]>
Commit | Line | Data |
---|---|---|
5e23b923 MH |
1 | /* |
2 | * | |
3 | * Generic Bluetooth USB driver | |
4 | * | |
9bfa35fe | 5 | * Copyright (C) 2005-2008 Marcel Holtmann <marcel@holtmann.org> |
5e23b923 MH |
6 | * |
7 | * | |
8 | * This program is free software; you can redistribute it and/or modify | |
9 | * it under the terms of the GNU General Public License as published by | |
10 | * the Free Software Foundation; either version 2 of the License, or | |
11 | * (at your option) any later version. | |
12 | * | |
13 | * This program is distributed in the hope that it will be useful, | |
14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
16 | * GNU General Public License for more details. | |
17 | * | |
18 | * You should have received a copy of the GNU General Public License | |
19 | * along with this program; if not, write to the Free Software | |
20 | * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA | |
21 | * | |
22 | */ | |
23 | ||
6a50b943 | 24 | #include <linux/dmi.h> |
5e23b923 | 25 | #include <linux/module.h> |
5e23b923 | 26 | #include <linux/usb.h> |
18970430 | 27 | #include <linux/usb/quirks.h> |
dffd30ee | 28 | #include <linux/firmware.h> |
fd913ef7 RJ |
29 | #include <linux/of_device.h> |
30 | #include <linux/of_irq.h> | |
84845ceb | 31 | #include <linux/pci.h> |
017789f3 | 32 | #include <linux/suspend.h> |
a2698a9b | 33 | #include <asm/unaligned.h> |
5e23b923 MH |
34 | |
35 | #include <net/bluetooth/bluetooth.h> | |
36 | #include <net/bluetooth/hci_core.h> | |
37 | ||
4185a0f5 | 38 | #include "btintel.h" |
1df1f591 | 39 | #include "btbcm.h" |
db33c77d | 40 | #include "btrtl.h" |
1df1f591 | 41 | |
34dced9b | 42 | #define VERSION "0.8" |
cfeb4145 | 43 | |
90ab5ee9 RR |
44 | static bool disable_scofix; |
45 | static bool force_scofix; | |
7a9d4020 | 46 | |
917a3337 | 47 | static bool reset = true; |
cfeb4145 MH |
48 | |
49 | static struct usb_driver btusb_driver; | |
50 | ||
51 | #define BTUSB_IGNORE 0x01 | |
7a9d4020 MH |
52 | #define BTUSB_DIGIANSWER 0x02 |
53 | #define BTUSB_CSR 0x04 | |
54 | #define BTUSB_SNIFFER 0x08 | |
55 | #define BTUSB_BCM92035 0x10 | |
56 | #define BTUSB_BROKEN_ISOC 0x20 | |
57 | #define BTUSB_WRONG_SCO_MTU 0x40 | |
2d25f8b4 | 58 | #define BTUSB_ATH3012 0x80 |
dffd30ee | 59 | #define BTUSB_INTEL 0x100 |
40df783d MH |
60 | #define BTUSB_INTEL_BOOT 0x200 |
61 | #define BTUSB_BCM_PATCHRAM 0x400 | |
ae8df494 | 62 | #define BTUSB_MARVELL 0x800 |
4fcef8ed | 63 | #define BTUSB_SWAVE 0x1000 |
cda0dd78 | 64 | #define BTUSB_INTEL_NEW 0x2000 |
893ba544 | 65 | #define BTUSB_AMP 0x4000 |
3267c884 | 66 | #define BTUSB_QCA_ROME 0x8000 |
17b2772b | 67 | #define BTUSB_BCM_APPLE 0x10000 |
a2698a9b | 68 | #define BTUSB_REALTEK 0x20000 |
6c9d435d | 69 | #define BTUSB_BCM2045 0x40000 |
22f8e9db | 70 | #define BTUSB_IFNUM_2 0x80000 |
418678b0 | 71 | #define BTUSB_CW6622 0x100000 |
5e23b923 | 72 | |
54265202 | 73 | static const struct usb_device_id btusb_table[] = { |
5e23b923 MH |
74 | /* Generic Bluetooth USB device */ |
75 | { USB_DEVICE_INFO(0xe0, 0x01, 0x01) }, | |
76 | ||
893ba544 MH |
77 | /* Generic Bluetooth AMP device */ |
78 | { USB_DEVICE_INFO(0xe0, 0x01, 0x04), .driver_info = BTUSB_AMP }, | |
79 | ||
d63b2826 DD |
80 | /* Generic Bluetooth USB interface */ |
81 | { USB_INTERFACE_INFO(0xe0, 0x01, 0x01) }, | |
82 | ||
1fa6535f | 83 | /* Apple-specific (Broadcom) devices */ |
17b2772b | 84 | { USB_VENDOR_AND_INTERFACE_INFO(0x05ac, 0xff, 0x01, 0x01), |
22f8e9db | 85 | .driver_info = BTUSB_BCM_APPLE | BTUSB_IFNUM_2 }, |
1fa6535f | 86 | |
178c059e CYC |
87 | /* MediaTek MT76x0E */ |
88 | { USB_DEVICE(0x0e8d, 0x763f) }, | |
89 | ||
c510eae3 | 90 | /* Broadcom SoftSailing reporting vendor specific */ |
2e8b5063 | 91 | { USB_DEVICE(0x0a5c, 0x21e1) }, |
c510eae3 | 92 | |
3cd01976 NI |
93 | /* Apple MacBookPro 7,1 */ |
94 | { USB_DEVICE(0x05ac, 0x8213) }, | |
95 | ||
0a79f674 CL |
96 | /* Apple iMac11,1 */ |
97 | { USB_DEVICE(0x05ac, 0x8215) }, | |
98 | ||
9c047157 NI |
99 | /* Apple MacBookPro6,2 */ |
100 | { USB_DEVICE(0x05ac, 0x8218) }, | |
101 | ||
3e3ede7d EH |
102 | /* Apple MacBookAir3,1, MacBookAir3,2 */ |
103 | { USB_DEVICE(0x05ac, 0x821b) }, | |
104 | ||
a63b723d PAVM |
105 | /* Apple MacBookAir4,1 */ |
106 | { USB_DEVICE(0x05ac, 0x821f) }, | |
107 | ||
88d377b6 MAP |
108 | /* Apple MacBookPro8,2 */ |
109 | { USB_DEVICE(0x05ac, 0x821a) }, | |
110 | ||
f78b6826 JK |
111 | /* Apple MacMini5,1 */ |
112 | { USB_DEVICE(0x05ac, 0x8281) }, | |
113 | ||
cfeb4145 | 114 | /* AVM BlueFRITZ! USB v2.0 */ |
4fcef8ed | 115 | { USB_DEVICE(0x057c, 0x3800), .driver_info = BTUSB_SWAVE }, |
cfeb4145 MH |
116 | |
117 | /* Bluetooth Ultraport Module from IBM */ | |
118 | { USB_DEVICE(0x04bf, 0x030a) }, | |
119 | ||
120 | /* ALPS Modules with non-standard id */ | |
121 | { USB_DEVICE(0x044e, 0x3001) }, | |
122 | { USB_DEVICE(0x044e, 0x3002) }, | |
123 | ||
124 | /* Ericsson with non-standard id */ | |
125 | { USB_DEVICE(0x0bdb, 0x1002) }, | |
126 | ||
127 | /* Canyon CN-BTU1 with HID interfaces */ | |
7a9d4020 | 128 | { USB_DEVICE(0x0c10, 0x0000) }, |
cfeb4145 | 129 | |
d13431ca WJS |
130 | /* Broadcom BCM20702A0 */ |
131 | { USB_DEVICE(0x413c, 0x8197) }, | |
132 | ||
d049f4e5 MH |
133 | /* Broadcom BCM20702B0 (Dynex/Insignia) */ |
134 | { USB_DEVICE(0x19ff, 0x0239), .driver_info = BTUSB_BCM_PATCHRAM }, | |
135 | ||
2faf71ce | 136 | /* Broadcom BCM43142A0 (Foxconn/Lenovo) */ |
628c26b4 DT |
137 | { USB_VENDOR_AND_INTERFACE_INFO(0x105b, 0xff, 0x01, 0x01), |
138 | .driver_info = BTUSB_BCM_PATCHRAM }, | |
2faf71ce | 139 | |
a57bac43 CH |
140 | /* Broadcom BCM920703 (HTC Vive) */ |
141 | { USB_VENDOR_AND_INTERFACE_INFO(0x0bb4, 0xff, 0x01, 0x01), | |
142 | .driver_info = BTUSB_BCM_PATCHRAM }, | |
143 | ||
98514036 | 144 | /* Foxconn - Hon Hai */ |
6029ddc2 HS |
145 | { USB_VENDOR_AND_INTERFACE_INFO(0x0489, 0xff, 0x01, 0x01), |
146 | .driver_info = BTUSB_BCM_PATCHRAM }, | |
98514036 | 147 | |
8f0c304c MD |
148 | /* Lite-On Technology - Broadcom based */ |
149 | { USB_VENDOR_AND_INTERFACE_INFO(0x04ca, 0xff, 0x01, 0x01), | |
150 | .driver_info = BTUSB_BCM_PATCHRAM }, | |
151 | ||
0b880062 | 152 | /* Broadcom devices with vendor specific id */ |
10d4c673 PG |
153 | { USB_VENDOR_AND_INTERFACE_INFO(0x0a5c, 0xff, 0x01, 0x01), |
154 | .driver_info = BTUSB_BCM_PATCHRAM }, | |
92c385f4 | 155 | |
c2aef6e8 | 156 | /* ASUSTek Computer - Broadcom based */ |
9a5abdaa RD |
157 | { USB_VENDOR_AND_INTERFACE_INFO(0x0b05, 0xff, 0x01, 0x01), |
158 | .driver_info = BTUSB_BCM_PATCHRAM }, | |
c2aef6e8 | 159 | |
5bcecf32 | 160 | /* Belkin F8065bf - Broadcom based */ |
6331c686 MH |
161 | { USB_VENDOR_AND_INTERFACE_INFO(0x050d, 0xff, 0x01, 0x01), |
162 | .driver_info = BTUSB_BCM_PATCHRAM }, | |
5bcecf32 | 163 | |
9113bfd8 | 164 | /* IMC Networks - Broadcom based */ |
6331c686 MH |
165 | { USB_VENDOR_AND_INTERFACE_INFO(0x13d3, 0xff, 0x01, 0x01), |
166 | .driver_info = BTUSB_BCM_PATCHRAM }, | |
9113bfd8 | 167 | |
fdfddc60 WJS |
168 | /* Dell Computer - Broadcom based */ |
169 | { USB_VENDOR_AND_INTERFACE_INFO(0x413c, 0xff, 0x01, 0x01), | |
170 | .driver_info = BTUSB_BCM_PATCHRAM }, | |
171 | ||
1623d0bf DT |
172 | /* Toshiba Corp - Broadcom based */ |
173 | { USB_VENDOR_AND_INTERFACE_INFO(0x0930, 0xff, 0x01, 0x01), | |
174 | .driver_info = BTUSB_BCM_PATCHRAM }, | |
175 | ||
40df783d | 176 | /* Intel Bluetooth USB Bootloader (RAM module) */ |
d92f2df0 MH |
177 | { USB_DEVICE(0x8087, 0x0a5a), |
178 | .driver_info = BTUSB_INTEL_BOOT | BTUSB_BROKEN_ISOC }, | |
40df783d | 179 | |
5e23b923 MH |
180 | { } /* Terminating entry */ |
181 | }; | |
182 | ||
183 | MODULE_DEVICE_TABLE(usb, btusb_table); | |
184 | ||
54265202 | 185 | static const struct usb_device_id blacklist_table[] = { |
cfeb4145 MH |
186 | /* CSR BlueCore devices */ |
187 | { USB_DEVICE(0x0a12, 0x0001), .driver_info = BTUSB_CSR }, | |
188 | ||
189 | /* Broadcom BCM2033 without firmware */ | |
190 | { USB_DEVICE(0x0a5c, 0x2033), .driver_info = BTUSB_IGNORE }, | |
191 | ||
6c9d435d MH |
192 | /* Broadcom BCM2045 devices */ |
193 | { USB_DEVICE(0x0a5c, 0x2045), .driver_info = BTUSB_BCM2045 }, | |
194 | ||
be93112a | 195 | /* Atheros 3011 with sflash firmware */ |
0b880062 AS |
196 | { USB_DEVICE(0x0489, 0xe027), .driver_info = BTUSB_IGNORE }, |
197 | { USB_DEVICE(0x0489, 0xe03d), .driver_info = BTUSB_IGNORE }, | |
2eeff0b4 | 198 | { USB_DEVICE(0x04f2, 0xaff1), .driver_info = BTUSB_IGNORE }, |
0b880062 | 199 | { USB_DEVICE(0x0930, 0x0215), .driver_info = BTUSB_IGNORE }, |
be93112a | 200 | { USB_DEVICE(0x0cf3, 0x3002), .driver_info = BTUSB_IGNORE }, |
6eda541d | 201 | { USB_DEVICE(0x0cf3, 0xe019), .driver_info = BTUSB_IGNORE }, |
2a7bcccc | 202 | { USB_DEVICE(0x13d3, 0x3304), .driver_info = BTUSB_IGNORE }, |
be93112a | 203 | |
509e7861 CYC |
204 | /* Atheros AR9285 Malbec with sflash firmware */ |
205 | { USB_DEVICE(0x03f0, 0x311d), .driver_info = BTUSB_IGNORE }, | |
206 | ||
d9f51b51 | 207 | /* Atheros 3012 with sflash firmware */ |
0b880062 AS |
208 | { USB_DEVICE(0x0489, 0xe04d), .driver_info = BTUSB_ATH3012 }, |
209 | { USB_DEVICE(0x0489, 0xe04e), .driver_info = BTUSB_ATH3012 }, | |
210 | { USB_DEVICE(0x0489, 0xe056), .driver_info = BTUSB_ATH3012 }, | |
211 | { USB_DEVICE(0x0489, 0xe057), .driver_info = BTUSB_ATH3012 }, | |
212 | { USB_DEVICE(0x0489, 0xe05f), .driver_info = BTUSB_ATH3012 }, | |
692c062e | 213 | { USB_DEVICE(0x0489, 0xe076), .driver_info = BTUSB_ATH3012 }, |
4b552bc9 | 214 | { USB_DEVICE(0x0489, 0xe078), .driver_info = BTUSB_ATH3012 }, |
28c971d8 | 215 | { USB_DEVICE(0x0489, 0xe095), .driver_info = BTUSB_ATH3012 }, |
0b880062 AS |
216 | { USB_DEVICE(0x04c5, 0x1330), .driver_info = BTUSB_ATH3012 }, |
217 | { USB_DEVICE(0x04ca, 0x3004), .driver_info = BTUSB_ATH3012 }, | |
218 | { USB_DEVICE(0x04ca, 0x3005), .driver_info = BTUSB_ATH3012 }, | |
219 | { USB_DEVICE(0x04ca, 0x3006), .driver_info = BTUSB_ATH3012 }, | |
1fb4e09a | 220 | { USB_DEVICE(0x04ca, 0x3007), .driver_info = BTUSB_ATH3012 }, |
0b880062 AS |
221 | { USB_DEVICE(0x04ca, 0x3008), .driver_info = BTUSB_ATH3012 }, |
222 | { USB_DEVICE(0x04ca, 0x300b), .driver_info = BTUSB_ATH3012 }, | |
7e730c7f | 223 | { USB_DEVICE(0x04ca, 0x300d), .driver_info = BTUSB_ATH3012 }, |
ec0810d2 | 224 | { USB_DEVICE(0x04ca, 0x300f), .driver_info = BTUSB_ATH3012 }, |
134d3b35 | 225 | { USB_DEVICE(0x04ca, 0x3010), .driver_info = BTUSB_ATH3012 }, |
81d90442 | 226 | { USB_DEVICE(0x04ca, 0x3014), .driver_info = BTUSB_ATH3012 }, |
441ad62d | 227 | { USB_DEVICE(0x04ca, 0x3018), .driver_info = BTUSB_ATH3012 }, |
0b880062 | 228 | { USB_DEVICE(0x0930, 0x0219), .driver_info = BTUSB_ATH3012 }, |
cd355ff0 | 229 | { USB_DEVICE(0x0930, 0x021c), .driver_info = BTUSB_ATH3012 }, |
0b880062 | 230 | { USB_DEVICE(0x0930, 0x0220), .driver_info = BTUSB_ATH3012 }, |
89d2975f | 231 | { USB_DEVICE(0x0930, 0x0227), .driver_info = BTUSB_ATH3012 }, |
a735f9e2 | 232 | { USB_DEVICE(0x0b05, 0x17d0), .driver_info = BTUSB_ATH3012 }, |
d66629c1 | 233 | { USB_DEVICE(0x0cf3, 0x0036), .driver_info = BTUSB_ATH3012 }, |
b5f01a51 | 234 | { USB_DEVICE(0x0cf3, 0x3004), .driver_info = BTUSB_ATH3012 }, |
94a32d10 | 235 | { USB_DEVICE(0x0cf3, 0x3008), .driver_info = BTUSB_ATH3012 }, |
07c0ea87 | 236 | { USB_DEVICE(0x0cf3, 0x311d), .driver_info = BTUSB_ATH3012 }, |
b131237c | 237 | { USB_DEVICE(0x0cf3, 0x311e), .driver_info = BTUSB_ATH3012 }, |
1e56f1eb | 238 | { USB_DEVICE(0x0cf3, 0x311f), .driver_info = BTUSB_ATH3012 }, |
0b880062 | 239 | { USB_DEVICE(0x0cf3, 0x3121), .driver_info = BTUSB_ATH3012 }, |
ebaf5795 | 240 | { USB_DEVICE(0x0cf3, 0x817a), .driver_info = BTUSB_ATH3012 }, |
18e0afab | 241 | { USB_DEVICE(0x0cf3, 0x817b), .driver_info = BTUSB_ATH3012 }, |
0b880062 | 242 | { USB_DEVICE(0x0cf3, 0xe003), .driver_info = BTUSB_ATH3012 }, |
ac71311e | 243 | { USB_DEVICE(0x0cf3, 0xe004), .driver_info = BTUSB_ATH3012 }, |
0a3658cc | 244 | { USB_DEVICE(0x0cf3, 0xe005), .driver_info = BTUSB_ATH3012 }, |
ca79f232 | 245 | { USB_DEVICE(0x0cf3, 0xe006), .driver_info = BTUSB_ATH3012 }, |
0b880062 AS |
246 | { USB_DEVICE(0x13d3, 0x3362), .driver_info = BTUSB_ATH3012 }, |
247 | { USB_DEVICE(0x13d3, 0x3375), .driver_info = BTUSB_ATH3012 }, | |
eed307e2 | 248 | { USB_DEVICE(0x13d3, 0x3393), .driver_info = BTUSB_ATH3012 }, |
609574eb | 249 | { USB_DEVICE(0x13d3, 0x3395), .driver_info = BTUSB_ATH3012 }, |
5b77a1f3 | 250 | { USB_DEVICE(0x13d3, 0x3402), .driver_info = BTUSB_ATH3012 }, |
3bb30a7c | 251 | { USB_DEVICE(0x13d3, 0x3408), .driver_info = BTUSB_ATH3012 }, |
033efa92 | 252 | { USB_DEVICE(0x13d3, 0x3423), .driver_info = BTUSB_ATH3012 }, |
fa2f1394 | 253 | { USB_DEVICE(0x13d3, 0x3432), .driver_info = BTUSB_ATH3012 }, |
75c6aca4 | 254 | { USB_DEVICE(0x13d3, 0x3472), .driver_info = BTUSB_ATH3012 }, |
0d0cef61 | 255 | { USB_DEVICE(0x13d3, 0x3474), .driver_info = BTUSB_ATH3012 }, |
72f9f8b5 | 256 | { USB_DEVICE(0x13d3, 0x3487), .driver_info = BTUSB_ATH3012 }, |
12d86896 | 257 | { USB_DEVICE(0x13d3, 0x3490), .driver_info = BTUSB_ATH3012 }, |
d9f51b51 | 258 | |
e9036e33 CYC |
259 | /* Atheros AR5BBU12 with sflash firmware */ |
260 | { USB_DEVICE(0x0489, 0xe02c), .driver_info = BTUSB_IGNORE }, | |
261 | ||
85d59726 | 262 | /* Atheros AR5BBU12 with sflash firmware */ |
bc21fde2 | 263 | { USB_DEVICE(0x0489, 0xe036), .driver_info = BTUSB_ATH3012 }, |
0b880062 | 264 | { USB_DEVICE(0x0489, 0xe03c), .driver_info = BTUSB_ATH3012 }, |
85d59726 | 265 | |
3267c884 | 266 | /* QCA ROME chipset */ |
2054111b | 267 | { USB_DEVICE(0x0cf3, 0xe007), .driver_info = BTUSB_QCA_ROME }, |
93519934 | 268 | { USB_DEVICE(0x0cf3, 0xe009), .driver_info = BTUSB_QCA_ROME }, |
bc1d04cf | 269 | { USB_DEVICE(0x0cf3, 0xe010), .driver_info = BTUSB_QCA_ROME }, |
c9e44474 | 270 | { USB_DEVICE(0x0cf3, 0xe300), .driver_info = BTUSB_QCA_ROME }, |
1eef1c35 | 271 | { USB_DEVICE(0x0cf3, 0xe301), .driver_info = BTUSB_QCA_ROME }, |
c9e44474 | 272 | { USB_DEVICE(0x0cf3, 0xe360), .driver_info = BTUSB_QCA_ROME }, |
47ca5898 | 273 | { USB_DEVICE(0x0489, 0xe092), .driver_info = BTUSB_QCA_ROME }, |
858ff38a | 274 | { USB_DEVICE(0x0489, 0xe09f), .driver_info = BTUSB_QCA_ROME }, |
06e41d8a | 275 | { USB_DEVICE(0x0489, 0xe0a2), .driver_info = BTUSB_QCA_ROME }, |
1144a4ee | 276 | { USB_DEVICE(0x04ca, 0x3011), .driver_info = BTUSB_QCA_ROME }, |
022ffe77 | 277 | { USB_DEVICE(0x04ca, 0x3015), .driver_info = BTUSB_QCA_ROME }, |
d829b9e2 | 278 | { USB_DEVICE(0x04ca, 0x3016), .driver_info = BTUSB_QCA_ROME }, |
3267c884 | 279 | |
cfeb4145 | 280 | /* Broadcom BCM2035 */ |
7a9d4020 | 281 | { USB_DEVICE(0x0a5c, 0x2009), .driver_info = BTUSB_BCM92035 }, |
0b880062 AS |
282 | { USB_DEVICE(0x0a5c, 0x200a), .driver_info = BTUSB_WRONG_SCO_MTU }, |
283 | { USB_DEVICE(0x0a5c, 0x2035), .driver_info = BTUSB_WRONG_SCO_MTU }, | |
cfeb4145 MH |
284 | |
285 | /* Broadcom BCM2045 */ | |
7a9d4020 MH |
286 | { USB_DEVICE(0x0a5c, 0x2039), .driver_info = BTUSB_WRONG_SCO_MTU }, |
287 | { USB_DEVICE(0x0a5c, 0x2101), .driver_info = BTUSB_WRONG_SCO_MTU }, | |
bdbef3d6 | 288 | |
cfeb4145 | 289 | /* IBM/Lenovo ThinkPad with Broadcom chip */ |
7a9d4020 MH |
290 | { USB_DEVICE(0x0a5c, 0x201e), .driver_info = BTUSB_WRONG_SCO_MTU }, |
291 | { USB_DEVICE(0x0a5c, 0x2110), .driver_info = BTUSB_WRONG_SCO_MTU }, | |
cfeb4145 MH |
292 | |
293 | /* HP laptop with Broadcom chip */ | |
7a9d4020 | 294 | { USB_DEVICE(0x03f0, 0x171d), .driver_info = BTUSB_WRONG_SCO_MTU }, |
cfeb4145 MH |
295 | |
296 | /* Dell laptop with Broadcom chip */ | |
7a9d4020 | 297 | { USB_DEVICE(0x413c, 0x8126), .driver_info = BTUSB_WRONG_SCO_MTU }, |
cfeb4145 | 298 | |
5ddd4a60 | 299 | /* Dell Wireless 370 and 410 devices */ |
7a9d4020 | 300 | { USB_DEVICE(0x413c, 0x8152), .driver_info = BTUSB_WRONG_SCO_MTU }, |
5ddd4a60 | 301 | { USB_DEVICE(0x413c, 0x8156), .driver_info = BTUSB_WRONG_SCO_MTU }, |
cfeb4145 | 302 | |
7a9d4020 MH |
303 | /* Belkin F8T012 and F8T013 devices */ |
304 | { USB_DEVICE(0x050d, 0x0012), .driver_info = BTUSB_WRONG_SCO_MTU }, | |
305 | { USB_DEVICE(0x050d, 0x0013), .driver_info = BTUSB_WRONG_SCO_MTU }, | |
cfeb4145 | 306 | |
5ddd4a60 MH |
307 | /* Asus WL-BTD202 device */ |
308 | { USB_DEVICE(0x0b05, 0x1715), .driver_info = BTUSB_WRONG_SCO_MTU }, | |
309 | ||
310 | /* Kensington Bluetooth USB adapter */ | |
311 | { USB_DEVICE(0x047d, 0x105e), .driver_info = BTUSB_WRONG_SCO_MTU }, | |
312 | ||
cfeb4145 MH |
313 | /* RTX Telecom based adapters with buggy SCO support */ |
314 | { USB_DEVICE(0x0400, 0x0807), .driver_info = BTUSB_BROKEN_ISOC }, | |
315 | { USB_DEVICE(0x0400, 0x080a), .driver_info = BTUSB_BROKEN_ISOC }, | |
316 | ||
317 | /* CONWISE Technology based adapters with buggy SCO support */ | |
418678b0 SJ |
318 | { USB_DEVICE(0x0e5e, 0x6622), |
319 | .driver_info = BTUSB_BROKEN_ISOC | BTUSB_CW6622}, | |
cfeb4145 | 320 | |
4fcef8ed | 321 | /* Roper Class 1 Bluetooth Dongle (Silicon Wave based) */ |
2eeac871 | 322 | { USB_DEVICE(0x1310, 0x0001), .driver_info = BTUSB_SWAVE }, |
4fcef8ed | 323 | |
cfeb4145 MH |
324 | /* Digianswer devices */ |
325 | { USB_DEVICE(0x08fd, 0x0001), .driver_info = BTUSB_DIGIANSWER }, | |
326 | { USB_DEVICE(0x08fd, 0x0002), .driver_info = BTUSB_IGNORE }, | |
327 | ||
328 | /* CSR BlueCore Bluetooth Sniffer */ | |
4f64fa80 MH |
329 | { USB_DEVICE(0x0a12, 0x0002), |
330 | .driver_info = BTUSB_SNIFFER | BTUSB_BROKEN_ISOC }, | |
cfeb4145 MH |
331 | |
332 | /* Frontline ComProbe Bluetooth Sniffer */ | |
4f64fa80 MH |
333 | { USB_DEVICE(0x16d3, 0x0002), |
334 | .driver_info = BTUSB_SNIFFER | BTUSB_BROKEN_ISOC }, | |
cfeb4145 | 335 | |
cb1ee89f MH |
336 | /* Marvell Bluetooth devices */ |
337 | { USB_DEVICE(0x1286, 0x2044), .driver_info = BTUSB_MARVELL }, | |
338 | { USB_DEVICE(0x1286, 0x2046), .driver_info = BTUSB_MARVELL }, | |
1165df0e | 339 | { USB_DEVICE(0x1286, 0x204e), .driver_info = BTUSB_MARVELL }, |
cb1ee89f | 340 | |
d0ac9eb7 | 341 | /* Intel Bluetooth devices */ |
de766142 | 342 | { USB_DEVICE(0x8087, 0x0025), .driver_info = BTUSB_INTEL_NEW }, |
d6608ee5 | 343 | { USB_DEVICE(0x8087, 0x0026), .driver_info = BTUSB_INTEL_NEW }, |
407550fe | 344 | { USB_DEVICE(0x8087, 0x07da), .driver_info = BTUSB_CSR }, |
dffd30ee | 345 | { USB_DEVICE(0x8087, 0x07dc), .driver_info = BTUSB_INTEL }, |
ef4e5e4a | 346 | { USB_DEVICE(0x8087, 0x0a2a), .driver_info = BTUSB_INTEL }, |
cda0dd78 | 347 | { USB_DEVICE(0x8087, 0x0a2b), .driver_info = BTUSB_INTEL_NEW }, |
439e65d3 | 348 | { USB_DEVICE(0x8087, 0x0aa7), .driver_info = BTUSB_INTEL }, |
86a6129a | 349 | { USB_DEVICE(0x8087, 0x0aaa), .driver_info = BTUSB_INTEL_NEW }, |
dffd30ee | 350 | |
d0ac9eb7 MH |
351 | /* Other Intel Bluetooth devices */ |
352 | { USB_VENDOR_AND_INTERFACE_INFO(0x8087, 0xe0, 0x01, 0x01), | |
353 | .driver_info = BTUSB_IGNORE }, | |
ae8df494 | 354 | |
a2698a9b DD |
355 | /* Realtek Bluetooth devices */ |
356 | { USB_VENDOR_AND_INTERFACE_INFO(0x0bda, 0xe0, 0x01, 0x01), | |
357 | .driver_info = BTUSB_REALTEK }, | |
358 | ||
359 | /* Additional Realtek 8723AE Bluetooth devices */ | |
360 | { USB_DEVICE(0x0930, 0x021d), .driver_info = BTUSB_REALTEK }, | |
361 | { USB_DEVICE(0x13d3, 0x3394), .driver_info = BTUSB_REALTEK }, | |
362 | ||
363 | /* Additional Realtek 8723BE Bluetooth devices */ | |
364 | { USB_DEVICE(0x0489, 0xe085), .driver_info = BTUSB_REALTEK }, | |
365 | { USB_DEVICE(0x0489, 0xe08b), .driver_info = BTUSB_REALTEK }, | |
366 | { USB_DEVICE(0x13d3, 0x3410), .driver_info = BTUSB_REALTEK }, | |
367 | { USB_DEVICE(0x13d3, 0x3416), .driver_info = BTUSB_REALTEK }, | |
368 | { USB_DEVICE(0x13d3, 0x3459), .driver_info = BTUSB_REALTEK }, | |
a81d72d2 | 369 | { USB_DEVICE(0x13d3, 0x3494), .driver_info = BTUSB_REALTEK }, |
a2698a9b | 370 | |
56ae08ec VB |
371 | /* Additional Realtek 8723BU Bluetooth devices */ |
372 | { USB_DEVICE(0x7392, 0xa611), .driver_info = BTUSB_REALTEK }, | |
373 | ||
a2698a9b DD |
374 | /* Additional Realtek 8821AE Bluetooth devices */ |
375 | { USB_DEVICE(0x0b05, 0x17dc), .driver_info = BTUSB_REALTEK }, | |
376 | { USB_DEVICE(0x13d3, 0x3414), .driver_info = BTUSB_REALTEK }, | |
377 | { USB_DEVICE(0x13d3, 0x3458), .driver_info = BTUSB_REALTEK }, | |
378 | { USB_DEVICE(0x13d3, 0x3461), .driver_info = BTUSB_REALTEK }, | |
379 | { USB_DEVICE(0x13d3, 0x3462), .driver_info = BTUSB_REALTEK }, | |
71889af6 LF |
380 | |
381 | /* Additional Realtek 8822BE Bluetooth devices */ | |
382 | { USB_DEVICE(0x0b05, 0x185c), .driver_info = BTUSB_REALTEK }, | |
a2698a9b | 383 | |
4481c076 PP |
384 | /* Silicon Wave based devices */ |
385 | { USB_DEVICE(0x0c10, 0x0000), .driver_info = BTUSB_SWAVE }, | |
386 | ||
5e23b923 MH |
387 | { } /* Terminating entry */ |
388 | }; | |
389 | ||
6a50b943 HG |
390 | /* The Bluetooth USB module build into some devices needs to be reset on resume, |
391 | * this is a problem with the platform (likely shutting off all power) not with | |
392 | * the module itself. So we use a DMI list to match known broken platforms. | |
393 | */ | |
394 | static const struct dmi_system_id btusb_needs_reset_resume_table[] = { | |
ed9e1bb3 KHF |
395 | { |
396 | /* Dell OptiPlex 3060 (QCA ROME device 0cf3:e007) */ | |
397 | .matches = { | |
398 | DMI_MATCH(DMI_SYS_VENDOR, "Dell Inc."), | |
399 | DMI_MATCH(DMI_PRODUCT_NAME, "OptiPlex 3060"), | |
400 | }, | |
401 | }, | |
9bf1741c HG |
402 | { |
403 | /* Dell XPS 9360 (QCA ROME device 0cf3:e300) */ | |
404 | .matches = { | |
405 | DMI_MATCH(DMI_SYS_VENDOR, "Dell Inc."), | |
406 | DMI_MATCH(DMI_PRODUCT_NAME, "XPS 13 9360"), | |
407 | }, | |
408 | }, | |
6a50b943 HG |
409 | {} |
410 | }; | |
411 | ||
9bfa35fe MH |
412 | #define BTUSB_MAX_ISOC_FRAMES 10 |
413 | ||
5e23b923 MH |
414 | #define BTUSB_INTR_RUNNING 0 |
415 | #define BTUSB_BULK_RUNNING 1 | |
9bfa35fe | 416 | #define BTUSB_ISOC_RUNNING 2 |
7bee549e | 417 | #define BTUSB_SUSPENDING 3 |
08b8b6c4 | 418 | #define BTUSB_DID_ISO_RESUME 4 |
cda0dd78 MH |
419 | #define BTUSB_BOOTLOADER 5 |
420 | #define BTUSB_DOWNLOADING 6 | |
ce6bb929 | 421 | #define BTUSB_FIRMWARE_LOADED 7 |
cda0dd78 | 422 | #define BTUSB_FIRMWARE_FAILED 8 |
ce6bb929 | 423 | #define BTUSB_BOOTING 9 |
18970430 HG |
424 | #define BTUSB_DIAG_RUNNING 10 |
425 | #define BTUSB_OOB_WAKE_ENABLED 11 | |
5e23b923 MH |
426 | |
427 | struct btusb_data { | |
428 | struct hci_dev *hdev; | |
429 | struct usb_device *udev; | |
5fbcd260 | 430 | struct usb_interface *intf; |
9bfa35fe | 431 | struct usb_interface *isoc; |
9d08f504 | 432 | struct usb_interface *diag; |
459232fc | 433 | unsigned isoc_ifnum; |
5e23b923 | 434 | |
5e23b923 MH |
435 | unsigned long flags; |
436 | ||
437 | struct work_struct work; | |
7bee549e | 438 | struct work_struct waker; |
5e23b923 | 439 | |
803b5836 | 440 | struct usb_anchor deferred; |
5e23b923 | 441 | struct usb_anchor tx_anchor; |
803b5836 MH |
442 | int tx_in_flight; |
443 | spinlock_t txlock; | |
444 | ||
5e23b923 MH |
445 | struct usb_anchor intr_anchor; |
446 | struct usb_anchor bulk_anchor; | |
9bfa35fe | 447 | struct usb_anchor isoc_anchor; |
9d08f504 | 448 | struct usb_anchor diag_anchor; |
803b5836 MH |
449 | spinlock_t rxlock; |
450 | ||
451 | struct sk_buff *evt_skb; | |
452 | struct sk_buff *acl_skb; | |
453 | struct sk_buff *sco_skb; | |
5e23b923 MH |
454 | |
455 | struct usb_endpoint_descriptor *intr_ep; | |
456 | struct usb_endpoint_descriptor *bulk_tx_ep; | |
457 | struct usb_endpoint_descriptor *bulk_rx_ep; | |
9bfa35fe MH |
458 | struct usb_endpoint_descriptor *isoc_tx_ep; |
459 | struct usb_endpoint_descriptor *isoc_rx_ep; | |
9d08f504 MH |
460 | struct usb_endpoint_descriptor *diag_tx_ep; |
461 | struct usb_endpoint_descriptor *diag_rx_ep; | |
9bfa35fe | 462 | |
7a9d4020 | 463 | __u8 cmdreq_type; |
893ba544 | 464 | __u8 cmdreq; |
7a9d4020 | 465 | |
43c2e57f | 466 | unsigned int sco_num; |
9bfa35fe | 467 | int isoc_altsetting; |
6a88adf2 | 468 | int suspend_count; |
2cbd3f5c | 469 | |
97307f51 | 470 | int (*recv_event)(struct hci_dev *hdev, struct sk_buff *skb); |
2cbd3f5c | 471 | int (*recv_bulk)(struct btusb_data *data, void *buffer, int count); |
ace31982 KBYT |
472 | |
473 | int (*setup_on_usb)(struct hci_dev *hdev); | |
fd913ef7 RJ |
474 | |
475 | int oob_wake_irq; /* irq for out-of-band wake-on-bt */ | |
5e23b923 MH |
476 | }; |
477 | ||
803b5836 MH |
478 | static inline void btusb_free_frags(struct btusb_data *data) |
479 | { | |
480 | unsigned long flags; | |
481 | ||
482 | spin_lock_irqsave(&data->rxlock, flags); | |
483 | ||
484 | kfree_skb(data->evt_skb); | |
485 | data->evt_skb = NULL; | |
486 | ||
487 | kfree_skb(data->acl_skb); | |
488 | data->acl_skb = NULL; | |
489 | ||
490 | kfree_skb(data->sco_skb); | |
491 | data->sco_skb = NULL; | |
492 | ||
493 | spin_unlock_irqrestore(&data->rxlock, flags); | |
494 | } | |
495 | ||
1ffa4ad0 MH |
496 | static int btusb_recv_intr(struct btusb_data *data, void *buffer, int count) |
497 | { | |
803b5836 MH |
498 | struct sk_buff *skb; |
499 | int err = 0; | |
500 | ||
501 | spin_lock(&data->rxlock); | |
502 | skb = data->evt_skb; | |
503 | ||
504 | while (count) { | |
505 | int len; | |
506 | ||
507 | if (!skb) { | |
508 | skb = bt_skb_alloc(HCI_MAX_EVENT_SIZE, GFP_ATOMIC); | |
509 | if (!skb) { | |
510 | err = -ENOMEM; | |
511 | break; | |
512 | } | |
513 | ||
618e8bc2 MH |
514 | hci_skb_pkt_type(skb) = HCI_EVENT_PKT; |
515 | hci_skb_expect(skb) = HCI_EVENT_HDR_SIZE; | |
803b5836 MH |
516 | } |
517 | ||
618e8bc2 | 518 | len = min_t(uint, hci_skb_expect(skb), count); |
59ae1d12 | 519 | skb_put_data(skb, buffer, len); |
803b5836 MH |
520 | |
521 | count -= len; | |
522 | buffer += len; | |
618e8bc2 | 523 | hci_skb_expect(skb) -= len; |
803b5836 MH |
524 | |
525 | if (skb->len == HCI_EVENT_HDR_SIZE) { | |
526 | /* Complete event header */ | |
618e8bc2 | 527 | hci_skb_expect(skb) = hci_event_hdr(skb)->plen; |
803b5836 | 528 | |
618e8bc2 | 529 | if (skb_tailroom(skb) < hci_skb_expect(skb)) { |
803b5836 MH |
530 | kfree_skb(skb); |
531 | skb = NULL; | |
532 | ||
533 | err = -EILSEQ; | |
534 | break; | |
535 | } | |
536 | } | |
537 | ||
618e8bc2 | 538 | if (!hci_skb_expect(skb)) { |
803b5836 | 539 | /* Complete frame */ |
97307f51 | 540 | data->recv_event(data->hdev, skb); |
803b5836 MH |
541 | skb = NULL; |
542 | } | |
543 | } | |
544 | ||
545 | data->evt_skb = skb; | |
546 | spin_unlock(&data->rxlock); | |
547 | ||
548 | return err; | |
1ffa4ad0 MH |
549 | } |
550 | ||
551 | static int btusb_recv_bulk(struct btusb_data *data, void *buffer, int count) | |
552 | { | |
803b5836 MH |
553 | struct sk_buff *skb; |
554 | int err = 0; | |
555 | ||
556 | spin_lock(&data->rxlock); | |
557 | skb = data->acl_skb; | |
558 | ||
559 | while (count) { | |
560 | int len; | |
561 | ||
562 | if (!skb) { | |
563 | skb = bt_skb_alloc(HCI_MAX_FRAME_SIZE, GFP_ATOMIC); | |
564 | if (!skb) { | |
565 | err = -ENOMEM; | |
566 | break; | |
567 | } | |
568 | ||
618e8bc2 MH |
569 | hci_skb_pkt_type(skb) = HCI_ACLDATA_PKT; |
570 | hci_skb_expect(skb) = HCI_ACL_HDR_SIZE; | |
803b5836 MH |
571 | } |
572 | ||
618e8bc2 | 573 | len = min_t(uint, hci_skb_expect(skb), count); |
59ae1d12 | 574 | skb_put_data(skb, buffer, len); |
803b5836 MH |
575 | |
576 | count -= len; | |
577 | buffer += len; | |
618e8bc2 | 578 | hci_skb_expect(skb) -= len; |
803b5836 MH |
579 | |
580 | if (skb->len == HCI_ACL_HDR_SIZE) { | |
581 | __le16 dlen = hci_acl_hdr(skb)->dlen; | |
582 | ||
583 | /* Complete ACL header */ | |
618e8bc2 | 584 | hci_skb_expect(skb) = __le16_to_cpu(dlen); |
803b5836 | 585 | |
618e8bc2 | 586 | if (skb_tailroom(skb) < hci_skb_expect(skb)) { |
803b5836 MH |
587 | kfree_skb(skb); |
588 | skb = NULL; | |
589 | ||
590 | err = -EILSEQ; | |
591 | break; | |
592 | } | |
593 | } | |
594 | ||
618e8bc2 | 595 | if (!hci_skb_expect(skb)) { |
803b5836 MH |
596 | /* Complete frame */ |
597 | hci_recv_frame(data->hdev, skb); | |
598 | skb = NULL; | |
599 | } | |
600 | } | |
601 | ||
602 | data->acl_skb = skb; | |
603 | spin_unlock(&data->rxlock); | |
604 | ||
605 | return err; | |
1ffa4ad0 MH |
606 | } |
607 | ||
608 | static int btusb_recv_isoc(struct btusb_data *data, void *buffer, int count) | |
609 | { | |
803b5836 MH |
610 | struct sk_buff *skb; |
611 | int err = 0; | |
612 | ||
613 | spin_lock(&data->rxlock); | |
614 | skb = data->sco_skb; | |
615 | ||
616 | while (count) { | |
617 | int len; | |
618 | ||
619 | if (!skb) { | |
620 | skb = bt_skb_alloc(HCI_MAX_SCO_SIZE, GFP_ATOMIC); | |
621 | if (!skb) { | |
622 | err = -ENOMEM; | |
623 | break; | |
624 | } | |
625 | ||
618e8bc2 MH |
626 | hci_skb_pkt_type(skb) = HCI_SCODATA_PKT; |
627 | hci_skb_expect(skb) = HCI_SCO_HDR_SIZE; | |
803b5836 MH |
628 | } |
629 | ||
618e8bc2 | 630 | len = min_t(uint, hci_skb_expect(skb), count); |
59ae1d12 | 631 | skb_put_data(skb, buffer, len); |
803b5836 MH |
632 | |
633 | count -= len; | |
634 | buffer += len; | |
618e8bc2 | 635 | hci_skb_expect(skb) -= len; |
803b5836 MH |
636 | |
637 | if (skb->len == HCI_SCO_HDR_SIZE) { | |
638 | /* Complete SCO header */ | |
618e8bc2 | 639 | hci_skb_expect(skb) = hci_sco_hdr(skb)->dlen; |
803b5836 | 640 | |
618e8bc2 | 641 | if (skb_tailroom(skb) < hci_skb_expect(skb)) { |
803b5836 MH |
642 | kfree_skb(skb); |
643 | skb = NULL; | |
644 | ||
645 | err = -EILSEQ; | |
646 | break; | |
647 | } | |
648 | } | |
649 | ||
618e8bc2 | 650 | if (!hci_skb_expect(skb)) { |
803b5836 MH |
651 | /* Complete frame */ |
652 | hci_recv_frame(data->hdev, skb); | |
653 | skb = NULL; | |
654 | } | |
655 | } | |
656 | ||
657 | data->sco_skb = skb; | |
658 | spin_unlock(&data->rxlock); | |
659 | ||
660 | return err; | |
1ffa4ad0 MH |
661 | } |
662 | ||
5e23b923 MH |
663 | static void btusb_intr_complete(struct urb *urb) |
664 | { | |
665 | struct hci_dev *hdev = urb->context; | |
155961e8 | 666 | struct btusb_data *data = hci_get_drvdata(hdev); |
5e23b923 MH |
667 | int err; |
668 | ||
89e7533d MH |
669 | BT_DBG("%s urb %p status %d count %d", hdev->name, urb, urb->status, |
670 | urb->actual_length); | |
5e23b923 MH |
671 | |
672 | if (!test_bit(HCI_RUNNING, &hdev->flags)) | |
673 | return; | |
674 | ||
675 | if (urb->status == 0) { | |
9bfa35fe MH |
676 | hdev->stat.byte_rx += urb->actual_length; |
677 | ||
1ffa4ad0 MH |
678 | if (btusb_recv_intr(data, urb->transfer_buffer, |
679 | urb->actual_length) < 0) { | |
2064ee33 | 680 | bt_dev_err(hdev, "corrupted event packet"); |
5e23b923 MH |
681 | hdev->stat.err_rx++; |
682 | } | |
85560c4a CC |
683 | } else if (urb->status == -ENOENT) { |
684 | /* Avoid suspend failed when usb_kill_urb */ | |
685 | return; | |
5e23b923 MH |
686 | } |
687 | ||
688 | if (!test_bit(BTUSB_INTR_RUNNING, &data->flags)) | |
689 | return; | |
690 | ||
7bee549e | 691 | usb_mark_last_busy(data->udev); |
5e23b923 MH |
692 | usb_anchor_urb(urb, &data->intr_anchor); |
693 | ||
694 | err = usb_submit_urb(urb, GFP_ATOMIC); | |
695 | if (err < 0) { | |
4935f1c1 | 696 | /* -EPERM: urb is being killed; |
d98422cb DR |
697 | * -ENODEV: device got disconnected |
698 | */ | |
4935f1c1 | 699 | if (err != -EPERM && err != -ENODEV) |
2064ee33 MH |
700 | bt_dev_err(hdev, "urb %p failed to resubmit (%d)", |
701 | urb, -err); | |
5e23b923 MH |
702 | usb_unanchor_urb(urb); |
703 | } | |
704 | } | |
705 | ||
2eda66f4 | 706 | static int btusb_submit_intr_urb(struct hci_dev *hdev, gfp_t mem_flags) |
5e23b923 | 707 | { |
155961e8 | 708 | struct btusb_data *data = hci_get_drvdata(hdev); |
5e23b923 MH |
709 | struct urb *urb; |
710 | unsigned char *buf; | |
711 | unsigned int pipe; | |
712 | int err, size; | |
713 | ||
714 | BT_DBG("%s", hdev->name); | |
715 | ||
9bfa35fe MH |
716 | if (!data->intr_ep) |
717 | return -ENODEV; | |
718 | ||
2eda66f4 | 719 | urb = usb_alloc_urb(0, mem_flags); |
5e23b923 MH |
720 | if (!urb) |
721 | return -ENOMEM; | |
722 | ||
723 | size = le16_to_cpu(data->intr_ep->wMaxPacketSize); | |
724 | ||
2eda66f4 | 725 | buf = kmalloc(size, mem_flags); |
5e23b923 MH |
726 | if (!buf) { |
727 | usb_free_urb(urb); | |
728 | return -ENOMEM; | |
729 | } | |
730 | ||
731 | pipe = usb_rcvintpipe(data->udev, data->intr_ep->bEndpointAddress); | |
732 | ||
733 | usb_fill_int_urb(urb, data->udev, pipe, buf, size, | |
89e7533d | 734 | btusb_intr_complete, hdev, data->intr_ep->bInterval); |
5e23b923 MH |
735 | |
736 | urb->transfer_flags |= URB_FREE_BUFFER; | |
737 | ||
738 | usb_anchor_urb(urb, &data->intr_anchor); | |
739 | ||
2eda66f4 | 740 | err = usb_submit_urb(urb, mem_flags); |
5e23b923 | 741 | if (err < 0) { |
d4b8d1c9 | 742 | if (err != -EPERM && err != -ENODEV) |
2064ee33 MH |
743 | bt_dev_err(hdev, "urb %p submission failed (%d)", |
744 | urb, -err); | |
5e23b923 | 745 | usb_unanchor_urb(urb); |
5e23b923 MH |
746 | } |
747 | ||
748 | usb_free_urb(urb); | |
749 | ||
750 | return err; | |
751 | } | |
752 | ||
753 | static void btusb_bulk_complete(struct urb *urb) | |
754 | { | |
755 | struct hci_dev *hdev = urb->context; | |
155961e8 | 756 | struct btusb_data *data = hci_get_drvdata(hdev); |
5e23b923 MH |
757 | int err; |
758 | ||
89e7533d MH |
759 | BT_DBG("%s urb %p status %d count %d", hdev->name, urb, urb->status, |
760 | urb->actual_length); | |
5e23b923 MH |
761 | |
762 | if (!test_bit(HCI_RUNNING, &hdev->flags)) | |
763 | return; | |
764 | ||
765 | if (urb->status == 0) { | |
9bfa35fe MH |
766 | hdev->stat.byte_rx += urb->actual_length; |
767 | ||
2cbd3f5c | 768 | if (data->recv_bulk(data, urb->transfer_buffer, |
1ffa4ad0 | 769 | urb->actual_length) < 0) { |
2064ee33 | 770 | bt_dev_err(hdev, "corrupted ACL packet"); |
5e23b923 MH |
771 | hdev->stat.err_rx++; |
772 | } | |
85560c4a CC |
773 | } else if (urb->status == -ENOENT) { |
774 | /* Avoid suspend failed when usb_kill_urb */ | |
775 | return; | |
5e23b923 MH |
776 | } |
777 | ||
778 | if (!test_bit(BTUSB_BULK_RUNNING, &data->flags)) | |
779 | return; | |
780 | ||
781 | usb_anchor_urb(urb, &data->bulk_anchor); | |
652fd781 | 782 | usb_mark_last_busy(data->udev); |
5e23b923 MH |
783 | |
784 | err = usb_submit_urb(urb, GFP_ATOMIC); | |
785 | if (err < 0) { | |
4935f1c1 | 786 | /* -EPERM: urb is being killed; |
d98422cb DR |
787 | * -ENODEV: device got disconnected |
788 | */ | |
4935f1c1 | 789 | if (err != -EPERM && err != -ENODEV) |
2064ee33 MH |
790 | bt_dev_err(hdev, "urb %p failed to resubmit (%d)", |
791 | urb, -err); | |
5e23b923 MH |
792 | usb_unanchor_urb(urb); |
793 | } | |
794 | } | |
795 | ||
2eda66f4 | 796 | static int btusb_submit_bulk_urb(struct hci_dev *hdev, gfp_t mem_flags) |
5e23b923 | 797 | { |
155961e8 | 798 | struct btusb_data *data = hci_get_drvdata(hdev); |
5e23b923 MH |
799 | struct urb *urb; |
800 | unsigned char *buf; | |
801 | unsigned int pipe; | |
290ba200 | 802 | int err, size = HCI_MAX_FRAME_SIZE; |
5e23b923 MH |
803 | |
804 | BT_DBG("%s", hdev->name); | |
805 | ||
9bfa35fe MH |
806 | if (!data->bulk_rx_ep) |
807 | return -ENODEV; | |
808 | ||
2eda66f4 | 809 | urb = usb_alloc_urb(0, mem_flags); |
5e23b923 MH |
810 | if (!urb) |
811 | return -ENOMEM; | |
812 | ||
2eda66f4 | 813 | buf = kmalloc(size, mem_flags); |
5e23b923 MH |
814 | if (!buf) { |
815 | usb_free_urb(urb); | |
816 | return -ENOMEM; | |
817 | } | |
818 | ||
819 | pipe = usb_rcvbulkpipe(data->udev, data->bulk_rx_ep->bEndpointAddress); | |
820 | ||
89e7533d MH |
821 | usb_fill_bulk_urb(urb, data->udev, pipe, buf, size, |
822 | btusb_bulk_complete, hdev); | |
5e23b923 MH |
823 | |
824 | urb->transfer_flags |= URB_FREE_BUFFER; | |
825 | ||
7bee549e | 826 | usb_mark_last_busy(data->udev); |
5e23b923 MH |
827 | usb_anchor_urb(urb, &data->bulk_anchor); |
828 | ||
2eda66f4 | 829 | err = usb_submit_urb(urb, mem_flags); |
5e23b923 | 830 | if (err < 0) { |
d4b8d1c9 | 831 | if (err != -EPERM && err != -ENODEV) |
2064ee33 MH |
832 | bt_dev_err(hdev, "urb %p submission failed (%d)", |
833 | urb, -err); | |
5e23b923 | 834 | usb_unanchor_urb(urb); |
5e23b923 MH |
835 | } |
836 | ||
837 | usb_free_urb(urb); | |
838 | ||
839 | return err; | |
840 | } | |
841 | ||
9bfa35fe MH |
842 | static void btusb_isoc_complete(struct urb *urb) |
843 | { | |
844 | struct hci_dev *hdev = urb->context; | |
155961e8 | 845 | struct btusb_data *data = hci_get_drvdata(hdev); |
9bfa35fe MH |
846 | int i, err; |
847 | ||
89e7533d MH |
848 | BT_DBG("%s urb %p status %d count %d", hdev->name, urb, urb->status, |
849 | urb->actual_length); | |
9bfa35fe MH |
850 | |
851 | if (!test_bit(HCI_RUNNING, &hdev->flags)) | |
852 | return; | |
853 | ||
854 | if (urb->status == 0) { | |
855 | for (i = 0; i < urb->number_of_packets; i++) { | |
856 | unsigned int offset = urb->iso_frame_desc[i].offset; | |
857 | unsigned int length = urb->iso_frame_desc[i].actual_length; | |
858 | ||
859 | if (urb->iso_frame_desc[i].status) | |
860 | continue; | |
861 | ||
862 | hdev->stat.byte_rx += length; | |
863 | ||
1ffa4ad0 MH |
864 | if (btusb_recv_isoc(data, urb->transfer_buffer + offset, |
865 | length) < 0) { | |
2064ee33 | 866 | bt_dev_err(hdev, "corrupted SCO packet"); |
9bfa35fe MH |
867 | hdev->stat.err_rx++; |
868 | } | |
869 | } | |
85560c4a CC |
870 | } else if (urb->status == -ENOENT) { |
871 | /* Avoid suspend failed when usb_kill_urb */ | |
872 | return; | |
9bfa35fe MH |
873 | } |
874 | ||
875 | if (!test_bit(BTUSB_ISOC_RUNNING, &data->flags)) | |
876 | return; | |
877 | ||
878 | usb_anchor_urb(urb, &data->isoc_anchor); | |
879 | ||
880 | err = usb_submit_urb(urb, GFP_ATOMIC); | |
881 | if (err < 0) { | |
4935f1c1 | 882 | /* -EPERM: urb is being killed; |
d98422cb DR |
883 | * -ENODEV: device got disconnected |
884 | */ | |
4935f1c1 | 885 | if (err != -EPERM && err != -ENODEV) |
2064ee33 MH |
886 | bt_dev_err(hdev, "urb %p failed to resubmit (%d)", |
887 | urb, -err); | |
9bfa35fe MH |
888 | usb_unanchor_urb(urb); |
889 | } | |
890 | } | |
891 | ||
42b16b3f | 892 | static inline void __fill_isoc_descriptor(struct urb *urb, int len, int mtu) |
9bfa35fe MH |
893 | { |
894 | int i, offset = 0; | |
895 | ||
896 | BT_DBG("len %d mtu %d", len, mtu); | |
897 | ||
898 | for (i = 0; i < BTUSB_MAX_ISOC_FRAMES && len >= mtu; | |
899 | i++, offset += mtu, len -= mtu) { | |
900 | urb->iso_frame_desc[i].offset = offset; | |
901 | urb->iso_frame_desc[i].length = mtu; | |
902 | } | |
903 | ||
904 | if (len && i < BTUSB_MAX_ISOC_FRAMES) { | |
905 | urb->iso_frame_desc[i].offset = offset; | |
906 | urb->iso_frame_desc[i].length = len; | |
907 | i++; | |
908 | } | |
909 | ||
910 | urb->number_of_packets = i; | |
911 | } | |
912 | ||
2eda66f4 | 913 | static int btusb_submit_isoc_urb(struct hci_dev *hdev, gfp_t mem_flags) |
9bfa35fe | 914 | { |
155961e8 | 915 | struct btusb_data *data = hci_get_drvdata(hdev); |
9bfa35fe MH |
916 | struct urb *urb; |
917 | unsigned char *buf; | |
918 | unsigned int pipe; | |
919 | int err, size; | |
920 | ||
921 | BT_DBG("%s", hdev->name); | |
922 | ||
923 | if (!data->isoc_rx_ep) | |
924 | return -ENODEV; | |
925 | ||
2eda66f4 | 926 | urb = usb_alloc_urb(BTUSB_MAX_ISOC_FRAMES, mem_flags); |
9bfa35fe MH |
927 | if (!urb) |
928 | return -ENOMEM; | |
929 | ||
930 | size = le16_to_cpu(data->isoc_rx_ep->wMaxPacketSize) * | |
931 | BTUSB_MAX_ISOC_FRAMES; | |
932 | ||
2eda66f4 | 933 | buf = kmalloc(size, mem_flags); |
9bfa35fe MH |
934 | if (!buf) { |
935 | usb_free_urb(urb); | |
936 | return -ENOMEM; | |
937 | } | |
938 | ||
939 | pipe = usb_rcvisocpipe(data->udev, data->isoc_rx_ep->bEndpointAddress); | |
940 | ||
fa0fb93f | 941 | usb_fill_int_urb(urb, data->udev, pipe, buf, size, btusb_isoc_complete, |
89e7533d | 942 | hdev, data->isoc_rx_ep->bInterval); |
9bfa35fe | 943 | |
89e7533d | 944 | urb->transfer_flags = URB_FREE_BUFFER | URB_ISO_ASAP; |
9bfa35fe MH |
945 | |
946 | __fill_isoc_descriptor(urb, size, | |
89e7533d | 947 | le16_to_cpu(data->isoc_rx_ep->wMaxPacketSize)); |
9bfa35fe MH |
948 | |
949 | usb_anchor_urb(urb, &data->isoc_anchor); | |
950 | ||
2eda66f4 | 951 | err = usb_submit_urb(urb, mem_flags); |
9bfa35fe | 952 | if (err < 0) { |
d4b8d1c9 | 953 | if (err != -EPERM && err != -ENODEV) |
2064ee33 MH |
954 | bt_dev_err(hdev, "urb %p submission failed (%d)", |
955 | urb, -err); | |
9bfa35fe | 956 | usb_unanchor_urb(urb); |
9bfa35fe MH |
957 | } |
958 | ||
959 | usb_free_urb(urb); | |
960 | ||
961 | return err; | |
962 | } | |
963 | ||
9d08f504 MH |
964 | static void btusb_diag_complete(struct urb *urb) |
965 | { | |
966 | struct hci_dev *hdev = urb->context; | |
967 | struct btusb_data *data = hci_get_drvdata(hdev); | |
968 | int err; | |
969 | ||
970 | BT_DBG("%s urb %p status %d count %d", hdev->name, urb, urb->status, | |
971 | urb->actual_length); | |
972 | ||
973 | if (urb->status == 0) { | |
974 | struct sk_buff *skb; | |
975 | ||
976 | skb = bt_skb_alloc(urb->actual_length, GFP_ATOMIC); | |
977 | if (skb) { | |
59ae1d12 JB |
978 | skb_put_data(skb, urb->transfer_buffer, |
979 | urb->actual_length); | |
9d08f504 MH |
980 | hci_recv_diag(hdev, skb); |
981 | } | |
982 | } else if (urb->status == -ENOENT) { | |
983 | /* Avoid suspend failed when usb_kill_urb */ | |
984 | return; | |
985 | } | |
986 | ||
987 | if (!test_bit(BTUSB_DIAG_RUNNING, &data->flags)) | |
988 | return; | |
989 | ||
990 | usb_anchor_urb(urb, &data->diag_anchor); | |
991 | usb_mark_last_busy(data->udev); | |
992 | ||
993 | err = usb_submit_urb(urb, GFP_ATOMIC); | |
994 | if (err < 0) { | |
995 | /* -EPERM: urb is being killed; | |
d98422cb DR |
996 | * -ENODEV: device got disconnected |
997 | */ | |
9d08f504 | 998 | if (err != -EPERM && err != -ENODEV) |
2064ee33 MH |
999 | bt_dev_err(hdev, "urb %p failed to resubmit (%d)", |
1000 | urb, -err); | |
9d08f504 MH |
1001 | usb_unanchor_urb(urb); |
1002 | } | |
1003 | } | |
1004 | ||
1005 | static int btusb_submit_diag_urb(struct hci_dev *hdev, gfp_t mem_flags) | |
1006 | { | |
1007 | struct btusb_data *data = hci_get_drvdata(hdev); | |
1008 | struct urb *urb; | |
1009 | unsigned char *buf; | |
1010 | unsigned int pipe; | |
1011 | int err, size = HCI_MAX_FRAME_SIZE; | |
1012 | ||
1013 | BT_DBG("%s", hdev->name); | |
1014 | ||
1015 | if (!data->diag_rx_ep) | |
1016 | return -ENODEV; | |
1017 | ||
1018 | urb = usb_alloc_urb(0, mem_flags); | |
1019 | if (!urb) | |
1020 | return -ENOMEM; | |
1021 | ||
1022 | buf = kmalloc(size, mem_flags); | |
1023 | if (!buf) { | |
1024 | usb_free_urb(urb); | |
1025 | return -ENOMEM; | |
1026 | } | |
1027 | ||
1028 | pipe = usb_rcvbulkpipe(data->udev, data->diag_rx_ep->bEndpointAddress); | |
1029 | ||
1030 | usb_fill_bulk_urb(urb, data->udev, pipe, buf, size, | |
1031 | btusb_diag_complete, hdev); | |
1032 | ||
1033 | urb->transfer_flags |= URB_FREE_BUFFER; | |
1034 | ||
1035 | usb_mark_last_busy(data->udev); | |
1036 | usb_anchor_urb(urb, &data->diag_anchor); | |
1037 | ||
1038 | err = usb_submit_urb(urb, mem_flags); | |
1039 | if (err < 0) { | |
1040 | if (err != -EPERM && err != -ENODEV) | |
2064ee33 MH |
1041 | bt_dev_err(hdev, "urb %p submission failed (%d)", |
1042 | urb, -err); | |
9d08f504 MH |
1043 | usb_unanchor_urb(urb); |
1044 | } | |
1045 | ||
1046 | usb_free_urb(urb); | |
1047 | ||
1048 | return err; | |
1049 | } | |
1050 | ||
5e23b923 | 1051 | static void btusb_tx_complete(struct urb *urb) |
7bee549e ON |
1052 | { |
1053 | struct sk_buff *skb = urb->context; | |
89e7533d | 1054 | struct hci_dev *hdev = (struct hci_dev *)skb->dev; |
155961e8 | 1055 | struct btusb_data *data = hci_get_drvdata(hdev); |
7bee549e | 1056 | |
89e7533d MH |
1057 | BT_DBG("%s urb %p status %d count %d", hdev->name, urb, urb->status, |
1058 | urb->actual_length); | |
7bee549e ON |
1059 | |
1060 | if (!test_bit(HCI_RUNNING, &hdev->flags)) | |
1061 | goto done; | |
1062 | ||
1063 | if (!urb->status) | |
1064 | hdev->stat.byte_tx += urb->transfer_buffer_length; | |
1065 | else | |
1066 | hdev->stat.err_tx++; | |
1067 | ||
1068 | done: | |
1069 | spin_lock(&data->txlock); | |
1070 | data->tx_in_flight--; | |
1071 | spin_unlock(&data->txlock); | |
1072 | ||
1073 | kfree(urb->setup_packet); | |
1074 | ||
1075 | kfree_skb(skb); | |
1076 | } | |
1077 | ||
1078 | static void btusb_isoc_tx_complete(struct urb *urb) | |
5e23b923 MH |
1079 | { |
1080 | struct sk_buff *skb = urb->context; | |
89e7533d | 1081 | struct hci_dev *hdev = (struct hci_dev *)skb->dev; |
5e23b923 | 1082 | |
89e7533d MH |
1083 | BT_DBG("%s urb %p status %d count %d", hdev->name, urb, urb->status, |
1084 | urb->actual_length); | |
5e23b923 MH |
1085 | |
1086 | if (!test_bit(HCI_RUNNING, &hdev->flags)) | |
1087 | goto done; | |
1088 | ||
1089 | if (!urb->status) | |
1090 | hdev->stat.byte_tx += urb->transfer_buffer_length; | |
1091 | else | |
1092 | hdev->stat.err_tx++; | |
1093 | ||
1094 | done: | |
1095 | kfree(urb->setup_packet); | |
1096 | ||
1097 | kfree_skb(skb); | |
1098 | } | |
1099 | ||
1100 | static int btusb_open(struct hci_dev *hdev) | |
1101 | { | |
155961e8 | 1102 | struct btusb_data *data = hci_get_drvdata(hdev); |
5e23b923 MH |
1103 | int err; |
1104 | ||
1105 | BT_DBG("%s", hdev->name); | |
1106 | ||
c7e163fe EH |
1107 | err = usb_autopm_get_interface(data->intf); |
1108 | if (err < 0) | |
1109 | return err; | |
1110 | ||
ace31982 KBYT |
1111 | /* Patching USB firmware files prior to starting any URBs of HCI path |
1112 | * It is more safe to use USB bulk channel for downloading USB patch | |
1113 | */ | |
1114 | if (data->setup_on_usb) { | |
1115 | err = data->setup_on_usb(hdev); | |
eb50042f | 1116 | if (err < 0) |
ace31982 KBYT |
1117 | return err; |
1118 | } | |
1119 | ||
7bee549e | 1120 | data->intf->needs_remote_wakeup = 1; |
a0085f25 SG |
1121 | /* device specific wakeup source enabled and required for USB |
1122 | * remote wakeup while host is suspended | |
1123 | */ | |
1124 | device_wakeup_enable(&data->udev->dev); | |
7bee549e | 1125 | |
5e23b923 | 1126 | if (test_and_set_bit(BTUSB_INTR_RUNNING, &data->flags)) |
7bee549e | 1127 | goto done; |
5e23b923 | 1128 | |
2eda66f4 | 1129 | err = btusb_submit_intr_urb(hdev, GFP_KERNEL); |
43c2e57f MH |
1130 | if (err < 0) |
1131 | goto failed; | |
1132 | ||
1133 | err = btusb_submit_bulk_urb(hdev, GFP_KERNEL); | |
5e23b923 | 1134 | if (err < 0) { |
43c2e57f MH |
1135 | usb_kill_anchored_urbs(&data->intr_anchor); |
1136 | goto failed; | |
5e23b923 MH |
1137 | } |
1138 | ||
43c2e57f MH |
1139 | set_bit(BTUSB_BULK_RUNNING, &data->flags); |
1140 | btusb_submit_bulk_urb(hdev, GFP_KERNEL); | |
1141 | ||
9d08f504 MH |
1142 | if (data->diag) { |
1143 | if (!btusb_submit_diag_urb(hdev, GFP_KERNEL)) | |
1144 | set_bit(BTUSB_DIAG_RUNNING, &data->flags); | |
1145 | } | |
1146 | ||
7bee549e ON |
1147 | done: |
1148 | usb_autopm_put_interface(data->intf); | |
43c2e57f MH |
1149 | return 0; |
1150 | ||
1151 | failed: | |
1152 | clear_bit(BTUSB_INTR_RUNNING, &data->flags); | |
7bee549e | 1153 | usb_autopm_put_interface(data->intf); |
5e23b923 MH |
1154 | return err; |
1155 | } | |
1156 | ||
7bee549e ON |
1157 | static void btusb_stop_traffic(struct btusb_data *data) |
1158 | { | |
1159 | usb_kill_anchored_urbs(&data->intr_anchor); | |
1160 | usb_kill_anchored_urbs(&data->bulk_anchor); | |
1161 | usb_kill_anchored_urbs(&data->isoc_anchor); | |
9d08f504 | 1162 | usb_kill_anchored_urbs(&data->diag_anchor); |
7bee549e ON |
1163 | } |
1164 | ||
5e23b923 MH |
1165 | static int btusb_close(struct hci_dev *hdev) |
1166 | { | |
155961e8 | 1167 | struct btusb_data *data = hci_get_drvdata(hdev); |
7bee549e | 1168 | int err; |
5e23b923 MH |
1169 | |
1170 | BT_DBG("%s", hdev->name); | |
1171 | ||
e8c3c3d2 | 1172 | cancel_work_sync(&data->work); |
404291ac | 1173 | cancel_work_sync(&data->waker); |
e8c3c3d2 | 1174 | |
9bfa35fe | 1175 | clear_bit(BTUSB_ISOC_RUNNING, &data->flags); |
5e23b923 | 1176 | clear_bit(BTUSB_BULK_RUNNING, &data->flags); |
5e23b923 | 1177 | clear_bit(BTUSB_INTR_RUNNING, &data->flags); |
9d08f504 | 1178 | clear_bit(BTUSB_DIAG_RUNNING, &data->flags); |
7bee549e ON |
1179 | |
1180 | btusb_stop_traffic(data); | |
803b5836 MH |
1181 | btusb_free_frags(data); |
1182 | ||
7bee549e ON |
1183 | err = usb_autopm_get_interface(data->intf); |
1184 | if (err < 0) | |
7b8e2c1d | 1185 | goto failed; |
7bee549e ON |
1186 | |
1187 | data->intf->needs_remote_wakeup = 0; | |
a0085f25 | 1188 | device_wakeup_disable(&data->udev->dev); |
7bee549e | 1189 | usb_autopm_put_interface(data->intf); |
5e23b923 | 1190 | |
7b8e2c1d ON |
1191 | failed: |
1192 | usb_scuttle_anchored_urbs(&data->deferred); | |
5e23b923 MH |
1193 | return 0; |
1194 | } | |
1195 | ||
1196 | static int btusb_flush(struct hci_dev *hdev) | |
1197 | { | |
155961e8 | 1198 | struct btusb_data *data = hci_get_drvdata(hdev); |
5e23b923 MH |
1199 | |
1200 | BT_DBG("%s", hdev->name); | |
1201 | ||
1202 | usb_kill_anchored_urbs(&data->tx_anchor); | |
803b5836 | 1203 | btusb_free_frags(data); |
5e23b923 MH |
1204 | |
1205 | return 0; | |
1206 | } | |
1207 | ||
047b2ec8 | 1208 | static struct urb *alloc_ctrl_urb(struct hci_dev *hdev, struct sk_buff *skb) |
5e23b923 | 1209 | { |
155961e8 | 1210 | struct btusb_data *data = hci_get_drvdata(hdev); |
5e23b923 MH |
1211 | struct usb_ctrlrequest *dr; |
1212 | struct urb *urb; | |
1213 | unsigned int pipe; | |
5e23b923 | 1214 | |
047b2ec8 MH |
1215 | urb = usb_alloc_urb(0, GFP_KERNEL); |
1216 | if (!urb) | |
1217 | return ERR_PTR(-ENOMEM); | |
5e23b923 | 1218 | |
047b2ec8 MH |
1219 | dr = kmalloc(sizeof(*dr), GFP_KERNEL); |
1220 | if (!dr) { | |
1221 | usb_free_urb(urb); | |
1222 | return ERR_PTR(-ENOMEM); | |
1223 | } | |
5e23b923 | 1224 | |
047b2ec8 | 1225 | dr->bRequestType = data->cmdreq_type; |
893ba544 | 1226 | dr->bRequest = data->cmdreq; |
047b2ec8 MH |
1227 | dr->wIndex = 0; |
1228 | dr->wValue = 0; | |
1229 | dr->wLength = __cpu_to_le16(skb->len); | |
7bd8f09f | 1230 | |
047b2ec8 | 1231 | pipe = usb_sndctrlpipe(data->udev, 0x00); |
5e23b923 | 1232 | |
89e7533d | 1233 | usb_fill_control_urb(urb, data->udev, pipe, (void *)dr, |
047b2ec8 | 1234 | skb->data, skb->len, btusb_tx_complete, skb); |
5e23b923 | 1235 | |
89e7533d | 1236 | skb->dev = (void *)hdev; |
5e23b923 | 1237 | |
047b2ec8 MH |
1238 | return urb; |
1239 | } | |
5e23b923 | 1240 | |
047b2ec8 MH |
1241 | static struct urb *alloc_bulk_urb(struct hci_dev *hdev, struct sk_buff *skb) |
1242 | { | |
1243 | struct btusb_data *data = hci_get_drvdata(hdev); | |
1244 | struct urb *urb; | |
1245 | unsigned int pipe; | |
5e23b923 | 1246 | |
047b2ec8 MH |
1247 | if (!data->bulk_tx_ep) |
1248 | return ERR_PTR(-ENODEV); | |
9bfa35fe | 1249 | |
047b2ec8 MH |
1250 | urb = usb_alloc_urb(0, GFP_KERNEL); |
1251 | if (!urb) | |
1252 | return ERR_PTR(-ENOMEM); | |
5e23b923 | 1253 | |
047b2ec8 | 1254 | pipe = usb_sndbulkpipe(data->udev, data->bulk_tx_ep->bEndpointAddress); |
5e23b923 | 1255 | |
047b2ec8 MH |
1256 | usb_fill_bulk_urb(urb, data->udev, pipe, |
1257 | skb->data, skb->len, btusb_tx_complete, skb); | |
5e23b923 | 1258 | |
89e7533d | 1259 | skb->dev = (void *)hdev; |
5e23b923 | 1260 | |
047b2ec8 MH |
1261 | return urb; |
1262 | } | |
9bfa35fe | 1263 | |
047b2ec8 MH |
1264 | static struct urb *alloc_isoc_urb(struct hci_dev *hdev, struct sk_buff *skb) |
1265 | { | |
1266 | struct btusb_data *data = hci_get_drvdata(hdev); | |
1267 | struct urb *urb; | |
1268 | unsigned int pipe; | |
9bfa35fe | 1269 | |
047b2ec8 MH |
1270 | if (!data->isoc_tx_ep) |
1271 | return ERR_PTR(-ENODEV); | |
9bfa35fe | 1272 | |
047b2ec8 MH |
1273 | urb = usb_alloc_urb(BTUSB_MAX_ISOC_FRAMES, GFP_KERNEL); |
1274 | if (!urb) | |
1275 | return ERR_PTR(-ENOMEM); | |
9bfa35fe | 1276 | |
047b2ec8 | 1277 | pipe = usb_sndisocpipe(data->udev, data->isoc_tx_ep->bEndpointAddress); |
9bfa35fe | 1278 | |
047b2ec8 MH |
1279 | usb_fill_int_urb(urb, data->udev, pipe, |
1280 | skb->data, skb->len, btusb_isoc_tx_complete, | |
1281 | skb, data->isoc_tx_ep->bInterval); | |
9bfa35fe | 1282 | |
047b2ec8 | 1283 | urb->transfer_flags = URB_ISO_ASAP; |
5e23b923 | 1284 | |
047b2ec8 MH |
1285 | __fill_isoc_descriptor(urb, skb->len, |
1286 | le16_to_cpu(data->isoc_tx_ep->wMaxPacketSize)); | |
5e23b923 | 1287 | |
89e7533d | 1288 | skb->dev = (void *)hdev; |
047b2ec8 MH |
1289 | |
1290 | return urb; | |
1291 | } | |
1292 | ||
1293 | static int submit_tx_urb(struct hci_dev *hdev, struct urb *urb) | |
1294 | { | |
1295 | struct btusb_data *data = hci_get_drvdata(hdev); | |
1296 | int err; | |
7bee549e | 1297 | |
5e23b923 MH |
1298 | usb_anchor_urb(urb, &data->tx_anchor); |
1299 | ||
e9753eff | 1300 | err = usb_submit_urb(urb, GFP_KERNEL); |
5e23b923 | 1301 | if (err < 0) { |
5a9b80e2 | 1302 | if (err != -EPERM && err != -ENODEV) |
2064ee33 MH |
1303 | bt_dev_err(hdev, "urb %p submission failed (%d)", |
1304 | urb, -err); | |
5e23b923 MH |
1305 | kfree(urb->setup_packet); |
1306 | usb_unanchor_urb(urb); | |
7bee549e ON |
1307 | } else { |
1308 | usb_mark_last_busy(data->udev); | |
5e23b923 MH |
1309 | } |
1310 | ||
54a8a79c | 1311 | usb_free_urb(urb); |
5e23b923 MH |
1312 | return err; |
1313 | } | |
1314 | ||
047b2ec8 MH |
1315 | static int submit_or_queue_tx_urb(struct hci_dev *hdev, struct urb *urb) |
1316 | { | |
1317 | struct btusb_data *data = hci_get_drvdata(hdev); | |
1318 | unsigned long flags; | |
1319 | bool suspending; | |
1320 | ||
1321 | spin_lock_irqsave(&data->txlock, flags); | |
1322 | suspending = test_bit(BTUSB_SUSPENDING, &data->flags); | |
1323 | if (!suspending) | |
1324 | data->tx_in_flight++; | |
1325 | spin_unlock_irqrestore(&data->txlock, flags); | |
1326 | ||
1327 | if (!suspending) | |
1328 | return submit_tx_urb(hdev, urb); | |
1329 | ||
1330 | usb_anchor_urb(urb, &data->deferred); | |
1331 | schedule_work(&data->waker); | |
1332 | ||
1333 | usb_free_urb(urb); | |
1334 | return 0; | |
1335 | } | |
1336 | ||
1337 | static int btusb_send_frame(struct hci_dev *hdev, struct sk_buff *skb) | |
1338 | { | |
1339 | struct urb *urb; | |
1340 | ||
1341 | BT_DBG("%s", hdev->name); | |
1342 | ||
618e8bc2 | 1343 | switch (hci_skb_pkt_type(skb)) { |
047b2ec8 MH |
1344 | case HCI_COMMAND_PKT: |
1345 | urb = alloc_ctrl_urb(hdev, skb); | |
1346 | if (IS_ERR(urb)) | |
1347 | return PTR_ERR(urb); | |
1348 | ||
1349 | hdev->stat.cmd_tx++; | |
1350 | return submit_or_queue_tx_urb(hdev, urb); | |
1351 | ||
1352 | case HCI_ACLDATA_PKT: | |
1353 | urb = alloc_bulk_urb(hdev, skb); | |
1354 | if (IS_ERR(urb)) | |
1355 | return PTR_ERR(urb); | |
1356 | ||
1357 | hdev->stat.acl_tx++; | |
1358 | return submit_or_queue_tx_urb(hdev, urb); | |
1359 | ||
1360 | case HCI_SCODATA_PKT: | |
1361 | if (hci_conn_num(hdev, SCO_LINK) < 1) | |
1362 | return -ENODEV; | |
1363 | ||
1364 | urb = alloc_isoc_urb(hdev, skb); | |
1365 | if (IS_ERR(urb)) | |
1366 | return PTR_ERR(urb); | |
1367 | ||
1368 | hdev->stat.sco_tx++; | |
1369 | return submit_tx_urb(hdev, urb); | |
1370 | } | |
1371 | ||
1372 | return -EILSEQ; | |
1373 | } | |
1374 | ||
5e23b923 MH |
1375 | static void btusb_notify(struct hci_dev *hdev, unsigned int evt) |
1376 | { | |
155961e8 | 1377 | struct btusb_data *data = hci_get_drvdata(hdev); |
5e23b923 MH |
1378 | |
1379 | BT_DBG("%s evt %d", hdev->name, evt); | |
1380 | ||
014f7bc7 MH |
1381 | if (hci_conn_num(hdev, SCO_LINK) != data->sco_num) { |
1382 | data->sco_num = hci_conn_num(hdev, SCO_LINK); | |
43c2e57f | 1383 | schedule_work(&data->work); |
a780efa8 | 1384 | } |
5e23b923 MH |
1385 | } |
1386 | ||
42b16b3f | 1387 | static inline int __set_isoc_interface(struct hci_dev *hdev, int altsetting) |
9bfa35fe | 1388 | { |
155961e8 | 1389 | struct btusb_data *data = hci_get_drvdata(hdev); |
9bfa35fe MH |
1390 | struct usb_interface *intf = data->isoc; |
1391 | struct usb_endpoint_descriptor *ep_desc; | |
1392 | int i, err; | |
1393 | ||
1394 | if (!data->isoc) | |
1395 | return -ENODEV; | |
1396 | ||
459232fc | 1397 | err = usb_set_interface(data->udev, data->isoc_ifnum, altsetting); |
9bfa35fe | 1398 | if (err < 0) { |
2064ee33 | 1399 | bt_dev_err(hdev, "setting interface failed (%d)", -err); |
9bfa35fe MH |
1400 | return err; |
1401 | } | |
1402 | ||
1403 | data->isoc_altsetting = altsetting; | |
1404 | ||
1405 | data->isoc_tx_ep = NULL; | |
1406 | data->isoc_rx_ep = NULL; | |
1407 | ||
1408 | for (i = 0; i < intf->cur_altsetting->desc.bNumEndpoints; i++) { | |
1409 | ep_desc = &intf->cur_altsetting->endpoint[i].desc; | |
1410 | ||
1411 | if (!data->isoc_tx_ep && usb_endpoint_is_isoc_out(ep_desc)) { | |
1412 | data->isoc_tx_ep = ep_desc; | |
1413 | continue; | |
1414 | } | |
1415 | ||
1416 | if (!data->isoc_rx_ep && usb_endpoint_is_isoc_in(ep_desc)) { | |
1417 | data->isoc_rx_ep = ep_desc; | |
1418 | continue; | |
1419 | } | |
1420 | } | |
1421 | ||
1422 | if (!data->isoc_tx_ep || !data->isoc_rx_ep) { | |
2064ee33 | 1423 | bt_dev_err(hdev, "invalid SCO descriptors"); |
9bfa35fe MH |
1424 | return -ENODEV; |
1425 | } | |
1426 | ||
1427 | return 0; | |
1428 | } | |
1429 | ||
5e23b923 MH |
1430 | static void btusb_work(struct work_struct *work) |
1431 | { | |
1432 | struct btusb_data *data = container_of(work, struct btusb_data, work); | |
1433 | struct hci_dev *hdev = data->hdev; | |
f4001d28 | 1434 | int new_alts; |
7bee549e | 1435 | int err; |
5e23b923 | 1436 | |
014f7bc7 | 1437 | if (data->sco_num > 0) { |
08b8b6c4 | 1438 | if (!test_bit(BTUSB_DID_ISO_RESUME, &data->flags)) { |
8efdd0cd | 1439 | err = usb_autopm_get_interface(data->isoc ? data->isoc : data->intf); |
7bee549e ON |
1440 | if (err < 0) { |
1441 | clear_bit(BTUSB_ISOC_RUNNING, &data->flags); | |
1442 | usb_kill_anchored_urbs(&data->isoc_anchor); | |
1443 | return; | |
1444 | } | |
1445 | ||
08b8b6c4 | 1446 | set_bit(BTUSB_DID_ISO_RESUME, &data->flags); |
7bee549e | 1447 | } |
f4001d28 MA |
1448 | |
1449 | if (hdev->voice_setting & 0x0020) { | |
1450 | static const int alts[3] = { 2, 4, 5 }; | |
89e7533d | 1451 | |
014f7bc7 | 1452 | new_alts = alts[data->sco_num - 1]; |
f4001d28 | 1453 | } else { |
014f7bc7 | 1454 | new_alts = data->sco_num; |
f4001d28 MA |
1455 | } |
1456 | ||
1457 | if (data->isoc_altsetting != new_alts) { | |
f6fc86f2 KP |
1458 | unsigned long flags; |
1459 | ||
9bfa35fe MH |
1460 | clear_bit(BTUSB_ISOC_RUNNING, &data->flags); |
1461 | usb_kill_anchored_urbs(&data->isoc_anchor); | |
1462 | ||
8f9d02f4 KP |
1463 | /* When isochronous alternate setting needs to be |
1464 | * changed, because SCO connection has been added | |
1465 | * or removed, a packet fragment may be left in the | |
1466 | * reassembling state. This could lead to wrongly | |
1467 | * assembled fragments. | |
1468 | * | |
1469 | * Clear outstanding fragment when selecting a new | |
1470 | * alternate setting. | |
1471 | */ | |
f6fc86f2 | 1472 | spin_lock_irqsave(&data->rxlock, flags); |
8f9d02f4 KP |
1473 | kfree_skb(data->sco_skb); |
1474 | data->sco_skb = NULL; | |
f6fc86f2 | 1475 | spin_unlock_irqrestore(&data->rxlock, flags); |
8f9d02f4 | 1476 | |
f4001d28 | 1477 | if (__set_isoc_interface(hdev, new_alts) < 0) |
9bfa35fe MH |
1478 | return; |
1479 | } | |
1480 | ||
1481 | if (!test_and_set_bit(BTUSB_ISOC_RUNNING, &data->flags)) { | |
2eda66f4 | 1482 | if (btusb_submit_isoc_urb(hdev, GFP_KERNEL) < 0) |
9bfa35fe MH |
1483 | clear_bit(BTUSB_ISOC_RUNNING, &data->flags); |
1484 | else | |
2eda66f4 | 1485 | btusb_submit_isoc_urb(hdev, GFP_KERNEL); |
9bfa35fe MH |
1486 | } |
1487 | } else { | |
1488 | clear_bit(BTUSB_ISOC_RUNNING, &data->flags); | |
1489 | usb_kill_anchored_urbs(&data->isoc_anchor); | |
1490 | ||
1491 | __set_isoc_interface(hdev, 0); | |
08b8b6c4 | 1492 | if (test_and_clear_bit(BTUSB_DID_ISO_RESUME, &data->flags)) |
8efdd0cd | 1493 | usb_autopm_put_interface(data->isoc ? data->isoc : data->intf); |
5e23b923 MH |
1494 | } |
1495 | } | |
1496 | ||
7bee549e ON |
1497 | static void btusb_waker(struct work_struct *work) |
1498 | { | |
1499 | struct btusb_data *data = container_of(work, struct btusb_data, waker); | |
1500 | int err; | |
1501 | ||
1502 | err = usb_autopm_get_interface(data->intf); | |
1503 | if (err < 0) | |
1504 | return; | |
1505 | ||
1506 | usb_autopm_put_interface(data->intf); | |
1507 | } | |
1508 | ||
9f8f962c MH |
1509 | static int btusb_setup_bcm92035(struct hci_dev *hdev) |
1510 | { | |
1511 | struct sk_buff *skb; | |
1512 | u8 val = 0x00; | |
1513 | ||
1514 | BT_DBG("%s", hdev->name); | |
1515 | ||
1516 | skb = __hci_cmd_sync(hdev, 0xfc3b, 1, &val, HCI_INIT_TIMEOUT); | |
1517 | if (IS_ERR(skb)) | |
2064ee33 | 1518 | bt_dev_err(hdev, "BCM92035 command failed (%ld)", PTR_ERR(skb)); |
9f8f962c MH |
1519 | else |
1520 | kfree_skb(skb); | |
1521 | ||
1522 | return 0; | |
1523 | } | |
1524 | ||
81cac64b MH |
1525 | static int btusb_setup_csr(struct hci_dev *hdev) |
1526 | { | |
1527 | struct hci_rp_read_local_version *rp; | |
1528 | struct sk_buff *skb; | |
81cac64b MH |
1529 | |
1530 | BT_DBG("%s", hdev->name); | |
1531 | ||
7cd84d72 MH |
1532 | skb = __hci_cmd_sync(hdev, HCI_OP_READ_LOCAL_VERSION, 0, NULL, |
1533 | HCI_INIT_TIMEOUT); | |
1534 | if (IS_ERR(skb)) { | |
1535 | int err = PTR_ERR(skb); | |
2064ee33 | 1536 | bt_dev_err(hdev, "CSR: Local version failed (%d)", err); |
7cd84d72 MH |
1537 | return err; |
1538 | } | |
1539 | ||
1540 | if (skb->len != sizeof(struct hci_rp_read_local_version)) { | |
2064ee33 | 1541 | bt_dev_err(hdev, "CSR: Local version length mismatch"); |
7cd84d72 MH |
1542 | kfree_skb(skb); |
1543 | return -EIO; | |
1544 | } | |
81cac64b | 1545 | |
89e7533d | 1546 | rp = (struct hci_rp_read_local_version *)skb->data; |
81cac64b | 1547 | |
6cafcd95 JH |
1548 | /* Detect controllers which aren't real CSR ones. */ |
1549 | if (le16_to_cpu(rp->manufacturer) != 10 || | |
1550 | le16_to_cpu(rp->lmp_subver) == 0x0c5c) { | |
9641d343 MH |
1551 | /* Clear the reset quirk since this is not an actual |
1552 | * early Bluetooth 1.1 device from CSR. | |
1553 | */ | |
1554 | clear_bit(HCI_QUIRK_RESET_ON_CLOSE, &hdev->quirks); | |
81cac64b | 1555 | |
9641d343 MH |
1556 | /* These fake CSR controllers have all a broken |
1557 | * stored link key handling and so just disable it. | |
1558 | */ | |
1559 | set_bit(HCI_QUIRK_BROKEN_STORED_LINK_KEY, &hdev->quirks); | |
1560 | } | |
81cac64b MH |
1561 | |
1562 | kfree_skb(skb); | |
1563 | ||
9641d343 | 1564 | return 0; |
81cac64b MH |
1565 | } |
1566 | ||
dffd30ee | 1567 | static const struct firmware *btusb_setup_intel_get_fw(struct hci_dev *hdev, |
89e7533d | 1568 | struct intel_version *ver) |
dffd30ee THJA |
1569 | { |
1570 | const struct firmware *fw; | |
1571 | char fwname[64]; | |
1572 | int ret; | |
1573 | ||
1574 | snprintf(fwname, sizeof(fwname), | |
1575 | "intel/ibt-hw-%x.%x.%x-fw-%x.%x.%x.%x.%x.bseq", | |
1576 | ver->hw_platform, ver->hw_variant, ver->hw_revision, | |
1577 | ver->fw_variant, ver->fw_revision, ver->fw_build_num, | |
1578 | ver->fw_build_ww, ver->fw_build_yy); | |
1579 | ||
1580 | ret = request_firmware(&fw, fwname, &hdev->dev); | |
1581 | if (ret < 0) { | |
1582 | if (ret == -EINVAL) { | |
1583 | BT_ERR("%s Intel firmware file request failed (%d)", | |
1584 | hdev->name, ret); | |
1585 | return NULL; | |
1586 | } | |
1587 | ||
1588 | BT_ERR("%s failed to open Intel firmware file: %s(%d)", | |
1589 | hdev->name, fwname, ret); | |
1590 | ||
1591 | /* If the correct firmware patch file is not found, use the | |
1592 | * default firmware patch file instead | |
1593 | */ | |
1594 | snprintf(fwname, sizeof(fwname), "intel/ibt-hw-%x.%x.bseq", | |
1595 | ver->hw_platform, ver->hw_variant); | |
1596 | if (request_firmware(&fw, fwname, &hdev->dev) < 0) { | |
1597 | BT_ERR("%s failed to open default Intel fw file: %s", | |
1598 | hdev->name, fwname); | |
1599 | return NULL; | |
1600 | } | |
1601 | } | |
1602 | ||
2064ee33 | 1603 | bt_dev_info(hdev, "Intel Bluetooth firmware file: %s", fwname); |
dffd30ee THJA |
1604 | |
1605 | return fw; | |
1606 | } | |
1607 | ||
1608 | static int btusb_setup_intel_patching(struct hci_dev *hdev, | |
1609 | const struct firmware *fw, | |
1610 | const u8 **fw_ptr, int *disable_patch) | |
1611 | { | |
1612 | struct sk_buff *skb; | |
1613 | struct hci_command_hdr *cmd; | |
1614 | const u8 *cmd_param; | |
1615 | struct hci_event_hdr *evt = NULL; | |
1616 | const u8 *evt_param = NULL; | |
1617 | int remain = fw->size - (*fw_ptr - fw->data); | |
1618 | ||
1619 | /* The first byte indicates the types of the patch command or event. | |
1620 | * 0x01 means HCI command and 0x02 is HCI event. If the first bytes | |
1621 | * in the current firmware buffer doesn't start with 0x01 or | |
1622 | * the size of remain buffer is smaller than HCI command header, | |
1623 | * the firmware file is corrupted and it should stop the patching | |
1624 | * process. | |
1625 | */ | |
1626 | if (remain > HCI_COMMAND_HDR_SIZE && *fw_ptr[0] != 0x01) { | |
1627 | BT_ERR("%s Intel fw corrupted: invalid cmd read", hdev->name); | |
1628 | return -EINVAL; | |
1629 | } | |
1630 | (*fw_ptr)++; | |
1631 | remain--; | |
1632 | ||
1633 | cmd = (struct hci_command_hdr *)(*fw_ptr); | |
1634 | *fw_ptr += sizeof(*cmd); | |
1635 | remain -= sizeof(*cmd); | |
1636 | ||
1637 | /* Ensure that the remain firmware data is long enough than the length | |
1638 | * of command parameter. If not, the firmware file is corrupted. | |
1639 | */ | |
1640 | if (remain < cmd->plen) { | |
1641 | BT_ERR("%s Intel fw corrupted: invalid cmd len", hdev->name); | |
1642 | return -EFAULT; | |
1643 | } | |
1644 | ||
1645 | /* If there is a command that loads a patch in the firmware | |
1646 | * file, then enable the patch upon success, otherwise just | |
1647 | * disable the manufacturer mode, for example patch activation | |
1648 | * is not required when the default firmware patch file is used | |
1649 | * because there are no patch data to load. | |
1650 | */ | |
1651 | if (*disable_patch && le16_to_cpu(cmd->opcode) == 0xfc8e) | |
1652 | *disable_patch = 0; | |
1653 | ||
1654 | cmd_param = *fw_ptr; | |
1655 | *fw_ptr += cmd->plen; | |
1656 | remain -= cmd->plen; | |
1657 | ||
1658 | /* This reads the expected events when the above command is sent to the | |
1659 | * device. Some vendor commands expects more than one events, for | |
1660 | * example command status event followed by vendor specific event. | |
1661 | * For this case, it only keeps the last expected event. so the command | |
1662 | * can be sent with __hci_cmd_sync_ev() which returns the sk_buff of | |
1663 | * last expected event. | |
1664 | */ | |
1665 | while (remain > HCI_EVENT_HDR_SIZE && *fw_ptr[0] == 0x02) { | |
1666 | (*fw_ptr)++; | |
1667 | remain--; | |
1668 | ||
1669 | evt = (struct hci_event_hdr *)(*fw_ptr); | |
1670 | *fw_ptr += sizeof(*evt); | |
1671 | remain -= sizeof(*evt); | |
1672 | ||
1673 | if (remain < evt->plen) { | |
1674 | BT_ERR("%s Intel fw corrupted: invalid evt len", | |
1675 | hdev->name); | |
1676 | return -EFAULT; | |
1677 | } | |
1678 | ||
1679 | evt_param = *fw_ptr; | |
1680 | *fw_ptr += evt->plen; | |
1681 | remain -= evt->plen; | |
1682 | } | |
1683 | ||
1684 | /* Every HCI commands in the firmware file has its correspond event. | |
1685 | * If event is not found or remain is smaller than zero, the firmware | |
1686 | * file is corrupted. | |
1687 | */ | |
1688 | if (!evt || !evt_param || remain < 0) { | |
1689 | BT_ERR("%s Intel fw corrupted: invalid evt read", hdev->name); | |
1690 | return -EFAULT; | |
1691 | } | |
1692 | ||
1693 | skb = __hci_cmd_sync_ev(hdev, le16_to_cpu(cmd->opcode), cmd->plen, | |
1694 | cmd_param, evt->evt, HCI_INIT_TIMEOUT); | |
1695 | if (IS_ERR(skb)) { | |
1696 | BT_ERR("%s sending Intel patch command (0x%4.4x) failed (%ld)", | |
1697 | hdev->name, cmd->opcode, PTR_ERR(skb)); | |
d9c78e97 | 1698 | return PTR_ERR(skb); |
dffd30ee THJA |
1699 | } |
1700 | ||
1701 | /* It ensures that the returned event matches the event data read from | |
1702 | * the firmware file. At fist, it checks the length and then | |
1703 | * the contents of the event. | |
1704 | */ | |
1705 | if (skb->len != evt->plen) { | |
1706 | BT_ERR("%s mismatch event length (opcode 0x%4.4x)", hdev->name, | |
1707 | le16_to_cpu(cmd->opcode)); | |
1708 | kfree_skb(skb); | |
1709 | return -EFAULT; | |
1710 | } | |
1711 | ||
1712 | if (memcmp(skb->data, evt_param, evt->plen)) { | |
1713 | BT_ERR("%s mismatch event parameter (opcode 0x%4.4x)", | |
1714 | hdev->name, le16_to_cpu(cmd->opcode)); | |
1715 | kfree_skb(skb); | |
1716 | return -EFAULT; | |
1717 | } | |
1718 | kfree_skb(skb); | |
1719 | ||
1720 | return 0; | |
1721 | } | |
1722 | ||
1723 | static int btusb_setup_intel(struct hci_dev *hdev) | |
1724 | { | |
1725 | struct sk_buff *skb; | |
1726 | const struct firmware *fw; | |
1727 | const u8 *fw_ptr; | |
28dc4b92 | 1728 | int disable_patch, err; |
6c483de1 | 1729 | struct intel_version ver; |
dffd30ee | 1730 | |
dffd30ee THJA |
1731 | BT_DBG("%s", hdev->name); |
1732 | ||
1733 | /* The controller has a bug with the first HCI command sent to it | |
1734 | * returning number of completed commands as zero. This would stall the | |
1735 | * command processing in the Bluetooth core. | |
1736 | * | |
1737 | * As a workaround, send HCI Reset command first which will reset the | |
1738 | * number of completed commands and allow normal command processing | |
1739 | * from now on. | |
1740 | */ | |
1741 | skb = __hci_cmd_sync(hdev, HCI_OP_RESET, 0, NULL, HCI_INIT_TIMEOUT); | |
1742 | if (IS_ERR(skb)) { | |
1743 | BT_ERR("%s sending initial HCI reset command failed (%ld)", | |
1744 | hdev->name, PTR_ERR(skb)); | |
d9c78e97 | 1745 | return PTR_ERR(skb); |
dffd30ee THJA |
1746 | } |
1747 | kfree_skb(skb); | |
1748 | ||
1749 | /* Read Intel specific controller version first to allow selection of | |
1750 | * which firmware file to load. | |
1751 | * | |
1752 | * The returned information are hardware variant and revision plus | |
1753 | * firmware variant, revision and build number. | |
1754 | */ | |
6c483de1 LP |
1755 | err = btintel_read_version(hdev, &ver); |
1756 | if (err) | |
1757 | return err; | |
dffd30ee | 1758 | |
2064ee33 MH |
1759 | bt_dev_info(hdev, "read Intel version: %02x%02x%02x%02x%02x%02x%02x%02x%02x", |
1760 | ver.hw_platform, ver.hw_variant, ver.hw_revision, | |
1761 | ver.fw_variant, ver.fw_revision, ver.fw_build_num, | |
1762 | ver.fw_build_ww, ver.fw_build_yy, ver.fw_patch_num); | |
dffd30ee THJA |
1763 | |
1764 | /* fw_patch_num indicates the version of patch the device currently | |
1765 | * have. If there is no patch data in the device, it is always 0x00. | |
5075edae | 1766 | * So, if it is other than 0x00, no need to patch the device again. |
dffd30ee | 1767 | */ |
6c483de1 | 1768 | if (ver.fw_patch_num) { |
2064ee33 MH |
1769 | bt_dev_info(hdev, "Intel device is already patched. " |
1770 | "patch num: %02x", ver.fw_patch_num); | |
213445b2 | 1771 | goto complete; |
dffd30ee THJA |
1772 | } |
1773 | ||
1774 | /* Opens the firmware patch file based on the firmware version read | |
1775 | * from the controller. If it fails to open the matching firmware | |
1776 | * patch file, it tries to open the default firmware patch file. | |
1777 | * If no patch file is found, allow the device to operate without | |
1778 | * a patch. | |
1779 | */ | |
6c483de1 LP |
1780 | fw = btusb_setup_intel_get_fw(hdev, &ver); |
1781 | if (!fw) | |
213445b2 | 1782 | goto complete; |
dffd30ee THJA |
1783 | fw_ptr = fw->data; |
1784 | ||
28dc4b92 | 1785 | /* Enable the manufacturer mode of the controller. |
dffd30ee THJA |
1786 | * Only while this mode is enabled, the driver can download the |
1787 | * firmware patch data and configuration parameters. | |
1788 | */ | |
28dc4b92 LP |
1789 | err = btintel_enter_mfg(hdev); |
1790 | if (err) { | |
dffd30ee | 1791 | release_firmware(fw); |
28dc4b92 | 1792 | return err; |
dffd30ee THJA |
1793 | } |
1794 | ||
dffd30ee THJA |
1795 | disable_patch = 1; |
1796 | ||
1797 | /* The firmware data file consists of list of Intel specific HCI | |
1798 | * commands and its expected events. The first byte indicates the | |
1799 | * type of the message, either HCI command or HCI event. | |
1800 | * | |
1801 | * It reads the command and its expected event from the firmware file, | |
1802 | * and send to the controller. Once __hci_cmd_sync_ev() returns, | |
1803 | * the returned event is compared with the event read from the firmware | |
1804 | * file and it will continue until all the messages are downloaded to | |
1805 | * the controller. | |
1806 | * | |
1807 | * Once the firmware patching is completed successfully, | |
1808 | * the manufacturer mode is disabled with reset and activating the | |
1809 | * downloaded patch. | |
1810 | * | |
1811 | * If the firmware patching fails, the manufacturer mode is | |
1812 | * disabled with reset and deactivating the patch. | |
1813 | * | |
1814 | * If the default patch file is used, no reset is done when disabling | |
1815 | * the manufacturer. | |
1816 | */ | |
1817 | while (fw->size > fw_ptr - fw->data) { | |
1818 | int ret; | |
1819 | ||
1820 | ret = btusb_setup_intel_patching(hdev, fw, &fw_ptr, | |
1821 | &disable_patch); | |
1822 | if (ret < 0) | |
1823 | goto exit_mfg_deactivate; | |
1824 | } | |
1825 | ||
1826 | release_firmware(fw); | |
1827 | ||
1828 | if (disable_patch) | |
1829 | goto exit_mfg_disable; | |
1830 | ||
1831 | /* Patching completed successfully and disable the manufacturer mode | |
1832 | * with reset and activate the downloaded firmware patches. | |
1833 | */ | |
28dc4b92 LP |
1834 | err = btintel_exit_mfg(hdev, true, true); |
1835 | if (err) | |
1836 | return err; | |
dffd30ee | 1837 | |
2064ee33 | 1838 | bt_dev_info(hdev, "Intel firmware patch completed and activated"); |
dffd30ee | 1839 | |
213445b2 | 1840 | goto complete; |
dffd30ee THJA |
1841 | |
1842 | exit_mfg_disable: | |
1843 | /* Disable the manufacturer mode without reset */ | |
28dc4b92 LP |
1844 | err = btintel_exit_mfg(hdev, false, false); |
1845 | if (err) | |
1846 | return err; | |
dffd30ee | 1847 | |
2064ee33 | 1848 | bt_dev_info(hdev, "Intel firmware patch completed"); |
40cb0984 | 1849 | |
213445b2 | 1850 | goto complete; |
dffd30ee THJA |
1851 | |
1852 | exit_mfg_deactivate: | |
1853 | release_firmware(fw); | |
1854 | ||
1855 | /* Patching failed. Disable the manufacturer mode with reset and | |
1856 | * deactivate the downloaded firmware patches. | |
1857 | */ | |
28dc4b92 LP |
1858 | err = btintel_exit_mfg(hdev, true, false); |
1859 | if (err) | |
1860 | return err; | |
dffd30ee | 1861 | |
2064ee33 | 1862 | bt_dev_info(hdev, "Intel firmware patch completed and deactivated"); |
dffd30ee | 1863 | |
213445b2 MH |
1864 | complete: |
1865 | /* Set the event mask for Intel specific vendor events. This enables | |
1866 | * a few extra events that are useful during general operation. | |
1867 | */ | |
1868 | btintel_set_event_mask_mfg(hdev, false); | |
1869 | ||
4185a0f5 | 1870 | btintel_check_bdaddr(hdev); |
dffd30ee THJA |
1871 | return 0; |
1872 | } | |
1873 | ||
cda0dd78 MH |
1874 | static int inject_cmd_complete(struct hci_dev *hdev, __u16 opcode) |
1875 | { | |
1876 | struct sk_buff *skb; | |
1877 | struct hci_event_hdr *hdr; | |
1878 | struct hci_ev_cmd_complete *evt; | |
1879 | ||
1880 | skb = bt_skb_alloc(sizeof(*hdr) + sizeof(*evt) + 1, GFP_ATOMIC); | |
1881 | if (!skb) | |
1882 | return -ENOMEM; | |
1883 | ||
4df864c1 | 1884 | hdr = skb_put(skb, sizeof(*hdr)); |
cda0dd78 MH |
1885 | hdr->evt = HCI_EV_CMD_COMPLETE; |
1886 | hdr->plen = sizeof(*evt) + 1; | |
1887 | ||
4df864c1 | 1888 | evt = skb_put(skb, sizeof(*evt)); |
cda0dd78 MH |
1889 | evt->ncmd = 0x01; |
1890 | evt->opcode = cpu_to_le16(opcode); | |
1891 | ||
634fef61 | 1892 | skb_put_u8(skb, 0x00); |
cda0dd78 | 1893 | |
618e8bc2 | 1894 | hci_skb_pkt_type(skb) = HCI_EVENT_PKT; |
cda0dd78 MH |
1895 | |
1896 | return hci_recv_frame(hdev, skb); | |
1897 | } | |
1898 | ||
1899 | static int btusb_recv_bulk_intel(struct btusb_data *data, void *buffer, | |
1900 | int count) | |
1901 | { | |
1902 | /* When the device is in bootloader mode, then it can send | |
1903 | * events via the bulk endpoint. These events are treated the | |
1904 | * same way as the ones received from the interrupt endpoint. | |
1905 | */ | |
1906 | if (test_bit(BTUSB_BOOTLOADER, &data->flags)) | |
1907 | return btusb_recv_intr(data, buffer, count); | |
1908 | ||
1909 | return btusb_recv_bulk(data, buffer, count); | |
1910 | } | |
1911 | ||
ccd6da2a MH |
1912 | static void btusb_intel_bootup(struct btusb_data *data, const void *ptr, |
1913 | unsigned int len) | |
1914 | { | |
1915 | const struct intel_bootup *evt = ptr; | |
1916 | ||
1917 | if (len != sizeof(*evt)) | |
1918 | return; | |
1919 | ||
1920 | if (test_and_clear_bit(BTUSB_BOOTING, &data->flags)) { | |
1921 | smp_mb__after_atomic(); | |
1922 | wake_up_bit(&data->flags, BTUSB_BOOTING); | |
1923 | } | |
1924 | } | |
1925 | ||
1926 | static void btusb_intel_secure_send_result(struct btusb_data *data, | |
1927 | const void *ptr, unsigned int len) | |
1928 | { | |
1929 | const struct intel_secure_send_result *evt = ptr; | |
1930 | ||
1931 | if (len != sizeof(*evt)) | |
1932 | return; | |
1933 | ||
1934 | if (evt->result) | |
1935 | set_bit(BTUSB_FIRMWARE_FAILED, &data->flags); | |
1936 | ||
1937 | if (test_and_clear_bit(BTUSB_DOWNLOADING, &data->flags) && | |
1938 | test_bit(BTUSB_FIRMWARE_LOADED, &data->flags)) { | |
1939 | smp_mb__after_atomic(); | |
1940 | wake_up_bit(&data->flags, BTUSB_DOWNLOADING); | |
1941 | } | |
1942 | } | |
1943 | ||
cda0dd78 MH |
1944 | static int btusb_recv_event_intel(struct hci_dev *hdev, struct sk_buff *skb) |
1945 | { | |
1946 | struct btusb_data *data = hci_get_drvdata(hdev); | |
1947 | ||
1948 | if (test_bit(BTUSB_BOOTLOADER, &data->flags)) { | |
1949 | struct hci_event_hdr *hdr = (void *)skb->data; | |
1950 | ||
ccd6da2a MH |
1951 | if (skb->len > HCI_EVENT_HDR_SIZE && hdr->evt == 0xff && |
1952 | hdr->plen > 0) { | |
1953 | const void *ptr = skb->data + HCI_EVENT_HDR_SIZE + 1; | |
1954 | unsigned int len = skb->len - HCI_EVENT_HDR_SIZE - 1; | |
1955 | ||
1956 | switch (skb->data[2]) { | |
1957 | case 0x02: | |
1958 | /* When switching to the operational firmware | |
1959 | * the device sends a vendor specific event | |
1960 | * indicating that the bootup completed. | |
1961 | */ | |
1962 | btusb_intel_bootup(data, ptr, len); | |
1963 | break; | |
1964 | case 0x06: | |
1965 | /* When the firmware loading completes the | |
1966 | * device sends out a vendor specific event | |
1967 | * indicating the result of the firmware | |
1968 | * loading. | |
1969 | */ | |
1970 | btusb_intel_secure_send_result(data, ptr, len); | |
1971 | break; | |
fad70972 | 1972 | } |
cda0dd78 MH |
1973 | } |
1974 | } | |
1975 | ||
1976 | return hci_recv_frame(hdev, skb); | |
1977 | } | |
1978 | ||
1979 | static int btusb_send_frame_intel(struct hci_dev *hdev, struct sk_buff *skb) | |
1980 | { | |
1981 | struct btusb_data *data = hci_get_drvdata(hdev); | |
1982 | struct urb *urb; | |
1983 | ||
1984 | BT_DBG("%s", hdev->name); | |
1985 | ||
618e8bc2 | 1986 | switch (hci_skb_pkt_type(skb)) { |
cda0dd78 MH |
1987 | case HCI_COMMAND_PKT: |
1988 | if (test_bit(BTUSB_BOOTLOADER, &data->flags)) { | |
1989 | struct hci_command_hdr *cmd = (void *)skb->data; | |
1990 | __u16 opcode = le16_to_cpu(cmd->opcode); | |
1991 | ||
1992 | /* When in bootloader mode and the command 0xfc09 | |
1993 | * is received, it needs to be send down the | |
1994 | * bulk endpoint. So allocate a bulk URB instead. | |
1995 | */ | |
1996 | if (opcode == 0xfc09) | |
1997 | urb = alloc_bulk_urb(hdev, skb); | |
1998 | else | |
1999 | urb = alloc_ctrl_urb(hdev, skb); | |
2000 | ||
2001 | /* When the 0xfc01 command is issued to boot into | |
2002 | * the operational firmware, it will actually not | |
2003 | * send a command complete event. To keep the flow | |
2004 | * control working inject that event here. | |
2005 | */ | |
2006 | if (opcode == 0xfc01) | |
2007 | inject_cmd_complete(hdev, opcode); | |
2008 | } else { | |
2009 | urb = alloc_ctrl_urb(hdev, skb); | |
2010 | } | |
2011 | if (IS_ERR(urb)) | |
2012 | return PTR_ERR(urb); | |
2013 | ||
2014 | hdev->stat.cmd_tx++; | |
2015 | return submit_or_queue_tx_urb(hdev, urb); | |
2016 | ||
2017 | case HCI_ACLDATA_PKT: | |
2018 | urb = alloc_bulk_urb(hdev, skb); | |
2019 | if (IS_ERR(urb)) | |
2020 | return PTR_ERR(urb); | |
2021 | ||
2022 | hdev->stat.acl_tx++; | |
2023 | return submit_or_queue_tx_urb(hdev, urb); | |
2024 | ||
2025 | case HCI_SCODATA_PKT: | |
2026 | if (hci_conn_num(hdev, SCO_LINK) < 1) | |
2027 | return -ENODEV; | |
2028 | ||
2029 | urb = alloc_isoc_urb(hdev, skb); | |
2030 | if (IS_ERR(urb)) | |
2031 | return PTR_ERR(urb); | |
2032 | ||
2033 | hdev->stat.sco_tx++; | |
2034 | return submit_tx_urb(hdev, urb); | |
2035 | } | |
2036 | ||
2037 | return -EILSEQ; | |
2038 | } | |
2039 | ||
cda0dd78 MH |
2040 | static int btusb_setup_intel_new(struct hci_dev *hdev) |
2041 | { | |
2042 | static const u8 reset_param[] = { 0x00, 0x01, 0x00, 0x01, | |
2043 | 0x00, 0x08, 0x04, 0x00 }; | |
2044 | struct btusb_data *data = hci_get_drvdata(hdev); | |
2045 | struct sk_buff *skb; | |
6c483de1 | 2046 | struct intel_version ver; |
cda0dd78 MH |
2047 | struct intel_boot_params *params; |
2048 | const struct firmware *fw; | |
2049 | const u8 *fw_ptr; | |
e66890a9 | 2050 | u32 frag_len; |
cda0dd78 MH |
2051 | char fwname[64]; |
2052 | ktime_t calltime, delta, rettime; | |
2053 | unsigned long long duration; | |
2054 | int err; | |
2055 | ||
2056 | BT_DBG("%s", hdev->name); | |
2057 | ||
2058 | calltime = ktime_get(); | |
2059 | ||
2060 | /* Read the Intel version information to determine if the device | |
2061 | * is in bootloader mode or if it already has operational firmware | |
2062 | * loaded. | |
2063 | */ | |
6c483de1 LP |
2064 | err = btintel_read_version(hdev, &ver); |
2065 | if (err) | |
2066 | return err; | |
cda0dd78 MH |
2067 | |
2068 | /* The hardware platform number has a fixed value of 0x37 and | |
2069 | * for now only accept this single value. | |
2070 | */ | |
6c483de1 | 2071 | if (ver.hw_platform != 0x37) { |
cda0dd78 | 2072 | BT_ERR("%s: Unsupported Intel hardware platform (%u)", |
6c483de1 | 2073 | hdev->name, ver.hw_platform); |
cda0dd78 MH |
2074 | return -EINVAL; |
2075 | } | |
2076 | ||
9268834b THJA |
2077 | /* Check for supported iBT hardware variants of this firmware |
2078 | * loading method. | |
a0af53b5 THJA |
2079 | * |
2080 | * This check has been put in place to ensure correct forward | |
2081 | * compatibility options when newer hardware variants come along. | |
cda0dd78 | 2082 | */ |
9268834b THJA |
2083 | switch (ver.hw_variant) { |
2084 | case 0x0b: /* SfP */ | |
2085 | case 0x0c: /* WsP */ | |
86a6129a | 2086 | case 0x11: /* JfP */ |
de766142 | 2087 | case 0x12: /* ThP */ |
d6608ee5 THJA |
2088 | case 0x13: /* HrP */ |
2089 | case 0x14: /* QnJ, IcP */ | |
9268834b THJA |
2090 | break; |
2091 | default: | |
cda0dd78 | 2092 | BT_ERR("%s: Unsupported Intel hardware variant (%u)", |
6c483de1 | 2093 | hdev->name, ver.hw_variant); |
cda0dd78 MH |
2094 | return -EINVAL; |
2095 | } | |
2096 | ||
6c483de1 | 2097 | btintel_version_info(hdev, &ver); |
cda0dd78 MH |
2098 | |
2099 | /* The firmware variant determines if the device is in bootloader | |
2100 | * mode or is running operational firmware. The value 0x06 identifies | |
2101 | * the bootloader and the value 0x23 identifies the operational | |
2102 | * firmware. | |
2103 | * | |
2104 | * When the operational firmware is already present, then only | |
2105 | * the check for valid Bluetooth device address is needed. This | |
2106 | * determines if the device will be added as configured or | |
2107 | * unconfigured controller. | |
2108 | * | |
2109 | * It is not possible to use the Secure Boot Parameters in this | |
2110 | * case since that command is only available in bootloader mode. | |
2111 | */ | |
6c483de1 | 2112 | if (ver.fw_variant == 0x23) { |
cda0dd78 | 2113 | clear_bit(BTUSB_BOOTLOADER, &data->flags); |
4185a0f5 | 2114 | btintel_check_bdaddr(hdev); |
cda0dd78 MH |
2115 | return 0; |
2116 | } | |
2117 | ||
2118 | /* If the device is not in bootloader mode, then the only possible | |
2119 | * choice is to return an error and abort the device initialization. | |
2120 | */ | |
6c483de1 | 2121 | if (ver.fw_variant != 0x06) { |
cda0dd78 | 2122 | BT_ERR("%s: Unsupported Intel firmware variant (%u)", |
6c483de1 | 2123 | hdev->name, ver.fw_variant); |
cda0dd78 MH |
2124 | return -ENODEV; |
2125 | } | |
2126 | ||
cda0dd78 MH |
2127 | /* Read the secure boot parameters to identify the operating |
2128 | * details of the bootloader. | |
2129 | */ | |
2130 | skb = __hci_cmd_sync(hdev, 0xfc0d, 0, NULL, HCI_INIT_TIMEOUT); | |
2131 | if (IS_ERR(skb)) { | |
2132 | BT_ERR("%s: Reading Intel boot parameters failed (%ld)", | |
2133 | hdev->name, PTR_ERR(skb)); | |
2134 | return PTR_ERR(skb); | |
2135 | } | |
2136 | ||
2137 | if (skb->len != sizeof(*params)) { | |
2138 | BT_ERR("%s: Intel boot parameters size mismatch", hdev->name); | |
2139 | kfree_skb(skb); | |
2140 | return -EILSEQ; | |
2141 | } | |
2142 | ||
2143 | params = (struct intel_boot_params *)skb->data; | |
cda0dd78 | 2144 | |
2064ee33 MH |
2145 | bt_dev_info(hdev, "Device revision is %u", |
2146 | le16_to_cpu(params->dev_revid)); | |
cda0dd78 | 2147 | |
2064ee33 MH |
2148 | bt_dev_info(hdev, "Secure boot is %s", |
2149 | params->secure_boot ? "enabled" : "disabled"); | |
cda0dd78 | 2150 | |
2064ee33 MH |
2151 | bt_dev_info(hdev, "OTP lock is %s", |
2152 | params->otp_lock ? "enabled" : "disabled"); | |
2220994e | 2153 | |
2064ee33 MH |
2154 | bt_dev_info(hdev, "API lock is %s", |
2155 | params->api_lock ? "enabled" : "disabled"); | |
2220994e | 2156 | |
2064ee33 MH |
2157 | bt_dev_info(hdev, "Debug lock is %s", |
2158 | params->debug_lock ? "enabled" : "disabled"); | |
2220994e | 2159 | |
2064ee33 MH |
2160 | bt_dev_info(hdev, "Minimum firmware build %u week %u %u", |
2161 | params->min_fw_build_nn, params->min_fw_build_cw, | |
2162 | 2000 + params->min_fw_build_yy); | |
cda0dd78 MH |
2163 | |
2164 | /* It is required that every single firmware fragment is acknowledged | |
2165 | * with a command complete event. If the boot parameters indicate | |
2166 | * that this bootloader does not send them, then abort the setup. | |
2167 | */ | |
2168 | if (params->limited_cce != 0x00) { | |
2169 | BT_ERR("%s: Unsupported Intel firmware loading method (%u)", | |
2170 | hdev->name, params->limited_cce); | |
2171 | kfree_skb(skb); | |
2172 | return -EINVAL; | |
2173 | } | |
2174 | ||
2175 | /* If the OTP has no valid Bluetooth device address, then there will | |
2176 | * also be no valid address for the operational firmware. | |
2177 | */ | |
2178 | if (!bacmp(¶ms->otp_bdaddr, BDADDR_ANY)) { | |
2064ee33 | 2179 | bt_dev_info(hdev, "No device address configured"); |
cda0dd78 MH |
2180 | set_bit(HCI_QUIRK_INVALID_BDADDR, &hdev->quirks); |
2181 | } | |
2182 | ||
2183 | /* With this Intel bootloader only the hardware variant and device | |
af3715e5 J |
2184 | * revision information are used to select the right firmware for SfP |
2185 | * and WsP. | |
cda0dd78 | 2186 | * |
230b04ac THJA |
2187 | * The firmware filename is ibt-<hw_variant>-<dev_revid>.sfi. |
2188 | * | |
2189 | * Currently the supported hardware variants are: | |
2190 | * 11 (0x0b) for iBT3.0 (LnP/SfP) | |
2191 | * 12 (0x0c) for iBT3.5 (WsP) | |
af3715e5 J |
2192 | * |
2193 | * For ThP/JfP and for future SKU's, the FW name varies based on HW | |
2194 | * variant, HW revision and FW revision, as these are dependent on CNVi | |
2195 | * and RF Combination. | |
2196 | * | |
86a6129a THJA |
2197 | * 17 (0x11) for iBT3.5 (JfP) |
2198 | * 18 (0x12) for iBT3.5 (ThP) | |
af3715e5 J |
2199 | * |
2200 | * The firmware file name for these will be | |
2201 | * ibt-<hw_variant>-<hw_revision>-<fw_revision>.sfi. | |
2202 | * | |
cda0dd78 | 2203 | */ |
af3715e5 J |
2204 | switch (ver.hw_variant) { |
2205 | case 0x0b: /* SfP */ | |
2206 | case 0x0c: /* WsP */ | |
2207 | snprintf(fwname, sizeof(fwname), "intel/ibt-%u-%u.sfi", | |
2208 | le16_to_cpu(ver.hw_variant), | |
2209 | le16_to_cpu(params->dev_revid)); | |
2210 | break; | |
2211 | case 0x11: /* JfP */ | |
2212 | case 0x12: /* ThP */ | |
d6608ee5 THJA |
2213 | case 0x13: /* HrP */ |
2214 | case 0x14: /* QnJ, IcP */ | |
af3715e5 J |
2215 | snprintf(fwname, sizeof(fwname), "intel/ibt-%u-%u-%u.sfi", |
2216 | le16_to_cpu(ver.hw_variant), | |
2217 | le16_to_cpu(ver.hw_revision), | |
2218 | le16_to_cpu(ver.fw_revision)); | |
2219 | break; | |
2220 | default: | |
2221 | BT_ERR("%s: Unsupported Intel firmware naming", hdev->name); | |
2222 | return -EINVAL; | |
2223 | } | |
cda0dd78 MH |
2224 | |
2225 | err = request_firmware(&fw, fwname, &hdev->dev); | |
2226 | if (err < 0) { | |
2227 | BT_ERR("%s: Failed to load Intel firmware file (%d)", | |
2228 | hdev->name, err); | |
2229 | kfree_skb(skb); | |
2230 | return err; | |
2231 | } | |
2232 | ||
2064ee33 | 2233 | bt_dev_info(hdev, "Found device firmware: %s", fwname); |
cda0dd78 | 2234 | |
52cc9168 THJA |
2235 | /* Save the DDC file name for later use to apply once the firmware |
2236 | * downloading is done. | |
2237 | */ | |
af3715e5 J |
2238 | switch (ver.hw_variant) { |
2239 | case 0x0b: /* SfP */ | |
2240 | case 0x0c: /* WsP */ | |
2241 | snprintf(fwname, sizeof(fwname), "intel/ibt-%u-%u.ddc", | |
2242 | le16_to_cpu(ver.hw_variant), | |
2243 | le16_to_cpu(params->dev_revid)); | |
2244 | break; | |
2245 | case 0x11: /* JfP */ | |
2246 | case 0x12: /* ThP */ | |
d6608ee5 THJA |
2247 | case 0x13: /* HrP */ |
2248 | case 0x14: /* QnJ, IcP */ | |
af3715e5 J |
2249 | snprintf(fwname, sizeof(fwname), "intel/ibt-%u-%u-%u.ddc", |
2250 | le16_to_cpu(ver.hw_variant), | |
2251 | le16_to_cpu(ver.hw_revision), | |
2252 | le16_to_cpu(ver.fw_revision)); | |
2253 | break; | |
2254 | default: | |
2255 | BT_ERR("%s: Unsupported Intel firmware naming", hdev->name); | |
2256 | return -EINVAL; | |
2257 | } | |
52cc9168 | 2258 | |
cda0dd78 MH |
2259 | kfree_skb(skb); |
2260 | ||
2261 | if (fw->size < 644) { | |
2262 | BT_ERR("%s: Invalid size of firmware file (%zu)", | |
2263 | hdev->name, fw->size); | |
2264 | err = -EBADF; | |
2265 | goto done; | |
2266 | } | |
2267 | ||
2268 | set_bit(BTUSB_DOWNLOADING, &data->flags); | |
2269 | ||
2270 | /* Start the firmware download transaction with the Init fragment | |
2271 | * represented by the 128 bytes of CSS header. | |
2272 | */ | |
09df123d | 2273 | err = btintel_secure_send(hdev, 0x00, 128, fw->data); |
cda0dd78 MH |
2274 | if (err < 0) { |
2275 | BT_ERR("%s: Failed to send firmware header (%d)", | |
2276 | hdev->name, err); | |
2277 | goto done; | |
2278 | } | |
2279 | ||
2280 | /* Send the 256 bytes of public key information from the firmware | |
2281 | * as the PKey fragment. | |
2282 | */ | |
09df123d | 2283 | err = btintel_secure_send(hdev, 0x03, 256, fw->data + 128); |
cda0dd78 MH |
2284 | if (err < 0) { |
2285 | BT_ERR("%s: Failed to send firmware public key (%d)", | |
2286 | hdev->name, err); | |
2287 | goto done; | |
2288 | } | |
2289 | ||
2290 | /* Send the 256 bytes of signature information from the firmware | |
2291 | * as the Sign fragment. | |
2292 | */ | |
09df123d | 2293 | err = btintel_secure_send(hdev, 0x02, 256, fw->data + 388); |
cda0dd78 MH |
2294 | if (err < 0) { |
2295 | BT_ERR("%s: Failed to send firmware signature (%d)", | |
2296 | hdev->name, err); | |
2297 | goto done; | |
2298 | } | |
2299 | ||
2300 | fw_ptr = fw->data + 644; | |
e66890a9 | 2301 | frag_len = 0; |
cda0dd78 MH |
2302 | |
2303 | while (fw_ptr - fw->data < fw->size) { | |
e66890a9 | 2304 | struct hci_command_hdr *cmd = (void *)(fw_ptr + frag_len); |
cda0dd78 | 2305 | |
e66890a9 | 2306 | frag_len += sizeof(*cmd) + cmd->plen; |
cda0dd78 | 2307 | |
5075edae | 2308 | /* The parameter length of the secure send command requires |
e66890a9 MH |
2309 | * a 4 byte alignment. It happens so that the firmware file |
2310 | * contains proper Intel_NOP commands to align the fragments | |
2311 | * as needed. | |
2312 | * | |
2313 | * Send set of commands with 4 byte alignment from the | |
2314 | * firmware data buffer as a single Data fragement. | |
cda0dd78 | 2315 | */ |
e66890a9 | 2316 | if (!(frag_len % 4)) { |
09df123d | 2317 | err = btintel_secure_send(hdev, 0x01, frag_len, fw_ptr); |
e66890a9 MH |
2318 | if (err < 0) { |
2319 | BT_ERR("%s: Failed to send firmware data (%d)", | |
2320 | hdev->name, err); | |
2321 | goto done; | |
2322 | } | |
cda0dd78 | 2323 | |
e66890a9 MH |
2324 | fw_ptr += frag_len; |
2325 | frag_len = 0; | |
2326 | } | |
cda0dd78 MH |
2327 | } |
2328 | ||
ce6bb929 MH |
2329 | set_bit(BTUSB_FIRMWARE_LOADED, &data->flags); |
2330 | ||
2064ee33 | 2331 | bt_dev_info(hdev, "Waiting for firmware download to complete"); |
a087a98e | 2332 | |
cda0dd78 MH |
2333 | /* Before switching the device into operational mode and with that |
2334 | * booting the loaded firmware, wait for the bootloader notification | |
2335 | * that all fragments have been successfully received. | |
2336 | * | |
a087a98e JH |
2337 | * When the event processing receives the notification, then the |
2338 | * BTUSB_DOWNLOADING flag will be cleared. | |
2339 | * | |
2340 | * The firmware loading should not take longer than 5 seconds | |
2341 | * and thus just timeout if that happens and fail the setup | |
2342 | * of this device. | |
cda0dd78 | 2343 | */ |
129a7693 JH |
2344 | err = wait_on_bit_timeout(&data->flags, BTUSB_DOWNLOADING, |
2345 | TASK_INTERRUPTIBLE, | |
2346 | msecs_to_jiffies(5000)); | |
f0a70a04 | 2347 | if (err == -EINTR) { |
a087a98e | 2348 | BT_ERR("%s: Firmware loading interrupted", hdev->name); |
a087a98e JH |
2349 | goto done; |
2350 | } | |
cda0dd78 | 2351 | |
a087a98e JH |
2352 | if (err) { |
2353 | BT_ERR("%s: Firmware loading timeout", hdev->name); | |
2354 | err = -ETIMEDOUT; | |
2355 | goto done; | |
cda0dd78 MH |
2356 | } |
2357 | ||
2358 | if (test_bit(BTUSB_FIRMWARE_FAILED, &data->flags)) { | |
2359 | BT_ERR("%s: Firmware loading failed", hdev->name); | |
2360 | err = -ENOEXEC; | |
2361 | goto done; | |
2362 | } | |
2363 | ||
2364 | rettime = ktime_get(); | |
2365 | delta = ktime_sub(rettime, calltime); | |
2366 | duration = (unsigned long long) ktime_to_ns(delta) >> 10; | |
2367 | ||
2064ee33 | 2368 | bt_dev_info(hdev, "Firmware loaded in %llu usecs", duration); |
cda0dd78 MH |
2369 | |
2370 | done: | |
2371 | release_firmware(fw); | |
2372 | ||
2373 | if (err < 0) | |
2374 | return err; | |
2375 | ||
2376 | calltime = ktime_get(); | |
2377 | ||
2378 | set_bit(BTUSB_BOOTING, &data->flags); | |
2379 | ||
2380 | skb = __hci_cmd_sync(hdev, 0xfc01, sizeof(reset_param), reset_param, | |
2381 | HCI_INIT_TIMEOUT); | |
2382 | if (IS_ERR(skb)) | |
2383 | return PTR_ERR(skb); | |
2384 | ||
2385 | kfree_skb(skb); | |
2386 | ||
2387 | /* The bootloader will not indicate when the device is ready. This | |
2388 | * is done by the operational firmware sending bootup notification. | |
fad70972 JH |
2389 | * |
2390 | * Booting into operational firmware should not take longer than | |
2391 | * 1 second. However if that happens, then just fail the setup | |
2392 | * since something went wrong. | |
cda0dd78 | 2393 | */ |
2064ee33 | 2394 | bt_dev_info(hdev, "Waiting for device to boot"); |
cda0dd78 | 2395 | |
129a7693 JH |
2396 | err = wait_on_bit_timeout(&data->flags, BTUSB_BOOTING, |
2397 | TASK_INTERRUPTIBLE, | |
2398 | msecs_to_jiffies(1000)); | |
cda0dd78 | 2399 | |
f0a70a04 | 2400 | if (err == -EINTR) { |
fad70972 JH |
2401 | BT_ERR("%s: Device boot interrupted", hdev->name); |
2402 | return -EINTR; | |
2403 | } | |
cda0dd78 | 2404 | |
fad70972 JH |
2405 | if (err) { |
2406 | BT_ERR("%s: Device boot timeout", hdev->name); | |
2407 | return -ETIMEDOUT; | |
cda0dd78 MH |
2408 | } |
2409 | ||
2410 | rettime = ktime_get(); | |
2411 | delta = ktime_sub(rettime, calltime); | |
2412 | duration = (unsigned long long) ktime_to_ns(delta) >> 10; | |
2413 | ||
2064ee33 | 2414 | bt_dev_info(hdev, "Device booted in %llu usecs", duration); |
cda0dd78 MH |
2415 | |
2416 | clear_bit(BTUSB_BOOTLOADER, &data->flags); | |
2417 | ||
52cc9168 THJA |
2418 | /* Once the device is running in operational mode, it needs to apply |
2419 | * the device configuration (DDC) parameters. | |
2420 | * | |
2421 | * The device can work without DDC parameters, so even if it fails | |
2422 | * to load the file, no need to fail the setup. | |
2423 | */ | |
e924d3d6 | 2424 | btintel_load_ddc_config(hdev, fwname); |
52cc9168 | 2425 | |
213445b2 MH |
2426 | /* Set the event mask for Intel specific vendor events. This enables |
2427 | * a few extra events that are useful during general operation. It | |
2428 | * does not enable any debugging related events. | |
2429 | * | |
2430 | * The device will function correctly without these events enabled | |
2431 | * and thus no need to fail the setup. | |
2432 | */ | |
2433 | btintel_set_event_mask(hdev, false); | |
2434 | ||
cda0dd78 MH |
2435 | return 0; |
2436 | } | |
2437 | ||
bfbd45e9 THJA |
2438 | static int btusb_shutdown_intel(struct hci_dev *hdev) |
2439 | { | |
2440 | struct sk_buff *skb; | |
2441 | long ret; | |
2442 | ||
2443 | /* Some platforms have an issue with BT LED when the interface is | |
2444 | * down or BT radio is turned off, which takes 5 seconds to BT LED | |
2445 | * goes off. This command turns off the BT LED immediately. | |
2446 | */ | |
2447 | skb = __hci_cmd_sync(hdev, 0xfc3f, 0, NULL, HCI_INIT_TIMEOUT); | |
2448 | if (IS_ERR(skb)) { | |
2449 | ret = PTR_ERR(skb); | |
2450 | BT_ERR("%s: turning off Intel device LED failed (%ld)", | |
2451 | hdev->name, ret); | |
2452 | return ret; | |
2453 | } | |
2454 | kfree_skb(skb); | |
2455 | ||
2456 | return 0; | |
2457 | } | |
2458 | ||
a4ccc9e3 RJ |
2459 | #ifdef CONFIG_PM |
2460 | /* Configure an out-of-band gpio as wake-up pin, if specified in device tree */ | |
2461 | static int marvell_config_oob_wake(struct hci_dev *hdev) | |
2462 | { | |
2463 | struct sk_buff *skb; | |
2464 | struct btusb_data *data = hci_get_drvdata(hdev); | |
2465 | struct device *dev = &data->udev->dev; | |
2466 | u16 pin, gap, opcode; | |
2467 | int ret; | |
2468 | u8 cmd[5]; | |
2469 | ||
2470 | /* Move on if no wakeup pin specified */ | |
2471 | if (of_property_read_u16(dev->of_node, "marvell,wakeup-pin", &pin) || | |
2472 | of_property_read_u16(dev->of_node, "marvell,wakeup-gap-ms", &gap)) | |
2473 | return 0; | |
2474 | ||
2475 | /* Vendor specific command to configure a GPIO as wake-up pin */ | |
2476 | opcode = hci_opcode_pack(0x3F, 0x59); | |
2477 | cmd[0] = opcode & 0xFF; | |
2478 | cmd[1] = opcode >> 8; | |
2479 | cmd[2] = 2; /* length of parameters that follow */ | |
2480 | cmd[3] = pin; | |
2481 | cmd[4] = gap; /* time in ms, for which wakeup pin should be asserted */ | |
2482 | ||
2483 | skb = bt_skb_alloc(sizeof(cmd), GFP_KERNEL); | |
2484 | if (!skb) { | |
2485 | bt_dev_err(hdev, "%s: No memory\n", __func__); | |
2486 | return -ENOMEM; | |
2487 | } | |
2488 | ||
59ae1d12 | 2489 | skb_put_data(skb, cmd, sizeof(cmd)); |
a4ccc9e3 RJ |
2490 | hci_skb_pkt_type(skb) = HCI_COMMAND_PKT; |
2491 | ||
2492 | ret = btusb_send_frame(hdev, skb); | |
2493 | if (ret) { | |
2494 | bt_dev_err(hdev, "%s: configuration failed\n", __func__); | |
2495 | kfree_skb(skb); | |
2496 | return ret; | |
2497 | } | |
2498 | ||
2499 | return 0; | |
2500 | } | |
2501 | #endif | |
2502 | ||
ae8df494 AK |
2503 | static int btusb_set_bdaddr_marvell(struct hci_dev *hdev, |
2504 | const bdaddr_t *bdaddr) | |
2505 | { | |
2506 | struct sk_buff *skb; | |
2507 | u8 buf[8]; | |
2508 | long ret; | |
2509 | ||
2510 | buf[0] = 0xfe; | |
2511 | buf[1] = sizeof(bdaddr_t); | |
2512 | memcpy(buf + 2, bdaddr, sizeof(bdaddr_t)); | |
2513 | ||
2514 | skb = __hci_cmd_sync(hdev, 0xfc22, sizeof(buf), buf, HCI_INIT_TIMEOUT); | |
2515 | if (IS_ERR(skb)) { | |
2516 | ret = PTR_ERR(skb); | |
2064ee33 MH |
2517 | bt_dev_err(hdev, "changing Marvell device address failed (%ld)", |
2518 | ret); | |
ae8df494 AK |
2519 | return ret; |
2520 | } | |
2521 | kfree_skb(skb); | |
2522 | ||
2523 | return 0; | |
2524 | } | |
2525 | ||
84845ceb WJS |
2526 | #define BTUSB_EDGE_LED_COMMAND 0xfc77 |
2527 | ||
2528 | static void btusb_edge_set_led(struct hci_dev *hdev, bool state) | |
2529 | { | |
2530 | struct sk_buff *skb; | |
2531 | u8 config_led[] = { 0x09, 0x00, 0x01, 0x01 }; | |
2532 | ||
2533 | if (state) | |
2534 | config_led[1] = 0x01; | |
2535 | ||
2536 | skb = __hci_cmd_sync(hdev, BTUSB_EDGE_LED_COMMAND, sizeof(config_led), config_led, HCI_INIT_TIMEOUT); | |
2537 | if (IS_ERR(skb)) | |
2538 | BT_ERR("%s fail to set LED (%ld)", hdev->name, PTR_ERR(skb)); | |
2539 | else | |
2540 | kfree_skb(skb); | |
2541 | } | |
2542 | ||
2543 | static int btusb_edge_post_init(struct hci_dev *hdev) | |
2544 | { | |
2545 | btusb_edge_set_led(hdev, true); | |
2546 | return 0; | |
2547 | } | |
2548 | ||
2549 | static int btusb_edge_shutdown(struct hci_dev *hdev) | |
2550 | { | |
2551 | btusb_edge_set_led(hdev, false); | |
2552 | return 0; | |
2553 | } | |
2554 | ||
5859223e TK |
2555 | static int btusb_set_bdaddr_ath3012(struct hci_dev *hdev, |
2556 | const bdaddr_t *bdaddr) | |
2557 | { | |
2558 | struct sk_buff *skb; | |
2559 | u8 buf[10]; | |
2560 | long ret; | |
2561 | ||
2562 | buf[0] = 0x01; | |
2563 | buf[1] = 0x01; | |
2564 | buf[2] = 0x00; | |
2565 | buf[3] = sizeof(bdaddr_t); | |
2566 | memcpy(buf + 4, bdaddr, sizeof(bdaddr_t)); | |
2567 | ||
2568 | skb = __hci_cmd_sync(hdev, 0xfc0b, sizeof(buf), buf, HCI_INIT_TIMEOUT); | |
2569 | if (IS_ERR(skb)) { | |
2570 | ret = PTR_ERR(skb); | |
2064ee33 | 2571 | bt_dev_err(hdev, "Change address command failed (%ld)", ret); |
5859223e TK |
2572 | return ret; |
2573 | } | |
2574 | kfree_skb(skb); | |
2575 | ||
2576 | return 0; | |
2577 | } | |
2578 | ||
3267c884 KBYT |
2579 | #define QCA_DFU_PACKET_LEN 4096 |
2580 | ||
2581 | #define QCA_GET_TARGET_VERSION 0x09 | |
2582 | #define QCA_CHECK_STATUS 0x05 | |
2583 | #define QCA_DFU_DOWNLOAD 0x01 | |
2584 | ||
2585 | #define QCA_SYSCFG_UPDATED 0x40 | |
2586 | #define QCA_PATCH_UPDATED 0x80 | |
2587 | #define QCA_DFU_TIMEOUT 3000 | |
2588 | ||
2589 | struct qca_version { | |
2590 | __le32 rom_version; | |
2591 | __le32 patch_version; | |
2592 | __le32 ram_version; | |
2593 | __le32 ref_clock; | |
2594 | __u8 reserved[4]; | |
2595 | } __packed; | |
2596 | ||
2597 | struct qca_rampatch_version { | |
2598 | __le16 rom_version; | |
2599 | __le16 patch_version; | |
2600 | } __packed; | |
2601 | ||
2602 | struct qca_device_info { | |
bf906b3d KBYT |
2603 | u32 rom_version; |
2604 | u8 rampatch_hdr; /* length of header in rampatch */ | |
2605 | u8 nvm_hdr; /* length of header in NVM */ | |
2606 | u8 ver_offset; /* offset of version structure in rampatch */ | |
3267c884 KBYT |
2607 | }; |
2608 | ||
2609 | static const struct qca_device_info qca_devices_table[] = { | |
2610 | { 0x00000100, 20, 4, 10 }, /* Rome 1.0 */ | |
2611 | { 0x00000101, 20, 4, 10 }, /* Rome 1.1 */ | |
7f6e6363 | 2612 | { 0x00000200, 28, 4, 18 }, /* Rome 2.0 */ |
3267c884 KBYT |
2613 | { 0x00000201, 28, 4, 18 }, /* Rome 2.1 */ |
2614 | { 0x00000300, 28, 4, 18 }, /* Rome 3.0 */ | |
2615 | { 0x00000302, 28, 4, 18 }, /* Rome 3.2 */ | |
2616 | }; | |
2617 | ||
e68fc8b7 | 2618 | static int btusb_qca_send_vendor_req(struct usb_device *udev, u8 request, |
3267c884 KBYT |
2619 | void *data, u16 size) |
2620 | { | |
3267c884 KBYT |
2621 | int pipe, err; |
2622 | u8 *buf; | |
2623 | ||
2624 | buf = kmalloc(size, GFP_KERNEL); | |
2625 | if (!buf) | |
2626 | return -ENOMEM; | |
2627 | ||
2628 | /* Found some of USB hosts have IOT issues with ours so that we should | |
2629 | * not wait until HCI layer is ready. | |
2630 | */ | |
2631 | pipe = usb_rcvctrlpipe(udev, 0); | |
2632 | err = usb_control_msg(udev, pipe, request, USB_TYPE_VENDOR | USB_DIR_IN, | |
2633 | 0, 0, buf, size, USB_CTRL_SET_TIMEOUT); | |
2634 | if (err < 0) { | |
e68fc8b7 | 2635 | dev_err(&udev->dev, "Failed to access otp area (%d)", err); |
3267c884 KBYT |
2636 | goto done; |
2637 | } | |
2638 | ||
2639 | memcpy(data, buf, size); | |
2640 | ||
2641 | done: | |
2642 | kfree(buf); | |
2643 | ||
2644 | return err; | |
2645 | } | |
2646 | ||
2647 | static int btusb_setup_qca_download_fw(struct hci_dev *hdev, | |
2648 | const struct firmware *firmware, | |
2649 | size_t hdr_size) | |
2650 | { | |
2651 | struct btusb_data *btdata = hci_get_drvdata(hdev); | |
2652 | struct usb_device *udev = btdata->udev; | |
2653 | size_t count, size, sent = 0; | |
2654 | int pipe, len, err; | |
2655 | u8 *buf; | |
2656 | ||
2657 | buf = kmalloc(QCA_DFU_PACKET_LEN, GFP_KERNEL); | |
2658 | if (!buf) | |
2659 | return -ENOMEM; | |
2660 | ||
2661 | count = firmware->size; | |
2662 | ||
2663 | size = min_t(size_t, count, hdr_size); | |
2664 | memcpy(buf, firmware->data, size); | |
2665 | ||
2666 | /* USB patches should go down to controller through USB path | |
2667 | * because binary format fits to go down through USB channel. | |
2668 | * USB control path is for patching headers and USB bulk is for | |
2669 | * patch body. | |
2670 | */ | |
2671 | pipe = usb_sndctrlpipe(udev, 0); | |
2672 | err = usb_control_msg(udev, pipe, QCA_DFU_DOWNLOAD, USB_TYPE_VENDOR, | |
2673 | 0, 0, buf, size, USB_CTRL_SET_TIMEOUT); | |
2674 | if (err < 0) { | |
2064ee33 | 2675 | bt_dev_err(hdev, "Failed to send headers (%d)", err); |
3267c884 KBYT |
2676 | goto done; |
2677 | } | |
2678 | ||
2679 | sent += size; | |
2680 | count -= size; | |
2681 | ||
2682 | while (count) { | |
2683 | size = min_t(size_t, count, QCA_DFU_PACKET_LEN); | |
2684 | ||
2685 | memcpy(buf, firmware->data + sent, size); | |
2686 | ||
2687 | pipe = usb_sndbulkpipe(udev, 0x02); | |
2688 | err = usb_bulk_msg(udev, pipe, buf, size, &len, | |
2689 | QCA_DFU_TIMEOUT); | |
2690 | if (err < 0) { | |
2064ee33 MH |
2691 | bt_dev_err(hdev, "Failed to send body at %zd of %zd (%d)", |
2692 | sent, firmware->size, err); | |
3267c884 KBYT |
2693 | break; |
2694 | } | |
2695 | ||
2696 | if (size != len) { | |
2064ee33 | 2697 | bt_dev_err(hdev, "Failed to get bulk buffer"); |
3267c884 KBYT |
2698 | err = -EILSEQ; |
2699 | break; | |
2700 | } | |
2701 | ||
2702 | sent += size; | |
2703 | count -= size; | |
2704 | } | |
2705 | ||
2706 | done: | |
2707 | kfree(buf); | |
2708 | return err; | |
2709 | } | |
2710 | ||
2711 | static int btusb_setup_qca_load_rampatch(struct hci_dev *hdev, | |
2712 | struct qca_version *ver, | |
2713 | const struct qca_device_info *info) | |
2714 | { | |
2715 | struct qca_rampatch_version *rver; | |
2716 | const struct firmware *fw; | |
bf906b3d KBYT |
2717 | u32 ver_rom, ver_patch; |
2718 | u16 rver_rom, rver_patch; | |
3267c884 KBYT |
2719 | char fwname[64]; |
2720 | int err; | |
2721 | ||
bf906b3d KBYT |
2722 | ver_rom = le32_to_cpu(ver->rom_version); |
2723 | ver_patch = le32_to_cpu(ver->patch_version); | |
2724 | ||
2725 | snprintf(fwname, sizeof(fwname), "qca/rampatch_usb_%08x.bin", ver_rom); | |
3267c884 KBYT |
2726 | |
2727 | err = request_firmware(&fw, fwname, &hdev->dev); | |
2728 | if (err) { | |
2064ee33 MH |
2729 | bt_dev_err(hdev, "failed to request rampatch file: %s (%d)", |
2730 | fwname, err); | |
3267c884 KBYT |
2731 | return err; |
2732 | } | |
2733 | ||
2064ee33 | 2734 | bt_dev_info(hdev, "using rampatch file: %s", fwname); |
bf906b3d | 2735 | |
3267c884 | 2736 | rver = (struct qca_rampatch_version *)(fw->data + info->ver_offset); |
bf906b3d KBYT |
2737 | rver_rom = le16_to_cpu(rver->rom_version); |
2738 | rver_patch = le16_to_cpu(rver->patch_version); | |
2739 | ||
2064ee33 MH |
2740 | bt_dev_info(hdev, "QCA: patch rome 0x%x build 0x%x, " |
2741 | "firmware rome 0x%x build 0x%x", | |
2742 | rver_rom, rver_patch, ver_rom, ver_patch); | |
3267c884 | 2743 | |
bf906b3d | 2744 | if (rver_rom != ver_rom || rver_patch <= ver_patch) { |
2064ee33 | 2745 | bt_dev_err(hdev, "rampatch file version did not match with firmware"); |
3267c884 KBYT |
2746 | err = -EINVAL; |
2747 | goto done; | |
2748 | } | |
2749 | ||
2750 | err = btusb_setup_qca_download_fw(hdev, fw, info->rampatch_hdr); | |
2751 | ||
2752 | done: | |
2753 | release_firmware(fw); | |
2754 | ||
2755 | return err; | |
2756 | } | |
2757 | ||
2758 | static int btusb_setup_qca_load_nvm(struct hci_dev *hdev, | |
2759 | struct qca_version *ver, | |
2760 | const struct qca_device_info *info) | |
2761 | { | |
2762 | const struct firmware *fw; | |
2763 | char fwname[64]; | |
2764 | int err; | |
2765 | ||
2766 | snprintf(fwname, sizeof(fwname), "qca/nvm_usb_%08x.bin", | |
2767 | le32_to_cpu(ver->rom_version)); | |
2768 | ||
2769 | err = request_firmware(&fw, fwname, &hdev->dev); | |
2770 | if (err) { | |
2064ee33 MH |
2771 | bt_dev_err(hdev, "failed to request NVM file: %s (%d)", |
2772 | fwname, err); | |
3267c884 KBYT |
2773 | return err; |
2774 | } | |
2775 | ||
2064ee33 | 2776 | bt_dev_info(hdev, "using NVM file: %s", fwname); |
3267c884 KBYT |
2777 | |
2778 | err = btusb_setup_qca_download_fw(hdev, fw, info->nvm_hdr); | |
2779 | ||
2780 | release_firmware(fw); | |
2781 | ||
2782 | return err; | |
2783 | } | |
2784 | ||
e68fc8b7 TI |
2785 | /* identify the ROM version and check whether patches are needed */ |
2786 | static bool btusb_qca_need_patch(struct usb_device *udev) | |
2787 | { | |
2788 | struct qca_version ver; | |
2789 | ||
2790 | if (btusb_qca_send_vendor_req(udev, QCA_GET_TARGET_VERSION, &ver, | |
2791 | sizeof(ver)) < 0) | |
2792 | return false; | |
2793 | /* only low ROM versions need patches */ | |
2794 | return !(le32_to_cpu(ver.rom_version) & ~0xffffU); | |
2795 | } | |
2796 | ||
3267c884 KBYT |
2797 | static int btusb_setup_qca(struct hci_dev *hdev) |
2798 | { | |
e68fc8b7 TI |
2799 | struct btusb_data *btdata = hci_get_drvdata(hdev); |
2800 | struct usb_device *udev = btdata->udev; | |
3267c884 KBYT |
2801 | const struct qca_device_info *info = NULL; |
2802 | struct qca_version ver; | |
bf906b3d | 2803 | u32 ver_rom; |
3267c884 KBYT |
2804 | u8 status; |
2805 | int i, err; | |
2806 | ||
e68fc8b7 | 2807 | err = btusb_qca_send_vendor_req(udev, QCA_GET_TARGET_VERSION, &ver, |
eb50042f | 2808 | sizeof(ver)); |
3267c884 KBYT |
2809 | if (err < 0) |
2810 | return err; | |
2811 | ||
bf906b3d | 2812 | ver_rom = le32_to_cpu(ver.rom_version); |
e68fc8b7 TI |
2813 | /* Don't care about high ROM versions */ |
2814 | if (ver_rom & ~0xffffU) | |
2815 | return 0; | |
2816 | ||
3267c884 | 2817 | for (i = 0; i < ARRAY_SIZE(qca_devices_table); i++) { |
bf906b3d | 2818 | if (ver_rom == qca_devices_table[i].rom_version) |
3267c884 KBYT |
2819 | info = &qca_devices_table[i]; |
2820 | } | |
2821 | if (!info) { | |
2064ee33 | 2822 | bt_dev_err(hdev, "don't support firmware rome 0x%x", ver_rom); |
3267c884 KBYT |
2823 | return -ENODEV; |
2824 | } | |
2825 | ||
e68fc8b7 | 2826 | err = btusb_qca_send_vendor_req(udev, QCA_CHECK_STATUS, &status, |
3267c884 KBYT |
2827 | sizeof(status)); |
2828 | if (err < 0) | |
2829 | return err; | |
2830 | ||
2831 | if (!(status & QCA_PATCH_UPDATED)) { | |
2832 | err = btusb_setup_qca_load_rampatch(hdev, &ver, info); | |
2833 | if (err < 0) | |
2834 | return err; | |
2835 | } | |
2836 | ||
2837 | if (!(status & QCA_SYSCFG_UPDATED)) { | |
2838 | err = btusb_setup_qca_load_nvm(hdev, &ver, info); | |
2839 | if (err < 0) | |
2840 | return err; | |
2841 | } | |
2842 | ||
2843 | return 0; | |
2844 | } | |
2845 | ||
9d08f504 MH |
2846 | #ifdef CONFIG_BT_HCIBTUSB_BCM |
2847 | static inline int __set_diag_interface(struct hci_dev *hdev) | |
2848 | { | |
2849 | struct btusb_data *data = hci_get_drvdata(hdev); | |
2850 | struct usb_interface *intf = data->diag; | |
2851 | int i; | |
2852 | ||
2853 | if (!data->diag) | |
2854 | return -ENODEV; | |
2855 | ||
2856 | data->diag_tx_ep = NULL; | |
2857 | data->diag_rx_ep = NULL; | |
2858 | ||
2859 | for (i = 0; i < intf->cur_altsetting->desc.bNumEndpoints; i++) { | |
2860 | struct usb_endpoint_descriptor *ep_desc; | |
2861 | ||
2862 | ep_desc = &intf->cur_altsetting->endpoint[i].desc; | |
2863 | ||
2864 | if (!data->diag_tx_ep && usb_endpoint_is_bulk_out(ep_desc)) { | |
2865 | data->diag_tx_ep = ep_desc; | |
2866 | continue; | |
2867 | } | |
2868 | ||
2869 | if (!data->diag_rx_ep && usb_endpoint_is_bulk_in(ep_desc)) { | |
2870 | data->diag_rx_ep = ep_desc; | |
2871 | continue; | |
2872 | } | |
2873 | } | |
2874 | ||
2875 | if (!data->diag_tx_ep || !data->diag_rx_ep) { | |
2064ee33 | 2876 | bt_dev_err(hdev, "invalid diagnostic descriptors"); |
9d08f504 MH |
2877 | return -ENODEV; |
2878 | } | |
2879 | ||
2880 | return 0; | |
2881 | } | |
2882 | ||
2883 | static struct urb *alloc_diag_urb(struct hci_dev *hdev, bool enable) | |
2884 | { | |
2885 | struct btusb_data *data = hci_get_drvdata(hdev); | |
2886 | struct sk_buff *skb; | |
2887 | struct urb *urb; | |
2888 | unsigned int pipe; | |
2889 | ||
2890 | if (!data->diag_tx_ep) | |
2891 | return ERR_PTR(-ENODEV); | |
2892 | ||
2893 | urb = usb_alloc_urb(0, GFP_KERNEL); | |
2894 | if (!urb) | |
2895 | return ERR_PTR(-ENOMEM); | |
2896 | ||
2897 | skb = bt_skb_alloc(2, GFP_KERNEL); | |
2898 | if (!skb) { | |
2899 | usb_free_urb(urb); | |
2900 | return ERR_PTR(-ENOMEM); | |
2901 | } | |
2902 | ||
634fef61 JB |
2903 | skb_put_u8(skb, 0xf0); |
2904 | skb_put_u8(skb, enable); | |
9d08f504 MH |
2905 | |
2906 | pipe = usb_sndbulkpipe(data->udev, data->diag_tx_ep->bEndpointAddress); | |
2907 | ||
2908 | usb_fill_bulk_urb(urb, data->udev, pipe, | |
2909 | skb->data, skb->len, btusb_tx_complete, skb); | |
2910 | ||
2911 | skb->dev = (void *)hdev; | |
2912 | ||
2913 | return urb; | |
2914 | } | |
2915 | ||
2916 | static int btusb_bcm_set_diag(struct hci_dev *hdev, bool enable) | |
2917 | { | |
2918 | struct btusb_data *data = hci_get_drvdata(hdev); | |
2919 | struct urb *urb; | |
2920 | ||
2921 | if (!data->diag) | |
2922 | return -ENODEV; | |
2923 | ||
2924 | if (!test_bit(HCI_RUNNING, &hdev->flags)) | |
2925 | return -ENETDOWN; | |
2926 | ||
2927 | urb = alloc_diag_urb(hdev, enable); | |
2928 | if (IS_ERR(urb)) | |
2929 | return PTR_ERR(urb); | |
2930 | ||
2931 | return submit_or_queue_tx_urb(hdev, urb); | |
2932 | } | |
2933 | #endif | |
2934 | ||
fd913ef7 RJ |
2935 | #ifdef CONFIG_PM |
2936 | static irqreturn_t btusb_oob_wake_handler(int irq, void *priv) | |
2937 | { | |
2938 | struct btusb_data *data = priv; | |
2939 | ||
2940 | pm_wakeup_event(&data->udev->dev, 0); | |
017789f3 | 2941 | pm_system_wakeup(); |
fd913ef7 RJ |
2942 | |
2943 | /* Disable only if not already disabled (keep it balanced) */ | |
2944 | if (test_and_clear_bit(BTUSB_OOB_WAKE_ENABLED, &data->flags)) { | |
2945 | disable_irq_nosync(irq); | |
2946 | disable_irq_wake(irq); | |
2947 | } | |
2948 | return IRQ_HANDLED; | |
2949 | } | |
2950 | ||
2951 | static const struct of_device_id btusb_match_table[] = { | |
2952 | { .compatible = "usb1286,204e" }, | |
2953 | { } | |
2954 | }; | |
2955 | MODULE_DEVICE_TABLE(of, btusb_match_table); | |
2956 | ||
2957 | /* Use an oob wakeup pin? */ | |
2958 | static int btusb_config_oob_wake(struct hci_dev *hdev) | |
2959 | { | |
2960 | struct btusb_data *data = hci_get_drvdata(hdev); | |
2961 | struct device *dev = &data->udev->dev; | |
2962 | int irq, ret; | |
2963 | ||
2964 | clear_bit(BTUSB_OOB_WAKE_ENABLED, &data->flags); | |
2965 | ||
2966 | if (!of_match_device(btusb_match_table, dev)) | |
2967 | return 0; | |
2968 | ||
2969 | /* Move on if no IRQ specified */ | |
2970 | irq = of_irq_get_byname(dev->of_node, "wakeup"); | |
2971 | if (irq <= 0) { | |
2972 | bt_dev_dbg(hdev, "%s: no OOB Wakeup IRQ in DT", __func__); | |
2973 | return 0; | |
2974 | } | |
2975 | ||
2976 | ret = devm_request_irq(&hdev->dev, irq, btusb_oob_wake_handler, | |
2977 | 0, "OOB Wake-on-BT", data); | |
2978 | if (ret) { | |
2979 | bt_dev_err(hdev, "%s: IRQ request failed", __func__); | |
2980 | return ret; | |
2981 | } | |
2982 | ||
2983 | ret = device_init_wakeup(dev, true); | |
2984 | if (ret) { | |
2985 | bt_dev_err(hdev, "%s: failed to init_wakeup", __func__); | |
2986 | return ret; | |
2987 | } | |
2988 | ||
2989 | data->oob_wake_irq = irq; | |
2990 | disable_irq(irq); | |
2991 | bt_dev_info(hdev, "OOB Wake-on-BT configured at IRQ %u", irq); | |
2992 | return 0; | |
2993 | } | |
2994 | #endif | |
2995 | ||
2eaeba6d HG |
2996 | static void btusb_check_needs_reset_resume(struct usb_interface *intf) |
2997 | { | |
2998 | if (dmi_check_system(btusb_needs_reset_resume_table)) | |
2999 | interface_to_usbdev(intf)->quirks |= USB_QUIRK_RESET_RESUME; | |
3000 | } | |
3001 | ||
5e23b923 | 3002 | static int btusb_probe(struct usb_interface *intf, |
89e7533d | 3003 | const struct usb_device_id *id) |
5e23b923 MH |
3004 | { |
3005 | struct usb_endpoint_descriptor *ep_desc; | |
3006 | struct btusb_data *data; | |
3007 | struct hci_dev *hdev; | |
22f8e9db | 3008 | unsigned ifnum_base; |
5e23b923 MH |
3009 | int i, err; |
3010 | ||
3011 | BT_DBG("intf %p id %p", intf, id); | |
3012 | ||
cfeb4145 | 3013 | /* interface numbers are hardcoded in the spec */ |
22f8e9db MH |
3014 | if (intf->cur_altsetting->desc.bInterfaceNumber != 0) { |
3015 | if (!(id->driver_info & BTUSB_IFNUM_2)) | |
3016 | return -ENODEV; | |
3017 | if (intf->cur_altsetting->desc.bInterfaceNumber != 2) | |
3018 | return -ENODEV; | |
3019 | } | |
3020 | ||
3021 | ifnum_base = intf->cur_altsetting->desc.bInterfaceNumber; | |
5e23b923 MH |
3022 | |
3023 | if (!id->driver_info) { | |
3024 | const struct usb_device_id *match; | |
89e7533d | 3025 | |
5e23b923 MH |
3026 | match = usb_match_id(intf, blacklist_table); |
3027 | if (match) | |
3028 | id = match; | |
3029 | } | |
3030 | ||
cfeb4145 MH |
3031 | if (id->driver_info == BTUSB_IGNORE) |
3032 | return -ENODEV; | |
3033 | ||
2d25f8b4 SL |
3034 | if (id->driver_info & BTUSB_ATH3012) { |
3035 | struct usb_device *udev = interface_to_usbdev(intf); | |
3036 | ||
3037 | /* Old firmware would otherwise let ath3k driver load | |
d98422cb DR |
3038 | * patch and sysconfig files |
3039 | */ | |
e68fc8b7 TI |
3040 | if (le16_to_cpu(udev->descriptor.bcdDevice) <= 0x0001 && |
3041 | !btusb_qca_need_patch(udev)) | |
2d25f8b4 SL |
3042 | return -ENODEV; |
3043 | } | |
3044 | ||
98921dbd | 3045 | data = devm_kzalloc(&intf->dev, sizeof(*data), GFP_KERNEL); |
5e23b923 MH |
3046 | if (!data) |
3047 | return -ENOMEM; | |
3048 | ||
3049 | for (i = 0; i < intf->cur_altsetting->desc.bNumEndpoints; i++) { | |
3050 | ep_desc = &intf->cur_altsetting->endpoint[i].desc; | |
3051 | ||
3052 | if (!data->intr_ep && usb_endpoint_is_int_in(ep_desc)) { | |
3053 | data->intr_ep = ep_desc; | |
3054 | continue; | |
3055 | } | |
3056 | ||
3057 | if (!data->bulk_tx_ep && usb_endpoint_is_bulk_out(ep_desc)) { | |
3058 | data->bulk_tx_ep = ep_desc; | |
3059 | continue; | |
3060 | } | |
3061 | ||
3062 | if (!data->bulk_rx_ep && usb_endpoint_is_bulk_in(ep_desc)) { | |
3063 | data->bulk_rx_ep = ep_desc; | |
3064 | continue; | |
3065 | } | |
3066 | } | |
3067 | ||
98921dbd | 3068 | if (!data->intr_ep || !data->bulk_tx_ep || !data->bulk_rx_ep) |
5e23b923 | 3069 | return -ENODEV; |
5e23b923 | 3070 | |
893ba544 MH |
3071 | if (id->driver_info & BTUSB_AMP) { |
3072 | data->cmdreq_type = USB_TYPE_CLASS | 0x01; | |
3073 | data->cmdreq = 0x2b; | |
3074 | } else { | |
3075 | data->cmdreq_type = USB_TYPE_CLASS; | |
3076 | data->cmdreq = 0x00; | |
3077 | } | |
7a9d4020 | 3078 | |
5e23b923 | 3079 | data->udev = interface_to_usbdev(intf); |
5fbcd260 | 3080 | data->intf = intf; |
5e23b923 | 3081 | |
5e23b923 | 3082 | INIT_WORK(&data->work, btusb_work); |
7bee549e | 3083 | INIT_WORK(&data->waker, btusb_waker); |
803b5836 MH |
3084 | init_usb_anchor(&data->deferred); |
3085 | init_usb_anchor(&data->tx_anchor); | |
7bee549e | 3086 | spin_lock_init(&data->txlock); |
5e23b923 | 3087 | |
5e23b923 MH |
3088 | init_usb_anchor(&data->intr_anchor); |
3089 | init_usb_anchor(&data->bulk_anchor); | |
9bfa35fe | 3090 | init_usb_anchor(&data->isoc_anchor); |
9d08f504 | 3091 | init_usb_anchor(&data->diag_anchor); |
803b5836 | 3092 | spin_lock_init(&data->rxlock); |
5e23b923 | 3093 | |
cda0dd78 MH |
3094 | if (id->driver_info & BTUSB_INTEL_NEW) { |
3095 | data->recv_event = btusb_recv_event_intel; | |
3096 | data->recv_bulk = btusb_recv_bulk_intel; | |
3097 | set_bit(BTUSB_BOOTLOADER, &data->flags); | |
3098 | } else { | |
3099 | data->recv_event = hci_recv_frame; | |
3100 | data->recv_bulk = btusb_recv_bulk; | |
3101 | } | |
2cbd3f5c | 3102 | |
5e23b923 | 3103 | hdev = hci_alloc_dev(); |
98921dbd | 3104 | if (!hdev) |
5e23b923 | 3105 | return -ENOMEM; |
5e23b923 | 3106 | |
c13854ce | 3107 | hdev->bus = HCI_USB; |
155961e8 | 3108 | hci_set_drvdata(hdev, data); |
5e23b923 | 3109 | |
893ba544 MH |
3110 | if (id->driver_info & BTUSB_AMP) |
3111 | hdev->dev_type = HCI_AMP; | |
3112 | else | |
ca8bee5d | 3113 | hdev->dev_type = HCI_PRIMARY; |
893ba544 | 3114 | |
5e23b923 MH |
3115 | data->hdev = hdev; |
3116 | ||
3117 | SET_HCIDEV_DEV(hdev, &intf->dev); | |
3118 | ||
9f8f962c MH |
3119 | hdev->open = btusb_open; |
3120 | hdev->close = btusb_close; | |
3121 | hdev->flush = btusb_flush; | |
3122 | hdev->send = btusb_send_frame; | |
3123 | hdev->notify = btusb_notify; | |
3124 | ||
fd913ef7 RJ |
3125 | #ifdef CONFIG_PM |
3126 | err = btusb_config_oob_wake(hdev); | |
3127 | if (err) | |
3128 | goto out_free_dev; | |
a4ccc9e3 RJ |
3129 | |
3130 | /* Marvell devices may need a specific chip configuration */ | |
3131 | if (id->driver_info & BTUSB_MARVELL && data->oob_wake_irq) { | |
3132 | err = marvell_config_oob_wake(hdev); | |
3133 | if (err) | |
3134 | goto out_free_dev; | |
3135 | } | |
fd913ef7 | 3136 | #endif |
418678b0 SJ |
3137 | if (id->driver_info & BTUSB_CW6622) |
3138 | set_bit(HCI_QUIRK_BROKEN_STORED_LINK_KEY, &hdev->quirks); | |
3139 | ||
6c9d435d MH |
3140 | if (id->driver_info & BTUSB_BCM2045) |
3141 | set_bit(HCI_QUIRK_BROKEN_STORED_LINK_KEY, &hdev->quirks); | |
3142 | ||
9f8f962c MH |
3143 | if (id->driver_info & BTUSB_BCM92035) |
3144 | hdev->setup = btusb_setup_bcm92035; | |
5e23b923 | 3145 | |
c2bfb100 | 3146 | #ifdef CONFIG_BT_HCIBTUSB_BCM |
abbaf50e | 3147 | if (id->driver_info & BTUSB_BCM_PATCHRAM) { |
49a5f782 | 3148 | hdev->manufacturer = 15; |
c2bfb100 | 3149 | hdev->setup = btbcm_setup_patchram; |
9d08f504 | 3150 | hdev->set_diag = btusb_bcm_set_diag; |
1df1f591 | 3151 | hdev->set_bdaddr = btbcm_set_bdaddr; |
9d08f504 MH |
3152 | |
3153 | /* Broadcom LM_DIAG Interface numbers are hardcoded */ | |
22f8e9db | 3154 | data->diag = usb_ifnum_to_if(data->udev, ifnum_base + 2); |
abbaf50e | 3155 | } |
10d4c673 | 3156 | |
9d08f504 | 3157 | if (id->driver_info & BTUSB_BCM_APPLE) { |
49a5f782 | 3158 | hdev->manufacturer = 15; |
c2bfb100 | 3159 | hdev->setup = btbcm_setup_apple; |
9d08f504 MH |
3160 | hdev->set_diag = btusb_bcm_set_diag; |
3161 | ||
3162 | /* Broadcom LM_DIAG Interface numbers are hardcoded */ | |
22f8e9db | 3163 | data->diag = usb_ifnum_to_if(data->udev, ifnum_base + 2); |
9d08f504 | 3164 | } |
c2bfb100 | 3165 | #endif |
17b2772b | 3166 | |
cb8d6597 | 3167 | if (id->driver_info & BTUSB_INTEL) { |
49a5f782 | 3168 | hdev->manufacturer = 2; |
dffd30ee | 3169 | hdev->setup = btusb_setup_intel; |
bfbd45e9 | 3170 | hdev->shutdown = btusb_shutdown_intel; |
3e24767b | 3171 | hdev->set_diag = btintel_set_diag_mfg; |
4185a0f5 | 3172 | hdev->set_bdaddr = btintel_set_bdaddr; |
c33fb9b4 | 3173 | set_bit(HCI_QUIRK_STRICT_DUPLICATE_FILTER, &hdev->quirks); |
c1154842 | 3174 | set_bit(HCI_QUIRK_SIMULTANEOUS_DISCOVERY, &hdev->quirks); |
3e24767b | 3175 | set_bit(HCI_QUIRK_NON_PERSISTENT_DIAG, &hdev->quirks); |
cb8d6597 | 3176 | } |
dffd30ee | 3177 | |
cda0dd78 | 3178 | if (id->driver_info & BTUSB_INTEL_NEW) { |
49a5f782 | 3179 | hdev->manufacturer = 2; |
cda0dd78 MH |
3180 | hdev->send = btusb_send_frame_intel; |
3181 | hdev->setup = btusb_setup_intel_new; | |
eeb6abe9 | 3182 | hdev->hw_error = btintel_hw_error; |
6d2e50d2 | 3183 | hdev->set_diag = btintel_set_diag; |
4185a0f5 | 3184 | hdev->set_bdaddr = btintel_set_bdaddr; |
b970c5ba | 3185 | set_bit(HCI_QUIRK_STRICT_DUPLICATE_FILTER, &hdev->quirks); |
d8270fbb | 3186 | set_bit(HCI_QUIRK_NON_PERSISTENT_DIAG, &hdev->quirks); |
cda0dd78 MH |
3187 | } |
3188 | ||
84845ceb WJS |
3189 | if (id->driver_info & BTUSB_MARVELL) { |
3190 | struct pci_dev *pdev; | |
ae8df494 | 3191 | hdev->set_bdaddr = btusb_set_bdaddr_marvell; |
84845ceb WJS |
3192 | pdev = pci_get_subsys(PCI_ANY_ID, PCI_ANY_ID, 0x1028, 0x0720, NULL); |
3193 | if (!pdev) | |
3194 | pdev = pci_get_subsys(PCI_ANY_ID, PCI_ANY_ID, 0x1028, 0x0733, NULL); | |
3195 | if (pdev) { | |
3196 | pci_dev_put(pdev); | |
3197 | hdev->post_init = btusb_edge_post_init; | |
3198 | hdev->shutdown = btusb_edge_shutdown; | |
3199 | } | |
3200 | } | |
ae8df494 | 3201 | |
661cf88a MH |
3202 | if (id->driver_info & BTUSB_SWAVE) { |
3203 | set_bit(HCI_QUIRK_FIXUP_INQUIRY_MODE, &hdev->quirks); | |
d57dbe77 | 3204 | set_bit(HCI_QUIRK_BROKEN_LOCAL_COMMANDS, &hdev->quirks); |
661cf88a | 3205 | } |
d57dbe77 | 3206 | |
e4c534bb MH |
3207 | if (id->driver_info & BTUSB_INTEL_BOOT) { |
3208 | hdev->manufacturer = 2; | |
40df783d | 3209 | set_bit(HCI_QUIRK_RAW_DEVICE, &hdev->quirks); |
e4c534bb | 3210 | } |
40df783d | 3211 | |
79f0c87d | 3212 | if (id->driver_info & BTUSB_ATH3012) { |
e68fc8b7 | 3213 | data->setup_on_usb = btusb_setup_qca; |
5859223e | 3214 | hdev->set_bdaddr = btusb_set_bdaddr_ath3012; |
3d50d51a | 3215 | set_bit(HCI_QUIRK_SIMULTANEOUS_DISCOVERY, &hdev->quirks); |
79f0c87d JP |
3216 | set_bit(HCI_QUIRK_STRICT_DUPLICATE_FILTER, &hdev->quirks); |
3217 | } | |
5859223e | 3218 | |
3267c884 KBYT |
3219 | if (id->driver_info & BTUSB_QCA_ROME) { |
3220 | data->setup_on_usb = btusb_setup_qca; | |
3221 | hdev->set_bdaddr = btusb_set_bdaddr_ath3012; | |
2eaeba6d | 3222 | btusb_check_needs_reset_resume(intf); |
3267c884 KBYT |
3223 | } |
3224 | ||
db33c77d | 3225 | #ifdef CONFIG_BT_HCIBTUSB_RTL |
04b8c814 | 3226 | if (id->driver_info & BTUSB_REALTEK) { |
db33c77d | 3227 | hdev->setup = btrtl_setup_realtek; |
04b8c814 DD |
3228 | |
3229 | /* Realtek devices lose their updated firmware over suspend, | |
3230 | * but the USB hub doesn't notice any status change. | |
3231 | * Explicitly request a device reset on resume. | |
3232 | */ | |
18970430 | 3233 | interface_to_usbdev(intf)->quirks |= USB_QUIRK_RESET_RESUME; |
04b8c814 | 3234 | } |
db33c77d | 3235 | #endif |
a2698a9b | 3236 | |
893ba544 MH |
3237 | if (id->driver_info & BTUSB_AMP) { |
3238 | /* AMP controllers do not support SCO packets */ | |
3239 | data->isoc = NULL; | |
3240 | } else { | |
22f8e9db MH |
3241 | /* Interface orders are hardcoded in the specification */ |
3242 | data->isoc = usb_ifnum_to_if(data->udev, ifnum_base + 1); | |
459232fc | 3243 | data->isoc_ifnum = ifnum_base + 1; |
893ba544 | 3244 | } |
9bfa35fe | 3245 | |
7a9d4020 | 3246 | if (!reset) |
a6c511c6 | 3247 | set_bit(HCI_QUIRK_RESET_ON_CLOSE, &hdev->quirks); |
cfeb4145 MH |
3248 | |
3249 | if (force_scofix || id->driver_info & BTUSB_WRONG_SCO_MTU) { | |
3250 | if (!disable_scofix) | |
3251 | set_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks); | |
3252 | } | |
3253 | ||
9bfa35fe MH |
3254 | if (id->driver_info & BTUSB_BROKEN_ISOC) |
3255 | data->isoc = NULL; | |
3256 | ||
7a9d4020 MH |
3257 | if (id->driver_info & BTUSB_DIGIANSWER) { |
3258 | data->cmdreq_type = USB_TYPE_VENDOR; | |
a6c511c6 | 3259 | set_bit(HCI_QUIRK_RESET_ON_CLOSE, &hdev->quirks); |
7a9d4020 MH |
3260 | } |
3261 | ||
3262 | if (id->driver_info & BTUSB_CSR) { | |
3263 | struct usb_device *udev = data->udev; | |
81cac64b | 3264 | u16 bcdDevice = le16_to_cpu(udev->descriptor.bcdDevice); |
7a9d4020 MH |
3265 | |
3266 | /* Old firmware would otherwise execute USB reset */ | |
81cac64b | 3267 | if (bcdDevice < 0x117) |
a6c511c6 | 3268 | set_bit(HCI_QUIRK_RESET_ON_CLOSE, &hdev->quirks); |
81cac64b MH |
3269 | |
3270 | /* Fake CSR devices with broken commands */ | |
6cafcd95 | 3271 | if (bcdDevice <= 0x100 || bcdDevice == 0x134) |
81cac64b | 3272 | hdev->setup = btusb_setup_csr; |
49c989a0 JP |
3273 | |
3274 | set_bit(HCI_QUIRK_SIMULTANEOUS_DISCOVERY, &hdev->quirks); | |
7a9d4020 MH |
3275 | } |
3276 | ||
cfeb4145 | 3277 | if (id->driver_info & BTUSB_SNIFFER) { |
9bfa35fe | 3278 | struct usb_device *udev = data->udev; |
cfeb4145 | 3279 | |
7a9d4020 | 3280 | /* New sniffer firmware has crippled HCI interface */ |
cfeb4145 MH |
3281 | if (le16_to_cpu(udev->descriptor.bcdDevice) > 0x997) |
3282 | set_bit(HCI_QUIRK_RAW_DEVICE, &hdev->quirks); | |
3283 | } | |
3284 | ||
3a5ef20c MH |
3285 | if (id->driver_info & BTUSB_INTEL_BOOT) { |
3286 | /* A bug in the bootloader causes that interrupt interface is | |
3287 | * only enabled after receiving SetInterface(0, AltSetting=0). | |
3288 | */ | |
3289 | err = usb_set_interface(data->udev, 0, 0); | |
3290 | if (err < 0) { | |
3291 | BT_ERR("failed to set interface 0, alt 0 %d", err); | |
10ab133b | 3292 | goto out_free_dev; |
3a5ef20c MH |
3293 | } |
3294 | } | |
3295 | ||
9bfa35fe MH |
3296 | if (data->isoc) { |
3297 | err = usb_driver_claim_interface(&btusb_driver, | |
89e7533d | 3298 | data->isoc, data); |
10ab133b RJ |
3299 | if (err < 0) |
3300 | goto out_free_dev; | |
9bfa35fe MH |
3301 | } |
3302 | ||
9d08f504 MH |
3303 | #ifdef CONFIG_BT_HCIBTUSB_BCM |
3304 | if (data->diag) { | |
3305 | if (!usb_driver_claim_interface(&btusb_driver, | |
3306 | data->diag, data)) | |
3307 | __set_diag_interface(hdev); | |
3308 | else | |
3309 | data->diag = NULL; | |
3310 | } | |
3311 | #endif | |
3312 | ||
5e23b923 | 3313 | err = hci_register_dev(hdev); |
10ab133b RJ |
3314 | if (err < 0) |
3315 | goto out_free_dev; | |
5e23b923 MH |
3316 | |
3317 | usb_set_intfdata(intf, data); | |
3318 | ||
3319 | return 0; | |
10ab133b RJ |
3320 | |
3321 | out_free_dev: | |
3322 | hci_free_dev(hdev); | |
3323 | return err; | |
5e23b923 MH |
3324 | } |
3325 | ||
3326 | static void btusb_disconnect(struct usb_interface *intf) | |
3327 | { | |
3328 | struct btusb_data *data = usb_get_intfdata(intf); | |
3329 | struct hci_dev *hdev; | |
3330 | ||
3331 | BT_DBG("intf %p", intf); | |
3332 | ||
3333 | if (!data) | |
3334 | return; | |
3335 | ||
3336 | hdev = data->hdev; | |
5fbcd260 MH |
3337 | usb_set_intfdata(data->intf, NULL); |
3338 | ||
3339 | if (data->isoc) | |
3340 | usb_set_intfdata(data->isoc, NULL); | |
5e23b923 | 3341 | |
9d08f504 MH |
3342 | if (data->diag) |
3343 | usb_set_intfdata(data->diag, NULL); | |
3344 | ||
5e23b923 MH |
3345 | hci_unregister_dev(hdev); |
3346 | ||
9d08f504 MH |
3347 | if (intf == data->intf) { |
3348 | if (data->isoc) | |
3349 | usb_driver_release_interface(&btusb_driver, data->isoc); | |
3350 | if (data->diag) | |
3351 | usb_driver_release_interface(&btusb_driver, data->diag); | |
3352 | } else if (intf == data->isoc) { | |
3353 | if (data->diag) | |
3354 | usb_driver_release_interface(&btusb_driver, data->diag); | |
5fbcd260 | 3355 | usb_driver_release_interface(&btusb_driver, data->intf); |
9d08f504 MH |
3356 | } else if (intf == data->diag) { |
3357 | usb_driver_release_interface(&btusb_driver, data->intf); | |
3358 | if (data->isoc) | |
3359 | usb_driver_release_interface(&btusb_driver, data->isoc); | |
3360 | } | |
5fbcd260 | 3361 | |
fd913ef7 RJ |
3362 | if (data->oob_wake_irq) |
3363 | device_init_wakeup(&data->udev->dev, false); | |
3364 | ||
5e23b923 MH |
3365 | hci_free_dev(hdev); |
3366 | } | |
3367 | ||
7bee549e | 3368 | #ifdef CONFIG_PM |
6a88adf2 MH |
3369 | static int btusb_suspend(struct usb_interface *intf, pm_message_t message) |
3370 | { | |
3371 | struct btusb_data *data = usb_get_intfdata(intf); | |
3372 | ||
3373 | BT_DBG("intf %p", intf); | |
3374 | ||
3375 | if (data->suspend_count++) | |
3376 | return 0; | |
3377 | ||
7bee549e | 3378 | spin_lock_irq(&data->txlock); |
5b1b0b81 | 3379 | if (!(PMSG_IS_AUTO(message) && data->tx_in_flight)) { |
7bee549e ON |
3380 | set_bit(BTUSB_SUSPENDING, &data->flags); |
3381 | spin_unlock_irq(&data->txlock); | |
3382 | } else { | |
3383 | spin_unlock_irq(&data->txlock); | |
3384 | data->suspend_count--; | |
3385 | return -EBUSY; | |
3386 | } | |
3387 | ||
6a88adf2 MH |
3388 | cancel_work_sync(&data->work); |
3389 | ||
7bee549e | 3390 | btusb_stop_traffic(data); |
6a88adf2 MH |
3391 | usb_kill_anchored_urbs(&data->tx_anchor); |
3392 | ||
fd913ef7 RJ |
3393 | if (data->oob_wake_irq && device_may_wakeup(&data->udev->dev)) { |
3394 | set_bit(BTUSB_OOB_WAKE_ENABLED, &data->flags); | |
3395 | enable_irq_wake(data->oob_wake_irq); | |
3396 | enable_irq(data->oob_wake_irq); | |
3397 | } | |
3398 | ||
6a88adf2 MH |
3399 | return 0; |
3400 | } | |
3401 | ||
7bee549e ON |
3402 | static void play_deferred(struct btusb_data *data) |
3403 | { | |
3404 | struct urb *urb; | |
3405 | int err; | |
3406 | ||
3407 | while ((urb = usb_get_from_anchor(&data->deferred))) { | |
19cfe912 JC |
3408 | usb_anchor_urb(urb, &data->tx_anchor); |
3409 | ||
7bee549e | 3410 | err = usb_submit_urb(urb, GFP_ATOMIC); |
19cfe912 JC |
3411 | if (err < 0) { |
3412 | if (err != -EPERM && err != -ENODEV) | |
3413 | BT_ERR("%s urb %p submission failed (%d)", | |
3414 | data->hdev->name, urb, -err); | |
3415 | kfree(urb->setup_packet); | |
3416 | usb_unanchor_urb(urb); | |
3417 | usb_free_urb(urb); | |
7bee549e | 3418 | break; |
19cfe912 | 3419 | } |
7bee549e ON |
3420 | |
3421 | data->tx_in_flight++; | |
19cfe912 JC |
3422 | usb_free_urb(urb); |
3423 | } | |
3424 | ||
3425 | /* Cleanup the rest deferred urbs. */ | |
3426 | while ((urb = usb_get_from_anchor(&data->deferred))) { | |
3427 | kfree(urb->setup_packet); | |
3428 | usb_free_urb(urb); | |
7bee549e | 3429 | } |
7bee549e ON |
3430 | } |
3431 | ||
6a88adf2 MH |
3432 | static int btusb_resume(struct usb_interface *intf) |
3433 | { | |
3434 | struct btusb_data *data = usb_get_intfdata(intf); | |
3435 | struct hci_dev *hdev = data->hdev; | |
7bee549e | 3436 | int err = 0; |
6a88adf2 MH |
3437 | |
3438 | BT_DBG("intf %p", intf); | |
3439 | ||
3440 | if (--data->suspend_count) | |
3441 | return 0; | |
3442 | ||
fd913ef7 RJ |
3443 | /* Disable only if not already disabled (keep it balanced) */ |
3444 | if (test_and_clear_bit(BTUSB_OOB_WAKE_ENABLED, &data->flags)) { | |
3445 | disable_irq(data->oob_wake_irq); | |
3446 | disable_irq_wake(data->oob_wake_irq); | |
3447 | } | |
3448 | ||
6a88adf2 | 3449 | if (!test_bit(HCI_RUNNING, &hdev->flags)) |
7bee549e | 3450 | goto done; |
6a88adf2 MH |
3451 | |
3452 | if (test_bit(BTUSB_INTR_RUNNING, &data->flags)) { | |
3453 | err = btusb_submit_intr_urb(hdev, GFP_NOIO); | |
3454 | if (err < 0) { | |
3455 | clear_bit(BTUSB_INTR_RUNNING, &data->flags); | |
7bee549e | 3456 | goto failed; |
6a88adf2 MH |
3457 | } |
3458 | } | |
3459 | ||
3460 | if (test_bit(BTUSB_BULK_RUNNING, &data->flags)) { | |
43c2e57f MH |
3461 | err = btusb_submit_bulk_urb(hdev, GFP_NOIO); |
3462 | if (err < 0) { | |
6a88adf2 | 3463 | clear_bit(BTUSB_BULK_RUNNING, &data->flags); |
7bee549e ON |
3464 | goto failed; |
3465 | } | |
3466 | ||
3467 | btusb_submit_bulk_urb(hdev, GFP_NOIO); | |
6a88adf2 MH |
3468 | } |
3469 | ||
3470 | if (test_bit(BTUSB_ISOC_RUNNING, &data->flags)) { | |
3471 | if (btusb_submit_isoc_urb(hdev, GFP_NOIO) < 0) | |
3472 | clear_bit(BTUSB_ISOC_RUNNING, &data->flags); | |
3473 | else | |
3474 | btusb_submit_isoc_urb(hdev, GFP_NOIO); | |
3475 | } | |
3476 | ||
7bee549e ON |
3477 | spin_lock_irq(&data->txlock); |
3478 | play_deferred(data); | |
3479 | clear_bit(BTUSB_SUSPENDING, &data->flags); | |
3480 | spin_unlock_irq(&data->txlock); | |
3481 | schedule_work(&data->work); | |
3482 | ||
6a88adf2 | 3483 | return 0; |
7bee549e ON |
3484 | |
3485 | failed: | |
3486 | usb_scuttle_anchored_urbs(&data->deferred); | |
3487 | done: | |
3488 | spin_lock_irq(&data->txlock); | |
3489 | clear_bit(BTUSB_SUSPENDING, &data->flags); | |
3490 | spin_unlock_irq(&data->txlock); | |
3491 | ||
3492 | return err; | |
6a88adf2 | 3493 | } |
7bee549e | 3494 | #endif |
6a88adf2 | 3495 | |
5e23b923 MH |
3496 | static struct usb_driver btusb_driver = { |
3497 | .name = "btusb", | |
3498 | .probe = btusb_probe, | |
3499 | .disconnect = btusb_disconnect, | |
7bee549e | 3500 | #ifdef CONFIG_PM |
6a88adf2 MH |
3501 | .suspend = btusb_suspend, |
3502 | .resume = btusb_resume, | |
7bee549e | 3503 | #endif |
5e23b923 | 3504 | .id_table = btusb_table, |
7bee549e | 3505 | .supports_autosuspend = 1, |
e1f12eb6 | 3506 | .disable_hub_initiated_lpm = 1, |
5e23b923 MH |
3507 | }; |
3508 | ||
93f1508c | 3509 | module_usb_driver(btusb_driver); |
5e23b923 | 3510 | |
cfeb4145 MH |
3511 | module_param(disable_scofix, bool, 0644); |
3512 | MODULE_PARM_DESC(disable_scofix, "Disable fixup of wrong SCO buffer size"); | |
3513 | ||
3514 | module_param(force_scofix, bool, 0644); | |
3515 | MODULE_PARM_DESC(force_scofix, "Force fixup of wrong SCO buffers size"); | |
3516 | ||
3517 | module_param(reset, bool, 0644); | |
3518 | MODULE_PARM_DESC(reset, "Send HCI reset command on initialization"); | |
3519 | ||
5e23b923 MH |
3520 | MODULE_AUTHOR("Marcel Holtmann <marcel@holtmann.org>"); |
3521 | MODULE_DESCRIPTION("Generic Bluetooth USB driver ver " VERSION); | |
3522 | MODULE_VERSION(VERSION); | |
3523 | MODULE_LICENSE("GPL"); |