]> git.proxmox.com Git - mirror_ubuntu-zesty-kernel.git/blob - drivers/bluetooth/hci_usb.c
projects / mirror_ubuntu-zesty-kernel.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
[Bluetooth] Correct SCO buffer size on request
[mirror_ubuntu-zesty-kernel.git] / drivers / bluetooth / hci_usb.c
1 /*
2 HCI USB driver for Linux Bluetooth protocol stack (BlueZ)
3 Copyright (C) 2000-2001 Qualcomm Incorporated
4 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
5
6 Copyright (C) 2003 Maxim Krasnyansky <maxk@qualcomm.com>
7
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License version 2 as
10 published by the Free Software Foundation;
11
12 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
13 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
14 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
15 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
16 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
17 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
18 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
19 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20
21 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
22 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
23 SOFTWARE IS DISCLAIMED.
24 */
25
26 /*
27 * Bluetooth HCI USB driver.
28 * Based on original USB Bluetooth driver for Linux kernel
29 * Copyright (c) 2000 Greg Kroah-Hartman <greg@kroah.com>
30 * Copyright (c) 2000 Mark Douglas Corner <mcorner@umich.edu>
31 *
32 */
33
34 #include <linux/module.h>
35
36 #include <linux/kernel.h>
37 #include <linux/init.h>
38 #include <linux/sched.h>
39 #include <linux/unistd.h>
40 #include <linux/types.h>
41 #include <linux/interrupt.h>
42 #include <linux/moduleparam.h>
43
44 #include <linux/slab.h>
45 #include <linux/errno.h>
46 #include <linux/string.h>
47 #include <linux/skbuff.h>
48
49 #include <linux/usb.h>
50
51 #include <net/bluetooth/bluetooth.h>
52 #include <net/bluetooth/hci_core.h>
53
54 #include "hci_usb.h"
55
56 #ifndef CONFIG_BT_HCIUSB_DEBUG
57 #undef BT_DBG
58 #define BT_DBG(D...)
59 #endif
60
61 #ifndef CONFIG_BT_HCIUSB_ZERO_PACKET
62 #undef URB_ZERO_PACKET
63 #define URB_ZERO_PACKET 0
64 #endif
65
66 static int ignore = 0;
67 static int ignore_dga = 0;
68 static int ignore_csr = 0;
69 static int ignore_sniffer = 0;
70 static int reset = 0;
71
72 #ifdef CONFIG_BT_HCIUSB_SCO
73 static int isoc = 2;
74 #endif
75
76 #define VERSION "2.9"
77
78 static struct usb_driver hci_usb_driver;
79
80 static struct usb_device_id bluetooth_ids[] = {
81 /* Generic Bluetooth USB device */
82 { USB_DEVICE_INFO(HCI_DEV_CLASS, HCI_DEV_SUBCLASS, HCI_DEV_PROTOCOL) },
83
84 /* AVM BlueFRITZ! USB v2.0 */
85 { USB_DEVICE(0x057c, 0x3800) },
86
87 /* Bluetooth Ultraport Module from IBM */
88 { USB_DEVICE(0x04bf, 0x030a) },
89
90 /* ALPS Modules with non-standard id */
91 { USB_DEVICE(0x044e, 0x3001) },
92 { USB_DEVICE(0x044e, 0x3002) },
93
94 /* Ericsson with non-standard id */
95 { USB_DEVICE(0x0bdb, 0x1002) },
96
97 { } /* Terminating entry */
98 };
99
100 MODULE_DEVICE_TABLE (usb, bluetooth_ids);
101
102 static struct usb_device_id blacklist_ids[] = {
103 /* CSR BlueCore devices */
104 { USB_DEVICE(0x0a12, 0x0001), .driver_info = HCI_CSR },
105
106 /* Broadcom BCM2033 without firmware */
107 { USB_DEVICE(0x0a5c, 0x2033), .driver_info = HCI_IGNORE },
108
109 /* Broadcom BCM2035 */
110 { USB_DEVICE(0x0a5c, 0x200a), .driver_info = HCI_RESET | HCI_BROKEN_ISOC },
111 { USB_DEVICE(0x0a5c, 0x2009), .driver_info = HCI_BCM92035 },
112
113 /* Microsoft Wireless Transceiver for Bluetooth 2.0 */
114 { USB_DEVICE(0x045e, 0x009c), .driver_info = HCI_RESET },
115
116 /* Kensington Bluetooth USB adapter */
117 { USB_DEVICE(0x047d, 0x105d), .driver_info = HCI_RESET },
118
119 /* ISSC Bluetooth Adapter v3.1 */
120 { USB_DEVICE(0x1131, 0x1001), .driver_info = HCI_RESET },
121
122 /* RTX Telecom based adapter with buggy SCO support */
123 { USB_DEVICE(0x0400, 0x0807), .driver_info = HCI_BROKEN_ISOC },
124
125 /* Belkin F8T012 */
126 { USB_DEVICE(0x050d, 0x0012), .driver_info = HCI_WRONG_SCO_MTU },
127
128 /* Digianswer devices */
129 { USB_DEVICE(0x08fd, 0x0001), .driver_info = HCI_DIGIANSWER },
130 { USB_DEVICE(0x08fd, 0x0002), .driver_info = HCI_IGNORE },
131
132 /* CSR BlueCore Bluetooth Sniffer */
133 { USB_DEVICE(0x0a12, 0x0002), .driver_info = HCI_SNIFFER },
134
135 /* Frontline ComProbe Bluetooth Sniffer */
136 { USB_DEVICE(0x16d3, 0x0002), .driver_info = HCI_SNIFFER },
137
138 { } /* Terminating entry */
139 };
140
141 static struct _urb *_urb_alloc(int isoc, gfp_t gfp)
142 {
143 struct _urb *_urb = kmalloc(sizeof(struct _urb) +
144 sizeof(struct usb_iso_packet_descriptor) * isoc, gfp);
145 if (_urb) {
146 memset(_urb, 0, sizeof(*_urb));
147 usb_init_urb(&_urb->urb);
148 }
149 return _urb;
150 }
151
152 static struct _urb *_urb_dequeue(struct _urb_queue *q)
153 {
154 struct _urb *_urb = NULL;
155 unsigned long flags;
156 spin_lock_irqsave(&q->lock, flags);
157 {
158 struct list_head *head = &q->head;
159 struct list_head *next = head->next;
160 if (next != head) {
161 _urb = list_entry(next, struct _urb, list);
162 list_del(next); _urb->queue = NULL;
163 }
164 }
165 spin_unlock_irqrestore(&q->lock, flags);
166 return _urb;
167 }
168
169 static void hci_usb_rx_complete(struct urb *urb, struct pt_regs *regs);
170 static void hci_usb_tx_complete(struct urb *urb, struct pt_regs *regs);
171
172 #define __pending_tx(husb, type) (&husb->pending_tx[type-1])
173 #define __pending_q(husb, type) (&husb->pending_q[type-1])
174 #define __completed_q(husb, type) (&husb->completed_q[type-1])
175 #define __transmit_q(husb, type) (&husb->transmit_q[type-1])
176 #define __reassembly(husb, type) (husb->reassembly[type-1])
177
178 static inline struct _urb *__get_completed(struct hci_usb *husb, int type)
179 {
180 return _urb_dequeue(__completed_q(husb, type));
181 }
182
183 #ifdef CONFIG_BT_HCIUSB_SCO
184 static void __fill_isoc_desc(struct urb *urb, int len, int mtu)
185 {
186 int offset = 0, i;
187
188 BT_DBG("len %d mtu %d", len, mtu);
189
190 for (i=0; i < HCI_MAX_ISOC_FRAMES && len >= mtu; i++, offset += mtu, len -= mtu) {
191 urb->iso_frame_desc[i].offset = offset;
192 urb->iso_frame_desc[i].length = mtu;
193 BT_DBG("desc %d offset %d len %d", i, offset, mtu);
194 }
195 if (len && i < HCI_MAX_ISOC_FRAMES) {
196 urb->iso_frame_desc[i].offset = offset;
197 urb->iso_frame_desc[i].length = len;
198 BT_DBG("desc %d offset %d len %d", i, offset, len);
199 i++;
200 }
201 urb->number_of_packets = i;
202 }
203 #endif
204
205 static int hci_usb_intr_rx_submit(struct hci_usb *husb)
206 {
207 struct _urb *_urb;
208 struct urb *urb;
209 int err, pipe, interval, size;
210 void *buf;
211
212 BT_DBG("%s", husb->hdev->name);
213
214 size = le16_to_cpu(husb->intr_in_ep->desc.wMaxPacketSize);
215
216 buf = kmalloc(size, GFP_ATOMIC);
217 if (!buf)
218 return -ENOMEM;
219
220 _urb = _urb_alloc(0, GFP_ATOMIC);
221 if (!_urb) {
222 kfree(buf);
223 return -ENOMEM;
224 }
225 _urb->type = HCI_EVENT_PKT;
226 _urb_queue_tail(__pending_q(husb, _urb->type), _urb);
227
228 urb = &_urb->urb;
229 pipe = usb_rcvintpipe(husb->udev, husb->intr_in_ep->desc.bEndpointAddress);
230 interval = husb->intr_in_ep->desc.bInterval;
231 usb_fill_int_urb(urb, husb->udev, pipe, buf, size, hci_usb_rx_complete, husb, interval);
232
233 err = usb_submit_urb(urb, GFP_ATOMIC);
234 if (err) {
235 BT_ERR("%s intr rx submit failed urb %p err %d",
236 husb->hdev->name, urb, err);
237 _urb_unlink(_urb);
238 _urb_free(_urb);
239 kfree(buf);
240 }
241 return err;
242 }
243
244 static int hci_usb_bulk_rx_submit(struct hci_usb *husb)
245 {
246 struct _urb *_urb;
247 struct urb *urb;
248 int err, pipe, size = HCI_MAX_FRAME_SIZE;
249 void *buf;
250
251 buf = kmalloc(size, GFP_ATOMIC);
252 if (!buf)
253 return -ENOMEM;
254
255 _urb = _urb_alloc(0, GFP_ATOMIC);
256 if (!_urb) {
257 kfree(buf);
258 return -ENOMEM;
259 }
260 _urb->type = HCI_ACLDATA_PKT;
261 _urb_queue_tail(__pending_q(husb, _urb->type), _urb);
262
263 urb = &_urb->urb;
264 pipe = usb_rcvbulkpipe(husb->udev, husb->bulk_in_ep->desc.bEndpointAddress);
265 usb_fill_bulk_urb(urb, husb->udev, pipe, buf, size, hci_usb_rx_complete, husb);
266 urb->transfer_flags = 0;
267
268 BT_DBG("%s urb %p", husb->hdev->name, urb);
269
270 err = usb_submit_urb(urb, GFP_ATOMIC);
271 if (err) {
272 BT_ERR("%s bulk rx submit failed urb %p err %d",
273 husb->hdev->name, urb, err);
274 _urb_unlink(_urb);
275 _urb_free(_urb);
276 kfree(buf);
277 }
278 return err;
279 }
280
281 #ifdef CONFIG_BT_HCIUSB_SCO
282 static int hci_usb_isoc_rx_submit(struct hci_usb *husb)
283 {
284 struct _urb *_urb;
285 struct urb *urb;
286 int err, mtu, size;
287 void *buf;
288
289 mtu = le16_to_cpu(husb->isoc_in_ep->desc.wMaxPacketSize);
290 size = mtu * HCI_MAX_ISOC_FRAMES;
291
292 buf = kmalloc(size, GFP_ATOMIC);
293 if (!buf)
294 return -ENOMEM;
295
296 _urb = _urb_alloc(HCI_MAX_ISOC_FRAMES, GFP_ATOMIC);
297 if (!_urb) {
298 kfree(buf);
299 return -ENOMEM;
300 }
301 _urb->type = HCI_SCODATA_PKT;
302 _urb_queue_tail(__pending_q(husb, _urb->type), _urb);
303
304 urb = &_urb->urb;
305
306 urb->context = husb;
307 urb->dev = husb->udev;
308 urb->pipe = usb_rcvisocpipe(husb->udev, husb->isoc_in_ep->desc.bEndpointAddress);
309 urb->complete = hci_usb_rx_complete;
310
311 urb->interval = husb->isoc_in_ep->desc.bInterval;
312
313 urb->transfer_buffer_length = size;
314 urb->transfer_buffer = buf;
315 urb->transfer_flags = URB_ISO_ASAP;
316
317 __fill_isoc_desc(urb, size, mtu);
318
319 BT_DBG("%s urb %p", husb->hdev->name, urb);
320
321 err = usb_submit_urb(urb, GFP_ATOMIC);
322 if (err) {
323 BT_ERR("%s isoc rx submit failed urb %p err %d",
324 husb->hdev->name, urb, err);
325 _urb_unlink(_urb);
326 _urb_free(_urb);
327 kfree(buf);
328 }
329 return err;
330 }
331 #endif
332
333 /* Initialize device */
334 static int hci_usb_open(struct hci_dev *hdev)
335 {
336 struct hci_usb *husb = (struct hci_usb *) hdev->driver_data;
337 int i, err;
338 unsigned long flags;
339
340 BT_DBG("%s", hdev->name);
341
342 if (test_and_set_bit(HCI_RUNNING, &hdev->flags))
343 return 0;
344
345 write_lock_irqsave(&husb->completion_lock, flags);
346
347 err = hci_usb_intr_rx_submit(husb);
348 if (!err) {
349 for (i = 0; i < HCI_MAX_BULK_RX; i++)
350 hci_usb_bulk_rx_submit(husb);
351
352 #ifdef CONFIG_BT_HCIUSB_SCO
353 if (husb->isoc_iface)
354 for (i = 0; i < HCI_MAX_ISOC_RX; i++)
355 hci_usb_isoc_rx_submit(husb);
356 #endif
357 } else {
358 clear_bit(HCI_RUNNING, &hdev->flags);
359 }
360
361 write_unlock_irqrestore(&husb->completion_lock, flags);
362 return err;
363 }
364
365 /* Reset device */
366 static int hci_usb_flush(struct hci_dev *hdev)
367 {
368 struct hci_usb *husb = (struct hci_usb *) hdev->driver_data;
369 int i;
370
371 BT_DBG("%s", hdev->name);
372
373 for (i = 0; i < 4; i++)
374 skb_queue_purge(&husb->transmit_q[i]);
375 return 0;
376 }
377
378 static void hci_usb_unlink_urbs(struct hci_usb *husb)
379 {
380 int i;
381
382 BT_DBG("%s", husb->hdev->name);
383
384 for (i = 0; i < 4; i++) {
385 struct _urb *_urb;
386 struct urb *urb;
387
388 /* Kill pending requests */
389 while ((_urb = _urb_dequeue(&husb->pending_q[i]))) {
390 urb = &_urb->urb;
391 BT_DBG("%s unlinking _urb %p type %d urb %p",
392 husb->hdev->name, _urb, _urb->type, urb);
393 usb_kill_urb(urb);
394 _urb_queue_tail(__completed_q(husb, _urb->type), _urb);
395 }
396
397 /* Release completed requests */
398 while ((_urb = _urb_dequeue(&husb->completed_q[i]))) {
399 urb = &_urb->urb;
400 BT_DBG("%s freeing _urb %p type %d urb %p",
401 husb->hdev->name, _urb, _urb->type, urb);
402 kfree(urb->setup_packet);
403 kfree(urb->transfer_buffer);
404 _urb_free(_urb);
405 }
406
407 /* Release reassembly buffers */
408 if (husb->reassembly[i]) {
409 kfree_skb(husb->reassembly[i]);
410 husb->reassembly[i] = NULL;
411 }
412 }
413 }
414
415 /* Close device */
416 static int hci_usb_close(struct hci_dev *hdev)
417 {
418 struct hci_usb *husb = (struct hci_usb *) hdev->driver_data;
419 unsigned long flags;
420
421 if (!test_and_clear_bit(HCI_RUNNING, &hdev->flags))
422 return 0;
423
424 BT_DBG("%s", hdev->name);
425
426 /* Synchronize with completion handlers */
427 write_lock_irqsave(&husb->completion_lock, flags);
428 write_unlock_irqrestore(&husb->completion_lock, flags);
429
430 hci_usb_unlink_urbs(husb);
431 hci_usb_flush(hdev);
432 return 0;
433 }
434
435 static int __tx_submit(struct hci_usb *husb, struct _urb *_urb)
436 {
437 struct urb *urb = &_urb->urb;
438 int err;
439
440 BT_DBG("%s urb %p type %d", husb->hdev->name, urb, _urb->type);
441
442 _urb_queue_tail(__pending_q(husb, _urb->type), _urb);
443 err = usb_submit_urb(urb, GFP_ATOMIC);
444 if (err) {
445 BT_ERR("%s tx submit failed urb %p type %d err %d",
446 husb->hdev->name, urb, _urb->type, err);
447 _urb_unlink(_urb);
448 _urb_queue_tail(__completed_q(husb, _urb->type), _urb);
449 } else
450 atomic_inc(__pending_tx(husb, _urb->type));
451
452 return err;
453 }
454
455 static inline int hci_usb_send_ctrl(struct hci_usb *husb, struct sk_buff *skb)
456 {
457 struct _urb *_urb = __get_completed(husb, bt_cb(skb)->pkt_type);
458 struct usb_ctrlrequest *dr;
459 struct urb *urb;
460
461 if (!_urb) {
462 _urb = _urb_alloc(0, GFP_ATOMIC);
463 if (!_urb)
464 return -ENOMEM;
465 _urb->type = bt_cb(skb)->pkt_type;
466
467 dr = kmalloc(sizeof(*dr), GFP_ATOMIC);
468 if (!dr) {
469 _urb_free(_urb);
470 return -ENOMEM;
471 }
472 } else
473 dr = (void *) _urb->urb.setup_packet;
474
475 dr->bRequestType = husb->ctrl_req;
476 dr->bRequest = 0;
477 dr->wIndex = 0;
478 dr->wValue = 0;
479 dr->wLength = __cpu_to_le16(skb->len);
480
481 urb = &_urb->urb;
482 usb_fill_control_urb(urb, husb->udev, usb_sndctrlpipe(husb->udev, 0),
483 (void *) dr, skb->data, skb->len, hci_usb_tx_complete, husb);
484
485 BT_DBG("%s skb %p len %d", husb->hdev->name, skb, skb->len);
486
487 _urb->priv = skb;
488 return __tx_submit(husb, _urb);
489 }
490
491 static inline int hci_usb_send_bulk(struct hci_usb *husb, struct sk_buff *skb)
492 {
493 struct _urb *_urb = __get_completed(husb, bt_cb(skb)->pkt_type);
494 struct urb *urb;
495 int pipe;
496
497 if (!_urb) {
498 _urb = _urb_alloc(0, GFP_ATOMIC);
499 if (!_urb)
500 return -ENOMEM;
501 _urb->type = bt_cb(skb)->pkt_type;
502 }
503
504 urb = &_urb->urb;
505 pipe = usb_sndbulkpipe(husb->udev, husb->bulk_out_ep->desc.bEndpointAddress);
506 usb_fill_bulk_urb(urb, husb->udev, pipe, skb->data, skb->len,
507 hci_usb_tx_complete, husb);
508 urb->transfer_flags = URB_ZERO_PACKET;
509
510 BT_DBG("%s skb %p len %d", husb->hdev->name, skb, skb->len);
511
512 _urb->priv = skb;
513 return __tx_submit(husb, _urb);
514 }
515
516 #ifdef CONFIG_BT_HCIUSB_SCO
517 static inline int hci_usb_send_isoc(struct hci_usb *husb, struct sk_buff *skb)
518 {
519 struct _urb *_urb = __get_completed(husb, bt_cb(skb)->pkt_type);
520 struct urb *urb;
521
522 if (!_urb) {
523 _urb = _urb_alloc(HCI_MAX_ISOC_FRAMES, GFP_ATOMIC);
524 if (!_urb)
525 return -ENOMEM;
526 _urb->type = bt_cb(skb)->pkt_type;
527 }
528
529 BT_DBG("%s skb %p len %d", husb->hdev->name, skb, skb->len);
530
531 urb = &_urb->urb;
532
533 urb->context = husb;
534 urb->dev = husb->udev;
535 urb->pipe = usb_sndisocpipe(husb->udev, husb->isoc_out_ep->desc.bEndpointAddress);
536 urb->complete = hci_usb_tx_complete;
537 urb->transfer_flags = URB_ISO_ASAP;
538
539 urb->interval = husb->isoc_out_ep->desc.bInterval;
540
541 urb->transfer_buffer = skb->data;
542 urb->transfer_buffer_length = skb->len;
543
544 __fill_isoc_desc(urb, skb->len, le16_to_cpu(husb->isoc_out_ep->desc.wMaxPacketSize));
545
546 _urb->priv = skb;
547 return __tx_submit(husb, _urb);
548 }
549 #endif
550
551 static void hci_usb_tx_process(struct hci_usb *husb)
552 {
553 struct sk_buff_head *q;
554 struct sk_buff *skb;
555
556 BT_DBG("%s", husb->hdev->name);
557
558 do {
559 clear_bit(HCI_USB_TX_WAKEUP, &husb->state);
560
561 /* Process command queue */
562 q = __transmit_q(husb, HCI_COMMAND_PKT);
563 if (!atomic_read(__pending_tx(husb, HCI_COMMAND_PKT)) &&
564 (skb = skb_dequeue(q))) {
565 if (hci_usb_send_ctrl(husb, skb) < 0)
566 skb_queue_head(q, skb);
567 }
568
569 #ifdef CONFIG_BT_HCIUSB_SCO
570 /* Process SCO queue */
571 q = __transmit_q(husb, HCI_SCODATA_PKT);
572 if (atomic_read(__pending_tx(husb, HCI_SCODATA_PKT)) < HCI_MAX_ISOC_TX &&
573 (skb = skb_dequeue(q))) {
574 if (hci_usb_send_isoc(husb, skb) < 0)
575 skb_queue_head(q, skb);
576 }
577 #endif
578
579 /* Process ACL queue */
580 q = __transmit_q(husb, HCI_ACLDATA_PKT);
581 while (atomic_read(__pending_tx(husb, HCI_ACLDATA_PKT)) < HCI_MAX_BULK_TX &&
582 (skb = skb_dequeue(q))) {
583 if (hci_usb_send_bulk(husb, skb) < 0) {
584 skb_queue_head(q, skb);
585 break;
586 }
587 }
588 } while(test_bit(HCI_USB_TX_WAKEUP, &husb->state));
589 }
590
591 static inline void hci_usb_tx_wakeup(struct hci_usb *husb)
592 {
593 /* Serialize TX queue processing to avoid data reordering */
594 if (!test_and_set_bit(HCI_USB_TX_PROCESS, &husb->state)) {
595 hci_usb_tx_process(husb);
596 clear_bit(HCI_USB_TX_PROCESS, &husb->state);
597 } else
598 set_bit(HCI_USB_TX_WAKEUP, &husb->state);
599 }
600
601 /* Send frames from HCI layer */
602 static int hci_usb_send_frame(struct sk_buff *skb)
603 {
604 struct hci_dev *hdev = (struct hci_dev *) skb->dev;
605 struct hci_usb *husb;
606
607 if (!hdev) {
608 BT_ERR("frame for uknown device (hdev=NULL)");
609 return -ENODEV;
610 }
611
612 if (!test_bit(HCI_RUNNING, &hdev->flags))
613 return -EBUSY;
614
615 BT_DBG("%s type %d len %d", hdev->name, bt_cb(skb)->pkt_type, skb->len);
616
617 husb = (struct hci_usb *) hdev->driver_data;
618
619 switch (bt_cb(skb)->pkt_type) {
620 case HCI_COMMAND_PKT:
621 hdev->stat.cmd_tx++;
622 break;
623
624 case HCI_ACLDATA_PKT:
625 hdev->stat.acl_tx++;
626 break;
627
628 #ifdef CONFIG_BT_HCIUSB_SCO
629 case HCI_SCODATA_PKT:
630 hdev->stat.sco_tx++;
631 break;
632 #endif
633
634 default:
635 kfree_skb(skb);
636 return 0;
637 }
638
639 read_lock(&husb->completion_lock);
640
641 skb_queue_tail(__transmit_q(husb, bt_cb(skb)->pkt_type), skb);
642 hci_usb_tx_wakeup(husb);
643
644 read_unlock(&husb->completion_lock);
645 return 0;
646 }
647
648 static inline int __recv_frame(struct hci_usb *husb, int type, void *data, int count)
649 {
650 BT_DBG("%s type %d data %p count %d", husb->hdev->name, type, data, count);
651
652 husb->hdev->stat.byte_rx += count;
653
654 while (count) {
655 struct sk_buff *skb = __reassembly(husb, type);
656 struct { int expect; } *scb;
657 int len = 0;
658
659 if (!skb) {
660 /* Start of the frame */
661
662 switch (type) {
663 case HCI_EVENT_PKT:
664 if (count >= HCI_EVENT_HDR_SIZE) {
665 struct hci_event_hdr *h = data;
666 len = HCI_EVENT_HDR_SIZE + h->plen;
667 } else
668 return -EILSEQ;
669 break;
670
671 case HCI_ACLDATA_PKT:
672 if (count >= HCI_ACL_HDR_SIZE) {
673 struct hci_acl_hdr *h = data;
674 len = HCI_ACL_HDR_SIZE + __le16_to_cpu(h->dlen);
675 } else
676 return -EILSEQ;
677 break;
678 #ifdef CONFIG_BT_HCIUSB_SCO
679 case HCI_SCODATA_PKT:
680 if (count >= HCI_SCO_HDR_SIZE) {
681 struct hci_sco_hdr *h = data;
682 len = HCI_SCO_HDR_SIZE + h->dlen;
683 } else
684 return -EILSEQ;
685 break;
686 #endif
687 }
688 BT_DBG("new packet len %d", len);
689
690 skb = bt_skb_alloc(len, GFP_ATOMIC);
691 if (!skb) {
692 BT_ERR("%s no memory for the packet", husb->hdev->name);
693 return -ENOMEM;
694 }
695 skb->dev = (void *) husb->hdev;
696 bt_cb(skb)->pkt_type = type;
697
698 __reassembly(husb, type) = skb;
699
700 scb = (void *) skb->cb;
701 scb->expect = len;
702 } else {
703 /* Continuation */
704 scb = (void *) skb->cb;
705 len = scb->expect;
706 }
707
708 len = min(len, count);
709
710 memcpy(skb_put(skb, len), data, len);
711
712 scb->expect -= len;
713 if (!scb->expect) {
714 /* Complete frame */
715 __reassembly(husb, type) = NULL;
716 bt_cb(skb)->pkt_type = type;
717 hci_recv_frame(skb);
718 }
719
720 count -= len; data += len;
721 }
722 return 0;
723 }
724
725 static void hci_usb_rx_complete(struct urb *urb, struct pt_regs *regs)
726 {
727 struct _urb *_urb = container_of(urb, struct _urb, urb);
728 struct hci_usb *husb = (void *) urb->context;
729 struct hci_dev *hdev = husb->hdev;
730 int err, count = urb->actual_length;
731
732 BT_DBG("%s urb %p type %d status %d count %d flags %x", hdev->name, urb,
733 _urb->type, urb->status, count, urb->transfer_flags);
734
735 read_lock(&husb->completion_lock);
736
737 if (!test_bit(HCI_RUNNING, &hdev->flags))
738 goto unlock;
739
740 if (urb->status || !count)
741 goto resubmit;
742
743 if (_urb->type == HCI_SCODATA_PKT) {
744 #ifdef CONFIG_BT_HCIUSB_SCO
745 int i;
746 for (i=0; i < urb->number_of_packets; i++) {
747 BT_DBG("desc %d status %d offset %d len %d", i,
748 urb->iso_frame_desc[i].status,
749 urb->iso_frame_desc[i].offset,
750 urb->iso_frame_desc[i].actual_length);
751
752 if (!urb->iso_frame_desc[i].status)
753 __recv_frame(husb, _urb->type,
754 urb->transfer_buffer + urb->iso_frame_desc[i].offset,
755 urb->iso_frame_desc[i].actual_length);
756 }
757 #else
758 ;
759 #endif
760 } else {
761 err = __recv_frame(husb, _urb->type, urb->transfer_buffer, count);
762 if (err < 0) {
763 BT_ERR("%s corrupted packet: type %d count %d",
764 husb->hdev->name, _urb->type, count);
765 hdev->stat.err_rx++;
766 }
767 }
768
769 resubmit:
770 urb->dev = husb->udev;
771 err = usb_submit_urb(urb, GFP_ATOMIC);
772 BT_DBG("%s urb %p type %d resubmit status %d", hdev->name, urb,
773 _urb->type, err);
774
775 unlock:
776 read_unlock(&husb->completion_lock);
777 }
778
779 static void hci_usb_tx_complete(struct urb *urb, struct pt_regs *regs)
780 {
781 struct _urb *_urb = container_of(urb, struct _urb, urb);
782 struct hci_usb *husb = (void *) urb->context;
783 struct hci_dev *hdev = husb->hdev;
784
785 BT_DBG("%s urb %p status %d flags %x", hdev->name, urb,
786 urb->status, urb->transfer_flags);
787
788 atomic_dec(__pending_tx(husb, _urb->type));
789
790 urb->transfer_buffer = NULL;
791 kfree_skb((struct sk_buff *) _urb->priv);
792
793 if (!test_bit(HCI_RUNNING, &hdev->flags))
794 return;
795
796 if (!urb->status)
797 hdev->stat.byte_tx += urb->transfer_buffer_length;
798 else
799 hdev->stat.err_tx++;
800
801 read_lock(&husb->completion_lock);
802
803 _urb_unlink(_urb);
804 _urb_queue_tail(__completed_q(husb, _urb->type), _urb);
805
806 hci_usb_tx_wakeup(husb);
807
808 read_unlock(&husb->completion_lock);
809 }
810
811 static void hci_usb_destruct(struct hci_dev *hdev)
812 {
813 struct hci_usb *husb = (struct hci_usb *) hdev->driver_data;
814
815 BT_DBG("%s", hdev->name);
816
817 kfree(husb);
818 }
819
820 static void hci_usb_notify(struct hci_dev *hdev, unsigned int evt)
821 {
822 BT_DBG("%s evt %d", hdev->name, evt);
823 }
824
825 static int hci_usb_probe(struct usb_interface *intf, const struct usb_device_id *id)
826 {
827 struct usb_device *udev = interface_to_usbdev(intf);
828 struct usb_host_endpoint *bulk_out_ep = NULL;
829 struct usb_host_endpoint *bulk_in_ep = NULL;
830 struct usb_host_endpoint *intr_in_ep = NULL;
831 struct usb_host_endpoint *ep;
832 struct usb_host_interface *uif;
833 struct usb_interface *isoc_iface;
834 struct hci_usb *husb;
835 struct hci_dev *hdev;
836 int i, e, size, isoc_ifnum, isoc_alts;
837
838 BT_DBG("udev %p intf %p", udev, intf);
839
840 if (!id->driver_info) {
841 const struct usb_device_id *match;
842 match = usb_match_id(intf, blacklist_ids);
843 if (match)
844 id = match;
845 }
846
847 if (ignore || id->driver_info & HCI_IGNORE)
848 return -ENODEV;
849
850 if (ignore_dga && id->driver_info & HCI_DIGIANSWER)
851 return -ENODEV;
852
853 if (ignore_csr && id->driver_info & HCI_CSR)
854 return -ENODEV;
855
856 if (ignore_sniffer && id->driver_info & HCI_SNIFFER)
857 return -ENODEV;
858
859 if (intf->cur_altsetting->desc.bInterfaceNumber > 0)
860 return -ENODEV;
861
862 /* Find endpoints that we need */
863 uif = intf->cur_altsetting;
864 for (e = 0; e < uif->desc.bNumEndpoints; e++) {
865 ep = &uif->endpoint[e];
866
867 switch (ep->desc.bmAttributes & USB_ENDPOINT_XFERTYPE_MASK) {
868 case USB_ENDPOINT_XFER_INT:
869 if (ep->desc.bEndpointAddress & USB_DIR_IN)
870 intr_in_ep = ep;
871 break;
872
873 case USB_ENDPOINT_XFER_BULK:
874 if (ep->desc.bEndpointAddress & USB_DIR_IN)
875 bulk_in_ep = ep;
876 else
877 bulk_out_ep = ep;
878 break;
879 }
880 }
881
882 if (!bulk_in_ep || !bulk_out_ep || !intr_in_ep) {
883 BT_DBG("Bulk endpoints not found");
884 goto done;
885 }
886
887 if (!(husb = kzalloc(sizeof(struct hci_usb), GFP_KERNEL))) {
888 BT_ERR("Can't allocate: control structure");
889 goto done;
890 }
891
892 husb->udev = udev;
893 husb->bulk_out_ep = bulk_out_ep;
894 husb->bulk_in_ep = bulk_in_ep;
895 husb->intr_in_ep = intr_in_ep;
896
897 if (id->driver_info & HCI_DIGIANSWER)
898 husb->ctrl_req = USB_TYPE_VENDOR;
899 else
900 husb->ctrl_req = USB_TYPE_CLASS;
901
902 /* Find isochronous endpoints that we can use */
903 size = 0;
904 isoc_iface = NULL;
905 isoc_alts = 0;
906 isoc_ifnum = 1;
907
908 #ifdef CONFIG_BT_HCIUSB_SCO
909 if (isoc && !(id->driver_info & (HCI_BROKEN_ISOC | HCI_SNIFFER)))
910 isoc_iface = usb_ifnum_to_if(udev, isoc_ifnum);
911
912 if (isoc_iface) {
913 int a;
914 struct usb_host_endpoint *isoc_out_ep = NULL;
915 struct usb_host_endpoint *isoc_in_ep = NULL;
916
917 for (a = 0; a < isoc_iface->num_altsetting; a++) {
918 uif = &isoc_iface->altsetting[a];
919 for (e = 0; e < uif->desc.bNumEndpoints; e++) {
920 ep = &uif->endpoint[e];
921
922 switch (ep->desc.bmAttributes & USB_ENDPOINT_XFERTYPE_MASK) {
923 case USB_ENDPOINT_XFER_ISOC:
924 if (le16_to_cpu(ep->desc.wMaxPacketSize) < size ||
925 uif->desc.bAlternateSetting != isoc)
926 break;
927 size = le16_to_cpu(ep->desc.wMaxPacketSize);
928
929 isoc_alts = uif->desc.bAlternateSetting;
930
931 if (ep->desc.bEndpointAddress & USB_DIR_IN)
932 isoc_in_ep = ep;
933 else
934 isoc_out_ep = ep;
935 break;
936 }
937 }
938 }
939
940 if (!isoc_in_ep || !isoc_out_ep)
941 BT_DBG("Isoc endpoints not found");
942 else {
943 BT_DBG("isoc ifnum %d alts %d", isoc_ifnum, isoc_alts);
944 if (usb_driver_claim_interface(&hci_usb_driver, isoc_iface, husb) != 0)
945 BT_ERR("Can't claim isoc interface");
946 else if (usb_set_interface(udev, isoc_ifnum, isoc_alts)) {
947 BT_ERR("Can't set isoc interface settings");
948 husb->isoc_iface = isoc_iface;
949 usb_driver_release_interface(&hci_usb_driver, isoc_iface);
950 husb->isoc_iface = NULL;
951 } else {
952 husb->isoc_iface = isoc_iface;
953 husb->isoc_in_ep = isoc_in_ep;
954 husb->isoc_out_ep = isoc_out_ep;
955 }
956 }
957 }
958 #endif
959
960 rwlock_init(&husb->completion_lock);
961
962 for (i = 0; i < 4; i++) {
963 skb_queue_head_init(&husb->transmit_q[i]);
964 _urb_queue_init(&husb->pending_q[i]);
965 _urb_queue_init(&husb->completed_q[i]);
966 }
967
968 /* Initialize and register HCI device */
969 hdev = hci_alloc_dev();
970 if (!hdev) {
971 BT_ERR("Can't allocate HCI device");
972 goto probe_error;
973 }
974
975 husb->hdev = hdev;
976
977 hdev->type = HCI_USB;
978 hdev->driver_data = husb;
979 SET_HCIDEV_DEV(hdev, &intf->dev);
980
981 hdev->open = hci_usb_open;
982 hdev->close = hci_usb_close;
983 hdev->flush = hci_usb_flush;
984 hdev->send = hci_usb_send_frame;
985 hdev->destruct = hci_usb_destruct;
986 hdev->notify = hci_usb_notify;
987
988 hdev->owner = THIS_MODULE;
989
990 if (reset || id->driver_info & HCI_RESET)
991 set_bit(HCI_QUIRK_RESET_ON_INIT, &hdev->quirks);
992
993 if (id->driver_info & HCI_WRONG_SCO_MTU)
994 set_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks);
995
996 if (id->driver_info & HCI_SNIFFER) {
997 if (le16_to_cpu(udev->descriptor.bcdDevice) > 0x997)
998 set_bit(HCI_QUIRK_RAW_DEVICE, &hdev->quirks);
999 }
1000
1001 if (id->driver_info & HCI_BCM92035) {
1002 unsigned char cmd[] = { 0x3b, 0xfc, 0x01, 0x00 };
1003 struct sk_buff *skb;
1004
1005 skb = bt_skb_alloc(sizeof(cmd), GFP_KERNEL);
1006 if (skb) {
1007 memcpy(skb_put(skb, sizeof(cmd)), cmd, sizeof(cmd));
1008 skb_queue_tail(&hdev->driver_init, skb);
1009 }
1010 }
1011
1012 if (hci_register_dev(hdev) < 0) {
1013 BT_ERR("Can't register HCI device");
1014 hci_free_dev(hdev);
1015 goto probe_error;
1016 }
1017
1018 usb_set_intfdata(intf, husb);
1019 return 0;
1020
1021 probe_error:
1022 if (husb->isoc_iface)
1023 usb_driver_release_interface(&hci_usb_driver, husb->isoc_iface);
1024 kfree(husb);
1025
1026 done:
1027 return -EIO;
1028 }
1029
1030 static void hci_usb_disconnect(struct usb_interface *intf)
1031 {
1032 struct hci_usb *husb = usb_get_intfdata(intf);
1033 struct hci_dev *hdev;
1034
1035 if (!husb || intf == husb->isoc_iface)
1036 return;
1037
1038 usb_set_intfdata(intf, NULL);
1039 hdev = husb->hdev;
1040
1041 BT_DBG("%s", hdev->name);
1042
1043 hci_usb_close(hdev);
1044
1045 if (husb->isoc_iface)
1046 usb_driver_release_interface(&hci_usb_driver, husb->isoc_iface);
1047
1048 if (hci_unregister_dev(hdev) < 0)
1049 BT_ERR("Can't unregister HCI device %s", hdev->name);
1050
1051 hci_free_dev(hdev);
1052 }
1053
1054 static int hci_usb_suspend(struct usb_interface *intf, pm_message_t message)
1055 {
1056 struct hci_usb *husb = usb_get_intfdata(intf);
1057 struct list_head killed;
1058 unsigned long flags;
1059 int i;
1060
1061 if (!husb || intf == husb->isoc_iface)
1062 return 0;
1063
1064 hci_suspend_dev(husb->hdev);
1065
1066 INIT_LIST_HEAD(&killed);
1067
1068 for (i = 0; i < 4; i++) {
1069 struct _urb_queue *q = &husb->pending_q[i];
1070 struct _urb *_urb, *_tmp;
1071
1072 while ((_urb = _urb_dequeue(q))) {
1073 /* reset queue since _urb_dequeue sets it to NULL */
1074 _urb->queue = q;
1075 usb_kill_urb(&_urb->urb);
1076 list_add(&_urb->list, &killed);
1077 }
1078
1079 spin_lock_irqsave(&q->lock, flags);
1080
1081 list_for_each_entry_safe(_urb, _tmp, &killed, list) {
1082 list_move_tail(&_urb->list, &q->head);
1083 }
1084
1085 spin_unlock_irqrestore(&q->lock, flags);
1086 }
1087
1088 return 0;
1089 }
1090
1091 static int hci_usb_resume(struct usb_interface *intf)
1092 {
1093 struct hci_usb *husb = usb_get_intfdata(intf);
1094 unsigned long flags;
1095 int i, err = 0;
1096
1097 if (!husb || intf == husb->isoc_iface)
1098 return 0;
1099
1100 for (i = 0; i < 4; i++) {
1101 struct _urb_queue *q = &husb->pending_q[i];
1102 struct _urb *_urb;
1103
1104 spin_lock_irqsave(&q->lock, flags);
1105
1106 list_for_each_entry(_urb, &q->head, list) {
1107 err = usb_submit_urb(&_urb->urb, GFP_ATOMIC);
1108 if (err)
1109 break;
1110 }
1111
1112 spin_unlock_irqrestore(&q->lock, flags);
1113
1114 if (err)
1115 return -EIO;
1116 }
1117
1118 hci_resume_dev(husb->hdev);
1119
1120 return 0;
1121 }
1122
1123 static struct usb_driver hci_usb_driver = {
1124 .name = "hci_usb",
1125 .probe = hci_usb_probe,
1126 .disconnect = hci_usb_disconnect,
1127 .suspend = hci_usb_suspend,
1128 .resume = hci_usb_resume,
1129 .id_table = bluetooth_ids,
1130 };
1131
1132 static int __init hci_usb_init(void)
1133 {
1134 int err;
1135
1136 BT_INFO("HCI USB driver ver %s", VERSION);
1137
1138 if ((err = usb_register(&hci_usb_driver)) < 0)
1139 BT_ERR("Failed to register HCI USB driver");
1140
1141 return err;
1142 }
1143
1144 static void __exit hci_usb_exit(void)
1145 {
1146 usb_deregister(&hci_usb_driver);
1147 }
1148
1149 module_init(hci_usb_init);
1150 module_exit(hci_usb_exit);
1151
1152 module_param(ignore, bool, 0644);
1153 MODULE_PARM_DESC(ignore, "Ignore devices from the matching table");
1154
1155 module_param(ignore_dga, bool, 0644);
1156 MODULE_PARM_DESC(ignore_dga, "Ignore devices with id 08fd:0001");
1157
1158 module_param(ignore_csr, bool, 0644);
1159 MODULE_PARM_DESC(ignore_csr, "Ignore devices with id 0a12:0001");
1160
1161 module_param(ignore_sniffer, bool, 0644);
1162 MODULE_PARM_DESC(ignore_sniffer, "Ignore devices with id 0a12:0002");
1163
1164 module_param(reset, bool, 0644);
1165 MODULE_PARM_DESC(reset, "Send HCI reset command on initialization");
1166
1167 #ifdef CONFIG_BT_HCIUSB_SCO
1168 module_param(isoc, int, 0644);
1169 MODULE_PARM_DESC(isoc, "Set isochronous transfers for SCO over HCI support");
1170 #endif
1171
1172 MODULE_AUTHOR("Maxim Krasnyansky <maxk@qualcomm.com>, Marcel Holtmann <marcel@holtmann.org>");
1173 MODULE_DESCRIPTION("Bluetooth HCI USB driver ver " VERSION);
1174 MODULE_VERSION(VERSION);
1175 MODULE_LICENSE("GPL");
ubuntu-zesty-kernel mirror