1 /**
2  * Marvell Bluetooth driver
3  *
4  * Copyright (C) 2009, Marvell International Ltd.
5  *
6  * This software file (the "File") is distributed by Marvell International
7  * Ltd. under the terms of the GNU General Public License Version 2, June 1991
8  * (the "License").  You may use, redistribute and/or modify this File in
9  * accordance with the terms and conditions of the License, a copy of which
10  * is available by writing to the Free Software Foundation, Inc.,
11  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA or on the
12  * worldwide web at http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
13  *
14  *
15  * THE FILE IS DISTRIBUTED AS-IS, WITHOUT WARRANTY OF ANY KIND, AND THE
16  * IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE
17  * ARE EXPRESSLY DISCLAIMED.  The License provides additional details about
18  * this warranty disclaimer.
19  **/
20 
21 #include <net/bluetooth/bluetooth.h>
22 #include <net/bluetooth/hci_core.h>
23 
24 #include "btmrvl_drv.h"
25 
26 #define VERSION "1.0"
27 
28 /*
29  * This function is called by interface specific interrupt handler.
30  * It updates Power Save & Host Sleep states, and wakes up the main
31  * thread.
32  */
33 void btmrvl_interrupt(struct btmrvl_private *priv)
34 {
35 	priv->adapter->ps_state = PS_AWAKE;
36 
37 	priv->adapter->wakeup_tries = 0;
38 
39 	priv->adapter->int_count++;
40 
41 	wake_up_interruptible(&priv->main_thread.wait_q);
42 }
43 EXPORT_SYMBOL_GPL(btmrvl_interrupt);
44 
45 void btmrvl_check_evtpkt(struct btmrvl_private *priv, struct sk_buff *skb)
46 {
47 	struct hci_event_hdr *hdr = (void *) skb->data;
48 	struct hci_ev_cmd_complete *ec;
49 	u16 opcode, ocf;
50 
51 	if (hdr->evt == HCI_EV_CMD_COMPLETE) {
52 		ec = (void *) (skb->data + HCI_EVENT_HDR_SIZE);
53 		opcode = __le16_to_cpu(ec->opcode);
54 		ocf = hci_opcode_ocf(opcode);
55 		if (ocf == BT_CMD_MODULE_CFG_REQ &&
56 					priv->btmrvl_dev.sendcmdflag) {
57 			priv->btmrvl_dev.sendcmdflag = false;
58 			priv->adapter->cmd_complete = true;
59 			wake_up_interruptible(&priv->adapter->cmd_wait_q);
60 		}
61 	}
62 }
63 EXPORT_SYMBOL_GPL(btmrvl_check_evtpkt);
64 
65 int btmrvl_process_event(struct btmrvl_private *priv, struct sk_buff *skb)
66 {
67 	struct btmrvl_adapter *adapter = priv->adapter;
68 	struct btmrvl_event *event;
69 	u8 ret = 0;
70 
71 	event = (struct btmrvl_event *) skb->data;
72 	if (event->ec != 0xff) {
73 		BT_DBG("Not Marvell Event=%x", event->ec);
74 		ret = -EINVAL;
75 		goto exit;
76 	}
77 
78 	switch (event->data[0]) {
79 	case BT_CMD_AUTO_SLEEP_MODE:
80 		if (!event->data[2]) {
81 			if (event->data[1] == BT_PS_ENABLE)
82 				adapter->psmode = 1;
83 			else
84 				adapter->psmode = 0;
85 			BT_DBG("PS Mode:%s",
86 				(adapter->psmode) ? "Enable" : "Disable");
87 		} else {
88 			BT_DBG("PS Mode command failed");
89 		}
90 		break;
91 
92 	case BT_CMD_HOST_SLEEP_CONFIG:
93 		if (!event->data[3])
94 			BT_DBG("gpio=%x, gap=%x", event->data[1],
95 							event->data[2]);
96 		else
97 			BT_DBG("HSCFG command failed");
98 		break;
99 
100 	case BT_CMD_HOST_SLEEP_ENABLE:
101 		if (!event->data[1]) {
102 			adapter->hs_state = HS_ACTIVATED;
103 			if (adapter->psmode)
104 				adapter->ps_state = PS_SLEEP;
105 			wake_up_interruptible(&adapter->cmd_wait_q);
106 			BT_DBG("HS ACTIVATED!");
107 		} else {
108 			BT_DBG("HS Enable failed");
109 		}
110 		break;
111 
112 	case BT_CMD_MODULE_CFG_REQ:
113 		if (priv->btmrvl_dev.sendcmdflag &&
114 				event->data[1] == MODULE_BRINGUP_REQ) {
115 			BT_DBG("EVENT:%s", (event->data[2]) ?
116 				"Bring-up failed" : "Bring-up succeed");
117 		} else if (priv->btmrvl_dev.sendcmdflag &&
118 				event->data[1] == MODULE_SHUTDOWN_REQ) {
119 			BT_DBG("EVENT:%s", (event->data[2]) ?
120 				"Shutdown failed" : "Shutdown succeed");
121 		} else {
122 			BT_DBG("BT_CMD_MODULE_CFG_REQ resp for APP");
123 			ret = -EINVAL;
124 		}
125 		break;
126 
127 	case BT_EVENT_POWER_STATE:
128 		if (event->data[1] == BT_PS_SLEEP)
129 			adapter->ps_state = PS_SLEEP;
130 		BT_DBG("EVENT:%s",
131 			(adapter->ps_state) ? "PS_SLEEP" : "PS_AWAKE");
132 		break;
133 
134 	default:
135 		BT_DBG("Unknown Event=%d", event->data[0]);
136 		ret = -EINVAL;
137 		break;
138 	}
139 
140 exit:
141 	if (!ret)
142 		kfree_skb(skb);
143 
144 	return ret;
145 }
146 EXPORT_SYMBOL_GPL(btmrvl_process_event);
147 
148 int btmrvl_send_module_cfg_cmd(struct btmrvl_private *priv, int subcmd)
149 {
150 	struct sk_buff *skb;
151 	struct btmrvl_cmd *cmd;
152 	int ret = 0;
153 
154 	skb = bt_skb_alloc(sizeof(*cmd), GFP_ATOMIC);
155 	if (skb == NULL) {
156 		BT_ERR("No free skb");
157 		return -ENOMEM;
158 	}
159 
160 	cmd = (struct btmrvl_cmd *) skb_put(skb, sizeof(*cmd));
161 	cmd->ocf_ogf = cpu_to_le16(hci_opcode_pack(OGF, BT_CMD_MODULE_CFG_REQ));
162 	cmd->length = 1;
163 	cmd->data[0] = subcmd;
164 
165 	bt_cb(skb)->pkt_type = MRVL_VENDOR_PKT;
166 
167 	skb->dev = (void *) priv->btmrvl_dev.hcidev;
168 	skb_queue_head(&priv->adapter->tx_queue, skb);
169 
170 	priv->btmrvl_dev.sendcmdflag = true;
171 
172 	priv->adapter->cmd_complete = false;
173 
174 	BT_DBG("Queue module cfg Command");
175 
176 	wake_up_interruptible(&priv->main_thread.wait_q);
177 
178 	if (!wait_event_interruptible_timeout(priv->adapter->cmd_wait_q,
179 				priv->adapter->cmd_complete,
180 				msecs_to_jiffies(WAIT_UNTIL_CMD_RESP))) {
181 		ret = -ETIMEDOUT;
182 		BT_ERR("module_cfg_cmd(%x): timeout: %d",
183 					subcmd, priv->btmrvl_dev.sendcmdflag);
184 	}
185 
186 	BT_DBG("module cfg Command done");
187 
188 	return ret;
189 }
190 EXPORT_SYMBOL_GPL(btmrvl_send_module_cfg_cmd);
191 
192 int btmrvl_enable_ps(struct btmrvl_private *priv)
193 {
194 	struct sk_buff *skb;
195 	struct btmrvl_cmd *cmd;
196 
197 	skb = bt_skb_alloc(sizeof(*cmd), GFP_ATOMIC);
198 	if (skb == NULL) {
199 		BT_ERR("No free skb");
200 		return -ENOMEM;
201 	}
202 
203 	cmd = (struct btmrvl_cmd *) skb_put(skb, sizeof(*cmd));
204 	cmd->ocf_ogf = cpu_to_le16(hci_opcode_pack(OGF,
205 					BT_CMD_AUTO_SLEEP_MODE));
206 	cmd->length = 1;
207 
208 	if (priv->btmrvl_dev.psmode)
209 		cmd->data[0] = BT_PS_ENABLE;
210 	else
211 		cmd->data[0] = BT_PS_DISABLE;
212 
213 	bt_cb(skb)->pkt_type = MRVL_VENDOR_PKT;
214 
215 	skb->dev = (void *) priv->btmrvl_dev.hcidev;
216 	skb_queue_head(&priv->adapter->tx_queue, skb);
217 
218 	BT_DBG("Queue PSMODE Command:%d", cmd->data[0]);
219 
220 	return 0;
221 }
222 EXPORT_SYMBOL_GPL(btmrvl_enable_ps);
223 
224 static int btmrvl_enable_hs(struct btmrvl_private *priv)
225 {
226 	struct sk_buff *skb;
227 	struct btmrvl_cmd *cmd;
228 	int ret = 0;
229 
230 	skb = bt_skb_alloc(sizeof(*cmd), GFP_ATOMIC);
231 	if (skb == NULL) {
232 		BT_ERR("No free skb");
233 		return -ENOMEM;
234 	}
235 
236 	cmd = (struct btmrvl_cmd *) skb_put(skb, sizeof(*cmd));
237 	cmd->ocf_ogf = cpu_to_le16(hci_opcode_pack(OGF, BT_CMD_HOST_SLEEP_ENABLE));
238 	cmd->length = 0;
239 
240 	bt_cb(skb)->pkt_type = MRVL_VENDOR_PKT;
241 
242 	skb->dev = (void *) priv->btmrvl_dev.hcidev;
243 	skb_queue_head(&priv->adapter->tx_queue, skb);
244 
245 	BT_DBG("Queue hs enable Command");
246 
247 	wake_up_interruptible(&priv->main_thread.wait_q);
248 
249 	if (!wait_event_interruptible_timeout(priv->adapter->cmd_wait_q,
250 			priv->adapter->hs_state,
251 			msecs_to_jiffies(WAIT_UNTIL_HS_STATE_CHANGED))) {
252 		ret = -ETIMEDOUT;
253 		BT_ERR("timeout: %d, %d,%d", priv->adapter->hs_state,
254 						priv->adapter->ps_state,
255 						priv->adapter->wakeup_tries);
256 	}
257 
258 	return ret;
259 }
260 
261 int btmrvl_prepare_command(struct btmrvl_private *priv)
262 {
263 	struct sk_buff *skb = NULL;
264 	struct btmrvl_cmd *cmd;
265 	int ret = 0;
266 
267 	if (priv->btmrvl_dev.hscfgcmd) {
268 		priv->btmrvl_dev.hscfgcmd = 0;
269 
270 		skb = bt_skb_alloc(sizeof(*cmd), GFP_ATOMIC);
271 		if (skb == NULL) {
272 			BT_ERR("No free skb");
273 			return -ENOMEM;
274 		}
275 
276 		cmd = (struct btmrvl_cmd *) skb_put(skb, sizeof(*cmd));
277 		cmd->ocf_ogf = cpu_to_le16(hci_opcode_pack(OGF, BT_CMD_HOST_SLEEP_CONFIG));
278 		cmd->length = 2;
279 		cmd->data[0] = (priv->btmrvl_dev.gpio_gap & 0xff00) >> 8;
280 		cmd->data[1] = (u8) (priv->btmrvl_dev.gpio_gap & 0x00ff);
281 
282 		bt_cb(skb)->pkt_type = MRVL_VENDOR_PKT;
283 
284 		skb->dev = (void *) priv->btmrvl_dev.hcidev;
285 		skb_queue_head(&priv->adapter->tx_queue, skb);
286 
287 		BT_DBG("Queue HSCFG Command, gpio=0x%x, gap=0x%x",
288 						cmd->data[0], cmd->data[1]);
289 	}
290 
291 	if (priv->btmrvl_dev.pscmd) {
292 		priv->btmrvl_dev.pscmd = 0;
293 		btmrvl_enable_ps(priv);
294 	}
295 
296 	if (priv->btmrvl_dev.hscmd) {
297 		priv->btmrvl_dev.hscmd = 0;
298 
299 		if (priv->btmrvl_dev.hsmode) {
300 			ret = btmrvl_enable_hs(priv);
301 		} else {
302 			ret = priv->hw_wakeup_firmware(priv);
303 			priv->adapter->hs_state = HS_DEACTIVATED;
304 		}
305 	}
306 
307 	return ret;
308 }
309 
310 static int btmrvl_tx_pkt(struct btmrvl_private *priv, struct sk_buff *skb)
311 {
312 	int ret = 0;
313 
314 	if (!skb || !skb->data)
315 		return -EINVAL;
316 
317 	if (!skb->len || ((skb->len + BTM_HEADER_LEN) > BTM_UPLD_SIZE)) {
318 		BT_ERR("Tx Error: Bad skb length %d : %d",
319 						skb->len, BTM_UPLD_SIZE);
320 		return -EINVAL;
321 	}
322 
323 	if (skb_headroom(skb) < BTM_HEADER_LEN) {
324 		struct sk_buff *tmp = skb;
325 
326 		skb = skb_realloc_headroom(skb, BTM_HEADER_LEN);
327 		if (!skb) {
328 			BT_ERR("Tx Error: realloc_headroom failed %d",
329 				BTM_HEADER_LEN);
330 			skb = tmp;
331 			return -EINVAL;
332 		}
333 
334 		kfree_skb(tmp);
335 	}
336 
337 	skb_push(skb, BTM_HEADER_LEN);
338 
339 	/* header type: byte[3]
340 	 * HCI_COMMAND = 1, ACL_DATA = 2, SCO_DATA = 3, 0xFE = Vendor
341 	 * header length: byte[2][1][0]
342 	 */
343 
344 	skb->data[0] = (skb->len & 0x0000ff);
345 	skb->data[1] = (skb->len & 0x00ff00) >> 8;
346 	skb->data[2] = (skb->len & 0xff0000) >> 16;
347 	skb->data[3] = bt_cb(skb)->pkt_type;
348 
349 	if (priv->hw_host_to_card)
350 		ret = priv->hw_host_to_card(priv, skb->data, skb->len);
351 
352 	return ret;
353 }
354 
355 static void btmrvl_init_adapter(struct btmrvl_private *priv)
356 {
357 	skb_queue_head_init(&priv->adapter->tx_queue);
358 
359 	priv->adapter->ps_state = PS_AWAKE;
360 
361 	init_waitqueue_head(&priv->adapter->cmd_wait_q);
362 }
363 
364 static void btmrvl_free_adapter(struct btmrvl_private *priv)
365 {
366 	skb_queue_purge(&priv->adapter->tx_queue);
367 
368 	kfree(priv->adapter);
369 
370 	priv->adapter = NULL;
371 }
372 
373 static int btmrvl_ioctl(struct hci_dev *hdev,
374 				unsigned int cmd, unsigned long arg)
375 {
376 	return -ENOIOCTLCMD;
377 }
378 
379 static void btmrvl_destruct(struct hci_dev *hdev)
380 {
381 }
382 
383 static int btmrvl_send_frame(struct sk_buff *skb)
384 {
385 	struct hci_dev *hdev = (struct hci_dev *) skb->dev;
386 	struct btmrvl_private *priv = NULL;
387 
388 	BT_DBG("type=%d, len=%d", skb->pkt_type, skb->len);
389 
390 	if (!hdev || !hdev->driver_data) {
391 		BT_ERR("Frame for unknown HCI device");
392 		return -ENODEV;
393 	}
394 
395 	priv = (struct btmrvl_private *) hdev->driver_data;
396 	if (!test_bit(HCI_RUNNING, &hdev->flags)) {
397 		BT_ERR("Failed testing HCI_RUNING, flags=%lx", hdev->flags);
398 		print_hex_dump_bytes("data: ", DUMP_PREFIX_OFFSET,
399 							skb->data, skb->len);
400 		return -EBUSY;
401 	}
402 
403 	switch (bt_cb(skb)->pkt_type) {
404 	case HCI_COMMAND_PKT:
405 		hdev->stat.cmd_tx++;
406 		break;
407 
408 	case HCI_ACLDATA_PKT:
409 		hdev->stat.acl_tx++;
410 		break;
411 
412 	case HCI_SCODATA_PKT:
413 		hdev->stat.sco_tx++;
414 		break;
415 	}
416 
417 	skb_queue_tail(&priv->adapter->tx_queue, skb);
418 
419 	wake_up_interruptible(&priv->main_thread.wait_q);
420 
421 	return 0;
422 }
423 
424 static int btmrvl_flush(struct hci_dev *hdev)
425 {
426 	struct btmrvl_private *priv = hdev->driver_data;
427 
428 	skb_queue_purge(&priv->adapter->tx_queue);
429 
430 	return 0;
431 }
432 
433 static int btmrvl_close(struct hci_dev *hdev)
434 {
435 	struct btmrvl_private *priv = hdev->driver_data;
436 
437 	if (!test_and_clear_bit(HCI_RUNNING, &hdev->flags))
438 		return 0;
439 
440 	skb_queue_purge(&priv->adapter->tx_queue);
441 
442 	return 0;
443 }
444 
445 static int btmrvl_open(struct hci_dev *hdev)
446 {
447 	set_bit(HCI_RUNNING, &hdev->flags);
448 
449 	return 0;
450 }
451 
452 /*
453  * This function handles the event generated by firmware, rx data
454  * received from firmware, and tx data sent from kernel.
455  */
456 static int btmrvl_service_main_thread(void *data)
457 {
458 	struct btmrvl_thread *thread = data;
459 	struct btmrvl_private *priv = thread->priv;
460 	struct btmrvl_adapter *adapter = priv->adapter;
461 	wait_queue_t wait;
462 	struct sk_buff *skb;
463 	ulong flags;
464 
465 	init_waitqueue_entry(&wait, current);
466 
467 	current->flags |= PF_NOFREEZE;
468 
469 	for (;;) {
470 		add_wait_queue(&thread->wait_q, &wait);
471 
472 		set_current_state(TASK_INTERRUPTIBLE);
473 
474 		if (adapter->wakeup_tries ||
475 				((!adapter->int_count) &&
476 				(!priv->btmrvl_dev.tx_dnld_rdy ||
477 				skb_queue_empty(&adapter->tx_queue)))) {
478 			BT_DBG("main_thread is sleeping...");
479 			schedule();
480 		}
481 
482 		set_current_state(TASK_RUNNING);
483 
484 		remove_wait_queue(&thread->wait_q, &wait);
485 
486 		BT_DBG("main_thread woke up");
487 
488 		if (kthread_should_stop()) {
489 			BT_DBG("main_thread: break from main thread");
490 			break;
491 		}
492 
493 		spin_lock_irqsave(&priv->driver_lock, flags);
494 		if (adapter->int_count) {
495 			adapter->int_count = 0;
496 		} else if (adapter->ps_state == PS_SLEEP &&
497 					!skb_queue_empty(&adapter->tx_queue)) {
498 			spin_unlock_irqrestore(&priv->driver_lock, flags);
499 			adapter->wakeup_tries++;
500 			priv->hw_wakeup_firmware(priv);
501 			continue;
502 		}
503 		spin_unlock_irqrestore(&priv->driver_lock, flags);
504 
505 		if (adapter->ps_state == PS_SLEEP)
506 			continue;
507 
508 		if (!priv->btmrvl_dev.tx_dnld_rdy)
509 			continue;
510 
511 		skb = skb_dequeue(&adapter->tx_queue);
512 		if (skb) {
513 			if (btmrvl_tx_pkt(priv, skb))
514 				priv->btmrvl_dev.hcidev->stat.err_tx++;
515 			else
516 				priv->btmrvl_dev.hcidev->stat.byte_tx += skb->len;
517 
518 			kfree_skb(skb);
519 		}
520 	}
521 
522 	return 0;
523 }
524 
525 struct btmrvl_private *btmrvl_add_card(void *card)
526 {
527 	struct hci_dev *hdev = NULL;
528 	struct btmrvl_private *priv;
529 	int ret;
530 
531 	priv = kzalloc(sizeof(*priv), GFP_KERNEL);
532 	if (!priv) {
533 		BT_ERR("Can not allocate priv");
534 		goto err_priv;
535 	}
536 
537 	priv->adapter = kzalloc(sizeof(*priv->adapter), GFP_KERNEL);
538 	if (!priv->adapter) {
539 		BT_ERR("Allocate buffer for btmrvl_adapter failed!");
540 		goto err_adapter;
541 	}
542 
543 	btmrvl_init_adapter(priv);
544 
545 	hdev = hci_alloc_dev();
546 	if (!hdev) {
547 		BT_ERR("Can not allocate HCI device");
548 		goto err_hdev;
549 	}
550 
551 	BT_DBG("Starting kthread...");
552 	priv->main_thread.priv = priv;
553 	spin_lock_init(&priv->driver_lock);
554 
555 	init_waitqueue_head(&priv->main_thread.wait_q);
556 	priv->main_thread.task = kthread_run(btmrvl_service_main_thread,
557 				&priv->main_thread, "btmrvl_main_service");
558 
559 	priv->btmrvl_dev.hcidev = hdev;
560 	priv->btmrvl_dev.card = card;
561 
562 	hdev->driver_data = priv;
563 
564 	priv->btmrvl_dev.tx_dnld_rdy = true;
565 
566 	hdev->type = HCI_SDIO;
567 	hdev->open = btmrvl_open;
568 	hdev->close = btmrvl_close;
569 	hdev->flush = btmrvl_flush;
570 	hdev->send = btmrvl_send_frame;
571 	hdev->destruct = btmrvl_destruct;
572 	hdev->ioctl = btmrvl_ioctl;
573 	hdev->owner = THIS_MODULE;
574 
575 	ret = hci_register_dev(hdev);
576 	if (ret < 0) {
577 		BT_ERR("Can not register HCI device");
578 		goto err_hci_register_dev;
579 	}
580 
581 #ifdef CONFIG_DEBUG_FS
582 	btmrvl_debugfs_init(hdev);
583 #endif
584 
585 	return priv;
586 
587 err_hci_register_dev:
588 	/* Stop the thread servicing the interrupts */
589 	kthread_stop(priv->main_thread.task);
590 
591 	hci_free_dev(hdev);
592 
593 err_hdev:
594 	btmrvl_free_adapter(priv);
595 
596 err_adapter:
597 	kfree(priv);
598 
599 err_priv:
600 	return NULL;
601 }
602 EXPORT_SYMBOL_GPL(btmrvl_add_card);
603 
604 int btmrvl_remove_card(struct btmrvl_private *priv)
605 {
606 	struct hci_dev *hdev;
607 
608 	hdev = priv->btmrvl_dev.hcidev;
609 
610 	wake_up_interruptible(&priv->adapter->cmd_wait_q);
611 
612 	kthread_stop(priv->main_thread.task);
613 
614 #ifdef CONFIG_DEBUG_FS
615 	btmrvl_debugfs_remove(hdev);
616 #endif
617 
618 	hci_unregister_dev(hdev);
619 
620 	hci_free_dev(hdev);
621 
622 	priv->btmrvl_dev.hcidev = NULL;
623 
624 	btmrvl_free_adapter(priv);
625 
626 	kfree(priv);
627 
628 	return 0;
629 }
630 EXPORT_SYMBOL_GPL(btmrvl_remove_card);
631 
632 MODULE_AUTHOR("Marvell International Ltd.");
633 MODULE_DESCRIPTION("Marvell Bluetooth driver ver " VERSION);
634 MODULE_VERSION(VERSION);
635 MODULE_LICENSE("GPL v2");
636