diff -drupN a/drivers/bluetooth/hci_ldisc.c b/drivers/bluetooth/hci_ldisc.c --- a/drivers/bluetooth/hci_ldisc.c 2018-08-06 17:23:04.000000000 +0300 +++ b/drivers/bluetooth/hci_ldisc.c 2022-06-12 05:28:14.000000000 +0300 @@ -40,6 +40,7 @@ #include #include #include +#include #include #include @@ -49,9 +50,23 @@ #include "btbcm.h" #include "hci_uart.h" -#define VERSION "2.3" +#ifdef BTCOEX +#include "rtk_coex.h" +#endif -static const struct hci_uart_proto *hup[HCI_UART_MAX_PROTO]; +#define VERSION "2.2.d448471.20181218-163903" + +#if HCI_VERSION_CODE > KERNEL_VERSION(3, 4, 0) +#define GET_DRV_DATA(x) hci_get_drvdata(x) +#else +#define GET_DRV_DATA(x) (struct hci_uart *)(x->driver_data) +#endif + +#if HCI_VERSION_CODE < KERNEL_VERSION(3, 4, 0) +static int reset; +#endif + +static struct hci_uart_proto *hup[HCI_UART_MAX_PROTO]; int hci_uart_register_proto(const struct hci_uart_proto *p) { @@ -114,8 +129,12 @@ static inline struct sk_buff *hci_uart_d struct sk_buff *skb = hu->tx_skb; if (!skb) { + read_lock(&hu->proto_lock); + if (test_bit(HCI_UART_PROTO_READY, &hu->flags)) skb = hu->proto->dequeue(hu); + + read_unlock(&hu->proto_lock); } else { hu->tx_skb = NULL; } @@ -123,20 +142,48 @@ static inline struct sk_buff *hci_uart_d return skb; } +/* This may be called in an IRQ context */ int hci_uart_tx_wakeup(struct hci_uart *hu) { + /* If acquiring lock fails we assume the tty is being closed because + * that is the only time the write lock is acquired. If, however, + * at some point in the future the write lock is also acquired in + * other situations, then this must be revisited. + */ + if (!read_trylock(&hu->proto_lock)) { + if (in_interrupt()) + return 0; + read_lock(&hu->proto_lock); + } + + /* proto_lock is locked */ if (!test_bit(HCI_UART_PROTO_READY, &hu->flags)) - return 0; + goto no_schedule; + if (!spin_trylock(&hu->tx_lock)) { + if (in_interrupt()) { + schedule_work(&hu->write_work); + read_unlock(&hu->proto_lock); + return 0; + } else { + spin_lock(&hu->tx_lock); + } + } + /* tx_lock is locked */ if (test_and_set_bit(HCI_UART_SENDING, &hu->tx_state)) { set_bit(HCI_UART_TX_WAKEUP, &hu->tx_state); - return 0; + spin_unlock(&hu->tx_lock); + goto no_schedule; } + spin_unlock(&hu->tx_lock); BT_DBG(""); schedule_work(&hu->write_work); +no_schedule: + read_unlock(&hu->proto_lock); + return 0; } @@ -171,10 +218,14 @@ restart: kfree_skb(skb); } - if (test_bit(HCI_UART_TX_WAKEUP, &hu->tx_state)) + spin_lock(&hu->tx_lock); + if (test_bit(HCI_UART_TX_WAKEUP, &hu->tx_state)) { + spin_unlock(&hu->tx_lock); goto restart; + } clear_bit(HCI_UART_SENDING, &hu->tx_state); + spin_unlock(&hu->tx_lock); } static void hci_uart_init_work(struct work_struct *work) @@ -213,6 +264,15 @@ static int hci_uart_open(struct hci_dev BT_DBG("%s %p", hdev->name, hdev); /* Nothing to do for UART driver */ + +#if HCI_VERSION_CODE < KERNEL_VERSION(4, 4, 0) + set_bit(HCI_RUNNING, &hdev->flags); +#endif + +#ifdef BTCOEX + rtk_btcoex_open(hdev); +#endif + return 0; } @@ -232,9 +292,13 @@ static int hci_uart_flush(struct hci_dev tty_ldisc_flush(tty); tty_driver_flush_buffer(tty); + read_lock(&hu->proto_lock); + if (test_bit(HCI_UART_PROTO_READY, &hu->flags)) hu->proto->flush(hu); + read_unlock(&hu->proto_lock); + return 0; } @@ -243,26 +307,87 @@ static int hci_uart_close(struct hci_dev { BT_DBG("hdev %p", hdev); + + /* When in kernel 4.4.0 and greater, the HCI_RUNNING bit is + * cleared in hci_dev_do_close(). */ +#if HCI_VERSION_CODE < KERNEL_VERSION(4, 4, 0) + if (!test_and_clear_bit(HCI_RUNNING, &hdev->flags)) + return 0; +#else + if (test_bit(HCI_RUNNING, &hdev->flags)) + BT_ERR("HCI_RUNNING is not cleared before."); +#endif + hci_uart_flush(hdev); hdev->flush = NULL; + +#ifdef BTCOEX + rtk_btcoex_close(); +#endif + return 0; } /* Send frames from HCI layer */ -static int hci_uart_send_frame(struct hci_dev *hdev, struct sk_buff *skb) +#if HCI_VERSION_CODE < KERNEL_VERSION(3, 13, 0) +int hci_uart_send_frame(struct sk_buff *skb) +#else +int hci_uart_send_frame(struct hci_dev *hdev, struct sk_buff *skb) +#endif { - struct hci_uart *hu = hci_get_drvdata(hdev); +#if HCI_VERSION_CODE < KERNEL_VERSION(3, 13, 0) + struct hci_dev *hdev = (struct hci_dev *)skb->dev; +#endif + struct hci_uart *hu; - BT_DBG("%s: type %d len %d", hdev->name, hci_skb_pkt_type(skb), + if (!hdev) { + BT_ERR("Frame for unknown device (hdev=NULL)"); + return -ENODEV; + } + +#if HCI_VERSION_CODE < KERNEL_VERSION(4, 4, 0) + if (!test_bit(HCI_RUNNING, &hdev->flags)) + return -EBUSY; +#endif + + hu = GET_DRV_DATA(hdev); //(struct hci_uart *) hdev->driver_data; + + BT_DBG("%s: type %d len %d", hdev->name, bt_cb(skb)->pkt_type, skb->len); +#ifdef BTCOEX + if (bt_cb(skb)->pkt_type == HCI_COMMAND_PKT) + rtk_btcoex_parse_cmd(skb->data, skb->len); + if (bt_cb(skb)->pkt_type == HCI_ACLDATA_PKT) + rtk_btcoex_parse_l2cap_data_tx(skb->data, skb->len); +#endif + + read_lock(&hu->proto_lock); + + if (!test_bit(HCI_UART_PROTO_READY, &hu->flags)) { + read_unlock(&hu->proto_lock); + return -EUNATCH; + } + hu->proto->enqueue(hu, skb); + read_unlock(&hu->proto_lock); hci_uart_tx_wakeup(hu); return 0; } +#if HCI_VERSION_CODE < KERNEL_VERSION(3, 4, 0) +static void hci_uart_destruct(struct hci_dev *hdev) +{ + if (!hdev) + return; + + BT_DBG("%s", hdev->name); + kfree(hdev->driver_data); +} +#endif + /* Flow control or un-flow control the device */ void hci_uart_set_flow_control(struct hci_uart *hu, bool enable) { @@ -445,12 +570,29 @@ done: */ static int hci_uart_tty_open(struct tty_struct *tty) { - struct hci_uart *hu; + struct hci_uart *hu = (void *)tty->disc_data; BT_DBG("tty %p", tty); + /* But nothing ensures disc_data to be NULL. And since ld->ops->open + * shall be called only once, we do not need the check at all. + * So remove it. + * + * Note that this is not an issue now, but n_tty will start using the + * disc_data pointer and this invalid 'if' would trigger then rendering + * TTYs over BT unusable. + */ +#if LINUX_VERSION_CODE < KERNEL_VERSION(3, 8, 0) + /* FIXME: This btw is bogus, nothing requires the old ldisc to clear + * the pointer + */ + if (hu) + return -EEXIST; +#endif + /* Error if the tty has no write op instead of leaving an exploitable - hole */ + * hole + */ if (tty->ops->write == NULL) return -EOPNOTSUPP; @@ -467,7 +609,16 @@ static int hci_uart_tty_open(struct tty_ INIT_WORK(&hu->init_ready, hci_uart_init_work); INIT_WORK(&hu->write_work, hci_uart_write_work); - /* Flush any pending characters in the driver */ + rwlock_init(&hu->proto_lock); + spin_lock_init(&hu->tx_lock); + + /* Flush any pending characters in the driver and line discipline. */ + + /* FIXME: why is this needed. Note don't use ldisc_ref here as the + open path is before the ldisc is referencable */ + + if (tty->ldisc->ops->flush_buffer) + tty->ldisc->ops->flush_buffer(tty); tty_driver_flush_buffer(tty); return 0; @@ -480,8 +631,9 @@ static int hci_uart_tty_open(struct tty_ */ static void hci_uart_tty_close(struct tty_struct *tty) { - struct hci_uart *hu = tty->disc_data; + struct hci_uart *hu = (void *)tty->disc_data; struct hci_dev *hdev; + unsigned long flags; BT_DBG("tty %p", tty); @@ -495,7 +647,13 @@ static void hci_uart_tty_close(struct tt if (hdev) hci_uart_close(hdev); - cancel_work_sync(&hu->write_work); + if (test_bit(HCI_UART_PROTO_READY, &hu->flags)) { + write_lock_irqsave(&hu->proto_lock, flags); + clear_bit(HCI_UART_PROTO_READY, &hu->flags); + write_unlock_irqrestore(&hu->proto_lock, flags); + + cancel_work_sync(&hu->write_work); + } if (test_and_clear_bit(HCI_UART_PROTO_READY, &hu->flags)) { if (hdev) { @@ -512,15 +670,15 @@ static void hci_uart_tty_close(struct tt /* hci_uart_tty_wakeup() * - * Callback for transmit wakeup. Called when low level - * device driver can accept more send data. + * Callback for transmit wakeup. Called when low level + * device driver can accept more send data. * * Arguments: tty pointer to associated tty instance data * Return Value: None */ static void hci_uart_tty_wakeup(struct tty_struct *tty) { - struct hci_uart *hu = tty->disc_data; + struct hci_uart *hu = (void *)tty->disc_data; BT_DBG(""); @@ -538,8 +696,8 @@ static void hci_uart_tty_wakeup(struct t /* hci_uart_tty_receive() * - * Called by tty low level driver when receive data is - * available. + * Called by tty low level driver when receive data is + * available. * * Arguments: tty pointer to tty isntance data * data pointer to received data @@ -551,18 +709,20 @@ static void hci_uart_tty_wakeup(struct t static void hci_uart_tty_receive(struct tty_struct *tty, const u8 *data, char *flags, int count) { - struct hci_uart *hu = tty->disc_data; + struct hci_uart *hu = (void *)tty->disc_data; if (!hu || tty != hu->tty) return; - if (!test_bit(HCI_UART_PROTO_READY, &hu->flags)) + read_lock(&hu->proto_lock); + + if (!test_bit(HCI_UART_PROTO_READY, &hu->flags)) { + read_unlock(&hu->proto_lock); return; + } - /* It does not need a lock here as it is already protected by a mutex in - * tty caller - */ - hu->proto->recv(hu, data, count); + hu->proto->recv(hu, (void *)data, count); + read_unlock(&hu->proto_lock); if (hu->hdev) hu->hdev->stat.byte_rx += count; @@ -574,7 +734,7 @@ static int hci_uart_register_dev(struct { struct hci_dev *hdev; - BT_DBG(""); + BT_INFO("hci_uart_register_dev"); /* Initialize and register HCI device */ hdev = hci_alloc_dev(); @@ -585,39 +745,73 @@ static int hci_uart_register_dev(struct hu->hdev = hdev; +#if HCI_VERSION_CODE > KERNEL_VERSION(2, 6, 33) hdev->bus = HCI_UART; - hci_set_drvdata(hdev, hu); +#else + hdev->type = HCI_UART; +#endif - /* Only when vendor specific setup callback is provided, consider - * the manufacturer information valid. This avoids filling in the - * value for Ericsson when nothing is specified. - */ - if (hu->proto->setup) - hdev->manufacturer = hu->proto->manufacturer; +#if HCI_VERSION_CODE >= KERNEL_VERSION(3, 4, 0) + hci_set_drvdata(hdev, hu); +#else + hdev->driver_data = hu; +#endif hdev->open = hci_uart_open; hdev->close = hci_uart_close; hdev->flush = hci_uart_flush; - hdev->send = hci_uart_send_frame; - hdev->setup = hci_uart_setup; + hdev->send = hci_uart_send_frame; + + /* NOTE: No hdev->setup setting for Realtek BTUART because + * the download procedure is done with rtk_hciattach in userspace + * before this function called in hci_uart_set_proto() + */ + SET_HCIDEV_DEV(hdev, hu->tty->dev); +#if HCI_VERSION_CODE < KERNEL_VERSION(3, 4, 0) + hdev->destruct = hci_uart_destruct; + hdev->owner = THIS_MODULE; +#endif + +#if HCI_VERSION_CODE < KERNEL_VERSION(3, 4, 0) + if (!reset) + set_bit(HCI_QUIRK_NO_RESET, &hdev->quirks); +#endif + +#if HCI_VERSION_CODE >= KERNEL_VERSION(2, 6, 36) if (test_bit(HCI_UART_RAW_DEVICE, &hu->hdev_flags)) set_bit(HCI_QUIRK_RAW_DEVICE, &hdev->quirks); +#endif +#if HCI_VERSION_CODE >= KERNEL_VERSION(3, 17, 0) if (test_bit(HCI_UART_EXT_CONFIG, &hu->hdev_flags)) set_bit(HCI_QUIRK_EXTERNAL_CONFIG, &hdev->quirks); +#endif +#if HCI_VERSION_CODE >= KERNEL_VERSION(3, 4, 0) if (!test_bit(HCI_UART_RESET_ON_INIT, &hu->hdev_flags)) +#if HCI_VERSION_CODE >= KERNEL_VERSION(3, 6, 0) set_bit(HCI_QUIRK_RESET_ON_CLOSE, &hdev->quirks); +#else + set_bit(HCI_QUIRK_NO_RESET, &hdev->quirks); +#endif +#endif +#if HCI_VERSION_CODE >= KERNEL_VERSION(3, 4, 0) if (test_bit(HCI_UART_CREATE_AMP, &hu->hdev_flags)) hdev->dev_type = HCI_AMP; else +#if HCI_VERSION_CODE < KERNEL_VERSION(4, 8, 0) + hdev->dev_type = HCI_BREDR; +#else hdev->dev_type = HCI_PRIMARY; +#endif +#endif - if (test_bit(HCI_UART_INIT_PENDING, &hu->hdev_flags)) - return 0; +#if HCI_VERSION_CODE >= KERNEL_VERSION(4, 1, 0) + set_bit(HCI_QUIRK_SIMULTANEOUS_DISCOVERY, &hdev->quirks); +#endif if (hci_register_dev(hdev) < 0) { BT_ERR("Can't register HCI device"); @@ -627,6 +821,10 @@ static int hci_uart_register_dev(struct set_bit(HCI_UART_REGISTERED, &hu->flags); +#ifdef BTCOEX + rtk_btcoex_probe(hdev); +#endif + return 0; } @@ -656,6 +854,7 @@ static int hci_uart_set_proto(struct hci return 0; } +#if HCI_VERSION_CODE >= KERNEL_VERSION(3, 17, 0) static int hci_uart_set_flags(struct hci_uart *hu, unsigned long flags) { unsigned long valid_flags = BIT(HCI_UART_RAW_DEVICE) | @@ -672,6 +871,7 @@ static int hci_uart_set_flags(struct hci return 0; } +#endif /* hci_uart_tty_ioctl() * @@ -689,7 +889,7 @@ static int hci_uart_set_flags(struct hci static int hci_uart_tty_ioctl(struct tty_struct *tty, struct file *file, unsigned int cmd, unsigned long arg) { - struct hci_uart *hu = tty->disc_data; + struct hci_uart *hu = (void *)tty->disc_data; int err = 0; BT_DBG(""); @@ -702,41 +902,43 @@ static int hci_uart_tty_ioctl(struct tty case HCIUARTSETPROTO: if (!test_and_set_bit(HCI_UART_PROTO_SET, &hu->flags)) { err = hci_uart_set_proto(hu, arg); - if (err) + if (err) { clear_bit(HCI_UART_PROTO_SET, &hu->flags); + return err; + } } else - err = -EBUSY; + return -EBUSY; break; case HCIUARTGETPROTO: if (test_bit(HCI_UART_PROTO_SET, &hu->flags)) - err = hu->proto->id; - else - err = -EUNATCH; - break; + return hu->proto->id; + return -EUNATCH; case HCIUARTGETDEVICE: if (test_bit(HCI_UART_REGISTERED, &hu->flags)) - err = hu->hdev->id; - else - err = -EUNATCH; - break; + return hu->hdev->id; + return -EUNATCH; case HCIUARTSETFLAGS: if (test_bit(HCI_UART_PROTO_SET, &hu->flags)) - err = -EBUSY; - else - err = hci_uart_set_flags(hu, arg); + return -EBUSY; +#if HCI_VERSION_CODE >= KERNEL_VERSION(3, 17, 0) + err = hci_uart_set_flags(hu, arg); + if (err) + return err; +#else + hu->hdev_flags = arg; +#endif break; case HCIUARTGETFLAGS: - err = hu->hdev_flags; - break; + return hu->hdev_flags; default: err = n_tty_ioctl_helper(tty, file, cmd, arg); break; - } + }; return err; } @@ -805,6 +1007,9 @@ static int __init hci_uart_init(void) #ifdef CONFIG_BT_HCIUART_3WIRE h5_init(); #endif +#ifdef CONFIG_BT_HCIUART_RTL3WIRE + h5_rtk_init(); +#endif #ifdef CONFIG_BT_HCIUART_INTEL intel_init(); #endif @@ -820,6 +1025,9 @@ static int __init hci_uart_init(void) #ifdef CONFIG_BT_HCIUART_MRVL mrvl_init(); #endif +#ifdef BTCOEX + rtk_btcoex_init(); +#endif return 0; } @@ -843,6 +1051,9 @@ static void __exit hci_uart_exit(void) #ifdef CONFIG_BT_HCIUART_3WIRE h5_deinit(); #endif +#ifdef CONFIG_BT_HCIUART_RTL3WIRE + h5_rtk_deinit(); +#endif #ifdef CONFIG_BT_HCIUART_INTEL intel_deinit(); #endif @@ -863,11 +1074,20 @@ static void __exit hci_uart_exit(void) err = tty_unregister_ldisc(N_HCI); if (err) BT_ERR("Can't unregister HCI line discipline (%d)", err); + +#ifdef BTCOEX + rtk_btcoex_exit(); +#endif } module_init(hci_uart_init); module_exit(hci_uart_exit); +#if HCI_VERSION_CODE < KERNEL_VERSION(3, 4, 0) +module_param(reset, bool, 0644); +MODULE_PARM_DESC(reset, "Send HCI reset command on initialization"); +#endif + MODULE_AUTHOR("Marcel Holtmann "); MODULE_DESCRIPTION("Bluetooth HCI UART driver ver " VERSION); MODULE_VERSION(VERSION);