1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * NXP Bluetooth driver 4 * Copyright 2023-2025 NXP 5 */ 6 7 #include <linux/module.h> 8 #include <linux/kernel.h> 9 10 #include <linux/serdev.h> 11 #include <linux/of.h> 12 #include <linux/skbuff.h> 13 #include <linux/unaligned.h> 14 #include <linux/firmware.h> 15 #include <linux/string.h> 16 #include <linux/crc8.h> 17 #include <linux/crc32.h> 18 #include <linux/string_helpers.h> 19 #include <linux/gpio/consumer.h> 20 #include <linux/of_irq.h> 21 22 #include <net/bluetooth/bluetooth.h> 23 #include <net/bluetooth/hci_core.h> 24 25 #include "h4_recv.h" 26 27 #define MANUFACTURER_NXP 37 28 29 #define BTNXPUART_TX_STATE_ACTIVE 1 30 #define BTNXPUART_FW_DOWNLOADING 2 31 #define BTNXPUART_CHECK_BOOT_SIGNATURE 3 32 #define BTNXPUART_SERDEV_OPEN 4 33 #define BTNXPUART_IR_IN_PROGRESS 5 34 #define BTNXPUART_FW_DOWNLOAD_ABORT 6 35 #define BTNXPUART_FW_DUMP_IN_PROGRESS 7 36 37 /* NXP HW err codes */ 38 #define BTNXPUART_IR_HW_ERR 0xb0 39 40 #define FIRMWARE_W8987 "uart8987_bt.bin" 41 #define FIRMWARE_W8987_OLD "uartuart8987_bt.bin" 42 #define FIRMWARE_W8997 "uart8997_bt_v4.bin" 43 #define FIRMWARE_W8997_OLD "uartuart8997_bt_v4.bin" 44 #define FIRMWARE_W9098 "uart9098_bt_v1.bin" 45 #define FIRMWARE_W9098_OLD "uartuart9098_bt_v1.bin" 46 #define FIRMWARE_IW416 "uartiw416_bt.bin" 47 #define FIRMWARE_IW416_OLD "uartiw416_bt_v0.bin" 48 #define FIRMWARE_IW612 "uartspi_n61x_v1.bin.se" 49 #define FIRMWARE_IW610 "uartspi_iw610.bin" 50 #define FIRMWARE_SECURE_IW610 "uartspi_iw610.bin.se" 51 #define FIRMWARE_IW624 "uartiw624_bt.bin" 52 #define FIRMWARE_SECURE_IW624 "uartiw624_bt.bin.se" 53 #define FIRMWARE_AW693 "uartaw693_bt.bin" 54 #define FIRMWARE_SECURE_AW693 "uartaw693_bt.bin.se" 55 #define FIRMWARE_AW693_A1 "uartaw693_bt_v1.bin" 56 #define FIRMWARE_SECURE_AW693_A1 "uartaw693_bt_v1.bin.se" 57 #define FIRMWARE_HELPER "helper_uart_3000000.bin" 58 59 #define CHIP_ID_W9098 0x5c03 60 #define CHIP_ID_IW416 0x7201 61 #define CHIP_ID_IW612 0x7601 62 #define CHIP_ID_IW624a 0x8000 63 #define CHIP_ID_IW624c 0x8001 64 #define CHIP_ID_AW693a0 0x8200 65 #define CHIP_ID_AW693a1 0x8201 66 #define CHIP_ID_IW610a0 0x8800 67 #define CHIP_ID_IW610a1 0x8801 68 69 #define FW_SECURE_MASK 0xc0 70 #define FW_OPEN 0x00 71 #define FW_AUTH_ILLEGAL 0x40 72 #define FW_AUTH_PLAIN 0x80 73 #define FW_AUTH_ENC 0xc0 74 75 #define HCI_NXP_PRI_BAUDRATE 115200 76 #define HCI_NXP_SEC_BAUDRATE 3000000 77 78 #define MAX_FW_FILE_NAME_LEN 50 79 80 /* Default ps timeout period in milliseconds */ 81 #define PS_DEFAULT_TIMEOUT_PERIOD_MS 2000 82 83 /* wakeup methods */ 84 #define WAKEUP_METHOD_DTR 0 85 #define WAKEUP_METHOD_BREAK 1 86 #define WAKEUP_METHOD_EXT_BREAK 2 87 #define WAKEUP_METHOD_RTS 3 88 #define WAKEUP_METHOD_GPIO 4 89 #define WAKEUP_METHOD_INVALID 0xff 90 91 /* power save mode status */ 92 #define PS_MODE_DISABLE 0 93 #define PS_MODE_ENABLE 1 94 95 /* Power Save Commands to ps_work_func */ 96 #define PS_CMD_EXIT_PS 1 97 #define PS_CMD_ENTER_PS 2 98 99 /* power save state */ 100 #define PS_STATE_AWAKE 0 101 #define PS_STATE_SLEEP 1 102 103 /* NXP Vendor Commands. Refer user manual UM11628 on nxp.com */ 104 /* Set custom BD Address */ 105 #define HCI_NXP_SET_BD_ADDR 0xfc22 106 /* Set Auto-Sleep mode */ 107 #define HCI_NXP_AUTO_SLEEP_MODE 0xfc23 108 /* Set Wakeup method */ 109 #define HCI_NXP_WAKEUP_METHOD 0xfc53 110 /* Set operational baudrate */ 111 #define HCI_NXP_SET_OPER_SPEED 0xfc09 112 /* Independent Reset (Soft Reset) */ 113 #define HCI_NXP_IND_RESET 0xfcfc 114 /* Bluetooth vendor command: Trigger FW dump */ 115 #define HCI_NXP_TRIGGER_DUMP 0xfe91 116 117 /* Bluetooth Power State : Vendor cmd params */ 118 #define BT_PS_ENABLE 0x02 119 #define BT_PS_DISABLE 0x03 120 121 /* Bluetooth Host Wakeup Methods */ 122 #define BT_HOST_WAKEUP_METHOD_NONE 0x00 123 #define BT_HOST_WAKEUP_METHOD_DTR 0x01 124 #define BT_HOST_WAKEUP_METHOD_BREAK 0x02 125 #define BT_HOST_WAKEUP_METHOD_GPIO 0x03 126 127 /* Bluetooth Chip Wakeup Methods */ 128 #define BT_CTRL_WAKEUP_METHOD_DSR 0x00 129 #define BT_CTRL_WAKEUP_METHOD_BREAK 0x01 130 #define BT_CTRL_WAKEUP_METHOD_GPIO 0x02 131 #define BT_CTRL_WAKEUP_METHOD_EXT_BREAK 0x04 132 #define BT_CTRL_WAKEUP_METHOD_RTS 0x05 133 134 struct ps_data { 135 u8 target_ps_mode; /* ps mode to be set */ 136 u8 cur_psmode; /* current ps_mode */ 137 u8 ps_state; /* controller's power save state */ 138 u8 ps_cmd; 139 u8 h2c_wakeupmode; 140 u8 cur_h2c_wakeupmode; 141 u8 c2h_wakeupmode; 142 u8 c2h_wakeup_gpio; 143 u8 h2c_wakeup_gpio; 144 bool driver_sent_cmd; 145 u16 h2c_ps_interval; 146 u16 c2h_ps_interval; 147 bool wakeup_source; 148 struct gpio_desc *h2c_ps_gpio; 149 s32 irq_handler; 150 struct hci_dev *hdev; 151 struct work_struct work; 152 struct timer_list ps_timer; 153 struct mutex ps_lock; 154 }; 155 156 struct wakeup_cmd_payload { 157 u8 c2h_wakeupmode; 158 u8 c2h_wakeup_gpio; 159 u8 h2c_wakeupmode; 160 u8 h2c_wakeup_gpio; 161 } __packed; 162 163 struct psmode_cmd_payload { 164 u8 ps_cmd; 165 __le16 c2h_ps_interval; 166 } __packed; 167 168 struct btnxpuart_data { 169 const char *helper_fw_name; 170 const char *fw_name; 171 const char *fw_name_old; 172 }; 173 174 enum bootloader_param_change { 175 not_changed, 176 cmd_sent, 177 changed 178 }; 179 180 struct btnxpuart_dev { 181 struct hci_dev *hdev; 182 struct serdev_device *serdev; 183 184 struct work_struct tx_work; 185 unsigned long tx_state; 186 struct sk_buff_head txq; 187 struct sk_buff *rx_skb; 188 189 const struct firmware *fw; 190 u8 fw_name[MAX_FW_FILE_NAME_LEN]; 191 u32 fw_dnld_v1_offset; 192 u32 fw_v1_sent_bytes; 193 u32 fw_dnld_v3_offset; 194 u32 fw_v3_offset_correction; 195 u32 fw_v3_prev_sent; 196 u32 fw_v1_expected_len; 197 u32 boot_reg_offset; 198 wait_queue_head_t fw_dnld_done_wait_q; 199 wait_queue_head_t check_boot_sign_wait_q; 200 201 u32 new_baudrate; 202 u32 current_baudrate; 203 u32 fw_init_baudrate; 204 enum bootloader_param_change timeout_changed; 205 enum bootloader_param_change baudrate_changed; 206 bool helper_downloaded; 207 208 struct ps_data psdata; 209 struct btnxpuart_data *nxp_data; 210 }; 211 212 #define NXP_V1_FW_REQ_PKT 0xa5 213 #define NXP_V1_CHIP_VER_PKT 0xaa 214 #define NXP_V3_FW_REQ_PKT 0xa7 215 #define NXP_V3_CHIP_VER_PKT 0xab 216 217 #define NXP_ACK_V1 0x5a 218 #define NXP_NAK_V1 0xbf 219 #define NXP_ACK_V3 0x7a 220 #define NXP_NAK_V3 0x7b 221 #define NXP_CRC_ERROR_V3 0x7c 222 223 /* Bootloader signature error codes: Refer AN12820 from nxp.com */ 224 #define NXP_CRC_RX_ERROR BIT(0) /* CRC error in previous packet */ 225 #define NXP_ACK_RX_TIMEOUT BIT(2) /* ACK not received from host */ 226 #define NXP_HDR_RX_TIMEOUT BIT(3) /* FW Header chunk not received */ 227 #define NXP_DATA_RX_TIMEOUT BIT(4) /* FW Data chunk not received */ 228 229 #define HDR_LEN 16 230 231 #define NXP_RECV_CHIP_VER_V1 \ 232 .type = NXP_V1_CHIP_VER_PKT, \ 233 .hlen = 4, \ 234 .loff = 0, \ 235 .lsize = 0, \ 236 .maxlen = 4 237 238 #define NXP_RECV_FW_REQ_V1 \ 239 .type = NXP_V1_FW_REQ_PKT, \ 240 .hlen = 4, \ 241 .loff = 0, \ 242 .lsize = 0, \ 243 .maxlen = 4 244 245 #define NXP_RECV_CHIP_VER_V3 \ 246 .type = NXP_V3_CHIP_VER_PKT, \ 247 .hlen = 4, \ 248 .loff = 0, \ 249 .lsize = 0, \ 250 .maxlen = 4 251 252 #define NXP_RECV_FW_REQ_V3 \ 253 .type = NXP_V3_FW_REQ_PKT, \ 254 .hlen = 9, \ 255 .loff = 0, \ 256 .lsize = 0, \ 257 .maxlen = 9 258 259 struct v1_data_req { 260 __le16 len; 261 __le16 len_comp; 262 } __packed; 263 264 struct v1_start_ind { 265 __le16 chip_id; 266 __le16 chip_id_comp; 267 } __packed; 268 269 struct v3_data_req { 270 __le16 len; 271 __le32 offset; 272 __le16 error; 273 u8 crc; 274 } __packed; 275 276 struct v3_start_ind { 277 __le16 chip_id; 278 u8 loader_ver; 279 u8 crc; 280 } __packed; 281 282 /* UART register addresses of BT chip */ 283 #define CLKDIVADDR 0x7f00008f 284 #define UARTDIVADDR 0x7f000090 285 #define UARTMCRADDR 0x7f000091 286 #define UARTREINITADDR 0x7f000092 287 #define UARTICRADDR 0x7f000093 288 #define UARTFCRADDR 0x7f000094 289 290 #define MCR 0x00000022 291 #define INIT 0x00000001 292 #define ICR 0x000000c7 293 #define FCR 0x000000c7 294 295 #define POLYNOMIAL8 0x07 296 297 struct uart_reg { 298 __le32 address; 299 __le32 value; 300 } __packed; 301 302 struct uart_config { 303 struct uart_reg clkdiv; 304 struct uart_reg uartdiv; 305 struct uart_reg mcr; 306 struct uart_reg re_init; 307 struct uart_reg icr; 308 struct uart_reg fcr; 309 __be32 crc; 310 } __packed; 311 312 struct nxp_bootloader_cmd { 313 __le32 header; 314 __le32 arg; 315 __le32 payload_len; 316 __be32 crc; 317 } __packed; 318 319 struct nxp_v3_rx_timeout_nak { 320 u8 nak; 321 __le32 offset; 322 u8 crc; 323 } __packed; 324 325 union nxp_v3_rx_timeout_nak_u { 326 struct nxp_v3_rx_timeout_nak pkt; 327 u8 buf[6]; 328 }; 329 330 struct nxp_v3_crc_nak { 331 u8 nak; 332 u8 crc; 333 } __packed; 334 335 union nxp_v3_crc_nak_u { 336 struct nxp_v3_crc_nak pkt; 337 u8 buf[2]; 338 }; 339 340 /* FW dump */ 341 #define NXP_FW_DUMP_SIZE (1024 * 1000) 342 343 struct nxp_fw_dump_hdr { 344 __le16 seq_num; 345 __le16 reserved; 346 __le16 buf_type; 347 __le16 buf_len; 348 }; 349 350 union nxp_set_bd_addr_payload { 351 struct { 352 u8 param_id; 353 u8 param_len; 354 u8 param[6]; 355 } __packed data; 356 u8 buf[8]; 357 }; 358 359 static u8 crc8_table[CRC8_TABLE_SIZE]; 360 361 /* Default configurations */ 362 #define DEFAULT_H2C_WAKEUP_MODE WAKEUP_METHOD_BREAK 363 #define DEFAULT_PS_MODE PS_MODE_ENABLE 364 #define FW_INIT_BAUDRATE HCI_NXP_PRI_BAUDRATE 365 366 static struct sk_buff *nxp_drv_send_cmd(struct hci_dev *hdev, u16 opcode, 367 u32 plen, 368 void *param) 369 { 370 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 371 struct ps_data *psdata = &nxpdev->psdata; 372 struct sk_buff *skb; 373 374 /* set flag to prevent nxp_enqueue from parsing values from this command and 375 * calling hci_cmd_sync_queue() again. 376 */ 377 psdata->driver_sent_cmd = true; 378 skb = __hci_cmd_sync(hdev, opcode, plen, param, HCI_CMD_TIMEOUT); 379 psdata->driver_sent_cmd = false; 380 381 return skb; 382 } 383 384 static void btnxpuart_tx_wakeup(struct btnxpuart_dev *nxpdev) 385 { 386 if (schedule_work(&nxpdev->tx_work)) 387 set_bit(BTNXPUART_TX_STATE_ACTIVE, &nxpdev->tx_state); 388 } 389 390 /* NXP Power Save Feature */ 391 static void ps_start_timer(struct btnxpuart_dev *nxpdev) 392 { 393 struct ps_data *psdata = &nxpdev->psdata; 394 395 if (!psdata) 396 return; 397 398 if (psdata->cur_psmode == PS_MODE_ENABLE) 399 mod_timer(&psdata->ps_timer, jiffies + msecs_to_jiffies(psdata->h2c_ps_interval)); 400 401 if (psdata->ps_state == PS_STATE_AWAKE && psdata->ps_cmd == PS_CMD_ENTER_PS) 402 cancel_work_sync(&psdata->work); 403 } 404 405 static void ps_cancel_timer(struct btnxpuart_dev *nxpdev) 406 { 407 struct ps_data *psdata = &nxpdev->psdata; 408 409 flush_work(&psdata->work); 410 timer_shutdown_sync(&psdata->ps_timer); 411 } 412 413 static void ps_control(struct hci_dev *hdev, u8 ps_state) 414 { 415 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 416 struct ps_data *psdata = &nxpdev->psdata; 417 int status = 0; 418 419 if (psdata->ps_state == ps_state || 420 !test_bit(BTNXPUART_SERDEV_OPEN, &nxpdev->tx_state)) 421 return; 422 423 mutex_lock(&psdata->ps_lock); 424 switch (psdata->cur_h2c_wakeupmode) { 425 case WAKEUP_METHOD_GPIO: 426 if (ps_state == PS_STATE_AWAKE) 427 gpiod_set_value_cansleep(psdata->h2c_ps_gpio, 0); 428 else 429 gpiod_set_value_cansleep(psdata->h2c_ps_gpio, 1); 430 bt_dev_dbg(hdev, "Set h2c_ps_gpio: %s", 431 str_high_low(ps_state == PS_STATE_SLEEP)); 432 break; 433 case WAKEUP_METHOD_DTR: 434 if (ps_state == PS_STATE_AWAKE) 435 status = serdev_device_set_tiocm(nxpdev->serdev, TIOCM_DTR, 0); 436 else 437 status = serdev_device_set_tiocm(nxpdev->serdev, 0, TIOCM_DTR); 438 break; 439 case WAKEUP_METHOD_BREAK: 440 default: 441 if (ps_state == PS_STATE_AWAKE) 442 status = serdev_device_break_ctl(nxpdev->serdev, 0); 443 else 444 status = serdev_device_break_ctl(nxpdev->serdev, -1); 445 msleep(20); /* Allow chip to detect UART-break and enter sleep */ 446 bt_dev_dbg(hdev, "Set UART break: %s, status=%d", 447 str_on_off(ps_state == PS_STATE_SLEEP), status); 448 break; 449 } 450 if (!status) 451 psdata->ps_state = ps_state; 452 mutex_unlock(&psdata->ps_lock); 453 454 if (ps_state == PS_STATE_AWAKE) 455 btnxpuart_tx_wakeup(nxpdev); 456 } 457 458 static void ps_work_func(struct work_struct *work) 459 { 460 struct ps_data *data = container_of(work, struct ps_data, work); 461 462 if (data->ps_cmd == PS_CMD_ENTER_PS && data->cur_psmode == PS_MODE_ENABLE) 463 ps_control(data->hdev, PS_STATE_SLEEP); 464 else if (data->ps_cmd == PS_CMD_EXIT_PS) 465 ps_control(data->hdev, PS_STATE_AWAKE); 466 } 467 468 static void ps_timeout_func(struct timer_list *t) 469 { 470 struct ps_data *data = from_timer(data, t, ps_timer); 471 struct hci_dev *hdev = data->hdev; 472 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 473 474 if (test_bit(BTNXPUART_TX_STATE_ACTIVE, &nxpdev->tx_state)) { 475 ps_start_timer(nxpdev); 476 } else { 477 data->ps_cmd = PS_CMD_ENTER_PS; 478 schedule_work(&data->work); 479 } 480 } 481 482 static irqreturn_t ps_host_wakeup_irq_handler(int irq, void *priv) 483 { 484 struct btnxpuart_dev *nxpdev = (struct btnxpuart_dev *)priv; 485 486 bt_dev_dbg(nxpdev->hdev, "Host wakeup interrupt"); 487 return IRQ_HANDLED; 488 } 489 static int ps_setup(struct hci_dev *hdev) 490 { 491 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 492 struct serdev_device *serdev = nxpdev->serdev; 493 struct ps_data *psdata = &nxpdev->psdata; 494 int ret; 495 496 /* Out-Of-Band Device Wakeup */ 497 psdata->h2c_ps_gpio = devm_gpiod_get_optional(&serdev->dev, "device-wakeup", 498 GPIOD_OUT_LOW); 499 if (IS_ERR(psdata->h2c_ps_gpio)) { 500 bt_dev_err(hdev, "Error fetching device-wakeup-gpios: %ld", 501 PTR_ERR(psdata->h2c_ps_gpio)); 502 return PTR_ERR(psdata->h2c_ps_gpio); 503 } 504 505 if (device_property_read_u8(&serdev->dev, "nxp,wakein-pin", &psdata->h2c_wakeup_gpio)) { 506 psdata->h2c_wakeup_gpio = 0xff; /* 0xff: use default pin/gpio */ 507 } else if (!psdata->h2c_ps_gpio) { 508 bt_dev_warn(hdev, "nxp,wakein-pin property without device-wakeup-gpios"); 509 psdata->h2c_wakeup_gpio = 0xff; 510 } 511 512 /* Out-Of-Band Host Wakeup */ 513 if (of_property_read_bool(serdev->dev.of_node, "wakeup-source")) { 514 psdata->irq_handler = of_irq_get_byname(serdev->dev.of_node, "wakeup"); 515 bt_dev_info(nxpdev->hdev, "irq_handler: %d", psdata->irq_handler); 516 if (psdata->irq_handler > 0) 517 psdata->wakeup_source = true; 518 } 519 520 if (device_property_read_u8(&serdev->dev, "nxp,wakeout-pin", &psdata->c2h_wakeup_gpio)) { 521 psdata->c2h_wakeup_gpio = 0xff; 522 if (psdata->wakeup_source) { 523 bt_dev_warn(hdev, "host wakeup interrupt without nxp,wakeout-pin"); 524 psdata->wakeup_source = false; 525 } 526 } else if (!psdata->wakeup_source) { 527 bt_dev_warn(hdev, "nxp,wakeout-pin property without host wakeup interrupt"); 528 psdata->c2h_wakeup_gpio = 0xff; 529 } 530 531 if (psdata->wakeup_source) { 532 ret = devm_request_irq(&serdev->dev, psdata->irq_handler, 533 ps_host_wakeup_irq_handler, 534 IRQF_ONESHOT | IRQF_TRIGGER_FALLING, 535 dev_name(&serdev->dev), nxpdev); 536 disable_irq(psdata->irq_handler); 537 device_init_wakeup(&serdev->dev, true); 538 } 539 540 psdata->hdev = hdev; 541 INIT_WORK(&psdata->work, ps_work_func); 542 mutex_init(&psdata->ps_lock); 543 timer_setup(&psdata->ps_timer, ps_timeout_func, 0); 544 545 return 0; 546 } 547 548 static bool ps_wakeup(struct btnxpuart_dev *nxpdev) 549 { 550 struct ps_data *psdata = &nxpdev->psdata; 551 u8 ps_state; 552 553 mutex_lock(&psdata->ps_lock); 554 ps_state = psdata->ps_state; 555 mutex_unlock(&psdata->ps_lock); 556 557 if (ps_state != PS_STATE_AWAKE) { 558 psdata->ps_cmd = PS_CMD_EXIT_PS; 559 schedule_work(&psdata->work); 560 return true; 561 } 562 return false; 563 } 564 565 static void ps_cleanup(struct btnxpuart_dev *nxpdev) 566 { 567 struct ps_data *psdata = &nxpdev->psdata; 568 u8 ps_state; 569 570 mutex_lock(&psdata->ps_lock); 571 ps_state = psdata->ps_state; 572 mutex_unlock(&psdata->ps_lock); 573 574 if (ps_state != PS_STATE_AWAKE) 575 ps_control(psdata->hdev, PS_STATE_AWAKE); 576 577 ps_cancel_timer(nxpdev); 578 cancel_work_sync(&psdata->work); 579 mutex_destroy(&psdata->ps_lock); 580 } 581 582 static int send_ps_cmd(struct hci_dev *hdev, void *data) 583 { 584 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 585 struct ps_data *psdata = &nxpdev->psdata; 586 struct psmode_cmd_payload pcmd; 587 struct sk_buff *skb; 588 u8 *status; 589 590 if (psdata->target_ps_mode == PS_MODE_ENABLE) 591 pcmd.ps_cmd = BT_PS_ENABLE; 592 else 593 pcmd.ps_cmd = BT_PS_DISABLE; 594 pcmd.c2h_ps_interval = __cpu_to_le16(psdata->c2h_ps_interval); 595 596 skb = nxp_drv_send_cmd(hdev, HCI_NXP_AUTO_SLEEP_MODE, sizeof(pcmd), &pcmd); 597 if (IS_ERR(skb)) { 598 bt_dev_err(hdev, "Setting Power Save mode failed (%ld)", PTR_ERR(skb)); 599 return PTR_ERR(skb); 600 } 601 602 status = skb_pull_data(skb, 1); 603 if (status) { 604 if (!*status) 605 psdata->cur_psmode = psdata->target_ps_mode; 606 else 607 psdata->target_ps_mode = psdata->cur_psmode; 608 if (psdata->cur_psmode == PS_MODE_ENABLE) 609 ps_start_timer(nxpdev); 610 else 611 ps_wakeup(nxpdev); 612 bt_dev_dbg(hdev, "Power Save mode response: status=%d, ps_mode=%d", 613 *status, psdata->cur_psmode); 614 } 615 kfree_skb(skb); 616 617 return 0; 618 } 619 620 static int send_wakeup_method_cmd(struct hci_dev *hdev, void *data) 621 { 622 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 623 struct ps_data *psdata = &nxpdev->psdata; 624 struct wakeup_cmd_payload pcmd; 625 struct sk_buff *skb; 626 u8 *status; 627 628 pcmd.c2h_wakeupmode = psdata->c2h_wakeupmode; 629 pcmd.c2h_wakeup_gpio = psdata->c2h_wakeup_gpio; 630 pcmd.h2c_wakeup_gpio = 0xff; 631 switch (psdata->h2c_wakeupmode) { 632 case WAKEUP_METHOD_GPIO: 633 pcmd.h2c_wakeupmode = BT_CTRL_WAKEUP_METHOD_GPIO; 634 pcmd.h2c_wakeup_gpio = psdata->h2c_wakeup_gpio; 635 break; 636 case WAKEUP_METHOD_DTR: 637 pcmd.h2c_wakeupmode = BT_CTRL_WAKEUP_METHOD_DSR; 638 break; 639 case WAKEUP_METHOD_BREAK: 640 default: 641 pcmd.h2c_wakeupmode = BT_CTRL_WAKEUP_METHOD_BREAK; 642 break; 643 } 644 645 skb = nxp_drv_send_cmd(hdev, HCI_NXP_WAKEUP_METHOD, sizeof(pcmd), &pcmd); 646 if (IS_ERR(skb)) { 647 bt_dev_err(hdev, "Setting wake-up method failed (%ld)", PTR_ERR(skb)); 648 return PTR_ERR(skb); 649 } 650 651 status = skb_pull_data(skb, 1); 652 if (status) { 653 if (*status == 0) 654 psdata->cur_h2c_wakeupmode = psdata->h2c_wakeupmode; 655 else 656 psdata->h2c_wakeupmode = psdata->cur_h2c_wakeupmode; 657 bt_dev_dbg(hdev, "Set Wakeup Method response: status=%d, h2c_wakeupmode=%d", 658 *status, psdata->cur_h2c_wakeupmode); 659 } 660 kfree_skb(skb); 661 662 return 0; 663 } 664 665 static void ps_init(struct hci_dev *hdev) 666 { 667 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 668 struct ps_data *psdata = &nxpdev->psdata; 669 u8 default_h2c_wakeup_mode = DEFAULT_H2C_WAKEUP_MODE; 670 671 serdev_device_set_tiocm(nxpdev->serdev, 0, TIOCM_RTS); 672 usleep_range(5000, 10000); 673 serdev_device_set_tiocm(nxpdev->serdev, TIOCM_RTS, 0); 674 usleep_range(5000, 10000); 675 676 psdata->ps_state = PS_STATE_AWAKE; 677 678 if (psdata->c2h_wakeup_gpio != 0xff) 679 psdata->c2h_wakeupmode = BT_HOST_WAKEUP_METHOD_GPIO; 680 else 681 psdata->c2h_wakeupmode = BT_HOST_WAKEUP_METHOD_NONE; 682 683 psdata->cur_h2c_wakeupmode = WAKEUP_METHOD_INVALID; 684 if (psdata->h2c_ps_gpio) 685 default_h2c_wakeup_mode = WAKEUP_METHOD_GPIO; 686 687 psdata->h2c_ps_interval = PS_DEFAULT_TIMEOUT_PERIOD_MS; 688 689 switch (default_h2c_wakeup_mode) { 690 case WAKEUP_METHOD_GPIO: 691 psdata->h2c_wakeupmode = WAKEUP_METHOD_GPIO; 692 gpiod_set_value_cansleep(psdata->h2c_ps_gpio, 0); 693 usleep_range(5000, 10000); 694 break; 695 case WAKEUP_METHOD_DTR: 696 psdata->h2c_wakeupmode = WAKEUP_METHOD_DTR; 697 serdev_device_set_tiocm(nxpdev->serdev, 0, TIOCM_DTR); 698 serdev_device_set_tiocm(nxpdev->serdev, TIOCM_DTR, 0); 699 break; 700 case WAKEUP_METHOD_BREAK: 701 default: 702 psdata->h2c_wakeupmode = WAKEUP_METHOD_BREAK; 703 serdev_device_break_ctl(nxpdev->serdev, -1); 704 usleep_range(5000, 10000); 705 serdev_device_break_ctl(nxpdev->serdev, 0); 706 usleep_range(5000, 10000); 707 break; 708 } 709 710 psdata->cur_psmode = PS_MODE_DISABLE; 711 psdata->target_ps_mode = DEFAULT_PS_MODE; 712 } 713 714 /* NXP Firmware Download Feature */ 715 static int nxp_download_firmware(struct hci_dev *hdev) 716 { 717 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 718 int err = 0; 719 720 nxpdev->fw_dnld_v1_offset = 0; 721 nxpdev->fw_v1_sent_bytes = 0; 722 nxpdev->fw_v1_expected_len = HDR_LEN; 723 nxpdev->boot_reg_offset = 0; 724 nxpdev->fw_dnld_v3_offset = 0; 725 nxpdev->fw_v3_offset_correction = 0; 726 nxpdev->baudrate_changed = not_changed; 727 nxpdev->timeout_changed = not_changed; 728 nxpdev->helper_downloaded = false; 729 730 serdev_device_set_baudrate(nxpdev->serdev, HCI_NXP_PRI_BAUDRATE); 731 serdev_device_set_flow_control(nxpdev->serdev, false); 732 nxpdev->current_baudrate = HCI_NXP_PRI_BAUDRATE; 733 734 /* Wait till FW is downloaded */ 735 err = wait_event_interruptible_timeout(nxpdev->fw_dnld_done_wait_q, 736 !test_bit(BTNXPUART_FW_DOWNLOADING, 737 &nxpdev->tx_state), 738 msecs_to_jiffies(60000)); 739 740 if (nxpdev->fw && strlen(nxpdev->fw_name)) { 741 release_firmware(nxpdev->fw); 742 memset(nxpdev->fw_name, 0, sizeof(nxpdev->fw_name)); 743 } 744 745 if (err == 0) { 746 bt_dev_err(hdev, "FW Download Timeout. offset: %d", 747 nxpdev->fw_dnld_v1_offset ? 748 nxpdev->fw_dnld_v1_offset : 749 nxpdev->fw_dnld_v3_offset); 750 return -ETIMEDOUT; 751 } 752 if (test_bit(BTNXPUART_FW_DOWNLOAD_ABORT, &nxpdev->tx_state)) { 753 bt_dev_err(hdev, "FW Download Aborted"); 754 return -EINTR; 755 } 756 757 serdev_device_set_flow_control(nxpdev->serdev, true); 758 759 /* Allow the downloaded FW to initialize */ 760 msleep(1200); 761 762 return 0; 763 } 764 765 static void nxp_send_ack(u8 ack, struct hci_dev *hdev) 766 { 767 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 768 u8 ack_nak[2]; 769 int len = 1; 770 771 ack_nak[0] = ack; 772 if (ack == NXP_ACK_V3) { 773 ack_nak[1] = crc8(crc8_table, ack_nak, 1, 0xff); 774 len = 2; 775 } 776 serdev_device_write_buf(nxpdev->serdev, ack_nak, len); 777 } 778 779 static bool nxp_fw_change_baudrate(struct hci_dev *hdev, u16 req_len) 780 { 781 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 782 struct nxp_bootloader_cmd nxp_cmd5; 783 struct uart_config uart_config; 784 u32 clkdivaddr = CLKDIVADDR - nxpdev->boot_reg_offset; 785 u32 uartdivaddr = UARTDIVADDR - nxpdev->boot_reg_offset; 786 u32 uartmcraddr = UARTMCRADDR - nxpdev->boot_reg_offset; 787 u32 uartreinitaddr = UARTREINITADDR - nxpdev->boot_reg_offset; 788 u32 uarticraddr = UARTICRADDR - nxpdev->boot_reg_offset; 789 u32 uartfcraddr = UARTFCRADDR - nxpdev->boot_reg_offset; 790 791 if (req_len == sizeof(nxp_cmd5)) { 792 nxp_cmd5.header = __cpu_to_le32(5); 793 nxp_cmd5.arg = 0; 794 nxp_cmd5.payload_len = __cpu_to_le32(sizeof(uart_config)); 795 /* FW expects swapped CRC bytes */ 796 nxp_cmd5.crc = __cpu_to_be32(crc32_be(0UL, (char *)&nxp_cmd5, 797 sizeof(nxp_cmd5) - 4)); 798 799 serdev_device_write_buf(nxpdev->serdev, (u8 *)&nxp_cmd5, sizeof(nxp_cmd5)); 800 nxpdev->fw_v3_offset_correction += req_len; 801 } else if (req_len == sizeof(uart_config)) { 802 uart_config.clkdiv.address = __cpu_to_le32(clkdivaddr); 803 uart_config.clkdiv.value = __cpu_to_le32(0x00c00000); 804 uart_config.uartdiv.address = __cpu_to_le32(uartdivaddr); 805 uart_config.uartdiv.value = __cpu_to_le32(1); 806 uart_config.mcr.address = __cpu_to_le32(uartmcraddr); 807 uart_config.mcr.value = __cpu_to_le32(MCR); 808 uart_config.re_init.address = __cpu_to_le32(uartreinitaddr); 809 uart_config.re_init.value = __cpu_to_le32(INIT); 810 uart_config.icr.address = __cpu_to_le32(uarticraddr); 811 uart_config.icr.value = __cpu_to_le32(ICR); 812 uart_config.fcr.address = __cpu_to_le32(uartfcraddr); 813 uart_config.fcr.value = __cpu_to_le32(FCR); 814 /* FW expects swapped CRC bytes */ 815 uart_config.crc = __cpu_to_be32(crc32_be(0UL, (char *)&uart_config, 816 sizeof(uart_config) - 4)); 817 818 serdev_device_write_buf(nxpdev->serdev, (u8 *)&uart_config, sizeof(uart_config)); 819 serdev_device_wait_until_sent(nxpdev->serdev, 0); 820 nxpdev->fw_v3_offset_correction += req_len; 821 return true; 822 } 823 return false; 824 } 825 826 static bool nxp_fw_change_timeout(struct hci_dev *hdev, u16 req_len) 827 { 828 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 829 struct nxp_bootloader_cmd nxp_cmd7; 830 831 if (req_len != sizeof(nxp_cmd7)) 832 return false; 833 834 nxp_cmd7.header = __cpu_to_le32(7); 835 nxp_cmd7.arg = __cpu_to_le32(0x70); 836 nxp_cmd7.payload_len = 0; 837 /* FW expects swapped CRC bytes */ 838 nxp_cmd7.crc = __cpu_to_be32(crc32_be(0UL, (char *)&nxp_cmd7, 839 sizeof(nxp_cmd7) - 4)); 840 serdev_device_write_buf(nxpdev->serdev, (u8 *)&nxp_cmd7, sizeof(nxp_cmd7)); 841 serdev_device_wait_until_sent(nxpdev->serdev, 0); 842 nxpdev->fw_v3_offset_correction += req_len; 843 return true; 844 } 845 846 static u32 nxp_get_data_len(const u8 *buf) 847 { 848 struct nxp_bootloader_cmd *hdr = (struct nxp_bootloader_cmd *)buf; 849 850 return __le32_to_cpu(hdr->payload_len); 851 } 852 853 static bool is_fw_downloading(struct btnxpuart_dev *nxpdev) 854 { 855 return test_bit(BTNXPUART_FW_DOWNLOADING, &nxpdev->tx_state); 856 } 857 858 static bool ind_reset_in_progress(struct btnxpuart_dev *nxpdev) 859 { 860 return test_bit(BTNXPUART_IR_IN_PROGRESS, &nxpdev->tx_state); 861 } 862 863 static bool fw_dump_in_progress(struct btnxpuart_dev *nxpdev) 864 { 865 return test_bit(BTNXPUART_FW_DUMP_IN_PROGRESS, &nxpdev->tx_state); 866 } 867 868 static bool process_boot_signature(struct btnxpuart_dev *nxpdev) 869 { 870 if (test_bit(BTNXPUART_CHECK_BOOT_SIGNATURE, &nxpdev->tx_state)) { 871 clear_bit(BTNXPUART_CHECK_BOOT_SIGNATURE, &nxpdev->tx_state); 872 wake_up_interruptible(&nxpdev->check_boot_sign_wait_q); 873 return false; 874 } 875 return is_fw_downloading(nxpdev); 876 } 877 878 static int nxp_request_firmware(struct hci_dev *hdev, const char *fw_name, 879 const char *fw_name_old) 880 { 881 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 882 const char *fw_name_dt; 883 int err = 0; 884 885 if (!fw_name) 886 return -ENOENT; 887 888 if (!strlen(nxpdev->fw_name)) { 889 if (strcmp(fw_name, FIRMWARE_HELPER) && 890 !device_property_read_string(&nxpdev->serdev->dev, 891 "firmware-name", 892 &fw_name_dt)) 893 fw_name = fw_name_dt; 894 snprintf(nxpdev->fw_name, MAX_FW_FILE_NAME_LEN, "nxp/%s", fw_name); 895 err = request_firmware_direct(&nxpdev->fw, nxpdev->fw_name, &hdev->dev); 896 if (err < 0 && fw_name_old) { 897 snprintf(nxpdev->fw_name, MAX_FW_FILE_NAME_LEN, "nxp/%s", fw_name_old); 898 err = request_firmware_direct(&nxpdev->fw, nxpdev->fw_name, &hdev->dev); 899 } 900 901 bt_dev_info(hdev, "Request Firmware: %s", nxpdev->fw_name); 902 if (err < 0) { 903 bt_dev_err(hdev, "Firmware file %s not found", nxpdev->fw_name); 904 clear_bit(BTNXPUART_FW_DOWNLOADING, &nxpdev->tx_state); 905 } 906 } 907 return err; 908 } 909 910 /* for legacy chipsets with V1 bootloader */ 911 static int nxp_recv_chip_ver_v1(struct hci_dev *hdev, struct sk_buff *skb) 912 { 913 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 914 struct v1_start_ind *req; 915 __u16 chip_id; 916 917 req = skb_pull_data(skb, sizeof(*req)); 918 if (!req) 919 goto free_skb; 920 921 chip_id = le16_to_cpu(req->chip_id ^ req->chip_id_comp); 922 if (chip_id == 0xffff && nxpdev->fw_dnld_v1_offset) { 923 nxpdev->fw_dnld_v1_offset = 0; 924 nxpdev->fw_v1_sent_bytes = 0; 925 nxpdev->fw_v1_expected_len = HDR_LEN; 926 release_firmware(nxpdev->fw); 927 memset(nxpdev->fw_name, 0, sizeof(nxpdev->fw_name)); 928 nxp_send_ack(NXP_ACK_V1, hdev); 929 } 930 931 free_skb: 932 kfree_skb(skb); 933 return 0; 934 } 935 936 static int nxp_recv_fw_req_v1(struct hci_dev *hdev, struct sk_buff *skb) 937 { 938 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 939 struct btnxpuart_data *nxp_data = nxpdev->nxp_data; 940 struct v1_data_req *req; 941 __u16 len; 942 943 if (!process_boot_signature(nxpdev)) 944 goto free_skb; 945 946 req = skb_pull_data(skb, sizeof(*req)); 947 if (!req) 948 goto free_skb; 949 950 len = __le16_to_cpu(req->len ^ req->len_comp); 951 if (len != 0xffff) { 952 bt_dev_dbg(hdev, "ERR: Send NAK"); 953 nxp_send_ack(NXP_NAK_V1, hdev); 954 goto free_skb; 955 } 956 nxp_send_ack(NXP_ACK_V1, hdev); 957 958 len = __le16_to_cpu(req->len); 959 960 if (!nxp_data->helper_fw_name) { 961 if (nxpdev->timeout_changed != changed) { 962 nxp_fw_change_timeout(hdev, len); 963 nxpdev->timeout_changed = changed; 964 goto free_skb; 965 } 966 if (nxpdev->baudrate_changed != changed) { 967 if (nxp_fw_change_baudrate(hdev, len)) { 968 nxpdev->baudrate_changed = changed; 969 serdev_device_set_baudrate(nxpdev->serdev, 970 HCI_NXP_SEC_BAUDRATE); 971 serdev_device_set_flow_control(nxpdev->serdev, true); 972 nxpdev->current_baudrate = HCI_NXP_SEC_BAUDRATE; 973 } 974 goto free_skb; 975 } 976 } 977 978 if (!nxp_data->helper_fw_name || nxpdev->helper_downloaded) { 979 if (nxp_request_firmware(hdev, nxp_data->fw_name, nxp_data->fw_name_old)) 980 goto free_skb; 981 } else if (nxp_data->helper_fw_name && !nxpdev->helper_downloaded) { 982 if (nxp_request_firmware(hdev, nxp_data->helper_fw_name, NULL)) 983 goto free_skb; 984 } 985 986 if (!len) { 987 bt_dev_info(hdev, "FW Download Complete: %zu bytes", 988 nxpdev->fw->size); 989 if (nxp_data->helper_fw_name && !nxpdev->helper_downloaded) { 990 nxpdev->helper_downloaded = true; 991 serdev_device_wait_until_sent(nxpdev->serdev, 0); 992 serdev_device_set_baudrate(nxpdev->serdev, 993 HCI_NXP_SEC_BAUDRATE); 994 serdev_device_set_flow_control(nxpdev->serdev, true); 995 } else { 996 clear_bit(BTNXPUART_FW_DOWNLOADING, &nxpdev->tx_state); 997 wake_up_interruptible(&nxpdev->fw_dnld_done_wait_q); 998 } 999 goto free_skb; 1000 } 1001 if (len & 0x01) { 1002 /* The CRC did not match at the other end. 1003 * Simply send the same bytes again. 1004 */ 1005 len = nxpdev->fw_v1_sent_bytes; 1006 bt_dev_dbg(hdev, "CRC error. Resend %d bytes of FW.", len); 1007 } else { 1008 nxpdev->fw_dnld_v1_offset += nxpdev->fw_v1_sent_bytes; 1009 1010 /* The FW bin file is made up of many blocks of 1011 * 16 byte header and payload data chunks. If the 1012 * FW has requested a header, read the payload length 1013 * info from the header, before sending the header. 1014 * In the next iteration, the FW should request the 1015 * payload data chunk, which should be equal to the 1016 * payload length read from header. If there is a 1017 * mismatch, clearly the driver and FW are out of sync, 1018 * and we need to re-send the previous header again. 1019 */ 1020 if (len == nxpdev->fw_v1_expected_len) { 1021 if (len == HDR_LEN) 1022 nxpdev->fw_v1_expected_len = nxp_get_data_len(nxpdev->fw->data + 1023 nxpdev->fw_dnld_v1_offset); 1024 else 1025 nxpdev->fw_v1_expected_len = HDR_LEN; 1026 } else if (len == HDR_LEN) { 1027 /* FW download out of sync. Send previous chunk again */ 1028 nxpdev->fw_dnld_v1_offset -= nxpdev->fw_v1_sent_bytes; 1029 nxpdev->fw_v1_expected_len = HDR_LEN; 1030 } 1031 } 1032 1033 if (nxpdev->fw_dnld_v1_offset + len <= nxpdev->fw->size) 1034 serdev_device_write_buf(nxpdev->serdev, nxpdev->fw->data + 1035 nxpdev->fw_dnld_v1_offset, len); 1036 nxpdev->fw_v1_sent_bytes = len; 1037 1038 free_skb: 1039 kfree_skb(skb); 1040 return 0; 1041 } 1042 1043 static char *nxp_get_fw_name_from_chipid(struct hci_dev *hdev, u16 chipid, 1044 u8 loader_ver) 1045 { 1046 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 1047 char *fw_name = NULL; 1048 1049 switch (chipid) { 1050 case CHIP_ID_W9098: 1051 fw_name = FIRMWARE_W9098; 1052 break; 1053 case CHIP_ID_IW416: 1054 fw_name = FIRMWARE_IW416; 1055 break; 1056 case CHIP_ID_IW612: 1057 fw_name = FIRMWARE_IW612; 1058 break; 1059 case CHIP_ID_IW624a: 1060 case CHIP_ID_IW624c: 1061 nxpdev->boot_reg_offset = 1; 1062 if ((loader_ver & FW_SECURE_MASK) == FW_OPEN) 1063 fw_name = FIRMWARE_IW624; 1064 else if ((loader_ver & FW_SECURE_MASK) != FW_AUTH_ILLEGAL) 1065 fw_name = FIRMWARE_SECURE_IW624; 1066 else 1067 bt_dev_err(hdev, "Illegal loader version %02x", loader_ver); 1068 break; 1069 case CHIP_ID_AW693a0: 1070 if ((loader_ver & FW_SECURE_MASK) == FW_OPEN) 1071 fw_name = FIRMWARE_AW693; 1072 else if ((loader_ver & FW_SECURE_MASK) != FW_AUTH_ILLEGAL) 1073 fw_name = FIRMWARE_SECURE_AW693; 1074 else 1075 bt_dev_err(hdev, "Illegal loader version %02x", loader_ver); 1076 break; 1077 case CHIP_ID_AW693a1: 1078 if ((loader_ver & FW_SECURE_MASK) == FW_OPEN) 1079 fw_name = FIRMWARE_AW693_A1; 1080 else if ((loader_ver & FW_SECURE_MASK) != FW_AUTH_ILLEGAL) 1081 fw_name = FIRMWARE_SECURE_AW693_A1; 1082 else 1083 bt_dev_err(hdev, "Illegal loader version %02x", loader_ver); 1084 break; 1085 case CHIP_ID_IW610a0: 1086 case CHIP_ID_IW610a1: 1087 if ((loader_ver & FW_SECURE_MASK) == FW_OPEN) 1088 fw_name = FIRMWARE_IW610; 1089 else if ((loader_ver & FW_SECURE_MASK) != FW_AUTH_ILLEGAL) 1090 fw_name = FIRMWARE_SECURE_IW610; 1091 else 1092 bt_dev_err(hdev, "Illegal loader version %02x", loader_ver); 1093 break; 1094 default: 1095 bt_dev_err(hdev, "Unknown chip signature %04x", chipid); 1096 break; 1097 } 1098 return fw_name; 1099 } 1100 1101 static char *nxp_get_old_fw_name_from_chipid(struct hci_dev *hdev, u16 chipid, 1102 u8 loader_ver) 1103 { 1104 char *fw_name_old = NULL; 1105 1106 switch (chipid) { 1107 case CHIP_ID_W9098: 1108 fw_name_old = FIRMWARE_W9098_OLD; 1109 break; 1110 case CHIP_ID_IW416: 1111 fw_name_old = FIRMWARE_IW416_OLD; 1112 break; 1113 } 1114 return fw_name_old; 1115 } 1116 1117 static int nxp_recv_chip_ver_v3(struct hci_dev *hdev, struct sk_buff *skb) 1118 { 1119 struct v3_start_ind *req = skb_pull_data(skb, sizeof(*req)); 1120 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 1121 const char *fw_name; 1122 const char *fw_name_old; 1123 u16 chip_id; 1124 u8 loader_ver; 1125 1126 if (!process_boot_signature(nxpdev)) 1127 goto free_skb; 1128 1129 chip_id = le16_to_cpu(req->chip_id); 1130 loader_ver = req->loader_ver; 1131 bt_dev_info(hdev, "ChipID: %04x, Version: %d", chip_id, loader_ver); 1132 fw_name = nxp_get_fw_name_from_chipid(hdev, chip_id, loader_ver); 1133 fw_name_old = nxp_get_old_fw_name_from_chipid(hdev, chip_id, loader_ver); 1134 if (!nxp_request_firmware(hdev, fw_name, fw_name_old)) 1135 nxp_send_ack(NXP_ACK_V3, hdev); 1136 1137 free_skb: 1138 kfree_skb(skb); 1139 return 0; 1140 } 1141 1142 static void nxp_handle_fw_download_error(struct hci_dev *hdev, struct v3_data_req *req) 1143 { 1144 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 1145 __u32 offset = __le32_to_cpu(req->offset); 1146 __u16 err = __le16_to_cpu(req->error); 1147 union nxp_v3_rx_timeout_nak_u timeout_nak_buf; 1148 union nxp_v3_crc_nak_u crc_nak_buf; 1149 1150 if (err & NXP_CRC_RX_ERROR) { 1151 crc_nak_buf.pkt.nak = NXP_CRC_ERROR_V3; 1152 crc_nak_buf.pkt.crc = crc8(crc8_table, crc_nak_buf.buf, 1153 sizeof(crc_nak_buf) - 1, 0xff); 1154 serdev_device_write_buf(nxpdev->serdev, crc_nak_buf.buf, 1155 sizeof(crc_nak_buf)); 1156 } else if (err & NXP_ACK_RX_TIMEOUT || 1157 err & NXP_HDR_RX_TIMEOUT || 1158 err & NXP_DATA_RX_TIMEOUT) { 1159 timeout_nak_buf.pkt.nak = NXP_NAK_V3; 1160 timeout_nak_buf.pkt.offset = __cpu_to_le32(offset); 1161 timeout_nak_buf.pkt.crc = crc8(crc8_table, timeout_nak_buf.buf, 1162 sizeof(timeout_nak_buf) - 1, 0xff); 1163 serdev_device_write_buf(nxpdev->serdev, timeout_nak_buf.buf, 1164 sizeof(timeout_nak_buf)); 1165 } else { 1166 bt_dev_err(hdev, "Unknown bootloader error code: %d", err); 1167 } 1168 } 1169 1170 static int nxp_recv_fw_req_v3(struct hci_dev *hdev, struct sk_buff *skb) 1171 { 1172 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 1173 struct v3_data_req *req; 1174 __u16 len = 0; 1175 __u16 err = 0; 1176 __u32 offset; 1177 1178 if (!process_boot_signature(nxpdev)) 1179 goto free_skb; 1180 1181 req = skb_pull_data(skb, sizeof(*req)); 1182 if (!req || !nxpdev->fw) 1183 goto free_skb; 1184 1185 err = __le16_to_cpu(req->error); 1186 1187 if (!err) { 1188 nxp_send_ack(NXP_ACK_V3, hdev); 1189 if (nxpdev->timeout_changed == cmd_sent) 1190 nxpdev->timeout_changed = changed; 1191 if (nxpdev->baudrate_changed == cmd_sent) 1192 nxpdev->baudrate_changed = changed; 1193 } else { 1194 nxp_handle_fw_download_error(hdev, req); 1195 if (nxpdev->timeout_changed == cmd_sent && 1196 err == NXP_CRC_RX_ERROR) { 1197 nxpdev->fw_v3_offset_correction -= nxpdev->fw_v3_prev_sent; 1198 nxpdev->timeout_changed = not_changed; 1199 } 1200 if (nxpdev->baudrate_changed == cmd_sent && 1201 err == NXP_CRC_RX_ERROR) { 1202 nxpdev->fw_v3_offset_correction -= nxpdev->fw_v3_prev_sent; 1203 nxpdev->baudrate_changed = not_changed; 1204 } 1205 goto free_skb; 1206 } 1207 1208 len = __le16_to_cpu(req->len); 1209 1210 if (nxpdev->timeout_changed != changed) { 1211 nxp_fw_change_timeout(hdev, len); 1212 nxpdev->timeout_changed = cmd_sent; 1213 goto free_skb; 1214 } 1215 1216 if (nxpdev->baudrate_changed != changed) { 1217 if (nxp_fw_change_baudrate(hdev, len)) { 1218 nxpdev->baudrate_changed = cmd_sent; 1219 serdev_device_set_baudrate(nxpdev->serdev, 1220 HCI_NXP_SEC_BAUDRATE); 1221 serdev_device_set_flow_control(nxpdev->serdev, true); 1222 nxpdev->current_baudrate = HCI_NXP_SEC_BAUDRATE; 1223 } 1224 goto free_skb; 1225 } 1226 1227 if (req->len == 0) { 1228 bt_dev_info(hdev, "FW Download Complete: %zu bytes", 1229 nxpdev->fw->size); 1230 clear_bit(BTNXPUART_FW_DOWNLOADING, &nxpdev->tx_state); 1231 wake_up_interruptible(&nxpdev->fw_dnld_done_wait_q); 1232 goto free_skb; 1233 } 1234 1235 offset = __le32_to_cpu(req->offset); 1236 if (offset < nxpdev->fw_v3_offset_correction) { 1237 /* This scenario should ideally never occur. But if it ever does, 1238 * FW is out of sync and needs a power cycle. 1239 */ 1240 bt_dev_err(hdev, "Something went wrong during FW download"); 1241 bt_dev_err(hdev, "Please power cycle and try again"); 1242 goto free_skb; 1243 } 1244 1245 nxpdev->fw_dnld_v3_offset = offset - nxpdev->fw_v3_offset_correction; 1246 serdev_device_write_buf(nxpdev->serdev, nxpdev->fw->data + 1247 nxpdev->fw_dnld_v3_offset, len); 1248 1249 free_skb: 1250 nxpdev->fw_v3_prev_sent = len; 1251 kfree_skb(skb); 1252 return 0; 1253 } 1254 1255 static int nxp_set_baudrate_cmd(struct hci_dev *hdev, void *data) 1256 { 1257 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 1258 __le32 new_baudrate = __cpu_to_le32(nxpdev->new_baudrate); 1259 struct ps_data *psdata = &nxpdev->psdata; 1260 struct sk_buff *skb; 1261 u8 *status; 1262 1263 if (!psdata) 1264 return 0; 1265 1266 skb = nxp_drv_send_cmd(hdev, HCI_NXP_SET_OPER_SPEED, 4, (u8 *)&new_baudrate); 1267 if (IS_ERR(skb)) { 1268 bt_dev_err(hdev, "Setting baudrate failed (%ld)", PTR_ERR(skb)); 1269 return PTR_ERR(skb); 1270 } 1271 1272 status = (u8 *)skb_pull_data(skb, 1); 1273 if (status) { 1274 if (*status == 0) { 1275 serdev_device_set_baudrate(nxpdev->serdev, nxpdev->new_baudrate); 1276 nxpdev->current_baudrate = nxpdev->new_baudrate; 1277 } 1278 bt_dev_dbg(hdev, "Set baudrate response: status=%d, baudrate=%d", 1279 *status, nxpdev->new_baudrate); 1280 } 1281 kfree_skb(skb); 1282 1283 return 0; 1284 } 1285 1286 static int nxp_check_boot_sign(struct btnxpuart_dev *nxpdev) 1287 { 1288 serdev_device_set_baudrate(nxpdev->serdev, HCI_NXP_PRI_BAUDRATE); 1289 if (ind_reset_in_progress(nxpdev)) 1290 serdev_device_set_flow_control(nxpdev->serdev, false); 1291 else 1292 serdev_device_set_flow_control(nxpdev->serdev, true); 1293 set_bit(BTNXPUART_CHECK_BOOT_SIGNATURE, &nxpdev->tx_state); 1294 1295 return wait_event_interruptible_timeout(nxpdev->check_boot_sign_wait_q, 1296 !test_bit(BTNXPUART_CHECK_BOOT_SIGNATURE, 1297 &nxpdev->tx_state), 1298 msecs_to_jiffies(1000)); 1299 } 1300 1301 static int nxp_set_ind_reset(struct hci_dev *hdev, void *data) 1302 { 1303 static const u8 ir_hw_err[] = { HCI_EV_HARDWARE_ERROR, 1304 0x01, BTNXPUART_IR_HW_ERR }; 1305 struct sk_buff *skb; 1306 1307 skb = bt_skb_alloc(3, GFP_ATOMIC); 1308 if (!skb) 1309 return -ENOMEM; 1310 1311 hci_skb_pkt_type(skb) = HCI_EVENT_PKT; 1312 skb_put_data(skb, ir_hw_err, 3); 1313 1314 /* Inject Hardware Error to upper stack */ 1315 return hci_recv_frame(hdev, skb); 1316 } 1317 1318 /* Firmware dump */ 1319 static void nxp_coredump(struct hci_dev *hdev) 1320 { 1321 struct sk_buff *skb; 1322 u8 pcmd = 2; 1323 1324 skb = nxp_drv_send_cmd(hdev, HCI_NXP_TRIGGER_DUMP, 1, &pcmd); 1325 if (IS_ERR(skb)) 1326 bt_dev_err(hdev, "Failed to trigger FW Dump. (%ld)", PTR_ERR(skb)); 1327 else 1328 kfree_skb(skb); 1329 } 1330 1331 static void nxp_coredump_hdr(struct hci_dev *hdev, struct sk_buff *skb) 1332 { 1333 /* Nothing to be added in FW dump header */ 1334 } 1335 1336 static int nxp_process_fw_dump(struct hci_dev *hdev, struct sk_buff *skb) 1337 { 1338 struct hci_acl_hdr *acl_hdr = (struct hci_acl_hdr *)skb_pull_data(skb, 1339 sizeof(*acl_hdr)); 1340 struct nxp_fw_dump_hdr *fw_dump_hdr = (struct nxp_fw_dump_hdr *)skb->data; 1341 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 1342 __u16 seq_num = __le16_to_cpu(fw_dump_hdr->seq_num); 1343 __u16 buf_len = __le16_to_cpu(fw_dump_hdr->buf_len); 1344 int err; 1345 1346 if (seq_num == 0x0001) { 1347 if (test_and_set_bit(BTNXPUART_FW_DUMP_IN_PROGRESS, &nxpdev->tx_state)) { 1348 bt_dev_err(hdev, "FW dump already in progress"); 1349 goto free_skb; 1350 } 1351 bt_dev_warn(hdev, "==== Start FW dump ==="); 1352 err = hci_devcd_init(hdev, NXP_FW_DUMP_SIZE); 1353 if (err < 0) 1354 goto free_skb; 1355 1356 schedule_delayed_work(&hdev->dump.dump_timeout, 1357 msecs_to_jiffies(20000)); 1358 } 1359 1360 err = hci_devcd_append(hdev, skb_clone(skb, GFP_ATOMIC)); 1361 if (err < 0) 1362 goto free_skb; 1363 1364 if (buf_len == 0) { 1365 bt_dev_warn(hdev, "==== FW dump complete ==="); 1366 clear_bit(BTNXPUART_FW_DUMP_IN_PROGRESS, &nxpdev->tx_state); 1367 hci_devcd_complete(hdev); 1368 nxp_set_ind_reset(hdev, NULL); 1369 } 1370 1371 free_skb: 1372 kfree_skb(skb); 1373 return 0; 1374 } 1375 1376 static int nxp_recv_acl_pkt(struct hci_dev *hdev, struct sk_buff *skb) 1377 { 1378 __u16 handle = __le16_to_cpu(hci_acl_hdr(skb)->handle); 1379 1380 /* FW dump chunks are ACL packets with conn handle 0xfff */ 1381 if ((handle & 0x0FFF) == 0xFFF) 1382 return nxp_process_fw_dump(hdev, skb); 1383 else 1384 return hci_recv_frame(hdev, skb); 1385 } 1386 1387 static int nxp_set_bdaddr(struct hci_dev *hdev, const bdaddr_t *bdaddr) 1388 { 1389 union nxp_set_bd_addr_payload pcmd; 1390 int err; 1391 1392 pcmd.data.param_id = 0xfe; 1393 pcmd.data.param_len = 6; 1394 memcpy(pcmd.data.param, bdaddr, 6); 1395 1396 /* BD address can be assigned only after first reset command. */ 1397 err = __hci_cmd_sync_status(hdev, HCI_OP_RESET, 0, NULL, 1398 HCI_INIT_TIMEOUT); 1399 if (err) { 1400 bt_dev_err(hdev, 1401 "Reset before setting local-bd-addr failed (%d)", 1402 err); 1403 return err; 1404 } 1405 1406 err = __hci_cmd_sync_status(hdev, HCI_NXP_SET_BD_ADDR, sizeof(pcmd), 1407 pcmd.buf, HCI_CMD_TIMEOUT); 1408 if (err) { 1409 bt_dev_err(hdev, "Changing device address failed (%d)", err); 1410 return err; 1411 } 1412 1413 return 0; 1414 } 1415 1416 /* NXP protocol */ 1417 static int nxp_setup(struct hci_dev *hdev) 1418 { 1419 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 1420 int err = 0; 1421 1422 if (nxp_check_boot_sign(nxpdev)) { 1423 bt_dev_dbg(hdev, "Need FW Download."); 1424 err = nxp_download_firmware(hdev); 1425 if (err < 0) 1426 return err; 1427 } else { 1428 bt_dev_info(hdev, "FW already running."); 1429 clear_bit(BTNXPUART_FW_DOWNLOADING, &nxpdev->tx_state); 1430 } 1431 1432 serdev_device_set_baudrate(nxpdev->serdev, nxpdev->fw_init_baudrate); 1433 nxpdev->current_baudrate = nxpdev->fw_init_baudrate; 1434 1435 ps_init(hdev); 1436 1437 if (test_and_clear_bit(BTNXPUART_IR_IN_PROGRESS, &nxpdev->tx_state)) 1438 hci_dev_clear_flag(hdev, HCI_SETUP); 1439 1440 return 0; 1441 } 1442 1443 static int nxp_post_init(struct hci_dev *hdev) 1444 { 1445 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 1446 struct ps_data *psdata = &nxpdev->psdata; 1447 1448 if (nxpdev->current_baudrate != HCI_NXP_SEC_BAUDRATE) { 1449 nxpdev->new_baudrate = HCI_NXP_SEC_BAUDRATE; 1450 nxp_set_baudrate_cmd(hdev, NULL); 1451 } 1452 if (psdata->cur_h2c_wakeupmode != psdata->h2c_wakeupmode) 1453 send_wakeup_method_cmd(hdev, NULL); 1454 if (psdata->cur_psmode != psdata->target_ps_mode) 1455 send_ps_cmd(hdev, NULL); 1456 return 0; 1457 } 1458 1459 static void nxp_hw_err(struct hci_dev *hdev, u8 code) 1460 { 1461 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 1462 1463 switch (code) { 1464 case BTNXPUART_IR_HW_ERR: 1465 set_bit(BTNXPUART_IR_IN_PROGRESS, &nxpdev->tx_state); 1466 hci_dev_set_flag(hdev, HCI_SETUP); 1467 break; 1468 default: 1469 break; 1470 } 1471 } 1472 1473 static int nxp_shutdown(struct hci_dev *hdev) 1474 { 1475 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 1476 struct sk_buff *skb; 1477 u8 pcmd = 0; 1478 1479 if (ind_reset_in_progress(nxpdev)) { 1480 skb = nxp_drv_send_cmd(hdev, HCI_NXP_IND_RESET, 1, &pcmd); 1481 serdev_device_set_flow_control(nxpdev->serdev, false); 1482 set_bit(BTNXPUART_FW_DOWNLOADING, &nxpdev->tx_state); 1483 /* HCI_NXP_IND_RESET command may not returns any response */ 1484 if (!IS_ERR(skb)) 1485 kfree_skb(skb); 1486 } 1487 1488 return 0; 1489 } 1490 1491 static bool nxp_wakeup(struct hci_dev *hdev) 1492 { 1493 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 1494 struct ps_data *psdata = &nxpdev->psdata; 1495 1496 if (psdata->c2h_wakeupmode != BT_HOST_WAKEUP_METHOD_NONE) 1497 return true; 1498 1499 return false; 1500 } 1501 1502 static void nxp_reset(struct hci_dev *hdev) 1503 { 1504 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 1505 1506 if (!ind_reset_in_progress(nxpdev) && !fw_dump_in_progress(nxpdev)) { 1507 bt_dev_dbg(hdev, "CMD Timeout detected. Resetting."); 1508 nxp_set_ind_reset(hdev, NULL); 1509 } 1510 } 1511 1512 static int btnxpuart_queue_skb(struct hci_dev *hdev, struct sk_buff *skb) 1513 { 1514 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 1515 1516 /* Prepend skb with frame type */ 1517 memcpy(skb_push(skb, 1), &hci_skb_pkt_type(skb), 1); 1518 skb_queue_tail(&nxpdev->txq, skb); 1519 btnxpuart_tx_wakeup(nxpdev); 1520 return 0; 1521 } 1522 1523 static int nxp_enqueue(struct hci_dev *hdev, struct sk_buff *skb) 1524 { 1525 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 1526 struct ps_data *psdata = &nxpdev->psdata; 1527 struct hci_command_hdr *hdr; 1528 struct psmode_cmd_payload ps_parm; 1529 struct wakeup_cmd_payload wakeup_parm; 1530 __le32 baudrate_parm; 1531 1532 if (fw_dump_in_progress(nxpdev)) 1533 return -EBUSY; 1534 1535 /* if vendor commands are received from user space (e.g. hcitool), update 1536 * driver flags accordingly and ask driver to re-send the command to FW. 1537 * In case the payload for any command does not match expected payload 1538 * length, let the firmware and user space program handle it, or throw 1539 * an error. 1540 */ 1541 if (bt_cb(skb)->pkt_type == HCI_COMMAND_PKT && !psdata->driver_sent_cmd) { 1542 hdr = (struct hci_command_hdr *)skb->data; 1543 if (hdr->plen != (skb->len - HCI_COMMAND_HDR_SIZE)) 1544 return btnxpuart_queue_skb(hdev, skb); 1545 1546 switch (__le16_to_cpu(hdr->opcode)) { 1547 case HCI_NXP_AUTO_SLEEP_MODE: 1548 if (hdr->plen == sizeof(ps_parm)) { 1549 memcpy(&ps_parm, skb->data + HCI_COMMAND_HDR_SIZE, hdr->plen); 1550 if (ps_parm.ps_cmd == BT_PS_ENABLE) 1551 psdata->target_ps_mode = PS_MODE_ENABLE; 1552 else if (ps_parm.ps_cmd == BT_PS_DISABLE) 1553 psdata->target_ps_mode = PS_MODE_DISABLE; 1554 psdata->c2h_ps_interval = __le16_to_cpu(ps_parm.c2h_ps_interval); 1555 hci_cmd_sync_queue(hdev, send_ps_cmd, NULL, NULL); 1556 goto free_skb; 1557 } 1558 break; 1559 case HCI_NXP_WAKEUP_METHOD: 1560 if (hdr->plen == sizeof(wakeup_parm)) { 1561 memcpy(&wakeup_parm, skb->data + HCI_COMMAND_HDR_SIZE, hdr->plen); 1562 psdata->c2h_wakeupmode = wakeup_parm.c2h_wakeupmode; 1563 psdata->c2h_wakeup_gpio = wakeup_parm.c2h_wakeup_gpio; 1564 psdata->h2c_wakeup_gpio = wakeup_parm.h2c_wakeup_gpio; 1565 switch (wakeup_parm.h2c_wakeupmode) { 1566 case BT_CTRL_WAKEUP_METHOD_GPIO: 1567 psdata->h2c_wakeupmode = WAKEUP_METHOD_GPIO; 1568 break; 1569 case BT_CTRL_WAKEUP_METHOD_DSR: 1570 psdata->h2c_wakeupmode = WAKEUP_METHOD_DTR; 1571 break; 1572 case BT_CTRL_WAKEUP_METHOD_BREAK: 1573 default: 1574 psdata->h2c_wakeupmode = WAKEUP_METHOD_BREAK; 1575 break; 1576 } 1577 hci_cmd_sync_queue(hdev, send_wakeup_method_cmd, NULL, NULL); 1578 goto free_skb; 1579 } 1580 break; 1581 case HCI_NXP_SET_OPER_SPEED: 1582 if (hdr->plen == sizeof(baudrate_parm)) { 1583 memcpy(&baudrate_parm, skb->data + HCI_COMMAND_HDR_SIZE, hdr->plen); 1584 nxpdev->new_baudrate = __le32_to_cpu(baudrate_parm); 1585 hci_cmd_sync_queue(hdev, nxp_set_baudrate_cmd, NULL, NULL); 1586 goto free_skb; 1587 } 1588 break; 1589 case HCI_NXP_IND_RESET: 1590 if (hdr->plen == 1) { 1591 hci_cmd_sync_queue(hdev, nxp_set_ind_reset, NULL, NULL); 1592 goto free_skb; 1593 } 1594 break; 1595 default: 1596 break; 1597 } 1598 } 1599 1600 return btnxpuart_queue_skb(hdev, skb); 1601 1602 free_skb: 1603 kfree_skb(skb); 1604 return 0; 1605 } 1606 1607 static struct sk_buff *nxp_dequeue(void *data) 1608 { 1609 struct btnxpuart_dev *nxpdev = (struct btnxpuart_dev *)data; 1610 1611 ps_start_timer(nxpdev); 1612 return skb_dequeue(&nxpdev->txq); 1613 } 1614 1615 /* btnxpuart based on serdev */ 1616 static void btnxpuart_tx_work(struct work_struct *work) 1617 { 1618 struct btnxpuart_dev *nxpdev = container_of(work, struct btnxpuart_dev, 1619 tx_work); 1620 struct serdev_device *serdev = nxpdev->serdev; 1621 struct hci_dev *hdev = nxpdev->hdev; 1622 struct sk_buff *skb; 1623 int len; 1624 1625 if (ps_wakeup(nxpdev)) 1626 return; 1627 1628 while ((skb = nxp_dequeue(nxpdev))) { 1629 len = serdev_device_write_buf(serdev, skb->data, skb->len); 1630 hdev->stat.byte_tx += len; 1631 1632 skb_pull(skb, len); 1633 if (skb->len > 0) { 1634 skb_queue_head(&nxpdev->txq, skb); 1635 continue; 1636 } 1637 1638 switch (hci_skb_pkt_type(skb)) { 1639 case HCI_COMMAND_PKT: 1640 hdev->stat.cmd_tx++; 1641 break; 1642 case HCI_ACLDATA_PKT: 1643 hdev->stat.acl_tx++; 1644 break; 1645 case HCI_SCODATA_PKT: 1646 hdev->stat.sco_tx++; 1647 break; 1648 } 1649 1650 kfree_skb(skb); 1651 } 1652 clear_bit(BTNXPUART_TX_STATE_ACTIVE, &nxpdev->tx_state); 1653 } 1654 1655 static int btnxpuart_open(struct hci_dev *hdev) 1656 { 1657 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 1658 int err = 0; 1659 1660 err = serdev_device_open(nxpdev->serdev); 1661 if (err) { 1662 bt_dev_err(hdev, "Unable to open UART device %s", 1663 dev_name(&nxpdev->serdev->dev)); 1664 } else { 1665 set_bit(BTNXPUART_SERDEV_OPEN, &nxpdev->tx_state); 1666 } 1667 return err; 1668 } 1669 1670 static int btnxpuart_close(struct hci_dev *hdev) 1671 { 1672 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 1673 1674 serdev_device_close(nxpdev->serdev); 1675 skb_queue_purge(&nxpdev->txq); 1676 if (!IS_ERR_OR_NULL(nxpdev->rx_skb)) { 1677 kfree_skb(nxpdev->rx_skb); 1678 nxpdev->rx_skb = NULL; 1679 } 1680 clear_bit(BTNXPUART_SERDEV_OPEN, &nxpdev->tx_state); 1681 return 0; 1682 } 1683 1684 static int btnxpuart_flush(struct hci_dev *hdev) 1685 { 1686 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 1687 1688 /* Flush any pending characters */ 1689 serdev_device_write_flush(nxpdev->serdev); 1690 skb_queue_purge(&nxpdev->txq); 1691 1692 cancel_work_sync(&nxpdev->tx_work); 1693 1694 if (!IS_ERR_OR_NULL(nxpdev->rx_skb)) { 1695 kfree_skb(nxpdev->rx_skb); 1696 nxpdev->rx_skb = NULL; 1697 } 1698 1699 return 0; 1700 } 1701 1702 static const struct h4_recv_pkt nxp_recv_pkts[] = { 1703 { H4_RECV_ACL, .recv = nxp_recv_acl_pkt }, 1704 { H4_RECV_SCO, .recv = hci_recv_frame }, 1705 { H4_RECV_EVENT, .recv = hci_recv_frame }, 1706 { H4_RECV_ISO, .recv = hci_recv_frame }, 1707 { NXP_RECV_CHIP_VER_V1, .recv = nxp_recv_chip_ver_v1 }, 1708 { NXP_RECV_FW_REQ_V1, .recv = nxp_recv_fw_req_v1 }, 1709 { NXP_RECV_CHIP_VER_V3, .recv = nxp_recv_chip_ver_v3 }, 1710 { NXP_RECV_FW_REQ_V3, .recv = nxp_recv_fw_req_v3 }, 1711 }; 1712 1713 static size_t btnxpuart_receive_buf(struct serdev_device *serdev, 1714 const u8 *data, size_t count) 1715 { 1716 struct btnxpuart_dev *nxpdev = serdev_device_get_drvdata(serdev); 1717 1718 ps_start_timer(nxpdev); 1719 1720 nxpdev->rx_skb = h4_recv_buf(nxpdev->hdev, nxpdev->rx_skb, data, count, 1721 nxp_recv_pkts, ARRAY_SIZE(nxp_recv_pkts)); 1722 if (IS_ERR(nxpdev->rx_skb)) { 1723 int err = PTR_ERR(nxpdev->rx_skb); 1724 /* Safe to ignore out-of-sync bootloader signatures */ 1725 if (!is_fw_downloading(nxpdev) && 1726 !ind_reset_in_progress(nxpdev)) 1727 bt_dev_err(nxpdev->hdev, "Frame reassembly failed (%d)", err); 1728 return count; 1729 } 1730 if (!is_fw_downloading(nxpdev) && 1731 !ind_reset_in_progress(nxpdev)) 1732 nxpdev->hdev->stat.byte_rx += count; 1733 return count; 1734 } 1735 1736 static void btnxpuart_write_wakeup(struct serdev_device *serdev) 1737 { 1738 serdev_device_write_wakeup(serdev); 1739 } 1740 1741 static const struct serdev_device_ops btnxpuart_client_ops = { 1742 .receive_buf = btnxpuart_receive_buf, 1743 .write_wakeup = btnxpuart_write_wakeup, 1744 }; 1745 1746 static int nxp_serdev_probe(struct serdev_device *serdev) 1747 { 1748 struct hci_dev *hdev; 1749 struct btnxpuart_dev *nxpdev; 1750 bdaddr_t ba = {0}; 1751 1752 nxpdev = devm_kzalloc(&serdev->dev, sizeof(*nxpdev), GFP_KERNEL); 1753 if (!nxpdev) 1754 return -ENOMEM; 1755 1756 nxpdev->nxp_data = (struct btnxpuart_data *)device_get_match_data(&serdev->dev); 1757 1758 nxpdev->serdev = serdev; 1759 serdev_device_set_drvdata(serdev, nxpdev); 1760 1761 serdev_device_set_client_ops(serdev, &btnxpuart_client_ops); 1762 1763 INIT_WORK(&nxpdev->tx_work, btnxpuart_tx_work); 1764 skb_queue_head_init(&nxpdev->txq); 1765 1766 init_waitqueue_head(&nxpdev->fw_dnld_done_wait_q); 1767 init_waitqueue_head(&nxpdev->check_boot_sign_wait_q); 1768 1769 device_property_read_u32(&nxpdev->serdev->dev, "fw-init-baudrate", 1770 &nxpdev->fw_init_baudrate); 1771 if (!nxpdev->fw_init_baudrate) 1772 nxpdev->fw_init_baudrate = FW_INIT_BAUDRATE; 1773 1774 set_bit(BTNXPUART_FW_DOWNLOADING, &nxpdev->tx_state); 1775 1776 crc8_populate_msb(crc8_table, POLYNOMIAL8); 1777 1778 /* Initialize and register HCI device */ 1779 hdev = hci_alloc_dev(); 1780 if (!hdev) { 1781 dev_err(&serdev->dev, "Can't allocate HCI device\n"); 1782 return -ENOMEM; 1783 } 1784 1785 nxpdev->hdev = hdev; 1786 1787 hdev->bus = HCI_UART; 1788 hci_set_drvdata(hdev, nxpdev); 1789 1790 hdev->manufacturer = MANUFACTURER_NXP; 1791 hdev->open = btnxpuart_open; 1792 hdev->close = btnxpuart_close; 1793 hdev->flush = btnxpuart_flush; 1794 hdev->setup = nxp_setup; 1795 hdev->post_init = nxp_post_init; 1796 hdev->send = nxp_enqueue; 1797 hdev->hw_error = nxp_hw_err; 1798 hdev->shutdown = nxp_shutdown; 1799 hdev->wakeup = nxp_wakeup; 1800 hdev->reset = nxp_reset; 1801 hdev->set_bdaddr = nxp_set_bdaddr; 1802 SET_HCIDEV_DEV(hdev, &serdev->dev); 1803 1804 device_property_read_u8_array(&nxpdev->serdev->dev, 1805 "local-bd-address", 1806 (u8 *)&ba, sizeof(ba)); 1807 if (bacmp(&ba, BDADDR_ANY)) 1808 set_bit(HCI_QUIRK_USE_BDADDR_PROPERTY, &hdev->quirks); 1809 1810 if (hci_register_dev(hdev) < 0) { 1811 dev_err(&serdev->dev, "Can't register HCI device\n"); 1812 goto probe_fail; 1813 } 1814 1815 if (ps_setup(hdev)) 1816 goto probe_fail; 1817 1818 hci_devcd_register(hdev, nxp_coredump, nxp_coredump_hdr, NULL); 1819 1820 return 0; 1821 1822 probe_fail: 1823 hci_free_dev(hdev); 1824 return -ENODEV; 1825 } 1826 1827 static void nxp_serdev_remove(struct serdev_device *serdev) 1828 { 1829 struct btnxpuart_dev *nxpdev = serdev_device_get_drvdata(serdev); 1830 struct hci_dev *hdev = nxpdev->hdev; 1831 1832 if (is_fw_downloading(nxpdev)) { 1833 set_bit(BTNXPUART_FW_DOWNLOAD_ABORT, &nxpdev->tx_state); 1834 clear_bit(BTNXPUART_FW_DOWNLOADING, &nxpdev->tx_state); 1835 wake_up_interruptible(&nxpdev->check_boot_sign_wait_q); 1836 wake_up_interruptible(&nxpdev->fw_dnld_done_wait_q); 1837 } else { 1838 /* Restore FW baudrate to fw_init_baudrate if changed. 1839 * This will ensure FW baudrate is in sync with 1840 * driver baudrate in case this driver is re-inserted. 1841 */ 1842 if (nxpdev->current_baudrate != nxpdev->fw_init_baudrate) { 1843 nxpdev->new_baudrate = nxpdev->fw_init_baudrate; 1844 nxp_set_baudrate_cmd(hdev, NULL); 1845 } 1846 } 1847 1848 ps_cleanup(nxpdev); 1849 hci_unregister_dev(hdev); 1850 hci_free_dev(hdev); 1851 } 1852 1853 #ifdef CONFIG_PM_SLEEP 1854 static int nxp_serdev_suspend(struct device *dev) 1855 { 1856 struct btnxpuart_dev *nxpdev = dev_get_drvdata(dev); 1857 struct ps_data *psdata = &nxpdev->psdata; 1858 1859 ps_control(psdata->hdev, PS_STATE_SLEEP); 1860 1861 if (psdata->wakeup_source) { 1862 enable_irq_wake(psdata->irq_handler); 1863 enable_irq(psdata->irq_handler); 1864 } 1865 return 0; 1866 } 1867 1868 static int nxp_serdev_resume(struct device *dev) 1869 { 1870 struct btnxpuart_dev *nxpdev = dev_get_drvdata(dev); 1871 struct ps_data *psdata = &nxpdev->psdata; 1872 1873 if (psdata->wakeup_source) { 1874 disable_irq(psdata->irq_handler); 1875 disable_irq_wake(psdata->irq_handler); 1876 } 1877 1878 ps_control(psdata->hdev, PS_STATE_AWAKE); 1879 return 0; 1880 } 1881 #endif 1882 1883 #ifdef CONFIG_DEV_COREDUMP 1884 static void nxp_serdev_coredump(struct device *dev) 1885 { 1886 struct btnxpuart_dev *nxpdev = dev_get_drvdata(dev); 1887 struct hci_dev *hdev = nxpdev->hdev; 1888 1889 if (hdev->dump.coredump) 1890 hdev->dump.coredump(hdev); 1891 } 1892 #endif 1893 1894 static struct btnxpuart_data w8987_data __maybe_unused = { 1895 .helper_fw_name = NULL, 1896 .fw_name = FIRMWARE_W8987, 1897 .fw_name_old = FIRMWARE_W8987_OLD, 1898 }; 1899 1900 static struct btnxpuart_data w8997_data __maybe_unused = { 1901 .helper_fw_name = FIRMWARE_HELPER, 1902 .fw_name = FIRMWARE_W8997, 1903 .fw_name_old = FIRMWARE_W8997_OLD, 1904 }; 1905 1906 static const struct of_device_id nxpuart_of_match_table[] __maybe_unused = { 1907 { .compatible = "nxp,88w8987-bt", .data = &w8987_data }, 1908 { .compatible = "nxp,88w8997-bt", .data = &w8997_data }, 1909 { } 1910 }; 1911 MODULE_DEVICE_TABLE(of, nxpuart_of_match_table); 1912 1913 static const struct dev_pm_ops nxp_pm_ops = { 1914 SET_SYSTEM_SLEEP_PM_OPS(nxp_serdev_suspend, nxp_serdev_resume) 1915 }; 1916 1917 static struct serdev_device_driver nxp_serdev_driver = { 1918 .probe = nxp_serdev_probe, 1919 .remove = nxp_serdev_remove, 1920 .driver = { 1921 .name = "btnxpuart", 1922 .of_match_table = of_match_ptr(nxpuart_of_match_table), 1923 .pm = &nxp_pm_ops, 1924 #ifdef CONFIG_DEV_COREDUMP 1925 .coredump = nxp_serdev_coredump, 1926 #endif 1927 }, 1928 }; 1929 1930 module_serdev_device_driver(nxp_serdev_driver); 1931 1932 MODULE_AUTHOR("Neeraj Sanjay Kale <neeraj.sanjaykale@nxp.com>"); 1933 MODULE_DESCRIPTION("NXP Bluetooth Serial driver"); 1934 MODULE_LICENSE("GPL"); 1935