1 /* 2 * 3 * Bluetooth HCI UART driver 4 * 5 * Copyright (C) 2002-2003 Fabrizio Gennari <fabrizio.gennari@philips.com> 6 * Copyright (C) 2004-2005 Marcel Holtmann <marcel@holtmann.org> 7 * 8 * 9 * This program is free software; you can redistribute it and/or modify 10 * it under the terms of the GNU General Public License as published by 11 * the Free Software Foundation; either version 2 of the License, or 12 * (at your option) any later version. 13 * 14 * This program is distributed in the hope that it will be useful, 15 * but WITHOUT ANY WARRANTY; without even the implied warranty of 16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17 * GNU General Public License for more details. 18 * 19 * You should have received a copy of the GNU General Public License 20 * along with this program; if not, write to the Free Software 21 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 22 * 23 */ 24 25 #include <linux/module.h> 26 27 #include <linux/kernel.h> 28 #include <linux/init.h> 29 #include <linux/types.h> 30 #include <linux/fcntl.h> 31 #include <linux/interrupt.h> 32 #include <linux/ptrace.h> 33 #include <linux/poll.h> 34 35 #include <linux/slab.h> 36 #include <linux/tty.h> 37 #include <linux/errno.h> 38 #include <linux/string.h> 39 #include <linux/signal.h> 40 #include <linux/ioctl.h> 41 #include <linux/skbuff.h> 42 #include <linux/bitrev.h> 43 #include <asm/unaligned.h> 44 45 #include <net/bluetooth/bluetooth.h> 46 #include <net/bluetooth/hci_core.h> 47 48 #include "hci_uart.h" 49 50 #define VERSION "0.3" 51 52 static bool txcrc = 1; 53 static bool hciextn = 1; 54 55 #define BCSP_TXWINSIZE 4 56 57 #define BCSP_ACK_PKT 0x05 58 #define BCSP_LE_PKT 0x06 59 60 struct bcsp_struct { 61 struct sk_buff_head unack; /* Unack'ed packets queue */ 62 struct sk_buff_head rel; /* Reliable packets queue */ 63 struct sk_buff_head unrel; /* Unreliable packets queue */ 64 65 unsigned long rx_count; 66 struct sk_buff *rx_skb; 67 u8 rxseq_txack; /* rxseq == txack. */ 68 u8 rxack; /* Last packet sent by us that the peer ack'ed */ 69 struct timer_list tbcsp; 70 71 enum { 72 BCSP_W4_PKT_DELIMITER, 73 BCSP_W4_PKT_START, 74 BCSP_W4_BCSP_HDR, 75 BCSP_W4_DATA, 76 BCSP_W4_CRC 77 } rx_state; 78 79 enum { 80 BCSP_ESCSTATE_NOESC, 81 BCSP_ESCSTATE_ESC 82 } rx_esc_state; 83 84 u8 use_crc; 85 u16 message_crc; 86 u8 txack_req; /* Do we need to send ack's to the peer? */ 87 88 /* Reliable packet sequence number - used to assign seq to each rel pkt. */ 89 u8 msgq_txseq; 90 }; 91 92 /* ---- BCSP CRC calculation ---- */ 93 94 /* Table for calculating CRC for polynomial 0x1021, LSB processed first, 95 initial value 0xffff, bits shifted in reverse order. */ 96 97 static const u16 crc_table[] = { 98 0x0000, 0x1081, 0x2102, 0x3183, 99 0x4204, 0x5285, 0x6306, 0x7387, 100 0x8408, 0x9489, 0xa50a, 0xb58b, 101 0xc60c, 0xd68d, 0xe70e, 0xf78f 102 }; 103 104 /* Initialise the crc calculator */ 105 #define BCSP_CRC_INIT(x) x = 0xffff 106 107 /* 108 Update crc with next data byte 109 110 Implementation note 111 The data byte is treated as two nibbles. The crc is generated 112 in reverse, i.e., bits are fed into the register from the top. 113 */ 114 static void bcsp_crc_update(u16 *crc, u8 d) 115 { 116 u16 reg = *crc; 117 118 reg = (reg >> 4) ^ crc_table[(reg ^ d) & 0x000f]; 119 reg = (reg >> 4) ^ crc_table[(reg ^ (d >> 4)) & 0x000f]; 120 121 *crc = reg; 122 } 123 124 /* ---- BCSP core ---- */ 125 126 static void bcsp_slip_msgdelim(struct sk_buff *skb) 127 { 128 const char pkt_delim = 0xc0; 129 130 memcpy(skb_put(skb, 1), &pkt_delim, 1); 131 } 132 133 static void bcsp_slip_one_byte(struct sk_buff *skb, u8 c) 134 { 135 const char esc_c0[2] = { 0xdb, 0xdc }; 136 const char esc_db[2] = { 0xdb, 0xdd }; 137 138 switch (c) { 139 case 0xc0: 140 memcpy(skb_put(skb, 2), &esc_c0, 2); 141 break; 142 case 0xdb: 143 memcpy(skb_put(skb, 2), &esc_db, 2); 144 break; 145 default: 146 memcpy(skb_put(skb, 1), &c, 1); 147 } 148 } 149 150 static int bcsp_enqueue(struct hci_uart *hu, struct sk_buff *skb) 151 { 152 struct bcsp_struct *bcsp = hu->priv; 153 154 if (skb->len > 0xFFF) { 155 BT_ERR("Packet too long"); 156 kfree_skb(skb); 157 return 0; 158 } 159 160 switch (bt_cb(skb)->pkt_type) { 161 case HCI_ACLDATA_PKT: 162 case HCI_COMMAND_PKT: 163 skb_queue_tail(&bcsp->rel, skb); 164 break; 165 166 case HCI_SCODATA_PKT: 167 skb_queue_tail(&bcsp->unrel, skb); 168 break; 169 170 default: 171 BT_ERR("Unknown packet type"); 172 kfree_skb(skb); 173 break; 174 } 175 176 return 0; 177 } 178 179 static struct sk_buff *bcsp_prepare_pkt(struct bcsp_struct *bcsp, u8 *data, 180 int len, int pkt_type) 181 { 182 struct sk_buff *nskb; 183 u8 hdr[4], chan; 184 u16 BCSP_CRC_INIT(bcsp_txmsg_crc); 185 int rel, i; 186 187 switch (pkt_type) { 188 case HCI_ACLDATA_PKT: 189 chan = 6; /* BCSP ACL channel */ 190 rel = 1; /* reliable channel */ 191 break; 192 case HCI_COMMAND_PKT: 193 chan = 5; /* BCSP cmd/evt channel */ 194 rel = 1; /* reliable channel */ 195 break; 196 case HCI_SCODATA_PKT: 197 chan = 7; /* BCSP SCO channel */ 198 rel = 0; /* unreliable channel */ 199 break; 200 case BCSP_LE_PKT: 201 chan = 1; /* BCSP LE channel */ 202 rel = 0; /* unreliable channel */ 203 break; 204 case BCSP_ACK_PKT: 205 chan = 0; /* BCSP internal channel */ 206 rel = 0; /* unreliable channel */ 207 break; 208 default: 209 BT_ERR("Unknown packet type"); 210 return NULL; 211 } 212 213 if (hciextn && chan == 5) { 214 __le16 opcode = ((struct hci_command_hdr *)data)->opcode; 215 216 /* Vendor specific commands */ 217 if (hci_opcode_ogf(__le16_to_cpu(opcode)) == 0x3f) { 218 u8 desc = *(data + HCI_COMMAND_HDR_SIZE); 219 if ((desc & 0xf0) == 0xc0) { 220 data += HCI_COMMAND_HDR_SIZE + 1; 221 len -= HCI_COMMAND_HDR_SIZE + 1; 222 chan = desc & 0x0f; 223 } 224 } 225 } 226 227 /* Max len of packet: (original len +4(bcsp hdr) +2(crc))*2 228 (because bytes 0xc0 and 0xdb are escaped, worst case is 229 when the packet is all made of 0xc0 and 0xdb :) ) 230 + 2 (0xc0 delimiters at start and end). */ 231 232 nskb = alloc_skb((len + 6) * 2 + 2, GFP_ATOMIC); 233 if (!nskb) 234 return NULL; 235 236 bt_cb(nskb)->pkt_type = pkt_type; 237 238 bcsp_slip_msgdelim(nskb); 239 240 hdr[0] = bcsp->rxseq_txack << 3; 241 bcsp->txack_req = 0; 242 BT_DBG("We request packet no %u to card", bcsp->rxseq_txack); 243 244 if (rel) { 245 hdr[0] |= 0x80 + bcsp->msgq_txseq; 246 BT_DBG("Sending packet with seqno %u", bcsp->msgq_txseq); 247 bcsp->msgq_txseq = (bcsp->msgq_txseq + 1) & 0x07; 248 } 249 250 if (bcsp->use_crc) 251 hdr[0] |= 0x40; 252 253 hdr[1] = ((len << 4) & 0xff) | chan; 254 hdr[2] = len >> 4; 255 hdr[3] = ~(hdr[0] + hdr[1] + hdr[2]); 256 257 /* Put BCSP header */ 258 for (i = 0; i < 4; i++) { 259 bcsp_slip_one_byte(nskb, hdr[i]); 260 261 if (bcsp->use_crc) 262 bcsp_crc_update(&bcsp_txmsg_crc, hdr[i]); 263 } 264 265 /* Put payload */ 266 for (i = 0; i < len; i++) { 267 bcsp_slip_one_byte(nskb, data[i]); 268 269 if (bcsp->use_crc) 270 bcsp_crc_update(&bcsp_txmsg_crc, data[i]); 271 } 272 273 /* Put CRC */ 274 if (bcsp->use_crc) { 275 bcsp_txmsg_crc = bitrev16(bcsp_txmsg_crc); 276 bcsp_slip_one_byte(nskb, (u8) ((bcsp_txmsg_crc >> 8) & 0x00ff)); 277 bcsp_slip_one_byte(nskb, (u8) (bcsp_txmsg_crc & 0x00ff)); 278 } 279 280 bcsp_slip_msgdelim(nskb); 281 return nskb; 282 } 283 284 /* This is a rewrite of pkt_avail in ABCSP */ 285 static struct sk_buff *bcsp_dequeue(struct hci_uart *hu) 286 { 287 struct bcsp_struct *bcsp = hu->priv; 288 unsigned long flags; 289 struct sk_buff *skb; 290 291 /* First of all, check for unreliable messages in the queue, 292 since they have priority */ 293 294 skb = skb_dequeue(&bcsp->unrel); 295 if (skb != NULL) { 296 struct sk_buff *nskb = bcsp_prepare_pkt(bcsp, skb->data, skb->len, bt_cb(skb)->pkt_type); 297 if (nskb) { 298 kfree_skb(skb); 299 return nskb; 300 } else { 301 skb_queue_head(&bcsp->unrel, skb); 302 BT_ERR("Could not dequeue pkt because alloc_skb failed"); 303 } 304 } 305 306 /* Now, try to send a reliable pkt. We can only send a 307 reliable packet if the number of packets sent but not yet ack'ed 308 is < than the winsize */ 309 310 spin_lock_irqsave_nested(&bcsp->unack.lock, flags, SINGLE_DEPTH_NESTING); 311 312 if (bcsp->unack.qlen < BCSP_TXWINSIZE) { 313 skb = skb_dequeue(&bcsp->rel); 314 if (skb != NULL) { 315 struct sk_buff *nskb = bcsp_prepare_pkt(bcsp, skb->data, skb->len, 316 bt_cb(skb)->pkt_type); 317 if (nskb) { 318 __skb_queue_tail(&bcsp->unack, skb); 319 mod_timer(&bcsp->tbcsp, jiffies + HZ / 4); 320 spin_unlock_irqrestore(&bcsp->unack.lock, flags); 321 return nskb; 322 } else { 323 skb_queue_head(&bcsp->rel, skb); 324 BT_ERR("Could not dequeue pkt because alloc_skb failed"); 325 } 326 } 327 } 328 329 spin_unlock_irqrestore(&bcsp->unack.lock, flags); 330 331 /* We could not send a reliable packet, either because there are 332 none or because there are too many unack'ed pkts. Did we receive 333 any packets we have not acknowledged yet ? */ 334 335 if (bcsp->txack_req) { 336 /* if so, craft an empty ACK pkt and send it on BCSP unreliable 337 channel 0 */ 338 struct sk_buff *nskb = bcsp_prepare_pkt(bcsp, NULL, 0, BCSP_ACK_PKT); 339 return nskb; 340 } 341 342 /* We have nothing to send */ 343 return NULL; 344 } 345 346 static int bcsp_flush(struct hci_uart *hu) 347 { 348 BT_DBG("hu %p", hu); 349 return 0; 350 } 351 352 /* Remove ack'ed packets */ 353 static void bcsp_pkt_cull(struct bcsp_struct *bcsp) 354 { 355 struct sk_buff *skb, *tmp; 356 unsigned long flags; 357 int i, pkts_to_be_removed; 358 u8 seqno; 359 360 spin_lock_irqsave(&bcsp->unack.lock, flags); 361 362 pkts_to_be_removed = skb_queue_len(&bcsp->unack); 363 seqno = bcsp->msgq_txseq; 364 365 while (pkts_to_be_removed) { 366 if (bcsp->rxack == seqno) 367 break; 368 pkts_to_be_removed--; 369 seqno = (seqno - 1) & 0x07; 370 } 371 372 if (bcsp->rxack != seqno) 373 BT_ERR("Peer acked invalid packet"); 374 375 BT_DBG("Removing %u pkts out of %u, up to seqno %u", 376 pkts_to_be_removed, skb_queue_len(&bcsp->unack), 377 (seqno - 1) & 0x07); 378 379 i = 0; 380 skb_queue_walk_safe(&bcsp->unack, skb, tmp) { 381 if (i >= pkts_to_be_removed) 382 break; 383 i++; 384 385 __skb_unlink(skb, &bcsp->unack); 386 kfree_skb(skb); 387 } 388 389 if (skb_queue_empty(&bcsp->unack)) 390 del_timer(&bcsp->tbcsp); 391 392 spin_unlock_irqrestore(&bcsp->unack.lock, flags); 393 394 if (i != pkts_to_be_removed) 395 BT_ERR("Removed only %u out of %u pkts", i, pkts_to_be_removed); 396 } 397 398 /* Handle BCSP link-establishment packets. When we 399 detect a "sync" packet, symptom that the BT module has reset, 400 we do nothing :) (yet) */ 401 static void bcsp_handle_le_pkt(struct hci_uart *hu) 402 { 403 struct bcsp_struct *bcsp = hu->priv; 404 u8 conf_pkt[4] = { 0xad, 0xef, 0xac, 0xed }; 405 u8 conf_rsp_pkt[4] = { 0xde, 0xad, 0xd0, 0xd0 }; 406 u8 sync_pkt[4] = { 0xda, 0xdc, 0xed, 0xed }; 407 408 /* spot "conf" pkts and reply with a "conf rsp" pkt */ 409 if (bcsp->rx_skb->data[1] >> 4 == 4 && bcsp->rx_skb->data[2] == 0 && 410 !memcmp(&bcsp->rx_skb->data[4], conf_pkt, 4)) { 411 struct sk_buff *nskb = alloc_skb(4, GFP_ATOMIC); 412 413 BT_DBG("Found a LE conf pkt"); 414 if (!nskb) 415 return; 416 memcpy(skb_put(nskb, 4), conf_rsp_pkt, 4); 417 bt_cb(nskb)->pkt_type = BCSP_LE_PKT; 418 419 skb_queue_head(&bcsp->unrel, nskb); 420 hci_uart_tx_wakeup(hu); 421 } 422 /* Spot "sync" pkts. If we find one...disaster! */ 423 else if (bcsp->rx_skb->data[1] >> 4 == 4 && bcsp->rx_skb->data[2] == 0 && 424 !memcmp(&bcsp->rx_skb->data[4], sync_pkt, 4)) { 425 BT_ERR("Found a LE sync pkt, card has reset"); 426 } 427 } 428 429 static inline void bcsp_unslip_one_byte(struct bcsp_struct *bcsp, unsigned char byte) 430 { 431 const u8 c0 = 0xc0, db = 0xdb; 432 433 switch (bcsp->rx_esc_state) { 434 case BCSP_ESCSTATE_NOESC: 435 switch (byte) { 436 case 0xdb: 437 bcsp->rx_esc_state = BCSP_ESCSTATE_ESC; 438 break; 439 default: 440 memcpy(skb_put(bcsp->rx_skb, 1), &byte, 1); 441 if ((bcsp->rx_skb-> data[0] & 0x40) != 0 && 442 bcsp->rx_state != BCSP_W4_CRC) 443 bcsp_crc_update(&bcsp->message_crc, byte); 444 bcsp->rx_count--; 445 } 446 break; 447 448 case BCSP_ESCSTATE_ESC: 449 switch (byte) { 450 case 0xdc: 451 memcpy(skb_put(bcsp->rx_skb, 1), &c0, 1); 452 if ((bcsp->rx_skb-> data[0] & 0x40) != 0 && 453 bcsp->rx_state != BCSP_W4_CRC) 454 bcsp_crc_update(&bcsp-> message_crc, 0xc0); 455 bcsp->rx_esc_state = BCSP_ESCSTATE_NOESC; 456 bcsp->rx_count--; 457 break; 458 459 case 0xdd: 460 memcpy(skb_put(bcsp->rx_skb, 1), &db, 1); 461 if ((bcsp->rx_skb-> data[0] & 0x40) != 0 && 462 bcsp->rx_state != BCSP_W4_CRC) 463 bcsp_crc_update(&bcsp-> message_crc, 0xdb); 464 bcsp->rx_esc_state = BCSP_ESCSTATE_NOESC; 465 bcsp->rx_count--; 466 break; 467 468 default: 469 BT_ERR ("Invalid byte %02x after esc byte", byte); 470 kfree_skb(bcsp->rx_skb); 471 bcsp->rx_skb = NULL; 472 bcsp->rx_state = BCSP_W4_PKT_DELIMITER; 473 bcsp->rx_count = 0; 474 } 475 } 476 } 477 478 static void bcsp_complete_rx_pkt(struct hci_uart *hu) 479 { 480 struct bcsp_struct *bcsp = hu->priv; 481 int pass_up; 482 483 if (bcsp->rx_skb->data[0] & 0x80) { /* reliable pkt */ 484 BT_DBG("Received seqno %u from card", bcsp->rxseq_txack); 485 bcsp->rxseq_txack++; 486 bcsp->rxseq_txack %= 0x8; 487 bcsp->txack_req = 1; 488 489 /* If needed, transmit an ack pkt */ 490 hci_uart_tx_wakeup(hu); 491 } 492 493 bcsp->rxack = (bcsp->rx_skb->data[0] >> 3) & 0x07; 494 BT_DBG("Request for pkt %u from card", bcsp->rxack); 495 496 bcsp_pkt_cull(bcsp); 497 if ((bcsp->rx_skb->data[1] & 0x0f) == 6 && 498 bcsp->rx_skb->data[0] & 0x80) { 499 bt_cb(bcsp->rx_skb)->pkt_type = HCI_ACLDATA_PKT; 500 pass_up = 1; 501 } else if ((bcsp->rx_skb->data[1] & 0x0f) == 5 && 502 bcsp->rx_skb->data[0] & 0x80) { 503 bt_cb(bcsp->rx_skb)->pkt_type = HCI_EVENT_PKT; 504 pass_up = 1; 505 } else if ((bcsp->rx_skb->data[1] & 0x0f) == 7) { 506 bt_cb(bcsp->rx_skb)->pkt_type = HCI_SCODATA_PKT; 507 pass_up = 1; 508 } else if ((bcsp->rx_skb->data[1] & 0x0f) == 1 && 509 !(bcsp->rx_skb->data[0] & 0x80)) { 510 bcsp_handle_le_pkt(hu); 511 pass_up = 0; 512 } else 513 pass_up = 0; 514 515 if (!pass_up) { 516 struct hci_event_hdr hdr; 517 u8 desc = (bcsp->rx_skb->data[1] & 0x0f); 518 519 if (desc != 0 && desc != 1) { 520 if (hciextn) { 521 desc |= 0xc0; 522 skb_pull(bcsp->rx_skb, 4); 523 memcpy(skb_push(bcsp->rx_skb, 1), &desc, 1); 524 525 hdr.evt = 0xff; 526 hdr.plen = bcsp->rx_skb->len; 527 memcpy(skb_push(bcsp->rx_skb, HCI_EVENT_HDR_SIZE), &hdr, HCI_EVENT_HDR_SIZE); 528 bt_cb(bcsp->rx_skb)->pkt_type = HCI_EVENT_PKT; 529 530 hci_recv_frame(hu->hdev, bcsp->rx_skb); 531 } else { 532 BT_ERR ("Packet for unknown channel (%u %s)", 533 bcsp->rx_skb->data[1] & 0x0f, 534 bcsp->rx_skb->data[0] & 0x80 ? 535 "reliable" : "unreliable"); 536 kfree_skb(bcsp->rx_skb); 537 } 538 } else 539 kfree_skb(bcsp->rx_skb); 540 } else { 541 /* Pull out BCSP hdr */ 542 skb_pull(bcsp->rx_skb, 4); 543 544 hci_recv_frame(hu->hdev, bcsp->rx_skb); 545 } 546 547 bcsp->rx_state = BCSP_W4_PKT_DELIMITER; 548 bcsp->rx_skb = NULL; 549 } 550 551 static u16 bscp_get_crc(struct bcsp_struct *bcsp) 552 { 553 return get_unaligned_be16(&bcsp->rx_skb->data[bcsp->rx_skb->len - 2]); 554 } 555 556 /* Recv data */ 557 static int bcsp_recv(struct hci_uart *hu, void *data, int count) 558 { 559 struct bcsp_struct *bcsp = hu->priv; 560 unsigned char *ptr; 561 562 BT_DBG("hu %p count %d rx_state %d rx_count %ld", 563 hu, count, bcsp->rx_state, bcsp->rx_count); 564 565 ptr = data; 566 while (count) { 567 if (bcsp->rx_count) { 568 if (*ptr == 0xc0) { 569 BT_ERR("Short BCSP packet"); 570 kfree_skb(bcsp->rx_skb); 571 bcsp->rx_state = BCSP_W4_PKT_START; 572 bcsp->rx_count = 0; 573 } else 574 bcsp_unslip_one_byte(bcsp, *ptr); 575 576 ptr++; count--; 577 continue; 578 } 579 580 switch (bcsp->rx_state) { 581 case BCSP_W4_BCSP_HDR: 582 if ((0xff & (u8) ~ (bcsp->rx_skb->data[0] + bcsp->rx_skb->data[1] + 583 bcsp->rx_skb->data[2])) != bcsp->rx_skb->data[3]) { 584 BT_ERR("Error in BCSP hdr checksum"); 585 kfree_skb(bcsp->rx_skb); 586 bcsp->rx_state = BCSP_W4_PKT_DELIMITER; 587 bcsp->rx_count = 0; 588 continue; 589 } 590 if (bcsp->rx_skb->data[0] & 0x80 /* reliable pkt */ 591 && (bcsp->rx_skb->data[0] & 0x07) != bcsp->rxseq_txack) { 592 BT_ERR ("Out-of-order packet arrived, got %u expected %u", 593 bcsp->rx_skb->data[0] & 0x07, bcsp->rxseq_txack); 594 595 kfree_skb(bcsp->rx_skb); 596 bcsp->rx_state = BCSP_W4_PKT_DELIMITER; 597 bcsp->rx_count = 0; 598 continue; 599 } 600 bcsp->rx_state = BCSP_W4_DATA; 601 bcsp->rx_count = (bcsp->rx_skb->data[1] >> 4) + 602 (bcsp->rx_skb->data[2] << 4); /* May be 0 */ 603 continue; 604 605 case BCSP_W4_DATA: 606 if (bcsp->rx_skb->data[0] & 0x40) { /* pkt with crc */ 607 bcsp->rx_state = BCSP_W4_CRC; 608 bcsp->rx_count = 2; 609 } else 610 bcsp_complete_rx_pkt(hu); 611 continue; 612 613 case BCSP_W4_CRC: 614 if (bitrev16(bcsp->message_crc) != bscp_get_crc(bcsp)) { 615 BT_ERR ("Checksum failed: computed %04x received %04x", 616 bitrev16(bcsp->message_crc), 617 bscp_get_crc(bcsp)); 618 619 kfree_skb(bcsp->rx_skb); 620 bcsp->rx_state = BCSP_W4_PKT_DELIMITER; 621 bcsp->rx_count = 0; 622 continue; 623 } 624 skb_trim(bcsp->rx_skb, bcsp->rx_skb->len - 2); 625 bcsp_complete_rx_pkt(hu); 626 continue; 627 628 case BCSP_W4_PKT_DELIMITER: 629 switch (*ptr) { 630 case 0xc0: 631 bcsp->rx_state = BCSP_W4_PKT_START; 632 break; 633 default: 634 /*BT_ERR("Ignoring byte %02x", *ptr);*/ 635 break; 636 } 637 ptr++; count--; 638 break; 639 640 case BCSP_W4_PKT_START: 641 switch (*ptr) { 642 case 0xc0: 643 ptr++; count--; 644 break; 645 646 default: 647 bcsp->rx_state = BCSP_W4_BCSP_HDR; 648 bcsp->rx_count = 4; 649 bcsp->rx_esc_state = BCSP_ESCSTATE_NOESC; 650 BCSP_CRC_INIT(bcsp->message_crc); 651 652 /* Do not increment ptr or decrement count 653 * Allocate packet. Max len of a BCSP pkt= 654 * 0xFFF (payload) +4 (header) +2 (crc) */ 655 656 bcsp->rx_skb = bt_skb_alloc(0x1005, GFP_ATOMIC); 657 if (!bcsp->rx_skb) { 658 BT_ERR("Can't allocate mem for new packet"); 659 bcsp->rx_state = BCSP_W4_PKT_DELIMITER; 660 bcsp->rx_count = 0; 661 return 0; 662 } 663 break; 664 } 665 break; 666 } 667 } 668 return count; 669 } 670 671 /* Arrange to retransmit all messages in the relq. */ 672 static void bcsp_timed_event(unsigned long arg) 673 { 674 struct hci_uart *hu = (struct hci_uart *) arg; 675 struct bcsp_struct *bcsp = hu->priv; 676 struct sk_buff *skb; 677 unsigned long flags; 678 679 BT_DBG("hu %p retransmitting %u pkts", hu, bcsp->unack.qlen); 680 681 spin_lock_irqsave_nested(&bcsp->unack.lock, flags, SINGLE_DEPTH_NESTING); 682 683 while ((skb = __skb_dequeue_tail(&bcsp->unack)) != NULL) { 684 bcsp->msgq_txseq = (bcsp->msgq_txseq - 1) & 0x07; 685 skb_queue_head(&bcsp->rel, skb); 686 } 687 688 spin_unlock_irqrestore(&bcsp->unack.lock, flags); 689 690 hci_uart_tx_wakeup(hu); 691 } 692 693 static int bcsp_open(struct hci_uart *hu) 694 { 695 struct bcsp_struct *bcsp; 696 697 BT_DBG("hu %p", hu); 698 699 bcsp = kzalloc(sizeof(*bcsp), GFP_KERNEL); 700 if (!bcsp) 701 return -ENOMEM; 702 703 hu->priv = bcsp; 704 skb_queue_head_init(&bcsp->unack); 705 skb_queue_head_init(&bcsp->rel); 706 skb_queue_head_init(&bcsp->unrel); 707 708 init_timer(&bcsp->tbcsp); 709 bcsp->tbcsp.function = bcsp_timed_event; 710 bcsp->tbcsp.data = (u_long) hu; 711 712 bcsp->rx_state = BCSP_W4_PKT_DELIMITER; 713 714 if (txcrc) 715 bcsp->use_crc = 1; 716 717 return 0; 718 } 719 720 static int bcsp_close(struct hci_uart *hu) 721 { 722 struct bcsp_struct *bcsp = hu->priv; 723 724 del_timer_sync(&bcsp->tbcsp); 725 726 hu->priv = NULL; 727 728 BT_DBG("hu %p", hu); 729 730 skb_queue_purge(&bcsp->unack); 731 skb_queue_purge(&bcsp->rel); 732 skb_queue_purge(&bcsp->unrel); 733 734 kfree(bcsp); 735 return 0; 736 } 737 738 static struct hci_uart_proto bcsp = { 739 .id = HCI_UART_BCSP, 740 .open = bcsp_open, 741 .close = bcsp_close, 742 .enqueue = bcsp_enqueue, 743 .dequeue = bcsp_dequeue, 744 .recv = bcsp_recv, 745 .flush = bcsp_flush 746 }; 747 748 int __init bcsp_init(void) 749 { 750 int err = hci_uart_register_proto(&bcsp); 751 752 if (!err) 753 BT_INFO("HCI BCSP protocol initialized"); 754 else 755 BT_ERR("HCI BCSP protocol registration failed"); 756 757 return err; 758 } 759 760 int __exit bcsp_deinit(void) 761 { 762 return hci_uart_unregister_proto(&bcsp); 763 } 764 765 module_param(txcrc, bool, 0644); 766 MODULE_PARM_DESC(txcrc, "Transmit CRC with every BCSP packet"); 767 768 module_param(hciextn, bool, 0644); 769 MODULE_PARM_DESC(hciextn, "Convert HCI Extensions into BCSP packets"); 770