1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3  * HID driver for Nintendo Wii / Wii U peripherals
4  * Copyright (c) 2011-2013 David Herrmann <dh.herrmann@gmail.com>
5  */
6 
7 /*
8  */
9 
10 #include <linux/completion.h>
11 #include <linux/device.h>
12 #include <linux/hid.h>
13 #include <linux/input.h>
14 #include <linux/module.h>
15 #include <linux/mutex.h>
16 #include <linux/spinlock.h>
17 #include "hid-ids.h"
18 #include "hid-wiimote.h"
19 
20 /* output queue handling */
21 
wiimote_hid_send(struct hid_device * hdev,__u8 * buffer,size_t count)22 static int wiimote_hid_send(struct hid_device *hdev, __u8 *buffer,
23 			    size_t count)
24 {
25 	__u8 *buf;
26 	int ret;
27 
28 	if (!hdev->ll_driver->output_report)
29 		return -ENODEV;
30 
31 	buf = kmemdup(buffer, count, GFP_KERNEL);
32 	if (!buf)
33 		return -ENOMEM;
34 
35 	ret = hid_hw_output_report(hdev, buf, count);
36 
37 	kfree(buf);
38 	return ret;
39 }
40 
wiimote_queue_worker(struct work_struct * work)41 static void wiimote_queue_worker(struct work_struct *work)
42 {
43 	struct wiimote_queue *queue = container_of(work, struct wiimote_queue,
44 						   worker);
45 	struct wiimote_data *wdata = container_of(queue, struct wiimote_data,
46 						  queue);
47 	unsigned long flags;
48 	int ret;
49 
50 	spin_lock_irqsave(&wdata->queue.lock, flags);
51 
52 	while (wdata->queue.head != wdata->queue.tail) {
53 		spin_unlock_irqrestore(&wdata->queue.lock, flags);
54 		ret = wiimote_hid_send(wdata->hdev,
55 				 wdata->queue.outq[wdata->queue.tail].data,
56 				 wdata->queue.outq[wdata->queue.tail].size);
57 		if (ret < 0) {
58 			spin_lock_irqsave(&wdata->state.lock, flags);
59 			wiimote_cmd_abort(wdata);
60 			spin_unlock_irqrestore(&wdata->state.lock, flags);
61 		}
62 		spin_lock_irqsave(&wdata->queue.lock, flags);
63 
64 		wdata->queue.tail = (wdata->queue.tail + 1) % WIIMOTE_BUFSIZE;
65 	}
66 
67 	spin_unlock_irqrestore(&wdata->queue.lock, flags);
68 }
69 
wiimote_queue(struct wiimote_data * wdata,const __u8 * buffer,size_t count)70 static void wiimote_queue(struct wiimote_data *wdata, const __u8 *buffer,
71 								size_t count)
72 {
73 	unsigned long flags;
74 	__u8 newhead;
75 
76 	if (count > HID_MAX_BUFFER_SIZE) {
77 		hid_warn(wdata->hdev, "Sending too large output report\n");
78 
79 		spin_lock_irqsave(&wdata->queue.lock, flags);
80 		goto out_error;
81 	}
82 
83 	/*
84 	 * Copy new request into our output queue and check whether the
85 	 * queue is full. If it is full, discard this request.
86 	 * If it is empty we need to start a new worker that will
87 	 * send out the buffer to the hid device.
88 	 * If the queue is not empty, then there must be a worker
89 	 * that is currently sending out our buffer and this worker
90 	 * will reschedule itself until the queue is empty.
91 	 */
92 
93 	spin_lock_irqsave(&wdata->queue.lock, flags);
94 
95 	memcpy(wdata->queue.outq[wdata->queue.head].data, buffer, count);
96 	wdata->queue.outq[wdata->queue.head].size = count;
97 	newhead = (wdata->queue.head + 1) % WIIMOTE_BUFSIZE;
98 
99 	if (wdata->queue.head == wdata->queue.tail) {
100 		wdata->queue.head = newhead;
101 		schedule_work(&wdata->queue.worker);
102 	} else if (newhead != wdata->queue.tail) {
103 		wdata->queue.head = newhead;
104 	} else {
105 		hid_warn(wdata->hdev, "Output queue is full");
106 		goto out_error;
107 	}
108 
109 	goto out_unlock;
110 
111 out_error:
112 	wiimote_cmd_abort(wdata);
113 out_unlock:
114 	spin_unlock_irqrestore(&wdata->queue.lock, flags);
115 }
116 
117 /*
118  * This sets the rumble bit on the given output report if rumble is
119  * currently enabled.
120  * \cmd1 must point to the second byte in the output report => &cmd[1]
121  * This must be called on nearly every output report before passing it
122  * into the output queue!
123  */
wiiproto_keep_rumble(struct wiimote_data * wdata,__u8 * cmd1)124 static inline void wiiproto_keep_rumble(struct wiimote_data *wdata, __u8 *cmd1)
125 {
126 	if (wdata->state.flags & WIIPROTO_FLAG_RUMBLE)
127 		*cmd1 |= 0x01;
128 }
129 
wiiproto_req_rumble(struct wiimote_data * wdata,__u8 rumble)130 void wiiproto_req_rumble(struct wiimote_data *wdata, __u8 rumble)
131 {
132 	__u8 cmd[2];
133 
134 	rumble = !!rumble;
135 	if (rumble == !!(wdata->state.flags & WIIPROTO_FLAG_RUMBLE))
136 		return;
137 
138 	if (rumble)
139 		wdata->state.flags |= WIIPROTO_FLAG_RUMBLE;
140 	else
141 		wdata->state.flags &= ~WIIPROTO_FLAG_RUMBLE;
142 
143 	cmd[0] = WIIPROTO_REQ_RUMBLE;
144 	cmd[1] = 0;
145 
146 	wiiproto_keep_rumble(wdata, &cmd[1]);
147 	wiimote_queue(wdata, cmd, sizeof(cmd));
148 }
149 
wiiproto_req_leds(struct wiimote_data * wdata,int leds)150 void wiiproto_req_leds(struct wiimote_data *wdata, int leds)
151 {
152 	__u8 cmd[2];
153 
154 	leds &= WIIPROTO_FLAGS_LEDS;
155 	if ((wdata->state.flags & WIIPROTO_FLAGS_LEDS) == leds)
156 		return;
157 	wdata->state.flags = (wdata->state.flags & ~WIIPROTO_FLAGS_LEDS) | leds;
158 
159 	cmd[0] = WIIPROTO_REQ_LED;
160 	cmd[1] = 0;
161 
162 	if (leds & WIIPROTO_FLAG_LED1)
163 		cmd[1] |= 0x10;
164 	if (leds & WIIPROTO_FLAG_LED2)
165 		cmd[1] |= 0x20;
166 	if (leds & WIIPROTO_FLAG_LED3)
167 		cmd[1] |= 0x40;
168 	if (leds & WIIPROTO_FLAG_LED4)
169 		cmd[1] |= 0x80;
170 
171 	wiiproto_keep_rumble(wdata, &cmd[1]);
172 	wiimote_queue(wdata, cmd, sizeof(cmd));
173 }
174 
175 /*
176  * Check what peripherals of the wiimote are currently
177  * active and select a proper DRM that supports all of
178  * the requested data inputs.
179  *
180  * Not all combinations are actually supported. The following
181  * combinations work only with limitations:
182  *  - IR cam in extended or full mode disables any data transmission
183  *    of extension controllers. There is no DRM mode that supports
184  *    extension bytes plus extended/full IR.
185  *  - IR cam with accelerometer and extension *_EXT8 is not supported.
186  *    However, all extensions that need *_EXT8 are devices that don't
187  *    support IR cameras. Hence, this shouldn't happen under normal
188  *    operation.
189  *  - *_EXT16 is only supported in combination with buttons and
190  *    accelerometer. No IR or similar can be active simultaneously. As
191  *    above, all modules that require it are mutually exclusive with
192  *    IR/etc. so this doesn't matter.
193  */
select_drm(struct wiimote_data * wdata)194 static __u8 select_drm(struct wiimote_data *wdata)
195 {
196 	__u8 ir = wdata->state.flags & WIIPROTO_FLAGS_IR;
197 	bool ext;
198 
199 	ext = (wdata->state.flags & WIIPROTO_FLAG_EXT_USED) ||
200 	      (wdata->state.flags & WIIPROTO_FLAG_MP_USED);
201 
202 	/* some 3rd-party balance-boards are hard-coded to KEE, *sigh* */
203 	if (wdata->state.devtype == WIIMOTE_DEV_BALANCE_BOARD) {
204 		if (ext)
205 			return WIIPROTO_REQ_DRM_KEE;
206 		else
207 			return WIIPROTO_REQ_DRM_K;
208 	}
209 
210 	if (ir == WIIPROTO_FLAG_IR_BASIC) {
211 		if (wdata->state.flags & WIIPROTO_FLAG_ACCEL) {
212 			/* GEN10 and ealier devices bind IR formats to DRMs.
213 			 * Hence, we cannot use DRM_KAI here as it might be
214 			 * bound to IR_EXT. Use DRM_KAIE unconditionally so we
215 			 * work with all devices and our parsers can use the
216 			 * fixed formats, too. */
217 			return WIIPROTO_REQ_DRM_KAIE;
218 		} else {
219 			return WIIPROTO_REQ_DRM_KIE;
220 		}
221 	} else if (ir == WIIPROTO_FLAG_IR_EXT) {
222 		return WIIPROTO_REQ_DRM_KAI;
223 	} else if (ir == WIIPROTO_FLAG_IR_FULL) {
224 		return WIIPROTO_REQ_DRM_SKAI1;
225 	} else {
226 		if (wdata->state.flags & WIIPROTO_FLAG_ACCEL) {
227 			if (ext)
228 				return WIIPROTO_REQ_DRM_KAE;
229 			else
230 				return WIIPROTO_REQ_DRM_KA;
231 		} else {
232 			if (ext)
233 				return WIIPROTO_REQ_DRM_KEE;
234 			else
235 				return WIIPROTO_REQ_DRM_K;
236 		}
237 	}
238 }
239 
wiiproto_req_drm(struct wiimote_data * wdata,__u8 drm)240 void wiiproto_req_drm(struct wiimote_data *wdata, __u8 drm)
241 {
242 	__u8 cmd[3];
243 
244 	if (wdata->state.flags & WIIPROTO_FLAG_DRM_LOCKED)
245 		drm = wdata->state.drm;
246 	else if (drm == WIIPROTO_REQ_NULL)
247 		drm = select_drm(wdata);
248 
249 	cmd[0] = WIIPROTO_REQ_DRM;
250 	cmd[1] = 0;
251 	cmd[2] = drm;
252 
253 	wdata->state.drm = drm;
254 	wiiproto_keep_rumble(wdata, &cmd[1]);
255 	wiimote_queue(wdata, cmd, sizeof(cmd));
256 }
257 
wiiproto_req_status(struct wiimote_data * wdata)258 void wiiproto_req_status(struct wiimote_data *wdata)
259 {
260 	__u8 cmd[2];
261 
262 	cmd[0] = WIIPROTO_REQ_SREQ;
263 	cmd[1] = 0;
264 
265 	wiiproto_keep_rumble(wdata, &cmd[1]);
266 	wiimote_queue(wdata, cmd, sizeof(cmd));
267 }
268 
wiiproto_req_accel(struct wiimote_data * wdata,__u8 accel)269 void wiiproto_req_accel(struct wiimote_data *wdata, __u8 accel)
270 {
271 	accel = !!accel;
272 	if (accel == !!(wdata->state.flags & WIIPROTO_FLAG_ACCEL))
273 		return;
274 
275 	if (accel)
276 		wdata->state.flags |= WIIPROTO_FLAG_ACCEL;
277 	else
278 		wdata->state.flags &= ~WIIPROTO_FLAG_ACCEL;
279 
280 	wiiproto_req_drm(wdata, WIIPROTO_REQ_NULL);
281 }
282 
wiiproto_req_ir1(struct wiimote_data * wdata,__u8 flags)283 void wiiproto_req_ir1(struct wiimote_data *wdata, __u8 flags)
284 {
285 	__u8 cmd[2];
286 
287 	cmd[0] = WIIPROTO_REQ_IR1;
288 	cmd[1] = flags;
289 
290 	wiiproto_keep_rumble(wdata, &cmd[1]);
291 	wiimote_queue(wdata, cmd, sizeof(cmd));
292 }
293 
wiiproto_req_ir2(struct wiimote_data * wdata,__u8 flags)294 void wiiproto_req_ir2(struct wiimote_data *wdata, __u8 flags)
295 {
296 	__u8 cmd[2];
297 
298 	cmd[0] = WIIPROTO_REQ_IR2;
299 	cmd[1] = flags;
300 
301 	wiiproto_keep_rumble(wdata, &cmd[1]);
302 	wiimote_queue(wdata, cmd, sizeof(cmd));
303 }
304 
305 #define wiiproto_req_wreg(wdata, os, buf, sz) \
306 			wiiproto_req_wmem((wdata), false, (os), (buf), (sz))
307 
308 #define wiiproto_req_weeprom(wdata, os, buf, sz) \
309 			wiiproto_req_wmem((wdata), true, (os), (buf), (sz))
310 
wiiproto_req_wmem(struct wiimote_data * wdata,bool eeprom,__u32 offset,const __u8 * buf,__u8 size)311 static void wiiproto_req_wmem(struct wiimote_data *wdata, bool eeprom,
312 				__u32 offset, const __u8 *buf, __u8 size)
313 {
314 	__u8 cmd[22];
315 
316 	if (size > 16 || size == 0) {
317 		hid_warn(wdata->hdev, "Invalid length %d wmem request\n", size);
318 		return;
319 	}
320 
321 	memset(cmd, 0, sizeof(cmd));
322 	cmd[0] = WIIPROTO_REQ_WMEM;
323 	cmd[2] = (offset >> 16) & 0xff;
324 	cmd[3] = (offset >> 8) & 0xff;
325 	cmd[4] = offset & 0xff;
326 	cmd[5] = size;
327 	memcpy(&cmd[6], buf, size);
328 
329 	if (!eeprom)
330 		cmd[1] |= 0x04;
331 
332 	wiiproto_keep_rumble(wdata, &cmd[1]);
333 	wiimote_queue(wdata, cmd, sizeof(cmd));
334 }
335 
wiiproto_req_rmem(struct wiimote_data * wdata,bool eeprom,__u32 offset,__u16 size)336 void wiiproto_req_rmem(struct wiimote_data *wdata, bool eeprom, __u32 offset,
337 								__u16 size)
338 {
339 	__u8 cmd[7];
340 
341 	if (size == 0) {
342 		hid_warn(wdata->hdev, "Invalid length %d rmem request\n", size);
343 		return;
344 	}
345 
346 	cmd[0] = WIIPROTO_REQ_RMEM;
347 	cmd[1] = 0;
348 	cmd[2] = (offset >> 16) & 0xff;
349 	cmd[3] = (offset >> 8) & 0xff;
350 	cmd[4] = offset & 0xff;
351 	cmd[5] = (size >> 8) & 0xff;
352 	cmd[6] = size & 0xff;
353 
354 	if (!eeprom)
355 		cmd[1] |= 0x04;
356 
357 	wiiproto_keep_rumble(wdata, &cmd[1]);
358 	wiimote_queue(wdata, cmd, sizeof(cmd));
359 }
360 
361 /* requries the cmd-mutex to be held */
wiimote_cmd_write(struct wiimote_data * wdata,__u32 offset,const __u8 * wmem,__u8 size)362 int wiimote_cmd_write(struct wiimote_data *wdata, __u32 offset,
363 						const __u8 *wmem, __u8 size)
364 {
365 	unsigned long flags;
366 	int ret;
367 
368 	spin_lock_irqsave(&wdata->state.lock, flags);
369 	wiimote_cmd_set(wdata, WIIPROTO_REQ_WMEM, 0);
370 	wiiproto_req_wreg(wdata, offset, wmem, size);
371 	spin_unlock_irqrestore(&wdata->state.lock, flags);
372 
373 	ret = wiimote_cmd_wait(wdata);
374 	if (!ret && wdata->state.cmd_err)
375 		ret = -EIO;
376 
377 	return ret;
378 }
379 
380 /* requries the cmd-mutex to be held */
wiimote_cmd_read(struct wiimote_data * wdata,__u32 offset,__u8 * rmem,__u8 size)381 ssize_t wiimote_cmd_read(struct wiimote_data *wdata, __u32 offset, __u8 *rmem,
382 								__u8 size)
383 {
384 	unsigned long flags;
385 	ssize_t ret;
386 
387 	spin_lock_irqsave(&wdata->state.lock, flags);
388 	wdata->state.cmd_read_size = size;
389 	wdata->state.cmd_read_buf = rmem;
390 	wiimote_cmd_set(wdata, WIIPROTO_REQ_RMEM, offset & 0xffff);
391 	wiiproto_req_rreg(wdata, offset, size);
392 	spin_unlock_irqrestore(&wdata->state.lock, flags);
393 
394 	ret = wiimote_cmd_wait(wdata);
395 
396 	spin_lock_irqsave(&wdata->state.lock, flags);
397 	wdata->state.cmd_read_buf = NULL;
398 	spin_unlock_irqrestore(&wdata->state.lock, flags);
399 
400 	if (!ret) {
401 		if (wdata->state.cmd_read_size == 0)
402 			ret = -EIO;
403 		else
404 			ret = wdata->state.cmd_read_size;
405 	}
406 
407 	return ret;
408 }
409 
410 /* requires the cmd-mutex to be held */
wiimote_cmd_init_ext(struct wiimote_data * wdata)411 static int wiimote_cmd_init_ext(struct wiimote_data *wdata)
412 {
413 	__u8 wmem;
414 	int ret;
415 
416 	/* initialize extension */
417 	wmem = 0x55;
418 	ret = wiimote_cmd_write(wdata, 0xa400f0, &wmem, sizeof(wmem));
419 	if (ret)
420 		return ret;
421 
422 	/* disable default encryption */
423 	wmem = 0x0;
424 	ret = wiimote_cmd_write(wdata, 0xa400fb, &wmem, sizeof(wmem));
425 	if (ret)
426 		return ret;
427 
428 	return 0;
429 }
430 
431 /* requires the cmd-mutex to be held */
wiimote_cmd_read_ext(struct wiimote_data * wdata,__u8 * rmem)432 static __u8 wiimote_cmd_read_ext(struct wiimote_data *wdata, __u8 *rmem)
433 {
434 	int ret;
435 
436 	/* read extension ID */
437 	ret = wiimote_cmd_read(wdata, 0xa400fa, rmem, 6);
438 	if (ret != 6)
439 		return WIIMOTE_EXT_NONE;
440 
441 	hid_dbg(wdata->hdev, "extension ID: %6phC\n", rmem);
442 
443 	if (rmem[0] == 0xff && rmem[1] == 0xff && rmem[2] == 0xff &&
444 	    rmem[3] == 0xff && rmem[4] == 0xff && rmem[5] == 0xff)
445 		return WIIMOTE_EXT_NONE;
446 
447 	if (rmem[4] == 0x00 && rmem[5] == 0x00)
448 		return WIIMOTE_EXT_NUNCHUK;
449 	if (rmem[4] == 0x01 && rmem[5] == 0x01)
450 		return WIIMOTE_EXT_CLASSIC_CONTROLLER;
451 	if (rmem[4] == 0x04 && rmem[5] == 0x02)
452 		return WIIMOTE_EXT_BALANCE_BOARD;
453 	if (rmem[4] == 0x01 && rmem[5] == 0x20)
454 		return WIIMOTE_EXT_PRO_CONTROLLER;
455 	if (rmem[0] == 0x01 && rmem[1] == 0x00 &&
456 	    rmem[4] == 0x01 && rmem[5] == 0x03)
457 		return WIIMOTE_EXT_DRUMS;
458 	if (rmem[0] == 0x00 && rmem[1] == 0x00 &&
459 	    rmem[4] == 0x01 && rmem[5] == 0x03)
460 		return WIIMOTE_EXT_GUITAR;
461 	if (rmem[0] == 0x03 && rmem[1] == 0x00 &&
462 	    rmem[4] == 0x01 && rmem[5] == 0x03)
463 		return WIIMOTE_EXT_TURNTABLE;
464 
465 	return WIIMOTE_EXT_UNKNOWN;
466 }
467 
468 /* requires the cmd-mutex to be held */
wiimote_cmd_init_mp(struct wiimote_data * wdata)469 static int wiimote_cmd_init_mp(struct wiimote_data *wdata)
470 {
471 	__u8 wmem;
472 	int ret;
473 
474 	/* initialize MP */
475 	wmem = 0x55;
476 	ret = wiimote_cmd_write(wdata, 0xa600f0, &wmem, sizeof(wmem));
477 	if (ret)
478 		return ret;
479 
480 	/* disable default encryption */
481 	wmem = 0x0;
482 	ret = wiimote_cmd_write(wdata, 0xa600fb, &wmem, sizeof(wmem));
483 	if (ret)
484 		return ret;
485 
486 	return 0;
487 }
488 
489 /* requires the cmd-mutex to be held */
wiimote_cmd_map_mp(struct wiimote_data * wdata,__u8 exttype)490 static bool wiimote_cmd_map_mp(struct wiimote_data *wdata, __u8 exttype)
491 {
492 	__u8 wmem;
493 
494 	/* map MP with correct pass-through mode */
495 	switch (exttype) {
496 	case WIIMOTE_EXT_CLASSIC_CONTROLLER:
497 	case WIIMOTE_EXT_DRUMS:
498 	case WIIMOTE_EXT_GUITAR:
499 		wmem = 0x07;
500 		break;
501 	case WIIMOTE_EXT_TURNTABLE:
502 	case WIIMOTE_EXT_NUNCHUK:
503 		wmem = 0x05;
504 		break;
505 	default:
506 		wmem = 0x04;
507 		break;
508 	}
509 
510 	return wiimote_cmd_write(wdata, 0xa600fe, &wmem, sizeof(wmem));
511 }
512 
513 /* requires the cmd-mutex to be held */
wiimote_cmd_read_mp(struct wiimote_data * wdata,__u8 * rmem)514 static bool wiimote_cmd_read_mp(struct wiimote_data *wdata, __u8 *rmem)
515 {
516 	int ret;
517 
518 	/* read motion plus ID */
519 	ret = wiimote_cmd_read(wdata, 0xa600fa, rmem, 6);
520 	if (ret != 6)
521 		return false;
522 
523 	hid_dbg(wdata->hdev, "motion plus ID: %6phC\n", rmem);
524 
525 	if (rmem[5] == 0x05)
526 		return true;
527 
528 	hid_info(wdata->hdev, "unknown motion plus ID: %6phC\n", rmem);
529 
530 	return false;
531 }
532 
533 /* requires the cmd-mutex to be held */
wiimote_cmd_read_mp_mapped(struct wiimote_data * wdata)534 static __u8 wiimote_cmd_read_mp_mapped(struct wiimote_data *wdata)
535 {
536 	int ret;
537 	__u8 rmem[6];
538 
539 	/* read motion plus ID */
540 	ret = wiimote_cmd_read(wdata, 0xa400fa, rmem, 6);
541 	if (ret != 6)
542 		return WIIMOTE_MP_NONE;
543 
544 	hid_dbg(wdata->hdev, "mapped motion plus ID: %6phC\n", rmem);
545 
546 	if (rmem[0] == 0xff && rmem[1] == 0xff && rmem[2] == 0xff &&
547 	    rmem[3] == 0xff && rmem[4] == 0xff && rmem[5] == 0xff)
548 		return WIIMOTE_MP_NONE;
549 
550 	if (rmem[4] == 0x04 && rmem[5] == 0x05)
551 		return WIIMOTE_MP_SINGLE;
552 	else if (rmem[4] == 0x05 && rmem[5] == 0x05)
553 		return WIIMOTE_MP_PASSTHROUGH_NUNCHUK;
554 	else if (rmem[4] == 0x07 && rmem[5] == 0x05)
555 		return WIIMOTE_MP_PASSTHROUGH_CLASSIC;
556 
557 	return WIIMOTE_MP_UNKNOWN;
558 }
559 
560 /* device module handling */
561 
562 static const __u8 * const wiimote_devtype_mods[WIIMOTE_DEV_NUM] = {
563 	[WIIMOTE_DEV_PENDING] = (const __u8[]){
564 		WIIMOD_NULL,
565 	},
566 	[WIIMOTE_DEV_UNKNOWN] = (const __u8[]){
567 		WIIMOD_NO_MP,
568 		WIIMOD_NULL,
569 	},
570 	[WIIMOTE_DEV_GENERIC] = (const __u8[]){
571 		WIIMOD_KEYS,
572 		WIIMOD_RUMBLE,
573 		WIIMOD_BATTERY,
574 		WIIMOD_LED1,
575 		WIIMOD_LED2,
576 		WIIMOD_LED3,
577 		WIIMOD_LED4,
578 		WIIMOD_ACCEL,
579 		WIIMOD_IR,
580 		WIIMOD_NULL,
581 	},
582 	[WIIMOTE_DEV_GEN10] = (const __u8[]){
583 		WIIMOD_KEYS,
584 		WIIMOD_RUMBLE,
585 		WIIMOD_BATTERY,
586 		WIIMOD_LED1,
587 		WIIMOD_LED2,
588 		WIIMOD_LED3,
589 		WIIMOD_LED4,
590 		WIIMOD_ACCEL,
591 		WIIMOD_IR,
592 		WIIMOD_NULL,
593 	},
594 	[WIIMOTE_DEV_GEN20] = (const __u8[]){
595 		WIIMOD_KEYS,
596 		WIIMOD_RUMBLE,
597 		WIIMOD_BATTERY,
598 		WIIMOD_LED1,
599 		WIIMOD_LED2,
600 		WIIMOD_LED3,
601 		WIIMOD_LED4,
602 		WIIMOD_ACCEL,
603 		WIIMOD_IR,
604 		WIIMOD_BUILTIN_MP,
605 		WIIMOD_NULL,
606 	},
607 	[WIIMOTE_DEV_BALANCE_BOARD] = (const __u8[]) {
608 		WIIMOD_BATTERY,
609 		WIIMOD_LED1,
610 		WIIMOD_NO_MP,
611 		WIIMOD_NULL,
612 	},
613 	[WIIMOTE_DEV_PRO_CONTROLLER] = (const __u8[]) {
614 		WIIMOD_BATTERY,
615 		WIIMOD_LED1,
616 		WIIMOD_LED2,
617 		WIIMOD_LED3,
618 		WIIMOD_LED4,
619 		WIIMOD_NO_MP,
620 		WIIMOD_NULL,
621 	},
622 };
623 
wiimote_modules_load(struct wiimote_data * wdata,unsigned int devtype)624 static void wiimote_modules_load(struct wiimote_data *wdata,
625 				 unsigned int devtype)
626 {
627 	bool need_input = false;
628 	const __u8 *mods, *iter;
629 	const struct wiimod_ops *ops;
630 	int ret;
631 
632 	mods = wiimote_devtype_mods[devtype];
633 
634 	for (iter = mods; *iter != WIIMOD_NULL; ++iter) {
635 		if (wiimod_table[*iter]->flags & WIIMOD_FLAG_INPUT) {
636 			need_input = true;
637 			break;
638 		}
639 	}
640 
641 	if (need_input) {
642 		wdata->input = input_allocate_device();
643 		if (!wdata->input)
644 			return;
645 
646 		input_set_drvdata(wdata->input, wdata);
647 		wdata->input->dev.parent = &wdata->hdev->dev;
648 		wdata->input->id.bustype = wdata->hdev->bus;
649 		wdata->input->id.vendor = wdata->hdev->vendor;
650 		wdata->input->id.product = wdata->hdev->product;
651 		wdata->input->id.version = wdata->hdev->version;
652 		wdata->input->name = WIIMOTE_NAME;
653 	}
654 
655 	for (iter = mods; *iter != WIIMOD_NULL; ++iter) {
656 		ops = wiimod_table[*iter];
657 		if (!ops->probe)
658 			continue;
659 
660 		ret = ops->probe(ops, wdata);
661 		if (ret)
662 			goto error;
663 	}
664 
665 	if (wdata->input) {
666 		ret = input_register_device(wdata->input);
667 		if (ret)
668 			goto error;
669 	}
670 
671 	spin_lock_irq(&wdata->state.lock);
672 	wdata->state.devtype = devtype;
673 	spin_unlock_irq(&wdata->state.lock);
674 	return;
675 
676 error:
677 	for ( ; iter-- != mods; ) {
678 		ops = wiimod_table[*iter];
679 		if (ops->remove)
680 			ops->remove(ops, wdata);
681 	}
682 
683 	if (wdata->input) {
684 		input_free_device(wdata->input);
685 		wdata->input = NULL;
686 	}
687 }
688 
wiimote_modules_unload(struct wiimote_data * wdata)689 static void wiimote_modules_unload(struct wiimote_data *wdata)
690 {
691 	const __u8 *mods, *iter;
692 	const struct wiimod_ops *ops;
693 	unsigned long flags;
694 
695 	mods = wiimote_devtype_mods[wdata->state.devtype];
696 
697 	spin_lock_irqsave(&wdata->state.lock, flags);
698 	wdata->state.devtype = WIIMOTE_DEV_UNKNOWN;
699 	spin_unlock_irqrestore(&wdata->state.lock, flags);
700 
701 	/* find end of list */
702 	for (iter = mods; *iter != WIIMOD_NULL; ++iter)
703 		/* empty */ ;
704 
705 	if (wdata->input) {
706 		input_get_device(wdata->input);
707 		input_unregister_device(wdata->input);
708 	}
709 
710 	for ( ; iter-- != mods; ) {
711 		ops = wiimod_table[*iter];
712 		if (ops->remove)
713 			ops->remove(ops, wdata);
714 	}
715 
716 	if (wdata->input) {
717 		input_put_device(wdata->input);
718 		wdata->input = NULL;
719 	}
720 }
721 
722 /* device extension handling */
723 
wiimote_ext_load(struct wiimote_data * wdata,unsigned int ext)724 static void wiimote_ext_load(struct wiimote_data *wdata, unsigned int ext)
725 {
726 	unsigned long flags;
727 	const struct wiimod_ops *ops;
728 	int ret;
729 
730 	ops = wiimod_ext_table[ext];
731 
732 	if (ops->probe) {
733 		ret = ops->probe(ops, wdata);
734 		if (ret)
735 			ext = WIIMOTE_EXT_UNKNOWN;
736 	}
737 
738 	spin_lock_irqsave(&wdata->state.lock, flags);
739 	wdata->state.exttype = ext;
740 	spin_unlock_irqrestore(&wdata->state.lock, flags);
741 }
742 
wiimote_ext_unload(struct wiimote_data * wdata)743 static void wiimote_ext_unload(struct wiimote_data *wdata)
744 {
745 	unsigned long flags;
746 	const struct wiimod_ops *ops;
747 
748 	ops = wiimod_ext_table[wdata->state.exttype];
749 
750 	spin_lock_irqsave(&wdata->state.lock, flags);
751 	wdata->state.exttype = WIIMOTE_EXT_UNKNOWN;
752 	wdata->state.flags &= ~WIIPROTO_FLAG_EXT_USED;
753 	spin_unlock_irqrestore(&wdata->state.lock, flags);
754 
755 	if (ops->remove)
756 		ops->remove(ops, wdata);
757 }
758 
wiimote_mp_load(struct wiimote_data * wdata)759 static void wiimote_mp_load(struct wiimote_data *wdata)
760 {
761 	unsigned long flags;
762 	const struct wiimod_ops *ops;
763 	int ret;
764 	__u8 mode = 2;
765 
766 	ops = &wiimod_mp;
767 	if (ops->probe) {
768 		ret = ops->probe(ops, wdata);
769 		if (ret)
770 			mode = 1;
771 	}
772 
773 	spin_lock_irqsave(&wdata->state.lock, flags);
774 	wdata->state.mp = mode;
775 	spin_unlock_irqrestore(&wdata->state.lock, flags);
776 }
777 
wiimote_mp_unload(struct wiimote_data * wdata)778 static void wiimote_mp_unload(struct wiimote_data *wdata)
779 {
780 	unsigned long flags;
781 	const struct wiimod_ops *ops;
782 
783 	if (wdata->state.mp < 2)
784 		return;
785 
786 	ops = &wiimod_mp;
787 
788 	spin_lock_irqsave(&wdata->state.lock, flags);
789 	wdata->state.mp = 0;
790 	wdata->state.flags &= ~WIIPROTO_FLAG_MP_USED;
791 	spin_unlock_irqrestore(&wdata->state.lock, flags);
792 
793 	if (ops->remove)
794 		ops->remove(ops, wdata);
795 }
796 
797 /* device (re-)initialization and detection */
798 
799 static const char *wiimote_devtype_names[WIIMOTE_DEV_NUM] = {
800 	[WIIMOTE_DEV_PENDING] = "Pending",
801 	[WIIMOTE_DEV_UNKNOWN] = "Unknown",
802 	[WIIMOTE_DEV_GENERIC] = "Generic",
803 	[WIIMOTE_DEV_GEN10] = "Nintendo Wii Remote (Gen 1)",
804 	[WIIMOTE_DEV_GEN20] = "Nintendo Wii Remote Plus (Gen 2)",
805 	[WIIMOTE_DEV_BALANCE_BOARD] = "Nintendo Wii Balance Board",
806 	[WIIMOTE_DEV_PRO_CONTROLLER] = "Nintendo Wii U Pro Controller",
807 };
808 
809 /* Try to guess the device type based on all collected information. We
810  * first try to detect by static extension types, then VID/PID and the
811  * device name. If we cannot detect the device, we use
812  * WIIMOTE_DEV_GENERIC so all modules will get probed on the device. */
wiimote_init_set_type(struct wiimote_data * wdata,__u8 exttype)813 static void wiimote_init_set_type(struct wiimote_data *wdata,
814 				  __u8 exttype)
815 {
816 	__u8 devtype = WIIMOTE_DEV_GENERIC;
817 	__u16 vendor, product;
818 	const char *name;
819 
820 	vendor = wdata->hdev->vendor;
821 	product = wdata->hdev->product;
822 	name = wdata->hdev->name;
823 
824 	if (exttype == WIIMOTE_EXT_BALANCE_BOARD) {
825 		devtype = WIIMOTE_DEV_BALANCE_BOARD;
826 		goto done;
827 	} else if (exttype == WIIMOTE_EXT_PRO_CONTROLLER) {
828 		devtype = WIIMOTE_DEV_PRO_CONTROLLER;
829 		goto done;
830 	}
831 
832 	if (!strcmp(name, "Nintendo RVL-CNT-01")) {
833 		devtype = WIIMOTE_DEV_GEN10;
834 		goto done;
835 	} else if (!strcmp(name, "Nintendo RVL-CNT-01-TR")) {
836 		devtype = WIIMOTE_DEV_GEN20;
837 		goto done;
838 	} else if (!strcmp(name, "Nintendo RVL-WBC-01")) {
839 		devtype = WIIMOTE_DEV_BALANCE_BOARD;
840 		goto done;
841 	} else if (!strcmp(name, "Nintendo RVL-CNT-01-UC")) {
842 		devtype = WIIMOTE_DEV_PRO_CONTROLLER;
843 		goto done;
844 	}
845 
846 	if (vendor == USB_VENDOR_ID_NINTENDO) {
847 		if (product == USB_DEVICE_ID_NINTENDO_WIIMOTE) {
848 			devtype = WIIMOTE_DEV_GEN10;
849 			goto done;
850 		} else if (product == USB_DEVICE_ID_NINTENDO_WIIMOTE2) {
851 			devtype = WIIMOTE_DEV_GEN20;
852 			goto done;
853 		}
854 	}
855 
856 done:
857 	if (devtype == WIIMOTE_DEV_GENERIC)
858 		hid_info(wdata->hdev, "cannot detect device; NAME: %s VID: %04x PID: %04x EXT: %04x\n",
859 			name, vendor, product, exttype);
860 	else
861 		hid_info(wdata->hdev, "detected device: %s\n",
862 			 wiimote_devtype_names[devtype]);
863 
864 	wiimote_modules_load(wdata, devtype);
865 }
866 
wiimote_init_detect(struct wiimote_data * wdata)867 static void wiimote_init_detect(struct wiimote_data *wdata)
868 {
869 	__u8 exttype = WIIMOTE_EXT_NONE, extdata[6];
870 	bool ext;
871 	int ret;
872 
873 	wiimote_cmd_acquire_noint(wdata);
874 
875 	spin_lock_irq(&wdata->state.lock);
876 	wdata->state.devtype = WIIMOTE_DEV_UNKNOWN;
877 	wiimote_cmd_set(wdata, WIIPROTO_REQ_SREQ, 0);
878 	wiiproto_req_status(wdata);
879 	spin_unlock_irq(&wdata->state.lock);
880 
881 	ret = wiimote_cmd_wait_noint(wdata);
882 	if (ret)
883 		goto out_release;
884 
885 	spin_lock_irq(&wdata->state.lock);
886 	ext = wdata->state.flags & WIIPROTO_FLAG_EXT_PLUGGED;
887 	spin_unlock_irq(&wdata->state.lock);
888 
889 	if (!ext)
890 		goto out_release;
891 
892 	wiimote_cmd_init_ext(wdata);
893 	exttype = wiimote_cmd_read_ext(wdata, extdata);
894 
895 out_release:
896 	wiimote_cmd_release(wdata);
897 	wiimote_init_set_type(wdata, exttype);
898 
899 	/* schedule MP timer */
900 	spin_lock_irq(&wdata->state.lock);
901 	if (!(wdata->state.flags & WIIPROTO_FLAG_BUILTIN_MP) &&
902 	    !(wdata->state.flags & WIIPROTO_FLAG_NO_MP))
903 		mod_timer(&wdata->timer, jiffies + HZ * 4);
904 	spin_unlock_irq(&wdata->state.lock);
905 }
906 
907 /*
908  * MP hotplug events are not generated by the wiimote. Therefore, we need
909  * polling to detect it. We use a 4s interval for polling MP registers. This
910  * seems reasonable considering applications can trigger it manually via
911  * sysfs requests.
912  */
wiimote_init_poll_mp(struct wiimote_data * wdata)913 static void wiimote_init_poll_mp(struct wiimote_data *wdata)
914 {
915 	bool mp;
916 	__u8 mpdata[6];
917 
918 	wiimote_cmd_acquire_noint(wdata);
919 	wiimote_cmd_init_mp(wdata);
920 	mp = wiimote_cmd_read_mp(wdata, mpdata);
921 	wiimote_cmd_release(wdata);
922 
923 	/* load/unload MP module if it changed */
924 	if (mp) {
925 		if (!wdata->state.mp) {
926 			hid_info(wdata->hdev, "detected extension: Nintendo Wii Motion Plus\n");
927 			wiimote_mp_load(wdata);
928 		}
929 	} else if (wdata->state.mp) {
930 		wiimote_mp_unload(wdata);
931 	}
932 
933 	mod_timer(&wdata->timer, jiffies + HZ * 4);
934 }
935 
936 /*
937  * Check whether the wiimote is in the expected state. The extension registers
938  * may change during hotplug and initialization so we might get hotplug events
939  * that we caused by remapping some memory.
940  * We use some heuristics here to check known states. If the wiimote is in the
941  * expected state, we can ignore the hotplug event.
942  *
943  * Returns "true" if the device is in expected state, "false" if we should
944  * redo hotplug handling and extension initialization.
945  */
wiimote_init_check(struct wiimote_data * wdata)946 static bool wiimote_init_check(struct wiimote_data *wdata)
947 {
948 	__u32 flags;
949 	__u8 type, data[6];
950 	bool ret, poll_mp;
951 
952 	spin_lock_irq(&wdata->state.lock);
953 	flags = wdata->state.flags;
954 	spin_unlock_irq(&wdata->state.lock);
955 
956 	wiimote_cmd_acquire_noint(wdata);
957 
958 	/* If MP is used and active, but the extension is not, we expect:
959 	 *   read_mp_mapped() == WIIMOTE_MP_SINGLE
960 	 *   state.flags == !EXT_ACTIVE && !MP_PLUGGED && MP_ACTIVE
961 	 * We do not check EXT_PLUGGED because it might change during
962 	 * initialization of MP without extensions.
963 	 *  - If MP is unplugged/replugged, read_mp_mapped() fails
964 	 *  - If EXT is plugged, MP_PLUGGED will get set */
965 	if (wdata->state.exttype == WIIMOTE_EXT_NONE &&
966 	    wdata->state.mp > 0 && (flags & WIIPROTO_FLAG_MP_USED)) {
967 		type = wiimote_cmd_read_mp_mapped(wdata);
968 		ret = type == WIIMOTE_MP_SINGLE;
969 
970 		spin_lock_irq(&wdata->state.lock);
971 		ret = ret && !(wdata->state.flags & WIIPROTO_FLAG_EXT_ACTIVE);
972 		ret = ret && !(wdata->state.flags & WIIPROTO_FLAG_MP_PLUGGED);
973 		ret = ret && (wdata->state.flags & WIIPROTO_FLAG_MP_ACTIVE);
974 		spin_unlock_irq(&wdata->state.lock);
975 
976 		if (!ret)
977 			hid_dbg(wdata->hdev, "state left: !EXT && MP\n");
978 
979 		/* while MP is mapped, we get EXT_PLUGGED events */
980 		poll_mp = false;
981 
982 		goto out_release;
983 	}
984 
985 	/* If MP is unused, but the extension port is used, we expect:
986 	 *   read_ext == state.exttype
987 	 *   state.flags == !MP_ACTIVE && EXT_ACTIVE
988 	 * - If MP is plugged/unplugged, our timer detects it
989 	 * - If EXT is unplugged/replugged, EXT_ACTIVE will become unset */
990 	if (!(flags & WIIPROTO_FLAG_MP_USED) &&
991 	    wdata->state.exttype != WIIMOTE_EXT_NONE) {
992 		type = wiimote_cmd_read_ext(wdata, data);
993 		ret = type == wdata->state.exttype;
994 
995 		spin_lock_irq(&wdata->state.lock);
996 		ret = ret && !(wdata->state.flags & WIIPROTO_FLAG_MP_ACTIVE);
997 		ret = ret && (wdata->state.flags & WIIPROTO_FLAG_EXT_ACTIVE);
998 		spin_unlock_irq(&wdata->state.lock);
999 
1000 		if (!ret)
1001 			hid_dbg(wdata->hdev, "state left: EXT && !MP\n");
1002 
1003 		/* poll MP for hotplug events */
1004 		poll_mp = true;
1005 
1006 		goto out_release;
1007 	}
1008 
1009 	/* If neither MP nor an extension are used, we expect:
1010 	 *   read_ext() == WIIMOTE_EXT_NONE
1011 	 *   state.flags == !MP_ACTIVE && !EXT_ACTIVE && !EXT_PLUGGED
1012 	 * No need to perform any action in this case as everything is
1013 	 * disabled already.
1014 	 * - If MP is plugged/unplugged, our timer detects it
1015 	 * - If EXT is plugged, EXT_PLUGGED will be set */
1016 	if (!(flags & WIIPROTO_FLAG_MP_USED) &&
1017 	    wdata->state.exttype == WIIMOTE_EXT_NONE) {
1018 		type = wiimote_cmd_read_ext(wdata, data);
1019 		ret = type == wdata->state.exttype;
1020 
1021 		spin_lock_irq(&wdata->state.lock);
1022 		ret = ret && !(wdata->state.flags & WIIPROTO_FLAG_EXT_ACTIVE);
1023 		ret = ret && !(wdata->state.flags & WIIPROTO_FLAG_MP_ACTIVE);
1024 		ret = ret && !(wdata->state.flags & WIIPROTO_FLAG_EXT_PLUGGED);
1025 		spin_unlock_irq(&wdata->state.lock);
1026 
1027 		if (!ret)
1028 			hid_dbg(wdata->hdev, "state left: !EXT && !MP\n");
1029 
1030 		/* poll MP for hotplug events */
1031 		poll_mp = true;
1032 
1033 		goto out_release;
1034 	}
1035 
1036 	/* The trickiest part is if both EXT and MP are active. We cannot read
1037 	 * the EXT ID, anymore, because MP is mapped over it. However, we use
1038 	 * a handy trick here:
1039 	 *   - EXT_ACTIVE is unset whenever !MP_PLUGGED is sent
1040 	 * MP_PLUGGED might be re-sent again before we are scheduled, but
1041 	 * EXT_ACTIVE will stay unset.
1042 	 * So it is enough to check for mp_mapped() and MP_ACTIVE and
1043 	 * EXT_ACTIVE. EXT_PLUGGED is a sanity check. */
1044 	if (wdata->state.exttype != WIIMOTE_EXT_NONE &&
1045 	    wdata->state.mp > 0 && (flags & WIIPROTO_FLAG_MP_USED)) {
1046 		type = wiimote_cmd_read_mp_mapped(wdata);
1047 		ret = type != WIIMOTE_MP_NONE;
1048 		ret = ret && type != WIIMOTE_MP_UNKNOWN;
1049 		ret = ret && type != WIIMOTE_MP_SINGLE;
1050 
1051 		spin_lock_irq(&wdata->state.lock);
1052 		ret = ret && (wdata->state.flags & WIIPROTO_FLAG_EXT_PLUGGED);
1053 		ret = ret && (wdata->state.flags & WIIPROTO_FLAG_EXT_ACTIVE);
1054 		ret = ret && (wdata->state.flags & WIIPROTO_FLAG_MP_ACTIVE);
1055 		spin_unlock_irq(&wdata->state.lock);
1056 
1057 		if (!ret)
1058 			hid_dbg(wdata->hdev, "state left: EXT && MP\n");
1059 
1060 		/* while MP is mapped, we get EXT_PLUGGED events */
1061 		poll_mp = false;
1062 
1063 		goto out_release;
1064 	}
1065 
1066 	/* unknown state */
1067 	ret = false;
1068 
1069 out_release:
1070 	wiimote_cmd_release(wdata);
1071 
1072 	/* only poll for MP if requested and if state didn't change */
1073 	if (ret && poll_mp && !(flags & WIIPROTO_FLAG_BUILTIN_MP) &&
1074 	    !(flags & WIIPROTO_FLAG_NO_MP))
1075 		wiimote_init_poll_mp(wdata);
1076 
1077 	return ret;
1078 }
1079 
1080 static const char *wiimote_exttype_names[WIIMOTE_EXT_NUM] = {
1081 	[WIIMOTE_EXT_NONE] = "None",
1082 	[WIIMOTE_EXT_UNKNOWN] = "Unknown",
1083 	[WIIMOTE_EXT_NUNCHUK] = "Nintendo Wii Nunchuk",
1084 	[WIIMOTE_EXT_CLASSIC_CONTROLLER] = "Nintendo Wii Classic Controller",
1085 	[WIIMOTE_EXT_BALANCE_BOARD] = "Nintendo Wii Balance Board",
1086 	[WIIMOTE_EXT_PRO_CONTROLLER] = "Nintendo Wii U Pro Controller",
1087 	[WIIMOTE_EXT_DRUMS] = "Nintendo Wii Drums",
1088 	[WIIMOTE_EXT_GUITAR] = "Nintendo Wii Guitar",
1089 	[WIIMOTE_EXT_TURNTABLE] = "Nintendo Wii Turntable"
1090 };
1091 
1092 /*
1093  * Handle hotplug events
1094  * If we receive an hotplug event and the device-check failed, we deinitialize
1095  * the extension ports, re-read all extension IDs and set the device into
1096  * the desired state. This involves mapping MP into the main extension
1097  * registers, setting up extension passthrough modes and initializing the
1098  * requested extensions.
1099  */
wiimote_init_hotplug(struct wiimote_data * wdata)1100 static void wiimote_init_hotplug(struct wiimote_data *wdata)
1101 {
1102 	__u8 exttype, extdata[6], mpdata[6];
1103 	__u32 flags;
1104 	bool mp;
1105 
1106 	hid_dbg(wdata->hdev, "detect extensions..\n");
1107 
1108 	wiimote_cmd_acquire_noint(wdata);
1109 
1110 	spin_lock_irq(&wdata->state.lock);
1111 
1112 	/* get state snapshot that we will then work on */
1113 	flags = wdata->state.flags;
1114 
1115 	/* disable event forwarding temporarily */
1116 	wdata->state.flags &= ~WIIPROTO_FLAG_EXT_ACTIVE;
1117 	wdata->state.flags &= ~WIIPROTO_FLAG_MP_ACTIVE;
1118 
1119 	spin_unlock_irq(&wdata->state.lock);
1120 
1121 	/* init extension and MP (deactivates current extension or MP) */
1122 	wiimote_cmd_init_ext(wdata);
1123 	if (flags & WIIPROTO_FLAG_NO_MP) {
1124 		mp = false;
1125 	} else {
1126 		wiimote_cmd_init_mp(wdata);
1127 		mp = wiimote_cmd_read_mp(wdata, mpdata);
1128 	}
1129 	exttype = wiimote_cmd_read_ext(wdata, extdata);
1130 
1131 	wiimote_cmd_release(wdata);
1132 
1133 	/* load/unload extension module if it changed */
1134 	if (exttype != wdata->state.exttype) {
1135 		/* unload previous extension */
1136 		wiimote_ext_unload(wdata);
1137 
1138 		if (exttype == WIIMOTE_EXT_UNKNOWN) {
1139 			hid_info(wdata->hdev, "cannot detect extension; %6phC\n",
1140 				 extdata);
1141 		} else if (exttype == WIIMOTE_EXT_NONE) {
1142 			spin_lock_irq(&wdata->state.lock);
1143 			wdata->state.exttype = WIIMOTE_EXT_NONE;
1144 			spin_unlock_irq(&wdata->state.lock);
1145 		} else {
1146 			hid_info(wdata->hdev, "detected extension: %s\n",
1147 				 wiimote_exttype_names[exttype]);
1148 			/* try loading new extension */
1149 			wiimote_ext_load(wdata, exttype);
1150 		}
1151 	}
1152 
1153 	/* load/unload MP module if it changed */
1154 	if (mp) {
1155 		if (!wdata->state.mp) {
1156 			hid_info(wdata->hdev, "detected extension: Nintendo Wii Motion Plus\n");
1157 			wiimote_mp_load(wdata);
1158 		}
1159 	} else if (wdata->state.mp) {
1160 		wiimote_mp_unload(wdata);
1161 	}
1162 
1163 	/* if MP is not used, do not map or activate it */
1164 	if (!(flags & WIIPROTO_FLAG_MP_USED))
1165 		mp = false;
1166 
1167 	/* map MP into main extension registers if used */
1168 	if (mp) {
1169 		wiimote_cmd_acquire_noint(wdata);
1170 		wiimote_cmd_map_mp(wdata, exttype);
1171 		wiimote_cmd_release(wdata);
1172 
1173 		/* delete MP hotplug timer */
1174 		del_timer_sync(&wdata->timer);
1175 	} else {
1176 		/* reschedule MP hotplug timer */
1177 		if (!(flags & WIIPROTO_FLAG_BUILTIN_MP) &&
1178 		    !(flags & WIIPROTO_FLAG_NO_MP))
1179 			mod_timer(&wdata->timer, jiffies + HZ * 4);
1180 	}
1181 
1182 	spin_lock_irq(&wdata->state.lock);
1183 
1184 	/* enable data forwarding again and set expected hotplug state */
1185 	if (mp) {
1186 		wdata->state.flags |= WIIPROTO_FLAG_MP_ACTIVE;
1187 		if (wdata->state.exttype == WIIMOTE_EXT_NONE) {
1188 			wdata->state.flags &= ~WIIPROTO_FLAG_EXT_PLUGGED;
1189 			wdata->state.flags &= ~WIIPROTO_FLAG_MP_PLUGGED;
1190 		} else {
1191 			wdata->state.flags &= ~WIIPROTO_FLAG_EXT_PLUGGED;
1192 			wdata->state.flags |= WIIPROTO_FLAG_MP_PLUGGED;
1193 			wdata->state.flags |= WIIPROTO_FLAG_EXT_ACTIVE;
1194 		}
1195 	} else if (wdata->state.exttype != WIIMOTE_EXT_NONE) {
1196 		wdata->state.flags |= WIIPROTO_FLAG_EXT_ACTIVE;
1197 	}
1198 
1199 	/* request status report for hotplug state updates */
1200 	wiiproto_req_status(wdata);
1201 
1202 	spin_unlock_irq(&wdata->state.lock);
1203 
1204 	hid_dbg(wdata->hdev, "detected extensions: MP: %d EXT: %d\n",
1205 		wdata->state.mp, wdata->state.exttype);
1206 }
1207 
wiimote_init_worker(struct work_struct * work)1208 static void wiimote_init_worker(struct work_struct *work)
1209 {
1210 	struct wiimote_data *wdata = container_of(work, struct wiimote_data,
1211 						  init_worker);
1212 	bool changed = false;
1213 
1214 	if (wdata->state.devtype == WIIMOTE_DEV_PENDING) {
1215 		wiimote_init_detect(wdata);
1216 		changed = true;
1217 	}
1218 
1219 	if (changed || !wiimote_init_check(wdata))
1220 		wiimote_init_hotplug(wdata);
1221 
1222 	if (changed)
1223 		kobject_uevent(&wdata->hdev->dev.kobj, KOBJ_CHANGE);
1224 }
1225 
__wiimote_schedule(struct wiimote_data * wdata)1226 void __wiimote_schedule(struct wiimote_data *wdata)
1227 {
1228 	if (!(wdata->state.flags & WIIPROTO_FLAG_EXITING))
1229 		schedule_work(&wdata->init_worker);
1230 }
1231 
wiimote_schedule(struct wiimote_data * wdata)1232 static void wiimote_schedule(struct wiimote_data *wdata)
1233 {
1234 	unsigned long flags;
1235 
1236 	spin_lock_irqsave(&wdata->state.lock, flags);
1237 	__wiimote_schedule(wdata);
1238 	spin_unlock_irqrestore(&wdata->state.lock, flags);
1239 }
1240 
wiimote_init_timeout(struct timer_list * t)1241 static void wiimote_init_timeout(struct timer_list *t)
1242 {
1243 	struct wiimote_data *wdata = from_timer(wdata, t, timer);
1244 
1245 	wiimote_schedule(wdata);
1246 }
1247 
1248 /* protocol handlers */
1249 
handler_keys(struct wiimote_data * wdata,const __u8 * payload)1250 static void handler_keys(struct wiimote_data *wdata, const __u8 *payload)
1251 {
1252 	const __u8 *iter, *mods;
1253 	const struct wiimod_ops *ops;
1254 
1255 	ops = wiimod_ext_table[wdata->state.exttype];
1256 	if (ops->in_keys) {
1257 		ops->in_keys(wdata, payload);
1258 		return;
1259 	}
1260 
1261 	mods = wiimote_devtype_mods[wdata->state.devtype];
1262 	for (iter = mods; *iter != WIIMOD_NULL; ++iter) {
1263 		ops = wiimod_table[*iter];
1264 		if (ops->in_keys) {
1265 			ops->in_keys(wdata, payload);
1266 			break;
1267 		}
1268 	}
1269 }
1270 
handler_accel(struct wiimote_data * wdata,const __u8 * payload)1271 static void handler_accel(struct wiimote_data *wdata, const __u8 *payload)
1272 {
1273 	const __u8 *iter, *mods;
1274 	const struct wiimod_ops *ops;
1275 
1276 	ops = wiimod_ext_table[wdata->state.exttype];
1277 	if (ops->in_accel) {
1278 		ops->in_accel(wdata, payload);
1279 		return;
1280 	}
1281 
1282 	mods = wiimote_devtype_mods[wdata->state.devtype];
1283 	for (iter = mods; *iter != WIIMOD_NULL; ++iter) {
1284 		ops = wiimod_table[*iter];
1285 		if (ops->in_accel) {
1286 			ops->in_accel(wdata, payload);
1287 			break;
1288 		}
1289 	}
1290 }
1291 
valid_ext_handler(const struct wiimod_ops * ops,size_t len)1292 static bool valid_ext_handler(const struct wiimod_ops *ops, size_t len)
1293 {
1294 	if (!ops->in_ext)
1295 		return false;
1296 	if ((ops->flags & WIIMOD_FLAG_EXT8) && len < 8)
1297 		return false;
1298 	if ((ops->flags & WIIMOD_FLAG_EXT16) && len < 16)
1299 		return false;
1300 
1301 	return true;
1302 }
1303 
handler_ext(struct wiimote_data * wdata,const __u8 * payload,size_t len)1304 static void handler_ext(struct wiimote_data *wdata, const __u8 *payload,
1305 			size_t len)
1306 {
1307 	static const __u8 invalid[21] = { 0xff, 0xff, 0xff, 0xff,
1308 					  0xff, 0xff, 0xff, 0xff,
1309 					  0xff, 0xff, 0xff, 0xff,
1310 					  0xff, 0xff, 0xff, 0xff,
1311 					  0xff, 0xff, 0xff, 0xff,
1312 					  0xff };
1313 	const __u8 *iter, *mods;
1314 	const struct wiimod_ops *ops;
1315 	bool is_mp;
1316 
1317 	if (len > 21)
1318 		len = 21;
1319 	if (len < 6 || !memcmp(payload, invalid, len))
1320 		return;
1321 
1322 	/* if MP is active, track MP slot hotplugging */
1323 	if (wdata->state.flags & WIIPROTO_FLAG_MP_ACTIVE) {
1324 		/* this bit is set for invalid events (eg. during hotplug) */
1325 		if (payload[5] & 0x01)
1326 			return;
1327 
1328 		if (payload[4] & 0x01) {
1329 			if (!(wdata->state.flags & WIIPROTO_FLAG_MP_PLUGGED)) {
1330 				hid_dbg(wdata->hdev, "MP hotplug: 1\n");
1331 				wdata->state.flags |= WIIPROTO_FLAG_MP_PLUGGED;
1332 				__wiimote_schedule(wdata);
1333 			}
1334 		} else {
1335 			if (wdata->state.flags & WIIPROTO_FLAG_MP_PLUGGED) {
1336 				hid_dbg(wdata->hdev, "MP hotplug: 0\n");
1337 				wdata->state.flags &= ~WIIPROTO_FLAG_MP_PLUGGED;
1338 				wdata->state.flags &= ~WIIPROTO_FLAG_EXT_ACTIVE;
1339 				__wiimote_schedule(wdata);
1340 			}
1341 		}
1342 
1343 		/* detect MP data that is sent interleaved with EXT data */
1344 		is_mp = payload[5] & 0x02;
1345 	} else {
1346 		is_mp = false;
1347 	}
1348 
1349 	/* ignore EXT events if no extension is active */
1350 	if (!(wdata->state.flags & WIIPROTO_FLAG_EXT_ACTIVE) && !is_mp)
1351 		return;
1352 
1353 	/* try forwarding to extension handler, first */
1354 	ops = wiimod_ext_table[wdata->state.exttype];
1355 	if (is_mp && ops->in_mp) {
1356 		ops->in_mp(wdata, payload);
1357 		return;
1358 	} else if (!is_mp && valid_ext_handler(ops, len)) {
1359 		ops->in_ext(wdata, payload);
1360 		return;
1361 	}
1362 
1363 	/* try forwarding to MP handler */
1364 	ops = &wiimod_mp;
1365 	if (is_mp && ops->in_mp) {
1366 		ops->in_mp(wdata, payload);
1367 		return;
1368 	} else if (!is_mp && valid_ext_handler(ops, len)) {
1369 		ops->in_ext(wdata, payload);
1370 		return;
1371 	}
1372 
1373 	/* try forwarding to loaded modules */
1374 	mods = wiimote_devtype_mods[wdata->state.devtype];
1375 	for (iter = mods; *iter != WIIMOD_NULL; ++iter) {
1376 		ops = wiimod_table[*iter];
1377 		if (is_mp && ops->in_mp) {
1378 			ops->in_mp(wdata, payload);
1379 			return;
1380 		} else if (!is_mp && valid_ext_handler(ops, len)) {
1381 			ops->in_ext(wdata, payload);
1382 			return;
1383 		}
1384 	}
1385 }
1386 
1387 #define ir_to_input0(wdata, ir, packed) handler_ir((wdata), (ir), (packed), 0)
1388 #define ir_to_input1(wdata, ir, packed) handler_ir((wdata), (ir), (packed), 1)
1389 #define ir_to_input2(wdata, ir, packed) handler_ir((wdata), (ir), (packed), 2)
1390 #define ir_to_input3(wdata, ir, packed) handler_ir((wdata), (ir), (packed), 3)
1391 
handler_ir(struct wiimote_data * wdata,const __u8 * payload,bool packed,unsigned int id)1392 static void handler_ir(struct wiimote_data *wdata, const __u8 *payload,
1393 		       bool packed, unsigned int id)
1394 {
1395 	const __u8 *iter, *mods;
1396 	const struct wiimod_ops *ops;
1397 
1398 	ops = wiimod_ext_table[wdata->state.exttype];
1399 	if (ops->in_ir) {
1400 		ops->in_ir(wdata, payload, packed, id);
1401 		return;
1402 	}
1403 
1404 	mods = wiimote_devtype_mods[wdata->state.devtype];
1405 	for (iter = mods; *iter != WIIMOD_NULL; ++iter) {
1406 		ops = wiimod_table[*iter];
1407 		if (ops->in_ir) {
1408 			ops->in_ir(wdata, payload, packed, id);
1409 			break;
1410 		}
1411 	}
1412 }
1413 
1414 /* reduced status report with "BB BB" key data only */
handler_status_K(struct wiimote_data * wdata,const __u8 * payload)1415 static void handler_status_K(struct wiimote_data *wdata,
1416 			     const __u8 *payload)
1417 {
1418 	handler_keys(wdata, payload);
1419 
1420 	/* on status reports the drm is reset so we need to resend the drm */
1421 	wiiproto_req_drm(wdata, WIIPROTO_REQ_NULL);
1422 }
1423 
1424 /* extended status report with "BB BB LF 00 00 VV" data */
handler_status(struct wiimote_data * wdata,const __u8 * payload)1425 static void handler_status(struct wiimote_data *wdata, const __u8 *payload)
1426 {
1427 	handler_status_K(wdata, payload);
1428 
1429 	/* update extension status */
1430 	if (payload[2] & 0x02) {
1431 		if (!(wdata->state.flags & WIIPROTO_FLAG_EXT_PLUGGED)) {
1432 			hid_dbg(wdata->hdev, "EXT hotplug: 1\n");
1433 			wdata->state.flags |= WIIPROTO_FLAG_EXT_PLUGGED;
1434 			__wiimote_schedule(wdata);
1435 		}
1436 	} else {
1437 		if (wdata->state.flags & WIIPROTO_FLAG_EXT_PLUGGED) {
1438 			hid_dbg(wdata->hdev, "EXT hotplug: 0\n");
1439 			wdata->state.flags &= ~WIIPROTO_FLAG_EXT_PLUGGED;
1440 			wdata->state.flags &= ~WIIPROTO_FLAG_MP_PLUGGED;
1441 			wdata->state.flags &= ~WIIPROTO_FLAG_EXT_ACTIVE;
1442 			wdata->state.flags &= ~WIIPROTO_FLAG_MP_ACTIVE;
1443 			__wiimote_schedule(wdata);
1444 		}
1445 	}
1446 
1447 	wdata->state.cmd_battery = payload[5];
1448 	if (wiimote_cmd_pending(wdata, WIIPROTO_REQ_SREQ, 0))
1449 		wiimote_cmd_complete(wdata);
1450 }
1451 
1452 /* reduced generic report with "BB BB" key data only */
handler_generic_K(struct wiimote_data * wdata,const __u8 * payload)1453 static void handler_generic_K(struct wiimote_data *wdata, const __u8 *payload)
1454 {
1455 	handler_keys(wdata, payload);
1456 }
1457 
handler_data(struct wiimote_data * wdata,const __u8 * payload)1458 static void handler_data(struct wiimote_data *wdata, const __u8 *payload)
1459 {
1460 	__u16 offset = payload[3] << 8 | payload[4];
1461 	__u8 size = (payload[2] >> 4) + 1;
1462 	__u8 err = payload[2] & 0x0f;
1463 
1464 	handler_keys(wdata, payload);
1465 
1466 	if (wiimote_cmd_pending(wdata, WIIPROTO_REQ_RMEM, offset)) {
1467 		if (err)
1468 			size = 0;
1469 		else if (size > wdata->state.cmd_read_size)
1470 			size = wdata->state.cmd_read_size;
1471 
1472 		wdata->state.cmd_read_size = size;
1473 		if (wdata->state.cmd_read_buf)
1474 			memcpy(wdata->state.cmd_read_buf, &payload[5], size);
1475 		wiimote_cmd_complete(wdata);
1476 	}
1477 }
1478 
handler_return(struct wiimote_data * wdata,const __u8 * payload)1479 static void handler_return(struct wiimote_data *wdata, const __u8 *payload)
1480 {
1481 	__u8 err = payload[3];
1482 	__u8 cmd = payload[2];
1483 
1484 	handler_keys(wdata, payload);
1485 
1486 	if (wiimote_cmd_pending(wdata, cmd, 0)) {
1487 		wdata->state.cmd_err = err;
1488 		wiimote_cmd_complete(wdata);
1489 	} else if (err) {
1490 		hid_warn(wdata->hdev, "Remote error %u on req %u\n", err,
1491 									cmd);
1492 	}
1493 }
1494 
handler_drm_KA(struct wiimote_data * wdata,const __u8 * payload)1495 static void handler_drm_KA(struct wiimote_data *wdata, const __u8 *payload)
1496 {
1497 	handler_keys(wdata, payload);
1498 	handler_accel(wdata, payload);
1499 }
1500 
handler_drm_KE(struct wiimote_data * wdata,const __u8 * payload)1501 static void handler_drm_KE(struct wiimote_data *wdata, const __u8 *payload)
1502 {
1503 	handler_keys(wdata, payload);
1504 	handler_ext(wdata, &payload[2], 8);
1505 }
1506 
handler_drm_KAI(struct wiimote_data * wdata,const __u8 * payload)1507 static void handler_drm_KAI(struct wiimote_data *wdata, const __u8 *payload)
1508 {
1509 	handler_keys(wdata, payload);
1510 	handler_accel(wdata, payload);
1511 	ir_to_input0(wdata, &payload[5], false);
1512 	ir_to_input1(wdata, &payload[8], false);
1513 	ir_to_input2(wdata, &payload[11], false);
1514 	ir_to_input3(wdata, &payload[14], false);
1515 }
1516 
handler_drm_KEE(struct wiimote_data * wdata,const __u8 * payload)1517 static void handler_drm_KEE(struct wiimote_data *wdata, const __u8 *payload)
1518 {
1519 	handler_keys(wdata, payload);
1520 	handler_ext(wdata, &payload[2], 19);
1521 }
1522 
handler_drm_KIE(struct wiimote_data * wdata,const __u8 * payload)1523 static void handler_drm_KIE(struct wiimote_data *wdata, const __u8 *payload)
1524 {
1525 	handler_keys(wdata, payload);
1526 	ir_to_input0(wdata, &payload[2], false);
1527 	ir_to_input1(wdata, &payload[4], true);
1528 	ir_to_input2(wdata, &payload[7], false);
1529 	ir_to_input3(wdata, &payload[9], true);
1530 	handler_ext(wdata, &payload[12], 9);
1531 }
1532 
handler_drm_KAE(struct wiimote_data * wdata,const __u8 * payload)1533 static void handler_drm_KAE(struct wiimote_data *wdata, const __u8 *payload)
1534 {
1535 	handler_keys(wdata, payload);
1536 	handler_accel(wdata, payload);
1537 	handler_ext(wdata, &payload[5], 16);
1538 }
1539 
handler_drm_KAIE(struct wiimote_data * wdata,const __u8 * payload)1540 static void handler_drm_KAIE(struct wiimote_data *wdata, const __u8 *payload)
1541 {
1542 	handler_keys(wdata, payload);
1543 	handler_accel(wdata, payload);
1544 	ir_to_input0(wdata, &payload[5], false);
1545 	ir_to_input1(wdata, &payload[7], true);
1546 	ir_to_input2(wdata, &payload[10], false);
1547 	ir_to_input3(wdata, &payload[12], true);
1548 	handler_ext(wdata, &payload[15], 6);
1549 }
1550 
handler_drm_E(struct wiimote_data * wdata,const __u8 * payload)1551 static void handler_drm_E(struct wiimote_data *wdata, const __u8 *payload)
1552 {
1553 	handler_ext(wdata, payload, 21);
1554 }
1555 
handler_drm_SKAI1(struct wiimote_data * wdata,const __u8 * payload)1556 static void handler_drm_SKAI1(struct wiimote_data *wdata, const __u8 *payload)
1557 {
1558 	handler_keys(wdata, payload);
1559 
1560 	wdata->state.accel_split[0] = payload[2];
1561 	wdata->state.accel_split[1] = (payload[0] >> 1) & (0x10 | 0x20);
1562 	wdata->state.accel_split[1] |= (payload[1] << 1) & (0x40 | 0x80);
1563 
1564 	ir_to_input0(wdata, &payload[3], false);
1565 	ir_to_input1(wdata, &payload[12], false);
1566 }
1567 
handler_drm_SKAI2(struct wiimote_data * wdata,const __u8 * payload)1568 static void handler_drm_SKAI2(struct wiimote_data *wdata, const __u8 *payload)
1569 {
1570 	__u8 buf[5];
1571 
1572 	handler_keys(wdata, payload);
1573 
1574 	wdata->state.accel_split[1] |= (payload[0] >> 5) & (0x01 | 0x02);
1575 	wdata->state.accel_split[1] |= (payload[1] >> 3) & (0x04 | 0x08);
1576 
1577 	buf[0] = 0;
1578 	buf[1] = 0;
1579 	buf[2] = wdata->state.accel_split[0];
1580 	buf[3] = payload[2];
1581 	buf[4] = wdata->state.accel_split[1];
1582 	handler_accel(wdata, buf);
1583 
1584 	ir_to_input2(wdata, &payload[3], false);
1585 	ir_to_input3(wdata, &payload[12], false);
1586 }
1587 
1588 struct wiiproto_handler {
1589 	__u8 id;
1590 	size_t size;
1591 	void (*func)(struct wiimote_data *wdata, const __u8 *payload);
1592 };
1593 
1594 static const struct wiiproto_handler handlers[] = {
1595 	{ .id = WIIPROTO_REQ_STATUS, .size = 6, .func = handler_status },
1596 	{ .id = WIIPROTO_REQ_STATUS, .size = 2, .func = handler_status_K },
1597 	{ .id = WIIPROTO_REQ_DATA, .size = 21, .func = handler_data },
1598 	{ .id = WIIPROTO_REQ_DATA, .size = 2, .func = handler_generic_K },
1599 	{ .id = WIIPROTO_REQ_RETURN, .size = 4, .func = handler_return },
1600 	{ .id = WIIPROTO_REQ_RETURN, .size = 2, .func = handler_generic_K },
1601 	{ .id = WIIPROTO_REQ_DRM_K, .size = 2, .func = handler_keys },
1602 	{ .id = WIIPROTO_REQ_DRM_KA, .size = 5, .func = handler_drm_KA },
1603 	{ .id = WIIPROTO_REQ_DRM_KA, .size = 2, .func = handler_generic_K },
1604 	{ .id = WIIPROTO_REQ_DRM_KE, .size = 10, .func = handler_drm_KE },
1605 	{ .id = WIIPROTO_REQ_DRM_KE, .size = 2, .func = handler_generic_K },
1606 	{ .id = WIIPROTO_REQ_DRM_KAI, .size = 17, .func = handler_drm_KAI },
1607 	{ .id = WIIPROTO_REQ_DRM_KAI, .size = 2, .func = handler_generic_K },
1608 	{ .id = WIIPROTO_REQ_DRM_KEE, .size = 21, .func = handler_drm_KEE },
1609 	{ .id = WIIPROTO_REQ_DRM_KEE, .size = 2, .func = handler_generic_K },
1610 	{ .id = WIIPROTO_REQ_DRM_KAE, .size = 21, .func = handler_drm_KAE },
1611 	{ .id = WIIPROTO_REQ_DRM_KAE, .size = 2, .func = handler_generic_K },
1612 	{ .id = WIIPROTO_REQ_DRM_KIE, .size = 21, .func = handler_drm_KIE },
1613 	{ .id = WIIPROTO_REQ_DRM_KIE, .size = 2, .func = handler_generic_K },
1614 	{ .id = WIIPROTO_REQ_DRM_KAIE, .size = 21, .func = handler_drm_KAIE },
1615 	{ .id = WIIPROTO_REQ_DRM_KAIE, .size = 2, .func = handler_generic_K },
1616 	{ .id = WIIPROTO_REQ_DRM_E, .size = 21, .func = handler_drm_E },
1617 	{ .id = WIIPROTO_REQ_DRM_SKAI1, .size = 21, .func = handler_drm_SKAI1 },
1618 	{ .id = WIIPROTO_REQ_DRM_SKAI2, .size = 21, .func = handler_drm_SKAI2 },
1619 	{ .id = 0 }
1620 };
1621 
wiimote_hid_event(struct hid_device * hdev,struct hid_report * report,u8 * raw_data,int size)1622 static int wiimote_hid_event(struct hid_device *hdev, struct hid_report *report,
1623 							u8 *raw_data, int size)
1624 {
1625 	struct wiimote_data *wdata = hid_get_drvdata(hdev);
1626 	const struct wiiproto_handler *h;
1627 	int i;
1628 	unsigned long flags;
1629 
1630 	if (size < 1)
1631 		return -EINVAL;
1632 
1633 	for (i = 0; handlers[i].id; ++i) {
1634 		h = &handlers[i];
1635 		if (h->id == raw_data[0] && h->size < size) {
1636 			spin_lock_irqsave(&wdata->state.lock, flags);
1637 			h->func(wdata, &raw_data[1]);
1638 			spin_unlock_irqrestore(&wdata->state.lock, flags);
1639 			break;
1640 		}
1641 	}
1642 
1643 	if (!handlers[i].id)
1644 		hid_warn(hdev, "Unhandled report %hhu size %d\n", raw_data[0],
1645 									size);
1646 
1647 	return 0;
1648 }
1649 
wiimote_ext_show(struct device * dev,struct device_attribute * attr,char * buf)1650 static ssize_t wiimote_ext_show(struct device *dev,
1651 				struct device_attribute *attr,
1652 				char *buf)
1653 {
1654 	struct wiimote_data *wdata = dev_to_wii(dev);
1655 	__u8 type;
1656 	unsigned long flags;
1657 
1658 	spin_lock_irqsave(&wdata->state.lock, flags);
1659 	type = wdata->state.exttype;
1660 	spin_unlock_irqrestore(&wdata->state.lock, flags);
1661 
1662 	switch (type) {
1663 	case WIIMOTE_EXT_NONE:
1664 		return sprintf(buf, "none\n");
1665 	case WIIMOTE_EXT_NUNCHUK:
1666 		return sprintf(buf, "nunchuk\n");
1667 	case WIIMOTE_EXT_CLASSIC_CONTROLLER:
1668 		return sprintf(buf, "classic\n");
1669 	case WIIMOTE_EXT_BALANCE_BOARD:
1670 		return sprintf(buf, "balanceboard\n");
1671 	case WIIMOTE_EXT_PRO_CONTROLLER:
1672 		return sprintf(buf, "procontroller\n");
1673 	case WIIMOTE_EXT_DRUMS:
1674 		return sprintf(buf, "drums\n");
1675 	case WIIMOTE_EXT_GUITAR:
1676 		return sprintf(buf, "guitar\n");
1677 	case WIIMOTE_EXT_TURNTABLE:
1678 		return sprintf(buf, "turntable\n");
1679 	case WIIMOTE_EXT_UNKNOWN:
1680 	default:
1681 		return sprintf(buf, "unknown\n");
1682 	}
1683 }
1684 
wiimote_ext_store(struct device * dev,struct device_attribute * attr,const char * buf,size_t count)1685 static ssize_t wiimote_ext_store(struct device *dev,
1686 				 struct device_attribute *attr,
1687 				 const char *buf, size_t count)
1688 {
1689 	struct wiimote_data *wdata = dev_to_wii(dev);
1690 
1691 	if (!strcmp(buf, "scan")) {
1692 		wiimote_schedule(wdata);
1693 	} else {
1694 		return -EINVAL;
1695 	}
1696 
1697 	return strnlen(buf, PAGE_SIZE);
1698 }
1699 
1700 static DEVICE_ATTR(extension, S_IRUGO | S_IWUSR | S_IWGRP, wiimote_ext_show,
1701 		   wiimote_ext_store);
1702 
wiimote_dev_show(struct device * dev,struct device_attribute * attr,char * buf)1703 static ssize_t wiimote_dev_show(struct device *dev,
1704 				struct device_attribute *attr,
1705 				char *buf)
1706 {
1707 	struct wiimote_data *wdata = dev_to_wii(dev);
1708 	__u8 type;
1709 	unsigned long flags;
1710 
1711 	spin_lock_irqsave(&wdata->state.lock, flags);
1712 	type = wdata->state.devtype;
1713 	spin_unlock_irqrestore(&wdata->state.lock, flags);
1714 
1715 	switch (type) {
1716 	case WIIMOTE_DEV_GENERIC:
1717 		return sprintf(buf, "generic\n");
1718 	case WIIMOTE_DEV_GEN10:
1719 		return sprintf(buf, "gen10\n");
1720 	case WIIMOTE_DEV_GEN20:
1721 		return sprintf(buf, "gen20\n");
1722 	case WIIMOTE_DEV_BALANCE_BOARD:
1723 		return sprintf(buf, "balanceboard\n");
1724 	case WIIMOTE_DEV_PRO_CONTROLLER:
1725 		return sprintf(buf, "procontroller\n");
1726 	case WIIMOTE_DEV_PENDING:
1727 		return sprintf(buf, "pending\n");
1728 	case WIIMOTE_DEV_UNKNOWN:
1729 	default:
1730 		return sprintf(buf, "unknown\n");
1731 	}
1732 }
1733 
1734 static DEVICE_ATTR(devtype, S_IRUGO, wiimote_dev_show, NULL);
1735 
wiimote_create(struct hid_device * hdev)1736 static struct wiimote_data *wiimote_create(struct hid_device *hdev)
1737 {
1738 	struct wiimote_data *wdata;
1739 
1740 	wdata = kzalloc(sizeof(*wdata), GFP_KERNEL);
1741 	if (!wdata)
1742 		return NULL;
1743 
1744 	wdata->hdev = hdev;
1745 	hid_set_drvdata(hdev, wdata);
1746 
1747 	spin_lock_init(&wdata->queue.lock);
1748 	INIT_WORK(&wdata->queue.worker, wiimote_queue_worker);
1749 
1750 	spin_lock_init(&wdata->state.lock);
1751 	init_completion(&wdata->state.ready);
1752 	mutex_init(&wdata->state.sync);
1753 	wdata->state.drm = WIIPROTO_REQ_DRM_K;
1754 	wdata->state.cmd_battery = 0xff;
1755 
1756 	INIT_WORK(&wdata->init_worker, wiimote_init_worker);
1757 	timer_setup(&wdata->timer, wiimote_init_timeout, 0);
1758 
1759 	return wdata;
1760 }
1761 
wiimote_destroy(struct wiimote_data * wdata)1762 static void wiimote_destroy(struct wiimote_data *wdata)
1763 {
1764 	unsigned long flags;
1765 
1766 	wiidebug_deinit(wdata);
1767 
1768 	/* prevent init_worker from being scheduled again */
1769 	spin_lock_irqsave(&wdata->state.lock, flags);
1770 	wdata->state.flags |= WIIPROTO_FLAG_EXITING;
1771 	spin_unlock_irqrestore(&wdata->state.lock, flags);
1772 
1773 	cancel_work_sync(&wdata->init_worker);
1774 	timer_shutdown_sync(&wdata->timer);
1775 
1776 	device_remove_file(&wdata->hdev->dev, &dev_attr_devtype);
1777 	device_remove_file(&wdata->hdev->dev, &dev_attr_extension);
1778 
1779 	wiimote_mp_unload(wdata);
1780 	wiimote_ext_unload(wdata);
1781 	wiimote_modules_unload(wdata);
1782 	cancel_work_sync(&wdata->queue.worker);
1783 	hid_hw_close(wdata->hdev);
1784 	hid_hw_stop(wdata->hdev);
1785 
1786 	kfree(wdata);
1787 }
1788 
wiimote_hid_probe(struct hid_device * hdev,const struct hid_device_id * id)1789 static int wiimote_hid_probe(struct hid_device *hdev,
1790 				const struct hid_device_id *id)
1791 {
1792 	struct wiimote_data *wdata;
1793 	int ret;
1794 
1795 	hdev->quirks |= HID_QUIRK_NO_INIT_REPORTS;
1796 
1797 	wdata = wiimote_create(hdev);
1798 	if (!wdata) {
1799 		hid_err(hdev, "Can't alloc device\n");
1800 		return -ENOMEM;
1801 	}
1802 
1803 	ret = hid_parse(hdev);
1804 	if (ret) {
1805 		hid_err(hdev, "HID parse failed\n");
1806 		goto err;
1807 	}
1808 
1809 	ret = hid_hw_start(hdev, HID_CONNECT_HIDRAW);
1810 	if (ret) {
1811 		hid_err(hdev, "HW start failed\n");
1812 		goto err;
1813 	}
1814 
1815 	ret = hid_hw_open(hdev);
1816 	if (ret) {
1817 		hid_err(hdev, "cannot start hardware I/O\n");
1818 		goto err_stop;
1819 	}
1820 
1821 	ret = device_create_file(&hdev->dev, &dev_attr_extension);
1822 	if (ret) {
1823 		hid_err(hdev, "cannot create sysfs attribute\n");
1824 		goto err_close;
1825 	}
1826 
1827 	ret = device_create_file(&hdev->dev, &dev_attr_devtype);
1828 	if (ret) {
1829 		hid_err(hdev, "cannot create sysfs attribute\n");
1830 		goto err_ext;
1831 	}
1832 
1833 	ret = wiidebug_init(wdata);
1834 	if (ret)
1835 		goto err_free;
1836 
1837 	hid_info(hdev, "New device registered\n");
1838 
1839 	/* schedule device detection */
1840 	wiimote_schedule(wdata);
1841 
1842 	return 0;
1843 
1844 err_free:
1845 	wiimote_destroy(wdata);
1846 	return ret;
1847 
1848 err_ext:
1849 	device_remove_file(&wdata->hdev->dev, &dev_attr_extension);
1850 err_close:
1851 	hid_hw_close(hdev);
1852 err_stop:
1853 	hid_hw_stop(hdev);
1854 err:
1855 	input_free_device(wdata->ir);
1856 	input_free_device(wdata->accel);
1857 	kfree(wdata);
1858 	return ret;
1859 }
1860 
wiimote_hid_remove(struct hid_device * hdev)1861 static void wiimote_hid_remove(struct hid_device *hdev)
1862 {
1863 	struct wiimote_data *wdata = hid_get_drvdata(hdev);
1864 
1865 	hid_info(hdev, "Device removed\n");
1866 	wiimote_destroy(wdata);
1867 }
1868 
1869 static const struct hid_device_id wiimote_hid_devices[] = {
1870 	{ HID_BLUETOOTH_DEVICE(USB_VENDOR_ID_NINTENDO,
1871 				USB_DEVICE_ID_NINTENDO_WIIMOTE) },
1872 	{ HID_BLUETOOTH_DEVICE(USB_VENDOR_ID_NINTENDO,
1873 				USB_DEVICE_ID_NINTENDO_WIIMOTE2) },
1874 	{ }
1875 };
1876 
1877 bool wiimote_dpad_as_analog = false;
1878 module_param_named(dpad_as_analog, wiimote_dpad_as_analog, bool, 0644);
1879 MODULE_PARM_DESC(dpad_as_analog, "Use D-Pad as main analog input");
1880 
1881 MODULE_DEVICE_TABLE(hid, wiimote_hid_devices);
1882 
1883 static struct hid_driver wiimote_hid_driver = {
1884 	.name = "wiimote",
1885 	.id_table = wiimote_hid_devices,
1886 	.probe = wiimote_hid_probe,
1887 	.remove = wiimote_hid_remove,
1888 	.raw_event = wiimote_hid_event,
1889 };
1890 module_hid_driver(wiimote_hid_driver);
1891 
1892 MODULE_LICENSE("GPL");
1893 MODULE_AUTHOR("David Herrmann <dh.herrmann@gmail.com>");
1894 MODULE_DESCRIPTION("Driver for Nintendo Wii / Wii U peripherals");
1895