1 /*
2 *
3 * Realtek Bluetooth USB driver
4 *
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
10 *
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 */
17
18 #include <linux/kernel.h>
19 #include <linux/module.h>
20 #include <linux/init.h>
21 #include <linux/slab.h>
22 #include <linux/types.h>
23 #include <linux/sched.h>
24 #include <linux/errno.h>
25 #include <linux/skbuff.h>
26 #include <linux/usb.h>
27
28 #include <linux/ioctl.h>
29 #include <linux/io.h>
30 #include <linux/firmware.h>
31 #include <linux/vmalloc.h>
32 #include <linux/fs.h>
33 #include <linux/uaccess.h>
34 #include <linux/reboot.h>
35
36 #include "rtk_btusb.h"
37
38 #define RTKBT_RELEASE_NAME "20200109_BT_ANDROID_10.0"
39 #define VERSION "5.2.1"
40
41 #define SUSPNED_DW_FW 0
42 #define SET_WAKEUP_DEVICE 0
43
44
45 static spinlock_t queue_lock;
46 static spinlock_t running_flag_lock;
47 static volatile uint16_t driver_state;
48
49 #if SUSPNED_DW_FW
50 static firmware_info * fw_info_4_suspend;
51 #endif
52
53 static uint32_t usb_info;
54
55 static patch_info fw_patch_table[] = {
56 /* { vid, pid, lmp_sub_default, lmp_sub, everion, mp_fw_name, fw_name, config_name, fw_cache, fw_len, mac_offset } */
57 { 0x0BDA, 0x1724, 0x1200, 0, 0, "mp_rtl8723a_fw", "rtl8723a_fw", "rtl8723a_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_1_2, MAX_PATCH_SIZE_24K}, /* RTL8723A */
58 { 0x0BDA, 0x8723, 0x1200, 0, 0, "mp_rtl8723a_fw", "rtl8723a_fw", "rtl8723a_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_1_2, MAX_PATCH_SIZE_24K}, /* 8723AE */
59 { 0x0BDA, 0xA723, 0x1200, 0, 0, "mp_rtl8723a_fw", "rtl8723a_fw", "rtl8723a_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_1_2, MAX_PATCH_SIZE_24K}, /* 8723AE for LI */
60 { 0x0BDA, 0x0723, 0x1200, 0, 0, "mp_rtl8723a_fw", "rtl8723a_fw", "rtl8723a_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_1_2, MAX_PATCH_SIZE_24K}, /* 8723AE */
61 { 0x13D3, 0x3394, 0x1200, 0, 0, "mp_rtl8723a_fw", "rtl8723a_fw", "rtl8723a_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_1_2, MAX_PATCH_SIZE_24K}, /* 8723AE for Azurewave*/
62
63 { 0x0BDA, 0x0724, 0x1200, 0, 0, "mp_rtl8723a_fw", "rtl8723a_fw", "rtl8723a_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_1_2, MAX_PATCH_SIZE_24K}, /* 8723AU */
64 { 0x0BDA, 0x8725, 0x1200, 0, 0, "mp_rtl8723a_fw", "rtl8723a_fw", "rtl8723a_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_1_2, MAX_PATCH_SIZE_24K}, /* 8723AU */
65 { 0x0BDA, 0x872A, 0x1200, 0, 0, "mp_rtl8723a_fw", "rtl8723a_fw", "rtl8723a_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_1_2, MAX_PATCH_SIZE_24K}, /* 8723AU */
66 { 0x0BDA, 0x872B, 0x1200, 0, 0, "mp_rtl8723a_fw", "rtl8723a_fw", "rtl8723a_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_1_2, MAX_PATCH_SIZE_24K}, /* 8723AU */
67
68 { 0x0BDA, 0xb720, 0x8723, 0, 0, "mp_rtl8723b_fw", "rtl8723b_fw", "rtl8723bu_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_1_2, MAX_PATCH_SIZE_24K}, /* RTL8723BU */
69 { 0x0BDA, 0xb72A, 0x8723, 0, 0, "mp_rtl8723b_fw", "rtl8723b_fw", "rtl8723bu_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_1_2, MAX_PATCH_SIZE_24K}, /* RTL8723BU */
70 { 0x0BDA, 0xb728, 0x8723, 0, 0, "mp_rtl8723b_fw", "rtl8723b_fw", "rtl8723b_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_1_2, MAX_PATCH_SIZE_24K}, /* RTL8723BE for LC */
71 { 0x0BDA, 0xb723, 0x8723, 0, 0, "mp_rtl8723b_fw", "rtl8723b_fw", "rtl8723b_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_1_2, MAX_PATCH_SIZE_24K}, /* RTL8723BE */
72 { 0x0BDA, 0xb72B, 0x8723, 0, 0, "mp_rtl8723b_fw", "rtl8723b_fw", "rtl8723b_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_1_2, MAX_PATCH_SIZE_24K}, /* RTL8723BE */
73 { 0x0BDA, 0xb001, 0x8723, 0, 0, "mp_rtl8723b_fw", "rtl8723b_fw", "rtl8723b_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_1_2, MAX_PATCH_SIZE_24K}, /* RTL8723BE for HP */
74 { 0x0BDA, 0xb002, 0x8723, 0, 0, "mp_rtl8723b_fw", "rtl8723b_fw", "rtl8723b_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_1_2, MAX_PATCH_SIZE_24K}, /* RTL8723BE */
75 { 0x0BDA, 0xb003, 0x8723, 0, 0, "mp_rtl8723b_fw", "rtl8723b_fw", "rtl8723b_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_1_2, MAX_PATCH_SIZE_24K}, /* RTL8723BE */
76 { 0x0BDA, 0xb004, 0x8723, 0, 0, "mp_rtl8723b_fw", "rtl8723b_fw", "rtl8723b_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_1_2, MAX_PATCH_SIZE_24K}, /* RTL8723BE */
77 { 0x0BDA, 0xb005, 0x8723, 0, 0, "mp_rtl8723b_fw", "rtl8723b_fw", "rtl8723b_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_1_2, MAX_PATCH_SIZE_24K}, /* RTL8723BE */
78
79 { 0x13D3, 0x3410, 0x8723, 0, 0, "mp_rtl8723b_fw", "rtl8723b_fw", "rtl8723b_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_1_2, MAX_PATCH_SIZE_24K}, /* RTL8723BE for Azurewave */
80 { 0x13D3, 0x3416, 0x8723, 0, 0, "mp_rtl8723b_fw", "rtl8723b_fw", "rtl8723b_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_1_2, MAX_PATCH_SIZE_24K}, /* RTL8723BE for Azurewave */
81 { 0x13D3, 0x3459, 0x8723, 0, 0, "mp_rtl8723b_fw", "rtl8723b_fw", "rtl8723b_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_1_2, MAX_PATCH_SIZE_24K}, /* RTL8723BE for Azurewave */
82 { 0x0489, 0xE085, 0x8723, 0, 0, "mp_rtl8723b_fw", "rtl8723b_fw", "rtl8723b_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_1_2, MAX_PATCH_SIZE_24K}, /* RTL8723BE for Foxconn */
83 { 0x0489, 0xE08B, 0x8723, 0, 0, "mp_rtl8723b_fw", "rtl8723b_fw", "rtl8723b_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_1_2, MAX_PATCH_SIZE_24K}, /* RTL8723BE for Foxconn */
84
85 { 0x0BDA, 0x2850, 0x8761, 0, 0, "mp_rtl8761a_fw", "rtl8761au_fw", "rtl8761a_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_1_2, MAX_PATCH_SIZE_24K}, /* RTL8761AU */
86 { 0x0BDA, 0xA761, 0x8761, 0, 0, "mp_rtl8761a_fw", "rtl8761au_fw", "rtl8761a_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_1_2, MAX_PATCH_SIZE_24K}, /* RTL8761AU only */
87 { 0x0BDA, 0x818B, 0x8761, 0, 0, "mp_rtl8761a_fw", "rtl8761aw8192eu_fw", "rtl8761aw8192eu_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_1_2, MAX_PATCH_SIZE_24K}, /* RTL8761AW + 8192EU */
88 { 0x0BDA, 0x818C, 0x8761, 0, 0, "mp_rtl8761a_fw", "rtl8761aw8192eu_fw", "rtl8761aw8192eu_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_1_2, MAX_PATCH_SIZE_24K}, /* RTL8761AW + 8192EU */
89 { 0x0BDA, 0x8760, 0x8761, 0, 0, "mp_rtl8761a_fw", "rtl8761au8192ee_fw", "rtl8761a_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_1_2, MAX_PATCH_SIZE_24K}, /* RTL8761AU + 8192EE */
90 { 0x0BDA, 0xB761, 0x8761, 0, 0, "mp_rtl8761a_fw", "rtl8761au_fw", "rtl8761a_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_1_2, MAX_PATCH_SIZE_24K}, /* RTL8761AUV only */
91 { 0x0BDA, 0x8761, 0x8761, 0, 0, "mp_rtl8761a_fw", "rtl8761au8192ee_fw", "rtl8761a_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_1_2, MAX_PATCH_SIZE_24K}, /* RTL8761AU + 8192EE for LI */
92 { 0x0BDA, 0x8A60, 0x8761, 0, 0, "mp_rtl8761a_fw", "rtl8761au8812ae_fw", "rtl8761a_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_1_2, MAX_PATCH_SIZE_24K}, /* RTL8761AU + 8812AE */
93 { 0x0BDA, 0x8771, 0x8761, 0, 0, "mp_rtl8761b_fw", "rtl8761b_fw", "rtl8761b_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_4PLUS, MAX_PATCH_SIZE_40K}, /* RTL8761BU */
94 { 0x0BDA, 0xa725, 0x8761, 0, 0, "mp_rtl8725a_fw", "rtl8725a_fw", "rtl8725a_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_4PLUS, MAX_PATCH_SIZE_40K}, /* RTL8725AU */
95 { 0x0BDA, 0xa72A, 0x8761, 0, 0, "mp_rtl8725a_fw", "rtl8725a_fw", "rtl8725a_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_4PLUS, MAX_PATCH_SIZE_40K}, /* RTL8725AU BT only */
96
97 { 0x0BDA, 0x8821, 0x8821, 0, 0, "mp_rtl8821a_fw", "rtl8821a_fw", "rtl8821a_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_1_2, MAX_PATCH_SIZE_24K}, /* RTL8821AE */
98 { 0x0BDA, 0x0821, 0x8821, 0, 0, "mp_rtl8821a_fw", "rtl8821a_fw", "rtl8821a_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_1_2, MAX_PATCH_SIZE_24K}, /* RTL8821AE */
99 { 0x0BDA, 0x0823, 0x8821, 0, 0, "mp_rtl8821a_fw", "rtl8821a_fw", "rtl8821a_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_1_2, MAX_PATCH_SIZE_24K}, /* RTL8821AU */
100 { 0x13D3, 0x3414, 0x8821, 0, 0, "mp_rtl8821a_fw", "rtl8821a_fw", "rtl8821a_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_1_2, MAX_PATCH_SIZE_24K}, /* RTL8821AE */
101 { 0x13D3, 0x3458, 0x8821, 0, 0, "mp_rtl8821a_fw", "rtl8821a_fw", "rtl8821a_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_1_2, MAX_PATCH_SIZE_24K}, /* RTL8821AE */
102 { 0x13D3, 0x3461, 0x8821, 0, 0, "mp_rtl8821a_fw", "rtl8821a_fw", "rtl8821a_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_1_2, MAX_PATCH_SIZE_24K}, /* RTL8821AE */
103 { 0x13D3, 0x3462, 0x8821, 0, 0, "mp_rtl8821a_fw", "rtl8821a_fw", "rtl8821a_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_1_2, MAX_PATCH_SIZE_24K}, /* RTL8821AE */
104
105 { 0x0BDA, 0xB822, 0x8822, 0, 0, "mp_rtl8822b_fw", "rtl8822b_fw", "rtl8822b_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_3PLUS, MAX_PATCH_SIZE_24K}, /* RTL8822BE */
106 { 0x0BDA, 0xB82C, 0x8822, 0, 0, "mp_rtl8822b_fw", "rtl8822b_fw", "rtl8822b_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_3PLUS, MAX_PATCH_SIZE_24K}, /* RTL8822BU */
107 { 0x0BDA, 0xB81D, 0x8822, 0, 0, "mp_rtl8822b_fw", "rtl8822b_fw", "rtl8822b_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_3PLUS, MAX_PATCH_SIZE_24K}, /* RTL8822BU BT only */
108 { 0x0BDA, 0xB82E, 0x8822, 0, 0, "mp_rtl8822b_fw", "rtl8822b_fw", "rtl8822b_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_3PLUS, MAX_PATCH_SIZE_24K}, /* RTL8822BU-VN */
109 { 0x0BDA, 0xB023, 0x8822, 0, 0, "mp_rtl8822b_fw", "rtl8822b_fw", "rtl8822b_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_3PLUS, MAX_PATCH_SIZE_24K}, /* RTL8822BE */
110 { 0x0BDA, 0xB703, 0x8703, 0, 0, "mp_rtl8723c_fw", "rtl8723c_fw", "rtl8723c_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_3PLUS, MAX_PATCH_SIZE_24K}, /* RTL8723CU */
111 /* todo: RTL8703BU */
112
113 { 0x0BDA, 0xD723, 0x8723, 0, 0, "mp_rtl8723d_fw", "rtl8723d_fw", "rtl8723d_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_3PLUS, MAX_PATCH_SIZE_40K}, /* RTL8723DU */
114 { 0x0BDA, 0xD72A, 0x8723, 0, 0, "mp_rtl8723d_fw", "rtl8723d_fw", "rtl8723d_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_3PLUS, MAX_PATCH_SIZE_40K}, /* RTL8723DU BT only */
115 { 0x0BDA, 0xD720, 0x8723, 0, 0, "mp_rtl8723d_fw", "rtl8723d_fw", "rtl8723d_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_3PLUS, MAX_PATCH_SIZE_40K}, /* RTL8723DE */
116 { 0x0BDA, 0xB820, 0x8821, 0, 0, "mp_rtl8821c_fw", "rtl8821c_fw", "rtl8821c_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_3PLUS, MAX_PATCH_SIZE_40K}, /* RTL8821CU */
117 { 0x0BDA, 0xC820, 0x8821, 0, 0, "mp_rtl8821c_fw", "rtl8821c_fw", "rtl8821c_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_3PLUS, MAX_PATCH_SIZE_40K}, /* RTL8821CU */
118 { 0x0BDA, 0xC82A, 0x8821, 0, 0, "mp_rtl8821c_fw", "rtl8821c_fw", "rtl8821c_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_3PLUS, MAX_PATCH_SIZE_40K}, /* RTL8821CU BT only */
119 { 0x0BDA, 0xC821, 0x8821, 0, 0, "mp_rtl8821c_fw", "rtl8821c_fw", "rtl8821c_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_3PLUS, MAX_PATCH_SIZE_40K}, /* RTL8821CE */
120 /* todo: RTL8703CU */
121 { 0x0BDA, 0xC82C, 0x8822, 0, 0, "mp_rtl8822c_fw", "rtl8822c_fw", "rtl8822c_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_4PLUS, MAX_PATCH_SIZE_40K}, /* RTL8822CU */
122 { 0x0BDA, 0xC82E, 0x8822, 0, 0, "mp_rtl8822c_fw", "rtl8822c_fw", "rtl8822c_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_4PLUS, MAX_PATCH_SIZE_40K}, /* RTL8822CU-VN */
123 { 0x0BDA, 0xC81D, 0x8822, 0, 0, "mp_rtl8822c_fw", "rtl8822c_fw", "rtl8822c_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_4PLUS, MAX_PATCH_SIZE_40K}, /* RTL8822CU BT only */
124 { 0x0BDA, 0xC82F, 0x8822, 0, 0, "mp_rtl8822c_fw", "rtl8822c_fw", "rtl8822c_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_4PLUS, MAX_PATCH_SIZE_40K}, /* RTL8822CE-VS */
125 { 0x0BDA, 0xC822, 0x8822, 0, 0, "mp_rtl8822c_fw", "rtl8822c_fw", "rtl8822c_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_4PLUS, MAX_PATCH_SIZE_40K}, /* RTL8822CE */
126 { 0x0BDA, 0xB00C, 0x8822, 0, 0, "mp_rtl8822c_fw", "rtl8822c_fw", "rtl8822c_config", NULL, 0, CONFIG_MAC_OFFSET_GEN_4PLUS, MAX_PATCH_SIZE_40K}, /* RTL8822CE */
127 /* NOTE: must append patch entries above the null entry */
128 { 0, 0, 0, 0, 0, NULL, NULL, NULL, NULL, 0, 0, 0 }
129 };
130
131 struct btusb_data {
132 struct hci_dev *hdev;
133 struct usb_device *udev;
134 struct usb_interface *intf;
135 struct usb_interface *isoc;
136
137 spinlock_t lock;
138
139 unsigned long flags;
140
141 struct work_struct work;
142 struct work_struct waker;
143
144 struct usb_anchor tx_anchor;
145 struct usb_anchor intr_anchor;
146 struct usb_anchor bulk_anchor;
147 struct usb_anchor isoc_anchor;
148 struct usb_anchor deferred;
149 int tx_in_flight;
150 spinlock_t txlock;
151
152 struct usb_endpoint_descriptor *intr_ep;
153 struct usb_endpoint_descriptor *bulk_tx_ep;
154 struct usb_endpoint_descriptor *bulk_rx_ep;
155 struct usb_endpoint_descriptor *isoc_tx_ep;
156 struct usb_endpoint_descriptor *isoc_rx_ep;
157
158 __u8 cmdreq_type;
159
160 unsigned int sco_num;
161 int isoc_altsetting;
162 int suspend_count;
163 uint16_t sco_handle;
164 //#ifdef CONFIG_HAS_EARLYSUSPEND
165 #if 0
166 struct early_suspend early_suspend;
167 #else
168 struct notifier_block pm_notifier;
169 struct notifier_block reboot_notifier;
170 #endif
171 firmware_info * fw_info;
172
173 #ifdef CONFIG_SCO_OVER_HCI
174 RTK_sco_card_t *pSCOSnd;
175 #endif
176 };
177
178 int download_patch(firmware_info *fw_info, int cached);
179 int reset_controller(firmware_info *fw_info);
180
181
182 /********************************************************
183 ** this function first check the value, if true then set value
184 **
185 *********************************************************/
check_set_driver_state_value(uint16_t check_value,uint16_t change_value)186 static inline bool check_set_driver_state_value(uint16_t check_value, uint16_t change_value)
187 {
188 bool res;
189 spin_lock(&running_flag_lock);
190 if ((driver_state & check_value) != check_value) {
191 res = false;
192 } else {
193 driver_state |= change_value;
194 res = true;
195 }
196 spin_unlock(&running_flag_lock);
197 return res;
198 }
199
get_driver_state_value(void)200 static inline uint16_t get_driver_state_value(void)
201 {
202 uint16_t state;
203 spin_lock(&running_flag_lock);
204 state = driver_state;
205 spin_unlock(&running_flag_lock);
206 return state;
207 }
208
clear_driver_state(uint16_t clear_value)209 static inline void clear_driver_state(uint16_t clear_value)
210 {
211 spin_lock(&running_flag_lock);
212 driver_state &= (~clear_value);
213 spin_unlock(&running_flag_lock);
214 }
215
set_driver_state_value(uint16_t change_value)216 static inline void set_driver_state_value(uint16_t change_value)
217 {
218 spin_lock(&running_flag_lock);
219 driver_state |= change_value;
220 spin_unlock(&running_flag_lock);
221 }
222
223 #if SUSPNED_DW_FW
224 static int download_suspend_patch(firmware_info *fw_info, int cached);
225 #endif
226 #if SET_WAKEUP_DEVICE
227 static void set_wakeup_device_from_conf(firmware_info *fw_info);
228 int set_wakeup_device(firmware_info *fw_info, uint8_t *wakeup_bdaddr);
229 #endif
230
rtk_free(struct btusb_data * data)231 static void rtk_free(struct btusb_data *data)
232 {
233 #if LINUX_VERSION_CODE < KERNEL_VERSION(3, 7, 1)
234 kfree(data);
235 #endif
236 return;
237 }
238
rtk_alloc(struct usb_interface * intf)239 static struct btusb_data *rtk_alloc(struct usb_interface *intf)
240 {
241 struct btusb_data *data;
242 #if LINUX_VERSION_CODE < KERNEL_VERSION(3, 7, 1)
243 data = kzalloc(sizeof(*data), GFP_KERNEL);
244 #else
245 data = devm_kzalloc(&intf->dev, sizeof(*data), GFP_KERNEL);
246 #endif
247 return data;
248 }
249
print_acl(struct sk_buff * skb,int direction)250 static void print_acl(struct sk_buff *skb, int direction)
251 {
252 #if PRINT_ACL_DATA
253 uint wlength = skb->len;
254 u16 *handle = (u16 *)(skb->data);
255 u16 len = *(handle+1);
256 u8 *acl_data = (u8 *)(skb->data);
257
258 RTK_INFO("%s: direction %d, handle %04x, len %d",
259 __func__, direction, *handle, len);
260 #endif
261 }
262
print_sco(struct sk_buff * skb,int direction)263 static void print_sco(struct sk_buff *skb, int direction)
264 {
265 #if PRINT_SCO_DATA
266 uint wlength = skb->len;
267 u16 *handle = (u16 *)(skb->data);
268 u8 len = *(u8 *)(handle+1);
269 u8 *sco_data = (u8 *)(skb->data);
270
271 RTKBT_INFO("%s: direction %d, handle %04x, len %d",
272 __func__, direction, *handle, len);
273 #endif
274 }
275
print_error_command(struct sk_buff * skb)276 static void print_error_command(struct sk_buff *skb)
277 {
278 uint wlength = skb->len;
279 uint icount = 0;
280 u16 *opcode = (u16 *)(skb->data);
281 u8 *cmd_data = (u8 *)(skb->data);
282 u8 len = *(cmd_data + 2);
283
284 switch (*opcode) {
285 case HCI_OP_INQUIRY:
286 printk("HCI_OP_INQUIRY");
287 break;
288 case HCI_OP_INQUIRY_CANCEL:
289 printk("HCI_OP_INQUIRY_CANCEL");
290 break;
291 case HCI_OP_EXIT_PERIODIC_INQ:
292 printk("HCI_OP_EXIT_PERIODIC_INQ");
293 break;
294 case HCI_OP_CREATE_CONN:
295 printk("HCI_OP_CREATE_CONN");
296 break;
297 case HCI_OP_DISCONNECT:
298 printk("HCI_OP_DISCONNECT");
299 break;
300 case HCI_OP_CREATE_CONN_CANCEL:
301 printk("HCI_OP_CREATE_CONN_CANCEL");
302 break;
303 case HCI_OP_ACCEPT_CONN_REQ:
304 printk("HCI_OP_ACCEPT_CONN_REQ");
305 break;
306 case HCI_OP_REJECT_CONN_REQ:
307 printk("HCI_OP_REJECT_CONN_REQ");
308 break;
309 case HCI_OP_AUTH_REQUESTED:
310 printk("HCI_OP_AUTH_REQUESTED");
311 break;
312 case HCI_OP_SET_CONN_ENCRYPT:
313 printk("HCI_OP_SET_CONN_ENCRYPT");
314 break;
315 case HCI_OP_REMOTE_NAME_REQ:
316 printk("HCI_OP_REMOTE_NAME_REQ");
317 break;
318 case HCI_OP_READ_REMOTE_FEATURES:
319 printk("HCI_OP_READ_REMOTE_FEATURES");
320 break;
321 case HCI_OP_SNIFF_MODE:
322 printk("HCI_OP_SNIFF_MODE");
323 break;
324 case HCI_OP_EXIT_SNIFF_MODE:
325 printk("HCI_OP_EXIT_SNIFF_MODE");
326 break;
327 case HCI_OP_SWITCH_ROLE:
328 printk("HCI_OP_SWITCH_ROLE");
329 break;
330 case HCI_OP_SNIFF_SUBRATE:
331 printk("HCI_OP_SNIFF_SUBRATE");
332 break;
333 case HCI_OP_RESET:
334 printk("HCI_OP_RESET");
335 break;
336 case HCI_OP_Write_Extended_Inquiry_Response:
337 printk("HCI_Write_Extended_Inquiry_Response");
338 break;
339
340 default:
341 printk("CMD");
342 break;
343 }
344 printk(":%04x,len:%d,", *opcode, len);
345 for (icount = 3; (icount < wlength) && (icount < 24); icount++)
346 printk("%02x ", *(cmd_data+icount));
347 printk("\n");
348 }
349
print_command(struct sk_buff * skb)350 static void print_command(struct sk_buff *skb)
351 {
352 #if PRINT_CMD_EVENT
353 print_error_command(skb);
354 #endif
355 }
356
357 #if CONFIG_BLUEDROID
358 /* Global parameters for bt usb char driver */
359 #define BT_CHAR_DEVICE_NAME "rtkbt_dev"
360 static struct sk_buff_head btchr_readq;
361 static wait_queue_head_t btchr_read_wait;
362 static wait_queue_head_t bt_drv_state_wait;
363 static dev_t bt_devid; /* bt char device number */
364 static struct cdev bt_char_dev; /* bt character device structure */
365 static struct class *bt_char_class; /* device class for usb char driver */
366 static int bt_reset;
367 /* HCI device & lock */
368 DEFINE_RWLOCK(hci_dev_lock);
369 struct hci_dev *ghdev;
370
print_event(struct sk_buff * skb)371 static void print_event(struct sk_buff *skb)
372 {
373 #if PRINT_CMD_EVENT
374 uint wlength = skb->len;
375 uint icount = 0;
376 u8 *opcode = (u8 *)(skb->data);
377 u8 len = *(opcode+1);
378
379 switch (*opcode) {
380 case HCI_EV_INQUIRY_COMPLETE:
381 printk("HCI_EV_INQUIRY_COMPLETE");
382 break;
383 case HCI_EV_INQUIRY_RESULT:
384 printk("HCI_EV_INQUIRY_RESULT");
385 break;
386 case HCI_EV_CONN_COMPLETE:
387 printk("HCI_EV_CONN_COMPLETE");
388 break;
389 case HCI_EV_CONN_REQUEST:
390 printk("HCI_EV_CONN_REQUEST");
391 break;
392 case HCI_EV_DISCONN_COMPLETE:
393 printk("HCI_EV_DISCONN_COMPLETE");
394 break;
395 case HCI_EV_AUTH_COMPLETE:
396 printk("HCI_EV_AUTH_COMPLETE");
397 break;
398 case HCI_EV_REMOTE_NAME:
399 printk("HCI_EV_REMOTE_NAME");
400 break;
401 case HCI_EV_ENCRYPT_CHANGE:
402 printk("HCI_EV_ENCRYPT_CHANGE");
403 break;
404 case HCI_EV_CHANGE_LINK_KEY_COMPLETE:
405 printk("HCI_EV_CHANGE_LINK_KEY_COMPLETE");
406 break;
407 case HCI_EV_REMOTE_FEATURES:
408 printk("HCI_EV_REMOTE_FEATURES");
409 break;
410 case HCI_EV_REMOTE_VERSION:
411 printk("HCI_EV_REMOTE_VERSION");
412 break;
413 case HCI_EV_QOS_SETUP_COMPLETE:
414 printk("HCI_EV_QOS_SETUP_COMPLETE");
415 break;
416 case HCI_EV_CMD_COMPLETE:
417 printk("HCI_EV_CMD_COMPLETE");
418 break;
419 case HCI_EV_CMD_STATUS:
420 printk("HCI_EV_CMD_STATUS");
421 break;
422 case HCI_EV_ROLE_CHANGE:
423 printk("HCI_EV_ROLE_CHANGE");
424 break;
425 case HCI_EV_NUM_COMP_PKTS:
426 printk("HCI_EV_NUM_COMP_PKTS");
427 break;
428 case HCI_EV_MODE_CHANGE:
429 printk("HCI_EV_MODE_CHANGE");
430 break;
431 case HCI_EV_PIN_CODE_REQ:
432 printk("HCI_EV_PIN_CODE_REQ");
433 break;
434 case HCI_EV_LINK_KEY_REQ:
435 printk("HCI_EV_LINK_KEY_REQ");
436 break;
437 case HCI_EV_LINK_KEY_NOTIFY:
438 printk("HCI_EV_LINK_KEY_NOTIFY");
439 break;
440 case HCI_EV_CLOCK_OFFSET:
441 printk("HCI_EV_CLOCK_OFFSET");
442 break;
443 case HCI_EV_PKT_TYPE_CHANGE:
444 printk("HCI_EV_PKT_TYPE_CHANGE");
445 break;
446 case HCI_EV_PSCAN_REP_MODE:
447 printk("HCI_EV_PSCAN_REP_MODE");
448 break;
449 case HCI_EV_INQUIRY_RESULT_WITH_RSSI:
450 printk("HCI_EV_INQUIRY_RESULT_WITH_RSSI");
451 break;
452 case HCI_EV_REMOTE_EXT_FEATURES:
453 printk("HCI_EV_REMOTE_EXT_FEATURES");
454 break;
455 case HCI_EV_SYNC_CONN_COMPLETE:
456 printk("HCI_EV_SYNC_CONN_COMPLETE");
457 break;
458 case HCI_EV_SYNC_CONN_CHANGED:
459 printk("HCI_EV_SYNC_CONN_CHANGED");
460 break;
461 case HCI_EV_SNIFF_SUBRATE:
462 printk("HCI_EV_SNIFF_SUBRATE");
463 break;
464 case HCI_EV_EXTENDED_INQUIRY_RESULT:
465 printk("HCI_EV_EXTENDED_INQUIRY_RESULT");
466 break;
467 case HCI_EV_IO_CAPA_REQUEST:
468 printk("HCI_EV_IO_CAPA_REQUEST");
469 break;
470 case HCI_EV_SIMPLE_PAIR_COMPLETE:
471 printk("HCI_EV_SIMPLE_PAIR_COMPLETE");
472 break;
473 case HCI_EV_REMOTE_HOST_FEATURES:
474 printk("HCI_EV_REMOTE_HOST_FEATURES");
475 break;
476 default:
477 printk("event");
478 break;
479 }
480 printk(":%02x,len:%d,", *opcode, len);
481 for (icount = 2; (icount < wlength) && (icount < 24); icount++)
482 printk("%02x ", *(opcode+icount));
483 printk("\n");
484 #endif
485 }
486
usb_put_user(struct sk_buff * skb,char __user * buf,int count)487 static inline ssize_t usb_put_user(struct sk_buff *skb,
488 char __user *buf, int count)
489 {
490 char __user *ptr = buf;
491 int len = min_t(unsigned int, skb->len, count);
492
493 if (copy_to_user(ptr, skb->data, len))
494 return -EFAULT;
495
496 return len;
497 }
498
499 static struct sk_buff *rtk_skb_queue[QUEUE_SIZE];
500 static int rtk_skb_queue_front;
501 static int rtk_skb_queue_rear;
502
rtk_enqueue(struct sk_buff * skb)503 static void rtk_enqueue(struct sk_buff *skb)
504 {
505 unsigned long flags;
506 spin_lock_irqsave(&queue_lock, flags);
507 if (rtk_skb_queue_front == (rtk_skb_queue_rear + 1) % QUEUE_SIZE) {
508 /*
509 * If queue is full, current solution is to drop
510 * the following entries.
511 */
512 RTKBT_WARN("%s: Queue is full, entry will be dropped", __func__);
513 } else {
514 rtk_skb_queue[rtk_skb_queue_rear] = skb;
515
516 rtk_skb_queue_rear++;
517 rtk_skb_queue_rear %= QUEUE_SIZE;
518
519 }
520 spin_unlock_irqrestore(&queue_lock, flags);
521 }
522
rtk_dequeue_try(unsigned int deq_len)523 static struct sk_buff *rtk_dequeue_try(unsigned int deq_len)
524 {
525 struct sk_buff *skb;
526 struct sk_buff *skb_copy;
527
528 if (rtk_skb_queue_front == rtk_skb_queue_rear) {
529 RTKBT_WARN("%s: Queue is empty", __func__);
530 return NULL;
531 }
532
533 skb = rtk_skb_queue[rtk_skb_queue_front];
534 if (deq_len >= skb->len) {
535 rtk_skb_queue[rtk_skb_queue_front] = NULL;
536 rtk_skb_queue_front++;
537 rtk_skb_queue_front %= QUEUE_SIZE;
538
539 /*
540 * Return skb addr to be dequeued, and the caller
541 * should free the skb eventually.
542 */
543 return skb;
544 } else {
545 skb_copy = pskb_copy(skb, GFP_ATOMIC);
546 skb_pull(skb, deq_len);
547 /* Return its copy to be freed */
548 return skb_copy;
549 }
550 }
551
is_queue_empty(void)552 static inline int is_queue_empty(void)
553 {
554 return (rtk_skb_queue_front == rtk_skb_queue_rear) ? 1 : 0;
555 }
556
rtk_clear_queue(void)557 static void rtk_clear_queue(void)
558 {
559 struct sk_buff *skb;
560 unsigned long flags;
561 spin_lock_irqsave(&queue_lock, flags);
562 while (!is_queue_empty()) {
563 skb = rtk_skb_queue[rtk_skb_queue_front];
564 rtk_skb_queue[rtk_skb_queue_front] = NULL;
565 rtk_skb_queue_front++;
566 rtk_skb_queue_front %= QUEUE_SIZE;
567 if (skb) {
568 kfree_skb(skb);
569 }
570 }
571 spin_unlock_irqrestore(&queue_lock, flags);
572 }
573
574 /*
575 * Realtek - Integrate from hci_core.c
576 */
577
578 /* Get HCI device by index.
579 * Device is held on return. */
hci_dev_get(int index)580 static struct hci_dev *hci_dev_get(int index)
581 {
582 if (index != 0)
583 return NULL;
584
585 return ghdev;
586 }
587
588 /* ---- HCI ioctl helpers ---- */
hci_dev_open(__u16 dev)589 static int hci_dev_open(__u16 dev)
590 {
591 struct hci_dev *hdev;
592 int ret = 0;
593
594 RTKBT_DBG("%s: dev %d", __func__, dev);
595
596 hdev = hci_dev_get(dev);
597 if (!hdev) {
598 RTKBT_ERR("%s: Failed to get hci dev[Null]", __func__);
599 return -ENODEV;
600 }
601
602 if (test_bit(HCI_UNREGISTER, &hdev->flags)) {
603 ret = -ENODEV;
604 goto done;
605 }
606
607 if (test_bit(HCI_UP, &hdev->flags)) {
608 ret = -EALREADY;
609 goto done;
610 }
611
612 done:
613 return ret;
614 }
615
hci_dev_do_close(struct hci_dev * hdev)616 static int hci_dev_do_close(struct hci_dev *hdev)
617 {
618 if (hdev->flush)
619 hdev->flush(hdev);
620 /* After this point our queues are empty
621 * and no tasks are scheduled. */
622 hdev->close(hdev);
623 /* Clear flags */
624 hdev->flags = 0;
625 memset(&hdev->conn_hash, 0, sizeof(struct hci_conn_hash));
626 return 0;
627 }
628
hci_dev_close(__u16 dev)629 static int hci_dev_close(__u16 dev)
630 {
631 struct hci_dev *hdev;
632 int err;
633 hdev = hci_dev_get(dev);
634 if (!hdev) {
635 RTKBT_ERR("%s: failed to get hci dev[Null]", __func__);
636 return -ENODEV;
637 }
638
639 err = hci_dev_do_close(hdev);
640
641 return err;
642 }
643
hci_alloc_dev(void)644 static struct hci_dev *hci_alloc_dev(void)
645 {
646 struct hci_dev *hdev;
647
648 hdev = kzalloc(sizeof(struct hci_dev), GFP_KERNEL);
649 if (!hdev)
650 return NULL;
651
652 return hdev;
653 }
654
655 /* Free HCI device */
hci_free_dev(struct hci_dev * hdev)656 static void hci_free_dev(struct hci_dev *hdev)
657 {
658 kfree(hdev);
659 }
660
661 /* Register HCI device */
hci_register_dev(struct hci_dev * hdev)662 static int hci_register_dev(struct hci_dev *hdev)
663 {
664 int i, id;
665
666 RTKBT_DBG("%s: %p name %s bus %d", __func__, hdev, hdev->name, hdev->bus);
667 /* Do not allow HCI_AMP devices to register at index 0,
668 * so the index can be used as the AMP controller ID.
669 */
670 id = (hdev->dev_type == HCI_BREDR) ? 0 : 1;
671
672 write_lock(&hci_dev_lock);
673
674 sprintf(hdev->name, "hci%d", id);
675 hdev->id = id;
676 hdev->flags = 0;
677 mutex_init(&hdev->lock);
678
679 RTKBT_DBG("%s: id %d, name %s", __func__, hdev->id, hdev->name);
680
681
682 for (i = 0; i < NUM_REASSEMBLY; i++)
683 hdev->reassembly[i] = NULL;
684
685 memset(&hdev->stat, 0, sizeof(struct hci_dev_stats));
686 atomic_set(&hdev->promisc, 0);
687
688 if (ghdev) {
689 write_unlock(&hci_dev_lock);
690 RTKBT_ERR("%s: Hci device has been registered already", __func__);
691 return -1;
692 } else
693 ghdev = hdev;
694
695 write_unlock(&hci_dev_lock);
696
697 return id;
698 }
699
700 /* Unregister HCI device */
hci_unregister_dev(struct hci_dev * hdev)701 static void hci_unregister_dev(struct hci_dev *hdev)
702 {
703 int i;
704
705 RTKBT_DBG("%s: hdev %p name %s bus %d", __func__, hdev, hdev->name, hdev->bus);
706 set_bit(HCI_UNREGISTER, &hdev->flags);
707
708 write_lock(&hci_dev_lock);
709 ghdev = NULL;
710 write_unlock(&hci_dev_lock);
711
712 hci_dev_do_close(hdev);
713 for (i = 0; i < NUM_REASSEMBLY; i++)
714 kfree_skb(hdev->reassembly[i]);
715 }
716
717
718 #ifdef CONFIG_SCO_OVER_HCI
719 /* copy data from the URB buffer into the ALSA ring buffer */
rtk_copy_capture_data_to_alsa(struct btusb_data * data,uint8_t * p_data,unsigned int frames)720 static bool rtk_copy_capture_data_to_alsa(struct btusb_data *data, uint8_t *p_data, unsigned int frames)
721 {
722 struct snd_pcm_runtime *runtime;
723 unsigned int frame_bytes, frames1;
724 u8 *dest;
725 RTK_sco_card_t *pSCOSnd = data->pSCOSnd;
726
727 runtime = pSCOSnd->capture.substream->runtime;
728 frame_bytes = 2;
729
730 dest = runtime->dma_area + pSCOSnd->capture.buffer_pos * frame_bytes;
731 if (pSCOSnd->capture.buffer_pos + frames <= runtime->buffer_size) {
732 memcpy(dest, p_data, frames * frame_bytes);
733 } else {
734 /* wrap around at end of ring buffer */
735 frames1 = runtime->buffer_size - pSCOSnd->capture.buffer_pos;
736 memcpy(dest, p_data, frames1 * frame_bytes);
737 memcpy(runtime->dma_area,
738 p_data + frames1 * frame_bytes,
739 (frames - frames1) * frame_bytes);
740 }
741
742 pSCOSnd->capture.buffer_pos += frames;
743 if (pSCOSnd->capture.buffer_pos >= runtime->buffer_size) {
744 pSCOSnd->capture.buffer_pos -= runtime->buffer_size;
745 }
746
747 if ((pSCOSnd->capture.buffer_pos%runtime->period_size) == 0) {
748 snd_pcm_period_elapsed(pSCOSnd->capture.substream);
749 }
750
751 return false;
752 }
753
hci_send_to_alsa_ringbuffer(struct hci_dev * hdev,struct sk_buff * skb)754 static void hci_send_to_alsa_ringbuffer(struct hci_dev *hdev, struct sk_buff *skb)
755 {
756 struct btusb_data *data = GET_DRV_DATA(hdev);
757 RTK_sco_card_t *pSCOSnd = data->pSCOSnd;
758 uint8_t *p_data;
759 int sco_length = skb->len - HCI_SCO_HDR_SIZE;
760
761 RTKBT_DBG("%s", __func__);
762
763 if (!hdev) {
764 RTKBT_ERR("%s: Frame for unknown HCI device", __func__);
765 return;
766 }
767
768 if (!test_bit(ALSA_CAPTURE_RUNNING, &pSCOSnd->states)) {
769 //RTKBT_WARN("%s: ALSA is not running", __func__);
770 return;
771 }
772
773 p_data = (uint8_t *)skb->data + HCI_SCO_HDR_SIZE;
774 rtk_copy_capture_data_to_alsa(data, p_data, sco_length/2);
775 }
776 #endif
777
hci_send_to_stack(struct hci_dev * hdev,struct sk_buff * skb)778 static void hci_send_to_stack(struct hci_dev *hdev, struct sk_buff *skb)
779 {
780 struct sk_buff *rtk_skb_copy = NULL;
781
782 RTKBT_DBG("%s", __func__);
783
784 if (!hdev) {
785 RTKBT_ERR("%s: Frame for unknown HCI device", __func__);
786 return;
787 }
788
789 if (!test_bit(HCI_RUNNING, &hdev->flags)) {
790 RTKBT_ERR("%s: HCI not running", __func__);
791 return;
792 }
793
794 rtk_skb_copy = pskb_copy(skb, GFP_ATOMIC);
795 if (!rtk_skb_copy) {
796 RTKBT_ERR("%s: Copy skb error", __func__);
797 return;
798 }
799
800 memcpy(skb_push(rtk_skb_copy, 1), &bt_cb(skb)->pkt_type, 1);
801 rtk_enqueue(rtk_skb_copy);
802
803 /* Make sure bt char device existing before wakeup read queue */
804 hdev = hci_dev_get(0);
805 if (hdev) {
806 RTKBT_DBG("%s: Try to wakeup read queue", __func__);
807 wake_up_interruptible(&btchr_read_wait);
808 }
809
810 return;
811 }
812
813 /* Receive frame from HCI drivers */
hci_recv_frame(struct sk_buff * skb)814 static int hci_recv_frame(struct sk_buff *skb)
815 {
816 struct hci_dev *hdev = (struct hci_dev *) skb->dev;
817
818 if (!hdev || !test_bit(HCI_UP, &hdev->flags)) {
819 kfree_skb(skb);
820 return -ENXIO;
821 }
822
823 /* Incomming skb */
824 bt_cb(skb)->incoming = 1;
825
826 /* Time stamp */
827 __net_timestamp(skb);
828
829 if (atomic_read(&hdev->promisc)) {
830 #ifdef CONFIG_SCO_OVER_HCI
831 if (bt_cb(skb)->pkt_type == HCI_SCODATA_PKT)
832 hci_send_to_alsa_ringbuffer(hdev, skb);
833 #endif
834 /* Send copy to the sockets */
835 hci_send_to_stack(hdev, skb);
836 }
837
838 kfree_skb(skb);
839 return 0;
840 }
841
842 /* Receive frame from HCI drivers */
hci_recv_sco_frame(struct sk_buff * skb)843 static int hci_recv_sco_frame(struct sk_buff *skb)
844 {
845 struct hci_dev *hdev = (struct hci_dev *) skb->dev;
846
847 if (!hdev || !test_bit(HCI_UP, &hdev->flags)) {
848 kfree_skb(skb);
849 return -ENXIO;
850 }
851
852 /* Incomming skb */
853 bt_cb(skb)->incoming = 1;
854
855 /* Time stamp */
856 __net_timestamp(skb);
857
858 if (atomic_read(&hdev->promisc)) {
859 #ifdef CONFIG_SCO_OVER_HCI
860 if (bt_cb(skb)->pkt_type == HCI_SCODATA_PKT)
861 hci_send_to_alsa_ringbuffer(hdev, skb);
862 #endif
863 /* Send copy to the sockets */
864 hci_send_to_stack(hdev, skb);
865 }
866
867 kfree_skb(skb);
868 return 0;
869 }
870
hci_reassembly(struct hci_dev * hdev,int type,void * data,int count,__u8 index)871 static int hci_reassembly(struct hci_dev *hdev, int type, void *data,
872 int count, __u8 index)
873 {
874 int len = 0;
875 int hlen = 0;
876 int remain = count;
877 struct sk_buff *skb;
878 struct bt_skb_cb *scb;
879
880 RTKBT_DBG("%s", __func__);
881
882 if ((type < HCI_ACLDATA_PKT || type > HCI_EVENT_PKT) ||
883 index >= NUM_REASSEMBLY)
884 return -EILSEQ;
885
886 skb = hdev->reassembly[index];
887
888 if (!skb) {
889 switch (type) {
890 case HCI_ACLDATA_PKT:
891 len = HCI_MAX_FRAME_SIZE;
892 hlen = HCI_ACL_HDR_SIZE;
893 break;
894 case HCI_EVENT_PKT:
895 len = HCI_MAX_EVENT_SIZE;
896 hlen = HCI_EVENT_HDR_SIZE;
897 break;
898 case HCI_SCODATA_PKT:
899 len = HCI_MAX_SCO_SIZE;
900 hlen = HCI_SCO_HDR_SIZE;
901 break;
902 }
903
904 skb = bt_skb_alloc(len, GFP_ATOMIC);
905 if (!skb)
906 return -ENOMEM;
907
908 scb = (void *) skb->cb;
909 scb->expect = hlen;
910 scb->pkt_type = type;
911
912 skb->dev = (void *) hdev;
913 hdev->reassembly[index] = skb;
914
915 }
916
917 while (count) {
918 scb = (void *) skb->cb;
919 len = min_t(uint, scb->expect, count);
920
921 memcpy(skb_put(skb, len), data, len);
922
923 count -= len;
924 data += len;
925 scb->expect -= len;
926 remain = count;
927
928 switch (type) {
929 case HCI_EVENT_PKT:
930 if (skb->len == HCI_EVENT_HDR_SIZE) {
931 struct hci_event_hdr *h = hci_event_hdr(skb);
932 scb->expect = h->plen;
933
934 if (skb_tailroom(skb) < scb->expect) {
935 kfree_skb(skb);
936 hdev->reassembly[index] = NULL;
937 return -ENOMEM;
938 }
939 }
940 break;
941
942 case HCI_ACLDATA_PKT:
943 if (skb->len == HCI_ACL_HDR_SIZE) {
944 struct hci_acl_hdr *h = hci_acl_hdr(skb);
945 scb->expect = __le16_to_cpu(h->dlen);
946
947 if (skb_tailroom(skb) < scb->expect) {
948 kfree_skb(skb);
949 hdev->reassembly[index] = NULL;
950 return -ENOMEM;
951 }
952 }
953 break;
954
955 case HCI_SCODATA_PKT:
956 if (skb->len == HCI_SCO_HDR_SIZE) {
957 struct hci_sco_hdr *h = hci_sco_hdr(skb);
958 scb->expect = h->dlen;
959
960 if (skb_tailroom(skb) < scb->expect) {
961 kfree_skb(skb);
962 hdev->reassembly[index] = NULL;
963 return -ENOMEM;
964 }
965 }
966 break;
967 }
968
969 if (scb->expect == 0) {
970 /* Complete frame */
971 if (HCI_ACLDATA_PKT == type)
972 print_acl(skb, 0);
973 if (HCI_SCODATA_PKT == type)
974 print_sco(skb, 0);
975 if (HCI_EVENT_PKT == type)
976 print_event(skb);
977
978 bt_cb(skb)->pkt_type = type;
979 if (type == HCI_SCODATA_PKT) {
980 hci_recv_sco_frame(skb);
981 } else
982 hci_recv_frame(skb);
983
984 hdev->reassembly[index] = NULL;
985 return remain;
986 }
987 }
988
989 return remain;
990 }
991
hci_recv_fragment(struct hci_dev * hdev,int type,void * data,int count)992 static int hci_recv_fragment(struct hci_dev *hdev, int type, void *data, int count)
993 {
994 int rem = 0;
995
996 if (type < HCI_ACLDATA_PKT || type > HCI_EVENT_PKT)
997 return -EILSEQ;
998
999 while (count) {
1000 rem = hci_reassembly(hdev, type, data, count, type - 1);
1001 if (rem < 0)
1002 return rem;
1003
1004 data += (count - rem);
1005 count = rem;
1006 }
1007
1008 return rem;
1009 }
1010
hci_hardware_error(void)1011 void hci_hardware_error(void)
1012 {
1013 struct sk_buff *rtk_skb_copy = NULL;
1014 int len = 4;
1015 uint8_t hardware_err_pkt[4] = {HCI_EVENT_PKT, 0x10, 0x01, HCI_VENDOR_USB_DISC_HARDWARE_ERROR};
1016
1017 rtk_skb_copy = alloc_skb(len, GFP_ATOMIC);
1018 if (!rtk_skb_copy) {
1019 RTKBT_ERR("%s: Failed to allocate mem", __func__);
1020 return;
1021 }
1022
1023 memcpy(skb_put(rtk_skb_copy, len), hardware_err_pkt, len);
1024 rtk_enqueue(rtk_skb_copy);
1025
1026 wake_up_interruptible(&btchr_read_wait);
1027 }
1028
btchr_open(struct inode * inode_p,struct file * file_p)1029 static int btchr_open(struct inode *inode_p, struct file *file_p)
1030 {
1031 struct btusb_data *data;
1032 struct hci_dev *hdev;
1033 struct sk_buff *skb;
1034 int i;
1035
1036 RTKBT_INFO("%s: BT usb char device is opening", __func__);
1037
1038 if (!check_set_driver_state_value(DEVICE_PROBED, CHAR_OPENED)) {
1039 RTKBT_ERR("%s: Device not probed", __func__);
1040 return -ENODEV;
1041 }
1042
1043
1044 hdev = hci_dev_get(0);
1045 if (!hdev) {
1046 RTKBT_ERR("%s: Failed to get hci dev[NULL]", __func__);
1047 return -ENODEV;
1048 }
1049
1050 set_bit(HCI_UP, &hdev->flags);
1051 data = GET_DRV_DATA(hdev);
1052
1053 atomic_inc(&hdev->promisc);
1054 /*
1055 * As bt device is not re-opened when hotplugged out, we cannot
1056 * trust on file's private data(may be null) when other file ops
1057 * are invoked.
1058 */
1059 file_p->private_data = data;
1060
1061 hci_dev_open(0);
1062 rtk_clear_queue();
1063 for (i = 0; i < NUM_REASSEMBLY; i++) {
1064 skb = hdev->reassembly[i];
1065 if (skb) {
1066 hdev->reassembly[i] = NULL;
1067 kfree_skb(skb);
1068 }
1069 }
1070 return nonseekable_open(inode_p, file_p);
1071 }
1072
btchr_close(struct inode * inode_p,struct file * file_p)1073 static int btchr_close(struct inode *inode_p, struct file *file_p)
1074 {
1075 struct btusb_data *data;
1076 struct hci_dev *hdev;
1077
1078 RTKBT_INFO("%s: BT usb char device is closing", __func__);
1079
1080 data = file_p->private_data;
1081 file_p->private_data = NULL;
1082
1083 #if CONFIG_BLUEDROID
1084 /*
1085 * If the upper layer closes bt char interfaces, no reset
1086 * action required even bt device hotplugged out.
1087 */
1088 bt_reset = 0;
1089 #endif
1090
1091
1092 hdev = hci_dev_get(0);
1093 if (hdev) {
1094 atomic_set(&hdev->promisc, 0);
1095 hci_dev_close(0);
1096 clear_bit(HCI_UP, &hdev->flags);
1097 }
1098
1099 clear_driver_state(CHAR_OPENED);
1100 //if the state is not probed, the driver may be in the disconnecting state
1101 //and waitting for signal to wake up
1102 if ((get_driver_state_value() & DEVICE_PROBED) == 0)
1103 wake_up_interruptible(&bt_drv_state_wait);
1104 return 0;
1105 }
1106
btchr_read(struct file * file_p,char __user * buf_p,size_t count,loff_t * pos_p)1107 static ssize_t btchr_read(struct file *file_p,
1108 char __user *buf_p,
1109 size_t count,
1110 loff_t *pos_p)
1111 {
1112 struct hci_dev *hdev;
1113 struct sk_buff *skb;
1114 // ssize_t ret = 0;
1115 int ret = 0;
1116
1117 RTKBT_DBG("%s: BT usb char device is reading", __func__);
1118
1119 while (count) {
1120 hdev = hci_dev_get(0);
1121 if (!hdev) {
1122 /*
1123 * Note: Only when BT device hotplugged out, we wil get
1124 * into such situation. In order to keep the upper layer
1125 * stack alive (blocking the read), we should never return
1126 * EFAULT or break the loop.
1127 */
1128 RTKBT_ERR("%s: Failed to get hci dev[Null]", __func__);
1129 }
1130
1131 ret = wait_event_interruptible(btchr_read_wait, !is_queue_empty());
1132 if (ret < 0) {
1133 RTKBT_ERR("%s: wait event is signaled %d", __func__, ret);
1134 break;
1135 }
1136
1137 skb = rtk_dequeue_try(count);
1138 if (skb) {
1139 ret = usb_put_user(skb, buf_p, count);
1140 if (ret < 0)
1141 RTKBT_ERR("%s: Failed to put data to user space", __func__);
1142 kfree_skb(skb);
1143 break;
1144 }
1145 }
1146
1147 return ret;
1148 }
1149
btchr_write(struct file * file_p,const char __user * buf_p,size_t count,loff_t * pos_p)1150 static ssize_t btchr_write(struct file *file_p,
1151 const char __user *buf_p,
1152 size_t count,
1153 loff_t *pos_p)
1154 {
1155 struct btusb_data *data = file_p->private_data;
1156 struct hci_dev *hdev;
1157 struct sk_buff *skb;
1158
1159 RTKBT_DBG("%s: BT usb char device is writing", __func__);
1160
1161 if ((get_driver_state_value() & DEVICE_PROBED) == 0) {
1162 RTKBT_ERR("%s: Device not probed", __func__);
1163 return POLLERR | POLLHUP;
1164 }
1165
1166 hdev = hci_dev_get(0);
1167 if (!hdev) {
1168 RTKBT_WARN("%s: Failed to get hci dev[Null]", __func__);
1169 /*
1170 * Note: we bypass the data from the upper layer if bt device
1171 * is hotplugged out. Fortunatelly, H4 or H5 HCI stack does
1172 * NOT check btchr_write's return value. However, returning
1173 * count instead of EFAULT is preferable.
1174 */
1175 /* return -EFAULT; */
1176 return count;
1177 }
1178
1179 /* Never trust on btusb_data, as bt device may be hotplugged out */
1180 data = GET_DRV_DATA(hdev);
1181 if (!data) {
1182 RTKBT_WARN("%s: Failed to get bt usb driver data[Null]", __func__);
1183 return count;
1184 }
1185
1186 if (count > HCI_MAX_FRAME_SIZE)
1187 return -EINVAL;
1188
1189 skb = bt_skb_alloc(count, GFP_ATOMIC);
1190 if (!skb)
1191 return -ENOMEM;
1192 skb_reserve(skb, -1); // Add this line
1193
1194 if (copy_from_user(skb_put(skb, count), buf_p, count)) {
1195 RTKBT_ERR("%s: Failed to get data from user space", __func__);
1196 kfree_skb(skb);
1197 return -EFAULT;
1198 }
1199
1200 skb->dev = (void *)hdev;
1201 bt_cb(skb)->pkt_type = *((__u8 *)skb->data);
1202 skb_pull(skb, 1);
1203 data->hdev->send(skb);
1204
1205 return count;
1206 }
1207
btchr_poll(struct file * file_p,poll_table * wait)1208 static unsigned int btchr_poll(struct file *file_p, poll_table *wait)
1209 {
1210 struct btusb_data *data = file_p->private_data;
1211 struct hci_dev *hdev;
1212
1213 RTKBT_DBG("%s: BT usb char device is polling", __func__);
1214
1215 if ((get_driver_state_value() & DRIVER_ON) == 0 ||
1216 (get_driver_state_value() & DEVICE_PROBED) == 0) {
1217 RTKBT_ERR("%s: Device not probed", __func__);
1218 return POLLERR | POLLHUP;
1219 }
1220
1221 poll_wait(file_p, &btchr_read_wait, wait);
1222
1223 hdev = hci_dev_get(0);
1224 if (!hdev) {
1225 RTKBT_ERR("%s: Failed to get hci dev[Null]", __func__);
1226 mdelay(URB_CANCELING_DELAY_MS);
1227 return POLLOUT | POLLWRNORM;
1228 }
1229
1230 /* Never trust on btusb_data, as bt device may be hotplugged out */
1231 data = GET_DRV_DATA(hdev);
1232 if (!data) {
1233 /*
1234 * When bt device is hotplugged out, btusb_data will
1235 * be freed in disconnect.
1236 */
1237 RTKBT_ERR("%s: Failed to get bt usb driver data[Null]", __func__);
1238 mdelay(URB_CANCELING_DELAY_MS);
1239 return POLLOUT | POLLWRNORM;
1240 }
1241
1242 if (!is_queue_empty())
1243 return POLLIN | POLLRDNORM;
1244
1245 return POLLOUT | POLLWRNORM;
1246 }
1247
btchr_ioctl(struct file * file_p,unsigned int cmd,unsigned long arg)1248 static long btchr_ioctl(struct file *file_p, unsigned int cmd, unsigned long arg)
1249 {
1250 int ret = 0;
1251 struct hci_dev *hdev;
1252 struct btusb_data *data;
1253 firmware_info *fw_info;
1254
1255 if ((get_driver_state_value() & DRIVER_ON) == 0 ||
1256 (get_driver_state_value() & DEVICE_PROBED) == 0) {
1257 RTKBT_ERR("%s bt controller is disconnect!", __func__);
1258 return -ENODEV;
1259 }
1260
1261 hdev = hci_dev_get(0);
1262 if (!hdev) {
1263 RTKBT_ERR("%s device is NULL!", __func__);
1264 return 0;
1265 }
1266 data = GET_DRV_DATA(hdev);
1267 fw_info = data->fw_info;
1268
1269 RTKBT_INFO(" btchr_ioctl with Cmd:%d", cmd);
1270 switch (cmd) {
1271 case DOWN_FW_CFG:
1272 ret = usb_autopm_get_interface(data->intf);
1273 if (ret < 0) {
1274 goto failed;
1275 }
1276
1277 ret = download_patch(fw_info, 1);
1278 usb_autopm_put_interface(data->intf);
1279 if (ret < 0) {
1280 RTKBT_ERR("%s:Failed in download_patch with ret:%d", __func__, ret);
1281 goto failed;
1282 }
1283
1284 ret = hdev->open(hdev);
1285 if (ret < 0) {
1286 RTKBT_ERR("%s:Failed in hdev->open(hdev):%d", __func__, ret);
1287 goto failed;
1288 }
1289 ret = 1;
1290 break;
1291
1292 #ifdef CONFIG_SCO_OVER_HCI
1293 case SET_ISO_CFG:
1294 if (get_user(hdev->voice_setting, (__u16 __user *)arg)) {
1295 ret = -EFAULT;
1296 }
1297 RTKBT_INFO(" voice settings = 0x%04x", hdev->voice_setting);
1298 break;
1299 #endif
1300
1301 case GET_USB_INFO:
1302 ret = hdev->open(hdev);
1303 if (ret < 0) {
1304 RTKBT_ERR("%s:Failed in hdev->open(hdev):%d", __func__, ret);
1305 //goto done;
1306 }
1307 put_user(usb_info, (__u32 __user *)arg);
1308 ret = 1;
1309 break;
1310
1311 case RESET_CONTROLLER:
1312 reset_controller(fw_info);
1313 ret = 1;
1314 break;
1315
1316 case DWFW_CMPLT:
1317 {
1318 uint16_t lmp_sub = 0;
1319 if (get_user(lmp_sub, (__u16 __user *)arg)) {
1320 ret = -EFAULT;
1321 } else if (lmp_sub != 0) {
1322 fw_info->patch_entry->lmp_sub = lmp_sub;
1323 }
1324 RTKBT_INFO("%s lmp_sub = 0x%x, patch_entry->lmp_sub = 0x%x", __func__,
1325 lmp_sub, fw_info->patch_entry->lmp_sub);
1326 }
1327 break;
1328
1329 default:
1330 RTKBT_ERR("%s:Failed with wrong Cmd:%d", __func__, cmd);
1331 goto failed;
1332 }
1333
1334 failed:
1335 return ret;
1336 }
1337
1338 #ifdef CONFIG_COMPAT
compat_btchr_ioctl(struct file * filp,unsigned int cmd,unsigned long arg)1339 static long compat_btchr_ioctl (struct file *filp, unsigned int cmd, unsigned long arg)
1340 {
1341 return btchr_ioctl(filp, cmd, (unsigned long) compat_ptr(arg));
1342 }
1343 #endif
1344
1345 static struct file_operations bt_chrdev_ops = {
1346 open: btchr_open,
1347 release : btchr_close,
1348 read : btchr_read,
1349 write : btchr_write,
1350 poll : btchr_poll,
1351 unlocked_ioctl : btchr_ioctl,
1352 #ifdef CONFIG_COMPAT
1353 compat_ioctl : compat_btchr_ioctl,
1354 #endif
1355 };
1356
btchr_init(void)1357 static int btchr_init(void)
1358 {
1359 int res = 0;
1360 struct device *dev;
1361
1362 RTKBT_INFO("Register usb char device interface for BT driver");
1363 skb_queue_head_init(&btchr_readq);
1364 init_waitqueue_head(&btchr_read_wait);
1365 init_waitqueue_head(&bt_drv_state_wait);
1366
1367 bt_char_class = class_create(THIS_MODULE, BT_CHAR_DEVICE_NAME);
1368 if (IS_ERR(bt_char_class)) {
1369 RTKBT_ERR("Failed to create bt char class");
1370 return PTR_ERR(bt_char_class);
1371 }
1372
1373 res = alloc_chrdev_region(&bt_devid, 0, 1, BT_CHAR_DEVICE_NAME);
1374 if (res < 0) {
1375 RTKBT_ERR("Failed to allocate bt char device");
1376 goto err_alloc;
1377 }
1378
1379 dev = device_create(bt_char_class, NULL, bt_devid, NULL, BT_CHAR_DEVICE_NAME);
1380 if (IS_ERR(dev)) {
1381 RTKBT_ERR("Failed to create bt char device");
1382 res = PTR_ERR(dev);
1383 goto err_create;
1384 }
1385
1386 cdev_init(&bt_char_dev, &bt_chrdev_ops);
1387 res = cdev_add(&bt_char_dev, bt_devid, 1);
1388 if (res < 0) {
1389 RTKBT_ERR("Failed to add bt char device");
1390 goto err_add;
1391 }
1392
1393 return 0;
1394
1395 err_add:
1396 device_destroy(bt_char_class, bt_devid);
1397 err_create:
1398 unregister_chrdev_region(bt_devid, 1);
1399 err_alloc:
1400 class_destroy(bt_char_class);
1401 return res;
1402 }
1403
btchr_exit(void)1404 static void btchr_exit(void)
1405 {
1406 RTKBT_INFO("Unregister usb char device interface for BT driver");
1407
1408 device_destroy(bt_char_class, bt_devid);
1409 cdev_del(&bt_char_dev);
1410 unregister_chrdev_region(bt_devid, 1);
1411 class_destroy(bt_char_class);
1412
1413 return;
1414 }
1415 #endif
1416
send_hci_cmd(firmware_info * fw_info)1417 int send_hci_cmd(firmware_info *fw_info)
1418 {
1419 int i = 0;
1420 int ret_val = -1;
1421 while ((ret_val < 0) && (i++ < 10)) {
1422 ret_val = usb_control_msg(
1423 fw_info->udev, fw_info->pipe_out,
1424 0, USB_TYPE_CLASS, 0, 0,
1425 (void *)(fw_info->send_pkt),
1426 fw_info->pkt_len, MSG_TO);
1427 }
1428 return ret_val;
1429 }
1430
rcv_hci_evt(firmware_info * fw_info)1431 int rcv_hci_evt(firmware_info *fw_info)
1432 {
1433 int ret_len = 0, ret_val = 0;
1434 int i;
1435
1436 while (1) {
1437 for (i = 0; i < 5; i++) {
1438 ret_val = usb_interrupt_msg(
1439 fw_info->udev, fw_info->pipe_in,
1440 (void *)(fw_info->rcv_pkt), PKT_LEN,
1441 &ret_len, MSG_TO);
1442 if (ret_val >= 0)
1443 break;
1444 }
1445
1446 if (ret_val < 0)
1447 return ret_val;
1448
1449 if (CMD_CMP_EVT == fw_info->evt_hdr->evt) {
1450 if (fw_info->cmd_hdr->opcode == fw_info->cmd_cmp->opcode)
1451 return ret_len;
1452 }
1453 }
1454 }
1455
set_bt_onoff(firmware_info * fw_info,uint8_t onoff)1456 int set_bt_onoff(firmware_info *fw_info, uint8_t onoff)
1457 {
1458 patch_info *patch_entry;
1459 int ret_val;
1460
1461 RTKBT_INFO("%s: %s", __func__, onoff != 0 ? "on" : "off");
1462
1463 patch_entry = fw_info->patch_entry;
1464 if (!patch_entry)
1465 return -1;
1466
1467 fw_info->cmd_hdr->opcode = cpu_to_le16(BTOFF_OPCODE);
1468 fw_info->cmd_hdr->plen = 1;
1469 fw_info->pkt_len = CMD_HDR_LEN + 1;
1470 fw_info->send_pkt[CMD_HDR_LEN] = onoff;
1471
1472 ret_val = send_hci_cmd(fw_info);
1473 if (ret_val < 0) {
1474 RTKBT_ERR("%s: Failed to send bt %s cmd, errno %d",
1475 __func__, onoff != 0 ? "on" : "off", ret_val);
1476 return ret_val;
1477 }
1478
1479 ret_val = rcv_hci_evt(fw_info);
1480 if (ret_val < 0) {
1481 RTKBT_ERR("%s: Failed to receive bt %s event, errno %d",
1482 __func__, onoff != 0 ? "on" : "off", ret_val);
1483 return ret_val;
1484 }
1485
1486 return ret_val;
1487 }
1488
get_fw_table_entry(struct usb_device * udev)1489 static patch_info *get_fw_table_entry(struct usb_device *udev)
1490 {
1491 patch_info *patch_entry = fw_patch_table;
1492 uint16_t vid = le16_to_cpu(udev->descriptor.idVendor);
1493 uint16_t pid = le16_to_cpu(udev->descriptor.idProduct);
1494 uint32_t entry_size = sizeof(fw_patch_table) / sizeof(fw_patch_table[0]);
1495 uint32_t i;
1496
1497 RTKBT_INFO("%s: Product id = 0x%04x, fw table entry size %d", __func__, pid, entry_size);
1498 usb_info = (uint32_t)(vid<<16) | pid;
1499
1500 for (i = 0; i < entry_size; i++, patch_entry++) {
1501 if ((vid == patch_entry->vid) && (pid == patch_entry->pid))
1502 break;
1503 }
1504
1505 if (i == entry_size) {
1506 RTKBT_ERR("%s: No fw table entry found", __func__);
1507 return NULL;
1508 }
1509
1510 return patch_entry;
1511 }
1512
1513 #if SUSPNED_DW_FW
get_suspend_fw_table_entry(struct usb_device * udev)1514 static patch_info *get_suspend_fw_table_entry(struct usb_device *udev)
1515 {
1516 patch_info *patch_entry = fw_patch_table;
1517 patch_info *patch_entry_real = NULL;
1518 uint16_t vid = le16_to_cpu(udev->descriptor.idVendor);
1519 uint16_t pid = le16_to_cpu(udev->descriptor.idProduct);
1520 uint32_t entry_size = sizeof(fw_patch_table) / sizeof(fw_patch_table[0]);
1521 uint32_t i;
1522
1523 RTKBT_INFO("%s: Product id = 0x%04x, fw table entry size %d", __func__, pid, entry_size);
1524
1525 for (i = 0; i < entry_size; i++, patch_entry++) {
1526 if ((vid == patch_entry->vid) && (pid == patch_entry->pid))
1527 break;
1528 }
1529
1530 if (i == entry_size) {
1531 RTKBT_ERR("%s: No fw table entry found", __func__);
1532 return NULL;
1533 }
1534 patch_entry_real = kmalloc(sizeof(fw_patch_table[0]), GFP_KERNEL);
1535 if (!patch_entry_real)
1536 return NULL;
1537 memcpy(patch_entry_real, patch_entry, sizeof(fw_patch_table[0]));
1538 return patch_entry_real;
1539 }
1540 #endif
1541
get_fw_patch_entry(struct rtk_epatch * epatch_info,uint16_t eco_ver)1542 static struct rtk_epatch_entry *get_fw_patch_entry(struct rtk_epatch *epatch_info, uint16_t eco_ver)
1543 {
1544 int patch_num = epatch_info->number_of_total_patch;
1545 uint8_t *epatch_buf = (uint8_t *)epatch_info;
1546 struct rtk_epatch_entry *p_entry = NULL;
1547 int coex_date;
1548 int coex_ver;
1549 int i;
1550
1551 for (i = 0; i < patch_num; i++) {
1552 if (*(uint16_t *)(epatch_buf + 14 + 2*i) == eco_ver + 1) {
1553 p_entry = kzalloc(sizeof(*p_entry), GFP_KERNEL);
1554 if (!p_entry) {
1555 RTKBT_ERR("%s: Failed to allocate mem for patch entry", __func__);
1556 return NULL;
1557 }
1558 p_entry->chip_id = eco_ver + 1;
1559 p_entry->patch_length = *(uint16_t *)(epatch_buf + 14 + 2*patch_num + 2*i);
1560 p_entry->start_offset = *(uint32_t *)(epatch_buf + 14 + 4*patch_num + 4*i);
1561 p_entry->coex_version = *(uint32_t *)(epatch_buf + p_entry->start_offset + p_entry->patch_length - 12);
1562 p_entry->svn_version = *(uint32_t *)(epatch_buf + p_entry->start_offset + p_entry->patch_length - 8);
1563 p_entry->fw_version = *(uint32_t *)(epatch_buf + p_entry->start_offset + p_entry->patch_length - 4);
1564
1565 coex_date = ((p_entry->coex_version >> 16) & 0x7ff) + ((p_entry->coex_version >> 27) * 10000);
1566 coex_ver = p_entry->coex_version & 0xffff;
1567
1568 RTKBT_INFO("BTCOEX:20%06d-0x%04x svn version:0x%08x fw version:0x%08x rtk_btusb version:%s Cut:%d, patch length:0x%04x, patch offset:0x%08x\n", \
1569 coex_date, coex_ver, p_entry->svn_version, p_entry->fw_version, VERSION, p_entry->chip_id, p_entry->patch_length, p_entry->start_offset);
1570 break;
1571 }
1572 }
1573
1574 return p_entry;
1575 }
1576
1577 /*reset_controller is aimed to reset_bt_fw before updata Fw patch*/
reset_controller(firmware_info * fw_info)1578 int reset_controller(firmware_info *fw_info)
1579 {
1580 int ret_val;
1581 RTKBT_ERR("reset_controller");
1582
1583 if (!fw_info)
1584 return -ENODEV;
1585
1586 fw_info->cmd_hdr->opcode = cpu_to_le16(HCI_VENDOR_FORCE_RESET_AND_PATCHABLE);
1587 fw_info->cmd_hdr->plen = 0;
1588 fw_info->pkt_len = CMD_HDR_LEN;
1589 ret_val = send_hci_cmd(fw_info);
1590
1591 if (ret_val < 0) {
1592 RTKBT_ERR("%s: Failed to send hci cmd 0x%04x, errno %d",
1593 __func__, fw_info->cmd_hdr->opcode, ret_val);
1594 return ret_val;
1595 }
1596
1597 //sleep 1s for firmware reset.
1598 msleep(1000);
1599 RTKBT_INFO("%s: Wait fw reset for 1000ms", __func__);
1600
1601 return ret_val;
1602 }
1603 /*reset_controller is aimed to reset_bt_fw before updata Fw patch*/
1604
1605 /*
1606 * check the return value
1607 * 1: need to download fw patch
1608 * 0: no need to download fw patch
1609 * <0: failed to check lmp version
1610 */
check_fw_version(firmware_info * fw_info,bool resume_check)1611 int check_fw_version(firmware_info *fw_info, bool resume_check)
1612 {
1613 struct hci_rp_read_local_version *read_ver_rsp;
1614 patch_info *patch_entry = NULL;
1615 int ret_val = -1, i, ret_len = 0;
1616 struct sk_buff *rtk_skb_copy = NULL;
1617 unsigned char pkt_type = HCI_EVENT_PKT;
1618
1619 fw_info->cmd_hdr->opcode = cpu_to_le16(HCI_OP_READ_LOCAL_VERSION);
1620 fw_info->cmd_hdr->plen = 0;
1621 fw_info->pkt_len = CMD_HDR_LEN;
1622
1623 ret_val = send_hci_cmd(fw_info);
1624 if (ret_val < 0) {
1625 RTKBT_ERR("%s: Failed to send hci cmd 0x%04x, errno %d",
1626 __func__, fw_info->cmd_hdr->opcode, ret_val);
1627 return ret_val;
1628 }
1629
1630 while (1) {
1631 for (i = 0; i < 5; i++) {
1632 ret_val = usb_interrupt_msg(
1633 fw_info->udev, fw_info->pipe_in,
1634 (void *)(fw_info->rcv_pkt), PKT_LEN,
1635 &ret_len, MSG_TO);
1636 if (ret_val >= 0)
1637 break;
1638 }
1639
1640 if (ret_val < 0) {
1641 RTKBT_ERR("%s: Failed to receive hci event, errno %d",
1642 __func__, ret_val);
1643 return ret_val;
1644 }
1645
1646 if ((CMD_CMP_EVT == fw_info->evt_hdr->evt) &&
1647 (fw_info->cmd_hdr->opcode == fw_info->cmd_cmp->opcode)) {
1648 break;
1649 } else if (resume_check) {
1650 rtk_skb_copy = bt_skb_alloc((ret_len), GFP_ATOMIC);
1651 if (!rtk_skb_copy) {
1652 RTKBT_ERR("%s: Failed to allocate mem", __func__);
1653 return 2;
1654 }
1655
1656 memcpy(skb_put(rtk_skb_copy, ret_len), fw_info->rcv_pkt, ret_len);
1657 memcpy(skb_push(rtk_skb_copy, 1), &pkt_type, 1);
1658 rtk_enqueue(rtk_skb_copy);
1659
1660 rtk_skb_copy = NULL;
1661 wake_up_interruptible(&btchr_read_wait);
1662 }
1663 }
1664
1665 patch_entry = fw_info->patch_entry;
1666 read_ver_rsp = (struct hci_rp_read_local_version *)(fw_info->rsp_para);
1667
1668 RTKBT_INFO("%s: Controller lmp = 0x%04x, patch lmp = 0x%04x, default patch lmp = 0x%04x",
1669 __func__, read_ver_rsp->lmp_subver, patch_entry->lmp_sub, patch_entry->lmp_sub_default);
1670
1671 if (read_ver_rsp->lmp_subver == patch_entry->lmp_sub_default) {
1672 RTKBT_INFO("%s: Cold BT controller startup", __func__);
1673
1674 return 2;
1675
1676 } else if (read_ver_rsp->lmp_subver != patch_entry->lmp_sub) {
1677 RTKBT_INFO("%s: Warm BT controller startup with updated lmp", __func__);
1678 return 1;
1679 } else {
1680 RTKBT_INFO("%s: Warm BT controller startup with same lmp", __func__);
1681 return 0;
1682 }
1683 }
1684
1685 #if SET_WAKEUP_DEVICE
set_wakeup_device(firmware_info * fw_info,uint8_t * wakeup_bdaddr)1686 int set_wakeup_device(firmware_info *fw_info, uint8_t *wakeup_bdaddr)
1687 {
1688 struct rtk_eversion_evt *ever_evt;
1689 int ret_val;
1690
1691 if (!fw_info)
1692 return -ENODEV;
1693
1694 fw_info->cmd_hdr->opcode = cpu_to_le16(HCI_VENDOR_ADD_WAKE_UP_DEVICE);
1695 fw_info->cmd_hdr->plen = 7;
1696 memcpy(fw_info->req_para, wakeup_bdaddr, 7);
1697 fw_info->pkt_len = CMD_HDR_LEN + 7;
1698
1699 ret_val = send_hci_cmd(fw_info);
1700 if (ret_val < 0) {
1701 RTKBT_ERR("%s: Failed to send hci cmd 0x%04x, errno %d\n",
1702 __func__, fw_info->cmd_hdr->opcode, ret_val);
1703 return ret_val;
1704 }
1705
1706 ret_val = rcv_hci_evt(fw_info);
1707 if (ret_val < 0) {
1708 RTKBT_ERR("%s: Failed to receive hci event, errno %d\n", __func__, ret_val);
1709 return ret_val;
1710 }
1711
1712 ever_evt = (struct rtk_eversion_evt *)(fw_info->rsp_para);
1713
1714 RTKBT_DBG("%s: status %d, eversion %d", __func__, ever_evt->status, ever_evt->version);
1715 return ret_val;
1716 }
1717 #endif
1718
1719 /*reset_channel to recover the communication between wifi 8192eu with 8761 bt controller in case of geteversion error*/
1720
reset_channel(firmware_info * fw_info)1721 int reset_channel(firmware_info *fw_info)
1722 {
1723 struct rtk_reset_evt *ever_evt;
1724 int ret_val;
1725
1726 if (!fw_info)
1727 return -ENODEV;
1728
1729 fw_info->cmd_hdr->opcode = cpu_to_le16(HCI_VENDOR_RESET);
1730 fw_info->cmd_hdr->plen = 0;
1731 fw_info->pkt_len = CMD_HDR_LEN;
1732
1733 ret_val = send_hci_cmd(fw_info);
1734 if (ret_val < 0) {
1735 RTKBT_ERR("%s: Failed to send hci cmd 0x%04x, errno %d",
1736 __func__, fw_info->cmd_hdr->opcode, ret_val);
1737 return ret_val;
1738 }
1739
1740 ret_val = rcv_hci_evt(fw_info);
1741 if (ret_val < 0) {
1742 RTKBT_ERR("%s: Failed to receive hci event, errno %d",
1743 __func__, ret_val);
1744 return ret_val;
1745 }
1746
1747 ever_evt = (struct rtk_reset_evt *)(fw_info->rsp_para);
1748
1749 RTKBT_INFO("%s: status %d ", __func__, ever_evt->status);
1750
1751 //sleep 300ms for channel reset.
1752 msleep(300);
1753 RTKBT_INFO("%s: Wait channel reset for 300ms", __func__);
1754
1755 return ret_val;
1756 }
1757
1758
1759 //sometimes the controller is in warm resume,and still send message to host
1760 //we should reset controller and clean the hardware buffer
reset_and_clean_hw_buffer(firmware_info * fw_info)1761 bool reset_and_clean_hw_buffer(firmware_info *fw_info)
1762 {
1763 int ret_val;
1764 int ret_len = 0;
1765 bool event_recv = false;
1766
1767 if (!fw_info)
1768 return -ENODEV;
1769
1770 fw_info->cmd_hdr->opcode = cpu_to_le16(HCI_VENDOR_RESET);
1771 fw_info->cmd_hdr->plen = 0;
1772 fw_info->pkt_len = CMD_HDR_LEN;
1773
1774 ret_val = send_hci_cmd(fw_info);
1775 if (ret_val < 0) {
1776 RTKBT_ERR("%s: Failed to send hci cmd 0x%04x, errno %d",
1777 __func__, fw_info->cmd_hdr->opcode, ret_val);
1778 return ret_val;
1779 }
1780
1781 //we need to clean the hardware buffer
1782 while (1) {
1783 ret_val = usb_interrupt_msg(
1784 fw_info->udev, fw_info->pipe_in,
1785 (void *)(fw_info->rcv_pkt), PKT_LEN,
1786 &ret_len, (MSG_TO/2));
1787
1788 if (ret_val >= 0) {
1789 if (event_recv) {
1790 RTKBT_INFO("%s: clear hardware event", __func__);
1791 continue;
1792 }
1793 } else {
1794 return event_recv;
1795 }
1796
1797 if (CMD_CMP_EVT == fw_info->evt_hdr->evt) {
1798 if (fw_info->cmd_hdr->opcode == fw_info->cmd_cmp->opcode) {
1799 event_recv = true;
1800 }
1801 }
1802 }
1803 return ret_val;
1804 }
1805
read_localversion(firmware_info * fw_info)1806 int read_localversion(firmware_info *fw_info)
1807 {
1808 struct rtk_localversion_evt *ever_evt;
1809 int ret_val;
1810
1811 if (!fw_info)
1812 return -ENODEV;
1813
1814 fw_info->cmd_hdr->opcode = cpu_to_le16(HCI_VENDOR_READ_LMP_VERISION);
1815 fw_info->cmd_hdr->plen = 0;
1816 fw_info->pkt_len = CMD_HDR_LEN;
1817
1818 ret_val = send_hci_cmd(fw_info);
1819 if (ret_val < 0) {
1820 RTKBT_ERR("%s: Failed to send hci cmd 0x%04x, errno %d",
1821 __func__, fw_info->cmd_hdr->opcode, ret_val);
1822 return ret_val;
1823 }
1824
1825 ret_val = rcv_hci_evt(fw_info);
1826 if (ret_val < 0) {
1827 RTKBT_ERR("%s: Failed to receive hci event, errno %d",
1828 __func__, ret_val);
1829 return ret_val;
1830 }
1831
1832 ever_evt = (struct rtk_localversion_evt *)(fw_info->rsp_para);
1833
1834 RTKBT_INFO("%s: status %d ", __func__, ever_evt->status);
1835 RTKBT_INFO("%s: hci_version %d ", __func__, ever_evt->hci_version);
1836 RTKBT_INFO("%s: hci_revision %d ", __func__, ever_evt->hci_revision);
1837 RTKBT_INFO("%s: lmp_version %d ", __func__, ever_evt->lmp_version);
1838 RTKBT_INFO("%s: lmp_subversion %d ", __func__, ever_evt->lmp_subversion);
1839 RTKBT_INFO("%s: lmp_manufacture %d ", __func__, ever_evt->lmp_manufacture);
1840 //sleep 300ms for channel reset.
1841 msleep(300);
1842 RTKBT_INFO("%s: Wait channel reset for 300ms", __func__);
1843
1844 return ret_val;
1845 }
1846
get_eversion(firmware_info * fw_info)1847 int get_eversion(firmware_info *fw_info)
1848 {
1849 struct rtk_eversion_evt *ever_evt;
1850 int ret_val;
1851
1852 if (!fw_info)
1853 return -ENODEV;
1854
1855 fw_info->cmd_hdr->opcode = cpu_to_le16(HCI_VENDOR_READ_RTK_ROM_VERISION);
1856 fw_info->cmd_hdr->plen = 0;
1857 fw_info->pkt_len = CMD_HDR_LEN;
1858
1859 ret_val = send_hci_cmd(fw_info);
1860 if (ret_val < 0) {
1861 RTKBT_ERR("%s: Failed to send hci cmd 0x%04x, errno %d",
1862 __func__, fw_info->cmd_hdr->opcode, ret_val);
1863 return ret_val;
1864 }
1865
1866 ret_val = rcv_hci_evt(fw_info);
1867 if (ret_val < 0) {
1868 RTKBT_ERR("%s: Failed to receive hci event, errno %d",
1869 __func__, ret_val);
1870 return ret_val;
1871 }
1872
1873 ever_evt = (struct rtk_eversion_evt *)(fw_info->rsp_para);
1874
1875 RTKBT_INFO("%s: status %d, eversion %d", __func__, ever_evt->status, ever_evt->version);
1876
1877 if (ever_evt->status)
1878 fw_info->patch_entry->eversion = 0;
1879 else
1880 fw_info->patch_entry->eversion = ever_evt->version;
1881
1882 return ret_val;
1883 }
1884
rtk_update_altsettings(patch_info * patch_entry,const unsigned char * org_config_buf,int org_config_len,unsigned char ** new_config_buf_ptr,int * new_config_len_ptr)1885 void rtk_update_altsettings(patch_info *patch_entry, const unsigned char *org_config_buf, int org_config_len, unsigned char **new_config_buf_ptr, int *new_config_len_ptr)
1886 {
1887 static unsigned char config_buf[1024];
1888 unsigned short offset[256];
1889 unsigned char val[256];
1890
1891 struct rtk_bt_vendor_config *config = (struct rtk_bt_vendor_config *)config_buf;
1892 struct rtk_bt_vendor_config_entry *entry = config->entry;
1893
1894 int count = 0, temp = 0, i = 0, j;
1895
1896 memset(config_buf, 0, sizeof(config_buf));
1897 memset(offset, 0, sizeof(offset));
1898 memset(val, 0, sizeof(val));
1899
1900 memcpy(config_buf, org_config_buf, org_config_len);
1901 *new_config_buf_ptr = config_buf;
1902 *new_config_len_ptr = org_config_len;
1903
1904 count = getAltSettings(patch_entry, offset, sizeof(offset)/sizeof(unsigned short));
1905 if (count <= 0) {
1906 RTKBT_INFO("rtk_update_altsettings: No AltSettings");
1907 return;
1908 } else {
1909 RTKBT_INFO("rtk_update_altsettings: %d AltSettings", count);
1910 }
1911
1912 RTKBT_INFO("ORG Config len=%08x:\n", org_config_len);
1913 for (i = 0; i <= org_config_len; i += 0x10) {
1914 RTKBT_INFO("%08x: %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x\n", i, \
1915 config_buf[i], config_buf[i+1], config_buf[i+2], config_buf[i+3], config_buf[i+4], config_buf[i+5], config_buf[i+6], config_buf[i+7], \
1916 config_buf[i+8], config_buf[i+9], config_buf[i+10], config_buf[i+11], config_buf[i+12], config_buf[i+13], config_buf[i+14], config_buf[i+15]);
1917 }
1918
1919 if (config->data_len != org_config_len - sizeof(struct rtk_bt_vendor_config)) {
1920 RTKBT_ERR("rtk_update_altsettings: config len(%x) is not right(%zd)", config->data_len, org_config_len-sizeof(struct rtk_bt_vendor_config));
1921 return;
1922 }
1923
1924 for (i = 0; i < config->data_len;) {
1925 for (j = 0; j < count; j++) {
1926 if (entry->offset == offset[j])
1927 offset[j] = 0;
1928 }
1929
1930 if (getAltSettingVal(patch_entry, entry->offset, val) == entry->entry_len) {
1931 RTKBT_INFO("rtk_update_altsettings: replace %04x[%02x]", entry->offset, entry->entry_len);
1932 memcpy(entry->entry_data, val, entry->entry_len);
1933 }
1934
1935 temp = entry->entry_len + sizeof(struct rtk_bt_vendor_config_entry);
1936 i += temp;
1937 entry = (struct rtk_bt_vendor_config_entry *)((uint8_t *)entry + temp);
1938 }
1939
1940 for (j = 0; j < count; j++) {
1941 if (offset[j] == 0)
1942 continue;
1943 entry->entry_len = getAltSettingVal(patch_entry, offset[j], val);
1944 if (entry->entry_len <= 0)
1945 continue;
1946 entry->offset = offset[j];
1947 memcpy(entry->entry_data, val, entry->entry_len);
1948 RTKBT_INFO("rtk_update_altsettings: add %04x[%02x]", entry->offset, entry->entry_len);
1949 temp = entry->entry_len + sizeof(struct rtk_bt_vendor_config_entry);
1950 i += temp;
1951 entry = (struct rtk_bt_vendor_config_entry *)((uint8_t *)entry + temp);
1952 }
1953 config->data_len = i;
1954 *new_config_buf_ptr = config_buf;
1955 *new_config_len_ptr = config->data_len+sizeof(struct rtk_bt_vendor_config);
1956
1957 return;
1958 }
1959
load_firmware(firmware_info * fw_info,uint8_t ** buff)1960 int load_firmware(firmware_info *fw_info, uint8_t **buff)
1961 {
1962 const struct firmware *fw, *cfg;
1963 struct usb_device *udev;
1964 patch_info *patch_entry;
1965 char *config_name, *fw_name;
1966 int fw_len = 0;
1967 int ret_val;
1968
1969 int config_len = 0, buf_len = -1;
1970 uint8_t *buf = *buff, *config_file_buf = NULL;
1971 uint8_t *epatch_buf = NULL;
1972
1973 struct rtk_epatch *epatch_info = NULL;
1974 uint8_t need_download_fw = 1;
1975 struct rtk_extension_entry patch_lmp = {0};
1976 struct rtk_epatch_entry *p_epatch_entry = NULL;
1977 uint16_t lmp_version;
1978 //uint8_t use_mp_fw = 0;
1979 RTKBT_DBG("%s: start", __func__);
1980
1981 udev = fw_info->udev;
1982 patch_entry = fw_info->patch_entry;
1983 lmp_version = patch_entry->lmp_sub_default;
1984 config_name = patch_entry->config_name;
1985 /* 1 Mptool Fw; 0 Normal Fw */
1986 if (DRV_MP_MODE == mp_drv_mode) {
1987 fw_name = patch_entry->mp_patch_name;
1988 } else {
1989 fw_name = patch_entry->patch_name;
1990 }
1991
1992 RTKBT_INFO("%s: Default lmp version = 0x%04x, config file name[%s], "
1993 "fw file name[%s]", __func__, lmp_version, config_name, fw_name);
1994
1995 ret_val = request_firmware(&cfg, config_name, &udev->dev);
1996 if (ret_val < 0)
1997 config_len = 0;
1998 else {
1999 int i;
2000 rtk_update_altsettings(patch_entry, cfg->data, cfg->size, &config_file_buf, &config_len);
2001
2002 RTKBT_INFO("Final Config len=%08x:\n", config_len);
2003 for (i = 0; i <= config_len; i += 0x10) {
2004 RTKBT_INFO("%08x: %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x\n", i, \
2005 config_file_buf[i], config_file_buf[i+1], config_file_buf[i+2], config_file_buf[i+3], config_file_buf[i+4], config_file_buf[i+5], config_file_buf[i+6], config_file_buf[i+7], \
2006 config_file_buf[i+8], config_file_buf[i+9], config_file_buf[i+10], config_file_buf[i+11], config_file_buf[i+12], config_file_buf[i+13], config_file_buf[i+14], config_file_buf[i+15]);
2007 }
2008
2009 release_firmware(cfg);
2010 }
2011
2012 ret_val = request_firmware(&fw, fw_name, &udev->dev);
2013 if (ret_val < 0)
2014 goto fw_fail;
2015 else {
2016 epatch_buf = vmalloc(fw->size);
2017 RTKBT_INFO("%s: epatch_buf = vmalloc(fw->size, GFP_KERNEL)", __func__);
2018 if (!epatch_buf) {
2019 release_firmware(fw);
2020 goto fw_fail;
2021 }
2022 memcpy(epatch_buf, fw->data, fw->size);
2023 fw_len = fw->size;
2024 buf_len = fw_len + config_len;
2025 release_firmware(fw);
2026 }
2027
2028 if (lmp_version == ROM_LMP_8723a) {
2029 RTKBT_DBG("%s: 8723a -> use old style patch", __func__);
2030 if (!memcmp(epatch_buf, RTK_EPATCH_SIGNATURE, 8)) {
2031 RTKBT_ERR("%s: 8723a check signature error", __func__);
2032 need_download_fw = 0;
2033 } else {
2034 buf = kzalloc(buf_len, GFP_KERNEL);
2035 if (!buf) {
2036 RTKBT_ERR("%s: Failed to allocate mem for fw&config", __func__);
2037 buf_len = -1;
2038 } else {
2039 RTKBT_DBG("%s: 8723a -> fw copy directly", __func__);
2040 memcpy(buf, epatch_buf, buf_len);
2041 patch_entry->lmp_sub = *(uint16_t *)(buf + buf_len - config_len - 4);
2042 RTKBT_DBG("%s: Config lmp version = 0x%04x", __func__,
2043 patch_entry->lmp_sub);
2044 vfree(epatch_buf);
2045 RTKBT_INFO("%s:ROM_LMP_8723a vfree(epatch_buf)", __func__);
2046 epatch_buf = NULL;
2047 if (config_len)
2048 memcpy(buf + buf_len - config_len, config_file_buf, config_len);
2049 }
2050 }
2051 } else {
2052 RTKBT_DBG("%s: Not 8723a -> use new style patch", __func__);
2053
2054 RTKBT_DBG("%s: reset_channel before get_eversion from bt controller", __func__);
2055 ret_val = reset_channel(fw_info);
2056 if (ret_val < 0) {
2057 RTKBT_ERR("%s: Failed to reset_channel, errno %d", __func__, ret_val);
2058 goto fw_fail;
2059 }
2060 // read_localversion(fw_info);
2061 RTKBT_DBG("%s: get_eversion from bt controller", __func__);
2062
2063 ret_val = get_eversion(fw_info);
2064 if (ret_val < 0) {
2065 RTKBT_ERR("%s: Failed to get eversion, errno %d", __func__, ret_val);
2066 goto fw_fail;
2067 }
2068
2069 RTKBT_DBG("%s: Get eversion =%d", __func__, patch_entry->eversion);
2070 if (memcmp(epatch_buf + buf_len - config_len - 4, EXTENSION_SECTION_SIGNATURE, 4)) {
2071 RTKBT_ERR("%s: Failed to check extension section signature", __func__);
2072 need_download_fw = 0;
2073 } else {
2074 uint8_t *temp;
2075 temp = epatch_buf+buf_len-config_len - 5;
2076 do {
2077 if (*temp == 0x00) {
2078 patch_lmp.opcode = *temp;
2079 patch_lmp.length = *(temp-1);
2080 patch_lmp.data = kzalloc(patch_lmp.length, GFP_KERNEL);
2081 if (patch_lmp.data) {
2082 int k;
2083 for (k = 0; k < patch_lmp.length; k++) {
2084 *(patch_lmp.data+k) = *(temp-2-k);
2085 RTKBT_DBG("data = 0x%x", *(patch_lmp.data+k));
2086 }
2087 }
2088 RTKBT_DBG("%s: opcode = 0x%x, length = 0x%x, data = 0x%x", __func__,
2089 patch_lmp.opcode, patch_lmp.length, *(patch_lmp.data));
2090 break;
2091 }
2092 temp -= *(temp-1) + 2;
2093 } while (*temp != 0xFF);
2094
2095 if (lmp_version != project_id[*(patch_lmp.data)]) {
2096 RTKBT_ERR("%s: Default lmp_version 0x%04x, project_id[%d] 0x%04x "
2097 "-> not match", __func__, lmp_version, *(patch_lmp.data), project_id[*(patch_lmp.data)]);
2098 if (patch_lmp.data)
2099 kfree(patch_lmp.data);
2100 need_download_fw = 0;
2101 } else {
2102 RTKBT_INFO("%s: Default lmp_version 0x%04x, project_id[%d] 0x%04x "
2103 "-> match", __func__, lmp_version, *(patch_lmp.data), project_id[*(patch_lmp.data)]);
2104 if (patch_lmp.data)
2105 kfree(patch_lmp.data);
2106 if (memcmp(epatch_buf, RTK_EPATCH_SIGNATURE, 8)) {
2107 RTKBT_ERR("%s: Check signature error", __func__);
2108 need_download_fw = 0;
2109 } else {
2110 epatch_info = (struct rtk_epatch *)epatch_buf;
2111 patch_entry->lmp_sub = (uint16_t)epatch_info->fw_version;
2112
2113 RTKBT_DBG("%s: lmp version 0x%04x, fw_version 0x%x, "
2114 "number_of_total_patch %d", __func__,
2115 patch_entry->lmp_sub, epatch_info->fw_version,
2116 epatch_info->number_of_total_patch);
2117
2118 /* Get right epatch entry */
2119 p_epatch_entry = get_fw_patch_entry(epatch_info, patch_entry->eversion);
2120 if (p_epatch_entry == NULL) {
2121 RTKBT_WARN("%s: Failed to get fw patch entry", __func__);
2122 ret_val = -1;
2123 goto fw_fail ;
2124 }
2125
2126 buf_len = p_epatch_entry->patch_length + config_len;
2127 RTKBT_DBG("buf_len = 0x%x", buf_len);
2128
2129 buf = kzalloc(buf_len, GFP_KERNEL);
2130 if (!buf) {
2131 RTKBT_ERR("%s: Can't alloc memory for fw&config", __func__);
2132 buf_len = -1;
2133 kfree(p_epatch_entry);
2134 } else {
2135 memcpy(buf, &epatch_buf[p_epatch_entry->start_offset], p_epatch_entry->patch_length);
2136 memcpy(&buf[p_epatch_entry->patch_length-4], &epatch_info->fw_version, 4);
2137 kfree(p_epatch_entry);
2138 }
2139 vfree(epatch_buf);
2140 RTKBT_INFO("%s: vfree(epatch_buf)", __func__);
2141 epatch_buf = NULL;
2142
2143 if (config_len)
2144 memcpy(&buf[buf_len - config_len], config_file_buf, config_len);
2145 }
2146 }
2147 }
2148 }
2149
2150 RTKBT_INFO("%s: fw%s exists, config file%s exists", __func__,
2151 (buf_len > 0) ? "" : " not", (config_len > 0) ? "":" not");
2152
2153 if (buf && buf_len > 0 && need_download_fw)
2154 *buff = buf;
2155
2156 RTKBT_DBG("%s: done", __func__);
2157
2158 return buf_len;
2159
2160 fw_fail:
2161 return ret_val;
2162 }
2163
load_firmware_info(firmware_info * fw_info)2164 void load_firmware_info(firmware_info *fw_info)
2165 {
2166 const struct firmware *fw;
2167 struct usb_device *udev;
2168 patch_info *patch_entry;
2169 char *fw_name;
2170 int ret_val;
2171
2172 int buf_len = -1;
2173 uint8_t *epatch_buf = NULL;
2174
2175 struct rtk_epatch *epatch_info = NULL;
2176 struct rtk_extension_entry patch_lmp = {0};
2177 uint16_t lmp_version;
2178 RTKBT_DBG("%s: start", __func__);
2179
2180 udev = fw_info->udev;
2181 patch_entry = fw_info->patch_entry;
2182 lmp_version = patch_entry->lmp_sub_default;
2183
2184 if (DRV_MP_MODE == mp_drv_mode) {
2185 fw_name = patch_entry->mp_patch_name;
2186 } else {
2187 fw_name = patch_entry->patch_name;
2188 }
2189
2190 RTKBT_INFO("%s: Default lmp version = 0x%04x, fw file name[%s]", __func__, lmp_version, fw_name);
2191
2192 ret_val = request_firmware(&fw, fw_name, &udev->dev);
2193 if (ret_val < 0)
2194 goto fw_fail;
2195 else {
2196 epatch_buf = vmalloc(fw->size);
2197 RTKBT_INFO("%s: epatch_buf = vmalloc(fw->size, GFP_KERNEL)", __func__);
2198 if (!epatch_buf) {
2199 release_firmware(fw);
2200 goto fw_fail;
2201 }
2202 memcpy(epatch_buf, fw->data, fw->size);
2203 buf_len = fw->size;
2204 release_firmware(fw);
2205 }
2206
2207 ret_val = reset_and_clean_hw_buffer(fw_info);
2208
2209 if (lmp_version != ROM_LMP_8723a) {
2210 RTKBT_DBG("%s: Not 8723a -> use new style patch", __func__);
2211 ret_val = get_eversion(fw_info);
2212 if (ret_val < 0) {
2213 RTKBT_ERR("%s: Failed to get eversion, errno %d", __func__, ret_val);
2214 goto fw_fail;
2215 }
2216 RTKBT_DBG("%s: Get eversion =%d", __func__, patch_entry->eversion);
2217 if (memcmp(epatch_buf + buf_len - 4, EXTENSION_SECTION_SIGNATURE, 4)) {
2218 RTKBT_ERR("%s: Failed to check extension section signature", __func__);
2219 } else {
2220 uint8_t *temp;
2221 temp = epatch_buf + buf_len - 5;
2222 do {
2223 if (*temp == 0x00) {
2224 patch_lmp.opcode = *temp;
2225 patch_lmp.length = *(temp-1);
2226 patch_lmp.data = vmalloc(patch_lmp.length);
2227 if (patch_lmp.data) {
2228 int k;
2229 for (k = 0; k < patch_lmp.length; k++) {
2230 *(patch_lmp.data+k) = *(temp-2-k);
2231 RTKBT_DBG("data = 0x%x", *(patch_lmp.data+k));
2232 }
2233 } else
2234 goto fw_fail;
2235 RTKBT_DBG("%s: opcode = 0x%x, length = 0x%x, data = 0x%x", __func__,
2236 patch_lmp.opcode, patch_lmp.length, *(patch_lmp.data));
2237 break;
2238 }
2239 temp -= *(temp-1) + 2;
2240 } while (*temp != 0xFF);
2241
2242 if (lmp_version != project_id[*(patch_lmp.data)]) {
2243 RTKBT_ERR("%s: Default lmp_version 0x%04x, project_id[%d] 0x%04x "
2244 "-> not match", __func__, lmp_version, *(patch_lmp.data), project_id[*(patch_lmp.data)]);
2245 } else {
2246 RTKBT_INFO("%s: Default lmp_version 0x%04x, project_id[%d] 0x%04x "
2247 "-> match", __func__, lmp_version, *(patch_lmp.data), project_id[*(patch_lmp.data)]);
2248 if (memcmp(epatch_buf, RTK_EPATCH_SIGNATURE, 8)) {
2249 RTKBT_ERR("%s: Check signature error", __func__);
2250 } else {
2251 epatch_info = (struct rtk_epatch *)epatch_buf;
2252 patch_entry->lmp_sub = (uint16_t)epatch_info->fw_version;
2253
2254 RTKBT_DBG("%s: lmp version 0x%04x, fw_version 0x%x, "
2255 "number_of_total_patch %d", __func__,
2256 patch_entry->lmp_sub, epatch_info->fw_version,
2257 epatch_info->number_of_total_patch);
2258 }
2259 }
2260 }
2261 }
2262
2263 RTKBT_DBG("%s: done", __func__);
2264 fw_fail:
2265 if (epatch_buf)
2266 vfree(epatch_buf);
2267 if (patch_lmp.data)
2268 vfree(patch_lmp.data);
2269 }
2270
2271 #if SUSPNED_DW_FW
load_suspend_firmware(firmware_info * fw_info,uint8_t ** buff)2272 static int load_suspend_firmware(firmware_info *fw_info, uint8_t **buff)
2273 {
2274 const struct firmware *fw, *cfg;
2275 struct usb_device *udev;
2276 patch_info *patch_entry;
2277 char config_name[100] = {0};
2278 char fw_name[100] = {0};
2279 int fw_len = 0;
2280 int ret_val;
2281
2282 int config_len = 0, buf_len = -1;
2283 uint8_t *buf = *buff, *config_file_buf = NULL;
2284 uint8_t *epatch_buf = NULL;
2285
2286 struct rtk_epatch *epatch_info = NULL;
2287 uint8_t need_download_fw = 1;
2288 struct rtk_extension_entry patch_lmp = {0};
2289 struct rtk_epatch_entry *p_epatch_entry = NULL;
2290 uint16_t lmp_version;
2291 RTKBT_DBG("%s: start", __func__);
2292
2293 udev = fw_info->udev;
2294 patch_entry = fw_info->patch_entry;
2295 lmp_version = patch_entry->lmp_sub_default;
2296 sprintf(config_name, "%s_suspend", patch_entry->config_name);
2297 sprintf(fw_name, "%s_suspend", patch_entry->patch_name);
2298
2299 RTKBT_INFO("%s: Default lmp version = 0x%04x, config file name[%s], "
2300 "fw file name[%s]", __func__, lmp_version, config_name, fw_name);
2301
2302 ret_val = request_firmware(&cfg, config_name, &udev->dev);
2303 if (ret_val < 0)
2304 config_len = 0;
2305 else {
2306 int i;
2307 rtk_update_altsettings(patch_entry, cfg->data, cfg->size, &config_file_buf, &config_len);
2308
2309 RTKBT_INFO("Final Config len=%08x:\n", config_len);
2310 for (i = 0; i <= config_len; i += 0x10) {
2311 RTKBT_INFO("%08x: %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x\n", i, \
2312 config_file_buf[i], config_file_buf[i+1], config_file_buf[i+2], config_file_buf[i+3], config_file_buf[i+4], config_file_buf[i+5], config_file_buf[i+6], config_file_buf[i+7], \
2313 config_file_buf[i+8], config_file_buf[i+9], config_file_buf[i+10], config_file_buf[i+11], config_file_buf[i+12], config_file_buf[i+13], config_file_buf[i+14], config_file_buf[i+15]);
2314 }
2315
2316 release_firmware(cfg);
2317 }
2318
2319 ret_val = request_firmware(&fw, fw_name, &udev->dev);
2320 if (ret_val < 0)
2321 goto fw_fail;
2322 else {
2323 epatch_buf = vmalloc(fw->size);
2324 RTKBT_INFO("%s: epatch_buf = vmalloc(fw->size, GFP_KERNEL)", __func__);
2325 if (!epatch_buf) {
2326 release_firmware(fw);
2327 goto fw_fail;
2328 }
2329 memcpy(epatch_buf, fw->data, fw->size);
2330 fw_len = fw->size;
2331 buf_len = fw_len + config_len;
2332 release_firmware(fw);
2333 }
2334
2335 RTKBT_DBG("%s: Not 8723a -> use new style patch", __func__);
2336
2337 RTKBT_DBG("%s: get_eversion from bt controller", __func__);
2338
2339 ret_val = get_eversion(fw_info);
2340 if (ret_val < 0) {
2341 RTKBT_ERR("%s: Failed to get eversion, errno %d", __func__, ret_val);
2342 goto fw_fail;
2343 }
2344 RTKBT_DBG("%s: Get eversion =%d", __func__, patch_entry->eversion);
2345 if (memcmp(epatch_buf + buf_len - config_len - 4, EXTENSION_SECTION_SIGNATURE, 4)) {
2346 RTKBT_ERR("%s: Failed to check extension section signature", __func__);
2347 need_download_fw = 0;
2348 } else {
2349 uint8_t *temp;
2350 temp = epatch_buf+buf_len-config_len - 5;
2351 do {
2352 if (*temp == 0x00) {
2353 patch_lmp.opcode = *temp;
2354 patch_lmp.length = *(temp-1);
2355 patch_lmp.data = kzalloc(patch_lmp.length, GFP_KERNEL);
2356 if (patch_lmp.data) {
2357 int k;
2358 for (k = 0; k < patch_lmp.length; k++) {
2359 *(patch_lmp.data+k) = *(temp-2-k);
2360 RTKBT_DBG("data = 0x%x", *(patch_lmp.data+k));
2361 }
2362 }
2363 RTKBT_DBG("%s: opcode = 0x%x, length = 0x%x, data = 0x%x", __func__,
2364 patch_lmp.opcode, patch_lmp.length, *(patch_lmp.data));
2365 break;
2366 }
2367 temp -= *(temp-1) + 2;
2368 } while (*temp != 0xFF);
2369
2370 if (lmp_version != project_id[*(patch_lmp.data)]) {
2371 RTKBT_ERR("%s: Default lmp_version 0x%04x, project_id[%d] 0x%04x "
2372 "-> not match", __func__, lmp_version, *(patch_lmp.data), project_id[*(patch_lmp.data)]);
2373 if (patch_lmp.data)
2374 kfree(patch_lmp.data);
2375 need_download_fw = 0;
2376 } else {
2377 RTKBT_INFO("%s: Default lmp_version 0x%04x, project_id[%d] 0x%04x "
2378 "-> match", __func__, lmp_version, *(patch_lmp.data), project_id[*(patch_lmp.data)]);
2379 if (patch_lmp.data)
2380 kfree(patch_lmp.data);
2381 if (memcmp(epatch_buf, RTK_EPATCH_SIGNATURE, 8)) {
2382 RTKBT_ERR("%s: Check signature error", __func__);
2383 need_download_fw = 0;
2384 } else {
2385 epatch_info = (struct rtk_epatch *)epatch_buf;
2386 patch_entry->lmp_sub = (uint16_t)epatch_info->fw_version;
2387
2388 RTKBT_DBG("%s: lmp version 0x%04x, fw_version 0x%x, "
2389 "number_of_total_patch %d", __func__,
2390 patch_entry->lmp_sub, epatch_info->fw_version,
2391 epatch_info->number_of_total_patch);
2392
2393 /* Get right epatch entry */
2394 p_epatch_entry = get_fw_patch_entry(epatch_info, patch_entry->eversion);
2395 if (p_epatch_entry == NULL) {
2396 RTKBT_WARN("%s: Failed to get fw patch entry", __func__);
2397 ret_val = -1;
2398 goto fw_fail ;
2399 }
2400
2401 buf_len = p_epatch_entry->patch_length + config_len;
2402 RTKBT_DBG("buf_len = 0x%x", buf_len);
2403
2404 buf = kzalloc(buf_len, GFP_KERNEL);
2405 if (!buf) {
2406 RTKBT_ERR("%s: Can't alloc memory for fw&config", __func__);
2407 buf_len = -1;
2408 kfree(p_epatch_entry);
2409 } else {
2410 memcpy(buf, &epatch_buf[p_epatch_entry->start_offset], p_epatch_entry->patch_length);
2411 memcpy(&buf[p_epatch_entry->patch_length-4], &epatch_info->fw_version, 4);
2412 kfree(p_epatch_entry);
2413 }
2414 vfree(epatch_buf);
2415 RTKBT_INFO("%s: vfree(epatch_buf)", __func__);
2416 epatch_buf = NULL;
2417
2418 if (config_len)
2419 memcpy(&buf[buf_len - config_len], config_file_buf, config_len);
2420 }
2421 }
2422 }
2423
2424 RTKBT_INFO("%s: fw%s exists, config file%s exists", __func__,
2425 (buf_len > 0) ? "" : " not", (config_len > 0) ? "":" not");
2426
2427 if (buf && buf_len > 0 && need_download_fw)
2428 *buff = buf;
2429
2430 RTKBT_DBG("%s: done", __func__);
2431
2432 return buf_len;
2433
2434 fw_fail:
2435 return ret_val;
2436 }
2437 #endif
2438
get_firmware(firmware_info * fw_info,int cached)2439 int get_firmware(firmware_info *fw_info, int cached)
2440 {
2441 patch_info *patch_entry = fw_info->patch_entry;
2442
2443 RTKBT_INFO("%s: start, cached %d,patch_entry->fw_len= %d", __func__, cached, patch_entry->fw_len);
2444
2445 if (cached > 0) {
2446 if (patch_entry->fw_len > 0) {
2447 fw_info->fw_data = kzalloc(patch_entry->fw_len, GFP_KERNEL);
2448 if (!fw_info->fw_data)
2449 return -ENOMEM;
2450 memcpy(fw_info->fw_data, patch_entry->fw_cache, patch_entry->fw_len);
2451 fw_info->fw_len = patch_entry->fw_len;
2452 } else {
2453 fw_info->fw_len = load_firmware(fw_info, &fw_info->fw_data);
2454 if (fw_info->fw_len <= 0)
2455 return -1;
2456 }
2457 } else {
2458 fw_info->fw_len = load_firmware(fw_info, &fw_info->fw_data);
2459 if (fw_info->fw_len <= 0)
2460 return -1;
2461 }
2462
2463 return 0;
2464 }
2465
2466 #if SUSPNED_DW_FW
get_suspend_firmware(firmware_info * fw_info,int cached)2467 static int get_suspend_firmware(firmware_info *fw_info, int cached)
2468 {
2469 patch_info *patch_entry = fw_info->patch_entry;
2470
2471 RTKBT_INFO("%s: start, cached %d,patch_entry->fw_len= %d", __func__, cached, patch_entry->fw_len);
2472
2473 if (cached > 0) {
2474 if (patch_entry->fw_len > 0) {
2475 fw_info->fw_data = kzalloc(patch_entry->fw_len, GFP_KERNEL);
2476 if (!fw_info->fw_data)
2477 return -ENOMEM;
2478 memcpy(fw_info->fw_data, patch_entry->fw_cache, patch_entry->fw_len);
2479 fw_info->fw_len = patch_entry->fw_len;
2480 } else {
2481 fw_info->fw_len = load_suspend_firmware(fw_info, &fw_info->fw_data);
2482 if (fw_info->fw_len <= 0)
2483 return -1;
2484 }
2485 } else {
2486 fw_info->fw_len = load_suspend_firmware(fw_info, &fw_info->fw_data);
2487 if (fw_info->fw_len <= 0)
2488 return -1;
2489 }
2490
2491 return 0;
2492 }
2493 #endif
2494
2495 /*
2496 * Open the log message only if in debugging,
2497 * or it will decelerate download procedure.
2498 */
download_data(firmware_info * fw_info)2499 int download_data(firmware_info *fw_info)
2500 {
2501 download_cp *cmd_para;
2502 download_rp *evt_para;
2503 uint8_t *pcur;
2504 int pkt_len, frag_num, frag_len;
2505 int i, ret_val;
2506 int ncmd = 1, step = 1;
2507
2508 RTKBT_DBG("%s: start", __func__);
2509
2510 cmd_para = (download_cp *)fw_info->req_para;
2511 evt_para = (download_rp *)fw_info->rsp_para;
2512 pcur = fw_info->fw_data;
2513 pkt_len = CMD_HDR_LEN + sizeof(download_cp);
2514 frag_num = fw_info->fw_len / PATCH_SEG_MAX + 1;
2515 frag_len = PATCH_SEG_MAX;
2516
2517 for (i = 0; i < frag_num; i++) {
2518 cmd_para->index = i?((i-1)%0x7f+1):0;
2519 if (i == (frag_num - 1)) {
2520 cmd_para->index |= DATA_END;
2521 frag_len = fw_info->fw_len % PATCH_SEG_MAX;
2522 pkt_len -= (PATCH_SEG_MAX - frag_len);
2523 }
2524 fw_info->cmd_hdr->opcode = cpu_to_le16(DOWNLOAD_OPCODE);
2525 fw_info->cmd_hdr->plen = sizeof(uint8_t) + frag_len;
2526 fw_info->pkt_len = pkt_len;
2527 memcpy(cmd_para->data, pcur, frag_len);
2528
2529 if (step > 0) {
2530 ret_val = send_hci_cmd(fw_info);
2531 if (ret_val < 0) {
2532 RTKBT_DBG("%s: Failed to send frag num %d", __func__, cmd_para->index);
2533 return ret_val;
2534 } else
2535 RTKBT_DBG("%s: Send frag num %d", __func__, cmd_para->index);
2536
2537 if (--step > 0 && i < frag_num - 1) {
2538 RTKBT_DBG("%s: Continue to send frag num %d", __func__, cmd_para->index + 1);
2539 pcur += PATCH_SEG_MAX;
2540 continue;
2541 }
2542 }
2543
2544 while (ncmd > 0) {
2545 ret_val = rcv_hci_evt(fw_info);
2546 if (ret_val < 0) {
2547 RTKBT_ERR("%s: rcv_hci_evt err %d", __func__, ret_val);
2548 return ret_val;
2549 } else {
2550 RTKBT_DBG("%s: Receive acked frag num %d", __func__, evt_para->index);
2551 ncmd--;
2552 }
2553
2554 if (0 != evt_para->status) {
2555 RTKBT_ERR("%s: Receive acked frag num %d, err status %d",
2556 __func__, ret_val, evt_para->status);
2557 return -1;
2558 }
2559
2560 if ((evt_para->index & DATA_END) || (evt_para->index == frag_num - 1)) {
2561 RTKBT_DBG("%s: Receive last acked index %d", __func__, evt_para->index);
2562 goto end;
2563 }
2564 }
2565
2566 ncmd = step = fw_info->cmd_cmp->ncmd;
2567 pcur += PATCH_SEG_MAX;
2568 RTKBT_DBG("%s: HCI command packet num %d", __func__, ncmd);
2569 }
2570
2571 /*
2572 * It is tricky that Host cannot receive DATA_END index from BT
2573 * controller, at least for 8723au. We are doomed if failed.
2574 */
2575 #if 0
2576 /* Continue to receive the responsed events until last index occurs */
2577 if (i == frag_num) {
2578 RTKBT_DBG("%s: total frag count %d", __func__, frag_num);
2579 while (!(evt_para->index & DATA_END)) {
2580 ret_val = rcv_hci_evt(fw_info);
2581 if (ret_val < 0) {
2582 RTKBT_ERR("%s: rcv_hci_evt err %d", __func__, ret_val);
2583 return ret_val;
2584 }
2585 if (0 != evt_para->status)
2586 return -1;
2587 RTKBT_DBG("%s: continue to receive acked frag num %d", __func__, evt_para->index);
2588 }
2589 }
2590 #endif
2591 end:
2592 RTKBT_INFO("%s: done, sent %d frag pkts, received %d frag events",
2593 __func__, cmd_para->index, evt_para->index);
2594 return fw_info->fw_len;
2595 }
2596
download_patch(firmware_info * fw_info,int cached)2597 int download_patch(firmware_info *fw_info, int cached)
2598 {
2599 int ret_val = 0;
2600
2601 RTKBT_DBG("%s: Download fw patch start, cached %d", __func__, cached);
2602
2603 if (!fw_info || !fw_info->patch_entry) {
2604 RTKBT_ERR("%s: No patch entry exists(fw_info %p)", __func__, fw_info);
2605 ret_val = -1;
2606 goto end;
2607 }
2608
2609 /*
2610 * step1: get local firmware if existed
2611 * step2: check firmware version
2612 * step3: download firmware if updated
2613 */
2614 ret_val = get_firmware(fw_info, cached);
2615 if (ret_val < 0) {
2616 RTKBT_ERR("%s: Failed to get firmware", __func__);
2617 goto end;
2618 }
2619
2620 #if SUSPNED_DW_FW
2621 if (fw_info_4_suspend) {
2622 RTKBT_DBG("%s: get suspend fw first cached %d", __func__, cached);
2623 ret_val = get_suspend_firmware(fw_info_4_suspend, cached);
2624 if (ret_val < 0) {
2625 RTKBT_ERR("%s: Failed to get suspend firmware", __func__);
2626 goto end;
2627 }
2628 }
2629 #endif
2630
2631 /*check the length of fw to be download*/
2632 RTKBT_DBG("%s: Check fw_info->fw_len:%d max_patch_size %d", __func__, fw_info->fw_len, fw_info->patch_entry->max_patch_size);
2633 if (fw_info->fw_len > fw_info->patch_entry->max_patch_size) {
2634 RTKBT_ERR("%s: Total length of fw&config(%08x) larger than max_patch_size 0x%08x", __func__, fw_info->fw_len, fw_info->patch_entry->max_patch_size);
2635 ret_val = -1;
2636 goto free;
2637 }
2638
2639 ret_val = check_fw_version(fw_info, false);
2640
2641 if (2 == ret_val) {
2642 RTKBT_ERR("%s: Cold reset bt chip only download", __func__);
2643 ret_val = download_data(fw_info);
2644 if (ret_val > 0)
2645 RTKBT_ERR("%s: Download fw patch done, fw len %d", __func__, ret_val);
2646 } else if (1 == ret_val) {
2647 // reset bt chip to update Fw patch
2648 ret_val = reset_controller(fw_info);
2649 RTKBT_ERR("%s: reset bt chip to update Fw patch, fw len %d", __func__, ret_val);
2650 ret_val = download_data(fw_info);
2651 if (ret_val > 0)
2652 RTKBT_ERR("%s: Download fw patch done, fw len %d", __func__, ret_val);
2653 }
2654
2655
2656 free:
2657 /* Free fw data after download finished */
2658 kfree(fw_info->fw_data);
2659 fw_info->fw_data = NULL;
2660
2661 end:
2662 return ret_val;
2663 }
2664
2665 #if SUSPNED_DW_FW
download_suspend_patch(firmware_info * fw_info,int cached)2666 static int download_suspend_patch(firmware_info *fw_info, int cached)
2667 {
2668 int ret_val = 0;
2669
2670 RTKBT_DBG("%s: Download fw patch start, cached %d", __func__, cached);
2671
2672 if (!fw_info || !fw_info->patch_entry) {
2673 RTKBT_ERR("%s: No patch entry exists(fw_info %p)", __func__, fw_info);
2674 ret_val = -1;
2675 goto end;
2676 }
2677
2678 /*check the length of fw to be download*/
2679 RTKBT_DBG("%s:Check RTK_PATCH_LENGTH fw_info->fw_len:%d", __func__, fw_info->fw_len);
2680 if (fw_info->fw_len > fw_info->patch_entry->max_patch_size || fw_info->fw_len == 0) {
2681 RTKBT_ERR("%s: Total length of fw&config(%08x) larger than max_patch_size 0x%08x", __func__, fw_info->fw_len, fw_info->patch_entry->max_patch_size);
2682 ret_val = -1;
2683 goto free;
2684 }
2685
2686 ret_val = check_fw_version(fw_info, false);
2687
2688 if (2 == ret_val) {
2689 RTKBT_ERR("%s: Cold reset bt chip only download", __func__);
2690 ret_val = download_data(fw_info);
2691 if (ret_val > 0)
2692 RTKBT_ERR("%s: Download fw patch done, fw len %d", __func__, ret_val);
2693 } else if (1 == ret_val) {
2694 // reset bt chip to update Fw patch
2695 ret_val = reset_controller(fw_info);
2696 RTKBT_ERR("%s: reset bt chip to update Fw patch, fw len %d", __func__, ret_val);
2697 ret_val = download_data(fw_info);
2698 if (ret_val > 0)
2699 RTKBT_ERR("%s: Download fw patch done, fw len %d", __func__, ret_val);
2700 }
2701
2702
2703 free:
2704 /* Free fw data after download finished */
2705 kfree(fw_info->fw_data);
2706 fw_info->fw_data = NULL;
2707
2708 end:
2709 return ret_val;
2710 }
2711
suspend_firmware_info_init(firmware_info * fw_info)2712 static void suspend_firmware_info_init(firmware_info *fw_info)
2713 {
2714 RTKBT_DBG("%s: start", __func__);
2715 if (!fw_info)
2716 return;
2717
2718 fw_info_4_suspend = kzalloc(sizeof(*fw_info), GFP_KERNEL);
2719 if (!fw_info_4_suspend)
2720 goto error;
2721
2722 fw_info_4_suspend->send_pkt = kzalloc(PKT_LEN, GFP_KERNEL);
2723 if (!fw_info_4_suspend->send_pkt) {
2724 kfree(fw_info_4_suspend);
2725 goto error;
2726 }
2727
2728 fw_info_4_suspend->rcv_pkt = kzalloc(PKT_LEN, GFP_KERNEL);
2729 if (!fw_info_4_suspend->rcv_pkt) {
2730 kfree(fw_info_4_suspend->send_pkt);
2731 kfree(fw_info_4_suspend);
2732 goto error;
2733 }
2734
2735 fw_info_4_suspend->patch_entry = get_suspend_fw_table_entry(fw_info->udev);
2736 if (!fw_info_4_suspend->patch_entry) {
2737 kfree(fw_info_4_suspend->rcv_pkt);
2738 kfree(fw_info_4_suspend->send_pkt);
2739 kfree(fw_info_4_suspend);
2740 goto error;
2741 }
2742
2743 fw_info_4_suspend->intf = fw_info->intf;
2744 fw_info_4_suspend->udev = fw_info->udev;
2745 fw_info_4_suspend->cmd_hdr = (struct hci_command_hdr *)(fw_info_4_suspend->send_pkt);
2746 fw_info_4_suspend->evt_hdr = (struct hci_event_hdr *)(fw_info_4_suspend->rcv_pkt);
2747 fw_info_4_suspend->cmd_cmp = (struct hci_ev_cmd_complete *)(fw_info_4_suspend->rcv_pkt + EVT_HDR_LEN);
2748 fw_info_4_suspend->req_para = fw_info_4_suspend->send_pkt + CMD_HDR_LEN;
2749 fw_info_4_suspend->rsp_para = fw_info_4_suspend->rcv_pkt + EVT_HDR_LEN + CMD_CMP_LEN;
2750 fw_info_4_suspend->pipe_in = fw_info->pipe_in;
2751 fw_info_4_suspend->pipe_out = fw_info->pipe_out;
2752
2753 return;
2754 error:
2755 RTKBT_DBG("%s: fail !", __func__);
2756 fw_info_4_suspend = NULL;
2757 return;
2758 }
2759 #endif
2760
2761 #if SET_WAKEUP_DEVICE
set_wakeup_device_from_conf(firmware_info * fw_info)2762 static void set_wakeup_device_from_conf(firmware_info *fw_info)
2763 {
2764 uint8_t paired_wakeup_bdaddr[7];
2765 uint8_t num = 0;
2766 int i;
2767 struct file *fp;
2768 mm_segment_t fs;
2769 loff_t pos;
2770
2771 memset(paired_wakeup_bdaddr, 0, 7);
2772 fp = filp_open(SET_WAKEUP_DEVICE_CONF, O_RDWR, 0);
2773 if (!IS_ERR(fp)) {
2774 fs = get_fs();
2775 set_fs(KERNEL_DS);
2776 pos = 0;
2777 //read number
2778 vfs_read(fp, &num, 1, &pos);
2779 RTKBT_DBG("read number = %d", num);
2780 if (num) {
2781 for (i = 0; i < num; i++) {
2782 vfs_read(fp, paired_wakeup_bdaddr, 7, &pos);
2783 RTKBT_DBG("paired_wakeup_bdaddr: 0x%02x:0x%02x:0x%02x:0x%02x:0x%02x:0x%02x",
2784 paired_wakeup_bdaddr[1], paired_wakeup_bdaddr[2], paired_wakeup_bdaddr[3],
2785 paired_wakeup_bdaddr[4], paired_wakeup_bdaddr[5], paired_wakeup_bdaddr[6]);
2786 set_wakeup_device(fw_info, paired_wakeup_bdaddr);
2787 }
2788 }
2789 filp_close(fp, NULL);
2790 set_fs(fs);
2791 } else {
2792 RTKBT_ERR("open wakeup config file fail! errno = %ld", PTR_ERR(fp));
2793 }
2794 }
2795 #endif
2796
firmware_info_init(struct usb_interface * intf)2797 firmware_info *firmware_info_init(struct usb_interface *intf)
2798 {
2799 struct usb_device *udev = interface_to_usbdev(intf);
2800 firmware_info *fw_info;
2801
2802 RTKBT_DBG("%s: start", __func__);
2803
2804 fw_info = kzalloc(sizeof(*fw_info), GFP_KERNEL);
2805 if (!fw_info)
2806 return NULL;
2807
2808 fw_info->send_pkt = kzalloc(PKT_LEN, GFP_KERNEL);
2809 if (!fw_info->send_pkt) {
2810 kfree(fw_info);
2811 return NULL;
2812 }
2813
2814 fw_info->rcv_pkt = kzalloc(PKT_LEN, GFP_KERNEL);
2815 if (!fw_info->rcv_pkt) {
2816 kfree(fw_info->send_pkt);
2817 kfree(fw_info);
2818 return NULL;
2819 }
2820
2821 fw_info->patch_entry = get_fw_table_entry(udev);
2822 if (!fw_info->patch_entry) {
2823 kfree(fw_info->rcv_pkt);
2824 kfree(fw_info->send_pkt);
2825 kfree(fw_info);
2826 return NULL;
2827 }
2828
2829 fw_info->intf = intf;
2830 fw_info->udev = udev;
2831 fw_info->pipe_in = usb_rcvintpipe(fw_info->udev, INTR_EP);
2832 fw_info->pipe_out = usb_sndctrlpipe(fw_info->udev, CTRL_EP);
2833 fw_info->cmd_hdr = (struct hci_command_hdr *)(fw_info->send_pkt);
2834 fw_info->evt_hdr = (struct hci_event_hdr *)(fw_info->rcv_pkt);
2835 fw_info->cmd_cmp = (struct hci_ev_cmd_complete *)(fw_info->rcv_pkt + EVT_HDR_LEN);
2836 fw_info->req_para = fw_info->send_pkt + CMD_HDR_LEN;
2837 fw_info->rsp_para = fw_info->rcv_pkt + EVT_HDR_LEN + CMD_CMP_LEN;
2838
2839 #if SUSPNED_DW_FW
2840 suspend_firmware_info_init(fw_info);
2841 #endif
2842
2843 #if BTUSB_RPM
2844 RTKBT_INFO("%s: Auto suspend is enabled", __func__);
2845 usb_enable_autosuspend(udev);
2846 pm_runtime_set_autosuspend_delay(&(udev->dev), 2000);
2847 #else
2848 RTKBT_INFO("%s: Auto suspend is disabled", __func__);
2849 usb_disable_autosuspend(udev);
2850 #endif
2851
2852 #if BTUSB_WAKEUP_HOST
2853 device_wakeup_enable(&udev->dev);
2854 #endif
2855
2856 return fw_info;
2857 }
2858
firmware_info_destroy(struct usb_interface * intf)2859 void firmware_info_destroy(struct usb_interface *intf)
2860 {
2861 firmware_info *fw_info;
2862 struct usb_device *udev;
2863 struct btusb_data *data;
2864
2865 udev = interface_to_usbdev(intf);
2866 data = usb_get_intfdata(intf);
2867
2868 fw_info = data->fw_info;
2869 if (!fw_info)
2870 return;
2871
2872 #if BTUSB_RPM
2873 usb_disable_autosuspend(udev);
2874 #endif
2875
2876 /*
2877 * In order to reclaim fw data mem, we free fw_data immediately
2878 * after download patch finished instead of here.
2879 */
2880 kfree(fw_info->rcv_pkt);
2881 kfree(fw_info->send_pkt);
2882 kfree(fw_info);
2883
2884 #if SUSPNED_DW_FW
2885 if (!fw_info_4_suspend)
2886 return;
2887
2888 kfree(fw_info_4_suspend->rcv_pkt);
2889 kfree(fw_info_4_suspend->send_pkt);
2890 kfree(fw_info_4_suspend->patch_entry);
2891 kfree(fw_info_4_suspend);
2892 fw_info_4_suspend = NULL;
2893 #endif
2894 }
2895
2896 static struct usb_driver btusb_driver;
2897
2898 static struct usb_device_id btusb_table[] = {
2899 { .match_flags = USB_DEVICE_ID_MATCH_VENDOR |
2900 USB_DEVICE_ID_MATCH_INT_INFO,
2901 .idVendor = 0x0bda,
2902 .bInterfaceClass = 0xe0,
2903 .bInterfaceSubClass = 0x01,
2904 .bInterfaceProtocol = 0x01 },
2905
2906 { .match_flags = USB_DEVICE_ID_MATCH_VENDOR |
2907 USB_DEVICE_ID_MATCH_INT_INFO,
2908 .idVendor = 0x13d3,
2909 .bInterfaceClass = 0xe0,
2910 .bInterfaceSubClass = 0x01,
2911 .bInterfaceProtocol = 0x01 },
2912
2913 { }
2914 };
2915
2916 MODULE_DEVICE_TABLE(usb, btusb_table);
2917
inc_tx(struct btusb_data * data)2918 static int inc_tx(struct btusb_data *data)
2919 {
2920 unsigned long flags;
2921 int rv;
2922
2923 spin_lock_irqsave(&data->txlock, flags);
2924 rv = test_bit(BTUSB_SUSPENDING, &data->flags);
2925 if (!rv)
2926 data->tx_in_flight++;
2927 spin_unlock_irqrestore(&data->txlock, flags);
2928
2929 return rv;
2930 }
2931
check_sco_event(struct urb * urb)2932 void check_sco_event(struct urb *urb)
2933 {
2934 u8 *opcode = (u8 *)(urb->transfer_buffer);
2935 u8 status;
2936 uint16_t handle;
2937 struct hci_dev *hdev = urb->context;
2938 struct btusb_data *data = GET_DRV_DATA(hdev);
2939
2940 switch (*opcode) {
2941 case HCI_EV_SYNC_CONN_COMPLETE:
2942 RTKBT_INFO("%s: HCI_EV_SYNC_CONN_COMPLETE(0x%02x)", __func__, *opcode);
2943 status = *(opcode + 2);
2944 data->sco_handle = *(opcode + 3) | *(opcode + 4) << 8;
2945 //hdev->voice_setting = *(uint16_t*)&opcode[15];
2946 if (status == 0) {
2947 hdev->conn_hash.sco_num++;
2948 hdev->notify(hdev, 0);
2949 }
2950 break;
2951 case HCI_EV_DISCONN_COMPLETE:
2952 status = *(opcode + 2);
2953 handle = *(opcode + 3) | *(opcode + 4) << 8;
2954 if (status == 0 && data->sco_handle == handle) {
2955 RTKBT_INFO("%s: SCO HCI_EV_DISCONN_COMPLETE(0x%02x)", __func__, *opcode);
2956 hdev->conn_hash.sco_num--;
2957 hdev->notify(hdev, 0);
2958 data->sco_handle = 0;
2959 }
2960 break;
2961 default:
2962 RTKBT_DBG("%s: event 0x%02x", __func__, *opcode);
2963 break;
2964 }
2965 }
2966
btusb_intr_complete(struct urb * urb)2967 static void btusb_intr_complete(struct urb *urb)
2968 {
2969 struct hci_dev *hdev = urb->context;
2970 struct btusb_data *data = GET_DRV_DATA(hdev);
2971 int err;
2972
2973 RTKBT_DBG("%s: urb %p status %d count %d ", __func__,
2974 urb, urb->status, urb->actual_length);
2975
2976 #ifdef CONFIG_SCO_OVER_HCI
2977 check_sco_event(urb);
2978 #endif
2979
2980 if (!test_bit(HCI_RUNNING, &hdev->flags))
2981 return;
2982
2983
2984 if (urb->status == 0) {
2985 hdev->stat.byte_rx += urb->actual_length;
2986
2987 if (hci_recv_fragment(hdev, HCI_EVENT_PKT,
2988 urb->transfer_buffer,
2989 urb->actual_length) < 0) {
2990 RTKBT_ERR("%s: Corrupted event packet", __func__);
2991 hdev->stat.err_rx++;
2992 }
2993 } else if (urb->status == -ENOENT) {/* Avoid suspend failed when usb_kill_urb */
2994 return;
2995 }
2996
2997 if (!test_bit(BTUSB_INTR_RUNNING, &data->flags))
2998 return;
2999
3000 usb_mark_last_busy(data->udev);
3001 usb_anchor_urb(urb, &data->intr_anchor);
3002
3003 err = usb_submit_urb(urb, GFP_ATOMIC);
3004 if (err < 0) {
3005 /* EPERM: urb is being killed;
3006 * ENODEV: device got disconnected */
3007 if (err != -EPERM && err != -ENODEV)
3008 RTKBT_ERR("%s: Failed to re-submit urb %p, err %d",
3009 __func__, urb, err);
3010 usb_unanchor_urb(urb);
3011 }
3012 }
3013
btusb_submit_intr_urb(struct hci_dev * hdev,gfp_t mem_flags)3014 static int btusb_submit_intr_urb(struct hci_dev *hdev, gfp_t mem_flags)
3015 {
3016 struct btusb_data *data = GET_DRV_DATA(hdev);
3017 struct urb *urb;
3018 unsigned char *buf;
3019 unsigned int pipe;
3020 int err, size;
3021
3022 if (!data->intr_ep)
3023 return -ENODEV;
3024
3025 urb = usb_alloc_urb(0, mem_flags);
3026 if (!urb)
3027 return -ENOMEM;
3028
3029 size = le16_to_cpu(data->intr_ep->wMaxPacketSize);
3030
3031 buf = kmalloc(size, mem_flags);
3032 if (!buf) {
3033 usb_free_urb(urb);
3034 return -ENOMEM;
3035 }
3036
3037 RTKBT_DBG("%s: mMaxPacketSize %d, bEndpointAddress 0x%02x",
3038 __func__, size, data->intr_ep->bEndpointAddress);
3039
3040 pipe = usb_rcvintpipe(data->udev, data->intr_ep->bEndpointAddress);
3041
3042 usb_fill_int_urb(urb, data->udev, pipe, buf, size,
3043 btusb_intr_complete, hdev,
3044 data->intr_ep->bInterval);
3045
3046 urb->transfer_flags |= URB_FREE_BUFFER;
3047
3048 usb_anchor_urb(urb, &data->intr_anchor);
3049
3050 err = usb_submit_urb(urb, mem_flags);
3051 if (err < 0) {
3052 RTKBT_ERR("%s: Failed to submit urb %p, err %d",
3053 __func__, urb, err);
3054 usb_unanchor_urb(urb);
3055 }
3056
3057 usb_free_urb(urb);
3058
3059 return err;
3060 }
3061
btusb_bulk_complete(struct urb * urb)3062 static void btusb_bulk_complete(struct urb *urb)
3063 {
3064 struct hci_dev *hdev = urb->context;
3065 struct btusb_data *data = GET_DRV_DATA(hdev);
3066 int err;
3067
3068 RTKBT_DBG("%s: urb %p status %d count %d",
3069 __func__, urb, urb->status, urb->actual_length);
3070
3071 if (!test_bit(HCI_RUNNING, &hdev->flags))
3072 return;
3073
3074 if (urb->status == 0) {
3075 hdev->stat.byte_rx += urb->actual_length;
3076
3077 if (hci_recv_fragment(hdev, HCI_ACLDATA_PKT,
3078 urb->transfer_buffer,
3079 urb->actual_length) < 0) {
3080 RTKBT_ERR("%s: Corrupted ACL packet", __func__);
3081 hdev->stat.err_rx++;
3082 }
3083 } else if (urb->status == -ENOENT) { /* Avoid suspend failed when usb_kill_urb */
3084 return;
3085 }
3086
3087 if (!test_bit(BTUSB_BULK_RUNNING, &data->flags))
3088 return;
3089
3090 usb_anchor_urb(urb, &data->bulk_anchor);
3091 usb_mark_last_busy(data->udev);
3092
3093 err = usb_submit_urb(urb, GFP_ATOMIC);
3094 if (err < 0) {
3095 /* -EPERM: urb is being killed;
3096 * -ENODEV: device got disconnected */
3097 if (err != -EPERM && err != -ENODEV)
3098 RTKBT_ERR("btusb_bulk_complete %s urb %p failed to resubmit (%d)",
3099 hdev->name, urb, -err);
3100 usb_unanchor_urb(urb);
3101 }
3102 }
3103
btusb_submit_bulk_urb(struct hci_dev * hdev,gfp_t mem_flags)3104 static int btusb_submit_bulk_urb(struct hci_dev *hdev, gfp_t mem_flags)
3105 {
3106 struct btusb_data *data = GET_DRV_DATA(hdev);
3107 struct urb *urb;
3108 unsigned char *buf;
3109 unsigned int pipe;
3110 int err, size = HCI_MAX_FRAME_SIZE;
3111
3112 RTKBT_DBG("%s: hdev name %s", __func__, hdev->name);
3113
3114 if (!data->bulk_rx_ep)
3115 return -ENODEV;
3116
3117 urb = usb_alloc_urb(0, mem_flags);
3118 if (!urb)
3119 return -ENOMEM;
3120
3121 buf = kmalloc(size, mem_flags);
3122 if (!buf) {
3123 usb_free_urb(urb);
3124 return -ENOMEM;
3125 }
3126
3127 pipe = usb_rcvbulkpipe(data->udev, data->bulk_rx_ep->bEndpointAddress);
3128
3129 usb_fill_bulk_urb(urb, data->udev, pipe,
3130 buf, size, btusb_bulk_complete, hdev);
3131
3132 urb->transfer_flags |= URB_FREE_BUFFER;
3133
3134 usb_mark_last_busy(data->udev);
3135 usb_anchor_urb(urb, &data->bulk_anchor);
3136
3137 err = usb_submit_urb(urb, mem_flags);
3138 if (err < 0) {
3139 RTKBT_ERR("%s: Failed to submit urb %p, err %d", __func__, urb, err);
3140 usb_unanchor_urb(urb);
3141 }
3142
3143 usb_free_urb(urb);
3144
3145 return err;
3146 }
3147
btusb_isoc_complete(struct urb * urb)3148 static void btusb_isoc_complete(struct urb *urb)
3149 {
3150 struct hci_dev *hdev = urb->context;
3151 struct btusb_data *data = GET_DRV_DATA(hdev);
3152 int i, err;
3153
3154
3155 RTKBT_DBG("%s: urb %p status %d count %d",
3156 __func__, urb, urb->status, urb->actual_length);
3157
3158 if (!test_bit(HCI_RUNNING, &hdev->flags) || !test_bit(BTUSB_ISOC_RUNNING, &data->flags))
3159 return;
3160
3161 if (urb->status == 0) {
3162 for (i = 0; i < urb->number_of_packets; i++) {
3163 unsigned int offset = urb->iso_frame_desc[i].offset;
3164 unsigned int length = urb->iso_frame_desc[i].actual_length;
3165
3166 if (urb->iso_frame_desc[i].status)
3167 continue;
3168
3169 hdev->stat.byte_rx += length;
3170
3171 if (hci_recv_fragment(hdev, HCI_SCODATA_PKT,
3172 urb->transfer_buffer + offset,
3173 length) < 0) {
3174 RTKBT_ERR("%s: Corrupted SCO packet", __func__);
3175 hdev->stat.err_rx++;
3176 }
3177 }
3178 } else if (urb->status == -ENOENT) { /* Avoid suspend failed when usb_kill_urb */
3179 return;
3180 }
3181
3182 usb_anchor_urb(urb, &data->isoc_anchor);
3183 i = 0;
3184 retry:
3185 err = usb_submit_urb(urb, GFP_ATOMIC);
3186 if (err < 0) {
3187 /* -EPERM: urb is being killed;
3188 * -ENODEV: device got disconnected */
3189 if (err != -EPERM && err != -ENODEV)
3190 RTKBT_ERR("%s: Failed to re-sumbit urb %p, retry %d, err %d",
3191 __func__, urb, i, err);
3192 if (i < 10) {
3193 i++;
3194 mdelay(1);
3195 goto retry;
3196 }
3197
3198 usb_unanchor_urb(urb);
3199 }
3200 }
3201
fill_isoc_descriptor(struct urb * urb,int len,int mtu)3202 static inline void fill_isoc_descriptor(struct urb *urb, int len, int mtu)
3203 {
3204 int i, offset = 0;
3205
3206 RTKBT_DBG("%s: len %d mtu %d", __func__, len, mtu);
3207
3208 for (i = 0; i < BTUSB_MAX_ISOC_FRAMES && len >= mtu;
3209 i++, offset += mtu, len -= mtu) {
3210 urb->iso_frame_desc[i].offset = offset;
3211 urb->iso_frame_desc[i].length = mtu;
3212 }
3213
3214 if (len && i < BTUSB_MAX_ISOC_FRAMES) {
3215 urb->iso_frame_desc[i].offset = offset;
3216 urb->iso_frame_desc[i].length = len;
3217 i++;
3218 }
3219
3220 urb->number_of_packets = i;
3221 }
3222
btusb_submit_isoc_urb(struct hci_dev * hdev,gfp_t mem_flags)3223 static int btusb_submit_isoc_urb(struct hci_dev *hdev, gfp_t mem_flags)
3224 {
3225 struct btusb_data *data = GET_DRV_DATA(hdev);
3226 struct urb *urb;
3227 unsigned char *buf;
3228 unsigned int pipe;
3229 int err, size;
3230
3231 if (!data->isoc_rx_ep)
3232 return -ENODEV;
3233
3234 urb = usb_alloc_urb(BTUSB_MAX_ISOC_FRAMES, mem_flags);
3235 if (!urb)
3236 return -ENOMEM;
3237
3238 size = le16_to_cpu(data->isoc_rx_ep->wMaxPacketSize) *
3239 BTUSB_MAX_ISOC_FRAMES;
3240
3241 buf = kmalloc(size, mem_flags);
3242 if (!buf) {
3243 usb_free_urb(urb);
3244 return -ENOMEM;
3245 }
3246
3247 pipe = usb_rcvisocpipe(data->udev, data->isoc_rx_ep->bEndpointAddress);
3248
3249 urb->dev = data->udev;
3250 urb->pipe = pipe;
3251 urb->context = hdev;
3252 urb->complete = btusb_isoc_complete;
3253 urb->interval = data->isoc_rx_ep->bInterval;
3254
3255 urb->transfer_flags = URB_FREE_BUFFER | URB_ISO_ASAP;
3256 urb->transfer_buffer = buf;
3257 urb->transfer_buffer_length = size;
3258
3259 fill_isoc_descriptor(urb, size,
3260 le16_to_cpu(data->isoc_rx_ep->wMaxPacketSize));
3261
3262 usb_anchor_urb(urb, &data->isoc_anchor);
3263
3264 err = usb_submit_urb(urb, mem_flags);
3265 if (err < 0) {
3266 RTKBT_ERR("%s: Failed to submit urb %p, err %d", __func__, urb, err);
3267 usb_unanchor_urb(urb);
3268 }
3269
3270 usb_free_urb(urb);
3271
3272 return err;
3273 }
3274
btusb_tx_complete(struct urb * urb)3275 static void btusb_tx_complete(struct urb *urb)
3276 {
3277 struct sk_buff *skb = urb->context;
3278 struct hci_dev *hdev = (struct hci_dev *) skb->dev;
3279 struct btusb_data *data = GET_DRV_DATA(hdev);
3280
3281 if (!test_bit(HCI_RUNNING, &hdev->flags))
3282 goto done;
3283
3284 if (!urb->status)
3285 hdev->stat.byte_tx += urb->transfer_buffer_length;
3286 else
3287 hdev->stat.err_tx++;
3288
3289 done:
3290 spin_lock(&data->txlock);
3291 data->tx_in_flight--;
3292 spin_unlock(&data->txlock);
3293
3294 kfree(urb->setup_packet);
3295
3296 kfree_skb(skb);
3297 }
3298
btusb_isoc_tx_complete(struct urb * urb)3299 static void btusb_isoc_tx_complete(struct urb *urb)
3300 {
3301 struct sk_buff *skb = urb->context;
3302 struct hci_dev *hdev = (struct hci_dev *) skb->dev;
3303
3304 RTKBT_DBG("%s: urb %p status %d count %d",
3305 __func__, urb, urb->status, urb->actual_length);
3306
3307 if (skb && hdev) {
3308 if (!test_bit(HCI_RUNNING, &hdev->flags))
3309 goto done;
3310
3311 if (!urb->status)
3312 hdev->stat.byte_tx += urb->transfer_buffer_length;
3313 else
3314 hdev->stat.err_tx++;
3315 } else
3316 RTKBT_ERR("%s: skb 0x%p hdev 0x%p", __func__, skb, hdev);
3317
3318 done:
3319 kfree(urb->setup_packet);
3320
3321 kfree_skb(skb);
3322 }
3323
btusb_open(struct hci_dev * hdev)3324 static int btusb_open(struct hci_dev *hdev)
3325 {
3326 struct btusb_data *data = GET_DRV_DATA(hdev);
3327 int err = 0;
3328
3329 RTKBT_INFO("%s: Start, PM usage count %d", __func__,
3330 #if LINUX_VERSION_CODE < KERNEL_VERSION(4, 9, 0)
3331 atomic_read(&data->intf->pm_usage_cnt)
3332 #else
3333 0
3334 #endif
3335 );
3336
3337 err = usb_autopm_get_interface(data->intf);
3338 if (err < 0)
3339 return err;
3340
3341 data->intf->needs_remote_wakeup = 1;
3342
3343 if (test_and_set_bit(HCI_RUNNING, &hdev->flags))
3344 goto done;
3345
3346 if (test_and_set_bit(BTUSB_INTR_RUNNING, &data->flags))
3347 goto done;
3348
3349 err = btusb_submit_intr_urb(hdev, GFP_KERNEL);
3350 if (err < 0)
3351 goto failed;
3352
3353 err = btusb_submit_bulk_urb(hdev, GFP_KERNEL);
3354 if (err < 0) {
3355 mdelay(URB_CANCELING_DELAY_MS);
3356 usb_kill_anchored_urbs(&data->intr_anchor);
3357 goto failed;
3358 }
3359
3360 set_bit(BTUSB_BULK_RUNNING, &data->flags);
3361 btusb_submit_bulk_urb(hdev, GFP_KERNEL);
3362
3363 done:
3364 usb_autopm_put_interface(data->intf);
3365
3366 RTKBT_INFO("%s: End, PM usage count %d", __func__,
3367 #if LINUX_VERSION_CODE < KERNEL_VERSION(4, 9, 0)
3368 atomic_read(&data->intf->pm_usage_cnt)
3369 #else
3370 0
3371 #endif
3372 );
3373 return 0;
3374
3375 failed:
3376 clear_bit(BTUSB_INTR_RUNNING, &data->flags);
3377 clear_bit(HCI_RUNNING, &hdev->flags);
3378 usb_autopm_put_interface(data->intf);
3379
3380 RTKBT_ERR("%s: Failed, PM usage count %d", __func__,
3381 #if LINUX_VERSION_CODE < KERNEL_VERSION(4, 9, 0)
3382 atomic_read(&data->intf->pm_usage_cnt)
3383 #else
3384 0
3385 #endif
3386 );
3387 return err;
3388 }
3389
btusb_stop_traffic(struct btusb_data * data)3390 static void btusb_stop_traffic(struct btusb_data *data)
3391 {
3392 mdelay(URB_CANCELING_DELAY_MS);
3393 usb_kill_anchored_urbs(&data->intr_anchor);
3394 usb_kill_anchored_urbs(&data->bulk_anchor);
3395 usb_kill_anchored_urbs(&data->isoc_anchor);
3396 }
3397
btusb_close(struct hci_dev * hdev)3398 static int btusb_close(struct hci_dev *hdev)
3399 {
3400 struct btusb_data *data = GET_DRV_DATA(hdev);
3401 int i, err;
3402
3403 RTKBT_INFO("%s: hci running %lu", __func__, hdev->flags & HCI_RUNNING);
3404
3405 if (!test_and_clear_bit(HCI_RUNNING, &hdev->flags))
3406 return 0;
3407
3408 for (i = 0; i < NUM_REASSEMBLY; i++) {
3409 if (hdev->reassembly[i]) {
3410 RTKBT_DBG("%s: free ressembly[%d]", __func__, i);
3411 kfree_skb(hdev->reassembly[i]);
3412 hdev->reassembly[i] = NULL;
3413 }
3414 }
3415
3416 cancel_work_sync(&data->work);
3417 cancel_work_sync(&data->waker);
3418
3419 clear_bit(BTUSB_ISOC_RUNNING, &data->flags);
3420 clear_bit(BTUSB_BULK_RUNNING, &data->flags);
3421 clear_bit(BTUSB_INTR_RUNNING, &data->flags);
3422
3423 btusb_stop_traffic(data);
3424 err = usb_autopm_get_interface(data->intf);
3425 if (err < 0)
3426 goto failed;
3427
3428 data->intf->needs_remote_wakeup = 0;
3429 usb_autopm_put_interface(data->intf);
3430
3431 failed:
3432 mdelay(URB_CANCELING_DELAY_MS);
3433 usb_scuttle_anchored_urbs(&data->deferred);
3434 return 0;
3435 }
3436
btusb_flush(struct hci_dev * hdev)3437 static int btusb_flush(struct hci_dev *hdev)
3438 {
3439 struct btusb_data *data = GET_DRV_DATA(hdev);
3440
3441 RTKBT_DBG("%s", __func__);
3442
3443 mdelay(URB_CANCELING_DELAY_MS);
3444 usb_kill_anchored_urbs(&data->tx_anchor);
3445
3446 return 0;
3447 }
3448
3449 #ifdef CONFIG_SCO_OVER_HCI
3450 static void btusb_isoc_snd_tx_complete(struct urb *urb);
3451
snd_send_sco_frame(struct sk_buff * skb)3452 static int snd_send_sco_frame(struct sk_buff *skb)
3453 {
3454 struct hci_dev *hdev = (struct hci_dev *) skb->dev;
3455
3456 struct btusb_data *data = GET_DRV_DATA(hdev);
3457 //struct usb_ctrlrequest *dr;
3458 struct urb *urb;
3459 unsigned int pipe;
3460 int err;
3461
3462 RTKBT_DBG("%s:pkt type %d, packet_len : %d",
3463 __func__, bt_cb(skb)->pkt_type, skb->len);
3464
3465 if (!hdev && !test_bit(HCI_RUNNING, &hdev->flags))
3466 return -EBUSY;
3467
3468 if (!data->isoc_tx_ep || hdev->conn_hash.sco_num < 1) {
3469 kfree(skb);
3470 return -ENODEV;
3471 }
3472
3473 urb = usb_alloc_urb(BTUSB_MAX_ISOC_FRAMES, GFP_ATOMIC);
3474 if (!urb) {
3475 RTKBT_ERR("%s: Failed to allocate mem for sco pkts", __func__);
3476 kfree(skb);
3477 return -ENOMEM;
3478 }
3479
3480 pipe = usb_sndisocpipe(data->udev, data->isoc_tx_ep->bEndpointAddress);
3481
3482 usb_fill_int_urb(urb, data->udev, pipe,
3483 skb->data, skb->len, btusb_isoc_snd_tx_complete,
3484 skb, data->isoc_tx_ep->bInterval);
3485
3486 urb->transfer_flags = URB_ISO_ASAP;
3487
3488 fill_isoc_descriptor(urb, skb->len,
3489 le16_to_cpu(data->isoc_tx_ep->wMaxPacketSize));
3490
3491 hdev->stat.sco_tx++;
3492
3493 usb_anchor_urb(urb, &data->tx_anchor);
3494
3495 err = usb_submit_urb(urb, GFP_ATOMIC);
3496 if (err < 0) {
3497 RTKBT_ERR("%s: Failed to submit urb %p, pkt type %d, err %d",
3498 __func__, urb, bt_cb(skb)->pkt_type, err);
3499 kfree(urb->setup_packet);
3500 usb_unanchor_urb(urb);
3501 } else
3502 usb_mark_last_busy(data->udev);
3503 usb_free_urb(urb);
3504
3505 return err;
3506
3507 }
3508
snd_copy_send_sco_data(RTK_sco_card_t * pSCOSnd)3509 static bool snd_copy_send_sco_data(RTK_sco_card_t *pSCOSnd)
3510 {
3511 struct snd_pcm_runtime *runtime = pSCOSnd->playback.substream->runtime;
3512 unsigned int frame_bytes = 2, frames1;
3513 const u8 *source;
3514
3515 snd_pcm_uframes_t period_size = runtime->period_size;
3516 int i, count;
3517 u8 buffer[period_size * 3];
3518 int sco_packet_bytes = pSCOSnd->playback.sco_packet_bytes;
3519 struct sk_buff *skb;
3520
3521 count = frames_to_bytes(runtime, period_size)/sco_packet_bytes;
3522 skb = bt_skb_alloc(((sco_packet_bytes + HCI_SCO_HDR_SIZE) * count), GFP_ATOMIC);
3523 skb->dev = (void *)hci_dev_get(0);
3524 bt_cb(skb)->pkt_type = HCI_SCODATA_PKT;
3525 skb_put(skb, ((sco_packet_bytes + HCI_SCO_HDR_SIZE) * count));
3526 if (!skb)
3527 return false;
3528
3529 RTKBT_DBG("%s, buffer_pos: %d", __FUNCTION__, pSCOSnd->playback.buffer_pos);
3530
3531 source = runtime->dma_area + pSCOSnd->playback.buffer_pos * frame_bytes;
3532
3533 if (pSCOSnd->playback.buffer_pos + period_size <= runtime->buffer_size) {
3534 memcpy(buffer, source, period_size * frame_bytes);
3535 } else {
3536 /* wrap around at end of ring buffer */
3537 frames1 = runtime->buffer_size - pSCOSnd->playback.buffer_pos;
3538 memcpy(buffer, source, frames1 * frame_bytes);
3539 memcpy(&buffer[frames1 * frame_bytes],
3540 runtime->dma_area, (period_size - frames1) * frame_bytes);
3541 }
3542
3543 pSCOSnd->playback.buffer_pos += period_size;
3544 if (pSCOSnd->playback.buffer_pos >= runtime->buffer_size)
3545 pSCOSnd->playback.buffer_pos -= runtime->buffer_size;
3546
3547 for (i = 0; i < count; i++) {
3548 *((__u16 *)(skb->data + i * (sco_packet_bytes + HCI_SCO_HDR_SIZE))) = pSCOSnd->usb_data->sco_handle;
3549 *((__u8 *)(skb->data + i*(sco_packet_bytes + HCI_SCO_HDR_SIZE) + 2)) = sco_packet_bytes;
3550 memcpy((skb->data + i * (sco_packet_bytes + HCI_SCO_HDR_SIZE) + HCI_SCO_HDR_SIZE),
3551 &buffer[sco_packet_bytes * i], sco_packet_bytes);
3552 }
3553
3554 if (test_bit(ALSA_PLAYBACK_RUNNING, &pSCOSnd->states)) {
3555 snd_pcm_period_elapsed(pSCOSnd->playback.substream);
3556 }
3557 snd_send_sco_frame(skb);
3558 return true;
3559 }
3560
btusb_isoc_snd_tx_complete(struct urb * urb)3561 static void btusb_isoc_snd_tx_complete(struct urb *urb)
3562 {
3563 struct sk_buff *skb = urb->context;
3564 struct hci_dev *hdev = (struct hci_dev *) skb->dev;
3565 struct btusb_data *data = GET_DRV_DATA(hdev);
3566 RTK_sco_card_t *pSCOSnd = data->pSCOSnd;
3567
3568 RTKBT_DBG("%s: status %d count %d",
3569 __func__, urb->status, urb->actual_length);
3570
3571 if (skb && hdev) {
3572 if (!test_bit(HCI_RUNNING, &hdev->flags))
3573 goto done;
3574
3575 if (!urb->status)
3576 hdev->stat.byte_tx += urb->transfer_buffer_length;
3577 else
3578 hdev->stat.err_tx++;
3579 } else
3580 RTKBT_ERR("%s: skb 0x%p hdev 0x%p", __func__, skb, hdev);
3581
3582 done:
3583 kfree(urb->setup_packet);
3584 kfree_skb(skb);
3585 if (test_bit(ALSA_PLAYBACK_RUNNING, &pSCOSnd->states)) {
3586 snd_copy_send_sco_data(pSCOSnd);
3587 //schedule_work(&pSCOSnd->send_sco_work);
3588 }
3589 }
3590
playback_work(struct work_struct * work)3591 static void playback_work(struct work_struct *work)
3592 {
3593 RTK_sco_card_t *pSCOSnd = container_of(work, RTK_sco_card_t, send_sco_work);
3594
3595 snd_copy_send_sco_data(pSCOSnd);
3596 }
3597
3598 #endif
3599
btusb_send_frame(struct sk_buff * skb)3600 static int btusb_send_frame(struct sk_buff *skb)
3601 {
3602 struct hci_dev *hdev = (struct hci_dev *) skb->dev;
3603
3604 struct btusb_data *data = GET_DRV_DATA(hdev);
3605 struct usb_ctrlrequest *dr;
3606 struct urb *urb;
3607 unsigned int pipe;
3608 int err;
3609 int retries = 0;
3610
3611 RTKBT_DBG("%s: hdev %p, btusb data %p, pkt type %d",
3612 __func__, hdev, data, bt_cb(skb)->pkt_type);
3613
3614 if (!test_bit(HCI_RUNNING, &hdev->flags))
3615 return -EBUSY;
3616
3617 switch (bt_cb(skb)->pkt_type) {
3618 case HCI_COMMAND_PKT:
3619 print_command(skb);
3620 urb = usb_alloc_urb(0, GFP_ATOMIC);
3621 if (!urb)
3622 return -ENOMEM;
3623
3624 dr = kmalloc(sizeof(*dr), GFP_ATOMIC);
3625 if (!dr) {
3626 usb_free_urb(urb);
3627 return -ENOMEM;
3628 }
3629
3630 dr->bRequestType = data->cmdreq_type;
3631 dr->bRequest = 0;
3632 dr->wIndex = 0;
3633 dr->wValue = 0;
3634 dr->wLength = __cpu_to_le16(skb->len);
3635
3636 pipe = usb_sndctrlpipe(data->udev, 0x00);
3637
3638 usb_fill_control_urb(urb, data->udev, pipe, (void *) dr,
3639 skb->data, skb->len, btusb_tx_complete, skb);
3640
3641 hdev->stat.cmd_tx++;
3642 break;
3643
3644 case HCI_ACLDATA_PKT:
3645 print_acl(skb, 1);
3646 if (!data->bulk_tx_ep)
3647 return -ENODEV;
3648
3649 urb = usb_alloc_urb(0, GFP_ATOMIC);
3650 if (!urb)
3651 return -ENOMEM;
3652
3653 pipe = usb_sndbulkpipe(data->udev,
3654 data->bulk_tx_ep->bEndpointAddress);
3655
3656 usb_fill_bulk_urb(urb, data->udev, pipe,
3657 skb->data, skb->len, btusb_tx_complete, skb);
3658
3659 hdev->stat.acl_tx++;
3660 break;
3661
3662 case HCI_SCODATA_PKT:
3663 print_sco(skb, 1);
3664 if (!data->isoc_tx_ep || hdev->conn_hash.sco_num < 1) {
3665 kfree(skb);
3666 return -ENODEV;
3667 }
3668
3669 urb = usb_alloc_urb(BTUSB_MAX_ISOC_FRAMES, GFP_ATOMIC);
3670 if (!urb) {
3671 RTKBT_ERR("%s: Failed to allocate mem for sco pkts", __func__);
3672 kfree(skb);
3673 return -ENOMEM;
3674 }
3675
3676 pipe = usb_sndisocpipe(data->udev, data->isoc_tx_ep->bEndpointAddress);
3677
3678 usb_fill_int_urb(urb, data->udev, pipe,
3679 skb->data, skb->len, btusb_isoc_tx_complete,
3680 skb, data->isoc_tx_ep->bInterval);
3681
3682 urb->transfer_flags = URB_ISO_ASAP;
3683
3684 fill_isoc_descriptor(urb, skb->len,
3685 le16_to_cpu(data->isoc_tx_ep->wMaxPacketSize));
3686
3687 hdev->stat.sco_tx++;
3688 goto skip_waking;
3689
3690 default:
3691 return -EILSEQ;
3692 }
3693
3694 err = inc_tx(data);
3695 if (err) {
3696 usb_anchor_urb(urb, &data->deferred);
3697 schedule_work(&data->waker);
3698 err = 0;
3699 goto done;
3700 }
3701
3702 skip_waking:
3703 usb_anchor_urb(urb, &data->tx_anchor);
3704 retry:
3705 err = usb_submit_urb(urb, GFP_ATOMIC);
3706 if (err < 0) {
3707 RTKBT_ERR("%s: Failed to submit urb %p, pkt type %d, err %d, retries %d",
3708 __func__, urb, bt_cb(skb)->pkt_type, err, retries);
3709 if ((bt_cb(skb)->pkt_type != HCI_SCODATA_PKT) && (retries < 10)) {
3710 mdelay(1);
3711
3712 if (bt_cb(skb)->pkt_type == HCI_COMMAND_PKT)
3713 print_error_command(skb);
3714 retries++;
3715 goto retry;
3716 }
3717 kfree(urb->setup_packet);
3718 usb_unanchor_urb(urb);
3719 } else
3720 usb_mark_last_busy(data->udev);
3721 usb_free_urb(urb);
3722
3723 done:
3724 return err;
3725 }
3726
3727 #if LINUX_VERSION_CODE <= KERNEL_VERSION(3, 4, 0)
btusb_destruct(struct hci_dev * hdev)3728 static void btusb_destruct(struct hci_dev *hdev)
3729 {
3730 struct btusb_data *data = GET_DRV_DATA(hdev);
3731
3732 RTKBT_DBG("%s: name %s", __func__, hdev->name);
3733
3734 kfree(data);
3735 }
3736 #endif
3737
btusb_notify(struct hci_dev * hdev,unsigned int evt)3738 static void btusb_notify(struct hci_dev *hdev, unsigned int evt)
3739 {
3740 struct btusb_data *data = GET_DRV_DATA(hdev);
3741
3742 RTKBT_DBG("%s: name %s, evt %d", __func__, hdev->name, evt);
3743
3744 RTKBT_INFO("%s: hdev->conn_hash.sco_num= %d, data->sco_num = %d", __func__, hdev->conn_hash.sco_num,
3745 data->sco_num);
3746 if (hdev->conn_hash.sco_num != data->sco_num) {
3747 data->sco_num = hdev->conn_hash.sco_num;
3748 schedule_work(&data->work);
3749 }
3750 }
3751
set_isoc_interface(struct hci_dev * hdev,int altsetting)3752 static inline int set_isoc_interface(struct hci_dev *hdev, int altsetting)
3753 {
3754 struct btusb_data *data = GET_DRV_DATA(hdev);
3755 struct usb_interface *intf = data->isoc;
3756 struct usb_endpoint_descriptor *ep_desc;
3757 int i, err;
3758
3759 if (!data->isoc)
3760 return -ENODEV;
3761
3762 err = usb_set_interface(data->udev, 1, altsetting);
3763 if (err < 0) {
3764 RTKBT_ERR("%s: Failed to set interface, altsetting %d, err %d",
3765 __func__, altsetting, err);
3766 return err;
3767 }
3768
3769 data->isoc_altsetting = altsetting;
3770
3771 data->isoc_tx_ep = NULL;
3772 data->isoc_rx_ep = NULL;
3773
3774 for (i = 0; i < intf->cur_altsetting->desc.bNumEndpoints; i++) {
3775 ep_desc = &intf->cur_altsetting->endpoint[i].desc;
3776
3777 if (!data->isoc_tx_ep && usb_endpoint_is_isoc_out(ep_desc)) {
3778 data->isoc_tx_ep = ep_desc;
3779 continue;
3780 }
3781
3782 if (!data->isoc_rx_ep && usb_endpoint_is_isoc_in(ep_desc)) {
3783 data->isoc_rx_ep = ep_desc;
3784 continue;
3785 }
3786 }
3787
3788 if (!data->isoc_tx_ep || !data->isoc_rx_ep) {
3789 RTKBT_ERR("%s: Invalid SCO descriptors", __func__);
3790 return -ENODEV;
3791 }
3792
3793 return 0;
3794 }
3795
check_controller_support_msbc(struct usb_device * udev)3796 static int check_controller_support_msbc(struct usb_device *udev)
3797 {
3798 //fix this in the future,when new card support msbc decode and encode
3799 RTKBT_INFO("%s:pid = 0x%02x, vid = 0x%02x", __func__, udev->descriptor.idProduct, udev->descriptor.idVendor);
3800 switch (udev->descriptor.idProduct) {
3801 default:
3802 return 0;
3803 }
3804 return 0;
3805 }
3806
btusb_work(struct work_struct * work)3807 static void btusb_work(struct work_struct *work)
3808 {
3809 struct btusb_data *data = container_of(work, struct btusb_data, work);
3810 struct hci_dev *hdev = data->hdev;
3811 struct sk_buff *skb;
3812
3813 int err;
3814 int new_alts;
3815 if (data->sco_num > 0) {
3816 if (!test_bit(BTUSB_DID_ISO_RESUME, &data->flags)) {
3817 err = usb_autopm_get_interface(data->isoc ? data->isoc : data->intf);
3818 if (err < 0) {
3819 clear_bit(BTUSB_ISOC_RUNNING, &data->flags);
3820 mdelay(URB_CANCELING_DELAY_MS);
3821 usb_kill_anchored_urbs(&data->isoc_anchor);
3822 return;
3823 }
3824
3825 set_bit(BTUSB_DID_ISO_RESUME, &data->flags);
3826 }
3827
3828 RTKBT_INFO("%s voice settings = 0x%04x", __func__, hdev->voice_setting);
3829 if (!(hdev->voice_setting & 0x0003)) {
3830 if (data->sco_num == 1)
3831 new_alts = 2;
3832 else {
3833 RTKBT_ERR("%s: we don't support mutiple sco link for cvsd", __func__);
3834 return;
3835 }
3836 } else {
3837 if (check_controller_support_msbc(data->udev)) {
3838 if (data->sco_num == 1)
3839 new_alts = 4;
3840 else {
3841 RTKBT_ERR("%s: we don't support mutiple sco link for msbc", __func__);
3842 return;
3843 }
3844 } else {
3845 new_alts = 2;
3846 }
3847 }
3848 if (data->isoc_altsetting != new_alts) {
3849
3850 clear_bit(BTUSB_ISOC_RUNNING, &data->flags);
3851 mdelay(URB_CANCELING_DELAY_MS);
3852 usb_kill_anchored_urbs(&data->isoc_anchor);
3853
3854 if (hdev->reassembly[HCI_SCODATA_PKT - 1]) {
3855 skb = hdev->reassembly[HCI_SCODATA_PKT - 1];
3856 hdev->reassembly[HCI_SCODATA_PKT - 1] = NULL;
3857 kfree_skb(skb);
3858 }
3859 if (set_isoc_interface(hdev, new_alts) < 0)
3860 return;
3861 }
3862
3863 if (!test_and_set_bit(BTUSB_ISOC_RUNNING, &data->flags)) {
3864 if (btusb_submit_isoc_urb(hdev, GFP_KERNEL) < 0)
3865 clear_bit(BTUSB_ISOC_RUNNING, &data->flags);
3866 else
3867 btusb_submit_isoc_urb(hdev, GFP_KERNEL);
3868 }
3869 #ifdef CONFIG_SCO_OVER_HCI
3870 if (test_bit(BTUSB_ISOC_RUNNING, &data->flags)) {
3871 set_bit(USB_CAPTURE_RUNNING, &data->pSCOSnd->states);
3872 set_bit(USB_PLAYBACK_RUNNING, &data->pSCOSnd->states);
3873 }
3874 #endif
3875 } else {
3876 clear_bit(BTUSB_ISOC_RUNNING, &data->flags);
3877 #ifdef CONFIG_SCO_OVER_HCI
3878 clear_bit(USB_CAPTURE_RUNNING, &data->pSCOSnd->states);
3879 clear_bit(USB_PLAYBACK_RUNNING, &data->pSCOSnd->states);
3880 #endif
3881 mdelay(URB_CANCELING_DELAY_MS);
3882 usb_kill_anchored_urbs(&data->isoc_anchor);
3883
3884 set_isoc_interface(hdev, 0);
3885
3886 if (test_and_clear_bit(BTUSB_DID_ISO_RESUME, &data->flags))
3887 usb_autopm_put_interface(data->isoc ? data->isoc : data->intf);
3888 }
3889 }
3890
btusb_waker(struct work_struct * work)3891 static void btusb_waker(struct work_struct *work)
3892 {
3893 struct btusb_data *data = container_of(work, struct btusb_data, waker);
3894 int err;
3895
3896 RTKBT_DBG("%s: PM usage count %d", __func__,
3897 #if LINUX_VERSION_CODE < KERNEL_VERSION(4, 9, 0)
3898 atomic_read(&data->intf->pm_usage_cnt)
3899 #else
3900 0
3901 #endif
3902 );
3903
3904 err = usb_autopm_get_interface(data->intf);
3905 if (err < 0)
3906 return;
3907
3908 usb_autopm_put_interface(data->intf);
3909 }
3910
3911
3912 //#ifdef CONFIG_HAS_EARLYSUSPEND
3913 #if 0
3914 static void btusb_early_suspend(struct early_suspend *h)
3915 {
3916 struct btusb_data *data;
3917 firmware_info *fw_info;
3918 patch_info *patch_entry;
3919
3920 RTKBT_INFO("%s", __func__);
3921
3922 data = container_of(h, struct btusb_data, early_suspend);
3923 fw_info = data->fw_info;
3924 patch_entry = fw_info->patch_entry;
3925
3926 patch_entry->fw_len = load_firmware(fw_info, &patch_entry->fw_cache);
3927 if (patch_entry->fw_len <= 0) {
3928 /* We may encount failure in loading firmware, just give a warning */
3929 RTKBT_WARN("%s: Failed to load firmware", __func__);
3930 }
3931 }
3932
3933 static void btusb_late_resume(struct early_suspend *h)
3934 {
3935 struct btusb_data *data;
3936 firmware_info *fw_info;
3937 patch_info *patch_entry;
3938
3939 RTKBT_INFO("%s", __func__);
3940
3941 data = container_of(h, struct btusb_data, early_suspend);
3942 fw_info = data->fw_info;
3943 patch_entry = fw_info->patch_entry;
3944
3945 /* Reclaim fw buffer when bt usb resumed */
3946 if (patch_entry->fw_len > 0) {
3947 kfree(patch_entry->fw_cache);
3948 patch_entry->fw_cache = NULL;
3949 patch_entry->fw_len = 0;
3950 }
3951 }
3952 #else
bt_pm_notify(struct notifier_block * notifier,ulong pm_event,void * unused)3953 int bt_pm_notify(struct notifier_block *notifier, ulong pm_event, void *unused)
3954 {
3955 struct btusb_data *data;
3956 firmware_info *fw_info;
3957 patch_info *patch_entry;
3958 struct usb_device *udev;
3959
3960 RTKBT_INFO("%s: pm event %ld", __func__, pm_event);
3961
3962 data = container_of(notifier, struct btusb_data, pm_notifier);
3963 fw_info = data->fw_info;
3964 patch_entry = fw_info->patch_entry;
3965 udev = fw_info->udev;
3966
3967 switch (pm_event) {
3968 case PM_SUSPEND_PREPARE:
3969 case PM_HIBERNATION_PREPARE:
3970 #if 0
3971 patch_entry->fw_len = load_firmware(fw_info, &patch_entry->fw_cache);
3972 if (patch_entry->fw_len <= 0) {
3973 /* We may encount failure in loading firmware, just give a warning */
3974 RTKBT_WARN("%s: Failed to load firmware", __func__);
3975 }
3976 #endif
3977 if (!device_may_wakeup(&udev->dev)) {
3978 #if (CONFIG_RESET_RESUME || CONFIG_BLUEDROID)
3979 RTKBT_INFO("%s:remote wakeup not supported, reset resume supported", __func__);
3980 #else
3981 fw_info->intf->needs_binding = 1;
3982 RTKBT_INFO("%s:remote wakeup not supported, binding needed", __func__);
3983 #endif
3984 }
3985 break;
3986
3987 case PM_POST_SUSPEND:
3988 case PM_POST_HIBERNATION:
3989 case PM_POST_RESTORE:
3990 #if 0
3991 /* Reclaim fw buffer when bt usb resumed */
3992 if (patch_entry->fw_len > 0) {
3993 kfree(patch_entry->fw_cache);
3994 patch_entry->fw_cache = NULL;
3995 patch_entry->fw_len = 0;
3996 }
3997 #endif
3998
3999 #if BTUSB_RPM
4000 usb_disable_autosuspend(udev);
4001 usb_enable_autosuspend(udev);
4002 pm_runtime_set_autosuspend_delay(&(udev->dev), 2000);
4003 #endif
4004 break;
4005
4006 default:
4007 break;
4008 }
4009
4010 return NOTIFY_DONE;
4011 }
4012
bt_reboot_notify(struct notifier_block * notifier,ulong pm_event,void * unused)4013 int bt_reboot_notify(struct notifier_block *notifier, ulong pm_event, void *unused)
4014 {
4015 struct btusb_data *data;
4016 firmware_info *fw_info;
4017 patch_info *patch_entry;
4018 struct usb_device *udev;
4019
4020 RTKBT_INFO("%s: pm event %ld", __func__, pm_event);
4021
4022 data = container_of(notifier, struct btusb_data, reboot_notifier);
4023 fw_info = data->fw_info;
4024 patch_entry = fw_info->patch_entry;
4025 udev = fw_info->udev;
4026
4027 switch (pm_event) {
4028 case SYS_DOWN:
4029 RTKBT_DBG("%s:system down or restart", __func__);
4030 break;
4031
4032 case SYS_HALT:
4033 case SYS_POWER_OFF:
4034 #if SUSPNED_DW_FW
4035 cancel_work_sync(&data->work);
4036
4037 btusb_stop_traffic(data);
4038 mdelay(URB_CANCELING_DELAY_MS);
4039 usb_kill_anchored_urbs(&data->tx_anchor);
4040
4041 if (fw_info_4_suspend) {
4042 download_suspend_patch(fw_info_4_suspend, 1);
4043 } else {
4044 RTKBT_ERR("%s: Failed to download suspend fw", __func__);
4045 }
4046 #endif
4047
4048 #if SET_WAKEUP_DEVICE
4049 set_wakeup_device_from_conf(fw_info_4_suspend);
4050 #endif
4051 RTKBT_DBG("%s:system halt or power off", __func__);
4052 break;
4053
4054 default:
4055 break;
4056 }
4057
4058 return NOTIFY_DONE;
4059 }
4060
4061 #endif
4062
4063 #ifdef CONFIG_SCO_OVER_HCI
4064 static const struct snd_pcm_hardware snd_card_sco_capture_default = {
4065 .info = (SNDRV_PCM_INFO_INTERLEAVED | SNDRV_PCM_INFO_NONINTERLEAVED |
4066 SNDRV_PCM_ACCESS_RW_INTERLEAVED | SNDRV_PCM_INFO_FIFO_IN_FRAMES),
4067 .formats = SNDRV_PCM_FMTBIT_S16_LE | SNDRV_PCM_FMTBIT_S8,
4068 .rates = (SNDRV_PCM_RATE_8000),
4069 .rate_min = 8000,
4070 .rate_max = 8000,
4071 .channels_min = 1,
4072 .channels_max = 1,
4073 .buffer_bytes_max = 8 * 768,
4074 .period_bytes_min = 48,
4075 .period_bytes_max = 768,
4076 .periods_min = 1,
4077 .periods_max = 8,
4078 .fifo_size = 8,
4079 };
4080
snd_sco_capture_pcm_open(struct snd_pcm_substream * substream)4081 static int snd_sco_capture_pcm_open(struct snd_pcm_substream *substream)
4082 {
4083 RTK_sco_card_t *pSCOSnd = substream->private_data;
4084
4085 RTKBT_INFO("%s", __FUNCTION__);
4086 pSCOSnd->capture.substream = substream;
4087
4088 memcpy(&substream->runtime->hw, &snd_card_sco_capture_default, sizeof(struct snd_pcm_hardware));
4089
4090 if (check_controller_support_msbc(pSCOSnd->dev)) {
4091 substream->runtime->hw.rates |= SNDRV_PCM_RATE_16000;
4092 substream->runtime->hw.rate_max = 16000;
4093 substream->runtime->hw.period_bytes_min = 96;
4094 substream->runtime->hw.period_bytes_max = 16 * 96;
4095 substream->runtime->hw.buffer_bytes_max = 8 * 16 * 96;
4096 }
4097 set_bit(ALSA_CAPTURE_OPEN, &pSCOSnd->states);
4098 return 0;
4099 }
4100
snd_sco_capture_pcm_close(struct snd_pcm_substream * substream)4101 static int snd_sco_capture_pcm_close(struct snd_pcm_substream *substream)
4102 {
4103 RTK_sco_card_t *pSCOSnd = substream->private_data;
4104
4105 clear_bit(ALSA_CAPTURE_OPEN, &pSCOSnd->states);
4106 return 0;
4107 }
4108
snd_sco_capture_ioctl(struct snd_pcm_substream * substream,unsigned int cmd,void * arg)4109 static int snd_sco_capture_ioctl(struct snd_pcm_substream *substream, unsigned int cmd, void *arg)
4110 {
4111 RTKBT_DBG("%s, cmd = %d", __FUNCTION__, cmd);
4112 switch (cmd) {
4113 default:
4114 return snd_pcm_lib_ioctl(substream, cmd, arg);
4115 }
4116 return 0;
4117 }
4118
snd_sco_capture_pcm_hw_params(struct snd_pcm_substream * substream,struct snd_pcm_hw_params * hw_params)4119 static int snd_sco_capture_pcm_hw_params(struct snd_pcm_substream *substream, struct snd_pcm_hw_params *hw_params)
4120 {
4121 int err;
4122 struct snd_pcm_runtime *runtime = substream->runtime;
4123 err = snd_pcm_lib_alloc_vmalloc_buffer(substream, params_buffer_bytes(hw_params));
4124 RTKBT_INFO("%s,err : %d, runtime state : %d", __FUNCTION__, err, runtime->status->state);
4125 return err;
4126 }
4127
snd_sco_capture_pcm_hw_free(struct snd_pcm_substream * substream)4128 static int snd_sco_capture_pcm_hw_free(struct snd_pcm_substream *substream)
4129 {
4130 RTKBT_DBG("%s", __FUNCTION__);
4131 return snd_pcm_lib_free_vmalloc_buffer(substream);;
4132 }
4133
snd_sco_capture_pcm_prepare(struct snd_pcm_substream * substream)4134 static int snd_sco_capture_pcm_prepare(struct snd_pcm_substream *substream)
4135 {
4136 RTK_sco_card_t *pSCOSnd = substream->private_data;
4137 struct snd_pcm_runtime *runtime = substream->runtime;
4138
4139 RTKBT_INFO("%s", __FUNCTION__);
4140 if (test_bit(DISCONNECTED, &pSCOSnd->states))
4141 return -ENODEV;
4142 if (!test_bit(USB_CAPTURE_RUNNING, &pSCOSnd->states))
4143 return -EIO;
4144
4145 if (runtime->rate == 8000) {
4146 if (pSCOSnd->usb_data->isoc_altsetting != 2)
4147 return -ENOEXEC;
4148 pSCOSnd->capture.sco_packet_bytes = 48;
4149 } else if (runtime->rate == 16000 && check_controller_support_msbc(pSCOSnd->dev)) {
4150 if (pSCOSnd->usb_data->isoc_altsetting != 4)
4151 return -ENOEXEC;
4152 pSCOSnd->capture.sco_packet_bytes = 96;
4153 } else if (pSCOSnd->usb_data->isoc_altsetting == 2) {
4154 pSCOSnd->capture.sco_packet_bytes = 48;
4155 } else if (pSCOSnd->usb_data->isoc_altsetting == 1) {
4156 pSCOSnd->capture.sco_packet_bytes = 24;
4157 }
4158 return 0;
4159 }
4160
snd_sco_capture_pcm_trigger(struct snd_pcm_substream * substream,int cmd)4161 static int snd_sco_capture_pcm_trigger(struct snd_pcm_substream *substream, int cmd)
4162 {
4163 RTK_sco_card_t *pSCOSnd = substream->private_data;
4164 RTKBT_INFO("%s, cmd : %d", __FUNCTION__, cmd);
4165
4166 switch (cmd) {
4167 case SNDRV_PCM_TRIGGER_START:
4168 if (!test_bit(USB_CAPTURE_RUNNING, &pSCOSnd->states))
4169 return -EIO;
4170 set_bit(ALSA_CAPTURE_RUNNING, &pSCOSnd->states);
4171 return 0;
4172 case SNDRV_PCM_TRIGGER_STOP:
4173 clear_bit(ALSA_CAPTURE_RUNNING, &pSCOSnd->states);
4174 return 0;
4175 default:
4176 return -EINVAL;
4177 }
4178 }
4179
snd_sco_capture_pcm_pointer(struct snd_pcm_substream * substream)4180 static snd_pcm_uframes_t snd_sco_capture_pcm_pointer(struct snd_pcm_substream *substream)
4181 {
4182 RTK_sco_card_t *pSCOSnd = substream->private_data;
4183
4184 return pSCOSnd->capture.buffer_pos;
4185 }
4186
4187 static struct snd_pcm_ops snd_sco_capture_pcm_ops = {
4188 .open = snd_sco_capture_pcm_open,
4189 .close = snd_sco_capture_pcm_close,
4190 .ioctl = snd_sco_capture_ioctl,
4191 .hw_params = snd_sco_capture_pcm_hw_params,
4192 .hw_free = snd_sco_capture_pcm_hw_free,
4193 .prepare = snd_sco_capture_pcm_prepare,
4194 .trigger = snd_sco_capture_pcm_trigger,
4195 .pointer = snd_sco_capture_pcm_pointer,
4196 };
4197
4198 static const struct snd_pcm_hardware snd_card_sco_playback_default = {
4199 .info = (SNDRV_PCM_INFO_INTERLEAVED | SNDRV_PCM_INFO_NONINTERLEAVED |
4200 SNDRV_PCM_ACCESS_RW_INTERLEAVED | SNDRV_PCM_INFO_FIFO_IN_FRAMES),
4201 .formats = SNDRV_PCM_FMTBIT_S16_LE,
4202 .rates = (SNDRV_PCM_RATE_8000),
4203 .rate_min = 8000,
4204 .rate_max = 8000,
4205 .channels_min = 1,
4206 .channels_max = 1,
4207 .buffer_bytes_max = 8 * 768,
4208 .period_bytes_min = 48,
4209 .period_bytes_max = 768,
4210 .periods_min = 1,
4211 .periods_max = 8,
4212 .fifo_size = 8,
4213 };
4214
snd_sco_playback_pcm_open(struct snd_pcm_substream * substream)4215 static int snd_sco_playback_pcm_open(struct snd_pcm_substream *substream)
4216 {
4217 RTK_sco_card_t *pSCOSnd = substream->private_data;
4218 int err = 0;
4219
4220 RTKBT_INFO("%s, rate : %d", __FUNCTION__, substream->runtime->rate);
4221 memcpy(&substream->runtime->hw, &snd_card_sco_playback_default, sizeof(struct snd_pcm_hardware));
4222 if (check_controller_support_msbc(pSCOSnd->dev)) {
4223 substream->runtime->hw.rates |= SNDRV_PCM_RATE_16000;
4224 substream->runtime->hw.rate_max = 16000;
4225 substream->runtime->hw.period_bytes_min = 96;
4226 substream->runtime->hw.period_bytes_max = 16 * 96;
4227 substream->runtime->hw.buffer_bytes_max = 8 * 16 * 96;
4228 }
4229 pSCOSnd->playback.substream = substream;
4230 set_bit(ALSA_PLAYBACK_OPEN, &pSCOSnd->states);
4231
4232 return err;
4233 }
4234
snd_sco_playback_pcm_close(struct snd_pcm_substream * substream)4235 static int snd_sco_playback_pcm_close(struct snd_pcm_substream *substream)
4236 {
4237 RTK_sco_card_t *pSCOSnd = substream->private_data;
4238
4239 clear_bit(ALSA_PLAYBACK_OPEN, &pSCOSnd->states);
4240 cancel_work_sync(&pSCOSnd->send_sco_work);
4241 return 0;
4242 }
4243
snd_sco_playback_ioctl(struct snd_pcm_substream * substream,unsigned int cmd,void * arg)4244 static int snd_sco_playback_ioctl(struct snd_pcm_substream *substream, unsigned int cmd, void *arg)
4245 {
4246 RTKBT_DBG("%s, cmd : %d", __FUNCTION__, cmd);
4247 switch (cmd) {
4248 default:
4249 return snd_pcm_lib_ioctl(substream, cmd, arg);
4250 break;
4251 }
4252 return 0;
4253 }
4254
snd_sco_playback_pcm_hw_params(struct snd_pcm_substream * substream,struct snd_pcm_hw_params * hw_params)4255 static int snd_sco_playback_pcm_hw_params(struct snd_pcm_substream *substream, struct snd_pcm_hw_params *hw_params)
4256 {
4257 int err;
4258 err = snd_pcm_lib_alloc_vmalloc_buffer(substream, params_buffer_bytes(hw_params));
4259 return err;
4260 }
4261
snd_sco_palyback_pcm_hw_free(struct snd_pcm_substream * substream)4262 static int snd_sco_palyback_pcm_hw_free(struct snd_pcm_substream *substream)
4263 {
4264 RTKBT_DBG("%s", __FUNCTION__);
4265 return snd_pcm_lib_free_vmalloc_buffer(substream);
4266 }
4267
snd_sco_playback_pcm_prepare(struct snd_pcm_substream * substream)4268 static int snd_sco_playback_pcm_prepare(struct snd_pcm_substream *substream)
4269 {
4270 RTK_sco_card_t *pSCOSnd = substream->private_data;
4271 struct snd_pcm_runtime *runtime = substream->runtime;
4272
4273 RTKBT_INFO("%s, bound_rate = %d", __FUNCTION__, runtime->rate);
4274
4275 if (test_bit(DISCONNECTED, &pSCOSnd->states))
4276 return -ENODEV;
4277 if (!test_bit(USB_PLAYBACK_RUNNING, &pSCOSnd->states))
4278 return -EIO;
4279
4280 if (runtime->rate == 8000) {
4281 if (pSCOSnd->usb_data->isoc_altsetting != 2)
4282 return -ENOEXEC;
4283 pSCOSnd->playback.sco_packet_bytes = 48;
4284 } else if (runtime->rate == 16000) {
4285 if (pSCOSnd->usb_data->isoc_altsetting != 4)
4286 return -ENOEXEC;
4287 pSCOSnd->playback.sco_packet_bytes = 96;
4288 }
4289
4290 return 0;
4291 }
4292
snd_sco_playback_pcm_trigger(struct snd_pcm_substream * substream,int cmd)4293 static int snd_sco_playback_pcm_trigger(struct snd_pcm_substream *substream, int cmd)
4294 {
4295 RTK_sco_card_t *pSCOSnd = substream->private_data;
4296
4297 RTKBT_INFO("%s, cmd = %d", __FUNCTION__, cmd);
4298 switch (cmd) {
4299 case SNDRV_PCM_TRIGGER_START:
4300 if (!test_bit(USB_PLAYBACK_RUNNING, &pSCOSnd->states))
4301 return -EIO;
4302 set_bit(ALSA_PLAYBACK_RUNNING, &pSCOSnd->states);
4303 schedule_work(&pSCOSnd->send_sco_work);
4304 return 0;
4305 case SNDRV_PCM_TRIGGER_STOP:
4306 clear_bit(ALSA_PLAYBACK_RUNNING, &pSCOSnd->states);
4307 return 0;
4308 default:
4309 return -EINVAL;
4310 }
4311 }
4312
snd_sco_playback_pcm_pointer(struct snd_pcm_substream * substream)4313 static snd_pcm_uframes_t snd_sco_playback_pcm_pointer(struct snd_pcm_substream *substream)
4314 {
4315 RTK_sco_card_t *pSCOSnd = substream->private_data;
4316
4317 return pSCOSnd->playback.buffer_pos;
4318 }
4319
4320
4321 static struct snd_pcm_ops snd_sco_playback_pcm_ops = {
4322 .open = snd_sco_playback_pcm_open,
4323 .close = snd_sco_playback_pcm_close,
4324 .ioctl = snd_sco_playback_ioctl,
4325 .hw_params = snd_sco_playback_pcm_hw_params,
4326 .hw_free = snd_sco_palyback_pcm_hw_free,
4327 .prepare = snd_sco_playback_pcm_prepare,
4328 .trigger = snd_sco_playback_pcm_trigger,
4329 .pointer = snd_sco_playback_pcm_pointer,
4330 };
4331
4332
btusb_snd_init(struct usb_interface * intf,const struct usb_device_id * id,struct btusb_data * data)4333 static RTK_sco_card_t *btusb_snd_init(struct usb_interface *intf, const struct usb_device_id *id, struct btusb_data *data)
4334 {
4335 struct snd_card *card;
4336 RTK_sco_card_t *pSCOSnd;
4337 int err = 0;
4338 RTKBT_INFO("%s", __func__);
4339 err = snd_card_new(&intf->dev,
4340 -1, RTK_SCO_ID, THIS_MODULE,
4341 sizeof(RTK_sco_card_t), &card);
4342 if (err < 0) {
4343 RTKBT_ERR("%s: sco snd card create fail", __func__);
4344 return NULL;
4345 }
4346 // private data
4347 pSCOSnd = (RTK_sco_card_t *)card->private_data;
4348 pSCOSnd->card = card;
4349 pSCOSnd->dev = interface_to_usbdev(intf);
4350 pSCOSnd->usb_data = data;
4351
4352 strcpy(card->driver, RTK_SCO_ID);
4353 strcpy(card->shortname, "Realtek sco snd");
4354 sprintf(card->longname, "Realtek sco over hci: VID:0x%04x, PID:0x%04x",
4355 id->idVendor, pSCOSnd->dev->descriptor.idProduct);
4356
4357 err = snd_pcm_new(card, RTK_SCO_ID, 0, 1, 1, &pSCOSnd->pcm);
4358 if (err < 0) {
4359 RTKBT_ERR("%s: sco snd card new pcm fail", __func__);
4360 snd_card_free(card);
4361 return NULL;
4362 }
4363 pSCOSnd->pcm->private_data = pSCOSnd;
4364 sprintf(pSCOSnd->pcm->name, "sco_pcm:VID:0x%04x, PID:0x%04x",
4365 id->idVendor, pSCOSnd->dev->descriptor.idProduct);
4366
4367 snd_pcm_set_ops(pSCOSnd->pcm, SNDRV_PCM_STREAM_PLAYBACK, &snd_sco_playback_pcm_ops);
4368 snd_pcm_set_ops(pSCOSnd->pcm, SNDRV_PCM_STREAM_CAPTURE, &snd_sco_capture_pcm_ops);
4369
4370 err = snd_card_register(card);
4371 if (err < 0) {
4372 RTKBT_ERR("%s: sco snd card register card fail", __func__);
4373 snd_card_free(card);
4374 return NULL;
4375 }
4376
4377 spin_lock_init(&pSCOSnd->capture_lock);
4378 spin_lock_init(&pSCOSnd->playback_lock);
4379 INIT_WORK(&pSCOSnd->send_sco_work, playback_work);
4380 return pSCOSnd;
4381 }
4382
btusb_snd_remove(RTK_sco_card_t * pSCOSnd)4383 static void btusb_snd_remove(RTK_sco_card_t *pSCOSnd)
4384 {
4385 if (!pSCOSnd) {
4386 RTKBT_ERR("%s: sco private data is null", __func__);
4387 return;
4388 }
4389 set_bit(DISCONNECTED, &pSCOSnd->states);
4390 snd_card_disconnect(pSCOSnd->card);
4391 snd_card_free_when_closed(pSCOSnd->card);
4392 }
4393 #endif
4394
btusb_probe(struct usb_interface * intf,const struct usb_device_id * id)4395 static int btusb_probe(struct usb_interface *intf, const struct usb_device_id *id)
4396 {
4397 struct usb_device *udev = interface_to_usbdev(intf);
4398 struct usb_endpoint_descriptor *ep_desc;
4399 struct btusb_data *data;
4400 struct hci_dev *hdev;
4401 firmware_info *fw_info;
4402 int i, err = 0;
4403
4404 RTKBT_INFO("%s: usb_interface %p, bInterfaceNumber %d, idVendor 0x%04x, "
4405 "idProduct 0x%04x", __func__, intf,
4406 intf->cur_altsetting->desc.bInterfaceNumber,
4407 id->idVendor, id->idProduct);
4408
4409 /* interface numbers are hardcoded in the spec */
4410 if (intf->cur_altsetting->desc.bInterfaceNumber != 0)
4411 return -ENODEV;
4412
4413 RTKBT_DBG("%s: can wakeup = %x, may wakeup = %x", __func__,
4414 device_can_wakeup(&udev->dev), device_may_wakeup(&udev->dev));
4415
4416 data = rtk_alloc(intf);
4417 if (!data)
4418 return -ENOMEM;
4419
4420 for (i = 0; i < intf->cur_altsetting->desc.bNumEndpoints; i++) {
4421 ep_desc = &intf->cur_altsetting->endpoint[i].desc;
4422
4423 if (!data->intr_ep && usb_endpoint_is_int_in(ep_desc)) {
4424 data->intr_ep = ep_desc;
4425 continue;
4426 }
4427
4428 if (!data->bulk_tx_ep && usb_endpoint_is_bulk_out(ep_desc)) {
4429 data->bulk_tx_ep = ep_desc;
4430 continue;
4431 }
4432
4433 if (!data->bulk_rx_ep && usb_endpoint_is_bulk_in(ep_desc)) {
4434 data->bulk_rx_ep = ep_desc;
4435 continue;
4436 }
4437 }
4438
4439 if (!data->intr_ep || !data->bulk_tx_ep || !data->bulk_rx_ep) {
4440 rtk_free(data);
4441 return -ENODEV;
4442 }
4443
4444 data->cmdreq_type = USB_TYPE_CLASS;
4445
4446 data->udev = udev;
4447 data->intf = intf;
4448
4449 spin_lock_init(&queue_lock);
4450 spin_lock_init(&running_flag_lock);
4451 spin_lock_init(&data->lock);
4452
4453 INIT_WORK(&data->work, btusb_work);
4454 INIT_WORK(&data->waker, btusb_waker);
4455 spin_lock_init(&data->txlock);
4456
4457 init_usb_anchor(&data->tx_anchor);
4458 init_usb_anchor(&data->intr_anchor);
4459 init_usb_anchor(&data->bulk_anchor);
4460 init_usb_anchor(&data->isoc_anchor);
4461 init_usb_anchor(&data->deferred);
4462
4463 fw_info = firmware_info_init(intf);
4464 if (fw_info)
4465 data->fw_info = fw_info;
4466 else {
4467 RTKBT_WARN("%s: Failed to initialize fw info", __func__);
4468 /* Skip download patch */
4469 goto end;
4470 }
4471
4472 hdev = hci_alloc_dev();
4473 if (!hdev) {
4474 rtk_free(data);
4475 data = NULL;
4476 return -ENOMEM;
4477 }
4478
4479 HDEV_BUS = HCI_USB;
4480
4481 data->hdev = hdev;
4482
4483 SET_HCIDEV_DEV(hdev, &intf->dev);
4484
4485 hdev->open = btusb_open;
4486 hdev->close = btusb_close;
4487 hdev->flush = btusb_flush;
4488 hdev->send = btusb_send_frame;
4489 hdev->notify = btusb_notify;
4490
4491 #if LINUX_VERSION_CODE > KERNEL_VERSION(3, 4, 0)
4492 hci_set_drvdata(hdev, data);
4493 #else
4494 hdev->driver_data = data;
4495 hdev->destruct = btusb_destruct;
4496 hdev->owner = THIS_MODULE;
4497 #endif
4498
4499 /* Interface numbers are hardcoded in the specification */
4500 data->isoc = usb_ifnum_to_if(data->udev, 1);
4501 if (data->isoc) {
4502 err = usb_driver_claim_interface(&btusb_driver,
4503 data->isoc, data);
4504 if (err < 0) {
4505 hci_free_dev(hdev);
4506 hdev = NULL;
4507 rtk_free(data);
4508 data = NULL;
4509 return err;
4510 }
4511 #ifdef CONFIG_SCO_OVER_HCI
4512 data->pSCOSnd = btusb_snd_init(intf, id, data);
4513 #endif
4514 }
4515
4516 err = hci_register_dev(hdev);
4517 if (err < 0) {
4518 hci_free_dev(hdev);
4519 hdev = NULL;
4520 rtk_free(data);
4521 data = NULL;
4522 return err;
4523 }
4524
4525 usb_set_intfdata(intf, data);
4526
4527 //#ifdef CONFIG_HAS_EARLYSUSPEND
4528 #if 0
4529 data->early_suspend.level = EARLY_SUSPEND_LEVEL_BLANK_SCREEN;
4530 data->early_suspend.suspend = btusb_early_suspend;
4531 data->early_suspend.resume = btusb_late_resume;
4532 register_early_suspend(&data->early_suspend);
4533 #else
4534 data->pm_notifier.notifier_call = bt_pm_notify;
4535 data->reboot_notifier.notifier_call = bt_reboot_notify;
4536 register_pm_notifier(&data->pm_notifier);
4537 register_reboot_notifier(&data->reboot_notifier);
4538 #endif
4539
4540 #if CONFIG_BLUEDROID
4541 RTKBT_INFO("%s: Check bt reset flag %d", __func__, bt_reset);
4542 /* Report hci hardware error after everthing is ready,
4543 * especially hci register is completed. Or, btchr_poll
4544 * will get null hci dev when hotplug in.
4545 */
4546 if (bt_reset == 1) {
4547 hci_hardware_error();
4548 bt_reset = 0;
4549 } else
4550 bt_reset = 0; /* Clear and reset it anyway */
4551 #endif
4552
4553 load_firmware_info(fw_info);
4554
4555 end:
4556 set_driver_state_value(DEVICE_PROBED);
4557 return 0;
4558 }
4559
btusb_disconnect(struct usb_interface * intf)4560 static void btusb_disconnect(struct usb_interface *intf)
4561 {
4562 struct btusb_data *data;
4563 struct hci_dev *hdev = NULL;
4564
4565 if (intf->cur_altsetting->desc.bInterfaceNumber != 0)
4566 return;
4567
4568 clear_driver_state(DEVICE_PROBED);
4569 if ((get_driver_state_value() & CHAR_OPENED) == CHAR_OPENED)
4570 wake_up_interruptible(&btchr_read_wait);
4571
4572 wait_event_interruptible(bt_drv_state_wait, ((get_driver_state_value() & CHAR_OPENED) == 0));
4573
4574 RTKBT_INFO("%s: usb_interface %p, bInterfaceNumber %d",
4575 __func__, intf, intf->cur_altsetting->desc.bInterfaceNumber);
4576
4577 data = usb_get_intfdata(intf);
4578
4579 if (data)
4580 hdev = data->hdev;
4581 else {
4582 RTKBT_WARN("%s: Failed to get bt usb data[Null]", __func__);
4583 return;
4584 }
4585
4586 #ifdef CONFIG_SCO_OVER_HCI
4587 if (intf->cur_altsetting->desc.bInterfaceNumber == 0) {
4588 RTK_sco_card_t *pSCOSnd = data->pSCOSnd;
4589 btusb_snd_remove(pSCOSnd);
4590 }
4591 #endif
4592
4593 //#ifdef CONFIG_HAS_EARLYSUSPEND
4594 #if 0
4595 unregister_early_suspend(&data->early_suspend);
4596 #else
4597 unregister_pm_notifier(&data->pm_notifier);
4598 unregister_reboot_notifier(&data->reboot_notifier);
4599 #endif
4600
4601 firmware_info_destroy(intf);
4602
4603 #if CONFIG_BLUEDROID
4604 if (test_bit(HCI_RUNNING, &hdev->flags)) {
4605 RTKBT_INFO("%s: Set BT reset flag", __func__);
4606 bt_reset = 1;
4607 }
4608 #endif
4609
4610 usb_set_intfdata(data->intf, NULL);
4611
4612 if (data->isoc)
4613 usb_set_intfdata(data->isoc, NULL);
4614
4615 hci_unregister_dev(hdev);
4616
4617 if (intf == data->isoc)
4618 usb_driver_release_interface(&btusb_driver, data->intf);
4619 else if (data->isoc)
4620 usb_driver_release_interface(&btusb_driver, data->isoc);
4621
4622 #if !CONFIG_BLUEDROID
4623 #if LINUX_VERSION_CODE <= KERNEL_VERSION(3, 4, 0)
4624 __hci_dev_put(hdev);
4625 #endif
4626 #endif
4627
4628 hci_free_dev(hdev);
4629 rtk_free(data);
4630 data = NULL;
4631 set_driver_state_value(0);
4632 }
4633
4634 #ifdef CONFIG_PM
btusb_suspend(struct usb_interface * intf,pm_message_t message)4635 static int btusb_suspend(struct usb_interface *intf, pm_message_t message)
4636 {
4637 struct btusb_data *data = usb_get_intfdata(intf);
4638 firmware_info *fw_info = data->fw_info;
4639
4640 RTKBT_INFO("%s: event 0x%x, suspend count %d", __func__,
4641 message.event, data->suspend_count);
4642
4643 if (intf->cur_altsetting->desc.bInterfaceNumber != 0)
4644 return 0;
4645
4646 if (!test_bit(HCI_RUNNING, &data->hdev->flags))
4647 set_bt_onoff(fw_info, 1);
4648
4649 if (data->suspend_count++)
4650 return 0;
4651
4652 spin_lock_irq(&data->txlock);
4653 if (!((message.event & PM_EVENT_AUTO) && data->tx_in_flight)) {
4654 set_bit(BTUSB_SUSPENDING, &data->flags);
4655 spin_unlock_irq(&data->txlock);
4656 } else {
4657 spin_unlock_irq(&data->txlock);
4658 data->suspend_count--;
4659 RTKBT_ERR("%s: Failed to enter suspend", __func__);
4660 return -EBUSY;
4661 }
4662
4663 cancel_work_sync(&data->work);
4664
4665 btusb_stop_traffic(data);
4666 mdelay(URB_CANCELING_DELAY_MS);
4667 usb_kill_anchored_urbs(&data->tx_anchor);
4668
4669 #if SUSPNED_DW_FW
4670 if (fw_info_4_suspend) {
4671 download_suspend_patch(fw_info_4_suspend, 1);
4672 } else
4673 RTKBT_ERR("%s: Failed to download suspend fw", __func__);
4674 #endif
4675
4676 #if SET_WAKEUP_DEVICE
4677 set_wakeup_device_from_conf(fw_info_4_suspend);
4678 #endif
4679
4680 return 0;
4681 }
4682
play_deferred(struct btusb_data * data)4683 static void play_deferred(struct btusb_data *data)
4684 {
4685 struct urb *urb;
4686 int err;
4687
4688 while ((urb = usb_get_from_anchor(&data->deferred))) {
4689 usb_anchor_urb(urb, &data->tx_anchor);
4690 err = usb_submit_urb(urb, GFP_ATOMIC);
4691 if (err < 0) {
4692 RTKBT_ERR("%s: Failed to submit urb %p, err %d",
4693 __func__, urb, err);
4694 kfree(urb->setup_packet);
4695 usb_unanchor_urb(urb);
4696 } else {
4697 usb_mark_last_busy(data->udev);
4698 }
4699 usb_free_urb(urb);
4700
4701 data->tx_in_flight++;
4702 }
4703 mdelay(URB_CANCELING_DELAY_MS);
4704 usb_scuttle_anchored_urbs(&data->deferred);
4705 }
4706
btusb_resume(struct usb_interface * intf)4707 static int btusb_resume(struct usb_interface *intf)
4708 {
4709 struct btusb_data *data = usb_get_intfdata(intf);
4710 struct hci_dev *hdev = data->hdev;
4711 firmware_info *fw_info = data->fw_info;
4712 int err = 0;
4713
4714 RTKBT_INFO("%s: Suspend count %d", __func__, data->suspend_count);
4715
4716 if (intf->cur_altsetting->desc.bInterfaceNumber != 0)
4717 return 0;
4718
4719 if (--data->suspend_count)
4720 return 0;
4721
4722 /*check_fw_version to check the status of the BT Controller after USB Resume*/
4723 err = check_fw_version(fw_info, true);
4724 if (err != 0) {
4725 RTKBT_INFO("%s: BT Controller Power OFF And Return hci_hardware_error:%d", __func__, err);
4726 hci_hardware_error();
4727 }
4728
4729 if (test_bit(BTUSB_INTR_RUNNING, &data->flags)) {
4730 err = btusb_submit_intr_urb(hdev, GFP_NOIO);
4731 if (err < 0) {
4732 clear_bit(BTUSB_INTR_RUNNING, &data->flags);
4733 goto failed;
4734 }
4735 }
4736
4737 if (test_bit(BTUSB_BULK_RUNNING, &data->flags)) {
4738 err = btusb_submit_bulk_urb(hdev, GFP_NOIO);
4739 if (err < 0) {
4740 clear_bit(BTUSB_BULK_RUNNING, &data->flags);
4741 goto failed;
4742 }
4743
4744 btusb_submit_bulk_urb(hdev, GFP_NOIO);
4745 }
4746
4747 if (test_bit(BTUSB_ISOC_RUNNING, &data->flags)) {
4748 if (btusb_submit_isoc_urb(hdev, GFP_NOIO) < 0)
4749 clear_bit(BTUSB_ISOC_RUNNING, &data->flags);
4750 else
4751 btusb_submit_isoc_urb(hdev, GFP_NOIO);
4752 }
4753
4754 spin_lock_irq(&data->txlock);
4755 play_deferred(data);
4756 clear_bit(BTUSB_SUSPENDING, &data->flags);
4757 spin_unlock_irq(&data->txlock);
4758 schedule_work(&data->work);
4759
4760 return 0;
4761
4762 failed:
4763 mdelay(URB_CANCELING_DELAY_MS);
4764 usb_scuttle_anchored_urbs(&data->deferred);
4765 spin_lock_irq(&data->txlock);
4766 clear_bit(BTUSB_SUSPENDING, &data->flags);
4767 spin_unlock_irq(&data->txlock);
4768
4769 return err;
4770 }
4771 #endif
4772
4773 static struct usb_driver btusb_driver = {
4774 .name = "rtk_btusb",
4775 .probe = btusb_probe,
4776 .disconnect = btusb_disconnect,
4777 #ifdef CONFIG_PM
4778 .suspend = btusb_suspend,
4779 .resume = btusb_resume,
4780 #endif
4781 #if CONFIG_RESET_RESUME
4782 .reset_resume = btusb_resume,
4783 #endif
4784 .id_table = btusb_table,
4785 .supports_autosuspend = 1,
4786 #if LINUX_VERSION_CODE > KERNEL_VERSION(3, 7, 1)
4787 .disable_hub_initiated_lpm = 1,
4788 #endif
4789 };
4790
btusb_init(void)4791 static int __init btusb_init(void)
4792 {
4793 int err;
4794
4795 RTKBT_INFO("RTKBT_RELEASE_NAME: %s", RTKBT_RELEASE_NAME);
4796 RTKBT_INFO("Realtek Bluetooth USB driver module init, version %s", VERSION);
4797 driver_state = 0;
4798 #if CONFIG_BLUEDROID
4799 err = btchr_init();
4800 if (err < 0) {
4801 /* usb register will go on, even bt char register failed */
4802 RTKBT_ERR("Failed to register usb char device interfaces");
4803 } else
4804 set_driver_state_value(DRIVER_ON);
4805 #endif
4806 err = usb_register(&btusb_driver);
4807 if (err < 0)
4808 RTKBT_ERR("Failed to register RTK bluetooth USB driver");
4809 return err;
4810 }
4811
btusb_exit(void)4812 static void __exit btusb_exit(void)
4813 {
4814 struct hci_dev *hdev;
4815 RTKBT_INFO("Realtek Bluetooth USB driver module exit");
4816 #if CONFIG_BLUEDROID
4817 clear_driver_state(DRIVER_ON);
4818 hdev = hci_dev_get(0);
4819 while (hdev && atomic_read(&hdev->promisc)) {
4820 RTKBT_ERR("%s: rtkbt driver is being removed, but application is still running!", __func__);
4821 RTKBT_ERR("%s: wait bt application to stop, or the driver can't be removed", __func__);
4822 mdelay(100);
4823 }
4824 btchr_exit();
4825 #endif
4826 usb_deregister(&btusb_driver);
4827 }
4828
4829 module_init(btusb_init);
4830 module_exit(btusb_exit);
4831
4832
4833 module_param(mp_drv_mode, int, 0644);
4834 MODULE_PARM_DESC(mp_drv_mode, "0: NORMAL; 1: MP MODE");
4835
4836
4837 MODULE_AUTHOR("Realtek Corporation");
4838 MODULE_DESCRIPTION("Realtek Bluetooth USB driver version");
4839 MODULE_VERSION(VERSION);
4840 MODULE_LICENSE("GPL");
4841