cachepc-linux

Fork of AMDESE/linux with modifications for CachePC side-channel attack
git clone https://git.sinitax.com/sinitax/cachepc-linux
Log | Files | Refs | README | LICENSE | sfeed.txt

uart.c (10342B)

      1// SPDX-License-Identifier: GPL-2.0-or-later
      2/*
      3 * Copyright (C) 2015, Marvell International Ltd.
      4 *
      5 * Inspired (hugely) by HCI LDISC implementation in Bluetooth.
      6 *
      7 *  Copyright (C) 2000-2001  Qualcomm Incorporated
      8 *  Copyright (C) 2002-2003  Maxim Krasnyansky <maxk@qualcomm.com>
      9 *  Copyright (C) 2004-2005  Marcel Holtmann <marcel@holtmann.org>
     10 */
     11
     12#include <linux/module.h>
     13
     14#include <linux/kernel.h>
     15#include <linux/init.h>
     16#include <linux/types.h>
     17#include <linux/fcntl.h>
     18#include <linux/interrupt.h>
     19#include <linux/ptrace.h>
     20#include <linux/poll.h>
     21
     22#include <linux/slab.h>
     23#include <linux/tty.h>
     24#include <linux/errno.h>
     25#include <linux/string.h>
     26#include <linux/signal.h>
     27#include <linux/ioctl.h>
     28#include <linux/skbuff.h>
     29
     30#include <net/nfc/nci.h>
     31#include <net/nfc/nci_core.h>
     32
     33/* TX states  */
     34#define NCI_UART_SENDING	1
     35#define NCI_UART_TX_WAKEUP	2
     36
     37static struct nci_uart *nci_uart_drivers[NCI_UART_DRIVER_MAX];
     38
     39static inline struct sk_buff *nci_uart_dequeue(struct nci_uart *nu)
     40{
     41	struct sk_buff *skb = nu->tx_skb;
     42
     43	if (!skb)
     44		skb = skb_dequeue(&nu->tx_q);
     45	else
     46		nu->tx_skb = NULL;
     47
     48	return skb;
     49}
     50
     51static inline int nci_uart_queue_empty(struct nci_uart *nu)
     52{
     53	if (nu->tx_skb)
     54		return 0;
     55
     56	return skb_queue_empty(&nu->tx_q);
     57}
     58
     59static int nci_uart_tx_wakeup(struct nci_uart *nu)
     60{
     61	if (test_and_set_bit(NCI_UART_SENDING, &nu->tx_state)) {
     62		set_bit(NCI_UART_TX_WAKEUP, &nu->tx_state);
     63		return 0;
     64	}
     65
     66	schedule_work(&nu->write_work);
     67
     68	return 0;
     69}
     70
     71static void nci_uart_write_work(struct work_struct *work)
     72{
     73	struct nci_uart *nu = container_of(work, struct nci_uart, write_work);
     74	struct tty_struct *tty = nu->tty;
     75	struct sk_buff *skb;
     76
     77restart:
     78	clear_bit(NCI_UART_TX_WAKEUP, &nu->tx_state);
     79
     80	if (nu->ops.tx_start)
     81		nu->ops.tx_start(nu);
     82
     83	while ((skb = nci_uart_dequeue(nu))) {
     84		int len;
     85
     86		set_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
     87		len = tty->ops->write(tty, skb->data, skb->len);
     88		skb_pull(skb, len);
     89		if (skb->len) {
     90			nu->tx_skb = skb;
     91			break;
     92		}
     93		kfree_skb(skb);
     94	}
     95
     96	if (test_bit(NCI_UART_TX_WAKEUP, &nu->tx_state))
     97		goto restart;
     98
     99	if (nu->ops.tx_done && nci_uart_queue_empty(nu))
    100		nu->ops.tx_done(nu);
    101
    102	clear_bit(NCI_UART_SENDING, &nu->tx_state);
    103}
    104
    105static int nci_uart_set_driver(struct tty_struct *tty, unsigned int driver)
    106{
    107	struct nci_uart *nu = NULL;
    108	int ret;
    109
    110	if (driver >= NCI_UART_DRIVER_MAX)
    111		return -EINVAL;
    112
    113	if (!nci_uart_drivers[driver])
    114		return -ENOENT;
    115
    116	nu = kzalloc(sizeof(*nu), GFP_KERNEL);
    117	if (!nu)
    118		return -ENOMEM;
    119
    120	memcpy(nu, nci_uart_drivers[driver], sizeof(struct nci_uart));
    121	nu->tty = tty;
    122	tty->disc_data = nu;
    123	skb_queue_head_init(&nu->tx_q);
    124	INIT_WORK(&nu->write_work, nci_uart_write_work);
    125	spin_lock_init(&nu->rx_lock);
    126
    127	ret = nu->ops.open(nu);
    128	if (ret) {
    129		tty->disc_data = NULL;
    130		kfree(nu);
    131	} else if (!try_module_get(nu->owner)) {
    132		nu->ops.close(nu);
    133		tty->disc_data = NULL;
    134		kfree(nu);
    135		return -ENOENT;
    136	}
    137	return ret;
    138}
    139
    140/* ------ LDISC part ------ */
    141
    142/* nci_uart_tty_open
    143 *
    144 *     Called when line discipline changed to NCI_UART.
    145 *
    146 * Arguments:
    147 *     tty    pointer to tty info structure
    148 * Return Value:
    149 *     0 if success, otherwise error code
    150 */
    151static int nci_uart_tty_open(struct tty_struct *tty)
    152{
    153	/* Error if the tty has no write op instead of leaving an exploitable
    154	 * hole
    155	 */
    156	if (!tty->ops->write)
    157		return -EOPNOTSUPP;
    158
    159	tty->disc_data = NULL;
    160	tty->receive_room = 65536;
    161
    162	/* Flush any pending characters in the driver */
    163	tty_driver_flush_buffer(tty);
    164
    165	return 0;
    166}
    167
    168/* nci_uart_tty_close()
    169 *
    170 *    Called when the line discipline is changed to something
    171 *    else, the tty is closed, or the tty detects a hangup.
    172 */
    173static void nci_uart_tty_close(struct tty_struct *tty)
    174{
    175	struct nci_uart *nu = (void *)tty->disc_data;
    176
    177	/* Detach from the tty */
    178	tty->disc_data = NULL;
    179
    180	if (!nu)
    181		return;
    182
    183	kfree_skb(nu->tx_skb);
    184	kfree_skb(nu->rx_skb);
    185
    186	skb_queue_purge(&nu->tx_q);
    187
    188	nu->ops.close(nu);
    189	nu->tty = NULL;
    190	module_put(nu->owner);
    191
    192	cancel_work_sync(&nu->write_work);
    193
    194	kfree(nu);
    195}
    196
    197/* nci_uart_tty_wakeup()
    198 *
    199 *    Callback for transmit wakeup. Called when low level
    200 *    device driver can accept more send data.
    201 *
    202 * Arguments:        tty    pointer to associated tty instance data
    203 * Return Value:    None
    204 */
    205static void nci_uart_tty_wakeup(struct tty_struct *tty)
    206{
    207	struct nci_uart *nu = (void *)tty->disc_data;
    208
    209	if (!nu)
    210		return;
    211
    212	clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
    213
    214	if (tty != nu->tty)
    215		return;
    216
    217	nci_uart_tx_wakeup(nu);
    218}
    219
    220/* -- Default recv_buf handler --
    221 *
    222 * This handler supposes that NCI frames are sent over UART link without any
    223 * framing. It reads NCI header, retrieve the packet size and once all packet
    224 * bytes are received it passes it to nci_uart driver for processing.
    225 */
    226static int nci_uart_default_recv_buf(struct nci_uart *nu, const u8 *data,
    227				     int count)
    228{
    229	int chunk_len;
    230
    231	if (!nu->ndev) {
    232		nfc_err(nu->tty->dev,
    233			"receive data from tty but no NCI dev is attached yet, drop buffer\n");
    234		return 0;
    235	}
    236
    237	/* Decode all incoming data in packets
    238	 * and enqueue then for processing.
    239	 */
    240	while (count > 0) {
    241		/* If this is the first data of a packet, allocate a buffer */
    242		if (!nu->rx_skb) {
    243			nu->rx_packet_len = -1;
    244			nu->rx_skb = nci_skb_alloc(nu->ndev,
    245						   NCI_MAX_PACKET_SIZE,
    246						   GFP_ATOMIC);
    247			if (!nu->rx_skb)
    248				return -ENOMEM;
    249		}
    250
    251		/* Eat byte after byte till full packet header is received */
    252		if (nu->rx_skb->len < NCI_CTRL_HDR_SIZE) {
    253			skb_put_u8(nu->rx_skb, *data++);
    254			--count;
    255			continue;
    256		}
    257
    258		/* Header was received but packet len was not read */
    259		if (nu->rx_packet_len < 0)
    260			nu->rx_packet_len = NCI_CTRL_HDR_SIZE +
    261				nci_plen(nu->rx_skb->data);
    262
    263		/* Compute how many bytes are missing and how many bytes can
    264		 * be consumed.
    265		 */
    266		chunk_len = nu->rx_packet_len - nu->rx_skb->len;
    267		if (count < chunk_len)
    268			chunk_len = count;
    269		skb_put_data(nu->rx_skb, data, chunk_len);
    270		data += chunk_len;
    271		count -= chunk_len;
    272
    273		/* Check if packet is fully received */
    274		if (nu->rx_packet_len == nu->rx_skb->len) {
    275			/* Pass RX packet to driver */
    276			if (nu->ops.recv(nu, nu->rx_skb) != 0)
    277				nfc_err(nu->tty->dev, "corrupted RX packet\n");
    278			/* Next packet will be a new one */
    279			nu->rx_skb = NULL;
    280		}
    281	}
    282
    283	return 0;
    284}
    285
    286/* nci_uart_tty_receive()
    287 *
    288 *     Called by tty low level driver when receive data is
    289 *     available.
    290 *
    291 * Arguments:  tty          pointer to tty instance data
    292 *             data         pointer to received data
    293 *             flags        pointer to flags for data
    294 *             count        count of received data in bytes
    295 *
    296 * Return Value:    None
    297 */
    298static void nci_uart_tty_receive(struct tty_struct *tty, const u8 *data,
    299				 const char *flags, int count)
    300{
    301	struct nci_uart *nu = (void *)tty->disc_data;
    302
    303	if (!nu || tty != nu->tty)
    304		return;
    305
    306	spin_lock(&nu->rx_lock);
    307	nci_uart_default_recv_buf(nu, data, count);
    308	spin_unlock(&nu->rx_lock);
    309
    310	tty_unthrottle(tty);
    311}
    312
    313/* nci_uart_tty_ioctl()
    314 *
    315 *    Process IOCTL system call for the tty device.
    316 *
    317 * Arguments:
    318 *
    319 *    tty        pointer to tty instance data
    320 *    cmd        IOCTL command code
    321 *    arg        argument for IOCTL call (cmd dependent)
    322 *
    323 * Return Value:    Command dependent
    324 */
    325static int nci_uart_tty_ioctl(struct tty_struct *tty, unsigned int cmd,
    326			      unsigned long arg)
    327{
    328	struct nci_uart *nu = (void *)tty->disc_data;
    329	int err = 0;
    330
    331	switch (cmd) {
    332	case NCIUARTSETDRIVER:
    333		if (!nu)
    334			return nci_uart_set_driver(tty, (unsigned int)arg);
    335		else
    336			return -EBUSY;
    337		break;
    338	default:
    339		err = n_tty_ioctl_helper(tty, cmd, arg);
    340		break;
    341	}
    342
    343	return err;
    344}
    345
    346/* We don't provide read/write/poll interface for user space. */
    347static ssize_t nci_uart_tty_read(struct tty_struct *tty, struct file *file,
    348				 unsigned char *buf, size_t nr,
    349				 void **cookie, unsigned long offset)
    350{
    351	return 0;
    352}
    353
    354static ssize_t nci_uart_tty_write(struct tty_struct *tty, struct file *file,
    355				  const unsigned char *data, size_t count)
    356{
    357	return 0;
    358}
    359
    360static __poll_t nci_uart_tty_poll(struct tty_struct *tty,
    361				      struct file *filp, poll_table *wait)
    362{
    363	return 0;
    364}
    365
    366static int nci_uart_send(struct nci_uart *nu, struct sk_buff *skb)
    367{
    368	/* Queue TX packet */
    369	skb_queue_tail(&nu->tx_q, skb);
    370
    371	/* Try to start TX (if possible) */
    372	nci_uart_tx_wakeup(nu);
    373
    374	return 0;
    375}
    376
    377int nci_uart_register(struct nci_uart *nu)
    378{
    379	if (!nu || !nu->ops.open ||
    380	    !nu->ops.recv || !nu->ops.close)
    381		return -EINVAL;
    382
    383	/* Set the send callback */
    384	nu->ops.send = nci_uart_send;
    385
    386	/* Add this driver in the driver list */
    387	if (nci_uart_drivers[nu->driver]) {
    388		pr_err("driver %d is already registered\n", nu->driver);
    389		return -EBUSY;
    390	}
    391	nci_uart_drivers[nu->driver] = nu;
    392
    393	pr_info("NCI uart driver '%s [%d]' registered\n", nu->name, nu->driver);
    394
    395	return 0;
    396}
    397EXPORT_SYMBOL_GPL(nci_uart_register);
    398
    399void nci_uart_unregister(struct nci_uart *nu)
    400{
    401	pr_info("NCI uart driver '%s [%d]' unregistered\n", nu->name,
    402		nu->driver);
    403
    404	/* Remove this driver from the driver list */
    405	nci_uart_drivers[nu->driver] = NULL;
    406}
    407EXPORT_SYMBOL_GPL(nci_uart_unregister);
    408
    409void nci_uart_set_config(struct nci_uart *nu, int baudrate, int flow_ctrl)
    410{
    411	struct ktermios new_termios;
    412
    413	if (!nu->tty)
    414		return;
    415
    416	down_read(&nu->tty->termios_rwsem);
    417	new_termios = nu->tty->termios;
    418	up_read(&nu->tty->termios_rwsem);
    419	tty_termios_encode_baud_rate(&new_termios, baudrate, baudrate);
    420
    421	if (flow_ctrl)
    422		new_termios.c_cflag |= CRTSCTS;
    423	else
    424		new_termios.c_cflag &= ~CRTSCTS;
    425
    426	tty_set_termios(nu->tty, &new_termios);
    427}
    428EXPORT_SYMBOL_GPL(nci_uart_set_config);
    429
    430static struct tty_ldisc_ops nci_uart_ldisc = {
    431	.owner		= THIS_MODULE,
    432	.num		= N_NCI,
    433	.name		= "n_nci",
    434	.open		= nci_uart_tty_open,
    435	.close		= nci_uart_tty_close,
    436	.read		= nci_uart_tty_read,
    437	.write		= nci_uart_tty_write,
    438	.poll		= nci_uart_tty_poll,
    439	.receive_buf	= nci_uart_tty_receive,
    440	.write_wakeup	= nci_uart_tty_wakeup,
    441	.ioctl		= nci_uart_tty_ioctl,
    442	.compat_ioctl	= nci_uart_tty_ioctl,
    443};
    444
    445static int __init nci_uart_init(void)
    446{
    447	return tty_register_ldisc(&nci_uart_ldisc);
    448}
    449
    450static void __exit nci_uart_exit(void)
    451{
    452	tty_unregister_ldisc(&nci_uart_ldisc);
    453}
    454
    455module_init(nci_uart_init);
    456module_exit(nci_uart_exit);
    457
    458MODULE_AUTHOR("Marvell International Ltd.");
    459MODULE_DESCRIPTION("NFC NCI UART driver");
    460MODULE_LICENSE("GPL");
    461MODULE_ALIAS_LDISC(N_NCI);