1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3 * NXP Bluetooth driver
4 * Copyright 2023-2025 NXP
5 */
6
7 #include <linux/module.h>
8 #include <linux/kernel.h>
9
10 #include <linux/serdev.h>
11 #include <linux/of.h>
12 #include <linux/skbuff.h>
13 #include <linux/unaligned.h>
14 #include <linux/firmware.h>
15 #include <linux/string.h>
16 #include <linux/crc8.h>
17 #include <linux/crc32.h>
18 #include <linux/string_helpers.h>
19 #include <linux/gpio/consumer.h>
20
21 #include <net/bluetooth/bluetooth.h>
22 #include <net/bluetooth/hci_core.h>
23
24 #include "h4_recv.h"
25
26 #define MANUFACTURER_NXP 37
27
28 #define BTNXPUART_TX_STATE_ACTIVE 1
29 #define BTNXPUART_FW_DOWNLOADING 2
30 #define BTNXPUART_CHECK_BOOT_SIGNATURE 3
31 #define BTNXPUART_SERDEV_OPEN 4
32 #define BTNXPUART_IR_IN_PROGRESS 5
33 #define BTNXPUART_FW_DOWNLOAD_ABORT 6
34 #define BTNXPUART_FW_DUMP_IN_PROGRESS 7
35
36 /* NXP HW err codes */
37 #define BTNXPUART_IR_HW_ERR 0xb0
38
39 #define FIRMWARE_W8987 "uart8987_bt.bin"
40 #define FIRMWARE_W8987_OLD "uartuart8987_bt.bin"
41 #define FIRMWARE_W8997 "uart8997_bt_v4.bin"
42 #define FIRMWARE_W8997_OLD "uartuart8997_bt_v4.bin"
43 #define FIRMWARE_W9098 "uart9098_bt_v1.bin"
44 #define FIRMWARE_W9098_OLD "uartuart9098_bt_v1.bin"
45 #define FIRMWARE_IW416 "uartiw416_bt.bin"
46 #define FIRMWARE_IW416_OLD "uartiw416_bt_v0.bin"
47 #define FIRMWARE_IW612 "uartspi_n61x_v1.bin.se"
48 #define FIRMWARE_IW610 "uartspi_iw610.bin"
49 #define FIRMWARE_SECURE_IW610 "uartspi_iw610.bin.se"
50 #define FIRMWARE_IW624 "uartiw624_bt.bin"
51 #define FIRMWARE_SECURE_IW624 "uartiw624_bt.bin.se"
52 #define FIRMWARE_AW693 "uartaw693_bt.bin"
53 #define FIRMWARE_SECURE_AW693 "uartaw693_bt.bin.se"
54 #define FIRMWARE_AW693_A1 "uartaw693_bt_v1.bin"
55 #define FIRMWARE_SECURE_AW693_A1 "uartaw693_bt_v1.bin.se"
56 #define FIRMWARE_HELPER "helper_uart_3000000.bin"
57
58 #define CHIP_ID_W9098 0x5c03
59 #define CHIP_ID_IW416 0x7201
60 #define CHIP_ID_IW612 0x7601
61 #define CHIP_ID_IW624a 0x8000
62 #define CHIP_ID_IW624c 0x8001
63 #define CHIP_ID_AW693a0 0x8200
64 #define CHIP_ID_AW693a1 0x8201
65 #define CHIP_ID_IW610a0 0x8800
66 #define CHIP_ID_IW610a1 0x8801
67
68 #define FW_SECURE_MASK 0xc0
69 #define FW_OPEN 0x00
70 #define FW_AUTH_ILLEGAL 0x40
71 #define FW_AUTH_PLAIN 0x80
72 #define FW_AUTH_ENC 0xc0
73
74 #define HCI_NXP_PRI_BAUDRATE 115200
75 #define HCI_NXP_SEC_BAUDRATE 3000000
76
77 #define MAX_FW_FILE_NAME_LEN 50
78
79 /* Default ps timeout period in milliseconds */
80 #define PS_DEFAULT_TIMEOUT_PERIOD_MS 2000
81
82 /* wakeup methods */
83 #define WAKEUP_METHOD_DTR 0
84 #define WAKEUP_METHOD_BREAK 1
85 #define WAKEUP_METHOD_EXT_BREAK 2
86 #define WAKEUP_METHOD_RTS 3
87 #define WAKEUP_METHOD_GPIO 4
88 #define WAKEUP_METHOD_INVALID 0xff
89
90 /* power save mode status */
91 #define PS_MODE_DISABLE 0
92 #define PS_MODE_ENABLE 1
93
94 /* Power Save Commands to ps_work_func */
95 #define PS_CMD_EXIT_PS 1
96 #define PS_CMD_ENTER_PS 2
97
98 /* power save state */
99 #define PS_STATE_AWAKE 0
100 #define PS_STATE_SLEEP 1
101
102 /* NXP Vendor Commands. Refer user manual UM11628 on nxp.com */
103 /* Set custom BD Address */
104 #define HCI_NXP_SET_BD_ADDR 0xfc22
105 /* Set Auto-Sleep mode */
106 #define HCI_NXP_AUTO_SLEEP_MODE 0xfc23
107 /* Set Wakeup method */
108 #define HCI_NXP_WAKEUP_METHOD 0xfc53
109 /* Set operational baudrate */
110 #define HCI_NXP_SET_OPER_SPEED 0xfc09
111 /* Independent Reset (Soft Reset) */
112 #define HCI_NXP_IND_RESET 0xfcfc
113 /* Bluetooth vendor command: Trigger FW dump */
114 #define HCI_NXP_TRIGGER_DUMP 0xfe91
115
116 /* Bluetooth Power State : Vendor cmd params */
117 #define BT_PS_ENABLE 0x02
118 #define BT_PS_DISABLE 0x03
119
120 /* Bluetooth Host Wakeup Methods */
121 #define BT_HOST_WAKEUP_METHOD_NONE 0x00
122 #define BT_HOST_WAKEUP_METHOD_DTR 0x01
123 #define BT_HOST_WAKEUP_METHOD_BREAK 0x02
124 #define BT_HOST_WAKEUP_METHOD_GPIO 0x03
125
126 /* Bluetooth Chip Wakeup Methods */
127 #define BT_CTRL_WAKEUP_METHOD_DSR 0x00
128 #define BT_CTRL_WAKEUP_METHOD_BREAK 0x01
129 #define BT_CTRL_WAKEUP_METHOD_GPIO 0x02
130 #define BT_CTRL_WAKEUP_METHOD_EXT_BREAK 0x04
131 #define BT_CTRL_WAKEUP_METHOD_RTS 0x05
132
133 struct ps_data {
134 u8 target_ps_mode; /* ps mode to be set */
135 u8 cur_psmode; /* current ps_mode */
136 u8 ps_state; /* controller's power save state */
137 u8 ps_cmd;
138 u8 h2c_wakeupmode;
139 u8 cur_h2c_wakeupmode;
140 u8 c2h_wakeupmode;
141 u8 c2h_wakeup_gpio;
142 u8 h2c_wakeup_gpio;
143 bool driver_sent_cmd;
144 u16 h2c_ps_interval;
145 u16 c2h_ps_interval;
146 struct gpio_desc *h2c_ps_gpio;
147 struct hci_dev *hdev;
148 struct work_struct work;
149 struct timer_list ps_timer;
150 struct mutex ps_lock;
151 };
152
153 struct wakeup_cmd_payload {
154 u8 c2h_wakeupmode;
155 u8 c2h_wakeup_gpio;
156 u8 h2c_wakeupmode;
157 u8 h2c_wakeup_gpio;
158 } __packed;
159
160 struct psmode_cmd_payload {
161 u8 ps_cmd;
162 __le16 c2h_ps_interval;
163 } __packed;
164
165 struct btnxpuart_data {
166 const char *helper_fw_name;
167 const char *fw_name;
168 const char *fw_name_old;
169 };
170
171 enum bootloader_param_change {
172 not_changed,
173 cmd_sent,
174 changed
175 };
176
177 struct btnxpuart_dev {
178 struct hci_dev *hdev;
179 struct serdev_device *serdev;
180
181 struct work_struct tx_work;
182 unsigned long tx_state;
183 struct sk_buff_head txq;
184 struct sk_buff *rx_skb;
185
186 const struct firmware *fw;
187 u8 fw_name[MAX_FW_FILE_NAME_LEN];
188 u32 fw_dnld_v1_offset;
189 u32 fw_v1_sent_bytes;
190 u32 fw_dnld_v3_offset;
191 u32 fw_v3_offset_correction;
192 u32 fw_v3_prev_sent;
193 u32 fw_v1_expected_len;
194 u32 boot_reg_offset;
195 wait_queue_head_t fw_dnld_done_wait_q;
196 wait_queue_head_t check_boot_sign_wait_q;
197
198 u32 new_baudrate;
199 u32 current_baudrate;
200 u32 fw_init_baudrate;
201 enum bootloader_param_change timeout_changed;
202 enum bootloader_param_change baudrate_changed;
203 bool helper_downloaded;
204
205 struct ps_data psdata;
206 struct btnxpuart_data *nxp_data;
207 };
208
209 #define NXP_V1_FW_REQ_PKT 0xa5
210 #define NXP_V1_CHIP_VER_PKT 0xaa
211 #define NXP_V3_FW_REQ_PKT 0xa7
212 #define NXP_V3_CHIP_VER_PKT 0xab
213
214 #define NXP_ACK_V1 0x5a
215 #define NXP_NAK_V1 0xbf
216 #define NXP_ACK_V3 0x7a
217 #define NXP_NAK_V3 0x7b
218 #define NXP_CRC_ERROR_V3 0x7c
219
220 /* Bootloader signature error codes: Refer AN12820 from nxp.com */
221 #define NXP_CRC_RX_ERROR BIT(0) /* CRC error in previous packet */
222 #define NXP_ACK_RX_TIMEOUT BIT(2) /* ACK not received from host */
223 #define NXP_HDR_RX_TIMEOUT BIT(3) /* FW Header chunk not received */
224 #define NXP_DATA_RX_TIMEOUT BIT(4) /* FW Data chunk not received */
225
226 #define HDR_LEN 16
227
228 #define NXP_RECV_CHIP_VER_V1 \
229 .type = NXP_V1_CHIP_VER_PKT, \
230 .hlen = 4, \
231 .loff = 0, \
232 .lsize = 0, \
233 .maxlen = 4
234
235 #define NXP_RECV_FW_REQ_V1 \
236 .type = NXP_V1_FW_REQ_PKT, \
237 .hlen = 4, \
238 .loff = 0, \
239 .lsize = 0, \
240 .maxlen = 4
241
242 #define NXP_RECV_CHIP_VER_V3 \
243 .type = NXP_V3_CHIP_VER_PKT, \
244 .hlen = 4, \
245 .loff = 0, \
246 .lsize = 0, \
247 .maxlen = 4
248
249 #define NXP_RECV_FW_REQ_V3 \
250 .type = NXP_V3_FW_REQ_PKT, \
251 .hlen = 9, \
252 .loff = 0, \
253 .lsize = 0, \
254 .maxlen = 9
255
256 struct v1_data_req {
257 __le16 len;
258 __le16 len_comp;
259 } __packed;
260
261 struct v1_start_ind {
262 __le16 chip_id;
263 __le16 chip_id_comp;
264 } __packed;
265
266 struct v3_data_req {
267 __le16 len;
268 __le32 offset;
269 __le16 error;
270 u8 crc;
271 } __packed;
272
273 struct v3_start_ind {
274 __le16 chip_id;
275 u8 loader_ver;
276 u8 crc;
277 } __packed;
278
279 /* UART register addresses of BT chip */
280 #define CLKDIVADDR 0x7f00008f
281 #define UARTDIVADDR 0x7f000090
282 #define UARTMCRADDR 0x7f000091
283 #define UARTREINITADDR 0x7f000092
284 #define UARTICRADDR 0x7f000093
285 #define UARTFCRADDR 0x7f000094
286
287 #define MCR 0x00000022
288 #define INIT 0x00000001
289 #define ICR 0x000000c7
290 #define FCR 0x000000c7
291
292 #define POLYNOMIAL8 0x07
293
294 struct uart_reg {
295 __le32 address;
296 __le32 value;
297 } __packed;
298
299 struct uart_config {
300 struct uart_reg clkdiv;
301 struct uart_reg uartdiv;
302 struct uart_reg mcr;
303 struct uart_reg re_init;
304 struct uart_reg icr;
305 struct uart_reg fcr;
306 __be32 crc;
307 } __packed;
308
309 struct nxp_bootloader_cmd {
310 __le32 header;
311 __le32 arg;
312 __le32 payload_len;
313 __be32 crc;
314 } __packed;
315
316 struct nxp_v3_rx_timeout_nak {
317 u8 nak;
318 __le32 offset;
319 u8 crc;
320 } __packed;
321
322 union nxp_v3_rx_timeout_nak_u {
323 struct nxp_v3_rx_timeout_nak pkt;
324 u8 buf[6];
325 };
326
327 struct nxp_v3_crc_nak {
328 u8 nak;
329 u8 crc;
330 } __packed;
331
332 union nxp_v3_crc_nak_u {
333 struct nxp_v3_crc_nak pkt;
334 u8 buf[2];
335 };
336
337 /* FW dump */
338 #define NXP_FW_DUMP_SIZE (1024 * 1000)
339
340 struct nxp_fw_dump_hdr {
341 __le16 seq_num;
342 __le16 reserved;
343 __le16 buf_type;
344 __le16 buf_len;
345 };
346
347 union nxp_set_bd_addr_payload {
348 struct {
349 u8 param_id;
350 u8 param_len;
351 u8 param[6];
352 } __packed data;
353 u8 buf[8];
354 };
355
356 static u8 crc8_table[CRC8_TABLE_SIZE];
357
358 /* Default configurations */
359 #define DEFAULT_H2C_WAKEUP_MODE WAKEUP_METHOD_BREAK
360 #define DEFAULT_PS_MODE PS_MODE_ENABLE
361 #define FW_INIT_BAUDRATE HCI_NXP_PRI_BAUDRATE
362
nxp_drv_send_cmd(struct hci_dev * hdev,u16 opcode,u32 plen,void * param)363 static struct sk_buff *nxp_drv_send_cmd(struct hci_dev *hdev, u16 opcode,
364 u32 plen,
365 void *param)
366 {
367 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
368 struct ps_data *psdata = &nxpdev->psdata;
369 struct sk_buff *skb;
370
371 /* set flag to prevent nxp_enqueue from parsing values from this command and
372 * calling hci_cmd_sync_queue() again.
373 */
374 psdata->driver_sent_cmd = true;
375 skb = __hci_cmd_sync(hdev, opcode, plen, param, HCI_CMD_TIMEOUT);
376 psdata->driver_sent_cmd = false;
377
378 return skb;
379 }
380
btnxpuart_tx_wakeup(struct btnxpuart_dev * nxpdev)381 static void btnxpuart_tx_wakeup(struct btnxpuart_dev *nxpdev)
382 {
383 if (schedule_work(&nxpdev->tx_work))
384 set_bit(BTNXPUART_TX_STATE_ACTIVE, &nxpdev->tx_state);
385 }
386
387 /* NXP Power Save Feature */
ps_start_timer(struct btnxpuart_dev * nxpdev)388 static void ps_start_timer(struct btnxpuart_dev *nxpdev)
389 {
390 struct ps_data *psdata = &nxpdev->psdata;
391
392 if (!psdata)
393 return;
394
395 if (psdata->cur_psmode == PS_MODE_ENABLE)
396 mod_timer(&psdata->ps_timer, jiffies + msecs_to_jiffies(psdata->h2c_ps_interval));
397
398 if (psdata->ps_state == PS_STATE_AWAKE && psdata->ps_cmd == PS_CMD_ENTER_PS)
399 cancel_work_sync(&psdata->work);
400 }
401
ps_cancel_timer(struct btnxpuart_dev * nxpdev)402 static void ps_cancel_timer(struct btnxpuart_dev *nxpdev)
403 {
404 struct ps_data *psdata = &nxpdev->psdata;
405
406 flush_work(&psdata->work);
407 timer_shutdown_sync(&psdata->ps_timer);
408 }
409
ps_control(struct hci_dev * hdev,u8 ps_state)410 static void ps_control(struct hci_dev *hdev, u8 ps_state)
411 {
412 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
413 struct ps_data *psdata = &nxpdev->psdata;
414 int status = 0;
415
416 if (psdata->ps_state == ps_state ||
417 !test_bit(BTNXPUART_SERDEV_OPEN, &nxpdev->tx_state))
418 return;
419
420 mutex_lock(&psdata->ps_lock);
421 switch (psdata->cur_h2c_wakeupmode) {
422 case WAKEUP_METHOD_GPIO:
423 if (ps_state == PS_STATE_AWAKE)
424 gpiod_set_value_cansleep(psdata->h2c_ps_gpio, 0);
425 else
426 gpiod_set_value_cansleep(psdata->h2c_ps_gpio, 1);
427 bt_dev_dbg(hdev, "Set h2c_ps_gpio: %s",
428 str_high_low(ps_state == PS_STATE_SLEEP));
429 break;
430 case WAKEUP_METHOD_DTR:
431 if (ps_state == PS_STATE_AWAKE)
432 status = serdev_device_set_tiocm(nxpdev->serdev, TIOCM_DTR, 0);
433 else
434 status = serdev_device_set_tiocm(nxpdev->serdev, 0, TIOCM_DTR);
435 break;
436 case WAKEUP_METHOD_BREAK:
437 default:
438 if (ps_state == PS_STATE_AWAKE)
439 status = serdev_device_break_ctl(nxpdev->serdev, 0);
440 else
441 status = serdev_device_break_ctl(nxpdev->serdev, -1);
442 msleep(20); /* Allow chip to detect UART-break and enter sleep */
443 bt_dev_dbg(hdev, "Set UART break: %s, status=%d",
444 str_on_off(ps_state == PS_STATE_SLEEP), status);
445 break;
446 }
447 if (!status)
448 psdata->ps_state = ps_state;
449 mutex_unlock(&psdata->ps_lock);
450
451 if (ps_state == PS_STATE_AWAKE)
452 btnxpuart_tx_wakeup(nxpdev);
453 }
454
ps_work_func(struct work_struct * work)455 static void ps_work_func(struct work_struct *work)
456 {
457 struct ps_data *data = container_of(work, struct ps_data, work);
458
459 if (data->ps_cmd == PS_CMD_ENTER_PS && data->cur_psmode == PS_MODE_ENABLE)
460 ps_control(data->hdev, PS_STATE_SLEEP);
461 else if (data->ps_cmd == PS_CMD_EXIT_PS)
462 ps_control(data->hdev, PS_STATE_AWAKE);
463 }
464
ps_timeout_func(struct timer_list * t)465 static void ps_timeout_func(struct timer_list *t)
466 {
467 struct ps_data *data = from_timer(data, t, ps_timer);
468 struct hci_dev *hdev = data->hdev;
469 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
470
471 if (test_bit(BTNXPUART_TX_STATE_ACTIVE, &nxpdev->tx_state)) {
472 ps_start_timer(nxpdev);
473 } else {
474 data->ps_cmd = PS_CMD_ENTER_PS;
475 schedule_work(&data->work);
476 }
477 }
478
ps_setup(struct hci_dev * hdev)479 static int ps_setup(struct hci_dev *hdev)
480 {
481 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
482 struct serdev_device *serdev = nxpdev->serdev;
483 struct ps_data *psdata = &nxpdev->psdata;
484
485 psdata->h2c_ps_gpio = devm_gpiod_get_optional(&serdev->dev, "device-wakeup",
486 GPIOD_OUT_LOW);
487 if (IS_ERR(psdata->h2c_ps_gpio)) {
488 bt_dev_err(hdev, "Error fetching device-wakeup-gpios: %ld",
489 PTR_ERR(psdata->h2c_ps_gpio));
490 return PTR_ERR(psdata->h2c_ps_gpio);
491 }
492
493 if (device_property_read_u8(&serdev->dev, "nxp,wakein-pin", &psdata->h2c_wakeup_gpio)) {
494 psdata->h2c_wakeup_gpio = 0xff; /* 0xff: use default pin/gpio */
495 } else if (!psdata->h2c_ps_gpio) {
496 bt_dev_warn(hdev, "nxp,wakein-pin property without device-wakeup GPIO");
497 psdata->h2c_wakeup_gpio = 0xff;
498 }
499
500 device_property_read_u8(&serdev->dev, "nxp,wakeout-pin", &psdata->c2h_wakeup_gpio);
501
502 psdata->hdev = hdev;
503 INIT_WORK(&psdata->work, ps_work_func);
504 mutex_init(&psdata->ps_lock);
505 timer_setup(&psdata->ps_timer, ps_timeout_func, 0);
506
507 return 0;
508 }
509
ps_wakeup(struct btnxpuart_dev * nxpdev)510 static bool ps_wakeup(struct btnxpuart_dev *nxpdev)
511 {
512 struct ps_data *psdata = &nxpdev->psdata;
513 u8 ps_state;
514
515 mutex_lock(&psdata->ps_lock);
516 ps_state = psdata->ps_state;
517 mutex_unlock(&psdata->ps_lock);
518
519 if (ps_state != PS_STATE_AWAKE) {
520 psdata->ps_cmd = PS_CMD_EXIT_PS;
521 schedule_work(&psdata->work);
522 return true;
523 }
524 return false;
525 }
526
ps_cleanup(struct btnxpuart_dev * nxpdev)527 static void ps_cleanup(struct btnxpuart_dev *nxpdev)
528 {
529 struct ps_data *psdata = &nxpdev->psdata;
530 u8 ps_state;
531
532 mutex_lock(&psdata->ps_lock);
533 ps_state = psdata->ps_state;
534 mutex_unlock(&psdata->ps_lock);
535
536 if (ps_state != PS_STATE_AWAKE)
537 ps_control(psdata->hdev, PS_STATE_AWAKE);
538
539 ps_cancel_timer(nxpdev);
540 cancel_work_sync(&psdata->work);
541 mutex_destroy(&psdata->ps_lock);
542 }
543
send_ps_cmd(struct hci_dev * hdev,void * data)544 static int send_ps_cmd(struct hci_dev *hdev, void *data)
545 {
546 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
547 struct ps_data *psdata = &nxpdev->psdata;
548 struct psmode_cmd_payload pcmd;
549 struct sk_buff *skb;
550 u8 *status;
551
552 if (psdata->target_ps_mode == PS_MODE_ENABLE)
553 pcmd.ps_cmd = BT_PS_ENABLE;
554 else
555 pcmd.ps_cmd = BT_PS_DISABLE;
556 pcmd.c2h_ps_interval = __cpu_to_le16(psdata->c2h_ps_interval);
557
558 skb = nxp_drv_send_cmd(hdev, HCI_NXP_AUTO_SLEEP_MODE, sizeof(pcmd), &pcmd);
559 if (IS_ERR(skb)) {
560 bt_dev_err(hdev, "Setting Power Save mode failed (%ld)", PTR_ERR(skb));
561 return PTR_ERR(skb);
562 }
563
564 status = skb_pull_data(skb, 1);
565 if (status) {
566 if (!*status)
567 psdata->cur_psmode = psdata->target_ps_mode;
568 else
569 psdata->target_ps_mode = psdata->cur_psmode;
570 if (psdata->cur_psmode == PS_MODE_ENABLE)
571 ps_start_timer(nxpdev);
572 else
573 ps_wakeup(nxpdev);
574 bt_dev_dbg(hdev, "Power Save mode response: status=%d, ps_mode=%d",
575 *status, psdata->cur_psmode);
576 }
577 kfree_skb(skb);
578
579 return 0;
580 }
581
send_wakeup_method_cmd(struct hci_dev * hdev,void * data)582 static int send_wakeup_method_cmd(struct hci_dev *hdev, void *data)
583 {
584 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
585 struct ps_data *psdata = &nxpdev->psdata;
586 struct wakeup_cmd_payload pcmd;
587 struct sk_buff *skb;
588 u8 *status;
589
590 pcmd.c2h_wakeupmode = psdata->c2h_wakeupmode;
591 pcmd.c2h_wakeup_gpio = psdata->c2h_wakeup_gpio;
592 pcmd.h2c_wakeup_gpio = 0xff;
593 switch (psdata->h2c_wakeupmode) {
594 case WAKEUP_METHOD_GPIO:
595 pcmd.h2c_wakeupmode = BT_CTRL_WAKEUP_METHOD_GPIO;
596 pcmd.h2c_wakeup_gpio = psdata->h2c_wakeup_gpio;
597 break;
598 case WAKEUP_METHOD_DTR:
599 pcmd.h2c_wakeupmode = BT_CTRL_WAKEUP_METHOD_DSR;
600 break;
601 case WAKEUP_METHOD_BREAK:
602 default:
603 pcmd.h2c_wakeupmode = BT_CTRL_WAKEUP_METHOD_BREAK;
604 break;
605 }
606
607 skb = nxp_drv_send_cmd(hdev, HCI_NXP_WAKEUP_METHOD, sizeof(pcmd), &pcmd);
608 if (IS_ERR(skb)) {
609 bt_dev_err(hdev, "Setting wake-up method failed (%ld)", PTR_ERR(skb));
610 return PTR_ERR(skb);
611 }
612
613 status = skb_pull_data(skb, 1);
614 if (status) {
615 if (*status == 0)
616 psdata->cur_h2c_wakeupmode = psdata->h2c_wakeupmode;
617 else
618 psdata->h2c_wakeupmode = psdata->cur_h2c_wakeupmode;
619 bt_dev_dbg(hdev, "Set Wakeup Method response: status=%d, h2c_wakeupmode=%d",
620 *status, psdata->cur_h2c_wakeupmode);
621 }
622 kfree_skb(skb);
623
624 return 0;
625 }
626
ps_init(struct hci_dev * hdev)627 static void ps_init(struct hci_dev *hdev)
628 {
629 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
630 struct ps_data *psdata = &nxpdev->psdata;
631 u8 default_h2c_wakeup_mode = DEFAULT_H2C_WAKEUP_MODE;
632
633 serdev_device_set_tiocm(nxpdev->serdev, 0, TIOCM_RTS);
634 usleep_range(5000, 10000);
635 serdev_device_set_tiocm(nxpdev->serdev, TIOCM_RTS, 0);
636 usleep_range(5000, 10000);
637
638 psdata->ps_state = PS_STATE_AWAKE;
639
640 if (psdata->c2h_wakeup_gpio) {
641 psdata->c2h_wakeupmode = BT_HOST_WAKEUP_METHOD_GPIO;
642 } else {
643 psdata->c2h_wakeupmode = BT_HOST_WAKEUP_METHOD_NONE;
644 psdata->c2h_wakeup_gpio = 0xff;
645 }
646
647 psdata->cur_h2c_wakeupmode = WAKEUP_METHOD_INVALID;
648 if (psdata->h2c_ps_gpio)
649 default_h2c_wakeup_mode = WAKEUP_METHOD_GPIO;
650
651 psdata->h2c_ps_interval = PS_DEFAULT_TIMEOUT_PERIOD_MS;
652
653 switch (default_h2c_wakeup_mode) {
654 case WAKEUP_METHOD_GPIO:
655 psdata->h2c_wakeupmode = WAKEUP_METHOD_GPIO;
656 gpiod_set_value_cansleep(psdata->h2c_ps_gpio, 0);
657 usleep_range(5000, 10000);
658 break;
659 case WAKEUP_METHOD_DTR:
660 psdata->h2c_wakeupmode = WAKEUP_METHOD_DTR;
661 serdev_device_set_tiocm(nxpdev->serdev, 0, TIOCM_DTR);
662 serdev_device_set_tiocm(nxpdev->serdev, TIOCM_DTR, 0);
663 break;
664 case WAKEUP_METHOD_BREAK:
665 default:
666 psdata->h2c_wakeupmode = WAKEUP_METHOD_BREAK;
667 serdev_device_break_ctl(nxpdev->serdev, -1);
668 usleep_range(5000, 10000);
669 serdev_device_break_ctl(nxpdev->serdev, 0);
670 usleep_range(5000, 10000);
671 break;
672 }
673
674 psdata->cur_psmode = PS_MODE_DISABLE;
675 psdata->target_ps_mode = DEFAULT_PS_MODE;
676 }
677
678 /* NXP Firmware Download Feature */
nxp_download_firmware(struct hci_dev * hdev)679 static int nxp_download_firmware(struct hci_dev *hdev)
680 {
681 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
682 int err = 0;
683
684 nxpdev->fw_dnld_v1_offset = 0;
685 nxpdev->fw_v1_sent_bytes = 0;
686 nxpdev->fw_v1_expected_len = HDR_LEN;
687 nxpdev->boot_reg_offset = 0;
688 nxpdev->fw_dnld_v3_offset = 0;
689 nxpdev->fw_v3_offset_correction = 0;
690 nxpdev->baudrate_changed = not_changed;
691 nxpdev->timeout_changed = not_changed;
692 nxpdev->helper_downloaded = false;
693
694 serdev_device_set_baudrate(nxpdev->serdev, HCI_NXP_PRI_BAUDRATE);
695 serdev_device_set_flow_control(nxpdev->serdev, false);
696 nxpdev->current_baudrate = HCI_NXP_PRI_BAUDRATE;
697
698 /* Wait till FW is downloaded */
699 err = wait_event_interruptible_timeout(nxpdev->fw_dnld_done_wait_q,
700 !test_bit(BTNXPUART_FW_DOWNLOADING,
701 &nxpdev->tx_state),
702 msecs_to_jiffies(60000));
703
704 if (nxpdev->fw && strlen(nxpdev->fw_name)) {
705 release_firmware(nxpdev->fw);
706 memset(nxpdev->fw_name, 0, sizeof(nxpdev->fw_name));
707 }
708
709 if (err == 0) {
710 bt_dev_err(hdev, "FW Download Timeout. offset: %d",
711 nxpdev->fw_dnld_v1_offset ?
712 nxpdev->fw_dnld_v1_offset :
713 nxpdev->fw_dnld_v3_offset);
714 return -ETIMEDOUT;
715 }
716 if (test_bit(BTNXPUART_FW_DOWNLOAD_ABORT, &nxpdev->tx_state)) {
717 bt_dev_err(hdev, "FW Download Aborted");
718 return -EINTR;
719 }
720
721 serdev_device_set_flow_control(nxpdev->serdev, true);
722
723 /* Allow the downloaded FW to initialize */
724 msleep(1200);
725
726 return 0;
727 }
728
nxp_send_ack(u8 ack,struct hci_dev * hdev)729 static void nxp_send_ack(u8 ack, struct hci_dev *hdev)
730 {
731 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
732 u8 ack_nak[2];
733 int len = 1;
734
735 ack_nak[0] = ack;
736 if (ack == NXP_ACK_V3) {
737 ack_nak[1] = crc8(crc8_table, ack_nak, 1, 0xff);
738 len = 2;
739 }
740 serdev_device_write_buf(nxpdev->serdev, ack_nak, len);
741 }
742
nxp_fw_change_baudrate(struct hci_dev * hdev,u16 req_len)743 static bool nxp_fw_change_baudrate(struct hci_dev *hdev, u16 req_len)
744 {
745 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
746 struct nxp_bootloader_cmd nxp_cmd5;
747 struct uart_config uart_config;
748 u32 clkdivaddr = CLKDIVADDR - nxpdev->boot_reg_offset;
749 u32 uartdivaddr = UARTDIVADDR - nxpdev->boot_reg_offset;
750 u32 uartmcraddr = UARTMCRADDR - nxpdev->boot_reg_offset;
751 u32 uartreinitaddr = UARTREINITADDR - nxpdev->boot_reg_offset;
752 u32 uarticraddr = UARTICRADDR - nxpdev->boot_reg_offset;
753 u32 uartfcraddr = UARTFCRADDR - nxpdev->boot_reg_offset;
754
755 if (req_len == sizeof(nxp_cmd5)) {
756 nxp_cmd5.header = __cpu_to_le32(5);
757 nxp_cmd5.arg = 0;
758 nxp_cmd5.payload_len = __cpu_to_le32(sizeof(uart_config));
759 /* FW expects swapped CRC bytes */
760 nxp_cmd5.crc = __cpu_to_be32(crc32_be(0UL, (char *)&nxp_cmd5,
761 sizeof(nxp_cmd5) - 4));
762
763 serdev_device_write_buf(nxpdev->serdev, (u8 *)&nxp_cmd5, sizeof(nxp_cmd5));
764 nxpdev->fw_v3_offset_correction += req_len;
765 } else if (req_len == sizeof(uart_config)) {
766 uart_config.clkdiv.address = __cpu_to_le32(clkdivaddr);
767 uart_config.clkdiv.value = __cpu_to_le32(0x00c00000);
768 uart_config.uartdiv.address = __cpu_to_le32(uartdivaddr);
769 uart_config.uartdiv.value = __cpu_to_le32(1);
770 uart_config.mcr.address = __cpu_to_le32(uartmcraddr);
771 uart_config.mcr.value = __cpu_to_le32(MCR);
772 uart_config.re_init.address = __cpu_to_le32(uartreinitaddr);
773 uart_config.re_init.value = __cpu_to_le32(INIT);
774 uart_config.icr.address = __cpu_to_le32(uarticraddr);
775 uart_config.icr.value = __cpu_to_le32(ICR);
776 uart_config.fcr.address = __cpu_to_le32(uartfcraddr);
777 uart_config.fcr.value = __cpu_to_le32(FCR);
778 /* FW expects swapped CRC bytes */
779 uart_config.crc = __cpu_to_be32(crc32_be(0UL, (char *)&uart_config,
780 sizeof(uart_config) - 4));
781
782 serdev_device_write_buf(nxpdev->serdev, (u8 *)&uart_config, sizeof(uart_config));
783 serdev_device_wait_until_sent(nxpdev->serdev, 0);
784 nxpdev->fw_v3_offset_correction += req_len;
785 return true;
786 }
787 return false;
788 }
789
nxp_fw_change_timeout(struct hci_dev * hdev,u16 req_len)790 static bool nxp_fw_change_timeout(struct hci_dev *hdev, u16 req_len)
791 {
792 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
793 struct nxp_bootloader_cmd nxp_cmd7;
794
795 if (req_len != sizeof(nxp_cmd7))
796 return false;
797
798 nxp_cmd7.header = __cpu_to_le32(7);
799 nxp_cmd7.arg = __cpu_to_le32(0x70);
800 nxp_cmd7.payload_len = 0;
801 /* FW expects swapped CRC bytes */
802 nxp_cmd7.crc = __cpu_to_be32(crc32_be(0UL, (char *)&nxp_cmd7,
803 sizeof(nxp_cmd7) - 4));
804 serdev_device_write_buf(nxpdev->serdev, (u8 *)&nxp_cmd7, sizeof(nxp_cmd7));
805 serdev_device_wait_until_sent(nxpdev->serdev, 0);
806 nxpdev->fw_v3_offset_correction += req_len;
807 return true;
808 }
809
nxp_get_data_len(const u8 * buf)810 static u32 nxp_get_data_len(const u8 *buf)
811 {
812 struct nxp_bootloader_cmd *hdr = (struct nxp_bootloader_cmd *)buf;
813
814 return __le32_to_cpu(hdr->payload_len);
815 }
816
is_fw_downloading(struct btnxpuart_dev * nxpdev)817 static bool is_fw_downloading(struct btnxpuart_dev *nxpdev)
818 {
819 return test_bit(BTNXPUART_FW_DOWNLOADING, &nxpdev->tx_state);
820 }
821
ind_reset_in_progress(struct btnxpuart_dev * nxpdev)822 static bool ind_reset_in_progress(struct btnxpuart_dev *nxpdev)
823 {
824 return test_bit(BTNXPUART_IR_IN_PROGRESS, &nxpdev->tx_state);
825 }
826
fw_dump_in_progress(struct btnxpuart_dev * nxpdev)827 static bool fw_dump_in_progress(struct btnxpuart_dev *nxpdev)
828 {
829 return test_bit(BTNXPUART_FW_DUMP_IN_PROGRESS, &nxpdev->tx_state);
830 }
831
process_boot_signature(struct btnxpuart_dev * nxpdev)832 static bool process_boot_signature(struct btnxpuart_dev *nxpdev)
833 {
834 if (test_bit(BTNXPUART_CHECK_BOOT_SIGNATURE, &nxpdev->tx_state)) {
835 clear_bit(BTNXPUART_CHECK_BOOT_SIGNATURE, &nxpdev->tx_state);
836 wake_up_interruptible(&nxpdev->check_boot_sign_wait_q);
837 return false;
838 }
839 return is_fw_downloading(nxpdev);
840 }
841
nxp_request_firmware(struct hci_dev * hdev,const char * fw_name,const char * fw_name_old)842 static int nxp_request_firmware(struct hci_dev *hdev, const char *fw_name,
843 const char *fw_name_old)
844 {
845 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
846 const char *fw_name_dt;
847 int err = 0;
848
849 if (!fw_name)
850 return -ENOENT;
851
852 if (!strlen(nxpdev->fw_name)) {
853 if (strcmp(fw_name, FIRMWARE_HELPER) &&
854 !device_property_read_string(&nxpdev->serdev->dev,
855 "firmware-name",
856 &fw_name_dt))
857 fw_name = fw_name_dt;
858 snprintf(nxpdev->fw_name, MAX_FW_FILE_NAME_LEN, "nxp/%s", fw_name);
859 err = request_firmware_direct(&nxpdev->fw, nxpdev->fw_name, &hdev->dev);
860 if (err < 0 && fw_name_old) {
861 snprintf(nxpdev->fw_name, MAX_FW_FILE_NAME_LEN, "nxp/%s", fw_name_old);
862 err = request_firmware_direct(&nxpdev->fw, nxpdev->fw_name, &hdev->dev);
863 }
864
865 bt_dev_info(hdev, "Request Firmware: %s", nxpdev->fw_name);
866 if (err < 0) {
867 bt_dev_err(hdev, "Firmware file %s not found", nxpdev->fw_name);
868 clear_bit(BTNXPUART_FW_DOWNLOADING, &nxpdev->tx_state);
869 }
870 }
871 return err;
872 }
873
874 /* for legacy chipsets with V1 bootloader */
nxp_recv_chip_ver_v1(struct hci_dev * hdev,struct sk_buff * skb)875 static int nxp_recv_chip_ver_v1(struct hci_dev *hdev, struct sk_buff *skb)
876 {
877 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
878 struct v1_start_ind *req;
879 __u16 chip_id;
880
881 req = skb_pull_data(skb, sizeof(*req));
882 if (!req)
883 goto free_skb;
884
885 chip_id = le16_to_cpu(req->chip_id ^ req->chip_id_comp);
886 if (chip_id == 0xffff && nxpdev->fw_dnld_v1_offset) {
887 nxpdev->fw_dnld_v1_offset = 0;
888 nxpdev->fw_v1_sent_bytes = 0;
889 nxpdev->fw_v1_expected_len = HDR_LEN;
890 release_firmware(nxpdev->fw);
891 memset(nxpdev->fw_name, 0, sizeof(nxpdev->fw_name));
892 nxp_send_ack(NXP_ACK_V1, hdev);
893 }
894
895 free_skb:
896 kfree_skb(skb);
897 return 0;
898 }
899
nxp_recv_fw_req_v1(struct hci_dev * hdev,struct sk_buff * skb)900 static int nxp_recv_fw_req_v1(struct hci_dev *hdev, struct sk_buff *skb)
901 {
902 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
903 struct btnxpuart_data *nxp_data = nxpdev->nxp_data;
904 struct v1_data_req *req;
905 __u16 len;
906
907 if (!process_boot_signature(nxpdev))
908 goto free_skb;
909
910 req = skb_pull_data(skb, sizeof(*req));
911 if (!req)
912 goto free_skb;
913
914 len = __le16_to_cpu(req->len ^ req->len_comp);
915 if (len != 0xffff) {
916 bt_dev_dbg(hdev, "ERR: Send NAK");
917 nxp_send_ack(NXP_NAK_V1, hdev);
918 goto free_skb;
919 }
920 nxp_send_ack(NXP_ACK_V1, hdev);
921
922 len = __le16_to_cpu(req->len);
923
924 if (!nxp_data->helper_fw_name) {
925 if (nxpdev->timeout_changed != changed) {
926 nxp_fw_change_timeout(hdev, len);
927 nxpdev->timeout_changed = changed;
928 goto free_skb;
929 }
930 if (nxpdev->baudrate_changed != changed) {
931 if (nxp_fw_change_baudrate(hdev, len)) {
932 nxpdev->baudrate_changed = changed;
933 serdev_device_set_baudrate(nxpdev->serdev,
934 HCI_NXP_SEC_BAUDRATE);
935 serdev_device_set_flow_control(nxpdev->serdev, true);
936 nxpdev->current_baudrate = HCI_NXP_SEC_BAUDRATE;
937 }
938 goto free_skb;
939 }
940 }
941
942 if (!nxp_data->helper_fw_name || nxpdev->helper_downloaded) {
943 if (nxp_request_firmware(hdev, nxp_data->fw_name, nxp_data->fw_name_old))
944 goto free_skb;
945 } else if (nxp_data->helper_fw_name && !nxpdev->helper_downloaded) {
946 if (nxp_request_firmware(hdev, nxp_data->helper_fw_name, NULL))
947 goto free_skb;
948 }
949
950 if (!len) {
951 bt_dev_info(hdev, "FW Download Complete: %zu bytes",
952 nxpdev->fw->size);
953 if (nxp_data->helper_fw_name && !nxpdev->helper_downloaded) {
954 nxpdev->helper_downloaded = true;
955 serdev_device_wait_until_sent(nxpdev->serdev, 0);
956 serdev_device_set_baudrate(nxpdev->serdev,
957 HCI_NXP_SEC_BAUDRATE);
958 serdev_device_set_flow_control(nxpdev->serdev, true);
959 } else {
960 clear_bit(BTNXPUART_FW_DOWNLOADING, &nxpdev->tx_state);
961 wake_up_interruptible(&nxpdev->fw_dnld_done_wait_q);
962 }
963 goto free_skb;
964 }
965 if (len & 0x01) {
966 /* The CRC did not match at the other end.
967 * Simply send the same bytes again.
968 */
969 len = nxpdev->fw_v1_sent_bytes;
970 bt_dev_dbg(hdev, "CRC error. Resend %d bytes of FW.", len);
971 } else {
972 nxpdev->fw_dnld_v1_offset += nxpdev->fw_v1_sent_bytes;
973
974 /* The FW bin file is made up of many blocks of
975 * 16 byte header and payload data chunks. If the
976 * FW has requested a header, read the payload length
977 * info from the header, before sending the header.
978 * In the next iteration, the FW should request the
979 * payload data chunk, which should be equal to the
980 * payload length read from header. If there is a
981 * mismatch, clearly the driver and FW are out of sync,
982 * and we need to re-send the previous header again.
983 */
984 if (len == nxpdev->fw_v1_expected_len) {
985 if (len == HDR_LEN)
986 nxpdev->fw_v1_expected_len = nxp_get_data_len(nxpdev->fw->data +
987 nxpdev->fw_dnld_v1_offset);
988 else
989 nxpdev->fw_v1_expected_len = HDR_LEN;
990 } else if (len == HDR_LEN) {
991 /* FW download out of sync. Send previous chunk again */
992 nxpdev->fw_dnld_v1_offset -= nxpdev->fw_v1_sent_bytes;
993 nxpdev->fw_v1_expected_len = HDR_LEN;
994 }
995 }
996
997 if (nxpdev->fw_dnld_v1_offset + len <= nxpdev->fw->size)
998 serdev_device_write_buf(nxpdev->serdev, nxpdev->fw->data +
999 nxpdev->fw_dnld_v1_offset, len);
1000 nxpdev->fw_v1_sent_bytes = len;
1001
1002 free_skb:
1003 kfree_skb(skb);
1004 return 0;
1005 }
1006
nxp_get_fw_name_from_chipid(struct hci_dev * hdev,u16 chipid,u8 loader_ver)1007 static char *nxp_get_fw_name_from_chipid(struct hci_dev *hdev, u16 chipid,
1008 u8 loader_ver)
1009 {
1010 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
1011 char *fw_name = NULL;
1012
1013 switch (chipid) {
1014 case CHIP_ID_W9098:
1015 fw_name = FIRMWARE_W9098;
1016 break;
1017 case CHIP_ID_IW416:
1018 fw_name = FIRMWARE_IW416;
1019 break;
1020 case CHIP_ID_IW612:
1021 fw_name = FIRMWARE_IW612;
1022 break;
1023 case CHIP_ID_IW624a:
1024 case CHIP_ID_IW624c:
1025 nxpdev->boot_reg_offset = 1;
1026 if ((loader_ver & FW_SECURE_MASK) == FW_OPEN)
1027 fw_name = FIRMWARE_IW624;
1028 else if ((loader_ver & FW_SECURE_MASK) != FW_AUTH_ILLEGAL)
1029 fw_name = FIRMWARE_SECURE_IW624;
1030 else
1031 bt_dev_err(hdev, "Illegal loader version %02x", loader_ver);
1032 break;
1033 case CHIP_ID_AW693a0:
1034 if ((loader_ver & FW_SECURE_MASK) == FW_OPEN)
1035 fw_name = FIRMWARE_AW693;
1036 else if ((loader_ver & FW_SECURE_MASK) != FW_AUTH_ILLEGAL)
1037 fw_name = FIRMWARE_SECURE_AW693;
1038 else
1039 bt_dev_err(hdev, "Illegal loader version %02x", loader_ver);
1040 break;
1041 case CHIP_ID_AW693a1:
1042 if ((loader_ver & FW_SECURE_MASK) == FW_OPEN)
1043 fw_name = FIRMWARE_AW693_A1;
1044 else if ((loader_ver & FW_SECURE_MASK) != FW_AUTH_ILLEGAL)
1045 fw_name = FIRMWARE_SECURE_AW693_A1;
1046 else
1047 bt_dev_err(hdev, "Illegal loader version %02x", loader_ver);
1048 break;
1049 case CHIP_ID_IW610a0:
1050 case CHIP_ID_IW610a1:
1051 if ((loader_ver & FW_SECURE_MASK) == FW_OPEN)
1052 fw_name = FIRMWARE_IW610;
1053 else if ((loader_ver & FW_SECURE_MASK) != FW_AUTH_ILLEGAL)
1054 fw_name = FIRMWARE_SECURE_IW610;
1055 else
1056 bt_dev_err(hdev, "Illegal loader version %02x", loader_ver);
1057 break;
1058 default:
1059 bt_dev_err(hdev, "Unknown chip signature %04x", chipid);
1060 break;
1061 }
1062 return fw_name;
1063 }
1064
nxp_get_old_fw_name_from_chipid(struct hci_dev * hdev,u16 chipid,u8 loader_ver)1065 static char *nxp_get_old_fw_name_from_chipid(struct hci_dev *hdev, u16 chipid,
1066 u8 loader_ver)
1067 {
1068 char *fw_name_old = NULL;
1069
1070 switch (chipid) {
1071 case CHIP_ID_W9098:
1072 fw_name_old = FIRMWARE_W9098_OLD;
1073 break;
1074 case CHIP_ID_IW416:
1075 fw_name_old = FIRMWARE_IW416_OLD;
1076 break;
1077 }
1078 return fw_name_old;
1079 }
1080
nxp_recv_chip_ver_v3(struct hci_dev * hdev,struct sk_buff * skb)1081 static int nxp_recv_chip_ver_v3(struct hci_dev *hdev, struct sk_buff *skb)
1082 {
1083 struct v3_start_ind *req = skb_pull_data(skb, sizeof(*req));
1084 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
1085 const char *fw_name;
1086 const char *fw_name_old;
1087 u16 chip_id;
1088 u8 loader_ver;
1089
1090 if (!process_boot_signature(nxpdev))
1091 goto free_skb;
1092
1093 chip_id = le16_to_cpu(req->chip_id);
1094 loader_ver = req->loader_ver;
1095 bt_dev_info(hdev, "ChipID: %04x, Version: %d", chip_id, loader_ver);
1096 fw_name = nxp_get_fw_name_from_chipid(hdev, chip_id, loader_ver);
1097 fw_name_old = nxp_get_old_fw_name_from_chipid(hdev, chip_id, loader_ver);
1098 if (!nxp_request_firmware(hdev, fw_name, fw_name_old))
1099 nxp_send_ack(NXP_ACK_V3, hdev);
1100
1101 free_skb:
1102 kfree_skb(skb);
1103 return 0;
1104 }
1105
nxp_handle_fw_download_error(struct hci_dev * hdev,struct v3_data_req * req)1106 static void nxp_handle_fw_download_error(struct hci_dev *hdev, struct v3_data_req *req)
1107 {
1108 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
1109 __u32 offset = __le32_to_cpu(req->offset);
1110 __u16 err = __le16_to_cpu(req->error);
1111 union nxp_v3_rx_timeout_nak_u timeout_nak_buf;
1112 union nxp_v3_crc_nak_u crc_nak_buf;
1113
1114 if (err & NXP_CRC_RX_ERROR) {
1115 crc_nak_buf.pkt.nak = NXP_CRC_ERROR_V3;
1116 crc_nak_buf.pkt.crc = crc8(crc8_table, crc_nak_buf.buf,
1117 sizeof(crc_nak_buf) - 1, 0xff);
1118 serdev_device_write_buf(nxpdev->serdev, crc_nak_buf.buf,
1119 sizeof(crc_nak_buf));
1120 } else if (err & NXP_ACK_RX_TIMEOUT ||
1121 err & NXP_HDR_RX_TIMEOUT ||
1122 err & NXP_DATA_RX_TIMEOUT) {
1123 timeout_nak_buf.pkt.nak = NXP_NAK_V3;
1124 timeout_nak_buf.pkt.offset = __cpu_to_le32(offset);
1125 timeout_nak_buf.pkt.crc = crc8(crc8_table, timeout_nak_buf.buf,
1126 sizeof(timeout_nak_buf) - 1, 0xff);
1127 serdev_device_write_buf(nxpdev->serdev, timeout_nak_buf.buf,
1128 sizeof(timeout_nak_buf));
1129 } else {
1130 bt_dev_err(hdev, "Unknown bootloader error code: %d", err);
1131 }
1132 }
1133
nxp_recv_fw_req_v3(struct hci_dev * hdev,struct sk_buff * skb)1134 static int nxp_recv_fw_req_v3(struct hci_dev *hdev, struct sk_buff *skb)
1135 {
1136 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
1137 struct v3_data_req *req;
1138 __u16 len = 0;
1139 __u16 err = 0;
1140 __u32 offset;
1141
1142 if (!process_boot_signature(nxpdev))
1143 goto free_skb;
1144
1145 req = skb_pull_data(skb, sizeof(*req));
1146 if (!req || !nxpdev->fw)
1147 goto free_skb;
1148
1149 err = __le16_to_cpu(req->error);
1150
1151 if (!err) {
1152 nxp_send_ack(NXP_ACK_V3, hdev);
1153 if (nxpdev->timeout_changed == cmd_sent)
1154 nxpdev->timeout_changed = changed;
1155 if (nxpdev->baudrate_changed == cmd_sent)
1156 nxpdev->baudrate_changed = changed;
1157 } else {
1158 nxp_handle_fw_download_error(hdev, req);
1159 if (nxpdev->timeout_changed == cmd_sent &&
1160 err == NXP_CRC_RX_ERROR) {
1161 nxpdev->fw_v3_offset_correction -= nxpdev->fw_v3_prev_sent;
1162 nxpdev->timeout_changed = not_changed;
1163 }
1164 if (nxpdev->baudrate_changed == cmd_sent &&
1165 err == NXP_CRC_RX_ERROR) {
1166 nxpdev->fw_v3_offset_correction -= nxpdev->fw_v3_prev_sent;
1167 nxpdev->baudrate_changed = not_changed;
1168 }
1169 goto free_skb;
1170 }
1171
1172 len = __le16_to_cpu(req->len);
1173
1174 if (nxpdev->timeout_changed != changed) {
1175 nxp_fw_change_timeout(hdev, len);
1176 nxpdev->timeout_changed = cmd_sent;
1177 goto free_skb;
1178 }
1179
1180 if (nxpdev->baudrate_changed != changed) {
1181 if (nxp_fw_change_baudrate(hdev, len)) {
1182 nxpdev->baudrate_changed = cmd_sent;
1183 serdev_device_set_baudrate(nxpdev->serdev,
1184 HCI_NXP_SEC_BAUDRATE);
1185 serdev_device_set_flow_control(nxpdev->serdev, true);
1186 nxpdev->current_baudrate = HCI_NXP_SEC_BAUDRATE;
1187 }
1188 goto free_skb;
1189 }
1190
1191 if (req->len == 0) {
1192 bt_dev_info(hdev, "FW Download Complete: %zu bytes",
1193 nxpdev->fw->size);
1194 clear_bit(BTNXPUART_FW_DOWNLOADING, &nxpdev->tx_state);
1195 wake_up_interruptible(&nxpdev->fw_dnld_done_wait_q);
1196 goto free_skb;
1197 }
1198
1199 offset = __le32_to_cpu(req->offset);
1200 if (offset < nxpdev->fw_v3_offset_correction) {
1201 /* This scenario should ideally never occur. But if it ever does,
1202 * FW is out of sync and needs a power cycle.
1203 */
1204 bt_dev_err(hdev, "Something went wrong during FW download");
1205 bt_dev_err(hdev, "Please power cycle and try again");
1206 goto free_skb;
1207 }
1208
1209 nxpdev->fw_dnld_v3_offset = offset - nxpdev->fw_v3_offset_correction;
1210 serdev_device_write_buf(nxpdev->serdev, nxpdev->fw->data +
1211 nxpdev->fw_dnld_v3_offset, len);
1212
1213 free_skb:
1214 nxpdev->fw_v3_prev_sent = len;
1215 kfree_skb(skb);
1216 return 0;
1217 }
1218
nxp_set_baudrate_cmd(struct hci_dev * hdev,void * data)1219 static int nxp_set_baudrate_cmd(struct hci_dev *hdev, void *data)
1220 {
1221 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
1222 __le32 new_baudrate = __cpu_to_le32(nxpdev->new_baudrate);
1223 struct ps_data *psdata = &nxpdev->psdata;
1224 struct sk_buff *skb;
1225 u8 *status;
1226
1227 if (!psdata)
1228 return 0;
1229
1230 skb = nxp_drv_send_cmd(hdev, HCI_NXP_SET_OPER_SPEED, 4, (u8 *)&new_baudrate);
1231 if (IS_ERR(skb)) {
1232 bt_dev_err(hdev, "Setting baudrate failed (%ld)", PTR_ERR(skb));
1233 return PTR_ERR(skb);
1234 }
1235
1236 status = (u8 *)skb_pull_data(skb, 1);
1237 if (status) {
1238 if (*status == 0) {
1239 serdev_device_set_baudrate(nxpdev->serdev, nxpdev->new_baudrate);
1240 nxpdev->current_baudrate = nxpdev->new_baudrate;
1241 }
1242 bt_dev_dbg(hdev, "Set baudrate response: status=%d, baudrate=%d",
1243 *status, nxpdev->new_baudrate);
1244 }
1245 kfree_skb(skb);
1246
1247 return 0;
1248 }
1249
nxp_check_boot_sign(struct btnxpuart_dev * nxpdev)1250 static int nxp_check_boot_sign(struct btnxpuart_dev *nxpdev)
1251 {
1252 serdev_device_set_baudrate(nxpdev->serdev, HCI_NXP_PRI_BAUDRATE);
1253 if (ind_reset_in_progress(nxpdev))
1254 serdev_device_set_flow_control(nxpdev->serdev, false);
1255 else
1256 serdev_device_set_flow_control(nxpdev->serdev, true);
1257 set_bit(BTNXPUART_CHECK_BOOT_SIGNATURE, &nxpdev->tx_state);
1258
1259 return wait_event_interruptible_timeout(nxpdev->check_boot_sign_wait_q,
1260 !test_bit(BTNXPUART_CHECK_BOOT_SIGNATURE,
1261 &nxpdev->tx_state),
1262 msecs_to_jiffies(1000));
1263 }
1264
nxp_set_ind_reset(struct hci_dev * hdev,void * data)1265 static int nxp_set_ind_reset(struct hci_dev *hdev, void *data)
1266 {
1267 static const u8 ir_hw_err[] = { HCI_EV_HARDWARE_ERROR,
1268 0x01, BTNXPUART_IR_HW_ERR };
1269 struct sk_buff *skb;
1270
1271 skb = bt_skb_alloc(3, GFP_ATOMIC);
1272 if (!skb)
1273 return -ENOMEM;
1274
1275 hci_skb_pkt_type(skb) = HCI_EVENT_PKT;
1276 skb_put_data(skb, ir_hw_err, 3);
1277
1278 /* Inject Hardware Error to upper stack */
1279 return hci_recv_frame(hdev, skb);
1280 }
1281
1282 /* Firmware dump */
nxp_coredump(struct hci_dev * hdev)1283 static void nxp_coredump(struct hci_dev *hdev)
1284 {
1285 struct sk_buff *skb;
1286 u8 pcmd = 2;
1287
1288 skb = nxp_drv_send_cmd(hdev, HCI_NXP_TRIGGER_DUMP, 1, &pcmd);
1289 if (IS_ERR(skb))
1290 bt_dev_err(hdev, "Failed to trigger FW Dump. (%ld)", PTR_ERR(skb));
1291 else
1292 kfree_skb(skb);
1293 }
1294
nxp_coredump_hdr(struct hci_dev * hdev,struct sk_buff * skb)1295 static void nxp_coredump_hdr(struct hci_dev *hdev, struct sk_buff *skb)
1296 {
1297 /* Nothing to be added in FW dump header */
1298 }
1299
nxp_process_fw_dump(struct hci_dev * hdev,struct sk_buff * skb)1300 static int nxp_process_fw_dump(struct hci_dev *hdev, struct sk_buff *skb)
1301 {
1302 struct hci_acl_hdr *acl_hdr = (struct hci_acl_hdr *)skb_pull_data(skb,
1303 sizeof(*acl_hdr));
1304 struct nxp_fw_dump_hdr *fw_dump_hdr = (struct nxp_fw_dump_hdr *)skb->data;
1305 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
1306 __u16 seq_num = __le16_to_cpu(fw_dump_hdr->seq_num);
1307 __u16 buf_len = __le16_to_cpu(fw_dump_hdr->buf_len);
1308 int err;
1309
1310 if (seq_num == 0x0001) {
1311 if (test_and_set_bit(BTNXPUART_FW_DUMP_IN_PROGRESS, &nxpdev->tx_state)) {
1312 bt_dev_err(hdev, "FW dump already in progress");
1313 goto free_skb;
1314 }
1315 bt_dev_warn(hdev, "==== Start FW dump ===");
1316 err = hci_devcd_init(hdev, NXP_FW_DUMP_SIZE);
1317 if (err < 0)
1318 goto free_skb;
1319
1320 schedule_delayed_work(&hdev->dump.dump_timeout,
1321 msecs_to_jiffies(20000));
1322 }
1323
1324 err = hci_devcd_append(hdev, skb_clone(skb, GFP_ATOMIC));
1325 if (err < 0)
1326 goto free_skb;
1327
1328 if (buf_len == 0) {
1329 bt_dev_warn(hdev, "==== FW dump complete ===");
1330 clear_bit(BTNXPUART_FW_DUMP_IN_PROGRESS, &nxpdev->tx_state);
1331 hci_devcd_complete(hdev);
1332 nxp_set_ind_reset(hdev, NULL);
1333 }
1334
1335 free_skb:
1336 kfree_skb(skb);
1337 return 0;
1338 }
1339
nxp_recv_acl_pkt(struct hci_dev * hdev,struct sk_buff * skb)1340 static int nxp_recv_acl_pkt(struct hci_dev *hdev, struct sk_buff *skb)
1341 {
1342 __u16 handle = __le16_to_cpu(hci_acl_hdr(skb)->handle);
1343
1344 /* FW dump chunks are ACL packets with conn handle 0xfff */
1345 if ((handle & 0x0FFF) == 0xFFF)
1346 return nxp_process_fw_dump(hdev, skb);
1347 else
1348 return hci_recv_frame(hdev, skb);
1349 }
1350
nxp_set_bdaddr(struct hci_dev * hdev,const bdaddr_t * bdaddr)1351 static int nxp_set_bdaddr(struct hci_dev *hdev, const bdaddr_t *bdaddr)
1352 {
1353 union nxp_set_bd_addr_payload pcmd;
1354 int err;
1355
1356 pcmd.data.param_id = 0xfe;
1357 pcmd.data.param_len = 6;
1358 memcpy(pcmd.data.param, bdaddr, 6);
1359
1360 /* BD address can be assigned only after first reset command. */
1361 err = __hci_cmd_sync_status(hdev, HCI_OP_RESET, 0, NULL,
1362 HCI_INIT_TIMEOUT);
1363 if (err) {
1364 bt_dev_err(hdev,
1365 "Reset before setting local-bd-addr failed (%d)",
1366 err);
1367 return err;
1368 }
1369
1370 err = __hci_cmd_sync_status(hdev, HCI_NXP_SET_BD_ADDR, sizeof(pcmd),
1371 pcmd.buf, HCI_CMD_TIMEOUT);
1372 if (err) {
1373 bt_dev_err(hdev, "Changing device address failed (%d)", err);
1374 return err;
1375 }
1376
1377 return 0;
1378 }
1379
1380 /* NXP protocol */
nxp_setup(struct hci_dev * hdev)1381 static int nxp_setup(struct hci_dev *hdev)
1382 {
1383 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
1384 int err = 0;
1385
1386 if (nxp_check_boot_sign(nxpdev)) {
1387 bt_dev_dbg(hdev, "Need FW Download.");
1388 err = nxp_download_firmware(hdev);
1389 if (err < 0)
1390 return err;
1391 } else {
1392 bt_dev_info(hdev, "FW already running.");
1393 clear_bit(BTNXPUART_FW_DOWNLOADING, &nxpdev->tx_state);
1394 }
1395
1396 serdev_device_set_baudrate(nxpdev->serdev, nxpdev->fw_init_baudrate);
1397 nxpdev->current_baudrate = nxpdev->fw_init_baudrate;
1398
1399 ps_init(hdev);
1400
1401 if (test_and_clear_bit(BTNXPUART_IR_IN_PROGRESS, &nxpdev->tx_state))
1402 hci_dev_clear_flag(hdev, HCI_SETUP);
1403
1404 return 0;
1405 }
1406
nxp_post_init(struct hci_dev * hdev)1407 static int nxp_post_init(struct hci_dev *hdev)
1408 {
1409 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
1410 struct ps_data *psdata = &nxpdev->psdata;
1411
1412 if (nxpdev->current_baudrate != HCI_NXP_SEC_BAUDRATE) {
1413 nxpdev->new_baudrate = HCI_NXP_SEC_BAUDRATE;
1414 nxp_set_baudrate_cmd(hdev, NULL);
1415 }
1416 if (psdata->cur_h2c_wakeupmode != psdata->h2c_wakeupmode)
1417 send_wakeup_method_cmd(hdev, NULL);
1418 if (psdata->cur_psmode != psdata->target_ps_mode)
1419 send_ps_cmd(hdev, NULL);
1420 return 0;
1421 }
1422
nxp_hw_err(struct hci_dev * hdev,u8 code)1423 static void nxp_hw_err(struct hci_dev *hdev, u8 code)
1424 {
1425 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
1426
1427 switch (code) {
1428 case BTNXPUART_IR_HW_ERR:
1429 set_bit(BTNXPUART_IR_IN_PROGRESS, &nxpdev->tx_state);
1430 hci_dev_set_flag(hdev, HCI_SETUP);
1431 break;
1432 default:
1433 break;
1434 }
1435 }
1436
nxp_shutdown(struct hci_dev * hdev)1437 static int nxp_shutdown(struct hci_dev *hdev)
1438 {
1439 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
1440 struct sk_buff *skb;
1441 u8 pcmd = 0;
1442
1443 if (ind_reset_in_progress(nxpdev)) {
1444 skb = nxp_drv_send_cmd(hdev, HCI_NXP_IND_RESET, 1, &pcmd);
1445 serdev_device_set_flow_control(nxpdev->serdev, false);
1446 set_bit(BTNXPUART_FW_DOWNLOADING, &nxpdev->tx_state);
1447 /* HCI_NXP_IND_RESET command may not returns any response */
1448 if (!IS_ERR(skb))
1449 kfree_skb(skb);
1450 }
1451
1452 return 0;
1453 }
1454
nxp_wakeup(struct hci_dev * hdev)1455 static bool nxp_wakeup(struct hci_dev *hdev)
1456 {
1457 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
1458 struct ps_data *psdata = &nxpdev->psdata;
1459
1460 if (psdata->c2h_wakeupmode != BT_HOST_WAKEUP_METHOD_NONE)
1461 return true;
1462
1463 return false;
1464 }
1465
nxp_reset(struct hci_dev * hdev)1466 static void nxp_reset(struct hci_dev *hdev)
1467 {
1468 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
1469
1470 if (!ind_reset_in_progress(nxpdev) && !fw_dump_in_progress(nxpdev)) {
1471 bt_dev_dbg(hdev, "CMD Timeout detected. Resetting.");
1472 nxp_set_ind_reset(hdev, NULL);
1473 }
1474 }
1475
btnxpuart_queue_skb(struct hci_dev * hdev,struct sk_buff * skb)1476 static int btnxpuart_queue_skb(struct hci_dev *hdev, struct sk_buff *skb)
1477 {
1478 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
1479
1480 /* Prepend skb with frame type */
1481 memcpy(skb_push(skb, 1), &hci_skb_pkt_type(skb), 1);
1482 skb_queue_tail(&nxpdev->txq, skb);
1483 btnxpuart_tx_wakeup(nxpdev);
1484 return 0;
1485 }
1486
nxp_enqueue(struct hci_dev * hdev,struct sk_buff * skb)1487 static int nxp_enqueue(struct hci_dev *hdev, struct sk_buff *skb)
1488 {
1489 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
1490 struct ps_data *psdata = &nxpdev->psdata;
1491 struct hci_command_hdr *hdr;
1492 struct psmode_cmd_payload ps_parm;
1493 struct wakeup_cmd_payload wakeup_parm;
1494 __le32 baudrate_parm;
1495
1496 if (fw_dump_in_progress(nxpdev))
1497 return -EBUSY;
1498
1499 /* if vendor commands are received from user space (e.g. hcitool), update
1500 * driver flags accordingly and ask driver to re-send the command to FW.
1501 * In case the payload for any command does not match expected payload
1502 * length, let the firmware and user space program handle it, or throw
1503 * an error.
1504 */
1505 if (bt_cb(skb)->pkt_type == HCI_COMMAND_PKT && !psdata->driver_sent_cmd) {
1506 hdr = (struct hci_command_hdr *)skb->data;
1507 if (hdr->plen != (skb->len - HCI_COMMAND_HDR_SIZE))
1508 return btnxpuart_queue_skb(hdev, skb);
1509
1510 switch (__le16_to_cpu(hdr->opcode)) {
1511 case HCI_NXP_AUTO_SLEEP_MODE:
1512 if (hdr->plen == sizeof(ps_parm)) {
1513 memcpy(&ps_parm, skb->data + HCI_COMMAND_HDR_SIZE, hdr->plen);
1514 if (ps_parm.ps_cmd == BT_PS_ENABLE)
1515 psdata->target_ps_mode = PS_MODE_ENABLE;
1516 else if (ps_parm.ps_cmd == BT_PS_DISABLE)
1517 psdata->target_ps_mode = PS_MODE_DISABLE;
1518 psdata->c2h_ps_interval = __le16_to_cpu(ps_parm.c2h_ps_interval);
1519 hci_cmd_sync_queue(hdev, send_ps_cmd, NULL, NULL);
1520 goto free_skb;
1521 }
1522 break;
1523 case HCI_NXP_WAKEUP_METHOD:
1524 if (hdr->plen == sizeof(wakeup_parm)) {
1525 memcpy(&wakeup_parm, skb->data + HCI_COMMAND_HDR_SIZE, hdr->plen);
1526 psdata->c2h_wakeupmode = wakeup_parm.c2h_wakeupmode;
1527 psdata->c2h_wakeup_gpio = wakeup_parm.c2h_wakeup_gpio;
1528 psdata->h2c_wakeup_gpio = wakeup_parm.h2c_wakeup_gpio;
1529 switch (wakeup_parm.h2c_wakeupmode) {
1530 case BT_CTRL_WAKEUP_METHOD_GPIO:
1531 psdata->h2c_wakeupmode = WAKEUP_METHOD_GPIO;
1532 break;
1533 case BT_CTRL_WAKEUP_METHOD_DSR:
1534 psdata->h2c_wakeupmode = WAKEUP_METHOD_DTR;
1535 break;
1536 case BT_CTRL_WAKEUP_METHOD_BREAK:
1537 default:
1538 psdata->h2c_wakeupmode = WAKEUP_METHOD_BREAK;
1539 break;
1540 }
1541 hci_cmd_sync_queue(hdev, send_wakeup_method_cmd, NULL, NULL);
1542 goto free_skb;
1543 }
1544 break;
1545 case HCI_NXP_SET_OPER_SPEED:
1546 if (hdr->plen == sizeof(baudrate_parm)) {
1547 memcpy(&baudrate_parm, skb->data + HCI_COMMAND_HDR_SIZE, hdr->plen);
1548 nxpdev->new_baudrate = __le32_to_cpu(baudrate_parm);
1549 hci_cmd_sync_queue(hdev, nxp_set_baudrate_cmd, NULL, NULL);
1550 goto free_skb;
1551 }
1552 break;
1553 case HCI_NXP_IND_RESET:
1554 if (hdr->plen == 1) {
1555 hci_cmd_sync_queue(hdev, nxp_set_ind_reset, NULL, NULL);
1556 goto free_skb;
1557 }
1558 break;
1559 default:
1560 break;
1561 }
1562 }
1563
1564 return btnxpuart_queue_skb(hdev, skb);
1565
1566 free_skb:
1567 kfree_skb(skb);
1568 return 0;
1569 }
1570
nxp_dequeue(void * data)1571 static struct sk_buff *nxp_dequeue(void *data)
1572 {
1573 struct btnxpuart_dev *nxpdev = (struct btnxpuart_dev *)data;
1574
1575 ps_start_timer(nxpdev);
1576 return skb_dequeue(&nxpdev->txq);
1577 }
1578
1579 /* btnxpuart based on serdev */
btnxpuart_tx_work(struct work_struct * work)1580 static void btnxpuart_tx_work(struct work_struct *work)
1581 {
1582 struct btnxpuart_dev *nxpdev = container_of(work, struct btnxpuart_dev,
1583 tx_work);
1584 struct serdev_device *serdev = nxpdev->serdev;
1585 struct hci_dev *hdev = nxpdev->hdev;
1586 struct sk_buff *skb;
1587 int len;
1588
1589 if (ps_wakeup(nxpdev))
1590 return;
1591
1592 while ((skb = nxp_dequeue(nxpdev))) {
1593 len = serdev_device_write_buf(serdev, skb->data, skb->len);
1594 hdev->stat.byte_tx += len;
1595
1596 skb_pull(skb, len);
1597 if (skb->len > 0) {
1598 skb_queue_head(&nxpdev->txq, skb);
1599 continue;
1600 }
1601
1602 switch (hci_skb_pkt_type(skb)) {
1603 case HCI_COMMAND_PKT:
1604 hdev->stat.cmd_tx++;
1605 break;
1606 case HCI_ACLDATA_PKT:
1607 hdev->stat.acl_tx++;
1608 break;
1609 case HCI_SCODATA_PKT:
1610 hdev->stat.sco_tx++;
1611 break;
1612 }
1613
1614 kfree_skb(skb);
1615 }
1616 clear_bit(BTNXPUART_TX_STATE_ACTIVE, &nxpdev->tx_state);
1617 }
1618
btnxpuart_open(struct hci_dev * hdev)1619 static int btnxpuart_open(struct hci_dev *hdev)
1620 {
1621 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
1622 int err = 0;
1623
1624 err = serdev_device_open(nxpdev->serdev);
1625 if (err) {
1626 bt_dev_err(hdev, "Unable to open UART device %s",
1627 dev_name(&nxpdev->serdev->dev));
1628 } else {
1629 set_bit(BTNXPUART_SERDEV_OPEN, &nxpdev->tx_state);
1630 }
1631 return err;
1632 }
1633
btnxpuart_close(struct hci_dev * hdev)1634 static int btnxpuart_close(struct hci_dev *hdev)
1635 {
1636 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
1637
1638 serdev_device_close(nxpdev->serdev);
1639 skb_queue_purge(&nxpdev->txq);
1640 if (!IS_ERR_OR_NULL(nxpdev->rx_skb)) {
1641 kfree_skb(nxpdev->rx_skb);
1642 nxpdev->rx_skb = NULL;
1643 }
1644 clear_bit(BTNXPUART_SERDEV_OPEN, &nxpdev->tx_state);
1645 return 0;
1646 }
1647
btnxpuart_flush(struct hci_dev * hdev)1648 static int btnxpuart_flush(struct hci_dev *hdev)
1649 {
1650 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev);
1651
1652 /* Flush any pending characters */
1653 serdev_device_write_flush(nxpdev->serdev);
1654 skb_queue_purge(&nxpdev->txq);
1655
1656 cancel_work_sync(&nxpdev->tx_work);
1657
1658 if (!IS_ERR_OR_NULL(nxpdev->rx_skb)) {
1659 kfree_skb(nxpdev->rx_skb);
1660 nxpdev->rx_skb = NULL;
1661 }
1662
1663 return 0;
1664 }
1665
1666 static const struct h4_recv_pkt nxp_recv_pkts[] = {
1667 { H4_RECV_ACL, .recv = nxp_recv_acl_pkt },
1668 { H4_RECV_SCO, .recv = hci_recv_frame },
1669 { H4_RECV_EVENT, .recv = hci_recv_frame },
1670 { H4_RECV_ISO, .recv = hci_recv_frame },
1671 { NXP_RECV_CHIP_VER_V1, .recv = nxp_recv_chip_ver_v1 },
1672 { NXP_RECV_FW_REQ_V1, .recv = nxp_recv_fw_req_v1 },
1673 { NXP_RECV_CHIP_VER_V3, .recv = nxp_recv_chip_ver_v3 },
1674 { NXP_RECV_FW_REQ_V3, .recv = nxp_recv_fw_req_v3 },
1675 };
1676
btnxpuart_receive_buf(struct serdev_device * serdev,const u8 * data,size_t count)1677 static size_t btnxpuart_receive_buf(struct serdev_device *serdev,
1678 const u8 *data, size_t count)
1679 {
1680 struct btnxpuart_dev *nxpdev = serdev_device_get_drvdata(serdev);
1681
1682 ps_start_timer(nxpdev);
1683
1684 nxpdev->rx_skb = h4_recv_buf(nxpdev->hdev, nxpdev->rx_skb, data, count,
1685 nxp_recv_pkts, ARRAY_SIZE(nxp_recv_pkts));
1686 if (IS_ERR(nxpdev->rx_skb)) {
1687 int err = PTR_ERR(nxpdev->rx_skb);
1688 /* Safe to ignore out-of-sync bootloader signatures */
1689 if (!is_fw_downloading(nxpdev) &&
1690 !ind_reset_in_progress(nxpdev))
1691 bt_dev_err(nxpdev->hdev, "Frame reassembly failed (%d)", err);
1692 return count;
1693 }
1694 if (!is_fw_downloading(nxpdev) &&
1695 !ind_reset_in_progress(nxpdev))
1696 nxpdev->hdev->stat.byte_rx += count;
1697 return count;
1698 }
1699
btnxpuart_write_wakeup(struct serdev_device * serdev)1700 static void btnxpuart_write_wakeup(struct serdev_device *serdev)
1701 {
1702 serdev_device_write_wakeup(serdev);
1703 }
1704
1705 static const struct serdev_device_ops btnxpuart_client_ops = {
1706 .receive_buf = btnxpuart_receive_buf,
1707 .write_wakeup = btnxpuart_write_wakeup,
1708 };
1709
nxp_serdev_probe(struct serdev_device * serdev)1710 static int nxp_serdev_probe(struct serdev_device *serdev)
1711 {
1712 struct hci_dev *hdev;
1713 struct btnxpuart_dev *nxpdev;
1714 bdaddr_t ba = {0};
1715
1716 nxpdev = devm_kzalloc(&serdev->dev, sizeof(*nxpdev), GFP_KERNEL);
1717 if (!nxpdev)
1718 return -ENOMEM;
1719
1720 nxpdev->nxp_data = (struct btnxpuart_data *)device_get_match_data(&serdev->dev);
1721
1722 nxpdev->serdev = serdev;
1723 serdev_device_set_drvdata(serdev, nxpdev);
1724
1725 serdev_device_set_client_ops(serdev, &btnxpuart_client_ops);
1726
1727 INIT_WORK(&nxpdev->tx_work, btnxpuart_tx_work);
1728 skb_queue_head_init(&nxpdev->txq);
1729
1730 init_waitqueue_head(&nxpdev->fw_dnld_done_wait_q);
1731 init_waitqueue_head(&nxpdev->check_boot_sign_wait_q);
1732
1733 device_property_read_u32(&nxpdev->serdev->dev, "fw-init-baudrate",
1734 &nxpdev->fw_init_baudrate);
1735 if (!nxpdev->fw_init_baudrate)
1736 nxpdev->fw_init_baudrate = FW_INIT_BAUDRATE;
1737
1738 set_bit(BTNXPUART_FW_DOWNLOADING, &nxpdev->tx_state);
1739
1740 crc8_populate_msb(crc8_table, POLYNOMIAL8);
1741
1742 /* Initialize and register HCI device */
1743 hdev = hci_alloc_dev();
1744 if (!hdev) {
1745 dev_err(&serdev->dev, "Can't allocate HCI device\n");
1746 return -ENOMEM;
1747 }
1748
1749 nxpdev->hdev = hdev;
1750
1751 hdev->bus = HCI_UART;
1752 hci_set_drvdata(hdev, nxpdev);
1753
1754 hdev->manufacturer = MANUFACTURER_NXP;
1755 hdev->open = btnxpuart_open;
1756 hdev->close = btnxpuart_close;
1757 hdev->flush = btnxpuart_flush;
1758 hdev->setup = nxp_setup;
1759 hdev->post_init = nxp_post_init;
1760 hdev->send = nxp_enqueue;
1761 hdev->hw_error = nxp_hw_err;
1762 hdev->shutdown = nxp_shutdown;
1763 hdev->wakeup = nxp_wakeup;
1764 hdev->reset = nxp_reset;
1765 hdev->set_bdaddr = nxp_set_bdaddr;
1766 SET_HCIDEV_DEV(hdev, &serdev->dev);
1767
1768 device_property_read_u8_array(&nxpdev->serdev->dev,
1769 "local-bd-address",
1770 (u8 *)&ba, sizeof(ba));
1771 if (bacmp(&ba, BDADDR_ANY))
1772 set_bit(HCI_QUIRK_USE_BDADDR_PROPERTY, &hdev->quirks);
1773
1774 if (hci_register_dev(hdev) < 0) {
1775 dev_err(&serdev->dev, "Can't register HCI device\n");
1776 goto probe_fail;
1777 }
1778
1779 if (ps_setup(hdev))
1780 goto probe_fail;
1781
1782 hci_devcd_register(hdev, nxp_coredump, nxp_coredump_hdr, NULL);
1783
1784 return 0;
1785
1786 probe_fail:
1787 hci_free_dev(hdev);
1788 return -ENODEV;
1789 }
1790
nxp_serdev_remove(struct serdev_device * serdev)1791 static void nxp_serdev_remove(struct serdev_device *serdev)
1792 {
1793 struct btnxpuart_dev *nxpdev = serdev_device_get_drvdata(serdev);
1794 struct hci_dev *hdev = nxpdev->hdev;
1795
1796 if (is_fw_downloading(nxpdev)) {
1797 set_bit(BTNXPUART_FW_DOWNLOAD_ABORT, &nxpdev->tx_state);
1798 clear_bit(BTNXPUART_FW_DOWNLOADING, &nxpdev->tx_state);
1799 wake_up_interruptible(&nxpdev->check_boot_sign_wait_q);
1800 wake_up_interruptible(&nxpdev->fw_dnld_done_wait_q);
1801 } else {
1802 /* Restore FW baudrate to fw_init_baudrate if changed.
1803 * This will ensure FW baudrate is in sync with
1804 * driver baudrate in case this driver is re-inserted.
1805 */
1806 if (nxpdev->current_baudrate != nxpdev->fw_init_baudrate) {
1807 nxpdev->new_baudrate = nxpdev->fw_init_baudrate;
1808 nxp_set_baudrate_cmd(hdev, NULL);
1809 }
1810 }
1811
1812 ps_cleanup(nxpdev);
1813 hci_unregister_dev(hdev);
1814 hci_free_dev(hdev);
1815 }
1816
1817 #ifdef CONFIG_PM_SLEEP
nxp_serdev_suspend(struct device * dev)1818 static int nxp_serdev_suspend(struct device *dev)
1819 {
1820 struct btnxpuart_dev *nxpdev = dev_get_drvdata(dev);
1821 struct ps_data *psdata = &nxpdev->psdata;
1822
1823 ps_control(psdata->hdev, PS_STATE_SLEEP);
1824 return 0;
1825 }
1826
nxp_serdev_resume(struct device * dev)1827 static int nxp_serdev_resume(struct device *dev)
1828 {
1829 struct btnxpuart_dev *nxpdev = dev_get_drvdata(dev);
1830 struct ps_data *psdata = &nxpdev->psdata;
1831
1832 ps_control(psdata->hdev, PS_STATE_AWAKE);
1833 return 0;
1834 }
1835 #endif
1836
1837 #ifdef CONFIG_DEV_COREDUMP
nxp_serdev_coredump(struct device * dev)1838 static void nxp_serdev_coredump(struct device *dev)
1839 {
1840 struct btnxpuart_dev *nxpdev = dev_get_drvdata(dev);
1841 struct hci_dev *hdev = nxpdev->hdev;
1842
1843 if (hdev->dump.coredump)
1844 hdev->dump.coredump(hdev);
1845 }
1846 #endif
1847
1848 static struct btnxpuart_data w8987_data __maybe_unused = {
1849 .helper_fw_name = NULL,
1850 .fw_name = FIRMWARE_W8987,
1851 .fw_name_old = FIRMWARE_W8987_OLD,
1852 };
1853
1854 static struct btnxpuart_data w8997_data __maybe_unused = {
1855 .helper_fw_name = FIRMWARE_HELPER,
1856 .fw_name = FIRMWARE_W8997,
1857 .fw_name_old = FIRMWARE_W8997_OLD,
1858 };
1859
1860 static const struct of_device_id nxpuart_of_match_table[] __maybe_unused = {
1861 { .compatible = "nxp,88w8987-bt", .data = &w8987_data },
1862 { .compatible = "nxp,88w8997-bt", .data = &w8997_data },
1863 { }
1864 };
1865 MODULE_DEVICE_TABLE(of, nxpuart_of_match_table);
1866
1867 static const struct dev_pm_ops nxp_pm_ops = {
1868 SET_SYSTEM_SLEEP_PM_OPS(nxp_serdev_suspend, nxp_serdev_resume)
1869 };
1870
1871 static struct serdev_device_driver nxp_serdev_driver = {
1872 .probe = nxp_serdev_probe,
1873 .remove = nxp_serdev_remove,
1874 .driver = {
1875 .name = "btnxpuart",
1876 .of_match_table = of_match_ptr(nxpuart_of_match_table),
1877 .pm = &nxp_pm_ops,
1878 #ifdef CONFIG_DEV_COREDUMP
1879 .coredump = nxp_serdev_coredump,
1880 #endif
1881 },
1882 };
1883
1884 module_serdev_device_driver(nxp_serdev_driver);
1885
1886 MODULE_AUTHOR("Neeraj Sanjay Kale <neeraj.sanjaykale@nxp.com>");
1887 MODULE_DESCRIPTION("NXP Bluetooth Serial driver");
1888 MODULE_LICENSE("GPL");
1889