1 /*
2  * Copyright (c) 2019 Nordic Semiconductor ASA
3  *
4  * SPDX-License-Identifier: Apache-2.0
5  */
6 
7 #include <zephyr/init.h>
8 #include <zephyr/sys/byteorder.h>
9 
10 #include <zephyr/bluetooth/bluetooth.h>
11 #include <zephyr/bluetooth/hci.h>
12 #include <zephyr/drivers/bluetooth/hci_driver.h>
13 
14 #include <zephyr/device.h>
15 #include <zephyr/ipc/ipc_service.h>
16 
17 #define LOG_LEVEL CONFIG_BT_HCI_DRIVER_LOG_LEVEL
18 #include <zephyr/logging/log.h>
19 LOG_MODULE_REGISTER(bt_hci_driver);
20 
21 #define RPMSG_CMD 0x01
22 #define RPMSG_ACL 0x02
23 #define RPMSG_SCO 0x03
24 #define RPMSG_EVT 0x04
25 #define RPMSG_ISO 0x05
26 
27 #define IPC_BOUND_TIMEOUT_IN_MS K_MSEC(1000)
28 
29 static struct ipc_ept hci_ept;
30 static K_SEM_DEFINE(ipc_bound_sem, 0, 1);
31 
is_hci_event_discardable(const uint8_t * evt_data)32 static bool is_hci_event_discardable(const uint8_t *evt_data)
33 {
34 	uint8_t evt_type = evt_data[0];
35 
36 	switch (evt_type) {
37 #if defined(CONFIG_BT_BREDR)
38 	case BT_HCI_EVT_INQUIRY_RESULT_WITH_RSSI:
39 	case BT_HCI_EVT_EXTENDED_INQUIRY_RESULT:
40 		return true;
41 #endif
42 	case BT_HCI_EVT_LE_META_EVENT: {
43 		uint8_t subevt_type = evt_data[sizeof(struct bt_hci_evt_hdr)];
44 
45 		switch (subevt_type) {
46 		case BT_HCI_EVT_LE_ADVERTISING_REPORT:
47 			return true;
48 #if defined(CONFIG_BT_EXT_ADV)
49 		case BT_HCI_EVT_LE_EXT_ADVERTISING_REPORT:
50 		{
51 			const struct bt_hci_evt_le_ext_advertising_report *ext_adv =
52 				(void *)&evt_data[3];
53 
54 			return (ext_adv->num_reports == 1) &&
55 				   ((ext_adv->adv_info[0].evt_type &
56 					 BT_HCI_LE_ADV_EVT_TYPE_LEGACY) != 0);
57 		}
58 #endif
59 		default:
60 			return false;
61 		}
62 	}
63 	default:
64 		return false;
65 	}
66 }
67 
bt_rpmsg_evt_recv(const uint8_t * data,size_t remaining)68 static struct net_buf *bt_rpmsg_evt_recv(const uint8_t *data, size_t remaining)
69 {
70 	bool discardable;
71 	struct bt_hci_evt_hdr hdr;
72 	struct net_buf *buf;
73 	size_t buf_tailroom;
74 
75 	if (remaining < sizeof(hdr)) {
76 		LOG_ERR("Not enough data for event header");
77 		return NULL;
78 	}
79 
80 	discardable = is_hci_event_discardable(data);
81 
82 	memcpy((void *)&hdr, data, sizeof(hdr));
83 	data += sizeof(hdr);
84 	remaining -= sizeof(hdr);
85 
86 	if (remaining != hdr.len) {
87 		LOG_ERR("Event payload length is not correct");
88 		return NULL;
89 	}
90 	LOG_DBG("len %u", hdr.len);
91 
92 	do {
93 		buf = bt_buf_get_evt(hdr.evt, discardable, discardable ? K_NO_WAIT : K_SECONDS(10));
94 		if (!buf) {
95 			if (discardable) {
96 				LOG_DBG("Discardable buffer pool full, ignoring event");
97 				return buf;
98 			}
99 			LOG_WRN("Couldn't allocate a buffer after waiting 10 seconds.");
100 		}
101 	} while (!buf);
102 
103 	net_buf_add_mem(buf, &hdr, sizeof(hdr));
104 
105 	buf_tailroom = net_buf_tailroom(buf);
106 	if (buf_tailroom < remaining) {
107 		LOG_ERR("Not enough space in buffer %zu/%zu", remaining, buf_tailroom);
108 		net_buf_unref(buf);
109 		return NULL;
110 	}
111 
112 	net_buf_add_mem(buf, data, remaining);
113 
114 	return buf;
115 }
116 
bt_rpmsg_acl_recv(const uint8_t * data,size_t remaining)117 static struct net_buf *bt_rpmsg_acl_recv(const uint8_t *data, size_t remaining)
118 {
119 	struct bt_hci_acl_hdr hdr;
120 	struct net_buf *buf;
121 	size_t buf_tailroom;
122 
123 	if (remaining < sizeof(hdr)) {
124 		LOG_ERR("Not enough data for ACL header");
125 		return NULL;
126 	}
127 
128 	buf = bt_buf_get_rx(BT_BUF_ACL_IN, K_NO_WAIT);
129 	if (buf) {
130 		memcpy((void *)&hdr, data, sizeof(hdr));
131 		data += sizeof(hdr);
132 		remaining -= sizeof(hdr);
133 
134 		net_buf_add_mem(buf, &hdr, sizeof(hdr));
135 	} else {
136 		LOG_ERR("No available ACL buffers!");
137 		return NULL;
138 	}
139 
140 	if (remaining != sys_le16_to_cpu(hdr.len)) {
141 		LOG_ERR("ACL payload length is not correct");
142 		net_buf_unref(buf);
143 		return NULL;
144 	}
145 
146 	buf_tailroom = net_buf_tailroom(buf);
147 	if (buf_tailroom < remaining) {
148 		LOG_ERR("Not enough space in buffer %zu/%zu", remaining, buf_tailroom);
149 		net_buf_unref(buf);
150 		return NULL;
151 	}
152 
153 	LOG_DBG("len %u", remaining);
154 	net_buf_add_mem(buf, data, remaining);
155 
156 	return buf;
157 }
158 
bt_rpmsg_iso_recv(const uint8_t * data,size_t remaining)159 static struct net_buf *bt_rpmsg_iso_recv(const uint8_t *data, size_t remaining)
160 {
161 	struct bt_hci_iso_hdr hdr;
162 	struct net_buf *buf;
163 	size_t buf_tailroom;
164 
165 	if (remaining < sizeof(hdr)) {
166 		LOG_ERR("Not enough data for ISO header");
167 		return NULL;
168 	}
169 
170 	buf = bt_buf_get_rx(BT_BUF_ISO_IN, K_NO_WAIT);
171 	if (buf) {
172 		memcpy((void *)&hdr, data, sizeof(hdr));
173 		data += sizeof(hdr);
174 		remaining -= sizeof(hdr);
175 
176 		net_buf_add_mem(buf, &hdr, sizeof(hdr));
177 	} else {
178 		LOG_ERR("No available ISO buffers!");
179 		return NULL;
180 	}
181 
182 	if (remaining != bt_iso_hdr_len(sys_le16_to_cpu(hdr.len))) {
183 		LOG_ERR("ISO payload length is not correct");
184 		net_buf_unref(buf);
185 		return NULL;
186 	}
187 
188 	buf_tailroom = net_buf_tailroom(buf);
189 	if (buf_tailroom < remaining) {
190 		LOG_ERR("Not enough space in buffer %zu/%zu", remaining, buf_tailroom);
191 		net_buf_unref(buf);
192 		return NULL;
193 	}
194 
195 	LOG_DBG("len %zu", remaining);
196 	net_buf_add_mem(buf, data, remaining);
197 
198 	return buf;
199 }
200 
bt_rpmsg_rx(const uint8_t * data,size_t len)201 static void bt_rpmsg_rx(const uint8_t *data, size_t len)
202 {
203 	uint8_t pkt_indicator;
204 	struct net_buf *buf = NULL;
205 	size_t remaining = len;
206 
207 	LOG_HEXDUMP_DBG(data, len, "RPMsg data:");
208 
209 	pkt_indicator = *data++;
210 	remaining -= sizeof(pkt_indicator);
211 
212 	switch (pkt_indicator) {
213 	case RPMSG_EVT:
214 		buf = bt_rpmsg_evt_recv(data, remaining);
215 		break;
216 
217 	case RPMSG_ACL:
218 		buf = bt_rpmsg_acl_recv(data, remaining);
219 		break;
220 
221 	case RPMSG_ISO:
222 		buf = bt_rpmsg_iso_recv(data, remaining);
223 		break;
224 
225 	default:
226 		LOG_ERR("Unknown HCI type %u", pkt_indicator);
227 		return;
228 	}
229 
230 	if (buf) {
231 		LOG_DBG("Calling bt_recv(%p)", buf);
232 
233 		bt_recv(buf);
234 
235 		LOG_HEXDUMP_DBG(buf->data, buf->len, "RX buf payload:");
236 	}
237 }
238 
bt_rpmsg_send(struct net_buf * buf)239 static int bt_rpmsg_send(struct net_buf *buf)
240 {
241 	int err;
242 	uint8_t pkt_indicator;
243 
244 	LOG_DBG("buf %p type %u len %u", buf, bt_buf_get_type(buf), buf->len);
245 
246 	switch (bt_buf_get_type(buf)) {
247 	case BT_BUF_ACL_OUT:
248 		pkt_indicator = RPMSG_ACL;
249 		break;
250 	case BT_BUF_CMD:
251 		pkt_indicator = RPMSG_CMD;
252 		break;
253 	case BT_BUF_ISO_OUT:
254 		pkt_indicator = RPMSG_ISO;
255 		break;
256 	default:
257 		LOG_ERR("Unknown type %u", bt_buf_get_type(buf));
258 		goto done;
259 	}
260 	net_buf_push_u8(buf, pkt_indicator);
261 
262 	LOG_HEXDUMP_DBG(buf->data, buf->len, "Final HCI buffer:");
263 	err = ipc_service_send(&hci_ept, buf->data, buf->len);
264 	if (err < 0) {
265 		LOG_ERR("Failed to send (err %d)", err);
266 	}
267 
268 done:
269 	net_buf_unref(buf);
270 	return 0;
271 }
272 
hci_ept_bound(void * priv)273 static void hci_ept_bound(void *priv)
274 {
275 	k_sem_give(&ipc_bound_sem);
276 }
277 
hci_ept_recv(const void * data,size_t len,void * priv)278 static void hci_ept_recv(const void *data, size_t len, void *priv)
279 {
280 	bt_rpmsg_rx(data, len);
281 }
282 
283 static struct ipc_ept_cfg hci_ept_cfg = {
284 	.name = "nrf_bt_hci",
285 	.cb = {
286 		.bound    = hci_ept_bound,
287 		.received = hci_ept_recv,
288 	},
289 };
290 
bt_rpmsg_open(void)291 static int bt_rpmsg_open(void)
292 {
293 	int err;
294 	const struct device *hci_ipc_instance =
295 		DEVICE_DT_GET(DT_CHOSEN(zephyr_bt_hci_rpmsg_ipc));
296 
297 	LOG_DBG("");
298 
299 	err = ipc_service_open_instance(hci_ipc_instance);
300 	if (err && (err != -EALREADY)) {
301 		LOG_ERR("IPC service instance initialization failed: %d\n", err);
302 		return err;
303 	}
304 
305 	err = ipc_service_register_endpoint(hci_ipc_instance, &hci_ept, &hci_ept_cfg);
306 	if (err) {
307 		LOG_ERR("Registering endpoint failed with %d", err);
308 		return err;
309 	}
310 
311 	err = k_sem_take(&ipc_bound_sem, IPC_BOUND_TIMEOUT_IN_MS);
312 	if (err) {
313 		LOG_ERR("Endpoint binding failed with %d", err);
314 		return err;
315 	}
316 
317 	return 0;
318 }
319 
320 static const struct bt_hci_driver drv = {
321 	.name		= "RPMsg",
322 	.open		= bt_rpmsg_open,
323 	.send		= bt_rpmsg_send,
324 	.bus		= BT_HCI_DRIVER_BUS_IPM,
325 #if defined(CONFIG_BT_DRIVER_QUIRK_NO_AUTO_DLE)
326 	.quirks         = BT_QUIRK_NO_AUTO_DLE,
327 #endif
328 };
329 
bt_rpmsg_init(void)330 static int bt_rpmsg_init(void)
331 {
332 
333 	int err;
334 
335 	err = bt_hci_driver_register(&drv);
336 	if (err < 0) {
337 		LOG_ERR("Failed to register BT HIC driver (err %d)", err);
338 	}
339 
340 	return err;
341 }
342 
343 SYS_INIT(bt_rpmsg_init, POST_KERNEL, CONFIG_KERNEL_INIT_PRIORITY_DEVICE);
344