1/* 2 * 3 * Bluetooth HCI UART driver 4 * 5 * Copyright (C) 2002-2003 Fabrizio Gennari <fabrizio.gennari@philips.com> 6 * Copyright (C) 2004-2005 Marcel Holtmann <marcel@holtmann.org> 7 * 8 * 9 * This program is free software; you can redistribute it and/or modify 10 * it under the terms of the GNU General Public License as published by 11 * the Free Software Foundation; either version 2 of the License, or 12 * (at your option) any later version. 13 * 14 * This program is distributed in the hope that it will be useful, 15 * but WITHOUT ANY WARRANTY; without even the implied warranty of 16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17 * GNU General Public License for more details. 18 * 19 * You should have received a copy of the GNU General Public License 20 * along with this program; if not, write to the Free Software 21 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 22 * 23 */ 24 25#include <linux/module.h> 26 27#include <linux/kernel.h> 28#include <linux/init.h> 29#include <linux/types.h> 30#include <linux/fcntl.h> 31#include <linux/interrupt.h> 32#include <linux/ptrace.h> 33#include <linux/poll.h> 34 35#include <linux/slab.h> 36#include <linux/tty.h> 37#include <linux/errno.h> 38#include <linux/string.h> 39#include <linux/signal.h> 40#include <linux/ioctl.h> 41#include <linux/skbuff.h> 42#include <linux/bitrev.h> 43#include <asm/unaligned.h> 44 45#include <net/bluetooth/bluetooth.h> 46#include <net/bluetooth/hci_core.h> 47 48#include "hci_uart.h" 49 50static bool txcrc = true; 51static bool hciextn = true; 52 53#define BCSP_TXWINSIZE 4 54 55#define BCSP_ACK_PKT 0x05 56#define BCSP_LE_PKT 0x06 57 58struct bcsp_struct { 59 struct sk_buff_head unack; /* Unack'ed packets queue */ 60 struct sk_buff_head rel; /* Reliable packets queue */ 61 struct sk_buff_head unrel; /* Unreliable packets queue */ 62 63 unsigned long rx_count; 64 struct sk_buff *rx_skb; 65 u8 rxseq_txack; /* rxseq == txack. */ 66 u8 rxack; /* Last packet sent by us that the peer ack'ed */ 67 struct timer_list tbcsp; 68 69 enum { 70 BCSP_W4_PKT_DELIMITER, 71 BCSP_W4_PKT_START, 72 BCSP_W4_BCSP_HDR, 73 BCSP_W4_DATA, 74 BCSP_W4_CRC 75 } rx_state; 76 77 enum { 78 BCSP_ESCSTATE_NOESC, 79 BCSP_ESCSTATE_ESC 80 } rx_esc_state; 81 82 u8 use_crc; 83 u16 message_crc; 84 u8 txack_req; /* Do we need to send ack's to the peer? */ 85 86 /* Reliable packet sequence number - used to assign seq to each rel pkt. */ 87 u8 msgq_txseq; 88}; 89 90/* ---- BCSP CRC calculation ---- */ 91 92/* Table for calculating CRC for polynomial 0x1021, LSB processed first, 93initial value 0xffff, bits shifted in reverse order. */ 94 95static const u16 crc_table[] = { 96 0x0000, 0x1081, 0x2102, 0x3183, 97 0x4204, 0x5285, 0x6306, 0x7387, 98 0x8408, 0x9489, 0xa50a, 0xb58b, 99 0xc60c, 0xd68d, 0xe70e, 0xf78f 100}; 101 102/* Initialise the crc calculator */ 103#define BCSP_CRC_INIT(x) x = 0xffff 104 105/* 106 Update crc with next data byte 107 108 Implementation note 109 The data byte is treated as two nibbles. The crc is generated 110 in reverse, i.e., bits are fed into the register from the top. 111*/ 112static void bcsp_crc_update(u16 *crc, u8 d) 113{ 114 u16 reg = *crc; 115 116 reg = (reg >> 4) ^ crc_table[(reg ^ d) & 0x000f]; 117 reg = (reg >> 4) ^ crc_table[(reg ^ (d >> 4)) & 0x000f]; 118 119 *crc = reg; 120} 121 122/* ---- BCSP core ---- */ 123 124static void bcsp_slip_msgdelim(struct sk_buff *skb) 125{ 126 const char pkt_delim = 0xc0; 127 128 memcpy(skb_put(skb, 1), &pkt_delim, 1); 129} 130 131static void bcsp_slip_one_byte(struct sk_buff *skb, u8 c) 132{ 133 const char esc_c0[2] = { 0xdb, 0xdc }; 134 const char esc_db[2] = { 0xdb, 0xdd }; 135 136 switch (c) { 137 case 0xc0: 138 memcpy(skb_put(skb, 2), &esc_c0, 2); 139 break; 140 case 0xdb: 141 memcpy(skb_put(skb, 2), &esc_db, 2); 142 break; 143 default: 144 memcpy(skb_put(skb, 1), &c, 1); 145 } 146} 147 148static int bcsp_enqueue(struct hci_uart *hu, struct sk_buff *skb) 149{ 150 struct bcsp_struct *bcsp = hu->priv; 151 152 if (skb->len > 0xFFF) { 153 BT_ERR("Packet too long"); 154 kfree_skb(skb); 155 return 0; 156 } 157 158 switch (bt_cb(skb)->pkt_type) { 159 case HCI_ACLDATA_PKT: 160 case HCI_COMMAND_PKT: 161 skb_queue_tail(&bcsp->rel, skb); 162 break; 163 164 case HCI_SCODATA_PKT: 165 skb_queue_tail(&bcsp->unrel, skb); 166 break; 167 168 default: 169 BT_ERR("Unknown packet type"); 170 kfree_skb(skb); 171 break; 172 } 173 174 return 0; 175} 176 177static struct sk_buff *bcsp_prepare_pkt(struct bcsp_struct *bcsp, u8 *data, 178 int len, int pkt_type) 179{ 180 struct sk_buff *nskb; 181 u8 hdr[4], chan; 182 u16 BCSP_CRC_INIT(bcsp_txmsg_crc); 183 int rel, i; 184 185 switch (pkt_type) { 186 case HCI_ACLDATA_PKT: 187 chan = 6; /* BCSP ACL channel */ 188 rel = 1; /* reliable channel */ 189 break; 190 case HCI_COMMAND_PKT: 191 chan = 5; /* BCSP cmd/evt channel */ 192 rel = 1; /* reliable channel */ 193 break; 194 case HCI_SCODATA_PKT: 195 chan = 7; /* BCSP SCO channel */ 196 rel = 0; /* unreliable channel */ 197 break; 198 case BCSP_LE_PKT: 199 chan = 1; /* BCSP LE channel */ 200 rel = 0; /* unreliable channel */ 201 break; 202 case BCSP_ACK_PKT: 203 chan = 0; /* BCSP internal channel */ 204 rel = 0; /* unreliable channel */ 205 break; 206 default: 207 BT_ERR("Unknown packet type"); 208 return NULL; 209 } 210 211 if (hciextn && chan == 5) { 212 __le16 opcode = ((struct hci_command_hdr *)data)->opcode; 213 214 /* Vendor specific commands */ 215 if (hci_opcode_ogf(__le16_to_cpu(opcode)) == 0x3f) { 216 u8 desc = *(data + HCI_COMMAND_HDR_SIZE); 217 if ((desc & 0xf0) == 0xc0) { 218 data += HCI_COMMAND_HDR_SIZE + 1; 219 len -= HCI_COMMAND_HDR_SIZE + 1; 220 chan = desc & 0x0f; 221 } 222 } 223 } 224 225 /* Max len of packet: (original len +4(bcsp hdr) +2(crc))*2 226 (because bytes 0xc0 and 0xdb are escaped, worst case is 227 when the packet is all made of 0xc0 and 0xdb :) ) 228 + 2 (0xc0 delimiters at start and end). */ 229 230 nskb = alloc_skb((len + 6) * 2 + 2, GFP_ATOMIC); 231 if (!nskb) 232 return NULL; 233 234 bt_cb(nskb)->pkt_type = pkt_type; 235 236 bcsp_slip_msgdelim(nskb); 237 238 hdr[0] = bcsp->rxseq_txack << 3; 239 bcsp->txack_req = 0; 240 BT_DBG("We request packet no %u to card", bcsp->rxseq_txack); 241 242 if (rel) { 243 hdr[0] |= 0x80 + bcsp->msgq_txseq; 244 BT_DBG("Sending packet with seqno %u", bcsp->msgq_txseq); 245 bcsp->msgq_txseq = (bcsp->msgq_txseq + 1) & 0x07; 246 } 247 248 if (bcsp->use_crc) 249 hdr[0] |= 0x40; 250 251 hdr[1] = ((len << 4) & 0xff) | chan; 252 hdr[2] = len >> 4; 253 hdr[3] = ~(hdr[0] + hdr[1] + hdr[2]); 254 255 /* Put BCSP header */ 256 for (i = 0; i < 4; i++) { 257 bcsp_slip_one_byte(nskb, hdr[i]); 258 259 if (bcsp->use_crc) 260 bcsp_crc_update(&bcsp_txmsg_crc, hdr[i]); 261 } 262 263 /* Put payload */ 264 for (i = 0; i < len; i++) { 265 bcsp_slip_one_byte(nskb, data[i]); 266 267 if (bcsp->use_crc) 268 bcsp_crc_update(&bcsp_txmsg_crc, data[i]); 269 } 270 271 /* Put CRC */ 272 if (bcsp->use_crc) { 273 bcsp_txmsg_crc = bitrev16(bcsp_txmsg_crc); 274 bcsp_slip_one_byte(nskb, (u8) ((bcsp_txmsg_crc >> 8) & 0x00ff)); 275 bcsp_slip_one_byte(nskb, (u8) (bcsp_txmsg_crc & 0x00ff)); 276 } 277 278 bcsp_slip_msgdelim(nskb); 279 return nskb; 280} 281 282/* This is a rewrite of pkt_avail in ABCSP */ 283static struct sk_buff *bcsp_dequeue(struct hci_uart *hu) 284{ 285 struct bcsp_struct *bcsp = hu->priv; 286 unsigned long flags; 287 struct sk_buff *skb; 288 289 /* First of all, check for unreliable messages in the queue, 290 since they have priority */ 291 292 skb = skb_dequeue(&bcsp->unrel); 293 if (skb != NULL) { 294 struct sk_buff *nskb = bcsp_prepare_pkt(bcsp, skb->data, skb->len, bt_cb(skb)->pkt_type); 295 if (nskb) { 296 kfree_skb(skb); 297 return nskb; 298 } else { 299 skb_queue_head(&bcsp->unrel, skb); 300 BT_ERR("Could not dequeue pkt because alloc_skb failed"); 301 } 302 } 303 304 /* Now, try to send a reliable pkt. We can only send a 305 reliable packet if the number of packets sent but not yet ack'ed 306 is < than the winsize */ 307 308 spin_lock_irqsave_nested(&bcsp->unack.lock, flags, SINGLE_DEPTH_NESTING); 309 310 if (bcsp->unack.qlen < BCSP_TXWINSIZE) { 311 skb = skb_dequeue(&bcsp->rel); 312 if (skb != NULL) { 313 struct sk_buff *nskb = bcsp_prepare_pkt(bcsp, skb->data, skb->len, 314 bt_cb(skb)->pkt_type); 315 if (nskb) { 316 __skb_queue_tail(&bcsp->unack, skb); 317 mod_timer(&bcsp->tbcsp, jiffies + HZ / 4); 318 spin_unlock_irqrestore(&bcsp->unack.lock, flags); 319 return nskb; 320 } else { 321 skb_queue_head(&bcsp->rel, skb); 322 BT_ERR("Could not dequeue pkt because alloc_skb failed"); 323 } 324 } 325 } 326 327 spin_unlock_irqrestore(&bcsp->unack.lock, flags); 328 329 /* We could not send a reliable packet, either because there are 330 none or because there are too many unack'ed pkts. Did we receive 331 any packets we have not acknowledged yet ? */ 332 333 if (bcsp->txack_req) { 334 /* if so, craft an empty ACK pkt and send it on BCSP unreliable 335 channel 0 */ 336 struct sk_buff *nskb = bcsp_prepare_pkt(bcsp, NULL, 0, BCSP_ACK_PKT); 337 return nskb; 338 } 339 340 /* We have nothing to send */ 341 return NULL; 342} 343 344static int bcsp_flush(struct hci_uart *hu) 345{ 346 BT_DBG("hu %p", hu); 347 return 0; 348} 349 350/* Remove ack'ed packets */ 351static void bcsp_pkt_cull(struct bcsp_struct *bcsp) 352{ 353 struct sk_buff *skb, *tmp; 354 unsigned long flags; 355 int i, pkts_to_be_removed; 356 u8 seqno; 357 358 spin_lock_irqsave(&bcsp->unack.lock, flags); 359 360 pkts_to_be_removed = skb_queue_len(&bcsp->unack); 361 seqno = bcsp->msgq_txseq; 362 363 while (pkts_to_be_removed) { 364 if (bcsp->rxack == seqno) 365 break; 366 pkts_to_be_removed--; 367 seqno = (seqno - 1) & 0x07; 368 } 369 370 if (bcsp->rxack != seqno) 371 BT_ERR("Peer acked invalid packet"); 372 373 BT_DBG("Removing %u pkts out of %u, up to seqno %u", 374 pkts_to_be_removed, skb_queue_len(&bcsp->unack), 375 (seqno - 1) & 0x07); 376 377 i = 0; 378 skb_queue_walk_safe(&bcsp->unack, skb, tmp) { 379 if (i >= pkts_to_be_removed) 380 break; 381 i++; 382 383 __skb_unlink(skb, &bcsp->unack); 384 kfree_skb(skb); 385 } 386 387 if (skb_queue_empty(&bcsp->unack)) 388 del_timer(&bcsp->tbcsp); 389 390 spin_unlock_irqrestore(&bcsp->unack.lock, flags); 391 392 if (i != pkts_to_be_removed) 393 BT_ERR("Removed only %u out of %u pkts", i, pkts_to_be_removed); 394} 395 396/* Handle BCSP link-establishment packets. When we 397 detect a "sync" packet, symptom that the BT module has reset, 398 we do nothing :) (yet) */ 399static void bcsp_handle_le_pkt(struct hci_uart *hu) 400{ 401 struct bcsp_struct *bcsp = hu->priv; 402 u8 conf_pkt[4] = { 0xad, 0xef, 0xac, 0xed }; 403 u8 conf_rsp_pkt[4] = { 0xde, 0xad, 0xd0, 0xd0 }; 404 u8 sync_pkt[4] = { 0xda, 0xdc, 0xed, 0xed }; 405 406 /* spot "conf" pkts and reply with a "conf rsp" pkt */ 407 if (bcsp->rx_skb->data[1] >> 4 == 4 && bcsp->rx_skb->data[2] == 0 && 408 !memcmp(&bcsp->rx_skb->data[4], conf_pkt, 4)) { 409 struct sk_buff *nskb = alloc_skb(4, GFP_ATOMIC); 410 411 BT_DBG("Found a LE conf pkt"); 412 if (!nskb) 413 return; 414 memcpy(skb_put(nskb, 4), conf_rsp_pkt, 4); 415 bt_cb(nskb)->pkt_type = BCSP_LE_PKT; 416 417 skb_queue_head(&bcsp->unrel, nskb); 418 hci_uart_tx_wakeup(hu); 419 } 420 /* Spot "sync" pkts. If we find one...disaster! */ 421 else if (bcsp->rx_skb->data[1] >> 4 == 4 && bcsp->rx_skb->data[2] == 0 && 422 !memcmp(&bcsp->rx_skb->data[4], sync_pkt, 4)) { 423 BT_ERR("Found a LE sync pkt, card has reset"); 424 } 425} 426 427static inline void bcsp_unslip_one_byte(struct bcsp_struct *bcsp, unsigned char byte) 428{ 429 const u8 c0 = 0xc0, db = 0xdb; 430 431 switch (bcsp->rx_esc_state) { 432 case BCSP_ESCSTATE_NOESC: 433 switch (byte) { 434 case 0xdb: 435 bcsp->rx_esc_state = BCSP_ESCSTATE_ESC; 436 break; 437 default: 438 memcpy(skb_put(bcsp->rx_skb, 1), &byte, 1); 439 if ((bcsp->rx_skb->data[0] & 0x40) != 0 && 440 bcsp->rx_state != BCSP_W4_CRC) 441 bcsp_crc_update(&bcsp->message_crc, byte); 442 bcsp->rx_count--; 443 } 444 break; 445 446 case BCSP_ESCSTATE_ESC: 447 switch (byte) { 448 case 0xdc: 449 memcpy(skb_put(bcsp->rx_skb, 1), &c0, 1); 450 if ((bcsp->rx_skb->data[0] & 0x40) != 0 && 451 bcsp->rx_state != BCSP_W4_CRC) 452 bcsp_crc_update(&bcsp->message_crc, 0xc0); 453 bcsp->rx_esc_state = BCSP_ESCSTATE_NOESC; 454 bcsp->rx_count--; 455 break; 456 457 case 0xdd: 458 memcpy(skb_put(bcsp->rx_skb, 1), &db, 1); 459 if ((bcsp->rx_skb->data[0] & 0x40) != 0 && 460 bcsp->rx_state != BCSP_W4_CRC) 461 bcsp_crc_update(&bcsp->message_crc, 0xdb); 462 bcsp->rx_esc_state = BCSP_ESCSTATE_NOESC; 463 bcsp->rx_count--; 464 break; 465 466 default: 467 BT_ERR("Invalid byte %02x after esc byte", byte); 468 kfree_skb(bcsp->rx_skb); 469 bcsp->rx_skb = NULL; 470 bcsp->rx_state = BCSP_W4_PKT_DELIMITER; 471 bcsp->rx_count = 0; 472 } 473 } 474} 475 476static void bcsp_complete_rx_pkt(struct hci_uart *hu) 477{ 478 struct bcsp_struct *bcsp = hu->priv; 479 int pass_up; 480 481 if (bcsp->rx_skb->data[0] & 0x80) { /* reliable pkt */ 482 BT_DBG("Received seqno %u from card", bcsp->rxseq_txack); 483 bcsp->rxseq_txack++; 484 bcsp->rxseq_txack %= 0x8; 485 bcsp->txack_req = 1; 486 487 /* If needed, transmit an ack pkt */ 488 hci_uart_tx_wakeup(hu); 489 } 490 491 bcsp->rxack = (bcsp->rx_skb->data[0] >> 3) & 0x07; 492 BT_DBG("Request for pkt %u from card", bcsp->rxack); 493 494 bcsp_pkt_cull(bcsp); 495 if ((bcsp->rx_skb->data[1] & 0x0f) == 6 && 496 bcsp->rx_skb->data[0] & 0x80) { 497 bt_cb(bcsp->rx_skb)->pkt_type = HCI_ACLDATA_PKT; 498 pass_up = 1; 499 } else if ((bcsp->rx_skb->data[1] & 0x0f) == 5 && 500 bcsp->rx_skb->data[0] & 0x80) { 501 bt_cb(bcsp->rx_skb)->pkt_type = HCI_EVENT_PKT; 502 pass_up = 1; 503 } else if ((bcsp->rx_skb->data[1] & 0x0f) == 7) { 504 bt_cb(bcsp->rx_skb)->pkt_type = HCI_SCODATA_PKT; 505 pass_up = 1; 506 } else if ((bcsp->rx_skb->data[1] & 0x0f) == 1 && 507 !(bcsp->rx_skb->data[0] & 0x80)) { 508 bcsp_handle_le_pkt(hu); 509 pass_up = 0; 510 } else 511 pass_up = 0; 512 513 if (!pass_up) { 514 struct hci_event_hdr hdr; 515 u8 desc = (bcsp->rx_skb->data[1] & 0x0f); 516 517 if (desc != 0 && desc != 1) { 518 if (hciextn) { 519 desc |= 0xc0; 520 skb_pull(bcsp->rx_skb, 4); 521 memcpy(skb_push(bcsp->rx_skb, 1), &desc, 1); 522 523 hdr.evt = 0xff; 524 hdr.plen = bcsp->rx_skb->len; 525 memcpy(skb_push(bcsp->rx_skb, HCI_EVENT_HDR_SIZE), &hdr, HCI_EVENT_HDR_SIZE); 526 bt_cb(bcsp->rx_skb)->pkt_type = HCI_EVENT_PKT; 527 528 hci_recv_frame(hu->hdev, bcsp->rx_skb); 529 } else { 530 BT_ERR("Packet for unknown channel (%u %s)", 531 bcsp->rx_skb->data[1] & 0x0f, 532 bcsp->rx_skb->data[0] & 0x80 ? 533 "reliable" : "unreliable"); 534 kfree_skb(bcsp->rx_skb); 535 } 536 } else 537 kfree_skb(bcsp->rx_skb); 538 } else { 539 /* Pull out BCSP hdr */ 540 skb_pull(bcsp->rx_skb, 4); 541 542 hci_recv_frame(hu->hdev, bcsp->rx_skb); 543 } 544 545 bcsp->rx_state = BCSP_W4_PKT_DELIMITER; 546 bcsp->rx_skb = NULL; 547} 548 549static u16 bscp_get_crc(struct bcsp_struct *bcsp) 550{ 551 return get_unaligned_be16(&bcsp->rx_skb->data[bcsp->rx_skb->len - 2]); 552} 553 554/* Recv data */ 555static int bcsp_recv(struct hci_uart *hu, const void *data, int count) 556{ 557 struct bcsp_struct *bcsp = hu->priv; 558 const unsigned char *ptr; 559 560 BT_DBG("hu %p count %d rx_state %d rx_count %ld", 561 hu, count, bcsp->rx_state, bcsp->rx_count); 562 563 ptr = data; 564 while (count) { 565 if (bcsp->rx_count) { 566 if (*ptr == 0xc0) { 567 BT_ERR("Short BCSP packet"); 568 kfree_skb(bcsp->rx_skb); 569 bcsp->rx_state = BCSP_W4_PKT_START; 570 bcsp->rx_count = 0; 571 } else 572 bcsp_unslip_one_byte(bcsp, *ptr); 573 574 ptr++; count--; 575 continue; 576 } 577 578 switch (bcsp->rx_state) { 579 case BCSP_W4_BCSP_HDR: 580 if ((0xff & (u8) ~ (bcsp->rx_skb->data[0] + bcsp->rx_skb->data[1] + 581 bcsp->rx_skb->data[2])) != bcsp->rx_skb->data[3]) { 582 BT_ERR("Error in BCSP hdr checksum"); 583 kfree_skb(bcsp->rx_skb); 584 bcsp->rx_state = BCSP_W4_PKT_DELIMITER; 585 bcsp->rx_count = 0; 586 continue; 587 } 588 if (bcsp->rx_skb->data[0] & 0x80 /* reliable pkt */ 589 && (bcsp->rx_skb->data[0] & 0x07) != bcsp->rxseq_txack) { 590 BT_ERR("Out-of-order packet arrived, got %u expected %u", 591 bcsp->rx_skb->data[0] & 0x07, bcsp->rxseq_txack); 592 593 kfree_skb(bcsp->rx_skb); 594 bcsp->rx_state = BCSP_W4_PKT_DELIMITER; 595 bcsp->rx_count = 0; 596 continue; 597 } 598 bcsp->rx_state = BCSP_W4_DATA; 599 bcsp->rx_count = (bcsp->rx_skb->data[1] >> 4) + 600 (bcsp->rx_skb->data[2] << 4); /* May be 0 */ 601 continue; 602 603 case BCSP_W4_DATA: 604 if (bcsp->rx_skb->data[0] & 0x40) { /* pkt with crc */ 605 bcsp->rx_state = BCSP_W4_CRC; 606 bcsp->rx_count = 2; 607 } else 608 bcsp_complete_rx_pkt(hu); 609 continue; 610 611 case BCSP_W4_CRC: 612 if (bitrev16(bcsp->message_crc) != bscp_get_crc(bcsp)) { 613 BT_ERR ("Checksum failed: computed %04x received %04x", 614 bitrev16(bcsp->message_crc), 615 bscp_get_crc(bcsp)); 616 617 kfree_skb(bcsp->rx_skb); 618 bcsp->rx_state = BCSP_W4_PKT_DELIMITER; 619 bcsp->rx_count = 0; 620 continue; 621 } 622 skb_trim(bcsp->rx_skb, bcsp->rx_skb->len - 2); 623 bcsp_complete_rx_pkt(hu); 624 continue; 625 626 case BCSP_W4_PKT_DELIMITER: 627 switch (*ptr) { 628 case 0xc0: 629 bcsp->rx_state = BCSP_W4_PKT_START; 630 break; 631 default: 632 /*BT_ERR("Ignoring byte %02x", *ptr);*/ 633 break; 634 } 635 ptr++; count--; 636 break; 637 638 case BCSP_W4_PKT_START: 639 switch (*ptr) { 640 case 0xc0: 641 ptr++; count--; 642 break; 643 644 default: 645 bcsp->rx_state = BCSP_W4_BCSP_HDR; 646 bcsp->rx_count = 4; 647 bcsp->rx_esc_state = BCSP_ESCSTATE_NOESC; 648 BCSP_CRC_INIT(bcsp->message_crc); 649 650 /* Do not increment ptr or decrement count 651 * Allocate packet. Max len of a BCSP pkt= 652 * 0xFFF (payload) +4 (header) +2 (crc) */ 653 654 bcsp->rx_skb = bt_skb_alloc(0x1005, GFP_ATOMIC); 655 if (!bcsp->rx_skb) { 656 BT_ERR("Can't allocate mem for new packet"); 657 bcsp->rx_state = BCSP_W4_PKT_DELIMITER; 658 bcsp->rx_count = 0; 659 return 0; 660 } 661 break; 662 } 663 break; 664 } 665 } 666 return count; 667} 668 669 /* Arrange to retransmit all messages in the relq. */ 670static void bcsp_timed_event(unsigned long arg) 671{ 672 struct hci_uart *hu = (struct hci_uart *) arg; 673 struct bcsp_struct *bcsp = hu->priv; 674 struct sk_buff *skb; 675 unsigned long flags; 676 677 BT_DBG("hu %p retransmitting %u pkts", hu, bcsp->unack.qlen); 678 679 spin_lock_irqsave_nested(&bcsp->unack.lock, flags, SINGLE_DEPTH_NESTING); 680 681 while ((skb = __skb_dequeue_tail(&bcsp->unack)) != NULL) { 682 bcsp->msgq_txseq = (bcsp->msgq_txseq - 1) & 0x07; 683 skb_queue_head(&bcsp->rel, skb); 684 } 685 686 spin_unlock_irqrestore(&bcsp->unack.lock, flags); 687 688 hci_uart_tx_wakeup(hu); 689} 690 691static int bcsp_open(struct hci_uart *hu) 692{ 693 struct bcsp_struct *bcsp; 694 695 BT_DBG("hu %p", hu); 696 697 bcsp = kzalloc(sizeof(*bcsp), GFP_KERNEL); 698 if (!bcsp) 699 return -ENOMEM; 700 701 hu->priv = bcsp; 702 skb_queue_head_init(&bcsp->unack); 703 skb_queue_head_init(&bcsp->rel); 704 skb_queue_head_init(&bcsp->unrel); 705 706 init_timer(&bcsp->tbcsp); 707 bcsp->tbcsp.function = bcsp_timed_event; 708 bcsp->tbcsp.data = (u_long) hu; 709 710 bcsp->rx_state = BCSP_W4_PKT_DELIMITER; 711 712 if (txcrc) 713 bcsp->use_crc = 1; 714 715 return 0; 716} 717 718static int bcsp_close(struct hci_uart *hu) 719{ 720 struct bcsp_struct *bcsp = hu->priv; 721 722 del_timer_sync(&bcsp->tbcsp); 723 724 hu->priv = NULL; 725 726 BT_DBG("hu %p", hu); 727 728 skb_queue_purge(&bcsp->unack); 729 skb_queue_purge(&bcsp->rel); 730 skb_queue_purge(&bcsp->unrel); 731 732 kfree(bcsp); 733 return 0; 734} 735 736static const struct hci_uart_proto bcsp = { 737 .id = HCI_UART_BCSP, 738 .name = "BCSP", 739 .open = bcsp_open, 740 .close = bcsp_close, 741 .enqueue = bcsp_enqueue, 742 .dequeue = bcsp_dequeue, 743 .recv = bcsp_recv, 744 .flush = bcsp_flush 745}; 746 747int __init bcsp_init(void) 748{ 749 return hci_uart_register_proto(&bcsp); 750} 751 752int __exit bcsp_deinit(void) 753{ 754 return hci_uart_unregister_proto(&bcsp); 755} 756 757module_param(txcrc, bool, 0644); 758MODULE_PARM_DESC(txcrc, "Transmit CRC with every BCSP packet"); 759 760module_param(hciextn, bool, 0644); 761MODULE_PARM_DESC(hciextn, "Convert HCI Extensions into BCSP packets"); 762