[WAN]: lmc_ioctl: don't return with locks held
[linux-2.6] / drivers / bluetooth / hci_vhci.c
1 /*
2  *
3  *  Bluetooth virtual HCI driver
4  *
5  *  Copyright (C) 2000-2001  Qualcomm Incorporated
6  *  Copyright (C) 2002-2003  Maxim Krasnyansky <maxk@qualcomm.com>
7  *  Copyright (C) 2004-2006  Marcel Holtmann <marcel@holtmann.org>
8  *
9  *
10  *  This program is free software; you can redistribute it and/or modify
11  *  it under the terms of the GNU General Public License as published by
12  *  the Free Software Foundation; either version 2 of the License, or
13  *  (at your option) any later version.
14  *
15  *  This program is distributed in the hope that it will be useful,
16  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
17  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18  *  GNU General Public License for more details.
19  *
20  *  You should have received a copy of the GNU General Public License
21  *  along with this program; if not, write to the Free Software
22  *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
23  *
24  */
25
26 #include <linux/module.h>
27
28 #include <linux/kernel.h>
29 #include <linux/init.h>
30 #include <linux/slab.h>
31 #include <linux/types.h>
32 #include <linux/errno.h>
33 #include <linux/sched.h>
34 #include <linux/poll.h>
35
36 #include <linux/skbuff.h>
37 #include <linux/miscdevice.h>
38
39 #include <net/bluetooth/bluetooth.h>
40 #include <net/bluetooth/hci_core.h>
41
42 #ifndef CONFIG_BT_HCIVHCI_DEBUG
43 #undef  BT_DBG
44 #define BT_DBG(D...)
45 #endif
46
47 #define VERSION "1.2"
48
49 static int minor = MISC_DYNAMIC_MINOR;
50
51 struct vhci_data {
52         struct hci_dev *hdev;
53
54         unsigned long flags;
55
56         wait_queue_head_t read_wait;
57         struct sk_buff_head readq;
58
59         struct fasync_struct *fasync;
60 };
61
62 #define VHCI_FASYNC     0x0010
63
64 static struct miscdevice vhci_miscdev;
65
66 static int vhci_open_dev(struct hci_dev *hdev)
67 {
68         set_bit(HCI_RUNNING, &hdev->flags);
69
70         return 0;
71 }
72
73 static int vhci_close_dev(struct hci_dev *hdev)
74 {
75         struct vhci_data *data = hdev->driver_data;
76
77         if (!test_and_clear_bit(HCI_RUNNING, &hdev->flags))
78                 return 0;
79
80         skb_queue_purge(&data->readq);
81
82         return 0;
83 }
84
85 static int vhci_flush(struct hci_dev *hdev)
86 {
87         struct vhci_data *data = hdev->driver_data;
88
89         skb_queue_purge(&data->readq);
90
91         return 0;
92 }
93
94 static int vhci_send_frame(struct sk_buff *skb)
95 {
96         struct hci_dev* hdev = (struct hci_dev *) skb->dev;
97         struct vhci_data *data;
98
99         if (!hdev) {
100                 BT_ERR("Frame for unknown HCI device (hdev=NULL)");
101                 return -ENODEV;
102         }
103
104         if (!test_bit(HCI_RUNNING, &hdev->flags))
105                 return -EBUSY;
106
107         data = hdev->driver_data;
108
109         memcpy(skb_push(skb, 1), &bt_cb(skb)->pkt_type, 1);
110         skb_queue_tail(&data->readq, skb);
111
112         if (data->flags & VHCI_FASYNC)
113                 kill_fasync(&data->fasync, SIGIO, POLL_IN);
114
115         wake_up_interruptible(&data->read_wait);
116
117         return 0;
118 }
119
120 static void vhci_destruct(struct hci_dev *hdev)
121 {
122         kfree(hdev->driver_data);
123 }
124
125 static inline ssize_t vhci_get_user(struct vhci_data *data,
126                                         const char __user *buf, size_t count)
127 {
128         struct sk_buff *skb;
129
130         if (count > HCI_MAX_FRAME_SIZE)
131                 return -EINVAL;
132
133         skb = bt_skb_alloc(count, GFP_KERNEL);
134         if (!skb)
135                 return -ENOMEM;
136
137         if (copy_from_user(skb_put(skb, count), buf, count)) {
138                 kfree_skb(skb);
139                 return -EFAULT;
140         }
141
142         skb->dev = (void *) data->hdev;
143         bt_cb(skb)->pkt_type = *((__u8 *) skb->data);
144         skb_pull(skb, 1);
145
146         hci_recv_frame(skb);
147
148         return count;
149 }
150
151 static inline ssize_t vhci_put_user(struct vhci_data *data,
152                         struct sk_buff *skb, char __user *buf, int count)
153 {
154         char __user *ptr = buf;
155         int len, total = 0;
156
157         len = min_t(unsigned int, skb->len, count);
158
159         if (copy_to_user(ptr, skb->data, len))
160                 return -EFAULT;
161
162         total += len;
163
164         data->hdev->stat.byte_tx += len;
165
166         switch (bt_cb(skb)->pkt_type) {
167         case HCI_COMMAND_PKT:
168                 data->hdev->stat.cmd_tx++;
169                 break;
170
171         case HCI_ACLDATA_PKT:
172                 data->hdev->stat.acl_tx++;
173                 break;
174
175         case HCI_SCODATA_PKT:
176                 data->hdev->stat.cmd_tx++;
177                 break;
178         };
179
180         return total;
181 }
182
183 static ssize_t vhci_read(struct file *file,
184                                 char __user *buf, size_t count, loff_t *pos)
185 {
186         DECLARE_WAITQUEUE(wait, current);
187         struct vhci_data *data = file->private_data;
188         struct sk_buff *skb;
189         ssize_t ret = 0;
190
191         add_wait_queue(&data->read_wait, &wait);
192         while (count) {
193                 set_current_state(TASK_INTERRUPTIBLE);
194
195                 skb = skb_dequeue(&data->readq);
196                 if (!skb) {
197                         if (file->f_flags & O_NONBLOCK) {
198                                 ret = -EAGAIN;
199                                 break;
200                         }
201
202                         if (signal_pending(current)) {
203                                 ret = -ERESTARTSYS;
204                                 break;
205                         }
206
207                         schedule();
208                         continue;
209                 }
210
211                 if (access_ok(VERIFY_WRITE, buf, count))
212                         ret = vhci_put_user(data, skb, buf, count);
213                 else
214                         ret = -EFAULT;
215
216                 kfree_skb(skb);
217                 break;
218         }
219         set_current_state(TASK_RUNNING);
220         remove_wait_queue(&data->read_wait, &wait);
221
222         return ret;
223 }
224
225 static ssize_t vhci_write(struct file *file,
226                         const char __user *buf, size_t count, loff_t *pos)
227 {
228         struct vhci_data *data = file->private_data;
229
230         if (!access_ok(VERIFY_READ, buf, count))
231                 return -EFAULT;
232
233         return vhci_get_user(data, buf, count);
234 }
235
236 static unsigned int vhci_poll(struct file *file, poll_table *wait)
237 {
238         struct vhci_data *data = file->private_data;
239
240         poll_wait(file, &data->read_wait, wait);
241
242         if (!skb_queue_empty(&data->readq))
243                 return POLLIN | POLLRDNORM;
244
245         return POLLOUT | POLLWRNORM;
246 }
247
248 static int vhci_ioctl(struct inode *inode, struct file *file,
249                                         unsigned int cmd, unsigned long arg)
250 {
251         return -EINVAL;
252 }
253
254 static int vhci_open(struct inode *inode, struct file *file)
255 {
256         struct vhci_data *data;
257         struct hci_dev *hdev;
258
259         data = kzalloc(sizeof(struct vhci_data), GFP_KERNEL);
260         if (!data)
261                 return -ENOMEM;
262
263         skb_queue_head_init(&data->readq);
264         init_waitqueue_head(&data->read_wait);
265
266         hdev = hci_alloc_dev();
267         if (!hdev) {
268                 kfree(data);
269                 return -ENOMEM;
270         }
271
272         data->hdev = hdev;
273
274         hdev->type = HCI_VIRTUAL;
275         hdev->driver_data = data;
276
277         hdev->open     = vhci_open_dev;
278         hdev->close    = vhci_close_dev;
279         hdev->flush    = vhci_flush;
280         hdev->send     = vhci_send_frame;
281         hdev->destruct = vhci_destruct;
282
283         hdev->owner = THIS_MODULE;
284
285         if (hci_register_dev(hdev) < 0) {
286                 BT_ERR("Can't register HCI device");
287                 kfree(data);
288                 hci_free_dev(hdev);
289                 return -EBUSY;
290         }
291
292         file->private_data = data;
293
294         return nonseekable_open(inode, file);
295 }
296
297 static int vhci_release(struct inode *inode, struct file *file)
298 {
299         struct vhci_data *data = file->private_data;
300         struct hci_dev *hdev = data->hdev;
301
302         if (hci_unregister_dev(hdev) < 0) {
303                 BT_ERR("Can't unregister HCI device %s", hdev->name);
304         }
305
306         hci_free_dev(hdev);
307
308         file->private_data = NULL;
309
310         return 0;
311 }
312
313 static int vhci_fasync(int fd, struct file *file, int on)
314 {
315         struct vhci_data *data = file->private_data;
316         int err;
317
318         err = fasync_helper(fd, file, on, &data->fasync);
319         if (err < 0)
320                 return err;
321
322         if (on)
323                 data->flags |= VHCI_FASYNC;
324         else
325                 data->flags &= ~VHCI_FASYNC;
326
327         return 0;
328 }
329
330 static const struct file_operations vhci_fops = {
331         .owner          = THIS_MODULE,
332         .read           = vhci_read,
333         .write          = vhci_write,
334         .poll           = vhci_poll,
335         .ioctl          = vhci_ioctl,
336         .open           = vhci_open,
337         .release        = vhci_release,
338         .fasync         = vhci_fasync,
339 };
340
341 static struct miscdevice vhci_miscdev= {
342         .name           = "vhci",
343         .fops           = &vhci_fops,
344 };
345
346 static int __init vhci_init(void)
347 {
348         BT_INFO("Virtual HCI driver ver %s", VERSION);
349
350         vhci_miscdev.minor = minor;
351
352         if (misc_register(&vhci_miscdev) < 0) {
353                 BT_ERR("Can't register misc device with minor %d", minor);
354                 return -EIO;
355         }
356
357         return 0;
358 }
359
360 static void __exit vhci_exit(void)
361 {
362         if (misc_deregister(&vhci_miscdev) < 0)
363                 BT_ERR("Can't unregister misc device with minor %d", minor);
364 }
365
366 module_init(vhci_init);
367 module_exit(vhci_exit);
368
369 module_param(minor, int, 0444);
370 MODULE_PARM_DESC(minor, "Miscellaneous minor device number");
371
372 MODULE_AUTHOR("Maxim Krasnyansky <maxk@qualcomm.com>, Marcel Holtmann <marcel@holtmann.org>");
373 MODULE_DESCRIPTION("Bluetooth virtual HCI driver ver " VERSION);
374 MODULE_VERSION(VERSION);
375 MODULE_LICENSE("GPL");