1 /* 2 * 3 * Bluetooth HCI UART driver 4 * 5 * Copyright (C) 2002-2003 Fabrizio Gennari <fabrizio.gennari@philips.com> 6 * Copyright (C) 2004-2005 Marcel Holtmann <marcel@holtmann.org> 7 * 8 * 9 * This program is free software; you can redistribute it and/or modify 10 * it under the terms of the GNU General Public License as published by 11 * the Free Software Foundation; either version 2 of the License, or 12 * (at your option) any later version. 13 * 14 * This program is distributed in the hope that it will be useful, 15 * but WITHOUT ANY WARRANTY; without even the implied warranty of 16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17 * GNU General Public License for more details. 18 * 19 * You should have received a copy of the GNU General Public License 20 * along with this program; if not, write to the Free Software 21 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 22 * 23 */ 24 25 #include <linux/module.h> 26 27 #include <linux/kernel.h> 28 #include <linux/init.h> 29 #include <linux/types.h> 30 #include <linux/fcntl.h> 31 #include <linux/interrupt.h> 32 #include <linux/ptrace.h> 33 #include <linux/poll.h> 34 35 #include <linux/slab.h> 36 #include <linux/tty.h> 37 #include <linux/errno.h> 38 #include <linux/string.h> 39 #include <linux/signal.h> 40 #include <linux/ioctl.h> 41 #include <linux/skbuff.h> 42 #include <linux/bitrev.h> 43 #include <asm/unaligned.h> 44 45 #include <net/bluetooth/bluetooth.h> 46 #include <net/bluetooth/hci_core.h> 47 48 #include "hci_uart.h" 49 50 static bool txcrc = true; 51 static bool hciextn = true; 52 53 #define BCSP_TXWINSIZE 4 54 55 #define BCSP_ACK_PKT 0x05 56 #define BCSP_LE_PKT 0x06 57 58 struct bcsp_struct { 59 struct sk_buff_head unack; /* Unack'ed packets queue */ 60 struct sk_buff_head rel; /* Reliable packets queue */ 61 struct sk_buff_head unrel; /* Unreliable packets queue */ 62 63 unsigned long rx_count; 64 struct sk_buff *rx_skb; 65 u8 rxseq_txack; /* rxseq == txack. */ 66 u8 rxack; /* Last packet sent by us that the peer ack'ed */ 67 struct timer_list tbcsp; 68 69 enum { 70 BCSP_W4_PKT_DELIMITER, 71 BCSP_W4_PKT_START, 72 BCSP_W4_BCSP_HDR, 73 BCSP_W4_DATA, 74 BCSP_W4_CRC 75 } rx_state; 76 77 enum { 78 BCSP_ESCSTATE_NOESC, 79 BCSP_ESCSTATE_ESC 80 } rx_esc_state; 81 82 u8 use_crc; 83 u16 message_crc; 84 u8 txack_req; /* Do we need to send ack's to the peer? */ 85 86 /* Reliable packet sequence number - used to assign seq to each rel pkt. */ 87 u8 msgq_txseq; 88 }; 89 90 /* ---- BCSP CRC calculation ---- */ 91 92 /* Table for calculating CRC for polynomial 0x1021, LSB processed first, 93 * initial value 0xffff, bits shifted in reverse order. 94 */ 95 96 static const u16 crc_table[] = { 97 0x0000, 0x1081, 0x2102, 0x3183, 98 0x4204, 0x5285, 0x6306, 0x7387, 99 0x8408, 0x9489, 0xa50a, 0xb58b, 100 0xc60c, 0xd68d, 0xe70e, 0xf78f 101 }; 102 103 /* Initialise the crc calculator */ 104 #define BCSP_CRC_INIT(x) x = 0xffff 105 106 /* Update crc with next data byte 107 * 108 * Implementation note 109 * The data byte is treated as two nibbles. The crc is generated 110 * in reverse, i.e., bits are fed into the register from the top. 111 */ 112 static void bcsp_crc_update(u16 *crc, u8 d) 113 { 114 u16 reg = *crc; 115 116 reg = (reg >> 4) ^ crc_table[(reg ^ d) & 0x000f]; 117 reg = (reg >> 4) ^ crc_table[(reg ^ (d >> 4)) & 0x000f]; 118 119 *crc = reg; 120 } 121 122 /* ---- BCSP core ---- */ 123 124 static void bcsp_slip_msgdelim(struct sk_buff *skb) 125 { 126 const char pkt_delim = 0xc0; 127 128 memcpy(skb_put(skb, 1), &pkt_delim, 1); 129 } 130 131 static void bcsp_slip_one_byte(struct sk_buff *skb, u8 c) 132 { 133 const char esc_c0[2] = { 0xdb, 0xdc }; 134 const char esc_db[2] = { 0xdb, 0xdd }; 135 136 switch (c) { 137 case 0xc0: 138 memcpy(skb_put(skb, 2), &esc_c0, 2); 139 break; 140 case 0xdb: 141 memcpy(skb_put(skb, 2), &esc_db, 2); 142 break; 143 default: 144 memcpy(skb_put(skb, 1), &c, 1); 145 } 146 } 147 148 static int bcsp_enqueue(struct hci_uart *hu, struct sk_buff *skb) 149 { 150 struct bcsp_struct *bcsp = hu->priv; 151 152 if (skb->len > 0xFFF) { 153 BT_ERR("Packet too long"); 154 kfree_skb(skb); 155 return 0; 156 } 157 158 switch (hci_skb_pkt_type(skb)) { 159 case HCI_ACLDATA_PKT: 160 case HCI_COMMAND_PKT: 161 skb_queue_tail(&bcsp->rel, skb); 162 break; 163 164 case HCI_SCODATA_PKT: 165 skb_queue_tail(&bcsp->unrel, skb); 166 break; 167 168 default: 169 BT_ERR("Unknown packet type"); 170 kfree_skb(skb); 171 break; 172 } 173 174 return 0; 175 } 176 177 static struct sk_buff *bcsp_prepare_pkt(struct bcsp_struct *bcsp, u8 *data, 178 int len, int pkt_type) 179 { 180 struct sk_buff *nskb; 181 u8 hdr[4], chan; 182 u16 BCSP_CRC_INIT(bcsp_txmsg_crc); 183 int rel, i; 184 185 switch (pkt_type) { 186 case HCI_ACLDATA_PKT: 187 chan = 6; /* BCSP ACL channel */ 188 rel = 1; /* reliable channel */ 189 break; 190 case HCI_COMMAND_PKT: 191 chan = 5; /* BCSP cmd/evt channel */ 192 rel = 1; /* reliable channel */ 193 break; 194 case HCI_SCODATA_PKT: 195 chan = 7; /* BCSP SCO channel */ 196 rel = 0; /* unreliable channel */ 197 break; 198 case BCSP_LE_PKT: 199 chan = 1; /* BCSP LE channel */ 200 rel = 0; /* unreliable channel */ 201 break; 202 case BCSP_ACK_PKT: 203 chan = 0; /* BCSP internal channel */ 204 rel = 0; /* unreliable channel */ 205 break; 206 default: 207 BT_ERR("Unknown packet type"); 208 return NULL; 209 } 210 211 if (hciextn && chan == 5) { 212 __le16 opcode = ((struct hci_command_hdr *)data)->opcode; 213 214 /* Vendor specific commands */ 215 if (hci_opcode_ogf(__le16_to_cpu(opcode)) == 0x3f) { 216 u8 desc = *(data + HCI_COMMAND_HDR_SIZE); 217 218 if ((desc & 0xf0) == 0xc0) { 219 data += HCI_COMMAND_HDR_SIZE + 1; 220 len -= HCI_COMMAND_HDR_SIZE + 1; 221 chan = desc & 0x0f; 222 } 223 } 224 } 225 226 /* Max len of packet: (original len +4(bcsp hdr) +2(crc))*2 227 * (because bytes 0xc0 and 0xdb are escaped, worst case is 228 * when the packet is all made of 0xc0 and 0xdb :) ) 229 * + 2 (0xc0 delimiters at start and end). 230 */ 231 232 nskb = alloc_skb((len + 6) * 2 + 2, GFP_ATOMIC); 233 if (!nskb) 234 return NULL; 235 236 hci_skb_pkt_type(nskb) = pkt_type; 237 238 bcsp_slip_msgdelim(nskb); 239 240 hdr[0] = bcsp->rxseq_txack << 3; 241 bcsp->txack_req = 0; 242 BT_DBG("We request packet no %u to card", bcsp->rxseq_txack); 243 244 if (rel) { 245 hdr[0] |= 0x80 + bcsp->msgq_txseq; 246 BT_DBG("Sending packet with seqno %u", bcsp->msgq_txseq); 247 bcsp->msgq_txseq = (bcsp->msgq_txseq + 1) & 0x07; 248 } 249 250 if (bcsp->use_crc) 251 hdr[0] |= 0x40; 252 253 hdr[1] = ((len << 4) & 0xff) | chan; 254 hdr[2] = len >> 4; 255 hdr[3] = ~(hdr[0] + hdr[1] + hdr[2]); 256 257 /* Put BCSP header */ 258 for (i = 0; i < 4; i++) { 259 bcsp_slip_one_byte(nskb, hdr[i]); 260 261 if (bcsp->use_crc) 262 bcsp_crc_update(&bcsp_txmsg_crc, hdr[i]); 263 } 264 265 /* Put payload */ 266 for (i = 0; i < len; i++) { 267 bcsp_slip_one_byte(nskb, data[i]); 268 269 if (bcsp->use_crc) 270 bcsp_crc_update(&bcsp_txmsg_crc, data[i]); 271 } 272 273 /* Put CRC */ 274 if (bcsp->use_crc) { 275 bcsp_txmsg_crc = bitrev16(bcsp_txmsg_crc); 276 bcsp_slip_one_byte(nskb, (u8)((bcsp_txmsg_crc >> 8) & 0x00ff)); 277 bcsp_slip_one_byte(nskb, (u8)(bcsp_txmsg_crc & 0x00ff)); 278 } 279 280 bcsp_slip_msgdelim(nskb); 281 return nskb; 282 } 283 284 /* This is a rewrite of pkt_avail in ABCSP */ 285 static struct sk_buff *bcsp_dequeue(struct hci_uart *hu) 286 { 287 struct bcsp_struct *bcsp = hu->priv; 288 unsigned long flags; 289 struct sk_buff *skb; 290 291 /* First of all, check for unreliable messages in the queue, 292 * since they have priority 293 */ 294 295 skb = skb_dequeue(&bcsp->unrel); 296 if (skb != NULL) { 297 struct sk_buff *nskb; 298 299 nskb = bcsp_prepare_pkt(bcsp, skb->data, skb->len, 300 hci_skb_pkt_type(skb)); 301 if (nskb) { 302 kfree_skb(skb); 303 return nskb; 304 } else { 305 skb_queue_head(&bcsp->unrel, skb); 306 BT_ERR("Could not dequeue pkt because alloc_skb failed"); 307 } 308 } 309 310 /* Now, try to send a reliable pkt. We can only send a 311 * reliable packet if the number of packets sent but not yet ack'ed 312 * is < than the winsize 313 */ 314 315 spin_lock_irqsave_nested(&bcsp->unack.lock, flags, SINGLE_DEPTH_NESTING); 316 317 if (bcsp->unack.qlen < BCSP_TXWINSIZE) { 318 skb = skb_dequeue(&bcsp->rel); 319 if (skb != NULL) { 320 struct sk_buff *nskb; 321 322 nskb = bcsp_prepare_pkt(bcsp, skb->data, skb->len, 323 hci_skb_pkt_type(skb)); 324 if (nskb) { 325 __skb_queue_tail(&bcsp->unack, skb); 326 mod_timer(&bcsp->tbcsp, jiffies + HZ / 4); 327 spin_unlock_irqrestore(&bcsp->unack.lock, flags); 328 return nskb; 329 } else { 330 skb_queue_head(&bcsp->rel, skb); 331 BT_ERR("Could not dequeue pkt because alloc_skb failed"); 332 } 333 } 334 } 335 336 spin_unlock_irqrestore(&bcsp->unack.lock, flags); 337 338 /* We could not send a reliable packet, either because there are 339 * none or because there are too many unack'ed pkts. Did we receive 340 * any packets we have not acknowledged yet ? 341 */ 342 343 if (bcsp->txack_req) { 344 /* if so, craft an empty ACK pkt and send it on BCSP unreliable 345 * channel 0 346 */ 347 struct sk_buff *nskb = bcsp_prepare_pkt(bcsp, NULL, 0, BCSP_ACK_PKT); 348 return nskb; 349 } 350 351 /* We have nothing to send */ 352 return NULL; 353 } 354 355 static int bcsp_flush(struct hci_uart *hu) 356 { 357 BT_DBG("hu %p", hu); 358 return 0; 359 } 360 361 /* Remove ack'ed packets */ 362 static void bcsp_pkt_cull(struct bcsp_struct *bcsp) 363 { 364 struct sk_buff *skb, *tmp; 365 unsigned long flags; 366 int i, pkts_to_be_removed; 367 u8 seqno; 368 369 spin_lock_irqsave(&bcsp->unack.lock, flags); 370 371 pkts_to_be_removed = skb_queue_len(&bcsp->unack); 372 seqno = bcsp->msgq_txseq; 373 374 while (pkts_to_be_removed) { 375 if (bcsp->rxack == seqno) 376 break; 377 pkts_to_be_removed--; 378 seqno = (seqno - 1) & 0x07; 379 } 380 381 if (bcsp->rxack != seqno) 382 BT_ERR("Peer acked invalid packet"); 383 384 BT_DBG("Removing %u pkts out of %u, up to seqno %u", 385 pkts_to_be_removed, skb_queue_len(&bcsp->unack), 386 (seqno - 1) & 0x07); 387 388 i = 0; 389 skb_queue_walk_safe(&bcsp->unack, skb, tmp) { 390 if (i >= pkts_to_be_removed) 391 break; 392 i++; 393 394 __skb_unlink(skb, &bcsp->unack); 395 kfree_skb(skb); 396 } 397 398 if (skb_queue_empty(&bcsp->unack)) 399 del_timer(&bcsp->tbcsp); 400 401 spin_unlock_irqrestore(&bcsp->unack.lock, flags); 402 403 if (i != pkts_to_be_removed) 404 BT_ERR("Removed only %u out of %u pkts", i, pkts_to_be_removed); 405 } 406 407 /* Handle BCSP link-establishment packets. When we 408 * detect a "sync" packet, symptom that the BT module has reset, 409 * we do nothing :) (yet) 410 */ 411 static void bcsp_handle_le_pkt(struct hci_uart *hu) 412 { 413 struct bcsp_struct *bcsp = hu->priv; 414 u8 conf_pkt[4] = { 0xad, 0xef, 0xac, 0xed }; 415 u8 conf_rsp_pkt[4] = { 0xde, 0xad, 0xd0, 0xd0 }; 416 u8 sync_pkt[4] = { 0xda, 0xdc, 0xed, 0xed }; 417 418 /* spot "conf" pkts and reply with a "conf rsp" pkt */ 419 if (bcsp->rx_skb->data[1] >> 4 == 4 && bcsp->rx_skb->data[2] == 0 && 420 !memcmp(&bcsp->rx_skb->data[4], conf_pkt, 4)) { 421 struct sk_buff *nskb = alloc_skb(4, GFP_ATOMIC); 422 423 BT_DBG("Found a LE conf pkt"); 424 if (!nskb) 425 return; 426 memcpy(skb_put(nskb, 4), conf_rsp_pkt, 4); 427 hci_skb_pkt_type(nskb) = BCSP_LE_PKT; 428 429 skb_queue_head(&bcsp->unrel, nskb); 430 hci_uart_tx_wakeup(hu); 431 } 432 /* Spot "sync" pkts. If we find one...disaster! */ 433 else if (bcsp->rx_skb->data[1] >> 4 == 4 && bcsp->rx_skb->data[2] == 0 && 434 !memcmp(&bcsp->rx_skb->data[4], sync_pkt, 4)) { 435 BT_ERR("Found a LE sync pkt, card has reset"); 436 } 437 } 438 439 static inline void bcsp_unslip_one_byte(struct bcsp_struct *bcsp, unsigned char byte) 440 { 441 const u8 c0 = 0xc0, db = 0xdb; 442 443 switch (bcsp->rx_esc_state) { 444 case BCSP_ESCSTATE_NOESC: 445 switch (byte) { 446 case 0xdb: 447 bcsp->rx_esc_state = BCSP_ESCSTATE_ESC; 448 break; 449 default: 450 memcpy(skb_put(bcsp->rx_skb, 1), &byte, 1); 451 if ((bcsp->rx_skb->data[0] & 0x40) != 0 && 452 bcsp->rx_state != BCSP_W4_CRC) 453 bcsp_crc_update(&bcsp->message_crc, byte); 454 bcsp->rx_count--; 455 } 456 break; 457 458 case BCSP_ESCSTATE_ESC: 459 switch (byte) { 460 case 0xdc: 461 memcpy(skb_put(bcsp->rx_skb, 1), &c0, 1); 462 if ((bcsp->rx_skb->data[0] & 0x40) != 0 && 463 bcsp->rx_state != BCSP_W4_CRC) 464 bcsp_crc_update(&bcsp->message_crc, 0xc0); 465 bcsp->rx_esc_state = BCSP_ESCSTATE_NOESC; 466 bcsp->rx_count--; 467 break; 468 469 case 0xdd: 470 memcpy(skb_put(bcsp->rx_skb, 1), &db, 1); 471 if ((bcsp->rx_skb->data[0] & 0x40) != 0 && 472 bcsp->rx_state != BCSP_W4_CRC) 473 bcsp_crc_update(&bcsp->message_crc, 0xdb); 474 bcsp->rx_esc_state = BCSP_ESCSTATE_NOESC; 475 bcsp->rx_count--; 476 break; 477 478 default: 479 BT_ERR("Invalid byte %02x after esc byte", byte); 480 kfree_skb(bcsp->rx_skb); 481 bcsp->rx_skb = NULL; 482 bcsp->rx_state = BCSP_W4_PKT_DELIMITER; 483 bcsp->rx_count = 0; 484 } 485 } 486 } 487 488 static void bcsp_complete_rx_pkt(struct hci_uart *hu) 489 { 490 struct bcsp_struct *bcsp = hu->priv; 491 int pass_up = 0; 492 493 if (bcsp->rx_skb->data[0] & 0x80) { /* reliable pkt */ 494 BT_DBG("Received seqno %u from card", bcsp->rxseq_txack); 495 496 /* check the rx sequence number is as expected */ 497 if ((bcsp->rx_skb->data[0] & 0x07) == bcsp->rxseq_txack) { 498 bcsp->rxseq_txack++; 499 bcsp->rxseq_txack %= 0x8; 500 } else { 501 /* handle re-transmitted packet or 502 * when packet was missed 503 */ 504 BT_ERR("Out-of-order packet arrived, got %u expected %u", 505 bcsp->rx_skb->data[0] & 0x07, bcsp->rxseq_txack); 506 507 /* do not process out-of-order packet payload */ 508 pass_up = 2; 509 } 510 511 /* send current txack value to all received reliable packets */ 512 bcsp->txack_req = 1; 513 514 /* If needed, transmit an ack pkt */ 515 hci_uart_tx_wakeup(hu); 516 } 517 518 bcsp->rxack = (bcsp->rx_skb->data[0] >> 3) & 0x07; 519 BT_DBG("Request for pkt %u from card", bcsp->rxack); 520 521 /* handle received ACK indications, 522 * including those from out-of-order packets 523 */ 524 bcsp_pkt_cull(bcsp); 525 526 if (pass_up != 2) { 527 if ((bcsp->rx_skb->data[1] & 0x0f) == 6 && 528 (bcsp->rx_skb->data[0] & 0x80)) { 529 hci_skb_pkt_type(bcsp->rx_skb) = HCI_ACLDATA_PKT; 530 pass_up = 1; 531 } else if ((bcsp->rx_skb->data[1] & 0x0f) == 5 && 532 (bcsp->rx_skb->data[0] & 0x80)) { 533 hci_skb_pkt_type(bcsp->rx_skb) = HCI_EVENT_PKT; 534 pass_up = 1; 535 } else if ((bcsp->rx_skb->data[1] & 0x0f) == 7) { 536 hci_skb_pkt_type(bcsp->rx_skb) = HCI_SCODATA_PKT; 537 pass_up = 1; 538 } else if ((bcsp->rx_skb->data[1] & 0x0f) == 1 && 539 !(bcsp->rx_skb->data[0] & 0x80)) { 540 bcsp_handle_le_pkt(hu); 541 pass_up = 0; 542 } else { 543 pass_up = 0; 544 } 545 } 546 547 if (pass_up == 0) { 548 struct hci_event_hdr hdr; 549 u8 desc = (bcsp->rx_skb->data[1] & 0x0f); 550 551 if (desc != 0 && desc != 1) { 552 if (hciextn) { 553 desc |= 0xc0; 554 skb_pull(bcsp->rx_skb, 4); 555 memcpy(skb_push(bcsp->rx_skb, 1), &desc, 1); 556 557 hdr.evt = 0xff; 558 hdr.plen = bcsp->rx_skb->len; 559 memcpy(skb_push(bcsp->rx_skb, HCI_EVENT_HDR_SIZE), &hdr, HCI_EVENT_HDR_SIZE); 560 hci_skb_pkt_type(bcsp->rx_skb) = HCI_EVENT_PKT; 561 562 hci_recv_frame(hu->hdev, bcsp->rx_skb); 563 } else { 564 BT_ERR("Packet for unknown channel (%u %s)", 565 bcsp->rx_skb->data[1] & 0x0f, 566 bcsp->rx_skb->data[0] & 0x80 ? 567 "reliable" : "unreliable"); 568 kfree_skb(bcsp->rx_skb); 569 } 570 } else 571 kfree_skb(bcsp->rx_skb); 572 } else if (pass_up == 1) { 573 /* Pull out BCSP hdr */ 574 skb_pull(bcsp->rx_skb, 4); 575 576 hci_recv_frame(hu->hdev, bcsp->rx_skb); 577 } else { 578 /* ignore packet payload of already ACKed re-transmitted 579 * packets or when a packet was missed in the BCSP window 580 */ 581 kfree_skb(bcsp->rx_skb); 582 } 583 584 bcsp->rx_state = BCSP_W4_PKT_DELIMITER; 585 bcsp->rx_skb = NULL; 586 } 587 588 static u16 bscp_get_crc(struct bcsp_struct *bcsp) 589 { 590 return get_unaligned_be16(&bcsp->rx_skb->data[bcsp->rx_skb->len - 2]); 591 } 592 593 /* Recv data */ 594 static int bcsp_recv(struct hci_uart *hu, const void *data, int count) 595 { 596 struct bcsp_struct *bcsp = hu->priv; 597 const unsigned char *ptr; 598 599 BT_DBG("hu %p count %d rx_state %d rx_count %ld", 600 hu, count, bcsp->rx_state, bcsp->rx_count); 601 602 ptr = data; 603 while (count) { 604 if (bcsp->rx_count) { 605 if (*ptr == 0xc0) { 606 BT_ERR("Short BCSP packet"); 607 kfree_skb(bcsp->rx_skb); 608 bcsp->rx_state = BCSP_W4_PKT_START; 609 bcsp->rx_count = 0; 610 } else 611 bcsp_unslip_one_byte(bcsp, *ptr); 612 613 ptr++; count--; 614 continue; 615 } 616 617 switch (bcsp->rx_state) { 618 case BCSP_W4_BCSP_HDR: 619 if ((0xff & (u8)~(bcsp->rx_skb->data[0] + bcsp->rx_skb->data[1] + 620 bcsp->rx_skb->data[2])) != bcsp->rx_skb->data[3]) { 621 BT_ERR("Error in BCSP hdr checksum"); 622 kfree_skb(bcsp->rx_skb); 623 bcsp->rx_state = BCSP_W4_PKT_DELIMITER; 624 bcsp->rx_count = 0; 625 continue; 626 } 627 bcsp->rx_state = BCSP_W4_DATA; 628 bcsp->rx_count = (bcsp->rx_skb->data[1] >> 4) + 629 (bcsp->rx_skb->data[2] << 4); /* May be 0 */ 630 continue; 631 632 case BCSP_W4_DATA: 633 if (bcsp->rx_skb->data[0] & 0x40) { /* pkt with crc */ 634 bcsp->rx_state = BCSP_W4_CRC; 635 bcsp->rx_count = 2; 636 } else 637 bcsp_complete_rx_pkt(hu); 638 continue; 639 640 case BCSP_W4_CRC: 641 if (bitrev16(bcsp->message_crc) != bscp_get_crc(bcsp)) { 642 BT_ERR("Checksum failed: computed %04x received %04x", 643 bitrev16(bcsp->message_crc), 644 bscp_get_crc(bcsp)); 645 646 kfree_skb(bcsp->rx_skb); 647 bcsp->rx_state = BCSP_W4_PKT_DELIMITER; 648 bcsp->rx_count = 0; 649 continue; 650 } 651 skb_trim(bcsp->rx_skb, bcsp->rx_skb->len - 2); 652 bcsp_complete_rx_pkt(hu); 653 continue; 654 655 case BCSP_W4_PKT_DELIMITER: 656 switch (*ptr) { 657 case 0xc0: 658 bcsp->rx_state = BCSP_W4_PKT_START; 659 break; 660 default: 661 /*BT_ERR("Ignoring byte %02x", *ptr);*/ 662 break; 663 } 664 ptr++; count--; 665 break; 666 667 case BCSP_W4_PKT_START: 668 switch (*ptr) { 669 case 0xc0: 670 ptr++; count--; 671 break; 672 673 default: 674 bcsp->rx_state = BCSP_W4_BCSP_HDR; 675 bcsp->rx_count = 4; 676 bcsp->rx_esc_state = BCSP_ESCSTATE_NOESC; 677 BCSP_CRC_INIT(bcsp->message_crc); 678 679 /* Do not increment ptr or decrement count 680 * Allocate packet. Max len of a BCSP pkt= 681 * 0xFFF (payload) +4 (header) +2 (crc) 682 */ 683 684 bcsp->rx_skb = bt_skb_alloc(0x1005, GFP_ATOMIC); 685 if (!bcsp->rx_skb) { 686 BT_ERR("Can't allocate mem for new packet"); 687 bcsp->rx_state = BCSP_W4_PKT_DELIMITER; 688 bcsp->rx_count = 0; 689 return 0; 690 } 691 break; 692 } 693 break; 694 } 695 } 696 return count; 697 } 698 699 /* Arrange to retransmit all messages in the relq. */ 700 static void bcsp_timed_event(unsigned long arg) 701 { 702 struct hci_uart *hu = (struct hci_uart *)arg; 703 struct bcsp_struct *bcsp = hu->priv; 704 struct sk_buff *skb; 705 unsigned long flags; 706 707 BT_DBG("hu %p retransmitting %u pkts", hu, bcsp->unack.qlen); 708 709 spin_lock_irqsave_nested(&bcsp->unack.lock, flags, SINGLE_DEPTH_NESTING); 710 711 while ((skb = __skb_dequeue_tail(&bcsp->unack)) != NULL) { 712 bcsp->msgq_txseq = (bcsp->msgq_txseq - 1) & 0x07; 713 skb_queue_head(&bcsp->rel, skb); 714 } 715 716 spin_unlock_irqrestore(&bcsp->unack.lock, flags); 717 718 hci_uart_tx_wakeup(hu); 719 } 720 721 static int bcsp_open(struct hci_uart *hu) 722 { 723 struct bcsp_struct *bcsp; 724 725 BT_DBG("hu %p", hu); 726 727 bcsp = kzalloc(sizeof(*bcsp), GFP_KERNEL); 728 if (!bcsp) 729 return -ENOMEM; 730 731 hu->priv = bcsp; 732 skb_queue_head_init(&bcsp->unack); 733 skb_queue_head_init(&bcsp->rel); 734 skb_queue_head_init(&bcsp->unrel); 735 736 init_timer(&bcsp->tbcsp); 737 bcsp->tbcsp.function = bcsp_timed_event; 738 bcsp->tbcsp.data = (u_long)hu; 739 740 bcsp->rx_state = BCSP_W4_PKT_DELIMITER; 741 742 if (txcrc) 743 bcsp->use_crc = 1; 744 745 return 0; 746 } 747 748 static int bcsp_close(struct hci_uart *hu) 749 { 750 struct bcsp_struct *bcsp = hu->priv; 751 752 del_timer_sync(&bcsp->tbcsp); 753 754 hu->priv = NULL; 755 756 BT_DBG("hu %p", hu); 757 758 skb_queue_purge(&bcsp->unack); 759 skb_queue_purge(&bcsp->rel); 760 skb_queue_purge(&bcsp->unrel); 761 762 kfree(bcsp); 763 return 0; 764 } 765 766 static const struct hci_uart_proto bcsp = { 767 .id = HCI_UART_BCSP, 768 .name = "BCSP", 769 .open = bcsp_open, 770 .close = bcsp_close, 771 .enqueue = bcsp_enqueue, 772 .dequeue = bcsp_dequeue, 773 .recv = bcsp_recv, 774 .flush = bcsp_flush 775 }; 776 777 int __init bcsp_init(void) 778 { 779 return hci_uart_register_proto(&bcsp); 780 } 781 782 int __exit bcsp_deinit(void) 783 { 784 return hci_uart_unregister_proto(&bcsp); 785 } 786 787 module_param(txcrc, bool, 0644); 788 MODULE_PARM_DESC(txcrc, "Transmit CRC with every BCSP packet"); 789 790 module_param(hciextn, bool, 0644); 791 MODULE_PARM_DESC(hciextn, "Convert HCI Extensions into BCSP packets"); 792