xref: /openbmc/linux/drivers/bluetooth/hci_vhci.c (revision 1f1517fafda598839a02e39968c5063ddcfa51fc)
1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3  *
4  *  Bluetooth virtual HCI driver
5  *
6  *  Copyright (C) 2000-2001  Qualcomm Incorporated
7  *  Copyright (C) 2002-2003  Maxim Krasnyansky <maxk@qualcomm.com>
8  *  Copyright (C) 2004-2006  Marcel Holtmann <marcel@holtmann.org>
9  */
10 
11 #include <linux/module.h>
12 #include <asm/unaligned.h>
13 
14 #include <linux/kernel.h>
15 #include <linux/init.h>
16 #include <linux/slab.h>
17 #include <linux/types.h>
18 #include <linux/errno.h>
19 #include <linux/sched.h>
20 #include <linux/poll.h>
21 
22 #include <linux/skbuff.h>
23 #include <linux/miscdevice.h>
24 #include <linux/debugfs.h>
25 
26 #include <net/bluetooth/bluetooth.h>
27 #include <net/bluetooth/hci_core.h>
28 
29 #define VERSION "1.5"
30 
31 static bool amp;
32 
33 struct vhci_data {
34 	struct hci_dev *hdev;
35 
36 	wait_queue_head_t read_wait;
37 	struct sk_buff_head readq;
38 
39 	struct mutex open_mutex;
40 	struct delayed_work open_timeout;
41 
42 	bool suspended;
43 	bool wakeup;
44 };
45 
46 static int vhci_open_dev(struct hci_dev *hdev)
47 {
48 	return 0;
49 }
50 
51 static int vhci_close_dev(struct hci_dev *hdev)
52 {
53 	struct vhci_data *data = hci_get_drvdata(hdev);
54 
55 	skb_queue_purge(&data->readq);
56 
57 	return 0;
58 }
59 
60 static int vhci_flush(struct hci_dev *hdev)
61 {
62 	struct vhci_data *data = hci_get_drvdata(hdev);
63 
64 	skb_queue_purge(&data->readq);
65 
66 	return 0;
67 }
68 
69 static int vhci_send_frame(struct hci_dev *hdev, struct sk_buff *skb)
70 {
71 	struct vhci_data *data = hci_get_drvdata(hdev);
72 
73 	memcpy(skb_push(skb, 1), &hci_skb_pkt_type(skb), 1);
74 	skb_queue_tail(&data->readq, skb);
75 
76 	wake_up_interruptible(&data->read_wait);
77 	return 0;
78 }
79 
80 static int vhci_get_data_path_id(struct hci_dev *hdev, u8 *data_path_id)
81 {
82 	*data_path_id = 0;
83 	return 0;
84 }
85 
86 static int vhci_get_codec_config_data(struct hci_dev *hdev, __u8 type,
87 				      struct bt_codec *codec, __u8 *vnd_len,
88 				      __u8 **vnd_data)
89 {
90 	if (type != ESCO_LINK)
91 		return -EINVAL;
92 
93 	*vnd_len = 0;
94 	*vnd_data = NULL;
95 	return 0;
96 }
97 
98 static bool vhci_wakeup(struct hci_dev *hdev)
99 {
100 	struct vhci_data *data = hci_get_drvdata(hdev);
101 
102 	return data->wakeup;
103 }
104 
105 static ssize_t force_suspend_read(struct file *file, char __user *user_buf,
106 				  size_t count, loff_t *ppos)
107 {
108 	struct vhci_data *data = file->private_data;
109 	char buf[3];
110 
111 	buf[0] = data->suspended ? 'Y' : 'N';
112 	buf[1] = '\n';
113 	buf[2] = '\0';
114 	return simple_read_from_buffer(user_buf, count, ppos, buf, 2);
115 }
116 
117 static ssize_t force_suspend_write(struct file *file,
118 				   const char __user *user_buf,
119 				   size_t count, loff_t *ppos)
120 {
121 	struct vhci_data *data = file->private_data;
122 	bool enable;
123 	int err;
124 
125 	err = kstrtobool_from_user(user_buf, count, &enable);
126 	if (err)
127 		return err;
128 
129 	if (data->suspended == enable)
130 		return -EALREADY;
131 
132 	if (enable)
133 		err = hci_suspend_dev(data->hdev);
134 	else
135 		err = hci_resume_dev(data->hdev);
136 
137 	if (err)
138 		return err;
139 
140 	data->suspended = enable;
141 
142 	return count;
143 }
144 
145 static const struct file_operations force_suspend_fops = {
146 	.open		= simple_open,
147 	.read		= force_suspend_read,
148 	.write		= force_suspend_write,
149 	.llseek		= default_llseek,
150 };
151 
152 static ssize_t force_wakeup_read(struct file *file, char __user *user_buf,
153 				 size_t count, loff_t *ppos)
154 {
155 	struct vhci_data *data = file->private_data;
156 	char buf[3];
157 
158 	buf[0] = data->wakeup ? 'Y' : 'N';
159 	buf[1] = '\n';
160 	buf[2] = '\0';
161 	return simple_read_from_buffer(user_buf, count, ppos, buf, 2);
162 }
163 
164 static ssize_t force_wakeup_write(struct file *file,
165 				  const char __user *user_buf, size_t count,
166 				  loff_t *ppos)
167 {
168 	struct vhci_data *data = file->private_data;
169 	bool enable;
170 	int err;
171 
172 	err = kstrtobool_from_user(user_buf, count, &enable);
173 	if (err)
174 		return err;
175 
176 	if (data->wakeup == enable)
177 		return -EALREADY;
178 
179 	return count;
180 }
181 
182 static const struct file_operations force_wakeup_fops = {
183 	.open		= simple_open,
184 	.read		= force_wakeup_read,
185 	.write		= force_wakeup_write,
186 	.llseek		= default_llseek,
187 };
188 
189 static int __vhci_create_device(struct vhci_data *data, __u8 opcode)
190 {
191 	struct hci_dev *hdev;
192 	struct sk_buff *skb;
193 	__u8 dev_type;
194 
195 	if (data->hdev)
196 		return -EBADFD;
197 
198 	/* bits 0-1 are dev_type (Primary or AMP) */
199 	dev_type = opcode & 0x03;
200 
201 	if (dev_type != HCI_PRIMARY && dev_type != HCI_AMP)
202 		return -EINVAL;
203 
204 	/* bits 2-5 are reserved (must be zero) */
205 	if (opcode & 0x3c)
206 		return -EINVAL;
207 
208 	skb = bt_skb_alloc(4, GFP_KERNEL);
209 	if (!skb)
210 		return -ENOMEM;
211 
212 	hdev = hci_alloc_dev();
213 	if (!hdev) {
214 		kfree_skb(skb);
215 		return -ENOMEM;
216 	}
217 
218 	data->hdev = hdev;
219 
220 	hdev->bus = HCI_VIRTUAL;
221 	hdev->dev_type = dev_type;
222 	hci_set_drvdata(hdev, data);
223 
224 	hdev->open  = vhci_open_dev;
225 	hdev->close = vhci_close_dev;
226 	hdev->flush = vhci_flush;
227 	hdev->send  = vhci_send_frame;
228 	hdev->get_data_path_id = vhci_get_data_path_id;
229 	hdev->get_codec_config_data = vhci_get_codec_config_data;
230 	hdev->wakeup = vhci_wakeup;
231 
232 	/* bit 6 is for external configuration */
233 	if (opcode & 0x40)
234 		set_bit(HCI_QUIRK_EXTERNAL_CONFIG, &hdev->quirks);
235 
236 	/* bit 7 is for raw device */
237 	if (opcode & 0x80)
238 		set_bit(HCI_QUIRK_RAW_DEVICE, &hdev->quirks);
239 
240 	if (hci_register_dev(hdev) < 0) {
241 		BT_ERR("Can't register HCI device");
242 		hci_free_dev(hdev);
243 		data->hdev = NULL;
244 		kfree_skb(skb);
245 		return -EBUSY;
246 	}
247 
248 	debugfs_create_file("force_suspend", 0644, hdev->debugfs, data,
249 			    &force_suspend_fops);
250 
251 	debugfs_create_file("force_wakeup", 0644, hdev->debugfs, data,
252 			    &force_wakeup_fops);
253 
254 	hci_skb_pkt_type(skb) = HCI_VENDOR_PKT;
255 
256 	skb_put_u8(skb, 0xff);
257 	skb_put_u8(skb, opcode);
258 	put_unaligned_le16(hdev->id, skb_put(skb, 2));
259 	skb_queue_tail(&data->readq, skb);
260 
261 	wake_up_interruptible(&data->read_wait);
262 	return 0;
263 }
264 
265 static int vhci_create_device(struct vhci_data *data, __u8 opcode)
266 {
267 	int err;
268 
269 	mutex_lock(&data->open_mutex);
270 	err = __vhci_create_device(data, opcode);
271 	mutex_unlock(&data->open_mutex);
272 
273 	return err;
274 }
275 
276 static inline ssize_t vhci_get_user(struct vhci_data *data,
277 				    struct iov_iter *from)
278 {
279 	size_t len = iov_iter_count(from);
280 	struct sk_buff *skb;
281 	__u8 pkt_type, opcode;
282 	int ret;
283 
284 	if (len < 2 || len > HCI_MAX_FRAME_SIZE)
285 		return -EINVAL;
286 
287 	skb = bt_skb_alloc(len, GFP_KERNEL);
288 	if (!skb)
289 		return -ENOMEM;
290 
291 	if (!copy_from_iter_full(skb_put(skb, len), len, from)) {
292 		kfree_skb(skb);
293 		return -EFAULT;
294 	}
295 
296 	pkt_type = *((__u8 *) skb->data);
297 	skb_pull(skb, 1);
298 
299 	switch (pkt_type) {
300 	case HCI_EVENT_PKT:
301 	case HCI_ACLDATA_PKT:
302 	case HCI_SCODATA_PKT:
303 	case HCI_ISODATA_PKT:
304 		if (!data->hdev) {
305 			kfree_skb(skb);
306 			return -ENODEV;
307 		}
308 
309 		hci_skb_pkt_type(skb) = pkt_type;
310 
311 		ret = hci_recv_frame(data->hdev, skb);
312 		break;
313 
314 	case HCI_VENDOR_PKT:
315 		cancel_delayed_work_sync(&data->open_timeout);
316 
317 		opcode = *((__u8 *) skb->data);
318 		skb_pull(skb, 1);
319 
320 		if (skb->len > 0) {
321 			kfree_skb(skb);
322 			return -EINVAL;
323 		}
324 
325 		kfree_skb(skb);
326 
327 		ret = vhci_create_device(data, opcode);
328 		break;
329 
330 	default:
331 		kfree_skb(skb);
332 		return -EINVAL;
333 	}
334 
335 	return (ret < 0) ? ret : len;
336 }
337 
338 static inline ssize_t vhci_put_user(struct vhci_data *data,
339 				    struct sk_buff *skb,
340 				    char __user *buf, int count)
341 {
342 	char __user *ptr = buf;
343 	int len;
344 
345 	len = min_t(unsigned int, skb->len, count);
346 
347 	if (copy_to_user(ptr, skb->data, len))
348 		return -EFAULT;
349 
350 	if (!data->hdev)
351 		return len;
352 
353 	data->hdev->stat.byte_tx += len;
354 
355 	switch (hci_skb_pkt_type(skb)) {
356 	case HCI_COMMAND_PKT:
357 		data->hdev->stat.cmd_tx++;
358 		break;
359 	case HCI_ACLDATA_PKT:
360 		data->hdev->stat.acl_tx++;
361 		break;
362 	case HCI_SCODATA_PKT:
363 		data->hdev->stat.sco_tx++;
364 		break;
365 	}
366 
367 	return len;
368 }
369 
370 static ssize_t vhci_read(struct file *file,
371 			 char __user *buf, size_t count, loff_t *pos)
372 {
373 	struct vhci_data *data = file->private_data;
374 	struct sk_buff *skb;
375 	ssize_t ret = 0;
376 
377 	while (count) {
378 		skb = skb_dequeue(&data->readq);
379 		if (skb) {
380 			ret = vhci_put_user(data, skb, buf, count);
381 			if (ret < 0)
382 				skb_queue_head(&data->readq, skb);
383 			else
384 				kfree_skb(skb);
385 			break;
386 		}
387 
388 		if (file->f_flags & O_NONBLOCK) {
389 			ret = -EAGAIN;
390 			break;
391 		}
392 
393 		ret = wait_event_interruptible(data->read_wait,
394 					       !skb_queue_empty(&data->readq));
395 		if (ret < 0)
396 			break;
397 	}
398 
399 	return ret;
400 }
401 
402 static ssize_t vhci_write(struct kiocb *iocb, struct iov_iter *from)
403 {
404 	struct file *file = iocb->ki_filp;
405 	struct vhci_data *data = file->private_data;
406 
407 	return vhci_get_user(data, from);
408 }
409 
410 static __poll_t vhci_poll(struct file *file, poll_table *wait)
411 {
412 	struct vhci_data *data = file->private_data;
413 
414 	poll_wait(file, &data->read_wait, wait);
415 
416 	if (!skb_queue_empty(&data->readq))
417 		return EPOLLIN | EPOLLRDNORM;
418 
419 	return EPOLLOUT | EPOLLWRNORM;
420 }
421 
422 static void vhci_open_timeout(struct work_struct *work)
423 {
424 	struct vhci_data *data = container_of(work, struct vhci_data,
425 					      open_timeout.work);
426 
427 	vhci_create_device(data, amp ? HCI_AMP : HCI_PRIMARY);
428 }
429 
430 static int vhci_open(struct inode *inode, struct file *file)
431 {
432 	struct vhci_data *data;
433 
434 	data = kzalloc(sizeof(struct vhci_data), GFP_KERNEL);
435 	if (!data)
436 		return -ENOMEM;
437 
438 	skb_queue_head_init(&data->readq);
439 	init_waitqueue_head(&data->read_wait);
440 
441 	mutex_init(&data->open_mutex);
442 	INIT_DELAYED_WORK(&data->open_timeout, vhci_open_timeout);
443 
444 	file->private_data = data;
445 	nonseekable_open(inode, file);
446 
447 	schedule_delayed_work(&data->open_timeout, msecs_to_jiffies(1000));
448 
449 	return 0;
450 }
451 
452 static int vhci_release(struct inode *inode, struct file *file)
453 {
454 	struct vhci_data *data = file->private_data;
455 	struct hci_dev *hdev;
456 
457 	cancel_delayed_work_sync(&data->open_timeout);
458 
459 	hdev = data->hdev;
460 
461 	if (hdev) {
462 		hci_unregister_dev(hdev);
463 		hci_free_dev(hdev);
464 	}
465 
466 	skb_queue_purge(&data->readq);
467 	file->private_data = NULL;
468 	kfree(data);
469 
470 	return 0;
471 }
472 
473 static const struct file_operations vhci_fops = {
474 	.owner		= THIS_MODULE,
475 	.read		= vhci_read,
476 	.write_iter	= vhci_write,
477 	.poll		= vhci_poll,
478 	.open		= vhci_open,
479 	.release	= vhci_release,
480 	.llseek		= no_llseek,
481 };
482 
483 static struct miscdevice vhci_miscdev = {
484 	.name	= "vhci",
485 	.fops	= &vhci_fops,
486 	.minor	= VHCI_MINOR,
487 };
488 module_misc_device(vhci_miscdev);
489 
490 module_param(amp, bool, 0644);
491 MODULE_PARM_DESC(amp, "Create AMP controller device");
492 
493 MODULE_AUTHOR("Marcel Holtmann <marcel@holtmann.org>");
494 MODULE_DESCRIPTION("Bluetooth virtual HCI driver ver " VERSION);
495 MODULE_VERSION(VERSION);
496 MODULE_LICENSE("GPL");
497 MODULE_ALIAS("devname:vhci");
498 MODULE_ALIAS_MISCDEV(VHCI_MINOR);
499