1 // SPDX-License-Identifier: GPL-2.0-or-later
4 * Bluetooth HCI UART driver
6 * Copyright (C) 2000-2001 Qualcomm Incorporated
7 * Copyright (C) 2002-2003 Maxim Krasnyansky <maxk@qualcomm.com>
8 * Copyright (C) 2004-2005 Marcel Holtmann <marcel@holtmann.org>
11 #include <linux/module.h>
13 #include <linux/kernel.h>
14 #include <linux/init.h>
15 #include <linux/types.h>
16 #include <linux/fcntl.h>
17 #include <linux/interrupt.h>
18 #include <linux/ptrace.h>
19 #include <linux/poll.h>
21 #include <linux/slab.h>
22 #include <linux/tty.h>
23 #include <linux/errno.h>
24 #include <linux/string.h>
25 #include <linux/signal.h>
26 #include <linux/ioctl.h>
27 #include <linux/skbuff.h>
28 #include <linux/firmware.h>
29 #include <linux/serdev.h>
31 #include <net/bluetooth/bluetooth.h>
32 #include <net/bluetooth/hci_core.h>
40 static const struct hci_uart_proto *hup[HCI_UART_MAX_PROTO];
42 int hci_uart_register_proto(const struct hci_uart_proto *p)
44 if (p->id >= HCI_UART_MAX_PROTO)
52 BT_INFO("HCI UART protocol %s registered", p->name);
57 int hci_uart_unregister_proto(const struct hci_uart_proto *p)
59 if (p->id >= HCI_UART_MAX_PROTO)
70 static const struct hci_uart_proto *hci_uart_get_proto(unsigned int id)
72 if (id >= HCI_UART_MAX_PROTO)
78 static inline void hci_uart_tx_complete(struct hci_uart *hu, int pkt_type)
80 struct hci_dev *hdev = hu->hdev;
82 /* Update HCI stat counters */
98 static inline struct sk_buff *hci_uart_dequeue(struct hci_uart *hu)
100 struct sk_buff *skb = hu->tx_skb;
103 percpu_down_read(&hu->proto_lock);
105 if (test_bit(HCI_UART_PROTO_READY, &hu->flags))
106 skb = hu->proto->dequeue(hu);
108 percpu_up_read(&hu->proto_lock);
116 int hci_uart_tx_wakeup(struct hci_uart *hu)
118 /* This may be called in an IRQ context, so we can't sleep. Therefore
119 * we try to acquire the lock only, and if that fails we assume the
120 * tty is being closed because that is the only time the write lock is
121 * acquired. If, however, at some point in the future the write lock
122 * is also acquired in other situations, then this must be revisited.
124 if (!percpu_down_read_trylock(&hu->proto_lock))
127 if (!test_bit(HCI_UART_PROTO_READY, &hu->flags))
130 if (test_and_set_bit(HCI_UART_SENDING, &hu->tx_state)) {
131 set_bit(HCI_UART_TX_WAKEUP, &hu->tx_state);
137 schedule_work(&hu->write_work);
140 percpu_up_read(&hu->proto_lock);
144 EXPORT_SYMBOL_GPL(hci_uart_tx_wakeup);
146 static void hci_uart_write_work(struct work_struct *work)
148 struct hci_uart *hu = container_of(work, struct hci_uart, write_work);
149 struct tty_struct *tty = hu->tty;
150 struct hci_dev *hdev = hu->hdev;
153 /* REVISIT: should we cope with bad skbs or ->write() returning
158 clear_bit(HCI_UART_TX_WAKEUP, &hu->tx_state);
160 while ((skb = hci_uart_dequeue(hu))) {
163 set_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
164 len = tty->ops->write(tty, skb->data, skb->len);
165 hdev->stat.byte_tx += len;
173 hci_uart_tx_complete(hu, hci_skb_pkt_type(skb));
177 if (test_bit(HCI_UART_TX_WAKEUP, &hu->tx_state))
180 clear_bit(HCI_UART_SENDING, &hu->tx_state);
181 wake_up_bit(&hu->tx_state, HCI_UART_SENDING);
184 void hci_uart_init_work(struct work_struct *work)
186 struct hci_uart *hu = container_of(work, struct hci_uart, init_ready);
188 struct hci_dev *hdev;
190 if (!test_and_clear_bit(HCI_UART_INIT_PENDING, &hu->hdev_flags))
193 err = hci_register_dev(hu->hdev);
195 BT_ERR("Can't register HCI device");
196 clear_bit(HCI_UART_PROTO_READY, &hu->flags);
197 hu->proto->close(hu);
204 set_bit(HCI_UART_REGISTERED, &hu->flags);
207 int hci_uart_init_ready(struct hci_uart *hu)
209 if (!test_bit(HCI_UART_INIT_PENDING, &hu->hdev_flags))
212 schedule_work(&hu->init_ready);
217 int hci_uart_wait_until_sent(struct hci_uart *hu)
219 return wait_on_bit_timeout(&hu->tx_state, HCI_UART_SENDING,
221 msecs_to_jiffies(2000));
224 /* ------- Interface to HCI layer ------ */
226 static int hci_uart_flush(struct hci_dev *hdev)
228 struct hci_uart *hu = hci_get_drvdata(hdev);
229 struct tty_struct *tty = hu->tty;
231 BT_DBG("hdev %p tty %p", hdev, tty);
234 kfree_skb(hu->tx_skb); hu->tx_skb = NULL;
237 /* Flush any pending characters in the driver and discipline. */
238 tty_ldisc_flush(tty);
239 tty_driver_flush_buffer(tty);
241 percpu_down_read(&hu->proto_lock);
243 if (test_bit(HCI_UART_PROTO_READY, &hu->flags))
244 hu->proto->flush(hu);
246 percpu_up_read(&hu->proto_lock);
251 /* Initialize device */
252 static int hci_uart_open(struct hci_dev *hdev)
254 BT_DBG("%s %p", hdev->name, hdev);
256 /* Undo clearing this from hci_uart_close() */
257 hdev->flush = hci_uart_flush;
263 static int hci_uart_close(struct hci_dev *hdev)
265 BT_DBG("hdev %p", hdev);
267 hci_uart_flush(hdev);
272 /* Send frames from HCI layer */
273 static int hci_uart_send_frame(struct hci_dev *hdev, struct sk_buff *skb)
275 struct hci_uart *hu = hci_get_drvdata(hdev);
277 BT_DBG("%s: type %d len %d", hdev->name, hci_skb_pkt_type(skb),
280 percpu_down_read(&hu->proto_lock);
282 if (!test_bit(HCI_UART_PROTO_READY, &hu->flags)) {
283 percpu_up_read(&hu->proto_lock);
287 hu->proto->enqueue(hu, skb);
288 percpu_up_read(&hu->proto_lock);
290 hci_uart_tx_wakeup(hu);
295 /* Flow control or un-flow control the device */
296 void hci_uart_set_flow_control(struct hci_uart *hu, bool enable)
298 struct tty_struct *tty = hu->tty;
299 struct ktermios ktermios;
301 unsigned int set = 0;
302 unsigned int clear = 0;
305 serdev_device_set_flow_control(hu->serdev, !enable);
306 serdev_device_set_rts(hu->serdev, !enable);
311 /* Disable hardware flow control */
312 ktermios = tty->termios;
313 ktermios.c_cflag &= ~CRTSCTS;
314 status = tty_set_termios(tty, &ktermios);
315 BT_DBG("Disabling hardware flow control: %s",
316 status ? "failed" : "success");
318 /* Clear RTS to prevent the device from sending */
319 /* Most UARTs need OUT2 to enable interrupts */
320 status = tty->driver->ops->tiocmget(tty);
321 BT_DBG("Current tiocm 0x%x", status);
323 set &= ~(TIOCM_OUT2 | TIOCM_RTS);
325 set &= TIOCM_DTR | TIOCM_RTS | TIOCM_OUT1 |
326 TIOCM_OUT2 | TIOCM_LOOP;
327 clear &= TIOCM_DTR | TIOCM_RTS | TIOCM_OUT1 |
328 TIOCM_OUT2 | TIOCM_LOOP;
329 status = tty->driver->ops->tiocmset(tty, set, clear);
330 BT_DBG("Clearing RTS: %s", status ? "failed" : "success");
332 /* Set RTS to allow the device to send again */
333 status = tty->driver->ops->tiocmget(tty);
334 BT_DBG("Current tiocm 0x%x", status);
336 set |= (TIOCM_OUT2 | TIOCM_RTS);
338 set &= TIOCM_DTR | TIOCM_RTS | TIOCM_OUT1 |
339 TIOCM_OUT2 | TIOCM_LOOP;
340 clear &= TIOCM_DTR | TIOCM_RTS | TIOCM_OUT1 |
341 TIOCM_OUT2 | TIOCM_LOOP;
342 status = tty->driver->ops->tiocmset(tty, set, clear);
343 BT_DBG("Setting RTS: %s", status ? "failed" : "success");
345 /* Re-enable hardware flow control */
346 ktermios = tty->termios;
347 ktermios.c_cflag |= CRTSCTS;
348 status = tty_set_termios(tty, &ktermios);
349 BT_DBG("Enabling hardware flow control: %s",
350 status ? "failed" : "success");
354 void hci_uart_set_speeds(struct hci_uart *hu, unsigned int init_speed,
355 unsigned int oper_speed)
357 hu->init_speed = init_speed;
358 hu->oper_speed = oper_speed;
361 void hci_uart_set_baudrate(struct hci_uart *hu, unsigned int speed)
363 struct tty_struct *tty = hu->tty;
364 struct ktermios ktermios;
366 ktermios = tty->termios;
367 ktermios.c_cflag &= ~CBAUD;
368 tty_termios_encode_baud_rate(&ktermios, speed, speed);
370 /* tty_set_termios() return not checked as it is always 0 */
371 tty_set_termios(tty, &ktermios);
373 BT_DBG("%s: New tty speeds: %d/%d", hu->hdev->name,
374 tty->termios.c_ispeed, tty->termios.c_ospeed);
377 static int hci_uart_setup(struct hci_dev *hdev)
379 struct hci_uart *hu = hci_get_drvdata(hdev);
380 struct hci_rp_read_local_version *ver;
385 /* Init speed if any */
387 speed = hu->init_speed;
388 else if (hu->proto->init_speed)
389 speed = hu->proto->init_speed;
394 hci_uart_set_baudrate(hu, speed);
396 /* Operational speed if any */
398 speed = hu->oper_speed;
399 else if (hu->proto->oper_speed)
400 speed = hu->proto->oper_speed;
404 if (hu->proto->set_baudrate && speed) {
405 err = hu->proto->set_baudrate(hu, speed);
407 hci_uart_set_baudrate(hu, speed);
410 if (hu->proto->setup)
411 return hu->proto->setup(hu);
413 if (!test_bit(HCI_UART_VND_DETECT, &hu->hdev_flags))
416 skb = __hci_cmd_sync(hdev, HCI_OP_READ_LOCAL_VERSION, 0, NULL,
419 BT_ERR("%s: Reading local version information failed (%ld)",
420 hdev->name, PTR_ERR(skb));
424 if (skb->len != sizeof(*ver)) {
425 BT_ERR("%s: Event length mismatch for version information",
430 ver = (struct hci_rp_read_local_version *)skb->data;
432 switch (le16_to_cpu(ver->manufacturer)) {
433 #ifdef CONFIG_BT_HCIUART_INTEL
435 hdev->set_bdaddr = btintel_set_bdaddr;
436 btintel_check_bdaddr(hdev);
439 #ifdef CONFIG_BT_HCIUART_BCM
441 hdev->set_bdaddr = btbcm_set_bdaddr;
442 btbcm_check_bdaddr(hdev);
454 /* ------ LDISC part ------ */
457 * Called when line discipline changed to HCI_UART.
460 * tty pointer to tty info structure
462 * 0 if success, otherwise error code
464 static int hci_uart_tty_open(struct tty_struct *tty)
468 BT_DBG("tty %p", tty);
470 /* Error if the tty has no write op instead of leaving an exploitable
473 if (tty->ops->write == NULL)
476 hu = kzalloc(sizeof(struct hci_uart), GFP_KERNEL);
478 BT_ERR("Can't allocate control structure");
484 tty->receive_room = 65536;
486 /* disable alignment support by default */
490 INIT_WORK(&hu->init_ready, hci_uart_init_work);
491 INIT_WORK(&hu->write_work, hci_uart_write_work);
493 percpu_init_rwsem(&hu->proto_lock);
495 /* Flush any pending characters in the driver */
496 tty_driver_flush_buffer(tty);
501 /* hci_uart_tty_close()
503 * Called when the line discipline is changed to something
504 * else, the tty is closed, or the tty detects a hangup.
506 static void hci_uart_tty_close(struct tty_struct *tty)
508 struct hci_uart *hu = tty->disc_data;
509 struct hci_dev *hdev;
511 BT_DBG("tty %p", tty);
513 /* Detach from the tty */
514 tty->disc_data = NULL;
521 hci_uart_close(hdev);
523 if (test_bit(HCI_UART_PROTO_READY, &hu->flags)) {
524 percpu_down_write(&hu->proto_lock);
525 clear_bit(HCI_UART_PROTO_READY, &hu->flags);
526 percpu_up_write(&hu->proto_lock);
528 cancel_work_sync(&hu->write_work);
531 if (test_bit(HCI_UART_REGISTERED, &hu->flags))
532 hci_unregister_dev(hdev);
535 hu->proto->close(hu);
537 clear_bit(HCI_UART_PROTO_SET, &hu->flags);
539 percpu_free_rwsem(&hu->proto_lock);
544 /* hci_uart_tty_wakeup()
546 * Callback for transmit wakeup. Called when low level
547 * device driver can accept more send data.
549 * Arguments: tty pointer to associated tty instance data
552 static void hci_uart_tty_wakeup(struct tty_struct *tty)
554 struct hci_uart *hu = tty->disc_data;
561 clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
566 if (test_bit(HCI_UART_PROTO_READY, &hu->flags))
567 hci_uart_tx_wakeup(hu);
570 /* hci_uart_tty_receive()
572 * Called by tty low level driver when receive data is
575 * Arguments: tty pointer to tty isntance data
576 * data pointer to received data
577 * flags pointer to flags for data
578 * count count of received data in bytes
582 static void hci_uart_tty_receive(struct tty_struct *tty, const u8 *data,
583 char *flags, int count)
585 struct hci_uart *hu = tty->disc_data;
587 if (!hu || tty != hu->tty)
590 percpu_down_read(&hu->proto_lock);
592 if (!test_bit(HCI_UART_PROTO_READY, &hu->flags)) {
593 percpu_up_read(&hu->proto_lock);
597 /* It does not need a lock here as it is already protected by a mutex in
600 hu->proto->recv(hu, data, count);
601 percpu_up_read(&hu->proto_lock);
604 hu->hdev->stat.byte_rx += count;
609 static int hci_uart_register_dev(struct hci_uart *hu)
611 struct hci_dev *hdev;
616 /* Initialize and register HCI device */
617 hdev = hci_alloc_dev();
619 BT_ERR("Can't allocate HCI device");
625 hdev->bus = HCI_UART;
626 hci_set_drvdata(hdev, hu);
628 /* Only when vendor specific setup callback is provided, consider
629 * the manufacturer information valid. This avoids filling in the
630 * value for Ericsson when nothing is specified.
632 if (hu->proto->setup)
633 hdev->manufacturer = hu->proto->manufacturer;
635 hdev->open = hci_uart_open;
636 hdev->close = hci_uart_close;
637 hdev->flush = hci_uart_flush;
638 hdev->send = hci_uart_send_frame;
639 hdev->setup = hci_uart_setup;
640 SET_HCIDEV_DEV(hdev, hu->tty->dev);
642 if (test_bit(HCI_UART_RAW_DEVICE, &hu->hdev_flags))
643 set_bit(HCI_QUIRK_RAW_DEVICE, &hdev->quirks);
645 if (test_bit(HCI_UART_EXT_CONFIG, &hu->hdev_flags))
646 set_bit(HCI_QUIRK_EXTERNAL_CONFIG, &hdev->quirks);
648 if (!test_bit(HCI_UART_RESET_ON_INIT, &hu->hdev_flags))
649 set_bit(HCI_QUIRK_RESET_ON_CLOSE, &hdev->quirks);
651 if (test_bit(HCI_UART_CREATE_AMP, &hu->hdev_flags))
652 hdev->dev_type = HCI_AMP;
654 hdev->dev_type = HCI_PRIMARY;
656 /* Only call open() for the protocol after hdev is fully initialized as
657 * open() (or a timer/workqueue it starts) may attempt to reference it.
659 err = hu->proto->open(hu);
666 if (test_bit(HCI_UART_INIT_PENDING, &hu->hdev_flags))
669 if (hci_register_dev(hdev) < 0) {
670 BT_ERR("Can't register HCI device");
671 hu->proto->close(hu);
677 set_bit(HCI_UART_REGISTERED, &hu->flags);
682 static int hci_uart_set_proto(struct hci_uart *hu, int id)
684 const struct hci_uart_proto *p;
687 p = hci_uart_get_proto(id);
689 return -EPROTONOSUPPORT;
693 err = hci_uart_register_dev(hu);
698 set_bit(HCI_UART_PROTO_READY, &hu->flags);
702 static int hci_uart_set_flags(struct hci_uart *hu, unsigned long flags)
704 unsigned long valid_flags = BIT(HCI_UART_RAW_DEVICE) |
705 BIT(HCI_UART_RESET_ON_INIT) |
706 BIT(HCI_UART_CREATE_AMP) |
707 BIT(HCI_UART_INIT_PENDING) |
708 BIT(HCI_UART_EXT_CONFIG) |
709 BIT(HCI_UART_VND_DETECT);
711 if (flags & ~valid_flags)
714 hu->hdev_flags = flags;
719 /* hci_uart_tty_ioctl()
721 * Process IOCTL system call for the tty device.
725 * tty pointer to tty instance data
726 * file pointer to open file object for device
727 * cmd IOCTL command code
728 * arg argument for IOCTL call (cmd dependent)
730 * Return Value: Command dependent
732 static int hci_uart_tty_ioctl(struct tty_struct *tty, struct file *file,
733 unsigned int cmd, unsigned long arg)
735 struct hci_uart *hu = tty->disc_data;
740 /* Verify the status of the device */
745 case HCIUARTSETPROTO:
746 if (!test_and_set_bit(HCI_UART_PROTO_SET, &hu->flags)) {
747 err = hci_uart_set_proto(hu, arg);
749 clear_bit(HCI_UART_PROTO_SET, &hu->flags);
754 case HCIUARTGETPROTO:
755 if (test_bit(HCI_UART_PROTO_SET, &hu->flags))
761 case HCIUARTGETDEVICE:
762 if (test_bit(HCI_UART_REGISTERED, &hu->flags))
768 case HCIUARTSETFLAGS:
769 if (test_bit(HCI_UART_PROTO_SET, &hu->flags))
772 err = hci_uart_set_flags(hu, arg);
775 case HCIUARTGETFLAGS:
776 err = hu->hdev_flags;
780 err = n_tty_ioctl_helper(tty, file, cmd, arg);
788 * We don't provide read/write/poll interface for user space.
790 static ssize_t hci_uart_tty_read(struct tty_struct *tty, struct file *file,
791 unsigned char __user *buf, size_t nr)
796 static ssize_t hci_uart_tty_write(struct tty_struct *tty, struct file *file,
797 const unsigned char *data, size_t count)
802 static __poll_t hci_uart_tty_poll(struct tty_struct *tty,
803 struct file *filp, poll_table *wait)
808 static int __init hci_uart_init(void)
810 static struct tty_ldisc_ops hci_uart_ldisc;
813 BT_INFO("HCI UART driver ver %s", VERSION);
815 /* Register the tty discipline */
817 memset(&hci_uart_ldisc, 0, sizeof(hci_uart_ldisc));
818 hci_uart_ldisc.magic = TTY_LDISC_MAGIC;
819 hci_uart_ldisc.name = "n_hci";
820 hci_uart_ldisc.open = hci_uart_tty_open;
821 hci_uart_ldisc.close = hci_uart_tty_close;
822 hci_uart_ldisc.read = hci_uart_tty_read;
823 hci_uart_ldisc.write = hci_uart_tty_write;
824 hci_uart_ldisc.ioctl = hci_uart_tty_ioctl;
825 hci_uart_ldisc.compat_ioctl = hci_uart_tty_ioctl;
826 hci_uart_ldisc.poll = hci_uart_tty_poll;
827 hci_uart_ldisc.receive_buf = hci_uart_tty_receive;
828 hci_uart_ldisc.write_wakeup = hci_uart_tty_wakeup;
829 hci_uart_ldisc.owner = THIS_MODULE;
831 err = tty_register_ldisc(N_HCI, &hci_uart_ldisc);
833 BT_ERR("HCI line discipline registration failed. (%d)", err);
837 #ifdef CONFIG_BT_HCIUART_H4
840 #ifdef CONFIG_BT_HCIUART_BCSP
843 #ifdef CONFIG_BT_HCIUART_LL
846 #ifdef CONFIG_BT_HCIUART_ATH3K
849 #ifdef CONFIG_BT_HCIUART_3WIRE
852 #ifdef CONFIG_BT_HCIUART_INTEL
855 #ifdef CONFIG_BT_HCIUART_BCM
858 #ifdef CONFIG_BT_HCIUART_QCA
861 #ifdef CONFIG_BT_HCIUART_AG6XX
864 #ifdef CONFIG_BT_HCIUART_MRVL
871 static void __exit hci_uart_exit(void)
875 #ifdef CONFIG_BT_HCIUART_H4
878 #ifdef CONFIG_BT_HCIUART_BCSP
881 #ifdef CONFIG_BT_HCIUART_LL
884 #ifdef CONFIG_BT_HCIUART_ATH3K
887 #ifdef CONFIG_BT_HCIUART_3WIRE
890 #ifdef CONFIG_BT_HCIUART_INTEL
893 #ifdef CONFIG_BT_HCIUART_BCM
896 #ifdef CONFIG_BT_HCIUART_QCA
899 #ifdef CONFIG_BT_HCIUART_AG6XX
902 #ifdef CONFIG_BT_HCIUART_MRVL
906 /* Release tty registration of line discipline */
907 err = tty_unregister_ldisc(N_HCI);
909 BT_ERR("Can't unregister HCI line discipline (%d)", err);
912 module_init(hci_uart_init);
913 module_exit(hci_uart_exit);
915 MODULE_AUTHOR("Marcel Holtmann <marcel@holtmann.org>");
916 MODULE_DESCRIPTION("Bluetooth HCI UART driver ver " VERSION);
917 MODULE_VERSION(VERSION);
918 MODULE_LICENSE("GPL");
919 MODULE_ALIAS_LDISC(N_HCI);