tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

Bluetooth: rfcomm: fix modem control handling

The RFCOMM driver confuses the local and remote modem control signals,
which specifically means that the reported DTR and RTS state will
instead reflect the remote end (i.e. DSR and CTS).

This issue dates back to the original driver (and a follow-on update)
merged in 2002, which resulted in a non-standard implementation of
TIOCMSET that allowed controlling also the TS07.10 IC and DV signals by
mapping them to the RI and DCD input flags, while TIOCMGET failed to
return the actual state of DTR and RTS.

Note that the bogus control of input signals in tiocmset() is just
dead code as those flags will have been masked out by the tty layer
since 2003.

Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
Cc: stable@vger.kernel.org
Signed-off-by: Johan Hovold <johan@kernel.org>
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>

authored by

Johan Hovold and committed by
Luiz Augusto von Dentz 91d35ec9 751463ce

+11 -15
+11 -15
net/bluetooth/rfcomm/tty.c
··· 643 643 tty_port_tty_hangup(&dev->port, true); 644 644 645 645 dev->modem_status = 646 - ((v24_sig & RFCOMM_V24_RTC) ? (TIOCM_DSR | TIOCM_DTR) : 0) | 647 - ((v24_sig & RFCOMM_V24_RTR) ? (TIOCM_RTS | TIOCM_CTS) : 0) | 646 + ((v24_sig & RFCOMM_V24_RTC) ? TIOCM_DSR : 0) | 647 + ((v24_sig & RFCOMM_V24_RTR) ? TIOCM_CTS : 0) | 648 648 ((v24_sig & RFCOMM_V24_IC) ? TIOCM_RI : 0) | 649 649 ((v24_sig & RFCOMM_V24_DV) ? TIOCM_CD : 0); 650 650 } ··· 1055 1055 static int rfcomm_tty_tiocmget(struct tty_struct *tty) 1056 1056 { 1057 1057 struct rfcomm_dev *dev = tty->driver_data; 1058 + struct rfcomm_dlc *dlc = dev->dlc; 1059 + u8 v24_sig; 1058 1060 1059 1061 BT_DBG("tty %p dev %p", tty, dev); 1060 1062 1061 - return dev->modem_status; 1063 + rfcomm_dlc_get_modem_status(dlc, &v24_sig); 1064 + 1065 + return (v24_sig & (TIOCM_DTR | TIOCM_RTS)) | dev->modem_status; 1062 1066 } 1063 1067 1064 1068 static int rfcomm_tty_tiocmset(struct tty_struct *tty, unsigned int set, unsigned int clear) ··· 1075 1071 1076 1072 rfcomm_dlc_get_modem_status(dlc, &v24_sig); 1077 1073 1078 - if (set & TIOCM_DSR || set & TIOCM_DTR) 1074 + if (set & TIOCM_DTR) 1079 1075 v24_sig |= RFCOMM_V24_RTC; 1080 - if (set & TIOCM_RTS || set & TIOCM_CTS) 1076 + if (set & TIOCM_RTS) 1081 1077 v24_sig |= RFCOMM_V24_RTR; 1082 - if (set & TIOCM_RI) 1083 - v24_sig |= RFCOMM_V24_IC; 1084 - if (set & TIOCM_CD) 1085 - v24_sig |= RFCOMM_V24_DV; 1086 1078 1087 - if (clear & TIOCM_DSR || clear & TIOCM_DTR) 1079 + if (clear & TIOCM_DTR) 1088 1080 v24_sig &= ~RFCOMM_V24_RTC; 1089 - if (clear & TIOCM_RTS || clear & TIOCM_CTS) 1081 + if (clear & TIOCM_RTS) 1090 1082 v24_sig &= ~RFCOMM_V24_RTR; 1091 - if (clear & TIOCM_RI) 1092 - v24_sig &= ~RFCOMM_V24_IC; 1093 - if (clear & TIOCM_CD) 1094 - v24_sig &= ~RFCOMM_V24_DV; 1095 1083 1096 1084 rfcomm_dlc_set_modem_status(dlc, v24_sig); 1097 1085