1 /*
2  * Copyright (C) 2015, Marvell International Ltd.
3  *
4  * This software file (the "File") is distributed by Marvell International
5  * Ltd. under the terms of the GNU General Public License Version 2, June 1991
6  * (the "License").  You may use, redistribute and/or modify this File in
7  * accordance with the terms and conditions of the License, a copy of which
8  * is available on the worldwide web at
9  * http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
10  *
11  * THE FILE IS DISTRIBUTED AS-IS, WITHOUT WARRANTY OF ANY KIND, AND THE
12  * IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE
13  * ARE EXPRESSLY DISCLAIMED.  The License provides additional details about
14  * this warranty disclaimer.
15  */
16 
17 /* Inspired (hugely) by HCI LDISC implementation in Bluetooth.
18  *
19  *  Copyright (C) 2000-2001  Qualcomm Incorporated
20  *  Copyright (C) 2002-2003  Maxim Krasnyansky <maxk@qualcomm.com>
21  *  Copyright (C) 2004-2005  Marcel Holtmann <marcel@holtmann.org>
22  */
23 
24 #include <linux/module.h>
25 
26 #include <linux/kernel.h>
27 #include <linux/init.h>
28 #include <linux/types.h>
29 #include <linux/fcntl.h>
30 #include <linux/interrupt.h>
31 #include <linux/ptrace.h>
32 #include <linux/poll.h>
33 
34 #include <linux/slab.h>
35 #include <linux/tty.h>
36 #include <linux/errno.h>
37 #include <linux/string.h>
38 #include <linux/signal.h>
39 #include <linux/ioctl.h>
40 #include <linux/skbuff.h>
41 
42 #include <net/nfc/nci.h>
43 #include <net/nfc/nci_core.h>
44 
45 /* TX states  */
46 #define NCI_UART_SENDING	1
47 #define NCI_UART_TX_WAKEUP	2
48 
49 static struct nci_uart *nci_uart_drivers[NCI_UART_DRIVER_MAX];
50 
nci_uart_dequeue(struct nci_uart * nu)51 static inline struct sk_buff *nci_uart_dequeue(struct nci_uart *nu)
52 {
53 	struct sk_buff *skb = nu->tx_skb;
54 
55 	if (!skb)
56 		skb = skb_dequeue(&nu->tx_q);
57 	else
58 		nu->tx_skb = NULL;
59 
60 	return skb;
61 }
62 
nci_uart_queue_empty(struct nci_uart * nu)63 static inline int nci_uart_queue_empty(struct nci_uart *nu)
64 {
65 	if (nu->tx_skb)
66 		return 0;
67 
68 	return skb_queue_empty(&nu->tx_q);
69 }
70 
nci_uart_tx_wakeup(struct nci_uart * nu)71 static int nci_uart_tx_wakeup(struct nci_uart *nu)
72 {
73 	if (test_and_set_bit(NCI_UART_SENDING, &nu->tx_state)) {
74 		set_bit(NCI_UART_TX_WAKEUP, &nu->tx_state);
75 		return 0;
76 	}
77 
78 	schedule_work(&nu->write_work);
79 
80 	return 0;
81 }
82 
nci_uart_write_work(struct work_struct * work)83 static void nci_uart_write_work(struct work_struct *work)
84 {
85 	struct nci_uart *nu = container_of(work, struct nci_uart, write_work);
86 	struct tty_struct *tty = nu->tty;
87 	struct sk_buff *skb;
88 
89 restart:
90 	clear_bit(NCI_UART_TX_WAKEUP, &nu->tx_state);
91 
92 	if (nu->ops.tx_start)
93 		nu->ops.tx_start(nu);
94 
95 	while ((skb = nci_uart_dequeue(nu))) {
96 		int len;
97 
98 		set_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
99 		len = tty->ops->write(tty, skb->data, skb->len);
100 		skb_pull(skb, len);
101 		if (skb->len) {
102 			nu->tx_skb = skb;
103 			break;
104 		}
105 		kfree_skb(skb);
106 	}
107 
108 	if (test_bit(NCI_UART_TX_WAKEUP, &nu->tx_state))
109 		goto restart;
110 
111 	if (nu->ops.tx_done && nci_uart_queue_empty(nu))
112 		nu->ops.tx_done(nu);
113 
114 	clear_bit(NCI_UART_SENDING, &nu->tx_state);
115 }
116 
nci_uart_set_driver(struct tty_struct * tty,unsigned int driver)117 static int nci_uart_set_driver(struct tty_struct *tty, unsigned int driver)
118 {
119 	struct nci_uart *nu = NULL;
120 	int ret;
121 
122 	if (driver >= NCI_UART_DRIVER_MAX)
123 		return -EINVAL;
124 
125 	if (!nci_uart_drivers[driver])
126 		return -ENOENT;
127 
128 	nu = kzalloc(sizeof(*nu), GFP_KERNEL);
129 	if (!nu)
130 		return -ENOMEM;
131 
132 	memcpy(nu, nci_uart_drivers[driver], sizeof(struct nci_uart));
133 	nu->tty = tty;
134 	tty->disc_data = nu;
135 	skb_queue_head_init(&nu->tx_q);
136 	INIT_WORK(&nu->write_work, nci_uart_write_work);
137 	spin_lock_init(&nu->rx_lock);
138 
139 	ret = nu->ops.open(nu);
140 	if (ret) {
141 		tty->disc_data = NULL;
142 		kfree(nu);
143 	} else if (!try_module_get(nu->owner)) {
144 		nu->ops.close(nu);
145 		tty->disc_data = NULL;
146 		kfree(nu);
147 		return -ENOENT;
148 	}
149 	return ret;
150 }
151 
152 /* ------ LDISC part ------ */
153 
154 /* nci_uart_tty_open
155  *
156  *     Called when line discipline changed to NCI_UART.
157  *
158  * Arguments:
159  *     tty    pointer to tty info structure
160  * Return Value:
161  *     0 if success, otherwise error code
162  */
nci_uart_tty_open(struct tty_struct * tty)163 static int nci_uart_tty_open(struct tty_struct *tty)
164 {
165 	/* Error if the tty has no write op instead of leaving an exploitable
166 	 * hole
167 	 */
168 	if (!tty->ops->write)
169 		return -EOPNOTSUPP;
170 
171 	tty->disc_data = NULL;
172 	tty->receive_room = 65536;
173 
174 	/* Flush any pending characters in the driver */
175 	tty_driver_flush_buffer(tty);
176 
177 	return 0;
178 }
179 
180 /* nci_uart_tty_close()
181  *
182  *    Called when the line discipline is changed to something
183  *    else, the tty is closed, or the tty detects a hangup.
184  */
nci_uart_tty_close(struct tty_struct * tty)185 static void nci_uart_tty_close(struct tty_struct *tty)
186 {
187 	struct nci_uart *nu = (void *)tty->disc_data;
188 
189 	/* Detach from the tty */
190 	tty->disc_data = NULL;
191 
192 	if (!nu)
193 		return;
194 
195 	if (nu->tx_skb)
196 		kfree_skb(nu->tx_skb);
197 	if (nu->rx_skb)
198 		kfree_skb(nu->rx_skb);
199 
200 	skb_queue_purge(&nu->tx_q);
201 
202 	nu->ops.close(nu);
203 	nu->tty = NULL;
204 	module_put(nu->owner);
205 
206 	cancel_work_sync(&nu->write_work);
207 
208 	kfree(nu);
209 }
210 
211 /* nci_uart_tty_wakeup()
212  *
213  *    Callback for transmit wakeup. Called when low level
214  *    device driver can accept more send data.
215  *
216  * Arguments:        tty    pointer to associated tty instance data
217  * Return Value:    None
218  */
nci_uart_tty_wakeup(struct tty_struct * tty)219 static void nci_uart_tty_wakeup(struct tty_struct *tty)
220 {
221 	struct nci_uart *nu = (void *)tty->disc_data;
222 
223 	if (!nu)
224 		return;
225 
226 	clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
227 
228 	if (tty != nu->tty)
229 		return;
230 
231 	nci_uart_tx_wakeup(nu);
232 }
233 
234 /* nci_uart_tty_receive()
235  *
236  *     Called by tty low level driver when receive data is
237  *     available.
238  *
239  * Arguments:  tty          pointer to tty isntance data
240  *             data         pointer to received data
241  *             flags        pointer to flags for data
242  *             count        count of received data in bytes
243  *
244  * Return Value:    None
245  */
nci_uart_tty_receive(struct tty_struct * tty,const u8 * data,char * flags,int count)246 static void nci_uart_tty_receive(struct tty_struct *tty, const u8 *data,
247 				 char *flags, int count)
248 {
249 	struct nci_uart *nu = (void *)tty->disc_data;
250 
251 	if (!nu || tty != nu->tty)
252 		return;
253 
254 	spin_lock(&nu->rx_lock);
255 	nu->ops.recv_buf(nu, (void *)data, flags, count);
256 	spin_unlock(&nu->rx_lock);
257 
258 	tty_unthrottle(tty);
259 }
260 
261 /* nci_uart_tty_ioctl()
262  *
263  *    Process IOCTL system call for the tty device.
264  *
265  * Arguments:
266  *
267  *    tty        pointer to tty instance data
268  *    file       pointer to open file object for device
269  *    cmd        IOCTL command code
270  *    arg        argument for IOCTL call (cmd dependent)
271  *
272  * Return Value:    Command dependent
273  */
nci_uart_tty_ioctl(struct tty_struct * tty,struct file * file,unsigned int cmd,unsigned long arg)274 static int nci_uart_tty_ioctl(struct tty_struct *tty, struct file *file,
275 			      unsigned int cmd, unsigned long arg)
276 {
277 	struct nci_uart *nu = (void *)tty->disc_data;
278 	int err = 0;
279 
280 	switch (cmd) {
281 	case NCIUARTSETDRIVER:
282 		if (!nu)
283 			return nci_uart_set_driver(tty, (unsigned int)arg);
284 		else
285 			return -EBUSY;
286 		break;
287 	default:
288 		err = n_tty_ioctl_helper(tty, file, cmd, arg);
289 		break;
290 	}
291 
292 	return err;
293 }
294 
295 /* We don't provide read/write/poll interface for user space. */
nci_uart_tty_read(struct tty_struct * tty,struct file * file,unsigned char __user * buf,size_t nr)296 static ssize_t nci_uart_tty_read(struct tty_struct *tty, struct file *file,
297 				 unsigned char __user *buf, size_t nr)
298 {
299 	return 0;
300 }
301 
nci_uart_tty_write(struct tty_struct * tty,struct file * file,const unsigned char * data,size_t count)302 static ssize_t nci_uart_tty_write(struct tty_struct *tty, struct file *file,
303 				  const unsigned char *data, size_t count)
304 {
305 	return 0;
306 }
307 
nci_uart_tty_poll(struct tty_struct * tty,struct file * filp,poll_table * wait)308 static __poll_t nci_uart_tty_poll(struct tty_struct *tty,
309 				      struct file *filp, poll_table *wait)
310 {
311 	return 0;
312 }
313 
nci_uart_send(struct nci_uart * nu,struct sk_buff * skb)314 static int nci_uart_send(struct nci_uart *nu, struct sk_buff *skb)
315 {
316 	/* Queue TX packet */
317 	skb_queue_tail(&nu->tx_q, skb);
318 
319 	/* Try to start TX (if possible) */
320 	nci_uart_tx_wakeup(nu);
321 
322 	return 0;
323 }
324 
325 /* -- Default recv_buf handler --
326  *
327  * This handler supposes that NCI frames are sent over UART link without any
328  * framing. It reads NCI header, retrieve the packet size and once all packet
329  * bytes are received it passes it to nci_uart driver for processing.
330  */
nci_uart_default_recv_buf(struct nci_uart * nu,const u8 * data,char * flags,int count)331 static int nci_uart_default_recv_buf(struct nci_uart *nu, const u8 *data,
332 				     char *flags, int count)
333 {
334 	int chunk_len;
335 
336 	if (!nu->ndev) {
337 		nfc_err(nu->tty->dev,
338 			"receive data from tty but no NCI dev is attached yet, drop buffer\n");
339 		return 0;
340 	}
341 
342 	/* Decode all incoming data in packets
343 	 * and enqueue then for processing.
344 	 */
345 	while (count > 0) {
346 		/* If this is the first data of a packet, allocate a buffer */
347 		if (!nu->rx_skb) {
348 			nu->rx_packet_len = -1;
349 			nu->rx_skb = nci_skb_alloc(nu->ndev,
350 						   NCI_MAX_PACKET_SIZE,
351 						   GFP_KERNEL);
352 			if (!nu->rx_skb)
353 				return -ENOMEM;
354 		}
355 
356 		/* Eat byte after byte till full packet header is received */
357 		if (nu->rx_skb->len < NCI_CTRL_HDR_SIZE) {
358 			skb_put_u8(nu->rx_skb, *data++);
359 			--count;
360 			continue;
361 		}
362 
363 		/* Header was received but packet len was not read */
364 		if (nu->rx_packet_len < 0)
365 			nu->rx_packet_len = NCI_CTRL_HDR_SIZE +
366 				nci_plen(nu->rx_skb->data);
367 
368 		/* Compute how many bytes are missing and how many bytes can
369 		 * be consumed.
370 		 */
371 		chunk_len = nu->rx_packet_len - nu->rx_skb->len;
372 		if (count < chunk_len)
373 			chunk_len = count;
374 		skb_put_data(nu->rx_skb, data, chunk_len);
375 		data += chunk_len;
376 		count -= chunk_len;
377 
378 		/* Chcek if packet is fully received */
379 		if (nu->rx_packet_len == nu->rx_skb->len) {
380 			/* Pass RX packet to driver */
381 			if (nu->ops.recv(nu, nu->rx_skb) != 0)
382 				nfc_err(nu->tty->dev, "corrupted RX packet\n");
383 			/* Next packet will be a new one */
384 			nu->rx_skb = NULL;
385 		}
386 	}
387 
388 	return 0;
389 }
390 
391 /* -- Default recv handler -- */
nci_uart_default_recv(struct nci_uart * nu,struct sk_buff * skb)392 static int nci_uart_default_recv(struct nci_uart *nu, struct sk_buff *skb)
393 {
394 	return nci_recv_frame(nu->ndev, skb);
395 }
396 
nci_uart_register(struct nci_uart * nu)397 int nci_uart_register(struct nci_uart *nu)
398 {
399 	if (!nu || !nu->ops.open ||
400 	    !nu->ops.recv || !nu->ops.close)
401 		return -EINVAL;
402 
403 	/* Set the send callback */
404 	nu->ops.send = nci_uart_send;
405 
406 	/* Install default handlers if not overridden */
407 	if (!nu->ops.recv_buf)
408 		nu->ops.recv_buf = nci_uart_default_recv_buf;
409 	if (!nu->ops.recv)
410 		nu->ops.recv = nci_uart_default_recv;
411 
412 	/* Add this driver in the driver list */
413 	if (nci_uart_drivers[nu->driver]) {
414 		pr_err("driver %d is already registered\n", nu->driver);
415 		return -EBUSY;
416 	}
417 	nci_uart_drivers[nu->driver] = nu;
418 
419 	pr_info("NCI uart driver '%s [%d]' registered\n", nu->name, nu->driver);
420 
421 	return 0;
422 }
423 EXPORT_SYMBOL_GPL(nci_uart_register);
424 
nci_uart_unregister(struct nci_uart * nu)425 void nci_uart_unregister(struct nci_uart *nu)
426 {
427 	pr_info("NCI uart driver '%s [%d]' unregistered\n", nu->name,
428 		nu->driver);
429 
430 	/* Remove this driver from the driver list */
431 	nci_uart_drivers[nu->driver] = NULL;
432 }
433 EXPORT_SYMBOL_GPL(nci_uart_unregister);
434 
nci_uart_set_config(struct nci_uart * nu,int baudrate,int flow_ctrl)435 void nci_uart_set_config(struct nci_uart *nu, int baudrate, int flow_ctrl)
436 {
437 	struct ktermios new_termios;
438 
439 	if (!nu->tty)
440 		return;
441 
442 	down_read(&nu->tty->termios_rwsem);
443 	new_termios = nu->tty->termios;
444 	up_read(&nu->tty->termios_rwsem);
445 	tty_termios_encode_baud_rate(&new_termios, baudrate, baudrate);
446 
447 	if (flow_ctrl)
448 		new_termios.c_cflag |= CRTSCTS;
449 	else
450 		new_termios.c_cflag &= ~CRTSCTS;
451 
452 	tty_set_termios(nu->tty, &new_termios);
453 }
454 EXPORT_SYMBOL_GPL(nci_uart_set_config);
455 
456 static struct tty_ldisc_ops nci_uart_ldisc = {
457 	.magic		= TTY_LDISC_MAGIC,
458 	.owner		= THIS_MODULE,
459 	.name		= "n_nci",
460 	.open		= nci_uart_tty_open,
461 	.close		= nci_uart_tty_close,
462 	.read		= nci_uart_tty_read,
463 	.write		= nci_uart_tty_write,
464 	.poll		= nci_uart_tty_poll,
465 	.receive_buf	= nci_uart_tty_receive,
466 	.write_wakeup	= nci_uart_tty_wakeup,
467 	.ioctl		= nci_uart_tty_ioctl,
468 };
469 
nci_uart_init(void)470 static int __init nci_uart_init(void)
471 {
472 	memset(nci_uart_drivers, 0, sizeof(nci_uart_drivers));
473 	return tty_register_ldisc(N_NCI, &nci_uart_ldisc);
474 }
475 
nci_uart_exit(void)476 static void __exit nci_uart_exit(void)
477 {
478 	tty_unregister_ldisc(N_NCI);
479 }
480 
481 module_init(nci_uart_init);
482 module_exit(nci_uart_exit);
483 
484 MODULE_AUTHOR("Marvell International Ltd.");
485 MODULE_DESCRIPTION("NFC NCI UART driver");
486 MODULE_LICENSE("GPL");
487 MODULE_ALIAS_LDISC(N_NCI);
488