1 // SPDX-License-Identifier: ISC
2 /* Copyright (C) 2021 MediaTek Inc.
3 *
4 */
5 #include <linux/module.h>
6 #include <linux/firmware.h>
7 #include <linux/usb.h>
8 #include <linux/iopoll.h>
9 #include <linux/unaligned.h>
10
11 #include <net/bluetooth/bluetooth.h>
12 #include <net/bluetooth/hci_core.h>
13
14 #include "btmtk.h"
15
16 #define VERSION "0.1"
17
18 /* It is for mt79xx download rom patch*/
19 #define MTK_FW_ROM_PATCH_HEADER_SIZE 32
20 #define MTK_FW_ROM_PATCH_GD_SIZE 64
21 #define MTK_FW_ROM_PATCH_SEC_MAP_SIZE 64
22 #define MTK_SEC_MAP_COMMON_SIZE 12
23 #define MTK_SEC_MAP_NEED_SEND_SIZE 52
24
25 /* It is for mt79xx iso data transmission setting */
26 #define MTK_ISO_THRESHOLD 264
27
28 struct btmtk_patch_header {
29 u8 datetime[16];
30 u8 platform[4];
31 __le16 hwver;
32 __le16 swver;
33 __le32 magicnum;
34 } __packed;
35
36 struct btmtk_global_desc {
37 __le32 patch_ver;
38 __le32 sub_sys;
39 __le32 feature_opt;
40 __le32 section_num;
41 } __packed;
42
43 struct btmtk_section_map {
44 __le32 sectype;
45 __le32 secoffset;
46 __le32 secsize;
47 union {
48 __le32 u4SecSpec[13];
49 struct {
50 __le32 dlAddr;
51 __le32 dlsize;
52 __le32 seckeyidx;
53 __le32 alignlen;
54 __le32 sectype;
55 __le32 dlmodecrctype;
56 __le32 crc;
57 __le32 reserved[6];
58 } bin_info_spec;
59 };
60 } __packed;
61
btmtk_coredump(struct hci_dev * hdev)62 static void btmtk_coredump(struct hci_dev *hdev)
63 {
64 int err;
65
66 err = __hci_cmd_send(hdev, 0xfd5b, 0, NULL);
67 if (err < 0)
68 bt_dev_err(hdev, "Coredump failed (%d)", err);
69 }
70
btmtk_coredump_hdr(struct hci_dev * hdev,struct sk_buff * skb)71 static void btmtk_coredump_hdr(struct hci_dev *hdev, struct sk_buff *skb)
72 {
73 struct btmtk_data *data = hci_get_priv(hdev);
74 char buf[80];
75
76 snprintf(buf, sizeof(buf), "Controller Name: 0x%X\n",
77 data->dev_id);
78 skb_put_data(skb, buf, strlen(buf));
79
80 snprintf(buf, sizeof(buf), "Firmware Version: 0x%X\n",
81 data->cd_info.fw_version);
82 skb_put_data(skb, buf, strlen(buf));
83
84 snprintf(buf, sizeof(buf), "Driver: %s\n",
85 data->cd_info.driver_name);
86 skb_put_data(skb, buf, strlen(buf));
87
88 snprintf(buf, sizeof(buf), "Vendor: MediaTek\n");
89 skb_put_data(skb, buf, strlen(buf));
90 }
91
btmtk_coredump_notify(struct hci_dev * hdev,int state)92 static void btmtk_coredump_notify(struct hci_dev *hdev, int state)
93 {
94 struct btmtk_data *data = hci_get_priv(hdev);
95
96 switch (state) {
97 case HCI_DEVCOREDUMP_IDLE:
98 data->cd_info.state = HCI_DEVCOREDUMP_IDLE;
99 break;
100 case HCI_DEVCOREDUMP_ACTIVE:
101 data->cd_info.state = HCI_DEVCOREDUMP_ACTIVE;
102 break;
103 case HCI_DEVCOREDUMP_TIMEOUT:
104 case HCI_DEVCOREDUMP_ABORT:
105 case HCI_DEVCOREDUMP_DONE:
106 data->cd_info.state = HCI_DEVCOREDUMP_IDLE;
107 btmtk_reset_sync(hdev);
108 break;
109 }
110 }
111
btmtk_fw_get_filename(char * buf,size_t size,u32 dev_id,u32 fw_ver,u32 fw_flavor)112 void btmtk_fw_get_filename(char *buf, size_t size, u32 dev_id, u32 fw_ver,
113 u32 fw_flavor)
114 {
115 if (dev_id == 0x7925)
116 snprintf(buf, size,
117 "mediatek/mt%04x/BT_RAM_CODE_MT%04x_1_%x_hdr.bin",
118 dev_id & 0xffff, dev_id & 0xffff, (fw_ver & 0xff) + 1);
119 else if (dev_id == 0x7961 && fw_flavor)
120 snprintf(buf, size,
121 "mediatek/BT_RAM_CODE_MT%04x_1a_%x_hdr.bin",
122 dev_id & 0xffff, (fw_ver & 0xff) + 1);
123 else
124 snprintf(buf, size,
125 "mediatek/BT_RAM_CODE_MT%04x_1_%x_hdr.bin",
126 dev_id & 0xffff, (fw_ver & 0xff) + 1);
127 }
128 EXPORT_SYMBOL_GPL(btmtk_fw_get_filename);
129
btmtk_setup_firmware_79xx(struct hci_dev * hdev,const char * fwname,wmt_cmd_sync_func_t wmt_cmd_sync)130 int btmtk_setup_firmware_79xx(struct hci_dev *hdev, const char *fwname,
131 wmt_cmd_sync_func_t wmt_cmd_sync)
132 {
133 struct btmtk_hci_wmt_params wmt_params;
134 struct btmtk_patch_header *hdr;
135 struct btmtk_global_desc *globaldesc = NULL;
136 struct btmtk_section_map *sectionmap;
137 const struct firmware *fw;
138 const u8 *fw_ptr;
139 const u8 *fw_bin_ptr;
140 int err, dlen, i, status;
141 u8 flag, first_block, retry;
142 u32 section_num, dl_size, section_offset;
143 u8 cmd[64];
144
145 err = request_firmware(&fw, fwname, &hdev->dev);
146 if (err < 0) {
147 bt_dev_err(hdev, "Failed to load firmware file (%d)", err);
148 return err;
149 }
150
151 fw_ptr = fw->data;
152 fw_bin_ptr = fw_ptr;
153 hdr = (struct btmtk_patch_header *)fw_ptr;
154 globaldesc = (struct btmtk_global_desc *)(fw_ptr + MTK_FW_ROM_PATCH_HEADER_SIZE);
155 section_num = le32_to_cpu(globaldesc->section_num);
156
157 bt_dev_info(hdev, "HW/SW Version: 0x%04x%04x, Build Time: %s",
158 le16_to_cpu(hdr->hwver), le16_to_cpu(hdr->swver), hdr->datetime);
159
160 for (i = 0; i < section_num; i++) {
161 first_block = 1;
162 fw_ptr = fw_bin_ptr;
163 sectionmap = (struct btmtk_section_map *)(fw_ptr + MTK_FW_ROM_PATCH_HEADER_SIZE +
164 MTK_FW_ROM_PATCH_GD_SIZE + MTK_FW_ROM_PATCH_SEC_MAP_SIZE * i);
165
166 section_offset = le32_to_cpu(sectionmap->secoffset);
167 dl_size = le32_to_cpu(sectionmap->bin_info_spec.dlsize);
168
169 if (dl_size > 0) {
170 retry = 20;
171 while (retry > 0) {
172 cmd[0] = 0; /* 0 means legacy dl mode. */
173 memcpy(cmd + 1,
174 fw_ptr + MTK_FW_ROM_PATCH_HEADER_SIZE +
175 MTK_FW_ROM_PATCH_GD_SIZE +
176 MTK_FW_ROM_PATCH_SEC_MAP_SIZE * i +
177 MTK_SEC_MAP_COMMON_SIZE,
178 MTK_SEC_MAP_NEED_SEND_SIZE + 1);
179
180 wmt_params.op = BTMTK_WMT_PATCH_DWNLD;
181 wmt_params.status = &status;
182 wmt_params.flag = 0;
183 wmt_params.dlen = MTK_SEC_MAP_NEED_SEND_SIZE + 1;
184 wmt_params.data = &cmd;
185
186 err = wmt_cmd_sync(hdev, &wmt_params);
187 if (err < 0) {
188 bt_dev_err(hdev, "Failed to send wmt patch dwnld (%d)",
189 err);
190 goto err_release_fw;
191 }
192
193 if (status == BTMTK_WMT_PATCH_UNDONE) {
194 break;
195 } else if (status == BTMTK_WMT_PATCH_PROGRESS) {
196 msleep(100);
197 retry--;
198 } else if (status == BTMTK_WMT_PATCH_DONE) {
199 goto next_section;
200 } else {
201 bt_dev_err(hdev, "Failed wmt patch dwnld status (%d)",
202 status);
203 err = -EIO;
204 goto err_release_fw;
205 }
206 }
207
208 fw_ptr += section_offset;
209 wmt_params.op = BTMTK_WMT_PATCH_DWNLD;
210 wmt_params.status = NULL;
211
212 while (dl_size > 0) {
213 dlen = min_t(int, 250, dl_size);
214 if (first_block == 1) {
215 flag = 1;
216 first_block = 0;
217 } else if (dl_size - dlen <= 0) {
218 flag = 3;
219 } else {
220 flag = 2;
221 }
222
223 wmt_params.flag = flag;
224 wmt_params.dlen = dlen;
225 wmt_params.data = fw_ptr;
226
227 err = wmt_cmd_sync(hdev, &wmt_params);
228 if (err < 0) {
229 bt_dev_err(hdev, "Failed to send wmt patch dwnld (%d)",
230 err);
231 goto err_release_fw;
232 }
233
234 dl_size -= dlen;
235 fw_ptr += dlen;
236 }
237 }
238 next_section:
239 continue;
240 }
241 /* Wait a few moments for firmware activation done */
242 usleep_range(100000, 120000);
243
244 err_release_fw:
245 release_firmware(fw);
246
247 return err;
248 }
249 EXPORT_SYMBOL_GPL(btmtk_setup_firmware_79xx);
250
btmtk_setup_firmware(struct hci_dev * hdev,const char * fwname,wmt_cmd_sync_func_t wmt_cmd_sync)251 int btmtk_setup_firmware(struct hci_dev *hdev, const char *fwname,
252 wmt_cmd_sync_func_t wmt_cmd_sync)
253 {
254 struct btmtk_hci_wmt_params wmt_params;
255 const struct firmware *fw;
256 const u8 *fw_ptr;
257 size_t fw_size;
258 int err, dlen;
259 u8 flag, param;
260
261 err = request_firmware(&fw, fwname, &hdev->dev);
262 if (err < 0) {
263 bt_dev_err(hdev, "Failed to load firmware file (%d)", err);
264 return err;
265 }
266
267 /* Power on data RAM the firmware relies on. */
268 param = 1;
269 wmt_params.op = BTMTK_WMT_FUNC_CTRL;
270 wmt_params.flag = 3;
271 wmt_params.dlen = sizeof(param);
272 wmt_params.data = ¶m;
273 wmt_params.status = NULL;
274
275 err = wmt_cmd_sync(hdev, &wmt_params);
276 if (err < 0) {
277 bt_dev_err(hdev, "Failed to power on data RAM (%d)", err);
278 goto err_release_fw;
279 }
280
281 fw_ptr = fw->data;
282 fw_size = fw->size;
283
284 /* The size of patch header is 30 bytes, should be skip */
285 if (fw_size < 30) {
286 err = -EINVAL;
287 goto err_release_fw;
288 }
289
290 fw_size -= 30;
291 fw_ptr += 30;
292 flag = 1;
293
294 wmt_params.op = BTMTK_WMT_PATCH_DWNLD;
295 wmt_params.status = NULL;
296
297 while (fw_size > 0) {
298 dlen = min_t(int, 250, fw_size);
299
300 /* Tell device the position in sequence */
301 if (fw_size - dlen <= 0)
302 flag = 3;
303 else if (fw_size < fw->size - 30)
304 flag = 2;
305
306 wmt_params.flag = flag;
307 wmt_params.dlen = dlen;
308 wmt_params.data = fw_ptr;
309
310 err = wmt_cmd_sync(hdev, &wmt_params);
311 if (err < 0) {
312 bt_dev_err(hdev, "Failed to send wmt patch dwnld (%d)",
313 err);
314 goto err_release_fw;
315 }
316
317 fw_size -= dlen;
318 fw_ptr += dlen;
319 }
320
321 wmt_params.op = BTMTK_WMT_RST;
322 wmt_params.flag = 4;
323 wmt_params.dlen = 0;
324 wmt_params.data = NULL;
325 wmt_params.status = NULL;
326
327 /* Activate function the firmware providing to */
328 err = wmt_cmd_sync(hdev, &wmt_params);
329 if (err < 0) {
330 bt_dev_err(hdev, "Failed to send wmt rst (%d)", err);
331 goto err_release_fw;
332 }
333
334 /* Wait a few moments for firmware activation done */
335 usleep_range(10000, 12000);
336
337 err_release_fw:
338 release_firmware(fw);
339
340 return err;
341 }
342 EXPORT_SYMBOL_GPL(btmtk_setup_firmware);
343
btmtk_set_bdaddr(struct hci_dev * hdev,const bdaddr_t * bdaddr)344 int btmtk_set_bdaddr(struct hci_dev *hdev, const bdaddr_t *bdaddr)
345 {
346 struct sk_buff *skb;
347 long ret;
348
349 skb = __hci_cmd_sync(hdev, 0xfc1a, 6, bdaddr, HCI_INIT_TIMEOUT);
350 if (IS_ERR(skb)) {
351 ret = PTR_ERR(skb);
352 bt_dev_err(hdev, "changing Mediatek device address failed (%ld)",
353 ret);
354 return ret;
355 }
356 kfree_skb(skb);
357
358 return 0;
359 }
360 EXPORT_SYMBOL_GPL(btmtk_set_bdaddr);
361
btmtk_reset_sync(struct hci_dev * hdev)362 void btmtk_reset_sync(struct hci_dev *hdev)
363 {
364 struct btmtk_data *reset_work = hci_get_priv(hdev);
365 int err;
366
367 hci_dev_lock(hdev);
368
369 err = hci_cmd_sync_queue(hdev, reset_work->reset_sync, NULL, NULL);
370 if (err)
371 bt_dev_err(hdev, "failed to reset (%d)", err);
372
373 hci_dev_unlock(hdev);
374 }
375 EXPORT_SYMBOL_GPL(btmtk_reset_sync);
376
btmtk_register_coredump(struct hci_dev * hdev,const char * name,u32 fw_version)377 int btmtk_register_coredump(struct hci_dev *hdev, const char *name,
378 u32 fw_version)
379 {
380 struct btmtk_data *data = hci_get_priv(hdev);
381
382 if (!IS_ENABLED(CONFIG_DEV_COREDUMP))
383 return -EOPNOTSUPP;
384
385 data->cd_info.fw_version = fw_version;
386 data->cd_info.state = HCI_DEVCOREDUMP_IDLE;
387 data->cd_info.driver_name = name;
388
389 return hci_devcd_register(hdev, btmtk_coredump, btmtk_coredump_hdr,
390 btmtk_coredump_notify);
391 }
392 EXPORT_SYMBOL_GPL(btmtk_register_coredump);
393
btmtk_process_coredump(struct hci_dev * hdev,struct sk_buff * skb)394 int btmtk_process_coredump(struct hci_dev *hdev, struct sk_buff *skb)
395 {
396 struct btmtk_data *data = hci_get_priv(hdev);
397 int err;
398 bool complete = false;
399
400 if (!IS_ENABLED(CONFIG_DEV_COREDUMP)) {
401 kfree_skb(skb);
402 return 0;
403 }
404
405 switch (data->cd_info.state) {
406 case HCI_DEVCOREDUMP_IDLE:
407 err = hci_devcd_init(hdev, MTK_COREDUMP_SIZE);
408 if (err < 0) {
409 kfree_skb(skb);
410 break;
411 }
412 data->cd_info.cnt = 0;
413
414 /* It is supposed coredump can be done within 5 seconds */
415 schedule_delayed_work(&hdev->dump.dump_timeout,
416 msecs_to_jiffies(5000));
417 fallthrough;
418 case HCI_DEVCOREDUMP_ACTIVE:
419 default:
420 /* Mediatek coredump data would be more than MTK_COREDUMP_NUM */
421 if (data->cd_info.cnt >= MTK_COREDUMP_NUM &&
422 skb->len > MTK_COREDUMP_END_LEN)
423 if (!memcmp((char *)&skb->data[skb->len - MTK_COREDUMP_END_LEN],
424 MTK_COREDUMP_END, MTK_COREDUMP_END_LEN - 1))
425 complete = true;
426
427 err = hci_devcd_append(hdev, skb);
428 if (err < 0)
429 break;
430 data->cd_info.cnt++;
431
432 if (complete) {
433 bt_dev_info(hdev, "Mediatek coredump end");
434 hci_devcd_complete(hdev);
435 }
436
437 break;
438 }
439
440 return err;
441 }
442 EXPORT_SYMBOL_GPL(btmtk_process_coredump);
443
444 #if IS_ENABLED(CONFIG_BT_HCIBTUSB_MTK)
btmtk_usb_wmt_recv(struct urb * urb)445 static void btmtk_usb_wmt_recv(struct urb *urb)
446 {
447 struct hci_dev *hdev = urb->context;
448 struct btmtk_data *data = hci_get_priv(hdev);
449 struct sk_buff *skb;
450 int err;
451
452 if (urb->status == 0 && urb->actual_length > 0) {
453 hdev->stat.byte_rx += urb->actual_length;
454
455 /* WMT event shouldn't be fragmented and the size should be
456 * less than HCI_WMT_MAX_EVENT_SIZE.
457 */
458 skb = bt_skb_alloc(HCI_WMT_MAX_EVENT_SIZE, GFP_ATOMIC);
459 if (!skb) {
460 hdev->stat.err_rx++;
461 kfree(urb->setup_packet);
462 return;
463 }
464
465 hci_skb_pkt_type(skb) = HCI_EVENT_PKT;
466 skb_put_data(skb, urb->transfer_buffer, urb->actual_length);
467
468 /* When someone waits for the WMT event, the skb is being cloned
469 * and being processed the events from there then.
470 */
471 if (test_bit(BTMTK_TX_WAIT_VND_EVT, &data->flags)) {
472 data->evt_skb = skb_clone(skb, GFP_ATOMIC);
473 if (!data->evt_skb) {
474 kfree_skb(skb);
475 kfree(urb->setup_packet);
476 return;
477 }
478 }
479
480 err = hci_recv_frame(hdev, skb);
481 if (err < 0) {
482 kfree_skb(data->evt_skb);
483 data->evt_skb = NULL;
484 kfree(urb->setup_packet);
485 return;
486 }
487
488 if (test_and_clear_bit(BTMTK_TX_WAIT_VND_EVT,
489 &data->flags)) {
490 /* Barrier to sync with other CPUs */
491 smp_mb__after_atomic();
492 wake_up_bit(&data->flags,
493 BTMTK_TX_WAIT_VND_EVT);
494 }
495 kfree(urb->setup_packet);
496 return;
497 } else if (urb->status == -ENOENT) {
498 /* Avoid suspend failed when usb_kill_urb */
499 return;
500 }
501
502 usb_mark_last_busy(data->udev);
503
504 /* The URB complete handler is still called with urb->actual_length = 0
505 * when the event is not available, so we should keep re-submitting
506 * URB until WMT event returns, Also, It's necessary to wait some time
507 * between the two consecutive control URBs to relax the target device
508 * to generate the event. Otherwise, the WMT event cannot return from
509 * the device successfully.
510 */
511 udelay(500);
512
513 usb_anchor_urb(urb, data->ctrl_anchor);
514 err = usb_submit_urb(urb, GFP_ATOMIC);
515 if (err < 0) {
516 kfree(urb->setup_packet);
517 /* -EPERM: urb is being killed;
518 * -ENODEV: device got disconnected
519 */
520 if (err != -EPERM && err != -ENODEV)
521 bt_dev_err(hdev, "urb %p failed to resubmit (%d)",
522 urb, -err);
523 usb_unanchor_urb(urb);
524 }
525 }
526
btmtk_usb_submit_wmt_recv_urb(struct hci_dev * hdev)527 static int btmtk_usb_submit_wmt_recv_urb(struct hci_dev *hdev)
528 {
529 struct btmtk_data *data = hci_get_priv(hdev);
530 struct usb_ctrlrequest *dr;
531 unsigned char *buf;
532 int err, size = 64;
533 unsigned int pipe;
534 struct urb *urb;
535
536 urb = usb_alloc_urb(0, GFP_KERNEL);
537 if (!urb)
538 return -ENOMEM;
539
540 dr = kmalloc(sizeof(*dr), GFP_KERNEL);
541 if (!dr) {
542 usb_free_urb(urb);
543 return -ENOMEM;
544 }
545
546 dr->bRequestType = USB_TYPE_VENDOR | USB_DIR_IN;
547 dr->bRequest = 1;
548 dr->wIndex = cpu_to_le16(0);
549 dr->wValue = cpu_to_le16(48);
550 dr->wLength = cpu_to_le16(size);
551
552 buf = kmalloc(size, GFP_KERNEL);
553 if (!buf) {
554 kfree(dr);
555 usb_free_urb(urb);
556 return -ENOMEM;
557 }
558
559 pipe = usb_rcvctrlpipe(data->udev, 0);
560
561 usb_fill_control_urb(urb, data->udev, pipe, (void *)dr,
562 buf, size, btmtk_usb_wmt_recv, hdev);
563
564 urb->transfer_flags |= URB_FREE_BUFFER;
565
566 usb_anchor_urb(urb, data->ctrl_anchor);
567 err = usb_submit_urb(urb, GFP_KERNEL);
568 if (err < 0) {
569 if (err != -EPERM && err != -ENODEV)
570 bt_dev_err(hdev, "urb %p submission failed (%d)",
571 urb, -err);
572 usb_unanchor_urb(urb);
573 }
574
575 usb_free_urb(urb);
576
577 return err;
578 }
579
btmtk_usb_hci_wmt_sync(struct hci_dev * hdev,struct btmtk_hci_wmt_params * wmt_params)580 static int btmtk_usb_hci_wmt_sync(struct hci_dev *hdev,
581 struct btmtk_hci_wmt_params *wmt_params)
582 {
583 struct btmtk_data *data = hci_get_priv(hdev);
584 struct btmtk_hci_wmt_evt_funcc *wmt_evt_funcc;
585 u32 hlen, status = BTMTK_WMT_INVALID;
586 struct btmtk_hci_wmt_evt *wmt_evt;
587 struct btmtk_hci_wmt_cmd *wc;
588 struct btmtk_wmt_hdr *hdr;
589 int err;
590
591 /* Send the WMT command and wait until the WMT event returns */
592 hlen = sizeof(*hdr) + wmt_params->dlen;
593 if (hlen > 255)
594 return -EINVAL;
595
596 wc = kzalloc(hlen, GFP_KERNEL);
597 if (!wc)
598 return -ENOMEM;
599
600 hdr = &wc->hdr;
601 hdr->dir = 1;
602 hdr->op = wmt_params->op;
603 hdr->dlen = cpu_to_le16(wmt_params->dlen + 1);
604 hdr->flag = wmt_params->flag;
605 memcpy(wc->data, wmt_params->data, wmt_params->dlen);
606
607 set_bit(BTMTK_TX_WAIT_VND_EVT, &data->flags);
608
609 /* WMT cmd/event doesn't follow up the generic HCI cmd/event handling,
610 * it needs constantly polling control pipe until the host received the
611 * WMT event, thus, we should require to specifically acquire PM counter
612 * on the USB to prevent the interface from entering auto suspended
613 * while WMT cmd/event in progress.
614 */
615 err = usb_autopm_get_interface(data->intf);
616 if (err < 0)
617 goto err_free_wc;
618
619 err = __hci_cmd_send(hdev, 0xfc6f, hlen, wc);
620
621 if (err < 0) {
622 clear_bit(BTMTK_TX_WAIT_VND_EVT, &data->flags);
623 usb_autopm_put_interface(data->intf);
624 goto err_free_wc;
625 }
626
627 /* Submit control IN URB on demand to process the WMT event */
628 err = btmtk_usb_submit_wmt_recv_urb(hdev);
629
630 usb_autopm_put_interface(data->intf);
631
632 if (err < 0)
633 goto err_free_wc;
634
635 /* The vendor specific WMT commands are all answered by a vendor
636 * specific event and will have the Command Status or Command
637 * Complete as with usual HCI command flow control.
638 *
639 * After sending the command, wait for BTUSB_TX_WAIT_VND_EVT
640 * state to be cleared. The driver specific event receive routine
641 * will clear that state and with that indicate completion of the
642 * WMT command.
643 */
644 err = wait_on_bit_timeout(&data->flags, BTMTK_TX_WAIT_VND_EVT,
645 TASK_UNINTERRUPTIBLE, HCI_INIT_TIMEOUT);
646
647 if (err) {
648 bt_dev_err(hdev, "Execution of wmt command timed out");
649 clear_bit(BTMTK_TX_WAIT_VND_EVT, &data->flags);
650 err = -ETIMEDOUT;
651 goto err_free_wc;
652 }
653
654 if (data->evt_skb == NULL)
655 goto err_free_wc;
656
657 /* Parse and handle the return WMT event */
658 wmt_evt = (struct btmtk_hci_wmt_evt *)data->evt_skb->data;
659 if (wmt_evt->whdr.op != hdr->op) {
660 bt_dev_err(hdev, "Wrong op received %d expected %d",
661 wmt_evt->whdr.op, hdr->op);
662 err = -EIO;
663 goto err_free_skb;
664 }
665
666 switch (wmt_evt->whdr.op) {
667 case BTMTK_WMT_SEMAPHORE:
668 if (wmt_evt->whdr.flag == 2)
669 status = BTMTK_WMT_PATCH_UNDONE;
670 else
671 status = BTMTK_WMT_PATCH_DONE;
672 break;
673 case BTMTK_WMT_FUNC_CTRL:
674 wmt_evt_funcc = (struct btmtk_hci_wmt_evt_funcc *)wmt_evt;
675 if (be16_to_cpu(wmt_evt_funcc->status) == 0x404)
676 status = BTMTK_WMT_ON_DONE;
677 else if (be16_to_cpu(wmt_evt_funcc->status) == 0x420)
678 status = BTMTK_WMT_ON_PROGRESS;
679 else
680 status = BTMTK_WMT_ON_UNDONE;
681 break;
682 case BTMTK_WMT_PATCH_DWNLD:
683 if (wmt_evt->whdr.flag == 2)
684 status = BTMTK_WMT_PATCH_DONE;
685 else if (wmt_evt->whdr.flag == 1)
686 status = BTMTK_WMT_PATCH_PROGRESS;
687 else
688 status = BTMTK_WMT_PATCH_UNDONE;
689 break;
690 }
691
692 if (wmt_params->status)
693 *wmt_params->status = status;
694
695 err_free_skb:
696 kfree_skb(data->evt_skb);
697 data->evt_skb = NULL;
698 err_free_wc:
699 kfree(wc);
700 return err;
701 }
702
btmtk_usb_func_query(struct hci_dev * hdev)703 static int btmtk_usb_func_query(struct hci_dev *hdev)
704 {
705 struct btmtk_hci_wmt_params wmt_params;
706 int status, err;
707 u8 param = 0;
708
709 /* Query whether the function is enabled */
710 wmt_params.op = BTMTK_WMT_FUNC_CTRL;
711 wmt_params.flag = 4;
712 wmt_params.dlen = sizeof(param);
713 wmt_params.data = ¶m;
714 wmt_params.status = &status;
715
716 err = btmtk_usb_hci_wmt_sync(hdev, &wmt_params);
717 if (err < 0) {
718 bt_dev_err(hdev, "Failed to query function status (%d)", err);
719 return err;
720 }
721
722 return status;
723 }
724
btmtk_usb_uhw_reg_write(struct hci_dev * hdev,u32 reg,u32 val)725 static int btmtk_usb_uhw_reg_write(struct hci_dev *hdev, u32 reg, u32 val)
726 {
727 struct btmtk_data *data = hci_get_priv(hdev);
728 int pipe, err;
729 void *buf;
730
731 buf = kzalloc(4, GFP_KERNEL);
732 if (!buf)
733 return -ENOMEM;
734
735 put_unaligned_le32(val, buf);
736
737 pipe = usb_sndctrlpipe(data->udev, 0);
738 err = usb_control_msg(data->udev, pipe, 0x02,
739 0x5E,
740 reg >> 16, reg & 0xffff,
741 buf, 4, USB_CTRL_SET_TIMEOUT);
742 if (err < 0)
743 bt_dev_err(hdev, "Failed to write uhw reg(%d)", err);
744
745 kfree(buf);
746
747 return err;
748 }
749
btmtk_usb_uhw_reg_read(struct hci_dev * hdev,u32 reg,u32 * val)750 static int btmtk_usb_uhw_reg_read(struct hci_dev *hdev, u32 reg, u32 *val)
751 {
752 struct btmtk_data *data = hci_get_priv(hdev);
753 int pipe, err;
754 void *buf;
755
756 buf = kzalloc(4, GFP_KERNEL);
757 if (!buf)
758 return -ENOMEM;
759
760 pipe = usb_rcvctrlpipe(data->udev, 0);
761 err = usb_control_msg(data->udev, pipe, 0x01,
762 0xDE,
763 reg >> 16, reg & 0xffff,
764 buf, 4, USB_CTRL_GET_TIMEOUT);
765 if (err < 0) {
766 bt_dev_err(hdev, "Failed to read uhw reg(%d)", err);
767 goto err_free_buf;
768 }
769
770 *val = get_unaligned_le32(buf);
771 bt_dev_dbg(hdev, "reg=%x, value=0x%08x", reg, *val);
772
773 err_free_buf:
774 kfree(buf);
775
776 return err;
777 }
778
btmtk_usb_reg_read(struct hci_dev * hdev,u32 reg,u32 * val)779 static int btmtk_usb_reg_read(struct hci_dev *hdev, u32 reg, u32 *val)
780 {
781 struct btmtk_data *data = hci_get_priv(hdev);
782 int pipe, err, size = sizeof(u32);
783 void *buf;
784
785 buf = kzalloc(size, GFP_KERNEL);
786 if (!buf)
787 return -ENOMEM;
788
789 pipe = usb_rcvctrlpipe(data->udev, 0);
790 err = usb_control_msg(data->udev, pipe, 0x63,
791 USB_TYPE_VENDOR | USB_DIR_IN,
792 reg >> 16, reg & 0xffff,
793 buf, size, USB_CTRL_GET_TIMEOUT);
794 if (err < 0)
795 goto err_free_buf;
796
797 *val = get_unaligned_le32(buf);
798
799 err_free_buf:
800 kfree(buf);
801
802 return err;
803 }
804
btmtk_usb_id_get(struct hci_dev * hdev,u32 reg,u32 * id)805 static int btmtk_usb_id_get(struct hci_dev *hdev, u32 reg, u32 *id)
806 {
807 return btmtk_usb_reg_read(hdev, reg, id);
808 }
809
btmtk_usb_reset_done(struct hci_dev * hdev)810 static u32 btmtk_usb_reset_done(struct hci_dev *hdev)
811 {
812 u32 val = 0;
813
814 btmtk_usb_uhw_reg_read(hdev, MTK_BT_MISC, &val);
815
816 return val & MTK_BT_RST_DONE;
817 }
818
btmtk_usb_subsys_reset(struct hci_dev * hdev,u32 dev_id)819 int btmtk_usb_subsys_reset(struct hci_dev *hdev, u32 dev_id)
820 {
821 u32 val;
822 int err;
823
824 if (dev_id == 0x7922) {
825 err = btmtk_usb_uhw_reg_read(hdev, MTK_BT_SUBSYS_RST, &val);
826 if (err < 0)
827 return err;
828 val |= 0x00002020;
829 err = btmtk_usb_uhw_reg_write(hdev, MTK_BT_SUBSYS_RST, val);
830 if (err < 0)
831 return err;
832 err = btmtk_usb_uhw_reg_write(hdev, MTK_EP_RST_OPT, 0x00010001);
833 if (err < 0)
834 return err;
835 err = btmtk_usb_uhw_reg_read(hdev, MTK_BT_SUBSYS_RST, &val);
836 if (err < 0)
837 return err;
838 val |= BIT(0);
839 err = btmtk_usb_uhw_reg_write(hdev, MTK_BT_SUBSYS_RST, val);
840 if (err < 0)
841 return err;
842 msleep(100);
843 } else if (dev_id == 0x7925) {
844 err = btmtk_usb_uhw_reg_read(hdev, MTK_BT_RESET_REG_CONNV3, &val);
845 if (err < 0)
846 return err;
847 val |= (1 << 5);
848 err = btmtk_usb_uhw_reg_write(hdev, MTK_BT_RESET_REG_CONNV3, val);
849 if (err < 0)
850 return err;
851 err = btmtk_usb_uhw_reg_read(hdev, MTK_BT_RESET_REG_CONNV3, &val);
852 if (err < 0)
853 return err;
854 val &= 0xFFFF00FF;
855 val |= (1 << 13);
856 err = btmtk_usb_uhw_reg_write(hdev, MTK_BT_RESET_REG_CONNV3, val);
857 if (err < 0)
858 return err;
859 err = btmtk_usb_uhw_reg_write(hdev, MTK_EP_RST_OPT, 0x00010001);
860 if (err < 0)
861 return err;
862 err = btmtk_usb_uhw_reg_read(hdev, MTK_BT_RESET_REG_CONNV3, &val);
863 if (err < 0)
864 return err;
865 val |= (1 << 0);
866 err = btmtk_usb_uhw_reg_write(hdev, MTK_BT_RESET_REG_CONNV3, val);
867 if (err < 0)
868 return err;
869 err = btmtk_usb_uhw_reg_write(hdev, MTK_UDMA_INT_STA_BT, 0x000000FF);
870 if (err < 0)
871 return err;
872 err = btmtk_usb_uhw_reg_read(hdev, MTK_UDMA_INT_STA_BT, &val);
873 if (err < 0)
874 return err;
875 err = btmtk_usb_uhw_reg_write(hdev, MTK_UDMA_INT_STA_BT1, 0x000000FF);
876 if (err < 0)
877 return err;
878 err = btmtk_usb_uhw_reg_read(hdev, MTK_UDMA_INT_STA_BT1, &val);
879 if (err < 0)
880 return err;
881 msleep(100);
882 } else {
883 /* It's Device EndPoint Reset Option Register */
884 bt_dev_dbg(hdev, "Initiating reset mechanism via uhw");
885 err = btmtk_usb_uhw_reg_write(hdev, MTK_EP_RST_OPT, MTK_EP_RST_IN_OUT_OPT);
886 if (err < 0)
887 return err;
888 err = btmtk_usb_uhw_reg_read(hdev, MTK_BT_WDT_STATUS, &val);
889 if (err < 0)
890 return err;
891 /* Reset the bluetooth chip via USB interface. */
892 err = btmtk_usb_uhw_reg_write(hdev, MTK_BT_SUBSYS_RST, 1);
893 if (err < 0)
894 return err;
895 err = btmtk_usb_uhw_reg_write(hdev, MTK_UDMA_INT_STA_BT, 0x000000FF);
896 if (err < 0)
897 return err;
898 err = btmtk_usb_uhw_reg_read(hdev, MTK_UDMA_INT_STA_BT, &val);
899 if (err < 0)
900 return err;
901 err = btmtk_usb_uhw_reg_write(hdev, MTK_UDMA_INT_STA_BT1, 0x000000FF);
902 if (err < 0)
903 return err;
904 err = btmtk_usb_uhw_reg_read(hdev, MTK_UDMA_INT_STA_BT1, &val);
905 if (err < 0)
906 return err;
907 /* MT7921 need to delay 20ms between toggle reset bit */
908 msleep(20);
909 err = btmtk_usb_uhw_reg_write(hdev, MTK_BT_SUBSYS_RST, 0);
910 if (err < 0)
911 return err;
912 err = btmtk_usb_uhw_reg_read(hdev, MTK_BT_SUBSYS_RST, &val);
913 if (err < 0)
914 return err;
915 }
916
917 err = readx_poll_timeout(btmtk_usb_reset_done, hdev, val,
918 val & MTK_BT_RST_DONE, 20000, 1000000);
919 if (err < 0)
920 bt_dev_err(hdev, "Reset timeout");
921
922 if (dev_id == 0x7922) {
923 err = btmtk_usb_uhw_reg_write(hdev, MTK_UDMA_INT_STA_BT, 0x000000FF);
924 if (err < 0)
925 return err;
926 }
927
928 err = btmtk_usb_id_get(hdev, 0x70010200, &val);
929 if (err < 0 || !val)
930 bt_dev_err(hdev, "Can't get device id, subsys reset fail.");
931
932 return err;
933 }
934 EXPORT_SYMBOL_GPL(btmtk_usb_subsys_reset);
935
btmtk_usb_recv_acl(struct hci_dev * hdev,struct sk_buff * skb)936 int btmtk_usb_recv_acl(struct hci_dev *hdev, struct sk_buff *skb)
937 {
938 struct btmtk_data *data = hci_get_priv(hdev);
939 u16 handle = le16_to_cpu(hci_acl_hdr(skb)->handle);
940
941 switch (handle) {
942 case 0xfc6f: /* Firmware dump from device */
943 /* When the firmware hangs, the device can no longer
944 * suspend and thus disable auto-suspend.
945 */
946 usb_disable_autosuspend(data->udev);
947
948 /* We need to forward the diagnostic packet to userspace daemon
949 * for backward compatibility, so we have to clone the packet
950 * extraly for the in-kernel coredump support.
951 */
952 if (IS_ENABLED(CONFIG_DEV_COREDUMP)) {
953 struct sk_buff *skb_cd = skb_clone(skb, GFP_ATOMIC);
954
955 if (skb_cd)
956 btmtk_process_coredump(hdev, skb_cd);
957 }
958
959 fallthrough;
960 case 0x05ff: /* Firmware debug logging 1 */
961 case 0x05fe: /* Firmware debug logging 2 */
962 return hci_recv_diag(hdev, skb);
963 }
964
965 return hci_recv_frame(hdev, skb);
966 }
967 EXPORT_SYMBOL_GPL(btmtk_usb_recv_acl);
968
btmtk_isopkt_pad(struct hci_dev * hdev,struct sk_buff * skb)969 static int btmtk_isopkt_pad(struct hci_dev *hdev, struct sk_buff *skb)
970 {
971 if (skb->len > MTK_ISO_THRESHOLD)
972 return -EINVAL;
973
974 if (skb_pad(skb, MTK_ISO_THRESHOLD - skb->len))
975 return -ENOMEM;
976
977 __skb_put(skb, MTK_ISO_THRESHOLD - skb->len);
978
979 return 0;
980 }
981
__set_mtk_intr_interface(struct hci_dev * hdev)982 static int __set_mtk_intr_interface(struct hci_dev *hdev)
983 {
984 struct btmtk_data *btmtk_data = hci_get_priv(hdev);
985 struct usb_interface *intf = btmtk_data->isopkt_intf;
986 int i, err;
987
988 if (!btmtk_data->isopkt_intf)
989 return -ENODEV;
990
991 err = usb_set_interface(btmtk_data->udev, MTK_ISO_IFNUM, 1);
992 if (err < 0) {
993 bt_dev_err(hdev, "setting interface failed (%d)", -err);
994 return err;
995 }
996
997 btmtk_data->isopkt_tx_ep = NULL;
998 btmtk_data->isopkt_rx_ep = NULL;
999
1000 for (i = 0; i < intf->cur_altsetting->desc.bNumEndpoints; i++) {
1001 struct usb_endpoint_descriptor *ep_desc;
1002
1003 ep_desc = &intf->cur_altsetting->endpoint[i].desc;
1004
1005 if (!btmtk_data->isopkt_tx_ep &&
1006 usb_endpoint_is_int_out(ep_desc)) {
1007 btmtk_data->isopkt_tx_ep = ep_desc;
1008 continue;
1009 }
1010
1011 if (!btmtk_data->isopkt_rx_ep &&
1012 usb_endpoint_is_int_in(ep_desc)) {
1013 btmtk_data->isopkt_rx_ep = ep_desc;
1014 continue;
1015 }
1016 }
1017
1018 if (!btmtk_data->isopkt_tx_ep ||
1019 !btmtk_data->isopkt_rx_ep) {
1020 bt_dev_err(hdev, "invalid interrupt descriptors");
1021 return -ENODEV;
1022 }
1023
1024 return 0;
1025 }
1026
alloc_mtk_intr_urb(struct hci_dev * hdev,struct sk_buff * skb,usb_complete_t tx_complete)1027 struct urb *alloc_mtk_intr_urb(struct hci_dev *hdev, struct sk_buff *skb,
1028 usb_complete_t tx_complete)
1029 {
1030 struct btmtk_data *btmtk_data = hci_get_priv(hdev);
1031 struct urb *urb;
1032 unsigned int pipe;
1033
1034 if (!btmtk_data->isopkt_tx_ep)
1035 return ERR_PTR(-ENODEV);
1036
1037 urb = usb_alloc_urb(0, GFP_KERNEL);
1038 if (!urb)
1039 return ERR_PTR(-ENOMEM);
1040
1041 if (btmtk_isopkt_pad(hdev, skb))
1042 return ERR_PTR(-EINVAL);
1043
1044 pipe = usb_sndintpipe(btmtk_data->udev,
1045 btmtk_data->isopkt_tx_ep->bEndpointAddress);
1046
1047 usb_fill_int_urb(urb, btmtk_data->udev, pipe,
1048 skb->data, skb->len, tx_complete,
1049 skb, btmtk_data->isopkt_tx_ep->bInterval);
1050
1051 skb->dev = (void *)hdev;
1052
1053 return urb;
1054 }
1055 EXPORT_SYMBOL_GPL(alloc_mtk_intr_urb);
1056
btmtk_recv_isopkt(struct hci_dev * hdev,void * buffer,int count)1057 static int btmtk_recv_isopkt(struct hci_dev *hdev, void *buffer, int count)
1058 {
1059 struct btmtk_data *btmtk_data = hci_get_priv(hdev);
1060 struct sk_buff *skb;
1061 unsigned long flags;
1062 int err = 0;
1063
1064 spin_lock_irqsave(&btmtk_data->isorxlock, flags);
1065 skb = btmtk_data->isopkt_skb;
1066
1067 while (count) {
1068 int len;
1069
1070 if (!skb) {
1071 skb = bt_skb_alloc(HCI_MAX_ISO_SIZE, GFP_ATOMIC);
1072 if (!skb) {
1073 err = -ENOMEM;
1074 break;
1075 }
1076
1077 hci_skb_pkt_type(skb) = HCI_ISODATA_PKT;
1078 hci_skb_expect(skb) = HCI_ISO_HDR_SIZE;
1079 }
1080
1081 len = min_t(uint, hci_skb_expect(skb), count);
1082 skb_put_data(skb, buffer, len);
1083
1084 count -= len;
1085 buffer += len;
1086 hci_skb_expect(skb) -= len;
1087
1088 if (skb->len == HCI_ISO_HDR_SIZE) {
1089 __le16 dlen = ((struct hci_iso_hdr *)skb->data)->dlen;
1090
1091 /* Complete ISO header */
1092 hci_skb_expect(skb) = __le16_to_cpu(dlen);
1093
1094 if (skb_tailroom(skb) < hci_skb_expect(skb)) {
1095 kfree_skb(skb);
1096 skb = NULL;
1097
1098 err = -EILSEQ;
1099 break;
1100 }
1101 }
1102
1103 if (!hci_skb_expect(skb)) {
1104 /* Complete frame */
1105 hci_recv_frame(hdev, skb);
1106 skb = NULL;
1107 }
1108 }
1109
1110 btmtk_data->isopkt_skb = skb;
1111 spin_unlock_irqrestore(&btmtk_data->isorxlock, flags);
1112
1113 return err;
1114 }
1115
btmtk_intr_complete(struct urb * urb)1116 static void btmtk_intr_complete(struct urb *urb)
1117 {
1118 struct hci_dev *hdev = urb->context;
1119 struct btmtk_data *btmtk_data = hci_get_priv(hdev);
1120 int err;
1121
1122 BT_DBG("%s urb %p status %d count %d", hdev->name, urb, urb->status,
1123 urb->actual_length);
1124
1125 if (!test_bit(HCI_RUNNING, &hdev->flags))
1126 return;
1127
1128 if (hdev->suspended)
1129 return;
1130
1131 if (urb->status == 0) {
1132 hdev->stat.byte_rx += urb->actual_length;
1133
1134 if (btmtk_recv_isopkt(hdev, urb->transfer_buffer,
1135 urb->actual_length) < 0) {
1136 bt_dev_err(hdev, "corrupted iso packet");
1137 hdev->stat.err_rx++;
1138 }
1139 } else if (urb->status == -ENOENT) {
1140 /* Avoid suspend failed when usb_kill_urb */
1141 return;
1142 }
1143
1144 usb_mark_last_busy(btmtk_data->udev);
1145 usb_anchor_urb(urb, &btmtk_data->isopkt_anchor);
1146
1147 err = usb_submit_urb(urb, GFP_ATOMIC);
1148 if (err < 0) {
1149 /* -EPERM: urb is being killed;
1150 * -ENODEV: device got disconnected
1151 */
1152 if (err != -EPERM && err != -ENODEV)
1153 bt_dev_err(hdev, "urb %p failed to resubmit (%d)",
1154 urb, -err);
1155 if (err != -EPERM)
1156 hci_cmd_sync_cancel(hdev, -err);
1157 usb_unanchor_urb(urb);
1158 }
1159 }
1160
btmtk_submit_intr_urb(struct hci_dev * hdev,gfp_t mem_flags)1161 static int btmtk_submit_intr_urb(struct hci_dev *hdev, gfp_t mem_flags)
1162 {
1163 struct btmtk_data *btmtk_data = hci_get_priv(hdev);
1164 unsigned char *buf;
1165 unsigned int pipe;
1166 struct urb *urb;
1167 int err, size;
1168
1169 BT_DBG("%s", hdev->name);
1170
1171 if (!btmtk_data->isopkt_rx_ep)
1172 return -ENODEV;
1173
1174 urb = usb_alloc_urb(0, mem_flags);
1175 if (!urb)
1176 return -ENOMEM;
1177 size = le16_to_cpu(btmtk_data->isopkt_rx_ep->wMaxPacketSize);
1178
1179 buf = kmalloc(size, mem_flags);
1180 if (!buf) {
1181 usb_free_urb(urb);
1182 return -ENOMEM;
1183 }
1184
1185 pipe = usb_rcvintpipe(btmtk_data->udev,
1186 btmtk_data->isopkt_rx_ep->bEndpointAddress);
1187
1188 usb_fill_int_urb(urb, btmtk_data->udev, pipe, buf, size,
1189 btmtk_intr_complete, hdev,
1190 btmtk_data->isopkt_rx_ep->bInterval);
1191
1192 urb->transfer_flags |= URB_FREE_BUFFER;
1193
1194 usb_mark_last_busy(btmtk_data->udev);
1195 usb_anchor_urb(urb, &btmtk_data->isopkt_anchor);
1196
1197 err = usb_submit_urb(urb, mem_flags);
1198 if (err < 0) {
1199 if (err != -EPERM && err != -ENODEV)
1200 bt_dev_err(hdev, "urb %p submission failed (%d)",
1201 urb, -err);
1202 usb_unanchor_urb(urb);
1203 }
1204
1205 usb_free_urb(urb);
1206
1207 return err;
1208 }
1209
btmtk_usb_isointf_init(struct hci_dev * hdev)1210 static int btmtk_usb_isointf_init(struct hci_dev *hdev)
1211 {
1212 struct btmtk_data *btmtk_data = hci_get_priv(hdev);
1213 u8 iso_param[2] = { 0x08, 0x01 };
1214 struct sk_buff *skb;
1215 int err;
1216
1217 spin_lock_init(&btmtk_data->isorxlock);
1218
1219 __set_mtk_intr_interface(hdev);
1220
1221 err = btmtk_submit_intr_urb(hdev, GFP_KERNEL);
1222 if (err < 0) {
1223 usb_kill_anchored_urbs(&btmtk_data->isopkt_anchor);
1224 bt_dev_err(hdev, "ISO intf not support (%d)", err);
1225 return err;
1226 }
1227
1228 skb = __hci_cmd_sync(hdev, 0xfd98, sizeof(iso_param), iso_param,
1229 HCI_INIT_TIMEOUT);
1230 if (IS_ERR(skb)) {
1231 bt_dev_err(hdev, "Failed to apply iso setting (%ld)", PTR_ERR(skb));
1232 return PTR_ERR(skb);
1233 }
1234 kfree_skb(skb);
1235
1236 return 0;
1237 }
1238
btmtk_usb_resume(struct hci_dev * hdev)1239 int btmtk_usb_resume(struct hci_dev *hdev)
1240 {
1241 /* This function describes the specific additional steps taken by MediaTek
1242 * when Bluetooth usb driver's resume function is called.
1243 */
1244 struct btmtk_data *btmtk_data = hci_get_priv(hdev);
1245
1246 /* Resubmit urb for iso data transmission */
1247 if (test_bit(BTMTK_ISOPKT_RUNNING, &btmtk_data->flags)) {
1248 if (btmtk_submit_intr_urb(hdev, GFP_NOIO) < 0)
1249 clear_bit(BTMTK_ISOPKT_RUNNING, &btmtk_data->flags);
1250 }
1251
1252 return 0;
1253 }
1254 EXPORT_SYMBOL_GPL(btmtk_usb_resume);
1255
btmtk_usb_suspend(struct hci_dev * hdev)1256 int btmtk_usb_suspend(struct hci_dev *hdev)
1257 {
1258 /* This function describes the specific additional steps taken by MediaTek
1259 * when Bluetooth usb driver's suspend function is called.
1260 */
1261 struct btmtk_data *btmtk_data = hci_get_priv(hdev);
1262
1263 /* Stop urb anchor for iso data transmission */
1264 if (test_bit(BTMTK_ISOPKT_RUNNING, &btmtk_data->flags))
1265 usb_kill_anchored_urbs(&btmtk_data->isopkt_anchor);
1266
1267 return 0;
1268 }
1269 EXPORT_SYMBOL_GPL(btmtk_usb_suspend);
1270
btmtk_usb_setup(struct hci_dev * hdev)1271 int btmtk_usb_setup(struct hci_dev *hdev)
1272 {
1273 struct btmtk_data *btmtk_data = hci_get_priv(hdev);
1274 struct btmtk_hci_wmt_params wmt_params;
1275 ktime_t calltime, delta, rettime;
1276 struct btmtk_tci_sleep tci_sleep;
1277 unsigned long long duration;
1278 struct sk_buff *skb;
1279 const char *fwname;
1280 int err, status;
1281 u32 dev_id = 0;
1282 char fw_bin_name[64];
1283 u32 fw_version = 0, fw_flavor = 0;
1284 u8 param;
1285
1286 calltime = ktime_get();
1287
1288 err = btmtk_usb_id_get(hdev, 0x80000008, &dev_id);
1289 if (err < 0) {
1290 bt_dev_err(hdev, "Failed to get device id (%d)", err);
1291 return err;
1292 }
1293
1294 if (!dev_id || dev_id != 0x7663) {
1295 err = btmtk_usb_id_get(hdev, 0x70010200, &dev_id);
1296 if (err < 0) {
1297 bt_dev_err(hdev, "Failed to get device id (%d)", err);
1298 return err;
1299 }
1300 err = btmtk_usb_id_get(hdev, 0x80021004, &fw_version);
1301 if (err < 0) {
1302 bt_dev_err(hdev, "Failed to get fw version (%d)", err);
1303 return err;
1304 }
1305 err = btmtk_usb_id_get(hdev, 0x70010020, &fw_flavor);
1306 if (err < 0) {
1307 bt_dev_err(hdev, "Failed to get fw flavor (%d)", err);
1308 return err;
1309 }
1310 fw_flavor = (fw_flavor & 0x00000080) >> 7;
1311 }
1312
1313 btmtk_data->dev_id = dev_id;
1314
1315 err = btmtk_register_coredump(hdev, btmtk_data->drv_name, fw_version);
1316 if (err < 0)
1317 bt_dev_err(hdev, "Failed to register coredump (%d)", err);
1318
1319 switch (dev_id) {
1320 case 0x7663:
1321 fwname = FIRMWARE_MT7663;
1322 break;
1323 case 0x7668:
1324 fwname = FIRMWARE_MT7668;
1325 break;
1326 case 0x7922:
1327 case 0x7925:
1328 case 0x7961:
1329 btmtk_fw_get_filename(fw_bin_name, sizeof(fw_bin_name), dev_id,
1330 fw_version, fw_flavor);
1331
1332 err = btmtk_setup_firmware_79xx(hdev, fw_bin_name,
1333 btmtk_usb_hci_wmt_sync);
1334 if (err < 0) {
1335 bt_dev_err(hdev, "Failed to set up firmware (%d)", err);
1336 return err;
1337 }
1338
1339 /* It's Device EndPoint Reset Option Register */
1340 err = btmtk_usb_uhw_reg_write(hdev, MTK_EP_RST_OPT,
1341 MTK_EP_RST_IN_OUT_OPT);
1342 if (err < 0)
1343 return err;
1344
1345 /* Enable Bluetooth protocol */
1346 param = 1;
1347 wmt_params.op = BTMTK_WMT_FUNC_CTRL;
1348 wmt_params.flag = 0;
1349 wmt_params.dlen = sizeof(param);
1350 wmt_params.data = ¶m;
1351 wmt_params.status = NULL;
1352
1353 err = btmtk_usb_hci_wmt_sync(hdev, &wmt_params);
1354 if (err < 0) {
1355 bt_dev_err(hdev, "Failed to send wmt func ctrl (%d)", err);
1356 return err;
1357 }
1358
1359 hci_set_msft_opcode(hdev, 0xFD30);
1360 hci_set_aosp_capable(hdev);
1361
1362 /* Set up ISO interface after protocol enabled */
1363 if (test_bit(BTMTK_ISOPKT_OVER_INTR, &btmtk_data->flags)) {
1364 if (!btmtk_usb_isointf_init(hdev))
1365 set_bit(BTMTK_ISOPKT_RUNNING, &btmtk_data->flags);
1366 }
1367
1368 goto done;
1369 default:
1370 bt_dev_err(hdev, "Unsupported hardware variant (%08x)",
1371 dev_id);
1372 return -ENODEV;
1373 }
1374
1375 /* Query whether the firmware is already download */
1376 wmt_params.op = BTMTK_WMT_SEMAPHORE;
1377 wmt_params.flag = 1;
1378 wmt_params.dlen = 0;
1379 wmt_params.data = NULL;
1380 wmt_params.status = &status;
1381
1382 err = btmtk_usb_hci_wmt_sync(hdev, &wmt_params);
1383 if (err < 0) {
1384 bt_dev_err(hdev, "Failed to query firmware status (%d)", err);
1385 return err;
1386 }
1387
1388 if (status == BTMTK_WMT_PATCH_DONE) {
1389 bt_dev_info(hdev, "firmware already downloaded");
1390 goto ignore_setup_fw;
1391 }
1392
1393 /* Setup a firmware which the device definitely requires */
1394 err = btmtk_setup_firmware(hdev, fwname,
1395 btmtk_usb_hci_wmt_sync);
1396 if (err < 0)
1397 return err;
1398
1399 ignore_setup_fw:
1400 err = readx_poll_timeout(btmtk_usb_func_query, hdev, status,
1401 status < 0 || status != BTMTK_WMT_ON_PROGRESS,
1402 2000, 5000000);
1403 /* -ETIMEDOUT happens */
1404 if (err < 0)
1405 return err;
1406
1407 /* The other errors happen in btmtk_usb_func_query */
1408 if (status < 0)
1409 return status;
1410
1411 if (status == BTMTK_WMT_ON_DONE) {
1412 bt_dev_info(hdev, "function already on");
1413 goto ignore_func_on;
1414 }
1415
1416 /* Enable Bluetooth protocol */
1417 param = 1;
1418 wmt_params.op = BTMTK_WMT_FUNC_CTRL;
1419 wmt_params.flag = 0;
1420 wmt_params.dlen = sizeof(param);
1421 wmt_params.data = ¶m;
1422 wmt_params.status = NULL;
1423
1424 err = btmtk_usb_hci_wmt_sync(hdev, &wmt_params);
1425 if (err < 0) {
1426 bt_dev_err(hdev, "Failed to send wmt func ctrl (%d)", err);
1427 return err;
1428 }
1429
1430 ignore_func_on:
1431 /* Apply the low power environment setup */
1432 tci_sleep.mode = 0x5;
1433 tci_sleep.duration = cpu_to_le16(0x640);
1434 tci_sleep.host_duration = cpu_to_le16(0x640);
1435 tci_sleep.host_wakeup_pin = 0;
1436 tci_sleep.time_compensation = 0;
1437
1438 skb = __hci_cmd_sync(hdev, 0xfc7a, sizeof(tci_sleep), &tci_sleep,
1439 HCI_INIT_TIMEOUT);
1440 if (IS_ERR(skb)) {
1441 err = PTR_ERR(skb);
1442 bt_dev_err(hdev, "Failed to apply low power setting (%d)", err);
1443 return err;
1444 }
1445 kfree_skb(skb);
1446
1447 done:
1448 rettime = ktime_get();
1449 delta = ktime_sub(rettime, calltime);
1450 duration = (unsigned long long)ktime_to_ns(delta) >> 10;
1451
1452 bt_dev_info(hdev, "Device setup in %llu usecs", duration);
1453
1454 return 0;
1455 }
1456 EXPORT_SYMBOL_GPL(btmtk_usb_setup);
1457
btmtk_usb_shutdown(struct hci_dev * hdev)1458 int btmtk_usb_shutdown(struct hci_dev *hdev)
1459 {
1460 struct btmtk_data *data = hci_get_priv(hdev);
1461 struct btmtk_hci_wmt_params wmt_params;
1462 u8 param = 0;
1463 int err;
1464
1465 err = usb_autopm_get_interface(data->intf);
1466 if (err < 0)
1467 return err;
1468
1469 /* Disable the device */
1470 wmt_params.op = BTMTK_WMT_FUNC_CTRL;
1471 wmt_params.flag = 0;
1472 wmt_params.dlen = sizeof(param);
1473 wmt_params.data = ¶m;
1474 wmt_params.status = NULL;
1475
1476 err = btmtk_usb_hci_wmt_sync(hdev, &wmt_params);
1477 if (err < 0) {
1478 bt_dev_err(hdev, "Failed to send wmt func ctrl (%d)", err);
1479 usb_autopm_put_interface(data->intf);
1480 return err;
1481 }
1482
1483 usb_autopm_put_interface(data->intf);
1484 return 0;
1485 }
1486 EXPORT_SYMBOL_GPL(btmtk_usb_shutdown);
1487 #endif
1488
1489 MODULE_AUTHOR("Sean Wang <sean.wang@mediatek.com>");
1490 MODULE_AUTHOR("Mark Chen <mark-yw.chen@mediatek.com>");
1491 MODULE_DESCRIPTION("Bluetooth support for MediaTek devices ver " VERSION);
1492 MODULE_VERSION(VERSION);
1493 MODULE_LICENSE("GPL");
1494 MODULE_FIRMWARE(FIRMWARE_MT7622);
1495 MODULE_FIRMWARE(FIRMWARE_MT7663);
1496 MODULE_FIRMWARE(FIRMWARE_MT7668);
1497 MODULE_FIRMWARE(FIRMWARE_MT7922);
1498 MODULE_FIRMWARE(FIRMWARE_MT7961);
1499 MODULE_FIRMWARE(FIRMWARE_MT7925);
1500