1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3 * NXP Bluetooth driver
4 * Copyright 2023-2025 NXP
5 */
6
7 #include <linux/module.h>
8 #include <linux/kernel.h>
9
10 #include <linux/serdev.h>
11 #include <linux/of.h>
12 #include <linux/skbuff.h>
13 #include <linux/unaligned.h>
14 #include <linux/firmware.h>
15 #include <linux/string.h>
16 #include <linux/crc8.h>
17 #include <linux/crc32.h>
18 #include <linux/string_helpers.h>
19 #include <linux/gpio/consumer.h>
20
21 #include <net/bluetooth/bluetooth.h>
22 #include <net/bluetooth/hci_core.h>
23
24 #include "h4_recv.h"
25
26 #define MANUFACTURER_NXP 37
27
28 #define BTNXPUART_TX_STATE_ACTIVE 1
29 #define BTNXPUART_FW_DOWNLOADING 2
30 #define BTNXPUART_CHECK_BOOT_SIGNATURE 3
31 #define BTNXPUART_SERDEV_OPEN 4
32 #define BTNXPUART_IR_IN_PROGRESS 5
33 #define BTNXPUART_FW_DOWNLOAD_ABORT 6
34 #define BTNXPUART_FW_DUMP_IN_PROGRESS 7
35
36 /* NXP HW err codes */
37 #define BTNXPUART_IR_HW_ERR 0xb0
38
39 #define FIRMWARE_W8987 "uart8987_bt.bin"
40 #define FIRMWARE_W8987_OLD "uartuart8987_bt.bin"
41 #define FIRMWARE_W8997 "uart8997_bt_v4.bin"
42 #define FIRMWARE_W8997_OLD "uartuart8997_bt_v4.bin"
43 #define FIRMWARE_W9098 "uart9098_bt_v1.bin"
44 #define FIRMWARE_W9098_OLD "uartuart9098_bt_v1.bin"
45 #define FIRMWARE_IW416 "uartiw416_bt.bin"
46 #define FIRMWARE_IW416_OLD "uartiw416_bt_v0.bin"
47 #define FIRMWARE_IW612 "uartspi_n61x_v1.bin.se"
48 #define FIRMWARE_IW610 "uartspi_iw610.bin"
49 #define FIRMWARE_SECURE_IW610 "uartspi_iw610.bin.se"
50 #define FIRMWARE_IW624 "uartiw624_bt.bin"
51 #define FIRMWARE_SECURE_IW624 "uartiw624_bt.bin.se"
52 #define FIRMWARE_AW693 "uartaw693_bt.bin"
53 #define FIRMWARE_SECURE_AW693 "uartaw693_bt.bin.se"
54 #define FIRMWARE_AW693_A1 "uartaw693_bt_v1.bin"
55 #define FIRMWARE_SECURE_AW693_A1 "uartaw693_bt_v1.bin.se"
56 #define FIRMWARE_HELPER "helper_uart_3000000.bin"
57
58 #define CHIP_ID_W9098 0x5c03
59 #define CHIP_ID_IW416 0x7201
60 #define CHIP_ID_IW612 0x7601
61 #define CHIP_ID_IW624a 0x8000
62 #define CHIP_ID_IW624c 0x8001
63 #define CHIP_ID_AW693a0 0x8200
64 #define CHIP_ID_AW693a1 0x8201
65 #define CHIP_ID_IW610a0 0x8800
66 #define CHIP_ID_IW610a1 0x8801
67
68 #define FW_SECURE_MASK 0xc0
69 #define FW_OPEN 0x00
70 #define FW_AUTH_ILLEGAL 0x40
71 #define FW_AUTH_PLAIN 0x80
72 #define FW_AUTH_ENC 0xc0
73
74 #define HCI_NXP_PRI_BAUDRATE 115200
75 #define HCI_NXP_SEC_BAUDRATE 3000000
76
77 #define MAX_FW_FILE_NAME_LEN 50
78
79 /* Default ps timeout period in milliseconds */
80 #define PS_DEFAULT_TIMEOUT_PERIOD_MS 2000
81
82 /* wakeup methods */
83 #define WAKEUP_METHOD_DTR 0
84 #define WAKEUP_METHOD_BREAK 1
85 #define WAKEUP_METHOD_EXT_BREAK 2
86 #define WAKEUP_METHOD_RTS 3
87 #define WAKEUP_METHOD_GPIO 4
88 #define WAKEUP_METHOD_INVALID 0xff
89
90 /* power save mode status */
91 #define PS_MODE_DISABLE 0
92 #define PS_MODE_ENABLE 1
93
94 /* Power Save Commands to ps_work_func */
95 #define PS_CMD_EXIT_PS 1
96 #define PS_CMD_ENTER_PS 2
97
98 /* power save state */
99 #define PS_STATE_AWAKE 0
100 #define PS_STATE_SLEEP 1
101
102 /* NXP Vendor Commands. Refer user manual UM11628 on nxp.com */
103 /* Set custom BD Address */
104 #define HCI_NXP_SET_BD_ADDR 0xfc22
105 /* Set Auto-Sleep mode */
106 #define HCI_NXP_AUTO_SLEEP_MODE 0xfc23
107 /* Set Wakeup method */
108 #define HCI_NXP_WAKEUP_METHOD 0xfc53
109 /* Set operational baudrate */
110 #define HCI_NXP_SET_OPER_SPEED 0xfc09
111 /* Independent Reset (Soft Reset) */
112 #define HCI_NXP_IND_RESET 0xfcfc
113 /* Bluetooth vendor command: Trigger FW dump */
114 #define HCI_NXP_TRIGGER_DUMP 0xfe91
115
116 /* Bluetooth Power State : Vendor cmd params */
117 #define BT_PS_ENABLE 0x02
118 #define BT_PS_DISABLE 0x03
119
120 /* Bluetooth Host Wakeup Methods */
121 #define BT_HOST_WAKEUP_METHOD_NONE 0x00
122 #define BT_HOST_WAKEUP_METHOD_DTR 0x01
123 #define BT_HOST_WAKEUP_METHOD_BREAK 0x02
124 #define BT_HOST_WAKEUP_METHOD_GPIO 0x03
125
126 /* Bluetooth Chip Wakeup Methods */
127 #define BT_CTRL_WAKEUP_METHOD_DSR 0x00
128 #define BT_CTRL_WAKEUP_METHOD_BREAK 0x01
129 #define BT_CTRL_WAKEUP_METHOD_GPIO 0x02
130 #define BT_CTRL_WAKEUP_METHOD_EXT_BREAK 0x04
131 #define BT_CTRL_WAKEUP_METHOD_RTS 0x05
132
133 struct ps_data {
134 u8 target_ps_mode; /* ps mode to be set */
135 u8 cur_psmode; /* current ps_mode */
136 u8 ps_state; /* controller's power save state */
137 u8 ps_cmd;
138 u8 h2c_wakeupmode;
139 u8 cur_h2c_wakeupmode;
140 u8 c2h_wakeupmode;
141 u8 c2h_wakeup_gpio;
142 u8 h2c_wakeup_gpio;
143 bool driver_sent_cmd;
144 u16 h2c_ps_interval;
145 u16 c2h_ps_interval;
146 struct gpio_desc *h2c_ps_gpio;
147 struct hci_dev *hdev;
148 struct work_struct work;
149 struct timer_list ps_timer;
150 struct mutex ps_lock;
151 };
152
153 struct wakeup_cmd_payload {
154 u8 c2h_wakeupmode;
155 u8 c2h_wakeup_gpio;
156 u8 h2c_wakeupmode;
157 u8 h2c_wakeup_gpio;
158 } __packed;
159
160 struct psmode_cmd_payload {
161 u8 ps_cmd;
162 __le16 c2h_ps_interval;
163 } __packed;
164
165 struct btnxpuart_data {
166 const char *helper_fw_name;
167 const char *fw_name;
168 const char *fw_name_old;
169 };
170
171 enum bootloader_param_change {
172 not_changed,
173 cmd_sent,
174 changed
175 };
176
177 struct btnxpuart_dev {
178 struct hci_dev *hdev;
179 struct serdev_device *serdev;
180
181 struct work_struct tx_work;
182 unsigned long tx_state;
183 struct sk_buff_head txq;
184 struct sk_buff *rx_skb;
185
186 const struct firmware *fw;
187 u8 fw_name[MAX_FW_FILE_NAME_LEN];
188 u32 fw_dnld_v1_offset;
189 u32 fw_v1_sent_bytes;
190 u32 fw_dnld_v3_offset;
191 u32 fw_v3_offset_correction;
192 u32 fw_v3_prev_sent;
193 u32 fw_v1_expected_len;
194 u32 boot_reg_offset;
195 wait_queue_head_t fw_dnld_done_wait_q;
196 wait_queue_head_t check_boot_sign_wait_q;
197
198 u32 new_baudrate;
199 u32 current_baudrate;
200 u32 fw_init_baudrate;
201 enum bootloader_param_change timeout_changed;
202 enum bootloader_param_change baudrate_changed;
203 bool helper_downloaded;
204
205 struct ps_data psdata;
206 struct btnxpuart_data *nxp_data;
207 };
208
209 #define NXP_V1_FW_REQ_PKT 0xa5
210 #define NXP_V1_CHIP_VER_PKT 0xaa
211 #define NXP_V3_FW_REQ_PKT 0xa7
212 #define NXP_V3_CHIP_VER_PKT 0xab
213
214 #define NXP_ACK_V1 0x5a
215 #define NXP_NAK_V1 0xbf
216 #define NXP_ACK_V3 0x7a
217 #define NXP_NAK_V3 0x7b
218 #define NXP_CRC_ERROR_V3 0x7c
219
220 /* Bootloader signature error codes: Refer AN12820 from nxp.com */
221 #define NXP_CRC_RX_ERROR BIT(0) /* CRC error in previous packet */
222 #define NXP_ACK_RX_TIMEOUT BIT(2) /* ACK not received from host */
223 #define NXP_HDR_RX_TIMEOUT BIT(3) /* FW Header chunk not received */
224 #define NXP_DATA_RX_TIMEOUT BIT(4) /* FW Data chunk not received */
225
226 #define HDR_LEN 16
227
228 #define NXP_RECV_CHIP_VER_V1 \
229 .type = NXP_V1_CHIP_VER_PKT, \
230 .hlen = 4, \
231 .loff = 0, \
232 .lsize = 0, \
233 .maxlen = 4
234
235 #define NXP_RECV_FW_REQ_V1 \
236 .type = NXP_V1_FW_REQ_PKT, \
237 .hlen = 4, \
238 .loff = 0, \
239 .lsize = 0, \
240 .maxlen = 4
241
242 #define NXP_RECV_CHIP_VER_V3 \
243 .type = NXP_V3_CHIP_VER_PKT, \
244 .hlen = 4, \
245 .loff = 0, \
246 .lsize = 0, \
247 .maxlen = 4
248
249 #define NXP_RECV_FW_REQ_V3 \
250 .type = NXP_V3_FW_REQ_PKT, \
251 .hlen = 9, \
252 .loff = 0, \
253 .lsize = 0, \
254 .maxlen = 9
255
256 struct v1_data_req {
257 __le16 len;
258 __le16 len_comp;
259 } __packed;
260
261 struct v1_start_ind {
262 __le16 chip_id;
263 __le16 chip_id_comp;
264 } __packed;
265
266 struct v3_data_req {
267 __le16 len;
268 __le32 offset;
269 __le16 error;
270 u8 crc;
271 } __packed;
272
273 struct v3_start_ind {
274 __le16 chip_id;
275 u8 loader_ver;
276 u8 crc;
277 } __packed;
278
279 /* UART register addresses of BT chip */
280 #define CLKDIVADDR 0x7f00008f
281 #define UARTDIVADDR 0x7f000090
282 #define UARTMCRADDR 0x7f000091
283 #define UARTREINITADDR 0x7f000092
284 #define UARTICRADDR 0x7f000093
285 #define UARTFCRADDR 0x7f000094
286
287 #define MCR 0x00000022
288 #define INIT 0x00000001
289 #define ICR 0x000000c7
290 #define FCR 0x000000c7
291
292 #define POLYNOMIAL8 0x07
293
294 struct uart_reg {
295 __le32 address;
296 __le32 value;
297 } __packed;
298
299 struct uart_config {
300 struct uart_reg clkdiv;
301 struct uart_reg uartdiv;
302 struct uart_reg mcr;
303 struct uart_reg re_init;
304 struct uart_reg icr;
305 struct uart_reg fcr;
306 __be32 crc;
307 } __packed;
308
309 struct nxp_bootloader_cmd {
310 __le32 header;
311 __le32 arg;
312 __le32 payload_len;
313 __be32 crc;
314 } __packed;
315
316 struct nxp_v3_rx_timeout_nak {
317 u8 nak;
318 __le32 offset;
319 u8 crc;
320 } __packed;
321
322 union nxp_v3_rx_timeout_nak_u {
323 struct nxp_v3_rx_timeout_nak pkt;
324 u8 buf[6];
325 };
326
327 struct nxp_v3_crc_nak {
328 u8 nak;
329 u8 crc;
330 } __packed;
331
332 union nxp_v3_crc_nak_u {
333 struct nxp_v3_crc_nak pkt;
334 u8 buf[2];
335 };
336
337 /* FW dump */
338 #define NXP_FW_DUMP_SIZE (1024 * 1000)
339
340 struct nxp_fw_dump_hdr {
341 __le16 seq_num;
342 __le16 reserved;
343 __le16 buf_type;
344 __le16 buf_len;
345 };
346
347 union nxp_set_bd_addr_payload {
348 struct {
349 u8 param_id;
350 u8 param_len;
351 u8 param[6];
352 } __packed data;
353 u8 buf[8];
354 };
355
356 static u8 crc8_table[CRC8_TABLE_SIZE];
357
358 /* Default configurations */
359 #define DEFAULT_H2C_WAKEUP_MODE WAKEUP_METHOD_BREAK
360 #define DEFAULT_PS_MODE PS_MODE_ENABLE
361 #define FW_INIT_BAUDRATE HCI_NXP_PRI_BAUDRATE
362
nxp_drv_send_cmd(struct hci_dev * hdev,u16 opcode,u32 plen,void * param)363 static struct sk_buff *nxp_drv_send_cmd(struct hci_dev *hdev, u16 opcode,
364 u32 plen,
365 void *param)
366 {
367 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
368 struct ps_data *psdata = &nxpdev->psdata;
369 struct sk_buff *skb;
370
371 /* set flag to prevent nxp_enqueue from parsing values from this command and
372 * calling hci_cmd_sync_queue() again.
373 */
374 psdata->driver_sent_cmd = true;
375 skb = __hci_cmd_sync(hdev, opcode, plen, param, HCI_CMD_TIMEOUT);
376 psdata->driver_sent_cmd = false;
377
378 return skb;
379 }
380
btnxpuart_tx_wakeup(struct btnxpuart_dev * nxpdev)381 static void btnxpuart_tx_wakeup(struct btnxpuart_dev *nxpdev)
382 {
383 if (schedule_work(&nxpdev->tx_work))
384 set_bit(BTNXPUART_TX_STATE_ACTIVE, &nxpdev->tx_state);
385 }
386
387 /* NXP Power Save Feature */
ps_start_timer(struct btnxpuart_dev * nxpdev)388 static void ps_start_timer(struct btnxpuart_dev *nxpdev)
389 {
390 struct ps_data *psdata = &nxpdev->psdata;
391
392 if (!psdata)
393 return;
394
395 if (psdata->cur_psmode == PS_MODE_ENABLE)
396 mod_timer(&psdata->ps_timer, jiffies + msecs_to_jiffies(psdata->h2c_ps_interval));
397
398 if (psdata->ps_state == PS_STATE_AWAKE && psdata->ps_cmd == PS_CMD_ENTER_PS)
399 cancel_work_sync(&psdata->work);
400 }
401
ps_cancel_timer(struct btnxpuart_dev * nxpdev)402 static void ps_cancel_timer(struct btnxpuart_dev *nxpdev)
403 {
404 struct ps_data *psdata = &nxpdev->psdata;
405
406 flush_work(&psdata->work);
407 timer_shutdown_sync(&psdata->ps_timer);
408 }
409
ps_control(struct hci_dev * hdev,u8 ps_state)410 static void ps_control(struct hci_dev *hdev, u8 ps_state)
411 {
412 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
413 struct ps_data *psdata = &nxpdev->psdata;
414 int status = 0;
415
416 if (psdata->ps_state == ps_state ||
417 !test_bit(BTNXPUART_SERDEV_OPEN, &nxpdev->tx_state))
418 return;
419
420 mutex_lock(&psdata->ps_lock);
421 switch (psdata->cur_h2c_wakeupmode) {
422 case WAKEUP_METHOD_GPIO:
423 if (ps_state == PS_STATE_AWAKE)
424 gpiod_set_value_cansleep(psdata->h2c_ps_gpio, 0);
425 else
426 gpiod_set_value_cansleep(psdata->h2c_ps_gpio, 1);
427 bt_dev_dbg(hdev, "Set h2c_ps_gpio: %s",
428 str_high_low(ps_state == PS_STATE_SLEEP));
429 break;
430 case WAKEUP_METHOD_DTR:
431 if (ps_state == PS_STATE_AWAKE)
432 status = serdev_device_set_tiocm(nxpdev->serdev, TIOCM_DTR, 0);
433 else
434 status = serdev_device_set_tiocm(nxpdev->serdev, 0, TIOCM_DTR);
435 break;
436 case WAKEUP_METHOD_BREAK:
437 default:
438 if (ps_state == PS_STATE_AWAKE)
439 status = serdev_device_break_ctl(nxpdev->serdev, 0);
440 else
441 status = serdev_device_break_ctl(nxpdev->serdev, -1);
442 msleep(20); /* Allow chip to detect UART-break and enter sleep */
443 bt_dev_dbg(hdev, "Set UART break: %s, status=%d",
444 str_on_off(ps_state == PS_STATE_SLEEP), status);
445 break;
446 }
447 if (!status)
448 psdata->ps_state = ps_state;
449 mutex_unlock(&psdata->ps_lock);
450
451 if (ps_state == PS_STATE_AWAKE)
452 btnxpuart_tx_wakeup(nxpdev);
453 }
454
ps_work_func(struct work_struct * work)455 static void ps_work_func(struct work_struct *work)
456 {
457 struct ps_data *data = container_of(work, struct ps_data, work);
458
459 if (data->ps_cmd == PS_CMD_ENTER_PS && data->cur_psmode == PS_MODE_ENABLE)
460 ps_control(data->hdev, PS_STATE_SLEEP);
461 else if (data->ps_cmd == PS_CMD_EXIT_PS)
462 ps_control(data->hdev, PS_STATE_AWAKE);
463 }
464
ps_timeout_func(struct timer_list * t)465 static void ps_timeout_func(struct timer_list *t)
466 {
467 struct ps_data *data = from_timer(data, t, ps_timer);
468 struct hci_dev *hdev = data->hdev;
469 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
470
471 if (test_bit(BTNXPUART_TX_STATE_ACTIVE, &nxpdev->tx_state)) {
472 ps_start_timer(nxpdev);
473 } else {
474 data->ps_cmd = PS_CMD_ENTER_PS;
475 schedule_work(&data->work);
476 }
477 }
478
ps_setup(struct hci_dev * hdev)479 static int ps_setup(struct hci_dev *hdev)
480 {
481 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
482 struct serdev_device *serdev = nxpdev->serdev;
483 struct ps_data *psdata = &nxpdev->psdata;
484
485 psdata->h2c_ps_gpio = devm_gpiod_get_optional(&serdev->dev, "device-wakeup",
486 GPIOD_OUT_LOW);
487 if (IS_ERR(psdata->h2c_ps_gpio)) {
488 bt_dev_err(hdev, "Error fetching device-wakeup-gpios: %ld",
489 PTR_ERR(psdata->h2c_ps_gpio));
490 return PTR_ERR(psdata->h2c_ps_gpio);
491 }
492
493 if (device_property_read_u8(&serdev->dev, "nxp,wakein-pin", &psdata->h2c_wakeup_gpio)) {
494 psdata->h2c_wakeup_gpio = 0xff; /* 0xff: use default pin/gpio */
495 } else if (!psdata->h2c_ps_gpio) {
496 bt_dev_warn(hdev, "nxp,wakein-pin property without device-wakeup GPIO");
497 psdata->h2c_wakeup_gpio = 0xff;
498 }
499
500 device_property_read_u8(&serdev->dev, "nxp,wakeout-pin", &psdata->c2h_wakeup_gpio);
501
502 psdata->hdev = hdev;
503 INIT_WORK(&psdata->work, ps_work_func);
504 mutex_init(&psdata->ps_lock);
505 timer_setup(&psdata->ps_timer, ps_timeout_func, 0);
506
507 return 0;
508 }
509
ps_wakeup(struct btnxpuart_dev * nxpdev)510 static bool ps_wakeup(struct btnxpuart_dev *nxpdev)
511 {
512 struct ps_data *psdata = &nxpdev->psdata;
513 u8 ps_state;
514
515 mutex_lock(&psdata->ps_lock);
516 ps_state = psdata->ps_state;
517 mutex_unlock(&psdata->ps_lock);
518
519 if (ps_state != PS_STATE_AWAKE) {
520 psdata->ps_cmd = PS_CMD_EXIT_PS;
521 schedule_work(&psdata->work);
522 return true;
523 }
524 return false;
525 }
526
ps_cleanup(struct btnxpuart_dev * nxpdev)527 static void ps_cleanup(struct btnxpuart_dev *nxpdev)
528 {
529 struct ps_data *psdata = &nxpdev->psdata;
530 u8 ps_state;
531
532 mutex_lock(&psdata->ps_lock);
533 ps_state = psdata->ps_state;
534 mutex_unlock(&psdata->ps_lock);
535
536 if (ps_state != PS_STATE_AWAKE)
537 ps_control(psdata->hdev, PS_STATE_AWAKE);
538
539 ps_cancel_timer(nxpdev);
540 cancel_work_sync(&psdata->work);
541 mutex_destroy(&psdata->ps_lock);
542 }
543
send_ps_cmd(struct hci_dev * hdev,void * data)544 static int send_ps_cmd(struct hci_dev *hdev, void *data)
545 {
546 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
547 struct ps_data *psdata = &nxpdev->psdata;
548 struct psmode_cmd_payload pcmd;
549 struct sk_buff *skb;
550 u8 *status;
551
552 if (psdata->target_ps_mode == PS_MODE_ENABLE)
553 pcmd.ps_cmd = BT_PS_ENABLE;
554 else
555 pcmd.ps_cmd = BT_PS_DISABLE;
556 pcmd.c2h_ps_interval = __cpu_to_le16(psdata->c2h_ps_interval);
557
558 skb = nxp_drv_send_cmd(hdev, HCI_NXP_AUTO_SLEEP_MODE, sizeof(pcmd), &pcmd);
559 if (IS_ERR(skb)) {
560 bt_dev_err(hdev, "Setting Power Save mode failed (%ld)", PTR_ERR(skb));
561 return PTR_ERR(skb);
562 }
563
564 status = skb_pull_data(skb, 1);
565 if (status) {
566 if (!*status)
567 psdata->cur_psmode = psdata->target_ps_mode;
568 else
569 psdata->target_ps_mode = psdata->cur_psmode;
570 if (psdata->cur_psmode == PS_MODE_ENABLE)
571 ps_start_timer(nxpdev);
572 else
573 ps_wakeup(nxpdev);
574 bt_dev_dbg(hdev, "Power Save mode response: status=%d, ps_mode=%d",
575 *status, psdata->cur_psmode);
576 }
577 kfree_skb(skb);
578
579 return 0;
580 }
581
send_wakeup_method_cmd(struct hci_dev * hdev,void * data)582 static int send_wakeup_method_cmd(struct hci_dev *hdev, void *data)
583 {
584 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
585 struct ps_data *psdata = &nxpdev->psdata;
586 struct wakeup_cmd_payload pcmd;
587 struct sk_buff *skb;
588 u8 *status;
589
590 pcmd.c2h_wakeupmode = psdata->c2h_wakeupmode;
591 pcmd.c2h_wakeup_gpio = psdata->c2h_wakeup_gpio;
592 pcmd.h2c_wakeup_gpio = 0xff;
593 switch (psdata->h2c_wakeupmode) {
594 case WAKEUP_METHOD_GPIO:
595 pcmd.h2c_wakeupmode = BT_CTRL_WAKEUP_METHOD_GPIO;
596 pcmd.h2c_wakeup_gpio = psdata->h2c_wakeup_gpio;
597 break;
598 case WAKEUP_METHOD_DTR:
599 pcmd.h2c_wakeupmode = BT_CTRL_WAKEUP_METHOD_DSR;
600 break;
601 case WAKEUP_METHOD_BREAK:
602 default:
603 pcmd.h2c_wakeupmode = BT_CTRL_WAKEUP_METHOD_BREAK;
604 break;
605 }
606
607 skb = nxp_drv_send_cmd(hdev, HCI_NXP_WAKEUP_METHOD, sizeof(pcmd), &pcmd);
608 if (IS_ERR(skb)) {
609 bt_dev_err(hdev, "Setting wake-up method failed (%ld)", PTR_ERR(skb));
610 return PTR_ERR(skb);
611 }
612
613 status = skb_pull_data(skb, 1);
614 if (status) {
615 if (*status == 0)
616 psdata->cur_h2c_wakeupmode = psdata->h2c_wakeupmode;
617 else
618 psdata->h2c_wakeupmode = psdata->cur_h2c_wakeupmode;
619 bt_dev_dbg(hdev, "Set Wakeup Method response: status=%d, h2c_wakeupmode=%d",
620 *status, psdata->cur_h2c_wakeupmode);
621 }
622 kfree_skb(skb);
623
624 return 0;
625 }
626
ps_init(struct hci_dev * hdev)627 static void ps_init(struct hci_dev *hdev)
628 {
629 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
630 struct ps_data *psdata = &nxpdev->psdata;
631 u8 default_h2c_wakeup_mode = DEFAULT_H2C_WAKEUP_MODE;
632
633 serdev_device_set_tiocm(nxpdev->serdev, 0, TIOCM_RTS);
634 usleep_range(5000, 10000);
635 serdev_device_set_tiocm(nxpdev->serdev, TIOCM_RTS, 0);
636 usleep_range(5000, 10000);
637
638 psdata->ps_state = PS_STATE_AWAKE;
639
640 if (psdata->c2h_wakeup_gpio) {
641 psdata->c2h_wakeupmode = BT_HOST_WAKEUP_METHOD_GPIO;
642 } else {
643 psdata->c2h_wakeupmode = BT_HOST_WAKEUP_METHOD_NONE;
644 psdata->c2h_wakeup_gpio = 0xff;
645 }
646
647 psdata->cur_h2c_wakeupmode = WAKEUP_METHOD_INVALID;
648 if (psdata->h2c_ps_gpio)
649 default_h2c_wakeup_mode = WAKEUP_METHOD_GPIO;
650
651 psdata->h2c_ps_interval = PS_DEFAULT_TIMEOUT_PERIOD_MS;
652
653 switch (default_h2c_wakeup_mode) {
654 case WAKEUP_METHOD_GPIO:
655 psdata->h2c_wakeupmode = WAKEUP_METHOD_GPIO;
656 gpiod_set_value_cansleep(psdata->h2c_ps_gpio, 0);
657 usleep_range(5000, 10000);
658 break;
659 case WAKEUP_METHOD_DTR:
660 psdata->h2c_wakeupmode = WAKEUP_METHOD_DTR;
661 serdev_device_set_tiocm(nxpdev->serdev, 0, TIOCM_DTR);
662 serdev_device_set_tiocm(nxpdev->serdev, TIOCM_DTR, 0);
663 break;
664 case WAKEUP_METHOD_BREAK:
665 default:
666 psdata->h2c_wakeupmode = WAKEUP_METHOD_BREAK;
667 serdev_device_break_ctl(nxpdev->serdev, -1);
668 usleep_range(5000, 10000);
669 serdev_device_break_ctl(nxpdev->serdev, 0);
670 usleep_range(5000, 10000);
671 break;
672 }
673
674 psdata->cur_psmode = PS_MODE_DISABLE;
675 psdata->target_ps_mode = DEFAULT_PS_MODE;
676 }
677
678 /* NXP Firmware Download Feature */
nxp_download_firmware(struct hci_dev * hdev)679 static int nxp_download_firmware(struct hci_dev *hdev)
680 {
681 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
682 int err = 0;
683
684 nxpdev->fw_dnld_v1_offset = 0;
685 nxpdev->fw_v1_sent_bytes = 0;
686 nxpdev->fw_v1_expected_len = HDR_LEN;
687 nxpdev->boot_reg_offset = 0;
688 nxpdev->fw_dnld_v3_offset = 0;
689 nxpdev->fw_v3_offset_correction = 0;
690 nxpdev->baudrate_changed = not_changed;
691 nxpdev->timeout_changed = not_changed;
692 nxpdev->helper_downloaded = false;
693
694 serdev_device_set_baudrate(nxpdev->serdev, HCI_NXP_PRI_BAUDRATE);
695 serdev_device_set_flow_control(nxpdev->serdev, false);
696 nxpdev->current_baudrate = HCI_NXP_PRI_BAUDRATE;
697
698 /* Wait till FW is downloaded */
699 err = wait_event_interruptible_timeout(nxpdev->fw_dnld_done_wait_q,
700 !test_bit(BTNXPUART_FW_DOWNLOADING,
701 &nxpdev->tx_state),
702 msecs_to_jiffies(60000));
703
704 if (nxpdev->fw && strlen(nxpdev->fw_name)) {
705 release_firmware(nxpdev->fw);
706 memset(nxpdev->fw_name, 0, sizeof(nxpdev->fw_name));
707 }
708
709 if (err == 0) {
710 bt_dev_err(hdev, "FW Download Timeout. offset: %d",
711 nxpdev->fw_dnld_v1_offset ?
712 nxpdev->fw_dnld_v1_offset :
713 nxpdev->fw_dnld_v3_offset);
714 return -ETIMEDOUT;
715 }
716 if (test_bit(BTNXPUART_FW_DOWNLOAD_ABORT, &nxpdev->tx_state)) {
717 bt_dev_err(hdev, "FW Download Aborted");
718 return -EINTR;
719 }
720
721 serdev_device_set_flow_control(nxpdev->serdev, true);
722
723 /* Allow the downloaded FW to initialize */
724 msleep(1200);
725
726 return 0;
727 }
728
nxp_send_ack(u8 ack,struct hci_dev * hdev)729 static void nxp_send_ack(u8 ack, struct hci_dev *hdev)
730 {
731 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
732 u8 ack_nak[2];
733 int len = 1;
734
735 ack_nak[0] = ack;
736 if (ack == NXP_ACK_V3) {
737 ack_nak[1] = crc8(crc8_table, ack_nak, 1, 0xff);
738 len = 2;
739 }
740 serdev_device_write_buf(nxpdev->serdev, ack_nak, len);
741 }
742
nxp_fw_change_baudrate(struct hci_dev * hdev,u16 req_len)743 static bool nxp_fw_change_baudrate(struct hci_dev *hdev, u16 req_len)
744 {
745 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
746 struct nxp_bootloader_cmd nxp_cmd5;
747 struct uart_config uart_config;
748 u32 clkdivaddr = CLKDIVADDR - nxpdev->boot_reg_offset;
749 u32 uartdivaddr = UARTDIVADDR - nxpdev->boot_reg_offset;
750 u32 uartmcraddr = UARTMCRADDR - nxpdev->boot_reg_offset;
751 u32 uartreinitaddr = UARTREINITADDR - nxpdev->boot_reg_offset;
752 u32 uarticraddr = UARTICRADDR - nxpdev->boot_reg_offset;
753 u32 uartfcraddr = UARTFCRADDR - nxpdev->boot_reg_offset;
754
755 if (req_len == sizeof(nxp_cmd5)) {
756 nxp_cmd5.header = __cpu_to_le32(5);
757 nxp_cmd5.arg = 0;
758 nxp_cmd5.payload_len = __cpu_to_le32(sizeof(uart_config));
759 /* FW expects swapped CRC bytes */
760 nxp_cmd5.crc = __cpu_to_be32(crc32_be(0UL, (char *)&nxp_cmd5,
761 sizeof(nxp_cmd5) - 4));
762
763 serdev_device_write_buf(nxpdev->serdev, (u8 *)&nxp_cmd5, sizeof(nxp_cmd5));
764 nxpdev->fw_v3_offset_correction += req_len;
765 } else if (req_len == sizeof(uart_config)) {
766 uart_config.clkdiv.address = __cpu_to_le32(clkdivaddr);
767 uart_config.clkdiv.value = __cpu_to_le32(0x00c00000);
768 uart_config.uartdiv.address = __cpu_to_le32(uartdivaddr);
769 uart_config.uartdiv.value = __cpu_to_le32(1);
770 uart_config.mcr.address = __cpu_to_le32(uartmcraddr);
771 uart_config.mcr.value = __cpu_to_le32(MCR);
772 uart_config.re_init.address = __cpu_to_le32(uartreinitaddr);
773 uart_config.re_init.value = __cpu_to_le32(INIT);
774 uart_config.icr.address = __cpu_to_le32(uarticraddr);
775 uart_config.icr.value = __cpu_to_le32(ICR);
776 uart_config.fcr.address = __cpu_to_le32(uartfcraddr);
777 uart_config.fcr.value = __cpu_to_le32(FCR);
778 /* FW expects swapped CRC bytes */
779 uart_config.crc = __cpu_to_be32(crc32_be(0UL, (char *)&uart_config,
780 sizeof(uart_config) - 4));
781
782 serdev_device_write_buf(nxpdev->serdev, (u8 *)&uart_config, sizeof(uart_config));
783 serdev_device_wait_until_sent(nxpdev->serdev, 0);
784 nxpdev->fw_v3_offset_correction += req_len;
785 return true;
786 }
787 return false;
788 }
789
nxp_fw_change_timeout(struct hci_dev * hdev,u16 req_len)790 static bool nxp_fw_change_timeout(struct hci_dev *hdev, u16 req_len)
791 {
792 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
793 struct nxp_bootloader_cmd nxp_cmd7;
794
795 if (req_len != sizeof(nxp_cmd7))
796 return false;
797
798 nxp_cmd7.header = __cpu_to_le32(7);
799 nxp_cmd7.arg = __cpu_to_le32(0x70);
800 nxp_cmd7.payload_len = 0;
801 /* FW expects swapped CRC bytes */
802 nxp_cmd7.crc = __cpu_to_be32(crc32_be(0UL, (char *)&nxp_cmd7,
803 sizeof(nxp_cmd7) - 4));
804 serdev_device_write_buf(nxpdev->serdev, (u8 *)&nxp_cmd7, sizeof(nxp_cmd7));
805 serdev_device_wait_until_sent(nxpdev->serdev, 0);
806 nxpdev->fw_v3_offset_correction += req_len;
807 return true;
808 }
809
nxp_get_data_len(const u8 * buf)810 static u32 nxp_get_data_len(const u8 *buf)
811 {
812 struct nxp_bootloader_cmd *hdr = (struct nxp_bootloader_cmd *)buf;
813
814 return __le32_to_cpu(hdr->payload_len);
815 }
816
is_fw_downloading(struct btnxpuart_dev * nxpdev)817 static bool is_fw_downloading(struct btnxpuart_dev *nxpdev)
818 {
819 return test_bit(BTNXPUART_FW_DOWNLOADING, &nxpdev->tx_state);
820 }
821
ind_reset_in_progress(struct btnxpuart_dev * nxpdev)822 static bool ind_reset_in_progress(struct btnxpuart_dev *nxpdev)
823 {
824 return test_bit(BTNXPUART_IR_IN_PROGRESS, &nxpdev->tx_state);
825 }
826
fw_dump_in_progress(struct btnxpuart_dev * nxpdev)827 static bool fw_dump_in_progress(struct btnxpuart_dev *nxpdev)
828 {
829 return test_bit(BTNXPUART_FW_DUMP_IN_PROGRESS, &nxpdev->tx_state);
830 }
831
process_boot_signature(struct btnxpuart_dev * nxpdev)832 static bool process_boot_signature(struct btnxpuart_dev *nxpdev)
833 {
834 if (test_bit(BTNXPUART_CHECK_BOOT_SIGNATURE, &nxpdev->tx_state)) {
835 clear_bit(BTNXPUART_CHECK_BOOT_SIGNATURE, &nxpdev->tx_state);
836 wake_up_interruptible(&nxpdev->check_boot_sign_wait_q);
837 return false;
838 }
839 return is_fw_downloading(nxpdev);
840 }
841
nxp_request_firmware(struct hci_dev * hdev,const char * fw_name,const char * fw_name_old)842 static int nxp_request_firmware(struct hci_dev *hdev, const char *fw_name,
843 const char *fw_name_old)
844 {
845 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
846 const char *fw_name_dt;
847 int err = 0;
848
849 if (!fw_name)
850 return -ENOENT;
851
852 if (!strlen(nxpdev->fw_name)) {
853 if (strcmp(fw_name, FIRMWARE_HELPER) &&
854 !device_property_read_string(&nxpdev->serdev->dev,
855 "firmware-name",
856 &fw_name_dt))
857 fw_name = fw_name_dt;
858 snprintf(nxpdev->fw_name, MAX_FW_FILE_NAME_LEN, "nxp/%s", fw_name);
859 err = request_firmware_direct(&nxpdev->fw, nxpdev->fw_name, &hdev->dev);
860 if (err < 0 && fw_name_old) {
861 snprintf(nxpdev->fw_name, MAX_FW_FILE_NAME_LEN, "nxp/%s", fw_name_old);
862 err = request_firmware_direct(&nxpdev->fw, nxpdev->fw_name, &hdev->dev);
863 }
864
865 bt_dev_info(hdev, "Request Firmware: %s", nxpdev->fw_name);
866 if (err < 0) {
867 bt_dev_err(hdev, "Firmware file %s not found", nxpdev->fw_name);
868 clear_bit(BTNXPUART_FW_DOWNLOADING, &nxpdev->tx_state);
869 }
870 }
871 return err;
872 }
873
874 /* for legacy chipsets with V1 bootloader */
nxp_recv_chip_ver_v1(struct hci_dev * hdev,struct sk_buff * skb)875 static int nxp_recv_chip_ver_v1(struct hci_dev *hdev, struct sk_buff *skb)
876 {
877 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
878 struct v1_start_ind *req;
879 __u16 chip_id;
880
881 req = skb_pull_data(skb, sizeof(*req));
882 if (!req)
883 goto free_skb;
884
885 chip_id = le16_to_cpu(req->chip_id ^ req->chip_id_comp);
886 if (chip_id == 0xffff && nxpdev->fw_dnld_v1_offset) {
887 nxpdev->fw_dnld_v1_offset = 0;
888 nxpdev->fw_v1_sent_bytes = 0;
889 nxpdev->fw_v1_expected_len = HDR_LEN;
890 release_firmware(nxpdev->fw);
891 memset(nxpdev->fw_name, 0, sizeof(nxpdev->fw_name));
892 nxp_send_ack(NXP_ACK_V1, hdev);
893 }
894
895 free_skb:
896 kfree_skb(skb);
897 return 0;
898 }
899
nxp_recv_fw_req_v1(struct hci_dev * hdev,struct sk_buff * skb)900 static int nxp_recv_fw_req_v1(struct hci_dev *hdev, struct sk_buff *skb)
901 {
902 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
903 struct btnxpuart_data *nxp_data = nxpdev->nxp_data;
904 struct v1_data_req *req;
905 __u16 len;
906
907 if (!process_boot_signature(nxpdev))
908 goto free_skb;
909
910 req = skb_pull_data(skb, sizeof(*req));
911 if (!req)
912 goto free_skb;
913
914 len = __le16_to_cpu(req->len ^ req->len_comp);
915 if (len != 0xffff) {
916 bt_dev_dbg(hdev, "ERR: Send NAK");
917 nxp_send_ack(NXP_NAK_V1, hdev);
918 goto free_skb;
919 }
920 nxp_send_ack(NXP_ACK_V1, hdev);
921
922 len = __le16_to_cpu(req->len);
923
924 if (!nxp_data->helper_fw_name) {
925 if (nxpdev->timeout_changed != changed) {
926 nxp_fw_change_timeout(hdev, len);
927 nxpdev->timeout_changed = changed;
928 goto free_skb;
929 }
930 if (nxpdev->baudrate_changed != changed) {
931 if (nxp_fw_change_baudrate(hdev, len)) {
932 nxpdev->baudrate_changed = changed;
933 serdev_device_set_baudrate(nxpdev->serdev,
934 HCI_NXP_SEC_BAUDRATE);
935 serdev_device_set_flow_control(nxpdev->serdev, true);
936 nxpdev->current_baudrate = HCI_NXP_SEC_BAUDRATE;
937 }
938 goto free_skb;
939 }
940 }
941
942 if (!nxp_data->helper_fw_name || nxpdev->helper_downloaded) {
943 if (nxp_request_firmware(hdev, nxp_data->fw_name, nxp_data->fw_name_old))
944 goto free_skb;
945 } else if (nxp_data->helper_fw_name && !nxpdev->helper_downloaded) {
946 if (nxp_request_firmware(hdev, nxp_data->helper_fw_name, NULL))
947 goto free_skb;
948 }
949
950 if (!len) {
951 bt_dev_info(hdev, "FW Download Complete: %zu bytes",
952 nxpdev->fw->size);
953 if (nxp_data->helper_fw_name && !nxpdev->helper_downloaded) {
954 nxpdev->helper_downloaded = true;
955 serdev_device_wait_until_sent(nxpdev->serdev, 0);
956 serdev_device_set_baudrate(nxpdev->serdev,
957 HCI_NXP_SEC_BAUDRATE);
958 serdev_device_set_flow_control(nxpdev->serdev, true);
959 } else {
960 clear_bit(BTNXPUART_FW_DOWNLOADING, &nxpdev->tx_state);
961 wake_up_interruptible(&nxpdev->fw_dnld_done_wait_q);
962 }
963 goto free_skb;
964 }
965 if (len & 0x01) {
966 /* The CRC did not match at the other end.
967 * Simply send the same bytes again.
968 */
969 len = nxpdev->fw_v1_sent_bytes;
970 bt_dev_dbg(hdev, "CRC error. Resend %d bytes of FW.", len);
971 } else {
972 nxpdev->fw_dnld_v1_offset += nxpdev->fw_v1_sent_bytes;
973
974 /* The FW bin file is made up of many blocks of
975 * 16 byte header and payload data chunks. If the
976 * FW has requested a header, read the payload length
977 * info from the header, before sending the header.
978 * In the next iteration, the FW should request the
979 * payload data chunk, which should be equal to the
980 * payload length read from header. If there is a
981 * mismatch, clearly the driver and FW are out of sync,
982 * and we need to re-send the previous header again.
983 */
984 if (len == nxpdev->fw_v1_expected_len) {
985 if (len == HDR_LEN)
986 nxpdev->fw_v1_expected_len = nxp_get_data_len(nxpdev->fw->data +
987 nxpdev->fw_dnld_v1_offset);
988 else
989 nxpdev->fw_v1_expected_len = HDR_LEN;
990 } else if (len == HDR_LEN) {
991 /* FW download out of sync. Send previous chunk again */
992 nxpdev->fw_dnld_v1_offset -= nxpdev->fw_v1_sent_bytes;
993 nxpdev->fw_v1_expected_len = HDR_LEN;
994 }
995 }
996
997 if (nxpdev->fw_dnld_v1_offset + len <= nxpdev->fw->size)
998 serdev_device_write_buf(nxpdev->serdev, nxpdev->fw->data +
999 nxpdev->fw_dnld_v1_offset, len);
1000 nxpdev->fw_v1_sent_bytes = len;
1001
1002 free_skb:
1003 kfree_skb(skb);
1004 return 0;
1005 }
1006
nxp_get_fw_name_from_chipid(struct hci_dev * hdev,u16 chipid,u8 loader_ver)1007 static char *nxp_get_fw_name_from_chipid(struct hci_dev *hdev, u16 chipid,
1008 u8 loader_ver)
1009 {
1010 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
1011 char *fw_name = NULL;
1012
1013 switch (chipid) {
1014 case CHIP_ID_W9098:
1015 fw_name = FIRMWARE_W9098;
1016 break;
1017 case CHIP_ID_IW416:
1018 fw_name = FIRMWARE_IW416;
1019 break;
1020 case CHIP_ID_IW612:
1021 fw_name = FIRMWARE_IW612;
1022 break;
1023 case CHIP_ID_IW624a:
1024 case CHIP_ID_IW624c:
1025 nxpdev->boot_reg_offset = 1;
1026 if ((loader_ver & FW_SECURE_MASK) == FW_OPEN)
1027 fw_name = FIRMWARE_IW624;
1028 else if ((loader_ver & FW_SECURE_MASK) != FW_AUTH_ILLEGAL)
1029 fw_name = FIRMWARE_SECURE_IW624;
1030 else
1031 bt_dev_err(hdev, "Illegal loader version %02x", loader_ver);
1032 break;
1033 case CHIP_ID_AW693a0:
1034 if ((loader_ver & FW_SECURE_MASK) == FW_OPEN)
1035 fw_name = FIRMWARE_AW693;
1036 else if ((loader_ver & FW_SECURE_MASK) != FW_AUTH_ILLEGAL)
1037 fw_name = FIRMWARE_SECURE_AW693;
1038 else
1039 bt_dev_err(hdev, "Illegal loader version %02x", loader_ver);
1040 break;
1041 case CHIP_ID_AW693a1:
1042 if ((loader_ver & FW_SECURE_MASK) == FW_OPEN)
1043 fw_name = FIRMWARE_AW693_A1;
1044 else if ((loader_ver & FW_SECURE_MASK) != FW_AUTH_ILLEGAL)
1045 fw_name = FIRMWARE_SECURE_AW693_A1;
1046 else
1047 bt_dev_err(hdev, "Illegal loader version %02x", loader_ver);
1048 break;
1049 case CHIP_ID_IW610a0:
1050 case CHIP_ID_IW610a1:
1051 if ((loader_ver & FW_SECURE_MASK) == FW_OPEN)
1052 fw_name = FIRMWARE_IW610;
1053 else if ((loader_ver & FW_SECURE_MASK) != FW_AUTH_ILLEGAL)
1054 fw_name = FIRMWARE_SECURE_IW610;
1055 else
1056 bt_dev_err(hdev, "Illegal loader version %02x", loader_ver);
1057 break;
1058 default:
1059 bt_dev_err(hdev, "Unknown chip signature %04x", chipid);
1060 break;
1061 }
1062 return fw_name;
1063 }
1064
nxp_get_old_fw_name_from_chipid(struct hci_dev * hdev,u16 chipid,u8 loader_ver)1065 static char *nxp_get_old_fw_name_from_chipid(struct hci_dev *hdev, u16 chipid,
1066 u8 loader_ver)
1067 {
1068 char *fw_name_old = NULL;
1069
1070 switch (chipid) {
1071 case CHIP_ID_W9098:
1072 fw_name_old = FIRMWARE_W9098_OLD;
1073 break;
1074 case CHIP_ID_IW416:
1075 fw_name_old = FIRMWARE_IW416_OLD;
1076 break;
1077 }
1078 return fw_name_old;
1079 }
1080
nxp_recv_chip_ver_v3(struct hci_dev * hdev,struct sk_buff * skb)1081 static int nxp_recv_chip_ver_v3(struct hci_dev *hdev, struct sk_buff *skb)
1082 {
1083 struct v3_start_ind *req = skb_pull_data(skb, sizeof(*req));
1084 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
1085 const char *fw_name;
1086 const char *fw_name_old;
1087 u16 chip_id;
1088 u8 loader_ver;
1089
1090 if (!process_boot_signature(nxpdev))
1091 goto free_skb;
1092
1093 chip_id = le16_to_cpu(req->chip_id);
1094 loader_ver = req->loader_ver;
1095 bt_dev_info(hdev, "ChipID: %04x, Version: %d", chip_id, loader_ver);
1096 fw_name = nxp_get_fw_name_from_chipid(hdev, chip_id, loader_ver);
1097 fw_name_old = nxp_get_old_fw_name_from_chipid(hdev, chip_id, loader_ver);
1098 if (!nxp_request_firmware(hdev, fw_name, fw_name_old))
1099 nxp_send_ack(NXP_ACK_V3, hdev);
1100
1101 free_skb:
1102 kfree_skb(skb);
1103 return 0;
1104 }
1105
nxp_handle_fw_download_error(struct hci_dev * hdev,struct v3_data_req * req)1106 static void nxp_handle_fw_download_error(struct hci_dev *hdev, struct v3_data_req *req)
1107 {
1108 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
1109 __u32 offset = __le32_to_cpu(req->offset);
1110 __u16 err = __le16_to_cpu(req->error);
1111 union nxp_v3_rx_timeout_nak_u timeout_nak_buf;
1112 union nxp_v3_crc_nak_u crc_nak_buf;
1113
1114 if (err & NXP_CRC_RX_ERROR) {
1115 crc_nak_buf.pkt.nak = NXP_CRC_ERROR_V3;
1116 crc_nak_buf.pkt.crc = crc8(crc8_table, crc_nak_buf.buf,
1117 sizeof(crc_nak_buf) - 1, 0xff);
1118 serdev_device_write_buf(nxpdev->serdev, crc_nak_buf.buf,
1119 sizeof(crc_nak_buf));
1120 } else if (err & NXP_ACK_RX_TIMEOUT ||
1121 err & NXP_HDR_RX_TIMEOUT ||
1122 err & NXP_DATA_RX_TIMEOUT) {
1123 timeout_nak_buf.pkt.nak = NXP_NAK_V3;
1124 timeout_nak_buf.pkt.offset = __cpu_to_le32(offset);
1125 timeout_nak_buf.pkt.crc = crc8(crc8_table, timeout_nak_buf.buf,
1126 sizeof(timeout_nak_buf) - 1, 0xff);
1127 serdev_device_write_buf(nxpdev->serdev, timeout_nak_buf.buf,
1128 sizeof(timeout_nak_buf));
1129 } else {
1130 bt_dev_err(hdev, "Unknown bootloader error code: %d", err);
1131 }
1132 }
1133
nxp_recv_fw_req_v3(struct hci_dev * hdev,struct sk_buff * skb)1134 static int nxp_recv_fw_req_v3(struct hci_dev *hdev, struct sk_buff *skb)
1135 {
1136 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
1137 struct v3_data_req *req;
1138 __u16 len = 0;
1139 __u16 err = 0;
1140 __u32 offset;
1141
1142 if (!process_boot_signature(nxpdev))
1143 goto free_skb;
1144
1145 req = skb_pull_data(skb, sizeof(*req));
1146 if (!req || !nxpdev->fw)
1147 goto free_skb;
1148
1149 err = __le16_to_cpu(req->error);
1150
1151 if (!err) {
1152 nxp_send_ack(NXP_ACK_V3, hdev);
1153 if (nxpdev->timeout_changed == cmd_sent)
1154 nxpdev->timeout_changed = changed;
1155 if (nxpdev->baudrate_changed == cmd_sent)
1156 nxpdev->baudrate_changed = changed;
1157 } else {
1158 nxp_handle_fw_download_error(hdev, req);
1159 if (nxpdev->timeout_changed == cmd_sent &&
1160 err == NXP_CRC_RX_ERROR) {
1161 nxpdev->fw_v3_offset_correction -= nxpdev->fw_v3_prev_sent;
1162 nxpdev->timeout_changed = not_changed;
1163 }
1164 if (nxpdev->baudrate_changed == cmd_sent &&
1165 err == NXP_CRC_RX_ERROR) {
1166 nxpdev->fw_v3_offset_correction -= nxpdev->fw_v3_prev_sent;
1167 nxpdev->baudrate_changed = not_changed;
1168 }
1169 goto free_skb;
1170 }
1171
1172 len = __le16_to_cpu(req->len);
1173
1174 if (nxpdev->timeout_changed != changed) {
1175 nxp_fw_change_timeout(hdev, len);
1176 nxpdev->timeout_changed = cmd_sent;
1177 goto free_skb;
1178 }
1179
1180 if (nxpdev->baudrate_changed != changed) {
1181 if (nxp_fw_change_baudrate(hdev, len)) {
1182 nxpdev->baudrate_changed = cmd_sent;
1183 serdev_device_set_baudrate(nxpdev->serdev,
1184 HCI_NXP_SEC_BAUDRATE);
1185 serdev_device_set_flow_control(nxpdev->serdev, true);
1186 nxpdev->current_baudrate = HCI_NXP_SEC_BAUDRATE;
1187 }
1188 goto free_skb;
1189 }
1190
1191 if (req->len == 0) {
1192 bt_dev_info(hdev, "FW Download Complete: %zu bytes",
1193 nxpdev->fw->size);
1194 clear_bit(BTNXPUART_FW_DOWNLOADING, &nxpdev->tx_state);
1195 wake_up_interruptible(&nxpdev->fw_dnld_done_wait_q);
1196 goto free_skb;
1197 }
1198
1199 offset = __le32_to_cpu(req->offset);
1200 if (offset < nxpdev->fw_v3_offset_correction) {
1201 /* This scenario should ideally never occur. But if it ever does,
1202 * FW is out of sync and needs a power cycle.
1203 */
1204 bt_dev_err(hdev, "Something went wrong during FW download");
1205 bt_dev_err(hdev, "Please power cycle and try again");
1206 goto free_skb;
1207 }
1208
1209 nxpdev->fw_dnld_v3_offset = offset - nxpdev->fw_v3_offset_correction;
1210 serdev_device_write_buf(nxpdev->serdev, nxpdev->fw->data +
1211 nxpdev->fw_dnld_v3_offset, len);
1212
1213 free_skb:
1214 nxpdev->fw_v3_prev_sent = len;
1215 kfree_skb(skb);
1216 return 0;
1217 }
1218
nxp_set_baudrate_cmd(struct hci_dev * hdev,void * data)1219 static int nxp_set_baudrate_cmd(struct hci_dev *hdev, void *data)
1220 {
1221 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
1222 __le32 new_baudrate = __cpu_to_le32(nxpdev->new_baudrate);
1223 struct ps_data *psdata = &nxpdev->psdata;
1224 struct sk_buff *skb;
1225 u8 *status;
1226
1227 if (!psdata)
1228 return 0;
1229
1230 skb = nxp_drv_send_cmd(hdev, HCI_NXP_SET_OPER_SPEED, 4, (u8 *)&new_baudrate);
1231 if (IS_ERR(skb)) {
1232 bt_dev_err(hdev, "Setting baudrate failed (%ld)", PTR_ERR(skb));
1233 return PTR_ERR(skb);
1234 }
1235
1236 status = (u8 *)skb_pull_data(skb, 1);
1237 if (status) {
1238 if (*status == 0) {
1239 serdev_device_set_baudrate(nxpdev->serdev, nxpdev->new_baudrate);
1240 nxpdev->current_baudrate = nxpdev->new_baudrate;
1241 }
1242 bt_dev_dbg(hdev, "Set baudrate response: status=%d, baudrate=%d",
1243 *status, nxpdev->new_baudrate);
1244 }
1245 kfree_skb(skb);
1246
1247 return 0;
1248 }
1249
nxp_check_boot_sign(struct btnxpuart_dev * nxpdev)1250 static int nxp_check_boot_sign(struct btnxpuart_dev *nxpdev)
1251 {
1252 serdev_device_set_baudrate(nxpdev->serdev, HCI_NXP_PRI_BAUDRATE);
1253 if (ind_reset_in_progress(nxpdev))
1254 serdev_device_set_flow_control(nxpdev->serdev, false);
1255 else
1256 serdev_device_set_flow_control(nxpdev->serdev, true);
1257 set_bit(BTNXPUART_CHECK_BOOT_SIGNATURE, &nxpdev->tx_state);
1258
1259 return wait_event_interruptible_timeout(nxpdev->check_boot_sign_wait_q,
1260 !test_bit(BTNXPUART_CHECK_BOOT_SIGNATURE,
1261 &nxpdev->tx_state),
1262 msecs_to_jiffies(1000));
1263 }
1264
nxp_set_ind_reset(struct hci_dev * hdev,void * data)1265 static int nxp_set_ind_reset(struct hci_dev *hdev, void *data)
1266 {
1267 static const u8 ir_hw_err[] = { HCI_EV_HARDWARE_ERROR,
1268 0x01, BTNXPUART_IR_HW_ERR };
1269 struct sk_buff *skb;
1270
1271 skb = bt_skb_alloc(3, GFP_ATOMIC);
1272 if (!skb)
1273 return -ENOMEM;
1274
1275 hci_skb_pkt_type(skb) = HCI_EVENT_PKT;
1276 skb_put_data(skb, ir_hw_err, 3);
1277
1278 /* Inject Hardware Error to upper stack */
1279 return hci_recv_frame(hdev, skb);
1280 }
1281
1282 /* Firmware dump */
nxp_coredump(struct hci_dev * hdev)1283 static void nxp_coredump(struct hci_dev *hdev)
1284 {
1285 struct sk_buff *skb;
1286 u8 pcmd = 2;
1287
1288 skb = nxp_drv_send_cmd(hdev, HCI_NXP_TRIGGER_DUMP, 1, &pcmd);
1289 if (!IS_ERR(skb))
1290 kfree_skb(skb);
1291 }
1292
nxp_coredump_hdr(struct hci_dev * hdev,struct sk_buff * skb)1293 static void nxp_coredump_hdr(struct hci_dev *hdev, struct sk_buff *skb)
1294 {
1295 /* Nothing to be added in FW dump header */
1296 }
1297
nxp_process_fw_dump(struct hci_dev * hdev,struct sk_buff * skb)1298 static int nxp_process_fw_dump(struct hci_dev *hdev, struct sk_buff *skb)
1299 {
1300 struct hci_acl_hdr *acl_hdr = (struct hci_acl_hdr *)skb_pull_data(skb,
1301 sizeof(*acl_hdr));
1302 struct nxp_fw_dump_hdr *fw_dump_hdr = (struct nxp_fw_dump_hdr *)skb->data;
1303 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
1304 __u16 seq_num = __le16_to_cpu(fw_dump_hdr->seq_num);
1305 __u16 buf_len = __le16_to_cpu(fw_dump_hdr->buf_len);
1306 int err;
1307
1308 if (seq_num == 0x0001) {
1309 if (test_and_set_bit(BTNXPUART_FW_DUMP_IN_PROGRESS, &nxpdev->tx_state)) {
1310 bt_dev_err(hdev, "FW dump already in progress");
1311 goto free_skb;
1312 }
1313 bt_dev_warn(hdev, "==== Start FW dump ===");
1314 err = hci_devcd_init(hdev, NXP_FW_DUMP_SIZE);
1315 if (err < 0)
1316 goto free_skb;
1317
1318 schedule_delayed_work(&hdev->dump.dump_timeout,
1319 msecs_to_jiffies(20000));
1320 }
1321
1322 err = hci_devcd_append(hdev, skb_clone(skb, GFP_ATOMIC));
1323 if (err < 0)
1324 goto free_skb;
1325
1326 if (buf_len == 0) {
1327 bt_dev_warn(hdev, "==== FW dump complete ===");
1328 clear_bit(BTNXPUART_FW_DUMP_IN_PROGRESS, &nxpdev->tx_state);
1329 hci_devcd_complete(hdev);
1330 nxp_set_ind_reset(hdev, NULL);
1331 }
1332
1333 free_skb:
1334 kfree_skb(skb);
1335 return 0;
1336 }
1337
nxp_recv_acl_pkt(struct hci_dev * hdev,struct sk_buff * skb)1338 static int nxp_recv_acl_pkt(struct hci_dev *hdev, struct sk_buff *skb)
1339 {
1340 __u16 handle = __le16_to_cpu(hci_acl_hdr(skb)->handle);
1341
1342 /* FW dump chunks are ACL packets with conn handle 0xfff */
1343 if ((handle & 0x0FFF) == 0xFFF)
1344 return nxp_process_fw_dump(hdev, skb);
1345 else
1346 return hci_recv_frame(hdev, skb);
1347 }
1348
nxp_set_bdaddr(struct hci_dev * hdev,const bdaddr_t * bdaddr)1349 static int nxp_set_bdaddr(struct hci_dev *hdev, const bdaddr_t *bdaddr)
1350 {
1351 union nxp_set_bd_addr_payload pcmd;
1352 int err;
1353
1354 pcmd.data.param_id = 0xfe;
1355 pcmd.data.param_len = 6;
1356 memcpy(pcmd.data.param, bdaddr, 6);
1357
1358 /* BD address can be assigned only after first reset command. */
1359 err = __hci_cmd_sync_status(hdev, HCI_OP_RESET, 0, NULL,
1360 HCI_INIT_TIMEOUT);
1361 if (err) {
1362 bt_dev_err(hdev,
1363 "Reset before setting local-bd-addr failed (%d)",
1364 err);
1365 return err;
1366 }
1367
1368 err = __hci_cmd_sync_status(hdev, HCI_NXP_SET_BD_ADDR, sizeof(pcmd),
1369 pcmd.buf, HCI_CMD_TIMEOUT);
1370 if (err) {
1371 bt_dev_err(hdev, "Changing device address failed (%d)", err);
1372 return err;
1373 }
1374
1375 return 0;
1376 }
1377
1378 /* NXP protocol */
nxp_setup(struct hci_dev * hdev)1379 static int nxp_setup(struct hci_dev *hdev)
1380 {
1381 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
1382 int err = 0;
1383
1384 if (nxp_check_boot_sign(nxpdev)) {
1385 bt_dev_dbg(hdev, "Need FW Download.");
1386 err = nxp_download_firmware(hdev);
1387 if (err < 0)
1388 return err;
1389 } else {
1390 bt_dev_info(hdev, "FW already running.");
1391 clear_bit(BTNXPUART_FW_DOWNLOADING, &nxpdev->tx_state);
1392 }
1393
1394 serdev_device_set_baudrate(nxpdev->serdev, nxpdev->fw_init_baudrate);
1395 nxpdev->current_baudrate = nxpdev->fw_init_baudrate;
1396
1397 ps_init(hdev);
1398
1399 if (test_and_clear_bit(BTNXPUART_IR_IN_PROGRESS, &nxpdev->tx_state))
1400 hci_dev_clear_flag(hdev, HCI_SETUP);
1401
1402 return 0;
1403 }
1404
nxp_post_init(struct hci_dev * hdev)1405 static int nxp_post_init(struct hci_dev *hdev)
1406 {
1407 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
1408 struct ps_data *psdata = &nxpdev->psdata;
1409
1410 if (nxpdev->current_baudrate != HCI_NXP_SEC_BAUDRATE) {
1411 nxpdev->new_baudrate = HCI_NXP_SEC_BAUDRATE;
1412 nxp_set_baudrate_cmd(hdev, NULL);
1413 }
1414 if (psdata->cur_h2c_wakeupmode != psdata->h2c_wakeupmode)
1415 send_wakeup_method_cmd(hdev, NULL);
1416 if (psdata->cur_psmode != psdata->target_ps_mode)
1417 send_ps_cmd(hdev, NULL);
1418 return 0;
1419 }
1420
nxp_hw_err(struct hci_dev * hdev,u8 code)1421 static void nxp_hw_err(struct hci_dev *hdev, u8 code)
1422 {
1423 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
1424
1425 switch (code) {
1426 case BTNXPUART_IR_HW_ERR:
1427 set_bit(BTNXPUART_IR_IN_PROGRESS, &nxpdev->tx_state);
1428 hci_dev_set_flag(hdev, HCI_SETUP);
1429 break;
1430 default:
1431 break;
1432 }
1433 }
1434
nxp_shutdown(struct hci_dev * hdev)1435 static int nxp_shutdown(struct hci_dev *hdev)
1436 {
1437 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
1438 struct sk_buff *skb;
1439 u8 pcmd = 0;
1440
1441 if (ind_reset_in_progress(nxpdev)) {
1442 skb = nxp_drv_send_cmd(hdev, HCI_NXP_IND_RESET, 1, &pcmd);
1443 serdev_device_set_flow_control(nxpdev->serdev, false);
1444 set_bit(BTNXPUART_FW_DOWNLOADING, &nxpdev->tx_state);
1445 /* HCI_NXP_IND_RESET command may not returns any response */
1446 if (!IS_ERR(skb))
1447 kfree_skb(skb);
1448 } else if (nxpdev->current_baudrate != nxpdev->fw_init_baudrate) {
1449 nxpdev->new_baudrate = nxpdev->fw_init_baudrate;
1450 nxp_set_baudrate_cmd(hdev, NULL);
1451 }
1452
1453 return 0;
1454 }
1455
nxp_wakeup(struct hci_dev * hdev)1456 static bool nxp_wakeup(struct hci_dev *hdev)
1457 {
1458 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
1459 struct ps_data *psdata = &nxpdev->psdata;
1460
1461 if (psdata->c2h_wakeupmode != BT_HOST_WAKEUP_METHOD_NONE)
1462 return true;
1463
1464 return false;
1465 }
1466
nxp_reset(struct hci_dev * hdev)1467 static void nxp_reset(struct hci_dev *hdev)
1468 {
1469 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
1470
1471 if (!ind_reset_in_progress(nxpdev) && !fw_dump_in_progress(nxpdev)) {
1472 bt_dev_dbg(hdev, "CMD Timeout detected. Resetting.");
1473 nxp_set_ind_reset(hdev, NULL);
1474 }
1475 }
1476
btnxpuart_queue_skb(struct hci_dev * hdev,struct sk_buff * skb)1477 static int btnxpuart_queue_skb(struct hci_dev *hdev, struct sk_buff *skb)
1478 {
1479 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
1480
1481 /* Prepend skb with frame type */
1482 memcpy(skb_push(skb, 1), &hci_skb_pkt_type(skb), 1);
1483 skb_queue_tail(&nxpdev->txq, skb);
1484 btnxpuart_tx_wakeup(nxpdev);
1485 return 0;
1486 }
1487
nxp_enqueue(struct hci_dev * hdev,struct sk_buff * skb)1488 static int nxp_enqueue(struct hci_dev *hdev, struct sk_buff *skb)
1489 {
1490 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
1491 struct ps_data *psdata = &nxpdev->psdata;
1492 struct hci_command_hdr *hdr;
1493 struct psmode_cmd_payload ps_parm;
1494 struct wakeup_cmd_payload wakeup_parm;
1495 __le32 baudrate_parm;
1496
1497 if (fw_dump_in_progress(nxpdev))
1498 return -EBUSY;
1499
1500 /* if vendor commands are received from user space (e.g. hcitool), update
1501 * driver flags accordingly and ask driver to re-send the command to FW.
1502 * In case the payload for any command does not match expected payload
1503 * length, let the firmware and user space program handle it, or throw
1504 * an error.
1505 */
1506 if (bt_cb(skb)->pkt_type == HCI_COMMAND_PKT && !psdata->driver_sent_cmd) {
1507 hdr = (struct hci_command_hdr *)skb->data;
1508 if (hdr->plen != (skb->len - HCI_COMMAND_HDR_SIZE))
1509 return btnxpuart_queue_skb(hdev, skb);
1510
1511 switch (__le16_to_cpu(hdr->opcode)) {
1512 case HCI_NXP_AUTO_SLEEP_MODE:
1513 if (hdr->plen == sizeof(ps_parm)) {
1514 memcpy(&ps_parm, skb->data + HCI_COMMAND_HDR_SIZE, hdr->plen);
1515 if (ps_parm.ps_cmd == BT_PS_ENABLE)
1516 psdata->target_ps_mode = PS_MODE_ENABLE;
1517 else if (ps_parm.ps_cmd == BT_PS_DISABLE)
1518 psdata->target_ps_mode = PS_MODE_DISABLE;
1519 psdata->c2h_ps_interval = __le16_to_cpu(ps_parm.c2h_ps_interval);
1520 hci_cmd_sync_queue(hdev, send_ps_cmd, NULL, NULL);
1521 goto free_skb;
1522 }
1523 break;
1524 case HCI_NXP_WAKEUP_METHOD:
1525 if (hdr->plen == sizeof(wakeup_parm)) {
1526 memcpy(&wakeup_parm, skb->data + HCI_COMMAND_HDR_SIZE, hdr->plen);
1527 psdata->c2h_wakeupmode = wakeup_parm.c2h_wakeupmode;
1528 psdata->c2h_wakeup_gpio = wakeup_parm.c2h_wakeup_gpio;
1529 psdata->h2c_wakeup_gpio = wakeup_parm.h2c_wakeup_gpio;
1530 switch (wakeup_parm.h2c_wakeupmode) {
1531 case BT_CTRL_WAKEUP_METHOD_GPIO:
1532 psdata->h2c_wakeupmode = WAKEUP_METHOD_GPIO;
1533 break;
1534 case BT_CTRL_WAKEUP_METHOD_DSR:
1535 psdata->h2c_wakeupmode = WAKEUP_METHOD_DTR;
1536 break;
1537 case BT_CTRL_WAKEUP_METHOD_BREAK:
1538 default:
1539 psdata->h2c_wakeupmode = WAKEUP_METHOD_BREAK;
1540 break;
1541 }
1542 hci_cmd_sync_queue(hdev, send_wakeup_method_cmd, NULL, NULL);
1543 goto free_skb;
1544 }
1545 break;
1546 case HCI_NXP_SET_OPER_SPEED:
1547 if (hdr->plen == sizeof(baudrate_parm)) {
1548 memcpy(&baudrate_parm, skb->data + HCI_COMMAND_HDR_SIZE, hdr->plen);
1549 nxpdev->new_baudrate = __le32_to_cpu(baudrate_parm);
1550 hci_cmd_sync_queue(hdev, nxp_set_baudrate_cmd, NULL, NULL);
1551 goto free_skb;
1552 }
1553 break;
1554 case HCI_NXP_IND_RESET:
1555 if (hdr->plen == 1) {
1556 hci_cmd_sync_queue(hdev, nxp_set_ind_reset, NULL, NULL);
1557 goto free_skb;
1558 }
1559 break;
1560 default:
1561 break;
1562 }
1563 }
1564
1565 return btnxpuart_queue_skb(hdev, skb);
1566
1567 free_skb:
1568 kfree_skb(skb);
1569 return 0;
1570 }
1571
nxp_dequeue(void * data)1572 static struct sk_buff *nxp_dequeue(void *data)
1573 {
1574 struct btnxpuart_dev *nxpdev = (struct btnxpuart_dev *)data;
1575
1576 ps_start_timer(nxpdev);
1577 return skb_dequeue(&nxpdev->txq);
1578 }
1579
1580 /* btnxpuart based on serdev */
btnxpuart_tx_work(struct work_struct * work)1581 static void btnxpuart_tx_work(struct work_struct *work)
1582 {
1583 struct btnxpuart_dev *nxpdev = container_of(work, struct btnxpuart_dev,
1584 tx_work);
1585 struct serdev_device *serdev = nxpdev->serdev;
1586 struct hci_dev *hdev = nxpdev->hdev;
1587 struct sk_buff *skb;
1588 int len;
1589
1590 if (ps_wakeup(nxpdev))
1591 return;
1592
1593 while ((skb = nxp_dequeue(nxpdev))) {
1594 len = serdev_device_write_buf(serdev, skb->data, skb->len);
1595 hdev->stat.byte_tx += len;
1596
1597 skb_pull(skb, len);
1598 if (skb->len > 0) {
1599 skb_queue_head(&nxpdev->txq, skb);
1600 continue;
1601 }
1602
1603 switch (hci_skb_pkt_type(skb)) {
1604 case HCI_COMMAND_PKT:
1605 hdev->stat.cmd_tx++;
1606 break;
1607 case HCI_ACLDATA_PKT:
1608 hdev->stat.acl_tx++;
1609 break;
1610 case HCI_SCODATA_PKT:
1611 hdev->stat.sco_tx++;
1612 break;
1613 }
1614
1615 kfree_skb(skb);
1616 }
1617 clear_bit(BTNXPUART_TX_STATE_ACTIVE, &nxpdev->tx_state);
1618 }
1619
btnxpuart_open(struct hci_dev * hdev)1620 static int btnxpuart_open(struct hci_dev *hdev)
1621 {
1622 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
1623 int err = 0;
1624
1625 err = serdev_device_open(nxpdev->serdev);
1626 if (err) {
1627 bt_dev_err(hdev, "Unable to open UART device %s",
1628 dev_name(&nxpdev->serdev->dev));
1629 } else {
1630 set_bit(BTNXPUART_SERDEV_OPEN, &nxpdev->tx_state);
1631 }
1632 return err;
1633 }
1634
btnxpuart_close(struct hci_dev * hdev)1635 static int btnxpuart_close(struct hci_dev *hdev)
1636 {
1637 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
1638
1639 serdev_device_close(nxpdev->serdev);
1640 skb_queue_purge(&nxpdev->txq);
1641 if (!IS_ERR_OR_NULL(nxpdev->rx_skb)) {
1642 kfree_skb(nxpdev->rx_skb);
1643 nxpdev->rx_skb = NULL;
1644 }
1645 clear_bit(BTNXPUART_SERDEV_OPEN, &nxpdev->tx_state);
1646 return 0;
1647 }
1648
btnxpuart_flush(struct hci_dev * hdev)1649 static int btnxpuart_flush(struct hci_dev *hdev)
1650 {
1651 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
1652
1653 /* Flush any pending characters */
1654 serdev_device_write_flush(nxpdev->serdev);
1655 skb_queue_purge(&nxpdev->txq);
1656
1657 cancel_work_sync(&nxpdev->tx_work);
1658
1659 if (!IS_ERR_OR_NULL(nxpdev->rx_skb)) {
1660 kfree_skb(nxpdev->rx_skb);
1661 nxpdev->rx_skb = NULL;
1662 }
1663
1664 return 0;
1665 }
1666
1667 static const struct h4_recv_pkt nxp_recv_pkts[] = {
1668 { H4_RECV_ACL, .recv = nxp_recv_acl_pkt },
1669 { H4_RECV_SCO, .recv = hci_recv_frame },
1670 { H4_RECV_EVENT, .recv = hci_recv_frame },
1671 { H4_RECV_ISO, .recv = hci_recv_frame },
1672 { NXP_RECV_CHIP_VER_V1, .recv = nxp_recv_chip_ver_v1 },
1673 { NXP_RECV_FW_REQ_V1, .recv = nxp_recv_fw_req_v1 },
1674 { NXP_RECV_CHIP_VER_V3, .recv = nxp_recv_chip_ver_v3 },
1675 { NXP_RECV_FW_REQ_V3, .recv = nxp_recv_fw_req_v3 },
1676 };
1677
btnxpuart_receive_buf(struct serdev_device * serdev,const u8 * data,size_t count)1678 static size_t btnxpuart_receive_buf(struct serdev_device *serdev,
1679 const u8 *data, size_t count)
1680 {
1681 struct btnxpuart_dev *nxpdev = serdev_device_get_drvdata(serdev);
1682
1683 ps_start_timer(nxpdev);
1684
1685 nxpdev->rx_skb = h4_recv_buf(nxpdev->hdev, nxpdev->rx_skb, data, count,
1686 nxp_recv_pkts, ARRAY_SIZE(nxp_recv_pkts));
1687 if (IS_ERR(nxpdev->rx_skb)) {
1688 int err = PTR_ERR(nxpdev->rx_skb);
1689 /* Safe to ignore out-of-sync bootloader signatures */
1690 if (!is_fw_downloading(nxpdev) &&
1691 !ind_reset_in_progress(nxpdev))
1692 bt_dev_err(nxpdev->hdev, "Frame reassembly failed (%d)", err);
1693 return count;
1694 }
1695 if (!is_fw_downloading(nxpdev) &&
1696 !ind_reset_in_progress(nxpdev))
1697 nxpdev->hdev->stat.byte_rx += count;
1698 return count;
1699 }
1700
btnxpuart_write_wakeup(struct serdev_device * serdev)1701 static void btnxpuart_write_wakeup(struct serdev_device *serdev)
1702 {
1703 serdev_device_write_wakeup(serdev);
1704 }
1705
1706 static const struct serdev_device_ops btnxpuart_client_ops = {
1707 .receive_buf = btnxpuart_receive_buf,
1708 .write_wakeup = btnxpuart_write_wakeup,
1709 };
1710
nxp_serdev_probe(struct serdev_device * serdev)1711 static int nxp_serdev_probe(struct serdev_device *serdev)
1712 {
1713 struct hci_dev *hdev;
1714 struct btnxpuart_dev *nxpdev;
1715 bdaddr_t ba = {0};
1716
1717 nxpdev = devm_kzalloc(&serdev->dev, sizeof(*nxpdev), GFP_KERNEL);
1718 if (!nxpdev)
1719 return -ENOMEM;
1720
1721 nxpdev->nxp_data = (struct btnxpuart_data *)device_get_match_data(&serdev->dev);
1722
1723 nxpdev->serdev = serdev;
1724 serdev_device_set_drvdata(serdev, nxpdev);
1725
1726 serdev_device_set_client_ops(serdev, &btnxpuart_client_ops);
1727
1728 INIT_WORK(&nxpdev->tx_work, btnxpuart_tx_work);
1729 skb_queue_head_init(&nxpdev->txq);
1730
1731 init_waitqueue_head(&nxpdev->fw_dnld_done_wait_q);
1732 init_waitqueue_head(&nxpdev->check_boot_sign_wait_q);
1733
1734 device_property_read_u32(&nxpdev->serdev->dev, "fw-init-baudrate",
1735 &nxpdev->fw_init_baudrate);
1736 if (!nxpdev->fw_init_baudrate)
1737 nxpdev->fw_init_baudrate = FW_INIT_BAUDRATE;
1738
1739 set_bit(BTNXPUART_FW_DOWNLOADING, &nxpdev->tx_state);
1740
1741 crc8_populate_msb(crc8_table, POLYNOMIAL8);
1742
1743 /* Initialize and register HCI device */
1744 hdev = hci_alloc_dev();
1745 if (!hdev) {
1746 dev_err(&serdev->dev, "Can't allocate HCI device\n");
1747 return -ENOMEM;
1748 }
1749
1750 nxpdev->hdev = hdev;
1751
1752 hdev->bus = HCI_UART;
1753 hci_set_drvdata(hdev, nxpdev);
1754
1755 hdev->manufacturer = MANUFACTURER_NXP;
1756 hdev->open = btnxpuart_open;
1757 hdev->close = btnxpuart_close;
1758 hdev->flush = btnxpuart_flush;
1759 hdev->setup = nxp_setup;
1760 hdev->post_init = nxp_post_init;
1761 hdev->send = nxp_enqueue;
1762 hdev->hw_error = nxp_hw_err;
1763 hdev->shutdown = nxp_shutdown;
1764 hdev->wakeup = nxp_wakeup;
1765 hdev->reset = nxp_reset;
1766 hdev->set_bdaddr = nxp_set_bdaddr;
1767 SET_HCIDEV_DEV(hdev, &serdev->dev);
1768
1769 device_property_read_u8_array(&nxpdev->serdev->dev,
1770 "local-bd-address",
1771 (u8 *)&ba, sizeof(ba));
1772 if (bacmp(&ba, BDADDR_ANY))
1773 set_bit(HCI_QUIRK_USE_BDADDR_PROPERTY, &hdev->quirks);
1774
1775 if (hci_register_dev(hdev) < 0) {
1776 dev_err(&serdev->dev, "Can't register HCI device\n");
1777 goto probe_fail;
1778 }
1779
1780 if (ps_setup(hdev))
1781 goto probe_fail;
1782
1783 hci_devcd_register(hdev, nxp_coredump, nxp_coredump_hdr, NULL);
1784
1785 return 0;
1786
1787 probe_fail:
1788 hci_free_dev(hdev);
1789 return -ENODEV;
1790 }
1791
nxp_serdev_remove(struct serdev_device * serdev)1792 static void nxp_serdev_remove(struct serdev_device *serdev)
1793 {
1794 struct btnxpuart_dev *nxpdev = serdev_device_get_drvdata(serdev);
1795 struct hci_dev *hdev = nxpdev->hdev;
1796
1797 if (is_fw_downloading(nxpdev)) {
1798 set_bit(BTNXPUART_FW_DOWNLOAD_ABORT, &nxpdev->tx_state);
1799 clear_bit(BTNXPUART_FW_DOWNLOADING, &nxpdev->tx_state);
1800 wake_up_interruptible(&nxpdev->check_boot_sign_wait_q);
1801 wake_up_interruptible(&nxpdev->fw_dnld_done_wait_q);
1802 }
1803
1804 if (test_bit(HCI_RUNNING, &hdev->flags)) {
1805 /* Ensure shutdown callback is executed before unregistering, so
1806 * that baudrate is reset to initial value.
1807 */
1808 nxp_shutdown(hdev);
1809 }
1810
1811 ps_cleanup(nxpdev);
1812 hci_unregister_dev(hdev);
1813 hci_free_dev(hdev);
1814 }
1815
1816 #ifdef CONFIG_PM_SLEEP
nxp_serdev_suspend(struct device * dev)1817 static int nxp_serdev_suspend(struct device *dev)
1818 {
1819 struct btnxpuart_dev *nxpdev = dev_get_drvdata(dev);
1820 struct ps_data *psdata = &nxpdev->psdata;
1821
1822 ps_control(psdata->hdev, PS_STATE_SLEEP);
1823 return 0;
1824 }
1825
nxp_serdev_resume(struct device * dev)1826 static int nxp_serdev_resume(struct device *dev)
1827 {
1828 struct btnxpuart_dev *nxpdev = dev_get_drvdata(dev);
1829 struct ps_data *psdata = &nxpdev->psdata;
1830
1831 ps_control(psdata->hdev, PS_STATE_AWAKE);
1832 return 0;
1833 }
1834 #endif
1835
1836 #ifdef CONFIG_DEV_COREDUMP
nxp_serdev_coredump(struct device * dev)1837 static void nxp_serdev_coredump(struct device *dev)
1838 {
1839 struct btnxpuart_dev *nxpdev = dev_get_drvdata(dev);
1840 struct hci_dev *hdev = nxpdev->hdev;
1841
1842 if (hdev->dump.coredump)
1843 hdev->dump.coredump(hdev);
1844 }
1845 #endif
1846
1847 static struct btnxpuart_data w8987_data __maybe_unused = {
1848 .helper_fw_name = NULL,
1849 .fw_name = FIRMWARE_W8987,
1850 .fw_name_old = FIRMWARE_W8987_OLD,
1851 };
1852
1853 static struct btnxpuart_data w8997_data __maybe_unused = {
1854 .helper_fw_name = FIRMWARE_HELPER,
1855 .fw_name = FIRMWARE_W8997,
1856 .fw_name_old = FIRMWARE_W8997_OLD,
1857 };
1858
1859 static const struct of_device_id nxpuart_of_match_table[] __maybe_unused = {
1860 { .compatible = "nxp,88w8987-bt", .data = &w8987_data },
1861 { .compatible = "nxp,88w8997-bt", .data = &w8997_data },
1862 { }
1863 };
1864 MODULE_DEVICE_TABLE(of, nxpuart_of_match_table);
1865
1866 static const struct dev_pm_ops nxp_pm_ops = {
1867 SET_SYSTEM_SLEEP_PM_OPS(nxp_serdev_suspend, nxp_serdev_resume)
1868 };
1869
1870 static struct serdev_device_driver nxp_serdev_driver = {
1871 .probe = nxp_serdev_probe,
1872 .remove = nxp_serdev_remove,
1873 .driver = {
1874 .name = "btnxpuart",
1875 .of_match_table = of_match_ptr(nxpuart_of_match_table),
1876 .pm = &nxp_pm_ops,
1877 #ifdef CONFIG_DEV_COREDUMP
1878 .coredump = nxp_serdev_coredump,
1879 #endif
1880 },
1881 };
1882
1883 module_serdev_device_driver(nxp_serdev_driver);
1884
1885 MODULE_AUTHOR("Neeraj Sanjay Kale <neeraj.sanjaykale@nxp.com>");
1886 MODULE_DESCRIPTION("NXP Bluetooth Serial driver");
1887 MODULE_LICENSE("GPL");
1888