]>
Commit | Line | Data |
---|---|---|
1a59d1b8 | 1 | // SPDX-License-Identifier: GPL-2.0-or-later |
1da177e4 | 2 | /* |
1da177e4 | 3 | * |
4aa769b9 MH |
4 | * Bluetooth virtual HCI driver |
5 | * | |
9c724357 MH |
6 | * Copyright (C) 2000-2001 Qualcomm Incorporated |
7 | * Copyright (C) 2002-2003 Maxim Krasnyansky <maxk@qualcomm.com> | |
8 | * Copyright (C) 2004-2006 Marcel Holtmann <marcel@holtmann.org> | |
1da177e4 | 9 | */ |
1da177e4 | 10 | |
1da177e4 | 11 | #include <linux/module.h> |
23424c0d | 12 | #include <asm/unaligned.h> |
1da177e4 | 13 | |
1da177e4 | 14 | #include <linux/kernel.h> |
4aa769b9 | 15 | #include <linux/init.h> |
1da177e4 | 16 | #include <linux/slab.h> |
4aa769b9 MH |
17 | #include <linux/types.h> |
18 | #include <linux/errno.h> | |
19 | #include <linux/sched.h> | |
1da177e4 | 20 | #include <linux/poll.h> |
1da177e4 LT |
21 | |
22 | #include <linux/skbuff.h> | |
23 | #include <linux/miscdevice.h> | |
24 | ||
1da177e4 LT |
25 | #include <net/bluetooth/bluetooth.h> |
26 | #include <net/bluetooth/hci_core.h> | |
1da177e4 | 27 | |
82a30cfc | 28 | #define VERSION "1.5" |
4aa769b9 | 29 | |
36acbb1a AE |
30 | static bool amp; |
31 | ||
4aa769b9 MH |
32 | struct vhci_data { |
33 | struct hci_dev *hdev; | |
34 | ||
4aa769b9 MH |
35 | wait_queue_head_t read_wait; |
36 | struct sk_buff_head readq; | |
23424c0d | 37 | |
c7c999cb | 38 | struct mutex open_mutex; |
23424c0d | 39 | struct delayed_work open_timeout; |
4aa769b9 MH |
40 | }; |
41 | ||
4aa769b9 | 42 | static int vhci_open_dev(struct hci_dev *hdev) |
1da177e4 | 43 | { |
1da177e4 LT |
44 | return 0; |
45 | } | |
46 | ||
4aa769b9 | 47 | static int vhci_close_dev(struct hci_dev *hdev) |
1da177e4 | 48 | { |
155961e8 | 49 | struct vhci_data *data = hci_get_drvdata(hdev); |
4aa769b9 | 50 | |
9c724357 | 51 | skb_queue_purge(&data->readq); |
4aa769b9 | 52 | |
1da177e4 LT |
53 | return 0; |
54 | } | |
55 | ||
4aa769b9 | 56 | static int vhci_flush(struct hci_dev *hdev) |
1da177e4 | 57 | { |
155961e8 | 58 | struct vhci_data *data = hci_get_drvdata(hdev); |
1da177e4 | 59 | |
9c724357 | 60 | skb_queue_purge(&data->readq); |
1da177e4 | 61 | |
4aa769b9 | 62 | return 0; |
1da177e4 LT |
63 | } |
64 | ||
7bd8f09f | 65 | static int vhci_send_frame(struct hci_dev *hdev, struct sk_buff *skb) |
1da177e4 | 66 | { |
60298775 | 67 | struct vhci_data *data = hci_get_drvdata(hdev); |
1da177e4 | 68 | |
618e8bc2 | 69 | memcpy(skb_push(skb, 1), &hci_skb_pkt_type(skb), 1); |
9c724357 | 70 | skb_queue_tail(&data->readq, skb); |
4aa769b9 | 71 | |
9c724357 | 72 | wake_up_interruptible(&data->read_wait); |
23424c0d MH |
73 | return 0; |
74 | } | |
75 | ||
c7c999cb | 76 | static int __vhci_create_device(struct vhci_data *data, __u8 opcode) |
23424c0d MH |
77 | { |
78 | struct hci_dev *hdev; | |
79 | struct sk_buff *skb; | |
82a30cfc MH |
80 | __u8 dev_type; |
81 | ||
c7c999cb TI |
82 | if (data->hdev) |
83 | return -EBADFD; | |
84 | ||
ca8bee5d | 85 | /* bits 0-1 are dev_type (Primary or AMP) */ |
82a30cfc MH |
86 | dev_type = opcode & 0x03; |
87 | ||
ca8bee5d | 88 | if (dev_type != HCI_PRIMARY && dev_type != HCI_AMP) |
82a30cfc MH |
89 | return -EINVAL; |
90 | ||
0ad184ef MH |
91 | /* bits 2-5 are reserved (must be zero) */ |
92 | if (opcode & 0x3c) | |
82a30cfc | 93 | return -EINVAL; |
23424c0d MH |
94 | |
95 | skb = bt_skb_alloc(4, GFP_KERNEL); | |
96 | if (!skb) | |
97 | return -ENOMEM; | |
98 | ||
99 | hdev = hci_alloc_dev(); | |
100 | if (!hdev) { | |
101 | kfree_skb(skb); | |
102 | return -ENOMEM; | |
103 | } | |
104 | ||
105 | data->hdev = hdev; | |
106 | ||
107 | hdev->bus = HCI_VIRTUAL; | |
108 | hdev->dev_type = dev_type; | |
109 | hci_set_drvdata(hdev, data); | |
110 | ||
111 | hdev->open = vhci_open_dev; | |
112 | hdev->close = vhci_close_dev; | |
113 | hdev->flush = vhci_flush; | |
114 | hdev->send = vhci_send_frame; | |
1da177e4 | 115 | |
0ad184ef MH |
116 | /* bit 6 is for external configuration */ |
117 | if (opcode & 0x40) | |
118 | set_bit(HCI_QUIRK_EXTERNAL_CONFIG, &hdev->quirks); | |
119 | ||
82a30cfc MH |
120 | /* bit 7 is for raw device */ |
121 | if (opcode & 0x80) | |
122 | set_bit(HCI_QUIRK_RAW_DEVICE, &hdev->quirks); | |
123 | ||
23424c0d MH |
124 | if (hci_register_dev(hdev) < 0) { |
125 | BT_ERR("Can't register HCI device"); | |
126 | hci_free_dev(hdev); | |
127 | data->hdev = NULL; | |
128 | kfree_skb(skb); | |
129 | return -EBUSY; | |
130 | } | |
131 | ||
618e8bc2 | 132 | hci_skb_pkt_type(skb) = HCI_VENDOR_PKT; |
23424c0d | 133 | |
634fef61 JB |
134 | skb_put_u8(skb, 0xff); |
135 | skb_put_u8(skb, opcode); | |
23424c0d MH |
136 | put_unaligned_le16(hdev->id, skb_put(skb, 2)); |
137 | skb_queue_tail(&data->readq, skb); | |
138 | ||
139 | wake_up_interruptible(&data->read_wait); | |
1da177e4 LT |
140 | return 0; |
141 | } | |
142 | ||
c7c999cb TI |
143 | static int vhci_create_device(struct vhci_data *data, __u8 opcode) |
144 | { | |
145 | int err; | |
146 | ||
147 | mutex_lock(&data->open_mutex); | |
148 | err = __vhci_create_device(data, opcode); | |
149 | mutex_unlock(&data->open_mutex); | |
150 | ||
151 | return err; | |
152 | } | |
153 | ||
9c724357 | 154 | static inline ssize_t vhci_get_user(struct vhci_data *data, |
512b2268 | 155 | struct iov_iter *from) |
1da177e4 | 156 | { |
512b2268 | 157 | size_t len = iov_iter_count(from); |
1da177e4 | 158 | struct sk_buff *skb; |
82a30cfc | 159 | __u8 pkt_type, opcode; |
23424c0d | 160 | int ret; |
1da177e4 | 161 | |
5bc00b5c | 162 | if (len < 2 || len > HCI_MAX_FRAME_SIZE) |
1da177e4 LT |
163 | return -EINVAL; |
164 | ||
5bc00b5c | 165 | skb = bt_skb_alloc(len, GFP_KERNEL); |
4aa769b9 | 166 | if (!skb) |
1da177e4 | 167 | return -ENOMEM; |
4aa769b9 | 168 | |
cbbd26b8 | 169 | if (!copy_from_iter_full(skb_put(skb, len), len, from)) { |
512b2268 AV |
170 | kfree_skb(skb); |
171 | return -EFAULT; | |
1da177e4 LT |
172 | } |
173 | ||
23424c0d | 174 | pkt_type = *((__u8 *) skb->data); |
1da177e4 LT |
175 | skb_pull(skb, 1); |
176 | ||
23424c0d MH |
177 | switch (pkt_type) { |
178 | case HCI_EVENT_PKT: | |
179 | case HCI_ACLDATA_PKT: | |
180 | case HCI_SCODATA_PKT: | |
f92a8cb5 | 181 | case HCI_ISODATA_PKT: |
23424c0d MH |
182 | if (!data->hdev) { |
183 | kfree_skb(skb); | |
184 | return -ENODEV; | |
185 | } | |
186 | ||
618e8bc2 | 187 | hci_skb_pkt_type(skb) = pkt_type; |
23424c0d | 188 | |
e1a26170 | 189 | ret = hci_recv_frame(data->hdev, skb); |
23424c0d MH |
190 | break; |
191 | ||
192 | case HCI_VENDOR_PKT: | |
373a32c8 JS |
193 | cancel_delayed_work_sync(&data->open_timeout); |
194 | ||
82a30cfc | 195 | opcode = *((__u8 *) skb->data); |
23424c0d MH |
196 | skb_pull(skb, 1); |
197 | ||
198 | if (skb->len > 0) { | |
199 | kfree_skb(skb); | |
200 | return -EINVAL; | |
201 | } | |
202 | ||
203 | kfree_skb(skb); | |
204 | ||
82a30cfc | 205 | ret = vhci_create_device(data, opcode); |
23424c0d MH |
206 | break; |
207 | ||
208 | default: | |
209 | kfree_skb(skb); | |
210 | return -EINVAL; | |
211 | } | |
212 | ||
5bc00b5c | 213 | return (ret < 0) ? ret : len; |
1da177e4 LT |
214 | } |
215 | ||
9c724357 | 216 | static inline ssize_t vhci_put_user(struct vhci_data *data, |
23424c0d MH |
217 | struct sk_buff *skb, |
218 | char __user *buf, int count) | |
1da177e4 | 219 | { |
1da177e4 | 220 | char __user *ptr = buf; |
23424c0d | 221 | int len; |
4aa769b9 MH |
222 | |
223 | len = min_t(unsigned int, skb->len, count); | |
1da177e4 | 224 | |
1da177e4 LT |
225 | if (copy_to_user(ptr, skb->data, len)) |
226 | return -EFAULT; | |
4aa769b9 | 227 | |
23424c0d MH |
228 | if (!data->hdev) |
229 | return len; | |
1da177e4 | 230 | |
9c724357 | 231 | data->hdev->stat.byte_tx += len; |
4aa769b9 | 232 | |
618e8bc2 | 233 | switch (hci_skb_pkt_type(skb)) { |
0d48d939 | 234 | case HCI_COMMAND_PKT: |
9c724357 | 235 | data->hdev->stat.cmd_tx++; |
0d48d939 | 236 | break; |
0d48d939 | 237 | case HCI_ACLDATA_PKT: |
9c724357 | 238 | data->hdev->stat.acl_tx++; |
0d48d939 | 239 | break; |
0d48d939 | 240 | case HCI_SCODATA_PKT: |
4f7ac181 | 241 | data->hdev->stat.sco_tx++; |
0d48d939 | 242 | break; |
2c24d454 | 243 | } |
1da177e4 | 244 | |
23424c0d | 245 | return len; |
1da177e4 LT |
246 | } |
247 | ||
9c724357 | 248 | static ssize_t vhci_read(struct file *file, |
23424c0d | 249 | char __user *buf, size_t count, loff_t *pos) |
1da177e4 | 250 | { |
9c724357 | 251 | struct vhci_data *data = file->private_data; |
1da177e4 LT |
252 | struct sk_buff *skb; |
253 | ssize_t ret = 0; | |
254 | ||
1da177e4 | 255 | while (count) { |
9c724357 | 256 | skb = skb_dequeue(&data->readq); |
4db7589f MH |
257 | if (skb) { |
258 | ret = vhci_put_user(data, skb, buf, count); | |
259 | if (ret < 0) | |
260 | skb_queue_head(&data->readq, skb); | |
261 | else | |
262 | kfree_skb(skb); | |
263 | break; | |
1da177e4 LT |
264 | } |
265 | ||
4db7589f MH |
266 | if (file->f_flags & O_NONBLOCK) { |
267 | ret = -EAGAIN; | |
268 | break; | |
269 | } | |
1da177e4 | 270 | |
4db7589f | 271 | ret = wait_event_interruptible(data->read_wait, |
23424c0d | 272 | !skb_queue_empty(&data->readq)); |
4db7589f MH |
273 | if (ret < 0) |
274 | break; | |
1da177e4 | 275 | } |
1da177e4 LT |
276 | |
277 | return ret; | |
278 | } | |
279 | ||
512b2268 | 280 | static ssize_t vhci_write(struct kiocb *iocb, struct iov_iter *from) |
1da177e4 | 281 | { |
5bc00b5c | 282 | struct file *file = iocb->ki_filp; |
9c724357 | 283 | struct vhci_data *data = file->private_data; |
1da177e4 | 284 | |
512b2268 | 285 | return vhci_get_user(data, from); |
1da177e4 LT |
286 | } |
287 | ||
afc9a42b | 288 | static __poll_t vhci_poll(struct file *file, poll_table *wait) |
1da177e4 | 289 | { |
9c724357 | 290 | struct vhci_data *data = file->private_data; |
1da177e4 | 291 | |
9c724357 | 292 | poll_wait(file, &data->read_wait, wait); |
1da177e4 | 293 | |
9c724357 | 294 | if (!skb_queue_empty(&data->readq)) |
a9a08845 | 295 | return EPOLLIN | EPOLLRDNORM; |
4aa769b9 | 296 | |
a9a08845 | 297 | return EPOLLOUT | EPOLLWRNORM; |
4aa769b9 MH |
298 | } |
299 | ||
23424c0d MH |
300 | static void vhci_open_timeout(struct work_struct *work) |
301 | { | |
302 | struct vhci_data *data = container_of(work, struct vhci_data, | |
303 | open_timeout.work); | |
304 | ||
ca8bee5d | 305 | vhci_create_device(data, amp ? HCI_AMP : HCI_PRIMARY); |
23424c0d MH |
306 | } |
307 | ||
4aa769b9 | 308 | static int vhci_open(struct inode *inode, struct file *file) |
1da177e4 | 309 | { |
9c724357 | 310 | struct vhci_data *data; |
1da177e4 | 311 | |
9c724357 MH |
312 | data = kzalloc(sizeof(struct vhci_data), GFP_KERNEL); |
313 | if (!data) | |
1da177e4 LT |
314 | return -ENOMEM; |
315 | ||
9c724357 MH |
316 | skb_queue_head_init(&data->readq); |
317 | init_waitqueue_head(&data->read_wait); | |
1da177e4 | 318 | |
c7c999cb | 319 | mutex_init(&data->open_mutex); |
23424c0d | 320 | INIT_DELAYED_WORK(&data->open_timeout, vhci_open_timeout); |
1da177e4 | 321 | |
9c724357 | 322 | file->private_data = data; |
0dea0141 | 323 | nonseekable_open(inode, file); |
4aa769b9 | 324 | |
23424c0d MH |
325 | schedule_delayed_work(&data->open_timeout, msecs_to_jiffies(1000)); |
326 | ||
0dea0141 | 327 | return 0; |
1da177e4 LT |
328 | } |
329 | ||
4aa769b9 | 330 | static int vhci_release(struct inode *inode, struct file *file) |
1da177e4 | 331 | { |
9c724357 | 332 | struct vhci_data *data = file->private_data; |
373a32c8 | 333 | struct hci_dev *hdev; |
1da177e4 | 334 | |
23424c0d MH |
335 | cancel_delayed_work_sync(&data->open_timeout); |
336 | ||
373a32c8 JS |
337 | hdev = data->hdev; |
338 | ||
23424c0d MH |
339 | if (hdev) { |
340 | hci_unregister_dev(hdev); | |
341 | hci_free_dev(hdev); | |
342 | } | |
1da177e4 | 343 | |
13407376 | 344 | skb_queue_purge(&data->readq); |
1da177e4 | 345 | file->private_data = NULL; |
bf18c711 | 346 | kfree(data); |
4aa769b9 MH |
347 | |
348 | return 0; | |
349 | } | |
350 | ||
2b8693c0 | 351 | static const struct file_operations vhci_fops = { |
fed4c250 | 352 | .owner = THIS_MODULE, |
4aa769b9 | 353 | .read = vhci_read, |
512b2268 | 354 | .write_iter = vhci_write, |
4aa769b9 | 355 | .poll = vhci_poll, |
4aa769b9 MH |
356 | .open = vhci_open, |
357 | .release = vhci_release, | |
6038f373 | 358 | .llseek = no_llseek, |
1da177e4 LT |
359 | }; |
360 | ||
4eeab599 | 361 | static struct miscdevice vhci_miscdev = { |
ac28494c MH |
362 | .name = "vhci", |
363 | .fops = &vhci_fops, | |
b075dd40 | 364 | .minor = VHCI_MINOR, |
1da177e4 | 365 | }; |
d6a38c0b | 366 | module_misc_device(vhci_miscdev); |
4aa769b9 | 367 | |
36acbb1a AE |
368 | module_param(amp, bool, 0644); |
369 | MODULE_PARM_DESC(amp, "Create AMP controller device"); | |
370 | ||
63fbd24e | 371 | MODULE_AUTHOR("Marcel Holtmann <marcel@holtmann.org>"); |
4aa769b9 MH |
372 | MODULE_DESCRIPTION("Bluetooth virtual HCI driver ver " VERSION); |
373 | MODULE_VERSION(VERSION); | |
374 | MODULE_LICENSE("GPL"); | |
bfacbb9a | 375 | MODULE_ALIAS("devname:vhci"); |
b075dd40 | 376 | MODULE_ALIAS_MISCDEV(VHCI_MINOR); |