] != 0xcf;
142 /* ---- L2CAP callbacks ---- */
143 static void rfcomm_l2state_change(struct sock *sk)
145 BT_DBG("%p state %d", sk, sk->sk_state);
146 rfcomm_schedule(RFCOMM_SCHED_STATE);
149 static void rfcomm_l2data_ready(struct sock *sk, int bytes)
151 BT_DBG("%p bytes %d", sk, bytes);
152 rfcomm_schedule(RFCOMM_SCHED_RX);
155 static int rfcomm_l2sock_create(struct socket **sock)
161 err = sock_create_kern(PF_BLUETOOTH, SOCK_SEQPACKET, BTPROTO_L2CAP, sock);
163 struct sock *sk = (*sock)->sk;
164 sk->sk_data_ready = rfcomm_l2data_ready;
165 sk->sk_state_change = rfcomm_l2state_change;
170 /* ---- RFCOMM DLCs ---- */
171 static void rfcomm_dlc_timeout(unsigned long arg)
173 struct rfcomm_dlc *d = (void *) arg;
175 BT_DBG("dlc %p state %ld", d, d->state);
177 set_bit(RFCOMM_TIMED_OUT, &d->flags);
179 rfcomm_schedule(RFCOMM_SCHED_TIMEO);
182 static void rfcomm_dlc_set_timer(struct rfcomm_dlc *d, long timeout)
184 BT_DBG("dlc %p state %ld timeout %ld", d, d->state, timeout);
186 if (!mod_timer(&d->timer, jiffies + timeout))
190 static void rfcomm_dlc_clear_timer(struct rfcomm_dlc *d)
192 BT_DBG("dlc %p state %ld", d, d->state);
194 if (timer_pending(&d->timer) && del_timer(&d->timer))
198 static void rfcomm_dlc_clear_state(struct rfcomm_dlc *d)
205 d->mtu = RFCOMM_DEFAULT_MTU;
206 d->v24_sig = RFCOMM_V24_RTC | RFCOMM_V24_RTR | RFCOMM_V24_DV;
208 d->cfc = RFCOMM_CFC_DISABLED;
209 d->rx_credits = RFCOMM_DEFAULT_CREDITS;
212 struct rfcomm_dlc *rfcomm_dlc_alloc(int prio)
214 struct rfcomm_dlc *d = kmalloc(sizeof(*d), prio);
217 memset(d, 0, sizeof(*d));
219 init_timer(&d->timer);
220 d->timer.function = rfcomm_dlc_timeout;
221 d->timer.data = (unsigned long) d;
223 skb_queue_head_init(&d->tx_queue);
224 spin_lock_init(&d->lock);
225 atomic_set(&d->refcnt, 1);
227 rfcomm_dlc_clear_state(d);
233 void rfcomm_dlc_free(struct rfcomm_dlc *d)
237 skb_queue_purge(&d->tx_queue);
241 static void rfcomm_dlc_link(struct rfcomm_session *s, struct rfcomm_dlc *d)
243 BT_DBG("dlc %p session %p", d, s);
245 rfcomm_session_hold(s);
248 list_add(&d->list, &s->dlcs);
252 static void rfcomm_dlc_unlink(struct rfcomm_dlc *d)
254 struct rfcomm_session *s = d->session;
256 BT_DBG("dlc %p refcnt %d session %p", d, atomic_read(&d->refcnt), s);
262 rfcomm_session_put(s);
265 static struct rfcomm_dlc *rfcomm_dlc_get(struct rfcomm_session *s, u8 dlci)
267 struct rfcomm_dlc *d;
270 list_for_each(p, &s->dlcs) {
271 d = list_entry(p, struct rfcomm_dlc, list);
278 static int __rfcomm_dlc_open(struct rfcomm_dlc *d, bdaddr_t *src, bdaddr_t *dst, u8 channel)
280 struct rfcomm_session *s;
284 BT_DBG("dlc %p state %ld %s %s channel %d",
285 d, d->state, batostr(src), batostr(dst), channel);
287 if (channel < 1 || channel > 30)
290 if (d->state != BT_OPEN && d->state != BT_CLOSED)
293 s = rfcomm_session_get(src, dst);
295 s = rfcomm_session_create(src, dst, &err);
300 dlci = __dlci(!s->initiator, channel);
302 /* Check if DLCI already exists */
303 if (rfcomm_dlc_get(s, dlci))
306 rfcomm_dlc_clear_state(d);
309 d->addr = __addr(s->initiator, dlci);
312 d->state = BT_CONFIG;
313 rfcomm_dlc_link(s, d);
316 d->cfc = (s->cfc == RFCOMM_CFC_UNKNOWN) ? 0 : s->cfc;
318 if (s->state == BT_CONNECTED)
319 rfcomm_send_pn(s, 1, d);
320 rfcomm_dlc_set_timer(d, RFCOMM_CONN_TIMEOUT);
324 int rfcomm_dlc_open(struct rfcomm_dlc *d, bdaddr_t *src, bdaddr_t *dst, u8 channel)
330 r = __rfcomm_dlc_open(d, src, dst, channel);
336 static int __rfcomm_dlc_close(struct rfcomm_dlc *d, int err)
338 struct rfcomm_session *s = d->session;
342 BT_DBG("dlc %p state %ld dlci %d err %d session %p",
343 d, d->state, d->dlci, err, s);
349 d->state = BT_DISCONN;
350 if (skb_queue_empty(&d->tx_queue)) {
351 rfcomm_send_disc(s, d->dlci);
352 rfcomm_dlc_set_timer(d, RFCOMM_DISC_TIMEOUT);
354 rfcomm_queue_disc(d);
355 rfcomm_dlc_set_timer(d, RFCOMM_DISC_TIMEOUT * 2);
360 rfcomm_dlc_clear_timer(d);
363 d->state = BT_CLOSED;
364 d->state_change(d, err);
365 rfcomm_dlc_unlock(d);
367 skb_queue_purge(&d->tx_queue);
368 rfcomm_dlc_unlink(d);
374 int rfcomm_dlc_close(struct rfcomm_dlc *d, int err)
380 r = __rfcomm_dlc_close(d, err);
386 int rfcomm_dlc_send(struct rfcomm_dlc *d, struct sk_buff *skb)
390 if (d->state != BT_CONNECTED)
393 BT_DBG("dlc %p mtu %d len %d", d, d->mtu, len);
398 rfcomm_make_uih(skb, d->addr);
399 skb_queue_tail(&d->tx_queue, skb);
401 if (!test_bit(RFCOMM_TX_THROTTLED, &d->flags))
402 rfcomm_schedule(RFCOMM_SCHED_TX);
406 void fastcall __rfcomm_dlc_throttle(struct rfcomm_dlc *d)
408 BT_DBG("dlc %p state %ld", d, d->state);
411 d->v24_sig |= RFCOMM_V24_FC;
412 set_bit(RFCOMM_MSC_PENDING, &d->flags);
414 rfcomm_schedule(RFCOMM_SCHED_TX);
417 void fastcall __rfcomm_dlc_unthrottle(struct rfcomm_dlc *d)
419 BT_DBG("dlc %p state %ld", d, d->state);
422 d->v24_sig &= ~RFCOMM_V24_FC;
423 set_bit(RFCOMM_MSC_PENDING, &d->flags);
425 rfcomm_schedule(RFCOMM_SCHED_TX);
429 Set/get modem status functions use _local_ status i.e. what we report
431 Remote status is provided by dlc->modem_status() callback.
433 int rfcomm_dlc_set_modem_status(struct rfcomm_dlc *d, u8 v24_sig)
435 BT_DBG("dlc %p state %ld v24_sig 0x%x",
436 d, d->state, v24_sig);
438 if (test_bit(RFCOMM_RX_THROTTLED, &d->flags))
439 v24_sig |= RFCOMM_V24_FC;
441 v24_sig &= ~RFCOMM_V24_FC;
443 d->v24_sig = v24_sig;
445 if (!test_and_set_bit(RFCOMM_MSC_PENDING, &d->flags))
446 rfcomm_schedule(RFCOMM_SCHED_TX);
451 int rfcomm_dlc_get_modem_status(struct rfcomm_dlc *d, u8 *v24_sig)
453 BT_DBG("dlc %p state %ld v24_sig 0x%x",
454 d, d->state, d->v24_sig);
456 *v24_sig = d->v24_sig;
460 /* ---- RFCOMM sessions ---- */
461 struct rfcomm_session *rfcomm_session_add(struct socket *sock, int state)
463 struct rfcomm_session *s = kmalloc(sizeof(*s), GFP_KERNEL);
466 memset(s, 0, sizeof(*s));
468 BT_DBG("session %p sock %p", s, sock);
470 INIT_LIST_HEAD(&s->dlcs);
474 s->mtu = RFCOMM_DEFAULT_MTU;
475 s->cfc = RFCOMM_CFC_UNKNOWN;
477 /* Do not increment module usage count for listening sessions.
478 * Otherwise we won't be able to unload the module. */
479 if (state != BT_LISTEN)
480 if (!try_module_get(THIS_MODULE)) {
485 list_add(&s->list, &session_list);
490 void rfcomm_session_del(struct rfcomm_session *s)
492 int state = s->state;
494 BT_DBG("session %p state %ld", s, s->state);
498 if (state == BT_CONNECTED)
499 rfcomm_send_disc(s, 0);
501 sock_release(s->sock);
504 if (state != BT_LISTEN)
505 module_put(THIS_MODULE);
508 struct rfcomm_session *rfcomm_session_get(bdaddr_t *src, bdaddr_t *dst)
510 struct rfcomm_session *s;
511 struct list_head *p, *n;
513 list_for_each_safe(p, n, &session_list) {
514 s = list_entry(p, struct rfcomm_session, list);
515 sk = bt_sk(s->sock->sk);
517 if ((!bacmp(src, BDADDR_ANY) || !bacmp(&sk->src, src)) &&
518 !bacmp(&sk->dst, dst))
524 void rfcomm_session_close(struct rfcomm_session *s, int err)
526 struct rfcomm_dlc *d;
527 struct list_head *p, *n;
529 BT_DBG("session %p state %ld err %d", s, s->state, err);
531 rfcomm_session_hold(s);
533 s->state = BT_CLOSED;
536 list_for_each_safe(p, n, &s->dlcs) {
537 d = list_entry(p, struct rfcomm_dlc, list);
538 d->state = BT_CLOSED;
539 __rfcomm_dlc_close(d, err);
542 rfcomm_session_put(s);
545 struct rfcomm_session *rfcomm_session_create(bdaddr_t *src, bdaddr_t *dst, int *err)
547 struct rfcomm_session *s = NULL;
548 struct sockaddr_l2 addr;
552 BT_DBG("%s %s", batostr(src), batostr(dst));
554 *err = rfcomm_l2sock_create(&sock);
558 bacpy(&addr.l2_bdaddr, src);
559 addr.l2_family = AF_BLUETOOTH;
561 *err = sock->ops->bind(sock, (struct sockaddr *) &addr, sizeof(addr));
565 /* Set L2CAP options */
568 l2cap_pi(sk)->imtu = RFCOMM_MAX_L2CAP_MTU;
571 s = rfcomm_session_add(sock, BT_BOUND);
579 bacpy(&addr.l2_bdaddr, dst);
580 addr.l2_family = AF_BLUETOOTH;
581 addr.l2_psm = htobs(RFCOMM_PSM);
582 *err = sock->ops->connect(sock, (struct sockaddr *) &addr, sizeof(addr), O_NONBLOCK);
583 if (*err == 0 || *err == -EAGAIN)
586 rfcomm_session_del(s);
594 void rfcomm_session_getaddr(struct rfcomm_session *s, bdaddr_t *src, bdaddr_t *dst)
596 struct sock *sk = s->sock->sk;
598 bacpy(src, &bt_sk(sk)->src);
600 bacpy(dst, &bt_sk(sk)->dst);
603 /* ---- RFCOMM frame sending ---- */
604 static int rfcomm_send_frame(struct rfcomm_session *s, u8 *data, int len)
606 struct socket *sock = s->sock;
607 struct kvec iv = { data, len };
610 BT_DBG("session %p len %d", s, len);
612 memset(&msg, 0, sizeof(msg));
614 return kernel_sendmsg(sock, &msg, &iv, 1, len);
617 static int rfcomm_send_sabm(struct rfcomm_session *s, u8 dlci)
619 struct rfcomm_cmd cmd;
621 BT_DBG("%p dlci %d", s, dlci);
623 cmd.addr = __addr(s->initiator, dlci);
624 cmd.ctrl = __ctrl(RFCOMM_SABM, 1);
626 cmd.fcs = __fcs2((u8 *) &cmd);
628 return rfcomm_send_frame(s, (void *) &cmd, sizeof(cmd));
631 static int rfcomm_send_ua(struct rfcomm_session *s, u8 dlci)
633 struct rfcomm_cmd cmd;
635 BT_DBG("%p dlci %d", s, dlci);
637 cmd.addr = __addr(!s->initiator, dlci);
638 cmd.ctrl = __ctrl(RFCOMM_UA, 1);
640 cmd.fcs = __fcs2((u8 *) &cmd);
642 return rfcomm_send_frame(s, (void *) &cmd, sizeof(cmd));
645 static int rfcomm_send_disc(struct rfcomm_session *s, u8 dlci)
647 struct rfcomm_cmd cmd;
649 BT_DBG("%p dlci %d", s, dlci);
651 cmd.addr = __addr(s->initiator, dlci);
652 cmd.ctrl = __ctrl(RFCOMM_DISC, 1);
654 cmd.fcs = __fcs2((u8 *) &cmd);
656 return rfcomm_send_frame(s, (void *) &cmd, sizeof(cmd));
659 static int rfcomm_queue_disc(struct rfcomm_dlc *d)
661 struct rfcomm_cmd *cmd;
664 BT_DBG("dlc %p dlci %d", d, d->dlci);
666 skb = alloc_skb(sizeof(*cmd), GFP_KERNEL);
670 cmd = (void *) __skb_put(skb, sizeof(*cmd));
672 cmd->ctrl = __ctrl(RFCOMM_DISC, 1);
673 cmd->len = __len8(0);
674 cmd->fcs = __fcs2((u8 *) cmd);
676 skb_queue_tail(&d->tx_queue, skb);
677 rfcomm_schedule(RFCOMM_SCHED_TX);
681 static int rfcomm_send_dm(struct rfcomm_session *s, u8 dlci)
683 struct rfcomm_cmd cmd;
685 BT_DBG("%p dlci %d", s, dlci);
687 cmd.addr = __addr(!s->initiator, dlci);
688 cmd.ctrl = __ctrl(RFCOMM_DM, 1);
690 cmd.fcs = __fcs2((u8 *) &cmd);
692 return rfcomm_send_frame(s, (void *) &cmd, sizeof(cmd));
695 static int rfcomm_send_nsc(struct rfcomm_session *s, int cr, u8 type)
697 struct rfcomm_hdr *hdr;
698 struct rfcomm_mcc *mcc;
699 u8 buf[16], *ptr = buf;
701 BT_DBG("%p cr %d type %d", s, cr, type);
703 hdr = (void *) ptr; ptr += sizeof(*hdr);
704 hdr->addr = __addr(s->initiator, 0);
705 hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
706 hdr->len = __len8(sizeof(*mcc) + 1);
708 mcc = (void *) ptr; ptr += sizeof(*mcc);
709 mcc->type = __mcc_type(cr, RFCOMM_NSC);
710 mcc->len = __len8(1);
712 /* Type that we didn't like */
713 *ptr = __mcc_type(cr, type); ptr++;
715 *ptr = __fcs(buf); ptr++;
717 return rfcomm_send_frame(s, buf, ptr - buf);
720 static int rfcomm_send_pn(struct rfcomm_session *s, int cr, struct rfcomm_dlc *d)
722 struct rfcomm_hdr *hdr;
723 struct rfcomm_mcc *mcc;
724 struct rfcomm_pn *pn;
725 u8 buf[16], *ptr = buf;
727 BT_DBG("%p cr %d dlci %d mtu %d", s, cr, d->dlci, d->mtu);
729 hdr = (void *) ptr; ptr += sizeof(*hdr);
730 hdr->addr = __addr(s->initiator, 0);
731 hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
732 hdr->len = __len8(sizeof(*mcc) + sizeof(*pn));
734 mcc = (void *) ptr; ptr += sizeof(*mcc);
735 mcc->type = __mcc_type(cr, RFCOMM_PN);
736 mcc->len = __len8(sizeof(*pn));
738 pn = (void *) ptr; ptr += sizeof(*pn);
740 pn->priority = d->priority;
745 pn->flow_ctrl = cr ? 0xf0 : 0xe0;
746 pn->credits = RFCOMM_DEFAULT_CREDITS;
752 pn->mtu = htobs(d->mtu);
754 *ptr = __fcs(buf); ptr++;
756 return rfcomm_send_frame(s, buf, ptr - buf);
759 static int rfcomm_send_rpn(struct rfcomm_session *s, int cr, u8 dlci,
760 u8 bit_rate, u8 data_bits, u8 stop_bits,
761 u8 parity, u8 flow_ctrl_settings,
762 u8 xon_char, u8 xoff_char, u16 param_mask)
764 struct rfcomm_hdr *hdr;
765 struct rfcomm_mcc *mcc;
766 struct rfcomm_rpn *rpn;
767 u8 buf[16], *ptr = buf;
769 BT_DBG("%p cr %d dlci %d bit_r 0x%x data_b 0x%x stop_b 0x%x parity 0x%x"
770 "flwc_s 0x%x xon_c 0x%x xoff_c 0x%x p_mask 0x%x",
771 s, cr, dlci, bit_rate, data_bits, stop_bits, parity,
772 flow_ctrl_settings, xon_char, xoff_char, param_mask);
774 hdr = (void *) ptr; ptr += sizeof(*hdr);
775 hdr->addr = __addr(s->initiator, 0);
776 hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
777 hdr->len = __len8(sizeof(*mcc) + sizeof(*rpn));
779 mcc = (void *) ptr; ptr += sizeof(*mcc);
780 mcc->type = __mcc_type(cr, RFCOMM_RPN);
781 mcc->len = __len8(sizeof(*rpn));
783 rpn = (void *) ptr; ptr += sizeof(*rpn);
784 rpn->dlci = __addr(1, dlci);
785 rpn->bit_rate = bit_rate;
786 rpn->line_settings = __rpn_line_settings(data_bits, stop_bits, parity);
787 rpn->flow_ctrl = flow_ctrl_settings;
788 rpn->xon_char = xon_char;
789 rpn->xoff_char = xoff_char;
790 rpn->param_mask = param_mask;
792 *ptr = __fcs(buf); ptr++;
794 return rfcomm_send_frame(s, buf, ptr - buf);
797 static int rfcomm_send_rls(struct rfcomm_session *s, int cr, u8 dlci, u8 status)
799 struct rfcomm_hdr *hdr;
800 struct rfcomm_mcc *mcc;
801 struct rfcomm_rls *rls;
802 u8 buf[16], *ptr = buf;
804 BT_DBG("%p cr %d status 0x%x", s, cr, status);
806 hdr = (void *) ptr; ptr += sizeof(*hdr);
807 hdr->addr = __addr(s->initiator, 0);
808 hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
809 hdr->len = __len8(sizeof(*mcc) + sizeof(*rls));
811 mcc = (void *) ptr; ptr += sizeof(*mcc);
812 mcc->type = __mcc_type(cr, RFCOMM_RLS);
813 mcc->len = __len8(sizeof(*rls));
815 rls = (void *) ptr; ptr += sizeof(*rls);
816 rls->dlci = __addr(1, dlci);
817 rls->status = status;
819 *ptr = __fcs(buf); ptr++;
821 return rfcomm_send_frame(s, buf, ptr - buf);
824 static int rfcomm_send_msc(struct rfcomm_session *s, int cr, u8 dlci, u8 v24_sig)
826 struct rfcomm_hdr *hdr;
827 struct rfcomm_mcc *mcc;
828 struct rfcomm_msc *msc;
829 u8 buf[16], *ptr = buf;
831 BT_DBG("%p cr %d v24 0x%x", s, cr, v24_sig);
833 hdr = (void *) ptr; ptr += sizeof(*hdr);
834 hdr->addr = __addr(s->initiator, 0);
835 hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
836 hdr->len = __len8(sizeof(*mcc) + sizeof(*msc));
838 mcc = (void *) ptr; ptr += sizeof(*mcc);
839 mcc->type = __mcc_type(cr, RFCOMM_MSC);
840 mcc->len = __len8(sizeof(*msc));
842 msc = (void *) ptr; ptr += sizeof(*msc);
843 msc->dlci = __addr(1, dlci);
844 msc->v24_sig = v24_sig | 0x01;
846 *ptr = __fcs(buf); ptr++;
848 return rfcomm_send_frame(s, buf, ptr - buf);
851 static int rfcomm_send_fcoff(struct rfcomm_session *s, int cr)
853 struct rfcomm_hdr *hdr;
854 struct rfcomm_mcc *mcc;
855 u8 buf[16], *ptr = buf;
857 BT_DBG("%p cr %d", s, cr);
859 hdr = (void *) ptr; ptr += sizeof(*hdr);
860 hdr->addr = __addr(s->initiator, 0);
861 hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
862 hdr->len = __len8(sizeof(*mcc));
864 mcc = (void *) ptr; ptr += sizeof(*mcc);
865 mcc->type = __mcc_type(cr, RFCOMM_FCOFF);
866 mcc->len = __len8(0);
868 *ptr = __fcs(buf); ptr++;
870 return rfcomm_send_frame(s, buf, ptr - buf);
873 static int rfcomm_send_fcon(struct rfcomm_session *s, int cr)
875 struct rfcomm_hdr *hdr;
876 struct rfcomm_mcc *mcc;
877 u8 buf[16], *ptr = buf;
879 BT_DBG("%p cr %d", s, cr);
881 hdr = (void *) ptr; ptr += sizeof(*hdr);
882 hdr->addr = __addr(s->initiator, 0);
883 hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
884 hdr->len = __len8(sizeof(*mcc));
886 mcc = (void *) ptr; ptr += sizeof(*mcc);
887 mcc->type = __mcc_type(cr, RFCOMM_FCON);
888 mcc->len = __len8(0);
890 *ptr = __fcs(buf); ptr++;
892 return rfcomm_send_frame(s, buf, ptr - buf);
895 static int rfcomm_send_test(struct rfcomm_session *s, int cr, u8 *pattern, int len)
897 struct socket *sock = s->sock;
900 unsigned char hdr[5], crc[1];
905 BT_DBG("%p cr %d", s, cr);
907 hdr[0] = __addr(s->initiator, 0);
908 hdr[1] = __ctrl(RFCOMM_UIH, 0);
909 hdr[2] = 0x01 | ((len + 2) << 1);
910 hdr[3] = 0x01 | ((cr & 0x01) << 1) | (RFCOMM_TEST << 2);
911 hdr[4] = 0x01 | (len << 1);
915 iv[0].iov_base = hdr;
917 iv[1].iov_base = pattern;
919 iv[2].iov_base = crc;
922 memset(&msg, 0, sizeof(msg));
924 return kernel_sendmsg(sock, &msg, iv, 3, 6 + len);
927 static int rfcomm_send_credits(struct rfcomm_session *s, u8 addr, u8 credits)
929 struct rfcomm_hdr *hdr;
930 u8 buf[16], *ptr = buf;
932 BT_DBG("%p addr %d credits %d", s, addr, credits);
934 hdr = (void *) ptr; ptr += sizeof(*hdr);
936 hdr->ctrl = __ctrl(RFCOMM_UIH, 1);
937 hdr->len = __len8(0);
939 *ptr = credits; ptr++;
941 *ptr = __fcs(buf); ptr++;
943 return rfcomm_send_frame(s, buf, ptr - buf);
946 static void rfcomm_make_uih(struct sk_buff *skb, u8 addr)
948 struct rfcomm_hdr *hdr;
953 hdr = (void *) skb_push(skb, 4);
954 put_unaligned(htobs(__len16(len)), (u16 *) &hdr->len);
956 hdr = (void *) skb_push(skb, 3);
957 hdr->len = __len8(len);
960 hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
962 crc = skb_put(skb, 1);
963 *crc = __fcs((void *) hdr);
966 /* ---- RFCOMM frame reception ---- */
967 static int rfcomm_recv_ua(struct rfcomm_session *s, u8 dlci)
969 BT_DBG("session %p state %ld dlci %d", s, s->state, dlci);
973 struct rfcomm_dlc *d = rfcomm_dlc_get(s, dlci);
975 rfcomm_send_dm(s, dlci);
981 rfcomm_dlc_clear_timer(d);
984 d->state = BT_CONNECTED;
985 d->state_change(d, 0);
986 rfcomm_dlc_unlock(d);
988 rfcomm_send_msc(s, 1, dlci, d->v24_sig);
992 d->state = BT_CLOSED;
993 __rfcomm_dlc_close(d, 0);
997 /* Control channel */
1000 s->state = BT_CONNECTED;
1001 rfcomm_process_connect(s);
1008 static int rfcomm_recv_dm(struct rfcomm_session *s, u8 dlci)
1012 BT_DBG("session %p state %ld dlci %d", s, s->state, dlci);
1016 struct rfcomm_dlc *d = rfcomm_dlc_get(s, dlci);
1018 if (d->state == BT_CONNECT || d->state == BT_CONFIG)
1023 d->state = BT_CLOSED;
1024 __rfcomm_dlc_close(d, err);
1027 if (s->state == BT_CONNECT)
1032 s->state = BT_CLOSED;
1033 rfcomm_session_close(s, err);
1038 static int rfcomm_recv_disc(struct rfcomm_session *s, u8 dlci)
1042 BT_DBG("session %p state %ld dlci %d", s, s->state, dlci);
1045 struct rfcomm_dlc *d = rfcomm_dlc_get(s, dlci);
1047 rfcomm_send_ua(s, dlci);
1049 if (d->state == BT_CONNECT || d->state == BT_CONFIG)
1054 d->state = BT_CLOSED;
1055 __rfcomm_dlc_close(d, err);
1057 rfcomm_send_dm(s, dlci);
1060 rfcomm_send_ua(s, 0);
1062 if (s->state == BT_CONNECT)
1067 s->state = BT_CLOSED;
1068 rfcomm_session_close(s, err);
1074 static int rfcomm_recv_sabm(struct rfcomm_session *s, u8 dlci)
1076 struct rfcomm_dlc *d;
1079 BT_DBG("session %p state %ld dlci %d", s, s->state, dlci);
1082 rfcomm_send_ua(s, 0);
1084 if (s->state == BT_OPEN) {
1085 s->state = BT_CONNECTED;
1086 rfcomm_process_connect(s);
1091 /* Check if DLC exists */
1092 d = rfcomm_dlc_get(s, dlci);
1094 if (d->state == BT_OPEN) {
1095 /* DLC was previously opened by PN request */
1096 rfcomm_send_ua(s, dlci);
1099 d->state = BT_CONNECTED;
1100 d->state_change(d, 0);
1101 rfcomm_dlc_unlock(d);
1103 rfcomm_send_msc(s, 1, dlci, d->v24_sig);
1108 /* Notify socket layer about incoming connection */
1109 channel = __srv_channel(dlci);
1110 if (rfcomm_connect_ind(s, channel, &d)) {
1112 d->addr = __addr(s->initiator, dlci);
1113 rfcomm_dlc_link(s, d);
1115 rfcomm_send_ua(s, dlci);
1118 d->state = BT_CONNECTED;
1119 d->state_change(d, 0);
1120 rfcomm_dlc_unlock(d);
1122 rfcomm_send_msc(s, 1, dlci, d->v24_sig);
1124 rfcomm_send_dm(s, dlci);
1130 static int rfcomm_apply_pn(struct rfcomm_dlc *d, int cr, struct rfcomm_pn *pn)
1132 struct rfcomm_session *s = d->session;
1134 BT_DBG("dlc %p state %ld dlci %d mtu %d fc 0x%x credits %d",
1135 d, d->state, d->dlci, pn->mtu, pn->flow_ctrl, pn->credits);
1137 if (pn->flow_ctrl == 0xf0 || pn->flow_ctrl == 0xe0) {
1138 d->cfc = s->cfc = RFCOMM_CFC_ENABLED;
1139 d->tx_credits = pn->credits;
1141 d->cfc = s->cfc = RFCOMM_CFC_DISABLED;
1142 set_bit(RFCOMM_TX_THROTTLED, &d->flags);
1145 d->priority = pn->priority;
1147 d->mtu = s->mtu = btohs(pn->mtu);
1152 static int rfcomm_recv_pn(struct rfcomm_session *s, int cr, struct sk_buff *skb)
1154 struct rfcomm_pn *pn = (void *) skb->data;
1155 struct rfcomm_dlc *d;
1158 BT_DBG("session %p state %ld dlci %d", s, s->state, dlci);
1163 d = rfcomm_dlc_get(s, dlci);
1167 rfcomm_apply_pn(d, cr, pn);
1168 rfcomm_send_pn(s, 0, d);
1173 rfcomm_apply_pn(d, cr, pn);
1175 d->state = BT_CONNECT;
1176 rfcomm_send_sabm(s, d->dlci);
1181 u8 channel = __srv_channel(dlci);
1186 /* PN request for non existing DLC.
1187 * Assume incoming connection. */
1188 if (rfcomm_connect_ind(s, channel, &d)) {
1190 d->addr = __addr(s->initiator, dlci);
1191 rfcomm_dlc_link(s, d);
1193 rfcomm_apply_pn(d, cr, pn);
1196 rfcomm_send_pn(s, 0, d);
1198 rfcomm_send_dm(s, dlci);
1204 static int rfcomm_recv_rpn(struct rfcomm_session *s, int cr, int len, struct sk_buff *skb)
1206 struct rfcomm_rpn *rpn = (void *) skb->data;
1207 u8 dlci = __get_dlci(rpn->dlci);
1216 u16 rpn_mask = RFCOMM_RPN_PM_ALL;
1218 BT_DBG("dlci %d cr %d len 0x%x bitr 0x%x line 0x%x flow 0x%x xonc 0x%x xoffc 0x%x pm 0x%x",
1219 dlci, cr, len, rpn->bit_rate, rpn->line_settings, rpn->flow_ctrl,
1220 rpn->xon_char, rpn->xoff_char, rpn->param_mask);
1226 /* request: return default setting */
1227 bit_rate = RFCOMM_RPN_BR_115200;
1228 data_bits = RFCOMM_RPN_DATA_8;
1229 stop_bits = RFCOMM_RPN_STOP_1;
1230 parity = RFCOMM_RPN_PARITY_NONE;
1231 flow_ctrl = RFCOMM_RPN_FLOW_NONE;
1232 xon_char = RFCOMM_RPN_XON_CHAR;
1233 xoff_char = RFCOMM_RPN_XOFF_CHAR;
1237 /* check for sane values: ignore/accept bit_rate, 8 bits, 1 stop bit, no parity,
1238 no flow control lines, normal XON/XOFF chars */
1239 if (rpn->param_mask & RFCOMM_RPN_PM_BITRATE) {
1240 bit_rate = rpn->bit_rate;
1241 if (bit_rate != RFCOMM_RPN_BR_115200) {
1242 BT_DBG("RPN bit rate mismatch 0x%x", bit_rate);
1243 bit_rate = RFCOMM_RPN_BR_115200;
1244 rpn_mask ^= RFCOMM_RPN_PM_BITRATE;
1247 if (rpn->param_mask & RFCOMM_RPN_PM_DATA) {
1248 data_bits = __get_rpn_data_bits(rpn->line_settings);
1249 if (data_bits != RFCOMM_RPN_DATA_8) {
1250 BT_DBG("RPN data bits mismatch 0x%x", data_bits);
1251 data_bits = RFCOMM_RPN_DATA_8;
1252 rpn_mask ^= RFCOMM_RPN_PM_DATA;
1255 if (rpn->param_mask & RFCOMM_RPN_PM_STOP) {
1256 stop_bits = __get_rpn_stop_bits(rpn->line_settings);
1257 if (stop_bits != RFCOMM_RPN_STOP_1) {
1258 BT_DBG("RPN stop bits mismatch 0x%x", stop_bits);
1259 stop_bits = RFCOMM_RPN_STOP_1;
1260 rpn_mask ^= RFCOMM_RPN_PM_STOP;
1263 if (rpn->param_mask & RFCOMM_RPN_PM_PARITY) {
1264 parity = __get_rpn_parity(rpn->line_settings);
1265 if (parity != RFCOMM_RPN_PARITY_NONE) {
1266 BT_DBG("RPN parity mismatch 0x%x", parity);
1267 parity = RFCOMM_RPN_PARITY_NONE;
1268 rpn_mask ^= RFCOMM_RPN_PM_PARITY;
1271 if (rpn->param_mask & RFCOMM_RPN_PM_FLOW) {
1272 flow_ctrl = rpn->flow_ctrl;
1273 if (flow_ctrl != RFCOMM_RPN_FLOW_NONE) {
1274 BT_DBG("RPN flow ctrl mismatch 0x%x", flow_ctrl);
1275 flow_ctrl = RFCOMM_RPN_FLOW_NONE;
1276 rpn_mask ^= RFCOMM_RPN_PM_FLOW;
1279 if (rpn->param_mask & RFCOMM_RPN_PM_XON) {
1280 xon_char = rpn->xon_char;
1281 if (xon_char != RFCOMM_RPN_XON_CHAR) {
1282 BT_DBG("RPN XON char mismatch 0x%x", xon_char);
1283 xon_char = RFCOMM_RPN_XON_CHAR;
1284 rpn_mask ^= RFCOMM_RPN_PM_XON;
1287 if (rpn->param_mask & RFCOMM_RPN_PM_XOFF) {
1288 xoff_char = rpn->xoff_char;
1289 if (xoff_char != RFCOMM_RPN_XOFF_CHAR) {
1290 BT_DBG("RPN XOFF char mismatch 0x%x", xoff_char);
1291 xoff_char = RFCOMM_RPN_XOFF_CHAR;
1292 rpn_mask ^= RFCOMM_RPN_PM_XOFF;
1297 rfcomm_send_rpn(s, 0, dlci,
1298 bit_rate, data_bits, stop_bits, parity, flow_ctrl,
1299 xon_char, xoff_char, rpn_mask);
1304 static int rfcomm_recv_rls(struct rfcomm_session *s, int cr, struct sk_buff *skb)
1306 struct rfcomm_rls *rls = (void *) skb->data;
1307 u8 dlci = __get_dlci(rls->dlci);
1309 BT_DBG("dlci %d cr %d status 0x%x", dlci, cr, rls->status);
1314 /* FIXME: We should probably do something with this
1315 information here. But for now it's sufficient just
1316 to reply -- Bluetooth 1.1 says it's mandatory to
1317 recognise and respond to RLS */
1319 rfcomm_send_rls(s, 0, dlci, rls->status);
1324 static int rfcomm_recv_msc(struct rfcomm_session *s, int cr, struct sk_buff *skb)
1326 struct rfcomm_msc *msc = (void *) skb->data;
1327 struct rfcomm_dlc *d;
1328 u8 dlci = __get_dlci(msc->dlci);
1330 BT_DBG("dlci %d cr %d v24 0x%x", dlci, cr, msc->v24_sig);
1332 d = rfcomm_dlc_get(s, dlci);
1337 if (msc->v24_sig & RFCOMM_V24_FC && !d->cfc)
1338 set_bit(RFCOMM_TX_THROTTLED, &d->flags);
1340 clear_bit(RFCOMM_TX_THROTTLED, &d->flags);
1343 if (d->modem_status)
1344 d->modem_status(d, msc->v24_sig);
1345 rfcomm_dlc_unlock(d);
1347 rfcomm_send_msc(s, 0, dlci, msc->v24_sig);
1349 d->mscex |= RFCOMM_MSCEX_RX;
1351 d->mscex |= RFCOMM_MSCEX_TX;
1356 static int rfcomm_recv_mcc(struct rfcomm_session *s, struct sk_buff *skb)
1358 struct rfcomm_mcc *mcc = (void *) skb->data;
1361 cr = __test_cr(mcc->type);
1362 type = __get_mcc_type(mcc->type);
1363 len = __get_mcc_len(mcc->len);
1365 BT_DBG("%p type 0x%x cr %d", s, type, cr);
1371 rfcomm_recv_pn(s, cr, skb);
1375 rfcomm_recv_rpn(s, cr, len, skb);
1379 rfcomm_recv_rls(s, cr, skb);
1383 rfcomm_recv_msc(s, cr, skb);
1388 set_bit(RFCOMM_TX_THROTTLED, &s->flags);
1389 rfcomm_send_fcoff(s, 0);
1395 clear_bit(RFCOMM_TX_THROTTLED, &s->flags);
1396 rfcomm_send_fcon(s, 0);
1402 rfcomm_send_test(s, 0, skb->data, skb->len);
1409 BT_ERR("Unknown control type 0x%02x", type);
1410 rfcomm_send_nsc(s, cr, type);
1416 static int rfcomm_recv_data(struct rfcomm_session *s, u8 dlci, int pf, struct sk_buff *skb)
1418 struct rfcomm_dlc *d;
1420 BT_DBG("session %p state %ld dlci %d pf %d", s, s->state, dlci, pf);
1422 d = rfcomm_dlc_get(s, dlci);
1424 rfcomm_send_dm(s, dlci);
1429 u8 credits = *(u8 *) skb->data; skb_pull(skb, 1);
1431 d->tx_credits += credits;
1433 clear_bit(RFCOMM_TX_THROTTLED, &d->flags);
1436 if (skb->len && d->state == BT_CONNECTED) {
1439 d->data_ready(d, skb);
1440 rfcomm_dlc_unlock(d);
1449 static int rfcomm_recv_frame(struct rfcomm_session *s, struct sk_buff *skb)
1451 struct rfcomm_hdr *hdr = (void *) skb->data;
1454 dlci = __get_dlci(hdr->addr);
1455 type = __get_type(hdr->ctrl);
1458 skb->len--; skb->tail--;
1459 fcs = *(u8 *) skb->tail;
1461 if (__check_fcs(skb->data, type, fcs)) {
1462 BT_ERR("bad checksum in packet");
1467 if (__test_ea(hdr->len))
1474 if (__test_pf(hdr->ctrl))
1475 rfcomm_recv_sabm(s, dlci);
1479 if (__test_pf(hdr->ctrl))
1480 rfcomm_recv_disc(s, dlci);
1484 if (__test_pf(hdr->ctrl))
1485 rfcomm_recv_ua(s, dlci);
1489 rfcomm_recv_dm(s, dlci);
1494 return rfcomm_recv_data(s, dlci, __test_pf(hdr->ctrl), skb);
1496 rfcomm_recv_mcc(s, skb);
1500 BT_ERR("Unknown packet type 0x%02x\n", type);
1507 /* ---- Connection and data processing ---- */
1509 static void rfcomm_process_connect(struct rfcomm_session *s)
1511 struct rfcomm_dlc *d;
1512 struct list_head *p, *n;
1514 BT_DBG("session %p state %ld", s, s->state);
1516 list_for_each_safe(p, n, &s->dlcs) {
1517 d = list_entry(p, struct rfcomm_dlc, list);
1518 if (d->state == BT_CONFIG) {
1520 rfcomm_send_pn(s, 1, d);
1525 /* Send data queued for the DLC.
1526 * Return number of frames left in the queue.
1528 static inline int rfcomm_process_tx(struct rfcomm_dlc *d)
1530 struct sk_buff *skb;
1533 BT_DBG("dlc %p state %ld cfc %d rx_credits %d tx_credits %d",
1534 d, d->state, d->cfc, d->rx_credits, d->tx_credits);
1536 /* Send pending MSC */
1537 if (test_and_clear_bit(RFCOMM_MSC_PENDING, &d->flags))
1538 rfcomm_send_msc(d->session, 1, d->dlci, d->v24_sig);
1542 * Give them some credits */
1543 if (!test_bit(RFCOMM_RX_THROTTLED, &d->flags) &&
1544 d->rx_credits <= (d->cfc >> 2)) {
1545 rfcomm_send_credits(d->session, d->addr, d->cfc - d->rx_credits);
1546 d->rx_credits = d->cfc;
1550 * Give ourselves some credits */
1554 if (test_bit(RFCOMM_TX_THROTTLED, &d->flags))
1555 return skb_queue_len(&d->tx_queue);
1557 while (d->tx_credits && (skb = skb_dequeue(&d->tx_queue))) {
1558 err = rfcomm_send_frame(d->session, skb->data, skb->len);
1560 skb_queue_head(&d->tx_queue, skb);
1567 if (d->cfc && !d->tx_credits) {
1568 /* We're out of TX credits.
1569 * Set TX_THROTTLED flag to avoid unnesary wakeups by dlc_send. */
1570 set_bit(RFCOMM_TX_THROTTLED, &d->flags);
1573 return skb_queue_len(&d->tx_queue);
1576 static inline void rfcomm_process_dlcs(struct rfcomm_session *s)
1578 struct rfcomm_dlc *d;
1579 struct list_head *p, *n;
1581 BT_DBG("session %p state %ld", s, s->state);
1583 list_for_each_safe(p, n, &s->dlcs) {
1584 d = list_entry(p, struct rfcomm_dlc, list);
1585 if (test_bit(RFCOMM_TIMED_OUT, &d->flags)) {
1586 __rfcomm_dlc_close(d, ETIMEDOUT);
1590 if (test_bit(RFCOMM_TX_THROTTLED, &s->flags))
1593 if ((d->state == BT_CONNECTED || d->state == BT_DISCONN) &&
1594 d->mscex == RFCOMM_MSCEX_OK)
1595 rfcomm_process_tx(d);
1599 static inline void rfcomm_process_rx(struct rfcomm_session *s)
1601 struct socket *sock = s->sock;
1602 struct sock *sk = sock->sk;
1603 struct sk_buff *skb;
1605 BT_DBG("session %p state %ld qlen %d", s, s->state, skb_queue_len(&sk->sk_receive_queue));
1607 /* Get data directly from socket receive queue without copying it. */
1608 while ((skb = skb_dequeue(&sk->sk_receive_queue))) {
1610 rfcomm_recv_frame(s, skb);
1613 if (sk->sk_state == BT_CLOSED) {
1615 rfcomm_session_put(s);
1617 rfcomm_session_close(s, sk->sk_err);
1621 static inline void rfcomm_accept_connection(struct rfcomm_session *s)
1623 struct socket *sock = s->sock, *nsock;
1626 /* Fast check for a new connection.
1627 * Avoids unnesesary socket allocations. */
1628 if (list_empty(&bt_sk(sock->sk)->accept_q))
1631 BT_DBG("session %p", s);
1633 if (sock_create_lite(PF_BLUETOOTH, sock->type, BTPROTO_L2CAP, &nsock))
1636 nsock->ops = sock->ops;
1638 __module_get(nsock->ops->owner);
1640 err = sock->ops->accept(sock, nsock, O_NONBLOCK);
1642 sock_release(nsock);
1646 /* Set our callbacks */
1647 nsock->sk->sk_data_ready = rfcomm_l2data_ready;
1648 nsock->sk->sk_state_change = rfcomm_l2state_change;
1650 s = rfcomm_session_add(nsock, BT_OPEN);
1652 rfcomm_session_hold(s);
1653 rfcomm_schedule(RFCOMM_SCHED_RX);
1655 sock_release(nsock);
1658 static inline void rfcomm_check_connection(struct rfcomm_session *s)
1660 struct sock *sk = s->sock->sk;
1662 BT_DBG("%p state %ld", s, s->state);
1664 switch(sk->sk_state) {
1666 s->state = BT_CONNECT;
1668 /* We can adjust MTU on outgoing sessions.
1669 * L2CAP MTU minus UIH header and FCS. */
1670 s->mtu = min(l2cap_pi(sk)->omtu, l2cap_pi(sk)->imtu) - 5;
1672 rfcomm_send_sabm(s, 0);
1676 s->state = BT_CLOSED;
1677 rfcomm_session_close(s, sk->sk_err);
1682 static inline void rfcomm_process_sessions(void)
1684 struct list_head *p, *n;
1688 list_for_each_safe(p, n, &session_list) {
1689 struct rfcomm_session *s;
1690 s = list_entry(p, struct rfcomm_session, list);
1692 if (s->state == BT_LISTEN) {
1693 rfcomm_accept_connection(s);
1697 rfcomm_session_hold(s);
1701 rfcomm_check_connection(s);
1705 rfcomm_process_rx(s);
1709 rfcomm_process_dlcs(s);
1711 rfcomm_session_put(s);
1717 static void rfcomm_worker(void)
1721 while (!atomic_read(&terminate)) {
1722 if (!test_bit(RFCOMM_SCHED_WAKEUP, &rfcomm_event)) {
1723 /* No pending events. Let's sleep.
1724 * Incoming connections and data will wake us up. */
1725 set_current_state(TASK_INTERRUPTIBLE);
1730 clear_bit(RFCOMM_SCHED_WAKEUP, &rfcomm_event);
1731 rfcomm_process_sessions();
1733 set_current_state(TASK_RUNNING);
1737 static int rfcomm_add_listener(bdaddr_t *ba)
1739 struct sockaddr_l2 addr;
1740 struct socket *sock;
1742 struct rfcomm_session *s;
1746 err = rfcomm_l2sock_create(&sock);
1748 BT_ERR("Create socket failed %d", err);
1753 bacpy(&addr.l2_bdaddr, ba);
1754 addr.l2_family = AF_BLUETOOTH;
1755 addr.l2_psm = htobs(RFCOMM_PSM);
1756 err = sock->ops->bind(sock, (struct sockaddr *) &addr, sizeof(addr));
1758 BT_ERR("Bind failed %d", err);
1762 /* Set L2CAP options */
1765 l2cap_pi(sk)->imtu = RFCOMM_MAX_L2CAP_MTU;
1768 /* Start listening on the socket */
1769 err = sock->ops->listen(sock, 10);
1771 BT_ERR("Listen failed %d", err);
1775 /* Add listening session */
1776 s = rfcomm_session_add(sock, BT_LISTEN);
1780 rfcomm_session_hold(s);
1787 static void rfcomm_kill_listener(void)
1789 struct rfcomm_session *s;
1790 struct list_head *p, *n;
1794 list_for_each_safe(p, n, &session_list) {
1795 s = list_entry(p, struct rfcomm_session, list);
1796 rfcomm_session_del(s);
1800 static int rfcomm_run(void *unused)
1802 rfcomm_thread = current;
1804 atomic_inc(&running);
1806 daemonize("krfcommd");
1807 set_user_nice(current, -10);
1808 current->flags |= PF_NOFREEZE;
1812 rfcomm_add_listener(BDADDR_ANY);
1816 rfcomm_kill_listener();
1818 atomic_dec(&running);
1822 /* ---- Proc fs support ---- */
1823 #ifdef CONFIG_PROC_FS
1824 static void *rfcomm_seq_start(struct seq_file *seq, loff_t *pos)
1826 struct rfcomm_session *s;
1827 struct list_head *pp, *p;
1832 list_for_each(p, &session_list) {
1833 s = list_entry(p, struct rfcomm_session, list);
1834 list_for_each(pp, &s->dlcs)
1843 static void *rfcomm_seq_next(struct seq_file *seq, void *e, loff_t *pos)
1845 struct rfcomm_session *s = seq->private;
1846 struct list_head *pp, *p = e;
1849 if (p->next != &s->dlcs)
1852 list_for_each(p, &session_list) {
1853 s = list_entry(p, struct rfcomm_session, list);
1854 __list_for_each(pp, &s->dlcs) {
1862 static void rfcomm_seq_stop(struct seq_file *seq, void *e)
1867 static int rfcomm_seq_show(struct seq_file *seq, void *e)
1869 struct rfcomm_session *s = seq->private;
1870 struct sock *sk = s->sock->sk;
1871 struct rfcomm_dlc *d = list_entry(e, struct rfcomm_dlc, list);
1873 seq_printf(seq, "%s %s %ld %d %d %d %d\n",
1874 batostr(&bt_sk(sk)->src), batostr(&bt_sk(sk)->dst),
1875 d->state, d->dlci, d->mtu, d->rx_credits, d->tx_credits);
1879 static struct seq_operations rfcomm_seq_ops = {
1880 .start = rfcomm_seq_start,
1881 .next = rfcomm_seq_next,
1882 .stop = rfcomm_seq_stop,
1883 .show = rfcomm_seq_show
1886 static int rfcomm_seq_open(struct inode *inode, struct file *file)
1888 return seq_open(file, &rfcomm_seq_ops);
1891 static struct file_operations rfcomm_seq_fops = {
1892 .owner = THIS_MODULE,
1893 .open = rfcomm_seq_open,
1895 .llseek = seq_lseek,
1896 .release = seq_release,
1899 static int __init rfcomm_proc_init(void)
1901 struct proc_dir_entry *p;
1903 proc_bt_rfcomm = proc_mkdir("rfcomm", proc_bt);
1904 if (proc_bt_rfcomm) {
1905 proc_bt_rfcomm->owner = THIS_MODULE;
1907 p = create_proc_entry("dlc", S_IRUGO, proc_bt_rfcomm);
1909 p->proc_fops = &rfcomm_seq_fops;
1914 static void __exit rfcomm_proc_cleanup(void)
1916 remove_proc_entry("dlc", proc_bt_rfcomm);
1918 remove_proc_entry("rfcomm", proc_bt);
1921 #else /* CONFIG_PROC_FS */
1923 static int __init rfcomm_proc_init(void)
1928 static void __exit rfcomm_proc_cleanup(void)
1932 #endif /* CONFIG_PROC_FS */
1934 /* ---- Initialization ---- */
1935 static int __init rfcomm_init(void)
1939 kernel_thread(rfcomm_run, NULL, CLONE_KERNEL);
1941 BT_INFO("RFCOMM ver %s", VERSION);
1945 rfcomm_init_sockets();
1947 #ifdef CONFIG_BT_RFCOMM_TTY
1954 static void __exit rfcomm_exit(void)
1956 /* Terminate working thread.
1957 * ie. Set terminate flag and wake it up */
1958 atomic_inc(&terminate);
1959 rfcomm_schedule(RFCOMM_SCHED_STATE);
1961 /* Wait until thread is running */
1962 while (atomic_read(&running))
1965 #ifdef CONFIG_BT_RFCOMM_TTY
1966 rfcomm_cleanup_ttys();
1969 rfcomm_cleanup_sockets();
1971 rfcomm_proc_cleanup();
1974 module_init(rfcomm_init);
1975 module_exit(rfcomm_exit);
1977 MODULE_AUTHOR("Maxim Krasnyansky <maxk@qualcomm.com>, Marcel Holtmann <marcel@holtmann.org>");
1978 MODULE_DESCRIPTION("Bluetooth RFCOMM ver " VERSION);
1979 MODULE_VERSION(VERSION);
1980 MODULE_LICENSE("GPL");
1981 MODULE_ALIAS("bt-proto-3");