1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * 4 * Bluetooth HCI UART driver 5 * 6 * Copyright (C) 2000-2001 Qualcomm Incorporated 7 * Copyright (C) 2002-2003 Maxim Krasnyansky <maxk@qualcomm.com> 8 * Copyright (C) 2004-2005 Marcel Holtmann <marcel@holtmann.org> 9 */ 10 11 #include <linux/module.h> 12 13 #include <linux/kernel.h> 14 #include <linux/init.h> 15 #include <linux/types.h> 16 #include <linux/fcntl.h> 17 #include <linux/interrupt.h> 18 #include <linux/ptrace.h> 19 #include <linux/poll.h> 20 21 #include <linux/slab.h> 22 #include <linux/tty.h> 23 #include <linux/errno.h> 24 #include <linux/string.h> 25 #include <linux/signal.h> 26 #include <linux/ioctl.h> 27 #include <linux/skbuff.h> 28 #include <linux/firmware.h> 29 #include <linux/serdev.h> 30 31 #include <net/bluetooth/bluetooth.h> 32 #include <net/bluetooth/hci_core.h> 33 34 #include "btintel.h" 35 #include "btbcm.h" 36 #include "hci_uart.h" 37 38 #define VERSION "2.3" 39 40 static const struct hci_uart_proto *hup[HCI_UART_MAX_PROTO]; 41 42 int hci_uart_register_proto(const struct hci_uart_proto *p) 43 { 44 if (p->id >= HCI_UART_MAX_PROTO) 45 return -EINVAL; 46 47 if (hup[p->id]) 48 return -EEXIST; 49 50 hup[p->id] = p; 51 52 BT_INFO("HCI UART protocol %s registered", p->name); 53 54 return 0; 55 } 56 57 int hci_uart_unregister_proto(const struct hci_uart_proto *p) 58 { 59 if (p->id >= HCI_UART_MAX_PROTO) 60 return -EINVAL; 61 62 if (!hup[p->id]) 63 return -EINVAL; 64 65 hup[p->id] = NULL; 66 67 return 0; 68 } 69 70 static const struct hci_uart_proto *hci_uart_get_proto(unsigned int id) 71 { 72 if (id >= HCI_UART_MAX_PROTO) 73 return NULL; 74 75 return hup[id]; 76 } 77 78 static inline void hci_uart_tx_complete(struct hci_uart *hu, int pkt_type) 79 { 80 struct hci_dev *hdev = hu->hdev; 81 82 /* Update HCI stat counters */ 83 switch (pkt_type) { 84 case HCI_COMMAND_PKT: 85 hdev->stat.cmd_tx++; 86 break; 87 88 case HCI_ACLDATA_PKT: 89 hdev->stat.acl_tx++; 90 break; 91 92 case HCI_SCODATA_PKT: 93 hdev->stat.sco_tx++; 94 break; 95 } 96 } 97 98 static inline struct sk_buff *hci_uart_dequeue(struct hci_uart *hu) 99 { 100 struct sk_buff *skb = hu->tx_skb; 101 102 if (!skb) { 103 percpu_down_read(&hu->proto_lock); 104 105 if (test_bit(HCI_UART_PROTO_READY, &hu->flags) || 106 test_bit(HCI_UART_PROTO_INIT, &hu->flags)) 107 skb = hu->proto->dequeue(hu); 108 109 percpu_up_read(&hu->proto_lock); 110 } else { 111 hu->tx_skb = NULL; 112 } 113 114 return skb; 115 } 116 117 int hci_uart_tx_wakeup(struct hci_uart *hu) 118 { 119 /* This may be called in an IRQ context, so we can't sleep. Therefore 120 * we try to acquire the lock only, and if that fails we assume the 121 * tty is being closed because that is the only time the write lock is 122 * acquired. If, however, at some point in the future the write lock 123 * is also acquired in other situations, then this must be revisited. 124 */ 125 if (!percpu_down_read_trylock(&hu->proto_lock)) 126 return 0; 127 128 if (!test_bit(HCI_UART_PROTO_READY, &hu->flags) && 129 !test_bit(HCI_UART_PROTO_INIT, &hu->flags)) 130 goto no_schedule; 131 132 set_bit(HCI_UART_TX_WAKEUP, &hu->tx_state); 133 if (test_and_set_bit(HCI_UART_SENDING, &hu->tx_state)) 134 goto no_schedule; 135 136 BT_DBG(""); 137 138 schedule_work(&hu->write_work); 139 140 no_schedule: 141 percpu_up_read(&hu->proto_lock); 142 143 return 0; 144 } 145 EXPORT_SYMBOL_GPL(hci_uart_tx_wakeup); 146 147 static void hci_uart_write_work(struct work_struct *work) 148 { 149 struct hci_uart *hu = container_of(work, struct hci_uart, write_work); 150 struct tty_struct *tty = hu->tty; 151 struct hci_dev *hdev = hu->hdev; 152 struct sk_buff *skb; 153 154 /* REVISIT: should we cope with bad skbs or ->write() returning 155 * and error value ? 156 */ 157 158 restart: 159 clear_bit(HCI_UART_TX_WAKEUP, &hu->tx_state); 160 161 while ((skb = hci_uart_dequeue(hu))) { 162 int len; 163 164 set_bit(TTY_DO_WRITE_WAKEUP, &tty->flags); 165 len = tty->ops->write(tty, skb->data, skb->len); 166 hdev->stat.byte_tx += len; 167 168 skb_pull(skb, len); 169 if (skb->len) { 170 hu->tx_skb = skb; 171 break; 172 } 173 174 hci_uart_tx_complete(hu, hci_skb_pkt_type(skb)); 175 kfree_skb(skb); 176 } 177 178 clear_bit(HCI_UART_SENDING, &hu->tx_state); 179 if (test_bit(HCI_UART_TX_WAKEUP, &hu->tx_state)) 180 goto restart; 181 182 wake_up_bit(&hu->tx_state, HCI_UART_SENDING); 183 } 184 185 void hci_uart_init_work(struct work_struct *work) 186 { 187 struct hci_uart *hu = container_of(work, struct hci_uart, init_ready); 188 int err; 189 struct hci_dev *hdev; 190 191 if (!test_and_clear_bit(HCI_UART_INIT_PENDING, &hu->hdev_flags)) 192 return; 193 194 err = hci_register_dev(hu->hdev); 195 if (err < 0) { 196 BT_ERR("Can't register HCI device"); 197 198 percpu_down_write(&hu->proto_lock); 199 clear_bit(HCI_UART_PROTO_READY, &hu->flags); 200 percpu_up_write(&hu->proto_lock); 201 202 /* Safely cancel work after clearing flags */ 203 cancel_work_sync(&hu->write_work); 204 205 /* Close protocol before freeing hdev */ 206 hu->proto->close(hu); 207 hdev = hu->hdev; 208 hu->hdev = NULL; 209 hci_free_dev(hdev); 210 return; 211 } 212 213 set_bit(HCI_UART_REGISTERED, &hu->flags); 214 } 215 216 int hci_uart_init_ready(struct hci_uart *hu) 217 { 218 if (!test_bit(HCI_UART_INIT_PENDING, &hu->hdev_flags)) 219 return -EALREADY; 220 221 schedule_work(&hu->init_ready); 222 223 return 0; 224 } 225 226 int hci_uart_wait_until_sent(struct hci_uart *hu) 227 { 228 return wait_on_bit_timeout(&hu->tx_state, HCI_UART_SENDING, 229 TASK_INTERRUPTIBLE, 230 msecs_to_jiffies(2000)); 231 } 232 233 /* ------- Interface to HCI layer ------ */ 234 /* Reset device */ 235 static int hci_uart_flush(struct hci_dev *hdev) 236 { 237 struct hci_uart *hu = hci_get_drvdata(hdev); 238 struct tty_struct *tty = hu->tty; 239 240 BT_DBG("hdev %p tty %p", hdev, tty); 241 242 if (hu->tx_skb) { 243 kfree_skb(hu->tx_skb); hu->tx_skb = NULL; 244 } 245 246 /* Flush any pending characters in the driver and discipline. */ 247 tty_ldisc_flush(tty); 248 tty_driver_flush_buffer(tty); 249 250 percpu_down_read(&hu->proto_lock); 251 252 if (test_bit(HCI_UART_PROTO_READY, &hu->flags)) 253 hu->proto->flush(hu); 254 255 percpu_up_read(&hu->proto_lock); 256 257 return 0; 258 } 259 260 /* Initialize device */ 261 static int hci_uart_open(struct hci_dev *hdev) 262 { 263 BT_DBG("%s %p", hdev->name, hdev); 264 265 /* Undo clearing this from hci_uart_close() */ 266 hdev->flush = hci_uart_flush; 267 268 return 0; 269 } 270 271 /* Close device */ 272 static int hci_uart_close(struct hci_dev *hdev) 273 { 274 struct hci_uart *hu = hci_get_drvdata(hdev); 275 276 BT_DBG("hdev %p", hdev); 277 278 cancel_work_sync(&hu->write_work); 279 280 hci_uart_flush(hdev); 281 hdev->flush = NULL; 282 return 0; 283 } 284 285 /* Send frames from HCI layer */ 286 static int hci_uart_send_frame(struct hci_dev *hdev, struct sk_buff *skb) 287 { 288 struct hci_uart *hu = hci_get_drvdata(hdev); 289 290 BT_DBG("%s: type %d len %d", hdev->name, hci_skb_pkt_type(skb), 291 skb->len); 292 293 percpu_down_read(&hu->proto_lock); 294 295 if (!test_bit(HCI_UART_PROTO_READY, &hu->flags) && 296 !test_bit(HCI_UART_PROTO_INIT, &hu->flags)) { 297 percpu_up_read(&hu->proto_lock); 298 return -EUNATCH; 299 } 300 301 hu->proto->enqueue(hu, skb); 302 percpu_up_read(&hu->proto_lock); 303 304 hci_uart_tx_wakeup(hu); 305 306 return 0; 307 } 308 309 /* Check the underlying device or tty has flow control support */ 310 bool hci_uart_has_flow_control(struct hci_uart *hu) 311 { 312 /* serdev nodes check if the needed operations are present */ 313 if (hu->serdev) 314 return true; 315 316 if (hu->tty->driver->ops->tiocmget && hu->tty->driver->ops->tiocmset) 317 return true; 318 319 return false; 320 } 321 322 /* Flow control or un-flow control the device */ 323 void hci_uart_set_flow_control(struct hci_uart *hu, bool enable) 324 { 325 struct tty_struct *tty = hu->tty; 326 struct ktermios ktermios; 327 int status; 328 unsigned int set = 0; 329 unsigned int clear = 0; 330 331 if (hu->serdev) { 332 serdev_device_set_flow_control(hu->serdev, !enable); 333 serdev_device_set_rts(hu->serdev, !enable); 334 return; 335 } 336 337 if (enable) { 338 /* Disable hardware flow control */ 339 ktermios = tty->termios; 340 ktermios.c_cflag &= ~CRTSCTS; 341 tty_set_termios(tty, &ktermios); 342 BT_DBG("Disabling hardware flow control: %s", 343 (tty->termios.c_cflag & CRTSCTS) ? "failed" : "success"); 344 345 /* Clear RTS to prevent the device from sending */ 346 /* Most UARTs need OUT2 to enable interrupts */ 347 status = tty->driver->ops->tiocmget(tty); 348 BT_DBG("Current tiocm 0x%x", status); 349 350 set &= ~(TIOCM_OUT2 | TIOCM_RTS); 351 clear = ~set; 352 set &= TIOCM_DTR | TIOCM_RTS | TIOCM_OUT1 | 353 TIOCM_OUT2 | TIOCM_LOOP; 354 clear &= TIOCM_DTR | TIOCM_RTS | TIOCM_OUT1 | 355 TIOCM_OUT2 | TIOCM_LOOP; 356 status = tty->driver->ops->tiocmset(tty, set, clear); 357 BT_DBG("Clearing RTS: %s", status ? "failed" : "success"); 358 } else { 359 /* Set RTS to allow the device to send again */ 360 status = tty->driver->ops->tiocmget(tty); 361 BT_DBG("Current tiocm 0x%x", status); 362 363 set |= (TIOCM_OUT2 | TIOCM_RTS); 364 clear = ~set; 365 set &= TIOCM_DTR | TIOCM_RTS | TIOCM_OUT1 | 366 TIOCM_OUT2 | TIOCM_LOOP; 367 clear &= TIOCM_DTR | TIOCM_RTS | TIOCM_OUT1 | 368 TIOCM_OUT2 | TIOCM_LOOP; 369 status = tty->driver->ops->tiocmset(tty, set, clear); 370 BT_DBG("Setting RTS: %s", status ? "failed" : "success"); 371 372 /* Re-enable hardware flow control */ 373 ktermios = tty->termios; 374 ktermios.c_cflag |= CRTSCTS; 375 tty_set_termios(tty, &ktermios); 376 BT_DBG("Enabling hardware flow control: %s", 377 !(tty->termios.c_cflag & CRTSCTS) ? "failed" : "success"); 378 } 379 } 380 381 void hci_uart_set_speeds(struct hci_uart *hu, unsigned int init_speed, 382 unsigned int oper_speed) 383 { 384 hu->init_speed = init_speed; 385 hu->oper_speed = oper_speed; 386 } 387 388 void hci_uart_set_baudrate(struct hci_uart *hu, unsigned int speed) 389 { 390 struct tty_struct *tty = hu->tty; 391 struct ktermios ktermios; 392 393 ktermios = tty->termios; 394 ktermios.c_cflag &= ~CBAUD; 395 tty_termios_encode_baud_rate(&ktermios, speed, speed); 396 397 /* tty_set_termios() return not checked as it is always 0 */ 398 tty_set_termios(tty, &ktermios); 399 400 BT_DBG("%s: New tty speeds: %d/%d", hu->hdev->name, 401 tty->termios.c_ispeed, tty->termios.c_ospeed); 402 } 403 404 static int hci_uart_setup(struct hci_dev *hdev) 405 { 406 struct hci_uart *hu = hci_get_drvdata(hdev); 407 struct hci_rp_read_local_version *ver; 408 struct sk_buff *skb; 409 unsigned int speed; 410 int err; 411 412 /* Init speed if any */ 413 if (hu->init_speed) 414 speed = hu->init_speed; 415 else if (hu->proto->init_speed) 416 speed = hu->proto->init_speed; 417 else 418 speed = 0; 419 420 if (speed) 421 hci_uart_set_baudrate(hu, speed); 422 423 /* Operational speed if any */ 424 if (hu->oper_speed) 425 speed = hu->oper_speed; 426 else if (hu->proto->oper_speed) 427 speed = hu->proto->oper_speed; 428 else 429 speed = 0; 430 431 if (hu->proto->set_baudrate && speed) { 432 err = hu->proto->set_baudrate(hu, speed); 433 if (!err) 434 hci_uart_set_baudrate(hu, speed); 435 } 436 437 if (hu->proto->setup) 438 return hu->proto->setup(hu); 439 440 if (!test_bit(HCI_UART_VND_DETECT, &hu->hdev_flags)) 441 return 0; 442 443 skb = __hci_cmd_sync(hdev, HCI_OP_READ_LOCAL_VERSION, 0, NULL, 444 HCI_INIT_TIMEOUT); 445 if (IS_ERR(skb)) { 446 BT_ERR("%s: Reading local version information failed (%ld)", 447 hdev->name, PTR_ERR(skb)); 448 return 0; 449 } 450 451 if (skb->len != sizeof(*ver)) { 452 BT_ERR("%s: Event length mismatch for version information", 453 hdev->name); 454 goto done; 455 } 456 457 ver = (struct hci_rp_read_local_version *)skb->data; 458 459 switch (le16_to_cpu(ver->manufacturer)) { 460 #ifdef CONFIG_BT_HCIUART_INTEL 461 case 2: 462 hdev->set_bdaddr = btintel_set_bdaddr; 463 btintel_check_bdaddr(hdev); 464 break; 465 #endif 466 #ifdef CONFIG_BT_HCIUART_BCM 467 case 15: 468 hdev->set_bdaddr = btbcm_set_bdaddr; 469 btbcm_check_bdaddr(hdev); 470 break; 471 #endif 472 default: 473 break; 474 } 475 476 done: 477 kfree_skb(skb); 478 return 0; 479 } 480 481 /* ------ LDISC part ------ */ 482 /* hci_uart_tty_open 483 * 484 * Called when line discipline changed to HCI_UART. 485 * 486 * Arguments: 487 * tty pointer to tty info structure 488 * Return Value: 489 * 0 if success, otherwise error code 490 */ 491 static int hci_uart_tty_open(struct tty_struct *tty) 492 { 493 struct hci_uart *hu; 494 495 BT_DBG("tty %p", tty); 496 497 if (!capable(CAP_NET_ADMIN)) 498 return -EPERM; 499 500 /* Error if the tty has no write op instead of leaving an exploitable 501 * hole 502 */ 503 if (tty->ops->write == NULL) 504 return -EOPNOTSUPP; 505 506 hu = kzalloc_obj(*hu); 507 if (!hu) { 508 BT_ERR("Can't allocate control structure"); 509 return -ENFILE; 510 } 511 if (percpu_init_rwsem(&hu->proto_lock)) { 512 BT_ERR("Can't allocate semaphore structure"); 513 kfree(hu); 514 return -ENOMEM; 515 } 516 517 tty->disc_data = hu; 518 hu->tty = tty; 519 tty->receive_room = 65536; 520 521 /* disable alignment support by default */ 522 hu->alignment = 1; 523 hu->padding = 0; 524 525 /* Use serial port speed as oper_speed */ 526 hu->oper_speed = tty->termios.c_ospeed; 527 528 INIT_WORK(&hu->init_ready, hci_uart_init_work); 529 INIT_WORK(&hu->write_work, hci_uart_write_work); 530 531 /* Flush any pending characters in the driver */ 532 tty_driver_flush_buffer(tty); 533 534 return 0; 535 } 536 537 /* hci_uart_tty_close() 538 * 539 * Called when the line discipline is changed to something 540 * else, the tty is closed, or the tty detects a hangup. 541 */ 542 static void hci_uart_tty_close(struct tty_struct *tty) 543 { 544 struct hci_uart *hu = tty->disc_data; 545 struct hci_dev *hdev; 546 bool proto_ready; 547 548 BT_DBG("tty %p", tty); 549 550 /* Detach from the tty */ 551 tty->disc_data = NULL; 552 553 if (!hu) 554 return; 555 556 /* Wait for init_ready to finish to prevent registration races */ 557 cancel_work_sync(&hu->init_ready); 558 559 proto_ready = test_bit(HCI_UART_PROTO_READY, &hu->flags); 560 if (proto_ready) { 561 percpu_down_write(&hu->proto_lock); 562 clear_bit(HCI_UART_PROTO_READY, &hu->flags); 563 percpu_up_write(&hu->proto_lock); 564 } 565 566 /* 567 * Unconditionally cancel write_work AFTER clearing PROTO_READY. 568 * This ensures that concurrent protocol timers cannot requeue 569 * write_work via hci_uart_tx_wakeup(), permanently preventing 570 * double-free races and UAFs. 571 */ 572 cancel_work_sync(&hu->write_work); 573 574 hdev = hu->hdev; 575 if (hdev) 576 hci_uart_close(hdev); /* proto->flush is safely skipped */ 577 578 if (proto_ready) { 579 if (hdev) { 580 if (test_bit(HCI_UART_REGISTERED, &hu->flags)) 581 hci_unregister_dev(hdev); 582 } 583 /* Close protocol before freeing hdev (intrinsically purges queues) */ 584 hu->proto->close(hu); 585 586 if (hdev) 587 hci_free_dev(hdev); 588 } 589 clear_bit(HCI_UART_PROTO_SET, &hu->flags); 590 591 percpu_free_rwsem(&hu->proto_lock); 592 593 kfree(hu); 594 } 595 596 /* hci_uart_tty_wakeup() 597 * 598 * Callback for transmit wakeup. Called when low level 599 * device driver can accept more send data. 600 * 601 * Arguments: tty pointer to associated tty instance data 602 * Return Value: None 603 */ 604 static void hci_uart_tty_wakeup(struct tty_struct *tty) 605 { 606 struct hci_uart *hu = tty->disc_data; 607 608 BT_DBG(""); 609 610 if (!hu) 611 return; 612 613 clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags); 614 615 if (tty != hu->tty) 616 return; 617 618 if (test_bit(HCI_UART_PROTO_READY, &hu->flags) || 619 test_bit(HCI_UART_PROTO_INIT, &hu->flags)) 620 hci_uart_tx_wakeup(hu); 621 } 622 623 /* hci_uart_tty_receive() 624 * 625 * Called by tty low level driver when receive data is 626 * available. 627 * 628 * Arguments: tty pointer to tty instance data 629 * data pointer to received data 630 * flags pointer to flags for data 631 * count count of received data in bytes 632 * 633 * Return Value: None 634 */ 635 static void hci_uart_tty_receive(struct tty_struct *tty, const u8 *data, 636 const u8 *flags, size_t count) 637 { 638 struct hci_uart *hu = tty->disc_data; 639 640 if (!hu || tty != hu->tty) 641 return; 642 643 percpu_down_read(&hu->proto_lock); 644 645 if (!test_bit(HCI_UART_PROTO_READY, &hu->flags) && 646 !test_bit(HCI_UART_PROTO_INIT, &hu->flags)) { 647 percpu_up_read(&hu->proto_lock); 648 return; 649 } 650 651 /* It does not need a lock here as it is already protected by a mutex in 652 * tty caller 653 */ 654 hu->proto->recv(hu, data, count); 655 656 if (hu->hdev) 657 hu->hdev->stat.byte_rx += count; 658 659 percpu_up_read(&hu->proto_lock); 660 661 tty_unthrottle(tty); 662 } 663 664 static int hci_uart_register_dev(struct hci_uart *hu) 665 { 666 struct hci_dev *hdev; 667 int err; 668 669 BT_DBG(""); 670 671 /* Initialize and register HCI device */ 672 hdev = hci_alloc_dev(); 673 if (!hdev) { 674 BT_ERR("Can't allocate HCI device"); 675 return -ENOMEM; 676 } 677 678 hu->hdev = hdev; 679 680 hdev->bus = HCI_UART; 681 hci_set_drvdata(hdev, hu); 682 683 /* Only when vendor specific setup callback is provided, consider 684 * the manufacturer information valid. This avoids filling in the 685 * value for Ericsson when nothing is specified. 686 */ 687 if (hu->proto->setup) 688 hdev->manufacturer = hu->proto->manufacturer; 689 690 hdev->open = hci_uart_open; 691 hdev->close = hci_uart_close; 692 hdev->flush = hci_uart_flush; 693 hdev->send = hci_uart_send_frame; 694 hdev->setup = hci_uart_setup; 695 SET_HCIDEV_DEV(hdev, hu->tty->dev); 696 697 if (test_bit(HCI_UART_RAW_DEVICE, &hu->hdev_flags)) 698 hci_set_quirk(hdev, HCI_QUIRK_RAW_DEVICE); 699 700 if (test_bit(HCI_UART_EXT_CONFIG, &hu->hdev_flags)) 701 hci_set_quirk(hdev, HCI_QUIRK_EXTERNAL_CONFIG); 702 703 if (!test_bit(HCI_UART_RESET_ON_INIT, &hu->hdev_flags)) 704 hci_set_quirk(hdev, HCI_QUIRK_RESET_ON_CLOSE); 705 706 /* Only call open() for the protocol after hdev is fully initialized as 707 * open() (or a timer/workqueue it starts) may attempt to reference it. 708 */ 709 err = hu->proto->open(hu); 710 if (err) { 711 hu->hdev = NULL; 712 hci_free_dev(hdev); 713 return err; 714 } 715 716 set_bit(HCI_UART_PROTO_INIT, &hu->flags); 717 718 if (test_bit(HCI_UART_INIT_PENDING, &hu->hdev_flags)) 719 return 0; 720 721 if (hci_register_dev(hdev) < 0) { 722 BT_ERR("Can't register HCI device"); 723 percpu_down_write(&hu->proto_lock); 724 clear_bit(HCI_UART_PROTO_INIT, &hu->flags); 725 percpu_up_write(&hu->proto_lock); 726 /* Cancel work after clearing flags */ 727 cancel_work_sync(&hu->write_work); 728 729 /* Close protocol before freeing hdev */ 730 hu->proto->close(hu); 731 hu->hdev = NULL; 732 hci_free_dev(hdev); 733 return -ENODEV; 734 } 735 736 set_bit(HCI_UART_REGISTERED, &hu->flags); 737 738 return 0; 739 } 740 741 static int hci_uart_set_proto(struct hci_uart *hu, int id) 742 { 743 const struct hci_uart_proto *p; 744 int err; 745 746 p = hci_uart_get_proto(id); 747 if (!p) 748 return -EPROTONOSUPPORT; 749 750 hu->proto = p; 751 752 err = hci_uart_register_dev(hu); 753 if (err) { 754 return err; 755 } 756 757 set_bit(HCI_UART_PROTO_READY, &hu->flags); 758 clear_bit(HCI_UART_PROTO_INIT, &hu->flags); 759 760 return 0; 761 } 762 763 static int hci_uart_set_flags(struct hci_uart *hu, unsigned long flags) 764 { 765 unsigned long valid_flags = BIT(HCI_UART_RAW_DEVICE) | 766 BIT(HCI_UART_RESET_ON_INIT) | 767 BIT(HCI_UART_INIT_PENDING) | 768 BIT(HCI_UART_EXT_CONFIG) | 769 BIT(HCI_UART_VND_DETECT); 770 771 if (flags & ~valid_flags) 772 return -EINVAL; 773 774 hu->hdev_flags = flags; 775 776 return 0; 777 } 778 779 /* hci_uart_tty_ioctl() 780 * 781 * Process IOCTL system call for the tty device. 782 * 783 * Arguments: 784 * 785 * tty pointer to tty instance data 786 * cmd IOCTL command code 787 * arg argument for IOCTL call (cmd dependent) 788 * 789 * Return Value: Command dependent 790 */ 791 static int hci_uart_tty_ioctl(struct tty_struct *tty, unsigned int cmd, 792 unsigned long arg) 793 { 794 struct hci_uart *hu = tty->disc_data; 795 int err = 0; 796 797 BT_DBG(""); 798 799 /* Verify the status of the device */ 800 if (!hu) 801 return -EBADF; 802 803 switch (cmd) { 804 case HCIUARTSETPROTO: 805 if (!test_and_set_bit(HCI_UART_PROTO_SET, &hu->flags)) { 806 err = hci_uart_set_proto(hu, arg); 807 if (err) 808 clear_bit(HCI_UART_PROTO_SET, &hu->flags); 809 } else 810 err = -EBUSY; 811 break; 812 813 case HCIUARTGETPROTO: 814 if (test_bit(HCI_UART_PROTO_SET, &hu->flags) && 815 test_bit(HCI_UART_PROTO_READY, &hu->flags)) 816 err = hu->proto->id; 817 else 818 err = -EUNATCH; 819 break; 820 821 case HCIUARTGETDEVICE: 822 if (test_bit(HCI_UART_REGISTERED, &hu->flags)) 823 err = hu->hdev->id; 824 else 825 err = -EUNATCH; 826 break; 827 828 case HCIUARTSETFLAGS: 829 if (test_bit(HCI_UART_PROTO_SET, &hu->flags)) 830 err = -EBUSY; 831 else 832 err = hci_uart_set_flags(hu, arg); 833 break; 834 835 case HCIUARTGETFLAGS: 836 err = hu->hdev_flags; 837 break; 838 839 default: 840 err = n_tty_ioctl_helper(tty, cmd, arg); 841 break; 842 } 843 844 return err; 845 } 846 847 /* 848 * We don't provide read/write/poll interface for user space. 849 */ 850 static ssize_t hci_uart_tty_read(struct tty_struct *tty, struct file *file, 851 u8 *buf, size_t nr, void **cookie, 852 unsigned long offset) 853 { 854 return 0; 855 } 856 857 static ssize_t hci_uart_tty_write(struct tty_struct *tty, struct file *file, 858 const u8 *data, size_t count) 859 { 860 return 0; 861 } 862 863 static struct tty_ldisc_ops hci_uart_ldisc = { 864 .owner = THIS_MODULE, 865 .num = N_HCI, 866 .name = "n_hci", 867 .open = hci_uart_tty_open, 868 .close = hci_uart_tty_close, 869 .read = hci_uart_tty_read, 870 .write = hci_uart_tty_write, 871 .ioctl = hci_uart_tty_ioctl, 872 .compat_ioctl = hci_uart_tty_ioctl, 873 .receive_buf = hci_uart_tty_receive, 874 .write_wakeup = hci_uart_tty_wakeup, 875 }; 876 877 static int __init hci_uart_init(void) 878 { 879 int err; 880 881 BT_INFO("HCI UART driver ver %s", VERSION); 882 883 /* Register the tty discipline */ 884 err = tty_register_ldisc(&hci_uart_ldisc); 885 if (err) { 886 BT_ERR("HCI line discipline registration failed. (%d)", err); 887 return err; 888 } 889 890 #ifdef CONFIG_BT_HCIUART_H4 891 h4_init(); 892 #endif 893 #ifdef CONFIG_BT_HCIUART_BCSP 894 bcsp_init(); 895 #endif 896 #ifdef CONFIG_BT_HCIUART_LL 897 ll_init(); 898 #endif 899 #ifdef CONFIG_BT_HCIUART_ATH3K 900 ath_init(); 901 #endif 902 #ifdef CONFIG_BT_HCIUART_3WIRE 903 h5_init(); 904 #endif 905 #ifdef CONFIG_BT_HCIUART_INTEL 906 intel_init(); 907 #endif 908 #ifdef CONFIG_BT_HCIUART_BCM 909 bcm_init(); 910 #endif 911 #ifdef CONFIG_BT_HCIUART_QCA 912 qca_init(); 913 #endif 914 #ifdef CONFIG_BT_HCIUART_AG6XX 915 ag6xx_init(); 916 #endif 917 #ifdef CONFIG_BT_HCIUART_MRVL 918 mrvl_init(); 919 #endif 920 #ifdef CONFIG_BT_HCIUART_AML 921 aml_init(); 922 #endif 923 return 0; 924 } 925 926 static void __exit hci_uart_exit(void) 927 { 928 #ifdef CONFIG_BT_HCIUART_H4 929 h4_deinit(); 930 #endif 931 #ifdef CONFIG_BT_HCIUART_BCSP 932 bcsp_deinit(); 933 #endif 934 #ifdef CONFIG_BT_HCIUART_LL 935 ll_deinit(); 936 #endif 937 #ifdef CONFIG_BT_HCIUART_ATH3K 938 ath_deinit(); 939 #endif 940 #ifdef CONFIG_BT_HCIUART_3WIRE 941 h5_deinit(); 942 #endif 943 #ifdef CONFIG_BT_HCIUART_INTEL 944 intel_deinit(); 945 #endif 946 #ifdef CONFIG_BT_HCIUART_BCM 947 bcm_deinit(); 948 #endif 949 #ifdef CONFIG_BT_HCIUART_QCA 950 qca_deinit(); 951 #endif 952 #ifdef CONFIG_BT_HCIUART_AG6XX 953 ag6xx_deinit(); 954 #endif 955 #ifdef CONFIG_BT_HCIUART_MRVL 956 mrvl_deinit(); 957 #endif 958 #ifdef CONFIG_BT_HCIUART_AML 959 aml_deinit(); 960 #endif 961 tty_unregister_ldisc(&hci_uart_ldisc); 962 } 963 964 module_init(hci_uart_init); 965 module_exit(hci_uart_exit); 966 967 MODULE_AUTHOR("Marcel Holtmann <marcel@holtmann.org>"); 968 MODULE_DESCRIPTION("Bluetooth HCI UART driver ver " VERSION); 969 MODULE_VERSION(VERSION); 970 MODULE_LICENSE("GPL"); 971 MODULE_ALIAS_LDISC(N_HCI); 972