1 /* 2 * 3 * Generic Bluetooth USB driver 4 * 5 * Copyright (C) 2005-2008 Marcel Holtmann <marcel@holtmann.org> 6 * 7 * 8 * This program is free software; you can redistribute it and/or modify 9 * it under the terms of the GNU General Public License as published by 10 * the Free Software Foundation; either version 2 of the License, or 11 * (at your option) any later version. 12 * 13 * This program is distributed in the hope that it will be useful, 14 * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 * GNU General Public License for more details. 17 * 18 * You should have received a copy of the GNU General Public License 19 * along with this program; if not, write to the Free Software 20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 21 * 22 */ 23 24 #include <linux/kernel.h> 25 #include <linux/module.h> 26 #include <linux/init.h> 27 #include <linux/slab.h> 28 #include <linux/types.h> 29 #include <linux/sched.h> 30 #include <linux/errno.h> 31 #include <linux/skbuff.h> 32 33 #include <linux/usb.h> 34 35 #include <net/bluetooth/bluetooth.h> 36 #include <net/bluetooth/hci_core.h> 37 38 #define VERSION "0.6" 39 40 static int ignore_dga; 41 static int ignore_csr; 42 static int ignore_sniffer; 43 static int disable_scofix; 44 static int force_scofix; 45 46 static int reset = 1; 47 48 static struct usb_driver btusb_driver; 49 50 #define BTUSB_IGNORE 0x01 51 #define BTUSB_DIGIANSWER 0x02 52 #define BTUSB_CSR 0x04 53 #define BTUSB_SNIFFER 0x08 54 #define BTUSB_BCM92035 0x10 55 #define BTUSB_BROKEN_ISOC 0x20 56 #define BTUSB_WRONG_SCO_MTU 0x40 57 #define BTUSB_ATH3012 0x80 58 59 static struct usb_device_id btusb_table[] = { 60 /* Generic Bluetooth USB device */ 61 { USB_DEVICE_INFO(0xe0, 0x01, 0x01) }, 62 63 /* Apple MacBookPro 7,1 */ 64 { USB_DEVICE(0x05ac, 0x8213) }, 65 66 /* Apple iMac11,1 */ 67 { USB_DEVICE(0x05ac, 0x8215) }, 68 69 /* Apple MacBookPro6,2 */ 70 { USB_DEVICE(0x05ac, 0x8218) }, 71 72 /* Apple MacBookAir3,1, MacBookAir3,2 */ 73 { USB_DEVICE(0x05ac, 0x821b) }, 74 75 /* Apple MacBookPro8,2 */ 76 { USB_DEVICE(0x05ac, 0x821a) }, 77 78 /* AVM BlueFRITZ! USB v2.0 */ 79 { USB_DEVICE(0x057c, 0x3800) }, 80 81 /* Bluetooth Ultraport Module from IBM */ 82 { USB_DEVICE(0x04bf, 0x030a) }, 83 84 /* ALPS Modules with non-standard id */ 85 { USB_DEVICE(0x044e, 0x3001) }, 86 { USB_DEVICE(0x044e, 0x3002) }, 87 88 /* Ericsson with non-standard id */ 89 { USB_DEVICE(0x0bdb, 0x1002) }, 90 91 /* Canyon CN-BTU1 with HID interfaces */ 92 { USB_DEVICE(0x0c10, 0x0000) }, 93 94 { } /* Terminating entry */ 95 }; 96 97 MODULE_DEVICE_TABLE(usb, btusb_table); 98 99 static struct usb_device_id blacklist_table[] = { 100 /* CSR BlueCore devices */ 101 { USB_DEVICE(0x0a12, 0x0001), .driver_info = BTUSB_CSR }, 102 103 /* Broadcom BCM2033 without firmware */ 104 { USB_DEVICE(0x0a5c, 0x2033), .driver_info = BTUSB_IGNORE }, 105 106 /* Atheros 3011 with sflash firmware */ 107 { USB_DEVICE(0x0cf3, 0x3002), .driver_info = BTUSB_IGNORE }, 108 { USB_DEVICE(0x13d3, 0x3304), .driver_info = BTUSB_IGNORE }, 109 110 /* Atheros AR9285 Malbec with sflash firmware */ 111 { USB_DEVICE(0x03f0, 0x311d), .driver_info = BTUSB_IGNORE }, 112 113 /* Atheros 3012 with sflash firmware */ 114 { USB_DEVICE(0x0cf3, 0x3004), .driver_info = BTUSB_ATH3012 }, 115 116 /* Atheros AR5BBU12 with sflash firmware */ 117 { USB_DEVICE(0x0489, 0xe02c), .driver_info = BTUSB_IGNORE }, 118 119 /* Broadcom BCM2035 */ 120 { USB_DEVICE(0x0a5c, 0x2035), .driver_info = BTUSB_WRONG_SCO_MTU }, 121 { USB_DEVICE(0x0a5c, 0x200a), .driver_info = BTUSB_WRONG_SCO_MTU }, 122 { USB_DEVICE(0x0a5c, 0x2009), .driver_info = BTUSB_BCM92035 }, 123 124 /* Broadcom BCM2045 */ 125 { USB_DEVICE(0x0a5c, 0x2039), .driver_info = BTUSB_WRONG_SCO_MTU }, 126 { USB_DEVICE(0x0a5c, 0x2101), .driver_info = BTUSB_WRONG_SCO_MTU }, 127 128 /* IBM/Lenovo ThinkPad with Broadcom chip */ 129 { USB_DEVICE(0x0a5c, 0x201e), .driver_info = BTUSB_WRONG_SCO_MTU }, 130 { USB_DEVICE(0x0a5c, 0x2110), .driver_info = BTUSB_WRONG_SCO_MTU }, 131 132 /* HP laptop with Broadcom chip */ 133 { USB_DEVICE(0x03f0, 0x171d), .driver_info = BTUSB_WRONG_SCO_MTU }, 134 135 /* Dell laptop with Broadcom chip */ 136 { USB_DEVICE(0x413c, 0x8126), .driver_info = BTUSB_WRONG_SCO_MTU }, 137 138 /* Dell Wireless 370 and 410 devices */ 139 { USB_DEVICE(0x413c, 0x8152), .driver_info = BTUSB_WRONG_SCO_MTU }, 140 { USB_DEVICE(0x413c, 0x8156), .driver_info = BTUSB_WRONG_SCO_MTU }, 141 142 /* Belkin F8T012 and F8T013 devices */ 143 { USB_DEVICE(0x050d, 0x0012), .driver_info = BTUSB_WRONG_SCO_MTU }, 144 { USB_DEVICE(0x050d, 0x0013), .driver_info = BTUSB_WRONG_SCO_MTU }, 145 146 /* Asus WL-BTD202 device */ 147 { USB_DEVICE(0x0b05, 0x1715), .driver_info = BTUSB_WRONG_SCO_MTU }, 148 149 /* Kensington Bluetooth USB adapter */ 150 { USB_DEVICE(0x047d, 0x105e), .driver_info = BTUSB_WRONG_SCO_MTU }, 151 152 /* RTX Telecom based adapters with buggy SCO support */ 153 { USB_DEVICE(0x0400, 0x0807), .driver_info = BTUSB_BROKEN_ISOC }, 154 { USB_DEVICE(0x0400, 0x080a), .driver_info = BTUSB_BROKEN_ISOC }, 155 156 /* CONWISE Technology based adapters with buggy SCO support */ 157 { USB_DEVICE(0x0e5e, 0x6622), .driver_info = BTUSB_BROKEN_ISOC }, 158 159 /* Digianswer devices */ 160 { USB_DEVICE(0x08fd, 0x0001), .driver_info = BTUSB_DIGIANSWER }, 161 { USB_DEVICE(0x08fd, 0x0002), .driver_info = BTUSB_IGNORE }, 162 163 /* CSR BlueCore Bluetooth Sniffer */ 164 { USB_DEVICE(0x0a12, 0x0002), .driver_info = BTUSB_SNIFFER }, 165 166 /* Frontline ComProbe Bluetooth Sniffer */ 167 { USB_DEVICE(0x16d3, 0x0002), .driver_info = BTUSB_SNIFFER }, 168 169 { } /* Terminating entry */ 170 }; 171 172 #define BTUSB_MAX_ISOC_FRAMES 10 173 174 #define BTUSB_INTR_RUNNING 0 175 #define BTUSB_BULK_RUNNING 1 176 #define BTUSB_ISOC_RUNNING 2 177 #define BTUSB_SUSPENDING 3 178 #define BTUSB_DID_ISO_RESUME 4 179 180 struct btusb_data { 181 struct hci_dev *hdev; 182 struct usb_device *udev; 183 struct usb_interface *intf; 184 struct usb_interface *isoc; 185 186 spinlock_t lock; 187 188 unsigned long flags; 189 190 struct work_struct work; 191 struct work_struct waker; 192 193 struct usb_anchor tx_anchor; 194 struct usb_anchor intr_anchor; 195 struct usb_anchor bulk_anchor; 196 struct usb_anchor isoc_anchor; 197 struct usb_anchor deferred; 198 int tx_in_flight; 199 spinlock_t txlock; 200 201 struct usb_endpoint_descriptor *intr_ep; 202 struct usb_endpoint_descriptor *bulk_tx_ep; 203 struct usb_endpoint_descriptor *bulk_rx_ep; 204 struct usb_endpoint_descriptor *isoc_tx_ep; 205 struct usb_endpoint_descriptor *isoc_rx_ep; 206 207 __u8 cmdreq_type; 208 209 unsigned int sco_num; 210 int isoc_altsetting; 211 int suspend_count; 212 }; 213 214 static int inc_tx(struct btusb_data *data) 215 { 216 unsigned long flags; 217 int rv; 218 219 spin_lock_irqsave(&data->txlock, flags); 220 rv = test_bit(BTUSB_SUSPENDING, &data->flags); 221 if (!rv) 222 data->tx_in_flight++; 223 spin_unlock_irqrestore(&data->txlock, flags); 224 225 return rv; 226 } 227 228 static void btusb_intr_complete(struct urb *urb) 229 { 230 struct hci_dev *hdev = urb->context; 231 struct btusb_data *data = hdev->driver_data; 232 int err; 233 234 BT_DBG("%s urb %p status %d count %d", hdev->name, 235 urb, urb->status, urb->actual_length); 236 237 if (!test_bit(HCI_RUNNING, &hdev->flags)) 238 return; 239 240 if (urb->status == 0) { 241 hdev->stat.byte_rx += urb->actual_length; 242 243 if (hci_recv_fragment(hdev, HCI_EVENT_PKT, 244 urb->transfer_buffer, 245 urb->actual_length) < 0) { 246 BT_ERR("%s corrupted event packet", hdev->name); 247 hdev->stat.err_rx++; 248 } 249 } 250 251 if (!test_bit(BTUSB_INTR_RUNNING, &data->flags)) 252 return; 253 254 usb_mark_last_busy(data->udev); 255 usb_anchor_urb(urb, &data->intr_anchor); 256 257 err = usb_submit_urb(urb, GFP_ATOMIC); 258 if (err < 0) { 259 if (err != -EPERM) 260 BT_ERR("%s urb %p failed to resubmit (%d)", 261 hdev->name, urb, -err); 262 usb_unanchor_urb(urb); 263 } 264 } 265 266 static int btusb_submit_intr_urb(struct hci_dev *hdev, gfp_t mem_flags) 267 { 268 struct btusb_data *data = hdev->driver_data; 269 struct urb *urb; 270 unsigned char *buf; 271 unsigned int pipe; 272 int err, size; 273 274 BT_DBG("%s", hdev->name); 275 276 if (!data->intr_ep) 277 return -ENODEV; 278 279 urb = usb_alloc_urb(0, mem_flags); 280 if (!urb) 281 return -ENOMEM; 282 283 size = le16_to_cpu(data->intr_ep->wMaxPacketSize); 284 285 buf = kmalloc(size, mem_flags); 286 if (!buf) { 287 usb_free_urb(urb); 288 return -ENOMEM; 289 } 290 291 pipe = usb_rcvintpipe(data->udev, data->intr_ep->bEndpointAddress); 292 293 usb_fill_int_urb(urb, data->udev, pipe, buf, size, 294 btusb_intr_complete, hdev, 295 data->intr_ep->bInterval); 296 297 urb->transfer_flags |= URB_FREE_BUFFER; 298 299 usb_anchor_urb(urb, &data->intr_anchor); 300 301 err = usb_submit_urb(urb, mem_flags); 302 if (err < 0) { 303 BT_ERR("%s urb %p submission failed (%d)", 304 hdev->name, urb, -err); 305 usb_unanchor_urb(urb); 306 } 307 308 usb_free_urb(urb); 309 310 return err; 311 } 312 313 static void btusb_bulk_complete(struct urb *urb) 314 { 315 struct hci_dev *hdev = urb->context; 316 struct btusb_data *data = hdev->driver_data; 317 int err; 318 319 BT_DBG("%s urb %p status %d count %d", hdev->name, 320 urb, urb->status, urb->actual_length); 321 322 if (!test_bit(HCI_RUNNING, &hdev->flags)) 323 return; 324 325 if (urb->status == 0) { 326 hdev->stat.byte_rx += urb->actual_length; 327 328 if (hci_recv_fragment(hdev, HCI_ACLDATA_PKT, 329 urb->transfer_buffer, 330 urb->actual_length) < 0) { 331 BT_ERR("%s corrupted ACL packet", hdev->name); 332 hdev->stat.err_rx++; 333 } 334 } 335 336 if (!test_bit(BTUSB_BULK_RUNNING, &data->flags)) 337 return; 338 339 usb_anchor_urb(urb, &data->bulk_anchor); 340 usb_mark_last_busy(data->udev); 341 342 err = usb_submit_urb(urb, GFP_ATOMIC); 343 if (err < 0) { 344 if (err != -EPERM) 345 BT_ERR("%s urb %p failed to resubmit (%d)", 346 hdev->name, urb, -err); 347 usb_unanchor_urb(urb); 348 } 349 } 350 351 static int btusb_submit_bulk_urb(struct hci_dev *hdev, gfp_t mem_flags) 352 { 353 struct btusb_data *data = hdev->driver_data; 354 struct urb *urb; 355 unsigned char *buf; 356 unsigned int pipe; 357 int err, size = HCI_MAX_FRAME_SIZE; 358 359 BT_DBG("%s", hdev->name); 360 361 if (!data->bulk_rx_ep) 362 return -ENODEV; 363 364 urb = usb_alloc_urb(0, mem_flags); 365 if (!urb) 366 return -ENOMEM; 367 368 buf = kmalloc(size, mem_flags); 369 if (!buf) { 370 usb_free_urb(urb); 371 return -ENOMEM; 372 } 373 374 pipe = usb_rcvbulkpipe(data->udev, data->bulk_rx_ep->bEndpointAddress); 375 376 usb_fill_bulk_urb(urb, data->udev, pipe, 377 buf, size, btusb_bulk_complete, hdev); 378 379 urb->transfer_flags |= URB_FREE_BUFFER; 380 381 usb_mark_last_busy(data->udev); 382 usb_anchor_urb(urb, &data->bulk_anchor); 383 384 err = usb_submit_urb(urb, mem_flags); 385 if (err < 0) { 386 BT_ERR("%s urb %p submission failed (%d)", 387 hdev->name, urb, -err); 388 usb_unanchor_urb(urb); 389 } 390 391 usb_free_urb(urb); 392 393 return err; 394 } 395 396 static void btusb_isoc_complete(struct urb *urb) 397 { 398 struct hci_dev *hdev = urb->context; 399 struct btusb_data *data = hdev->driver_data; 400 int i, err; 401 402 BT_DBG("%s urb %p status %d count %d", hdev->name, 403 urb, urb->status, urb->actual_length); 404 405 if (!test_bit(HCI_RUNNING, &hdev->flags)) 406 return; 407 408 if (urb->status == 0) { 409 for (i = 0; i < urb->number_of_packets; i++) { 410 unsigned int offset = urb->iso_frame_desc[i].offset; 411 unsigned int length = urb->iso_frame_desc[i].actual_length; 412 413 if (urb->iso_frame_desc[i].status) 414 continue; 415 416 hdev->stat.byte_rx += length; 417 418 if (hci_recv_fragment(hdev, HCI_SCODATA_PKT, 419 urb->transfer_buffer + offset, 420 length) < 0) { 421 BT_ERR("%s corrupted SCO packet", hdev->name); 422 hdev->stat.err_rx++; 423 } 424 } 425 } 426 427 if (!test_bit(BTUSB_ISOC_RUNNING, &data->flags)) 428 return; 429 430 usb_anchor_urb(urb, &data->isoc_anchor); 431 432 err = usb_submit_urb(urb, GFP_ATOMIC); 433 if (err < 0) { 434 if (err != -EPERM) 435 BT_ERR("%s urb %p failed to resubmit (%d)", 436 hdev->name, urb, -err); 437 usb_unanchor_urb(urb); 438 } 439 } 440 441 static inline void __fill_isoc_descriptor(struct urb *urb, int len, int mtu) 442 { 443 int i, offset = 0; 444 445 BT_DBG("len %d mtu %d", len, mtu); 446 447 for (i = 0; i < BTUSB_MAX_ISOC_FRAMES && len >= mtu; 448 i++, offset += mtu, len -= mtu) { 449 urb->iso_frame_desc[i].offset = offset; 450 urb->iso_frame_desc[i].length = mtu; 451 } 452 453 if (len && i < BTUSB_MAX_ISOC_FRAMES) { 454 urb->iso_frame_desc[i].offset = offset; 455 urb->iso_frame_desc[i].length = len; 456 i++; 457 } 458 459 urb->number_of_packets = i; 460 } 461 462 static int btusb_submit_isoc_urb(struct hci_dev *hdev, gfp_t mem_flags) 463 { 464 struct btusb_data *data = hdev->driver_data; 465 struct urb *urb; 466 unsigned char *buf; 467 unsigned int pipe; 468 int err, size; 469 470 BT_DBG("%s", hdev->name); 471 472 if (!data->isoc_rx_ep) 473 return -ENODEV; 474 475 urb = usb_alloc_urb(BTUSB_MAX_ISOC_FRAMES, mem_flags); 476 if (!urb) 477 return -ENOMEM; 478 479 size = le16_to_cpu(data->isoc_rx_ep->wMaxPacketSize) * 480 BTUSB_MAX_ISOC_FRAMES; 481 482 buf = kmalloc(size, mem_flags); 483 if (!buf) { 484 usb_free_urb(urb); 485 return -ENOMEM; 486 } 487 488 pipe = usb_rcvisocpipe(data->udev, data->isoc_rx_ep->bEndpointAddress); 489 490 urb->dev = data->udev; 491 urb->pipe = pipe; 492 urb->context = hdev; 493 urb->complete = btusb_isoc_complete; 494 urb->interval = data->isoc_rx_ep->bInterval; 495 496 urb->transfer_flags = URB_FREE_BUFFER | URB_ISO_ASAP; 497 urb->transfer_buffer = buf; 498 urb->transfer_buffer_length = size; 499 500 __fill_isoc_descriptor(urb, size, 501 le16_to_cpu(data->isoc_rx_ep->wMaxPacketSize)); 502 503 usb_anchor_urb(urb, &data->isoc_anchor); 504 505 err = usb_submit_urb(urb, mem_flags); 506 if (err < 0) { 507 BT_ERR("%s urb %p submission failed (%d)", 508 hdev->name, urb, -err); 509 usb_unanchor_urb(urb); 510 } 511 512 usb_free_urb(urb); 513 514 return err; 515 } 516 517 static void btusb_tx_complete(struct urb *urb) 518 { 519 struct sk_buff *skb = urb->context; 520 struct hci_dev *hdev = (struct hci_dev *) skb->dev; 521 struct btusb_data *data = hdev->driver_data; 522 523 BT_DBG("%s urb %p status %d count %d", hdev->name, 524 urb, urb->status, urb->actual_length); 525 526 if (!test_bit(HCI_RUNNING, &hdev->flags)) 527 goto done; 528 529 if (!urb->status) 530 hdev->stat.byte_tx += urb->transfer_buffer_length; 531 else 532 hdev->stat.err_tx++; 533 534 done: 535 spin_lock(&data->txlock); 536 data->tx_in_flight--; 537 spin_unlock(&data->txlock); 538 539 kfree(urb->setup_packet); 540 541 kfree_skb(skb); 542 } 543 544 static void btusb_isoc_tx_complete(struct urb *urb) 545 { 546 struct sk_buff *skb = urb->context; 547 struct hci_dev *hdev = (struct hci_dev *) skb->dev; 548 549 BT_DBG("%s urb %p status %d count %d", hdev->name, 550 urb, urb->status, urb->actual_length); 551 552 if (!test_bit(HCI_RUNNING, &hdev->flags)) 553 goto done; 554 555 if (!urb->status) 556 hdev->stat.byte_tx += urb->transfer_buffer_length; 557 else 558 hdev->stat.err_tx++; 559 560 done: 561 kfree(urb->setup_packet); 562 563 kfree_skb(skb); 564 } 565 566 static int btusb_open(struct hci_dev *hdev) 567 { 568 struct btusb_data *data = hdev->driver_data; 569 int err; 570 571 BT_DBG("%s", hdev->name); 572 573 err = usb_autopm_get_interface(data->intf); 574 if (err < 0) 575 return err; 576 577 data->intf->needs_remote_wakeup = 1; 578 579 if (test_and_set_bit(HCI_RUNNING, &hdev->flags)) 580 goto done; 581 582 if (test_and_set_bit(BTUSB_INTR_RUNNING, &data->flags)) 583 goto done; 584 585 err = btusb_submit_intr_urb(hdev, GFP_KERNEL); 586 if (err < 0) 587 goto failed; 588 589 err = btusb_submit_bulk_urb(hdev, GFP_KERNEL); 590 if (err < 0) { 591 usb_kill_anchored_urbs(&data->intr_anchor); 592 goto failed; 593 } 594 595 set_bit(BTUSB_BULK_RUNNING, &data->flags); 596 btusb_submit_bulk_urb(hdev, GFP_KERNEL); 597 598 done: 599 usb_autopm_put_interface(data->intf); 600 return 0; 601 602 failed: 603 clear_bit(BTUSB_INTR_RUNNING, &data->flags); 604 clear_bit(HCI_RUNNING, &hdev->flags); 605 usb_autopm_put_interface(data->intf); 606 return err; 607 } 608 609 static void btusb_stop_traffic(struct btusb_data *data) 610 { 611 usb_kill_anchored_urbs(&data->intr_anchor); 612 usb_kill_anchored_urbs(&data->bulk_anchor); 613 usb_kill_anchored_urbs(&data->isoc_anchor); 614 } 615 616 static int btusb_close(struct hci_dev *hdev) 617 { 618 struct btusb_data *data = hdev->driver_data; 619 int err; 620 621 BT_DBG("%s", hdev->name); 622 623 if (!test_and_clear_bit(HCI_RUNNING, &hdev->flags)) 624 return 0; 625 626 cancel_work_sync(&data->work); 627 cancel_work_sync(&data->waker); 628 629 clear_bit(BTUSB_ISOC_RUNNING, &data->flags); 630 clear_bit(BTUSB_BULK_RUNNING, &data->flags); 631 clear_bit(BTUSB_INTR_RUNNING, &data->flags); 632 633 btusb_stop_traffic(data); 634 err = usb_autopm_get_interface(data->intf); 635 if (err < 0) 636 goto failed; 637 638 data->intf->needs_remote_wakeup = 0; 639 usb_autopm_put_interface(data->intf); 640 641 failed: 642 usb_scuttle_anchored_urbs(&data->deferred); 643 return 0; 644 } 645 646 static int btusb_flush(struct hci_dev *hdev) 647 { 648 struct btusb_data *data = hdev->driver_data; 649 650 BT_DBG("%s", hdev->name); 651 652 usb_kill_anchored_urbs(&data->tx_anchor); 653 654 return 0; 655 } 656 657 static int btusb_send_frame(struct sk_buff *skb) 658 { 659 struct hci_dev *hdev = (struct hci_dev *) skb->dev; 660 struct btusb_data *data = hdev->driver_data; 661 struct usb_ctrlrequest *dr; 662 struct urb *urb; 663 unsigned int pipe; 664 int err; 665 666 BT_DBG("%s", hdev->name); 667 668 if (!test_bit(HCI_RUNNING, &hdev->flags)) 669 return -EBUSY; 670 671 switch (bt_cb(skb)->pkt_type) { 672 case HCI_COMMAND_PKT: 673 urb = usb_alloc_urb(0, GFP_ATOMIC); 674 if (!urb) 675 return -ENOMEM; 676 677 dr = kmalloc(sizeof(*dr), GFP_ATOMIC); 678 if (!dr) { 679 usb_free_urb(urb); 680 return -ENOMEM; 681 } 682 683 dr->bRequestType = data->cmdreq_type; 684 dr->bRequest = 0; 685 dr->wIndex = 0; 686 dr->wValue = 0; 687 dr->wLength = __cpu_to_le16(skb->len); 688 689 pipe = usb_sndctrlpipe(data->udev, 0x00); 690 691 usb_fill_control_urb(urb, data->udev, pipe, (void *) dr, 692 skb->data, skb->len, btusb_tx_complete, skb); 693 694 hdev->stat.cmd_tx++; 695 break; 696 697 case HCI_ACLDATA_PKT: 698 if (!data->bulk_tx_ep || (hdev->conn_hash.acl_num < 1 && 699 hdev->conn_hash.le_num < 1)) 700 return -ENODEV; 701 702 urb = usb_alloc_urb(0, GFP_ATOMIC); 703 if (!urb) 704 return -ENOMEM; 705 706 pipe = usb_sndbulkpipe(data->udev, 707 data->bulk_tx_ep->bEndpointAddress); 708 709 usb_fill_bulk_urb(urb, data->udev, pipe, 710 skb->data, skb->len, btusb_tx_complete, skb); 711 712 hdev->stat.acl_tx++; 713 break; 714 715 case HCI_SCODATA_PKT: 716 if (!data->isoc_tx_ep || hdev->conn_hash.sco_num < 1) 717 return -ENODEV; 718 719 urb = usb_alloc_urb(BTUSB_MAX_ISOC_FRAMES, GFP_ATOMIC); 720 if (!urb) 721 return -ENOMEM; 722 723 pipe = usb_sndisocpipe(data->udev, 724 data->isoc_tx_ep->bEndpointAddress); 725 726 usb_fill_int_urb(urb, data->udev, pipe, 727 skb->data, skb->len, btusb_isoc_tx_complete, 728 skb, data->isoc_tx_ep->bInterval); 729 730 urb->transfer_flags = URB_ISO_ASAP; 731 732 __fill_isoc_descriptor(urb, skb->len, 733 le16_to_cpu(data->isoc_tx_ep->wMaxPacketSize)); 734 735 hdev->stat.sco_tx++; 736 goto skip_waking; 737 738 default: 739 return -EILSEQ; 740 } 741 742 err = inc_tx(data); 743 if (err) { 744 usb_anchor_urb(urb, &data->deferred); 745 schedule_work(&data->waker); 746 err = 0; 747 goto done; 748 } 749 750 skip_waking: 751 usb_anchor_urb(urb, &data->tx_anchor); 752 753 err = usb_submit_urb(urb, GFP_ATOMIC); 754 if (err < 0) { 755 BT_ERR("%s urb %p submission failed", hdev->name, urb); 756 kfree(urb->setup_packet); 757 usb_unanchor_urb(urb); 758 } else { 759 usb_mark_last_busy(data->udev); 760 } 761 762 usb_free_urb(urb); 763 764 done: 765 return err; 766 } 767 768 static void btusb_destruct(struct hci_dev *hdev) 769 { 770 struct btusb_data *data = hdev->driver_data; 771 772 BT_DBG("%s", hdev->name); 773 774 kfree(data); 775 } 776 777 static void btusb_notify(struct hci_dev *hdev, unsigned int evt) 778 { 779 struct btusb_data *data = hdev->driver_data; 780 781 BT_DBG("%s evt %d", hdev->name, evt); 782 783 if (hdev->conn_hash.sco_num != data->sco_num) { 784 data->sco_num = hdev->conn_hash.sco_num; 785 schedule_work(&data->work); 786 } 787 } 788 789 static inline int __set_isoc_interface(struct hci_dev *hdev, int altsetting) 790 { 791 struct btusb_data *data = hdev->driver_data; 792 struct usb_interface *intf = data->isoc; 793 struct usb_endpoint_descriptor *ep_desc; 794 int i, err; 795 796 if (!data->isoc) 797 return -ENODEV; 798 799 err = usb_set_interface(data->udev, 1, altsetting); 800 if (err < 0) { 801 BT_ERR("%s setting interface failed (%d)", hdev->name, -err); 802 return err; 803 } 804 805 data->isoc_altsetting = altsetting; 806 807 data->isoc_tx_ep = NULL; 808 data->isoc_rx_ep = NULL; 809 810 for (i = 0; i < intf->cur_altsetting->desc.bNumEndpoints; i++) { 811 ep_desc = &intf->cur_altsetting->endpoint[i].desc; 812 813 if (!data->isoc_tx_ep && usb_endpoint_is_isoc_out(ep_desc)) { 814 data->isoc_tx_ep = ep_desc; 815 continue; 816 } 817 818 if (!data->isoc_rx_ep && usb_endpoint_is_isoc_in(ep_desc)) { 819 data->isoc_rx_ep = ep_desc; 820 continue; 821 } 822 } 823 824 if (!data->isoc_tx_ep || !data->isoc_rx_ep) { 825 BT_ERR("%s invalid SCO descriptors", hdev->name); 826 return -ENODEV; 827 } 828 829 return 0; 830 } 831 832 static void btusb_work(struct work_struct *work) 833 { 834 struct btusb_data *data = container_of(work, struct btusb_data, work); 835 struct hci_dev *hdev = data->hdev; 836 int err; 837 838 if (hdev->conn_hash.sco_num > 0) { 839 if (!test_bit(BTUSB_DID_ISO_RESUME, &data->flags)) { 840 err = usb_autopm_get_interface(data->isoc ? data->isoc : data->intf); 841 if (err < 0) { 842 clear_bit(BTUSB_ISOC_RUNNING, &data->flags); 843 usb_kill_anchored_urbs(&data->isoc_anchor); 844 return; 845 } 846 847 set_bit(BTUSB_DID_ISO_RESUME, &data->flags); 848 } 849 if (data->isoc_altsetting != 2) { 850 clear_bit(BTUSB_ISOC_RUNNING, &data->flags); 851 usb_kill_anchored_urbs(&data->isoc_anchor); 852 853 if (__set_isoc_interface(hdev, 2) < 0) 854 return; 855 } 856 857 if (!test_and_set_bit(BTUSB_ISOC_RUNNING, &data->flags)) { 858 if (btusb_submit_isoc_urb(hdev, GFP_KERNEL) < 0) 859 clear_bit(BTUSB_ISOC_RUNNING, &data->flags); 860 else 861 btusb_submit_isoc_urb(hdev, GFP_KERNEL); 862 } 863 } else { 864 clear_bit(BTUSB_ISOC_RUNNING, &data->flags); 865 usb_kill_anchored_urbs(&data->isoc_anchor); 866 867 __set_isoc_interface(hdev, 0); 868 if (test_and_clear_bit(BTUSB_DID_ISO_RESUME, &data->flags)) 869 usb_autopm_put_interface(data->isoc ? data->isoc : data->intf); 870 } 871 } 872 873 static void btusb_waker(struct work_struct *work) 874 { 875 struct btusb_data *data = container_of(work, struct btusb_data, waker); 876 int err; 877 878 err = usb_autopm_get_interface(data->intf); 879 if (err < 0) 880 return; 881 882 usb_autopm_put_interface(data->intf); 883 } 884 885 static int btusb_probe(struct usb_interface *intf, 886 const struct usb_device_id *id) 887 { 888 struct usb_endpoint_descriptor *ep_desc; 889 struct btusb_data *data; 890 struct hci_dev *hdev; 891 int i, err; 892 893 BT_DBG("intf %p id %p", intf, id); 894 895 /* interface numbers are hardcoded in the spec */ 896 if (intf->cur_altsetting->desc.bInterfaceNumber != 0) 897 return -ENODEV; 898 899 if (!id->driver_info) { 900 const struct usb_device_id *match; 901 match = usb_match_id(intf, blacklist_table); 902 if (match) 903 id = match; 904 } 905 906 if (id->driver_info == BTUSB_IGNORE) 907 return -ENODEV; 908 909 if (ignore_dga && id->driver_info & BTUSB_DIGIANSWER) 910 return -ENODEV; 911 912 if (ignore_csr && id->driver_info & BTUSB_CSR) 913 return -ENODEV; 914 915 if (ignore_sniffer && id->driver_info & BTUSB_SNIFFER) 916 return -ENODEV; 917 918 if (id->driver_info & BTUSB_ATH3012) { 919 struct usb_device *udev = interface_to_usbdev(intf); 920 921 /* Old firmware would otherwise let ath3k driver load 922 * patch and sysconfig files */ 923 if (le16_to_cpu(udev->descriptor.bcdDevice) <= 0x0001) 924 return -ENODEV; 925 } 926 927 data = kzalloc(sizeof(*data), GFP_KERNEL); 928 if (!data) 929 return -ENOMEM; 930 931 for (i = 0; i < intf->cur_altsetting->desc.bNumEndpoints; i++) { 932 ep_desc = &intf->cur_altsetting->endpoint[i].desc; 933 934 if (!data->intr_ep && usb_endpoint_is_int_in(ep_desc)) { 935 data->intr_ep = ep_desc; 936 continue; 937 } 938 939 if (!data->bulk_tx_ep && usb_endpoint_is_bulk_out(ep_desc)) { 940 data->bulk_tx_ep = ep_desc; 941 continue; 942 } 943 944 if (!data->bulk_rx_ep && usb_endpoint_is_bulk_in(ep_desc)) { 945 data->bulk_rx_ep = ep_desc; 946 continue; 947 } 948 } 949 950 if (!data->intr_ep || !data->bulk_tx_ep || !data->bulk_rx_ep) { 951 kfree(data); 952 return -ENODEV; 953 } 954 955 data->cmdreq_type = USB_TYPE_CLASS; 956 957 data->udev = interface_to_usbdev(intf); 958 data->intf = intf; 959 960 spin_lock_init(&data->lock); 961 962 INIT_WORK(&data->work, btusb_work); 963 INIT_WORK(&data->waker, btusb_waker); 964 spin_lock_init(&data->txlock); 965 966 init_usb_anchor(&data->tx_anchor); 967 init_usb_anchor(&data->intr_anchor); 968 init_usb_anchor(&data->bulk_anchor); 969 init_usb_anchor(&data->isoc_anchor); 970 init_usb_anchor(&data->deferred); 971 972 hdev = hci_alloc_dev(); 973 if (!hdev) { 974 kfree(data); 975 return -ENOMEM; 976 } 977 978 hdev->bus = HCI_USB; 979 hdev->driver_data = data; 980 981 data->hdev = hdev; 982 983 SET_HCIDEV_DEV(hdev, &intf->dev); 984 985 hdev->open = btusb_open; 986 hdev->close = btusb_close; 987 hdev->flush = btusb_flush; 988 hdev->send = btusb_send_frame; 989 hdev->destruct = btusb_destruct; 990 hdev->notify = btusb_notify; 991 992 hdev->owner = THIS_MODULE; 993 994 /* Interface numbers are hardcoded in the specification */ 995 data->isoc = usb_ifnum_to_if(data->udev, 1); 996 997 if (!reset) 998 set_bit(HCI_QUIRK_NO_RESET, &hdev->quirks); 999 1000 if (force_scofix || id->driver_info & BTUSB_WRONG_SCO_MTU) { 1001 if (!disable_scofix) 1002 set_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks); 1003 } 1004 1005 if (id->driver_info & BTUSB_BROKEN_ISOC) 1006 data->isoc = NULL; 1007 1008 if (id->driver_info & BTUSB_DIGIANSWER) { 1009 data->cmdreq_type = USB_TYPE_VENDOR; 1010 set_bit(HCI_QUIRK_NO_RESET, &hdev->quirks); 1011 } 1012 1013 if (id->driver_info & BTUSB_CSR) { 1014 struct usb_device *udev = data->udev; 1015 1016 /* Old firmware would otherwise execute USB reset */ 1017 if (le16_to_cpu(udev->descriptor.bcdDevice) < 0x117) 1018 set_bit(HCI_QUIRK_NO_RESET, &hdev->quirks); 1019 } 1020 1021 if (id->driver_info & BTUSB_SNIFFER) { 1022 struct usb_device *udev = data->udev; 1023 1024 /* New sniffer firmware has crippled HCI interface */ 1025 if (le16_to_cpu(udev->descriptor.bcdDevice) > 0x997) 1026 set_bit(HCI_QUIRK_RAW_DEVICE, &hdev->quirks); 1027 1028 data->isoc = NULL; 1029 } 1030 1031 if (id->driver_info & BTUSB_BCM92035) { 1032 unsigned char cmd[] = { 0x3b, 0xfc, 0x01, 0x00 }; 1033 struct sk_buff *skb; 1034 1035 skb = bt_skb_alloc(sizeof(cmd), GFP_KERNEL); 1036 if (skb) { 1037 memcpy(skb_put(skb, sizeof(cmd)), cmd, sizeof(cmd)); 1038 skb_queue_tail(&hdev->driver_init, skb); 1039 } 1040 } 1041 1042 if (data->isoc) { 1043 err = usb_driver_claim_interface(&btusb_driver, 1044 data->isoc, data); 1045 if (err < 0) { 1046 hci_free_dev(hdev); 1047 kfree(data); 1048 return err; 1049 } 1050 } 1051 1052 err = hci_register_dev(hdev); 1053 if (err < 0) { 1054 hci_free_dev(hdev); 1055 kfree(data); 1056 return err; 1057 } 1058 1059 usb_set_intfdata(intf, data); 1060 1061 return 0; 1062 } 1063 1064 static void btusb_disconnect(struct usb_interface *intf) 1065 { 1066 struct btusb_data *data = usb_get_intfdata(intf); 1067 struct hci_dev *hdev; 1068 1069 BT_DBG("intf %p", intf); 1070 1071 if (!data) 1072 return; 1073 1074 hdev = data->hdev; 1075 1076 __hci_dev_hold(hdev); 1077 1078 usb_set_intfdata(data->intf, NULL); 1079 1080 if (data->isoc) 1081 usb_set_intfdata(data->isoc, NULL); 1082 1083 hci_unregister_dev(hdev); 1084 1085 if (intf == data->isoc) 1086 usb_driver_release_interface(&btusb_driver, data->intf); 1087 else if (data->isoc) 1088 usb_driver_release_interface(&btusb_driver, data->isoc); 1089 1090 __hci_dev_put(hdev); 1091 1092 hci_free_dev(hdev); 1093 } 1094 1095 #ifdef CONFIG_PM 1096 static int btusb_suspend(struct usb_interface *intf, pm_message_t message) 1097 { 1098 struct btusb_data *data = usb_get_intfdata(intf); 1099 1100 BT_DBG("intf %p", intf); 1101 1102 if (data->suspend_count++) 1103 return 0; 1104 1105 spin_lock_irq(&data->txlock); 1106 if (!((message.event & PM_EVENT_AUTO) && data->tx_in_flight)) { 1107 set_bit(BTUSB_SUSPENDING, &data->flags); 1108 spin_unlock_irq(&data->txlock); 1109 } else { 1110 spin_unlock_irq(&data->txlock); 1111 data->suspend_count--; 1112 return -EBUSY; 1113 } 1114 1115 cancel_work_sync(&data->work); 1116 1117 btusb_stop_traffic(data); 1118 usb_kill_anchored_urbs(&data->tx_anchor); 1119 1120 return 0; 1121 } 1122 1123 static void play_deferred(struct btusb_data *data) 1124 { 1125 struct urb *urb; 1126 int err; 1127 1128 while ((urb = usb_get_from_anchor(&data->deferred))) { 1129 err = usb_submit_urb(urb, GFP_ATOMIC); 1130 if (err < 0) 1131 break; 1132 1133 data->tx_in_flight++; 1134 } 1135 usb_scuttle_anchored_urbs(&data->deferred); 1136 } 1137 1138 static int btusb_resume(struct usb_interface *intf) 1139 { 1140 struct btusb_data *data = usb_get_intfdata(intf); 1141 struct hci_dev *hdev = data->hdev; 1142 int err = 0; 1143 1144 BT_DBG("intf %p", intf); 1145 1146 if (--data->suspend_count) 1147 return 0; 1148 1149 if (!test_bit(HCI_RUNNING, &hdev->flags)) 1150 goto done; 1151 1152 if (test_bit(BTUSB_INTR_RUNNING, &data->flags)) { 1153 err = btusb_submit_intr_urb(hdev, GFP_NOIO); 1154 if (err < 0) { 1155 clear_bit(BTUSB_INTR_RUNNING, &data->flags); 1156 goto failed; 1157 } 1158 } 1159 1160 if (test_bit(BTUSB_BULK_RUNNING, &data->flags)) { 1161 err = btusb_submit_bulk_urb(hdev, GFP_NOIO); 1162 if (err < 0) { 1163 clear_bit(BTUSB_BULK_RUNNING, &data->flags); 1164 goto failed; 1165 } 1166 1167 btusb_submit_bulk_urb(hdev, GFP_NOIO); 1168 } 1169 1170 if (test_bit(BTUSB_ISOC_RUNNING, &data->flags)) { 1171 if (btusb_submit_isoc_urb(hdev, GFP_NOIO) < 0) 1172 clear_bit(BTUSB_ISOC_RUNNING, &data->flags); 1173 else 1174 btusb_submit_isoc_urb(hdev, GFP_NOIO); 1175 } 1176 1177 spin_lock_irq(&data->txlock); 1178 play_deferred(data); 1179 clear_bit(BTUSB_SUSPENDING, &data->flags); 1180 spin_unlock_irq(&data->txlock); 1181 schedule_work(&data->work); 1182 1183 return 0; 1184 1185 failed: 1186 usb_scuttle_anchored_urbs(&data->deferred); 1187 done: 1188 spin_lock_irq(&data->txlock); 1189 clear_bit(BTUSB_SUSPENDING, &data->flags); 1190 spin_unlock_irq(&data->txlock); 1191 1192 return err; 1193 } 1194 #endif 1195 1196 static struct usb_driver btusb_driver = { 1197 .name = "btusb", 1198 .probe = btusb_probe, 1199 .disconnect = btusb_disconnect, 1200 #ifdef CONFIG_PM 1201 .suspend = btusb_suspend, 1202 .resume = btusb_resume, 1203 #endif 1204 .id_table = btusb_table, 1205 .supports_autosuspend = 1, 1206 }; 1207 1208 static int __init btusb_init(void) 1209 { 1210 BT_INFO("Generic Bluetooth USB driver ver %s", VERSION); 1211 1212 return usb_register(&btusb_driver); 1213 } 1214 1215 static void __exit btusb_exit(void) 1216 { 1217 usb_deregister(&btusb_driver); 1218 } 1219 1220 module_init(btusb_init); 1221 module_exit(btusb_exit); 1222 1223 module_param(ignore_dga, bool, 0644); 1224 MODULE_PARM_DESC(ignore_dga, "Ignore devices with id 08fd:0001"); 1225 1226 module_param(ignore_csr, bool, 0644); 1227 MODULE_PARM_DESC(ignore_csr, "Ignore devices with id 0a12:0001"); 1228 1229 module_param(ignore_sniffer, bool, 0644); 1230 MODULE_PARM_DESC(ignore_sniffer, "Ignore devices with id 0a12:0002"); 1231 1232 module_param(disable_scofix, bool, 0644); 1233 MODULE_PARM_DESC(disable_scofix, "Disable fixup of wrong SCO buffer size"); 1234 1235 module_param(force_scofix, bool, 0644); 1236 MODULE_PARM_DESC(force_scofix, "Force fixup of wrong SCO buffers size"); 1237 1238 module_param(reset, bool, 0644); 1239 MODULE_PARM_DESC(reset, "Send HCI reset command on initialization"); 1240 1241 MODULE_AUTHOR("Marcel Holtmann <marcel@holtmann.org>"); 1242 MODULE_DESCRIPTION("Generic Bluetooth USB driver ver " VERSION); 1243 MODULE_VERSION(VERSION); 1244 MODULE_LICENSE("GPL"); 1245