1 /* 2 * 3 * Bluetooth HCI UART driver 4 * 5 * Copyright (C) 2002-2003 Fabrizio Gennari <fabrizio.gennari@philips.com> 6 * Copyright (C) 2004-2005 Marcel Holtmann <marcel@holtmann.org> 7 * 8 * 9 * This program is free software; you can redistribute it and/or modify 10 * it under the terms of the GNU General Public License as published by 11 * the Free Software Foundation; either version 2 of the License, or 12 * (at your option) any later version. 13 * 14 * This program is distributed in the hope that it will be useful, 15 * but WITHOUT ANY WARRANTY; without even the implied warranty of 16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17 * GNU General Public License for more details. 18 * 19 * You should have received a copy of the GNU General Public License 20 * along with this program; if not, write to the Free Software 21 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 22 * 23 */ 24 25 #include <linux/module.h> 26 27 #include <linux/kernel.h> 28 #include <linux/init.h> 29 #include <linux/types.h> 30 #include <linux/fcntl.h> 31 #include <linux/interrupt.h> 32 #include <linux/ptrace.h> 33 #include <linux/poll.h> 34 35 #include <linux/slab.h> 36 #include <linux/tty.h> 37 #include <linux/errno.h> 38 #include <linux/string.h> 39 #include <linux/signal.h> 40 #include <linux/ioctl.h> 41 #include <linux/skbuff.h> 42 #include <linux/bitrev.h> 43 #include <asm/unaligned.h> 44 45 #include <net/bluetooth/bluetooth.h> 46 #include <net/bluetooth/hci_core.h> 47 48 #include "hci_uart.h" 49 50 #define VERSION "0.3" 51 52 static bool txcrc = 1; 53 static bool hciextn = 1; 54 55 #define BCSP_TXWINSIZE 4 56 57 #define BCSP_ACK_PKT 0x05 58 #define BCSP_LE_PKT 0x06 59 60 struct bcsp_struct { 61 struct sk_buff_head unack; /* Unack'ed packets queue */ 62 struct sk_buff_head rel; /* Reliable packets queue */ 63 struct sk_buff_head unrel; /* Unreliable packets queue */ 64 65 unsigned long rx_count; 66 struct sk_buff *rx_skb; 67 u8 rxseq_txack; /* rxseq == txack. */ 68 u8 rxack; /* Last packet sent by us that the peer ack'ed */ 69 struct timer_list tbcsp; 70 71 enum { 72 BCSP_W4_PKT_DELIMITER, 73 BCSP_W4_PKT_START, 74 BCSP_W4_BCSP_HDR, 75 BCSP_W4_DATA, 76 BCSP_W4_CRC 77 } rx_state; 78 79 enum { 80 BCSP_ESCSTATE_NOESC, 81 BCSP_ESCSTATE_ESC 82 } rx_esc_state; 83 84 u8 use_crc; 85 u16 message_crc; 86 u8 txack_req; /* Do we need to send ack's to the peer? */ 87 88 /* Reliable packet sequence number - used to assign seq to each rel pkt. */ 89 u8 msgq_txseq; 90 }; 91 92 /* ---- BCSP CRC calculation ---- */ 93 94 /* Table for calculating CRC for polynomial 0x1021, LSB processed first, 95 initial value 0xffff, bits shifted in reverse order. */ 96 97 static const u16 crc_table[] = { 98 0x0000, 0x1081, 0x2102, 0x3183, 99 0x4204, 0x5285, 0x6306, 0x7387, 100 0x8408, 0x9489, 0xa50a, 0xb58b, 101 0xc60c, 0xd68d, 0xe70e, 0xf78f 102 }; 103 104 /* Initialise the crc calculator */ 105 #define BCSP_CRC_INIT(x) x = 0xffff 106 107 /* 108 Update crc with next data byte 109 110 Implementation note 111 The data byte is treated as two nibbles. The crc is generated 112 in reverse, i.e., bits are fed into the register from the top. 113 */ 114 static void bcsp_crc_update(u16 *crc, u8 d) 115 { 116 u16 reg = *crc; 117 118 reg = (reg >> 4) ^ crc_table[(reg ^ d) & 0x000f]; 119 reg = (reg >> 4) ^ crc_table[(reg ^ (d >> 4)) & 0x000f]; 120 121 *crc = reg; 122 } 123 124 /* ---- BCSP core ---- */ 125 126 static void bcsp_slip_msgdelim(struct sk_buff *skb) 127 { 128 const char pkt_delim = 0xc0; 129 130 memcpy(skb_put(skb, 1), &pkt_delim, 1); 131 } 132 133 static void bcsp_slip_one_byte(struct sk_buff *skb, u8 c) 134 { 135 const char esc_c0[2] = { 0xdb, 0xdc }; 136 const char esc_db[2] = { 0xdb, 0xdd }; 137 138 switch (c) { 139 case 0xc0: 140 memcpy(skb_put(skb, 2), &esc_c0, 2); 141 break; 142 case 0xdb: 143 memcpy(skb_put(skb, 2), &esc_db, 2); 144 break; 145 default: 146 memcpy(skb_put(skb, 1), &c, 1); 147 } 148 } 149 150 static int bcsp_enqueue(struct hci_uart *hu, struct sk_buff *skb) 151 { 152 struct bcsp_struct *bcsp = hu->priv; 153 154 if (skb->len > 0xFFF) { 155 BT_ERR("Packet too long"); 156 kfree_skb(skb); 157 return 0; 158 } 159 160 switch (bt_cb(skb)->pkt_type) { 161 case HCI_ACLDATA_PKT: 162 case HCI_COMMAND_PKT: 163 skb_queue_tail(&bcsp->rel, skb); 164 break; 165 166 case HCI_SCODATA_PKT: 167 skb_queue_tail(&bcsp->unrel, skb); 168 break; 169 170 default: 171 BT_ERR("Unknown packet type"); 172 kfree_skb(skb); 173 break; 174 } 175 176 return 0; 177 } 178 179 static struct sk_buff *bcsp_prepare_pkt(struct bcsp_struct *bcsp, u8 *data, 180 int len, int pkt_type) 181 { 182 struct sk_buff *nskb; 183 u8 hdr[4], chan; 184 u16 BCSP_CRC_INIT(bcsp_txmsg_crc); 185 int rel, i; 186 187 switch (pkt_type) { 188 case HCI_ACLDATA_PKT: 189 chan = 6; /* BCSP ACL channel */ 190 rel = 1; /* reliable channel */ 191 break; 192 case HCI_COMMAND_PKT: 193 chan = 5; /* BCSP cmd/evt channel */ 194 rel = 1; /* reliable channel */ 195 break; 196 case HCI_SCODATA_PKT: 197 chan = 7; /* BCSP SCO channel */ 198 rel = 0; /* unreliable channel */ 199 break; 200 case BCSP_LE_PKT: 201 chan = 1; /* BCSP LE channel */ 202 rel = 0; /* unreliable channel */ 203 break; 204 case BCSP_ACK_PKT: 205 chan = 0; /* BCSP internal channel */ 206 rel = 0; /* unreliable channel */ 207 break; 208 default: 209 BT_ERR("Unknown packet type"); 210 return NULL; 211 } 212 213 if (hciextn && chan == 5) { 214 __le16 opcode = ((struct hci_command_hdr *)data)->opcode; 215 216 /* Vendor specific commands */ 217 if (hci_opcode_ogf(__le16_to_cpu(opcode)) == 0x3f) { 218 u8 desc = *(data + HCI_COMMAND_HDR_SIZE); 219 if ((desc & 0xf0) == 0xc0) { 220 data += HCI_COMMAND_HDR_SIZE + 1; 221 len -= HCI_COMMAND_HDR_SIZE + 1; 222 chan = desc & 0x0f; 223 } 224 } 225 } 226 227 /* Max len of packet: (original len +4(bcsp hdr) +2(crc))*2 228 (because bytes 0xc0 and 0xdb are escaped, worst case is 229 when the packet is all made of 0xc0 and 0xdb :) ) 230 + 2 (0xc0 delimiters at start and end). */ 231 232 nskb = alloc_skb((len + 6) * 2 + 2, GFP_ATOMIC); 233 if (!nskb) 234 return NULL; 235 236 bt_cb(nskb)->pkt_type = pkt_type; 237 238 bcsp_slip_msgdelim(nskb); 239 240 hdr[0] = bcsp->rxseq_txack << 3; 241 bcsp->txack_req = 0; 242 BT_DBG("We request packet no %u to card", bcsp->rxseq_txack); 243 244 if (rel) { 245 hdr[0] |= 0x80 + bcsp->msgq_txseq; 246 BT_DBG("Sending packet with seqno %u", bcsp->msgq_txseq); 247 bcsp->msgq_txseq = (bcsp->msgq_txseq + 1) & 0x07; 248 } 249 250 if (bcsp->use_crc) 251 hdr[0] |= 0x40; 252 253 hdr[1] = ((len << 4) & 0xff) | chan; 254 hdr[2] = len >> 4; 255 hdr[3] = ~(hdr[0] + hdr[1] + hdr[2]); 256 257 /* Put BCSP header */ 258 for (i = 0; i < 4; i++) { 259 bcsp_slip_one_byte(nskb, hdr[i]); 260 261 if (bcsp->use_crc) 262 bcsp_crc_update(&bcsp_txmsg_crc, hdr[i]); 263 } 264 265 /* Put payload */ 266 for (i = 0; i < len; i++) { 267 bcsp_slip_one_byte(nskb, data[i]); 268 269 if (bcsp->use_crc) 270 bcsp_crc_update(&bcsp_txmsg_crc, data[i]); 271 } 272 273 /* Put CRC */ 274 if (bcsp->use_crc) { 275 bcsp_txmsg_crc = bitrev16(bcsp_txmsg_crc); 276 bcsp_slip_one_byte(nskb, (u8) ((bcsp_txmsg_crc >> 8) & 0x00ff)); 277 bcsp_slip_one_byte(nskb, (u8) (bcsp_txmsg_crc & 0x00ff)); 278 } 279 280 bcsp_slip_msgdelim(nskb); 281 return nskb; 282 } 283 284 /* This is a rewrite of pkt_avail in ABCSP */ 285 static struct sk_buff *bcsp_dequeue(struct hci_uart *hu) 286 { 287 struct bcsp_struct *bcsp = hu->priv; 288 unsigned long flags; 289 struct sk_buff *skb; 290 291 /* First of all, check for unreliable messages in the queue, 292 since they have priority */ 293 294 if ((skb = skb_dequeue(&bcsp->unrel)) != NULL) { 295 struct sk_buff *nskb = bcsp_prepare_pkt(bcsp, skb->data, skb->len, bt_cb(skb)->pkt_type); 296 if (nskb) { 297 kfree_skb(skb); 298 return nskb; 299 } else { 300 skb_queue_head(&bcsp->unrel, skb); 301 BT_ERR("Could not dequeue pkt because alloc_skb failed"); 302 } 303 } 304 305 /* Now, try to send a reliable pkt. We can only send a 306 reliable packet if the number of packets sent but not yet ack'ed 307 is < than the winsize */ 308 309 spin_lock_irqsave_nested(&bcsp->unack.lock, flags, SINGLE_DEPTH_NESTING); 310 311 if (bcsp->unack.qlen < BCSP_TXWINSIZE && (skb = skb_dequeue(&bcsp->rel)) != NULL) { 312 struct sk_buff *nskb = bcsp_prepare_pkt(bcsp, skb->data, skb->len, bt_cb(skb)->pkt_type); 313 if (nskb) { 314 __skb_queue_tail(&bcsp->unack, skb); 315 mod_timer(&bcsp->tbcsp, jiffies + HZ / 4); 316 spin_unlock_irqrestore(&bcsp->unack.lock, flags); 317 return nskb; 318 } else { 319 skb_queue_head(&bcsp->rel, skb); 320 BT_ERR("Could not dequeue pkt because alloc_skb failed"); 321 } 322 } 323 324 spin_unlock_irqrestore(&bcsp->unack.lock, flags); 325 326 /* We could not send a reliable packet, either because there are 327 none or because there are too many unack'ed pkts. Did we receive 328 any packets we have not acknowledged yet ? */ 329 330 if (bcsp->txack_req) { 331 /* if so, craft an empty ACK pkt and send it on BCSP unreliable 332 channel 0 */ 333 struct sk_buff *nskb = bcsp_prepare_pkt(bcsp, NULL, 0, BCSP_ACK_PKT); 334 return nskb; 335 } 336 337 /* We have nothing to send */ 338 return NULL; 339 } 340 341 static int bcsp_flush(struct hci_uart *hu) 342 { 343 BT_DBG("hu %p", hu); 344 return 0; 345 } 346 347 /* Remove ack'ed packets */ 348 static void bcsp_pkt_cull(struct bcsp_struct *bcsp) 349 { 350 struct sk_buff *skb, *tmp; 351 unsigned long flags; 352 int i, pkts_to_be_removed; 353 u8 seqno; 354 355 spin_lock_irqsave(&bcsp->unack.lock, flags); 356 357 pkts_to_be_removed = skb_queue_len(&bcsp->unack); 358 seqno = bcsp->msgq_txseq; 359 360 while (pkts_to_be_removed) { 361 if (bcsp->rxack == seqno) 362 break; 363 pkts_to_be_removed--; 364 seqno = (seqno - 1) & 0x07; 365 } 366 367 if (bcsp->rxack != seqno) 368 BT_ERR("Peer acked invalid packet"); 369 370 BT_DBG("Removing %u pkts out of %u, up to seqno %u", 371 pkts_to_be_removed, skb_queue_len(&bcsp->unack), 372 (seqno - 1) & 0x07); 373 374 i = 0; 375 skb_queue_walk_safe(&bcsp->unack, skb, tmp) { 376 if (i >= pkts_to_be_removed) 377 break; 378 i++; 379 380 __skb_unlink(skb, &bcsp->unack); 381 kfree_skb(skb); 382 } 383 384 if (skb_queue_empty(&bcsp->unack)) 385 del_timer(&bcsp->tbcsp); 386 387 spin_unlock_irqrestore(&bcsp->unack.lock, flags); 388 389 if (i != pkts_to_be_removed) 390 BT_ERR("Removed only %u out of %u pkts", i, pkts_to_be_removed); 391 } 392 393 /* Handle BCSP link-establishment packets. When we 394 detect a "sync" packet, symptom that the BT module has reset, 395 we do nothing :) (yet) */ 396 static void bcsp_handle_le_pkt(struct hci_uart *hu) 397 { 398 struct bcsp_struct *bcsp = hu->priv; 399 u8 conf_pkt[4] = { 0xad, 0xef, 0xac, 0xed }; 400 u8 conf_rsp_pkt[4] = { 0xde, 0xad, 0xd0, 0xd0 }; 401 u8 sync_pkt[4] = { 0xda, 0xdc, 0xed, 0xed }; 402 403 /* spot "conf" pkts and reply with a "conf rsp" pkt */ 404 if (bcsp->rx_skb->data[1] >> 4 == 4 && bcsp->rx_skb->data[2] == 0 && 405 !memcmp(&bcsp->rx_skb->data[4], conf_pkt, 4)) { 406 struct sk_buff *nskb = alloc_skb(4, GFP_ATOMIC); 407 408 BT_DBG("Found a LE conf pkt"); 409 if (!nskb) 410 return; 411 memcpy(skb_put(nskb, 4), conf_rsp_pkt, 4); 412 bt_cb(nskb)->pkt_type = BCSP_LE_PKT; 413 414 skb_queue_head(&bcsp->unrel, nskb); 415 hci_uart_tx_wakeup(hu); 416 } 417 /* Spot "sync" pkts. If we find one...disaster! */ 418 else if (bcsp->rx_skb->data[1] >> 4 == 4 && bcsp->rx_skb->data[2] == 0 && 419 !memcmp(&bcsp->rx_skb->data[4], sync_pkt, 4)) { 420 BT_ERR("Found a LE sync pkt, card has reset"); 421 } 422 } 423 424 static inline void bcsp_unslip_one_byte(struct bcsp_struct *bcsp, unsigned char byte) 425 { 426 const u8 c0 = 0xc0, db = 0xdb; 427 428 switch (bcsp->rx_esc_state) { 429 case BCSP_ESCSTATE_NOESC: 430 switch (byte) { 431 case 0xdb: 432 bcsp->rx_esc_state = BCSP_ESCSTATE_ESC; 433 break; 434 default: 435 memcpy(skb_put(bcsp->rx_skb, 1), &byte, 1); 436 if ((bcsp->rx_skb-> data[0] & 0x40) != 0 && 437 bcsp->rx_state != BCSP_W4_CRC) 438 bcsp_crc_update(&bcsp->message_crc, byte); 439 bcsp->rx_count--; 440 } 441 break; 442 443 case BCSP_ESCSTATE_ESC: 444 switch (byte) { 445 case 0xdc: 446 memcpy(skb_put(bcsp->rx_skb, 1), &c0, 1); 447 if ((bcsp->rx_skb-> data[0] & 0x40) != 0 && 448 bcsp->rx_state != BCSP_W4_CRC) 449 bcsp_crc_update(&bcsp-> message_crc, 0xc0); 450 bcsp->rx_esc_state = BCSP_ESCSTATE_NOESC; 451 bcsp->rx_count--; 452 break; 453 454 case 0xdd: 455 memcpy(skb_put(bcsp->rx_skb, 1), &db, 1); 456 if ((bcsp->rx_skb-> data[0] & 0x40) != 0 && 457 bcsp->rx_state != BCSP_W4_CRC) 458 bcsp_crc_update(&bcsp-> message_crc, 0xdb); 459 bcsp->rx_esc_state = BCSP_ESCSTATE_NOESC; 460 bcsp->rx_count--; 461 break; 462 463 default: 464 BT_ERR ("Invalid byte %02x after esc byte", byte); 465 kfree_skb(bcsp->rx_skb); 466 bcsp->rx_skb = NULL; 467 bcsp->rx_state = BCSP_W4_PKT_DELIMITER; 468 bcsp->rx_count = 0; 469 } 470 } 471 } 472 473 static void bcsp_complete_rx_pkt(struct hci_uart *hu) 474 { 475 struct bcsp_struct *bcsp = hu->priv; 476 int pass_up; 477 478 if (bcsp->rx_skb->data[0] & 0x80) { /* reliable pkt */ 479 BT_DBG("Received seqno %u from card", bcsp->rxseq_txack); 480 bcsp->rxseq_txack++; 481 bcsp->rxseq_txack %= 0x8; 482 bcsp->txack_req = 1; 483 484 /* If needed, transmit an ack pkt */ 485 hci_uart_tx_wakeup(hu); 486 } 487 488 bcsp->rxack = (bcsp->rx_skb->data[0] >> 3) & 0x07; 489 BT_DBG("Request for pkt %u from card", bcsp->rxack); 490 491 bcsp_pkt_cull(bcsp); 492 if ((bcsp->rx_skb->data[1] & 0x0f) == 6 && 493 bcsp->rx_skb->data[0] & 0x80) { 494 bt_cb(bcsp->rx_skb)->pkt_type = HCI_ACLDATA_PKT; 495 pass_up = 1; 496 } else if ((bcsp->rx_skb->data[1] & 0x0f) == 5 && 497 bcsp->rx_skb->data[0] & 0x80) { 498 bt_cb(bcsp->rx_skb)->pkt_type = HCI_EVENT_PKT; 499 pass_up = 1; 500 } else if ((bcsp->rx_skb->data[1] & 0x0f) == 7) { 501 bt_cb(bcsp->rx_skb)->pkt_type = HCI_SCODATA_PKT; 502 pass_up = 1; 503 } else if ((bcsp->rx_skb->data[1] & 0x0f) == 1 && 504 !(bcsp->rx_skb->data[0] & 0x80)) { 505 bcsp_handle_le_pkt(hu); 506 pass_up = 0; 507 } else 508 pass_up = 0; 509 510 if (!pass_up) { 511 struct hci_event_hdr hdr; 512 u8 desc = (bcsp->rx_skb->data[1] & 0x0f); 513 514 if (desc != 0 && desc != 1) { 515 if (hciextn) { 516 desc |= 0xc0; 517 skb_pull(bcsp->rx_skb, 4); 518 memcpy(skb_push(bcsp->rx_skb, 1), &desc, 1); 519 520 hdr.evt = 0xff; 521 hdr.plen = bcsp->rx_skb->len; 522 memcpy(skb_push(bcsp->rx_skb, HCI_EVENT_HDR_SIZE), &hdr, HCI_EVENT_HDR_SIZE); 523 bt_cb(bcsp->rx_skb)->pkt_type = HCI_EVENT_PKT; 524 525 hci_recv_frame(bcsp->rx_skb); 526 } else { 527 BT_ERR ("Packet for unknown channel (%u %s)", 528 bcsp->rx_skb->data[1] & 0x0f, 529 bcsp->rx_skb->data[0] & 0x80 ? 530 "reliable" : "unreliable"); 531 kfree_skb(bcsp->rx_skb); 532 } 533 } else 534 kfree_skb(bcsp->rx_skb); 535 } else { 536 /* Pull out BCSP hdr */ 537 skb_pull(bcsp->rx_skb, 4); 538 539 hci_recv_frame(bcsp->rx_skb); 540 } 541 542 bcsp->rx_state = BCSP_W4_PKT_DELIMITER; 543 bcsp->rx_skb = NULL; 544 } 545 546 static u16 bscp_get_crc(struct bcsp_struct *bcsp) 547 { 548 return get_unaligned_be16(&bcsp->rx_skb->data[bcsp->rx_skb->len - 2]); 549 } 550 551 /* Recv data */ 552 static int bcsp_recv(struct hci_uart *hu, void *data, int count) 553 { 554 struct bcsp_struct *bcsp = hu->priv; 555 unsigned char *ptr; 556 557 BT_DBG("hu %p count %d rx_state %d rx_count %ld", 558 hu, count, bcsp->rx_state, bcsp->rx_count); 559 560 ptr = data; 561 while (count) { 562 if (bcsp->rx_count) { 563 if (*ptr == 0xc0) { 564 BT_ERR("Short BCSP packet"); 565 kfree_skb(bcsp->rx_skb); 566 bcsp->rx_state = BCSP_W4_PKT_START; 567 bcsp->rx_count = 0; 568 } else 569 bcsp_unslip_one_byte(bcsp, *ptr); 570 571 ptr++; count--; 572 continue; 573 } 574 575 switch (bcsp->rx_state) { 576 case BCSP_W4_BCSP_HDR: 577 if ((0xff & (u8) ~ (bcsp->rx_skb->data[0] + bcsp->rx_skb->data[1] + 578 bcsp->rx_skb->data[2])) != bcsp->rx_skb->data[3]) { 579 BT_ERR("Error in BCSP hdr checksum"); 580 kfree_skb(bcsp->rx_skb); 581 bcsp->rx_state = BCSP_W4_PKT_DELIMITER; 582 bcsp->rx_count = 0; 583 continue; 584 } 585 if (bcsp->rx_skb->data[0] & 0x80 /* reliable pkt */ 586 && (bcsp->rx_skb->data[0] & 0x07) != bcsp->rxseq_txack) { 587 BT_ERR ("Out-of-order packet arrived, got %u expected %u", 588 bcsp->rx_skb->data[0] & 0x07, bcsp->rxseq_txack); 589 590 kfree_skb(bcsp->rx_skb); 591 bcsp->rx_state = BCSP_W4_PKT_DELIMITER; 592 bcsp->rx_count = 0; 593 continue; 594 } 595 bcsp->rx_state = BCSP_W4_DATA; 596 bcsp->rx_count = (bcsp->rx_skb->data[1] >> 4) + 597 (bcsp->rx_skb->data[2] << 4); /* May be 0 */ 598 continue; 599 600 case BCSP_W4_DATA: 601 if (bcsp->rx_skb->data[0] & 0x40) { /* pkt with crc */ 602 bcsp->rx_state = BCSP_W4_CRC; 603 bcsp->rx_count = 2; 604 } else 605 bcsp_complete_rx_pkt(hu); 606 continue; 607 608 case BCSP_W4_CRC: 609 if (bitrev16(bcsp->message_crc) != bscp_get_crc(bcsp)) { 610 BT_ERR ("Checksum failed: computed %04x received %04x", 611 bitrev16(bcsp->message_crc), 612 bscp_get_crc(bcsp)); 613 614 kfree_skb(bcsp->rx_skb); 615 bcsp->rx_state = BCSP_W4_PKT_DELIMITER; 616 bcsp->rx_count = 0; 617 continue; 618 } 619 skb_trim(bcsp->rx_skb, bcsp->rx_skb->len - 2); 620 bcsp_complete_rx_pkt(hu); 621 continue; 622 623 case BCSP_W4_PKT_DELIMITER: 624 switch (*ptr) { 625 case 0xc0: 626 bcsp->rx_state = BCSP_W4_PKT_START; 627 break; 628 default: 629 /*BT_ERR("Ignoring byte %02x", *ptr);*/ 630 break; 631 } 632 ptr++; count--; 633 break; 634 635 case BCSP_W4_PKT_START: 636 switch (*ptr) { 637 case 0xc0: 638 ptr++; count--; 639 break; 640 641 default: 642 bcsp->rx_state = BCSP_W4_BCSP_HDR; 643 bcsp->rx_count = 4; 644 bcsp->rx_esc_state = BCSP_ESCSTATE_NOESC; 645 BCSP_CRC_INIT(bcsp->message_crc); 646 647 /* Do not increment ptr or decrement count 648 * Allocate packet. Max len of a BCSP pkt= 649 * 0xFFF (payload) +4 (header) +2 (crc) */ 650 651 bcsp->rx_skb = bt_skb_alloc(0x1005, GFP_ATOMIC); 652 if (!bcsp->rx_skb) { 653 BT_ERR("Can't allocate mem for new packet"); 654 bcsp->rx_state = BCSP_W4_PKT_DELIMITER; 655 bcsp->rx_count = 0; 656 return 0; 657 } 658 bcsp->rx_skb->dev = (void *) hu->hdev; 659 break; 660 } 661 break; 662 } 663 } 664 return count; 665 } 666 667 /* Arrange to retransmit all messages in the relq. */ 668 static void bcsp_timed_event(unsigned long arg) 669 { 670 struct hci_uart *hu = (struct hci_uart *) arg; 671 struct bcsp_struct *bcsp = hu->priv; 672 struct sk_buff *skb; 673 unsigned long flags; 674 675 BT_DBG("hu %p retransmitting %u pkts", hu, bcsp->unack.qlen); 676 677 spin_lock_irqsave_nested(&bcsp->unack.lock, flags, SINGLE_DEPTH_NESTING); 678 679 while ((skb = __skb_dequeue_tail(&bcsp->unack)) != NULL) { 680 bcsp->msgq_txseq = (bcsp->msgq_txseq - 1) & 0x07; 681 skb_queue_head(&bcsp->rel, skb); 682 } 683 684 spin_unlock_irqrestore(&bcsp->unack.lock, flags); 685 686 hci_uart_tx_wakeup(hu); 687 } 688 689 static int bcsp_open(struct hci_uart *hu) 690 { 691 struct bcsp_struct *bcsp; 692 693 BT_DBG("hu %p", hu); 694 695 bcsp = kzalloc(sizeof(*bcsp), GFP_KERNEL); 696 if (!bcsp) 697 return -ENOMEM; 698 699 hu->priv = bcsp; 700 skb_queue_head_init(&bcsp->unack); 701 skb_queue_head_init(&bcsp->rel); 702 skb_queue_head_init(&bcsp->unrel); 703 704 init_timer(&bcsp->tbcsp); 705 bcsp->tbcsp.function = bcsp_timed_event; 706 bcsp->tbcsp.data = (u_long) hu; 707 708 bcsp->rx_state = BCSP_W4_PKT_DELIMITER; 709 710 if (txcrc) 711 bcsp->use_crc = 1; 712 713 return 0; 714 } 715 716 static int bcsp_close(struct hci_uart *hu) 717 { 718 struct bcsp_struct *bcsp = hu->priv; 719 hu->priv = NULL; 720 721 BT_DBG("hu %p", hu); 722 723 skb_queue_purge(&bcsp->unack); 724 skb_queue_purge(&bcsp->rel); 725 skb_queue_purge(&bcsp->unrel); 726 del_timer(&bcsp->tbcsp); 727 728 kfree(bcsp); 729 return 0; 730 } 731 732 static struct hci_uart_proto bcsp = { 733 .id = HCI_UART_BCSP, 734 .open = bcsp_open, 735 .close = bcsp_close, 736 .enqueue = bcsp_enqueue, 737 .dequeue = bcsp_dequeue, 738 .recv = bcsp_recv, 739 .flush = bcsp_flush 740 }; 741 742 int __init bcsp_init(void) 743 { 744 int err = hci_uart_register_proto(&bcsp); 745 746 if (!err) 747 BT_INFO("HCI BCSP protocol initialized"); 748 else 749 BT_ERR("HCI BCSP protocol registration failed"); 750 751 return err; 752 } 753 754 int __exit bcsp_deinit(void) 755 { 756 return hci_uart_unregister_proto(&bcsp); 757 } 758 759 module_param(txcrc, bool, 0644); 760 MODULE_PARM_DESC(txcrc, "Transmit CRC with every BCSP packet"); 761 762 module_param(hciextn, bool, 0644); 763 MODULE_PARM_DESC(hciextn, "Convert HCI Extensions into BCSP packets"); 764