1 /* 2 * 3 * Bluetooth HCI UART driver 4 * 5 * Copyright (C) 2002-2003 Fabrizio Gennari <fabrizio.gennari@philips.com> 6 * Copyright (C) 2004-2005 Marcel Holtmann <marcel@holtmann.org> 7 * 8 * 9 * This program is free software; you can redistribute it and/or modify 10 * it under the terms of the GNU General Public License as published by 11 * the Free Software Foundation; either version 2 of the License, or 12 * (at your option) any later version. 13 * 14 * This program is distributed in the hope that it will be useful, 15 * but WITHOUT ANY WARRANTY; without even the implied warranty of 16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17 * GNU General Public License for more details. 18 * 19 * You should have received a copy of the GNU General Public License 20 * along with this program; if not, write to the Free Software 21 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 22 * 23 */ 24 25 #include <linux/module.h> 26 27 #include <linux/kernel.h> 28 #include <linux/init.h> 29 #include <linux/types.h> 30 #include <linux/fcntl.h> 31 #include <linux/interrupt.h> 32 #include <linux/ptrace.h> 33 #include <linux/poll.h> 34 35 #include <linux/slab.h> 36 #include <linux/tty.h> 37 #include <linux/errno.h> 38 #include <linux/string.h> 39 #include <linux/signal.h> 40 #include <linux/ioctl.h> 41 #include <linux/skbuff.h> 42 #include <linux/bitrev.h> 43 #include <asm/unaligned.h> 44 45 #include <net/bluetooth/bluetooth.h> 46 #include <net/bluetooth/hci_core.h> 47 48 #include "hci_uart.h" 49 50 static bool txcrc = true; 51 static bool hciextn = true; 52 53 #define BCSP_TXWINSIZE 4 54 55 #define BCSP_ACK_PKT 0x05 56 #define BCSP_LE_PKT 0x06 57 58 struct bcsp_struct { 59 struct sk_buff_head unack; /* Unack'ed packets queue */ 60 struct sk_buff_head rel; /* Reliable packets queue */ 61 struct sk_buff_head unrel; /* Unreliable packets queue */ 62 63 unsigned long rx_count; 64 struct sk_buff *rx_skb; 65 u8 rxseq_txack; /* rxseq == txack. */ 66 u8 rxack; /* Last packet sent by us that the peer ack'ed */ 67 struct timer_list tbcsp; 68 69 enum { 70 BCSP_W4_PKT_DELIMITER, 71 BCSP_W4_PKT_START, 72 BCSP_W4_BCSP_HDR, 73 BCSP_W4_DATA, 74 BCSP_W4_CRC 75 } rx_state; 76 77 enum { 78 BCSP_ESCSTATE_NOESC, 79 BCSP_ESCSTATE_ESC 80 } rx_esc_state; 81 82 u8 use_crc; 83 u16 message_crc; 84 u8 txack_req; /* Do we need to send ack's to the peer? */ 85 86 /* Reliable packet sequence number - used to assign seq to each rel pkt. */ 87 u8 msgq_txseq; 88 }; 89 90 /* ---- BCSP CRC calculation ---- */ 91 92 /* Table for calculating CRC for polynomial 0x1021, LSB processed first, 93 initial value 0xffff, bits shifted in reverse order. */ 94 95 static const u16 crc_table[] = { 96 0x0000, 0x1081, 0x2102, 0x3183, 97 0x4204, 0x5285, 0x6306, 0x7387, 98 0x8408, 0x9489, 0xa50a, 0xb58b, 99 0xc60c, 0xd68d, 0xe70e, 0xf78f 100 }; 101 102 /* Initialise the crc calculator */ 103 #define BCSP_CRC_INIT(x) x = 0xffff 104 105 /* Update crc with next data byte 106 * 107 * Implementation note 108 * The data byte is treated as two nibbles. The crc is generated 109 * in reverse, i.e., bits are fed into the register from the top. 110 */ 111 static void bcsp_crc_update(u16 *crc, u8 d) 112 { 113 u16 reg = *crc; 114 115 reg = (reg >> 4) ^ crc_table[(reg ^ d) & 0x000f]; 116 reg = (reg >> 4) ^ crc_table[(reg ^ (d >> 4)) & 0x000f]; 117 118 *crc = reg; 119 } 120 121 /* ---- BCSP core ---- */ 122 123 static void bcsp_slip_msgdelim(struct sk_buff *skb) 124 { 125 const char pkt_delim = 0xc0; 126 127 memcpy(skb_put(skb, 1), &pkt_delim, 1); 128 } 129 130 static void bcsp_slip_one_byte(struct sk_buff *skb, u8 c) 131 { 132 const char esc_c0[2] = { 0xdb, 0xdc }; 133 const char esc_db[2] = { 0xdb, 0xdd }; 134 135 switch (c) { 136 case 0xc0: 137 memcpy(skb_put(skb, 2), &esc_c0, 2); 138 break; 139 case 0xdb: 140 memcpy(skb_put(skb, 2), &esc_db, 2); 141 break; 142 default: 143 memcpy(skb_put(skb, 1), &c, 1); 144 } 145 } 146 147 static int bcsp_enqueue(struct hci_uart *hu, struct sk_buff *skb) 148 { 149 struct bcsp_struct *bcsp = hu->priv; 150 151 if (skb->len > 0xFFF) { 152 BT_ERR("Packet too long"); 153 kfree_skb(skb); 154 return 0; 155 } 156 157 switch (hci_skb_pkt_type(skb)) { 158 case HCI_ACLDATA_PKT: 159 case HCI_COMMAND_PKT: 160 skb_queue_tail(&bcsp->rel, skb); 161 break; 162 163 case HCI_SCODATA_PKT: 164 skb_queue_tail(&bcsp->unrel, skb); 165 break; 166 167 default: 168 BT_ERR("Unknown packet type"); 169 kfree_skb(skb); 170 break; 171 } 172 173 return 0; 174 } 175 176 static struct sk_buff *bcsp_prepare_pkt(struct bcsp_struct *bcsp, u8 *data, 177 int len, int pkt_type) 178 { 179 struct sk_buff *nskb; 180 u8 hdr[4], chan; 181 u16 BCSP_CRC_INIT(bcsp_txmsg_crc); 182 int rel, i; 183 184 switch (pkt_type) { 185 case HCI_ACLDATA_PKT: 186 chan = 6; /* BCSP ACL channel */ 187 rel = 1; /* reliable channel */ 188 break; 189 case HCI_COMMAND_PKT: 190 chan = 5; /* BCSP cmd/evt channel */ 191 rel = 1; /* reliable channel */ 192 break; 193 case HCI_SCODATA_PKT: 194 chan = 7; /* BCSP SCO channel */ 195 rel = 0; /* unreliable channel */ 196 break; 197 case BCSP_LE_PKT: 198 chan = 1; /* BCSP LE channel */ 199 rel = 0; /* unreliable channel */ 200 break; 201 case BCSP_ACK_PKT: 202 chan = 0; /* BCSP internal channel */ 203 rel = 0; /* unreliable channel */ 204 break; 205 default: 206 BT_ERR("Unknown packet type"); 207 return NULL; 208 } 209 210 if (hciextn && chan == 5) { 211 __le16 opcode = ((struct hci_command_hdr *)data)->opcode; 212 213 /* Vendor specific commands */ 214 if (hci_opcode_ogf(__le16_to_cpu(opcode)) == 0x3f) { 215 u8 desc = *(data + HCI_COMMAND_HDR_SIZE); 216 if ((desc & 0xf0) == 0xc0) { 217 data += HCI_COMMAND_HDR_SIZE + 1; 218 len -= HCI_COMMAND_HDR_SIZE + 1; 219 chan = desc & 0x0f; 220 } 221 } 222 } 223 224 /* Max len of packet: (original len +4(bcsp hdr) +2(crc))*2 225 * (because bytes 0xc0 and 0xdb are escaped, worst case is 226 * when the packet is all made of 0xc0 and 0xdb :) ) 227 * + 2 (0xc0 delimiters at start and end). 228 */ 229 230 nskb = alloc_skb((len + 6) * 2 + 2, GFP_ATOMIC); 231 if (!nskb) 232 return NULL; 233 234 hci_skb_pkt_type(nskb) = pkt_type; 235 236 bcsp_slip_msgdelim(nskb); 237 238 hdr[0] = bcsp->rxseq_txack << 3; 239 bcsp->txack_req = 0; 240 BT_DBG("We request packet no %u to card", bcsp->rxseq_txack); 241 242 if (rel) { 243 hdr[0] |= 0x80 + bcsp->msgq_txseq; 244 BT_DBG("Sending packet with seqno %u", bcsp->msgq_txseq); 245 bcsp->msgq_txseq = (bcsp->msgq_txseq + 1) & 0x07; 246 } 247 248 if (bcsp->use_crc) 249 hdr[0] |= 0x40; 250 251 hdr[1] = ((len << 4) & 0xff) | chan; 252 hdr[2] = len >> 4; 253 hdr[3] = ~(hdr[0] + hdr[1] + hdr[2]); 254 255 /* Put BCSP header */ 256 for (i = 0; i < 4; i++) { 257 bcsp_slip_one_byte(nskb, hdr[i]); 258 259 if (bcsp->use_crc) 260 bcsp_crc_update(&bcsp_txmsg_crc, hdr[i]); 261 } 262 263 /* Put payload */ 264 for (i = 0; i < len; i++) { 265 bcsp_slip_one_byte(nskb, data[i]); 266 267 if (bcsp->use_crc) 268 bcsp_crc_update(&bcsp_txmsg_crc, data[i]); 269 } 270 271 /* Put CRC */ 272 if (bcsp->use_crc) { 273 bcsp_txmsg_crc = bitrev16(bcsp_txmsg_crc); 274 bcsp_slip_one_byte(nskb, (u8) ((bcsp_txmsg_crc >> 8) & 0x00ff)); 275 bcsp_slip_one_byte(nskb, (u8) (bcsp_txmsg_crc & 0x00ff)); 276 } 277 278 bcsp_slip_msgdelim(nskb); 279 return nskb; 280 } 281 282 /* This is a rewrite of pkt_avail in ABCSP */ 283 static struct sk_buff *bcsp_dequeue(struct hci_uart *hu) 284 { 285 struct bcsp_struct *bcsp = hu->priv; 286 unsigned long flags; 287 struct sk_buff *skb; 288 289 /* First of all, check for unreliable messages in the queue, 290 since they have priority */ 291 292 skb = skb_dequeue(&bcsp->unrel); 293 if (skb != NULL) { 294 struct sk_buff *nskb; 295 296 nskb = bcsp_prepare_pkt(bcsp, skb->data, skb->len, 297 hci_skb_pkt_type(skb)); 298 if (nskb) { 299 kfree_skb(skb); 300 return nskb; 301 } else { 302 skb_queue_head(&bcsp->unrel, skb); 303 BT_ERR("Could not dequeue pkt because alloc_skb failed"); 304 } 305 } 306 307 /* Now, try to send a reliable pkt. We can only send a 308 * reliable packet if the number of packets sent but not yet ack'ed 309 * is < than the winsize 310 */ 311 312 spin_lock_irqsave_nested(&bcsp->unack.lock, flags, SINGLE_DEPTH_NESTING); 313 314 if (bcsp->unack.qlen < BCSP_TXWINSIZE) { 315 skb = skb_dequeue(&bcsp->rel); 316 if (skb != NULL) { 317 struct sk_buff *nskb; 318 319 nskb = bcsp_prepare_pkt(bcsp, skb->data, skb->len, 320 hci_skb_pkt_type(skb)); 321 if (nskb) { 322 __skb_queue_tail(&bcsp->unack, skb); 323 mod_timer(&bcsp->tbcsp, jiffies + HZ / 4); 324 spin_unlock_irqrestore(&bcsp->unack.lock, flags); 325 return nskb; 326 } else { 327 skb_queue_head(&bcsp->rel, skb); 328 BT_ERR("Could not dequeue pkt because alloc_skb failed"); 329 } 330 } 331 } 332 333 spin_unlock_irqrestore(&bcsp->unack.lock, flags); 334 335 /* We could not send a reliable packet, either because there are 336 * none or because there are too many unack'ed pkts. Did we receive 337 * any packets we have not acknowledged yet ? 338 */ 339 340 if (bcsp->txack_req) { 341 /* if so, craft an empty ACK pkt and send it on BCSP unreliable 342 * channel 0 343 */ 344 struct sk_buff *nskb = bcsp_prepare_pkt(bcsp, NULL, 0, BCSP_ACK_PKT); 345 return nskb; 346 } 347 348 /* We have nothing to send */ 349 return NULL; 350 } 351 352 static int bcsp_flush(struct hci_uart *hu) 353 { 354 BT_DBG("hu %p", hu); 355 return 0; 356 } 357 358 /* Remove ack'ed packets */ 359 static void bcsp_pkt_cull(struct bcsp_struct *bcsp) 360 { 361 struct sk_buff *skb, *tmp; 362 unsigned long flags; 363 int i, pkts_to_be_removed; 364 u8 seqno; 365 366 spin_lock_irqsave(&bcsp->unack.lock, flags); 367 368 pkts_to_be_removed = skb_queue_len(&bcsp->unack); 369 seqno = bcsp->msgq_txseq; 370 371 while (pkts_to_be_removed) { 372 if (bcsp->rxack == seqno) 373 break; 374 pkts_to_be_removed--; 375 seqno = (seqno - 1) & 0x07; 376 } 377 378 if (bcsp->rxack != seqno) 379 BT_ERR("Peer acked invalid packet"); 380 381 BT_DBG("Removing %u pkts out of %u, up to seqno %u", 382 pkts_to_be_removed, skb_queue_len(&bcsp->unack), 383 (seqno - 1) & 0x07); 384 385 i = 0; 386 skb_queue_walk_safe(&bcsp->unack, skb, tmp) { 387 if (i >= pkts_to_be_removed) 388 break; 389 i++; 390 391 __skb_unlink(skb, &bcsp->unack); 392 kfree_skb(skb); 393 } 394 395 if (skb_queue_empty(&bcsp->unack)) 396 del_timer(&bcsp->tbcsp); 397 398 spin_unlock_irqrestore(&bcsp->unack.lock, flags); 399 400 if (i != pkts_to_be_removed) 401 BT_ERR("Removed only %u out of %u pkts", i, pkts_to_be_removed); 402 } 403 404 /* Handle BCSP link-establishment packets. When we 405 * detect a "sync" packet, symptom that the BT module has reset, 406 * we do nothing :) (yet) 407 */ 408 static void bcsp_handle_le_pkt(struct hci_uart *hu) 409 { 410 struct bcsp_struct *bcsp = hu->priv; 411 u8 conf_pkt[4] = { 0xad, 0xef, 0xac, 0xed }; 412 u8 conf_rsp_pkt[4] = { 0xde, 0xad, 0xd0, 0xd0 }; 413 u8 sync_pkt[4] = { 0xda, 0xdc, 0xed, 0xed }; 414 415 /* spot "conf" pkts and reply with a "conf rsp" pkt */ 416 if (bcsp->rx_skb->data[1] >> 4 == 4 && bcsp->rx_skb->data[2] == 0 && 417 !memcmp(&bcsp->rx_skb->data[4], conf_pkt, 4)) { 418 struct sk_buff *nskb = alloc_skb(4, GFP_ATOMIC); 419 420 BT_DBG("Found a LE conf pkt"); 421 if (!nskb) 422 return; 423 memcpy(skb_put(nskb, 4), conf_rsp_pkt, 4); 424 hci_skb_pkt_type(nskb) = BCSP_LE_PKT; 425 426 skb_queue_head(&bcsp->unrel, nskb); 427 hci_uart_tx_wakeup(hu); 428 } 429 /* Spot "sync" pkts. If we find one...disaster! */ 430 else if (bcsp->rx_skb->data[1] >> 4 == 4 && bcsp->rx_skb->data[2] == 0 && 431 !memcmp(&bcsp->rx_skb->data[4], sync_pkt, 4)) { 432 BT_ERR("Found a LE sync pkt, card has reset"); 433 } 434 } 435 436 static inline void bcsp_unslip_one_byte(struct bcsp_struct *bcsp, unsigned char byte) 437 { 438 const u8 c0 = 0xc0, db = 0xdb; 439 440 switch (bcsp->rx_esc_state) { 441 case BCSP_ESCSTATE_NOESC: 442 switch (byte) { 443 case 0xdb: 444 bcsp->rx_esc_state = BCSP_ESCSTATE_ESC; 445 break; 446 default: 447 memcpy(skb_put(bcsp->rx_skb, 1), &byte, 1); 448 if ((bcsp->rx_skb->data[0] & 0x40) != 0 && 449 bcsp->rx_state != BCSP_W4_CRC) 450 bcsp_crc_update(&bcsp->message_crc, byte); 451 bcsp->rx_count--; 452 } 453 break; 454 455 case BCSP_ESCSTATE_ESC: 456 switch (byte) { 457 case 0xdc: 458 memcpy(skb_put(bcsp->rx_skb, 1), &c0, 1); 459 if ((bcsp->rx_skb->data[0] & 0x40) != 0 && 460 bcsp->rx_state != BCSP_W4_CRC) 461 bcsp_crc_update(&bcsp->message_crc, 0xc0); 462 bcsp->rx_esc_state = BCSP_ESCSTATE_NOESC; 463 bcsp->rx_count--; 464 break; 465 466 case 0xdd: 467 memcpy(skb_put(bcsp->rx_skb, 1), &db, 1); 468 if ((bcsp->rx_skb->data[0] & 0x40) != 0 && 469 bcsp->rx_state != BCSP_W4_CRC) 470 bcsp_crc_update(&bcsp->message_crc, 0xdb); 471 bcsp->rx_esc_state = BCSP_ESCSTATE_NOESC; 472 bcsp->rx_count--; 473 break; 474 475 default: 476 BT_ERR("Invalid byte %02x after esc byte", byte); 477 kfree_skb(bcsp->rx_skb); 478 bcsp->rx_skb = NULL; 479 bcsp->rx_state = BCSP_W4_PKT_DELIMITER; 480 bcsp->rx_count = 0; 481 } 482 } 483 } 484 485 static void bcsp_complete_rx_pkt(struct hci_uart *hu) 486 { 487 struct bcsp_struct *bcsp = hu->priv; 488 int pass_up; 489 490 if (bcsp->rx_skb->data[0] & 0x80) { /* reliable pkt */ 491 BT_DBG("Received seqno %u from card", bcsp->rxseq_txack); 492 bcsp->rxseq_txack++; 493 bcsp->rxseq_txack %= 0x8; 494 bcsp->txack_req = 1; 495 496 /* If needed, transmit an ack pkt */ 497 hci_uart_tx_wakeup(hu); 498 } 499 500 bcsp->rxack = (bcsp->rx_skb->data[0] >> 3) & 0x07; 501 BT_DBG("Request for pkt %u from card", bcsp->rxack); 502 503 bcsp_pkt_cull(bcsp); 504 if ((bcsp->rx_skb->data[1] & 0x0f) == 6 && 505 bcsp->rx_skb->data[0] & 0x80) { 506 hci_skb_pkt_type(bcsp->rx_skb) = HCI_ACLDATA_PKT; 507 pass_up = 1; 508 } else if ((bcsp->rx_skb->data[1] & 0x0f) == 5 && 509 bcsp->rx_skb->data[0] & 0x80) { 510 hci_skb_pkt_type(bcsp->rx_skb) = HCI_EVENT_PKT; 511 pass_up = 1; 512 } else if ((bcsp->rx_skb->data[1] & 0x0f) == 7) { 513 hci_skb_pkt_type(bcsp->rx_skb) = HCI_SCODATA_PKT; 514 pass_up = 1; 515 } else if ((bcsp->rx_skb->data[1] & 0x0f) == 1 && 516 !(bcsp->rx_skb->data[0] & 0x80)) { 517 bcsp_handle_le_pkt(hu); 518 pass_up = 0; 519 } else 520 pass_up = 0; 521 522 if (!pass_up) { 523 struct hci_event_hdr hdr; 524 u8 desc = (bcsp->rx_skb->data[1] & 0x0f); 525 526 if (desc != 0 && desc != 1) { 527 if (hciextn) { 528 desc |= 0xc0; 529 skb_pull(bcsp->rx_skb, 4); 530 memcpy(skb_push(bcsp->rx_skb, 1), &desc, 1); 531 532 hdr.evt = 0xff; 533 hdr.plen = bcsp->rx_skb->len; 534 memcpy(skb_push(bcsp->rx_skb, HCI_EVENT_HDR_SIZE), &hdr, HCI_EVENT_HDR_SIZE); 535 hci_skb_pkt_type(bcsp->rx_skb) = HCI_EVENT_PKT; 536 537 hci_recv_frame(hu->hdev, bcsp->rx_skb); 538 } else { 539 BT_ERR("Packet for unknown channel (%u %s)", 540 bcsp->rx_skb->data[1] & 0x0f, 541 bcsp->rx_skb->data[0] & 0x80 ? 542 "reliable" : "unreliable"); 543 kfree_skb(bcsp->rx_skb); 544 } 545 } else 546 kfree_skb(bcsp->rx_skb); 547 } else { 548 /* Pull out BCSP hdr */ 549 skb_pull(bcsp->rx_skb, 4); 550 551 hci_recv_frame(hu->hdev, bcsp->rx_skb); 552 } 553 554 bcsp->rx_state = BCSP_W4_PKT_DELIMITER; 555 bcsp->rx_skb = NULL; 556 } 557 558 static u16 bscp_get_crc(struct bcsp_struct *bcsp) 559 { 560 return get_unaligned_be16(&bcsp->rx_skb->data[bcsp->rx_skb->len - 2]); 561 } 562 563 /* Recv data */ 564 static int bcsp_recv(struct hci_uart *hu, const void *data, int count) 565 { 566 struct bcsp_struct *bcsp = hu->priv; 567 const unsigned char *ptr; 568 569 BT_DBG("hu %p count %d rx_state %d rx_count %ld", 570 hu, count, bcsp->rx_state, bcsp->rx_count); 571 572 ptr = data; 573 while (count) { 574 if (bcsp->rx_count) { 575 if (*ptr == 0xc0) { 576 BT_ERR("Short BCSP packet"); 577 kfree_skb(bcsp->rx_skb); 578 bcsp->rx_state = BCSP_W4_PKT_START; 579 bcsp->rx_count = 0; 580 } else 581 bcsp_unslip_one_byte(bcsp, *ptr); 582 583 ptr++; count--; 584 continue; 585 } 586 587 switch (bcsp->rx_state) { 588 case BCSP_W4_BCSP_HDR: 589 if ((0xff & (u8) ~ (bcsp->rx_skb->data[0] + bcsp->rx_skb->data[1] + 590 bcsp->rx_skb->data[2])) != bcsp->rx_skb->data[3]) { 591 BT_ERR("Error in BCSP hdr checksum"); 592 kfree_skb(bcsp->rx_skb); 593 bcsp->rx_state = BCSP_W4_PKT_DELIMITER; 594 bcsp->rx_count = 0; 595 continue; 596 } 597 if (bcsp->rx_skb->data[0] & 0x80 /* reliable pkt */ 598 && (bcsp->rx_skb->data[0] & 0x07) != bcsp->rxseq_txack) { 599 BT_ERR("Out-of-order packet arrived, got %u expected %u", 600 bcsp->rx_skb->data[0] & 0x07, bcsp->rxseq_txack); 601 602 kfree_skb(bcsp->rx_skb); 603 bcsp->rx_state = BCSP_W4_PKT_DELIMITER; 604 bcsp->rx_count = 0; 605 continue; 606 } 607 bcsp->rx_state = BCSP_W4_DATA; 608 bcsp->rx_count = (bcsp->rx_skb->data[1] >> 4) + 609 (bcsp->rx_skb->data[2] << 4); /* May be 0 */ 610 continue; 611 612 case BCSP_W4_DATA: 613 if (bcsp->rx_skb->data[0] & 0x40) { /* pkt with crc */ 614 bcsp->rx_state = BCSP_W4_CRC; 615 bcsp->rx_count = 2; 616 } else 617 bcsp_complete_rx_pkt(hu); 618 continue; 619 620 case BCSP_W4_CRC: 621 if (bitrev16(bcsp->message_crc) != bscp_get_crc(bcsp)) { 622 BT_ERR("Checksum failed: computed %04x received %04x", 623 bitrev16(bcsp->message_crc), 624 bscp_get_crc(bcsp)); 625 626 kfree_skb(bcsp->rx_skb); 627 bcsp->rx_state = BCSP_W4_PKT_DELIMITER; 628 bcsp->rx_count = 0; 629 continue; 630 } 631 skb_trim(bcsp->rx_skb, bcsp->rx_skb->len - 2); 632 bcsp_complete_rx_pkt(hu); 633 continue; 634 635 case BCSP_W4_PKT_DELIMITER: 636 switch (*ptr) { 637 case 0xc0: 638 bcsp->rx_state = BCSP_W4_PKT_START; 639 break; 640 default: 641 /*BT_ERR("Ignoring byte %02x", *ptr);*/ 642 break; 643 } 644 ptr++; count--; 645 break; 646 647 case BCSP_W4_PKT_START: 648 switch (*ptr) { 649 case 0xc0: 650 ptr++; count--; 651 break; 652 653 default: 654 bcsp->rx_state = BCSP_W4_BCSP_HDR; 655 bcsp->rx_count = 4; 656 bcsp->rx_esc_state = BCSP_ESCSTATE_NOESC; 657 BCSP_CRC_INIT(bcsp->message_crc); 658 659 /* Do not increment ptr or decrement count 660 * Allocate packet. Max len of a BCSP pkt= 661 * 0xFFF (payload) +4 (header) +2 (crc) 662 */ 663 664 bcsp->rx_skb = bt_skb_alloc(0x1005, GFP_ATOMIC); 665 if (!bcsp->rx_skb) { 666 BT_ERR("Can't allocate mem for new packet"); 667 bcsp->rx_state = BCSP_W4_PKT_DELIMITER; 668 bcsp->rx_count = 0; 669 return 0; 670 } 671 break; 672 } 673 break; 674 } 675 } 676 return count; 677 } 678 679 /* Arrange to retransmit all messages in the relq. */ 680 static void bcsp_timed_event(unsigned long arg) 681 { 682 struct hci_uart *hu = (struct hci_uart *) arg; 683 struct bcsp_struct *bcsp = hu->priv; 684 struct sk_buff *skb; 685 unsigned long flags; 686 687 BT_DBG("hu %p retransmitting %u pkts", hu, bcsp->unack.qlen); 688 689 spin_lock_irqsave_nested(&bcsp->unack.lock, flags, SINGLE_DEPTH_NESTING); 690 691 while ((skb = __skb_dequeue_tail(&bcsp->unack)) != NULL) { 692 bcsp->msgq_txseq = (bcsp->msgq_txseq - 1) & 0x07; 693 skb_queue_head(&bcsp->rel, skb); 694 } 695 696 spin_unlock_irqrestore(&bcsp->unack.lock, flags); 697 698 hci_uart_tx_wakeup(hu); 699 } 700 701 static int bcsp_open(struct hci_uart *hu) 702 { 703 struct bcsp_struct *bcsp; 704 705 BT_DBG("hu %p", hu); 706 707 bcsp = kzalloc(sizeof(*bcsp), GFP_KERNEL); 708 if (!bcsp) 709 return -ENOMEM; 710 711 hu->priv = bcsp; 712 skb_queue_head_init(&bcsp->unack); 713 skb_queue_head_init(&bcsp->rel); 714 skb_queue_head_init(&bcsp->unrel); 715 716 init_timer(&bcsp->tbcsp); 717 bcsp->tbcsp.function = bcsp_timed_event; 718 bcsp->tbcsp.data = (u_long) hu; 719 720 bcsp->rx_state = BCSP_W4_PKT_DELIMITER; 721 722 if (txcrc) 723 bcsp->use_crc = 1; 724 725 return 0; 726 } 727 728 static int bcsp_close(struct hci_uart *hu) 729 { 730 struct bcsp_struct *bcsp = hu->priv; 731 732 del_timer_sync(&bcsp->tbcsp); 733 734 hu->priv = NULL; 735 736 BT_DBG("hu %p", hu); 737 738 skb_queue_purge(&bcsp->unack); 739 skb_queue_purge(&bcsp->rel); 740 skb_queue_purge(&bcsp->unrel); 741 742 kfree(bcsp); 743 return 0; 744 } 745 746 static const struct hci_uart_proto bcsp = { 747 .id = HCI_UART_BCSP, 748 .name = "BCSP", 749 .open = bcsp_open, 750 .close = bcsp_close, 751 .enqueue = bcsp_enqueue, 752 .dequeue = bcsp_dequeue, 753 .recv = bcsp_recv, 754 .flush = bcsp_flush 755 }; 756 757 int __init bcsp_init(void) 758 { 759 return hci_uart_register_proto(&bcsp); 760 } 761 762 int __exit bcsp_deinit(void) 763 { 764 return hci_uart_unregister_proto(&bcsp); 765 } 766 767 module_param(txcrc, bool, 0644); 768 MODULE_PARM_DESC(txcrc, "Transmit CRC with every BCSP packet"); 769 770 module_param(hciextn, bool, 0644); 771 MODULE_PARM_DESC(hciextn, "Convert HCI Extensions into BCSP packets"); 772