Loading...
1// SPDX-License-Identifier: GPL-2.0-or-later
2/*
3 *
4 * Bluetooth HCI UART driver
5 *
6 * Copyright (C) 2000-2001 Qualcomm Incorporated
7 * Copyright (C) 2002-2003 Maxim Krasnyansky <maxk@qualcomm.com>
8 * Copyright (C) 2004-2005 Marcel Holtmann <marcel@holtmann.org>
9 */
10
11#include <linux/module.h>
12
13#include <linux/kernel.h>
14#include <linux/init.h>
15#include <linux/types.h>
16#include <linux/fcntl.h>
17#include <linux/interrupt.h>
18#include <linux/ptrace.h>
19#include <linux/poll.h>
20
21#include <linux/slab.h>
22#include <linux/tty.h>
23#include <linux/errno.h>
24#include <linux/string.h>
25#include <linux/signal.h>
26#include <linux/ioctl.h>
27#include <linux/skbuff.h>
28#include <linux/firmware.h>
29#include <linux/serdev.h>
30
31#include <net/bluetooth/bluetooth.h>
32#include <net/bluetooth/hci_core.h>
33
34#include "btintel.h"
35#include "btbcm.h"
36#include "hci_uart.h"
37
38#define VERSION "2.3"
39
40static const struct hci_uart_proto *hup[HCI_UART_MAX_PROTO];
41
42int hci_uart_register_proto(const struct hci_uart_proto *p)
43{
44 if (p->id >= HCI_UART_MAX_PROTO)
45 return -EINVAL;
46
47 if (hup[p->id])
48 return -EEXIST;
49
50 hup[p->id] = p;
51
52 BT_INFO("HCI UART protocol %s registered", p->name);
53
54 return 0;
55}
56
57int hci_uart_unregister_proto(const struct hci_uart_proto *p)
58{
59 if (p->id >= HCI_UART_MAX_PROTO)
60 return -EINVAL;
61
62 if (!hup[p->id])
63 return -EINVAL;
64
65 hup[p->id] = NULL;
66
67 return 0;
68}
69
70static const struct hci_uart_proto *hci_uart_get_proto(unsigned int id)
71{
72 if (id >= HCI_UART_MAX_PROTO)
73 return NULL;
74
75 return hup[id];
76}
77
78static inline void hci_uart_tx_complete(struct hci_uart *hu, int pkt_type)
79{
80 struct hci_dev *hdev = hu->hdev;
81
82 /* Update HCI stat counters */
83 switch (pkt_type) {
84 case HCI_COMMAND_PKT:
85 hdev->stat.cmd_tx++;
86 break;
87
88 case HCI_ACLDATA_PKT:
89 hdev->stat.acl_tx++;
90 break;
91
92 case HCI_SCODATA_PKT:
93 hdev->stat.sco_tx++;
94 break;
95 }
96}
97
98static inline struct sk_buff *hci_uart_dequeue(struct hci_uart *hu)
99{
100 struct sk_buff *skb = hu->tx_skb;
101
102 if (!skb) {
103 percpu_down_read(&hu->proto_lock);
104
105 if (test_bit(HCI_UART_PROTO_READY, &hu->flags))
106 skb = hu->proto->dequeue(hu);
107
108 percpu_up_read(&hu->proto_lock);
109 } else {
110 hu->tx_skb = NULL;
111 }
112
113 return skb;
114}
115
116int hci_uart_tx_wakeup(struct hci_uart *hu)
117{
118 /* This may be called in an IRQ context, so we can't sleep. Therefore
119 * we try to acquire the lock only, and if that fails we assume the
120 * tty is being closed because that is the only time the write lock is
121 * acquired. If, however, at some point in the future the write lock
122 * is also acquired in other situations, then this must be revisited.
123 */
124 if (!percpu_down_read_trylock(&hu->proto_lock))
125 return 0;
126
127 if (!test_bit(HCI_UART_PROTO_READY, &hu->flags))
128 goto no_schedule;
129
130 set_bit(HCI_UART_TX_WAKEUP, &hu->tx_state);
131 if (test_and_set_bit(HCI_UART_SENDING, &hu->tx_state))
132 goto no_schedule;
133
134 BT_DBG("");
135
136 schedule_work(&hu->write_work);
137
138no_schedule:
139 percpu_up_read(&hu->proto_lock);
140
141 return 0;
142}
143EXPORT_SYMBOL_GPL(hci_uart_tx_wakeup);
144
145static void hci_uart_write_work(struct work_struct *work)
146{
147 struct hci_uart *hu = container_of(work, struct hci_uart, write_work);
148 struct tty_struct *tty = hu->tty;
149 struct hci_dev *hdev = hu->hdev;
150 struct sk_buff *skb;
151
152 /* REVISIT: should we cope with bad skbs or ->write() returning
153 * and error value ?
154 */
155
156restart:
157 clear_bit(HCI_UART_TX_WAKEUP, &hu->tx_state);
158
159 while ((skb = hci_uart_dequeue(hu))) {
160 int len;
161
162 set_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
163 len = tty->ops->write(tty, skb->data, skb->len);
164 hdev->stat.byte_tx += len;
165
166 skb_pull(skb, len);
167 if (skb->len) {
168 hu->tx_skb = skb;
169 break;
170 }
171
172 hci_uart_tx_complete(hu, hci_skb_pkt_type(skb));
173 kfree_skb(skb);
174 }
175
176 clear_bit(HCI_UART_SENDING, &hu->tx_state);
177 if (test_bit(HCI_UART_TX_WAKEUP, &hu->tx_state))
178 goto restart;
179
180 wake_up_bit(&hu->tx_state, HCI_UART_SENDING);
181}
182
183void hci_uart_init_work(struct work_struct *work)
184{
185 struct hci_uart *hu = container_of(work, struct hci_uart, init_ready);
186 int err;
187 struct hci_dev *hdev;
188
189 if (!test_and_clear_bit(HCI_UART_INIT_PENDING, &hu->hdev_flags))
190 return;
191
192 err = hci_register_dev(hu->hdev);
193 if (err < 0) {
194 BT_ERR("Can't register HCI device");
195 clear_bit(HCI_UART_PROTO_READY, &hu->flags);
196 hu->proto->close(hu);
197 hdev = hu->hdev;
198 hu->hdev = NULL;
199 hci_free_dev(hdev);
200 return;
201 }
202
203 set_bit(HCI_UART_REGISTERED, &hu->flags);
204}
205
206int hci_uart_init_ready(struct hci_uart *hu)
207{
208 if (!test_bit(HCI_UART_INIT_PENDING, &hu->hdev_flags))
209 return -EALREADY;
210
211 schedule_work(&hu->init_ready);
212
213 return 0;
214}
215
216int hci_uart_wait_until_sent(struct hci_uart *hu)
217{
218 return wait_on_bit_timeout(&hu->tx_state, HCI_UART_SENDING,
219 TASK_INTERRUPTIBLE,
220 msecs_to_jiffies(2000));
221}
222
223/* ------- Interface to HCI layer ------ */
224/* Reset device */
225static int hci_uart_flush(struct hci_dev *hdev)
226{
227 struct hci_uart *hu = hci_get_drvdata(hdev);
228 struct tty_struct *tty = hu->tty;
229
230 BT_DBG("hdev %p tty %p", hdev, tty);
231
232 if (hu->tx_skb) {
233 kfree_skb(hu->tx_skb); hu->tx_skb = NULL;
234 }
235
236 /* Flush any pending characters in the driver and discipline. */
237 tty_ldisc_flush(tty);
238 tty_driver_flush_buffer(tty);
239
240 percpu_down_read(&hu->proto_lock);
241
242 if (test_bit(HCI_UART_PROTO_READY, &hu->flags))
243 hu->proto->flush(hu);
244
245 percpu_up_read(&hu->proto_lock);
246
247 return 0;
248}
249
250/* Initialize device */
251static int hci_uart_open(struct hci_dev *hdev)
252{
253 BT_DBG("%s %p", hdev->name, hdev);
254
255 /* Undo clearing this from hci_uart_close() */
256 hdev->flush = hci_uart_flush;
257
258 return 0;
259}
260
261/* Close device */
262static int hci_uart_close(struct hci_dev *hdev)
263{
264 BT_DBG("hdev %p", hdev);
265
266 hci_uart_flush(hdev);
267 hdev->flush = NULL;
268 return 0;
269}
270
271/* Send frames from HCI layer */
272static int hci_uart_send_frame(struct hci_dev *hdev, struct sk_buff *skb)
273{
274 struct hci_uart *hu = hci_get_drvdata(hdev);
275
276 BT_DBG("%s: type %d len %d", hdev->name, hci_skb_pkt_type(skb),
277 skb->len);
278
279 percpu_down_read(&hu->proto_lock);
280
281 if (!test_bit(HCI_UART_PROTO_READY, &hu->flags)) {
282 percpu_up_read(&hu->proto_lock);
283 return -EUNATCH;
284 }
285
286 hu->proto->enqueue(hu, skb);
287 percpu_up_read(&hu->proto_lock);
288
289 hci_uart_tx_wakeup(hu);
290
291 return 0;
292}
293
294/* Check the underlying device or tty has flow control support */
295bool hci_uart_has_flow_control(struct hci_uart *hu)
296{
297 /* serdev nodes check if the needed operations are present */
298 if (hu->serdev)
299 return true;
300
301 if (hu->tty->driver->ops->tiocmget && hu->tty->driver->ops->tiocmset)
302 return true;
303
304 return false;
305}
306
307/* Flow control or un-flow control the device */
308void hci_uart_set_flow_control(struct hci_uart *hu, bool enable)
309{
310 struct tty_struct *tty = hu->tty;
311 struct ktermios ktermios;
312 int status;
313 unsigned int set = 0;
314 unsigned int clear = 0;
315
316 if (hu->serdev) {
317 serdev_device_set_flow_control(hu->serdev, !enable);
318 serdev_device_set_rts(hu->serdev, !enable);
319 return;
320 }
321
322 if (enable) {
323 /* Disable hardware flow control */
324 ktermios = tty->termios;
325 ktermios.c_cflag &= ~CRTSCTS;
326 status = tty_set_termios(tty, &ktermios);
327 BT_DBG("Disabling hardware flow control: %s",
328 status ? "failed" : "success");
329
330 /* Clear RTS to prevent the device from sending */
331 /* Most UARTs need OUT2 to enable interrupts */
332 status = tty->driver->ops->tiocmget(tty);
333 BT_DBG("Current tiocm 0x%x", status);
334
335 set &= ~(TIOCM_OUT2 | TIOCM_RTS);
336 clear = ~set;
337 set &= TIOCM_DTR | TIOCM_RTS | TIOCM_OUT1 |
338 TIOCM_OUT2 | TIOCM_LOOP;
339 clear &= TIOCM_DTR | TIOCM_RTS | TIOCM_OUT1 |
340 TIOCM_OUT2 | TIOCM_LOOP;
341 status = tty->driver->ops->tiocmset(tty, set, clear);
342 BT_DBG("Clearing RTS: %s", status ? "failed" : "success");
343 } else {
344 /* Set RTS to allow the device to send again */
345 status = tty->driver->ops->tiocmget(tty);
346 BT_DBG("Current tiocm 0x%x", status);
347
348 set |= (TIOCM_OUT2 | TIOCM_RTS);
349 clear = ~set;
350 set &= TIOCM_DTR | TIOCM_RTS | TIOCM_OUT1 |
351 TIOCM_OUT2 | TIOCM_LOOP;
352 clear &= TIOCM_DTR | TIOCM_RTS | TIOCM_OUT1 |
353 TIOCM_OUT2 | TIOCM_LOOP;
354 status = tty->driver->ops->tiocmset(tty, set, clear);
355 BT_DBG("Setting RTS: %s", status ? "failed" : "success");
356
357 /* Re-enable hardware flow control */
358 ktermios = tty->termios;
359 ktermios.c_cflag |= CRTSCTS;
360 status = tty_set_termios(tty, &ktermios);
361 BT_DBG("Enabling hardware flow control: %s",
362 status ? "failed" : "success");
363 }
364}
365
366void hci_uart_set_speeds(struct hci_uart *hu, unsigned int init_speed,
367 unsigned int oper_speed)
368{
369 hu->init_speed = init_speed;
370 hu->oper_speed = oper_speed;
371}
372
373void hci_uart_set_baudrate(struct hci_uart *hu, unsigned int speed)
374{
375 struct tty_struct *tty = hu->tty;
376 struct ktermios ktermios;
377
378 ktermios = tty->termios;
379 ktermios.c_cflag &= ~CBAUD;
380 tty_termios_encode_baud_rate(&ktermios, speed, speed);
381
382 /* tty_set_termios() return not checked as it is always 0 */
383 tty_set_termios(tty, &ktermios);
384
385 BT_DBG("%s: New tty speeds: %d/%d", hu->hdev->name,
386 tty->termios.c_ispeed, tty->termios.c_ospeed);
387}
388
389static int hci_uart_setup(struct hci_dev *hdev)
390{
391 struct hci_uart *hu = hci_get_drvdata(hdev);
392 struct hci_rp_read_local_version *ver;
393 struct sk_buff *skb;
394 unsigned int speed;
395 int err;
396
397 /* Init speed if any */
398 if (hu->init_speed)
399 speed = hu->init_speed;
400 else if (hu->proto->init_speed)
401 speed = hu->proto->init_speed;
402 else
403 speed = 0;
404
405 if (speed)
406 hci_uart_set_baudrate(hu, speed);
407
408 /* Operational speed if any */
409 if (hu->oper_speed)
410 speed = hu->oper_speed;
411 else if (hu->proto->oper_speed)
412 speed = hu->proto->oper_speed;
413 else
414 speed = 0;
415
416 if (hu->proto->set_baudrate && speed) {
417 err = hu->proto->set_baudrate(hu, speed);
418 if (!err)
419 hci_uart_set_baudrate(hu, speed);
420 }
421
422 if (hu->proto->setup)
423 return hu->proto->setup(hu);
424
425 if (!test_bit(HCI_UART_VND_DETECT, &hu->hdev_flags))
426 return 0;
427
428 skb = __hci_cmd_sync(hdev, HCI_OP_READ_LOCAL_VERSION, 0, NULL,
429 HCI_INIT_TIMEOUT);
430 if (IS_ERR(skb)) {
431 BT_ERR("%s: Reading local version information failed (%ld)",
432 hdev->name, PTR_ERR(skb));
433 return 0;
434 }
435
436 if (skb->len != sizeof(*ver)) {
437 BT_ERR("%s: Event length mismatch for version information",
438 hdev->name);
439 goto done;
440 }
441
442 ver = (struct hci_rp_read_local_version *)skb->data;
443
444 switch (le16_to_cpu(ver->manufacturer)) {
445#ifdef CONFIG_BT_HCIUART_INTEL
446 case 2:
447 hdev->set_bdaddr = btintel_set_bdaddr;
448 btintel_check_bdaddr(hdev);
449 break;
450#endif
451#ifdef CONFIG_BT_HCIUART_BCM
452 case 15:
453 hdev->set_bdaddr = btbcm_set_bdaddr;
454 btbcm_check_bdaddr(hdev);
455 break;
456#endif
457 default:
458 break;
459 }
460
461done:
462 kfree_skb(skb);
463 return 0;
464}
465
466/* ------ LDISC part ------ */
467/* hci_uart_tty_open
468 *
469 * Called when line discipline changed to HCI_UART.
470 *
471 * Arguments:
472 * tty pointer to tty info structure
473 * Return Value:
474 * 0 if success, otherwise error code
475 */
476static int hci_uart_tty_open(struct tty_struct *tty)
477{
478 struct hci_uart *hu;
479
480 BT_DBG("tty %p", tty);
481
482 if (!capable(CAP_NET_ADMIN))
483 return -EPERM;
484
485 /* Error if the tty has no write op instead of leaving an exploitable
486 * hole
487 */
488 if (tty->ops->write == NULL)
489 return -EOPNOTSUPP;
490
491 hu = kzalloc(sizeof(struct hci_uart), GFP_KERNEL);
492 if (!hu) {
493 BT_ERR("Can't allocate control structure");
494 return -ENFILE;
495 }
496 if (percpu_init_rwsem(&hu->proto_lock)) {
497 BT_ERR("Can't allocate semaphore structure");
498 kfree(hu);
499 return -ENOMEM;
500 }
501
502 tty->disc_data = hu;
503 hu->tty = tty;
504 tty->receive_room = 65536;
505
506 /* disable alignment support by default */
507 hu->alignment = 1;
508 hu->padding = 0;
509
510 INIT_WORK(&hu->init_ready, hci_uart_init_work);
511 INIT_WORK(&hu->write_work, hci_uart_write_work);
512
513 /* Flush any pending characters in the driver */
514 tty_driver_flush_buffer(tty);
515
516 return 0;
517}
518
519/* hci_uart_tty_close()
520 *
521 * Called when the line discipline is changed to something
522 * else, the tty is closed, or the tty detects a hangup.
523 */
524static void hci_uart_tty_close(struct tty_struct *tty)
525{
526 struct hci_uart *hu = tty->disc_data;
527 struct hci_dev *hdev;
528
529 BT_DBG("tty %p", tty);
530
531 /* Detach from the tty */
532 tty->disc_data = NULL;
533
534 if (!hu)
535 return;
536
537 hdev = hu->hdev;
538 if (hdev)
539 hci_uart_close(hdev);
540
541 if (test_bit(HCI_UART_PROTO_READY, &hu->flags)) {
542 percpu_down_write(&hu->proto_lock);
543 clear_bit(HCI_UART_PROTO_READY, &hu->flags);
544 percpu_up_write(&hu->proto_lock);
545
546 cancel_work_sync(&hu->init_ready);
547 cancel_work_sync(&hu->write_work);
548
549 if (hdev) {
550 if (test_bit(HCI_UART_REGISTERED, &hu->flags))
551 hci_unregister_dev(hdev);
552 hci_free_dev(hdev);
553 }
554 hu->proto->close(hu);
555 }
556 clear_bit(HCI_UART_PROTO_SET, &hu->flags);
557
558 percpu_free_rwsem(&hu->proto_lock);
559
560 kfree(hu);
561}
562
563/* hci_uart_tty_wakeup()
564 *
565 * Callback for transmit wakeup. Called when low level
566 * device driver can accept more send data.
567 *
568 * Arguments: tty pointer to associated tty instance data
569 * Return Value: None
570 */
571static void hci_uart_tty_wakeup(struct tty_struct *tty)
572{
573 struct hci_uart *hu = tty->disc_data;
574
575 BT_DBG("");
576
577 if (!hu)
578 return;
579
580 clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
581
582 if (tty != hu->tty)
583 return;
584
585 if (test_bit(HCI_UART_PROTO_READY, &hu->flags))
586 hci_uart_tx_wakeup(hu);
587}
588
589/* hci_uart_tty_receive()
590 *
591 * Called by tty low level driver when receive data is
592 * available.
593 *
594 * Arguments: tty pointer to tty isntance data
595 * data pointer to received data
596 * flags pointer to flags for data
597 * count count of received data in bytes
598 *
599 * Return Value: None
600 */
601static void hci_uart_tty_receive(struct tty_struct *tty, const u8 *data,
602 const char *flags, int count)
603{
604 struct hci_uart *hu = tty->disc_data;
605
606 if (!hu || tty != hu->tty)
607 return;
608
609 percpu_down_read(&hu->proto_lock);
610
611 if (!test_bit(HCI_UART_PROTO_READY, &hu->flags)) {
612 percpu_up_read(&hu->proto_lock);
613 return;
614 }
615
616 /* It does not need a lock here as it is already protected by a mutex in
617 * tty caller
618 */
619 hu->proto->recv(hu, data, count);
620 percpu_up_read(&hu->proto_lock);
621
622 if (hu->hdev)
623 hu->hdev->stat.byte_rx += count;
624
625 tty_unthrottle(tty);
626}
627
628static int hci_uart_register_dev(struct hci_uart *hu)
629{
630 struct hci_dev *hdev;
631 int err;
632
633 BT_DBG("");
634
635 /* Initialize and register HCI device */
636 hdev = hci_alloc_dev();
637 if (!hdev) {
638 BT_ERR("Can't allocate HCI device");
639 return -ENOMEM;
640 }
641
642 hu->hdev = hdev;
643
644 hdev->bus = HCI_UART;
645 hci_set_drvdata(hdev, hu);
646
647 /* Only when vendor specific setup callback is provided, consider
648 * the manufacturer information valid. This avoids filling in the
649 * value for Ericsson when nothing is specified.
650 */
651 if (hu->proto->setup)
652 hdev->manufacturer = hu->proto->manufacturer;
653
654 hdev->open = hci_uart_open;
655 hdev->close = hci_uart_close;
656 hdev->flush = hci_uart_flush;
657 hdev->send = hci_uart_send_frame;
658 hdev->setup = hci_uart_setup;
659 SET_HCIDEV_DEV(hdev, hu->tty->dev);
660
661 if (test_bit(HCI_UART_RAW_DEVICE, &hu->hdev_flags))
662 set_bit(HCI_QUIRK_RAW_DEVICE, &hdev->quirks);
663
664 if (test_bit(HCI_UART_EXT_CONFIG, &hu->hdev_flags))
665 set_bit(HCI_QUIRK_EXTERNAL_CONFIG, &hdev->quirks);
666
667 if (!test_bit(HCI_UART_RESET_ON_INIT, &hu->hdev_flags))
668 set_bit(HCI_QUIRK_RESET_ON_CLOSE, &hdev->quirks);
669
670 if (test_bit(HCI_UART_CREATE_AMP, &hu->hdev_flags))
671 hdev->dev_type = HCI_AMP;
672 else
673 hdev->dev_type = HCI_PRIMARY;
674
675 /* Only call open() for the protocol after hdev is fully initialized as
676 * open() (or a timer/workqueue it starts) may attempt to reference it.
677 */
678 err = hu->proto->open(hu);
679 if (err) {
680 hu->hdev = NULL;
681 hci_free_dev(hdev);
682 return err;
683 }
684
685 if (test_bit(HCI_UART_INIT_PENDING, &hu->hdev_flags))
686 return 0;
687
688 if (hci_register_dev(hdev) < 0) {
689 BT_ERR("Can't register HCI device");
690 hu->proto->close(hu);
691 hu->hdev = NULL;
692 hci_free_dev(hdev);
693 return -ENODEV;
694 }
695
696 set_bit(HCI_UART_REGISTERED, &hu->flags);
697
698 return 0;
699}
700
701static int hci_uart_set_proto(struct hci_uart *hu, int id)
702{
703 const struct hci_uart_proto *p;
704 int err;
705
706 p = hci_uart_get_proto(id);
707 if (!p)
708 return -EPROTONOSUPPORT;
709
710 hu->proto = p;
711
712 err = hci_uart_register_dev(hu);
713 if (err) {
714 return err;
715 }
716
717 set_bit(HCI_UART_PROTO_READY, &hu->flags);
718 return 0;
719}
720
721static int hci_uart_set_flags(struct hci_uart *hu, unsigned long flags)
722{
723 unsigned long valid_flags = BIT(HCI_UART_RAW_DEVICE) |
724 BIT(HCI_UART_RESET_ON_INIT) |
725 BIT(HCI_UART_CREATE_AMP) |
726 BIT(HCI_UART_INIT_PENDING) |
727 BIT(HCI_UART_EXT_CONFIG) |
728 BIT(HCI_UART_VND_DETECT);
729
730 if (flags & ~valid_flags)
731 return -EINVAL;
732
733 hu->hdev_flags = flags;
734
735 return 0;
736}
737
738/* hci_uart_tty_ioctl()
739 *
740 * Process IOCTL system call for the tty device.
741 *
742 * Arguments:
743 *
744 * tty pointer to tty instance data
745 * cmd IOCTL command code
746 * arg argument for IOCTL call (cmd dependent)
747 *
748 * Return Value: Command dependent
749 */
750static int hci_uart_tty_ioctl(struct tty_struct *tty, unsigned int cmd,
751 unsigned long arg)
752{
753 struct hci_uart *hu = tty->disc_data;
754 int err = 0;
755
756 BT_DBG("");
757
758 /* Verify the status of the device */
759 if (!hu)
760 return -EBADF;
761
762 switch (cmd) {
763 case HCIUARTSETPROTO:
764 if (!test_and_set_bit(HCI_UART_PROTO_SET, &hu->flags)) {
765 err = hci_uart_set_proto(hu, arg);
766 if (err)
767 clear_bit(HCI_UART_PROTO_SET, &hu->flags);
768 } else
769 err = -EBUSY;
770 break;
771
772 case HCIUARTGETPROTO:
773 if (test_bit(HCI_UART_PROTO_SET, &hu->flags))
774 err = hu->proto->id;
775 else
776 err = -EUNATCH;
777 break;
778
779 case HCIUARTGETDEVICE:
780 if (test_bit(HCI_UART_REGISTERED, &hu->flags))
781 err = hu->hdev->id;
782 else
783 err = -EUNATCH;
784 break;
785
786 case HCIUARTSETFLAGS:
787 if (test_bit(HCI_UART_PROTO_SET, &hu->flags))
788 err = -EBUSY;
789 else
790 err = hci_uart_set_flags(hu, arg);
791 break;
792
793 case HCIUARTGETFLAGS:
794 err = hu->hdev_flags;
795 break;
796
797 default:
798 err = n_tty_ioctl_helper(tty, cmd, arg);
799 break;
800 }
801
802 return err;
803}
804
805/*
806 * We don't provide read/write/poll interface for user space.
807 */
808static ssize_t hci_uart_tty_read(struct tty_struct *tty, struct file *file,
809 unsigned char *buf, size_t nr,
810 void **cookie, unsigned long offset)
811{
812 return 0;
813}
814
815static ssize_t hci_uart_tty_write(struct tty_struct *tty, struct file *file,
816 const unsigned char *data, size_t count)
817{
818 return 0;
819}
820
821static __poll_t hci_uart_tty_poll(struct tty_struct *tty,
822 struct file *filp, poll_table *wait)
823{
824 return 0;
825}
826
827static struct tty_ldisc_ops hci_uart_ldisc = {
828 .owner = THIS_MODULE,
829 .num = N_HCI,
830 .name = "n_hci",
831 .open = hci_uart_tty_open,
832 .close = hci_uart_tty_close,
833 .read = hci_uart_tty_read,
834 .write = hci_uart_tty_write,
835 .ioctl = hci_uart_tty_ioctl,
836 .compat_ioctl = hci_uart_tty_ioctl,
837 .poll = hci_uart_tty_poll,
838 .receive_buf = hci_uart_tty_receive,
839 .write_wakeup = hci_uart_tty_wakeup,
840};
841
842static int __init hci_uart_init(void)
843{
844 int err;
845
846 BT_INFO("HCI UART driver ver %s", VERSION);
847
848 /* Register the tty discipline */
849 err = tty_register_ldisc(&hci_uart_ldisc);
850 if (err) {
851 BT_ERR("HCI line discipline registration failed. (%d)", err);
852 return err;
853 }
854
855#ifdef CONFIG_BT_HCIUART_H4
856 h4_init();
857#endif
858#ifdef CONFIG_BT_HCIUART_BCSP
859 bcsp_init();
860#endif
861#ifdef CONFIG_BT_HCIUART_LL
862 ll_init();
863#endif
864#ifdef CONFIG_BT_HCIUART_ATH3K
865 ath_init();
866#endif
867#ifdef CONFIG_BT_HCIUART_3WIRE
868 h5_init();
869#endif
870#ifdef CONFIG_BT_HCIUART_INTEL
871 intel_init();
872#endif
873#ifdef CONFIG_BT_HCIUART_BCM
874 bcm_init();
875#endif
876#ifdef CONFIG_BT_HCIUART_QCA
877 qca_init();
878#endif
879#ifdef CONFIG_BT_HCIUART_AG6XX
880 ag6xx_init();
881#endif
882#ifdef CONFIG_BT_HCIUART_MRVL
883 mrvl_init();
884#endif
885
886 return 0;
887}
888
889static void __exit hci_uart_exit(void)
890{
891#ifdef CONFIG_BT_HCIUART_H4
892 h4_deinit();
893#endif
894#ifdef CONFIG_BT_HCIUART_BCSP
895 bcsp_deinit();
896#endif
897#ifdef CONFIG_BT_HCIUART_LL
898 ll_deinit();
899#endif
900#ifdef CONFIG_BT_HCIUART_ATH3K
901 ath_deinit();
902#endif
903#ifdef CONFIG_BT_HCIUART_3WIRE
904 h5_deinit();
905#endif
906#ifdef CONFIG_BT_HCIUART_INTEL
907 intel_deinit();
908#endif
909#ifdef CONFIG_BT_HCIUART_BCM
910 bcm_deinit();
911#endif
912#ifdef CONFIG_BT_HCIUART_QCA
913 qca_deinit();
914#endif
915#ifdef CONFIG_BT_HCIUART_AG6XX
916 ag6xx_deinit();
917#endif
918#ifdef CONFIG_BT_HCIUART_MRVL
919 mrvl_deinit();
920#endif
921
922 tty_unregister_ldisc(&hci_uart_ldisc);
923}
924
925module_init(hci_uart_init);
926module_exit(hci_uart_exit);
927
928MODULE_AUTHOR("Marcel Holtmann <marcel@holtmann.org>");
929MODULE_DESCRIPTION("Bluetooth HCI UART driver ver " VERSION);
930MODULE_VERSION(VERSION);
931MODULE_LICENSE("GPL");
932MODULE_ALIAS_LDISC(N_HCI);
1// SPDX-License-Identifier: GPL-2.0-or-later
2/*
3 *
4 * Bluetooth HCI UART driver
5 *
6 * Copyright (C) 2000-2001 Qualcomm Incorporated
7 * Copyright (C) 2002-2003 Maxim Krasnyansky <maxk@qualcomm.com>
8 * Copyright (C) 2004-2005 Marcel Holtmann <marcel@holtmann.org>
9 */
10
11#include <linux/module.h>
12
13#include <linux/kernel.h>
14#include <linux/init.h>
15#include <linux/types.h>
16#include <linux/fcntl.h>
17#include <linux/interrupt.h>
18#include <linux/ptrace.h>
19#include <linux/poll.h>
20
21#include <linux/slab.h>
22#include <linux/tty.h>
23#include <linux/errno.h>
24#include <linux/string.h>
25#include <linux/signal.h>
26#include <linux/ioctl.h>
27#include <linux/skbuff.h>
28#include <linux/firmware.h>
29#include <linux/serdev.h>
30
31#include <net/bluetooth/bluetooth.h>
32#include <net/bluetooth/hci_core.h>
33
34#include "btintel.h"
35#include "btbcm.h"
36#include "hci_uart.h"
37
38#define VERSION "2.3"
39
40static const struct hci_uart_proto *hup[HCI_UART_MAX_PROTO];
41
42int hci_uart_register_proto(const struct hci_uart_proto *p)
43{
44 if (p->id >= HCI_UART_MAX_PROTO)
45 return -EINVAL;
46
47 if (hup[p->id])
48 return -EEXIST;
49
50 hup[p->id] = p;
51
52 BT_INFO("HCI UART protocol %s registered", p->name);
53
54 return 0;
55}
56
57int hci_uart_unregister_proto(const struct hci_uart_proto *p)
58{
59 if (p->id >= HCI_UART_MAX_PROTO)
60 return -EINVAL;
61
62 if (!hup[p->id])
63 return -EINVAL;
64
65 hup[p->id] = NULL;
66
67 return 0;
68}
69
70static const struct hci_uart_proto *hci_uart_get_proto(unsigned int id)
71{
72 if (id >= HCI_UART_MAX_PROTO)
73 return NULL;
74
75 return hup[id];
76}
77
78static inline void hci_uart_tx_complete(struct hci_uart *hu, int pkt_type)
79{
80 struct hci_dev *hdev = hu->hdev;
81
82 /* Update HCI stat counters */
83 switch (pkt_type) {
84 case HCI_COMMAND_PKT:
85 hdev->stat.cmd_tx++;
86 break;
87
88 case HCI_ACLDATA_PKT:
89 hdev->stat.acl_tx++;
90 break;
91
92 case HCI_SCODATA_PKT:
93 hdev->stat.sco_tx++;
94 break;
95 }
96}
97
98static inline struct sk_buff *hci_uart_dequeue(struct hci_uart *hu)
99{
100 struct sk_buff *skb = hu->tx_skb;
101
102 if (!skb) {
103 percpu_down_read(&hu->proto_lock);
104
105 if (test_bit(HCI_UART_PROTO_READY, &hu->flags))
106 skb = hu->proto->dequeue(hu);
107
108 percpu_up_read(&hu->proto_lock);
109 } else {
110 hu->tx_skb = NULL;
111 }
112
113 return skb;
114}
115
116int hci_uart_tx_wakeup(struct hci_uart *hu)
117{
118 /* This may be called in an IRQ context, so we can't sleep. Therefore
119 * we try to acquire the lock only, and if that fails we assume the
120 * tty is being closed because that is the only time the write lock is
121 * acquired. If, however, at some point in the future the write lock
122 * is also acquired in other situations, then this must be revisited.
123 */
124 if (!percpu_down_read_trylock(&hu->proto_lock))
125 return 0;
126
127 if (!test_bit(HCI_UART_PROTO_READY, &hu->flags))
128 goto no_schedule;
129
130 set_bit(HCI_UART_TX_WAKEUP, &hu->tx_state);
131 if (test_and_set_bit(HCI_UART_SENDING, &hu->tx_state))
132 goto no_schedule;
133
134 BT_DBG("");
135
136 schedule_work(&hu->write_work);
137
138no_schedule:
139 percpu_up_read(&hu->proto_lock);
140
141 return 0;
142}
143EXPORT_SYMBOL_GPL(hci_uart_tx_wakeup);
144
145static void hci_uart_write_work(struct work_struct *work)
146{
147 struct hci_uart *hu = container_of(work, struct hci_uart, write_work);
148 struct tty_struct *tty = hu->tty;
149 struct hci_dev *hdev = hu->hdev;
150 struct sk_buff *skb;
151
152 /* REVISIT: should we cope with bad skbs or ->write() returning
153 * and error value ?
154 */
155
156restart:
157 clear_bit(HCI_UART_TX_WAKEUP, &hu->tx_state);
158
159 while ((skb = hci_uart_dequeue(hu))) {
160 int len;
161
162 set_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
163 len = tty->ops->write(tty, skb->data, skb->len);
164 hdev->stat.byte_tx += len;
165
166 skb_pull(skb, len);
167 if (skb->len) {
168 hu->tx_skb = skb;
169 break;
170 }
171
172 hci_uart_tx_complete(hu, hci_skb_pkt_type(skb));
173 kfree_skb(skb);
174 }
175
176 clear_bit(HCI_UART_SENDING, &hu->tx_state);
177 if (test_bit(HCI_UART_TX_WAKEUP, &hu->tx_state))
178 goto restart;
179
180 wake_up_bit(&hu->tx_state, HCI_UART_SENDING);
181}
182
183void hci_uart_init_work(struct work_struct *work)
184{
185 struct hci_uart *hu = container_of(work, struct hci_uart, init_ready);
186 int err;
187 struct hci_dev *hdev;
188
189 if (!test_and_clear_bit(HCI_UART_INIT_PENDING, &hu->hdev_flags))
190 return;
191
192 err = hci_register_dev(hu->hdev);
193 if (err < 0) {
194 BT_ERR("Can't register HCI device");
195 clear_bit(HCI_UART_PROTO_READY, &hu->flags);
196 hu->proto->close(hu);
197 hdev = hu->hdev;
198 hu->hdev = NULL;
199 hci_free_dev(hdev);
200 return;
201 }
202
203 set_bit(HCI_UART_REGISTERED, &hu->flags);
204}
205
206int hci_uart_init_ready(struct hci_uart *hu)
207{
208 if (!test_bit(HCI_UART_INIT_PENDING, &hu->hdev_flags))
209 return -EALREADY;
210
211 schedule_work(&hu->init_ready);
212
213 return 0;
214}
215
216int hci_uart_wait_until_sent(struct hci_uart *hu)
217{
218 return wait_on_bit_timeout(&hu->tx_state, HCI_UART_SENDING,
219 TASK_INTERRUPTIBLE,
220 msecs_to_jiffies(2000));
221}
222
223/* ------- Interface to HCI layer ------ */
224/* Reset device */
225static int hci_uart_flush(struct hci_dev *hdev)
226{
227 struct hci_uart *hu = hci_get_drvdata(hdev);
228 struct tty_struct *tty = hu->tty;
229
230 BT_DBG("hdev %p tty %p", hdev, tty);
231
232 if (hu->tx_skb) {
233 kfree_skb(hu->tx_skb); hu->tx_skb = NULL;
234 }
235
236 /* Flush any pending characters in the driver and discipline. */
237 tty_ldisc_flush(tty);
238 tty_driver_flush_buffer(tty);
239
240 percpu_down_read(&hu->proto_lock);
241
242 if (test_bit(HCI_UART_PROTO_READY, &hu->flags))
243 hu->proto->flush(hu);
244
245 percpu_up_read(&hu->proto_lock);
246
247 return 0;
248}
249
250/* Initialize device */
251static int hci_uart_open(struct hci_dev *hdev)
252{
253 BT_DBG("%s %p", hdev->name, hdev);
254
255 /* Undo clearing this from hci_uart_close() */
256 hdev->flush = hci_uart_flush;
257
258 return 0;
259}
260
261/* Close device */
262static int hci_uart_close(struct hci_dev *hdev)
263{
264 BT_DBG("hdev %p", hdev);
265
266 hci_uart_flush(hdev);
267 hdev->flush = NULL;
268 return 0;
269}
270
271/* Send frames from HCI layer */
272static int hci_uart_send_frame(struct hci_dev *hdev, struct sk_buff *skb)
273{
274 struct hci_uart *hu = hci_get_drvdata(hdev);
275
276 BT_DBG("%s: type %d len %d", hdev->name, hci_skb_pkt_type(skb),
277 skb->len);
278
279 percpu_down_read(&hu->proto_lock);
280
281 if (!test_bit(HCI_UART_PROTO_READY, &hu->flags)) {
282 percpu_up_read(&hu->proto_lock);
283 return -EUNATCH;
284 }
285
286 hu->proto->enqueue(hu, skb);
287 percpu_up_read(&hu->proto_lock);
288
289 hci_uart_tx_wakeup(hu);
290
291 return 0;
292}
293
294/* Check the underlying device or tty has flow control support */
295bool hci_uart_has_flow_control(struct hci_uart *hu)
296{
297 /* serdev nodes check if the needed operations are present */
298 if (hu->serdev)
299 return true;
300
301 if (hu->tty->driver->ops->tiocmget && hu->tty->driver->ops->tiocmset)
302 return true;
303
304 return false;
305}
306
307/* Flow control or un-flow control the device */
308void hci_uart_set_flow_control(struct hci_uart *hu, bool enable)
309{
310 struct tty_struct *tty = hu->tty;
311 struct ktermios ktermios;
312 int status;
313 unsigned int set = 0;
314 unsigned int clear = 0;
315
316 if (hu->serdev) {
317 serdev_device_set_flow_control(hu->serdev, !enable);
318 serdev_device_set_rts(hu->serdev, !enable);
319 return;
320 }
321
322 if (enable) {
323 /* Disable hardware flow control */
324 ktermios = tty->termios;
325 ktermios.c_cflag &= ~CRTSCTS;
326 tty_set_termios(tty, &ktermios);
327 BT_DBG("Disabling hardware flow control: %s",
328 (tty->termios.c_cflag & CRTSCTS) ? "failed" : "success");
329
330 /* Clear RTS to prevent the device from sending */
331 /* Most UARTs need OUT2 to enable interrupts */
332 status = tty->driver->ops->tiocmget(tty);
333 BT_DBG("Current tiocm 0x%x", status);
334
335 set &= ~(TIOCM_OUT2 | TIOCM_RTS);
336 clear = ~set;
337 set &= TIOCM_DTR | TIOCM_RTS | TIOCM_OUT1 |
338 TIOCM_OUT2 | TIOCM_LOOP;
339 clear &= TIOCM_DTR | TIOCM_RTS | TIOCM_OUT1 |
340 TIOCM_OUT2 | TIOCM_LOOP;
341 status = tty->driver->ops->tiocmset(tty, set, clear);
342 BT_DBG("Clearing RTS: %s", status ? "failed" : "success");
343 } else {
344 /* Set RTS to allow the device to send again */
345 status = tty->driver->ops->tiocmget(tty);
346 BT_DBG("Current tiocm 0x%x", status);
347
348 set |= (TIOCM_OUT2 | TIOCM_RTS);
349 clear = ~set;
350 set &= TIOCM_DTR | TIOCM_RTS | TIOCM_OUT1 |
351 TIOCM_OUT2 | TIOCM_LOOP;
352 clear &= TIOCM_DTR | TIOCM_RTS | TIOCM_OUT1 |
353 TIOCM_OUT2 | TIOCM_LOOP;
354 status = tty->driver->ops->tiocmset(tty, set, clear);
355 BT_DBG("Setting RTS: %s", status ? "failed" : "success");
356
357 /* Re-enable hardware flow control */
358 ktermios = tty->termios;
359 ktermios.c_cflag |= CRTSCTS;
360 tty_set_termios(tty, &ktermios);
361 BT_DBG("Enabling hardware flow control: %s",
362 !(tty->termios.c_cflag & CRTSCTS) ? "failed" : "success");
363 }
364}
365
366void hci_uart_set_speeds(struct hci_uart *hu, unsigned int init_speed,
367 unsigned int oper_speed)
368{
369 hu->init_speed = init_speed;
370 hu->oper_speed = oper_speed;
371}
372
373void hci_uart_set_baudrate(struct hci_uart *hu, unsigned int speed)
374{
375 struct tty_struct *tty = hu->tty;
376 struct ktermios ktermios;
377
378 ktermios = tty->termios;
379 ktermios.c_cflag &= ~CBAUD;
380 tty_termios_encode_baud_rate(&ktermios, speed, speed);
381
382 /* tty_set_termios() return not checked as it is always 0 */
383 tty_set_termios(tty, &ktermios);
384
385 BT_DBG("%s: New tty speeds: %d/%d", hu->hdev->name,
386 tty->termios.c_ispeed, tty->termios.c_ospeed);
387}
388
389static int hci_uart_setup(struct hci_dev *hdev)
390{
391 struct hci_uart *hu = hci_get_drvdata(hdev);
392 struct hci_rp_read_local_version *ver;
393 struct sk_buff *skb;
394 unsigned int speed;
395 int err;
396
397 /* Init speed if any */
398 if (hu->init_speed)
399 speed = hu->init_speed;
400 else if (hu->proto->init_speed)
401 speed = hu->proto->init_speed;
402 else
403 speed = 0;
404
405 if (speed)
406 hci_uart_set_baudrate(hu, speed);
407
408 /* Operational speed if any */
409 if (hu->oper_speed)
410 speed = hu->oper_speed;
411 else if (hu->proto->oper_speed)
412 speed = hu->proto->oper_speed;
413 else
414 speed = 0;
415
416 if (hu->proto->set_baudrate && speed) {
417 err = hu->proto->set_baudrate(hu, speed);
418 if (!err)
419 hci_uart_set_baudrate(hu, speed);
420 }
421
422 if (hu->proto->setup)
423 return hu->proto->setup(hu);
424
425 if (!test_bit(HCI_UART_VND_DETECT, &hu->hdev_flags))
426 return 0;
427
428 skb = __hci_cmd_sync(hdev, HCI_OP_READ_LOCAL_VERSION, 0, NULL,
429 HCI_INIT_TIMEOUT);
430 if (IS_ERR(skb)) {
431 BT_ERR("%s: Reading local version information failed (%ld)",
432 hdev->name, PTR_ERR(skb));
433 return 0;
434 }
435
436 if (skb->len != sizeof(*ver)) {
437 BT_ERR("%s: Event length mismatch for version information",
438 hdev->name);
439 goto done;
440 }
441
442 ver = (struct hci_rp_read_local_version *)skb->data;
443
444 switch (le16_to_cpu(ver->manufacturer)) {
445#ifdef CONFIG_BT_HCIUART_INTEL
446 case 2:
447 hdev->set_bdaddr = btintel_set_bdaddr;
448 btintel_check_bdaddr(hdev);
449 break;
450#endif
451#ifdef CONFIG_BT_HCIUART_BCM
452 case 15:
453 hdev->set_bdaddr = btbcm_set_bdaddr;
454 btbcm_check_bdaddr(hdev);
455 break;
456#endif
457 default:
458 break;
459 }
460
461done:
462 kfree_skb(skb);
463 return 0;
464}
465
466/* ------ LDISC part ------ */
467/* hci_uart_tty_open
468 *
469 * Called when line discipline changed to HCI_UART.
470 *
471 * Arguments:
472 * tty pointer to tty info structure
473 * Return Value:
474 * 0 if success, otherwise error code
475 */
476static int hci_uart_tty_open(struct tty_struct *tty)
477{
478 struct hci_uart *hu;
479
480 BT_DBG("tty %p", tty);
481
482 if (!capable(CAP_NET_ADMIN))
483 return -EPERM;
484
485 /* Error if the tty has no write op instead of leaving an exploitable
486 * hole
487 */
488 if (tty->ops->write == NULL)
489 return -EOPNOTSUPP;
490
491 hu = kzalloc(sizeof(*hu), GFP_KERNEL);
492 if (!hu) {
493 BT_ERR("Can't allocate control structure");
494 return -ENFILE;
495 }
496 if (percpu_init_rwsem(&hu->proto_lock)) {
497 BT_ERR("Can't allocate semaphore structure");
498 kfree(hu);
499 return -ENOMEM;
500 }
501
502 tty->disc_data = hu;
503 hu->tty = tty;
504 tty->receive_room = 65536;
505
506 /* disable alignment support by default */
507 hu->alignment = 1;
508 hu->padding = 0;
509
510 /* Use serial port speed as oper_speed */
511 hu->oper_speed = tty->termios.c_ospeed;
512
513 INIT_WORK(&hu->init_ready, hci_uart_init_work);
514 INIT_WORK(&hu->write_work, hci_uart_write_work);
515
516 /* Flush any pending characters in the driver */
517 tty_driver_flush_buffer(tty);
518
519 return 0;
520}
521
522/* hci_uart_tty_close()
523 *
524 * Called when the line discipline is changed to something
525 * else, the tty is closed, or the tty detects a hangup.
526 */
527static void hci_uart_tty_close(struct tty_struct *tty)
528{
529 struct hci_uart *hu = tty->disc_data;
530 struct hci_dev *hdev;
531
532 BT_DBG("tty %p", tty);
533
534 /* Detach from the tty */
535 tty->disc_data = NULL;
536
537 if (!hu)
538 return;
539
540 hdev = hu->hdev;
541 if (hdev)
542 hci_uart_close(hdev);
543
544 if (test_bit(HCI_UART_PROTO_READY, &hu->flags)) {
545 percpu_down_write(&hu->proto_lock);
546 clear_bit(HCI_UART_PROTO_READY, &hu->flags);
547 percpu_up_write(&hu->proto_lock);
548
549 cancel_work_sync(&hu->init_ready);
550 cancel_work_sync(&hu->write_work);
551
552 if (hdev) {
553 if (test_bit(HCI_UART_REGISTERED, &hu->flags))
554 hci_unregister_dev(hdev);
555 hci_free_dev(hdev);
556 }
557 hu->proto->close(hu);
558 }
559 clear_bit(HCI_UART_PROTO_SET, &hu->flags);
560
561 percpu_free_rwsem(&hu->proto_lock);
562
563 kfree(hu);
564}
565
566/* hci_uart_tty_wakeup()
567 *
568 * Callback for transmit wakeup. Called when low level
569 * device driver can accept more send data.
570 *
571 * Arguments: tty pointer to associated tty instance data
572 * Return Value: None
573 */
574static void hci_uart_tty_wakeup(struct tty_struct *tty)
575{
576 struct hci_uart *hu = tty->disc_data;
577
578 BT_DBG("");
579
580 if (!hu)
581 return;
582
583 clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
584
585 if (tty != hu->tty)
586 return;
587
588 if (test_bit(HCI_UART_PROTO_READY, &hu->flags))
589 hci_uart_tx_wakeup(hu);
590}
591
592/* hci_uart_tty_receive()
593 *
594 * Called by tty low level driver when receive data is
595 * available.
596 *
597 * Arguments: tty pointer to tty instance data
598 * data pointer to received data
599 * flags pointer to flags for data
600 * count count of received data in bytes
601 *
602 * Return Value: None
603 */
604static void hci_uart_tty_receive(struct tty_struct *tty, const u8 *data,
605 const u8 *flags, size_t count)
606{
607 struct hci_uart *hu = tty->disc_data;
608
609 if (!hu || tty != hu->tty)
610 return;
611
612 percpu_down_read(&hu->proto_lock);
613
614 if (!test_bit(HCI_UART_PROTO_READY, &hu->flags)) {
615 percpu_up_read(&hu->proto_lock);
616 return;
617 }
618
619 /* It does not need a lock here as it is already protected by a mutex in
620 * tty caller
621 */
622 hu->proto->recv(hu, data, count);
623 percpu_up_read(&hu->proto_lock);
624
625 if (hu->hdev)
626 hu->hdev->stat.byte_rx += count;
627
628 tty_unthrottle(tty);
629}
630
631static int hci_uart_register_dev(struct hci_uart *hu)
632{
633 struct hci_dev *hdev;
634 int err;
635
636 BT_DBG("");
637
638 /* Initialize and register HCI device */
639 hdev = hci_alloc_dev();
640 if (!hdev) {
641 BT_ERR("Can't allocate HCI device");
642 return -ENOMEM;
643 }
644
645 hu->hdev = hdev;
646
647 hdev->bus = HCI_UART;
648 hci_set_drvdata(hdev, hu);
649
650 /* Only when vendor specific setup callback is provided, consider
651 * the manufacturer information valid. This avoids filling in the
652 * value for Ericsson when nothing is specified.
653 */
654 if (hu->proto->setup)
655 hdev->manufacturer = hu->proto->manufacturer;
656
657 hdev->open = hci_uart_open;
658 hdev->close = hci_uart_close;
659 hdev->flush = hci_uart_flush;
660 hdev->send = hci_uart_send_frame;
661 hdev->setup = hci_uart_setup;
662 SET_HCIDEV_DEV(hdev, hu->tty->dev);
663
664 if (test_bit(HCI_UART_RAW_DEVICE, &hu->hdev_flags))
665 set_bit(HCI_QUIRK_RAW_DEVICE, &hdev->quirks);
666
667 if (test_bit(HCI_UART_EXT_CONFIG, &hu->hdev_flags))
668 set_bit(HCI_QUIRK_EXTERNAL_CONFIG, &hdev->quirks);
669
670 if (!test_bit(HCI_UART_RESET_ON_INIT, &hu->hdev_flags))
671 set_bit(HCI_QUIRK_RESET_ON_CLOSE, &hdev->quirks);
672
673 /* Only call open() for the protocol after hdev is fully initialized as
674 * open() (or a timer/workqueue it starts) may attempt to reference it.
675 */
676 err = hu->proto->open(hu);
677 if (err) {
678 hu->hdev = NULL;
679 hci_free_dev(hdev);
680 return err;
681 }
682
683 if (test_bit(HCI_UART_INIT_PENDING, &hu->hdev_flags))
684 return 0;
685
686 if (hci_register_dev(hdev) < 0) {
687 BT_ERR("Can't register HCI device");
688 hu->proto->close(hu);
689 hu->hdev = NULL;
690 hci_free_dev(hdev);
691 return -ENODEV;
692 }
693
694 set_bit(HCI_UART_REGISTERED, &hu->flags);
695
696 return 0;
697}
698
699static int hci_uart_set_proto(struct hci_uart *hu, int id)
700{
701 const struct hci_uart_proto *p;
702 int err;
703
704 p = hci_uart_get_proto(id);
705 if (!p)
706 return -EPROTONOSUPPORT;
707
708 hu->proto = p;
709
710 err = hci_uart_register_dev(hu);
711 if (err) {
712 return err;
713 }
714
715 set_bit(HCI_UART_PROTO_READY, &hu->flags);
716 return 0;
717}
718
719static int hci_uart_set_flags(struct hci_uart *hu, unsigned long flags)
720{
721 unsigned long valid_flags = BIT(HCI_UART_RAW_DEVICE) |
722 BIT(HCI_UART_RESET_ON_INIT) |
723 BIT(HCI_UART_INIT_PENDING) |
724 BIT(HCI_UART_EXT_CONFIG) |
725 BIT(HCI_UART_VND_DETECT);
726
727 if (flags & ~valid_flags)
728 return -EINVAL;
729
730 hu->hdev_flags = flags;
731
732 return 0;
733}
734
735/* hci_uart_tty_ioctl()
736 *
737 * Process IOCTL system call for the tty device.
738 *
739 * Arguments:
740 *
741 * tty pointer to tty instance data
742 * cmd IOCTL command code
743 * arg argument for IOCTL call (cmd dependent)
744 *
745 * Return Value: Command dependent
746 */
747static int hci_uart_tty_ioctl(struct tty_struct *tty, unsigned int cmd,
748 unsigned long arg)
749{
750 struct hci_uart *hu = tty->disc_data;
751 int err = 0;
752
753 BT_DBG("");
754
755 /* Verify the status of the device */
756 if (!hu)
757 return -EBADF;
758
759 switch (cmd) {
760 case HCIUARTSETPROTO:
761 if (!test_and_set_bit(HCI_UART_PROTO_SET, &hu->flags)) {
762 err = hci_uart_set_proto(hu, arg);
763 if (err)
764 clear_bit(HCI_UART_PROTO_SET, &hu->flags);
765 } else
766 err = -EBUSY;
767 break;
768
769 case HCIUARTGETPROTO:
770 if (test_bit(HCI_UART_PROTO_SET, &hu->flags) &&
771 test_bit(HCI_UART_PROTO_READY, &hu->flags))
772 err = hu->proto->id;
773 else
774 err = -EUNATCH;
775 break;
776
777 case HCIUARTGETDEVICE:
778 if (test_bit(HCI_UART_REGISTERED, &hu->flags))
779 err = hu->hdev->id;
780 else
781 err = -EUNATCH;
782 break;
783
784 case HCIUARTSETFLAGS:
785 if (test_bit(HCI_UART_PROTO_SET, &hu->flags))
786 err = -EBUSY;
787 else
788 err = hci_uart_set_flags(hu, arg);
789 break;
790
791 case HCIUARTGETFLAGS:
792 err = hu->hdev_flags;
793 break;
794
795 default:
796 err = n_tty_ioctl_helper(tty, cmd, arg);
797 break;
798 }
799
800 return err;
801}
802
803/*
804 * We don't provide read/write/poll interface for user space.
805 */
806static ssize_t hci_uart_tty_read(struct tty_struct *tty, struct file *file,
807 u8 *buf, size_t nr, void **cookie,
808 unsigned long offset)
809{
810 return 0;
811}
812
813static ssize_t hci_uart_tty_write(struct tty_struct *tty, struct file *file,
814 const u8 *data, size_t count)
815{
816 return 0;
817}
818
819static struct tty_ldisc_ops hci_uart_ldisc = {
820 .owner = THIS_MODULE,
821 .num = N_HCI,
822 .name = "n_hci",
823 .open = hci_uart_tty_open,
824 .close = hci_uart_tty_close,
825 .read = hci_uart_tty_read,
826 .write = hci_uart_tty_write,
827 .ioctl = hci_uart_tty_ioctl,
828 .compat_ioctl = hci_uart_tty_ioctl,
829 .receive_buf = hci_uart_tty_receive,
830 .write_wakeup = hci_uart_tty_wakeup,
831};
832
833static int __init hci_uart_init(void)
834{
835 int err;
836
837 BT_INFO("HCI UART driver ver %s", VERSION);
838
839 /* Register the tty discipline */
840 err = tty_register_ldisc(&hci_uart_ldisc);
841 if (err) {
842 BT_ERR("HCI line discipline registration failed. (%d)", err);
843 return err;
844 }
845
846#ifdef CONFIG_BT_HCIUART_H4
847 h4_init();
848#endif
849#ifdef CONFIG_BT_HCIUART_BCSP
850 bcsp_init();
851#endif
852#ifdef CONFIG_BT_HCIUART_LL
853 ll_init();
854#endif
855#ifdef CONFIG_BT_HCIUART_ATH3K
856 ath_init();
857#endif
858#ifdef CONFIG_BT_HCIUART_3WIRE
859 h5_init();
860#endif
861#ifdef CONFIG_BT_HCIUART_INTEL
862 intel_init();
863#endif
864#ifdef CONFIG_BT_HCIUART_BCM
865 bcm_init();
866#endif
867#ifdef CONFIG_BT_HCIUART_QCA
868 qca_init();
869#endif
870#ifdef CONFIG_BT_HCIUART_AG6XX
871 ag6xx_init();
872#endif
873#ifdef CONFIG_BT_HCIUART_MRVL
874 mrvl_init();
875#endif
876#ifdef CONFIG_BT_HCIUART_AML
877 aml_init();
878#endif
879 return 0;
880}
881
882static void __exit hci_uart_exit(void)
883{
884#ifdef CONFIG_BT_HCIUART_H4
885 h4_deinit();
886#endif
887#ifdef CONFIG_BT_HCIUART_BCSP
888 bcsp_deinit();
889#endif
890#ifdef CONFIG_BT_HCIUART_LL
891 ll_deinit();
892#endif
893#ifdef CONFIG_BT_HCIUART_ATH3K
894 ath_deinit();
895#endif
896#ifdef CONFIG_BT_HCIUART_3WIRE
897 h5_deinit();
898#endif
899#ifdef CONFIG_BT_HCIUART_INTEL
900 intel_deinit();
901#endif
902#ifdef CONFIG_BT_HCIUART_BCM
903 bcm_deinit();
904#endif
905#ifdef CONFIG_BT_HCIUART_QCA
906 qca_deinit();
907#endif
908#ifdef CONFIG_BT_HCIUART_AG6XX
909 ag6xx_deinit();
910#endif
911#ifdef CONFIG_BT_HCIUART_MRVL
912 mrvl_deinit();
913#endif
914#ifdef CONFIG_BT_HCIUART_AML
915 aml_deinit();
916#endif
917 tty_unregister_ldisc(&hci_uart_ldisc);
918}
919
920module_init(hci_uart_init);
921module_exit(hci_uart_exit);
922
923MODULE_AUTHOR("Marcel Holtmann <marcel@holtmann.org>");
924MODULE_DESCRIPTION("Bluetooth HCI UART driver ver " VERSION);
925MODULE_VERSION(VERSION);
926MODULE_LICENSE("GPL");
927MODULE_ALIAS_LDISC(N_HCI);