1 /**
2  * Marvell Bluetooth driver
3  *
4  * Copyright (C) 2009, Marvell International Ltd.
5  *
6  * This software file (the "File") is distributed by Marvell International
7  * Ltd. under the terms of the GNU General Public License Version 2, June 1991
8  * (the "License").  You may use, redistribute and/or modify this File in
9  * accordance with the terms and conditions of the License, a copy of which
10  * is available by writing to the Free Software Foundation, Inc.,
11  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA or on the
12  * worldwide web at http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
13  *
14  *
15  * THE FILE IS DISTRIBUTED AS-IS, WITHOUT WARRANTY OF ANY KIND, AND THE
16  * IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE
17  * ARE EXPRESSLY DISCLAIMED.  The License provides additional details about
18  * this warranty disclaimer.
19  **/
20 
21 #include <linux/module.h>
22 
23 #include <net/bluetooth/bluetooth.h>
24 #include <net/bluetooth/hci_core.h>
25 
26 #include "btmrvl_drv.h"
27 
28 #define VERSION "1.0"
29 
30 /*
31  * This function is called by interface specific interrupt handler.
32  * It updates Power Save & Host Sleep states, and wakes up the main
33  * thread.
34  */
35 void btmrvl_interrupt(struct btmrvl_private *priv)
36 {
37 	priv->adapter->ps_state = PS_AWAKE;
38 
39 	priv->adapter->wakeup_tries = 0;
40 
41 	priv->adapter->int_count++;
42 
43 	wake_up_interruptible(&priv->main_thread.wait_q);
44 }
45 EXPORT_SYMBOL_GPL(btmrvl_interrupt);
46 
47 void btmrvl_check_evtpkt(struct btmrvl_private *priv, struct sk_buff *skb)
48 {
49 	struct hci_event_hdr *hdr = (void *) skb->data;
50 	struct hci_ev_cmd_complete *ec;
51 	u16 opcode, ocf;
52 
53 	if (hdr->evt == HCI_EV_CMD_COMPLETE) {
54 		ec = (void *) (skb->data + HCI_EVENT_HDR_SIZE);
55 		opcode = __le16_to_cpu(ec->opcode);
56 		ocf = hci_opcode_ocf(opcode);
57 		if (ocf == BT_CMD_MODULE_CFG_REQ &&
58 					priv->btmrvl_dev.sendcmdflag) {
59 			priv->btmrvl_dev.sendcmdflag = false;
60 			priv->adapter->cmd_complete = true;
61 			wake_up_interruptible(&priv->adapter->cmd_wait_q);
62 		}
63 	}
64 }
65 EXPORT_SYMBOL_GPL(btmrvl_check_evtpkt);
66 
67 int btmrvl_process_event(struct btmrvl_private *priv, struct sk_buff *skb)
68 {
69 	struct btmrvl_adapter *adapter = priv->adapter;
70 	struct btmrvl_event *event;
71 	int ret = 0;
72 
73 	event = (struct btmrvl_event *) skb->data;
74 	if (event->ec != 0xff) {
75 		BT_DBG("Not Marvell Event=%x", event->ec);
76 		ret = -EINVAL;
77 		goto exit;
78 	}
79 
80 	switch (event->data[0]) {
81 	case BT_CMD_AUTO_SLEEP_MODE:
82 		if (!event->data[2]) {
83 			if (event->data[1] == BT_PS_ENABLE)
84 				adapter->psmode = 1;
85 			else
86 				adapter->psmode = 0;
87 			BT_DBG("PS Mode:%s",
88 				(adapter->psmode) ? "Enable" : "Disable");
89 		} else {
90 			BT_DBG("PS Mode command failed");
91 		}
92 		break;
93 
94 	case BT_CMD_HOST_SLEEP_CONFIG:
95 		if (!event->data[3])
96 			BT_DBG("gpio=%x, gap=%x", event->data[1],
97 							event->data[2]);
98 		else
99 			BT_DBG("HSCFG command failed");
100 		break;
101 
102 	case BT_CMD_HOST_SLEEP_ENABLE:
103 		if (!event->data[1]) {
104 			adapter->hs_state = HS_ACTIVATED;
105 			if (adapter->psmode)
106 				adapter->ps_state = PS_SLEEP;
107 			wake_up_interruptible(&adapter->cmd_wait_q);
108 			BT_DBG("HS ACTIVATED!");
109 		} else {
110 			BT_DBG("HS Enable failed");
111 		}
112 		break;
113 
114 	case BT_CMD_MODULE_CFG_REQ:
115 		if (priv->btmrvl_dev.sendcmdflag &&
116 				event->data[1] == MODULE_BRINGUP_REQ) {
117 			BT_DBG("EVENT:%s",
118 				((event->data[2] == MODULE_BROUGHT_UP) ||
119 				(event->data[2] == MODULE_ALREADY_UP)) ?
120 				"Bring-up succeed" : "Bring-up failed");
121 
122 			if (event->length > 3 && event->data[3])
123 				priv->btmrvl_dev.dev_type = HCI_AMP;
124 			else
125 				priv->btmrvl_dev.dev_type = HCI_BREDR;
126 
127 			BT_DBG("dev_type: %d", priv->btmrvl_dev.dev_type);
128 		} else if (priv->btmrvl_dev.sendcmdflag &&
129 				event->data[1] == MODULE_SHUTDOWN_REQ) {
130 			BT_DBG("EVENT:%s", (event->data[2]) ?
131 				"Shutdown failed" : "Shutdown succeed");
132 		} else {
133 			BT_DBG("BT_CMD_MODULE_CFG_REQ resp for APP");
134 			ret = -EINVAL;
135 		}
136 		break;
137 
138 	case BT_EVENT_POWER_STATE:
139 		if (event->data[1] == BT_PS_SLEEP)
140 			adapter->ps_state = PS_SLEEP;
141 		BT_DBG("EVENT:%s",
142 			(adapter->ps_state) ? "PS_SLEEP" : "PS_AWAKE");
143 		break;
144 
145 	default:
146 		BT_DBG("Unknown Event=%d", event->data[0]);
147 		ret = -EINVAL;
148 		break;
149 	}
150 
151 exit:
152 	if (!ret)
153 		kfree_skb(skb);
154 
155 	return ret;
156 }
157 EXPORT_SYMBOL_GPL(btmrvl_process_event);
158 
159 int btmrvl_send_module_cfg_cmd(struct btmrvl_private *priv, int subcmd)
160 {
161 	struct sk_buff *skb;
162 	struct btmrvl_cmd *cmd;
163 	int ret = 0;
164 
165 	skb = bt_skb_alloc(sizeof(*cmd), GFP_ATOMIC);
166 	if (skb == NULL) {
167 		BT_ERR("No free skb");
168 		return -ENOMEM;
169 	}
170 
171 	cmd = (struct btmrvl_cmd *) skb_put(skb, sizeof(*cmd));
172 	cmd->ocf_ogf = cpu_to_le16(hci_opcode_pack(OGF, BT_CMD_MODULE_CFG_REQ));
173 	cmd->length = 1;
174 	cmd->data[0] = subcmd;
175 
176 	bt_cb(skb)->pkt_type = MRVL_VENDOR_PKT;
177 
178 	skb->dev = (void *) priv->btmrvl_dev.hcidev;
179 	skb_queue_head(&priv->adapter->tx_queue, skb);
180 
181 	priv->btmrvl_dev.sendcmdflag = true;
182 
183 	priv->adapter->cmd_complete = false;
184 
185 	BT_DBG("Queue module cfg Command");
186 
187 	wake_up_interruptible(&priv->main_thread.wait_q);
188 
189 	if (!wait_event_interruptible_timeout(priv->adapter->cmd_wait_q,
190 				priv->adapter->cmd_complete,
191 				msecs_to_jiffies(WAIT_UNTIL_CMD_RESP))) {
192 		ret = -ETIMEDOUT;
193 		BT_ERR("module_cfg_cmd(%x): timeout: %d",
194 					subcmd, priv->btmrvl_dev.sendcmdflag);
195 	}
196 
197 	BT_DBG("module cfg Command done");
198 
199 	return ret;
200 }
201 EXPORT_SYMBOL_GPL(btmrvl_send_module_cfg_cmd);
202 
203 int btmrvl_enable_ps(struct btmrvl_private *priv)
204 {
205 	struct sk_buff *skb;
206 	struct btmrvl_cmd *cmd;
207 
208 	skb = bt_skb_alloc(sizeof(*cmd), GFP_ATOMIC);
209 	if (skb == NULL) {
210 		BT_ERR("No free skb");
211 		return -ENOMEM;
212 	}
213 
214 	cmd = (struct btmrvl_cmd *) skb_put(skb, sizeof(*cmd));
215 	cmd->ocf_ogf = cpu_to_le16(hci_opcode_pack(OGF,
216 					BT_CMD_AUTO_SLEEP_MODE));
217 	cmd->length = 1;
218 
219 	if (priv->btmrvl_dev.psmode)
220 		cmd->data[0] = BT_PS_ENABLE;
221 	else
222 		cmd->data[0] = BT_PS_DISABLE;
223 
224 	bt_cb(skb)->pkt_type = MRVL_VENDOR_PKT;
225 
226 	skb->dev = (void *) priv->btmrvl_dev.hcidev;
227 	skb_queue_head(&priv->adapter->tx_queue, skb);
228 
229 	BT_DBG("Queue PSMODE Command:%d", cmd->data[0]);
230 
231 	return 0;
232 }
233 EXPORT_SYMBOL_GPL(btmrvl_enable_ps);
234 
235 static int btmrvl_enable_hs(struct btmrvl_private *priv)
236 {
237 	struct sk_buff *skb;
238 	struct btmrvl_cmd *cmd;
239 	int ret = 0;
240 
241 	skb = bt_skb_alloc(sizeof(*cmd), GFP_ATOMIC);
242 	if (skb == NULL) {
243 		BT_ERR("No free skb");
244 		return -ENOMEM;
245 	}
246 
247 	cmd = (struct btmrvl_cmd *) skb_put(skb, sizeof(*cmd));
248 	cmd->ocf_ogf = cpu_to_le16(hci_opcode_pack(OGF, BT_CMD_HOST_SLEEP_ENABLE));
249 	cmd->length = 0;
250 
251 	bt_cb(skb)->pkt_type = MRVL_VENDOR_PKT;
252 
253 	skb->dev = (void *) priv->btmrvl_dev.hcidev;
254 	skb_queue_head(&priv->adapter->tx_queue, skb);
255 
256 	BT_DBG("Queue hs enable Command");
257 
258 	wake_up_interruptible(&priv->main_thread.wait_q);
259 
260 	if (!wait_event_interruptible_timeout(priv->adapter->cmd_wait_q,
261 			priv->adapter->hs_state,
262 			msecs_to_jiffies(WAIT_UNTIL_HS_STATE_CHANGED))) {
263 		ret = -ETIMEDOUT;
264 		BT_ERR("timeout: %d, %d,%d", priv->adapter->hs_state,
265 						priv->adapter->ps_state,
266 						priv->adapter->wakeup_tries);
267 	}
268 
269 	return ret;
270 }
271 
272 int btmrvl_prepare_command(struct btmrvl_private *priv)
273 {
274 	struct sk_buff *skb = NULL;
275 	struct btmrvl_cmd *cmd;
276 	int ret = 0;
277 
278 	if (priv->btmrvl_dev.hscfgcmd) {
279 		priv->btmrvl_dev.hscfgcmd = 0;
280 
281 		skb = bt_skb_alloc(sizeof(*cmd), GFP_ATOMIC);
282 		if (skb == NULL) {
283 			BT_ERR("No free skb");
284 			return -ENOMEM;
285 		}
286 
287 		cmd = (struct btmrvl_cmd *) skb_put(skb, sizeof(*cmd));
288 		cmd->ocf_ogf = cpu_to_le16(hci_opcode_pack(OGF, BT_CMD_HOST_SLEEP_CONFIG));
289 		cmd->length = 2;
290 		cmd->data[0] = (priv->btmrvl_dev.gpio_gap & 0xff00) >> 8;
291 		cmd->data[1] = (u8) (priv->btmrvl_dev.gpio_gap & 0x00ff);
292 
293 		bt_cb(skb)->pkt_type = MRVL_VENDOR_PKT;
294 
295 		skb->dev = (void *) priv->btmrvl_dev.hcidev;
296 		skb_queue_head(&priv->adapter->tx_queue, skb);
297 
298 		BT_DBG("Queue HSCFG Command, gpio=0x%x, gap=0x%x",
299 						cmd->data[0], cmd->data[1]);
300 	}
301 
302 	if (priv->btmrvl_dev.pscmd) {
303 		priv->btmrvl_dev.pscmd = 0;
304 		btmrvl_enable_ps(priv);
305 	}
306 
307 	if (priv->btmrvl_dev.hscmd) {
308 		priv->btmrvl_dev.hscmd = 0;
309 
310 		if (priv->btmrvl_dev.hsmode) {
311 			ret = btmrvl_enable_hs(priv);
312 		} else {
313 			ret = priv->hw_wakeup_firmware(priv);
314 			priv->adapter->hs_state = HS_DEACTIVATED;
315 		}
316 	}
317 
318 	return ret;
319 }
320 
321 static int btmrvl_tx_pkt(struct btmrvl_private *priv, struct sk_buff *skb)
322 {
323 	int ret = 0;
324 
325 	if (!skb || !skb->data)
326 		return -EINVAL;
327 
328 	if (!skb->len || ((skb->len + BTM_HEADER_LEN) > BTM_UPLD_SIZE)) {
329 		BT_ERR("Tx Error: Bad skb length %d : %d",
330 						skb->len, BTM_UPLD_SIZE);
331 		return -EINVAL;
332 	}
333 
334 	if (skb_headroom(skb) < BTM_HEADER_LEN) {
335 		struct sk_buff *tmp = skb;
336 
337 		skb = skb_realloc_headroom(skb, BTM_HEADER_LEN);
338 		if (!skb) {
339 			BT_ERR("Tx Error: realloc_headroom failed %d",
340 				BTM_HEADER_LEN);
341 			skb = tmp;
342 			return -EINVAL;
343 		}
344 
345 		kfree_skb(tmp);
346 	}
347 
348 	skb_push(skb, BTM_HEADER_LEN);
349 
350 	/* header type: byte[3]
351 	 * HCI_COMMAND = 1, ACL_DATA = 2, SCO_DATA = 3, 0xFE = Vendor
352 	 * header length: byte[2][1][0]
353 	 */
354 
355 	skb->data[0] = (skb->len & 0x0000ff);
356 	skb->data[1] = (skb->len & 0x00ff00) >> 8;
357 	skb->data[2] = (skb->len & 0xff0000) >> 16;
358 	skb->data[3] = bt_cb(skb)->pkt_type;
359 
360 	if (priv->hw_host_to_card)
361 		ret = priv->hw_host_to_card(priv, skb->data, skb->len);
362 
363 	return ret;
364 }
365 
366 static void btmrvl_init_adapter(struct btmrvl_private *priv)
367 {
368 	skb_queue_head_init(&priv->adapter->tx_queue);
369 
370 	priv->adapter->ps_state = PS_AWAKE;
371 
372 	init_waitqueue_head(&priv->adapter->cmd_wait_q);
373 }
374 
375 static void btmrvl_free_adapter(struct btmrvl_private *priv)
376 {
377 	skb_queue_purge(&priv->adapter->tx_queue);
378 
379 	kfree(priv->adapter);
380 
381 	priv->adapter = NULL;
382 }
383 
384 static int btmrvl_ioctl(struct hci_dev *hdev,
385 				unsigned int cmd, unsigned long arg)
386 {
387 	return -ENOIOCTLCMD;
388 }
389 
390 static int btmrvl_send_frame(struct sk_buff *skb)
391 {
392 	struct hci_dev *hdev = (struct hci_dev *) skb->dev;
393 	struct btmrvl_private *priv = NULL;
394 
395 	BT_DBG("type=%d, len=%d", skb->pkt_type, skb->len);
396 
397 	if (!hdev) {
398 		BT_ERR("Frame for unknown HCI device");
399 		return -ENODEV;
400 	}
401 
402 	priv = hci_get_drvdata(hdev);
403 
404 	if (!test_bit(HCI_RUNNING, &hdev->flags)) {
405 		BT_ERR("Failed testing HCI_RUNING, flags=%lx", hdev->flags);
406 		print_hex_dump_bytes("data: ", DUMP_PREFIX_OFFSET,
407 							skb->data, skb->len);
408 		return -EBUSY;
409 	}
410 
411 	switch (bt_cb(skb)->pkt_type) {
412 	case HCI_COMMAND_PKT:
413 		hdev->stat.cmd_tx++;
414 		break;
415 
416 	case HCI_ACLDATA_PKT:
417 		hdev->stat.acl_tx++;
418 		break;
419 
420 	case HCI_SCODATA_PKT:
421 		hdev->stat.sco_tx++;
422 		break;
423 	}
424 
425 	skb_queue_tail(&priv->adapter->tx_queue, skb);
426 
427 	wake_up_interruptible(&priv->main_thread.wait_q);
428 
429 	return 0;
430 }
431 
432 static int btmrvl_flush(struct hci_dev *hdev)
433 {
434 	struct btmrvl_private *priv = hci_get_drvdata(hdev);
435 
436 	skb_queue_purge(&priv->adapter->tx_queue);
437 
438 	return 0;
439 }
440 
441 static int btmrvl_close(struct hci_dev *hdev)
442 {
443 	struct btmrvl_private *priv = hci_get_drvdata(hdev);
444 
445 	if (!test_and_clear_bit(HCI_RUNNING, &hdev->flags))
446 		return 0;
447 
448 	skb_queue_purge(&priv->adapter->tx_queue);
449 
450 	return 0;
451 }
452 
453 static int btmrvl_open(struct hci_dev *hdev)
454 {
455 	set_bit(HCI_RUNNING, &hdev->flags);
456 
457 	return 0;
458 }
459 
460 /*
461  * This function handles the event generated by firmware, rx data
462  * received from firmware, and tx data sent from kernel.
463  */
464 static int btmrvl_service_main_thread(void *data)
465 {
466 	struct btmrvl_thread *thread = data;
467 	struct btmrvl_private *priv = thread->priv;
468 	struct btmrvl_adapter *adapter = priv->adapter;
469 	wait_queue_t wait;
470 	struct sk_buff *skb;
471 	ulong flags;
472 
473 	init_waitqueue_entry(&wait, current);
474 
475 	for (;;) {
476 		add_wait_queue(&thread->wait_q, &wait);
477 
478 		set_current_state(TASK_INTERRUPTIBLE);
479 
480 		if (adapter->wakeup_tries ||
481 				((!adapter->int_count) &&
482 				(!priv->btmrvl_dev.tx_dnld_rdy ||
483 				skb_queue_empty(&adapter->tx_queue)))) {
484 			BT_DBG("main_thread is sleeping...");
485 			schedule();
486 		}
487 
488 		set_current_state(TASK_RUNNING);
489 
490 		remove_wait_queue(&thread->wait_q, &wait);
491 
492 		BT_DBG("main_thread woke up");
493 
494 		if (kthread_should_stop()) {
495 			BT_DBG("main_thread: break from main thread");
496 			break;
497 		}
498 
499 		spin_lock_irqsave(&priv->driver_lock, flags);
500 		if (adapter->int_count) {
501 			adapter->int_count = 0;
502 			spin_unlock_irqrestore(&priv->driver_lock, flags);
503 			priv->hw_process_int_status(priv);
504 		} else if (adapter->ps_state == PS_SLEEP &&
505 					!skb_queue_empty(&adapter->tx_queue)) {
506 			spin_unlock_irqrestore(&priv->driver_lock, flags);
507 			adapter->wakeup_tries++;
508 			priv->hw_wakeup_firmware(priv);
509 			continue;
510 		} else {
511 			spin_unlock_irqrestore(&priv->driver_lock, flags);
512 		}
513 
514 		if (adapter->ps_state == PS_SLEEP)
515 			continue;
516 
517 		if (!priv->btmrvl_dev.tx_dnld_rdy)
518 			continue;
519 
520 		skb = skb_dequeue(&adapter->tx_queue);
521 		if (skb) {
522 			if (btmrvl_tx_pkt(priv, skb))
523 				priv->btmrvl_dev.hcidev->stat.err_tx++;
524 			else
525 				priv->btmrvl_dev.hcidev->stat.byte_tx += skb->len;
526 
527 			kfree_skb(skb);
528 		}
529 	}
530 
531 	return 0;
532 }
533 
534 int btmrvl_register_hdev(struct btmrvl_private *priv)
535 {
536 	struct hci_dev *hdev = NULL;
537 	int ret;
538 
539 	hdev = hci_alloc_dev();
540 	if (!hdev) {
541 		BT_ERR("Can not allocate HCI device");
542 		goto err_hdev;
543 	}
544 
545 	priv->btmrvl_dev.hcidev = hdev;
546 	hci_set_drvdata(hdev, priv);
547 
548 	hdev->bus = HCI_SDIO;
549 	hdev->open = btmrvl_open;
550 	hdev->close = btmrvl_close;
551 	hdev->flush = btmrvl_flush;
552 	hdev->send = btmrvl_send_frame;
553 	hdev->ioctl = btmrvl_ioctl;
554 
555 	btmrvl_send_module_cfg_cmd(priv, MODULE_BRINGUP_REQ);
556 
557 	hdev->dev_type = priv->btmrvl_dev.dev_type;
558 
559 	ret = hci_register_dev(hdev);
560 	if (ret < 0) {
561 		BT_ERR("Can not register HCI device");
562 		goto err_hci_register_dev;
563 	}
564 
565 #ifdef CONFIG_DEBUG_FS
566 	btmrvl_debugfs_init(hdev);
567 #endif
568 
569 	return 0;
570 
571 err_hci_register_dev:
572 	hci_free_dev(hdev);
573 
574 err_hdev:
575 	/* Stop the thread servicing the interrupts */
576 	kthread_stop(priv->main_thread.task);
577 
578 	btmrvl_free_adapter(priv);
579 	kfree(priv);
580 
581 	return -ENOMEM;
582 }
583 EXPORT_SYMBOL_GPL(btmrvl_register_hdev);
584 
585 struct btmrvl_private *btmrvl_add_card(void *card)
586 {
587 	struct btmrvl_private *priv;
588 
589 	priv = kzalloc(sizeof(*priv), GFP_KERNEL);
590 	if (!priv) {
591 		BT_ERR("Can not allocate priv");
592 		goto err_priv;
593 	}
594 
595 	priv->adapter = kzalloc(sizeof(*priv->adapter), GFP_KERNEL);
596 	if (!priv->adapter) {
597 		BT_ERR("Allocate buffer for btmrvl_adapter failed!");
598 		goto err_adapter;
599 	}
600 
601 	btmrvl_init_adapter(priv);
602 
603 	BT_DBG("Starting kthread...");
604 	priv->main_thread.priv = priv;
605 	spin_lock_init(&priv->driver_lock);
606 
607 	init_waitqueue_head(&priv->main_thread.wait_q);
608 	priv->main_thread.task = kthread_run(btmrvl_service_main_thread,
609 				&priv->main_thread, "btmrvl_main_service");
610 
611 	priv->btmrvl_dev.card = card;
612 	priv->btmrvl_dev.tx_dnld_rdy = true;
613 
614 	return priv;
615 
616 err_adapter:
617 	kfree(priv);
618 
619 err_priv:
620 	return NULL;
621 }
622 EXPORT_SYMBOL_GPL(btmrvl_add_card);
623 
624 int btmrvl_remove_card(struct btmrvl_private *priv)
625 {
626 	struct hci_dev *hdev;
627 
628 	hdev = priv->btmrvl_dev.hcidev;
629 
630 	wake_up_interruptible(&priv->adapter->cmd_wait_q);
631 
632 	kthread_stop(priv->main_thread.task);
633 
634 #ifdef CONFIG_DEBUG_FS
635 	btmrvl_debugfs_remove(hdev);
636 #endif
637 
638 	hci_unregister_dev(hdev);
639 
640 	hci_free_dev(hdev);
641 
642 	priv->btmrvl_dev.hcidev = NULL;
643 
644 	btmrvl_free_adapter(priv);
645 
646 	kfree(priv);
647 
648 	return 0;
649 }
650 EXPORT_SYMBOL_GPL(btmrvl_remove_card);
651 
652 MODULE_AUTHOR("Marvell International Ltd.");
653 MODULE_DESCRIPTION("Marvell Bluetooth driver ver " VERSION);
654 MODULE_VERSION(VERSION);
655 MODULE_LICENSE("GPL v2");
656