1 diff -Nur c3000_pre/linux/CREDITS c3000_work/linux/CREDITS
2 --- c3000_pre/linux/CREDITS 2004-08-21 09:48:05.000000000 +0900
3 +++ c3000_work/linux/CREDITS 2004-12-16 23:01:14.000000000 +0900
7 W: http://www.holtmann.org
8 -D: Author of the Linux Bluetooth Subsystem PC Card drivers
9 +D: Maintainer of the Linux Bluetooth Subsystem
10 +D: Author and maintainer of the various Bluetooth HCI drivers
11 +D: Author and maintainer of the CAPI message transport protocol driver
12 +D: Author and maintainer of the Bluetooth HID protocol driver
13 +D: Various other Bluetooth related patches, cleanups and fixes
18 N: Aristeu Sergio Rozanski Filho
19 E: aris@conectiva.com.br
20 D: Support for EtherExpress 10 ISA (i82595) in eepro driver
21 +D: User level driver support for input
23 S: R. Tocantins, 89 - Cristo Rei
24 S: 80050-430 - Curitiba - ParanĂ¡
25 diff -Nur c3000_pre/linux/Documentation/Configure.help c3000_work/linux/Documentation/Configure.help
26 --- c3000_pre/linux/Documentation/Configure.help 2004-08-21 09:48:06.000000000 +0900
27 +++ c3000_work/linux/Documentation/Configure.help 2004-12-16 23:01:14.000000000 +0900
28 @@ -12238,6 +12238,12 @@
32 +Hotplug firmware loading support (EXPERIMENTAL)
34 + This option is provided for the case where no in-kernel-tree modules require
35 + hotplug firmware loading support, but a module built outside the kernel tree
38 Use PCI shared memory for NIC registers
40 Use PCI shared memory for the NIC registers, rather than going through
41 @@ -14373,6 +14379,15 @@
42 accessible under char device 13:64+ - /dev/input/eventX in a generic
43 way. This is the future ...
46 + Say Y here if you want to support user level drivers for input
47 + subsystem accessible under char device 10:223 - /dev/input/uinput.
49 + This driver is also available as a module ( = code which can be
50 + inserted in and removed from the running kernel whenever you want).
51 + The module will be called uinput.o. If you want to compile it as a
52 + module, say M here and read <file:Documentation/modules.txt>.
56 Say Y here if you want to connect a USB scanner to your computer's
57 @@ -21868,19 +21883,21 @@
59 Linux Bluetooth subsystem consist of several layers:
60 BlueZ Core (HCI device and connection manager, scheduler)
61 - HCI Device drivers (interface to the hardware)
62 - L2CAP Module (L2CAP protocol)
63 - SCO Module (SCO links)
64 + HCI Device drivers (Interface to the hardware)
65 + SCO Module (SCO audio links)
66 + L2CAP Module (Logical Link Control and Adaptation Protocol)
67 + RFCOMM Module (RFCOMM Protocol)
68 + BNEP Module (Bluetooth Network Encapsulation Protocol)
69 + CMTP Module (CAPI Message Transport Protocol)
70 + HIDP Module (Human Interface Device Protocol)
72 - Say Y here to enable Linux Bluetooth support and to build BlueZ Core
74 + Say Y here to compile Bluetooth support into the kernel or say M to
75 + compile it as module (bluez.o).
77 To use Linux Bluetooth subsystem, you will need several user-space
78 utilities like hciconfig and hcid. These utilities and updates to
79 Bluetooth kernel modules are provided in the BlueZ package.
80 - For more information, see <http://bluez.sourceforge.net/>.
82 - If you want to compile BlueZ Core as module (bluez.o) say M here.
83 + For more information, see <http://www.bluez.org/>.
85 L2CAP protocol support
87 @@ -21893,25 +21910,60 @@
91 - SCO link provides voice transport over Bluetooth. SCO support is
92 + SCO link provides voice transport over Bluetooth. SCO support is
93 required for voice applications like Headset and Audio.
95 Say Y here to compile SCO support into the kernel or say M to
96 compile it as module (sco.o).
98 +RFCOMM protocol support
100 + RFCOMM provides connection oriented stream transport. RFCOMM
101 + support is required for Dialup Networking, OBEX and other Bluetooth
104 + Say Y here to compile RFCOMM support into the kernel or say M to
105 + compile it as module (rfcomm.o).
107 +RFCOMM TTY emulation support
108 +CONFIG_BLUEZ_RFCOMM_TTY
109 + This option enables TTY emulation support for RFCOMM channels.
111 BNEP protocol support
113 BNEP (Bluetooth Network Encapsulation Protocol) is Ethernet
114 - emulation layer on top of Bluetooth. BNEP is required for Bluetooth
115 - PAN (Personal Area Network).
117 - To use BNEP, you will need user-space utilities provided in the
119 - For more information, see <http://bluez.sourceforge.net>.
120 + emulation layer on top of Bluetooth. BNEP is required for
121 + Bluetooth PAN (Personal Area Network).
123 Say Y here to compile BNEP support into the kernel or say M to
124 compile it as module (bnep.o).
126 +BNEP multicast filter support
127 +CONFIG_BLUEZ_BNEP_MC_FILTER
128 + This option enables the multicast filter support for BNEP.
130 +BNEP protocol filter support
131 +CONFIG_BLUEZ_BNEP_PROTO_FILTER
132 + This option enables the protocol filter support for BNEP.
134 +CMTP protocol support
136 + CMTP (CAPI Message Transport Protocol) is a transport layer
137 + for CAPI messages. CMTP is required for the Bluetooth Common
138 + ISDN Access Profile.
140 + Say Y here to compile CMTP support into the kernel or say M to
141 + compile it as module (cmtp.o).
143 +HIDP protocol support
145 + HIDP (Human Interface Device Protocol) is a transport layer
146 + for HID reports. HIDP is required for the Bluetooth Human
147 + Interface Device Profile.
149 + Say Y here to compile HIDP support into the kernel or say M to
150 + compile it as module (hidp.o).
154 Bluetooth HCI UART driver.
155 @@ -21926,11 +21978,26 @@
156 HCI UART (H4) protocol support
157 CONFIG_BLUEZ_HCIUART_H4
158 UART (H4) is serial protocol for communication between Bluetooth
159 - device and host. This protocol is required for most UART based
160 - Bluetooth device (including PCMCIA and CF).
161 + device and host. This protocol is required for most Bluetooth devices
162 + with UART interface, including PCMCIA and CF cards.
164 Say Y here to compile support for HCI UART (H4) protocol.
166 +HCI BCSP protocol support
167 +CONFIG_BLUEZ_HCIUART_BCSP
168 + BCSP (BlueCore Serial Protocol) is serial protocol for communication
169 + between Bluetooth device and host. This protocol is required for non
170 + USB Bluetooth devices based on CSR BlueCore chip, including PCMCIA and
173 + Say Y here to compile support for HCI BCSP protocol.
175 +HCI BCSP transmit CRC with every BCSP packet
176 +CONFIG_BLUEZ_HCIUART_BCSP_TXCRC
177 + If you say Y here, a 16-bit CRC checksum will be transmitted along with
178 + every BCSP (BlueCore Serial Protocol) packet sent to the Bluetooth chip.
179 + This increases reliability, but slightly reduces efficiency.
183 Bluetooth HCI USB driver.
184 @@ -21940,14 +22007,15 @@
185 Say Y here to compile support for Bluetooth USB devices into the
186 kernel or say M to compile it as module (hci_usb.o).
188 -HCI USB zero packet support
189 -CONFIG_BLUEZ_USB_ZERO_PACKET
190 - Support for USB zero packets.
191 - This option is provided only as a work around for buggy Bluetooth USB
192 - devices. Do _not_ enable it unless you know for sure that your device
193 - requires zero packets.
194 - Most people should say N here.
196 +HCI USB SCO (voice) support
197 +CONFIG_BLUEZ_HCIUSB_SCO
198 + This option enables the SCO support in the HCI USB driver. You need this
199 + to transmit voice data with your Bluetooth USB device. And your device
200 + must also support sending SCO data over the HCI layer, because some of
201 + them sends the SCO data to an internal PCM adapter.
203 + Say Y here to compile support for HCI SCO data.
205 HCI VHCI Virtual HCI device driver
207 Bluetooth Virtual HCI device driver.
208 @@ -21956,6 +22024,16 @@
209 Say Y here to compile support for virtual HCI devices into the
210 kernel or say M to compile it as module (hci_vhci.o).
212 +HCI BFUSB device driver
213 +CONFIG_BLUEZ_HCIBFUSB
214 + Bluetooth HCI BlueFRITZ! USB driver.
215 + This driver provides support for Bluetooth USB devices with AVM
219 + Say Y here to compile support for HCI BFUSB devices into the
220 + kernel or say M to compile it as module (bfusb.o).
222 HCI DTL1 (PC Card) device driver
224 Bluetooth HCI DTL1 (PC Card) driver.
225 @@ -21975,9 +22053,6 @@
226 3Com Bluetooth Card (3CRWB6096)
229 - The HCI BT3C driver uses external firmware loader program provided in
230 - the BlueFW package. For more information, see <http://bluez.sf.net>.
232 Say Y here to compile support for HCI BT3C devices into the
233 kernel or say M to compile it as module (bt3c_cs.o).
235 @@ -21992,6 +22067,20 @@
236 Say Y here to compile support for HCI BlueCard devices into the
237 kernel or say M to compile it as module (bluecard_cs.o).
239 +HCI UART (PC Card) device driver
240 +CONFIG_BLUEZ_HCIBTUART
241 + Bluetooth HCI UART (PC Card) driver.
242 + This driver provides support for Bluetooth PCMCIA devices with
244 + Xircom CreditCard Bluetooth Adapter
245 + Xircom RealPort2 Bluetooth Adapter
248 + Cyber-blue Compact Flash Card
250 + Say Y here to compile support for HCI UART devices into the
251 + kernel or say M to compile it as module (btuart_cs.o).
253 # The following options are for Linux when running on the Hitachi
254 # SuperH family of RISC microprocessors.
256 diff -Nur c3000_pre/linux/Documentation/devices.txt c3000_work/linux/Documentation/devices.txt
257 --- c3000_pre/linux/Documentation/devices.txt 2004-08-21 09:48:06.000000000 +0900
258 +++ c3000_work/linux/Documentation/devices.txt 2004-12-16 23:01:14.000000000 +0900
260 220 = /dev/mptctl Message passing technology (MPT) control
261 221 = /dev/mvista/hssdsi Montavista PICMG hot swap system driver
262 222 = /dev/mvista/hasi Montavista PICMG high availability
263 + 223 = /dev/input/uinput User level driver support for input
264 240-255 Reserved for local use
266 11 char Raw keyboard device
267 diff -Nur c3000_pre/linux/Documentation/firmware_class/README c3000_work/linux/Documentation/firmware_class/README
268 --- c3000_pre/linux/Documentation/firmware_class/README 1970-01-01 09:00:00.000000000 +0900
269 +++ c3000_work/linux/Documentation/firmware_class/README 2004-12-16 23:01:14.000000000 +0900
272 + request_firmware() hotplug interface:
273 + ------------------------------------
274 + Copyright (C) 2003 Manuel Estrada Sainz <ranty@debian.org>
279 + Today, the most extended way to use firmware in the Linux kernel is linking
280 + it statically in a header file. Which has political and technical issues:
282 + 1) Some firmware is not legal to redistribute.
283 + 2) The firmware occupies memory permanently, even though it often is just
285 + 3) Some people, like the Debian crowd, don't consider some firmware free
286 + enough and remove entire drivers (e.g.: keyspan).
288 + about in-kernel persistence:
289 + ---------------------------
290 + Under some circumstances, as explained below, it would be interesting to keep
291 + firmware images in non-swappable kernel memory or even in the kernel image
292 + (probably within initramfs).
294 + Note that this functionality has not been implemented.
296 + - Why OPTIONAL in-kernel persistence may be a good idea sometimes:
298 + - If the device that needs the firmware is needed to access the
299 + filesystem. When upon some error the device has to be reset and the
300 + firmware reloaded, it won't be possible to get it from userspace.
302 + - A diskless client with a network card that needs firmware.
303 + - The filesystem is stored in a disk behind an scsi device
304 + that needs firmware.
305 + - Replacing buggy DSDT/SSDT ACPI tables on boot.
306 + Note: this would require the persistent objects to be included
307 + within the kernel image, probably within initramfs.
309 + And the same device can be needed to access the filesystem or not depending
310 + on the setup, so I think that the choice on what firmware to make
311 + persistent should be left to userspace.
313 + - Why register_firmware()+__init can be useful:
314 + - For boot devices needing firmware.
315 + - To make the transition easier:
316 + The firmware can be declared __init and register_firmware()
317 + called on module_init. Then the firmware is warranted to be
318 + there even if "firmware hotplug userspace" is not there yet or
319 + it doesn't yet provide the needed firmware.
320 + Once the firmware is widely available in userspace, it can be
321 + removed from the kernel. Or made optional (CONFIG_.*_FIRMWARE).
323 + In either case, if firmware hotplug support is there, it can move the
324 + firmware out of kernel memory into the real filesystem for later
327 + Note: If persistence is implemented on top of initramfs,
328 + register_firmware() may not be appropriate.
329 diff -Nur c3000_pre/linux/Documentation/firmware_class/firmware_sample_driver.c c3000_work/linux/Documentation/firmware_class/firmware_sample_driver.c
330 --- c3000_pre/linux/Documentation/firmware_class/firmware_sample_driver.c 1970-01-01 09:00:00.000000000 +0900
331 +++ c3000_work/linux/Documentation/firmware_class/firmware_sample_driver.c 2004-12-16 23:01:14.000000000 +0900
334 + * firmware_sample_driver.c -
336 + * Copyright (c) 2003 Manuel Estrada Sainz <ranty@debian.org>
338 + * Sample code on how to use request_firmware() from drivers.
340 + * Note that register_firmware() is currently useless.
344 +#include <linux/module.h>
345 +#include <linux/kernel.h>
346 +#include <linux/init.h>
347 +#include <linux/string.h>
349 +#include "linux/firmware.h"
351 +#define WE_CAN_NEED_FIRMWARE_BEFORE_USERSPACE_IS_AVAILABLE
352 +#ifdef WE_CAN_NEED_FIRMWARE_BEFORE_USERSPACE_IS_AVAILABLE
353 +char __init inkernel_firmware[] = "let's say that this is firmware\n";
356 +static char ghost_device[] = "ghost0";
358 +static void sample_firmware_load(char *firmware, int size)
361 + memcpy(buf, firmware, size);
363 + printk("firmware_sample_driver: firmware: %s\n", buf);
366 +static void sample_probe_default(void)
368 + /* uses the default method to get the firmware */
369 + const struct firmware *fw_entry;
370 + printk("firmware_sample_driver: a ghost device got inserted :)\n");
372 + if(request_firmware(&fw_entry, "sample_driver_fw", ghost_device)!=0)
375 + "firmware_sample_driver: Firmware not available\n");
379 + sample_firmware_load(fw_entry->data, fw_entry->size);
381 + release_firmware(fw_entry);
383 + /* finish setting up the device */
385 +static void sample_probe_specific(void)
387 + /* Uses some specific hotplug support to get the firmware from
388 + * userspace directly into the hardware, or via some sysfs file */
390 + /* NOTE: This currently doesn't work */
392 + printk("firmware_sample_driver: a ghost device got inserted :)\n");
394 + if(request_firmware(NULL, "sample_driver_fw", ghost_device)!=0)
397 + "firmware_sample_driver: Firmware load failed\n");
401 + /* request_firmware blocks until userspace finished, so at
402 + * this point the firmware should be already in the device */
404 + /* finish setting up the device */
406 +static void sample_probe_async_cont(const struct firmware *fw, void *context)
410 + "firmware_sample_driver: firmware load failed\n");
414 + printk("firmware_sample_driver: device pointer \"%s\"\n",
416 + sample_firmware_load(fw->data, fw->size);
418 +static void sample_probe_async(void)
420 + /* Let's say that I can't sleep */
422 + error = request_firmware_nowait (THIS_MODULE,
423 + "sample_driver_fw", ghost_device,
424 + "my device pointer",
425 + sample_probe_async_cont);
428 + "firmware_sample_driver:"
429 + " request_firmware_nowait failed\n");
433 +static int sample_init(void)
435 +#ifdef WE_CAN_NEED_FIRMWARE_BEFORE_USERSPACE_IS_AVAILABLE
436 + register_firmware("sample_driver_fw", inkernel_firmware,
437 + sizeof(inkernel_firmware));
439 + /* since there is no real hardware insertion I just call the
440 + * sample probe functions here */
441 + sample_probe_specific();
442 + sample_probe_default();
443 + sample_probe_async();
446 +static void __exit sample_exit(void)
450 +module_init (sample_init);
451 +module_exit (sample_exit);
453 +MODULE_LICENSE("GPL");
454 diff -Nur c3000_pre/linux/Documentation/firmware_class/hotplug-script c3000_work/linux/Documentation/firmware_class/hotplug-script
455 --- c3000_pre/linux/Documentation/firmware_class/hotplug-script 1970-01-01 09:00:00.000000000 +0900
456 +++ c3000_work/linux/Documentation/firmware_class/hotplug-script 2004-12-16 23:01:14.000000000 +0900
460 +# Simple hotplug script sample:
462 +# Both $DEVPATH and $FIRMWARE are already provided in the environment.
464 +HOTPLUG_FW_DIR=/usr/lib/hotplug/firmware/
466 +echo 1 > /sysfs/$DEVPATH/loading
467 +cat $HOTPLUG_FW_DIR/$FIRMWARE > /sysfs/$DEVPATH/data
468 +echo 0 > /sysfs/$DEVPATH/loading
470 +# To cancel the load in case of error:
472 +# echo -1 > /sysfs/$DEVPATH/loading
474 diff -Nur c3000_pre/linux/MAINTAINERS c3000_work/linux/MAINTAINERS
475 --- c3000_pre/linux/MAINTAINERS 2004-08-21 09:48:05.000000000 +0900
476 +++ c3000_work/linux/MAINTAINERS 2004-12-16 23:01:14.000000000 +0900
477 @@ -267,16 +267,88 @@
478 L: linux-kernel@vger.kernel.org
481 -BLUETOOTH SUBSYSTEM (BlueZ)
484 +M: marcel@holtmann.org
487 +L: bluez-devel@lists.sf.net
488 W: http://bluez.sf.net
489 +W: http://www.bluez.org
490 +W: http://www.holtmann.org/linux/bluetooth/
493 -BLUETOOTH SUBSYSTEM (PC Card Drivers)
494 +BLUETOOTH RFCOMM LAYER
496 M: marcel@holtmann.org
497 -W: http://www.holtmann.org/linux/bluetooth/
498 +P: Maxim Krasnyansky
499 +M: maxk@qualcomm.com
502 +BLUETOOTH BNEP LAYER
504 +M: marcel@holtmann.org
505 +P: Maxim Krasnyansky
506 +M: maxk@qualcomm.com
509 +BLUETOOTH CMTP LAYER
511 +M: marcel@holtmann.org
514 +BLUETOOTH HIDP LAYER
516 +M: marcel@holtmann.org
519 +BLUETOOTH HCI UART DRIVER
521 +M: marcel@holtmann.org
522 +P: Maxim Krasnyansky
523 +M: maxk@qualcomm.com
526 +BLUETOOTH HCI USB DRIVER
528 +M: marcel@holtmann.org
529 +P: Maxim Krasnyansky
530 +M: maxk@qualcomm.com
533 +BLUETOOTH HCI BCM203X DRIVER
535 +M: marcel@holtmann.org
538 +BLUETOOTH HCI BFUSB DRIVER
540 +M: marcel@holtmann.org
543 +BLUETOOTH HCI DTL1 DRIVER
545 +M: marcel@holtmann.org
548 +BLUETOOTH HCI BLUECARD DRIVER
550 +M: marcel@holtmann.org
553 +BLUETOOTH HCI BT3C DRIVER
555 +M: marcel@holtmann.org
558 +BLUETOOTH HCI BTUART DRIVER
560 +M: marcel@holtmann.org
563 +BLUETOOTH HCI VHCI DRIVER
564 +P: Maxim Krasnyansky
565 +M: maxk@qualcomm.com
568 BTTV VIDEO4LINUX DRIVER
569 diff -Nur c3000_pre/linux/arch/sparc64/kernel/ioctl32.c c3000_work/linux/arch/sparc64/kernel/ioctl32.c
570 --- c3000_pre/linux/arch/sparc64/kernel/ioctl32.c 2004-08-21 09:48:22.000000000 +0900
571 +++ c3000_work/linux/arch/sparc64/kernel/ioctl32.c 2004-12-16 23:01:14.000000000 +0900
574 #include <net/bluetooth/bluetooth.h>
575 #include <net/bluetooth/hci.h>
576 +#include <net/bluetooth/rfcomm.h>
578 #include <linux/usb.h>
579 #include <linux/usbdevice_fs.h>
580 @@ -4286,6 +4287,25 @@
581 return sys_ioctl(fd, BLKGETSIZE64, arg);
584 +/* Bluetooth ioctls */
585 +#define HCIUARTSETPROTO _IOW('U', 200, int)
586 +#define HCIUARTGETPROTO _IOR('U', 201, int)
588 +#define BNEPCONNADD _IOW('B', 200, int)
589 +#define BNEPCONNDEL _IOW('B', 201, int)
590 +#define BNEPGETCONNLIST _IOR('B', 210, int)
591 +#define BNEPGETCONNINFO _IOR('B', 211, int)
593 +#define CMTPCONNADD _IOW('C', 200, int)
594 +#define CMTPCONNDEL _IOW('C', 201, int)
595 +#define CMTPGETCONNLIST _IOR('C', 210, int)
596 +#define CMTPGETCONNINFO _IOR('C', 211, int)
598 +#define HIDPCONNADD _IOW('H', 200, int)
599 +#define HIDPCONNDEL _IOW('H', 201, int)
600 +#define HIDPGETCONNLIST _IOR('H', 210, int)
601 +#define HIDPGETCONNINFO _IOR('H', 211, int)
605 unsigned int handler;
606 @@ -4987,6 +5007,25 @@
607 COMPATIBLE_IOCTL(HCISETACLMTU)
608 COMPATIBLE_IOCTL(HCISETSCOMTU)
609 COMPATIBLE_IOCTL(HCIINQUIRY)
610 +COMPATIBLE_IOCTL(HCIUARTSETPROTO)
611 +COMPATIBLE_IOCTL(HCIUARTGETPROTO)
612 +COMPATIBLE_IOCTL(RFCOMMCREATEDEV)
613 +COMPATIBLE_IOCTL(RFCOMMRELEASEDEV)
614 +COMPATIBLE_IOCTL(RFCOMMGETDEVLIST)
615 +COMPATIBLE_IOCTL(RFCOMMGETDEVINFO)
616 +COMPATIBLE_IOCTL(RFCOMMSTEALDLC)
617 +COMPATIBLE_IOCTL(BNEPCONNADD)
618 +COMPATIBLE_IOCTL(BNEPCONNDEL)
619 +COMPATIBLE_IOCTL(BNEPGETCONNLIST)
620 +COMPATIBLE_IOCTL(BNEPGETCONNINFO)
621 +COMPATIBLE_IOCTL(CMTPCONNADD)
622 +COMPATIBLE_IOCTL(CMTPCONNDEL)
623 +COMPATIBLE_IOCTL(CMTPGETCONNLIST)
624 +COMPATIBLE_IOCTL(CMTPGETCONNINFO)
625 +COMPATIBLE_IOCTL(HIDPCONNADD)
626 +COMPATIBLE_IOCTL(HIDPCONNDEL)
627 +COMPATIBLE_IOCTL(HIDPGETCONNLIST)
628 +COMPATIBLE_IOCTL(HIDPGETCONNINFO)
630 COMPATIBLE_IOCTL(0x41545900) /* ATYIO_CLKR */
631 COMPATIBLE_IOCTL(0x41545901) /* ATYIO_CLKW */
632 diff -Nur c3000_pre/linux/drivers/bluetooth/Config.in c3000_work/linux/drivers/bluetooth/Config.in
633 --- c3000_pre/linux/drivers/bluetooth/Config.in 2004-08-21 09:48:24.000000000 +0900
634 +++ c3000_work/linux/drivers/bluetooth/Config.in 2004-12-16 23:01:14.000000000 +0900
637 +# Bluetooth HCI device drivers configuration
640 mainmenu_option next_comment
641 comment 'Bluetooth device drivers'
643 dep_tristate 'HCI USB driver' CONFIG_BLUEZ_HCIUSB $CONFIG_BLUEZ $CONFIG_USB
644 if [ "$CONFIG_BLUEZ_HCIUSB" != "n" ]; then
645 - bool ' USB zero packet support' CONFIG_BLUEZ_USB_ZERO_PACKET
646 + bool ' SCO (voice) support' CONFIG_BLUEZ_HCIUSB_SCO
649 dep_tristate 'HCI UART driver' CONFIG_BLUEZ_HCIUART $CONFIG_BLUEZ
650 if [ "$CONFIG_BLUEZ_HCIUART" != "n" ]; then
651 bool ' UART (H4) protocol support' CONFIG_BLUEZ_HCIUART_H4
652 + bool ' BCSP protocol support' CONFIG_BLUEZ_HCIUART_BCSP
653 + dep_bool ' Transmit CRC with every BCSP packet' CONFIG_BLUEZ_HCIUART_BCSP_TXCRC $CONFIG_BLUEZ_HCIUART_BCSP
656 +dep_tristate 'HCI BlueFRITZ! USB driver' CONFIG_BLUEZ_HCIBFUSB $CONFIG_BLUEZ $CONFIG_USB
658 dep_tristate 'HCI DTL1 (PC Card) driver' CONFIG_BLUEZ_HCIDTL1 $CONFIG_PCMCIA $CONFIG_BLUEZ
660 dep_tristate 'HCI BT3C (PC Card) driver' CONFIG_BLUEZ_HCIBT3C $CONFIG_PCMCIA $CONFIG_BLUEZ
662 dep_tristate 'HCI BlueCard (PC Card) driver' CONFIG_BLUEZ_HCIBLUECARD $CONFIG_PCMCIA $CONFIG_BLUEZ
664 +dep_tristate 'HCI UART (PC Card) driver' CONFIG_BLUEZ_HCIBTUART $CONFIG_PCMCIA $CONFIG_BLUEZ
666 dep_tristate 'HCI VHCI (Virtual HCI device) driver' CONFIG_BLUEZ_HCIVHCI $CONFIG_BLUEZ
670 diff -Nur c3000_pre/linux/drivers/bluetooth/Makefile c3000_work/linux/drivers/bluetooth/Makefile
671 --- c3000_pre/linux/drivers/bluetooth/Makefile 2004-08-21 09:48:24.000000000 +0900
672 +++ c3000_work/linux/drivers/bluetooth/Makefile 2004-12-16 23:01:14.000000000 +0900
675 -# Makefile for Bluetooth HCI device drivers.
676 +# Makefile for the Linux Bluetooth HCI device drivers
679 O_TARGET := bluetooth.o
681 obj-$(CONFIG_BLUEZ_HCIUSB) += hci_usb.o
682 obj-$(CONFIG_BLUEZ_HCIVHCI) += hci_vhci.o
684 -obj-$(CONFIG_BLUEZ_HCIUART) += hci_uart.o
685 -uart-y := hci_ldisc.o
686 -uart-$(CONFIG_BLUEZ_HCIUART_H4) += hci_h4.o
687 +obj-$(CONFIG_BLUEZ_HCIUART) += hci_uart.o
688 +uart-y := hci_ldisc.o
689 +uart-$(CONFIG_BLUEZ_HCIUART_H4) += hci_h4.o
690 +uart-$(CONFIG_BLUEZ_HCIUART_BCSP) += hci_bcsp.o
692 +obj-$(CONFIG_BLUEZ_HCIBFUSB) += bfusb.o
694 obj-$(CONFIG_BLUEZ_HCIDTL1) += dtl1_cs.o
695 obj-$(CONFIG_BLUEZ_HCIBT3C) += bt3c_cs.o
696 obj-$(CONFIG_BLUEZ_HCIBLUECARD) += bluecard_cs.o
697 +obj-$(CONFIG_BLUEZ_HCIBTUART) += btuart_cs.o
699 include $(TOPDIR)/Rules.make
701 diff -Nur c3000_pre/linux/drivers/bluetooth/Makefile.lib c3000_work/linux/drivers/bluetooth/Makefile.lib
702 --- c3000_pre/linux/drivers/bluetooth/Makefile.lib 1970-01-01 09:00:00.000000000 +0900
703 +++ c3000_work/linux/drivers/bluetooth/Makefile.lib 2004-12-16 23:01:14.000000000 +0900
705 +obj-$(CONFIG_BLUEZ_HCIBFUSB) += firmware_class.o
706 +obj-$(CONFIG_BLUEZ_HCIBT3C) += firmware_class.o
707 diff -Nur c3000_pre/linux/drivers/bluetooth/bfusb.c c3000_work/linux/drivers/bluetooth/bfusb.c
708 --- c3000_pre/linux/drivers/bluetooth/bfusb.c 1970-01-01 09:00:00.000000000 +0900
709 +++ c3000_work/linux/drivers/bluetooth/bfusb.c 2004-12-16 23:01:14.000000000 +0900
713 + * AVM BlueFRITZ! USB driver
715 + * Copyright (C) 2003 Marcel Holtmann <marcel@holtmann.org>
718 + * This program is free software; you can redistribute it and/or modify
719 + * it under the terms of the GNU General Public License as published by
720 + * the Free Software Foundation; either version 2 of the License, or
721 + * (at your option) any later version.
723 + * This program is distributed in the hope that it will be useful,
724 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
725 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
726 + * GNU General Public License for more details.
728 + * You should have received a copy of the GNU General Public License
729 + * along with this program; if not, write to the Free Software
730 + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
734 +#include <linux/config.h>
735 +#include <linux/module.h>
737 +#include <linux/kernel.h>
738 +#include <linux/init.h>
739 +#include <linux/slab.h>
740 +#include <linux/types.h>
741 +#include <linux/sched.h>
742 +#include <linux/errno.h>
743 +#include <linux/skbuff.h>
745 +#include <linux/firmware.h>
746 +#include <linux/usb.h>
748 +#include <net/bluetooth/bluetooth.h>
749 +#include <net/bluetooth/hci_core.h>
751 +#ifndef CONFIG_BLUEZ_HCIBFUSB_DEBUG
753 +#define BT_DBG(D...)
756 +#define VERSION "1.1"
758 +static struct usb_device_id bfusb_table[] = {
759 + /* AVM BlueFRITZ! USB */
760 + { USB_DEVICE(0x057c, 0x2200) },
762 + { } /* Terminating entry */
765 +MODULE_DEVICE_TABLE(usb, bfusb_table);
768 +#define BFUSB_MAX_BLOCK_SIZE 256
770 +#define BFUSB_BLOCK_TIMEOUT (HZ * 3)
772 +#define BFUSB_TX_PROCESS 1
773 +#define BFUSB_TX_WAKEUP 2
775 +#define BFUSB_MAX_BULK_TX 1
776 +#define BFUSB_MAX_BULK_RX 1
779 + struct hci_dev hdev;
781 + unsigned long state;
783 + struct usb_device *udev;
785 + unsigned int bulk_in_ep;
786 + unsigned int bulk_out_ep;
787 + unsigned int bulk_pkt_size;
791 + struct sk_buff_head transmit_q;
793 + struct sk_buff *reassembly;
795 + atomic_t pending_tx;
796 + struct sk_buff_head pending_q;
797 + struct sk_buff_head completed_q;
804 +static void bfusb_tx_complete(struct urb *urb);
805 +static void bfusb_rx_complete(struct urb *urb);
807 +static struct urb *bfusb_get_completed(struct bfusb *bfusb)
809 + struct sk_buff *skb;
810 + struct urb *urb = NULL;
812 + BT_DBG("bfusb %p", bfusb);
814 + skb = skb_dequeue(&bfusb->completed_q);
816 + urb = ((struct bfusb_scb *) skb->cb)->urb;
823 +static inline void bfusb_unlink_urbs(struct bfusb *bfusb)
825 + struct sk_buff *skb;
828 + BT_DBG("bfusb %p", bfusb);
830 + while ((skb = skb_dequeue(&bfusb->pending_q))) {
831 + urb = ((struct bfusb_scb *) skb->cb)->urb;
832 + usb_unlink_urb(urb);
833 + skb_queue_tail(&bfusb->completed_q, skb);
836 + while ((urb = bfusb_get_completed(bfusb)))
841 +static int bfusb_send_bulk(struct bfusb *bfusb, struct sk_buff *skb)
843 + struct bfusb_scb *scb = (void *) skb->cb;
844 + struct urb *urb = bfusb_get_completed(bfusb);
847 + BT_DBG("bfusb %p skb %p len %d", bfusb, skb, skb->len);
849 + if (!urb && !(urb = usb_alloc_urb(0)))
852 + pipe = usb_sndbulkpipe(bfusb->udev, bfusb->bulk_out_ep);
854 + FILL_BULK_URB(urb, bfusb->udev, pipe, skb->data, skb->len,
855 + bfusb_tx_complete, skb);
857 + urb->transfer_flags = USB_QUEUE_BULK;
861 + skb_queue_tail(&bfusb->pending_q, skb);
863 + err = usb_submit_urb(urb);
865 + BT_ERR("%s bulk tx submit failed urb %p err %d",
866 + bfusb->hdev.name, urb, err);
870 + atomic_inc(&bfusb->pending_tx);
875 +static void bfusb_tx_wakeup(struct bfusb *bfusb)
877 + struct sk_buff *skb;
879 + BT_DBG("bfusb %p", bfusb);
881 + if (test_and_set_bit(BFUSB_TX_PROCESS, &bfusb->state)) {
882 + set_bit(BFUSB_TX_WAKEUP, &bfusb->state);
887 + clear_bit(BFUSB_TX_WAKEUP, &bfusb->state);
889 + while ((atomic_read(&bfusb->pending_tx) < BFUSB_MAX_BULK_TX) &&
890 + (skb = skb_dequeue(&bfusb->transmit_q))) {
891 + if (bfusb_send_bulk(bfusb, skb) < 0) {
892 + skb_queue_head(&bfusb->transmit_q, skb);
897 + } while (test_bit(BFUSB_TX_WAKEUP, &bfusb->state));
899 + clear_bit(BFUSB_TX_PROCESS, &bfusb->state);
902 +static void bfusb_tx_complete(struct urb *urb)
904 + struct sk_buff *skb = (struct sk_buff *) urb->context;
905 + struct bfusb *bfusb = (struct bfusb *) skb->dev;
907 + BT_DBG("bfusb %p urb %p skb %p len %d", bfusb, urb, skb, skb->len);
909 + atomic_dec(&bfusb->pending_tx);
911 + if (!test_bit(HCI_RUNNING, &bfusb->hdev.flags))
915 + bfusb->hdev.stat.byte_tx += skb->len;
917 + bfusb->hdev.stat.err_tx++;
919 + read_lock(&bfusb->lock);
922 + skb_queue_tail(&bfusb->completed_q, skb);
924 + bfusb_tx_wakeup(bfusb);
926 + read_unlock(&bfusb->lock);
930 +static int bfusb_rx_submit(struct bfusb *bfusb, struct urb *urb)
932 + struct bfusb_scb *scb;
933 + struct sk_buff *skb;
934 + int err, pipe, size = HCI_MAX_FRAME_SIZE + 32;
936 + BT_DBG("bfusb %p urb %p", bfusb, urb);
938 + if (!urb && !(urb = usb_alloc_urb(0)))
941 + if (!(skb = bluez_skb_alloc(size, GFP_ATOMIC))) {
946 + skb->dev = (void *) bfusb;
948 + scb = (struct bfusb_scb *) skb->cb;
951 + pipe = usb_rcvbulkpipe(bfusb->udev, bfusb->bulk_in_ep);
953 + FILL_BULK_URB(urb, bfusb->udev, pipe, skb->data, size,
954 + bfusb_rx_complete, skb);
956 + urb->transfer_flags = USB_QUEUE_BULK;
958 + skb_queue_tail(&bfusb->pending_q, skb);
960 + err = usb_submit_urb(urb);
962 + BT_ERR("%s bulk rx submit failed urb %p err %d",
963 + bfusb->hdev.name, urb, err);
972 +static inline int bfusb_recv_block(struct bfusb *bfusb, int hdr, unsigned char *data, int len)
974 + BT_DBG("bfusb %p hdr 0x%02x data %p len %d", bfusb, hdr, data, len);
977 + BT_ERR("%s error in block", bfusb->hdev.name);
978 + if (bfusb->reassembly)
979 + kfree_skb(bfusb->reassembly);
980 + bfusb->reassembly = NULL;
985 + struct sk_buff *skb;
986 + unsigned char pkt_type;
989 + if (bfusb->reassembly) {
990 + BT_ERR("%s unexpected start block", bfusb->hdev.name);
991 + kfree_skb(bfusb->reassembly);
992 + bfusb->reassembly = NULL;
996 + BT_ERR("%s no packet type found", bfusb->hdev.name);
1000 + pkt_type = *data++; len--;
1002 + switch (pkt_type) {
1003 + case HCI_EVENT_PKT:
1004 + if (len >= HCI_EVENT_HDR_SIZE) {
1005 + hci_event_hdr *hdr = (hci_event_hdr *) data;
1006 + pkt_len = HCI_EVENT_HDR_SIZE + hdr->plen;
1008 + BT_ERR("%s event block is too short", bfusb->hdev.name);
1013 + case HCI_ACLDATA_PKT:
1014 + if (len >= HCI_ACL_HDR_SIZE) {
1015 + hci_acl_hdr *hdr = (hci_acl_hdr *) data;
1016 + pkt_len = HCI_ACL_HDR_SIZE + __le16_to_cpu(hdr->dlen);
1018 + BT_ERR("%s data block is too short", bfusb->hdev.name);
1023 + case HCI_SCODATA_PKT:
1024 + if (len >= HCI_SCO_HDR_SIZE) {
1025 + hci_sco_hdr *hdr = (hci_sco_hdr *) data;
1026 + pkt_len = HCI_SCO_HDR_SIZE + hdr->dlen;
1028 + BT_ERR("%s audio block is too short", bfusb->hdev.name);
1034 + skb = bluez_skb_alloc(pkt_len, GFP_ATOMIC);
1036 + BT_ERR("%s no memory for the packet", bfusb->hdev.name);
1040 + skb->dev = (void *) &bfusb->hdev;
1041 + skb->pkt_type = pkt_type;
1043 + bfusb->reassembly = skb;
1045 + if (!bfusb->reassembly) {
1046 + BT_ERR("%s unexpected continuation block", bfusb->hdev.name);
1052 + memcpy(skb_put(bfusb->reassembly, len), data, len);
1055 + hci_recv_frame(bfusb->reassembly);
1056 + bfusb->reassembly = NULL;
1062 +static void bfusb_rx_complete(struct urb *urb)
1064 + struct sk_buff *skb = (struct sk_buff *) urb->context;
1065 + struct bfusb *bfusb = (struct bfusb *) skb->dev;
1066 + unsigned char *buf = urb->transfer_buffer;
1067 + int count = urb->actual_length;
1068 + int err, hdr, len;
1070 + BT_DBG("bfusb %p urb %p skb %p len %d", bfusb, urb, skb, skb->len);
1072 + read_lock(&bfusb->lock);
1074 + if (!test_bit(HCI_RUNNING, &bfusb->hdev.flags))
1077 + if (urb->status || !count)
1080 + bfusb->hdev.stat.byte_rx += count;
1082 + skb_put(skb, count);
1085 + hdr = buf[0] | (buf[1] << 8);
1087 + if (hdr & 0x4000) {
1092 + len = (buf[2] == 0) ? 256 : buf[2];
1097 + if (count < len) {
1098 + BT_ERR("%s block extends over URB buffer ranges",
1099 + bfusb->hdev.name);
1102 + if ((hdr & 0xe1) == 0xc1)
1103 + bfusb_recv_block(bfusb, hdr, buf, len);
1112 + bfusb_rx_submit(bfusb, urb);
1114 + read_unlock(&bfusb->lock);
1119 + urb->dev = bfusb->udev;
1121 + err = usb_submit_urb(urb);
1123 + BT_ERR("%s bulk resubmit failed urb %p err %d",
1124 + bfusb->hdev.name, urb, err);
1128 + read_unlock(&bfusb->lock);
1132 +static int bfusb_open(struct hci_dev *hdev)
1134 + struct bfusb *bfusb = (struct bfusb *) hdev->driver_data;
1135 + unsigned long flags;
1138 + BT_DBG("hdev %p bfusb %p", hdev, bfusb);
1140 + if (test_and_set_bit(HCI_RUNNING, &hdev->flags))
1143 + MOD_INC_USE_COUNT;
1145 + write_lock_irqsave(&bfusb->lock, flags);
1147 + err = bfusb_rx_submit(bfusb, NULL);
1149 + for (i = 1; i < BFUSB_MAX_BULK_RX; i++)
1150 + bfusb_rx_submit(bfusb, NULL);
1152 + clear_bit(HCI_RUNNING, &hdev->flags);
1153 + MOD_DEC_USE_COUNT;
1156 + write_unlock_irqrestore(&bfusb->lock, flags);
1161 +static int bfusb_flush(struct hci_dev *hdev)
1163 + struct bfusb *bfusb = (struct bfusb *) hdev->driver_data;
1165 + BT_DBG("hdev %p bfusb %p", hdev, bfusb);
1167 + skb_queue_purge(&bfusb->transmit_q);
1172 +static int bfusb_close(struct hci_dev *hdev)
1174 + struct bfusb *bfusb = (struct bfusb *) hdev->driver_data;
1175 + unsigned long flags;
1177 + BT_DBG("hdev %p bfusb %p", hdev, bfusb);
1179 + if (!test_and_clear_bit(HCI_RUNNING, &hdev->flags))
1182 + write_lock_irqsave(&bfusb->lock, flags);
1184 + bfusb_unlink_urbs(bfusb);
1185 + bfusb_flush(hdev);
1187 + write_unlock_irqrestore(&bfusb->lock, flags);
1189 + MOD_DEC_USE_COUNT;
1194 +static int bfusb_send_frame(struct sk_buff *skb)
1196 + struct hci_dev *hdev = (struct hci_dev *) skb->dev;
1197 + struct bfusb *bfusb;
1198 + struct sk_buff *nskb;
1199 + unsigned char buf[3];
1200 + int sent = 0, size, count;
1202 + BT_DBG("hdev %p skb %p type %d len %d", hdev, skb, skb->pkt_type, skb->len);
1205 + BT_ERR("Frame for unknown HCI device (hdev=NULL)");
1209 + if (!test_bit(HCI_RUNNING, &hdev->flags))
1212 + bfusb = (struct bfusb *) hdev->driver_data;
1214 + switch (skb->pkt_type) {
1215 + case HCI_COMMAND_PKT:
1216 + hdev->stat.cmd_tx++;
1218 + case HCI_ACLDATA_PKT:
1219 + hdev->stat.acl_tx++;
1221 + case HCI_SCODATA_PKT:
1222 + hdev->stat.sco_tx++;
1226 + /* Prepend skb with frame type */
1227 + memcpy(skb_push(skb, 1), &(skb->pkt_type), 1);
1231 + /* Max HCI frame size seems to be 1511 + 1 */
1232 + if (!(nskb = bluez_skb_alloc(count + 32, GFP_ATOMIC))) {
1233 + BT_ERR("Can't allocate memory for new packet");
1237 + nskb->dev = (void *) bfusb;
1240 + size = min_t(uint, count, BFUSB_MAX_BLOCK_SIZE);
1242 + buf[0] = 0xc1 | ((sent == 0) ? 0x04 : 0) | ((count == size) ? 0x08 : 0);
1244 + buf[2] = (size == BFUSB_MAX_BLOCK_SIZE) ? 0 : size;
1246 + memcpy(skb_put(nskb, 3), buf, 3);
1247 + memcpy(skb_put(nskb, size), skb->data + sent, size);
1253 + /* Don't send frame with multiple size of bulk max packet */
1254 + if ((nskb->len % bfusb->bulk_pkt_size) == 0) {
1257 + memcpy(skb_put(nskb, 2), buf, 2);
1260 + read_lock(&bfusb->lock);
1262 + skb_queue_tail(&bfusb->transmit_q, nskb);
1263 + bfusb_tx_wakeup(bfusb);
1265 + read_unlock(&bfusb->lock);
1272 +static void bfusb_destruct(struct hci_dev *hdev)
1274 + struct bfusb *bfusb = (struct bfusb *) hdev->driver_data;
1276 + BT_DBG("hdev %p bfusb %p", hdev, bfusb);
1281 +static int bfusb_ioctl(struct hci_dev *hdev, unsigned int cmd, unsigned long arg)
1283 + return -ENOIOCTLCMD;
1287 +static int bfusb_load_firmware(struct bfusb *bfusb, unsigned char *firmware, int count)
1289 + unsigned char *buf;
1290 + int err, pipe, len, size, sent = 0;
1292 + BT_DBG("bfusb %p udev %p firmware %p count %d", bfusb, bfusb->udev, firmware, count);
1294 + BT_INFO("BlueFRITZ! USB loading firmware");
1296 + if (usb_set_configuration(bfusb->udev, 1) < 0) {
1297 + BT_ERR("Can't change to loading configuration");
1301 + buf = kmalloc(BFUSB_MAX_BLOCK_SIZE + 3, GFP_ATOMIC);
1303 + BT_ERR("Can't allocate memory chunk for firmware");
1307 + pipe = usb_sndbulkpipe(bfusb->udev, bfusb->bulk_out_ep);
1310 + size = min_t(uint, count, BFUSB_MAX_BLOCK_SIZE + 3);
1312 + memcpy(buf, firmware + sent, size);
1314 + err = usb_bulk_msg(bfusb->udev, pipe, buf, size,
1315 + &len, BFUSB_BLOCK_TIMEOUT);
1317 + if (err || (len != size)) {
1318 + BT_ERR("Error in firmware loading");
1326 + if ((err = usb_bulk_msg(bfusb->udev, pipe, NULL, 0,
1327 + &len, BFUSB_BLOCK_TIMEOUT)) < 0) {
1328 + BT_ERR("Error in null packet request");
1332 + if ((err = usb_set_configuration(bfusb->udev, 2)) < 0) {
1333 + BT_ERR("Can't change to running configuration");
1337 + BT_INFO("BlueFRITZ! USB device ready");
1345 + pipe = usb_sndctrlpipe(bfusb->udev, 0);
1347 + usb_control_msg(bfusb->udev, pipe, USB_REQ_SET_CONFIGURATION,
1348 + 0, 0, 0, NULL, 0, BFUSB_BLOCK_TIMEOUT);
1353 +static void *bfusb_probe(struct usb_device *udev, unsigned int ifnum, const struct usb_device_id *id)
1355 + const struct firmware *firmware;
1357 + struct usb_interface *iface;
1358 + struct usb_interface_descriptor *iface_desc;
1359 + struct usb_endpoint_descriptor *bulk_out_ep;
1360 + struct usb_endpoint_descriptor *bulk_in_ep;
1361 + struct hci_dev *hdev;
1362 + struct bfusb *bfusb;
1364 + BT_DBG("udev %p ifnum %d id %p", udev, ifnum, id);
1366 + /* Check number of endpoints */
1367 + iface = &udev->actconfig->interface[0];
1368 + iface_desc = &iface->altsetting[0];
1370 + if (iface_desc->bNumEndpoints < 2)
1373 + bulk_out_ep = &iface_desc->endpoint[0];
1374 + bulk_in_ep = &iface_desc->endpoint[1];
1376 + if (!bulk_out_ep || !bulk_in_ep) {
1377 + BT_ERR("Bulk endpoints not found");
1381 + /* Initialize control structure and load firmware */
1382 + if (!(bfusb = kmalloc(sizeof(struct bfusb), GFP_KERNEL))) {
1383 + BT_ERR("Can't allocate memory for control structure");
1387 + memset(bfusb, 0, sizeof(struct bfusb));
1389 + bfusb->udev = udev;
1390 + bfusb->bulk_in_ep = bulk_in_ep->bEndpointAddress;
1391 + bfusb->bulk_out_ep = bulk_out_ep->bEndpointAddress;
1392 + bfusb->bulk_pkt_size = bulk_out_ep->wMaxPacketSize;
1394 + bfusb->lock = RW_LOCK_UNLOCKED;
1396 + bfusb->reassembly = NULL;
1398 + skb_queue_head_init(&bfusb->transmit_q);
1399 + skb_queue_head_init(&bfusb->pending_q);
1400 + skb_queue_head_init(&bfusb->completed_q);
1402 + snprintf(device, sizeof(device), "bfusb%3.3d%3.3d", udev->bus->busnum, udev->devnum);
1404 + if (request_firmware(&firmware, "bfubase.frm", device) < 0) {
1405 + BT_ERR("Firmware request failed");
1409 + if (bfusb_load_firmware(bfusb, firmware->data, firmware->size) < 0) {
1410 + BT_ERR("Firmware loading failed");
1414 + release_firmware(firmware);
1416 + /* Initialize and register HCI device */
1417 + hdev = &bfusb->hdev;
1419 + hdev->type = HCI_USB;
1420 + hdev->driver_data = bfusb;
1422 + hdev->open = bfusb_open;
1423 + hdev->close = bfusb_close;
1424 + hdev->flush = bfusb_flush;
1425 + hdev->send = bfusb_send_frame;
1426 + hdev->destruct = bfusb_destruct;
1427 + hdev->ioctl = bfusb_ioctl;
1429 + if (hci_register_dev(hdev) < 0) {
1430 + BT_ERR("Can't register HCI device");
1437 + release_firmware(firmware);
1446 +static void bfusb_disconnect(struct usb_device *udev, void *ptr)
1448 + struct bfusb *bfusb = (struct bfusb *) ptr;
1449 + struct hci_dev *hdev = &bfusb->hdev;
1451 + BT_DBG("udev %p ptr %p", udev, ptr);
1456 + bfusb_close(hdev);
1458 + if (hci_unregister_dev(hdev) < 0)
1459 + BT_ERR("Can't unregister HCI device %s", hdev->name);
1462 +static struct usb_driver bfusb_driver = {
1464 + probe: bfusb_probe,
1465 + disconnect: bfusb_disconnect,
1466 + id_table: bfusb_table,
1469 +static int __init bfusb_init(void)
1473 + BT_INFO("BlueFRITZ! USB driver ver %s", VERSION);
1474 + BT_INFO("Copyright (C) 2003 Marcel Holtmann <marcel@holtmann.org>");
1476 + if ((err = usb_register(&bfusb_driver)) < 0)
1477 + BT_ERR("Failed to register BlueFRITZ! USB driver");
1482 +static void __exit bfusb_cleanup(void)
1484 + usb_deregister(&bfusb_driver);
1487 +module_init(bfusb_init);
1488 +module_exit(bfusb_cleanup);
1490 +MODULE_AUTHOR("Marcel Holtmann <marcel@holtmann.org>");
1491 +MODULE_DESCRIPTION("BlueFRITZ! USB driver ver " VERSION);
1492 +MODULE_LICENSE("GPL");
1493 diff -Nur c3000_pre/linux/drivers/bluetooth/bluecard_cs.c c3000_work/linux/drivers/bluetooth/bluecard_cs.c
1494 --- c3000_pre/linux/drivers/bluetooth/bluecard_cs.c 2004-08-21 09:48:24.000000000 +0900
1495 +++ c3000_work/linux/drivers/bluetooth/bluecard_cs.c 2004-12-16 23:01:14.000000000 +0900
1497 unsigned int iobase = info->link.io.BasePort1;
1498 struct hci_dev *hdev = &(info->hdev);
1500 + if (info->link.state & DEV_CONFIG_PENDING)
1503 bluecard_hci_close(hdev);
1505 clear_bit(CARD_READY, &(info->hw_state));
1506 diff -Nur c3000_pre/linux/drivers/bluetooth/bt3c_cs.c c3000_work/linux/drivers/bluetooth/bt3c_cs.c
1507 --- c3000_pre/linux/drivers/bluetooth/bt3c_cs.c 2004-08-21 09:48:24.000000000 +0900
1508 +++ c3000_work/linux/drivers/bluetooth/bt3c_cs.c 2004-12-16 23:01:14.000000000 +0900
1510 #include <linux/config.h>
1511 #include <linux/module.h>
1513 -#define __KERNEL_SYSCALLS__
1515 #include <linux/kernel.h>
1516 #include <linux/kmod.h>
1517 #include <linux/init.h>
1519 #include <asm/bitops.h>
1522 +#include <linux/firmware.h>
1524 #include <pcmcia/version.h>
1525 #include <pcmcia/cs_types.h>
1526 #include <pcmcia/cs.h>
1527 @@ -485,78 +485,101 @@
1531 -/* ======================== User mode firmware loader ======================== */
1532 +/* ======================== Card services HCI interaction ======================== */
1535 -#define FW_LOADER "/sbin/bluefw"
1537 +static int bt3c_load_firmware(bt3c_info_t *info, unsigned char *firmware, int count)
1539 + char *ptr = (char *) firmware;
1541 + unsigned int iobase, size, addr, fcs, tmp;
1544 + iobase = info->link.io.BasePort1;
1546 -static int bt3c_fw_loader_exec(void *dev)
1548 - char *argv[] = { FW_LOADER, "pccard", dev, NULL };
1549 - char *envp[] = { "HOME=/", "TERM=linux", "PATH=/sbin:/usr/sbin:/bin:/usr/bin", NULL };
1553 - err = exec_usermodehelper(FW_LOADER, argv, envp);
1555 - printk(KERN_WARNING "bt3c_cs: Failed to exec \"%s pccard %s\".\n", FW_LOADER, (char *)dev);
1556 + bt3c_io_write(iobase, 0x8040, 0x0404);
1557 + bt3c_io_write(iobase, 0x8040, 0x0400);
1563 + bt3c_io_write(iobase, 0x8040, 0x0404);
1565 -static int bt3c_firmware_load(bt3c_info_t *info)
1573 - /* Check if root fs is mounted */
1574 - if (!current->fs->root) {
1575 - printk(KERN_WARNING "bt3c_cs: Root filesystem is not mounted.\n");
1580 - sprintf(dev, "%04x", info->link.io.BasePort1);
1582 + if (ptr[0] != 'S') {
1583 + printk(KERN_WARNING "bt3c_cs: Bad address in firmware.\n");
1588 - pid = kernel_thread(bt3c_fw_loader_exec, (void *)dev, 0);
1590 - printk(KERN_WARNING "bt3c_cs: Forking of kernel thread failed (errno=%d).\n", -pid);
1593 + memset(b, 0, sizeof(b));
1594 + memcpy(b, ptr + 2, 2);
1595 + size = simple_strtol(b, NULL, 16);
1597 + memset(b, 0, sizeof(b));
1598 + memcpy(b, ptr + 4, 8);
1599 + addr = simple_strtol(b, NULL, 16);
1601 + memset(b, 0, sizeof(b));
1602 + memcpy(b, ptr + (size * 2) + 2, 2);
1603 + fcs = simple_strtol(b, NULL, 16);
1605 + memset(b, 0, sizeof(b));
1606 + for (tmp = 0, i = 0; i < size; i++) {
1607 + memcpy(b, ptr + (i * 2) + 2, 2);
1608 + tmp += simple_strtol(b, NULL, 16);
1611 - /* Block signals, everything but SIGKILL/SIGSTOP */
1612 - spin_lock_irq(¤t->sigmask_lock);
1613 - tmpsig = current->blocked;
1614 - siginitsetinv(¤t->blocked, sigmask(SIGKILL) | sigmask(SIGSTOP));
1615 - recalc_sigpending(current);
1616 - spin_unlock_irq(¤t->sigmask_lock);
1617 + if (((tmp + fcs) & 0xff) != 0xff) {
1618 + printk(KERN_WARNING "bt3c_cs: Checksum error in firmware.\n");
1623 - result = waitpid(pid, NULL, __WCLONE);
1624 + if (ptr[1] == '3') {
1625 + bt3c_address(iobase, addr);
1627 - /* Allow signals again */
1628 - spin_lock_irq(¤t->sigmask_lock);
1629 - current->blocked = tmpsig;
1630 - recalc_sigpending(current);
1631 - spin_unlock_irq(¤t->sigmask_lock);
1632 + memset(b, 0, sizeof(b));
1633 + for (i = 0; i < (size - 4) / 2; i++) {
1634 + memcpy(b, ptr + (i * 4) + 12, 4);
1635 + tmp = simple_strtol(b, NULL, 16);
1636 + bt3c_put(iobase, tmp);
1640 - if (result != pid) {
1641 - printk(KERN_WARNING "bt3c_cs: Waiting for pid %d failed (errno=%d).\n", pid, -result);
1643 + ptr += (size * 2) + 6;
1644 + count -= (size * 2) + 6;
1653 + bt3c_address(iobase, 0x3000);
1654 + outb(inb(iobase + CONTROL) | 0x40, iobase + CONTROL);
1656 -/* ======================== Card services HCI interaction ======================== */
1662 + bt3c_io_write(iobase, 0x7006, 0x0000);
1663 + bt3c_io_write(iobase, 0x7005, 0x0000);
1664 + bt3c_io_write(iobase, 0x7001, 0x0000);
1670 int bt3c_open(bt3c_info_t *info)
1672 + const struct firmware *firmware;
1674 struct hci_dev *hdev;
1677 @@ -570,8 +593,22 @@
1681 - if ((err = bt3c_firmware_load(info)) < 0)
1682 + snprintf(device, sizeof(device), "bt3c%4.4x", info->link.io.BasePort1);
1684 + err = request_firmware(&firmware, "BT3CPCC.bin", device);
1686 + printk(KERN_WARNING "bt3c_cs: Firmware request failed.\n");
1690 + err = bt3c_load_firmware(info, firmware->data, firmware->size);
1692 + release_firmware(firmware);
1695 + printk(KERN_WARNING "bt3c_cs: Firmware loading failed.\n");
1699 /* Timeout before it is safe to send the first HCI packet */
1703 struct hci_dev *hdev = &(info->hdev);
1705 + if (info->link.state & DEV_CONFIG_PENDING)
1708 bt3c_hci_close(hdev);
1710 if (hci_unregister_dev(hdev) < 0)
1711 diff -Nur c3000_pre/linux/drivers/bluetooth/btuart_cs.c c3000_work/linux/drivers/bluetooth/btuart_cs.c
1712 --- c3000_pre/linux/drivers/bluetooth/btuart_cs.c 1970-01-01 09:00:00.000000000 +0900
1713 +++ c3000_work/linux/drivers/bluetooth/btuart_cs.c 2004-12-16 23:01:14.000000000 +0900
1717 + * Driver for Bluetooth PCMCIA cards with HCI UART interface
1719 + * Copyright (C) 2001-2002 Marcel Holtmann <marcel@holtmann.org>
1722 + * This program is free software; you can redistribute it and/or modify
1723 + * it under the terms of the GNU General Public License version 2 as
1724 + * published by the Free Software Foundation;
1726 + * Software distributed under the License is distributed on an "AS
1727 + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
1728 + * implied. See the License for the specific language governing
1729 + * rights and limitations under the License.
1731 + * The initial developer of the original code is David A. Hinds
1732 + * <dahinds@users.sourceforge.net>. Portions created by David A. Hinds
1733 + * are Copyright (C) 1999 David A. Hinds. All Rights Reserved.
1737 +#include <linux/config.h>
1738 +#include <linux/module.h>
1740 +#include <linux/kernel.h>
1741 +#include <linux/init.h>
1742 +#include <linux/slab.h>
1743 +#include <linux/types.h>
1744 +#include <linux/sched.h>
1745 +#include <linux/timer.h>
1746 +#include <linux/errno.h>
1747 +#include <linux/ptrace.h>
1748 +#include <linux/ioport.h>
1749 +#include <linux/spinlock.h>
1751 +#include <linux/skbuff.h>
1752 +#include <linux/string.h>
1753 +#include <linux/serial.h>
1754 +#include <linux/serial_reg.h>
1755 +#include <asm/system.h>
1756 +#include <asm/bitops.h>
1757 +#include <asm/io.h>
1759 +#include <pcmcia/version.h>
1760 +#include <pcmcia/cs_types.h>
1761 +#include <pcmcia/cs.h>
1762 +#include <pcmcia/cistpl.h>
1763 +#include <pcmcia/ciscode.h>
1764 +#include <pcmcia/ds.h>
1765 +#include <pcmcia/cisreg.h>
1767 +#include <net/bluetooth/bluetooth.h>
1768 +#include <net/bluetooth/hci_core.h>
1772 +/* ======================== Module parameters ======================== */
1775 +/* Bit map of interrupts to choose from */
1776 +static u_int irq_mask = 0xffff;
1777 +static int irq_list[4] = { -1 };
1779 +MODULE_PARM(irq_mask, "i");
1780 +MODULE_PARM(irq_list, "1-4i");
1782 +MODULE_AUTHOR("Marcel Holtmann <marcel@holtmann.org>");
1783 +MODULE_DESCRIPTION("BlueZ driver for Bluetooth PCMCIA cards with HCI UART interface");
1784 +MODULE_LICENSE("GPL");
1788 +/* ======================== Local structures ======================== */
1791 +typedef struct btuart_info_t {
1795 + struct hci_dev hdev;
1797 + spinlock_t lock; /* For serializing operations */
1799 + struct sk_buff_head txq;
1800 + unsigned long tx_state;
1802 + unsigned long rx_state;
1803 + unsigned long rx_count;
1804 + struct sk_buff *rx_skb;
1808 +void btuart_config(dev_link_t *link);
1809 +void btuart_release(u_long arg);
1810 +int btuart_event(event_t event, int priority, event_callback_args_t *args);
1812 +static dev_info_t dev_info = "btuart_cs";
1814 +dev_link_t *btuart_attach(void);
1815 +void btuart_detach(dev_link_t *);
1817 +static dev_link_t *dev_list = NULL;
1820 +/* Maximum baud rate */
1821 +#define SPEED_MAX 115200
1823 +/* Default baud rate: 57600, 115200, 230400 or 460800 */
1824 +#define DEFAULT_BAUD_RATE 115200
1827 +/* Transmit states */
1828 +#define XMIT_SENDING 1
1829 +#define XMIT_WAKEUP 2
1830 +#define XMIT_WAITING 8
1832 +/* Receiver states */
1833 +#define RECV_WAIT_PACKET_TYPE 0
1834 +#define RECV_WAIT_EVENT_HEADER 1
1835 +#define RECV_WAIT_ACL_HEADER 2
1836 +#define RECV_WAIT_SCO_HEADER 3
1837 +#define RECV_WAIT_DATA 4
1841 +/* ======================== Interrupt handling ======================== */
1844 +static int btuart_write(unsigned int iobase, int fifo_size, __u8 *buf, int len)
1848 + /* Tx FIFO should be empty */
1849 + if (!(inb(iobase + UART_LSR) & UART_LSR_THRE))
1852 + /* Fill FIFO with current frame */
1853 + while ((fifo_size-- > 0) && (actual < len)) {
1854 + /* Transmit next byte */
1855 + outb(buf[actual], iobase + UART_TX);
1863 +static void btuart_write_wakeup(btuart_info_t *info)
1866 + printk(KERN_WARNING "btuart_cs: Call of write_wakeup for unknown device.\n");
1870 + if (test_and_set_bit(XMIT_SENDING, &(info->tx_state))) {
1871 + set_bit(XMIT_WAKEUP, &(info->tx_state));
1876 + register unsigned int iobase = info->link.io.BasePort1;
1877 + register struct sk_buff *skb;
1880 + clear_bit(XMIT_WAKEUP, &(info->tx_state));
1882 + if (!(info->link.state & DEV_PRESENT))
1885 + if (!(skb = skb_dequeue(&(info->txq))))
1889 + len = btuart_write(iobase, 16, skb->data, skb->len);
1890 + set_bit(XMIT_WAKEUP, &(info->tx_state));
1892 + if (len == skb->len) {
1895 + skb_pull(skb, len);
1896 + skb_queue_head(&(info->txq), skb);
1899 + info->hdev.stat.byte_tx += len;
1901 + } while (test_bit(XMIT_WAKEUP, &(info->tx_state)));
1903 + clear_bit(XMIT_SENDING, &(info->tx_state));
1907 +static void btuart_receive(btuart_info_t *info)
1909 + unsigned int iobase;
1910 + int boguscount = 0;
1913 + printk(KERN_WARNING "btuart_cs: Call of receive for unknown device.\n");
1917 + iobase = info->link.io.BasePort1;
1920 + info->hdev.stat.byte_rx++;
1922 + /* Allocate packet */
1923 + if (info->rx_skb == NULL) {
1924 + info->rx_state = RECV_WAIT_PACKET_TYPE;
1925 + info->rx_count = 0;
1926 + if (!(info->rx_skb = bluez_skb_alloc(HCI_MAX_FRAME_SIZE, GFP_ATOMIC))) {
1927 + printk(KERN_WARNING "btuart_cs: Can't allocate mem for new packet.\n");
1932 + if (info->rx_state == RECV_WAIT_PACKET_TYPE) {
1934 + info->rx_skb->dev = (void *)&(info->hdev);
1935 + info->rx_skb->pkt_type = inb(iobase + UART_RX);
1937 + switch (info->rx_skb->pkt_type) {
1939 + case HCI_EVENT_PKT:
1940 + info->rx_state = RECV_WAIT_EVENT_HEADER;
1941 + info->rx_count = HCI_EVENT_HDR_SIZE;
1944 + case HCI_ACLDATA_PKT:
1945 + info->rx_state = RECV_WAIT_ACL_HEADER;
1946 + info->rx_count = HCI_ACL_HDR_SIZE;
1949 + case HCI_SCODATA_PKT:
1950 + info->rx_state = RECV_WAIT_SCO_HEADER;
1951 + info->rx_count = HCI_SCO_HDR_SIZE;
1955 + /* Unknown packet */
1956 + printk(KERN_WARNING "btuart_cs: Unknown HCI packet with type 0x%02x received.\n", info->rx_skb->pkt_type);
1957 + info->hdev.stat.err_rx++;
1958 + clear_bit(HCI_RUNNING, &(info->hdev.flags));
1960 + kfree_skb(info->rx_skb);
1961 + info->rx_skb = NULL;
1968 + *skb_put(info->rx_skb, 1) = inb(iobase + UART_RX);
1971 + if (info->rx_count == 0) {
1974 + hci_event_hdr *eh;
1979 + switch (info->rx_state) {
1981 + case RECV_WAIT_EVENT_HEADER:
1982 + eh = (hci_event_hdr *)(info->rx_skb->data);
1983 + info->rx_state = RECV_WAIT_DATA;
1984 + info->rx_count = eh->plen;
1987 + case RECV_WAIT_ACL_HEADER:
1988 + ah = (hci_acl_hdr *)(info->rx_skb->data);
1989 + dlen = __le16_to_cpu(ah->dlen);
1990 + info->rx_state = RECV_WAIT_DATA;
1991 + info->rx_count = dlen;
1994 + case RECV_WAIT_SCO_HEADER:
1995 + sh = (hci_sco_hdr *)(info->rx_skb->data);
1996 + info->rx_state = RECV_WAIT_DATA;
1997 + info->rx_count = sh->dlen;
2000 + case RECV_WAIT_DATA:
2001 + hci_recv_frame(info->rx_skb);
2002 + info->rx_skb = NULL;
2011 + /* Make sure we don't stay here to long */
2012 + if (boguscount++ > 16)
2015 + } while (inb(iobase + UART_LSR) & UART_LSR_DR);
2019 +void btuart_interrupt(int irq, void *dev_inst, struct pt_regs *regs)
2021 + btuart_info_t *info = dev_inst;
2022 + unsigned int iobase;
2023 + int boguscount = 0;
2027 + printk(KERN_WARNING "btuart_cs: Call of irq %d for unknown device.\n", irq);
2031 + iobase = info->link.io.BasePort1;
2033 + spin_lock(&(info->lock));
2035 + iir = inb(iobase + UART_IIR) & UART_IIR_ID;
2038 + /* Clear interrupt */
2039 + lsr = inb(iobase + UART_LSR);
2042 + case UART_IIR_RLSI:
2043 + printk(KERN_NOTICE "btuart_cs: RLSI\n");
2045 + case UART_IIR_RDI:
2046 + /* Receive interrupt */
2047 + btuart_receive(info);
2049 + case UART_IIR_THRI:
2050 + if (lsr & UART_LSR_THRE) {
2051 + /* Transmitter ready for data */
2052 + btuart_write_wakeup(info);
2056 + printk(KERN_NOTICE "btuart_cs: Unhandled IIR=%#x\n", iir);
2060 + /* Make sure we don't stay here to long */
2061 + if (boguscount++ > 100)
2064 + iir = inb(iobase + UART_IIR) & UART_IIR_ID;
2068 + spin_unlock(&(info->lock));
2072 +static void btuart_change_speed(btuart_info_t *info, unsigned int speed)
2074 + unsigned long flags;
2075 + unsigned int iobase;
2076 + int fcr; /* FIFO control reg */
2077 + int lcr; /* Line control reg */
2081 + printk(KERN_WARNING "btuart_cs: Call of change speed for unknown device.\n");
2085 + iobase = info->link.io.BasePort1;
2087 + spin_lock_irqsave(&(info->lock), flags);
2089 + /* Turn off interrupts */
2090 + outb(0, iobase + UART_IER);
2092 + divisor = SPEED_MAX / speed;
2094 + fcr = UART_FCR_ENABLE_FIFO | UART_FCR_CLEAR_RCVR | UART_FCR_CLEAR_XMIT;
2097 + * Use trigger level 1 to avoid 3 ms. timeout delay at 9600 bps, and
2098 + * almost 1,7 ms at 19200 bps. At speeds above that we can just forget
2099 + * about this timeout since it will always be fast enough.
2102 + if (speed < 38400)
2103 + fcr |= UART_FCR_TRIGGER_1;
2105 + fcr |= UART_FCR_TRIGGER_14;
2107 + /* Bluetooth cards use 8N1 */
2108 + lcr = UART_LCR_WLEN8;
2110 + outb(UART_LCR_DLAB | lcr, iobase + UART_LCR); /* Set DLAB */
2111 + outb(divisor & 0xff, iobase + UART_DLL); /* Set speed */
2112 + outb(divisor >> 8, iobase + UART_DLM);
2113 + outb(lcr, iobase + UART_LCR); /* Set 8N1 */
2114 + outb(fcr, iobase + UART_FCR); /* Enable FIFO's */
2116 + /* Turn on interrups */
2117 + outb(UART_IER_RLSI | UART_IER_RDI | UART_IER_THRI, iobase + UART_IER);
2119 + spin_unlock_irqrestore(&(info->lock), flags);
2124 +/* ======================== HCI interface ======================== */
2127 +static int btuart_hci_flush(struct hci_dev *hdev)
2129 + btuart_info_t *info = (btuart_info_t *)(hdev->driver_data);
2131 + /* Drop TX queue */
2132 + skb_queue_purge(&(info->txq));
2138 +static int btuart_hci_open(struct hci_dev *hdev)
2140 + set_bit(HCI_RUNNING, &(hdev->flags));
2146 +static int btuart_hci_close(struct hci_dev *hdev)
2148 + if (!test_and_clear_bit(HCI_RUNNING, &(hdev->flags)))
2151 + btuart_hci_flush(hdev);
2157 +static int btuart_hci_send_frame(struct sk_buff *skb)
2159 + btuart_info_t *info;
2160 + struct hci_dev *hdev = (struct hci_dev *)(skb->dev);
2163 + printk(KERN_WARNING "btuart_cs: Frame for unknown HCI device (hdev=NULL).");
2167 + info = (btuart_info_t *)(hdev->driver_data);
2169 + switch (skb->pkt_type) {
2170 + case HCI_COMMAND_PKT:
2171 + hdev->stat.cmd_tx++;
2173 + case HCI_ACLDATA_PKT:
2174 + hdev->stat.acl_tx++;
2176 + case HCI_SCODATA_PKT:
2177 + hdev->stat.sco_tx++;
2181 + /* Prepend skb with frame type */
2182 + memcpy(skb_push(skb, 1), &(skb->pkt_type), 1);
2183 + skb_queue_tail(&(info->txq), skb);
2185 + btuart_write_wakeup(info);
2191 +static void btuart_hci_destruct(struct hci_dev *hdev)
2196 +static int btuart_hci_ioctl(struct hci_dev *hdev, unsigned int cmd, unsigned long arg)
2198 + return -ENOIOCTLCMD;
2203 +/* ======================== Card services HCI interaction ======================== */
2206 +int btuart_open(btuart_info_t *info)
2208 + unsigned long flags;
2209 + unsigned int iobase = info->link.io.BasePort1;
2210 + struct hci_dev *hdev;
2212 + spin_lock_init(&(info->lock));
2214 + skb_queue_head_init(&(info->txq));
2216 + info->rx_state = RECV_WAIT_PACKET_TYPE;
2217 + info->rx_count = 0;
2218 + info->rx_skb = NULL;
2220 + spin_lock_irqsave(&(info->lock), flags);
2223 + outb(0, iobase + UART_MCR);
2225 + /* Turn off interrupts */
2226 + outb(0, iobase + UART_IER);
2228 + /* Initialize UART */
2229 + outb(UART_LCR_WLEN8, iobase + UART_LCR); /* Reset DLAB */
2230 + outb((UART_MCR_DTR | UART_MCR_RTS | UART_MCR_OUT2), iobase + UART_MCR);
2232 + /* Turn on interrupts */
2233 + // outb(UART_IER_RLSI | UART_IER_RDI | UART_IER_THRI, iobase + UART_IER);
2235 + spin_unlock_irqrestore(&(info->lock), flags);
2237 + btuart_change_speed(info, DEFAULT_BAUD_RATE);
2239 + /* Timeout before it is safe to send the first HCI packet */
2240 + set_current_state(TASK_INTERRUPTIBLE);
2241 + schedule_timeout(HZ);
2244 + /* Initialize and register HCI device */
2246 + hdev = &(info->hdev);
2248 + hdev->type = HCI_PCCARD;
2249 + hdev->driver_data = info;
2251 + hdev->open = btuart_hci_open;
2252 + hdev->close = btuart_hci_close;
2253 + hdev->flush = btuart_hci_flush;
2254 + hdev->send = btuart_hci_send_frame;
2255 + hdev->destruct = btuart_hci_destruct;
2256 + hdev->ioctl = btuart_hci_ioctl;
2258 + if (hci_register_dev(hdev) < 0) {
2259 + printk(KERN_WARNING "btuart_cs: Can't register HCI device %s.\n", hdev->name);
2267 +int btuart_close(btuart_info_t *info)
2269 + unsigned long flags;
2270 + unsigned int iobase = info->link.io.BasePort1;
2271 + struct hci_dev *hdev = &(info->hdev);
2273 + if (info->link.state & DEV_CONFIG_PENDING)
2276 + btuart_hci_close(hdev);
2278 + spin_lock_irqsave(&(info->lock), flags);
2281 + outb(0, iobase + UART_MCR);
2283 + /* Turn off interrupts */
2284 + outb(0, iobase + UART_IER);
2286 + spin_unlock_irqrestore(&(info->lock), flags);
2288 + if (hci_unregister_dev(hdev) < 0)
2289 + printk(KERN_WARNING "btuart_cs: Can't unregister HCI device %s.\n", hdev->name);
2296 +/* ======================== Card services ======================== */
2299 +static void cs_error(client_handle_t handle, int func, int ret)
2301 + error_info_t err = { func, ret };
2303 + CardServices(ReportError, handle, &err);
2307 +dev_link_t *btuart_attach(void)
2309 + btuart_info_t *info;
2310 + client_reg_t client_reg;
2314 + /* Create new info device */
2315 + info = kmalloc(sizeof(*info), GFP_KERNEL);
2318 + memset(info, 0, sizeof(*info));
2320 + link = &info->link;
2321 + link->priv = info;
2323 + link->release.function = &btuart_release;
2324 + link->release.data = (u_long)link;
2325 + link->io.Attributes1 = IO_DATA_PATH_WIDTH_8;
2326 + link->io.NumPorts1 = 8;
2327 + link->irq.Attributes = IRQ_TYPE_EXCLUSIVE | IRQ_HANDLE_PRESENT;
2328 + link->irq.IRQInfo1 = IRQ_INFO2_VALID | IRQ_LEVEL_ID;
2330 + if (irq_list[0] == -1)
2331 + link->irq.IRQInfo2 = irq_mask;
2333 + for (i = 0; i < 4; i++)
2334 + link->irq.IRQInfo2 |= 1 << irq_list[i];
2336 + link->irq.Handler = btuart_interrupt;
2337 + link->irq.Instance = info;
2339 + link->conf.Attributes = CONF_ENABLE_IRQ;
2340 + link->conf.Vcc = 50;
2341 + link->conf.IntType = INT_MEMORY_AND_IO;
2343 + /* Register with Card Services */
2344 + link->next = dev_list;
2346 + client_reg.dev_info = &dev_info;
2347 + client_reg.Attributes = INFO_IO_CLIENT | INFO_CARD_SHARE;
2348 + client_reg.EventMask =
2349 + CS_EVENT_CARD_INSERTION | CS_EVENT_CARD_REMOVAL |
2350 + CS_EVENT_RESET_PHYSICAL | CS_EVENT_CARD_RESET |
2351 + CS_EVENT_PM_SUSPEND | CS_EVENT_PM_RESUME;
2352 + client_reg.event_handler = &btuart_event;
2353 + client_reg.Version = 0x0210;
2354 + client_reg.event_callback_args.client_data = link;
2356 + ret = CardServices(RegisterClient, &link->handle, &client_reg);
2357 + if (ret != CS_SUCCESS) {
2358 + cs_error(link->handle, RegisterClient, ret);
2359 + btuart_detach(link);
2367 +void btuart_detach(dev_link_t *link)
2369 + btuart_info_t *info = link->priv;
2370 + dev_link_t **linkp;
2373 + /* Locate device structure */
2374 + for (linkp = &dev_list; *linkp; linkp = &(*linkp)->next)
2375 + if (*linkp == link)
2378 + if (*linkp == NULL)
2381 + del_timer(&link->release);
2382 + if (link->state & DEV_CONFIG)
2383 + btuart_release((u_long)link);
2385 + if (link->handle) {
2386 + ret = CardServices(DeregisterClient, link->handle);
2387 + if (ret != CS_SUCCESS)
2388 + cs_error(link->handle, DeregisterClient, ret);
2391 + /* Unlink device structure, free bits */
2392 + *linkp = link->next;
2398 +static int get_tuple(int fn, client_handle_t handle, tuple_t *tuple, cisparse_t *parse)
2402 + i = CardServices(fn, handle, tuple);
2403 + if (i != CS_SUCCESS)
2404 + return CS_NO_MORE_ITEMS;
2406 + i = CardServices(GetTupleData, handle, tuple);
2407 + if (i != CS_SUCCESS)
2410 + return CardServices(ParseTuple, handle, tuple, parse);
2414 +#define first_tuple(a, b, c) get_tuple(GetFirstTuple, a, b, c)
2415 +#define next_tuple(a, b, c) get_tuple(GetNextTuple, a, b, c)
2417 +void btuart_config(dev_link_t *link)
2419 + static ioaddr_t base[5] = { 0x3f8, 0x2f8, 0x3e8, 0x2e8, 0x0 };
2420 + client_handle_t handle = link->handle;
2421 + btuart_info_t *info = link->priv;
2425 + cistpl_cftable_entry_t *cf = &parse.cftable_entry;
2426 + config_info_t config;
2427 + int i, j, try, last_ret, last_fn;
2429 + tuple.TupleData = (cisdata_t *)buf;
2430 + tuple.TupleOffset = 0;
2431 + tuple.TupleDataMax = 255;
2432 + tuple.Attributes = 0;
2434 + /* Get configuration register information */
2435 + tuple.DesiredTuple = CISTPL_CONFIG;
2436 + last_ret = first_tuple(handle, &tuple, &parse);
2437 + if (last_ret != CS_SUCCESS) {
2438 + last_fn = ParseTuple;
2441 + link->conf.ConfigBase = parse.config.base;
2442 + link->conf.Present = parse.config.rmask[0];
2444 + /* Configure card */
2445 + link->state |= DEV_CONFIG;
2446 + i = CardServices(GetConfigurationInfo, handle, &config);
2447 + link->conf.Vcc = config.Vcc;
2449 + /* First pass: look for a config entry that looks normal. */
2450 + tuple.TupleData = (cisdata_t *) buf;
2451 + tuple.TupleOffset = 0;
2452 + tuple.TupleDataMax = 255;
2453 + tuple.Attributes = 0;
2454 + tuple.DesiredTuple = CISTPL_CFTABLE_ENTRY;
2455 + /* Two tries: without IO aliases, then with aliases */
2456 + for (try = 0; try < 2; try++) {
2457 + i = first_tuple(handle, &tuple, &parse);
2458 + while (i != CS_NO_MORE_ITEMS) {
2459 + if (i != CS_SUCCESS)
2461 + if (cf->vpp1.present & (1 << CISTPL_POWER_VNOM))
2462 + link->conf.Vpp1 = link->conf.Vpp2 = cf->vpp1.param[CISTPL_POWER_VNOM] / 10000;
2463 + if ((cf->io.nwin > 0) && (cf->io.win[0].len == 8) && (cf->io.win[0].base != 0)) {
2464 + link->conf.ConfigIndex = cf->index;
2465 + link->io.BasePort1 = cf->io.win[0].base;
2466 + link->io.IOAddrLines = (try == 0) ? 16 : cf->io.flags & CISTPL_IO_LINES_MASK;
2467 + i = CardServices(RequestIO, link->handle, &link->io);
2468 + if (i == CS_SUCCESS)
2472 + i = next_tuple(handle, &tuple, &parse);
2476 + /* Second pass: try to find an entry that isn't picky about
2477 + its base address, then try to grab any standard serial port
2478 + address, and finally try to get any free port. */
2479 + i = first_tuple(handle, &tuple, &parse);
2480 + while (i != CS_NO_MORE_ITEMS) {
2481 + if ((i == CS_SUCCESS) && (cf->io.nwin > 0)
2482 + && ((cf->io.flags & CISTPL_IO_LINES_MASK) <= 3)) {
2483 + link->conf.ConfigIndex = cf->index;
2484 + for (j = 0; j < 5; j++) {
2485 + link->io.BasePort1 = base[j];
2486 + link->io.IOAddrLines = base[j] ? 16 : 3;
2487 + i = CardServices(RequestIO, link->handle, &link->io);
2488 + if (i == CS_SUCCESS)
2492 + i = next_tuple(handle, &tuple, &parse);
2496 + if (i != CS_SUCCESS) {
2497 + printk(KERN_NOTICE "btuart_cs: No usable port range found. Giving up.\n");
2498 + cs_error(link->handle, RequestIO, i);
2502 + i = CardServices(RequestIRQ, link->handle, &link->irq);
2503 + if (i != CS_SUCCESS) {
2504 + cs_error(link->handle, RequestIRQ, i);
2505 + link->irq.AssignedIRQ = 0;
2508 + i = CardServices(RequestConfiguration, link->handle, &link->conf);
2509 + if (i != CS_SUCCESS) {
2510 + cs_error(link->handle, RequestConfiguration, i);
2514 + MOD_INC_USE_COUNT;
2516 + if (btuart_open(info) != 0)
2519 + strcpy(info->node.dev_name, info->hdev.name);
2520 + link->dev = &info->node;
2521 + link->state &= ~DEV_CONFIG_PENDING;
2526 + cs_error(link->handle, last_fn, last_ret);
2529 + btuart_release((u_long) link);
2533 +void btuart_release(u_long arg)
2535 + dev_link_t *link = (dev_link_t *)arg;
2536 + btuart_info_t *info = link->priv;
2538 + if (link->state & DEV_PRESENT)
2539 + btuart_close(info);
2541 + MOD_DEC_USE_COUNT;
2545 + CardServices(ReleaseConfiguration, link->handle);
2546 + CardServices(ReleaseIO, link->handle, &link->io);
2547 + CardServices(ReleaseIRQ, link->handle, &link->irq);
2549 + link->state &= ~DEV_CONFIG;
2553 +int btuart_event(event_t event, int priority, event_callback_args_t *args)
2555 + dev_link_t *link = args->client_data;
2556 + btuart_info_t *info = link->priv;
2559 + case CS_EVENT_CARD_REMOVAL:
2560 + link->state &= ~DEV_PRESENT;
2561 + if (link->state & DEV_CONFIG) {
2562 + btuart_close(info);
2563 + mod_timer(&link->release, jiffies + HZ / 20);
2566 + case CS_EVENT_CARD_INSERTION:
2567 + link->state |= DEV_PRESENT | DEV_CONFIG_PENDING;
2568 + btuart_config(link);
2570 + case CS_EVENT_PM_SUSPEND:
2571 + link->state |= DEV_SUSPEND;
2572 + /* Fall through... */
2573 + case CS_EVENT_RESET_PHYSICAL:
2574 + if (link->state & DEV_CONFIG)
2575 + CardServices(ReleaseConfiguration, link->handle);
2577 + case CS_EVENT_PM_RESUME:
2578 + link->state &= ~DEV_SUSPEND;
2579 + /* Fall through... */
2580 + case CS_EVENT_CARD_RESET:
2582 + CardServices(RequestConfiguration, link->handle, &link->conf);
2591 +/* ======================== Module initialization ======================== */
2594 +int __init init_btuart_cs(void)
2599 + CardServices(GetCardServicesInfo, &serv);
2600 + if (serv.Revision != CS_RELEASE_CODE) {
2601 + printk(KERN_NOTICE "btuart_cs: Card Services release does not match!\n");
2605 + err = register_pccard_driver(&dev_info, &btuart_attach, &btuart_detach);
2611 +void __exit exit_btuart_cs(void)
2613 + unregister_pccard_driver(&dev_info);
2615 + while (dev_list != NULL)
2616 + btuart_detach(dev_list);
2620 +module_init(init_btuart_cs);
2621 +module_exit(exit_btuart_cs);
2624 diff -Nur c3000_pre/linux/drivers/bluetooth/dtl1_cs.c c3000_work/linux/drivers/bluetooth/dtl1_cs.c
2625 --- c3000_pre/linux/drivers/bluetooth/dtl1_cs.c 2004-08-21 09:48:24.000000000 +0900
2626 +++ c3000_work/linux/drivers/bluetooth/dtl1_cs.c 2004-12-16 23:01:14.000000000 +0900
2628 unsigned int iobase = info->link.io.BasePort1;
2629 struct hci_dev *hdev = &(info->hdev);
2631 + if (info->link.state & DEV_CONFIG_PENDING)
2634 dtl1_hci_close(hdev);
2636 spin_lock_irqsave(&(info->lock), flags);
2637 diff -Nur c3000_pre/linux/drivers/bluetooth/hci_bcsp.c c3000_work/linux/drivers/bluetooth/hci_bcsp.c
2638 --- c3000_pre/linux/drivers/bluetooth/hci_bcsp.c 1970-01-01 09:00:00.000000000 +0900
2639 +++ c3000_work/linux/drivers/bluetooth/hci_bcsp.c 2004-12-16 23:01:14.000000000 +0900
2642 + BlueCore Serial Protocol (BCSP) for Linux Bluetooth stack (BlueZ).
2643 + Copyright 2002 by Fabrizio Gennari <fabrizio.gennari@philips.com>
2646 + hci_h4.c by Maxim Krasnyansky <maxk@qualcomm.com>
2647 + ABCSP by Carl Orsborn <cjo@csr.com>
2649 + This program is free software; you can redistribute it and/or modify
2650 + it under the terms of the GNU General Public License version 2 as
2651 + published by the Free Software Foundation;
2653 + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
2654 + OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
2655 + FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
2656 + IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
2657 + CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
2658 + WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
2659 + ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
2660 + OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
2662 + ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
2663 + COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
2664 + SOFTWARE IS DISCLAIMED.
2668 + * $Id: hci_bcsp.c,v 1.2 2002/09/26 05:05:14 maxk Exp $
2671 +#define VERSION "0.1"
2673 +#include <linux/config.h>
2674 +#include <linux/module.h>
2676 +#include <linux/version.h>
2677 +#include <linux/kernel.h>
2678 +#include <linux/init.h>
2679 +#include <linux/sched.h>
2680 +#include <linux/types.h>
2681 +#include <linux/fcntl.h>
2682 +#include <linux/interrupt.h>
2683 +#include <linux/ptrace.h>
2684 +#include <linux/poll.h>
2686 +#include <linux/slab.h>
2687 +#include <linux/tty.h>
2688 +#include <linux/errno.h>
2689 +#include <linux/string.h>
2690 +#include <linux/signal.h>
2691 +#include <linux/ioctl.h>
2692 +#include <linux/skbuff.h>
2694 +#include <net/bluetooth/bluetooth.h>
2695 +#include <net/bluetooth/hci_core.h>
2696 +#include "hci_uart.h"
2697 +#include "hci_bcsp.h"
2699 +#ifndef HCI_UART_DEBUG
2701 +#define BT_DBG( A... )
2703 +#define BT_DMP( A... )
2706 +/* ---- BCSP CRC calculation ---- */
2708 +/* Table for calculating CRC for polynomial 0x1021, LSB processed first,
2709 +initial value 0xffff, bits shifted in reverse order. */
2711 +static const u16 crc_table[] = {
2712 + 0x0000, 0x1081, 0x2102, 0x3183,
2713 + 0x4204, 0x5285, 0x6306, 0x7387,
2714 + 0x8408, 0x9489, 0xa50a, 0xb58b,
2715 + 0xc60c, 0xd68d, 0xe70e, 0xf78f
2718 +/* Initialise the crc calculator */
2719 +#define BCSP_CRC_INIT(x) x = 0xffff
2722 + Update crc with next data byte
2724 + Implementation note
2725 + The data byte is treated as two nibbles. The crc is generated
2726 + in reverse, i.e., bits are fed into the register from the top.
2728 +static void bcsp_crc_update(u16 *crc, u8 d)
2732 + reg = (reg >> 4) ^ crc_table[(reg ^ d) & 0x000f];
2733 + reg = (reg >> 4) ^ crc_table[(reg ^ (d >> 4)) & 0x000f];
2739 + Get reverse of generated crc
2741 + Implementation note
2742 + The crc generator (bcsp_crc_init() and bcsp_crc_update())
2743 + creates a reversed crc, so it needs to be swapped back before
2746 +static u16 bcsp_crc_reverse(u16 crc)
2750 + for (b = 0, rev = 0; b < 16; b++) {
2758 +/* ---- BCSP core ---- */
2760 +static void bcsp_slip_msgdelim(struct sk_buff *skb)
2762 + const char pkt_delim = 0xc0;
2763 + memcpy(skb_put(skb, 1), &pkt_delim, 1);
2766 +static void bcsp_slip_one_byte(struct sk_buff *skb, u8 c)
2768 + const char esc_c0[2] = { 0xdb, 0xdc };
2769 + const char esc_db[2] = { 0xdb, 0xdd };
2773 + memcpy(skb_put(skb, 2), &esc_c0, 2);
2776 + memcpy(skb_put(skb, 2), &esc_db, 2);
2779 + memcpy(skb_put(skb, 1), &c, 1);
2783 +static int bcsp_enqueue(struct hci_uart *hu, struct sk_buff *skb)
2785 + struct bcsp_struct *bcsp = hu->priv;
2787 + if (skb->len > 0xFFF) {
2788 + BT_ERR("Packet too long");
2793 + switch (skb->pkt_type) {
2794 + case HCI_ACLDATA_PKT:
2795 + case HCI_COMMAND_PKT:
2796 + skb_queue_tail(&bcsp->rel, skb);
2799 + case HCI_SCODATA_PKT:
2800 + skb_queue_tail(&bcsp->unrel, skb);
2804 + BT_ERR("Unknown packet type");
2811 +static struct sk_buff *bcsp_prepare_pkt(struct bcsp_struct *bcsp, u8 *data,
2812 + int len, int pkt_type)
2814 + struct sk_buff *nskb;
2818 +#ifdef CONFIG_BLUEZ_HCIUART_BCSP_TXCRC
2819 + u16 BCSP_CRC_INIT(bcsp_txmsg_crc);
2822 + switch (pkt_type) {
2823 + case HCI_ACLDATA_PKT:
2824 + chan = 6; /* BCSP ACL channel */
2825 + rel = 1; /* reliable channel */
2827 + case HCI_COMMAND_PKT:
2828 + chan = 5; /* BCSP cmd/evt channel */
2829 + rel = 1; /* reliable channel */
2831 + case HCI_SCODATA_PKT:
2832 + chan = 7; /* BCSP SCO channel */
2833 + rel = 0; /* unreliable channel */
2836 + chan = 1; /* BCSP LE channel */
2837 + rel = 0; /* unreliable channel */
2839 + case BCSP_ACK_PKT:
2840 + chan = 0; /* BCSP internal channel */
2841 + rel = 0; /* unreliable channel */
2844 + BT_ERR("Unknown packet type");
2848 + /* Max len of packet: (original len +4(bcsp hdr) +2(crc))*2
2849 + (because bytes 0xc0 and 0xdb are escaped, worst case is
2850 + when the packet is all made of 0xc0 and 0xdb :) )
2851 + + 2 (0xc0 delimiters at start and end). */
2853 + nskb = alloc_skb((len + 6) * 2 + 2, GFP_ATOMIC);
2857 + nskb->pkt_type = pkt_type;
2859 + bcsp_slip_msgdelim(nskb);
2861 + hdr[0] = bcsp->rxseq_txack << 3;
2862 + bcsp->txack_req = 0;
2863 + BT_DBG("We request packet no %u to card", bcsp->rxseq_txack);
2866 + hdr[0] |= 0x80 + bcsp->msgq_txseq;
2867 + BT_DBG("Sending packet with seqno %u", bcsp->msgq_txseq);
2868 + bcsp->msgq_txseq = ++(bcsp->msgq_txseq) & 0x07;
2870 +#ifdef CONFIG_BLUEZ_HCIUART_BCSP_TXCRC
2874 + hdr[1] = (len << 4) & 0xFF;
2876 + hdr[2] = len >> 4;
2877 + hdr[3] = ~(hdr[0] + hdr[1] + hdr[2]);
2879 + /* Put BCSP header */
2880 + for (i = 0; i < 4; i++) {
2881 + bcsp_slip_one_byte(nskb, hdr[i]);
2882 +#ifdef CONFIG_BLUEZ_HCIUART_BCSP_TXCRC
2883 + bcsp_crc_update(&bcsp_txmsg_crc, hdr[i]);
2888 + for (i = 0; i < len; i++) {
2889 + bcsp_slip_one_byte(nskb, data[i]);
2890 +#ifdef CONFIG_BLUEZ_HCIUART_BCSP_TXCRC
2891 + bcsp_crc_update(&bcsp_txmsg_crc, data[i]);
2895 +#ifdef CONFIG_BLUEZ_HCIUART_BCSP_TXCRC
2897 + bcsp_txmsg_crc = bcsp_crc_reverse(bcsp_txmsg_crc);
2898 + bcsp_slip_one_byte(nskb, (u8) ((bcsp_txmsg_crc >> 8) & 0x00ff));
2899 + bcsp_slip_one_byte(nskb, (u8) (bcsp_txmsg_crc & 0x00ff));
2902 + bcsp_slip_msgdelim(nskb);
2906 +/* This is a rewrite of pkt_avail in ABCSP */
2907 +static struct sk_buff *bcsp_dequeue(struct hci_uart *hu)
2909 + struct bcsp_struct *bcsp = (struct bcsp_struct *) hu->priv;
2910 + unsigned long flags;
2911 + struct sk_buff *skb;
2913 + /* First of all, check for unreliable messages in the queue,
2914 + since they have priority */
2916 + if ((skb = skb_dequeue(&bcsp->unrel)) != NULL) {
2917 + struct sk_buff *nskb = bcsp_prepare_pkt(bcsp, skb->data, skb->len, skb->pkt_type);
2922 + skb_queue_head(&bcsp->unrel, skb);
2923 + BT_ERR("Could not dequeue pkt because alloc_skb failed");
2927 + /* Now, try to send a reliable pkt. We can only send a
2928 + reliable packet if the number of packets sent but not yet ack'ed
2929 + is < than the winsize */
2931 + spin_lock_irqsave(&bcsp->unack.lock, flags);
2933 + if (bcsp->unack.qlen < BCSP_TXWINSIZE && (skb = skb_dequeue(&bcsp->rel)) != NULL) {
2934 + struct sk_buff *nskb = bcsp_prepare_pkt(bcsp, skb->data, skb->len, skb->pkt_type);
2936 + __skb_queue_tail(&bcsp->unack, skb);
2937 + mod_timer(&bcsp->tbcsp, jiffies + HZ / 4);
2938 + spin_unlock_irqrestore(&bcsp->unack.lock, flags);
2941 + skb_queue_head(&bcsp->rel, skb);
2942 + BT_ERR("Could not dequeue pkt because alloc_skb failed");
2946 + spin_unlock_irqrestore(&bcsp->unack.lock, flags);
2949 + /* We could not send a reliable packet, either because there are
2950 + none or because there are too many unack'ed pkts. Did we receive
2951 + any packets we have not acknowledged yet ? */
2953 + if (bcsp->txack_req) {
2954 + /* if so, craft an empty ACK pkt and send it on BCSP unreliable
2956 + struct sk_buff *nskb = bcsp_prepare_pkt(bcsp, NULL, 0, BCSP_ACK_PKT);
2960 + /* We have nothing to send */
2964 +static int bcsp_flush(struct hci_uart *hu)
2966 + BT_DBG("hu %p", hu);
2970 +/* Remove ack'ed packets */
2971 +static void bcsp_pkt_cull(struct bcsp_struct *bcsp)
2973 + unsigned long flags;
2974 + struct sk_buff *skb;
2975 + int i, pkts_to_be_removed;
2978 + spin_lock_irqsave(&bcsp->unack.lock, flags);
2980 + pkts_to_be_removed = bcsp->unack.qlen;
2981 + seqno = bcsp->msgq_txseq;
2983 + while (pkts_to_be_removed) {
2984 + if (bcsp->rxack == seqno)
2986 + pkts_to_be_removed--;
2987 + seqno = (seqno - 1) & 0x07;
2990 + if (bcsp->rxack != seqno)
2991 + BT_ERR("Peer acked invalid packet");
2993 + BT_DBG("Removing %u pkts out of %u, up to seqno %u",
2994 + pkts_to_be_removed, bcsp->unack.qlen, (seqno - 1) & 0x07);
2996 + for (i = 0, skb = ((struct sk_buff *) &bcsp->unack)->next; i < pkts_to_be_removed
2997 + && skb != (struct sk_buff *) &bcsp->unack; i++) {
2998 + struct sk_buff *nskb;
3001 + __skb_unlink(skb, &bcsp->unack);
3005 + if (bcsp->unack.qlen == 0)
3006 + del_timer(&bcsp->tbcsp);
3007 + spin_unlock_irqrestore(&bcsp->unack.lock, flags);
3009 + if (i != pkts_to_be_removed)
3010 + BT_ERR("Removed only %u out of %u pkts", i, pkts_to_be_removed);
3013 +/* Handle BCSP link-establishment packets. When we
3014 + detect a "sync" packet, symptom that the BT module has reset,
3015 + we do nothing :) (yet) */
3016 +static void bcsp_handle_le_pkt(struct hci_uart *hu)
3018 + struct bcsp_struct *bcsp = hu->priv;
3019 + u8 conf_pkt[4] = { 0xad, 0xef, 0xac, 0xed };
3020 + u8 conf_rsp_pkt[4] = { 0xde, 0xad, 0xd0, 0xd0 };
3021 + u8 sync_pkt[4] = { 0xda, 0xdc, 0xed, 0xed };
3023 + /* spot "conf" pkts and reply with a "conf rsp" pkt */
3024 + if (bcsp->rx_skb->data[1] >> 4 == 4 && bcsp->rx_skb->data[2] == 0 &&
3025 + !memcmp(&bcsp->rx_skb->data[4], conf_pkt, 4)) {
3026 + struct sk_buff *nskb = alloc_skb(4, GFP_ATOMIC);
3028 + BT_DBG("Found a LE conf pkt");
3031 + memcpy(skb_put(nskb, 4), conf_rsp_pkt, 4);
3032 + nskb->pkt_type = BCSP_LE_PKT;
3034 + skb_queue_head(&bcsp->unrel, nskb);
3035 + hci_uart_tx_wakeup(hu);
3037 + /* Spot "sync" pkts. If we find one...disaster! */
3038 + else if (bcsp->rx_skb->data[1] >> 4 == 4 && bcsp->rx_skb->data[2] == 0 &&
3039 + !memcmp(&bcsp->rx_skb->data[4], sync_pkt, 4)) {
3040 + BT_ERR("Found a LE sync pkt, card has reset");
3044 +static inline void bcsp_unslip_one_byte(struct bcsp_struct *bcsp, unsigned char byte)
3046 + const u8 c0 = 0xc0, db = 0xdb;
3048 + switch (bcsp->rx_esc_state) {
3049 + case BCSP_ESCSTATE_NOESC:
3052 + bcsp->rx_esc_state = BCSP_ESCSTATE_ESC;
3055 + memcpy(skb_put(bcsp->rx_skb, 1), &byte, 1);
3056 + if ((bcsp->rx_skb-> data[0] & 0x40) != 0 &&
3057 + bcsp->rx_state != BCSP_W4_CRC)
3058 + bcsp_crc_update(&bcsp->message_crc, byte);
3063 + case BCSP_ESCSTATE_ESC:
3066 + memcpy(skb_put(bcsp->rx_skb, 1), &c0, 1);
3067 + if ((bcsp->rx_skb-> data[0] & 0x40) != 0 &&
3068 + bcsp->rx_state != BCSP_W4_CRC)
3069 + bcsp_crc_update(&bcsp-> message_crc, 0xc0);
3070 + bcsp->rx_esc_state = BCSP_ESCSTATE_NOESC;
3075 + memcpy(skb_put(bcsp->rx_skb, 1), &db, 1);
3076 + if ((bcsp->rx_skb-> data[0] & 0x40) != 0 &&
3077 + bcsp->rx_state != BCSP_W4_CRC)
3078 + bcsp_crc_update(&bcsp-> message_crc, 0xdb);
3079 + bcsp->rx_esc_state = BCSP_ESCSTATE_NOESC;
3084 + BT_ERR ("Invalid byte %02x after esc byte", byte);
3085 + kfree_skb(bcsp->rx_skb);
3086 + bcsp->rx_skb = NULL;
3087 + bcsp->rx_state = BCSP_W4_PKT_DELIMITER;
3088 + bcsp->rx_count = 0;
3093 +static inline void bcsp_complete_rx_pkt(struct hci_uart *hu)
3095 + struct bcsp_struct *bcsp = hu->priv;
3098 + if (bcsp->rx_skb->data[0] & 0x80) { /* reliable pkt */
3099 + BT_DBG("Received seqno %u from card", bcsp->rxseq_txack);
3100 + bcsp->rxseq_txack++;
3101 + bcsp->rxseq_txack %= 0x8;
3102 + bcsp->txack_req = 1;
3104 + /* If needed, transmit an ack pkt */
3105 + hci_uart_tx_wakeup(hu);
3108 + bcsp->rxack = (bcsp->rx_skb->data[0] >> 3) & 0x07;
3109 + BT_DBG("Request for pkt %u from card", bcsp->rxack);
3111 + bcsp_pkt_cull(bcsp);
3112 + if ((bcsp->rx_skb->data[1] & 0x0f) == 6 &&
3113 + bcsp->rx_skb->data[0] & 0x80) {
3114 + bcsp->rx_skb->pkt_type = HCI_ACLDATA_PKT;
3116 + } else if ((bcsp->rx_skb->data[1] & 0x0f) == 5 &&
3117 + bcsp->rx_skb->data[0] & 0x80) {
3118 + bcsp->rx_skb->pkt_type = HCI_EVENT_PKT;
3120 + } else if ((bcsp->rx_skb->data[1] & 0x0f) == 7) {
3121 + bcsp->rx_skb->pkt_type = HCI_SCODATA_PKT;
3123 + } else if ((bcsp->rx_skb->data[1] & 0x0f) == 1 &&
3124 + !(bcsp->rx_skb->data[0] & 0x80)) {
3125 + bcsp_handle_le_pkt(hu);
3131 + if ((bcsp->rx_skb->data[1] & 0x0f) != 0 &&
3132 + (bcsp->rx_skb->data[1] & 0x0f) != 1) {
3133 + BT_ERR ("Packet for unknown channel (%u %s)",
3134 + bcsp->rx_skb->data[1] & 0x0f,
3135 + bcsp->rx_skb->data[0] & 0x80 ?
3136 + "reliable" : "unreliable");
3138 + kfree_skb(bcsp->rx_skb);
3140 + /* Pull out BCSP hdr */
3141 + skb_pull(bcsp->rx_skb, 4);
3143 + hci_recv_frame(bcsp->rx_skb);
3145 + bcsp->rx_state = BCSP_W4_PKT_DELIMITER;
3146 + bcsp->rx_skb = NULL;
3150 +static int bcsp_recv(struct hci_uart *hu, void *data, int count)
3152 + struct bcsp_struct *bcsp = hu->priv;
3153 + register unsigned char *ptr;
3155 + BT_DBG("hu %p count %d rx_state %ld rx_count %ld",
3156 + hu, count, bcsp->rx_state, bcsp->rx_count);
3160 + if (bcsp->rx_count) {
3161 + if (*ptr == 0xc0) {
3162 + BT_ERR("Short BCSP packet");
3163 + kfree_skb(bcsp->rx_skb);
3164 + bcsp->rx_state = BCSP_W4_PKT_START;
3165 + bcsp->rx_count = 0;
3167 + bcsp_unslip_one_byte(bcsp, *ptr);
3173 + switch (bcsp->rx_state) {
3174 + case BCSP_W4_BCSP_HDR:
3175 + if ((0xff & (u8) ~ (bcsp->rx_skb->data[0] + bcsp->rx_skb->data[1] +
3176 + bcsp->rx_skb->data[2])) != bcsp->rx_skb->data[3]) {
3177 + BT_ERR("Error in BCSP hdr checksum");
3178 + kfree_skb(bcsp->rx_skb);
3179 + bcsp->rx_state = BCSP_W4_PKT_DELIMITER;
3180 + bcsp->rx_count = 0;
3183 + if (bcsp->rx_skb->data[0] & 0x80 /* reliable pkt */
3184 + && (bcsp->rx_skb->data[0] & 0x07) != bcsp->rxseq_txack) {
3185 + BT_ERR ("Out-of-order packet arrived, got %u expected %u",
3186 + bcsp->rx_skb->data[0] & 0x07, bcsp->rxseq_txack);
3188 + kfree_skb(bcsp->rx_skb);
3189 + bcsp->rx_state = BCSP_W4_PKT_DELIMITER;
3190 + bcsp->rx_count = 0;
3193 + bcsp->rx_state = BCSP_W4_DATA;
3194 + bcsp->rx_count = (bcsp->rx_skb->data[1] >> 4) +
3195 + (bcsp->rx_skb->data[2] << 4); /* May be 0 */
3198 + case BCSP_W4_DATA:
3199 + if (bcsp->rx_skb->data[0] & 0x40) { /* pkt with crc */
3200 + bcsp->rx_state = BCSP_W4_CRC;
3201 + bcsp->rx_count = 2;
3203 + bcsp_complete_rx_pkt(hu);
3207 + if (bcsp_crc_reverse(bcsp->message_crc) !=
3208 + (bcsp->rx_skb->data[bcsp->rx_skb->len - 2] << 8) +
3209 + bcsp->rx_skb->data[bcsp->rx_skb->len - 1]) {
3211 + BT_ERR ("Checksum failed: computed %04x received %04x",
3212 + bcsp_crc_reverse(bcsp->message_crc),
3213 + (bcsp->rx_skb-> data[bcsp->rx_skb->len - 2] << 8) +
3214 + bcsp->rx_skb->data[bcsp->rx_skb->len - 1]);
3216 + kfree_skb(bcsp->rx_skb);
3217 + bcsp->rx_state = BCSP_W4_PKT_DELIMITER;
3218 + bcsp->rx_count = 0;
3221 + skb_trim(bcsp->rx_skb, bcsp->rx_skb->len - 2);
3222 + bcsp_complete_rx_pkt(hu);
3225 + case BCSP_W4_PKT_DELIMITER:
3228 + bcsp->rx_state = BCSP_W4_PKT_START;
3231 + /*BT_ERR("Ignoring byte %02x", *ptr);*/
3237 + case BCSP_W4_PKT_START:
3244 + bcsp->rx_state = BCSP_W4_BCSP_HDR;
3245 + bcsp->rx_count = 4;
3246 + bcsp->rx_esc_state = BCSP_ESCSTATE_NOESC;
3247 + BCSP_CRC_INIT(bcsp->message_crc);
3249 + /* Do not increment ptr or decrement count
3250 + * Allocate packet. Max len of a BCSP pkt=
3251 + * 0xFFF (payload) +4 (header) +2 (crc) */
3253 + bcsp->rx_skb = bluez_skb_alloc(0x1005, GFP_ATOMIC);
3254 + if (!bcsp->rx_skb) {
3255 + BT_ERR("Can't allocate mem for new packet");
3256 + bcsp->rx_state = BCSP_W4_PKT_DELIMITER;
3257 + bcsp->rx_count = 0;
3260 + bcsp->rx_skb->dev = (void *) &hu->hdev;
3269 + /* Arrange to retransmit all messages in the relq. */
3270 +static void bcsp_timed_event(unsigned long arg)
3272 + struct hci_uart *hu = (struct hci_uart *) arg;
3273 + struct bcsp_struct *bcsp = (struct bcsp_struct *) hu->priv;
3274 + struct sk_buff *skb;
3275 + unsigned long flags;
3277 + BT_DBG("hu %p retransmitting %u pkts", hu, bcsp->unack.qlen);
3279 + spin_lock_irqsave(&bcsp->unack.lock, flags);
3281 + while ((skb = __skb_dequeue_tail(&bcsp->unack)) != NULL) {
3282 + bcsp->msgq_txseq = (bcsp->msgq_txseq - 1) & 0x07;
3283 + skb_queue_head(&bcsp->rel, skb);
3286 + spin_unlock_irqrestore(&bcsp->unack.lock, flags);
3288 + hci_uart_tx_wakeup(hu);
3291 +static int bcsp_open(struct hci_uart *hu)
3293 + struct bcsp_struct *bcsp;
3295 + BT_DBG("hu %p", hu);
3297 + bcsp = kmalloc(sizeof(*bcsp), GFP_ATOMIC);
3300 + memset(bcsp, 0, sizeof(*bcsp));
3303 + skb_queue_head_init(&bcsp->unack);
3304 + skb_queue_head_init(&bcsp->rel);
3305 + skb_queue_head_init(&bcsp->unrel);
3307 + init_timer(&bcsp->tbcsp);
3308 + bcsp->tbcsp.function = bcsp_timed_event;
3309 + bcsp->tbcsp.data = (u_long) hu;
3311 + bcsp->rx_state = BCSP_W4_PKT_DELIMITER;
3316 +static int bcsp_close(struct hci_uart *hu)
3318 + struct bcsp_struct *bcsp = hu->priv;
3321 + BT_DBG("hu %p", hu);
3323 + skb_queue_purge(&bcsp->unack);
3324 + skb_queue_purge(&bcsp->rel);
3325 + skb_queue_purge(&bcsp->unrel);
3326 + del_timer(&bcsp->tbcsp);
3332 +static struct hci_uart_proto bcsp = {
3333 + id: HCI_UART_BCSP,
3335 + close: bcsp_close,
3336 + enqueue: bcsp_enqueue,
3337 + dequeue: bcsp_dequeue,
3342 +int bcsp_init(void)
3344 + return hci_uart_register_proto(&bcsp);
3347 +int bcsp_deinit(void)
3349 + return hci_uart_unregister_proto(&bcsp);
3351 diff -Nur c3000_pre/linux/drivers/bluetooth/hci_bcsp.h c3000_work/linux/drivers/bluetooth/hci_bcsp.h
3352 --- c3000_pre/linux/drivers/bluetooth/hci_bcsp.h 1970-01-01 09:00:00.000000000 +0900
3353 +++ c3000_work/linux/drivers/bluetooth/hci_bcsp.h 2004-12-16 23:01:14.000000000 +0900
3356 + BlueCore Serial Protocol (BCSP) for Linux Bluetooth stack (BlueZ).
3357 + Copyright 2002 by Fabrizio Gennari <fabrizio.gennari@philips.com>
3360 + hci_h4.c by Maxim Krasnyansky <maxk@qualcomm.com>
3361 + ABCSP by Carl Orsborn <cjo@csr.com>
3363 + This program is free software; you can redistribute it and/or modify
3364 + it under the terms of the GNU General Public License version 2 as
3365 + published by the Free Software Foundation;
3367 + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
3368 + OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
3369 + FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
3370 + IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
3371 + CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
3372 + WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
3373 + ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
3374 + OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3376 + ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
3377 + COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
3378 + SOFTWARE IS DISCLAIMED.
3382 + * $Id: hci_bcsp.h,v 1.2 2002/09/26 05:05:14 maxk Exp $
3385 +#ifndef __HCI_BCSP_H__
3386 +#define __HCI_BCSP_H__
3388 +#define BCSP_TXWINSIZE 4
3390 +#define BCSP_ACK_PKT 0x05
3391 +#define BCSP_LE_PKT 0x06
3393 +struct bcsp_struct {
3394 + struct sk_buff_head unack; /* Unack'ed packets queue */
3395 + struct sk_buff_head rel; /* Reliable packets queue */
3396 + struct sk_buff_head unrel; /* Unreliable packets queue */
3398 + unsigned long rx_count;
3399 + struct sk_buff *rx_skb;
3400 + u8 rxseq_txack; /* rxseq == txack. */
3401 + u8 rxack; /* Last packet sent by us that the peer ack'ed */
3402 + struct timer_list tbcsp;
3405 + BCSP_W4_PKT_DELIMITER,
3406 + BCSP_W4_PKT_START,
3413 + BCSP_ESCSTATE_NOESC,
3418 + u8 txack_req; /* Do we need to send ack's to the peer? */
3420 + /* Reliable packet sequence number - used to assign seq to each rel pkt. */
3424 +#endif /* __HCI_BCSP_H__ */
3425 diff -Nur c3000_pre/linux/drivers/bluetooth/hci_h4.c c3000_work/linux/drivers/bluetooth/hci_h4.c
3426 --- c3000_pre/linux/drivers/bluetooth/hci_h4.c 2004-08-21 09:48:24.000000000 +0900
3427 +++ c3000_work/linux/drivers/bluetooth/hci_h4.c 2004-12-16 23:01:14.000000000 +0900
3430 * BlueZ HCI UART(H4) protocol.
3432 - * $Id: hci_h4.c,v 1.2 2002/04/17 17:37:20 maxk Exp $
3433 + * $Id: hci_h4.c,v 1.3 2002/09/09 01:17:32 maxk Exp $
3435 -#define VERSION "1.1"
3436 +#define VERSION "1.2"
3438 #include <linux/config.h>
3439 #include <linux/module.h>
3441 #include <linux/version.h>
3442 -#include <linux/config.h>
3443 #include <linux/kernel.h>
3444 #include <linux/init.h>
3445 #include <linux/sched.h>
3449 /* Initialize protocol */
3450 -static int h4_open(struct n_hci *n_hci)
3451 +static int h4_open(struct hci_uart *hu)
3453 struct h4_struct *h4;
3455 - BT_DBG("n_hci %p", n_hci);
3456 + BT_DBG("hu %p", hu);
3458 h4 = kmalloc(sizeof(*h4), GFP_ATOMIC);
3461 memset(h4, 0, sizeof(*h4));
3464 + skb_queue_head_init(&h4->txq);
3470 /* Flush protocol data */
3471 -static int h4_flush(struct n_hci *n_hci)
3472 +static int h4_flush(struct hci_uart *hu)
3474 - BT_DBG("n_hci %p", n_hci);
3475 + struct h4_struct *h4 = hu->priv;
3477 + BT_DBG("hu %p", hu);
3478 + skb_queue_purge(&h4->txq);
3482 /* Close protocol */
3483 -static int h4_close(struct n_hci *n_hci)
3484 +static int h4_close(struct hci_uart *hu)
3486 - struct h4_struct *h4 = n_hci->priv;
3487 - n_hci->priv = NULL;
3488 + struct h4_struct *h4 = hu->priv;
3491 - BT_DBG("n_hci %p", n_hci);
3492 + BT_DBG("hu %p", hu);
3494 + skb_queue_purge(&h4->txq);
3496 kfree_skb(h4->rx_skb);
3504 -static int h4_send(struct n_hci *n_hci, void *data, int len)
3505 +/* Enqueue frame for transmittion (padding, crc, etc) */
3506 +static int h4_enqueue(struct hci_uart *hu, struct sk_buff *skb)
3508 - struct tty_struct *tty = n_hci->tty;
3510 - BT_DBG("n_hci %p len %d", n_hci, len);
3511 + struct h4_struct *h4 = hu->priv;
3513 - /* Send frame to TTY driver */
3514 - tty->flags |= (1 << TTY_DO_WRITE_WAKEUP);
3515 - return tty->driver.write(tty, 0, data, len);
3518 -/* Init frame before queueing (padding, crc, etc) */
3519 -static struct sk_buff* h4_preq(struct n_hci *n_hci, struct sk_buff *skb)
3521 - BT_DBG("n_hci %p skb %p", n_hci, skb);
3522 + BT_DBG("hu %p skb %p", hu, skb);
3524 /* Prepend skb with frame type */
3525 memcpy(skb_push(skb, 1), &skb->pkt_type, 1);
3527 + skb_queue_tail(&h4->txq, skb);
3531 static inline int h4_check_data_len(struct h4_struct *h4, int len)
3533 BT_DMP(h4->rx_skb->data, h4->rx_skb->len);
3534 hci_recv_frame(h4->rx_skb);
3535 } else if (len > room) {
3536 - BT_ERR("Data length is to large");
3537 + BT_ERR("Data length is too large");
3538 kfree_skb(h4->rx_skb);
3540 h4->rx_state = H4_W4_DATA;
3541 @@ -147,16 +144,17 @@
3545 -static int h4_recv(struct n_hci *n_hci, void *data, int count)
3546 +static int h4_recv(struct hci_uart *hu, void *data, int count)
3548 - struct h4_struct *h4 = n_hci->priv;
3549 + struct h4_struct *h4 = hu->priv;
3554 register int len, type, dlen;
3556 - BT_DBG("n_hci %p count %d rx_state %ld rx_count %ld", n_hci, count, h4->rx_state, h4->rx_count);
3557 + BT_DBG("hu %p count %d rx_state %ld rx_count %ld",
3558 + hu, count, h4->rx_state, h4->rx_count);
3564 h4_check_data_len(h4, sh->dlen);
3570 /* H4_W4_PACKET_TYPE */
3574 BT_ERR("Unknown HCI packet type %2.2x", (__u8)*ptr);
3575 - n_hci->hdev.stat.err_rx++;
3576 + hu->hdev.stat.err_rx++;
3580 @@ -246,20 +244,26 @@
3584 - h4->rx_skb->dev = (void *) &n_hci->hdev;
3585 + h4->rx_skb->dev = (void *) &hu->hdev;
3586 h4->rx_skb->pkt_type = type;
3591 +static struct sk_buff *h4_dequeue(struct hci_uart *hu)
3593 + struct h4_struct *h4 = hu->priv;
3594 + return skb_dequeue(&h4->txq);
3597 static struct hci_uart_proto h4p = {
3609 + enqueue: h4_enqueue,
3610 + dequeue: h4_dequeue,
3615 diff -Nur c3000_pre/linux/drivers/bluetooth/hci_h4.h c3000_work/linux/drivers/bluetooth/hci_h4.h
3616 --- c3000_pre/linux/drivers/bluetooth/hci_h4.h 2004-08-21 09:48:24.000000000 +0900
3617 +++ c3000_work/linux/drivers/bluetooth/hci_h4.h 2004-12-16 23:01:14.000000000 +0900
3622 - * $Id: hci_h4.h,v 1.1.1.1 2002/03/08 21:03:15 maxk Exp $
3623 + * $Id: hci_h4.h,v 1.2 2002/09/09 01:17:32 maxk Exp $
3628 unsigned long rx_state;
3629 unsigned long rx_count;
3630 struct sk_buff *rx_skb;
3631 + struct sk_buff_head txq;
3634 /* H4 receiver States */
3635 diff -Nur c3000_pre/linux/drivers/bluetooth/hci_ldisc.c c3000_work/linux/drivers/bluetooth/hci_ldisc.c
3636 --- c3000_pre/linux/drivers/bluetooth/hci_ldisc.c 2004-08-21 09:48:24.000000000 +0900
3637 +++ c3000_work/linux/drivers/bluetooth/hci_ldisc.c 2004-12-16 23:01:14.000000000 +0900
3640 * BlueZ HCI UART driver.
3642 - * $Id: hci_ldisc.c,v 1.2 2002/04/17 17:37:20 maxk Exp $
3643 + * $Id: hci_ldisc.c,v 1.5 2002/10/02 18:37:20 maxk Exp $
3645 -#define VERSION "2.0"
3646 +#define VERSION "2.1"
3648 #include <linux/config.h>
3649 #include <linux/module.h>
3654 -static struct hci_uart_proto *n_hci_get_proto(unsigned int id)
3655 +static struct hci_uart_proto *hci_uart_get_proto(unsigned int id)
3657 if (id >= HCI_UART_MAX_PROTO)
3662 +static inline void hci_uart_tx_complete(struct hci_uart *hu, int pkt_type)
3664 + struct hci_dev *hdev = &hu->hdev;
3666 + /* Update HCI stat counters */
3667 + switch (pkt_type) {
3668 + case HCI_COMMAND_PKT:
3669 + hdev->stat.cmd_tx++;
3672 + case HCI_ACLDATA_PKT:
3673 + hdev->stat.acl_tx++;
3676 + case HCI_SCODATA_PKT:
3677 + hdev->stat.cmd_tx++;
3682 +static inline struct sk_buff *hci_uart_dequeue(struct hci_uart *hu)
3684 + struct sk_buff *skb = hu->tx_skb;
3686 + skb = hu->proto->dequeue(hu);
3688 + hu->tx_skb = NULL;
3692 +int hci_uart_tx_wakeup(struct hci_uart *hu)
3694 + struct tty_struct *tty = hu->tty;
3695 + struct hci_dev *hdev = &hu->hdev;
3696 + struct sk_buff *skb;
3698 + if (test_and_set_bit(HCI_UART_SENDING, &hu->tx_state)) {
3699 + set_bit(HCI_UART_TX_WAKEUP, &hu->tx_state);
3706 + clear_bit(HCI_UART_TX_WAKEUP, &hu->tx_state);
3708 + while ((skb = hci_uart_dequeue(hu))) {
3711 + set_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
3712 + len = tty->driver.write(tty, 0, skb->data, skb->len);
3713 + hdev->stat.byte_tx += len;
3715 + skb_pull(skb, len);
3721 + hci_uart_tx_complete(hu, skb->pkt_type);
3725 + if (test_bit(HCI_UART_TX_WAKEUP, &hu->tx_state))
3728 + clear_bit(HCI_UART_SENDING, &hu->tx_state);
3732 /* ------- Interface to HCI layer ------ */
3733 /* Initialize device */
3734 -static int n_hci_open(struct hci_dev *hdev)
3735 +static int hci_uart_open(struct hci_dev *hdev)
3737 BT_DBG("%s %p", hdev->name, hdev);
3739 @@ -107,15 +177,16 @@
3743 -static int n_hci_flush(struct hci_dev *hdev)
3744 +static int hci_uart_flush(struct hci_dev *hdev)
3746 - struct n_hci *n_hci = (struct n_hci *) hdev->driver_data;
3747 - struct tty_struct *tty = n_hci->tty;
3748 + struct hci_uart *hu = (struct hci_uart *) hdev->driver_data;
3749 + struct tty_struct *tty = hu->tty;
3751 BT_DBG("hdev %p tty %p", hdev, tty);
3753 - /* Drop TX queue */
3754 - skb_queue_purge(&n_hci->txq);
3756 + kfree_skb(hu->tx_skb); hu->tx_skb = NULL;
3759 /* Flush any pending characters in the driver and discipline. */
3760 if (tty->ldisc.flush_buffer)
3761 @@ -124,80 +195,30 @@
3762 if (tty->driver.flush_buffer)
3763 tty->driver.flush_buffer(tty);
3765 - if (n_hci->proto->flush)
3766 - n_hci->proto->flush(n_hci);
3767 + if (test_bit(HCI_UART_PROTO_SET, &hu->flags))
3768 + hu->proto->flush(hu);
3774 -static int n_hci_close(struct hci_dev *hdev)
3775 +static int hci_uart_close(struct hci_dev *hdev)
3777 BT_DBG("hdev %p", hdev);
3779 if (!test_and_clear_bit(HCI_RUNNING, &hdev->flags))
3782 - n_hci_flush(hdev);
3786 -static int n_hci_tx_wakeup(struct n_hci *n_hci)
3788 - struct hci_dev *hdev = &n_hci->hdev;
3790 - if (test_and_set_bit(N_HCI_SENDING, &n_hci->tx_state)) {
3791 - set_bit(N_HCI_TX_WAKEUP, &n_hci->tx_state);
3797 - register struct sk_buff *skb;
3800 - clear_bit(N_HCI_TX_WAKEUP, &n_hci->tx_state);
3802 - if (!(skb = skb_dequeue(&n_hci->txq)))
3805 - len = n_hci->proto->send(n_hci, skb->data, skb->len);
3806 - n_hci->hdev.stat.byte_tx += len;
3808 - if (len == skb->len) {
3809 - /* Complete frame was sent */
3811 - switch (skb->pkt_type) {
3812 - case HCI_COMMAND_PKT:
3813 - hdev->stat.cmd_tx++;
3816 - case HCI_ACLDATA_PKT:
3817 - hdev->stat.acl_tx++;
3820 - case HCI_SCODATA_PKT:
3821 - hdev->stat.cmd_tx++;
3827 - /* Subtract sent part and requeue */
3828 - skb_pull(skb, len);
3829 - skb_queue_head(&n_hci->txq, skb);
3831 - } while (test_bit(N_HCI_TX_WAKEUP, &n_hci->tx_state));
3832 - clear_bit(N_HCI_SENDING, &n_hci->tx_state);
3833 + hci_uart_flush(hdev);
3837 /* Send frames from HCI layer */
3838 -static int n_hci_send_frame(struct sk_buff *skb)
3839 +static int hci_uart_send_frame(struct sk_buff *skb)
3841 struct hci_dev* hdev = (struct hci_dev *) skb->dev;
3842 struct tty_struct *tty;
3843 - struct n_hci *n_hci;
3844 + struct hci_uart *hu;
3847 BT_ERR("Frame for uknown device (hdev=NULL)");
3848 @@ -207,66 +228,60 @@
3849 if (!test_bit(HCI_RUNNING, &hdev->flags))
3852 - n_hci = (struct n_hci *) hdev->driver_data;
3854 + hu = (struct hci_uart *) hdev->driver_data;
3857 BT_DBG("%s: type %d len %d", hdev->name, skb->pkt_type, skb->len);
3859 - if (n_hci->proto->preq) {
3860 - skb = n_hci->proto->preq(n_hci, skb);
3865 - skb_queue_tail(&n_hci->txq, skb);
3866 - n_hci_tx_wakeup(n_hci);
3867 + hu->proto->enqueue(hu, skb);
3869 + hci_uart_tx_wakeup(hu);
3873 -static void n_hci_destruct(struct hci_dev *hdev)
3874 +static void hci_uart_destruct(struct hci_dev *hdev)
3876 - struct n_hci *n_hci;
3877 + struct hci_uart *hu;
3881 BT_DBG("%s", hdev->name);
3883 - n_hci = (struct n_hci *) hdev->driver_data;
3885 + hu = (struct hci_uart *) hdev->driver_data;
3891 /* ------ LDISC part ------ */
3893 +/* hci_uart_tty_open
3895 - * Called when line discipline changed to N_HCI.
3896 + * Called when line discipline changed to HCI_UART.
3899 * tty pointer to tty info structure
3901 * 0 if success, otherwise error code
3903 -static int n_hci_tty_open(struct tty_struct *tty)
3904 +static int hci_uart_tty_open(struct tty_struct *tty)
3906 - struct n_hci *n_hci = (void *)tty->disc_data;
3907 + struct hci_uart *hu = (void *) tty->disc_data;
3909 BT_DBG("tty %p", tty);
3915 - if (!(n_hci = kmalloc(sizeof(struct n_hci), GFP_KERNEL))) {
3916 + if (!(hu = kmalloc(sizeof(struct hci_uart), GFP_KERNEL))) {
3917 BT_ERR("Can't allocate controll structure");
3920 - memset(n_hci, 0, sizeof(struct n_hci));
3921 + memset(hu, 0, sizeof(struct hci_uart));
3923 - tty->disc_data = n_hci;
3925 + tty->disc_data = hu;
3928 - spin_lock_init(&n_hci->rx_lock);
3929 - skb_queue_head_init(&n_hci->txq);
3930 + spin_lock_init(&hu->rx_lock);
3932 /* Flush any pending characters in the driver and line discipline */
3933 if (tty->ldisc.flush_buffer)
3934 @@ -279,34 +294,34 @@
3938 -/* n_hci_tty_close()
3939 +/* hci_uart_tty_close()
3941 * Called when the line discipline is changed to something
3942 * else, the tty is closed, or the tty detects a hangup.
3944 -static void n_hci_tty_close(struct tty_struct *tty)
3945 +static void hci_uart_tty_close(struct tty_struct *tty)
3947 - struct n_hci *n_hci = (void *)tty->disc_data;
3948 + struct hci_uart *hu = (void *)tty->disc_data;
3950 BT_DBG("tty %p", tty);
3952 /* Detach from the tty */
3953 tty->disc_data = NULL;
3956 - struct hci_dev *hdev = &n_hci->hdev;
3957 - n_hci_close(hdev);
3959 + struct hci_dev *hdev = &hu->hdev;
3960 + hci_uart_close(hdev);
3962 - if (test_and_clear_bit(N_HCI_PROTO_SET, &n_hci->flags)) {
3963 - n_hci->proto->close(n_hci);
3964 + if (test_and_clear_bit(HCI_UART_PROTO_SET, &hu->flags)) {
3965 + hu->proto->close(hu);
3966 hci_unregister_dev(hdev);
3974 -/* n_hci_tty_wakeup()
3975 +/* hci_uart_tty_wakeup()
3977 * Callback for transmit wakeup. Called when low level
3978 * device driver can accept more send data.
3979 @@ -314,24 +329,25 @@
3980 * Arguments: tty pointer to associated tty instance data
3981 * Return Value: None
3983 -static void n_hci_tty_wakeup( struct tty_struct *tty )
3984 +static void hci_uart_tty_wakeup(struct tty_struct *tty)
3986 - struct n_hci *n_hci = (void *)tty->disc_data;
3987 + struct hci_uart *hu = (void *)tty->disc_data;
3995 - tty->flags &= ~(1 << TTY_DO_WRITE_WAKEUP);
3996 + clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
3998 - if (tty != n_hci->tty)
3999 + if (tty != hu->tty)
4002 - n_hci_tx_wakeup(n_hci);
4003 + if (test_bit(HCI_UART_PROTO_SET, &hu->flags))
4004 + hci_uart_tx_wakeup(hu);
4007 -/* n_hci_tty_room()
4008 +/* hci_uart_tty_room()
4010 * Callback function from tty driver. Return the amount of
4011 * space left in the receiver's buffer to decide if remote
4012 @@ -340,12 +356,12 @@
4013 * Arguments: tty pointer to associated tty instance data
4014 * Return Value: number of bytes left in receive buffer
4016 -static int n_hci_tty_room (struct tty_struct *tty)
4017 +static int hci_uart_tty_room (struct tty_struct *tty)
4022 -/* n_hci_tty_receive()
4023 +/* hci_uart_tty_receive()
4025 * Called by tty low level driver when receive data is
4027 @@ -357,42 +373,42 @@
4029 * Return Value: None
4031 -static void n_hci_tty_receive(struct tty_struct *tty, const __u8 * data, char *flags, int count)
4032 +static void hci_uart_tty_receive(struct tty_struct *tty, const __u8 *data, char *flags, int count)
4034 - struct n_hci *n_hci = (void *)tty->disc_data;
4035 + struct hci_uart *hu = (void *)tty->disc_data;
4037 - if (!n_hci || tty != n_hci->tty)
4038 + if (!hu || tty != hu->tty)
4041 - if (!test_bit(N_HCI_PROTO_SET, &n_hci->flags))
4042 + if (!test_bit(HCI_UART_PROTO_SET, &hu->flags))
4045 - spin_lock(&n_hci->rx_lock);
4046 - n_hci->proto->recv(n_hci, (void *) data, count);
4047 - n_hci->hdev.stat.byte_rx += count;
4048 - spin_unlock(&n_hci->rx_lock);
4049 + spin_lock(&hu->rx_lock);
4050 + hu->proto->recv(hu, (void *) data, count);
4051 + hu->hdev.stat.byte_rx += count;
4052 + spin_unlock(&hu->rx_lock);
4054 if (test_and_clear_bit(TTY_THROTTLED,&tty->flags) && tty->driver.unthrottle)
4055 tty->driver.unthrottle(tty);
4058 -static int n_hci_register_dev(struct n_hci *n_hci)
4059 +static int hci_uart_register_dev(struct hci_uart *hu)
4061 struct hci_dev *hdev;
4065 /* Initialize and register HCI device */
4066 - hdev = &n_hci->hdev;
4069 hdev->type = HCI_UART;
4070 - hdev->driver_data = n_hci;
4071 + hdev->driver_data = hu;
4073 - hdev->open = n_hci_open;
4074 - hdev->close = n_hci_close;
4075 - hdev->flush = n_hci_flush;
4076 - hdev->send = n_hci_send_frame;
4077 - hdev->destruct = n_hci_destruct;
4078 + hdev->open = hci_uart_open;
4079 + hdev->close = hci_uart_close;
4080 + hdev->flush = hci_uart_flush;
4081 + hdev->send = hci_uart_send_frame;
4082 + hdev->destruct = hci_uart_destruct;
4084 if (hci_register_dev(hdev) < 0) {
4085 BT_ERR("Can't register HCI device %s", hdev->name);
4086 @@ -402,30 +418,30 @@
4090 -static int n_hci_set_proto(struct n_hci *n_hci, int id)
4091 +static int hci_uart_set_proto(struct hci_uart *hu, int id)
4093 struct hci_uart_proto *p;
4096 - p = n_hci_get_proto(id);
4097 + p = hci_uart_get_proto(id);
4099 return -EPROTONOSUPPORT;
4101 - err = p->open(n_hci);
4102 + err = p->open(hu);
4109 - err = n_hci_register_dev(n_hci);
4110 + err = hci_uart_register_dev(hu);
4119 -/* n_hci_tty_ioctl()
4120 +/* hci_uart_tty_ioctl()
4122 * Process IOCTL system call for the tty device.
4124 @@ -438,24 +454,24 @@
4126 * Return Value: Command dependent
4128 -static int n_hci_tty_ioctl(struct tty_struct *tty, struct file * file,
4129 +static int hci_uart_tty_ioctl(struct tty_struct *tty, struct file * file,
4130 unsigned int cmd, unsigned long arg)
4132 - struct n_hci *n_hci = (void *)tty->disc_data;
4133 + struct hci_uart *hu = (void *)tty->disc_data;
4138 /* Verify the status of the device */
4144 case HCIUARTSETPROTO:
4145 - if (!test_and_set_bit(N_HCI_PROTO_SET, &n_hci->flags)) {
4146 - err = n_hci_set_proto(n_hci, arg);
4147 + if (!test_and_set_bit(HCI_UART_PROTO_SET, &hu->flags)) {
4148 + err = hci_uart_set_proto(hu, arg);
4150 - clear_bit(N_HCI_PROTO_SET, &n_hci->flags);
4151 + clear_bit(HCI_UART_PROTO_SET, &hu->flags);
4154 tty->low_latency = 1;
4158 case HCIUARTGETPROTO:
4159 - if (test_bit(N_HCI_PROTO_SET, &n_hci->flags))
4160 - return n_hci->proto->id;
4161 + if (test_bit(HCI_UART_PROTO_SET, &hu->flags))
4162 + return hu->proto->id;
4166 @@ -478,15 +494,15 @@
4168 * We don't provide read/write/poll interface for user space.
4170 -static ssize_t n_hci_tty_read(struct tty_struct *tty, struct file *file, unsigned char *buf, size_t nr)
4171 +static ssize_t hci_uart_tty_read(struct tty_struct *tty, struct file *file, unsigned char *buf, size_t nr)
4175 -static ssize_t n_hci_tty_write(struct tty_struct *tty, struct file *file, const unsigned char *data, size_t count)
4176 +static ssize_t hci_uart_tty_write(struct tty_struct *tty, struct file *file, const unsigned char *data, size_t count)
4180 -static unsigned int n_hci_tty_poll(struct tty_struct *tty, struct file *filp, poll_table *wait)
4181 +static unsigned int hci_uart_tty_poll(struct tty_struct *tty, struct file *filp, poll_table *wait)
4185 @@ -495,10 +511,14 @@
4187 int h4_deinit(void);
4189 +#ifdef CONFIG_BLUEZ_HCIUART_BCSP
4190 +int bcsp_init(void);
4191 +int bcsp_deinit(void);
4194 -int __init n_hci_init(void)
4195 +int __init hci_uart_init(void)
4197 - static struct tty_ldisc n_hci_ldisc;
4198 + static struct tty_ldisc hci_uart_ldisc;
4201 BT_INFO("BlueZ HCI UART driver ver %s Copyright (C) 2000,2001 Qualcomm Inc",
4202 @@ -507,20 +527,20 @@
4204 /* Register the tty discipline */
4206 - memset(&n_hci_ldisc, 0, sizeof (n_hci_ldisc));
4207 - n_hci_ldisc.magic = TTY_LDISC_MAGIC;
4208 - n_hci_ldisc.name = "n_hci";
4209 - n_hci_ldisc.open = n_hci_tty_open;
4210 - n_hci_ldisc.close = n_hci_tty_close;
4211 - n_hci_ldisc.read = n_hci_tty_read;
4212 - n_hci_ldisc.write = n_hci_tty_write;
4213 - n_hci_ldisc.ioctl = n_hci_tty_ioctl;
4214 - n_hci_ldisc.poll = n_hci_tty_poll;
4215 - n_hci_ldisc.receive_room= n_hci_tty_room;
4216 - n_hci_ldisc.receive_buf = n_hci_tty_receive;
4217 - n_hci_ldisc.write_wakeup= n_hci_tty_wakeup;
4218 + memset(&hci_uart_ldisc, 0, sizeof (hci_uart_ldisc));
4219 + hci_uart_ldisc.magic = TTY_LDISC_MAGIC;
4220 + hci_uart_ldisc.name = "n_hci";
4221 + hci_uart_ldisc.open = hci_uart_tty_open;
4222 + hci_uart_ldisc.close = hci_uart_tty_close;
4223 + hci_uart_ldisc.read = hci_uart_tty_read;
4224 + hci_uart_ldisc.write = hci_uart_tty_write;
4225 + hci_uart_ldisc.ioctl = hci_uart_tty_ioctl;
4226 + hci_uart_ldisc.poll = hci_uart_tty_poll;
4227 + hci_uart_ldisc.receive_room= hci_uart_tty_room;
4228 + hci_uart_ldisc.receive_buf = hci_uart_tty_receive;
4229 + hci_uart_ldisc.write_wakeup= hci_uart_tty_wakeup;
4231 - if ((err = tty_register_ldisc(N_HCI, &n_hci_ldisc))) {
4232 + if ((err = tty_register_ldisc(N_HCI, &hci_uart_ldisc))) {
4233 BT_ERR("Can't register HCI line discipline (%d)", err);
4236 @@ -528,25 +548,31 @@
4237 #ifdef CONFIG_BLUEZ_HCIUART_H4
4240 +#ifdef CONFIG_BLUEZ_HCIUART_BCSP
4247 -void n_hci_cleanup(void)
4248 +void hci_uart_cleanup(void)
4252 #ifdef CONFIG_BLUEZ_HCIUART_H4
4255 +#ifdef CONFIG_BLUEZ_HCIUART_BCSP
4259 /* Release tty registration of line discipline */
4260 if ((err = tty_register_ldisc(N_HCI, NULL)))
4261 BT_ERR("Can't unregister HCI line discipline (%d)", err);
4264 -module_init(n_hci_init);
4265 -module_exit(n_hci_cleanup);
4266 +module_init(hci_uart_init);
4267 +module_exit(hci_uart_cleanup);
4269 MODULE_AUTHOR("Maxim Krasnyansky <maxk@qualcomm.com>");
4270 MODULE_DESCRIPTION("BlueZ HCI UART driver ver " VERSION);
4271 diff -Nur c3000_pre/linux/drivers/bluetooth/hci_uart.h c3000_work/linux/drivers/bluetooth/hci_uart.h
4272 --- c3000_pre/linux/drivers/bluetooth/hci_uart.h 2004-08-21 09:48:24.000000000 +0900
4273 +++ c3000_work/linux/drivers/bluetooth/hci_uart.h 2004-12-16 23:01:14.000000000 +0900
4278 - * $Id: hci_uart.h,v 1.1.1.1 2002/03/08 21:03:15 maxk Exp $
4279 + * $Id: hci_uart.h,v 1.2 2002/09/09 01:17:32 maxk Exp $
4288 #define HCIUARTGETPROTO _IOR('U', 201, int)
4290 /* UART protocols */
4291 -#define HCI_UART_MAX_PROTO 3
4292 +#define HCI_UART_MAX_PROTO 4
4294 #define HCI_UART_H4 0
4295 #define HCI_UART_BCSP 1
4296 -#define HCI_UART_NCSP 2
4297 +#define HCI_UART_3WIRE 2
4298 +#define HCI_UART_H4DS 3
4304 struct hci_uart_proto {
4306 - int (*open)(struct n_hci *n_hci);
4307 - int (*recv)(struct n_hci *n_hci, void *data, int len);
4308 - int (*send)(struct n_hci *n_hci, void *data, int len);
4309 - int (*close)(struct n_hci *n_hci);
4310 - int (*flush)(struct n_hci *n_hci);
4311 - struct sk_buff* (*preq)(struct n_hci *n_hci, struct sk_buff *skb);
4312 + int (*open)(struct hci_uart *hu);
4313 + int (*close)(struct hci_uart *hu);
4314 + int (*flush)(struct hci_uart *hu);
4315 + int (*recv)(struct hci_uart *hu, void *data, int len);
4316 + int (*enqueue)(struct hci_uart *hu, struct sk_buff *skb);
4317 + struct sk_buff *(*dequeue)(struct hci_uart *hu);
4322 struct tty_struct *tty;
4323 struct hci_dev hdev;
4324 unsigned long flags;
4326 struct hci_uart_proto *proto;
4329 - struct sk_buff_head txq;
4330 - unsigned long tx_state;
4331 - spinlock_t rx_lock;
4332 + struct sk_buff *tx_skb;
4333 + unsigned long tx_state;
4334 + spinlock_t rx_lock;
4337 -/* N_HCI flag bits */
4338 -#define N_HCI_PROTO_SET 0x00
4339 +/* HCI_UART flag bits */
4340 +#define HCI_UART_PROTO_SET 0
4343 -#define N_HCI_SENDING 1
4344 -#define N_HCI_TX_WAKEUP 2
4345 +#define HCI_UART_SENDING 1
4346 +#define HCI_UART_TX_WAKEUP 2
4348 int hci_uart_register_proto(struct hci_uart_proto *p);
4349 int hci_uart_unregister_proto(struct hci_uart_proto *p);
4350 +int hci_uart_tx_wakeup(struct hci_uart *hu);
4352 #endif /* __KERNEL__ */
4353 diff -Nur c3000_pre/linux/drivers/bluetooth/hci_usb.c c3000_work/linux/drivers/bluetooth/hci_usb.c
4354 --- c3000_pre/linux/drivers/bluetooth/hci_usb.c 2004-08-21 09:48:24.000000000 +0900
4355 +++ c3000_work/linux/drivers/bluetooth/hci_usb.c 2004-12-16 23:01:14.000000000 +0900
4358 - BlueZ - Bluetooth protocol stack for Linux
4359 + HCI USB driver for Linux Bluetooth protocol stack (BlueZ)
4360 Copyright (C) 2000-2001 Qualcomm Incorporated
4362 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
4364 + Copyright (C) 2003 Maxim Krasnyansky <maxk@qualcomm.com>
4366 This program is free software; you can redistribute it and/or modify
4367 it under the terms of the GNU General Public License version 2 as
4368 published by the Free Software Foundation;
4373 - * BlueZ HCI USB driver.
4374 * Based on original USB Bluetooth driver for Linux kernel
4375 * Copyright (c) 2000 Greg Kroah-Hartman <greg@kroah.com>
4376 * Copyright (c) 2000 Mark Douglas Corner <mcorner@umich.edu>
4378 * $Id: hci_usb.c,v 1.8 2002/07/18 17:23:09 maxk Exp $
4380 -#define VERSION "2.1"
4381 +#define VERSION "2.7"
4383 #include <linux/config.h>
4384 #include <linux/module.h>
4386 -#define __KERNEL_SYSCALLS__
4388 #include <linux/version.h>
4389 #include <linux/kernel.h>
4390 #include <linux/init.h>
4392 #include <linux/errno.h>
4393 #include <linux/string.h>
4394 #include <linux/skbuff.h>
4395 -#include <linux/kmod.h>
4397 #include <linux/usb.h>
4399 #include <net/bluetooth/bluetooth.h>
4400 #include <net/bluetooth/hci_core.h>
4401 -#include "hci_usb.h"
4403 -#define HCI_MAX_PENDING (HCI_MAX_BULK_RX + HCI_MAX_BULK_TX + 1)
4404 +#include "hci_usb.h"
4406 #ifndef HCI_USB_DEBUG
4409 #define BT_DMP( A... )
4412 -#ifndef CONFIG_BLUEZ_USB_ZERO_PACKET
4413 +#ifndef CONFIG_BLUEZ_HCIUSB_ZERO_PACKET
4414 #undef USB_ZERO_PACKET
4415 #define USB_ZERO_PACKET 0
4418 /* Generic Bluetooth USB device */
4419 { USB_DEVICE_INFO(HCI_DEV_CLASS, HCI_DEV_SUBCLASS, HCI_DEV_PROTOCOL) },
4421 + /* AVM BlueFRITZ! USB v2.0 */
4422 + { USB_DEVICE(0x057c, 0x3800) },
4424 + /* Bluetooth Ultraport Module from IBM */
4425 + { USB_DEVICE(0x04bf, 0x030a) },
4427 + /* ALPS Modules with non-standard id */
4428 + { USB_DEVICE(0x044e, 0x3001) },
4429 + { USB_DEVICE(0x044e, 0x3002) },
4431 /* Ericsson with non-standard id */
4432 { USB_DEVICE(0x0bdb, 0x1002) },
4434 @@ -85,116 +91,214 @@
4436 MODULE_DEVICE_TABLE (usb, bluetooth_ids);
4438 -static struct usb_device_id ignore_ids[] = {
4439 +static struct usb_device_id blacklist_ids[] = {
4440 /* Broadcom BCM2033 without firmware */
4441 - { USB_DEVICE(0x0a5c, 0x2033) },
4442 + { USB_DEVICE(0x0a5c, 0x2033), driver_info: HCI_IGNORE },
4444 + /* Broadcom BCM2035 */
4445 + { USB_DEVICE(0x0a5c, 0x200a), driver_info: HCI_RESET },
4447 + /* ISSC Bluetooth Adapter v3.1 */
4448 + { USB_DEVICE(0x1131, 0x1001), driver_info: HCI_RESET },
4450 + /* Digianswer device */
4451 + { USB_DEVICE(0x08fd, 0x0001), driver_info: HCI_DIGIANSWER },
4453 + /* RTX Telecom based adapter with buggy SCO support */
4454 + { USB_DEVICE(0x0400, 0x0807), driver_info: HCI_BROKEN_ISOC },
4456 { } /* Terminating entry */
4459 -static void hci_usb_interrupt(struct urb *urb);
4460 +struct _urb *_urb_alloc(int isoc, int gfp)
4462 + struct _urb *_urb = kmalloc(sizeof(struct _urb) +
4463 + sizeof(struct iso_packet_descriptor) * isoc, gfp);
4465 + memset(_urb, 0, sizeof(*_urb));
4466 + spin_lock_init(&_urb->urb.lock);
4471 +struct _urb *_urb_dequeue(struct _urb_queue *q)
4473 + struct _urb *_urb = NULL;
4474 + unsigned long flags;
4475 + spin_lock_irqsave(&q->lock, flags);
4477 + struct list_head *head = &q->head;
4478 + struct list_head *next = head->next;
4479 + if (next != head) {
4480 + _urb = list_entry(next, struct _urb, list);
4481 + list_del(next); _urb->queue = NULL;
4484 + spin_unlock_irqrestore(&q->lock, flags);
4488 static void hci_usb_rx_complete(struct urb *urb);
4489 static void hci_usb_tx_complete(struct urb *urb);
4491 -static struct urb *hci_usb_get_completed(struct hci_usb *husb)
4492 +#define __pending_tx(husb, type) (&husb->pending_tx[type-1])
4493 +#define __pending_q(husb, type) (&husb->pending_q[type-1])
4494 +#define __completed_q(husb, type) (&husb->completed_q[type-1])
4495 +#define __transmit_q(husb, type) (&husb->transmit_q[type-1])
4496 +#define __reassembly(husb, type) (husb->reassembly[type-1])
4498 +static inline struct _urb *__get_completed(struct hci_usb *husb, int type)
4500 - struct sk_buff *skb;
4501 - struct urb *urb = NULL;
4502 + return _urb_dequeue(__completed_q(husb, type));
4505 - skb = skb_dequeue(&husb->completed_q);
4507 - urb = ((struct hci_usb_scb *) skb->cb)->urb;
4510 +#ifdef CONFIG_BLUEZ_HCIUSB_SCO
4511 +static void __fill_isoc_desc(struct urb *urb, int len, int mtu)
4513 + int offset = 0, i;
4515 - BT_DBG("%s urb %p", husb->hdev.name, urb);
4517 + BT_DBG("len %d mtu %d", len, mtu);
4519 + for (i=0; i < HCI_MAX_ISOC_FRAMES && len >= mtu; i++, offset += mtu, len -= mtu) {
4520 + urb->iso_frame_desc[i].offset = offset;
4521 + urb->iso_frame_desc[i].length = mtu;
4522 + BT_DBG("desc %d offset %d len %d", i, offset, mtu);
4524 + if (len && i < HCI_MAX_ISOC_FRAMES) {
4525 + urb->iso_frame_desc[i].offset = offset;
4526 + urb->iso_frame_desc[i].length = len;
4527 + BT_DBG("desc %d offset %d len %d", i, offset, len);
4530 + urb->number_of_packets = i;
4534 -static int hci_usb_enable_intr(struct hci_usb *husb)
4535 +static int hci_usb_intr_rx_submit(struct hci_usb *husb)
4537 + struct _urb *_urb;
4540 + int err, pipe, interval, size;
4543 BT_DBG("%s", husb->hdev.name);
4545 - if (!(urb = usb_alloc_urb(0)))
4546 + size = husb->intr_in_ep->wMaxPacketSize;
4548 + buf = kmalloc(size, GFP_ATOMIC);
4552 - if (!(buf = kmalloc(HCI_MAX_EVENT_SIZE, GFP_KERNEL))) {
4553 - usb_free_urb(urb);
4554 + _urb = _urb_alloc(0, GFP_ATOMIC);
4559 + _urb->type = HCI_EVENT_PKT;
4560 + _urb_queue_tail(__pending_q(husb, _urb->type), _urb);
4562 - husb->intr_urb = urb;
4564 - pipe = usb_rcvintpipe(husb->udev, husb->intr_ep);
4565 - size = usb_maxpacket(husb->udev, pipe, usb_pipeout(pipe));
4566 - FILL_INT_URB(urb, husb->udev, pipe, buf, size,
4567 - hci_usb_interrupt, husb, husb->intr_interval);
4569 + pipe = usb_rcvintpipe(husb->udev, husb->intr_in_ep->bEndpointAddress);
4570 + interval = husb->intr_in_ep->bInterval;
4571 + FILL_INT_URB(urb, husb->udev, pipe, buf, size, hci_usb_rx_complete, husb, interval);
4573 - return usb_submit_urb(urb);
4574 + err = usb_submit_urb(urb);
4576 + BT_ERR("%s intr rx submit failed urb %p err %d",
4577 + husb->hdev.name, urb, err);
4578 + _urb_unlink(_urb);
4585 -static int hci_usb_disable_intr(struct hci_usb *husb)
4586 +static int hci_usb_bulk_rx_submit(struct hci_usb *husb)
4588 - struct urb *urb = husb->intr_urb;
4589 - struct sk_buff *skb;
4591 - BT_DBG("%s", husb->hdev.name);
4592 + struct _urb *_urb;
4594 + int err, pipe, size = HCI_MAX_FRAME_SIZE;
4597 - usb_unlink_urb(urb); usb_free_urb(urb);
4598 - husb->intr_urb = NULL;
4599 + buf = kmalloc(size, GFP_ATOMIC);
4603 - skb = husb->intr_skb;
4605 - husb->intr_skb = NULL;
4607 + _urb = _urb_alloc(0, GFP_ATOMIC);
4612 + _urb->type = HCI_ACLDATA_PKT;
4613 + _urb_queue_tail(__pending_q(husb, _urb->type), _urb);
4617 + pipe = usb_rcvbulkpipe(husb->udev, husb->bulk_in_ep->bEndpointAddress);
4618 + FILL_BULK_URB(urb, husb->udev, pipe, buf, size, hci_usb_rx_complete, husb);
4619 + urb->transfer_flags = USB_QUEUE_BULK;
4621 + BT_DBG("%s urb %p", husb->hdev.name, urb);
4623 + err = usb_submit_urb(urb);
4625 + BT_ERR("%s bulk rx submit failed urb %p err %d",
4626 + husb->hdev.name, urb, err);
4627 + _urb_unlink(_urb);
4634 -static int hci_usb_rx_submit(struct hci_usb *husb, struct urb *urb)
4635 +#ifdef CONFIG_BLUEZ_HCIUSB_SCO
4636 +static int hci_usb_isoc_rx_submit(struct hci_usb *husb)
4638 - struct hci_usb_scb *scb;
4639 - struct sk_buff *skb;
4640 - int pipe, size, err;
4641 + struct _urb *_urb;
4643 + int err, mtu, size;
4646 - if (!urb && !(urb = usb_alloc_urb(0)))
4648 + mtu = husb->isoc_in_ep->wMaxPacketSize;
4649 + size = mtu * HCI_MAX_ISOC_FRAMES;
4651 - size = HCI_MAX_FRAME_SIZE;
4652 + buf = kmalloc(size, GFP_ATOMIC);
4656 - if (!(skb = bluez_skb_alloc(size, GFP_ATOMIC))) {
4657 - usb_free_urb(urb);
4658 + _urb = _urb_alloc(HCI_MAX_ISOC_FRAMES, GFP_ATOMIC);
4664 - BT_DBG("%s urb %p", husb->hdev.name, urb);
4665 + _urb->type = HCI_SCODATA_PKT;
4666 + _urb_queue_tail(__pending_q(husb, _urb->type), _urb);
4668 - skb->dev = (void *) &husb->hdev;
4669 - skb->pkt_type = HCI_ACLDATA_PKT;
4672 - scb = (struct hci_usb_scb *) skb->cb;
4674 + urb->context = husb;
4675 + urb->dev = husb->udev;
4676 + urb->pipe = usb_rcvisocpipe(husb->udev, husb->isoc_in_ep->bEndpointAddress);
4677 + urb->complete = hci_usb_rx_complete;
4679 - pipe = usb_rcvbulkpipe(husb->udev, husb->bulk_in_ep);
4680 + urb->transfer_buffer_length = size;
4681 + urb->transfer_buffer = buf;
4682 + urb->transfer_flags = USB_ISO_ASAP;
4684 - FILL_BULK_URB(urb, husb->udev, pipe, skb->data, size, hci_usb_rx_complete, skb);
4685 - urb->transfer_flags = USB_QUEUE_BULK;
4686 + __fill_isoc_desc(urb, size, mtu);
4688 + BT_DBG("%s urb %p", husb->hdev.name, urb);
4690 - skb_queue_tail(&husb->pending_q, skb);
4691 err = usb_submit_urb(urb);
4693 - BT_ERR("%s bulk rx submit failed urb %p err %d",
4694 + BT_ERR("%s isoc rx submit failed urb %p err %d",
4695 husb->hdev.name, urb, err);
4697 - usb_free_urb(urb);
4698 + _urb_unlink(_urb);
4706 /* Initialize device */
4707 static int hci_usb_open(struct hci_dev *hdev)
4708 @@ -212,10 +316,16 @@
4710 write_lock_irqsave(&husb->completion_lock, flags);
4712 - err = hci_usb_enable_intr(husb);
4713 + err = hci_usb_intr_rx_submit(husb);
4715 - for (i = 0; i < HCI_MAX_BULK_TX; i++)
4716 - hci_usb_rx_submit(husb, NULL);
4717 + for (i = 0; i < HCI_MAX_BULK_RX; i++)
4718 + hci_usb_bulk_rx_submit(husb);
4720 +#ifdef CONFIG_BLUEZ_HCIUSB_SCO
4721 + if (husb->isoc_iface)
4722 + for (i = 0; i < HCI_MAX_ISOC_RX; i++)
4723 + hci_usb_isoc_rx_submit(husb);
4726 clear_bit(HCI_RUNNING, &hdev->flags);
4728 @@ -229,29 +339,52 @@
4729 static int hci_usb_flush(struct hci_dev *hdev)
4731 struct hci_usb *husb = (struct hci_usb *) hdev->driver_data;
4734 BT_DBG("%s", hdev->name);
4736 - skb_queue_purge(&husb->cmd_q);
4737 - skb_queue_purge(&husb->acl_q);
4738 + for (i=0; i < 4; i++)
4739 + skb_queue_purge(&husb->transmit_q[i]);
4743 -static inline void hci_usb_unlink_urbs(struct hci_usb *husb)
4744 +static void hci_usb_unlink_urbs(struct hci_usb *husb)
4746 - struct sk_buff *skb;
4750 BT_DBG("%s", husb->hdev.name);
4752 - while ((skb = skb_dequeue(&husb->pending_q))) {
4753 - urb = ((struct hci_usb_scb *) skb->cb)->urb;
4754 - usb_unlink_urb(urb);
4757 + for (i=0; i < 4; i++) {
4758 + struct _urb *_urb;
4761 + /* Kill pending requests */
4762 + while ((_urb = _urb_dequeue(&husb->pending_q[i]))) {
4764 + BT_DBG("%s unlinking _urb %p type %d urb %p",
4765 + husb->hdev.name, _urb, _urb->type, urb);
4766 + usb_unlink_urb(urb);
4767 + _urb_queue_tail(__completed_q(husb, _urb->type), _urb);
4770 + /* Release completed requests */
4771 + while ((_urb = _urb_dequeue(&husb->completed_q[i]))) {
4773 + BT_DBG("%s freeing _urb %p type %d urb %p",
4774 + husb->hdev.name, _urb, _urb->type, urb);
4775 + if (urb->setup_packet)
4776 + kfree(urb->setup_packet);
4777 + if (urb->transfer_buffer)
4778 + kfree(urb->transfer_buffer);
4782 - while ((urb = hci_usb_get_completed(husb)))
4783 - usb_free_urb(urb);
4784 + /* Release reassembly buffers */
4785 + if (husb->reassembly[i]) {
4786 + kfree_skb(husb->reassembly[i]);
4787 + husb->reassembly[i] = NULL;
4795 write_lock_irqsave(&husb->completion_lock, flags);
4797 - hci_usb_disable_intr(husb);
4798 hci_usb_unlink_urbs(husb);
4799 hci_usb_flush(hdev);
4801 @@ -277,104 +409,157 @@
4805 +static int __tx_submit(struct hci_usb *husb, struct _urb *_urb)
4807 + struct urb *urb = &_urb->urb;
4810 + BT_DBG("%s urb %p type %d", husb->hdev.name, urb, _urb->type);
4812 + _urb_queue_tail(__pending_q(husb, _urb->type), _urb);
4813 + err = usb_submit_urb(urb);
4815 + BT_ERR("%s tx submit failed urb %p type %d err %d",
4816 + husb->hdev.name, urb, _urb->type, err);
4817 + _urb_unlink(_urb);
4818 + _urb_queue_tail(__completed_q(husb, _urb->type), _urb);
4820 + atomic_inc(__pending_tx(husb, _urb->type));
4825 static inline int hci_usb_send_ctrl(struct hci_usb *husb, struct sk_buff *skb)
4827 - struct hci_usb_scb *scb = (void *) skb->cb;
4828 - struct urb *urb = hci_usb_get_completed(husb);
4829 + struct _urb *_urb = __get_completed(husb, skb->pkt_type);
4830 struct usb_ctrlrequest *dr;
4833 - if (!urb && !(urb = usb_alloc_urb(0)))
4837 - if (!(dr = kmalloc(sizeof(*dr), GFP_ATOMIC))) {
4838 - usb_free_urb(urb);
4842 - pipe = usb_sndctrlpipe(husb->udev, 0);
4844 + _urb = _urb_alloc(0, GFP_ATOMIC);
4847 + _urb->type = skb->pkt_type;
4849 + dr = kmalloc(sizeof(*dr), GFP_ATOMIC);
4855 + dr = (void *) _urb->urb.setup_packet;
4857 - dr->bRequestType = HCI_CTRL_REQ;
4858 + dr->bRequestType = husb->ctrl_req;
4862 dr->wLength = __cpu_to_le16(skb->len);
4864 - FILL_CONTROL_URB(urb, husb->udev, pipe, (void *) dr,
4865 - skb->data, skb->len, hci_usb_tx_complete, skb);
4867 - BT_DBG("%s urb %p len %d", husb->hdev.name, urb, skb->len);
4871 + FILL_CONTROL_URB(urb, husb->udev, usb_sndctrlpipe(husb->udev, 0),
4872 + (void *) dr, skb->data, skb->len, hci_usb_tx_complete, husb);
4874 - skb_queue_tail(&husb->pending_q, skb);
4875 - err = usb_submit_urb(urb);
4877 - BT_ERR("%s ctrl tx submit failed urb %p err %d",
4878 - husb->hdev.name, urb, err);
4880 - usb_free_urb(urb); kfree(dr);
4883 + BT_DBG("%s skb %p len %d", husb->hdev.name, skb, skb->len);
4886 + return __tx_submit(husb, _urb);
4889 static inline int hci_usb_send_bulk(struct hci_usb *husb, struct sk_buff *skb)
4891 - struct hci_usb_scb *scb = (void *) skb->cb;
4892 - struct urb *urb = hci_usb_get_completed(husb);
4894 + struct _urb *_urb = __get_completed(husb, skb->pkt_type);
4898 - if (!urb && !(urb = usb_alloc_urb(0)))
4901 + _urb = _urb_alloc(0, GFP_ATOMIC);
4904 + _urb->type = skb->pkt_type;
4907 - pipe = usb_sndbulkpipe(husb->udev, husb->bulk_out_ep);
4909 - FILL_BULK_URB(urb, husb->udev, pipe, skb->data, skb->len,
4910 - hci_usb_tx_complete, skb);
4912 + pipe = usb_sndbulkpipe(husb->udev, husb->bulk_out_ep->bEndpointAddress);
4913 + FILL_BULK_URB(urb, husb->udev, pipe, skb->data, skb->len,
4914 + hci_usb_tx_complete, husb);
4915 urb->transfer_flags = USB_QUEUE_BULK | USB_ZERO_PACKET;
4917 - BT_DBG("%s urb %p len %d", husb->hdev.name, urb, skb->len);
4918 + BT_DBG("%s skb %p len %d", husb->hdev.name, skb, skb->len);
4922 + return __tx_submit(husb, _urb);
4925 - skb_queue_tail(&husb->pending_q, skb);
4926 - err = usb_submit_urb(urb);
4928 - BT_ERR("%s bulk tx submit failed urb %p err %d",
4929 - husb->hdev.name, urb, err);
4931 - usb_free_urb(urb);
4932 +#ifdef CONFIG_BLUEZ_HCIUSB_SCO
4933 +static inline int hci_usb_send_isoc(struct hci_usb *husb, struct sk_buff *skb)
4935 + struct _urb *_urb = __get_completed(husb, skb->pkt_type);
4939 + _urb = _urb_alloc(HCI_MAX_ISOC_FRAMES, GFP_ATOMIC);
4942 + _urb->type = skb->pkt_type;
4946 + BT_DBG("%s skb %p len %d", husb->hdev.name, skb, skb->len);
4950 + urb->context = husb;
4951 + urb->dev = husb->udev;
4952 + urb->pipe = usb_sndisocpipe(husb->udev, husb->isoc_out_ep->bEndpointAddress);
4953 + urb->complete = hci_usb_tx_complete;
4954 + urb->transfer_flags = USB_ISO_ASAP;
4956 + urb->transfer_buffer = skb->data;
4957 + urb->transfer_buffer_length = skb->len;
4959 + __fill_isoc_desc(urb, skb->len, husb->isoc_out_ep->wMaxPacketSize);
4962 + return __tx_submit(husb, _urb);
4966 static void hci_usb_tx_process(struct hci_usb *husb)
4968 + struct sk_buff_head *q;
4969 struct sk_buff *skb;
4971 BT_DBG("%s", husb->hdev.name);
4974 clear_bit(HCI_USB_TX_WAKEUP, &husb->state);
4976 + /* Process command queue */
4977 + q = __transmit_q(husb, HCI_COMMAND_PKT);
4978 + if (!atomic_read(__pending_tx(husb, HCI_COMMAND_PKT)) &&
4979 + (skb = skb_dequeue(q))) {
4980 + if (hci_usb_send_ctrl(husb, skb) < 0)
4981 + skb_queue_head(q, skb);
4984 +#ifdef CONFIG_BLUEZ_HCIUSB_SCO
4985 + /* Process SCO queue */
4986 + q = __transmit_q(husb, HCI_SCODATA_PKT);
4987 + if (atomic_read(__pending_tx(husb, HCI_SCODATA_PKT)) < HCI_MAX_ISOC_TX &&
4988 + (skb = skb_dequeue(q))) {
4989 + if (hci_usb_send_isoc(husb, skb) < 0)
4990 + skb_queue_head(q, skb);
4994 /* Process ACL queue */
4995 - while (skb_queue_len(&husb->pending_q) < HCI_MAX_PENDING &&
4996 - (skb = skb_dequeue(&husb->acl_q))) {
4997 + q = __transmit_q(husb, HCI_ACLDATA_PKT);
4998 + while (atomic_read(__pending_tx(husb, HCI_ACLDATA_PKT)) < HCI_MAX_BULK_TX &&
4999 + (skb = skb_dequeue(q))) {
5000 if (hci_usb_send_bulk(husb, skb) < 0) {
5001 - skb_queue_head(&husb->acl_q, skb);
5002 + skb_queue_head(q, skb);
5007 - /* Process command queue */
5008 - if (!test_bit(HCI_USB_CTRL_TX, &husb->state) &&
5009 - (skb = skb_dequeue(&husb->cmd_q)) != NULL) {
5010 - set_bit(HCI_USB_CTRL_TX, &husb->state);
5011 - if (hci_usb_send_ctrl(husb, skb) < 0) {
5012 - skb_queue_head(&husb->cmd_q, skb);
5013 - clear_bit(HCI_USB_CTRL_TX, &husb->state);
5016 } while(test_bit(HCI_USB_TX_WAKEUP, &husb->state));
5022 /* Send frames from HCI layer */
5023 -int hci_usb_send_frame(struct sk_buff *skb)
5024 +static int hci_usb_send_frame(struct sk_buff *skb)
5026 struct hci_dev *hdev = (struct hci_dev *) skb->dev;
5027 struct hci_usb *husb;
5028 @@ -402,204 +587,209 @@
5029 if (!test_bit(HCI_RUNNING, &hdev->flags))
5032 - husb = (struct hci_usb *) hdev->driver_data;
5034 BT_DBG("%s type %d len %d", hdev->name, skb->pkt_type, skb->len);
5036 - read_lock(&husb->completion_lock);
5037 + husb = (struct hci_usb *) hdev->driver_data;
5039 switch (skb->pkt_type) {
5040 case HCI_COMMAND_PKT:
5041 - skb_queue_tail(&husb->cmd_q, skb);
5042 hdev->stat.cmd_tx++;
5045 case HCI_ACLDATA_PKT:
5046 - skb_queue_tail(&husb->acl_q, skb);
5047 hdev->stat.acl_tx++;
5050 +#ifdef CONFIG_BLUEZ_HCIUSB_SCO
5051 case HCI_SCODATA_PKT:
5052 + hdev->stat.sco_tx++;
5062 + read_lock(&husb->completion_lock);
5064 + skb_queue_tail(__transmit_q(husb, skb->pkt_type), skb);
5065 hci_usb_tx_wakeup(husb);
5067 read_unlock(&husb->completion_lock);
5071 -static void hci_usb_interrupt(struct urb *urb)
5072 +static inline int __recv_frame(struct hci_usb *husb, int type, void *data, int count)
5074 - struct hci_usb *husb = (void *) urb->context;
5075 - struct hci_usb_scb *scb;
5076 - struct sk_buff *skb;
5077 - hci_event_hdr *eh;
5078 - __u8 *data = urb->transfer_buffer;
5079 - int count = urb->actual_length;
5080 - int len = HCI_EVENT_HDR_SIZE;
5081 + BT_DBG("%s type %d data %p count %d", husb->hdev.name, type, data, count);
5083 - BT_DBG("%s urb %p count %d", husb->hdev.name, urb, count);
5084 + husb->hdev.stat.byte_rx += count;
5086 - if (!test_bit(HCI_RUNNING, &husb->hdev.flags))
5089 + struct sk_buff *skb = __reassembly(husb, type);
5090 + struct { int expect; } *scb;
5094 + /* Start of the frame */
5096 - if (urb->status || !count) {
5097 - BT_DBG("%s intr status %d, count %d",
5098 - husb->hdev.name, urb->status, count);
5102 + case HCI_EVENT_PKT:
5103 + if (count >= HCI_EVENT_HDR_SIZE) {
5104 + hci_event_hdr *h = data;
5105 + len = HCI_EVENT_HDR_SIZE + h->plen;
5110 - read_lock(&husb->completion_lock);
5112 - husb->hdev.stat.byte_rx += count;
5113 + case HCI_ACLDATA_PKT:
5114 + if (count >= HCI_ACL_HDR_SIZE) {
5115 + hci_acl_hdr *h = data;
5116 + len = HCI_ACL_HDR_SIZE + __le16_to_cpu(h->dlen);
5120 +#ifdef CONFIG_BLUEZ_HCIUSB_SCO
5121 + case HCI_SCODATA_PKT:
5122 + if (count >= HCI_SCO_HDR_SIZE) {
5123 + hci_sco_hdr *h = data;
5124 + len = HCI_SCO_HDR_SIZE + h->dlen;
5130 + BT_DBG("new packet len %d", len);
5132 - if (!(skb = husb->intr_skb)) {
5133 - /* Start of the frame */
5134 - if (count < HCI_EVENT_HDR_SIZE)
5136 + skb = bluez_skb_alloc(len, GFP_ATOMIC);
5138 + BT_ERR("%s no memory for the packet", husb->hdev.name);
5141 + skb->dev = (void *) &husb->hdev;
5142 + skb->pkt_type = type;
5144 + __reassembly(husb, type) = skb;
5146 - eh = (hci_event_hdr *) data;
5147 - len = eh->plen + HCI_EVENT_HDR_SIZE;
5148 + scb = (void *) skb->cb;
5149 + scb->expect = len;
5151 + /* Continuation */
5152 + scb = (void *) skb->cb;
5153 + len = scb->expect;
5158 + len = min(len, count);
5160 + memcpy(skb_put(skb, len), data, len);
5162 - skb = bluez_skb_alloc(len, GFP_ATOMIC);
5164 - BT_ERR("%s no memory for event packet", husb->hdev.name);
5166 + scb->expect -= len;
5167 + if (!scb->expect) {
5168 + /* Complete frame */
5169 + __reassembly(husb, type) = NULL;
5170 + hci_recv_frame(skb);
5172 - scb = (void *) skb->cb;
5174 - skb->dev = (void *) &husb->hdev;
5175 - skb->pkt_type = HCI_EVENT_PKT;
5176 + count -= len; data += len;
5181 +static void hci_usb_rx_complete(struct urb *urb)
5183 + struct _urb *_urb = container_of(urb, struct _urb, urb);
5184 + struct hci_usb *husb = (void *) urb->context;
5185 + struct hci_dev *hdev = &husb->hdev;
5186 + int err, count = urb->actual_length;
5188 + BT_DBG("%s urb %p type %d status %d count %d flags %x", hdev->name, urb,
5189 + _urb->type, urb->status, count, urb->transfer_flags);
5191 + read_lock(&husb->completion_lock);
5193 + if (!test_bit(HCI_RUNNING, &hdev->flags))
5196 + if (urb->status || !count)
5199 - husb->intr_skb = skb;
5200 - scb->intr_len = len;
5201 + if (_urb->type == HCI_SCODATA_PKT) {
5202 +#ifdef CONFIG_BLUEZ_HCIUSB_SCO
5204 + for (i=0; i < urb->number_of_packets; i++) {
5205 + BT_DBG("desc %d status %d offset %d len %d", i,
5206 + urb->iso_frame_desc[i].status,
5207 + urb->iso_frame_desc[i].offset,
5208 + urb->iso_frame_desc[i].actual_length);
5210 + if (!urb->iso_frame_desc[i].status)
5211 + __recv_frame(husb, _urb->type,
5212 + urb->transfer_buffer + urb->iso_frame_desc[i].offset,
5213 + urb->iso_frame_desc[i].actual_length);
5219 - /* Continuation */
5220 - scb = (void *) skb->cb;
5221 - len = scb->intr_len;
5222 - if (count > len) {
5223 - husb->intr_skb = NULL;
5226 + err = __recv_frame(husb, _urb->type, urb->transfer_buffer, count);
5228 + BT_ERR("%s corrupted packet: type %d count %d",
5229 + husb->hdev.name, _urb->type, count);
5230 + hdev->stat.err_rx++;
5234 - memcpy(skb_put(skb, count), data, count);
5235 - scb->intr_len -= count;
5237 - if (!scb->intr_len) {
5238 - /* Complete frame */
5239 - husb->intr_skb = NULL;
5240 - hci_recv_frame(skb);
5242 + if (_urb->type != HCI_EVENT_PKT) {
5243 + urb->dev = husb->udev;
5244 + err = usb_submit_urb(urb);
5245 + BT_DBG("%s urb %p type %d resubmit status %d", hdev->name, urb,
5250 - read_unlock(&husb->completion_lock);
5254 - BT_ERR("%s bad frame len %d expected %d", husb->hdev.name, count, len);
5255 - husb->hdev.stat.err_rx++;
5257 read_unlock(&husb->completion_lock);
5260 static void hci_usb_tx_complete(struct urb *urb)
5262 - struct sk_buff *skb = (struct sk_buff *) urb->context;
5263 - struct hci_dev *hdev = (struct hci_dev *) skb->dev;
5264 - struct hci_usb *husb = (struct hci_usb *) hdev->driver_data;
5265 + struct _urb *_urb = container_of(urb, struct _urb, urb);
5266 + struct hci_usb *husb = (void *) urb->context;
5267 + struct hci_dev *hdev = &husb->hdev;
5269 - BT_DBG("%s urb %p status %d flags %x", husb->hdev.name, urb,
5270 + BT_DBG("%s urb %p status %d flags %x", hdev->name, urb,
5271 urb->status, urb->transfer_flags);
5273 - if (urb->pipe == usb_sndctrlpipe(husb->udev, 0)) {
5274 - kfree(urb->setup_packet);
5275 - clear_bit(HCI_USB_CTRL_TX, &husb->state);
5277 + atomic_dec(__pending_tx(husb, _urb->type));
5279 + urb->transfer_buffer = NULL;
5280 + kfree_skb((struct sk_buff *) _urb->priv);
5282 if (!test_bit(HCI_RUNNING, &hdev->flags))
5285 - read_lock(&husb->completion_lock);
5288 - husb->hdev.stat.byte_tx += skb->len;
5289 + hdev->stat.byte_tx += urb->transfer_buffer_length;
5291 - husb->hdev.stat.err_tx++;
5294 - skb_queue_tail(&husb->completed_q, skb);
5295 - hci_usb_tx_wakeup(husb);
5297 - read_unlock(&husb->completion_lock);
5301 -static void hci_usb_rx_complete(struct urb *urb)
5303 - struct sk_buff *skb = (struct sk_buff *) urb->context;
5304 - struct hci_dev *hdev = (struct hci_dev *) skb->dev;
5305 - struct hci_usb *husb = (struct hci_usb *) hdev->driver_data;
5306 - int status, count = urb->actual_length;
5310 - BT_DBG("%s urb %p status %d count %d flags %x", husb->hdev.name, urb,
5311 - urb->status, count, urb->transfer_flags);
5313 - if (!test_bit(HCI_RUNNING, &hdev->flags))
5315 + hdev->stat.err_tx++;
5317 read_lock(&husb->completion_lock);
5319 - if (urb->status || !count)
5322 - husb->hdev.stat.byte_rx += count;
5324 - ah = (hci_acl_hdr *) skb->data;
5325 - dlen = __le16_to_cpu(ah->dlen);
5326 - size = HCI_ACL_HDR_SIZE + dlen;
5328 - /* Verify frame len and completeness */
5329 - if (count != size) {
5330 - BT_ERR("%s corrupted ACL packet: count %d, dlen %d",
5331 - husb->hdev.name, count, dlen);
5332 - bluez_dump("hci_usb", skb->data, count);
5333 - husb->hdev.stat.err_rx++;
5338 - skb_put(skb, count);
5339 - hci_recv_frame(skb);
5341 - hci_usb_rx_submit(husb, urb);
5342 + _urb_unlink(_urb);
5343 + _urb_queue_tail(__completed_q(husb, _urb->type), _urb);
5345 - read_unlock(&husb->completion_lock);
5349 - urb->dev = husb->udev;
5350 - status = usb_submit_urb(urb);
5351 - BT_DBG("%s URB resubmit status %d", husb->hdev.name, status);
5352 + hci_usb_tx_wakeup(husb);
5354 read_unlock(&husb->completion_lock);
5357 static void hci_usb_destruct(struct hci_dev *hdev)
5359 - struct hci_usb *husb;
5361 - if (!hdev) return;
5362 + struct hci_usb *husb = (struct hci_usb *) hdev->driver_data;
5364 BT_DBG("%s", hdev->name);
5366 - husb = (struct hci_usb *) hdev->driver_data;
5370 @@ -621,8 +811,14 @@
5372 iface = &udev->actconfig->interface[0];
5374 - /* Check our black list */
5375 - if (usb_match_id(udev, iface, ignore_ids))
5376 + if (!id->driver_info) {
5377 + const struct usb_device_id *match;
5378 + match = usb_match_id(udev, iface, blacklist_ids);
5383 + if (id->driver_info & HCI_IGNORE)
5386 /* Check number of endpoints */
5388 bulk_out_ep[i] = ep;
5391 +#ifdef CONFIG_BLUEZ_HCIUSB_SCO
5392 case USB_ENDPOINT_XFER_ISOC:
5393 - if (ep->wMaxPacketSize < size)
5394 + if (ep->wMaxPacketSize < size || a > 2)
5396 size = ep->wMaxPacketSize;
5400 isoc_out_ep[i] = ep;
5406 @@ -686,10 +884,12 @@
5410 - if (!isoc_in_ep[1] || !isoc_out_ep[1]) {
5411 +#ifdef CONFIG_BLUEZ_HCIUSB_SCO
5412 + if (id->driver_info & HCI_BROKEN_ISOC || !isoc_in_ep[1] || !isoc_out_ep[1]) {
5413 BT_DBG("Isoc endpoints not found");
5418 if (!(husb = kmalloc(sizeof(struct hci_usb), GFP_KERNEL))) {
5419 BT_ERR("Can't allocate: control structure");
5420 @@ -699,35 +899,41 @@
5421 memset(husb, 0, sizeof(struct hci_usb));
5424 - husb->bulk_out_ep = bulk_out_ep[0]->bEndpointAddress;
5425 - husb->bulk_in_ep = bulk_in_ep[0]->bEndpointAddress;
5426 + husb->bulk_out_ep = bulk_out_ep[0];
5427 + husb->bulk_in_ep = bulk_in_ep[0];
5428 + husb->intr_in_ep = intr_in_ep[0];
5430 - husb->intr_ep = intr_in_ep[0]->bEndpointAddress;
5431 - husb->intr_interval = intr_in_ep[0]->bInterval;
5432 + if (id->driver_info & HCI_DIGIANSWER)
5433 + husb->ctrl_req = HCI_DIGI_REQ;
5435 + husb->ctrl_req = HCI_CTRL_REQ;
5437 +#ifdef CONFIG_BLUEZ_HCIUSB_SCO
5439 + BT_DBG("isoc ifnum %d alts %d", isoc_ifnum, isoc_alts);
5440 if (usb_set_interface(udev, isoc_ifnum, isoc_alts)) {
5441 BT_ERR("Can't set isoc interface settings");
5444 usb_driver_claim_interface(&hci_usb_driver, isoc_iface, husb);
5445 husb->isoc_iface = isoc_iface;
5447 - husb->isoc_in_ep = isoc_in_ep[1]->bEndpointAddress;
5448 - husb->isoc_out_ep = isoc_in_ep[1]->bEndpointAddress;
5449 + husb->isoc_in_ep = isoc_in_ep[isoc_ifnum];
5450 + husb->isoc_out_ep = isoc_out_ep[isoc_ifnum];
5453 - husb->completion_lock = RW_LOCK_UNLOCKED;
5456 - skb_queue_head_init(&husb->acl_q);
5457 - skb_queue_head_init(&husb->cmd_q);
5458 - skb_queue_head_init(&husb->pending_q);
5459 - skb_queue_head_init(&husb->completed_q);
5460 + husb->completion_lock = RW_LOCK_UNLOCKED;
5462 + for (i = 0; i < 4; i++) {
5463 + skb_queue_head_init(&husb->transmit_q[i]);
5464 + _urb_queue_init(&husb->pending_q[i]);
5465 + _urb_queue_init(&husb->completed_q[i]);
5468 /* Initialize and register HCI device */
5471 - hdev->type = HCI_USB;
5472 + hdev->type = HCI_USB;
5473 hdev->driver_data = husb;
5475 hdev->open = hci_usb_open;
5477 hdev->send = hci_usb_send_frame;
5478 hdev->destruct = hci_usb_destruct;
5480 + if (id->driver_info & HCI_RESET)
5481 + set_bit(HCI_QUIRK_RESET_ON_INIT, &hdev->quirks);
5483 if (hci_register_dev(hdev) < 0) {
5484 BT_ERR("Can't register HCI device");
5486 @@ -798,6 +1007,6 @@
5487 module_init(hci_usb_init);
5488 module_exit(hci_usb_cleanup);
5490 -MODULE_AUTHOR("Maxim Krasnyansky <maxk@qualcomm.com>");
5491 +MODULE_AUTHOR("Maxim Krasnyansky <maxk@qualcomm.com>, Marcel Holtmann <marcel@holtmann.org>");
5492 MODULE_DESCRIPTION("BlueZ HCI USB driver ver " VERSION);
5493 MODULE_LICENSE("GPL");
5494 diff -Nur c3000_pre/linux/drivers/bluetooth/hci_usb.h c3000_work/linux/drivers/bluetooth/hci_usb.h
5495 --- c3000_pre/linux/drivers/bluetooth/hci_usb.h 2004-08-21 09:48:24.000000000 +0900
5496 +++ c3000_work/linux/drivers/bluetooth/hci_usb.h 2004-12-16 23:01:14.000000000 +0900
5499 - BlueZ - Bluetooth protocol stack for Linux
5500 + HCI USB driver for Linux Bluetooth protocol stack (BlueZ)
5501 Copyright (C) 2000-2001 Qualcomm Incorporated
5503 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
5505 + Copyright (C) 2003 Maxim Krasnyansky <maxk@qualcomm.com>
5507 This program is free software; you can redistribute it and/or modify
5508 it under the terms of the GNU General Public License version 2 as
5509 published by the Free Software Foundation;
5510 @@ -34,46 +35,113 @@
5511 #define HCI_DEV_PROTOCOL 0x01 /* Bluetooth programming protocol */
5513 #define HCI_CTRL_REQ 0x20
5514 +#define HCI_DIGI_REQ 0x40
5516 +#define HCI_IGNORE 0x01
5517 +#define HCI_RESET 0x02
5518 +#define HCI_DIGIANSWER 0x04
5519 +#define HCI_BROKEN_ISOC 0x08
5521 #define HCI_MAX_IFACE_NUM 3
5523 #define HCI_MAX_BULK_TX 4
5524 #define HCI_MAX_BULK_RX 1
5526 +#define HCI_MAX_ISOC_RX 2
5527 +#define HCI_MAX_ISOC_TX 2
5529 +#define HCI_MAX_ISOC_FRAMES 10
5531 +struct _urb_queue {
5532 + struct list_head head;
5537 + struct list_head list;
5538 + struct _urb_queue *queue;
5544 +struct _urb *_urb_alloc(int isoc, int gfp);
5546 +static inline void _urb_free(struct _urb *_urb)
5551 +static inline void _urb_queue_init(struct _urb_queue *q)
5553 + INIT_LIST_HEAD(&q->head);
5554 + spin_lock_init(&q->lock);
5557 +static inline void _urb_queue_head(struct _urb_queue *q, struct _urb *_urb)
5559 + unsigned long flags;
5560 + spin_lock_irqsave(&q->lock, flags);
5561 + list_add(&_urb->list, &q->head); _urb->queue = q;
5562 + spin_unlock_irqrestore(&q->lock, flags);
5565 +static inline void _urb_queue_tail(struct _urb_queue *q, struct _urb *_urb)
5567 + unsigned long flags;
5568 + spin_lock_irqsave(&q->lock, flags);
5569 + list_add_tail(&_urb->list, &q->head); _urb->queue = q;
5570 + spin_unlock_irqrestore(&q->lock, flags);
5573 +static inline void _urb_unlink(struct _urb *_urb)
5575 + struct _urb_queue *q = _urb->queue;
5576 + unsigned long flags;
5578 + spin_lock_irqsave(&q->lock, flags);
5579 + list_del(&_urb->list); _urb->queue = NULL;
5580 + spin_unlock_irqrestore(&q->lock, flags);
5584 +struct _urb *_urb_dequeue(struct _urb_queue *q);
5586 +#ifndef container_of
5587 +#define container_of(ptr, type, member) ({ \
5588 + const typeof( ((type *)0)->member ) *__mptr = (ptr); \
5589 + (type *)( (char *)__mptr - offsetof(type,member) );})
5593 struct hci_dev hdev;
5595 unsigned long state;
5597 struct usb_device *udev;
5598 - struct usb_interface *isoc_iface;
5606 - __u8 intr_interval;
5607 - struct urb *intr_urb;
5608 - struct sk_buff * intr_skb;
5609 + struct usb_endpoint_descriptor *bulk_in_ep;
5610 + struct usb_endpoint_descriptor *bulk_out_ep;
5611 + struct usb_endpoint_descriptor *intr_in_ep;
5613 + struct usb_interface *isoc_iface;
5614 + struct usb_endpoint_descriptor *isoc_out_ep;
5615 + struct usb_endpoint_descriptor *isoc_in_ep;
5619 + struct sk_buff_head transmit_q[4];
5620 + struct sk_buff *reassembly[4]; // Reassembly buffers
5622 rwlock_t completion_lock;
5624 - struct sk_buff_head cmd_q; // TX Commands
5625 - struct sk_buff_head acl_q; // TX ACLs
5626 - struct sk_buff_head pending_q; // Pending requests
5627 - struct sk_buff_head completed_q; // Completed requests
5630 -struct hci_usb_scb {
5633 + atomic_t pending_tx[4]; // Number of pending requests
5634 + struct _urb_queue pending_q[4]; // Pending requests
5635 + struct _urb_queue completed_q[4]; // Completed requests
5639 #define HCI_USB_TX_PROCESS 1
5640 #define HCI_USB_TX_WAKEUP 2
5641 -#define HCI_USB_CTRL_TX 3
5643 #endif /* __KERNEL__ */
5644 diff -Nur c3000_pre/linux/drivers/char/pcmcia/serial_cs.c c3000_work/linux/drivers/char/pcmcia/serial_cs.c
5645 --- c3000_pre/linux/drivers/char/pcmcia/serial_cs.c 2004-08-21 09:48:33.000000000 +0900
5646 +++ c3000_work/linux/drivers/char/pcmcia/serial_cs.c 2004-12-16 23:01:14.000000000 +0900
5649 A driver for PCMCIA serial devices
5651 - serial_cs.c 1.128 2001/10/18 12:18:35
5652 + serial_cs.c 1.138 2002/10/25 06:24:52
5654 The contents of this file are subject to the Mozilla Public
5655 License Version 1.1 (the "License"); you may not use this file
5657 static int irq_list[4] = { -1 };
5658 MODULE_PARM(irq_list, "1-4i");
5660 -/* Enable the speaker? */
5661 -INT_MODULE_PARM(do_sound, 1);
5662 +INT_MODULE_PARM(do_sound, 1); /* Enable the speaker? */
5663 +INT_MODULE_PARM(buggy_uart, 0); /* Skip strict UART tests? */
5666 INT_MODULE_PARM(pc_debug, PCMCIA_DEBUG);
5667 #define DEBUG(n, args...) if (pc_debug>(n)) printk(KERN_DEBUG args)
5668 static char *version =
5669 -"serial_cs.c 1.128 2001/10/18 12:18:35 (David Hinds)";
5670 +"serial_cs.c 1.138 2002/10/25 06:24:52 (David Hinds)";
5672 #define DEBUG(n, args...)
5675 { MANFID_OMEGA, PRODID_OMEGA_QSP_100, 4 },
5676 { MANFID_QUATECH, PRODID_QUATECH_DUAL_RS232, 2 },
5677 { MANFID_QUATECH, PRODID_QUATECH_DUAL_RS232_D1, 2 },
5678 + { MANFID_QUATECH, PRODID_QUATECH_DUAL_RS232_D2, 2 },
5679 { MANFID_QUATECH, PRODID_QUATECH_QUAD_RS232, 4 },
5680 { MANFID_QUATECH, PRODID_QUATECH_DUAL_RS422, 2 },
5681 { MANFID_QUATECH, PRODID_QUATECH_QUAD_RS422, 4 },
5683 client_reg_t client_reg;
5688 DEBUG(0, "serial_attach()\n");
5690 /* Create new serial device */
5692 link->release.function = &serial_release;
5693 link->release.data = (u_long)link;
5694 link->io.Attributes1 = IO_DATA_PATH_WIDTH_8;
5695 - link->io.NumPorts1 = 8;
5696 + link->io.Attributes2 = IO_DATA_PATH_WIDTH_8;
5697 link->irq.Attributes = IRQ_TYPE_EXCLUSIVE;
5698 link->irq.IRQInfo1 = IRQ_INFO2_VALID|IRQ_LEVEL_ID;
5699 if (irq_list[0] == -1)
5700 @@ -172,13 +173,12 @@
5701 for (i = 0; i < 4; i++)
5702 link->irq.IRQInfo2 |= 1 << irq_list[i];
5703 link->conf.Attributes = CONF_ENABLE_IRQ;
5704 - link->conf.Vcc = 50;
5706 link->conf.Attributes |= CONF_ENABLE_SPKR;
5707 link->conf.Status = CCSR_AUDIO_ENA;
5709 link->conf.IntType = INT_MEMORY_AND_IO;
5712 /* Register with Card Services */
5713 link->next = dev_list;
5716 serial_detach(link);
5722 } /* serial_attach */
5727 DEBUG(0, "serial_detach(0x%p)\n", link);
5730 /* Locate device structure */
5731 for (linkp = &dev_list; *linkp; linkp = &(*linkp)->next)
5732 if (*linkp == link) break;
5733 @@ -227,17 +227,17 @@
5734 del_timer(&link->release);
5735 if (link->state & DEV_CONFIG)
5736 serial_release((u_long)link);
5740 ret = CardServices(DeregisterClient, link->handle);
5741 if (ret != CS_SUCCESS)
5742 cs_error(link->handle, DeregisterClient, ret);
5746 /* Unlink device structure, free bits */
5747 *linkp = link->next;
5751 } /* serial_detach */
5753 /*====================================================================*/
5757 serial.flags = ASYNC_SKIP_TEST | ASYNC_SHARE_IRQ;
5759 + serial.flags |= ASYNC_BUGGY_UART;
5760 line = register_serial(&serial);
5762 printk(KERN_NOTICE "serial_cs: register_serial() at 0x%04lx,"
5765 info->node[info->ndev-1].next = &info->node[info->ndev];
5772 @@ -322,7 +324,10 @@
5773 return setup_serial(info, port, config.AssignedIRQ);
5775 link->conf.Vcc = config.Vcc;
5778 + link->io.NumPorts1 = 8;
5779 + link->io.NumPorts2 = 0;
5781 /* First pass: look for a config entry that looks normal. */
5782 tuple.TupleData = (cisdata_t *)buf;
5783 tuple.TupleOffset = 0; tuple.TupleDataMax = 255;
5785 i = next_tuple(handle, &tuple, &parse);
5790 /* Second pass: try to find an entry that isn't picky about
5791 its base address, then try to grab any standard serial port
5792 address, and finally try to get any free port. */
5794 for (j = 0; j < 5; j++) {
5795 link->io.BasePort1 = base[j];
5796 link->io.IOAddrLines = base[j] ? 16 : 3;
5797 - i = CardServices(RequestIO, link->handle,
5799 + i = CardServices(RequestIO, link->handle, &link->io);
5800 if (i == CS_SUCCESS) goto found_port;
5804 cs_error(link->handle, RequestIO, i);
5809 i = CardServices(RequestIRQ, link->handle, &link->irq);
5810 if (i != CS_SUCCESS) {
5811 cs_error(link->handle, RequestIRQ, i);
5812 @@ -399,8 +403,12 @@
5815 cistpl_cftable_entry_t *cf = &parse.cftable_entry;
5816 + config_info_t config;
5819 + CardServices(GetConfigurationInfo, handle, &config);
5820 + link->conf.Vcc = config.Vcc;
5822 tuple.TupleData = (cisdata_t *)buf;
5823 tuple.TupleOffset = 0; tuple.TupleDataMax = 255;
5824 tuple.Attributes = 0;
5825 @@ -442,12 +450,12 @@
5826 i = next_tuple(handle, &tuple, &parse);
5831 if (i != CS_SUCCESS) {
5832 - cs_error(link->handle, RequestIO, i);
5834 + /* At worst, try to configure as a single port */
5835 + return simple_config(link);
5839 i = CardServices(RequestIRQ, link->handle, &link->irq);
5840 if (i != CS_SUCCESS) {
5841 cs_error(link->handle, RequestIRQ, i);
5842 @@ -463,14 +471,27 @@
5843 cs_error(link->handle, RequestConfiguration, i);
5848 + /* The Oxford Semiconductor OXCF950 cards are in fact single-port:
5849 + 8 registers are for the UART, the others are extra registers */
5850 + if (info->manfid == MANFID_OXSEMI) {
5851 + if (cf->index == 1 || cf->index == 3) {
5852 + setup_serial(info, base2, link->irq.AssignedIRQ);
5853 + outb(12,link->io.BasePort1+1);
5855 + setup_serial(info, link->io.BasePort1, link->irq.AssignedIRQ);
5861 setup_serial(info, link->io.BasePort1, link->irq.AssignedIRQ);
5862 /* The Nokia cards are not really multiport cards */
5863 if (info->manfid == MANFID_NOKIA)
5865 for (i = 0; i < info->multi-1; i++)
5866 setup_serial(info, base2+(8*i), link->irq.AssignedIRQ);
5874 link->conf.ConfigBase = parse.config.base;
5875 link->conf.Present = parse.config.rmask[0];
5878 /* Configure card */
5879 link->state |= DEV_CONFIG;
5882 tuple.DesiredTuple = CISTPL_LONGLINK_MFC;
5883 tuple.Attributes = TUPLE_RETURN_COMMON | TUPLE_RETURN_LINK;
5884 info->multi = (first_tuple(handle, &tuple, &parse) == CS_SUCCESS);
5886 - /* Is this a multiport card? */
5888 + /* Scan list of known multiport card ID's */
5889 tuple.DesiredTuple = CISTPL_MANFID;
5890 if (first_tuple(handle, &tuple, &parse) == CS_SUCCESS) {
5891 info->manfid = le16_to_cpu(buf[0]);
5892 @@ -595,15 +616,15 @@
5898 if (info->multi > 1)
5901 simple_config(link);
5904 if (info->ndev == 0)
5908 if (info->manfid == MANFID_IBM) {
5909 conf_reg_t reg = { 0, CS_READ, 0x800, 0 };
5910 CS_CHECK(AccessConfigurationRegister, link->handle, ®);
5912 cs_error(link->handle, last_fn, last_ret);
5914 serial_release((u_long)link);
5915 + link->state &= ~DEV_CONFIG_PENDING;
5917 } /* serial_config */
5921 After a card is removed, serial_release() will unregister the net
5922 device, and release the PCMCIA configuration.
5925 ======================================================================*/
5927 void serial_release(u_long arg)
5929 dev_link_t *link = (dev_link_t *)arg;
5930 serial_info_t *info = link->priv;
5934 DEBUG(0, "serial_release(0x%p)\n", link);
5936 for (i = 0; i < info->ndev; i++) {
5938 CardServices(ReleaseIO, link->handle, &link->io);
5939 CardServices(ReleaseIRQ, link->handle, &link->irq);
5943 link->state &= ~DEV_CONFIG;
5945 } /* serial_release */
5947 stuff to run after an event is received. A CARD_REMOVAL event
5948 also sets some flags to discourage the serial drivers from
5949 talking to the ports.
5952 ======================================================================*/
5954 static int serial_event(event_t event, int priority,
5957 dev_link_t *link = args->client_data;
5958 serial_info_t *info = link->priv;
5961 DEBUG(1, "serial_event(0x%06x)\n", event);
5965 case CS_EVENT_CARD_REMOVAL:
5966 link->state &= ~DEV_PRESENT;
5968 if (serv.Revision != CS_RELEASE_CODE) {
5969 printk(KERN_NOTICE "serial_cs: Card Services release "
5970 "does not match!\n");
5974 register_pccard_driver(&dev_info, &serial_attach, &serial_detach);
5976 diff -Nur c3000_pre/linux/drivers/char/serial.c c3000_work/linux/drivers/char/serial.c
5977 --- c3000_pre/linux/drivers/char/serial.c 2004-08-21 09:48:26.000000000 +0900
5978 +++ c3000_work/linux/drivers/char/serial.c 2004-12-16 23:01:14.000000000 +0900
5979 @@ -961,10 +961,15 @@
5980 if (status & UART_LSR_DR)
5981 receive_chars(info, &status, regs);
5982 check_modem_status(info);
5983 +#ifdef CONFIG_MELAN
5984 if ((status & UART_LSR_THRE) ||
5985 /* for buggy ELAN processors */
5986 ((iir & UART_IIR_ID) == UART_IIR_THRI))
5987 transmit_chars(info, 0);
5989 + if (status & UART_LSR_THRE)
5990 + transmit_chars(info, 0);
5994 info = info->next_port;
5995 diff -Nur c3000_pre/linux/drivers/input/Config.in c3000_work/linux/drivers/input/Config.in
5996 --- c3000_pre/linux/drivers/input/Config.in 2004-08-21 09:48:34.000000000 +0900
5997 +++ c3000_work/linux/drivers/input/Config.in 2004-12-16 23:01:14.000000000 +0900
6000 dep_tristate ' Joystick support' CONFIG_INPUT_JOYDEV $CONFIG_INPUT
6001 dep_tristate ' Event interface support' CONFIG_INPUT_EVDEV $CONFIG_INPUT
6002 +dep_tristate ' User level driver support' CONFIG_INPUT_UINPUT $CONFIG_INPUT
6005 diff -Nur c3000_pre/linux/drivers/input/Makefile c3000_work/linux/drivers/input/Makefile
6006 --- c3000_pre/linux/drivers/input/Makefile 2004-08-21 09:48:34.000000000 +0900
6007 +++ c3000_work/linux/drivers/input/Makefile 2004-12-16 23:01:14.000000000 +0900
6009 obj-$(CONFIG_INPUT_MOUSEDEV) += mousedev.o
6010 obj-$(CONFIG_INPUT_JOYDEV) += joydev.o
6011 obj-$(CONFIG_INPUT_EVDEV) += evdev.o
6012 +obj-$(CONFIG_INPUT_UINPUT) += uinput.o
6014 # The global Rules.make.
6016 diff -Nur c3000_pre/linux/drivers/input/keybdev.c c3000_work/linux/drivers/input/keybdev.c
6017 --- c3000_pre/linux/drivers/input/keybdev.c 2004-08-21 09:48:34.000000000 +0900
6018 +++ c3000_work/linux/drivers/input/keybdev.c 2004-12-16 23:01:14.000000000 +0900
6019 @@ -166,16 +166,18 @@
6021 static struct input_handler keybdev_handler;
6023 +static unsigned int ledstate = 0xff;
6025 void keybdev_ledfunc(unsigned int led)
6027 struct input_handle *handle;
6029 - for (handle = keybdev_handler.handle; handle; handle = handle->hnext) {
6032 + for (handle = keybdev_handler.handle; handle; handle = handle->hnext) {
6033 input_event(handle->dev, EV_LED, LED_SCROLLL, !!(led & 0x01));
6034 input_event(handle->dev, EV_LED, LED_NUML, !!(led & 0x02));
6035 input_event(handle->dev, EV_LED, LED_CAPSL, !!(led & 0x04));
6040 @@ -214,6 +216,12 @@
6042 // printk(KERN_INFO "keybdev.c: Adding keyboard: input%d\n", dev->number);
6044 + if (ledstate != 0xff) {
6045 + input_event(dev, EV_LED, LED_SCROLLL, !!(ledstate & 0x01));
6046 + input_event(dev, EV_LED, LED_NUML, !!(ledstate & 0x02));
6047 + input_event(dev, EV_LED, LED_CAPSL, !!(ledstate & 0x04));
6053 diff -Nur c3000_pre/linux/drivers/input/uinput.c c3000_work/linux/drivers/input/uinput.c
6054 --- c3000_pre/linux/drivers/input/uinput.c 1970-01-01 09:00:00.000000000 +0900
6055 +++ c3000_work/linux/drivers/input/uinput.c 2004-12-16 23:01:14.000000000 +0900
6058 + * User level driver support for input subsystem
6060 + * Heavily based on evdev.c by Vojtech Pavlik
6062 + * This program is free software; you can redistribute it and/or modify
6063 + * it under the terms of the GNU General Public License as published by
6064 + * the Free Software Foundation; either version 2 of the License, or
6065 + * (at your option) any later version.
6067 + * This program is distributed in the hope that it will be useful,
6068 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
6069 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
6070 + * GNU General Public License for more details.
6072 + * You should have received a copy of the GNU General Public License
6073 + * along with this program; if not, write to the Free Software
6074 + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
6076 + * Author: Aristeu Sergio Rozanski Filho <aris@cathedrallabs.org>
6078 + * Changes/Revisions:
6080 + * - first public version
6083 +#include <linux/poll.h>
6084 +#include <linux/slab.h>
6085 +#include <linux/module.h>
6086 +#include <linux/init.h>
6087 +#include <linux/input.h>
6088 +#include <linux/smp_lock.h>
6089 +#include <linux/fs.h>
6090 +#include <linux/miscdevice.h>
6091 +#include <linux/uinput.h>
6093 +static int uinput_dev_open(struct input_dev *dev)
6098 +static void uinput_dev_close(struct input_dev *dev)
6102 +static int uinput_dev_event(struct input_dev *dev, unsigned int type, unsigned int code, int value)
6104 + struct uinput_device *udev;
6106 + udev = (struct uinput_device *)dev->private;
6108 + udev->buff[udev->head].type = type;
6109 + udev->buff[udev->head].code = code;
6110 + udev->buff[udev->head].value = value;
6111 + do_gettimeofday(&udev->buff[udev->head].time);
6112 + udev->head = (udev->head + 1) % UINPUT_BUFFER_SIZE;
6114 + wake_up_interruptible(&udev->waitq);
6119 +static int uinput_dev_upload_effect(struct input_dev *dev, struct ff_effect *effect)
6124 +static int uinput_dev_erase_effect(struct input_dev *dev, int effect_id)
6129 +static int uinput_create_device(struct uinput_device *udev)
6131 + if (!udev->dev->name) {
6132 + printk(KERN_DEBUG "%s: write device info first\n", UINPUT_NAME);
6136 + udev->dev->open = uinput_dev_open;
6137 + udev->dev->close = uinput_dev_close;
6138 + udev->dev->event = uinput_dev_event;
6139 + udev->dev->upload_effect = uinput_dev_upload_effect;
6140 + udev->dev->erase_effect = uinput_dev_erase_effect;
6141 + udev->dev->private = udev;
6143 + init_waitqueue_head(&(udev->waitq));
6145 + input_register_device(udev->dev);
6147 + set_bit(UIST_CREATED, &(udev->state));
6152 +static int uinput_destroy_device(struct uinput_device *udev)
6154 + if (!test_bit(UIST_CREATED, &(udev->state))) {
6155 + printk(KERN_WARNING "%s: create the device first\n", UINPUT_NAME);
6159 + input_unregister_device(udev->dev);
6161 + clear_bit(UIST_CREATED, &(udev->state));
6166 +static int uinput_open(struct inode *inode, struct file *file)
6168 + struct uinput_device *newdev;
6169 + struct input_dev *newinput;
6171 + newdev = kmalloc(sizeof(struct uinput_device), GFP_KERNEL);
6174 + memset(newdev, 0, sizeof(struct uinput_device));
6176 + newinput = kmalloc(sizeof(struct input_dev), GFP_KERNEL);
6179 + memset(newinput, 0, sizeof(struct input_dev));
6181 + newdev->dev = newinput;
6183 + file->private_data = newdev;
6192 +static int uinput_validate_absbits(struct input_dev *dev)
6197 + for (cnt = 0; cnt < ABS_MAX; cnt++) {
6198 + if (!test_bit(cnt, dev->absbit))
6201 + if (/*!dev->absmin[cnt] || !dev->absmax[cnt] || */
6202 + (dev->absmax[cnt] <= dev->absmin[cnt])) {
6204 + "%s: invalid abs[%02x] min:%d max:%d\n",
6206 + dev->absmin[cnt], dev->absmax[cnt]);
6211 + if ((dev->absflat[cnt] < dev->absmin[cnt]) ||
6212 + (dev->absflat[cnt] > dev->absmax[cnt])) {
6214 + "%s: absflat[%02x] out of range: %d "
6215 + "(min:%d/max:%d)\n",
6216 + UINPUT_NAME, cnt, dev->absflat[cnt],
6217 + dev->absmin[cnt], dev->absmax[cnt]);
6225 +static int uinput_alloc_device(struct file *file, const char *buffer, size_t count)
6227 + struct uinput_user_dev *user_dev;
6228 + struct input_dev *dev;
6229 + struct uinput_device *udev;
6235 + udev = (struct uinput_device *)file->private_data;
6238 + user_dev = kmalloc(sizeof(*user_dev), GFP_KERNEL);
6244 + if (copy_from_user(user_dev, buffer, sizeof(struct uinput_user_dev))) {
6249 + if (NULL != dev->name)
6252 + size = strnlen(user_dev->name, UINPUT_MAX_NAME_SIZE) + 1;
6253 + dev->name = kmalloc(size, GFP_KERNEL);
6259 + strncpy(dev->name, user_dev->name, size);
6260 + dev->idbus = user_dev->idbus;
6261 + dev->idvendor = user_dev->idvendor;
6262 + dev->idproduct = user_dev->idproduct;
6263 + dev->idversion = user_dev->idversion;
6264 + dev->ff_effects_max = user_dev->ff_effects_max;
6266 + size = sizeof(int) * (ABS_MAX + 1);
6267 + memcpy(dev->absmax, user_dev->absmax, size);
6268 + memcpy(dev->absmin, user_dev->absmin, size);
6269 + memcpy(dev->absfuzz, user_dev->absfuzz, size);
6270 + memcpy(dev->absflat, user_dev->absflat, size);
6272 + /* check if absmin/absmax/absfuzz/absflat are filled as
6273 + * told in Documentation/input/input-programming.txt */
6274 + if (test_bit(EV_ABS, dev->evbit)) {
6275 + retval = uinput_validate_absbits(dev);
6285 +static ssize_t uinput_write(struct file *file, const char *buffer, size_t count, loff_t *ppos)
6287 + struct uinput_device *udev = file->private_data;
6289 + if (test_bit(UIST_CREATED, &(udev->state))) {
6290 + struct input_event ev;
6292 + if (copy_from_user(&ev, buffer, sizeof(struct input_event)))
6294 + input_event(udev->dev, ev.type, ev.code, ev.value);
6297 + count = uinput_alloc_device(file, buffer, count);
6302 +static ssize_t uinput_read(struct file *file, char *buffer, size_t count, loff_t *ppos)
6304 + struct uinput_device *udev = file->private_data;
6307 + if (!test_bit(UIST_CREATED, &(udev->state)))
6310 + if ((udev->head == udev->tail) && (file->f_flags & O_NONBLOCK))
6313 + retval = wait_event_interruptible(udev->waitq,
6314 + (udev->head != udev->tail) ||
6315 + !test_bit(UIST_CREATED, &(udev->state)));
6320 + if (!test_bit(UIST_CREATED, &(udev->state)))
6323 + while ((udev->head != udev->tail) &&
6324 + (retval + sizeof(struct input_event) <= count)) {
6325 + if (copy_to_user(buffer + retval, &(udev->buff[udev->tail]),
6326 + sizeof(struct input_event))) return -EFAULT;
6327 + udev->tail = (udev->tail + 1) % UINPUT_BUFFER_SIZE;
6328 + retval += sizeof(struct input_event);
6334 +static unsigned int uinput_poll(struct file *file, poll_table *wait)
6336 + struct uinput_device *udev = file->private_data;
6338 + poll_wait(file, &udev->waitq, wait);
6340 + if (udev->head != udev->tail)
6341 + return POLLIN | POLLRDNORM;
6346 +static int uinput_burn_device(struct uinput_device *udev)
6348 + if (test_bit(UIST_CREATED, &(udev->state)))
6349 + uinput_destroy_device(udev);
6357 +static int uinput_close(struct inode *inode, struct file *file)
6359 + return uinput_burn_device((struct uinput_device *)file->private_data);
6362 +static int uinput_ioctl(struct inode *inode, struct file *file, unsigned int cmd, unsigned long arg)
6365 + struct uinput_device *udev;
6367 + udev = (struct uinput_device *)file->private_data;
6369 + /* device attributes can not be changed after the device is created */
6370 + if (cmd >= UI_SET_EVBIT && test_bit(UIST_CREATED, &(udev->state)))
6374 + case UI_DEV_CREATE:
6375 + retval = uinput_create_device(udev);
6378 + case UI_DEV_DESTROY:
6379 + retval = uinput_destroy_device(udev);
6382 + case UI_SET_EVBIT:
6383 + if (arg > EV_MAX) {
6387 + set_bit(arg, udev->dev->evbit);
6390 + case UI_SET_KEYBIT:
6391 + if (arg > KEY_MAX) {
6395 + set_bit(arg, udev->dev->keybit);
6398 + case UI_SET_RELBIT:
6399 + if (arg > REL_MAX) {
6403 + set_bit(arg, udev->dev->relbit);
6406 + case UI_SET_ABSBIT:
6407 + if (arg > ABS_MAX) {
6411 + set_bit(arg, udev->dev->absbit);
6414 + case UI_SET_MSCBIT:
6415 + if (arg > MSC_MAX) {
6419 + set_bit(arg, udev->dev->mscbit);
6422 + case UI_SET_LEDBIT:
6423 + if (arg > LED_MAX) {
6427 + set_bit(arg, udev->dev->ledbit);
6430 + case UI_SET_SNDBIT:
6431 + if (arg > SND_MAX) {
6435 + set_bit(arg, udev->dev->sndbit);
6438 + case UI_SET_FFBIT:
6439 + if (arg > FF_MAX) {
6443 + set_bit(arg, udev->dev->ffbit);
6452 +struct file_operations uinput_fops = {
6453 + owner: THIS_MODULE,
6454 + open: uinput_open,
6455 + release: uinput_close,
6456 + read: uinput_read,
6457 + write: uinput_write,
6458 + poll: uinput_poll,
6459 + ioctl: uinput_ioctl,
6462 +static struct miscdevice uinput_misc = {
6463 + fops: &uinput_fops,
6464 + minor: UINPUT_MINOR,
6465 + name: UINPUT_NAME,
6468 +static int __init uinput_init(void)
6470 + return misc_register(&uinput_misc);
6473 +static void __exit uinput_exit(void)
6475 + misc_deregister(&uinput_misc);
6478 +MODULE_AUTHOR("Aristeu Sergio Rozanski Filho");
6479 +MODULE_DESCRIPTION("User level driver support for input subsystem");
6480 +MODULE_LICENSE("GPL");
6482 +module_init(uinput_init);
6483 +module_exit(uinput_exit);
6485 diff -Nur c3000_pre/linux/drivers/isdn/avmb1/capidrv.c c3000_work/linux/drivers/isdn/avmb1/capidrv.c
6486 --- c3000_pre/linux/drivers/isdn/avmb1/capidrv.c 2004-08-21 09:48:34.000000000 +0900
6487 +++ c3000_work/linux/drivers/isdn/avmb1/capidrv.c 2004-12-16 23:01:14.000000000 +0900
6488 @@ -514,13 +514,25 @@
6490 static void send_message(capidrv_contr * card, _cmsg * cmsg)
6492 - struct sk_buff *skb;
6494 + struct sk_buff *skb;
6498 capi_cmsg2message(cmsg, cmsg->buf);
6499 len = CAPIMSG_LEN(cmsg->buf);
6500 skb = alloc_skb(len, GFP_ATOMIC);
6502 + printk(KERN_ERR "no skb len(%d) memory\n", len);
6505 memcpy(skb_put(skb, len), cmsg->buf, len);
6506 - (*capifuncs->capi_put_message) (global.appid, skb);
6507 + err = (*capifuncs->capi_put_message) (global.appid, skb);
6509 + printk(KERN_WARNING "%s: capi_put_message error: %04x\n",
6510 + __FUNCTION__, err);
6514 global.nsentctlpkt++;
6517 @@ -2179,10 +2191,10 @@
6518 free_ncci(card, card->bchans[card->nbchan-1].nccip);
6519 if (card->bchans[card->nbchan-1].plcip)
6520 free_plci(card, card->bchans[card->nbchan-1].plcip);
6521 - if (card->plci_list)
6522 - printk(KERN_ERR "capidrv: bug in free_plci()\n");
6525 + if (card->plci_list)
6526 + printk(KERN_ERR "capidrv: bug in free_plci()\n");
6527 kfree(card->bchans);
6530 diff -Nur c3000_pre/linux/drivers/isdn/avmb1/kcapi.c c3000_work/linux/drivers/isdn/avmb1/kcapi.c
6531 --- c3000_pre/linux/drivers/isdn/avmb1/kcapi.c 2004-08-21 09:48:34.000000000 +0900
6532 +++ c3000_work/linux/drivers/isdn/avmb1/kcapi.c 2004-12-16 23:01:14.000000000 +0900
6533 @@ -545,7 +545,13 @@
6534 static void notify_up(__u32 contr)
6536 struct capi_interface_user *p;
6539 + for (appl = 1; appl <= CAPI_MAXAPPL; appl++) {
6540 + if (!VALID_APPLID(appl)) continue;
6541 + if (APPL(appl)->releasing) continue;
6542 + CARD(contr)->driver->register_appl(CARD(contr), appl, &APPL(appl)->rparam);
6544 printk(KERN_NOTICE "kcapi: notify up contr %d\n", contr);
6545 spin_lock(&capi_users_lock);
6546 for (p = capi_users; p; p = p->next) {
6547 @@ -705,12 +711,16 @@
6548 nextpp = &(*pp)->next;
6551 - APPL(appl)->releasing--;
6552 - if (APPL(appl)->releasing <= 0) {
6553 - APPL(appl)->signal = 0;
6554 - APPL_MARK_FREE(appl);
6555 - printk(KERN_INFO "kcapi: appl %d down\n", appl);
6557 + if (APPL(appl)->releasing) { /* only release if the application was marked for release */
6558 + printk(KERN_DEBUG "kcapi: appl %d releasing(%d)\n", appl, APPL(appl)->releasing);
6559 + APPL(appl)->releasing--;
6560 + if (APPL(appl)->releasing <= 0) {
6561 + APPL(appl)->signal = 0;
6562 + APPL_MARK_FREE(appl);
6563 + printk(KERN_INFO "kcapi: appl %d down\n", appl);
6566 + printk(KERN_WARNING "kcapi: appl %d card%d released without request\n", appl, card->cnr);
6570 @@ -863,16 +873,7 @@
6572 static void controllercb_ready(struct capi_ctr * card)
6576 card->cardstate = CARD_RUNNING;
6578 - for (appl = 1; appl <= CAPI_MAXAPPL; appl++) {
6579 - if (!VALID_APPLID(appl)) continue;
6580 - if (APPL(appl)->releasing) continue;
6581 - card->driver->register_appl(card, appl, &APPL(appl)->rparam);
6584 printk(KERN_NOTICE "kcapi: card %d \"%s\" ready.\n",
6585 CARDNR(card), card->name);
6587 diff -Nur c3000_pre/linux/drivers/usb/Config.in c3000_work/linux/drivers/usb/Config.in
6588 --- c3000_pre/linux/drivers/usb/Config.in 2004-08-21 09:48:56.000000000 +0900
6589 +++ c3000_work/linux/drivers/usb/Config.in 2004-12-16 23:01:14.000000000 +0900
6591 comment 'USB Device Class drivers'
6592 dep_tristate ' USB Audio support' CONFIG_USB_AUDIO $CONFIG_USB $CONFIG_SOUND
6593 dep_tristate ' EMI 2|6 USB Audio interface support' CONFIG_USB_EMI26 $CONFIG_USB_AUDIO
6594 - dep_tristate ' USB Bluetooth support (EXPERIMENTAL)' CONFIG_USB_BLUETOOTH $CONFIG_USB $CONFIG_EXPERIMENTAL
6595 + if [ "$CONFIG_EXPERIMENTAL" = "y" ]; then
6596 + if [ "$CONFIG_BLUEZ" = "n" ]; then
6597 + dep_tristate ' USB Bluetooth support (EXPERIMENTAL)' CONFIG_USB_BLUETOOTH $CONFIG_USB
6599 + comment ' USB Bluetooth can only be used with disabled Bluetooth subsystem'
6602 dep_tristate ' USB MIDI support' CONFIG_USB_MIDI $CONFIG_USB
6603 if [ "$CONFIG_SCSI" = "n" ]; then
6604 comment ' SCSI support is needed for USB Storage'
6605 diff -Nur c3000_pre/linux/drivers/usb/hid-core.c c3000_work/linux/drivers/usb/hid-core.c
6606 --- c3000_pre/linux/drivers/usb/hid-core.c 2004-08-21 09:48:57.000000000 +0900
6607 +++ c3000_work/linux/drivers/usb/hid-core.c 2004-12-16 23:01:14.000000000 +0900
6610 offset = report->size;
6611 report->size += parser->global.report_size * parser->global.report_count;
6612 + if (usages < parser->global.report_count)
6613 + usages = parser->global.report_count;
6616 return 0; /* ignore padding fields */
6617 diff -Nur c3000_pre/linux/include/linux/firmware.h c3000_work/linux/include/linux/firmware.h
6618 --- c3000_pre/linux/include/linux/firmware.h 1970-01-01 09:00:00.000000000 +0900
6619 +++ c3000_work/linux/include/linux/firmware.h 2004-12-16 23:01:14.000000000 +0900
6621 +#ifndef _LINUX_FIRMWARE_H
6622 +#define _LINUX_FIRMWARE_H
6623 +#include <linux/module.h>
6624 +#include <linux/types.h>
6625 +#define FIRMWARE_NAME_MAX 30
6630 +int request_firmware (const struct firmware **fw, const char *name,
6631 + const char *device);
6632 +int request_firmware_nowait (
6633 + struct module *module,
6634 + const char *name, const char *device, void *context,
6635 + void (*cont)(const struct firmware *fw, void *context));
6636 +/* On 2.5 'device' is 'struct device *' */
6638 +void release_firmware (const struct firmware *fw);
6639 +void register_firmware (const char *name, const u8 *data, size_t size);
6641 diff -Nur c3000_pre/linux/include/linux/input.h c3000_work/linux/include/linux/input.h
6642 --- c3000_pre/linux/include/linux/input.h 2004-08-21 09:49:13.000000000 +0900
6643 +++ c3000_work/linux/include/linux/input.h 2004-12-16 23:01:14.000000000 +0900
6645 #define BUS_PCI 0x01
6646 #define BUS_ISAPNP 0x02
6647 #define BUS_USB 0x03
6648 -#define BUS_HIL 0x04
6649 +#define BUS_HIL 0x04
6650 +#define BUS_BLUETOOTH 0x05
6652 #define BUS_ISA 0x10
6653 #define BUS_I8042 0x11
6654 diff -Nur c3000_pre/linux/include/linux/net.h c3000_work/linux/include/linux/net.h
6655 --- c3000_pre/linux/include/linux/net.h 2004-08-21 09:49:13.000000000 +0900
6656 +++ c3000_work/linux/include/linux/net.h 2004-12-16 23:01:14.000000000 +0900
6658 extern int sock_recvmsg(struct socket *, struct msghdr *m, int len, int flags);
6659 extern int sock_readv_writev(int type, struct inode * inode, struct file * file,
6660 const struct iovec * iov, long count, long size);
6661 +extern struct socket *sockfd_lookup(int fd, int *err);
6663 extern int net_ratelimit(void);
6664 extern unsigned long net_random(void);
6665 diff -Nur c3000_pre/linux/include/linux/uinput.h c3000_work/linux/include/linux/uinput.h
6666 --- c3000_pre/linux/include/linux/uinput.h 1970-01-01 09:00:00.000000000 +0900
6667 +++ c3000_work/linux/include/linux/uinput.h 2004-12-16 23:01:14.000000000 +0900
6670 + * User level driver support for input subsystem
6672 + * Heavily based on evdev.c by Vojtech Pavlik
6674 + * This program is free software; you can redistribute it and/or modify
6675 + * it under the terms of the GNU General Public License as published by
6676 + * the Free Software Foundation; either version 2 of the License, or
6677 + * (at your option) any later version.
6679 + * This program is distributed in the hope that it will be useful,
6680 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
6681 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
6682 + * GNU General Public License for more details.
6684 + * You should have received a copy of the GNU General Public License
6685 + * along with this program; if not, write to the Free Software
6686 + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
6688 + * Author: Aristeu Sergio Rozanski Filho <aris@cathedrallabs.org>
6690 + * Changes/Revisions:
6692 + * - first public version
6695 +#ifndef __UINPUT_H_
6696 +#define __UINPUT_H_
6699 +#define UINPUT_MINOR 223
6700 +#define UINPUT_NAME "uinput"
6701 +#define UINPUT_BUFFER_SIZE 16
6703 +/* state flags => bit index for {set|clear|test}_bit ops */
6704 +#define UIST_CREATED 0
6706 +struct uinput_device {
6707 + struct input_dev *dev;
6708 + unsigned long state;
6709 + wait_queue_head_t waitq;
6710 + unsigned char ready,
6713 + struct input_event buff[UINPUT_BUFFER_SIZE];
6715 +#endif /* __KERNEL__ */
6718 +#define UINPUT_IOCTL_BASE 'U'
6719 +#define UI_DEV_CREATE _IO(UINPUT_IOCTL_BASE, 1)
6720 +#define UI_DEV_DESTROY _IO(UINPUT_IOCTL_BASE, 2)
6721 +#define UI_SET_EVBIT _IOW(UINPUT_IOCTL_BASE, 100, int)
6722 +#define UI_SET_KEYBIT _IOW(UINPUT_IOCTL_BASE, 101, int)
6723 +#define UI_SET_RELBIT _IOW(UINPUT_IOCTL_BASE, 102, int)
6724 +#define UI_SET_ABSBIT _IOW(UINPUT_IOCTL_BASE, 103, int)
6725 +#define UI_SET_MSCBIT _IOW(UINPUT_IOCTL_BASE, 104, int)
6726 +#define UI_SET_LEDBIT _IOW(UINPUT_IOCTL_BASE, 105, int)
6727 +#define UI_SET_SNDBIT _IOW(UINPUT_IOCTL_BASE, 106, int)
6728 +#define UI_SET_FFBIT _IOW(UINPUT_IOCTL_BASE, 107, int)
6731 +#define NBITS(x) ((((x)-1)/(sizeof(long)*8))+1)
6734 +#define UINPUT_MAX_NAME_SIZE 80
6735 +struct uinput_user_dev {
6736 + char name[UINPUT_MAX_NAME_SIZE];
6737 + unsigned short idbus;
6738 + unsigned short idvendor;
6739 + unsigned short idproduct;
6740 + unsigned short idversion;
6741 + int ff_effects_max;
6742 + int absmax[ABS_MAX + 1];
6743 + int absmin[ABS_MAX + 1];
6744 + int absfuzz[ABS_MAX + 1];
6745 + int absflat[ABS_MAX + 1];
6747 +#endif /* __UINPUT_H_ */
6748 diff -Nur c3000_pre/linux/include/net/bluetooth/bluetooth.h c3000_work/linux/include/net/bluetooth/bluetooth.h
6749 --- c3000_pre/linux/include/net/bluetooth/bluetooth.h 2004-08-21 09:49:13.000000000 +0900
6750 +++ c3000_work/linux/include/net/bluetooth/bluetooth.h 2004-12-16 23:01:14.000000000 +0900
6752 #define BTPROTO_SCO 2
6753 #define BTPROTO_RFCOMM 3
6754 #define BTPROTO_BNEP 4
6755 +#define BTPROTO_CMTP 5
6756 +#define BTPROTO_HIDP 6
6761 void bluez_sock_unlink(struct bluez_sock_list *l, struct sock *s);
6762 int bluez_sock_recvmsg(struct socket *sock, struct msghdr *msg, int len, int flags, struct scm_cookie *scm);
6763 uint bluez_sock_poll(struct file * file, struct socket *sock, poll_table *wait);
6764 -int bluez_sock_w4_connect(struct sock *sk, int flags);
6765 +int bluez_sock_wait_state(struct sock *sk, int state, unsigned long timeo);
6767 void bluez_accept_enqueue(struct sock *parent, struct sock *sk);
6768 struct sock * bluez_accept_dequeue(struct sock *parent, struct socket *newsock);
6769 diff -Nur c3000_pre/linux/include/net/bluetooth/hci.h c3000_work/linux/include/net/bluetooth/hci.h
6770 --- c3000_pre/linux/include/net/bluetooth/hci.h 2004-08-21 09:49:13.000000000 +0900
6771 +++ c3000_work/linux/include/net/bluetooth/hci.h 2004-12-16 23:01:14.000000000 +0900
6773 #define HCI_DEV_UNREG 2
6774 #define HCI_DEV_UP 3
6775 #define HCI_DEV_DOWN 4
6776 +#define HCI_DEV_SUSPEND 5
6777 +#define HCI_DEV_RESUME 6
6779 /* HCI device types */
6782 #define HCI_PCCARD 2
6787 +/* HCI device quirks */
6789 + HCI_QUIRK_RESET_ON_INIT
6792 /* HCI device flags */
6795 #define HCI_LM_AUTH 0x0002
6796 #define HCI_LM_ENCRYPT 0x0004
6797 #define HCI_LM_TRUSTED 0x0008
6798 +#define HCI_LM_RELIABLE 0x0010
6800 /* ----- HCI Commands ----- */
6801 /* OGF & OCF values */
6803 } __attribute__ ((packed)) status_bdaddr_rp;
6804 #define STATUS_BDADDR_RP_SIZE 7
6806 +#define OCF_INQUIRY_CANCEL 0x0002
6808 #define OCF_LINK_KEY_REPLY 0x000B
6809 #define OCF_LINK_KEY_NEG_REPLY 0x000C
6811 @@ -436,6 +447,12 @@
6813 #define OGF_STATUS_PARAM 0x05
6815 +/* Testing commands */
6816 +#define OGF_TESTING_CMD 0x3e
6818 +/* Vendor specific commands */
6819 +#define OGF_VENDOR_CMD 0x3f
6821 /* ---- HCI Events ---- */
6822 #define EVT_INQUIRY_COMPLETE 0x01
6824 @@ -450,6 +467,17 @@
6825 } __attribute__ ((packed)) inquiry_info;
6826 #define INQUIRY_INFO_SIZE 14
6828 +#define EVT_INQUIRY_RESULT_WITH_RSSI 0x22
6831 + __u8 pscan_rep_mode;
6832 + __u8 pscan_period_mode;
6833 + __u8 dev_class[3];
6834 + __u16 clock_offset;
6836 +} __attribute__ ((packed)) inquiry_info_with_rssi;
6837 +#define INQUIRY_INFO_WITH_RSSI_SIZE 14
6839 #define EVT_CONN_COMPLETE 0x03
6845 } __attribute__ ((packed)) evt_role_change;
6846 -#define EVT_ROLE_CHANGE_SIZE 1
6847 +#define EVT_ROLE_CHANGE_SIZE 8
6849 #define EVT_PIN_CODE_REQ 0x16
6851 diff -Nur c3000_pre/linux/include/net/bluetooth/hci_core.h c3000_work/linux/include/net/bluetooth/hci_core.h
6852 --- c3000_pre/linux/include/net/bluetooth/hci_core.h 2004-08-21 09:49:13.000000000 +0900
6853 +++ c3000_work/linux/include/net/bluetooth/hci_core.h 2004-12-16 23:01:14.000000000 +0900
6860 + unsigned long quirks;
6863 unsigned int acl_cnt;
6864 unsigned int sco_cnt;
6865 @@ -167,6 +169,12 @@
6869 +static inline int inquiry_cache_empty(struct hci_dev *hdev)
6871 + struct inquiry_cache *c = &hdev->inq_cache;
6872 + return (c->list == NULL);
6875 static inline long inquiry_cache_age(struct hci_dev *hdev)
6877 struct inquiry_cache *c = &hdev->inq_cache;
6878 @@ -281,8 +289,14 @@
6880 static inline void hci_conn_put(struct hci_conn *conn)
6882 - if (atomic_dec_and_test(&conn->refcnt) && conn->out)
6883 - hci_conn_set_timer(conn, HCI_DISCONN_TIMEOUT);
6884 + if (atomic_dec_and_test(&conn->refcnt)) {
6885 + if (conn->type == ACL_LINK) {
6886 + unsigned long timeo = (conn->out) ?
6887 + HCI_DISCONN_TIMEOUT : HCI_DISCONN_TIMEOUT * 2;
6888 + hci_conn_set_timer(conn, timeo);
6890 + hci_conn_set_timer(conn, HZ / 100);
6894 /* ----- HCI Devices ----- */
6896 struct hci_dev *hci_get_route(bdaddr_t *src, bdaddr_t *dst);
6897 int hci_register_dev(struct hci_dev *hdev);
6898 int hci_unregister_dev(struct hci_dev *hdev);
6899 +int hci_suspend_dev(struct hci_dev *hdev);
6900 +int hci_resume_dev(struct hci_dev *hdev);
6901 int hci_dev_open(__u16 dev);
6902 int hci_dev_close(__u16 dev);
6903 int hci_dev_reset(__u16 dev);
6905 int hci_send_cmd(struct hci_dev *hdev, __u16 ogf, __u16 ocf, __u32 plen, void *param);
6906 int hci_send_acl(struct hci_conn *conn, struct sk_buff *skb, __u16 flags);
6907 int hci_send_sco(struct hci_conn *conn, struct sk_buff *skb);
6908 -int hci_send_raw(struct sk_buff *skb);
6910 void *hci_sent_cmd_data(struct hci_dev *hdev, __u16 ogf, __u16 ocf);
6915 /* HCI security filter */
6916 -#define HCI_SFLT_MAX_OGF 4
6917 +#define HCI_SFLT_MAX_OGF 5
6919 struct hci_sec_filter {
6922 __u32 ocf_mask[HCI_SFLT_MAX_OGF + 1][4];
6926 /* ----- HCI requests ----- */
6927 #define HCI_REQ_DONE 0
6928 #define HCI_REQ_PEND 1
6929 diff -Nur c3000_pre/linux/include/net/bluetooth/l2cap.h c3000_work/linux/include/net/bluetooth/l2cap.h
6930 --- c3000_pre/linux/include/net/bluetooth/l2cap.h 2004-08-21 09:49:13.000000000 +0900
6931 +++ c3000_work/linux/include/net/bluetooth/l2cap.h 2004-12-16 23:01:14.000000000 +0900
6933 #define L2CAP_LM_AUTH 0x0002
6934 #define L2CAP_LM_ENCRYPT 0x0004
6935 #define L2CAP_LM_TRUSTED 0x0008
6936 +#define L2CAP_LM_RELIABLE 0x0010
6938 #define L2CAP_QOS 0x04
6940 @@ -189,6 +190,14 @@
6941 } __attribute__ ((packed)) l2cap_info_rsp;
6942 #define L2CAP_INFO_RSP_SIZE 4
6945 +#define L2CAP_IT_CL_MTU 0x0001
6946 +#define L2CAP_IT_FEAT_MASK 0x0002
6949 +#define L2CAP_IR_SUCCESS 0x0000
6950 +#define L2CAP_IR_NOTSUPP 0x0001
6952 /* ----- L2CAP connections ----- */
6953 struct l2cap_chan_list {
6963 @@ -238,8 +248,11 @@
6964 struct sock *prev_c;
6967 -#define CONF_REQ_SENT 0x01
6968 -#define CONF_INPUT_DONE 0x02
6969 -#define CONF_OUTPUT_DONE 0x04
6970 +#define L2CAP_CONF_REQ_SENT 0x01
6971 +#define L2CAP_CONF_INPUT_DONE 0x02
6972 +#define L2CAP_CONF_OUTPUT_DONE 0x04
6973 +#define L2CAP_CONF_MAX_RETRIES 2
6975 +void l2cap_load(void);
6977 #endif /* __L2CAP_H */
6978 diff -Nur c3000_pre/linux/include/net/bluetooth/rfcomm.h c3000_work/linux/include/net/bluetooth/rfcomm.h
6979 --- c3000_pre/linux/include/net/bluetooth/rfcomm.h 1970-01-01 09:00:00.000000000 +0900
6980 +++ c3000_work/linux/include/net/bluetooth/rfcomm.h 2004-12-16 23:01:14.000000000 +0900
6983 + RFCOMM implementation for Linux Bluetooth stack (BlueZ).
6984 + Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com>
6985 + Copyright (C) 2002 Marcel Holtmann <marcel@holtmann.org>
6987 + This program is free software; you can redistribute it and/or modify
6988 + it under the terms of the GNU General Public License version 2 as
6989 + published by the Free Software Foundation;
6991 + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
6992 + OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
6993 + FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
6994 + IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
6995 + CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
6996 + WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
6997 + ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
6998 + OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
7000 + ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
7001 + COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
7002 + SOFTWARE IS DISCLAIMED.
7006 + RPN support - Dirk Husemann <hud@zurich.ibm.com>
7010 + * $Id: rfcomm.h,v 1.31 2002/10/18 20:12:11 maxk Exp $
7016 +#define RFCOMM_PSM 3
7018 +#define RFCOMM_CONN_TIMEOUT (HZ * 30)
7019 +#define RFCOMM_DISC_TIMEOUT (HZ * 20)
7021 +#define RFCOMM_DEFAULT_MTU 127
7022 +#define RFCOMM_DEFAULT_CREDITS 7
7024 +#define RFCOMM_MAX_L2CAP_MTU 1024
7025 +#define RFCOMM_MAX_CREDITS 40
7027 +#define RFCOMM_SKB_HEAD_RESERVE 8
7028 +#define RFCOMM_SKB_TAIL_RESERVE 2
7029 +#define RFCOMM_SKB_RESERVE (RFCOMM_SKB_HEAD_RESERVE + RFCOMM_SKB_TAIL_RESERVE)
7031 +#define RFCOMM_SABM 0x2f
7032 +#define RFCOMM_DISC 0x43
7033 +#define RFCOMM_UA 0x63
7034 +#define RFCOMM_DM 0x0f
7035 +#define RFCOMM_UIH 0xef
7037 +#define RFCOMM_TEST 0x08
7038 +#define RFCOMM_FCON 0x28
7039 +#define RFCOMM_FCOFF 0x18
7040 +#define RFCOMM_MSC 0x38
7041 +#define RFCOMM_RPN 0x24
7042 +#define RFCOMM_RLS 0x14
7043 +#define RFCOMM_PN 0x20
7044 +#define RFCOMM_NSC 0x04
7046 +#define RFCOMM_V24_FC 0x02
7047 +#define RFCOMM_V24_RTC 0x04
7048 +#define RFCOMM_V24_RTR 0x08
7049 +#define RFCOMM_V24_IC 0x40
7050 +#define RFCOMM_V24_DV 0x80
7052 +#define RFCOMM_RPN_BR_2400 0x0
7053 +#define RFCOMM_RPN_BR_4800 0x1
7054 +#define RFCOMM_RPN_BR_7200 0x2
7055 +#define RFCOMM_RPN_BR_9600 0x3
7056 +#define RFCOMM_RPN_BR_19200 0x4
7057 +#define RFCOMM_RPN_BR_38400 0x5
7058 +#define RFCOMM_RPN_BR_57600 0x6
7059 +#define RFCOMM_RPN_BR_115200 0x7
7060 +#define RFCOMM_RPN_BR_230400 0x8
7062 +#define RFCOMM_RPN_DATA_5 0x0
7063 +#define RFCOMM_RPN_DATA_6 0x1
7064 +#define RFCOMM_RPN_DATA_7 0x2
7065 +#define RFCOMM_RPN_DATA_8 0x3
7067 +#define RFCOMM_RPN_STOP_1 0
7068 +#define RFCOMM_RPN_STOP_15 1
7070 +#define RFCOMM_RPN_PARITY_NONE 0x0
7071 +#define RFCOMM_RPN_PARITY_ODD 0x4
7072 +#define RFCOMM_RPN_PARITY_EVEN 0x5
7073 +#define RFCOMM_RPN_PARITY_MARK 0x6
7074 +#define RFCOMM_RPN_PARITY_SPACE 0x7
7076 +#define RFCOMM_RPN_FLOW_NONE 0x00
7078 +#define RFCOMM_RPN_XON_CHAR 0x11
7079 +#define RFCOMM_RPN_XOFF_CHAR 0x13
7081 +#define RFCOMM_RPN_PM_BITRATE 0x0001
7082 +#define RFCOMM_RPN_PM_DATA 0x0002
7083 +#define RFCOMM_RPN_PM_STOP 0x0004
7084 +#define RFCOMM_RPN_PM_PARITY 0x0008
7085 +#define RFCOMM_RPN_PM_PARITY_TYPE 0x0010
7086 +#define RFCOMM_RPN_PM_XON 0x0020
7087 +#define RFCOMM_RPN_PM_XOFF 0x0040
7088 +#define RFCOMM_RPN_PM_FLOW 0x3F00
7090 +#define RFCOMM_RPN_PM_ALL 0x3F7F
7092 +struct rfcomm_hdr {
7095 + u8 len; // Actual size can be 2 bytes
7096 +} __attribute__ ((packed));
7098 +struct rfcomm_cmd {
7103 +} __attribute__ ((packed));
7105 +struct rfcomm_mcc {
7108 +} __attribute__ ((packed));
7118 +} __attribute__ ((packed));
7120 +struct rfcomm_rpn {
7128 +} __attribute__ ((packed));
7130 +struct rfcomm_rls {
7133 +} __attribute__ ((packed));
7135 +struct rfcomm_msc {
7138 +} __attribute__ ((packed));
7140 +/* ---- Core structures, flags etc ---- */
7142 +struct rfcomm_session {
7143 + struct list_head list;
7144 + struct socket *sock;
7145 + unsigned long state;
7146 + unsigned long flags;
7150 + /* Default DLC parameters */
7154 + struct list_head dlcs;
7157 +struct rfcomm_dlc {
7158 + struct list_head list;
7159 + struct rfcomm_session *session;
7160 + struct sk_buff_head tx_queue;
7161 + struct timer_list timer;
7164 + unsigned long state;
7165 + unsigned long flags;
7180 + void (*data_ready)(struct rfcomm_dlc *d, struct sk_buff *skb);
7181 + void (*state_change)(struct rfcomm_dlc *d, int err);
7182 + void (*modem_status)(struct rfcomm_dlc *d, u8 v24_sig);
7185 +/* DLC and session flags */
7186 +#define RFCOMM_RX_THROTTLED 0
7187 +#define RFCOMM_TX_THROTTLED 1
7188 +#define RFCOMM_MSC_PENDING 2
7189 +#define RFCOMM_TIMED_OUT 3
7191 +/* Scheduling flags and events */
7192 +#define RFCOMM_SCHED_STATE 0
7193 +#define RFCOMM_SCHED_RX 1
7194 +#define RFCOMM_SCHED_TX 2
7195 +#define RFCOMM_SCHED_TIMEO 3
7196 +#define RFCOMM_SCHED_WAKEUP 31
7198 +/* MSC exchange flags */
7199 +#define RFCOMM_MSCEX_TX 1
7200 +#define RFCOMM_MSCEX_RX 2
7201 +#define RFCOMM_MSCEX_OK (RFCOMM_MSCEX_TX + RFCOMM_MSCEX_RX)
7204 +#define RFCOMM_CFC_UNKNOWN -1
7205 +#define RFCOMM_CFC_DISABLED 0
7206 +#define RFCOMM_CFC_ENABLED RFCOMM_MAX_CREDITS
7208 +extern struct task_struct *rfcomm_thread;
7209 +extern unsigned long rfcomm_event;
7211 +static inline void rfcomm_schedule(uint event)
7213 + if (!rfcomm_thread)
7215 + set_bit(RFCOMM_SCHED_WAKEUP, &rfcomm_event);
7216 + wake_up_process(rfcomm_thread);
7219 +extern struct semaphore rfcomm_sem;
7220 +#define rfcomm_lock() down(&rfcomm_sem);
7221 +#define rfcomm_unlock() up(&rfcomm_sem);
7223 +/* ---- RFCOMM DLCs (channels) ---- */
7224 +struct rfcomm_dlc *rfcomm_dlc_alloc(int prio);
7225 +void rfcomm_dlc_free(struct rfcomm_dlc *d);
7226 +int rfcomm_dlc_open(struct rfcomm_dlc *d, bdaddr_t *src, bdaddr_t *dst, u8 channel);
7227 +int rfcomm_dlc_close(struct rfcomm_dlc *d, int reason);
7228 +int rfcomm_dlc_send(struct rfcomm_dlc *d, struct sk_buff *skb);
7229 +int rfcomm_dlc_set_modem_status(struct rfcomm_dlc *d, u8 v24_sig);
7230 +int rfcomm_dlc_get_modem_status(struct rfcomm_dlc *d, u8 *v24_sig);
7232 +#define rfcomm_dlc_lock(d) spin_lock(&d->lock)
7233 +#define rfcomm_dlc_unlock(d) spin_unlock(&d->lock)
7235 +static inline void rfcomm_dlc_hold(struct rfcomm_dlc *d)
7237 + atomic_inc(&d->refcnt);
7240 +static inline void rfcomm_dlc_put(struct rfcomm_dlc *d)
7242 + if (atomic_dec_and_test(&d->refcnt))
7243 + rfcomm_dlc_free(d);
7246 +extern void FASTCALL(__rfcomm_dlc_throttle(struct rfcomm_dlc *d));
7247 +extern void FASTCALL(__rfcomm_dlc_unthrottle(struct rfcomm_dlc *d));
7249 +static inline void rfcomm_dlc_throttle(struct rfcomm_dlc *d)
7251 + if (!test_and_set_bit(RFCOMM_RX_THROTTLED, &d->flags))
7252 + __rfcomm_dlc_throttle(d);
7255 +static inline void rfcomm_dlc_unthrottle(struct rfcomm_dlc *d)
7257 + if (test_and_clear_bit(RFCOMM_RX_THROTTLED, &d->flags))
7258 + __rfcomm_dlc_unthrottle(d);
7261 +/* ---- RFCOMM sessions ---- */
7262 +struct rfcomm_session *rfcomm_session_add(struct socket *sock, int state);
7263 +struct rfcomm_session *rfcomm_session_get(bdaddr_t *src, bdaddr_t *dst);
7264 +struct rfcomm_session *rfcomm_session_create(bdaddr_t *src, bdaddr_t *dst, int *err);
7265 +void rfcomm_session_del(struct rfcomm_session *s);
7266 +void rfcomm_session_close(struct rfcomm_session *s, int err);
7267 +void rfcomm_session_getaddr(struct rfcomm_session *s, bdaddr_t *src, bdaddr_t *dst);
7269 +static inline void rfcomm_session_hold(struct rfcomm_session *s)
7271 + atomic_inc(&s->refcnt);
7274 +static inline void rfcomm_session_put(struct rfcomm_session *s)
7276 + if (atomic_dec_and_test(&s->refcnt))
7277 + rfcomm_session_del(s);
7280 +/* ---- RFCOMM chechsum ---- */
7281 +extern u8 rfcomm_crc_table[];
7283 +/* ---- RFCOMM sockets ---- */
7284 +struct sockaddr_rc {
7285 + sa_family_t rc_family;
7286 + bdaddr_t rc_bdaddr;
7290 +#define rfcomm_pi(sk) ((struct rfcomm_pinfo *) &sk->tp_pinfo)
7292 +struct rfcomm_pinfo {
7293 + struct rfcomm_dlc *dlc;
7297 +int rfcomm_init_sockets(void);
7298 +void rfcomm_cleanup_sockets(void);
7300 +int rfcomm_connect_ind(struct rfcomm_session *s, u8 channel, struct rfcomm_dlc **d);
7302 +/* ---- RFCOMM TTY ---- */
7303 +#define RFCOMM_MAX_DEV 256
7305 +#define RFCOMMCREATEDEV _IOW('R', 200, int)
7306 +#define RFCOMMRELEASEDEV _IOW('R', 201, int)
7307 +#define RFCOMMGETDEVLIST _IOR('R', 210, int)
7308 +#define RFCOMMGETDEVINFO _IOR('R', 211, int)
7309 +#define RFCOMMSTEALDLC _IOW('R', 220, int)
7311 +#define RFCOMM_REUSE_DLC 0
7312 +#define RFCOMM_RELEASE_ONHUP 1
7313 +#define RFCOMM_HANGUP_NOW 2
7314 +#define RFCOMM_TTY_ATTACHED 3
7316 +struct rfcomm_dev_req {
7324 +struct rfcomm_dev_info {
7333 +struct rfcomm_dev_list_req {
7335 + struct rfcomm_dev_info dev_info[0];
7338 +int rfcomm_dev_ioctl(struct sock *sk, unsigned int cmd, unsigned long arg);
7339 +int rfcomm_init_ttys(void);
7340 +void rfcomm_cleanup_ttys(void);
7342 +#endif /* __RFCOMM_H */
7343 diff -Nur c3000_pre/linux/include/pcmcia/ciscode.h c3000_work/linux/include/pcmcia/ciscode.h
7344 --- c3000_pre/linux/include/pcmcia/ciscode.h 2004-08-21 09:49:13.000000000 +0900
7345 +++ c3000_work/linux/include/pcmcia/ciscode.h 2004-12-16 23:01:14.000000000 +0900
7348 - * ciscode.h 1.48 2001/08/24 12:16:12
7349 + * ciscode.h 1.57 2002/11/03 20:38:14
7351 * The contents of this file are subject to the Mozilla Public License
7352 * Version 1.1 (the "License"); you may not use this file except in
7354 #define PRODID_INTEL_DUAL_RS232 0x0301
7355 #define PRODID_INTEL_2PLUS 0x8422
7357 +#define MANFID_KME 0x0032
7358 +#define PRODID_KME_KXLC005_A 0x0704
7359 +#define PRODID_KME_KXLC005_B 0x2904
7361 #define MANFID_LINKSYS 0x0143
7362 #define PRODID_LINKSYS_PCMLM28 0xc0ab
7363 #define PRODID_LINKSYS_3400 0x3341
7365 #define PRODID_OSITECH_JACK_336 0x0007
7366 #define PRODID_OSITECH_SEVEN 0x0008
7368 +#define MANFID_OXSEMI 0x0279
7370 #define MANFID_PIONEER 0x000b
7372 #define MANFID_PSION 0x016c
7374 #define PRODID_QUATECH_SPP100 0x0003
7375 #define PRODID_QUATECH_DUAL_RS232 0x0012
7376 #define PRODID_QUATECH_DUAL_RS232_D1 0x0007
7377 +#define PRODID_QUATECH_DUAL_RS232_D2 0x0052
7378 #define PRODID_QUATECH_QUAD_RS232 0x001b
7379 #define PRODID_QUATECH_DUAL_RS422 0x000e
7380 #define PRODID_QUATECH_QUAD_RS422 0x0045
7381 @@ -120,9 +127,12 @@
7383 #define MANFID_TDK 0x0105
7384 #define PRODID_TDK_CF010 0x0900
7385 +#define PRODID_TDK_GN3410 0x4815
7387 #define MANFID_TOSHIBA 0x0098
7389 +#define MANFID_UNGERMANN 0x02c0
7391 #define MANFID_XIRCOM 0x0105
7393 #endif /* _LINUX_CISCODE_H */
7394 diff -Nur c3000_pre/linux/kernel/ksyms.c c3000_work/linux/kernel/ksyms.c
7395 --- c3000_pre/linux/kernel/ksyms.c 2004-08-21 09:49:14.000000000 +0900
7396 +++ c3000_work/linux/kernel/ksyms.c 2004-12-16 23:01:14.000000000 +0900
7398 #include <linux/completion.h>
7399 #include <linux/seq_file.h>
7400 #include <linux/dnotify.h>
7401 +#include <linux/firmware.h>
7402 #include <asm/checksum.h>
7404 #if defined(CONFIG_PROC_FS)
7405 @@ -587,6 +588,13 @@
7406 EXPORT_SYMBOL(md5_pad);
7407 EXPORT_SYMBOL(md5_result);
7409 +#ifdef CONFIG_FW_LOADER
7410 +EXPORT_SYMBOL(release_firmware);
7411 +EXPORT_SYMBOL(request_firmware);
7412 +EXPORT_SYMBOL(request_firmware_nowait);
7413 +EXPORT_SYMBOL(register_firmware);
7416 /* software interrupts */
7417 EXPORT_SYMBOL(tasklet_hi_vec);
7418 EXPORT_SYMBOL(tasklet_vec);
7419 diff -Nur c3000_pre/linux/lib/Config.in c3000_work/linux/lib/Config.in
7420 --- c3000_pre/linux/lib/Config.in 2004-08-21 09:49:14.000000000 +0900
7421 +++ c3000_work/linux/lib/Config.in 2004-12-16 23:01:14.000000000 +0900
7424 source crypto/Config.in
7426 +if [ "$CONFIG_EXPERIMENTAL" = "y" -a \
7427 + "$CONFIG_HOTPLUG" = "y" ]; then
7428 + tristate 'Hotplug firmware loading support (EXPERIMENTAL)' CONFIG_FW_LOADER
7432 diff -Nur c3000_pre/linux/lib/Makefile c3000_work/linux/lib/Makefile
7433 --- c3000_pre/linux/lib/Makefile 2004-08-21 09:49:14.000000000 +0900
7434 +++ c3000_work/linux/lib/Makefile 2004-12-16 23:01:14.000000000 +0900
7439 -export-objs := cmdline.o dec_and_lock.o rwsem-spinlock.o rwsem.o rbtree.o
7440 +export-objs := cmdline.o dec_and_lock.o rwsem-spinlock.o rwsem.o \
7441 + rbtree.o firmware_class.o
7443 obj-y := errno.o ctype.o string.o vsprintf.o brlock.o cmdline.o bust_spinlocks.o rbtree.o md5.o
7445 +obj-$(CONFIG_FW_LOADER) += firmware_class.o
7446 obj-$(CONFIG_RWSEM_GENERIC_SPINLOCK) += rwsem-spinlock.o
7447 obj-$(CONFIG_RWSEM_XCHGADD_ALGORITHM) += rwsem.o
7450 subdir-$(CONFIG_ZLIB_INFLATE) += zlib_inflate
7451 subdir-$(CONFIG_ZLIB_DEFLATE) += zlib_deflate
7453 +include $(TOPDIR)/drivers/bluetooth/Makefile.lib
7455 # Include the subdirs, if necessary.
7456 obj-y += $(join $(subdir-y),$(subdir-y:%=/%.o))
7458 diff -Nur c3000_pre/linux/lib/firmware_class.c c3000_work/linux/lib/firmware_class.c
7459 --- c3000_pre/linux/lib/firmware_class.c 1970-01-01 09:00:00.000000000 +0900
7460 +++ c3000_work/linux/lib/firmware_class.c 2004-12-16 23:01:14.000000000 +0900
7463 + * firmware_class.c - Multi purpose firmware loading support
7465 + * Copyright (c) 2003 Manuel Estrada Sainz <ranty@debian.org>
7467 + * Please see Documentation/firmware_class/ for more information.
7471 + * Based on kernel/kmod.c and drivers/usb/usb.c
7477 + Reorganized not to be a daemon by Adam Richter, with guidance
7478 + from Greg Zornetzer.
7480 + Modified to avoid chroot and file sharing problems.
7483 + Limit the concurrent number of kmod modprobes to catch loops from
7484 + "modprobe needs a service that is in a module".
7485 + Keith Owens <kaos@ocs.com.au> December 1999
7487 + Unblock all signals when we exec a usermode process.
7488 + Shuu Yamaguchi <shuu@wondernetworkresources.com> December 2000
7491 + * drivers/usb/usb.c
7493 + * (C) Copyright Linus Torvalds 1999
7494 + * (C) Copyright Johannes Erdfelt 1999-2001
7495 + * (C) Copyright Andreas Gal 1999
7496 + * (C) Copyright Gregory P. Smith 1999
7497 + * (C) Copyright Deti Fliegl 1999 (new USB architecture)
7498 + * (C) Copyright Randy Dunlap 2000
7499 + * (C) Copyright David Brownell 2000 (kernel hotplug, usb_device_id)
7500 + * (C) Copyright Yggdrasil Computing, Inc. 2000
7501 + * (usb_device_id matching changes by Adam J. Richter)
7504 +#include <linux/config.h>
7505 +#include <linux/module.h>
7506 +#include <linux/string.h>
7507 +#include <linux/types.h>
7508 +#include <linux/init.h>
7509 +#include <linux/slab.h>
7510 +#include <linux/kmod.h>
7511 +#include <linux/proc_fs.h>
7512 +#include <linux/vmalloc.h>
7513 +#include <asm/hardirq.h>
7515 +#include "linux/firmware.h"
7517 +MODULE_AUTHOR("Manuel Estrada Sainz <ranty@debian.org>");
7518 +MODULE_DESCRIPTION("Multi purpose firmware loading support");
7519 +MODULE_LICENSE("GPL");
7521 +#define err(format, arg...) \
7522 + printk(KERN_ERR "%s:%s: " format "\n",__FILE__, __FUNCTION__ , ## arg)
7523 +#define warn(format, arg...) \
7524 + printk(KERN_WARNING "%s:%s: " format "\n",__FILE__, __FUNCTION__ , ## arg)
7525 +#define dbg(format, arg...) \
7526 + printk(KERN_DEBUG "%s:%s: " format "\n",__FILE__, __FUNCTION__ , ## arg)
7528 +static int loading_timeout = 10; /* In seconds */
7529 +static struct proc_dir_entry *proc_dir_timeout;
7530 +static struct proc_dir_entry *proc_dir;
7532 +#ifdef CONFIG_HOTPLUG
7535 +call_helper(char *verb, const char *name, const char *device)
7537 + char *argv[3], **envp, *buf, *scratch;
7542 + if (!hotplug_path[0])
7544 + if (in_interrupt()) {
7545 + err("in_interrupt");
7548 + if (!current->fs->root) {
7549 + warn("call_policy %s -- no FS yet", verb);
7553 + if (!(envp = (char **) kmalloc(20 * sizeof (char *), GFP_KERNEL))) {
7554 + err("unable to allocate envp");
7557 + if (!(buf = kmalloc(256, GFP_KERNEL))) {
7559 + err("unable to allocate buf");
7563 + /* only one standardized param to hotplug command: type */
7564 + argv[0] = hotplug_path;
7565 + argv[1] = "firmware";
7568 + /* minimal command environment */
7569 + envp[i++] = "HOME=/";
7570 + envp[i++] = "PATH=/sbin:/bin:/usr/sbin:/usr/bin";
7573 + /* hint that policy agent should enter no-stdout debug mode */
7574 + envp[i++] = "DEBUG=kernel";
7579 + envp[i++] = scratch;
7580 + scratch += snprintf(scratch, FIRMWARE_NAME_MAX+25,
7581 + "DEVPATH=/driver/firmware/%s", device) + 1;
7584 + envp[i++] = scratch;
7585 + scratch += sprintf(scratch, "ACTION=%s", verb) + 1;
7587 + envp[i++] = scratch;
7588 + scratch += snprintf(scratch, FIRMWARE_NAME_MAX,
7589 + "FIRMWARE=%s", name) + 1;
7594 + dbg("firmware: %s %s %s", argv[0], argv[1], verb);
7597 + retval = call_usermodehelper(argv[0], argv, envp);
7599 + printk("call_usermodehelper return %d\n", retval);
7609 +call_helper(char *verb, const char *name, const char *device)
7614 +#endif /* CONFIG_HOTPLUG */
7616 +struct firmware_priv {
7617 + struct completion completion;
7618 + struct proc_dir_entry *proc_dir;
7619 + struct proc_dir_entry *attr_data;
7620 + struct proc_dir_entry *attr_loading;
7621 + struct firmware *fw;
7625 + struct timer_list timeout;
7629 +firmware_timeout_show(char *buf, char **start, off_t off,
7630 + int count, int *eof, void *data)
7632 + return sprintf(buf, "%d\n", loading_timeout);
7636 + * firmware_timeout_store:
7638 + * Sets the number of seconds to wait for the firmware. Once
7639 + * this expires an error will be return to the driver and no
7640 + * firmware will be provided.
7642 + * Note: zero means 'wait for ever'
7646 +firmware_timeout_store(struct file *file, const char *buf,
7647 + unsigned long count, void *data)
7649 + loading_timeout = simple_strtol(buf, NULL, 10);
7654 +firmware_loading_show(char *buf, char **start, off_t off,
7655 + int count, int *eof, void *data)
7657 + struct firmware_priv *fw_priv = data;
7658 + return sprintf(buf, "%d\n", fw_priv->loading);
7662 + * firmware_loading_store: - loading control file
7664 + * The relevant values are:
7666 + * 1: Start a load, discarding any previous partial load.
7667 + * 0: Conclude the load and handle the data to the driver code.
7668 + * -1: Conclude the load with an error and discard any written data.
7671 +firmware_loading_store(struct file *file, const char *buf,
7672 + unsigned long count, void *data)
7674 + struct firmware_priv *fw_priv = data;
7675 + int prev_loading = fw_priv->loading;
7677 + fw_priv->loading = simple_strtol(buf, NULL, 10);
7679 + switch (fw_priv->loading) {
7681 + fw_priv->abort = 1;
7683 + complete(&fw_priv->completion);
7686 + kfree(fw_priv->fw->data);
7687 + fw_priv->fw->data = NULL;
7688 + fw_priv->fw->size = 0;
7689 + fw_priv->alloc_size = 0;
7692 + if (prev_loading == 1)
7693 + complete(&fw_priv->completion);
7701 +firmware_data_read(char *buffer, char **start, off_t offset,
7702 + int count, int *eof, void *data)
7704 + struct firmware_priv *fw_priv = data;
7705 + struct firmware *fw = fw_priv->fw;
7707 + if (offset > fw->size)
7709 + if (offset + count > fw->size)
7710 + count = fw->size - offset;
7712 + memcpy(buffer, fw->data + offset, count);
7713 + *start = (void *) ((long) count);
7717 +fw_realloc_buffer(struct firmware_priv *fw_priv, int min_size)
7722 + if (min_size <= fw_priv->alloc_size)
7724 + if((min_size % PAGE_SIZE) == 0)
7725 + new_size = min_size;
7727 + new_size = (min_size + PAGE_SIZE) & PAGE_MASK;
7728 + new_data = vmalloc(new_size);
7730 + printk(KERN_ERR "%s: unable to alloc buffer\n", __FUNCTION__);
7731 + /* Make sure that we don't keep incomplete data */
7732 + fw_priv->abort = 1;
7735 + fw_priv->alloc_size = new_size;
7736 + if (fw_priv->fw->data) {
7737 + memcpy(new_data, fw_priv->fw->data, fw_priv->fw->size);
7738 + vfree(fw_priv->fw->data);
7740 + fw_priv->fw->data = new_data;
7741 + BUG_ON(min_size > fw_priv->alloc_size);
7746 + * firmware_data_write:
7750 + * Data written to the 'data' attribute will be later handled to
7751 + * the driver as a firmware image.
7754 +firmware_data_write(struct file *file, const char *buffer,
7755 + unsigned long count, void *data)
7757 + struct firmware_priv *fw_priv = data;
7758 + struct firmware *fw = fw_priv->fw;
7759 + int offset = file->f_pos;
7762 + retval = fw_realloc_buffer(fw_priv, offset + count);
7764 + printk("%s: retval:%d\n", __FUNCTION__, retval);
7768 + memcpy(fw->data + offset, buffer, count);
7770 + fw->size = max_t(size_t, offset + count, fw->size);
7771 + file->f_pos += count;
7776 +firmware_class_timeout(u_long data)
7778 + struct firmware_priv *fw_priv = (struct firmware_priv *) data;
7779 + fw_priv->abort = 1;
7781 + complete(&fw_priv->completion);
7784 +fw_setup_class_device(struct firmware_priv **fw_priv_p,
7785 + const char *fw_name, const char *device)
7788 + struct firmware_priv *fw_priv = kmalloc(sizeof (struct firmware_priv),
7790 + *fw_priv_p = fw_priv;
7795 + memset(fw_priv, 0, sizeof (*fw_priv));
7797 + init_completion(&fw_priv->completion);
7799 + fw_priv->timeout.function = firmware_class_timeout;
7800 + fw_priv->timeout.data = (u_long) fw_priv;
7801 + init_timer(&fw_priv->timeout);
7804 + fw_priv->proc_dir = create_proc_entry(device, 0644 | S_IFDIR, proc_dir);
7805 + if (!fw_priv->proc_dir)
7806 + goto err_free_fw_priv;
7808 + fw_priv->attr_data = create_proc_entry("data", 0644 | S_IFREG,
7809 + fw_priv->proc_dir);
7810 + if (!fw_priv->attr_data)
7811 + goto err_remove_dir;
7813 + fw_priv->attr_data->read_proc = firmware_data_read;
7814 + fw_priv->attr_data->write_proc = firmware_data_write;
7815 + fw_priv->attr_data->data = fw_priv;
7817 + fw_priv->attr_loading = create_proc_entry("loading", 0644 | S_IFREG,
7818 + fw_priv->proc_dir);
7819 + if (!fw_priv->attr_loading)
7820 + goto err_remove_data;
7822 + fw_priv->attr_loading->read_proc = firmware_loading_show;
7823 + fw_priv->attr_loading->write_proc = firmware_loading_store;
7824 + fw_priv->attr_loading->data = fw_priv;
7827 + fw_priv->fw = kmalloc(sizeof (struct firmware), GFP_KERNEL);
7828 + if (!fw_priv->fw) {
7829 + printk(KERN_ERR "%s: kmalloc(struct firmware) failed\n",
7832 + goto err_remove_loading;
7834 + memset(fw_priv->fw, 0, sizeof (*fw_priv->fw));
7838 +err_remove_loading:
7839 + remove_proc_entry("loading", fw_priv->proc_dir);
7841 + remove_proc_entry("data", fw_priv->proc_dir);
7843 + remove_proc_entry(device, proc_dir);
7850 +fw_remove_class_device(struct firmware_priv *fw_priv)
7852 + remove_proc_entry("loading", fw_priv->proc_dir);
7853 + remove_proc_entry("data", fw_priv->proc_dir);
7854 + remove_proc_entry(fw_priv->proc_dir->name, proc_dir);
7858 + * request_firmware: - request firmware to hotplug and wait for it
7860 + * @firmware will be used to return a firmware image by the name
7861 + * of @name for device @device.
7863 + * Should be called from user context where sleeping is allowed.
7865 + * @name will be use as $FIRMWARE in the hotplug environment and
7866 + * should be distinctive enough not to be confused with any other
7867 + * firmware image for this or any other device.
7870 +request_firmware(const struct firmware **firmware, const char *name,
7871 + const char *device)
7873 + struct firmware_priv *fw_priv;
7882 + retval = fw_setup_class_device(&fw_priv, name, device);
7886 + retval = call_helper("add", name, device);
7889 + if (loading_timeout) {
7890 + fw_priv->timeout.expires = jiffies + loading_timeout * HZ;
7891 + add_timer(&fw_priv->timeout);
7894 + wait_for_completion(&fw_priv->completion);
7896 + del_timer(&fw_priv->timeout);
7897 + fw_remove_class_device(fw_priv);
7899 + if (fw_priv->fw->size && !fw_priv->abort) {
7900 + *firmware = fw_priv->fw;
7903 + vfree(fw_priv->fw->data);
7904 + kfree(fw_priv->fw);
7912 +release_firmware(const struct firmware *fw)
7921 + * register_firmware: - provide a firmware image for later usage
7924 + * Make sure that @data will be available by requesting firmware @name.
7926 + * Note: This will not be possible until some kind of persistence
7930 +register_firmware(const char *name, const u8 *data, size_t size)
7932 + /* This is meaningless without firmware caching, so until we
7933 + * decide if firmware caching is reasonable just leave it as a
7937 +/* Async support */
7938 +struct firmware_work {
7939 + struct tq_struct work;
7940 + struct module *module;
7942 + const char *device;
7944 + void (*cont)(const struct firmware *fw, void *context);
7948 +request_firmware_work_func(void *arg)
7950 + struct firmware_work *fw_work = arg;
7951 + const struct firmware *fw;
7954 + request_firmware(&fw, fw_work->name, fw_work->device);
7955 + fw_work->cont(fw, fw_work->context);
7956 + release_firmware(fw);
7957 + __MOD_DEC_USE_COUNT(fw_work->module);
7962 + * request_firmware_nowait:
7965 + * Asynchronous variant of request_firmware() for contexts where
7966 + * it is not possible to sleep.
7968 + * @cont will be called asynchronously when the firmware request is over.
7970 + * @context will be passed over to @cont.
7972 + * @fw may be %NULL if firmware request fails.
7976 +request_firmware_nowait(
7977 + struct module *module,
7978 + const char *name, const char *device, void *context,
7979 + void (*cont)(const struct firmware *fw, void *context))
7981 + struct firmware_work *fw_work = kmalloc(sizeof (struct firmware_work),
7985 + if (!try_inc_mod_count(module)) {
7990 + *fw_work = (struct firmware_work) {
7994 + .context = context,
7997 + INIT_TQUEUE(&fw_work->work, request_firmware_work_func, fw_work);
7999 + schedule_task(&fw_work->work);
8004 +firmware_class_init(void)
8006 + proc_dir = create_proc_entry("driver/firmware", 0755 | S_IFDIR, NULL);
8009 + proc_dir_timeout = create_proc_entry("timeout",
8010 + 0644 | S_IFREG, proc_dir);
8011 + if (!proc_dir_timeout) {
8012 + remove_proc_entry("driver/firmware", NULL);
8015 + proc_dir_timeout->read_proc = firmware_timeout_show;
8016 + proc_dir_timeout->write_proc = firmware_timeout_store;
8020 +firmware_class_exit(void)
8022 + remove_proc_entry("timeout", proc_dir);
8023 + remove_proc_entry("driver/firmware", NULL);
8026 +module_init(firmware_class_init);
8027 +module_exit(firmware_class_exit);
8029 +#ifndef CONFIG_FW_LOADER
8030 +EXPORT_SYMBOL(release_firmware);
8031 +EXPORT_SYMBOL(request_firmware);
8032 +EXPORT_SYMBOL(request_firmware_nowait);
8033 +EXPORT_SYMBOL(register_firmware);
8035 diff -Nur c3000_pre/linux/net/bluetooth/Config.in c3000_work/linux/net/bluetooth/Config.in
8036 --- c3000_pre/linux/net/bluetooth/Config.in 2004-08-21 09:49:19.000000000 +0900
8037 +++ c3000_work/linux/net/bluetooth/Config.in 2004-12-16 23:01:14.000000000 +0900
8040 -# Bluetooth configuration
8041 +# Bluetooth subsystem configuration
8044 if [ "$CONFIG_NET" != "n" ]; then
8046 mainmenu_option next_comment
8047 comment 'Bluetooth support'
8048 dep_tristate 'Bluetooth subsystem support' CONFIG_BLUEZ $CONFIG_NET
8050 if [ "$CONFIG_BLUEZ" != "n" ]; then
8051 dep_tristate 'L2CAP protocol support' CONFIG_BLUEZ_L2CAP $CONFIG_BLUEZ
8052 dep_tristate 'SCO links support' CONFIG_BLUEZ_SCO $CONFIG_BLUEZ
8053 + source net/bluetooth/rfcomm/Config.in
8054 source net/bluetooth/bnep/Config.in
8055 + source net/bluetooth/cmtp/Config.in
8056 + source net/bluetooth/hidp/Config.in
8057 source drivers/bluetooth/Config.in
8063 diff -Nur c3000_pre/linux/net/bluetooth/Makefile c3000_work/linux/net/bluetooth/Makefile
8064 --- c3000_pre/linux/net/bluetooth/Makefile 2004-08-21 09:49:19.000000000 +0900
8065 +++ c3000_work/linux/net/bluetooth/Makefile 2004-12-16 23:01:14.000000000 +0900
8068 -# Makefile for the Bluetooth subsystem
8069 +# Makefile for the Linux Bluetooth subsystem
8072 O_TARGET := bluetooth.o
8074 list-multi := bluez.o
8075 -export-objs := syms.o
8076 +export-objs := syms.o l2cap.o
8078 bluez-objs := af_bluetooth.o hci_core.o hci_conn.o hci_event.o hci_sock.o lib.o syms.o
8081 obj-$(CONFIG_BLUEZ_L2CAP) += l2cap.o
8082 obj-$(CONFIG_BLUEZ_SCO) += sco.o
8084 +subdir-$(CONFIG_BLUEZ_RFCOMM) += rfcomm
8085 subdir-$(CONFIG_BLUEZ_BNEP) += bnep
8086 +subdir-$(CONFIG_BLUEZ_CMTP) += cmtp
8087 +subdir-$(CONFIG_BLUEZ_HIDP) += hidp
8089 +ifeq ($(CONFIG_BLUEZ_RFCOMM),y)
8090 +obj-y += rfcomm/rfcomm.o
8093 ifeq ($(CONFIG_BLUEZ_BNEP),y)
8094 obj-y += bnep/bnep.o
8097 +ifeq ($(CONFIG_BLUEZ_CMTP),y)
8098 +obj-y += cmtp/cmtp.o
8101 +ifeq ($(CONFIG_BLUEZ_HIDP),y)
8102 +obj-y += hidp/hidp.o
8105 include $(TOPDIR)/Rules.make
8107 bluez.o: $(bluez-objs)
8108 diff -Nur c3000_pre/linux/net/bluetooth/af_bluetooth.c c3000_work/linux/net/bluetooth/af_bluetooth.c
8109 --- c3000_pre/linux/net/bluetooth/af_bluetooth.c 2004-08-21 09:49:19.000000000 +0900
8110 +++ c3000_work/linux/net/bluetooth/af_bluetooth.c 2004-12-16 23:01:14.000000000 +0900
8113 * $Id: af_bluetooth.c,v 1.8 2002/07/22 20:32:54 maxk Exp $
8115 -#define VERSION "2.2"
8116 +#define VERSION "2.4"
8118 #include <linux/config.h>
8119 #include <linux/module.h>
8123 /* Bluetooth sockets */
8124 -#define BLUEZ_MAX_PROTO 5
8125 +#define BLUEZ_MAX_PROTO 7
8126 static struct net_proto_family *bluez_proto[BLUEZ_MAX_PROTO];
8128 int bluez_sock_register(int proto, struct net_proto_family *ops)
8129 @@ -221,12 +221,11 @@
8130 unsigned int bluez_sock_poll(struct file * file, struct socket *sock, poll_table *wait)
8132 struct sock *sk = sock->sk;
8133 - unsigned int mask;
8134 + unsigned int mask = 0;
8136 BT_DBG("sock %p, sk %p", sock, sk);
8138 poll_wait(file, sk->sleep, wait);
8141 if (sk->err || !skb_queue_empty(&sk->error_queue))
8143 @@ -242,9 +241,11 @@
8144 if (sk->state == BT_CLOSED)
8147 - if (sk->state == BT_CONNECT || sk->state == BT_CONNECT2)
8148 + if (sk->state == BT_CONNECT ||
8149 + sk->state == BT_CONNECT2 ||
8150 + sk->state == BT_CONFIG)
8154 if (sock_writeable(sk))
8155 mask |= POLLOUT | POLLWRNORM | POLLWRBAND;
8157 @@ -253,39 +254,35 @@
8161 -int bluez_sock_w4_connect(struct sock *sk, int flags)
8162 +int bluez_sock_wait_state(struct sock *sk, int state, unsigned long timeo)
8164 DECLARE_WAITQUEUE(wait, current);
8165 - long timeo = sock_sndtimeo(sk, flags & O_NONBLOCK);
8168 BT_DBG("sk %p", sk);
8170 add_wait_queue(sk->sleep, &wait);
8171 - while (sk->state != BT_CONNECTED) {
8172 + while (sk->state != state) {
8173 set_current_state(TASK_INTERRUPTIBLE);
8180 + if (signal_pending(current)) {
8181 + err = sock_intr_errno(timeo);
8186 timeo = schedule_timeout(timeo);
8190 - if (sk->state == BT_CONNECTED)
8194 err = sock_error(sk);
8198 - if (signal_pending(current)) {
8199 - err = sock_intr_errno(timeo);
8203 set_current_state(TASK_RUNNING);
8204 remove_wait_queue(sk->sleep, &wait);
8205 diff -Nur c3000_pre/linux/net/bluetooth/bnep/Config.in c3000_work/linux/net/bluetooth/bnep/Config.in
8206 --- c3000_pre/linux/net/bluetooth/bnep/Config.in 2004-08-21 09:49:19.000000000 +0900
8207 +++ c3000_work/linux/net/bluetooth/bnep/Config.in 2004-12-16 23:01:14.000000000 +0900
8210 +# Bluetooth BNEP layer configuration
8213 dep_tristate 'BNEP protocol support' CONFIG_BLUEZ_BNEP $CONFIG_BLUEZ_L2CAP
8215 if [ "$CONFIG_BLUEZ_BNEP" != "n" ]; then
8216 - bool ' Multicast filter support' CONFIG_BNEP_MC_FILTER
8217 - bool ' Protocol filter support' CONFIG_BNEP_PROTO_FILTER
8218 + bool ' Multicast filter support' CONFIG_BLUEZ_BNEP_MC_FILTER
8219 + bool ' Protocol filter support' CONFIG_BLUEZ_BNEP_PROTO_FILTER
8222 diff -Nur c3000_pre/linux/net/bluetooth/bnep/Makefile c3000_work/linux/net/bluetooth/bnep/Makefile
8223 --- c3000_pre/linux/net/bluetooth/bnep/Makefile 2004-08-21 09:49:19.000000000 +0900
8224 +++ c3000_work/linux/net/bluetooth/bnep/Makefile 2004-12-16 23:01:14.000000000 +0900
8227 -# Makefile for BNEP protocol
8228 +# Makefile for the Linux Bluetooth BNEP layer
8232 diff -Nur c3000_pre/linux/net/bluetooth/bnep/bnep.h c3000_work/linux/net/bluetooth/bnep/bnep.h
8233 --- c3000_pre/linux/net/bluetooth/bnep/bnep.h 2004-08-21 09:49:19.000000000 +0900
8234 +++ c3000_work/linux/net/bluetooth/bnep/bnep.h 2004-12-16 23:01:14.000000000 +0900
8235 @@ -112,25 +112,25 @@
8237 } __attribute__((packed));
8240 -#define BNEPCONADD 1
8241 -#define BNEPCONDEL 2
8242 -#define BNEPGETCONLIST 3
8243 -#define BNEPGETCONINFO 4
8244 +/* BNEP ioctl defines */
8245 +#define BNEPCONNADD _IOW('B', 200, int)
8246 +#define BNEPCONNDEL _IOW('B', 201, int)
8247 +#define BNEPGETCONNLIST _IOR('B', 210, int)
8248 +#define BNEPGETCONNINFO _IOR('B', 211, int)
8250 -struct bnep_conadd_req {
8251 +struct bnep_connadd_req {
8252 int sock; // Connected socket
8255 char device[16]; // Name of the Ethernet device
8258 -struct bnep_condel_req {
8259 +struct bnep_conndel_req {
8264 -struct bnep_coninfo {
8265 +struct bnep_conninfo {
8273 -struct bnep_conlist_req {
8274 +struct bnep_connlist_req {
8276 - struct bnep_coninfo *ci;
8277 + struct bnep_conninfo *ci;
8280 struct bnep_proto_filter {
8281 @@ -148,10 +148,10 @@
8285 -int bnep_add_connection(struct bnep_conadd_req *req, struct socket *sock);
8286 -int bnep_del_connection(struct bnep_condel_req *req);
8287 -int bnep_get_conlist(struct bnep_conlist_req *req);
8288 -int bnep_get_coninfo(struct bnep_coninfo *ci);
8289 +int bnep_add_connection(struct bnep_connadd_req *req, struct socket *sock);
8290 +int bnep_del_connection(struct bnep_conndel_req *req);
8291 +int bnep_get_connlist(struct bnep_connlist_req *req);
8292 +int bnep_get_conninfo(struct bnep_conninfo *ci);
8295 struct bnep_session {
8296 diff -Nur c3000_pre/linux/net/bluetooth/bnep/core.c c3000_work/linux/net/bluetooth/bnep/core.c
8297 --- c3000_pre/linux/net/bluetooth/bnep/core.c 2004-08-21 09:49:19.000000000 +0900
8298 +++ c3000_work/linux/net/bluetooth/bnep/core.c 2004-12-16 23:01:14.000000000 +0900
8303 -#ifndef CONFIG_BNEP_DEBUG
8304 +#ifndef CONFIG_BLUEZ_BNEP_DEBUG
8306 #define BT_DBG(D...)
8309 -#define VERSION "1.0"
8310 +#define VERSION "1.2"
8312 static LIST_HEAD(bnep_session_list);
8313 static DECLARE_RWSEM(bnep_session_sem);
8315 -static struct bnep_session *__bnep_get_session(__u8 *dst)
8316 +static struct bnep_session *__bnep_get_session(u8 *dst)
8318 struct bnep_session *s;
8319 struct list_head *p;
8321 return sock->ops->sendmsg(sock, &s->msg, len, NULL);
8324 -static int bnep_send_rsp(struct bnep_session *s, __u8 ctrl, __u16 resp)
8325 +static int bnep_send_rsp(struct bnep_session *s, u8 ctrl, u16 resp)
8327 struct bnep_control_rsp rsp;
8328 rsp.type = BNEP_CONTROL;
8329 @@ -113,23 +113,37 @@
8330 return bnep_send(s, &rsp, sizeof(rsp));
8333 -static int bnep_ctrl_set_netfilter(struct bnep_session *s, struct sk_buff *skb)
8334 +#ifdef CONFIG_BLUEZ_BNEP_PROTO_FILTER
8335 +static inline void bnep_set_default_proto_filter(struct bnep_session *s)
8338 + s->proto_filter[0].start = htons(0x0800);
8339 + s->proto_filter[0].end = htons(0x0806);
8340 + /* (RARP, AppleTalk) */
8341 + s->proto_filter[1].start = htons(0x8035);
8342 + s->proto_filter[1].end = htons(0x80F3);
8344 + s->proto_filter[2].start = htons(0x8137);
8345 + s->proto_filter[2].end = htons(0x86DD);
8349 +static int bnep_ctrl_set_netfilter(struct bnep_session *s, u16 *data, int len)
8354 - data = (void *) skb->data;
8355 - if (!skb_pull(skb, 2))
8360 n = ntohs(get_unaligned(data));
8363 - data = (void *) skb->data;
8364 - if (!skb_pull(skb, n))
8368 BT_DBG("filter len %d", n);
8370 -#ifdef CONFIG_BNEP_PROTO_FILTER
8371 +#ifdef CONFIG_BLUEZ_BNEP_PROTO_FILTER
8373 if (n <= BNEP_MAX_PROTO_FILTERS) {
8374 struct bnep_proto_filter *f = s->proto_filter;
8375 @@ -142,9 +156,13 @@
8376 BT_DBG("proto filter start %d end %d",
8377 f[i].start, f[i].end);
8380 if (i < BNEP_MAX_PROTO_FILTERS)
8381 memset(f + i, 0, sizeof(*f));
8384 + bnep_set_default_proto_filter(s);
8386 bnep_send_rsp(s, BNEP_FILTER_NET_TYPE_RSP, BNEP_SUCCESS);
8388 bnep_send_rsp(s, BNEP_FILTER_NET_TYPE_RSP, BNEP_FILTER_LIMIT_REACHED);
8389 @@ -155,23 +173,22 @@
8393 -static int bnep_ctrl_set_mcfilter(struct bnep_session *s, struct sk_buff *skb)
8394 +static int bnep_ctrl_set_mcfilter(struct bnep_session *s, u8 *data, int len)
8399 - data = (void *) skb->data;
8400 - if (!skb_pull(skb, 2))
8404 - n = ntohs(get_unaligned((u16 *) data));
8406 - data = (void *) skb->data;
8407 - if (!skb_pull(skb, n))
8408 + n = ntohs(get_unaligned((u16 *) data));
8409 + data += 2; len -= 2;
8414 BT_DBG("filter len %d", n);
8416 -#ifdef CONFIG_BNEP_MC_FILTER
8417 +#ifdef CONFIG_BLUEZ_BNEP_MC_FILTER
8418 n /= (ETH_ALEN * 2);
8421 @@ -210,12 +227,13 @@
8425 -static int bnep_rx_control(struct bnep_session *s, struct sk_buff *skb)
8426 +static int bnep_rx_control(struct bnep_session *s, void *data, int len)
8428 + u8 cmd = *(u8 *)data;
8430 - __u8 cmd = *(__u8 *) skb->data;
8437 case BNEP_CMD_NOT_UNDERSTOOD:
8438 case BNEP_SETUP_CONN_REQ:
8439 @@ -226,15 +244,15 @@
8442 case BNEP_FILTER_NET_TYPE_SET:
8443 - err = bnep_ctrl_set_netfilter(s, skb);
8444 + err = bnep_ctrl_set_netfilter(s, data, len);
8447 case BNEP_FILTER_MULTI_ADDR_SET:
8448 - err = bnep_ctrl_set_mcfilter(s, skb);
8449 + err = bnep_ctrl_set_mcfilter(s, data, len);
8455 pkt[0] = BNEP_CONTROL;
8456 pkt[1] = BNEP_CMD_NOT_UNDERSTOOD;
8458 @@ -262,21 +280,24 @@
8460 switch (h->type & BNEP_TYPE_MASK) {
8461 case BNEP_EXT_CONTROL:
8462 - err = bnep_rx_control(s, skb);
8463 + bnep_rx_control(s, skb->data, skb->len);
8467 - /* Unknown extension */
8468 - if (!skb_pull(skb, h->len))
8470 + /* Unknown extension, skip it. */
8474 + if (!skb_pull(skb, h->len)) {
8478 } while (!err && (h->type & BNEP_EXT_HEADER));
8484 -static __u8 __bnep_rx_hlen[] = {
8485 +static u8 __bnep_rx_hlen[] = {
8486 ETH_HLEN, /* BNEP_GENERAL */
8487 0, /* BNEP_CONTROL */
8488 2, /* BNEP_COMPRESSED */
8489 @@ -289,18 +310,18 @@
8491 struct net_device *dev = &s->dev;
8492 struct sk_buff *nskb;
8496 dev->last_rx = jiffies;
8497 s->stats.rx_bytes += skb->len;
8499 - type = *(__u8 *) skb->data; skb_pull(skb, 1);
8500 + type = *(u8 *) skb->data; skb_pull(skb, 1);
8502 if ((type & BNEP_TYPE_MASK) > BNEP_RX_TYPES)
8506 if ((type & BNEP_TYPE_MASK) == BNEP_CONTROL) {
8507 - bnep_rx_control(s, skb);
8508 + bnep_rx_control(s, skb->data, skb->len);
8513 if (!skb_pull(skb, __bnep_rx_hlen[type & BNEP_TYPE_MASK]))
8516 - s->eh.h_proto = get_unaligned((__u16 *) (skb->data - 2));
8517 + s->eh.h_proto = get_unaligned((u16 *) (skb->data - 2));
8519 if (type & BNEP_EXT_HEADER) {
8520 if (bnep_rx_extension(s, skb) < 0)
8522 if (ntohs(s->eh.h_proto) == 0x8100) {
8523 if (!skb_pull(skb, 4))
8525 - s->eh.h_proto = get_unaligned((__u16 *) (skb->data - 2));
8526 + s->eh.h_proto = get_unaligned((u16 *) (skb->data - 2));
8530 /* We have to alloc new skb and copy data here :(. Because original skb
8531 * may not be modified and because of the alignment requirements. */
8532 nskb = alloc_skb(2 + ETH_HLEN + skb->len, GFP_KERNEL);
8533 @@ -340,11 +361,11 @@
8534 case BNEP_COMPRESSED:
8535 memcpy(__skb_put(nskb, ETH_HLEN), &s->eh, ETH_HLEN);
8539 case BNEP_COMPRESSED_SRC_ONLY:
8540 memcpy(__skb_put(nskb, ETH_ALEN), s->eh.h_dest, ETH_ALEN);
8541 memcpy(__skb_put(nskb, ETH_ALEN), skb->mac.raw, ETH_ALEN);
8542 - put_unaligned(s->eh.h_proto, (__u16 *) __skb_put(nskb, 2));
8543 + put_unaligned(s->eh.h_proto, (u16 *) __skb_put(nskb, 2));
8546 case BNEP_COMPRESSED_DST_ONLY:
8547 @@ -354,13 +375,13 @@
8550 memcpy(__skb_put(nskb, ETH_ALEN * 2), skb->mac.raw, ETH_ALEN * 2);
8551 - put_unaligned(s->eh.h_proto, (__u16 *) __skb_put(nskb, 2));
8552 + put_unaligned(s->eh.h_proto, (u16 *) __skb_put(nskb, 2));
8556 memcpy(__skb_put(nskb, skb->len), skb->data, skb->len);
8560 s->stats.rx_packets++;
8562 nskb->ip_summed = CHECKSUM_UNNECESSARY;
8567 -static __u8 __bnep_tx_types[] = {
8568 +static u8 __bnep_tx_types[] = {
8570 BNEP_COMPRESSED_SRC_ONLY,
8571 BNEP_COMPRESSED_DST_ONLY,
8573 struct socket *sock = s->sock;
8575 int len = 0, il = 0;
8579 BT_DBG("skb %p dev %p type %d", skb, skb->dev, skb->pkt_type);
8583 iv[il++] = (struct iovec) { skb->data, skb->len };
8587 /* FIXME: linearize skb */
8590 s->msg.msg_iov = iv;
8591 s->msg.msg_iovlen = il;
8592 len = sock->ops->sendmsg(sock, &s->msg, len, NULL);
8593 @@ -451,16 +472,16 @@
8597 - daemonize(); reparent_to_init();
8598 + daemonize(); reparent_to_init();
8600 - sprintf(current->comm, "kbnepd %s", dev->name);
8602 - sigfillset(¤t->blocked);
8603 + sprintf(current->comm, "kbnepd %s", dev->name);
8605 + sigfillset(¤t->blocked);
8606 flush_signals(current);
8608 current->nice = -15;
8610 - set_fs(KERNEL_DS);
8611 + set_fs(KERNEL_DS);
8613 init_waitqueue_entry(&wait, current);
8614 add_wait_queue(sk->sleep, &wait);
8615 @@ -475,13 +496,13 @@
8617 if (sk->state != BT_CONNECTED)
8622 while ((skb = skb_dequeue(&sk->write_queue)))
8623 if (bnep_tx_frame(s, skb))
8625 netif_wake_queue(dev);
8630 set_current_state(TASK_RUNNING);
8631 @@ -503,11 +524,11 @@
8635 -int bnep_add_connection(struct bnep_conadd_req *req, struct socket *sock)
8636 +int bnep_add_connection(struct bnep_connadd_req *req, struct socket *sock)
8638 struct net_device *dev;
8639 struct bnep_session *s, *ss;
8640 - __u8 dst[ETH_ALEN], src[ETH_ALEN];
8641 + u8 dst[ETH_ALEN], src[ETH_ALEN];
8647 strcpy(dev->name, "bnep%d");
8649 + memset(dev->broadcast, 0xff, ETH_ALEN);
8651 /* This is rx header therefor addresses are swaped.
8652 * ie eh.h_dest is our local address. */
8653 memcpy(s->eh.h_dest, &src, ETH_ALEN);
8654 @@ -543,28 +566,19 @@
8656 s->role = req->role;
8657 s->state = BT_CONNECTED;
8660 s->msg.msg_flags = MSG_NOSIGNAL;
8662 -#ifdef CONFIG_BNEP_MC_FILTER
8663 +#ifdef CONFIG_BLUEZ_BNEP_MC_FILTER
8664 /* Set default mc filter */
8665 set_bit(bnep_mc_hash(dev->broadcast), &s->mc_filter);
8668 -#ifdef CONFIG_BNEP_PROTO_FILTER
8669 - /* Set default protocol filter */
8672 - s->proto_filter[0].start = htons(0x0800);
8673 - s->proto_filter[0].end = htons(0x0806);
8674 - /* (RARP, AppleTalk) */
8675 - s->proto_filter[1].start = htons(0x8035);
8676 - s->proto_filter[1].end = htons(0x80F3);
8678 - s->proto_filter[2].start = htons(0x8137);
8679 - s->proto_filter[2].end = htons(0x86DD);
8680 +#ifdef CONFIG_BLUEZ_BNEP_PROTO_FILTER
8681 + /* Set default protocol filter */
8682 + bnep_set_default_proto_filter(s);
8686 dev->init = bnep_net_init;
8688 err = register_netdev(dev);
8692 __bnep_link_session(s);
8695 err = kernel_thread(bnep_session, s, CLONE_FS | CLONE_FILES | CLONE_SIGHAND);
8697 /* Session thread start failed, gotta cleanup. */
8702 -int bnep_del_connection(struct bnep_condel_req *req)
8703 +int bnep_del_connection(struct bnep_conndel_req *req)
8705 struct bnep_session *s;
8711 -static void __bnep_copy_ci(struct bnep_coninfo *ci, struct bnep_session *s)
8712 +static void __bnep_copy_ci(struct bnep_conninfo *ci, struct bnep_session *s)
8714 memcpy(ci->dst, s->eh.h_source, ETH_ALEN);
8715 strcpy(ci->device, s->dev.name);
8720 -int bnep_get_conlist(struct bnep_conlist_req *req)
8721 +int bnep_get_connlist(struct bnep_connlist_req *req)
8723 struct list_head *p;
8727 list_for_each(p, &bnep_session_list) {
8728 struct bnep_session *s;
8729 - struct bnep_coninfo ci;
8730 + struct bnep_conninfo ci;
8732 s = list_entry(p, struct bnep_session, list);
8738 -int bnep_get_coninfo(struct bnep_coninfo *ci)
8739 +int bnep_get_conninfo(struct bnep_conninfo *ci)
8741 struct bnep_session *s;
8743 @@ -676,17 +690,16 @@
8745 static int __init bnep_init_module(void)
8747 - BT_INFO("BNEP: BNEP2 ver %s\n"
8748 - "BNEP: Copyright (C) 2002 Inventel\n"
8749 - "BNEP: Written 2001,2002 by\n"
8750 - "BNEP: \tClement Moreau <clement.moreau@inventel.fr> "
8751 - "David Libault <david.libault@inventel.fr>\n"
8752 - "BNEP: Copyright (C) 2002 Maxim Krasnyanskiy <maxk@qualcomm.com>",
8756 + bnep_crc32_init();
8759 - bnep_crc32_init();
8760 + BT_INFO("BlueZ BNEP ver %s", VERSION);
8761 + BT_INFO("Copyright (C) 2001,2002 Inventel Systemes");
8762 + BT_INFO("Written 2001,2002 by Clement Moreau <clement.moreau@inventel.fr>");
8763 + BT_INFO("Written 2001,2002 by David Libault <david.libault@inventel.fr>");
8764 + BT_INFO("Copyright (C) 2002 Maxim Krasnyanskiy <maxk@qualcomm.com>");
8768 @@ -694,13 +707,12 @@
8769 static void __exit bnep_cleanup_module(void)
8771 bnep_sock_cleanup();
8773 bnep_crc32_cleanup();
8776 module_init(bnep_init_module);
8777 module_exit(bnep_cleanup_module);
8779 -MODULE_DESCRIPTION("BNEP2 ver " VERSION);
8780 -MODULE_AUTHOR("David Libault <david.libault@inventel.fr> Maxim Krasnyanskiy <maxk@qualcomm.com>");
8781 +MODULE_DESCRIPTION("BlueZ BNEP ver " VERSION);
8782 +MODULE_AUTHOR("David Libault <david.libault@inventel.fr>, Maxim Krasnyanskiy <maxk@qualcomm.com>");
8783 MODULE_LICENSE("GPL");
8784 diff -Nur c3000_pre/linux/net/bluetooth/bnep/netdev.c c3000_work/linux/net/bluetooth/bnep/netdev.c
8785 --- c3000_pre/linux/net/bluetooth/bnep/netdev.c 2004-08-21 09:49:19.000000000 +0900
8786 +++ c3000_work/linux/net/bluetooth/bnep/netdev.c 2004-12-16 23:01:14.000000000 +0900
8791 -#ifndef CONFIG_BNEP_DEBUG
8792 +#ifndef CONFIG_BLUEZ_BNEP_DEBUG
8794 #define BT_DBG( A... )
8798 static void bnep_net_set_mc_list(struct net_device *dev)
8800 -#ifdef CONFIG_BNEP_MC_FILTER
8801 +#ifdef CONFIG_BLUEZ_BNEP_MC_FILTER
8802 struct bnep_session *s = dev->priv;
8803 struct sock *sk = s->sock->sk;
8804 struct bnep_set_filter_req *r;
8805 @@ -143,27 +143,31 @@
8809 -#ifdef CONFIG_BNEP_MC_FILTER
8810 +#ifdef CONFIG_BLUEZ_BNEP_MC_FILTER
8811 static inline int bnep_net_mc_filter(struct sk_buff *skb, struct bnep_session *s)
8813 struct ethhdr *eh = (void *) skb->data;
8815 - if ((eh->h_dest[0] & 1) && !test_bit(bnep_mc_hash(eh->h_dest), &s->mc_filter))
8816 + if ((eh->h_dest[0] & 1) && !test_bit(bnep_mc_hash(eh->h_dest), &s->mc_filter)) {
8817 + BT_DBG("BNEP: filtered skb %p, dst %.2x:%.2x:%.2x:%.2x:%.2x:%.2x", skb,
8818 + eh->h_dest[0], eh->h_dest[1], eh->h_dest[2],
8819 + eh->h_dest[3], eh->h_dest[4], eh->h_dest[5]);
8826 -#ifdef CONFIG_BNEP_PROTO_FILTER
8827 +#ifdef CONFIG_BLUEZ_BNEP_PROTO_FILTER
8828 /* Determine ether protocol. Based on eth_type_trans. */
8829 -static inline __u16 bnep_net_eth_proto(struct sk_buff *skb)
8830 +static inline u16 bnep_net_eth_proto(struct sk_buff *skb)
8832 struct ethhdr *eh = (void *) skb->data;
8834 if (ntohs(eh->h_proto) >= 1536)
8837 - if (get_unaligned((__u16 *) skb->data) == 0xFFFF)
8838 + if (get_unaligned((u16 *) skb->data) == 0xFFFF)
8839 return htons(ETH_P_802_3);
8841 return htons(ETH_P_802_2);
8844 static inline int bnep_net_proto_filter(struct sk_buff *skb, struct bnep_session *s)
8846 - __u16 proto = bnep_net_eth_proto(skb);
8847 + u16 proto = bnep_net_eth_proto(skb);
8848 struct bnep_proto_filter *f = s->proto_filter;
8851 @@ -192,14 +196,14 @@
8853 BT_DBG("skb %p, dev %p", skb, dev);
8855 -#ifdef CONFIG_BNEP_MC_FILTER
8856 +#ifdef CONFIG_BLUEZ_BNEP_MC_FILTER
8857 if (bnep_net_mc_filter(skb, s)) {
8863 -#ifdef CONFIG_BNEP_PROTO_FILTER
8864 +#ifdef CONFIG_BLUEZ_BNEP_PROTO_FILTER
8865 if (bnep_net_proto_filter(skb, s)) {
8868 diff -Nur c3000_pre/linux/net/bluetooth/bnep/sock.c c3000_work/linux/net/bluetooth/bnep/sock.c
8869 --- c3000_pre/linux/net/bluetooth/bnep/sock.c 2004-08-21 09:49:19.000000000 +0900
8870 +++ c3000_work/linux/net/bluetooth/bnep/sock.c 2004-12-16 23:01:14.000000000 +0900
8875 -#ifndef CONFIG_BNEP_DEBUG
8876 +#ifndef CONFIG_BLUEZ_BNEP_DEBUG
8878 #define BT_DBG( A... )
8881 -static inline struct socket *socki_lookup(struct inode *inode)
8883 - return &inode->u.socket_i;
8886 -static struct socket *sockfd_lookup(int fd, int *err)
8888 - struct file *file;
8889 - struct inode *inode;
8890 - struct socket *sock;
8892 - if (!(file = fget(fd))) {
8897 - inode = file->f_dentry->d_inode;
8898 - if (!inode->i_sock || !(sock = socki_lookup(inode))) {
8904 - if (sock->file != file) {
8905 - printk(KERN_ERR "socki_lookup: socket file changed!\n");
8906 - sock->file = file;
8911 static int bnep_sock_release(struct socket *sock)
8913 struct sock *sk = sock->sk;
8914 @@ -103,17 +73,17 @@
8916 static int bnep_sock_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
8918 - struct bnep_conlist_req cl;
8919 - struct bnep_conadd_req ca;
8920 - struct bnep_condel_req cd;
8921 - struct bnep_coninfo ci;
8922 + struct bnep_connlist_req cl;
8923 + struct bnep_connadd_req ca;
8924 + struct bnep_conndel_req cd;
8925 + struct bnep_conninfo ci;
8926 struct socket *nsock;
8929 BT_DBG("cmd %x arg %lx", cmd, arg);
8934 if (!capable(CAP_NET_ADMIN))
8941 - if (nsock->sk->state != BT_CONNECTED)
8942 + if (nsock->sk->state != BT_CONNECTED) {
8943 + fput(nsock->file);
8947 err = bnep_add_connection(&ca, nsock);
8955 if (!capable(CAP_NET_ADMIN))
8958 @@ -145,24 +117,24 @@
8960 return bnep_del_connection(&cd);
8962 - case BNEPGETCONLIST:
8963 + case BNEPGETCONNLIST:
8964 if (copy_from_user(&cl, (void *) arg, sizeof(cl)))
8970 - err = bnep_get_conlist(&cl);
8971 + err = bnep_get_connlist(&cl);
8972 if (!err && copy_to_user((void *) arg, &cl, sizeof(cl)))
8977 - case BNEPGETCONINFO:
8978 + case BNEPGETCONNINFO:
8979 if (copy_from_user(&ci, (void *) arg, sizeof(ci)))
8982 - err = bnep_get_coninfo(&ci);
8983 + err = bnep_get_conninfo(&ci);
8984 if (!err && copy_to_user((void *) arg, &ci, sizeof(ci)))
8987 diff -Nur c3000_pre/linux/net/bluetooth/cmtp/Config.in c3000_work/linux/net/bluetooth/cmtp/Config.in
8988 --- c3000_pre/linux/net/bluetooth/cmtp/Config.in 1970-01-01 09:00:00.000000000 +0900
8989 +++ c3000_work/linux/net/bluetooth/cmtp/Config.in 2004-12-16 23:01:14.000000000 +0900
8992 +# Bluetooth CMTP layer configuration
8995 +if [ "$CONFIG_ISDN" = "y" -o "$CONFIG_ISDN" = "m" ]; then
8996 + dep_tristate 'CMTP protocol support' CONFIG_BLUEZ_CMTP $CONFIG_ISDN_CAPI $CONFIG_BLUEZ_L2CAP
8998 diff -Nur c3000_pre/linux/net/bluetooth/cmtp/Makefile c3000_work/linux/net/bluetooth/cmtp/Makefile
8999 --- c3000_pre/linux/net/bluetooth/cmtp/Makefile 1970-01-01 09:00:00.000000000 +0900
9000 +++ c3000_work/linux/net/bluetooth/cmtp/Makefile 2004-12-16 23:01:14.000000000 +0900
9003 +# Makefile for the Linux Bluetooth CMTP layer
9008 +obj-y := core.o sock.o capi.o
9009 +obj-m += $(O_TARGET)
9011 +include $(TOPDIR)/Rules.make
9012 diff -Nur c3000_pre/linux/net/bluetooth/cmtp/capi.c c3000_work/linux/net/bluetooth/cmtp/capi.c
9013 --- c3000_pre/linux/net/bluetooth/cmtp/capi.c 1970-01-01 09:00:00.000000000 +0900
9014 +++ c3000_work/linux/net/bluetooth/cmtp/capi.c 2004-12-16 23:01:14.000000000 +0900
9017 + CMTP implementation for Linux Bluetooth stack (BlueZ).
9018 + Copyright (C) 2002-2003 Marcel Holtmann <marcel@holtmann.org>
9020 + This program is free software; you can redistribute it and/or modify
9021 + it under the terms of the GNU General Public License version 2 as
9022 + published by the Free Software Foundation;
9024 + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
9025 + OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
9026 + FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
9027 + IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
9028 + CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
9029 + WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
9030 + ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
9031 + OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
9033 + ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
9034 + COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
9035 + SOFTWARE IS DISCLAIMED.
9038 +#include <linux/config.h>
9039 +#include <linux/module.h>
9041 +#include <linux/types.h>
9042 +#include <linux/errno.h>
9043 +#include <linux/kernel.h>
9044 +#include <linux/major.h>
9045 +#include <linux/sched.h>
9046 +#include <linux/slab.h>
9047 +#include <linux/poll.h>
9048 +#include <linux/fcntl.h>
9049 +#include <linux/skbuff.h>
9050 +#include <linux/socket.h>
9051 +#include <linux/ioctl.h>
9052 +#include <linux/file.h>
9053 +#include <net/sock.h>
9055 +#include <linux/capi.h>
9057 +#include "../drivers/isdn/avmb1/capilli.h"
9058 +#include "../drivers/isdn/avmb1/capicmd.h"
9059 +#include "../drivers/isdn/avmb1/capiutil.h"
9063 +#ifndef CONFIG_BLUEZ_CMTP_DEBUG
9065 +#define BT_DBG(D...)
9068 +#define REVISION "1.0"
9070 +#define CAPI_INTEROPERABILITY 0x20
9072 +#define CAPI_INTEROPERABILITY_REQ CAPICMD(CAPI_INTEROPERABILITY, CAPI_REQ)
9073 +#define CAPI_INTEROPERABILITY_CONF CAPICMD(CAPI_INTEROPERABILITY, CAPI_CONF)
9074 +#define CAPI_INTEROPERABILITY_IND CAPICMD(CAPI_INTEROPERABILITY, CAPI_IND)
9075 +#define CAPI_INTEROPERABILITY_RESP CAPICMD(CAPI_INTEROPERABILITY, CAPI_RESP)
9077 +#define CAPI_INTEROPERABILITY_REQ_LEN (CAPI_MSG_BASELEN + 2)
9078 +#define CAPI_INTEROPERABILITY_CONF_LEN (CAPI_MSG_BASELEN + 4)
9079 +#define CAPI_INTEROPERABILITY_IND_LEN (CAPI_MSG_BASELEN + 2)
9080 +#define CAPI_INTEROPERABILITY_RESP_LEN (CAPI_MSG_BASELEN + 2)
9082 +#define CAPI_FUNCTION_REGISTER 0
9083 +#define CAPI_FUNCTION_RELEASE 1
9084 +#define CAPI_FUNCTION_GET_PROFILE 2
9085 +#define CAPI_FUNCTION_GET_MANUFACTURER 3
9086 +#define CAPI_FUNCTION_GET_VERSION 4
9087 +#define CAPI_FUNCTION_GET_SERIAL_NUMBER 5
9088 +#define CAPI_FUNCTION_MANUFACTURER 6
9089 +#define CAPI_FUNCTION_LOOPBACK 7
9091 +static struct capi_driver_interface *di;
9094 +#define CMTP_MSGNUM 1
9095 +#define CMTP_APPLID 2
9096 +#define CMTP_MAPPING 3
9098 +static struct cmtp_application *cmtp_application_add(struct cmtp_session *session, __u16 appl)
9100 + struct cmtp_application *app = kmalloc(sizeof(*app), GFP_KERNEL);
9102 + BT_DBG("session %p application %p appl %d", session, app, appl);
9107 + memset(app, 0, sizeof(*app));
9109 + app->state = BT_OPEN;
9112 + list_add_tail(&app->list, &session->applications);
9117 +static void cmtp_application_del(struct cmtp_session *session, struct cmtp_application *app)
9119 + BT_DBG("session %p application %p", session, app);
9122 + list_del(&app->list);
9127 +static struct cmtp_application *cmtp_application_get(struct cmtp_session *session, int pattern, __u16 value)
9129 + struct cmtp_application *app;
9130 + struct list_head *p, *n;
9132 + list_for_each_safe(p, n, &session->applications) {
9133 + app = list_entry(p, struct cmtp_application, list);
9134 + switch (pattern) {
9136 + if (app->msgnum == value)
9140 + if (app->appl == value)
9143 + case CMTP_MAPPING:
9144 + if (app->mapping == value)
9153 +static int cmtp_msgnum_get(struct cmtp_session *session)
9155 + session->msgnum++;
9157 + if ((session->msgnum & 0xff) > 200)
9158 + session->msgnum = CMTP_INITIAL_MSGNUM + 1;
9160 + return session->msgnum;
9164 +static void cmtp_send_interopmsg(struct cmtp_session *session,
9165 + __u8 subcmd, __u16 appl, __u16 msgnum,
9166 + __u16 function, unsigned char *buf, int len)
9168 + struct sk_buff *skb;
9171 + BT_DBG("session %p subcmd 0x%02x appl %d msgnum %d", session, subcmd, appl, msgnum);
9173 + if (!(skb = alloc_skb(CAPI_MSG_BASELEN + 6 + len, GFP_ATOMIC))) {
9174 + BT_ERR("Can't allocate memory for interoperability packet");
9178 + s = skb_put(skb, CAPI_MSG_BASELEN + 6 + len);
9180 + capimsg_setu16(s, 0, CAPI_MSG_BASELEN + 6 + len);
9181 + capimsg_setu16(s, 2, appl);
9182 + capimsg_setu8 (s, 4, CAPI_INTEROPERABILITY);
9183 + capimsg_setu8 (s, 5, subcmd);
9184 + capimsg_setu16(s, 6, msgnum);
9186 + /* Interoperability selector (Bluetooth Device Management) */
9187 + capimsg_setu16(s, 8, 0x0001);
9189 + capimsg_setu8 (s, 10, 3 + len);
9190 + capimsg_setu16(s, 11, function);
9191 + capimsg_setu8 (s, 13, len);
9194 + memcpy(s + 14, buf, len);
9196 + cmtp_send_capimsg(session, skb);
9199 +static void cmtp_recv_interopmsg(struct cmtp_session *session, struct sk_buff *skb)
9201 + struct capi_ctr *ctrl = session->ctrl;
9202 + struct cmtp_application *application;
9203 + __u16 appl, msgnum, func, info;
9206 + BT_DBG("session %p skb %p len %d", session, skb, skb->len);
9208 + switch (CAPIMSG_SUBCOMMAND(skb->data)) {
9210 + func = CAPIMSG_U16(skb->data, CAPI_MSG_BASELEN + 5);
9211 + info = CAPIMSG_U16(skb->data, CAPI_MSG_BASELEN + 8);
9214 + case CAPI_FUNCTION_REGISTER:
9215 + msgnum = CAPIMSG_MSGID(skb->data);
9217 + application = cmtp_application_get(session, CMTP_MSGNUM, msgnum);
9218 + if (application) {
9219 + application->state = BT_CONNECTED;
9220 + application->msgnum = 0;
9221 + application->mapping = CAPIMSG_APPID(skb->data);
9222 + wake_up_interruptible(&session->wait);
9227 + case CAPI_FUNCTION_RELEASE:
9228 + appl = CAPIMSG_APPID(skb->data);
9230 + application = cmtp_application_get(session, CMTP_MAPPING, appl);
9231 + if (application) {
9232 + application->state = BT_CLOSED;
9233 + application->msgnum = 0;
9234 + wake_up_interruptible(&session->wait);
9239 + case CAPI_FUNCTION_GET_PROFILE:
9240 + controller = CAPIMSG_U16(skb->data, CAPI_MSG_BASELEN + 11);
9241 + msgnum = CAPIMSG_MSGID(skb->data);
9243 + if (!info && (msgnum == CMTP_INITIAL_MSGNUM)) {
9244 + session->ncontroller = controller;
9245 + wake_up_interruptible(&session->wait);
9249 + if (!info && ctrl) {
9250 + memcpy(&ctrl->profile,
9251 + skb->data + CAPI_MSG_BASELEN + 11,
9252 + sizeof(capi_profile));
9253 + session->state = BT_CONNECTED;
9254 + ctrl->ready(ctrl);
9259 + case CAPI_FUNCTION_GET_MANUFACTURER:
9260 + controller = CAPIMSG_U32(skb->data, CAPI_MSG_BASELEN + 10);
9262 + if (!info && ctrl) {
9263 + strncpy(ctrl->manu,
9264 + skb->data + CAPI_MSG_BASELEN + 15,
9265 + skb->data[CAPI_MSG_BASELEN + 14]);
9270 + case CAPI_FUNCTION_GET_VERSION:
9271 + controller = CAPIMSG_U32(skb->data, CAPI_MSG_BASELEN + 12);
9273 + if (!info && ctrl) {
9274 + ctrl->version.majorversion = CAPIMSG_U32(skb->data, CAPI_MSG_BASELEN + 16);
9275 + ctrl->version.minorversion = CAPIMSG_U32(skb->data, CAPI_MSG_BASELEN + 20);
9276 + ctrl->version.majormanuversion = CAPIMSG_U32(skb->data, CAPI_MSG_BASELEN + 24);
9277 + ctrl->version.minormanuversion = CAPIMSG_U32(skb->data, CAPI_MSG_BASELEN + 28);
9282 + case CAPI_FUNCTION_GET_SERIAL_NUMBER:
9283 + controller = CAPIMSG_U32(skb->data, CAPI_MSG_BASELEN + 12);
9285 + if (!info && ctrl) {
9286 + memset(ctrl->serial, 0, CAPI_SERIAL_LEN);
9287 + strncpy(ctrl->serial,
9288 + skb->data + CAPI_MSG_BASELEN + 17,
9289 + skb->data[CAPI_MSG_BASELEN + 16]);
9298 + func = CAPIMSG_U16(skb->data, CAPI_MSG_BASELEN + 3);
9300 + if (func == CAPI_FUNCTION_LOOPBACK) {
9301 + appl = CAPIMSG_APPID(skb->data);
9302 + msgnum = CAPIMSG_MSGID(skb->data);
9303 + cmtp_send_interopmsg(session, CAPI_RESP, appl, msgnum, func,
9304 + skb->data + CAPI_MSG_BASELEN + 6,
9305 + skb->data[CAPI_MSG_BASELEN + 5]);
9314 +void cmtp_recv_capimsg(struct cmtp_session *session, struct sk_buff *skb)
9316 + struct capi_ctr *ctrl = session->ctrl;
9317 + struct cmtp_application *application;
9318 + __u16 cmd, appl, info;
9319 + __u32 ncci, contr;
9321 + BT_DBG("session %p skb %p len %d", session, skb, skb->len);
9323 + if (CAPIMSG_COMMAND(skb->data) == CAPI_INTEROPERABILITY) {
9324 + cmtp_recv_interopmsg(session, skb);
9328 + if (session->flags & (1 << CMTP_LOOPBACK)) {
9333 + cmd = CAPICMD(CAPIMSG_COMMAND(skb->data), CAPIMSG_SUBCOMMAND(skb->data));
9334 + appl = CAPIMSG_APPID(skb->data);
9335 + contr = CAPIMSG_CONTROL(skb->data);
9337 + application = cmtp_application_get(session, CMTP_MAPPING, appl);
9338 + if (application) {
9339 + appl = application->appl;
9340 + CAPIMSG_SETAPPID(skb->data, appl);
9342 + BT_ERR("Can't find application with id %d", appl);
9347 + if ((contr & 0x7f) == 0x01) {
9348 + contr = (contr & 0xffffff80) | session->num;
9349 + CAPIMSG_SETCONTROL(skb->data, contr);
9353 + BT_ERR("Can't find controller %d for message", session->num);
9359 + case CAPI_CONNECT_B3_CONF:
9360 + ncci = CAPIMSG_NCCI(skb->data);
9361 + info = CAPIMSG_U16(skb->data, 12);
9363 + BT_DBG("CONNECT_B3_CONF ncci 0x%02x info 0x%02x", ncci, info);
9366 + ctrl->new_ncci(ctrl, appl, ncci, 8);
9368 + ctrl->handle_capimsg(ctrl, appl, skb);
9371 + case CAPI_CONNECT_B3_IND:
9372 + ncci = CAPIMSG_NCCI(skb->data);
9374 + BT_DBG("CONNECT_B3_IND ncci 0x%02x", ncci);
9376 + ctrl->new_ncci(ctrl, appl, ncci, 8);
9377 + ctrl->handle_capimsg(ctrl, appl, skb);
9380 + case CAPI_DISCONNECT_B3_IND:
9381 + ncci = CAPIMSG_NCCI(skb->data);
9383 + BT_DBG("DISCONNECT_B3_IND ncci 0x%02x", ncci);
9385 + if (ncci == 0xffffffff)
9386 + BT_ERR("DISCONNECT_B3_IND with ncci 0xffffffff");
9388 + ctrl->handle_capimsg(ctrl, appl, skb);
9389 + ctrl->free_ncci(ctrl, appl, ncci);
9393 + ctrl->handle_capimsg(ctrl, appl, skb);
9398 +void cmtp_send_capimsg(struct cmtp_session *session, struct sk_buff *skb)
9400 + struct cmtp_scb *scb = (void *) skb->cb;
9402 + BT_DBG("session %p skb %p len %d", session, skb, skb->len);
9405 + scb->data = (CAPIMSG_COMMAND(skb->data) == CAPI_DATA_B3);
9407 + skb_queue_tail(&session->transmit, skb);
9409 + cmtp_schedule(session);
9413 +static int cmtp_load_firmware(struct capi_ctr *ctrl, capiloaddata *data)
9415 + BT_DBG("ctrl %p data %p", ctrl, data);
9420 +static void cmtp_reset_ctr(struct capi_ctr *ctrl)
9422 + BT_DBG("ctrl %p", ctrl);
9424 + ctrl->reseted(ctrl);
9427 +static void cmtp_remove_ctr(struct capi_ctr *ctrl)
9429 + struct cmtp_session *session = ctrl->driverdata;
9431 + BT_DBG("ctrl %p", ctrl);
9433 + ctrl->suspend_output(ctrl);
9435 + atomic_inc(&session->terminate);
9436 + cmtp_schedule(session);
9439 +static void cmtp_register_appl(struct capi_ctr *ctrl, __u16 appl, capi_register_params *rp)
9441 + DECLARE_WAITQUEUE(wait, current);
9442 + struct cmtp_session *session = ctrl->driverdata;
9443 + struct cmtp_application *application;
9444 + unsigned long timeo = CMTP_INTEROP_TIMEOUT;
9445 + unsigned char buf[8];
9446 + int err = 0, nconn, want = rp->level3cnt;
9448 + BT_DBG("ctrl %p appl %d level3cnt %d datablkcnt %d datablklen %d",
9449 + ctrl, appl, rp->level3cnt, rp->datablkcnt, rp->datablklen);
9451 + application = cmtp_application_add(session, appl);
9452 + if (!application) {
9453 + BT_ERR("Can't allocate memory for new application");
9454 + ctrl->appl_released(ctrl, appl);
9459 + nconn = ctrl->profile.nbchannel * -want;
9464 + nconn = ctrl->profile.nbchannel;
9466 + capimsg_setu16(buf, 0, nconn);
9467 + capimsg_setu16(buf, 2, rp->datablkcnt);
9468 + capimsg_setu16(buf, 4, rp->datablklen);
9470 + application->state = BT_CONFIG;
9471 + application->msgnum = cmtp_msgnum_get(session);
9473 + cmtp_send_interopmsg(session, CAPI_REQ, 0x0000, application->msgnum,
9474 + CAPI_FUNCTION_REGISTER, buf, 6);
9476 + add_wait_queue(&session->wait, &wait);
9478 + set_current_state(TASK_INTERRUPTIBLE);
9485 + if (application->state == BT_CLOSED) {
9486 + err = -application->err;
9490 + if (application->state == BT_CONNECTED)
9493 + if (signal_pending(current)) {
9498 + timeo = schedule_timeout(timeo);
9500 + set_current_state(TASK_RUNNING);
9501 + remove_wait_queue(&session->wait, &wait);
9504 + ctrl->appl_released(ctrl, appl);
9505 + cmtp_application_del(session, application);
9509 + ctrl->appl_registered(ctrl, appl);
9512 +static void cmtp_release_appl(struct capi_ctr *ctrl, __u16 appl)
9514 + DECLARE_WAITQUEUE(wait, current);
9515 + struct cmtp_session *session = ctrl->driverdata;
9516 + struct cmtp_application *application;
9517 + unsigned long timeo = CMTP_INTEROP_TIMEOUT;
9519 + BT_DBG("ctrl %p appl %d", ctrl, appl);
9521 + application = cmtp_application_get(session, CMTP_APPLID, appl);
9522 + if (!application) {
9523 + BT_ERR("Can't find application");
9527 + application->msgnum = cmtp_msgnum_get(session);
9529 + cmtp_send_interopmsg(session, CAPI_REQ, application->mapping, application->msgnum,
9530 + CAPI_FUNCTION_RELEASE, NULL, 0);
9532 + add_wait_queue(&session->wait, &wait);
9534 + set_current_state(TASK_INTERRUPTIBLE);
9536 + if (application->state == BT_CLOSED)
9539 + if (signal_pending(current))
9542 + timeo = schedule_timeout(timeo);
9544 + set_current_state(TASK_RUNNING);
9545 + remove_wait_queue(&session->wait, &wait);
9547 + cmtp_application_del(session, application);
9548 + ctrl->appl_released(ctrl, appl);
9551 +static void cmtp_send_message(struct capi_ctr *ctrl, struct sk_buff *skb)
9553 + struct cmtp_session *session = ctrl->driverdata;
9554 + struct cmtp_application *application;
9558 + BT_DBG("ctrl %p skb %p", ctrl, skb);
9560 + appl = CAPIMSG_APPID(skb->data);
9561 + contr = CAPIMSG_CONTROL(skb->data);
9563 + application = cmtp_application_get(session, CMTP_APPLID, appl);
9564 + if ((!application) || (application->state != BT_CONNECTED)) {
9565 + BT_ERR("Can't find application with id %d", appl);
9570 + CAPIMSG_SETAPPID(skb->data, application->mapping);
9572 + if ((contr & 0x7f) == session->num) {
9573 + contr = (contr & 0xffffff80) | 0x01;
9574 + CAPIMSG_SETCONTROL(skb->data, contr);
9577 + cmtp_send_capimsg(session, skb);
9580 +static char *cmtp_procinfo(struct capi_ctr *ctrl)
9582 + return "CAPI Message Transport Protocol";
9585 +static int cmtp_ctr_read_proc(char *page, char **start, off_t off, int count, int *eof, struct capi_ctr *ctrl)
9587 + struct cmtp_session *session = ctrl->driverdata;
9588 + struct cmtp_application *app;
9589 + struct list_head *p, *n;
9592 + len += sprintf(page + len, "%s (Revision %s)\n\n", cmtp_procinfo(ctrl), REVISION);
9593 + len += sprintf(page + len, "addr %s\n", session->name);
9594 + len += sprintf(page + len, "ctrl %d\n", session->num);
9596 + list_for_each_safe(p, n, &session->applications) {
9597 + app = list_entry(p, struct cmtp_application, list);
9598 + len += sprintf(page + len, "appl %d -> %d\n", app->appl, app->mapping);
9601 + if (off + count >= len)
9607 + *start = page + off;
9609 + return ((count < len - off) ? count : len - off);
9612 +static struct capi_driver cmtp_driver = {
9614 + revision: REVISION,
9615 + load_firmware: cmtp_load_firmware,
9616 + reset_ctr: cmtp_reset_ctr,
9617 + remove_ctr: cmtp_remove_ctr,
9618 + register_appl: cmtp_register_appl,
9619 + release_appl: cmtp_release_appl,
9620 + send_message: cmtp_send_message,
9621 + procinfo: cmtp_procinfo,
9622 + ctr_read_proc: cmtp_ctr_read_proc,
9624 + driver_read_proc: 0,
9629 +int cmtp_attach_device(struct cmtp_session *session)
9631 + DECLARE_WAITQUEUE(wait, current);
9632 + unsigned long timeo = CMTP_INTEROP_TIMEOUT;
9633 + unsigned char buf[4];
9635 + BT_DBG("session %p", session);
9637 + capimsg_setu32(buf, 0, 0);
9639 + cmtp_send_interopmsg(session, CAPI_REQ, 0xffff, CMTP_INITIAL_MSGNUM,
9640 + CAPI_FUNCTION_GET_PROFILE, buf, 4);
9642 + add_wait_queue(&session->wait, &wait);
9644 + set_current_state(TASK_INTERRUPTIBLE);
9646 + if (session->ncontroller)
9649 + if (signal_pending(current))
9652 + timeo = schedule_timeout(timeo);
9654 + set_current_state(TASK_RUNNING);
9655 + remove_wait_queue(&session->wait, &wait);
9657 + BT_INFO("Found %d CAPI controller(s) on device %s", session->ncontroller, session->name);
9660 + return -ETIMEDOUT;
9662 + if (!session->ncontroller)
9666 + if (session->ncontroller > 1)
9667 + BT_INFO("Setting up only CAPI controller 1");
9669 + if (!(session->ctrl = di->attach_ctr(&cmtp_driver, session->name, session))) {
9670 + BT_ERR("Can't attach new controller");
9674 + session->num = session->ctrl->cnr;
9676 + BT_DBG("session %p ctrl %p num %d", session, session->ctrl, session->num);
9678 + capimsg_setu32(buf, 0, 1);
9680 + cmtp_send_interopmsg(session, CAPI_REQ, 0xffff, cmtp_msgnum_get(session),
9681 + CAPI_FUNCTION_GET_MANUFACTURER, buf, 4);
9683 + cmtp_send_interopmsg(session, CAPI_REQ, 0xffff, cmtp_msgnum_get(session),
9684 + CAPI_FUNCTION_GET_VERSION, buf, 4);
9686 + cmtp_send_interopmsg(session, CAPI_REQ, 0xffff, cmtp_msgnum_get(session),
9687 + CAPI_FUNCTION_GET_SERIAL_NUMBER, buf, 4);
9689 + cmtp_send_interopmsg(session, CAPI_REQ, 0xffff, cmtp_msgnum_get(session),
9690 + CAPI_FUNCTION_GET_PROFILE, buf, 4);
9695 +void cmtp_detach_device(struct cmtp_session *session)
9697 + struct capi_ctr *ctrl = session->ctrl;
9699 + BT_DBG("session %p ctrl %p", session, ctrl);
9704 + ctrl->reseted(ctrl);
9706 + di->detach_ctr(ctrl);
9709 +int cmtp_init_capi(void)
9711 + if (!(di = attach_capi_driver(&cmtp_driver))) {
9712 + BT_ERR("Can't attach CAPI driver");
9719 +void cmtp_cleanup_capi(void)
9721 + detach_capi_driver(&cmtp_driver);
9723 diff -Nur c3000_pre/linux/net/bluetooth/cmtp/cmtp.h c3000_work/linux/net/bluetooth/cmtp/cmtp.h
9724 --- c3000_pre/linux/net/bluetooth/cmtp/cmtp.h 1970-01-01 09:00:00.000000000 +0900
9725 +++ c3000_work/linux/net/bluetooth/cmtp/cmtp.h 2004-12-16 23:01:14.000000000 +0900
9728 + CMTP implementation for Linux Bluetooth stack (BlueZ).
9729 + Copyright (C) 2002-2003 Marcel Holtmann <marcel@holtmann.org>
9731 + This program is free software; you can redistribute it and/or modify
9732 + it under the terms of the GNU General Public License version 2 as
9733 + published by the Free Software Foundation;
9735 + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
9736 + OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
9737 + FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
9738 + IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
9739 + CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
9740 + WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
9741 + ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
9742 + OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
9744 + ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
9745 + COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
9746 + SOFTWARE IS DISCLAIMED.
9752 +#include <linux/types.h>
9753 +#include <net/bluetooth/bluetooth.h>
9755 +#define BTNAMSIZ 18
9757 +/* CMTP ioctl defines */
9758 +#define CMTPCONNADD _IOW('C', 200, int)
9759 +#define CMTPCONNDEL _IOW('C', 201, int)
9760 +#define CMTPGETCONNLIST _IOR('C', 210, int)
9761 +#define CMTPGETCONNINFO _IOR('C', 211, int)
9763 +#define CMTP_LOOPBACK 0
9765 +struct cmtp_connadd_req {
9766 + int sock; // Connected socket
9770 +struct cmtp_conndel_req {
9775 +struct cmtp_conninfo {
9782 +struct cmtp_connlist_req {
9784 + struct cmtp_conninfo *ci;
9787 +int cmtp_add_connection(struct cmtp_connadd_req *req, struct socket *sock);
9788 +int cmtp_del_connection(struct cmtp_conndel_req *req);
9789 +int cmtp_get_connlist(struct cmtp_connlist_req *req);
9790 +int cmtp_get_conninfo(struct cmtp_conninfo *ci);
9792 +/* CMTP session defines */
9793 +#define CMTP_INTEROP_TIMEOUT (HZ * 5)
9794 +#define CMTP_INITIAL_MSGNUM 0xff00
9796 +struct cmtp_session {
9797 + struct list_head list;
9799 + struct socket *sock;
9803 + unsigned long state;
9804 + unsigned long flags;
9808 + char name[BTNAMSIZ];
9810 + atomic_t terminate;
9812 + wait_queue_head_t wait;
9816 + struct capi_ctr *ctrl;
9818 + struct list_head applications;
9820 + unsigned long blockids;
9823 + struct sk_buff_head transmit;
9825 + struct sk_buff *reassembly[16];
9828 +struct cmtp_application {
9829 + struct list_head list;
9831 + unsigned long state;
9845 +int cmtp_attach_device(struct cmtp_session *session);
9846 +void cmtp_detach_device(struct cmtp_session *session);
9848 +void cmtp_recv_capimsg(struct cmtp_session *session, struct sk_buff *skb);
9849 +void cmtp_send_capimsg(struct cmtp_session *session, struct sk_buff *skb);
9851 +static inline void cmtp_schedule(struct cmtp_session *session)
9853 + struct sock *sk = session->sock->sk;
9855 + wake_up_interruptible(sk->sleep);
9858 +/* CMTP init defines */
9859 +int cmtp_init_capi(void);
9860 +int cmtp_init_sockets(void);
9861 +void cmtp_cleanup_capi(void);
9862 +void cmtp_cleanup_sockets(void);
9864 +#endif /* __CMTP_H */
9865 diff -Nur c3000_pre/linux/net/bluetooth/cmtp/core.c c3000_work/linux/net/bluetooth/cmtp/core.c
9866 --- c3000_pre/linux/net/bluetooth/cmtp/core.c 1970-01-01 09:00:00.000000000 +0900
9867 +++ c3000_work/linux/net/bluetooth/cmtp/core.c 2004-12-16 23:01:14.000000000 +0900
9870 + CMTP implementation for Linux Bluetooth stack (BlueZ).
9871 + Copyright (C) 2002-2003 Marcel Holtmann <marcel@holtmann.org>
9873 + This program is free software; you can redistribute it and/or modify
9874 + it under the terms of the GNU General Public License version 2 as
9875 + published by the Free Software Foundation;
9877 + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
9878 + OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
9879 + FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
9880 + IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
9881 + CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
9882 + WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
9883 + ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
9884 + OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
9886 + ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
9887 + COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
9888 + SOFTWARE IS DISCLAIMED.
9891 +#include <linux/config.h>
9892 +#include <linux/module.h>
9894 +#include <linux/types.h>
9895 +#include <linux/errno.h>
9896 +#include <linux/kernel.h>
9897 +#include <linux/major.h>
9898 +#include <linux/sched.h>
9899 +#include <linux/slab.h>
9900 +#include <linux/poll.h>
9901 +#include <linux/fcntl.h>
9902 +#include <linux/skbuff.h>
9903 +#include <linux/socket.h>
9904 +#include <linux/ioctl.h>
9905 +#include <linux/file.h>
9906 +#include <linux/init.h>
9907 +#include <net/sock.h>
9909 +#include <net/bluetooth/bluetooth.h>
9910 +#include <net/bluetooth/l2cap.h>
9914 +#ifndef CONFIG_BLUEZ_CMTP_DEBUG
9916 +#define BT_DBG(D...)
9919 +#define VERSION "1.0"
9921 +static DECLARE_RWSEM(cmtp_session_sem);
9922 +static LIST_HEAD(cmtp_session_list);
9924 +static struct cmtp_session *__cmtp_get_session(bdaddr_t *bdaddr)
9926 + struct cmtp_session *session;
9927 + struct list_head *p;
9931 + list_for_each(p, &cmtp_session_list) {
9932 + session = list_entry(p, struct cmtp_session, list);
9933 + if (!bacmp(bdaddr, &session->bdaddr))
9939 +static void __cmtp_link_session(struct cmtp_session *session)
9941 + MOD_INC_USE_COUNT;
9942 + list_add(&session->list, &cmtp_session_list);
9945 +static void __cmtp_unlink_session(struct cmtp_session *session)
9947 + list_del(&session->list);
9948 + MOD_DEC_USE_COUNT;
9951 +static void __cmtp_copy_session(struct cmtp_session *session, struct cmtp_conninfo *ci)
9953 + bacpy(&ci->bdaddr, &session->bdaddr);
9955 + ci->flags = session->flags;
9956 + ci->state = session->state;
9958 + ci->num = session->num;
9962 +static inline int cmtp_alloc_block_id(struct cmtp_session *session)
9966 + for (i = 0; i < 16; i++)
9967 + if (!test_and_set_bit(i, &session->blockids)) {
9975 +static inline void cmtp_free_block_id(struct cmtp_session *session, int id)
9977 + clear_bit(id, &session->blockids);
9980 +static inline void cmtp_add_msgpart(struct cmtp_session *session, int id, const unsigned char *buf, int count)
9982 + struct sk_buff *skb = session->reassembly[id], *nskb;
9985 + BT_DBG("session %p buf %p count %d", session, buf, count);
9987 + size = (skb) ? skb->len + count : count;
9989 + if (!(nskb = alloc_skb(size, GFP_ATOMIC))) {
9990 + BT_ERR("Can't allocate memory for CAPI message");
9994 + if (skb && (skb->len > 0))
9995 + memcpy(skb_put(nskb, skb->len), skb->data, skb->len);
9997 + memcpy(skb_put(nskb, count), buf, count);
9999 + session->reassembly[id] = nskb;
10005 +static inline int cmtp_recv_frame(struct cmtp_session *session, struct sk_buff *skb)
10007 + __u8 hdr, hdrlen, id;
10010 + BT_DBG("session %p skb %p len %d", session, skb, skb->len);
10012 + while (skb->len > 0) {
10013 + hdr = skb->data[0];
10015 + switch (hdr & 0xc0) {
10018 + len = skb->data[1];
10022 + len = skb->data[1] | (skb->data[2] << 8);
10030 + id = (hdr & 0x3c) >> 2;
10032 + BT_DBG("hdr 0x%02x hdrlen %d len %d id %d", hdr, hdrlen, len, id);
10034 + if (hdrlen + len > skb->len) {
10035 + BT_ERR("Wrong size or header information in CMTP frame");
10040 + skb_pull(skb, hdrlen);
10044 + switch (hdr & 0x03) {
10046 + cmtp_add_msgpart(session, id, skb->data + hdrlen, len);
10047 + cmtp_recv_capimsg(session, session->reassembly[id]);
10048 + session->reassembly[id] = NULL;
10051 + cmtp_add_msgpart(session, id, skb->data + hdrlen, len);
10054 + if (session->reassembly[id] != NULL)
10055 + kfree_skb(session->reassembly[id]);
10056 + session->reassembly[id] = NULL;
10060 + skb_pull(skb, hdrlen + len);
10067 +static int cmtp_send_frame(struct cmtp_session *session, unsigned char *data, int len)
10069 + struct socket *sock = session->sock;
10070 + struct iovec iv = { data, len };
10071 + struct msghdr msg;
10074 + BT_DBG("session %p data %p len %d", session, data, len);
10079 + memset(&msg, 0, sizeof(msg));
10080 + msg.msg_iovlen = 1;
10081 + msg.msg_iov = &iv;
10083 + err = sock->ops->sendmsg(sock, &msg, len, 0);
10087 +static int cmtp_process_transmit(struct cmtp_session *session)
10089 + struct sk_buff *skb, *nskb;
10090 + unsigned char *hdr;
10091 + unsigned int size, tail;
10093 + BT_DBG("session %p", session);
10095 + if (!(nskb = alloc_skb(session->mtu, GFP_ATOMIC))) {
10096 + BT_ERR("Can't allocate memory for new frame");
10100 + while ((skb = skb_dequeue(&session->transmit))) {
10101 + struct cmtp_scb *scb = (void *) skb->cb;
10103 + if ((tail = (session->mtu - nskb->len)) < 5) {
10104 + cmtp_send_frame(session, nskb->data, nskb->len);
10105 + skb_trim(nskb, 0);
10106 + tail = session->mtu;
10109 + size = min_t(uint, ((tail < 258) ? (tail - 2) : (tail - 3)), skb->len);
10111 + if ((scb->id < 0) && ((scb->id = cmtp_alloc_block_id(session)) < 0)) {
10112 + skb_queue_head(&session->transmit, skb);
10116 + if (size < 256) {
10117 + hdr = skb_put(nskb, 2);
10119 + | ((scb->id << 2) & 0x3c)
10120 + | ((skb->len == size) ? 0x00 : 0x01);
10123 + hdr = skb_put(nskb, 3);
10125 + | ((scb->id << 2) & 0x3c)
10126 + | ((skb->len == size) ? 0x00 : 0x01);
10127 + hdr[1] = size & 0xff;
10128 + hdr[2] = size >> 8;
10131 + memcpy(skb_put(nskb, size), skb->data, size);
10132 + skb_pull(skb, size);
10134 + if (skb->len > 0) {
10135 + skb_queue_head(&session->transmit, skb);
10137 + cmtp_free_block_id(session, scb->id);
10139 + cmtp_send_frame(session, nskb->data, nskb->len);
10140 + skb_trim(nskb, 0);
10146 + cmtp_send_frame(session, nskb->data, nskb->len);
10150 + return skb_queue_len(&session->transmit);
10153 +static int cmtp_session(void *arg)
10155 + struct cmtp_session *session = arg;
10156 + struct sock *sk = session->sock->sk;
10157 + struct sk_buff *skb;
10158 + wait_queue_t wait;
10160 + BT_DBG("session %p", session);
10162 + daemonize(); reparent_to_init();
10164 + sprintf(current->comm, "kcmtpd_ctr_%d", session->num);
10166 + sigfillset(¤t->blocked);
10167 + flush_signals(current);
10169 + current->nice = -15;
10171 + set_fs(KERNEL_DS);
10173 + init_waitqueue_entry(&wait, current);
10174 + add_wait_queue(sk->sleep, &wait);
10175 + while (!atomic_read(&session->terminate)) {
10176 + set_current_state(TASK_INTERRUPTIBLE);
10178 + if (sk->state != BT_CONNECTED)
10181 + while ((skb = skb_dequeue(&sk->receive_queue))) {
10183 + cmtp_recv_frame(session, skb);
10186 + cmtp_process_transmit(session);
10190 + set_current_state(TASK_RUNNING);
10191 + remove_wait_queue(sk->sleep, &wait);
10193 + down_write(&cmtp_session_sem);
10195 + if (!(session->flags & (1 << CMTP_LOOPBACK)))
10196 + cmtp_detach_device(session);
10198 + fput(session->sock->file);
10200 + __cmtp_unlink_session(session);
10202 + up_write(&cmtp_session_sem);
10208 +int cmtp_add_connection(struct cmtp_connadd_req *req, struct socket *sock)
10210 + struct cmtp_session *session, *s;
10211 + bdaddr_t src, dst;
10216 + baswap(&src, &bluez_pi(sock->sk)->src);
10217 + baswap(&dst, &bluez_pi(sock->sk)->dst);
10219 + session = kmalloc(sizeof(struct cmtp_session), GFP_KERNEL);
10222 + memset(session, 0, sizeof(struct cmtp_session));
10224 + down_write(&cmtp_session_sem);
10226 + s = __cmtp_get_session(&bluez_pi(sock->sk)->dst);
10227 + if (s && s->state == BT_CONNECTED) {
10232 + bacpy(&session->bdaddr, &bluez_pi(sock->sk)->dst);
10234 + session->mtu = min_t(uint, l2cap_pi(sock->sk)->omtu, l2cap_pi(sock->sk)->imtu);
10236 + BT_DBG("mtu %d", session->mtu);
10238 + sprintf(session->name, "%s", batostr(&dst));
10240 + session->sock = sock;
10241 + session->state = BT_CONFIG;
10243 + init_waitqueue_head(&session->wait);
10245 + session->ctrl = NULL;
10246 + session->msgnum = CMTP_INITIAL_MSGNUM;
10248 + INIT_LIST_HEAD(&session->applications);
10250 + skb_queue_head_init(&session->transmit);
10252 + for (i = 0; i < 16; i++)
10253 + session->reassembly[i] = NULL;
10255 + session->flags = req->flags;
10257 + __cmtp_link_session(session);
10259 + err = kernel_thread(cmtp_session, session, CLONE_FS | CLONE_FILES | CLONE_SIGHAND);
10263 + if (!(session->flags & (1 << CMTP_LOOPBACK))) {
10264 + err = cmtp_attach_device(session);
10269 + up_write(&cmtp_session_sem);
10273 + cmtp_detach_device(session);
10276 + __cmtp_unlink_session(session);
10279 + up_write(&cmtp_session_sem);
10284 +int cmtp_del_connection(struct cmtp_conndel_req *req)
10286 + struct cmtp_session *session;
10291 + down_read(&cmtp_session_sem);
10293 + session = __cmtp_get_session(&req->bdaddr);
10295 + /* Flush the transmit queue */
10296 + skb_queue_purge(&session->transmit);
10298 + /* Kill session thread */
10299 + atomic_inc(&session->terminate);
10300 + cmtp_schedule(session);
10304 + up_read(&cmtp_session_sem);
10308 +int cmtp_get_connlist(struct cmtp_connlist_req *req)
10310 + struct list_head *p;
10311 + int err = 0, n = 0;
10315 + down_read(&cmtp_session_sem);
10317 + list_for_each(p, &cmtp_session_list) {
10318 + struct cmtp_session *session;
10319 + struct cmtp_conninfo ci;
10321 + session = list_entry(p, struct cmtp_session, list);
10323 + __cmtp_copy_session(session, &ci);
10325 + if (copy_to_user(req->ci, &ci, sizeof(ci))) {
10330 + if (++n >= req->cnum)
10337 + up_read(&cmtp_session_sem);
10341 +int cmtp_get_conninfo(struct cmtp_conninfo *ci)
10343 + struct cmtp_session *session;
10346 + down_read(&cmtp_session_sem);
10348 + session = __cmtp_get_session(&ci->bdaddr);
10350 + __cmtp_copy_session(session, ci);
10354 + up_read(&cmtp_session_sem);
10359 +int __init init_cmtp(void)
10363 + cmtp_init_capi();
10364 + cmtp_init_sockets();
10366 + BT_INFO("BlueZ CMTP ver %s", VERSION);
10367 + BT_INFO("Copyright (C) 2002-2003 Marcel Holtmann <marcel@holtmann.org>");
10372 +void __exit exit_cmtp(void)
10374 + cmtp_cleanup_sockets();
10375 + cmtp_cleanup_capi();
10378 +module_init(init_cmtp);
10379 +module_exit(exit_cmtp);
10381 +MODULE_AUTHOR("Marcel Holtmann <marcel@holtmann.org>");
10382 +MODULE_DESCRIPTION("BlueZ CMTP ver " VERSION);
10383 +MODULE_LICENSE("GPL");
10384 diff -Nur c3000_pre/linux/net/bluetooth/cmtp/sock.c c3000_work/linux/net/bluetooth/cmtp/sock.c
10385 --- c3000_pre/linux/net/bluetooth/cmtp/sock.c 1970-01-01 09:00:00.000000000 +0900
10386 +++ c3000_work/linux/net/bluetooth/cmtp/sock.c 2004-12-16 23:01:14.000000000 +0900
10389 + CMTP implementation for Linux Bluetooth stack (BlueZ).
10390 + Copyright (C) 2002-2003 Marcel Holtmann <marcel@holtmann.org>
10392 + This program is free software; you can redistribute it and/or modify
10393 + it under the terms of the GNU General Public License version 2 as
10394 + published by the Free Software Foundation;
10396 + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10397 + OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
10398 + FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
10399 + IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
10400 + CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
10401 + WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
10402 + ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
10403 + OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
10405 + ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
10406 + COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
10407 + SOFTWARE IS DISCLAIMED.
10410 +#include <linux/config.h>
10411 +#include <linux/module.h>
10413 +#include <linux/types.h>
10414 +#include <linux/errno.h>
10415 +#include <linux/kernel.h>
10416 +#include <linux/major.h>
10417 +#include <linux/sched.h>
10418 +#include <linux/slab.h>
10419 +#include <linux/poll.h>
10420 +#include <linux/fcntl.h>
10421 +#include <linux/skbuff.h>
10422 +#include <linux/socket.h>
10423 +#include <linux/ioctl.h>
10424 +#include <linux/file.h>
10425 +#include <net/sock.h>
10427 +#include <asm/system.h>
10428 +#include <asm/uaccess.h>
10432 +#ifndef CONFIG_BLUEZ_CMTP_DEBUG
10434 +#define BT_DBG(D...)
10437 +static int cmtp_sock_release(struct socket *sock)
10439 + struct sock *sk = sock->sk;
10441 + BT_DBG("sock %p sk %p", sock, sk);
10449 + MOD_DEC_USE_COUNT;
10453 +static int cmtp_sock_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
10455 + struct cmtp_connadd_req ca;
10456 + struct cmtp_conndel_req cd;
10457 + struct cmtp_connlist_req cl;
10458 + struct cmtp_conninfo ci;
10459 + struct socket *nsock;
10462 + BT_DBG("cmd %x arg %lx", cmd, arg);
10465 + case CMTPCONNADD:
10466 + if (!capable(CAP_NET_ADMIN))
10469 + if (copy_from_user(&ca, (void *) arg, sizeof(ca)))
10472 + nsock = sockfd_lookup(ca.sock, &err);
10476 + if (nsock->sk->state != BT_CONNECTED) {
10477 + fput(nsock->file);
10481 + err = cmtp_add_connection(&ca, nsock);
10483 + if (copy_to_user((void *) arg, &ca, sizeof(ca)))
10486 + fput(nsock->file);
10490 + case CMTPCONNDEL:
10491 + if (!capable(CAP_NET_ADMIN))
10494 + if (copy_from_user(&cd, (void *) arg, sizeof(cd)))
10497 + return cmtp_del_connection(&cd);
10499 + case CMTPGETCONNLIST:
10500 + if (copy_from_user(&cl, (void *) arg, sizeof(cl)))
10503 + if (cl.cnum <= 0)
10506 + err = cmtp_get_connlist(&cl);
10507 + if (!err && copy_to_user((void *) arg, &cl, sizeof(cl)))
10512 + case CMTPGETCONNINFO:
10513 + if (copy_from_user(&ci, (void *) arg, sizeof(ci)))
10516 + err = cmtp_get_conninfo(&ci);
10517 + if (!err && copy_to_user((void *) arg, &ci, sizeof(ci)))
10526 +static struct proto_ops cmtp_sock_ops = {
10527 + family: PF_BLUETOOTH,
10528 + release: cmtp_sock_release,
10529 + ioctl: cmtp_sock_ioctl,
10530 + bind: sock_no_bind,
10531 + getname: sock_no_getname,
10532 + sendmsg: sock_no_sendmsg,
10533 + recvmsg: sock_no_recvmsg,
10534 + poll: sock_no_poll,
10535 + listen: sock_no_listen,
10536 + shutdown: sock_no_shutdown,
10537 + setsockopt: sock_no_setsockopt,
10538 + getsockopt: sock_no_getsockopt,
10539 + connect: sock_no_connect,
10540 + socketpair: sock_no_socketpair,
10541 + accept: sock_no_accept,
10542 + mmap: sock_no_mmap
10545 +static int cmtp_sock_create(struct socket *sock, int protocol)
10549 + BT_DBG("sock %p", sock);
10551 + if (sock->type != SOCK_RAW)
10552 + return -ESOCKTNOSUPPORT;
10554 + sock->ops = &cmtp_sock_ops;
10556 + if (!(sk = sk_alloc(PF_BLUETOOTH, GFP_KERNEL, 1)))
10559 + MOD_INC_USE_COUNT;
10561 + sock->state = SS_UNCONNECTED;
10562 + sock_init_data(sock, sk);
10564 + sk->destruct = NULL;
10565 + sk->protocol = protocol;
10570 +static struct net_proto_family cmtp_sock_family_ops = {
10571 + family: PF_BLUETOOTH,
10572 + create: cmtp_sock_create
10575 +int cmtp_init_sockets(void)
10579 + if ((err = bluez_sock_register(BTPROTO_CMTP, &cmtp_sock_family_ops))) {
10580 + BT_ERR("Can't register CMTP socket layer (%d)", err);
10587 +void cmtp_cleanup_sockets(void)
10591 + if ((err = bluez_sock_unregister(BTPROTO_CMTP)))
10592 + BT_ERR("Can't unregister CMTP socket layer (%d)", err);
10596 diff -Nur c3000_pre/linux/net/bluetooth/hci_conn.c c3000_work/linux/net/bluetooth/hci_conn.c
10597 --- c3000_pre/linux/net/bluetooth/hci_conn.c 2004-08-21 09:49:19.000000000 +0900
10598 +++ c3000_work/linux/net/bluetooth/hci_conn.c 2004-12-16 23:01:14.000000000 +0900
10601 memset(&cp, 0, sizeof(cp));
10602 bacpy(&cp.bdaddr, &conn->dst);
10603 + cp.pscan_rep_mode = 0x02;
10605 if ((ie = inquiry_cache_lookup(hdev, &conn->dst)) &&
10606 inquiry_entry_age(ie) <= INQUIRY_ENTRY_AGE_MAX) {
10607 @@ -357,21 +358,24 @@
10608 struct hci_conn_info *ci;
10609 struct hci_dev *hdev;
10610 struct list_head *p;
10612 + int n = 0, size, err;
10614 if (copy_from_user(&req, (void *) arg, sizeof(req)))
10617 - if (!(hdev = hci_dev_get(req.dev_id)))
10620 - size = req.conn_num * sizeof(struct hci_conn_info) + sizeof(req);
10621 + if (!req.conn_num || req.conn_num > (PAGE_SIZE * 2) / sizeof(*ci))
10624 - if (verify_area(VERIFY_WRITE, (void *)arg, size))
10626 + size = sizeof(req) + req.conn_num * sizeof(*ci);
10628 if (!(cl = (void *) kmalloc(size, GFP_KERNEL)))
10631 + if (!(hdev = hci_dev_get(req.dev_id))) {
10636 ci = cl->conn_info;
10638 hci_dev_lock_bh(hdev);
10639 @@ -385,20 +389,21 @@
10640 (ci + n)->out = c->out;
10641 (ci + n)->state = c->state;
10642 (ci + n)->link_mode = c->link_mode;
10644 + if (++n >= req.conn_num)
10647 hci_dev_unlock_bh(hdev);
10649 cl->dev_id = hdev->id;
10651 - size = n * sizeof(struct hci_conn_info) + sizeof(req);
10652 + size = sizeof(req) + n * sizeof(*ci);
10656 - copy_to_user((void *) arg, cl, size);
10657 + err = copy_to_user((void *) arg, cl, size);
10661 + return err ? -EFAULT : 0;
10664 int hci_get_conn_info(struct hci_dev *hdev, unsigned long arg)
10665 @@ -411,9 +416,6 @@
10666 if (copy_from_user(&req, (void *) arg, sizeof(req)))
10669 - if (verify_area(VERIFY_WRITE, ptr, sizeof(ci)))
10672 hci_dev_lock_bh(hdev);
10673 conn = conn_hash_lookup_ba(hdev, req.type, &req.bdaddr);
10675 @@ -429,6 +431,5 @@
10679 - copy_to_user(ptr, &ci, sizeof(ci));
10681 + return copy_to_user(ptr, &ci, sizeof(ci)) ? -EFAULT : 0;
10683 diff -Nur c3000_pre/linux/net/bluetooth/hci_core.c c3000_work/linux/net/bluetooth/hci_core.c
10684 --- c3000_pre/linux/net/bluetooth/hci_core.c 2004-08-21 09:49:19.000000000 +0900
10685 +++ c3000_work/linux/net/bluetooth/hci_core.c 2004-12-16 23:01:14.000000000 +0900
10686 @@ -218,6 +218,10 @@
10688 /* Mandatory initialization */
10691 + if (test_bit(HCI_QUIRK_RESET_ON_INIT, &hdev->quirks))
10692 + hci_send_cmd(hdev, OGF_HOST_CTL, OCF_RESET, 0, NULL);
10694 /* Read Local Supported Features */
10695 hci_send_cmd(hdev, OGF_INFO_PARAM, OCF_READ_LOCAL_FEATURES, 0, NULL);
10697 @@ -395,7 +399,7 @@
10699 struct hci_inquiry_req ir;
10700 struct hci_dev *hdev;
10701 - int err = 0, do_inquiry = 0;
10702 + int err = 0, do_inquiry = 0, max_rsp;
10706 @@ -408,6 +412,7 @@
10708 hci_dev_lock_bh(hdev);
10709 if (inquiry_cache_age(hdev) > INQUIRY_CACHE_AGE_MAX ||
10710 + inquiry_cache_empty(hdev) ||
10711 ir.flags & IREQ_CACHE_FLUSH) {
10712 inquiry_cache_flush(hdev);
10714 @@ -418,16 +423,19 @@
10715 if (do_inquiry && (err = hci_request(hdev, hci_inq_req, (unsigned long)&ir, timeo)) < 0)
10718 + /* for unlimited number of responses we will use buffer with 255 entries */
10719 + max_rsp = (ir.num_rsp == 0) ? 255 : ir.num_rsp;
10721 /* cache_dump can't sleep. Therefore we allocate temp buffer and then
10722 * copy it to the user space.
10724 - if (!(buf = kmalloc(sizeof(inquiry_info) * ir.num_rsp, GFP_KERNEL))) {
10725 + if (!(buf = kmalloc(sizeof(inquiry_info) * max_rsp, GFP_KERNEL))) {
10730 hci_dev_lock_bh(hdev);
10731 - ir.num_rsp = inquiry_cache_dump(hdev, ir.num_rsp, buf);
10732 + ir.num_rsp = inquiry_cache_dump(hdev, max_rsp, buf);
10733 hci_dev_unlock_bh(hdev);
10735 BT_DBG("num_rsp %d", ir.num_rsp);
10736 @@ -708,22 +716,20 @@
10737 struct hci_dev_list_req *dl;
10738 struct hci_dev_req *dr;
10739 struct list_head *p;
10741 + int n = 0, size, err;
10744 if (get_user(dev_num, (__u16 *) arg))
10748 + if (!dev_num || dev_num > (PAGE_SIZE * 2) / sizeof(*dr))
10751 - size = dev_num * sizeof(struct hci_dev_req) + sizeof(__u16);
10753 - if (verify_area(VERIFY_WRITE, (void *) arg, size))
10755 + size = sizeof(*dl) + dev_num * sizeof(*dr);
10757 if (!(dl = kmalloc(size, GFP_KERNEL)))
10762 read_lock_bh(&hdev_list_lock);
10763 @@ -738,12 +744,12 @@
10764 read_unlock_bh(&hdev_list_lock);
10767 - size = n * sizeof(struct hci_dev_req) + sizeof(__u16);
10768 + size = sizeof(*dl) + n * sizeof(*dr);
10770 - copy_to_user((void *) arg, dl, size);
10771 + err = copy_to_user((void *) arg, dl, size);
10775 + return err ? -EFAULT : 0;
10778 int hci_get_dev_info(unsigned long arg)
10779 @@ -864,6 +870,22 @@
10783 +/* Suspend HCI device */
10784 +int hci_suspend_dev(struct hci_dev *hdev)
10786 + hci_notify(hdev, HCI_DEV_SUSPEND);
10787 + hci_run_hotplug(hdev->name, "suspend");
10791 +/* Resume HCI device */
10792 +int hci_resume_dev(struct hci_dev *hdev)
10794 + hci_notify(hdev, HCI_DEV_RESUME);
10795 + hci_run_hotplug(hdev->name, "resume");
10799 /* Receive frame from HCI drivers */
10800 int hci_recv_frame(struct sk_buff *skb)
10802 @@ -959,40 +981,6 @@
10803 return hdev->send(skb);
10806 -/* Send raw HCI frame */
10807 -int hci_send_raw(struct sk_buff *skb)
10809 - struct hci_dev *hdev = (struct hci_dev *) skb->dev;
10816 - BT_DBG("%s type %d len %d", hdev->name, skb->pkt_type, skb->len);
10818 - if (!test_bit(HCI_RAW, &hdev->flags)) {
10819 - /* Queue frame according it's type */
10820 - switch (skb->pkt_type) {
10821 - case HCI_COMMAND_PKT:
10822 - skb_queue_tail(&hdev->cmd_q, skb);
10823 - hci_sched_cmd(hdev);
10826 - case HCI_ACLDATA_PKT:
10827 - case HCI_SCODATA_PKT:
10829 - * Check header here and queue to apropriate connection.
10835 - skb_queue_tail(&hdev->raw_q, skb);
10836 - hci_sched_tx(hdev);
10840 /* Send HCI command */
10841 int hci_send_cmd(struct hci_dev *hdev, __u16 ogf, __u16 ocf, __u32 plen, void *param)
10843 diff -Nur c3000_pre/linux/net/bluetooth/hci_event.c c3000_work/linux/net/bluetooth/hci_event.c
10844 --- c3000_pre/linux/net/bluetooth/hci_event.c 2004-08-21 09:49:19.000000000 +0900
10845 +++ c3000_work/linux/net/bluetooth/hci_event.c 2004-12-16 23:01:14.000000000 +0900
10847 /* Command Complete OGF LINK_CTL */
10848 static void hci_cc_link_ctl(struct hci_dev *hdev, __u16 ocf, struct sk_buff *skb)
10852 BT_DBG("%s ocf 0x%x", hdev->name, ocf);
10855 + case OCF_INQUIRY_CANCEL:
10856 + status = *((__u8 *) skb->data);
10859 + BT_DBG("%s Inquiry cancel error: status 0x%x", hdev->name, status);
10861 + clear_bit(HCI_INQUIRY, &hdev->flags);
10862 + hci_req_complete(hdev, status);
10867 BT_DBG("%s Command complete: ogf LINK_CTL ocf %x", hdev->name, ocf);
10869 @@ -307,7 +320,7 @@
10870 status, batostr(&cc->bdaddr), conn);
10874 + if (conn && conn->state == BT_CONNECT) {
10875 conn->state = BT_CLOSED;
10876 hci_proto_connect_cfm(conn, status);
10877 hci_conn_del(conn);
10878 @@ -439,6 +452,29 @@
10879 hci_dev_unlock(hdev);
10882 +/* Inquiry Result With RSSI */
10883 +static inline void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev, struct sk_buff *skb)
10885 + inquiry_info_with_rssi *info = (inquiry_info_with_rssi *) (skb->data + 1);
10886 + int num_rsp = *((__u8 *) skb->data);
10888 + BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
10890 + hci_dev_lock(hdev);
10891 + for (; num_rsp; num_rsp--) {
10892 + inquiry_info tmp;
10893 + bacpy(&tmp.bdaddr, &info->bdaddr);
10894 + tmp.pscan_rep_mode = info->pscan_rep_mode;
10895 + tmp.pscan_period_mode = info->pscan_period_mode;
10896 + tmp.pscan_mode = 0x00;
10897 + memcpy(tmp.dev_class, &info->dev_class, 3);
10898 + tmp.clock_offset = info->clock_offset;
10900 + inquiry_cache_update(hdev, &tmp);
10902 + hci_dev_unlock(hdev);
10905 /* Connect Request */
10906 static inline void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
10908 @@ -735,6 +771,10 @@
10909 hci_inquiry_result_evt(hdev, skb);
10912 + case EVT_INQUIRY_RESULT_WITH_RSSI:
10913 + hci_inquiry_result_with_rssi_evt(hdev, skb);
10916 case EVT_CONN_REQUEST:
10917 hci_conn_request_evt(hdev, skb);
10919 diff -Nur c3000_pre/linux/net/bluetooth/hci_sock.c c3000_work/linux/net/bluetooth/hci_sock.c
10920 --- c3000_pre/linux/net/bluetooth/hci_sock.c 2004-08-21 09:49:19.000000000 +0900
10921 +++ c3000_work/linux/net/bluetooth/hci_sock.c 2004-12-16 23:01:14.000000000 +0900
10924 #include <asm/system.h>
10925 #include <asm/uaccess.h>
10926 +#include <asm/unaligned.h>
10928 #include <net/bluetooth/bluetooth.h>
10929 #include <net/bluetooth/hci_core.h>
10930 @@ -65,17 +66,20 @@
10935 + { 0x1000d9fe, 0x0000300c },
10940 - { 0x2a000002, 0x0, 0x0, 0x0 },
10941 + { 0xbe000006, 0x00000001, 0x0000, 0x00 },
10942 /* OGF_LINK_POLICY */
10943 - { 0x1200, 0x0, 0x0, 0x0 },
10944 + { 0x00005200, 0x00000000, 0x0000, 0x00 },
10946 - { 0x80100000, 0xa, 0x0, 0x0 },
10947 + { 0xaab00200, 0x2b402aaa, 0x0154, 0x00 },
10948 /* OGF_INFO_PARAM */
10949 - { 0x22a, 0x0, 0x0, 0x0 }
10950 + { 0x000002be, 0x00000000, 0x0000, 0x00 },
10951 + /* OGF_STATUS_PARAM */
10952 + { 0x000000ea, 0x00000000, 0x0000, 0x00 }
10956 @@ -387,25 +391,37 @@
10958 skb->pkt_type = *((unsigned char *) skb->data);
10960 + skb->dev = (void *) hdev;
10962 - if (!capable(CAP_NET_RAW)) {
10964 + if (skb->pkt_type == HCI_COMMAND_PKT) {
10965 + u16 opcode = __le16_to_cpu(get_unaligned((u16 *)skb->data));
10966 + u16 ogf = cmd_opcode_ogf(opcode);
10967 + u16 ocf = cmd_opcode_ocf(opcode);
10969 + if (((ogf > HCI_SFLT_MAX_OGF) ||
10970 + !hci_test_bit(ocf & HCI_FLT_OCF_BITS, &hci_sec_filter.ocf_mask[ogf])) &&
10971 + !capable(CAP_NET_RAW)) {
10976 - if (skb->pkt_type == HCI_COMMAND_PKT) {
10977 - __u16 opcode = __le16_to_cpu(*(__u16 *)skb->data);
10978 - __u16 ogf = cmd_opcode_ogf(opcode) - 1;
10979 - __u16 ocf = cmd_opcode_ocf(opcode) & HCI_FLT_OCF_BITS;
10981 - if (ogf > HCI_SFLT_MAX_OGF ||
10982 - !hci_test_bit(ocf, &hci_sec_filter.ocf_mask[ogf]))
10985 + if (test_bit(HCI_RAW, &hdev->flags) || (ogf == OGF_VENDOR_CMD)) {
10986 + skb_queue_tail(&hdev->raw_q, skb);
10987 + hci_sched_tx(hdev);
10989 + skb_queue_tail(&hdev->cmd_q, skb);
10990 + hci_sched_cmd(hdev);
10993 + if (!capable(CAP_NET_RAW)) {
10998 + skb_queue_tail(&hdev->raw_q, skb);
10999 + hci_sched_tx(hdev);
11002 - /* Send frame to HCI core */
11003 - skb->dev = (void *) hdev;
11004 - hci_send_raw(skb);
11009 diff -Nur c3000_pre/linux/net/bluetooth/hidp/Config.in c3000_work/linux/net/bluetooth/hidp/Config.in
11010 --- c3000_pre/linux/net/bluetooth/hidp/Config.in 1970-01-01 09:00:00.000000000 +0900
11011 +++ c3000_work/linux/net/bluetooth/hidp/Config.in 2004-12-16 23:01:14.000000000 +0900
11014 +# Bluetooth HIDP layer configuration
11017 +dep_tristate 'HIDP protocol support' CONFIG_BLUEZ_HIDP $CONFIG_INPUT $CONFIG_BLUEZ_L2CAP
11018 diff -Nur c3000_pre/linux/net/bluetooth/hidp/Makefile c3000_work/linux/net/bluetooth/hidp/Makefile
11019 --- c3000_pre/linux/net/bluetooth/hidp/Makefile 1970-01-01 09:00:00.000000000 +0900
11020 +++ c3000_work/linux/net/bluetooth/hidp/Makefile 2004-12-16 23:01:14.000000000 +0900
11023 +# Makefile for the Linux Bluetooth HIDP layer
11026 +O_TARGET := hidp.o
11028 +obj-y := core.o sock.o
11029 +obj-m += $(O_TARGET)
11031 +include $(TOPDIR)/Rules.make
11032 diff -Nur c3000_pre/linux/net/bluetooth/hidp/core.c c3000_work/linux/net/bluetooth/hidp/core.c
11033 --- c3000_pre/linux/net/bluetooth/hidp/core.c 1970-01-01 09:00:00.000000000 +0900
11034 +++ c3000_work/linux/net/bluetooth/hidp/core.c 2004-12-16 23:01:14.000000000 +0900
11037 + HIDP implementation for Linux Bluetooth stack (BlueZ).
11038 + Copyright (C) 2003-2004 Marcel Holtmann <marcel@holtmann.org>
11040 + This program is free software; you can redistribute it and/or modify
11041 + it under the terms of the GNU General Public License version 2 as
11042 + published by the Free Software Foundation;
11044 + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
11045 + OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11046 + FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
11047 + IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
11048 + CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
11049 + WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
11050 + ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
11051 + OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
11053 + ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
11054 + COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
11055 + SOFTWARE IS DISCLAIMED.
11058 +#include <linux/config.h>
11059 +#include <linux/module.h>
11061 +#include <linux/types.h>
11062 +#include <linux/errno.h>
11063 +#include <linux/kernel.h>
11064 +#include <linux/major.h>
11065 +#include <linux/sched.h>
11066 +#include <linux/slab.h>
11067 +#include <linux/poll.h>
11068 +#include <linux/fcntl.h>
11069 +#include <linux/skbuff.h>
11070 +#include <linux/socket.h>
11071 +#include <linux/ioctl.h>
11072 +#include <linux/file.h>
11073 +#include <linux/init.h>
11074 +#include <net/sock.h>
11076 +#include <linux/input.h>
11078 +#include <net/bluetooth/bluetooth.h>
11079 +#include <net/bluetooth/l2cap.h>
11083 +#ifndef CONFIG_BT_HIDP_DEBUG
11085 +#define BT_DBG(D...)
11088 +#define VERSION "1.0"
11090 +static DECLARE_RWSEM(hidp_session_sem);
11091 +static LIST_HEAD(hidp_session_list);
11093 +static unsigned char hidp_keycode[256] = {
11094 + 0, 0, 0, 0, 30, 48, 46, 32, 18, 33, 34, 35, 23, 36, 37, 38,
11095 + 50, 49, 24, 25, 16, 19, 31, 20, 22, 47, 17, 45, 21, 44, 2, 3,
11096 + 4, 5, 6, 7, 8, 9, 10, 11, 28, 1, 14, 15, 57, 12, 13, 26,
11097 + 27, 43, 43, 39, 40, 41, 51, 52, 53, 58, 59, 60, 61, 62, 63, 64,
11098 + 65, 66, 67, 68, 87, 88, 99, 70,119,110,102,104,111,107,109,106,
11099 + 105,108,103, 69, 98, 55, 74, 78, 96, 79, 80, 81, 75, 76, 77, 71,
11100 + 72, 73, 82, 83, 86,127,116,117,183,184,185,186,187,188,189,190,
11101 + 191,192,193,194,134,138,130,132,128,129,131,137,133,135,136,113,
11102 + 115,114, 0, 0, 0,121, 0, 89, 93,124, 92, 94, 95, 0, 0, 0,
11103 + 122,123, 90, 91, 85, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
11104 + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
11105 + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
11106 + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
11107 + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
11108 + 29, 42, 56,125, 97, 54,100,126,164,166,165,163,161,115,114,113,
11109 + 150,158,159,128,136,177,178,176,142,152,173,140
11112 +static struct hidp_session *__hidp_get_session(bdaddr_t *bdaddr)
11114 + struct hidp_session *session;
11115 + struct list_head *p;
11119 + list_for_each(p, &hidp_session_list) {
11120 + session = list_entry(p, struct hidp_session, list);
11121 + if (!bacmp(bdaddr, &session->bdaddr))
11127 +static void __hidp_link_session(struct hidp_session *session)
11129 + MOD_INC_USE_COUNT;
11130 + list_add(&session->list, &hidp_session_list);
11133 +static void __hidp_unlink_session(struct hidp_session *session)
11135 + list_del(&session->list);
11136 + MOD_DEC_USE_COUNT;
11139 +static void __hidp_copy_session(struct hidp_session *session, struct hidp_conninfo *ci)
11141 + bacpy(&ci->bdaddr, &session->bdaddr);
11143 + ci->flags = session->flags;
11144 + ci->state = session->state;
11146 + ci->vendor = 0x0000;
11147 + ci->product = 0x0000;
11148 + ci->version = 0x0000;
11149 + memset(ci->name, 0, 128);
11151 + if (session->input) {
11152 + ci->vendor = session->input->idvendor;
11153 + ci->product = session->input->idproduct;
11154 + ci->version = session->input->idversion;
11155 + if (session->input->name)
11156 + strncpy(ci->name, session->input->name, 128);
11158 + strncpy(ci->name, "HID Boot Device", 128);
11162 +static int hidp_input_event(struct input_dev *dev, unsigned int type, unsigned int code, int value)
11164 + struct hidp_session *session = dev->private;
11165 + struct sk_buff *skb;
11166 + unsigned char newleds;
11168 + BT_DBG("session %p hid %p data %p size %d", session, device, data, size);
11170 + if (type != EV_LED)
11173 + newleds = (!!test_bit(LED_KANA, dev->led) << 3) |
11174 + (!!test_bit(LED_COMPOSE, dev->led) << 3) |
11175 + (!!test_bit(LED_SCROLLL, dev->led) << 2) |
11176 + (!!test_bit(LED_CAPSL, dev->led) << 1) |
11177 + (!!test_bit(LED_NUML, dev->led));
11179 + if (session->leds == newleds)
11182 + session->leds = newleds;
11184 + if (!(skb = alloc_skb(3, GFP_ATOMIC))) {
11185 + BT_ERR("Can't allocate memory for new frame");
11189 + *skb_put(skb, 1) = 0xa2;
11190 + *skb_put(skb, 1) = 0x01;
11191 + *skb_put(skb, 1) = newleds;
11193 + skb_queue_tail(&session->intr_transmit, skb);
11195 + hidp_schedule(session);
11200 +static void hidp_input_report(struct hidp_session *session, struct sk_buff *skb)
11202 + struct input_dev *dev = session->input;
11203 + unsigned char *keys = session->keys;
11204 + unsigned char *udata = skb->data + 1;
11205 + signed char *sdata = skb->data + 1;
11206 + int i, size = skb->len - 1;
11208 + switch (skb->data[0]) {
11209 + case 0x01: /* Keyboard report */
11210 + for (i = 0; i < 8; i++)
11211 + input_report_key(dev, hidp_keycode[i + 224], (udata[0] >> i) & 1);
11213 + for (i = 2; i < 8; i++) {
11214 + if (keys[i] > 3 && memscan(udata + 2, keys[i], 6) == udata + 8) {
11215 + if (hidp_keycode[keys[i]])
11216 + input_report_key(dev, hidp_keycode[keys[i]], 0);
11218 + BT_ERR("Unknown key (scancode %#x) released.", keys[i]);
11221 + if (udata[i] > 3 && memscan(keys + 2, udata[i], 6) == keys + 8) {
11222 + if (hidp_keycode[udata[i]])
11223 + input_report_key(dev, hidp_keycode[udata[i]], 1);
11225 + BT_ERR("Unknown key (scancode %#x) pressed.", udata[i]);
11229 + memcpy(keys, udata, 8);
11232 + case 0x02: /* Mouse report */
11233 + input_report_key(dev, BTN_LEFT, sdata[0] & 0x01);
11234 + input_report_key(dev, BTN_RIGHT, sdata[0] & 0x02);
11235 + input_report_key(dev, BTN_MIDDLE, sdata[0] & 0x04);
11236 + input_report_key(dev, BTN_SIDE, sdata[0] & 0x08);
11237 + input_report_key(dev, BTN_EXTRA, sdata[0] & 0x10);
11239 + input_report_rel(dev, REL_X, sdata[1]);
11240 + input_report_rel(dev, REL_Y, sdata[2]);
11243 + input_report_rel(dev, REL_WHEEL, sdata[3]);
11247 + input_event(dev, EV_RST, 0, 0);
11250 +static void hidp_idle_timeout(unsigned long arg)
11252 + struct hidp_session *session = (struct hidp_session *) arg;
11254 + atomic_inc(&session->terminate);
11255 + hidp_schedule(session);
11258 +static inline void hidp_set_timer(struct hidp_session *session)
11260 + if (session->idle_to > 0)
11261 + mod_timer(&session->timer, jiffies + HZ * session->idle_to);
11264 +static inline void hidp_del_timer(struct hidp_session *session)
11266 + if (session->idle_to > 0)
11267 + del_timer(&session->timer);
11270 +static inline void hidp_send_message(struct hidp_session *session, unsigned char hdr)
11272 + struct sk_buff *skb;
11274 + BT_DBG("session %p", session);
11276 + if (!(skb = alloc_skb(1, GFP_ATOMIC))) {
11277 + BT_ERR("Can't allocate memory for message");
11281 + *skb_put(skb, 1) = hdr;
11283 + skb_queue_tail(&session->ctrl_transmit, skb);
11285 + hidp_schedule(session);
11288 +static inline int hidp_recv_frame(struct hidp_session *session, struct sk_buff *skb)
11292 + BT_DBG("session %p skb %p len %d", session, skb, skb->len);
11294 + hdr = skb->data[0];
11295 + skb_pull(skb, 1);
11297 + if (hdr == 0xa1) {
11298 + hidp_set_timer(session);
11300 + if (session->input)
11301 + hidp_input_report(session, skb);
11303 + BT_DBG("Unsupported protocol header 0x%02x", hdr);
11310 +static int hidp_send_frame(struct socket *sock, unsigned char *data, int len)
11312 + struct iovec iv = { data, len };
11313 + struct msghdr msg;
11315 + BT_DBG("sock %p data %p len %d", sock, data, len);
11320 + memset(&msg, 0, sizeof(msg));
11321 + msg.msg_iovlen = 1;
11322 + msg.msg_iov = &iv;
11324 + return sock_sendmsg(sock, &msg, len);
11327 +static int hidp_process_transmit(struct hidp_session *session)
11329 + struct sk_buff *skb;
11331 + BT_DBG("session %p", session);
11333 + while ((skb = skb_dequeue(&session->ctrl_transmit))) {
11334 + if (hidp_send_frame(session->ctrl_sock, skb->data, skb->len) < 0) {
11335 + skb_queue_head(&session->ctrl_transmit, skb);
11339 + hidp_set_timer(session);
11343 + while ((skb = skb_dequeue(&session->intr_transmit))) {
11344 + if (hidp_send_frame(session->intr_sock, skb->data, skb->len) < 0) {
11345 + skb_queue_head(&session->intr_transmit, skb);
11349 + hidp_set_timer(session);
11353 + return skb_queue_len(&session->ctrl_transmit) +
11354 + skb_queue_len(&session->intr_transmit);
11357 +static int hidp_session(void *arg)
11359 + struct hidp_session *session = arg;
11360 + struct sock *ctrl_sk = session->ctrl_sock->sk;
11361 + struct sock *intr_sk = session->intr_sock->sk;
11362 + struct sk_buff *skb;
11363 + int vendor = 0x0000, product = 0x0000;
11364 + wait_queue_t ctrl_wait, intr_wait;
11365 + unsigned long timeo = HZ;
11367 + BT_DBG("session %p", session);
11369 + if (session->input) {
11370 + vendor = session->input->idvendor;
11371 + product = session->input->idproduct;
11374 + daemonize(); reparent_to_init();
11376 + sprintf(current->comm, "khidpd_%04x%04x", vendor, product);
11378 + sigfillset(¤t->blocked);
11379 + flush_signals(current);
11381 + current->nice = -15;
11383 + set_fs(KERNEL_DS);
11385 + init_waitqueue_entry(&ctrl_wait, current);
11386 + init_waitqueue_entry(&intr_wait, current);
11387 + add_wait_queue(ctrl_sk->sleep, &ctrl_wait);
11388 + add_wait_queue(intr_sk->sleep, &intr_wait);
11389 + while (!atomic_read(&session->terminate)) {
11390 + set_current_state(TASK_INTERRUPTIBLE);
11392 + if (ctrl_sk->state != BT_CONNECTED || intr_sk->state != BT_CONNECTED)
11395 + while ((skb = skb_dequeue(&ctrl_sk->receive_queue))) {
11397 + hidp_recv_frame(session, skb);
11400 + while ((skb = skb_dequeue(&intr_sk->receive_queue))) {
11402 + hidp_recv_frame(session, skb);
11405 + hidp_process_transmit(session);
11409 + set_current_state(TASK_RUNNING);
11410 + remove_wait_queue(intr_sk->sleep, &intr_wait);
11411 + remove_wait_queue(ctrl_sk->sleep, &ctrl_wait);
11413 + down_write(&hidp_session_sem);
11415 + hidp_del_timer(session);
11417 + if (intr_sk->state != BT_CONNECTED) {
11418 + init_waitqueue_entry(&ctrl_wait, current);
11419 + add_wait_queue(ctrl_sk->sleep, &ctrl_wait);
11420 + while (timeo && ctrl_sk->state != BT_CLOSED) {
11421 + set_current_state(TASK_INTERRUPTIBLE);
11422 + timeo = schedule_timeout(timeo);
11424 + set_current_state(TASK_RUNNING);
11425 + remove_wait_queue(ctrl_sk->sleep, &ctrl_wait);
11429 + fput(session->ctrl_sock->file);
11431 + init_waitqueue_entry(&intr_wait, current);
11432 + add_wait_queue(intr_sk->sleep, &intr_wait);
11433 + while (timeo && intr_sk->state != BT_CLOSED) {
11434 + set_current_state(TASK_INTERRUPTIBLE);
11435 + timeo = schedule_timeout(timeo);
11437 + set_current_state(TASK_RUNNING);
11438 + remove_wait_queue(intr_sk->sleep, &intr_wait);
11440 + fput(session->intr_sock->file);
11442 + __hidp_unlink_session(session);
11444 + if (session->input) {
11445 + input_unregister_device(session->input);
11446 + kfree(session->input);
11449 + up_write(&hidp_session_sem);
11455 +static inline void hidp_setup_input(struct hidp_session *session, struct hidp_connadd_req *req)
11457 + struct input_dev *input = session->input;
11460 + input->private = session;
11462 + input->idbus = BUS_BLUETOOTH;
11463 + input->idvendor = req->vendor;
11464 + input->idproduct = req->product;
11465 + input->idversion = req->version;
11467 + if (req->subclass & 0x40) {
11468 + set_bit(EV_KEY, input->evbit);
11469 + set_bit(EV_LED, input->evbit);
11470 + set_bit(EV_REP, input->evbit);
11472 + set_bit(LED_NUML, input->ledbit);
11473 + set_bit(LED_CAPSL, input->ledbit);
11474 + set_bit(LED_SCROLLL, input->ledbit);
11475 + set_bit(LED_COMPOSE, input->ledbit);
11476 + set_bit(LED_KANA, input->ledbit);
11478 + for (i = 0; i < sizeof(hidp_keycode); i++)
11479 + set_bit(hidp_keycode[i], input->keybit);
11480 + clear_bit(0, input->keybit);
11483 + if (req->subclass & 0x80) {
11484 + input->evbit[0] = BIT(EV_KEY) | BIT(EV_REL);
11485 + input->keybit[LONG(BTN_MOUSE)] = BIT(BTN_LEFT) | BIT(BTN_RIGHT) | BIT(BTN_MIDDLE);
11486 + input->relbit[0] = BIT(REL_X) | BIT(REL_Y);
11487 + input->keybit[LONG(BTN_MOUSE)] |= BIT(BTN_SIDE) | BIT(BTN_EXTRA);
11488 + input->relbit[0] |= BIT(REL_WHEEL);
11491 + input->event = hidp_input_event;
11493 + input_register_device(input);
11496 +int hidp_add_connection(struct hidp_connadd_req *req, struct socket *ctrl_sock, struct socket *intr_sock)
11498 + struct hidp_session *session, *s;
11503 + if (bacmp(&bluez_pi(ctrl_sock->sk)->src, &bluez_pi(intr_sock->sk)->src) ||
11504 + bacmp(&bluez_pi(ctrl_sock->sk)->dst, &bluez_pi(intr_sock->sk)->dst))
11505 + return -ENOTUNIQ;
11507 + session = kmalloc(sizeof(struct hidp_session), GFP_KERNEL);
11510 + memset(session, 0, sizeof(struct hidp_session));
11512 + session->input = kmalloc(sizeof(struct input_dev), GFP_KERNEL);
11513 + if (!session->input) {
11517 + memset(session->input, 0, sizeof(struct input_dev));
11519 + down_write(&hidp_session_sem);
11521 + s = __hidp_get_session(&bluez_pi(ctrl_sock->sk)->dst);
11522 + if (s && s->state == BT_CONNECTED) {
11527 + bacpy(&session->bdaddr, &bluez_pi(ctrl_sock->sk)->dst);
11529 + session->ctrl_mtu = min_t(uint, l2cap_pi(ctrl_sock->sk)->omtu, l2cap_pi(ctrl_sock->sk)->imtu);
11530 + session->intr_mtu = min_t(uint, l2cap_pi(intr_sock->sk)->omtu, l2cap_pi(intr_sock->sk)->imtu);
11532 + BT_DBG("ctrl mtu %d intr mtu %d", session->ctrl_mtu, session->intr_mtu);
11534 + session->ctrl_sock = ctrl_sock;
11535 + session->intr_sock = intr_sock;
11536 + session->state = BT_CONNECTED;
11538 + init_timer(&session->timer);
11540 + session->timer.function = hidp_idle_timeout;
11541 + session->timer.data = (unsigned long) session;
11543 + skb_queue_head_init(&session->ctrl_transmit);
11544 + skb_queue_head_init(&session->intr_transmit);
11546 + session->flags = req->flags & (1 << HIDP_BLUETOOTH_VENDOR_ID);
11547 + session->idle_to = req->idle_to;
11549 + if (session->input)
11550 + hidp_setup_input(session, req);
11552 + __hidp_link_session(session);
11554 + hidp_set_timer(session);
11556 + err = kernel_thread(hidp_session, session, CLONE_FS | CLONE_FILES | CLONE_SIGHAND);
11560 + if (session->input) {
11561 + hidp_send_message(session, 0x70);
11562 + session->flags |= (1 << HIDP_BOOT_PROTOCOL_MODE);
11564 + session->leds = 0xff;
11565 + hidp_input_event(session->input, EV_LED, 0, 0);
11568 + up_write(&hidp_session_sem);
11572 + hidp_del_timer(session);
11574 + __hidp_unlink_session(session);
11576 + if (session->input)
11577 + input_unregister_device(session->input);
11580 + up_write(&hidp_session_sem);
11582 + if (session->input)
11583 + kfree(session->input);
11589 +int hidp_del_connection(struct hidp_conndel_req *req)
11591 + struct hidp_session *session;
11596 + down_read(&hidp_session_sem);
11598 + session = __hidp_get_session(&req->bdaddr);
11600 + if (req->flags & (1 << HIDP_VIRTUAL_CABLE_UNPLUG)) {
11601 + hidp_send_message(session, 0x15);
11603 + /* Flush the transmit queues */
11604 + skb_queue_purge(&session->ctrl_transmit);
11605 + skb_queue_purge(&session->intr_transmit);
11607 + /* Kill session thread */
11608 + atomic_inc(&session->terminate);
11609 + hidp_schedule(session);
11614 + up_read(&hidp_session_sem);
11618 +int hidp_get_connlist(struct hidp_connlist_req *req)
11620 + struct list_head *p;
11621 + int err = 0, n = 0;
11625 + down_read(&hidp_session_sem);
11627 + list_for_each(p, &hidp_session_list) {
11628 + struct hidp_session *session;
11629 + struct hidp_conninfo ci;
11631 + session = list_entry(p, struct hidp_session, list);
11633 + __hidp_copy_session(session, &ci);
11635 + if (copy_to_user(req->ci, &ci, sizeof(ci))) {
11640 + if (++n >= req->cnum)
11647 + up_read(&hidp_session_sem);
11651 +int hidp_get_conninfo(struct hidp_conninfo *ci)
11653 + struct hidp_session *session;
11656 + down_read(&hidp_session_sem);
11658 + session = __hidp_get_session(&ci->bdaddr);
11660 + __hidp_copy_session(session, ci);
11664 + up_read(&hidp_session_sem);
11668 +static int __init hidp_init(void)
11672 + hidp_init_sockets();
11674 + BT_INFO("BlueZ HIDP ver %s", VERSION);
11675 + BT_INFO("Copyright (C) 2003-2004 Marcel Holtmann <marcel@holtmann.org>");
11680 +static void __exit hidp_exit(void)
11682 + hidp_cleanup_sockets();
11685 +module_init(hidp_init);
11686 +module_exit(hidp_exit);
11688 +MODULE_AUTHOR("Marcel Holtmann <marcel@holtmann.org>");
11689 +MODULE_DESCRIPTION("Bluetooth HIDP ver " VERSION);
11690 +MODULE_LICENSE("GPL");
11691 diff -Nur c3000_pre/linux/net/bluetooth/hidp/hidp.h c3000_work/linux/net/bluetooth/hidp/hidp.h
11692 --- c3000_pre/linux/net/bluetooth/hidp/hidp.h 1970-01-01 09:00:00.000000000 +0900
11693 +++ c3000_work/linux/net/bluetooth/hidp/hidp.h 2004-12-16 23:01:14.000000000 +0900
11696 + HIDP implementation for Linux Bluetooth stack (BlueZ).
11697 + Copyright (C) 2003-2004 Marcel Holtmann <marcel@holtmann.org>
11699 + This program is free software; you can redistribute it and/or modify
11700 + it under the terms of the GNU General Public License version 2 as
11701 + published by the Free Software Foundation;
11703 + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
11704 + OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11705 + FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
11706 + IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
11707 + CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
11708 + WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
11709 + ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
11710 + OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
11712 + ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
11713 + COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
11714 + SOFTWARE IS DISCLAIMED.
11720 +#include <linux/types.h>
11721 +#include <net/bluetooth/bluetooth.h>
11723 +/* HIDP ioctl defines */
11724 +#define HIDPCONNADD _IOW('H', 200, int)
11725 +#define HIDPCONNDEL _IOW('H', 201, int)
11726 +#define HIDPGETCONNLIST _IOR('H', 210, int)
11727 +#define HIDPGETCONNINFO _IOR('H', 211, int)
11729 +#define HIDP_VIRTUAL_CABLE_UNPLUG 0
11730 +#define HIDP_BOOT_PROTOCOL_MODE 1
11731 +#define HIDP_BLUETOOTH_VENDOR_ID 9
11733 +struct hidp_connadd_req {
11734 + int ctrl_sock; // Connected control socket
11735 + int intr_sock; // Connteted interrupt socket
11749 +struct hidp_conndel_req {
11754 +struct hidp_conninfo {
11764 +struct hidp_connlist_req {
11766 + struct hidp_conninfo *ci;
11769 +int hidp_add_connection(struct hidp_connadd_req *req, struct socket *ctrl_sock, struct socket *intr_sock);
11770 +int hidp_del_connection(struct hidp_conndel_req *req);
11771 +int hidp_get_connlist(struct hidp_connlist_req *req);
11772 +int hidp_get_conninfo(struct hidp_conninfo *ci);
11774 +/* HIDP session defines */
11775 +struct hidp_session {
11776 + struct list_head list;
11778 + struct socket *ctrl_sock;
11779 + struct socket *intr_sock;
11783 + unsigned long state;
11784 + unsigned long flags;
11785 + unsigned long idle_to;
11790 + atomic_t terminate;
11792 + unsigned char keys[8];
11793 + unsigned char leds;
11795 + struct input_dev *input;
11797 + struct timer_list timer;
11799 + struct sk_buff_head ctrl_transmit;
11800 + struct sk_buff_head intr_transmit;
11803 +static inline void hidp_schedule(struct hidp_session *session)
11805 + struct sock *ctrl_sk = session->ctrl_sock->sk;
11806 + struct sock *intr_sk = session->intr_sock->sk;
11808 + wake_up_interruptible(ctrl_sk->sleep);
11809 + wake_up_interruptible(intr_sk->sleep);
11812 +/* HIDP init defines */
11813 +extern int __init hidp_init_sockets(void);
11814 +extern void __exit hidp_cleanup_sockets(void);
11816 +#endif /* __HIDP_H */
11817 diff -Nur c3000_pre/linux/net/bluetooth/hidp/sock.c c3000_work/linux/net/bluetooth/hidp/sock.c
11818 --- c3000_pre/linux/net/bluetooth/hidp/sock.c 1970-01-01 09:00:00.000000000 +0900
11819 +++ c3000_work/linux/net/bluetooth/hidp/sock.c 2004-12-16 23:01:14.000000000 +0900
11822 + HIDP implementation for Linux Bluetooth stack (BlueZ).
11823 + Copyright (C) 2003-2004 Marcel Holtmann <marcel@holtmann.org>
11825 + This program is free software; you can redistribute it and/or modify
11826 + it under the terms of the GNU General Public License version 2 as
11827 + published by the Free Software Foundation;
11829 + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
11830 + OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11831 + FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
11832 + IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
11833 + CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
11834 + WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
11835 + ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
11836 + OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
11838 + ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
11839 + COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
11840 + SOFTWARE IS DISCLAIMED.
11843 +#include <linux/config.h>
11844 +#include <linux/module.h>
11846 +#include <linux/types.h>
11847 +#include <linux/errno.h>
11848 +#include <linux/kernel.h>
11849 +#include <linux/major.h>
11850 +#include <linux/sched.h>
11851 +#include <linux/slab.h>
11852 +#include <linux/poll.h>
11853 +#include <linux/fcntl.h>
11854 +#include <linux/skbuff.h>
11855 +#include <linux/socket.h>
11856 +#include <linux/ioctl.h>
11857 +#include <linux/file.h>
11858 +#include <linux/init.h>
11859 +#include <net/sock.h>
11863 +#ifndef CONFIG_BT_HIDP_DEBUG
11865 +#define BT_DBG(D...)
11868 +static int hidp_sock_release(struct socket *sock)
11870 + struct sock *sk = sock->sk;
11872 + BT_DBG("sock %p sk %p", sock, sk);
11880 + MOD_DEC_USE_COUNT;
11884 +static int hidp_sock_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
11886 + struct hidp_connadd_req ca;
11887 + struct hidp_conndel_req cd;
11888 + struct hidp_connlist_req cl;
11889 + struct hidp_conninfo ci;
11890 + struct socket *csock;
11891 + struct socket *isock;
11894 + BT_DBG("cmd %x arg %lx", cmd, arg);
11897 + case HIDPCONNADD:
11898 + if (!capable(CAP_NET_ADMIN))
11901 + if (copy_from_user(&ca, (void *) arg, sizeof(ca)))
11904 + csock = sockfd_lookup(ca.ctrl_sock, &err);
11908 + isock = sockfd_lookup(ca.intr_sock, &err);
11910 + fput(csock->file);
11914 + if (csock->sk->state != BT_CONNECTED || isock->sk->state != BT_CONNECTED) {
11915 + fput(csock->file);
11916 + fput(isock->file);
11920 + err = hidp_add_connection(&ca, csock, isock);
11922 + if (copy_to_user((void *) arg, &ca, sizeof(ca)))
11925 + fput(csock->file);
11926 + fput(isock->file);
11931 + case HIDPCONNDEL:
11932 + if (!capable(CAP_NET_ADMIN))
11935 + if (copy_from_user(&cd, (void *) arg, sizeof(cd)))
11938 + return hidp_del_connection(&cd);
11940 + case HIDPGETCONNLIST:
11941 + if (copy_from_user(&cl, (void *) arg, sizeof(cl)))
11944 + if (cl.cnum <= 0)
11947 + err = hidp_get_connlist(&cl);
11948 + if (!err && copy_to_user((void *) arg, &cl, sizeof(cl)))
11953 + case HIDPGETCONNINFO:
11954 + if (copy_from_user(&ci, (void *) arg, sizeof(ci)))
11957 + err = hidp_get_conninfo(&ci);
11958 + if (!err && copy_to_user((void *) arg, &ci, sizeof(ci)))
11967 +static struct proto_ops hidp_sock_ops = {
11968 + family: PF_BLUETOOTH,
11969 + release: hidp_sock_release,
11970 + ioctl: hidp_sock_ioctl,
11971 + bind: sock_no_bind,
11972 + getname: sock_no_getname,
11973 + sendmsg: sock_no_sendmsg,
11974 + recvmsg: sock_no_recvmsg,
11975 + poll: sock_no_poll,
11976 + listen: sock_no_listen,
11977 + shutdown: sock_no_shutdown,
11978 + setsockopt: sock_no_setsockopt,
11979 + getsockopt: sock_no_getsockopt,
11980 + connect: sock_no_connect,
11981 + socketpair: sock_no_socketpair,
11982 + accept: sock_no_accept,
11983 + mmap: sock_no_mmap
11986 +static int hidp_sock_create(struct socket *sock, int protocol)
11990 + BT_DBG("sock %p", sock);
11992 + if (sock->type != SOCK_RAW)
11993 + return -ESOCKTNOSUPPORT;
11995 + sock->ops = &hidp_sock_ops;
11997 + if (!(sk = sk_alloc(PF_BLUETOOTH, GFP_KERNEL, 1)))
12000 + MOD_INC_USE_COUNT;
12002 + sock->state = SS_UNCONNECTED;
12003 + sock_init_data(sock, sk);
12005 + sk->destruct = NULL;
12006 + sk->protocol = protocol;
12011 +static struct net_proto_family hidp_sock_family_ops = {
12012 + family: PF_BLUETOOTH,
12013 + create: hidp_sock_create
12016 +int __init hidp_init_sockets(void)
12020 + if ((err = bluez_sock_register(BTPROTO_HIDP, &hidp_sock_family_ops)))
12021 + BT_ERR("Can't register HIDP socket layer (%d)", err);
12026 +void __exit hidp_cleanup_sockets(void)
12030 + if ((err = bluez_sock_unregister(BTPROTO_HIDP)))
12031 + BT_ERR("Can't unregister HIDP socket layer (%d)", err);
12033 diff -Nur c3000_pre/linux/net/bluetooth/l2cap.c c3000_work/linux/net/bluetooth/l2cap.c
12034 --- c3000_pre/linux/net/bluetooth/l2cap.c 2004-08-21 09:49:19.000000000 +0900
12035 +++ c3000_work/linux/net/bluetooth/l2cap.c 2004-12-16 23:01:14.000000000 +0900
12038 * $Id: l2cap.c,v 1.15 2002/09/09 01:14:52 maxk Exp $
12040 -#define VERSION "2.1"
12041 +#define VERSION "2.3"
12043 #include <linux/config.h>
12044 #include <linux/module.h>
12045 @@ -178,69 +178,12 @@
12049 -int l2cap_connect(struct sock *sk)
12051 - bdaddr_t *src = &bluez_pi(sk)->src;
12052 - bdaddr_t *dst = &bluez_pi(sk)->dst;
12053 - struct l2cap_conn *conn;
12054 - struct hci_conn *hcon;
12055 - struct hci_dev *hdev;
12058 - BT_DBG("%s -> %s psm 0x%2.2x", batostr(src), batostr(dst), l2cap_pi(sk)->psm);
12060 - if (!(hdev = hci_get_route(dst, src)))
12061 - return -EHOSTUNREACH;
12063 - hci_dev_lock_bh(hdev);
12067 - hcon = hci_connect(hdev, ACL_LINK, dst);
12071 - conn = l2cap_conn_add(hcon, 0);
12073 - hci_conn_put(hcon);
12079 - /* Update source addr of the socket */
12080 - bacpy(src, conn->src);
12082 - l2cap_chan_add(conn, sk, NULL);
12084 - sk->state = BT_CONNECT;
12085 - l2cap_sock_set_timer(sk, sk->sndtimeo);
12087 - if (hcon->state == BT_CONNECTED) {
12088 - if (sk->type == SOCK_SEQPACKET) {
12089 - l2cap_conn_req req;
12090 - req.scid = __cpu_to_le16(l2cap_pi(sk)->scid);
12091 - req.psm = l2cap_pi(sk)->psm;
12092 - l2cap_send_req(conn, L2CAP_CONN_REQ, L2CAP_CONN_REQ_SIZE, &req);
12094 - l2cap_sock_clear_timer(sk);
12095 - sk->state = BT_CONNECTED;
12100 - hci_dev_unlock_bh(hdev);
12101 - hci_dev_put(hdev);
12105 /* -------- Socket interface ---------- */
12106 static struct sock *__l2cap_get_sock_by_addr(__u16 psm, bdaddr_t *src)
12109 for (sk = l2cap_sk_list.head; sk; sk = sk->next) {
12110 - if (l2cap_pi(sk)->psm == psm &&
12111 - !bacmp(&bluez_pi(sk)->src, src))
12112 + if (sk->sport == psm && !bacmp(&bluez_pi(sk)->src, src))
12116 @@ -341,7 +284,7 @@
12117 l2cap_disconn_req req;
12119 sk->state = BT_DISCONN;
12120 - l2cap_sock_set_timer(sk, HZ * 5);
12121 + l2cap_sock_set_timer(sk, sk->sndtimeo);
12123 req.dcid = __cpu_to_le16(l2cap_pi(sk)->dcid);
12124 req.scid = __cpu_to_le16(l2cap_pi(sk)->scid);
12125 @@ -366,11 +309,9 @@
12126 static void l2cap_sock_close(struct sock *sk)
12128 l2cap_sock_clear_timer(sk);
12131 __l2cap_sock_close(sk, ECONNRESET);
12134 l2cap_sock_kill(sk);
12137 @@ -432,6 +373,9 @@
12138 if (sock->type != SOCK_SEQPACKET && sock->type != SOCK_DGRAM && sock->type != SOCK_RAW)
12139 return -ESOCKTNOSUPPORT;
12141 + if (sock->type == SOCK_RAW && !capable(CAP_NET_RAW))
12144 sock->ops = &l2cap_sock_ops;
12146 if (!(sk = l2cap_sock_alloc(sock, protocol, GFP_KERNEL)))
12147 @@ -466,9 +410,9 @@
12148 /* Save source address */
12149 bacpy(&bluez_pi(sk)->src, &la->l2_bdaddr);
12150 l2cap_pi(sk)->psm = la->l2_psm;
12151 + sk->sport = la->l2_psm;
12152 sk->state = BT_BOUND;
12155 write_unlock_bh(&l2cap_sk_list.lock);
12158 @@ -476,6 +420,62 @@
12162 +static int l2cap_do_connect(struct sock *sk)
12164 + bdaddr_t *src = &bluez_pi(sk)->src;
12165 + bdaddr_t *dst = &bluez_pi(sk)->dst;
12166 + struct l2cap_conn *conn;
12167 + struct hci_conn *hcon;
12168 + struct hci_dev *hdev;
12171 + BT_DBG("%s -> %s psm 0x%2.2x", batostr(src), batostr(dst), l2cap_pi(sk)->psm);
12173 + if (!(hdev = hci_get_route(dst, src)))
12174 + return -EHOSTUNREACH;
12176 + hci_dev_lock_bh(hdev);
12180 + hcon = hci_connect(hdev, ACL_LINK, dst);
12184 + conn = l2cap_conn_add(hcon, 0);
12186 + hci_conn_put(hcon);
12192 + /* Update source addr of the socket */
12193 + bacpy(src, conn->src);
12195 + l2cap_chan_add(conn, sk, NULL);
12197 + sk->state = BT_CONNECT;
12198 + l2cap_sock_set_timer(sk, sk->sndtimeo);
12200 + if (hcon->state == BT_CONNECTED) {
12201 + if (sk->type == SOCK_SEQPACKET) {
12202 + l2cap_conn_req req;
12203 + req.scid = __cpu_to_le16(l2cap_pi(sk)->scid);
12204 + req.psm = l2cap_pi(sk)->psm;
12205 + l2cap_send_req(conn, L2CAP_CONN_REQ, L2CAP_CONN_REQ_SIZE, &req);
12207 + l2cap_sock_clear_timer(sk);
12208 + sk->state = BT_CONNECTED;
12213 + hci_dev_unlock_bh(hdev);
12214 + hci_dev_put(hdev);
12218 static int l2cap_sock_connect(struct socket *sock, struct sockaddr *addr, int alen, int flags)
12220 struct sockaddr_l2 *la = (struct sockaddr_l2 *) addr;
12221 @@ -521,11 +521,12 @@
12222 bacpy(&bluez_pi(sk)->dst, &la->l2_bdaddr);
12223 l2cap_pi(sk)->psm = la->l2_psm;
12225 - if ((err = l2cap_connect(sk)))
12226 + if ((err = l2cap_do_connect(sk)))
12230 - err = bluez_sock_w4_connect(sk, flags);
12231 + err = bluez_sock_wait_state(sk, BT_CONNECTED,
12232 + sock_sndtimeo(sk, flags & O_NONBLOCK));
12236 @@ -758,32 +759,39 @@
12237 static int l2cap_sock_shutdown(struct socket *sock, int how)
12239 struct sock *sk = sock->sk;
12242 BT_DBG("sock %p, sk %p", sock, sk);
12246 - l2cap_sock_clear_timer(sk);
12249 - sk->shutdown = SHUTDOWN_MASK;
12250 - __l2cap_sock_close(sk, ECONNRESET);
12251 - release_sock(sk);
12252 + if (!sk->shutdown) {
12253 + sk->shutdown = SHUTDOWN_MASK;
12254 + l2cap_sock_clear_timer(sk);
12255 + __l2cap_sock_close(sk, 0);
12259 + err = bluez_sock_wait_state(sk, BT_CLOSED, sk->lingertime);
12261 + release_sock(sk);
12265 static int l2cap_sock_release(struct socket *sock)
12267 struct sock *sk = sock->sk;
12270 BT_DBG("sock %p, sk %p", sock, sk);
12274 + err = l2cap_sock_shutdown(sock, 2);
12277 - l2cap_sock_close(sk);
12279 + l2cap_sock_kill(sk);
12283 /* --------- L2CAP channels --------- */
12284 @@ -915,10 +923,12 @@
12285 hci_conn_put(conn->hcon);
12288 - sk->state = BT_CLOSED;
12290 + sk->state = BT_CLOSED;
12297 parent->data_ready(parent, 0);
12299 @@ -954,6 +964,22 @@
12300 read_unlock(&l->lock);
12303 +/* Notify sockets that we cannot guaranty reliability anymore */
12304 +static void l2cap_conn_unreliable(struct l2cap_conn *conn, int err)
12306 + struct l2cap_chan_list *l = &conn->chan_list;
12309 + BT_DBG("conn %p", conn);
12311 + read_lock(&l->lock);
12312 + for (sk = l->head; sk; sk = l2cap_pi(sk)->next_c) {
12313 + if (l2cap_pi(sk)->link_mode & L2CAP_LM_RELIABLE)
12316 + read_unlock(&l->lock);
12319 static void l2cap_chan_ready(struct sock *sk)
12321 struct sock *parent = bluez_pi(sk)->parent;
12322 @@ -1318,15 +1344,18 @@
12324 l2cap_conf_rsp *rsp = (l2cap_conf_rsp *) data;
12325 void *ptr = rsp->data;
12328 BT_DBG("sk %p complete %d", sk, result ? 1 : 0);
12331 *result = l2cap_conf_output(sk, &ptr);
12335 rsp->scid = __cpu_to_le16(l2cap_pi(sk)->dcid);
12336 rsp->result = __cpu_to_le16(result ? *result : 0);
12337 - rsp->flags = __cpu_to_le16(0);
12338 + rsp->flags = __cpu_to_le16(flags);
12342 @@ -1439,7 +1468,7 @@
12343 case L2CAP_CR_SUCCESS:
12344 sk->state = BT_CONFIG;
12345 l2cap_pi(sk)->dcid = dcid;
12346 - l2cap_pi(sk)->conf_state |= CONF_REQ_SENT;
12347 + l2cap_pi(sk)->conf_state |= L2CAP_CONF_REQ_SENT;
12349 l2cap_send_req(conn, L2CAP_CONF_REQ, l2cap_build_conf_req(sk, req), req);
12351 @@ -1474,7 +1503,7 @@
12353 l2cap_parse_conf_req(sk, req->data, cmd->len - L2CAP_CONF_REQ_SIZE);
12355 - if (flags & 0x01) {
12356 + if (flags & 0x0001) {
12357 /* Incomplete config. Send empty response. */
12358 l2cap_send_rsp(conn, cmd->ident, L2CAP_CONF_RSP, l2cap_build_conf_rsp(sk, rsp, NULL), rsp);
12360 @@ -1487,12 +1516,12 @@
12363 /* Output config done */
12364 - l2cap_pi(sk)->conf_state |= CONF_OUTPUT_DONE;
12365 + l2cap_pi(sk)->conf_state |= L2CAP_CONF_OUTPUT_DONE;
12367 - if (l2cap_pi(sk)->conf_state & CONF_INPUT_DONE) {
12368 + if (l2cap_pi(sk)->conf_state & L2CAP_CONF_INPUT_DONE) {
12369 sk->state = BT_CONNECTED;
12370 l2cap_chan_ready(sk);
12371 - } else if (!(l2cap_pi(sk)->conf_state & CONF_REQ_SENT)) {
12372 + } else if (!(l2cap_pi(sk)->conf_state & L2CAP_CONF_REQ_SENT)) {
12374 l2cap_send_req(conn, L2CAP_CONF_REQ, l2cap_build_conf_req(sk, req), req);
12376 @@ -1518,18 +1547,34 @@
12377 if (!(sk = l2cap_get_chan_by_scid(&conn->chan_list, scid)))
12381 - l2cap_disconn_req req;
12382 + switch (result) {
12383 + case L2CAP_CONF_SUCCESS:
12386 - /* They didn't like our options. Well... we do not negotiate.
12389 + case L2CAP_CONF_UNACCEPT:
12390 + if (++l2cap_pi(sk)->conf_retry < L2CAP_CONF_MAX_RETRIES) {
12393 + It does not make sense to adjust L2CAP parameters
12394 + that are currently defined in the spec. We simply
12395 + resend config request that we sent earlier. It is
12396 + stupid :) but it helps qualification testing
12397 + which expects at least some response from us.
12399 + l2cap_send_req(conn, L2CAP_CONF_REQ,
12400 + l2cap_build_conf_req(sk, req), req);
12404 sk->state = BT_DISCONN;
12405 + sk->err = ECONNRESET;
12406 l2cap_sock_set_timer(sk, HZ * 5);
12408 - req.dcid = __cpu_to_le16(l2cap_pi(sk)->dcid);
12409 - req.scid = __cpu_to_le16(l2cap_pi(sk)->scid);
12410 - l2cap_send_req(conn, L2CAP_DISCONN_REQ, L2CAP_DISCONN_REQ_SIZE, &req);
12412 + l2cap_disconn_req req;
12413 + req.dcid = __cpu_to_le16(l2cap_pi(sk)->dcid);
12414 + req.scid = __cpu_to_le16(l2cap_pi(sk)->scid);
12415 + l2cap_send_req(conn, L2CAP_DISCONN_REQ, L2CAP_DISCONN_REQ_SIZE, &req);
12420 @@ -1537,9 +1582,9 @@
12423 /* Input config done */
12424 - l2cap_pi(sk)->conf_state |= CONF_INPUT_DONE;
12425 + l2cap_pi(sk)->conf_state |= L2CAP_CONF_INPUT_DONE;
12427 - if (l2cap_pi(sk)->conf_state & CONF_OUTPUT_DONE) {
12428 + if (l2cap_pi(sk)->conf_state & L2CAP_CONF_OUTPUT_DONE) {
12429 sk->state = BT_CONNECTED;
12430 l2cap_chan_ready(sk);
12432 @@ -1590,13 +1635,42 @@
12434 if (!(sk = l2cap_get_chan_by_scid(&conn->chan_list, scid)))
12436 - l2cap_chan_del(sk, ECONNABORTED);
12437 + l2cap_chan_del(sk, 0);
12438 bh_unlock_sock(sk);
12440 l2cap_sock_kill(sk);
12444 +static inline int l2cap_information_req(struct l2cap_conn *conn, l2cap_cmd_hdr *cmd, u8 *data)
12446 + l2cap_info_req *req = (l2cap_info_req *) data;
12447 + l2cap_info_rsp rsp;
12450 + type = __le16_to_cpu(req->type);
12452 + BT_DBG("type 0x%4.4x", type);
12454 + rsp.type = __cpu_to_le16(type);
12455 + rsp.result = __cpu_to_le16(L2CAP_IR_NOTSUPP);
12456 + l2cap_send_rsp(conn, cmd->ident, L2CAP_INFO_RSP, sizeof(rsp), &rsp);
12460 +static inline int l2cap_information_rsp(struct l2cap_conn *conn, l2cap_cmd_hdr *cmd, u8 *data)
12462 + l2cap_info_rsp *rsp = (l2cap_info_rsp *) data;
12463 + u16 type, result;
12465 + type = __le16_to_cpu(rsp->type);
12466 + result = __le16_to_cpu(rsp->result);
12468 + BT_DBG("type 0x%4.4x result 0x%2.2x", type, result);
12473 static inline void l2cap_sig_channel(struct l2cap_conn *conn, struct sk_buff *skb)
12475 __u8 *data = skb->data;
12476 @@ -1604,6 +1678,8 @@
12480 + l2cap_raw_recv(conn, skb);
12482 while (len >= L2CAP_CMD_HDR_SIZE) {
12483 memcpy(&cmd, data, L2CAP_CMD_HDR_SIZE);
12484 data += L2CAP_CMD_HDR_SIZE;
12485 @@ -1619,6 +1695,10 @@
12488 switch (cmd.code) {
12489 + case L2CAP_COMMAND_REJ:
12490 + /* FIXME: We should process this */
12493 case L2CAP_CONN_REQ:
12494 err = l2cap_connect_req(conn, &cmd, data);
12496 @@ -1643,23 +1723,23 @@
12497 err = l2cap_disconnect_rsp(conn, &cmd, data);
12500 - case L2CAP_COMMAND_REJ:
12501 - /* FIXME: We should process this */
12502 - l2cap_raw_recv(conn, skb);
12505 case L2CAP_ECHO_REQ:
12506 l2cap_send_rsp(conn, cmd.ident, L2CAP_ECHO_RSP, cmd.len, data);
12509 case L2CAP_ECHO_RSP:
12512 case L2CAP_INFO_REQ:
12513 + err = l2cap_information_req(conn, &cmd, data);
12516 case L2CAP_INFO_RSP:
12517 - l2cap_raw_recv(conn, skb);
12518 + err = l2cap_information_rsp(conn, &cmd, data);
12522 - BT_ERR("Uknown signaling command 0x%2.2x", cmd.code);
12523 + BT_ERR("Unknown signaling command 0x%2.2x", cmd.code);
12527 @@ -1668,7 +1748,7 @@
12529 BT_DBG("error %d", err);
12531 - /* FIXME: Map err to a valid reason. */
12532 + /* FIXME: Map err to a valid reason */
12533 rej.reason = __cpu_to_le16(0);
12534 l2cap_send_rsp(conn, cmd.ident, L2CAP_COMMAND_REJ, L2CAP_CMD_REJ_SIZE, &rej);
12536 @@ -1787,7 +1867,7 @@
12537 if (sk->state != BT_LISTEN)
12540 - if (!bacmp(&bluez_pi(sk)->src, bdaddr)) {
12541 + if (!bacmp(&bluez_pi(sk)->src, &hdev->bdaddr)) {
12542 lm1 |= (HCI_LM_ACCEPT | l2cap_pi(sk)->link_mode);
12544 } else if (!bacmp(&bluez_pi(sk)->src, BDADDR_ANY))
12545 @@ -1941,26 +2021,36 @@
12546 kfree_skb(conn->rx_skb);
12547 conn->rx_skb = NULL;
12549 + l2cap_conn_unreliable(conn, ECOMM);
12552 if (skb->len < 2) {
12553 - BT_ERR("Frame is too small (len %d)", skb->len);
12554 + BT_ERR("Frame is too short (len %d)", skb->len);
12555 + l2cap_conn_unreliable(conn, ECOMM);
12559 hdr = (l2cap_hdr *) skb->data;
12560 len = __le16_to_cpu(hdr->len) + L2CAP_HDR_SIZE;
12562 - BT_DBG("Start: total len %d, frag len %d", len, skb->len);
12564 if (len == skb->len) {
12565 /* Complete frame received */
12566 l2cap_recv_frame(conn, skb);
12570 - /* Allocate skb for the complete frame (with header) */
12571 - if (!(conn->rx_skb = bluez_skb_alloc(len, GFP_ATOMIC)))
12572 + BT_DBG("Start: total len %d, frag len %d", len, skb->len);
12574 + if (skb->len > len) {
12575 + BT_ERR("Frame is too long (len %d, expected len %d)",
12577 + l2cap_conn_unreliable(conn, ECOMM);
12581 + /* Allocate skb for the complete frame including header */
12582 + conn->rx_skb = bluez_skb_alloc(len, GFP_ATOMIC);
12583 + if (!conn->rx_skb)
12586 memcpy(skb_put(conn->rx_skb, skb->len), skb->data, skb->len);
12587 @@ -1970,15 +2060,17 @@
12589 if (!conn->rx_len) {
12590 BT_ERR("Unexpected continuation frame (len %d)", skb->len);
12591 + l2cap_conn_unreliable(conn, ECOMM);
12595 if (skb->len > conn->rx_len) {
12596 - BT_ERR("Fragment is too large (len %d, expect %d)",
12597 + BT_ERR("Fragment is too long (len %d, expected %d)",
12598 skb->len, conn->rx_len);
12599 kfree_skb(conn->rx_skb);
12600 conn->rx_skb = NULL;
12602 + l2cap_conn_unreliable(conn, ECOMM);
12606 @@ -2112,6 +2204,16 @@
12607 BT_ERR("Can't unregister L2CAP protocol");
12610 +void l2cap_load(void)
12612 + /* Dummy function to trigger automatic L2CAP module loading by
12613 + other modules that use L2CAP sockets but do not use any other
12614 + symbols from it. */
12618 +EXPORT_SYMBOL(l2cap_load);
12620 module_init(l2cap_init);
12621 module_exit(l2cap_cleanup);
12623 diff -Nur c3000_pre/linux/net/bluetooth/rfcomm/Config.in c3000_work/linux/net/bluetooth/rfcomm/Config.in
12624 --- c3000_pre/linux/net/bluetooth/rfcomm/Config.in 1970-01-01 09:00:00.000000000 +0900
12625 +++ c3000_work/linux/net/bluetooth/rfcomm/Config.in 2004-12-16 23:01:14.000000000 +0900
12628 +# Bluetooth RFCOMM layer configuration
12631 +dep_tristate 'RFCOMM protocol support' CONFIG_BLUEZ_RFCOMM $CONFIG_BLUEZ_L2CAP
12633 +if [ "$CONFIG_BLUEZ_RFCOMM" != "n" ]; then
12634 + bool ' RFCOMM TTY support' CONFIG_BLUEZ_RFCOMM_TTY
12637 diff -Nur c3000_pre/linux/net/bluetooth/rfcomm/Makefile c3000_work/linux/net/bluetooth/rfcomm/Makefile
12638 --- c3000_pre/linux/net/bluetooth/rfcomm/Makefile 1970-01-01 09:00:00.000000000 +0900
12639 +++ c3000_work/linux/net/bluetooth/rfcomm/Makefile 2004-12-16 23:01:14.000000000 +0900
12642 +# Makefile for the Linux Bluetooth RFCOMM layer
12645 +O_TARGET := rfcomm.o
12647 +obj-y := core.o sock.o crc.o
12648 +obj-$(CONFIG_BLUEZ_RFCOMM_TTY) += tty.o
12649 +obj-m += $(O_TARGET)
12651 +include $(TOPDIR)/Rules.make
12652 diff -Nur c3000_pre/linux/net/bluetooth/rfcomm/core.c c3000_work/linux/net/bluetooth/rfcomm/core.c
12653 --- c3000_pre/linux/net/bluetooth/rfcomm/core.c 1970-01-01 09:00:00.000000000 +0900
12654 +++ c3000_work/linux/net/bluetooth/rfcomm/core.c 2004-12-16 23:01:14.000000000 +0900
12657 + RFCOMM implementation for Linux Bluetooth stack (BlueZ).
12658 + Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com>
12659 + Copyright (C) 2002 Marcel Holtmann <marcel@holtmann.org>
12661 + This program is free software; you can redistribute it and/or modify
12662 + it under the terms of the GNU General Public License version 2 as
12663 + published by the Free Software Foundation;
12665 + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12666 + OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
12667 + FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12668 + IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
12669 + CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
12670 + WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
12671 + ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
12672 + OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
12674 + ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
12675 + COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
12676 + SOFTWARE IS DISCLAIMED.
12680 + RPN support - Dirk Husemann <hud@zurich.ibm.com>
12686 + * $Id: core.c,v 1.46 2002/10/18 20:12:12 maxk Exp $
12689 +#define __KERNEL_SYSCALLS__
12691 +#include <linux/config.h>
12692 +#include <linux/module.h>
12693 +#include <linux/errno.h>
12694 +#include <linux/kernel.h>
12695 +#include <linux/sched.h>
12696 +#include <linux/signal.h>
12697 +#include <linux/init.h>
12698 +#include <linux/wait.h>
12699 +#include <linux/net.h>
12700 +#include <linux/proc_fs.h>
12701 +#include <net/sock.h>
12702 +#include <asm/uaccess.h>
12703 +#include <asm/unaligned.h>
12705 +#include <net/bluetooth/bluetooth.h>
12706 +#include <net/bluetooth/l2cap.h>
12707 +#include <net/bluetooth/rfcomm.h>
12709 +#define VERSION "1.1"
12711 +#ifndef CONFIG_BLUEZ_RFCOMM_DEBUG
12713 +#define BT_DBG(D...)
12716 +struct task_struct *rfcomm_thread;
12717 +DECLARE_MUTEX(rfcomm_sem);
12718 +unsigned long rfcomm_event;
12720 +static LIST_HEAD(session_list);
12721 +static atomic_t terminate, running;
12723 +static int rfcomm_send_frame(struct rfcomm_session *s, u8 *data, int len);
12724 +static int rfcomm_send_sabm(struct rfcomm_session *s, u8 dlci);
12725 +static int rfcomm_send_disc(struct rfcomm_session *s, u8 dlci);
12726 +static int rfcomm_queue_disc(struct rfcomm_dlc *d);
12727 +static int rfcomm_send_nsc(struct rfcomm_session *s, int cr, u8 type);
12728 +static int rfcomm_send_pn(struct rfcomm_session *s, int cr, struct rfcomm_dlc *d);
12729 +static int rfcomm_send_msc(struct rfcomm_session *s, int cr, u8 dlci, u8 v24_sig);
12730 +static int rfcomm_send_test(struct rfcomm_session *s, int cr, u8 *pattern, int len);
12731 +static int rfcomm_send_credits(struct rfcomm_session *s, u8 addr, u8 credits);
12732 +static void rfcomm_make_uih(struct sk_buff *skb, u8 addr);
12734 +static void rfcomm_process_connect(struct rfcomm_session *s);
12736 +/* ---- RFCOMM frame parsing macros ---- */
12737 +#define __get_dlci(b) ((b & 0xfc) >> 2)
12738 +#define __get_channel(b) ((b & 0xf8) >> 3)
12739 +#define __get_dir(b) ((b & 0x04) >> 2)
12740 +#define __get_type(b) ((b & 0xef))
12742 +#define __test_ea(b) ((b & 0x01))
12743 +#define __test_cr(b) ((b & 0x02))
12744 +#define __test_pf(b) ((b & 0x10))
12746 +#define __addr(cr, dlci) (((dlci & 0x3f) << 2) | (cr << 1) | 0x01)
12747 +#define __ctrl(type, pf) (((type & 0xef) | (pf << 4)))
12748 +#define __dlci(dir, chn) (((chn & 0x1f) << 1) | dir)
12749 +#define __srv_channel(dlci) (dlci >> 1)
12750 +#define __dir(dlci) (dlci & 0x01)
12752 +#define __len8(len) (((len) << 1) | 1)
12753 +#define __len16(len) ((len) << 1)
12756 +#define __mcc_type(cr, type) (((type << 2) | (cr << 1) | 0x01))
12757 +#define __get_mcc_type(b) ((b & 0xfc) >> 2)
12758 +#define __get_mcc_len(b) ((b & 0xfe) >> 1)
12761 +#define __rpn_line_settings(data, stop, parity) ((data & 0x3) | ((stop & 0x1) << 2) | ((parity & 0x3) << 3))
12762 +#define __get_rpn_data_bits(line) ((line) & 0x3)
12763 +#define __get_rpn_stop_bits(line) (((line) >> 2) & 0x1)
12764 +#define __get_rpn_parity(line) (((line) >> 3) & 0x3)
12766 +/* ---- RFCOMM FCS computation ---- */
12768 +/* CRC on 2 bytes */
12769 +#define __crc(data) (rfcomm_crc_table[rfcomm_crc_table[0xff ^ data[0]] ^ data[1]])
12771 +/* FCS on 2 bytes */
12772 +static inline u8 __fcs(u8 *data)
12774 + return (0xff - __crc(data));
12777 +/* FCS on 3 bytes */
12778 +static inline u8 __fcs2(u8 *data)
12780 + return (0xff - rfcomm_crc_table[__crc(data) ^ data[2]]);
12784 +static inline int __check_fcs(u8 *data, int type, u8 fcs)
12786 + u8 f = __crc(data);
12788 + if (type != RFCOMM_UIH)
12789 + f = rfcomm_crc_table[f ^ data[2]];
12791 + return rfcomm_crc_table[f ^ fcs] != 0xcf;
12794 +/* ---- L2CAP callbacks ---- */
12795 +static void rfcomm_l2state_change(struct sock *sk)
12797 + BT_DBG("%p state %d", sk, sk->state);
12798 + rfcomm_schedule(RFCOMM_SCHED_STATE);
12801 +static void rfcomm_l2data_ready(struct sock *sk, int bytes)
12803 + BT_DBG("%p bytes %d", sk, bytes);
12804 + rfcomm_schedule(RFCOMM_SCHED_RX);
12807 +static int rfcomm_l2sock_create(struct socket **sock)
12813 + err = sock_create(PF_BLUETOOTH, SOCK_SEQPACKET, BTPROTO_L2CAP, sock);
12815 + struct sock *sk = (*sock)->sk;
12816 + sk->data_ready = rfcomm_l2data_ready;
12817 + sk->state_change = rfcomm_l2state_change;
12822 +/* ---- RFCOMM DLCs ---- */
12823 +static void rfcomm_dlc_timeout(unsigned long arg)
12825 + struct rfcomm_dlc *d = (void *) arg;
12827 + BT_DBG("dlc %p state %ld", d, d->state);
12829 + set_bit(RFCOMM_TIMED_OUT, &d->flags);
12830 + rfcomm_dlc_put(d);
12831 + rfcomm_schedule(RFCOMM_SCHED_TIMEO);
12834 +static void rfcomm_dlc_set_timer(struct rfcomm_dlc *d, long timeout)
12836 + BT_DBG("dlc %p state %ld timeout %ld", d, d->state, timeout);
12838 + if (!mod_timer(&d->timer, jiffies + timeout))
12839 + rfcomm_dlc_hold(d);
12842 +static void rfcomm_dlc_clear_timer(struct rfcomm_dlc *d)
12844 + BT_DBG("dlc %p state %ld", d, d->state);
12846 + if (timer_pending(&d->timer) && del_timer(&d->timer))
12847 + rfcomm_dlc_put(d);
12850 +static void rfcomm_dlc_clear_state(struct rfcomm_dlc *d)
12854 + d->state = BT_OPEN;
12857 + d->mtu = RFCOMM_DEFAULT_MTU;
12858 + d->v24_sig = RFCOMM_V24_RTC | RFCOMM_V24_RTR | RFCOMM_V24_DV;
12860 + d->cfc = RFCOMM_CFC_DISABLED;
12861 + d->rx_credits = RFCOMM_DEFAULT_CREDITS;
12864 +struct rfcomm_dlc *rfcomm_dlc_alloc(int prio)
12866 + struct rfcomm_dlc *d = kmalloc(sizeof(*d), prio);
12869 + memset(d, 0, sizeof(*d));
12871 + init_timer(&d->timer);
12872 + d->timer.function = rfcomm_dlc_timeout;
12873 + d->timer.data = (unsigned long) d;
12875 + skb_queue_head_init(&d->tx_queue);
12876 + spin_lock_init(&d->lock);
12877 + atomic_set(&d->refcnt, 1);
12879 + rfcomm_dlc_clear_state(d);
12885 +void rfcomm_dlc_free(struct rfcomm_dlc *d)
12889 + skb_queue_purge(&d->tx_queue);
12893 +static void rfcomm_dlc_link(struct rfcomm_session *s, struct rfcomm_dlc *d)
12895 + BT_DBG("dlc %p session %p", d, s);
12897 + rfcomm_session_hold(s);
12899 + rfcomm_dlc_hold(d);
12900 + list_add(&d->list, &s->dlcs);
12904 +static void rfcomm_dlc_unlink(struct rfcomm_dlc *d)
12906 + struct rfcomm_session *s = d->session;
12908 + BT_DBG("dlc %p refcnt %d session %p", d, atomic_read(&d->refcnt), s);
12910 + list_del(&d->list);
12911 + d->session = NULL;
12912 + rfcomm_dlc_put(d);
12914 + rfcomm_session_put(s);
12917 +static struct rfcomm_dlc *rfcomm_dlc_get(struct rfcomm_session *s, u8 dlci)
12919 + struct rfcomm_dlc *d;
12920 + struct list_head *p;
12922 + list_for_each(p, &s->dlcs) {
12923 + d = list_entry(p, struct rfcomm_dlc, list);
12924 + if (d->dlci == dlci)
12930 +static int __rfcomm_dlc_open(struct rfcomm_dlc *d, bdaddr_t *src, bdaddr_t *dst, u8 channel)
12932 + struct rfcomm_session *s;
12936 + BT_DBG("dlc %p state %ld %s %s channel %d",
12937 + d, d->state, batostr(src), batostr(dst), channel);
12939 + if (channel < 1 || channel > 30)
12942 + if (d->state != BT_OPEN && d->state != BT_CLOSED)
12945 + s = rfcomm_session_get(src, dst);
12947 + s = rfcomm_session_create(src, dst, &err);
12952 + dlci = __dlci(!s->initiator, channel);
12954 + /* Check if DLCI already exists */
12955 + if (rfcomm_dlc_get(s, dlci))
12958 + rfcomm_dlc_clear_state(d);
12961 + d->addr = __addr(s->initiator, dlci);
12964 + d->state = BT_CONFIG;
12965 + rfcomm_dlc_link(s, d);
12968 + d->cfc = (s->cfc == RFCOMM_CFC_UNKNOWN) ? 0 : s->cfc;
12970 + if (s->state == BT_CONNECTED)
12971 + rfcomm_send_pn(s, 1, d);
12972 + rfcomm_dlc_set_timer(d, RFCOMM_CONN_TIMEOUT);
12976 +int rfcomm_dlc_open(struct rfcomm_dlc *d, bdaddr_t *src, bdaddr_t *dst, u8 channel)
12983 + fs = get_fs(); set_fs(KERNEL_DS);
12984 + r = __rfcomm_dlc_open(d, src, dst, channel);
12991 +static int __rfcomm_dlc_close(struct rfcomm_dlc *d, int err)
12993 + struct rfcomm_session *s = d->session;
12997 + BT_DBG("dlc %p state %ld dlci %d err %d session %p",
12998 + d, d->state, d->dlci, err, s);
13000 + switch (d->state) {
13001 + case BT_CONNECTED:
13004 + d->state = BT_DISCONN;
13005 + if (skb_queue_empty(&d->tx_queue)) {
13006 + rfcomm_send_disc(s, d->dlci);
13007 + rfcomm_dlc_set_timer(d, RFCOMM_DISC_TIMEOUT);
13009 + rfcomm_queue_disc(d);
13010 + rfcomm_dlc_set_timer(d, RFCOMM_DISC_TIMEOUT * 2);
13015 + rfcomm_dlc_clear_timer(d);
13017 + rfcomm_dlc_lock(d);
13018 + d->state = BT_CLOSED;
13019 + d->state_change(d, err);
13020 + rfcomm_dlc_unlock(d);
13022 + skb_queue_purge(&d->tx_queue);
13023 + rfcomm_dlc_unlink(d);
13029 +int rfcomm_dlc_close(struct rfcomm_dlc *d, int err)
13036 + fs = get_fs(); set_fs(KERNEL_DS);
13037 + r = __rfcomm_dlc_close(d, err);
13044 +int rfcomm_dlc_send(struct rfcomm_dlc *d, struct sk_buff *skb)
13046 + int len = skb->len;
13048 + if (d->state != BT_CONNECTED)
13049 + return -ENOTCONN;
13051 + BT_DBG("dlc %p mtu %d len %d", d, d->mtu, len);
13053 + if (len > d->mtu)
13056 + rfcomm_make_uih(skb, d->addr);
13057 + skb_queue_tail(&d->tx_queue, skb);
13059 + if (!test_bit(RFCOMM_TX_THROTTLED, &d->flags))
13060 + rfcomm_schedule(RFCOMM_SCHED_TX);
13064 +void __rfcomm_dlc_throttle(struct rfcomm_dlc *d)
13066 + BT_DBG("dlc %p state %ld", d, d->state);
13069 + d->v24_sig |= RFCOMM_V24_FC;
13070 + set_bit(RFCOMM_MSC_PENDING, &d->flags);
13072 + rfcomm_schedule(RFCOMM_SCHED_TX);
13075 +void __rfcomm_dlc_unthrottle(struct rfcomm_dlc *d)
13077 + BT_DBG("dlc %p state %ld", d, d->state);
13080 + d->v24_sig &= ~RFCOMM_V24_FC;
13081 + set_bit(RFCOMM_MSC_PENDING, &d->flags);
13083 + rfcomm_schedule(RFCOMM_SCHED_TX);
13087 + Set/get modem status functions use _local_ status i.e. what we report
13088 + to the other side.
13089 + Remote status is provided by dlc->modem_status() callback.
13091 +int rfcomm_dlc_set_modem_status(struct rfcomm_dlc *d, u8 v24_sig)
13093 + BT_DBG("dlc %p state %ld v24_sig 0x%x",
13094 + d, d->state, v24_sig);
13096 + if (test_bit(RFCOMM_RX_THROTTLED, &d->flags))
13097 + v24_sig |= RFCOMM_V24_FC;
13099 + v24_sig &= ~RFCOMM_V24_FC;
13101 + d->v24_sig = v24_sig;
13103 + if (!test_and_set_bit(RFCOMM_MSC_PENDING, &d->flags))
13104 + rfcomm_schedule(RFCOMM_SCHED_TX);
13109 +int rfcomm_dlc_get_modem_status(struct rfcomm_dlc *d, u8 *v24_sig)
13111 + BT_DBG("dlc %p state %ld v24_sig 0x%x",
13112 + d, d->state, d->v24_sig);
13114 + *v24_sig = d->v24_sig;
13118 +/* ---- RFCOMM sessions ---- */
13119 +struct rfcomm_session *rfcomm_session_add(struct socket *sock, int state)
13121 + struct rfcomm_session *s = kmalloc(sizeof(*s), GFP_KERNEL);
13124 + memset(s, 0, sizeof(*s));
13126 + BT_DBG("session %p sock %p", s, sock);
13128 + INIT_LIST_HEAD(&s->dlcs);
13129 + s->state = state;
13132 + s->mtu = RFCOMM_DEFAULT_MTU;
13133 + s->cfc = RFCOMM_CFC_UNKNOWN;
13135 + list_add(&s->list, &session_list);
13137 + /* Do not increment module usage count for listeting sessions.
13138 + * Otherwise we won't be able to unload the module. */
13139 + if (state != BT_LISTEN)
13140 + MOD_INC_USE_COUNT;
13144 +void rfcomm_session_del(struct rfcomm_session *s)
13146 + int state = s->state;
13148 + BT_DBG("session %p state %ld", s, s->state);
13150 + list_del(&s->list);
13152 + if (state == BT_CONNECTED)
13153 + rfcomm_send_disc(s, 0);
13155 + sock_release(s->sock);
13158 + if (state != BT_LISTEN)
13159 + MOD_DEC_USE_COUNT;
13162 +struct rfcomm_session *rfcomm_session_get(bdaddr_t *src, bdaddr_t *dst)
13164 + struct rfcomm_session *s;
13165 + struct list_head *p, *n;
13166 + struct bluez_pinfo *pi;
13167 + list_for_each_safe(p, n, &session_list) {
13168 + s = list_entry(p, struct rfcomm_session, list);
13169 + pi = bluez_pi(s->sock->sk);
13171 + if ((!bacmp(src, BDADDR_ANY) || !bacmp(&pi->src, src)) &&
13172 + !bacmp(&pi->dst, dst))
13178 +void rfcomm_session_close(struct rfcomm_session *s, int err)
13180 + struct rfcomm_dlc *d;
13181 + struct list_head *p, *n;
13183 + BT_DBG("session %p state %ld err %d", s, s->state, err);
13185 + rfcomm_session_hold(s);
13187 + s->state = BT_CLOSED;
13189 + /* Close all dlcs */
13190 + list_for_each_safe(p, n, &s->dlcs) {
13191 + d = list_entry(p, struct rfcomm_dlc, list);
13192 + d->state = BT_CLOSED;
13193 + __rfcomm_dlc_close(d, err);
13196 + rfcomm_session_put(s);
13199 +struct rfcomm_session *rfcomm_session_create(bdaddr_t *src, bdaddr_t *dst, int *err)
13201 + struct rfcomm_session *s = NULL;
13202 + struct sockaddr_l2 addr;
13203 + struct l2cap_options opts;
13204 + struct socket *sock;
13207 + BT_DBG("%s %s", batostr(src), batostr(dst));
13209 + *err = rfcomm_l2sock_create(&sock);
13213 + bacpy(&addr.l2_bdaddr, src);
13214 + addr.l2_family = AF_BLUETOOTH;
13216 + *err = sock->ops->bind(sock, (struct sockaddr *) &addr, sizeof(addr));
13220 + /* Set L2CAP options */
13221 + size = sizeof(opts);
13222 + sock->ops->getsockopt(sock, SOL_L2CAP, L2CAP_OPTIONS, (void *)&opts, &size);
13224 + opts.imtu = RFCOMM_MAX_L2CAP_MTU;
13225 + sock->ops->setsockopt(sock, SOL_L2CAP, L2CAP_OPTIONS, (void *)&opts, size);
13227 + s = rfcomm_session_add(sock, BT_BOUND);
13233 + s->initiator = 1;
13235 + bacpy(&addr.l2_bdaddr, dst);
13236 + addr.l2_family = AF_BLUETOOTH;
13237 + addr.l2_psm = htobs(RFCOMM_PSM);
13238 + *err = sock->ops->connect(sock, (struct sockaddr *) &addr, sizeof(addr), O_NONBLOCK);
13239 + if (*err == 0 || *err == -EAGAIN)
13242 + rfcomm_session_del(s);
13246 + sock_release(sock);
13250 +void rfcomm_session_getaddr(struct rfcomm_session *s, bdaddr_t *src, bdaddr_t *dst)
13252 + struct sock *sk = s->sock->sk;
13254 + bacpy(src, &bluez_pi(sk)->src);
13256 + bacpy(dst, &bluez_pi(sk)->dst);
13259 +/* ---- RFCOMM frame sending ---- */
13260 +static int rfcomm_send_frame(struct rfcomm_session *s, u8 *data, int len)
13262 + struct socket *sock = s->sock;
13263 + struct iovec iv = { data, len };
13264 + struct msghdr msg;
13267 + BT_DBG("session %p len %d", s, len);
13269 + memset(&msg, 0, sizeof(msg));
13270 + msg.msg_iovlen = 1;
13271 + msg.msg_iov = &iv;
13273 + err = sock->ops->sendmsg(sock, &msg, len, 0);
13277 +static int rfcomm_send_sabm(struct rfcomm_session *s, u8 dlci)
13279 + struct rfcomm_cmd cmd;
13281 + BT_DBG("%p dlci %d", s, dlci);
13283 + cmd.addr = __addr(s->initiator, dlci);
13284 + cmd.ctrl = __ctrl(RFCOMM_SABM, 1);
13285 + cmd.len = __len8(0);
13286 + cmd.fcs = __fcs2((u8 *) &cmd);
13288 + return rfcomm_send_frame(s, (void *) &cmd, sizeof(cmd));
13291 +static int rfcomm_send_ua(struct rfcomm_session *s, u8 dlci)
13293 + struct rfcomm_cmd cmd;
13295 + BT_DBG("%p dlci %d", s, dlci);
13297 + cmd.addr = __addr(!s->initiator, dlci);
13298 + cmd.ctrl = __ctrl(RFCOMM_UA, 1);
13299 + cmd.len = __len8(0);
13300 + cmd.fcs = __fcs2((u8 *) &cmd);
13302 + return rfcomm_send_frame(s, (void *) &cmd, sizeof(cmd));
13305 +static int rfcomm_send_disc(struct rfcomm_session *s, u8 dlci)
13307 + struct rfcomm_cmd cmd;
13309 + BT_DBG("%p dlci %d", s, dlci);
13311 + cmd.addr = __addr(s->initiator, dlci);
13312 + cmd.ctrl = __ctrl(RFCOMM_DISC, 1);
13313 + cmd.len = __len8(0);
13314 + cmd.fcs = __fcs2((u8 *) &cmd);
13316 + return rfcomm_send_frame(s, (void *) &cmd, sizeof(cmd));
13319 +static int rfcomm_queue_disc(struct rfcomm_dlc *d)
13321 + struct rfcomm_cmd *cmd;
13322 + struct sk_buff *skb;
13324 + BT_DBG("dlc %p dlci %d", d, d->dlci);
13326 + skb = alloc_skb(sizeof(*cmd), GFP_KERNEL);
13330 + cmd = (void *) __skb_put(skb, sizeof(*cmd));
13331 + cmd->addr = d->addr;
13332 + cmd->ctrl = __ctrl(RFCOMM_DISC, 1);
13333 + cmd->len = __len8(0);
13334 + cmd->fcs = __fcs2((u8 *) cmd);
13336 + skb_queue_tail(&d->tx_queue, skb);
13337 + rfcomm_schedule(RFCOMM_SCHED_TX);
13341 +static int rfcomm_send_dm(struct rfcomm_session *s, u8 dlci)
13343 + struct rfcomm_cmd cmd;
13345 + BT_DBG("%p dlci %d", s, dlci);
13347 + cmd.addr = __addr(!s->initiator, dlci);
13348 + cmd.ctrl = __ctrl(RFCOMM_DM, 1);
13349 + cmd.len = __len8(0);
13350 + cmd.fcs = __fcs2((u8 *) &cmd);
13352 + return rfcomm_send_frame(s, (void *) &cmd, sizeof(cmd));
13355 +static int rfcomm_send_nsc(struct rfcomm_session *s, int cr, u8 type)
13357 + struct rfcomm_hdr *hdr;
13358 + struct rfcomm_mcc *mcc;
13359 + u8 buf[16], *ptr = buf;
13361 + BT_DBG("%p cr %d type %d", s, cr, type);
13363 + hdr = (void *) ptr; ptr += sizeof(*hdr);
13364 + hdr->addr = __addr(s->initiator, 0);
13365 + hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
13366 + hdr->len = __len8(sizeof(*mcc) + 1);
13368 + mcc = (void *) ptr; ptr += sizeof(*mcc);
13369 + mcc->type = __mcc_type(cr, RFCOMM_NSC);
13370 + mcc->len = __len8(1);
13372 + /* Type that we didn't like */
13373 + *ptr = __mcc_type(cr, type); ptr++;
13375 + *ptr = __fcs(buf); ptr++;
13377 + return rfcomm_send_frame(s, buf, ptr - buf);
13380 +static int rfcomm_send_pn(struct rfcomm_session *s, int cr, struct rfcomm_dlc *d)
13382 + struct rfcomm_hdr *hdr;
13383 + struct rfcomm_mcc *mcc;
13384 + struct rfcomm_pn *pn;
13385 + u8 buf[16], *ptr = buf;
13387 + BT_DBG("%p cr %d dlci %d mtu %d", s, cr, d->dlci, d->mtu);
13389 + hdr = (void *) ptr; ptr += sizeof(*hdr);
13390 + hdr->addr = __addr(s->initiator, 0);
13391 + hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
13392 + hdr->len = __len8(sizeof(*mcc) + sizeof(*pn));
13394 + mcc = (void *) ptr; ptr += sizeof(*mcc);
13395 + mcc->type = __mcc_type(cr, RFCOMM_PN);
13396 + mcc->len = __len8(sizeof(*pn));
13398 + pn = (void *) ptr; ptr += sizeof(*pn);
13399 + pn->dlci = d->dlci;
13400 + pn->priority = d->priority;
13401 + pn->ack_timer = 0;
13402 + pn->max_retrans = 0;
13405 + pn->flow_ctrl = cr ? 0xf0 : 0xe0;
13406 + pn->credits = RFCOMM_DEFAULT_CREDITS;
13408 + pn->flow_ctrl = 0;
13412 + pn->mtu = htobs(d->mtu);
13414 + *ptr = __fcs(buf); ptr++;
13416 + return rfcomm_send_frame(s, buf, ptr - buf);
13419 +static int rfcomm_send_rpn(struct rfcomm_session *s, int cr, u8 dlci,
13420 + u8 bit_rate, u8 data_bits, u8 stop_bits,
13421 + u8 parity, u8 flow_ctrl_settings,
13422 + u8 xon_char, u8 xoff_char, u16 param_mask)
13424 + struct rfcomm_hdr *hdr;
13425 + struct rfcomm_mcc *mcc;
13426 + struct rfcomm_rpn *rpn;
13427 + u8 buf[16], *ptr = buf;
13429 + BT_DBG("%p cr %d dlci %d bit_r 0x%x data_b 0x%x stop_b 0x%x parity 0x%x"
13430 + "flwc_s 0x%x xon_c 0x%x xoff_c 0x%x p_mask 0x%x",
13431 + s, cr, dlci, bit_rate, data_bits, stop_bits, parity,
13432 + flow_ctrl_settings, xon_char, xoff_char, param_mask);
13434 + hdr = (void *) ptr; ptr += sizeof(*hdr);
13435 + hdr->addr = __addr(s->initiator, 0);
13436 + hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
13437 + hdr->len = __len8(sizeof(*mcc) + sizeof(*rpn));
13439 + mcc = (void *) ptr; ptr += sizeof(*mcc);
13440 + mcc->type = __mcc_type(cr, RFCOMM_RPN);
13441 + mcc->len = __len8(sizeof(*rpn));
13443 + rpn = (void *) ptr; ptr += sizeof(*rpn);
13444 + rpn->dlci = __addr(1, dlci);
13445 + rpn->bit_rate = bit_rate;
13446 + rpn->line_settings = __rpn_line_settings(data_bits, stop_bits, parity);
13447 + rpn->flow_ctrl = flow_ctrl_settings;
13448 + rpn->xon_char = xon_char;
13449 + rpn->xoff_char = xoff_char;
13450 + rpn->param_mask = param_mask;
13452 + *ptr = __fcs(buf); ptr++;
13454 + return rfcomm_send_frame(s, buf, ptr - buf);
13457 +static int rfcomm_send_rls(struct rfcomm_session *s, int cr, u8 dlci, u8 status)
13459 + struct rfcomm_hdr *hdr;
13460 + struct rfcomm_mcc *mcc;
13461 + struct rfcomm_rls *rls;
13462 + u8 buf[16], *ptr = buf;
13464 + BT_DBG("%p cr %d status 0x%x", s, cr, status);
13466 + hdr = (void *) ptr; ptr += sizeof(*hdr);
13467 + hdr->addr = __addr(s->initiator, 0);
13468 + hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
13469 + hdr->len = __len8(sizeof(*mcc) + sizeof(*rls));
13471 + mcc = (void *) ptr; ptr += sizeof(*mcc);
13472 + mcc->type = __mcc_type(cr, RFCOMM_RLS);
13473 + mcc->len = __len8(sizeof(*rls));
13475 + rls = (void *) ptr; ptr += sizeof(*rls);
13476 + rls->dlci = __addr(1, dlci);
13477 + rls->status = status;
13479 + *ptr = __fcs(buf); ptr++;
13481 + return rfcomm_send_frame(s, buf, ptr - buf);
13484 +static int rfcomm_send_msc(struct rfcomm_session *s, int cr, u8 dlci, u8 v24_sig)
13486 + struct rfcomm_hdr *hdr;
13487 + struct rfcomm_mcc *mcc;
13488 + struct rfcomm_msc *msc;
13489 + u8 buf[16], *ptr = buf;
13491 + BT_DBG("%p cr %d v24 0x%x", s, cr, v24_sig);
13493 + hdr = (void *) ptr; ptr += sizeof(*hdr);
13494 + hdr->addr = __addr(s->initiator, 0);
13495 + hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
13496 + hdr->len = __len8(sizeof(*mcc) + sizeof(*msc));
13498 + mcc = (void *) ptr; ptr += sizeof(*mcc);
13499 + mcc->type = __mcc_type(cr, RFCOMM_MSC);
13500 + mcc->len = __len8(sizeof(*msc));
13502 + msc = (void *) ptr; ptr += sizeof(*msc);
13503 + msc->dlci = __addr(1, dlci);
13504 + msc->v24_sig = v24_sig | 0x01;
13506 + *ptr = __fcs(buf); ptr++;
13508 + return rfcomm_send_frame(s, buf, ptr - buf);
13511 +static int rfcomm_send_fcoff(struct rfcomm_session *s, int cr)
13513 + struct rfcomm_hdr *hdr;
13514 + struct rfcomm_mcc *mcc;
13515 + u8 buf[16], *ptr = buf;
13517 + BT_DBG("%p cr %d", s, cr);
13519 + hdr = (void *) ptr; ptr += sizeof(*hdr);
13520 + hdr->addr = __addr(s->initiator, 0);
13521 + hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
13522 + hdr->len = __len8(sizeof(*mcc));
13524 + mcc = (void *) ptr; ptr += sizeof(*mcc);
13525 + mcc->type = __mcc_type(cr, RFCOMM_FCOFF);
13526 + mcc->len = __len8(0);
13528 + *ptr = __fcs(buf); ptr++;
13530 + return rfcomm_send_frame(s, buf, ptr - buf);
13533 +static int rfcomm_send_fcon(struct rfcomm_session *s, int cr)
13535 + struct rfcomm_hdr *hdr;
13536 + struct rfcomm_mcc *mcc;
13537 + u8 buf[16], *ptr = buf;
13539 + BT_DBG("%p cr %d", s, cr);
13541 + hdr = (void *) ptr; ptr += sizeof(*hdr);
13542 + hdr->addr = __addr(s->initiator, 0);
13543 + hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
13544 + hdr->len = __len8(sizeof(*mcc));
13546 + mcc = (void *) ptr; ptr += sizeof(*mcc);
13547 + mcc->type = __mcc_type(cr, RFCOMM_FCON);
13548 + mcc->len = __len8(0);
13550 + *ptr = __fcs(buf); ptr++;
13552 + return rfcomm_send_frame(s, buf, ptr - buf);
13555 +static int rfcomm_send_test(struct rfcomm_session *s, int cr, u8 *pattern, int len)
13557 + struct socket *sock = s->sock;
13558 + struct iovec iv[3];
13559 + struct msghdr msg;
13560 + unsigned char hdr[5], crc[1];
13565 + BT_DBG("%p cr %d", s, cr);
13567 + hdr[0] = __addr(s->initiator, 0);
13568 + hdr[1] = __ctrl(RFCOMM_UIH, 0);
13569 + hdr[2] = 0x01 | ((len + 2) << 1);
13570 + hdr[3] = 0x01 | ((cr & 0x01) << 1) | (RFCOMM_TEST << 2);
13571 + hdr[4] = 0x01 | (len << 1);
13573 + crc[0] = __fcs(hdr);
13575 + iv[0].iov_base = hdr;
13576 + iv[0].iov_len = 5;
13577 + iv[1].iov_base = pattern;
13578 + iv[1].iov_len = len;
13579 + iv[2].iov_base = crc;
13580 + iv[2].iov_len = 1;
13582 + memset(&msg, 0, sizeof(msg));
13583 + msg.msg_iovlen = 3;
13584 + msg.msg_iov = iv;
13585 + return sock->ops->sendmsg(sock, &msg, 6 + len, 0);
13588 +static int rfcomm_send_credits(struct rfcomm_session *s, u8 addr, u8 credits)
13590 + struct rfcomm_hdr *hdr;
13591 + u8 buf[16], *ptr = buf;
13593 + BT_DBG("%p addr %d credits %d", s, addr, credits);
13595 + hdr = (void *) ptr; ptr += sizeof(*hdr);
13596 + hdr->addr = addr;
13597 + hdr->ctrl = __ctrl(RFCOMM_UIH, 1);
13598 + hdr->len = __len8(0);
13600 + *ptr = credits; ptr++;
13602 + *ptr = __fcs(buf); ptr++;
13604 + return rfcomm_send_frame(s, buf, ptr - buf);
13607 +static void rfcomm_make_uih(struct sk_buff *skb, u8 addr)
13609 + struct rfcomm_hdr *hdr;
13610 + int len = skb->len;
13614 + hdr = (void *) skb_push(skb, 4);
13615 + put_unaligned(htobs(__len16(len)), (u16 *) &hdr->len);
13617 + hdr = (void *) skb_push(skb, 3);
13618 + hdr->len = __len8(len);
13620 + hdr->addr = addr;
13621 + hdr->ctrl = __ctrl(RFCOMM_UIH, 0);
13623 + crc = skb_put(skb, 1);
13624 + *crc = __fcs((void *) hdr);
13627 +/* ---- RFCOMM frame reception ---- */
13628 +static int rfcomm_recv_ua(struct rfcomm_session *s, u8 dlci)
13630 + BT_DBG("session %p state %ld dlci %d", s, s->state, dlci);
13633 + /* Data channel */
13634 + struct rfcomm_dlc *d = rfcomm_dlc_get(s, dlci);
13636 + rfcomm_send_dm(s, dlci);
13640 + switch (d->state) {
13642 + rfcomm_dlc_clear_timer(d);
13644 + rfcomm_dlc_lock(d);
13645 + d->state = BT_CONNECTED;
13646 + d->state_change(d, 0);
13647 + rfcomm_dlc_unlock(d);
13649 + rfcomm_send_msc(s, 1, dlci, d->v24_sig);
13653 + d->state = BT_CLOSED;
13654 + __rfcomm_dlc_close(d, 0);
13658 + /* Control channel */
13659 + switch (s->state) {
13661 + s->state = BT_CONNECTED;
13662 + rfcomm_process_connect(s);
13669 +static int rfcomm_recv_dm(struct rfcomm_session *s, u8 dlci)
13673 + BT_DBG("session %p state %ld dlci %d", s, s->state, dlci);
13677 + struct rfcomm_dlc *d = rfcomm_dlc_get(s, dlci);
13679 + if (d->state == BT_CONNECT || d->state == BT_CONFIG)
13680 + err = ECONNREFUSED;
13682 + err = ECONNRESET;
13684 + d->state = BT_CLOSED;
13685 + __rfcomm_dlc_close(d, err);
13688 + if (s->state == BT_CONNECT)
13689 + err = ECONNREFUSED;
13691 + err = ECONNRESET;
13693 + s->state = BT_CLOSED;
13694 + rfcomm_session_close(s, err);
13699 +static int rfcomm_recv_disc(struct rfcomm_session *s, u8 dlci)
13703 + BT_DBG("session %p state %ld dlci %d", s, s->state, dlci);
13706 + struct rfcomm_dlc *d = rfcomm_dlc_get(s, dlci);
13708 + rfcomm_send_ua(s, dlci);
13710 + if (d->state == BT_CONNECT || d->state == BT_CONFIG)
13711 + err = ECONNREFUSED;
13713 + err = ECONNRESET;
13715 + d->state = BT_CLOSED;
13716 + __rfcomm_dlc_close(d, err);
13718 + rfcomm_send_dm(s, dlci);
13721 + rfcomm_send_ua(s, 0);
13723 + if (s->state == BT_CONNECT)
13724 + err = ECONNREFUSED;
13726 + err = ECONNRESET;
13728 + s->state = BT_CLOSED;
13729 + rfcomm_session_close(s, err);
13735 +static int rfcomm_recv_sabm(struct rfcomm_session *s, u8 dlci)
13737 + struct rfcomm_dlc *d;
13740 + BT_DBG("session %p state %ld dlci %d", s, s->state, dlci);
13743 + rfcomm_send_ua(s, 0);
13745 + if (s->state == BT_OPEN) {
13746 + s->state = BT_CONNECTED;
13747 + rfcomm_process_connect(s);
13752 + /* Check if DLC exists */
13753 + d = rfcomm_dlc_get(s, dlci);
13755 + if (d->state == BT_OPEN) {
13756 + /* DLC was previously opened by PN request */
13757 + rfcomm_send_ua(s, dlci);
13759 + rfcomm_dlc_lock(d);
13760 + d->state = BT_CONNECTED;
13761 + d->state_change(d, 0);
13762 + rfcomm_dlc_unlock(d);
13764 + rfcomm_send_msc(s, 1, dlci, d->v24_sig);
13769 + /* Notify socket layer about incomming connection */
13770 + channel = __srv_channel(dlci);
13771 + if (rfcomm_connect_ind(s, channel, &d)) {
13773 + d->addr = __addr(s->initiator, dlci);
13774 + rfcomm_dlc_link(s, d);
13776 + rfcomm_send_ua(s, dlci);
13778 + rfcomm_dlc_lock(d);
13779 + d->state = BT_CONNECTED;
13780 + d->state_change(d, 0);
13781 + rfcomm_dlc_unlock(d);
13783 + rfcomm_send_msc(s, 1, dlci, d->v24_sig);
13785 + rfcomm_send_dm(s, dlci);
13791 +static int rfcomm_apply_pn(struct rfcomm_dlc *d, int cr, struct rfcomm_pn *pn)
13793 + struct rfcomm_session *s = d->session;
13795 + BT_DBG("dlc %p state %ld dlci %d mtu %d fc 0x%x credits %d",
13796 + d, d->state, d->dlci, pn->mtu, pn->flow_ctrl, pn->credits);
13798 + if (pn->flow_ctrl == 0xf0 || pn->flow_ctrl == 0xe0) {
13799 + d->cfc = s->cfc = RFCOMM_CFC_ENABLED;
13800 + d->tx_credits = pn->credits;
13802 + d->cfc = s->cfc = RFCOMM_CFC_DISABLED;
13803 + set_bit(RFCOMM_TX_THROTTLED, &d->flags);
13806 + d->priority = pn->priority;
13808 + d->mtu = s->mtu = btohs(pn->mtu);
13813 +static int rfcomm_recv_pn(struct rfcomm_session *s, int cr, struct sk_buff *skb)
13815 + struct rfcomm_pn *pn = (void *) skb->data;
13816 + struct rfcomm_dlc *d;
13817 + u8 dlci = pn->dlci;
13819 + BT_DBG("session %p state %ld dlci %d", s, s->state, dlci);
13824 + d = rfcomm_dlc_get(s, dlci);
13828 + rfcomm_apply_pn(d, cr, pn);
13829 + rfcomm_send_pn(s, 0, d);
13831 + /* PN response */
13832 + switch (d->state) {
13834 + rfcomm_apply_pn(d, cr, pn);
13836 + d->state = BT_CONNECT;
13837 + rfcomm_send_sabm(s, d->dlci);
13842 + u8 channel = __srv_channel(dlci);
13847 + /* PN request for non existing DLC.
13848 + * Assume incomming connection. */
13849 + if (rfcomm_connect_ind(s, channel, &d)) {
13851 + d->addr = __addr(s->initiator, dlci);
13852 + rfcomm_dlc_link(s, d);
13854 + rfcomm_apply_pn(d, cr, pn);
13856 + d->state = BT_OPEN;
13857 + rfcomm_send_pn(s, 0, d);
13859 + rfcomm_send_dm(s, dlci);
13865 +static int rfcomm_recv_rpn(struct rfcomm_session *s, int cr, int len, struct sk_buff *skb)
13867 + struct rfcomm_rpn *rpn = (void *) skb->data;
13868 + u8 dlci = __get_dlci(rpn->dlci);
13871 + u8 data_bits = 0;
13872 + u8 stop_bits = 0;
13874 + u8 flow_ctrl = 0;
13876 + u8 xoff_char = 0;
13877 + u16 rpn_mask = RFCOMM_RPN_PM_ALL;
13879 + BT_DBG("dlci %d cr %d len 0x%x bitr 0x%x line 0x%x flow 0x%x xonc 0x%x xoffc 0x%x pm 0x%x",
13880 + dlci, cr, len, rpn->bit_rate, rpn->line_settings, rpn->flow_ctrl,
13881 + rpn->xon_char, rpn->xoff_char, rpn->param_mask);
13887 + /* request: return default setting */
13888 + bit_rate = RFCOMM_RPN_BR_115200;
13889 + data_bits = RFCOMM_RPN_DATA_8;
13890 + stop_bits = RFCOMM_RPN_STOP_1;
13891 + parity = RFCOMM_RPN_PARITY_NONE;
13892 + flow_ctrl = RFCOMM_RPN_FLOW_NONE;
13893 + xon_char = RFCOMM_RPN_XON_CHAR;
13894 + xoff_char = RFCOMM_RPN_XOFF_CHAR;
13898 + /* check for sane values: ignore/accept bit_rate, 8 bits, 1 stop bit, no parity,
13899 + no flow control lines, normal XON/XOFF chars */
13900 + if (rpn->param_mask & RFCOMM_RPN_PM_BITRATE) {
13901 + bit_rate = rpn->bit_rate;
13902 + if (bit_rate != RFCOMM_RPN_BR_115200) {
13903 + BT_DBG("RPN bit rate mismatch 0x%x", bit_rate);
13904 + bit_rate = RFCOMM_RPN_BR_115200;
13905 + rpn_mask ^= RFCOMM_RPN_PM_BITRATE;
13908 + if (rpn->param_mask & RFCOMM_RPN_PM_DATA) {
13909 + data_bits = __get_rpn_data_bits(rpn->line_settings);
13910 + if (data_bits != RFCOMM_RPN_DATA_8) {
13911 + BT_DBG("RPN data bits mismatch 0x%x", data_bits);
13912 + data_bits = RFCOMM_RPN_DATA_8;
13913 + rpn_mask ^= RFCOMM_RPN_PM_DATA;
13916 + if (rpn->param_mask & RFCOMM_RPN_PM_STOP) {
13917 + stop_bits = __get_rpn_stop_bits(rpn->line_settings);
13918 + if (stop_bits != RFCOMM_RPN_STOP_1) {
13919 + BT_DBG("RPN stop bits mismatch 0x%x", stop_bits);
13920 + stop_bits = RFCOMM_RPN_STOP_1;
13921 + rpn_mask ^= RFCOMM_RPN_PM_STOP;
13924 + if (rpn->param_mask & RFCOMM_RPN_PM_PARITY) {
13925 + parity = __get_rpn_parity(rpn->line_settings);
13926 + if (parity != RFCOMM_RPN_PARITY_NONE) {
13927 + BT_DBG("RPN parity mismatch 0x%x", parity);
13928 + parity = RFCOMM_RPN_PARITY_NONE;
13929 + rpn_mask ^= RFCOMM_RPN_PM_PARITY;
13932 + if (rpn->param_mask & RFCOMM_RPN_PM_FLOW) {
13933 + flow_ctrl = rpn->flow_ctrl;
13934 + if (flow_ctrl != RFCOMM_RPN_FLOW_NONE) {
13935 + BT_DBG("RPN flow ctrl mismatch 0x%x", flow_ctrl);
13936 + flow_ctrl = RFCOMM_RPN_FLOW_NONE;
13937 + rpn_mask ^= RFCOMM_RPN_PM_FLOW;
13940 + if (rpn->param_mask & RFCOMM_RPN_PM_XON) {
13941 + xon_char = rpn->xon_char;
13942 + if (xon_char != RFCOMM_RPN_XON_CHAR) {
13943 + BT_DBG("RPN XON char mismatch 0x%x", xon_char);
13944 + xon_char = RFCOMM_RPN_XON_CHAR;
13945 + rpn_mask ^= RFCOMM_RPN_PM_XON;
13948 + if (rpn->param_mask & RFCOMM_RPN_PM_XOFF) {
13949 + xoff_char = rpn->xoff_char;
13950 + if (xoff_char != RFCOMM_RPN_XOFF_CHAR) {
13951 + BT_DBG("RPN XOFF char mismatch 0x%x", xoff_char);
13952 + xoff_char = RFCOMM_RPN_XOFF_CHAR;
13953 + rpn_mask ^= RFCOMM_RPN_PM_XOFF;
13958 + rfcomm_send_rpn(s, 0, dlci,
13959 + bit_rate, data_bits, stop_bits, parity, flow_ctrl,
13960 + xon_char, xoff_char, rpn_mask);
13965 +static int rfcomm_recv_rls(struct rfcomm_session *s, int cr, struct sk_buff *skb)
13967 + struct rfcomm_rls *rls = (void *) skb->data;
13968 + u8 dlci = __get_dlci(rls->dlci);
13970 + BT_DBG("dlci %d cr %d status 0x%x", dlci, cr, rls->status);
13975 + /* FIXME: We should probably do something with this
13976 + information here. But for now it's sufficient just
13977 + to reply -- Bluetooth 1.1 says it's mandatory to
13978 + recognise and respond to RLS */
13980 + rfcomm_send_rls(s, 0, dlci, rls->status);
13985 +static int rfcomm_recv_msc(struct rfcomm_session *s, int cr, struct sk_buff *skb)
13987 + struct rfcomm_msc *msc = (void *) skb->data;
13988 + struct rfcomm_dlc *d;
13989 + u8 dlci = __get_dlci(msc->dlci);
13991 + BT_DBG("dlci %d cr %d v24 0x%x", dlci, cr, msc->v24_sig);
13993 + d = rfcomm_dlc_get(s, dlci);
13998 + if (msc->v24_sig & RFCOMM_V24_FC && !d->cfc)
13999 + set_bit(RFCOMM_TX_THROTTLED, &d->flags);
14001 + clear_bit(RFCOMM_TX_THROTTLED, &d->flags);
14003 + rfcomm_dlc_lock(d);
14004 + if (d->modem_status)
14005 + d->modem_status(d, msc->v24_sig);
14006 + rfcomm_dlc_unlock(d);
14008 + rfcomm_send_msc(s, 0, dlci, msc->v24_sig);
14010 + d->mscex |= RFCOMM_MSCEX_RX;
14012 + d->mscex |= RFCOMM_MSCEX_TX;
14017 +static int rfcomm_recv_mcc(struct rfcomm_session *s, struct sk_buff *skb)
14019 + struct rfcomm_mcc *mcc = (void *) skb->data;
14020 + u8 type, cr, len;
14022 + cr = __test_cr(mcc->type);
14023 + type = __get_mcc_type(mcc->type);
14024 + len = __get_mcc_len(mcc->len);
14026 + BT_DBG("%p type 0x%x cr %d", s, type, cr);
14028 + skb_pull(skb, 2);
14032 + rfcomm_recv_pn(s, cr, skb);
14036 + rfcomm_recv_rpn(s, cr, len, skb);
14040 + rfcomm_recv_rls(s, cr, skb);
14044 + rfcomm_recv_msc(s, cr, skb);
14047 + case RFCOMM_FCOFF:
14049 + set_bit(RFCOMM_TX_THROTTLED, &s->flags);
14050 + rfcomm_send_fcoff(s, 0);
14054 + case RFCOMM_FCON:
14056 + clear_bit(RFCOMM_TX_THROTTLED, &s->flags);
14057 + rfcomm_send_fcon(s, 0);
14061 + case RFCOMM_TEST:
14063 + rfcomm_send_test(s, 0, skb->data, skb->len);
14070 + BT_ERR("Unknown control type 0x%02x", type);
14071 + rfcomm_send_nsc(s, cr, type);
14077 +static int rfcomm_recv_data(struct rfcomm_session *s, u8 dlci, int pf, struct sk_buff *skb)
14079 + struct rfcomm_dlc *d;
14081 + BT_DBG("session %p state %ld dlci %d pf %d", s, s->state, dlci, pf);
14083 + d = rfcomm_dlc_get(s, dlci);
14085 + rfcomm_send_dm(s, dlci);
14089 + if (pf && d->cfc) {
14090 + u8 credits = *(u8 *) skb->data; skb_pull(skb, 1);
14092 + d->tx_credits += credits;
14093 + if (d->tx_credits)
14094 + clear_bit(RFCOMM_TX_THROTTLED, &d->flags);
14097 + if (skb->len && d->state == BT_CONNECTED) {
14098 + rfcomm_dlc_lock(d);
14100 + d->data_ready(d, skb);
14101 + rfcomm_dlc_unlock(d);
14110 +static int rfcomm_recv_frame(struct rfcomm_session *s, struct sk_buff *skb)
14112 + struct rfcomm_hdr *hdr = (void *) skb->data;
14113 + u8 type, dlci, fcs;
14115 + dlci = __get_dlci(hdr->addr);
14116 + type = __get_type(hdr->ctrl);
14119 + skb->len--; skb->tail--;
14120 + fcs = *(u8 *) skb->tail;
14122 + if (__check_fcs(skb->data, type, fcs)) {
14123 + BT_ERR("bad checksum in packet");
14128 + if (__test_ea(hdr->len))
14129 + skb_pull(skb, 3);
14131 + skb_pull(skb, 4);
14134 + case RFCOMM_SABM:
14135 + if (__test_pf(hdr->ctrl))
14136 + rfcomm_recv_sabm(s, dlci);
14139 + case RFCOMM_DISC:
14140 + if (__test_pf(hdr->ctrl))
14141 + rfcomm_recv_disc(s, dlci);
14145 + if (__test_pf(hdr->ctrl))
14146 + rfcomm_recv_ua(s, dlci);
14150 + rfcomm_recv_dm(s, dlci);
14155 + return rfcomm_recv_data(s, dlci, __test_pf(hdr->ctrl), skb);
14157 + rfcomm_recv_mcc(s, skb);
14161 + BT_ERR("Unknown packet type 0x%02x\n", type);
14168 +/* ---- Connection and data processing ---- */
14170 +static void rfcomm_process_connect(struct rfcomm_session *s)
14172 + struct rfcomm_dlc *d;
14173 + struct list_head *p, *n;
14175 + BT_DBG("session %p state %ld", s, s->state);
14177 + list_for_each_safe(p, n, &s->dlcs) {
14178 + d = list_entry(p, struct rfcomm_dlc, list);
14179 + if (d->state == BT_CONFIG) {
14181 + rfcomm_send_pn(s, 1, d);
14186 +/* Send data queued for the DLC.
14187 + * Return number of frames left in the queue.
14189 +static inline int rfcomm_process_tx(struct rfcomm_dlc *d)
14191 + struct sk_buff *skb;
14194 + BT_DBG("dlc %p state %ld cfc %d rx_credits %d tx_credits %d",
14195 + d, d->state, d->cfc, d->rx_credits, d->tx_credits);
14197 + /* Send pending MSC */
14198 + if (test_and_clear_bit(RFCOMM_MSC_PENDING, &d->flags))
14199 + rfcomm_send_msc(d->session, 1, d->dlci, d->v24_sig);
14203 + * Give them some credits */
14204 + if (!test_bit(RFCOMM_RX_THROTTLED, &d->flags) &&
14205 + d->rx_credits <= (d->cfc >> 2)) {
14206 + rfcomm_send_credits(d->session, d->addr, d->cfc - d->rx_credits);
14207 + d->rx_credits = d->cfc;
14211 + * Give ourselves some credits */
14212 + d->tx_credits = 5;
14215 + if (test_bit(RFCOMM_TX_THROTTLED, &d->flags))
14216 + return skb_queue_len(&d->tx_queue);
14218 + while (d->tx_credits && (skb = skb_dequeue(&d->tx_queue))) {
14219 + err = rfcomm_send_frame(d->session, skb->data, skb->len);
14221 + skb_queue_head(&d->tx_queue, skb);
14228 + if (d->cfc && !d->tx_credits) {
14229 + /* We're out of TX credits.
14230 + * Set TX_THROTTLED flag to avoid unnesary wakeups by dlc_send. */
14231 + set_bit(RFCOMM_TX_THROTTLED, &d->flags);
14234 + return skb_queue_len(&d->tx_queue);
14237 +static inline void rfcomm_process_dlcs(struct rfcomm_session *s)
14239 + struct rfcomm_dlc *d;
14240 + struct list_head *p, *n;
14242 + BT_DBG("session %p state %ld", s, s->state);
14244 + list_for_each_safe(p, n, &s->dlcs) {
14245 + d = list_entry(p, struct rfcomm_dlc, list);
14246 + if (test_bit(RFCOMM_TIMED_OUT, &d->flags)) {
14247 + __rfcomm_dlc_close(d, ETIMEDOUT);
14251 + if (test_bit(RFCOMM_TX_THROTTLED, &s->flags))
14254 + if ((d->state == BT_CONNECTED || d->state == BT_DISCONN) &&
14255 + d->mscex == RFCOMM_MSCEX_OK)
14256 + rfcomm_process_tx(d);
14260 +static inline void rfcomm_process_rx(struct rfcomm_session *s)
14262 + struct socket *sock = s->sock;
14263 + struct sock *sk = sock->sk;
14264 + struct sk_buff *skb;
14266 + BT_DBG("session %p state %ld qlen %d", s, s->state, skb_queue_len(&sk->receive_queue));
14268 + /* Get data directly from socket receive queue without copying it. */
14269 + while ((skb = skb_dequeue(&sk->receive_queue))) {
14271 + rfcomm_recv_frame(s, skb);
14274 + if (sk->state == BT_CLOSED) {
14275 + if (!s->initiator)
14276 + rfcomm_session_put(s);
14278 + rfcomm_session_close(s, sk->err);
14282 +static inline void rfcomm_accept_connection(struct rfcomm_session *s)
14284 + struct socket *sock = s->sock, *nsock;
14287 + /* Fast check for a new connection.
14288 + * Avoids unnesesary socket allocations. */
14289 + if (list_empty(&bluez_pi(sock->sk)->accept_q))
14292 + BT_DBG("session %p", s);
14294 + nsock = sock_alloc();
14298 + nsock->type = sock->type;
14299 + nsock->ops = sock->ops;
14301 + err = sock->ops->accept(sock, nsock, O_NONBLOCK);
14303 + sock_release(nsock);
14307 + /* Set our callbacks */
14308 + nsock->sk->data_ready = rfcomm_l2data_ready;
14309 + nsock->sk->state_change = rfcomm_l2state_change;
14311 + s = rfcomm_session_add(nsock, BT_OPEN);
14313 + rfcomm_session_hold(s);
14314 + rfcomm_schedule(RFCOMM_SCHED_RX);
14316 + sock_release(nsock);
14319 +static inline void rfcomm_check_connection(struct rfcomm_session *s)
14321 + struct sock *sk = s->sock->sk;
14323 + BT_DBG("%p state %ld", s, s->state);
14325 + switch(sk->state) {
14326 + case BT_CONNECTED:
14327 + s->state = BT_CONNECT;
14329 + /* We can adjust MTU on outgoing sessions.
14330 + * L2CAP MTU minus UIH header and FCS. */
14331 + s->mtu = min(l2cap_pi(sk)->omtu, l2cap_pi(sk)->imtu) - 5;
14333 + rfcomm_send_sabm(s, 0);
14337 + s->state = BT_CLOSED;
14338 + rfcomm_session_close(s, sk->err);
14343 +static inline void rfcomm_process_sessions(void)
14345 + struct list_head *p, *n;
14349 + list_for_each_safe(p, n, &session_list) {
14350 + struct rfcomm_session *s;
14351 + s = list_entry(p, struct rfcomm_session, list);
14353 + if (s->state == BT_LISTEN) {
14354 + rfcomm_accept_connection(s);
14358 + rfcomm_session_hold(s);
14360 + switch (s->state) {
14362 + rfcomm_check_connection(s);
14366 + rfcomm_process_rx(s);
14370 + rfcomm_process_dlcs(s);
14372 + rfcomm_session_put(s);
14378 +static void rfcomm_worker(void)
14382 + daemonize(); reparent_to_init();
14383 + set_fs(KERNEL_DS);
14385 + while (!atomic_read(&terminate)) {
14386 + BT_DBG("worker loop event 0x%lx", rfcomm_event);
14388 + if (!test_bit(RFCOMM_SCHED_WAKEUP, &rfcomm_event)) {
14389 + /* No pending events. Let's sleep.
14390 + * Incomming connections and data will wake us up. */
14391 + set_current_state(TASK_INTERRUPTIBLE);
14395 + /* Process stuff */
14396 + clear_bit(RFCOMM_SCHED_WAKEUP, &rfcomm_event);
14397 + rfcomm_process_sessions();
14399 + set_current_state(TASK_RUNNING);
14403 +static int rfcomm_add_listener(bdaddr_t *ba)
14405 + struct sockaddr_l2 addr;
14406 + struct l2cap_options opts;
14407 + struct socket *sock;
14408 + struct rfcomm_session *s;
14409 + int size, err = 0;
14411 + /* Create socket */
14412 + err = rfcomm_l2sock_create(&sock);
14414 + BT_ERR("Create socket failed %d", err);
14418 + /* Bind socket */
14419 + bacpy(&addr.l2_bdaddr, ba);
14420 + addr.l2_family = AF_BLUETOOTH;
14421 + addr.l2_psm = htobs(RFCOMM_PSM);
14422 + err = sock->ops->bind(sock, (struct sockaddr *) &addr, sizeof(addr));
14424 + BT_ERR("Bind failed %d", err);
14428 + /* Set L2CAP options */
14429 + size = sizeof(opts);
14430 + sock->ops->getsockopt(sock, SOL_L2CAP, L2CAP_OPTIONS, (void *)&opts, &size);
14432 + opts.imtu = RFCOMM_MAX_L2CAP_MTU;
14433 + sock->ops->setsockopt(sock, SOL_L2CAP, L2CAP_OPTIONS, (void *)&opts, size);
14435 + /* Start listening on the socket */
14436 + err = sock->ops->listen(sock, 10);
14438 + BT_ERR("Listen failed %d", err);
14442 + /* Add listening session */
14443 + s = rfcomm_session_add(sock, BT_LISTEN);
14447 + rfcomm_session_hold(s);
14450 + sock_release(sock);
14454 +static void rfcomm_kill_listener(void)
14456 + struct rfcomm_session *s;
14457 + struct list_head *p, *n;
14461 + list_for_each_safe(p, n, &session_list) {
14462 + s = list_entry(p, struct rfcomm_session, list);
14463 + rfcomm_session_del(s);
14467 +static int rfcomm_run(void *unused)
14469 + rfcomm_thread = current;
14471 + atomic_inc(&running);
14473 + daemonize(); reparent_to_init();
14475 + sigfillset(¤t->blocked);
14476 + set_fs(KERNEL_DS);
14478 + sprintf(current->comm, "krfcommd");
14482 + rfcomm_add_listener(BDADDR_ANY);
14486 + rfcomm_kill_listener();
14488 + atomic_dec(&running);
14492 +/* ---- Proc fs support ---- */
14493 +static int rfcomm_dlc_dump(char *buf)
14495 + struct rfcomm_session *s;
14497 + struct list_head *p, *pp;
14502 + list_for_each(p, &session_list) {
14503 + s = list_entry(p, struct rfcomm_session, list);
14504 + sk = s->sock->sk;
14506 + list_for_each(pp, &s->dlcs) {
14507 + struct rfcomm_dlc *d;
14508 + d = list_entry(pp, struct rfcomm_dlc, list);
14510 + ptr += sprintf(ptr, "dlc %s %s %ld %d %d %d %d\n",
14511 + batostr(&bluez_pi(sk)->src), batostr(&bluez_pi(sk)->dst),
14512 + d->state, d->dlci, d->mtu, d->rx_credits, d->tx_credits);
14518 + return ptr - buf;
14521 +extern int rfcomm_sock_dump(char *buf);
14523 +static int rfcomm_read_proc(char *buf, char **start, off_t offset, int count, int *eof, void *priv)
14528 + BT_DBG("count %d, offset %ld", count, offset);
14530 + ptr += rfcomm_dlc_dump(ptr);
14531 + ptr += rfcomm_sock_dump(ptr);
14534 + if (len <= count + offset)
14537 + *start = buf + offset;
14548 +/* ---- Initialization ---- */
14549 +int __init rfcomm_init(void)
14553 + kernel_thread(rfcomm_run, NULL, CLONE_FS | CLONE_FILES | CLONE_SIGHAND);
14555 + rfcomm_init_sockets();
14557 +#ifdef CONFIG_BLUEZ_RFCOMM_TTY
14558 + rfcomm_init_ttys();
14561 + create_proc_read_entry("bluetooth/rfcomm", 0, 0, rfcomm_read_proc, NULL);
14563 + BT_INFO("BlueZ RFCOMM ver %s", VERSION);
14564 + BT_INFO("Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com>");
14565 + BT_INFO("Copyright (C) 2002 Marcel Holtmann <marcel@holtmann.org>");
14569 +void rfcomm_cleanup(void)
14571 + /* Terminate working thread.
14572 + * ie. Set terminate flag and wake it up */
14573 + atomic_inc(&terminate);
14574 + rfcomm_schedule(RFCOMM_SCHED_STATE);
14576 + /* Wait until thread is running */
14577 + while (atomic_read(&running))
14580 + remove_proc_entry("bluetooth/rfcomm", NULL);
14582 +#ifdef CONFIG_BLUEZ_RFCOMM_TTY
14583 + rfcomm_cleanup_ttys();
14586 + rfcomm_cleanup_sockets();
14590 +module_init(rfcomm_init);
14591 +module_exit(rfcomm_cleanup);
14593 +MODULE_AUTHOR("Maxim Krasnyansky <maxk@qualcomm.com>, Marcel Holtmann <marcel@holtmann.org>");
14594 +MODULE_DESCRIPTION("BlueZ RFCOMM ver " VERSION);
14595 +MODULE_LICENSE("GPL");
14596 diff -Nur c3000_pre/linux/net/bluetooth/rfcomm/crc.c c3000_work/linux/net/bluetooth/rfcomm/crc.c
14597 --- c3000_pre/linux/net/bluetooth/rfcomm/crc.c 1970-01-01 09:00:00.000000000 +0900
14598 +++ c3000_work/linux/net/bluetooth/rfcomm/crc.c 2004-12-16 23:01:14.000000000 +0900
14601 + RFCOMM implementation for Linux Bluetooth stack (BlueZ).
14602 + Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com>
14603 + Copyright (C) 2002 Marcel Holtmann <marcel@holtmann.org>
14605 + This program is free software; you can redistribute it and/or modify
14606 + it under the terms of the GNU General Public License version 2 as
14607 + published by the Free Software Foundation;
14609 + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
14610 + OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
14611 + FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14612 + IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
14613 + CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14614 + WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14615 + ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14616 + OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
14618 + ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
14619 + COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
14620 + SOFTWARE IS DISCLAIMED.
14624 + * RFCOMM FCS calculation.
14626 + * $Id: crc.c,v 1.2 2002/09/21 09:54:32 holtmann Exp $
14629 +/* reversed, 8-bit, poly=0x07 */
14630 +unsigned char rfcomm_crc_table[256] = {
14631 + 0x00, 0x91, 0xe3, 0x72, 0x07, 0x96, 0xe4, 0x75,
14632 + 0x0e, 0x9f, 0xed, 0x7c, 0x09, 0x98, 0xea, 0x7b,
14633 + 0x1c, 0x8d, 0xff, 0x6e, 0x1b, 0x8a, 0xf8, 0x69,
14634 + 0x12, 0x83, 0xf1, 0x60, 0x15, 0x84, 0xf6, 0x67,
14636 + 0x38, 0xa9, 0xdb, 0x4a, 0x3f, 0xae, 0xdc, 0x4d,
14637 + 0x36, 0xa7, 0xd5, 0x44, 0x31, 0xa0, 0xd2, 0x43,
14638 + 0x24, 0xb5, 0xc7, 0x56, 0x23, 0xb2, 0xc0, 0x51,
14639 + 0x2a, 0xbb, 0xc9, 0x58, 0x2d, 0xbc, 0xce, 0x5f,
14641 + 0x70, 0xe1, 0x93, 0x02, 0x77, 0xe6, 0x94, 0x05,
14642 + 0x7e, 0xef, 0x9d, 0x0c, 0x79, 0xe8, 0x9a, 0x0b,
14643 + 0x6c, 0xfd, 0x8f, 0x1e, 0x6b, 0xfa, 0x88, 0x19,
14644 + 0x62, 0xf3, 0x81, 0x10, 0x65, 0xf4, 0x86, 0x17,
14646 + 0x48, 0xd9, 0xab, 0x3a, 0x4f, 0xde, 0xac, 0x3d,
14647 + 0x46, 0xd7, 0xa5, 0x34, 0x41, 0xd0, 0xa2, 0x33,
14648 + 0x54, 0xc5, 0xb7, 0x26, 0x53, 0xc2, 0xb0, 0x21,
14649 + 0x5a, 0xcb, 0xb9, 0x28, 0x5d, 0xcc, 0xbe, 0x2f,
14651 + 0xe0, 0x71, 0x03, 0x92, 0xe7, 0x76, 0x04, 0x95,
14652 + 0xee, 0x7f, 0x0d, 0x9c, 0xe9, 0x78, 0x0a, 0x9b,
14653 + 0xfc, 0x6d, 0x1f, 0x8e, 0xfb, 0x6a, 0x18, 0x89,
14654 + 0xf2, 0x63, 0x11, 0x80, 0xf5, 0x64, 0x16, 0x87,
14656 + 0xd8, 0x49, 0x3b, 0xaa, 0xdf, 0x4e, 0x3c, 0xad,
14657 + 0xd6, 0x47, 0x35, 0xa4, 0xd1, 0x40, 0x32, 0xa3,
14658 + 0xc4, 0x55, 0x27, 0xb6, 0xc3, 0x52, 0x20, 0xb1,
14659 + 0xca, 0x5b, 0x29, 0xb8, 0xcd, 0x5c, 0x2e, 0xbf,
14661 + 0x90, 0x01, 0x73, 0xe2, 0x97, 0x06, 0x74, 0xe5,
14662 + 0x9e, 0x0f, 0x7d, 0xec, 0x99, 0x08, 0x7a, 0xeb,
14663 + 0x8c, 0x1d, 0x6f, 0xfe, 0x8b, 0x1a, 0x68, 0xf9,
14664 + 0x82, 0x13, 0x61, 0xf0, 0x85, 0x14, 0x66, 0xf7,
14666 + 0xa8, 0x39, 0x4b, 0xda, 0xaf, 0x3e, 0x4c, 0xdd,
14667 + 0xa6, 0x37, 0x45, 0xd4, 0xa1, 0x30, 0x42, 0xd3,
14668 + 0xb4, 0x25, 0x57, 0xc6, 0xb3, 0x22, 0x50, 0xc1,
14669 + 0xba, 0x2b, 0x59, 0xc8, 0xbd, 0x2c, 0x5e, 0xcf
14671 diff -Nur c3000_pre/linux/net/bluetooth/rfcomm/sock.c c3000_work/linux/net/bluetooth/rfcomm/sock.c
14672 --- c3000_pre/linux/net/bluetooth/rfcomm/sock.c 1970-01-01 09:00:00.000000000 +0900
14673 +++ c3000_work/linux/net/bluetooth/rfcomm/sock.c 2004-12-16 23:01:14.000000000 +0900
14676 + RFCOMM implementation for Linux Bluetooth stack (BlueZ).
14677 + Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com>
14678 + Copyright (C) 2002 Marcel Holtmann <marcel@holtmann.org>
14680 + This program is free software; you can redistribute it and/or modify
14681 + it under the terms of the GNU General Public License version 2 as
14682 + published by the Free Software Foundation;
14684 + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
14685 + OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
14686 + FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14687 + IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
14688 + CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14689 + WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14690 + ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14691 + OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
14693 + ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
14694 + COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
14695 + SOFTWARE IS DISCLAIMED.
14699 + * RFCOMM sockets.
14701 + * $Id: sock.c,v 1.30 2002/10/18 20:12:12 maxk Exp $
14704 +#include <linux/config.h>
14705 +#include <linux/module.h>
14707 +#include <linux/types.h>
14708 +#include <linux/errno.h>
14709 +#include <linux/kernel.h>
14710 +#include <linux/major.h>
14711 +#include <linux/sched.h>
14712 +#include <linux/slab.h>
14713 +#include <linux/poll.h>
14714 +#include <linux/fcntl.h>
14715 +#include <linux/init.h>
14716 +#include <linux/skbuff.h>
14717 +#include <linux/interrupt.h>
14718 +#include <linux/socket.h>
14719 +#include <linux/skbuff.h>
14720 +#include <linux/list.h>
14721 +#include <net/sock.h>
14723 +#include <asm/system.h>
14724 +#include <asm/uaccess.h>
14726 +#include <net/bluetooth/bluetooth.h>
14727 +#include <net/bluetooth/rfcomm.h>
14729 +#ifndef CONFIG_BLUEZ_RFCOMM_DEBUG
14731 +#define BT_DBG(D...)
14734 +static struct proto_ops rfcomm_sock_ops;
14736 +static struct bluez_sock_list rfcomm_sk_list = {
14737 + lock: RW_LOCK_UNLOCKED
14740 +static void rfcomm_sock_close(struct sock *sk);
14741 +static void rfcomm_sock_kill(struct sock *sk);
14743 +/* ---- DLC callbacks ----
14745 + * called under rfcomm_dlc_lock()
14747 +static void rfcomm_sk_data_ready(struct rfcomm_dlc *d, struct sk_buff *skb)
14749 + struct sock *sk = d->owner;
14753 + atomic_add(skb->len, &sk->rmem_alloc);
14754 + skb_queue_tail(&sk->receive_queue, skb);
14755 + sk->data_ready(sk, skb->len);
14757 + if (atomic_read(&sk->rmem_alloc) >= sk->rcvbuf)
14758 + rfcomm_dlc_throttle(d);
14761 +static void rfcomm_sk_state_change(struct rfcomm_dlc *d, int err)
14763 + struct sock *sk = d->owner, *parent;
14767 + BT_DBG("dlc %p state %ld err %d", d, d->state, err);
14769 + bh_lock_sock(sk);
14773 + sk->state = d->state;
14775 + parent = bluez_pi(sk)->parent;
14777 + if (d->state == BT_CONNECTED)
14778 + rfcomm_session_getaddr(d->session, &bluez_pi(sk)->src, NULL);
14779 + sk->state_change(sk);
14781 + parent->data_ready(parent, 0);
14783 + bh_unlock_sock(sk);
14786 +/* ---- Socket functions ---- */
14787 +static struct sock *__rfcomm_get_sock_by_addr(u8 channel, bdaddr_t *src)
14791 + for (sk = rfcomm_sk_list.head; sk; sk = sk->next) {
14792 + if (rfcomm_pi(sk)->channel == channel &&
14793 + !bacmp(&bluez_pi(sk)->src, src))
14800 +/* Find socket with channel and source bdaddr.
14801 + * Returns closest match.
14803 +static struct sock *__rfcomm_get_sock_by_channel(int state, u8 channel, bdaddr_t *src)
14805 + struct sock *sk, *sk1 = NULL;
14807 + for (sk = rfcomm_sk_list.head; sk; sk = sk->next) {
14808 + if (state && sk->state != state)
14811 + if (rfcomm_pi(sk)->channel == channel) {
14812 + /* Exact match. */
14813 + if (!bacmp(&bluez_pi(sk)->src, src))
14816 + /* Closest match */
14817 + if (!bacmp(&bluez_pi(sk)->src, BDADDR_ANY))
14821 + return sk ? sk : sk1;
14824 +/* Find socket with given address (channel, src).
14825 + * Returns locked socket */
14826 +static inline struct sock *rfcomm_get_sock_by_channel(int state, u8 channel, bdaddr_t *src)
14829 + read_lock(&rfcomm_sk_list.lock);
14830 + s = __rfcomm_get_sock_by_channel(state, channel, src);
14831 + if (s) bh_lock_sock(s);
14832 + read_unlock(&rfcomm_sk_list.lock);
14836 +static void rfcomm_sock_destruct(struct sock *sk)
14838 + struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc;
14840 + BT_DBG("sk %p dlc %p", sk, d);
14842 + skb_queue_purge(&sk->receive_queue);
14843 + skb_queue_purge(&sk->write_queue);
14845 + rfcomm_dlc_lock(d);
14846 + rfcomm_pi(sk)->dlc = NULL;
14848 + /* Detach DLC if it's owned by this socket */
14849 + if (d->owner == sk)
14851 + rfcomm_dlc_unlock(d);
14853 + rfcomm_dlc_put(d);
14855 + MOD_DEC_USE_COUNT;
14858 +static void rfcomm_sock_cleanup_listen(struct sock *parent)
14862 + BT_DBG("parent %p", parent);
14864 + /* Close not yet accepted dlcs */
14865 + while ((sk = bluez_accept_dequeue(parent, NULL))) {
14866 + rfcomm_sock_close(sk);
14867 + rfcomm_sock_kill(sk);
14870 + parent->state = BT_CLOSED;
14871 + parent->zapped = 1;
14874 +/* Kill socket (only if zapped and orphan)
14875 + * Must be called on unlocked socket.
14877 +static void rfcomm_sock_kill(struct sock *sk)
14879 + if (!sk->zapped || sk->socket)
14882 + BT_DBG("sk %p state %d refcnt %d", sk, sk->state, atomic_read(&sk->refcnt));
14884 + /* Kill poor orphan */
14885 + bluez_sock_unlink(&rfcomm_sk_list, sk);
14890 +static void __rfcomm_sock_close(struct sock *sk)
14892 + struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc;
14894 + BT_DBG("sk %p state %d socket %p", sk, sk->state, sk->socket);
14896 + switch (sk->state) {
14898 + rfcomm_sock_cleanup_listen(sk);
14902 + case BT_CONNECT2:
14904 + case BT_CONNECTED:
14905 + rfcomm_dlc_close(d, 0);
14914 + * Must be called on unlocked socket.
14916 +static void rfcomm_sock_close(struct sock *sk)
14919 + __rfcomm_sock_close(sk);
14920 + release_sock(sk);
14923 +static void rfcomm_sock_init(struct sock *sk, struct sock *parent)
14925 + BT_DBG("sk %p", sk);
14928 + sk->type = parent->type;
14931 +static struct sock *rfcomm_sock_alloc(struct socket *sock, int proto, int prio)
14933 + struct rfcomm_dlc *d;
14936 + sk = sk_alloc(PF_BLUETOOTH, prio, 1);
14940 + d = rfcomm_dlc_alloc(prio);
14945 + d->data_ready = rfcomm_sk_data_ready;
14946 + d->state_change = rfcomm_sk_state_change;
14948 + rfcomm_pi(sk)->dlc = d;
14951 + bluez_sock_init(sock, sk);
14955 + sk->destruct = rfcomm_sock_destruct;
14956 + sk->sndtimeo = RFCOMM_CONN_TIMEOUT;
14958 + sk->sndbuf = RFCOMM_MAX_CREDITS * RFCOMM_DEFAULT_MTU * 10;
14959 + sk->rcvbuf = RFCOMM_MAX_CREDITS * RFCOMM_DEFAULT_MTU * 10;
14961 + sk->protocol = proto;
14962 + sk->state = BT_OPEN;
14964 + bluez_sock_link(&rfcomm_sk_list, sk);
14966 + BT_DBG("sk %p", sk);
14968 + MOD_INC_USE_COUNT;
14972 +static int rfcomm_sock_create(struct socket *sock, int protocol)
14976 + BT_DBG("sock %p", sock);
14978 + sock->state = SS_UNCONNECTED;
14980 + if (sock->type != SOCK_STREAM && sock->type != SOCK_RAW)
14981 + return -ESOCKTNOSUPPORT;
14983 + sock->ops = &rfcomm_sock_ops;
14985 + if (!(sk = rfcomm_sock_alloc(sock, protocol, GFP_KERNEL)))
14988 + rfcomm_sock_init(sk, NULL);
14992 +static int rfcomm_sock_bind(struct socket *sock, struct sockaddr *addr, int addr_len)
14994 + struct sockaddr_rc *sa = (struct sockaddr_rc *) addr;
14995 + struct sock *sk = sock->sk;
14998 + BT_DBG("sk %p %s", sk, batostr(&sa->rc_bdaddr));
15000 + if (!addr || addr->sa_family != AF_BLUETOOTH)
15005 + if (sk->state != BT_OPEN) {
15010 + write_lock_bh(&rfcomm_sk_list.lock);
15012 + if (sa->rc_channel && __rfcomm_get_sock_by_addr(sa->rc_channel, &sa->rc_bdaddr)) {
15013 + err = -EADDRINUSE;
15015 + /* Save source address */
15016 + bacpy(&bluez_pi(sk)->src, &sa->rc_bdaddr);
15017 + rfcomm_pi(sk)->channel = sa->rc_channel;
15018 + sk->state = BT_BOUND;
15021 + write_unlock_bh(&rfcomm_sk_list.lock);
15024 + release_sock(sk);
15028 +static int rfcomm_sock_connect(struct socket *sock, struct sockaddr *addr, int alen, int flags)
15030 + struct sockaddr_rc *sa = (struct sockaddr_rc *) addr;
15031 + struct sock *sk = sock->sk;
15032 + struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc;
15035 + BT_DBG("sk %p", sk);
15037 + if (addr->sa_family != AF_BLUETOOTH || alen < sizeof(struct sockaddr_rc))
15040 + if (sk->state != BT_OPEN && sk->state != BT_BOUND)
15043 + if (sk->type != SOCK_STREAM)
15048 + sk->state = BT_CONNECT;
15049 + bacpy(&bluez_pi(sk)->dst, &sa->rc_bdaddr);
15050 + rfcomm_pi(sk)->channel = sa->rc_channel;
15052 + err = rfcomm_dlc_open(d, &bluez_pi(sk)->src, &sa->rc_bdaddr, sa->rc_channel);
15054 + err = bluez_sock_wait_state(sk, BT_CONNECTED,
15055 + sock_sndtimeo(sk, flags & O_NONBLOCK));
15057 + release_sock(sk);
15061 +int rfcomm_sock_listen(struct socket *sock, int backlog)
15063 + struct sock *sk = sock->sk;
15066 + BT_DBG("sk %p backlog %d", sk, backlog);
15070 + if (sk->state != BT_BOUND) {
15075 + sk->max_ack_backlog = backlog;
15076 + sk->ack_backlog = 0;
15077 + sk->state = BT_LISTEN;
15080 + release_sock(sk);
15084 +int rfcomm_sock_accept(struct socket *sock, struct socket *newsock, int flags)
15086 + DECLARE_WAITQUEUE(wait, current);
15087 + struct sock *sk = sock->sk, *nsk;
15093 + if (sk->state != BT_LISTEN) {
15098 + timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK);
15100 + BT_DBG("sk %p timeo %ld", sk, timeo);
15102 + /* Wait for an incoming connection. (wake-one). */
15103 + add_wait_queue_exclusive(sk->sleep, &wait);
15104 + while (!(nsk = bluez_accept_dequeue(sk, newsock))) {
15105 + set_current_state(TASK_INTERRUPTIBLE);
15111 + release_sock(sk);
15112 + timeo = schedule_timeout(timeo);
15115 + if (sk->state != BT_LISTEN) {
15120 + if (signal_pending(current)) {
15121 + err = sock_intr_errno(timeo);
15125 + set_current_state(TASK_RUNNING);
15126 + remove_wait_queue(sk->sleep, &wait);
15131 + newsock->state = SS_CONNECTED;
15133 + BT_DBG("new socket %p", nsk);
15136 + release_sock(sk);
15140 +static int rfcomm_sock_getname(struct socket *sock, struct sockaddr *addr, int *len, int peer)
15142 + struct sockaddr_rc *sa = (struct sockaddr_rc *) addr;
15143 + struct sock *sk = sock->sk;
15145 + BT_DBG("sock %p, sk %p", sock, sk);
15147 + sa->rc_family = AF_BLUETOOTH;
15148 + sa->rc_channel = rfcomm_pi(sk)->channel;
15150 + bacpy(&sa->rc_bdaddr, &bluez_pi(sk)->dst);
15152 + bacpy(&sa->rc_bdaddr, &bluez_pi(sk)->src);
15154 + *len = sizeof(struct sockaddr_rc);
15158 +static int rfcomm_sock_sendmsg(struct socket *sock, struct msghdr *msg, int len,
15159 + struct scm_cookie *scm)
15161 + struct sock *sk = sock->sk;
15162 + struct rfcomm_dlc *d = rfcomm_pi(sk)->dlc;
15163 + struct sk_buff *skb;
15167 + if (msg->msg_flags & MSG_OOB)
15168 + return -EOPNOTSUPP;
15170 + if (sk->shutdown & SEND_SHUTDOWN)
15173 + BT_DBG("sock %p, sk %p", sock, sk);
15178 + size = min_t(uint, len, d->mtu);
15180 + skb = sock_alloc_send_skb(sk, size + RFCOMM_SKB_RESERVE,
15181 + msg->msg_flags & MSG_DONTWAIT, &err);
15184 + skb_reserve(skb, RFCOMM_SKB_HEAD_RESERVE);
15186 + err = memcpy_fromiovec(skb_put(skb, size), msg->msg_iov, size);
15193 + err = rfcomm_dlc_send(d, skb);
15203 + release_sock(sk);
15205 + return sent ? sent : err;
15208 +static long rfcomm_sock_data_wait(struct sock *sk, long timeo)
15210 + DECLARE_WAITQUEUE(wait, current);
15212 + add_wait_queue(sk->sleep, &wait);
15214 + set_current_state(TASK_INTERRUPTIBLE);
15216 + if (skb_queue_len(&sk->receive_queue) || sk->err || (sk->shutdown & RCV_SHUTDOWN) ||
15217 + signal_pending(current) || !timeo)
15220 + set_bit(SOCK_ASYNC_WAITDATA, &sk->socket->flags);
15221 + release_sock(sk);
15222 + timeo = schedule_timeout(timeo);
15224 + clear_bit(SOCK_ASYNC_WAITDATA, &sk->socket->flags);
15227 + __set_current_state(TASK_RUNNING);
15228 + remove_wait_queue(sk->sleep, &wait);
15232 +static int rfcomm_sock_recvmsg(struct socket *sock, struct msghdr *msg, int size,
15233 + int flags, struct scm_cookie *scm)
15235 + struct sock *sk = sock->sk;
15236 + int target, err = 0, copied = 0;
15239 + if (flags & MSG_OOB)
15240 + return -EOPNOTSUPP;
15242 + msg->msg_namelen = 0;
15244 + BT_DBG("sk %p size %d", sk, size);
15248 + target = sock_rcvlowat(sk, flags & MSG_WAITALL, size);
15249 + timeo = sock_rcvtimeo(sk, flags & MSG_DONTWAIT);
15252 + struct sk_buff *skb;
15255 + skb = skb_dequeue(&sk->receive_queue);
15257 + if (copied >= target)
15260 + if ((err = sock_error(sk)) != 0)
15262 + if (sk->shutdown & RCV_SHUTDOWN)
15269 + timeo = rfcomm_sock_data_wait(sk, timeo);
15271 + if (signal_pending(current)) {
15272 + err = sock_intr_errno(timeo);
15278 + chunk = min_t(unsigned int, skb->len, size);
15279 + if (memcpy_toiovec(msg->msg_iov, skb->data, chunk)) {
15280 + skb_queue_head(&sk->receive_queue, skb);
15282 + copied = -EFAULT;
15288 + if (!(flags & MSG_PEEK)) {
15289 + atomic_sub(chunk, &sk->rmem_alloc);
15291 + skb_pull(skb, chunk);
15293 + skb_queue_head(&sk->receive_queue, skb);
15299 + /* put message back and return */
15300 + skb_queue_head(&sk->receive_queue, skb);
15306 + if (atomic_read(&sk->rmem_alloc) <= (sk->rcvbuf >> 2))
15307 + rfcomm_dlc_unthrottle(rfcomm_pi(sk)->dlc);
15309 + release_sock(sk);
15310 + return copied ? : err;
15313 +static int rfcomm_sock_setsockopt(struct socket *sock, int level, int optname, char *optval, int optlen)
15315 + struct sock *sk = sock->sk;
15318 + BT_DBG("sk %p", sk);
15322 + switch (optname) {
15324 + err = -ENOPROTOOPT;
15328 + release_sock(sk);
15332 +static int rfcomm_sock_getsockopt(struct socket *sock, int level, int optname, char *optval, int *optlen)
15334 + struct sock *sk = sock->sk;
15335 + int len, err = 0;
15337 + BT_DBG("sk %p", sk);
15339 + if (get_user(len, optlen))
15344 + switch (optname) {
15346 + err = -ENOPROTOOPT;
15350 + release_sock(sk);
15354 +static int rfcomm_sock_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
15356 + struct sock *sk = sock->sk;
15361 +#ifdef CONFIG_BLUEZ_RFCOMM_TTY
15362 + err = rfcomm_dev_ioctl(sk, cmd, arg);
15364 + err = -EOPNOTSUPP;
15367 + release_sock(sk);
15372 +static int rfcomm_sock_shutdown(struct socket *sock, int how)
15374 + struct sock *sk = sock->sk;
15377 + BT_DBG("sock %p, sk %p", sock, sk);
15379 + if (!sk) return 0;
15382 + if (!sk->shutdown) {
15383 + sk->shutdown = SHUTDOWN_MASK;
15384 + __rfcomm_sock_close(sk);
15387 + err = bluez_sock_wait_state(sk, BT_CLOSED, sk->lingertime);
15389 + release_sock(sk);
15393 +static int rfcomm_sock_release(struct socket *sock)
15395 + struct sock *sk = sock->sk;
15398 + BT_DBG("sock %p, sk %p", sock, sk);
15403 + err = rfcomm_sock_shutdown(sock, 2);
15406 + rfcomm_sock_kill(sk);
15410 +/* ---- RFCOMM core layer callbacks ----
15412 + * called under rfcomm_lock()
15414 +int rfcomm_connect_ind(struct rfcomm_session *s, u8 channel, struct rfcomm_dlc **d)
15416 + struct sock *sk, *parent;
15417 + bdaddr_t src, dst;
15420 + BT_DBG("session %p channel %d", s, channel);
15422 + rfcomm_session_getaddr(s, &src, &dst);
15424 + /* Check if we have socket listening on this channel */
15425 + parent = rfcomm_get_sock_by_channel(BT_LISTEN, channel, &src);
15429 + /* Check for backlog size */
15430 + if (parent->ack_backlog > parent->max_ack_backlog) {
15431 + BT_DBG("backlog full %d", parent->ack_backlog);
15435 + sk = rfcomm_sock_alloc(NULL, BTPROTO_RFCOMM, GFP_ATOMIC);
15439 + rfcomm_sock_init(sk, parent);
15440 + bacpy(&bluez_pi(sk)->src, &src);
15441 + bacpy(&bluez_pi(sk)->dst, &dst);
15442 + rfcomm_pi(sk)->channel = channel;
15444 + sk->state = BT_CONFIG;
15445 + bluez_accept_enqueue(parent, sk);
15447 + /* Accept connection and return socket DLC */
15448 + *d = rfcomm_pi(sk)->dlc;
15452 + bh_unlock_sock(parent);
15456 +/* ---- Proc fs support ---- */
15457 +int rfcomm_sock_dump(char *buf)
15459 + struct bluez_sock_list *list = &rfcomm_sk_list;
15460 + struct rfcomm_pinfo *pi;
15464 + write_lock_bh(&list->lock);
15466 + for (sk = list->head; sk; sk = sk->next) {
15467 + pi = rfcomm_pi(sk);
15468 + ptr += sprintf(ptr, "sk %s %s %d %d\n",
15469 + batostr(&bluez_pi(sk)->src), batostr(&bluez_pi(sk)->dst),
15470 + sk->state, rfcomm_pi(sk)->channel);
15473 + write_unlock_bh(&list->lock);
15475 + return ptr - buf;
15478 +static struct proto_ops rfcomm_sock_ops = {
15479 + family: PF_BLUETOOTH,
15480 + release: rfcomm_sock_release,
15481 + bind: rfcomm_sock_bind,
15482 + connect: rfcomm_sock_connect,
15483 + listen: rfcomm_sock_listen,
15484 + accept: rfcomm_sock_accept,
15485 + getname: rfcomm_sock_getname,
15486 + sendmsg: rfcomm_sock_sendmsg,
15487 + recvmsg: rfcomm_sock_recvmsg,
15488 + shutdown: rfcomm_sock_shutdown,
15489 + setsockopt: rfcomm_sock_setsockopt,
15490 + getsockopt: rfcomm_sock_getsockopt,
15491 + ioctl: rfcomm_sock_ioctl,
15492 + poll: bluez_sock_poll,
15493 + socketpair: sock_no_socketpair,
15494 + mmap: sock_no_mmap
15497 +static struct net_proto_family rfcomm_sock_family_ops = {
15498 + family: PF_BLUETOOTH,
15499 + create: rfcomm_sock_create
15502 +int rfcomm_init_sockets(void)
15506 + if ((err = bluez_sock_register(BTPROTO_RFCOMM, &rfcomm_sock_family_ops))) {
15507 + BT_ERR("Can't register RFCOMM socket layer");
15514 +void rfcomm_cleanup_sockets(void)
15518 + /* Unregister socket, protocol and notifier */
15519 + if ((err = bluez_sock_unregister(BTPROTO_RFCOMM)))
15520 + BT_ERR("Can't unregister RFCOMM socket layer %d", err);
15522 diff -Nur c3000_pre/linux/net/bluetooth/rfcomm/tty.c c3000_work/linux/net/bluetooth/rfcomm/tty.c
15523 --- c3000_pre/linux/net/bluetooth/rfcomm/tty.c 1970-01-01 09:00:00.000000000 +0900
15524 +++ c3000_work/linux/net/bluetooth/rfcomm/tty.c 2004-12-16 23:01:14.000000000 +0900
15527 + RFCOMM implementation for Linux Bluetooth stack (BlueZ).
15528 + Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com>
15529 + Copyright (C) 2002 Marcel Holtmann <marcel@holtmann.org>
15531 + This program is free software; you can redistribute it and/or modify
15532 + it under the terms of the GNU General Public License version 2 as
15533 + published by the Free Software Foundation;
15535 + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
15536 + OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
15537 + FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
15538 + IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15539 + CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
15540 + WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15541 + ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15542 + OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15544 + ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
15545 + COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
15546 + SOFTWARE IS DISCLAIMED.
15552 + * $Id: tty.c,v 1.26 2002/10/18 20:12:12 maxk Exp $
15555 +#include <linux/config.h>
15556 +#include <linux/module.h>
15558 +#include <linux/tty.h>
15559 +#include <linux/tty_driver.h>
15560 +#include <linux/tty_flip.h>
15562 +#include <linux/slab.h>
15563 +#include <linux/skbuff.h>
15565 +#include <net/bluetooth/bluetooth.h>
15566 +#include <net/bluetooth/rfcomm.h>
15568 +#ifndef CONFIG_BLUEZ_RFCOMM_DEBUG
15570 +#define BT_DBG(D...)
15573 +#define RFCOMM_TTY_MAGIC 0x6d02 /* magic number for rfcomm struct */
15574 +#define RFCOMM_TTY_PORTS RFCOMM_MAX_DEV /* whole lotta rfcomm devices */
15575 +#define RFCOMM_TTY_MAJOR 216 /* device node major id of the usb/bluetooth.c driver */
15576 +#define RFCOMM_TTY_MINOR 0
15578 +struct rfcomm_dev {
15579 + struct list_head list;
15584 + unsigned long flags;
15592 + uint modem_status;
15594 + struct rfcomm_dlc *dlc;
15595 + struct tty_struct *tty;
15596 + wait_queue_head_t wait;
15597 + struct tasklet_struct wakeup_task;
15599 + atomic_t wmem_alloc;
15602 +static LIST_HEAD(rfcomm_dev_list);
15603 +static rwlock_t rfcomm_dev_lock = RW_LOCK_UNLOCKED;
15605 +static void rfcomm_dev_data_ready(struct rfcomm_dlc *dlc, struct sk_buff *skb);
15606 +static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err);
15607 +static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig);
15609 +static void rfcomm_tty_wakeup(unsigned long arg);
15611 +/* ---- Device functions ---- */
15612 +static void rfcomm_dev_destruct(struct rfcomm_dev *dev)
15614 + struct rfcomm_dlc *dlc = dev->dlc;
15616 + BT_DBG("dev %p dlc %p", dev, dlc);
15618 + rfcomm_dlc_lock(dlc);
15619 + /* Detach DLC if it's owned by this dev */
15620 + if (dlc->owner == dev)
15621 + dlc->owner = NULL;
15622 + rfcomm_dlc_unlock(dlc);
15624 + rfcomm_dlc_put(dlc);
15627 + MOD_DEC_USE_COUNT;
15630 +static inline void rfcomm_dev_hold(struct rfcomm_dev *dev)
15632 + atomic_inc(&dev->refcnt);
15635 +static inline void rfcomm_dev_put(struct rfcomm_dev *dev)
15637 + /* The reason this isn't actually a race, as you no
15638 + doubt have a little voice screaming at you in your
15639 + head, is that the refcount should never actually
15640 + reach zero unless the device has already been taken
15641 + off the list, in rfcomm_dev_del(). And if that's not
15642 + true, we'll hit the BUG() in rfcomm_dev_destruct()
15644 + if (atomic_dec_and_test(&dev->refcnt))
15645 + rfcomm_dev_destruct(dev);
15648 +static struct rfcomm_dev *__rfcomm_dev_get(int id)
15650 + struct rfcomm_dev *dev;
15651 + struct list_head *p;
15653 + list_for_each(p, &rfcomm_dev_list) {
15654 + dev = list_entry(p, struct rfcomm_dev, list);
15655 + if (dev->id == id)
15662 +static inline struct rfcomm_dev *rfcomm_dev_get(int id)
15664 + struct rfcomm_dev *dev;
15666 + read_lock(&rfcomm_dev_lock);
15668 + dev = __rfcomm_dev_get(id);
15670 + rfcomm_dev_hold(dev);
15672 + read_unlock(&rfcomm_dev_lock);
15677 +static int rfcomm_dev_add(struct rfcomm_dev_req *req, struct rfcomm_dlc *dlc)
15679 + struct rfcomm_dev *dev;
15680 + struct list_head *head = &rfcomm_dev_list, *p;
15683 + BT_DBG("id %d channel %d", req->dev_id, req->channel);
15685 + dev = kmalloc(sizeof(struct rfcomm_dev), GFP_KERNEL);
15688 + memset(dev, 0, sizeof(struct rfcomm_dev));
15690 + write_lock_bh(&rfcomm_dev_lock);
15692 + if (req->dev_id < 0) {
15695 + list_for_each(p, &rfcomm_dev_list) {
15696 + if (list_entry(p, struct rfcomm_dev, list)->id != dev->id)
15703 + dev->id = req->dev_id;
15705 + list_for_each(p, &rfcomm_dev_list) {
15706 + struct rfcomm_dev *entry = list_entry(p, struct rfcomm_dev, list);
15708 + if (entry->id == dev->id) {
15709 + err = -EADDRINUSE;
15713 + if (entry->id > dev->id - 1)
15720 + if ((dev->id < 0) || (dev->id > RFCOMM_MAX_DEV - 1)) {
15725 + sprintf(dev->name, "rfcomm%d", dev->id);
15727 + list_add(&dev->list, head);
15728 + atomic_set(&dev->refcnt, 1);
15730 + bacpy(&dev->src, &req->src);
15731 + bacpy(&dev->dst, &req->dst);
15732 + dev->channel = req->channel;
15734 + dev->flags = req->flags &
15735 + ((1 << RFCOMM_RELEASE_ONHUP) | (1 << RFCOMM_REUSE_DLC));
15737 + init_waitqueue_head(&dev->wait);
15738 + tasklet_init(&dev->wakeup_task, rfcomm_tty_wakeup, (unsigned long) dev);
15740 + rfcomm_dlc_lock(dlc);
15741 + dlc->data_ready = rfcomm_dev_data_ready;
15742 + dlc->state_change = rfcomm_dev_state_change;
15743 + dlc->modem_status = rfcomm_dev_modem_status;
15745 + dlc->owner = dev;
15747 + rfcomm_dlc_unlock(dlc);
15749 + MOD_INC_USE_COUNT;
15752 + write_unlock_bh(&rfcomm_dev_lock);
15761 +static void rfcomm_dev_del(struct rfcomm_dev *dev)
15763 + BT_DBG("dev %p", dev);
15765 + write_lock_bh(&rfcomm_dev_lock);
15766 + list_del_init(&dev->list);
15767 + write_unlock_bh(&rfcomm_dev_lock);
15769 + rfcomm_dev_put(dev);
15772 +/* ---- Send buffer ---- */
15774 +static inline unsigned int rfcomm_room(struct rfcomm_dlc *dlc)
15776 + /* We can't let it be zero, because we don't get a callback
15777 + when tx_credits becomes nonzero, hence we'd never wake up */
15778 + return dlc->mtu * (dlc->tx_credits?:1);
15781 +static void rfcomm_wfree(struct sk_buff *skb)
15783 + struct rfcomm_dev *dev = (void *) skb->sk;
15784 + atomic_sub(skb->truesize, &dev->wmem_alloc);
15785 + if (test_bit(RFCOMM_TTY_ATTACHED, &dev->flags))
15786 + tasklet_schedule(&dev->wakeup_task);
15787 + rfcomm_dev_put(dev);
15790 +static inline void rfcomm_set_owner_w(struct sk_buff *skb, struct rfcomm_dev *dev)
15792 + rfcomm_dev_hold(dev);
15793 + atomic_add(skb->truesize, &dev->wmem_alloc);
15794 + skb->sk = (void *) dev;
15795 + skb->destructor = rfcomm_wfree;
15798 +static struct sk_buff *rfcomm_wmalloc(struct rfcomm_dev *dev, unsigned long size, int force, int priority)
15800 + if (force || atomic_read(&dev->wmem_alloc) < rfcomm_room(dev->dlc)) {
15801 + struct sk_buff *skb = alloc_skb(size, priority);
15803 + rfcomm_set_owner_w(skb, dev);
15810 +/* ---- Device IOCTLs ---- */
15812 +#define NOCAP_FLAGS ((1 << RFCOMM_REUSE_DLC) | (1 << RFCOMM_RELEASE_ONHUP))
15814 +static int rfcomm_create_dev(struct sock *sk, unsigned long arg)
15816 + struct rfcomm_dev_req req;
15817 + struct rfcomm_dlc *dlc;
15820 + if (copy_from_user(&req, (void *) arg, sizeof(req)))
15823 + BT_DBG("sk %p dev_id %id flags 0x%x", sk, req.dev_id, req.flags);
15825 + if (req.flags != NOCAP_FLAGS && !capable(CAP_NET_ADMIN))
15828 + if (req.flags & (1 << RFCOMM_REUSE_DLC)) {
15829 + /* Socket must be connected */
15830 + if (sk->state != BT_CONNECTED)
15833 + dlc = rfcomm_pi(sk)->dlc;
15834 + rfcomm_dlc_hold(dlc);
15836 + dlc = rfcomm_dlc_alloc(GFP_KERNEL);
15841 + id = rfcomm_dev_add(&req, dlc);
15843 + rfcomm_dlc_put(dlc);
15847 + if (req.flags & (1 << RFCOMM_REUSE_DLC)) {
15848 + /* DLC is now used by device.
15849 + * Socket must be disconnected */
15850 + sk->state = BT_CLOSED;
15856 +static int rfcomm_release_dev(unsigned long arg)
15858 + struct rfcomm_dev_req req;
15859 + struct rfcomm_dev *dev;
15861 + if (copy_from_user(&req, (void *) arg, sizeof(req)))
15864 + BT_DBG("dev_id %id flags 0x%x", req.dev_id, req.flags);
15866 + if (!(dev = rfcomm_dev_get(req.dev_id)))
15869 + if (dev->flags != NOCAP_FLAGS && !capable(CAP_NET_ADMIN)) {
15870 + rfcomm_dev_put(dev);
15874 + if (req.flags & (1 << RFCOMM_HANGUP_NOW))
15875 + rfcomm_dlc_close(dev->dlc, 0);
15877 + rfcomm_dev_del(dev);
15878 + rfcomm_dev_put(dev);
15882 +static int rfcomm_get_dev_list(unsigned long arg)
15884 + struct rfcomm_dev_list_req *dl;
15885 + struct rfcomm_dev_info *di;
15886 + struct list_head *p;
15887 + int n = 0, size, err;
15892 + if (get_user(dev_num, (u16 *) arg))
15895 + if (!dev_num || dev_num > (PAGE_SIZE * 4) / sizeof(*di))
15898 + size = sizeof(*dl) + dev_num * sizeof(*di);
15900 + if (!(dl = kmalloc(size, GFP_KERNEL)))
15903 + di = dl->dev_info;
15905 + read_lock_bh(&rfcomm_dev_lock);
15907 + list_for_each(p, &rfcomm_dev_list) {
15908 + struct rfcomm_dev *dev = list_entry(p, struct rfcomm_dev, list);
15909 + (di + n)->id = dev->id;
15910 + (di + n)->flags = dev->flags;
15911 + (di + n)->state = dev->dlc->state;
15912 + (di + n)->channel = dev->channel;
15913 + bacpy(&(di + n)->src, &dev->src);
15914 + bacpy(&(di + n)->dst, &dev->dst);
15915 + if (++n >= dev_num)
15919 + read_unlock_bh(&rfcomm_dev_lock);
15922 + size = sizeof(*dl) + n * sizeof(*di);
15924 + err = copy_to_user((void *) arg, dl, size);
15927 + return err ? -EFAULT : 0;
15930 +static int rfcomm_get_dev_info(unsigned long arg)
15932 + struct rfcomm_dev *dev;
15933 + struct rfcomm_dev_info di;
15938 + if (copy_from_user(&di, (void *)arg, sizeof(di)))
15941 + if (!(dev = rfcomm_dev_get(di.id)))
15944 + di.flags = dev->flags;
15945 + di.channel = dev->channel;
15946 + di.state = dev->dlc->state;
15947 + bacpy(&di.src, &dev->src);
15948 + bacpy(&di.dst, &dev->dst);
15950 + if (copy_to_user((void *)arg, &di, sizeof(di)))
15953 + rfcomm_dev_put(dev);
15957 +int rfcomm_dev_ioctl(struct sock *sk, unsigned int cmd, unsigned long arg)
15959 + BT_DBG("cmd %d arg %ld", cmd, arg);
15962 + case RFCOMMCREATEDEV:
15963 + return rfcomm_create_dev(sk, arg);
15965 + case RFCOMMRELEASEDEV:
15966 + return rfcomm_release_dev(arg);
15968 + case RFCOMMGETDEVLIST:
15969 + return rfcomm_get_dev_list(arg);
15971 + case RFCOMMGETDEVINFO:
15972 + return rfcomm_get_dev_info(arg);
15978 +/* ---- DLC callbacks ---- */
15979 +static void rfcomm_dev_data_ready(struct rfcomm_dlc *dlc, struct sk_buff *skb)
15981 + struct rfcomm_dev *dev = dlc->owner;
15982 + struct tty_struct *tty;
15984 + if (!dev || !(tty = dev->tty)) {
15989 + BT_DBG("dlc %p tty %p len %d", dlc, tty, skb->len);
15991 + if (test_bit(TTY_DONT_FLIP, &tty->flags)) {
15993 + for (i = 0; i < skb->len; i++) {
15994 + if (tty->flip.count >= TTY_FLIPBUF_SIZE)
15995 + tty_flip_buffer_push(tty);
15997 + tty_insert_flip_char(tty, skb->data[i], 0);
15999 + tty_flip_buffer_push(tty);
16001 + tty->ldisc.receive_buf(tty, skb->data, NULL, skb->len);
16006 +static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err)
16008 + struct rfcomm_dev *dev = dlc->owner;
16012 + BT_DBG("dlc %p dev %p err %d", dlc, dev, err);
16015 + wake_up_interruptible(&dev->wait);
16017 + if (dlc->state == BT_CLOSED) {
16019 + if (test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags)) {
16020 + rfcomm_dev_hold(dev);
16021 + rfcomm_dev_del(dev);
16023 + /* We have to drop DLC lock here, otherwise
16024 + rfcomm_dev_put() will dead lock if it's
16025 + the last reference. */
16026 + rfcomm_dlc_unlock(dlc);
16027 + rfcomm_dev_put(dev);
16028 + rfcomm_dlc_lock(dlc);
16031 + tty_hangup(dev->tty);
16035 +static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig)
16037 + struct rfcomm_dev *dev = dlc->owner;
16041 + BT_DBG("dlc %p dev %p v24_sig 0x%02x", dlc, dev, v24_sig);
16043 + dev->modem_status =
16044 + ((v24_sig & RFCOMM_V24_RTC) ? (TIOCM_DSR | TIOCM_DTR) : 0) |
16045 + ((v24_sig & RFCOMM_V24_RTR) ? (TIOCM_RTS | TIOCM_CTS) : 0) |
16046 + ((v24_sig & RFCOMM_V24_IC) ? TIOCM_RI : 0) |
16047 + ((v24_sig & RFCOMM_V24_DV) ? TIOCM_CD : 0);
16050 +/* ---- TTY functions ---- */
16051 +static void rfcomm_tty_wakeup(unsigned long arg)
16053 + struct rfcomm_dev *dev = (void *) arg;
16054 + struct tty_struct *tty = dev->tty;
16058 + BT_DBG("dev %p tty %p", dev, tty);
16060 + if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags) && tty->ldisc.write_wakeup)
16061 + (tty->ldisc.write_wakeup)(tty);
16063 + wake_up_interruptible(&tty->write_wait);
16064 +#ifdef SERIAL_HAVE_POLL_WAIT
16065 + wake_up_interruptible(&tty->poll_wait);
16069 +static int rfcomm_tty_open(struct tty_struct *tty, struct file *filp)
16071 + DECLARE_WAITQUEUE(wait, current);
16072 + struct rfcomm_dev *dev;
16073 + struct rfcomm_dlc *dlc;
16076 + id = MINOR(tty->device) - tty->driver.minor_start;
16078 + BT_DBG("tty %p id %d", tty, id);
16080 + /* We don't leak this refcount. For reasons which are not entirely
16081 + clear, the TTY layer will call our ->close() method even if the
16082 + open fails. We decrease the refcount there, and decreasing it
16083 + here too would cause breakage. */
16084 + dev = rfcomm_dev_get(id);
16088 + BT_DBG("dev %p dst %s channel %d opened %d", dev, batostr(&dev->dst), dev->channel, dev->opened);
16090 + if (dev->opened++ != 0)
16095 + /* Attach TTY and open DLC */
16097 + rfcomm_dlc_lock(dlc);
16098 + tty->driver_data = dev;
16100 + rfcomm_dlc_unlock(dlc);
16101 + set_bit(RFCOMM_TTY_ATTACHED, &dev->flags);
16103 + err = rfcomm_dlc_open(dlc, &dev->src, &dev->dst, dev->channel);
16107 + /* Wait for DLC to connect */
16108 + add_wait_queue(&dev->wait, &wait);
16110 + set_current_state(TASK_INTERRUPTIBLE);
16112 + if (dlc->state == BT_CLOSED) {
16117 + if (dlc->state == BT_CONNECTED)
16120 + if (signal_pending(current)) {
16127 + set_current_state(TASK_RUNNING);
16128 + remove_wait_queue(&dev->wait, &wait);
16133 +static void rfcomm_tty_close(struct tty_struct *tty, struct file *filp)
16135 + struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
16139 + BT_DBG("tty %p dev %p dlc %p opened %d", tty, dev, dev->dlc, dev->opened);
16141 + if (--dev->opened == 0) {
16142 + /* Close DLC and dettach TTY */
16143 + rfcomm_dlc_close(dev->dlc, 0);
16145 + clear_bit(RFCOMM_TTY_ATTACHED, &dev->flags);
16146 + tasklet_kill(&dev->wakeup_task);
16148 + rfcomm_dlc_lock(dev->dlc);
16149 + tty->driver_data = NULL;
16151 + rfcomm_dlc_unlock(dev->dlc);
16154 + rfcomm_dev_put(dev);
16157 +static int rfcomm_tty_write(struct tty_struct *tty, int from_user, const unsigned char *buf, int count)
16159 + struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
16160 + struct rfcomm_dlc *dlc = dev->dlc;
16161 + struct sk_buff *skb;
16162 + int err = 0, sent = 0, size;
16164 + BT_DBG("tty %p from_user %d count %d", tty, from_user, count);
16167 + size = min_t(uint, count, dlc->mtu);
16170 + skb = rfcomm_wmalloc(dev, size + RFCOMM_SKB_RESERVE, 0, GFP_KERNEL);
16172 + skb = rfcomm_wmalloc(dev, size + RFCOMM_SKB_RESERVE, 0, GFP_ATOMIC);
16177 + skb_reserve(skb, RFCOMM_SKB_HEAD_RESERVE);
16180 + copy_from_user(skb_put(skb, size), buf + sent, size);
16182 + memcpy(skb_put(skb, size), buf + sent, size);
16184 + if ((err = rfcomm_dlc_send(dlc, skb)) < 0) {
16193 + return sent ? sent : err;
16196 +static void rfcomm_tty_put_char(struct tty_struct *tty, unsigned char ch)
16198 + struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
16199 + struct rfcomm_dlc *dlc = dev->dlc;
16200 + struct sk_buff *skb;
16202 + BT_DBG("tty %p char %x", tty, ch);
16204 + skb = rfcomm_wmalloc(dev, 1 + RFCOMM_SKB_RESERVE, 1, GFP_ATOMIC);
16209 + skb_reserve(skb, RFCOMM_SKB_HEAD_RESERVE);
16211 + *(char *)skb_put(skb, 1) = ch;
16213 + if ((rfcomm_dlc_send(dlc, skb)) < 0)
16217 +static int rfcomm_tty_write_room(struct tty_struct *tty)
16219 + struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
16222 + BT_DBG("tty %p", tty);
16224 + room = rfcomm_room(dev->dlc) - atomic_read(&dev->wmem_alloc);
16231 +static int rfcomm_tty_set_modem_status(uint cmd, struct rfcomm_dlc *dlc, uint status)
16233 + u8 v24_sig, mask;
16235 + BT_DBG("dlc %p cmd 0x%02x", dlc, cmd);
16237 + if (cmd == TIOCMSET)
16240 + rfcomm_dlc_get_modem_status(dlc, &v24_sig);
16242 + mask = ((status & TIOCM_DSR) ? RFCOMM_V24_RTC : 0) |
16243 + ((status & TIOCM_DTR) ? RFCOMM_V24_RTC : 0) |
16244 + ((status & TIOCM_RTS) ? RFCOMM_V24_RTR : 0) |
16245 + ((status & TIOCM_CTS) ? RFCOMM_V24_RTR : 0) |
16246 + ((status & TIOCM_RI) ? RFCOMM_V24_IC : 0) |
16247 + ((status & TIOCM_CD) ? RFCOMM_V24_DV : 0);
16249 + if (cmd == TIOCMBIC)
16250 + v24_sig &= ~mask;
16254 + rfcomm_dlc_set_modem_status(dlc, v24_sig);
16258 +static int rfcomm_tty_ioctl(struct tty_struct *tty, struct file *filp, unsigned int cmd, unsigned long arg)
16260 + struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
16261 + struct rfcomm_dlc *dlc = dev->dlc;
16265 + BT_DBG("tty %p cmd 0x%02x", tty, cmd);
16269 + BT_DBG("TCGETS is not supported");
16270 + return -ENOIOCTLCMD;
16273 + BT_DBG("TCSETS is not supported");
16274 + return -ENOIOCTLCMD;
16277 + BT_DBG("TIOCMGET");
16279 + return put_user(dev->modem_status, (unsigned int *)arg);
16281 + case TIOCMSET: /* Turns on and off the lines as specified by the mask */
16282 + case TIOCMBIS: /* Turns on the lines as specified by the mask */
16283 + case TIOCMBIC: /* Turns off the lines as specified by the mask */
16284 + if ((err = get_user(status, (unsigned int *)arg)))
16286 + return rfcomm_tty_set_modem_status(cmd, dlc, status);
16289 + BT_DBG("TIOCMIWAIT");
16292 + case TIOCGICOUNT:
16293 + BT_DBG("TIOCGICOUNT");
16296 + case TIOCGSERIAL:
16297 + BT_ERR("TIOCGSERIAL is not supported");
16298 + return -ENOIOCTLCMD;
16300 + case TIOCSSERIAL:
16301 + BT_ERR("TIOCSSERIAL is not supported");
16302 + return -ENOIOCTLCMD;
16304 + case TIOCSERGSTRUCT:
16305 + BT_ERR("TIOCSERGSTRUCT is not supported");
16306 + return -ENOIOCTLCMD;
16308 + case TIOCSERGETLSR:
16309 + BT_ERR("TIOCSERGETLSR is not supported");
16310 + return -ENOIOCTLCMD;
16312 + case TIOCSERCONFIG:
16313 + BT_ERR("TIOCSERCONFIG is not supported");
16314 + return -ENOIOCTLCMD;
16317 + return -ENOIOCTLCMD; /* ioctls which we must ignore */
16321 + return -ENOIOCTLCMD;
16324 +#define RELEVANT_IFLAG(iflag) (iflag & (IGNBRK|BRKINT|IGNPAR|PARMRK|INPCK))
16326 +static void rfcomm_tty_set_termios(struct tty_struct *tty, struct termios *old)
16328 + BT_DBG("tty %p", tty);
16330 + if ((tty->termios->c_cflag == old->c_cflag) &&
16331 + (RELEVANT_IFLAG(tty->termios->c_iflag) == RELEVANT_IFLAG(old->c_iflag)))
16334 + /* handle turning off CRTSCTS */
16335 + if ((old->c_cflag & CRTSCTS) && !(tty->termios->c_cflag & CRTSCTS)) {
16336 + BT_DBG("turning off CRTSCTS");
16340 +static void rfcomm_tty_throttle(struct tty_struct *tty)
16342 + struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
16344 + BT_DBG("tty %p dev %p", tty, dev);
16346 + rfcomm_dlc_throttle(dev->dlc);
16349 +static void rfcomm_tty_unthrottle(struct tty_struct *tty)
16351 + struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
16353 + BT_DBG("tty %p dev %p", tty, dev);
16355 + rfcomm_dlc_unthrottle(dev->dlc);
16358 +static int rfcomm_tty_chars_in_buffer(struct tty_struct *tty)
16360 + struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
16361 + struct rfcomm_dlc *dlc = dev->dlc;
16363 + BT_DBG("tty %p dev %p", tty, dev);
16365 + if (skb_queue_len(&dlc->tx_queue))
16371 +static void rfcomm_tty_flush_buffer(struct tty_struct *tty)
16373 + struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
16377 + BT_DBG("tty %p dev %p", tty, dev);
16379 + skb_queue_purge(&dev->dlc->tx_queue);
16381 + if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags) && tty->ldisc.write_wakeup)
16382 + tty->ldisc.write_wakeup(tty);
16385 +static void rfcomm_tty_send_xchar(struct tty_struct *tty, char ch)
16387 + BT_DBG("tty %p ch %c", tty, ch);
16390 +static void rfcomm_tty_wait_until_sent(struct tty_struct *tty, int timeout)
16392 + BT_DBG("tty %p timeout %d", tty, timeout);
16395 +static void rfcomm_tty_hangup(struct tty_struct *tty)
16397 + struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
16401 + BT_DBG("tty %p dev %p", tty, dev);
16403 + rfcomm_tty_flush_buffer(tty);
16405 + if (test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags))
16406 + rfcomm_dev_del(dev);
16409 +static int rfcomm_tty_read_proc(char *buf, char **start, off_t offset, int len, int *eof, void *unused)
16414 +/* ---- TTY structure ---- */
16415 +static int rfcomm_tty_refcount; /* If we manage several devices */
16417 +static struct tty_struct *rfcomm_tty_table[RFCOMM_TTY_PORTS];
16418 +static struct termios *rfcomm_tty_termios[RFCOMM_TTY_PORTS];
16419 +static struct termios *rfcomm_tty_termios_locked[RFCOMM_TTY_PORTS];
16421 +static struct tty_driver rfcomm_tty_driver = {
16422 + magic: TTY_DRIVER_MAGIC,
16423 + driver_name: "rfcomm",
16424 +#ifdef CONFIG_DEVFS_FS
16425 + name: "bluetooth/rfcomm/%d",
16429 + major: RFCOMM_TTY_MAJOR,
16430 + minor_start: RFCOMM_TTY_MINOR,
16431 + num: RFCOMM_TTY_PORTS,
16432 + type: TTY_DRIVER_TYPE_SERIAL,
16433 + subtype: SERIAL_TYPE_NORMAL,
16434 + flags: TTY_DRIVER_REAL_RAW,
16436 + refcount: &rfcomm_tty_refcount,
16437 + table: rfcomm_tty_table,
16438 + termios: rfcomm_tty_termios,
16439 + termios_locked: rfcomm_tty_termios_locked,
16441 + open: rfcomm_tty_open,
16442 + close: rfcomm_tty_close,
16443 + put_char: rfcomm_tty_put_char,
16444 + write: rfcomm_tty_write,
16445 + write_room: rfcomm_tty_write_room,
16446 + chars_in_buffer: rfcomm_tty_chars_in_buffer,
16447 + flush_buffer: rfcomm_tty_flush_buffer,
16448 + ioctl: rfcomm_tty_ioctl,
16449 + throttle: rfcomm_tty_throttle,
16450 + unthrottle: rfcomm_tty_unthrottle,
16451 + set_termios: rfcomm_tty_set_termios,
16452 + send_xchar: rfcomm_tty_send_xchar,
16455 + hangup: rfcomm_tty_hangup,
16456 + wait_until_sent: rfcomm_tty_wait_until_sent,
16457 + read_proc: rfcomm_tty_read_proc,
16460 +int rfcomm_init_ttys(void)
16464 + /* Initalize our global data */
16465 + for (i = 0; i < RFCOMM_TTY_PORTS; i++)
16466 + rfcomm_tty_table[i] = NULL;
16468 + /* Register the TTY driver */
16469 + rfcomm_tty_driver.init_termios = tty_std_termios;
16470 + rfcomm_tty_driver.init_termios.c_cflag = B9600 | CS8 | CREAD | HUPCL | CLOCAL;
16471 + rfcomm_tty_driver.flags = TTY_DRIVER_REAL_RAW;
16473 + if (tty_register_driver(&rfcomm_tty_driver)) {
16474 + BT_ERR("Can't register RFCOMM TTY driver");
16481 +void rfcomm_cleanup_ttys(void)
16483 + tty_unregister_driver(&rfcomm_tty_driver);
16486 diff -Nur c3000_pre/linux/net/bluetooth/sco.c c3000_work/linux/net/bluetooth/sco.c
16487 --- c3000_pre/linux/net/bluetooth/sco.c 2004-08-21 09:49:19.000000000 +0900
16488 +++ c3000_work/linux/net/bluetooth/sco.c 2004-12-16 23:01:14.000000000 +0900
16489 @@ -332,8 +332,10 @@
16490 BT_DBG("parent %p", parent);
16492 /* Close not yet accepted channels */
16493 - while ((sk = bluez_accept_dequeue(parent, NULL)))
16494 + while ((sk = bluez_accept_dequeue(parent, NULL))) {
16495 sco_sock_close(sk);
16496 + sco_sock_kill(sk);
16499 parent->state = BT_CLOSED;
16500 parent->zapped = 1;
16501 @@ -388,8 +390,6 @@
16506 - sco_sock_kill(sk);
16509 static void sco_sock_init(struct sock *sk, struct sock *parent)
16510 @@ -508,7 +508,8 @@
16511 if ((err = sco_connect(sk)))
16514 - err = bluez_sock_w4_connect(sk, flags);
16515 + err = bluez_sock_wait_state(sk, BT_CONNECTED,
16516 + sock_sndtimeo(sk, flags & O_NONBLOCK));
16520 @@ -678,7 +679,7 @@
16522 opts.mtu = sco_pi(sk)->conn->mtu;
16524 - BT_INFO("mtu %d", opts.mtu);
16525 + BT_DBG("mtu %d", opts.mtu);
16527 len = MIN(len, sizeof(opts));
16528 if (copy_to_user(optval, (char *)&opts, len))
16529 @@ -712,16 +713,23 @@
16530 static int sco_sock_release(struct socket *sock)
16532 struct sock *sk = sock->sk;
16535 BT_DBG("sock %p, sk %p", sock, sk);
16541 sco_sock_close(sk);
16542 + if (sk->linger) {
16544 + err = bluez_sock_wait_state(sk, BT_CLOSED, sk->lingertime);
16545 + release_sock(sk);
16550 + sco_sock_kill(sk);
16554 static void __sco_chan_add(struct sco_conn *conn, struct sock *sk, struct sock *parent)
16555 diff -Nur c3000_pre/linux/net/bluetooth/syms.c c3000_work/linux/net/bluetooth/syms.c
16556 --- c3000_pre/linux/net/bluetooth/syms.c 2004-08-21 09:49:19.000000000 +0900
16557 +++ c3000_work/linux/net/bluetooth/syms.c 2004-12-16 23:01:14.000000000 +0900
16560 EXPORT_SYMBOL(hci_register_dev);
16561 EXPORT_SYMBOL(hci_unregister_dev);
16562 +EXPORT_SYMBOL(hci_suspend_dev);
16563 +EXPORT_SYMBOL(hci_resume_dev);
16565 EXPORT_SYMBOL(hci_register_proto);
16566 EXPORT_SYMBOL(hci_unregister_proto);
16569 EXPORT_SYMBOL(hci_recv_frame);
16570 EXPORT_SYMBOL(hci_send_acl);
16571 EXPORT_SYMBOL(hci_send_sco);
16572 -EXPORT_SYMBOL(hci_send_raw);
16573 +EXPORT_SYMBOL(hci_send_cmd);
16574 EXPORT_SYMBOL(hci_si_event);
16578 EXPORT_SYMBOL(bluez_sock_poll);
16579 EXPORT_SYMBOL(bluez_accept_enqueue);
16580 EXPORT_SYMBOL(bluez_accept_dequeue);
16581 -EXPORT_SYMBOL(bluez_sock_w4_connect);
16582 +EXPORT_SYMBOL(bluez_sock_wait_state);
16583 diff -Nur c3000_pre/linux/net/netsyms.c c3000_work/linux/net/netsyms.c
16584 --- c3000_pre/linux/net/netsyms.c 2004-08-21 09:49:17.000000000 +0900
16585 +++ c3000_work/linux/net/netsyms.c 2004-12-16 23:01:14.000000000 +0900
16586 @@ -168,6 +168,7 @@
16587 EXPORT_SYMBOL(put_cmsg);
16588 EXPORT_SYMBOL(sock_kmalloc);
16589 EXPORT_SYMBOL(sock_kfree_s);
16590 +EXPORT_SYMBOL(sockfd_lookup);
16592 #ifdef CONFIG_FILTER
16593 EXPORT_SYMBOL(sk_run_filter);