1 // SPDX-License-Identifier: GPL-2.0-or-later
4 * Bluetooth virtual HCI driver
6 * Copyright (C) 2000-2001 Qualcomm Incorporated
7 * Copyright (C) 2002-2003 Maxim Krasnyansky <maxk@qualcomm.com>
8 * Copyright (C) 2004-2006 Marcel Holtmann <marcel@holtmann.org>
11 #include <linux/module.h>
12 #include <asm/unaligned.h>
14 #include <linux/kernel.h>
15 #include <linux/init.h>
16 #include <linux/slab.h>
17 #include <linux/types.h>
18 #include <linux/errno.h>
19 #include <linux/sched.h>
20 #include <linux/poll.h>
22 #include <linux/skbuff.h>
23 #include <linux/miscdevice.h>
24 #include <linux/debugfs.h>
26 #include <net/bluetooth/bluetooth.h>
27 #include <net/bluetooth/hci_core.h>
36 wait_queue_head_t read_wait
;
37 struct sk_buff_head readq
;
39 struct mutex open_mutex
;
40 struct delayed_work open_timeout
;
41 struct work_struct suspend_work
;
49 static int vhci_open_dev(struct hci_dev
*hdev
)
54 static int vhci_close_dev(struct hci_dev
*hdev
)
56 struct vhci_data
*data
= hci_get_drvdata(hdev
);
58 skb_queue_purge(&data
->readq
);
63 static int vhci_flush(struct hci_dev
*hdev
)
65 struct vhci_data
*data
= hci_get_drvdata(hdev
);
67 skb_queue_purge(&data
->readq
);
72 static int vhci_send_frame(struct hci_dev
*hdev
, struct sk_buff
*skb
)
74 struct vhci_data
*data
= hci_get_drvdata(hdev
);
76 memcpy(skb_push(skb
, 1), &hci_skb_pkt_type(skb
), 1);
78 mutex_lock(&data
->open_mutex
);
79 skb_queue_tail(&data
->readq
, skb
);
80 mutex_unlock(&data
->open_mutex
);
82 wake_up_interruptible(&data
->read_wait
);
86 static int vhci_get_data_path_id(struct hci_dev
*hdev
, u8
*data_path_id
)
92 static int vhci_get_codec_config_data(struct hci_dev
*hdev
, __u8 type
,
93 struct bt_codec
*codec
, __u8
*vnd_len
,
96 if (type
!= ESCO_LINK
)
104 static bool vhci_wakeup(struct hci_dev
*hdev
)
106 struct vhci_data
*data
= hci_get_drvdata(hdev
);
111 static ssize_t
force_suspend_read(struct file
*file
, char __user
*user_buf
,
112 size_t count
, loff_t
*ppos
)
114 struct vhci_data
*data
= file
->private_data
;
117 buf
[0] = data
->suspended
? 'Y' : 'N';
120 return simple_read_from_buffer(user_buf
, count
, ppos
, buf
, 2);
123 static void vhci_suspend_work(struct work_struct
*work
)
125 struct vhci_data
*data
= container_of(work
, struct vhci_data
,
129 hci_suspend_dev(data
->hdev
);
131 hci_resume_dev(data
->hdev
);
134 static ssize_t
force_suspend_write(struct file
*file
,
135 const char __user
*user_buf
,
136 size_t count
, loff_t
*ppos
)
138 struct vhci_data
*data
= file
->private_data
;
142 err
= kstrtobool_from_user(user_buf
, count
, &enable
);
146 if (data
->suspended
== enable
)
149 data
->suspended
= enable
;
151 schedule_work(&data
->suspend_work
);
156 static const struct file_operations force_suspend_fops
= {
158 .read
= force_suspend_read
,
159 .write
= force_suspend_write
,
160 .llseek
= default_llseek
,
163 static ssize_t
force_wakeup_read(struct file
*file
, char __user
*user_buf
,
164 size_t count
, loff_t
*ppos
)
166 struct vhci_data
*data
= file
->private_data
;
169 buf
[0] = data
->wakeup
? 'Y' : 'N';
172 return simple_read_from_buffer(user_buf
, count
, ppos
, buf
, 2);
175 static ssize_t
force_wakeup_write(struct file
*file
,
176 const char __user
*user_buf
, size_t count
,
179 struct vhci_data
*data
= file
->private_data
;
183 err
= kstrtobool_from_user(user_buf
, count
, &enable
);
187 if (data
->wakeup
== enable
)
190 data
->wakeup
= enable
;
195 static const struct file_operations force_wakeup_fops
= {
197 .read
= force_wakeup_read
,
198 .write
= force_wakeup_write
,
199 .llseek
= default_llseek
,
202 static int msft_opcode_set(void *data
, u64 val
)
204 struct vhci_data
*vhci
= data
;
206 if (val
> 0xffff || hci_opcode_ogf(val
) != 0x3f)
209 if (vhci
->msft_opcode
)
212 vhci
->msft_opcode
= val
;
217 static int msft_opcode_get(void *data
, u64
*val
)
219 struct vhci_data
*vhci
= data
;
221 *val
= vhci
->msft_opcode
;
226 DEFINE_DEBUGFS_ATTRIBUTE(msft_opcode_fops
, msft_opcode_get
, msft_opcode_set
,
229 static ssize_t
aosp_capable_read(struct file
*file
, char __user
*user_buf
,
230 size_t count
, loff_t
*ppos
)
232 struct vhci_data
*vhci
= file
->private_data
;
235 buf
[0] = vhci
->aosp_capable
? 'Y' : 'N';
238 return simple_read_from_buffer(user_buf
, count
, ppos
, buf
, 2);
241 static ssize_t
aosp_capable_write(struct file
*file
,
242 const char __user
*user_buf
, size_t count
,
245 struct vhci_data
*vhci
= file
->private_data
;
249 err
= kstrtobool_from_user(user_buf
, count
, &enable
);
256 if (vhci
->aosp_capable
)
259 vhci
->aosp_capable
= enable
;
264 static const struct file_operations aosp_capable_fops
= {
266 .read
= aosp_capable_read
,
267 .write
= aosp_capable_write
,
268 .llseek
= default_llseek
,
271 static int vhci_setup(struct hci_dev
*hdev
)
273 struct vhci_data
*vhci
= hci_get_drvdata(hdev
);
275 if (vhci
->msft_opcode
)
276 hci_set_msft_opcode(hdev
, vhci
->msft_opcode
);
278 if (vhci
->aosp_capable
)
279 hci_set_aosp_capable(hdev
);
284 static void vhci_coredump(struct hci_dev
*hdev
)
286 /* No need to do anything */
289 static void vhci_coredump_hdr(struct hci_dev
*hdev
, struct sk_buff
*skb
)
293 snprintf(buf
, sizeof(buf
), "Controller Name: vhci_ctrl\n");
294 skb_put_data(skb
, buf
, strlen(buf
));
296 snprintf(buf
, sizeof(buf
), "Firmware Version: vhci_fw\n");
297 skb_put_data(skb
, buf
, strlen(buf
));
299 snprintf(buf
, sizeof(buf
), "Driver: vhci_drv\n");
300 skb_put_data(skb
, buf
, strlen(buf
));
302 snprintf(buf
, sizeof(buf
), "Vendor: vhci\n");
303 skb_put_data(skb
, buf
, strlen(buf
));
306 #define MAX_COREDUMP_LINE_LEN 40
308 struct devcoredump_test_data
{
309 enum devcoredump_state state
;
310 unsigned int timeout
;
311 char data
[MAX_COREDUMP_LINE_LEN
];
314 static inline void force_devcd_timeout(struct hci_dev
*hdev
,
315 unsigned int timeout
)
317 #ifdef CONFIG_DEV_COREDUMP
318 hdev
->dump
.timeout
= msecs_to_jiffies(timeout
* 1000);
322 static ssize_t
force_devcd_write(struct file
*file
, const char __user
*user_buf
,
323 size_t count
, loff_t
*ppos
)
325 struct vhci_data
*data
= file
->private_data
;
326 struct hci_dev
*hdev
= data
->hdev
;
327 struct sk_buff
*skb
= NULL
;
328 struct devcoredump_test_data dump_data
;
332 if (count
< offsetof(struct devcoredump_test_data
, data
) ||
333 count
> sizeof(dump_data
))
336 if (copy_from_user(&dump_data
, user_buf
, count
))
339 data_size
= count
- offsetof(struct devcoredump_test_data
, data
);
340 skb
= alloc_skb(data_size
, GFP_ATOMIC
);
343 skb_put_data(skb
, &dump_data
.data
, data_size
);
345 hci_devcd_register(hdev
, vhci_coredump
, vhci_coredump_hdr
, NULL
);
347 /* Force the devcoredump timeout */
348 if (dump_data
.timeout
)
349 force_devcd_timeout(hdev
, dump_data
.timeout
);
351 ret
= hci_devcd_init(hdev
, skb
->len
);
353 BT_ERR("Failed to generate devcoredump");
358 hci_devcd_append(hdev
, skb
);
360 switch (dump_data
.state
) {
361 case HCI_DEVCOREDUMP_DONE
:
362 hci_devcd_complete(hdev
);
364 case HCI_DEVCOREDUMP_ABORT
:
365 hci_devcd_abort(hdev
);
367 case HCI_DEVCOREDUMP_TIMEOUT
:
377 static const struct file_operations force_devcoredump_fops
= {
379 .write
= force_devcd_write
,
382 static int __vhci_create_device(struct vhci_data
*data
, __u8 opcode
)
384 struct hci_dev
*hdev
;
391 /* bits 0-1 are dev_type (Primary or AMP) */
392 dev_type
= opcode
& 0x03;
394 if (dev_type
!= HCI_PRIMARY
&& dev_type
!= HCI_AMP
)
397 /* bits 2-5 are reserved (must be zero) */
401 skb
= bt_skb_alloc(4, GFP_KERNEL
);
405 hdev
= hci_alloc_dev();
413 hdev
->bus
= HCI_VIRTUAL
;
414 hdev
->dev_type
= dev_type
;
415 hci_set_drvdata(hdev
, data
);
417 hdev
->open
= vhci_open_dev
;
418 hdev
->close
= vhci_close_dev
;
419 hdev
->flush
= vhci_flush
;
420 hdev
->send
= vhci_send_frame
;
421 hdev
->get_data_path_id
= vhci_get_data_path_id
;
422 hdev
->get_codec_config_data
= vhci_get_codec_config_data
;
423 hdev
->wakeup
= vhci_wakeup
;
424 hdev
->setup
= vhci_setup
;
425 set_bit(HCI_QUIRK_NON_PERSISTENT_SETUP
, &hdev
->quirks
);
427 /* bit 6 is for external configuration */
429 set_bit(HCI_QUIRK_EXTERNAL_CONFIG
, &hdev
->quirks
);
431 /* bit 7 is for raw device */
433 set_bit(HCI_QUIRK_RAW_DEVICE
, &hdev
->quirks
);
435 set_bit(HCI_QUIRK_VALID_LE_STATES
, &hdev
->quirks
);
437 if (hci_register_dev(hdev
) < 0) {
438 BT_ERR("Can't register HCI device");
445 debugfs_create_file("force_suspend", 0644, hdev
->debugfs
, data
,
446 &force_suspend_fops
);
448 debugfs_create_file("force_wakeup", 0644, hdev
->debugfs
, data
,
451 if (IS_ENABLED(CONFIG_BT_MSFTEXT
))
452 debugfs_create_file("msft_opcode", 0644, hdev
->debugfs
, data
,
455 if (IS_ENABLED(CONFIG_BT_AOSPEXT
))
456 debugfs_create_file("aosp_capable", 0644, hdev
->debugfs
, data
,
459 debugfs_create_file("force_devcoredump", 0644, hdev
->debugfs
, data
,
460 &force_devcoredump_fops
);
462 hci_skb_pkt_type(skb
) = HCI_VENDOR_PKT
;
464 skb_put_u8(skb
, 0xff);
465 skb_put_u8(skb
, opcode
);
466 put_unaligned_le16(hdev
->id
, skb_put(skb
, 2));
467 skb_queue_tail(&data
->readq
, skb
);
469 wake_up_interruptible(&data
->read_wait
);
473 static int vhci_create_device(struct vhci_data
*data
, __u8 opcode
)
477 mutex_lock(&data
->open_mutex
);
478 err
= __vhci_create_device(data
, opcode
);
479 mutex_unlock(&data
->open_mutex
);
484 static inline ssize_t
vhci_get_user(struct vhci_data
*data
,
485 struct iov_iter
*from
)
487 size_t len
= iov_iter_count(from
);
489 __u8 pkt_type
, opcode
;
492 if (len
< 2 || len
> HCI_MAX_FRAME_SIZE
)
495 skb
= bt_skb_alloc(len
, GFP_KERNEL
);
499 if (!copy_from_iter_full(skb_put(skb
, len
), len
, from
)) {
504 pkt_type
= *((__u8
*) skb
->data
);
509 case HCI_ACLDATA_PKT
:
510 case HCI_SCODATA_PKT
:
511 case HCI_ISODATA_PKT
:
517 hci_skb_pkt_type(skb
) = pkt_type
;
519 ret
= hci_recv_frame(data
->hdev
, skb
);
523 cancel_delayed_work_sync(&data
->open_timeout
);
525 opcode
= *((__u8
*) skb
->data
);
535 ret
= vhci_create_device(data
, opcode
);
543 return (ret
< 0) ? ret
: len
;
546 static inline ssize_t
vhci_put_user(struct vhci_data
*data
,
548 char __user
*buf
, int count
)
550 char __user
*ptr
= buf
;
553 len
= min_t(unsigned int, skb
->len
, count
);
555 if (copy_to_user(ptr
, skb
->data
, len
))
561 data
->hdev
->stat
.byte_tx
+= len
;
563 switch (hci_skb_pkt_type(skb
)) {
564 case HCI_COMMAND_PKT
:
565 data
->hdev
->stat
.cmd_tx
++;
567 case HCI_ACLDATA_PKT
:
568 data
->hdev
->stat
.acl_tx
++;
570 case HCI_SCODATA_PKT
:
571 data
->hdev
->stat
.sco_tx
++;
578 static ssize_t
vhci_read(struct file
*file
,
579 char __user
*buf
, size_t count
, loff_t
*pos
)
581 struct vhci_data
*data
= file
->private_data
;
586 skb
= skb_dequeue(&data
->readq
);
588 ret
= vhci_put_user(data
, skb
, buf
, count
);
590 skb_queue_head(&data
->readq
, skb
);
596 if (file
->f_flags
& O_NONBLOCK
) {
601 ret
= wait_event_interruptible(data
->read_wait
,
602 !skb_queue_empty(&data
->readq
));
610 static ssize_t
vhci_write(struct kiocb
*iocb
, struct iov_iter
*from
)
612 struct file
*file
= iocb
->ki_filp
;
613 struct vhci_data
*data
= file
->private_data
;
615 return vhci_get_user(data
, from
);
618 static __poll_t
vhci_poll(struct file
*file
, poll_table
*wait
)
620 struct vhci_data
*data
= file
->private_data
;
622 poll_wait(file
, &data
->read_wait
, wait
);
624 if (!skb_queue_empty(&data
->readq
))
625 return EPOLLIN
| EPOLLRDNORM
;
627 return EPOLLOUT
| EPOLLWRNORM
;
630 static void vhci_open_timeout(struct work_struct
*work
)
632 struct vhci_data
*data
= container_of(work
, struct vhci_data
,
635 vhci_create_device(data
, amp
? HCI_AMP
: HCI_PRIMARY
);
638 static int vhci_open(struct inode
*inode
, struct file
*file
)
640 struct vhci_data
*data
;
642 data
= kzalloc(sizeof(struct vhci_data
), GFP_KERNEL
);
646 skb_queue_head_init(&data
->readq
);
647 init_waitqueue_head(&data
->read_wait
);
649 mutex_init(&data
->open_mutex
);
650 INIT_DELAYED_WORK(&data
->open_timeout
, vhci_open_timeout
);
651 INIT_WORK(&data
->suspend_work
, vhci_suspend_work
);
653 file
->private_data
= data
;
654 nonseekable_open(inode
, file
);
656 schedule_delayed_work(&data
->open_timeout
, msecs_to_jiffies(1000));
661 static int vhci_release(struct inode
*inode
, struct file
*file
)
663 struct vhci_data
*data
= file
->private_data
;
664 struct hci_dev
*hdev
;
666 cancel_delayed_work_sync(&data
->open_timeout
);
667 flush_work(&data
->suspend_work
);
672 hci_unregister_dev(hdev
);
676 skb_queue_purge(&data
->readq
);
677 file
->private_data
= NULL
;
683 static const struct file_operations vhci_fops
= {
684 .owner
= THIS_MODULE
,
686 .write_iter
= vhci_write
,
689 .release
= vhci_release
,
693 static struct miscdevice vhci_miscdev
= {
698 module_misc_device(vhci_miscdev
);
700 module_param(amp
, bool, 0644);
701 MODULE_PARM_DESC(amp
, "Create AMP controller device");
703 MODULE_AUTHOR("Marcel Holtmann <marcel@holtmann.org>");
704 MODULE_DESCRIPTION("Bluetooth virtual HCI driver ver " VERSION
);
705 MODULE_VERSION(VERSION
);
706 MODULE_LICENSE("GPL");
707 MODULE_ALIAS("devname:vhci");
708 MODULE_ALIAS_MISCDEV(VHCI_MINOR
);