2 RFCOMM implementation for Linux Bluetooth stack (BlueZ).
3 Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com>
4 Copyright (C) 2002 Marcel Holtmann <marcel@holtmann.org>
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License version 2 as
8 published by the Free Software Foundation;
10 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
11 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
12 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
13 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
14 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
15 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
17 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
20 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
21 SOFTWARE IS DISCLAIMED.
25 * Bluetooth RFCOMM core.
28 #include <linux/module.h>
29 #include <linux/debugfs.h>
30 #include <linux/kthread.h>
31 #include <asm/unaligned.h>
33 #include <net/bluetooth/bluetooth.h>
34 #include <net/bluetooth/hci_core.h>
35 #include <net/bluetooth/l2cap.h>
36 #include <net/bluetooth/rfcomm.h>
38 #define VERSION "1.11"
40 static bool disable_cfc
;
41 static bool l2cap_ertm
;
42 static int channel_mtu
= -1;
43 static unsigned int l2cap_mtu
= RFCOMM_MAX_L2CAP_MTU
;
45 static struct task_struct
*rfcomm_thread
;
47 static DEFINE_MUTEX(rfcomm_mutex
);
48 #define rfcomm_lock() mutex_lock(&rfcomm_mutex)
49 #define rfcomm_unlock() mutex_unlock(&rfcomm_mutex)
52 static LIST_HEAD(session_list
);
54 static int rfcomm_send_frame(struct rfcomm_session
*s
, u8
*data
, int len
);
55 static int rfcomm_send_sabm(struct rfcomm_session
*s
, u8 dlci
);
56 static int rfcomm_send_disc(struct rfcomm_session
*s
, u8 dlci
);
57 static int rfcomm_queue_disc(struct rfcomm_dlc
*d
);
58 static int rfcomm_send_nsc(struct rfcomm_session
*s
, int cr
, u8 type
);
59 static int rfcomm_send_pn(struct rfcomm_session
*s
, int cr
, struct rfcomm_dlc
*d
);
60 static int rfcomm_send_msc(struct rfcomm_session
*s
, int cr
, u8 dlci
, u8 v24_sig
);
61 static int rfcomm_send_test(struct rfcomm_session
*s
, int cr
, u8
*pattern
, int len
);
62 static int rfcomm_send_credits(struct rfcomm_session
*s
, u8 addr
, u8 credits
);
63 static void rfcomm_make_uih(struct sk_buff
*skb
, u8 addr
);
65 static void rfcomm_process_connect(struct rfcomm_session
*s
);
67 static struct rfcomm_session
*rfcomm_session_create(bdaddr_t
*src
,
71 static struct rfcomm_session
*rfcomm_session_get(bdaddr_t
*src
, bdaddr_t
*dst
);
72 static struct rfcomm_session
*rfcomm_session_del(struct rfcomm_session
*s
);
74 /* ---- RFCOMM frame parsing macros ---- */
75 #define __get_dlci(b) ((b & 0xfc) >> 2)
76 #define __get_channel(b) ((b & 0xf8) >> 3)
77 #define __get_dir(b) ((b & 0x04) >> 2)
78 #define __get_type(b) ((b & 0xef))
80 #define __test_ea(b) ((b & 0x01))
81 #define __test_cr(b) ((b & 0x02))
82 #define __test_pf(b) ((b & 0x10))
84 #define __addr(cr, dlci) (((dlci & 0x3f) << 2) | (cr << 1) | 0x01)
85 #define __ctrl(type, pf) (((type & 0xef) | (pf << 4)))
86 #define __dlci(dir, chn) (((chn & 0x1f) << 1) | dir)
87 #define __srv_channel(dlci) (dlci >> 1)
88 #define __dir(dlci) (dlci & 0x01)
90 #define __len8(len) (((len) << 1) | 1)
91 #define __len16(len) ((len) << 1)
94 #define __mcc_type(cr, type) (((type << 2) | (cr << 1) | 0x01))
95 #define __get_mcc_type(b) ((b & 0xfc) >> 2)
96 #define __get_mcc_len(b) ((b & 0xfe) >> 1)
99 #define __rpn_line_settings(data, stop, parity) ((data & 0x3) | ((stop & 0x1) << 2) | ((parity & 0x7) << 3))
100 #define __get_rpn_data_bits(line) ((line) & 0x3)
101 #define __get_rpn_stop_bits(line) (((line) >> 2) & 0x1)
102 #define __get_rpn_parity(line) (((line) >> 3) & 0x7)
104 static void rfcomm_schedule(void)
108 wake_up_process(rfcomm_thread
);
111 /* ---- RFCOMM FCS computation ---- */
113 /* reversed, 8-bit, poly=0x07 */
114 static unsigned char rfcomm_crc_table
[256] = {
115 0x00, 0x91, 0xe3, 0x72, 0x07, 0x96, 0xe4, 0x75,
116 0x0e, 0x9f, 0xed, 0x7c, 0x09, 0x98, 0xea, 0x7b,
117 0x1c, 0x8d, 0xff, 0x6e, 0x1b, 0x8a, 0xf8, 0x69,
118 0x12, 0x83, 0xf1, 0x60, 0x15, 0x84, 0xf6, 0x67,
120 0x38, 0xa9, 0xdb, 0x4a, 0x3f, 0xae, 0xdc, 0x4d,
121 0x36, 0xa7, 0xd5, 0x44, 0x31, 0xa0, 0xd2, 0x43,
122 0x24, 0xb5, 0xc7, 0x56, 0x23, 0xb2, 0xc0, 0x51,
123 0x2a, 0xbb, 0xc9, 0x58, 0x2d, 0xbc, 0xce, 0x5f,
125 0x70, 0xe1, 0x93, 0x02, 0x77, 0xe6, 0x94, 0x05,
126 0x7e, 0xef, 0x9d, 0x0c, 0x79, 0xe8, 0x9a, 0x0b,
127 0x6c, 0xfd, 0x8f, 0x1e, 0x6b, 0xfa, 0x88, 0x19,
128 0x62, 0xf3, 0x81, 0x10, 0x65, 0xf4, 0x86, 0x17,
130 0x48, 0xd9, 0xab, 0x3a, 0x4f, 0xde, 0xac, 0x3d,
131 0x46, 0xd7, 0xa5, 0x34, 0x41, 0xd0, 0xa2, 0x33,
132 0x54, 0xc5, 0xb7, 0x26, 0x53, 0xc2, 0xb0, 0x21,
133 0x5a, 0xcb, 0xb9, 0x28, 0x5d, 0xcc, 0xbe, 0x2f,
135 0xe0, 0x71, 0x03, 0x92, 0xe7, 0x76, 0x04, 0x95,
136 0xee, 0x7f, 0x0d, 0x9c, 0xe9, 0x78, 0x0a, 0x9b,
137 0xfc, 0x6d, 0x1f, 0x8e, 0xfb, 0x6a, 0x18, 0x89,
138 0xf2, 0x63, 0x11, 0x80, 0xf5, 0x64, 0x16, 0x87,
140 0xd8, 0x49, 0x3b, 0xaa, 0xdf, 0x4e, 0x3c, 0xad,
141 0xd6, 0x47, 0x35, 0xa4, 0xd1, 0x40, 0x32, 0xa3,
142 0xc4, 0x55, 0x27, 0xb6, 0xc3, 0x52, 0x20, 0xb1,
143 0xca, 0x5b, 0x29, 0xb8, 0xcd, 0x5c, 0x2e, 0xbf,
145 0x90, 0x01, 0x73, 0xe2, 0x97, 0x06, 0x74, 0xe5,
146 0x9e, 0x0f, 0x7d, 0xec, 0x99, 0x08, 0x7a, 0xeb,
147 0x8c, 0x1d, 0x6f, 0xfe, 0x8b, 0x1a, 0x68, 0xf9,
148 0x82, 0x13, 0x61, 0xf0, 0x85, 0x14, 0x66, 0xf7,
150 0xa8, 0x39, 0x4b, 0xda, 0xaf, 0x3e, 0x4c, 0xdd,
151 0xa6, 0x37, 0x45, 0xd4, 0xa1, 0x30, 0x42, 0xd3,
152 0xb4, 0x25, 0x57, 0xc6, 0xb3, 0x22, 0x50, 0xc1,
153 0xba, 0x2b, 0x59, 0xc8, 0xbd, 0x2c, 0x5e, 0xcf
157 #define __crc(data) (rfcomm_crc_table[rfcomm_crc_table[0xff ^ data[0]] ^ data[1]])
160 static inline u8
__fcs(u8
*data
)
162 return 0xff - __crc(data
);
166 static inline u8
__fcs2(u8
*data
)
168 return 0xff - rfcomm_crc_table
[__crc(data
) ^ data
[2]];
172 static inline int __check_fcs(u8
*data
, int type
, u8 fcs
)
176 if (type
!= RFCOMM_UIH
)
177 f
= rfcomm_crc_table
[f
^ data
[2]];
179 return rfcomm_crc_table
[f
^ fcs
] != 0xcf;
182 /* ---- L2CAP callbacks ---- */
183 static void rfcomm_l2state_change(struct sock
*sk
)
185 BT_DBG("%p state %d", sk
, sk
->sk_state
);
189 static void rfcomm_l2data_ready(struct sock
*sk
, int bytes
)
191 BT_DBG("%p bytes %d", sk
, bytes
);
195 static int rfcomm_l2sock_create(struct socket
**sock
)
201 err
= sock_create_kern(PF_BLUETOOTH
, SOCK_SEQPACKET
, BTPROTO_L2CAP
, sock
);
203 struct sock
*sk
= (*sock
)->sk
;
204 sk
->sk_data_ready
= rfcomm_l2data_ready
;
205 sk
->sk_state_change
= rfcomm_l2state_change
;
210 static int rfcomm_check_security(struct rfcomm_dlc
*d
)
212 struct sock
*sk
= d
->session
->sock
->sk
;
213 struct l2cap_conn
*conn
= l2cap_pi(sk
)->chan
->conn
;
217 switch (d
->sec_level
) {
218 case BT_SECURITY_HIGH
:
219 case BT_SECURITY_FIPS
:
220 auth_type
= HCI_AT_GENERAL_BONDING_MITM
;
222 case BT_SECURITY_MEDIUM
:
223 auth_type
= HCI_AT_GENERAL_BONDING
;
226 auth_type
= HCI_AT_NO_BONDING
;
230 return hci_conn_security(conn
->hcon
, d
->sec_level
, auth_type
);
233 static void rfcomm_session_timeout(unsigned long arg
)
235 struct rfcomm_session
*s
= (void *) arg
;
237 BT_DBG("session %p state %ld", s
, s
->state
);
239 set_bit(RFCOMM_TIMED_OUT
, &s
->flags
);
243 static void rfcomm_session_set_timer(struct rfcomm_session
*s
, long timeout
)
245 BT_DBG("session %p state %ld timeout %ld", s
, s
->state
, timeout
);
247 mod_timer(&s
->timer
, jiffies
+ timeout
);
250 static void rfcomm_session_clear_timer(struct rfcomm_session
*s
)
252 BT_DBG("session %p state %ld", s
, s
->state
);
254 del_timer_sync(&s
->timer
);
257 /* ---- RFCOMM DLCs ---- */
258 static void rfcomm_dlc_timeout(unsigned long arg
)
260 struct rfcomm_dlc
*d
= (void *) arg
;
262 BT_DBG("dlc %p state %ld", d
, d
->state
);
264 set_bit(RFCOMM_TIMED_OUT
, &d
->flags
);
269 static void rfcomm_dlc_set_timer(struct rfcomm_dlc
*d
, long timeout
)
271 BT_DBG("dlc %p state %ld timeout %ld", d
, d
->state
, timeout
);
273 if (!mod_timer(&d
->timer
, jiffies
+ timeout
))
277 static void rfcomm_dlc_clear_timer(struct rfcomm_dlc
*d
)
279 BT_DBG("dlc %p state %ld", d
, d
->state
);
281 if (del_timer(&d
->timer
))
285 static void rfcomm_dlc_clear_state(struct rfcomm_dlc
*d
)
292 d
->sec_level
= BT_SECURITY_LOW
;
293 d
->mtu
= RFCOMM_DEFAULT_MTU
;
294 d
->v24_sig
= RFCOMM_V24_RTC
| RFCOMM_V24_RTR
| RFCOMM_V24_DV
;
296 d
->cfc
= RFCOMM_CFC_DISABLED
;
297 d
->rx_credits
= RFCOMM_DEFAULT_CREDITS
;
300 struct rfcomm_dlc
*rfcomm_dlc_alloc(gfp_t prio
)
302 struct rfcomm_dlc
*d
= kzalloc(sizeof(*d
), prio
);
307 setup_timer(&d
->timer
, rfcomm_dlc_timeout
, (unsigned long)d
);
309 skb_queue_head_init(&d
->tx_queue
);
310 spin_lock_init(&d
->lock
);
311 atomic_set(&d
->refcnt
, 1);
313 rfcomm_dlc_clear_state(d
);
320 void rfcomm_dlc_free(struct rfcomm_dlc
*d
)
324 skb_queue_purge(&d
->tx_queue
);
328 static void rfcomm_dlc_link(struct rfcomm_session
*s
, struct rfcomm_dlc
*d
)
330 BT_DBG("dlc %p session %p", d
, s
);
332 rfcomm_session_clear_timer(s
);
334 list_add(&d
->list
, &s
->dlcs
);
338 static void rfcomm_dlc_unlink(struct rfcomm_dlc
*d
)
340 struct rfcomm_session
*s
= d
->session
;
342 BT_DBG("dlc %p refcnt %d session %p", d
, atomic_read(&d
->refcnt
), s
);
348 if (list_empty(&s
->dlcs
))
349 rfcomm_session_set_timer(s
, RFCOMM_IDLE_TIMEOUT
);
352 static struct rfcomm_dlc
*rfcomm_dlc_get(struct rfcomm_session
*s
, u8 dlci
)
354 struct rfcomm_dlc
*d
;
356 list_for_each_entry(d
, &s
->dlcs
, list
)
363 static int rfcomm_check_channel(u8 channel
)
365 return channel
< 1 || channel
> 30;
368 static int __rfcomm_dlc_open(struct rfcomm_dlc
*d
, bdaddr_t
*src
, bdaddr_t
*dst
, u8 channel
)
370 struct rfcomm_session
*s
;
374 BT_DBG("dlc %p state %ld %pMR -> %pMR channel %d",
375 d
, d
->state
, src
, dst
, channel
);
377 if (rfcomm_check_channel(channel
))
380 if (d
->state
!= BT_OPEN
&& d
->state
!= BT_CLOSED
)
383 s
= rfcomm_session_get(src
, dst
);
385 s
= rfcomm_session_create(src
, dst
, d
->sec_level
, &err
);
390 dlci
= __dlci(!s
->initiator
, channel
);
392 /* Check if DLCI already exists */
393 if (rfcomm_dlc_get(s
, dlci
))
396 rfcomm_dlc_clear_state(d
);
399 d
->addr
= __addr(s
->initiator
, dlci
);
402 d
->state
= BT_CONFIG
;
403 rfcomm_dlc_link(s
, d
);
408 d
->cfc
= (s
->cfc
== RFCOMM_CFC_UNKNOWN
) ? 0 : s
->cfc
;
410 if (s
->state
== BT_CONNECTED
) {
411 if (rfcomm_check_security(d
))
412 rfcomm_send_pn(s
, 1, d
);
414 set_bit(RFCOMM_AUTH_PENDING
, &d
->flags
);
417 rfcomm_dlc_set_timer(d
, RFCOMM_CONN_TIMEOUT
);
422 int rfcomm_dlc_open(struct rfcomm_dlc
*d
, bdaddr_t
*src
, bdaddr_t
*dst
, u8 channel
)
428 r
= __rfcomm_dlc_open(d
, src
, dst
, channel
);
434 static void __rfcomm_dlc_disconn(struct rfcomm_dlc
*d
)
436 struct rfcomm_session
*s
= d
->session
;
438 d
->state
= BT_DISCONN
;
439 if (skb_queue_empty(&d
->tx_queue
)) {
440 rfcomm_send_disc(s
, d
->dlci
);
441 rfcomm_dlc_set_timer(d
, RFCOMM_DISC_TIMEOUT
);
443 rfcomm_queue_disc(d
);
444 rfcomm_dlc_set_timer(d
, RFCOMM_DISC_TIMEOUT
* 2);
448 static int __rfcomm_dlc_close(struct rfcomm_dlc
*d
, int err
)
450 struct rfcomm_session
*s
= d
->session
;
454 BT_DBG("dlc %p state %ld dlci %d err %d session %p",
455 d
, d
->state
, d
->dlci
, err
, s
);
462 if (test_and_clear_bit(RFCOMM_DEFER_SETUP
, &d
->flags
)) {
463 set_bit(RFCOMM_AUTH_REJECT
, &d
->flags
);
472 __rfcomm_dlc_disconn(d
);
476 if (s
->state
!= BT_BOUND
) {
477 __rfcomm_dlc_disconn(d
);
480 /* if closing a dlc in a session that hasn't been started,
481 * just close and unlink the dlc
485 rfcomm_dlc_clear_timer(d
);
488 d
->state
= BT_CLOSED
;
489 d
->state_change(d
, err
);
490 rfcomm_dlc_unlock(d
);
492 skb_queue_purge(&d
->tx_queue
);
493 rfcomm_dlc_unlink(d
);
499 int rfcomm_dlc_close(struct rfcomm_dlc
*d
, int err
)
502 struct rfcomm_dlc
*d_list
;
503 struct rfcomm_session
*s
, *s_list
;
505 BT_DBG("dlc %p state %ld dlci %d err %d", d
, d
->state
, d
->dlci
, err
);
513 /* after waiting on the mutex check the session still exists
514 * then check the dlc still exists
516 list_for_each_entry(s_list
, &session_list
, list
) {
518 list_for_each_entry(d_list
, &s
->dlcs
, list
) {
520 r
= __rfcomm_dlc_close(d
, err
);
533 struct rfcomm_dlc
*rfcomm_dlc_exists(bdaddr_t
*src
, bdaddr_t
*dst
, u8 channel
)
535 struct rfcomm_session
*s
;
536 struct rfcomm_dlc
*dlc
= NULL
;
539 if (rfcomm_check_channel(channel
))
540 return ERR_PTR(-EINVAL
);
543 s
= rfcomm_session_get(src
, dst
);
545 dlci
= __dlci(!s
->initiator
, channel
);
546 dlc
= rfcomm_dlc_get(s
, dlci
);
552 int rfcomm_dlc_send(struct rfcomm_dlc
*d
, struct sk_buff
*skb
)
556 if (d
->state
!= BT_CONNECTED
)
559 BT_DBG("dlc %p mtu %d len %d", d
, d
->mtu
, len
);
564 rfcomm_make_uih(skb
, d
->addr
);
565 skb_queue_tail(&d
->tx_queue
, skb
);
567 if (!test_bit(RFCOMM_TX_THROTTLED
, &d
->flags
))
572 void __rfcomm_dlc_throttle(struct rfcomm_dlc
*d
)
574 BT_DBG("dlc %p state %ld", d
, d
->state
);
577 d
->v24_sig
|= RFCOMM_V24_FC
;
578 set_bit(RFCOMM_MSC_PENDING
, &d
->flags
);
583 void __rfcomm_dlc_unthrottle(struct rfcomm_dlc
*d
)
585 BT_DBG("dlc %p state %ld", d
, d
->state
);
588 d
->v24_sig
&= ~RFCOMM_V24_FC
;
589 set_bit(RFCOMM_MSC_PENDING
, &d
->flags
);
595 Set/get modem status functions use _local_ status i.e. what we report
597 Remote status is provided by dlc->modem_status() callback.
599 int rfcomm_dlc_set_modem_status(struct rfcomm_dlc
*d
, u8 v24_sig
)
601 BT_DBG("dlc %p state %ld v24_sig 0x%x",
602 d
, d
->state
, v24_sig
);
604 if (test_bit(RFCOMM_RX_THROTTLED
, &d
->flags
))
605 v24_sig
|= RFCOMM_V24_FC
;
607 v24_sig
&= ~RFCOMM_V24_FC
;
609 d
->v24_sig
= v24_sig
;
611 if (!test_and_set_bit(RFCOMM_MSC_PENDING
, &d
->flags
))
617 int rfcomm_dlc_get_modem_status(struct rfcomm_dlc
*d
, u8
*v24_sig
)
619 BT_DBG("dlc %p state %ld v24_sig 0x%x",
620 d
, d
->state
, d
->v24_sig
);
622 *v24_sig
= d
->v24_sig
;
626 /* ---- RFCOMM sessions ---- */
627 static struct rfcomm_session
*rfcomm_session_add(struct socket
*sock
, int state
)
629 struct rfcomm_session
*s
= kzalloc(sizeof(*s
), GFP_KERNEL
);
634 BT_DBG("session %p sock %p", s
, sock
);
636 setup_timer(&s
->timer
, rfcomm_session_timeout
, (unsigned long) s
);
638 INIT_LIST_HEAD(&s
->dlcs
);
642 s
->mtu
= RFCOMM_DEFAULT_MTU
;
643 s
->cfc
= disable_cfc
? RFCOMM_CFC_DISABLED
: RFCOMM_CFC_UNKNOWN
;
645 /* Do not increment module usage count for listening sessions.
646 * Otherwise we won't be able to unload the module. */
647 if (state
!= BT_LISTEN
)
648 if (!try_module_get(THIS_MODULE
)) {
653 list_add(&s
->list
, &session_list
);
658 static struct rfcomm_session
*rfcomm_session_del(struct rfcomm_session
*s
)
660 int state
= s
->state
;
662 BT_DBG("session %p state %ld", s
, s
->state
);
666 rfcomm_session_clear_timer(s
);
667 sock_release(s
->sock
);
670 if (state
!= BT_LISTEN
)
671 module_put(THIS_MODULE
);
676 static struct rfcomm_session
*rfcomm_session_get(bdaddr_t
*src
, bdaddr_t
*dst
)
678 struct rfcomm_session
*s
;
679 struct list_head
*p
, *n
;
680 struct l2cap_chan
*chan
;
681 list_for_each_safe(p
, n
, &session_list
) {
682 s
= list_entry(p
, struct rfcomm_session
, list
);
683 chan
= l2cap_pi(s
->sock
->sk
)->chan
;
685 if ((!bacmp(src
, BDADDR_ANY
) || !bacmp(&chan
->src
, src
)) &&
686 !bacmp(&chan
->dst
, dst
))
692 static struct rfcomm_session
*rfcomm_session_close(struct rfcomm_session
*s
,
695 struct rfcomm_dlc
*d
;
696 struct list_head
*p
, *n
;
698 s
->state
= BT_CLOSED
;
700 BT_DBG("session %p state %ld err %d", s
, s
->state
, err
);
703 list_for_each_safe(p
, n
, &s
->dlcs
) {
704 d
= list_entry(p
, struct rfcomm_dlc
, list
);
705 d
->state
= BT_CLOSED
;
706 __rfcomm_dlc_close(d
, err
);
709 rfcomm_session_clear_timer(s
);
710 return rfcomm_session_del(s
);
713 static struct rfcomm_session
*rfcomm_session_create(bdaddr_t
*src
,
718 struct rfcomm_session
*s
= NULL
;
719 struct sockaddr_l2 addr
;
723 BT_DBG("%pMR -> %pMR", src
, dst
);
725 *err
= rfcomm_l2sock_create(&sock
);
729 bacpy(&addr
.l2_bdaddr
, src
);
730 addr
.l2_family
= AF_BLUETOOTH
;
733 addr
.l2_bdaddr_type
= BDADDR_BREDR
;
734 *err
= kernel_bind(sock
, (struct sockaddr
*) &addr
, sizeof(addr
));
738 /* Set L2CAP options */
741 l2cap_pi(sk
)->chan
->imtu
= l2cap_mtu
;
742 l2cap_pi(sk
)->chan
->sec_level
= sec_level
;
744 l2cap_pi(sk
)->chan
->mode
= L2CAP_MODE_ERTM
;
747 s
= rfcomm_session_add(sock
, BT_BOUND
);
755 bacpy(&addr
.l2_bdaddr
, dst
);
756 addr
.l2_family
= AF_BLUETOOTH
;
757 addr
.l2_psm
= __constant_cpu_to_le16(RFCOMM_PSM
);
759 addr
.l2_bdaddr_type
= BDADDR_BREDR
;
760 *err
= kernel_connect(sock
, (struct sockaddr
*) &addr
, sizeof(addr
), O_NONBLOCK
);
761 if (*err
== 0 || *err
== -EINPROGRESS
)
764 return rfcomm_session_del(s
);
771 void rfcomm_session_getaddr(struct rfcomm_session
*s
, bdaddr_t
*src
, bdaddr_t
*dst
)
773 struct l2cap_chan
*chan
= l2cap_pi(s
->sock
->sk
)->chan
;
775 bacpy(src
, &chan
->src
);
777 bacpy(dst
, &chan
->dst
);
780 /* ---- RFCOMM frame sending ---- */
781 static int rfcomm_send_frame(struct rfcomm_session
*s
, u8
*data
, int len
)
783 struct kvec iv
= { data
, len
};
786 BT_DBG("session %p len %d", s
, len
);
788 memset(&msg
, 0, sizeof(msg
));
790 return kernel_sendmsg(s
->sock
, &msg
, &iv
, 1, len
);
793 static int rfcomm_send_cmd(struct rfcomm_session
*s
, struct rfcomm_cmd
*cmd
)
795 BT_DBG("%p cmd %u", s
, cmd
->ctrl
);
797 return rfcomm_send_frame(s
, (void *) cmd
, sizeof(*cmd
));
800 static int rfcomm_send_sabm(struct rfcomm_session
*s
, u8 dlci
)
802 struct rfcomm_cmd cmd
;
804 BT_DBG("%p dlci %d", s
, dlci
);
806 cmd
.addr
= __addr(s
->initiator
, dlci
);
807 cmd
.ctrl
= __ctrl(RFCOMM_SABM
, 1);
809 cmd
.fcs
= __fcs2((u8
*) &cmd
);
811 return rfcomm_send_cmd(s
, &cmd
);
814 static int rfcomm_send_ua(struct rfcomm_session
*s
, u8 dlci
)
816 struct rfcomm_cmd cmd
;
818 BT_DBG("%p dlci %d", s
, dlci
);
820 cmd
.addr
= __addr(!s
->initiator
, dlci
);
821 cmd
.ctrl
= __ctrl(RFCOMM_UA
, 1);
823 cmd
.fcs
= __fcs2((u8
*) &cmd
);
825 return rfcomm_send_cmd(s
, &cmd
);
828 static int rfcomm_send_disc(struct rfcomm_session
*s
, u8 dlci
)
830 struct rfcomm_cmd cmd
;
832 BT_DBG("%p dlci %d", s
, dlci
);
834 cmd
.addr
= __addr(s
->initiator
, dlci
);
835 cmd
.ctrl
= __ctrl(RFCOMM_DISC
, 1);
837 cmd
.fcs
= __fcs2((u8
*) &cmd
);
839 return rfcomm_send_cmd(s
, &cmd
);
842 static int rfcomm_queue_disc(struct rfcomm_dlc
*d
)
844 struct rfcomm_cmd
*cmd
;
847 BT_DBG("dlc %p dlci %d", d
, d
->dlci
);
849 skb
= alloc_skb(sizeof(*cmd
), GFP_KERNEL
);
853 cmd
= (void *) __skb_put(skb
, sizeof(*cmd
));
855 cmd
->ctrl
= __ctrl(RFCOMM_DISC
, 1);
856 cmd
->len
= __len8(0);
857 cmd
->fcs
= __fcs2((u8
*) cmd
);
859 skb_queue_tail(&d
->tx_queue
, skb
);
864 static int rfcomm_send_dm(struct rfcomm_session
*s
, u8 dlci
)
866 struct rfcomm_cmd cmd
;
868 BT_DBG("%p dlci %d", s
, dlci
);
870 cmd
.addr
= __addr(!s
->initiator
, dlci
);
871 cmd
.ctrl
= __ctrl(RFCOMM_DM
, 1);
873 cmd
.fcs
= __fcs2((u8
*) &cmd
);
875 return rfcomm_send_cmd(s
, &cmd
);
878 static int rfcomm_send_nsc(struct rfcomm_session
*s
, int cr
, u8 type
)
880 struct rfcomm_hdr
*hdr
;
881 struct rfcomm_mcc
*mcc
;
882 u8 buf
[16], *ptr
= buf
;
884 BT_DBG("%p cr %d type %d", s
, cr
, type
);
886 hdr
= (void *) ptr
; ptr
+= sizeof(*hdr
);
887 hdr
->addr
= __addr(s
->initiator
, 0);
888 hdr
->ctrl
= __ctrl(RFCOMM_UIH
, 0);
889 hdr
->len
= __len8(sizeof(*mcc
) + 1);
891 mcc
= (void *) ptr
; ptr
+= sizeof(*mcc
);
892 mcc
->type
= __mcc_type(cr
, RFCOMM_NSC
);
893 mcc
->len
= __len8(1);
895 /* Type that we didn't like */
896 *ptr
= __mcc_type(cr
, type
); ptr
++;
898 *ptr
= __fcs(buf
); ptr
++;
900 return rfcomm_send_frame(s
, buf
, ptr
- buf
);
903 static int rfcomm_send_pn(struct rfcomm_session
*s
, int cr
, struct rfcomm_dlc
*d
)
905 struct rfcomm_hdr
*hdr
;
906 struct rfcomm_mcc
*mcc
;
907 struct rfcomm_pn
*pn
;
908 u8 buf
[16], *ptr
= buf
;
910 BT_DBG("%p cr %d dlci %d mtu %d", s
, cr
, d
->dlci
, d
->mtu
);
912 hdr
= (void *) ptr
; ptr
+= sizeof(*hdr
);
913 hdr
->addr
= __addr(s
->initiator
, 0);
914 hdr
->ctrl
= __ctrl(RFCOMM_UIH
, 0);
915 hdr
->len
= __len8(sizeof(*mcc
) + sizeof(*pn
));
917 mcc
= (void *) ptr
; ptr
+= sizeof(*mcc
);
918 mcc
->type
= __mcc_type(cr
, RFCOMM_PN
);
919 mcc
->len
= __len8(sizeof(*pn
));
921 pn
= (void *) ptr
; ptr
+= sizeof(*pn
);
923 pn
->priority
= d
->priority
;
928 pn
->flow_ctrl
= cr
? 0xf0 : 0xe0;
929 pn
->credits
= RFCOMM_DEFAULT_CREDITS
;
935 if (cr
&& channel_mtu
>= 0)
936 pn
->mtu
= cpu_to_le16(channel_mtu
);
938 pn
->mtu
= cpu_to_le16(d
->mtu
);
940 *ptr
= __fcs(buf
); ptr
++;
942 return rfcomm_send_frame(s
, buf
, ptr
- buf
);
945 int rfcomm_send_rpn(struct rfcomm_session
*s
, int cr
, u8 dlci
,
946 u8 bit_rate
, u8 data_bits
, u8 stop_bits
,
947 u8 parity
, u8 flow_ctrl_settings
,
948 u8 xon_char
, u8 xoff_char
, u16 param_mask
)
950 struct rfcomm_hdr
*hdr
;
951 struct rfcomm_mcc
*mcc
;
952 struct rfcomm_rpn
*rpn
;
953 u8 buf
[16], *ptr
= buf
;
955 BT_DBG("%p cr %d dlci %d bit_r 0x%x data_b 0x%x stop_b 0x%x parity 0x%x"
956 " flwc_s 0x%x xon_c 0x%x xoff_c 0x%x p_mask 0x%x",
957 s
, cr
, dlci
, bit_rate
, data_bits
, stop_bits
, parity
,
958 flow_ctrl_settings
, xon_char
, xoff_char
, param_mask
);
960 hdr
= (void *) ptr
; ptr
+= sizeof(*hdr
);
961 hdr
->addr
= __addr(s
->initiator
, 0);
962 hdr
->ctrl
= __ctrl(RFCOMM_UIH
, 0);
963 hdr
->len
= __len8(sizeof(*mcc
) + sizeof(*rpn
));
965 mcc
= (void *) ptr
; ptr
+= sizeof(*mcc
);
966 mcc
->type
= __mcc_type(cr
, RFCOMM_RPN
);
967 mcc
->len
= __len8(sizeof(*rpn
));
969 rpn
= (void *) ptr
; ptr
+= sizeof(*rpn
);
970 rpn
->dlci
= __addr(1, dlci
);
971 rpn
->bit_rate
= bit_rate
;
972 rpn
->line_settings
= __rpn_line_settings(data_bits
, stop_bits
, parity
);
973 rpn
->flow_ctrl
= flow_ctrl_settings
;
974 rpn
->xon_char
= xon_char
;
975 rpn
->xoff_char
= xoff_char
;
976 rpn
->param_mask
= cpu_to_le16(param_mask
);
978 *ptr
= __fcs(buf
); ptr
++;
980 return rfcomm_send_frame(s
, buf
, ptr
- buf
);
983 static int rfcomm_send_rls(struct rfcomm_session
*s
, int cr
, u8 dlci
, u8 status
)
985 struct rfcomm_hdr
*hdr
;
986 struct rfcomm_mcc
*mcc
;
987 struct rfcomm_rls
*rls
;
988 u8 buf
[16], *ptr
= buf
;
990 BT_DBG("%p cr %d status 0x%x", s
, cr
, status
);
992 hdr
= (void *) ptr
; ptr
+= sizeof(*hdr
);
993 hdr
->addr
= __addr(s
->initiator
, 0);
994 hdr
->ctrl
= __ctrl(RFCOMM_UIH
, 0);
995 hdr
->len
= __len8(sizeof(*mcc
) + sizeof(*rls
));
997 mcc
= (void *) ptr
; ptr
+= sizeof(*mcc
);
998 mcc
->type
= __mcc_type(cr
, RFCOMM_RLS
);
999 mcc
->len
= __len8(sizeof(*rls
));
1001 rls
= (void *) ptr
; ptr
+= sizeof(*rls
);
1002 rls
->dlci
= __addr(1, dlci
);
1003 rls
->status
= status
;
1005 *ptr
= __fcs(buf
); ptr
++;
1007 return rfcomm_send_frame(s
, buf
, ptr
- buf
);
1010 static int rfcomm_send_msc(struct rfcomm_session
*s
, int cr
, u8 dlci
, u8 v24_sig
)
1012 struct rfcomm_hdr
*hdr
;
1013 struct rfcomm_mcc
*mcc
;
1014 struct rfcomm_msc
*msc
;
1015 u8 buf
[16], *ptr
= buf
;
1017 BT_DBG("%p cr %d v24 0x%x", s
, cr
, v24_sig
);
1019 hdr
= (void *) ptr
; ptr
+= sizeof(*hdr
);
1020 hdr
->addr
= __addr(s
->initiator
, 0);
1021 hdr
->ctrl
= __ctrl(RFCOMM_UIH
, 0);
1022 hdr
->len
= __len8(sizeof(*mcc
) + sizeof(*msc
));
1024 mcc
= (void *) ptr
; ptr
+= sizeof(*mcc
);
1025 mcc
->type
= __mcc_type(cr
, RFCOMM_MSC
);
1026 mcc
->len
= __len8(sizeof(*msc
));
1028 msc
= (void *) ptr
; ptr
+= sizeof(*msc
);
1029 msc
->dlci
= __addr(1, dlci
);
1030 msc
->v24_sig
= v24_sig
| 0x01;
1032 *ptr
= __fcs(buf
); ptr
++;
1034 return rfcomm_send_frame(s
, buf
, ptr
- buf
);
1037 static int rfcomm_send_fcoff(struct rfcomm_session
*s
, int cr
)
1039 struct rfcomm_hdr
*hdr
;
1040 struct rfcomm_mcc
*mcc
;
1041 u8 buf
[16], *ptr
= buf
;
1043 BT_DBG("%p cr %d", s
, cr
);
1045 hdr
= (void *) ptr
; ptr
+= sizeof(*hdr
);
1046 hdr
->addr
= __addr(s
->initiator
, 0);
1047 hdr
->ctrl
= __ctrl(RFCOMM_UIH
, 0);
1048 hdr
->len
= __len8(sizeof(*mcc
));
1050 mcc
= (void *) ptr
; ptr
+= sizeof(*mcc
);
1051 mcc
->type
= __mcc_type(cr
, RFCOMM_FCOFF
);
1052 mcc
->len
= __len8(0);
1054 *ptr
= __fcs(buf
); ptr
++;
1056 return rfcomm_send_frame(s
, buf
, ptr
- buf
);
1059 static int rfcomm_send_fcon(struct rfcomm_session
*s
, int cr
)
1061 struct rfcomm_hdr
*hdr
;
1062 struct rfcomm_mcc
*mcc
;
1063 u8 buf
[16], *ptr
= buf
;
1065 BT_DBG("%p cr %d", s
, cr
);
1067 hdr
= (void *) ptr
; ptr
+= sizeof(*hdr
);
1068 hdr
->addr
= __addr(s
->initiator
, 0);
1069 hdr
->ctrl
= __ctrl(RFCOMM_UIH
, 0);
1070 hdr
->len
= __len8(sizeof(*mcc
));
1072 mcc
= (void *) ptr
; ptr
+= sizeof(*mcc
);
1073 mcc
->type
= __mcc_type(cr
, RFCOMM_FCON
);
1074 mcc
->len
= __len8(0);
1076 *ptr
= __fcs(buf
); ptr
++;
1078 return rfcomm_send_frame(s
, buf
, ptr
- buf
);
1081 static int rfcomm_send_test(struct rfcomm_session
*s
, int cr
, u8
*pattern
, int len
)
1083 struct socket
*sock
= s
->sock
;
1086 unsigned char hdr
[5], crc
[1];
1091 BT_DBG("%p cr %d", s
, cr
);
1093 hdr
[0] = __addr(s
->initiator
, 0);
1094 hdr
[1] = __ctrl(RFCOMM_UIH
, 0);
1095 hdr
[2] = 0x01 | ((len
+ 2) << 1);
1096 hdr
[3] = 0x01 | ((cr
& 0x01) << 1) | (RFCOMM_TEST
<< 2);
1097 hdr
[4] = 0x01 | (len
<< 1);
1099 crc
[0] = __fcs(hdr
);
1101 iv
[0].iov_base
= hdr
;
1103 iv
[1].iov_base
= pattern
;
1104 iv
[1].iov_len
= len
;
1105 iv
[2].iov_base
= crc
;
1108 memset(&msg
, 0, sizeof(msg
));
1110 return kernel_sendmsg(sock
, &msg
, iv
, 3, 6 + len
);
1113 static int rfcomm_send_credits(struct rfcomm_session
*s
, u8 addr
, u8 credits
)
1115 struct rfcomm_hdr
*hdr
;
1116 u8 buf
[16], *ptr
= buf
;
1118 BT_DBG("%p addr %d credits %d", s
, addr
, credits
);
1120 hdr
= (void *) ptr
; ptr
+= sizeof(*hdr
);
1122 hdr
->ctrl
= __ctrl(RFCOMM_UIH
, 1);
1123 hdr
->len
= __len8(0);
1125 *ptr
= credits
; ptr
++;
1127 *ptr
= __fcs(buf
); ptr
++;
1129 return rfcomm_send_frame(s
, buf
, ptr
- buf
);
1132 static void rfcomm_make_uih(struct sk_buff
*skb
, u8 addr
)
1134 struct rfcomm_hdr
*hdr
;
1139 hdr
= (void *) skb_push(skb
, 4);
1140 put_unaligned(cpu_to_le16(__len16(len
)), (__le16
*) &hdr
->len
);
1142 hdr
= (void *) skb_push(skb
, 3);
1143 hdr
->len
= __len8(len
);
1146 hdr
->ctrl
= __ctrl(RFCOMM_UIH
, 0);
1148 crc
= skb_put(skb
, 1);
1149 *crc
= __fcs((void *) hdr
);
1152 /* ---- RFCOMM frame reception ---- */
1153 static struct rfcomm_session
*rfcomm_recv_ua(struct rfcomm_session
*s
, u8 dlci
)
1155 BT_DBG("session %p state %ld dlci %d", s
, s
->state
, dlci
);
1159 struct rfcomm_dlc
*d
= rfcomm_dlc_get(s
, dlci
);
1161 rfcomm_send_dm(s
, dlci
);
1167 rfcomm_dlc_clear_timer(d
);
1170 d
->state
= BT_CONNECTED
;
1171 d
->state_change(d
, 0);
1172 rfcomm_dlc_unlock(d
);
1174 rfcomm_send_msc(s
, 1, dlci
, d
->v24_sig
);
1178 d
->state
= BT_CLOSED
;
1179 __rfcomm_dlc_close(d
, 0);
1181 if (list_empty(&s
->dlcs
)) {
1182 s
->state
= BT_DISCONN
;
1183 rfcomm_send_disc(s
, 0);
1184 rfcomm_session_clear_timer(s
);
1190 /* Control channel */
1193 s
->state
= BT_CONNECTED
;
1194 rfcomm_process_connect(s
);
1198 s
= rfcomm_session_close(s
, ECONNRESET
);
1205 static struct rfcomm_session
*rfcomm_recv_dm(struct rfcomm_session
*s
, u8 dlci
)
1209 BT_DBG("session %p state %ld dlci %d", s
, s
->state
, dlci
);
1213 struct rfcomm_dlc
*d
= rfcomm_dlc_get(s
, dlci
);
1215 if (d
->state
== BT_CONNECT
|| d
->state
== BT_CONFIG
)
1220 d
->state
= BT_CLOSED
;
1221 __rfcomm_dlc_close(d
, err
);
1224 if (s
->state
== BT_CONNECT
)
1229 s
= rfcomm_session_close(s
, err
);
1234 static struct rfcomm_session
*rfcomm_recv_disc(struct rfcomm_session
*s
,
1239 BT_DBG("session %p state %ld dlci %d", s
, s
->state
, dlci
);
1242 struct rfcomm_dlc
*d
= rfcomm_dlc_get(s
, dlci
);
1244 rfcomm_send_ua(s
, dlci
);
1246 if (d
->state
== BT_CONNECT
|| d
->state
== BT_CONFIG
)
1251 d
->state
= BT_CLOSED
;
1252 __rfcomm_dlc_close(d
, err
);
1254 rfcomm_send_dm(s
, dlci
);
1257 rfcomm_send_ua(s
, 0);
1259 if (s
->state
== BT_CONNECT
)
1264 s
= rfcomm_session_close(s
, err
);
1269 void rfcomm_dlc_accept(struct rfcomm_dlc
*d
)
1271 struct sock
*sk
= d
->session
->sock
->sk
;
1272 struct l2cap_conn
*conn
= l2cap_pi(sk
)->chan
->conn
;
1274 BT_DBG("dlc %p", d
);
1276 rfcomm_send_ua(d
->session
, d
->dlci
);
1278 rfcomm_dlc_clear_timer(d
);
1281 d
->state
= BT_CONNECTED
;
1282 d
->state_change(d
, 0);
1283 rfcomm_dlc_unlock(d
);
1286 hci_conn_switch_role(conn
->hcon
, 0x00);
1288 rfcomm_send_msc(d
->session
, 1, d
->dlci
, d
->v24_sig
);
1291 static void rfcomm_check_accept(struct rfcomm_dlc
*d
)
1293 if (rfcomm_check_security(d
)) {
1294 if (d
->defer_setup
) {
1295 set_bit(RFCOMM_DEFER_SETUP
, &d
->flags
);
1296 rfcomm_dlc_set_timer(d
, RFCOMM_AUTH_TIMEOUT
);
1299 d
->state
= BT_CONNECT2
;
1300 d
->state_change(d
, 0);
1301 rfcomm_dlc_unlock(d
);
1303 rfcomm_dlc_accept(d
);
1305 set_bit(RFCOMM_AUTH_PENDING
, &d
->flags
);
1306 rfcomm_dlc_set_timer(d
, RFCOMM_AUTH_TIMEOUT
);
1310 static int rfcomm_recv_sabm(struct rfcomm_session
*s
, u8 dlci
)
1312 struct rfcomm_dlc
*d
;
1315 BT_DBG("session %p state %ld dlci %d", s
, s
->state
, dlci
);
1318 rfcomm_send_ua(s
, 0);
1320 if (s
->state
== BT_OPEN
) {
1321 s
->state
= BT_CONNECTED
;
1322 rfcomm_process_connect(s
);
1327 /* Check if DLC exists */
1328 d
= rfcomm_dlc_get(s
, dlci
);
1330 if (d
->state
== BT_OPEN
) {
1331 /* DLC was previously opened by PN request */
1332 rfcomm_check_accept(d
);
1337 /* Notify socket layer about incoming connection */
1338 channel
= __srv_channel(dlci
);
1339 if (rfcomm_connect_ind(s
, channel
, &d
)) {
1341 d
->addr
= __addr(s
->initiator
, dlci
);
1342 rfcomm_dlc_link(s
, d
);
1344 rfcomm_check_accept(d
);
1346 rfcomm_send_dm(s
, dlci
);
1352 static int rfcomm_apply_pn(struct rfcomm_dlc
*d
, int cr
, struct rfcomm_pn
*pn
)
1354 struct rfcomm_session
*s
= d
->session
;
1356 BT_DBG("dlc %p state %ld dlci %d mtu %d fc 0x%x credits %d",
1357 d
, d
->state
, d
->dlci
, pn
->mtu
, pn
->flow_ctrl
, pn
->credits
);
1359 if ((pn
->flow_ctrl
== 0xf0 && s
->cfc
!= RFCOMM_CFC_DISABLED
) ||
1360 pn
->flow_ctrl
== 0xe0) {
1361 d
->cfc
= RFCOMM_CFC_ENABLED
;
1362 d
->tx_credits
= pn
->credits
;
1364 d
->cfc
= RFCOMM_CFC_DISABLED
;
1365 set_bit(RFCOMM_TX_THROTTLED
, &d
->flags
);
1368 if (s
->cfc
== RFCOMM_CFC_UNKNOWN
)
1371 d
->priority
= pn
->priority
;
1373 d
->mtu
= __le16_to_cpu(pn
->mtu
);
1375 if (cr
&& d
->mtu
> s
->mtu
)
1381 static int rfcomm_recv_pn(struct rfcomm_session
*s
, int cr
, struct sk_buff
*skb
)
1383 struct rfcomm_pn
*pn
= (void *) skb
->data
;
1384 struct rfcomm_dlc
*d
;
1387 BT_DBG("session %p state %ld dlci %d", s
, s
->state
, dlci
);
1392 d
= rfcomm_dlc_get(s
, dlci
);
1396 rfcomm_apply_pn(d
, cr
, pn
);
1397 rfcomm_send_pn(s
, 0, d
);
1402 rfcomm_apply_pn(d
, cr
, pn
);
1404 d
->state
= BT_CONNECT
;
1405 rfcomm_send_sabm(s
, d
->dlci
);
1410 u8 channel
= __srv_channel(dlci
);
1415 /* PN request for non existing DLC.
1416 * Assume incoming connection. */
1417 if (rfcomm_connect_ind(s
, channel
, &d
)) {
1419 d
->addr
= __addr(s
->initiator
, dlci
);
1420 rfcomm_dlc_link(s
, d
);
1422 rfcomm_apply_pn(d
, cr
, pn
);
1425 rfcomm_send_pn(s
, 0, d
);
1427 rfcomm_send_dm(s
, dlci
);
1433 static int rfcomm_recv_rpn(struct rfcomm_session
*s
, int cr
, int len
, struct sk_buff
*skb
)
1435 struct rfcomm_rpn
*rpn
= (void *) skb
->data
;
1436 u8 dlci
= __get_dlci(rpn
->dlci
);
1445 u16 rpn_mask
= RFCOMM_RPN_PM_ALL
;
1447 BT_DBG("dlci %d cr %d len 0x%x bitr 0x%x line 0x%x flow 0x%x xonc 0x%x xoffc 0x%x pm 0x%x",
1448 dlci
, cr
, len
, rpn
->bit_rate
, rpn
->line_settings
, rpn
->flow_ctrl
,
1449 rpn
->xon_char
, rpn
->xoff_char
, rpn
->param_mask
);
1455 /* This is a request, return default (according to ETSI TS 07.10) settings */
1456 bit_rate
= RFCOMM_RPN_BR_9600
;
1457 data_bits
= RFCOMM_RPN_DATA_8
;
1458 stop_bits
= RFCOMM_RPN_STOP_1
;
1459 parity
= RFCOMM_RPN_PARITY_NONE
;
1460 flow_ctrl
= RFCOMM_RPN_FLOW_NONE
;
1461 xon_char
= RFCOMM_RPN_XON_CHAR
;
1462 xoff_char
= RFCOMM_RPN_XOFF_CHAR
;
1466 /* Check for sane values, ignore/accept bit_rate, 8 bits, 1 stop bit,
1467 * no parity, no flow control lines, normal XON/XOFF chars */
1469 if (rpn
->param_mask
& cpu_to_le16(RFCOMM_RPN_PM_BITRATE
)) {
1470 bit_rate
= rpn
->bit_rate
;
1471 if (bit_rate
> RFCOMM_RPN_BR_230400
) {
1472 BT_DBG("RPN bit rate mismatch 0x%x", bit_rate
);
1473 bit_rate
= RFCOMM_RPN_BR_9600
;
1474 rpn_mask
^= RFCOMM_RPN_PM_BITRATE
;
1478 if (rpn
->param_mask
& cpu_to_le16(RFCOMM_RPN_PM_DATA
)) {
1479 data_bits
= __get_rpn_data_bits(rpn
->line_settings
);
1480 if (data_bits
!= RFCOMM_RPN_DATA_8
) {
1481 BT_DBG("RPN data bits mismatch 0x%x", data_bits
);
1482 data_bits
= RFCOMM_RPN_DATA_8
;
1483 rpn_mask
^= RFCOMM_RPN_PM_DATA
;
1487 if (rpn
->param_mask
& cpu_to_le16(RFCOMM_RPN_PM_STOP
)) {
1488 stop_bits
= __get_rpn_stop_bits(rpn
->line_settings
);
1489 if (stop_bits
!= RFCOMM_RPN_STOP_1
) {
1490 BT_DBG("RPN stop bits mismatch 0x%x", stop_bits
);
1491 stop_bits
= RFCOMM_RPN_STOP_1
;
1492 rpn_mask
^= RFCOMM_RPN_PM_STOP
;
1496 if (rpn
->param_mask
& cpu_to_le16(RFCOMM_RPN_PM_PARITY
)) {
1497 parity
= __get_rpn_parity(rpn
->line_settings
);
1498 if (parity
!= RFCOMM_RPN_PARITY_NONE
) {
1499 BT_DBG("RPN parity mismatch 0x%x", parity
);
1500 parity
= RFCOMM_RPN_PARITY_NONE
;
1501 rpn_mask
^= RFCOMM_RPN_PM_PARITY
;
1505 if (rpn
->param_mask
& cpu_to_le16(RFCOMM_RPN_PM_FLOW
)) {
1506 flow_ctrl
= rpn
->flow_ctrl
;
1507 if (flow_ctrl
!= RFCOMM_RPN_FLOW_NONE
) {
1508 BT_DBG("RPN flow ctrl mismatch 0x%x", flow_ctrl
);
1509 flow_ctrl
= RFCOMM_RPN_FLOW_NONE
;
1510 rpn_mask
^= RFCOMM_RPN_PM_FLOW
;
1514 if (rpn
->param_mask
& cpu_to_le16(RFCOMM_RPN_PM_XON
)) {
1515 xon_char
= rpn
->xon_char
;
1516 if (xon_char
!= RFCOMM_RPN_XON_CHAR
) {
1517 BT_DBG("RPN XON char mismatch 0x%x", xon_char
);
1518 xon_char
= RFCOMM_RPN_XON_CHAR
;
1519 rpn_mask
^= RFCOMM_RPN_PM_XON
;
1523 if (rpn
->param_mask
& cpu_to_le16(RFCOMM_RPN_PM_XOFF
)) {
1524 xoff_char
= rpn
->xoff_char
;
1525 if (xoff_char
!= RFCOMM_RPN_XOFF_CHAR
) {
1526 BT_DBG("RPN XOFF char mismatch 0x%x", xoff_char
);
1527 xoff_char
= RFCOMM_RPN_XOFF_CHAR
;
1528 rpn_mask
^= RFCOMM_RPN_PM_XOFF
;
1533 rfcomm_send_rpn(s
, 0, dlci
, bit_rate
, data_bits
, stop_bits
,
1534 parity
, flow_ctrl
, xon_char
, xoff_char
, rpn_mask
);
1539 static int rfcomm_recv_rls(struct rfcomm_session
*s
, int cr
, struct sk_buff
*skb
)
1541 struct rfcomm_rls
*rls
= (void *) skb
->data
;
1542 u8 dlci
= __get_dlci(rls
->dlci
);
1544 BT_DBG("dlci %d cr %d status 0x%x", dlci
, cr
, rls
->status
);
1549 /* We should probably do something with this information here. But
1550 * for now it's sufficient just to reply -- Bluetooth 1.1 says it's
1551 * mandatory to recognise and respond to RLS */
1553 rfcomm_send_rls(s
, 0, dlci
, rls
->status
);
1558 static int rfcomm_recv_msc(struct rfcomm_session
*s
, int cr
, struct sk_buff
*skb
)
1560 struct rfcomm_msc
*msc
= (void *) skb
->data
;
1561 struct rfcomm_dlc
*d
;
1562 u8 dlci
= __get_dlci(msc
->dlci
);
1564 BT_DBG("dlci %d cr %d v24 0x%x", dlci
, cr
, msc
->v24_sig
);
1566 d
= rfcomm_dlc_get(s
, dlci
);
1571 if (msc
->v24_sig
& RFCOMM_V24_FC
&& !d
->cfc
)
1572 set_bit(RFCOMM_TX_THROTTLED
, &d
->flags
);
1574 clear_bit(RFCOMM_TX_THROTTLED
, &d
->flags
);
1578 d
->remote_v24_sig
= msc
->v24_sig
;
1580 if (d
->modem_status
)
1581 d
->modem_status(d
, msc
->v24_sig
);
1583 rfcomm_dlc_unlock(d
);
1585 rfcomm_send_msc(s
, 0, dlci
, msc
->v24_sig
);
1587 d
->mscex
|= RFCOMM_MSCEX_RX
;
1589 d
->mscex
|= RFCOMM_MSCEX_TX
;
1594 static int rfcomm_recv_mcc(struct rfcomm_session
*s
, struct sk_buff
*skb
)
1596 struct rfcomm_mcc
*mcc
= (void *) skb
->data
;
1599 cr
= __test_cr(mcc
->type
);
1600 type
= __get_mcc_type(mcc
->type
);
1601 len
= __get_mcc_len(mcc
->len
);
1603 BT_DBG("%p type 0x%x cr %d", s
, type
, cr
);
1609 rfcomm_recv_pn(s
, cr
, skb
);
1613 rfcomm_recv_rpn(s
, cr
, len
, skb
);
1617 rfcomm_recv_rls(s
, cr
, skb
);
1621 rfcomm_recv_msc(s
, cr
, skb
);
1626 set_bit(RFCOMM_TX_THROTTLED
, &s
->flags
);
1627 rfcomm_send_fcoff(s
, 0);
1633 clear_bit(RFCOMM_TX_THROTTLED
, &s
->flags
);
1634 rfcomm_send_fcon(s
, 0);
1640 rfcomm_send_test(s
, 0, skb
->data
, skb
->len
);
1647 BT_ERR("Unknown control type 0x%02x", type
);
1648 rfcomm_send_nsc(s
, cr
, type
);
1654 static int rfcomm_recv_data(struct rfcomm_session
*s
, u8 dlci
, int pf
, struct sk_buff
*skb
)
1656 struct rfcomm_dlc
*d
;
1658 BT_DBG("session %p state %ld dlci %d pf %d", s
, s
->state
, dlci
, pf
);
1660 d
= rfcomm_dlc_get(s
, dlci
);
1662 rfcomm_send_dm(s
, dlci
);
1667 u8 credits
= *(u8
*) skb
->data
; skb_pull(skb
, 1);
1669 d
->tx_credits
+= credits
;
1671 clear_bit(RFCOMM_TX_THROTTLED
, &d
->flags
);
1674 if (skb
->len
&& d
->state
== BT_CONNECTED
) {
1677 d
->data_ready(d
, skb
);
1678 rfcomm_dlc_unlock(d
);
1687 static struct rfcomm_session
*rfcomm_recv_frame(struct rfcomm_session
*s
,
1688 struct sk_buff
*skb
)
1690 struct rfcomm_hdr
*hdr
= (void *) skb
->data
;
1694 /* no session, so free socket data */
1699 dlci
= __get_dlci(hdr
->addr
);
1700 type
= __get_type(hdr
->ctrl
);
1703 skb
->len
--; skb
->tail
--;
1704 fcs
= *(u8
*)skb_tail_pointer(skb
);
1706 if (__check_fcs(skb
->data
, type
, fcs
)) {
1707 BT_ERR("bad checksum in packet");
1712 if (__test_ea(hdr
->len
))
1719 if (__test_pf(hdr
->ctrl
))
1720 rfcomm_recv_sabm(s
, dlci
);
1724 if (__test_pf(hdr
->ctrl
))
1725 s
= rfcomm_recv_disc(s
, dlci
);
1729 if (__test_pf(hdr
->ctrl
))
1730 s
= rfcomm_recv_ua(s
, dlci
);
1734 s
= rfcomm_recv_dm(s
, dlci
);
1739 rfcomm_recv_data(s
, dlci
, __test_pf(hdr
->ctrl
), skb
);
1742 rfcomm_recv_mcc(s
, skb
);
1746 BT_ERR("Unknown packet type 0x%02x", type
);
1753 /* ---- Connection and data processing ---- */
1755 static void rfcomm_process_connect(struct rfcomm_session
*s
)
1757 struct rfcomm_dlc
*d
;
1758 struct list_head
*p
, *n
;
1760 BT_DBG("session %p state %ld", s
, s
->state
);
1762 list_for_each_safe(p
, n
, &s
->dlcs
) {
1763 d
= list_entry(p
, struct rfcomm_dlc
, list
);
1764 if (d
->state
== BT_CONFIG
) {
1766 if (rfcomm_check_security(d
)) {
1767 rfcomm_send_pn(s
, 1, d
);
1769 set_bit(RFCOMM_AUTH_PENDING
, &d
->flags
);
1770 rfcomm_dlc_set_timer(d
, RFCOMM_AUTH_TIMEOUT
);
1776 /* Send data queued for the DLC.
1777 * Return number of frames left in the queue.
1779 static int rfcomm_process_tx(struct rfcomm_dlc
*d
)
1781 struct sk_buff
*skb
;
1784 BT_DBG("dlc %p state %ld cfc %d rx_credits %d tx_credits %d",
1785 d
, d
->state
, d
->cfc
, d
->rx_credits
, d
->tx_credits
);
1787 /* Send pending MSC */
1788 if (test_and_clear_bit(RFCOMM_MSC_PENDING
, &d
->flags
))
1789 rfcomm_send_msc(d
->session
, 1, d
->dlci
, d
->v24_sig
);
1793 * Give them some credits */
1794 if (!test_bit(RFCOMM_RX_THROTTLED
, &d
->flags
) &&
1795 d
->rx_credits
<= (d
->cfc
>> 2)) {
1796 rfcomm_send_credits(d
->session
, d
->addr
, d
->cfc
- d
->rx_credits
);
1797 d
->rx_credits
= d
->cfc
;
1801 * Give ourselves some credits */
1805 if (test_bit(RFCOMM_TX_THROTTLED
, &d
->flags
))
1806 return skb_queue_len(&d
->tx_queue
);
1808 while (d
->tx_credits
&& (skb
= skb_dequeue(&d
->tx_queue
))) {
1809 err
= rfcomm_send_frame(d
->session
, skb
->data
, skb
->len
);
1811 skb_queue_head(&d
->tx_queue
, skb
);
1818 if (d
->cfc
&& !d
->tx_credits
) {
1819 /* We're out of TX credits.
1820 * Set TX_THROTTLED flag to avoid unnesary wakeups by dlc_send. */
1821 set_bit(RFCOMM_TX_THROTTLED
, &d
->flags
);
1824 return skb_queue_len(&d
->tx_queue
);
1827 static void rfcomm_process_dlcs(struct rfcomm_session
*s
)
1829 struct rfcomm_dlc
*d
;
1830 struct list_head
*p
, *n
;
1832 BT_DBG("session %p state %ld", s
, s
->state
);
1834 list_for_each_safe(p
, n
, &s
->dlcs
) {
1835 d
= list_entry(p
, struct rfcomm_dlc
, list
);
1837 if (test_bit(RFCOMM_TIMED_OUT
, &d
->flags
)) {
1838 __rfcomm_dlc_close(d
, ETIMEDOUT
);
1842 if (test_bit(RFCOMM_ENC_DROP
, &d
->flags
)) {
1843 __rfcomm_dlc_close(d
, ECONNREFUSED
);
1847 if (test_and_clear_bit(RFCOMM_AUTH_ACCEPT
, &d
->flags
)) {
1848 rfcomm_dlc_clear_timer(d
);
1850 rfcomm_send_pn(s
, 1, d
);
1851 rfcomm_dlc_set_timer(d
, RFCOMM_CONN_TIMEOUT
);
1853 if (d
->defer_setup
) {
1854 set_bit(RFCOMM_DEFER_SETUP
, &d
->flags
);
1855 rfcomm_dlc_set_timer(d
, RFCOMM_AUTH_TIMEOUT
);
1858 d
->state
= BT_CONNECT2
;
1859 d
->state_change(d
, 0);
1860 rfcomm_dlc_unlock(d
);
1862 rfcomm_dlc_accept(d
);
1865 } else if (test_and_clear_bit(RFCOMM_AUTH_REJECT
, &d
->flags
)) {
1866 rfcomm_dlc_clear_timer(d
);
1868 rfcomm_send_dm(s
, d
->dlci
);
1870 d
->state
= BT_CLOSED
;
1871 __rfcomm_dlc_close(d
, ECONNREFUSED
);
1875 if (test_bit(RFCOMM_SEC_PENDING
, &d
->flags
))
1878 if (test_bit(RFCOMM_TX_THROTTLED
, &s
->flags
))
1881 if ((d
->state
== BT_CONNECTED
|| d
->state
== BT_DISCONN
) &&
1882 d
->mscex
== RFCOMM_MSCEX_OK
)
1883 rfcomm_process_tx(d
);
1887 static struct rfcomm_session
*rfcomm_process_rx(struct rfcomm_session
*s
)
1889 struct socket
*sock
= s
->sock
;
1890 struct sock
*sk
= sock
->sk
;
1891 struct sk_buff
*skb
;
1893 BT_DBG("session %p state %ld qlen %d", s
, s
->state
, skb_queue_len(&sk
->sk_receive_queue
));
1895 /* Get data directly from socket receive queue without copying it. */
1896 while ((skb
= skb_dequeue(&sk
->sk_receive_queue
))) {
1898 if (!skb_linearize(skb
))
1899 s
= rfcomm_recv_frame(s
, skb
);
1904 if (s
&& (sk
->sk_state
== BT_CLOSED
))
1905 s
= rfcomm_session_close(s
, sk
->sk_err
);
1910 static void rfcomm_accept_connection(struct rfcomm_session
*s
)
1912 struct socket
*sock
= s
->sock
, *nsock
;
1915 /* Fast check for a new connection.
1916 * Avoids unnesesary socket allocations. */
1917 if (list_empty(&bt_sk(sock
->sk
)->accept_q
))
1920 BT_DBG("session %p", s
);
1922 err
= kernel_accept(sock
, &nsock
, O_NONBLOCK
);
1926 /* Set our callbacks */
1927 nsock
->sk
->sk_data_ready
= rfcomm_l2data_ready
;
1928 nsock
->sk
->sk_state_change
= rfcomm_l2state_change
;
1930 s
= rfcomm_session_add(nsock
, BT_OPEN
);
1932 /* We should adjust MTU on incoming sessions.
1933 * L2CAP MTU minus UIH header and FCS. */
1934 s
->mtu
= min(l2cap_pi(nsock
->sk
)->chan
->omtu
,
1935 l2cap_pi(nsock
->sk
)->chan
->imtu
) - 5;
1939 sock_release(nsock
);
1942 static struct rfcomm_session
*rfcomm_check_connection(struct rfcomm_session
*s
)
1944 struct sock
*sk
= s
->sock
->sk
;
1946 BT_DBG("%p state %ld", s
, s
->state
);
1948 switch (sk
->sk_state
) {
1950 s
->state
= BT_CONNECT
;
1952 /* We can adjust MTU on outgoing sessions.
1953 * L2CAP MTU minus UIH header and FCS. */
1954 s
->mtu
= min(l2cap_pi(sk
)->chan
->omtu
, l2cap_pi(sk
)->chan
->imtu
) - 5;
1956 rfcomm_send_sabm(s
, 0);
1960 s
= rfcomm_session_close(s
, sk
->sk_err
);
1966 static void rfcomm_process_sessions(void)
1968 struct list_head
*p
, *n
;
1972 list_for_each_safe(p
, n
, &session_list
) {
1973 struct rfcomm_session
*s
;
1974 s
= list_entry(p
, struct rfcomm_session
, list
);
1976 if (test_and_clear_bit(RFCOMM_TIMED_OUT
, &s
->flags
)) {
1977 s
->state
= BT_DISCONN
;
1978 rfcomm_send_disc(s
, 0);
1984 rfcomm_accept_connection(s
);
1988 s
= rfcomm_check_connection(s
);
1992 s
= rfcomm_process_rx(s
);
1997 rfcomm_process_dlcs(s
);
2003 static int rfcomm_add_listener(bdaddr_t
*ba
)
2005 struct sockaddr_l2 addr
;
2006 struct socket
*sock
;
2008 struct rfcomm_session
*s
;
2012 err
= rfcomm_l2sock_create(&sock
);
2014 BT_ERR("Create socket failed %d", err
);
2019 bacpy(&addr
.l2_bdaddr
, ba
);
2020 addr
.l2_family
= AF_BLUETOOTH
;
2021 addr
.l2_psm
= __constant_cpu_to_le16(RFCOMM_PSM
);
2023 addr
.l2_bdaddr_type
= BDADDR_BREDR
;
2024 err
= kernel_bind(sock
, (struct sockaddr
*) &addr
, sizeof(addr
));
2026 BT_ERR("Bind failed %d", err
);
2030 /* Set L2CAP options */
2033 l2cap_pi(sk
)->chan
->imtu
= l2cap_mtu
;
2036 /* Start listening on the socket */
2037 err
= kernel_listen(sock
, 10);
2039 BT_ERR("Listen failed %d", err
);
2043 /* Add listening session */
2044 s
= rfcomm_session_add(sock
, BT_LISTEN
);
2056 static void rfcomm_kill_listener(void)
2058 struct rfcomm_session
*s
;
2059 struct list_head
*p
, *n
;
2063 list_for_each_safe(p
, n
, &session_list
) {
2064 s
= list_entry(p
, struct rfcomm_session
, list
);
2065 rfcomm_session_del(s
);
2069 static int rfcomm_run(void *unused
)
2073 set_user_nice(current
, -10);
2075 rfcomm_add_listener(BDADDR_ANY
);
2078 set_current_state(TASK_INTERRUPTIBLE
);
2080 if (kthread_should_stop())
2084 rfcomm_process_sessions();
2088 __set_current_state(TASK_RUNNING
);
2090 rfcomm_kill_listener();
2095 static void rfcomm_security_cfm(struct hci_conn
*conn
, u8 status
, u8 encrypt
)
2097 struct rfcomm_session
*s
;
2098 struct rfcomm_dlc
*d
;
2099 struct list_head
*p
, *n
;
2101 BT_DBG("conn %p status 0x%02x encrypt 0x%02x", conn
, status
, encrypt
);
2103 s
= rfcomm_session_get(&conn
->hdev
->bdaddr
, &conn
->dst
);
2107 list_for_each_safe(p
, n
, &s
->dlcs
) {
2108 d
= list_entry(p
, struct rfcomm_dlc
, list
);
2110 if (test_and_clear_bit(RFCOMM_SEC_PENDING
, &d
->flags
)) {
2111 rfcomm_dlc_clear_timer(d
);
2112 if (status
|| encrypt
== 0x00) {
2113 set_bit(RFCOMM_ENC_DROP
, &d
->flags
);
2118 if (d
->state
== BT_CONNECTED
&& !status
&& encrypt
== 0x00) {
2119 if (d
->sec_level
== BT_SECURITY_MEDIUM
) {
2120 set_bit(RFCOMM_SEC_PENDING
, &d
->flags
);
2121 rfcomm_dlc_set_timer(d
, RFCOMM_AUTH_TIMEOUT
);
2123 } else if (d
->sec_level
== BT_SECURITY_HIGH
||
2124 d
->sec_level
== BT_SECURITY_FIPS
) {
2125 set_bit(RFCOMM_ENC_DROP
, &d
->flags
);
2130 if (!test_and_clear_bit(RFCOMM_AUTH_PENDING
, &d
->flags
))
2133 if (!status
&& hci_conn_check_secure(conn
, d
->sec_level
))
2134 set_bit(RFCOMM_AUTH_ACCEPT
, &d
->flags
);
2136 set_bit(RFCOMM_AUTH_REJECT
, &d
->flags
);
2142 static struct hci_cb rfcomm_cb
= {
2144 .security_cfm
= rfcomm_security_cfm
2147 static int rfcomm_dlc_debugfs_show(struct seq_file
*f
, void *x
)
2149 struct rfcomm_session
*s
;
2153 list_for_each_entry(s
, &session_list
, list
) {
2154 struct l2cap_chan
*chan
= l2cap_pi(s
->sock
->sk
)->chan
;
2155 struct rfcomm_dlc
*d
;
2156 list_for_each_entry(d
, &s
->dlcs
, list
) {
2157 seq_printf(f
, "%pMR %pMR %ld %d %d %d %d\n",
2158 &chan
->src
, &chan
->dst
,
2159 d
->state
, d
->dlci
, d
->mtu
,
2160 d
->rx_credits
, d
->tx_credits
);
2169 static int rfcomm_dlc_debugfs_open(struct inode
*inode
, struct file
*file
)
2171 return single_open(file
, rfcomm_dlc_debugfs_show
, inode
->i_private
);
2174 static const struct file_operations rfcomm_dlc_debugfs_fops
= {
2175 .open
= rfcomm_dlc_debugfs_open
,
2177 .llseek
= seq_lseek
,
2178 .release
= single_release
,
2181 static struct dentry
*rfcomm_dlc_debugfs
;
2183 /* ---- Initialization ---- */
2184 static int __init
rfcomm_init(void)
2188 hci_register_cb(&rfcomm_cb
);
2190 rfcomm_thread
= kthread_run(rfcomm_run
, NULL
, "krfcommd");
2191 if (IS_ERR(rfcomm_thread
)) {
2192 err
= PTR_ERR(rfcomm_thread
);
2196 err
= rfcomm_init_ttys();
2200 err
= rfcomm_init_sockets();
2204 BT_INFO("RFCOMM ver %s", VERSION
);
2206 if (IS_ERR_OR_NULL(bt_debugfs
))
2209 rfcomm_dlc_debugfs
= debugfs_create_file("rfcomm_dlc", 0444,
2211 &rfcomm_dlc_debugfs_fops
);
2216 rfcomm_cleanup_ttys();
2219 kthread_stop(rfcomm_thread
);
2222 hci_unregister_cb(&rfcomm_cb
);
2227 static void __exit
rfcomm_exit(void)
2229 debugfs_remove(rfcomm_dlc_debugfs
);
2231 hci_unregister_cb(&rfcomm_cb
);
2233 kthread_stop(rfcomm_thread
);
2235 rfcomm_cleanup_ttys();
2237 rfcomm_cleanup_sockets();
2240 module_init(rfcomm_init
);
2241 module_exit(rfcomm_exit
);
2243 module_param(disable_cfc
, bool, 0644);
2244 MODULE_PARM_DESC(disable_cfc
, "Disable credit based flow control");
2246 module_param(channel_mtu
, int, 0644);
2247 MODULE_PARM_DESC(channel_mtu
, "Default MTU for the RFCOMM channel");
2249 module_param(l2cap_mtu
, uint
, 0644);
2250 MODULE_PARM_DESC(l2cap_mtu
, "Default MTU for the L2CAP connection");
2252 module_param(l2cap_ertm
, bool, 0644);
2253 MODULE_PARM_DESC(l2cap_ertm
, "Use L2CAP ERTM mode for connection");
2255 MODULE_AUTHOR("Marcel Holtmann <marcel@holtmann.org>");
2256 MODULE_DESCRIPTION("Bluetooth RFCOMM ver " VERSION
);
2257 MODULE_VERSION(VERSION
);
2258 MODULE_LICENSE("GPL");
2259 MODULE_ALIAS("bt-proto-3");