diff mbox series

[v5,2/5] Bluetooth: aosp: surface AOSP quality report through mgmt

Message ID 20220525184510.v5.2.I2015b42d2d0a502334c9c3a2983438b89716d4f0@changeid
State Superseded
Headers show
Series [v5,1/5] Bluetooth: mgmt: add MGMT_OP_SET_QUALITY_REPORT for quality report | expand

Commit Message

Joseph Hwang May 25, 2022, 10:45 a.m. UTC
When receiving a HCI vendor event, the kernel checks if it is an
AOSP bluetooth quality report. If yes, the event is sent to bluez
user space through the mgmt socket.

Signed-off-by: Joseph Hwang <josephsih@chromium.org>
Reviewed-by: Archie Pusaka <apusaka@chromium.org>
---

Changes in v5:
- Define "struct ext_vendor_prefix" to replace "struct vendor_prefix"
  so that extended vendor prefix = prefix + 1-octet subcode
- Define aosp_ext_prefix to provide AOSP extended prefix which is
  returned by aosp_get_ext_prefix().
- Redefine struct ext_vendor_event_prefix such that
  . it uses get_ext_vendor_prefix to get prefix and subcodes where
    the prefix and the prefix length may be variable and are not
    unknown until run time;
  . it uses vendor_func to handle a vendor event
  This table handles vendor events in a generic way.
- Rewrite hci_vendor_evt() so that it compares both vendor prefix
  and subcode to match a vendor event.
- Define set_ext_prefix() to create MSFT extended vendor prefix
  which is returned by msft_get_ext_prefix().
- Do not EXPORT_SYMBOL(mgmt_quality_report).
- Keep msft_get_ext_prefix in msft instead of hci_dev since it is
  not used by any drivers.

Changes in v3:
- Rebase to resolve the code conflict.
- Move aosp_quality_report_evt() from hci_event.c to aosp.c.
- A new patch (3/3) is added to enable the quality report feature.

Changes in v2:
- Scrap the two structures defined in aosp.c and use constants for
  size check.
- Do a basic size check about the quality report event. Do not pull
  data from the event in which the kernel has no interest.
- Define vendor event prefixes with which vendor events of distinct
  vendor specifications can be clearly differentiated.
- Use mgmt helpers to add the header and data to a mgmt skb.

 include/net/bluetooth/hci_core.h | 12 +++++++
 include/net/bluetooth/mgmt.h     |  7 +++++
 net/bluetooth/aosp.c             | 50 +++++++++++++++++++++++++++++
 net/bluetooth/aosp.h             | 18 +++++++++++
 net/bluetooth/hci_event.c        | 54 +++++++++++++++++++++++++++++++-
 net/bluetooth/mgmt.c             | 19 +++++++++++
 net/bluetooth/msft.c             | 28 ++++++++++++++++-
 net/bluetooth/msft.h             | 12 +++++--
 8 files changed, 195 insertions(+), 5 deletions(-)

Comments

kernel test robot May 25, 2022, 8:15 p.m. UTC | #1
Hi Joseph,

Thank you for the patch! Perhaps something to improve:

[auto build test WARNING on bluetooth-next/master]
[also build test WARNING on net-next/master net/master v5.18 next-20220525]
[cannot apply to bluetooth/master]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch]

url:    https://github.com/intel-lab-lkp/linux/commits/Joseph-Hwang/Bluetooth-mgmt-add-MGMT_OP_SET_QUALITY_REPORT-for-quality-report/20220525-184722
base:   https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git master
config: i386-randconfig-s002 (https://download.01.org/0day-ci/archive/20220526/202205260445.F8Xkowrk-lkp@intel.com/config)
compiler: gcc-11 (Debian 11.3.0-1) 11.3.0
reproduce:
        # apt-get install sparse
        # sparse version: v0.6.4-14-g5a0004b5-dirty
        # https://github.com/intel-lab-lkp/linux/commit/0121eca73c0352b9ac4bc289609b218c0d0fb69e
        git remote add linux-review https://github.com/intel-lab-lkp/linux
        git fetch --no-tags linux-review Joseph-Hwang/Bluetooth-mgmt-add-MGMT_OP_SET_QUALITY_REPORT-for-quality-report/20220525-184722
        git checkout 0121eca73c0352b9ac4bc289609b218c0d0fb69e
        # save the config file
        mkdir build_dir && cp config build_dir/.config
        make W=1 C=1 CF='-fdiagnostic-prefix -D__CHECK_ENDIAN__' O=build_dir ARCH=i386 SHELL=/bin/bash net/bluetooth/

If you fix the issue, kindly add following tag where applicable
Reported-by: kernel test robot <lkp@intel.com>


sparse warnings: (new ones prefixed by >>)
   net/bluetooth/hci_event.c:338:15: sparse: sparse: restricted __le16 degrades to integer
>> net/bluetooth/hci_event.c:4275:3: sparse: sparse: symbol 'evt_prefixes' was not declared. Should it be static?
   net/bluetooth/hci_event.c: note: in included file (through include/net/bluetooth/hci_core.h):
   include/net/bluetooth/hci.h:2494:47: sparse: sparse: array of flexible structures
   include/net/bluetooth/hci.h:2580:43: sparse: sparse: array of flexible structures

vim +/evt_prefixes +4275 net/bluetooth/hci_event.c

  4262	
  4263	/* Every distinct vendor specification must have a well-defined vendor
  4264	 * event prefix to determine if a vendor event meets the specification.
  4265	 * Some vendor prefixes are fixed values while some other vendor prefixes
  4266	 * are only available at run time.
  4267	 */
  4268	struct ext_vendor_event_prefix {
  4269		/* Some vendor prefixes are variable length. For convenience,
  4270		 * the prefix in struct ext_vendor_prefix is in little endian.
  4271		 */
  4272		struct ext_vendor_prefix *
  4273			(*get_ext_vendor_prefix)(struct hci_dev *hdev);
  4274		void (*vendor_func)(struct hci_dev *hdev, struct sk_buff *skb);
> 4275	} evt_prefixes[] = {
  4276		{ aosp_get_ext_prefix, aosp_vendor_evt },
  4277		{ msft_get_ext_prefix, msft_vendor_evt },
  4278	
  4279		/* end with a null entry */
  4280		{},
  4281	};
  4282
diff mbox series

Patch

diff --git a/include/net/bluetooth/hci_core.h b/include/net/bluetooth/hci_core.h
index 64d3a63759a8..f89738c6b973 100644
--- a/include/net/bluetooth/hci_core.h
+++ b/include/net/bluetooth/hci_core.h
@@ -328,6 +328,13 @@  struct amp_assoc {
 
 #define HCI_MAX_PAGES	3
 
+struct ext_vendor_prefix {
+	__u8 *prefix;
+	__u8 prefix_len;
+	__u8 *subcodes;
+	__u8 subcodes_len;
+};
+
 struct hci_dev {
 	struct list_head list;
 	struct mutex	lock;
@@ -1876,6 +1883,8 @@  int mgmt_add_adv_patterns_monitor_complete(struct hci_dev *hdev, u8 status);
 int mgmt_remove_adv_monitor_complete(struct hci_dev *hdev, u8 status);
 void mgmt_adv_monitor_device_lost(struct hci_dev *hdev, u16 handle,
 				  bdaddr_t *bdaddr, u8 addr_type);
+int mgmt_quality_report(struct hci_dev *hdev, void *data, u32 data_len,
+			u8 quality_spec);
 
 u8 hci_le_conn_update(struct hci_conn *conn, u16 min, u16 max, u16 latency,
 		      u16 to_multiplier);
@@ -1894,4 +1903,7 @@  void hci_copy_identity_address(struct hci_dev *hdev, bdaddr_t *bdaddr,
 
 #define TRANSPORT_TYPE_MAX	0x04
 
+#define QUALITY_SPEC_AOSP_BQR		0x0
+#define QUALITY_SPEC_INTEL_TELEMETRY	0x1
+
 #endif /* __HCI_CORE_H */
diff --git a/include/net/bluetooth/mgmt.h b/include/net/bluetooth/mgmt.h
index c1c2fd72d9e3..6ccd0067c295 100644
--- a/include/net/bluetooth/mgmt.h
+++ b/include/net/bluetooth/mgmt.h
@@ -1127,3 +1127,10 @@  struct mgmt_ev_adv_monitor_device_lost {
 	__le16 monitor_handle;
 	struct mgmt_addr_info addr;
 } __packed;
+
+#define MGMT_EV_QUALITY_REPORT			0x0031
+struct mgmt_ev_quality_report {
+	__u8	quality_spec;
+	__u32	data_len;
+	__u8	data[];
+} __packed;
diff --git a/net/bluetooth/aosp.c b/net/bluetooth/aosp.c
index 432ae3aac9e3..94faa15b1ea0 100644
--- a/net/bluetooth/aosp.c
+++ b/net/bluetooth/aosp.c
@@ -199,3 +199,53 @@  int aosp_set_quality_report(struct hci_dev *hdev, bool enable)
 	else
 		return disable_quality_report(hdev);
 }
+
+/* The following LEN = 1-byte Sub-event code + 48-byte Sub-event Parameters */
+#define BLUETOOTH_QUALITY_REPORT_LEN 49
+
+bool aosp_check_quality_report_len(struct sk_buff *skb)
+{
+	/* skb->len is allowed to be larger than BLUETOOTH_QUALITY_REPORT_LEN
+	 * to accommodate an additional Vendor Specific Parameter (vsp) field.
+	 */
+	if (skb->len < BLUETOOTH_QUALITY_REPORT_LEN) {
+		BT_ERR("AOSP evt data len %d too short (%u expected)",
+		       skb->len, BLUETOOTH_QUALITY_REPORT_LEN);
+		return false;
+	}
+
+	return true;
+}
+
+/* AOSP HCI Requirements use 0x54 and up as sub-event codes without
+ * actually defining a vendor prefix. Refer to
+ * https://source.android.com/devices/bluetooth/hci_requirements
+ * Hence, the other vendor event prefixes should not use the same
+ * space to avoid collision.
+ * Since the AOSP does not define a prefix, its prefix is NULL
+ * and prefix_len is 0.
+ * While there are a number of subcodes in AOSP, only interested in
+ * Bluetooth Quality Report (0x58) for now.
+ */
+#define AOSP_EV_QUALITY_REPORT		0x58
+
+static unsigned char AOSP_SUBCODES[] = { AOSP_EV_QUALITY_REPORT };
+
+static struct ext_vendor_prefix aosp_ext_prefix = {
+	.prefix		= NULL,
+	.prefix_len	= 0,
+	.subcodes	= AOSP_SUBCODES,
+	.subcodes_len	= sizeof(AOSP_SUBCODES),
+};
+
+struct ext_vendor_prefix *aosp_get_ext_prefix(struct hci_dev *hdev)
+{
+	return &aosp_ext_prefix;
+}
+
+void aosp_vendor_evt(struct hci_dev *hdev, struct sk_buff *skb)
+{
+	if (aosp_has_quality_report(hdev) && aosp_check_quality_report_len(skb))
+		mgmt_quality_report(hdev, skb->data, skb->len,
+				    QUALITY_SPEC_AOSP_BQR);
+}
diff --git a/net/bluetooth/aosp.h b/net/bluetooth/aosp.h
index 2fd8886d51b2..8208e01fffed 100644
--- a/net/bluetooth/aosp.h
+++ b/net/bluetooth/aosp.h
@@ -10,6 +10,9 @@  void aosp_do_close(struct hci_dev *hdev);
 
 bool aosp_has_quality_report(struct hci_dev *hdev);
 int aosp_set_quality_report(struct hci_dev *hdev, bool enable);
+bool aosp_check_quality_report_len(struct sk_buff *skb);
+struct ext_vendor_prefix *aosp_get_ext_prefix(struct hci_dev *hdev);
+void aosp_vendor_evt(struct hci_dev *hdev, struct sk_buff *skb);
 
 #else
 
@@ -26,4 +29,19 @@  static inline int aosp_set_quality_report(struct hci_dev *hdev, bool enable)
 	return -EOPNOTSUPP;
 }
 
+static inline bool aosp_check_quality_report_len(struct sk_buff *skb)
+{
+	return false;
+}
+
+static inline struct ext_vendor_prefix *
+aosp_get_ext_prefix(struct hci_dev *hdev)
+{
+	return NULL;
+}
+
+static inline void aosp_vendor_evt(struct hci_dev *hdev, struct sk_buff *skb)
+{
+}
+
 #endif
diff --git a/net/bluetooth/hci_event.c b/net/bluetooth/hci_event.c
index 0270e597c285..c2c6725678ec 100644
--- a/net/bluetooth/hci_event.c
+++ b/net/bluetooth/hci_event.c
@@ -37,6 +37,7 @@ 
 #include "smp.h"
 #include "msft.h"
 #include "eir.h"
+#include "aosp.h"
 
 #define ZERO_KEY "\x00\x00\x00\x00\x00\x00\x00\x00" \
 		 "\x00\x00\x00\x00\x00\x00\x00\x00"
@@ -4259,6 +4260,57 @@  static void hci_num_comp_blocks_evt(struct hci_dev *hdev, void *data,
 	queue_work(hdev->workqueue, &hdev->tx_work);
 }
 
+/* Every distinct vendor specification must have a well-defined vendor
+ * event prefix to determine if a vendor event meets the specification.
+ * Some vendor prefixes are fixed values while some other vendor prefixes
+ * are only available at run time.
+ */
+struct ext_vendor_event_prefix {
+	/* Some vendor prefixes are variable length. For convenience,
+	 * the prefix in struct ext_vendor_prefix is in little endian.
+	 */
+	struct ext_vendor_prefix *
+		(*get_ext_vendor_prefix)(struct hci_dev *hdev);
+	void (*vendor_func)(struct hci_dev *hdev, struct sk_buff *skb);
+} evt_prefixes[] = {
+	{ aosp_get_ext_prefix, aosp_vendor_evt },
+	{ msft_get_ext_prefix, msft_vendor_evt },
+
+	/* end with a null entry */
+	{},
+};
+
+static void hci_vendor_evt(struct hci_dev *hdev, void *data,
+			   struct sk_buff *skb)
+{
+	int i, j;
+	struct ext_vendor_prefix *vnd;
+	__u8 subcode;
+
+	for (i = 0; evt_prefixes[i].get_ext_vendor_prefix; i++) {
+		vnd = evt_prefixes[i].get_ext_vendor_prefix(hdev);
+		if (!vnd)
+			continue;
+
+		/* Compare the raw prefix data in little endian directly. */
+		if (memcmp(vnd->prefix, skb->data, vnd->prefix_len))
+			continue;
+
+		/* Make sure that there are more data after prefix. */
+		if (skb->len <= vnd->prefix_len)
+			continue;
+
+		/* The subcode is the single octet following the prefix. */
+		subcode = skb->data[vnd->prefix_len];
+		for (j = 0; j < vnd->subcodes_len; j++) {
+			if (vnd->subcodes[j] == subcode) {
+				evt_prefixes[i].vendor_func(hdev, skb);
+				break;
+			}
+		}
+	}
+}
+
 static void hci_mode_change_evt(struct hci_dev *hdev, void *data,
 				struct sk_buff *skb)
 {
@@ -6879,7 +6931,7 @@  static const struct hci_ev {
 	HCI_EV(HCI_EV_NUM_COMP_BLOCKS, hci_num_comp_blocks_evt,
 	       sizeof(struct hci_ev_num_comp_blocks)),
 	/* [0xff = HCI_EV_VENDOR] */
-	HCI_EV_VL(HCI_EV_VENDOR, msft_vendor_evt, 0, HCI_MAX_EVENT_SIZE),
+	HCI_EV_VL(HCI_EV_VENDOR, hci_vendor_evt, 0, HCI_MAX_EVENT_SIZE),
 };
 
 static void hci_event_func(struct hci_dev *hdev, u8 event, struct sk_buff *skb,
diff --git a/net/bluetooth/mgmt.c b/net/bluetooth/mgmt.c
index 1ad84f34097f..9d3666bdd07c 100644
--- a/net/bluetooth/mgmt.c
+++ b/net/bluetooth/mgmt.c
@@ -4332,6 +4332,25 @@  static int set_exp_feature(struct sock *sk, struct hci_dev *hdev,
 			       MGMT_STATUS_NOT_SUPPORTED);
 }
 
+int mgmt_quality_report(struct hci_dev *hdev, void *data, u32 data_len,
+			u8 quality_spec)
+{
+	struct mgmt_ev_quality_report *ev;
+	struct sk_buff *skb;
+
+	skb = mgmt_alloc_skb(hdev, MGMT_EV_QUALITY_REPORT,
+			     sizeof(*ev) + data_len);
+	if (!skb)
+		return -ENOMEM;
+
+	ev = skb_put(skb, sizeof(*ev));
+	ev->quality_spec = quality_spec;
+	ev->data_len = data_len;
+	skb_put_data(skb, data, data_len);
+
+	return mgmt_event_skb(skb, NULL);
+}
+
 static int get_device_flags(struct sock *sk, struct hci_dev *hdev, void *data,
 			    u16 data_len)
 {
diff --git a/net/bluetooth/msft.c b/net/bluetooth/msft.c
index f43994523b1f..c003e94faccd 100644
--- a/net/bluetooth/msft.c
+++ b/net/bluetooth/msft.c
@@ -116,6 +116,20 @@  bool msft_monitor_supported(struct hci_dev *hdev)
 	return !!(msft_get_features(hdev) & MSFT_FEATURE_MASK_LE_ADV_MONITOR);
 }
 
+/* Add the MSFT vendor event subcodes into MSFT_SUBCODES which
+ * msft_vendor_evt() is interested in handling.
+ */
+static unsigned char MSFT_SUBCODES[] = { MSFT_EV_LE_MONITOR_DEVICE };
+static struct ext_vendor_prefix msft_ext_prefix = { 0 };
+
+static void set_ext_prefix(struct msft_data *msft)
+{
+	msft_ext_prefix.prefix = msft->evt_prefix;
+	msft_ext_prefix.prefix_len = msft->evt_prefix_len;
+	msft_ext_prefix.subcodes = MSFT_SUBCODES;
+	msft_ext_prefix.subcodes_len = sizeof(MSFT_SUBCODES);
+}
+
 static bool read_supported_features(struct hci_dev *hdev,
 				    struct msft_data *msft)
 {
@@ -156,6 +170,8 @@  static bool read_supported_features(struct hci_dev *hdev,
 	if (msft->features & MSFT_FEATURE_MASK_CURVE_VALIDITY)
 		hdev->msft_curve_validity = true;
 
+	set_ext_prefix(msft);
+
 	kfree_skb(skb);
 	return true;
 
@@ -742,7 +758,17 @@  static void msft_monitor_device_evt(struct hci_dev *hdev, struct sk_buff *skb)
 				 handle_data->mgmt_handle);
 }
 
-void msft_vendor_evt(struct hci_dev *hdev, void *data, struct sk_buff *skb)
+struct ext_vendor_prefix *msft_get_ext_prefix(struct hci_dev *hdev)
+{
+	struct msft_data *msft = hdev->msft_data;
+
+	if (!msft)
+		return NULL;
+
+	return &msft_ext_prefix;
+}
+
+void msft_vendor_evt(struct hci_dev *hdev, struct sk_buff *skb)
 {
 	struct msft_data *msft = hdev->msft_data;
 	u8 *evt_prefix;
diff --git a/net/bluetooth/msft.h b/net/bluetooth/msft.h
index afcaf7d3b1cb..1515ae06c628 100644
--- a/net/bluetooth/msft.h
+++ b/net/bluetooth/msft.h
@@ -17,7 +17,7 @@  void msft_register(struct hci_dev *hdev);
 void msft_unregister(struct hci_dev *hdev);
 void msft_do_open(struct hci_dev *hdev);
 void msft_do_close(struct hci_dev *hdev);
-void msft_vendor_evt(struct hci_dev *hdev, void *data, struct sk_buff *skb);
+void msft_vendor_evt(struct hci_dev *hdev, struct sk_buff *skb);
 __u64 msft_get_features(struct hci_dev *hdev);
 int msft_add_monitor_pattern(struct hci_dev *hdev, struct adv_monitor *monitor);
 int msft_remove_monitor(struct hci_dev *hdev, struct adv_monitor *monitor,
@@ -27,6 +27,7 @@  int msft_set_filter_enable(struct hci_dev *hdev, bool enable);
 int msft_suspend_sync(struct hci_dev *hdev);
 int msft_resume_sync(struct hci_dev *hdev);
 bool msft_curve_validity(struct hci_dev *hdev);
+struct ext_vendor_prefix *msft_get_ext_prefix(struct hci_dev *hdev);
 
 #else
 
@@ -39,8 +40,7 @@  static inline void msft_register(struct hci_dev *hdev) {}
 static inline void msft_unregister(struct hci_dev *hdev) {}
 static inline void msft_do_open(struct hci_dev *hdev) {}
 static inline void msft_do_close(struct hci_dev *hdev) {}
-static inline void msft_vendor_evt(struct hci_dev *hdev, void *data,
-				   struct sk_buff *skb) {}
+static inline void msft_vendor_evt(struct hci_dev *hdev, struct sk_buff *skb) {}
 static inline __u64 msft_get_features(struct hci_dev *hdev) { return 0; }
 static inline int msft_add_monitor_pattern(struct hci_dev *hdev,
 					   struct adv_monitor *monitor)
@@ -77,4 +77,10 @@  static inline bool msft_curve_validity(struct hci_dev *hdev)
 	return false;
 }
 
+static inline struct ext_vendor_prefix *
+msft_get_ext_prefix(struct hci_dev *hdev)
+{
+	return NULL;
+}
+
 #endif